rg4u.clan.su/dir/sport/federacii/khanty_mansijskaja_gorodskaja_obshhestvennaja_organizacija_federacija_khudozhestvennoj_gimnastiki/226-1-0-535
213.174.157.136200 OK 178 B URL User Request GET HTTP/1.1 rg4u.clan.su/dir/sport/federacii/khanty_mansijskaja_gorodskaja_obshhestvennaja_organizacija_federacija_khudozhestvennoj_gimnastiki/226-1-0-535
IP 213.174.157.136:80
ASN #39572 DataWeb Global Group B.V.
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash cd2e0e43980a00fb6a2742d3afd803b8
81ffbd1712afe8cdf138b570c0fc9934742c33c1
bd9df047d51943acc4bc6cf55d88edb5b6785a53337ee2a0f74dd521aedde87d
NIDS Severity Alert suricata medium ET POLICY HTTP Request to .su TLD (Soviet Union) Often Malware Related
GET /dir/sport/federacii/khanty_mansijskaja_gorodskaja_obshhestvennaja_organizacija_federacija_khudozhestvennoj_gimnastiki/226-1-0-535 HTTP/1.1
Host: rg4u.clan.su
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Mon, 05 Jun 2023 06:40:31 GMT
Content-Type: text/html
Content-Length: 178
Connection: keep-alive
Keep-Alive: timeout=15
Location: http://rg4u.clan.su/dir/sport/federacii/khanty_mansijskaja_gorodskaja_obshhestvennaja_organizacija_federacija_khudozhestvennoj_gimnastiki/226-1-0-535
X-Frame-Options: SAMEORIGIN
rg4u.clan.su/dir/sport/federacii/khanty_mansijskaja_gorodskaja_obshhestvennaja_organizacija_federacija_khudozhestvennoj_gimnastiki/226-1-0-535
213.174.157.136200 OK 20 kB URL User Request GET HTTP/1.1 rg4u.clan.su/dir/sport/federacii/khanty_mansijskaja_gorodskaja_obshhestvennaja_organizacija_federacija_khudozhestvennoj_gimnastiki/226-1-0-535
IP 213.174.157.136:80
ASN #39572 DataWeb Global Group B.V.
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document, Unicode text, UTF-8 text, with very long lines (7281)
Hash 6c1a0b2ca0cf3e8a61dd7c984843cb0f
d6a507f340d2fd1a91c2fba576c5282278abbeb7
cefb8a4ce8493214af243d5ee9f70fe91c3414354508249c098e21719a252a10
NIDS Severity Alert suricata medium ET POLICY HTTP Request to .su TLD (Soviet Union) Often Malware Related
GET /dir/sport/federacii/khanty_mansijskaja_gorodskaja_obshhestvennaja_organizacija_federacija_khudozhestvennoj_gimnastiki/226-1-0-535 HTTP/1.1
Host: rg4u.clan.su
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 05 Jun 2023 06:40:31 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=15
Set-Cookie: 6rg4uuCoz=; path=/; expires=Sat, 05-Jun-2021 06:40:31 GMT; HttpOnly; domain=.rg4u.clan.su
6rg4udr=FwJeg31k; path=/; expires=Tue, 04-Jun-2024 06:40:31 GMT; domain=.rg4u.clan.su
6rg4uuzll=1685947231; path=/; expires=Tue, 04-Jun-2024 06:40:31 GMT; domain=.rg4u.clan.su
ucvid=tlA224S03d; domain=clan.su; path=/; expires=Tue, 04-Jun-2024 06:40:31 GMT
Pragma: no-cache
Vary: host
Last-Modified: Mon, 05 Jun 2023 06:37:02 GMT
Cache-Control: no-cache,no-store, private
Content-Encoding: gzip
www.google.com/recaptcha/api.js?onload=reCallback&render=explicit&hl=ru
142.250.74.132200 OK 581 B URL GET HTTP/2 www.google.com/recaptcha/api.js?onload=reCallback&render=explicit&hl=ru
IP 142.250.74.132:443
Requested by http://rg4u.clan.su/dir/sport/federacii/khanty_mansijskaja_gorodskaja_obshhestvennaja_organizacija_federacija_khudozhestvennoj_gimnastiki/226-1-0-535
Certificate IssuerGoogle Trust Services LLC
Subjectwww.google.com
FingerprintA8:95:C3:CB:D6:3F:BC:0A:7D:FF:36:72:5E:2F:56:26:9F:EB:77:0E
ValidityFri, 19 May 2023 12:58:13 GMT - Fri, 11 Aug 2023 12:58:12 GMT
File type ASCII text, with very long lines (905), with no line terminators
Hash a9e9245f6dfbc6448e65d19a8a8e33e1
4eaecece5dd18d26eef7055c342c2ebe47b786d5
a0b963179f38bc77c2064701a4f43c47b93953aa4cae2a4d418c76bcecbf6a92
GET /recaptcha/api.js?onload=reCallback&render=explicit&hl=ru HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://rg4u.clan.su/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
expires: Mon, 05 Jun 2023 06:40:33 GMT
date: Mon, 05 Jun 2023 06:40:33 GMT
cache-control: private, max-age=300
content-type: text/javascript; charset=UTF-8
cross-origin-resource-policy: cross-origin
content-encoding: gzip
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-security-policy: frame-ancestors 'self'
x-xss-protection: 1; mode=block
content-length: 581
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
rg4u.clan.su/.s/src/ulightbox/ulightbox.min.css
213.174.157.136200 OK 1.4 kB URL GET HTTP/1.1 rg4u.clan.su/.s/src/ulightbox/ulightbox.min.css
IP 213.174.157.136:80
ASN #39572 DataWeb Global Group B.V.
Requested by http://rg4u.clan.su/dir/sport/federacii/khanty_mansijskaja_gorodskaja_obshhestvennaja_organizacija_federacija_khudozhestvennoj_gimnastiki/226-1-0-535
File type ASCII text, with very long lines (4552), with no line terminators
Hash a05316c4712b56d4de87d83d57fc9a74
22db34df3400db68355d8b3e06c01c4f964ad484
5ddb669cd05d5c481a798631d2bd02b041950600ebaa4d419833fe0f01a04955
NIDS Severity Alert suricata medium ET POLICY HTTP Request to .su TLD (Soviet Union) Often Malware Related
GET /.s/src/ulightbox/ulightbox.min.css HTTP/1.1
Host: rg4u.clan.su
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://rg4u.clan.su/dir/sport/federacii/khanty_mansijskaja_gorodskaja_obshhestvennaja_organizacija_federacija_khudozhestvennoj_gimnastiki/226-1-0-535
Cookie: 6rg4udr=FwJeg31k; 6rg4uuzll=1685947231; ucvid=tlA224S03d
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 05 Jun 2023 06:40:31 GMT
Content-Type: text/css
Last-Modified: Tue, 24 May 2022 12:36:45 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=15
ETag: W/"628cd15d-11c8"
Expires: Sun, 25 Jun 2023 06:40:31 GMT
Cache-Control: max-age=1728000
X-Frame-Options: SAMEORIGIN
Content-Encoding: gzip
rg4u.clan.su/.s/src/socCom.min.css
213.174.157.136200 OK 1.5 kB URL GET HTTP/1.1 rg4u.clan.su/.s/src/socCom.min.css
IP 213.174.157.136:80
ASN #39572 DataWeb Global Group B.V.
Requested by http://rg4u.clan.su/dir/sport/federacii/khanty_mansijskaja_gorodskaja_obshhestvennaja_organizacija_federacija_khudozhestvennoj_gimnastiki/226-1-0-535
File type ASCII text, with very long lines (4930), with no line terminators
Hash a0cef58781102493161f73355462363b
142bda5abd593947316e7d3b99b49818cb2666a9
80222802f348b441b45e8b0549da7fc5fd9a832ca91f446ce37784f367dabcbb
NIDS Severity Alert suricata medium ET POLICY HTTP Request to .su TLD (Soviet Union) Often Malware Related
GET /.s/src/socCom.min.css HTTP/1.1
Host: rg4u.clan.su
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://rg4u.clan.su/dir/sport/federacii/khanty_mansijskaja_gorodskaja_obshhestvennaja_organizacija_federacija_khudozhestvennoj_gimnastiki/226-1-0-535
Cookie: 6rg4udr=FwJeg31k; 6rg4uuzll=1685947231; ucvid=tlA224S03d
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 05 Jun 2023 06:40:31 GMT
Content-Type: text/css
Last-Modified: Wed, 05 Apr 2023 11:26:49 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=15
ETag: W/"642d5af9-1342"
Expires: Sun, 25 Jun 2023 06:40:31 GMT
Cache-Control: max-age=1728000
X-Frame-Options: SAMEORIGIN
Content-Encoding: gzip
rg4u.clan.su/.s/src/social.css
213.174.157.136200 OK 610 B URL GET HTTP/1.1 rg4u.clan.su/.s/src/social.css
IP 213.174.157.136:80
ASN #39572 DataWeb Global Group B.V.
Requested by http://rg4u.clan.su/dir/sport/federacii/khanty_mansijskaja_gorodskaja_obshhestvennaja_organizacija_federacija_khudozhestvennoj_gimnastiki/226-1-0-535
File type ASCII text, with very long lines (442)
Hash 917872d4bcfea5e238f1f02cef7a9596
84c5e7eb25c8d7b11639ea428a9fac50bab26f84
12c919cc8994233c2f67bdcf1185997781ccfe1ce3405308e31bfd33d260bd74
NIDS Severity Alert suricata medium ET POLICY HTTP Request to .su TLD (Soviet Union) Often Malware Related
GET /.s/src/social.css HTTP/1.1
Host: rg4u.clan.su
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://rg4u.clan.su/dir/sport/federacii/khanty_mansijskaja_gorodskaja_obshhestvennaja_organizacija_federacija_khudozhestvennoj_gimnastiki/226-1-0-535
Cookie: 6rg4udr=FwJeg31k; 6rg4uuzll=1685947231; ucvid=tlA224S03d
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 05 Jun 2023 06:40:31 GMT
Content-Type: text/css
Last-Modified: Wed, 01 Dec 2021 11:13:55 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=15
ETag: W/"61a758f3-9b8"
Expires: Sun, 25 Jun 2023 06:40:31 GMT
Cache-Control: max-age=1728000
X-Frame-Options: SAMEORIGIN
Content-Encoding: gzip
rg4u.clan.su/.s/src/socCom.min.js
213.174.157.136200 OK 1.6 kB URL GET HTTP/1.1 rg4u.clan.su/.s/src/socCom.min.js
IP 213.174.157.136:80
ASN #39572 DataWeb Global Group B.V.
Requested by http://rg4u.clan.su/dir/sport/federacii/khanty_mansijskaja_gorodskaja_obshhestvennaja_organizacija_federacija_khudozhestvennoj_gimnastiki/226-1-0-535
File type ASCII text, with very long lines (4079), with no line terminators
Hash b3ae3806a2d5d103d9759bd8e74fffef
fe02d0c200d5c0ed5c14bd0006f736aca0215ff1
c89ad18e16b3216c8fc878ecd6b79441f3fc8733781c976d3b866912da6a1bcd
NIDS Severity Alert suricata medium ET POLICY HTTP Request to .su TLD (Soviet Union) Often Malware Related
GET /.s/src/socCom.min.js HTTP/1.1
Host: rg4u.clan.su
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://rg4u.clan.su/dir/sport/federacii/khanty_mansijskaja_gorodskaja_obshhestvennaja_organizacija_federacija_khudozhestvennoj_gimnastiki/226-1-0-535
Cookie: 6rg4udr=FwJeg31k; 6rg4uuzll=1685947231; ucvid=tlA224S03d
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 05 Jun 2023 06:40:31 GMT
Content-Type: text/javascript
Last-Modified: Wed, 05 Apr 2023 11:26:49 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=15
ETag: W/"642d5af9-fef"
Expires: Sun, 25 Jun 2023 06:40:31 GMT
Cache-Control: max-age=1728000
X-Frame-Options: SAMEORIGIN
Content-Encoding: gzip
s106.ucoz.net/cgi/uutils.fcg?a=uSD&ca=2&ug=999&isp=1&r=0.18291961115165
213.174.157.136200 OK 0 B URL GET HTTP/1.1 s106.ucoz.net/cgi/uutils.fcg?a=uSD&ca=2&ug=999&isp=1&r=0.18291961115165
IP 213.174.157.136:80
ASN #39572 DataWeb Global Group B.V.
Requested by http://rg4u.clan.su/dir/sport/federacii/khanty_mansijskaja_gorodskaja_obshhestvennaja_organizacija_federacija_khudozhestvennoj_gimnastiki/226-1-0-535
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /cgi/uutils.fcg?a=uSD&ca=2&ug=999&isp=1&r=0.18291961115165 HTTP/1.1
Host: s106.ucoz.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://rg4u.clan.su/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 05 Jun 2023 06:40:32 GMT
Content-Type: application/javascript; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=15
translate.google.com/translate_a/element.js?cb=googleTranslateElementInit
216.58.211.14301 Moved Permanently 0 B URL GET HTTP/1.1 translate.google.com/translate_a/element.js?cb=googleTranslateElementInit
IP 216.58.211.14:80
Requested by http://rg4u.clan.su/dir/sport/federacii/khanty_mansijskaja_gorodskaja_obshhestvennaja_organizacija_federacija_khudozhestvennoj_gimnastiki/226-1-0-535
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /translate_a/element.js?cb=googleTranslateElementInit HTTP/1.1
Host: translate.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://rg4u.clan.su/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 301 Moved Permanently
Content-Type: application/binary
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Pragma: no-cache
Expires: Mon, 01 Jan 1990 00:00:00 GMT
Date: Mon, 05 Jun 2023 06:40:33 GMT
Location: https://translate.google.com/translate_a/element.js?cb=googleTranslateElementInit
Cross-Origin-Opener-Policy: same-origin-allow-popups
Server: ESF
Content-Length: 0
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
rg4u.clan.su/.s/src/base.min.css
213.174.157.136200 OK 6.2 kB URL GET HTTP/1.1 rg4u.clan.su/.s/src/base.min.css
IP 213.174.157.136:80
ASN #39572 DataWeb Global Group B.V.
Requested by http://rg4u.clan.su/dir/sport/federacii/khanty_mansijskaja_gorodskaja_obshhestvennaja_organizacija_federacija_khudozhestvennoj_gimnastiki/226-1-0-535
File type ASCII text, with very long lines (24519), with no line terminators
Hash cfa5d689b5b2f45ea3e3cf33415da504
dd71774375b3808c4483688e68833113c6e2c236
55998c0419cad6f5f33925fa11a2a38fd7586d3a5c9315f279d2b42a310460d2
NIDS Severity Alert suricata medium ET POLICY HTTP Request to .su TLD (Soviet Union) Often Malware Related
GET /.s/src/base.min.css HTTP/1.1
Host: rg4u.clan.su
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://rg4u.clan.su/dir/sport/federacii/khanty_mansijskaja_gorodskaja_obshhestvennaja_organizacija_federacija_khudozhestvennoj_gimnastiki/226-1-0-535
Cookie: 6rg4udr=FwJeg31k; 6rg4uuzll=1685947231; ucvid=tlA224S03d
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 05 Jun 2023 06:40:32 GMT
Content-Type: text/css
Last-Modified: Tue, 02 May 2023 08:55:13 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=15
ETag: W/"6450cff1-5fc7"
Expires: Sun, 25 Jun 2023 06:40:32 GMT
Cache-Control: max-age=1728000
X-Frame-Options: SAMEORIGIN
Content-Encoding: gzip
rg4u.clan.su/.s/src/layer1.min.css
213.174.157.136200 OK 5.2 kB URL GET HTTP/1.1 rg4u.clan.su/.s/src/layer1.min.css
IP 213.174.157.136:80
ASN #39572 DataWeb Global Group B.V.
Requested by http://rg4u.clan.su/dir/sport/federacii/khanty_mansijskaja_gorodskaja_obshhestvennaja_organizacija_federacija_khudozhestvennoj_gimnastiki/226-1-0-535
File type ASCII text, with very long lines (21729), with no line terminators
Hash 32af6fca85835ec698c63ec72acd1e2b
b74d5ab5d8fe26c416952ea856f14287b2cc5f6d
91a71b6d37f987c374523e5390829d4e8909ada3884949a3cbb8a9a2692e763b
NIDS Severity Alert suricata medium ET POLICY HTTP Request to .su TLD (Soviet Union) Often Malware Related
GET /.s/src/layer1.min.css HTTP/1.1
Host: rg4u.clan.su
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://rg4u.clan.su/dir/sport/federacii/khanty_mansijskaja_gorodskaja_obshhestvennaja_organizacija_federacija_khudozhestvennoj_gimnastiki/226-1-0-535
Cookie: 6rg4udr=FwJeg31k; 6rg4uuzll=1685947231; ucvid=tlA224S03d
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 05 Jun 2023 06:40:32 GMT
Content-Type: text/css
Last-Modified: Thu, 27 Apr 2023 12:44:56 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=15
ETag: W/"644a6e48-54e1"
Expires: Sun, 25 Jun 2023 06:40:32 GMT
Cache-Control: max-age=1728000
X-Frame-Options: SAMEORIGIN
Content-Encoding: gzip
rg4u.clan.su/_st/my.css
213.174.157.136200 OK 6.0 kB IP 213.174.157.136:80
ASN #39572 DataWeb Global Group B.V.
Requested by http://rg4u.clan.su/dir/sport/federacii/khanty_mansijskaja_gorodskaja_obshhestvennaja_organizacija_federacija_khudozhestvennoj_gimnastiki/226-1-0-535
File type assembler source, Unicode text, UTF-8 text, with very long lines (409)
Hash 23a898a858f0d1da4ffc82353e4531c9
c7760897fae386f2df57127420de86ddd474af66
9683f999d8a04153585ee2f27221372f4a1aca4ab22d8ec96ba42d12c73ed3bb
NIDS Severity Alert suricata medium ET POLICY HTTP Request to .su TLD (Soviet Union) Often Malware Related
suricata medium ET POLICY HTTP Request to .su TLD (Soviet Union) Often Malware Related
GET /_st/my.css HTTP/1.1
Host: rg4u.clan.su
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://rg4u.clan.su/dir/sport/federacii/khanty_mansijskaja_gorodskaja_obshhestvennaja_organizacija_federacija_khudozhestvennoj_gimnastiki/226-1-0-535
Cookie: 6rg4udr=FwJeg31k; 6rg4uuzll=1685947231; ucvid=tlA224S03d
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 05 Jun 2023 06:40:31 GMT
Content-Type: text/css
Last-Modified: Sat, 10 Oct 2020 17:11:36 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=15
ETag: W/"5f81eb48-6eb4"
Expires: Sun, 25 Jun 2023 06:40:31 GMT
Cache-Control: max-age=1728000
X-Frame-Options: SAMEORIGIN
Content-Encoding: gzip
rg4u.clan.su/.s/src/ulightbox/ulightbox.min.js
213.174.157.136200 OK 7.7 kB URL GET HTTP/1.1 rg4u.clan.su/.s/src/ulightbox/ulightbox.min.js
IP 213.174.157.136:80
ASN #39572 DataWeb Global Group B.V.
