0 B IP
ASN #197695 Domain names registrar REG.RU, Ltd
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
NIDS Severity Alert suricata medium ET ADWARE_PUP All Numerical .ru Domain HTTP Request Likely Malware Related
GET / HTTP/1.1
Host: 0040.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 302 Found
Set-Cookie: tplVer=06-18
Location: /en/
Content-type: text/html; charset=UTF-8
Content-Length: 0
Date: Thu, 30 Nov 2023 20:27:54 GMT
Server: lighttpd/1.4.45
200 OK 30 kB URL User Request GET HTTP/1.1 IP
ASN #197695 Domain names registrar REG.RU, Ltd
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (1365)
Hash dbb407d31b0c9d0cea6e0ae1d6d5ea3d
e8fd92212cfa0da1d17d64c3f0bfac5fedd2082b
e9e40f3e31d887dca3f318dbbadb4eef000bc194709a62669609ee26ffc53e30
NIDS Severity Alert suricata medium ET ADWARE_PUP All Numerical .ru Domain HTTP Request Likely Malware Related
GET /en/ HTTP/1.1
Host: 0040.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Cookie: tplVer=06-18
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Set-Cookie: tplVer=06-18
Expires: Tue, 11 Jun 1985 05:00:00 GMT
Last-Modified: Thu, 30 Nov 2023 20:27:54 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Content-type: text/html; charset=UTF-8
Content-Length: 29531
Date: Thu, 30 Nov 2023 20:27:54 GMT
Server: lighttpd/1.4.45
0040.ru/06-18/css/vnd/jquery.mCustomScrollbar.css
200 OK 5.4 kB URL GET HTTP/1.1 0040.ru/06-18/css/vnd/jquery.mCustomScrollbar.css
IP
ASN #197695 Domain names registrar REG.RU, Ltd
Hash 71cc207e7021c5eafeff705cf044610f
90677f6813b432a14d30b92e023fb7ffceb8ba01
5d42932e35199c5553241710c27806d7a9af9925b2b437897168d119b6d384a6
NIDS Severity Alert suricata medium ET ADWARE_PUP All Numerical .ru Domain HTTP Request Likely Malware Related
GET /06-18/css/vnd/jquery.mCustomScrollbar.css HTTP/1.1
Host: 0040.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://0040.ru/en/
Cookie: tplVer=06-18
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Vary: Accept-Encoding
Content-Encoding: gzip
Last-Modified: Mon, 08 Aug 2022 12:00:01 GMT
ETag: "2065225055"
Content-Type: text/css
Accept-Ranges: bytes
Expires: Sun, 24 Nov 2024 20:27:54 GMT
Cache-Control: max-age=31104000
Content-Length: 5395
Date: Thu, 30 Nov 2023 20:27:54 GMT
Server: lighttpd/1.4.45
0040.ru/06-18/css/vnd/normilize.css
200 OK 2.6 kB URL GET HTTP/1.1 0040.ru/06-18/css/vnd/normilize.css
IP
ASN #197695 Domain names registrar REG.RU, Ltd
Hash 27b6b8c2ec16cdad813cb91528f64d47
7d2aa40f2470173afce5c0a19cb82ffe1dda9dc4
4fa0a39d7c995179541f10d69032966522f7e25583ace1ecdeacfb89ddb2f580
NIDS Severity Alert suricata medium ET ADWARE_PUP All Numerical .ru Domain HTTP Request Likely Malware Related
GET /06-18/css/vnd/normilize.css HTTP/1.1
Host: 0040.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://0040.ru/en/
Cookie: tplVer=06-18
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Vary: Accept-Encoding
Content-Encoding: gzip
Last-Modified: Mon, 08 Aug 2022 12:00:01 GMT
ETag: "2067123167"
Content-Type: text/css
Accept-Ranges: bytes
Expires: Sun, 24 Nov 2024 20:27:54 GMT
Cache-Control: max-age=31104000
Content-Length: 2602
Date: Thu, 30 Nov 2023 20:27:54 GMT
Server: lighttpd/1.4.45
0040.ru/06-18/css/feedback-form.css?1
200 OK 3.1 kB URL GET HTTP/1.1 0040.ru/06-18/css/feedback-form.css?1
IP
ASN #197695 Domain names registrar REG.RU, Ltd
Hash d83b5e7c25478c4a47f26228b0f3047e
d9bd24e5355619b0f0bd2d66f205364775df0904
0fbfce353c6e7ce068f939a45c51e68d6c80dac43b3de637907bc12204de19b2
NIDS Severity Alert suricata medium ET ADWARE_PUP All Numerical .ru Domain HTTP Request Likely Malware Related
GET /06-18/css/feedback-form.css?1 HTTP/1.1
Host: 0040.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://0040.ru/en/
Cookie: tplVer=06-18
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Vary: Accept-Encoding
Content-Encoding: gzip
Last-Modified: Mon, 08 Aug 2022 12:00:01 GMT
ETag: "4246516022"
Content-Type: text/css
Accept-Ranges: bytes
Expires: Sun, 24 Nov 2024 20:27:54 GMT
Cache-Control: max-age=31104000
Content-Length: 3069
Date: Thu, 30 Nov 2023 20:27:54 GMT
Server: lighttpd/1.4.45
0040.ru/06-18/css/broker132.css
200 OK 766 B URL GET HTTP/1.1 0040.ru/06-18/css/broker132.css
IP
ASN #197695 Domain names registrar REG.RU, Ltd
Hash 09a2a175afc4919f0b144d3841e78b58
142e4217f922371f8a1abd64e24e3569f85002d1
33a72ce2365799ee56cbcab921e36b3f1ed730e5fedb9b0d01a13ee56d1baedc
NIDS Severity Alert suricata medium ET ADWARE_PUP All Numerical .ru Domain HTTP Request Likely Malware Related
GET /06-18/css/broker132.css HTTP/1.1
Host: 0040.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://0040.ru/en/
Cookie: tplVer=06-18
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Vary: Accept-Encoding
Content-Encoding: gzip
Last-Modified: Mon, 08 Aug 2022 12:00:01 GMT
ETag: "3208002300"
Content-Type: text/css
Accept-Ranges: bytes
Expires: Sun, 24 Nov 2024 20:27:54 GMT
Cache-Control: max-age=31104000
Content-Length: 766
Date: Thu, 30 Nov 2023 20:27:54 GMT
Server: lighttpd/1.4.45
0040.ru/06-18/css/price.css?74
200 OK 2.9 kB URL GET HTTP/1.1 0040.ru/06-18/css/price.css?74
IP
ASN #197695 Domain names registrar REG.RU, Ltd
Hash 40088bccc26546878682aa4e873066e2
9d946f67e36d17d4187df86c4f9865475dc9a95f
d55d01c83de45346ababed9f189acb73fb4f3f7c18da6c7450b878e67204f2d3
NIDS Severity Alert suricata medium ET ADWARE_PUP All Numerical .ru Domain HTTP Request Likely Malware Related
GET /06-18/css/price.css?74 HTTP/1.1
Host: 0040.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://0040.ru/en/
Cookie: tplVer=06-18
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Vary: Accept-Encoding
Content-Encoding: gzip
Last-Modified: Mon, 08 Aug 2022 12:00:01 GMT
ETag: "4193890614"
Content-Type: text/css
Accept-Ranges: bytes
Expires: Sun, 24 Nov 2024 20:27:54 GMT
Cache-Control: max-age=31104000
Content-Length: 2891
Date: Thu, 30 Nov 2023 20:27:54 GMT
Server: lighttpd/1.4.45
0040.ru/06-18/css/general.css?3
200 OK 1.6 kB URL GET HTTP/1.1 0040.ru/06-18/css/general.css?3
IP
ASN #197695 Domain names registrar REG.RU, Ltd
Hash 9c4c1a25c7c4ff52ce37540130d37049
d87b7dd521ee258d8812b6070646e365fee462e5
d923f197604ceb14c4b62fe9f5d2f6638a777def0ed5fa25c09e6a8d5416f725
NIDS Severity Alert suricata medium ET ADWARE_PUP All Numerical .ru Domain HTTP Request Likely Malware Related
GET /06-18/css/general.css?3 HTTP/1.1
Host: 0040.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://0040.ru/en/
Cookie: tplVer=06-18
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Vary: Accept-Encoding
Content-Encoding: gzip
Last-Modified: Mon, 08 Aug 2022 12:00:01 GMT
ETag: "3781112117"
Content-Type: text/css
Accept-Ranges: bytes
Expires: Sun, 24 Nov 2024 20:27:54 GMT
Cache-Control: max-age=31104000
Content-Length: 1576
Date: Thu, 30 Nov 2023 20:27:54 GMT
Server: lighttpd/1.4.45
0040.ru/06-18/css/pnotify.css?2
200 OK 1.8 kB URL GET HTTP/1.1 0040.ru/06-18/css/pnotify.css?2
IP
ASN #197695 Domain names registrar REG.RU, Ltd
Hash 9bcd8b8eb0f114a135b9299451a1234d
f9de256d1b7f4a7f7a74859b9081102df4e1ee9e
8a8258a397083dff76361ef2c8ebae9702fcf7f5a69f8a236062945af1135a07
NIDS Severity Alert suricata medium ET ADWARE_PUP All Numerical .ru Domain HTTP Request Likely Malware Related
GET /06-18/css/pnotify.css?2 HTTP/1.1
Host: 0040.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://0040.ru/en/
Cookie: tplVer=06-18
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Vary: Accept-Encoding
Content-Encoding: gzip
Last-Modified: Mon, 08 Aug 2022 12:00:01 GMT
ETag: "4189876533"
Content-Type: text/css
Accept-Ranges: bytes
Expires: Sun, 24 Nov 2024 20:27:54 GMT
Cache-Control: max-age=31104000
Content-Length: 1771
Date: Thu, 30 Nov 2023 20:27:54 GMT
Server: lighttpd/1.4.45
0040.ru/06-18/css/bootstrap.min.css
200 OK 20 kB URL GET HTTP/1.1 0040.ru/06-18/css/bootstrap.min.css
IP
ASN #197695 Domain names registrar REG.RU, Ltd
File type ASCII text, with very long lines (65371)
Hash 5718db296067f0a09a655cdf974ce2bc
93c7aee4fbfd3c6191c45f06b5ecb74dcb4db498
7c2355ad2040c6a09ea345ef2d5d9cb3619a6b31efebe1d777f380cdfbe3046a
NIDS Severity Alert suricata medium ET ADWARE_PUP All Numerical .ru Domain HTTP Request Likely Malware Related
GET /06-18/css/bootstrap.min.css HTTP/1.1
Host: 0040.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://0040.ru/en/
Cookie: tplVer=06-18
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Vary: Accept-Encoding
Content-Encoding: gzip
Last-Modified: Mon, 08 Aug 2022 12:00:01 GMT
ETag: "4039428121"
Content-Type: text/css
Accept-Ranges: bytes
Expires: Sun, 24 Nov 2024 20:27:54 GMT
Cache-Control: max-age=31104000
Content-Length: 19735
Date: Thu, 30 Nov 2023 20:27:54 GMT
Server: lighttpd/1.4.45
0040.ru/06-18/js/vnd/modernizr-2.6.2.min.js
200 OK 6.2 kB URL GET HTTP/1.1 0040.ru/06-18/js/vnd/modernizr-2.6.2.min.js
IP
ASN #197695 Domain names registrar REG.RU, Ltd
File type HTML document, ASCII text, with very long lines (14756)
Hash 42306a279a9e831515347ae319181cd1
d069641242e4fe1beb6de8f53a77dd964c98bce0
cf25ec18f223f4c51ce1128a42e644cdc2244d88f89d1a51440d9dbe51f4efe8
NIDS Severity Alert suricata medium ET ADWARE_PUP All Numerical .ru Domain HTTP Request Likely Malware Related
GET /06-18/js/vnd/modernizr-2.6.2.min.js HTTP/1.1
Host: 0040.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://0040.ru/en/
Cookie: tplVer=06-18
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Vary: Accept-Encoding
Content-Encoding: gzip
Last-Modified: Mon, 08 Aug 2022 12:00:02 GMT
ETag: "3356661023"
Content-Type: application/javascript
Accept-Ranges: bytes
Expires: Sun, 24 Nov 2024 20:27:54 GMT
Cache-Control: max-age=31104000
Content-Length: 6246
Date: Thu, 30 Nov 2023 20:27:54 GMT
Server: lighttpd/1.4.45
0040.ru/06-18/js/langVars.js
200 OK 264 B URL GET HTTP/1.1 0040.ru/06-18/js/langVars.js
IP
ASN #197695 Domain names registrar REG.RU, Ltd
Hash a8ef6f8ba742d421a30a9b29b79ac8c9
1faa5efc3da5f7a3bff8784e441ab2793c69f888
7b07f74216c6c2209fddbe239be9545de1773041adbfb26ccf5985cd46212216
NIDS Severity Alert suricata medium ET ADWARE_PUP All Numerical .ru Domain HTTP Request Likely Malware Related
GET /06-18/js/langVars.js HTTP/1.1
Host: 0040.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://0040.ru/en/
Cookie: tplVer=06-18
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Vary: Accept-Encoding
Content-Encoding: gzip
Last-Modified: Mon, 08 Aug 2022 12:00:02 GMT
ETag: "1172282810"
Content-Type: application/javascript
Accept-Ranges: bytes
Expires: Sun, 24 Nov 2024 20:27:54 GMT
Cache-Control: max-age=31104000
Content-Length: 264
Date: Thu, 30 Nov 2023 20:27:54 GMT
Server: lighttpd/1.4.45
0040.ru/06-18/js/vnd/jquery.min.js
200 OK 33 kB URL GET HTTP/1.1 0040.ru/06-18/js/vnd/jquery.min.js
IP
ASN #197695 Domain names registrar REG.RU, Ltd
File type ASCII text, with very long lines (32072)
Hash e0e0559014b222245deb26b6ae8bd940
e2f3603e23711f6446f278a411d905623d65201e
89a15e9c40bc6b14809f236ee8cd3ed1ea42393c1f6ca55c7855cd779b3f922e
NIDS Severity Alert suricata medium ET ADWARE_PUP All Numerical .ru Domain HTTP Request Likely Malware Related
GET /06-18/js/vnd/jquery.min.js HTTP/1.1
Host: 0040.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://0040.ru/en/
Cookie: tplVer=06-18
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Vary: Accept-Encoding
Content-Encoding: gzip
Last-Modified: Mon, 08 Aug 2022 12:00:02 GMT
ETag: "4179613084"
Content-Type: application/javascript
Accept-Ranges: bytes
Expires: Sun, 24 Nov 2024 20:27:54 GMT
Cache-Control: max-age=31104000
Content-Length: 32822
Date: Thu, 30 Nov 2023 20:27:54 GMT
Server: lighttpd/1.4.45
0040.ru/06-18/js/vnd/bootstrap.min.js
200 OK 9.8 kB URL GET HTTP/1.1 0040.ru/06-18/js/vnd/bootstrap.min.js
IP
ASN #197695 Domain names registrar REG.RU, Ltd
File type ASCII text, with very long lines (32003)
Hash c5b5b2fa19bd66ff23211d9f844e0131
791aa054a026bddc0de92bad6cf7a1c6e73713d5
2979f9a6e32fc42c3e7406339ee9fe76b31d1b52059776a02b4a7fa6a4fd280a
NIDS Severity Alert suricata medium ET ADWARE_PUP All Numerical .ru Domain HTTP Request Likely Malware Related
GET /06-18/js/vnd/bootstrap.min.js HTTP/1.1
Host: 0040.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://0040.ru/en/
Cookie: tplVer=06-18
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Vary: Accept-Encoding
Content-Encoding: gzip
Last-Modified: Mon, 08 Aug 2022 12:00:02 GMT
ETag: "2029507902"
Content-Type: application/javascript
Accept-Ranges: bytes
Expires: Sun, 24 Nov 2024 20:27:54 GMT
Cache-Control: max-age=31104000
Content-Length: 9764
Date: Thu, 30 Nov 2023 20:27:54 GMT
Server: lighttpd/1.4.45
0040.ru/06-18/js/vnd/jquery.validate.min.js
200 OK 7.5 kB URL GET HTTP/1.1 0040.ru/06-18/js/vnd/jquery.validate.min.js
IP
ASN #197695 Domain names registrar REG.RU, Ltd
File type Unicode text, UTF-8 text, with very long lines (23122)
Hash 93c1dd8416ac2af1850652d5b620a142
6a76e4c7db479053350580469aa010febfdcacd0
