Overview

URL 40-40.ru/
IP195.208.1.151
ASNAS25535 Autonomous Non-commercial Organization 'Regional Network Information Center'
Location Russian Federation
Report completed2017-11-01 12:48:26 CET
StatusLoading report..
urlquery Alerts No alerts detected


Settings

UserAgentMozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Referer
Pool
Access Level


Intrusion Detection Systems

Suricata /w Emerging Threats Pro
Timestamp Severity Source IP Destination IP Alert
2017-11-01 12:54:31 CET 3 Client IP  195.208.1.151 ET MALWARE All Numerical .ru Domain HTTP Request Likely Malware Related
2017-11-01 12:54:31 CET 3 Client IP  195.208.1.151 ET MALWARE All Numerical .ru Domain HTTP Request Likely Malware Related
2017-11-01 12:54:31 CET 3 Client IP  195.208.1.151 ET MALWARE All Numerical .ru Domain HTTP Request Likely Malware Related
2017-11-01 12:54:31 CET 3 Client IP  195.208.1.151 ET MALWARE All Numerical .ru Domain HTTP Request Likely Malware Related
2017-11-01 12:54:33 CET 3 Client IP  195.208.1.151 ET MALWARE All Numerical .ru Domain HTTP Request Likely Malware Related
2017-11-01 12:54:33 CET 3 Client IP  195.208.1.151 ET MALWARE All Numerical .ru Domain HTTP Request Likely Malware Related


Blacklists

MDL  No alerts detected
OpenPhish  No alerts detected
PhishTank  No alerts detected
Fortinet's Web Filter  No alerts detected
DNS-BH  No alerts detected
mnemonic secure dns  No alerts detected


Recent reports on same IP/ASN/Domain

Last 9 reports on IP: 195.208.1.151

Date UQ / IDS / BL URL IP
2019-04-25 16:04:20 +0200
0 - 0 - 1 sbelan.ru/hu.php 195.208.1.151
2019-03-10 01:00:33 +0100
0 - 0 - 1 www.steklomir.org/ 195.208.1.151
2019-02-22 11:56:08 +0100
0 - 0 - 1 sbelan.ru/hu.php 195.208.1.151
2019-02-17 00:24:03 +0100
0 - 1 - 0 favorit-tea.ru/ 195.208.1.151
2019-01-18 13:08:16 +0100
0 - 0 - 60 unixfit.moscow/ 195.208.1.151
2018-12-18 14:05:54 +0100
0 - 0 - 2 steklomir.org/modules/menu 195.208.1.151
2017-12-22 19:13:03 +0100
1 - 0 - 0 elki-opt.biz/ 195.208.1.151
2017-10-17 11:34:31 +0200
0 - 0 - 2 www.soclift.com/anketa.html 195.208.1.151
2017-07-27 10:14:36 +0200
0 - 0 - 2 sobits.ru/lp/ezhkh 195.208.1.151

Last 10 reports on ASN: AS25535 Autonomous Non-commercial Organization 'Regional Network Information Center'

Date UQ / IDS / BL URL IP
2019-06-30 01:13:57 +0200
0 - 0 - 0 ogneuporgarant.ru 195.208.1.161
2019-06-30 01:10:04 +0200
0 - 0 - 0 vladmodels.tv 212.192.194.2
2019-06-30 01:04:25 +0200
0 - 0 - 0 ogneuporgarant.ru/seemed/whatever.php 195.208.1.161
2019-06-19 00:47:13 +0200
0 - 0 - 0 rmansys.ru 194.85.95.48
2019-06-18 20:19:37 +0200
0 - 0 - 0 leto-lm.ru 195.208.1.105
2019-06-17 09:02:09 +0200
0 - 0 - 0 izplastika.ru/vzfpqeic/development.html 195.208.1.105
2019-06-15 16:53:42 +0200
0 - 0 - 10 www.teslateam.online 195.208.1.105
2019-06-11 00:14:58 +0200
0 - 6 - 0 ist.spb.su/ 195.208.1.132
2019-06-10 22:28:48 +0200
0 - 1 - 0 iftp.ru/ 195.208.1.119
2019-06-10 20:31:36 +0200
0 - 0 - 1 millenniumplaza.ru/vdu1mdv0enhmodgyoxv4 195.208.1.105

No other reports on domain: 40-40.ru



JavaScript

Executed Scripts (17)


Executed Evals (0)


Executed Writes (0)



HTTP Transactions (74)


Request Response
                                        
                                            GET / HTTP/1.1 
Host: 40-40.ru
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive

                                         
                                         195.208.1.151
HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
                                        
Server: nginx/1.10.1
Date: Wed, 01 Nov 2017 11:54:26 GMT
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: PHP/5.3.29
Link: <http://40-40.ru/wp-json/>; rel="https://api.w.org/", <http://40-40.ru/>; rel=shortlink


--- Additional Info ---
Magic:  HTML document text\012 exported SGML document text
Size:   41415
Md5:    14fcb98a0632fb040d5d7e7a12ac67d9
Sha1:   663a42406974c10096e1fcc8331cc9de0f01b5e8
Sha256: 3a84987b6a54c0cdbef706e4116c124017dddc64006c298477b3736816f3e0b5
                                        
                                            GET /wp-content/themes/Ceramics/css/fonts/fonts.css HTTP/1.1 
Host: 40-40.ru
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/css,*/*;q=0.1
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://40-40.ru/

                                         
                                         195.208.1.151
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Server: nginx/1.10.1
Date: Wed, 01 Nov 2017 11:54:26 GMT
Content-Length: 2965
Connection: keep-alive
Last-Modified: Thu, 02 Jun 2016 22:44:24 GMT
Etag: "5750b6c8-b95"
Accept-Ranges: bytes


--- Additional Info ---
Magic:  ASCII C program text
Size:   2965
Md5:    c247d3063bd84ffc9699f86de422d1a2
Sha1:   eb2e81c4136c0d98ad252ac6ec7aa254be247e08
Sha256: 091f7cfd82e3bd6a71ebc4e1c4d7677628e899ed395839109e418fffbe815587
                                        
                                            GET /wp-content/themes/Ceramics/css/reset.css HTTP/1.1 
Host: 40-40.ru
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/css,*/*;q=0.1
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://40-40.ru/

                                         
                                         195.208.1.151
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Server: nginx/1.10.1
Date: Wed, 01 Nov 2017 11:54:26 GMT
Content-Length: 1626
Connection: keep-alive
Last-Modified: Thu, 02 Jun 2016 22:43:13 GMT
Etag: "5750b681-65a"
Accept-Ranges: bytes


--- Additional Info ---
Magic:  ASCII text
Size:   1626
Md5:    e1fa076a852d8894c25d8589f36f544a
Sha1:   a7f584d86e43c2e3419229b5d70bc6e775764fb7
Sha256: c399bf5330d399f66610e76dbb72180988400c4ec058dbc1fa55de692dbc236b
                                        
                                            GET /wp-content/themes/Ceramics/css/lightbox.css HTTP/1.1 
Host: 40-40.ru
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/css,*/*;q=0.1
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://40-40.ru/

                                         
                                         195.208.1.151
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Server: nginx/1.10.1
Date: Wed, 01 Nov 2017 11:54:26 GMT
Content-Length: 3709
Connection: keep-alive
Last-Modified: Thu, 02 Jun 2016 22:43:13 GMT
Etag: "5750b681-e7d"
Accept-Ranges: bytes


--- Additional Info ---
Magic:  ASCII C program text
Size:   3709
Md5:    5647a1c25f2ea471bc1040752c823b51
Sha1:   401d7d0f9e10c8f57071d436ea12d57e6828f1a5
Sha256: 185210f48fce50687badfe0064c927283294a93cdfeaf7391d29819bdc3d3b47
                                        
                                            GET /wp-content/themes/Ceramics/css/swiper.min.css HTTP/1.1 
Host: 40-40.ru
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/css,*/*;q=0.1
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://40-40.ru/

                                         
                                         195.208.1.151
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Server: nginx/1.10.1
Date: Wed, 01 Nov 2017 11:54:26 GMT
Content-Length: 16854
Connection: keep-alive
Last-Modified: Thu, 02 Jun 2016 22:43:14 GMT
Etag: "5750b682-41d6"
Accept-Ranges: bytes


--- Additional Info ---
Magic:  ASCII English text, with very long lines
Size:   16854
Md5:    005fcdb95bda01d50d762faf45412417
Sha1:   19b15c95c77676d8f4654b53322b867ff9840945
Sha256: 7425d4c20799d8900f65acef7fe208f777e266036213d6fd4c71cd4c4a41dfdc
                                        
                                            GET /wp-content/themes/Ceramics/css/style.css HTTP/1.1 
Host: 40-40.ru
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/css,*/*;q=0.1
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://40-40.ru/

                                         
                                         195.208.1.151
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Server: nginx/1.10.1
Date: Wed, 01 Nov 2017 11:54:26 GMT
Content-Length: 40743
Connection: keep-alive
Last-Modified: Mon, 30 Oct 2017 19:10:55 GMT
Etag: "59f7793f-9f27"
Accept-Ranges: bytes


--- Additional Info ---
Magic:  UTF-8 Unicode C program text
Size:   40743
Md5:    f77c6c40c9cf04ece85f62cfc384ac3e
Sha1:   6c0c178c77fb073f0f67eb21c19e0c0c06715afc
Sha256: 0e0feef78fcccc28b4ce098de06be8747e21228088fa2494ef21064b460b0811
                                        
                                            GET /wp-content/themes/Ceramics/favicon.ico HTTP/1.1 
Host: 40-40.ru
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive

                                         
                                         195.208.1.151
HTTP/1.1 200 OK
Content-Type: image/x-icon
                                        
Server: nginx/1.10.1
Date: Wed, 01 Nov 2017 11:54:26 GMT
Content-Length: 1896
Connection: keep-alive
Last-Modified: Sat, 24 Sep 2016 08:15:48 GMT
Etag: "57e63634-768"
Accept-Ranges: bytes


