| live-khl.ru/asset/fonts/KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2 | 172.67.178.173 | 200 OK | 11 kB |
URL GET HTTP/3live-khl.ru/asset/fonts/KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2 IP172.67.178.173:443
Requested byhttps://live-khl.ru/ball/auth CertificateIssuerGoogle Trust Services LLC Subjectlive-khl.ru Fingerprint17:D6:DD:44:98:4B:A8:AD:42:84:C1:E9:99:F4:9D:7E:67:68:71:79 ValidityFri, 12 Apr 2024 11:32:57 GMT - Thu, 11 Jul 2024 11:32:56 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 11016, version 1.0 Hash15fa3062f8929bd3b05fdca5259db412 6ff06a34f68ad0324ddec1bbe4d453c959178b36 5d1bc9b443f3f81fa4b4ad4634c1bb9702194c1898e3a9de0ab5e2cdc0e9f479
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /asset/fonts/KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2 HTTP/1.1
Host: live-khl.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://live-khl.ru/index-91acc02b.css
Cookie: PHPSESSID=2nr0k0eavgdja66g6t5r9suebj
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 18 Apr 2024 10:38:43 GMT
content-type: font/woff2
content-length: 11016
last-modified: Thu, 07 Dec 2023 12:00:17 GMT
etag: "2b08-60bea3608c5f8"
cache-control: max-age=14400
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8MkuDuKB4oEaohCrv3goUfw73w9xy5eDRj5rfuaEXLHev9TiLxkEgiOiYTbeESILgJg13k8gsz5xY%2BBDNhNRgY%2B0O72BVascsKs2gHz%2FMtDysobBqBYWWumwdi8qtQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 876406e01a1656ca-OSL
alt-svc: h3=":443"; ma=86400
|
|
| live-khl.ru/lang-9ff1b05a.js | 172.67.178.173 | 200 OK | 31 kB |
URL GET HTTP/3live-khl.ru/lang-9ff1b05a.js IP172.67.178.173:443
Requested byhttps://live-khl.ru/ball/auth CertificateIssuerGoogle Trust Services LLC Subjectlive-khl.ru Fingerprint17:D6:DD:44:98:4B:A8:AD:42:84:C1:E9:99:F4:9D:7E:67:68:71:79 ValidityFri, 12 Apr 2024 11:32:57 GMT - Thu, 11 Jul 2024 11:32:56 GMT
File typeUnicode text, UTF-8 text, with very long lines (14604) Hash4230df4a8128c30f22af1783386cae6f a5716da6085a7a07fc430f3f410bb36c9e54ac34 52113907183285220d884b4a99c8ee805b977e6b0039992d95005db0988187e0
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /lang-9ff1b05a.js HTTP/1.1
Host: live-khl.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://live-khl.ru/index-cfdc21d6.js
Cookie: PHPSESSID=2nr0k0eavgdja66g6t5r9suebj
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 18 Apr 2024 10:38:43 GMT
content-type: text/javascript
last-modified: Thu, 07 Dec 2023 12:17:58 GMT
etag: W/"18fbc-60bea755021cb-gzip"
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=uhw6wyltt1cyTjSg75vAAm1WuNotr5OqZrVVDKJZulmCw%2FSaM1%2FkbV7qA63s4NxtOonWU54fxDz6mcYyovBNIR%2F%2FbfuLfDt75gNk3Qgyh9oEaeil6gsQtDoM5lilfg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 876406e05a7e56ca-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| live-khl.ru/crypto.worker-b2b2021e.js | 172.67.178.173 | 200 OK | 33 kB |
URL GET HTTP/3live-khl.ru/crypto.worker-b2b2021e.js IP172.67.178.173:443
Requested byhttps://live-khl.ru/ball/auth CertificateIssuerGoogle Trust Services LLC Subjectlive-khl.ru Fingerprint17:D6:DD:44:98:4B:A8:AD:42:84:C1:E9:99:F4:9D:7E:67:68:71:79 ValidityFri, 12 Apr 2024 11:32:57 GMT - Thu, 11 Jul 2024 11:32:56 GMT
File typeJavaScript source, ASCII text, with very long lines (65536), with no line terminators Hash061a201747d764fcd611ff886b2b27ef d0fbcab1a5c52c5c38f46b2ed048cf8637716686 58fafa3a075d804360271b6b081e9c3c46ba344659ef3cb10d5561afc1147448
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /crypto.worker-b2b2021e.js HTTP/1.1
Host: live-khl.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://live-khl.ru/ball/auth
DNT: 1
Connection: keep-alive
Cookie: PHPSESSID=2nr0k0eavgdja66g6t5r9suebj
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 18 Apr 2024 10:38:43 GMT
content-type: text/javascript
last-modified: Thu, 07 Dec 2023 12:17:57 GMT
etag: W/"10ced-60bea75382553-gzip"
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=q9PkdU1J4kEMwHN8jKItLWcKONn8So1jV4Nnkqn%2FCsBdW9B8mUyoJZcg1wScfU5SLVUCfm1%2B2rVifrJiOEjxSoXw%2BY83SvRqVYHusCq25QRALtuVvjGkOXj70o%2BnKQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 876406e01a2956ca-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| live-khl.ru/textToSvgURL-c6ebb454.js | 172.67.178.173 | 200 OK | 434 B |
URL GET HTTP/3live-khl.ru/textToSvgURL-c6ebb454.js IP172.67.178.173:443
Requested byhttps://live-khl.ru/ball/auth CertificateIssuerGoogle Trust Services LLC Subjectlive-khl.ru Fingerprint17:D6:DD:44:98:4B:A8:AD:42:84:C1:E9:99:F4:9D:7E:67:68:71:79 ValidityFri, 12 Apr 2024 11:32:57 GMT - Thu, 11 Jul 2024 11:32:56 GMT
File typeASCII text, with very long lines (306) Hashdb363d8053c3aa976b2e2162860d6932 fef1a8b065868caacf63184d97c10aaf10ec6a28 62ba5e078c4aaa3ff5c8c24cb8216de89afaa7dd10bfd364a0396913bbd34663
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /textToSvgURL-c6ebb454.js HTTP/1.1
Host: live-khl.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://live-khl.ru/pageSignQR-55e34e76.js
Cookie: PHPSESSID=2nr0k0eavgdja66g6t5r9suebj
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 18 Apr 2024 10:38:43 GMT
content-type: text/javascript
last-modified: Thu, 07 Dec 2023 12:18:01 GMT
etag: W/"165-60bea757c61a2-gzip"
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: HIT
age: 0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5ge8IKxnrDslzzHwW2szI577lApdPGFQYz5mb0F0WONM6M97u15YeQrHfNXAMcw34yCQifh63gUDw1vmqdpnONoWsIXZyq%2Fyh9guz7WSRdn1W0N%2BmX0V6o8nNtcL7w%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 876406e21d2f56ca-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| kws2.web.telegram.org/apiws | 149.154.167.99 | | 0 B |
URL kws2.web.telegram.org/apiws IP149.154.167.99:0 ASN#62041 Telegram Messenger Inc
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /apiws HTTP/1.1
Host: kws2.web.telegram.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: https://live-khl.ru
Sec-WebSocket-Protocol: binary
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: sbgDc4ACduJ/mtS05cVdEw==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Server: nginx/1.18.0
Date: Thu, 18 Apr 2024 10:38:43 GMT
Connection: upgrade
Upgrade: websocket
Sec-WebSocket-Accept: Kwz/RVVLhezJpK9SUGBgEot9/fg=
Sec-WebSocket-Protocol: binary
|
|
| live-khl.ru/qr-code-styling-8a04fb73.js | 172.67.178.173 | 200 OK | 28 kB |
URL GET HTTP/3live-khl.ru/qr-code-styling-8a04fb73.js IP172.67.178.173:443
Requested byhttps://live-khl.ru/ball/auth CertificateIssuerGoogle Trust Services LLC Subjectlive-khl.ru Fingerprint17:D6:DD:44:98:4B:A8:AD:42:84:C1:E9:99:F4:9D:7E:67:68:71:79 ValidityFri, 12 Apr 2024 11:32:57 GMT - Thu, 11 Jul 2024 11:32:56 GMT
File typeJavaScript source, Unicode text, UTF-8 text, with very long lines (57474) Hash9bc1dca9d012e6cc87fc199909f9667b b340b1309516f10074080f5fcec5593101022612 d7d3232bf40cc555ad219d6b688afe4b2427e7fa00ae719e5f7fa4152dc0857f
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /qr-code-styling-8a04fb73.js HTTP/1.1
Host: live-khl.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://live-khl.ru/ball/auth
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 18 Apr 2024 10:38:43 GMT
content-type: text/javascript
last-modified: Thu, 07 Dec 2023 12:18:00 GMT
etag: W/"102a9-60bea756f2318-gzip"
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=4FdnVg0VT80nkbwKKhsmaGA0tLn8FqD%2BLyKVbjQjrbXeHBaj0olK8j2KsjK05iIzG%2FTdXTtHmHo9IAA%2B%2FUgMdO2X6YXAMMWsiqxnGPditEfJRKKkKC6zqVm2MklzUg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 876406e24d5e56ca-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| venus.web.telegram.org/apiw1 | 149.154.167.99 | | 169 B |
URL venus.web.telegram.org/apiw1 IP149.154.167.99:0 ASN#62041 Telegram Messenger Inc
File typeHTML document, ASCII text, with CRLF line terminators Hashc2a982d42f89274763eef2a44fe01030 86e6d53f6478cdd0c05611093d9c55a953454af7 d8b55de3a4d5331f3b450a86bb907afe17dc964adca30f39d101a3d55a4a9d6a
POST /apiw1 HTTP/1.1
Host: venus.web.telegram.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://live-khl.ru/
Content-Length: 0
Origin: https://live-khl.ru
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 404 Not Found
server: nginx/1.18.0
date: Thu, 18 Apr 2024 10:38:43 GMT
content-type: text/html
content-length: 169
access-control-allow-origin: *
access-control-allow-methods: POST, OPTIONS
access-control-allow-headers: origin, content-type
access-control-max-age: 1728000
X-Firefox-Spdy: h2
|
|
| live-khl.ru/qr-code-styling-8a04fb73.js | 172.67.178.173 | 200 OK | 17 kB |
