| chroniclesugar.com/watch.1271664074780.js?dev=r&key=64e0e2fafb6940d0946186d56d50ff8b&kw=[]&refer=https://lol-foot.ru/go/1/20&res=14.31&tz=2&uuid= |  192.243.59.20 | 307 Temporary Redirect | 0 B |
URL User Request GET HTTP/1.1chroniclesugar.com/watch.1271664074780.js?dev=r&key=64e0e2fafb6940d0946186d56d50ff8b&kw=[]&refer=https://lol-foot.ru/go/1/20&res=14.31&tz=2&uuid= IP192.243.59.20:443 ASN#39572 DataWeb Global Group B.V.
CertificateIssuerLet's Encrypt Subjectchroniclesugar.com Fingerprint10:4E:AB:21:CE:9D:B4:D1:EE:98:F9:04:AD:CE:0E:B1:15:57:C1:E2 ValidityTue, 23 Apr 2024 10:51:42 GMT - Mon, 22 Jul 2024 10:51:41 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /watch.1271664074780.js?dev=r&key=64e0e2fafb6940d0946186d56d50ff8b&kw=[]&refer=https://lol-foot.ru/go/1/20&res=14.31&tz=2&uuid= HTTP/1.1
Host: chroniclesugar.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 307 Temporary Redirect
Server: nginx/1.19.5
Date: Wed, 24 Apr 2024 23:34:43 GMT
Content-Type: text/html
Content-Length: 0
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://lol-foot.ru/go/1/20
Access-Control-Allow-Origin: https://lol-foot.ru/go/1/20
Access-Control-Allow-Credentials: true
Location: https://chroniclesugar.com/watch.1271664074780.js?dev=r&key=64e0e2fafb6940d0946186d56d50ff8b&kw=%5B%5D&pst=1714001743&refer=https%3A%2F%2Flol-foot.ru%2Fgo%2F1%2F20&res=14.31&rmtc=t&shu=daa03eff74f2ada3941dead475ba7b36d45421de1757f9f36b642a9e9ec688ea0f302d64a753696056b6fdce5e18f87efb460f985987f66d4e8c4b7319ee8a5aedeb98ef0d052eb236f3ee1022e791b858ace17fd77a4cea92c755866c7f80&tz=2&uuid=
Set-Cookie: u_pl=22940150; expires=Thu, 25 Apr 2024 23:34:43 GMT; secure; SameSite=None
ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoyMjk0MDE1MCwiayI6IjY0ZTBlMmZhZmI2OTQwZDA5NDYxODZkNTZkNTBmZjhiIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjozNjUzNzE2LCJwaWQiOjE3MjU2NDUsImFuIjp0cnVlLCJsYW4iOnRydWUsImNpZCI6MTksImFpZCI6NSwicHQiOjQsInBrIjoic2p4NXZ6djUiLCJjcGtzIjp7IjI4IjoiNDQ2MjBiNmIwYjI2OGYxZmRiODQ5ODc0YjU2ZjU0NjUifSwidCI6MX0sInUiOnsidSI6MSwiYXUiOjEsImQiOnsiaWQiOjc5OTU0MTk2LCJpZHMiOiIiLCJpYyI6ZmFsc2UsIm4iOiJEZXNrdG9wLEVtdWxhdG9yIiwidiI6IlVua25vd24iLCJtIjoiVW5rbm93biIsImYiOjEsImZuIjoiRGVza3RvcCIsIm9pZCI6MTgxMTAsIm9uIjoiTGludXgiLCJvdiI6IlVua25vd24iLCJiaWQiOjExNjY3MCwiYm4iOiJGaXJlZm94IiwiYnYiOiI5Ni4wIiwid3YiOmZhbHNlLCJlIjpmYWxzZSwiYWIiOmZhbHNlfSwiYyI6eyJpZCI6MTYyLCJjIjoiTk8iLCJuIjoiTm9yd2F5In0sImEiOmZhbHNlLCJjciI6eyJuIjoiQmxpeCBTb2x1dGlvbnMifSwieGYiOiIiLCJpeGYiOmZhbHNlLCJpZ3hmIjpmYWxzZSwidXAiOnRydWUsInIiOiJodHRwczovL2xvbC1mb290LnJ1L2dvLzEvMjAiLCJhciI6W119fQ.Z2HcwUmiw4mxRvEuRTt2dv1xT_JQzroRrwrC09y8QM8; expires=Wed, 24 Apr 2024 23:35:43 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 85ef169310cab0ca5b5efff640847609
