Report - lefoot.ru

Report Overview

Visited public
2025-01-03 19:46:15
Tags
URL
lefoot.ru
Finishing URL
lefoot.ru/
IP / ASN
104.21.26.99
#13335 CLOUDFLARENET
Title
lefoot.ru - streamonsport foot en streaming | Volkastream

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
fonts.googleapis.com	8877	2005-01-25	2012-05-23	2025-01-01	455 B	3.5 kB	142.250.74.10
gutockeewhargo.net	unknown	2024-11-14	2024-11-14	2024-12-30	1.7 kB	9.0 kB	139.45.197.107
lefoot.ru	unknown	2024-12-14	2024-12-21	2024-12-29	3.8 kB	66 kB	104.21.26.99
cdnjs.cloudflare.com	235	2009-02-17	2012-05-23	2025-01-01	420 B	29 kB	104.17.24.14
cdn.jsdelivr.net	439	2012-05-16	2012-09-30	2025-01-01	1.4 kB	68 kB	151.101.1.229
soostewiphy.net	unknown	2024-10-05	2024-10-07	2024-10-10	394 B	28 kB	139.45.197.119
fonts.gstatic.com	unknown	2008-02-11	2014-04-02	2025-01-01	554 B	24 kB	142.250.74.131
my.rtmark.net	9054	2014-10-29	2015-02-04	2025-01-01	451 B	11 kB	188.114.96.1

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2025-01-03	medium	soostewiphy.net	Sinkholed
2025-01-03	medium	gutockeewhargo.net	Sinkholed
2025-01-03	medium	gutockeewhargo.net	Sinkholed

ThreatFox

No alerts detected

JavaScript (8)

	URL	From	Size	First Seen	Last Seen
	cdnjs.cloudflare.com/ajax/libs/jquery/3.6.0/jquery.min.js	ScriptElement	90 kB	2023-03-07	2025-06-14
Pretty URL cdnjs.cloudflare.com/ajax/libs/jquery/3.6.0/jquery.min.js IP 104.17.24.14 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02 Last Seen2025-06-14 14:59 Times Seen214579 Hash 8fb8fee4fcc3cc86ff6c724154c49c42 b82d238d4e31fdf618bae8ac11a6c812c03dd0d4 ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e Loading...

	lefoot.ru/	ScriptElement	28 kB	2025-01-03	2025-01-03
Pretty URL lefoot.ru/ IP 104.21.26.99 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2025-01-03 19:46 Last Seen2025-01-03 19:46 Times Seen1 Hash d6283e04098468ee78d25a2594d01d29 0b46a63b5829b81163e0595d272a3c21dbf0e880 6444fb32dcd8e845608b92d2bf0114a553aa7340caa26a940c757fe2ee1d567d Loading...

	lefoot.ru/	ScriptElement	4.3 kB	2025-01-03	2025-01-03
Pretty URL lefoot.ru/ IP 104.21.26.99 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2025-01-03 19:46 Last Seen2025-01-03 19:46 Times Seen1 Hash ce2070dc0d0b6d1a4529bd64306003d9 95f27961d868bf6003d899a57ba63b735739c401 3acd97ec4fabbfecd8f50bd868e3ce4d095d3865b769056171f152c75750c3c1 Loading...

	unknown	EventHandler	11 B	2025-01-03	2025-01-03
Pretty Introduced by eventHandler Embedded in HTML false Observations First Seen2025-01-03 19:46 Last Seen2025-01-03 19:46 Times Seen1 Hash 8362ef158cc91cd0300bedba6142b658 1063067a7a0920bf8c52dca44fd7079f48885532 f9d5adca34f4db766660a9195c3c59bd550e3b9a318dee742e6e4dfc1f20672e Loading...

	unknown	EventHandler	9 B	2025-01-03	2025-01-03
Pretty Introduced by eventHandler Embedded in HTML false Observations First Seen2025-01-03 19:46 Last Seen2025-01-03 19:46 Times Seen1 Hash 1c54079e49e59e2fa8bd5533c88c802c 4e56e8b889fdc85b69bc11707f88ab2fc705a3df 2c7737d003d72ad40aed499976d21bc179c7d703903ed784783a514ab5522aed Loading...

	cdn.jsdelivr.net/npm/bootstrap@5.2.0/dist/js/bootstrap.min.js	ScriptElement	60 kB	2023-03-07	2025-06-09
Pretty URL cdn.jsdelivr.net/npm/bootstrap@5.2.0/dist/js/bootstrap.min.js IP 151.101.1.229 ASN #54113 FASTLY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:19 Last Seen2025-06-09 01:46 Times Seen115 Hash e6f488c5766fb06169100bdbd2b4fdbd f7365985962f78092d8eeaca6d6633d6fbf75583 0ce9de398de7e7ec63e836b70090643c7c5a3f29ea4a519a67defdd206c13ac1 Loading...

	cdn.jsdelivr.net/npm/bootstrap@5.2.0/dist/js/bootstrap.bundle.min.js	ScriptElement	80 kB	2023-03-07	2025-06-14
Pretty URL cdn.jsdelivr.net/npm/bootstrap@5.2.0/dist/js/bootstrap.bundle.min.js IP 151.101.1.229 ASN #54113 FASTLY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:27 Last Seen2025-06-14 14:43 Times Seen989 Hash 2faceb2d3db75ced808545e78fab94ed c663baa051856b64d746629a961e23bbf0fbaf8c c0c09020adb6f602b16d48374166b9e38ca92383a81650b6a9097c43cc43f31f Loading...

	soostewiphy.net/tag.min.js	ScriptElement	72 kB	2025-01-02	2025-01-07
Pretty URL soostewiphy.net/tag.min.js IP 139.45.197.119 ASN #9002 RETN Limited Introduced by scriptElement Embedded in HTML false Observations First Seen2025-01-02 15:41 Last Seen2025-01-07 09:51 Times Seen275 Hash 443043bc342113f6ca021beb32c4ae3e 33c78cf39e7f318d87db644ac7055c6e56ba9c56 26dc0d50175ac92ce7d288ab6fd34e6baaf66e82ddd9d8be2b3a57daa24d8b33 Loading...

HTTP Transactions (19)

URL IP Response Size

lefoot.ru/logo.png

104.21.26.99

200 OK

6.0 kB

URL GET HTTP/3
lefoot.ru/logo.png
IP
104.21.26.99:443
ASN
#13335 CLOUDFLARENET

Requested by
https://lefoot.ru/
Certificate
IssuerGoogle Trust Services
Subjectlefoot.ru
FingerprintBE:0E:40:2E:65:5B:33:39:D5:F2:B9:BE:2D:4C:68:65:F7:A9:74:EE
ValiditySat, 14 Dec 2024 10:28:10 GMT - Fri, 14 Mar 2025 11:25:20 GMT

File type
PNG image data, 48 x 48, 8-bit/color RGBA, non-interlaced
Size
6.0 kB (5958 bytes)
Hash
60bae4f60f0a97c00e4d97ea4d977996
ded8909687a7b5f371c25f58555680d88576fed7
8bcaf39dc8bc4393dea6614492d709a05e23f1f51f087b072a58b6c36b19cf13

HTTP Headers

GET /logo.png HTTP/1.1
Host: lefoot.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://lefoot.ru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 03 Jan 2025 19:45:50 GMT
content-type: image/png
content-length: 5958
last-modified: Mon, 28 Oct 2024 09:24:00 GMT
etag: "671f5830-1746"
x-proxy-cache: HIT
cache-control: max-age=14400
cf-cache-status: HIT
age: 6257
accept-ranges: bytes
priority: u=4,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=QyvXp4ddqAC4YjXejeEN8YKxzzEKEJ%2B81kthzwZQXCMzdA5GIIts%2FpTFGKjXrYGx4GfW%2BKKuifP6pQu2S11mfAw5baZmKauofF2Y%2FD7PnzwMcU0t4U22qTEfyf8%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8fc57dd34c41712a-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=18779&min_rtt=11522&rtt_var=9504&sent=15&recv=7&lost=0&retrans=0&sent_bytes=6640&recv_bytes=1344&delivery_rate=51553&cwnd=12000&unsent_bytes=0&cid=756b58d77ba36380&ts=510&x=1", cfExtPri, cfHdrFlush;dur=0

cdnjs.cloudflare.com/ajax/libs/jquery/3.6.0/jquery.min.js

104.17.24.14

200 OK

28 kB

URL GET HTTP/2
cdnjs.cloudflare.com/ajax/libs/jquery/3.6.0/jquery.min.js
IP
104.17.24.14:443
ASN
#13335 CLOUDFLARENET

Requested by
https://lefoot.ru/
Certificate
IssuerGoogle Trust Services
Subjectcdnjs.cloudflare.com
Fingerprint64:3F:50:40:E0:BD:89:CB:A9:C8:BE:E5:74:F6:9E:D6:2E:1A:32:02
ValidityTue, 26 Nov 2024 07:25:18 GMT - Mon, 24 Feb 2025 07:25:17 GMT

File type
JavaScript source, ASCII text, with very long lines (65447)
Size
28 kB (27938 bytes)
Hash
8fb8fee4fcc3cc86ff6c724154c49c42
b82d238d4e31fdf618bae8ac11a6c812c03dd0d4
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

HTTP Headers

GET /ajax/libs/jquery/3.6.0/jquery.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://lefoot.ru
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 03 Jan 2025 19:45:50 GMT
content-type: application/javascript; charset=utf-8
content-length: 27938
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "603e8adc-15d9d"
last-modified: Tue, 02 Mar 2021 18:58:36 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 1178791
expires: Wed, 24 Dec 2025 19:45:50 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Nay1Gn5f%2B%2BYgY37MelLrzjiT8DZoOkdGWElnqO%2F1ALsevjgUrpIcQ0R5DjMkPd5H8iO3xxxKFGFN7p3D%2Biws%2BwAUkHgTinI%2Br8ksndUrDWg2FI3mRSQTApD1Q4zkdW2IqbvDsk9H"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 8fc57dd3aacab4eb-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

cdn.jsdelivr.net/npm/bootstrap@5.2.0/dist/js/bootstrap.bundle.min.js

151.101.1.229

200 OK

24 kB

URL GET HTTP/2
cdn.jsdelivr.net/npm/bootstrap@5.2.0/dist/js/bootstrap.bundle.min.js
IP
151.101.1.229:443
ASN
#54113 FASTLY

Requested by
https://lefoot.ru/
Certificate
IssuerGlobalSign nv-sa
Subjectjsdelivr.net
Fingerprint6C:45:F5:9E:D3:37:60:0B:9C:A8:28:29:A4:E6:41:33:BB:2E:76:5C
ValidityTue, 30 Jul 2024 15:36:05 GMT - Sun, 31 Aug 2025 15:36:04 GMT

File type
JavaScript source, ASCII text, with very long lines (65299)
Size
24 kB (24474 bytes)
Hash
2faceb2d3db75ced808545e78fab94ed
c663baa051856b64d746629a961e23bbf0fbaf8c
c0c09020adb6f602b16d48374166b9e38ca92383a81650b6a9097c43cc43f31f

HTTP Headers

GET /npm/bootstrap@5.2.0/dist/js/bootstrap.bundle.min.js HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://lefoot.ru
DNT: 1
Connection: keep-alive
Referer: https://lefoot.ru/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
x-jsd-version: 5.2.0
x-jsd-version-type: version
etag: W/"137ae-xmO6oFGFa2TXRmKalh4ju/D7r4w"
content-encoding: br
accept-ranges: bytes
date: Fri, 03 Jan 2025 19:45:50 GMT
age: 3358321
x-served-by: cache-fra-eddf8230139-FRA, cache-hel1410027-HEL
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 24474
X-Firefox-Spdy: h2

cdn.jsdelivr.net/npm/bootstrap@5.2.0/dist/js/bootstrap.min.js

151.101.1.229

200 OK

17 kB

URL GET HTTP/2
cdn.jsdelivr.net/npm/bootstrap@5.2.0/dist/js/bootstrap.min.js
IP
151.101.1.229:443
ASN
#54113 FASTLY

Requested by
https://lefoot.ru/
Certificate
IssuerGlobalSign nv-sa
Subjectjsdelivr.net
Fingerprint6C:45:F5:9E:D3:37:60:0B:9C:A8:28:29:A4:E6:41:33:BB:2E:76:5C
ValidityTue, 30 Jul 2024 15:36:05 GMT - Sun, 31 Aug 2025 15:36:04 GMT

File type
JavaScript source, ASCII text, with very long lines (59825)
Size
17 kB (17277 bytes)
Hash
e6f488c5766fb06169100bdbd2b4fdbd
f7365985962f78092d8eeaca6d6633d6fbf75583
0ce9de398de7e7ec63e836b70090643c7c5a3f29ea4a519a67defdd206c13ac1

HTTP Headers

GET /npm/bootstrap@5.2.0/dist/js/bootstrap.min.js HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://lefoot.ru
DNT: 1
Connection: keep-alive
Referer: https://lefoot.ru/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
x-jsd-version: 5.2.0
x-jsd-version-type: version
etag: W/"eac8-9zZZhZYveAktjurKbWYz1vv3VYM"
content-encoding: br
accept-ranges: bytes
date: Fri, 03 Jan 2025 19:45:50 GMT
age: 2123692
x-served-by: cache-fra-eddf8230087-FRA, cache-hel1410027-HEL
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 17277
X-Firefox-Spdy: h2

cdn.jsdelivr.net/npm/bootstrap@5.2.0/dist/css/bootstrap.min.css

151.101.1.229

200 OK

24 kB

URL GET HTTP/2
cdn.jsdelivr.net/npm/bootstrap@5.2.0/dist/css/bootstrap.min.css
IP
151.101.1.229:443
ASN
#54113 FASTLY

Requested by
https://lefoot.ru/
Certificate
IssuerGlobalSign nv-sa
Subjectjsdelivr.net
Fingerprint6C:45:F5:9E:D3:37:60:0B:9C:A8:28:29:A4:E6:41:33:BB:2E:76:5C
ValidityTue, 30 Jul 2024 15:36:05 GMT - Sun, 31 Aug 2025 15:36:04 GMT

File type
Unicode text, UTF-8 text, with very long lines (65305)
Size
24 kB (23985 bytes)
Hash
f1a8fe9e98944b9d682ec5c3efac8f17
633e9b216d60d40eab6873175134e935b554f891
ed959b654022f7bae48ab9380dc129e065833e45a944c70d684c971ac3578cb8

HTTP Headers

GET /npm/bootstrap@5.2.0/dist/css/bootstrap.min.css HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://lefoot.ru
DNT: 1
Connection: keep-alive
Referer: https://lefoot.ru/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/css; charset=utf-8
x-jsd-version: 5.2.0
x-jsd-version-type: version
etag: W/"2f88b-Yz6bIW1g1A6raHMXUTTpNbVU+JE"
content-encoding: br
accept-ranges: bytes
date: Fri, 03 Jan 2025 19:45:50 GMT
age: 2577614
x-served-by: cache-fra-eddf8230090-FRA, cache-hel1410027-HEL
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 23985
X-Firefox-Spdy: h2

soostewiphy.net/tag.min.js

139.45.197.119

200 OK

27 kB

URL GET HTTP/2
soostewiphy.net/tag.min.js
IP
139.45.197.119:443
ASN
#9002 RETN Limited

Requested by
https://lefoot.ru/
Certificate
IssuerLet's Encrypt
Subjectsoostewiphy.net
FingerprintB0:E9:83:3E:12:3A:E4:09:9B:6B:D3:26:F6:9E:95:47:52:86:9C:A3
ValidityTue, 24 Dec 2024 06:36:48 GMT - Mon, 24 Mar 2025 06:36:47 GMT

File type
JavaScript source, ASCII text, with very long lines (65536), with no line terminators
Size
27 kB (27332 bytes)
Hash
443043bc342113f6ca021beb32c4ae3e
33c78cf39e7f318d87db644ac7055c6e56ba9c56
26dc0d50175ac92ce7d288ab6fd34e6baaf66e82ddd9d8be2b3a57daa24d8b33

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /tag.min.js HTTP/1.1
Host: soostewiphy.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://lefoot.ru/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Fri, 03 Jan 2025 19:45:51 GMT
content-type: text/javascript; charset=utf-8
content-length: 27332
content-encoding: br
x-trace-id: 5abcc078a50a8fefe3f95387f35c5a48
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
accept-ranges: bytes
last-modified: Thu, 02 Jan 2025 15:28:27 GMT
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace, favicon
access-control-max-age: 86400
pragma: no-cache
expires: Tue, 11 Jan 1994 10:00:00 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2

lefoot.ru/

104.21.26.99

200 OK

0 B

URL User Request GET HTTP/2
lefoot.ru/
IP
104.21.26.99:443
ASN
#13335 CLOUDFLARENET

Certificate
IssuerGoogle Trust Services
Subjectlefoot.ru
FingerprintBE:0E:40:2E:65:5B:33:39:D5:F2:B9:BE:2D:4C:68:65:F7:A9:74:EE
ValiditySat, 14 Dec 2024 10:28:10 GMT - Fri, 14 Mar 2025 11:25:20 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

HEAD / HTTP/1.1
Host: lefoot.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://lefoot.ru/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 03 Jan 2025 19:45:51 GMT
content-type: text/html; charset=UTF-8
x-proxy-cache: HIT
cf-cache-status: DYNAMIC
priority: u=3,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=53oF%2BsRFWkaydFHJagkGZYgEpnWuo%2BkQdvg2%2F73deOr5ALd7FvilmK3WbhYePtltuuacxnXhqdKaFw4I%2FcdM3YLCadxE1gGuhjTSnRyCJH%2BSpMUhEmZC4tfoN9U%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8fc57dd769dd712a-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=18027&min_rtt=11522&rtt_var=8633&sent=22&recv=9&lost=0&retrans=0&sent_bytes=13473&recv_bytes=1607&delivery_rate=19188&cwnd=12000&unsent_bytes=0&cid=756b58d77ba36380&ts=1196&x=1", cfExtPri, cfHdrFlush;dur=0

lefoot.ru/icons/Foot.png?v=1

104.21.26.99

200 OK

658 B

URL GET HTTP/3
lefoot.ru/icons/Foot.png?v=1
IP
104.21.26.99:443
ASN
#13335 CLOUDFLARENET

Requested by
https://lefoot.ru/
Certificate
IssuerGoogle Trust Services
Subjectlefoot.ru
FingerprintBE:0E:40:2E:65:5B:33:39:D5:F2:B9:BE:2D:4C:68:65:F7:A9:74:EE
ValiditySat, 14 Dec 2024 10:28:10 GMT - Fri, 14 Mar 2025 11:25:20 GMT

File type
PNG image data, 75 x 75, 8-bit colormap, non-interlaced
Size
658 B (658 bytes)
Hash
e5616f6bf9202bdeb336a49037a4526e
9051357c1754017808f3a36f2c97a77f05e60f2f
57912dd5fd49aa558711d51a8fa5e04fe8ef8f29a5fd1720a1bef546f7d96b90

HTTP Headers

GET /icons/Foot.png?v=1 HTTP/1.1
Host: lefoot.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://lefoot.ru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 03 Jan 2025 19:45:51 GMT
content-type: image/png
content-length: 658
last-modified: Tue, 29 Oct 2024 22:52:04 GMT
etag: "67216714-292"
x-proxy-cache: HIT
cache-control: max-age=14400
cf-cache-status: HIT
age: 6257
accept-ranges: bytes
priority: u=4,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=I%2FlMpPgTDwAqdL45RUAIgA3uNl0aDCMaC%2FWZMz7pJPzo9TovTFmFtD1Xms%2Fp7DpkGsG6momsx5I7RczsO%2FjIa%2FTlVY9RYxUTrAzEp%2B7MWcrOdRO4uXs2wMGa9u8%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8fc57dd86b4f712a-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=16057&min_rtt=9426&rtt_var=8258&sent=28&recv=14&lost=0&retrans=0&sent_bytes=16127&recv_bytes=2470&delivery_rate=195634&cwnd=12000&unsent_bytes=0&cid=756b58d77ba36380&ts=1331&x=1", cfExtPri, cfHdrFlush;dur=0

lefoot.ru/icons/Basket.png?v=1

104.21.26.99

200 OK

852 B

URL GET HTTP/3
lefoot.ru/icons/Basket.png?v=1
IP
104.21.26.99:443
ASN
#13335 CLOUDFLARENET

Requested by
https://lefoot.ru/
Certificate
IssuerGoogle Trust Services
Subjectlefoot.ru
FingerprintBE:0E:40:2E:65:5B:33:39:D5:F2:B9:BE:2D:4C:68:65:F7:A9:74:EE
ValiditySat, 14 Dec 2024 10:28:10 GMT - Fri, 14 Mar 2025 11:25:20 GMT

File type
PNG image data, 75 x 75, 4-bit colormap, non-interlaced
Size
852 B (852 bytes)
Hash
b0cc37457132d55b87b882e91ee67b58
79ffc778f1592ef104c8c55e59630dd1b673e72d
e65ab7f42ffd5fe8da92f4ea860621d6bddc78a29b3441201e69f1571446fe0c

HTTP Headers

GET /icons/Basket.png?v=1 HTTP/1.1
Host: lefoot.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://lefoot.ru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 03 Jan 2025 19:45:51 GMT
content-type: image/png
content-length: 852
last-modified: Tue, 29 Oct 2024 22:51:52 GMT
etag: "67216708-354"
x-proxy-cache: HIT
cache-control: max-age=14400
cf-cache-status: HIT
age: 6257
accept-ranges: bytes
priority: u=4,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=UTBf%2F0AyA3UF8EEiiBVsyFRWLfCSAoUarWSx9LJXkuFpnvUxqZWz1SPgCRhHZNOTITQEQXRPXPy0z0H4MovsEfD%2FSOlPqk2f%2Bx%2FP2Ldz0BDDO9QOHLqU8jahZ%2Bo%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8fc57dd87b55712a-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=16057&min_rtt=9426&rtt_var=8258&sent=30&recv=14&lost=0&retrans=0&sent_bytes=17528&recv_bytes=2470&delivery_rate=195634&cwnd=12000&unsent_bytes=0&cid=756b58d77ba36380&ts=1335&x=1", cfExtPri, cfHdrFlush;dur=0

fonts.gstatic.com/s/firasansextracondensed/v10/NaPKcYDaAO5dirw6IaFn7lPJFqXmS-M9Atn3wgda1f-uug.woff2

142.250.74.131

200 OK

23 kB

URL GET HTTP/2
fonts.gstatic.com/s/firasansextracondensed/v10/NaPKcYDaAO5dirw6IaFn7lPJFqXmS-M9Atn3wgda1f-uug.woff2
IP
142.250.74.131:443
ASN
#15169 GOOGLE

Requested by
https://lefoot.ru/
Certificate
IssuerGoogle Trust Services
Subject*.gstatic.com
Fingerprint40:A7:D7:D3:7D:FA:BE:34:C0:7E:6F:F7:9F:55:52:22:92:07:C7:EF
ValidityMon, 02 Dec 2024 08:36:58 GMT - Mon, 24 Feb 2025 08:36:57 GMT

File type
Web Open Font Format (Version 2), TrueType, length 22676, version 1.0
Size
23 kB (22676 bytes)
Hash
f9a0f2bdf0ec0f996949a33f41f39d73
c3d9e8116518e7c08050e78c878fa1242ec715a7
d1ec9625d1c2d3ff00cb5891990c4541a89f096540ee2226e565713d1a189e18

HTTP Headers

GET /s/firasansextracondensed/v10/NaPKcYDaAO5dirw6IaFn7lPJFqXmS-M9Atn3wgda1f-uug.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://lefoot.ru
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 22676
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 27 Dec 2024 21:14:56 GMT
expires: Sat, 27 Dec 2025 21:14:56 GMT
cache-control: public, max-age=31536000
age: 599455
last-modified: Thu, 21 Apr 2022 17:06:40 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

lefoot.ru/icons/Hockey.png?v=1

104.21.26.99

200 OK

1.7 kB

URL GET HTTP/3
lefoot.ru/icons/Hockey.png?v=1
IP
104.21.26.99:443
ASN
#13335 CLOUDFLARENET

Requested by
https://lefoot.ru/
Certificate
IssuerGoogle Trust Services
Subjectlefoot.ru
FingerprintBE:0E:40:2E:65:5B:33:39:D5:F2:B9:BE:2D:4C:68:65:F7:A9:74:EE
ValiditySat, 14 Dec 2024 10:28:10 GMT - Fri, 14 Mar 2025 11:25:20 GMT

File type
PNG image data, 75 x 75, 8-bit/color RGBA, non-interlaced
Size
1.7 kB (1713 bytes)
Hash
9532181c69c684270b78957629382884
a51e125b0722a6cdc8b1d49fb136614944c86a1a
bd79b3fd53560c9c5eb0c1f22bdc9e0b2b4c136add33ebb8b2c6d28bcdc5f075

HTTP Headers

GET /icons/Hockey.png?v=1 HTTP/1.1
Host: lefoot.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://lefoot.ru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 03 Jan 2025 19:45:51 GMT
content-type: image/png
content-length: 1713
last-modified: Tue, 29 Oct 2024 23:57:15 GMT
etag: "6721765b-6b1"
x-proxy-cache: HIT
cache-control: max-age=14400
cf-cache-status: HIT
age: 6257
accept-ranges: bytes
priority: u=4,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=wn%2BFI3xVL2N4mt9A5tt57PipheytNrcL%2F9Qa66%2BLAgSV3QdW8XjRWeClhdSkTPvKYLcBTdXwHFUtC6hbHRceYeZs8tpBpOSGgDQC6gspKHTZLKGy%2FOaqdWmOpNM%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8fc57dd88b6f712a-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=15674&min_rtt=9426&rtt_var=5566&sent=33&recv=17&lost=0&retrans=0&sent_bytes=19153&recv_bytes=2828&delivery_rate=224585&cwnd=12000&unsent_bytes=0&cid=756b58d77ba36380&ts=1359&x=1", cfExtPri, cfHdrFlush;dur=0

lefoot.ru/f/flags.png

104.21.26.99

200 OK

27 kB

URL GET HTTP/3
lefoot.ru/f/flags.png
IP
104.21.26.99:443
ASN
#13335 CLOUDFLARENET

Requested by
https://lefoot.ru/
Certificate
IssuerGoogle Trust Services
Subjectlefoot.ru
FingerprintBE:0E:40:2E:65:5B:33:39:D5:F2:B9:BE:2D:4C:68:65:F7:A9:74:EE
ValiditySat, 14 Dec 2024 10:28:10 GMT - Fri, 14 Mar 2025 11:25:20 GMT

File type
PNG image data, 272 x 176, 8-bit colormap, non-interlaced
Size
27 kB (26646 bytes)
Hash
31eea8934379816cc9813ecb764fa708
3fe632ad91daf714343af5fae9a36be4b591bc1d
f8308a409e4589414e762f0824df2426c69c451089a47740934e394451ad52aa

HTTP Headers

GET /f/flags.png HTTP/1.1
Host: lefoot.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://lefoot.ru/f/flags.css?v=13
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 03 Jan 2025 19:45:51 GMT
content-type: image/png
content-length: 26646
last-modified: Mon, 28 Oct 2024 08:39:08 GMT
etag: "671f4dac-6816"
x-proxy-cache: HIT
cache-control: max-age=14400
cf-cache-status: HIT
age: 6257
accept-ranges: bytes
priority: u=4,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ncvFrFCabH02g8AwXssjbgv0hHYnV0brdQKwbSgxdpeay1zLMtmQiCgDyVdxrnIxRN13G%2FSF312447qD9T%2B8nSAC8BaV1jzQTdulK3qHBtRvi50bCuuvYgyqVYc%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8fc57dd91c57712a-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=14972&min_rtt=9426&rtt_var=5579&sent=37&recv=19&lost=0&retrans=0&sent_bytes=21662&recv_bytes=3146&delivery_rate=235210&cwnd=12000&unsent_bytes=0&cid=756b58d77ba36380&ts=1439&x=1", cfExtPri, cfHdrFlush;dur=0

my.rtmark.net/gid.js?userId=008146afe5464fb6f3ee28377869ecd1

188.114.96.1

200 OK

10 kB

URL GET HTTP/2
my.rtmark.net/gid.js?userId=008146afe5464fb6f3ee28377869ecd1
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://lefoot.ru/
Certificate
IssuerGoogle Trust Services
Subjectmy.rtmark.net
Fingerprint8A:B7:CD:87:FA:39:07:A8:88:41:1C:9E:2D:0E:97:51:61:75:C1:34
ValidityWed, 06 Nov 2024 10:31:42 GMT - Tue, 04 Feb 2025 10:31:41 GMT

File type
JSON text data
Size
10 kB (10000 bytes)
Hash
8ebb7536c6771acd7bc36dfee2655e35
555ccde87ae17a06af7020d74f9b5c14106b1245
8124460059244a6dc0a676598c149d2634d8b6a062feda3bd8a9a5b3f6a55464

HTTP Headers

GET /gid.js?userId=008146afe5464fb6f3ee28377869ecd1 HTTP/1.1
Host: my.rtmark.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://lefoot.ru
DNT: 1
Connection: keep-alive
Referer: https://lefoot.ru/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 03 Jan 2025 19:45:52 GMT
content-type: application/json; charset=utf-8
access-control-allow-origin: https://lefoot.ru
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
timing-allow-origin: *, *
set-cookie: ID=008146afe5464fb6f3ee28377869ecd1; expires=Sat, 03 Jan 2026 19:45:51 GMT; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=64EYMUuxvOh6IAXGvvRMjVwVLtRlD2VrtGPhnPCAB0mtoK6H9XgxG4V6347iJL9hwegvM51IaEt9EYGC0jCVy4YcJ38Zr00VvjA16mdK9%2F%2FgiIElm8yKXul4s6bryYOf"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8fc57ddbdeb856bd-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=5400&min_rtt=3611&rtt_var=3181&sent=7&recv=10&lost=0&retrans=0&sent_bytes=3203&recv_bytes=1097&delivery_rate=620748&cwnd=253&unsent_bytes=0&cid=231d64d318e7dfbb&ts=71&x=0"
X-Firefox-Spdy: h2

lefoot.ru/data.php

104.21.26.99

200 OK

9.0 kB

URL GET HTTP/3
lefoot.ru/data.php
IP
104.21.26.99:443
ASN
#13335 CLOUDFLARENET

Requested by
https://lefoot.ru/
Certificate
IssuerGoogle Trust Services
Subjectlefoot.ru
FingerprintBE:0E:40:2E:65:5B:33:39:D5:F2:B9:BE:2D:4C:68:65:F7:A9:74:EE
ValiditySat, 14 Dec 2024 10:28:10 GMT - Fri, 14 Mar 2025 11:25:20 GMT

File type
JSON text data
Size
9.0 kB (8958 bytes)
Hash
33ea8fe7dd9f57792014a26d9f706841
ce80c8de802dff1e574f2b1dcdab4767a628cf90
7a1e84cd55636f08fdc09d80cfcfaeb0d99401fba74887398ace804081f2085b

HTTP Headers

GET /data.php HTTP/1.1
Host: lefoot.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://lefoot.ru/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 03 Jan 2025 19:45:51 GMT
content-type: text/html; charset=UTF-8
x-proxy-cache: HIT
cf-cache-status: DYNAMIC
priority: u=4,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=oOfXgtBOYBjz%2FkrNgieyMgytBpsivWWnpdCGzdKOABlSpuqaZl4Ii71VubAjpbhpurgsTW1%2FUiqIUuRoaLjKQp3dnLvptSf8qzbuZ9FMpNaBseHQSBGXBW0%2Bxyo%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8fc57dd7ca5a712a-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=16952&min_rtt=9426&rtt_var=8625&sent=24&recv=11&lost=0&retrans=0&sent_bytes=14157&recv_bytes=1888&delivery_rate=9721&cwnd=12000&unsent_bytes=0&cid=756b58d77ba36380&ts=1245&x=1", cfExtPri, cfHdrFlush;dur=0

lefoot.ru/f/flags.css?v=13

104.21.26.99

200 OK

12 kB

URL GET HTTP/3
lefoot.ru/f/flags.css?v=13
IP
104.21.26.99:443
ASN
#13335 CLOUDFLARENET

Requested by
https://lefoot.ru/
Certificate
IssuerGoogle Trust Services
Subjectlefoot.ru
FingerprintBE:0E:40:2E:65:5B:33:39:D5:F2:B9:BE:2D:4C:68:65:F7:A9:74:EE
ValiditySat, 14 Dec 2024 10:28:10 GMT - Fri, 14 Mar 2025 11:25:20 GMT

File type
ASCII text, with very long lines (11985), with no line terminators
Size
12 kB (11985 bytes)
Hash
68ae7cf2265fd389fb141aad8a9ef0c9
f367614a73fbcbc5c4070f732b518cf57210a8b8
b5cc42c5dec96ea813894c8b5e93c33dbbb833052ca5bd7ae2da188143a9e816

HTTP Headers

GET /f/flags.css?v=13 HTTP/1.1
Host: lefoot.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://lefoot.ru/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Fri, 03 Jan 2025 19:45:50 GMT
content-type: text/css
last-modified: Mon, 28 Oct 2024 09:49:53 GMT
etag: W/"671f5e41-2ed1"
x-proxy-cache: MISS
cache-control: max-age=14400
cf-cache-status: HIT
age: 6257
priority: u=2,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=kLFj3sxgI2x4sGRC%2FlFJ88iDJYDSH4wImdlglb1x%2FM4krVTbL4CUraG9Fomw70J%2F3cONkDfyCDNWbeGZ%2BgQGVVvvaaZ4czWz%2BlIaTIshoVRYsKD551f1KviZApQ%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8fc57dd33c26712a-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=18779&min_rtt=11522&rtt_var=9504&sent=12&recv=7&lost=0&retrans=0&sent_bytes=4061&recv_bytes=1344&delivery_rate=51553&cwnd=12000&unsent_bytes=0&cid=756b58d77ba36380&ts=510&x=1", cfExtPri, cfHdrFlush;dur=0

fonts.googleapis.com/css2?family=Fira+Sans+Extra+Condensed&display=swap

142.250.74.10

200 OK

2.8 kB

URL GET HTTP/2
fonts.googleapis.com/css2?family=Fira+Sans+Extra+Condensed&display=swap
IP
142.250.74.10:443
ASN
#15169 GOOGLE

Requested by
https://lefoot.ru/
Certificate
IssuerGoogle Trust Services
Subjectupload.video.google.com
Fingerprint30:E5:7E:29:A5:A1:81:DB:C8:A8:49:80:67:40:12:AB:30:C0:34:8D
ValidityMon, 02 Dec 2024 08:36:58 GMT - Mon, 24 Feb 2025 08:36:57 GMT

File type
ASCII text, with very long lines (2857), with no line terminators
Size
2.8 kB (2794 bytes)
Hash
0d47da50cc20c2edc07f857f7d5d55a4
6f0f0755b34b50a061ec7fb7be225394c6dea300
b8df9e7cab6a0f374a5e01d77f5aa07e4adf13dab3ce4e1e26388d048e4d7e79

HTTP Headers

GET /css2?family=Fira+Sans+Extra+Condensed&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://lefoot.ru/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/css; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Fri, 03 Jan 2025 19:45:50 GMT
date: Fri, 03 Jan 2025 19:45:50 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

lefoot.ru/favicon.ico

104.21.26.99

200 OK

1.4 kB

URL GET HTTP/3
lefoot.ru/favicon.ico
IP
104.21.26.99:443
ASN
#13335 CLOUDFLARENET

Requested by
https://lefoot.ru/
Certificate
IssuerGoogle Trust Services
Subjectlefoot.ru
FingerprintBE:0E:40:2E:65:5B:33:39:D5:F2:B9:BE:2D:4C:68:65:F7:A9:74:EE
ValiditySat, 14 Dec 2024 10:28:10 GMT - Fri, 14 Mar 2025 11:25:20 GMT

File type
MS Windows icon resource - 1 icon, 16x16, 8 bits/pixel
Size
1.4 kB (1406 bytes)
Hash
4ddfe3aa5ed434930d3c2e3cf9a480fb
17e650ecaf96ac6c77560ec783f102089f7442e7
712d04e244dfd222643eeb8d701b992ed59d74df8631bc6e96369507e1698001

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: lefoot.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://lefoot.ru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Fri, 03 Jan 2025 19:45:51 GMT
content-type: image/x-icon
last-modified: Mon, 28 Oct 2024 09:27:41 GMT
etag: W/"671f590d-57e"
x-proxy-cache: HIT
cache-control: max-age=14400
cf-cache-status: HIT
age: 6368
priority: u=6,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=9F47JAaCGsLiH0QPLb29iSQeu3tr5YHtM8Rvl1vyZetayevM39aBLVqy4PN8ovZ%2F2oo4srY4UzAsSs0m34%2Fs2f2i1CJlFdW31sNqj0btJ7r9EE2tRqOhuEctGQI%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8fc57dda2d62712a-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=17582&min_rtt=9426&rtt_var=7267&sent=62&recv=22&lost=0&retrans=0&sent_bytes=49690&recv_bytes=3496&delivery_rate=734749&cwnd=24000&unsent_bytes=0&cid=756b58d77ba36380&ts=1605&x=1", cfExtPri, cfHdrFlush;dur=0

gutockeewhargo.net/?rb=VQI-4OUmzCEc9iVK_CsyE5rhBPPY-QUG02nfDS4WeVsBWe4Ab9VchvnTNqLV8Tgz9HarMWwE1fJV_iz4Fj_zQlUJkh7PesN7G6FZQnuG9EjyohGEqb_ET0omUkQUbBrcZn9zkEjAToRoAzLP-tt2obf-o_T_JyymflAWqt_HPk8YD3CY9q-8gp305EO5rvM3UT37K1zeFFfbNavYqSnLzKPr4lcTLFV5L-SkK3KVObcruOEaSgnyONGQoyo4quqgQtq7IiNlPYIoaTEp&request_ab2=0&zoneid=5548998&js_build=iclick-v1.1028.2-auto&jsp=1&fs=0&cf=0&sw=1280&sh=1024&wih=1024&wiw=1280&ww=1280&wh=1024&sah=1024&wx=0&wy=0&cw=1280&wfc=1&pl=https%3A%2F%2Flefoot.ru%2F&drf=&np=1&pt=0&nb=1&ng=0&ix=0&nw=1&tb=false&btz=UTC&bto=0&tt=3&wgl=&js_build=iclick-v1.1028.2-auto&navlng=en-US&vsbl=true&pnt=0&pnrc=0&bs=de26d37d-4547-4466-9ec2-7fbb09c9555a&wasm=1&userId=008146afe5464fb6f3ee28377869ecd1&m=link

139.45.197.107

200 OK

2.7 kB

URL GET HTTP/2
gutockeewhargo.net/?rb=VQI-4OUmzCEc9iVK_CsyE5rhBPPY-QUG02nfDS4WeVsBWe4Ab9VchvnTNqLV8Tgz9HarMWwE1fJV_iz4Fj_zQlUJkh7PesN7G6FZQnuG9EjyohGEqb_ET0omUkQUbBrcZn9zkEjAToRoAzLP-tt2obf-o_T_JyymflAWqt_HPk8YD3CY9q-8gp305EO5rvM3UT37K1zeFFfbNavYqSnLzKPr4lcTLFV5L-SkK3KVObcruOEaSgnyONGQoyo4quqgQtq7IiNlPYIoaTEp&request_ab2=0&zoneid=5548998&js_build=iclick-v1.1028.2-auto&jsp=1&fs=0&cf=0&sw=1280&sh=1024&wih=1024&wiw=1280&ww=1280&wh=1024&sah=1024&wx=0&wy=0&cw=1280&wfc=1&pl=https%3A%2F%2Flefoot.ru%2F&drf=&np=1&pt=0&nb=1&ng=0&ix=0&nw=1&tb=false&btz=UTC&bto=0&tt=3&wgl=&js_build=iclick-v1.1028.2-auto&navlng=en-US&vsbl=true&pnt=0&pnrc=0&bs=de26d37d-4547-4466-9ec2-7fbb09c9555a&wasm=1&userId=008146afe5464fb6f3ee28377869ecd1&m=link
IP
139.45.197.107:443
ASN
#9002 RETN Limited

Requested by
https://lefoot.ru/
Certificate
IssuerLet's Encrypt
Subjectgutockeewhargo.net
Fingerprint4F:98:FA:E6:1A:26:CF:55:06:DD:89:00:FE:C9:0F:12:AA:11:21:0C
ValidityThu, 14 Nov 2024 02:44:55 GMT - Wed, 12 Feb 2025 02:44:54 GMT

File type
troff or preprocessor input, ASCII text, with very long lines (2769), with no line terminators
Size
2.7 kB (2739 bytes)
Hash
c94d481d7c5e5bd616d70fa295d40bda
ae055a01eb5f950db75fa574104f556228f65588
0f5ef489942c01b06eb5ddab795f90c23cef656f57f18e688083086b0168351a

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /?rb=VQI-4OUmzCEc9iVK_CsyE5rhBPPY-QUG02nfDS4WeVsBWe4Ab9VchvnTNqLV8Tgz9HarMWwE1fJV_iz4Fj_zQlUJkh7PesN7G6FZQnuG9EjyohGEqb_ET0omUkQUbBrcZn9zkEjAToRoAzLP-tt2obf-o_T_JyymflAWqt_HPk8YD3CY9q-8gp305EO5rvM3UT37K1zeFFfbNavYqSnLzKPr4lcTLFV5L-SkK3KVObcruOEaSgnyONGQoyo4quqgQtq7IiNlPYIoaTEp&request_ab2=0&zoneid=5548998&js_build=iclick-v1.1028.2-auto&jsp=1&fs=0&cf=0&sw=1280&sh=1024&wih=1024&wiw=1280&ww=1280&wh=1024&sah=1024&wx=0&wy=0&cw=1280&wfc=1&pl=https%3A%2F%2Flefoot.ru%2F&drf=&np=1&pt=0&nb=1&ng=0&ix=0&nw=1&tb=false&btz=UTC&bto=0&tt=3&wgl=&js_build=iclick-v1.1028.2-auto&navlng=en-US&vsbl=true&pnt=0&pnrc=0&bs=de26d37d-4547-4466-9ec2-7fbb09c9555a&wasm=1&userId=008146afe5464fb6f3ee28377869ecd1&m=link HTTP/1.1
Host: gutockeewhargo.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://lefoot.ru/
Origin: https://lefoot.ru
DNT: 1
Connection: keep-alive
Cookie: OAID=008146afe5464fb6f3ee28377869ecd1; oaidts=1735933551
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Fri, 03 Jan 2025 19:45:52 GMT
content-type: application/json
x-trace-id: c0996683367f77813af90fb741b789db
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
access-control-allow-origin: https://lefoot.ru
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace, favicon
access-control-max-age: 86400
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
set-cookie: OAID=008146afe5464fb6f3ee28377869ecd1; expires=Sat, 03 Jan 2026 19:45:52 GMT; path=/; secure; SameSite=None
oaidts=1735933552; expires=Sat, 03 Jan 2026 19:45:52 GMT; path=/; secure; SameSite=None
syncedCookie=true; expires=Fri, 10 Jan 2025 19:45:52 GMT; path=/; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2

gutockeewhargo.net/5/5548998/?oo=1&js_build=iclick-v1.1028.2-auto&dmn=soostewiphy.net&tt=2&ix=0

139.45.197.107

200 OK

3.9 kB

URL GET HTTP/2
gutockeewhargo.net/5/5548998/?oo=1&js_build=iclick-v1.1028.2-auto&dmn=soostewiphy.net&tt=2&ix=0
IP
139.45.197.107:443
ASN
#9002 RETN Limited

Requested by
https://lefoot.ru/
Certificate
IssuerLet's Encrypt
Subjectgutockeewhargo.net
Fingerprint4F:98:FA:E6:1A:26:CF:55:06:DD:89:00:FE:C9:0F:12:AA:11:21:0C
ValidityThu, 14 Nov 2024 02:44:55 GMT - Wed, 12 Feb 2025 02:44:54 GMT

File type
troff or preprocessor input, ASCII text, with very long lines (3903), with no line terminators
Size
3.9 kB (3899 bytes)
Hash
762bad03006494e5dadf83f11a62a216
7f1fd9caf34d90b6e5ea40cd492ba87d0edec906
d7c67ec37881edef4b232eadb6eab24331643c15227a275983b463a53498da80

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /5/5548998/?oo=1&js_build=iclick-v1.1028.2-auto&dmn=soostewiphy.net&tt=2&ix=0 HTTP/1.1
Host: gutockeewhargo.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://lefoot.ru
DNT: 1
Connection: keep-alive
Referer: https://lefoot.ru/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Fri, 03 Jan 2025 19:45:51 GMT
content-type: application/json
x-trace-id: 1f8f5ccb7dd7ec4109db79c442143af0
link: <https://my.rtmark.net>; rel="preconnect dns-prefetch"
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
access-control-allow-origin: https://lefoot.ru
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace, favicon
access-control-max-age: 86400
timing-allow-origin: *
set-cookie: OAID=008146afe5464fb6f3ee28377869ecd1; expires=Sat, 03 Jan 2026 19:45:51 GMT; path=/; secure; SameSite=None
oaidts=1735933551; expires=Sat, 03 Jan 2026 19:45:51 GMT; path=/; secure; SameSite=None
syncedCookie=; expires=Tue, 10 Nov 2009 23:00:00 GMT
pragma: no-cache, no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT, Mon, 26 Jul 1997 05:00:00 GMT
content-encoding: gzip
X-Firefox-Spdy: h2

Report Overview

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

Quad9 DNS

ThreatFox

JavaScript (8)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

Introduced by

Embedded in HTML

Observations

Hash

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

HTTP Transactions (19)

URL GET HTTP/3

IP

ASN

Requested by

Certificate

File type

Size

Hash

HTTP Headers

URL GET HTTP/2

IP

ASN

Requested by

Certificate

File type

Size

Hash