Report - zdn.su/

Report Overview

Visited public
2024-12-12 09:37:46
Tags
URL
zdn.su/
Finishing URL
zdn.su/
IP / ASN
195.210.46.36
#48716 PS Internet Company LLP
Title
Домен припаркован в Казахстане - PS.kz

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
zdn.su	unknown	unknown	No data	No data	700 B	8.2 kB	195.210.46.36
www.ps.kz	unknown	2003-08-18	2013-01-28	2024-12-10	2.9 kB	373 kB	195.210.46.131

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Timestamp	Severity	Source IP	Destination IP	Alert
2024-12-12 09:37:23	medium	Client IP	195.210.46.36	ET POLICY HTTP Request to .su TLD (Soviet Union) Often Malware Related
2024-12-12 09:37:25	medium	Client IP	195.210.46.36	ET POLICY HTTP Request to .su TLD (Soviet Union) Often Malware Related

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

JavaScript (4)

	URL	Size	First Seen	Last Seen
	zdn.su/	128 B	2023-03-08 02:10	2024-12-26 05:31
Pretty URL zdn.su/ IP 195.210.46.36 ASN #48716 PS Internet Company LLP Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-08 02:10 Last Seen2024-12-26 05:31 Times Seen7 Hash 45ce21526561ed994fc2a2687ba0a05a 6da182ab1b54cf66af85b7eb00e5af71b95b7f66 f7298a99fe5153522c561747da4a2744ceb9791052d4edc2bbe5a02c81d98705 Loading...

	www.ps.kz/assets/javascripts/jquery-2.0.3.min.js	84 kB	2023-03-07 01:16	2024-12-26 10:05
Pretty URL www.ps.kz/assets/javascripts/jquery-2.0.3.min.js IP 195.210.46.131 ASN #48716 PS Internet Company LLP Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:16 Last Seen2024-12-26 10:05 Times Seen1551 Hash ccd0edd113b78697e04fb5c1b519a5cd a6eedf84389e1bc9f757bc2d19538f8c8d1cae9d a57b5242b9a9adc4c1ef846c365147b89c472b9cd770face331efcb965346b25 Loading...

	zdn.su/	718 B	2023-03-10 10:10	2024-12-12 09:37
Pretty URL zdn.su/ IP 195.210.46.36 ASN #48716 PS Internet Company LLP Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-10 10:10 Last Seen2024-12-12 09:37 Times Seen6 Hash d0b15980382d9630f05975f8036a5af1 b8915f350b82fcbf78a8ca6c374cb2ca3cb74c59 335f833b271883e4eb176d22bdd1137892226b5a48b627b2eed96e51579cc53f Loading...

		Size	First Seen	Last Seen
	#1 Write - 1986e337cc6340fb63336afcd42125c2	80 B	2023-03-08 02:10	2024-12-26 05:31
Pretty Observations First Seen2023-03-08 02:10 Last Seen2024-12-26 05:31 Times Seen7 Hash 1986e337cc6340fb63336afcd42125c2 4e0607cff1f8acb0113d7cfb298086dd2c4fc687 cfd90b79c0a94daafb459e6c8617cdc72fa6150cbe0fc2675f8a68f0093d90f9 Loading...

HTTP Transactions (8)

URL IP Response Size

zdn.su/

195.210.46.36

200 OK

7.5 kB

URL User Request GET HTTP/1.1
zdn.su/
IP
195.210.46.36:80
ASN
#48716 PS Internet Company LLP

File type
HTML document, Unicode text, UTF-8 text, with very long lines (4001)
Size
7.5 kB (7524 bytes)
Hash
dc3cc51e475687bcc581603dce919bf3
3371dcc0fdcfca887a129c048ef2a58877027f17
1deb71c561b9e84ce3bc102cec28b823f0c78e91632d42d43e1d44bdc376a7bd

Detections

NIDS	Severity	Alert
suricata	medium	ET POLICY HTTP Request to .su TLD (Soviet Union) Often Malware Related

HTTP Headers

GET / HTTP/1.1
Host: zdn.su
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Thu, 12 Dec 2024 09:37:23 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Thu, 11 Jul 2024 17:32:15 GMT
ETag: W/"4a72-61cfc24d4da55"
X-Content-Type-Options: nosniff
Content-Encoding: gzip

www.ps.kz/assets/images/service-pages/parked.png

195.210.46.131

200 OK

59 kB

URL GET HTTP/2
www.ps.kz/assets/images/service-pages/parked.png
IP
195.210.46.131:443
ASN
#48716 PS Internet Company LLP

Requested by
http://zdn.su/
Certificate
IssuerDigiCert Inc
Subject*.ps.kz
FingerprintDE:F6:D2:1E:D1:50:24:FD:30:9D:D7:35:E0:32:7D:09:9B:E6:64:64
ValidityTue, 09 Apr 2024 00:00:00 GMT - Tue, 08 Apr 2025 23:59:59 GMT

File type
PNG image data, 288 x 312, 8-bit/color RGBA, non-interlaced
Size
59 kB (59295 bytes)
Hash
77d17c8e1769f3aea923a41a1a8dd946
84d528ccacd050930a3b6ad60f94fb727c51cf36
40ee7e4d2ffb28aedac2d0bfa8fc9ae71824444b01c6169dfe25109fb41fe0bd

HTTP Headers

GET /assets/images/service-pages/parked.png HTTP/1.1
Host: www.ps.kz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://zdn.su/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Thu, 12 Dec 2024 09:37:23 GMT
content-type: image/png
content-length: 59295
last-modified: Fri, 06 Dec 2024 11:05:52 GMT
etag: "6752da90-e79f"
expires: Tue, 17 Dec 2024 09:37:23 GMT
cache-control: max-age=432000
access-control-allow-origin: *
accept-ranges: bytes
X-Firefox-Spdy: h2

www.ps.kz/assets/fonts/open-sans/Regular/OpenSans-Regular.woff2?v=1.1.0

195.210.46.131

200 OK

47 kB

URL GET HTTP/2
www.ps.kz/assets/fonts/open-sans/Regular/OpenSans-Regular.woff2?v=1.1.0
IP
195.210.46.131:443
ASN
#48716 PS Internet Company LLP

Requested by
http://zdn.su/
Certificate
IssuerDigiCert Inc
Subject*.ps.kz
FingerprintDE:F6:D2:1E:D1:50:24:FD:30:9D:D7:35:E0:32:7D:09:9B:E6:64:64
ValidityTue, 09 Apr 2024 00:00:00 GMT - Tue, 08 Apr 2025 23:59:59 GMT

File type
Web Open Font Format (Version 2), TrueType, length 47016, version 1.6554
Size
47 kB (47016 bytes)
Hash
55835483c304eaa8477fea2c36abba17
9b18ae04f11fc74d27f281737b23b45a4bad5937
4c1c2e95835201077586a3698cd47806dd18df10d32a1e6cb6aa9e47224a55e3

HTTP Headers

GET /assets/fonts/open-sans/Regular/OpenSans-Regular.woff2?v=1.1.0 HTTP/1.1
Host: www.ps.kz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://zdn.su
DNT: 1
Connection: keep-alive
Referer: https://www.ps.kz/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Thu, 12 Dec 2024 09:37:24 GMT
content-type: font/woff2
content-length: 47016
last-modified: Fri, 06 Dec 2024 11:05:54 GMT
etag: "6752da92-b7a8"
expires: Tue, 17 Dec 2024 09:37:24 GMT
cache-control: max-age=432000
access-control-allow-origin: *
accept-ranges: bytes
X-Firefox-Spdy: h2

www.ps.kz/assets/fonts/open-sans/Light/OpenSans-Light.woff2?v=1.1.0

195.210.46.131

200 OK

46 kB

URL GET HTTP/2
www.ps.kz/assets/fonts/open-sans/Light/OpenSans-Light.woff2?v=1.1.0
IP
195.210.46.131:443
ASN
#48716 PS Internet Company LLP

Requested by
http://zdn.su/
Certificate
IssuerDigiCert Inc
Subject*.ps.kz
FingerprintDE:F6:D2:1E:D1:50:24:FD:30:9D:D7:35:E0:32:7D:09:9B:E6:64:64
ValidityTue, 09 Apr 2024 00:00:00 GMT - Tue, 08 Apr 2025 23:59:59 GMT

File type
Web Open Font Format (Version 2), TrueType, length 45900, version 1.6554
Size
46 kB (45900 bytes)
Hash
39d27e13dce3dfe4cdc70a281ccdf113
ad2af0f0a073835100e66ee93b50def2e57a28df
1e2ca939c8ea6e474d75968c821c6b0e9a7d326dab593bb97478012372b20617

HTTP Headers

GET /assets/fonts/open-sans/Light/OpenSans-Light.woff2?v=1.1.0 HTTP/1.1
Host: www.ps.kz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://zdn.su
DNT: 1
Connection: keep-alive
Referer: https://www.ps.kz/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Thu, 12 Dec 2024 09:37:24 GMT
content-type: font/woff2
content-length: 45900
last-modified: Fri, 06 Dec 2024 11:05:54 GMT
etag: "6752da92-b34c"
expires: Tue, 17 Dec 2024 09:37:24 GMT
cache-control: max-age=432000
access-control-allow-origin: *
accept-ranges: bytes
X-Firefox-Spdy: h2

www.ps.kz/assets/fonts/open-sans/Bold/OpenSans-Bold.woff2?v=1.1.0

195.210.46.131

200 OK

47 kB

URL GET HTTP/2
www.ps.kz/assets/fonts/open-sans/Bold/OpenSans-Bold.woff2?v=1.1.0
IP
195.210.46.131:443
ASN
#48716 PS Internet Company LLP

Requested by
http://zdn.su/
Certificate
IssuerDigiCert Inc
Subject*.ps.kz
FingerprintDE:F6:D2:1E:D1:50:24:FD:30:9D:D7:35:E0:32:7D:09:9B:E6:64:64
ValidityTue, 09 Apr 2024 00:00:00 GMT - Tue, 08 Apr 2025 23:59:59 GMT

File type
Web Open Font Format (Version 2), TrueType, length 46676, version 1.6554
Size
47 kB (46676 bytes)
Hash
3326e4d74d3924ee1c882c29f5b571c0
074d6e274d90a1b510d6eff3a5f8d26f567c1575
c1c24d6a7ce4bd24b1f3f51ab6f74667c94263fa4b109cc3ff32f4f22848087f

HTTP Headers

GET /assets/fonts/open-sans/Bold/OpenSans-Bold.woff2?v=1.1.0 HTTP/1.1
Host: www.ps.kz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://zdn.su
DNT: 1
Connection: keep-alive
Referer: https://www.ps.kz/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Thu, 12 Dec 2024 09:37:24 GMT
content-type: font/woff2
content-length: 46676
last-modified: Fri, 06 Dec 2024 11:05:54 GMT
etag: "6752da92-b654"
expires: Tue, 17 Dec 2024 09:37:24 GMT
cache-control: max-age=432000
access-control-allow-origin: *
accept-ranges: bytes
X-Firefox-Spdy: h2

zdn.su/favicon.ico

195.210.46.36

404 Not Found

196 B

URL GET HTTP/1.1
zdn.su/favicon.ico
IP
195.210.46.36:80
ASN
#48716 PS Internet Company LLP

Requested by
http://zdn.su/

File type
HTML document, ASCII text
Size
196 B (196 bytes)
Hash
62962daa1b19bbcc2db10b7bfd531ea6
d64bae91091eda6a7532ebec06aa70893b79e1f8
80c3fe2ae1062abf56456f52518bd670f9ec3917b7f85e152b347ac6b6faf880

Detections

NIDS	Severity	Alert
suricata	medium	ET POLICY HTTP Request to .su TLD (Soviet Union) Often Malware Related

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: zdn.su
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://zdn.su/
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 404 Not Found
Server: nginx
Date: Thu, 12 Dec 2024 09:37:24 GMT
Content-Type: text/html; charset=iso-8859-1
Content-Length: 196
Connection: keep-alive
Vary: Accept-Encoding

www.ps.kz/assets/stylesheets/service-pages.min.css

195.210.46.131

200 OK

89 kB

URL GET HTTP/2
www.ps.kz/assets/stylesheets/service-pages.min.css
IP
195.210.46.131:443
ASN
#48716 PS Internet Company LLP

Requested by
http://zdn.su/
Certificate
IssuerDigiCert Inc
Subject*.ps.kz
FingerprintDE:F6:D2:1E:D1:50:24:FD:30:9D:D7:35:E0:32:7D:09:9B:E6:64:64
ValidityTue, 09 Apr 2024 00:00:00 GMT - Tue, 08 Apr 2025 23:59:59 GMT

File type

Size
89 kB (88564 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /assets/stylesheets/service-pages.min.css HTTP/1.1
Host: www.ps.kz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://zdn.su/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Thu, 12 Dec 2024 09:37:23 GMT
content-type: text/css
last-modified: Fri, 06 Dec 2024 11:05:53 GMT
vary: Accept-Encoding
etag: W/"6752da91-159f4"
expires: Tue, 17 Dec 2024 09:37:23 GMT
cache-control: max-age=432000
access-control-allow-origin: *
content-encoding: gzip
X-Firefox-Spdy: h2

www.ps.kz/assets/javascripts/jquery-2.0.3.min.js

195.210.46.131

200 OK

84 kB

URL GET HTTP/2
www.ps.kz/assets/javascripts/jquery-2.0.3.min.js
IP
195.210.46.131:443
ASN
#48716 PS Internet Company LLP

Requested by
http://zdn.su/
Certificate
IssuerDigiCert Inc
Subject*.ps.kz
FingerprintDE:F6:D2:1E:D1:50:24:FD:30:9D:D7:35:E0:32:7D:09:9B:E6:64:64
ValidityTue, 09 Apr 2024 00:00:00 GMT - Tue, 08 Apr 2025 23:59:59 GMT

File type
JavaScript source, ASCII text, with very long lines (32023)
Size
84 kB (83606 bytes)
Hash
ccd0edd113b78697e04fb5c1b519a5cd
a6eedf84389e1bc9f757bc2d19538f8c8d1cae9d
a57b5242b9a9adc4c1ef846c365147b89c472b9cd770face331efcb965346b25

HTTP Headers

GET /assets/javascripts/jquery-2.0.3.min.js HTTP/1.1
Host: www.ps.kz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://zdn.su/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Thu, 12 Dec 2024 09:37:24 GMT
content-type: application/javascript
last-modified: Fri, 06 Dec 2024 11:05:53 GMT
vary: Accept-Encoding
etag: W/"6752da91-14696"
expires: Tue, 17 Dec 2024 09:37:24 GMT
cache-control: max-age=432000
access-control-allow-origin: *
content-encoding: gzip
X-Firefox-Spdy: h2

Report Overview

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

Quad9 DNS

ThreatFox

JavaScript (4)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

Observations

Hash

HTTP Transactions (8)

URL User Request GET HTTP/1.1

IP

ASN

File type

Size

Hash

Detections

HTTP Headers

URL GET HTTP/2

IP

ASN

Requested by

Certificate

File type

Size

Hash

HTTP Headers

URL GET HTTP/2

IP

ASN

Requested by

Certificate

File type

Size

Hash

HTTP Headers

URL GET HTTP/2

IP

ASN

Requested by

Certificate

File type

Size

Hash

HTTP Headers

URL GET HTTP/2

IP

ASN

Requested by

Certificate

File type

Size

Hash

HTTP Headers