Strict-Transport-Security: max-age=0; includeSubdomains
|
| chroniclesugar.com/watch.1271664074780.js?dev=r&key=64e0e2fafb6940d0946186d56d50ff8b&kw=%5B%5D&pst=1714001743&refer=https%3A%2F%2Flol-foot.ru%2Fgo%2F1%2F20&res=14.31&rmtc=t&shu=daa03eff74f2ada3941dead475ba7b36d45421de1757f9f36b642a9e9ec688ea0f302d64a753696056b6fdce5e18f87efb460f985987f66d4e8c4b7319ee8a5aedeb98ef0d052eb236f3ee1022e791b858ace17fd77a4cea92c755866c7f80&tz=2&uuid= | 192.243.59.20 | 200 OK | 2.0 kB |
URL User Request GET HTTP/1.1chroniclesugar.com/watch.1271664074780.js?dev=r&key=64e0e2fafb6940d0946186d56d50ff8b&kw=%5B%5D&pst=1714001743&refer=https%3A%2F%2Flol-foot.ru%2Fgo%2F1%2F20&res=14.31&rmtc=t&shu=daa03eff74f2ada3941dead475ba7b36d45421de1757f9f36b642a9e9ec688ea0f302d64a753696056b6fdce5e18f87efb460f985987f66d4e8c4b7319ee8a5aedeb98ef0d052eb236f3ee1022e791b858ace17fd77a4cea92c755866c7f80&tz=2&uuid= IP192.243.59.20:443 ASN#39572 DataWeb Global Group B.V.
CertificateIssuerLet's Encrypt Subjectchroniclesugar.com Fingerprint10:4E:AB:21:CE:9D:B4:D1:EE:98:F9:04:AD:CE:0E:B1:15:57:C1:E2 ValidityTue, 23 Apr 2024 10:51:42 GMT - Mon, 22 Jul 2024 10:51:41 GMT
File typeJavaScript source, ASCII text, with very long lines (2408) Hash2be84772a9db9cdd6d1df005fe308cd6 7e2ec1677f56880617d75b8b4803c3ea197c5e54 3ea77df39334ffeba2c8d0c007e8c06b12a57f0eb89229963fb72037441c0afe
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /watch.1271664074780.js?dev=r&key=64e0e2fafb6940d0946186d56d50ff8b&kw=%5B%5D&pst=1714001743&refer=https%3A%2F%2Flol-foot.ru%2Fgo%2F1%2F20&res=14.31&rmtc=t&shu=daa03eff74f2ada3941dead475ba7b36d45421de1757f9f36b642a9e9ec688ea0f302d64a753696056b6fdce5e18f87efb460f985987f66d4e8c4b7319ee8a5aedeb98ef0d052eb236f3ee1022e791b858ace17fd77a4cea92c755866c7f80&tz=2&uuid= HTTP/1.1
Host: chroniclesugar.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: u_pl=22940150; ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoyMjk0MDE1MCwiayI6IjY0ZTBlMmZhZmI2OTQwZDA5NDYxODZkNTZkNTBmZjhiIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjozNjUzNzE2LCJwaWQiOjE3MjU2NDUsImFuIjp0cnVlLCJsYW4iOnRydWUsImNpZCI6MTksImFpZCI6NSwicHQiOjQsInBrIjoic2p4NXZ6djUiLCJjcGtzIjp7IjI4IjoiNDQ2MjBiNmIwYjI2OGYxZmRiODQ5ODc0YjU2ZjU0NjUifSwidCI6MX0sInUiOnsidSI6MSwiYXUiOjEsImQiOnsiaWQiOjc5OTU0MTk2LCJpZHMiOiIiLCJpYyI6ZmFsc2UsIm4iOiJEZXNrdG9wLEVtdWxhdG9yIiwidiI6IlVua25vd24iLCJtIjoiVW5rbm93biIsImYiOjEsImZuIjoiRGVza3RvcCIsIm9pZCI6MTgxMTAsIm9uIjoiTGludXgiLCJvdiI6IlVua25vd24iLCJiaWQiOjExNjY3MCwiYm4iOiJGaXJlZm94IiwiYnYiOiI5Ni4wIiwid3YiOmZhbHNlLCJlIjpmYWxzZSwiYWIiOmZhbHNlfSwiYyI6eyJpZCI6MTYyLCJjIjoiTk8iLCJuIjoiTm9yd2F5In0sImEiOmZhbHNlLCJjciI6eyJuIjoiQmxpeCBTb2x1dGlvbnMifSwieGYiOiIiLCJpeGYiOmZhbHNlLCJpZ3hmIjpmYWxzZSwidXAiOnRydWUsInIiOiJodHRwczovL2xvbC1mb290LnJ1L2dvLzEvMjAiLCJhciI6W119fQ.Z2HcwUmiw4mxRvEuRTt2dv1xT_JQzroRrwrC09y8QM8
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Wed, 24 Apr 2024 23:34:43 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://lol-foot.ru/go/1/20
Access-Control-Allow-Origin: https://lol-foot.ru/go/1/20
Access-Control-Allow-Credentials: true
Set-Cookie: pdhtkv=true; expires=Thu, 25 Apr 2024 23:34:43 GMT; secure; SameSite=None
uncs=1; expires=Thu, 25 Apr 2024 23:34:43 GMT; secure; SameSite=None
pdhtkv5=true; expires=Thu, 25 Apr 2024 23:34:43 GMT; secure; SameSite=None
uncs5=1; expires=Thu, 25 Apr 2024 23:34:43 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: ac43d063786a128fdc5d4f29ecda6f85
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
|
| cdn.cloudimagesb.com/cti/bb/ad/e5/bbade5cfcc3e33290c926b47a29f10ef/1707727941.png | 45.133.44.9 | 200 OK | 79 kB |
URL GET HTTP/2cdn.cloudimagesb.com/cti/bb/ad/e5/bbade5cfcc3e33290c926b47a29f10ef/1707727941.png IP45.133.44.9:443 ASN#39572 DataWeb Global Group B.V.
Requested byhttps://chroniclesugar.com/watch.1271664074780.js?dev=r&key=64e0e2fafb6940d0946186d56d50ff8b&kw=%5B%5D&pst=1714001743&refer=https%3A%2F%2Flol-foot.ru%2Fgo%2F1%2F20&res=14.31&rmtc=t&shu=daa03eff74f2ada3941dead475ba7b36d45421de1757f9f36b642a9e9ec688ea0f302d64a753696056b6fdce5e18f87efb460f985987f66d4e8c4b7319ee8a5aedeb98ef0d052eb236f3ee1022e791b858ace17fd77a4cea92c755866c7f80&tz=2&uuid= CertificateIssuerLet's Encrypt Subjectcdn.cloudimagesb.com FingerprintC6:F3:21:F0:21:7D:7E:96:0F:E8:46:7A:5E:C5:3F:D1:52:B0:67:B0 ValidityFri, 22 Mar 2024 03:01:35 GMT - Thu, 20 Jun 2024 03:01:34 GMT
File typePNG image data, 300 x 250, 8-bit/color RGBA, non-interlaced Hashf6e4959e9da97ab3696e321e8e4516f7 82fb8d27a4180131dc17c389ffa23f0effffc9a1 d93a1fa2b40ec721a3addcd7f332c02e09d9d1d622e2ad7a5f9f4467686f2959
GET /cti/bb/ad/e5/bbade5cfcc3e33290c926b47a29f10ef/1707727941.png HTTP/1.1
Host: cdn.cloudimagesb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://chroniclesugar.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 24 Apr 2024 23:34:43 GMT
content-type: image/png
content-length: 78975
server: nginx/1.21.6
last-modified: Mon, 12 Feb 2024 08:52:30 GMT
etag: "65c9dc4e-1347f"
expires: Fri, 26 Apr 2024 23:34:43 GMT
cache-control: max-age=172800
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
|
| chroniclesugar.com/favicon.ico | 192.243.59.20 | 200 OK | 0 B |
URL GET HTTP/1.1chroniclesugar.com/favicon.ico IP192.243.59.20:443 ASN#39572 DataWeb Global Group B.V.
Requested byhttps://chroniclesugar.com/watch.1271664074780.js?dev=r&key=64e0e2fafb6940d0946186d56d50ff8b&kw=%5B%5D&pst=1714001743&refer=https%3A%2F%2Flol-foot.ru%2Fgo%2F1%2F20&res=14.31&rmtc=t&shu=daa03eff74f2ada3941dead475ba7b36d45421de1757f9f36b642a9e9ec688ea0f302d64a753696056b6fdce5e18f87efb460f985987f66d4e8c4b7319ee8a5aedeb98ef0d052eb236f3ee1022e791b858ace17fd77a4cea92c755866c7f80&tz=2&uuid= CertificateIssuerLet's Encrypt Subjectchroniclesugar.com Fingerprint10:4E:AB:21:CE:9D:B4:D1:EE:98:F9:04:AD:CE:0E:B1:15:57:C1:E2 ValidityTue, 23 Apr 2024 10:51:42 GMT - Mon, 22 Jul 2024 10:51:41 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /favicon.ico HTTP/1.1
Host: chroniclesugar.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://chroniclesugar.com/watch.1271664074780.js?dev=r&key=64e0e2fafb6940d0946186d56d50ff8b&kw=%5B%5D&pst=1714001743&refer=https%3A%2F%2Flol-foot.ru%2Fgo%2F1%2F20&res=14.31&rmtc=t&shu=daa03eff74f2ada3941dead475ba7b36d45421de1757f9f36b642a9e9ec688ea0f302d64a753696056b6fdce5e18f87efb460f985987f66d4e8c4b7319ee8a5aedeb98ef0d052eb236f3ee1022e791b858ace17fd77a4cea92c755866c7f80&tz=2&uuid=
Cookie: u_pl=22940150; ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoyMjk0MDE1MCwiayI6IjY0ZTBlMmZhZmI2OTQwZDA5NDYxODZkNTZkNTBmZjhiIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjozNjUzNzE2LCJwaWQiOjE3MjU2NDUsImFuIjp0cnVlLCJsYW4iOnRydWUsImNpZCI6MTksImFpZCI6NSwicHQiOjQsInBrIjoic2p4NXZ6djUiLCJjcGtzIjp7IjI4IjoiNDQ2MjBiNmIwYjI2OGYxZmRiODQ5ODc0YjU2ZjU0NjUifSwidCI6MX0sInUiOnsidSI6MSwiYXUiOjEsImQiOnsiaWQiOjc5OTU0MTk2LCJpZHMiOiIiLCJpYyI6ZmFsc2UsIm4iOiJEZXNrdG9wLEVtdWxhdG9yIiwidiI6IlVua25vd24iLCJtIjoiVW5rbm93biIsImYiOjEsImZuIjoiRGVza3RvcCIsIm9pZCI6MTgxMTAsIm9uIjoiTGludXgiLCJvdiI6IlVua25vd24iLCJiaWQiOjExNjY3MCwiYm4iOiJGaXJlZm94IiwiYnYiOiI5Ni4wIiwid3YiOmZhbHNlLCJlIjpmYWxzZSwiYWIiOmZhbHNlfSwiYyI6eyJpZCI6MTYyLCJjIjoiTk8iLCJuIjoiTm9yd2F5In0sImEiOmZhbHNlLCJjciI6eyJuIjoiQmxpeCBTb2x1dGlvbnMifSwieGYiOiIiLCJpeGYiOmZhbHNlLCJpZ3hmIjpmYWxzZSwidXAiOnRydWUsInIiOiJodHRwczovL2xvbC1mb290LnJ1L2dvLzEvMjAiLCJhciI6W119fQ.Z2HcwUmiw4mxRvEuRTt2dv1xT_JQzroRrwrC09y8QM8; pdhtkv=true; uncs=1; pdhtkv5=true; uncs5=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Wed, 24 Apr 2024 23:34:43 GMT
Content-Type: image/x-icon
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: a0bd6a69db3e9a0366ead4ed22a63841
Strict-Transport-Security: max-age=0; includeSubdomains
|