--- Additional Info ---
Magic:  PNG image, 32 x 32, 8-bit/color RGBA, non-interlaced
Size:   1896
Md5:    4488e9c31281367d180e3862a0994945
Sha1:   5e5fb48c17083ff01264c58a7f4703a4e75ddaa5
Sha256: 3abd7393f3c1df669c13808a487f0693376205f09cdbbdd97e1d024860de3aaa
                                        
                                            GET /wp-content/plugins/contact-form-7/includes/css/styles.css?ver=4.4.2 HTTP/1.1 
Host: 40-40.ru
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/css,*/*;q=0.1
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://40-40.ru/

                                         
                                         195.208.1.151
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Server: nginx/1.10.1
Date: Wed, 01 Nov 2017 11:54:26 GMT
Content-Length: 1099
Connection: keep-alive
Last-Modified: Thu, 02 Jun 2016 22:44:19 GMT
Etag: "5750b6c3-44b"
Accept-Ranges: bytes


--- Additional Info ---
Magic:  ASCII text
Size:   1099
Md5:    7c88da3fc9b78c9ec34a880f3da7aa4b
Sha1:   f854641f62b4da48361a1d435ea13d7fb602d3bc
Sha256: c4955807b27ea22fdf764c3700ec74634ec76a9229f00ac22fd346f01d38f5e7
                                        
                                            GET /wp-includes/js/jquery/jquery-migrate.min.js?ver=1.4.1 HTTP/1.1 
Host: 40-40.ru
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://40-40.ru/

                                         
                                         195.208.1.151
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Server: nginx/1.10.1
Date: Wed, 01 Nov 2017 11:54:26 GMT
Content-Length: 10056
Connection: keep-alive
Last-Modified: Tue, 21 Jun 2016 17:38:47 GMT
Etag: "57697ba7-2748"
Accept-Ranges: bytes


--- Additional Info ---
Magic:  ASCII English text, with very long lines
Size:   10056
Md5:    7121994eec5320fbe6586463bf9651c2
Sha1:   90532aff6d4121954254cdf04994d834f7ec169b
Sha256: 48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d
                                        
                                            POST /ocsp HTTP/1.1 
Host: clients1.google.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Content-Length: 107
Content-Type: application/ocsp-request

                                         
                                         172.217.22.174
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Wed, 01 Nov 2017 11:54:26 GMT
Expires: Sun, 05 Nov 2017 11:54:26 GMT
Cache-Control: public, max-age=345600
Server: ocsp_responder
Content-Length: 463
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN


--- Additional Info ---
Magic:  data
Size:   463
Md5:    d5e3bdb1bcc057278b804a6b9c31f2bd
Sha1:   d7c70abbae3b64e4b9abe18cb4769b6f7f2f6e6d
Sha256: 9cabe66fe65a160dc7ed3e2632c8059114fd3e2ebe4ac81d96c3de0744efa9a7
                                        
                                            POST / HTTP/1.1 
Host: g.symcd.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Content-Length: 115
Content-Type: application/ocsp-request

                                         
                                         23.43.139.27
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx/1.10.2
Content-Length: 1390
Content-Transfer-Encoding: binary
Cache-Control: max-age=478153, public, no-transform, must-revalidate
Last-Modified: Tue, 31 Oct 2017 00:39:25 GMT
Expires: Tue, 7 Nov 2017 00:39:25 GMT
Date: Wed, 01 Nov 2017 11:54:26 GMT
Connection: keep-alive


--- Additional Info ---
Magic:  data
Size:   1390
Md5:    fa622bfacb2851892c001e3467da9f7f
Sha1:   c9ac9fdae8a188d96d5ca070e2aeba5b210a7bd1
Sha256: e0b3d12869e2260aa1aab64966373acd4d9d27a29dee3649a0e078ec367a30bd
                                        
                                            GET /wp-includes/js/jquery/jquery.js?ver=1.12.4 HTTP/1.1 
Host: 40-40.ru
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://40-40.ru/

                                         
                                         195.208.1.151
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Server: nginx/1.10.1
Date: Wed, 01 Nov 2017 11:54:26 GMT
Content-Length: 97184
Connection: keep-alive
Last-Modified: Tue, 21 Jun 2016 17:38:47 GMT
Etag: "57697ba7-17ba0"
Accept-Ranges: bytes


--- Additional Info ---
Magic:  ASCII text, with very long lines
Size:   97184
Md5:    8610f03fe77640dee8c4cc924e060f12
Sha1:   076524186dbbdd4c41afbbd6b260d9e46a095811
Sha256: fc48d1d80ece71a79a7b39877f4104d49d3da6c3665cf6dc203000fb7df4447e
                                        
                                            GET /wp-content/uploads/2016/05/12345.jpg HTTP/1.1 
Host: 40-40.ru
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://40-40.ru/

                                         
                                         195.208.1.151
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Server: nginx/1.10.1
Date: Wed, 01 Nov 2017 11:54:26 GMT
Content-Length: 211050
Connection: keep-alive
Last-Modified: Mon, 16 Oct 2017 07:23:24 GMT
Etag: "59e45e6c-3386a"
Accept-Ranges: bytes


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, comment: "CREATOR: gd-jpeg v1.0 (using IJ"
Size:   211050
Md5:    adc6f9cf3f16c20009521ca55731b5ac
Sha1:   14cc51f9d766197a8890c7801949004d32260010
Sha256: 9b447b07735f97bd8b88013600c28036f6ef9822143f9d486aff14ca1c382e2e
                                        
                                            GET /wp-content/uploads/2016/05/s1.jpg HTTP/1.1 
Host: 40-40.ru
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://40-40.ru/

                                         
                                         195.208.1.151
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Server: nginx/1.10.1
Date: Wed, 01 Nov 2017 11:54:26 GMT
Content-Length: 107765
Connection: keep-alive
Last-Modified: Thu, 02 Jun 2016 22:43:59 GMT
Etag: "5750b6af-1a4f5"
Accept-Ranges: bytes


--- Additional Info ---
Magic:  JPEG image data, EXIF standard
Size:   107765
Md5:    6c7767d081777f7c02bf80f87c4ac064
Sha1:   213fb2eb6f23ae06a92072dd242515c62390365d
Sha256: a94f9769bf401a2fab9ad0c985c3498074d0f7e1dae474a0d352df982d80de36
                                        
                                            GET /wp-content/uploads/2016/05/LOGOTIP.jpg HTTP/1.1 
Host: 40-40.ru
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://40-40.ru/

                                         
                                         195.208.1.151
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Server: nginx/1.10.1
Date: Wed, 01 Nov 2017 11:54:26 GMT
Content-Length: 240122
Connection: keep-alive
Last-Modified: Tue, 23 May 2017 08:44:22 GMT
Etag: "5923f666-3a9fa"
Accept-Ranges: bytes


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, comment: "CREATOR: gd-jpeg v1.0 (using IJ"
Size:   240122
Md5:    a01bf38d3378b26fbe0a47f24e12088f
Sha1:   93518376a3b4bfc0a65b8fcfa17f5663ec5a5080
Sha256: 194a3b0898ef8ba422faf88591cf273ff3ebc1fa04eda912f93ca9b529458d65
                                        
                                            GET /wp-content/uploads/2016/05/poroterm.jpg HTTP/1.1 
Host: 40-40.ru
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://40-40.ru/

                                         
                                         195.208.1.151
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Server: nginx/1.10.1
Date: Wed, 01 Nov 2017 11:54:26 GMT
Content-Length: 463801
Connection: keep-alive
Last-Modified: Tue, 10 Oct 2017 10:00:51 GMT
Etag: "59dc9a53-713b9"
Accept-Ranges: bytes


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, comment: "CREATOR: gd-jpeg v1.0 (using IJ"
Size:   463801
Md5:    5a18474a84d5142d03aa06785b10bf45
Sha1:   380b9a8f2a6029dccf04dff9f435f935e8e24353
Sha256: 33a759f5cbf5c1aacb042a2b368213c25f4ef5b02d52eb44c68bcd06a6d33cf7
                                        
                                            GET /ajax/libs/jquery/2.2.2/jquery.min.js HTTP/1.1 
Host: ajax.googleapis.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://40-40.ru/

                                         
                                         64.233.161.95
HTTP/1.1 200 OK
Content-Type: text/javascript; charset=UTF-8
                                        
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Content-Length: 30094
Date: Tue, 31 Oct 2017 22:05:05 GMT
Expires: Wed, 31 Oct 2018 22:05:05 GMT
Last-Modified: Tue, 20 Dec 2016 18:17:03 GMT
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 1; mode=block
Cache-Control: public, max-age=31536000, stale-while-revalidate=2592000
Age: 49763
Alt-Svc: quic=":443"; ma=2592000; v="41,39,38,37,35"


--- Additional Info ---
Magic:  gzip compressed data, max compression
Size:   30094
Md5:    6998775f63d995c92e6a25cac51a344a
Sha1:   fae46535d30665a2b225fac4491714abcfe9d8c6
Sha256: 99f3353e10541ad558dfe75ca7d89b2260d051d6444ceaa8d76cf33752f49a47
                                        
                                            POST /gsorganizationvalsha2g2 HTTP/1.1 
Host: ocsp2.globalsign.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Content-Length: 111
Content-Type: application/ocsp-request

                                         
                                         104.31.74.124
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Wed, 01 Nov 2017 11:54:29 GMT
Content-Length: 1570
Connection: keep-alive
Set-Cookie: __cfduid=d997362116232d10b72d0b9de2fc3a9a71509537269; expires=Thu, 01-Nov-18 11:54:29 GMT; path=/; domain=.globalsign.com; HttpOnly
Last-Modified: Wed, 01 Nov 2017 09:28:26 GMT
Expires: Sun, 05 Nov 2017 09:28:26 GMT
Etag: "71dc16bea082e0ee501daefbf76932cbd04c1bb7"
Cache-Control: public, no-transform, must-revalidate
CF-Cache-Status: HIT
Vary: Accept-Encoding
Server: cloudflare-nginx
CF-RAY: 3b6ea8db566b4255-OSL


--- Additional Info ---
Magic:  data
Size:   1570
Md5:    a5c25581548f0c465dfc636a3dcf77f8
Sha1:   71dc16bea082e0ee501daefbf76932cbd04c1bb7
Sha256: e249e1dfcb0bb4cc6312b5bf048769d9cc88e806f28eaa05b4cb2715cc24de07
                                        
                                            GET /wp-content/uploads/2016/05/LHM.jpg HTTP/1.1 
Host: 40-40.ru
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://40-40.ru/

                                         
                                         195.208.1.151
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Server: nginx/1.10.1
Date: Wed, 01 Nov 2017 11:54:26 GMT
Content-Length: 637047
Connection: keep-alive
Last-Modified: Wed, 10 May 2017 05:31:26 GMT
Etag: "5912a5ae-9b877"
Accept-Ranges: bytes


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, comment: "CREATOR: gd-jpeg v1.0 (using IJ"
Size:   637047
Md5:    4f0677db3ec496b34e781ea6d0e23342
Sha1:   337f9bb0990ffa2cf89e789cfb4b102af972a6f3
Sha256: c8bb14d2dc8cb9cf6977912b519bd2717c4056b4742bf7dde1185ecdfc1e23ea
                                        
                                            GET /wp-content/uploads/2016/05/SHTAINGOT.jpg HTTP/1.1 
Host: 40-40.ru
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://40-40.ru/

                                         
                                         195.208.1.151
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Server: nginx/1.10.1
Date: Wed, 01 Nov 2017 11:54:26 GMT
Content-Length: 589847
Connection: keep-alive
Last-Modified: Wed, 11 Oct 2017 11:51:02 GMT
Etag: "59de05a6-90017"
Accept-Ranges: bytes


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, comment: "CREATOR: gd-jpeg v1.0 (using IJ"
Size:   589847
Md5:    55308641246c6d38d2d151ca0119ed12
Sha1:   21a57671309957c9ac734eff6a065dd4d9a2ba19
Sha256: de7d73d0079189eba20650f07117f914e115265af97f9dd7daaedaecc8475b96
                                        
                                            GET /wp-includes/js/wp-emoji-release.min.js?ver=4.5.11 HTTP/1.1 
Host: 40-40.ru
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://40-40.ru/

                                         
                                         195.208.1.151
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Server: nginx/1.10.1
Date: Wed, 01 Nov 2017 11:54:29 GMT
Content-Length: 9802
Connection: keep-alive
Last-Modified: Thu, 02 Jun 2016 22:47:44 GMT
Etag: "5750b790-264a"
Accept-Ranges: bytes


--- Additional Info ---
Magic:  ASCII C++ program text, with very long lines
Size:   9802
Md5:    f3789112e7c443dc1d661159005af3e4
Sha1:   3dc96059ee8e90c94f33d501dc64a5f37d32ca69
Sha256: 2251d47113cc221f907cb6c141dc4ecb3ee6ee747b90eb8f58f0f77b13ddb4e7
                                        
                                            GET /wp-content/uploads/2017/02/novyj-gorod-80-150x150.png HTTP/1.1 
Host: 40-40.ru
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://40-40.ru/

                                         
                                         195.208.1.151
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Server: nginx/1.10.1
Date: Wed, 01 Nov 2017 11:54:30 GMT
Content-Length: 21416
Connection: keep-alive
Last-Modified: Tue, 14 Feb 2017 06:45:13 GMT
Etag: "58a2a779-53a8"
Accept-Ranges: bytes


--- Additional Info ---
Magic:  PNG image, 150 x 150, 8-bit/color RGBA, non-interlaced
Size:   21416
Md5:    89908b6c11aa4758dabd32dbe5d8e4d3
Sha1:   ad20ab7c9449fc62601ca1f6924f3fd6090cc85e
Sha256: 3c1a7f5982a88d16e407f2654bfacd7d2363e089bf8774017459005082f0869b
                                        
                                            GET /wp-content/uploads/2016/10/kaluzhskij-150x150.png HTTP/1.1 
Host: 40-40.ru
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://40-40.ru/

                                         
                                         195.208.1.151
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Server: nginx/1.10.1
Date: Wed, 01 Nov 2017 11:54:30 GMT
Content-Length: 22168
Connection: keep-alive
Last-Modified: Wed, 19 Apr 2017 06:50:03 GMT
Etag: "58f7089b-5698"
Accept-Ranges: bytes


--- Additional Info ---
Magic:  PNG image, 150 x 150, 8-bit/color RGBA, non-interlaced
Size:   22168
Md5:    268e0acc86deebc0a985911db95d4da6
Sha1:   22794f30d67e973e91bf5f345dbfa47882dce108
Sha256: 51019624da988f69257b58916c34e0e2c015e65d61fed6af64a40799f021caec
                                        
                                            GET /wp-content/uploads/2016/06/persik-150x150.png HTTP/1.1 
Host: 40-40.ru
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://40-40.ru/

                                         
                                         195.208.1.151
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Server: nginx/1.10.1
Date: Wed, 01 Nov 2017 11:54:30 GMT
Content-Length: 25871
Connection: keep-alive
Last-Modified: Fri, 12 May 2017 06:39:08 GMT
Etag: "5915588c-650f"
Accept-Ranges: bytes


--- Additional Info ---
Magic:  PNG image, 150 x 150, 8-bit/color RGBA, non-interlaced
Size:   25871
Md5:    8e2dc11a1e640acb11ff9215b25f72bf
Sha1:   9a4a93ada3e4d2c4c34e24c7c3f9de16d8d03af9
Sha256: 7a9441a6b54b74393577f157673338ba0dd3cc2d495e4634f2ae0df0ffe55a1e
                                        
                                            GET /wp-content/uploads/2016/05/yutong-150x150.png HTTP/1.1 
Host: 40-40.ru
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://40-40.ru/

                                         
                                         195.208.1.151
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Server: nginx/1.10.1
Date: Wed, 01 Nov 2017 11:54:30 GMT
Content-Length: 21574
Connection: keep-alive
Last-Modified: Tue, 14 Jun 2016 19:35:00 GMT
Etag: "57605c64-5446"
Accept-Ranges: bytes


--- Additional Info ---
Magic:  PNG image, 150 x 150, 8-bit/color RGBA, non-interlaced
Size:   21574
Md5:    8074b09a8fc3fbd1ef2c09225108c603
Sha1:   01fece74dc1f7dd5117280a835258796c0d5b05c
Sha256: 98935a3412b9596ce8eaf978e0e53874d9c83b192ae7e41c6baa7c2931b2cffa
                                        
                                            GET /metrika/watch.js HTTP/1.1 
Host: mc.yandex.ru
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://40-40.ru/

                                         
                                         213.180.193.119
HTTP/1.1 200 OK
Content-Type: application/x-javascript
                                        
Server: nginx/1.8.1
Date: Wed, 01 Nov 2017 11:54:30 GMT
Content-Length: 31346
Connection: keep-alive
P3P: CP="NOI DEVa TAIa OUR BUS UNI STA"
Last-Modified: Mon, 30 Oct 2017 17:23:10 GMT
Content-Encoding: gzip
Expires: Wed, 01 Nov 2017 12:54:30 GMT
Access-Control-Allow-Origin: *
Strict-Transport-Security: max-age=31536000


--- Additional Info ---
Magic:  gzip compressed data, from Unix, last modified: Mon Oct 30 08:42:00 2017
Size:   31346
Md5:    a41cb6e15c1ad3ff9be9604723527a8d
Sha1:   263c8596d7d9ee966ce5c1b69623fad923d88db7
Sha256: 1d558d2bbb7cdb451d5073b5050b41b5b28c38019f332ddf7e427f381ab0aa91
                                        
                                            GET /wp-content/uploads/2016/06/sl_kost-150x150.png HTTP/1.1 
Host: 40-40.ru
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://40-40.ru/

                                         
                                         195.208.1.151
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Server: nginx/1.10.1
Date: Wed, 01 Nov 2017 11:54:30 GMT
Content-Length: 30147
Connection: keep-alive
Last-Modified: Tue, 07 Jun 2016 17:19:32 GMT
Etag: "57570224-75c3"
Accept-Ranges: bytes


--- Additional Info ---
Magic:  PNG image, 150 x 150, 8-bit/color RGBA, non-interlaced
Size:   30147
Md5:    db6b8b8bd5877b4e523caf7e1d13b926
Sha1:   34c4447a7f02e4891344529b66b6abc81f394bf6
Sha256: fe5a76474c12ba185a4a5410f61d298a230d0aeaa01a86c966b8ed45b115feb4
                                        
                                            GET /wp-content/themes/Ceramics/js/script.js HTTP/1.1 
Host: 40-40.ru
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://40-40.ru/

                                         
                                         195.208.1.151
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Server: nginx/1.10.1
Date: Wed, 01 Nov 2017 11:54:30 GMT
Content-Length: 2570
Connection: keep-alive
Last-Modified: Mon, 04 Sep 2017 07:55:59 GMT
Etag: "59ad070f-a0a"
Accept-Ranges: bytes


--- Additional Info ---
Magic:  ASCII C++ program text
Size:   2570
Md5:    4ac2677a07c6f81b513fcd67c107dee8
Sha1:   7325e9e5dfd240514c3fd577ffcf0106b1f9b8e1
Sha256: 056122759943ce497ff6b77caacbd0105939ac292c9a2644b251e1f3834fadd0

Alerts:
  IDS:
    - ET MALWARE All Numerical .ru Domain HTTP Request Likely Malware Related
                                        
                                            GET /wp-content/plugins/contact-form-7/includes/js/jquery.form.min.js?ver=3.51.0-2014.06.20 HTTP/1.1 
Host: 40-40.ru
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://40-40.ru/

                                         
                                         195.208.1.151
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Server: nginx/1.10.1
Date: Wed, 01 Nov 2017 11:54:30 GMT
Content-Length: 15248
Connection: keep-alive
Last-Modified: Thu, 02 Jun 2016 22:44:20 GMT
Etag: "5750b6c4-3b90"
Accept-Ranges: bytes


--- Additional Info ---
Magic:  ASCII English text, with very long lines
Size:   15248
Md5:    f448c593c242d134e9733a84c7a4d26c
Sha1:   374aa1f8db17575b0e35eabc46ad82062e09106c
Sha256: c90f0e501d2948fbc2b61bffd654fa4ab64741fd48923782419eeb14d3816fb8
                                        
                                            GET /wp-content/plugins/contact-form-7/includes/js/scripts.js?ver=4.4.2 HTTP/1.1 
Host: 40-40.ru
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://40-40.ru/

                                         
                                         195.208.1.151
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Server: nginx/1.10.1
Date: Wed, 01 Nov 2017 11:54:30 GMT
Content-Length: 11819
Connection: keep-alive
Last-Modified: Thu, 02 Jun 2016 22:44:20 GMT
Etag: "5750b6c4-2e2b"
Accept-Ranges: bytes


--- Additional Info ---
Magic:  ASCII C++ program text
Size:   11819
Md5:    3de2ff2655aff2237a038c6677aff44a
Sha1:   3d6040fb0a1937a1c7e2018d5263f713a735f3f3
Sha256: fcb32d3d22861984b56233fca162331d71656b200d44601824d53c8fa29881a9
                                        
                                            GET /counter.php?nn=35159 HTTP/1.1 
Host: stroyfirm.ru
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://40-40.ru/

                                         
                                         92.53.98.245
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Server: nginx/1.12.1
Date: Wed, 01 Nov 2017 11:54:30 GMT
Content-Length: 7345
Connection: keep-alive
X-Powered-By: PHP/5.3.29
Set-Cookie: glsite=88e6a67a5d52c664ffb0325f144882c4; path=/
Expires: Sat, 31 Dec 2016 05:00:00 GMT
Cache-Control: private, max-age=60
Pragma: no-cache
Last-Modified: Tue, 31 Oct 2017 11:54:30 GMT
Content-Language: ru


--- Additional Info ---
Magic:  PNG image, 88 x 31, 8-bit/color RGB, interlaced
Size:   7345
Md5:    c93f96f3f4643f43f265cec6fb2bd925
Sha1:   e5e6680ffdfb5f448e5ae8b1f6f5a25f5aa479f4
Sha256: 5d62532812bac8eeb80066070fcce6033a9d66fda361db87b17ac12882ba12cf
                                        
                                            GET /wp-includes/js/wp-embed.min.js?ver=4.5.11 HTTP/1.1 
Host: 40-40.ru
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://40-40.ru/

                                         
                                         195.208.1.151
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Server: nginx/1.10.1
Date: Wed, 01 Nov 2017 11:54:30 GMT
Content-Length: 1403
Connection: keep-alive
Last-Modified: Thu, 02 Jun 2016 22:47:43 GMT
Etag: "5750b78f-57b"
Accept-Ranges: bytes


--- Additional Info ---
Magic:  ASCII text, with very long lines, with no line terminators
Size:   1403
Md5:    0203f8b4d98102d02f6a569c40a47d7b
Sha1:   ddbaca6c9c625beb5e018af6626fc12fea0d889e
Sha256: 892ecb8e84801900fbec1f9f340f9dd7d53a6444079d82dda76d41581c501891
                                        
                                            GET /wp-content/themes/Ceramics/img/close.png HTTP/1.1 
Host: 40-40.ru
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://40-40.ru/wp-content/themes/Ceramics/css/lightbox.css

                                         
                                         195.208.1.151
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Server: nginx/1.10.1
Date: Wed, 01 Nov 2017 11:54:30 GMT
Content-Length: 280
Connection: keep-alive
Last-Modified: Thu, 02 Jun 2016 22:43:16 GMT
Etag: "5750b684-118"
Accept-Ranges: bytes


--- Additional Info ---
Magic:  PNG image, 27 x 27, 8-bit colormap, non-interlaced
Size:   280
Md5:    d9d2d0b1308cb694aa8116915592e2a9
Sha1:   3ca48361cfe0e41163023d03c26296f375bb3eac
Sha256: 5d62e6c90005bfb71f6abb440f9e4753681cb23bbd5e60477ab6f442d2f0e69c
                                        
                                            GET /wp-content/themes/Ceramics/img/next.png HTTP/1.1 
Host: 40-40.ru
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://40-40.ru/wp-content/themes/Ceramics/css/lightbox.css

                                         
                                         195.208.1.151
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Server: nginx/1.10.1
Date: Wed, 01 Nov 2017 11:54:30 GMT
Content-Length: 1350
Connection: keep-alive
Last-Modified: Thu, 02 Jun 2016 22:43:37 GMT
Etag: "5750b699-546"
Accept-Ranges: bytes


--- Additional Info ---
Magic:  PNG image, 50 x 45, 8-bit/color RGBA, non-interlaced
Size:   1350
Md5:    31f15875975aab69085470aabbfec802
Sha1:   777e92c050f600b4519299c3d786b8f2f459fea4
Sha256: 15b869b02c6fbaa8c6c26445a2dd2d9bad80fd27b1409f8179e5dd89dc89d90a
                                        
                                            GET /wp-content/uploads/2016/05/p1.jpg HTTP/1.1 
Host: 40-40.ru
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://40-40.ru/

                                         
                                         195.208.1.151
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Server: nginx/1.10.1
Date: Wed, 01 Nov 2017 11:54:30 GMT
Content-Length: 11778
Connection: keep-alive
Last-Modified: Thu, 02 Jun 2016 22:43:55 GMT
Etag: "5750b6ab-2e02"
Accept-Ranges: bytes


--- Additional Info ---
Magic:  JPEG image data, EXIF standard
Size:   11778
Md5:    b21fee9d44062d39bb832a2d897fd1d6
Sha1:   93067ad7b23da75ac45fd538b95f4d43d2e99ce5
Sha256: 61aef868a8126771d9cca722d2439af231af4af838c992e927b5210db0ac23a7

Alerts:
  IDS:
    - ET MALWARE All Numerical .ru Domain HTTP Request Likely Malware Related
                                        
                                            GET /ban/logocompany.gif HTTP/1.1 
Host: www.stroyka24.ru
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://40-40.ru/

                                         
                                         46.36.220.4
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Server: nginx/1.10.2
Date: Wed, 01 Nov 2017 11:54:30 GMT
Content-Length: 5375
Last-Modified: Fri, 09 Aug 2013 04:51:43 GMT
Connection: keep-alive
Etag: "5204755f-14ff"
Accept-Ranges: bytes


--- Additional Info ---
Magic:  PNG image, 88 x 31, 8-bit/color RGB, non-interlaced
Size:   5375
Md5:    7653c8ed4c3c049182db3ed91e0bafba
Sha1:   ab39da613eee800e34f360a7a9b3ae9416959d8a
Sha256: 4423968de2eef4e580c1c80a106eaf31da7b1d349655ea53eb4aaa970ace435d
                                        
                                            GET /wp-content/themes/Ceramics/css/fonts/GOTHAPROMED.otf HTTP/1.1 
Host: 40-40.ru
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://40-40.ru/wp-content/themes/Ceramics/css/style.css

                                         
                                         195.208.1.151
HTTP/1.1 200 OK
Content-Type: application/font-sfnt
                                        
Server: nginx/1.10.1
Date: Wed, 01 Nov 2017 11:54:30 GMT
Content-Length: 47044
Connection: keep-alive
Last-Modified: Thu, 02 Jun 2016 22:44:26 GMT
Etag: "b7c4-534535923c680"
Accept-Ranges: bytes


--- Additional Info ---
Magic:  OpenType font data
Size:   47044
Md5:    dd3d9ca53a246950706e94726bb1403e
Sha1:   51b8913d49292758dc1d9dae020ef0101f3402e5
Sha256: 3d6693cb498e2a4e05358475c986adfa058901ebc392a95e25d1a55a13406566

Alerts:
  IDS:
    - ET MALWARE All Numerical .ru Domain HTTP Request Likely Malware Related
                                        
                                            GET /wp-content/themes/Ceramics/img/prev.png HTTP/1.1 
Host: 40-40.ru
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://40-40.ru/wp-content/themes/Ceramics/css/lightbox.css

                                         
                                         195.208.1.151
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Server: nginx/1.10.1
Date: Wed, 01 Nov 2017 11:54:30 GMT
Content-Length: 1360
Connection: keep-alive
Last-Modified: Thu, 02 Jun 2016 22:43:39 GMT
Etag: "5750b69b-550"
Accept-Ranges: bytes


--- Additional Info ---
Magic:  PNG image, 50 x 45, 8-bit/color RGBA, non-interlaced
Size:   1360
Md5:    84b76dee6b27b795e89e3649078a11c2
Sha1:   6640a3432f7ba7aea6129cdf7a5d3eabd47c295c
Sha256: 7fd9273f20fdb1229c224341271a119020a5eee74ccf6b4605730917c864caf2
                                        
                                            GET /wp-content/themes/Ceramics/img/loading.gif HTTP/1.1 
Host: 40-40.ru
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://40-40.ru/wp-content/themes/Ceramics/css/lightbox.css

                                         
                                         195.208.1.151
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Server: nginx/1.10.1
Date: Wed, 01 Nov 2017 11:54:30 GMT
Content-Length: 8476
Connection: keep-alive
Last-Modified: Thu, 02 Jun 2016 22:43:19 GMT
Etag: "5750b687-211c"
Accept-Ranges: bytes


--- Additional Info ---
Magic:  GIF image data, version 89a, 32 x 32
Size:   8476
Md5:    2299ad0b3f63413f026dfec20c205b8f
Sha1:   cf720b50cf8dde0e1a84ce1c6a77788bfc5882d5
Sha256: 225aa88b6ab02c06222ec9468d62e15fa188e39cdb9431d1f55401ad380753ed
                                        
                                            GET /wp-content/themes/Ceramics/js/swiper.min.js HTTP/1.1 
Host: 40-40.ru
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://40-40.ru/

                                         
                                         195.208.1.151
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Server: nginx/1.10.1
Date: Wed, 01 Nov 2017 11:54:30 GMT
Content-Length: 78313
Connection: keep-alive
Last-Modified: Thu, 02 Jun 2016 22:43:44 GMT
Etag: "5750b6a0-131e9"
Accept-Ranges: bytes


--- Additional Info ---
Magic:  ASCII English text, with very long lines
Size:   78313
Md5:    cd2bffb7f2508310dfd41bb26a34f44d
Sha1:   c19b19988eef3d767d2dd59a12e58603c56b0312
Sha256: 6b1080e3365f5821cadd5a2a9b6d2435d22f9b4bcf0b3e0a4d15183d535a74b0
                                        
                                            GET /wp-content/uploads/2017/05/Bavarskaya-kladka-Antik-magma-150x150.png HTTP/1.1 
Host: 40-40.ru
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://40-40.ru/
Cookie: _ym_uid=1509537271541567229

                                         
                                         195.208.1.151
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Server: nginx/1.10.1
Date: Wed, 01 Nov 2017 11:54:31 GMT
Content-Length: 20347
Connection: keep-alive
Last-Modified: Fri, 12 May 2017 08:19:30 GMT
Etag: "59157012-4f7b"
Accept-Ranges: bytes


--- Additional Info ---
Magic:  PNG image, 150 x 150, 8-bit/color RGBA, non-interlaced
Size:   20347
Md5:    3525f401a8a577bd8921d01bc85c5465
Sha1:   36cccf6d83f45e858bd476f9eb4c45e5b34f5cc6
Sha256: b411627d1a2968ad1a02b55866205d4806e6f9048ad00edc70b9d2e76b87da51
                                        
                                            GET /wp-content/themes/Ceramics/img/logo-keramika.svg HTTP/1.1 
Host: 40-40.ru
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://40-40.ru/
Cookie: _ym_uid=1509537271541567229
Range: bytes=0-
If-Range: "80a9-538871f55a440"

                                         
                                         195.208.1.151
HTTP/1.1 206 Partial Content
Content-Type: image/svg+xml
                                        
Server: nginx/1.10.1
Date: Wed, 01 Nov 2017 11:54:31 GMT
Content-Length: 32937
Connection: keep-alive
Last-Modified: Tue, 26 Jul 2016 10:11:21 GMT
Etag: "80a9-538871f55a440"
Accept-Ranges: bytes
Content-Range: bytes 0-32936/32937


--- Additional Info ---
Magic:  SVG Scalable Vector Graphics image\012 XML document text
Size:   32937
Md5:    66c48dac3b7fa8a9ffe8836da699034c
Sha1:   d05d7c1b7f5186da0ec5ece7a5eb79abbff275ba
Sha256: daade844d215c4afc463bc39d1ec89bd8957f8ed1a226447102ef450dcf4e105
                                        
                                            GET /wp-content/themes/Ceramics/img/header-bg.jpg HTTP/1.1 
Host: 40-40.ru
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://40-40.ru/wp-content/themes/Ceramics/css/style.css
Cookie: _ym_uid=1509537271541567229

                                         
                                         195.208.1.151
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Server: nginx/1.10.1
Date: Wed, 01 Nov 2017 11:54:32 GMT
Content-Length: 5125
Connection: keep-alive
Last-Modified: Thu, 02 Jun 2016 22:43:17 GMT
Etag: "5750b685-1405"
Accept-Ranges: bytes


--- Additional Info ---
Magic:  JPEG image data, EXIF standard
Size:   5125
Md5:    e9496fc28d5973e0396f52a34c083b1b
Sha1:   161e479ef286e25ad65183678f22879f38e9ecf6
Sha256: 7e3a6207a99c3971104adcd474873ef7108884657cdaa69da62d0621f0b2450f
                                        
                                            GET /wp-content/themes/Ceramics/img/price.png HTTP/1.1 
Host: 40-40.ru
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://40-40.ru/wp-content/themes/Ceramics/css/style.css
Cookie: _ym_uid=1509537271541567229

                                         
                                         195.208.1.151
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Server: nginx/1.10.1
Date: Wed, 01 Nov 2017 11:54:32 GMT
Content-Length: 2652
Connection: keep-alive
Last-Modified: Thu, 02 Jun 2016 22:43:39 GMT
Etag: "5750b69b-a5c"
Accept-Ranges: bytes


--- Additional Info ---
Magic:  PNG image, 187 x 60, 8-bit/color RGBA, non-interlaced
Size:   2652
Md5:    914556b05b36259c67837f8394c7b4c2
Sha1:   fe729b84e16c6c8340ab464b054580efa4ffca36
Sha256: 053047164217b7713a9e27da9d5956d4ca53ea50b3a036ab60c6cfe9aa703911
                                        
                                            GET /wp-content/themes/Ceramics/img/header-phone.png HTTP/1.1 
Host: 40-40.ru
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://40-40.ru/wp-content/themes/Ceramics/css/style.css
Cookie: _ym_uid=1509537271541567229

                                         
                                         195.208.1.151
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Server: nginx/1.10.1
Date: Wed, 01 Nov 2017 11:54:32 GMT
Content-Length: 304
Connection: keep-alive
Last-Modified: Thu, 02 Jun 2016 22:43:18 GMT
Etag: "5750b686-130"
Accept-Ranges: bytes


--- Additional Info ---
Magic:  PNG image, 14 x 19, 8-bit/color RGBA, non-interlaced
Size:   304
Md5:    2453d8b1732f0d7d32e8cea7d22ef5d3
Sha1:   5223b45c87ce3855065d0b279a64d9e8b6f70fa9
Sha256: 6a8174e93f0700b4a35e1ed24e9ac1369c3db8420cb7ec31c8507ad7755edba8

Alerts:
  IDS:
    - ET MALWARE All Numerical .ru Domain HTTP Request Likely Malware Related
                                        
                                            GET /wp-content/themes/Ceramics/img/header-arr.png HTTP/1.1 
Host: 40-40.ru
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://40-40.ru/wp-content/themes/Ceramics/css/style.css
Cookie: _ym_uid=1509537271541567229

                                         
                                         195.208.1.151
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Server: nginx/1.10.1
Date: Wed, 01 Nov 2017 11:54:32 GMT
Content-Length: 210
Connection: keep-alive
Last-Modified: Thu, 02 Jun 2016 22:43:17 GMT
Etag: "5750b685-d2"
Accept-Ranges: bytes


--- Additional Info ---
Magic:  PNG image, 10 x 15, 8-bit/color RGBA, non-interlaced
Size:   210
Md5:    6973c0e474b4470e382856b40bf3c1c8
Sha1:   2b2879fb9fba74805017dcb77f53842f6aacd4fe
Sha256: 3352834afc67a6b3f416d8c9c88ee30066661937fe107d2f63b3708e50b1d170
                                        
                                            GET /wp-content/themes/Ceramics/img/next-act.png HTTP/1.1 
Host: 40-40.ru
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://40-40.ru/wp-content/themes/Ceramics/css/swiper.min.css
Cookie: _ym_uid=1509537271541567229

                                         
                                         195.208.1.151
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Server: nginx/1.10.1
Date: Wed, 01 Nov 2017 11:54:32 GMT
Content-Length: 1402
Connection: keep-alive
Last-Modified: Thu, 02 Jun 2016 22:43:36 GMT
Etag: "5750b698-57a"
Accept-Ranges: bytes


--- Additional Info ---
Magic:  PNG image, 44 x 75, 8-bit/color RGBA, non-interlaced
Size:   1402
Md5:    372e8682221bc704e136d8ac30f9b797
Sha1:   963091ce32e16de90da6f32a47e70d5e730f50f1
Sha256: 7fcb22d12140b6f66786ac8be3d7911fcafd6af8473e0a1fd435d336ed28dd6e
                                        
                                            GET /wp-content/themes/Ceramics/img/wrapp-bg.jpg HTTP/1.1 
Host: 40-40.ru
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://40-40.ru/wp-content/themes/Ceramics/css/style.css
Cookie: _ym_uid=1509537271541567229

                                         
                                         195.208.1.151
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Server: nginx/1.10.1
Date: Wed, 01 Nov 2017 11:54:32 GMT
Content-Length: 1392
Connection: keep-alive
Last-Modified: Thu, 02 Jun 2016 22:43:42 GMT
Etag: "5750b69e-570"
Accept-Ranges: bytes


--- Additional Info ---
Magic:  JPEG image data, EXIF standard
Size:   1392
Md5:    1ac31cc4b0a55358b98d0528cd3636a9
Sha1:   bfb6ba72998170a502f0fec1a581a5400b7ecea4
Sha256: 9ac11edeaaafbbfb4137c1d00fdad52ccc7191a2d45412c9254e57f04c26a054

Alerts:
  IDS:
    - ET MALWARE All Numerical .ru Domain HTTP Request Likely Malware Related
                                        
                                            GET /wp-content/themes/Ceramics/img/prev-act.png HTTP/1.1 
Host: 40-40.ru
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://40-40.ru/wp-content/themes/Ceramics/css/swiper.min.css
Cookie: _ym_uid=1509537271541567229

                                         
                                         195.208.1.151
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Server: nginx/1.10.1
Date: Wed, 01 Nov 2017 11:54:32 GMT
Content-Length: 1318
Connection: keep-alive
Last-Modified: Thu, 02 Jun 2016 22:43:39 GMT
Etag: "5750b69b-526"
Accept-Ranges: bytes


--- Additional Info ---
Magic:  PNG image, 44 x 75, 8-bit/color RGBA, non-interlaced
Size:   1318
Md5:    b5bb9233c1669e88526cc9c09b5205d7
Sha1:   e7227e84c04ac54e8ca544cc8c41e473b863eebf
Sha256: 5be595fac3db559b0a50a439148a633487e92279dabced152c2285c2d8883b47
                                        
                                            GET /wp-content/themes/Ceramics/img/top.png HTTP/1.1 
Host: 40-40.ru
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://40-40.ru/wp-content/themes/Ceramics/css/style.css
Cookie: _ym_uid=1509537271541567229

                                         
                                         195.208.1.151
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Server: nginx/1.10.1
Date: Wed, 01 Nov 2017 11:54:32 GMT
Content-Length: 23098
Connection: keep-alive
Last-Modified: Thu, 02 Jun 2016 22:43:41 GMT
Etag: "5750b69d-5a3a"
Accept-Ranges: bytes


--- Additional Info ---
Magic:  PNG image, 276 x 276, 8-bit/color RGBA, non-interlaced
Size:   23098
Md5:    7e62bbba7fce900d9a3c656e79d7ba64
Sha1:   08d2bc2d4f92cf70908164eca62da0dd6be2e857
Sha256: de9dd121c3db280d495de585f0d4b50b1c97d9adc2892d378d8373798363c749
                                        
                                            GET /wp-content/themes/Ceramics/img/sale.png HTTP/1.1 
Host: 40-40.ru
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://40-40.ru/wp-content/themes/Ceramics/css/style.css
Cookie: _ym_uid=1509537271541567229

                                         
                                         195.208.1.151
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Server: nginx/1.10.1
Date: Wed, 01 Nov 2017 11:54:32 GMT
Content-Length: 5618
Connection: keep-alive
Last-Modified: Thu, 02 Jun 2016 22:43:41 GMT
Etag: "5750b69d-15f2"
Accept-Ranges: bytes


--- Additional Info ---
Magic:  PNG image, 110 x 110, 8-bit/color RGBA, non-interlaced
Size:   5618
Md5:    98b633410ad4642a5bc6bdad49b53de9
Sha1:   a7e39395b630e6ab70831520358ae9f1959cb2f5
Sha256: 5c9640566a8376ecd1aa42b641175e76dfffd2566e5f4b04aaec2c982bc2db5b
                                        
                                            GET /wp-content/themes/Ceramics/img/top-goods.png HTTP/1.1 
Host: 40-40.ru
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://40-40.ru/wp-content/themes/Ceramics/css/style.css
Cookie: _ym_uid=1509537271541567229

                                         
                                         195.208.1.151
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Server: nginx/1.10.1
Date: Wed, 01 Nov 2017 11:54:32 GMT
Content-Length: 6384
Connection: keep-alive
Last-Modified: Thu, 02 Jun 2016 22:43:41 GMT
Etag: "5750b69d-18f0"
Accept-Ranges: bytes


--- Additional Info ---
Magic:  PNG image, 89 x 89, 8-bit/color RGBA, non-interlaced
Size:   6384
Md5:    3cf241bfed4e6e67478c38d9c9453293
Sha1:   6edc5bf3917166379913074ce8374e46c0661a2f
Sha256: e3eba067b8f155d47add2ddb4f537912b0cf4d43a8362674e48bb02662be65df
                                        
                                            GET /wp-content/themes/Ceramics/img/rec.png HTTP/1.1 
Host: 40-40.ru
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://40-40.ru/wp-content/themes/Ceramics/css/style.css
Cookie: _ym_uid=1509537271541567229

                                         
                                         195.208.1.151
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Server: nginx/1.10.1
Date: Wed, 01 Nov 2017 11:54:32 GMT
Content-Length: 4953
Connection: keep-alive
Last-Modified: Thu, 02 Jun 2016 22:43:40 GMT
Etag: "5750b69c-1359"
Accept-Ranges: bytes


--- Additional Info ---
Magic:  PNG image, 96 x 110, 8-bit/color RGBA, non-interlaced
Size:   4953
Md5:    a149f19f6788778d21c25c9df1bf2168
Sha1:   d48704f5b287262ed66a442fa7ff770fba49dce7
Sha256: d53cf3192ec95ac44a14480321c5ab8928be829ce406ec209b0f35f44f9d2fab
                                        
                                            GET /wp-content/themes/Ceramics/img/next-dis.png HTTP/1.1 
Host: 40-40.ru
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://40-40.ru/wp-content/themes/Ceramics/css/style.css
Cookie: _ym_uid=1509537271541567229

                                         
                                         195.208.1.151
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Server: nginx/1.10.1
Date: Wed, 01 Nov 2017 11:54:32 GMT
Content-Length: 1569
Connection: keep-alive
Last-Modified: Thu, 02 Jun 2016 22:43:37 GMT
Etag: "5750b699-621"
Accept-Ranges: bytes


--- Additional Info ---
Magic:  PNG image, 44 x 75, 8-bit/color RGBA, non-interlaced
Size:   1569
Md5:    03808b7ba95c2ac20a6c09d0314f28df
Sha1:   cdfc25557176ae9f1d9eae553e5bde386d10a374
Sha256: 5e0b4702980d0cda988f447093b7dc295e1f40313f8af6e27fdb94b84566fd2b
                                        
                                            GET /wp-content/themes/Ceramics/img/prev-dis.png HTTP/1.1 
Host: 40-40.ru
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://40-40.ru/wp-content/themes/Ceramics/css/style.css
Cookie: _ym_uid=1509537271541567229

                                         
                                         195.208.1.151
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Server: nginx/1.10.1
Date: Wed, 01 Nov 2017 11:54:32 GMT
Content-Length: 1446
Connection: keep-alive
Last-Modified: Thu, 02 Jun 2016 22:43:39 GMT
Etag: "5750b69b-5a6"
Accept-Ranges: bytes


--- Additional Info ---
Magic:  PNG image, 44 x 75, 8-bit/color RGBA, non-interlaced
Size:   1446
Md5:    acb6233d562c615de77573f93d23976f
Sha1:   8256d4a1443ca5e6851fc417b8b9ada24472a1c0
Sha256: 7b37a8da59c4e1cded7219fe98ea54dd0980358761b64104b5b1515355f7a807
                                        
                                            GET /wp-content/uploads/2016/05/plus1.png HTTP/1.1 
Host: 40-40.ru
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://40-40.ru/
Cookie: _ym_uid=1509537271541567229

                                         
                                         195.208.1.151
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Server: nginx/1.10.1
Date: Wed, 01 Nov 2017 11:54:32 GMT
Content-Length: 1581
Connection: keep-alive
Last-Modified: Thu, 02 Jun 2016 22:43:56 GMT
Etag: "5750b6ac-62d"
Accept-Ranges: bytes


--- Additional Info ---
Magic:  PNG image, 58 x 52, 8-bit/color RGBA, non-interlaced
Size:   1581
Md5:    f96636f74faab2708e9321f984a07a4d
Sha1:   26eae477257d88a0236299a09ce76e07040dc891
Sha256: 3dc82499dd32673ba0f3d343cadd8f3aa1e8122e589e20b34490c174503002ae
                                        
                                            GET /wp-content/themes/Ceramics/img/wrapp-bg-top.png HTTP/1.1 
Host: 40-40.ru
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://40-40.ru/wp-content/themes/Ceramics/css/style.css
Cookie: _ym_uid=1509537271541567229

                                         
                                         195.208.1.151
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Server: nginx/1.10.1
Date: Wed, 01 Nov 2017 11:54:32 GMT
Content-Length: 47603
Connection: keep-alive
Last-Modified: Thu, 02 Jun 2016 22:43:41 GMT
Etag: "5750b69d-b9f3"
Accept-Ranges: bytes


--- Additional Info ---
Magic:  PNG image, 1200 x 96, 8-bit/color RGBA, non-interlaced
Size:   47603
Md5:    0a870e1361404de0d030d6578e51c13d
Sha1:   e7b8a7152f33121847c889e6af1fa24b95a47308
Sha256: c7376f528c073608f21e1aafe4f0cd8a5e4bae4491f086be0c631eb9b6e552cd
                                        
                                            GET /wp-content/uploads/2016/05/plus3.png HTTP/1.1 
Host: 40-40.ru
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://40-40.ru/
Cookie: _ym_uid=1509537271541567229

                                         
                                         195.208.1.151
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Server: nginx/1.10.1
Date: Wed, 01 Nov 2017 11:54:32 GMT
Content-Length: 1528
Connection: keep-alive
Last-Modified: Thu, 02 Jun 2016 22:43:57 GMT
Etag: "5750b6ad-5f8"
Accept-Ranges: bytes


--- Additional Info ---
Magic:  PNG image, 50 x 50, 8-bit/color RGBA, non-interlaced
Size:   1528
Md5:    c2f3706d562e95905b562d7c0d0ef818
Sha1:   d7ba7a5231d22ae60815776d2e3abc89fb8f5189
Sha256: 5df92702a605e887aa09f8746ab40b595d4382c7018311772683b1a1baa27b47
                                        
                                            GET /wp-content/uploads/2016/05/plus4.png HTTP/1.1 
Host: 40-40.ru
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://40-40.ru/
Cookie: _ym_uid=1509537271541567229

                                         
                                         195.208.1.151
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Server: nginx/1.10.1
Date: Wed, 01 Nov 2017 11:54:32 GMT
Content-Length: 1408
Connection: keep-alive
Last-Modified: Thu, 02 Jun 2016 22:43:57 GMT
Etag: "5750b6ad-580"
Accept-Ranges: bytes


--- Additional Info ---
Magic:  PNG image, 56 x 54, 8-bit/color RGBA, non-interlaced
Size:   1408
Md5:    9efcbd264f0d7084fd779860d8ba3ff7
Sha1:   bb990acce9c0dc89948c5224a7d289a5932aec79
Sha256: ee7575244b19468c53d21d2fe32757205e0f4558fd3eaa07939eda9856cda3e1
                                        
                                            GET /wp-content/uploads/2016/05/plus2.png HTTP/1.1 
Host: 40-40.ru
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://40-40.ru/
Cookie: _ym_uid=1509537271541567229

                                         
                                         195.208.1.151
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Server: nginx/1.10.1
Date: Wed, 01 Nov 2017 11:54:32 GMT
Content-Length: 1747
Connection: keep-alive
Last-Modified: Thu, 02 Jun 2016 22:43:56 GMT
Etag: "5750b6ac-6d3"
Accept-Ranges: bytes


--- Additional Info ---
Magic:  PNG image, 58 x 52, 8-bit/color RGBA, non-interlaced
Size:   1747
Md5:    00d99602858c4303ba0dc4469b282039
Sha1:   fd6c2888110036a26721d084702d02752e374af4
Sha256: 2e7c7628f3ab22239774c810cc28d3cc47c8852c71ab74039457bf99ea1a2ed2
                                        
                                            GET /wp-content/uploads/2016/05/plus5.png HTTP/1.1 
Host: 40-40.ru
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://40-40.ru/
Cookie: _ym_uid=1509537271541567229

                                         
                                         195.208.1.151
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Server: nginx/1.10.1
Date: Wed, 01 Nov 2017 11:54:32 GMT
Content-Length: 1232
Connection: keep-alive
Last-Modified: Thu, 02 Jun 2016 22:43:57 GMT
Etag: "5750b6ad-4d0"
Accept-Ranges: bytes


--- Additional Info ---
Magic:  PNG image, 79 x 42, 8-bit/color RGBA, non-interlaced
Size:   1232
Md5:    64238f3d2ec2ebff80e507ea98705dba
Sha1:   d62fb6a8c7863e08eb4947d0af24913ee038a57e
Sha256: d04c9aafd40248f320f51c50b73f5357ef6c24f72ee8464e534fb6c7e67a8c0f
                                        
                                            GET /wp-content/themes/Ceramics/css/fonts/GOTHAPROLIG.otf HTTP/1.1 
Host: 40-40.ru
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://40-40.ru/wp-content/themes/Ceramics/css/style.css
Cookie: _ym_uid=1509537271541567229

                                         
                                         195.208.1.151
HTTP/1.1 200 OK
Content-Type: application/font-sfnt
                                        
Server: nginx/1.10.1
Date: Wed, 01 Nov 2017 11:54:32 GMT
Content-Length: 45532
Connection: keep-alive
Last-Modified: Thu, 02 Jun 2016 22:44:26 GMT
Etag: "b1dc-534535923c680"
Accept-Ranges: bytes


--- Additional Info ---
Magic:  OpenType font data
Size:   45532
Md5:    aab7d221c447103e2454922cae29a3d7
Sha1:   dfe7cc1ce9398717d7e10b8ab44f7ec4d5519383
Sha256: 894e3eaeea0e8d5250c2383f3ae6884c5430665e332162aebcd9675e94627b1f
                                        
                                            GET /wp-content/themes/Ceramics/css/fonts/GOTHAPROBOL.otf HTTP/1.1 
Host: 40-40.ru
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://40-40.ru/wp-content/themes/Ceramics/css/style.css
Cookie: _ym_uid=1509537271541567229

                                         
                                         195.208.1.151
HTTP/1.1 200 OK
Content-Type: application/font-sfnt
                                        
Server: nginx/1.10.1
Date: Wed, 01 Nov 2017 11:54:32 GMT
Content-Length: 47876
Connection: keep-alive
Last-Modified: Thu, 02 Jun 2016 22:44:25 GMT
Etag: "bb04-5345359148440"
Accept-Ranges: bytes


--- Additional Info ---
Magic:  OpenType font data
Size:   47876
Md5:    3f9c5a2b33fd28799ac8e55c093a4531
Sha1:   b5cfd8ffc8e8f3201f250ffb343fda0cf3428e40
Sha256: 2becfda652ce0a4df16bf4c7c16181f3cd27fba76c22912670cbd05dc9ca2156
                                        
                                            GET /wp-content/themes/Ceramics/img/back.jpg HTTP/1.1 
Host: 40-40.ru
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://40-40.ru/wp-content/themes/Ceramics/css/style.css

                                         
                                         195.208.1.151
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Server: nginx/1.10.1
Date: Wed, 01 Nov 2017 11:54:30 GMT
Content-Length: 332638
Connection: keep-alive
Last-Modified: Thu, 02 Jun 2016 22:43:16 GMT
Etag: "5750b684-5135e"
Accept-Ranges: bytes


--- Additional Info ---
Magic:  JPEG image data, EXIF standard
Size:   332638
Md5:    b44d7c3bb54f577d423c36e74f9749e8
Sha1:   e956850c530f638d02723ac82b1ff3845d3637ba
Sha256: 714051bed7f674cf3b93c2a64a54506a48dae7b07aa403b96fba257206f8f6b1

Alerts:
  IDS:
    - ET MALWARE All Numerical .ru Domain HTTP Request Likely Malware Related
                                        
                                            GET /wp-content/themes/Ceramics/css/fonts/MyriadProRegular/MyriadProRegular.woff HTTP/1.1 
Host: 40-40.ru
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://40-40.ru/wp-content/themes/Ceramics/css/style.css
Cookie: _ym_uid=1509537271541567229

                                         
                                         195.208.1.151
HTTP/1.1 200 OK
Content-Type: application/font-woff
                                        
Server: nginx/1.10.1
Date: Wed, 01 Nov 2017 11:54:32 GMT
Content-Length: 59864
Connection: keep-alive
Last-Modified: Thu, 02 Jun 2016 22:44:32 GMT
Etag: "e9d8-53453597f5400"
Accept-Ranges: bytes


--- Additional Info ---
Magic:  data
Size:   59864
Md5:    73a75a41596f80a2907891bcac8dde7b
Sha1:   5c615ff2a3505398d560f516cea822d244ffbb86
Sha256: 1480dded4b7ef65f3f3f28acd39d61e1d3a8cd9424079cba2099e54b85d3008e
                                        
                                            GET /wp-content/themes/Ceramics/img/footer-bg.jpg HTTP/1.1 
Host: 40-40.ru
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://40-40.ru/wp-content/themes/Ceramics/css/style.css
Cookie: _ym_uid=1509537271541567229

                                         
                                         195.208.1.151
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Server: nginx/1.10.1
Date: Wed, 01 Nov 2017 11:54:32 GMT
Content-Length: 20841
Connection: keep-alive
Last-Modified: Thu, 02 Jun 2016 22:43:36 GMT
Etag: "5750b698-5169"
Accept-Ranges: bytes


--- Additional Info ---
Magic:  JPEG image data
Size:   20841
Md5:    8cc5daeac61cbd4399ba88e756ec19dd
Sha1:   07c0009bdb2e23c8dcfce8c46ede006314a33ab7
Sha256: a720ff5d725761f07ed48af9fe3e1a300a6a70ac0a525859af9988e2af0e7ba2
                                        
                                            GET /wp-content/themes/Ceramics/img/wrapp-bg-bott.png HTTP/1.1 
Host: 40-40.ru
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://40-40.ru/wp-content/themes/Ceramics/css/style.css
Cookie: _ym_uid=1509537271541567229

                                         
                                         195.208.1.151
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Server: nginx/1.10.1
Date: Wed, 01 Nov 2017 11:54:32 GMT
Content-Length: 32329
Connection: keep-alive
Last-Modified: Thu, 02 Jun 2016 22:43:41 GMT
Etag: "5750b69d-7e49"
Accept-Ranges: bytes


--- Additional Info ---
Magic:  PNG image, 1200 x 63, 8-bit/color RGBA, non-interlaced
Size:   32329
Md5:    89116eacc8ef2569a0300ccc239f4c9b
Sha1:   d23ee303d8236edc08ded850009694bd6a0f57db
Sha256: d9136c1dd0bd49d3064ae0d26de45d45a7056b6df870ff1420a92bc3d7b29dbb
                                        
                                            GET /metrika/advert.gif HTTP/1.1 
Host: mc.yandex.ru
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://40-40.ru/

                                         
                                         213.180.193.119
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Server: nginx/1.8.1
Date: Wed, 01 Nov 2017 11:54:33 GMT
Content-Length: 43
Connection: keep-alive
P3P: CP="NOI DEVa TAIa OUR BUS UNI STA"
Last-Modified: Mon, 12 Oct 2015 13:09:09 GMT
Expires: Wed, 25 Sep 2047 11:54:33 GMT
X-XSS-Protection: 1; mode=block


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1
Size:   43
Md5:    df3e567d6f16d040326c7a0ea29a4f41
Sha1:   ea7df583983133b62712b5e73bffbcd45cc53736
Sha256: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
                                        
                                            OPTIONS /watch/33274887?wmode=7&page-url=http%3A%2F%2F40-40.ru%2F&browser-info=ti%3A10%3Aj%3A1%3As%3A1176x885x24%3Af%3A10.0.45.2%3Afpr%3A65694993101%3Acn%3A1%3Aw%3A1176x754%3Az%3A60%3Ai%3A20171101125430%3Aet%3A1509537272%3Aen%3Autf-8%3Av%3A908%3Ac%3A1%3Ala%3Aen-us%3Apv%3A1%3Als%3A966413892127%3Arqn%3A1%3Arn%3A295573923%3Ahid%3A180943707%3Awn%3A11630%3Ahl%3A1%3Arqnl%3A1%3Ast%3A1509537272%3Au%3A1509537271541567229%3At%3A%D0%A2%D0%94%20%D0%A0%D0%B5%D0%B3%D0%B8%D0%BE%D0%BD%20%D0%9A%D0%B5%D1%80%D0%B0%D0%BC%D0%B8%D0%BA%D0%B0%2C%20%D1%81%D1%82%D1%80%D0%BE%D0%B8%D1%82%D0%B5%D0%BB%D1%8C%D0%BD%D1%8B%D0%B5%20%D0%BC%D0%B0%D1%82%D0%B5%D1%80%D0%B8%D0%B0%D0%BB%D1%8B%20%D0%B2%20%D0%9A%D0%B0%D0%BB%D1%83%D0%B3%D0%B5 HTTP/1.1 
Host: mc.yandex.ru
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Origin: http://40-40.ru
Access-Control-Request-Method: POST

                                         
                                         213.180.193.119
HTTP/1.1 200 OK
                                        
Server: nginx/1.8.1
Date: Wed, 01 Nov 2017 11:54:33 GMT
Content-Length: 0
Connection: keep-alive
P3P: CP="NOI DEVa TAIa OUR BUS UNI STA"
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Credentials: true
Access-Control-Max-Age: 1728000
X-XSS-Protection: 1; mode=block


--- Additional Info ---
                                        
                                            GET /watch/33274887?wmode=5&callback=_ymjsp575688437&page-url=http%3A%2F%2F40-40.ru%2F&browser-info=ti%3A6%3Ati%3A10%3Aj%3A1%3As%3A1176x885x24%3Af%3A10.0.45.2%3Afpr%3A65694993101%3Acn%3A1%3Aw%3A1176x754%3Az%3A60%3Ai%3A20171101125430%3Aet%3A1509537272%3Aen%3Autf-8%3Av%3A908%3Ac%3A1%3Ala%3Aen-us%3Apv%3A1%3Als%3A966413892127%3Arqn%3A1%3Arn%3A295573923%3Ahid%3A180943707%3Awn%3A11630%3Ahl%3A1%3Arqnl%3A1%3Ast%3A1509537272%3Au%3A1509537271541567229%3At%3A%D0%A2%D0%94%20%D0%A0%D0%B5%D0%B3%D0%B8%D0%BE%D0%BD%20%D0%9A%D0%B5%D1%80%D0%B0%D0%BC%D0%B8%D0%BA%D0%B0%2C%20%D1%81%D1%82%D1%80%D0%BE%D0%B8%D1%82%D0%B5%D0%BB%D1%8C%D0%BD%D1%8B%D0%B5%20%D0%BC%D0%B0%D1%82%D0%B5%D1%80%D0%B8%D0%B0%D0%BB%D1%8B%20%D0%B2%20%D0%9A%D0%B0%D0%BB%D1%83%D0%B3%D0%B5 HTTP/1.1 
Host: mc.yandex.ru
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://40-40.ru/

                                         
                                         213.180.193.119
HTTP/1.1 302 Found
                                        
Server: nginx/1.8.1
Date: Wed, 01 Nov 2017 11:54:33 GMT
Content-Length: 0
Connection: keep-alive
P3P: CP="NOI DEVa TAIa OUR BUS UNI STA"
Last-Modified: Wed, 01 Nov 2017 11:54:33 GMT
Expires: Wed, 01 Nov 2017 11:54:33 GMT
Cache-Control: private, no-cache, no-store, must-revalidate, max-age=0
Pragma: no-cache
Set-Cookie: yandexuid=1650446141509537273; domain=.yandex.ru; path=/; expires=Sat, 30-Oct-2027 11:54:33 GMT yp=1824897273.yrts.1509537273; domain=.yandex.ru; path=/; expires=Sat, 30-Oct-2027 11:54:33 GMT yabs-sid=646347581509537273; path=/ i=+T2bNPyUxXpaEVWYMhCFsp+Cebvqnbtald0UOQXSiTzwH0DqowoFT36nWUX9idr/I1zSz5RONm2b53Bx9hMMNBZeU1g=; Expires=Sat, 30-Oct-2027 11:54:33 GMT; Domain=.yandex.ru; Path=/; HttpOnly
Location: https://mc.yandex.ru/watch/33274887/1?wmode=5&callback=_ymjsp575688437&page-url=http%3A%2F%2F40-40.ru%2F&browser-info=ti%3A6%3Ati%3A10%3Aj%3A1%3As%3A1176x885x24%3Af%3A10.0.45.2%3Afpr%3A65694993101%3Acn%3A1%3Aw%3A1176x754%3Az%3A60%3Ai%3A20171101125430%3Aet%3A1509537272%3Aen%3Autf-8%3Av%3A908%3Ac%3A1%3Ala%3Aen-us%3Apv%3A1%3Als%3A966413892127%3Arqn%3A1%3Arn%3A295573923%3Ahid%3A180943707%3Awn%3A11630%3Ahl%3A1%3Arqnl%3A1%3Ast%3A1509537272%3Au%3A1509537271541567229%3At%3A%D0%A2%D0%94%20%D0%A0%D0%B5%D0%B3%D0%B8%D0%BE%D0%BD%20%D0%9A%D0%B5%D1%80%D0%B0%D0%BC%D0%B8%D0%BA%D0%B0%2C%20%D1%81%D1%82%D1%80%D0%BE%D0%B8%D1%82%D0%B5%D0%BB%D1%8C%D0%BD%D1%8B%D0%B5%20%D0%BC%D0%B0%D1%82%D0%B5%D1%80%D0%B8%D0%B0%D0%BB%D1%8B%20%D0%B2%20%D0%9A%D0%B0%D0%BB%D1%83%D0%B3%D0%B5
X-XSS-Protection: 1; mode=block


--- Additional Info ---
                                        
                                            GET /watch/33274887/1?wmode=5&callback=_ymjsp575688437&page-url=http%3A%2F%2F40-40.ru%2F&browser-info=ti%3A6%3Ati%3A10%3Aj%3A1%3As%3A1176x885x24%3Af%3A10.0.45.2%3Afpr%3A65694993101%3Acn%3A1%3Aw%3A1176x754%3Az%3A60%3Ai%3A20171101125430%3Aet%3A1509537272%3Aen%3Autf-8%3Av%3A908%3Ac%3A1%3Ala%3Aen-us%3Apv%3A1%3Als%3A966413892127%3Arqn%3A1%3Arn%3A295573923%3Ahid%3A180943707%3Awn%3A11630%3Ahl%3A1%3Arqnl%3A1%3Ast%3A1509537272%3Au%3A1509537271541567229%3At%3A%D0%A2%D0%94%20%D0%A0%D0%B5%D0%B3%D0%B8%D0%BE%D0%BD%20%D0%9A%D0%B5%D1%80%D0%B0%D0%BC%D0%B8%D0%BA%D0%B0%2C%20%D1%81%D1%82%D1%80%D0%BE%D0%B8%D1%82%D0%B5%D0%BB%D1%8C%D0%BD%D1%8B%D0%B5%20%D0%BC%D0%B0%D1%82%D0%B5%D1%80%D0%B8%D0%B0%D0%BB%D1%8B%20%D0%B2%20%D0%9A%D0%B0%D0%BB%D1%83%D0%B3%D0%B5 HTTP/1.1 
Host: mc.yandex.ru
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://40-40.ru/
Cookie: yandexuid=1650446141509537273; yp=1824897273.yrts.1509537273; yabs-sid=646347581509537273; i=+T2bNPyUxXpaEVWYMhCFsp+Cebvqnbtald0UOQXSiTzwH0DqowoFT36nWUX9idr/I1zSz5RONm2b53Bx9hMMNBZeU1g=

                                         
                                         213.180.193.119
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Server: nginx/1.8.1
Date: Wed, 01 Nov 2017 11:54:33 GMT
Content-Length: 132
Connection: keep-alive
P3P: CP="NOI DEVa TAIa OUR BUS UNI STA"
Last-Modified: Wed, 01 Nov 2017 11:54:33 GMT
Expires: Wed, 01 Nov 2017 11:54:33 GMT
Cache-Control: private, no-cache, no-store, must-revalidate, max-age=0
Pragma: no-cache
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block


--- Additional Info ---
Magic:  ASCII text, with no line terminators
Size:   132
Md5:    e20f8f3f6a8d25ca7b1bc5c1e7f88bef
Sha1:   a8e51342a02f4efd1394e4676cccd3e29fa18644
Sha256: 374a8c0bf8338b8b5f87145e7a692c3492b5cfc26dea61d45ccd174634d2453b
                                        
                                            OPTIONS /watch/33274887?page-url=http%3A%2F%2F40-40.ru%2F&browser-info=ti%3A7%3Aj%3A1%3As%3A1176x885x24%3Aadb%3A2%3Af%3A10.0.45.2%3Afpr%3A65694993101%3Acn%3A1%3Aw%3A1159x754%3Az%3A60%3Ai%3A20171101125446%3Aet%3A1509537287%3Aen%3Autf-8%3Av%3A908%3Ac%3A1%3Ala%3Aen-us%3Aar%3A1%3Anb%3A1%3Acl%3A3723%3Als%3A966413892127%3Arqn%3A2%3Arn%3A121256378%3Ahid%3A180943707%3Arqnl%3A1%3Ast%3A1509537287%3Au%3A1509537271541567229 HTTP/1.1 
Host: mc.yandex.ru
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Origin: http://40-40.ru
Access-Control-Request-Method: POST

                                         
                                         213.180.193.119
HTTP/1.1 200 OK
                                        
Server: nginx/1.8.1
Date: Wed, 01 Nov 2017 11:54:46 GMT
Content-Length: 0
Connection: keep-alive
P3P: CP="NOI DEVa TAIa OUR BUS UNI STA"
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Credentials: true
Access-Control-Max-Age: 1728000
X-XSS-Protection: 1; mode=block


--- Additional Info ---
                                        
                                            GET /watch/33274887?page-url=http%3A%2F%2F40-40.ru%2F&browser-info=ti%3A4%3Aj%3A1%3As%3A1176x885x24%3Aadb%3A2%3Af%3A10.0.45.2%3Afpr%3A65694993101%3Acn%3A1%3Aw%3A1159x754%3Az%3A60%3Ai%3A20171101125446%3Aet%3A1509537287%3Aen%3Autf-8%3Av%3A908%3Ac%3A1%3Ala%3Aen-us%3Aar%3A1%3Anb%3A1%3Acl%3A3723%3Als%3A966413892127%3Arqn%3A2%3Arn%3A121256378%3Ahid%3A180943707%3Arqnl%3A1%3Ast%3A1509537287%3Au%3A1509537271541567229 HTTP/1.1 
Host: mc.yandex.ru
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://40-40.ru/
Cookie: yandexuid=1650446141509537273; yp=1824897273.yrts.1509537273; yabs-sid=646347581509537273; i=+T2bNPyUxXpaEVWYMhCFsp+Cebvqnbtald0UOQXSiTzwH0DqowoFT36nWUX9idr/I1zSz5RONm2b53Bx9hMMNBZeU1g=

                                         
                                         213.180.193.119
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Server: nginx/1.8.1
Date: Wed, 01 Nov 2017 11:54:46 GMT
Content-Length: 43
Connection: keep-alive
P3P: CP="NOI DEVa TAIa OUR BUS UNI STA"
Last-Modified: Wed, 01 Nov 2017 11:54:46 GMT
Expires: Wed, 01 Nov 2017 11:54:46 GMT
Cache-Control: private, no-cache, no-store, must-revalidate, max-age=0
Pragma: no-cache
X-XSS-Protection: 1; mode=block


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1
Size:   43
Md5:    df3e567d6f16d040326c7a0ea29a4f41
Sha1:   ea7df583983133b62712b5e73bffbcd45cc53736
Sha256: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
                                        
                                            GET /wp-content/themes/Ceramics/img/logo-keramika.svg HTTP/1.1 
Host: 40-40.ru
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://40-40.ru/

                                         
                                         195.208.1.151
HTTP/1.1 200 OK
Content-Type: image/svg+xml
                                        
Server: nginx/1.10.1
Date: Wed, 01 Nov 2017 11:54:26 GMT
Content-Length: 32937
Connection: keep-alive
Last-Modified: Tue, 26 Jul 2016 10:11:21 GMT
Etag: "80a9-538871f55a440"
Accept-Ranges: bytes


--- Additional Info ---