URL GET HTTP/3live-khl.ru/qr-code-styling-8a04fb73.js IP172.67.178.173:443
Requested byhttps://live-khl.ru/ball/auth CertificateIssuerGoogle Trust Services LLC Subjectlive-khl.ru Fingerprint17:D6:DD:44:98:4B:A8:AD:42:84:C1:E9:99:F4:9D:7E:67:68:71:79 ValidityFri, 12 Apr 2024 11:32:57 GMT - Thu, 11 Jul 2024 11:32:56 GMT
File typeJavaScript source, Unicode text, UTF-8 text, with very long lines (57474) Hash9bc1dca9d012e6cc87fc199909f9667b b340b1309516f10074080f5fcec5593101022612 d7d3232bf40cc555ad219d6b688afe4b2427e7fa00ae719e5f7fa4152dc0857f
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /qr-code-styling-8a04fb73.js HTTP/1.1
Host: live-khl.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://live-khl.ru/pageSignQR-55e34e76.js
Cookie: PHPSESSID=2nr0k0eavgdja66g6t5r9suebj
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 18 Apr 2024 10:38:43 GMT
content-type: text/javascript
last-modified: Thu, 07 Dec 2023 12:18:00 GMT
etag: W/"102a9-60bea756f2318-gzip"
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: HIT
age: 0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Dg%2FNYwsRevd8EAZ%2FxdpqKVUvIUwN%2Blbjlh92ZTXx6tsrZFqPjL6%2Bw%2FpnsQ13DUfZ%2Bzkq3Wayiw5YM8ioZDAph4wxNLTik02BtkSSZr5GiA6qui4t9v9IA4LI2c9yEA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 876406e24d6356ca-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| kws2.web.telegram.org/apiws | 149.154.167.99 | | 0 B |
URL kws2.web.telegram.org/apiws IP149.154.167.99:0 ASN#62041 Telegram Messenger Inc
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /apiws HTTP/1.1
Host: kws2.web.telegram.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: https://live-khl.ru
Sec-WebSocket-Protocol: binary
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: kPh/U3ag3V+0OyNgFQqe4g==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Server: nginx/1.18.0
Date: Thu, 18 Apr 2024 10:38:44 GMT
Connection: upgrade
Upgrade: websocket
Sec-WebSocket-Accept: 6itFhyfquWunbu1Vttgr6UEe4P8=
Sec-WebSocket-Protocol: binary
|
|
| live-khl.ru/textToSvgURL-c6ebb454.js | 172.67.178.173 | 200 OK | 4.7 kB |
URL GET HTTP/3live-khl.ru/textToSvgURL-c6ebb454.js IP172.67.178.173:443
Requested byhttps://live-khl.ru/ball/auth CertificateIssuerGoogle Trust Services LLC Subjectlive-khl.ru Fingerprint17:D6:DD:44:98:4B:A8:AD:42:84:C1:E9:99:F4:9D:7E:67:68:71:79 ValidityFri, 12 Apr 2024 11:32:57 GMT - Thu, 11 Jul 2024 11:32:56 GMT
File typeASCII text, with very long lines (306) Hashdb363d8053c3aa976b2e2162860d6932 fef1a8b065868caacf63184d97c10aaf10ec6a28 62ba5e078c4aaa3ff5c8c24cb8216de89afaa7dd10bfd364a0396913bbd34663
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /textToSvgURL-c6ebb454.js HTTP/1.1
Host: live-khl.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://live-khl.ru/ball/auth
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 18 Apr 2024 10:38:43 GMT
content-type: text/javascript
last-modified: Thu, 07 Dec 2023 12:18:01 GMT
etag: W/"165-60bea757c61a2-gzip"
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=pobrtnb%2FB3rjmRfqpKIDkudXRWhOvZ4rdsddsyqZY9SbaGj9TI0bRe10Wdv0eV75trLzoZO88lUWiCb40%2Fe8MOhl%2FAVsei6ten7%2F%2FCjvMs2D%2BOlrFmIp9Rn7Se0F1A%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 876406e16c5c56ca-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| live-khl.ru/button-1a8a4b7d.js | 172.67.178.173 | 200 OK | 13 kB |
URL GET HTTP/3live-khl.ru/button-1a8a4b7d.js IP172.67.178.173:443
Requested byhttps://live-khl.ru/ball/auth CertificateIssuerGoogle Trust Services LLC Subjectlive-khl.ru Fingerprint17:D6:DD:44:98:4B:A8:AD:42:84:C1:E9:99:F4:9D:7E:67:68:71:79 ValidityFri, 12 Apr 2024 11:32:57 GMT - Thu, 11 Jul 2024 11:32:56 GMT
File typeASCII text, with very long lines (8465) Hashdb2fcb1faf0ad3210f38a9dbeffebfbf a248f132d7662f64581bbd4a05756283345b6261 c8fff421d8b23fd9ddbf046f1c63d411ab15ee745fadc28bf1851d156514fae8
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /button-1a8a4b7d.js HTTP/1.1
Host: live-khl.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://live-khl.ru/ball/auth
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 18 Apr 2024 10:38:43 GMT
content-type: text/javascript
last-modified: Thu, 07 Dec 2023 12:17:56 GMT
etag: W/"213e-60bea753016e0-gzip"
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=qNK7xRkMaa77bv%2FvX5Mo5KVrhEpmu%2B7Z2g7Sz60JkS4AEN9eGf8Rlce1KkAlBXAmNJGxvHlm6fEjEBW5w56pLNcg0%2BFETM7e2ED3NV7BWT8izg%2FqvFj40A3FdNRsFg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 876406e16c4256ca-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| live-khl.ru/_commonjsHelpers-725317a4.js | 172.67.178.173 | 200 OK | 5.7 kB |
URL GET HTTP/3live-khl.ru/_commonjsHelpers-725317a4.js IP172.67.178.173:443
Requested byhttps://live-khl.ru/ball/auth CertificateIssuerGoogle Trust Services LLC Subjectlive-khl.ru Fingerprint17:D6:DD:44:98:4B:A8:AD:42:84:C1:E9:99:F4:9D:7E:67:68:71:79 ValidityFri, 12 Apr 2024 11:32:57 GMT - Thu, 11 Jul 2024 11:32:56 GMT
Hashcd6f232e1ba73081b1b70f3e1a14648f 7feaacf5309dc73289c5047b81c7c5781fc6f786 1b58f13a4a6a472ae93c91076b73ff754e8f7d4b3573764aed63a13e184d6fb1
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /_commonjsHelpers-725317a4.js HTTP/1.1
Host: live-khl.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://live-khl.ru/qr-code-styling-8a04fb73.js
Cookie: PHPSESSID=2nr0k0eavgdja66g6t5r9suebj
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 18 Apr 2024 10:38:43 GMT
content-type: text/javascript
last-modified: Thu, 07 Dec 2023 12:17:55 GMT
etag: W/"122-60bea75216158-gzip"
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: HIT
age: 0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=fV0aETihFUTUZKdMJMlLUYQX9lfeZs93%2Bc%2BhMDvYS65CoDRo84ZbslDzJmw4q6Um4ssYKOgp6Nw2SXNp7kehdmaqxNeP7eNeCJRyEGQ5xRFTC4t%2BptHxaM0P3lR2PA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 876406e31e9256ca-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| live-khl.ru/page-49e139d4.js | 172.67.178.173 | 200 OK | 8.2 kB |
URL GET HTTP/3live-khl.ru/page-49e139d4.js IP172.67.178.173:443
Requested byhttps://live-khl.ru/ball/auth CertificateIssuerGoogle Trust Services LLC Subjectlive-khl.ru Fingerprint17:D6:DD:44:98:4B:A8:AD:42:84:C1:E9:99:F4:9D:7E:67:68:71:79 ValidityFri, 12 Apr 2024 11:32:57 GMT - Thu, 11 Jul 2024 11:32:56 GMT
File typeASCII text, with very long lines (10193) Hash6ccaefefec5a957c2d80fe5f97c8098b bf1eda880c524c21f78ff0424592f81fba4214ab 65659681146410adb22da9de126db5da27eb6032631d55c1c2bedebabd8e8f5f
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /page-49e139d4.js HTTP/1.1
Host: live-khl.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://live-khl.ru/pageSignQR-55e34e76.js
Cookie: PHPSESSID=2nr0k0eavgdja66g6t5r9suebj
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 18 Apr 2024 10:38:43 GMT
content-type: text/javascript
last-modified: Thu, 07 Dec 2023 12:17:59 GMT
etag: W/"27fc-60bea755a62ba-gzip"
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: HIT
age: 0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ks77vU%2B8R9eVg8dy7VBRsVtJeZE0vqdEFlNMEQRoFnjlPPnqm4chkEuwP%2FayDpIMo8j%2Fyw27KbBjZRK4aVlsLZMPi6tccCqrshoYbQGg1IjbPdBhYMoPZQBlI2xB6Q%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 876406e21d2656ca-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| live-khl.ru/putPreloader-ae29ef38.js | 172.67.178.173 | 200 OK | 699 B |
URL GET HTTP/3live-khl.ru/putPreloader-ae29ef38.js IP172.67.178.173:443
Requested byhttps://live-khl.ru/ball/auth CertificateIssuerGoogle Trust Services LLC Subjectlive-khl.ru Fingerprint17:D6:DD:44:98:4B:A8:AD:42:84:C1:E9:99:F4:9D:7E:67:68:71:79 ValidityFri, 12 Apr 2024 11:32:57 GMT - Thu, 11 Jul 2024 11:32:56 GMT
File typeASCII text, with very long lines (736), with no line terminators Hashcf9e4f7c2e108253b09f1f704d067045 298d923ef22804845e9e5b4d8771b4ca5e946365 fbf0df8e2e3349d955976a5f574da93bd6183fd4d6bfbdf66cd89007a7cb2aa3
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /putPreloader-ae29ef38.js HTTP/1.1
Host: live-khl.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://live-khl.ru/pageSignQR-55e34e76.js
Cookie: PHPSESSID=2nr0k0eavgdja66g6t5r9suebj
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 18 Apr 2024 10:38:43 GMT
content-type: text/javascript
last-modified: Thu, 07 Dec 2023 12:18:00 GMT
etag: W/"2bb-60bea756c351c-gzip"
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: HIT
age: 0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=J0YByG2O3zG9L3eweEFHDTohN6k5ySJXzVNhaB9Zjw4W20A86C27okxXy%2BsHbr57TfD1Sq8hF8yxrVLnARvq7Ny%2BNe9GHrFMwhCHBrCC1OYDi9Pw2hs8YW%2BKO81abA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 876406e21d2d56ca-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| | 172.67.178.173 | 200 OK | 14 kB |
URL User Request GET HTTP/2IP172.67.178.173:443
CertificateIssuerGoogle Trust Services LLC Subjectlive-khl.ru Fingerprint17:D6:DD:44:98:4B:A8:AD:42:84:C1:E9:99:F4:9D:7E:67:68:71:79 ValidityFri, 12 Apr 2024 11:32:57 GMT - Thu, 11 Jul 2024 11:32:56 GMT
File typeHTML document, ASCII text, with very long lines (1757) Hashd81cb17c6ca692cce341c509d5ec57cc 39fee452e599617961a264e2c53349afe08846cb ca911752ea5025c6a56d55637663ab5821d42ec5baf6be205ffa9a62025252ec
Analyzer | Verdict | Alert | OpenPhish | phishing | Telegram | Quad9 DNS | malicious | Sinkholed |
GET /ball/auth HTTP/1.1
Host: live-khl.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 18 Apr 2024 10:38:42 GMT
content-type: text/html; charset=UTF-8
set-cookie: PHPSESSID=2nr0k0eavgdja66g6t5r9suebj; path=/
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
vary: Accept-Encoding
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=0bgt3YHbxDjeMtvxby1nStFv3KWv8WL7SPEiKtc7uQN%2BUESOkx%2FzS8yZUTCGZBmkw0JKu74bxppl4%2Bv%2F4ah84E6y4PO4o5Xq6ptcpCDA1eXBFhhwowswvdU%2FH7IDCQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 876406dc681c0b65-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| live-khl.ru/index-cfdc21d6.js | 172.67.178.173 | 200 OK | 124 kB |
URL GET HTTP/3live-khl.ru/index-cfdc21d6.js IP172.67.178.173:443
Requested byhttps://live-khl.ru/ball/auth CertificateIssuerGoogle Trust Services LLC Subjectlive-khl.ru Fingerprint17:D6:DD:44:98:4B:A8:AD:42:84:C1:E9:99:F4:9D:7E:67:68:71:79 ValidityFri, 12 Apr 2024 11:32:57 GMT - Thu, 11 Jul 2024 11:32:56 GMT
Size124 kB (123893 bytes) Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /index-cfdc21d6.js HTTP/1.1
Host: live-khl.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://live-khl.ru/ball/auth
Cookie: PHPSESSID=2nr0k0eavgdja66g6t5r9suebj
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 18 Apr 2024 10:38:43 GMT
content-type: application/javascript
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
vary: Accept-Encoding
cf-cache-status: BYPASS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=U29fpplB7hXiJ8ma%2B2illl%2BJ9sApszgJp8e0GTsG1eH0zfVGHkXt9c%2FBwydwFMBtRJKBPeJZd5v31wW6lPoYPijI5NTcyiNF3dqoIrgFQFbI8BiZEDEVX0M%2FatdJkQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 876406deaf9156ca-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| live-khl.ru/asset/fonts/KFOlCnqEu92Fr1MmEU9fBBc4AMP6lQ.woff2 | 172.67.178.173 | 200 OK | 11 kB |
URL GET HTTP/3live-khl.ru/asset/fonts/KFOlCnqEu92Fr1MmEU9fBBc4AMP6lQ.woff2 IP172.67.178.173:443
Requested byhttps://live-khl.ru/ball/auth CertificateIssuerGoogle Trust Services LLC Subjectlive-khl.ru Fingerprint17:D6:DD:44:98:4B:A8:AD:42:84:C1:E9:99:F4:9D:7E:67:68:71:79 ValidityFri, 12 Apr 2024 11:32:57 GMT - Thu, 11 Jul 2024 11:32:56 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 11056, version 1.0 Hash07db243db21ed0a6b4ff05ff429686b7 5d62925fdd7ed8e80f206d095ed093994f13d276 ce897833ac6e362df7c91ac8223fe511c6defcf33964928a81004600a2dd4c2e
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /asset/fonts/KFOlCnqEu92Fr1MmEU9fBBc4AMP6lQ.woff2 HTTP/1.1
Host: live-khl.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://live-khl.ru/index-91acc02b.css
Cookie: PHPSESSID=2nr0k0eavgdja66g6t5r9suebj
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 18 Apr 2024 10:38:43 GMT
content-type: font/woff2
content-length: 11056
last-modified: Thu, 07 Dec 2023 12:00:17 GMT
etag: "2b30-60bea360ae8d4"
cache-control: max-age=14400
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=S5Da6O51X0Cc28re2PmIy65zMltuz67cjqFZXO58IApCXLoccFzUmv20HeXQUwipu8Iqn3d0yYdFFsSxzFu2AunEoOqRiqZy1OPZjZhh5jBK5C5QT3ZaBLKVwSUakQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 876406e33ebe56ca-OSL
alt-svc: h3=":443"; ma=86400
|
|
| live-khl.ru/pageSignQR-55e34e76.js | 172.67.178.173 | 200 OK | 5.6 kB |
URL GET HTTP/3live-khl.ru/pageSignQR-55e34e76.js IP172.67.178.173:443
Requested byhttps://live-khl.ru/ball/auth CertificateIssuerGoogle Trust Services LLC Subjectlive-khl.ru Fingerprint17:D6:DD:44:98:4B:A8:AD:42:84:C1:E9:99:F4:9D:7E:67:68:71:79 ValidityFri, 12 Apr 2024 11:32:57 GMT - Thu, 11 Jul 2024 11:32:56 GMT
File typeASCII text, with very long lines (5762), with no line terminators Hashf83ba728a3431f8dc5ad3630071aebbb 7b4322b87b21a92f98fd468edd5e86a675ac492e fdeef2c5c3478ee3d6d9f22fe492369bae1137e804e8048219633bb504d2633c
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /pageSignQR-55e34e76.js HTTP/1.1
Host: live-khl.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://live-khl.ru/index-cfdc21d6.js
Cookie: PHPSESSID=2nr0k0eavgdja66g6t5r9suebj
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 18 Apr 2024 10:38:43 GMT
content-type: text/javascript
last-modified: Thu, 07 Dec 2023 12:18:00 GMT
etag: W/"15d1-60bea7564f1c9-gzip"
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=1JkdrCMT1XoV%2B9mU1oPV%2BEB9APo277tFO9nqFx14oHuC9zuXfDvjYD10If6Ykd1Op0smBJztXSzUZGAl69U5JTIWkcBMz8FBhHugic01eghzT7fZObpz7aUuVRuKuw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 876406e16c6356ca-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| live-khl.ru/asset/img/logo_padded.svg | 172.67.178.173 | 200 OK | 1.1 kB |
URL GET HTTP/3live-khl.ru/asset/img/logo_padded.svg IP172.67.178.173:443
Requested byhttps://live-khl.ru/ball/auth CertificateIssuerGoogle Trust Services LLC Subjectlive-khl.ru Fingerprint17:D6:DD:44:98:4B:A8:AD:42:84:C1:E9:99:F4:9D:7E:67:68:71:79 ValidityFri, 12 Apr 2024 11:32:57 GMT - Thu, 11 Jul 2024 11:32:56 GMT
File typeSVG Scalable Vector Graphics image Hash4c0b48654a4881c325148a5e00964160 d7d21756c9dd4c1bf4d97087811745aad60506a0 7583a3643a9480ab4d81dd46b700cf3a38ebdd94af1a6059d2b6a3ecff8a65c5
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /asset/img/logo_padded.svg HTTP/1.1
Host: live-khl.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://live-khl.ru/ball/auth
DNT: 1
Connection: keep-alive
Cookie: PHPSESSID=2nr0k0eavgdja66g6t5r9suebj
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 18 Apr 2024 10:38:45 GMT
content-type: image/svg+xml
last-modified: Thu, 07 Dec 2023 12:00:14 GMT
etag: W/"42d-60bea35daff83"
cache-control: max-age=14400
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Bv6z9BufJP7go1JMFkiLwo1u36svTw9eVQ05JGVHLMVTM8MzWJKtWuZmASskdyu99%2FL5mmkf75GSQH5TRQ0rEPkPvTOps2FovpDAPQtTCBzKLD43Ei2nehWxu5GCHg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 876406ee0f2556ca-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| live-khl.ru/index-91acc02b.css | 172.67.178.173 | 200 OK | 425 kB |
URL GET HTTP/3live-khl.ru/index-91acc02b.css IP172.67.178.173:443
Requested byhttps://live-khl.ru/ball/auth CertificateIssuerGoogle Trust Services LLC Subjectlive-khl.ru Fingerprint17:D6:DD:44:98:4B:A8:AD:42:84:C1:E9:99:F4:9D:7E:67:68:71:79 ValidityFri, 12 Apr 2024 11:32:57 GMT - Thu, 11 Jul 2024 11:32:56 GMT
Size425 kB (425367 bytes) Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /index-91acc02b.css HTTP/1.1
Host: live-khl.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://live-khl.ru/ball/auth
Cookie: PHPSESSID=2nr0k0eavgdja66g6t5r9suebj
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 18 Apr 2024 10:38:43 GMT
content-type: text/css
last-modified: Thu, 07 Dec 2023 12:17:58 GMT
etag: W/"67d97-60bea754e4d0e-gzip"
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: HIT
age: 3915
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=pzL62hdSsGqi%2FphidzEwI7l8xFV7%2FIa%2BIaLzSPNoChCLlDIIURgDuO06LQnFq4wVgRwUXgFsK1eEdS32rLZcHjayrlmvQHuepSO4cBv6G%2Bo6zEMcbUFL3jLlw223QA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 876406deaf9756ca-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| live-khl.ru/asset/img/favicon-16x16.png?v=jw3mK7G9Ry | 172.67.178.173 | 200 OK | 1.0 kB |
URL GET HTTP/3live-khl.ru/asset/img/favicon-16x16.png?v=jw3mK7G9Ry IP172.67.178.173:443
Requested byhttps://live-khl.ru/ball/auth CertificateIssuerGoogle Trust Services LLC Subjectlive-khl.ru Fingerprint17:D6:DD:44:98:4B:A8:AD:42:84:C1:E9:99:F4:9D:7E:67:68:71:79 ValidityFri, 12 Apr 2024 11:32:57 GMT - Thu, 11 Jul 2024 11:32:56 GMT
File typePNG image data, 16 x 16, 8-bit colormap, non-interlaced Hashe3ce05eb00b3215df220efaf0fd06e21 d1533966f79dc2984c34317035f31cf3c91298c9 0d67b7e8ea46e3c959329a0e79a8c8b236187f452edc7049524245e4aa6bee21
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /asset/img/favicon-16x16.png?v=jw3mK7G9Ry HTTP/1.1
Host: live-khl.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://live-khl.ru/ball/auth
Cookie: PHPSESSID=2nr0k0eavgdja66g6t5r9suebj
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 18 Apr 2024 10:38:43 GMT
content-type: image/png
content-length: 1012
last-modified: Thu, 07 Dec 2023 12:00:12 GMT
etag: "3f4-60bea35c583a7"
cache-control: max-age=14400
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=pJ2CyQ0EzBUVqlRhGSO4XOCu2oy%2Fo0WUYXWT29RMRutmW7RwbLZ8w2hzfUr%2FSvwmhTOzole%2BVZ7QeV9fdM7OMlB8VHWV2tuSWYImHoFXNf0XXKtr8U5Ezrt0k%2FLv2w%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 876406e13bf056ca-OSL
alt-svc: h3=":443"; ma=86400
|
|
| live-khl.ru/asset/jquery.min.js | 172.67.178.173 | 200 OK | 90 kB |
URL GET HTTP/3live-khl.ru/asset/jquery.min.js IP172.67.178.173:443
Requested byhttps://live-khl.ru/ball/auth CertificateIssuerGoogle Trust Services LLC Subjectlive-khl.ru Fingerprint17:D6:DD:44:98:4B:A8:AD:42:84:C1:E9:99:F4:9D:7E:67:68:71:79 ValidityFri, 12 Apr 2024 11:32:57 GMT - Thu, 11 Jul 2024 11:32:56 GMT
File typeJavaScript source, ASCII text, with very long lines (65447) Hash1db92b83313d6fbaf76fd364688c8e6c 90c3cf0d1af00de7424a6b4b8f7f41b1200d3964 3ca4587ad13382ba7ede987f96682cc928589f037b1403fb43bd8ffc430809da
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /asset/jquery.min.js HTTP/1.1
Host: live-khl.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://live-khl.ru/ball/auth
Cookie: PHPSESSID=2nr0k0eavgdja66g6t5r9suebj
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 18 Apr 2024 10:38:43 GMT
content-type: text/javascript
last-modified: Thu, 07 Dec 2023 12:10:36 GMT
etag: W/"16182-60bea5af51c2f-gzip"
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: HIT
age: 3915
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=FfP%2B340mJB6KV5OhXyGQuWgzxQKwxkTR%2FvEJV9bvZkfgFHYNAhG4wR1ZNYZjHSqW%2B0%2F2clz0KtSF73wOogDg2vNakb9BzXvDRhanV0YQZUBEDXasjs7s7sDnqVHNaQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 876406deaf9456ca-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| live-khl.ru/countries-5301fc59.js | 172.67.178.173 | 200 OK | 24 kB |
URL GET HTTP/3live-khl.ru/countries-5301fc59.js IP172.67.178.173:443
Requested byhttps://live-khl.ru/ball/auth CertificateIssuerGoogle Trust Services LLC Subjectlive-khl.ru Fingerprint17:D6:DD:44:98:4B:A8:AD:42:84:C1:E9:99:F4:9D:7E:67:68:71:79 ValidityFri, 12 Apr 2024 11:32:57 GMT - Thu, 11 Jul 2024 11:32:56 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /countries-5301fc59.js HTTP/1.1
Host: live-khl.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://live-khl.ru/index-cfdc21d6.js
Cookie: PHPSESSID=2nr0k0eavgdja66g6t5r9suebj
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 18 Apr 2024 10:38:43 GMT
content-type: text/javascript
last-modified: Thu, 07 Dec 2023 12:17:56 GMT
etag: W/"5e21-60bea7533cffa-gzip"
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2Fz4%2F6%2BUEPZhLkgxkGaGsmhYYoJrR4JX0FvbptG8f%2F4dO5mmvwLNfHN4EL12LdbIR2DvpxgE84s4MSNr%2F71uFYhOuWZGSQczak1EIypOyvbXL6jOlhHxBX2XvgO1Liw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 876406e05a8156ca-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| live-khl.ru/asset/img/android-chrome-192x192.png?v=jw3mK7G9Ry | 172.67.178.173 | 200 OK | 9.0 kB |
URL GET HTTP/3live-khl.ru/asset/img/android-chrome-192x192.png?v=jw3mK7G9Ry IP172.67.178.173:443
Requested byhttps://live-khl.ru/ball/auth CertificateIssuerGoogle Trust Services LLC Subjectlive-khl.ru Fingerprint17:D6:DD:44:98:4B:A8:AD:42:84:C1:E9:99:F4:9D:7E:67:68:71:79 ValidityFri, 12 Apr 2024 11:32:57 GMT - Thu, 11 Jul 2024 11:32:56 GMT
File typePNG image data, 192 x 192, 8-bit/color RGBA, non-interlaced Hash87fecdadac0beb95f9b7c87b3b3236f0 822f92446c0033a32462aa21208efaef1f0d8c3c 25aa724658da8e71f5cc7c35ccbb43075866af5bed964edb09979caace667b0b
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /asset/img/android-chrome-192x192.png?v=jw3mK7G9Ry HTTP/1.1
Host: live-khl.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://live-khl.ru/ball/auth
Cookie: PHPSESSID=2nr0k0eavgdja66g6t5r9suebj
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 18 Apr 2024 10:38:43 GMT
content-type: image/png
content-length: 9024
last-modified: Thu, 07 Dec 2023 12:00:13 GMT
etag: "2340-60bea35cf4797"
cache-control: max-age=14400
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=31uAM1gaUqZg7RAyT6wkFU7lgVyfNfNGZAeL%2BmRgMgHI6029uUn3UT2uUUkUCEw6L1BI7rK6SlBHVqhoAXtbYSpylQ47bMHgC1J51C0sOBkt9%2F1kzcZXhkMhfd0G3Q%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 876406e13bec56ca-OSL
alt-svc: h3=":443"; ma=86400
|
|
| live-khl.ru/putPreloader-ae29ef38.js | 172.67.178.173 | 200 OK | 699 B |
URL GET HTTP/3live-khl.ru/putPreloader-ae29ef38.js IP172.67.178.173:443
Requested byhttps://live-khl.ru/ball/auth CertificateIssuerGoogle Trust Services LLC Subjectlive-khl.ru Fingerprint17:D6:DD:44:98:4B:A8:AD:42:84:C1:E9:99:F4:9D:7E:67:68:71:79 ValidityFri, 12 Apr 2024 11:32:57 GMT - Thu, 11 Jul 2024 11:32:56 GMT
File typeASCII text, with very long lines (736), with no line terminators Hashcf9e4f7c2e108253b09f1f704d067045 298d923ef22804845e9e5b4d8771b4ca5e946365 fbf0df8e2e3349d955976a5f574da93bd6183fd4d6bfbdf66cd89007a7cb2aa3
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /putPreloader-ae29ef38.js HTTP/1.1
Host: live-khl.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://live-khl.ru/ball/auth
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 18 Apr 2024 10:38:43 GMT
content-type: text/javascript
last-modified: Thu, 07 Dec 2023 12:18:00 GMT
etag: W/"2bb-60bea756c351c-gzip"
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=QJG9KRzzEyy%2FLe7eJ0WA3UNa6EIGJrxOBPAKOug7kFGhcGjBGF52J%2B9TvGY5rQe34y7DbOE44b%2F978m2F%2FJAbZLezqnq9kZtPDCCs1zebm9CsRVaIWEjmLrPJPKO5g%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 876406e16c5956ca-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| live-khl.ru/langSign-66e8939d.js | 172.67.178.173 | 200 OK | 1.6 kB |
URL GET HTTP/3live-khl.ru/langSign-66e8939d.js IP172.67.178.173:443
Requested byhttps://live-khl.ru/ball/auth CertificateIssuerGoogle Trust Services LLC Subjectlive-khl.ru Fingerprint17:D6:DD:44:98:4B:A8:AD:42:84:C1:E9:99:F4:9D:7E:67:68:71:79 ValidityFri, 12 Apr 2024 11:32:57 GMT - Thu, 11 Jul 2024 11:32:56 GMT
File typeASCII text, with very long lines (1751), with no line terminators Hash0d55451ee39b2aa034b815696a9b13ad 6144047d9652181c02b1e107703a9851ba5838ae 6efafb0c9358c1754c8d06ee1049bae36ff61108eb534f6c79a94d8b62f5b8f2
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /langSign-66e8939d.js HTTP/1.1
Host: live-khl.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://live-khl.ru/index-cfdc21d6.js
Cookie: PHPSESSID=2nr0k0eavgdja66g6t5r9suebj
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 18 Apr 2024 10:38:43 GMT
content-type: text/javascript
last-modified: Thu, 07 Dec 2023 12:17:58 GMT
etag: W/"66e-60bea755263e7-gzip"
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=TjwK7xg%2F8imRnvtKzqGwz9cFpUvEvbD712QeE3AHGSnKU9doGw%2BjZ1kNQbiM56Qw1INNiyFYHQSg8Mkv9w5mE3kcS%2BKIKZ9kbCsEzEJGrdJP14LKGJHYFEkkqqNaRw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 876406e05a7f56ca-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| live-khl.ru/pageSignQR-55e34e76.js | 172.67.178.173 | 200 OK | 5.6 kB |
URL GET HTTP/3live-khl.ru/pageSignQR-55e34e76.js IP172.67.178.173:443
Requested byhttps://live-khl.ru/ball/auth CertificateIssuerGoogle Trust Services LLC Subjectlive-khl.ru Fingerprint17:D6:DD:44:98:4B:A8:AD:42:84:C1:E9:99:F4:9D:7E:67:68:71:79 ValidityFri, 12 Apr 2024 11:32:57 GMT - Thu, 11 Jul 2024 11:32:56 GMT
File typeASCII text, with very long lines (5762), with no line terminators Hashf83ba728a3431f8dc5ad3630071aebbb 7b4322b87b21a92f98fd468edd5e86a675ac492e fdeef2c5c3478ee3d6d9f22fe492369bae1137e804e8048219633bb504d2633c
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /pageSignQR-55e34e76.js HTTP/1.1
Host: live-khl.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://live-khl.ru/ball/auth
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 18 Apr 2024 10:38:43 GMT
content-type: text/javascript
last-modified: Thu, 07 Dec 2023 12:18:00 GMT
etag: W/"15d1-60bea7564f1c9-gzip"
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=1wgXa1iln%2FtQJfiD84dC8Pqy9GO7fyTlTLJQVzwJe9oTkjQjQAkThCTbNgYDo5nQR%2BEWdVVoAn7jj8DAeh9drZtFz93ETt7N3gRnEykLXyMKywz4%2FLOnQ33JyXOpfA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 876406e16c3c56ca-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|