Requested by http://rg4u.clan.su/dir/sport/federacii/khanty_mansijskaja_gorodskaja_obshhestvennaja_organizacija_federacija_khudozhestvennoj_gimnastiki/226-1-0-535
File type ASCII text, with very long lines (22313), with no line terminators
Hash 862f093f507f858ee329c39576f1c041
f3da76f6d4071020bf9c82ddbcbb1ad95d74108f
a0c876daa26fa9e875abc22a4e88e310a20ea1fdb45451e4af22b907dbf22da8
NIDS Severity Alert suricata medium ET POLICY HTTP Request to .su TLD (Soviet Union) Often Malware Related
GET /.s/src/ulightbox/ulightbox.min.js HTTP/1.1
Host: rg4u.clan.su
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://rg4u.clan.su/dir/sport/federacii/khanty_mansijskaja_gorodskaja_obshhestvennaja_organizacija_federacija_khudozhestvennoj_gimnastiki/226-1-0-535
Cookie: 6rg4udr=FwJeg31k; 6rg4uuzll=1685947231; ucvid=tlA224S03d
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 05 Jun 2023 06:40:31 GMT
Content-Type: text/javascript
Last-Modified: Wed, 05 Apr 2023 11:27:00 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=15
ETag: W/"642d5b04-5729"
Expires: Sun, 25 Jun 2023 06:40:31 GMT
Cache-Control: max-age=1728000
X-Frame-Options: SAMEORIGIN
Content-Encoding: gzip
rg4u.clan.su/.s/src/video.css
213.174.157.136200 OK 6.4 kB URL GET HTTP/1.1 rg4u.clan.su/.s/src/video.css
IP 213.174.157.136:80
ASN #39572 DataWeb Global Group B.V.
Requested by http://rg4u.clan.su/dir/sport/federacii/khanty_mansijskaja_gorodskaja_obshhestvennaja_organizacija_federacija_khudozhestvennoj_gimnastiki/226-1-0-535
File type ASCII text, with very long lines (1526)
Hash 1ff68247c5c4aec969a39aba029f1b0c
a5e214620bce0e79e8c9c02190caf477da3e23a9
0e443a3521fbf57d7b706886805474e607dea288f97ed13e483a1d919ce0c923
NIDS Severity Alert suricata medium ET POLICY HTTP Request to .su TLD (Soviet Union) Often Malware Related
GET /.s/src/video.css HTTP/1.1
Host: rg4u.clan.su
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://rg4u.clan.su/dir/sport/federacii/khanty_mansijskaja_gorodskaja_obshhestvennaja_organizacija_federacija_khudozhestvennoj_gimnastiki/226-1-0-535
Cookie: 6rg4udr=FwJeg31k; 6rg4uuzll=1685947231; ucvid=tlA224S03d
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 05 Jun 2023 06:40:32 GMT
Content-Type: text/css
Last-Modified: Mon, 16 Jul 2018 12:25:34 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=15
ETag: W/"5b4c8ebe-6e2f"
Expires: Sun, 25 Jun 2023 06:40:32 GMT
Cache-Control: max-age=1728000
X-Frame-Options: SAMEORIGIN
Content-Encoding: gzip
rg4u.clan.su/js/afisha01.js?144
213.174.157.136200 OK 1.6 kB URL GET HTTP/1.1 rg4u.clan.su/js/afisha01.js?144
IP 213.174.157.136:80
ASN #39572 DataWeb Global Group B.V.
Requested by http://rg4u.clan.su/dir/sport/federacii/khanty_mansijskaja_gorodskaja_obshhestvennaja_organizacija_federacija_khudozhestvennoj_gimnastiki/226-1-0-535
File type Unicode text, UTF-8 (with BOM) text
Hash 2d2030b18ca12a5f2c8ad81268a07ede
21144f696ba8893f0fa3d5f06334098af2806d3d
f6cfd1f45c65154efb470726785796e7941fd38830c19181dbc14645f94b357e
NIDS Severity Alert suricata medium ET POLICY HTTP Request to .su TLD (Soviet Union) Often Malware Related
GET /js/afisha01.js?144 HTTP/1.1
Host: rg4u.clan.su
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://rg4u.clan.su/dir/sport/federacii/khanty_mansijskaja_gorodskaja_obshhestvennaja_organizacija_federacija_khudozhestvennoj_gimnastiki/226-1-0-535
Cookie: 6rg4udr=FwJeg31k; 6rg4uuzll=1685947231; ucvid=tlA224S03d
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 05 Jun 2023 06:40:32 GMT
Content-Type: text/javascript
Last-Modified: Fri, 24 Feb 2023 13:51:14 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=15
ETag: W/"63f8c0d2-eda"
Expires: Sun, 25 Jun 2023 06:40:32 GMT
Cache-Control: max-age=1728000
X-Frame-Options: SAMEORIGIN
Content-Encoding: gzip
rg4u.clan.su/.s/src/uwnd.min.js
213.174.157.136200 OK 57 kB URL GET HTTP/1.1 rg4u.clan.su/.s/src/uwnd.min.js
IP 213.174.157.136:80
ASN #39572 DataWeb Global Group B.V.
Requested by http://rg4u.clan.su/dir/sport/federacii/khanty_mansijskaja_gorodskaja_obshhestvennaja_organizacija_federacija_khudozhestvennoj_gimnastiki/226-1-0-535
File type ASCII text, with very long lines (65536), with no line terminators
Hash 0e2dd07983ad50fa9205b6a9d24bc79f
8eafe02a75c83f60d40d1cee73e2770805e54a9e
8993dbc5102beb8dc4ebfef06873c26198d0f2913627399034816b16715336ad
NIDS Severity Alert suricata medium ET POLICY HTTP Request to .su TLD (Soviet Union) Often Malware Related
GET /.s/src/uwnd.min.js HTTP/1.1
Host: rg4u.clan.su
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://rg4u.clan.su/dir/sport/federacii/khanty_mansijskaja_gorodskaja_obshhestvennaja_organizacija_federacija_khudozhestvennoj_gimnastiki/226-1-0-535
Cookie: 6rg4udr=FwJeg31k; 6rg4uuzll=1685947231; ucvid=tlA224S03d
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 05 Jun 2023 06:40:32 GMT
Content-Type: text/javascript
Last-Modified: Mon, 25 Apr 2022 10:32:26 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=15
ETag: W/"626678ba-3334b"
Expires: Sun, 25 Jun 2023 06:40:32 GMT
Cache-Control: max-age=1728000
X-Frame-Options: SAMEORIGIN
Content-Encoding: gzip
rg4u.clan.su/.s/src/jquery-1.12.4.min.js
213.174.157.136200 OK 34 kB URL GET HTTP/1.1 rg4u.clan.su/.s/src/jquery-1.12.4.min.js
IP 213.174.157.136:80
ASN #39572 DataWeb Global Group B.V.
Requested by http://rg4u.clan.su/mchat/
File type ASCII text, with very long lines (32077)
Hash 4f252523d4af0b478c810c2547a63e19
5a9dcfbef655a2668e78baebeaa8dc6f41d8dabb
668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404
NIDS Severity Alert suricata medium ET POLICY HTTP Request to .su TLD (Soviet Union) Often Malware Related
suricata medium ET POLICY HTTP Request to .su TLD (Soviet Union) Often Malware Related
GET /.s/src/jquery-1.12.4.min.js HTTP/1.1
Host: rg4u.clan.su
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://rg4u.clan.su/dir/sport/federacii/khanty_mansijskaja_gorodskaja_obshhestvennaja_organizacija_federacija_khudozhestvennoj_gimnastiki/226-1-0-535
Cookie: 6rg4udr=FwJeg31k; 6rg4uuzll=1685947231; ucvid=tlA224S03d
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 05 Jun 2023 06:40:32 GMT
Content-Type: text/javascript
Last-Modified: Wed, 05 Apr 2023 11:26:48 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=15
ETag: W/"642d5af8-17b8b"
Expires: Sun, 25 Jun 2023 06:40:32 GMT
Cache-Control: max-age=1728000
X-Frame-Options: SAMEORIGIN
Content-Encoding: gzip
sys000.ucoz.net/cgi/uutils.fcg?a=soc_comment_get_data&site=6rg4u
195.216.243.224200 OK 337 B URL GET HTTP/1.1 sys000.ucoz.net/cgi/uutils.fcg?a=soc_comment_get_data&site=6rg4u
IP 195.216.243.224:80
Requested by http://rg4u.clan.su/dir/sport/federacii/khanty_mansijskaja_gorodskaja_obshhestvennaja_organizacija_federacija_khudozhestvennoj_gimnastiki/226-1-0-535
Hash 1ae652f6af4e94763227a2d1b4ac90f4
2d86af2c5cba3f944f28aaab25739d9b64cbeddb
686124ad778417dca88c8a468ce2a3e16b6a1a025a679632ca8e2c55d61532fd
GET /cgi/uutils.fcg?a=soc_comment_get_data&site=6rg4u HTTP/1.1
Host: sys000.ucoz.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://rg4u.clan.su/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 05 Jun 2023 06:40:35 GMT
Content-Type: application/javascript; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=15
P3P: CP="CAO PSA OUR"
Set-Cookie: uSoc=; path=/; expires=Sun, 05-Jun-2022 06:40:36 GMT; domain=.ucoz.net; SameSite=None; Secure
uSoc101=; path=/; expires=Sun, 05-Jun-2022 06:40:36 GMT; domain=.ucoz.net; SameSite=None; Secure
uSoc102=; path=/; expires=Sun, 05-Jun-2022 06:40:36 GMT; domain=.ucoz.net; SameSite=None; Secure
uSoc107=; path=/; expires=Sun, 05-Jun-2022 06:40:36 GMT; domain=.ucoz.net; SameSite=None; Secure
uSoc109=; path=/; expires=Sun, 05-Jun-2022 06:40:36 GMT; domain=.ucoz.net; SameSite=None; Secure
Cache-Control: no-cache,no-store
Pragma: no-cache
Vary: host,Accept-Encoding
Content-Encoding: gzip
rg4u.clan.su/.s/img/1px.gif
213.174.157.136200 OK 43 B URL GET HTTP/1.1 rg4u.clan.su/.s/img/1px.gif
IP 213.174.157.136:80
ASN #39572 DataWeb Global Group B.V.
Requested by http://rg4u.clan.su/dir/sport/federacii/khanty_mansijskaja_gorodskaja_obshhestvennaja_organizacija_federacija_khudozhestvennoj_gimnastiki/226-1-0-535
File type GIF image data, version 89a, 1 x 1\012- data
Hash 325472601571f31e1bf00674c368d335
2daeaa8b5f19f0bc209d976c02bd6acb51b00b0a
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
NIDS Severity Alert suricata medium ET POLICY HTTP Request to .su TLD (Soviet Union) Often Malware Related
GET /.s/img/1px.gif HTTP/1.1
Host: rg4u.clan.su
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://rg4u.clan.su/dir/sport/federacii/khanty_mansijskaja_gorodskaja_obshhestvennaja_organizacija_federacija_khudozhestvennoj_gimnastiki/226-1-0-535
Cookie: 6rg4udr=FwJeg31k; 6rg4uuzll=1685947231; ucvid=tlA224S03d
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 05 Jun 2023 06:40:34 GMT
Content-Type: image/gif
Content-Length: 43
Last-Modified: Wed, 05 Apr 2023 11:26:09 GMT
Connection: keep-alive
Keep-Alive: timeout=15
ETag: "642d5ad1-2b"
Expires: Sun, 25 Jun 2023 06:40:34 GMT
Cache-Control: max-age=1728000
X-Frame-Options: SAMEORIGIN
Accept-Ranges: bytes
rg4u.clan.su/img/video.gif
213.174.157.136200 OK 99 B URL GET HTTP/1.1 rg4u.clan.su/img/video.gif
IP 213.174.157.136:80
ASN #39572 DataWeb Global Group B.V.
Requested by http://rg4u.clan.su/dir/sport/federacii/khanty_mansijskaja_gorodskaja_obshhestvennaja_organizacija_federacija_khudozhestvennoj_gimnastiki/226-1-0-535
File type GIF image data, version 89a, 14 x 12\012- data
Hash 6ebdcf673bb43def52aecb61282aee72
210c36cae85fd92dca539a89601bc2b866cd1007
9d2b759f6e72ed813fe36c382dbeb882d6857f50ccc6e53793a556a1403c9fd1
NIDS Severity Alert suricata medium ET POLICY HTTP Request to .su TLD (Soviet Union) Often Malware Related
GET /img/video.gif HTTP/1.1
Host: rg4u.clan.su
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://rg4u.clan.su/dir/sport/federacii/khanty_mansijskaja_gorodskaja_obshhestvennaja_organizacija_federacija_khudozhestvennoj_gimnastiki/226-1-0-535
Cookie: 6rg4udr=FwJeg31k; 6rg4uuzll=1685947231; ucvid=tlA224S03d
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 05 Jun 2023 06:40:34 GMT
Content-Type: image/gif
Content-Length: 99
Last-Modified: Fri, 29 Jul 2011 05:01:58 GMT
Connection: keep-alive
Keep-Alive: timeout=15
ETag: "4e323ec6-63"
Expires: Sun, 25 Jun 2023 06:40:34 GMT
Cache-Control: max-age=1728000
X-Frame-Options: SAMEORIGIN
Accept-Ranges: bytes
www.gstatic.com/_/translate_http/_/ss/k=translate_http.tr.vneFu3d_4ck.L.F4.O/d=0/rs=AN8SPfrNa1b9K5rCmaIpu9SqE3A5sBDBfg/m=el_main_css
142.250.74.99200 OK 4.2 kB URL GET HTTP/2 www.gstatic.com/_/translate_http/_/ss/k=translate_http.tr.vneFu3d_4ck.L.F4.O/d=0/rs=AN8SPfrNa1b9K5rCmaIpu9SqE3A5sBDBfg/m=el_main_css
IP 142.250.74.99:443
Requested by http://rg4u.clan.su/dir/sport/federacii/khanty_mansijskaja_gorodskaja_obshhestvennaja_organizacija_federacija_khudozhestvennoj_gimnastiki/226-1-0-535
Certificate IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintC8:5A:9A:D9:6A:F5:00:15:5B:5D:99:FE:FE:CA:1D:7C:19:4D:F8:D5
ValidityFri, 19 May 2023 12:57:42 GMT - Fri, 11 Aug 2023 12:57:41 GMT
File type ASCII text, with very long lines (23228), with no line terminators
Hash edf649e1b11a33833272345187bd4eec
73427e2ab282e5f89021e1c7d20f83eaf9830283
553d768412bca504a0c8771705f681dad359370bdcea637298ca5aa486017a06
GET /_/translate_http/_/ss/k=translate_http.tr.vneFu3d_4ck.L.F4.O/d=0/rs=AN8SPfrNa1b9K5rCmaIpu9SqE3A5sBDBfg/m=el_main_css HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://rg4u.clan.su/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/rosetta
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="rosetta"
report-to: {"group":"rosetta","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/rosetta"}]}
content-length: 4205
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 31 May 2023 00:51:33 GMT
expires: Thu, 30 May 2024 00:51:33 GMT
cache-control: public, max-age=31536000
age: 452942
last-modified: Sun, 12 Mar 2023 00:11:57 GMT
content-type: text/css; charset=UTF-8
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
rg4u.clan.su/.s/t/291/1.gif
213.174.157.136200 OK 859 B URL GET HTTP/1.1 rg4u.clan.su/.s/t/291/1.gif
IP 213.174.157.136:80
ASN #39572 DataWeb Global Group B.V.
Requested by http://rg4u.clan.su/dir/sport/federacii/khanty_mansijskaja_gorodskaja_obshhestvennaja_organizacija_federacija_khudozhestvennoj_gimnastiki/226-1-0-535
File type GIF image data, version 89a, 5 x 155\012- data
Hash a0848367e091941de0f73d96d601deb6
e6316c39bcca4383a08210607b5ed18e9dc584fd
93eca1935b273aaac0d9b9c4f2577df53b6228cecddd8267dab9686c028ec378
NIDS Severity Alert suricata medium ET POLICY HTTP Request to .su TLD (Soviet Union) Often Malware Related
GET /.s/t/291/1.gif HTTP/1.1
Host: rg4u.clan.su
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://rg4u.clan.su/dir/sport/federacii/khanty_mansijskaja_gorodskaja_obshhestvennaja_organizacija_federacija_khudozhestvennoj_gimnastiki/226-1-0-535
Cookie: 6rg4udr=FwJeg31k; 6rg4uuzll=1685947231; ucvid=tlA224S03d
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 05 Jun 2023 06:40:34 GMT
Content-Type: image/gif
Content-Length: 859
Last-Modified: Wed, 03 Dec 2014 12:48:38 GMT
Connection: keep-alive
Keep-Alive: timeout=15
ETag: "547f06a6-35b"
Expires: Sun, 25 Jun 2023 06:40:34 GMT
Cache-Control: max-age=1728000
X-Frame-Options: SAMEORIGIN
Accept-Ranges: bytes
rg4u.clan.su/imgrm/motus.gif
213.174.157.136200 OK 9.3 kB URL GET HTTP/1.1 rg4u.clan.su/imgrm/motus.gif
IP 213.174.157.136:80
ASN #39572 DataWeb Global Group B.V.
Requested by http://rg4u.clan.su/dir/sport/federacii/khanty_mansijskaja_gorodskaja_obshhestvennaja_organizacija_federacija_khudozhestvennoj_gimnastiki/226-1-0-535
File type GIF image data, version 89a, 180 x 50\012- data
Hash 4572bda208e8d626daf3378d6ddc7148
0a9e3317ccd5f30b5fce0a5f68751f07e757da75
b5edb40e3adf3508564e1e3019f89819836e53ea408d95c998ed218187278a91
NIDS Severity Alert suricata medium ET POLICY HTTP Request to .su TLD (Soviet Union) Often Malware Related
GET /imgrm/motus.gif HTTP/1.1
Host: rg4u.clan.su
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://rg4u.clan.su/dir/sport/federacii/khanty_mansijskaja_gorodskaja_obshhestvennaja_organizacija_federacija_khudozhestvennoj_gimnastiki/226-1-0-535
Cookie: 6rg4udr=FwJeg31k; 6rg4uuzll=1685947231; ucvid=tlA224S03d
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 05 Jun 2023 06:40:34 GMT
Content-Type: image/gif
Content-Length: 9314
Last-Modified: Mon, 03 Feb 2020 05:16:31 GMT
Connection: keep-alive
Keep-Alive: timeout=15
ETag: "5e37acaf-2462"
Expires: Sun, 25 Jun 2023 06:40:34 GMT
Cache-Control: max-age=1728000
X-Frame-Options: SAMEORIGIN
Accept-Ranges: bytes
rg4u.clan.su/imgrm/rsg-shop-180x123-RG4U.jpg
213.174.157.136200 OK 7.9 kB URL GET HTTP/1.1 rg4u.clan.su/imgrm/rsg-shop-180x123-RG4U.jpg
IP 213.174.157.136:80
ASN #39572 DataWeb Global Group B.V.
Requested by http://rg4u.clan.su/dir/sport/federacii/khanty_mansijskaja_gorodskaja_obshhestvennaja_organizacija_federacija_khudozhestvennoj_gimnastiki/226-1-0-535
File type JPEG image data, JFIF standard 1.02, resolution (DPCM), density 0x0, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1], comment: "ACD Systems Digital Imaging", baseline, precision 8, 180x123, components 3\012- data
Hash 0768ecb95b2285d8434e2e675eb4e1cb
2d07ab714b77b5236ab8d4b0217e605a8d744a63
8eb5bba69ba69a0ace87d5a93af026e8e157db838bba60eb2f40e587ab3f30ad
NIDS Severity Alert suricata medium ET POLICY HTTP Request to .su TLD (Soviet Union) Often Malware Related
GET /imgrm/rsg-shop-180x123-RG4U.jpg HTTP/1.1
Host: rg4u.clan.su
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://rg4u.clan.su/dir/sport/federacii/khanty_mansijskaja_gorodskaja_obshhestvennaja_organizacija_federacija_khudozhestvennoj_gimnastiki/226-1-0-535
Cookie: 6rg4udr=FwJeg31k; 6rg4uuzll=1685947231; ucvid=tlA224S03d
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 05 Jun 2023 06:40:34 GMT
Content-Type: image/jpeg
Content-Length: 7863
Last-Modified: Mon, 03 Feb 2020 05:37:00 GMT
Connection: keep-alive
Keep-Alive: timeout=15
ETag: "5e37b17c-1eb7"
Expires: Sun, 25 Jun 2023 06:40:34 GMT
Cache-Control: max-age=1728000
X-Frame-Options: SAMEORIGIN
Accept-Ranges: bytes
s05.flagcounter.com/count/aRp2/bg_FFECC7/txt_691400/border_691400/columns_2/maxflags_20/viewers_0/labels_0/pageviews_1/flags_0/
66.154.110.218200 OK 15 kB URL GET HTTP/1.1 s05.flagcounter.com/count/aRp2/bg_FFECC7/txt_691400/border_691400/columns_2/maxflags_20/viewers_0/labels_0/pageviews_1/flags_0/
IP 66.154.110.218:80
ASN #8100 ASN-QUADRANET-GLOBAL
Requested by http://rg4u.clan.su/dir/sport/federacii/khanty_mansijskaja_gorodskaja_obshhestvennaja_organizacija_federacija_khudozhestvennoj_gimnastiki/226-1-0-535
File type PNG image data, 150 x 202, 8-bit/color RGB, non-interlaced\012- data
Hash ece9c382b7b754ea811ff33363eff658
6ea1bb1d9262eaca9edb2d5163c48c23436b2022
5789ed8c37cadc123b41c516353f54177b2b48138e043277aa3c6a2c1d56b517
GET /count/aRp2/bg_FFECC7/txt_691400/border_691400/columns_2/maxflags_20/viewers_0/labels_0/pageviews_1/flags_0/ HTTP/1.1
Host: s05.flagcounter.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://rg4u.clan.su/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 05 Jun 2023 06:40:36 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips
Pragma: no-cache
Cache-control: no-cache
Connection: close
Transfer-Encoding: chunked
Content-Type: image/png
hm-gimnast.ru/img/logo.png
193.107.237.56200 OK 177 kB URL GET HTTP/1.1 hm-gimnast.ru/img/logo.png
IP 193.107.237.56:80
ASN #44128 Internet-Pro LLC
Requested by http://rg4u.clan.su/dir/sport/federacii/khanty_mansijskaja_gorodskaja_obshhestvennaja_organizacija_federacija_khudozhestvennoj_gimnastiki/226-1-0-535
File type PNG image data, 500 x 375, 8-bit/color RGBA, non-interlaced\012- data
Size 177 kB (177229 bytes)
Hash 4c2fb6d0a7f9ead37757f06c5f7d61b7
417258bb6afb4ae0f42d66450a02f8e8d2a16c02
921d312a66b4073e5949d135579b7118b3bb516152e31960e198b27c832aaa2b
GET /img/logo.png HTTP/1.1
Host: hm-gimnast.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://rg4u.clan.su/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.18.0
Date: Mon, 05 Jun 2023 06:40:35 GMT
Content-Type: image/png
Content-Length: 177229
Last-Modified: Tue, 06 Dec 2016 10:40:34 GMT
Connection: keep-alive
ETag: "584695a2-2b44d"
Expires: Tue, 04 Jun 2024 06:40:35 GMT
Cache-Control: max-age=31536000
Access-Control-Allow-Origin: *
Accept-Ranges: bytes
rg4u.clan.su/.s/t/291/4.gif
213.174.157.136200 OK 328 B URL GET HTTP/1.1 rg4u.clan.su/.s/t/291/4.gif
IP 213.174.157.136:80
ASN #39572 DataWeb Global Group B.V.
Requested by http://rg4u.clan.su/dir/sport/federacii/khanty_mansijskaja_gorodskaja_obshhestvennaja_organizacija_federacija_khudozhestvennoj_gimnastiki/226-1-0-535
File type GIF image data, version 89a, 6 x 36\012- data
Hash 369b4b6d9e495a5595c17021c545ec36
ea1feaeab2f304b815139dfd2bdc6beacd1cb041
19a0ef9596e3c798adb4ae87683aed83128b6f9c342a0ca865a31db346c9640f
NIDS Severity Alert suricata medium ET POLICY HTTP Request to .su TLD (Soviet Union) Often Malware Related
GET /.s/t/291/4.gif HTTP/1.1
Host: rg4u.clan.su
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://rg4u.clan.su/dir/sport/federacii/khanty_mansijskaja_gorodskaja_obshhestvennaja_organizacija_federacija_khudozhestvennoj_gimnastiki/226-1-0-535
Cookie: 6rg4udr=FwJeg31k; 6rg4uuzll=1685947231; ucvid=tlA224S03d
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 05 Jun 2023 06:40:34 GMT
Content-Type: image/gif
Content-Length: 328
Last-Modified: Wed, 03 Dec 2014 12:48:38 GMT
Connection: keep-alive
Keep-Alive: timeout=15
ETag: "547f06a6-148"
Expires: Sun, 25 Jun 2023 06:40:34 GMT
Cache-Control: max-age=1728000
X-Frame-Options: SAMEORIGIN
Accept-Ranges: bytes
rg4u.clan.su/_pu/0/16003675.jpg
213.174.157.136200 OK 12 kB URL GET HTTP/1.1 rg4u.clan.su/_pu/0/16003675.jpg
IP 213.174.157.136:80
ASN #39572 DataWeb Global Group B.V.
Requested by http://rg4u.clan.su/dir/sport/federacii/khanty_mansijskaja_gorodskaja_obshhestvennaja_organizacija_federacija_khudozhestvennoj_gimnastiki/226-1-0-535
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 70", baseline, precision 8, 200x262, components 3\012- data
Hash f217560c194f25ec6804ea4ea0be3c07
f0704257e49a12f756d6e67878ed9fb1a35415fa
1e82610750d7b4d630099e207808f8b9ec273a4e8736b12e23b57ae81a27e9d6
NIDS Severity Alert suricata medium ET POLICY HTTP Request to .su TLD (Soviet Union) Often Malware Related
GET /_pu/0/16003675.jpg HTTP/1.1
Host: rg4u.clan.su
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://rg4u.clan.su/dir/sport/federacii/khanty_mansijskaja_gorodskaja_obshhestvennaja_organizacija_federacija_khudozhestvennoj_gimnastiki/226-1-0-535
Cookie: 6rg4udr=FwJeg31k; 6rg4uuzll=1685947231; ucvid=tlA224S03d
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 05 Jun 2023 06:40:34 GMT
Content-Type: image/jpeg
Content-Length: 12057
Last-Modified: Wed, 25 Aug 2010 12:09:34 GMT
Connection: keep-alive
Keep-Alive: timeout=15
ETag: "4c7507fe-2f19"
Expires: Sun, 25 Jun 2023 06:40:34 GMT
Cache-Control: max-age=1728000
X-Frame-Options: SAMEORIGIN
Accept-Ranges: bytes
rg4u.clan.su/Image/posters/UTS.jpg
213.174.157.136200 OK 28 kB URL GET HTTP/1.1 rg4u.clan.su/Image/posters/UTS.jpg
IP 213.174.157.136:80
ASN #39572 DataWeb Global Group B.V.
Requested by http://rg4u.clan.su/dir/sport/federacii/khanty_mansijskaja_gorodskaja_obshhestvennaja_organizacija_federacija_khudozhestvennoj_gimnastiki/226-1-0-535
File type JPEG image data, JFIF standard 1.02, resolution (DPI), density 2111x2111, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CS Windows, datetime=2015:06:22 09:30:25], baseline, precision 8, 180x180, components 3\012- data
Hash c51b6ba681a6260c2f5f3a774956f3e6
cea6a1c8e16845cb3449e67a86899ecc66ed2fae
97d4e9bf998c12a060e2ea1ebb8134fd41c69a9ccacf959795d4d1c889c489d6
NIDS Severity Alert suricata medium ET POLICY HTTP Request to .su TLD (Soviet Union) Often Malware Related
GET /Image/posters/UTS.jpg HTTP/1.1
Host: rg4u.clan.su
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://rg4u.clan.su/dir/sport/federacii/khanty_mansijskaja_gorodskaja_obshhestvennaja_organizacija_federacija_khudozhestvennoj_gimnastiki/226-1-0-535
Cookie: 6rg4udr=FwJeg31k; 6rg4uuzll=1685947231; ucvid=tlA224S03d
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 05 Jun 2023 06:40:34 GMT
Content-Type: image/jpeg
Content-Length: 27490
Last-Modified: Mon, 22 Jun 2015 06:30:57 GMT
Connection: keep-alive
Keep-Alive: timeout=15
ETag: "5587aba1-6b62"
Expires: Sun, 25 Jun 2023 06:40:34 GMT
Cache-Control: max-age=1728000
X-Frame-Options: SAMEORIGIN
Accept-Ranges: bytes
rg4u.clan.su/.s/t/291/5.gif
213.174.157.136200 OK 85 B URL GET HTTP/1.1 rg4u.clan.su/.s/t/291/5.gif
IP 213.174.157.136:80
ASN #39572 DataWeb Global Group B.V.
Requested by http://rg4u.clan.su/dir/sport/federacii/khanty_mansijskaja_gorodskaja_obshhestvennaja_organizacija_federacija_khudozhestvennoj_gimnastiki/226-1-0-535
File type GIF image data, version 89a, 18 x 18\012- data
Hash 44294fdf67bac608e70db298fcf5e2bb
9f2b740cd28434d2711a6c9d48db137e328bb466
36b2987d8c11cd813f995d53578652d9961fa5608feab51eae743bb63fe817a3
NIDS Severity Alert suricata medium ET POLICY HTTP Request to .su TLD (Soviet Union) Often Malware Related
GET /.s/t/291/5.gif HTTP/1.1
Host: rg4u.clan.su
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://rg4u.clan.su/dir/sport/federacii/khanty_mansijskaja_gorodskaja_obshhestvennaja_organizacija_federacija_khudozhestvennoj_gimnastiki/226-1-0-535
Cookie: 6rg4udr=FwJeg31k; 6rg4uuzll=1685947231; ucvid=tlA224S03d
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 05 Jun 2023 06:40:34 GMT
Content-Type: image/gif
Content-Length: 85
Last-Modified: Wed, 03 Dec 2014 12:48:38 GMT
Connection: keep-alive
Keep-Alive: timeout=15
ETag: "547f06a6-55"
Expires: Sun, 25 Jun 2023 06:40:34 GMT
Cache-Control: max-age=1728000
X-Frame-Options: SAMEORIGIN
Accept-Ranges: bytes
rg4u.clan.su/.s/t/291/2.jpg
213.174.157.136200 OK 20 kB URL GET HTTP/1.1 rg4u.clan.su/.s/t/291/2.jpg
IP 213.174.157.136:80
ASN #39572 DataWeb Global Group B.V.
Requested by http://rg4u.clan.su/dir/sport/federacii/khanty_mansijskaja_gorodskaja_obshhestvennaja_organizacija_federacija_khudozhestvennoj_gimnastiki/226-1-0-535
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 489x155, components 3\012- data
Hash 457f79b59bf6332ebfdcc2510b2c6d2a
237f953a8860b666d3857528a7205cdc208bc364
173624b0b8095b828fb320505a0d7479a5e14127a8a8ec3e71d72cdf7a5edb8b
NIDS Severity Alert suricata medium ET POLICY HTTP Request to .su TLD (Soviet Union) Often Malware Related
GET /.s/t/291/2.jpg HTTP/1.1
Host: rg4u.clan.su
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://rg4u.clan.su/dir/sport/federacii/khanty_mansijskaja_gorodskaja_obshhestvennaja_organizacija_federacija_khudozhestvennoj_gimnastiki/226-1-0-535
Cookie: 6rg4udr=FwJeg31k; 6rg4uuzll=1685947231; ucvid=tlA224S03d
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 05 Jun 2023 06:40:34 GMT
Content-Type: image/jpeg
Content-Length: 19814
Last-Modified: Wed, 03 Dec 2014 12:48:38 GMT
Connection: keep-alive
Keep-Alive: timeout=15
ETag: "547f06a6-4d66"
Expires: Sun, 25 Jun 2023 06:40:34 GMT
Cache-Control: max-age=1728000
X-Frame-Options: SAMEORIGIN
Accept-Ranges: bytes
rg4u.clan.su/.s/img/stars/3/12.png
213.174.157.136200 OK 1.2 kB URL GET HTTP/1.1 rg4u.clan.su/.s/img/stars/3/12.png
IP 213.174.157.136:80
ASN #39572 DataWeb Global Group B.V.
Requested by http://rg4u.clan.su/dir/sport/federacii/khanty_mansijskaja_gorodskaja_obshhestvennaja_organizacija_federacija_khudozhestvennoj_gimnastiki/226-1-0-535
File type PNG image data, 12 x 36, 8-bit/color RGBA, non-interlaced\012- data
Hash 350693463200bbe9388eec7d1a208289
9a310a7dd3c068636b224d253e0df9ce09784df2
aa22bfd07d6d73ee1e2fc304bf81625c716e83f81e1dfc044560b54595bdec28
NIDS Severity Alert suricata medium ET POLICY HTTP Request to .su TLD (Soviet Union) Often Malware Related
GET /.s/img/stars/3/12.png HTTP/1.1
Host: rg4u.clan.su
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://rg4u.clan.su/dir/sport/federacii/khanty_mansijskaja_gorodskaja_obshhestvennaja_organizacija_federacija_khudozhestvennoj_gimnastiki/226-1-0-535
Cookie: 6rg4udr=FwJeg31k; 6rg4uuzll=1685947231; ucvid=tlA224S03d
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 05 Jun 2023 06:40:34 GMT
Content-Type: image/png
Content-Length: 1161
Last-Modified: Wed, 05 Apr 2023 11:26:37 GMT
Connection: keep-alive
Keep-Alive: timeout=15
ETag: "642d5aed-489"
Expires: Sun, 25 Jun 2023 06:40:34 GMT
Cache-Control: max-age=1728000
X-Frame-Options: SAMEORIGIN
Accept-Ranges: bytes
rg4u.clan.su/.s/img/icon/social/vk.svg
213.174.157.136200 OK 772 B URL GET HTTP/1.1 rg4u.clan.su/.s/img/icon/social/vk.svg
IP 213.174.157.136:80
ASN #39572 DataWeb Global Group B.V.
Requested by http://rg4u.clan.su/dir/sport/federacii/khanty_mansijskaja_gorodskaja_obshhestvennaja_organizacija_federacija_khudozhestvennoj_gimnastiki/226-1-0-535
File type SVG Scalable Vector Graphics image\012- SVG XML document\012- XML 1.0 document text\012- SVG XML document\012- XML document text\012- exported SGML document text\012- exported SGML document, ASCII text
Hash 7c4eb8cae0b565c023c4406add5f8041
079ce5d3277df672b57a73476a28d0bf0b1c1fe2
05a3f8587400860aa87bb18c9a9cd5b22a45ca4fc4a37a7922d29e48549b2fc9
NIDS Severity Alert suricata medium ET POLICY HTTP Request to .su TLD (Soviet Union) Often Malware Related
GET /.s/img/icon/social/vk.svg HTTP/1.1
Host: rg4u.clan.su
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://rg4u.clan.su/.s/src/social.css
Cookie: 6rg4udr=FwJeg31k; 6rg4uuzll=1685947231; ucvid=tlA224S03d
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 05 Jun 2023 06:40:34 GMT
Content-Type: image/svg+xml
Content-Length: 772
Last-Modified: Mon, 26 Jun 2017 11:42:16 GMT
Connection: keep-alive
Keep-Alive: timeout=15
ETag: "5950f318-304"
Expires: Sun, 25 Jun 2023 06:40:34 GMT
Cache-Control: max-age=1728000
X-Frame-Options: SAMEORIGIN
Accept-Ranges: bytes
rg4u.clan.su/.s/t/291/8.gif
213.174.157.136200 OK 197 B URL GET HTTP/1.1 rg4u.clan.su/.s/t/291/8.gif
IP 213.174.157.136:80
ASN #39572 DataWeb Global Group B.V.
Requested by http://rg4u.clan.su/dir/sport/federacii/khanty_mansijskaja_gorodskaja_obshhestvennaja_organizacija_federacija_khudozhestvennoj_gimnastiki/226-1-0-535
File type GIF image data, version 89a, 14 x 14\012- data
Hash bf817310ff1a751b2c1ed9897be8a21e
d99db2db1cd07b066eae5fc3000100eabff9acf9
82765150985b8f086ca199431a995f2a7046603349b7b4fae2edebb1c2d452f9
NIDS Severity Alert suricata medium ET POLICY HTTP Request to .su TLD (Soviet Union) Often Malware Related
GET /.s/t/291/8.gif HTTP/1.1
Host: rg4u.clan.su
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://rg4u.clan.su/_st/my.css
Cookie: 6rg4udr=FwJeg31k; 6rg4uuzll=1685947231; ucvid=tlA224S03d
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 05 Jun 2023 06:40:34 GMT
Content-Type: image/gif
Content-Length: 197
Last-Modified: Wed, 03 Dec 2014 12:48:38 GMT
Connection: keep-alive
Keep-Alive: timeout=15
ETag: "547f06a6-c5"
Expires: Sun, 25 Jun 2023 06:40:34 GMT
Cache-Control: max-age=1728000
X-Frame-Options: SAMEORIGIN
Accept-Ranges: bytes
rg4u.clan.su/.s/t/291/7.gif
213.174.157.136200 OK 165 B URL GET HTTP/1.1 rg4u.clan.su/.s/t/291/7.gif
IP 213.174.157.136:80
ASN #39572 DataWeb Global Group B.V.
Requested by http://rg4u.clan.su/dir/sport/federacii/khanty_mansijskaja_gorodskaja_obshhestvennaja_organizacija_federacija_khudozhestvennoj_gimnastiki/226-1-0-535
File type GIF image data, version 89a, 8 x 8\012- data
Hash 386a536761b0b403f348ebeec35f3a10
eda665876bc7df652eb400f39f151acaea9888e1
57aca0624b67be0ec0b8eedbbcc4f0c2bebb018bba813da048d437c6a1863708
NIDS Severity Alert suricata medium ET POLICY HTTP Request to .su TLD (Soviet Union) Often Malware Related
GET /.s/t/291/7.gif HTTP/1.1
Host: rg4u.clan.su
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://rg4u.clan.su/_st/my.css
Cookie: 6rg4udr=FwJeg31k; 6rg4uuzll=1685947231; ucvid=tlA224S03d
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 05 Jun 2023 06:40:34 GMT
Content-Type: image/gif
Content-Length: 165
Last-Modified: Wed, 03 Dec 2014 12:48:38 GMT
Connection: keep-alive
Keep-Alive: timeout=15
ETag: "547f06a6-a5"
Expires: Sun, 25 Jun 2023 06:40:34 GMT
Cache-Control: max-age=1728000
X-Frame-Options: SAMEORIGIN
Accept-Ranges: bytes
rg4u.clan.su/logo/3.gif
213.174.157.136200 OK 28 kB IP 213.174.157.136:80
ASN #39572 DataWeb Global Group B.V.
Requested by http://rg4u.clan.su/dir/sport/federacii/khanty_mansijskaja_gorodskaja_obshhestvennaja_organizacija_federacija_khudozhestvennoj_gimnastiki/226-1-0-535
File type GIF image data, version 89a, 400 x 155\012- data
Hash 64a08fcbd194073f439650e6e22400ba
17d7faa2d9f56726d067281d7cc4e4e37a239456
4b498e075c5f6d0b9c7d7ab6b05c2e4a83e763f44c9ab98f14b0f26d90b60fb5
NIDS Severity Alert suricata medium ET POLICY HTTP Request to .su TLD (Soviet Union) Often Malware Related
GET /logo/3.gif HTTP/1.1
Host: rg4u.clan.su
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://rg4u.clan.su/dir/sport/federacii/khanty_mansijskaja_gorodskaja_obshhestvennaja_organizacija_federacija_khudozhestvennoj_gimnastiki/226-1-0-535
Cookie: 6rg4udr=FwJeg31k; 6rg4uuzll=1685947231; ucvid=tlA224S03d
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 05 Jun 2023 06:40:34 GMT
Content-Type: image/gif
Content-Length: 27875
Last-Modified: Mon, 24 Jan 2011 20:16:08 GMT
Connection: keep-alive
Keep-Alive: timeout=15
ETag: "4d3dde08-6ce3"
Expires: Sun, 25 Jun 2023 06:40:34 GMT
Cache-Control: max-age=1728000
X-Frame-Options: SAMEORIGIN
Accept-Ranges: bytes
rg4u.clan.su/.s/img/icon/social/fb.svg
213.174.157.136200 OK 611 B URL GET HTTP/1.1 rg4u.clan.su/.s/img/icon/social/fb.svg
IP 213.174.157.136:80
ASN #39572 DataWeb Global Group B.V.
Requested by http://rg4u.clan.su/dir/sport/federacii/khanty_mansijskaja_gorodskaja_obshhestvennaja_organizacija_federacija_khudozhestvennoj_gimnastiki/226-1-0-535
File type SVG Scalable Vector Graphics image\012- SVG XML document\012- XML 1.0 document text\012- SVG XML document\012- XML document text\012- exported SGML document text\012- exported SGML document, ASCII text
Hash d178cc46dcbcf2b6f19445674fe3fe58
26f9747489d9e796926f7bbe11817c420afda3af
a9265d79c9ff74d4deeab5dce9643ed838018a6b4346605e002867858534f4bf
NIDS Severity Alert suricata medium ET POLICY HTTP Request to .su TLD (Soviet Union) Often Malware Related
GET /.s/img/icon/social/fb.svg HTTP/1.1
Host: rg4u.clan.su
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://rg4u.clan.su/.s/src/social.css
Cookie: 6rg4udr=FwJeg31k; 6rg4uuzll=1685947231; ucvid=tlA224S03d
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 05 Jun 2023 06:40:34 GMT
Content-Type: image/svg+xml
Content-Length: 611
Last-Modified: Mon, 26 Jun 2017 11:42:16 GMT
Connection: keep-alive
Keep-Alive: timeout=15
ETag: "5950f318-263"
Expires: Sun, 25 Jun 2023 06:40:34 GMT
Cache-Control: max-age=1728000
X-Frame-Options: SAMEORIGIN
Accept-Ranges: bytes
rg4u.clan.su/.s/img/icon/social/ya.svg
213.174.157.136200 OK 660 B URL GET HTTP/1.1 rg4u.clan.su/.s/img/icon/social/ya.svg
IP 213.174.157.136:80
ASN #39572 DataWeb Global Group B.V.
Requested by http://rg4u.clan.su/dir/sport/federacii/khanty_mansijskaja_gorodskaja_obshhestvennaja_organizacija_federacija_khudozhestvennoj_gimnastiki/226-1-0-535
File type SVG Scalable Vector Graphics image\012- SVG XML document\012- XML 1.0 document text\012- SVG XML document\012- XML document text\012- exported SGML document text\012- exported SGML document, ASCII text
Hash 7676c3eee5bd955efe08fd05367a443b
595e4e8dbf5ff472606434d0f45806d088de4c0c
b72d3f61ac56b4aa27bad5769589705004aff1f0ad341785ca72dc46ba16de5b
NIDS Severity Alert suricata medium ET POLICY HTTP Request to .su TLD (Soviet Union) Often Malware Related
GET /.s/img/icon/social/ya.svg HTTP/1.1
Host: rg4u.clan.su
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://rg4u.clan.su/.s/src/social.css
Cookie: 6rg4udr=FwJeg31k; 6rg4uuzll=1685947231; ucvid=tlA224S03d
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 05 Jun 2023 06:40:34 GMT
Content-Type: image/svg+xml
Content-Length: 660
Last-Modified: Mon, 26 Jun 2017 11:42:16 GMT
Connection: keep-alive
Keep-Alive: timeout=15
ETag: "5950f318-294"
Expires: Sun, 25 Jun 2023 06:40:34 GMT
Cache-Control: max-age=1728000
X-Frame-Options: SAMEORIGIN
Accept-Ranges: bytes
rg4u.clan.su/.s/img/icon/social/gp.svg
213.174.157.136200 OK 550 B URL GET HTTP/1.1 rg4u.clan.su/.s/img/icon/social/gp.svg
IP 213.174.157.136:80
ASN #39572 DataWeb Global Group B.V.
Requested by http://rg4u.clan.su/dir/sport/federacii/khanty_mansijskaja_gorodskaja_obshhestvennaja_organizacija_federacija_khudozhestvennoj_gimnastiki/226-1-0-535
File type SVG Scalable Vector Graphics image\012- HTML document text\012- HTML document, Unicode text, UTF-8 text, with very long lines (534), with no line terminators
Hash 10d296226de121de55180e5b1b7d9d49
5980293f4f290734d09459d068a8c3996e43fe40
a657a4d5d05c6cd9b9f881ab6941e71f725c7eb451c9f37ceb514e45fdfd441d
NIDS Severity Alert suricata medium ET POLICY HTTP Request to .su TLD (Soviet Union) Often Malware Related
GET /.s/img/icon/social/gp.svg HTTP/1.1
Host: rg4u.clan.su
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://rg4u.clan.su/.s/src/social.css
Cookie: 6rg4udr=FwJeg31k; 6rg4uuzll=1685947231; ucvid=tlA224S03d
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 05 Jun 2023 06:40:34 GMT
Content-Type: image/svg+xml
Content-Length: 550
Last-Modified: Fri, 01 Feb 2019 12:57:26 GMT
Connection: keep-alive
Keep-Alive: timeout=15
ETag: "5c544236-226"
Expires: Sun, 25 Jun 2023 06:40:34 GMT
Cache-Control: max-age=1728000
X-Frame-Options: SAMEORIGIN
Accept-Ranges: bytes
rg4u.clan.su/.s/img/icon/social/ok.svg
213.174.157.136200 OK 1.9 kB URL GET HTTP/1.1 rg4u.clan.su/.s/img/icon/social/ok.svg
IP 213.174.157.136:80
ASN #39572 DataWeb Global Group B.V.
Requested by http://rg4u.clan.su/dir/sport/federacii/khanty_mansijskaja_gorodskaja_obshhestvennaja_organizacija_federacija_khudozhestvennoj_gimnastiki/226-1-0-535
File type SVG Scalable Vector Graphics image\012- SVG XML document\012- XML 1.0 document text\012- SVG XML document\012- XML document text\012- exported SGML document text\012- exported SGML document, ASCII text
Hash 08bbc2fa9b08463b0d061041d62b408e
370c53ccc3edd296cd35fb9e3de20dabfdae78d9
e1369586f1d82834ecc0ccab2f5f1a6f7565f2c715243d956bd7eb1404c8fba9
NIDS Severity Alert suricata medium ET POLICY HTTP Request to .su TLD (Soviet Union) Often Malware Related
GET /.s/img/icon/social/ok.svg HTTP/1.1
Host: rg4u.clan.su
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://rg4u.clan.su/.s/src/social.css
Cookie: 6rg4udr=FwJeg31k; 6rg4uuzll=1685947231; ucvid=tlA224S03d
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 05 Jun 2023 06:40:34 GMT
Content-Type: image/svg+xml
Content-Length: 1858
Last-Modified: Mon, 26 Jun 2017 11:42:16 GMT
Connection: keep-alive
Keep-Alive: timeout=15
ETag: "5950f318-742"
Expires: Sun, 25 Jun 2023 06:40:34 GMT
Cache-Control: max-age=1728000
X-Frame-Options: SAMEORIGIN
Accept-Ranges: bytes
translate.google.com/translate_a/element.js?cb=googleTranslateElementInit
216.58.211.14301 Moved Permanently 29 kB URL GET HTTP/1.1 translate.google.com/translate_a/element.js?cb=googleTranslateElementInit
IP 216.58.211.14:80
Requested by http://rg4u.clan.su/dir/sport/federacii/khanty_mansijskaja_gorodskaja_obshhestvennaja_organizacija_federacija_khudozhestvennoj_gimnastiki/226-1-0-535
File type ASCII text, with very long lines (2450)
Hash 95570675b6c814a8eba3a1ff89d1a88e
20db0e97ca61e1c16a9c0b5e4c9e5588780eb4c0
11b6bcda06ca54317114081434a721818cd81988524a745ec41e954d3b3d1cc6
GET /translate_a/element.js?cb=googleTranslateElementInit HTTP/1.1
Host: translate.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://rg4u.clan.su/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Mon, 05 Jun 2023 06:40:33 GMT
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
set-cookie: CONSENT=PENDING+837; expires=Wed, 04-Jun-2025 06:40:33 GMT; path=/; domain=.google.com; Secure
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
rg4u.clan.su/img/music_key.gif
213.174.157.136200 OK 691 B URL GET HTTP/1.1 rg4u.clan.su/img/music_key.gif
IP 213.174.157.136:80
ASN #39572 DataWeb Global Group B.V.
Requested by http://rg4u.clan.su/dir/sport/federacii/khanty_mansijskaja_gorodskaja_obshhestvennaja_organizacija_federacija_khudozhestvennoj_gimnastiki/226-1-0-535
File type GIF image data, version 89a, 16 x 40\012- data
Hash 238e60ba2b96fc551568f14e7a284e76
9802a7f7bbf5f1606a6e1b08e859ff1fc5d8a33b
7dc90c7b5abe7b1b0a65694a4b5b532af5bd32c4a138fc6c1e8063113542845a
NIDS Severity Alert suricata medium ET POLICY HTTP Request to .su TLD (Soviet Union) Often Malware Related
GET /img/music_key.gif HTTP/1.1
Host: rg4u.clan.su
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://rg4u.clan.su/dir/sport/federacii/khanty_mansijskaja_gorodskaja_obshhestvennaja_organizacija_federacija_khudozhestvennoj_gimnastiki/226-1-0-535
Cookie: 6rg4udr=FwJeg31k; 6rg4uuzll=1685947231; ucvid=tlA224S03d
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 05 Jun 2023 06:40:34 GMT
Content-Type: image/gif
Content-Length: 691
Last-Modified: Thu, 28 Jul 2011 06:44:18 GMT
Connection: keep-alive
Keep-Alive: timeout=15
ETag: "4e310542-2b3"
Expires: Sun, 25 Jun 2023 06:40:34 GMT
Cache-Control: max-age=1728000
X-Frame-Options: SAMEORIGIN
Accept-Ranges: bytes
rg4u.clan.su/_st/my.css
213.174.157.136200 OK 6.0 kB IP 213.174.157.136:80
ASN #39572 DataWeb Global Group B.V.
Requested by http://rg4u.clan.su/dir/sport/federacii/khanty_mansijskaja_gorodskaja_obshhestvennaja_organizacija_federacija_khudozhestvennoj_gimnastiki/226-1-0-535
File type assembler source, Unicode text, UTF-8 text, with very long lines (409)
Hash 23a898a858f0d1da4ffc82353e4531c9
c7760897fae386f2df57127420de86ddd474af66
9683f999d8a04153585ee2f27221372f4a1aca4ab22d8ec96ba42d12c73ed3bb
NIDS Severity Alert suricata medium ET POLICY HTTP Request to .su TLD (Soviet Union) Often Malware Related
suricata medium ET POLICY HTTP Request to .su TLD (Soviet Union) Often Malware Related
GET /_st/my.css HTTP/1.1
Host: rg4u.clan.su
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://rg4u.clan.su/mchat/
Cookie: 6rg4udr=FwJeg31k; 6rg4uuzll=1685947231; ucvid=tlA224S03d
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 05 Jun 2023 06:40:35 GMT
Content-Type: text/css
Last-Modified: Sat, 10 Oct 2020 17:11:36 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=15
ETag: W/"5f81eb48-6eb4"
Expires: Sun, 25 Jun 2023 06:40:35 GMT
Cache-Control: max-age=1728000
X-Frame-Options: SAMEORIGIN
Content-Encoding: gzip
rg4u.clan.su/imgr/rek-908x108.jpg
213.174.157.136200 OK 53 kB URL GET HTTP/1.1 rg4u.clan.su/imgr/rek-908x108.jpg
IP 213.174.157.136:80
ASN #39572 DataWeb Global Group B.V.
Requested by http://rg4u.clan.su/dir/sport/federacii/khanty_mansijskaja_gorodskaja_obshhestvennaja_organizacija_federacija_khudozhestvennoj_gimnastiki/226-1-0-535
File type JPEG image data, JFIF standard 1.02, resolution (DPI), density 96x96, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CS Windows, datetime=2015:06:22 12:51:31], baseline, precision 8, 908x108, components 3\012- data
Hash 28d67ccec62c1f21aaf7216a21b90139
53e9caacadb99a8733c4b3f3c9159e94c0bf66c1
d48daffea6074a23590777d7dc7dcb51fb57e31d9a33f5a164e1f03d9f9df22c
NIDS Severity Alert suricata medium ET POLICY HTTP Request to .su TLD (Soviet Union) Often Malware Related
GET /imgr/rek-908x108.jpg HTTP/1.1
Host: rg4u.clan.su
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://rg4u.clan.su/dir/sport/federacii/khanty_mansijskaja_gorodskaja_obshhestvennaja_organizacija_federacija_khudozhestvennoj_gimnastiki/226-1-0-535
Cookie: 6rg4udr=FwJeg31k; 6rg4uuzll=1685947231; ucvid=tlA224S03d
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 05 Jun 2023 06:40:34 GMT
Content-Type: image/jpeg
Content-Length: 52893
Last-Modified: Tue, 25 Oct 2016 11:41:37 GMT
Connection: keep-alive
Keep-Alive: timeout=15
ETag: "580f44f1-ce9d"
Expires: Sun, 25 Jun 2023 06:40:34 GMT
Cache-Control: max-age=1728000
X-Frame-Options: SAMEORIGIN
Accept-Ranges: bytes
rg4u.clan.su/imgr/rg-training5.jpg
213.174.157.136200 OK 90 kB URL GET HTTP/1.1 rg4u.clan.su/imgr/rg-training5.jpg
IP 213.174.157.136:80
ASN #39572 DataWeb Global Group B.V.
Requested by http://rg4u.clan.su/dir/sport/federacii/khanty_mansijskaja_gorodskaja_obshhestvennaja_organizacija_federacija_khudozhestvennoj_gimnastiki/226-1-0-535
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1280x474, components 3\012- data
Hash 0c7c1f02cfdb22b36d6452de5756f4f1
17ae9127e81a6ccb2ccf6ddc81179ddd67a5f39d
66ce06266508b172f697d65a5eb49d4d95197ef945d2d0acbf531fdb75f0e913
NIDS Severity Alert suricata medium ET POLICY HTTP Request to .su TLD (Soviet Union) Often Malware Related
GET /imgr/rg-training5.jpg HTTP/1.1
Host: rg4u.clan.su
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://rg4u.clan.su/dir/sport/federacii/khanty_mansijskaja_gorodskaja_obshhestvennaja_organizacija_federacija_khudozhestvennoj_gimnastiki/226-1-0-535
Cookie: 6rg4udr=FwJeg31k; 6rg4uuzll=1685947231; ucvid=tlA224S03d
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 05 Jun 2023 06:40:34 GMT
Content-Type: image/jpeg
Content-Length: 89463
Last-Modified: Thu, 18 May 2023 07:02:22 GMT
Connection: keep-alive
Keep-Alive: timeout=15
ETag: "6465cd7e-15d77"
Expires: Sun, 25 Jun 2023 06:40:34 GMT
Cache-Control: max-age=1728000
X-Frame-Options: SAMEORIGIN
Accept-Ranges: bytes
rg4u.clan.su/imgr/premiumsportproducts908x108v2.gif
213.174.157.136200 OK 124 kB URL GET HTTP/1.1 rg4u.clan.su/imgr/premiumsportproducts908x108v2.gif
IP 213.174.157.136:80
ASN #39572 DataWeb Global Group B.V.
Requested by http://rg4u.clan.su/dir/sport/federacii/khanty_mansijskaja_gorodskaja_obshhestvennaja_organizacija_federacija_khudozhestvennoj_gimnastiki/226-1-0-535
File type GIF image data, version 89a, 908 x 108\012- data
Size 124 kB (123483 bytes)
Hash 0a4d5d15a69ba0a2f91a73d2604ebfe7
f1e6caf68ed1c6e95a8687f019f485ef384e607a
9998039906a792b1a1f5a1d4042eba1541e6ef98f1b15654fb09fa86f4b27c6f
NIDS Severity Alert suricata medium ET POLICY HTTP Request to .su TLD (Soviet Union) Often Malware Related
GET /imgr/premiumsportproducts908x108v2.gif HTTP/1.1
Host: rg4u.clan.su
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://rg4u.clan.su/dir/sport/federacii/khanty_mansijskaja_gorodskaja_obshhestvennaja_organizacija_federacija_khudozhestvennoj_gimnastiki/226-1-0-535
Cookie: 6rg4udr=FwJeg31k; 6rg4uuzll=1685947231; ucvid=tlA224S03d
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 05 Jun 2023 06:40:34 GMT
Content-Type: image/gif
Content-Length: 123483
Last-Modified: Mon, 05 Jul 2021 17:01:40 GMT
Connection: keep-alive
Keep-Alive: timeout=15
ETag: "60e33af4-1e25b"
Expires: Sun, 25 Jun 2023 06:40:34 GMT
Cache-Control: max-age=1728000
X-Frame-Options: SAMEORIGIN
Accept-Ranges: bytes
rg4u.clan.su/_vi/4/s20599870.jpg
213.174.157.136200 OK 5.2 kB URL GET HTTP/1.1 rg4u.clan.su/_vi/4/s20599870.jpg
IP 213.174.157.136:80
ASN #39572 DataWeb Global Group B.V.
Requested by http://rg4u.clan.su/dir/sport/federacii/khanty_mansijskaja_gorodskaja_obshhestvennaja_organizacija_federacija_khudozhestvennoj_gimnastiki/226-1-0-535
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 90", baseline, precision 8, 150x84, components 3\012- data
Hash c51b004cc2cc1f759091084a510d3588
dd89395b4fd34ca24b9d5bdf9bf32aa6454ed7cd
55222fca468e46669a2f596504167dfa6844a3af789b9abf2e7fea3722de6226
NIDS Severity Alert suricata medium ET POLICY HTTP Request to .su TLD (Soviet Union) Often Malware Related
GET /_vi/4/s20599870.jpg HTTP/1.1
Host: rg4u.clan.su
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://rg4u.clan.su/dir/sport/federacii/khanty_mansijskaja_gorodskaja_obshhestvennaja_organizacija_federacija_khudozhestvennoj_gimnastiki/226-1-0-535
Cookie: 6rg4udr=FwJeg31k; 6rg4uuzll=1685947231; ucvid=tlA224S03d
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 05 Jun 2023 06:40:35 GMT
Content-Type: image/jpeg
Content-Length: 5155
Last-Modified: Fri, 27 Jan 2023 14:23:34 GMT
Connection: keep-alive
Keep-Alive: timeout=15
ETag: "63d3de66-1423"
Expires: Sun, 25 Jun 2023 06:40:35 GMT
Cache-Control: max-age=1728000
X-Frame-Options: SAMEORIGIN
Accept-Ranges: bytes
rg4u.clan.su/.s/src/uwnd.min.js?2
213.174.157.136200 OK 57 kB URL GET HTTP/1.1 rg4u.clan.su/.s/src/uwnd.min.js?2
IP 213.174.157.136:80
ASN #39572 DataWeb Global Group B.V.
Requested by http://rg4u.clan.su/mchat/
File type ASCII text, with very long lines (65536), with no line terminators
Hash 0e2dd07983ad50fa9205b6a9d24bc79f
8eafe02a75c83f60d40d1cee73e2770805e54a9e
8993dbc5102beb8dc4ebfef06873c26198d0f2913627399034816b16715336ad
NIDS Severity Alert suricata medium ET POLICY HTTP Request to .su TLD (Soviet Union) Often Malware Related
GET /.s/src/uwnd.min.js?2 HTTP/1.1
Host: rg4u.clan.su
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://rg4u.clan.su/mchat/
Cookie: 6rg4udr=FwJeg31k; 6rg4uuzll=1685947231; ucvid=tlA224S03d
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 05 Jun 2023 06:40:35 GMT
Content-Type: text/javascript
Last-Modified: Mon, 25 Apr 2022 10:32:26 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=15
ETag: W/"626678ba-3334b"
Expires: Sun, 25 Jun 2023 06:40:35 GMT
Cache-Control: max-age=1728000
X-Frame-Options: SAMEORIGIN
Content-Encoding: gzip
rg4u.clan.su/_vi/4/s96005384.jpg
213.174.157.136200 OK 6.2 kB URL GET HTTP/1.1 rg4u.clan.su/_vi/4/s96005384.jpg
IP 213.174.157.136:80
ASN #39572 DataWeb Global Group B.V.
Requested by http://rg4u.clan.su/dir/sport/federacii/khanty_mansijskaja_gorodskaja_obshhestvennaja_organizacija_federacija_khudozhestvennoj_gimnastiki/226-1-0-535
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 90", baseline, precision 8, 150x84, components 3\012- data
Hash 9dcd8b0aeeedbd609ec4bddc78fb9d56
cd007ea479dc13b4249c1729c126dab9b2e439fa
f2e22153941242eff25acda5247a676e09ae83e9be02aa5e4f16e68f4bd8c7ab
NIDS Severity Alert suricata medium ET POLICY HTTP Request to .su TLD (Soviet Union) Often Malware Related
GET /_vi/4/s96005384.jpg HTTP/1.1
Host: rg4u.clan.su
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://rg4u.clan.su/dir/sport/federacii/khanty_mansijskaja_gorodskaja_obshhestvennaja_organizacija_federacija_khudozhestvennoj_gimnastiki/226-1-0-535
Cookie: 6rg4udr=FwJeg31k; 6rg4uuzll=1685947231; ucvid=tlA224S03d
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 05 Jun 2023 06:40:35 GMT
Content-Type: image/jpeg
Content-Length: 6222
Last-Modified: Sun, 08 Jan 2023 05:43:10 GMT
Connection: keep-alive
Keep-Alive: timeout=15
ETag: "63ba57ee-184e"
Expires: Sun, 25 Jun 2023 06:40:35 GMT
Cache-Control: max-age=1728000
X-Frame-Options: SAMEORIGIN
Accept-Ranges: bytes
rg4u.clan.su/_vi/4/s35861115.jpg
213.174.157.136200 OK 5.9 kB URL GET HTTP/1.1 rg4u.clan.su/_vi/4/s35861115.jpg
IP 213.174.157.136:80
ASN #39572 DataWeb Global Group B.V.
Requested by http://rg4u.clan.su/dir/sport/federacii/khanty_mansijskaja_gorodskaja_obshhestvennaja_organizacija_federacija_khudozhestvennoj_gimnastiki/226-1-0-535
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 90", baseline, precision 8, 150x83, components 3\012- data
Hash b5fa884a0d6353f8cf57be61a2c16490
1b227ec805088034975eebb2b2f22d0a41540864
129db0d4fbcf58d3441973335c56000a6f46dd62d23671f7d5cae87c3bfc960d
NIDS Severity Alert suricata medium ET POLICY HTTP Request to .su TLD (Soviet Union) Often Malware Related
GET /_vi/4/s35861115.jpg HTTP/1.1
Host: rg4u.clan.su
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://rg4u.clan.su/dir/sport/federacii/khanty_mansijskaja_gorodskaja_obshhestvennaja_organizacija_federacija_khudozhestvennoj_gimnastiki/226-1-0-535
Cookie: 6rg4udr=FwJeg31k; 6rg4uuzll=1685947231; ucvid=tlA224S03d
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 05 Jun 2023 06:40:35 GMT
Content-Type: image/jpeg
Content-Length: 5946
Last-Modified: Sat, 13 Aug 2022 07:27:21 GMT
Connection: keep-alive
Keep-Alive: timeout=15
ETag: "62f75259-173a"
Expires: Sun, 25 Jun 2023 06:40:35 GMT
Cache-Control: max-age=1728000
X-Frame-Options: SAMEORIGIN
Accept-Ranges: bytes
rg4u.clan.su/.s/src/jquery-1.12.4.min.js
213.174.157.136200 OK 34 kB URL GET HTTP/1.1 rg4u.clan.su/.s/src/jquery-1.12.4.min.js
IP 213.174.157.136:80
ASN #39572 DataWeb Global Group B.V.
Requested by http://rg4u.clan.su/mchat/
File type ASCII text, with very long lines (32077)
Hash 4f252523d4af0b478c810c2547a63e19
5a9dcfbef655a2668e78baebeaa8dc6f41d8dabb
668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404
NIDS Severity Alert suricata medium ET POLICY HTTP Request to .su TLD (Soviet Union) Often Malware Related
suricata medium ET POLICY HTTP Request to .su TLD (Soviet Union) Often Malware Related
GET /.s/src/jquery-1.12.4.min.js HTTP/1.1
Host: rg4u.clan.su
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://rg4u.clan.su/mchat/
Cookie: 6rg4udr=FwJeg31k; 6rg4uuzll=1685947231; ucvid=tlA224S03d
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 05 Jun 2023 06:40:35 GMT
Content-Type: text/javascript
Last-Modified: Wed, 05 Apr 2023 11:26:48 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=15
ETag: W/"642d5af8-17b8b"
Expires: Sun, 25 Jun 2023 06:40:35 GMT
Cache-Control: max-age=1728000
X-Frame-Options: SAMEORIGIN
Content-Encoding: gzip
rg4u.clan.su/img/uico-view.png
213.174.157.136200 OK 1.2 kB URL GET HTTP/1.1 rg4u.clan.su/img/uico-view.png
IP 213.174.157.136:80
ASN #39572 DataWeb Global Group B.V.
Requested by http://rg4u.clan.su/dir/sport/federacii/khanty_mansijskaja_gorodskaja_obshhestvennaja_organizacija_federacija_khudozhestvennoj_gimnastiki/226-1-0-535
File type PNG image data, 16 x 10, 8-bit/color RGBA, non-interlaced\012- data
Hash b434c30114acf85d9dece4246788cd1d
38bf468836c0d6bdfa0472b110734d7a63e5583d
23977892f420e43b5330920ff38306f8e39b111e5dcd32090982fc51b6c31d64
NIDS Severity Alert suricata medium ET POLICY HTTP Request to .su TLD (Soviet Union) Often Malware Related
GET /img/uico-view.png HTTP/1.1
Host: rg4u.clan.su
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://rg4u.clan.su/dir/sport/federacii/khanty_mansijskaja_gorodskaja_obshhestvennaja_organizacija_federacija_khudozhestvennoj_gimnastiki/226-1-0-535
Cookie: 6rg4udr=FwJeg31k; 6rg4uuzll=1685947231; ucvid=tlA224S03d
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 05 Jun 2023 06:40:35 GMT
Content-Type: image/png
Content-Length: 1153
Last-Modified: Mon, 27 Jun 2022 13:37:11 GMT
Connection: keep-alive
Keep-Alive: timeout=15
ETag: "62b9b287-481"
Expires: Sun, 25 Jun 2023 06:40:35 GMT
Cache-Control: max-age=1728000
X-Frame-Options: SAMEORIGIN
Accept-Ranges: bytes
rg4u.clan.su/_ph/7/1/416574504.jpg
213.174.157.136200 OK 1.2 kB URL GET HTTP/1.1 rg4u.clan.su/_ph/7/1/416574504.jpg
IP 213.174.157.136:80
ASN #39572 DataWeb Global Group B.V.
Requested by http://rg4u.clan.su/dir/sport/federacii/khanty_mansijskaja_gorodskaja_obshhestvennaja_organizacija_federacija_khudozhestvennoj_gimnastiki/226-1-0-535
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 70", baseline, precision 8, 23x80, components 3\012- data
Hash 12cbe0351253a3bf43388e7e0de11252
cbc6505590dad88aabef3e3ff0ae210d5b7699e5
7b90138f299be188d70f6f8e9449c1d2f1cf37be5d626b53baacc852a128a3e4
NIDS Severity Alert suricata medium ET POLICY HTTP Request to .su TLD (Soviet Union) Often Malware Related
GET /_ph/7/1/416574504.jpg HTTP/1.1
Host: rg4u.clan.su
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://rg4u.clan.su/dir/sport/federacii/khanty_mansijskaja_gorodskaja_obshhestvennaja_organizacija_federacija_khudozhestvennoj_gimnastiki/226-1-0-535
Cookie: 6rg4udr=FwJeg31k; 6rg4uuzll=1685947231; ucvid=tlA224S03d
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 05 Jun 2023 06:40:35 GMT
Content-Type: image/jpeg
Content-Length: 1168
Last-Modified: Wed, 22 Sep 2010 13:16:47 GMT
Connection: keep-alive
Keep-Alive: timeout=15
ETag: "4c9a01bf-490"
Expires: Sun, 25 Jun 2023 06:40:35 GMT
Cache-Control: max-age=1728000
X-Frame-Options: SAMEORIGIN
Accept-Ranges: bytes
rg4u.clan.su/_ph/7/1/623952537.jpg
213.174.157.136200 OK 1.0 kB URL GET HTTP/1.1 rg4u.clan.su/_ph/7/1/623952537.jpg
IP 213.174.157.136:80
ASN #39572 DataWeb Global Group B.V.
Requested by http://rg4u.clan.su/dir/sport/federacii/khanty_mansijskaja_gorodskaja_obshhestvennaja_organizacija_federacija_khudozhestvennoj_gimnastiki/226-1-0-535
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 70", baseline, precision 8, 23x80, components 3\012- data
Hash dddf4602094cf7e785372cfc3368f7f4
401686542f0faa988a5fa6e80c3b144494e9c113
961e82d372f533c2e8221df02b7c9fc0f3d2531d939d317b732fb214785e4f11
NIDS Severity Alert suricata medium ET POLICY HTTP Request to .su TLD (Soviet Union) Often Malware Related
GET /_ph/7/1/623952537.jpg HTTP/1.1
Host: rg4u.clan.su
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://rg4u.clan.su/dir/sport/federacii/khanty_mansijskaja_gorodskaja_obshhestvennaja_organizacija_federacija_khudozhestvennoj_gimnastiki/226-1-0-535
Cookie: 6rg4udr=FwJeg31k; 6rg4uuzll=1685947231; ucvid=tlA224S03d
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 05 Jun 2023 06:40:35 GMT
Content-Type: image/jpeg
Content-Length: 1022
Last-Modified: Wed, 22 Sep 2010 13:16:47 GMT
Connection: keep-alive
Keep-Alive: timeout=15
ETag: "4c9a01bf-3fe"
Expires: Sun, 25 Jun 2023 06:40:35 GMT
Cache-Control: max-age=1728000
X-Frame-Options: SAMEORIGIN
Accept-Ranges: bytes
rg4u.clan.su/_ph/7/1/663997554.jpg
213.174.157.136200 OK 1.1 kB URL GET HTTP/1.1 rg4u.clan.su/_ph/7/1/663997554.jpg
IP 213.174.157.136:80
ASN #39572 DataWeb Global Group B.V.
Requested by http://rg4u.clan.su/dir/sport/federacii/khanty_mansijskaja_gorodskaja_obshhestvennaja_organizacija_federacija_khudozhestvennoj_gimnastiki/226-1-0-535
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 70", baseline, precision 8, 23x80, components 3\012- data
Hash a26a3529748517fda6f8a03e7f426417
c546204b7609f1111f4c9fd6992712ab798c9682
330b2fcf77ab96dbb54568fa384af68381bb507f5cf259dbdeeb47b8a16d31d0
NIDS Severity Alert suricata medium ET POLICY HTTP Request to .su TLD (Soviet Union) Often Malware Related
GET /_ph/7/1/663997554.jpg HTTP/1.1
Host: rg4u.clan.su
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://rg4u.clan.su/dir/sport/federacii/khanty_mansijskaja_gorodskaja_obshhestvennaja_organizacija_federacija_khudozhestvennoj_gimnastiki/226-1-0-535
Cookie: 6rg4udr=FwJeg31k; 6rg4uuzll=1685947231; ucvid=tlA224S03d
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 05 Jun 2023 06:40:35 GMT
Content-Type: image/jpeg
Content-Length: 1141
Last-Modified: Wed, 22 Sep 2010 13:14:41 GMT
Connection: keep-alive
Keep-Alive: timeout=15
ETag: "4c9a0141-475"
Expires: Sun, 25 Jun 2023 06:40:35 GMT
Cache-Control: max-age=1728000
X-Frame-Options: SAMEORIGIN
Accept-Ranges: bytes
rg4u.clan.su/_ph/7/1/152995469.jpg
213.174.157.136200 OK 1.1 kB URL GET HTTP/1.1 rg4u.clan.su/_ph/7/1/152995469.jpg
IP 213.174.157.136:80
ASN #39572 DataWeb Global Group B.V.
Requested by http://rg4u.clan.su/dir/sport/federacii/khanty_mansijskaja_gorodskaja_obshhestvennaja_organizacija_federacija_khudozhestvennoj_gimnastiki/226-1-0-535
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 70", baseline, precision 8, 23x80, components 3\012- data
Hash 0e483bb6a6732b902bfb8df891ea692b
bea48478fb4d79c9cc670f7140690f5a7b2d3562
6c9c53290f38de91d732c748a9d40835bf39d46664f1c3840c86c7d6d5e51053
NIDS Severity Alert suricata medium ET POLICY HTTP Request to .su TLD (Soviet Union) Often Malware Related
GET /_ph/7/1/152995469.jpg HTTP/1.1
Host: rg4u.clan.su
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://rg4u.clan.su/dir/sport/federacii/khanty_mansijskaja_gorodskaja_obshhestvennaja_organizacija_federacija_khudozhestvennoj_gimnastiki/226-1-0-535
Cookie: 6rg4udr=FwJeg31k; 6rg4uuzll=1685947231; ucvid=tlA224S03d
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 05 Jun 2023 06:40:35 GMT
Content-Type: image/jpeg
Content-Length: 1147
Last-Modified: Wed, 22 Sep 2010 13:14:41 GMT
Connection: keep-alive
Keep-Alive: timeout=15
ETag: "4c9a0141-47b"
Expires: Sun, 25 Jun 2023 06:40:35 GMT
Cache-Control: max-age=1728000
X-Frame-Options: SAMEORIGIN
Accept-Ranges: bytes
rg4u.clan.su/_ph/7/1/840646741.jpg
213.174.157.136200 OK 1.2 kB URL GET HTTP/1.1 rg4u.clan.su/_ph/7/1/840646741.jpg
IP 213.174.157.136:80
ASN #39572 DataWeb Global Group B.V.
Requested by http://rg4u.clan.su/dir/sport/federacii/khanty_mansijskaja_gorodskaja_obshhestvennaja_organizacija_federacija_khudozhestvennoj_gimnastiki/226-1-0-535
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 70", baseline, precision 8, 23x80, components 3\012- data
Hash 835e23cfac12906ca4d12e2349860188
019cc605644e5901d50a52aa85de5d42c699290f
9e9d61b6276e613f9aaa66165ef63004f7d046abc645dcd5b1c8b51cf2583155
NIDS Severity Alert suricata medium ET POLICY HTTP Request to .su TLD (Soviet Union) Often Malware Related
GET /_ph/7/1/840646741.jpg HTTP/1.1
Host: rg4u.clan.su
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://rg4u.clan.su/dir/sport/federacii/khanty_mansijskaja_gorodskaja_obshhestvennaja_organizacija_federacija_khudozhestvennoj_gimnastiki/226-1-0-535
Cookie: 6rg4udr=FwJeg31k; 6rg4uuzll=1685947231; ucvid=tlA224S03d
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 05 Jun 2023 06:40:35 GMT
Content-Type: image/jpeg
Content-Length: 1210
Last-Modified: Wed, 22 Sep 2010 13:14:41 GMT
Connection: keep-alive
Keep-Alive: timeout=15
ETag: "4c9a0141-4ba"
Expires: Sun, 25 Jun 2023 06:40:35 GMT
Cache-Control: max-age=1728000
X-Frame-Options: SAMEORIGIN
Accept-Ranges: bytes
rg4u.clan.su/_ph/7/1/775955111.jpg
213.174.157.136200 OK 1.2 kB URL GET HTTP/1.1 rg4u.clan.su/_ph/7/1/775955111.jpg
IP 213.174.157.136:80
ASN #39572 DataWeb Global Group B.V.
Requested by http://rg4u.clan.su/dir/sport/federacii/khanty_mansijskaja_gorodskaja_obshhestvennaja_organizacija_federacija_khudozhestvennoj_gimnastiki/226-1-0-535
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 70", baseline, precision 8, 23x80, components 3\012- data
Hash 16a9f777ee46de9c4cc17f708a85d204
2378a300f075564851bd2b708e8fb20f314c4b05
038138b3ca12bbd7f0d2d8e22899b9165a03d37e32c0e6b5f29dd06525b8a494
NIDS Severity Alert suricata medium ET POLICY HTTP Request to .su TLD (Soviet Union) Often Malware Related
GET /_ph/7/1/775955111.jpg HTTP/1.1
Host: rg4u.clan.su
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://rg4u.clan.su/dir/sport/federacii/khanty_mansijskaja_gorodskaja_obshhestvennaja_organizacija_federacija_khudozhestvennoj_gimnastiki/226-1-0-535
Cookie: 6rg4udr=FwJeg31k; 6rg4uuzll=1685947231; ucvid=tlA224S03d
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 05 Jun 2023 06:40:35 GMT
Content-Type: image/jpeg
Content-Length: 1240
Last-Modified: Wed, 22 Sep 2010 13:14:41 GMT
Connection: keep-alive
Keep-Alive: timeout=15
ETag: "4c9a0141-4d8"
Expires: Sun, 25 Jun 2023 06:40:35 GMT
Cache-Control: max-age=1728000
X-Frame-Options: SAMEORIGIN
Accept-Ranges: bytes
rg4u.clan.su/imgr/lana18_400x570.jpg
213.174.157.136200 OK 124 kB URL GET HTTP/1.1 rg4u.clan.su/imgr/lana18_400x570.jpg
IP 213.174.157.136:80
ASN #39572 DataWeb Global Group B.V.
Requested by http://rg4u.clan.su/dir/sport/federacii/khanty_mansijskaja_gorodskaja_obshhestvennaja_organizacija_federacija_khudozhestvennoj_gimnastiki/226-1-0-535
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CC 2015.5 (Windows), datetime=2017:06:30 10:59:13], progressive, precision 8, 400x572, components 3\012- data
Size 124 kB (124163 bytes)
Hash 8ea2028fcb21a046fb270721b8768505
fd5d3df910354dc3781a19432d82f93666f46394
9838e6f407de399ef3e811bbe11fda2af7c600ba8c898a3e08d0e5fe0dc22ba4
NIDS Severity Alert suricata medium ET POLICY HTTP Request to .su TLD (Soviet Union) Often Malware Related
GET /imgr/lana18_400x570.jpg HTTP/1.1
Host: rg4u.clan.su
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://rg4u.clan.su/dir/sport/federacii/khanty_mansijskaja_gorodskaja_obshhestvennaja_organizacija_federacija_khudozhestvennoj_gimnastiki/226-1-0-535
Cookie: 6rg4udr=FwJeg31k; 6rg4uuzll=1685947231; ucvid=tlA224S03d
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 05 Jun 2023 06:40:34 GMT
Content-Type: image/jpeg
Content-Length: 124163
Last-Modified: Fri, 30 Jun 2017 08:39:18 GMT
Connection: keep-alive
Keep-Alive: timeout=15
ETag: "59560e36-1e503"
Expires: Sun, 25 Jun 2023 06:40:34 GMT
Cache-Control: max-age=1728000
X-Frame-Options: SAMEORIGIN
Accept-Ranges: bytes
rg4u.clan.su/_ph/7/1/983196076.jpg
213.174.157.136200 OK 1.3 kB URL GET HTTP/1.1 rg4u.clan.su/_ph/7/1/983196076.jpg
IP 213.174.157.136:80
ASN #39572 DataWeb Global Group B.V.
Requested by http://rg4u.clan.su/dir/sport/federacii/khanty_mansijskaja_gorodskaja_obshhestvennaja_organizacija_federacija_khudozhestvennoj_gimnastiki/226-1-0-535
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 70", baseline, precision 8, 23x80, components 3\012- data
Hash c855bbdc4a5dc956516c10acf8467a57
637475a1f8326881b4d38523285229e63b82832f
848bd66bedabc0ee7b331b5248db8ebee623fb1e335f69986343a111a9470984
NIDS Severity Alert suricata medium ET POLICY HTTP Request to .su TLD (Soviet Union) Often Malware Related
GET /_ph/7/1/983196076.jpg HTTP/1.1
Host: rg4u.clan.su
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://rg4u.clan.su/dir/sport/federacii/khanty_mansijskaja_gorodskaja_obshhestvennaja_organizacija_federacija_khudozhestvennoj_gimnastiki/226-1-0-535
Cookie: 6rg4udr=FwJeg31k; 6rg4uuzll=1685947231; ucvid=tlA224S03d
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 05 Jun 2023 06:40:35 GMT
Content-Type: image/jpeg
Content-Length: 1325
Last-Modified: Wed, 22 Sep 2010 13:14:41 GMT
Connection: keep-alive
Keep-Alive: timeout=15
ETag: "4c9a0141-52d"
Expires: Sun, 25 Jun 2023 06:40:35 GMT
Cache-Control: max-age=1728000
X-Frame-Options: SAMEORIGIN
Accept-Ranges: bytes
rg4u.clan.su/_ph/7/1/212533036.jpg
213.174.157.136200 OK 1.1 kB URL GET HTTP/1.1 rg4u.clan.su/_ph/7/1/212533036.jpg
IP 213.174.157.136:80
ASN #39572 DataWeb Global Group B.V.
Requested by http://rg4u.clan.su/dir/sport/federacii/khanty_mansijskaja_gorodskaja_obshhestvennaja_organizacija_federacija_khudozhestvennoj_gimnastiki/226-1-0-535
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 70", baseline, precision 8, 23x80, components 3\012- data
Hash a3ca4efcafffc415efcf5b452b8d6b83
82a4088c325ba97c459243a0e7f958f892590b08
7c022a3248656347f4a892d4304297443c62b27725be751c0bcc4c6e7cf0c634
NIDS Severity Alert suricata medium ET POLICY HTTP Request to .su TLD (Soviet Union) Often Malware Related
GET /_ph/7/1/212533036.jpg HTTP/1.1
Host: rg4u.clan.su
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://rg4u.clan.su/dir/sport/federacii/khanty_mansijskaja_gorodskaja_obshhestvennaja_organizacija_federacija_khudozhestvennoj_gimnastiki/226-1-0-535
Cookie: 6rg4udr=FwJeg31k; 6rg4uuzll=1685947231; ucvid=tlA224S03d
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 05 Jun 2023 06:40:35 GMT
Content-Type: image/jpeg
Content-Length: 1099
Last-Modified: Wed, 22 Sep 2010 13:14:42 GMT
Connection: keep-alive
Keep-Alive: timeout=15
ETag: "4c9a0142-44b"
Expires: Sun, 25 Jun 2023 06:40:35 GMT
Cache-Control: max-age=1728000
X-Frame-Options: SAMEORIGIN
Accept-Ranges: bytes
rg4u.clan.su/img/uico-comment.png
213.174.157.136200 OK 1.1 kB URL GET HTTP/1.1 rg4u.clan.su/img/uico-comment.png
IP 213.174.157.136:80
ASN #39572 DataWeb Global Group B.V.
Requested by http://rg4u.clan.su/dir/sport/federacii/khanty_mansijskaja_gorodskaja_obshhestvennaja_organizacija_federacija_khudozhestvennoj_gimnastiki/226-1-0-535
File type PNG image data, 13 x 12, 8-bit/color RGBA, non-interlaced\012- data
Hash 8dfe1daa5d7f826a63910805a685f83d
b56b118b66e7e4ac7b54b96defa4375c51db4370
6507597a515cb19aadefc4034694658dc94d810b62238f9d34ef54bf64e1564a
NIDS Severity Alert suricata medium ET POLICY HTTP Request to .su TLD (Soviet Union) Often Malware Related
GET /img/uico-comment.png HTTP/1.1
Host: rg4u.clan.su
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://rg4u.clan.su/dir/sport/federacii/khanty_mansijskaja_gorodskaja_obshhestvennaja_organizacija_federacija_khudozhestvennoj_gimnastiki/226-1-0-535
Cookie: 6rg4udr=FwJeg31k; 6rg4uuzll=1685947231; ucvid=tlA224S03d
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 05 Jun 2023 06:40:35 GMT
Content-Type: image/png
Content-Length: 1149
Last-Modified: Mon, 27 Jun 2022 13:37:11 GMT
Connection: keep-alive
Keep-Alive: timeout=15
ETag: "62b9b287-47d"
Expires: Sun, 25 Jun 2023 06:40:35 GMT
Cache-Control: max-age=1728000
X-Frame-Options: SAMEORIGIN
Accept-Ranges: bytes
rg4u.clan.su/_ph/6/1/589142753.jpg
213.174.157.136200 OK 5.5 kB URL GET HTTP/1.1 rg4u.clan.su/_ph/6/1/589142753.jpg
IP 213.174.157.136:80
ASN #39572 DataWeb Global Group B.V.
Requested by http://rg4u.clan.su/dir/sport/federacii/khanty_mansijskaja_gorodskaja_obshhestvennaja_organizacija_federacija_khudozhestvennoj_gimnastiki/226-1-0-535
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 70", baseline, precision 8, 200x150, components 3\012- data
Hash e74a85b80287efc9bcaebc6eef20f2ec
debfd5a7dc29635f61e6ba9adfb1eb1d8719269d
168be3dc36569ea04cabf1a591f81bb39f009219a867b000f44b9e3cf9702139
NIDS Severity Alert suricata medium ET POLICY HTTP Request to .su TLD (Soviet Union) Often Malware Related
GET /_ph/6/1/589142753.jpg HTTP/1.1
Host: rg4u.clan.su
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://rg4u.clan.su/dir/sport/federacii/khanty_mansijskaja_gorodskaja_obshhestvennaja_organizacija_federacija_khudozhestvennoj_gimnastiki/226-1-0-535
Cookie: 6rg4udr=FwJeg31k; 6rg4uuzll=1685947231; ucvid=tlA224S03d
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 05 Jun 2023 06:40:35 GMT
Content-Type: image/jpeg
Content-Length: 5464
Last-Modified: Sat, 09 Aug 2014 19:35:55 GMT
Connection: keep-alive
Keep-Alive: timeout=15
ETag: "53e6781b-1558"
Expires: Sun, 25 Jun 2023 06:40:35 GMT
Cache-Control: max-age=1728000
X-Frame-Options: SAMEORIGIN
Accept-Ranges: bytes
rg4u.clan.su/_ph/6/1/501339310.jpg
213.174.157.136200 OK 8.5 kB URL GET HTTP/1.1 rg4u.clan.su/_ph/6/1/501339310.jpg
IP 213.174.157.136:80
ASN #39572 DataWeb Global Group B.V.
Requested by http://rg4u.clan.su/dir/sport/federacii/khanty_mansijskaja_gorodskaja_obshhestvennaja_organizacija_federacija_khudozhestvennoj_gimnastiki/226-1-0-535
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 70", baseline, precision 8, 200x150, components 3\012- data
Hash 99418294aa0ed6ede99a45f7cb3df87b
a458512f4482514ab3842f38b5dde354eaff0277
c5e589e18fdc917434f8a49bf0612c7237eec61b953d67a7ee320f58a341b813
NIDS Severity Alert suricata medium ET POLICY HTTP Request to .su TLD (Soviet Union) Often Malware Related
GET /_ph/6/1/501339310.jpg HTTP/1.1
Host: rg4u.clan.su
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://rg4u.clan.su/dir/sport/federacii/khanty_mansijskaja_gorodskaja_obshhestvennaja_organizacija_federacija_khudozhestvennoj_gimnastiki/226-1-0-535
Cookie: 6rg4udr=FwJeg31k; 6rg4uuzll=1685947231; ucvid=tlA224S03d
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 05 Jun 2023 06:40:35 GMT
Content-Type: image/jpeg
Content-Length: 8455
Last-Modified: Wed, 03 Dec 2014 19:57:48 GMT
Connection: keep-alive
Keep-Alive: timeout=15
ETag: "547f6b3c-2107"
Expires: Sun, 25 Jun 2023 06:40:35 GMT
Cache-Control: max-age=1728000
X-Frame-Options: SAMEORIGIN
Accept-Ranges: bytes
rg4u.clan.su/_ph/6/1/317813288.jpg
213.174.157.136200 OK 5.6 kB URL GET HTTP/1.1 rg4u.clan.su/_ph/6/1/317813288.jpg
IP 213.174.157.136:80
ASN #39572 DataWeb Global Group B.V.
Requested by http://rg4u.clan.su/dir/sport/federacii/khanty_mansijskaja_gorodskaja_obshhestvennaja_organizacija_federacija_khudozhestvennoj_gimnastiki/226-1-0-535
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 70", baseline, precision 8, 200x150, components 3\012- data
Hash 834997c00007f744abf4122b8762c378
0c84738e65691f87cf35978ac3acb03b7663d3e7
408a6019ea7d0d3ff3ae34878ed85ee3b5522d5a8a6de8cd48d947105cfbfbc4
NIDS Severity Alert suricata medium ET POLICY HTTP Request to .su TLD (Soviet Union) Often Malware Related
GET /_ph/6/1/317813288.jpg HTTP/1.1
Host: rg4u.clan.su
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://rg4u.clan.su/dir/sport/federacii/khanty_mansijskaja_gorodskaja_obshhestvennaja_organizacija_federacija_khudozhestvennoj_gimnastiki/226-1-0-535
Cookie: 6rg4udr=FwJeg31k; 6rg4uuzll=1685947231; ucvid=tlA224S03d
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 05 Jun 2023 06:40:35 GMT
Content-Type: image/jpeg
Content-Length: 5632
Last-Modified: Wed, 03 Dec 2014 19:57:15 GMT
Connection: keep-alive
Keep-Alive: timeout=15
ETag: "547f6b1b-1600"
Expires: Sun, 25 Jun 2023 06:40:35 GMT
Cache-Control: max-age=1728000
X-Frame-Options: SAMEORIGIN
Accept-Ranges: bytes
rg4u.clan.su/_ph/6/1/406762852.jpg
213.174.157.136200 OK 9.6 kB URL GET HTTP/1.1 rg4u.clan.su/_ph/6/1/406762852.jpg
IP 213.174.157.136:80
ASN #39572 DataWeb Global Group B.V.
Requested by http://rg4u.clan.su/dir/sport/federacii/khanty_mansijskaja_gorodskaja_obshhestvennaja_organizacija_federacija_khudozhestvennoj_gimnastiki/226-1-0-535
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 70", baseline, precision 8, 200x150, components 3\012- data
Hash 69e1343550852dda2e961dc97cbb5570
45bfc8439b10ba370c3f0bfc0c9728610410ff9d
573de281e5ec2df957a4cc3eb46f25da4560fc9bf40738fdb036602da7d74e13
NIDS Severity Alert suricata medium ET POLICY HTTP Request to .su TLD (Soviet Union) Often Malware Related
GET /_ph/6/1/406762852.jpg HTTP/1.1
Host: rg4u.clan.su
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://rg4u.clan.su/dir/sport/federacii/khanty_mansijskaja_gorodskaja_obshhestvennaja_organizacija_federacija_khudozhestvennoj_gimnastiki/226-1-0-535
Cookie: 6rg4udr=FwJeg31k; 6rg4uuzll=1685947231; ucvid=tlA224S03d
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 05 Jun 2023 06:40:35 GMT
Content-Type: image/jpeg
Content-Length: 9645
Last-Modified: Wed, 03 Dec 2014 20:00:24 GMT
Connection: keep-alive
Keep-Alive: timeout=15
ETag: "547f6bd8-25ad"
Expires: Sun, 25 Jun 2023 06:40:35 GMT
Cache-Control: max-age=1728000
X-Frame-Options: SAMEORIGIN
Accept-Ranges: bytes
rg4u.clan.su/_ph/6/1/402933384.jpg
213.174.157.136200 OK 7.3 kB URL GET HTTP/1.1 rg4u.clan.su/_ph/6/1/402933384.jpg
IP 213.174.157.136:80
ASN #39572 DataWeb Global Group B.V.
Requested by http://rg4u.clan.su/dir/sport/federacii/khanty_mansijskaja_gorodskaja_obshhestvennaja_organizacija_federacija_khudozhestvennoj_gimnastiki/226-1-0-535
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 70", baseline, precision 8, 200x150, components 3\012- data
Hash 22104394fb3db5a14900dfc9cc44a384
d4bac322bbb9443e23156985227ed3de8d5ed4a9
695855a10a809834d4f1eac52df35c9fe491941a956f3ad90c36d8d883dc62b4
NIDS Severity Alert suricata medium ET POLICY HTTP Request to .su TLD (Soviet Union) Often Malware Related
GET /_ph/6/1/402933384.jpg HTTP/1.1
Host: rg4u.clan.su
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://rg4u.clan.su/dir/sport/federacii/khanty_mansijskaja_gorodskaja_obshhestvennaja_organizacija_federacija_khudozhestvennoj_gimnastiki/226-1-0-535
Cookie: 6rg4udr=FwJeg31k; 6rg4uuzll=1685947231; ucvid=tlA224S03d
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 05 Jun 2023 06:40:35 GMT
Content-Type: image/jpeg
Content-Length: 7319
Last-Modified: Wed, 03 Dec 2014 20:01:29 GMT
Connection: keep-alive
Keep-Alive: timeout=15
ETag: "547f6c19-1c97"
Expires: Sun, 25 Jun 2023 06:40:35 GMT
Cache-Control: max-age=1728000
X-Frame-Options: SAMEORIGIN
Accept-Ranges: bytes
rg4u.clan.su/_ph/6/1/472942385.jpg
213.174.157.136200 OK 8.7 kB URL GET HTTP/1.1 rg4u.clan.su/_ph/6/1/472942385.jpg
IP 213.174.157.136:80
ASN #39572 DataWeb Global Group B.V.
Requested by http://rg4u.clan.su/dir/sport/federacii/khanty_mansijskaja_gorodskaja_obshhestvennaja_organizacija_federacija_khudozhestvennoj_gimnastiki/226-1-0-535
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 70", baseline, precision 8, 200x150, components 3\012- data
Hash 44fadac065335dd89832bee7c00f4eac
067a747c394c1713d2c23cf16efb7d8eaf6c1135
323a09fdb03bee685e725d9dbda011894158eb24d5d2cfb8044dcf555fe778e5
NIDS Severity Alert suricata medium ET POLICY HTTP Request to .su TLD (Soviet Union) Often Malware Related
GET /_ph/6/1/472942385.jpg HTTP/1.1
Host: rg4u.clan.su
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://rg4u.clan.su/dir/sport/federacii/khanty_mansijskaja_gorodskaja_obshhestvennaja_organizacija_federacija_khudozhestvennoj_gimnastiki/226-1-0-535
Cookie: 6rg4udr=FwJeg31k; 6rg4uuzll=1685947231; ucvid=tlA224S03d
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 05 Jun 2023 06:40:35 GMT
Content-Type: image/jpeg
Content-Length: 8664
Last-Modified: Wed, 03 Dec 2014 20:02:00 GMT
Connection: keep-alive
Keep-Alive: timeout=15
ETag: "547f6c38-21d8"
Expires: Sun, 25 Jun 2023 06:40:35 GMT
Cache-Control: max-age=1728000
X-Frame-Options: SAMEORIGIN
Accept-Ranges: bytes
rg4u.clan.su/img/photo.gif
213.174.157.136200 OK 180 B URL GET HTTP/1.1 rg4u.clan.su/img/photo.gif
IP 213.174.157.136:80
ASN #39572 DataWeb Global Group B.V.
Requested by http://rg4u.clan.su/dir/sport/federacii/khanty_mansijskaja_gorodskaja_obshhestvennaja_organizacija_federacija_khudozhestvennoj_gimnastiki/226-1-0-535
File type GIF image data, version 89a, 13 x 12\012- data
Hash 6e08c6c01ee57d6e8f06050092ac3e93
c7644d472c0f1c9f399685a63f9bab8ff6f4d073
6556bb47cc960e83a46f68f1c21390e99d122fae7076101c3fd1af0c4f4aaf45
NIDS Severity Alert suricata medium ET POLICY HTTP Request to .su TLD (Soviet Union) Often Malware Related
GET /img/photo.gif HTTP/1.1
Host: rg4u.clan.su
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://rg4u.clan.su/dir/sport/federacii/khanty_mansijskaja_gorodskaja_obshhestvennaja_organizacija_federacija_khudozhestvennoj_gimnastiki/226-1-0-535
Cookie: 6rg4udr=FwJeg31k; 6rg4uuzll=1685947231; ucvid=tlA224S03d
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 05 Jun 2023 06:40:35 GMT
Content-Type: image/gif
Content-Length: 180
Last-Modified: Fri, 29 Jul 2011 21:16:58 GMT
Connection: keep-alive
Keep-Alive: timeout=15
ETag: "4e33234a-b4"
Expires: Sun, 25 Jun 2023 06:40:35 GMT
Cache-Control: max-age=1728000
X-Frame-Options: SAMEORIGIN
Accept-Ranges: bytes
rg4u.clan.su/logo/youtube90.png
213.174.157.136200 OK 7.6 kB URL GET HTTP/1.1 rg4u.clan.su/logo/youtube90.png
IP 213.174.157.136:80
ASN #39572 DataWeb Global Group B.V.
Requested by http://rg4u.clan.su/dir/sport/federacii/khanty_mansijskaja_gorodskaja_obshhestvennaja_organizacija_federacija_khudozhestvennoj_gimnastiki/226-1-0-535
File type PNG image data, 90 x 41, 8-bit/color RGBA, non-interlaced\012- data
Hash aea6c8884dbadcdd1018e0ce1866fad7
b574341ff5b37c9eefe9c73f7bfa53b454ba4a48
c8a29271ce0862868b0f099ec2c47da116102112eae4f82b55a860c96c3eb279
NIDS Severity Alert suricata medium ET POLICY HTTP Request to .su TLD (Soviet Union) Often Malware Related
GET /logo/youtube90.png HTTP/1.1
Host: rg4u.clan.su
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://rg4u.clan.su/dir/sport/federacii/khanty_mansijskaja_gorodskaja_obshhestvennaja_organizacija_federacija_khudozhestvennoj_gimnastiki/226-1-0-535
Cookie: 6rg4udr=FwJeg31k; 6rg4uuzll=1685947231; ucvid=tlA224S03d
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 05 Jun 2023 06:40:35 GMT
Content-Type: image/png
Content-Length: 7567
Last-Modified: Thu, 23 Sep 2010 12:21:00 GMT
Connection: keep-alive
Keep-Alive: timeout=15
ETag: "4c9b462c-1d8f"
Expires: Sun, 25 Jun 2023 06:40:35 GMT
Cache-Control: max-age=1728000
X-Frame-Options: SAMEORIGIN
Accept-Ranges: bytes
rg4u.clan.su/img/pda_ico.gif
213.174.157.136200 OK 318 B URL GET HTTP/1.1 rg4u.clan.su/img/pda_ico.gif
IP 213.174.157.136:80
ASN #39572 DataWeb Global Group B.V.
Requested by http://rg4u.clan.su/dir/sport/federacii/khanty_mansijskaja_gorodskaja_obshhestvennaja_organizacija_federacija_khudozhestvennoj_gimnastiki/226-1-0-535
File type GIF image data, version 89a, 14 x 19\012- data
Hash 69d802e827be26806652143e0e689f0d
dff747243f9dc9c5909f74bc13aa0c5c80d1a5db
b2f5db96a416d01f04aff74abbbc909f8aa9a715956cc18b5c4fc73ff923d4a3
NIDS Severity Alert suricata medium ET POLICY HTTP Request to .su TLD (Soviet Union) Often Malware Related
GET /img/pda_ico.gif HTTP/1.1
Host: rg4u.clan.su
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://rg4u.clan.su/dir/sport/federacii/khanty_mansijskaja_gorodskaja_obshhestvennaja_organizacija_federacija_khudozhestvennoj_gimnastiki/226-1-0-535
Cookie: 6rg4udr=FwJeg31k; 6rg4uuzll=1685947231; ucvid=tlA224S03d
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 05 Jun 2023 06:40:35 GMT
Content-Type: image/gif
Content-Length: 318
Last-Modified: Wed, 06 Jul 2011 05:09:53 GMT
Connection: keep-alive
Keep-Alive: timeout=15
ETag: "4e13ee21-13e"
Expires: Sun, 25 Jun 2023 06:40:35 GMT
Cache-Control: max-age=1728000
X-Frame-Options: SAMEORIGIN
Accept-Ranges: bytes
rg4u.clan.su/_nw/77/12957122.jpg?3
213.174.157.136200 OK 509 kB URL GET HTTP/1.1 rg4u.clan.su/_nw/77/12957122.jpg?3
IP 213.174.157.136:80
ASN #39572 DataWeb Global Group B.V.
Requested by http://rg4u.clan.su/dir/sport/federacii/khanty_mansijskaja_gorodskaja_obshhestvennaja_organizacija_federacija_khudozhestvennoj_gimnastiki/226-1-0-535
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=2, datetime=2023:05:23 20:37:16], baseline, precision 8, 1350x500, components 3\012- data
Size 509 kB (508755 bytes)
Hash 0f741b6eec4cac21e223f1532f955fcd
2fddc5edd281e7be16730b6c4fdce2014d9a0725
c559d6a7c37d1a43a64982ff41ae7927fbe7e977a52c7feee24558031ad931f1
NIDS Severity Alert suricata medium ET POLICY HTTP Request to .su TLD (Soviet Union) Often Malware Related
GET /_nw/77/12957122.jpg?3 HTTP/1.1
Host: rg4u.clan.su
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://rg4u.clan.su/dir/sport/federacii/khanty_mansijskaja_gorodskaja_obshhestvennaja_organizacija_federacija_khudozhestvennoj_gimnastiki/226-1-0-535
Cookie: 6rg4udr=FwJeg31k; 6rg4uuzll=1685947231; ucvid=tlA224S03d
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 05 Jun 2023 06:40:34 GMT
Content-Type: image/jpeg
Content-Length: 508755
Last-Modified: Tue, 23 May 2023 17:40:34 GMT
Connection: keep-alive
Keep-Alive: timeout=15
ETag: "646cfa92-7c353"
Expires: Sun, 25 Jun 2023 06:40:34 GMT
Cache-Control: max-age=1728000
X-Frame-Options: SAMEORIGIN
Accept-Ranges: bytes
rg4u.clan.su/.s/img/icon/profile.png
213.174.157.136200 OK 676 B URL GET HTTP/1.1 rg4u.clan.su/.s/img/icon/profile.png
IP 213.174.157.136:80
ASN #39572 DataWeb Global Group B.V.
Requested by http://rg4u.clan.su/mchat/
File type PNG image data, 13 x 13, 8-bit/color RGBA, non-interlaced\012- data
Hash f063cf2f9ab83f2ca68327c0927a7b7a
e84b2105d2b47127d5cf8366a5606639f27684cd
f5d62b58ed22f77bea1a87ce4e204e2b213459746f74ee5e0be91f22851420cf
NIDS Severity Alert suricata medium ET POLICY HTTP Request to .su TLD (Soviet Union) Often Malware Related
GET /.s/img/icon/profile.png HTTP/1.1
Host: rg4u.clan.su
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://rg4u.clan.su/mchat/
Cookie: 6rg4udr=FwJeg31k; 6rg4uuzll=1685947231; ucvid=tlA224S03d
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 05 Jun 2023 06:40:35 GMT
Content-Type: image/png
Content-Length: 676
Last-Modified: Wed, 05 Apr 2023 11:26:31 GMT
Connection: keep-alive
Keep-Alive: timeout=15
ETag: "642d5ae7-2a4"
Expires: Sun, 25 Jun 2023 06:40:35 GMT
Cache-Control: max-age=1728000
X-Frame-Options: SAMEORIGIN
Accept-Ranges: bytes
rg4u.clan.su/stat/1685947231
213.174.157.136200 OK 411 B URL GET HTTP/1.1 rg4u.clan.su/stat/1685947231
IP 213.174.157.136:80
ASN #39572 DataWeb Global Group B.V.
Requested by http://rg4u.clan.su/dir/sport/federacii/khanty_mansijskaja_gorodskaja_obshhestvennaja_organizacija_federacija_khudozhestvennoj_gimnastiki/226-1-0-535
File type GIF image data, version 87a, 31 x 31\012- data
Hash 395298662b886968c0f959f522939fe3
4f3b1b86549110d032d61249df48b40d48501672
7087a01aeec0f2f61ccca6b803f88ae87587de96cf51e1fd37591da935a69f21
NIDS Severity Alert suricata medium ET POLICY HTTP Request to .su TLD (Soviet Union) Often Malware Related
GET /stat/1685947231 HTTP/1.1
Host: rg4u.clan.su
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://rg4u.clan.su/dir/sport/federacii/khanty_mansijskaja_gorodskaja_obshhestvennaja_organizacija_federacija_khudozhestvennoj_gimnastiki/226-1-0-535
Cookie: 6rg4udr=FwJeg31k; 6rg4uuzll=1685947231; ucvid=tlA224S03d
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 05 Jun 2023 06:40:35 GMT
Content-Type: image/gif
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=15
Cache-Control: no-cache, no-store, private
Pragma: no-cache
Expires: Thu, 01 Dec 1994 16:00:00 GMT
rg4u.clan.su/.s/img/ma/uid.gif
213.174.157.136200 OK 400 B URL GET HTTP/1.1 rg4u.clan.su/.s/img/ma/uid.gif
IP 213.174.157.136:80
ASN #39572 DataWeb Global Group B.V.
Requested by http://rg4u.clan.su/dir/sport/federacii/khanty_mansijskaja_gorodskaja_obshhestvennaja_organizacija_federacija_khudozhestvennoj_gimnastiki/226-1-0-535
File type GIF image data, version 89a, 16 x 16\012- data
Hash a032a355cf3f9e3e9c1bd8e54ef068f7
f34ecab3b7a9d57db9e26fe666e55cabac94edaf
369e1fbbd6a79ff1362bc00de6cc4789b6bd2c087d91811128c956ec2be4a9ce
NIDS Severity Alert suricata medium ET POLICY HTTP Request to .su TLD (Soviet Union) Often Malware Related
GET /.s/img/ma/uid.gif HTTP/1.1
Host: rg4u.clan.su
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://rg4u.clan.su/dir/sport/federacii/khanty_mansijskaja_gorodskaja_obshhestvennaja_organizacija_federacija_khudozhestvennoj_gimnastiki/226-1-0-535
Cookie: 6rg4udr=FwJeg31k; 6rg4uuzll=1685947231; ucvid=tlA224S03d
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 05 Jun 2023 06:40:35 GMT
Content-Type: image/gif
Content-Length: 400
Last-Modified: Wed, 05 Apr 2023 11:26:34 GMT
Connection: keep-alive
Keep-Alive: timeout=15
ETag: "642d5aea-190"
Expires: Sun, 25 Jun 2023 06:40:35 GMT
Cache-Control: max-age=1728000
X-Frame-Options: SAMEORIGIN
Accept-Ranges: bytes
translate.googleapis.com/_/translate_http/_/js/k=translate_http.tr.no.Z9dw9iEydtA.O/d=1/exm=el_conf/ed=1/rs=AN8SPfoJ3YppZh9vnjOb_SBu68tCOE-MXQ/m=el_main
142.250.74.74200 OK 76 kB URL GET HTTP/2 translate.googleapis.com/_/translate_http/_/js/k=translate_http.tr.no.Z9dw9iEydtA.O/d=1/exm=el_conf/ed=1/rs=AN8SPfoJ3YppZh9vnjOb_SBu68tCOE-MXQ/m=el_main
IP 142.250.74.74:443
Requested by http://rg4u.clan.su/dir/sport/federacii/khanty_mansijskaja_gorodskaja_obshhestvennaja_organizacija_federacija_khudozhestvennoj_gimnastiki/226-1-0-535
Certificate IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint3F:94:23:08:F7:DB:8B:36:93:90:93:F4:9E:46:A6:6A:93:75:15:C0
ValidityFri, 19 May 2023 12:57:42 GMT - Fri, 11 Aug 2023 12:57:41 GMT
File type ASCII text, with very long lines (1573)
Hash e573f520bd8dcdfb40e91a9e0e66e527
7182f9fdf1d72c2f42cbbfda617cb81e34a44044
366f944dab73002110a6add4e66a3eb915695bc4f1244da14080a4bc248880c6
GET /_/translate_http/_/js/k=translate_http.tr.no.Z9dw9iEydtA.O/d=1/exm=el_conf/ed=1/rs=AN8SPfoJ3YppZh9vnjOb_SBu68tCOE-MXQ/m=el_main HTTP/1.1
Host: translate.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://rg4u.clan.su/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/rosetta
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="rosetta"
report-to: {"group":"rosetta","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/rosetta"}]}
content-length: 76232
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 01 Jun 2023 20:05:12 GMT
expires: Fri, 31 May 2024 20:05:12 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 31 May 2023 15:11:29 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
age: 297325
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
rg4u.clan.su/imgr/premiumsportproducts1350x500v4.jpg?2
213.174.157.136200 OK 300 kB URL GET HTTP/1.1 rg4u.clan.su/imgr/premiumsportproducts1350x500v4.jpg?2
IP 213.174.157.136:80
ASN #39572 DataWeb Global Group B.V.
Requested by http://rg4u.clan.su/dir/sport/federacii/khanty_mansijskaja_gorodskaja_obshhestvennaja_organizacija_federacija_khudozhestvennoj_gimnastiki/226-1-0-535
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=12, height=2084, bps=0, PhotometricIntepretation=RGB, orientation=upper-left, width=5625], baseline, precision 8, 1350x500, components 3\012- data
Size 300 kB (300315 bytes)
Hash 9e8b6b2e60d99f7c863b9fc2dc372f54
60d76214a3a96a43f339756a8dee2f6f9e057729
a068e2a601dbcf3bfdb333dd51965aafee20382df2f1c6dbb5be269666564174
NIDS Severity Alert suricata medium ET POLICY HTTP Request to .su TLD (Soviet Union) Often Malware Related
GET /imgr/premiumsportproducts1350x500v4.jpg?2 HTTP/1.1
Host: rg4u.clan.su
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://rg4u.clan.su/dir/sport/federacii/khanty_mansijskaja_gorodskaja_obshhestvennaja_organizacija_federacija_khudozhestvennoj_gimnastiki/226-1-0-535
Cookie: 6rg4udr=FwJeg31k; 6rg4uuzll=1685947231; ucvid=tlA224S03d
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 05 Jun 2023 06:40:35 GMT
Content-Type: image/jpeg
Content-Length: 300315
Last-Modified: Mon, 05 Jul 2021 04:58:07 GMT
Connection: keep-alive
Keep-Alive: timeout=15
ETag: "60e2915f-4951b"
Expires: Sun, 25 Jun 2023 06:40:35 GMT
Cache-Control: max-age=1728000
X-Frame-Options: SAMEORIGIN
Accept-Ranges: bytes
www.gstatic.com/recaptcha/releases/sNQO7xVld1CuA2hfFHvkpVL-/recaptcha__ru.js
142.250.74.99200 OK 170 kB URL GET HTTP/2 www.gstatic.com/recaptcha/releases/sNQO7xVld1CuA2hfFHvkpVL-/recaptcha__ru.js
IP 142.250.74.99:443
Requested by http://rg4u.clan.su/dir/sport/federacii/khanty_mansijskaja_gorodskaja_obshhestvennaja_organizacija_federacija_khudozhestvennoj_gimnastiki/226-1-0-535
Certificate IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintC8:5A:9A:D9:6A:F5:00:15:5B:5D:99:FE:FE:CA:1D:7C:19:4D:F8:D5
ValidityFri, 19 May 2023 12:57:42 GMT - Fri, 11 Aug 2023 12:57:41 GMT
File type HTML document, ASCII text, with very long lines (774)
Size 170 kB (170178 bytes)
Hash d028845a362dc2cb7fad8d68a9142dcc
000fde98ae903846b92a26d0aba039a5a0e762ea
904ab970c395108963b62f3f0cee4bd33915145da744d8129b0d581062442cf6
GET /recaptcha/releases/sNQO7xVld1CuA2hfFHvkpVL-/recaptcha__ru.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://rg4u.clan.su
DNT: 1
Connection: keep-alive
Referer: http://rg4u.clan.su/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 170178
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 03 Jun 2023 19:33:20 GMT
expires: Sun, 02 Jun 2024 19:33:20 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 30 May 2023 00:01:16 GMT
content-type: text/javascript
vary: Accept-Encoding
age: 126437
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
rg4u.clan.su/favicon.ico
213.174.157.136200 OK 45 kB IP 213.174.157.136:80
ASN #39572 DataWeb Global Group B.V.
Requested by http://rg4u.clan.su/dir/sport/federacii/khanty_mansijskaja_gorodskaja_obshhestvennaja_organizacija_federacija_khudozhestvennoj_gimnastiki/226-1-0-535
File type MS Windows icon resource - 1 icon, 120x120, 24 bits/pixel\012- data
Hash 23e406a0db4c15742ab4e185b177675a
73ff219a0dd3c02afdb158edcfb311e951220963
d2291dd44ae105e875c60f300609306571e8d13dc2a0d8fd08dd67b066b429e9
NIDS Severity Alert suricata medium ET POLICY HTTP Request to .su TLD (Soviet Union) Often Malware Related
suricata medium ET POLICY HTTP Request to .su TLD (Soviet Union) Often Malware Related
GET /favicon.ico HTTP/1.1
Host: rg4u.clan.su
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://rg4u.clan.su/dir/sport/federacii/khanty_mansijskaja_gorodskaja_obshhestvennaja_organizacija_federacija_khudozhestvennoj_gimnastiki/226-1-0-535
Cookie: 6rg4udr=FwJeg31k; 6rg4uuzll=1685947231; ucvid=tlA224S03d
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 05 Jun 2023 06:40:36 GMT
Content-Type: image/x-icon
Content-Length: 45182
Last-Modified: Tue, 15 Sep 2020 10:46:23 GMT
Connection: keep-alive
Keep-Alive: timeout=15
ETag: "5f609b7f-b07e"
X-Frame-Options: SAMEORIGIN
Accept-Ranges: bytes
rg4u.clan.su/_nw/52/98105246.jpg
213.174.157.136200 OK 265 kB URL GET HTTP/1.1 rg4u.clan.su/_nw/52/98105246.jpg
IP 213.174.157.136:80
ASN #39572 DataWeb Global Group B.V.
Requested by http://rg4u.clan.su/dir/sport/federacii/khanty_mansijskaja_gorodskaja_obshhestvennaja_organizacija_federacija_khudozhestvennoj_gimnastiki/226-1-0-535
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=15, height=1268, bps=0, PhotometricIntepretation=CMYK, orientation=upper-left, width=3426], baseline, precision 8, 1350x500, components 3\012- data
Size 265 kB (264730 bytes)
Hash 1c8d92e2efd9fdbe1990a3e513d9c166
19a248cf5db5724d29ae72698f9d747099fb0552
7dbdd69ddb1dda5b42e659996b3658cc03746535bcb51312c06bd03dfd000a58
NIDS Severity Alert suricata medium ET POLICY HTTP Request to .su TLD (Soviet Union) Often Malware Related
GET /_nw/52/98105246.jpg HTTP/1.1
Host: rg4u.clan.su
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://rg4u.clan.su/dir/sport/federacii/khanty_mansijskaja_gorodskaja_obshhestvennaja_organizacija_federacija_khudozhestvennoj_gimnastiki/226-1-0-535
Cookie: 6rg4udr=FwJeg31k; 6rg4uuzll=1685947231; ucvid=tlA224S03d
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 05 Jun 2023 06:40:35 GMT
Content-Type: image/jpeg
Content-Length: 264730
Last-Modified: Fri, 18 Sep 2020 19:21:37 GMT
Connection: keep-alive
Keep-Alive: timeout=15
ETag: "5f6508c1-40a1a"
Expires: Sun, 25 Jun 2023 06:40:35 GMT
Cache-Control: max-age=1728000
X-Frame-Options: SAMEORIGIN
Accept-Ranges: bytes
www.gstatic.com/images/branding/product/2x/translate_24dp.png
142.250.74.99200 OK 1.8 kB URL GET HTTP/3 www.gstatic.com/images/branding/product/2x/translate_24dp.png
IP 142.250.74.99:443
Requested by http://rg4u.clan.su/dir/sport/federacii/khanty_mansijskaja_gorodskaja_obshhestvennaja_organizacija_federacija_khudozhestvennoj_gimnastiki/226-1-0-535
Certificate IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintC8:5A:9A:D9:6A:F5:00:15:5B:5D:99:FE:FE:CA:1D:7C:19:4D:F8:D5
ValidityFri, 19 May 2023 12:57:42 GMT - Fri, 11 Aug 2023 12:57:41 GMT
File type PNG image data, 48 x 48, 8-bit/color RGBA, non-interlaced\012- data
Hash c69c796362406f9e11c7f4bf5bb628da
e489ce95ab56208090868882113d7416abf46775
4dac0026fbfa2615dce30c0af12830863fe885f84387a0147b9e338f548d5d82
GET /images/branding/product/2x/translate_24dp.png HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.gstatic.com/_/translate_http/_/ss/k=translate_http.tr.vneFu3d_4ck.L.F4.O/d=0/rs=AN8SPfrNa1b9K5rCmaIpu9SqE3A5sBDBfg/m=el_main_css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-length: 1842
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 02 Jun 2023 12:19:08 GMT
expires: Sat, 01 Jun 2024 12:19:08 GMT
cache-control: public, max-age=31536000
last-modified: Thu, 14 Oct 2021 09:08:00 GMT
content-type: image/png
vary: Origin
age: 238889
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
www.google.com/images/cleardot.gif
142.250.74.132200 OK 43 B URL GET HTTP/3 www.google.com/images/cleardot.gif
IP 142.250.74.132:443
Requested by http://rg4u.clan.su/dir/sport/federacii/khanty_mansijskaja_gorodskaja_obshhestvennaja_organizacija_federacija_khudozhestvennoj_gimnastiki/226-1-0-535
Certificate IssuerGoogle Trust Services LLC
Subject*.google.com
Fingerprint55:5E:E6:33:AF:71:86:C2:88:4A:36:5F:68:1D:97:9D:9B:9D:2A:1D
ValidityFri, 19 May 2023 12:53:06 GMT - Fri, 11 Aug 2023 12:53:05 GMT
File type GIF image data, version 89a, 1 x 1\012- data
Hash fc94fb0c3ed8a8f909dbc7630a0987ff
56d45f8a17f5078a20af9962c992ca4678450765
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
GET /images/cleardot.gif HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://rg4u.clan.su/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
content-type: image/gif
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-length: 43
date: Mon, 05 Jun 2023 06:40:37 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Tue, 22 Oct 2019 18:30:00 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
fonts.gstatic.com/s/i/productlogos/translate/v14/24px.svg
216.58.207.227200 OK 3.3 kB URL GET HTTP/2 fonts.gstatic.com/s/i/productlogos/translate/v14/24px.svg
IP 216.58.207.227:443
Requested by http://rg4u.clan.su/dir/sport/federacii/khanty_mansijskaja_gorodskaja_obshhestvennaja_organizacija_federacija_khudozhestvennoj_gimnastiki/226-1-0-535
Certificate IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintC8:5A:9A:D9:6A:F5:00:15:5B:5D:99:FE:FE:CA:1D:7C:19:4D:F8:D5
ValidityFri, 19 May 2023 12:57:42 GMT - Fri, 11 Aug 2023 12:57:41 GMT
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (6225), with no line terminators
Hash 2bd5c073a88b83ed74db88282a56ddfb
d0ebfc376f8c6a44a8d4cd216817dcd7d0c33650
ab5c23a05e39deed14d9d8262b0dce9f024f86105a27196cad37d14a3f516e09
GET /s/i/productlogos/translate/v14/24px.svg HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://rg4u.clan.su/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-length: 3340
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 03 Jun 2023 08:05:11 GMT
expires: Sun, 02 Jun 2024 08:05:11 GMT
cache-control: public, max-age=31536000
age: 167726
last-modified: Wed, 20 Apr 2022 14:24:23 GMT
content-type: image/svg+xml
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
translate.googleapis.com/translate_static/img/te_ctrl3.gif
142.250.74.74200 OK 1.4 kB URL GET HTTP/3 translate.googleapis.com/translate_static/img/te_ctrl3.gif
IP 142.250.74.74:443
Requested by http://rg4u.clan.su/dir/sport/federacii/khanty_mansijskaja_gorodskaja_obshhestvennaja_organizacija_federacija_khudozhestvennoj_gimnastiki/226-1-0-535
Certificate IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint3F:94:23:08:F7:DB:8B:36:93:90:93:F4:9E:46:A6:6A:93:75:15:C0
ValidityFri, 19 May 2023 12:57:42 GMT - Fri, 11 Aug 2023 12:57:41 GMT
File type GIF image data, version 89a, 84 x 19\012- data
Hash 9afe50090c0bc612953d081295eab5b1
71a4da2a622879c29176ecfa5afe1bbe3e8cfa40
d228d0256370863119c043f1e5ca8f3930f6999bd9f250434b6d8935f45dc171
GET /translate_static/img/te_ctrl3.gif HTTP/1.1
Host: translate.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://rg4u.clan.su/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-length: 1412
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 31 May 2023 02:04:29 GMT
expires: Thu, 30 May 2024 02:04:29 GMT
cache-control: public, max-age=31536000
age: 448568
last-modified: Thu, 03 Oct 2019 10:15:00 GMT
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
translate-pa.googleapis.com/v1/supportedLanguages?client=te&display_language=no&key=AIzaSyBWDj0QJvVIx8XOhRegXX5_SrRWxhT5Hs4&callback=callback
142.250.74.74 1.4 kB URL translate-pa.googleapis.com/v1/supportedLanguages?client=te&display_language=no&key=AIzaSyBWDj0QJvVIx8XOhRegXX5_SrRWxhT5Hs4&callback=callback
IP 142.250.74.74:0
Hash a3eefe14b1b4698460d992bd1673a26b
a2fca6ebb00b8bdcca3eda88654d02d2c165b9c4
87514750a90cd70dd22c8673cfa80d804ef55840bd0755950af2118d8d218067
GET /v1/supportedLanguages?client=te&display_language=no&key=AIzaSyBWDj0QJvVIx8XOhRegXX5_SrRWxhT5Hs4&callback=callback HTTP/1.1
Host: translate-pa.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://rg4u.clan.su/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
cross-origin-resource-policy: cross-origin
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
content-type: text/javascript; charset=UTF-8
vary: Origin, X-Origin, Referer
content-encoding: gzip
date: Mon, 05 Jun 2023 06:40:38 GMT
server: ESF
cache-control: private
content-length: 1392
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
set-cookie: NID=511=hr4YALS4TmMty7DFtjsipAnogPfejMp7rJROG7LH3dJRkxi76z_SHZ7v6Ysx4d2iy02bOSktUgv-wT5Mk8cUq42O8Os5mpXyC2dMnDuqKWY3os4uP2T_TnBd6YIa3FkDej516JyvKUIc9ggXbz8IrxjmsEkRVI_t_8Q4orpN-cs; expires=Tue, 05-Dec-2023 06:40:38 GMT; path=/; domain=.translate-pa.googleapis.com; HttpOnly
CONSENT=PENDING+891; expires=Wed, 04-Jun-2025 06:40:38 GMT; path=/; domain=.googleapis.com; Secure
expires: Mon, 05 Jun 2023 06:40:38 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
rg4u.clan.su/.s/img/wd/1/left-right.png
213.174.157.136200 OK 140 B URL GET HTTP/1.1 rg4u.clan.su/.s/img/wd/1/left-right.png
IP 213.174.157.136:80
ASN #39572 DataWeb Global Group B.V.
Requested by http://rg4u.clan.su/dir/sport/federacii/khanty_mansijskaja_gorodskaja_obshhestvennaja_organizacija_federacija_khudozhestvennoj_gimnastiki/226-1-0-535
File type PNG image data, 12 x 1, 8-bit/color RGB, non-interlaced\012- data
Hash 0fcc36f4690bec08ef43bca652074df2
3e5eef3d5d5ad6e2edcab4b38869ff727587d809
cd6a75d53185657e4681d9859353300320241de4000c535ad31cf389547f24a9
NIDS Severity Alert suricata medium ET POLICY HTTP Request to .su TLD (Soviet Union) Often Malware Related
GET /.s/img/wd/1/left-right.png HTTP/1.1
Host: rg4u.clan.su
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://rg4u.clan.su/.s/src/layer1.min.css
Cookie: 6rg4udr=FwJeg31k; 6rg4uuzll=1685947231; ucvid=tlA224S03d; uWdn_rg_10=true
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 05 Jun 2023 06:40:39 GMT
Content-Type: image/png
Content-Length: 140
Last-Modified: Wed, 05 Apr 2023 11:26:42 GMT
Connection: keep-alive
Keep-Alive: timeout=15
ETag: "642d5af2-8c"
Expires: Sun, 25 Jun 2023 06:40:39 GMT
Cache-Control: max-age=1728000
X-Frame-Options: SAMEORIGIN
Accept-Ranges: bytes
rg4u.clan.su/img/tool-sprites.png
213.174.157.136200 OK 1.4 kB URL GET HTTP/1.1 rg4u.clan.su/img/tool-sprites.png
IP 213.174.157.136:80
ASN #39572 DataWeb Global Group B.V.
Requested by http://rg4u.clan.su/dir/sport/federacii/khanty_mansijskaja_gorodskaja_obshhestvennaja_organizacija_federacija_khudozhestvennoj_gimnastiki/226-1-0-535
File type PNG image data, 30 x 60, 8-bit/color RGBA, non-interlaced\012- data
Hash afeb49c2da3e04523183848576adbec6
b7a3f6b7cf8b8a0d60b13631997b70a33b6087c2
cf59c738dd5d14aabd4da5ac248c81c730c3389d1a1fa0890ce71f97294dd72c
NIDS Severity Alert suricata medium ET POLICY HTTP Request to .su TLD (Soviet Union) Often Malware Related
GET /img/tool-sprites.png HTTP/1.1
Host: rg4u.clan.su
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://rg4u.clan.su/_st/my.css
Cookie: 6rg4udr=FwJeg31k; 6rg4uuzll=1685947231; ucvid=tlA224S03d; uWdn_rg_10=true
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 05 Jun 2023 06:40:39 GMT
Content-Type: image/png
Content-Length: 1418
Last-Modified: Sun, 21 Apr 2013 13:11:49 GMT
Connection: keep-alive
Keep-Alive: timeout=15
ETag: "5173e595-58a"
Expires: Sun, 25 Jun 2023 06:40:39 GMT
Cache-Control: max-age=1728000
X-Frame-Options: SAMEORIGIN
Accept-Ranges: bytes
rg4u.clan.su/.s/img/wd/1/spr.gif
213.174.157.136200 OK 43 B URL GET HTTP/1.1 rg4u.clan.su/.s/img/wd/1/spr.gif
IP 213.174.157.136:80
ASN #39572 DataWeb Global Group B.V.
Requested by http://rg4u.clan.su/dir/sport/federacii/khanty_mansijskaja_gorodskaja_obshhestvennaja_organizacija_federacija_khudozhestvennoj_gimnastiki/226-1-0-535
File type GIF image data, version 89a, 1 x 2\012- data
Hash 3de98597539e6dcbfb7c6d2d8a143045
7ca6a7d3a31587e1f3e6abe23c9efd5d4d84c34a
93955e15a5c55cc445bbda5624c1cd245594df5169f577e6c3f4627971cb1ada
NIDS Severity Alert suricata medium ET POLICY HTTP Request to .su TLD (Soviet Union) Often Malware Related
GET /.s/img/wd/1/spr.gif HTTP/1.1
Host: rg4u.clan.su
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://rg4u.clan.su/.s/src/layer1.min.css
Cookie: 6rg4udr=FwJeg31k; 6rg4uuzll=1685947231; ucvid=tlA224S03d; uWdn_rg_10=true
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 05 Jun 2023 06:40:39 GMT
Content-Type: image/gif
Content-Length: 43
Last-Modified: Wed, 05 Apr 2023 11:26:42 GMT
Connection: keep-alive
Keep-Alive: timeout=15
ETag: "642d5af2-2b"
Expires: Sun, 25 Jun 2023 06:40:39 GMT
Cache-Control: max-age=1728000
X-Frame-Options: SAMEORIGIN
Accept-Ranges: bytes
rg4u.clan.su/favicon.ico
213.174.157.136200 OK 45 kB IP 213.174.157.136:80
ASN #39572 DataWeb Global Group B.V.
Requested by http://rg4u.clan.su/dir/sport/federacii/khanty_mansijskaja_gorodskaja_obshhestvennaja_organizacija_federacija_khudozhestvennoj_gimnastiki/226-1-0-535
File type MS Windows icon resource - 1 icon, 120x120, 24 bits/pixel\012- data
Hash 23e406a0db4c15742ab4e185b177675a
73ff219a0dd3c02afdb158edcfb311e951220963
d2291dd44ae105e875c60f300609306571e8d13dc2a0d8fd08dd67b066b429e9
NIDS Severity Alert suricata medium ET POLICY HTTP Request to .su TLD (Soviet Union) Often Malware Related
suricata medium ET POLICY HTTP Request to .su TLD (Soviet Union) Often Malware Related
GET /favicon.ico HTTP/1.1
Host: rg4u.clan.su
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://rg4u.clan.su/dir/sport/federacii/khanty_mansijskaja_gorodskaja_obshhestvennaja_organizacija_federacija_khudozhestvennoj_gimnastiki/226-1-0-535
Cookie: 6rg4udr=FwJeg31k; 6rg4uuzll=1685947231; ucvid=tlA224S03d; uWdn_rg_10=true
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 05 Jun 2023 06:40:39 GMT
Content-Type: image/x-icon
Content-Length: 45182
Last-Modified: Tue, 15 Sep 2020 10:46:23 GMT
Connection: keep-alive
Keep-Alive: timeout=15
ETag: "5f609b7f-b07e"
X-Frame-Options: SAMEORIGIN
Accept-Ranges: bytes
translate.googleapis.com/element/log?format=json&hasfast=true&authuser=0
142.250.74.74 0 B URL translate.googleapis.com/element/log?format=json&hasfast=true&authuser=0
IP 142.250.74.74:0
Certificate IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint3F:94:23:08:F7:DB:8B:36:93:90:93:F4:9E:46:A6:6A:93:75:15:C0
ValidityFri, 19 May 2023 12:57:42 GMT - Fri, 11 Aug 2023 12:57:41 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /element/log?format=json&hasfast=true&authuser=0 HTTP/1.1
Host: translate.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-encoding,content-type,x-goog-authuser
Referer: http://rg4u.clan.su/
Origin: http://rg4u.clan.su
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
access-control-allow-origin: http://rg4u.clan.su
access-control-allow-methods: GET, POST, OPTIONS
access-control-max-age: 86400
access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,content-encoding,content-type,x-goog-authuser,origin
content-type: text/plain; charset=UTF-8
date: Mon, 05 Jun 2023 06:40:47 GMT
server: Playlog
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
set-cookie: CONSENT=PENDING+357; expires=Wed, 04-Jun-2025 06:40:47 GMT; path=/; domain=.googleapis.com; Secure
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Mon, 05 Jun 2023 06:40:47 GMT
cache-control: private
translate.googleapis.com/element/log?format=json&hasfast=true&authuser=0
142.250.74.74 131 B URL translate.googleapis.com/element/log?format=json&hasfast=true&authuser=0
IP 142.250.74.74:0
Certificate IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint3F:94:23:08:F7:DB:8B:36:93:90:93:F4:9E:46:A6:6A:93:75:15:C0
ValidityFri, 19 May 2023 12:57:42 GMT - Fri, 11 Aug 2023 12:57:41 GMT
File type JSON data\012- , ASCII text, with no line terminators
Hash ca0b7e866005f6774d284b9f438ebfd2
53644f5ee3640189bdb223473ba6a2d46606c556
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
POST /element/log?format=json&hasfast=true&authuser=0 HTTP/1.1
Host: translate.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Goog-AuthUser: 0
Content-Encoding: gzip
Content-Type: application/binary
Content-Length: 196
Origin: http://rg4u.clan.su
DNT: 1
Connection: keep-alive
Referer: http://rg4u.clan.su/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
access-control-allow-origin: http://rg4u.clan.su
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web
content-type: text/plain; charset=UTF-8
content-encoding: gzip
date: Mon, 05 Jun 2023 06:40:47 GMT
server: Playlog
cache-control: private
content-length: 131
x-xss-protection: 0
x-frame-options: SAMEORIGIN
set-cookie: CONSENT=PENDING+378; expires=Wed, 04-Jun-2025 06:40:47 GMT; path=/; domain=.googleapis.com; Secure
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Mon, 05 Jun 2023 06:40:47 GMT
rg4u.clan.su/mchat/
213.174.157.136200 OK 1.0 kB IP 213.174.157.136:80
ASN #39572 DataWeb Global Group B.V.
Requested by http://rg4u.clan.su/dir/sport/federacii/khanty_mansijskaja_gorodskaja_obshhestvennaja_organizacija_federacija_khudozhestvennoj_gimnastiki/226-1-0-535
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (549)
Hash 5216acc9b23c7365b698eff98671bda7
022d75f7bd71b14b71cfe46e81b5ae80b561e9d8
0afd491727b7178107ac7ca328ed7340b5d4f614ec5076e460bb25259222c5ff
NIDS Severity Alert suricata medium ET POLICY HTTP Request to .su TLD (Soviet Union) Often Malware Related
suricata medium ET POLICY HTTP Request to .su TLD (Soviet Union) Often Malware Related
GET /mchat/ HTTP/1.1
Host: rg4u.clan.su
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 05 Jun 2023 06:40:47 GMT
Content-Type: text/html; charset=UTF-8
Last-Modified: Mon, 05 Jun 2023 06:36:11 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=15
ETag: W/"647d825b-ad4"
Cache-Control: no-cache
Pragma: no-cache
Content-Encoding: gzip