17a879e50c3ab3078afaded288e257fb66e94806b76ff7e796b54226f9848f50
NIDS Severity Alert suricata medium ET ADWARE_PUP All Numerical .ru Domain HTTP Request Likely Malware Related
GET /06-18/js/vnd/jquery.validate.min.js HTTP/1.1
Host: 0040.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://0040.ru/en/
Cookie: tplVer=06-18
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Vary: Accept-Encoding
Content-Encoding: gzip
Last-Modified: Mon, 08 Aug 2022 12:00:02 GMT
ETag: "3506296108"
Content-Type: application/javascript
Accept-Ranges: bytes
Expires: Sun, 24 Nov 2024 20:27:54 GMT
Cache-Control: max-age=31104000
Content-Length: 7502
Date: Thu, 30 Nov 2023 20:27:54 GMT
Server: lighttpd/1.4.45
0040.ru/06-18/js/vnd/additional-methods.min.js
200 OK 5.5 kB URL GET HTTP/1.1 0040.ru/06-18/js/vnd/additional-methods.min.js
IP
ASN #197695 Domain names registrar REG.RU, Ltd
File type Unicode text, UTF-8 text, with very long lines (18318)
Hash ced61b5d0a48d60fc5522b02ca25570b
633d4e393fbef18319f37bb798a3b787b907c21b
d1883f7a26d574acb192e568d50c21d03b29a14087bd26e6fe83a8615cf7d814
NIDS Severity Alert suricata medium ET ADWARE_PUP All Numerical .ru Domain HTTP Request Likely Malware Related
GET /06-18/js/vnd/additional-methods.min.js HTTP/1.1
Host: 0040.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://0040.ru/en/
Cookie: tplVer=06-18
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Vary: Accept-Encoding
Content-Encoding: gzip
Last-Modified: Mon, 08 Aug 2022 12:00:02 GMT
ETag: "1224447257"
Content-Type: application/javascript
Accept-Ranges: bytes
Expires: Sun, 24 Nov 2024 20:27:54 GMT
Cache-Control: max-age=31104000
Content-Length: 5457
Date: Thu, 30 Nov 2023 20:27:54 GMT
Server: lighttpd/1.4.45
0040.ru/06-18/js/numInputValidate.js
200 OK 240 B URL GET HTTP/1.1 0040.ru/06-18/js/numInputValidate.js
IP
ASN #197695 Domain names registrar REG.RU, Ltd
Hash acca9a09466fe21826fd7c4c958ac8a4
6e44fc9711273dac0ad2bf0e7543bcfdb4bf0dd4
9f3b81d60bee310fd585fb9e9184d8da64eb0608d0f2b12f13b54b1c008a7a2d
NIDS Severity Alert suricata medium ET ADWARE_PUP All Numerical .ru Domain HTTP Request Likely Malware Related
GET /06-18/js/numInputValidate.js HTTP/1.1
Host: 0040.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://0040.ru/en/
Cookie: tplVer=06-18
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Vary: Accept-Encoding
Content-Encoding: gzip
Last-Modified: Mon, 08 Aug 2022 12:00:02 GMT
ETag: "1480294826"
Content-Type: application/javascript
Accept-Ranges: bytes
Expires: Sun, 24 Nov 2024 20:27:54 GMT
Cache-Control: max-age=31104000
Content-Length: 240
Date: Thu, 30 Nov 2023 20:27:54 GMT
Server: lighttpd/1.4.45
0040.ru/06-18/js/vnd/plugins.js
200 OK 27 kB URL GET HTTP/1.1 0040.ru/06-18/js/vnd/plugins.js
IP
ASN #197695 Domain names registrar REG.RU, Ltd
File type Unicode text, UTF-8 text, with very long lines (32040)
Hash e269577cab6884e374f008693676eaff
43aabaddb743840ccae609bf4b92d9e148c2cf51
74307d06c24d2a122b624efe4a7e2ca315dea265a94b740f8286ee65e9e55fa9
NIDS Severity Alert suricata medium ET ADWARE_PUP All Numerical .ru Domain HTTP Request Likely Malware Related
GET /06-18/js/vnd/plugins.js HTTP/1.1
Host: 0040.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://0040.ru/en/
Cookie: tplVer=06-18
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Vary: Accept-Encoding
Content-Encoding: gzip
Last-Modified: Mon, 08 Aug 2022 12:00:02 GMT
ETag: "3293877630"
Content-Type: application/javascript
Accept-Ranges: bytes
Expires: Sun, 24 Nov 2024 20:27:54 GMT
Cache-Control: max-age=31104000
Content-Length: 27134
Date: Thu, 30 Nov 2023 20:27:54 GMT
Server: lighttpd/1.4.45
0040.ru/06-18/js/feedbackForm.js?3
200 OK 2.6 kB URL GET HTTP/1.1 0040.ru/06-18/js/feedbackForm.js?3
IP
ASN #197695 Domain names registrar REG.RU, Ltd
Hash e9ee9bae895956cc037a115fa5c8bce9
053b3a0ed157908c6e92ba91d3ea707b1dd5e662
2f14ba037a509d5de90270998e37a0261302989917c4061e5ff973f88ce25531
NIDS Severity Alert suricata medium ET ADWARE_PUP All Numerical .ru Domain HTTP Request Likely Malware Related
GET /06-18/js/feedbackForm.js?3 HTTP/1.1
Host: 0040.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://0040.ru/en/
Cookie: tplVer=06-18
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Vary: Accept-Encoding
Content-Encoding: gzip
Last-Modified: Mon, 08 Aug 2022 12:00:02 GMT
ETag: "2105427928"
Content-Type: application/javascript
Accept-Ranges: bytes
Expires: Sun, 24 Nov 2024 20:27:54 GMT
Cache-Control: max-age=31104000
Content-Length: 2562
Date: Thu, 30 Nov 2023 20:27:54 GMT
Server: lighttpd/1.4.45
0040.ru/06-18/js/pnotify.js
200 OK 10 kB URL GET HTTP/1.1 0040.ru/06-18/js/pnotify.js
IP
ASN #197695 Domain names registrar REG.RU, Ltd
Hash 957aa06c5dc817cb9d445a59c72b4e82
60c5de4ad1d62bc8d7d5c70de6c82b98fa17f716
8d12e5f892436d4b85a7835d77938ccd90ed2ce294ad1d4b758978ae19752567
NIDS Severity Alert suricata medium ET ADWARE_PUP All Numerical .ru Domain HTTP Request Likely Malware Related
GET /06-18/js/pnotify.js HTTP/1.1
Host: 0040.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://0040.ru/en/
Cookie: tplVer=06-18
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Vary: Accept-Encoding
Content-Encoding: gzip
Last-Modified: Mon, 08 Aug 2022 12:00:02 GMT
ETag: "1301402975"
Content-Type: application/javascript
Accept-Ranges: bytes
Expires: Sun, 24 Nov 2024 20:27:54 GMT
Cache-Control: max-age=31104000
Content-Length: 10152
Date: Thu, 30 Nov 2023 20:27:54 GMT
Server: lighttpd/1.4.45
0040.ru/06-18/js/statistics.js?4
200 OK 267 B URL GET HTTP/1.1 0040.ru/06-18/js/statistics.js?4
IP
ASN #197695 Domain names registrar REG.RU, Ltd
Hash 53a8fd8c5fafeb85d75988d7ceafbee7
e4e2ff96b16b6bbccdf76fbe4895a11b1f8cb81e
e2ec9adf9320806d868c0f8d3351df18a3a4605d892646e88387370f053b0247
NIDS Severity Alert suricata medium ET ADWARE_PUP All Numerical .ru Domain HTTP Request Likely Malware Related
GET /06-18/js/statistics.js?4 HTTP/1.1
Host: 0040.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://0040.ru/en/
Cookie: tplVer=06-18
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Vary: Accept-Encoding
Content-Encoding: gzip
Last-Modified: Mon, 08 Aug 2022 12:00:02 GMT
ETag: "1973146426"
Content-Type: application/javascript
Accept-Ranges: bytes
Expires: Sun, 24 Nov 2024 20:27:54 GMT
Cache-Control: max-age=31104000
Content-Length: 267
Date: Thu, 30 Nov 2023 20:27:54 GMT
Server: lighttpd/1.4.45
0040.ru/06-18/js/callback/check.php?
