Report - bashteplo.ru/

Report Overview

Submitted URL
bashteplo.ru/
IP
195.216.243.12
ASN
#57724 Ddos-Guard Ltd
Submitted
2024-05-10 17:34:26
Access
public
Website Title
ООО Башкиртеплоэнерго - Главная страница
Final URL
www.bashteplo.ru/
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
44
Threat Detection Systems
0

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
www.bashteplo.ru	unknown	2007-06-18	2017-03-03	2017-03-03	7.2 kB	181 kB	195.216.243.12
s7.ucoz.net	unknown	2005-08-27	2017-02-02	2024-03-03	1.4 kB	8.9 kB	195.216.243.12
bashteplo.ru	unknown	2007-06-18	2017-05-23	2021-02-03	866 B	8.4 kB	195.216.243.12
informer.gismeteo.ru	unknown	2000-12-18	2012-07-16	2024-03-07	348 B	5.0 kB	185.134.203.99
themes.googleusercontent.com	9661	2008-11-17	2012-05-24	2024-05-09	458 B	61 kB	142.250.74.97
www.google.com	7	1997-09-15	2015-05-10	2024-03-23	447 B	1.4 kB	142.250.74.132
z0.trusthalloween.com	unknown	2023-11-10	2024-01-26	2024-04-12	426 B	810 B	172.67.146.32
src.ucoz.ru	unknown	2005-08-20	2017-01-29	2022-11-09	2.0 kB	6.6 kB	193.109.246.58
bashteplo.ucoz.ru	unknown	unknown	No data	No data	694 B	27 kB	195.216.243.12
www.ankor.kharkov.ua	unknown	2001-12-13	2018-04-03	2018-04-03	350 B	524 B	91.196.0.19
rot.spotsniper.ru	unknown	2013-04-03	2017-01-30	2024-04-25	814 B	716 B	31.172.81.159
www.gstatic.com	unknown	2008-02-11	2016-07-26	2024-05-10	480 B	209 kB	142.250.74.99

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Timestamp	Severity	Source IP	Destination IP	Alert
2024-05-10 17:34:00	medium	195.216.243.12	Client IP	ET HUNTING DDoS-Guard Hosted Content
2024-05-10 17:34:00	medium	195.216.243.12	Client IP	ET HUNTING DDoS-Guard Hosted Content
2024-05-10 17:34:00	medium	195.216.243.12	Client IP	ET HUNTING DDoS-Guard Hosted Content
2024-05-10 17:34:00	medium	195.216.243.12	Client IP	ET HUNTING DDoS-Guard Hosted Content
2024-05-10 17:34:00	medium	195.216.243.12	Client IP	ET HUNTING DDoS-Guard Hosted Content
2024-05-10 17:34:00	medium	195.216.243.12	Client IP	ET HUNTING DDoS-Guard Hosted Content
2024-05-10 17:34:00	medium	195.216.243.12	Client IP	ET HUNTING DDoS-Guard Hosted Content
2024-05-10 17:34:00	medium	195.216.243.12	Client IP	ET HUNTING DDoS-Guard Hosted Content
2024-05-10 17:34:00	medium	195.216.243.12	Client IP	ET HUNTING DDoS-Guard Hosted Content
2024-05-10 17:34:00	medium	195.216.243.12	Client IP	ET HUNTING DDoS-Guard Hosted Content
2024-05-10 17:34:00	medium	195.216.243.12	Client IP	ET HUNTING DDoS-Guard Hosted Content
2024-05-10 17:34:00	medium	195.216.243.12	Client IP	ET HUNTING DDoS-Guard Hosted Content
2024-05-10 17:34:00	medium	195.216.243.12	Client IP	ET HUNTING DDoS-Guard Hosted Content
2024-05-10 17:34:00	medium	195.216.243.12	Client IP	ET HUNTING DDoS-Guard Hosted Content
2024-05-10 17:34:00	medium	195.216.243.12	Client IP	ET HUNTING DDoS-Guard Hosted Content
2024-05-10 17:34:00	medium	195.216.243.12	Client IP	ET HUNTING DDoS-Guard Hosted Content
2024-05-10 17:34:00	medium	195.216.243.12	Client IP	ET HUNTING DDoS-Guard Hosted Content
2024-05-10 17:34:00	medium	195.216.243.12	Client IP	ET HUNTING DDoS-Guard Hosted Content
2024-05-10 17:34:00	medium	195.216.243.12	Client IP	ET HUNTING DDoS-Guard Hosted Content
2024-05-10 17:34:00	medium	195.216.243.12	Client IP	ET HUNTING DDoS-Guard Hosted Content
2024-05-10 17:34:00	medium	195.216.243.12	Client IP	ET HUNTING DDoS-Guard Hosted Content
2024-05-10 17:34:00	medium	195.216.243.12	Client IP	ET HUNTING DDoS-Guard Hosted Content
2024-05-10 17:34:01	medium	195.216.243.12	Client IP	ET HUNTING DDoS-Guard Hosted Content
2024-05-10 17:34:01	medium	195.216.243.12	Client IP	ET HUNTING DDoS-Guard Hosted Content
2024-05-10 17:34:01	medium	195.216.243.12	Client IP	ET HUNTING DDoS-Guard Hosted Content
2024-05-10 17:34:01	medium	195.216.243.12	Client IP	ET HUNTING DDoS-Guard Hosted Content
2024-05-10 17:34:01	medium	195.216.243.12	Client IP	ET HUNTING DDoS-Guard Hosted Content
2024-05-10 17:34:01	medium	195.216.243.12	Client IP	ET HUNTING DDoS-Guard Hosted Content
2024-05-10 17:34:01	medium	195.216.243.12	Client IP	ET HUNTING DDoS-Guard Hosted Content
2024-05-10 17:34:01	medium	195.216.243.12	Client IP	ET HUNTING DDoS-Guard Hosted Content
2024-05-10 17:34:10	medium	195.216.243.12	Client IP	ET HUNTING DDoS-Guard Hosted Content
2024-05-10 17:34:10	medium	195.216.243.12	Client IP	ET HUNTING DDoS-Guard Hosted Content
2024-05-10 17:34:10	medium	195.216.243.12	Client IP	ET HUNTING DDoS-Guard Hosted Content
2024-05-10 17:34:10	medium	195.216.243.12	Client IP	ET HUNTING DDoS-Guard Hosted Content
2024-05-10 17:34:10	medium	195.216.243.12	Client IP	ET HUNTING DDoS-Guard Hosted Content
2024-05-10 17:34:10	medium	195.216.243.12	Client IP	ET HUNTING DDoS-Guard Hosted Content
2024-05-10 17:34:10	medium	195.216.243.12	Client IP	ET HUNTING DDoS-Guard Hosted Content
2024-05-10 17:34:10	medium	195.216.243.12	Client IP	ET HUNTING DDoS-Guard Hosted Content
2024-05-10 17:34:10	medium	195.216.243.12	Client IP	ET HUNTING DDoS-Guard Hosted Content
2024-05-10 17:34:10	medium	195.216.243.12	Client IP	ET HUNTING DDoS-Guard Hosted Content
2024-05-10 17:34:11	medium	195.216.243.12	Client IP	ET HUNTING DDoS-Guard Hosted Content
2024-05-10 17:34:11	medium	195.216.243.12	Client IP	ET HUNTING DDoS-Guard Hosted Content
2024-05-10 17:34:11	medium	195.216.243.12	Client IP	ET HUNTING DDoS-Guard Hosted Content
2024-05-10 17:34:11	medium	195.216.243.12	Client IP	ET HUNTING DDoS-Guard Hosted Content

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

JavaScript (18)

	URL	Size	First Seen	Last Seen
	www.bashteplo.ru/.s/src/ulightbox/ulightbox.min.js	22 kB	2023-10-20	2024-05-20
Pretty URL www.bashteplo.ru/.s/src/ulightbox/ulightbox.min.js IP 195.216.243.12 ASN #57724 Ddos-Guard Ltd Introduced by scriptElement Embedded in HTML false Observations First Seen2023-10-20 04:36:22 Last Seen2024-05-20 12:37:06 Times Seen879 Hash f8885e861eba58ae642b08cdd18d965c 7bde2d4bd9d8013a471121b8e1e03b471f485334 7f8ef94f5ff6fc7281a813bda646bc54cf1b6f8f3618ac4f4d40b215e8a70948 Loading...

	z0.trusthalloween.com/?ze=hbrdinjsgy5ha3ddf42dkojs	10 B	2023-03-07	2024-05-20
Pretty URL z0.trusthalloween.com/?ze=hbrdinjsgy5ha3ddf42dkojs IP 172.67.146.32 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:06 Last Seen2024-05-20 12:37:05 Times Seen4577 Hash f495e69f2e9edc75eeae7dd3ea78a747 a89e38bbe70fa2de5db9d578975abd4e9dcda52e 8bf4c7cf443426b4cd8b5a56d22109b4e70314c1d2b8d0eb68887696722c132c Loading...

	www.bashteplo.ru/?F%21CikFr0r0PnaGvPMqr9F%21Ess%5EOUzT57a4zn0pjnAkuHA%3BFSF2i8vLkAi8iNNbW4pNMs9e5u%3BGTwB2C6WMVS0VpWJQIvsJj3QLbKrim7AmZq%3BGLQRixbtaXnkI96plEQNaScCvDEJJLV1J5NwBHzMt4jl7f3PkfR1PLznhiQn4EqtdNUQPU4AwyTdQIarixDbm8X6698mvJTMQDknkMmkPNzwgoo	868 B	2024-02-23	2024-05-10
Pretty URL www.bashteplo.ru/?F%21CikFr0r0PnaGvPMqr9F%21Ess%5EOUzT57a4zn0pjnAkuHA%3BFSF2i8vLkAi8iNNbW4pNMs9e5u%3BGTwB2C6WMVS0VpWJQIvsJj3QLbKrim7AmZq%3BGLQRixbtaXnkI96plEQNaScCvDEJJLV1J5NwBHzMt4jl7f3PkfR1PLznhiQn4EqtdNUQPU4AwyTdQIarixDbm8X6698mvJTMQDknkMmkPNzwgoo IP 195.216.243.12 ASN #57724 Ddos-Guard Ltd Introduced by scriptElement Embedded in HTML false Observations First Seen2024-02-23 23:45:34 Last Seen2024-05-10 19:34:34 Times Seen6 Hash 6b4065ad1648b47270ab1407c8f45d7e b7f27be5c661aa0ba78dff8d9afc1c83c2d1c801 f01004246767511526380faa04f83996eed61ea986970464e89f8e99435c26c2 Loading...

	www.bashteplo.ru/	209 B	2023-03-07	2024-05-20
Pretty URL www.bashteplo.ru/ IP 195.216.243.12 ASN #57724 Ddos-Guard Ltd Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 12:06:21 Last Seen2024-05-20 12:37:04 Times Seen947 Hash ebe6bc0803293713c0cd5ccbb6858263 f7e12e4099d0b1539e6424fb35bed336f953239d de6c089a2079a7e9d7740a581839e60f99fc2b345f909a63fb8edce6e90dca4a Loading...

	www.bashteplo.ru/	217 B	2023-03-07	2024-05-20
Pretty URL www.bashteplo.ru/ IP 195.216.243.12 ASN #57724 Ddos-Guard Ltd Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 12:06:21 Last Seen2024-05-20 12:37:04 Times Seen943 Hash 643968481bd70d1b90acb3623acc1cbf a48c24f35825a4f9a22bb98e54b972ab914d0da6 1cc7811671da38d961a9ab7caf93a642e6b64d30f56cfe7e94370f25f190df2c Loading...

	www.bashteplo.ru/	1.7 kB	2023-03-26	2024-05-20
Pretty URL www.bashteplo.ru/ IP 195.216.243.12 ASN #57724 Ddos-Guard Ltd Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-26 09:34:22 Last Seen2024-05-20 12:37:04 Times Seen815 Hash a8891969ae54b782e8f5ac283399acca 7d6bcb7b3cb4046aafab14d778a700f1ead83f93 e084d693bfba8019d72f12e6cfd6797b2792a7b3bbe3b98f222867e53f65f806 Loading...

	rot.spotsniper.ru/?src=ujs6	1 B	2023-03-07	2024-05-20
Pretty URL rot.spotsniper.ru/?src=ujs6 IP 31.172.81.159 ASN #44066 firstcolo GmbH Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:53 Last Seen2024-05-20 22:39:54 Times Seen22098 Hash 7215ee9c7d9dc229d2921a40e899ec5f b858cb282617fb0956d960215c8e84d1ccf909c6 36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068 Loading...

	www.bashteplo.ru/?syyYpHsen0Y5Or%3BYfqz%3BOOHSfMSpA8TKaOxEzNzPA1KwfnTIp%3BqgiBuQ2cswANOZQ6h4KAi0Sm7yJh5j6RNiP%5EWp3DwruEZW5Y2%3BWz93f1n7hQrzLiWNiBmUaXj96caAnQSk8M51u8kq7%3BdY3Sz%5E1k55EFAYaKT1Mf6TJqyvFQAgp6nzaq3nbBlRRJ08fNqY1iPykwjwniwBBwmnDw46UCDt	1.2 kB	2024-05-10	2024-05-10
Pretty URL www.bashteplo.ru/?syyYpHsen0Y5Or%3BYfqz%3BOOHSfMSpA8TKaOxEzNzPA1KwfnTIp%3BqgiBuQ2cswANOZQ6h4KAi0Sm7yJh5j6RNiP%5EWp3DwruEZW5Y2%3BWz93f1n7hQrzLiWNiBmUaXj96caAnQSk8M51u8kq7%3BdY3Sz%5E1k55EFAYaKT1Mf6TJqyvFQAgp6nzaq3nbBlRRJ08fNqY1iPykwjwniwBBwmnDw46UCDt IP 195.216.243.12 ASN #57724 Ddos-Guard Ltd Introduced by scriptElement Embedded in HTML false Observations First Seen2024-05-10 19:34:33 Last Seen2024-05-10 19:34:34 Times Seen2 Hash 943c98650b9094eb8b8aa93f56c43cf2 85e63f754334ddc8eccb2ffafebbe66de0a9a6c7 b24d01947ba7aeef2f49da9f39b89312ad83dfcf574a551e84121a4183edc50c Loading...

	www.bashteplo.ru/	464 B	2023-04-05	2024-05-20
Pretty URL www.bashteplo.ru/ IP 195.216.243.12 ASN #57724 Ddos-Guard Ltd Introduced by scriptElement Embedded in HTML true Observations First Seen2023-04-05 13:59:34 Last Seen2024-05-20 12:37:04 Times Seen806 Hash 9a536789cc4102abd4a9769ecf660e43 a8b24237df4c077f7a648c24cd245b1fc33687f5 a27d3579fcabdab43f501d6487a378ef8481e31a1c093f7054a305bec3133436 Loading...

	www.bashteplo.ru/.s/src/jquery-1.12.4.min.js	97 kB	2023-03-07	2024-05-20
Pretty URL www.bashteplo.ru/.s/src/jquery-1.12.4.min.js IP 195.216.243.12 ASN #57724 Ddos-Guard Ltd Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:06 Last Seen2024-05-20 22:28:11 Times Seen120046 Hash 4f252523d4af0b478c810c2547a63e19 5a9dcfbef655a2668e78baebeaa8dc6f41d8dabb 668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404 Loading...

	www.bashteplo.ru/.s/src/uwnd.min.js	210 kB	2024-04-23	2024-05-20
Pretty URL www.bashteplo.ru/.s/src/uwnd.min.js IP 195.216.243.12 ASN #57724 Ddos-Guard Ltd Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-23 22:40:36 Last Seen2024-05-20 12:37:04 Times Seen38 Hash e19b1b85c6cb8bd91d175eabd820530d aa54c2056ee4398a1bb8e1a9b3d199eff81c32db 3b59399d2974b553bce7ecd71e2346408f5f1969981d7e7170d33f7887ece90b Loading...

	www.bashteplo.ru/	2.0 kB	2024-05-10	2024-05-10
Pretty URL www.bashteplo.ru/ IP 195.216.243.12 ASN #57724 Ddos-Guard Ltd Introduced by scriptElement Embedded in HTML true Observations First Seen2024-05-10 19:34:34 Last Seen2024-05-10 19:34:34 Times Seen1 Hash ce4aca08c37f6be651e9c6dd69d38c8b e4cc6b1e482d2919d5dce8042f3e7584bcd6bc8e 3b1db58c61d1d67d1d120f0c983408f1dd2ab0b63c7d6580b4bc3f2b54ed9583 Loading...

	www.google.com/recaptcha/api.js?onload=reCallback&render=explicit&hl=ru	905 B	2024-05-10	2024-05-16
Pretty URL www.google.com/recaptcha/api.js?onload=reCallback&render=explicit&hl=ru IP 142.250.74.132 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2024-05-10 19:34:34 Last Seen2024-05-16 10:48:16 Times Seen6 Hash 94ded8479fc7f460c38cafbcd9596a7d 69eb54810f9cd5b9d932fc6aec18f5aca248d47e 572a48eb7fd076408498f3a4fc91eeefafdaf55c234ed9a384524653b13994a3 Loading...

	s7.ucoz.net/cgi/uutils.fcg?a=uSD&ca=2&ug=999&isp=0&r=0.721103430244035	0 B	2023-03-07	2024-05-20
Pretty URL s7.ucoz.net/cgi/uutils.fcg?a=uSD&ca=2&ug=999&isp=0&r=0.721103430244035 IP 195.216.243.12 ASN #57724 Ddos-Guard Ltd Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:01:59 Last Seen2024-05-20 22:50:30 Times Seen37896536 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	www.bashteplo.ru/	334 B	2023-03-07	2024-05-10
Pretty URL www.bashteplo.ru/ IP 195.216.243.12 ASN #57724 Ddos-Guard Ltd Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 13:49:41 Last Seen2024-05-10 19:34:34 Times Seen95 Hash 4ad9e8eb9436a82eb49f58f7f120393c 21ea22f939ee33ccc58f4202c8c61d6718196f6f ab526717acd97825f32075de1d10b96a3739e2c55141d1a822bcd4c8a0c3b3cf Loading...

	www.bashteplo.ru/?d8GO%3Bii5thyLVNRTxa6m3AVuyRegxV%5EOseWA7O5IGHwORv7VDkAky%5Eti7hX8xDCT4tRbIZteV6ZVX2ZEvdxqxx8x	0 B	2023-03-07	2024-05-20
Pretty URL www.bashteplo.ru/?d8GO%3Bii5thyLVNRTxa6m3AVuyRegxV%5EOseWA7O5IGHwORv7VDkAky%5Eti7hX8xDCT4tRbIZteV6ZVX2ZEvdxqxx8x IP 195.216.243.12 ASN #57724 Ddos-Guard Ltd Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 01:01:59 Last Seen2024-05-20 22:50:30 Times Seen37896536 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	www.gstatic.com/recaptcha/releases/vjbW55W42X033PfTdVf6Ft4q/recaptcha__ru.js	546 kB	2024-05-10	2024-05-16
Pretty URL www.gstatic.com/recaptcha/releases/vjbW55W42X033PfTdVf6Ft4q/recaptcha__ru.js IP 142.250.74.99 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2024-05-10 08:58:45 Last Seen2024-05-16 10:48:16 Times Seen91 Hash 35936f46de171ccd5ad7aa2ed29d6738 78a807efdf54a90f428beed818152991f97c3dd1 e91d4763c7111eeb5385a67dcce1d779ac3ac8db5605ef6cc845ea23185461d3 Loading...

		Size	First Seen	Last Seen
	#1 Write - 8b0fe86547ea1099fa2f32bd4c526c44	152 B	2023-03-07	2024-05-20
Pretty Observations First Seen2023-03-07 01:33:44 Last Seen2024-05-20 12:37:05 Times Seen1076 Hash 8b0fe86547ea1099fa2f32bd4c526c44 c180eadc55e8f386b0df85d043c4e682fb52ffb8 6887ab5beb82890d571c8f7c9d474bde94d3912e2b59247bab0fe77d408a026a Loading...

HTTP Transactions (38)

URL IP Response Size

www.bashteplo.ru/

195.216.243.12

200 OK

8.8 kB

URL User Request GET HTTP/1.1
www.bashteplo.ru/
IP
195.216.243.12:80
ASN
#57724 Ddos-Guard Ltd

File type
HTML document, Unicode text, UTF-8 text, with very long lines (1081)
Size
8.8 kB (8799 bytes)
Hash
95d40b54252817aa7cd5bc15696506e9
03f612483486426d170468a3219a2a4c2d99c7f6
7a3174473ff7ba0252a9a2656bcbade408ec0a8e09f765470bf6b20c89cfbbb2

Detections

NIDS	Severity	Alert
suricata	medium	ET HUNTING DDoS-Guard Hosted Content
suricata	medium	ET HUNTING DDoS-Guard Hosted Content

HTTP Headers

GET / HTTP/1.1
Host: www.bashteplo.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Cookie: __ddg1_=546ayGfFUKttBrPrIWIu
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: ddos-guard
Connection: keep-alive
Keep-Alive: timeout=60
Date: Fri, 10 May 2024 17:33:59 GMT
Content-Type: text/html; charset=UTF-8
Set-Cookie: 0bashteplouCoz=; path=/; expires=Wed, 11-May-2022 17:33:59 GMT; HttpOnly; domain=.bashteplo.ru
ucvid=mDZHr2WxZO; domain=bashteplo.ru; path=/; expires=Sat, 10-May-2025 17:33:59 GMT
0bashteplopushi=1; path=/; expires=Sat, 11-May-2024 16:33:59 GMT
Pragma: no-cache
Vary: host
Last-Modified: Fri, 12 Oct 2007 20:11:53 GMT
Cache-Control: no-cache,no-store, private
Content-Encoding: gzip
Transfer-Encoding: chunked

www.bashteplo.ru/?syyYpHsen0Y5Or%3BYfqz%3BOOHSfMSpA8TKaOxEzNzPA1KwfnTIp%3BqgiBuQ2cswANOZQ6h4KAi0Sm7yJh5j6RNiP%5EWp3DwruEZW5Y2%3BWz93f1n7hQrzLiWNiBmUaXj96caAnQSk8M51u8kq7%3BdY3Sz%5E1k55EFAYaKT1Mf6TJqyvFQAgp6nzaq3nbBlRRJ08fNqY1iPykwjwniwBBwmnDw46UCDt

195.216.243.12

200 OK

1.2 kB

URL GET HTTP/1.1
www.bashteplo.ru/?syyYpHsen0Y5Or%3BYfqz%3BOOHSfMSpA8TKaOxEzNzPA1KwfnTIp%3BqgiBuQ2cswANOZQ6h4KAi0Sm7yJh5j6RNiP%5EWp3DwruEZW5Y2%3BWz93f1n7hQrzLiWNiBmUaXj96caAnQSk8M51u8kq7%3BdY3Sz%5E1k55EFAYaKT1Mf6TJqyvFQAgp6nzaq3nbBlRRJ08fNqY1iPykwjwniwBBwmnDw46UCDt
IP
195.216.243.12:80
ASN
#57724 Ddos-Guard Ltd

Requested by
http://www.bashteplo.ru/

File type
JavaScript source, ASCII text
Size
1.2 kB (1153 bytes)
Hash
943c98650b9094eb8b8aa93f56c43cf2
85e63f754334ddc8eccb2ffafebbe66de0a9a6c7
b24d01947ba7aeef2f49da9f39b89312ad83dfcf574a551e84121a4183edc50c

Detections

NIDS	Severity	Alert
suricata	medium	ET HUNTING DDoS-Guard Hosted Content
suricata	medium	ET HUNTING DDoS-Guard Hosted Content

HTTP Headers

GET /?syyYpHsen0Y5Or%3BYfqz%3BOOHSfMSpA8TKaOxEzNzPA1KwfnTIp%3BqgiBuQ2cswANOZQ6h4KAi0Sm7yJh5j6RNiP%5EWp3DwruEZW5Y2%3BWz93f1n7hQrzLiWNiBmUaXj96caAnQSk8M51u8kq7%3BdY3Sz%5E1k55EFAYaKT1Mf6TJqyvFQAgp6nzaq3nbBlRRJ08fNqY1iPykwjwniwBBwmnDw46UCDt HTTP/1.1
Host: www.bashteplo.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://www.bashteplo.ru/
Cookie: __ddg1_=546ayGfFUKttBrPrIWIu; ucvid=mDZHr2WxZO; 0bashteplopushi=1
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: ddos-guard
Connection: keep-alive
Keep-Alive: timeout=60
Date: Fri, 10 May 2024 17:33:59 GMT
Content-Type: application/javascript; charset=UTF-8
Cache-Control: no-cache, no-store, private
Pragma: no-cache
Transfer-Encoding: chunked

www.bashteplo.ru/.s/src/base.min.css

195.216.243.12

200 OK

7.5 kB

URL GET HTTP/1.1
www.bashteplo.ru/.s/src/base.min.css
IP
195.216.243.12:80
ASN
#57724 Ddos-Guard Ltd

Requested by
http://www.bashteplo.ru/

File type
ASCII text, with very long lines (29860), with no line terminators
Size
7.5 kB (7491 bytes)
Hash
8338f6c50c03d88e45499204a31cb256
e169c33ebbd5f7eef26085c24d66ea87c870988a
f4f57f1bba9491785ccf6bac5aa7bd02538fe505d8c21c17042c10e960ebfd86

Detections

NIDS	Severity	Alert
suricata	medium	ET HUNTING DDoS-Guard Hosted Content
suricata	medium	ET HUNTING DDoS-Guard Hosted Content

HTTP Headers

GET /.s/src/base.min.css HTTP/1.1
Host: www.bashteplo.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://www.bashteplo.ru/
Cookie: __ddg1_=546ayGfFUKttBrPrIWIu; ucvid=mDZHr2WxZO; 0bashteplopushi=1
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: ddos-guard
Connection: keep-alive
Keep-Alive: timeout=60
Date: Fri, 10 May 2024 17:33:59 GMT
Content-Type: text/css
Last-Modified: Tue, 23 Apr 2024 12:12:31 GMT
ETag: W/"6627a5af-74a4"
Expires: Thu, 30 May 2024 17:33:59 GMT
Cache-Control: max-age=1728000
X-Frame-Options: SAMEORIGIN
Content-Encoding: gzip
Transfer-Encoding: chunked

www.bashteplo.ru/.s/src/layer7.min.css

195.216.243.12

200 OK

7.5 kB

URL GET HTTP/1.1
www.bashteplo.ru/.s/src/layer7.min.css
IP
195.216.243.12:80
ASN
#57724 Ddos-Guard Ltd

Requested by
http://www.bashteplo.ru/

File type
ASCII text, with very long lines (26917), with no line terminators
Size
7.5 kB (7546 bytes)
Hash
228af3f94d21e091fec53834abe8da52
44ce2f6070ed05478304534dbec014a074da3b43
5913c08417099134d049ede7157adff4eee6b7e228063bdb762deb8a1760ec84

Detections

NIDS	Severity	Alert
suricata	medium	ET HUNTING DDoS-Guard Hosted Content
suricata	medium	ET HUNTING DDoS-Guard Hosted Content

HTTP Headers

GET /.s/src/layer7.min.css HTTP/1.1
Host: www.bashteplo.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://www.bashteplo.ru/
Cookie: __ddg1_=546ayGfFUKttBrPrIWIu; ucvid=mDZHr2WxZO; 0bashteplopushi=1
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: ddos-guard
Connection: keep-alive
Keep-Alive: timeout=60
Date: Fri, 10 May 2024 17:33:59 GMT
Content-Type: text/css
Last-Modified: Mon, 15 Apr 2024 09:33:32 GMT
ETag: W/"661cf46c-6925"
Expires: Thu, 30 May 2024 17:33:59 GMT
Cache-Control: max-age=1728000
X-Frame-Options: SAMEORIGIN
Content-Encoding: gzip
Transfer-Encoding: chunked

www.bashteplo.ru/?F%21CikFr0r0PnaGvPMqr9F%21Ess%5EOUzT57a4zn0pjnAkuHA%3BFSF2i8vLkAi8iNNbW4pNMs9e5u%3BGTwB2C6WMVS0VpWJQIvsJj3QLbKrim7AmZq%3BGLQRixbtaXnkI96plEQNaScCvDEJJLV1J5NwBHzMt4jl7f3PkfR1PLznhiQn4EqtdNUQPU4AwyTdQIarixDbm8X6698mvJTMQDknkMmkPNzwgoo

195.216.243.12

200 OK

868 B

URL GET HTTP/1.1
www.bashteplo.ru/?F%21CikFr0r0PnaGvPMqr9F%21Ess%5EOUzT57a4zn0pjnAkuHA%3BFSF2i8vLkAi8iNNbW4pNMs9e5u%3BGTwB2C6WMVS0VpWJQIvsJj3QLbKrim7AmZq%3BGLQRixbtaXnkI96plEQNaScCvDEJJLV1J5NwBHzMt4jl7f3PkfR1PLznhiQn4EqtdNUQPU4AwyTdQIarixDbm8X6698mvJTMQDknkMmkPNzwgoo
IP
195.216.243.12:80
ASN
#57724 Ddos-Guard Ltd

Requested by
http://www.bashteplo.ru/

File type
JavaScript source, ASCII text
Size
868 B (868 bytes)
Hash
6b4065ad1648b47270ab1407c8f45d7e
b7f27be5c661aa0ba78dff8d9afc1c83c2d1c801
f01004246767511526380faa04f83996eed61ea986970464e89f8e99435c26c2

Detections

NIDS	Severity	Alert
suricata	medium	ET HUNTING DDoS-Guard Hosted Content
suricata	medium	ET HUNTING DDoS-Guard Hosted Content

HTTP Headers

GET /?F%21CikFr0r0PnaGvPMqr9F%21Ess%5EOUzT57a4zn0pjnAkuHA%3BFSF2i8vLkAi8iNNbW4pNMs9e5u%3BGTwB2C6WMVS0VpWJQIvsJj3QLbKrim7AmZq%3BGLQRixbtaXnkI96plEQNaScCvDEJJLV1J5NwBHzMt4jl7f3PkfR1PLznhiQn4EqtdNUQPU4AwyTdQIarixDbm8X6698mvJTMQDknkMmkPNzwgoo HTTP/1.1
Host: www.bashteplo.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://www.bashteplo.ru/
Cookie: __ddg1_=546ayGfFUKttBrPrIWIu; ucvid=mDZHr2WxZO; 0bashteplopushi=1
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: ddos-guard
Connection: keep-alive
Keep-Alive: timeout=60
Date: Fri, 10 May 2024 17:33:59 GMT
Content-Type: application/javascript; charset=UTF-8
Cache-Control: no-cache, no-store, private
Pragma: no-cache
Transfer-Encoding: chunked

s7.ucoz.net/cgi/uutils.fcg?a=uSD&ca=2&ug=999&isp=0&r=0.721103430244035

195.216.243.12

200 OK

0 B

URL GET HTTP/1.1
s7.ucoz.net/cgi/uutils.fcg?a=uSD&ca=2&ug=999&isp=0&r=0.721103430244035
IP
195.216.243.12:80
ASN
#57724 Ddos-Guard Ltd

Requested by
http://www.bashteplo.ru/

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

NIDS	Severity	Alert
suricata	medium	ET HUNTING DDoS-Guard Hosted Content
suricata	medium	ET HUNTING DDoS-Guard Hosted Content

HTTP Headers

GET /cgi/uutils.fcg?a=uSD&ca=2&ug=999&isp=0&r=0.721103430244035 HTTP/1.1
Host: s7.ucoz.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://www.bashteplo.ru/
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: ddos-guard
Connection: keep-alive
Keep-Alive: timeout=60
Set-Cookie: __ddg1_=Q83IbY1G39FmbvW7Gap1; Domain=.ucoz.net; HttpOnly; Path=/; Expires=Sat, 10-May-2025 17:34:00 GMT
Date: Fri, 10 May 2024 17:33:59 GMT
Content-Type: application/javascript; charset=UTF-8
Transfer-Encoding: chunked

src.ucoz.ru/src/css/901.css

193.109.246.58

200 OK

3.6 kB

URL GET HTTP/1.1
src.ucoz.ru/src/css/901.css
IP
193.109.246.58:80
ASN
#204343 Compubyte Limited

Requested by
http://www.bashteplo.ru/

File type
assembler source, ASCII text
Size
3.6 kB (3590 bytes)
Hash
f8e4d324f36e2704d9891f600f8713f1
ef73624335f9eb70db1ea67d6123b8eaff0ce989
cf4d2396cf2651fcd68f2ccb098608b87eb6c294c10b8aef6dd98e8cbf334644

HTTP Headers

GET /src/css/901.css HTTP/1.1
Host: src.ucoz.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://www.bashteplo.ru/
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Fri, 10 May 2024 17:34:01 GMT
Content-Type: text/css
Last-Modified: Wed, 26 May 2021 12:20:25 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=15
ETag: W/"60ae3d09-3fd1"
Expires: Mon, 20 May 2024 17:34:01 GMT
Cache-Control: max-age=864000
Content-Encoding: gzip

www.bashteplo.ru/.s/src/jquery-1.12.4.min.js

195.216.243.12

200 OK

34 kB

URL GET HTTP/1.1
www.bashteplo.ru/.s/src/jquery-1.12.4.min.js
IP
195.216.243.12:80
ASN
#57724 Ddos-Guard Ltd

Requested by
http://www.bashteplo.ru/

File type
JavaScript source, ASCII text, with very long lines (32077)
Size
34 kB (33793 bytes)
Hash
4f252523d4af0b478c810c2547a63e19
5a9dcfbef655a2668e78baebeaa8dc6f41d8dabb
668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404

Detections

NIDS	Severity	Alert
suricata	medium	ET HUNTING DDoS-Guard Hosted Content
suricata	medium	ET HUNTING DDoS-Guard Hosted Content

HTTP Headers

GET /.s/src/jquery-1.12.4.min.js HTTP/1.1
Host: www.bashteplo.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://www.bashteplo.ru/
Cookie: __ddg1_=546ayGfFUKttBrPrIWIu; ucvid=mDZHr2WxZO; 0bashteplopushi=1
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: ddos-guard
Connection: keep-alive
Keep-Alive: timeout=60
Date: Fri, 10 May 2024 17:33:59 GMT
Content-Type: text/javascript
Last-Modified: Tue, 17 Oct 2023 07:17:23 GMT
ETag: W/"652e3503-17b8b"
Expires: Thu, 30 May 2024 17:33:59 GMT
Cache-Control: max-age=1728000
X-Frame-Options: SAMEORIGIN
Content-Encoding: gzip
Transfer-Encoding: chunked

www.bashteplo.ru/.s/src/ulightbox/ulightbox.min.css

195.216.243.12

200 OK

1.4 kB

URL GET HTTP/1.1
www.bashteplo.ru/.s/src/ulightbox/ulightbox.min.css
IP
195.216.243.12:80
ASN
#57724 Ddos-Guard Ltd

Requested by
http://www.bashteplo.ru/

File type
ASCII text, with very long lines (4552), with no line terminators
Size
1.4 kB (1359 bytes)
Hash
a05316c4712b56d4de87d83d57fc9a74
22db34df3400db68355d8b3e06c01c4f964ad484
5ddb669cd05d5c481a798631d2bd02b041950600ebaa4d419833fe0f01a04955

Detections

NIDS	Severity	Alert
suricata	medium	ET HUNTING DDoS-Guard Hosted Content
suricata	medium	ET HUNTING DDoS-Guard Hosted Content

HTTP Headers

GET /.s/src/ulightbox/ulightbox.min.css HTTP/1.1
Host: www.bashteplo.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://www.bashteplo.ru/
Cookie: __ddg1_=546ayGfFUKttBrPrIWIu; ucvid=mDZHr2WxZO; 0bashteplopushi=1
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: ddos-guard
Connection: keep-alive
Keep-Alive: timeout=60
Date: Fri, 10 May 2024 17:33:59 GMT
Content-Type: text/css
Last-Modified: Tue, 24 May 2022 12:36:45 GMT
ETag: W/"628cd15d-11c8"
Expires: Thu, 30 May 2024 17:33:59 GMT
Cache-Control: max-age=1728000
X-Frame-Options: SAMEORIGIN
Content-Encoding: gzip
Transfer-Encoding: chunked

www.bashteplo.ru/.s/src/social.css

195.216.243.12

200 OK

610 B

URL GET HTTP/1.1
www.bashteplo.ru/.s/src/social.css
IP
195.216.243.12:80
ASN
#57724 Ddos-Guard Ltd

Requested by
http://www.bashteplo.ru/

File type
ASCII text, with very long lines (442)
Size
610 B (610 bytes)
Hash
917872d4bcfea5e238f1f02cef7a9596
84c5e7eb25c8d7b11639ea428a9fac50bab26f84
12c919cc8994233c2f67bdcf1185997781ccfe1ce3405308e31bfd33d260bd74

Detections

NIDS	Severity	Alert
suricata	medium	ET HUNTING DDoS-Guard Hosted Content
suricata	medium	ET HUNTING DDoS-Guard Hosted Content

HTTP Headers

GET /.s/src/social.css HTTP/1.1
Host: www.bashteplo.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://www.bashteplo.ru/
Cookie: __ddg1_=546ayGfFUKttBrPrIWIu; ucvid=mDZHr2WxZO; 0bashteplopushi=1
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: ddos-guard
Connection: keep-alive
Keep-Alive: timeout=60
Date: Fri, 10 May 2024 17:33:59 GMT
Content-Type: text/css
Last-Modified: Wed, 01 Dec 2021 11:13:55 GMT
ETag: W/"61a758f3-9b8"
Expires: Thu, 30 May 2024 17:33:59 GMT
Cache-Control: max-age=1728000
X-Frame-Options: SAMEORIGIN
Content-Encoding: gzip
Transfer-Encoding: chunked

bashteplo.ru/

195.216.243.12

301 Moved Permanently

7.6 kB

URL User Request GET HTTP/2
bashteplo.ru/
IP
195.216.243.12:443
ASN
#57724 Ddos-Guard Ltd

Certificate
IssuerLet's Encrypt
Subjectbashteplo.ru
FingerprintFF:7D:A5:D9:D5:E6:22:C8:7A:14:C0:48:37:23:A9:78:05:27:ED:01
ValidityTue, 16 Apr 2024 23:09:12 GMT - Mon, 15 Jul 2024 23:09:11 GMT

File type
gzip compressed data, from Unix
Size
7.6 kB (7619 bytes)
Hash
952028cc49dbb31be8ea777891d4d449
3080da17b5a79d837ea4ca44e5901a17da2574fe
b4edc5eecc1422ca625c59883932ab9bc67c298e27a30c1637c77996e7087a43

HTTP Headers

GET / HTTP/1.1
Host: bashteplo.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 301 Moved Permanently
server: ddos-guard
set-cookie: __ddg1_=546ayGfFUKttBrPrIWIu; Domain=.bashteplo.ru; HttpOnly; Path=/; Expires=Sat, 10-May-2025 17:34:00 GMT
date: Fri, 10 May 2024 17:33:59 GMT
content-type: application/octet-stream
location: http://www.bashteplo.ru/
cache-control: private
X-Firefox-Spdy: h2

www.bashteplo.ru/.s/src/uwnd.min.js

195.216.243.12

200 OK

57 kB

URL GET HTTP/1.1
www.bashteplo.ru/.s/src/uwnd.min.js
IP
195.216.243.12:80
ASN
#57724 Ddos-Guard Ltd

Requested by
http://www.bashteplo.ru/

File type
JavaScript source, ASCII text, with very long lines (65536), with no line terminators
Size
57 kB (56849 bytes)
Hash
e19b1b85c6cb8bd91d175eabd820530d
aa54c2056ee4398a1bb8e1a9b3d199eff81c32db
3b59399d2974b553bce7ecd71e2346408f5f1969981d7e7170d33f7887ece90b

Detections

NIDS	Severity	Alert
suricata	medium	ET HUNTING DDoS-Guard Hosted Content
suricata	medium	ET HUNTING DDoS-Guard Hosted Content

HTTP Headers

GET /.s/src/uwnd.min.js HTTP/1.1
Host: www.bashteplo.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://www.bashteplo.ru/
Cookie: __ddg1_=546ayGfFUKttBrPrIWIu; ucvid=mDZHr2WxZO; 0bashteplopushi=1
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: ddos-guard
Connection: keep-alive
Keep-Alive: timeout=60
Date: Fri, 10 May 2024 17:33:59 GMT
Content-Type: text/javascript
Last-Modified: Mon, 15 Apr 2024 09:33:32 GMT
ETag: W/"661cf46c-3341b"
Expires: Thu, 30 May 2024 17:33:59 GMT
Cache-Control: max-age=1728000
X-Frame-Options: SAMEORIGIN
Content-Encoding: gzip
Transfer-Encoding: chunked

src.ucoz.ru/t/901/7.gif

193.109.246.58

200 OK

44 B

URL GET HTTP/1.1
src.ucoz.ru/t/901/7.gif
IP
193.109.246.58:80
ASN
#204343 Compubyte Limited

Requested by
http://www.bashteplo.ru/

File type
GIF image data, version 89a, 1 x 11
Size
44 B (44 bytes)
Hash
62657503979e27019ec7f46fe20a6303
a31df78f52a623987c88730fa1802b520635fc97
3f8f000b0c9dc01fc59efa0efa7efe07aa0cf5d5a70f878e5266c5e834f629e1

HTTP Headers

GET /t/901/7.gif HTTP/1.1
Host: src.ucoz.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://www.bashteplo.ru/
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Fri, 10 May 2024 17:34:01 GMT
Content-Type: image/gif
Content-Length: 44
Last-Modified: Fri, 01 Apr 2016 13:34:28 GMT
Connection: keep-alive
Keep-Alive: timeout=15
ETag: "56fe78e4-2c"
Expires: Mon, 20 May 2024 17:34:01 GMT
Cache-Control: max-age=864000
Accept-Ranges: bytes

www.bashteplo.ru/.s/img/cp/7.gif

195.216.243.12

200 OK

225 B

URL GET HTTP/1.1
www.bashteplo.ru/.s/img/cp/7.gif
IP
195.216.243.12:80
ASN
#57724 Ddos-Guard Ltd

Requested by
http://www.bashteplo.ru/

File type
GIF image data, version 89a, 80 x 15
Size
225 B (225 bytes)
Hash
f0d288c83ac80e24a40fde8cc8d5bf20
4c3a1650865204ac65301d1040a35599f9d88362
f6bdd3ab2ae3c0f8d13391e98c8b02fcdfe524dfa6b2af74c40d9aac816d9217

Detections

NIDS	Severity	Alert
suricata	medium	ET HUNTING DDoS-Guard Hosted Content
suricata	medium	ET HUNTING DDoS-Guard Hosted Content

HTTP Headers

GET /.s/img/cp/7.gif HTTP/1.1
Host: www.bashteplo.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://www.bashteplo.ru/
Cookie: __ddg1_=546ayGfFUKttBrPrIWIu; ucvid=mDZHr2WxZO; 0bashteplopushi=1
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: ddos-guard
Connection: keep-alive
Keep-Alive: timeout=60
Date: Fri, 10 May 2024 17:34:00 GMT
Content-Type: image/gif
Content-Length: 225
Last-Modified: Wed, 01 Nov 2023 11:43:32 GMT
ETag: "654239e4-e1"
Expires: Thu, 30 May 2024 17:34:00 GMT
Cache-Control: max-age=1728000
X-Frame-Options: SAMEORIGIN
Accept-Ranges: bytes

www.bashteplo.ru/stat/1715362439

195.216.243.12

200 OK

413 B

URL GET HTTP/1.1
www.bashteplo.ru/stat/1715362439
IP
195.216.243.12:80
ASN
#57724 Ddos-Guard Ltd

Requested by
http://www.bashteplo.ru/

File type
GIF image data, version 87a, 88 x 31
Size
413 B (413 bytes)
Hash
556434d3957d81a37073081f91436c62
702cbaac8ec7a38dfa295d97bcc7a5b3b8cb353f
8ab2d10badd7e5bf658dfdc5f7a5efec043774e0bd7d364c2b0ddb024d18910d

Detections

NIDS	Severity	Alert
suricata	medium	ET HUNTING DDoS-Guard Hosted Content
suricata	medium	ET HUNTING DDoS-Guard Hosted Content

HTTP Headers

GET /stat/1715362439 HTTP/1.1
Host: www.bashteplo.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://www.bashteplo.ru/
Cookie: __ddg1_=546ayGfFUKttBrPrIWIu; ucvid=mDZHr2WxZO; 0bashteplopushi=1
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: ddos-guard
Connection: keep-alive
Keep-Alive: timeout=60
Date: Fri, 10 May 2024 17:34:00 GMT
Content-Type: image/gif
Cache-Control: no-cache, no-store, private
Pragma: no-cache
Expires: Thu, 01 Dec 1994 16:00:00 GMT
Transfer-Encoding: chunked

bashteplo.ru/images/mail.gif

195.216.243.12

200 OK

66 B

URL GET HTTP/1.1
bashteplo.ru/images/mail.gif
IP
195.216.243.12:80
ASN
#57724 Ddos-Guard Ltd

Requested by
http://www.bashteplo.ru/

File type
GIF image data, version 89a, 13 x 9
Size
66 B (66 bytes)
Hash
276b48becb0419c5d7bcec4a534e5ff3
af45f5d73a0f144ac738f3d54546778793ae12f3
19f49c037c03ee7da22414a6fe89cae45fb86cee697713f7da1a9bcdf6fe0955

Detections

NIDS	Severity	Alert
suricata	medium	ET HUNTING DDoS-Guard Hosted Content
suricata	medium	ET HUNTING DDoS-Guard Hosted Content

HTTP Headers

GET /images/mail.gif HTTP/1.1
Host: bashteplo.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://www.bashteplo.ru/
Cookie: __ddg1_=546ayGfFUKttBrPrIWIu; ucvid=mDZHr2WxZO
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: ddos-guard
Connection: keep-alive
Keep-Alive: timeout=60
Date: Fri, 10 May 2024 17:34:00 GMT
Content-Type: image/gif
Content-Length: 66
Last-Modified: Thu, 24 May 2007 09:18:07 GMT
ETag: "4655584f-42"
Expires: Thu, 30 May 2024 17:34:00 GMT
Cache-Control: max-age=1728000
X-Frame-Options: SAMEORIGIN
Accept-Ranges: bytes

bashteplo.ucoz.ru/images/4444.jpg

195.216.243.12

200 OK

12 kB

URL GET HTTP/1.1
bashteplo.ucoz.ru/images/4444.jpg
IP
195.216.243.12:80
ASN
#57724 Ddos-Guard Ltd

Requested by
http://www.bashteplo.ru/

File type
JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 159x124, components 3
Size
12 kB (11649 bytes)
Hash
8a748abdd8045726159bfb9184ca9422
3bc27923538941bd3bc14133ced437a58ee69102
9fabca953e3f6bf6e3380f94466c2d758ec67f54dd09501c928d44340ae568ab

Detections

NIDS	Severity	Alert
suricata	medium	ET HUNTING DDoS-Guard Hosted Content
suricata	medium	ET HUNTING DDoS-Guard Hosted Content

HTTP Headers

GET /images/4444.jpg HTTP/1.1
Host: bashteplo.ucoz.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://www.bashteplo.ru/
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: ddos-guard
Connection: keep-alive
Keep-Alive: timeout=60
Set-Cookie: __ddg1_=qfz74ptu0nephQlfqr5O; Domain=.ucoz.ru; HttpOnly; Path=/; Expires=Sat, 10-May-2025 17:34:00 GMT
Date: Fri, 10 May 2024 17:34:00 GMT
Content-Type: image/jpeg
Content-Length: 11649
Last-Modified: Tue, 26 Jun 2007 05:48:39 GMT
ETag: "4680a8b7-2d81"
Expires: Thu, 30 May 2024 17:34:00 GMT
Cache-Control: max-age=1728000
X-Frame-Options: SAMEORIGIN
Accept-Ranges: bytes

www.bashteplo.ru/images/BANNER1.jpg

195.216.243.12

200 OK

17 kB

URL GET HTTP/1.1
www.bashteplo.ru/images/BANNER1.jpg
IP
195.216.243.12:80
ASN
#57724 Ddos-Guard Ltd

Requested by
http://www.bashteplo.ru/

File type
JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 361x68, components 3
Size
17 kB (17236 bytes)
Hash
3fa7a5589f348a58fafc429ab9db93f2
928e53a33e9daf561cf62956fc6bf5b98c15a7c7
bcd81652bd397e32fdb271ac79bf17eb54fad255ab738020b5b170def09247f1

Detections

NIDS	Severity	Alert
suricata	medium	ET HUNTING DDoS-Guard Hosted Content
suricata	medium	ET HUNTING DDoS-Guard Hosted Content

HTTP Headers

GET /images/BANNER1.jpg HTTP/1.1
Host: www.bashteplo.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://www.bashteplo.ru/
Cookie: __ddg1_=546ayGfFUKttBrPrIWIu; ucvid=mDZHr2WxZO; 0bashteplopushi=1
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: ddos-guard
Connection: keep-alive
Keep-Alive: timeout=60
Date: Fri, 10 May 2024 17:34:00 GMT
Content-Type: image/jpeg
Content-Length: 17236
Last-Modified: Thu, 28 Jun 2007 11:24:41 GMT
ETag: "46839a79-4354"
Expires: Thu, 30 May 2024 17:34:00 GMT
Cache-Control: max-age=1728000
X-Frame-Options: SAMEORIGIN
Accept-Ranges: bytes

src.ucoz.ru/t/901/6.gif

193.109.246.58

200 OK

43 B

URL GET HTTP/1.1
src.ucoz.ru/t/901/6.gif
IP
193.109.246.58:80
ASN
#204343 Compubyte Limited

Requested by
http://www.bashteplo.ru/

File type
GIF image data, version 89a, 1 x 1
Size
43 B (43 bytes)
Hash
325472601571f31e1bf00674c368d335
2daeaa8b5f19f0bc209d976c02bd6acb51b00b0a
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

HTTP Headers

GET /t/901/6.gif HTTP/1.1
Host: src.ucoz.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://www.bashteplo.ru/
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Fri, 10 May 2024 17:34:01 GMT
Content-Type: image/gif
Content-Length: 43
Last-Modified: Fri, 01 Apr 2016 13:34:28 GMT
Connection: keep-alive
Keep-Alive: timeout=15
ETag: "56fe78e4-2b"
Expires: Mon, 20 May 2024 17:34:01 GMT
Cache-Control: max-age=864000
Accept-Ranges: bytes

informer.gismeteo.ru/28722-31.GIF

185.134.203.99

200 OK

4.7 kB

URL GET HTTP/1.1
informer.gismeteo.ru/28722-31.GIF
IP
185.134.203.99:80
ASN
#203444 MapMakers Group Ltd

Requested by
http://www.bashteplo.ru/

File type
GIF image data, version 87a, 100 x 100
Size
4.7 kB (4747 bytes)
Hash
cbf4ee73e9563cb93e50bb9ac06a733c
130938f726f3f27bf4c8319afa2abdebf468e8d5
0f8b19c934def67fde2c51a3083e6b0ef6563b43fd3fb40d7d49e62e9cc3d181

HTTP Headers

GET /28722-31.GIF HTTP/1.1
Host: informer.gismeteo.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://www.bashteplo.ru/
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 10 May 2024 17:34:00 GMT
Content-Type: image/gif
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: PHP/5.4.37
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Server: gis

src.ucoz.ru/t/901/2.gif

193.109.246.58

200 OK

541 B

URL GET HTTP/1.1
src.ucoz.ru/t/901/2.gif
IP
193.109.246.58:80
ASN
#204343 Compubyte Limited

Requested by
http://www.bashteplo.ru/

File type
GIF image data, version 89a, 1 x 124
Size
541 B (541 bytes)
Hash
507ca9c006244f45ccad227147bafe9c
49810022506d0be0fb16e6ff824f3a7fa265802e
50f70a655dadb24173b473d7c8cb0744317938698929bf18afaa61127e214a7d

HTTP Headers

GET /t/901/2.gif HTTP/1.1
Host: src.ucoz.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://www.bashteplo.ru/
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Fri, 10 May 2024 17:34:01 GMT
Content-Type: image/gif
Content-Length: 541
Last-Modified: Fri, 01 Apr 2016 13:34:28 GMT
Connection: keep-alive
Keep-Alive: timeout=15
ETag: "56fe78e4-21d"
Expires: Mon, 20 May 2024 17:34:01 GMT
Cache-Control: max-age=864000
Accept-Ranges: bytes

src.ucoz.ru/t/901/9.gif

193.109.246.58

200 OK

268 B

URL GET HTTP/1.1
src.ucoz.ru/t/901/9.gif
IP
193.109.246.58:80
ASN
#204343 Compubyte Limited

Requested by
http://www.bashteplo.ru/

File type
GIF image data, version 89a, 1 x 44
Size
268 B (268 bytes)
Hash
8f7a3ec95aa07da40aec56b611b884ac
c5a5bb46ee45aac80b9d3afb219d9af3cc727523
aaae51109d9e1df1685b254e73069d6b82541176e9d04ef2be69441a1fa0fbc1

HTTP Headers

GET /t/901/9.gif HTTP/1.1
Host: src.ucoz.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://www.bashteplo.ru/
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Fri, 10 May 2024 17:34:01 GMT
Content-Type: image/gif
Content-Length: 268
Last-Modified: Fri, 01 Apr 2016 13:34:28 GMT
Connection: keep-alive
Keep-Alive: timeout=15
ETag: "56fe78e4-10c"
Expires: Mon, 20 May 2024 17:34:01 GMT
Cache-Control: max-age=864000
Accept-Ranges: bytes

www.bashteplo.ru/?d8GO%3Bii5thyLVNRTxa6m3AVuyRegxV%5EOseWA7O5IGHwORv7VDkAky%5Eti7hX8xDCT4tRbIZteV6ZVX2ZEvdxqxx8x

195.216.243.12

200 OK

799 B

URL GET HTTP/1.1
www.bashteplo.ru/?d8GO%3Bii5thyLVNRTxa6m3AVuyRegxV%5EOseWA7O5IGHwORv7VDkAky%5Eti7hX8xDCT4tRbIZteV6ZVX2ZEvdxqxx8x
IP
195.216.243.12:80
ASN
#57724 Ddos-Guard Ltd

Requested by
http://www.bashteplo.ru/

File type
HTML document, ASCII text
Size
799 B (799 bytes)
Hash
feab81e1854354f752c2c7552417530c
7506eee4a96c43d114ac61cf7e75cd12a8b3bc71
768c366c5c352db3958f82430fc135e9ebf87342a2f13e73069d1f848e7b341c

Detections

NIDS	Severity	Alert
suricata	medium	ET HUNTING DDoS-Guard Hosted Content
suricata	medium	ET HUNTING DDoS-Guard Hosted Content

HTTP Headers

GET /?d8GO%3Bii5thyLVNRTxa6m3AVuyRegxV%5EOseWA7O5IGHwORv7VDkAky%5Eti7hX8xDCT4tRbIZteV6ZVX2ZEvdxqxx8x HTTP/1.1
Host: www.bashteplo.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://www.bashteplo.ru/
Cookie: __ddg1_=546ayGfFUKttBrPrIWIu; ucvid=mDZHr2WxZO; 0bashteplopushi=1
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: ddos-guard
Connection: keep-alive
Keep-Alive: timeout=60
Date: Fri, 10 May 2024 17:34:00 GMT
Content-Type: text/html; charset=UTF-8
Cache-Control: no-cache, no-store, private
Pragma: no-cache
Content-Encoding: gzip
Transfer-Encoding: chunked

bashteplo.ucoz.ru/images/22.jpg

195.216.243.12

200 OK

14 kB

URL GET HTTP/1.1
bashteplo.ucoz.ru/images/22.jpg
IP
195.216.243.12:80
ASN
#57724 Ddos-Guard Ltd

Requested by
http://www.bashteplo.ru/

File type
JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 159x178, components 3
Size
14 kB (14145 bytes)
Hash
538917713fa3171fbe7ee7461a9143a8
429a5cec1f36b223c62f40661e050b4e710541f8
b6dd6d0e210e76a440fbe0e7237cba11dab6c98a1b05f9b1f7c655bd075968a6

Detections

NIDS	Severity	Alert
suricata	medium	ET HUNTING DDoS-Guard Hosted Content
suricata	medium	ET HUNTING DDoS-Guard Hosted Content

HTTP Headers

GET /images/22.jpg HTTP/1.1
Host: bashteplo.ucoz.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://www.bashteplo.ru/
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: ddos-guard
Connection: keep-alive
Keep-Alive: timeout=60
Set-Cookie: __ddg1_=ISiAURSYNhY4oESZ3g3r; Domain=.ucoz.ru; HttpOnly; Path=/; Expires=Sat, 10-May-2025 17:34:00 GMT
Date: Fri, 10 May 2024 17:34:00 GMT
Content-Type: image/jpeg
Content-Length: 14145
Last-Modified: Tue, 26 Jun 2007 05:54:48 GMT
ETag: "4680aa28-3741"
Expires: Thu, 30 May 2024 17:34:00 GMT
Cache-Control: max-age=1728000
X-Frame-Options: SAMEORIGIN
Accept-Ranges: bytes

src.ucoz.ru/t/901/5.gif

193.109.246.58

200 OK

154 B

URL GET HTTP/1.1
src.ucoz.ru/t/901/5.gif
IP
193.109.246.58:80
ASN
#204343 Compubyte Limited

Requested by
http://www.bashteplo.ru/

File type
GIF image data, version 89a, 1 x 28
Size
154 B (154 bytes)
Hash
16e5ea98d70ddd0eaeefada8d385ec50
0914c03df0f0bfe20a8fb20fff3ac6bb9713cde6
a6fbf69047dca8a45ae6f5a9b2cc910f8e0df9ba317b6d8ded4050cec715da73

HTTP Headers

GET /t/901/5.gif HTTP/1.1
Host: src.ucoz.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://www.bashteplo.ru/
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Fri, 10 May 2024 17:34:01 GMT
Content-Type: image/gif
Content-Length: 154
Last-Modified: Fri, 01 Apr 2016 13:34:28 GMT
Connection: keep-alive
Keep-Alive: timeout=15
ETag: "56fe78e4-9a"
Expires: Mon, 20 May 2024 17:34:01 GMT
Cache-Control: max-age=864000
Accept-Ranges: bytes

www.ankor.kharkov.ua/images/1x1.gif

91.196.0.19

404 Not Found

238 B

URL GET HTTP/1.1
www.ankor.kharkov.ua/images/1x1.gif
IP
91.196.0.19:80
ASN
#41550 First Ukrainian Internet Registrar LLC

Requested by
http://www.bashteplo.ru/

File type
HTML document, ASCII text
Size
238 B (238 bytes)
Hash
a34ac19f4afae63adc5d2f7bc970c07f
a82190fc530c265aa40a045c21770d967f4767b8
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3

HTTP Headers

GET /images/1x1.gif HTTP/1.1
Host: www.ankor.kharkov.ua
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://www.bashteplo.ru/
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 404 Not Found
Server: nginx
Date: Fri, 10 May 2024 17:34:00 GMT
Content-Type: text/html; charset=iso-8859-1
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Content-Encoding: gzip

s7.ucoz.net/adv/dummy/000/css/style.css

195.216.243.12

200 OK

1.6 kB

URL GET HTTP/1.1
s7.ucoz.net/adv/dummy/000/css/style.css
IP
195.216.243.12:80
ASN
#57724 Ddos-Guard Ltd

Requested by
http://www.bashteplo.ru/?d8GO%3Bii5thyLVNRTxa6m3AVuyRegxV%5EOseWA7O5IGHwORv7VDkAky%5Eti7hX8xDCT4tRbIZteV6ZVX2ZEvdxqxx8x

File type
ASCII text
Size
1.6 kB (1564 bytes)
Hash
66bafd673de0c9223fcb6de5548e0e6f
cff0e25c3783772bfb13ad21ad8b328ccca63cb9
25ed1276f20986488e24b40548f023af771181ac7862900bde43cbdaffe0d0b9

Detections

NIDS	Severity	Alert
suricata	medium	ET HUNTING DDoS-Guard Hosted Content
suricata	medium	ET HUNTING DDoS-Guard Hosted Content

HTTP Headers

GET /adv/dummy/000/css/style.css HTTP/1.1
Host: s7.ucoz.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://www.bashteplo.ru/
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: ddos-guard
Connection: keep-alive
Keep-Alive: timeout=60
Set-Cookie: __ddg1_=ax0v2xCFzozjnhjEo3fy; Domain=.ucoz.net; HttpOnly; Path=/; Expires=Sat, 10-May-2025 17:34:01 GMT
Date: Fri, 10 May 2024 17:34:00 GMT
Content-Type: text/css
Last-Modified: Tue, 26 Mar 2019 14:28:10 GMT
ETag: W/"5c9a36fa-19eb"
Content-Encoding: gzip
Transfer-Encoding: chunked

www.bashteplo.ru/favicon.ico

195.216.243.12

200 OK

15 kB

URL GET HTTP/1.1
www.bashteplo.ru/favicon.ico
IP
195.216.243.12:80
ASN
#57724 Ddos-Guard Ltd

Requested by
http://www.bashteplo.ru/

File type
MS Windows icon resource - 3 icons, 48x48, 32 bits/pixel, 32x32, 32 bits/pixel
Size
15 kB (15086 bytes)
Hash
12e586b55ae88e7db200e9e77f39cf91
e229d2c29ff74dc720d8f73da2fb7d6a5cf0f2f7
441ab4f4da564d1e43c1b117270dc5320dc993e6fb849479bfc82c8bcc60469b

Detections

NIDS	Severity	Alert
suricata	medium	ET HUNTING DDoS-Guard Hosted Content
suricata	medium	ET HUNTING DDoS-Guard Hosted Content

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: www.bashteplo.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://www.bashteplo.ru/
Cookie: __ddg1_=546ayGfFUKttBrPrIWIu; ucvid=mDZHr2WxZO; 0bashteplopushi=1
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: ddos-guard
Connection: keep-alive
Keep-Alive: timeout=60
Date: Fri, 10 May 2024 17:34:00 GMT
Content-Type: image/x-icon
Content-Length: 15086
Last-Modified: Tue, 23 Apr 2024 12:18:08 GMT
ETag: "6627a700-3aee"
X-Frame-Options: SAMEORIGIN
Accept-Ranges: bytes

s7.ucoz.net/adv/dummy/000/img/ucoz-logo.png

195.216.243.12

200 OK

4.6 kB

URL GET HTTP/1.1
s7.ucoz.net/adv/dummy/000/img/ucoz-logo.png
IP
195.216.243.12:80
ASN
#57724 Ddos-Guard Ltd

Requested by
http://www.bashteplo.ru/?d8GO%3Bii5thyLVNRTxa6m3AVuyRegxV%5EOseWA7O5IGHwORv7VDkAky%5Eti7hX8xDCT4tRbIZteV6ZVX2ZEvdxqxx8x

File type
PNG image data, 136 x 136, 8-bit/color RGBA, non-interlaced
Size
4.6 kB (4585 bytes)
Hash
14d37a3409afc2c450c62b97bc8019da
43fc12bf16a292d6d10b17ab7d1e37785288858c
fc4f998c5fcacc6cf161f1bedf46ec55e56273670ecce8b59e947b68d3c5bdb2

Detections

NIDS	Severity	Alert
suricata	medium	ET HUNTING DDoS-Guard Hosted Content
suricata	medium	ET HUNTING DDoS-Guard Hosted Content

HTTP Headers

GET /adv/dummy/000/img/ucoz-logo.png HTTP/1.1
Host: s7.ucoz.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://www.bashteplo.ru/
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: ddos-guard
Connection: keep-alive
Keep-Alive: timeout=60
Set-Cookie: __ddg1_=UK02YuRxWJ6VZvnN2u7N; Domain=.ucoz.net; HttpOnly; Path=/; Expires=Sat, 10-May-2025 17:34:01 GMT
Date: Fri, 10 May 2024 17:34:00 GMT
Content-Type: image/png
Content-Length: 4585
Last-Modified: Tue, 26 Mar 2019 14:28:10 GMT
ETag: "5c9a36fa-11e9"
Accept-Ranges: bytes

rot.spotsniper.ru/?src=ujs6&s_subid=btn

31.172.81.159

200 OK

1 B

URL GET HTTP/1.1
rot.spotsniper.ru/?src=ujs6&s_subid=btn
IP
31.172.81.159:443
ASN
#44066 firstcolo GmbH

Requested by
http://www.bashteplo.ru/?d8GO%3Bii5thyLVNRTxa6m3AVuyRegxV%5EOseWA7O5IGHwORv7VDkAky%5Eti7hX8xDCT4tRbIZteV6ZVX2ZEvdxqxx8x
Certificate
IssuerLet's Encrypt
Subjectrot.spotsniper.ru
Fingerprint2F:7F:97:68:95:64:1F:87:8F:36:D0:34:1B:8C:D4:EA:AD:B0:C6:FA
ValidityMon, 25 Mar 2024 11:42:01 GMT - Sun, 23 Jun 2024 11:42:00 GMT

File type
very short file (no magic)
Size
1 B (1 bytes)
Hash
7215ee9c7d9dc229d2921a40e899ec5f
b858cb282617fb0956d960215c8e84d1ccf909c6
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068

HTTP Headers

GET /?src=ujs6&s_subid=btn HTTP/1.1
Host: rot.spotsniper.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://www.bashteplo.ru/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Fri, 10 May 2024 17:34:01 GMT
Content-Type: application/javascript
Content-Length: 1
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Cache-Control: no-cache, must-revalidate, post-check=0, pre-check=0, no-cache=Set-Cookie, max-age=0, proxy-revalidate, s-maxage=0

rot.spotsniper.ru/?src=ujs6

31.172.81.159

200 OK

1 B

URL GET HTTP/1.1
rot.spotsniper.ru/?src=ujs6
IP
31.172.81.159:443
ASN
#44066 firstcolo GmbH

Requested by
http://www.bashteplo.ru/?d8GO%3Bii5thyLVNRTxa6m3AVuyRegxV%5EOseWA7O5IGHwORv7VDkAky%5Eti7hX8xDCT4tRbIZteV6ZVX2ZEvdxqxx8x
Certificate
IssuerLet's Encrypt
Subjectrot.spotsniper.ru
Fingerprint2F:7F:97:68:95:64:1F:87:8F:36:D0:34:1B:8C:D4:EA:AD:B0:C6:FA
ValidityMon, 25 Mar 2024 11:42:01 GMT - Sun, 23 Jun 2024 11:42:00 GMT

File type
very short file (no magic)
Size
1 B (1 bytes)
Hash
7215ee9c7d9dc229d2921a40e899ec5f
b858cb282617fb0956d960215c8e84d1ccf909c6
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068

HTTP Headers

GET /?src=ujs6 HTTP/1.1
Host: rot.spotsniper.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://www.bashteplo.ru/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Fri, 10 May 2024 17:34:01 GMT
Content-Type: application/javascript
Content-Length: 1
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Cache-Control: no-cache, must-revalidate, post-check=0, pre-check=0, no-cache=Set-Cookie, max-age=0, proxy-revalidate, s-maxage=0

www.gstatic.com/recaptcha/releases/vjbW55W42X033PfTdVf6Ft4q/recaptcha__ru.js

142.250.74.99

200 OK

208 kB

URL GET HTTP/2
www.gstatic.com/recaptcha/releases/vjbW55W42X033PfTdVf6Ft4q/recaptcha__ru.js
IP
142.250.74.99:443
ASN
#15169 GOOGLE

Requested by
http://www.bashteplo.ru/
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint15:DD:05:B3:2F:D8:E3:54:C9:B4:FA:E4:AC:01:ED:C8:E1:EA:A7:AD
ValidityTue, 16 Apr 2024 04:17:07 GMT - Tue, 09 Jul 2024 04:17:06 GMT

File type
JavaScript source, ASCII text, with very long lines (1713)
Size
208 kB (208419 bytes)
Hash
35936f46de171ccd5ad7aa2ed29d6738
78a807efdf54a90f428beed818152991f97c3dd1
e91d4763c7111eeb5385a67dcce1d779ac3ac8db5605ef6cc845ea23185461d3

HTTP Headers

GET /recaptcha/releases/vjbW55W42X033PfTdVf6Ft4q/recaptcha__ru.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://www.bashteplo.ru
DNT: 1
Connection: keep-alive
Referer: http://www.bashteplo.ru/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 208419
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 09 May 2024 18:11:22 GMT
expires: Fri, 09 May 2025 18:11:22 GMT
cache-control: public, max-age=31536000
last-modified: Sun, 05 May 2024 20:00:16 GMT
content-type: text/javascript
vary: Accept-Encoding
age: 84159
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

themes.googleusercontent.com/static/fonts/ptsans/v5/LKf8nhXsWg5ybwEGXk8UBQ.woff

142.250.74.97

200 OK

60 kB

URL GET HTTP/1.1
themes.googleusercontent.com/static/fonts/ptsans/v5/LKf8nhXsWg5ybwEGXk8UBQ.woff
IP
142.250.74.97:80
ASN
#15169 GOOGLE

Requested by
http://www.bashteplo.ru/?d8GO%3Bii5thyLVNRTxa6m3AVuyRegxV%5EOseWA7O5IGHwORv7VDkAky%5Eti7hX8xDCT4tRbIZteV6ZVX2ZEvdxqxx8x

File type
Web Open Font Format, TrueType, length 60332, version 1.1
Size
60 kB (60332 bytes)
Hash
0d6d6ae28614efe13ec053eaeef473c1
20cd1c419ba0763bb4bbb1435bc0aed00452af2e
5dfdd878d2d6bdd50f37fde1800a044753dd00bac3c3a30a35f999b422a48ee1

HTTP Headers

GET /static/fonts/ptsans/v5/LKf8nhXsWg5ybwEGXk8UBQ.woff HTTP/1.1
Host: themes.googleusercontent.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://www.bashteplo.ru
DNT: 1
Connection: keep-alive
Referer: http://s7.ucoz.net/
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy-Report-Only: same-origin; report-to="static-on-bigtable"
Report-To: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
Timing-Allow-Origin: *
Content-Length: 60332
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Thu, 09 May 2024 10:56:37 GMT
Expires: Fri, 09 May 2025 10:56:37 GMT
Cache-Control: public, max-age=31536000
Age: 110244
Last-Modified: Tue, 22 Oct 2019 18:15:00 GMT
Content-Type: font/woff
Vary: Accept-Encoding

s7.ucoz.net/adv/dummy/000/img/bg.gif

195.216.243.12

200 OK

1.3 kB

URL GET HTTP/1.1
s7.ucoz.net/adv/dummy/000/img/bg.gif
IP
195.216.243.12:80
ASN
#57724 Ddos-Guard Ltd

Requested by
http://www.bashteplo.ru/?d8GO%3Bii5thyLVNRTxa6m3AVuyRegxV%5EOseWA7O5IGHwORv7VDkAky%5Eti7hX8xDCT4tRbIZteV6ZVX2ZEvdxqxx8x

File type
GIF image data, version 89a, 485 x 3
Size
1.3 kB (1268 bytes)
Hash
b19967d808ed7c42b41316d6c8474f55
18d80748bd4041b13a3373a429281ec65347a0e2
16c9962c4ecd52efc16d9d639d52fc60b9e427b6e454190d162f1aa1d220ad50

Detections

NIDS	Severity	Alert
suricata	medium	ET HUNTING DDoS-Guard Hosted Content
suricata	medium	ET HUNTING DDoS-Guard Hosted Content

HTTP Headers

GET /adv/dummy/000/img/bg.gif HTTP/1.1
Host: s7.ucoz.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://s7.ucoz.net/adv/dummy/000/css/style.css
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: ddos-guard
Connection: keep-alive
Keep-Alive: timeout=60
Set-Cookie: __ddg1_=oWrW2A8FxSOmi4i6gMOS; Domain=.ucoz.net; HttpOnly; Path=/; Expires=Sat, 10-May-2025 17:34:01 GMT
Date: Fri, 10 May 2024 17:34:00 GMT
Content-Type: image/gif
Content-Length: 1268
Last-Modified: Tue, 26 Mar 2019 14:28:10 GMT
ETag: "5c9a36fa-4f4"
Accept-Ranges: bytes

www.bashteplo.ru/?d8GO%3Bii5thyLVNRTxa6m3AVuyRegxV%5EOseWA7O5IGHwORv7VDkAky%5Eti7hX8xDCT4tRbIZteV6ZVX2ZEvdxqxx8x

195.216.243.12

200 OK

799 B

URL GET HTTP/1.1
www.bashteplo.ru/?d8GO%3Bii5thyLVNRTxa6m3AVuyRegxV%5EOseWA7O5IGHwORv7VDkAky%5Eti7hX8xDCT4tRbIZteV6ZVX2ZEvdxqxx8x
IP
195.216.243.12:80
ASN
#57724 Ddos-Guard Ltd

Requested by
http://www.bashteplo.ru/

File type
HTML document, ASCII text
Size
799 B (799 bytes)
Hash
feab81e1854354f752c2c7552417530c
7506eee4a96c43d114ac61cf7e75cd12a8b3bc71
768c366c5c352db3958f82430fc135e9ebf87342a2f13e73069d1f848e7b341c

Detections

NIDS	Severity	Alert
suricata	medium	ET HUNTING DDoS-Guard Hosted Content
suricata	medium	ET HUNTING DDoS-Guard Hosted Content

HTTP Headers

GET /?d8GO%3Bii5thyLVNRTxa6m3AVuyRegxV%5EOseWA7O5IGHwORv7VDkAky%5Eti7hX8xDCT4tRbIZteV6ZVX2ZEvdxqxx8x HTTP/1.1
Host: www.bashteplo.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: ddos-guard
Connection: keep-alive
Keep-Alive: timeout=60
Set-Cookie: __ddg1_=Ts3NZXd6rQqacPzW3NZ9; Domain=.bashteplo.ru; HttpOnly; Path=/; Expires=Sat, 10-May-2025 17:34:23 GMT
Date: Fri, 10 May 2024 17:34:22 GMT
Content-Type: text/html; charset=UTF-8
Cache-Control: no-cache, no-store, private
Pragma: no-cache
Content-Encoding: gzip
Transfer-Encoding: chunked

www.google.com/recaptcha/api.js?onload=reCallback&render=explicit&hl=ru

142.250.74.132

200 OK

905 B

URL GET HTTP/2
www.google.com/recaptcha/api.js?onload=reCallback&render=explicit&hl=ru
IP
142.250.74.132:443
ASN
#15169 GOOGLE

Requested by
http://www.bashteplo.ru/
Certificate
IssuerGoogle Trust Services LLC
Subjectwww.google.com
FingerprintC6:A2:DC:31:5A:53:FA:DD:55:71:A3:F4:DD:43:3D:16:71:B8:B3:99
ValidityTue, 16 Apr 2024 04:20:32 GMT - Tue, 09 Jul 2024 04:20:31 GMT

File type
JavaScript source, ASCII text, with very long lines (905), with no line terminators
Size
905 B (905 bytes)
Hash
94ded8479fc7f460c38cafbcd9596a7d
69eb54810f9cd5b9d932fc6aec18f5aca248d47e
572a48eb7fd076408498f3a4fc91eeefafdaf55c234ed9a384524653b13994a3

HTTP Headers

GET /recaptcha/api.js?onload=reCallback&render=explicit&hl=ru HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://www.bashteplo.ru/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/javascript; charset=utf-8
expires: Fri, 10 May 2024 17:34:00 GMT
date: Fri, 10 May 2024 17:34:00 GMT
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
content-encoding: gzip
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-security-policy: frame-ancestors 'self'
x-xss-protection: 1; mode=block
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

z0.trusthalloween.com/?ze=hbrdinjsgy5ha3ddf42dkojs

172.67.146.32

200 OK

10 B

URL GET HTTP/2
z0.trusthalloween.com/?ze=hbrdinjsgy5ha3ddf42dkojs
IP
172.67.146.32:443
ASN
#13335 CLOUDFLARENET

Requested by
http://www.bashteplo.ru/
Certificate
IssuerGoogle Trust Services LLC
Subjecttrusthalloween.com
FingerprintDB:A6:81:E5:CB:B8:F4:4E:C0:30:33:8A:69:3E:62:85:C1:8C:37:97
ValidityMon, 06 May 2024 18:41:33 GMT - Sun, 04 Aug 2024 18:41:32 GMT

File type
ASCII text, with no line terminators
Size
10 B (10 bytes)
Hash
f495e69f2e9edc75eeae7dd3ea78a747
a89e38bbe70fa2de5db9d578975abd4e9dcda52e
8bf4c7cf443426b4cd8b5a56d22109b4e70314c1d2b8d0eb68887696722c132c

HTTP Headers

GET /?ze=hbrdinjsgy5ha3ddf42dkojs HTTP/1.1
Host: z0.trusthalloween.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://www.bashteplo.ru/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 10 May 2024 17:34:01 GMT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
set-cookie: uuid=98c288e0-d8cc-4852-9f23-c570898ed82a; expires=Sun, 09-Jun-2024 17:34:01 GMT; Max-Age=2592000; path=/; SameSite=None; domain=z0.trusthalloween.com; secure
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=j0t4DSThOYEWd4x2ucgVLT%2Bh6MYJg18bDLVXJU1YyWDtk%2FKTiWodmX9eOk%2BZvdGHZ9KPHSXQ%2F%2Bx7XTP61xCq7bbKeMz3vvz0SgOwk%2BtUO3zm3js4DSSmlWoZlTSCGZfAqeJxBu3qN%2Bg%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 881bad780ff6569a-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

www.bashteplo.ru/.s/src/ulightbox/ulightbox.min.js

195.216.243.12

200 OK

22 kB

URL GET HTTP/1.1
www.bashteplo.ru/.s/src/ulightbox/ulightbox.min.js
IP
195.216.243.12:80
ASN
#57724 Ddos-Guard Ltd

Requested by
http://www.bashteplo.ru/

File type
JavaScript source, ASCII text, with very long lines (21832), with no line terminators
Size
22 kB (21832 bytes)
Hash
f8885e861eba58ae642b08cdd18d965c
7bde2d4bd9d8013a471121b8e1e03b471f485334
7f8ef94f5ff6fc7281a813bda646bc54cf1b6f8f3618ac4f4d40b215e8a70948

Detections

NIDS	Severity	Alert
suricata	medium	ET HUNTING DDoS-Guard Hosted Content
suricata	medium	ET HUNTING DDoS-Guard Hosted Content

HTTP Headers

GET /.s/src/ulightbox/ulightbox.min.js HTTP/1.1
Host: www.bashteplo.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://www.bashteplo.ru/
Cookie: __ddg1_=546ayGfFUKttBrPrIWIu; ucvid=mDZHr2WxZO; 0bashteplopushi=1
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: ddos-guard
Connection: keep-alive
Keep-Alive: timeout=60
Date: Fri, 10 May 2024 17:33:59 GMT
Content-Type: text/javascript
Last-Modified: Thu, 19 Oct 2023 13:18:15 GMT
ETag: W/"65312c97-5548"
Expires: Thu, 30 May 2024 17:33:59 GMT
Cache-Control: max-age=1728000
X-Frame-Options: SAMEORIGIN
Content-Encoding: gzip
Transfer-Encoding: chunked

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (18)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML