| live-khl.ru/index-cfdc21d6.js | 172.67.178.173 | 200 OK | 55 kB |
URL GET HTTP/3live-khl.ru/index-cfdc21d6.js IP172.67.178.173:443
Requested byhttps://live-khl.ru/ball/auth CertificateIssuerGoogle Trust Services LLC Subjectlive-khl.ru Fingerprint17:D6:DD:44:98:4B:A8:AD:42:84:C1:E9:99:F4:9D:7E:67:68:71:79 ValidityFri, 12 Apr 2024 11:32:57 GMT - Thu, 11 Jul 2024 11:32:56 GMT
File typeJavaScript source, Unicode text, UTF-8 text, with very long lines (63446), with no line terminators Hashec0a8b17842f2388f7d00c9ea8ced663 d297380e4dc4db7a992ec545dbe6327e2aa15469 3a9bf059621e9bbf8bfe9dbacc82a0cb5b3374d4536de69417bd8afdfb683106
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /index-cfdc21d6.js HTTP/1.1
Host: live-khl.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://live-khl.ru/ball/auth
Cookie: PHPSESSID=rkuceokqerol9okvcgtc1s58h1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sat, 20 Apr 2024 10:43:09 GMT
content-type: application/javascript
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
vary: Accept-Encoding
cf-cache-status: BYPASS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=vfGKborHXGlPtys9hUM46QEPCBPl%2FMZTokoS5I9zIvEk6%2FpPuxA3eKF90TqYOBOT5H3U%2BGsWz7x4IHQgOzDasl0R4bXN1LNejPgbPMfrgdyA7KbDHs6T76%2BK9oomvA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 877488223ee5b529-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| live-khl.ru/asset/img/favicon-16x16.png?v=jw3mK7G9Ry | 172.67.178.173 | 200 OK | 1.0 kB |
URL GET HTTP/3live-khl.ru/asset/img/favicon-16x16.png?v=jw3mK7G9Ry IP172.67.178.173:443
Requested byhttps://live-khl.ru/ball/auth CertificateIssuerGoogle Trust Services LLC Subjectlive-khl.ru Fingerprint17:D6:DD:44:98:4B:A8:AD:42:84:C1:E9:99:F4:9D:7E:67:68:71:79 ValidityFri, 12 Apr 2024 11:32:57 GMT - Thu, 11 Jul 2024 11:32:56 GMT
File typePNG image data, 16 x 16, 8-bit colormap, non-interlaced Hashe3ce05eb00b3215df220efaf0fd06e21 d1533966f79dc2984c34317035f31cf3c91298c9 0d67b7e8ea46e3c959329a0e79a8c8b236187f452edc7049524245e4aa6bee21
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /asset/img/favicon-16x16.png?v=jw3mK7G9Ry HTTP/1.1
Host: live-khl.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://live-khl.ru/ball/auth
Cookie: PHPSESSID=rkuceokqerol9okvcgtc1s58h1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sat, 20 Apr 2024 10:43:10 GMT
content-type: image/png
content-length: 1012
last-modified: Thu, 07 Dec 2023 12:00:12 GMT
etag: "3f4-60bea35c583a7"
cache-control: max-age=14400
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=n3iCqFsUDi9pieDx3Ec%2B67VxsNzxJ%2BDUK0DRFqKoVnc9B20WdFFzUxuluG6jGaVGCV9fsOXV8YBJ0v30wyxp3XVm2dBuS4PTarnT5R%2Boc7WQLznwx7YOYQ7DXyuvaw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87748825ba19b529-OSL
alt-svc: h3=":443"; ma=86400
|
|
| live-khl.ru/lang-9ff1b05a.js | 172.67.178.173 | 200 OK | 39 kB |
URL GET HTTP/3live-khl.ru/lang-9ff1b05a.js IP172.67.178.173:443
Requested byhttps://live-khl.ru/ball/auth CertificateIssuerGoogle Trust Services LLC Subjectlive-khl.ru Fingerprint17:D6:DD:44:98:4B:A8:AD:42:84:C1:E9:99:F4:9D:7E:67:68:71:79 ValidityFri, 12 Apr 2024 11:32:57 GMT - Thu, 11 Jul 2024 11:32:56 GMT
File typeUnicode text, UTF-8 text, with very long lines (14604) Hash4230df4a8128c30f22af1783386cae6f a5716da6085a7a07fc430f3f410bb36c9e54ac34 52113907183285220d884b4a99c8ee805b977e6b0039992d95005db0988187e0
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /lang-9ff1b05a.js HTTP/1.1
Host: live-khl.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://live-khl.ru/index-cfdc21d6.js
Cookie: PHPSESSID=rkuceokqerol9okvcgtc1s58h1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sat, 20 Apr 2024 10:43:10 GMT
content-type: text/javascript
last-modified: Thu, 07 Dec 2023 12:17:58 GMT
etag: W/"18fbc-60bea755021cb-gzip"
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=h4ZfRojMptrecafUSGgLNqH8Y6pFQOOTSUrJULBxMXNhORorsofmRQMfD%2F2qbGDse0LgUpTZ9C37QCqxJREcRrjnQbav6LSjcvWWPygtPyLJFxUp8QdrjeOciYst%2Fw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87748824b91eb529-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| venus.web.telegram.org/apiw1 | 149.154.167.99 | | 169 B |
