Report - www.kizik.ru/

Report Overview

Submitted URL
www.kizik.ru/
IP
31.28.24.113
ASN
#12616 Filanco LLC
Submitted
2023-05-22 07:53:29
Access
public
Website Title
Final URL
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
52
Threat Detection Systems
0

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
ajax.googleapis.com	12905	2005-01-25	2013-08-16	2023-05-22	345 B	34 kB	142.250.74.138
script.pravoslavie.ru	unknown	1999-12-29	2017-02-10	2023-05-14	1.8 kB	9.7 kB	178.248.238.199
days.pravoslavie.ru	unknown	1999-12-29	2017-02-02	2023-05-16	849 B	11 kB	178.248.238.199
www.kizik.ru	unknown	2007-10-23	2014-03-26	2023-04-25	25 kB	2.0 MB	31.28.24.113

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Timestamp	Severity	Source IP	Destination IP	Alert
2023-05-22 07:53:10	medium	31.28.24.113	Client IP	ET HUNTING DDoS-Guard Hosted Content
2023-05-22 07:53:10	medium	31.28.24.113	Client IP	ET MALWARE Magecart Loader Javascript
2023-05-22 07:53:10	medium	31.28.24.113	Client IP	ET HUNTING DDoS-Guard Hosted Content
2023-05-22 07:53:10	medium	31.28.24.113	Client IP	ET HUNTING DDoS-Guard Hosted Content
2023-05-22 07:53:10	medium	31.28.24.113	Client IP	ET HUNTING DDoS-Guard Hosted Content
2023-05-22 07:53:10	medium	31.28.24.113	Client IP	ET HUNTING DDoS-Guard Hosted Content
2023-05-22 07:53:10	medium	31.28.24.113	Client IP	ET HUNTING DDoS-Guard Hosted Content
2023-05-22 07:53:10	medium	31.28.24.113	Client IP	ET HUNTING DDoS-Guard Hosted Content
2023-05-22 07:53:10	medium	31.28.24.113	Client IP	ET HUNTING DDoS-Guard Hosted Content
2023-05-22 07:53:10	medium	31.28.24.113	Client IP	ET HUNTING DDoS-Guard Hosted Content
2023-05-22 07:53:10	medium	31.28.24.113	Client IP	ET HUNTING DDoS-Guard Hosted Content
2023-05-22 07:53:10	medium	31.28.24.113	Client IP	ET HUNTING DDoS-Guard Hosted Content
2023-05-22 07:53:10	medium	31.28.24.113	Client IP	ET HUNTING DDoS-Guard Hosted Content
2023-05-22 07:53:10	medium	31.28.24.113	Client IP	ET HUNTING DDoS-Guard Hosted Content
2023-05-22 07:53:10	medium	31.28.24.113	Client IP	ET HUNTING DDoS-Guard Hosted Content
2023-05-22 07:53:10	medium	31.28.24.113	Client IP	ET HUNTING DDoS-Guard Hosted Content
2023-05-22 07:53:10	medium	31.28.24.113	Client IP	ET HUNTING DDoS-Guard Hosted Content
2023-05-22 07:53:10	medium	31.28.24.113	Client IP	ET HUNTING DDoS-Guard Hosted Content
2023-05-22 07:53:10	medium	31.28.24.113	Client IP	ET HUNTING DDoS-Guard Hosted Content
2023-05-22 07:53:10	medium	31.28.24.113	Client IP	ET HUNTING DDoS-Guard Hosted Content
2023-05-22 07:53:10	medium	31.28.24.113	Client IP	ET HUNTING DDoS-Guard Hosted Content
2023-05-22 07:53:10	medium	31.28.24.113	Client IP	ET HUNTING DDoS-Guard Hosted Content
2023-05-22 07:53:10	medium	31.28.24.113	Client IP	ET HUNTING DDoS-Guard Hosted Content
2023-05-22 07:53:10	medium	31.28.24.113	Client IP	ET HUNTING DDoS-Guard Hosted Content
2023-05-22 07:53:10	medium	31.28.24.113	Client IP	ET HUNTING DDoS-Guard Hosted Content
2023-05-22 07:53:10	medium	31.28.24.113	Client IP	ET HUNTING DDoS-Guard Hosted Content
2023-05-22 07:53:10	medium	31.28.24.113	Client IP	ET HUNTING DDoS-Guard Hosted Content
2023-05-22 07:53:10	medium	31.28.24.113	Client IP	ET HUNTING DDoS-Guard Hosted Content
2023-05-22 07:53:10	medium	31.28.24.113	Client IP	ET HUNTING DDoS-Guard Hosted Content
2023-05-22 07:53:10	medium	31.28.24.113	Client IP	ET HUNTING DDoS-Guard Hosted Content
2023-05-22 07:53:10	medium	31.28.24.113	Client IP	ET HUNTING DDoS-Guard Hosted Content
2023-05-22 07:53:11	medium	31.28.24.113	Client IP	ET HUNTING DDoS-Guard Hosted Content
2023-05-22 07:53:11	medium	31.28.24.113	Client IP	ET HUNTING DDoS-Guard Hosted Content
2023-05-22 07:53:11	medium	31.28.24.113	Client IP	ET MALWARE Magecart Loader Javascript
2023-05-22 07:53:11	medium	31.28.24.113	Client IP	ET HUNTING DDoS-Guard Hosted Content
2023-05-22 07:53:11	medium	31.28.24.113	Client IP	ET HUNTING DDoS-Guard Hosted Content
2023-05-22 07:53:11	medium	31.28.24.113	Client IP	ET HUNTING DDoS-Guard Hosted Content
2023-05-22 07:53:11	medium	31.28.24.113	Client IP	ET HUNTING DDoS-Guard Hosted Content
2023-05-22 07:53:11	medium	31.28.24.113	Client IP	ET HUNTING DDoS-Guard Hosted Content
2023-05-22 07:53:11	medium	31.28.24.113	Client IP	ET HUNTING DDoS-Guard Hosted Content
2023-05-22 07:53:11	medium	31.28.24.113	Client IP	ET HUNTING DDoS-Guard Hosted Content
2023-05-22 07:53:11	medium	31.28.24.113	Client IP	ET HUNTING DDoS-Guard Hosted Content
2023-05-22 07:53:11	medium	31.28.24.113	Client IP	ET HUNTING DDoS-Guard Hosted Content
2023-05-22 07:53:11	medium	31.28.24.113	Client IP	ET HUNTING DDoS-Guard Hosted Content
2023-05-22 07:53:11	medium	31.28.24.113	Client IP	ET HUNTING DDoS-Guard Hosted Content
2023-05-22 07:53:11	medium	31.28.24.113	Client IP	ET HUNTING DDoS-Guard Hosted Content
2023-05-22 07:53:11	medium	31.28.24.113	Client IP	ET HUNTING DDoS-Guard Hosted Content
2023-05-22 07:53:21	medium	31.28.24.113	Client IP	ET HUNTING DDoS-Guard Hosted Content
2023-05-22 07:53:21	medium	31.28.24.113	Client IP	ET HUNTING DDoS-Guard Hosted Content
2023-05-22 07:53:21	medium	31.28.24.113	Client IP	ET HUNTING DDoS-Guard Hosted Content
2023-05-22 07:53:21	medium	31.28.24.113	Client IP	ET HUNTING DDoS-Guard Hosted Content
2023-05-22 07:53:21	medium	31.28.24.113	Client IP	ET HUNTING DDoS-Guard Hosted Content

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

JavaScript (40)

	URL	Size	First Seen	Last Seen
	www.kizik.ru/media/system/js/mootools-more.js	238 kB	2023-03-07	2024-03-15
Pretty URL www.kizik.ru/media/system/js/mootools-more.js IP 31.28.24.113 ASN #12616 Filanco LLC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:35:58 Last Seen2024-03-15 14:17:39 Times Seen482 Hash 06a6a417945b8e518494ffc4c8abd22b 6c57ce51ce8d4b5af56f47162b517ad0d2ea9860 65d92e52232e1409aaaebc6ad930501bb223b96fea580940d39470f3f492e6ba Loading...

	www.kizik.ru/plugins/system/jat3/jat3/base-themes/default/js/core.js	7.0 kB	2023-05-22	2023-05-22
Pretty URL www.kizik.ru/plugins/system/jat3/jat3/base-themes/default/js/core.js IP 31.28.24.113 ASN #12616 Filanco LLC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-05-22 09:53:32 Last Seen2023-05-22 09:53:33 Times Seen2 Hash cfc9090c1016ac8762e667e338932f04 d6d198099bdb1b5909462c3f5f1b9b0a05a0556e 2ccc041e7cc95b3ad41ce768444a91a1717f6a071d2ecc602ab445a00bc08c54 Loading...

	www.kizik.ru/media/system/js/modal.js	9.7 kB	2023-03-07	2024-01-25
Pretty URL www.kizik.ru/media/system/js/modal.js IP 31.28.24.113 ASN #12616 Filanco LLC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:35:58 Last Seen2024-01-25 18:42:43 Times Seen178 Hash 637c3dd497107b7460a1f5a9e616a01c bd7115c100422d2963f97a2b4c96a7fd3c1763b9 1d44d98509149be106f7f160e40e5049931817efa8a6aecec637ac3f6dcebdd0 Loading...

	www.kizik.ru/media/system/js/mootools-core.js	96 kB	2023-03-07	2024-04-25
Pretty URL www.kizik.ru/media/system/js/mootools-core.js IP 31.28.24.113 ASN #12616 Filanco LLC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:19:05 Last Seen2024-04-25 10:25:52 Times Seen3775 Hash cf58a30ea9b7a731712baede90b790ec cc019ac09f68258ee3442fe7cc440adf78a3cef2 6be70110418f9738ca23c6d61d73ce3c0cb01087843c96de5ced119c5ab882c6 Loading...

	www.kizik.ru/media/system/js/core.js	4.8 kB	2023-03-07	2024-04-25
Pretty URL www.kizik.ru/media/system/js/core.js IP 31.28.24.113 ASN #12616 Filanco LLC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:35:58 Last Seen2024-04-25 10:25:52 Times Seen653 Hash 4b59c964036a5a6ba36d4cfa34968c2a a05177eb337fb8c96cef328d673644caae9a5dc6 ed8f120343683850762fc8fb5e8ee8dc3586a2ad7da5c12ca31ef125628cb15b Loading...

	ajax.googleapis.com/ajax/libs/jquery/1.8/jquery.min.js	94 kB	2023-03-07	2024-04-25
Pretty URL ajax.googleapis.com/ajax/libs/jquery/1.8/jquery.min.js IP 142.250.74.138 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:53 Last Seen2024-04-25 12:27:16 Times Seen16253 Hash 3576a6e73c9dccdbbc4a2cf8ff544ad7 06e872300088b9ba8a08427d28ed0efcdf9c6ff5 61c6caebd23921741fb5ffe6603f16634fca9840c2bf56ac8201e9264d6daccf Loading...

	www.kizik.ru/modules/mod_calendar_pravo/js/highslide.js	48 kB	2023-05-22	2024-02-01
Pretty URL www.kizik.ru/modules/mod_calendar_pravo/js/highslide.js IP 31.28.24.113 ASN #12616 Filanco LLC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-05-22 09:53:32 Last Seen2024-02-01 00:07:36 Times Seen2 Hash e369c4d6a75b5806f2ab91924bfcb792 0340418d07ebd2075f18ff955f2e26402949f1e1 d686ed5f6c7b47a349b697f2c3c7bfc4cbf3023d3bd30543043ff63b18471d3a Loading...

	www.kizik.ru/	77 B	2023-05-22	2023-05-22
Pretty URL www.kizik.ru/ IP 31.28.24.113 ASN #12616 Filanco LLC Introduced by scriptElement Embedded in HTML true Observations First Seen2023-05-22 09:53:32 Last Seen2023-05-22 09:53:32 Times Seen1 Hash 627fe783a1cfcd4b7fec9ede617467fa 587f3eb9bfe66cfaf069f3161e67af4af9a3809a 0d69db6afc6d041fb4ecdb044594ed4259bf53e816365e7c12573d2ead0205b9 Loading...

	www.kizik.ru/	229 B	2023-05-22	2023-05-22
Pretty URL www.kizik.ru/ IP 31.28.24.113 ASN #12616 Filanco LLC Introduced by scriptElement Embedded in HTML true Observations First Seen2023-05-22 09:53:32 Last Seen2023-05-22 09:53:32 Times Seen1 Hash 94980d8d82b3472ff3e2a202d4ff7150 505c29657e5e9aac2d2a481f2f83ce712776126a c3cb0efac7931421d5ecd4b24a167391ec58d6955fc343cab00a45b2af20806a Loading...

	www.kizik.ru/media/system/js/caption.js	729 B	2023-03-07	2024-04-25
Pretty URL www.kizik.ru/media/system/js/caption.js IP 31.28.24.113 ASN #12616 Filanco LLC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:35:58 Last Seen2024-04-25 10:25:52 Times Seen646 Hash 031416fd2123cc114170494fdfc1a8a0 42c45161c94773d3d73d8b0c55ac7ddae5137502 5fe084328c9d2b7612b6e7c739946752c5326ece5a1566a41531f3efff175321 Loading...

	www.kizik.ru/plugins/system/jat3/jat3/base-themes/default/js/menu/mega.js	18 kB	2023-05-22	2023-05-22
Pretty URL www.kizik.ru/plugins/system/jat3/jat3/base-themes/default/js/menu/mega.js IP 31.28.24.113 ASN #12616 Filanco LLC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-05-22 09:53:32 Last Seen2023-05-22 09:53:33 Times Seen2 Hash 4ff9b8a2706be3001683f0aeb1d17513 b4127d9e15d223dab2166bf79b930f4f90a1201e f9093809a715e61e65435c89a2722da7eb7b62bdc8da1e8d8eb3a2eb6fa94513 Loading...

	script.pravoslavie.ru/icon.php?advanced=1&date=0&href=0&tmshift=0&scale=1	591 B	2023-05-22	2023-05-22
Pretty URL script.pravoslavie.ru/icon.php?advanced=1&date=0&href=0&tmshift=0&scale=1 IP 178.248.238.199 ASN #197068 HLL LLC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-05-22 09:53:32 Last Seen2023-05-22 09:53:33 Times Seen2 Hash 7b0824b6f8094230a39c396b2050f59c ce243c8adea64795df0778bda0df042142721862 a0c8303e619622b33beaafc38ec375cd8455a564c9d080f09f0980426d5f72d1 Loading...

	www.kizik.ru/	446 B	2023-05-22	2023-05-22
Pretty URL www.kizik.ru/ IP 31.28.24.113 ASN #12616 Filanco LLC Introduced by scriptElement Embedded in HTML true Observations First Seen2023-05-22 09:53:32 Last Seen2023-05-22 09:53:32 Times Seen1 Hash 1447d185898f49edee20d383ba530adf a3b24d31b5dede1680a4135704be0ad6255d5084 4175eb507c1a88c6b23971b9d559ae5d58640b6ac5f28769d14786540551ee4f Loading...

	www.kizik.ru/	2.4 kB	2023-05-22	2023-05-22
Pretty URL www.kizik.ru/ IP 31.28.24.113 ASN #12616 Filanco LLC Introduced by scriptElement Embedded in HTML true Observations First Seen2023-05-22 09:53:32 Last Seen2023-05-22 09:53:32 Times Seen1 Hash ec9f903c64fcbc57550dbb8023a462ab 780b4f925aacf9c76a212a02544b0efd617afce6 bd74ca6a3665f23886fed0f3fbcb1a94545498245637b43ec4a044234c60aa4f Loading...

	script.pravoslavie.ru/calendar.php?name=1&life=0&icon=1&trop=0&hram=0&relics=0&vek=0&bold=1&tipikon=0&feofan=0&trapeza=1&date=0&tmshift=0&css=1&images=1	7.0 kB	2023-05-22	2023-05-22
Pretty URL script.pravoslavie.ru/calendar.php?name=1&life=0&icon=1&trop=0&hram=0&relics=0&vek=0&bold=1&tipikon=0&feofan=0&trapeza=1&date=0&tmshift=0&css=1&images=1 IP 178.248.238.199 ASN #197068 HLL LLC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-05-22 09:53:32 Last Seen2023-05-22 09:53:33 Times Seen2 Hash 967ff7f536caff5f38dfa487f89fe028 0d4c31f420c5e823ebec14e6a942b2caa2818ec8 72b8da25350538eae1f2f55f6655791826837316b8864ad91b8b097a7ace048f Loading...

	www.kizik.ru/	222 B	2023-05-22	2023-05-22
Pretty URL www.kizik.ru/ IP 31.28.24.113 ASN #12616 Filanco LLC Introduced by scriptElement Embedded in HTML true Observations First Seen2023-05-22 09:53:32 Last Seen2023-05-22 09:53:32 Times Seen1 Hash b082fa3bba5bcd797a01b1ae32f1c692 b6c95031feafbff1ab29e81bcf61f28cccc25a9c d168e77807f544e9c31fc685e15a73596f0f9ffd1c4e7d1379740945ae2e5091 Loading...

	unknown	53 B	2023-05-22	2023-05-22
Pretty Introduced by eventHandler Embedded in HTML false Observations First Seen2023-05-22 09:53:32 Last Seen2023-05-22 09:53:32 Times Seen1 Hash c256cab836569d3cf7714459970d63c2 4bf3ad8fc85a098f812ea385405c3701fc5875b4 6e121101486a740291b4eb3238f1265d8915cc23f0c64b1bcb67934237b31a58 Loading...

	www.kizik.ru/templates/jc_frontline/js/custom.js	7.8 kB	2023-05-22	2023-05-22
Pretty URL www.kizik.ru/templates/jc_frontline/js/custom.js IP 31.28.24.113 ASN #12616 Filanco LLC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-05-22 09:53:32 Last Seen2023-05-22 09:53:33 Times Seen2 Hash 98e26bb6f04d02f79bb1b11d5e36a7a6 c21522eb128381ddb497fc4c17053fe2f61fc82d 386e6d300a70865e0150c921f28cad549730761dd008a75ca76fe758a1ea4a9e Loading...

	www.kizik.ru/	11 B	2023-05-22	2023-05-22
Pretty URL www.kizik.ru/ IP 31.28.24.113 ASN #12616 Filanco LLC Introduced by scriptElement Embedded in HTML true Observations First Seen2023-05-22 09:53:32 Last Seen2023-05-22 09:53:32 Times Seen1 Hash 60b5e0e808db5a8d10502ffee5b53e3c 9b5afc4d4ac3a58f8e39d99033565b0d699576f9 135209b53ec643182da8170eb1b8600bf9faf03c23100fedc8d25eda2c0eb1c1 Loading...

	www.kizik.ru/	14 B	2023-05-22	2023-05-22
Pretty URL www.kizik.ru/ IP 31.28.24.113 ASN #12616 Filanco LLC Introduced by scriptElement Embedded in HTML true Observations First Seen2023-05-22 09:53:32 Last Seen2023-05-22 09:53:32 Times Seen1 Hash 15b15011a3880699331087b78c6d1c02 b0f0b1d9a981e5ce537af318331bff88884565b6 647ede9dac58b67b0d91a40128f96a2cb36b371923826b3aaa1cfa1d55388c0f Loading...

	www.kizik.ru/components/com_k2/js/k2.js?v2.6.7&sitepath=/	8.0 kB	2023-03-07	2024-01-27
Pretty URL www.kizik.ru/components/com_k2/js/k2.js?v2.6.7&sitepath=/ IP 31.28.24.113 ASN #12616 Filanco LLC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:22:00 Last Seen2024-01-27 22:18:23 Times Seen46 Hash 683559eeabd9c6919cacd9a2a1074642 46733f43c51feb494642ed7e8daac95c8a74c0a3 d0e0f1cddbb87e55673fddc9b734a99c5be96a1f15ca837da2dc671110778771 Loading...

	www.kizik.ru/	651 B	2023-05-22	2023-05-22
Pretty URL www.kizik.ru/ IP 31.28.24.113 ASN #12616 Filanco LLC Introduced by scriptElement Embedded in HTML true Observations First Seen2023-05-22 09:53:32 Last Seen2023-05-22 09:53:32 Times Seen1 Hash 7d122b3629b0c6e6cc648e8e3616ea07 21f288c7bd85b794327c10bca1929c1dc1527e88 d42eeacd0b8ac1e9ba814f3386b160cee6d958692558556b3810494a5f3c430a Loading...

		Size	First Seen	Last Seen
	#1 Eval - f73bff523c2ef495737e4be6d162b58d	75 kB	2023-03-10	2024-02-24
Pretty Observations First Seen2023-03-10 01:36:56 Last Seen2024-02-24 18:09:26 Times Seen5 Hash f73bff523c2ef495737e4be6d162b58d 780add31c5d65031cf26e6c9f57097bcf158d4be 6c5ae30930bc49d9b47d3d7c843944f3b99de13e6936641082692387bf1eed34 Loading...

		Size	First Seen	Last Seen
	#1 Write - b5b5475226164ba4811821bc6fb75872	279 B	2023-05-22	2023-05-22
Pretty Observations First Seen2023-05-22 09:53:32 Last Seen2023-05-22 09:53:32 Times Seen1 Hash b5b5475226164ba4811821bc6fb75872 e7094c670d34f1bc0b510bd932e90a1a1435ebce 412c123ac8fe646e0f6ccbc055ec00c7f8f7b1c8ed47e1ee7b229a0e7b2e21b4 Loading...

	#2 Write - 99648cf580659ff5e8d2127174df750d	188 B	2023-05-22	2023-05-22
Pretty Observations First Seen2023-05-22 09:53:32 Last Seen2023-05-22 09:53:32 Times Seen1 Hash 99648cf580659ff5e8d2127174df750d eda5d303627cf12b6ec7147e2e47920a119ba368 504c1b3210e3d0f1e7b915dc36f6d8f2eb43344ac2d30ae69efaed94e51842ab Loading...

	#3 Write - 1a6a50054f7646d5eee88dca06323746	140 B	2023-05-22	2023-05-22
Pretty Observations First Seen2023-05-22 09:53:32 Last Seen2023-05-22 09:53:32 Times Seen1 Hash 1a6a50054f7646d5eee88dca06323746 60832287c4ab4a5532afb1a6d7697b40c5770af3 07cc967a16627512a86dfea76abb9513da9724c50d8158807e44b9a500cf25f9 Loading...

	#4 Write - 3c4abf728013d2a85b9fd0e44dbc2353	3 B	2023-03-08	2024-03-04
Pretty Observations First Seen2023-03-08 19:56:57 Last Seen2024-03-04 04:55:09 Times Seen63 Hash 3c4abf728013d2a85b9fd0e44dbc2353 8926e1372d9a8d01fd08d96fe51d2a93c66c128d d983253427fd6983e7b4e77e7483259f9061091c70a5a11aa3709c59f6bd7dc0 Loading...

	#5 Write - 96873a0fc915e63711d63bc7a5e973d1	89 B	2023-05-22	2023-05-22
Pretty Observations First Seen2023-05-22 09:53:32 Last Seen2023-05-22 09:53:32 Times Seen1 Hash 96873a0fc915e63711d63bc7a5e973d1 009e6a73b8d2bc12c3791474b248804ce61e729e 7d08d2506ee5330fd965e39b158ca864198f5395ec84ef8b2a0ff01886e3eeae Loading...

	#6 Write - 143f051ee2e61e463fc2290508f84cf9	768 B	2023-05-22	2023-05-22
Pretty Observations First Seen2023-05-22 09:53:32 Last Seen2023-05-22 09:53:32 Times Seen1 Hash 143f051ee2e61e463fc2290508f84cf9 54155e383ec8bbc20bfc57e3abcc714bd81f1dd0 f344a7acf73d16ebb23bf7c4b506a12ece5618780c13fdb9c8af554eeb8af5fa Loading...

	#7 Write - a96b9e0df0d9131f7235be92469522fa	8 B	2023-03-10	2024-02-01
Pretty Observations First Seen2023-03-10 00:46:46 Last Seen2024-02-01 00:07:37 Times Seen5 Hash a96b9e0df0d9131f7235be92469522fa a8fe6b2ed20f6e10acf644ced0efe0a2c44fcd24 f7ba4978c184e0e8b250d639c97111d47bd57640c8b30bc7f972c4b5fc3c35d7 Loading...

	#8 Write - a5804862fd69ef70f15457b1c570b6aa	206 B	2023-05-22	2023-05-22
Pretty Observations First Seen2023-05-22 09:53:32 Last Seen2023-05-22 09:53:32 Times Seen1 Hash a5804862fd69ef70f15457b1c570b6aa 359658fe8f94829a51a2db149b241061fc18851f 8e45e7c67b0e0de90f3cf33d95443e8117d20b5fd9d8288ea81d2e31e9f9bc52 Loading...

	#9 Write - a3c27d227797f53395aa3814a88d3f4b	10 B	2023-03-10	2024-02-01
Pretty Observations First Seen2023-03-10 00:46:46 Last Seen2024-02-01 00:07:37 Times Seen5 Hash a3c27d227797f53395aa3814a88d3f4b ca421b2e8d40daa9b03f60122e64c09f9ae82558 ff059a91d7adf79537b5d0fc208266b31bae8609a10cba3e23bb45774a81b0cb Loading...

	#10 Write - dae8c63d790b45140dacbc7c0dd0eda3	8 B	2023-03-10	2024-02-01
Pretty Observations First Seen2023-03-10 00:46:46 Last Seen2024-02-01 00:07:37 Times Seen5 Hash dae8c63d790b45140dacbc7c0dd0eda3 420a9a548f9aba40c3875fddcf3f1580a7647a68 640729b5f5c034a1aba1e75f2735478007e86cb760ff59b5594dd4092cef1b76 Loading...

	#11 Write - 0a3a0b592b9c285e050805307cee87c2	6 B	2023-03-07	2024-04-25
Pretty Observations First Seen2023-03-07 01:02:09 Last Seen2024-04-25 13:20:55 Times Seen11445 Hash 0a3a0b592b9c285e050805307cee87c2 125a168e24b2bd38aadb84cbb5f87f316b073c41 aac32651b10f567c461b9b4f255d6fb1fa6859b5368d8bd9a51af920ab21cf23 Loading...

	#12 Write - d41d8cd98f00b204e9800998ecf8427e	0 B	2023-03-07	2024-04-25
Pretty Observations First Seen2023-03-07 01:01:59 Last Seen2024-04-25 15:48:19 Times Seen37065488 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	#13 Write - 89baae46d793f1a6cafb1e6b81bc093d	4.2 kB	2023-05-22	2023-05-22
Pretty Observations First Seen2023-05-22 09:53:32 Last Seen2023-05-22 09:53:32 Times Seen1 Hash 89baae46d793f1a6cafb1e6b81bc093d 9f10ada0a6c12002c838df0ac207d7be6cf3b0f8 09b9aa1a43c9b7dbad0536db2617a4d0fc88d7d588145645abde026877348634 Loading...

	#14 Write - 32125540a649ecc646413c37c588775d	5 B	2023-03-07	2024-04-23
Pretty Observations First Seen2023-03-07 01:10:43 Last Seen2024-04-23 18:09:56 Times Seen2502 Hash 32125540a649ecc646413c37c588775d 48470f6eca1f0761653b3d2f5736cf26af6d8469 9e4527fb137f0b371f783b4e935e11a40a3dfb71bd3c485e78568f19a35c21ee Loading...

	#15 Write - c03218cf3bc4a3370b8bfd1af3b870c9	4 B	2023-03-08	2024-03-04
Pretty Observations First Seen2023-03-08 19:56:57 Last Seen2024-03-04 04:55:10 Times Seen48 Hash c03218cf3bc4a3370b8bfd1af3b870c9 1704cf47d82637c004984ed1c8d8efa919f528d3 cfe683dcab5a9b4359968aae1f9f69011c4ed152ada0b0cad021d19852a1c353 Loading...

	#16 Write - e7967a7e5709b32284f77f391a96b472	34 B	2023-03-10	2024-02-01
Pretty Observations First Seen2023-03-10 00:46:46 Last Seen2024-02-01 00:07:37 Times Seen6 Hash e7967a7e5709b32284f77f391a96b472 5441e7655923b42c7e85a76ceb6a4a0164f7d7b0 11060c9d7562855529e3818adb992fb880fb350852889782c23f6ff56f7c7207 Loading...

	#17 Write - fef7bf8de8673986ad4de164618acceb	10 B	2023-03-09	2024-02-01
Pretty Observations First Seen2023-03-09 01:25:03 Last Seen2024-02-01 00:07:37 Times Seen16 Hash fef7bf8de8673986ad4de164618acceb dd5bddb7744626560a785615f3b42639135de7e8 916d530775f60b19823bc19dd00816b12ee3c4000834495a7bc204ccc16d39e4 Loading...

HTTP Transactions (58)

URL IP Response Size

www.kizik.ru/

31.28.24.113

502 Bad Gateway

585 B

URL User Request GET HTTP/2
www.kizik.ru/
IP
31.28.24.113:443
ASN
#12616 Filanco LLC

Certificate
IssuerLet's Encrypt
Subjectkizik.ru
Fingerprint08:80:76:42:18:5D:4E:91:F3:E9:A6:4A:E8:B8:D6:51:F8:61:10:C7
ValidityTue, 09 May 2023 19:19:42 GMT - Mon, 07 Aug 2023 19:19:41 GMT

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (581), with no line terminators
Size
585 B (585 bytes)
Hash
1d30757523465bd1b7ee7a5d20a35e9b
6c215c85a0a66d521167c5b5be1b52baaf9a01c0
4231d489413c2f04116f74d2ecbd6552966cd89840ef5c56cd085d934cac4095

Detections

NIDS	Severity	Alert
suricata	medium	ET HUNTING DDoS-Guard Hosted Content
suricata	medium	ET MALWARE Magecart Loader Javascript

HTTP Headers

GET / HTTP/1.1
Host: www.kizik.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 502 Bad Gateway
server: ddos-guard
date: Mon, 22 May 2023 07:53:09 GMT
content-type: text/html; charset=utf8
content-length: 585
X-Firefox-Spdy: h2

www.kizik.ru/

31.28.24.113

502 Bad Gateway

39 kB

URL User Request GET HTTP/2
www.kizik.ru/
IP
31.28.24.113:443
ASN
#12616 Filanco LLC

Certificate
IssuerLet's Encrypt
Subjectkizik.ru
Fingerprint08:80:76:42:18:5D:4E:91:F3:E9:A6:4A:E8:B8:D6:51:F8:61:10:C7
ValidityTue, 09 May 2023 19:19:42 GMT - Mon, 07 Aug 2023 19:19:41 GMT

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (1623), with CRLF, LF line terminators
Size
39 kB (39068 bytes)
Hash
6522596ef4870078c114ea5a68430cef
7afdb0b2a9e3b534f82047a7c6709d75a6b6de04
fd4be57da603108ac2b07e2f1bb60c0ca7b53c19a4c5f03b326292001c0d055f

Detections

NIDS	Severity	Alert
suricata	medium	ET HUNTING DDoS-Guard Hosted Content
suricata	medium	ET MALWARE Magecart Loader Javascript

HTTP Headers

GET / HTTP/1.1
Host: www.kizik.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: ddos-guard
Connection: keep-alive
Keep-Alive: timeout=60
Date: Mon, 22 May 2023 07:53:10 GMT
X-Powered-By: PHP/5.6.40
Set-Cookie: __ddg1_=ZG8NEf2rRKG4oalGaUII; Domain=.kizik.ru; HttpOnly; Path=/; Expires=Tue, 21-May-2024 07:53:10 GMT
caae4b2e6f0b15a0c19bc7fb272e1da1=mdmjo5ftkfeq8h6av6pdtfopo1; path=/
jc_frontline_tpl=jc_frontline; expires=Sat, 11-May-2024 07:53:10 GMT; Max-Age=30672000; path=/
X-Logged-In: False
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Expires: 
Cache-Control: private, no-cache
Pragma: no-cache
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked

ajax.googleapis.com/ajax/libs/jquery/1.8/jquery.min.js

142.250.74.138

200 OK

34 kB

URL GET HTTP/1.1
ajax.googleapis.com/ajax/libs/jquery/1.8/jquery.min.js
IP
142.250.74.138:80
ASN
#15169 GOOGLE

Requested by
http://www.kizik.ru/

File type
ASCII text, with very long lines (65483)
Size
34 kB (33593 bytes)
Hash
3576a6e73c9dccdbbc4a2cf8ff544ad7
06e872300088b9ba8a08427d28ed0efcdf9c6ff5
61c6caebd23921741fb5ffe6603f16634fca9840c2bf56ac8201e9264d6daccf

HTTP Headers

GET /ajax/libs/jquery/1.8/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://www.kizik.ru/
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Content-Encoding: gzip
Access-Control-Allow-Origin: *
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin; report-to="hosted-libraries-pushers"
Report-To: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
Timing-Allow-Origin: *
Content-Length: 33593
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Sat, 20 May 2023 22:46:37 GMT
Expires: Sun, 19 May 2024 22:46:37 GMT
Cache-Control: public, max-age=31536000, stale-while-revalidate=2592000
Age: 119193
Last-Modified: Tue, 03 Mar 2020 19:15:00 GMT
Content-Type: text/javascript; charset=UTF-8
Vary: Accept-Encoding

www.kizik.ru/templates/system/css/system.css

31.28.24.113

200 OK

896 B

URL GET HTTP/1.1
www.kizik.ru/templates/system/css/system.css
IP
31.28.24.113:80
ASN
#12616 Filanco LLC

Requested by
http://www.kizik.ru/

File type
ASCII text
Size
896 B (896 bytes)
Hash
df7e63c3bb675469ae3eb8dbbb01b48a
5438d2c3d4a1aae750240ac2ca7eff2c7aa50031
08297f5532e380d22d9df81765efc9e171897b22a46df63f311a70d0bd5b8286

Detections

NIDS	Severity	Alert
suricata	medium	ET HUNTING DDoS-Guard Hosted Content

HTTP Headers

GET /templates/system/css/system.css HTTP/1.1
Host: www.kizik.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://www.kizik.ru/
Cookie: __ddg1_=ZG8NEf2rRKG4oalGaUII; caae4b2e6f0b15a0c19bc7fb272e1da1=mdmjo5ftkfeq8h6av6pdtfopo1; jc_frontline_tpl=jc_frontline
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: ddos-guard
Connection: keep-alive
Keep-Alive: timeout=60
Date: Mon, 22 May 2023 07:53:10 GMT
Last-Modified: Wed, 31 Jul 2013 17:01:38 GMT
ETag: "45c5d13-380-4e2d1adc12080"
Accept-Ranges: bytes
Content-Length: 896
Content-Type: text/css

www.kizik.ru/templates/system/css/general.css

31.28.24.113

200 OK

2.7 kB

URL GET HTTP/1.1
www.kizik.ru/templates/system/css/general.css
IP
31.28.24.113:80
ASN
#12616 Filanco LLC

Requested by
http://www.kizik.ru/

File type
ASCII text
Size
2.7 kB (2730 bytes)
Hash
1f98d1c2cbe669fe234c7d57bef044c6
2dad35e9f5ee21fde3e9070724a4d3926d4754ba
9c3ce8a5844cc2cca0c07d78834dd7992cfc767a0c89f8ef6b9cab5185afab7c

Detections

NIDS	Severity	Alert
suricata	medium	ET HUNTING DDoS-Guard Hosted Content

HTTP Headers

GET /templates/system/css/general.css HTTP/1.1
Host: www.kizik.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://www.kizik.ru/
Cookie: __ddg1_=ZG8NEf2rRKG4oalGaUII; caae4b2e6f0b15a0c19bc7fb272e1da1=mdmjo5ftkfeq8h6av6pdtfopo1; jc_frontline_tpl=jc_frontline
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: ddos-guard
Connection: keep-alive
Keep-Alive: timeout=60
Date: Mon, 22 May 2023 07:53:10 GMT
Last-Modified: Wed, 31 Jul 2013 17:01:38 GMT
ETag: "45c5d19-aaa-4e2d1adc12080"
Accept-Ranges: bytes
Content-Length: 2730
Content-Type: text/css

www.kizik.ru/modules/mod_calendar_pravo/css/style.css

31.28.24.113

200 OK

364 B

URL GET HTTP/1.1
www.kizik.ru/modules/mod_calendar_pravo/css/style.css
IP
31.28.24.113:80
ASN
#12616 Filanco LLC

Requested by
http://www.kizik.ru/

File type
ASCII text, with CRLF line terminators
Size
364 B (364 bytes)
Hash
e0eb8449434e86367c8e41f74a99a5b4
6caa25b0d2c83c28364419eaff5a11467dba4031
6a8fc18d3b7659f1f2da1ca2b864d658f850611d934ae6cd3e00c12d019d1ceb

Detections

NIDS	Severity	Alert
suricata	medium	ET HUNTING DDoS-Guard Hosted Content

HTTP Headers

GET /modules/mod_calendar_pravo/css/style.css HTTP/1.1
Host: www.kizik.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://www.kizik.ru/
Cookie: __ddg1_=ZG8NEf2rRKG4oalGaUII; caae4b2e6f0b15a0c19bc7fb272e1da1=mdmjo5ftkfeq8h6av6pdtfopo1; jc_frontline_tpl=jc_frontline
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: ddos-guard
Connection: keep-alive
Keep-Alive: timeout=60
Date: Mon, 22 May 2023 07:53:10 GMT
Last-Modified: Fri, 31 May 2013 15:19:34 GMT
ETag: "4601e8c-16c-4de05246a6d80"
Accept-Ranges: bytes
Content-Length: 364
Content-Type: text/css

www.kizik.ru/components/com_customfilters/assets/css/mybootstrap.css

31.28.24.113

200 OK

694 B

URL GET HTTP/1.1
www.kizik.ru/components/com_customfilters/assets/css/mybootstrap.css
IP
31.28.24.113:80
ASN
#12616 Filanco LLC

Requested by
http://www.kizik.ru/

File type
ASCII text, with CRLF line terminators
Size
694 B (694 bytes)
Hash
e42dd253ea69a09d33926b35233c75bd
3a804c30f597f83339f5af1ead65d2656ec5c1a1
bc74789e11bc26f6462c34c5385eecbe8e81e5d70114dbd4562d62a2aea9c763

Detections

NIDS	Severity	Alert
suricata	medium	ET HUNTING DDoS-Guard Hosted Content

HTTP Headers

GET /components/com_customfilters/assets/css/mybootstrap.css HTTP/1.1
Host: www.kizik.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://www.kizik.ru/
Cookie: __ddg1_=ZG8NEf2rRKG4oalGaUII; caae4b2e6f0b15a0c19bc7fb272e1da1=mdmjo5ftkfeq8h6av6pdtfopo1; jc_frontline_tpl=jc_frontline
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: ddos-guard
Connection: keep-alive
Keep-Alive: timeout=60
Date: Mon, 22 May 2023 07:53:10 GMT
Last-Modified: Tue, 11 Aug 2015 16:41:48 GMT
ETag: "460169c-2b6-51d0bc73c0b00"
Accept-Ranges: bytes
Content-Length: 694
Content-Type: text/css

www.kizik.ru/components/com_k2/css/k2.css

31.28.24.113

200 OK

50 kB

URL GET HTTP/1.1
www.kizik.ru/components/com_k2/css/k2.css
IP
31.28.24.113:80
ASN
#12616 Filanco LLC

Requested by
http://www.kizik.ru/

File type
assembler source, ASCII text
Size
50 kB (49760 bytes)
Hash
433065714d597f0599874eb9d9e21beb
b1163c6087646f1ffe928ff7648a167a7b2c9dfc
f3b3defe560b39bc74b13bccb7ac04fca755aad823515c810465d8291732364a

Detections

NIDS	Severity	Alert
suricata	medium	ET HUNTING DDoS-Guard Hosted Content

HTTP Headers

GET /components/com_k2/css/k2.css HTTP/1.1
Host: www.kizik.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://www.kizik.ru/
Cookie: __ddg1_=ZG8NEf2rRKG4oalGaUII; caae4b2e6f0b15a0c19bc7fb272e1da1=mdmjo5ftkfeq8h6av6pdtfopo1; jc_frontline_tpl=jc_frontline
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: ddos-guard
Connection: keep-alive
Keep-Alive: timeout=60
Date: Mon, 22 May 2023 07:53:10 GMT
Last-Modified: Wed, 14 Aug 2013 09:34:00 GMT
ETag: "4600730-c260-4e3e50eabd200"
Accept-Ranges: bytes
Content-Length: 49760
Content-Type: text/css

www.kizik.ru/modules/mod_phocagallery_image/css/phocagallery_module_image.css

31.28.24.113

200 OK

1.9 kB

URL GET HTTP/1.1
www.kizik.ru/modules/mod_phocagallery_image/css/phocagallery_module_image.css
IP
31.28.24.113:80
ASN
#12616 Filanco LLC

Requested by
http://www.kizik.ru/

File type
ASCII text
Size
1.9 kB (1924 bytes)
Hash
8f483a19c89947b4605ca268d047aca0
3acf764dc5e3a736e3fd3eccf6fa9e71f6fe9f09
a5ec4f8a1f8f84be7e3b3cfb3f828bd96a4ae848ebb0ebb4460962d29cd868bf

Detections

NIDS	Severity	Alert
suricata	medium	ET HUNTING DDoS-Guard Hosted Content

HTTP Headers

GET /modules/mod_phocagallery_image/css/phocagallery_module_image.css HTTP/1.1
Host: www.kizik.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://www.kizik.ru/
Cookie: __ddg1_=ZG8NEf2rRKG4oalGaUII; caae4b2e6f0b15a0c19bc7fb272e1da1=mdmjo5ftkfeq8h6av6pdtfopo1; jc_frontline_tpl=jc_frontline
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: ddos-guard
Connection: keep-alive
Keep-Alive: timeout=60
Date: Mon, 22 May 2023 07:53:10 GMT
Last-Modified: Tue, 11 Jun 2013 14:38:34 GMT
ETag: "4601ec3-784-4dee1da0aee80"
Accept-Ranges: bytes
Content-Length: 1924
Content-Type: text/css

www.kizik.ru/modules/mod_calendar_pravo/css/highslide.css

31.28.24.113

200 OK

21 kB

URL GET HTTP/1.1
www.kizik.ru/modules/mod_calendar_pravo/css/highslide.css
IP
31.28.24.113:80
ASN
#12616 Filanco LLC

Requested by
http://www.kizik.ru/

File type
ASCII text, with CRLF line terminators
Size
21 kB (21158 bytes)
Hash
006beeb03c1678ff20f17215f3098425
61c8b72fcbfbdfaf8683cf4e95b1a39ae1f3cc8f
851de514498f7cf3e2d34fb118e01e3c1aa2999e4f03e5f94303f85540e04691

Detections

NIDS	Severity	Alert
suricata	medium	ET HUNTING DDoS-Guard Hosted Content

HTTP Headers

GET /modules/mod_calendar_pravo/css/highslide.css HTTP/1.1
Host: www.kizik.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://www.kizik.ru/
Cookie: __ddg1_=ZG8NEf2rRKG4oalGaUII; caae4b2e6f0b15a0c19bc7fb272e1da1=mdmjo5ftkfeq8h6av6pdtfopo1; jc_frontline_tpl=jc_frontline
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: ddos-guard
Connection: keep-alive
Keep-Alive: timeout=60
Date: Mon, 22 May 2023 07:53:10 GMT
Last-Modified: Fri, 31 May 2013 15:19:34 GMT
ETag: "4601e8d-52a6-4de05246a6d80"
Accept-Ranges: bytes
Content-Length: 21158
Content-Type: text/css

www.kizik.ru/media/system/css/modal.css

31.28.24.113

200 OK

2.8 kB

URL GET HTTP/1.1
www.kizik.ru/media/system/css/modal.css
IP
31.28.24.113:80
ASN
#12616 Filanco LLC

Requested by
http://www.kizik.ru/

File type
Unicode text, UTF-8 text
Size
2.8 kB (2823 bytes)
Hash
2dac640fd156ad6413bdfae7e50e7c50
6f1d605092b7176e81044b1fb994572f6f08ed34
93a425782ebdba877718a517ea6d5ed1ac4573129f3e47888ff796d2a4408e6d

Detections

NIDS	Severity	Alert
suricata	medium	ET HUNTING DDoS-Guard Hosted Content

HTTP Headers

GET /media/system/css/modal.css HTTP/1.1
Host: www.kizik.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://www.kizik.ru/
Cookie: __ddg1_=ZG8NEf2rRKG4oalGaUII; caae4b2e6f0b15a0c19bc7fb272e1da1=mdmjo5ftkfeq8h6av6pdtfopo1; jc_frontline_tpl=jc_frontline
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: ddos-guard
Connection: keep-alive
Keep-Alive: timeout=60
Date: Mon, 22 May 2023 07:53:10 GMT
Last-Modified: Wed, 31 Jul 2013 17:01:38 GMT
ETag: "4602449-b07-4e2d1adc12080"
Accept-Ranges: bytes
Content-Length: 2823
Content-Type: text/css

www.kizik.ru/plugins/system/jat3/jat3/base-themes/default/css/layout.css

31.28.24.113

200 OK

3.3 kB

URL GET HTTP/1.1
www.kizik.ru/plugins/system/jat3/jat3/base-themes/default/css/layout.css
IP
31.28.24.113:80
ASN
#12616 Filanco LLC

Requested by
http://www.kizik.ru/

File type
ASCII text, with CRLF line terminators
Size
3.3 kB (3270 bytes)
Hash
025367ccdd4f16e99a974a041e8dc2e3
e29532f3e910e2a3eff10a257836f480f2ae908c
06ff94467fe79a3c845d2d13196b18616eeaebc8ed9d414fb601ac21c25b601c

Detections

NIDS	Severity	Alert
suricata	medium	ET HUNTING DDoS-Guard Hosted Content

HTTP Headers

GET /plugins/system/jat3/jat3/base-themes/default/css/layout.css HTTP/1.1
Host: www.kizik.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://www.kizik.ru/
Cookie: __ddg1_=ZG8NEf2rRKG4oalGaUII; caae4b2e6f0b15a0c19bc7fb272e1da1=mdmjo5ftkfeq8h6av6pdtfopo1; jc_frontline_tpl=jc_frontline
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: ddos-guard
Connection: keep-alive
Keep-Alive: timeout=60
Date: Mon, 22 May 2023 07:53:10 GMT
Last-Modified: Mon, 03 Aug 2015 16:24:17 GMT
ETag: "460057e-cc6-51c6a99dc0e40"
Accept-Ranges: bytes
Content-Length: 3270
Content-Type: text/css

www.kizik.ru/plugins/system/jat3/jat3/base-themes/default/css/addons.css

31.28.24.113

200 OK

2.7 kB

URL GET HTTP/1.1
www.kizik.ru/plugins/system/jat3/jat3/base-themes/default/css/addons.css
IP
31.28.24.113:80
ASN
#12616 Filanco LLC

Requested by
http://www.kizik.ru/

File type
ASCII text, with CRLF line terminators
Size
2.7 kB (2729 bytes)
Hash
ea4dc559d2d1c02d68297cafe33e2a98
3b6d319f59bfd75b891c4f502bc97175f6fa1029
b8b410c57979f35e00bf30e18c65681f63208bf689656a6d86b699d23049f897

Detections

NIDS	Severity	Alert
suricata	medium	ET HUNTING DDoS-Guard Hosted Content

HTTP Headers

GET /plugins/system/jat3/jat3/base-themes/default/css/addons.css HTTP/1.1
Host: www.kizik.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://www.kizik.ru/
Cookie: __ddg1_=ZG8NEf2rRKG4oalGaUII; caae4b2e6f0b15a0c19bc7fb272e1da1=mdmjo5ftkfeq8h6av6pdtfopo1; jc_frontline_tpl=jc_frontline
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: ddos-guard
Connection: keep-alive
Keep-Alive: timeout=60
Date: Mon, 22 May 2023 07:53:10 GMT
Last-Modified: Wed, 14 Aug 2013 09:33:58 GMT
ETag: "4600569-aa9-4e3e50e8d4d80"
Accept-Ranges: bytes
Content-Length: 2729
Content-Type: text/css

www.kizik.ru/plugins/system/jat3/jat3/base-themes/default/css/template.css

31.28.24.113

200 OK

27 kB

URL GET HTTP/1.1
www.kizik.ru/plugins/system/jat3/jat3/base-themes/default/css/template.css
IP
31.28.24.113:80
ASN
#12616 Filanco LLC

Requested by
http://www.kizik.ru/

File type
ASCII text, with CRLF, LF line terminators
Size
27 kB (27309 bytes)
Hash
8a98b28a9cccb6655531f24d99e34575
08a71b7e3dab7a6ebbd95c5bd909e78aab6cd174
aee984d1b6e46229d07d8284f26f7d9e61c52073fcfd42a539bbc2733ea66019

Detections

NIDS	Severity	Alert
suricata	medium	ET HUNTING DDoS-Guard Hosted Content

HTTP Headers

GET /plugins/system/jat3/jat3/base-themes/default/css/template.css HTTP/1.1
Host: www.kizik.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://www.kizik.ru/
Cookie: __ddg1_=ZG8NEf2rRKG4oalGaUII; caae4b2e6f0b15a0c19bc7fb272e1da1=mdmjo5ftkfeq8h6av6pdtfopo1; jc_frontline_tpl=jc_frontline
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: ddos-guard
Connection: keep-alive
Keep-Alive: timeout=60
Date: Mon, 22 May 2023 07:53:10 GMT
Last-Modified: Wed, 14 Aug 2013 09:33:58 GMT
ETag: "4600580-6aad-4e3e50e8d4d80"
Accept-Ranges: bytes
Content-Length: 27309
Content-Type: text/css

www.kizik.ru/plugins/system/jat3/jat3/base-themes/default/css/usertools.css

31.28.24.113

200 OK

3.6 kB

URL GET HTTP/1.1
www.kizik.ru/plugins/system/jat3/jat3/base-themes/default/css/usertools.css
IP
31.28.24.113:80
ASN
#12616 Filanco LLC

Requested by
http://www.kizik.ru/

File type
ASCII text, with CRLF line terminators
Size
3.6 kB (3593 bytes)
Hash
e419b8e47860099a9969b800ce45dcea
93fd1e295abc793b8ec4c8a6dd76478e0381686e
02e0cfbe72fa09e5f5f59ec81e1980d12153126e4f18b82dfde481e542b9c599

Detections

NIDS	Severity	Alert
suricata	medium	ET HUNTING DDoS-Guard Hosted Content

HTTP Headers

GET /plugins/system/jat3/jat3/base-themes/default/css/usertools.css HTTP/1.1
Host: www.kizik.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://www.kizik.ru/
Cookie: __ddg1_=ZG8NEf2rRKG4oalGaUII; caae4b2e6f0b15a0c19bc7fb272e1da1=mdmjo5ftkfeq8h6av6pdtfopo1; jc_frontline_tpl=jc_frontline
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: ddos-guard
Connection: keep-alive
Keep-Alive: timeout=60
Date: Mon, 22 May 2023 07:53:10 GMT
Last-Modified: Wed, 14 Aug 2013 09:33:58 GMT
ETag: "460057f-e09-4e3e50e8d4d80"
Accept-Ranges: bytes
Content-Length: 3593
Content-Type: text/css

www.kizik.ru/plugins/system/jat3/jat3/base-themes/default/css/css3.css

31.28.24.113

200 OK

2.1 kB

URL GET HTTP/1.1
www.kizik.ru/plugins/system/jat3/jat3/base-themes/default/css/css3.css
IP
31.28.24.113:80
ASN
#12616 Filanco LLC

Requested by
http://www.kizik.ru/

File type
ASCII text, with CRLF line terminators
Size
2.1 kB (2101 bytes)
Hash
d86238f56df3f2d65d1b8ae3b089dcc0
3659657a52090632ac271a7910468b3b1bf8f9bf
185098eea02cb81bde5fb73d4adb765c5b2b4e6d4434c4076f16c141c809354f

Detections

NIDS	Severity	Alert
suricata	medium	ET HUNTING DDoS-Guard Hosted Content

HTTP Headers

GET /plugins/system/jat3/jat3/base-themes/default/css/css3.css HTTP/1.1
Host: www.kizik.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://www.kizik.ru/
Cookie: __ddg1_=ZG8NEf2rRKG4oalGaUII; caae4b2e6f0b15a0c19bc7fb272e1da1=mdmjo5ftkfeq8h6av6pdtfopo1; jc_frontline_tpl=jc_frontline
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: ddos-guard
Connection: keep-alive
Keep-Alive: timeout=60
Date: Mon, 22 May 2023 07:53:10 GMT
Last-Modified: Wed, 14 Aug 2013 09:33:58 GMT
ETag: "460057b-835-4e3e50e8d4d80"
Accept-Ranges: bytes
Content-Length: 2101
Content-Type: text/css

www.kizik.ru/plugins/system/jat3/jat3/base-themes/default/css/menu/mega.css

31.28.24.113

200 OK

6.3 kB

URL GET HTTP/1.1
www.kizik.ru/plugins/system/jat3/jat3/base-themes/default/css/menu/mega.css
IP
31.28.24.113:80
ASN
#12616 Filanco LLC

Requested by
http://www.kizik.ru/

File type
ASCII text, with CRLF line terminators
Size
6.3 kB (6262 bytes)
Hash
39ac7313b0d34d5b3168a11e429b2555
374cdf82c3df13fee0a8bcab0600051f6a2c232e
3a3a98437fc8af6ecc74e58c4b22cf7564c341be50989a2b23e91da04367c697

Detections

NIDS	Severity	Alert
suricata	medium	ET HUNTING DDoS-Guard Hosted Content

HTTP Headers

GET /plugins/system/jat3/jat3/base-themes/default/css/menu/mega.css HTTP/1.1
Host: www.kizik.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://www.kizik.ru/
Cookie: __ddg1_=ZG8NEf2rRKG4oalGaUII; caae4b2e6f0b15a0c19bc7fb272e1da1=mdmjo5ftkfeq8h6av6pdtfopo1; jc_frontline_tpl=jc_frontline
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: ddos-guard
Connection: keep-alive
Keep-Alive: timeout=60
Date: Mon, 22 May 2023 07:53:10 GMT
Last-Modified: Wed, 14 Aug 2013 09:33:58 GMT
ETag: "4600572-1876-4e3e50e8d4d80"
Accept-Ranges: bytes
Content-Length: 6262
Content-Type: text/css

www.kizik.ru/templates/jc_frontline/css/addons.css

31.28.24.113

200 OK

2.6 kB

URL GET HTTP/1.1
www.kizik.ru/templates/jc_frontline/css/addons.css
IP
31.28.24.113:80
ASN
#12616 Filanco LLC

Requested by
http://www.kizik.ru/

File type
ASCII text, with CRLF line terminators
Size
2.6 kB (2596 bytes)
Hash
6324f2f8bcdf7eb3ef1cda21ac04fa75
13d1473f150084a81c1155963c3ad6f0dadb27d0
a93ca713707db5ed9da833c0040620690c9638c277ff0c944c3ff52e4ff91cc1

Detections

NIDS	Severity	Alert
suricata	medium	ET HUNTING DDoS-Guard Hosted Content

HTTP Headers

GET /templates/jc_frontline/css/addons.css HTTP/1.1
Host: www.kizik.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://www.kizik.ru/
Cookie: __ddg1_=ZG8NEf2rRKG4oalGaUII; caae4b2e6f0b15a0c19bc7fb272e1da1=mdmjo5ftkfeq8h6av6pdtfopo1; jc_frontline_tpl=jc_frontline
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: ddos-guard
Connection: keep-alive
Keep-Alive: timeout=60
Date: Mon, 22 May 2023 07:53:10 GMT
Last-Modified: Wed, 05 Aug 2015 17:50:15 GMT
ETag: "45c5cc1-a24-51c9408fba3c0"
Accept-Ranges: bytes
Content-Length: 2596
Content-Type: text/css

www.kizik.ru/templates/jc_frontline/css/layout.css

31.28.24.113

200 OK

3.8 kB

URL GET HTTP/1.1
www.kizik.ru/templates/jc_frontline/css/layout.css
IP
31.28.24.113:80
ASN
#12616 Filanco LLC

Requested by
http://www.kizik.ru/

File type
Unicode text, UTF-8 text, with CRLF line terminators
Size
3.8 kB (3788 bytes)
Hash
4a6441ed08a0794b04d1d2b668b9f17e
d774bcae2eeb1eaf418d94697f6588f241e1b66c
03b19daad5352e3c3e7328170ca5513d49e98069f0fc0913a25ba27059be196c

Detections

NIDS	Severity	Alert
suricata	medium	ET HUNTING DDoS-Guard Hosted Content

HTTP Headers

GET /templates/jc_frontline/css/layout.css HTTP/1.1
Host: www.kizik.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://www.kizik.ru/
Cookie: __ddg1_=ZG8NEf2rRKG4oalGaUII; caae4b2e6f0b15a0c19bc7fb272e1da1=mdmjo5ftkfeq8h6av6pdtfopo1; jc_frontline_tpl=jc_frontline
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: ddos-guard
Connection: keep-alive
Keep-Alive: timeout=60
Date: Mon, 22 May 2023 07:53:10 GMT
Last-Modified: Tue, 11 Aug 2015 20:29:49 GMT
ETag: "45c5ccc-ecc-51d0ef6af8940"
Accept-Ranges: bytes
Content-Length: 3788
Content-Type: text/css

www.kizik.ru/templates/jc_frontline/css/color.css

31.28.24.113

200 OK

443 B

URL GET HTTP/1.1
www.kizik.ru/templates/jc_frontline/css/color.css
IP
31.28.24.113:80
ASN
#12616 Filanco LLC

Requested by
http://www.kizik.ru/

File type
ASCII text, with CR line terminators
Size
443 B (443 bytes)
Hash
c79e874e6c704f679cb1099b6cb64ffa
a958499b47a970f5d5746c295cb9a6f647c41b47
6d9487a30d4e8adf0aaf53a5e7b0dd25a77b59c4657109ae80f90750cc77e0d9

Detections

NIDS	Severity	Alert
suricata	medium	ET HUNTING DDoS-Guard Hosted Content

HTTP Headers

GET /templates/jc_frontline/css/color.css HTTP/1.1
Host: www.kizik.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://www.kizik.ru/
Cookie: __ddg1_=ZG8NEf2rRKG4oalGaUII; caae4b2e6f0b15a0c19bc7fb272e1da1=mdmjo5ftkfeq8h6av6pdtfopo1; jc_frontline_tpl=jc_frontline
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: ddos-guard
Connection: keep-alive
Keep-Alive: timeout=60
Date: Mon, 22 May 2023 07:53:10 GMT
Last-Modified: Wed, 05 Aug 2015 17:50:15 GMT
ETag: "45c5cc8-1bb-51c9408fba3c0"
Accept-Ranges: bytes
Content-Length: 443
Content-Type: text/css

script.pravoslavie.ru/calendar.php?name=1&life=0&icon=1&trop=0&hram=0&relics=0&vek=0&bold=1&tipikon=0&feofan=0&trapeza=1&date=0&tmshift=0&css=1&images=1

178.248.238.199

302 Found

483 B

URL GET HTTP/1.1
script.pravoslavie.ru/calendar.php?name=1&life=0&icon=1&trop=0&hram=0&relics=0&vek=0&bold=1&tipikon=0&feofan=0&trapeza=1&date=0&tmshift=0&css=1&images=1
IP
178.248.238.199:80
ASN
#197068 HLL LLC

Requested by
http://www.kizik.ru/

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
483 B (483 bytes)
Hash
806ea30eef1f7deb250c74bef72de646
5cc68a7c27e8a9b5c3707061afe6881db408816e
f890833771570f50b3268f8f52ab54592c1cdf09e97eae3fe45073181876fb92

HTTP Headers

GET /calendar.php?name=1&life=0&icon=1&trop=0&hram=0&relics=0&vek=0&bold=1&tipikon=0&feofan=0&trapeza=1&date=0&tmshift=0&css=1&images=1 HTTP/1.1
Host: script.pravoslavie.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://www.kizik.ru/
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 302 Found
Server: QRATOR
Date: Mon, 22 May 2023 07:53:10 GMT
Content-Type: text/html; charset=iso-8859-1
Content-Length: 483
Connection: keep-alive
Keep-Alive: timeout=15
Location: https://script.pravoslavie.ru/cache/name=1&life=0&icon=1&trop=0&hram=0&relics=0&vek=0&bold=1&tipikon=0&feofan=0&trapeza=1&date=0&tmshift=0&css=1&images=1.ls

www.kizik.ru/templates/jc_frontline/css/usertools.css

31.28.24.113

200 OK

5.5 kB

URL GET HTTP/1.1
www.kizik.ru/templates/jc_frontline/css/usertools.css
IP
31.28.24.113:80
ASN
#12616 Filanco LLC

Requested by
http://www.kizik.ru/

File type
ASCII text, with CR line terminators
Size
5.5 kB (5481 bytes)
Hash
518d40a7896e999d26148b41d6ad04de
54b6781f98dcb413c18c64c2a053df447235ee06
3b538fe170190e317964a146eacab57841e26549ce3d463390d52c5497e729e6

Detections

NIDS	Severity	Alert
suricata	medium	ET HUNTING DDoS-Guard Hosted Content

HTTP Headers

GET /templates/jc_frontline/css/usertools.css HTTP/1.1
Host: www.kizik.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://www.kizik.ru/
Cookie: __ddg1_=ZG8NEf2rRKG4oalGaUII; caae4b2e6f0b15a0c19bc7fb272e1da1=mdmjo5ftkfeq8h6av6pdtfopo1; jc_frontline_tpl=jc_frontline
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: ddos-guard
Connection: keep-alive
Keep-Alive: timeout=60
Date: Mon, 22 May 2023 07:53:10 GMT
Last-Modified: Wed, 05 Aug 2015 17:50:16 GMT
ETag: "45c5ccd-1569-51c94090ae600"
Accept-Ranges: bytes
Content-Length: 5481
Content-Type: text/css

www.kizik.ru/templates/jc_frontline/css/css3.css

31.28.24.113

200 OK

0 B

URL GET HTTP/1.1
www.kizik.ru/templates/jc_frontline/css/css3.css
IP
31.28.24.113:80
ASN
#12616 Filanco LLC

Requested by
http://www.kizik.ru/

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

NIDS	Severity	Alert
suricata	medium	ET HUNTING DDoS-Guard Hosted Content

HTTP Headers

GET /templates/jc_frontline/css/css3.css HTTP/1.1
Host: www.kizik.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://www.kizik.ru/
Cookie: __ddg1_=ZG8NEf2rRKG4oalGaUII; caae4b2e6f0b15a0c19bc7fb272e1da1=mdmjo5ftkfeq8h6av6pdtfopo1; jc_frontline_tpl=jc_frontline
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: ddos-guard
Connection: keep-alive
Keep-Alive: timeout=60
Date: Mon, 22 May 2023 07:53:10 GMT
Last-Modified: Wed, 05 Aug 2015 17:50:15 GMT
ETag: "45c5ccb-0-51c9408fba3c0"
Accept-Ranges: bytes
Content-Length: 0
Content-Type: text/css

www.kizik.ru/templates/jc_frontline/css/menu/mega.css

31.28.24.113

200 OK

7.7 kB

URL GET HTTP/1.1
www.kizik.ru/templates/jc_frontline/css/menu/mega.css
IP
31.28.24.113:80
ASN
#12616 Filanco LLC

Requested by
http://www.kizik.ru/

File type
Unicode text, UTF-8 text
Size
7.7 kB (7682 bytes)
Hash
512c5ab20be6866ea79198602d1c96cf
b1045fc5b2ff9727deb7b1585737f931fbfd10cb
c3264e1a222b6dfe1746f6ae586be4a7cf6e5c282cc3e4107cdd08b9f240e57e

Detections

NIDS	Severity	Alert
suricata	medium	ET HUNTING DDoS-Guard Hosted Content

HTTP Headers

GET /templates/jc_frontline/css/menu/mega.css HTTP/1.1
Host: www.kizik.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://www.kizik.ru/
Cookie: __ddg1_=ZG8NEf2rRKG4oalGaUII; caae4b2e6f0b15a0c19bc7fb272e1da1=mdmjo5ftkfeq8h6av6pdtfopo1; jc_frontline_tpl=jc_frontline
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: ddos-guard
Connection: keep-alive
Keep-Alive: timeout=60
Date: Mon, 22 May 2023 07:53:10 GMT
Last-Modified: Wed, 29 May 2019 16:57:10 GMT
ETag: "45c0060-1e02-58a09ac18b87c"
Accept-Ranges: bytes
Content-Length: 7682
Content-Type: text/css

www.kizik.ru/media/system/js/core.js

31.28.24.113

200 OK

4.8 kB

URL GET HTTP/1.1
www.kizik.ru/media/system/js/core.js
IP
31.28.24.113:80
ASN
#12616 Filanco LLC

Requested by
http://www.kizik.ru/

File type
ASCII text, with very long lines (513)
Size
4.8 kB (4784 bytes)
Hash
4b59c964036a5a6ba36d4cfa34968c2a
a05177eb337fb8c96cef328d673644caae9a5dc6
ed8f120343683850762fc8fb5e8ee8dc3586a2ad7da5c12ca31ef125628cb15b

Detections

NIDS	Severity	Alert
suricata	medium	ET HUNTING DDoS-Guard Hosted Content

HTTP Headers

GET /media/system/js/core.js HTTP/1.1
Host: www.kizik.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://www.kizik.ru/
Cookie: __ddg1_=ZG8NEf2rRKG4oalGaUII; caae4b2e6f0b15a0c19bc7fb272e1da1=mdmjo5ftkfeq8h6av6pdtfopo1; jc_frontline_tpl=jc_frontline
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: ddos-guard
Connection: keep-alive
Keep-Alive: timeout=60
Date: Mon, 22 May 2023 07:53:10 GMT
Last-Modified: Wed, 31 Jul 2013 17:01:38 GMT
ETag: "46023e9-12b0-4e2d1adc12080"
Accept-Ranges: bytes
Content-Length: 4784
Content-Type: text/javascript

www.kizik.ru/templates/jc_frontline/css/template.css

31.28.24.113

200 OK

57 kB

URL GET HTTP/1.1
www.kizik.ru/templates/jc_frontline/css/template.css
IP
31.28.24.113:80
ASN
#12616 Filanco LLC

Requested by
http://www.kizik.ru/

File type
Unicode text, UTF-8 text, with CRLF line terminators
Size
57 kB (56748 bytes)
Hash
f1c534f7a94d540b7d87a0dbb0f69980
9f0c951ccf81ec00a63d3241ee151781d5ae1c56
e181350b29c759ce359ba81a6c9d3021a9fa075fe3b91a9dce4326a8477501d2

Detections

NIDS	Severity	Alert
suricata	medium	ET HUNTING DDoS-Guard Hosted Content

HTTP Headers

GET /templates/jc_frontline/css/template.css HTTP/1.1
Host: www.kizik.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://www.kizik.ru/
Cookie: __ddg1_=ZG8NEf2rRKG4oalGaUII; caae4b2e6f0b15a0c19bc7fb272e1da1=mdmjo5ftkfeq8h6av6pdtfopo1; jc_frontline_tpl=jc_frontline
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: ddos-guard
Connection: keep-alive
Keep-Alive: timeout=60
Date: Mon, 22 May 2023 07:53:10 GMT
Last-Modified: Wed, 29 May 2019 16:56:53 GMT
ETag: "45c004f-ddac-58a09ab151d52"
Accept-Ranges: bytes
Content-Length: 56748
Content-Type: text/css

script.pravoslavie.ru/icon.php?advanced=1&date=0&href=0&tmshift=0&scale=1

178.248.238.199

302 Found

373 B

URL GET HTTP/1.1
script.pravoslavie.ru/icon.php?advanced=1&date=0&href=0&tmshift=0&scale=1
IP
178.248.238.199:80
ASN
#197068 HLL LLC

Requested by
http://www.kizik.ru/

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
373 B (373 bytes)
Hash
1863d32308d7f05728eaadd4c2c676a4
2297de013c713fc0395018275f547d2791c2cba8
934383f262df46810179a079180322c992612e98c86d8e72905d0874a303c8af

HTTP Headers

GET /icon.php?advanced=1&date=0&href=0&tmshift=0&scale=1 HTTP/1.1
Host: script.pravoslavie.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://www.kizik.ru/
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 302 Found
Server: QRATOR
Date: Mon, 22 May 2023 07:53:10 GMT
Content-Type: text/html; charset=iso-8859-1
Content-Length: 373
Connection: keep-alive
Keep-Alive: timeout=15
Location: https://script.pravoslavie.ru/cache_icon/advanced=1&date=0&href=0&tmshift=0&scale=1.ls

www.kizik.ru/components/com_k2/js/k2.js?v2.6.7&sitepath=/

31.28.24.113

200 OK

8.0 kB

URL GET HTTP/1.1
www.kizik.ru/components/com_k2/js/k2.js?v2.6.7&sitepath=/
IP
31.28.24.113:80
ASN
#12616 Filanco LLC

Requested by
http://www.kizik.ru/

File type
ASCII text
Size
8.0 kB (8007 bytes)
Hash
683559eeabd9c6919cacd9a2a1074642
46733f43c51feb494642ed7e8daac95c8a74c0a3
d0e0f1cddbb87e55673fddc9b734a99c5be96a1f15ca837da2dc671110778771

Detections

NIDS	Severity	Alert
suricata	medium	ET HUNTING DDoS-Guard Hosted Content

HTTP Headers

GET /components/com_k2/js/k2.js?v2.6.7&sitepath=/ HTTP/1.1
Host: www.kizik.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://www.kizik.ru/
Cookie: __ddg1_=ZG8NEf2rRKG4oalGaUII; caae4b2e6f0b15a0c19bc7fb272e1da1=mdmjo5ftkfeq8h6av6pdtfopo1; jc_frontline_tpl=jc_frontline
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: ddos-guard
Connection: keep-alive
Keep-Alive: timeout=60
Date: Mon, 22 May 2023 07:53:10 GMT
Last-Modified: Wed, 14 Aug 2013 09:34:00 GMT
ETag: "46006bd-1f47-4e3e50eabd200"
Accept-Ranges: bytes
Content-Length: 8007
Content-Type: text/javascript

www.kizik.ru/media/system/js/caption.js

31.28.24.113

200 OK

729 B

URL GET HTTP/1.1
www.kizik.ru/media/system/js/caption.js
IP
31.28.24.113:80
ASN
#12616 Filanco LLC

Requested by
http://www.kizik.ru/

File type
ASCII text, with very long lines (504)
Size
729 B (729 bytes)
Hash
031416fd2123cc114170494fdfc1a8a0
42c45161c94773d3d73d8b0c55ac7ddae5137502
5fe084328c9d2b7612b6e7c739946752c5326ece5a1566a41531f3efff175321

Detections

NIDS	Severity	Alert
suricata	medium	ET HUNTING DDoS-Guard Hosted Content

HTTP Headers

GET /media/system/js/caption.js HTTP/1.1
Host: www.kizik.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://www.kizik.ru/
Cookie: __ddg1_=ZG8NEf2rRKG4oalGaUII; caae4b2e6f0b15a0c19bc7fb272e1da1=mdmjo5ftkfeq8h6av6pdtfopo1; jc_frontline_tpl=jc_frontline
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: ddos-guard
Connection: keep-alive
Keep-Alive: timeout=60
Date: Mon, 22 May 2023 07:53:10 GMT
Last-Modified: Sat, 31 Mar 2012 22:03:50 GMT
ETag: "46023fd-2d9-4bc9121c9dd80"
Accept-Ranges: bytes
Content-Length: 729
Content-Type: text/javascript

www.kizik.ru/media/system/js/mootools-core.js

31.28.24.113

200 OK

96 kB

URL GET HTTP/1.1
www.kizik.ru/media/system/js/mootools-core.js
IP
31.28.24.113:80
ASN
#12616 Filanco LLC

Requested by
http://www.kizik.ru/

File type
ASCII text, with very long lines (886)
Size
96 kB (96362 bytes)
Hash
cf58a30ea9b7a731712baede90b790ec
cc019ac09f68258ee3442fe7cc440adf78a3cef2
6be70110418f9738ca23c6d61d73ce3c0cb01087843c96de5ced119c5ab882c6

Detections

NIDS	Severity	Alert
suricata	medium	ET HUNTING DDoS-Guard Hosted Content

HTTP Headers

GET /media/system/js/mootools-core.js HTTP/1.1
Host: www.kizik.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://www.kizik.ru/
Cookie: __ddg1_=ZG8NEf2rRKG4oalGaUII; caae4b2e6f0b15a0c19bc7fb272e1da1=mdmjo5ftkfeq8h6av6pdtfopo1; jc_frontline_tpl=jc_frontline
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: ddos-guard
Connection: keep-alive
Keep-Alive: timeout=60
Date: Mon, 22 May 2023 07:53:10 GMT
Last-Modified: Wed, 31 Jul 2013 17:01:38 GMT
ETag: "46023f7-1786a-4e2d1adc12080"
Accept-Ranges: bytes
Content-Length: 96362
Content-Type: text/javascript

www.kizik.ru/plugins/system/jat3/jat3/base-themes/default/js/core.js

31.28.24.113

200 OK

7.0 kB

URL GET HTTP/1.1
www.kizik.ru/plugins/system/jat3/jat3/base-themes/default/js/core.js
IP
31.28.24.113:80
ASN
#12616 Filanco LLC

Requested by
http://www.kizik.ru/

File type
ASCII text, with CRLF line terminators
Size
7.0 kB (6990 bytes)
Hash
cfc9090c1016ac8762e667e338932f04
d6d198099bdb1b5909462c3f5f1b9b0a05a0556e
2ccc041e7cc95b3ad41ce768444a91a1717f6a071d2ecc602ab445a00bc08c54

Detections

NIDS	Severity	Alert
suricata	medium	ET HUNTING DDoS-Guard Hosted Content

HTTP Headers

GET /plugins/system/jat3/jat3/base-themes/default/js/core.js HTTP/1.1
Host: www.kizik.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://www.kizik.ru/
Cookie: __ddg1_=ZG8NEf2rRKG4oalGaUII; caae4b2e6f0b15a0c19bc7fb272e1da1=mdmjo5ftkfeq8h6av6pdtfopo1; jc_frontline_tpl=jc_frontline
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: ddos-guard
Connection: keep-alive
Keep-Alive: timeout=60
Date: Mon, 22 May 2023 07:53:10 GMT
Last-Modified: Wed, 14 Aug 2013 09:33:58 GMT
ETag: "46004eb-1b4e-4e3e50e8d4d80"
Accept-Ranges: bytes
Content-Length: 6990
Content-Type: text/javascript

www.kizik.ru/templates/jc_frontline/js/custom.js

31.28.24.113

200 OK

7.8 kB

URL GET HTTP/1.1
www.kizik.ru/templates/jc_frontline/js/custom.js
IP
31.28.24.113:80
ASN
#12616 Filanco LLC

Requested by
http://www.kizik.ru/

File type
ASCII text
Size
7.8 kB (7805 bytes)
Hash
98e26bb6f04d02f79bb1b11d5e36a7a6
c21522eb128381ddb497fc4c17053fe2f61fc82d
386e6d300a70865e0150c921f28cad549730761dd008a75ca76fe758a1ea4a9e

Detections

NIDS	Severity	Alert
suricata	medium	ET HUNTING DDoS-Guard Hosted Content

HTTP Headers

GET /templates/jc_frontline/js/custom.js HTTP/1.1
Host: www.kizik.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://www.kizik.ru/
Cookie: __ddg1_=ZG8NEf2rRKG4oalGaUII; caae4b2e6f0b15a0c19bc7fb272e1da1=mdmjo5ftkfeq8h6av6pdtfopo1; jc_frontline_tpl=jc_frontline
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: ddos-guard
Connection: keep-alive
Keep-Alive: timeout=60
Date: Mon, 22 May 2023 07:53:10 GMT
Last-Modified: Thu, 13 Aug 2015 11:10:57 GMT
ETag: "45c5c37-1e7d-51d2f63b49240"
Accept-Ranges: bytes
Content-Length: 7805
Content-Type: text/javascript

www.kizik.ru/plugins/system/jat3/jat3/base-themes/default/js/menu/mega.js

31.28.24.113

200 OK

18 kB

URL GET HTTP/1.1
www.kizik.ru/plugins/system/jat3/jat3/base-themes/default/js/menu/mega.js
IP
31.28.24.113:80
ASN
#12616 Filanco LLC

Requested by
http://www.kizik.ru/

File type
ASCII text, with CRLF line terminators
Size
18 kB (17611 bytes)
Hash
4ff9b8a2706be3001683f0aeb1d17513
b4127d9e15d223dab2166bf79b930f4f90a1201e
f9093809a715e61e65435c89a2722da7eb7b62bdc8da1e8d8eb3a2eb6fa94513

Detections

NIDS	Severity	Alert
suricata	medium	ET HUNTING DDoS-Guard Hosted Content
suricata	medium	ET MALWARE Magecart Loader Javascript

HTTP Headers

GET /plugins/system/jat3/jat3/base-themes/default/js/menu/mega.js HTTP/1.1
Host: www.kizik.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://www.kizik.ru/
Cookie: __ddg1_=ZG8NEf2rRKG4oalGaUII; caae4b2e6f0b15a0c19bc7fb272e1da1=mdmjo5ftkfeq8h6av6pdtfopo1; jc_frontline_tpl=jc_frontline
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: ddos-guard
Connection: keep-alive
Keep-Alive: timeout=60
Date: Mon, 22 May 2023 07:53:10 GMT
Last-Modified: Wed, 14 Aug 2013 09:33:58 GMT
ETag: "46004f0-44cb-4e3e50e8d4d80"
Accept-Ranges: bytes
Content-Length: 17611
Content-Type: text/javascript

www.kizik.ru/media/system/js/modal.js

31.28.24.113

200 OK

9.7 kB

URL GET HTTP/1.1
www.kizik.ru/media/system/js/modal.js
IP
31.28.24.113:80
ASN
#12616 Filanco LLC

Requested by
http://www.kizik.ru/

File type
Unicode text, UTF-8 text, with very long lines (599)
Size
9.7 kB (9732 bytes)
Hash
637c3dd497107b7460a1f5a9e616a01c
bd7115c100422d2963f97a2b4c96a7fd3c1763b9
1d44d98509149be106f7f160e40e5049931817efa8a6aecec637ac3f6dcebdd0

Detections

NIDS	Severity	Alert
suricata	medium	ET HUNTING DDoS-Guard Hosted Content

HTTP Headers

GET /media/system/js/modal.js HTTP/1.1
Host: www.kizik.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://www.kizik.ru/
Cookie: __ddg1_=ZG8NEf2rRKG4oalGaUII; caae4b2e6f0b15a0c19bc7fb272e1da1=mdmjo5ftkfeq8h6av6pdtfopo1; jc_frontline_tpl=jc_frontline
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: ddos-guard
Connection: keep-alive
Keep-Alive: timeout=60
Date: Mon, 22 May 2023 07:53:10 GMT
Last-Modified: Sat, 31 Mar 2012 22:03:50 GMT
ETag: "46023ff-2604-4bc9121c9dd80"
Accept-Ranges: bytes
Content-Length: 9732
Content-Type: text/javascript

www.kizik.ru/media/system/css/system.css

31.28.24.113

200 OK

1.4 kB

URL GET HTTP/1.1
www.kizik.ru/media/system/css/system.css
IP
31.28.24.113:80
ASN
#12616 Filanco LLC

Requested by
http://www.kizik.ru/

File type
ASCII text
Size
1.4 kB (1446 bytes)
Hash
6ee37cc0fc51e3ca6a8b6427499b6376
dd4def4fd8ed66765e602a822be85125eb17cec6
4e613fe3e74a7af0e4b3504bd27ea2af347ad46cfdd761afe34ef674e4804ae9

Detections

NIDS	Severity	Alert
suricata	medium	ET HUNTING DDoS-Guard Hosted Content

HTTP Headers

GET /media/system/css/system.css HTTP/1.1
Host: www.kizik.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://www.kizik.ru/templates/system/css/system.css
Cookie: __ddg1_=ZG8NEf2rRKG4oalGaUII; caae4b2e6f0b15a0c19bc7fb272e1da1=mdmjo5ftkfeq8h6av6pdtfopo1; jc_frontline_tpl=jc_frontline
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: ddos-guard
Connection: keep-alive
Keep-Alive: timeout=60
Date: Mon, 22 May 2023 07:53:10 GMT
Last-Modified: Wed, 31 Jul 2013 17:01:38 GMT
ETag: "4602445-5a6-4e2d1adc12080"
Accept-Ranges: bytes
Content-Length: 1446
Content-Type: text/css

www.kizik.ru/modules/mod_calendar_pravo/js/highslide.js

31.28.24.113

200 OK

48 kB

URL GET HTTP/1.1
www.kizik.ru/modules/mod_calendar_pravo/js/highslide.js
IP
31.28.24.113:80
ASN
#12616 Filanco LLC

Requested by
http://www.kizik.ru/

File type
ISO-8859 text, with very long lines (46654), with CRLF, LF line terminators
Size
48 kB (47819 bytes)
Hash
5e7b3d765534db503510eedc32141b5e
4b21b31c582268c77387cb301a3020deec27d764
ed6ddc2778cd24b0247b58dfb8e4f3def7a2c3dcf572e3b42936c391d2e9e81d

Detections

NIDS	Severity	Alert
suricata	medium	ET HUNTING DDoS-Guard Hosted Content

HTTP Headers

GET /modules/mod_calendar_pravo/js/highslide.js HTTP/1.1
Host: www.kizik.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://www.kizik.ru/
Cookie: __ddg1_=ZG8NEf2rRKG4oalGaUII; caae4b2e6f0b15a0c19bc7fb272e1da1=mdmjo5ftkfeq8h6av6pdtfopo1; jc_frontline_tpl=jc_frontline
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: ddos-guard
Connection: keep-alive
Keep-Alive: timeout=60
Date: Mon, 22 May 2023 07:53:10 GMT
Last-Modified: Fri, 31 May 2013 15:19:34 GMT
ETag: "4601e6b-bacb-4de05246a6d80"
Accept-Ranges: bytes
Content-Length: 47819
Content-Type: text/javascript

www.kizik.ru/media/system/js/mootools-more.js

31.28.24.113

200 OK

238 kB

URL GET HTTP/1.1
www.kizik.ru/media/system/js/mootools-more.js
IP
31.28.24.113:80
ASN
#12616 Filanco LLC

Requested by
http://www.kizik.ru/

File type
Unicode text, UTF-8 text, with very long lines (2903)
Size
238 kB (238331 bytes)
Hash
06a6a417945b8e518494ffc4c8abd22b
6c57ce51ce8d4b5af56f47162b517ad0d2ea9860
65d92e52232e1409aaaebc6ad930501bb223b96fea580940d39470f3f492e6ba

Detections

NIDS	Severity	Alert
suricata	medium	ET HUNTING DDoS-Guard Hosted Content

HTTP Headers

GET /media/system/js/mootools-more.js HTTP/1.1
Host: www.kizik.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://www.kizik.ru/
Cookie: __ddg1_=ZG8NEf2rRKG4oalGaUII; caae4b2e6f0b15a0c19bc7fb272e1da1=mdmjo5ftkfeq8h6av6pdtfopo1; jc_frontline_tpl=jc_frontline
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: ddos-guard
Connection: keep-alive
Keep-Alive: timeout=60
Date: Mon, 22 May 2023 07:53:10 GMT
Last-Modified: Wed, 31 Jul 2013 17:01:38 GMT
ETag: "46023ee-3a2fb-4e2d1adc12080"
Accept-Ranges: bytes
Content-Length: 238331
Content-Type: text/javascript

script.pravoslavie.ru/cache/name=1&life=0&icon=1&trop=0&hram=0&relics=0&vek=0&bold=1&tipikon=0&feofan=0&trapeza=1&date=0&tmshift=0&css=1&images=1.ls

178.248.238.199

200 OK

7.0 kB

URL GET HTTP/1.1
script.pravoslavie.ru/cache/name=1&life=0&icon=1&trop=0&hram=0&relics=0&vek=0&bold=1&tipikon=0&feofan=0&trapeza=1&date=0&tmshift=0&css=1&images=1.ls
IP
178.248.238.199:443
ASN
#197068 HLL LLC

Requested by
http://www.kizik.ru/
Certificate
IssuerLet's Encrypt
Subjectscript.pravoslavie.ru
Fingerprint99:66:EA:40:AF:AE:A8:1C:75:BF:58:93:7D:01:E9:5D:5F:3C:24:FB
ValidityThu, 04 May 2023 12:30:54 GMT - Wed, 02 Aug 2023 12:30:53 GMT

File type
exported SGML document, Unicode text, UTF-8 text, with very long lines (4317)
Size
7.0 kB (7004 bytes)
Hash
967ff7f536caff5f38dfa487f89fe028
0d4c31f420c5e823ebec14e6a942b2caa2818ec8
72b8da25350538eae1f2f55f6655791826837316b8864ad91b8b097a7ace048f

HTTP Headers

GET /cache/name=1&life=0&icon=1&trop=0&hram=0&relics=0&vek=0&bold=1&tipikon=0&feofan=0&trapeza=1&date=0&tmshift=0&css=1&images=1.ls HTTP/1.1
Host: script.pravoslavie.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://www.kizik.ru/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: QRATOR
Date: Mon, 22 May 2023 07:53:11 GMT
Content-Length: 7004
Connection: keep-alive
Keep-Alive: timeout=15
Last-Modified: Sun, 21 May 2023 21:26:14 GMT
ETag: "1b5c-5fc3acdc4b864"
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Strict-Transport-Security: max-age=0; includeSubDomains

script.pravoslavie.ru/cache_icon/advanced=1&date=0&href=0&tmshift=0&scale=1.ls

178.248.238.199

200 OK

591 B

URL GET HTTP/1.1
script.pravoslavie.ru/cache_icon/advanced=1&date=0&href=0&tmshift=0&scale=1.ls
IP
178.248.238.199:443
ASN
#197068 HLL LLC

Requested by
http://www.kizik.ru/
Certificate
IssuerLet's Encrypt
Subjectscript.pravoslavie.ru
Fingerprint99:66:EA:40:AF:AE:A8:1C:75:BF:58:93:7D:01:E9:5D:5F:3C:24:FB
ValidityThu, 04 May 2023 12:30:54 GMT - Wed, 02 Aug 2023 12:30:53 GMT

File type
exported SGML document, ASCII text
Size
591 B (591 bytes)
Hash
7b0824b6f8094230a39c396b2050f59c
ce243c8adea64795df0778bda0df042142721862
a0c8303e619622b33beaafc38ec375cd8455a564c9d080f09f0980426d5f72d1

HTTP Headers

GET /cache_icon/advanced=1&date=0&href=0&tmshift=0&scale=1.ls HTTP/1.1
Host: script.pravoslavie.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://www.kizik.ru/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: QRATOR
Date: Mon, 22 May 2023 07:53:11 GMT
Content-Length: 591
Connection: keep-alive
Keep-Alive: timeout=15
Last-Modified: Sun, 21 May 2023 21:21:43 GMT
ETag: "24f-5fc3abda2522c"
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Strict-Transport-Security: max-age=0; includeSubDomains

www.kizik.ru/templates/jc_frontline/images/nds.png

31.28.24.113

200 OK

42 kB

URL GET HTTP/1.1
www.kizik.ru/templates/jc_frontline/images/nds.png
IP
31.28.24.113:80
ASN
#12616 Filanco LLC

Requested by
http://www.kizik.ru/

File type
PNG image data, 610 x 41, 8-bit/color RGBA, non-interlaced\012- data
Size
42 kB (42365 bytes)
Hash
fa8df39c585012c5eecc87ced7bddfb1
2f295215cf0c9572ecff9e000e1123933116b615
a694c219c88d3707154e2d206ca830fadf60d7753ee9486f365e8d4cd0f55cc9

Detections

NIDS	Severity	Alert
suricata	medium	ET HUNTING DDoS-Guard Hosted Content

HTTP Headers

GET /templates/jc_frontline/images/nds.png HTTP/1.1
Host: www.kizik.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://www.kizik.ru/
Cookie: __ddg1_=ZG8NEf2rRKG4oalGaUII; caae4b2e6f0b15a0c19bc7fb272e1da1=mdmjo5ftkfeq8h6av6pdtfopo1; jc_frontline_tpl=jc_frontline
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: ddos-guard
Connection: keep-alive
Keep-Alive: timeout=60
Date: Mon, 22 May 2023 07:53:11 GMT
Last-Modified: Fri, 31 May 2013 10:31:53 GMT
ETag: "45c5ca8-a57d-4de011f947840"
Accept-Ranges: bytes
Content-Length: 42365
Cache-Control: max-age=86400
Expires: Tue, 23 May 2023 07:53:11 GMT
Content-Type: image/png

www.kizik.ru/images/phocagallery/maslenica_2013/thumbs/phoca_thumb_m_dsc_9663.jpg

31.28.24.113

200 OK

32 kB

URL GET HTTP/1.1
www.kizik.ru/images/phocagallery/maslenica_2013/thumbs/phoca_thumb_m_dsc_9663.jpg
IP
31.28.24.113:80
ASN
#12616 Filanco LLC

Requested by
http://www.kizik.ru/

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 100", baseline, precision 8, 145x220, components 3\012- data
Size
32 kB (32143 bytes)
Hash
b1541b55a526d2afee9bf433e974abfe
6f6662d654aa572e2bf693c485afb9193616145d
196ea7dcbc4775e84c7f1b455dca76e58e78a3b009eced7e062f50b4d4c3c9ef

Detections

NIDS	Severity	Alert
suricata	medium	ET HUNTING DDoS-Guard Hosted Content

HTTP Headers

GET /images/phocagallery/maslenica_2013/thumbs/phoca_thumb_m_dsc_9663.jpg HTTP/1.1
Host: www.kizik.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://www.kizik.ru/
Cookie: __ddg1_=ZG8NEf2rRKG4oalGaUII; caae4b2e6f0b15a0c19bc7fb272e1da1=mdmjo5ftkfeq8h6av6pdtfopo1; jc_frontline_tpl=jc_frontline
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: ddos-guard
Connection: keep-alive
Keep-Alive: timeout=60
Date: Mon, 22 May 2023 07:53:11 GMT
Last-Modified: Fri, 31 May 2013 13:43:59 GMT
ETag: "4601a2f-7d8f-4de03ce9545c0"
Accept-Ranges: bytes
Content-Length: 32143
Cache-Control: max-age=86400
Expires: Tue, 23 May 2023 07:53:11 GMT
Content-Type: image/jpeg

www.kizik.ru/templates/jc_frontline/images/mshadow.png

31.28.24.113

200 OK

132 kB

URL GET HTTP/1.1
www.kizik.ru/templates/jc_frontline/images/mshadow.png
IP
31.28.24.113:80
ASN
#12616 Filanco LLC

Requested by
http://www.kizik.ru/

File type
PNG image data, 1099 x 156, 8-bit/color RGBA, non-interlaced\012- data
Size
132 kB (131836 bytes)
Hash
32bb2d956376bc8bddc0d745d5b416ac
906ec669ebf839c8a9ae1e12cc5d4fa19c4214a9
af89aa5e4f8c3e8c0196371e1fdbcf511269ab93f0d52bda23bd81e33528c959

Detections

NIDS	Severity	Alert
suricata	medium	ET HUNTING DDoS-Guard Hosted Content

HTTP Headers

GET /templates/jc_frontline/images/mshadow.png HTTP/1.1
Host: www.kizik.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://www.kizik.ru/
Cookie: __ddg1_=ZG8NEf2rRKG4oalGaUII; caae4b2e6f0b15a0c19bc7fb272e1da1=mdmjo5ftkfeq8h6av6pdtfopo1; jc_frontline_tpl=jc_frontline
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: ddos-guard
Connection: keep-alive
Keep-Alive: timeout=60
Date: Mon, 22 May 2023 07:53:11 GMT
Last-Modified: Fri, 31 May 2013 10:31:51 GMT
ETag: "45c5c88-202fc-4de011f75f3c0"
Accept-Ranges: bytes
Content-Length: 131836
Cache-Control: max-age=86400
Expires: Tue, 23 May 2023 07:53:11 GMT
Content-Type: image/png

www.kizik.ru/templates/jc_frontline/images/mmain-2002.png

31.28.24.113

200 OK

30 kB

URL GET HTTP/1.1
www.kizik.ru/templates/jc_frontline/images/mmain-2002.png
IP
31.28.24.113:80
ASN
#12616 Filanco LLC

Requested by
http://www.kizik.ru/

File type
PNG image data, 881 x 19, 8-bit/color RGBA, non-interlaced\012- data
Size
30 kB (29813 bytes)
Hash
28c7d7bd53f1a25be0594aa56d2208e1
c09235142a4a9fd3bb030d3475e6576039fbf906
a5fbfbe78553d2a11de37fb937346ec7ba89e529c993d913c831dbd4cc142932

Detections

NIDS	Severity	Alert
suricata	medium	ET HUNTING DDoS-Guard Hosted Content

HTTP Headers

GET /templates/jc_frontline/images/mmain-2002.png HTTP/1.1
Host: www.kizik.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://www.kizik.ru/templates/jc_frontline/css/menu/mega.css
Cookie: __ddg1_=ZG8NEf2rRKG4oalGaUII; caae4b2e6f0b15a0c19bc7fb272e1da1=mdmjo5ftkfeq8h6av6pdtfopo1; jc_frontline_tpl=jc_frontline
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: ddos-guard
Connection: keep-alive
Keep-Alive: timeout=60
Date: Mon, 22 May 2023 07:53:11 GMT
Last-Modified: Fri, 31 May 2013 10:31:51 GMT
ETag: "45c5cae-7475-4de011f75f3c0"
Accept-Ranges: bytes
Content-Length: 29813
Cache-Control: max-age=86400
Expires: Tue, 23 May 2023 07:53:11 GMT
Content-Type: image/png

www.kizik.ru/plugins/system/jat3/jat3/base-themes/default/images/arrow3.png

31.28.24.113

200 OK

149 B

URL GET HTTP/1.1
www.kizik.ru/plugins/system/jat3/jat3/base-themes/default/images/arrow3.png
IP
31.28.24.113:80
ASN
#12616 Filanco LLC

Requested by
http://www.kizik.ru/

File type
PNG image data, 7 x 4, 8-bit colormap, non-interlaced\012- data
Size
149 B (149 bytes)
Hash
5aeee3e6d60870f7f0bc2ef04064d556
579471ac0bc6483e66b06fcc165b61ba6340e2a3
5d5f0aac519fbdff06b02881e57e97ba010b5e138aaa03287ce2c334e484e34a

Detections

NIDS	Severity	Alert
suricata	medium	ET HUNTING DDoS-Guard Hosted Content

HTTP Headers

GET /plugins/system/jat3/jat3/base-themes/default/images/arrow3.png HTTP/1.1
Host: www.kizik.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://www.kizik.ru/plugins/system/jat3/jat3/base-themes/default/css/menu/mega.css
Cookie: __ddg1_=ZG8NEf2rRKG4oalGaUII; caae4b2e6f0b15a0c19bc7fb272e1da1=mdmjo5ftkfeq8h6av6pdtfopo1; jc_frontline_tpl=jc_frontline
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: ddos-guard
Connection: keep-alive
Keep-Alive: timeout=60
Date: Mon, 22 May 2023 07:53:11 GMT
Last-Modified: Wed, 14 Aug 2013 09:33:58 GMT
ETag: "460050a-95-4e3e50e8d4d80"
Accept-Ranges: bytes
Content-Length: 149
Cache-Control: max-age=86400
Expires: Tue, 23 May 2023 07:53:11 GMT
Content-Type: image/png

www.kizik.ru/templates/jc_frontline/images/menu-bg2.png

31.28.24.113

200 OK

3.8 kB

URL GET HTTP/1.1
www.kizik.ru/templates/jc_frontline/images/menu-bg2.png
IP
31.28.24.113:80
ASN
#12616 Filanco LLC

Requested by
http://www.kizik.ru/

File type
PNG image data, 134 x 17, 8-bit/color RGBA, non-interlaced\012- data
Size
3.8 kB (3761 bytes)
Hash
ae4bc63f7e8fb2289e872e2fc71b8ecf
b28228343e188de1c6d947189a60dfa660b77948
4643865c931b3028306ff5a8529f8262b35f2d29172ac12208c2483479bef0f5

Detections

NIDS	Severity	Alert
suricata	medium	ET HUNTING DDoS-Guard Hosted Content

HTTP Headers

GET /templates/jc_frontline/images/menu-bg2.png HTTP/1.1
Host: www.kizik.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://www.kizik.ru/templates/jc_frontline/css/menu/mega.css
Cookie: __ddg1_=ZG8NEf2rRKG4oalGaUII; caae4b2e6f0b15a0c19bc7fb272e1da1=mdmjo5ftkfeq8h6av6pdtfopo1; jc_frontline_tpl=jc_frontline
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: ddos-guard
Connection: keep-alive
Keep-Alive: timeout=60
Date: Mon, 22 May 2023 07:53:11 GMT
Last-Modified: Sat, 23 May 2015 08:36:48 GMT
ETag: "45c5c9e-eb1-516bbad6f4800"
Accept-Ranges: bytes
Content-Length: 3761
Cache-Control: max-age=86400
Expires: Tue, 23 May 2023 07:53:11 GMT
Content-Type: image/png

www.kizik.ru/templates/jc_frontline/images/main_bg.jpg

31.28.24.113

200 OK

94 kB

URL GET HTTP/1.1
www.kizik.ru/templates/jc_frontline/images/main_bg.jpg
IP
31.28.24.113:80
ASN
#12616 Filanco LLC

Requested by
http://www.kizik.ru/

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 200x200, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=4], progressive, precision 8, 569x290, components 3\012- data
Size
94 kB (94096 bytes)
Hash
d2df649b71af6ddf5609feea38c36a5f
adf0f84a53d8f40129915735441f113157f6407e
6a93cee344a34000bdfe4477e60df5651421c27b0c469678dc27bdc8aab1b082

Detections

NIDS	Severity	Alert
suricata	medium	ET HUNTING DDoS-Guard Hosted Content

HTTP Headers

GET /templates/jc_frontline/images/main_bg.jpg HTTP/1.1
Host: www.kizik.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://www.kizik.ru/templates/jc_frontline/css/template.css
Cookie: __ddg1_=ZG8NEf2rRKG4oalGaUII; caae4b2e6f0b15a0c19bc7fb272e1da1=mdmjo5ftkfeq8h6av6pdtfopo1; jc_frontline_tpl=jc_frontline
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: ddos-guard
Connection: keep-alive
Keep-Alive: timeout=60
Date: Mon, 22 May 2023 07:53:11 GMT
Last-Modified: Fri, 31 May 2013 10:31:51 GMT
ETag: "45c5c9d-16f90-4de011f75f3c0"
Accept-Ranges: bytes
Content-Length: 94096
Cache-Control: max-age=86400
Expires: Tue, 23 May 2023 07:53:11 GMT
Content-Type: image/jpeg

www.kizik.ru/templates/jc_frontline/images/pagenav-sep.png

31.28.24.113

200 OK

1.0 kB

URL GET HTTP/1.1
www.kizik.ru/templates/jc_frontline/images/pagenav-sep.png
IP
31.28.24.113:80
ASN
#12616 Filanco LLC

Requested by
http://www.kizik.ru/

File type
PNG image data, 2 x 37, 8-bit/color RGBA, non-interlaced\012- data
Size
1.0 kB (1023 bytes)
Hash
8f075412923ef69c277ce753dd072719
34f732da98c9303077936aedd892fe6164c0e782
4c936057856d7db3ddf84eb171d816611b07491f59b069260ebfea9e87290f5d

Detections

NIDS	Severity	Alert
suricata	medium	ET HUNTING DDoS-Guard Hosted Content

HTTP Headers

GET /templates/jc_frontline/images/pagenav-sep.png HTTP/1.1
Host: www.kizik.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://www.kizik.ru/templates/jc_frontline/css/template.css
Cookie: __ddg1_=ZG8NEf2rRKG4oalGaUII; caae4b2e6f0b15a0c19bc7fb272e1da1=mdmjo5ftkfeq8h6av6pdtfopo1; jc_frontline_tpl=jc_frontline
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: ddos-guard
Connection: keep-alive
Keep-Alive: timeout=60
Date: Mon, 22 May 2023 07:53:11 GMT
Last-Modified: Fri, 31 May 2013 10:31:53 GMT
ETag: "45c5c92-3ff-4de011f947840"
Accept-Ranges: bytes
Content-Length: 1023
Cache-Control: max-age=86400
Expires: Tue, 23 May 2023 07:53:11 GMT
Content-Type: image/png

www.kizik.ru/templates/jc_frontline/images/number-page.png

31.28.24.113

200 OK

352 B

URL GET HTTP/1.1
www.kizik.ru/templates/jc_frontline/images/number-page.png
IP
31.28.24.113:80
ASN
#12616 Filanco LLC

Requested by
http://www.kizik.ru/

File type
PNG image data, 20 x 37, 8-bit/color RGBA, non-interlaced\012- data
Size
352 B (352 bytes)
Hash
a63e811bf9e3c55d3ecc40a3d0a777f5
82eeacd708935a97b52a046199ce9c68dad9d57e
13cb48c80f0cfc35f9aa1e99515ac755c32d4d2f5ead1b44dd399d8ce898111a

Detections

NIDS	Severity	Alert
suricata	medium	ET HUNTING DDoS-Guard Hosted Content

HTTP Headers

GET /templates/jc_frontline/images/number-page.png HTTP/1.1
Host: www.kizik.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://www.kizik.ru/templates/jc_frontline/css/template.css
Cookie: __ddg1_=ZG8NEf2rRKG4oalGaUII; caae4b2e6f0b15a0c19bc7fb272e1da1=mdmjo5ftkfeq8h6av6pdtfopo1; jc_frontline_tpl=jc_frontline
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: ddos-guard
Connection: keep-alive
Keep-Alive: timeout=60
Date: Mon, 22 May 2023 07:53:11 GMT
Last-Modified: Fri, 31 May 2013 10:31:53 GMT
ETag: "45c5c54-160-4de011f947840"
Accept-Ranges: bytes
Content-Length: 352
Cache-Control: max-age=86400
Expires: Tue, 23 May 2023 07:53:11 GMT
Content-Type: image/png

www.kizik.ru/templates/jc_frontline/images/advertdate.png

31.28.24.113

200 OK

6.8 kB

URL GET HTTP/1.1
www.kizik.ru/templates/jc_frontline/images/advertdate.png
IP
31.28.24.113:80
ASN
#12616 Filanco LLC

Requested by
http://www.kizik.ru/

File type
PNG image data, 66 x 60, 8-bit/color RGBA, non-interlaced\012- data
Size
6.8 kB (6775 bytes)
Hash
36138800fec9adc2557f596a3fa99c40
b8c65107e3265bd64404d6c4c2fec6dfde319912
9c4b1e602877ac91c424762506d63d78763d8c4ed98bc41e7713a77f00f20440

Detections

NIDS	Severity	Alert
suricata	medium	ET HUNTING DDoS-Guard Hosted Content

HTTP Headers

GET /templates/jc_frontline/images/advertdate.png HTTP/1.1
Host: www.kizik.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://www.kizik.ru/templates/jc_frontline/css/template.css
Cookie: __ddg1_=ZG8NEf2rRKG4oalGaUII; caae4b2e6f0b15a0c19bc7fb272e1da1=mdmjo5ftkfeq8h6av6pdtfopo1; jc_frontline_tpl=jc_frontline
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: ddos-guard
Connection: keep-alive
Keep-Alive: timeout=60
Date: Mon, 22 May 2023 07:53:11 GMT
Last-Modified: Fri, 31 May 2013 10:41:37 GMT
ETag: "45c5c9b-1a77-4de0142639a40"
Accept-Ranges: bytes
Content-Length: 6775
Cache-Control: max-age=86400
Expires: Tue, 23 May 2023 07:53:11 GMT
Content-Type: image/png

www.kizik.ru/templates/jc_frontline/images/up-arrow.png

31.28.24.113

200 OK

193 B

URL GET HTTP/1.1
www.kizik.ru/templates/jc_frontline/images/up-arrow.png
IP
31.28.24.113:80
ASN
#12616 Filanco LLC

Requested by
http://www.kizik.ru/

File type
PNG image data, 21 x 22, 8-bit/color RGBA, non-interlaced\012- data
Size
193 B (193 bytes)
Hash
280ded5bc43b9c481fca851992a18b61
0c76d22a9c8e7c95edb6f11f629c4c2388e75a13
487a1f97028e3ad1415368db430a201d0048d1b0b790cf54993d6091493cc1aa

Detections

NIDS	Severity	Alert
suricata	medium	ET HUNTING DDoS-Guard Hosted Content

HTTP Headers

GET /templates/jc_frontline/images/up-arrow.png HTTP/1.1
Host: www.kizik.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://www.kizik.ru/templates/jc_frontline/css/template.css
Cookie: __ddg1_=ZG8NEf2rRKG4oalGaUII; caae4b2e6f0b15a0c19bc7fb272e1da1=mdmjo5ftkfeq8h6av6pdtfopo1; jc_frontline_tpl=jc_frontline
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: ddos-guard
Connection: keep-alive
Keep-Alive: timeout=60
Date: Mon, 22 May 2023 07:53:11 GMT
Last-Modified: Fri, 31 May 2013 10:32:01 GMT
ETag: "45c5c6c-c1-4de01200e8a40"
Accept-Ranges: bytes
Content-Length: 193
Cache-Control: max-age=86400
Expires: Tue, 23 May 2023 07:53:11 GMT
Content-Type: image/png

www.kizik.ru/templates/jc_frontline/images/logo.png

31.28.24.113

200 OK

814 kB

URL GET HTTP/1.1
www.kizik.ru/templates/jc_frontline/images/logo.png
IP
31.28.24.113:80
ASN
#12616 Filanco LLC

Requested by
http://www.kizik.ru/

File type
PNG image data, 1034 x 444, 8-bit/color RGBA, non-interlaced\012- data
Size
814 kB (814216 bytes)
Hash
687d123544ef5c1a858ab13b2fcc7ede
09a8934c1db132e7c5fa3ebe0f3786b08d6b724a
9c4a35d47385f2dd0952e993f21e3ad71f83f319d073ed0733e12b21025a4f9b

Detections

NIDS	Severity	Alert
suricata	medium	ET HUNTING DDoS-Guard Hosted Content

HTTP Headers

GET /templates/jc_frontline/images/logo.png HTTP/1.1
Host: www.kizik.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://www.kizik.ru/
Cookie: __ddg1_=ZG8NEf2rRKG4oalGaUII; caae4b2e6f0b15a0c19bc7fb272e1da1=mdmjo5ftkfeq8h6av6pdtfopo1; jc_frontline_tpl=jc_frontline
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: ddos-guard
Connection: keep-alive
Keep-Alive: timeout=60
Date: Mon, 22 May 2023 07:53:11 GMT
Last-Modified: Fri, 31 May 2013 10:31:47 GMT
ETag: "45c5c94-c6c88-4de011f38eac0"
Accept-Ranges: bytes
Content-Length: 814216
Cache-Control: max-age=86400
Expires: Tue, 23 May 2023 07:53:11 GMT
Content-Type: image/png

www.kizik.ru/templates/jc_frontline/images/img0069.png

31.28.24.113

200 OK

130 kB

URL GET HTTP/1.1
www.kizik.ru/templates/jc_frontline/images/img0069.png
IP
31.28.24.113:80
ASN
#12616 Filanco LLC

Requested by
http://www.kizik.ru/

File type
PNG image data, 1099 x 156, 8-bit/color RGBA, non-interlaced\012- data
Size
130 kB (130120 bytes)
Hash
c3df8f53ca0ebe8faf6a2ae3ce7ad6f1
f8b68a6da04bf1d236f7627b519edd2a12bbebb6
e129193a8e807569c3217b954dd03a5a57d89f869073fff16f1b840dd5969590

Detections

NIDS	Severity	Alert
suricata	medium	ET HUNTING DDoS-Guard Hosted Content

HTTP Headers

GET /templates/jc_frontline/images/img0069.png HTTP/1.1
Host: www.kizik.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://www.kizik.ru/templates/jc_frontline/css/layout.css
Cookie: __ddg1_=ZG8NEf2rRKG4oalGaUII; caae4b2e6f0b15a0c19bc7fb272e1da1=mdmjo5ftkfeq8h6av6pdtfopo1; jc_frontline_tpl=jc_frontline
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: ddos-guard
Connection: keep-alive
Keep-Alive: timeout=60
Date: Mon, 22 May 2023 07:53:11 GMT
Last-Modified: Fri, 31 May 2013 10:31:47 GMT
ETag: "45c5c76-1fc48-4de011f38eac0"
Accept-Ranges: bytes
Content-Length: 130120
Cache-Control: max-age=86400
Expires: Tue, 23 May 2023 07:53:11 GMT
Content-Type: image/png

days.pravoslavie.ru/jpg/is4704.jpg

178.248.238.199

200 OK

9.5 kB

URL GET HTTP/1.1
days.pravoslavie.ru/jpg/is4704.jpg
IP
178.248.238.199:443
ASN
#197068 HLL LLC

Requested by
http://www.kizik.ru/
Certificate
IssuerLet's Encrypt
Subjectdays.pravoslavie.ru
Fingerprint13:61:25:C4:19:DB:D9:C2:F6:86:73:0D:87:91:98:E6:84:DA:CC:56
ValidityThu, 04 May 2023 12:15:35 GMT - Wed, 02 Aug 2023 12:15:34 GMT

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 128x160, components 3\012- data
Size
9.5 kB (9531 bytes)
Hash
0afc49f19bdd2349b6d27404ade48087
ef735085bed88ecd5198ef083d30c57e55eeb411
08a3425e8cee657d85f2792dad722e3eea589028acfc4e8f69368146a1374afa

HTTP Headers

GET /jpg/is4704.jpg HTTP/1.1
Host: days.pravoslavie.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://www.kizik.ru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: QRATOR
Date: Mon, 22 May 2023 07:53:11 GMT
Content-Type: image/jpeg
Content-Length: 9531
Connection: keep-alive
Keep-Alive: timeout=15
Last-Modified: Mon, 26 Dec 2022 17:58:10 GMT
ETag: "253b-5f0bee0e0d2f3"
Accept-Ranges: bytes
Strict-Transport-Security: max-age=0; includeSubDomains

days.pravoslavie.ru/cmn/I.gif

178.248.238.199

200 OK

404 B

URL GET HTTP/1.1
days.pravoslavie.ru/cmn/I.gif
IP
178.248.238.199:443
ASN
#197068 HLL LLC

Requested by
http://www.kizik.ru/
Certificate
IssuerLet's Encrypt
Subjectdays.pravoslavie.ru
Fingerprint13:61:25:C4:19:DB:D9:C2:F6:86:73:0D:87:91:98:E6:84:DA:CC:56
ValidityThu, 04 May 2023 12:15:35 GMT - Wed, 02 Aug 2023 12:15:34 GMT

File type
GIF image data, version 89a, 18 x 16\012- data
Size
404 B (404 bytes)
Hash
80f12196ee22d2b78a09a44c5d0bb95b
a855b4c31e547cede11f42769863d98a909f96fe
62cc1f382a7836a976513e95e6e2709419af97a3463aceb0a80c930e52979208

HTTP Headers

GET /cmn/I.gif HTTP/1.1
Host: days.pravoslavie.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://www.kizik.ru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: QRATOR
Date: Mon, 22 May 2023 07:53:11 GMT
Content-Type: image/gif
Content-Length: 404
Connection: keep-alive
Keep-Alive: timeout=15
Last-Modified: Fri, 13 Jan 2006 21:00:00 GMT
ETag: "194-40a43bf92d400"
Accept-Ranges: bytes
Strict-Transport-Security: max-age=0; includeSubDomains

www.kizik.ru/plugins/system/jat3/jat3/base-themes/default/images/favicon.ico

31.28.24.113

200 OK

894 B

URL GET HTTP/1.1
www.kizik.ru/plugins/system/jat3/jat3/base-themes/default/images/favicon.ico
IP
31.28.24.113:80
ASN
#12616 Filanco LLC

Requested by
http://www.kizik.ru/

File type
MS Windows icon resource - 1 icon, 16x16, 24 bits/pixel\012- data
Size
894 B (894 bytes)
Hash
5ab3d64bb1311467d6485e25268a92f4
e8b11ecc0ea51b4ff9d8ebca6161130e3ab21bfa
fd0d2b58a44bad4e3fbfcf789412d08fccf183bec84c482e816d243edb199725

Detections

NIDS	Severity	Alert
suricata	medium	ET HUNTING DDoS-Guard Hosted Content

HTTP Headers

GET /plugins/system/jat3/jat3/base-themes/default/images/favicon.ico HTTP/1.1
Host: www.kizik.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://www.kizik.ru/
Cookie: __ddg1_=ZG8NEf2rRKG4oalGaUII; caae4b2e6f0b15a0c19bc7fb272e1da1=mdmjo5ftkfeq8h6av6pdtfopo1; jc_frontline_tpl=jc_frontline
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: ddos-guard
Connection: keep-alive
Keep-Alive: timeout=60
Date: Mon, 22 May 2023 07:53:11 GMT
Last-Modified: Wed, 14 Aug 2013 11:18:37 GMT
ETag: "460053e-37e-4e3e684cf3d40"
Accept-Ranges: bytes
Content-Length: 894
Content-Type: image/vnd.microsoft.icon

www.kizik.ru/modules/mod_calendar_pravo/js/graphics/outlines/rounded-white.png

31.28.24.113

200 OK

2.1 kB

URL GET HTTP/1.1
www.kizik.ru/modules/mod_calendar_pravo/js/graphics/outlines/rounded-white.png
IP
31.28.24.113:80
ASN
#12616 Filanco LLC

Requested by
http://www.kizik.ru/

File type
PNG image data, 40 x 3000, 8-bit gray+alpha, non-interlaced\012- data
Size
2.1 kB (2050 bytes)
Hash
ff904e99a0ecb32a27642d389adb91ba
c4ef235dcc34844e4050f845ff4ce22ce35fe0b8
e82d0547f662dc02f6d55c082758f5aac71937fee44bc0cb0f106f85b5fe2f81

Detections

NIDS	Severity	Alert
suricata	medium	ET HUNTING DDoS-Guard Hosted Content

HTTP Headers

GET /modules/mod_calendar_pravo/js/graphics/outlines/rounded-white.png HTTP/1.1
Host: www.kizik.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://www.kizik.ru/
Cookie: __ddg1_=ZG8NEf2rRKG4oalGaUII; caae4b2e6f0b15a0c19bc7fb272e1da1=mdmjo5ftkfeq8h6av6pdtfopo1; jc_frontline_tpl=jc_frontline
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: ddos-guard
Connection: keep-alive
Keep-Alive: timeout=60
Date: Mon, 22 May 2023 07:53:11 GMT
Last-Modified: Fri, 31 May 2013 15:19:34 GMT
ETag: "4601e76-802-4de05246a6d80"
Accept-Ranges: bytes
Content-Length: 2050
Cache-Control: max-age=86400
Expires: Tue, 23 May 2023 07:53:11 GMT
Content-Type: image/png

www.kizik.ru/modules/mod_calendar_pravo/js/graphics/zoomout.cur

31.28.24.113

200 OK

326 B

URL GET HTTP/1.1
www.kizik.ru/modules/mod_calendar_pravo/js/graphics/zoomout.cur
IP
31.28.24.113:80
ASN
#12616 Filanco LLC

Requested by
http://www.kizik.ru/

File type
MS Windows cursor resource - 1 icon, 32x32, 2 colors, hotspot @7x7\012- data
Size
326 B (326 bytes)
Hash
e5f236bf2b60f8c8fc1867d70636a046
2d1695a011edd32a1abc5329dcf4b8ee196d5e7f
110a21ee3616bfa86b492bb237eeb946ee4a643d7bb77a7fd2b131311f5ccf72

Detections

NIDS	Severity	Alert
suricata	medium	ET HUNTING DDoS-Guard Hosted Content

HTTP Headers

GET /modules/mod_calendar_pravo/js/graphics/zoomout.cur HTTP/1.1
Host: www.kizik.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://www.kizik.ru/
Cookie: __ddg1_=ZG8NEf2rRKG4oalGaUII; caae4b2e6f0b15a0c19bc7fb272e1da1=mdmjo5ftkfeq8h6av6pdtfopo1; jc_frontline_tpl=jc_frontline
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: ddos-guard
Connection: keep-alive
Keep-Alive: timeout=60
Date: Mon, 22 May 2023 07:53:11 GMT
Last-Modified: Fri, 31 May 2013 15:19:34 GMT
ETag: "4601e71-146-4de05246a6d80"
Accept-Ranges: bytes
Content-Length: 326
Content-Type: text/plain; charset=UTF-8

www.kizik.ru/modules/mod_calendar_pravo/js/graphics/loader.white.gif

31.28.24.113

200 OK

673 B

URL GET HTTP/1.1
www.kizik.ru/modules/mod_calendar_pravo/js/graphics/loader.white.gif
IP
31.28.24.113:80
ASN
#12616 Filanco LLC

Requested by
http://www.kizik.ru/

File type
GIF image data, version 89a, 16 x 16\012- data
Size
673 B (673 bytes)
Hash
2a6692973429d7a74513bfa8bcb5be20
f2af060f1cadbc9065c8c465c648dc01be67cc12
1eb9e7880f723999a4ed63eece6a6e4d4976833d3c16dc18b4ace3971728ab0d

Detections

NIDS	Severity	Alert
suricata	medium	ET HUNTING DDoS-Guard Hosted Content

HTTP Headers

GET /modules/mod_calendar_pravo/js/graphics/loader.white.gif HTTP/1.1
Host: www.kizik.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://www.kizik.ru/modules/mod_calendar_pravo/css/highslide.css
Cookie: __ddg1_=ZG8NEf2rRKG4oalGaUII; caae4b2e6f0b15a0c19bc7fb272e1da1=mdmjo5ftkfeq8h6av6pdtfopo1; jc_frontline_tpl=jc_frontline
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: ddos-guard
Connection: keep-alive
Keep-Alive: timeout=60
Date: Mon, 22 May 2023 07:53:11 GMT
Last-Modified: Fri, 31 May 2013 15:19:34 GMT
ETag: "4601e82-2a1-4de05246a6d80"
Accept-Ranges: bytes
Content-Length: 673
Cache-Control: max-age=86400
Expires: Tue, 23 May 2023 07:53:11 GMT
Content-Type: image/gif

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (40)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML