{"report_id":"f7bc0f02-ab34-4c49-8ce9-0593c3f0d809","version":6,"status":"done","tags":[],"date":"2025-11-16T21:49:57Z","url":{"schema":"http","addr":"goo.by/MqDngX","fqdn":"goo.by","domain":"goo.by","tld":"by"},"ip":{"addr":"104.21.86.233","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"final":{"url":{"schema":"https","addr":"goo.by/","fqdn":"goo.by","domain":"goo.by","tld":"by"},"title":"Goo.gl Alternative: The Best Free URL Shortener","dom":{"size":39,"mime_type":"text/html; charset=utf-8","magic":"HTML document, ASCII text, with no line terminators","md5":"086707e4369f60afedcafb16050a7618","sha1":"8216b0cc6876cbd44f01c158e7dff3833ceccd41","sha256":"a7fe83ec64bb23eb28090598db3d166ed98e52e39d1afbbfd74c579553f93e4e","sha512":"aade21843813e2cab329b99185c6f61db7907a556ea974e0315dcf3ad967cab20fee66d4f10db0d0ec43a71e086ce6d700d5524103deaefa3ce5f6be74ba5737","ssdeep":"","tlshash":"6a9000fee0a2000efc303bc00cc2238a0c28c3a830028e002ac038b8c80822bcc032c8","dom_hash":"domhash1f07f384c75181c66badb60ab1ec770b","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"http","addr":"goo.by/MqDngX","fqdn":"goo.by","domain":"goo.by","tld":"by"},"ip":{"addr":"104.21.86.233","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"tags":null,"meta":null,"user":{"user_id":"akbkyowd9geqr98","country_code":"zz"}},"settings":{"access":"public","device_type":"desktop","expires_at":"2026-12-21T21:49:57Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":1}},"detection":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-11-16","alert":"Sinkholed","trigger":"goo.by","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null},"summary":[{"fqdn":"fonts.googleapis.com","ip":{"addr":"142.251.38.106","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"2005-01-25","domain_rank":313,"first_seen":"2012-05-23T12:41:44Z","last_seen":"2025-11-09T22:13:15.523411Z","alert_count":0,"request_count":1,"received_data":6432,"sent_data":445,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]},{"fqdn":"www.gstatic.com","ip":{"addr":"142.250.178.35","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"2008-02-11","domain_rank":146047,"first_seen":"2012-05-29T15:36:17Z","last_seen":"2025-11-09T22:17:44.096454Z","alert_count":0,"request_count":5,"received_data":2585362,"sent_data":2389,"comment":"","tags":null,"fingerprints":null},{"fqdn":"www.googletagmanager.com","ip":{"addr":"142.250.178.40","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"2011-11-11","domain_rank":283,"first_seen":"2012-10-04T01:07:32Z","last_seen":"2025-11-09T22:13:41.73664Z","alert_count":0,"request_count":1,"received_data":436728,"sent_data":427,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]},{"fqdn":"goo.by","ip":{"addr":"104.21.86.233","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2017-02-17","domain_rank":299533,"first_seen":"2012-11-22T17:53:51Z","last_seen":"2025-11-10T14:54:22.930037Z","alert_count":27,"request_count":27,"received_data":1574981,"sent_data":13122,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"PHP","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]},{"name":"jsDelivr","description":"JSDelivr is a free public CDN for open-source projects. It can serve web files directly from the npm registry and GitHub repositories without any configuration.","website":"https://www.jsdelivr.com/","common_platform_enumeration":"","icon":"jsdelivr-icon.svg","categories":["CDN"]},{"name":"jQuery","description":"jQuery is a JavaScript library which is a free, open-source software designed to simplify HTML DOM tree traversal and manipulation, as well as event handling, CSS animation, and Ajax.","website":"https://jquery.com","common_platform_enumeration":"cpe:2.3:a:jquery:jquery:*:*:*:*:*:*:*:*","icon":"jQuery.svg","categories":["JavaScript libraries"]},{"name":"Google Analytics","description":"Google Analytics is a free web analytics service that tracks and reports website traffic.","website":"https://google.com/analytics","common_platform_enumeration":"","icon":"Google Analytics.svg","categories":["Analytics"]},{"name":"OWL Carousel","description":"OWL Carousel is an enabled jQuery plugin that lets you create responsive carousel sliders.","website":"https://owlcarousel2.github.io/OwlCarousel2/","common_platform_enumeration":"","icon":"OWL Carousel.png","categories":["JavaScript libraries"]},{"name":"reCAPTCHA","description":"reCAPTCHA is a free service from Google that helps protect websites from spam and abuse.","website":"https://www.google.com/recaptcha/","common_platform_enumeration":"","icon":"reCAPTCHA.svg","categories":["Security"]},{"name":"Google AdSense","description":"Google AdSense is a program run by Google through which website publishers serve advertisements that are targeted to the site content and audience.","website":"https://www.google.com/adsense/start/","common_platform_enumeration":"","icon":"Google AdSense.svg","categories":["Advertising"]},{"name":"Typed.js","description":"Typed.js is a library that types. It is designed to create typewriter-style animations with ease.","website":"https://mattboldt.com/demos/typed-js/","common_platform_enumeration":"","icon":"","categories":["JavaScript libraries"]},{"name":"Clipboard.js","description":"","website":"https://clipboardjs.com/","common_platform_enumeration":"","icon":"Clipboard.js.svg","categories":["JavaScript libraries"]}]},{"fqdn":"cdn.jsdelivr.net","ip":{"addr":"151.101.193.229","port":443,"asn":54113,"as":"FASTLY","country":"United States","country_code":"US"},"domain_registered":"2012-05-16","domain_rank":1678,"first_seen":"2012-09-30T00:15:09Z","last_seen":"2025-11-09T22:18:23.201927Z","alert_count":0,"request_count":2,"received_data":26440,"sent_data":874,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]},{"fqdn":"fonts.gstatic.com","ip":{"addr":"216.58.207.227","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"2008-02-11","domain_rank":0,"first_seen":"2014-04-02T10:51:04Z","last_seen":"2025-11-09T22:13:15.598397Z","alert_count":0,"request_count":4,"received_data":66648,"sent_data":2173,"comment":"","tags":null,"fingerprints":null},{"fqdn":"www.google.com","ip":{"addr":"142.250.178.36","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"1997-09-15","domain_rank":22,"first_seen":"2015-05-10T13:11:19Z","last_seen":"2025-11-09T22:13:25.255249Z","alert_count":0,"request_count":8,"received_data":123594,"sent_data":4584,"comment":"","tags":null,"fingerprints":null}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":[{"sensor_name":"suricata","description":"Suricata /w Emerging Threats Pro","alerts":null}],"analyzer":null,"urlquery":null},"javascript":{"script":[{"url":{"schema":"https","addr":"goo.by/","fqdn":"goo.by","domain":"goo.by","tld":"by"},"ip":{"addr":"104.21.86.233","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"cd19fd7a2ab774f2988b0847fa134312","sha1":"b5ad637b9b0fe3b5ebbbbd0de6539a91771e3666","sha256":"d4bf3c0e7ce91fdbd1f7ca56da8b040e1a8247a3f5d09867cbf7cb759c8b2b97","sha512":"ab14954583d55daae5d905d0a71785342f2db8ed5521243f9eee5ca7cb8c03c245702474e28fc913b94eb8d423ab8521de8d0b4a27c0d4197bb27e9307218a42","ssdeep":"","tlshash":"bf9002b2cc02214236000185611d14648082101a0841c948b05d52501b40014030a481","size":43,"data":"","first_seen":"2024-05-30T05:41:41Z","last_seen":"2025-11-16T21:50:03.61477Z","times_seen":34,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.google.com/recaptcha/api2/anchor?ar=1\u0026k=6LcUoOQUAAAAANHj_juVSgLjxCWAABmUxJr-DhCw\u0026co=aHR0cHM6Ly9nb28uYnk6NDQz\u0026hl=en\u0026v=TkacYOdEJbdB_JjX802TMer9\u0026size=invisible\u0026anchor-ms=20000\u0026execute-ms=15000\u0026cb=rinefjzddqmd","fqdn":"www.google.com","domain":"google.com","tld":"com"},"ip":{"addr":"142.250.178.36","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"introduction_type":"eval","is_inline":false,"md5":"3778fad9770b074e6d539af19d633fef","sha1":"6ac284ba271896eb04efb2573da0382aa5400c32","sha256":"010c9b8e88e28447de9d0f5b665cbe41dad60396f4e6d842abb8c5360047e7ea","sha512":"a4a22a70a4016d7865f7d5c128f6cf6751938421a4b24cd2b838cf49ea68dee84f0676363c61c384f63f51d7bccdf726a401a1862d95975bd38a5fd166d923a4","ssdeep":"","tlshash":"19a0220c088e3e20003020b2033b00028c28002ca8030c00000cebc223f20bf0ec3eaf","size":64,"data":"","first_seen":"2025-11-05T08:23:51.009153Z","last_seen":"2025-11-18T19:32:28.130446Z","times_seen":4308,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.google.com/recaptcha/api2/anchor?ar=1\u0026k=6LcUoOQUAAAAANHj_juVSgLjxCWAABmUxJr-DhCw\u0026co=aHR0cHM6Ly9nb28uYnk6NDQz\u0026hl=en\u0026v=TkacYOdEJbdB_JjX802TMer9\u0026size=invisible\u0026anchor-ms=20000\u0026execute-ms=15000\u0026cb=rinefjzddqmd","fqdn":"www.google.com","domain":"google.com","tld":"com"},"ip":{"addr":"142.250.178.36","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"introduction_type":"eval","is_inline":false,"md5":"94f9c7ae9caeec5587fa068fdc2072cd","sha1":"06ec49572763ef6e63771861b5821461688c4294","sha256":"aa9d1fd6a04963b1c8c72a76105b0d4cad0ed32a875a68b9905182541487452f","sha512":"4bece0c62f087604481c8c203dde5c91410202b443697b5077d0418e3f6cbe6e88ea5163f235d6569e681f092e79b19f63b62c088aa82df8705eb7f81f0b3630","ssdeep":"","tlshash":"ee70002e2c2830800322303080cf080838220020000000a2080008c00f3002a0202808","size":22,"data":"","first_seen":"2025-11-05T08:23:51.000031Z","last_seen":"2025-11-18T19:32:28.079644Z","times_seen":4307,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.google.com/recaptcha/api.js?hl=en\u0026render=6LcUoOQUAAAAANHj_juVSgLjxCWAABmUxJr-DhCw","fqdn":"www.google.com","domain":"google.com","tld":"com"},"ip":{"addr":"142.250.178.36","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"64bfc4ace2d4c12e9cb86aab8eff8518","sha1":"c6fe77a47bc436dd0a76d658ddad2cad237991f7","sha256":"fce6a458716b0b160490ac161884bcdf4088fbf1c37f6deec32bd73bcd893fc8","sha512":"ecd8da77ca53549b604b37c8555e69ecf0ef59386c1f84c0175f83b445b9e9a22c381d3bfa806cc05cef3e75f96a67ff75b64bd096391f041537f4237c77527c","ssdeep":"","tlshash":"ea1135770909f0390b720de1e2ffcbb1e591741cf15846e8a515d6c41e69dc7ce05985","size":1051,"data":"","first_seen":"2025-11-16T13:40:37.055104Z","last_seen":"2025-11-16T21:50:03.566005Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"goo.by/static/frontend/js/app.min.js?v=1.2","fqdn":"goo.by","domain":"goo.by","tld":"by"},"ip":{"addr":"104.21.86.233","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"82374b423499415c2c3173513ec1615c","sha1":"3b219efdc592a49a680e2c71cb22989c686b5417","sha256":"12116847297eb16ae5aa1d26b27a0b4704afcc352272ab89cd6d28a27b2604be","sha512":"48112faa6213433eb691513296bd7cd2bd85db22f0bc8547651ae3aebcf003c0817218f5e86cd90affedcbc74d765e25621c372b304914322f509a2ebf3b7ab7","ssdeep":"96:AMEaQNRdcaNOyculEVlUKpIlIRIBAIBRIqCyAIc7K0M0MlpwRyf2p:bEaQNToyXEDSVLf2","tlshash":"55c18408b15cb5a722fb7136881fba0950727984c656e049a560e1f42facec62973f3f","size":5886,"data":"","first_seen":"2023-09-11T11:11:16Z","last_seen":"2026-02-15T18:55:41.562615Z","times_seen":79,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"goo.by/","fqdn":"goo.by","domain":"goo.by","tld":"by"},"ip":{"addr":"104.21.86.233","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"cfd3b8686946a9225719599085a424b5","sha1":"dd7facbf4d4833b64634a7b239c3e2d31f886d01","sha256":"2f7078c9cf80048bc75ab7919b404a69d7bf6b57c00a28e42c3084ee2ceecc74","sha512":"8439377dc5555c7a811369228f2ec5663a185d3daa6bf3d0c82748b18199d6295daf703dce58a7cd55bcf80c664990a625d3aaf44831fb402e487beb4fa7dba0","ssdeep":"","tlshash":"8f310eccf90cb53a6aab3171415f771e223aa00c341188405a68f4ea1d388fc224bffe","size":1538,"data":"","first_seen":"2024-06-28T09:46:44Z","last_seen":"2025-11-16T21:50:03.618384Z","times_seen":28,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"goo.by/static/frontend/libs/clipboard/dist/clipboard.min.js","fqdn":"goo.by","domain":"goo.by","tld":"by"},"ip":{"addr":"104.21.86.233","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"b42944934de0a9c5c18706911874c1b2","sha1":"77ba921a768a5e3da6a25e389cfed21d966aa131","sha256":"d60ac05828175a69d3ad94b4714f1292948082cdcfbceca74c1da11955e5de5d","sha512":"047bf9ab606354508a2884238839523b2fcb2cfc6a025dcae318b7d3c8722b21ca9a01f588695f39fa039cbc03fed9477ad8b271c77735a88a6d50a8df76b454","ssdeep":"192:kvR/hkAisAHf4Lys153p17zoWsBqwuLJLHg4LyTByIMOTorA:kvR/vhp3MWsBq9LJFgByVrA","tlshash":"2b22a759b380b5b156e770ad112f424bf372906960aac0d4b639d8f2bdb8ecd1467f38","size":10452,"data":"","first_seen":"2023-04-09T07:13:39Z","last_seen":"2026-04-03T13:45:39.521852Z","times_seen":2915,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"goo.by/static/server.min.js?v=1.2","fqdn":"goo.by","domain":"goo.by","tld":"by"},"ip":{"addr":"104.21.86.233","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"75615ee1407a7b254fdf4e1611993374","sha1":"b0bc74b4b9c6fe3cbd94d136a240a8c98a174bf4","sha256":"99ed7bb31293008bb7c66efdec7c8ac4403d229e69d4631c68775ad4a75af674","sha512":"3749050f133e157b27863e8cf347ddba3f8901398d463097251ee6116fd72b59d0806945653e7289cdd5335e8948275a2da065c33d6f5cb7ad7bcda0deed38d5","ssdeep":"96:dOPy3PVXbc+GPyMwVJvccc0RCYwq8IjPj6jljeVwVJ0G2wVJsHJI2oqA:dOq3PVoJKMcvczjYgorWNoc0bc8JI2g","tlshash":"8dd1861db090c6de127774bb606b6a17f0b22c29da476000d25a18ba5fedec4643bf1e","size":6640,"data":"","first_seen":"2024-03-24T14:49:48Z","last_seen":"2025-12-07T16:27:14.231851Z","times_seen":59,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"goo.by/static/bundle.pack.js","fqdn":"goo.by","domain":"goo.by","tld":"by"},"ip":{"addr":"104.21.86.233","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"b7a0b4d8ad643025de822486283a2bbf","sha1":"28b0afdd6b9ccf94645ac0ed5c55aa35c7dc892c","sha256":"fc981871b8271bea9270a3af4f77bb50d37101e555dd6801fe7ecf9e26a9b12b","sha512":"66ab32d20f4ded5de92b4c9e0aed74e7136223d85702b93c5a6bd0daed999661c669a43d95c2e444328ce6adc8643e6b945eb1817eaeefc98d575cf4365dbb19","ssdeep":"6144:Bi8eGRuufsr5zQ47GK2iWIHf+e/wh8gOO:BiURum05k4COO","tlshash":"22640959768db136425b21f6102f150ab23b29bfa40d9118f16cc8f96d7dd8aa237f3c","size":331817,"data":"","first_seen":"2023-03-07T01:41:19Z","last_seen":"2026-03-29T06:51:35.562617Z","times_seen":342,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"goo.by/","fqdn":"goo.by","domain":"goo.by","tld":"by"},"ip":{"addr":"104.21.86.233","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"836929cc442d826d3ff1c5c8ec8dd01d","sha1":"ce1504619a2623278fc0643ce800be6ad822874a","sha256":"287c2956b4b224485986a283c19547cfb8666fca0a0c0eac316df8d47624c2fc","sha512":"40d4344a8d2f001cd9192a374728ff94ca3dc01a9c9b42eaa29cfa7b7d41fa9bec35092090c955d8e849973c60894ed6bc9cbcd2e339ace828533c02dca7b3b6","ssdeep":"","tlshash":"1ce07d39adb964200e233c25442b9dc09c5b9053a181cdc0390c93005f76fecc843e41","size":415,"data":"","first_seen":"2025-11-16T21:50:03.619478Z","last_seen":"2025-11-16T21:50:03.619478Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.google.com/recaptcha/api2/anchor?ar=1\u0026k=6LcUoOQUAAAAANHj_juVSgLjxCWAABmUxJr-DhCw\u0026co=aHR0cHM6Ly9nb28uYnk6NDQz\u0026hl=en\u0026v=TkacYOdEJbdB_JjX802TMer9\u0026size=invisible\u0026anchor-ms=20000\u0026execute-ms=15000\u0026cb=rinefjzddqmd","fqdn":"www.google.com","domain":"google.com","tld":"com"},"ip":{"addr":"142.250.178.36","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"introduction_type":"eval","is_inline":false,"md5":"80119ca7b94d5f460fd1369da2ef937d","sha1":"500a2ab663b7d95b23947fc1d9b706aa35e2e2b1","sha256":"56762d6ed2d3d2a2aa0fa4cf1e11bdc730ba2adb00441c5ac8cb0730c1969539","sha512":"26f15ef2571cae3213be2044dc1c26ab3436cfff7aa1298277f2ea989efe18aff55ce02c7a0206816036eec1a4950a7fb4f63aaf0f92b89ae34662d5b65462ea","ssdeep":"384:lQCyu+CnubYUVDUaAyQxQADbePnae0zdxq6k/DG3:lQdlbrhAyQKkqae0Jc7DG3","tlshash":"0b82e9887993b06941b2b0b54a3f5409a3fa69511808346ce114c5d57fb0eae74affff","size":18976,"data":"","first_seen":"2025-11-05T08:23:50.983308Z","last_seen":"2025-11-18T19:32:28.113331Z","times_seen":4293,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"goo.by/static/frontend/libs/typedjs/typed.min.js","fqdn":"goo.by","domain":"goo.by","tld":"by"},"ip":{"addr":"104.21.86.233","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"f68641147185cbded4b38b4900a20f40","sha1":"e8ce2b674a637b0c0396a3106c1aedf10186249c","sha256":"39b5f0a136ac9c139981b89e2ee615ac75fed86c0761c7ebf87d827be7d86e5e","sha512":"28e032a222594afb471c32aa6c4af101dd07febc700e7d97fafd34955f30b49cbb78173cb40d6c8a6211bfa09bd856946101e80c81b72e3218ad8b1eea290ebd","ssdeep":"96:RRb0PbWF/nqLZwkhsjNHWAATkPi8ZKahHx8aZfgAU4nvMfcBN7cRFtmjUGQ0PqGM:XbwmkhOr7VgANkUL7iGQglyoGhf3ZV/v","tlshash":"3332651db24279725bc391b016ab064f9171a9642092d1fcf4bddde05fe098ea0b7f38","size":11753,"data":"","first_seen":"2023-08-13T21:21:20Z","last_seen":"2026-04-03T11:13:41.705343Z","times_seen":382,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"goo.by/","fqdn":"goo.by","domain":"goo.by","tld":"by"},"ip":{"addr":"104.21.86.233","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"3711e38ac6e8501ea65fbb113807b247","sha1":"4dd859741dd355a4fbc5da109d44e1c5713fd927","sha256":"e2f4a82cb31ed8f45821f7b76186d94885f80fb0c8d6fd2a7d6c6852b6954c25","sha512":"7455fca5222f0a16612716b0724776035698279601869b8d1f2589ac499d9a90e33134a368ce80fb9251c7c3d407e0cbc5aee3bab6f3f3c4c573169ba5fe0dfb","ssdeep":"","tlshash":"cf01abff38f32038a277b0496b4fe298b01005171812cf087d8cc3814f4783a1919e8c","size":663,"data":"","first_seen":"2024-05-30T05:41:41Z","last_seen":"2025-11-16T21:50:03.623528Z","times_seen":34,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.gstatic.com/recaptcha/releases/TkacYOdEJbdB_JjX802TMer9/recaptcha__en.js","fqdn":"www.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"142.250.178.35","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"2506e0d302c7bbd6654b091f44fdda03","sha1":"cddd2822fd20c3a5eaadae592bbe2c1f6d42e430","sha256":"ccdd2d231d4fc51186c484d940d8d7eff0e0ab787067fc8aa6a10f014deffa7e","sha512":"4c5dc8474d796a78832e9607760ad5389576ec4663bf02fd19217902de38fc06423d5bde421b68deed1842ee62d9ccd0eb521aa1fa1626c0f4160a456270a8c3","ssdeep":"12288:b/PieE69kbgh40LMuqHKQn6e8kSCvcFazia7Rbbck:s69mghUD4etS/Fudck","tlshash":"06052ad870527ae47772f8f684973018a33d9479d84c4a2eb1a4d4f42bf084ae276db7","size":831957,"data":"","first_seen":"2025-11-13T16:13:50.046413Z","last_seen":"2026-03-02T18:44:22.765319Z","times_seen":46497,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"goo.by/","fqdn":"goo.by","domain":"goo.by","tld":"by"},"ip":{"addr":"104.21.86.233","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"927f539544df6e2c1688aa45293942e0","sha1":"bf3f5d858dfb6258d8adee643d904b718fc77c00","sha256":"746274b8e48242d63ddee5570cc19938c9e06cb53f58d027b93edc5c9518bfca","sha512":"30054395151d5a9d0e6fd65ea836e49c44935ac0edd7a3c8c56e1fe2640033ed4804365b1e397b403ba6147af4cb626be59acedaff0ff4cbc91d961b88306824","ssdeep":"","tlshash":"33f020583cca8134137720b5ab6bd90d7220110f2009dc31bd4e4811bf10db90caff0c","size":607,"data":"","first_seen":"2024-05-30T05:41:41Z","last_seen":"2025-11-16T21:50:03.624547Z","times_seen":34,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"goo.by/","fqdn":"goo.by","domain":"goo.by","tld":"by"},"ip":{"addr":"104.21.86.233","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"fc7e1b14b8efef288f9d3dcdc0c35ef6","sha1":"36b9c035dca4c7599a0e195f94acf9dee6641d91","sha256":"881c9695abc8b4e47be9341ae5f262d137a924dbd8435f29ff2534325324e264","sha512":"a2c9a2854e2c3a3d6556831e63c00dae1f88b2b6d0f210e1b0f68aefec20019b2f30ea5fb3c8a9542b3390631bbf7e582b71ecd6a1d7c448bd53c06793d6f714","ssdeep":"","tlshash":"69c08c8c269b6c7181fb3a424bbf6101b016610391800d303c0eb3849f21d23d386a58","size":174,"data":"","first_seen":"2024-05-30T05:41:41Z","last_seen":"2025-11-16T21:50:03.626206Z","times_seen":34,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"goo.by/static/frontend/js/js.js?v=1.28","fqdn":"goo.by","domain":"goo.by","tld":"by"},"ip":{"addr":"104.21.86.233","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"493c81d6c5d679f6f54d5d507d553fec","sha1":"3cc4b51a74ae8d66a7eb284dd09f321a1f2a9e0b","sha256":"d510cb40ffada566ae7fda67def3d56a20e024ec8b6b6ceeb2b4d9f3df6f5be3","sha512":"72fd8819c8e50ac545cd8746df9380f7b1c250a3ff2ffb066a4168243a8b0cda0b9929655a3b3574c754f5c6d161d5e9685d6caf757b6c16181a0ff16fed3444","ssdeep":"96:2m3lWw/vWoQv/hOUMbcQzyouvIX3ZoKPizi2zXwF2UcwIAjaa:2mR/lQRdM1zzuvq37Y3FwIyx","tlshash":"85d196d0f7ae9adf4bf720115036d901fe6dd826d6016828f2be15b05bec908273a74e","size":6312,"data":"","first_seen":"2023-09-22T23:32:21Z","last_seen":"2025-11-16T21:50:03.573039Z","times_seen":22,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.google.com/recaptcha/api2/anchor?ar=1\u0026k=6LcUoOQUAAAAANHj_juVSgLjxCWAABmUxJr-DhCw\u0026co=aHR0cHM6Ly9nb28uYnk6NDQz\u0026hl=en\u0026v=TkacYOdEJbdB_JjX802TMer9\u0026size=invisible\u0026anchor-ms=20000\u0026execute-ms=15000\u0026cb=rinefjzddqmd","fqdn":"www.google.com","domain":"google.com","tld":"com"},"ip":{"addr":"142.250.178.36","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"45ecf7458f42da80ac248ad42d610372","sha1":"a5b3edf8328769bc754e6e616a957ceed4fdadd7","sha256":"75867e75b209895995014b43c3d711476e3437481e5fbec91a4da674302558bf","sha512":"e269e258cee29ed9ac04510c30517ebd77aa78e9c79b5736e5761bcbd372e38ab00a8092e2d391baf681eb4602dfb9a4ae1650628967735d94695b3d28aa4502","ssdeep":"","tlshash":"fba002f31935c4218ea2c5509953fb88e593611dfd45c1d470254edea3e19d3c100990","size":69,"data":"","first_seen":"2023-03-07T01:02:05Z","last_seen":"2026-04-03T19:30:38.836608Z","times_seen":387754,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.google.com/recaptcha/api2/anchor?ar=1\u0026k=6LcUoOQUAAAAANHj_juVSgLjxCWAABmUxJr-DhCw\u0026co=aHR0cHM6Ly9nb28uYnk6NDQz\u0026hl=en\u0026v=TkacYOdEJbdB_JjX802TMer9\u0026size=invisible\u0026anchor-ms=20000\u0026execute-ms=15000\u0026cb=rinefjzddqmd","fqdn":"www.google.com","domain":"google.com","tld":"com"},"ip":{"addr":"142.250.178.36","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"introduction_type":"eval","is_inline":false,"md5":"606a2075ec026e3f954b5c0ccd234baa","sha1":"0a38d5afd0351a7ce9bb146742b4265f46ca1bae","sha256":"8a98f56bb8f6b2baca88d4fb11a0d07f1924329503bda3dd1ff23d8edb5fc12e","sha512":"aeff5a020fc17c050ce45a750931ca152d5d9ac3f1edd7fdae0206fcb83566eb9c49c0afcd53937bf33280554d9c0da8cb4b2eee808f72320bcb39eab71f98e7","ssdeep":"384:JQCyu+CnubYUVDUaAyQx8ADbePnae0zdxq6k/DGD:JQdlbrhAyQ6kqae0Jc7DGD","tlshash":"f2b2f988f593b06541b1b0b4863f5409a2fa6951d808346ce114c5d57fb0eae74afffb","size":25069,"data":"","first_seen":"2025-11-16T21:50:03.629109Z","last_seen":"2025-11-16T21:50:03.629109Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"goo.by/","fqdn":"goo.by","domain":"goo.by","tld":"by"},"ip":{"addr":"104.21.86.233","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"fb67c3eb35f1ece0113d594c89ab7014","sha1":"1e83b2fbd36448b54766a36609cf4162d69f7177","sha256":"1800138e5df709da0b1eb5b2f15e3e3ca2518dfcbd17d44cbadd0d58f6fa2921","sha512":"0440b729b5cdb5ab6054a23f36784057d2232e5c00262c23585af8d5799ef578824f06bc0a1129ee2c3dbf029142ffd50b9cefb2dbf8a35a1f80c289abc4b48b","ssdeep":"","tlshash":"7f41742ef79aa4a407d714f03d51fd59e4d9221811e0d8555894217c03e3afba42f2ea","size":1923,"data":"","first_seen":"2024-05-30T05:41:41Z","last_seen":"2025-11-16T21:50:03.63187Z","times_seen":34,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.googletagmanager.com/gtag/js?id=G-YM89WYEN8N","fqdn":"www.googletagmanager.com","domain":"googletagmanager.com","tld":"com"},"ip":{"addr":"142.250.178.40","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"b873d2e72d29118fda72167920113906","sha1":"17ea1a242aa572e93307789cb105707ed24e0461","sha256":"4072bf7aa8fd3a61adc23400cf62f96bc76e38240e95a1fce4170328a175299d","sha512":"29048664d04d935ef8004c2a15f7f07720fe5284fed387d10d5b6f702292a9f2f101712c7409152fc9511981805c25ede483e05ca0145fcfc4f7c0c40313e56b","ssdeep":"6144:TJ9o7CyGOsjtxj31bC2sUOJdR+rVmIQZOCHZDTQ3kLsk:Fi7ZGOytV1bjsmQZOC9h","tlshash":"8b9418ce73d674265396f078502f018ba57b28a2b45cc896f1c9cde02e74a9a4277f7c","size":436124,"data":"","first_seen":"2025-11-16T21:50:03.584914Z","last_seen":"2025-11-16T21:50:03.584914Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.google.com/recaptcha/api2/anchor?ar=1\u0026k=6LcUoOQUAAAAANHj_juVSgLjxCWAABmUxJr-DhCw\u0026co=aHR0cHM6Ly9nb28uYnk6NDQz\u0026hl=en\u0026v=TkacYOdEJbdB_JjX802TMer9\u0026size=invisible\u0026anchor-ms=20000\u0026execute-ms=15000\u0026cb=rinefjzddqmd","fqdn":"www.google.com","domain":"google.com","tld":"com"},"ip":{"addr":"142.250.178.36","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"06fd432fea00d1cc43dfdcaa54bf4064","sha1":"0b995081b049ef0bffc561bf245ee20bd741fd90","sha256":"dff24abf20a78abc4aacc8c8695de43be83ce83b50158454bc0981333b70fec0","sha512":"1c3a6e648521a0c3cd1dca678b1ddab7fd11c45b030d8c99ce1e7695d92b6bb9c5e8bd86e3bc74e4aee0abd8f9ec990ab6189b83a1de2505aebf86805b706701","ssdeep":"1536:dSsufxeVWbblB6ISCKjVFx3p3LH82F/YxKjFGGMag9g:gXJBKJFP3rVFAxKwGMagy","tlshash":"0763bf2fe68334dfefbe4f500ae657de117e78161082058e16ab05c60c7de5aa77829c","size":70302,"data":"","first_seen":"2025-11-16T21:50:03.63367Z","last_seen":"2025-11-16T21:50:03.63367Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.google.com/recaptcha/api2/anchor?ar=1\u0026k=6LcUoOQUAAAAANHj_juVSgLjxCWAABmUxJr-DhCw\u0026co=aHR0cHM6Ly9nb28uYnk6NDQz\u0026hl=en\u0026v=TkacYOdEJbdB_JjX802TMer9\u0026size=invisible\u0026anchor-ms=20000\u0026execute-ms=15000\u0026cb=rinefjzddqmd","fqdn":"www.google.com","domain":"google.com","tld":"com"},"ip":{"addr":"142.250.178.36","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"introduction_type":"eval","is_inline":false,"md5":"7524155eb369461e0f5a26dfa21cf1b4","sha1":"2e45d884e5b76e696da3163368b5f9b1707a25e4","sha256":"70f2d3f39d6ce3cadbb6c8683b8680250fb2e70e8cb8573124e36ff953ca8a01","sha512":"cc522e4534bc4a95d2a0e4bd22c3e47d2769bbb715edc64bc3c657c4e95959ef1095672ad8361a4d2fbaee105853cbb55528849ff18c6696f645c7b796f2b202","ssdeep":"","tlshash":"f470002a2c383080032230b0000f08083c22202000022c22080008c00e3000a020280a","size":22,"data":"","first_seen":"2025-11-05T08:23:50.965468Z","last_seen":"2025-11-18T19:32:28.114585Z","times_seen":4307,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn.jsdelivr.net/npm/shareon@2/dist/shareon.iife.js","fqdn":"cdn.jsdelivr.net","domain":"jsdelivr.net","tld":"net"},"ip":{"addr":"151.101.193.229","port":443,"asn":54113,"as":"FASTLY","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"1ac145e0c0413996dcd1d9a810354f0a","sha1":"3b585bedfc3ff6784020a6fdaf9d94d26331a2ad","sha256":"1f3124bc088a4a597d8c2231cc836ec1990754ee80191d01ad5cda155ee3de91","sha512":"648c3db24f1dbebf405a1f20c7fcae9663f2386ed6cfdd313608aeeba351a8d29fcc7d7898111d67ef8baf6f17d9b0529cab52adaea1aa922d1e84c9d4f9fc42","ssdeep":"","tlshash":"688133a713858532098528fae82b34b4ce51470cf4c6c5a96c244b6e0f6f9b3f4b707a","size":3914,"data":"","first_seen":"2025-07-04T12:32:18.75701Z","last_seen":"2026-03-14T22:51:17.165279Z","times_seen":50,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"goo.by/static/frontend/js/readmore.min.js?v=1.2","fqdn":"goo.by","domain":"goo.by","tld":"by"},"ip":{"addr":"104.21.86.233","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"2611fe08e48dcf93c60998a5c536649b","sha1":"be9ba87c8b17ff4bd4f3881de214a1895fe28817","sha256":"ca0cfb44f264240f4632457fd572a22b91847de9d739d9048f6ca18bc2d18a95","sha512":"1f32bf28349a55f75e1fc0329e5a01f2e71e0c44ac7804aecb2fed394ff67ccde50c9950376f3dc99e94b01f69ec4151a469c3460e3da7750a19f13bba5af656","ssdeep":"96:OLnmMscfPO0o7mNJWzqWHCqHtq1q5WwjnG5qz:anY6PnoajWznHC+t4gWw7G52","tlshash":"1991636c7315ba02c6f321e2256f650ea13ba13a59510448b373cfed6eb888e305377e","size":4437,"data":"","first_seen":"2023-03-07T01:25:18Z","last_seen":"2026-04-02T07:09:19.312192Z","times_seen":1636,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"goo.by/","fqdn":"goo.by","domain":"goo.by","tld":"by"},"ip":{"addr":"104.21.86.233","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"788ef7f3a030d9f1b6090a3aa8973769","sha1":"cec8aa904455f453a11447fe2142c04e9fbc1b6b","sha256":"8944eab6079820cd6ca9ca84a4dfb53700075747e686e10f935c95210a0a6910","sha512":"f15da36732b15a865194f4cfb237fd4043f9a52484af1bf0695fcac6fdc6c6b0329b7afe91222c93539a1dc2bd2a39a477b9baa5e35a6114e2f4021d982ce45d","ssdeep":"","tlshash":"c4c09b7570b3658e4912982e0e95311d41214037c552555cbf8c62704ff672c11d7696","size":135,"data":"","first_seen":"2024-06-28T09:46:44Z","last_seen":"2025-11-16T21:50:03.638578Z","times_seen":28,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.gstatic.com/recaptcha/releases/TkacYOdEJbdB_JjX802TMer9/recaptcha__en.js","fqdn":"www.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"142.250.178.35","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"2506e0d302c7bbd6654b091f44fdda03","sha1":"cddd2822fd20c3a5eaadae592bbe2c1f6d42e430","sha256":"ccdd2d231d4fc51186c484d940d8d7eff0e0ab787067fc8aa6a10f014deffa7e","sha512":"4c5dc8474d796a78832e9607760ad5389576ec4663bf02fd19217902de38fc06423d5bde421b68deed1842ee62d9ccd0eb521aa1fa1626c0f4160a456270a8c3","ssdeep":"12288:b/PieE69kbgh40LMuqHKQn6e8kSCvcFazia7Rbbck:s69mghUD4etS/Fudck","tlshash":"06052ad870527ae47772f8f684973018a33d9479d84c4a2eb1a4d4f42bf084ae276db7","size":831957,"data":"","first_seen":"2025-11-13T16:13:50.046413Z","last_seen":"2026-03-02T18:44:22.765319Z","times_seen":46497,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"goo.by/","fqdn":"goo.by","domain":"goo.by","tld":"by"},"ip":{"addr":"104.21.86.233","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"4c4726ccbdef3f58625a281161a3996f","sha1":"fb45a36b0e447f91b699ab594a3bd2db87775920","sha256":"d89d9672120630b6dacc71072dd9c0e5f6cc26a3d0650223438d808e48dfb004","sha512":"6cb43eaf60c14d8648d11958d6073627b760696e2e31b21eb6d79fbc1a54394b0befc0c00c5541640712e4c866c0169cff3b8211eed76f732c3f13582570d4ba","ssdeep":"","tlshash":"27c0922ed4f91408aeb6b4ed5b1fb114a02a10131065cf48b88f4f428f6e03d157aadf","size":131,"data":"","first_seen":"2024-05-30T05:41:41Z","last_seen":"2025-11-16T21:50:03.640349Z","times_seen":34,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"goo.by/static/frontend/js/owl.carousel.min.js?v=1.2","fqdn":"goo.by","domain":"goo.by","tld":"by"},"ip":{"addr":"104.21.86.233","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"47c357c05cb99cedbac2874840319818","sha1":"d8b05365de4b760618328fdeef7672e8374978e4","sha256":"4e0781bdd2cbb5db04da3b5e059eeca34e325fabb893bee7457b5babf5b7c029","sha512":"960b76113c78220acc1c87e437c6698fbf1066b8cf7b15a6d4d33f31ab69d8e16bd9823c07ce1897db4d0bdfe08b39e5c7085b79a7a8ef80760e87d9aa789e2e","ssdeep":"768:RCI7dmuMFAAJG4dlQKNORpnXGAtep2lcwJeL+wr2RSNc7UuHjRUQuFBt33:AITMFC4dbMVRSNcgRDV","tlshash":"39137346b3202d2a869b61a0663f160bb23a241ce414547d7d79e6de6d7dc8c213ffbc","size":44348,"data":"","first_seen":"2023-03-07T01:06:30Z","last_seen":"2026-04-03T16:27:05.163528Z","times_seen":9280,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":null},"http":[{"url":{"schema":"https","addr":"goo.by/static/frontend/libs/typedjs/typed.min.js","fqdn":"goo.by","domain":"goo.by","tld":"by"},"ip":{"addr":"104.21.86.233","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://goo.by/","date":"2025-11-16T21:49:35.803Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"goo.by","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 25 Oct 2025 19:58:21 GMT","end":"Fri, 23 Jan 2026 20:56:04 GMT"},"fingerprint":{"sha1":"06:92:EF:DC:D6:D7:B4:BA:BB:5B:3F:D3:DF:5A:F4:F6:C4:9C:1C:AA","sha256":"C0:D7:42:3C:D0:BF:0B:7E:EF:B9:0B:A2:D0:C3:92:B3:B0:74:A5:C3:15:8A:86:BC:79:3A:0E:D4:62:11:18:7C"}}},"request":{"raw":"GET /static/frontend/libs/typedjs/typed.min.js HTTP/1.1\r\nHost: goo.by\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://goo.by/\r\nCookie: PHPSESSID=dercll27hd6oqg7cjpeojcl4s2\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Sun, 16 Nov 2025 21:49:35 GMT\r\ncontent-type: application/javascript; charset=utf-8\r\nvary: accept-encoding\r\nlast-modified: Tue, 24 Jan 2023 21:00:00 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: br\r\ncf-cache-status: REVALIDATED\r\netag: W/\"63d046d0-2de9\"\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=mSqn2%2FbiBGGcmwoKg%2BJZYLSh%2BGhRVEhQBGulLNPtgezZ%2BcIWNMJRl6O2JYrdmib78kMoNIjeLck74TNI03GwKUqbVJo%3D\"}]}\r\npriority: u=3,i=?0\r\ncf-ray: 99fa32fa9af9b4f7-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":11753,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (11549)","md5":"f68641147185cbded4b38b4900a20f40","sha1":"e8ce2b674a637b0c0396a3106c1aedf10186249c","sha256":"39b5f0a136ac9c139981b89e2ee615ac75fed86c0761c7ebf87d827be7d86e5e","sha512":"28e032a222594afb471c32aa6c4af101dd07febc700e7d97fafd34955f30b49cbb78173cb40d6c8a6211bfa09bd856946101e80c81b72e3218ad8b1eea290ebd","ssdeep":"96:RRb0PbWF/nqLZwkhsjNHWAATkPi8ZKahHx8aZfgAU4nvMfcBN7cRFtmjUGQ0PqGM:XbwmkhOr7VgANkUL7iGQglyoGhf3ZV/v","tlshash":"3332651db24279725bc391b016ab064f9171a9642092d1fcf4bddde05fe098ea0b7f38","first_seen":"2023-08-13T21:21:20Z","last_seen":"2026-04-03T11:13:41.705343Z","times_seen":382,"resource_available":true,"data":null}},"time_used":220,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":220,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-11-16","alert":"Sinkholed","trigger":"goo.by","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"goo.by/static/frontend/libs/select2/dist/css/select2.min.css","fqdn":"goo.by","domain":"goo.by","tld":"by"},"ip":{"addr":"104.21.86.233","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://goo.by/","date":"2025-11-16T21:49:35.785Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"goo.by","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 25 Oct 2025 19:58:21 GMT","end":"Fri, 23 Jan 2026 20:56:04 GMT"},"fingerprint":{"sha1":"06:92:EF:DC:D6:D7:B4:BA:BB:5B:3F:D3:DF:5A:F4:F6:C4:9C:1C:AA","sha256":"C0:D7:42:3C:D0:BF:0B:7E:EF:B9:0B:A2:D0:C3:92:B3:B0:74:A5:C3:15:8A:86:BC:79:3A:0E:D4:62:11:18:7C"}}},"request":{"raw":"GET /static/frontend/libs/select2/dist/css/select2.min.css HTTP/1.1\r\nHost: goo.by\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://goo.by/\r\nCookie: PHPSESSID=dercll27hd6oqg7cjpeojcl4s2\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Sun, 16 Nov 2025 21:49:35 GMT\r\ncontent-type: text/css\r\nvary: accept-encoding\r\nlast-modified: Sun, 11 Dec 2022 21:00:00 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: br\r\ncf-cache-status: REVALIDATED\r\netag: W/\"639644d0-3a76\"\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=9ltXyGDZzcr5E3UYDLG%2F0ZvWC3hvvUNp%2F7SvteQ%2BlhaNFZK67%2B9y5S3klNJT4uGFnaKMpUPf2HrJmwD10ValG1Odf4I%3D\"}]}\r\npriority: u=2,i=?0\r\ncf-ray: 99fa32fa8aebb4f7-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":14966,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (14965)","md5":"9f54e6414f87e0d14b9e966f19a174f9","sha1":"ae5735562faabd1a2d9803bbd7bf4c502b5e4f51","sha256":"15d6ad4dfdb43d0affad683e70029f97a8f8fc8637a28845009ee0542dccdf81","sha512":"9cc365a6e6833ebaa5125b37217fd0e7a1f7eaabc1012c1bde2a6ea373317966ec401d7cf35a31d1c46fed43d380196b8aaa329eddf92a313080651e51720f9f","ssdeep":"192:pL5u/nTfc3aqPJRQ9CPjOtWlUJKLPcH9tPOF:3u/TfXARQ9htWGSPcdwF","tlshash":"3f62b935bacc2235b0bf8e7f6cf274946729dd5fc4111b9ab8e9e594c8e04540a8b60f","first_seen":"2023-04-05T09:15:52Z","last_seen":"2026-04-03T18:59:32.143344Z","times_seen":15508,"resource_available":false,"data":null}},"time_used":223,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":223,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-11-16","alert":"Sinkholed","trigger":"goo.by","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"goo.by/content/blog/gst.jpg","fqdn":"goo.by","domain":"goo.by","tld":"by"},"ip":{"addr":"104.21.86.233","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://goo.by/","date":"2025-11-16T21:49:35.796Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"goo.by","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 25 Oct 2025 19:58:21 GMT","end":"Fri, 23 Jan 2026 20:56:04 GMT"},"fingerprint":{"sha1":"06:92:EF:DC:D6:D7:B4:BA:BB:5B:3F:D3:DF:5A:F4:F6:C4:9C:1C:AA","sha256":"C0:D7:42:3C:D0:BF:0B:7E:EF:B9:0B:A2:D0:C3:92:B3:B0:74:A5:C3:15:8A:86:BC:79:3A:0E:D4:62:11:18:7C"}}},"request":{"raw":"GET /content/blog/gst.jpg HTTP/1.1\r\nHost: goo.by\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://goo.by/\r\nCookie: PHPSESSID=dercll27hd6oqg7cjpeojcl4s2\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Sun, 16 Nov 2025 21:49:35 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 37559\r\nlast-modified: Tue, 23 Sep 2025 21:19:15 GMT\r\netag: \"68d30ed3-92b7\"\r\nstrict-transport-security: max-age=31536000\r\naccept-ranges: bytes\r\ncf-cache-status: REVALIDATED\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=4DeIkU%2FIPVCkj6vNNC9RnD5FQ%2Bv7QVS9i2Se7DCbz4KtZ%2BxKNd7a%2Fq6K9a2sZKKBtTBsSVFmsuO3zRmDbKpC%2FgA%2FaJ8%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i=?0\r\nvary: accept-encoding\r\ncf-ray: 99fa32fa9af3b4f7-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":37559,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1200x497, components 3","md5":"73089cf85137704aae72820f456a8a0e","sha1":"c9fee3547045bcf8e5442bb5c5455141768180b4","sha256":"922ab162cd89563648befda053ff9daf23a91da27eb4540b4051b6f542a7291a","sha512":"a5050299c85080f040ede4e57758abc5e0926843a9c1a421399f074f824c7a7e580f90c9805de67ad1d9d00944a20fe0efcdc2814b065e46c6794353f2fcb14c","ssdeep":"768:GIUmYyGEv64SIRg5/cl3HipTgxGkbh1Vd0N4w8E3sqRPnNJyO:91GIS/AHi+xG2heN4wzRPnTb","tlshash":"3af2f1827f149db0d050673a622b4f989bf22d31ddaaca934f2b6d1c5a3de758c0446b","first_seen":"2025-10-22T21:35:22.615459Z","last_seen":"2025-11-16T21:50:03.538916Z","times_seen":4,"resource_available":false,"data":null}},"time_used":219,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":213,"receive":6,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-11-16","alert":"Sinkholed","trigger":"goo.by","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdn.jsdelivr.net/npm/shareon@2/dist/shareon.iife.js","fqdn":"cdn.jsdelivr.net","domain":"jsdelivr.net","tld":"net"},"ip":{"addr":"151.101.193.229","port":443,"asn":54113,"as":"FASTLY","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://goo.by/","date":"2025-11-16T21:49:35.800Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"jsdelivr.net","organization":""},"issuer":{"commonName":"GlobalSign Atlas R3 DV TLS CA 2025 Q2","organization":"GlobalSign nv-sa"},"validity":{"start":"Mon, 02 Jun 2025 15:43:52 GMT","end":"Sat, 04 Jul 2026 15:43:51 GMT"},"fingerprint":{"sha1":"21:17:81:78:41:C6:8F:86:D6:CF:8D:98:CC:74:A8:F1:03:F8:C9:D4","sha256":"D0:E6:8D:08:11:05:7E:0C:2A:0D:C7:E0:ED:AE:9E:18:C8:74:32:12:3D:56:43:98:62:CD:A2:08:6F:64:5B:B0"}}},"request":{"raw":"GET /npm/shareon@2/dist/shareon.iife.js HTTP/1.1\r\nHost: cdn.jsdelivr.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://goo.by/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccess-control-allow-origin: *\r\naccess-control-expose-headers: *\r\ntiming-allow-origin: *\r\ncache-control: public, max-age=604800, s-maxage=43200\r\ncross-origin-resource-policy: cross-origin\r\nx-content-type-options: nosniff\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\ncontent-type: application/javascript; charset=utf-8\r\nx-jsd-version: 2.7.0\r\nx-jsd-version-type: version\r\netag: W/\"f4a-O1hb7fw/9nhAIKb9r52U0mMxoq0\"\r\ncontent-encoding: br\r\naccept-ranges: bytes\r\nage: 632\r\ndate: Sun, 16 Nov 2025 21:49:35 GMT\r\nx-served-by: cache-fra-etou8220109-FRA, cache-hel1410033-HEL\r\nx-cache: HIT, HIT\r\nvary: Accept-Encoding\r\nalt-svc: h3=\":443\";ma=86400,h3-29=\":443\";ma=86400,h3-27=\":443\";ma=86400\r\ncontent-length: 1374\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":3914,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (3913)","md5":"1ac145e0c0413996dcd1d9a810354f0a","sha1":"3b585bedfc3ff6784020a6fdaf9d94d26331a2ad","sha256":"1f3124bc088a4a597d8c2231cc836ec1990754ee80191d01ad5cda155ee3de91","sha512":"648c3db24f1dbebf405a1f20c7fcae9663f2386ed6cfdd313608aeeba351a8d29fcc7d7898111d67ef8baf6f17d9b0529cab52adaea1aa922d1e84c9d4f9fc42","ssdeep":"","tlshash":"688133a713858532098528fae82b34b4ce51470cf4c6c5a96c244b6e0f6f9b3f4b707a","first_seen":"2025-07-04T12:32:18.75701Z","last_seen":"2026-03-14T22:51:17.165279Z","times_seen":50,"resource_available":true,"data":null}},"time_used":152,"timings":{"blocked":57,"dns":39,"connect":13,"send":0,"wait":14,"receive":0,"ssl":27},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"goo.by/static/bundle.pack.js","fqdn":"goo.by","domain":"goo.by","tld":"by"},"ip":{"addr":"104.21.86.233","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://goo.by/","date":"2025-11-16T21:49:35.801Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"goo.by","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 25 Oct 2025 19:58:21 GMT","end":"Fri, 23 Jan 2026 20:56:04 GMT"},"fingerprint":{"sha1":"06:92:EF:DC:D6:D7:B4:BA:BB:5B:3F:D3:DF:5A:F4:F6:C4:9C:1C:AA","sha256":"C0:D7:42:3C:D0:BF:0B:7E:EF:B9:0B:A2:D0:C3:92:B3:B0:74:A5:C3:15:8A:86:BC:79:3A:0E:D4:62:11:18:7C"}}},"request":{"raw":"GET /static/bundle.pack.js HTTP/1.1\r\nHost: goo.by\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://goo.by/\r\nCookie: PHPSESSID=dercll27hd6oqg7cjpeojcl4s2\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Sun, 16 Nov 2025 21:49:36 GMT\r\ncontent-type: application/javascript; charset=utf-8\r\nvary: accept-encoding\r\nlast-modified: Wed, 27 Oct 2021 21:00:00 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: br\r\ncf-cache-status: REVALIDATED\r\netag: W/\"6179bdd0-51029\"\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=6zgc1KMML0sS0yU8bmumwWO2bfmEuv9oM5KGzcG065aUEzO98cw75%2Bd2IcbjCsCbA%2FiaSoyUGdsPGmXayZtVABbnrBg%3D\"}]}\r\npriority: u=3,i=?0\r\ncf-ray: 99fa32fa9af7b4f7-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":331817,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (65536), with no line terminators","md5":"b7a0b4d8ad643025de822486283a2bbf","sha1":"28b0afdd6b9ccf94645ac0ed5c55aa35c7dc892c","sha256":"fc981871b8271bea9270a3af4f77bb50d37101e555dd6801fe7ecf9e26a9b12b","sha512":"66ab32d20f4ded5de92b4c9e0aed74e7136223d85702b93c5a6bd0daed999661c669a43d95c2e444328ce6adc8643e6b945eb1817eaeefc98d575cf4365dbb19","ssdeep":"6144:Bi8eGRuufsr5zQ47GK2iWIHf+e/wh8gOO:BiURum05k4COO","tlshash":"22640959768db136425b21f6102f150ab23b29bfa40d9118f16cc8f96d7dd8aa237f3c","first_seen":"2023-03-07T01:41:19Z","last_seen":"2026-03-29T06:51:35.562617Z","times_seen":342,"resource_available":true,"data":null}},"time_used":232,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":228,"receive":4,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-11-16","alert":"Sinkholed","trigger":"goo.by","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2","fqdn":"fonts.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"216.58.207.227","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://www.google.com/recaptcha/api2/anchor?ar=1\u0026k=6LcUoOQUAAAAANHj_juVSgLjxCWAABmUxJr-DhCw\u0026co=aHR0cHM6Ly9nb28uYnk6NDQz\u0026hl=en\u0026v=TkacYOdEJbdB_JjX802TMer9\u0026size=invisible\u0026anchor-ms=20000\u0026execute-ms=15000\u0026cb=rinefjzddqmd","date":"2025-11-16T21:49:37.275Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 27 Oct 2025 08:34:57 GMT","end":"Mon, 19 Jan 2026 08:34:56 GMT"},"fingerprint":{"sha1":"A9:72:6E:D8:AB:26:CE:26:35:A4:39:55:24:08:04:0F:24:56:E8:8C","sha256":"65:84:7B:FE:24:02:CE:3E:DB:6E:1C:6B:B8:FC:99:F5:A5:65:83:F1:66:75:ED:20:20:63:06:ED:27:8A:82:FE"}}},"request":{"raw":"GET /s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 HTTP/1.1\r\nHost: fonts.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nOrigin: https://www.google.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.google.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"apps-themes\"\r\nreport-to: {\"group\":\"apps-themes\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/apps-themes\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 15552\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Wed, 12 Nov 2025 09:01:03 GMT\r\nexpires: Thu, 12 Nov 2026 09:01:03 GMT\r\ncache-control: public, max-age=31536000\r\nlast-modified: Mon, 16 Oct 2017 17:33:02 GMT\r\ncontent-type: font/woff2\r\nage: 391714\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":15552,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 15552, version 1.0","md5":"285467176f7fe6bb6a9c6873b3dad2cc","sha1":"ea04e4ff5142ddd69307c183def721a160e0a64e","sha256":"5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7","sha512":"5f9bb763406ea8ce978ec675bd51a0263e9547021ea71188dbd62f0212eb00c1421b750d3b94550b50425bebff5f881c41299f6a33bbfa12fb1ff18c12bc7ff1","ssdeep":"384:HDKhlQ8AGL0dgUoEGBQTc7r6QYMkyr/iobA2E4/jKcJZI7lhzi:jslQ+LhUoTB0Qr6Qjkg/DmcJufzi","tlshash":"8462e103f2bc4c01e786193ebb5870237205272619efa67780ce7ea4c65ec81a39b457","first_seen":"2023-04-05T04:58:40Z","last_seen":"2026-04-03T19:19:39.138387Z","times_seen":338452,"resource_available":false,"data":null}},"time_used":27,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":21,"receive":6,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.google.com/recaptcha/api2/clr?k=6LcUoOQUAAAAANHj_juVSgLjxCWAABmUxJr-DhCw","fqdn":"www.google.com","domain":"google.com","tld":"com"},"ip":{"addr":"142.250.178.36","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://goo.by/","date":"2025-11-16T21:49:38.411Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.google.com","organization":""},"issuer":{"commonName":"WE2","organization":"Google Trust Services"},"validity":{"start":"Mon, 27 Oct 2025 08:33:51 GMT","end":"Mon, 19 Jan 2026 08:33:50 GMT"},"fingerprint":{"sha1":"99:FF:FA:35:E4:FB:4B:28:B0:D5:C1:D4:AD:3F:43:AA:85:22:87:8B","sha256":"30:D1:CE:98:2F:EB:E2:4A:53:22:1C:BF:BB:4E:BC:2C:CA:E1:CE:CF:B7:9D:20:26:F9:55:2A:6B:ED:AD:DA:83"}}},"request":{"raw":"POST /recaptcha/api2/clr?k=6LcUoOQUAAAAANHj_juVSgLjxCWAABmUxJr-DhCw HTTP/1.1\r\nHost: www.google.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://goo.by/\r\nContent-Length: 1621\r\nOrigin: https://goo.by\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST"},"response":{"raw":"HTTP/3 200 OK\r\ncontent-type: application/binary\r\nreport-to: {\"group\":\"coop_38fac9d5b82543fc4729580d18ff2d3d\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/38fac9d5b82543fc4729580d18ff2d3d\"}]}\r\ncross-origin-opener-policy-report-only: same-origin; report-to=\"coop_38fac9d5b82543fc4729580d18ff2d3d\"\r\ncross-origin-resource-policy: cross-origin\r\ndate: Sun, 16 Nov 2025 21:49:38 GMT\r\nserver: ESF\r\ncontent-length: 0\r\nx-xss-protection: 0\r\nx-frame-options: SAMEORIGIN\r\nx-content-type-options: nosniff\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"application/binary","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-03T19:31:03.603551Z","times_seen":13300818,"resource_available":true,"data":null}},"time_used":46,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":46,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"goo.by/static/frontend/js/app.min.js?v=1.2","fqdn":"goo.by","domain":"goo.by","tld":"by"},"ip":{"addr":"104.21.86.233","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://goo.by/","date":"2025-11-16T21:49:35.803Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"goo.by","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 25 Oct 2025 19:58:21 GMT","end":"Fri, 23 Jan 2026 20:56:04 GMT"},"fingerprint":{"sha1":"06:92:EF:DC:D6:D7:B4:BA:BB:5B:3F:D3:DF:5A:F4:F6:C4:9C:1C:AA","sha256":"C0:D7:42:3C:D0:BF:0B:7E:EF:B9:0B:A2:D0:C3:92:B3:B0:74:A5:C3:15:8A:86:BC:79:3A:0E:D4:62:11:18:7C"}}},"request":{"raw":"GET /static/frontend/js/app.min.js?v=1.2 HTTP/1.1\r\nHost: goo.by\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://goo.by/\r\nCookie: PHPSESSID=dercll27hd6oqg7cjpeojcl4s2\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Sun, 16 Nov 2025 21:49:35 GMT\r\ncontent-type: application/javascript; charset=utf-8\r\nvary: accept-encoding\r\nlast-modified: Mon, 21 Aug 2023 21:00:00 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: br\r\ncf-cache-status: REVALIDATED\r\netag: W/\"64e3d050-16fe\"\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=yj9U75VZK%2BJ2gir7oikSgiMzfsF63Mc5qCguc3tbTvGgccd%2FprQBBssgtE5lXAKFNN6DqKpm2n0lT7ivEL8PR9LO6Vo%3D\"}]}\r\npriority: u=3,i=?0\r\ncf-ray: 99fa32fa9afab4f7-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":5886,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (5886), with no line terminators","md5":"82374b423499415c2c3173513ec1615c","sha1":"3b219efdc592a49a680e2c71cb22989c686b5417","sha256":"12116847297eb16ae5aa1d26b27a0b4704afcc352272ab89cd6d28a27b2604be","sha512":"48112faa6213433eb691513296bd7cd2bd85db22f0bc8547651ae3aebcf003c0817218f5e86cd90affedcbc74d765e25621c372b304914322f509a2ebf3b7ab7","ssdeep":"96:AMEaQNRdcaNOyculEVlUKpIlIRIBAIBRIqCyAIc7K0M0MlpwRyf2p:bEaQNToyXEDSVLf2","tlshash":"55c18408b15cb5a722fb7136881fba0950727984c656e049a560e1f42facec62973f3f","first_seen":"2023-09-11T11:11:16Z","last_seen":"2026-02-15T18:55:41.562615Z","times_seen":79,"resource_available":true,"data":null}},"time_used":217,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":217,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-11-16","alert":"Sinkholed","trigger":"goo.by","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"fonts.googleapis.com/css2?family=Roboto\u0026display=swap","fqdn":"fonts.googleapis.com","domain":"fonts.googleapis.com","tld":"googleapis.com"},"ip":{"addr":"142.251.38.106","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://goo.by/","date":"2025-11-16T21:49:35.783Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"upload.video.google.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 27 Oct 2025 08:34:58 GMT","end":"Mon, 19 Jan 2026 08:34:57 GMT"},"fingerprint":{"sha1":"56:14:7E:EF:FA:D2:CF:DD:3B:30:9C:AE:7A:C9:AD:9E:A7:87:3D:E9","sha256":"72:DD:0F:82:4D:8A:09:2D:BB:5B:E6:1B:6F:09:F8:1E:BD:BD:D3:3E:B8:A4:8C:B9:49:13:4D:DC:D7:EF:EA:77"}}},"request":{"raw":"GET /css2?family=Roboto\u0026display=swap HTTP/1.1\r\nHost: fonts.googleapis.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://goo.by/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: text/css; charset=utf-8\r\nvary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site\r\naccess-control-allow-origin: *\r\ntiming-allow-origin: *\r\nlink: \u003chttps://fonts.gstatic.com\u003e; rel=preconnect; crossorigin\r\nstrict-transport-security: max-age=31536000\r\nexpires: Sun, 16 Nov 2025 21:49:35 GMT\r\ndate: Sun, 16 Nov 2025 21:49:35 GMT\r\ncache-control: private, max-age=86400\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin-allow-popups\r\ncontent-encoding: gzip\r\nserver: ESF\r\nx-xss-protection: 0\r\nx-frame-options: SAMEORIGIN\r\nx-content-type-options: nosniff\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":5746,"size_decoded":0,"mime_type":"text/css; charset=utf-8","magic":"ASCII text, with very long lines (1572)","md5":"017672004526d49c616a83a1885ca6cb","sha1":"317c4a759af5149d1777a5c195c2030c842d4b70","sha256":"6ad67efe8c01a7f843a39344a43ca877e30726dd0cae6db3ce719a22a63bbc70","sha512":"f1dbb144b98e0a05fcaefd0367bb48be095ce28add6c7e8e8ac4d6b4b31dd76e2a7edaa4587bb78841aac8d679c53ba06e7a98775e9c6eaeee11c18c4f251ed7","ssdeep":"96:1OEbaNllOEbaNsFZKOEbaNWOEbaNVTOEbaNVy+aZjzBrgOEbaNIubqGIFuV4yOE6:2NlmNMNVNVkNVqbNfbqGIwV4BNdNzwNY","tlshash":"9bc1fd91041704409b835cd227ce7f34fe1f92116544d0b9abfc9b6beddbda6426836e","first_seen":"2025-09-08T23:56:02.073922Z","last_seen":"2026-03-05T16:22:21.514891Z","times_seen":5277,"resource_available":false,"data":null}},"time_used":306,"timings":{"blocked":127,"dns":1,"connect":20,"send":0,"wait":33,"receive":0,"ssl":123},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"goo.by/apple-touch-icon.png","fqdn":"goo.by","domain":"goo.by","tld":"by"},"ip":{"addr":"104.21.86.233","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://goo.by/","date":"2025-11-16T21:49:36.381Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"goo.by","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 25 Oct 2025 19:58:21 GMT","end":"Fri, 23 Jan 2026 20:56:04 GMT"},"fingerprint":{"sha1":"06:92:EF:DC:D6:D7:B4:BA:BB:5B:3F:D3:DF:5A:F4:F6:C4:9C:1C:AA","sha256":"C0:D7:42:3C:D0:BF:0B:7E:EF:B9:0B:A2:D0:C3:92:B3:B0:74:A5:C3:15:8A:86:BC:79:3A:0E:D4:62:11:18:7C"}}},"request":{"raw":"GET /apple-touch-icon.png HTTP/1.1\r\nHost: goo.by\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://goo.by/\r\nCookie: PHPSESSID=dercll27hd6oqg7cjpeojcl4s2\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Sun, 16 Nov 2025 21:49:36 GMT\r\ncontent-type: image/png\r\ncontent-length: 9322\r\nlast-modified: Sun, 12 May 2024 06:58:07 GMT\r\netag: \"6640687f-246a\"\r\nstrict-transport-security: max-age=31536000\r\naccept-ranges: bytes\r\ncf-cache-status: REVALIDATED\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=19k2xmU2O1ypl8r6hnKkMhX7fL1hVXoybV3VTKoGNCmwMA%2BJnWrjJ%2BaZyVTeW5h2%2Fq8p3wGGb9XGVTLpLCIHXlYjfCk%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=6,i=?0\r\nvary: accept-encoding\r\ncf-ray: 99fa32fe6b3cb4f7-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":9322,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 180 x 180, 8-bit/color RGB, non-interlaced","md5":"8bfb234f05eef59b3f7759210486320c","sha1":"c6e89114b4f1707e7e3eb679f65e941cb040ebaa","sha256":"cd9610cc7421032077e4a3b84bc0b338831b181a7c3b83f9b204eb1ec6d2401e","sha512":"1268502c40bfd93df3b2cedadc47532a057353658adec159bf4d3eaa51ee5485ced9692fe0c1221bcf245c0c93e3de90cdcab8407f0cb84a598291f613cb0cb2","ssdeep":"192:odauRCJs6ISsiBzQ2w7KwhtHWCUS1s2zPwCulhZwbMT3TXkQYH:luRCJnPc7KwHWU62zPwC2hZw4TDs","tlshash":"ef12c0f6d818e07f658e644983d3b2cc2a775a362176e9ec683fc80d95e0bc0994c5b7","first_seen":"2024-05-30T05:41:42Z","last_seen":"2025-11-16T21:50:03.552939Z","times_seen":34,"resource_available":false,"data":null}},"time_used":207,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":207,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-11-16","alert":"Sinkholed","trigger":"goo.by","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"goo.by/static/frontend/fonts/icomoon.ttf?ulfgh0","fqdn":"goo.by","domain":"goo.by","tld":"by"},"ip":{"addr":"104.21.86.233","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://goo.by/","date":"2025-11-16T21:49:36.125Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"goo.by","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 25 Oct 2025 19:58:21 GMT","end":"Fri, 23 Jan 2026 20:56:04 GMT"},"fingerprint":{"sha1":"06:92:EF:DC:D6:D7:B4:BA:BB:5B:3F:D3:DF:5A:F4:F6:C4:9C:1C:AA","sha256":"C0:D7:42:3C:D0:BF:0B:7E:EF:B9:0B:A2:D0:C3:92:B3:B0:74:A5:C3:15:8A:86:BC:79:3A:0E:D4:62:11:18:7C"}}},"request":{"raw":"GET /static/frontend/fonts/icomoon.ttf?ulfgh0 HTTP/1.1\r\nHost: goo.by\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://goo.by/static/frontend/css/reset.css?v37\r\nCookie: PHPSESSID=dercll27hd6oqg7cjpeojcl4s2\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Sun, 16 Nov 2025 21:49:36 GMT\r\ncontent-type: application/octet-stream\r\ncontent-length: 4568\r\nlast-modified: Wed, 14 Jun 2023 21:00:00 GMT\r\netag: \"648a2a50-11d8\"\r\nstrict-transport-security: max-age=31536000\r\naccept-ranges: bytes\r\ncf-cache-status: REVALIDATED\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=OScBFqbLoYiB0OtOFX8DhV6hP%2BkPiyKNppcF%2FdpEo70pjOf70g6aGKMtMX0LeW0UK%2FIzO1xy%2BRYT8Wf8RDJq4tXbwKo%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i=?0\r\nvary: accept-encoding\r\ncf-ray: 99fa32fccb29b4f7-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":4568,"size_decoded":0,"mime_type":"application/octet-stream","magic":"TrueType Font data, 11 tables, 1st \"OS/2\", 14 names, Macintosh, type 1 string, icomoon    ","md5":"2730962e9d816bcbf082ceca4c7cf5e5","sha1":"28ae7090a594369f674b376423b8df3e5a813f42","sha256":"357004e9ec66eab37303083efa2b4877246d779542ef28917017ab4ee5ce382f","sha512":"e7a9e8e77a6235b17235ee4ff6f213b38b75402b332689730ce517487dabfdfc2cce1d9b22bcb8217c0db522bb759498878b7f5486a65e862e132eed69297001","ssdeep":"96:zqzVLmmK+Nj3ttgx9xuY3a/e0G07JWQT+KBtyBobMDjxlPV2DG:k5K+Nj3Ex9xU2z07JWI+KBSZtlPV2K","tlshash":"f191ca02c735df4ec8178738d87247581ff4e951ca7e979b26982a02ec589dc8ea4762","first_seen":"2023-09-16T17:20:34Z","last_seen":"2025-11-16T21:50:03.554024Z","times_seen":59,"resource_available":false,"data":null}},"time_used":219,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":217,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-11-16","alert":"Sinkholed","trigger":"goo.by","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"fonts.gstatic.com/s/roboto/v49/KFOMCnqEu92Fr1ME7kSn66aGLdTylUAMQXC89YmC2DPNWubEbVmQiArmlw.woff2","fqdn":"fonts.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"216.58.207.227","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://goo.by/","date":"2025-11-16T21:49:36.363Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 27 Oct 2025 08:34:57 GMT","end":"Mon, 19 Jan 2026 08:34:56 GMT"},"fingerprint":{"sha1":"A9:72:6E:D8:AB:26:CE:26:35:A4:39:55:24:08:04:0F:24:56:E8:8C","sha256":"65:84:7B:FE:24:02:CE:3E:DB:6E:1C:6B:B8:FC:99:F5:A5:65:83:F1:66:75:ED:20:20:63:06:ED:27:8A:82:FE"}}},"request":{"raw":"GET /s/roboto/v49/KFOMCnqEu92Fr1ME7kSn66aGLdTylUAMQXC89YmC2DPNWubEbVmQiArmlw.woff2 HTTP/1.1\r\nHost: fonts.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nOrigin: https://goo.by\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://fonts.googleapis.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"apps-themes\"\r\nreport-to: {\"group\":\"apps-themes\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/apps-themes\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 11840\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Thu, 13 Nov 2025 05:39:47 GMT\r\nexpires: Fri, 13 Nov 2026 05:39:47 GMT\r\ncache-control: public, max-age=31536000\r\nlast-modified: Mon, 08 Sep 2025 18:08:11 GMT\r\ncontent-type: font/woff2\r\nage: 317389\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":11840,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 11840, version 1.0","md5":"a0f8baa16418514a286278c0a773d3a6","sha1":"e3029db449750770ccb50c74364a7ef61e8ddb36","sha256":"fe56d0d137acb0f9b17754d3670f5ecaee2185548dd9a8c44535a5f194117ddc","sha512":"c66f50263acfe1ca68e2f3999f76a9c73fc09fcb54ebec4949bca670d63bdcd68e9c9ae8b83ad69da84c9cf8627b6b84e2777b9112cafd7c62fcf8f9e799c39a","ssdeep":"192:hxLRc1v0nOzVBEm+alnYKZEiy2FqJ+/TUabyEF731idesuGqJwx8VyFH:hxLu0eVBEbayKXq0byEF7Fide0qFVyFH","tlshash":"8c32bf0e77904994e073f26712612571e9f9e3dd1bc66f80b1409d4ca88ee466bccc35","first_seen":"2025-01-14T08:51:39.832648Z","last_seen":"2026-04-02T04:03:41.620543Z","times_seen":1851,"resource_available":false,"data":null}},"time_used":10,"timings":{"blocked":1,"dns":0,"connect":0,"send":0,"wait":8,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"goo.by/static/ext/google-url-shortener.svg","fqdn":"goo.by","domain":"goo.by","tld":"by"},"ip":{"addr":"104.21.86.233","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://goo.by/","date":"2025-11-16T21:49:35.794Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"goo.by","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 25 Oct 2025 19:58:21 GMT","end":"Fri, 23 Jan 2026 20:56:04 GMT"},"fingerprint":{"sha1":"06:92:EF:DC:D6:D7:B4:BA:BB:5B:3F:D3:DF:5A:F4:F6:C4:9C:1C:AA","sha256":"C0:D7:42:3C:D0:BF:0B:7E:EF:B9:0B:A2:D0:C3:92:B3:B0:74:A5:C3:15:8A:86:BC:79:3A:0E:D4:62:11:18:7C"}}},"request":{"raw":"GET /static/ext/google-url-shortener.svg HTTP/1.1\r\nHost: goo.by\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://goo.by/\r\nCookie: PHPSESSID=dercll27hd6oqg7cjpeojcl4s2\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Sun, 16 Nov 2025 21:49:35 GMT\r\ncontent-type: image/svg+xml\r\nvary: accept-encoding\r\nlast-modified: Tue, 14 May 2024 20:40:56 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: br\r\ncf-cache-status: REVALIDATED\r\netag: W/\"6643cc58-496\"\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=G81xRoisEQ8Ll%2FG%2B0vS9ed%2F10kKLIv81uqFFLWEadJh%2FWwzD0fAn3loXTbXocW%2BhwOHmDgxj3gNJI9oI9GP48JpXyhI%3D\"}]}\r\npriority: u=4,i=?0\r\ncf-ray: 99fa32fa9af2b4f7-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":1174,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"ef08242fd1b3392f8ea1ce74db181d3c","sha1":"c86ef6b8314a1329326fe24ba7a55fe5c39427e9","sha256":"35aa84f6021e5c4645409078ae1d5204de4443416d52698fbd4b9c3a561ae977","sha512":"a62b6efdab808e776d056a33950494f4889654be32aaec3f32144c1f8ada26bf628b3e53d5ff115c090831099d168c25ba3de6ea6b8fad1c5197da19272c887a","ssdeep":"","tlshash":"a121acfbe51dac9be50b927cd99610b0232e14bbe244c315a4949f1f15680d71d0ef60","first_seen":"2024-08-19T17:49:05.587549Z","last_seen":"2025-11-16T21:50:03.556411Z","times_seen":11,"resource_available":false,"data":null}},"time_used":213,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":213,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-11-16","alert":"Sinkholed","trigger":"goo.by","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"goo.by/static/frontend/images/blog4.jpg","fqdn":"goo.by","domain":"goo.by","tld":"by"},"ip":{"addr":"104.21.86.233","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://goo.by/","date":"2025-11-16T21:49:35.798Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"goo.by","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 25 Oct 2025 19:58:21 GMT","end":"Fri, 23 Jan 2026 20:56:04 GMT"},"fingerprint":{"sha1":"06:92:EF:DC:D6:D7:B4:BA:BB:5B:3F:D3:DF:5A:F4:F6:C4:9C:1C:AA","sha256":"C0:D7:42:3C:D0:BF:0B:7E:EF:B9:0B:A2:D0:C3:92:B3:B0:74:A5:C3:15:8A:86:BC:79:3A:0E:D4:62:11:18:7C"}}},"request":{"raw":"GET /static/frontend/images/blog4.jpg HTTP/1.1\r\nHost: goo.by\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://goo.by/\r\nCookie: PHPSESSID=dercll27hd6oqg7cjpeojcl4s2\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Sun, 16 Nov 2025 21:49:35 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 16215\r\nlast-modified: Tue, 17 Oct 2023 21:00:00 GMT\r\netag: \"652ef5d0-3f57\"\r\nstrict-transport-security: max-age=31536000\r\naccept-ranges: bytes\r\ncf-cache-status: REVALIDATED\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=h%2FyAd2zHT7Qpg%2FbPXNz65gm9qF8J82DTMfImXSY6Vn6XvY5J1AqrBwxaoIDXEVQ6WcUaHpNsPxvGdXNb0WQELl%2BVDiQ%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i=?0\r\nvary: accept-encoding\r\ncf-ray: 99fa32fa9af5b4f7-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":16215,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, resolution (DPI), density 120x120, segment length 16, progressive, precision 8, 720x300, components 3","md5":"b9501d6637673009855ac39d0e2cced8","sha1":"0f2ef925e177e2b9815897f3bfeb10351d231031","sha256":"d5c73c1bdb830080a11cfe7ff9fe89c1cba9ad1bbaa5ec7962371a99251bd4f6","sha512":"4ad893008c565fac1be9d86afbd63865b1e603208094a17c64b67310d582661aa17ad3f3a74591226657a03181ddba4c19a434a0a48b4b6c8c5a9125e6987879","ssdeep":"384:QII19pU4XlwWCVmGduVYD2UWfswtwJm5fzGw3HKDsR:aU2lwJmGdyiRWfZKWxR","tlshash":"4072cf3e3f995421e8915d30a1e3a221cc5aff0e303e8b2a1549f2c34825fe55dcbb96","first_seen":"2023-10-24T00:58:55Z","last_seen":"2025-11-16T21:50:03.557488Z","times_seen":57,"resource_available":false,"data":null}},"time_used":214,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":209,"receive":5,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-11-16","alert":"Sinkholed","trigger":"goo.by","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.gstatic.com/recaptcha/releases/TkacYOdEJbdB_JjX802TMer9/styles__ltr.css","fqdn":"www.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"142.250.178.35","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://www.google.com/recaptcha/api2/anchor?ar=1\u0026k=6LcUoOQUAAAAANHj_juVSgLjxCWAABmUxJr-DhCw\u0026co=aHR0cHM6Ly9nb28uYnk6NDQz\u0026hl=en\u0026v=TkacYOdEJbdB_JjX802TMer9\u0026size=invisible\u0026anchor-ms=20000\u0026execute-ms=15000\u0026cb=rinefjzddqmd","date":"2025-11-16T21:49:36.974Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WE2","organization":"Google Trust Services"},"validity":{"start":"Mon, 27 Oct 2025 08:35:04 GMT","end":"Mon, 19 Jan 2026 08:35:03 GMT"},"fingerprint":{"sha1":"4A:97:40:A8:11:17:BA:08:56:28:6E:0B:93:8B:64:13:1D:67:D4:2A","sha256":"A2:0A:13:FD:98:22:74:26:3F:C1:44:5C:92:27:22:17:A8:65:07:40:50:F9:14:02:11:E4:87:7F:C5:D2:F1:42"}}},"request":{"raw":"GET /recaptcha/releases/TkacYOdEJbdB_JjX802TMer9/styles__ltr.css HTTP/1.1\r\nHost: www.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.google.com/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\naccept-ranges: bytes\r\ncontent-encoding: gzip\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha-scs\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin-allow-popups; report-to=\"recaptcha-scs\"\r\nreport-to: {\"group\":\"recaptcha-scs\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/recaptcha-scs\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 42505\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Tue, 11 Nov 2025 01:11:23 GMT\r\nexpires: Wed, 11 Nov 2026 01:11:23 GMT\r\ncache-control: public, max-age=31536000\r\nlast-modified: Mon, 10 Nov 2025 14:52:55 GMT\r\ncontent-type: text/css\r\nvary: Accept-Encoding\r\nage: 506293\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":82951,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (65536), with no line terminators","md5":"7b035012fa886d53fb1f1e7d14635b97","sha1":"03c77a04fecbca19d5555d6ae876291d3b7973c1","sha256":"4d271d0650a8fb32c6ea7055f6ab8e7edce63e3868aa0a7b4ba03b56f069099f","sha512":"765bec023e54b64c7c93cd75e55320bc5e524dc24b2fd474e5ca63dbcc2bf2106464ac13cb72ed3949816463281c3715ae4edd5e3a11befd0af2ee255c53e89e","ssdeep":"1536:1fGNbFoZJSUYOOaLnAW8+IcTOIUCdthXwW5l1Dx7:1GRFauOxLA/+IcTOULX1","tlshash":"d8838f7338513b39fc2b9b616186b9edf22cc423e5514bfab5457a20c3db19a8253b07","first_seen":"2025-11-13T21:19:52.249776Z","last_seen":"2026-02-22T14:16:54.110663Z","times_seen":40042,"resource_available":false,"data":null}},"time_used":40,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":16,"receive":24,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.google.com/recaptcha/api2/reload?k=6LcUoOQUAAAAANHj_juVSgLjxCWAABmUxJr-DhCw","fqdn":"www.google.com","domain":"google.com","tld":"com"},"ip":{"addr":"142.250.178.36","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://www.google.com/recaptcha/api2/anchor?ar=1\u0026k=6LcUoOQUAAAAANHj_juVSgLjxCWAABmUxJr-DhCw\u0026co=aHR0cHM6Ly9nb28uYnk6NDQz\u0026hl=en\u0026v=TkacYOdEJbdB_JjX802TMer9\u0026size=invisible\u0026anchor-ms=20000\u0026execute-ms=15000\u0026cb=rinefjzddqmd","date":"2025-11-16T21:49:38.133Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.google.com","organization":""},"issuer":{"commonName":"WE2","organization":"Google Trust Services"},"validity":{"start":"Mon, 27 Oct 2025 08:33:51 GMT","end":"Mon, 19 Jan 2026 08:33:50 GMT"},"fingerprint":{"sha1":"99:FF:FA:35:E4:FB:4B:28:B0:D5:C1:D4:AD:3F:43:AA:85:22:87:8B","sha256":"30:D1:CE:98:2F:EB:E2:4A:53:22:1C:BF:BB:4E:BC:2C:CA:E1:CE:CF:B7:9D:20:26:F9:55:2A:6B:ED:AD:DA:83"}}},"request":{"raw":"POST /recaptcha/api2/reload?k=6LcUoOQUAAAAANHj_juVSgLjxCWAABmUxJr-DhCw HTTP/1.1\r\nHost: www.google.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nContent-Type: application/x-protobuffer\r\nContent-Length: 10903\r\nOrigin: https://www.google.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.google.com/recaptcha/api2/anchor?ar=1\u0026k=6LcUoOQUAAAAANHj_juVSgLjxCWAABmUxJr-DhCw\u0026co=aHR0cHM6Ly9nb28uYnk6NDQz\u0026hl=en\u0026v=TkacYOdEJbdB_JjX802TMer9\u0026size=invisible\u0026anchor-ms=20000\u0026execute-ms=15000\u0026cb=rinefjzddqmd\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST"},"response":{"raw":"HTTP/3 200 OK\r\ncontent-type: application/json; charset=utf-8\r\nvary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site\r\nx-content-type-options: nosniff\r\ncross-origin-opener-policy-report-only: same-origin; report-to=\"coop_38fac9d5b82543fc4729580d18ff2d3d\"\r\nreport-to: {\"group\":\"coop_38fac9d5b82543fc4729580d18ff2d3d\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/38fac9d5b82543fc4729580d18ff2d3d\"}]}\r\ncross-origin-resource-policy: same-site\r\ncontent-encoding: gzip\r\ndate: Sun, 16 Nov 2025 21:49:38 GMT\r\nserver: ESF\r\nx-xss-protection: 0\r\nx-frame-options: SAMEORIGIN\r\nset-cookie: _GRECAPTCHA=09ADiQh0fPY5mSOuwj3GG5wMjWWvCgjA09_G_sOjcIISE6hLDlbE0TNe_gkf_8VjYt9qEuBEn7cQVVFeY5NLkj5K8; Expires=Fri, 15-May-2026 21:49:38 GMT; Path=/recaptcha; Secure; HttpOnly; Priority=HIGH; SameSite=none\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nexpires: Sun, 16 Nov 2025 21:49:38 GMT\r\ncache-control: private\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":37364,"size_decoded":0,"mime_type":"application/json; charset=utf-8","magic":"ASCII text, with very long lines (37359)","md5":"3f2589e573b36df87362017cb56180be","sha1":"a4536d685387726910e409786d513933ebfcd945","sha256":"a6d996b587fdd87ccd701752273ee816c06c492ba757cbb845837865fa4fa8dd","sha512":"13596f37f32b3954c3fda11112aa4c593a98a0b805c95d0577d24406107c33449d0431dea0544efbd856c7345a12bd507e2c19bbc7ead5676d2f96ed4dbc3e7c","ssdeep":"768:OiktYBfu7aWfkFxe9TWTqcJLy0ZBQ2YdS:uSsufxeVW5ZBQ2kS","tlshash":"94f27c27f38734deafb69e101ad256fa2237bc5b21921acd0b4b04c40c7ce5b5738198","first_seen":"2025-11-16T21:50:03.559716Z","last_seen":"2025-11-16T21:50:03.559716Z","times_seen":1,"resource_available":false,"data":null}},"time_used":126,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":122,"receive":4,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"goo.by/content/blog/DinaB.jpg","fqdn":"goo.by","domain":"goo.by","tld":"by"},"ip":{"addr":"104.21.86.233","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://goo.by/","date":"2025-11-16T21:49:35.798Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"goo.by","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 25 Oct 2025 19:58:21 GMT","end":"Fri, 23 Jan 2026 20:56:04 GMT"},"fingerprint":{"sha1":"06:92:EF:DC:D6:D7:B4:BA:BB:5B:3F:D3:DF:5A:F4:F6:C4:9C:1C:AA","sha256":"C0:D7:42:3C:D0:BF:0B:7E:EF:B9:0B:A2:D0:C3:92:B3:B0:74:A5:C3:15:8A:86:BC:79:3A:0E:D4:62:11:18:7C"}}},"request":{"raw":"GET /content/blog/DinaB.jpg HTTP/1.1\r\nHost: goo.by\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://goo.by/\r\nCookie: PHPSESSID=dercll27hd6oqg7cjpeojcl4s2\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Sun, 16 Nov 2025 21:49:35 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 44255\r\nlast-modified: Tue, 23 Sep 2025 14:45:08 GMT\r\netag: \"68d2b274-acdf\"\r\nstrict-transport-security: max-age=31536000\r\naccept-ranges: bytes\r\ncf-cache-status: REVALIDATED\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=sbKy3ZWAChHdeO3V%2FjseHqzWGE4nCwGoOkv0utO%2Ff4gep8ak3uG2%2BfqfQ2rk7Dge4ttf9MGh9MOPIc%2FktkT2lEpX9XM%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i=?0\r\nvary: accept-encoding\r\ncf-ray: 99fa32fa9af6b4f7-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":44255,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 500x285, components 3","md5":"a5cffa4926c1ca011c39e08688607cfa","sha1":"573bafd3d840524d3c21892a3812e9c08b4efc2f","sha256":"9e492e114d325b053278cc325309dc8499185940510668d1ed28c566ebe89f62","sha512":"720fd3abf9713aed97b00df39116bce128734e7ef901e218670c49743a3fc8ad36ccaf85ca65dd9817c6bd9283b06de2a1b2e07b5c49ae9deaae6c244e7f33d0","ssdeep":"768:dTbdXyEGB9nw5+c/183z53A74HDtDzuCbGWLrXQ0qJdvMfNXcg2+hdZ+:RdX89wn/1gDiCdnXQ0qLMdH2+hz+","tlshash":"a213f1dfae454201d0f0e98232d4bb103b2b6cce939fce9c3069da7574da09b12691db","first_seen":"2025-10-22T21:35:22.666942Z","last_seen":"2025-11-16T21:50:03.563477Z","times_seen":4,"resource_available":false,"data":null}},"time_used":220,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":214,"receive":6,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-11-16","alert":"Sinkholed","trigger":"goo.by","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.gstatic.com/recaptcha/releases/TkacYOdEJbdB_JjX802TMer9/recaptcha__en.js","fqdn":"www.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"142.250.178.35","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://www.google.com/recaptcha/api2/webworker.js?hl=en\u0026v=TkacYOdEJbdB_JjX802TMer9","date":"2025-11-16T21:49:37.340Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WE2","organization":"Google Trust Services"},"validity":{"start":"Mon, 27 Oct 2025 08:35:04 GMT","end":"Mon, 19 Jan 2026 08:35:03 GMT"},"fingerprint":{"sha1":"4A:97:40:A8:11:17:BA:08:56:28:6E:0B:93:8B:64:13:1D:67:D4:2A","sha256":"A2:0A:13:FD:98:22:74:26:3F:C1:44:5C:92:27:22:17:A8:65:07:40:50:F9:14:02:11:E4:87:7F:C5:D2:F1:42"}}},"request":{"raw":"GET /recaptcha/releases/TkacYOdEJbdB_JjX802TMer9/recaptcha__en.js HTTP/1.1\r\nHost: www.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.google.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\naccept-ranges: bytes\r\ncontent-encoding: gzip\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha-scs\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin-allow-popups; report-to=\"recaptcha-scs\"\r\nreport-to: {\"group\":\"recaptcha-scs\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/recaptcha-scs\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 355016\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Tue, 11 Nov 2025 01:11:23 GMT\r\nexpires: Wed, 11 Nov 2026 01:11:23 GMT\r\ncache-control: public, max-age=31536000\r\nlast-modified: Mon, 10 Nov 2025 14:52:55 GMT\r\ncontent-type: text/javascript\r\nvary: Accept-Encoding\r\nage: 506294\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":831957,"size_decoded":0,"mime_type":"text/javascript","magic":"JavaScript source, ASCII text, with very long lines (553)","md5":"2506e0d302c7bbd6654b091f44fdda03","sha1":"cddd2822fd20c3a5eaadae592bbe2c1f6d42e430","sha256":"ccdd2d231d4fc51186c484d940d8d7eff0e0ab787067fc8aa6a10f014deffa7e","sha512":"4c5dc8474d796a78832e9607760ad5389576ec4663bf02fd19217902de38fc06423d5bde421b68deed1842ee62d9ccd0eb521aa1fa1626c0f4160a456270a8c3","ssdeep":"12288:b/PieE69kbgh40LMuqHKQn6e8kSCvcFazia7Rbbck:s69mghUD4etS/Fudck","tlshash":"06052ad870527ae47772f8f684973018a33d9479d84c4a2eb1a4d4f42bf084ae276db7","first_seen":"2025-11-13T16:13:50.046413Z","last_seen":"2026-03-02T18:44:22.765319Z","times_seen":46497,"resource_available":true,"data":null}},"time_used":30,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":15,"receive":15,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.google.com/recaptcha/api.js?hl=en\u0026render=6LcUoOQUAAAAANHj_juVSgLjxCWAABmUxJr-DhCw","fqdn":"www.google.com","domain":"google.com","tld":"com"},"ip":{"addr":"142.250.178.36","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://goo.by/","date":"2025-11-16T21:49:35.795Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.google.com","organization":""},"issuer":{"commonName":"WE2","organization":"Google Trust Services"},"validity":{"start":"Mon, 27 Oct 2025 08:35:51 GMT","end":"Mon, 19 Jan 2026 08:35:50 GMT"},"fingerprint":{"sha1":"21:0F:94:6B:44:9F:BB:AA:A3:6F:0D:C4:85:0B:B0:A0:AA:DB:67:72","sha256":"CD:3A:F0:3B:B3:27:BA:BE:E9:D1:21:F1:A4:FB:D8:3F:09:26:AB:58:5C:18:95:13:99:12:2A:8F:9C:0B:F1:C0"}}},"request":{"raw":"GET /recaptcha/api.js?hl=en\u0026render=6LcUoOQUAAAAANHj_juVSgLjxCWAABmUxJr-DhCw HTTP/1.1\r\nHost: www.google.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://goo.by/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: text/javascript; charset=utf-8\r\nexpires: Sun, 16 Nov 2025 21:49:35 GMT\r\ndate: Sun, 16 Nov 2025 21:49:35 GMT\r\ncache-control: private, max-age=300\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy-report-only: same-origin; report-to=\"coop_38fac9d5b82543fc4729580d18ff2d3d\"\r\nreport-to: {\"group\":\"coop_38fac9d5b82543fc4729580d18ff2d3d\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/38fac9d5b82543fc4729580d18ff2d3d\"}]}\r\ncontent-encoding: gzip\r\nserver: ESF\r\nx-xss-protection: 0\r\nx-frame-options: SAMEORIGIN\r\nx-content-type-options: nosniff\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":1051,"size_decoded":0,"mime_type":"text/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (1051), with no line terminators","md5":"64bfc4ace2d4c12e9cb86aab8eff8518","sha1":"c6fe77a47bc436dd0a76d658ddad2cad237991f7","sha256":"fce6a458716b0b160490ac161884bcdf4088fbf1c37f6deec32bd73bcd893fc8","sha512":"ecd8da77ca53549b604b37c8555e69ecf0ef59386c1f84c0175f83b445b9e9a22c381d3bfa806cc05cef3e75f96a67ff75b64bd096391f041537f4237c77527c","ssdeep":"","tlshash":"ea1135770909f0390b720de1e2ffcbb1e591741cf15846e8a515d6c41e69dc7ce05985","first_seen":"2025-11-16T13:40:37.055104Z","last_seen":"2025-11-16T21:50:03.566005Z","times_seen":2,"resource_available":true,"data":null}},"time_used":183,"timings":{"blocked":61,"dns":0,"connect":15,"send":0,"wait":38,"receive":0,"ssl":67},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.google.com/recaptcha/api2/clr?k=6LcUoOQUAAAAANHj_juVSgLjxCWAABmUxJr-DhCw","fqdn":"www.google.com","domain":"google.com","tld":"com"},"ip":{"addr":"142.250.178.36","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://goo.by/","date":"2025-11-16T21:49:38.359Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.google.com","organization":""},"issuer":{"commonName":"WE2","organization":"Google Trust Services"},"validity":{"start":"Mon, 27 Oct 2025 08:33:51 GMT","end":"Mon, 19 Jan 2026 08:33:50 GMT"},"fingerprint":{"sha1":"99:FF:FA:35:E4:FB:4B:28:B0:D5:C1:D4:AD:3F:43:AA:85:22:87:8B","sha256":"30:D1:CE:98:2F:EB:E2:4A:53:22:1C:BF:BB:4E:BC:2C:CA:E1:CE:CF:B7:9D:20:26:F9:55:2A:6B:ED:AD:DA:83"}}},"request":{"raw":"POST /recaptcha/api2/clr?k=6LcUoOQUAAAAANHj_juVSgLjxCWAABmUxJr-DhCw HTTP/1.1\r\nHost: www.google.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://goo.by/\r\nContent-Length: 1621\r\nOrigin: https://goo.by\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST"},"response":{"raw":"HTTP/3 200 OK\r\ncontent-type: application/binary\r\ncross-origin-opener-policy-report-only: same-origin; report-to=\"coop_38fac9d5b82543fc4729580d18ff2d3d\"\r\ncross-origin-resource-policy: cross-origin\r\nreport-to: {\"group\":\"coop_38fac9d5b82543fc4729580d18ff2d3d\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/38fac9d5b82543fc4729580d18ff2d3d\"}]}\r\ndate: Sun, 16 Nov 2025 21:49:38 GMT\r\nserver: ESF\r\ncontent-length: 0\r\nx-xss-protection: 0\r\nx-frame-options: SAMEORIGIN\r\nx-content-type-options: nosniff\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"application/binary","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-03T19:31:03.603551Z","times_seen":13300818,"resource_available":true,"data":null}},"time_used":48,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":48,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn.jsdelivr.net/npm/shareon@2/dist/shareon.min.css","fqdn":"cdn.jsdelivr.net","domain":"jsdelivr.net","tld":"net"},"ip":{"addr":"151.101.193.229","port":443,"asn":54113,"as":"FASTLY","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://goo.by/","date":"2025-11-16T21:49:35.799Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"jsdelivr.net","organization":""},"issuer":{"commonName":"GlobalSign Atlas R3 DV TLS CA 2025 Q2","organization":"GlobalSign nv-sa"},"validity":{"start":"Mon, 02 Jun 2025 15:43:52 GMT","end":"Sat, 04 Jul 2026 15:43:51 GMT"},"fingerprint":{"sha1":"21:17:81:78:41:C6:8F:86:D6:CF:8D:98:CC:74:A8:F1:03:F8:C9:D4","sha256":"D0:E6:8D:08:11:05:7E:0C:2A:0D:C7:E0:ED:AE:9E:18:C8:74:32:12:3D:56:43:98:62:CD:A2:08:6F:64:5B:B0"}}},"request":{"raw":"GET /npm/shareon@2/dist/shareon.min.css HTTP/1.1\r\nHost: cdn.jsdelivr.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://goo.by/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccess-control-allow-origin: *\r\naccess-control-expose-headers: *\r\ntiming-allow-origin: *\r\ncache-control: public, max-age=604800, s-maxage=43200\r\ncross-origin-resource-policy: cross-origin\r\nx-content-type-options: nosniff\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\ncontent-type: text/css; charset=utf-8\r\nx-jsd-version: 2.7.0\r\nx-jsd-version-type: version\r\netag: W/\"5207-9P9Bf+7F4tajjo9oGa7QwytibOA\"\r\ncontent-encoding: br\r\naccept-ranges: bytes\r\ndate: Sun, 16 Nov 2025 21:49:35 GMT\r\nage: 21286\r\nx-served-by: cache-fra-etou8220063-FRA, cache-hel1410033-HEL\r\nx-cache: HIT, HIT\r\nvary: Accept-Encoding\r\nalt-svc: h3=\":443\";ma=86400,h3-29=\":443\";ma=86400,h3-27=\":443\";ma=86400\r\ncontent-length: 7565\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":20999,"size_decoded":0,"mime_type":"text/css; charset=utf-8","magic":"ASCII text, with very long lines (20998)","md5":"fa388f459784b57c6e0236a81a93d6d9","sha1":"f4ff417feec5e2d6a38e8f6819aed0c32b626ce0","sha256":"6723bbb55942efbc2a174c3817af942d77e3b0679c16a12b1074ec0817a5b35b","sha512":"574a7964f3d54719b53086e397cb8af95f7a9b503b625ac9fc83acd2320e66e22a125d90d610482eaacc81151a056ef02bccbf764a4891c04bb2f1de037bdc63","ssdeep":"384:0kx3sPWh71VAqBQEJx7XSYmJayw55/qZqr7u9N:0AyWdXtxLSYmJHwS7N","tlshash":"a59295d56758828ca44bdd3bbf3768a4532f24f4bb5242a082bfdb3890825ddfa17c14","first_seen":"2025-07-04T12:32:18.751409Z","last_seen":"2026-03-14T22:51:17.158034Z","times_seen":50,"resource_available":false,"data":null}},"time_used":156,"timings":{"blocked":58,"dns":40,"connect":16,"send":0,"wait":14,"receive":1,"ssl":25},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"goo.by/static/frontend/js/owl.carousel.min.js?v=1.2","fqdn":"goo.by","domain":"goo.by","tld":"by"},"ip":{"addr":"104.21.86.233","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://goo.by/","date":"2025-11-16T21:49:35.804Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"goo.by","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 25 Oct 2025 19:58:21 GMT","end":"Fri, 23 Jan 2026 20:56:04 GMT"},"fingerprint":{"sha1":"06:92:EF:DC:D6:D7:B4:BA:BB:5B:3F:D3:DF:5A:F4:F6:C4:9C:1C:AA","sha256":"C0:D7:42:3C:D0:BF:0B:7E:EF:B9:0B:A2:D0:C3:92:B3:B0:74:A5:C3:15:8A:86:BC:79:3A:0E:D4:62:11:18:7C"}}},"request":{"raw":"GET /static/frontend/js/owl.carousel.min.js?v=1.2 HTTP/1.1\r\nHost: goo.by\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://goo.by/\r\nCookie: PHPSESSID=dercll27hd6oqg7cjpeojcl4s2\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Sun, 16 Nov 2025 21:49:35 GMT\r\ncontent-type: application/javascript; charset=utf-8\r\nvary: accept-encoding\r\nlast-modified: Wed, 13 Jan 2021 21:00:00 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: br\r\ncf-cache-status: REVALIDATED\r\netag: W/\"5fff5f50-ad3c\"\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=c1EkptEMVNOOG%2BA6vFuNX726COqG6mqKncHBdbcA0mJICW718J0ueGdL9YAByTD0N5FCSJk0T3lURwY6IOP7HTlga3c%3D\"}]}\r\npriority: u=3,i=?0\r\ncf-ray: 99fa32faaafbb4f7-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":44348,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (31997), with CRLF line terminators","md5":"47c357c05cb99cedbac2874840319818","sha1":"d8b05365de4b760618328fdeef7672e8374978e4","sha256":"4e0781bdd2cbb5db04da3b5e059eeca34e325fabb893bee7457b5babf5b7c029","sha512":"960b76113c78220acc1c87e437c6698fbf1066b8cf7b15a6d4d33f31ab69d8e16bd9823c07ce1897db4d0bdfe08b39e5c7085b79a7a8ef80760e87d9aa789e2e","ssdeep":"768:RCI7dmuMFAAJG4dlQKNORpnXGAtep2lcwJeL+wr2RSNc7UuHjRUQuFBt33:AITMFC4dbMVRSNcgRDV","tlshash":"39137346b3202d2a869b61a0663f160bb23a241ce414547d7d79e6de6d7dc8c213ffbc","first_seen":"2023-03-07T01:06:30Z","last_seen":"2026-04-03T16:27:05.163528Z","times_seen":9280,"resource_available":true,"data":null}},"time_used":216,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":211,"receive":5,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-11-16","alert":"Sinkholed","trigger":"goo.by","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"goo.by/static/frontend/libs/cookieconsent/cookieconsent.css","fqdn":"goo.by","domain":"goo.by","tld":"by"},"ip":{"addr":"104.21.86.233","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://goo.by/","date":"2025-11-16T21:49:35.787Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"goo.by","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 25 Oct 2025 19:58:21 GMT","end":"Fri, 23 Jan 2026 20:56:04 GMT"},"fingerprint":{"sha1":"06:92:EF:DC:D6:D7:B4:BA:BB:5B:3F:D3:DF:5A:F4:F6:C4:9C:1C:AA","sha256":"C0:D7:42:3C:D0:BF:0B:7E:EF:B9:0B:A2:D0:C3:92:B3:B0:74:A5:C3:15:8A:86:BC:79:3A:0E:D4:62:11:18:7C"}}},"request":{"raw":"GET /static/frontend/libs/cookieconsent/cookieconsent.css HTTP/1.1\r\nHost: goo.by\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://goo.by/\r\nCookie: PHPSESSID=dercll27hd6oqg7cjpeojcl4s2\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Sun, 16 Nov 2025 21:49:35 GMT\r\ncontent-type: text/css\r\nvary: accept-encoding\r\nlast-modified: Sun, 11 Dec 2022 21:00:00 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: br\r\ncf-cache-status: REVALIDATED\r\netag: W/\"639644d0-4973\"\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=GJ5C1i6cDIoZbtpQyKBWCSCRB19GO%2F9HagOUeNsiXuU7uhOf%2FuQPZzi4fv%2BRkQFAzTW%2Ff06FRKMWUyQJONCmLYIhn2U%3D\"}]}\r\npriority: u=2,i=?0\r\ncf-ray: 99fa32fa8aecb4f7-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":18803,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (18803), with no line terminators","md5":"a8d96b4620e71d5cdd85ea03a1ee2cc6","sha1":"825f712b1913ed2fcb95dc35ad8e5651598da8f3","sha256":"4e5a1815609e1b500701e8a9c63a4ee98c47794025a0de9bbc7b8a3fdc4419e6","sha512":"8203a6c1ddc5b05308bfb4da28e919c0f0c5209cf2abbeadfc96731cd21a2a001863e24c562261ad637f85ce6c3301a6b2310220286a6071cfad67278d4de437","ssdeep":"384:x82otQcOb2aa274KcEayQFjEfVjETezVcMlcFHlybn9:x82otQcObNa274KcElQ5E2TezPqybn9","tlshash":"f182c86cd750d1dd62abc4229ef09bad323c6129dcd24deef350fe604287add08a956c","first_seen":"2023-04-11T14:13:16Z","last_seen":"2026-04-01T05:09:32.294506Z","times_seen":339,"resource_available":false,"data":null}},"time_used":225,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":222,"receive":3,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-11-16","alert":"Sinkholed","trigger":"goo.by","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"goo.by/static/frontend/css/owl.carousel.min.css","fqdn":"goo.by","domain":"goo.by","tld":"by"},"ip":{"addr":"104.21.86.233","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://goo.by/","date":"2025-11-16T21:49:35.789Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"goo.by","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 25 Oct 2025 19:58:21 GMT","end":"Fri, 23 Jan 2026 20:56:04 GMT"},"fingerprint":{"sha1":"06:92:EF:DC:D6:D7:B4:BA:BB:5B:3F:D3:DF:5A:F4:F6:C4:9C:1C:AA","sha256":"C0:D7:42:3C:D0:BF:0B:7E:EF:B9:0B:A2:D0:C3:92:B3:B0:74:A5:C3:15:8A:86:BC:79:3A:0E:D4:62:11:18:7C"}}},"request":{"raw":"GET /static/frontend/css/owl.carousel.min.css HTTP/1.1\r\nHost: goo.by\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://goo.by/\r\nCookie: PHPSESSID=dercll27hd6oqg7cjpeojcl4s2\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Sun, 16 Nov 2025 21:49:35 GMT\r\ncontent-type: text/css\r\nvary: accept-encoding\r\nlast-modified: Wed, 13 Jan 2021 21:00:00 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: br\r\ncf-cache-status: REVALIDATED\r\netag: W/\"5fff5f50-d17\"\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=GzTCu3m8YIRZKMb6%2F1yQ3%2FWTeb2Cj4z0t2fbawhjZQmhTsyAdZdtqKt7V30AOVNfCw95MrbYhozGmLuoHem2ZLrBYiw%3D\"}]}\r\npriority: u=2,i=?0\r\ncf-ray: 99fa32fa8aeeb4f7-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":3351,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (3184)","md5":"b2752a850d44f50036628eeaef3bfcfa","sha1":"fba46353cf90450ef3d362a123f1e7af3e8c561e","sha256":"521410e1fc44780061e09adc980275fb5ea277fd5d9e538454214ec4379ff4bc","sha512":"b52dd2e6a1b40658674113b2257bcd8de10ce14a4c5c7ad07d31a66d0d602a67a50b195210151ac614418ff1054f3a5b3f84554aba448a46e6749a1b0af844de","ssdeep":"","tlshash":"9161bbe5314a225f480f83121dd81e86393dcc52d8660a5a92bbd71447dae6d213ffcf","first_seen":"2023-04-05T13:49:19Z","last_seen":"2026-04-03T19:27:00.664087Z","times_seen":30250,"resource_available":false,"data":null}},"time_used":219,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":219,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-11-16","alert":"Sinkholed","trigger":"goo.by","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"goo.by/static/frontend/js/js.js?v=1.28","fqdn":"goo.by","domain":"goo.by","tld":"by"},"ip":{"addr":"104.21.86.233","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://goo.by/","date":"2025-11-16T21:49:35.806Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"goo.by","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 25 Oct 2025 19:58:21 GMT","end":"Fri, 23 Jan 2026 20:56:04 GMT"},"fingerprint":{"sha1":"06:92:EF:DC:D6:D7:B4:BA:BB:5B:3F:D3:DF:5A:F4:F6:C4:9C:1C:AA","sha256":"C0:D7:42:3C:D0:BF:0B:7E:EF:B9:0B:A2:D0:C3:92:B3:B0:74:A5:C3:15:8A:86:BC:79:3A:0E:D4:62:11:18:7C"}}},"request":{"raw":"GET /static/frontend/js/js.js?v=1.28 HTTP/1.1\r\nHost: goo.by\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://goo.by/\r\nCookie: PHPSESSID=dercll27hd6oqg7cjpeojcl4s2\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Sun, 16 Nov 2025 21:49:35 GMT\r\ncontent-type: application/javascript; charset=utf-8\r\nvary: accept-encoding\r\nlast-modified: Fri, 25 Aug 2023 21:00:00 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: br\r\ncf-cache-status: REVALIDATED\r\netag: W/\"64e91650-18a8\"\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=vhSiwFrH9sOqcaJGg8e8QSB%2F23qbQq%2F3kWcb9sFjsSHWTnbRgzAH7xC18tpD36GRHcWmvpv2EIM0w%2FlDhdIGGFjoS7k%3D\"}]}\r\npriority: u=3,i=?0\r\ncf-ray: 99fa32faaafdb4f7-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":6312,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with CRLF line terminators","md5":"493c81d6c5d679f6f54d5d507d553fec","sha1":"3cc4b51a74ae8d66a7eb284dd09f321a1f2a9e0b","sha256":"d510cb40ffada566ae7fda67def3d56a20e024ec8b6b6ceeb2b4d9f3df6f5be3","sha512":"72fd8819c8e50ac545cd8746df9380f7b1c250a3ff2ffb066a4168243a8b0cda0b9929655a3b3574c754f5c6d161d5e9685d6caf757b6c16181a0ff16fed3444","ssdeep":"96:2m3lWw/vWoQv/hOUMbcQzyouvIX3ZoKPizi2zXwF2UcwIAjaa:2mR/lQRdM1zzuvq37Y3FwIyx","tlshash":"85d196d0f7ae9adf4bf720115036d901fe6dd826d6016828f2be15b05bec908273a74e","first_seen":"2023-09-22T23:32:21Z","last_seen":"2025-11-16T21:50:03.573039Z","times_seen":22,"resource_available":true,"data":null}},"time_used":211,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":210,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-11-16","alert":"Sinkholed","trigger":"goo.by","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"fonts.gstatic.com/s/roboto/v49/KFOMCnqEu92Fr1ME7kSn66aGLdTylUAMQXC89YmC2DPNWubEbVmUiAo.woff2","fqdn":"fonts.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"216.58.207.227","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://goo.by/","date":"2025-11-16T21:49:36.122Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 27 Oct 2025 08:34:57 GMT","end":"Mon, 19 Jan 2026 08:34:56 GMT"},"fingerprint":{"sha1":"A9:72:6E:D8:AB:26:CE:26:35:A4:39:55:24:08:04:0F:24:56:E8:8C","sha256":"65:84:7B:FE:24:02:CE:3E:DB:6E:1C:6B:B8:FC:99:F5:A5:65:83:F1:66:75:ED:20:20:63:06:ED:27:8A:82:FE"}}},"request":{"raw":"GET /s/roboto/v49/KFOMCnqEu92Fr1ME7kSn66aGLdTylUAMQXC89YmC2DPNWubEbVmUiAo.woff2 HTTP/1.1\r\nHost: fonts.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nOrigin: https://goo.by\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://fonts.googleapis.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"apps-themes\"\r\nreport-to: {\"group\":\"apps-themes\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/apps-themes\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 20612\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Wed, 12 Nov 2025 23:41:40 GMT\r\nexpires: Thu, 12 Nov 2026 23:41:40 GMT\r\ncache-control: public, max-age=31536000\r\nlast-modified: Mon, 08 Sep 2025 18:08:15 GMT\r\ncontent-type: font/woff2\r\nage: 338876\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":20612,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 20612, version 1.0","md5":"b07da7aa3e4f363c5cdbc11312239e8c","sha1":"47bf5b2f24ea4a4caafccc89b9d2a6677ef9e3b8","sha256":"e44c11f4834bdd4d6b6da7b8ee5eaebc8acb41250cd6bce5cc82ea8262140eaa","sha512":"420729406b315d8af34b62b78f39e763f5cf33cbf94467457b393fde0573dd7ffc6a23f25680988f9b82a4a3b719876ff76f3e1db047ce82615f544fc3a82532","ssdeep":"384:k5Eu+yl5Y9RpwjjmD/8Qu+POP9w+oB7rezldH9W4EMs8qCr9WvS80M8T4PTEXPFw:YEu+/Jw3FF+WP9DC/ez79jcCrb8BK4Eq","tlshash":"8192df6bce71497ac711262c773917addb8b44f627f91f2ba0562411c7b8e015c2cc7a","first_seen":"2025-01-09T06:25:34.419113Z","last_seen":"2026-04-03T17:49:35.94302Z","times_seen":45602,"resource_available":false,"data":null}},"time_used":149,"timings":{"blocked":69,"dns":1,"connect":7,"send":0,"wait":8,"receive":3,"ssl":58},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"goo.by/static/frontend/libs/fontawesome/all.min.css","fqdn":"goo.by","domain":"goo.by","tld":"by"},"ip":{"addr":"104.21.86.233","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://goo.by/","date":"2025-11-16T21:49:35.784Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"goo.by","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 25 Oct 2025 19:58:21 GMT","end":"Fri, 23 Jan 2026 20:56:04 GMT"},"fingerprint":{"sha1":"06:92:EF:DC:D6:D7:B4:BA:BB:5B:3F:D3:DF:5A:F4:F6:C4:9C:1C:AA","sha256":"C0:D7:42:3C:D0:BF:0B:7E:EF:B9:0B:A2:D0:C3:92:B3:B0:74:A5:C3:15:8A:86:BC:79:3A:0E:D4:62:11:18:7C"}}},"request":{"raw":"GET /static/frontend/libs/fontawesome/all.min.css HTTP/1.1\r\nHost: goo.by\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://goo.by/\r\nCookie: PHPSESSID=dercll27hd6oqg7cjpeojcl4s2\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Sun, 16 Nov 2025 21:49:35 GMT\r\ncontent-type: text/css\r\nvary: accept-encoding\r\nlast-modified: Tue, 15 Aug 2023 21:00:00 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: br\r\ncf-cache-status: REVALIDATED\r\netag: W/\"64dbe750-18efb\"\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=Ogzh5OngEpUB%2FM7vaVTAlsx6CS4MpgC6fyPJ4ysPTS16MtULSwiQJW357N8LTW3F55MBFktyztlYHHjRb%2Bf1LNV60nY%3D\"}]}\r\npriority: u=2,i=?0\r\ncf-ray: 99fa32fa8aeab4f7-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":102139,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (52276)","md5":"9a99091cf45671ab2ee178fc3896a494","sha1":"043f09bf20c5478aaca2abb5b3f4b034a20cca6a","sha256":"58fdbb37ecb0c8a4d514714e322edef085c1f9d71e703b3925b054437f446166","sha512":"f4ae9466b74826e80214b3c3c7c080fb0f837705f5d5810c401f5c751eb63f93b07eeae66dc51f0fa87940c0967785789e0e842cf1cf6096fa40599609e5c469","ssdeep":"1536:0wMCMPMCMjMCM4MCMwMCM3sVMX709gbPMfjSFOTyPGuMprrlCd:M709gMGFiyPGuMprlCd","tlshash":"93a3a7f9e44c05d97732c44bab95b37c65b6f738d5810ca9f02f580c1ad26a822c6f7a","first_seen":"2023-08-25T13:34:51Z","last_seen":"2026-03-31T22:54:14.568773Z","times_seen":483,"resource_available":false,"data":null}},"time_used":239,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":226,"receive":13,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-11-16","alert":"Sinkholed","trigger":"goo.by","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"goo.by/content/blog/taxgpt.png","fqdn":"goo.by","domain":"goo.by","tld":"by"},"ip":{"addr":"104.21.86.233","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://goo.by/","date":"2025-11-16T21:49:35.797Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"goo.by","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 25 Oct 2025 19:58:21 GMT","end":"Fri, 23 Jan 2026 20:56:04 GMT"},"fingerprint":{"sha1":"06:92:EF:DC:D6:D7:B4:BA:BB:5B:3F:D3:DF:5A:F4:F6:C4:9C:1C:AA","sha256":"C0:D7:42:3C:D0:BF:0B:7E:EF:B9:0B:A2:D0:C3:92:B3:B0:74:A5:C3:15:8A:86:BC:79:3A:0E:D4:62:11:18:7C"}}},"request":{"raw":"GET /content/blog/taxgpt.png HTTP/1.1\r\nHost: goo.by\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://goo.by/\r\nCookie: PHPSESSID=dercll27hd6oqg7cjpeojcl4s2\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Sun, 16 Nov 2025 21:49:35 GMT\r\ncontent-type: image/png\r\ncontent-length: 4796\r\nlast-modified: Tue, 23 Sep 2025 20:27:23 GMT\r\netag: \"68d302ab-12bc\"\r\nstrict-transport-security: max-age=31536000\r\naccept-ranges: bytes\r\ncf-cache-status: REVALIDATED\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=WXMPL1lfUX0LqRvJjav6sgoFEtwgFj5qkMVjxd0nTuuniZzL9U6DmxQT2w1A3p7yQn6gUjBr1RzMXumUPDz8DMZMH2Y%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i=?0\r\nvary: accept-encoding\r\ncf-ray: 99fa32fa9af4b4f7-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":4796,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 1024 x 1024, 4-bit colormap, non-interlaced","md5":"311f41ace1c6956ba556b75531234aee","sha1":"b2be35eea5edc061ff5fe0f573dbed339e3219db","sha256":"7418bef7091efd8f65d43acb8bc6ec5715a5a8b0abdddb35c18a485abd094825","sha512":"0940dc91a581a97a7ba0701ebcebe5f366ad6432ebbef4a303dd1abc8236bbdd53435a931571c22ad75dcde26970b046e3eae3b1449c0188ece0e057f09c2c90","ssdeep":"96:GqsJi9h8BEuqNzZRcxZ9dIwTRLLJVg/qSFbTLotwzoZcG:5OBilRvwTNJVLm/Zgd","tlshash":"9ca18e980e18493fc2993cfc50af8c0832ebf5f6651ec6698015ba411eb94cd2140cbe","first_seen":"2025-10-22T21:35:22.620569Z","last_seen":"2025-11-16T21:50:03.576659Z","times_seen":4,"resource_available":false,"data":null}},"time_used":213,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":210,"receive":3,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-11-16","alert":"Sinkholed","trigger":"goo.by","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.gstatic.com/recaptcha/releases/TkacYOdEJbdB_JjX802TMer9/recaptcha__en.js","fqdn":"www.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"142.250.178.35","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://goo.by/","date":"2025-11-16T21:49:36.378Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WE2","organization":"Google Trust Services"},"validity":{"start":"Mon, 27 Oct 2025 08:35:04 GMT","end":"Mon, 19 Jan 2026 08:35:03 GMT"},"fingerprint":{"sha1":"4A:97:40:A8:11:17:BA:08:56:28:6E:0B:93:8B:64:13:1D:67:D4:2A","sha256":"A2:0A:13:FD:98:22:74:26:3F:C1:44:5C:92:27:22:17:A8:65:07:40:50:F9:14:02:11:E4:87:7F:C5:D2:F1:42"}}},"request":{"raw":"GET /recaptcha/releases/TkacYOdEJbdB_JjX802TMer9/recaptcha__en.js HTTP/1.1\r\nHost: www.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://goo.by\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://goo.by/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\ncontent-encoding: gzip\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha-scs\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin-allow-popups; report-to=\"recaptcha-scs\"\r\nreport-to: {\"group\":\"recaptcha-scs\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/recaptcha-scs\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 355016\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Tue, 11 Nov 2025 01:11:23 GMT\r\nexpires: Wed, 11 Nov 2026 01:11:23 GMT\r\ncache-control: public, max-age=31536000\r\nlast-modified: Mon, 10 Nov 2025 14:52:55 GMT\r\ncontent-type: text/javascript\r\nvary: Accept-Encoding\r\nage: 506293\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":831957,"size_decoded":0,"mime_type":"text/javascript","magic":"JavaScript source, ASCII text, with very long lines (553)","md5":"2506e0d302c7bbd6654b091f44fdda03","sha1":"cddd2822fd20c3a5eaadae592bbe2c1f6d42e430","sha256":"ccdd2d231d4fc51186c484d940d8d7eff0e0ab787067fc8aa6a10f014deffa7e","sha512":"4c5dc8474d796a78832e9607760ad5389576ec4663bf02fd19217902de38fc06423d5bde421b68deed1842ee62d9ccd0eb521aa1fa1626c0f4160a456270a8c3","ssdeep":"12288:b/PieE69kbgh40LMuqHKQn6e8kSCvcFazia7Rbbck:s69mghUD4etS/Fudck","tlshash":"06052ad870527ae47772f8f684973018a33d9479d84c4a2eb1a4d4f42bf084ae276db7","first_seen":"2025-11-13T16:13:50.046413Z","last_seen":"2026-03-02T18:44:22.765319Z","times_seen":46497,"resource_available":true,"data":null}},"time_used":383,"timings":{"blocked":110,"dns":1,"connect":28,"send":0,"wait":29,"receive":133,"ssl":79},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2","fqdn":"fonts.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"216.58.207.227","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://www.google.com/recaptcha/api2/anchor?ar=1\u0026k=6LcUoOQUAAAAANHj_juVSgLjxCWAABmUxJr-DhCw\u0026co=aHR0cHM6Ly9nb28uYnk6NDQz\u0026hl=en\u0026v=TkacYOdEJbdB_JjX802TMer9\u0026size=invisible\u0026anchor-ms=20000\u0026execute-ms=15000\u0026cb=rinefjzddqmd","date":"2025-11-16T21:49:37.272Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 27 Oct 2025 08:34:57 GMT","end":"Mon, 19 Jan 2026 08:34:56 GMT"},"fingerprint":{"sha1":"A9:72:6E:D8:AB:26:CE:26:35:A4:39:55:24:08:04:0F:24:56:E8:8C","sha256":"65:84:7B:FE:24:02:CE:3E:DB:6E:1C:6B:B8:FC:99:F5:A5:65:83:F1:66:75:ED:20:20:63:06:ED:27:8A:82:FE"}}},"request":{"raw":"GET /s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1\r\nHost: fonts.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nOrigin: https://www.google.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.google.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"apps-themes\"\r\nreport-to: {\"group\":\"apps-themes\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/apps-themes\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 15344\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Wed, 12 Nov 2025 17:55:22 GMT\r\nexpires: Thu, 12 Nov 2026 17:55:22 GMT\r\ncache-control: public, max-age=31536000\r\nlast-modified: Mon, 16 Oct 2017 17:32:55 GMT\r\ncontent-type: font/woff2\r\nage: 359655\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":15344,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 15344, version 1.0","md5":"5d4aeb4e5f5ef754e307d7ffaef688bd","sha1":"06db651cdf354c64a7383ea9c77024ef4fb4cef8","sha256":"3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc","sha512":"7eb7c301df79d35a6a521fae9d3dccc0a695d3480b4d34c7d262dd0c67abec8437ed40e2920625e98aaeafba1d908dec69c3b07494ec7c29307de49e91c2ef48","ssdeep":"384:ctE5KIuhGO+DSdXwye6i9Xm81v4vMHCbppV0pr3Ll9/w:cqrVO++tw/9CICFbQLlxw","tlshash":"5162e16aef76dc7e4f1af1361c01b45404462290ba6155eff00d6e1d4eed1aff461392","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-03T19:19:39.140135Z","times_seen":535995,"resource_available":true,"data":null}},"time_used":22,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":22,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.google.com/recaptcha/api2/webworker.js?hl=en\u0026v=TkacYOdEJbdB_JjX802TMer9","fqdn":"www.google.com","domain":"google.com","tld":"com"},"ip":{"addr":"142.250.178.36","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://www.google.com/recaptcha/api2/anchor?ar=1\u0026k=6LcUoOQUAAAAANHj_juVSgLjxCWAABmUxJr-DhCw\u0026co=aHR0cHM6Ly9nb28uYnk6NDQz\u0026hl=en\u0026v=TkacYOdEJbdB_JjX802TMer9\u0026size=invisible\u0026anchor-ms=20000\u0026execute-ms=15000\u0026cb=rinefjzddqmd","date":"2025-11-16T21:49:37.289Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.google.com","organization":""},"issuer":{"commonName":"WE2","organization":"Google Trust Services"},"validity":{"start":"Mon, 27 Oct 2025 08:33:51 GMT","end":"Mon, 19 Jan 2026 08:33:50 GMT"},"fingerprint":{"sha1":"99:FF:FA:35:E4:FB:4B:28:B0:D5:C1:D4:AD:3F:43:AA:85:22:87:8B","sha256":"30:D1:CE:98:2F:EB:E2:4A:53:22:1C:BF:BB:4E:BC:2C:CA:E1:CE:CF:B7:9D:20:26:F9:55:2A:6B:ED:AD:DA:83"}}},"request":{"raw":"GET /recaptcha/api2/webworker.js?hl=en\u0026v=TkacYOdEJbdB_JjX802TMer9 HTTP/1.1\r\nHost: www.google.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.google.com/recaptcha/api2/anchor?ar=1\u0026k=6LcUoOQUAAAAANHj_juVSgLjxCWAABmUxJr-DhCw\u0026co=aHR0cHM6Ly9nb28uYnk6NDQz\u0026hl=en\u0026v=TkacYOdEJbdB_JjX802TMer9\u0026size=invisible\u0026anchor-ms=20000\u0026execute-ms=15000\u0026cb=rinefjzddqmd\r\nSec-Fetch-Dest: worker\r\nSec-Fetch-Mode: same-origin\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ncontent-type: text/javascript; charset=utf-8\r\ncross-origin-embedder-policy: require-corp\r\nreport-to: {\"group\":\"recaptcha\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/recaptcha\"}]}, {\"group\":\"coop_38fac9d5b82543fc4729580d18ff2d3d\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/38fac9d5b82543fc4729580d18ff2d3d\"}]}\r\nexpires: Sun, 16 Nov 2025 21:49:37 GMT\r\ndate: Sun, 16 Nov 2025 21:49:37 GMT\r\ncache-control: private, max-age=300\r\ncross-origin-resource-policy: same-site\r\ncross-origin-opener-policy-report-only: same-origin; report-to=\"coop_38fac9d5b82543fc4729580d18ff2d3d\"\r\ncontent-encoding: gzip\r\nserver: ESF\r\nx-xss-protection: 0\r\nx-frame-options: SAMEORIGIN\r\nx-content-type-options: nosniff\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":102,"size_decoded":0,"mime_type":"text/javascript; charset=utf-8","magic":"ASCII text, with no line terminators","md5":"4e8c5e231c8c4b52a9f1110707827d3f","sha1":"58e2f59c8426047a2671a46fae39f739035a8032","sha256":"4b12d6a235970b2239057a7cae12f85606fc432c6ad4ae32d13fdc27ffee0891","sha512":"064d9f12c63084d2e179e0f0dfe9cfd184af33cf937b3a89e0969ec32f3cca35540c29c3d9b714004d8e95bd394ebc1f9ff1986792a9ee84397fc9930523067f","ssdeep":"","tlshash":"68b012330510d46c0d1082c2d63bd3acf0114234db6082f041b90fd883649e39800400","first_seen":"2025-11-13T21:19:52.258197Z","last_seen":"2026-02-22T14:16:54.065986Z","times_seen":38461,"resource_available":false,"data":null}},"time_used":45,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":45,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"goo.by/goo.svg","fqdn":"goo.by","domain":"goo.by","tld":"by"},"ip":{"addr":"104.21.86.233","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://goo.by/","date":"2025-11-16T21:49:35.793Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"goo.by","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 25 Oct 2025 19:58:21 GMT","end":"Fri, 23 Jan 2026 20:56:04 GMT"},"fingerprint":{"sha1":"06:92:EF:DC:D6:D7:B4:BA:BB:5B:3F:D3:DF:5A:F4:F6:C4:9C:1C:AA","sha256":"C0:D7:42:3C:D0:BF:0B:7E:EF:B9:0B:A2:D0:C3:92:B3:B0:74:A5:C3:15:8A:86:BC:79:3A:0E:D4:62:11:18:7C"}}},"request":{"raw":"GET /goo.svg HTTP/1.1\r\nHost: goo.by\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://goo.by/\r\nCookie: PHPSESSID=dercll27hd6oqg7cjpeojcl4s2\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Sun, 16 Nov 2025 21:49:35 GMT\r\ncontent-type: image/svg+xml\r\nvary: accept-encoding\r\nlast-modified: Tue, 14 May 2024 12:29:33 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: br\r\ncf-cache-status: REVALIDATED\r\netag: W/\"6643592d-66e\"\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=lmNW1PIvZMaPfMhCcZ1%2FS0H7Fo3rzjut9LHnF5pmXDVBrSNh9W%2B7fg5yvRwwNGxXY0chD%2FU%2BFbUVDHDFZ%2FVJGbRmNVE%3D\"}]}\r\npriority: u=4,i=?0\r\ncf-ray: 99fa32fa9af1b4f7-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":1646,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"f576a97ac5cf94dc00c23138ce3166b1","sha1":"172b295d8010d843c2b94e65629212b5e3bb68fe","sha256":"f7b23e4412f3690f758857ef9f4b8d9c3814e4de9b17ed034de9a6120ba7af57","sha512":"a85d004ce231d85d02c7eef32b8518c7ec16169e75f60a0b4a45b9d8a8d69befedb4557c442f74f53fb0796127fe70ebacb56295de56695382c4b49001bd01af","ssdeep":"","tlshash":"b531dab1ad2863bc9a8303f4cb7851f2371f78ac77468389692d5631b8118edc683858","first_seen":"2024-10-13T23:35:33.539545Z","last_seen":"2025-11-16T21:50:03.579981Z","times_seen":11,"resource_available":false,"data":null}},"time_used":211,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":211,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-11-16","alert":"Sinkholed","trigger":"goo.by","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.gstatic.com/recaptcha/api2/logo_48.png","fqdn":"www.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"142.250.178.35","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.google.com/recaptcha/api2/anchor?ar=1\u0026k=6LcUoOQUAAAAANHj_juVSgLjxCWAABmUxJr-DhCw\u0026co=aHR0cHM6Ly9nb28uYnk6NDQz\u0026hl=en\u0026v=TkacYOdEJbdB_JjX802TMer9\u0026size=invisible\u0026anchor-ms=20000\u0026execute-ms=15000\u0026cb=rinefjzddqmd","date":"2025-11-16T21:49:37.338Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WE2","organization":"Google Trust Services"},"validity":{"start":"Mon, 27 Oct 2025 08:35:04 GMT","end":"Mon, 19 Jan 2026 08:35:03 GMT"},"fingerprint":{"sha1":"4A:97:40:A8:11:17:BA:08:56:28:6E:0B:93:8B:64:13:1D:67:D4:2A","sha256":"A2:0A:13:FD:98:22:74:26:3F:C1:44:5C:92:27:22:17:A8:65:07:40:50:F9:14:02:11:E4:87:7F:C5:D2:F1:42"}}},"request":{"raw":"GET /recaptcha/api2/logo_48.png HTTP/1.1\r\nHost: www.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.gstatic.com/recaptcha/releases/TkacYOdEJbdB_JjX802TMer9/styles__ltr.css\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\naccept-ranges: bytes\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha-scs\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin-allow-popups; report-to=\"recaptcha-scs\"\r\nreport-to: {\"group\":\"recaptcha-scs\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/recaptcha-scs\"}]}\r\ncontent-length: 2228\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Mon, 10 Nov 2025 08:03:23 GMT\r\nexpires: Mon, 17 Nov 2025 08:03:23 GMT\r\ncache-control: public, max-age=604800\r\nage: 567974\r\nlast-modified: Tue, 03 Mar 2020 20:15:00 GMT\r\ncontent-type: image/png\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":2228,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 48 x 48, 8-bit/color RGBA, non-interlaced","md5":"ef9941290c50cd3866e2ba6b793f010d","sha1":"4736508c795667dcea21f8d864233031223b7832","sha256":"1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a","sha512":"a0c69c70117c5713caf8b12f3b6e8bbb9cdaf72768e5db9db5831a3c37541b87613c6b020dd2f9b8760064a8c7337f175e7234bfe776eee5e3588dc5662419d9","ssdeep":"","tlshash":"c34149bb68287f1be14b501d319001e4b5bb891327c8f24180bf974e4662eaad10f118","first_seen":"2023-04-05T07:17:57Z","last_seen":"2026-04-03T19:30:38.828618Z","times_seen":540387,"resource_available":false,"data":null}},"time_used":15,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":15,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.google.com/recaptcha/api2/clr?k=6LcUoOQUAAAAANHj_juVSgLjxCWAABmUxJr-DhCw","fqdn":"www.google.com","domain":"google.com","tld":"com"},"ip":{"addr":"142.250.178.36","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://goo.by/","date":"2025-11-16T21:49:38.307Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.google.com","organization":""},"issuer":{"commonName":"WE2","organization":"Google Trust Services"},"validity":{"start":"Mon, 27 Oct 2025 08:33:51 GMT","end":"Mon, 19 Jan 2026 08:33:50 GMT"},"fingerprint":{"sha1":"99:FF:FA:35:E4:FB:4B:28:B0:D5:C1:D4:AD:3F:43:AA:85:22:87:8B","sha256":"30:D1:CE:98:2F:EB:E2:4A:53:22:1C:BF:BB:4E:BC:2C:CA:E1:CE:CF:B7:9D:20:26:F9:55:2A:6B:ED:AD:DA:83"}}},"request":{"raw":"POST /recaptcha/api2/clr?k=6LcUoOQUAAAAANHj_juVSgLjxCWAABmUxJr-DhCw HTTP/1.1\r\nHost: www.google.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://goo.by/\r\nContent-Length: 1621\r\nOrigin: https://goo.by\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST"},"response":{"raw":"HTTP/3 200 OK\r\ncontent-type: application/binary\r\nreport-to: {\"group\":\"coop_38fac9d5b82543fc4729580d18ff2d3d\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/38fac9d5b82543fc4729580d18ff2d3d\"}]}\r\ncross-origin-opener-policy-report-only: same-origin; report-to=\"coop_38fac9d5b82543fc4729580d18ff2d3d\"\r\ncross-origin-resource-policy: cross-origin\r\ndate: Sun, 16 Nov 2025 21:49:38 GMT\r\nserver: ESF\r\ncontent-length: 0\r\nx-xss-protection: 0\r\nx-frame-options: SAMEORIGIN\r\nx-content-type-options: nosniff\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"application/binary","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-03T19:31:03.603551Z","times_seen":13300818,"resource_available":true,"data":null}},"time_used":48,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":47,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"goo.by/static/frontend/libs/clipboard/dist/clipboard.min.js","fqdn":"goo.by","domain":"goo.by","tld":"by"},"ip":{"addr":"104.21.86.233","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://goo.by/","date":"2025-11-16T21:49:35.802Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"goo.by","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 25 Oct 2025 19:58:21 GMT","end":"Fri, 23 Jan 2026 20:56:04 GMT"},"fingerprint":{"sha1":"06:92:EF:DC:D6:D7:B4:BA:BB:5B:3F:D3:DF:5A:F4:F6:C4:9C:1C:AA","sha256":"C0:D7:42:3C:D0:BF:0B:7E:EF:B9:0B:A2:D0:C3:92:B3:B0:74:A5:C3:15:8A:86:BC:79:3A:0E:D4:62:11:18:7C"}}},"request":{"raw":"GET /static/frontend/libs/clipboard/dist/clipboard.min.js HTTP/1.1\r\nHost: goo.by\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://goo.by/\r\nCookie: PHPSESSID=dercll27hd6oqg7cjpeojcl4s2\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Sun, 16 Nov 2025 21:49:35 GMT\r\ncontent-type: application/javascript; charset=utf-8\r\nvary: accept-encoding\r\nlast-modified: Thu, 24 Oct 1985 21:00:00 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: br\r\ncf-cache-status: REVALIDATED\r\netag: W/\"1dbeadd0-28d5\"\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=rJc%2F6XyDQppJCM%2BYj8qCKtH02yYT2OD9maQQC%2Fng0FtWvBRH07AdZVhDKvPqEteKXcnZfF2ZQP9VuZxwSUV2yNBzwL4%3D\"}]}\r\npriority: u=3,i=?0\r\ncf-ray: 99fa32fa9af8b4f7-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":10453,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (10359)","md5":"b42944934de0a9c5c18706911874c1b2","sha1":"77ba921a768a5e3da6a25e389cfed21d966aa131","sha256":"d60ac05828175a69d3ad94b4714f1292948082cdcfbceca74c1da11955e5de5d","sha512":"047bf9ab606354508a2884238839523b2fcb2cfc6a025dcae318b7d3c8722b21ca9a01f588695f39fa039cbc03fed9477ad8b271c77735a88a6d50a8df76b454","ssdeep":"192:kvR/hkAisAHf4Lys153p17zoWsBqwuLJLHg4LyTByIMOTorA:kvR/vhp3MWsBq9LJFgByVrA","tlshash":"2b22a759b380b5b156e770ad112f424bf372906960aac0d4b639d8f2bdb8ecd1467f38","first_seen":"2023-04-09T07:13:39Z","last_seen":"2026-04-03T13:45:39.521852Z","times_seen":2915,"resource_available":true,"data":null}},"time_used":218,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":216,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-11-16","alert":"Sinkholed","trigger":"goo.by","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"goo.by/static/server.min.js?v=1.2","fqdn":"goo.by","domain":"goo.by","tld":"by"},"ip":{"addr":"104.21.86.233","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://goo.by/","date":"2025-11-16T21:49:35.807Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"goo.by","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 25 Oct 2025 19:58:21 GMT","end":"Fri, 23 Jan 2026 20:56:04 GMT"},"fingerprint":{"sha1":"06:92:EF:DC:D6:D7:B4:BA:BB:5B:3F:D3:DF:5A:F4:F6:C4:9C:1C:AA","sha256":"C0:D7:42:3C:D0:BF:0B:7E:EF:B9:0B:A2:D0:C3:92:B3:B0:74:A5:C3:15:8A:86:BC:79:3A:0E:D4:62:11:18:7C"}}},"request":{"raw":"GET /static/server.min.js?v=1.2 HTTP/1.1\r\nHost: goo.by\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://goo.by/\r\nCookie: PHPSESSID=dercll27hd6oqg7cjpeojcl4s2\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Sun, 16 Nov 2025 21:49:35 GMT\r\ncontent-type: application/javascript; charset=utf-8\r\nvary: accept-encoding\r\nlast-modified: Sat, 27 Jan 2024 12:59:00 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: br\r\ncf-cache-status: REVALIDATED\r\netag: W/\"65b4fe14-19f0\"\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=rJIjJEDxSXX6gzRrtH4ryD16%2F9wo7oUut29gVZ3LxO9iexSZuNdCq6FnQHR%2FOxQkEOUS2wg1W6IK6nFiCkHW9tC0dkY%3D\"}]}\r\npriority: u=3,i=?0\r\ncf-ray: 99fa32faaaffb4f7-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":6640,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (6640), with no line terminators","md5":"75615ee1407a7b254fdf4e1611993374","sha1":"b0bc74b4b9c6fe3cbd94d136a240a8c98a174bf4","sha256":"99ed7bb31293008bb7c66efdec7c8ac4403d229e69d4631c68775ad4a75af674","sha512":"3749050f133e157b27863e8cf347ddba3f8901398d463097251ee6116fd72b59d0806945653e7289cdd5335e8948275a2da065c33d6f5cb7ad7bcda0deed38d5","ssdeep":"96:dOPy3PVXbc+GPyMwVJvccc0RCYwq8IjPj6jljeVwVJ0G2wVJsHJI2oqA:dOq3PVoJKMcvczjYgorWNoc0bc8JI2g","tlshash":"8dd1861db090c6de127774bb606b6a17f0b22c29da476000d25a18ba5fedec4643bf1e","first_seen":"2024-03-24T14:49:48Z","last_seen":"2025-12-07T16:27:14.231851Z","times_seen":59,"resource_available":true,"data":null}},"time_used":215,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":215,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-11-16","alert":"Sinkholed","trigger":"goo.by","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"goo.by/MqDngX","fqdn":"goo.by","domain":"goo.by","tld":"by"},"ip":{"addr":"104.21.86.233","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2025-11-16T21:49:35.287Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"goo.by","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 25 Oct 2025 19:58:21 GMT","end":"Fri, 23 Jan 2026 20:56:04 GMT"},"fingerprint":{"sha1":"06:92:EF:DC:D6:D7:B4:BA:BB:5B:3F:D3:DF:5A:F4:F6:C4:9C:1C:AA","sha256":"C0:D7:42:3C:D0:BF:0B:7E:EF:B9:0B:A2:D0:C3:92:B3:B0:74:A5:C3:15:8A:86:BC:79:3A:0E:D4:62:11:18:7C"}}},"request":{"raw":"GET /MqDngX HTTP/1.1\r\nHost: goo.by\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 301 Moved Permanently\r\ndate: Sun, 16 Nov 2025 21:49:35 GMT\r\ncontent-type: text/html; charset=UTF-8\r\nserver: cloudflare\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nexpires: Thu, 19 Nov 1981 08:52:00 GMT\r\ncache-control: no-store, no-cache, must-revalidate\r\npragma: no-cache\r\nlocation: /\r\nstrict-transport-security: max-age=31536000\r\ncf-cache-status: DYNAMIC\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=msPROUkeLu7%2F3OHBKyDYXTkFVBF%2B9tE0NdPgnSYALGzjciwFIfwW1VSSn3tnGXIPnrXBDL%2Fit1pn32FZwcXSGNy6ZE5rOQ%3D%3D\"}]}\r\nset-cookie: PHPSESSID=dercll27hd6oqg7cjpeojcl4s2; Path=/\r\ncf-ray: 99fa32f7cfa58deb-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"301","status_text":"Moved Permanently","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"PHP","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]}],"data":{"size":82880,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-03T19:31:03.603551Z","times_seen":13300818,"resource_available":true,"data":null}},"time_used":306,"timings":{"blocked":42,"dns":25,"connect":1,"send":0,"wait":222,"receive":0,"ssl":14},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-11-16","alert":"Sinkholed","trigger":"goo.by","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.googletagmanager.com/gtag/js?id=G-YM89WYEN8N","fqdn":"www.googletagmanager.com","domain":"googletagmanager.com","tld":"com"},"ip":{"addr":"142.250.178.40","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://goo.by/","date":"2025-11-16T21:49:35.801Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.google-analytics.com","organization":""},"issuer":{"commonName":"WE2","organization":"Google Trust Services"},"validity":{"start":"Mon, 27 Oct 2025 08:33:50 GMT","end":"Mon, 19 Jan 2026 08:33:49 GMT"},"fingerprint":{"sha1":"48:8A:E6:98:60:86:BA:71:57:34:7F:7F:AB:BA:86:86:8F:73:20:E2","sha256":"AF:F1:47:F8:37:C7:C4:95:30:91:49:71:1C:6F:0E:A8:5A:0D:92:0C:E2:D9:F4:A7:AF:27:C5:6B:39:0D:33:46"}}},"request":{"raw":"GET /gtag/js?id=G-YM89WYEN8N HTTP/1.1\r\nHost: www.googletagmanager.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://goo.by/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: application/javascript; charset=UTF-8\r\naccess-control-allow-origin: *\r\naccess-control-allow-credentials: true\r\naccess-control-allow-headers: Cache-Control\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\ndate: Sun, 16 Nov 2025 21:49:35 GMT\r\nexpires: Sun, 16 Nov 2025 21:49:35 GMT\r\ncache-control: private, max-age=900\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\ncross-origin-resource-policy: cross-origin\r\nserver: Google Tag Manager\r\ncontent-length: 144289\r\nx-xss-protection: 0\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":436124,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text, with very long lines (6031)","md5":"b873d2e72d29118fda72167920113906","sha1":"17ea1a242aa572e93307789cb105707ed24e0461","sha256":"4072bf7aa8fd3a61adc23400cf62f96bc76e38240e95a1fce4170328a175299d","sha512":"29048664d04d935ef8004c2a15f7f07720fe5284fed387d10d5b6f702292a9f2f101712c7409152fc9511981805c25ede483e05ca0145fcfc4f7c0c40313e56b","ssdeep":"6144:TJ9o7CyGOsjtxj31bC2sUOJdR+rVmIQZOCHZDTQ3kLsk:Fi7ZGOytV1bjsmQZOC9h","tlshash":"8b9418ce73d674265396f078502f018ba57b28a2b45cc896f1c9cde02e74a9a4277f7c","first_seen":"2025-11-16T21:50:03.584914Z","last_seen":"2025-11-16T21:50:03.584914Z","times_seen":1,"resource_available":true,"data":null}},"time_used":398,"timings":{"blocked":124,"dns":1,"connect":27,"send":0,"wait":50,"receive":76,"ssl":118},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"goo.by/favicon-16x16.png","fqdn":"goo.by","domain":"goo.by","tld":"by"},"ip":{"addr":"104.21.86.233","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://goo.by/","date":"2025-11-16T21:49:36.382Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"goo.by","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 25 Oct 2025 19:58:21 GMT","end":"Fri, 23 Jan 2026 20:56:04 GMT"},"fingerprint":{"sha1":"06:92:EF:DC:D6:D7:B4:BA:BB:5B:3F:D3:DF:5A:F4:F6:C4:9C:1C:AA","sha256":"C0:D7:42:3C:D0:BF:0B:7E:EF:B9:0B:A2:D0:C3:92:B3:B0:74:A5:C3:15:8A:86:BC:79:3A:0E:D4:62:11:18:7C"}}},"request":{"raw":"GET /favicon-16x16.png HTTP/1.1\r\nHost: goo.by\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://goo.by/\r\nCookie: PHPSESSID=dercll27hd6oqg7cjpeojcl4s2\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Sun, 16 Nov 2025 21:49:36 GMT\r\ncontent-type: image/png\r\ncontent-length: 713\r\nlast-modified: Fri, 10 May 2024 10:20:12 GMT\r\netag: \"663df4dc-2c9\"\r\nstrict-transport-security: max-age=31536000\r\naccept-ranges: bytes\r\ncf-cache-status: REVALIDATED\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=H2ui0skHv1Jr7O93%2Ft42PY0w33WBhI1Fh%2BhoIIrwNOaSgU3Mfl89G4P8802r1LbsfLjeelFv9O9yEV%2FlvZWtFpiADw8%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=6,i=?0\r\nvary: accept-encoding\r\ncf-ray: 99fa32fe6b3db4f7-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":713,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced","md5":"59e012ef0df235bf1a876079cd641c97","sha1":"37f4524729f5b690066e39e8e888a268219da871","sha256":"f5b01aaa09cb06edff6bfc68fbfb78e52e950bd8c464c8eecc4650ed02adb89e","sha512":"5cfc36ae79ee5927e029818f3fb82673b673b644b1700ac5a38b067796c3fcacf8e8c840c0fed9b387caca9a171d4907ce3a76f4d597a2c22bcf29765195109a","ssdeep":"","tlshash":"f40165c53236b73dc932c1a989837423e8477f6ab4b1aa4d6fd60cf5396df0448e2582","first_seen":"2024-05-30T05:41:42Z","last_seen":"2025-11-16T21:50:03.587488Z","times_seen":34,"resource_available":false,"data":null}},"time_used":210,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":210,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-11-16","alert":"Sinkholed","trigger":"goo.by","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"goo.by/static/frontend/js/readmore.min.js?v=1.2","fqdn":"goo.by","domain":"goo.by","tld":"by"},"ip":{"addr":"104.21.86.233","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://goo.by/","date":"2025-11-16T21:49:35.805Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"goo.by","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 25 Oct 2025 19:58:21 GMT","end":"Fri, 23 Jan 2026 20:56:04 GMT"},"fingerprint":{"sha1":"06:92:EF:DC:D6:D7:B4:BA:BB:5B:3F:D3:DF:5A:F4:F6:C4:9C:1C:AA","sha256":"C0:D7:42:3C:D0:BF:0B:7E:EF:B9:0B:A2:D0:C3:92:B3:B0:74:A5:C3:15:8A:86:BC:79:3A:0E:D4:62:11:18:7C"}}},"request":{"raw":"GET /static/frontend/js/readmore.min.js?v=1.2 HTTP/1.1\r\nHost: goo.by\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://goo.by/\r\nCookie: PHPSESSID=dercll27hd6oqg7cjpeojcl4s2\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Sun, 16 Nov 2025 21:49:35 GMT\r\ncontent-type: application/javascript; charset=utf-8\r\nvary: accept-encoding\r\nlast-modified: Fri, 25 Aug 2023 21:00:00 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: br\r\ncf-cache-status: REVALIDATED\r\netag: W/\"64e91650-1155\"\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=Sx1%2BqylHCa0mO5Fl%2F9xcBZqATKZzWvi2iqgYgu3Gnh2Bw8B3dnFsoGRfm3eUt%2FCBcnljA%2BEkEs169HrxCGjJevukiDE%3D\"}]}\r\npriority: u=3,i=?0\r\ncf-ray: 99fa32faaafcb4f7-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":4437,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (4190)","md5":"2611fe08e48dcf93c60998a5c536649b","sha1":"be9ba87c8b17ff4bd4f3881de214a1895fe28817","sha256":"ca0cfb44f264240f4632457fd572a22b91847de9d739d9048f6ca18bc2d18a95","sha512":"1f32bf28349a55f75e1fc0329e5a01f2e71e0c44ac7804aecb2fed394ff67ccde50c9950376f3dc99e94b01f69ec4151a469c3460e3da7750a19f13bba5af656","ssdeep":"96:OLnmMscfPO0o7mNJWzqWHCqHtq1q5WwjnG5qz:anY6PnoajWznHC+t4gWw7G52","tlshash":"1991636c7315ba02c6f321e2256f650ea13ba13a59510448b373cfed6eb888e305377e","first_seen":"2023-03-07T01:25:18Z","last_seen":"2026-04-02T07:09:19.312192Z","times_seen":1636,"resource_available":true,"data":null}},"time_used":215,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":215,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-11-16","alert":"Sinkholed","trigger":"goo.by","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"goo.by/","fqdn":"goo.by","domain":"goo.by","tld":"by"},"ip":{"addr":"104.21.86.233","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2025-11-16T21:49:35.554Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"goo.by","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 25 Oct 2025 19:58:21 GMT","end":"Fri, 23 Jan 2026 20:56:04 GMT"},"fingerprint":{"sha1":"06:92:EF:DC:D6:D7:B4:BA:BB:5B:3F:D3:DF:5A:F4:F6:C4:9C:1C:AA","sha256":"C0:D7:42:3C:D0:BF:0B:7E:EF:B9:0B:A2:D0:C3:92:B3:B0:74:A5:C3:15:8A:86:BC:79:3A:0E:D4:62:11:18:7C"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: goo.by\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: PHPSESSID=dercll27hd6oqg7cjpeojcl4s2\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 16 Nov 2025 21:49:35 GMT\r\ncontent-type: text/html; charset=UTF-8\r\nserver: cloudflare\r\nexpires: Thu, 19 Nov 1981 08:52:00 GMT\r\ncache-control: no-store, no-cache, must-revalidate\r\npragma: no-cache\r\nstrict-transport-security: max-age=31536000\r\ncf-cache-status: DYNAMIC\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=eVnmUDZgUybUCUnOQ4LqYb9lgmmggQPkGg95lShw2geHXx6ROVsnYvM08hDvsQm95uWKTehO%2Bxr%2FqQNyKSUWB0DeKlOBLA%3D%3D\"}]}\r\ncontent-encoding: br\r\ncf-ray: 99fa32f93bda8deb-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"jsDelivr","description":"JSDelivr is a free public CDN for open-source projects. It can serve web files directly from the npm registry and GitHub repositories without any configuration.","website":"https://www.jsdelivr.com/","common_platform_enumeration":"","icon":"jsdelivr-icon.svg","categories":["CDN"]},{"name":"jQuery","description":"jQuery is a JavaScript library which is a free, open-source software designed to simplify HTML DOM tree traversal and manipulation, as well as event handling, CSS animation, and Ajax.","website":"https://jquery.com","common_platform_enumeration":"cpe:2.3:a:jquery:jquery:*:*:*:*:*:*:*:*","icon":"jQuery.svg","categories":["JavaScript libraries"]},{"name":"Google Analytics","description":"Google Analytics is a free web analytics service that tracks and reports website traffic.","website":"https://google.com/analytics","common_platform_enumeration":"","icon":"Google Analytics.svg","categories":["Analytics"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"OWL Carousel","description":"OWL Carousel is an enabled jQuery plugin that lets you create responsive carousel sliders.","website":"https://owlcarousel2.github.io/OwlCarousel2/","common_platform_enumeration":"","icon":"OWL Carousel.png","categories":["JavaScript libraries"]},{"name":"reCAPTCHA","description":"reCAPTCHA is a free service from Google that helps protect websites from spam and abuse.","website":"https://www.google.com/recaptcha/","common_platform_enumeration":"","icon":"reCAPTCHA.svg","categories":["Security"]},{"name":"Google AdSense","description":"Google AdSense is a program run by Google through which website publishers serve advertisements that are targeted to the site content and audience.","website":"https://www.google.com/adsense/start/","common_platform_enumeration":"","icon":"Google AdSense.svg","categories":["Advertising"]},{"name":"Typed.js","description":"Typed.js is a library that types. It is designed to create typewriter-style animations with ease.","website":"https://mattboldt.com/demos/typed-js/","common_platform_enumeration":"","icon":"","categories":["JavaScript libraries"]},{"name":"Clipboard.js","description":"","website":"https://clipboardjs.com/","common_platform_enumeration":"","icon":"Clipboard.js.svg","categories":["JavaScript libraries"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":82880,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (17722), with CRLF, LF line terminators","md5":"bc5efa05b9492fbccf87a778ef9b5602","sha1":"51a0a5570b38b19c1ba08cd90c510a8994125f83","sha256":"11cb01ae44ef2e426bbf6597a0d538f795c6d6cc48d0b58bbcc005ba522fc9e0","sha512":"7beaa7c44877ac17099538f524dcce2e54c17059114fe86011ec207b4633627a195192e040882e4702d6934bee39bf5589ceb1df44eb31de620a7c50375deb4e","ssdeep":"1536:0W82otQcOpeXeyjLsqR+XVZSsc9uhUbMTac36/UwxixnAm:0W82otQcOpeH2VZSx9nc36R8r","tlshash":"fc83c837a19010352273c0a1b5102f6ffa118607c65b4ea5f6ac87ad6fd3da74ab7389","first_seen":"2025-11-16T21:50:03.60404Z","last_seen":"2025-11-16T21:50:03.60404Z","times_seen":1,"resource_available":false,"data":null}},"time_used":71,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":71,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-11-16","alert":"Sinkholed","trigger":"goo.by","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"goo.by/static/frontend/css/reset.css?v37","fqdn":"goo.by","domain":"goo.by","tld":"by"},"ip":{"addr":"104.21.86.233","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://goo.by/","date":"2025-11-16T21:49:35.788Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"goo.by","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 25 Oct 2025 19:58:21 GMT","end":"Fri, 23 Jan 2026 20:56:04 GMT"},"fingerprint":{"sha1":"06:92:EF:DC:D6:D7:B4:BA:BB:5B:3F:D3:DF:5A:F4:F6:C4:9C:1C:AA","sha256":"C0:D7:42:3C:D0:BF:0B:7E:EF:B9:0B:A2:D0:C3:92:B3:B0:74:A5:C3:15:8A:86:BC:79:3A:0E:D4:62:11:18:7C"}}},"request":{"raw":"GET /static/frontend/css/reset.css?v37 HTTP/1.1\r\nHost: goo.by\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://goo.by/\r\nCookie: PHPSESSID=dercll27hd6oqg7cjpeojcl4s2\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Sun, 16 Nov 2025 21:49:35 GMT\r\ncontent-type: text/css\r\nvary: accept-encoding\r\nlast-modified: Mon, 21 Aug 2023 21:00:00 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: br\r\ncf-cache-status: REVALIDATED\r\netag: W/\"64e3d050-a2ac5\"\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=O76ZMMgHT39wHliOnARJ3p6Wf9J%2FT0wDMsWycGcfrPM0nydBLb9lSv3E%2F3%2FmYb5StInXdRlewU0IICO9CUn373DwmeY%3D\"}]}\r\npriority: u=2,i=?0\r\ncf-ray: 99fa32fa8aedb4f7-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":666309,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with CRLF line terminators","md5":"6862cb9de1311f14af79289157d2bc7a","sha1":"f1847d554db55d90f5bc1ee4999b2207e0f34db4","sha256":"329d55e1fed54ba1d161ff452dd2973f89dffb276a4b4c8627c972158d191a46","sha512":"746bfcd0455e8ca177a162d64bea441b977f02cfe2463a2527f0d01e4d3a04b75b36bd2a719fce81a0dfe4c99b81e9910ac4227e893a291f5722144cfe57c7c9","ssdeep":"3072:NnqL1peohgRrQgjrzHX7bGMm5/lE+gnDmsKi0L7oX/Y6/:NqveohgRrQgjr0/lXgnDmsKi0L7oPY6/","tlshash":"08e477dee94120171b778bac4bf35769ef6e0043ca054e7abbaf63508fb51945822e4c","first_seen":"2025-05-13T19:48:21.034576Z","last_seen":"2025-11-16T21:50:03.606692Z","times_seen":9,"resource_available":false,"data":null}},"time_used":237,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":214,"receive":23,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-11-16","alert":"Sinkholed","trigger":"goo.by","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.gstatic.com/recaptcha/releases/TkacYOdEJbdB_JjX802TMer9/recaptcha__en.js","fqdn":"www.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"142.250.178.35","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://www.google.com/recaptcha/api2/anchor?ar=1\u0026k=6LcUoOQUAAAAANHj_juVSgLjxCWAABmUxJr-DhCw\u0026co=aHR0cHM6Ly9nb28uYnk6NDQz\u0026hl=en\u0026v=TkacYOdEJbdB_JjX802TMer9\u0026size=invisible\u0026anchor-ms=20000\u0026execute-ms=15000\u0026cb=rinefjzddqmd","date":"2025-11-16T21:49:36.975Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WE2","organization":"Google Trust Services"},"validity":{"start":"Mon, 27 Oct 2025 08:35:04 GMT","end":"Mon, 19 Jan 2026 08:35:03 GMT"},"fingerprint":{"sha1":"4A:97:40:A8:11:17:BA:08:56:28:6E:0B:93:8B:64:13:1D:67:D4:2A","sha256":"A2:0A:13:FD:98:22:74:26:3F:C1:44:5C:92:27:22:17:A8:65:07:40:50:F9:14:02:11:E4:87:7F:C5:D2:F1:42"}}},"request":{"raw":"GET /recaptcha/releases/TkacYOdEJbdB_JjX802TMer9/recaptcha__en.js HTTP/1.1\r\nHost: www.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.google.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\naccept-ranges: bytes\r\ncontent-encoding: gzip\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha-scs\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin-allow-popups; report-to=\"recaptcha-scs\"\r\nreport-to: {\"group\":\"recaptcha-scs\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/recaptcha-scs\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 355016\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Tue, 11 Nov 2025 01:11:23 GMT\r\nexpires: Wed, 11 Nov 2026 01:11:23 GMT\r\ncache-control: public, max-age=31536000\r\nlast-modified: Mon, 10 Nov 2025 14:52:55 GMT\r\ncontent-type: text/javascript\r\nvary: Accept-Encoding\r\nage: 506293\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":831957,"size_decoded":0,"mime_type":"text/javascript","magic":"JavaScript source, ASCII text, with very long lines (553)","md5":"2506e0d302c7bbd6654b091f44fdda03","sha1":"cddd2822fd20c3a5eaadae592bbe2c1f6d42e430","sha256":"ccdd2d231d4fc51186c484d940d8d7eff0e0ab787067fc8aa6a10f014deffa7e","sha512":"4c5dc8474d796a78832e9607760ad5389576ec4663bf02fd19217902de38fc06423d5bde421b68deed1842ee62d9ccd0eb521aa1fa1626c0f4160a456270a8c3","ssdeep":"12288:b/PieE69kbgh40LMuqHKQn6e8kSCvcFazia7Rbbck:s69mghUD4etS/Fudck","tlshash":"06052ad870527ae47772f8f684973018a33d9479d84c4a2eb1a4d4f42bf084ae276db7","first_seen":"2025-11-13T16:13:50.046413Z","last_seen":"2026-03-02T18:44:22.765319Z","times_seen":46497,"resource_available":true,"data":null}},"time_used":75,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":19,"receive":56,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"goo.by/static/frontend/css/media-queries.css?v133","fqdn":"goo.by","domain":"goo.by","tld":"by"},"ip":{"addr":"104.21.86.233","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://goo.by/","date":"2025-11-16T21:49:35.791Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"goo.by","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 25 Oct 2025 19:58:21 GMT","end":"Fri, 23 Jan 2026 20:56:04 GMT"},"fingerprint":{"sha1":"06:92:EF:DC:D6:D7:B4:BA:BB:5B:3F:D3:DF:5A:F4:F6:C4:9C:1C:AA","sha256":"C0:D7:42:3C:D0:BF:0B:7E:EF:B9:0B:A2:D0:C3:92:B3:B0:74:A5:C3:15:8A:86:BC:79:3A:0E:D4:62:11:18:7C"}}},"request":{"raw":"GET /static/frontend/css/media-queries.css?v133 HTTP/1.1\r\nHost: goo.by\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://goo.by/\r\nCookie: PHPSESSID=dercll27hd6oqg7cjpeojcl4s2\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Sun, 16 Nov 2025 21:49:35 GMT\r\ncontent-type: text/css\r\nvary: accept-encoding\r\nlast-modified: Wed, 15 May 2024 17:55:37 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: br\r\ncf-cache-status: REVALIDATED\r\netag: W/\"6644f719-1724\"\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=i4H%2FkYwGtZ7RXlHbjXXgqec6UxdNf5kKMZ4ffraeOwQCRGJiSy9aEW%2FMhsoJnnPugE3ujUU9HdwQwdQs8%2FSfSP2Vx%2FU%3D\"}]}\r\npriority: u=2,i=?0\r\ncf-ray: 99fa32fa8af0b4f7-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":5924,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with CRLF line terminators","md5":"c1d2c0c265180833a9501c554c923789","sha1":"3fad166eff9c44c5af986cb07ae8e6e9b75465c1","sha256":"81300b7c116bc1cc8bc42d8fb5582a741b10d892438eb9f9c2103e6ea3d8a8a4","sha512":"d1e38fe00a3ac00cb54ebbbce9010d23bf457cdab7db79b501b9b07a93db956be659471c3701e24f7ebdcd31d189cacf3197fb320580841b35c6fdafc5e22266","ssdeep":"96:Dy0tIMr6XnXXgpvX1FZH30IpRfbqw4yFyOUtR4ofgBKj:Dy0KI6XnXXgpvXBH30Ip1bj4/OUtRRf/","tlshash":"e9c1ca2aea0221066837e778efa31a6eff570073c30150797eec66595fb90a58591fcc","first_seen":"2025-05-13T19:48:21.022306Z","last_seen":"2025-11-16T21:50:03.608013Z","times_seen":9,"resource_available":false,"data":null}},"time_used":217,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":217,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-11-16","alert":"Sinkholed","trigger":"goo.by","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"goo.by/static/frontend/fonts/ProductSansBold.woff2","fqdn":"goo.by","domain":"goo.by","tld":"by"},"ip":{"addr":"104.21.86.233","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://goo.by/","date":"2025-11-16T21:49:36.162Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"goo.by","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 25 Oct 2025 19:58:21 GMT","end":"Fri, 23 Jan 2026 20:56:04 GMT"},"fingerprint":{"sha1":"06:92:EF:DC:D6:D7:B4:BA:BB:5B:3F:D3:DF:5A:F4:F6:C4:9C:1C:AA","sha256":"C0:D7:42:3C:D0:BF:0B:7E:EF:B9:0B:A2:D0:C3:92:B3:B0:74:A5:C3:15:8A:86:BC:79:3A:0E:D4:62:11:18:7C"}}},"request":{"raw":"GET /static/frontend/fonts/ProductSansBold.woff2 HTTP/1.1\r\nHost: goo.by\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://goo.by/static/frontend/css/main-style.css?137\r\nCookie: PHPSESSID=dercll27hd6oqg7cjpeojcl4s2\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Sun, 16 Nov 2025 21:49:36 GMT\r\ncontent-type: font/woff2\r\ncontent-length: 20076\r\nlast-modified: Mon, 26 Jun 2023 21:00:00 GMT\r\netag: \"6499fc50-4e6c\"\r\nstrict-transport-security: max-age=31536000\r\naccept-ranges: bytes\r\ncf-cache-status: REVALIDATED\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=bbiDxrAZXttWoyVr%2BwMSvwPuka90qsw4uipXRRrfYmVZduplnxeHrPKsQ9JNCK8nlKUY1D454PurFvukwbvQaPVwPSo%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i=?0\r\nvary: accept-encoding\r\ncf-ray: 99fa32fd0b2cb4f7-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":20076,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 20076, version 1.0","md5":"13a47ee656cbc436ca8fa57bb9a8dd83","sha1":"19b89ca9746162164048c2ed3b6b40c6442766b2","sha256":"d0b7851b22885a5bdbdff394d13dd99be03f6f6909790db9f5f6025cde6dac4e","sha512":"b617d1865795b4a1143dae48ed82c8e9f02f920fc8efda1492201300025169ca98a70afd7ba91dc6462dcf5952344a91fc76f0c3087e85349ec02edad55c899b","ssdeep":"384:3mji1S47q8ZAo34Uev+p/mx1aJA3ueMLe/KdI6CUeNY6L0ox:3m+E4XZApUewmx1aO+eMLey66Cq6L0ox","tlshash":"bc92e1cadd740f87cf440db19a424f884f3ed4cda9b538b604f2237864a992d9d8e35a","first_seen":"2023-09-16T17:20:33Z","last_seen":"2025-11-16T21:50:03.60921Z","times_seen":65,"resource_available":false,"data":null}},"time_used":213,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":212,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-11-16","alert":"Sinkholed","trigger":"goo.by","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.google.com/recaptcha/api2/anchor?ar=1\u0026k=6LcUoOQUAAAAANHj_juVSgLjxCWAABmUxJr-DhCw\u0026co=aHR0cHM6Ly9nb28uYnk6NDQz\u0026hl=en\u0026v=TkacYOdEJbdB_JjX802TMer9\u0026size=invisible\u0026anchor-ms=20000\u0026execute-ms=15000\u0026cb=rinefjzddqmd","fqdn":"www.google.com","domain":"google.com","tld":"com"},"ip":{"addr":"142.250.178.36","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"subdocument","requested_by":"https://goo.by/","date":"2025-11-16T21:49:36.807Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.google.com","organization":""},"issuer":{"commonName":"WE2","organization":"Google Trust Services"},"validity":{"start":"Mon, 27 Oct 2025 08:33:51 GMT","end":"Mon, 19 Jan 2026 08:33:50 GMT"},"fingerprint":{"sha1":"99:FF:FA:35:E4:FB:4B:28:B0:D5:C1:D4:AD:3F:43:AA:85:22:87:8B","sha256":"30:D1:CE:98:2F:EB:E2:4A:53:22:1C:BF:BB:4E:BC:2C:CA:E1:CE:CF:B7:9D:20:26:F9:55:2A:6B:ED:AD:DA:83"}}},"request":{"raw":"GET /recaptcha/api2/anchor?ar=1\u0026k=6LcUoOQUAAAAANHj_juVSgLjxCWAABmUxJr-DhCw\u0026co=aHR0cHM6Ly9nb28uYnk6NDQz\u0026hl=en\u0026v=TkacYOdEJbdB_JjX802TMer9\u0026size=invisible\u0026anchor-ms=20000\u0026execute-ms=15000\u0026cb=rinefjzddqmd HTTP/1.1\r\nHost: www.google.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://goo.by/\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: iframe\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ncontent-type: text/html; charset=utf-8\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-embedder-policy: require-corp\r\nreport-to: {\"group\":\"recaptcha\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/recaptcha\"}]}, {\"group\":\"coop_38fac9d5b82543fc4729580d18ff2d3d\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/38fac9d5b82543fc4729580d18ff2d3d\"}]}\r\ncache-control: no-cache, no-store, max-age=0, must-revalidate\r\npragma: no-cache\r\nexpires: Mon, 01 Jan 1990 00:00:00 GMT\r\ndate: Sun, 16 Nov 2025 21:49:36 GMT\r\ncontent-security-policy: script-src 'nonce-KxkaR5rmnVvK5CtPWz1B0Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1\r\ncross-origin-opener-policy-report-only: same-origin; report-to=\"coop_38fac9d5b82543fc4729580d18ff2d3d\"\r\ncontent-encoding: gzip\r\nserver: ESF\r\nx-xss-protection: 0\r\nx-content-type-options: nosniff\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":79193,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"HTML document, ASCII text, with very long lines (56667)","md5":"d098250cbaf9c2b9ca1313426d6c6ad7","sha1":"edb254188417a6e77c4010ffec1b070ed0538b7a","sha256":"5cf526d77f58ca70fecd33b4b52a6cacc26eeb78a03cc50ff60b9d5082546538","sha512":"8e1c3ddb1ab86719e18e0e1cce630101f1a0a98e5b0052432f7e1650b2c73dc98b770dd4414beb33321b531d767b89c9fa54771a7fdcf58b616472c3249d7b65","ssdeep":"1536:d4pXSsufxeVWbblB6ISCKjVFx3p3LH82F/YxKjFGGMag9P:d4wXJBKJFP3rVFAxKwGMagp","tlshash":"e573bf1ad543348aefab4e905bda3baa217f74162083449e57ff04c54cbae67937834c","first_seen":"2025-11-16T21:50:03.610207Z","last_seen":"2025-11-16T21:50:03.610207Z","times_seen":1,"resource_available":false,"data":null}},"time_used":76,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":56,"receive":20,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.google.com/recaptcha/api2/clr?k=6LcUoOQUAAAAANHj_juVSgLjxCWAABmUxJr-DhCw","fqdn":"www.google.com","domain":"google.com","tld":"com"},"ip":{"addr":"142.250.178.36","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://goo.by/","date":"2025-11-16T21:49:38.462Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.google.com","organization":""},"issuer":{"commonName":"WE2","organization":"Google Trust Services"},"validity":{"start":"Mon, 27 Oct 2025 08:33:51 GMT","end":"Mon, 19 Jan 2026 08:33:50 GMT"},"fingerprint":{"sha1":"99:FF:FA:35:E4:FB:4B:28:B0:D5:C1:D4:AD:3F:43:AA:85:22:87:8B","sha256":"30:D1:CE:98:2F:EB:E2:4A:53:22:1C:BF:BB:4E:BC:2C:CA:E1:CE:CF:B7:9D:20:26:F9:55:2A:6B:ED:AD:DA:83"}}},"request":{"raw":"POST /recaptcha/api2/clr?k=6LcUoOQUAAAAANHj_juVSgLjxCWAABmUxJr-DhCw HTTP/1.1\r\nHost: www.google.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://goo.by/\r\nContent-Length: 1621\r\nOrigin: https://goo.by\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST"},"response":{"raw":"HTTP/3 200 OK\r\ncontent-type: application/binary\r\nreport-to: {\"group\":\"coop_38fac9d5b82543fc4729580d18ff2d3d\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/38fac9d5b82543fc4729580d18ff2d3d\"}]}\r\ncross-origin-opener-policy-report-only: same-origin; report-to=\"coop_38fac9d5b82543fc4729580d18ff2d3d\"\r\ncross-origin-resource-policy: cross-origin\r\ndate: Sun, 16 Nov 2025 21:49:38 GMT\r\nserver: ESF\r\ncontent-length: 0\r\nx-xss-protection: 0\r\nx-frame-options: SAMEORIGIN\r\nx-content-type-options: nosniff\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"application/binary","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-03T19:31:03.603551Z","times_seen":13300818,"resource_available":true,"data":null}},"time_used":47,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":47,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"goo.by/static/frontend/css/main-style.css?137","fqdn":"goo.by","domain":"goo.by","tld":"by"},"ip":{"addr":"104.21.86.233","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://goo.by/","date":"2025-11-16T21:49:35.790Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"goo.by","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 25 Oct 2025 19:58:21 GMT","end":"Fri, 23 Jan 2026 20:56:04 GMT"},"fingerprint":{"sha1":"06:92:EF:DC:D6:D7:B4:BA:BB:5B:3F:D3:DF:5A:F4:F6:C4:9C:1C:AA","sha256":"C0:D7:42:3C:D0:BF:0B:7E:EF:B9:0B:A2:D0:C3:92:B3:B0:74:A5:C3:15:8A:86:BC:79:3A:0E:D4:62:11:18:7C"}}},"request":{"raw":"GET /static/frontend/css/main-style.css?137 HTTP/1.1\r\nHost: goo.by\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://goo.by/\r\nCookie: PHPSESSID=dercll27hd6oqg7cjpeojcl4s2\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Sun, 16 Nov 2025 21:49:35 GMT\r\ncontent-type: text/css\r\nvary: accept-encoding\r\nlast-modified: Mon, 10 Jun 2024 08:47:31 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: br\r\ncf-cache-status: REVALIDATED\r\netag: W/\"6666bda3-4245\"\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=3uaNHCvzXM2W6SKmeAS3jt5lkp5OlUH5gJ9vhWmwaGzvi7Gi3LRBOMJJw%2Bi1JwmC0hIo1%2B%2BLZjcNTwNpLf4CP4igTew%3D\"}]}\r\npriority: u=2,i=?0\r\ncf-ray: 99fa32fa8aefb4f7-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":16965,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with CRLF line terminators","md5":"4baeb3addb868e2f8e0fed892914e2dd","sha1":"206881423b6dafb317678dd6802b629d84f0e348","sha256":"ca475022ae586bb89febed8a8cdd1a4cc9540e96141d8b7d0eb6fdafa79bd9bd","sha512":"f53fb387400166533eb50dc482e00f9d933b6e2e500fc262cf0cbf3e93047c975be6f1f3231eecc8050884076ebe46f056bf99d3e5b9d6b3d8cf66693a7167b9","ssdeep":"192:PhF28dK4PH33qBfbopbgdOjETLTmeEXqahrqGtC+TnFWbtkcYNOMIniCjuXYloVo:QGu1N","tlshash":"9a7201ac9602214272338eb87be71b16fa685113a701513d7bea27188ff917c9572fcd","first_seen":"2024-09-19T21:12:17.489925Z","last_seen":"2025-11-16T21:50:03.613284Z","times_seen":10,"resource_available":false,"data":null}},"time_used":218,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":217,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-11-16","alert":"Sinkholed","trigger":"goo.by","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}}]}