URL venus.web.telegram.org/apiw1 IP149.154.167.99:0 ASN#62041 Telegram Messenger Inc
File typeHTML document, ASCII text, with CRLF line terminators Hashc2a982d42f89274763eef2a44fe01030 86e6d53f6478cdd0c05611093d9c55a953454af7 d8b55de3a4d5331f3b450a86bb907afe17dc964adca30f39d101a3d55a4a9d6a
POST /apiw1 HTTP/1.1
Host: venus.web.telegram.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://live-khl.ru/
Content-Length: 0
Origin: https://live-khl.ru
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 404 Not Found
server: nginx/1.18.0
date: Sat, 20 Apr 2024 10:43:10 GMT
content-type: text/html
content-length: 169
pragma: no-cache
cache-control: no-store
access-control-allow-origin: *
access-control-allow-methods: POST, OPTIONS
access-control-allow-headers: origin, content-type
access-control-max-age: 1728000
X-Firefox-Spdy: h2
|
|
| kws2.web.telegram.org/apiws | 149.154.167.99 | | 0 B |
URL kws2.web.telegram.org/apiws IP149.154.167.99:0 ASN#62041 Telegram Messenger Inc
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /apiws HTTP/1.1
Host: kws2.web.telegram.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: https://live-khl.ru
Sec-WebSocket-Protocol: binary
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: OLPYhrkFrBYEPDHKlKNsfw==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Server: nginx/1.18.0
Date: Sat, 20 Apr 2024 10:43:10 GMT
Connection: upgrade
Upgrade: websocket
Sec-WebSocket-Accept: jJ93NIwvm0xfz9sUxXxbhjJXUYA=
Sec-WebSocket-Protocol: binary
|
|
| | 172.67.178.173 | 200 OK | 5.4 kB |
URL User Request GET HTTP/2IP172.67.178.173:443
CertificateIssuerGoogle Trust Services LLC Subjectlive-khl.ru Fingerprint17:D6:DD:44:98:4B:A8:AD:42:84:C1:E9:99:F4:9D:7E:67:68:71:79 ValidityFri, 12 Apr 2024 11:32:57 GMT - Thu, 11 Jul 2024 11:32:56 GMT
File typeHTML document, ASCII text, with very long lines (1757) Hashd81cb17c6ca692cce341c509d5ec57cc 39fee452e599617961a264e2c53349afe08846cb ca911752ea5025c6a56d55637663ab5821d42ec5baf6be205ffa9a62025252ec
Analyzer | Verdict | Alert | OpenPhish | phishing | Telegram | Quad9 DNS | malicious | Sinkholed |
GET /ball/auth HTTP/1.1
Host: live-khl.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 20 Apr 2024 10:43:09 GMT
content-type: text/html; charset=UTF-8
set-cookie: PHPSESSID=rkuceokqerol9okvcgtc1s58h1; path=/
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
vary: Accept-Encoding
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=A03PjvLtwqGeDgwOnEFNrWj4D2uXQbNvscGAAcrDTjrXEo%2FlODFvwJlOyR0RXE%2FTENgAuW8h9eqtXpuxAzB7va1gNktkbKiWYN0dSEpZVGbW%2FmutvvHNgyYq5V3qjw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 877488207b0856b7-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| live-khl.ru/_commonjsHelpers-725317a4.js | 172.67.178.173 | 200 OK | 11 kB |
URL GET HTTP/3live-khl.ru/_commonjsHelpers-725317a4.js IP172.67.178.173:443
Requested byhttps://live-khl.ru/ball/auth CertificateIssuerGoogle Trust Services LLC Subjectlive-khl.ru Fingerprint17:D6:DD:44:98:4B:A8:AD:42:84:C1:E9:99:F4:9D:7E:67:68:71:79 ValidityFri, 12 Apr 2024 11:32:57 GMT - Thu, 11 Jul 2024 11:32:56 GMT
Hashcd6f232e1ba73081b1b70f3e1a14648f 7feaacf5309dc73289c5047b81c7c5781fc6f786 1b58f13a4a6a472ae93c91076b73ff754e8f7d4b3573764aed63a13e184d6fb1
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /_commonjsHelpers-725317a4.js HTTP/1.1
Host: live-khl.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://live-khl.ru/ball/auth
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sat, 20 Apr 2024 10:43:13 GMT
content-type: text/javascript
last-modified: Thu, 07 Dec 2023 12:17:55 GMT
etag: W/"122-60bea75216158-gzip"
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ZSVDqdR%2FaHOQkWh9BxgcjDpSDzO9a0yyxPR2nHHZTzZ6QSW8mYybdCu1eVFruC%2F9UHvrDJIrDPN7vhYbTG4gn2G%2FgIRTZMlRFsQLetiDUdRmzc912%2BmAgzn%2Bsk9HyQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8774883548e3b529-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| live-khl.ru/page-49e139d4.js | 172.67.178.173 | 200 OK | 4.3 kB |
URL GET HTTP/3live-khl.ru/page-49e139d4.js IP172.67.178.173:443
Requested byhttps://live-khl.ru/ball/auth CertificateIssuerGoogle Trust Services LLC Subjectlive-khl.ru Fingerprint17:D6:DD:44:98:4B:A8:AD:42:84:C1:E9:99:F4:9D:7E:67:68:71:79 ValidityFri, 12 Apr 2024 11:32:57 GMT - Thu, 11 Jul 2024 11:32:56 GMT
File typeASCII text, with very long lines (10193) Hash6ccaefefec5a957c2d80fe5f97c8098b bf1eda880c524c21f78ff0424592f81fba4214ab 65659681146410adb22da9de126db5da27eb6032631d55c1c2bedebabd8e8f5f
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /page-49e139d4.js HTTP/1.1
Host: live-khl.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://live-khl.ru/ball/auth
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sat, 20 Apr 2024 10:43:10 GMT
content-type: text/javascript
last-modified: Thu, 07 Dec 2023 12:17:59 GMT
etag: W/"27fc-60bea755a62ba-gzip"
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Xly7ERSmRgx1iiAZ0hwpfAH1%2FKjXj93jBqjYjXu5meusm2lg6MgtLY91GdZKK1i67WhgMDX8tfBIHMlFHe%2B6UXKhwJh3PNZe3RD0G6DwxMr0xB3zz%2BsQyRuUlPw8AA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87748825da2bb529-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| live-khl.ru/qr-code-styling-8a04fb73.js | 172.67.178.173 | 200 OK | 17 kB |
URL GET HTTP/3live-khl.ru/qr-code-styling-8a04fb73.js IP172.67.178.173:443
Requested byhttps://live-khl.ru/ball/auth CertificateIssuerGoogle Trust Services LLC Subjectlive-khl.ru Fingerprint17:D6:DD:44:98:4B:A8:AD:42:84:C1:E9:99:F4:9D:7E:67:68:71:79 ValidityFri, 12 Apr 2024 11:32:57 GMT - Thu, 11 Jul 2024 11:32:56 GMT
File typeJavaScript source, Unicode text, UTF-8 text, with very long lines (57474) Hash9bc1dca9d012e6cc87fc199909f9667b b340b1309516f10074080f5fcec5593101022612 d7d3232bf40cc555ad219d6b688afe4b2427e7fa00ae719e5f7fa4152dc0857f
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /qr-code-styling-8a04fb73.js HTTP/1.1
Host: live-khl.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://live-khl.ru/pageSignQR-55e34e76.js
Cookie: PHPSESSID=rkuceokqerol9okvcgtc1s58h1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sat, 20 Apr 2024 10:43:13 GMT
content-type: text/javascript
last-modified: Thu, 07 Dec 2023 12:18:00 GMT
etag: W/"102a9-60bea756f2318-gzip"
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=4Oc7TNNAqKKX%2FoT0E5iqOrWC1STVtbFQdDJMdwKaJ%2BhAmQh%2FH1XPsaU8NKtkgn0XNWsluttRJUsDMOg6M2g1nK9e%2BkT%2B3hHIZfbHUYzcN%2BFkafxwvMWuqOLl6cANWA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8774883558eab529-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| kws2.web.telegram.org/apiws | 149.154.167.99 | | 0 B |
URL kws2.web.telegram.org/apiws IP149.154.167.99:0 ASN#62041 Telegram Messenger Inc
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /apiws HTTP/1.1
Host: kws2.web.telegram.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: https://live-khl.ru
Sec-WebSocket-Protocol: binary
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: x01NJFtkASvN1D33EsqBcw==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Server: nginx/1.18.0
Date: Sat, 20 Apr 2024 10:43:14 GMT
Connection: upgrade
Upgrade: websocket
Sec-WebSocket-Accept: fCdgWYB3zvPSrQzxxNSVtdSmlFU=
Sec-WebSocket-Protocol: binary
|
|
| live-khl.ru/pageSignQR-55e34e76.js | 172.67.178.173 | 200 OK | 11 kB |
URL GET HTTP/3live-khl.ru/pageSignQR-55e34e76.js IP172.67.178.173:443
Requested byhttps://live-khl.ru/ball/auth CertificateIssuerGoogle Trust Services LLC Subjectlive-khl.ru Fingerprint17:D6:DD:44:98:4B:A8:AD:42:84:C1:E9:99:F4:9D:7E:67:68:71:79 ValidityFri, 12 Apr 2024 11:32:57 GMT - Thu, 11 Jul 2024 11:32:56 GMT
File typeJava source, ASCII text, with very long lines (5536) Hash908a426b097ed038bf16088bb70c4d0a 51b080072f896e324ba8a2229e9303364354326d 96e7ecf00e95236690fe564fcef37e9a3f856d7731085dd856eec61a50720216
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /pageSignQR-55e34e76.js HTTP/1.1
Host: live-khl.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://live-khl.ru/index-cfdc21d6.js
Cookie: PHPSESSID=rkuceokqerol9okvcgtc1s58h1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sat, 20 Apr 2024 10:43:11 GMT
content-type: text/javascript
last-modified: Thu, 07 Dec 2023 12:18:00 GMT
etag: W/"15d1-60bea7564f1c9-gzip"
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=m4NHVLVQTd0ioI6ltyUzvmEi%2B0ErRups8b8cShYjqw3G2DlKgewl3A7QMTHLN98aCi9307%2BF59RRsenTw%2BdRJ4BaEXR2H0zu8rwqoZqxWDdabJA7Q7N3nV12tC9YSg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87748825ea32b529-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| live-khl.ru/countries-5301fc59.js | 172.67.178.173 | 200 OK | 24 kB |
URL GET HTTP/3live-khl.ru/countries-5301fc59.js IP172.67.178.173:443
Requested byhttps://live-khl.ru/ball/auth CertificateIssuerGoogle Trust Services LLC Subjectlive-khl.ru Fingerprint17:D6:DD:44:98:4B:A8:AD:42:84:C1:E9:99:F4:9D:7E:67:68:71:79 ValidityFri, 12 Apr 2024 11:32:57 GMT - Thu, 11 Jul 2024 11:32:56 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /countries-5301fc59.js HTTP/1.1
Host: live-khl.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://live-khl.ru/index-cfdc21d6.js
Cookie: PHPSESSID=rkuceokqerol9okvcgtc1s58h1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Sat, 20 Apr 2024 10:43:10 GMT
content-type: text/javascript
last-modified: Thu, 07 Dec 2023 12:17:56 GMT
etag: W/"5e21-60bea7533cffa-gzip"
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=b7Xwkvhw5zRS7NstTHGN%2Fk6NKmIFVSLsOvJ3PxYdZkH2iUHwtUJU1dj0ltfu%2Fc%2BU447%2BmAHw4aarb27%2Fz%2Fb5GC9NMqI4JIvpkPJbr2gskFfKPKiMgCvbePHgG4Llww%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87748824b922b529-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| live-khl.ru/textToSvgURL-c6ebb454.js | 172.67.178.173 | 200 OK | 357 B |
URL GET HTTP/3live-khl.ru/textToSvgURL-c6ebb454.js IP172.67.178.173:443
Requested byhttps://live-khl.ru/ball/auth CertificateIssuerGoogle Trust Services LLC Subjectlive-khl.ru Fingerprint17:D6:DD:44:98:4B:A8:AD:42:84:C1:E9:99:F4:9D:7E:67:68:71:79 ValidityFri, 12 Apr 2024 11:32:57 GMT - Thu, 11 Jul 2024 11:32:56 GMT
File typeASCII text, with very long lines (361), with no line terminators Hashea2a87dc9755781a19e407ae7bc5dc0d 41a7d07495e01e09e53eb51215ccf778c3aea92f 0a6994411c1666d1f665895c1d61536c24b0f0f5f9176f81d839c5316ea3d1be
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /textToSvgURL-c6ebb454.js HTTP/1.1
Host: live-khl.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://live-khl.ru/pageSignQR-55e34e76.js
Cookie: PHPSESSID=rkuceokqerol9okvcgtc1s58h1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Sat, 20 Apr 2024 10:43:12 GMT
content-type: text/javascript
last-modified: Thu, 07 Dec 2023 12:18:01 GMT
etag: W/"165-60bea757c61a2-gzip"
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=xNuCewyLbpBVBMWpGEpPmr%2BgCpOekX%2BmSWr8Q%2FCqc%2Bq3kdeORfkZv9ISPdsmPzcK6oZe8kIU5BmxcpUXbMQXfFGtd1I4W2C56iAxfiTcBvDlvpVIh6XZJmsmq%2Bhp8w%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8774882f0b34b529-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| live-khl.ru/index-91acc02b.css | 172.67.178.173 | 200 OK | 425 kB |
URL GET HTTP/3live-khl.ru/index-91acc02b.css IP172.67.178.173:443
Requested byhttps://live-khl.ru/ball/auth CertificateIssuerGoogle Trust Services LLC Subjectlive-khl.ru Fingerprint17:D6:DD:44:98:4B:A8:AD:42:84:C1:E9:99:F4:9D:7E:67:68:71:79 ValidityFri, 12 Apr 2024 11:32:57 GMT - Thu, 11 Jul 2024 11:32:56 GMT
Size425 kB (425367 bytes) Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /index-91acc02b.css HTTP/1.1
Host: live-khl.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://live-khl.ru/ball/auth
Cookie: PHPSESSID=rkuceokqerol9okvcgtc1s58h1
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Sat, 20 Apr 2024 10:43:10 GMT
content-type: text/css
last-modified: Thu, 07 Dec 2023 12:17:58 GMT
etag: W/"67d97-60bea754e4d0e-gzip"
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=F7vv3GgXrNeEXYLCBjImYhJ0Cw2%2BB1yZIxceiOtZht5Yvw%2BpujtCVCUdJB1ckYRP0LiYC0IY%2By%2F3n1cVxuboVAogZpMZOx%2FkLK1%2FXtfW4ZhJe9FN52jzwB57HHE%2FEA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 877488224eefb529-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| live-khl.ru/asset/img/android-chrome-192x192.png?v=jw3mK7G9Ry | 172.67.178.173 | 200 OK | 9.0 kB |
URL GET HTTP/3live-khl.ru/asset/img/android-chrome-192x192.png?v=jw3mK7G9Ry IP172.67.178.173:443
Requested byhttps://live-khl.ru/ball/auth CertificateIssuerGoogle Trust Services LLC Subjectlive-khl.ru Fingerprint17:D6:DD:44:98:4B:A8:AD:42:84:C1:E9:99:F4:9D:7E:67:68:71:79 ValidityFri, 12 Apr 2024 11:32:57 GMT - Thu, 11 Jul 2024 11:32:56 GMT
File typePNG image data, 192 x 192, 8-bit/color RGBA, non-interlaced Hash87fecdadac0beb95f9b7c87b3b3236f0 822f92446c0033a32462aa21208efaef1f0d8c3c 25aa724658da8e71f5cc7c35ccbb43075866af5bed964edb09979caace667b0b
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /asset/img/android-chrome-192x192.png?v=jw3mK7G9Ry HTTP/1.1
Host: live-khl.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://live-khl.ru/ball/auth
Cookie: PHPSESSID=rkuceokqerol9okvcgtc1s58h1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Sat, 20 Apr 2024 10:43:10 GMT
content-type: image/png
content-length: 9024
last-modified: Thu, 07 Dec 2023 12:00:13 GMT
etag: "2340-60bea35cf4797"
cache-control: max-age=14400
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Mq57rAkuOaOsc3wvK32Hp%2BuWDwKVHeeGNYccAa3NDPe3YL1g6%2B2f6wdiGor0KXySakgxaS%2BT78oBGudrlfAL1dFbC827n6PgKClOgWZr7yuRq021X%2FLgTSQxIktzNg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87748825ba18b529-OSL
alt-svc: h3=":443"; ma=86400
|
|
| live-khl.ru/textToSvgURL-c6ebb454.js | 172.67.178.173 | 200 OK | 357 B |
URL GET HTTP/3live-khl.ru/textToSvgURL-c6ebb454.js IP172.67.178.173:443
Requested byhttps://live-khl.ru/ball/auth CertificateIssuerGoogle Trust Services LLC Subjectlive-khl.ru Fingerprint17:D6:DD:44:98:4B:A8:AD:42:84:C1:E9:99:F4:9D:7E:67:68:71:79 ValidityFri, 12 Apr 2024 11:32:57 GMT - Thu, 11 Jul 2024 11:32:56 GMT
File typeASCII text, with very long lines (361), with no line terminators Hashea2a87dc9755781a19e407ae7bc5dc0d 41a7d07495e01e09e53eb51215ccf778c3aea92f 0a6994411c1666d1f665895c1d61536c24b0f0f5f9176f81d839c5316ea3d1be
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /textToSvgURL-c6ebb454.js HTTP/1.1
Host: live-khl.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://live-khl.ru/ball/auth
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Sat, 20 Apr 2024 10:43:12 GMT
content-type: text/javascript
last-modified: Thu, 07 Dec 2023 12:18:01 GMT
etag: W/"165-60bea757c61a2-gzip"
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=DFQEB15mttpucZTS12tfra6aSHp47iIB3SrhnUnjrIKFC9pTIatKLASTSQ7q1z%2B%2FiJdbKOIamqzoGCsingxf9Ya7BHW5v3%2FGTu1HBMLQ%2Fg4EdzybMF3pLxlrVb9T0A%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87748825da30b529-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| live-khl.ru/putPreloader-ae29ef38.js | 172.67.178.173 | 200 OK | 699 B |
URL GET HTTP/3live-khl.ru/putPreloader-ae29ef38.js IP172.67.178.173:443
Requested byhttps://live-khl.ru/ball/auth CertificateIssuerGoogle Trust Services LLC Subjectlive-khl.ru Fingerprint17:D6:DD:44:98:4B:A8:AD:42:84:C1:E9:99:F4:9D:7E:67:68:71:79 ValidityFri, 12 Apr 2024 11:32:57 GMT - Thu, 11 Jul 2024 11:32:56 GMT
File typeASCII text, with very long lines (736), with no line terminators Hashcf9e4f7c2e108253b09f1f704d067045 298d923ef22804845e9e5b4d8771b4ca5e946365 fbf0df8e2e3349d955976a5f574da93bd6183fd4d6bfbdf66cd89007a7cb2aa3
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /putPreloader-ae29ef38.js HTTP/1.1
Host: live-khl.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://live-khl.ru/ball/auth
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Sat, 20 Apr 2024 10:43:11 GMT
content-type: text/javascript
last-modified: Thu, 07 Dec 2023 12:18:00 GMT
etag: W/"2bb-60bea756c351c-gzip"
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=u5cCnxS1aad%2BF0%2FSNVN4AoNegVPvKghWnwwO%2FbmeQ0VARKE2mNjuRsglRZIDhDXMPxMqnItl%2Fb%2BjfSUqdXYBgda5Lny6q8WiZLnEqachpwZcX8Bid8QdjmQzolKNHw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87748825da2fb529-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| live-khl.ru/putPreloader-ae29ef38.js | 172.67.178.173 | 200 OK | 699 B |
URL GET HTTP/3live-khl.ru/putPreloader-ae29ef38.js IP172.67.178.173:443
Requested byhttps://live-khl.ru/ball/auth CertificateIssuerGoogle Trust Services LLC Subjectlive-khl.ru Fingerprint17:D6:DD:44:98:4B:A8:AD:42:84:C1:E9:99:F4:9D:7E:67:68:71:79 ValidityFri, 12 Apr 2024 11:32:57 GMT - Thu, 11 Jul 2024 11:32:56 GMT
File typeASCII text, with very long lines (736), with no line terminators Hashcf9e4f7c2e108253b09f1f704d067045 298d923ef22804845e9e5b4d8771b4ca5e946365 fbf0df8e2e3349d955976a5f574da93bd6183fd4d6bfbdf66cd89007a7cb2aa3
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /putPreloader-ae29ef38.js HTTP/1.1
Host: live-khl.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://live-khl.ru/pageSignQR-55e34e76.js
Cookie: PHPSESSID=rkuceokqerol9okvcgtc1s58h1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Sat, 20 Apr 2024 10:43:11 GMT
content-type: text/javascript
last-modified: Thu, 07 Dec 2023 12:18:00 GMT
etag: W/"2bb-60bea756c351c-gzip"
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: HIT
age: 0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=UHoZ%2F17AYnhpo8fzU1zYoKJ57e4ZSIXk%2BaByCAyGg8%2BFD%2BLdUEoFjy%2FpewsKK0hA4qJitf2Q9zMqlOfhLN4AWPF8%2FAY9egxOmY887XrCGkgdxy%2FSufWZlQmcXbaMog%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8774882f0b30b529-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| live-khl.ru/asset/jquery.min.js | 172.67.178.173 | 200 OK | 90 kB |
URL GET HTTP/3live-khl.ru/asset/jquery.min.js IP172.67.178.173:443
Requested byhttps://live-khl.ru/ball/auth CertificateIssuerGoogle Trust Services LLC Subjectlive-khl.ru Fingerprint17:D6:DD:44:98:4B:A8:AD:42:84:C1:E9:99:F4:9D:7E:67:68:71:79 ValidityFri, 12 Apr 2024 11:32:57 GMT - Thu, 11 Jul 2024 11:32:56 GMT
File typeJavaScript source, ASCII text, with very long lines (65447) Hash1db92b83313d6fbaf76fd364688c8e6c 90c3cf0d1af00de7424a6b4b8f7f41b1200d3964 3ca4587ad13382ba7ede987f96682cc928589f037b1403fb43bd8ffc430809da
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /asset/jquery.min.js HTTP/1.1
Host: live-khl.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://live-khl.ru/ball/auth
Cookie: PHPSESSID=rkuceokqerol9okvcgtc1s58h1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Sat, 20 Apr 2024 10:43:09 GMT
content-type: text/javascript
last-modified: Thu, 07 Dec 2023 12:10:36 GMT
etag: W/"16182-60bea5af51c2f-gzip"
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=pqq1PF06rqLFBvIuBptRmLiiTTmCAFKQiub0uuLJokk3trj7AG83tghVA72oTevgpzRMFmZZwBUAk8tYTAoyIsvKXcVPxDSxvaEvDtndxQikZkZgufzU4lN7Pc0Kwg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 877488223eeab529-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| live-khl.ru/langSign-66e8939d.js | 172.67.178.173 | 200 OK | 1.6 kB |
URL GET HTTP/3live-khl.ru/langSign-66e8939d.js IP172.67.178.173:443
Requested byhttps://live-khl.ru/ball/auth CertificateIssuerGoogle Trust Services LLC Subjectlive-khl.ru Fingerprint17:D6:DD:44:98:4B:A8:AD:42:84:C1:E9:99:F4:9D:7E:67:68:71:79 ValidityFri, 12 Apr 2024 11:32:57 GMT - Thu, 11 Jul 2024 11:32:56 GMT
File typeASCII text, with very long lines (1751), with no line terminators Hash0d55451ee39b2aa034b815696a9b13ad 6144047d9652181c02b1e107703a9851ba5838ae 6efafb0c9358c1754c8d06ee1049bae36ff61108eb534f6c79a94d8b62f5b8f2
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /langSign-66e8939d.js HTTP/1.1
Host: live-khl.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://live-khl.ru/index-cfdc21d6.js
Cookie: PHPSESSID=rkuceokqerol9okvcgtc1s58h1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Sat, 20 Apr 2024 10:43:10 GMT
content-type: text/javascript
last-modified: Thu, 07 Dec 2023 12:17:58 GMT
etag: W/"66e-60bea755263e7-gzip"
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=CfM%2FKfsU3NdvvTMZGxp2QmlCPymh9Be%2BhXb1YYNRfc7G5uXst8hbn%2B1zJCiSvEJEMiLtGqHUlEDB2ETIqn2kOxQaXDZXbQr07r4z5EqgDX%2BvFQv12gyBGgpzdbZEYg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87748824b920b529-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| live-khl.ru/asset/img/logo_padded.svg | 172.67.178.173 | 200 OK | 1.1 kB |
URL GET HTTP/3live-khl.ru/asset/img/logo_padded.svg IP172.67.178.173:443
Requested byhttps://live-khl.ru/ball/auth CertificateIssuerGoogle Trust Services LLC Subjectlive-khl.ru Fingerprint17:D6:DD:44:98:4B:A8:AD:42:84:C1:E9:99:F4:9D:7E:67:68:71:79 ValidityFri, 12 Apr 2024 11:32:57 GMT - Thu, 11 Jul 2024 11:32:56 GMT
File typeSVG Scalable Vector Graphics image Hash4c0b48654a4881c325148a5e00964160 d7d21756c9dd4c1bf4d97087811745aad60506a0 7583a3643a9480ab4d81dd46b700cf3a38ebdd94af1a6059d2b6a3ecff8a65c5
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /asset/img/logo_padded.svg HTTP/1.1
Host: live-khl.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://live-khl.ru/ball/auth
DNT: 1
Connection: keep-alive
Cookie: PHPSESSID=rkuceokqerol9okvcgtc1s58h1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Sat, 20 Apr 2024 10:43:15 GMT
content-type: image/svg+xml
last-modified: Thu, 07 Dec 2023 12:00:14 GMT
etag: W/"42d-60bea35daff83"
cache-control: max-age=14400
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2BISbL5vLgjJ%2Ba8H7NFiq%2B8Q5f98rC951iu2YIzNancgX7M4IvKEtv%2FSFtWK%2BLJFp6jUgV8czJoxmLTkaEoegdZnPJxv77Z%2BwMegvTCOvPdm4ZwP8%2FmOy8pXisYWXWw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87748845df0eb529-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| live-khl.ru/button-1a8a4b7d.js | 172.67.178.173 | 200 OK | 8.5 kB |
URL GET HTTP/3live-khl.ru/button-1a8a4b7d.js IP172.67.178.173:443
Requested byhttps://live-khl.ru/ball/auth CertificateIssuerGoogle Trust Services LLC Subjectlive-khl.ru Fingerprint17:D6:DD:44:98:4B:A8:AD:42:84:C1:E9:99:F4:9D:7E:67:68:71:79 ValidityFri, 12 Apr 2024 11:32:57 GMT - Thu, 11 Jul 2024 11:32:56 GMT
File typeASCII text, with very long lines (9206), with no line terminators Hashf1bc08a52a47d5b2fa054c9f18b75947 e3e1cbfe6cfa02a315506972ceebeb263cd704e2 6b771a1f0a57a8bfd352c5ff512697e3dd8c88c6800cdd2117eca9d3594bee14
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /button-1a8a4b7d.js HTTP/1.1
Host: live-khl.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://live-khl.ru/ball/auth
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Sat, 20 Apr 2024 10:43:10 GMT
content-type: text/javascript
last-modified: Thu, 07 Dec 2023 12:17:56 GMT
etag: W/"213e-60bea753016e0-gzip"
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=A4Es5C6%2BVaevzzRNAQl7d%2BaMVF5XOOnR7uRT21gAy3l0AeFzfZ9nqNRHIeXCnKr9Vjli2ZFyEwXKiz91YtzP7RdtqI9BuQ%2B2148j8bXQe7oI7bKFJX%2FCdjogWUlUZw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87748825da2db529-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| live-khl.ru/asset/fonts/KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2 | 172.67.178.173 | 200 OK | 11 kB |
URL GET HTTP/3live-khl.ru/asset/fonts/KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2 IP172.67.178.173:443
Requested byhttps://live-khl.ru/ball/auth CertificateIssuerGoogle Trust Services LLC Subjectlive-khl.ru Fingerprint17:D6:DD:44:98:4B:A8:AD:42:84:C1:E9:99:F4:9D:7E:67:68:71:79 ValidityFri, 12 Apr 2024 11:32:57 GMT - Thu, 11 Jul 2024 11:32:56 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 11016, version 1.0 Hash15fa3062f8929bd3b05fdca5259db412 6ff06a34f68ad0324ddec1bbe4d453c959178b36 5d1bc9b443f3f81fa4b4ad4634c1bb9702194c1898e3a9de0ab5e2cdc0e9f479
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /asset/fonts/KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2 HTTP/1.1
Host: live-khl.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://live-khl.ru/index-91acc02b.css
Cookie: PHPSESSID=rkuceokqerol9okvcgtc1s58h1
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Sat, 20 Apr 2024 10:43:10 GMT
content-type: font/woff2
content-length: 11016
last-modified: Thu, 07 Dec 2023 12:00:17 GMT
etag: "2b08-60bea3608c5f8"
cache-control: max-age=14400
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2BperuatwWyvywy3iVr6IQ8EOQXNCKgb%2F1krYUKFUllook0ecJV4MpCBNXUfpzie31azepriD5efYDiJsB%2Bb6kM%2FPPpPcHPlJPGPRFpcHkwbLzm7NYB49BcJnM1G7vw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8774882468e3b529-OSL
alt-svc: h3=":443"; ma=86400
|
|
| live-khl.ru/crypto.worker-b2b2021e.js | 172.67.178.173 | 200 OK | 69 kB |
URL GET HTTP/3live-khl.ru/crypto.worker-b2b2021e.js IP172.67.178.173:443
Requested byhttps://live-khl.ru/ball/auth CertificateIssuerGoogle Trust Services LLC Subjectlive-khl.ru Fingerprint17:D6:DD:44:98:4B:A8:AD:42:84:C1:E9:99:F4:9D:7E:67:68:71:79 ValidityFri, 12 Apr 2024 11:32:57 GMT - Thu, 11 Jul 2024 11:32:56 GMT
File typeJavaScript source, ASCII text, with very long lines (65536), with no line terminators Hash061a201747d764fcd611ff886b2b27ef d0fbcab1a5c52c5c38f46b2ed048cf8637716686 58fafa3a075d804360271b6b081e9c3c46ba344659ef3cb10d5561afc1147448
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /crypto.worker-b2b2021e.js HTTP/1.1
Host: live-khl.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://live-khl.ru/ball/auth
DNT: 1
Connection: keep-alive
Cookie: PHPSESSID=rkuceokqerol9okvcgtc1s58h1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Sat, 20 Apr 2024 10:43:10 GMT
content-type: text/javascript
last-modified: Thu, 07 Dec 2023 12:17:57 GMT
etag: W/"10ced-60bea75382553-gzip"
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=hKLcuSZfCUxtf6J2LnU1SbthOOriDZ5dCZaJIz1z0b3%2BcRlANhW45uwkOyeo2%2Fa%2B2Nb0pTONXT3OX8qlPF9AicI%2B97V8OAKS8fpnaVXenEpaLLwHIopZl9W9JgBZQA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8774882478edb529-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| live-khl.ru/asset/fonts/KFOlCnqEu92Fr1MmEU9fBBc4AMP6lQ.woff2 | 172.67.178.173 | 200 OK | 11 kB |
URL GET HTTP/3live-khl.ru/asset/fonts/KFOlCnqEu92Fr1MmEU9fBBc4AMP6lQ.woff2 IP172.67.178.173:443
Requested byhttps://live-khl.ru/ball/auth CertificateIssuerGoogle Trust Services LLC Subjectlive-khl.ru Fingerprint17:D6:DD:44:98:4B:A8:AD:42:84:C1:E9:99:F4:9D:7E:67:68:71:79 ValidityFri, 12 Apr 2024 11:32:57 GMT - Thu, 11 Jul 2024 11:32:56 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 11056, version 1.0 Hash07db243db21ed0a6b4ff05ff429686b7 5d62925fdd7ed8e80f206d095ed093994f13d276 ce897833ac6e362df7c91ac8223fe511c6defcf33964928a81004600a2dd4c2e
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /asset/fonts/KFOlCnqEu92Fr1MmEU9fBBc4AMP6lQ.woff2 HTTP/1.1
Host: live-khl.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://live-khl.ru/index-91acc02b.css
Cookie: PHPSESSID=rkuceokqerol9okvcgtc1s58h1
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Sat, 20 Apr 2024 10:43:14 GMT
content-type: font/woff2
content-length: 11056
last-modified: Thu, 07 Dec 2023 12:00:17 GMT
etag: "2b30-60bea360ae8d4"
cache-control: max-age=14400
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=FYWdgHBSjkgGIkX5W6fHzmNDNTFyzvJJTQVubZc2nhCgq12CK%2FqTo2ZuT1jArQo0aJ%2F75i0Ka7gFPlEdcL7%2FDirFFLD1lZJIPFiO1Bv1fXrEnWcIEQ31jg6RFO6jHg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8774883bfe7db529-OSL
alt-svc: h3=":443"; ma=86400
|
|
| live-khl.ru/button-1a8a4b7d.js | 172.67.178.173 | 200 OK | 8.5 kB |
URL GET HTTP/3live-khl.ru/button-1a8a4b7d.js IP172.67.178.173:443
Requested byhttps://live-khl.ru/ball/auth CertificateIssuerGoogle Trust Services LLC Subjectlive-khl.ru Fingerprint17:D6:DD:44:98:4B:A8:AD:42:84:C1:E9:99:F4:9D:7E:67:68:71:79 ValidityFri, 12 Apr 2024 11:32:57 GMT - Thu, 11 Jul 2024 11:32:56 GMT
File typeASCII text, with very long lines (9206), with no line terminators Hashf1bc08a52a47d5b2fa054c9f18b75947 e3e1cbfe6cfa02a315506972ceebeb263cd704e2 6b771a1f0a57a8bfd352c5ff512697e3dd8c88c6800cdd2117eca9d3594bee14
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /button-1a8a4b7d.js HTTP/1.1
Host: live-khl.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://live-khl.ru/pageSignQR-55e34e76.js
Cookie: PHPSESSID=rkuceokqerol9okvcgtc1s58h1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Sat, 20 Apr 2024 10:43:11 GMT
content-type: text/javascript
last-modified: Thu, 07 Dec 2023 12:17:56 GMT
etag: W/"213e-60bea753016e0-gzip"
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: HIT
age: 1
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ekvObkoK1fskODu5eEvTu8Yeb2n%2FQJtTbaHZ5f7Gma4jfVOX7rMOUx99MpNsCirGpQMzXTJpar%2BHiSInKWW0pNc0EP3BqcR1sA%2BiHloOsZwRIEkzeNeIkHxWWUz90Q%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8774882f0b2eb529-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|