200 OK 0 B URL GET HTTP/1.1 0040.ru/06-18/js/callback/check.php?
IP
ASN #197695 Domain names registrar REG.RU, Ltd
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
NIDS Severity Alert suricata medium ET ADWARE_PUP All Numerical .ru Domain HTTP Request Likely Malware Related
GET /06-18/js/callback/check.php? HTTP/1.1
Host: 0040.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://0040.ru/en/
Cookie: tplVer=06-18
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Expires: Tue, 11 Jun 1985 05:00:00 GMT
Last-Modified: Thu, 30 Nov 2023 20:27:54 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Content-type: text/javascript;charset=UTF-8
Content-Length: 0
Date: Thu, 30 Nov 2023 20:27:54 GMT
Server: lighttpd/1.4.45
0040.ru/06-18/js/vnd/jquery.mCustomScrollbar.concat.min.js
200 OK 12 kB URL GET HTTP/1.1 0040.ru/06-18/js/vnd/jquery.mCustomScrollbar.concat.min.js
IP
ASN #197695 Domain names registrar REG.RU, Ltd
File type ASCII text, with very long lines (32087)
Hash bd03664ff7e0c951d1ee8a8b35112620
fb2e95b50c6cfda480d30cd242f38bf52da692ab
78e833e94979adbcc05fa064da0f213c76039732675d416558c87621ce1d5c74
NIDS Severity Alert suricata medium ET ADWARE_PUP All Numerical .ru Domain HTTP Request Likely Malware Related
GET /06-18/js/vnd/jquery.mCustomScrollbar.concat.min.js HTTP/1.1
Host: 0040.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://0040.ru/en/
Cookie: tplVer=06-18
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Vary: Accept-Encoding
Content-Encoding: gzip
Last-Modified: Mon, 08 Aug 2022 12:00:02 GMT
ETag: "3510261049"
Content-Type: application/javascript
Accept-Ranges: bytes
Expires: Sun, 24 Nov 2024 20:27:54 GMT
Cache-Control: max-age=31104000
Content-Length: 11950
Date: Thu, 30 Nov 2023 20:27:54 GMT
Server: lighttpd/1.4.45
0040.ru/06-18/js/price.js
200 OK 486 B URL GET HTTP/1.1 0040.ru/06-18/js/price.js
IP
ASN #197695 Domain names registrar REG.RU, Ltd
Hash a5e248d585792c2d98c768c30c21d1d1
5ffd4853f631539d5dac4e585cdea27c47f59085
51c84784f23a8b8b9495b3273f80d9886d424d38514d31a94033a93ee3025d08
NIDS Severity Alert suricata medium ET ADWARE_PUP All Numerical .ru Domain HTTP Request Likely Malware Related
GET /06-18/js/price.js HTTP/1.1
Host: 0040.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://0040.ru/en/
Cookie: tplVer=06-18
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Vary: Accept-Encoding
Content-Encoding: gzip
Last-Modified: Mon, 08 Aug 2022 12:00:02 GMT
ETag: "1099992028"
Content-Type: application/javascript
Accept-Ranges: bytes
Expires: Sun, 24 Nov 2024 20:27:54 GMT
Cache-Control: max-age=31104000
Content-Length: 486
Date: Thu, 30 Nov 2023 20:27:54 GMT
Server: lighttpd/1.4.45
0040.ru/06-18/svg/price/domain_parking_icons-04.svg
200 OK 2.6 kB URL GET HTTP/1.1 0040.ru/06-18/svg/price/domain_parking_icons-04.svg
IP
ASN #197695 Domain names registrar REG.RU, Ltd
File type SVG Scalable Vector Graphics image\012- , ASCII text
Hash 89bc3088ee6bd17e9c2ac09604eb86b7
d8cc486c8befd2ba71201e1d5a21ff37844531fc
d812967b818069d409b0527d88e9de6f5e472162fb618fbb539e8188edb660d4
NIDS Severity Alert suricata medium ET ADWARE_PUP All Numerical .ru Domain HTTP Request Likely Malware Related
GET /06-18/svg/price/domain_parking_icons-04.svg HTTP/1.1
Host: 0040.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://0040.ru/en/
Cookie: tplVer=06-18
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: image/svg+xml
Accept-Ranges: bytes
ETag: "3228780257"
Last-Modified: Mon, 08 Aug 2022 12:00:02 GMT
Expires: Sun, 24 Nov 2024 20:27:54 GMT
Cache-Control: max-age=31104000
Content-Length: 2636
Date: Thu, 30 Nov 2023 20:27:54 GMT
Server: lighttpd/1.4.45
0040.ru/06-18/css/img/132/f-1.png
200 OK 2.9 kB URL GET HTTP/1.1 0040.ru/06-18/css/img/132/f-1.png
IP
ASN #197695 Domain names registrar REG.RU, Ltd
File type PNG image data, 90 x 50, 8-bit/color RGBA, non-interlaced\012- data
Hash 6ce50f188bf46c93e4e8a2b022f7af05
b31b11155a223d75423211357ce3363360190958
9afc548112ed8b722487aba5c57b697ba4b7ce260af6de5f9f9973fc624283ea
NIDS Severity Alert suricata medium ET ADWARE_PUP All Numerical .ru Domain HTTP Request Likely Malware Related
GET /06-18/css/img/132/f-1.png HTTP/1.1
Host: 0040.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://0040.ru/en/
Cookie: tplVer=06-18
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: image/png
Accept-Ranges: bytes
ETag: "987055869"
Last-Modified: Mon, 08 Aug 2022 12:00:01 GMT
Expires: Sun, 24 Nov 2024 20:27:54 GMT
Cache-Control: max-age=31104000
Content-Length: 2870
Date: Thu, 30 Nov 2023 20:27:54 GMT
Server: lighttpd/1.4.45
0040.ru/06-18/css/img/132/f-2.png
200 OK 1.7 kB URL GET HTTP/1.1 0040.ru/06-18/css/img/132/f-2.png
IP
ASN #197695 Domain names registrar REG.RU, Ltd
File type PNG image data, 90 x 50, 8-bit colormap, non-interlaced\012- data
Hash edfa9f4d58976df09485f51f80ce42e4
1db29b1ac4fda3c1f827c370f5cac23e9406c4b5
7d436dbba2d27823c7fa5506a01ef27ca2420aeb0dfb233a079d5466b190e9bf
NIDS Severity Alert suricata medium ET ADWARE_PUP All Numerical .ru Domain HTTP Request Likely Malware Related
GET /06-18/css/img/132/f-2.png HTTP/1.1
Host: 0040.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://0040.ru/en/
Cookie: tplVer=06-18
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: image/png
Accept-Ranges: bytes
ETag: "693388833"
Last-Modified: Mon, 08 Aug 2022 12:00:01 GMT
Expires: Sun, 24 Nov 2024 20:27:54 GMT
Cache-Control: max-age=31104000
Content-Length: 1667
Date: Thu, 30 Nov 2023 20:27:54 GMT
Server: lighttpd/1.4.45
0040.ru/06-18/css/img/132/f-3.png
200 OK 1.8 kB URL GET HTTP/1.1 0040.ru/06-18/css/img/132/f-3.png
IP
ASN #197695 Domain names registrar REG.RU, Ltd
File type PNG image data, 90 x 50, 8-bit colormap, non-interlaced\012- data
Hash f12af287873bd7c443214b0bb9ea8898
d30e86c304501a073959e287a26425d5149842c2
17024a042b16fbf09bfdc189441c3d5370ade70c6425cb7ae48bb53ec8500882
NIDS Severity Alert suricata medium ET ADWARE_PUP All Numerical .ru Domain HTTP Request Likely Malware Related
GET /06-18/css/img/132/f-3.png HTTP/1.1
Host: 0040.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://0040.ru/en/
Cookie: tplVer=06-18
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: image/png
Accept-Ranges: bytes
ETag: "1263748669"
Last-Modified: Mon, 08 Aug 2022 12:00:01 GMT
Expires: Sun, 24 Nov 2024 20:27:54 GMT
Cache-Control: max-age=31104000
Content-Length: 1803
Date: Thu, 30 Nov 2023 20:27:54 GMT
Server: lighttpd/1.4.45
0040.ru/06-18/css/img/132/Ellipse%201.png
200 OK 3.6 kB URL GET HTTP/1.1 0040.ru/06-18/css/img/132/Ellipse%201.png
IP
ASN #197695 Domain names registrar REG.RU, Ltd
File type PNG image data, 162 x 162, 8-bit colormap, non-interlaced\012- data
Hash 927151672bda7f393f5d674e3b5099a3
6336f4c47509011c51cfe92f4f15cea2642e15dd
74a9a2878db4a21174251a1fc0973d5ed65e6aadd31c921d1ceb416585652612
NIDS Severity Alert suricata medium ET ADWARE_PUP All Numerical .ru Domain HTTP Request Likely Malware Related
GET /06-18/css/img/132/Ellipse%201.png HTTP/1.1
Host: 0040.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://0040.ru/en/
Cookie: tplVer=06-18
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: image/png
Accept-Ranges: bytes
ETag: "443565735"
Last-Modified: Mon, 08 Aug 2022 12:00:01 GMT
Expires: Sun, 24 Nov 2024 20:27:54 GMT
Cache-Control: max-age=31104000
Content-Length: 3551
Date: Thu, 30 Nov 2023 20:27:54 GMT
Server: lighttpd/1.4.45
0040.ru/06-18/css/img/132/Ellipse%203.png
200 OK 3.6 kB URL GET HTTP/1.1 0040.ru/06-18/css/img/132/Ellipse%203.png
IP
ASN #197695 Domain names registrar REG.RU, Ltd
File type PNG image data, 162 x 162, 8-bit colormap, non-interlaced\012- data
Hash db367c57466d43ab9c04be5bedbde12d
bf1548aee41c383314049ce05a4a2860a45a23a7
71b77fbbadc1884b0bf9e4880021e67f7d7785187ab143e25de99c7d28e37780
NIDS Severity Alert suricata medium ET ADWARE_PUP All Numerical .ru Domain HTTP Request Likely Malware Related
GET /06-18/css/img/132/Ellipse%203.png HTTP/1.1
Host: 0040.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://0040.ru/en/
Cookie: tplVer=06-18
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: image/png
Accept-Ranges: bytes
ETag: "1316898465"
Last-Modified: Mon, 08 Aug 2022 12:00:01 GMT
Expires: Sun, 24 Nov 2024 20:27:54 GMT
Cache-Control: max-age=31104000
Content-Length: 3609
Date: Thu, 30 Nov 2023 20:27:54 GMT
Server: lighttpd/1.4.45
0040.ru/06-18/css/img/132/cd-icon-user.svg
200 OK 830 B URL GET HTTP/1.1 0040.ru/06-18/css/img/132/cd-icon-user.svg
IP
ASN #197695 Domain names registrar REG.RU, Ltd
File type SVG Scalable Vector Graphics image\012- SVG XML document\012- XML 1.0 document text\012- SVG XML document\012- XML document text\012- exported SGML document text\012- exported SGML document, ASCII text
Hash 1a3d551f8edbc5cf33f40dbb36340e7b
b655e533e7def8c086e10bd65ef5a2ffbf3445bc
f71827b48527a83dbdc327a74c6a33fd3932c010d98aead0ae107ceb406856db
NIDS Severity Alert suricata medium ET ADWARE_PUP All Numerical .ru Domain HTTP Request Likely Malware Related
GET /06-18/css/img/132/cd-icon-user.svg HTTP/1.1
Host: 0040.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://0040.ru/en/
Cookie: tplVer=06-18
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: image/svg+xml
Accept-Ranges: bytes
ETag: "3536991544"
Last-Modified: Mon, 08 Aug 2022 12:00:01 GMT
Expires: Sun, 24 Nov 2024 20:27:54 GMT
Cache-Control: max-age=31104000
Content-Length: 830
Date: Thu, 30 Nov 2023 20:27:54 GMT
Server: lighttpd/1.4.45
0040.ru/06-18/css/img/132/Ellipse%202.png
200 OK 3.0 kB URL GET HTTP/1.1 0040.ru/06-18/css/img/132/Ellipse%202.png
IP
ASN #197695 Domain names registrar REG.RU, Ltd
File type PNG image data, 162 x 162, 8-bit colormap, non-interlaced\012- data
Hash 099a35e1ef1bcdd32e3e989abcf593ac
d5ff605674e009de0370ea462cd5e0854c94f495
ddc72e96a427efa6c94003e9bb3e2ab153d7b4050db5472d6e645326c3fdffee
NIDS Severity Alert suricata medium ET ADWARE_PUP All Numerical .ru Domain HTTP Request Likely Malware Related
GET /06-18/css/img/132/Ellipse%202.png HTTP/1.1
Host: 0040.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://0040.ru/en/
Cookie: tplVer=06-18
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: image/png
Accept-Ranges: bytes
ETag: "1325352621"
Last-Modified: Mon, 08 Aug 2022 12:00:01 GMT
Expires: Sun, 24 Nov 2024 20:27:54 GMT
Cache-Control: max-age=31104000
Content-Length: 3008
Date: Thu, 30 Nov 2023 20:27:54 GMT
Server: lighttpd/1.4.45
0040.ru/06-18/css/img/cd-icon-user.svg
200 OK 827 B URL GET HTTP/1.1 0040.ru/06-18/css/img/cd-icon-user.svg
IP
ASN #197695 Domain names registrar REG.RU, Ltd
File type SVG Scalable Vector Graphics image\012- SVG XML document\012- XML 1.0 document text\012- SVG XML document\012- XML document text\012- exported SGML document text\012- exported SGML document, ASCII text
Hash aa4925003ba66fbc03632763a5bd778b
23d717ed8798b2f78f3af373f2c01adfe775c08b
3cec85dfcd1c37c9e91a2bf9f6358a84ff65213764ec042a9edfb2e05a79678a
NIDS Severity Alert suricata medium ET ADWARE_PUP All Numerical .ru Domain HTTP Request Likely Malware Related
GET /06-18/css/img/cd-icon-user.svg HTTP/1.1
Host: 0040.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://0040.ru/06-18/css/feedback-form.css?1
Cookie: tplVer=06-18
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: image/svg+xml
Accept-Ranges: bytes
ETag: "3697243448"
Last-Modified: Mon, 08 Aug 2022 12:00:01 GMT
Expires: Sun, 24 Nov 2024 20:27:55 GMT
Cache-Control: max-age=31104000
Content-Length: 827
Date: Thu, 30 Nov 2023 20:27:55 GMT
Server: lighttpd/1.4.45
0040.ru/06-18/css/img/cd-icon-email.svg
200 OK 1.0 kB URL GET HTTP/1.1 0040.ru/06-18/css/img/cd-icon-email.svg
IP
ASN #197695 Domain names registrar REG.RU, Ltd
File type SVG Scalable Vector Graphics image\012- SVG XML document\012- XML 1.0 document text\012- SVG XML document\012- XML document text\012- exported SGML document text\012- exported SGML document, ASCII text
Hash 964b69ff395c8f787f82c07cfb8a413e
2c83117b8ee78fa8ba1ec721c02cb6b5bdd7c8ed
0cf7fc7d05c4d877ca9b1da089f509c82b71cd6416bfce7c262799c3bf00b095
NIDS Severity Alert suricata medium ET ADWARE_PUP All Numerical .ru Domain HTTP Request Likely Malware Related
GET /06-18/css/img/cd-icon-email.svg HTTP/1.1
Host: 0040.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://0040.ru/06-18/css/feedback-form.css?1
Cookie: tplVer=06-18
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: image/svg+xml
Accept-Ranges: bytes
ETag: "3941746222"
Last-Modified: Mon, 08 Aug 2022 12:00:01 GMT
Expires: Sun, 24 Nov 2024 20:27:55 GMT
Cache-Control: max-age=31104000
Content-Length: 1003
Date: Thu, 30 Nov 2023 20:27:55 GMT
Server: lighttpd/1.4.45
0040.ru/06-18/css/img/cd-icon-phone.svg
200 OK 770 B URL GET HTTP/1.1 0040.ru/06-18/css/img/cd-icon-phone.svg
IP
ASN #197695 Domain names registrar REG.RU, Ltd
File type SVG Scalable Vector Graphics image\012- HTML document text\012- HTML document, ASCII text, with very long lines (770), with no line terminators
Hash bb9b84407d2dfbbb7181f106e014e085
e2909d9556fddc47b5f5364dd463d7b8828a704d
c7551d795eae826d965e95bb1b8d62cf6183952b05b468f79398c59302854c93
NIDS Severity Alert suricata medium ET ADWARE_PUP All Numerical .ru Domain HTTP Request Likely Malware Related
GET /06-18/css/img/cd-icon-phone.svg HTTP/1.1
Host: 0040.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://0040.ru/06-18/css/feedback-form.css?1
Cookie: tplVer=06-18
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: image/svg+xml
Accept-Ranges: bytes
ETag: "2413757734"
Last-Modified: Mon, 08 Aug 2022 12:00:01 GMT
Expires: Sun, 24 Nov 2024 20:27:55 GMT
Cache-Control: max-age=31104000
Content-Length: 770
Date: Thu, 30 Nov 2023 20:27:55 GMT
Server: lighttpd/1.4.45
0040.ru/06-18/css/img/cd-icon-message.svg
200 OK 876 B URL GET HTTP/1.1 0040.ru/06-18/css/img/cd-icon-message.svg
IP
ASN #197695 Domain names registrar REG.RU, Ltd
File type SVG Scalable Vector Graphics image\012- SVG XML document\012- XML 1.0 document text\012- SVG XML document\012- XML document text\012- exported SGML document text\012- exported SGML document, ASCII text
Hash 041b2573b6dd9ce55cb11fe380f8b74e
bdbfbd111eabd4fa84171074bba4c65bdc0ee263
96c824bbc8426989a5d67d159621f98db40b2f19bc5fb1c20b71d8ff7c8e39b9
NIDS Severity Alert suricata medium ET ADWARE_PUP All Numerical .ru Domain HTTP Request Likely Malware Related
GET /06-18/css/img/cd-icon-message.svg HTTP/1.1
Host: 0040.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://0040.ru/06-18/css/feedback-form.css?1
Cookie: tplVer=06-18
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: image/svg+xml
Accept-Ranges: bytes
ETag: "2363428152"
Last-Modified: Mon, 08 Aug 2022 12:00:01 GMT
Expires: Sun, 24 Nov 2024 20:27:55 GMT
Cache-Control: max-age=31104000
Content-Length: 876
Date: Thu, 30 Nov 2023 20:27:55 GMT
Server: lighttpd/1.4.45
0040.ru/06-18/css/img/cd-required.svg
200 OK 517 B URL GET HTTP/1.1 0040.ru/06-18/css/img/cd-required.svg
IP
ASN #197695 Domain names registrar REG.RU, Ltd
File type SVG Scalable Vector Graphics image\012- SVG XML document\012- XML 1.0 document text\012- SVG XML document\012- XML document text\012- exported SGML document text\012- exported SGML document, ASCII text
Hash 658eeec632afde435ab18edfab05b7ee
1cf84f28cd4f9f4011e49b774434877ebe7e384d
a0cda536df638d94c189d7f68a3fd77d1e287d8e9d64a70df5102f80f6d8e140
NIDS Severity Alert suricata medium ET ADWARE_PUP All Numerical .ru Domain HTTP Request Likely Malware Related
GET /06-18/css/img/cd-required.svg HTTP/1.1
Host: 0040.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://0040.ru/06-18/css/feedback-form.css?1
Cookie: tplVer=06-18
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: image/svg+xml
Accept-Ranges: bytes
ETag: "3965596962"
Last-Modified: Mon, 08 Aug 2022 12:00:01 GMT
Expires: Sun, 24 Nov 2024 20:27:55 GMT
Cache-Control: max-age=31104000
Content-Length: 517
Date: Thu, 30 Nov 2023 20:27:55 GMT
Server: lighttpd/1.4.45
0040.ru/06-18/css/img/cd-icon-close.svg
200 OK 714 B URL GET HTTP/1.1 0040.ru/06-18/css/img/cd-icon-close.svg
IP
ASN #197695 Domain names registrar REG.RU, Ltd
File type SVG Scalable Vector Graphics image\012- SVG XML document\012- XML 1.0 document text\012- SVG XML document\012- XML document text\012- exported SGML document text\012- exported SGML document, ASCII text
Hash 924da9294e6b0526ee21c7194a534820
c208b1b7ae7b0bd9737bd47f8f2de606b29b3966
73995c81e71a85d6583f0a6a7ad9a7c248c78cd6b6f76e0b94a124bc27122d8a
NIDS Severity Alert suricata medium ET ADWARE_PUP All Numerical .ru Domain HTTP Request Likely Malware Related
GET /06-18/css/img/cd-icon-close.svg HTTP/1.1
Host: 0040.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://0040.ru/06-18/css/feedback-form.css?1
Cookie: tplVer=06-18
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: image/svg+xml
Accept-Ranges: bytes
ETag: "3990824230"
Last-Modified: Mon, 08 Aug 2022 12:00:01 GMT
Expires: Sun, 24 Nov 2024 20:27:55 GMT
Cache-Control: max-age=31104000
Content-Length: 714
Date: Thu, 30 Nov 2023 20:27:55 GMT
Server: lighttpd/1.4.45
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
200 OK 16 kB URL GET HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
IP
Certificate IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintE5:79:1F:1A:04:3F:B9:B0:FB:41:4E:B5:E5:97:AD:FE:D9:2C:4A:CD
ValidityMon, 23 Oct 2023 11:24:07 GMT - Mon, 15 Jan 2024 11:24:06 GMT
File type Web Open Font Format (Version 2), TrueType, length 15860, version 1.0\012- data
Hash e9f5aaf547f165386cd313b995dddd8e
acdef5603c2387b0e5bffd744b679a24a8bc1968
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
GET /s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://0040.ru
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15860
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 29 Nov 2023 21:52:12 GMT
expires: Thu, 28 Nov 2024 21:52:12 GMT
cache-control: public, max-age=31536000
age: 81343
last-modified: Wed, 11 May 2022 19:24:42 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
200 OK 16 kB URL GET HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
IP
Certificate IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintE5:79:1F:1A:04:3F:B9:B0:FB:41:4E:B5:E5:97:AD:FE:D9:2C:4A:CD
ValidityMon, 23 Oct 2023 11:24:07 GMT - Mon, 15 Jan 2024 11:24:06 GMT
File type Web Open Font Format (Version 2), TrueType, length 15744, version 1.0\012- data
Hash 15d9f621c3bd1599f0169dcf0bd5e63e
7ca9c5967f3bb8bffeab24b639b49c1e7d03fa52
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://0040.ru
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15744
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 27 Nov 2023 23:43:03 GMT
expires: Tue, 26 Nov 2024 23:43:03 GMT
cache-control: public, max-age=31536000
age: 247492
last-modified: Wed, 11 May 2022 19:24:48 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
0040.ru/06-18/favicons/favicon.png
200 OK 839 B URL GET HTTP/1.1 0040.ru/06-18/favicons/favicon.png
IP
ASN #197695 Domain names registrar REG.RU, Ltd
File type PNG image data, 57 x 57, 8-bit/color RGBA, non-interlaced\012- data
Hash eca5ec07507bf9d0b2c397bbf755db9f
f5a99699f457404021b103eaaf919c31a73c0999
5a7b61b2dc6d0ce486f4b1dfabd3692e914d8bc1322cb363c8ebcf56b650b79e
NIDS Severity Alert suricata medium ET ADWARE_PUP All Numerical .ru Domain HTTP Request Likely Malware Related
GET /06-18/favicons/favicon.png HTTP/1.1
Host: 0040.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://0040.ru/en/
Cookie: tplVer=06-18
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: image/png
Accept-Ranges: bytes
ETag: "3422160184"
Last-Modified: Mon, 08 Aug 2022 12:00:01 GMT
Expires: Sun, 24 Nov 2024 20:27:55 GMT
Cache-Control: max-age=31104000
Content-Length: 839
Date: Thu, 30 Nov 2023 20:27:55 GMT
Server: lighttpd/1.4.45
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2
200 OK 16 kB URL GET HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2
IP
Certificate IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintE5:79:1F:1A:04:3F:B9:B0:FB:41:4E:B5:E5:97:AD:FE:D9:2C:4A:CD
ValidityMon, 23 Oct 2023 11:24:07 GMT - Mon, 15 Jan 2024 11:24:06 GMT
File type Web Open Font Format (Version 2), TrueType, length 15740, version 1.0\012- data
Hash b9c29351c46f3e8c8631c4002457f48a
e57e59c5780995ff2937ab2b511a769212974a87
f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef
GET /s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://0040.ru
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15740
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 30 Nov 2023 05:05:31 GMT
expires: Fri, 29 Nov 2024 05:05:31 GMT
cache-control: public, max-age=31536000
age: 55344
last-modified: Wed, 11 May 2022 19:24:56 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
0040.ru/06-18/css/img/broker/icon_speach_dark.png
200 OK 2.8 kB URL GET HTTP/1.1 0040.ru/06-18/css/img/broker/icon_speach_dark.png
IP
ASN #197695 Domain names registrar REG.RU, Ltd
File type PNG image data, 160 x 80, 8-bit/color RGBA, non-interlaced\012- data
Hash 3e12c52cea2f04567c85a9b9e203e345
fda7d88066f1edc69c2aa937830fa2e72e1e59d7
890af91caf280616fc974951515acb7014e59638970da75cc807a36fddb83678
NIDS Severity Alert suricata medium ET ADWARE_PUP All Numerical .ru Domain HTTP Request Likely Malware Related
GET /06-18/css/img/broker/icon_speach_dark.png HTTP/1.1
Host: 0040.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://0040.ru/06-18/css/broker132.css
Cookie: tplVer=06-18
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: image/png
Accept-Ranges: bytes
ETag: "1029588704"
Last-Modified: Mon, 08 Aug 2022 12:00:01 GMT
Expires: Sun, 24 Nov 2024 20:27:55 GMT
Cache-Control: max-age=31104000
Content-Length: 2755
Date: Thu, 30 Nov 2023 20:27:55 GMT
Server: lighttpd/1.4.45
0040.ru/06-18/css/img/broker/girl.png
200 OK 12 kB URL GET HTTP/1.1 0040.ru/06-18/css/img/broker/girl.png
IP
ASN #197695 Domain names registrar REG.RU, Ltd
File type PNG image data, 262 x 192, 8-bit/color RGBA, non-interlaced\012- data
Hash 445fccc09cc2a3e81740b54e05f8c8ab
397e9b99f71db39faf062fc509adeef12b7a8dea
f825de1d44006d8e9b8a212da550b6b67f2d9cc44182c43c9867a10db647d95c
NIDS Severity Alert suricata medium ET ADWARE_PUP All Numerical .ru Domain HTTP Request Likely Malware Related
GET /06-18/css/img/broker/girl.png HTTP/1.1
Host: 0040.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://0040.ru/06-18/css/broker132.css
Cookie: tplVer=06-18
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: image/png
Accept-Ranges: bytes
ETag: "3206031092"
Last-Modified: Mon, 08 Aug 2022 12:00:01 GMT
Expires: Sun, 24 Nov 2024 20:27:55 GMT
Cache-Control: max-age=31104000
Content-Length: 11453
Date: Thu, 30 Nov 2023 20:27:55 GMT
Server: lighttpd/1.4.45
maxcdn.bootstrapcdn.com/bootstrap/3.3.7/css/bootstrap.min.css
200 OK 21 kB URL GET HTTP/2 maxcdn.bootstrapcdn.com/bootstrap/3.3.7/css/bootstrap.min.css
IP
Certificate IssuerGoogle Trust Services LLC
Subjectbootstrapcdn.com
Fingerprint34:BC:91:5F:B9:EC:32:2C:D9:73:C7:88:C3:6C:FB:77:E7:70:8D:04
ValidityThu, 30 Nov 2023 00:15:17 GMT - Wed, 28 Feb 2024 00:15:16 GMT
File type ASCII text, with very long lines (65371)
Hash ec3bb52a00e176a7181d454dffaea219
6527d8bf3e1e9368bab8c7b60f56bc01fa3afd68
f75e846cc83bd11432f4b1e21a45f31bc85283d11d372f7b19accd1bf6a2635c
GET /bootstrap/3.3.7/css/bootstrap.min.css HTTP/1.1
Host: maxcdn.bootstrapcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://0040.ru/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 30 Nov 2023 20:27:54 GMT
content-type: text/css; charset=utf-8
vary: Accept-Encoding
cdn-pullzone: 252412
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestcountrycode: DE
access-control-allow-origin: *
cache-control: public, max-age=31919000
etag: W/"ec3bb52a00e176a7181d454dffaea219"
last-modified: Mon, 25 Jan 2021 22:03:59 GMT
cdn-cachedat: 10/31/2023 18:59:36
cdn-proxyver: 1.04
cdn-requestpullcode: 200
cdn-requestpullsuccess: True
cdn-edgestorageid: 1078
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
cdn-status: 200
cdn-requestid: a99131ed71793c235969f4741b45dd0f
cdn-cache: HIT
cf-cache-status: HIT
age: 563055
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 82e5d57298e056cb-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
200 OK 16 kB URL GET HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
IP
Certificate IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintE5:79:1F:1A:04:3F:B9:B0:FB:41:4E:B5:E5:97:AD:FE:D9:2C:4A:CD
ValidityMon, 23 Oct 2023 11:24:07 GMT - Mon, 15 Jan 2024 11:24:06 GMT
File type Web Open Font Format (Version 2), TrueType, length 15920, version 1.0\012- data
Hash 3a44e06eb954b96aa043227f3534189d
23cef6993ddb2b2979e8e7647fc3763694e2ba7d
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
GET /s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://0040.ru
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15920
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 30 Nov 2023 04:53:07 GMT
expires: Fri, 29 Nov 2024 04:53:07 GMT
cache-control: public, max-age=31536000
age: 56088
last-modified: Wed, 11 May 2022 19:24:45 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu5mxKOzY.woff2
200 OK 9.6 kB URL GET HTTP/3 fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu5mxKOzY.woff2
IP
Certificate IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintE5:79:1F:1A:04:3F:B9:B0:FB:41:4E:B5:E5:97:AD:FE:D9:2C:4A:CD
ValidityMon, 23 Oct 2023 11:24:07 GMT - Mon, 15 Jan 2024 11:24:06 GMT
File type Web Open Font Format (Version 2), TrueType, length 9628, version 1.0\012- data
Hash d9ac47c7e500fb7083b8d595eaf6fe12
112a2fc5f4ff9b85ee3a706fa9b8c47f79b05933
495d38d4b9741e8aa4204002414069e2d8db9f3c60b60e195e4d74381462dee9
GET /s/roboto/v30/KFOmCnqEu92Fr1Mu5mxKOzY.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://0040.ru
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 9628
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 29 Nov 2023 21:48:40 GMT
expires: Thu, 28 Nov 2024 21:48:40 GMT
cache-control: public, max-age=31536000
age: 81555
last-modified: Wed, 11 May 2022 19:24:42 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
0040.ru/06-18/css/img/132/header-bg-3.jpg
200 OK 580 kB URL GET HTTP/1.1 0040.ru/06-18/css/img/132/header-bg-3.jpg
IP
ASN #197695 Domain names registrar REG.RU, Ltd
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1600x600, components 3\012- data
Size 580 kB (579552 bytes)
Hash 73c5ecaa721150b51ac6bbb4fa46a45e
c9e7e6668f5ea0afd694781b13c5080056e4e3db
7cda717e57fb98a0f2b37b9e0208bf0fd99c1b059a137266e4b805d69a37cd5f
NIDS Severity Alert suricata medium ET ADWARE_PUP All Numerical .ru Domain HTTP Request Likely Malware Related
GET /06-18/css/img/132/header-bg-3.jpg HTTP/1.1
Host: 0040.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://0040.ru/06-18/css/price.css?74
Cookie: tplVer=06-18
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: image/jpeg
Accept-Ranges: bytes
ETag: "781192229"
Last-Modified: Mon, 08 Aug 2022 12:00:01 GMT
Expires: Sun, 24 Nov 2024 20:27:55 GMT
Cache-Control: max-age=31104000
Content-Length: 579552
Date: Thu, 30 Nov 2023 20:27:55 GMT
Server: lighttpd/1.4.45
maxcdn.bootstrapcdn.com/font-awesome/4.6.3/fonts/fontawesome-webfont.woff2?v=4.6.3
200 OK 72 kB URL GET HTTP/3 maxcdn.bootstrapcdn.com/font-awesome/4.6.3/fonts/fontawesome-webfont.woff2?v=4.6.3
IP
Certificate IssuerGoogle Trust Services LLC
Subjectbootstrapcdn.com
Fingerprint34:BC:91:5F:B9:EC:32:2C:D9:73:C7:88:C3:6C:FB:77:E7:70:8D:04
ValidityThu, 30 Nov 2023 00:15:17 GMT - Wed, 28 Feb 2024 00:15:16 GMT
File type Web Open Font Format (Version 2), TrueType, length 71896, version 4.393\012- data
Hash e6cf7c6ec7c2d6f670ae9d762604cb0b
97e438cc545714309882fbceadbf344fcaddcec5
7dacf83f51179de8d7980a513e67ab3a08f2c6272bb5946df8fd77c0d1763b73
GET /font-awesome/4.6.3/fonts/fontawesome-webfont.woff2?v=4.6.3 HTTP/1.1
Host: maxcdn.bootstrapcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://0040.ru
DNT: 1
Connection: keep-alive
Referer: https://maxcdn.bootstrapcdn.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 30 Nov 2023 20:27:55 GMT
content-type: font/woff2
content-length: 71896
cdn-pullzone: 252412
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestcountrycode: DE
access-control-allow-origin: *
cache-control: public, max-age=31919000
etag: "e6cf7c6ec7c2d6f670ae9d762604cb0b"
last-modified: Mon, 25 Jan 2021 22:04:55 GMT
cdn-cachedat: 10/31/2023 18:59:59
cdn-proxyver: 1.04
cdn-requestpullcode: 200
cdn-requestpullsuccess: True
cdn-edgestorageid: 1076
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
cdn-status: 200
cdn-requestid: 8eeac05ced1ed1693ac75db09b577ef9
cdn-cache: HIT
cf-cache-status: MISS
accept-ranges: bytes
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 82e5d578ee3a56a4-OSL
alt-svc: h3=":443"; ma=86400
maxcdn.bootstrapcdn.com/font-awesome/4.6.3/css/font-awesome.min.css
200 OK 29 kB URL GET HTTP/2 maxcdn.bootstrapcdn.com/font-awesome/4.6.3/css/font-awesome.min.css
IP
Certificate IssuerGoogle Trust Services LLC
Subjectbootstrapcdn.com
Fingerprint34:BC:91:5F:B9:EC:32:2C:D9:73:C7:88:C3:6C:FB:77:E7:70:8D:04
ValidityThu, 30 Nov 2023 00:15:17 GMT - Wed, 28 Feb 2024 00:15:16 GMT
File type ASCII text, with very long lines (28900)
Hash 4083f5d376eb849a458cc790b53ba080
fb5b49426dee7f1508500e698d1b3c6b04c8fcce
008a1d103902f15fdb1c191fcb1ce8954330e7b8de43d09abb08555ba609f420
GET /font-awesome/4.6.3/css/font-awesome.min.css HTTP/1.1
Host: maxcdn.bootstrapcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://0040.ru/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 30 Nov 2023 20:27:54 GMT
content-type: text/css; charset=utf-8
vary: Accept-Encoding
cdn-pullzone: 252412
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestcountrycode: DE
access-control-allow-origin: *
cache-control: public, max-age=31919000
etag: W/"4083f5d376eb849a458cc790b53ba080"
last-modified: Mon, 25 Jan 2021 22:04:55 GMT
cdn-cachedat: 11/11/2022 02:14:14
cdn-proxyver: 1.03
cdn-requestpullcode: 200
cdn-requestpullsuccess: True
cdn-edgestorageid: 1047
cdn-status: 200
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
cdn-requestid: 601a9a422917d5011204b75b2a4627c5
cdn-cache: HIT
cf-cache-status: HIT
age: 742601
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 82e5d572a8e756cb-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Roboto:100,300,400,500,700
200 OK 11 kB URL GET HTTP/2 fonts.googleapis.com/css?family=Roboto:100,300,400,500,700
IP
Certificate IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
FingerprintCC:96:E0:52:E0:9B:EA:A9:A0:F8:88:9A:90:20:11:47:61:00:3C:42
ValidityMon, 23 Oct 2023 11:24:07 GMT - Mon, 15 Jan 2024 11:24:06 GMT
Hash dbdc7ee435c6a7f4277bfc7fedf28368
8194a5d7e0108bed7abb001d8bf2b8985a5aa2ca
91b113cbf5aedc9b93ceebe313863344b1ead775a618a7e9f31f9e98dbbdf227
GET /css?family=Roboto:100,300,400,500,700 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://0040.ru/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Thu, 30 Nov 2023 20:27:55 GMT
date: Thu, 30 Nov 2023 20:27:55 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
domainparking.ru/partner/parking?callback=parking&ver=1
200 OK 755 B URL GET HTTP/2 domainparking.ru/partner/parking?callback=parking&ver=1
IP
ASN #197695 Domain names registrar REG.RU, Ltd
Certificate IssuerGlobalSign nv-sa
Subject*.domainparking.ru
Fingerprint44:C9:01:76:ED:32:B0:60:E1:7C:16:15:93:18:93:65:6D:B2:C1:D4
ValidityMon, 20 Mar 2023 08:46:39 GMT - Sat, 20 Apr 2024 08:46:38 GMT
File type ASCII text, with very long lines (887), with no line terminators
Hash d236f39251b956968b8a777bc775e4d9
c6448baf4f2a3e8cca9975d5b6d6342567736ffc
72a8246442201c50fca57cb1dfbfa9bb90279089ee8fa12b5c3fde589f32c2d2
GET /partner/parking?callback=parking&ver=1 HTTP/1.1
Host: domainparking.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://0040.ru/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Thu, 30 Nov 2023 20:27:55 GMT
content-type: application/x-javascript; charset=utf-8
set-cookie: PHPSESSID=qpceuh0gck23gsl5tb5ch88udm; path=/
expires: Tue, 11 Jun 1985 05:00:00 GMT
last-modified: Thu, 30 Nov 2023 20:27:55 GMT
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
pragma: no-cache
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
X-Firefox-Spdy: h2
0040.ru/06-18/svg/price/domain_parking_icons-06.svg
200 OK 832 B URL GET HTTP/1.1 0040.ru/06-18/svg/price/domain_parking_icons-06.svg
IP
ASN #197695 Domain names registrar REG.RU, Ltd
File type SVG Scalable Vector Graphics image\012- XML document text\012- exported SGML document, ASCII text, with very long lines (889), with no line terminators
Hash b4da6afc0852c4709c14a0dba4cedabc
1d0b6b802ba2bf1b83b407bcd656808aa5989a32
b8c8d02982bf514bdda51cfb6d53b634e1dc0ea425279d24c2d3be9aa3270594
NIDS Severity Alert suricata medium ET ADWARE_PUP All Numerical .ru Domain HTTP Request Likely Malware Related
GET /06-18/svg/price/domain_parking_icons-06.svg HTTP/1.1
Host: 0040.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://0040.ru/06-18/css/price.css?74
Cookie: tplVer=06-18
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: image/svg+xml
Accept-Ranges: bytes
ETag: "3458141499"
Last-Modified: Mon, 08 Aug 2022 12:00:02 GMT
Expires: Sun, 24 Nov 2024 20:27:55 GMT
Cache-Control: max-age=31104000
Content-Length: 832
Date: Thu, 30 Nov 2023 20:27:55 GMT
Server: lighttpd/1.4.45
31.31.205.163
142.250.74.99
104.18.11.207