| live-khl.ru/index-cfdc21d6.js | 172.67.178.173 | 200 OK | 55 kB |
URL GET HTTP/3live-khl.ru/index-cfdc21d6.js IP172.67.178.173:443
Requested byhttps://live-khl.ru/ball/auth CertificateIssuerGoogle Trust Services LLC Subjectlive-khl.ru Fingerprint17:D6:DD:44:98:4B:A8:AD:42:84:C1:E9:99:F4:9D:7E:67:68:71:79 ValidityFri, 12 Apr 2024 11:32:57 GMT - Thu, 11 Jul 2024 11:32:56 GMT
File typeJavaScript source, Unicode text, UTF-8 text, with very long lines (63446), with no line terminators Hash5cefe6135c0afadfd3c005ab2ad85013 8684b4d5fa1d5cef6a87cd28844e2bb31e987aa3 57073d770568974e7355a527fb00eb9483e2a4115739810daab71c6d3e7fa77d
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /index-cfdc21d6.js HTTP/1.1
Host: live-khl.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://live-khl.ru/ball/auth
Cookie: PHPSESSID=6cdjihdhfc66ivfj3dmeo819n6
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Tue, 16 Apr 2024 23:43:29 GMT
content-type: application/javascript
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
vary: Accept-Encoding
cf-cache-status: BYPASS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=9X9uWyCBojlhoKBZIXLrZuLzaSp%2FmtQ6rRU%2FPb4nadrfDZDEse%2Fe9OEZuAPkasA%2BLDTS9VFY33DWWDJbXe3dxim6AA92RYTQUIzVMbhj4425yOuRrz%2FDV%2FbuCd38bg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 875809adcbad5689-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| live-khl.ru/asset/img/favicon-16x16.png?v=jw3mK7G9Ry | 172.67.178.173 | 200 OK | 1.0 kB |
URL GET HTTP/3live-khl.ru/asset/img/favicon-16x16.png?v=jw3mK7G9Ry IP172.67.178.173:443
Requested byhttps://live-khl.ru/ball/auth CertificateIssuerGoogle Trust Services LLC Subjectlive-khl.ru Fingerprint17:D6:DD:44:98:4B:A8:AD:42:84:C1:E9:99:F4:9D:7E:67:68:71:79 ValidityFri, 12 Apr 2024 11:32:57 GMT - Thu, 11 Jul 2024 11:32:56 GMT
File typePNG image data, 16 x 16, 8-bit colormap, non-interlaced Hashe3ce05eb00b3215df220efaf0fd06e21 d1533966f79dc2984c34317035f31cf3c91298c9 0d67b7e8ea46e3c959329a0e79a8c8b236187f452edc7049524245e4aa6bee21
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /asset/img/favicon-16x16.png?v=jw3mK7G9Ry HTTP/1.1
Host: live-khl.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://live-khl.ru/ball/auth
Cookie: PHPSESSID=6cdjihdhfc66ivfj3dmeo819n6
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Tue, 16 Apr 2024 23:43:29 GMT
content-type: image/png
content-length: 1012
last-modified: Thu, 07 Dec 2023 12:00:12 GMT
etag: "3f4-60bea35c583a7"
cache-control: max-age=14400
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=MPDaXL90k59O%2BBYpf2SSbGeB1l8bEjb1XVc%2FpkjSrGeQa0LMj%2Bpu2yaz25onIHQdWkxqGPDewvAA8Pr498qw%2B1aSEGQ3ZCFKtBn%2FWXQ7eXuLqtSNKGOKCi92x7tbdw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 875809b0cceb5689-OSL
alt-svc: h3=":443"; ma=86400
|
|
| live-khl.ru/asset/img/android-chrome-192x192.png?v=jw3mK7G9Ry | 172.67.178.173 | 200 OK | 9.0 kB |
URL GET HTTP/3live-khl.ru/asset/img/android-chrome-192x192.png?v=jw3mK7G9Ry IP172.67.178.173:443
Requested byhttps://live-khl.ru/ball/auth CertificateIssuerGoogle Trust Services LLC Subjectlive-khl.ru Fingerprint17:D6:DD:44:98:4B:A8:AD:42:84:C1:E9:99:F4:9D:7E:67:68:71:79 ValidityFri, 12 Apr 2024 11:32:57 GMT - Thu, 11 Jul 2024 11:32:56 GMT
File typePNG image data, 192 x 192, 8-bit/color RGBA, non-interlaced Hash87fecdadac0beb95f9b7c87b3b3236f0 822f92446c0033a32462aa21208efaef1f0d8c3c 25aa724658da8e71f5cc7c35ccbb43075866af5bed964edb09979caace667b0b
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /asset/img/android-chrome-192x192.png?v=jw3mK7G9Ry HTTP/1.1
Host: live-khl.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://live-khl.ru/ball/auth
Cookie: PHPSESSID=6cdjihdhfc66ivfj3dmeo819n6
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Tue, 16 Apr 2024 23:43:29 GMT
content-type: image/png
content-length: 9024
last-modified: Thu, 07 Dec 2023 12:00:13 GMT
etag: "2340-60bea35cf4797"
cache-control: max-age=14400
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=CM7ifjtTJgNc86sgOQmaTgBXYE5pr8frblUlV%2Fu0aVK5SRy7ti8tDH%2B0y2QX8Y2yxWc%2BKYSViKbTguT0mQJmNq%2BPHL0rlZZPgG5MfyUXrweJmn%2BtpMLLqZa5KeHLDQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 875809b0ccea5689-OSL
alt-svc: h3=":443"; ma=86400
|
|
| live-khl.ru/pageSignQR-55e34e76.js | 172.67.178.173 | 200 OK | 3.0 kB |
URL GET HTTP/3live-khl.ru/pageSignQR-55e34e76.js IP172.67.178.173:443
Requested byhttps://live-khl.ru/ball/auth CertificateIssuerGoogle Trust Services LLC Subjectlive-khl.ru Fingerprint17:D6:DD:44:98:4B:A8:AD:42:84:C1:E9:99:F4:9D:7E:67:68:71:79 ValidityFri, 12 Apr 2024 11:32:57 GMT - Thu, 11 Jul 2024 11:32:56 GMT
File typeJava source, ASCII text, with very long lines (5536) Hash908a426b097ed038bf16088bb70c4d0a 51b080072f896e324ba8a2229e9303364354326d 96e7ecf00e95236690fe564fcef37e9a3f856d7731085dd856eec61a50720216
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /pageSignQR-55e34e76.js HTTP/1.1
Host: live-khl.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://live-khl.ru/ball/auth
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Tue, 16 Apr 2024 23:43:29 GMT
content-type: text/javascript
last-modified: Thu, 07 Dec 2023 12:18:00 GMT
etag: W/"15d1-60bea7564f1c9-gzip"
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=rKCiP56s8z5M3leRDHWKxDc8H1rftBgwM5x9rEcFrnqTXw%2BUhbAElNgbHrvHMe15eGIDTtSjAIj1zzGTSXMhUQdqVNaE%2BNzNIV69k97XrkM2SmnD8hn7vouUHxNKdA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 875809b0ecfe5689-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| kws2.web.telegram.org/apiws | 149.154.167.99 | | 0 B |
URL kws2.web.telegram.org/apiws IP149.154.167.99:0 ASN#62041 Telegram Messenger Inc
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /apiws HTTP/1.1
Host: kws2.web.telegram.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: https://live-khl.ru
Sec-WebSocket-Protocol: binary
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: FHJktnWJvEdbchSUpUqj9Q==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Server: nginx/1.18.0
Date: Tue, 16 Apr 2024 23:43:29 GMT
Connection: upgrade
Upgrade: websocket
Sec-WebSocket-Accept: +ePCVEBGOxqDSxlugJ98jCHc3tI=
Sec-WebSocket-Protocol: binary
|
|
| live-khl.ru/page-49e139d4.js | 172.67.178.173 | 200 OK | 33 kB |
URL GET HTTP/3live-khl.ru/page-49e139d4.js IP172.67.178.173:443
Requested byhttps://live-khl.ru/ball/auth CertificateIssuerGoogle Trust Services LLC Subjectlive-khl.ru Fingerprint17:D6:DD:44:98:4B:A8:AD:42:84:C1:E9:99:F4:9D:7E:67:68:71:79 ValidityFri, 12 Apr 2024 11:32:57 GMT - Thu, 11 Jul 2024 11:32:56 GMT
File typeASCII text, with very long lines (10193) Hash6ccaefefec5a957c2d80fe5f97c8098b bf1eda880c524c21f78ff0424592f81fba4214ab 65659681146410adb22da9de126db5da27eb6032631d55c1c2bedebabd8e8f5f
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /page-49e139d4.js HTTP/1.1
Host: live-khl.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://live-khl.ru/pageSignQR-55e34e76.js
Cookie: PHPSESSID=6cdjihdhfc66ivfj3dmeo819n6
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Tue, 16 Apr 2024 23:43:29 GMT
content-type: text/javascript
last-modified: Thu, 07 Dec 2023 12:17:59 GMT
etag: W/"27fc-60bea755a62ba-gzip"
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: HIT
age: 0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2Btu8k1b6TlhcWCFiTE2ZHe6X4VWYuGg7lIH0iL%2Fif%2BzGIzJmVAm8tbBr0RzD%2FCSMJMfZ3bPe77L1w59dBGzAuhzjbI6mbZtg%2BA8vS2LGbd8UuFba3lmfWuTyRAMdSQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 875809b17d435689-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| venus.web.telegram.org/apiw1 | 149.154.167.99 | | 169 B |
URL venus.web.telegram.org/apiw1 IP149.154.167.99:0 ASN#62041 Telegram Messenger Inc
File typeHTML document, ASCII text, with CRLF line terminators Hashc2a982d42f89274763eef2a44fe01030 86e6d53f6478cdd0c05611093d9c55a953454af7 d8b55de3a4d5331f3b450a86bb907afe17dc964adca30f39d101a3d55a4a9d6a
POST /apiw1 HTTP/1.1
Host: venus.web.telegram.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://live-khl.ru/
Content-Length: 0
Origin: https://live-khl.ru
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 404 Not Found
server: nginx/1.18.0
date: Tue, 16 Apr 2024 23:43:31 GMT
content-type: text/html
content-length: 169
pragma: no-cache
cache-control: no-store
access-control-allow-origin: *
access-control-allow-methods: POST, OPTIONS
access-control-allow-headers: origin, content-type
access-control-max-age: 1728000
X-Firefox-Spdy: h2
|
|
| kws2.web.telegram.org/apiws | 149.154.167.99 | | 0 B |
URL kws2.web.telegram.org/apiws IP149.154.167.99:0 ASN#62041 Telegram Messenger Inc
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /apiws HTTP/1.1
Host: kws2.web.telegram.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: https://live-khl.ru
Sec-WebSocket-Protocol: binary
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: AIGDpHu9EJDC2650cwxXjg==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Server: nginx/1.18.0
Date: Tue, 16 Apr 2024 23:43:31 GMT
Connection: upgrade
Upgrade: websocket
Sec-WebSocket-Accept: Z1tV/uthTARLKCFuEpSys35zrrY=
Sec-WebSocket-Protocol: binary
|
|
| kws2.web.telegram.org/apiws | 149.154.167.99 | | 0 B |
URL kws2.web.telegram.org/apiws IP149.154.167.99:0 ASN#62041 Telegram Messenger Inc
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /apiws HTTP/1.1
Host: kws2.web.telegram.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: https://live-khl.ru
Sec-WebSocket-Protocol: binary
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: Xx6FM/EULCiTdY+doSMqfA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Server: nginx/1.18.0
Date: Tue, 16 Apr 2024 23:43:31 GMT
Connection: upgrade
Upgrade: websocket
Sec-WebSocket-Accept: NvnfvlU7nosOenaJN54YsKOIAtc=
Sec-WebSocket-Protocol: binary
|
|
| live-khl.ru/pageSignQR-55e34e76.js | 172.67.178.173 | 200 OK | 12 kB |
URL GET HTTP/3live-khl.ru/pageSignQR-55e34e76.js IP172.67.178.173:443
Requested byhttps://live-khl.ru/ball/auth CertificateIssuerGoogle Trust Services LLC Subjectlive-khl.ru Fingerprint17:D6:DD:44:98:4B:A8:AD:42:84:C1:E9:99:F4:9D:7E:67:68:71:79 ValidityFri, 12 Apr 2024 11:32:57 GMT - Thu, 11 Jul 2024 11:32:56 GMT
File typeJava source, ASCII text, with very long lines (5536) Hash908a426b097ed038bf16088bb70c4d0a 51b080072f896e324ba8a2229e9303364354326d 96e7ecf00e95236690fe564fcef37e9a3f856d7731085dd856eec61a50720216
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /pageSignQR-55e34e76.js HTTP/1.1
Host: live-khl.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://live-khl.ru/index-cfdc21d6.js
Cookie: PHPSESSID=6cdjihdhfc66ivfj3dmeo819n6
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Tue, 16 Apr 2024 23:43:29 GMT
content-type: text/javascript
last-modified: Thu, 07 Dec 2023 12:18:00 GMT
etag: W/"15d1-60bea7564f1c9-gzip"
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=e3AMfRfRJAqQG3Q%2FAjWAhcfhWjt7pcTu1bYykzEcRlTfP5F6z3JEjQi4FwR2cn89xeZp01uIuqSv6lE2jZ2wLOubMECuu%2FX%2Fr%2Fps6PeQiQkZcLyueOCmztj6rS6k1w%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 875809b0fd085689-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| live-khl.ru/button-1a8a4b7d.js | 172.67.178.173 | 200 OK | 10 kB |
URL GET HTTP/3live-khl.ru/button-1a8a4b7d.js IP172.67.178.173:443
Requested byhttps://live-khl.ru/ball/auth CertificateIssuerGoogle Trust Services LLC Subjectlive-khl.ru Fingerprint17:D6:DD:44:98:4B:A8:AD:42:84:C1:E9:99:F4:9D:7E:67:68:71:79 ValidityFri, 12 Apr 2024 11:32:57 GMT - Thu, 11 Jul 2024 11:32:56 GMT
File typeASCII text, with very long lines (8465) Hashdb2fcb1faf0ad3210f38a9dbeffebfbf a248f132d7662f64581bbd4a05756283345b6261 c8fff421d8b23fd9ddbf046f1c63d411ab15ee745fadc28bf1851d156514fae8
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /button-1a8a4b7d.js HTTP/1.1
Host: live-khl.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://live-khl.ru/ball/auth
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Tue, 16 Apr 2024 23:43:29 GMT
content-type: text/javascript
last-modified: Thu, 07 Dec 2023 12:17:56 GMT
etag: W/"213e-60bea753016e0-gzip"
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=UfwD00Q7JuoATtItlel97x04Lx6D5ATwEhLEL256mzrvfirEhqHLEntA%2F4cCJLOQH7cCMP1N2GgPKLF%2F9BLHtIjYJoTd7uQ%2BGrgsZ1qJh%2BcBGx4PNAIKzSphfFjQ7w%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 875809b0fd015689-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| live-khl.ru/textToSvgURL-c6ebb454.js | 172.67.178.173 | 200 OK | 10 kB |
URL GET HTTP/3live-khl.ru/textToSvgURL-c6ebb454.js IP172.67.178.173:443
Requested byhttps://live-khl.ru/ball/auth CertificateIssuerGoogle Trust Services LLC Subjectlive-khl.ru Fingerprint17:D6:DD:44:98:4B:A8:AD:42:84:C1:E9:99:F4:9D:7E:67:68:71:79 ValidityFri, 12 Apr 2024 11:32:57 GMT - Thu, 11 Jul 2024 11:32:56 GMT
File typeASCII text, with very long lines (306) Hashdb363d8053c3aa976b2e2162860d6932 fef1a8b065868caacf63184d97c10aaf10ec6a28 62ba5e078c4aaa3ff5c8c24cb8216de89afaa7dd10bfd364a0396913bbd34663
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /textToSvgURL-c6ebb454.js HTTP/1.1
Host: live-khl.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://live-khl.ru/ball/auth
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Tue, 16 Apr 2024 23:43:29 GMT
content-type: text/javascript
last-modified: Thu, 07 Dec 2023 12:18:01 GMT
etag: W/"165-60bea757c61a2-gzip"
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=O5rU4R2LKX%2BOx1RrVECKr1qkfVtZ%2BCiHoiNW7EVCD8U8Ra1gW1CS0cO2UsGptW3c%2FxLOPbKY%2BmSQLgdOj0pFcpSYLsQ7eZpbVt8pI1jeQ49nlGLknXQxpkcX4oZ6og%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 875809b0fd075689-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| live-khl.ru/putPreloader-ae29ef38.js | 172.67.178.173 | 200 OK | 699 B |
URL GET HTTP/3live-khl.ru/putPreloader-ae29ef38.js IP172.67.178.173:443
Requested byhttps://live-khl.ru/ball/auth CertificateIssuerGoogle Trust Services LLC Subjectlive-khl.ru Fingerprint17:D6:DD:44:98:4B:A8:AD:42:84:C1:E9:99:F4:9D:7E:67:68:71:79 ValidityFri, 12 Apr 2024 11:32:57 GMT - Thu, 11 Jul 2024 11:32:56 GMT
File typeASCII text, with very long lines (736), with no line terminators Hashcf9e4f7c2e108253b09f1f704d067045 298d923ef22804845e9e5b4d8771b4ca5e946365 fbf0df8e2e3349d955976a5f574da93bd6183fd4d6bfbdf66cd89007a7cb2aa3
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /putPreloader-ae29ef38.js HTTP/1.1
Host: live-khl.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://live-khl.ru/pageSignQR-55e34e76.js
Cookie: PHPSESSID=6cdjihdhfc66ivfj3dmeo819n6
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 16 Apr 2024 23:43:29 GMT
content-type: text/javascript
last-modified: Thu, 07 Dec 2023 12:18:00 GMT
etag: W/"2bb-60bea756c351c-gzip"
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: HIT
age: 0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=I5XqEQ7BTRp5D7SP8BFsSInaOi8LWA5j3mIU7I65uGrgMKWTUG0OyyB0n%2Bi70%2Be%2Bs%2F%2B76nS7lZDc4P%2Bc8duOgEVt7w5ym2ueCzH1j%2F%2F8MGTwsT3ZIgsWgnIcHuvGcQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 875809b17d465689-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| live-khl.ru/qr-code-styling-8a04fb73.js | 172.67.178.173 | 200 OK | 66 kB |
URL GET HTTP/3live-khl.ru/qr-code-styling-8a04fb73.js IP172.67.178.173:443
Requested byhttps://live-khl.ru/ball/auth CertificateIssuerGoogle Trust Services LLC Subjectlive-khl.ru Fingerprint17:D6:DD:44:98:4B:A8:AD:42:84:C1:E9:99:F4:9D:7E:67:68:71:79 ValidityFri, 12 Apr 2024 11:32:57 GMT - Thu, 11 Jul 2024 11:32:56 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /qr-code-styling-8a04fb73.js HTTP/1.1
Host: live-khl.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://live-khl.ru/ball/auth
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 16 Apr 2024 23:43:29 GMT
content-type: text/javascript
last-modified: Thu, 07 Dec 2023 12:18:00 GMT
etag: W/"102a9-60bea756f2318-gzip"
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=R3RrDYv85W83EdFH2sKyeW9FVfy%2Bvvpb0l1hLu5am2gR006Kcm0JvnLHMKwGQnm4UIddiaqsEa7kcgDVtkkMfj%2F%2BbB%2FWbiVihCcpEzuTPAsK8Y4%2Fx%2FFEyg9QkkcZRw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 875809b19d5f5689-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| live-khl.ru/asset/fonts/KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2 | 172.67.178.173 | 200 OK | 11 kB |
URL GET HTTP/3live-khl.ru/asset/fonts/KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2 IP172.67.178.173:443
Requested byhttps://live-khl.ru/ball/auth CertificateIssuerGoogle Trust Services LLC Subjectlive-khl.ru Fingerprint17:D6:DD:44:98:4B:A8:AD:42:84:C1:E9:99:F4:9D:7E:67:68:71:79 ValidityFri, 12 Apr 2024 11:32:57 GMT - Thu, 11 Jul 2024 11:32:56 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 11016, version 1.0 Hash15fa3062f8929bd3b05fdca5259db412 6ff06a34f68ad0324ddec1bbe4d453c959178b36 5d1bc9b443f3f81fa4b4ad4634c1bb9702194c1898e3a9de0ab5e2cdc0e9f479
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /asset/fonts/KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2 HTTP/1.1
Host: live-khl.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://live-khl.ru/index-91acc02b.css
Cookie: PHPSESSID=6cdjihdhfc66ivfj3dmeo819n6
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 16 Apr 2024 23:43:29 GMT
content-type: font/woff2
content-length: 11016
last-modified: Thu, 07 Dec 2023 12:00:17 GMT
etag: "2b08-60bea3608c5f8"
cache-control: max-age=14400
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=fZGPu6BP9GpYyG7TIjsFHBnnfLEhawFe5BFgYrKZ5kB0t2u%2FKbnvnaWaUamGsb%2FKcsbCCkoLgtUMOv7B%2BghB8DFzhNBREyOOFcs2xQdP5aFNKajh43aXI8AeCJ3RoQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 875809afcc8c5689-OSL
alt-svc: h3=":443"; ma=86400
|
|
| live-khl.ru/crypto.worker-b2b2021e.js | 172.67.178.173 | 200 OK | 69 kB |
URL GET HTTP/3live-khl.ru/crypto.worker-b2b2021e.js IP172.67.178.173:443
Requested byhttps://live-khl.ru/ball/auth CertificateIssuerGoogle Trust Services LLC Subjectlive-khl.ru Fingerprint17:D6:DD:44:98:4B:A8:AD:42:84:C1:E9:99:F4:9D:7E:67:68:71:79 ValidityFri, 12 Apr 2024 11:32:57 GMT - Thu, 11 Jul 2024 11:32:56 GMT
File typeJavaScript source, ASCII text, with very long lines (65536), with no line terminators Hash061a201747d764fcd611ff886b2b27ef d0fbcab1a5c52c5c38f46b2ed048cf8637716686 58fafa3a075d804360271b6b081e9c3c46ba344659ef3cb10d5561afc1147448
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /crypto.worker-b2b2021e.js HTTP/1.1
Host: live-khl.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://live-khl.ru/ball/auth
DNT: 1
Connection: keep-alive
Cookie: PHPSESSID=6cdjihdhfc66ivfj3dmeo819n6
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 16 Apr 2024 23:43:29 GMT
content-type: text/javascript
last-modified: Thu, 07 Dec 2023 12:17:57 GMT
etag: W/"10ced-60bea75382553-gzip"
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=TnnOHorT1YoF2ic9ijvcC6%2F2c7qiA%2FXi7CW5yjfHB%2F3Oh0ia88GaTjAmPCpBEWYUcxTxcmOYdVavXg%2FchCLy55%2BxWvanQ%2FEDdn0H7ilWIqalT%2BaREEXVIQ8EJFzIIA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 875809afdc9c5689-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| live-khl.ru/langSign-66e8939d.js | 172.67.178.173 | 200 OK | 1.6 kB |
URL GET HTTP/3live-khl.ru/langSign-66e8939d.js IP172.67.178.173:443
Requested byhttps://live-khl.ru/ball/auth CertificateIssuerGoogle Trust Services LLC Subjectlive-khl.ru Fingerprint17:D6:DD:44:98:4B:A8:AD:42:84:C1:E9:99:F4:9D:7E:67:68:71:79 ValidityFri, 12 Apr 2024 11:32:57 GMT - Thu, 11 Jul 2024 11:32:56 GMT
File typeASCII text, with very long lines (1751), with no line terminators Hash0d55451ee39b2aa034b815696a9b13ad 6144047d9652181c02b1e107703a9851ba5838ae 6efafb0c9358c1754c8d06ee1049bae36ff61108eb534f6c79a94d8b62f5b8f2
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /langSign-66e8939d.js HTTP/1.1
Host: live-khl.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://live-khl.ru/index-cfdc21d6.js
Cookie: PHPSESSID=6cdjihdhfc66ivfj3dmeo819n6
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 16 Apr 2024 23:43:29 GMT
content-type: text/javascript
last-modified: Thu, 07 Dec 2023 12:17:58 GMT
etag: W/"66e-60bea755263e7-gzip"
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=KXy49wjAqEgA3aPAdGx%2FsmHNew4PALw6n5lh4433sC1v%2Ft3qw5hNG0u%2BTzRTOJYFWm83c%2FLH8km6k%2F45I7rTuZchHRMOakAN%2BbbdAvr7xdoKWS9DGHQS%2BELHogJE%2Bw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 875809b00ca85689-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| live-khl.ru/putPreloader-ae29ef38.js | 172.67.178.173 | 200 OK | 699 B |
URL GET HTTP/3live-khl.ru/putPreloader-ae29ef38.js IP172.67.178.173:443
Requested byhttps://live-khl.ru/ball/auth CertificateIssuerGoogle Trust Services LLC Subjectlive-khl.ru Fingerprint17:D6:DD:44:98:4B:A8:AD:42:84:C1:E9:99:F4:9D:7E:67:68:71:79 ValidityFri, 12 Apr 2024 11:32:57 GMT - Thu, 11 Jul 2024 11:32:56 GMT
File typeASCII text, with very long lines (736), with no line terminators Hashcf9e4f7c2e108253b09f1f704d067045 298d923ef22804845e9e5b4d8771b4ca5e946365 fbf0df8e2e3349d955976a5f574da93bd6183fd4d6bfbdf66cd89007a7cb2aa3
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /putPreloader-ae29ef38.js HTTP/1.1
Host: live-khl.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://live-khl.ru/ball/auth
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 16 Apr 2024 23:43:29 GMT
content-type: text/javascript
last-modified: Thu, 07 Dec 2023 12:18:00 GMT
etag: W/"2bb-60bea756c351c-gzip"
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=oJDbHbOwK6gheI3ReM%2FB1CNwrcYzyhNcpBj%2F8w4GSvig%2BhuFEVmn2IgwzefaqpEvbBuvggoZgq1PfMRq23V48sz1ybJwaNuQ3bGcHJms3EpkKmCUaezF0KE9x2Lmkg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 875809b0fd025689-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| live-khl.ru/countries-5301fc59.js | 172.67.178.173 | 200 OK | 24 kB |
URL GET HTTP/3live-khl.ru/countries-5301fc59.js IP172.67.178.173:443
Requested byhttps://live-khl.ru/ball/auth CertificateIssuerGoogle Trust Services LLC Subjectlive-khl.ru Fingerprint17:D6:DD:44:98:4B:A8:AD:42:84:C1:E9:99:F4:9D:7E:67:68:71:79 ValidityFri, 12 Apr 2024 11:32:57 GMT - Thu, 11 Jul 2024 11:32:56 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /countries-5301fc59.js HTTP/1.1
Host: live-khl.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://live-khl.ru/index-cfdc21d6.js
Cookie: PHPSESSID=6cdjihdhfc66ivfj3dmeo819n6
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 16 Apr 2024 23:43:29 GMT
content-type: text/javascript
last-modified: Thu, 07 Dec 2023 12:17:56 GMT
etag: W/"5e21-60bea7533cffa-gzip"
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=yNl5h84u9mM1IxUhy%2B%2FxdbtaWwCYrTd6DSEqJw7Qc0xYcrYx4mtwPy0dCVEoO%2F6fussOxpdlrQok3WWXe%2FAOtGf30%2Fi2vt9R8r4rYSSi4By%2BFK1BGwm54D9mDllbwQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 875809b00ca95689-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| live-khl.ru/asset/fonts/KFOlCnqEu92Fr1MmEU9fBBc4AMP6lQ.woff2 | 172.67.178.173 | 200 OK | 11 kB |
URL GET HTTP/3live-khl.ru/asset/fonts/KFOlCnqEu92Fr1MmEU9fBBc4AMP6lQ.woff2 IP172.67.178.173:443
Requested byhttps://live-khl.ru/ball/auth CertificateIssuerGoogle Trust Services LLC Subjectlive-khl.ru Fingerprint17:D6:DD:44:98:4B:A8:AD:42:84:C1:E9:99:F4:9D:7E:67:68:71:79 ValidityFri, 12 Apr 2024 11:32:57 GMT - Thu, 11 Jul 2024 11:32:56 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 11056, version 1.0 Hash07db243db21ed0a6b4ff05ff429686b7 5d62925fdd7ed8e80f206d095ed093994f13d276 ce897833ac6e362df7c91ac8223fe511c6defcf33964928a81004600a2dd4c2e
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /asset/fonts/KFOlCnqEu92Fr1MmEU9fBBc4AMP6lQ.woff2 HTTP/1.1
Host: live-khl.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://live-khl.ru/index-91acc02b.css
Cookie: PHPSESSID=6cdjihdhfc66ivfj3dmeo819n6
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 16 Apr 2024 23:43:31 GMT
content-type: font/woff2
content-length: 11056
last-modified: Thu, 07 Dec 2023 12:00:17 GMT
etag: "2b30-60bea360ae8d4"
cache-control: max-age=14400
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=SB1CQjMrK9HVFn1cHkU4u7nL4I6qB%2B2dn6fC%2BA%2BwYb1PWgcbAISqwfCU7ETDxdzGK%2F5P7MbRSe0c9lFH7Dw7qzY04ZkBB1nVa8bhtstI2d6k%2BLYAZi7SIkPPhgrC6A%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 875809bd3a115689-OSL
alt-svc: h3=":443"; ma=86400
|
|
| live-khl.ru/asset/img/logo_padded.svg | 172.67.178.173 | 200 OK | 1.1 kB |
URL GET HTTP/3live-khl.ru/asset/img/logo_padded.svg IP172.67.178.173:443
Requested byhttps://live-khl.ru/ball/auth CertificateIssuerGoogle Trust Services LLC Subjectlive-khl.ru Fingerprint17:D6:DD:44:98:4B:A8:AD:42:84:C1:E9:99:F4:9D:7E:67:68:71:79 ValidityFri, 12 Apr 2024 11:32:57 GMT - Thu, 11 Jul 2024 11:32:56 GMT
File typeSVG Scalable Vector Graphics image Hash4c0b48654a4881c325148a5e00964160 d7d21756c9dd4c1bf4d97087811745aad60506a0 7583a3643a9480ab4d81dd46b700cf3a38ebdd94af1a6059d2b6a3ecff8a65c5
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /asset/img/logo_padded.svg HTTP/1.1
Host: live-khl.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://live-khl.ru/ball/auth
DNT: 1
Connection: keep-alive
Cookie: PHPSESSID=6cdjihdhfc66ivfj3dmeo819n6
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 16 Apr 2024 23:43:33 GMT
content-type: image/svg+xml
last-modified: Thu, 07 Dec 2023 12:00:14 GMT
etag: W/"42d-60bea35daff83"
cache-control: max-age=14400
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=JefjNteGEB2VTAe%2BPuBfoH3rJPMGFbyrfWy%2BHSL0bB0XKqmShWKyTx13pZC2yeeOjrC4A6N2qVnp2G4BvU2AchPDZ1uyJwQuD9%2BflYSifBRLtGvHO20ulhbJKA%2B5SQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 875809ca0f255689-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| live-khl.ru/qr-code-styling-8a04fb73.js | 172.67.178.173 | 200 OK | 66 kB |
URL GET HTTP/3live-khl.ru/qr-code-styling-8a04fb73.js IP172.67.178.173:443
Requested byhttps://live-khl.ru/ball/auth CertificateIssuerGoogle Trust Services LLC Subjectlive-khl.ru Fingerprint17:D6:DD:44:98:4B:A8:AD:42:84:C1:E9:99:F4:9D:7E:67:68:71:79 ValidityFri, 12 Apr 2024 11:32:57 GMT - Thu, 11 Jul 2024 11:32:56 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /qr-code-styling-8a04fb73.js HTTP/1.1
Host: live-khl.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://live-khl.ru/pageSignQR-55e34e76.js
Cookie: PHPSESSID=6cdjihdhfc66ivfj3dmeo819n6
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 16 Apr 2024 23:43:29 GMT
content-type: text/javascript
last-modified: Thu, 07 Dec 2023 12:18:00 GMT
etag: W/"102a9-60bea756f2318-gzip"
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=mkpfvI1UcMr4vvcRMwgMBNJK7M9Q6ptceZpm7REGhIrb5VWPBSMPPuUfslkex0ub%2FlfuhTev1tseu%2BSz3FodSeP4TEyK0Kr3EJQqBUHvSRZUx32J8U6M%2FBpVxNbLbw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 875809b19d635689-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| live-khl.ru/_commonjsHelpers-725317a4.js | 172.67.178.173 | 200 OK | 290 B |
URL GET HTTP/3live-khl.ru/_commonjsHelpers-725317a4.js IP172.67.178.173:443
Requested byhttps://live-khl.ru/ball/auth CertificateIssuerGoogle Trust Services LLC Subjectlive-khl.ru Fingerprint17:D6:DD:44:98:4B:A8:AD:42:84:C1:E9:99:F4:9D:7E:67:68:71:79 ValidityFri, 12 Apr 2024 11:32:57 GMT - Thu, 11 Jul 2024 11:32:56 GMT
File typeASCII text, with very long lines (302), with no line terminators Hash3fb939d07fab69f5a0ad5db75c79a87f 2fcb8f40614f577982a15551a4d00b06deeea3fd 17f7485908469fb755abc429df99392b299c396fa52b327f68ef0c31a1bb81e6
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /_commonjsHelpers-725317a4.js HTTP/1.1
Host: live-khl.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://live-khl.ru/qr-code-styling-8a04fb73.js
Cookie: PHPSESSID=6cdjihdhfc66ivfj3dmeo819n6
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 16 Apr 2024 23:43:31 GMT
content-type: text/javascript
last-modified: Thu, 07 Dec 2023 12:17:55 GMT
etag: W/"122-60bea75216158-gzip"
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=1%2FNVoIBbSM8NkUUVf77XBsSXicNtqtaMZxhXVBSahvoWe48LVRGkpzxQC8Nnnmot2xVsImJ4qwctS77WU3MLlHy%2BhQknxYRQX6X91c3KK3%2FjTET6zW5J6qMFk1OLAg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 875809b25db35689-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| live-khl.ru/asset/jquery.min.js | 172.67.178.173 | 200 OK | 90 kB |
URL GET HTTP/3live-khl.ru/asset/jquery.min.js IP172.67.178.173:443
Requested byhttps://live-khl.ru/ball/auth CertificateIssuerGoogle Trust Services LLC Subjectlive-khl.ru Fingerprint17:D6:DD:44:98:4B:A8:AD:42:84:C1:E9:99:F4:9D:7E:67:68:71:79 ValidityFri, 12 Apr 2024 11:32:57 GMT - Thu, 11 Jul 2024 11:32:56 GMT
File typeJavaScript source, ASCII text, with very long lines (65447) Hash1db92b83313d6fbaf76fd364688c8e6c 90c3cf0d1af00de7424a6b4b8f7f41b1200d3964 3ca4587ad13382ba7ede987f96682cc928589f037b1403fb43bd8ffc430809da
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /asset/jquery.min.js HTTP/1.1
Host: live-khl.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://live-khl.ru/ball/auth
Cookie: PHPSESSID=6cdjihdhfc66ivfj3dmeo819n6
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 16 Apr 2024 23:43:29 GMT
content-type: text/javascript
last-modified: Thu, 07 Dec 2023 12:10:36 GMT
etag: W/"16182-60bea5af51c2f-gzip"
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=1VTsqKPj5NI6JmYbXAMd9AWM6EbGSE%2FDV82MwQuqPX37shlcy1UhuEN%2FhtmiVr6PSASIKyG57KY3%2FgFc7%2FGmnpJpdC7vrcfBlz93lV4x87vhuHDHSXwbAWZ2oiUD5w%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 875809adcbaf5689-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| live-khl.ru/lang-9ff1b05a.js | 172.67.178.173 | 200 OK | 102 kB |
URL GET HTTP/3live-khl.ru/lang-9ff1b05a.js IP172.67.178.173:443
Requested byhttps://live-khl.ru/ball/auth CertificateIssuerGoogle Trust Services LLC Subjectlive-khl.ru Fingerprint17:D6:DD:44:98:4B:A8:AD:42:84:C1:E9:99:F4:9D:7E:67:68:71:79 ValidityFri, 12 Apr 2024 11:32:57 GMT - Thu, 11 Jul 2024 11:32:56 GMT
Size102 kB (102332 bytes) Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /lang-9ff1b05a.js HTTP/1.1
Host: live-khl.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://live-khl.ru/index-cfdc21d6.js
Cookie: PHPSESSID=6cdjihdhfc66ivfj3dmeo819n6
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 16 Apr 2024 23:43:29 GMT
content-type: text/javascript
last-modified: Thu, 07 Dec 2023 12:17:58 GMT
etag: W/"18fbc-60bea755021cb-gzip"
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Hv3kNbP0w%2B9HnXn%2FE2goApevlADt2ELqcUka7pVRDHA47gWYSQRcCKmJKTyhusKK8tM0rcI5V0k7HbruhUsAPjsLyPlKNNEyNS1UtgFkvAdWFvci7PQtSRigtht83Q%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 875809b00ca75689-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| live-khl.ru/_commonjsHelpers-725317a4.js | 172.67.178.173 | 200 OK | 290 B |
URL GET HTTP/3live-khl.ru/_commonjsHelpers-725317a4.js IP172.67.178.173:443
Requested byhttps://live-khl.ru/ball/auth CertificateIssuerGoogle Trust Services LLC Subjectlive-khl.ru Fingerprint17:D6:DD:44:98:4B:A8:AD:42:84:C1:E9:99:F4:9D:7E:67:68:71:79 ValidityFri, 12 Apr 2024 11:32:57 GMT - Thu, 11 Jul 2024 11:32:56 GMT
File typeASCII text, with very long lines (302), with no line terminators Hash3fb939d07fab69f5a0ad5db75c79a87f 2fcb8f40614f577982a15551a4d00b06deeea3fd 17f7485908469fb755abc429df99392b299c396fa52b327f68ef0c31a1bb81e6
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /_commonjsHelpers-725317a4.js HTTP/1.1
Host: live-khl.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://live-khl.ru/ball/auth
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 16 Apr 2024 23:43:30 GMT
content-type: text/javascript
last-modified: Thu, 07 Dec 2023 12:17:55 GMT
etag: W/"122-60bea75216158-gzip"
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=0lOGmdpky%2BavYQMJe%2Fy1Y53BEzvDH19vBE9KGYG4rqVcyRB%2BVa8hP9uSsTKSyqevsum787xEbVuxWiYOvXWjRK%2BSj6Q6GJKKjchL%2FzpUaDSyRKJdZyRbT%2BOgGKIKfw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 875809b19d605689-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| live-khl.ru/index-91acc02b.css | 172.67.178.173 | 200 OK | 425 kB |
URL GET HTTP/3live-khl.ru/index-91acc02b.css IP172.67.178.173:443
Requested byhttps://live-khl.ru/ball/auth CertificateIssuerGoogle Trust Services LLC Subjectlive-khl.ru Fingerprint17:D6:DD:44:98:4B:A8:AD:42:84:C1:E9:99:F4:9D:7E:67:68:71:79 ValidityFri, 12 Apr 2024 11:32:57 GMT - Thu, 11 Jul 2024 11:32:56 GMT
Size425 kB (425367 bytes) Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /index-91acc02b.css HTTP/1.1
Host: live-khl.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://live-khl.ru/ball/auth
Cookie: PHPSESSID=6cdjihdhfc66ivfj3dmeo819n6
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 16 Apr 2024 23:43:29 GMT
content-type: text/css
last-modified: Thu, 07 Dec 2023 12:17:58 GMT
etag: W/"67d97-60bea754e4d0e-gzip"
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=kW7iHnW55kPSd4fjE7ra867NNERxkD7Z%2FMoKNUcVSXLeuwrTTZ9%2FKDLLTqnF93ZDdzP2TavCUMXGkkEhLP%2FWQmuxqwdG2jY%2FxsR4nX3LbfTINlm8uH5INATRbZyOcA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 875809adcbb05689-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| | 172.67.178.173 | 200 OK | 14 kB |
URL User Request GET HTTP/2IP172.67.178.173:443
CertificateIssuerGoogle Trust Services LLC Subjectlive-khl.ru Fingerprint17:D6:DD:44:98:4B:A8:AD:42:84:C1:E9:99:F4:9D:7E:67:68:71:79 ValidityFri, 12 Apr 2024 11:32:57 GMT - Thu, 11 Jul 2024 11:32:56 GMT
File typeHTML document, ASCII text, with very long lines (1757) Hashd81cb17c6ca692cce341c509d5ec57cc 39fee452e599617961a264e2c53349afe08846cb ca911752ea5025c6a56d55637663ab5821d42ec5baf6be205ffa9a62025252ec
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /ball/auth HTTP/1.1
Host: live-khl.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Tue, 16 Apr 2024 23:43:28 GMT
content-type: text/html; charset=UTF-8
set-cookie: PHPSESSID=6cdjihdhfc66ivfj3dmeo819n6; path=/
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
vary: Accept-Encoding
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=lq%2FpdsfY7TUrwj3YYEEsKrDlJU7LB%2FAekK1i5qRVAA3KZ7ryP5AScuXUWuZ2r9RYPiXNMSoohDl%2BBEfaADKkumDStFy0%2B1nVCd%2BiLpkb2oQ0DytNDVt%2FtbHTPdnZ7w%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 875809abab91712a-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|