Report - farmfit.ru/arewaph/Panel/PvqDq929BSx_A_D_M1n

Report Overview

Submitted URL
farmfit.ru/arewaph/Panel/PvqDq929BSx_A_D_M1n_a.php
IP
31.31.205.163
ASN
#197695 Domain names registrar REG.RU, Ltd
Submitted
2024-04-17 03:07:04
Access
public
Website Title
farmfit.ru - домен продается
Final URL
farmfit.ru/
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
50

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
farmfit.ru	unknown	2023-11-06	2019-03-19	2024-03-22	9.3 kB	136 kB	31.31.205.163
fonts.googleapis.com	8877	2005-01-25	2013-06-10	2024-04-16	857 B	4.8 kB	142.250.74.106
fonts.gstatic.com	unknown	2008-02-11	2014-09-09	2024-04-16	4.6 kB	171 kB	216.58.207.227

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2024-04-17	medium	farmfit.ru	Sinkholed
2024-04-17	medium	farmfit.ru	Sinkholed
2024-04-17	medium	farmfit.ru	Sinkholed
2024-04-17	medium	farmfit.ru	Sinkholed
2024-04-17	medium	farmfit.ru	Sinkholed
2024-04-17	medium	farmfit.ru	Sinkholed
2024-04-17	medium	farmfit.ru	Sinkholed
2024-04-17	medium	farmfit.ru	Sinkholed
2024-04-17	medium	farmfit.ru	Sinkholed
2024-04-17	medium	farmfit.ru	Sinkholed
2024-04-17	medium	farmfit.ru	Sinkholed
2024-04-17	medium	farmfit.ru	Sinkholed
2024-04-17	medium	farmfit.ru	Sinkholed
2024-04-17	medium	farmfit.ru	Sinkholed
2024-04-17	medium	farmfit.ru	Sinkholed
2024-04-17	medium	farmfit.ru	Sinkholed
2024-04-17	medium	farmfit.ru	Sinkholed
2024-04-17	medium	farmfit.ru	Sinkholed
2024-04-17	medium	farmfit.ru	Sinkholed
2024-04-17	medium	farmfit.ru	Sinkholed
2024-04-17	medium	farmfit.ru	Sinkholed
2024-04-17	medium	farmfit.ru	Sinkholed
2024-04-17	medium	farmfit.ru	Sinkholed
2024-04-17	medium	farmfit.ru	Sinkholed
2024-04-17	medium	farmfit.ru	Sinkholed

ThreatFox

No alerts detected

JavaScript (13)

	URL	Size	First Seen	Last Seen
	farmfit.ru/	248 B	2023-05-12	2024-04-30
Pretty URL farmfit.ru/ IP 31.31.205.163 ASN #197695 Domain names registrar REG.RU, Ltd Introduced by scriptElement Embedded in HTML true Observations First Seen2023-05-12 07:05:23 Last Seen2024-04-30 03:49:33 Times Seen33 Hash 00569bc0059a7467854f01d291b6eb38 727575c33c59d78dbbb3aab22db92a05d3147335 8c20c33ceb7ce23ace816c6fd90f53a88b0a6d769ea4fdc86ef6d53ac8b06f3a Loading...

	farmfit.ru/06-18/js/numInputValidate.js	397 B	2023-03-09	2024-04-30
Pretty URL farmfit.ru/06-18/js/numInputValidate.js IP 31.31.205.163 ASN #197695 Domain names registrar REG.RU, Ltd Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-09 01:54:56 Last Seen2024-04-30 03:49:33 Times Seen164 Hash acca9a09466fe21826fd7c4c958ac8a4 6e44fc9711273dac0ad2bf0e7543bcfdb4bf0dd4 9f3b81d60bee310fd585fb9e9184d8da64eb0608d0f2b12f13b54b1c008a7a2d Loading...

	farmfit.ru/06-18/js/pnotify.js	55 kB	2023-03-09	2024-04-30
Pretty URL farmfit.ru/06-18/js/pnotify.js IP 31.31.205.163 ASN #197695 Domain names registrar REG.RU, Ltd Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-09 01:54:56 Last Seen2024-04-30 03:49:33 Times Seen166 Hash 957aa06c5dc817cb9d445a59c72b4e82 60c5de4ad1d62bc8d7d5c70de6c82b98fa17f716 8d12e5f892436d4b85a7835d77938ccd90ed2ce294ad1d4b758978ae19752567 Loading...

	farmfit.ru/06-18/js/callback/check.php?	0 B	2023-03-07	2024-04-30
Pretty URL farmfit.ru/06-18/js/callback/check.php? IP 31.31.205.163 ASN #197695 Domain names registrar REG.RU, Ltd Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:01:59 Last Seen2024-04-30 04:34:08 Times Seen37204857 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	farmfit.ru/	3.0 kB	2023-03-09	2024-04-30
Pretty URL farmfit.ru/ IP 31.31.205.163 ASN #197695 Domain names registrar REG.RU, Ltd Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-09 01:54:56 Last Seen2024-04-30 03:49:33 Times Seen39 Hash cb89c036512aece1c66b34d498e5d00d 9cf1925029bea81f51c73fdf50656c4cd24dae2f a6160e937b0767b6338f1ffd4408b413f1d14cd7bec588e4dfc8ebfdd3e7805c Loading...

	farmfit.ru/06-18/js/vnd/bootstrap.min.js	37 kB	2023-03-07	2024-04-30
Pretty URL farmfit.ru/06-18/js/vnd/bootstrap.min.js IP 31.31.205.163 ASN #197695 Domain names registrar REG.RU, Ltd Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:25 Last Seen2024-04-30 03:49:33 Times Seen34480 Hash c5b5b2fa19bd66ff23211d9f844e0131 791aa054a026bddc0de92bad6cf7a1c6e73713d5 2979f9a6e32fc42c3e7406339ee9fe76b31d1b52059776a02b4a7fa6a4fd280a Loading...

	farmfit.ru/06-18/js/statistics.js?4	847 B	2023-03-09	2024-04-30
Pretty URL farmfit.ru/06-18/js/statistics.js?4 IP 31.31.205.163 ASN #197695 Domain names registrar REG.RU, Ltd Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-09 01:54:56 Last Seen2024-04-30 03:49:33 Times Seen163 Hash 53a8fd8c5fafeb85d75988d7ceafbee7 e4e2ff96b16b6bbccdf76fbe4895a11b1f8cb81e e2ec9adf9320806d868c0f8d3351df18a3a4605d892646e88387370f053b0247 Loading...

	farmfit.ru/06-18/js/langVars.js	463 B	2023-03-09	2024-04-30
Pretty URL farmfit.ru/06-18/js/langVars.js IP 31.31.205.163 ASN #197695 Domain names registrar REG.RU, Ltd Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-09 01:54:56 Last Seen2024-04-30 03:49:33 Times Seen164 Hash a8ef6f8ba742d421a30a9b29b79ac8c9 1faa5efc3da5f7a3bff8784e441ab2793c69f888 7b07f74216c6c2209fddbe239be9545de1773041adbfb26ccf5985cd46212216 Loading...

	farmfit.ru/	361 B	2023-12-06	2024-04-30
Pretty URL farmfit.ru/ IP 31.31.205.163 ASN #197695 Domain names registrar REG.RU, Ltd Introduced by scriptElement Embedded in HTML true Observations First Seen2023-12-06 01:34:04 Last Seen2024-04-30 03:49:33 Times Seen7 Hash f84f99f4d244207afdb507e27437e740 2cfc7d56983d5dd0ac5f5dc50f57bbddbc7f8f9b 5643355fd61326de57ca1bff8efbbe49a28b593cb96cd69affc6bf88688d5811 Loading...

	farmfit.ru/06-18/js/callback/user.php?key=937aa9c0b2013aae74669af9e8ab2acc	229 B	2024-04-15	2024-04-30
Pretty URL farmfit.ru/06-18/js/callback/user.php?key=937aa9c0b2013aae74669af9e8ab2acc IP 31.31.205.163 ASN #197695 Domain names registrar REG.RU, Ltd Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-15 22:21:15 Last Seen2024-04-30 03:49:33 Times Seen8 Hash c1e5bd6cf3f59319eb92f288e4490cc0 3b38522d189563cd16d4001994bf77845dabd09e eb0ce4848a46c04bf77b142cdd61ec27a90e05b54e3c53f119bbeda103586d72 Loading...

	farmfit.ru/06-18/js/vnd/jquery.min.js	93 kB	2023-03-07	2024-04-30
Pretty URL farmfit.ru/06-18/js/vnd/jquery.min.js IP 31.31.205.163 ASN #197695 Domain names registrar REG.RU, Ltd Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:01 Last Seen2024-04-30 03:49:33 Times Seen16836 Hash e0e0559014b222245deb26b6ae8bd940 e2f3603e23711f6446f278a411d905623d65201e 89a15e9c40bc6b14809f236ee8cd3ed1ea42393c1f6ca55c7855cd779b3f922e Loading...

	farmfit.ru/	1.1 kB	2023-12-06	2024-04-30
Pretty URL farmfit.ru/ IP 31.31.205.163 ASN #197695 Domain names registrar REG.RU, Ltd Introduced by scriptElement Embedded in HTML true Observations First Seen2023-12-06 01:34:04 Last Seen2024-04-30 03:49:33 Times Seen7 Hash 75fbbcb7197b730b7fcf3b6097059afd 9915656e31185f1e440d0413bea1f1a82e01f6ab 1f9dca4a838827b3f469522507021abcfb451d3a5eccf6b70b0891f9e8ecac8b Loading...

	farmfit.ru/	486 B	2024-01-26	2024-04-30
Pretty URL farmfit.ru/ IP 31.31.205.163 ASN #197695 Domain names registrar REG.RU, Ltd Introduced by scriptElement Embedded in HTML true Observations First Seen2024-01-26 04:53:30 Last Seen2024-04-30 03:49:33 Times Seen10 Hash 7fea55959b2e7bbbc9bfd84969eea4a5 5b283edba09405f660b8e9364d746748fb61a5a7 1cd430ba8865a145c645b5ebefec8570819b056bc5f1e640155b34861871c261 Loading...

HTTP Transactions (36)

URL IP Response Size

farmfit.ru/arewaph/Panel/PvqDq929BSx_A_D_M1n_a.php

31.31.205.163

1.5 kB

URL
farmfit.ru/arewaph/Panel/PvqDq929BSx_A_D_M1n_a.php
IP
31.31.205.163:0
ASN
#197695 Domain names registrar REG.RU, Ltd

File type
HTML document, ASCII text
Size
1.5 kB (1468 bytes)
Hash
31ea07ece6797183a76efee6e3332890
a4e38be7f448bb104b69f65de0103f816b95bd1a
becef1e47dc3d1400b27483810e02dd61ed20691f408a44062e753f203ff6003

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /arewaph/Panel/PvqDq929BSx_A_D_M1n_a.php HTTP/1.1
Host: farmfit.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 404 Not Found
Content-Type: text/html
Content-Length: 1468
Date: Wed, 17 Apr 2024 03:06:38 GMT
Server: lighttpd/1.4.45

farmfit.ru/js/check.php?url=

31.31.205.163

0 B

URL
farmfit.ru/js/check.php?url=
IP
31.31.205.163:0
ASN
#197695 Domain names registrar REG.RU, Ltd

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /js/check.php?url= HTTP/1.1
Host: farmfit.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://farmfit.ru/arewaph/Panel/PvqDq929BSx_A_D_M1n_a.php
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Expires: Tue, 11 Jun 1985 05:00:00 GMT
Last-Modified: Wed, 17 Apr 2024 03:06:38 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Content-type: text/javascript;charset=UTF-8
Content-Length: 0
Date: Wed, 17 Apr 2024 03:06:38 GMT
Server: lighttpd/1.4.45

farmfit.ru/favicon.ico

31.31.205.163

1.2 kB

URL
farmfit.ru/favicon.ico
IP
31.31.205.163:0
ASN
#197695 Domain names registrar REG.RU, Ltd

File type
MS Windows icon resource - 1 icon, 16x16, 32 bits/pixel
Size
1.2 kB (1150 bytes)
Hash
b5d84a27335eab79eb47a4a3612778a9
b03112211a61784537820bd2498cca66f82483d6
dbf94094c3c1c1c197e8e418df2268c34387e92e931b14c1f7f9c0b3f6ffb998

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: farmfit.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://farmfit.ru/arewaph/Panel/PvqDq929BSx_A_D_M1n_a.php
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: image/vnd.microsoft.icon
Accept-Ranges: bytes
ETag: "1635383114"
Last-Modified: Tue, 09 Apr 2024 09:27:57 GMT
Expires: Sat, 12 Apr 2025 03:06:38 GMT
Cache-Control: max-age=31104000
Content-Length: 1150
Date: Wed, 17 Apr 2024 03:06:38 GMT
Server: lighttpd/1.4.45

farmfit.ru/

31.31.205.163

22 kB

URL User Request GET
farmfit.ru/
IP
31.31.205.163:0
ASN
#197695 Domain names registrar REG.RU, Ltd

File type
HTML document, Unicode text, UTF-8 text, with very long lines (348)
Size
22 kB (22227 bytes)
Hash
575031dd91c9b087e6c9d5f6ca32a788
12abebd20a3a19359d000a23dfa5b491e3793e7c
92358ba3b0fbcba8841b1f601b41a0b4a4f631268599effb48a0e133480c0926

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET / HTTP/1.1
Host: farmfit.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://farmfit.ru/arewaph/Panel/PvqDq929BSx_A_D_M1n_a.php
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Set-Cookie: tplVer=06-18
Expires: Tue, 11 Jun 1985 05:00:00 GMT
Last-Modified: Wed, 17 Apr 2024 03:06:40 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Content-type: text/html; charset=UTF-8
Content-Length: 22227
Date: Wed, 17 Apr 2024 03:06:40 GMT
Server: lighttpd/1.4.45

farmfit.ru/06-18/css/148/normalize.css

31.31.205.163

200 OK

2.2 kB

URL GET HTTP/1.1
farmfit.ru/06-18/css/148/normalize.css
IP
31.31.205.163:80
ASN
#197695 Domain names registrar REG.RU, Ltd

Requested by
http://farmfit.ru/

File type
ASCII text
Size
2.2 kB (2152 bytes)
Hash
8c6eee6b2107ef25dc486020ced13898
ebe0759bf259b6caeadee6137973481046ac5636
b31ceb90e3eec258e254659bc5588f275e197b05cb2471490e7d1bbfee61b036

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /06-18/css/148/normalize.css HTTP/1.1
Host: farmfit.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://farmfit.ru/
Cookie: tplVer=06-18
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Vary: Accept-Encoding
Content-Encoding: gzip
Last-Modified: Tue, 09 Apr 2024 09:27:58 GMT
ETag: "3554730396"
Content-Type: text/css
Accept-Ranges: bytes
Expires: Sat, 12 Apr 2025 03:06:40 GMT
Cache-Control: max-age=31104000
Content-Length: 2152
Date: Wed, 17 Apr 2024 03:06:40 GMT
Server: lighttpd/1.4.45

farmfit.ru/06-18/js/langVars.js

31.31.205.163

200 OK

264 B

URL GET HTTP/1.1
farmfit.ru/06-18/js/langVars.js
IP
31.31.205.163:80
ASN
#197695 Domain names registrar REG.RU, Ltd

Requested by
http://farmfit.ru/

File type
JavaScript source, ASCII text
Size
264 B (264 bytes)
Hash
a8ef6f8ba742d421a30a9b29b79ac8c9
1faa5efc3da5f7a3bff8784e441ab2793c69f888
7b07f74216c6c2209fddbe239be9545de1773041adbfb26ccf5985cd46212216

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /06-18/js/langVars.js HTTP/1.1
Host: farmfit.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://farmfit.ru/
Cookie: tplVer=06-18
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Vary: Accept-Encoding
Content-Encoding: gzip
Last-Modified: Tue, 09 Apr 2024 09:27:58 GMT
ETag: "3563321849"
Content-Type: application/javascript
Accept-Ranges: bytes
Expires: Sat, 12 Apr 2025 03:06:40 GMT
Cache-Control: max-age=31104000
Content-Length: 264
Date: Wed, 17 Apr 2024 03:06:40 GMT
Server: lighttpd/1.4.45

fonts.googleapis.com/css?family=Open+Sans:400,300italic,800italic,800,700italic,700,600italic,600,400italic,300

142.250.74.106

200 OK

2.3 kB

URL GET HTTP/1.1
fonts.googleapis.com/css?family=Open+Sans:400,300italic,800italic,800,700italic,700,600italic,600,400italic,300
IP
142.250.74.106:80
ASN
#15169 GOOGLE

Requested by
http://farmfit.ru/

File type
ASCII text, with very long lines (1572)
Size
2.3 kB (2254 bytes)
Hash
175ec1a2a700f7f89f8239be9a511290
1aad0ecdfcb3b9f5525e4232fad274d2ee4d0797
d6abeeec8987657db6240c3f23d932481ea04f606a923d19e45cbc91b4569599

HTTP Headers

GET /css?family=Open+Sans:400,300italic,800italic,800,700italic,700,600italic,600,400italic,300 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://farmfit.ru/
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: text/css; charset=utf-8
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Link: <http://fonts.gstatic.com>; rel=preconnect; crossorigin
Expires: Wed, 17 Apr 2024 03:06:40 GMT
Date: Wed, 17 Apr 2024 03:06:40 GMT
Cache-Control: private, max-age=86400
Cross-Origin-Opener-Policy: same-origin-allow-popups
Cross-Origin-Resource-Policy: cross-origin
Content-Encoding: gzip
Transfer-Encoding: chunked
Server: ESF
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff

farmfit.ru/06-18/js/numInputValidate.js

31.31.205.163

200 OK

240 B

URL GET HTTP/1.1
farmfit.ru/06-18/js/numInputValidate.js
IP
31.31.205.163:80
ASN
#197695 Domain names registrar REG.RU, Ltd

Requested by
http://farmfit.ru/

File type
JavaScript source, ASCII text
Size
240 B (240 bytes)
Hash
acca9a09466fe21826fd7c4c958ac8a4
6e44fc9711273dac0ad2bf0e7543bcfdb4bf0dd4
9f3b81d60bee310fd585fb9e9184d8da64eb0608d0f2b12f13b54b1c008a7a2d

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /06-18/js/numInputValidate.js HTTP/1.1
Host: farmfit.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://farmfit.ru/
Cookie: tplVer=06-18
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Vary: Accept-Encoding
Content-Encoding: gzip
Last-Modified: Tue, 09 Apr 2024 09:27:58 GMT
ETag: "3381126633"
Content-Type: application/javascript
Accept-Ranges: bytes
Expires: Sat, 12 Apr 2025 03:06:40 GMT
Cache-Control: max-age=31104000
Content-Length: 240
Date: Wed, 17 Apr 2024 03:06:40 GMT
Server: lighttpd/1.4.45

farmfit.ru/06-18/js/vnd/bootstrap.min.js

31.31.205.163

200 OK

9.8 kB

URL GET HTTP/1.1
farmfit.ru/06-18/js/vnd/bootstrap.min.js
IP
31.31.205.163:80
ASN
#197695 Domain names registrar REG.RU, Ltd

Requested by
http://farmfit.ru/

File type
JavaScript source, ASCII text, with very long lines (32003)
Size
9.8 kB (9764 bytes)
Hash
c5b5b2fa19bd66ff23211d9f844e0131
791aa054a026bddc0de92bad6cf7a1c6e73713d5
2979f9a6e32fc42c3e7406339ee9fe76b31d1b52059776a02b4a7fa6a4fd280a

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /06-18/js/vnd/bootstrap.min.js HTTP/1.1
Host: farmfit.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://farmfit.ru/
Cookie: tplVer=06-18
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Vary: Accept-Encoding
Content-Encoding: gzip
Last-Modified: Tue, 09 Apr 2024 09:27:58 GMT
ETag: "3914051965"
Content-Type: application/javascript
Accept-Ranges: bytes
Expires: Sat, 12 Apr 2025 03:06:40 GMT
Cache-Control: max-age=31104000
Content-Length: 9764
Date: Wed, 17 Apr 2024 03:06:40 GMT
Server: lighttpd/1.4.45

farmfit.ru/06-18/js/pnotify.js

31.31.205.163

200 OK

10 kB

URL GET HTTP/1.1
farmfit.ru/06-18/js/pnotify.js
IP
31.31.205.163:80
ASN
#197695 Domain names registrar REG.RU, Ltd

Requested by
http://farmfit.ru/

File type
JavaScript source, ASCII text
Size
10 kB (10152 bytes)
Hash
957aa06c5dc817cb9d445a59c72b4e82
60c5de4ad1d62bc8d7d5c70de6c82b98fa17f716
8d12e5f892436d4b85a7835d77938ccd90ed2ce294ad1d4b758978ae19752567

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /06-18/js/pnotify.js HTTP/1.1
Host: farmfit.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://farmfit.ru/
Cookie: tplVer=06-18
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Vary: Accept-Encoding
Content-Encoding: gzip
Last-Modified: Tue, 09 Apr 2024 09:27:58 GMT
ETag: "3693981980"
Content-Type: application/javascript
Accept-Ranges: bytes
Expires: Sat, 12 Apr 2025 03:06:40 GMT
Cache-Control: max-age=31104000
Content-Length: 10152
Date: Wed, 17 Apr 2024 03:06:40 GMT
Server: lighttpd/1.4.45

farmfit.ru/06-18/js/statistics.js?4

31.31.205.163

200 OK

267 B

URL GET HTTP/1.1
farmfit.ru/06-18/js/statistics.js?4
IP
31.31.205.163:80
ASN
#197695 Domain names registrar REG.RU, Ltd

Requested by
http://farmfit.ru/

File type
JavaScript source, ASCII text
Size
267 B (267 bytes)
Hash
53a8fd8c5fafeb85d75988d7ceafbee7
e4e2ff96b16b6bbccdf76fbe4895a11b1f8cb81e
e2ec9adf9320806d868c0f8d3351df18a3a4605d892646e88387370f053b0247

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /06-18/js/statistics.js?4 HTTP/1.1
Host: farmfit.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://farmfit.ru/
Cookie: tplVer=06-18
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Vary: Accept-Encoding
Content-Encoding: gzip
Last-Modified: Tue, 09 Apr 2024 09:27:58 GMT
ETag: "3827808121"
Content-Type: application/javascript
Accept-Ranges: bytes
Expires: Sat, 12 Apr 2025 03:06:40 GMT
Cache-Control: max-age=31104000
Content-Length: 267
Date: Wed, 17 Apr 2024 03:06:40 GMT
Server: lighttpd/1.4.45

farmfit.ru/06-18/css/general.css?3

31.31.205.163

200 OK

1.6 kB

URL GET HTTP/1.1
farmfit.ru/06-18/css/general.css?3
IP
31.31.205.163:80
ASN
#197695 Domain names registrar REG.RU, Ltd

Requested by
http://farmfit.ru/

File type
ASCII text
Size
1.6 kB (1576 bytes)
Hash
9c4c1a25c7c4ff52ce37540130d37049
d87b7dd521ee258d8812b6070646e365fee462e5
d923f197604ceb14c4b62fe9f5d2f6638a777def0ed5fa25c09e6a8d5416f725

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /06-18/css/general.css?3 HTTP/1.1
Host: farmfit.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://farmfit.ru/
Cookie: tplVer=06-18
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Vary: Accept-Encoding
Content-Encoding: gzip
Last-Modified: Tue, 09 Apr 2024 09:27:58 GMT
ETag: "1994610038"
Content-Type: text/css
Accept-Ranges: bytes
Expires: Sat, 12 Apr 2025 03:06:40 GMT
Cache-Control: max-age=31104000
Content-Length: 1576
Date: Wed, 17 Apr 2024 03:06:40 GMT
Server: lighttpd/1.4.45

farmfit.ru/06-18/js/callback/check.php?

31.31.205.163

200 OK

0 B

URL GET HTTP/1.1
farmfit.ru/06-18/js/callback/check.php?
IP
31.31.205.163:80
ASN
#197695 Domain names registrar REG.RU, Ltd

Requested by
http://farmfit.ru/

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /06-18/js/callback/check.php? HTTP/1.1
Host: farmfit.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://farmfit.ru/
Cookie: tplVer=06-18
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Expires: Tue, 11 Jun 1985 05:00:00 GMT
Last-Modified: Wed, 17 Apr 2024 03:06:40 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Content-type: text/javascript;charset=UTF-8
Content-Length: 0
Date: Wed, 17 Apr 2024 03:06:40 GMT
Server: lighttpd/1.4.45

farmfit.ru/06-18/css/pnotify.css?2

31.31.205.163

200 OK

1.8 kB

URL GET HTTP/1.1
farmfit.ru/06-18/css/pnotify.css?2
IP
31.31.205.163:80
ASN
#197695 Domain names registrar REG.RU, Ltd

Requested by
http://farmfit.ru/

File type
ASCII text
Size
1.8 kB (1771 bytes)
Hash
9bcd8b8eb0f114a135b9299451a1234d
f9de256d1b7f4a7f7a74859b9081102df4e1ee9e
8a8258a397083dff76361ef2c8ebae9702fcf7f5a69f8a236062945af1135a07

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /06-18/css/pnotify.css?2 HTTP/1.1
Host: farmfit.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://farmfit.ru/
Cookie: tplVer=06-18
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Vary: Accept-Encoding
Content-Encoding: gzip
Last-Modified: Tue, 09 Apr 2024 09:27:58 GMT
ETag: "1845499254"
Content-Type: text/css
Accept-Ranges: bytes
Expires: Sat, 12 Apr 2025 03:06:40 GMT
Cache-Control: max-age=31104000
Content-Length: 1771
Date: Wed, 17 Apr 2024 03:06:40 GMT
Server: lighttpd/1.4.45

farmfit.ru/06-18/css/discount.css?20180111

31.31.205.163

200 OK

1.8 kB

URL GET HTTP/1.1
farmfit.ru/06-18/css/discount.css?20180111
IP
31.31.205.163:80
ASN
#197695 Domain names registrar REG.RU, Ltd

Requested by
http://farmfit.ru/

File type
ASCII text
Size
1.8 kB (1805 bytes)
Hash
72117ffdc1ba324279937544fe164b65
320cc78db67d5fbcb37e0ae5345564f512a2ee4f
e76df110c9d6973ba3cff091e055b1d2af8120eeeb98432fe84f5033dc315cbd

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /06-18/css/discount.css?20180111 HTTP/1.1
Host: farmfit.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://farmfit.ru/
Cookie: tplVer=06-18
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Vary: Accept-Encoding
Content-Encoding: gzip
Last-Modified: Tue, 09 Apr 2024 09:27:58 GMT
ETag: "91688634"
Content-Type: text/css
Accept-Ranges: bytes
Expires: Sat, 12 Apr 2025 03:06:40 GMT
Cache-Control: max-age=31104000
Content-Length: 1805
Date: Wed, 17 Apr 2024 03:06:40 GMT
Server: lighttpd/1.4.45

farmfit.ru/06-18/css/bootstrap.min.css

31.31.205.163

200 OK

20 kB

URL GET HTTP/1.1
farmfit.ru/06-18/css/bootstrap.min.css
IP
31.31.205.163:80
ASN
#197695 Domain names registrar REG.RU, Ltd

Requested by
http://farmfit.ru/

File type
ASCII text, with very long lines (65371)
Size
20 kB (19735 bytes)
Hash
5718db296067f0a09a655cdf974ce2bc
93c7aee4fbfd3c6191c45f06b5ecb74dcb4db498
7c2355ad2040c6a09ea345ef2d5d9cb3619a6b31efebe1d777f380cdfbe3046a

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /06-18/css/bootstrap.min.css HTTP/1.1
Host: farmfit.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://farmfit.ru/
Cookie: tplVer=06-18
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Vary: Accept-Encoding
Content-Encoding: gzip
Last-Modified: Tue, 09 Apr 2024 09:27:58 GMT
ETag: "1735961690"
Content-Type: text/css
Accept-Ranges: bytes
Expires: Sat, 12 Apr 2025 03:06:40 GMT
Cache-Control: max-age=31104000
Content-Length: 19735
Date: Wed, 17 Apr 2024 03:06:40 GMT
Server: lighttpd/1.4.45

farmfit.ru/06-18/css/img/148/close.png

31.31.205.163

200 OK

196 B

URL GET HTTP/1.1
farmfit.ru/06-18/css/img/148/close.png
IP
31.31.205.163:80
ASN
#197695 Domain names registrar REG.RU, Ltd

Requested by
http://farmfit.ru/

File type
PNG image data, 27 x 27, 8-bit gray+alpha, non-interlaced
Size
196 B (196 bytes)
Hash
5fa913b354e07df4be1b77480128ec74
8a8cf3f86473c833e08b1cc67bbbc61950f673d4
02f2927ab8d52faee098b8ebb169841682b8ce53c7f0737993b73847f07fff4c

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /06-18/css/img/148/close.png HTTP/1.1
Host: farmfit.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://farmfit.ru/
Cookie: tplVer=06-18
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: image/png
Accept-Ranges: bytes
ETag: "2999663841"
Last-Modified: Tue, 09 Apr 2024 09:27:58 GMT
Expires: Sat, 12 Apr 2025 03:06:40 GMT
Cache-Control: max-age=31104000
Content-Length: 196
Date: Wed, 17 Apr 2024 03:06:40 GMT
Server: lighttpd/1.4.45

farmfit.ru/06-18/css/img/148/logo.png

31.31.205.163

200 OK

283 B

URL GET HTTP/1.1
farmfit.ru/06-18/css/img/148/logo.png
IP
31.31.205.163:80
ASN
#197695 Domain names registrar REG.RU, Ltd

Requested by
http://farmfit.ru/

File type
PNG image data, 238 x 190, 4-bit colormap, non-interlaced
Size
283 B (283 bytes)
Hash
7a736a31a02369b7ae24b7a1800eae1c
e1e0d490efa6df5b4585b276bda489d4cf456303
02433a373b74b7c2d753e9ac717bdea81a99bae1b4e0640dd7431cbde356e3a7

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /06-18/css/img/148/logo.png HTTP/1.1
Host: farmfit.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://farmfit.ru/
Cookie: tplVer=06-18
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: image/png
Accept-Ranges: bytes
ETag: "2689283303"
Last-Modified: Tue, 09 Apr 2024 09:27:58 GMT
Expires: Sat, 12 Apr 2025 03:06:40 GMT
Cache-Control: max-age=31104000
Content-Length: 283
Date: Wed, 17 Apr 2024 03:06:40 GMT
Server: lighttpd/1.4.45

farmfit.ru/06-18/js/vnd/jquery.min.js

31.31.205.163

200 OK

33 kB

URL GET HTTP/1.1
farmfit.ru/06-18/js/vnd/jquery.min.js
IP
31.31.205.163:80
ASN
#197695 Domain names registrar REG.RU, Ltd

Requested by
http://farmfit.ru/

File type
JavaScript source, ASCII text, with very long lines (32072)
Size
33 kB (32822 bytes)
Hash
e0e0559014b222245deb26b6ae8bd940
e2f3603e23711f6446f278a411d905623d65201e
89a15e9c40bc6b14809f236ee8cd3ed1ea42393c1f6ca55c7855cd779b3f922e

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /06-18/js/vnd/jquery.min.js HTTP/1.1
Host: farmfit.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://farmfit.ru/
Cookie: tplVer=06-18
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Vary: Accept-Encoding
Content-Encoding: gzip
Last-Modified: Tue, 09 Apr 2024 09:27:58 GMT
ETag: "1841541599"
Content-Type: application/javascript
Accept-Ranges: bytes
Expires: Sat, 12 Apr 2025 03:06:40 GMT
Cache-Control: max-age=31104000
Content-Length: 32822
Date: Wed, 17 Apr 2024 03:06:40 GMT
Server: lighttpd/1.4.45

fonts.googleapis.com/css?family=Roboto:100,300,400,500,700,900

142.250.74.106

200 OK

1.3 kB

URL GET HTTP/2
fonts.googleapis.com/css?family=Roboto:100,300,400,500,700,900
IP
142.250.74.106:443
ASN
#15169 GOOGLE

Requested by
http://farmfit.ru/
Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint47:5A:64:7D:9F:47:34:07:31:91:97:F7:04:42:7A:D5:EA:AD:07:4E
ValidityMon, 04 Mar 2024 07:16:44 GMT - Mon, 27 May 2024 07:16:43 GMT

File type
gzip compressed data, max compression
Size
1.3 kB (1335 bytes)
Hash
89ab0d7d913ee18b3aa860ebf54d2166
2f47c6c5caa99f001948ce1e2fce8fba14891737
f2781950d148190ec6ec53e81809f6781417d291c316df9f7d5ec3aeb60530ed

HTTP Headers

GET /css?family=Roboto:100,300,400,500,700,900 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://farmfit.ru/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Wed, 17 Apr 2024 03:06:40 GMT
date: Wed, 17 Apr 2024 03:06:40 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

farmfit.ru/06-18/js/callback/user.php?key=937aa9c0b2013aae74669af9e8ab2acc

31.31.205.163

200 OK

229 B

URL GET HTTP/1.1
farmfit.ru/06-18/js/callback/user.php?key=937aa9c0b2013aae74669af9e8ab2acc
IP
31.31.205.163:80
ASN
#197695 Domain names registrar REG.RU, Ltd

Requested by
http://farmfit.ru/

File type
ASCII text
Size
229 B (229 bytes)
Hash
c1e5bd6cf3f59319eb92f288e4490cc0
3b38522d189563cd16d4001994bf77845dabd09e
eb0ce4848a46c04bf77b142cdd61ec27a90e05b54e3c53f119bbeda103586d72

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /06-18/js/callback/user.php?key=937aa9c0b2013aae74669af9e8ab2acc HTTP/1.1
Host: farmfit.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://farmfit.ru/
Cookie: tplVer=06-18
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Expires: Tue, 11 Jun 1985 05:00:00 GMT
Last-Modified: Wed, 17 Apr 2024 03:06:41 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Content-type: text/javascript;charset=UTF-8
Content-Length: 229
Date: Wed, 17 Apr 2024 03:06:41 GMT
Server: lighttpd/1.4.45

fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2

216.58.207.227

200 OK

16 kB

URL GET HTTP/2
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
http://farmfit.ru/
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint8F:81:43:71:C4:F3:8C:FA:6D:EC:B4:5E:1F:58:71:AA:48:42:0E:E9
ValidityMon, 04 Mar 2024 07:16:39 GMT - Mon, 27 May 2024 07:16:38 GMT

File type
Web Open Font Format (Version 2), TrueType, length 15740, version 1.0
Size
16 kB (15740 bytes)
Hash
b9c29351c46f3e8c8631c4002457f48a
e57e59c5780995ff2937ab2b511a769212974a87
f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef

HTTP Headers

GET /s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://farmfit.ru
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15740
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 11 Apr 2024 02:32:46 GMT
expires: Fri, 11 Apr 2025 02:32:46 GMT
cache-control: public, max-age=31536000
age: 520435
last-modified: Wed, 11 May 2022 19:24:56 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fChc4EsA.woff2

216.58.207.227

200 OK

12 kB

URL GET HTTP/2
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fChc4EsA.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
http://farmfit.ru/
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint8F:81:43:71:C4:F3:8C:FA:6D:EC:B4:5E:1F:58:71:AA:48:42:0E:E9
ValidityMon, 04 Mar 2024 07:16:39 GMT - Mon, 27 May 2024 07:16:38 GMT

File type
Web Open Font Format (Version 2), TrueType, length 11796, version 1.0
Size
12 kB (11796 bytes)
Hash
716871ec15f054ec158445180fe280e1
d7d746e03e49f7e10ca0b11e598f3d6db5e34a2b
b076e86301cbee8c5c9aef51863a9c0a88e6f6d2aabdffca93e031113c6caa74

HTTP Headers

GET /s/roboto/v30/KFOlCnqEu92Fr1MmSU5fChc4EsA.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://farmfit.ru
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 11796
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 11 Apr 2024 02:53:06 GMT
expires: Fri, 11 Apr 2025 02:53:06 GMT
cache-control: public, max-age=31536000
age: 519215
last-modified: Wed, 11 May 2022 19:24:42 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

216.58.207.227

200 OK

16 kB

URL GET HTTP/2
fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
http://farmfit.ru/
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint8F:81:43:71:C4:F3:8C:FA:6D:EC:B4:5E:1F:58:71:AA:48:42:0E:E9
ValidityMon, 04 Mar 2024 07:16:39 GMT - Mon, 27 May 2024 07:16:38 GMT

File type
Web Open Font Format (Version 2), TrueType, length 15744, version 1.0
Size
16 kB (15744 bytes)
Hash
15d9f621c3bd1599f0169dcf0bd5e63e
7ca9c5967f3bb8bffeab24b639b49c1e7d03fa52
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

HTTP Headers

GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://farmfit.ru
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15744
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 16 Apr 2024 16:27:38 GMT
expires: Wed, 16 Apr 2025 16:27:38 GMT
cache-control: public, max-age=31536000
age: 38343
last-modified: Wed, 11 May 2022 19:24:48 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

216.58.207.227

200 OK

16 kB

URL GET HTTP/2
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
http://farmfit.ru/
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint8F:81:43:71:C4:F3:8C:FA:6D:EC:B4:5E:1F:58:71:AA:48:42:0E:E9
ValidityMon, 04 Mar 2024 07:16:39 GMT - Mon, 27 May 2024 07:16:38 GMT

File type
Web Open Font Format (Version 2), TrueType, length 15920, version 1.0
Size
16 kB (15920 bytes)
Hash
3a44e06eb954b96aa043227f3534189d
23cef6993ddb2b2979e8e7647fc3763694e2ba7d
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e

HTTP Headers

GET /s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://farmfit.ru
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15920
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 11 Apr 2024 13:20:56 GMT
expires: Fri, 11 Apr 2025 13:20:56 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 11 May 2022 19:24:45 GMT
content-type: font/woff2
age: 481545
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu5mxKOzY.woff2

216.58.207.227

200 OK

9.6 kB

URL GET HTTP/2
fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu5mxKOzY.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
http://farmfit.ru/
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint8F:81:43:71:C4:F3:8C:FA:6D:EC:B4:5E:1F:58:71:AA:48:42:0E:E9
ValidityMon, 04 Mar 2024 07:16:39 GMT - Mon, 27 May 2024 07:16:38 GMT

File type
Web Open Font Format (Version 2), TrueType, length 9628, version 1.0
Size
9.6 kB (9628 bytes)
Hash
d9ac47c7e500fb7083b8d595eaf6fe12
112a2fc5f4ff9b85ee3a706fa9b8c47f79b05933
495d38d4b9741e8aa4204002414069e2d8db9f3c60b60e195e4d74381462dee9

HTTP Headers

GET /s/roboto/v30/KFOmCnqEu92Fr1Mu5mxKOzY.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://farmfit.ru
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 9628
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 16 Apr 2024 07:14:20 GMT
expires: Wed, 16 Apr 2025 07:14:20 GMT
cache-control: public, max-age=31536000
age: 71541
last-modified: Wed, 11 May 2022 19:24:42 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fABc4EsA.woff2

216.58.207.227

200 OK

9.8 kB

URL GET HTTP/2
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fABc4EsA.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
http://farmfit.ru/
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint8F:81:43:71:C4:F3:8C:FA:6D:EC:B4:5E:1F:58:71:AA:48:42:0E:E9
ValidityMon, 04 Mar 2024 07:16:39 GMT - Mon, 27 May 2024 07:16:38 GMT

File type
Web Open Font Format (Version 2), TrueType, length 9840, version 1.0
Size
9.8 kB (9840 bytes)
Hash
7b08b9e11fc6b8a8a1398b357e874144
4b5fb5790fae1c96655aaa7a426b697f5ab986d0
3728fbdd191d75bad5b83a838dfe2fc15f84c2aaa36ffa573321275847db31a9

HTTP Headers

GET /s/roboto/v30/KFOlCnqEu92Fr1MmEU9fABc4EsA.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://farmfit.ru
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 9840
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 16 Apr 2024 00:00:19 GMT
expires: Wed, 16 Apr 2025 00:00:19 GMT
cache-control: public, max-age=31536000
age: 97582
last-modified: Wed, 11 May 2022 19:24:39 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fABc4EsA.woff2

216.58.207.227

200 OK

9.6 kB

URL GET HTTP/2
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fABc4EsA.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
http://farmfit.ru/
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint8F:81:43:71:C4:F3:8C:FA:6D:EC:B4:5E:1F:58:71:AA:48:42:0E:E9
ValidityMon, 04 Mar 2024 07:16:39 GMT - Mon, 27 May 2024 07:16:38 GMT

File type
Web Open Font Format (Version 2), TrueType, length 9576, version 1.0
Size
9.6 kB (9576 bytes)
Hash
9b9ec29522d1bf8924ccc2d917e1807b
1df345651c653bba476ab6b8546351ec7f4f018a
47aa3bfad6cb9e2d63abdd58f4e6ce4f7b9fd2704b2b15193c71874035fe025d

HTTP Headers

GET /s/roboto/v30/KFOlCnqEu92Fr1MmSU5fABc4EsA.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://farmfit.ru
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 9576
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 11 Apr 2024 02:37:51 GMT
expires: Fri, 11 Apr 2025 02:37:51 GMT
cache-control: public, max-age=31536000
age: 520130
last-modified: Wed, 11 May 2022 19:24:58 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

farmfit.ru/06-18/css/img/soc/bg%20copy.png

31.31.205.163

200 OK

4.2 kB

URL GET HTTP/1.1
farmfit.ru/06-18/css/img/soc/bg%20copy.png
IP
31.31.205.163:80
ASN
#197695 Domain names registrar REG.RU, Ltd

Requested by
http://farmfit.ru/

File type
PNG image data, 100 x 100, 8-bit/color RGBA, non-interlaced
Size
4.2 kB (4176 bytes)
Hash
1e11eee693a31baaeb9eb2d999c6926d
9367757e70849491d1d91b806878f46b76874c4f
9c60fc95de092ccfec0e1e661c30b313664fd70072146246b28f8a9fb871f3da

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /06-18/css/img/soc/bg%20copy.png HTTP/1.1
Host: farmfit.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://farmfit.ru/06-18/css/general.css?3
Cookie: tplVer=06-18
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: image/png
Accept-Ranges: bytes
ETag: "1340892839"
Last-Modified: Tue, 09 Apr 2024 09:27:58 GMT
Expires: Sat, 12 Apr 2025 03:06:41 GMT
Cache-Control: max-age=31104000
Content-Length: 4176
Date: Wed, 17 Apr 2024 03:06:41 GMT
Server: lighttpd/1.4.45

farmfit.ru/06-18/css/img/soc/Layer%2024.png

31.31.205.163

200 OK

3.6 kB

URL GET HTTP/1.1
farmfit.ru/06-18/css/img/soc/Layer%2024.png
IP
31.31.205.163:80
ASN
#197695 Domain names registrar REG.RU, Ltd

Requested by
http://farmfit.ru/

File type
PNG image data, 54 x 54, 8-bit/color RGBA, non-interlaced
Size
3.6 kB (3645 bytes)
Hash
030b66b7a3c5e843b4e616274b9e57bd
f6b9e63aa7e9a03666faeec0875da823b48a71fe
11cb7c7c924525c72bbac12c79e013d34d837105a9c5a321b91f8e2cb1afc7e9

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /06-18/css/img/soc/Layer%2024.png HTTP/1.1
Host: farmfit.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://farmfit.ru/06-18/css/general.css?3
Cookie: tplVer=06-18
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: image/png
Accept-Ranges: bytes
ETag: "2120443753"
Last-Modified: Tue, 09 Apr 2024 09:27:58 GMT
Expires: Sat, 12 Apr 2025 03:06:41 GMT
Cache-Control: max-age=31104000
Content-Length: 3645
Date: Wed, 17 Apr 2024 03:06:41 GMT
Server: lighttpd/1.4.45

farmfit.ru/06-18/css/img/soc/main.png

31.31.205.163

200 OK

4.9 kB

URL GET HTTP/1.1
farmfit.ru/06-18/css/img/soc/main.png
IP
31.31.205.163:80
ASN
#197695 Domain names registrar REG.RU, Ltd

Requested by
http://farmfit.ru/

File type
PNG image data, 240 x 170, 8-bit/color RGBA, non-interlaced
Size
4.9 kB (4881 bytes)
Hash
b65d879bf6206aeff14611980c6afd49
dfaa81e981b1437ae5049deade78b4a08d9ade84
3fc3242272eeb737ab15721ce8a52ec7dd51d17a96ec36b9c4549ecd75f971e2

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /06-18/css/img/soc/main.png HTTP/1.1
Host: farmfit.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://farmfit.ru/06-18/css/general.css?3
Cookie: tplVer=06-18
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: image/png
Accept-Ranges: bytes
ETag: "2705811125"
Last-Modified: Tue, 09 Apr 2024 09:27:58 GMT
Expires: Sat, 12 Apr 2025 03:06:41 GMT
Cache-Control: max-age=31104000
Content-Length: 4881
Date: Wed, 17 Apr 2024 03:06:41 GMT
Server: lighttpd/1.4.45

farmfit.ru/06-18/css/img/soc/tel.png

31.31.205.163

200 OK

4.4 kB

URL GET HTTP/1.1
farmfit.ru/06-18/css/img/soc/tel.png
IP
31.31.205.163:80
ASN
#197695 Domain names registrar REG.RU, Ltd

Requested by
http://farmfit.ru/

File type
PNG image data, 50 x 50, 8-bit/color RGBA, non-interlaced
Size
4.4 kB (4375 bytes)
Hash
f57eb23556dd9648034d38193b3adc4d
e037712190da95c29a1477796b5b9fb2e2c696ed
5650e6d7734f80cc13bb3de8b1401714440c0d34efef2d55f5499c09fcc8c35c

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /06-18/css/img/soc/tel.png HTTP/1.1
Host: farmfit.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://farmfit.ru/06-18/css/general.css?3
Cookie: tplVer=06-18
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: image/png
Accept-Ranges: bytes
ETag: "1397122723"
Last-Modified: Tue, 09 Apr 2024 09:27:58 GMT
Expires: Sat, 12 Apr 2025 03:06:41 GMT
Cache-Control: max-age=31104000
Content-Length: 4375
Date: Wed, 17 Apr 2024 03:06:41 GMT
Server: lighttpd/1.4.45

farmfit.ru/06-18/css/img/soc/vk.png

31.31.205.163

200 OK

4.3 kB

URL GET HTTP/1.1
farmfit.ru/06-18/css/img/soc/vk.png
IP
31.31.205.163:80
ASN
#197695 Domain names registrar REG.RU, Ltd

Requested by
http://farmfit.ru/

File type
PNG image data, 50 x 50, 8-bit/color RGBA, non-interlaced
Size
4.3 kB (4312 bytes)
Hash
d3bfadd62c44e2645581f3d21b25c09c
52c0adc707e70f4ac987f78a8f1d3d299784dfcb
6d373068d52b229d8d25c35d5bbaf04616236b54c087e79c8ffa5690fe329963

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /06-18/css/img/soc/vk.png HTTP/1.1
Host: farmfit.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://farmfit.ru/06-18/css/general.css?3
Cookie: tplVer=06-18
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: image/png
Accept-Ranges: bytes
ETag: "817981091"
Last-Modified: Tue, 09 Apr 2024 09:27:58 GMT
Expires: Sat, 12 Apr 2025 03:06:41 GMT
Cache-Control: max-age=31104000
Content-Length: 4312
Date: Wed, 17 Apr 2024 03:06:41 GMT
Server: lighttpd/1.4.45

fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSumu1aB.woff2

216.58.207.227

200 OK

27 kB

URL GET HTTP/1.1
fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSumu1aB.woff2
IP
216.58.207.227:80
ASN
#15169 GOOGLE

Requested by
http://farmfit.ru/

File type
Web Open Font Format (Version 2), TrueType, length 26736, version 1.0
Size
27 kB (26736 bytes)
Hash
8404cfed82d322c1be8e149fd9f40eb8
3e3657246db3b889e68d520904ac294a230db56d
8f76526e440538ec1300aa89f671acd1b746925833f7160f6c0e29443008f97f

HTTP Headers

GET /s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSumu1aB.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://farmfit.ru
DNT: 1
Connection: keep-alive
Referer: http://fonts.googleapis.com/
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin; report-to="apps-themes"
Report-To: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
Timing-Allow-Origin: *
Content-Length: 26736
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Thu, 11 Apr 2024 17:41:40 GMT
Expires: Fri, 11 Apr 2025 17:41:40 GMT
Cache-Control: public, max-age=31536000
Age: 465901
Last-Modified: Thu, 14 Dec 2023 02:00:28 GMT
Content-Type: font/woff2

fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

216.58.207.227

200 OK

48 kB

URL GET HTTP/1.1
fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
IP
216.58.207.227:80
ASN
#15169 GOOGLE

Requested by
http://farmfit.ru/

File type
Web Open Font Format (Version 2), TrueType, length 48236, version 1.0
Size
48 kB (48236 bytes)
Hash
015c126a3520c9a8f6a27979d0266e96
2acf956561d44434a6d84204670cf849d3215d5f
3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa

HTTP Headers

GET /s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://farmfit.ru
DNT: 1
Connection: keep-alive
Referer: http://fonts.googleapis.com/
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin; report-to="apps-themes"
Report-To: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
Timing-Allow-Origin: *
Content-Length: 48236
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Thu, 11 Apr 2024 02:53:10 GMT
Expires: Fri, 11 Apr 2025 02:53:10 GMT
Cache-Control: public, max-age=31536000
Age: 519211
Last-Modified: Thu, 14 Dec 2023 02:08:40 GMT
Content-Type: font/woff2

farmfit.ru/06-18/favicons/favicon.png

31.31.205.163

200 OK

839 B

URL GET HTTP/1.1
farmfit.ru/06-18/favicons/favicon.png
IP
31.31.205.163:80
ASN
#197695 Domain names registrar REG.RU, Ltd

Requested by
http://farmfit.ru/

File type
PNG image data, 57 x 57, 8-bit/color RGBA, non-interlaced
Size
839 B (839 bytes)
Hash
eca5ec07507bf9d0b2c397bbf755db9f
f5a99699f457404021b103eaaf919c31a73c0999
5a7b61b2dc6d0ce486f4b1dfabd3692e914d8bc1322cb363c8ebcf56b650b79e

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /06-18/favicons/favicon.png HTTP/1.1
Host: farmfit.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://farmfit.ru/
Cookie: tplVer=06-18
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: image/png
Accept-Ranges: bytes
ETag: "365438195"
Last-Modified: Tue, 09 Apr 2024 09:27:58 GMT
Expires: Sat, 12 Apr 2025 03:06:41 GMT
Cache-Control: max-age=31104000
Content-Length: 839
Date: Wed, 17 Apr 2024 03:06:41 GMT
Server: lighttpd/1.4.45

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (13)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML