31.28.24.113502 Bad Gateway 585 B URL User Request GET HTTP/2 IP 31.28.24.113:443
Certificate IssuerLet's Encrypt
Subjectkizik.ru
Fingerprint08:80:76:42:18:5D:4E:91:F3:E9:A6:4A:E8:B8:D6:51:F8:61:10:C7
ValidityTue, 09 May 2023 19:19:42 GMT - Mon, 07 Aug 2023 19:19:41 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (581), with no line terminators
Hash 1d30757523465bd1b7ee7a5d20a35e9b
6c215c85a0a66d521167c5b5be1b52baaf9a01c0
4231d489413c2f04116f74d2ecbd6552966cd89840ef5c56cd085d934cac4095
NIDS Severity Alert suricata medium ET HUNTING DDoS-Guard Hosted Content
suricata medium ET MALWARE Magecart Loader Javascript
GET / HTTP/1.1
Host: www.kizik.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 502 Bad Gateway
server: ddos-guard
date: Mon, 22 May 2023 07:53:09 GMT
content-type: text/html; charset=utf8
content-length: 585
X-Firefox-Spdy: h2
31.28.24.113502 Bad Gateway 39 kB URL User Request GET HTTP/2 IP 31.28.24.113:443
Certificate IssuerLet's Encrypt
Subjectkizik.ru
Fingerprint08:80:76:42:18:5D:4E:91:F3:E9:A6:4A:E8:B8:D6:51:F8:61:10:C7
ValidityTue, 09 May 2023 19:19:42 GMT - Mon, 07 Aug 2023 19:19:41 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (1623), with CRLF, LF line terminators
Hash 6522596ef4870078c114ea5a68430cef
7afdb0b2a9e3b534f82047a7c6709d75a6b6de04
fd4be57da603108ac2b07e2f1bb60c0ca7b53c19a4c5f03b326292001c0d055f
NIDS Severity Alert suricata medium ET HUNTING DDoS-Guard Hosted Content
suricata medium ET MALWARE Magecart Loader Javascript
GET / HTTP/1.1
Host: www.kizik.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: ddos-guard
Connection: keep-alive
Keep-Alive: timeout=60
Date: Mon, 22 May 2023 07:53:10 GMT
X-Powered-By: PHP/5.6.40
Set-Cookie: __ddg1_=ZG8NEf2rRKG4oalGaUII; Domain=.kizik.ru; HttpOnly; Path=/; Expires=Tue, 21-May-2024 07:53:10 GMT
caae4b2e6f0b15a0c19bc7fb272e1da1=mdmjo5ftkfeq8h6av6pdtfopo1; path=/
jc_frontline_tpl=jc_frontline; expires=Sat, 11-May-2024 07:53:10 GMT; Max-Age=30672000; path=/
X-Logged-In: False
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Expires:
Cache-Control: private, no-cache
Pragma: no-cache
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
ajax.googleapis.com/ajax/libs/jquery/1.8/jquery.min.js
142.250.74.138200 OK 34 kB URL GET HTTP/1.1 ajax.googleapis.com/ajax/libs/jquery/1.8/jquery.min.js
IP 142.250.74.138:80
File type ASCII text, with very long lines (65483)
Hash 3576a6e73c9dccdbbc4a2cf8ff544ad7
06e872300088b9ba8a08427d28ed0efcdf9c6ff5
61c6caebd23921741fb5ffe6603f16634fca9840c2bf56ac8201e9264d6daccf
GET /ajax/libs/jquery/1.8/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://www.kizik.ru/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Content-Encoding: gzip
Access-Control-Allow-Origin: *
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin; report-to="hosted-libraries-pushers"
Report-To: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
Timing-Allow-Origin: *
Content-Length: 33593
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Sat, 20 May 2023 22:46:37 GMT
Expires: Sun, 19 May 2024 22:46:37 GMT
Cache-Control: public, max-age=31536000, stale-while-revalidate=2592000
Age: 119193
Last-Modified: Tue, 03 Mar 2020 19:15:00 GMT
Content-Type: text/javascript; charset=UTF-8
Vary: Accept-Encoding
www.kizik.ru/templates/system/css/system.css
31.28.24.113200 OK 896 B URL GET HTTP/1.1 www.kizik.ru/templates/system/css/system.css
IP 31.28.24.113:80
Hash df7e63c3bb675469ae3eb8dbbb01b48a
5438d2c3d4a1aae750240ac2ca7eff2c7aa50031
08297f5532e380d22d9df81765efc9e171897b22a46df63f311a70d0bd5b8286
NIDS Severity Alert suricata medium ET HUNTING DDoS-Guard Hosted Content
GET /templates/system/css/system.css HTTP/1.1
Host: www.kizik.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://www.kizik.ru/
Cookie: __ddg1_=ZG8NEf2rRKG4oalGaUII; caae4b2e6f0b15a0c19bc7fb272e1da1=mdmjo5ftkfeq8h6av6pdtfopo1; jc_frontline_tpl=jc_frontline
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: ddos-guard
Connection: keep-alive
Keep-Alive: timeout=60
Date: Mon, 22 May 2023 07:53:10 GMT
Last-Modified: Wed, 31 Jul 2013 17:01:38 GMT
ETag: "45c5d13-380-4e2d1adc12080"
Accept-Ranges: bytes
Content-Length: 896
Content-Type: text/css
www.kizik.ru/templates/system/css/general.css
31.28.24.113200 OK 2.7 kB URL GET HTTP/1.1 www.kizik.ru/templates/system/css/general.css
IP 31.28.24.113:80
Hash 1f98d1c2cbe669fe234c7d57bef044c6
2dad35e9f5ee21fde3e9070724a4d3926d4754ba
9c3ce8a5844cc2cca0c07d78834dd7992cfc767a0c89f8ef6b9cab5185afab7c
NIDS Severity Alert suricata medium ET HUNTING DDoS-Guard Hosted Content
GET /templates/system/css/general.css HTTP/1.1
Host: www.kizik.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://www.kizik.ru/
Cookie: __ddg1_=ZG8NEf2rRKG4oalGaUII; caae4b2e6f0b15a0c19bc7fb272e1da1=mdmjo5ftkfeq8h6av6pdtfopo1; jc_frontline_tpl=jc_frontline
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: ddos-guard
Connection: keep-alive
Keep-Alive: timeout=60
Date: Mon, 22 May 2023 07:53:10 GMT
Last-Modified: Wed, 31 Jul 2013 17:01:38 GMT
ETag: "45c5d19-aaa-4e2d1adc12080"
Accept-Ranges: bytes
Content-Length: 2730
Content-Type: text/css
www.kizik.ru/modules/mod_calendar_pravo/css/style.css
31.28.24.113200 OK 364 B URL GET HTTP/1.1 www.kizik.ru/modules/mod_calendar_pravo/css/style.css
IP 31.28.24.113:80
File type ASCII text, with CRLF line terminators
Hash e0eb8449434e86367c8e41f74a99a5b4
6caa25b0d2c83c28364419eaff5a11467dba4031
6a8fc18d3b7659f1f2da1ca2b864d658f850611d934ae6cd3e00c12d019d1ceb
NIDS Severity Alert suricata medium ET HUNTING DDoS-Guard Hosted Content
GET /modules/mod_calendar_pravo/css/style.css HTTP/1.1
Host: www.kizik.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://www.kizik.ru/
Cookie: __ddg1_=ZG8NEf2rRKG4oalGaUII; caae4b2e6f0b15a0c19bc7fb272e1da1=mdmjo5ftkfeq8h6av6pdtfopo1; jc_frontline_tpl=jc_frontline
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: ddos-guard
Connection: keep-alive
Keep-Alive: timeout=60
Date: Mon, 22 May 2023 07:53:10 GMT
Last-Modified: Fri, 31 May 2013 15:19:34 GMT
ETag: "4601e8c-16c-4de05246a6d80"
Accept-Ranges: bytes
Content-Length: 364
Content-Type: text/css
www.kizik.ru/components/com_customfilters/assets/css/mybootstrap.css
31.28.24.113200 OK 694 B URL GET HTTP/1.1 www.kizik.ru/components/com_customfilters/assets/css/mybootstrap.css
IP 31.28.24.113:80
File type ASCII text, with CRLF line terminators
Hash e42dd253ea69a09d33926b35233c75bd
3a804c30f597f83339f5af1ead65d2656ec5c1a1
bc74789e11bc26f6462c34c5385eecbe8e81e5d70114dbd4562d62a2aea9c763
NIDS Severity Alert suricata medium ET HUNTING DDoS-Guard Hosted Content
GET /components/com_customfilters/assets/css/mybootstrap.css HTTP/1.1
Host: www.kizik.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://www.kizik.ru/
Cookie: __ddg1_=ZG8NEf2rRKG4oalGaUII; caae4b2e6f0b15a0c19bc7fb272e1da1=mdmjo5ftkfeq8h6av6pdtfopo1; jc_frontline_tpl=jc_frontline
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: ddos-guard
Connection: keep-alive
Keep-Alive: timeout=60
Date: Mon, 22 May 2023 07:53:10 GMT
Last-Modified: Tue, 11 Aug 2015 16:41:48 GMT
ETag: "460169c-2b6-51d0bc73c0b00"
Accept-Ranges: bytes
Content-Length: 694
Content-Type: text/css
www.kizik.ru/components/com_k2/css/k2.css
31.28.24.113200 OK 50 kB URL GET HTTP/1.1 www.kizik.ru/components/com_k2/css/k2.css
IP 31.28.24.113:80
File type assembler source, ASCII text
Hash 433065714d597f0599874eb9d9e21beb
b1163c6087646f1ffe928ff7648a167a7b2c9dfc
f3b3defe560b39bc74b13bccb7ac04fca755aad823515c810465d8291732364a
NIDS Severity Alert suricata medium ET HUNTING DDoS-Guard Hosted Content
GET /components/com_k2/css/k2.css HTTP/1.1
Host: www.kizik.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://www.kizik.ru/
Cookie: __ddg1_=ZG8NEf2rRKG4oalGaUII; caae4b2e6f0b15a0c19bc7fb272e1da1=mdmjo5ftkfeq8h6av6pdtfopo1; jc_frontline_tpl=jc_frontline
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: ddos-guard
Connection: keep-alive
Keep-Alive: timeout=60
Date: Mon, 22 May 2023 07:53:10 GMT
Last-Modified: Wed, 14 Aug 2013 09:34:00 GMT
ETag: "4600730-c260-4e3e50eabd200"
Accept-Ranges: bytes
Content-Length: 49760
Content-Type: text/css
www.kizik.ru/modules/mod_phocagallery_image/css/phocagallery_module_image.css
31.28.24.113200 OK 1.9 kB URL GET HTTP/1.1 www.kizik.ru/modules/mod_phocagallery_image/css/phocagallery_module_image.css
IP 31.28.24.113:80
Hash 8f483a19c89947b4605ca268d047aca0
3acf764dc5e3a736e3fd3eccf6fa9e71f6fe9f09
a5ec4f8a1f8f84be7e3b3cfb3f828bd96a4ae848ebb0ebb4460962d29cd868bf
NIDS Severity Alert suricata medium ET HUNTING DDoS-Guard Hosted Content
GET /modules/mod_phocagallery_image/css/phocagallery_module_image.css HTTP/1.1
Host: www.kizik.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://www.kizik.ru/
Cookie: __ddg1_=ZG8NEf2rRKG4oalGaUII; caae4b2e6f0b15a0c19bc7fb272e1da1=mdmjo5ftkfeq8h6av6pdtfopo1; jc_frontline_tpl=jc_frontline
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: ddos-guard
Connection: keep-alive
Keep-Alive: timeout=60
Date: Mon, 22 May 2023 07:53:10 GMT
Last-Modified: Tue, 11 Jun 2013 14:38:34 GMT
ETag: "4601ec3-784-4dee1da0aee80"
Accept-Ranges: bytes
Content-Length: 1924
Content-Type: text/css
www.kizik.ru/modules/mod_calendar_pravo/css/highslide.css
31.28.24.113200 OK 21 kB URL GET HTTP/1.1 www.kizik.ru/modules/mod_calendar_pravo/css/highslide.css
IP 31.28.24.113:80
File type ASCII text, with CRLF line terminators
Hash 006beeb03c1678ff20f17215f3098425
61c8b72fcbfbdfaf8683cf4e95b1a39ae1f3cc8f
851de514498f7cf3e2d34fb118e01e3c1aa2999e4f03e5f94303f85540e04691
NIDS Severity Alert suricata medium ET HUNTING DDoS-Guard Hosted Content
GET /modules/mod_calendar_pravo/css/highslide.css HTTP/1.1
Host: www.kizik.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://www.kizik.ru/
Cookie: __ddg1_=ZG8NEf2rRKG4oalGaUII; caae4b2e6f0b15a0c19bc7fb272e1da1=mdmjo5ftkfeq8h6av6pdtfopo1; jc_frontline_tpl=jc_frontline
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: ddos-guard
Connection: keep-alive
Keep-Alive: timeout=60
Date: Mon, 22 May 2023 07:53:10 GMT
Last-Modified: Fri, 31 May 2013 15:19:34 GMT
ETag: "4601e8d-52a6-4de05246a6d80"
Accept-Ranges: bytes
Content-Length: 21158
Content-Type: text/css
www.kizik.ru/media/system/css/modal.css
31.28.24.113200 OK 2.8 kB URL GET HTTP/1.1 www.kizik.ru/media/system/css/modal.css
IP 31.28.24.113:80
Hash 2dac640fd156ad6413bdfae7e50e7c50
6f1d605092b7176e81044b1fb994572f6f08ed34
93a425782ebdba877718a517ea6d5ed1ac4573129f3e47888ff796d2a4408e6d
NIDS Severity Alert suricata medium ET HUNTING DDoS-Guard Hosted Content
GET /media/system/css/modal.css HTTP/1.1
Host: www.kizik.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://www.kizik.ru/
Cookie: __ddg1_=ZG8NEf2rRKG4oalGaUII; caae4b2e6f0b15a0c19bc7fb272e1da1=mdmjo5ftkfeq8h6av6pdtfopo1; jc_frontline_tpl=jc_frontline
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: ddos-guard
Connection: keep-alive
Keep-Alive: timeout=60
Date: Mon, 22 May 2023 07:53:10 GMT
Last-Modified: Wed, 31 Jul 2013 17:01:38 GMT
ETag: "4602449-b07-4e2d1adc12080"
Accept-Ranges: bytes
Content-Length: 2823
Content-Type: text/css
www.kizik.ru/plugins/system/jat3/jat3/base-themes/default/css/layout.css
31.28.24.113200 OK 3.3 kB URL GET HTTP/1.1 www.kizik.ru/plugins/system/jat3/jat3/base-themes/default/css/layout.css
IP 31.28.24.113:80
File type ASCII text, with CRLF line terminators
Hash 025367ccdd4f16e99a974a041e8dc2e3
e29532f3e910e2a3eff10a257836f480f2ae908c
06ff94467fe79a3c845d2d13196b18616eeaebc8ed9d414fb601ac21c25b601c
NIDS Severity Alert suricata medium ET HUNTING DDoS-Guard Hosted Content
GET /plugins/system/jat3/jat3/base-themes/default/css/layout.css HTTP/1.1
Host: www.kizik.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://www.kizik.ru/
Cookie: __ddg1_=ZG8NEf2rRKG4oalGaUII; caae4b2e6f0b15a0c19bc7fb272e1da1=mdmjo5ftkfeq8h6av6pdtfopo1; jc_frontline_tpl=jc_frontline
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: ddos-guard
Connection: keep-alive
Keep-Alive: timeout=60
Date: Mon, 22 May 2023 07:53:10 GMT
Last-Modified: Mon, 03 Aug 2015 16:24:17 GMT
ETag: "460057e-cc6-51c6a99dc0e40"
Accept-Ranges: bytes
Content-Length: 3270
Content-Type: text/css
www.kizik.ru/plugins/system/jat3/jat3/base-themes/default/css/addons.css
31.28.24.113200 OK 2.7 kB URL GET HTTP/1.1 www.kizik.ru/plugins/system/jat3/jat3/base-themes/default/css/addons.css
IP 31.28.24.113:80
File type ASCII text, with CRLF line terminators
Hash ea4dc559d2d1c02d68297cafe33e2a98
3b6d319f59bfd75b891c4f502bc97175f6fa1029
b8b410c57979f35e00bf30e18c65681f63208bf689656a6d86b699d23049f897
NIDS Severity Alert suricata medium ET HUNTING DDoS-Guard Hosted Content
GET /plugins/system/jat3/jat3/base-themes/default/css/addons.css HTTP/1.1
Host: www.kizik.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://www.kizik.ru/
Cookie: __ddg1_=ZG8NEf2rRKG4oalGaUII; caae4b2e6f0b15a0c19bc7fb272e1da1=mdmjo5ftkfeq8h6av6pdtfopo1; jc_frontline_tpl=jc_frontline
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: ddos-guard
Connection: keep-alive
Keep-Alive: timeout=60
Date: Mon, 22 May 2023 07:53:10 GMT
Last-Modified: Wed, 14 Aug 2013 09:33:58 GMT
ETag: "4600569-aa9-4e3e50e8d4d80"
Accept-Ranges: bytes
Content-Length: 2729
Content-Type: text/css
www.kizik.ru/plugins/system/jat3/jat3/base-themes/default/css/template.css
31.28.24.113200 OK 27 kB URL GET HTTP/1.1 www.kizik.ru/plugins/system/jat3/jat3/base-themes/default/css/template.css
IP 31.28.24.113:80
File type ASCII text, with CRLF, LF line terminators
Hash 8a98b28a9cccb6655531f24d99e34575
08a71b7e3dab7a6ebbd95c5bd909e78aab6cd174
aee984d1b6e46229d07d8284f26f7d9e61c52073fcfd42a539bbc2733ea66019
NIDS Severity Alert suricata medium ET HUNTING DDoS-Guard Hosted Content
GET /plugins/system/jat3/jat3/base-themes/default/css/template.css HTTP/1.1
Host: www.kizik.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://www.kizik.ru/
Cookie: __ddg1_=ZG8NEf2rRKG4oalGaUII; caae4b2e6f0b15a0c19bc7fb272e1da1=mdmjo5ftkfeq8h6av6pdtfopo1; jc_frontline_tpl=jc_frontline
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: ddos-guard
Connection: keep-alive
Keep-Alive: timeout=60
Date: Mon, 22 May 2023 07:53:10 GMT
Last-Modified: Wed, 14 Aug 2013 09:33:58 GMT
ETag: "4600580-6aad-4e3e50e8d4d80"
Accept-Ranges: bytes
Content-Length: 27309
Content-Type: text/css
www.kizik.ru/plugins/system/jat3/jat3/base-themes/default/css/usertools.css
31.28.24.113200 OK 3.6 kB URL GET HTTP/1.1 www.kizik.ru/plugins/system/jat3/jat3/base-themes/default/css/usertools.css
IP 31.28.24.113:80
File type ASCII text, with CRLF line terminators
Hash e419b8e47860099a9969b800ce45dcea
93fd1e295abc793b8ec4c8a6dd76478e0381686e
02e0cfbe72fa09e5f5f59ec81e1980d12153126e4f18b82dfde481e542b9c599
NIDS Severity Alert suricata medium ET HUNTING DDoS-Guard Hosted Content
GET /plugins/system/jat3/jat3/base-themes/default/css/usertools.css HTTP/1.1
Host: www.kizik.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://www.kizik.ru/
Cookie: __ddg1_=ZG8NEf2rRKG4oalGaUII; caae4b2e6f0b15a0c19bc7fb272e1da1=mdmjo5ftkfeq8h6av6pdtfopo1; jc_frontline_tpl=jc_frontline
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: ddos-guard
Connection: keep-alive
Keep-Alive: timeout=60
Date: Mon, 22 May 2023 07:53:10 GMT
Last-Modified: Wed, 14 Aug 2013 09:33:58 GMT
ETag: "460057f-e09-4e3e50e8d4d80"
Accept-Ranges: bytes
Content-Length: 3593
Content-Type: text/css
www.kizik.ru/plugins/system/jat3/jat3/base-themes/default/css/css3.css
31.28.24.113200 OK 2.1 kB URL GET HTTP/1.1 www.kizik.ru/plugins/system/jat3/jat3/base-themes/default/css/css3.css
IP 31.28.24.113:80
File type ASCII text, with CRLF line terminators
Hash d86238f56df3f2d65d1b8ae3b089dcc0
3659657a52090632ac271a7910468b3b1bf8f9bf
185098eea02cb81bde5fb73d4adb765c5b2b4e6d4434c4076f16c141c809354f
NIDS Severity Alert suricata medium ET HUNTING DDoS-Guard Hosted Content
GET /plugins/system/jat3/jat3/base-themes/default/css/css3.css HTTP/1.1
Host: www.kizik.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://www.kizik.ru/
Cookie: __ddg1_=ZG8NEf2rRKG4oalGaUII; caae4b2e6f0b15a0c19bc7fb272e1da1=mdmjo5ftkfeq8h6av6pdtfopo1; jc_frontline_tpl=jc_frontline
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: ddos-guard
Connection: keep-alive
Keep-Alive: timeout=60
Date: Mon, 22 May 2023 07:53:10 GMT
Last-Modified: Wed, 14 Aug 2013 09:33:58 GMT
ETag: "460057b-835-4e3e50e8d4d80"
Accept-Ranges: bytes
Content-Length: 2101
Content-Type: text/css
www.kizik.ru/plugins/system/jat3/jat3/base-themes/default/css/menu/mega.css
31.28.24.113200 OK 6.3 kB URL GET HTTP/1.1 www.kizik.ru/plugins/system/jat3/jat3/base-themes/default/css/menu/mega.css
IP 31.28.24.113:80
File type ASCII text, with CRLF line terminators
Hash 39ac7313b0d34d5b3168a11e429b2555
374cdf82c3df13fee0a8bcab0600051f6a2c232e
3a3a98437fc8af6ecc74e58c4b22cf7564c341be50989a2b23e91da04367c697
NIDS Severity Alert suricata medium ET HUNTING DDoS-Guard Hosted Content
GET /plugins/system/jat3/jat3/base-themes/default/css/menu/mega.css HTTP/1.1
Host: www.kizik.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://www.kizik.ru/
Cookie: __ddg1_=ZG8NEf2rRKG4oalGaUII; caae4b2e6f0b15a0c19bc7fb272e1da1=mdmjo5ftkfeq8h6av6pdtfopo1; jc_frontline_tpl=jc_frontline
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: ddos-guard
Connection: keep-alive
Keep-Alive: timeout=60
Date: Mon, 22 May 2023 07:53:10 GMT
Last-Modified: Wed, 14 Aug 2013 09:33:58 GMT
ETag: "4600572-1876-4e3e50e8d4d80"
Accept-Ranges: bytes
Content-Length: 6262
Content-Type: text/css
www.kizik.ru/templates/jc_frontline/css/addons.css
31.28.24.113200 OK 2.6 kB URL GET HTTP/1.1 www.kizik.ru/templates/jc_frontline/css/addons.css
IP 31.28.24.113:80
File type ASCII text, with CRLF line terminators
Hash 6324f2f8bcdf7eb3ef1cda21ac04fa75
13d1473f150084a81c1155963c3ad6f0dadb27d0
a93ca713707db5ed9da833c0040620690c9638c277ff0c944c3ff52e4ff91cc1
NIDS Severity Alert suricata medium ET HUNTING DDoS-Guard Hosted Content
GET /templates/jc_frontline/css/addons.css HTTP/1.1
Host: www.kizik.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://www.kizik.ru/
Cookie: __ddg1_=ZG8NEf2rRKG4oalGaUII; caae4b2e6f0b15a0c19bc7fb272e1da1=mdmjo5ftkfeq8h6av6pdtfopo1; jc_frontline_tpl=jc_frontline
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: ddos-guard
Connection: keep-alive
Keep-Alive: timeout=60
Date: Mon, 22 May 2023 07:53:10 GMT
Last-Modified: Wed, 05 Aug 2015 17:50:15 GMT
ETag: "45c5cc1-a24-51c9408fba3c0"
Accept-Ranges: bytes
Content-Length: 2596
Content-Type: text/css
www.kizik.ru/templates/jc_frontline/css/layout.css
31.28.24.113200 OK 3.8 kB URL GET HTTP/1.1 www.kizik.ru/templates/jc_frontline/css/layout.css
IP 31.28.24.113:80
File type Unicode text, UTF-8 text, with CRLF line terminators
Hash 4a6441ed08a0794b04d1d2b668b9f17e
d774bcae2eeb1eaf418d94697f6588f241e1b66c
03b19daad5352e3c3e7328170ca5513d49e98069f0fc0913a25ba27059be196c
NIDS Severity Alert suricata medium ET HUNTING DDoS-Guard Hosted Content
GET /templates/jc_frontline/css/layout.css HTTP/1.1
Host: www.kizik.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://www.kizik.ru/
Cookie: __ddg1_=ZG8NEf2rRKG4oalGaUII; caae4b2e6f0b15a0c19bc7fb272e1da1=mdmjo5ftkfeq8h6av6pdtfopo1; jc_frontline_tpl=jc_frontline
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: ddos-guard
Connection: keep-alive
Keep-Alive: timeout=60
Date: Mon, 22 May 2023 07:53:10 GMT
Last-Modified: Tue, 11 Aug 2015 20:29:49 GMT
ETag: "45c5ccc-ecc-51d0ef6af8940"
Accept-Ranges: bytes
Content-Length: 3788
Content-Type: text/css
www.kizik.ru/templates/jc_frontline/css/color.css
31.28.24.113200 OK 443 B URL GET HTTP/1.1 www.kizik.ru/templates/jc_frontline/css/color.css
IP 31.28.24.113:80
File type ASCII text, with CR line terminators
Hash c79e874e6c704f679cb1099b6cb64ffa
a958499b47a970f5d5746c295cb9a6f647c41b47
6d9487a30d4e8adf0aaf53a5e7b0dd25a77b59c4657109ae80f90750cc77e0d9
NIDS Severity Alert suricata medium ET HUNTING DDoS-Guard Hosted Content
GET /templates/jc_frontline/css/color.css HTTP/1.1
Host: www.kizik.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://www.kizik.ru/
Cookie: __ddg1_=ZG8NEf2rRKG4oalGaUII; caae4b2e6f0b15a0c19bc7fb272e1da1=mdmjo5ftkfeq8h6av6pdtfopo1; jc_frontline_tpl=jc_frontline
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: ddos-guard
Connection: keep-alive
Keep-Alive: timeout=60
Date: Mon, 22 May 2023 07:53:10 GMT
Last-Modified: Wed, 05 Aug 2015 17:50:15 GMT
ETag: "45c5cc8-1bb-51c9408fba3c0"
Accept-Ranges: bytes
Content-Length: 443
Content-Type: text/css
script.pravoslavie.ru/calendar.php?name=1&life=0&icon=1&trop=0&hram=0&relics=0&vek=0&bold=1&tipikon=0&feofan=0&trapeza=1&date=0&tmshift=0&css=1&images=1
178.248.238.199302 Found 483 B URL GET HTTP/1.1 script.pravoslavie.ru/calendar.php?name=1&life=0&icon=1&trop=0&hram=0&relics=0&vek=0&bold=1&tipikon=0&feofan=0&trapeza=1&date=0&tmshift=0&css=1&images=1
IP 178.248.238.199:80
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 806ea30eef1f7deb250c74bef72de646
5cc68a7c27e8a9b5c3707061afe6881db408816e
f890833771570f50b3268f8f52ab54592c1cdf09e97eae3fe45073181876fb92
GET /calendar.php?name=1&life=0&icon=1&trop=0&hram=0&relics=0&vek=0&bold=1&tipikon=0&feofan=0&trapeza=1&date=0&tmshift=0&css=1&images=1 HTTP/1.1
Host: script.pravoslavie.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://www.kizik.ru/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 302 Found
Server: QRATOR
Date: Mon, 22 May 2023 07:53:10 GMT
Content-Type: text/html; charset=iso-8859-1
Content-Length: 483
Connection: keep-alive
Keep-Alive: timeout=15
Location: https://script.pravoslavie.ru/cache/name=1&life=0&icon=1&trop=0&hram=0&relics=0&vek=0&bold=1&tipikon=0&feofan=0&trapeza=1&date=0&tmshift=0&css=1&images=1.ls
www.kizik.ru/templates/jc_frontline/css/usertools.css
31.28.24.113200 OK 5.5 kB URL GET HTTP/1.1 www.kizik.ru/templates/jc_frontline/css/usertools.css
IP 31.28.24.113:80
File type ASCII text, with CR line terminators
Hash 518d40a7896e999d26148b41d6ad04de
54b6781f98dcb413c18c64c2a053df447235ee06
3b538fe170190e317964a146eacab57841e26549ce3d463390d52c5497e729e6
NIDS Severity Alert suricata medium ET HUNTING DDoS-Guard Hosted Content
GET /templates/jc_frontline/css/usertools.css HTTP/1.1
Host: www.kizik.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://www.kizik.ru/
Cookie: __ddg1_=ZG8NEf2rRKG4oalGaUII; caae4b2e6f0b15a0c19bc7fb272e1da1=mdmjo5ftkfeq8h6av6pdtfopo1; jc_frontline_tpl=jc_frontline
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: ddos-guard
Connection: keep-alive
Keep-Alive: timeout=60
Date: Mon, 22 May 2023 07:53:10 GMT
Last-Modified: Wed, 05 Aug 2015 17:50:16 GMT
ETag: "45c5ccd-1569-51c94090ae600"
Accept-Ranges: bytes
Content-Length: 5481
Content-Type: text/css
www.kizik.ru/templates/jc_frontline/css/css3.css
31.28.24.113200 OK 0 B URL GET HTTP/1.1 www.kizik.ru/templates/jc_frontline/css/css3.css
IP 31.28.24.113:80
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
NIDS Severity Alert suricata medium ET HUNTING DDoS-Guard Hosted Content
GET /templates/jc_frontline/css/css3.css HTTP/1.1
Host: www.kizik.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://www.kizik.ru/
Cookie: __ddg1_=ZG8NEf2rRKG4oalGaUII; caae4b2e6f0b15a0c19bc7fb272e1da1=mdmjo5ftkfeq8h6av6pdtfopo1; jc_frontline_tpl=jc_frontline
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: ddos-guard
Connection: keep-alive
Keep-Alive: timeout=60
Date: Mon, 22 May 2023 07:53:10 GMT
Last-Modified: Wed, 05 Aug 2015 17:50:15 GMT
ETag: "45c5ccb-0-51c9408fba3c0"
Accept-Ranges: bytes
Content-Length: 0
Content-Type: text/css
www.kizik.ru/templates/jc_frontline/css/menu/mega.css
31.28.24.113200 OK 7.7 kB URL GET HTTP/1.1 www.kizik.ru/templates/jc_frontline/css/menu/mega.css
IP 31.28.24.113:80
Hash 512c5ab20be6866ea79198602d1c96cf
b1045fc5b2ff9727deb7b1585737f931fbfd10cb
c3264e1a222b6dfe1746f6ae586be4a7cf6e5c282cc3e4107cdd08b9f240e57e
NIDS Severity Alert suricata medium ET HUNTING DDoS-Guard Hosted Content
GET /templates/jc_frontline/css/menu/mega.css HTTP/1.1
Host: www.kizik.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://www.kizik.ru/
Cookie: __ddg1_=ZG8NEf2rRKG4oalGaUII; caae4b2e6f0b15a0c19bc7fb272e1da1=mdmjo5ftkfeq8h6av6pdtfopo1; jc_frontline_tpl=jc_frontline
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: ddos-guard
Connection: keep-alive
Keep-Alive: timeout=60
Date: Mon, 22 May 2023 07:53:10 GMT
Last-Modified: Wed, 29 May 2019 16:57:10 GMT
ETag: "45c0060-1e02-58a09ac18b87c"
Accept-Ranges: bytes
Content-Length: 7682
Content-Type: text/css
www.kizik.ru/media/system/js/core.js
31.28.24.113200 OK 4.8 kB URL GET HTTP/1.1 www.kizik.ru/media/system/js/core.js
IP 31.28.24.113:80
File type ASCII text, with very long lines (513)
Hash 4b59c964036a5a6ba36d4cfa34968c2a
a05177eb337fb8c96cef328d673644caae9a5dc6
ed8f120343683850762fc8fb5e8ee8dc3586a2ad7da5c12ca31ef125628cb15b
NIDS Severity Alert suricata medium ET HUNTING DDoS-Guard Hosted Content
GET /media/system/js/core.js HTTP/1.1
Host: www.kizik.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://www.kizik.ru/
Cookie: __ddg1_=ZG8NEf2rRKG4oalGaUII; caae4b2e6f0b15a0c19bc7fb272e1da1=mdmjo5ftkfeq8h6av6pdtfopo1; jc_frontline_tpl=jc_frontline
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: ddos-guard
Connection: keep-alive
Keep-Alive: timeout=60
Date: Mon, 22 May 2023 07:53:10 GMT
Last-Modified: Wed, 31 Jul 2013 17:01:38 GMT
ETag: "46023e9-12b0-4e2d1adc12080"
Accept-Ranges: bytes
Content-Length: 4784
Content-Type: text/javascript
www.kizik.ru/templates/jc_frontline/css/template.css
31.28.24.113200 OK 57 kB URL GET HTTP/1.1 www.kizik.ru/templates/jc_frontline/css/template.css
IP 31.28.24.113:80
File type Unicode text, UTF-8 text, with CRLF line terminators
Hash f1c534f7a94d540b7d87a0dbb0f69980
9f0c951ccf81ec00a63d3241ee151781d5ae1c56
e181350b29c759ce359ba81a6c9d3021a9fa075fe3b91a9dce4326a8477501d2
NIDS Severity Alert suricata medium ET HUNTING DDoS-Guard Hosted Content
GET /templates/jc_frontline/css/template.css HTTP/1.1
Host: www.kizik.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://www.kizik.ru/
Cookie: __ddg1_=ZG8NEf2rRKG4oalGaUII; caae4b2e6f0b15a0c19bc7fb272e1da1=mdmjo5ftkfeq8h6av6pdtfopo1; jc_frontline_tpl=jc_frontline
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: ddos-guard
Connection: keep-alive
Keep-Alive: timeout=60
Date: Mon, 22 May 2023 07:53:10 GMT
Last-Modified: Wed, 29 May 2019 16:56:53 GMT
ETag: "45c004f-ddac-58a09ab151d52"
Accept-Ranges: bytes
Content-Length: 56748
Content-Type: text/css
script.pravoslavie.ru/icon.php?advanced=1&date=0&href=0&tmshift=0&scale=1
178.248.238.199302 Found 373 B URL GET HTTP/1.1 script.pravoslavie.ru/icon.php?advanced=1&date=0&href=0&tmshift=0&scale=1
IP 178.248.238.199:80
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 1863d32308d7f05728eaadd4c2c676a4
2297de013c713fc0395018275f547d2791c2cba8
934383f262df46810179a079180322c992612e98c86d8e72905d0874a303c8af
GET /icon.php?advanced=1&date=0&href=0&tmshift=0&scale=1 HTTP/1.1
Host: script.pravoslavie.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://www.kizik.ru/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 302 Found
Server: QRATOR
Date: Mon, 22 May 2023 07:53:10 GMT
Content-Type: text/html; charset=iso-8859-1
Content-Length: 373
Connection: keep-alive
Keep-Alive: timeout=15
Location: https://script.pravoslavie.ru/cache_icon/advanced=1&date=0&href=0&tmshift=0&scale=1.ls
www.kizik.ru/components/com_k2/js/k2.js?v2.6.7&sitepath=/
31.28.24.113200 OK 8.0 kB URL GET HTTP/1.1 www.kizik.ru/components/com_k2/js/k2.js?v2.6.7&sitepath=/
IP 31.28.24.113:80
Hash 683559eeabd9c6919cacd9a2a1074642
46733f43c51feb494642ed7e8daac95c8a74c0a3
d0e0f1cddbb87e55673fddc9b734a99c5be96a1f15ca837da2dc671110778771
NIDS Severity Alert suricata medium ET HUNTING DDoS-Guard Hosted Content
GET /components/com_k2/js/k2.js?v2.6.7&sitepath=/ HTTP/1.1
Host: www.kizik.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://www.kizik.ru/
Cookie: __ddg1_=ZG8NEf2rRKG4oalGaUII; caae4b2e6f0b15a0c19bc7fb272e1da1=mdmjo5ftkfeq8h6av6pdtfopo1; jc_frontline_tpl=jc_frontline
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: ddos-guard
Connection: keep-alive
Keep-Alive: timeout=60
Date: Mon, 22 May 2023 07:53:10 GMT
Last-Modified: Wed, 14 Aug 2013 09:34:00 GMT
ETag: "46006bd-1f47-4e3e50eabd200"
Accept-Ranges: bytes
Content-Length: 8007
Content-Type: text/javascript
www.kizik.ru/media/system/js/caption.js
31.28.24.113200 OK 729 B URL GET HTTP/1.1 www.kizik.ru/media/system/js/caption.js
IP 31.28.24.113:80
File type ASCII text, with very long lines (504)
Hash 031416fd2123cc114170494fdfc1a8a0
42c45161c94773d3d73d8b0c55ac7ddae5137502
5fe084328c9d2b7612b6e7c739946752c5326ece5a1566a41531f3efff175321
NIDS Severity Alert suricata medium ET HUNTING DDoS-Guard Hosted Content
GET /media/system/js/caption.js HTTP/1.1
Host: www.kizik.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://www.kizik.ru/
Cookie: __ddg1_=ZG8NEf2rRKG4oalGaUII; caae4b2e6f0b15a0c19bc7fb272e1da1=mdmjo5ftkfeq8h6av6pdtfopo1; jc_frontline_tpl=jc_frontline
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: ddos-guard
Connection: keep-alive
Keep-Alive: timeout=60
Date: Mon, 22 May 2023 07:53:10 GMT
Last-Modified: Sat, 31 Mar 2012 22:03:50 GMT
ETag: "46023fd-2d9-4bc9121c9dd80"
Accept-Ranges: bytes
Content-Length: 729
Content-Type: text/javascript
www.kizik.ru/media/system/js/mootools-core.js
31.28.24.113200 OK 96 kB URL GET HTTP/1.1 www.kizik.ru/media/system/js/mootools-core.js
IP 31.28.24.113:80
File type ASCII text, with very long lines (886)
Hash cf58a30ea9b7a731712baede90b790ec
cc019ac09f68258ee3442fe7cc440adf78a3cef2
6be70110418f9738ca23c6d61d73ce3c0cb01087843c96de5ced119c5ab882c6
NIDS Severity Alert suricata medium ET HUNTING DDoS-Guard Hosted Content
GET /media/system/js/mootools-core.js HTTP/1.1
Host: www.kizik.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://www.kizik.ru/
Cookie: __ddg1_=ZG8NEf2rRKG4oalGaUII; caae4b2e6f0b15a0c19bc7fb272e1da1=mdmjo5ftkfeq8h6av6pdtfopo1; jc_frontline_tpl=jc_frontline
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: ddos-guard
Connection: keep-alive
Keep-Alive: timeout=60
Date: Mon, 22 May 2023 07:53:10 GMT
Last-Modified: Wed, 31 Jul 2013 17:01:38 GMT
ETag: "46023f7-1786a-4e2d1adc12080"
Accept-Ranges: bytes
Content-Length: 96362
Content-Type: text/javascript
www.kizik.ru/plugins/system/jat3/jat3/base-themes/default/js/core.js
31.28.24.113200 OK 7.0 kB URL GET HTTP/1.1 www.kizik.ru/plugins/system/jat3/jat3/base-themes/default/js/core.js
IP 31.28.24.113:80
File type ASCII text, with CRLF line terminators
Hash cfc9090c1016ac8762e667e338932f04
d6d198099bdb1b5909462c3f5f1b9b0a05a0556e
2ccc041e7cc95b3ad41ce768444a91a1717f6a071d2ecc602ab445a00bc08c54
NIDS Severity Alert suricata medium ET HUNTING DDoS-Guard Hosted Content
GET /plugins/system/jat3/jat3/base-themes/default/js/core.js HTTP/1.1
Host: www.kizik.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://www.kizik.ru/
Cookie: __ddg1_=ZG8NEf2rRKG4oalGaUII; caae4b2e6f0b15a0c19bc7fb272e1da1=mdmjo5ftkfeq8h6av6pdtfopo1; jc_frontline_tpl=jc_frontline
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: ddos-guard
Connection: keep-alive
Keep-Alive: timeout=60
Date: Mon, 22 May 2023 07:53:10 GMT
Last-Modified: Wed, 14 Aug 2013 09:33:58 GMT
ETag: "46004eb-1b4e-4e3e50e8d4d80"
Accept-Ranges: bytes
Content-Length: 6990
Content-Type: text/javascript
www.kizik.ru/templates/jc_frontline/js/custom.js
31.28.24.113200 OK 7.8 kB URL GET HTTP/1.1 www.kizik.ru/templates/jc_frontline/js/custom.js
IP 31.28.24.113:80
Hash 98e26bb6f04d02f79bb1b11d5e36a7a6
c21522eb128381ddb497fc4c17053fe2f61fc82d
386e6d300a70865e0150c921f28cad549730761dd008a75ca76fe758a1ea4a9e
NIDS Severity Alert suricata medium ET HUNTING DDoS-Guard Hosted Content
GET /templates/jc_frontline/js/custom.js HTTP/1.1
Host: www.kizik.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://www.kizik.ru/
Cookie: __ddg1_=ZG8NEf2rRKG4oalGaUII; caae4b2e6f0b15a0c19bc7fb272e1da1=mdmjo5ftkfeq8h6av6pdtfopo1; jc_frontline_tpl=jc_frontline
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: ddos-guard
Connection: keep-alive
Keep-Alive: timeout=60
Date: Mon, 22 May 2023 07:53:10 GMT
Last-Modified: Thu, 13 Aug 2015 11:10:57 GMT
ETag: "45c5c37-1e7d-51d2f63b49240"
Accept-Ranges: bytes
Content-Length: 7805
Content-Type: text/javascript
www.kizik.ru/plugins/system/jat3/jat3/base-themes/default/js/menu/mega.js
31.28.24.113200 OK 18 kB URL GET HTTP/1.1 www.kizik.ru/plugins/system/jat3/jat3/base-themes/default/js/menu/mega.js
IP 31.28.24.113:80
File type ASCII text, with CRLF line terminators
Hash 4ff9b8a2706be3001683f0aeb1d17513
b4127d9e15d223dab2166bf79b930f4f90a1201e
f9093809a715e61e65435c89a2722da7eb7b62bdc8da1e8d8eb3a2eb6fa94513
NIDS Severity Alert suricata medium ET HUNTING DDoS-Guard Hosted Content
suricata medium ET MALWARE Magecart Loader Javascript
GET /plugins/system/jat3/jat3/base-themes/default/js/menu/mega.js HTTP/1.1
Host: www.kizik.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://www.kizik.ru/
Cookie: __ddg1_=ZG8NEf2rRKG4oalGaUII; caae4b2e6f0b15a0c19bc7fb272e1da1=mdmjo5ftkfeq8h6av6pdtfopo1; jc_frontline_tpl=jc_frontline
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: ddos-guard
Connection: keep-alive
Keep-Alive: timeout=60
Date: Mon, 22 May 2023 07:53:10 GMT
Last-Modified: Wed, 14 Aug 2013 09:33:58 GMT
ETag: "46004f0-44cb-4e3e50e8d4d80"
Accept-Ranges: bytes
Content-Length: 17611
Content-Type: text/javascript
www.kizik.ru/media/system/js/modal.js
31.28.24.113200 OK 9.7 kB URL GET HTTP/1.1 www.kizik.ru/media/system/js/modal.js
IP 31.28.24.113:80
File type Unicode text, UTF-8 text, with very long lines (599)
Hash 637c3dd497107b7460a1f5a9e616a01c
bd7115c100422d2963f97a2b4c96a7fd3c1763b9
1d44d98509149be106f7f160e40e5049931817efa8a6aecec637ac3f6dcebdd0
NIDS Severity Alert suricata medium ET HUNTING DDoS-Guard Hosted Content
GET /media/system/js/modal.js HTTP/1.1
Host: www.kizik.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://www.kizik.ru/
Cookie: __ddg1_=ZG8NEf2rRKG4oalGaUII; caae4b2e6f0b15a0c19bc7fb272e1da1=mdmjo5ftkfeq8h6av6pdtfopo1; jc_frontline_tpl=jc_frontline
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: ddos-guard
Connection: keep-alive
Keep-Alive: timeout=60
Date: Mon, 22 May 2023 07:53:10 GMT
Last-Modified: Sat, 31 Mar 2012 22:03:50 GMT
ETag: "46023ff-2604-4bc9121c9dd80"
Accept-Ranges: bytes
Content-Length: 9732
Content-Type: text/javascript
www.kizik.ru/media/system/css/system.css
31.28.24.113200 OK 1.4 kB URL GET HTTP/1.1 www.kizik.ru/media/system/css/system.css
IP 31.28.24.113:80
Hash 6ee37cc0fc51e3ca6a8b6427499b6376
dd4def4fd8ed66765e602a822be85125eb17cec6
4e613fe3e74a7af0e4b3504bd27ea2af347ad46cfdd761afe34ef674e4804ae9
NIDS Severity Alert suricata medium ET HUNTING DDoS-Guard Hosted Content
GET /media/system/css/system.css HTTP/1.1
Host: www.kizik.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://www.kizik.ru/templates/system/css/system.css
Cookie: __ddg1_=ZG8NEf2rRKG4oalGaUII; caae4b2e6f0b15a0c19bc7fb272e1da1=mdmjo5ftkfeq8h6av6pdtfopo1; jc_frontline_tpl=jc_frontline
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: ddos-guard
Connection: keep-alive
Keep-Alive: timeout=60
Date: Mon, 22 May 2023 07:53:10 GMT
Last-Modified: Wed, 31 Jul 2013 17:01:38 GMT
ETag: "4602445-5a6-4e2d1adc12080"
Accept-Ranges: bytes
Content-Length: 1446
Content-Type: text/css
www.kizik.ru/modules/mod_calendar_pravo/js/highslide.js
31.28.24.113200 OK 48 kB URL GET HTTP/1.1 www.kizik.ru/modules/mod_calendar_pravo/js/highslide.js
IP 31.28.24.113:80
File type ISO-8859 text, with very long lines (46654), with CRLF, LF line terminators
Hash 5e7b3d765534db503510eedc32141b5e
4b21b31c582268c77387cb301a3020deec27d764
ed6ddc2778cd24b0247b58dfb8e4f3def7a2c3dcf572e3b42936c391d2e9e81d
NIDS Severity Alert suricata medium ET HUNTING DDoS-Guard Hosted Content
GET /modules/mod_calendar_pravo/js/highslide.js HTTP/1.1
Host: www.kizik.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://www.kizik.ru/
Cookie: __ddg1_=ZG8NEf2rRKG4oalGaUII; caae4b2e6f0b15a0c19bc7fb272e1da1=mdmjo5ftkfeq8h6av6pdtfopo1; jc_frontline_tpl=jc_frontline
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: ddos-guard
Connection: keep-alive
Keep-Alive: timeout=60
Date: Mon, 22 May 2023 07:53:10 GMT
Last-Modified: Fri, 31 May 2013 15:19:34 GMT
ETag: "4601e6b-bacb-4de05246a6d80"
Accept-Ranges: bytes
Content-Length: 47819
Content-Type: text/javascript
www.kizik.ru/media/system/js/mootools-more.js
31.28.24.113200 OK 238 kB URL GET HTTP/1.1 www.kizik.ru/media/system/js/mootools-more.js
IP 31.28.24.113:80
File type Unicode text, UTF-8 text, with very long lines (2903)
Size 238 kB (238331 bytes)
Hash 06a6a417945b8e518494ffc4c8abd22b
6c57ce51ce8d4b5af56f47162b517ad0d2ea9860
65d92e52232e1409aaaebc6ad930501bb223b96fea580940d39470f3f492e6ba
NIDS Severity Alert suricata medium ET HUNTING DDoS-Guard Hosted Content
GET /media/system/js/mootools-more.js HTTP/1.1
Host: www.kizik.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://www.kizik.ru/
Cookie: __ddg1_=ZG8NEf2rRKG4oalGaUII; caae4b2e6f0b15a0c19bc7fb272e1da1=mdmjo5ftkfeq8h6av6pdtfopo1; jc_frontline_tpl=jc_frontline
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: ddos-guard
Connection: keep-alive
Keep-Alive: timeout=60
Date: Mon, 22 May 2023 07:53:10 GMT
Last-Modified: Wed, 31 Jul 2013 17:01:38 GMT
ETag: "46023ee-3a2fb-4e2d1adc12080"
Accept-Ranges: bytes
Content-Length: 238331
Content-Type: text/javascript
script.pravoslavie.ru/cache/name=1&life=0&icon=1&trop=0&hram=0&relics=0&vek=0&bold=1&tipikon=0&feofan=0&trapeza=1&date=0&tmshift=0&css=1&images=1.ls
178.248.238.199200 OK 7.0 kB URL GET HTTP/1.1 script.pravoslavie.ru/cache/name=1&life=0&icon=1&trop=0&hram=0&relics=0&vek=0&bold=1&tipikon=0&feofan=0&trapeza=1&date=0&tmshift=0&css=1&images=1.ls
IP 178.248.238.199:443
Certificate IssuerLet's Encrypt
Subjectscript.pravoslavie.ru
Fingerprint99:66:EA:40:AF:AE:A8:1C:75:BF:58:93:7D:01:E9:5D:5F:3C:24:FB
ValidityThu, 04 May 2023 12:30:54 GMT - Wed, 02 Aug 2023 12:30:53 GMT
File type exported SGML document, Unicode text, UTF-8 text, with very long lines (4317)
Hash 967ff7f536caff5f38dfa487f89fe028
0d4c31f420c5e823ebec14e6a942b2caa2818ec8
72b8da25350538eae1f2f55f6655791826837316b8864ad91b8b097a7ace048f
GET /cache/name=1&life=0&icon=1&trop=0&hram=0&relics=0&vek=0&bold=1&tipikon=0&feofan=0&trapeza=1&date=0&tmshift=0&css=1&images=1.ls HTTP/1.1
Host: script.pravoslavie.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://www.kizik.ru/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: QRATOR
Date: Mon, 22 May 2023 07:53:11 GMT
Content-Length: 7004
Connection: keep-alive
Keep-Alive: timeout=15
Last-Modified: Sun, 21 May 2023 21:26:14 GMT
ETag: "1b5c-5fc3acdc4b864"
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Strict-Transport-Security: max-age=0; includeSubDomains
script.pravoslavie.ru/cache_icon/advanced=1&date=0&href=0&tmshift=0&scale=1.ls
178.248.238.199200 OK 591 B URL GET HTTP/1.1 script.pravoslavie.ru/cache_icon/advanced=1&date=0&href=0&tmshift=0&scale=1.ls
IP 178.248.238.199:443
Certificate IssuerLet's Encrypt
Subjectscript.pravoslavie.ru
Fingerprint99:66:EA:40:AF:AE:A8:1C:75:BF:58:93:7D:01:E9:5D:5F:3C:24:FB
ValidityThu, 04 May 2023 12:30:54 GMT - Wed, 02 Aug 2023 12:30:53 GMT
File type exported SGML document, ASCII text
Hash 7b0824b6f8094230a39c396b2050f59c
ce243c8adea64795df0778bda0df042142721862
a0c8303e619622b33beaafc38ec375cd8455a564c9d080f09f0980426d5f72d1
GET /cache_icon/advanced=1&date=0&href=0&tmshift=0&scale=1.ls HTTP/1.1
Host: script.pravoslavie.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://www.kizik.ru/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: QRATOR
Date: Mon, 22 May 2023 07:53:11 GMT
Content-Length: 591
Connection: keep-alive
Keep-Alive: timeout=15
Last-Modified: Sun, 21 May 2023 21:21:43 GMT
ETag: "24f-5fc3abda2522c"
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Strict-Transport-Security: max-age=0; includeSubDomains
www.kizik.ru/templates/jc_frontline/images/nds.png
31.28.24.113200 OK 42 kB URL GET HTTP/1.1 www.kizik.ru/templates/jc_frontline/images/nds.png
IP 31.28.24.113:80
File type PNG image data, 610 x 41, 8-bit/color RGBA, non-interlaced\012- data
Hash fa8df39c585012c5eecc87ced7bddfb1
2f295215cf0c9572ecff9e000e1123933116b615
a694c219c88d3707154e2d206ca830fadf60d7753ee9486f365e8d4cd0f55cc9
NIDS Severity Alert suricata medium ET HUNTING DDoS-Guard Hosted Content
GET /templates/jc_frontline/images/nds.png HTTP/1.1
Host: www.kizik.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://www.kizik.ru/
Cookie: __ddg1_=ZG8NEf2rRKG4oalGaUII; caae4b2e6f0b15a0c19bc7fb272e1da1=mdmjo5ftkfeq8h6av6pdtfopo1; jc_frontline_tpl=jc_frontline
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: ddos-guard
Connection: keep-alive
Keep-Alive: timeout=60
Date: Mon, 22 May 2023 07:53:11 GMT
Last-Modified: Fri, 31 May 2013 10:31:53 GMT
ETag: "45c5ca8-a57d-4de011f947840"
Accept-Ranges: bytes
Content-Length: 42365
Cache-Control: max-age=86400
Expires: Tue, 23 May 2023 07:53:11 GMT
Content-Type: image/png
www.kizik.ru/images/phocagallery/maslenica_2013/thumbs/phoca_thumb_m_dsc_9663.jpg
31.28.24.113200 OK 32 kB URL GET HTTP/1.1 www.kizik.ru/images/phocagallery/maslenica_2013/thumbs/phoca_thumb_m_dsc_9663.jpg
IP 31.28.24.113:80
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 100", baseline, precision 8, 145x220, components 3\012- data
Hash b1541b55a526d2afee9bf433e974abfe
6f6662d654aa572e2bf693c485afb9193616145d
196ea7dcbc4775e84c7f1b455dca76e58e78a3b009eced7e062f50b4d4c3c9ef
NIDS Severity Alert suricata medium ET HUNTING DDoS-Guard Hosted Content
GET /images/phocagallery/maslenica_2013/thumbs/phoca_thumb_m_dsc_9663.jpg HTTP/1.1
Host: www.kizik.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://www.kizik.ru/
Cookie: __ddg1_=ZG8NEf2rRKG4oalGaUII; caae4b2e6f0b15a0c19bc7fb272e1da1=mdmjo5ftkfeq8h6av6pdtfopo1; jc_frontline_tpl=jc_frontline
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: ddos-guard
Connection: keep-alive
Keep-Alive: timeout=60
Date: Mon, 22 May 2023 07:53:11 GMT
Last-Modified: Fri, 31 May 2013 13:43:59 GMT
ETag: "4601a2f-7d8f-4de03ce9545c0"
Accept-Ranges: bytes
Content-Length: 32143
Cache-Control: max-age=86400
Expires: Tue, 23 May 2023 07:53:11 GMT
Content-Type: image/jpeg
www.kizik.ru/templates/jc_frontline/images/mshadow.png
31.28.24.113200 OK 132 kB URL GET HTTP/1.1 www.kizik.ru/templates/jc_frontline/images/mshadow.png
IP 31.28.24.113:80
File type PNG image data, 1099 x 156, 8-bit/color RGBA, non-interlaced\012- data
Size 132 kB (131836 bytes)
Hash 32bb2d956376bc8bddc0d745d5b416ac
906ec669ebf839c8a9ae1e12cc5d4fa19c4214a9
af89aa5e4f8c3e8c0196371e1fdbcf511269ab93f0d52bda23bd81e33528c959
NIDS Severity Alert suricata medium ET HUNTING DDoS-Guard Hosted Content
GET /templates/jc_frontline/images/mshadow.png HTTP/1.1
Host: www.kizik.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://www.kizik.ru/
Cookie: __ddg1_=ZG8NEf2rRKG4oalGaUII; caae4b2e6f0b15a0c19bc7fb272e1da1=mdmjo5ftkfeq8h6av6pdtfopo1; jc_frontline_tpl=jc_frontline
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: ddos-guard
Connection: keep-alive
Keep-Alive: timeout=60
Date: Mon, 22 May 2023 07:53:11 GMT
Last-Modified: Fri, 31 May 2013 10:31:51 GMT
ETag: "45c5c88-202fc-4de011f75f3c0"
Accept-Ranges: bytes
Content-Length: 131836
Cache-Control: max-age=86400
Expires: Tue, 23 May 2023 07:53:11 GMT
Content-Type: image/png
www.kizik.ru/templates/jc_frontline/images/mmain-2002.png
31.28.24.113200 OK 30 kB URL GET HTTP/1.1 www.kizik.ru/templates/jc_frontline/images/mmain-2002.png
IP 31.28.24.113:80
File type PNG image data, 881 x 19, 8-bit/color RGBA, non-interlaced\012- data
Hash 28c7d7bd53f1a25be0594aa56d2208e1
c09235142a4a9fd3bb030d3475e6576039fbf906
a5fbfbe78553d2a11de37fb937346ec7ba89e529c993d913c831dbd4cc142932
NIDS Severity Alert suricata medium ET HUNTING DDoS-Guard Hosted Content
GET /templates/jc_frontline/images/mmain-2002.png HTTP/1.1
Host: www.kizik.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://www.kizik.ru/templates/jc_frontline/css/menu/mega.css
Cookie: __ddg1_=ZG8NEf2rRKG4oalGaUII; caae4b2e6f0b15a0c19bc7fb272e1da1=mdmjo5ftkfeq8h6av6pdtfopo1; jc_frontline_tpl=jc_frontline
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: ddos-guard
Connection: keep-alive
Keep-Alive: timeout=60
Date: Mon, 22 May 2023 07:53:11 GMT
Last-Modified: Fri, 31 May 2013 10:31:51 GMT
ETag: "45c5cae-7475-4de011f75f3c0"
Accept-Ranges: bytes
Content-Length: 29813
Cache-Control: max-age=86400
Expires: Tue, 23 May 2023 07:53:11 GMT
Content-Type: image/png
www.kizik.ru/plugins/system/jat3/jat3/base-themes/default/images/arrow3.png
31.28.24.113200 OK 149 B URL GET HTTP/1.1 www.kizik.ru/plugins/system/jat3/jat3/base-themes/default/images/arrow3.png
IP 31.28.24.113:80
File type PNG image data, 7 x 4, 8-bit colormap, non-interlaced\012- data
Hash 5aeee3e6d60870f7f0bc2ef04064d556
579471ac0bc6483e66b06fcc165b61ba6340e2a3
5d5f0aac519fbdff06b02881e57e97ba010b5e138aaa03287ce2c334e484e34a
NIDS Severity Alert suricata medium ET HUNTING DDoS-Guard Hosted Content
GET /plugins/system/jat3/jat3/base-themes/default/images/arrow3.png HTTP/1.1
Host: www.kizik.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://www.kizik.ru/plugins/system/jat3/jat3/base-themes/default/css/menu/mega.css
Cookie: __ddg1_=ZG8NEf2rRKG4oalGaUII; caae4b2e6f0b15a0c19bc7fb272e1da1=mdmjo5ftkfeq8h6av6pdtfopo1; jc_frontline_tpl=jc_frontline
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: ddos-guard
Connection: keep-alive
Keep-Alive: timeout=60
Date: Mon, 22 May 2023 07:53:11 GMT
Last-Modified: Wed, 14 Aug 2013 09:33:58 GMT
ETag: "460050a-95-4e3e50e8d4d80"
Accept-Ranges: bytes
Content-Length: 149
Cache-Control: max-age=86400
Expires: Tue, 23 May 2023 07:53:11 GMT
Content-Type: image/png
www.kizik.ru/templates/jc_frontline/images/menu-bg2.png
31.28.24.113200 OK 3.8 kB URL GET HTTP/1.1 www.kizik.ru/templates/jc_frontline/images/menu-bg2.png
IP 31.28.24.113:80
File type PNG image data, 134 x 17, 8-bit/color RGBA, non-interlaced\012- data
Hash ae4bc63f7e8fb2289e872e2fc71b8ecf
b28228343e188de1c6d947189a60dfa660b77948
4643865c931b3028306ff5a8529f8262b35f2d29172ac12208c2483479bef0f5
NIDS Severity Alert suricata medium ET HUNTING DDoS-Guard Hosted Content
GET /templates/jc_frontline/images/menu-bg2.png HTTP/1.1
Host: www.kizik.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://www.kizik.ru/templates/jc_frontline/css/menu/mega.css
Cookie: __ddg1_=ZG8NEf2rRKG4oalGaUII; caae4b2e6f0b15a0c19bc7fb272e1da1=mdmjo5ftkfeq8h6av6pdtfopo1; jc_frontline_tpl=jc_frontline
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: ddos-guard
Connection: keep-alive
Keep-Alive: timeout=60
Date: Mon, 22 May 2023 07:53:11 GMT
Last-Modified: Sat, 23 May 2015 08:36:48 GMT
ETag: "45c5c9e-eb1-516bbad6f4800"
Accept-Ranges: bytes
Content-Length: 3761
Cache-Control: max-age=86400
Expires: Tue, 23 May 2023 07:53:11 GMT
Content-Type: image/png
www.kizik.ru/templates/jc_frontline/images/main_bg.jpg
31.28.24.113200 OK 94 kB URL GET HTTP/1.1 www.kizik.ru/templates/jc_frontline/images/main_bg.jpg
IP 31.28.24.113:80
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 200x200, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=4], progressive, precision 8, 569x290, components 3\012- data
Hash d2df649b71af6ddf5609feea38c36a5f
adf0f84a53d8f40129915735441f113157f6407e
6a93cee344a34000bdfe4477e60df5651421c27b0c469678dc27bdc8aab1b082
NIDS Severity Alert suricata medium ET HUNTING DDoS-Guard Hosted Content
GET /templates/jc_frontline/images/main_bg.jpg HTTP/1.1
Host: www.kizik.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://www.kizik.ru/templates/jc_frontline/css/template.css
Cookie: __ddg1_=ZG8NEf2rRKG4oalGaUII; caae4b2e6f0b15a0c19bc7fb272e1da1=mdmjo5ftkfeq8h6av6pdtfopo1; jc_frontline_tpl=jc_frontline
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: ddos-guard
Connection: keep-alive
Keep-Alive: timeout=60
Date: Mon, 22 May 2023 07:53:11 GMT
Last-Modified: Fri, 31 May 2013 10:31:51 GMT
ETag: "45c5c9d-16f90-4de011f75f3c0"
Accept-Ranges: bytes
Content-Length: 94096
Cache-Control: max-age=86400
Expires: Tue, 23 May 2023 07:53:11 GMT
Content-Type: image/jpeg
www.kizik.ru/templates/jc_frontline/images/pagenav-sep.png
31.28.24.113200 OK 1.0 kB URL GET HTTP/1.1 www.kizik.ru/templates/jc_frontline/images/pagenav-sep.png
IP 31.28.24.113:80
File type PNG image data, 2 x 37, 8-bit/color RGBA, non-interlaced\012- data
Hash 8f075412923ef69c277ce753dd072719
34f732da98c9303077936aedd892fe6164c0e782
4c936057856d7db3ddf84eb171d816611b07491f59b069260ebfea9e87290f5d
NIDS Severity Alert suricata medium ET HUNTING DDoS-Guard Hosted Content
GET /templates/jc_frontline/images/pagenav-sep.png HTTP/1.1
Host: www.kizik.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://www.kizik.ru/templates/jc_frontline/css/template.css
Cookie: __ddg1_=ZG8NEf2rRKG4oalGaUII; caae4b2e6f0b15a0c19bc7fb272e1da1=mdmjo5ftkfeq8h6av6pdtfopo1; jc_frontline_tpl=jc_frontline
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: ddos-guard
Connection: keep-alive
Keep-Alive: timeout=60
Date: Mon, 22 May 2023 07:53:11 GMT
Last-Modified: Fri, 31 May 2013 10:31:53 GMT
ETag: "45c5c92-3ff-4de011f947840"
Accept-Ranges: bytes
Content-Length: 1023
Cache-Control: max-age=86400
Expires: Tue, 23 May 2023 07:53:11 GMT
Content-Type: image/png
www.kizik.ru/templates/jc_frontline/images/number-page.png
31.28.24.113200 OK 352 B URL GET HTTP/1.1 www.kizik.ru/templates/jc_frontline/images/number-page.png
IP 31.28.24.113:80
File type PNG image data, 20 x 37, 8-bit/color RGBA, non-interlaced\012- data
Hash a63e811bf9e3c55d3ecc40a3d0a777f5
82eeacd708935a97b52a046199ce9c68dad9d57e
13cb48c80f0cfc35f9aa1e99515ac755c32d4d2f5ead1b44dd399d8ce898111a
NIDS Severity Alert suricata medium ET HUNTING DDoS-Guard Hosted Content
GET /templates/jc_frontline/images/number-page.png HTTP/1.1
Host: www.kizik.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://www.kizik.ru/templates/jc_frontline/css/template.css
Cookie: __ddg1_=ZG8NEf2rRKG4oalGaUII; caae4b2e6f0b15a0c19bc7fb272e1da1=mdmjo5ftkfeq8h6av6pdtfopo1; jc_frontline_tpl=jc_frontline
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: ddos-guard
Connection: keep-alive
Keep-Alive: timeout=60
Date: Mon, 22 May 2023 07:53:11 GMT
Last-Modified: Fri, 31 May 2013 10:31:53 GMT
ETag: "45c5c54-160-4de011f947840"
Accept-Ranges: bytes
Content-Length: 352
Cache-Control: max-age=86400
Expires: Tue, 23 May 2023 07:53:11 GMT
Content-Type: image/png
www.kizik.ru/templates/jc_frontline/images/advertdate.png
31.28.24.113200 OK 6.8 kB URL GET HTTP/1.1 www.kizik.ru/templates/jc_frontline/images/advertdate.png
IP 31.28.24.113:80
File type PNG image data, 66 x 60, 8-bit/color RGBA, non-interlaced\012- data
Hash 36138800fec9adc2557f596a3fa99c40
b8c65107e3265bd64404d6c4c2fec6dfde319912
9c4b1e602877ac91c424762506d63d78763d8c4ed98bc41e7713a77f00f20440
NIDS Severity Alert suricata medium ET HUNTING DDoS-Guard Hosted Content
GET /templates/jc_frontline/images/advertdate.png HTTP/1.1
Host: www.kizik.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://www.kizik.ru/templates/jc_frontline/css/template.css
Cookie: __ddg1_=ZG8NEf2rRKG4oalGaUII; caae4b2e6f0b15a0c19bc7fb272e1da1=mdmjo5ftkfeq8h6av6pdtfopo1; jc_frontline_tpl=jc_frontline
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: ddos-guard
Connection: keep-alive
Keep-Alive: timeout=60
Date: Mon, 22 May 2023 07:53:11 GMT
Last-Modified: Fri, 31 May 2013 10:41:37 GMT
ETag: "45c5c9b-1a77-4de0142639a40"
Accept-Ranges: bytes
Content-Length: 6775
Cache-Control: max-age=86400
Expires: Tue, 23 May 2023 07:53:11 GMT
Content-Type: image/png
www.kizik.ru/templates/jc_frontline/images/up-arrow.png
31.28.24.113200 OK 193 B URL GET HTTP/1.1 www.kizik.ru/templates/jc_frontline/images/up-arrow.png
IP 31.28.24.113:80
File type PNG image data, 21 x 22, 8-bit/color RGBA, non-interlaced\012- data
Hash 280ded5bc43b9c481fca851992a18b61
0c76d22a9c8e7c95edb6f11f629c4c2388e75a13
487a1f97028e3ad1415368db430a201d0048d1b0b790cf54993d6091493cc1aa
NIDS Severity Alert suricata medium ET HUNTING DDoS-Guard Hosted Content
GET /templates/jc_frontline/images/up-arrow.png HTTP/1.1
Host: www.kizik.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://www.kizik.ru/templates/jc_frontline/css/template.css
Cookie: __ddg1_=ZG8NEf2rRKG4oalGaUII; caae4b2e6f0b15a0c19bc7fb272e1da1=mdmjo5ftkfeq8h6av6pdtfopo1; jc_frontline_tpl=jc_frontline
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: ddos-guard
Connection: keep-alive
Keep-Alive: timeout=60
Date: Mon, 22 May 2023 07:53:11 GMT
Last-Modified: Fri, 31 May 2013 10:32:01 GMT
ETag: "45c5c6c-c1-4de01200e8a40"
Accept-Ranges: bytes
Content-Length: 193
Cache-Control: max-age=86400
Expires: Tue, 23 May 2023 07:53:11 GMT
Content-Type: image/png
www.kizik.ru/templates/jc_frontline/images/logo.png
31.28.24.113200 OK 814 kB URL GET HTTP/1.1 www.kizik.ru/templates/jc_frontline/images/logo.png
IP 31.28.24.113:80
File type PNG image data, 1034 x 444, 8-bit/color RGBA, non-interlaced\012- data
Size 814 kB (814216 bytes)
Hash 687d123544ef5c1a858ab13b2fcc7ede
09a8934c1db132e7c5fa3ebe0f3786b08d6b724a
9c4a35d47385f2dd0952e993f21e3ad71f83f319d073ed0733e12b21025a4f9b
NIDS Severity Alert suricata medium ET HUNTING DDoS-Guard Hosted Content
GET /templates/jc_frontline/images/logo.png HTTP/1.1
Host: www.kizik.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://www.kizik.ru/
Cookie: __ddg1_=ZG8NEf2rRKG4oalGaUII; caae4b2e6f0b15a0c19bc7fb272e1da1=mdmjo5ftkfeq8h6av6pdtfopo1; jc_frontline_tpl=jc_frontline
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: ddos-guard
Connection: keep-alive
Keep-Alive: timeout=60
Date: Mon, 22 May 2023 07:53:11 GMT
Last-Modified: Fri, 31 May 2013 10:31:47 GMT
ETag: "45c5c94-c6c88-4de011f38eac0"
Accept-Ranges: bytes
Content-Length: 814216
Cache-Control: max-age=86400
Expires: Tue, 23 May 2023 07:53:11 GMT
Content-Type: image/png
www.kizik.ru/templates/jc_frontline/images/img0069.png
31.28.24.113200 OK 130 kB URL GET HTTP/1.1 www.kizik.ru/templates/jc_frontline/images/img0069.png
IP 31.28.24.113:80
File type PNG image data, 1099 x 156, 8-bit/color RGBA, non-interlaced\012- data
Size 130 kB (130120 bytes)
Hash c3df8f53ca0ebe8faf6a2ae3ce7ad6f1
f8b68a6da04bf1d236f7627b519edd2a12bbebb6
e129193a8e807569c3217b954dd03a5a57d89f869073fff16f1b840dd5969590
NIDS Severity Alert suricata medium ET HUNTING DDoS-Guard Hosted Content
GET /templates/jc_frontline/images/img0069.png HTTP/1.1
Host: www.kizik.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://www.kizik.ru/templates/jc_frontline/css/layout.css
Cookie: __ddg1_=ZG8NEf2rRKG4oalGaUII; caae4b2e6f0b15a0c19bc7fb272e1da1=mdmjo5ftkfeq8h6av6pdtfopo1; jc_frontline_tpl=jc_frontline
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: ddos-guard
Connection: keep-alive
Keep-Alive: timeout=60
Date: Mon, 22 May 2023 07:53:11 GMT
Last-Modified: Fri, 31 May 2013 10:31:47 GMT
ETag: "45c5c76-1fc48-4de011f38eac0"
Accept-Ranges: bytes
Content-Length: 130120
Cache-Control: max-age=86400
Expires: Tue, 23 May 2023 07:53:11 GMT
Content-Type: image/png
days.pravoslavie.ru/jpg/is4704.jpg
178.248.238.199200 OK 9.5 kB URL GET HTTP/1.1 days.pravoslavie.ru/jpg/is4704.jpg
IP 178.248.238.199:443
Certificate IssuerLet's Encrypt
Subjectdays.pravoslavie.ru
Fingerprint13:61:25:C4:19:DB:D9:C2:F6:86:73:0D:87:91:98:E6:84:DA:CC:56
ValidityThu, 04 May 2023 12:15:35 GMT - Wed, 02 Aug 2023 12:15:34 GMT
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 128x160, components 3\012- data
Hash 0afc49f19bdd2349b6d27404ade48087
ef735085bed88ecd5198ef083d30c57e55eeb411
08a3425e8cee657d85f2792dad722e3eea589028acfc4e8f69368146a1374afa
GET /jpg/is4704.jpg HTTP/1.1
Host: days.pravoslavie.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://www.kizik.ru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: QRATOR
Date: Mon, 22 May 2023 07:53:11 GMT
Content-Type: image/jpeg
Content-Length: 9531
Connection: keep-alive
Keep-Alive: timeout=15
Last-Modified: Mon, 26 Dec 2022 17:58:10 GMT
ETag: "253b-5f0bee0e0d2f3"
Accept-Ranges: bytes
Strict-Transport-Security: max-age=0; includeSubDomains
days.pravoslavie.ru/cmn/I.gif
178.248.238.199200 OK 404 B URL GET HTTP/1.1 days.pravoslavie.ru/cmn/I.gif
IP 178.248.238.199:443
Certificate IssuerLet's Encrypt
Subjectdays.pravoslavie.ru
Fingerprint13:61:25:C4:19:DB:D9:C2:F6:86:73:0D:87:91:98:E6:84:DA:CC:56
ValidityThu, 04 May 2023 12:15:35 GMT - Wed, 02 Aug 2023 12:15:34 GMT
File type GIF image data, version 89a, 18 x 16\012- data
Hash 80f12196ee22d2b78a09a44c5d0bb95b
a855b4c31e547cede11f42769863d98a909f96fe
62cc1f382a7836a976513e95e6e2709419af97a3463aceb0a80c930e52979208
GET /cmn/I.gif HTTP/1.1
Host: days.pravoslavie.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://www.kizik.ru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: QRATOR
Date: Mon, 22 May 2023 07:53:11 GMT
Content-Type: image/gif
Content-Length: 404
Connection: keep-alive
Keep-Alive: timeout=15
Last-Modified: Fri, 13 Jan 2006 21:00:00 GMT
ETag: "194-40a43bf92d400"
Accept-Ranges: bytes
Strict-Transport-Security: max-age=0; includeSubDomains
www.kizik.ru/plugins/system/jat3/jat3/base-themes/default/images/favicon.ico
31.28.24.113200 OK 894 B URL GET HTTP/1.1 www.kizik.ru/plugins/system/jat3/jat3/base-themes/default/images/favicon.ico
IP 31.28.24.113:80
File type MS Windows icon resource - 1 icon, 16x16, 24 bits/pixel\012- data
Hash 5ab3d64bb1311467d6485e25268a92f4
e8b11ecc0ea51b4ff9d8ebca6161130e3ab21bfa
fd0d2b58a44bad4e3fbfcf789412d08fccf183bec84c482e816d243edb199725
NIDS Severity Alert suricata medium ET HUNTING DDoS-Guard Hosted Content
GET /plugins/system/jat3/jat3/base-themes/default/images/favicon.ico HTTP/1.1
Host: www.kizik.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://www.kizik.ru/
Cookie: __ddg1_=ZG8NEf2rRKG4oalGaUII; caae4b2e6f0b15a0c19bc7fb272e1da1=mdmjo5ftkfeq8h6av6pdtfopo1; jc_frontline_tpl=jc_frontline
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: ddos-guard
Connection: keep-alive
Keep-Alive: timeout=60
Date: Mon, 22 May 2023 07:53:11 GMT
Last-Modified: Wed, 14 Aug 2013 11:18:37 GMT
ETag: "460053e-37e-4e3e684cf3d40"
Accept-Ranges: bytes
Content-Length: 894
Content-Type: image/vnd.microsoft.icon
www.kizik.ru/modules/mod_calendar_pravo/js/graphics/outlines/rounded-white.png
31.28.24.113200 OK 2.1 kB URL GET HTTP/1.1 www.kizik.ru/modules/mod_calendar_pravo/js/graphics/outlines/rounded-white.png
IP 31.28.24.113:80
File type PNG image data, 40 x 3000, 8-bit gray+alpha, non-interlaced\012- data
Hash ff904e99a0ecb32a27642d389adb91ba
c4ef235dcc34844e4050f845ff4ce22ce35fe0b8
e82d0547f662dc02f6d55c082758f5aac71937fee44bc0cb0f106f85b5fe2f81
NIDS Severity Alert suricata medium ET HUNTING DDoS-Guard Hosted Content
GET /modules/mod_calendar_pravo/js/graphics/outlines/rounded-white.png HTTP/1.1
Host: www.kizik.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://www.kizik.ru/
Cookie: __ddg1_=ZG8NEf2rRKG4oalGaUII; caae4b2e6f0b15a0c19bc7fb272e1da1=mdmjo5ftkfeq8h6av6pdtfopo1; jc_frontline_tpl=jc_frontline
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: ddos-guard
Connection: keep-alive
Keep-Alive: timeout=60
Date: Mon, 22 May 2023 07:53:11 GMT
Last-Modified: Fri, 31 May 2013 15:19:34 GMT
ETag: "4601e76-802-4de05246a6d80"
Accept-Ranges: bytes
Content-Length: 2050
Cache-Control: max-age=86400
Expires: Tue, 23 May 2023 07:53:11 GMT
Content-Type: image/png
www.kizik.ru/modules/mod_calendar_pravo/js/graphics/zoomout.cur
31.28.24.113200 OK 326 B URL GET HTTP/1.1 www.kizik.ru/modules/mod_calendar_pravo/js/graphics/zoomout.cur
IP 31.28.24.113:80
File type MS Windows cursor resource - 1 icon, 32x32, 2 colors, hotspot @7x7\012- data
Hash e5f236bf2b60f8c8fc1867d70636a046
2d1695a011edd32a1abc5329dcf4b8ee196d5e7f
110a21ee3616bfa86b492bb237eeb946ee4a643d7bb77a7fd2b131311f5ccf72
NIDS Severity Alert suricata medium ET HUNTING DDoS-Guard Hosted Content
GET /modules/mod_calendar_pravo/js/graphics/zoomout.cur HTTP/1.1
Host: www.kizik.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://www.kizik.ru/
Cookie: __ddg1_=ZG8NEf2rRKG4oalGaUII; caae4b2e6f0b15a0c19bc7fb272e1da1=mdmjo5ftkfeq8h6av6pdtfopo1; jc_frontline_tpl=jc_frontline
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: ddos-guard
Connection: keep-alive
Keep-Alive: timeout=60
Date: Mon, 22 May 2023 07:53:11 GMT
Last-Modified: Fri, 31 May 2013 15:19:34 GMT
ETag: "4601e71-146-4de05246a6d80"
Accept-Ranges: bytes
Content-Length: 326
Content-Type: text/plain; charset=UTF-8
www.kizik.ru/modules/mod_calendar_pravo/js/graphics/loader.white.gif
31.28.24.113200 OK 673 B URL GET HTTP/1.1 www.kizik.ru/modules/mod_calendar_pravo/js/graphics/loader.white.gif
IP 31.28.24.113:80
File type GIF image data, version 89a, 16 x 16\012- data
Hash 2a6692973429d7a74513bfa8bcb5be20
f2af060f1cadbc9065c8c465c648dc01be67cc12
1eb9e7880f723999a4ed63eece6a6e4d4976833d3c16dc18b4ace3971728ab0d
NIDS Severity Alert suricata medium ET HUNTING DDoS-Guard Hosted Content
GET /modules/mod_calendar_pravo/js/graphics/loader.white.gif HTTP/1.1
Host: www.kizik.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://www.kizik.ru/modules/mod_calendar_pravo/css/highslide.css
Cookie: __ddg1_=ZG8NEf2rRKG4oalGaUII; caae4b2e6f0b15a0c19bc7fb272e1da1=mdmjo5ftkfeq8h6av6pdtfopo1; jc_frontline_tpl=jc_frontline
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: ddos-guard
Connection: keep-alive
Keep-Alive: timeout=60
Date: Mon, 22 May 2023 07:53:11 GMT
Last-Modified: Fri, 31 May 2013 15:19:34 GMT
ETag: "4601e82-2a1-4de05246a6d80"
Accept-Ranges: bytes
Content-Length: 673
Cache-Control: max-age=86400
Expires: Tue, 23 May 2023 07:53:11 GMT
Content-Type: image/gif