www.goo.su/s0Tp/
172.67.139.105301 Moved Permanently 187 B IP 172.67.139.105:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text
Hash a3ff447f49262fbe83ee1fea4302ee5e
2ed41905d0e02243822a695cf515f32c99b47844
f15d59be3d28bf3b10791fcfa6ea99423e1fc049f49104b68d8aad978b0d5fee
Analyzer Verdict Alert openphish Webmail Providers
fortinet Phishing
NIDS Severity Alert suricata medium ET POLICY HTTP Request to .su TLD (Soviet Union) Often Malware Related
GET /s0Tp/ HTTP/1.1
Host: www.goo.su
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Date: Sat, 28 Jan 2023 04:01:07 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://goo.su/s0Tp/
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7kJMxgCy938pTMkEnih4v7D266wGB77T%2B3nfPg%2FLE%2F3ZRObU1WYXToEq7ZSWt5le%2BkLoYyF7GWrhPjRldQwuwcNXFMbMwk2ppB3GFHWqAT1oWQAVCXHeJ5QnPkpy"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 7906d334483eb512-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 81dd5c5cc5b3278876cb44dcb520a60f
c0511a59e9eccdcdda98717b87c89c5d59974808
41736c303afdb3d31e48724b107dcb22883cae02f3562308eb52d9164001a2de
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "41736C303AFDB3D31E48724B107DCB22883CAE02F3562308EB52D9164001A2DE"
Last-Modified: Fri, 27 Jan 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13809
Expires: Sat, 28 Jan 2023 07:51:16 GMT
Date: Sat, 28 Jan 2023 04:01:07 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash a2104f935c638b4767ca5ae0d738ef23
85c6af15af749be0ceeae6de17c36925b750f166
5d4789a3696bd7faa9916768cb627bbc89bf70a756d80e53860cbac13c2bc8b1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "5D4789A3696BD7FAA9916768CB627BBC89BF70A756D80E53860CBAC13C2BC8B1"
Last-Modified: Fri, 27 Jan 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7387
Expires: Sat, 28 Jan 2023 06:04:14 GMT
Date: Sat, 28 Jan 2023 04:01:07 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash dcd75ca6daca51c5e39d431468511793
07f76d3bf23d65c9110d810fa71a994e39e085d3
73672a816da4450fe2c938b08d7ae002d9ca29fdcbd3e29cc97084d826f8b459
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Backoff, Content-Length, Alert, Retry-After
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Sat, 28 Jan 2023 03:43:03 GMT
content-type: application/json
age: 1084
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 03092d1a1bc7ac91ee342a1a7ab2a562
52db06ce1fd2c74ddd36b6a0a7aee1b5c891600a
03b8ff2629abac9fc30ebec059c2e2018fcbc41646ad5f71c965ff630fbf1ffd
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "03B8FF2629ABAC9FC30EBEC059C2E2018FCBC41646AD5F71C965FF630FBF1FFD"
Last-Modified: Fri, 27 Jan 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4811
Expires: Sat, 28 Jan 2023 05:21:18 GMT
Date: Sat, 28 Jan 2023 04:01:07 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 7b922915ebf1fa3639b333f994c74f24
144a3f80b98fd0652d4614f24cf6cbbee40f8938
adbb3e06df0e870f5c7a9cb81e8979d4e92735853d75c9b779c06470d4db5d9c
GET /chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: avAXxV3BpArHOi+A95oCmAVml9hsmN0Si2ZjeQjz6uq2oDudi5htrTjexv0GYt4QMByAiw8NwaE=
x-amz-request-id: KHHJ9FR2Y110KQT3
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sat, 28 Jan 2023 03:20:49 GMT
age: 2418
last-modified: Mon, 09 Jan 2023 18:04:21 GMT
etag: "7b922915ebf1fa3639b333f994c74f24"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 28 Jan 2023 04:01:07 GMT
content-type: application/json
content-length: 12
access-control-allow-credentials: true
access-control-expose-headers: content-type
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 471 B IP 216.58.211.3:0
Hash 7da8f9a23d8c05f64f248e4e3427c76e
e2d001c2909cd9403173cbb0e288d55fbc8e4d0a
db8790004124a0eeb0676860170ad9c37250b2ba697a27dee62c99b64c67b4b8
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 28 Jan 2023 04:01:07 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 471 B IP 216.58.211.3:0
Hash 7da8f9a23d8c05f64f248e4e3427c76e
e2d001c2909cd9403173cbb0e288d55fbc8e4d0a
db8790004124a0eeb0676860170ad9c37250b2ba697a27dee62c99b64c67b4b8
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 28 Jan 2023 04:01:07 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 925 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
Hash e8c9b85b38baaaa61d4527d6c7ca3606
f698a0b1a7643f80f384a1a700f45d30977d1bad
2486aed4ec9a1c225f7b9bf859094de25a8d2d6ade1b579321e87802dc766507
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Alert, Last-Modified, Pragma, ETag, Retry-After, Content-Type, Content-Length, Expires, Cache-Control, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Sat, 28 Jan 2023 03:49:03 GMT
age: 724
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 16a7b6a7128312e2f985d30df18c4487
6017bff79ffb525d9c7f9f32b999b74b5dc69602
663fd12209627f08e759c2ed1c76278a5da79dae1e0b46082dd1bb44775f7a16
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "663FD12209627F08E759C2ED1C76278A5DA79DAE1E0B46082DD1BB44775F7A16"
Last-Modified: Fri, 27 Jan 2023 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8334
Expires: Sat, 28 Jan 2023 06:20:02 GMT
Date: Sat, 28 Jan 2023 04:01:08 GMT
Connection: keep-alive
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 471 B IP 216.58.211.3:0
Hash 7da8f9a23d8c05f64f248e4e3427c76e
e2d001c2909cd9403173cbb0e288d55fbc8e4d0a
db8790004124a0eeb0676860170ad9c37250b2ba697a27dee62c99b64c67b4b8
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 28 Jan 2023 04:01:08 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 471 B IP 216.58.211.3:0
Hash cbe94bc7052911313fffd1cdad964a74
a96a6606f1d20baeeb4040c9ced3ba2f7bd1aada
430d90ac0a39038dbb5336cf29baf6786ac29491c5a8e4dcce04e93d9fceb5e1
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 28 Jan 2023 04:01:08 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 471 B IP 216.58.211.3:0
Hash cbe94bc7052911313fffd1cdad964a74
a96a6606f1d20baeeb4040c9ced3ba2f7bd1aada
430d90ac0a39038dbb5336cf29baf6786ac29491c5a8e4dcce04e93d9fceb5e1
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 28 Jan 2023 04:01:08 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
142.250.74.35200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
IP 142.250.74.35:0
File type Web Open Font Format (Version 2), TrueType, length 15744, version 1.0\012- data
Hash 15d9f621c3bd1599f0169dcf0bd5e63e
7ca9c5967f3bb8bffeab24b639b49c1e7d03fa52
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://goo.su
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15744
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 25 Jan 2023 19:33:54 GMT
expires: Thu, 25 Jan 2024 19:33:54 GMT
cache-control: public, max-age=31536000
age: 203234
last-modified: Wed, 11 May 2022 19:24:48 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
fonts.gstatic.com/s/opensans/v34/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4gaVI.woff2
142.250.74.35200 OK 17 kB URL HTTP/2 fonts.gstatic.com/s/opensans/v34/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4gaVI.woff2
IP 142.250.74.35:0
File type Web Open Font Format (Version 2), TrueType, length 16740, version 1.0\012- data
Hash e43b535855a4ae53bd5b07a6eeb3bf67
6507312d9491156036316484bf8dc41e8b52ddd9
b34551ae25916c460423b82beb8e0675b27f76a9a2908f18286260fbd6de6681
GET /s/opensans/v34/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4gaVI.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://goo.su
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 16740
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 23 Jan 2023 18:52:56 GMT
expires: Tue, 23 Jan 2024 18:52:56 GMT
cache-control: public, max-age=31536000
age: 378492
last-modified: Mon, 15 Aug 2022 18:14:44 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 471 B IP 216.58.211.3:0
Hash cbe94bc7052911313fffd1cdad964a74
a96a6606f1d20baeeb4040c9ced3ba2f7bd1aada
430d90ac0a39038dbb5336cf29baf6786ac29491c5a8e4dcce04e93d9fceb5e1
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 28 Jan 2023 04:01:08 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 240e215414ce4d6266d0dc7605a42a2c
b35605bd86cd175b9e1bd926fba8a113ad770f15
e7e7ba11018d536e96edd02a67b4d9b7ff756db96f28b5d783b3db80c7f3eb2a
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5726
Cache-Control: max-age=118013
Content-Type: application/ocsp-response
Date: Sat, 28 Jan 2023 04:01:08 GMT
Etag: "63d3b1a3-1d7"
Expires: Sun, 29 Jan 2023 12:48:01 GMT
Last-Modified: Fri, 27 Jan 2023 11:12:35 GMT
Server: ECS (ska/F70A)
X-Cache: HIT
Content-Length: 471
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash e7ebbff54ced2c07469b302fc6d44078
f59983c844c398bd37705051ca685b2d07d85726
04eb3bd7658c1112bfc1d0098e8d7f5fafdb10459e3290c0d4e6a17e65a5494f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 28 Jan 2023 04:01:08 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp2.globalsign.com/gsalphasha2g2
104.18.21.226200 OK 1.4 kB URL HTTP/1.1 ocsp2.globalsign.com/gsalphasha2g2
IP 104.18.21.226:0
Hash 4c1e2d97f0407b99e572cd271fc7f6e8
f2dc47e9845ff8c303353b9c6a2b61e85546d038
0a015a4dec8c930192ca162ac1294214e51f58f10770efc5456d42aae761311c
POST /gsalphasha2g2 HTTP/1.1
Host: ocsp2.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 28 Jan 2023 04:01:08 GMT
Content-Type: application/ocsp-response
Content-Length: 1423
Connection: keep-alive
Expires: Tue, 31 Jan 2023 23:41:42 GMT
ETag: "f2dc47e9845ff8c303353b9c6a2b61e85546d038"
Last-Modified: Fri, 27 Jan 2023 23:41:43 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 3323
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7906d33ae9dcb4ff-OSL
ocsp.globalsign.com/gseccovsslca2018
104.18.20.226200 OK 939 B URL HTTP/1.1 ocsp.globalsign.com/gseccovsslca2018
IP 104.18.20.226:0
Hash 40db287a0311707a304afea2ce6507dd
9f375a7e9ab3776ba77cff5b06d8b3f459b95d8b
edc5164c2c30137a35cf10803d2b23ce034929033f68e075e09954aa6a21d1a2
POST /gseccovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 28 Jan 2023 04:01:08 GMT
Content-Type: application/ocsp-response
Content-Length: 939
Connection: keep-alive
Expires: Wed, 01 Feb 2023 01:09:15 GMT
ETag: "9f375a7e9ab3776ba77cff5b06d8b3f459b95d8b"
Last-Modified: Sat, 28 Jan 2023 01:09:16 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 1971
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7906d33af84eb511-OSL
counter.yadro.ru/hit?t44.11;r;s1280*1024*24;uhttps%3A//goo.su/s0Tp/;hRedirecting...;0.03491752977950535
88.212.201.198200 OK 132 B URL HTTP/1.1 counter.yadro.ru/hit?t44.11;r;s1280*1024*24;uhttps%3A//goo.su/s0Tp/;hRedirecting...;0.03491752977950535
IP 88.212.201.198:0
ASN #39134 United Network LLC
File type GIF image data, version 87a, 31 x 31\012- data
Hash 099e70b2712eaea2a982b474b20a0a80
e3ce99d03d1ae5dc89050a8287f7c390374dd2cb
e10cd8d343f9c37e3500c69d92f7ac7e78b6c7df29a2ace8cffe71bfa494e8c9
GET /hit?t44.11;r;s1280*1024*24;uhttps%3A//goo.su/s0Tp/;hRedirecting...;0.03491752977950535 HTTP/1.1
Host: counter.yadro.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://goo.su/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.9
Date: Sat, 28 Jan 2023 04:01:08 GMT
Content-Type: image/gif
Content-Length: 132
Connection: keep-alive
Expires: Thu, 27 Jan 2022 21:00:00 GMT
Pragma: no-cache
Cache-control: no-cache
Access-Control-Allow-Origin: *
Strict-Transport-Security: max-age=86400
ocsp.globalsign.com/gseccovsslca2018
104.18.20.226200 OK 940 B URL HTTP/1.1 ocsp.globalsign.com/gseccovsslca2018
IP 104.18.20.226:0
Hash 2e0e0eeadc1a1967cbe2289fe8512681
e2d4096e2710e08aaa8039c1644dddb367d2f978
66645ae6914b2271e0d7fed797992fc2796d993a3645cc0b22b0282ec209bfda
POST /gseccovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 28 Jan 2023 04:01:08 GMT
Content-Type: application/ocsp-response
Content-Length: 940
Connection: keep-alive
Expires: Wed, 01 Feb 2023 00:11:45 GMT
ETag: "e2d4096e2710e08aaa8039c1644dddb367d2f978"
Last-Modified: Sat, 28 Jan 2023 00:11:46 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 1199
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7906d33b2866b511-OSL
pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-4358137683029217
142.250.74.162200 OK 50 kB URL HTTP/2 pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-4358137683029217
IP 142.250.74.162:0
File type ASCII text, with very long lines (4879)
Hash 2fb3d75beccacd02196b6378ac230d94
8c26479d3e891b1fee3cc383d542bb06c31f3b09
fc6a3151d0635ee7da8d1ac97693622a5714c14c1dc0f93ea6fc0890fb969679
GET /pagead/js/adsbygoogle.js?client=ca-pub-4358137683029217 HTTP/1.1
Host: pagead2.googlesyndication.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://goo.su
Connection: keep-alive
Referer: https://goo.su/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Sat, 28 Jan 2023 04:01:08 GMT
expires: Sat, 28 Jan 2023 04:01:08 GMT
cache-control: private, max-age=3600
content-type: text/javascript; charset=UTF-8
etag: 1436421490013391881
access-control-allow-origin: *
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 49809
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.globalsign.com/gsgccr3dvtlsca2020
104.18.20.226200 OK 1.4 kB URL HTTP/1.1 ocsp.globalsign.com/gsgccr3dvtlsca2020
IP 104.18.20.226:0
Hash 7a8f045859c78b40ca2945810fc73cd3
cc75c852fb151647f5db1090a96af9fa9e089e2e
b281765a48d602b1ae79f9cf18e37a95544a044a1e0889fceaaac23733a3b1fd
POST /gsgccr3dvtlsca2020 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 28 Jan 2023 04:01:08 GMT
Content-Type: application/ocsp-response
Content-Length: 1414
Connection: keep-alive
Expires: Wed, 01 Feb 2023 01:13:12 GMT
ETag: "cc75c852fb151647f5db1090a96af9fa9e089e2e"
Last-Modified: Sat, 28 Jan 2023 01:13:13 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 2618
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7906d33b68a6b511-OSL
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash e7ebbff54ced2c07469b302fc6d44078
f59983c844c398bd37705051ca685b2d07d85726
04eb3bd7658c1112bfc1d0098e8d7f5fafdb10459e3290c0d4e6a17e65a5494f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 28 Jan 2023 04:01:08 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
kraken.rambler.ru/userip
81.19.89.17200 OK 12 B IP 81.19.89.17:0
ASN #24638 Rambler Internet Holding LLC
File type ASCII text, with no line terminators
Hash 35b0bce9d250429df012c0426f88d0bd
f81d80af9cbeb0011316fbba3da8002b32251f7a
da9add592d7eb9cca7705cb4870d7fd4e9718ccd51486c4261a727a8d566960d
GET /userip HTTP/1.1
Host: kraken.rambler.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://goo.su
Connection: keep-alive
Referer: https://goo.su/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx/1.19.4
date: Sat, 28 Jan 2023 04:01:08 GMT
content-type: application/octet-stream
content-length: 12
access-control-allow-origin: https://goo.su
x-srv: 1kraken-prod0001.ad.rambler.tech
set-cookie: ruid=1CIAAASe1GN9cFgfAaSv5wB=; expires=Thu, 31-Dec-37 23:55:55 GMT; domain=.rambler.ru; path=/
proto_uid=1CIAAASe1GN9cFgfAaSv5wB=; expires=Thu, 31-Dec-37 23:55:55 GMT; domain=.rambler.ru; path=/
p3p: CP="NON DSP NID ADMa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
X-Firefox-Spdy: h2
top-fwz1.mail.ru/counter?js=13;id=3128781;u=https%3A//goo.su/s0Tp/;st=1674878468982;title=Redirecting...;s=1280*1024;vp=1140*836;touch=0;hds=1;frame=0;flash=;sid=1770153b9203e842;ver=60.3.0;tz=0%2FUTC;ni=;lvid=1674878469441%3A1674878469459%3A1%3A7afee55531ee0ce2d8299dbb8900b555;visible=true;_=0.43653628681395606
95.163.52.67302 Found 0 B URL HTTP/2 top-fwz1.mail.ru/counter?js=13;id=3128781;u=https%3A//goo.su/s0Tp/;st=1674878468982;title=Redirecting...;s=1280*1024;vp=1140*836;touch=0;hds=1;frame=0;flash=;sid=1770153b9203e842;ver=60.3.0;tz=0%2FUTC;ni=;lvid=1674878469441%3A1674878469459%3A1%3A7afee55531ee0ce2d8299dbb8900b555;visible=true;_=0.43653628681395606
IP 95.163.52.67:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /counter?js=13;id=3128781;u=https%3A//goo.su/s0Tp/;st=1674878468982;title=Redirecting...;s=1280*1024;vp=1140*836;touch=0;hds=1;frame=0;flash=;sid=1770153b9203e842;ver=60.3.0;tz=0%2FUTC;ni=;lvid=1674878469441%3A1674878469459%3A1%3A7afee55531ee0ce2d8299dbb8900b555;visible=true;_=0.43653628681395606 HTTP/1.1
Host: top-fwz1.mail.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://goo.su/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
server: nginx
date: Sat, 28 Jan 2023 04:01:08 GMT
content-length: 0
location: https://top-fwz1.mail.ru/counter2?js=13;id=3128781;u=https%3A//goo.su/s0Tp/;st=1674878468982;title=Redirecting...;s=1280*1024;vp=1140*836;touch=0;hds=1;frame=0;flash=;sid=1770153b9203e842;ver=60.3.0;tz=0%2FUTC;ni=;lvid=1674878469441%3A1674878469459%3A1%3A7afee55531ee0ce2d8299dbb8900b555;visible=true;_=0.43653628681395606
set-cookie: FTID=1RMYgQ0tkIIF:1674878468:3128781:::; path=/; expires=Mon, 29-Jan-24 04:01:08 GMT; domain=.mail.ru; HttpOnly; SameSite=None; Secure
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, HEAD, PUT, OPTIONS
access-control-allow-headers: *
amp-access-control-allow-source-origin: *
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
timing-allow-origin: *
x-content-type-options: nosniff
p3p: CP="NOI DSP COR NID CUR PSA OUR NOR"
cache-control: private, no-cache, no-store, max-age=0
pragma: no-cache
accept-ch: DPR, Width, Viewport-Width, Downlink, Device-Memory, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version
accept-ch-lifetime: 86400
X-Firefox-Spdy: h2
ocsp.globalsign.com/gseccovsslca2018
104.18.20.226200 OK 940 B URL HTTP/1.1 ocsp.globalsign.com/gseccovsslca2018
IP 104.18.20.226:0
Hash 299e7e8e1be02663d05aff38e26d6002
44c3702a4eee408b4e6d74a405dd8ee04d1fe405
a6ab0190e8676fa7a1769ef4b7ab9d1689f6b8009f9a498811ac1af110f31e5b
POST /gseccovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 28 Jan 2023 04:01:08 GMT
Content-Type: application/ocsp-response
Content-Length: 940
Connection: keep-alive
Expires: Wed, 01 Feb 2023 02:49:34 GMT
ETag: "44c3702a4eee408b4e6d74a405dd8ee04d1fe405"
Last-Modified: Sat, 28 Jan 2023 02:49:35 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 350
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7906d33ce998b511-OSL
ocsp.globalsign.com/gseccovsslca2018
104.18.20.226200 OK 940 B URL HTTP/1.1 ocsp.globalsign.com/gseccovsslca2018
IP 104.18.20.226:0
Hash 299e7e8e1be02663d05aff38e26d6002
44c3702a4eee408b4e6d74a405dd8ee04d1fe405
a6ab0190e8676fa7a1769ef4b7ab9d1689f6b8009f9a498811ac1af110f31e5b
POST /gseccovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 28 Jan 2023 04:01:08 GMT
Content-Type: application/ocsp-response
Content-Length: 940
Connection: keep-alive
Expires: Wed, 01 Feb 2023 02:49:34 GMT
ETag: "44c3702a4eee408b4e6d74a405dd8ee04d1fe405"
Last-Modified: Sat, 28 Jan 2023 02:49:35 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 350
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7906d33cfbfb1c12-OSL
ocsp.globalsign.com/gseccovsslca2018
104.18.20.226200 OK 940 B URL HTTP/1.1 ocsp.globalsign.com/gseccovsslca2018
IP 104.18.20.226:0
Hash 299e7e8e1be02663d05aff38e26d6002
44c3702a4eee408b4e6d74a405dd8ee04d1fe405
a6ab0190e8676fa7a1769ef4b7ab9d1689f6b8009f9a498811ac1af110f31e5b
POST /gseccovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 28 Jan 2023 04:01:08 GMT
Content-Type: application/ocsp-response
Content-Length: 940
Connection: keep-alive
Expires: Wed, 01 Feb 2023 02:49:34 GMT
ETag: "44c3702a4eee408b4e6d74a405dd8ee04d1fe405"
Last-Modified: Sat, 28 Jan 2023 02:49:35 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 350
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7906d33cf99eb511-OSL
ocsp.globalsign.com/gseccovsslca2018
104.18.20.226200 OK 940 B URL HTTP/1.1 ocsp.globalsign.com/gseccovsslca2018
IP 104.18.20.226:0
Hash 299e7e8e1be02663d05aff38e26d6002
44c3702a4eee408b4e6d74a405dd8ee04d1fe405
a6ab0190e8676fa7a1769ef4b7ab9d1689f6b8009f9a498811ac1af110f31e5b
POST /gseccovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 28 Jan 2023 04:01:08 GMT
Content-Type: application/ocsp-response
Content-Length: 940
Connection: keep-alive
Expires: Wed, 01 Feb 2023 02:49:34 GMT
ETag: "44c3702a4eee408b4e6d74a405dd8ee04d1fe405"
Last-Modified: Sat, 28 Jan 2023 02:49:35 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 350
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7906d33cf887fab8-OSL
yastatic.net/s3/home/fonts/ys/3/text-variable-full.woff2
178.154.131.217200 OK 26 kB URL HTTP/2 yastatic.net/s3/home/fonts/ys/3/text-variable-full.woff2
IP 178.154.131.217:0
File type Web Open Font Format (Version 2), TrueType, length 26004, version 1.0\012- data
Hash 7f0cdaf91230f9789ca4162aedff612e
965de571aa794dab64076c3cc64dc8894b843f23
033696b7f1ac04d1dcc102be84550e146236ceffc25a6cabc12aa51a6ee410b9
GET /s3/home/fonts/ys/3/text-variable-full.woff2 HTTP/1.1
Host: yastatic.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://goo.su
Connection: keep-alive
Referer: https://goo.su/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx/1.17.9
date: Sat, 28 Jan 2023 04:01:08 GMT
content-type: font/woff2
content-length: 26004
access-control-allow-origin: *
cache-control: public, max-age=31556952
etag: "7f0cdaf91230f9789ca4162aedff612e"
expires: Sun, 28 Jan 2024 09:47:15 GMT
last-modified: Mon, 25 Apr 2022 14:02:39 GMT
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
strict-transport-security: max-age=43200000; includeSubDomains;
timing-allow-origin: *
vary: Accept-Encoding
x-amz-meta-owner: {"role":"admin","login":"4eb0da"}
x-nginx-request-id: b916d95e8056edd6
accept-ranges: bytes
X-Firefox-Spdy: h2
yastatic.net/partner-code-bundles/712629/8bd966b1ebb9efe38c58.js
178.154.131.217200 OK 113 kB URL HTTP/2 yastatic.net/partner-code-bundles/712629/8bd966b1ebb9efe38c58.js
IP 178.154.131.217:0
File type ASCII text, with very long lines (65497)
Size 113 kB (113036 bytes)
Hash 0ad372efe8fc0d736134889277837d12
912f023a376b08c56f95a13c44b2ea4e68f8890c
ea8af00518d354acf9f4571a05d7d7e09d5bfd008c3886adbcc3135cdd5e3445
GET /partner-code-bundles/712629/8bd966b1ebb9efe38c58.js HTTP/1.1
Host: yastatic.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://goo.su
Connection: keep-alive
Referer: https://goo.su/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx/1.17.9
date: Sat, 28 Jan 2023 04:01:08 GMT
content-type: text/javascript; charset=utf-8
content-length: 113036
access-control-allow-origin: *
cache-control: public, max-age=946708560
content-encoding: br
etag: "0ad372efe8fc0d736134889277837d12"
expires: Mon, 27 Jan 2053 10:33:09 GMT
last-modified: Thu, 26 Jan 2023 20:16:11 GMT
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
strict-transport-security: max-age=43200000; includeSubDomains;
timing-allow-origin: *
vary: Accept-Encoding
x-robots-tag: noindex, noarchive, nofollow
accept-ranges: bytes
X-Firefox-Spdy: h2
yastatic.net/partner-code-bundles/712629/50f74285ee5803022691.js
178.154.131.217200 OK 24 kB URL HTTP/2 yastatic.net/partner-code-bundles/712629/50f74285ee5803022691.js
IP 178.154.131.217:0
File type ASCII text, with very long lines (65494)
Hash 07beb91d2fa3826d789571c582f29e38
e50036d61b666246932f0fc714419773d6461008
6968962c662bee3bef58864a266efd30301b98d09118cf87bfcfdf00bb3dd2b9
GET /partner-code-bundles/712629/50f74285ee5803022691.js HTTP/1.1
Host: yastatic.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://goo.su
Connection: keep-alive
Referer: https://goo.su/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx/1.17.9
date: Sat, 28 Jan 2023 04:01:08 GMT
content-type: text/javascript; charset=utf-8
content-length: 23537
access-control-allow-origin: *
cache-control: public, max-age=946708560
content-encoding: br
etag: "07beb91d2fa3826d789571c582f29e38"
expires: Mon, 27 Jan 2053 10:32:21 GMT
last-modified: Thu, 26 Jan 2023 20:16:11 GMT
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
strict-transport-security: max-age=43200000; includeSubDomains;
timing-allow-origin: *
vary: Accept-Encoding
x-robots-tag: noindex, noarchive, nofollow
accept-ranges: bytes
X-Firefox-Spdy: h2
yastatic.net/partner-code-bundles/712629/1c0942547d39e10f5f56.js
178.154.131.217200 OK 4.8 kB URL HTTP/2 yastatic.net/partner-code-bundles/712629/1c0942547d39e10f5f56.js
IP 178.154.131.217:0
File type ASCII text, with very long lines (14344)
Hash c86c86ca9ae84ed8be753763d3c39f04
eaca4f150cd54332a7667b3e0980bea8a27ce124
8cc9b41e0a8bef92fe21f9287d6c8974979627c20443c8064623bfcb12bec2a1
GET /partner-code-bundles/712629/1c0942547d39e10f5f56.js HTTP/1.1
Host: yastatic.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://goo.su
Connection: keep-alive
Referer: https://goo.su/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx/1.17.9
date: Sat, 28 Jan 2023 04:01:08 GMT
content-type: text/javascript; charset=utf-8
content-length: 4801
access-control-allow-origin: *
cache-control: public, max-age=946708560
content-encoding: br
etag: "c86c86ca9ae84ed8be753763d3c39f04"
expires: Mon, 27 Jan 2053 10:33:09 GMT
last-modified: Thu, 26 Jan 2023 20:16:11 GMT
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
strict-transport-security: max-age=43200000; includeSubDomains;
timing-allow-origin: *
vary: Accept-Encoding
x-robots-tag: noindex, noarchive, nofollow
accept-ranges: bytes
X-Firefox-Spdy: h2
yastatic.net/safeframe-bundles/0.83/host.js
178.154.131.217200 OK 8.9 kB URL HTTP/2 yastatic.net/safeframe-bundles/0.83/host.js
IP 178.154.131.217:0
File type ASCII text, with very long lines (33703), with no line terminators
Hash f80882bf67cf261aa08d636da095149a
3e5bf3fbdb45c9696f9b925d3e71b2e9777c82cd
4794febaad77bf94edba1c860dbcf9612722ad0a18b95831dad359b0bba4bed6
GET /safeframe-bundles/0.83/host.js HTTP/1.1
Host: yastatic.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://goo.su
Connection: keep-alive
Referer: https://goo.su/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx/1.17.9
date: Sat, 28 Jan 2023 04:01:08 GMT
content-type: text/javascript; charset=utf-8
content-length: 8878
access-control-allow-origin: *
cache-control: public, max-age=946708560
content-encoding: br
etag: "f80882bf67cf261aa08d636da095149a"
expires: Mon, 27 Jan 2053 10:34:33 GMT
last-modified: Wed, 03 Nov 2021 13:42:58 GMT
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
strict-transport-security: max-age=43200000; includeSubDomains;
timing-allow-origin: *
vary: Accept-Encoding
x-robots-tag: noindex, noarchive, nofollow
accept-ranges: bytes
X-Firefox-Spdy: h2
an.yandex.ru/system/context.js
87.250.250.90200 OK 90 kB URL HTTP/2 an.yandex.ru/system/context.js
IP 87.250.250.90:0
File type ASCII text, with very long lines (65492)
Hash f6b29a5ef532e87b98ca573eff5d41ac
05455aa333a2fc345086ea36882d255e31ec5aab
994b5d28d764292dc30ee34326f229431c7b652692b5016f320a9b94cdcd7872
GET /system/context.js HTTP/1.1
Host: an.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://goo.su/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
timing-allow-origin: *
access-control-allow-origin: *
expires: Sat, 28 Jan 2023 05:01:08 GMT
x-yandex-req-id: 1674878468351881-940224100257964684700103-production-app-host-sas-pcode-60
cache-control: private, max-age=3600
content-encoding: br
content-type: text/javascript; charset=utf-8
x-robots-tag: noindex, noarchive, nofollow
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash ab04da9bc46246cc0001464e7f6b5e19
01ce4f7004aec7a24d4545a1e742ab6a1e639b48
22e519a39cb2e7e5f6da23d35f4498aa7a2d00e06613fd3bbf8de8a62ed2d354
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 28 Jan 2023 04:01:08 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 471 B IP 216.58.211.3:0
Hash c083fb68af37d6c700a3fa4eb04a29cb
9b3ff3c9c0bd7dc448eb18e74ddc029f7c18dc9a
3ea0d4252ad90ee13a6b23ebd1144639f7bb73e4d96ef2590b21a155809e65e2
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 28 Jan 2023 04:01:08 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
adservice.google.com/adsid/integrator.js?domain=goo.su
216.58.211.2200 OK 100 B URL HTTP/2 adservice.google.com/adsid/integrator.js?domain=goo.su
IP 216.58.211.2:0
File type ASCII text, with no line terminators
Hash 917951a58be8c6c6f3680159550ba3c2
21cd25c2a4eb9ec7e0f37021ce7b69e852dab4b4
cd8c45d9a0d98ca2e23d967483ec538bcafa246afdcf434bf60c8257acfacfac
GET /adsid/integrator.js?domain=goo.su HTTP/1.1
Host: adservice.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://goo.su/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: private, no-cache, no-store
content-type: application/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
date: Sat, 28 Jan 2023 04:01:08 GMT
server: cafe
content-length: 100
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
adservice.google.no/adsid/integrator.js?domain=goo.su
142.250.74.2200 OK 100 B URL HTTP/2 adservice.google.no/adsid/integrator.js?domain=goo.su
IP 142.250.74.2:0
File type ASCII text, with no line terminators
Hash 917951a58be8c6c6f3680159550ba3c2
21cd25c2a4eb9ec7e0f37021ce7b69e852dab4b4
cd8c45d9a0d98ca2e23d967483ec538bcafa246afdcf434bf60c8257acfacfac
GET /adsid/integrator.js?domain=goo.su HTTP/1.1
Host: adservice.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://goo.su/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: private, no-cache, no-store
content-type: application/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
date: Sat, 28 Jan 2023 04:01:08 GMT
server: cafe
content-length: 100
x-xss-protection: 0
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 471 B IP 216.58.211.3:0
Hash c083fb68af37d6c700a3fa4eb04a29cb
9b3ff3c9c0bd7dc448eb18e74ddc029f7c18dc9a
3ea0d4252ad90ee13a6b23ebd1144639f7bb73e4d96ef2590b21a155809e65e2
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 28 Jan 2023 04:01:08 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash ab04da9bc46246cc0001464e7f6b5e19
01ce4f7004aec7a24d4545a1e742ab6a1e639b48
22e519a39cb2e7e5f6da23d35f4498aa7a2d00e06613fd3bbf8de8a62ed2d354
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 28 Jan 2023 04:01:08 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
top-fwz1.mail.ru/counter2?js=13;id=3128781;u=https%3A//goo.su/s0Tp/;st=1674878468982;title=Redirecting...;s=1280*1024;vp=1140*836;touch=0;hds=1;frame=0;flash=;sid=1770153b9203e842;ver=60.3.0;tz=0%2FUTC;ni=;lvid=1674878469441%3A1674878469459%3A1%3A7afee55531ee0ce2d8299dbb8900b555;visible=true;_=0.43653628681395606
95.163.52.67200 OK 43 B URL HTTP/2 top-fwz1.mail.ru/counter2?js=13;id=3128781;u=https%3A//goo.su/s0Tp/;st=1674878468982;title=Redirecting...;s=1280*1024;vp=1140*836;touch=0;hds=1;frame=0;flash=;sid=1770153b9203e842;ver=60.3.0;tz=0%2FUTC;ni=;lvid=1674878469441%3A1674878469459%3A1%3A7afee55531ee0ce2d8299dbb8900b555;visible=true;_=0.43653628681395606
IP 95.163.52.67:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 9bb191c6827273aa978cab39a3587950
25d8043336eb799e52b1a0e15ff6b95e09c24e35
24e480e4659fbae818853a38f8a3036f529f539024dc3e772c0b594ce02ea9db
GET /counter2?js=13;id=3128781;u=https%3A//goo.su/s0Tp/;st=1674878468982;title=Redirecting...;s=1280*1024;vp=1140*836;touch=0;hds=1;frame=0;flash=;sid=1770153b9203e842;ver=60.3.0;tz=0%2FUTC;ni=;lvid=1674878469441%3A1674878469459%3A1%3A7afee55531ee0ce2d8299dbb8900b555;visible=true;_=0.43653628681395606 HTTP/1.1
Host: top-fwz1.mail.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://goo.su/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 28 Jan 2023 04:01:08 GMT
content-type: image/gif
content-length: 43
set-cookie: FTID=1RMYgQ0tkIIF:1674878468:3128781:::; path=/; expires=Mon, 29-Jan-24 04:01:08 GMT; domain=.mail.ru; HttpOnly; SameSite=None; Secure
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, HEAD, PUT, OPTIONS
access-control-allow-headers: *
amp-access-control-allow-source-origin: *
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
timing-allow-origin: *
x-content-type-options: nosniff
p3p: CP="NOI DSP COR NID CUR PSA OUR NOR"
cache-control: private, no-cache, no-store, max-age=0
pragma: no-cache
accept-ch: DPR, Width, Viewport-Width, Downlink, Device-Memory, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version
accept-ch-lifetime: 86400
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash 4abb97e5fd107cb87b896feb33a2159b
757fc267c534b8f5191f97d4c6dce60753e965f2
88d691d314752499a884e54232b88c0d19e4c8163236851b99a0b0d3ac0d7f8a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 28 Jan 2023 04:01:08 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
partner.googleadservices.com/gampad/cookie.js?domain=goo.su&callback=_gfp_s_&client=ca-pub-4358137683029217
216.58.207.194200 OK 250 B URL HTTP/2 partner.googleadservices.com/gampad/cookie.js?domain=goo.su&callback=_gfp_s_&client=ca-pub-4358137683029217
IP 216.58.207.194:0
File type ASCII text, with very long lines (379), with no line terminators
Hash f7c4bf08792a778f726724fdabf001bd
90c03950ae7d6da14d1abd45809326e23e6b4f02
d6cbb8ebc5d0d919a147ad82a1cfd422ba25a77906f0fed7e25ea69f4c3ffdbc
GET /gampad/cookie.js?domain=goo.su&callback=_gfp_s_&client=ca-pub-4358137683029217 HTTP/1.1
Host: partner.googleadservices.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://goo.su/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
date: Sat, 28 Jan 2023 04:01:08 GMT
server: cafe
cache-control: private
content-length: 250
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
kraken.rambler.ru/cnt/?et=pv&v=3.13.5&pid=6673155&tid=t1.6673155.919045319.1674878469206&rid=1674878469.206-411619954&fid=pA8AAENKs1e4GYz8AeIR7gA%3D&fip=pA8AAENKs1dyUjNuAZHGygA%3D&eid=946484697671613&aduid=acf77ffe-4e20-4876-877e-59dbb8fab8d6&aduidsc=goo.su&stid=1676549017_1674878469209&sn=1&sen=1&ce=1&bs=1140x836&rf&en=UTF-8&pt=Redirecting...&sr=1280x1024&cd=24-bit&la=en-US&ja=0&acn=Mozilla&an=Netscape&pl=Linux%20x86_64&tz=0&le=2&ct=web&url=https%3A%2F%2Fgoo.su%2Fs0Tp%2F&lv&exp=%5B%5B%22exp_bot%22%2C%22split_a%22%5D%2C%5B%22exp_ping%22%2C%22no%22%5D%5D&rn=1757645681
81.19.89.17200 OK 595 B URL HTTP/2 kraken.rambler.ru/cnt/?et=pv&v=3.13.5&pid=6673155&tid=t1.6673155.919045319.1674878469206&rid=1674878469.206-411619954&fid=pA8AAENKs1e4GYz8AeIR7gA%3D&fip=pA8AAENKs1dyUjNuAZHGygA%3D&eid=946484697671613&aduid=acf77ffe-4e20-4876-877e-59dbb8fab8d6&aduidsc=goo.su&stid=1676549017_1674878469209&sn=1&sen=1&ce=1&bs=1140x836&rf&en=UTF-8&pt=Redirecting...&sr=1280x1024&cd=24-bit&la=en-US&ja=0&acn=Mozilla&an=Netscape&pl=Linux%20x86_64&tz=0&le=2&ct=web&url=https%3A%2F%2Fgoo.su%2Fs0Tp%2F&lv&exp=%5B%5B%22exp_bot%22%2C%22split_a%22%5D%2C%5B%22exp_ping%22%2C%22no%22%5D%5D&rn=1757645681
IP 81.19.89.17:0
ASN #24638 Rambler Internet Holding LLC
File type GIF image data, version 87a, 88 x 31\012- data
Hash b566a466c8d8c0361839677785e69240
c6e6a583e76e699806f806dbd63cebd9037f551e
86d9d7d32ba3d9eb9fbea6508c725c17c44f80d6a7d16ca1fa79a85c4b632e91
GET /cnt/?et=pv&v=3.13.5&pid=6673155&tid=t1.6673155.919045319.1674878469206&rid=1674878469.206-411619954&fid=pA8AAENKs1e4GYz8AeIR7gA%3D&fip=pA8AAENKs1dyUjNuAZHGygA%3D&eid=946484697671613&aduid=acf77ffe-4e20-4876-877e-59dbb8fab8d6&aduidsc=goo.su&stid=1676549017_1674878469209&sn=1&sen=1&ce=1&bs=1140x836&rf&en=UTF-8&pt=Redirecting...&sr=1280x1024&cd=24-bit&la=en-US&ja=0&acn=Mozilla&an=Netscape&pl=Linux%20x86_64&tz=0&le=2&ct=web&url=https%3A%2F%2Fgoo.su%2Fs0Tp%2F&lv&exp=%5B%5B%22exp_bot%22%2C%22split_a%22%5D%2C%5B%22exp_ping%22%2C%22no%22%5D%5D&rn=1757645681 HTTP/1.1
Host: kraken.rambler.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://goo.su/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx/1.19.4
date: Sat, 28 Jan 2023 04:01:08 GMT
content-type: image/gif
content-length: 595
last-modified: Tue, 12 Nov 2019 12:50:59 GMT
etag: "5dcaaab3-253"
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: content-type
access-control-allow-credentials: true
x-srv: 1kraken-prod0003.ad.rambler.tech
set-cookie: ruid=1CIAAASe1GOXQbUUAXOpjAB=; expires=Thu, 31-Dec-37 23:55:55 GMT; domain=.rambler.ru; path=/
proto_uid=1CIAAASe1GOXQbUUAXOpjAB=; expires=Thu, 31-Dec-37 23:55:55 GMT; domain=.rambler.ru; path=/
p3p: CP="NON DSP NID ADMa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
accept-ranges: bytes
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash 4abb97e5fd107cb87b896feb33a2159b
757fc267c534b8f5191f97d4c6dce60753e965f2
88d691d314752499a884e54232b88c0d19e4c8163236851b99a0b0d3ac0d7f8a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 28 Jan 2023 04:01:08 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
kraken.rambler.ru/cnt/v2/?event_type=base&event_name=page_view&project_id=6673155&session_id=1676549017_1674878469209&session_number=1&session_event_number=1&version=3.13.5&counter_type=web&experiment=%5B%5B%22exp_bot%22%2C%22split_a%22%5D%2C%5B%22exp_ping%22%2C%22no%22%5D%5D&top100_id=t1.6673155.919045319.1674878469206&adtech_uid=acf77ffe-4e20-4876-877e-59dbb8fab8d6&adtech_uid_scope=goo.su&fingerprint=pA8AAENKs1e4GYz8AeIR7gA%3D&fingerprint_ip=pA8AAENKs1dyUjNuAZHGygA%3D&url=https%3A%2F%2Fgoo.su%2Fs0Tp%2F&request_id=1674878469.206-411619954&event_id=276484697684790&meta=%7B%22title%22%3A%22Redirecting...%22%2C%22referer%22%3A%22%22%2C%22screen_size%22%3A%221280x1024%22%2C%22browser_size%22%3A%221140x836%22%2C%22color_depth%22%3A%2224-bit%22%2C%22language%22%3A%22en-US%22%2C%22browser%22%3A%22Netscape%22%2C%22platform%22%3A%22Linux%20x86_64%22%2C%22timezone%22%3A%220%22%7D&rn=1244576634
81.19.89.17200 OK 595 B URL HTTP/2 kraken.rambler.ru/cnt/v2/?event_type=base&event_name=page_view&project_id=6673155&session_id=1676549017_1674878469209&session_number=1&session_event_number=1&version=3.13.5&counter_type=web&experiment=%5B%5B%22exp_bot%22%2C%22split_a%22%5D%2C%5B%22exp_ping%22%2C%22no%22%5D%5D&top100_id=t1.6673155.919045319.1674878469206&adtech_uid=acf77ffe-4e20-4876-877e-59dbb8fab8d6&adtech_uid_scope=goo.su&fingerprint=pA8AAENKs1e4GYz8AeIR7gA%3D&fingerprint_ip=pA8AAENKs1dyUjNuAZHGygA%3D&url=https%3A%2F%2Fgoo.su%2Fs0Tp%2F&request_id=1674878469.206-411619954&event_id=276484697684790&meta=%7B%22title%22%3A%22Redirecting...%22%2C%22referer%22%3A%22%22%2C%22screen_size%22%3A%221280x1024%22%2C%22browser_size%22%3A%221140x836%22%2C%22color_depth%22%3A%2224-bit%22%2C%22language%22%3A%22en-US%22%2C%22browser%22%3A%22Netscape%22%2C%22platform%22%3A%22Linux%20x86_64%22%2C%22timezone%22%3A%220%22%7D&rn=1244576634
IP 81.19.89.17:0
ASN #24638 Rambler Internet Holding LLC
File type GIF image data, version 87a, 88 x 31\012- data
Hash b566a466c8d8c0361839677785e69240
c6e6a583e76e699806f806dbd63cebd9037f551e
86d9d7d32ba3d9eb9fbea6508c725c17c44f80d6a7d16ca1fa79a85c4b632e91
GET /cnt/v2/?event_type=base&event_name=page_view&project_id=6673155&session_id=1676549017_1674878469209&session_number=1&session_event_number=1&version=3.13.5&counter_type=web&experiment=%5B%5B%22exp_bot%22%2C%22split_a%22%5D%2C%5B%22exp_ping%22%2C%22no%22%5D%5D&top100_id=t1.6673155.919045319.1674878469206&adtech_uid=acf77ffe-4e20-4876-877e-59dbb8fab8d6&adtech_uid_scope=goo.su&fingerprint=pA8AAENKs1e4GYz8AeIR7gA%3D&fingerprint_ip=pA8AAENKs1dyUjNuAZHGygA%3D&url=https%3A%2F%2Fgoo.su%2Fs0Tp%2F&request_id=1674878469.206-411619954&event_id=276484697684790&meta=%7B%22title%22%3A%22Redirecting...%22%2C%22referer%22%3A%22%22%2C%22screen_size%22%3A%221280x1024%22%2C%22browser_size%22%3A%221140x836%22%2C%22color_depth%22%3A%2224-bit%22%2C%22language%22%3A%22en-US%22%2C%22browser%22%3A%22Netscape%22%2C%22platform%22%3A%22Linux%20x86_64%22%2C%22timezone%22%3A%220%22%7D&rn=1244576634 HTTP/1.1
Host: kraken.rambler.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://goo.su/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx/1.19.4
date: Sat, 28 Jan 2023 04:01:08 GMT
content-type: image/gif
content-length: 595
last-modified: Tue, 12 Nov 2019 12:50:59 GMT
etag: "5dcaaab3-253"
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: content-type
access-control-allow-credentials: true
x-srv: 1kraken-prod0003.ad.rambler.tech
set-cookie: ruid=1CIAAASe1GOXQbUUAXSpjAB=; expires=Thu, 31-Dec-37 23:55:55 GMT; domain=.rambler.ru; path=/
proto_uid=1CIAAASe1GOXQbUUAXSpjAB=; expires=Thu, 31-Dec-37 23:55:55 GMT; domain=.rambler.ru; path=/
p3p: CP="NON DSP NID ADMa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
accept-ranges: bytes
X-Firefox-Spdy: h2
top-fwz1.mail.ru/tracker?js=13;id=3128781;u=https%3A//goo.su/s0Tp/;st=1674878468982;title=Redirecting...;s=1280*1024;vp=1140*836;touch=0;hds=1;frame=0;flash=;sid=1770153b9203e842;ver=60.3.0;tz=0%2FUTC;nt=0/0/1674878468065/////277/287/293/297/319/301/319/605/605/627/917/942/945/1848/1848/;ni=;lvid=1674878469441%3A1674878469916%3A2%3A7afee55531ee0ce2d8299dbb8900b555;visible=true;_=0.4691509076366228;e=RT/load;et=1674878469913
95.163.52.67200 OK 43 B URL HTTP/2 top-fwz1.mail.ru/tracker?js=13;id=3128781;u=https%3A//goo.su/s0Tp/;st=1674878468982;title=Redirecting...;s=1280*1024;vp=1140*836;touch=0;hds=1;frame=0;flash=;sid=1770153b9203e842;ver=60.3.0;tz=0%2FUTC;nt=0/0/1674878468065/////277/287/293/297/319/301/319/605/605/627/917/942/945/1848/1848/;ni=;lvid=1674878469441%3A1674878469916%3A2%3A7afee55531ee0ce2d8299dbb8900b555;visible=true;_=0.4691509076366228;e=RT/load;et=1674878469913
IP 95.163.52.67:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 9bb191c6827273aa978cab39a3587950
25d8043336eb799e52b1a0e15ff6b95e09c24e35
24e480e4659fbae818853a38f8a3036f529f539024dc3e772c0b594ce02ea9db
GET /tracker?js=13;id=3128781;u=https%3A//goo.su/s0Tp/;st=1674878468982;title=Redirecting...;s=1280*1024;vp=1140*836;touch=0;hds=1;frame=0;flash=;sid=1770153b9203e842;ver=60.3.0;tz=0%2FUTC;nt=0/0/1674878468065/////277/287/293/297/319/301/319/605/605/627/917/942/945/1848/1848/;ni=;lvid=1674878469441%3A1674878469916%3A2%3A7afee55531ee0ce2d8299dbb8900b555;visible=true;_=0.4691509076366228;e=RT/load;et=1674878469913 HTTP/1.1
Host: top-fwz1.mail.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://goo.su/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 28 Jan 2023 04:01:09 GMT
content-type: image/gif
content-length: 43
set-cookie: FTID=1RMYgQ0tkIIF:1674878469:3128781:::; path=/; expires=Mon, 29-Jan-24 04:01:09 GMT; domain=.mail.ru; HttpOnly; SameSite=None; Secure
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, HEAD, PUT, OPTIONS
access-control-allow-headers: *
amp-access-control-allow-source-origin: *
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
timing-allow-origin: *
x-content-type-options: nosniff
p3p: CP="NOI DSP COR NID CUR PSA OUR NOR"
cache-control: private, no-cache, no-store, max-age=0
pragma: no-cache
accept-ch: DPR, Width, Viewport-Width, Downlink, Device-Memory, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version
accept-ch-lifetime: 86400
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 471 B IP 216.58.211.3:0
Hash 17504951994384b5dfa3387f5e8b684f
d76ab271cbc580a05222ec155fbc0e82545ae97c
f7e09c196a20bed2d1c1f6fada5eb982e04880a2f1c8c24d7fdce87e46152c3d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 28 Jan 2023 04:01:09 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
tpc.googlesyndication.com/sodar/sodar2.js
172.217.21.161200 OK 6.4 kB URL HTTP/2 tpc.googlesyndication.com/sodar/sodar2.js
IP 172.217.21.161:0
File type ASCII text, with very long lines (1321)
Hash ac906814ed812c4ecdbb624a3bd2f6c3
8e4547eaffaa66a1ee61b36028dbcd7091d0e7de
8ab8cef6156022c4547455defd8252b48b6bcb8b734072849345bb99758705fe
GET /sodar/sodar2.js HTTP/1.1
Host: tpc.googlesyndication.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://goo.su/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/javascript
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length: 6386
date: Sat, 28 Jan 2023 04:01:09 GMT
expires: Sat, 28 Jan 2023 04:01:09 GMT
cache-control: private, max-age=3000
etag: "1637097310169751"
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
tpc.googlesyndication.com/sodar/sodar2/225/runner.html
172.217.21.161200 OK 5.0 kB URL HTTP/2 tpc.googlesyndication.com/sodar/sodar2/225/runner.html
IP 172.217.21.161:0
File type HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (2020)
Hash f530c16b248be97e10df228df6a41c24
ca3c3a38bbeef6906682b3e0b2a7be40c08b0925
f45287dcfd79a2411e79f98c834c6f7eff8a281a9b4fdba0124be9d204987786
GET /sodar/sodar2/225/runner.html HTTP/1.1
Host: tpc.googlesyndication.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://goo.su/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length: 5046
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 26 Jan 2023 20:43:30 GMT
expires: Fri, 26 Jan 2024 20:43:30 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
content-type: text/html
age: 112659
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 471 B IP 216.58.211.3:0
Hash 622311873d3819b9911301b09bc2d43c
9f08d648e40479aa12da033da15b80a15017c739
6138674cec17da8b7bb02bf0686bf3e7aefa2bce6a5f844ebd80e10b665818b8
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 28 Jan 2023 04:01:09 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
yastatic.net/s3/games-static/favicons/icon-192.png
178.154.131.217200 OK 24 kB URL HTTP/2 yastatic.net/s3/games-static/favicons/icon-192.png
IP 178.154.131.217:0
File type PNG image data, 192 x 192, 8-bit/color RGBA, non-interlaced\012- data
Hash 7819c957eaa80af5bf14f760d49b64a7
93b670523acd14f884c3a538d59d408da0888a6c
ca78c114bba40b141a59c55a9d3fb6db7672bc3effd4337f2b1ce512b4d06c9e
GET /s3/games-static/favicons/icon-192.png HTTP/1.1
Host: yastatic.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://goo.su/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx/1.17.9
date: Sat, 28 Jan 2023 04:01:09 GMT
content-type: image/png
content-length: 24134
access-control-allow-origin: *
cache-control: public, max-age=216013
etag: "7819c957eaa80af5bf14f760d49b64a7"
expires: Mon, 30 Jan 2023 15:57:12 GMT
last-modified: Thu, 14 Apr 2022 12:22:42 GMT
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
strict-transport-security: max-age=43200000; includeSubDomains;
timing-allow-origin: *
vary: Accept-Encoding
x-nginx-request-id: a9ebfbf630de453b
accept-ranges: bytes
X-Firefox-Spdy: h2
www.google.com/recaptcha/api2/aframe
142.250.74.132200 OK 514 B URL HTTP/2 www.google.com/recaptcha/api2/aframe
IP 142.250.74.132:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (783), with no line terminators
Hash 833088b648acfc327cedce44095f47d5
a0895b5be81c5b15d6ed74f47b43957ba4cc3d50
91c52de7e4a11f949f4abc48f4b550aa3798963d173b1fa5612021913b3675b4
GET /recaptcha/api2/aframe HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://goo.su/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires: Sat, 28 Jan 2023 04:01:09 GMT
date: Sat, 28 Jan 2023 04:01:09 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'nonce-tbBJ1I7B6cZPkSbA7BVX-A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 514
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
an.yandex.ru/event_confirmation
87.250.250.90200 OK 960 B URL HTTP/2 an.yandex.ru/event_confirmation
IP 87.250.250.90:0
Hash f280e3d40c516811caa3d16decd789c5
8d5bd2df5142b6af18722a54c5861d161f742ac0
23266bec5e18cc7d5d5efafc0439978474581977952bda97656f30db8bf76595
POST /event_confirmation HTTP/1.1
Host: an.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Content-Length: 296
Origin: https://goo.su
Connection: keep-alive
Referer: https://goo.su/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
timing-allow-origin: *
date: Sat, 28 Jan 2023 04:01:09 GMT
access-control-allow-origin: https://goo.su
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Sat, 28 Jan 2023 04:01:09 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
last-modified: Sat, 28 Jan 2023 04:01:09 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-encoding: gzip
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
yastatic.net/safeframe-bundles/0.83/1-1-0/render.html
178.154.131.217200 OK 6.3 kB URL HTTP/2 yastatic.net/safeframe-bundles/0.83/1-1-0/render.html
IP 178.154.131.217:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (23297)
Hash eb77de48712912aadc9aa8171ac75ede
f375e4ed6b585c4e30b2d56f4f41c3beed909349
437ee0c22002ccd77158d7a7018113f26384324158ab3cef65373007f29b1bcf
GET /safeframe-bundles/0.83/1-1-0/render.html HTTP/1.1
Host: yastatic.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://goo.su/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx/1.17.9
date: Sat, 28 Jan 2023 04:01:09 GMT
content-type: text/html
content-length: 6262
access-control-allow-origin: *
cache-control: public, max-age=946708560
content-encoding: br
etag: "eb77de48712912aadc9aa8171ac75ede"
expires: Mon, 27 Jan 2053 10:36:33 GMT
last-modified: Wed, 03 Nov 2021 13:42:58 GMT
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
strict-transport-security: max-age=43200000; includeSubDomains;
timing-allow-origin: *
vary: Accept-Encoding
x-robots-tag: noindex, noarchive, nofollow
accept-ranges: bytes
X-Firefox-Spdy: h2
ocsp.globalsign.com/gseccovsslca2018
104.18.20.226200 OK 938 B URL HTTP/1.1 ocsp.globalsign.com/gseccovsslca2018
IP 104.18.20.226:0
Hash 11f8afd463fd402e76b2ecabb62ffcc5
becef0214d96ea48651a25020da74e9aa86d00e8
401e5777ee8a48a4450ab6caa669afba2b028b60e26a7d39dad5725dc1639a6e
POST /gseccovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 28 Jan 2023 04:01:09 GMT
Content-Type: application/ocsp-response
Content-Length: 938
Connection: keep-alive
Expires: Wed, 01 Feb 2023 02:52:09 GMT
ETag: "becef0214d96ea48651a25020da74e9aa86d00e8"
Last-Modified: Sat, 28 Jan 2023 02:52:10 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 2473
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7906d3411b94b511-OSL
ocsp.globalsign.com/gsrsaovsslca2018
104.18.20.226200 OK 1.4 kB URL HTTP/1.1 ocsp.globalsign.com/gsrsaovsslca2018
IP 104.18.20.226:0
Hash fe8960edd6866b459c6ee7fdab482cf5
f23c208f59e7114b78978071de1cbcbd4e57047b
15c5f5c8631e4d29d1a58a30bbe0b45c4741a2a84ed75aa3298089bbd6d66ad8
POST /gsrsaovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 28 Jan 2023 04:01:09 GMT
Content-Type: application/ocsp-response
Content-Length: 1432
Connection: keep-alive
Expires: Wed, 01 Feb 2023 01:52:14 GMT
ETag: "f23c208f59e7114b78978071de1cbcbd4e57047b"
Last-Modified: Sat, 28 Jan 2023 01:52:15 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 1193
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7906d3412d351c12-OSL
ocsp.globalsign.com/gsrsaovsslca2018
104.18.20.226200 OK 1.4 kB URL HTTP/1.1 ocsp.globalsign.com/gsrsaovsslca2018
IP 104.18.20.226:0
Hash fe8960edd6866b459c6ee7fdab482cf5
f23c208f59e7114b78978071de1cbcbd4e57047b
15c5f5c8631e4d29d1a58a30bbe0b45c4741a2a84ed75aa3298089bbd6d66ad8
POST /gsrsaovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 28 Jan 2023 04:01:09 GMT
Content-Type: application/ocsp-response
Content-Length: 1432
Connection: keep-alive
Expires: Wed, 01 Feb 2023 01:52:14 GMT
ETag: "f23c208f59e7114b78978071de1cbcbd4e57047b"
Last-Modified: Sat, 28 Jan 2023 01:52:15 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 1193
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7906d341291efab8-OSL
ocsp.globalsign.com/gsrsaovsslca2018
104.18.20.226200 OK 1.4 kB URL HTTP/1.1 ocsp.globalsign.com/gsrsaovsslca2018
IP 104.18.20.226:0
Hash fe8960edd6866b459c6ee7fdab482cf5
f23c208f59e7114b78978071de1cbcbd4e57047b
15c5f5c8631e4d29d1a58a30bbe0b45c4741a2a84ed75aa3298089bbd6d66ad8
POST /gsrsaovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 28 Jan 2023 04:01:09 GMT
Content-Type: application/ocsp-response
Content-Length: 1432
Connection: keep-alive
Expires: Wed, 01 Feb 2023 01:52:14 GMT
ETag: "f23c208f59e7114b78978071de1cbcbd4e57047b"
Last-Modified: Sat, 28 Jan 2023 01:52:15 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 1193
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7906d3413d431c12-OSL
avatars.mds.yandex.net/get-direct/5234214/5D8RkzgjJq0K4Zd-8qpugw/x150
87.250.247.182200 OK 5.5 kB URL HTTP/2 avatars.mds.yandex.net/get-direct/5234214/5D8RkzgjJq0K4Zd-8qpugw/x150
IP 87.250.247.182:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 150x112, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 53d2a47e24ef637e66a97b1d9625fa04
732bbafc29c23e385966a5711fe80a227d112e2d
d7cd3cec215d9c7e67b82e413d4714b8a05acac3be1492b375038d742bbf7e96
GET /get-direct/5234214/5D8RkzgjJq0K4Zd-8qpugw/x150 HTTP/1.1
Host: avatars.mds.yandex.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://goo.su/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 28 Jan 2023 04:01:09 GMT
content-type: image/webp
content-length: 5502
access-control-allow-origin: *
access-control-allow-credentials: true
last-modified: Wed, 12 Oct 2022 13:27:08 GMT
cache-control: max-age=31536000,immutable
x-request-id: 51f7c33e92cde12
nel: {"report_to": "network-errors", "max_age": 600, "success_fraction": 0.001, "failure_fraction": 0.01}
report-to: {"group": "network-errors", "max_age": 600, "endpoints": [ { "url": "https://dr.yandex.net/s3_nel?datacenter=MYT"}]}
X-Firefox-Spdy: h2
avatars.mds.yandex.net/get-direct/5260657/QUHG5Iie7j6-OtR7ExNzMQ/y150
87.250.247.182200 OK 6.5 kB URL HTTP/2 avatars.mds.yandex.net/get-direct/5260657/QUHG5Iie7j6-OtR7ExNzMQ/y150
IP 87.250.247.182:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 150x150, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 4307495f3f51f471948d5bf545c43f09
04c15cc682e4b9e981372e35cd58b37ff6afac01
d19cc83fd3ab6369726d9b14b083481a4fa902c5bc7031ee6dc8774da5e3688f
GET /get-direct/5260657/QUHG5Iie7j6-OtR7ExNzMQ/y150 HTTP/1.1
Host: avatars.mds.yandex.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://goo.su/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 28 Jan 2023 04:01:09 GMT
content-type: image/webp
content-length: 6484
access-control-allow-origin: *
access-control-allow-credentials: true
last-modified: Wed, 18 Jan 2023 23:53:58 GMT
cache-control: max-age=31536000,immutable
x-request-id: c939c4c7ea73cece
nel: {"report_to": "network-errors", "max_age": 600, "success_fraction": 0.001, "failure_fraction": 0.01}
report-to: {"group": "network-errors", "max_age": 600, "endpoints": [ { "url": "https://dr.yandex.net/s3_nel?datacenter=MYT"}]}
X-Firefox-Spdy: h2
favicon.yandex.net/favicon/rpgamesrn.netlify.app?size=120&stub=2
77.88.21.36200 Ok 866 B URL HTTP/1.1 favicon.yandex.net/favicon/rpgamesrn.netlify.app?size=120&stub=2
IP 77.88.21.36:0
File type PNG image data, 120 x 120, 8-bit/color RGBA, non-interlaced\012- data
Hash 4b3b05a304db0751d45f8ca5c1fa1ab6
660c4cfbcc3121b7be56e5528404f9a9f7563449
343a6fb5ac42d4d5dcae03fa86be33db3ee047bb2b7d125d32723846dcfc3ed5
GET /favicon/rpgamesrn.netlify.app?size=120&stub=2 HTTP/1.1
Host: favicon.yandex.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://goo.su/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 Ok
Cache-Control: max-age=691200
Content-Type: image/png
Transfer-Encoding: chunked
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
access-control-allow-origin: *
avatars.mds.yandex.net/get-direct/5283206/Dj0wvEdSLZmy2LRp-sdDyg/y150
87.250.247.182200 OK 6.3 kB URL HTTP/2 avatars.mds.yandex.net/get-direct/5283206/Dj0wvEdSLZmy2LRp-sdDyg/y150
IP 87.250.247.182:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 150x150, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash ca84497fed3e5da528e1464d11c3e7af
2a8699430790a4f5dcf53a5f4741aa8bdddde5c4
31c29f302c3efa482980c2f093cec51ce31f0d72d3e70252f411087f53a72024
GET /get-direct/5283206/Dj0wvEdSLZmy2LRp-sdDyg/y150 HTTP/1.1
Host: avatars.mds.yandex.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://goo.su/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 28 Jan 2023 04:01:09 GMT
content-type: image/webp
content-length: 6250
access-control-allow-origin: *
access-control-allow-credentials: true
last-modified: Wed, 11 Aug 2021 14:15:16 GMT
cache-control: max-age=31536000,immutable
x-request-id: d17885512339855c
nel: {"report_to": "network-errors", "max_age": 600, "success_fraction": 0.001, "failure_fraction": 0.01}
report-to: {"group": "network-errors", "max_age": 600, "endpoints": [ { "url": "https://dr.yandex.net/s3_nel?datacenter=MYT"}]}
X-Firefox-Spdy: h2
favicon.yandex.net/favicon/coddyschool.com?size=120&stub=2
77.88.21.36200 Ok 4.2 kB URL HTTP/1.1 favicon.yandex.net/favicon/coddyschool.com?size=120&stub=2
IP 77.88.21.36:0
File type PNG image data, 120 x 120, 8-bit/color RGBA, non-interlaced\012- data
Hash fc83f1fc2d4deb8597e9c954b53b5277
324ad167a2630c3ff97c3e71702c38d923a4539f
4b307d56f3dc06c64c62aeff0e608d98c85a6367b20c33d292a0ec32791521cf
GET /favicon/coddyschool.com?size=120&stub=2 HTTP/1.1
Host: favicon.yandex.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://goo.su/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 Ok
Cache-Control: max-age=691200
Content-Type: image/png
Transfer-Encoding: chunked
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
access-control-allow-origin: *
avatars.mds.yandex.net/get-direct/5244561/WbG9o8Ii4rLisqryWAMagg/x300
87.250.247.182200 OK 18 kB URL HTTP/2 avatars.mds.yandex.net/get-direct/5244561/WbG9o8Ii4rLisqryWAMagg/x300
IP 87.250.247.182:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 300x200, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 9e0f7885ea69854cb94fd66a0b1eafd0
02482510515113a4a0e911e4e7abc8d2aa0b0a9f
b31424dd498a7e3170873622045b0555b55a4c4ddb4ca31b75a4fa9fba6cde74
GET /get-direct/5244561/WbG9o8Ii4rLisqryWAMagg/x300 HTTP/1.1
Host: avatars.mds.yandex.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://goo.su/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 28 Jan 2023 04:01:09 GMT
content-type: image/webp
content-length: 17858
access-control-allow-origin: *
access-control-allow-credentials: true
last-modified: Fri, 20 Jan 2023 12:36:47 GMT
cache-control: max-age=31536000,immutable
x-request-id: d158178d69a3dabd
nel: {"report_to": "network-errors", "max_age": 600, "success_fraction": 0.001, "failure_fraction": 0.01}
report-to: {"group": "network-errors", "max_age": 600, "endpoints": [ { "url": "https://dr.yandex.net/s3_nel?datacenter=MYT"}]}
X-Firefox-Spdy: h2
favicon.yandex.net/favicon/kidclub.xbridge.ru?size=120&stub=2
77.88.21.36200 Ok 5.8 kB URL HTTP/1.1 favicon.yandex.net/favicon/kidclub.xbridge.ru?size=120&stub=2
IP 77.88.21.36:0
File type PNG image data, 120 x 120, 8-bit/color RGBA, non-interlaced\012- data
Hash 6cf706a9aebd95f974b470ee0a89fbef
cea626eded24b121e03a5eb9818886b646f95139
b8c034408e78c78954ad54219f8a41075110e02dbad3be2ebb0f48de33fdb8e8
GET /favicon/kidclub.xbridge.ru?size=120&stub=2 HTTP/1.1
Host: favicon.yandex.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://goo.su/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 Ok
Cache-Control: max-age=691200
Content-Type: image/png
Transfer-Encoding: chunked
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
access-control-allow-origin: *
ocsp.globalsign.com/gseccovsslca2018
104.18.20.226200 OK 939 B URL HTTP/1.1 ocsp.globalsign.com/gseccovsslca2018
IP 104.18.20.226:0
Hash eb54cfce55d151b95361b8499327d670
9afa2fc93cfcd21f36376f687652244a8dfd0caa
4030b82fc833ad43c4e72af9fa055d9395a91b2a821a46a37a1354145e482c59
POST /gseccovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 28 Jan 2023 04:01:09 GMT
Content-Type: application/ocsp-response
Content-Length: 939
Connection: keep-alive
Expires: Wed, 01 Feb 2023 01:48:27 GMT
ETag: "9afa2fc93cfcd21f36376f687652244a8dfd0caa"
Last-Modified: Sat, 28 Jan 2023 01:48:28 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 359
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7906d3422948fab8-OSL
ysa-static.passport.yandex.ru/static/1/d959d7e39d5067fad30d9c06204866e9/d.png?ex=yes
87.250.250.114200 Ok 95 B URL HTTP/1.1 ysa-static.passport.yandex.ru/static/1/d959d7e39d5067fad30d9c06204866e9/d.png?ex=yes
IP 87.250.250.114:0
File type PNG image data, 1 x 1, 1-bit colormap, non-interlaced\012- data
Hash 60cf42b4d05caf10cf8bb15c0817a7b4
bd269860bb508aebcb6f08fe7289d5f117830383
18c327afa903633f86c3efcf12b77f098077eacaa8be101bb007846fd74f8b93
GET /static/1/d959d7e39d5067fad30d9c06204866e9/d.png?ex=yes HTTP/1.1
Host: ysa-static.passport.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://yastatic.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 Ok
Server: nginx/1.14.2
Date: Sat, 28 Jan 2023 04:01:09 GMT
Content-Type: image/png
Content-Length: 95
Connection: close
Cache-Control: private
Expires: Sun, 29 Jan 2023 04:01:09 GMT
X-RT-IQ: 0.0002
X-RT-IH: 0.0001
Strict-Transport-Security: max-age=315360000; includeSubDomains
avatars.mds.yandex.net/get-direct/6531140/m1MczEyBeGjSa-LL9qxJ4w/x300
87.250.247.182200 OK 12 kB URL HTTP/2 avatars.mds.yandex.net/get-direct/6531140/m1MczEyBeGjSa-LL9qxJ4w/x300
IP 87.250.247.182:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 300x200, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash a815327ae35e8bd25c39cc19ab89268a
da64bd6266736b48d83e9d10001bbf7a4be99dec
b97dbc987e989eedb94b3c6b9f12d906c7b0efaef59f9d2d391d0b1c844a95cb
GET /get-direct/6531140/m1MczEyBeGjSa-LL9qxJ4w/x300 HTTP/1.1
Host: avatars.mds.yandex.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://goo.su/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 28 Jan 2023 04:01:09 GMT
content-type: image/webp
content-length: 11636
access-control-allow-origin: *
access-control-allow-credentials: true
last-modified: Sat, 21 Jan 2023 22:15:50 GMT
cache-control: max-age=31536000,immutable
x-request-id: 6727f8e324460105
nel: {"report_to": "network-errors", "max_age": 600, "success_fraction": 0.001, "failure_fraction": 0.01}
report-to: {"group": "network-errors", "max_age": 600, "endpoints": [ { "url": "https://dr.yandex.net/s3_nel?datacenter=MYT"}]}
X-Firefox-Spdy: h2
avatars.mds.yandex.net/get-direct/5235604/xrf1KjZ5Kvz0HjfKeYuxXw/x300
87.250.247.182200 OK 14 kB URL HTTP/2 avatars.mds.yandex.net/get-direct/5235604/xrf1KjZ5Kvz0HjfKeYuxXw/x300
IP 87.250.247.182:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 300x200, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 9d28da2cf3efcf632d2d10235ca70a88
591f49d13584b774d2f6a06b23a3c0c966b033fc
c66687845fd18185f97deac9b19032c08f9b52445aa9b8f1887e2fcf5206c3eb
GET /get-direct/5235604/xrf1KjZ5Kvz0HjfKeYuxXw/x300 HTTP/1.1
Host: avatars.mds.yandex.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://goo.su/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 28 Jan 2023 04:01:09 GMT
content-type: image/webp
content-length: 14228
access-control-allow-origin: *
access-control-allow-credentials: true
last-modified: Sat, 21 Jan 2023 22:15:32 GMT
cache-control: max-age=31536000,immutable
x-request-id: 62301eb9902d3602
nel: {"report_to": "network-errors", "max_age": 600, "success_fraction": 0.001, "failure_fraction": 0.01}
report-to: {"group": "network-errors", "max_age": 600, "endpoints": [ { "url": "https://dr.yandex.net/s3_nel?datacenter=MYT"}]}
X-Firefox-Spdy: h2
avatars.mds.yandex.net/get-direct/5235785/7_d42OK7vRQwc0vq6Lb3Og/x300
87.250.247.182200 OK 13 kB URL HTTP/2 avatars.mds.yandex.net/get-direct/5235785/7_d42OK7vRQwc0vq6Lb3Og/x300
IP 87.250.247.182:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 300x200, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 8c3e837e32d511453f3f02321327bee7
23e6f907afb123906640b390a5da25f5236901e4
674b32d62c208f59674354b493dc10091da675a64abdd6939d8672c7b896d7fe
GET /get-direct/5235785/7_d42OK7vRQwc0vq6Lb3Og/x300 HTTP/1.1
Host: avatars.mds.yandex.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://goo.su/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 28 Jan 2023 04:01:09 GMT
content-type: image/webp
content-length: 12620
access-control-allow-origin: *
access-control-allow-credentials: true
last-modified: Sat, 21 Jan 2023 22:15:18 GMT
cache-control: max-age=31536000,immutable
x-request-id: cf14494d177e1866
nel: {"report_to": "network-errors", "max_age": 600, "success_fraction": 0.001, "failure_fraction": 0.01}
report-to: {"group": "network-errors", "max_age": 600, "endpoints": [ { "url": "https://dr.yandex.net/s3_nel?datacenter=MYT"}]}
X-Firefox-Spdy: h2
avatars.mds.yandex.net/get-direct/5342602/z_vO92quekZhoQzTEmY7Ig/x300
87.250.247.182200 OK 18 kB URL HTTP/2 avatars.mds.yandex.net/get-direct/5342602/z_vO92quekZhoQzTEmY7Ig/x300
IP 87.250.247.182:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 300x200, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash cd32148e4d1fbb9c4e2848b54400504d
cfffd8215eb2baf0b4da9db7b1ee236bcd4fd32a
4a58a34a85404d2d3ef596ec8a651c7f6059683c097e4939bcfe80fbf40d5780
GET /get-direct/5342602/z_vO92quekZhoQzTEmY7Ig/x300 HTTP/1.1
Host: avatars.mds.yandex.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://goo.su/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 28 Jan 2023 04:01:09 GMT
content-type: image/webp
content-length: 17588
access-control-allow-origin: *
access-control-allow-credentials: true
last-modified: Sat, 21 Jan 2023 22:15:07 GMT
cache-control: max-age=31536000,immutable
x-request-id: 537d988d3922e1b0
nel: {"report_to": "network-errors", "max_age": 600, "success_fraction": 0.001, "failure_fraction": 0.01}
report-to: {"group": "network-errors", "max_age": 600, "endpoints": [ { "url": "https://dr.yandex.net/s3_nel?datacenter=MYT"}]}
X-Firefox-Spdy: h2
avatars.mds.yandex.net/get-direct/4284271/408EOB44S5HG48M6noVdHQ/x300
87.250.247.182200 OK 12 kB URL HTTP/2 avatars.mds.yandex.net/get-direct/4284271/408EOB44S5HG48M6noVdHQ/x300
IP 87.250.247.182:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 300x200, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 46158516f70283af448f0a51e48aa2d1
08a51d124cca291b1d7a406e006d79b2d4f676e4
7b5a35b21c7c67e9ed44717b533d7057314cdd69aac1188a079bc390c44ebf8c
GET /get-direct/4284271/408EOB44S5HG48M6noVdHQ/x300 HTTP/1.1
Host: avatars.mds.yandex.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://goo.su/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 28 Jan 2023 04:01:09 GMT
content-type: image/webp
content-length: 11806
access-control-allow-origin: *
access-control-allow-credentials: true
last-modified: Fri, 20 Jan 2023 12:41:37 GMT
cache-control: max-age=31536000,immutable
x-request-id: f9df4d542faa47fc
nel: {"report_to": "network-errors", "max_age": 600, "success_fraction": 0.001, "failure_fraction": 0.01}
report-to: {"group": "network-errors", "max_age": 600, "endpoints": [ { "url": "https://dr.yandex.net/s3_nel?datacenter=MYT"}]}
X-Firefox-Spdy: h2
avatars.mds.yandex.net/get-direct/5193092/68rBvMaOCCOLJZW0VuHa-A/x300
87.250.247.182200 OK 14 kB URL HTTP/2 avatars.mds.yandex.net/get-direct/5193092/68rBvMaOCCOLJZW0VuHa-A/x300
IP 87.250.247.182:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 300x200, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash e9706267df645b0b20654eb922adfef9
d5ac83976bdfeefc4f86f7c3488eff347f5251c8
29e066e8618fd140f8c813a5a5f96e9000d71d4ba2c4cc186d0d01c5d95ea761
GET /get-direct/5193092/68rBvMaOCCOLJZW0VuHa-A/x300 HTTP/1.1
Host: avatars.mds.yandex.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://goo.su/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 28 Jan 2023 04:01:09 GMT
content-type: image/webp
content-length: 13988
access-control-allow-origin: *
access-control-allow-credentials: true
last-modified: Fri, 20 Jan 2023 12:36:51 GMT
cache-control: max-age=31536000,immutable
x-request-id: 2a68e22ed3287265
nel: {"report_to": "network-errors", "max_age": 600, "success_fraction": 0.001, "failure_fraction": 0.01}
report-to: {"group": "network-errors", "max_age": 600, "endpoints": [ { "url": "https://dr.yandex.net/s3_nel?datacenter=MYT"}]}
X-Firefox-Spdy: h2
avatars.mds.yandex.net/get-direct/5236180/4b5_juyyTkGMegL6XDeO9Q/x300
87.250.247.182200 OK 13 kB URL HTTP/2 avatars.mds.yandex.net/get-direct/5236180/4b5_juyyTkGMegL6XDeO9Q/x300
IP 87.250.247.182:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 300x200, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 87a5f04415801a13e42b35eddb54a444
b28c8eb50d2995b8d9a4e7b9bc9a9e94f05cc356
71b5ca6094f4f08fad80519c62ad29c842331cd77cfc0d2d3a630e327539d94b
GET /get-direct/5236180/4b5_juyyTkGMegL6XDeO9Q/x300 HTTP/1.1
Host: avatars.mds.yandex.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://goo.su/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 28 Jan 2023 04:01:09 GMT
content-type: image/webp
content-length: 12598
access-control-allow-origin: *
access-control-allow-credentials: true
last-modified: Fri, 20 Jan 2023 12:36:50 GMT
cache-control: max-age=31536000,immutable
x-request-id: 60178c7bf18fce72
nel: {"report_to": "network-errors", "max_age": 600, "success_fraction": 0.001, "failure_fraction": 0.01}
report-to: {"group": "network-errors", "max_age": 600, "endpoints": [ { "url": "https://dr.yandex.net/s3_nel?datacenter=MYT"}]}
X-Firefox-Spdy: h2
avatars.mds.yandex.net/get-direct/5366486/GAjRyKzFI1HHXuYRw52Jow/x300
87.250.247.182200 OK 12 kB URL HTTP/2 avatars.mds.yandex.net/get-direct/5366486/GAjRyKzFI1HHXuYRw52Jow/x300
IP 87.250.247.182:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 300x189, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 13933c23d09617adebf99668533e3c00
84ba0157003cf7fd7f8ac97c74e119b7c1a59c0c
c29863591862e219dedab868d0f5d2c704d4ab963c00200ae37a5c6153a8c350
GET /get-direct/5366486/GAjRyKzFI1HHXuYRw52Jow/x300 HTTP/1.1
Host: avatars.mds.yandex.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://goo.su/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 28 Jan 2023 04:01:09 GMT
content-type: image/webp
content-length: 12334
access-control-allow-origin: *
access-control-allow-credentials: true
last-modified: Fri, 20 Jan 2023 12:36:49 GMT
cache-control: max-age=31536000,immutable
x-request-id: eac909a6bac1517d
nel: {"report_to": "network-errors", "max_age": 600, "success_fraction": 0.001, "failure_fraction": 0.01}
report-to: {"group": "network-errors", "max_age": 600, "endpoints": [ { "url": "https://dr.yandex.net/s3_nel?datacenter=MYT"}]}
X-Firefox-Spdy: h2
an.yandex.ru/event_confirmation
87.250.250.90200 OK 5.0 kB URL HTTP/2 an.yandex.ru/event_confirmation
IP 87.250.250.90:0
Hash 59722d53aee0bc752f4fbbc518f6abdb
120221834544b8b527acfb51319e7ad32d808606
485d6d1efb9969960367a06789fe3169570da78f86d33beb39d9b45f2a4a2ef1
POST /event_confirmation HTTP/1.1
Host: an.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Content-Length: 321
Origin: https://goo.su
Connection: keep-alive
Referer: https://goo.su/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
timing-allow-origin: *
date: Sat, 28 Jan 2023 04:01:09 GMT
access-control-allow-origin: https://goo.su
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Sat, 28 Jan 2023 04:01:09 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
last-modified: Sat, 28 Jan 2023 04:01:09 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-encoding: gzip
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
avatars.mds.yandex.net/get-direct/5218415/JMvlIeoT_iuDeRGpe01qQQ/y150
87.250.247.182200 OK 4.8 kB URL HTTP/2 avatars.mds.yandex.net/get-direct/5218415/JMvlIeoT_iuDeRGpe01qQQ/y150
IP 87.250.247.182:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 150x150, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash aa7b35900b5e214c1d33f66003753270
338999cb602e0f91084d03a322612fe6ae476770
eddc42e7482c4a850a0314cd15521a7921465d4dd83edd57109c4f1cb585da80
GET /get-direct/5218415/JMvlIeoT_iuDeRGpe01qQQ/y150 HTTP/1.1
Host: avatars.mds.yandex.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://goo.su/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 28 Jan 2023 04:01:09 GMT
content-type: image/webp
content-length: 4796
access-control-allow-origin: *
access-control-allow-credentials: true
last-modified: Tue, 24 Jan 2023 15:57:23 GMT
cache-control: max-age=31536000,immutable
x-request-id: a42beb63dd502f8f
nel: {"report_to": "network-errors", "max_age": 600, "success_fraction": 0.001, "failure_fraction": 0.01}
report-to: {"group": "network-errors", "max_age": 600, "endpoints": [ { "url": "https://dr.yandex.net/s3_nel?datacenter=MYT"}]}
X-Firefox-Spdy: h2
favicon.yandex.net/favicon/ridero.eu?size=120&stub=2
77.88.21.36200 Ok 1.2 kB URL HTTP/1.1 favicon.yandex.net/favicon/ridero.eu?size=120&stub=2
IP 77.88.21.36:0
File type PNG image data, 120 x 120, 8-bit/color RGBA, non-interlaced\012- data
Hash 5c3ed7f27c7de97d2a5b69043287d63b
c17026ca26200fab36e37ee2eae6e8318d122c4d
ff973a73cc160c479111b4e5c82195c85c73cc4ff6c747a5bc76638e04a3c9fb
GET /favicon/ridero.eu?size=120&stub=2 HTTP/1.1
Host: favicon.yandex.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://goo.su/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 Ok
Cache-Control: max-age=691200
Content-Type: image/png
Transfer-Encoding: chunked
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
access-control-allow-origin: *
favicon.yandex.net/favicon/beatmarket.one?size=120&stub=2
77.88.21.36200 Ok 2.4 kB URL HTTP/1.1 favicon.yandex.net/favicon/beatmarket.one?size=120&stub=2
IP 77.88.21.36:0
File type PNG image data, 120 x 120, 8-bit/color RGBA, non-interlaced\012- data
Hash f3b69ffeca9f2b5ba51c6287483e8b75
7ea29d1c412a3f6f9723a349fbe1aca35dd0f2ba
cbad21791c596505c088f1324ef6148c122ef7c0a1d59954191fdefce1874b9f
GET /favicon/beatmarket.one?size=120&stub=2 HTTP/1.1
Host: favicon.yandex.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://goo.su/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 Ok
Cache-Control: max-age=691200
Content-Type: image/png
Transfer-Encoding: chunked
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
access-control-allow-origin: *
favicon.yandex.net/favicon/russiaimportdata.com?size=120&stub=2
77.88.21.36200 Ok 4.8 kB URL HTTP/1.1 favicon.yandex.net/favicon/russiaimportdata.com?size=120&stub=2
IP 77.88.21.36:0
File type PNG image data, 120 x 120, 8-bit/color RGBA, non-interlaced\012- data
Hash a7814cc8d2402976287922c1e56acb20
87c5adb9635daab944a448ccc15c9ae005b2925f
344e31916a7b211cb6472aba36588e4d1f439108f58d3b9b7f93f441d231acc9
GET /favicon/russiaimportdata.com?size=120&stub=2 HTTP/1.1
Host: favicon.yandex.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://goo.su/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 Ok
Cache-Control: max-age=691200
Content-Type: image/png
Transfer-Encoding: chunked
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
access-control-allow-origin: *
mc.yandex.ru/watch/1677322?wmode=7&page-url=https%3A%2F%2Fgoo.su%2Fs0Tp%2F&nohit=1&charset=utf-8&cnt-class=1&browser-info=pv%3A1%3Avf%3A3kqlg6e9sjiwxr6f2njdv%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A960%3Acn%3A1%3Adp%3A0%3Als%3A356594914695%3Ahid%3A615338535%3Az%3A0%3Ai%3A20230128040110%3Aet%3A1674878471%3Ac%3A1%3Arn%3A67240016%3Au%3A1674878471318253587%3Aw%3A1140x836%3As%3A1280x1024x24%3Ask%3A1%3Aco%3A0%3Ans%3A1674878468065%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-5274424d88b08056c17f1a11bd3f2aff-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1674878471%3At%3ARedirecting...&t=gdpr(14)clc(0-0-0)aw(1)fip(1)ti(2)
93.158.134.119302 Found 503 B URL HTTP/2 mc.yandex.ru/watch/1677322?wmode=7&page-url=https%3A%2F%2Fgoo.su%2Fs0Tp%2F&nohit=1&charset=utf-8&cnt-class=1&browser-info=pv%3A1%3Avf%3A3kqlg6e9sjiwxr6f2njdv%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A960%3Acn%3A1%3Adp%3A0%3Als%3A356594914695%3Ahid%3A615338535%3Az%3A0%3Ai%3A20230128040110%3Aet%3A1674878471%3Ac%3A1%3Arn%3A67240016%3Au%3A1674878471318253587%3Aw%3A1140x836%3As%3A1280x1024x24%3Ask%3A1%3Aco%3A0%3Ans%3A1674878468065%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-5274424d88b08056c17f1a11bd3f2aff-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1674878471%3At%3ARedirecting...&t=gdpr(14)clc(0-0-0)aw(1)fip(1)ti(2)
IP 93.158.134.119:0
Hash f2a0c2c0f25bdd19baf87cbb3a87dcdb
bc78ca6206ee8cc1cc05ab7778df71c7e6d1182a
c57f26c0c2e439dc2f69181e1b2f6ae371bff9d299af739e0047eabc8bfb5a69
GET /watch/1677322?wmode=7&page-url=https%3A%2F%2Fgoo.su%2Fs0Tp%2F&nohit=1&charset=utf-8&cnt-class=1&browser-info=pv%3A1%3Avf%3A3kqlg6e9sjiwxr6f2njdv%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A960%3Acn%3A1%3Adp%3A0%3Als%3A356594914695%3Ahid%3A615338535%3Az%3A0%3Ai%3A20230128040110%3Aet%3A1674878471%3Ac%3A1%3Arn%3A67240016%3Au%3A1674878471318253587%3Aw%3A1140x836%3As%3A1280x1024x24%3Ask%3A1%3Aco%3A0%3Ans%3A1674878468065%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-5274424d88b08056c17f1a11bd3f2aff-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1674878471%3At%3ARedirecting...&t=gdpr(14)clc(0-0-0)aw(1)fip(1)ti(2) HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://goo.su
Connection: keep-alive
Referer: https://goo.su/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
location: /watch/1677322/1?wmode=7&page-url=https%3A%2F%2Fgoo.su%2Fs0Tp%2F&nohit=1&charset=utf-8&cnt-class=1&browser-info=pv%3A1%3Avf%3A3kqlg6e9sjiwxr6f2njdv%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A960%3Acn%3A1%3Adp%3A0%3Als%3A356594914695%3Ahid%3A615338535%3Az%3A0%3Ai%3A20230128040110%3Aet%3A1674878471%3Ac%3A1%3Arn%3A67240016%3Au%3A1674878471318253587%3Aw%3A1140x836%3As%3A1280x1024x24%3Ask%3A1%3Aco%3A0%3Ans%3A1674878468065%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-5274424d88b08056c17f1a11bd3f2aff-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1674878471%3At%3ARedirecting...&t=gdpr%2814%29clc%280-0-0%29aw%281%29fip%281%29ti%282%29
date: Sat, 28 Jan 2023 04:01:09 GMT
access-control-allow-origin: https://goo.su
set-cookie: yabs-sid=2043219161674878469; Path=/; SameSite=None; Secure
i=SvjdMTLXRpdymi5v9/kUrwncWZSSFA8iFSxIZV9H4CeE6KDwDt9QnWdBibTllyq4xCyIpErS+cjQ7SI/kGb+cpe9EmM=; Expires=Tue, 25-Jan-2033 04:01:08 GMT; Domain=.yandex.ru; Path=/; Secure; HttpOnly; SameSite=None
yandexuid=9077049691674878469; Expires=Sun, 28-Jan-2024 04:01:09 GMT; Domain=.yandex.ru; Path=/; SameSite=None; Secure
yuidss=9077049691674878469; Expires=Sun, 28-Jan-2024 04:01:09 GMT; Domain=.yandex.ru; Path=/; SameSite=None; Secure
ymex=1706414469.yc.1674878469#1706414469.yrts.1674878469#1706414469.yrtsi.1674878469; Expires=Sun, 28-Jan-2024 04:01:09 GMT; Domain=.yandex.ru; Path=/; SameSite=None; Secure
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Sat, 28-Jan-2023 04:01:09 GMT
last-modified: Sat, 28-Jan-2023 04:01:09 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash f2a0c2c0f25bdd19baf87cbb3a87dcdb
bc78ca6206ee8cc1cc05ab7778df71c7e6d1182a
c57f26c0c2e439dc2f69181e1b2f6ae371bff9d299af739e0047eabc8bfb5a69
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C57F26C0C2E439DC2F69181E1B2F6AE371BFF9D299AF739E0047EABC8BFB5A69"
Last-Modified: Fri, 27 Jan 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4533
Expires: Sat, 28 Jan 2023 05:16:42 GMT
Date: Sat, 28 Jan 2023 04:01:09 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F409361f2-a546-44d7-82d6-d496f6ee134d.jpeg
34.120.237.76200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F409361f2-a546-44d7-82d6-d496f6ee134d.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 4cb7be12333fa7ea3353901b4b3215af
4b758cc432874384f330568177eef5a328d7e69a
d6f86c0ddbabd5c4fd7cee72ce4da62ccddd9d29139c9ab033bb1ab8425bae22
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F409361f2-a546-44d7-82d6-d496f6ee134d.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11918
x-amzn-requestid: baf2eddf-03cc-4af7-b799-c2c68b90d7a3
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fUf4sFUYoAMFg6g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d1ad04-696c5dd015428f7429a5ccec;Sampled=0
x-amzn-remapped-date: Wed, 25 Jan 2023 22:28:20 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: TqFzcoLfgMkYqL6JxAWyG4MdeGS_TA7jJs6eKHqlqe-wU174CAzKsw==
via: 1.1 4dde8ec6d6c12741888c2d3a059d4a2e.cloudfront.net (CloudFront), 1.1 981753271eb5b6d11bc29d52f173a5da.cloudfront.net (CloudFront), 1.1 google
date: Fri, 27 Jan 2023 22:39:29 GMT
age: 19300
etag: "4b758cc432874384f330568177eef5a328d7e69a"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
mc.yandex.ru/metrika/watch.js
93.158.134.119200 OK 4.5 kB URL HTTP/2 mc.yandex.ru/metrika/watch.js
IP 93.158.134.119:0
Hash 4205d8106659e00fff1cbe9262918b8c
ab4f6528594a1725934727dc7d834c028a79c609
31f1a28602a194bd0856495d4d81d5c72cd7ff4e5bad6bdd1a31ec3041f4a2cc
GET /metrika/watch.js HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://goo.su
Connection: keep-alive
Referer: https://goo.su/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-length: 58140
date: Sat, 28 Jan 2023 04:01:09 GMT
access-control-allow-origin: *
etag: "63c93a4b-e31c"
expires: Sat, 28 Jan 2023 05:01:09 GMT
last-modified: Thu, 19 Jan 2023 15:40:43 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cache-control: max-age=3600
content-type: application/javascript
content-encoding: br
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb319f83c-740d-415f-b846-a8262bdecebc.jpeg
34.120.237.76200 OK 5.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb319f83c-740d-415f-b846-a8262bdecebc.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 50175d32bf658166ca26db1633fdb95b
69bb6d345d73cd24fd33ad009cc1d3315e7d94e7
d3d3b551cc8b557a1f92a4d819cbb7ab618ef3fac9568f57513fb4905817dad4
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb319f83c-740d-415f-b846-a8262bdecebc.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5092
x-amzn-requestid: 05cd1dc0-54b4-457a-83f6-5f774e65766f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fa-CwH_toAMFweQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d443ab-3a038caa6435720711028ac9;Sampled=0
x-amzn-remapped-date: Fri, 27 Jan 2023 21:35:39 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: l6UFb5XNFyRi0hzKaoGw6iYSZ_b388GByLdSaWkhoEUers4I6Ji9Jg==
via: 1.1 00f0a41f749793b9dd653153037c957e.cloudfront.net (CloudFront), 1.1 476c2ba6d9f6cd69dbcedbd65688cbc0.cloudfront.net (CloudFront), 1.1 google
date: Fri, 27 Jan 2023 21:48:58 GMT
age: 22331
etag: "69bb6d345d73cd24fd33ad009cc1d3315e7d94e7"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6f884785-3b60-4d1a-b7b9-f58e73d6d819.jpeg
34.120.237.76200 OK 13 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6f884785-3b60-4d1a-b7b9-f58e73d6d819.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash b4afa01d2ffe17f8378e4c0b5afd4608
f5c7e2137efa07a207427a6b6fe1df541f85ea25
84fc0c05d25d674b5594b54720017332b86d391f66c7136d76cfce3e884e8e12
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6f884785-3b60-4d1a-b7b9-f58e73d6d819.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 13375
x-amzn-requestid: 372fcbe8-85a1-4be2-a006-31fb9289c5e9
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fa-CxF6BoAMFyGg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d443ab-4b9860545c612cc416cbe599;Sampled=0
x-amzn-remapped-date: Fri, 27 Jan 2023 21:35:39 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: otEuPlfCL7DeVwGZiGJuMjxjVyGdMwxPWeCz5T_mpXboi-oRujKhBw==
via: 1.1 cd48ffda04934d18865e47e99ea080bc.cloudfront.net (CloudFront), 1.1 d6b180eb367f7de26d67a9f3901b96a6.cloudfront.net (CloudFront), 1.1 google
date: Fri, 27 Jan 2023 21:48:58 GMT
age: 22331
etag: "f5c7e2137efa07a207427a6b6fe1df541f85ea25"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0a2033b2-0708-4731-82a4-5bbc9f000ae2.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0a2033b2-0708-4731-82a4-5bbc9f000ae2.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash a2881cea3ae511d3dfd2f6b7cd598a4e
105d8d675aaafce5602e4015aee2d1659553d1b1
0993ef71c2af9e07ed09e0e2ba40a4d9fdd01444154c2f39f8fc48a4dfef1730
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0a2033b2-0708-4731-82a4-5bbc9f000ae2.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10863
x-amzn-requestid: db873091-be76-4276-aa3e-f9bd44051508
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fbAMbHCMoAMFsYg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d4471c-57f14d6a3ebcc8a1788bae80;Sampled=0
x-amzn-remapped-date: Fri, 27 Jan 2023 21:50:20 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: S8H9sSYtUyye2ex8ulTLy6SEyqTt3xUmjRkTWL0oCEDZIDA21dnudw==
via: 1.1 01c28b52813cd0e82f810c492808b142.cloudfront.net (CloudFront), 1.1 caf6806821bc479b28a6f1ce3043b8a6.cloudfront.net (CloudFront), 1.1 google
date: Fri, 27 Jan 2023 22:38:29 GMT
etag: "105d8d675aaafce5602e4015aee2d1659553d1b1"
content-type: image/jpeg
age: 19360
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
mc.yandex.ru/watch/1677322/1?wmode=7&page-url=https%3A%2F%2Fgoo.su%2Fs0Tp%2F&nohit=1&charset=utf-8&cnt-class=1&browser-info=pv%3A1%3Avf%3A3kqlg6e9sjiwxr6f2njdv%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A960%3Acn%3A1%3Adp%3A0%3Als%3A356594914695%3Ahid%3A615338535%3Az%3A0%3Ai%3A20230128040110%3Aet%3A1674878471%3Ac%3A1%3Arn%3A67240016%3Au%3A1674878471318253587%3Aw%3A1140x836%3As%3A1280x1024x24%3Ask%3A1%3Aco%3A0%3Ans%3A1674878468065%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-5274424d88b08056c17f1a11bd3f2aff-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1674878471%3At%3ARedirecting...&t=gdpr%2814%29clc%280-0-0%29aw%281%29fip%281%29ti%282%29
93.158.134.119200 OK 236 B URL HTTP/2 mc.yandex.ru/watch/1677322/1?wmode=7&page-url=https%3A%2F%2Fgoo.su%2Fs0Tp%2F&nohit=1&charset=utf-8&cnt-class=1&browser-info=pv%3A1%3Avf%3A3kqlg6e9sjiwxr6f2njdv%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A960%3Acn%3A1%3Adp%3A0%3Als%3A356594914695%3Ahid%3A615338535%3Az%3A0%3Ai%3A20230128040110%3Aet%3A1674878471%3Ac%3A1%3Arn%3A67240016%3Au%3A1674878471318253587%3Aw%3A1140x836%3As%3A1280x1024x24%3Ask%3A1%3Aco%3A0%3Ans%3A1674878468065%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-5274424d88b08056c17f1a11bd3f2aff-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1674878471%3At%3ARedirecting...&t=gdpr%2814%29clc%280-0-0%29aw%281%29fip%281%29ti%282%29
IP 93.158.134.119:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 7398b995831159e3dea6c2e70fcc93c6
c21ae3cb58b0b2b4046fec5ec9813e3dc91de3fb
76f20dfa94046f36da555ce593e3a94348d677f05f01c4fa1a751ff53f94310d
GET /watch/1677322/1?wmode=7&page-url=https%3A%2F%2Fgoo.su%2Fs0Tp%2F&nohit=1&charset=utf-8&cnt-class=1&browser-info=pv%3A1%3Avf%3A3kqlg6e9sjiwxr6f2njdv%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A960%3Acn%3A1%3Adp%3A0%3Als%3A356594914695%3Ahid%3A615338535%3Az%3A0%3Ai%3A20230128040110%3Aet%3A1674878471%3Ac%3A1%3Arn%3A67240016%3Au%3A1674878471318253587%3Aw%3A1140x836%3As%3A1280x1024x24%3Ask%3A1%3Aco%3A0%3Ans%3A1674878468065%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-5274424d88b08056c17f1a11bd3f2aff-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1674878471%3At%3ARedirecting...&t=gdpr%2814%29clc%280-0-0%29aw%281%29fip%281%29ti%282%29 HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://goo.su
Referer: https://goo.su/
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 236
date: Sat, 28 Jan 2023 04:01:09 GMT
x-content-type-options: nosniff
access-control-allow-origin: https://goo.su
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Sat, 28-Jan-2023 04:01:09 GMT
last-modified: Sat, 28-Jan-2023 04:01:09 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: application/json; charset=utf-8
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe0413594-1aeb-47e8-8448-af5800cfa30e.jpeg
34.120.237.76200 OK 7.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe0413594-1aeb-47e8-8448-af5800cfa30e.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash d1a1e953f3f857726f15465313d082e5
1962e632f29d87d4f5455a29aa096eea057e15c0
a5b193f6de91c69c9e554f75dfa4a00f9cb8c47a26fdca61ed03ffe1dce7cc87
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe0413594-1aeb-47e8-8448-af5800cfa30e.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7637
x-amzn-requestid: f22c88bd-1eb9-47fa-aab1-95108b540f35
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fa-D3HN1oAMFQDA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d443b2-05068ae37469a90c2355b4ec;Sampled=0
x-amzn-remapped-date: Fri, 27 Jan 2023 21:35:46 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: paaIUvGWj9JphbOO5JqRKICMLrhAD2bA5oPqqQweFpLQnnZDdTAQbA==
via: 1.1 8dbfaf7df256a75768461d934659b6b2.cloudfront.net (CloudFront), 1.1 32c16f33c8f5601364fa8229b0d74dc2.cloudfront.net (CloudFront), 1.1 google
date: Fri, 27 Jan 2023 21:49:05 GMT
age: 22324
etag: "1962e632f29d87d4f5455a29aa096eea057e15c0"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
mc.yandex.ru/watch/1677322/1?page-url=https%3A%2F%2Fgoo.su%2Fs0Tp%2F&charset=utf-8&cnt-class=1&hittoken=1674878469_2b77aa5c0de4b65093bb13fbf0e7a69ef464085ff1827a625971e0cee2389316&browser-info=pa%3A1%3Aar%3A1%3Avf%3A3kqlg6e9sjiwxr6f2njdv%3Afp%3A932%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A960%3Acn%3A1%3Adp%3A0%3Als%3A356594914695%3Ahid%3A615338535%3Az%3A0%3Ai%3A20230128040110%3Aet%3A1674878471%3Ac%3A1%3Arn%3A71059013%3Arqn%3A1%3Au%3A1674878471318253587%3Aw%3A1140x836%3As%3A1280x1024x24%3Ask%3A1%3Ads%3A4%2C22%2C286%2C1%2C277%2C0%2C%2C311%2C4%2C1848%2C1848%2C3%2C942%3Aco%3A0%3Ans%3A1674878468065%3Ast%3A1674878471&t=gdpr(14)mc(p-1-h-1)clc(0-0-0)rqnt(1)aw(1)ti(2)
93.158.134.119200 OK 43 B URL HTTP/2 mc.yandex.ru/watch/1677322/1?page-url=https%3A%2F%2Fgoo.su%2Fs0Tp%2F&charset=utf-8&cnt-class=1&hittoken=1674878469_2b77aa5c0de4b65093bb13fbf0e7a69ef464085ff1827a625971e0cee2389316&browser-info=pa%3A1%3Aar%3A1%3Avf%3A3kqlg6e9sjiwxr6f2njdv%3Afp%3A932%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A960%3Acn%3A1%3Adp%3A0%3Als%3A356594914695%3Ahid%3A615338535%3Az%3A0%3Ai%3A20230128040110%3Aet%3A1674878471%3Ac%3A1%3Arn%3A71059013%3Arqn%3A1%3Au%3A1674878471318253587%3Aw%3A1140x836%3As%3A1280x1024x24%3Ask%3A1%3Ads%3A4%2C22%2C286%2C1%2C277%2C0%2C%2C311%2C4%2C1848%2C1848%2C3%2C942%3Aco%3A0%3Ans%3A1674878468065%3Ast%3A1674878471&t=gdpr(14)mc(p-1-h-1)clc(0-0-0)rqnt(1)aw(1)ti(2)
IP 93.158.134.119:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash df3e567d6f16d040326c7a0ea29a4f41
ea7df583983133b62712b5e73bffbcd45cc53736
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
POST /watch/1677322/1?page-url=https%3A%2F%2Fgoo.su%2Fs0Tp%2F&charset=utf-8&cnt-class=1&hittoken=1674878469_2b77aa5c0de4b65093bb13fbf0e7a69ef464085ff1827a625971e0cee2389316&browser-info=pa%3A1%3Aar%3A1%3Avf%3A3kqlg6e9sjiwxr6f2njdv%3Afp%3A932%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A960%3Acn%3A1%3Adp%3A0%3Als%3A356594914695%3Ahid%3A615338535%3Az%3A0%3Ai%3A20230128040110%3Aet%3A1674878471%3Ac%3A1%3Arn%3A71059013%3Arqn%3A1%3Au%3A1674878471318253587%3Aw%3A1140x836%3As%3A1280x1024x24%3Ask%3A1%3Ads%3A4%2C22%2C286%2C1%2C277%2C0%2C%2C311%2C4%2C1848%2C1848%2C3%2C942%3Aco%3A0%3Ans%3A1674878468065%3Ast%3A1674878471&t=gdpr(14)mc(p-1-h-1)clc(0-0-0)rqnt(1)aw(1)ti(2) HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 80
Origin: https://goo.su
Connection: keep-alive
Referer: https://goo.su/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 43
date: Sat, 28 Jan 2023 04:01:09 GMT
access-control-allow-origin: https://goo.su
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Sat, 28-Jan-2023 04:01:09 GMT
last-modified: Sat, 28-Jan-2023 04:01:09 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: image/gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
an.yandex.ru/count/WN0ejI_zOEC0DGi0n19vR0mtwKW96mK0um4GW8200J45djHZ000003YKuCm1Y083kGAGwoJEH6fdhl02evgZpT1sy0K1e0Rk0Sa61OwoU6-i9t-f1z_Th7wbD942-0S1q0Y2W8200WQg2n18k93Stzq006Y-CWXByu60W8281AWFtxkpXDcKpSW2a13Mz-_PsiExZS41j8sClZxW507m5S6AzkoZZxpyOw0MaANEdWR95l0_s1Q15wWN3T0O8VWOYFRWgDcDnv9wW1c96GgOk1d___y1m1c4f8kNgUFIY5xI6H9vOM9pNtDbSdPbSYzoDpSvBJ7e6P41y1d41fWQrCDJi1j8k1i3WXmDDaD2EdXoTLPmGM9cD-aSW1t_Vu0W0eWW3D0X____0TKY__z__u4Z00000000y3yH0383QPWn4JmvxpkQtuxS22NaaARZdGCJGtlM71LyL1OIfD9tUFGBmDevmKbKaru_QXGdY1B1e000~1=WMiejI_zO9S03Gi0j1EhbWo7bm66qkYr-f3-n981W041Y07Dbzwydm6G0PJzciNZW8200fW1bFsQnMEu0Q3L_uacs07UZCgj0U01uhJlh07e0Qm4-07CoDw-0PW2g8U-0w02hgtl0R03zGQ81SdD1905pxS7i0NuyG6u1VZn0S05kfW5o0Ntg07G1UDWg0Rk0Qa7tzsiVgKqaGAu1xG6u0U6meA01k08rzPtw0a7W0e1-0g0jHZe39C2c0s1j3F0i9A2W1I0e804q1Ia_AT-w1IC0g0MaANEdWR95l0_q1ONjRxVCBWN0S0NjTO1e1dk0RWP_m7u6UhSbHo16l__5v2KN_y6g1u1i1y1o1-lXkLMgI2x-_9mYextFxWWtjqfrIB__t__WIC0y3-98vgPsJ-G8xUDy8-ns_NswW6O8xwnfPVxv-hoXm4B021AWGlXX27D8D4IOpGC1riabv18btGvPEYWGfNIxWI31Hm0~1?stat-id=3&test-tag=521718267435537&banner-sizes=eyI3MjA1NzYwNzM5ODA1NTc1NCI6IjExNDB4MjAwIn0%3D&format-type=118&actual-format=8&pcodever=712629&banner-test-tags=eyI3MjA1NzYwNzM5ODA1NTc1NCI6IjE4ODQ2NSJ9&order-banners-options=eyI3MjA1NzYwNzM5ODA1NTc1NCI6MjYyMTQ0fQ&pcode-active-testids=710480%2C0%2C57&width=1140&height=200&confirmTime=-1&confirmRatio=1000000&wmode=0
87.250.250.90302 Found 113 B URL HTTP/2 an.yandex.ru/count/WN0ejI_zOEC0DGi0n19vR0mtwKW96mK0um4GW8200J45djHZ000003YKuCm1Y083kGAGwoJEH6fdhl02evgZpT1sy0K1e0Rk0Sa61OwoU6-i9t-f1z_Th7wbD942-0S1q0Y2W8200WQg2n18k93Stzq006Y-CWXByu60W8281AWFtxkpXDcKpSW2a13Mz-_PsiExZS41j8sClZxW507m5S6AzkoZZxpyOw0MaANEdWR95l0_s1Q15wWN3T0O8VWOYFRWgDcDnv9wW1c96GgOk1d___y1m1c4f8kNgUFIY5xI6H9vOM9pNtDbSdPbSYzoDpSvBJ7e6P41y1d41fWQrCDJi1j8k1i3WXmDDaD2EdXoTLPmGM9cD-aSW1t_Vu0W0eWW3D0X____0TKY__z__u4Z00000000y3yH0383QPWn4JmvxpkQtuxS22NaaARZdGCJGtlM71LyL1OIfD9tUFGBmDevmKbKaru_QXGdY1B1e000~1=WMiejI_zO9S03Gi0j1EhbWo7bm66qkYr-f3-n981W041Y07Dbzwydm6G0PJzciNZW8200fW1bFsQnMEu0Q3L_uacs07UZCgj0U01uhJlh07e0Qm4-07CoDw-0PW2g8U-0w02hgtl0R03zGQ81SdD1905pxS7i0NuyG6u1VZn0S05kfW5o0Ntg07G1UDWg0Rk0Qa7tzsiVgKqaGAu1xG6u0U6meA01k08rzPtw0a7W0e1-0g0jHZe39C2c0s1j3F0i9A2W1I0e804q1Ia_AT-w1IC0g0MaANEdWR95l0_q1ONjRxVCBWN0S0NjTO1e1dk0RWP_m7u6UhSbHo16l__5v2KN_y6g1u1i1y1o1-lXkLMgI2x-_9mYextFxWWtjqfrIB__t__WIC0y3-98vgPsJ-G8xUDy8-ns_NswW6O8xwnfPVxv-hoXm4B021AWGlXX27D8D4IOpGC1riabv18btGvPEYWGfNIxWI31Hm0~1?stat-id=3&test-tag=521718267435537&banner-sizes=eyI3MjA1NzYwNzM5ODA1NTc1NCI6IjExNDB4MjAwIn0%3D&format-type=118&actual-format=8&pcodever=712629&banner-test-tags=eyI3MjA1NzYwNzM5ODA1NTc1NCI6IjE4ODQ2NSJ9&order-banners-options=eyI3MjA1NzYwNzM5ODA1NTc1NCI6MjYyMTQ0fQ&pcode-active-testids=710480%2C0%2C57&width=1140&height=200&confirmTime=-1&confirmRatio=1000000&wmode=0
IP 87.250.250.90:0
Hash 4617faa6210bdad67e0558f65dc71b5f
ab63013929c7b444420f9196891cc7c461934fbe
9e889aaedf626bc19eeffd2b52f2aac13b921864cb63d51bf552f9d34bcf18ac
GET /count/WN0ejI_zOEC0DGi0n19vR0mtwKW96mK0um4GW8200J45djHZ000003YKuCm1Y083kGAGwoJEH6fdhl02evgZpT1sy0K1e0Rk0Sa61OwoU6-i9t-f1z_Th7wbD942-0S1q0Y2W8200WQg2n18k93Stzq006Y-CWXByu60W8281AWFtxkpXDcKpSW2a13Mz-_PsiExZS41j8sClZxW507m5S6AzkoZZxpyOw0MaANEdWR95l0_s1Q15wWN3T0O8VWOYFRWgDcDnv9wW1c96GgOk1d___y1m1c4f8kNgUFIY5xI6H9vOM9pNtDbSdPbSYzoDpSvBJ7e6P41y1d41fWQrCDJi1j8k1i3WXmDDaD2EdXoTLPmGM9cD-aSW1t_Vu0W0eWW3D0X____0TKY__z__u4Z00000000y3yH0383QPWn4JmvxpkQtuxS22NaaARZdGCJGtlM71LyL1OIfD9tUFGBmDevmKbKaru_QXGdY1B1e000~1=WMiejI_zO9S03Gi0j1EhbWo7bm66qkYr-f3-n981W041Y07Dbzwydm6G0PJzciNZW8200fW1bFsQnMEu0Q3L_uacs07UZCgj0U01uhJlh07e0Qm4-07CoDw-0PW2g8U-0w02hgtl0R03zGQ81SdD1905pxS7i0NuyG6u1VZn0S05kfW5o0Ntg07G1UDWg0Rk0Qa7tzsiVgKqaGAu1xG6u0U6meA01k08rzPtw0a7W0e1-0g0jHZe39C2c0s1j3F0i9A2W1I0e804q1Ia_AT-w1IC0g0MaANEdWR95l0_q1ONjRxVCBWN0S0NjTO1e1dk0RWP_m7u6UhSbHo16l__5v2KN_y6g1u1i1y1o1-lXkLMgI2x-_9mYextFxWWtjqfrIB__t__WIC0y3-98vgPsJ-G8xUDy8-ns_NswW6O8xwnfPVxv-hoXm4B021AWGlXX27D8D4IOpGC1riabv18btGvPEYWGfNIxWI31Hm0~1?stat-id=3&test-tag=521718267435537&banner-sizes=eyI3MjA1NzYwNzM5ODA1NTc1NCI6IjExNDB4MjAwIn0%3D&format-type=118&actual-format=8&pcodever=712629&banner-test-tags=eyI3MjA1NzYwNzM5ODA1NTc1NCI6IjE4ODQ2NSJ9&order-banners-options=eyI3MjA1NzYwNzM5ODA1NTc1NCI6MjYyMTQ0fQ&pcode-active-testids=710480%2C0%2C57&width=1140&height=200&confirmTime=-1&confirmRatio=1000000&wmode=0 HTTP/1.1
Host: an.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Origin: https://goo.su
Connection: keep-alive
Referer: https://goo.su/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
timing-allow-origin: *
location: https://an.yandex.ru/count/WNGejI_zOEC0LGi0n19vR0mtrd8ZjWK0um4GmO200J45djHZ000003YKuCm1Y083kGAGwoJEH6fdhl02evgZpT1sy0K1e0Rk0Sa61OwoU6-i9t-f1z_Th7wbD942-0S1q0Y2W8200WQg2n18k93Stzq006Y-CWXByu60W8281AWFtxkpXDcKpSW2a13Mz-_PsiExZS41j8sClZxW507m5S6AzkoZZxpyOw0MaANEdWR95l0_s1Q15wWN3T0O8VWOYFRWgDcDnv9wW1c96GgOk1d___y1m1c4f8kNgUFIY5xI6H9vOM9pNtDbSdPbSYzoDpSvBJ7e6P41y1d41fWQrCDJi1j8k1i3WXmDDaD2EdXoTLPmGM9cD-aSW1t_Vu0W0eWW3D0X____0TKY__z__u4Z00000000y3yI0383QPWn4JmvxpkQtuxS22NaaARZdGCJGy-Q3s1UCvw2Zyf2WbJw3ez-0LWx9pY9QjBhHutY154Y61G0~1=WMuejI_zO9m09Gi0z1EgcnHXd04GW8200ORIwBNwaFx4aW600G680SsNthoV0P01bFsQnUE0W802c06K_Ph5OxW1eDN_YIRO0TwCogq1u07YjE-i0UW1h0Ju0Sp8thu1c0AeXxu3e0AkhUy1i0Fr1eW5oSq4a0NFjmUm1VZn0RW5-F41m0Mwc0N81VUe0T05us2e1ku1gGVVtQn-fJIH0hW7j0RW1uR2We06u0ZNrdVe2GU02W7u2e2r6EWCamAO3O6qCy2mae81W1I0e804q1Ia_AT-w1IC0g0MaANEdWR95j0M5xM-tp2u5m705xNM0Q0PxW6u6Vy1-1dgt9KSWHh__nUGb5__1gWU0R0V0SWVhuRbLgaWk_loS8gEzp-u8DxTATKY__z__u4Z0F0_YIEQcTa_a2EtZV2FiTlrzke1c2E-iQMN--VgyeS12m0WIe4BuOGXpS19HUR3SB0mfgTBfT8bag63gbLAksCC5dC0~1?stat-id=3&test-tag=521718267435537&banner-sizes=eyI3MjA1NzYwNzM5ODA1NTc1NCI6IjExNDB4MjAwIn0%3D&format-type=118&actual-format=8&pcodever=712629&banner-test-tags=eyI3MjA1NzYwNzM5ODA1NTc1NCI6IjE4ODQ2NSJ9&order-banners-options=eyI3MjA1NzYwNzM5ODA1NTc1NCI6MjYyMTQ0fQ&pcode-active-testids=710480%2C0%2C57&width=1140&height=200&confirmTime=-1&confirmRatio=1000000&wmode=0
date: Sat, 28 Jan 2023 04:01:09 GMT
access-control-allow-origin: https://goo.su
set-cookie: yandexuid=3488086601674878469; domain=.yandex.ru; path=/; expires=Tue, 25-Jan-2033 04:01:09 GMT
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
expires: Sat, 28 Jan 2023 04:01:09 GMT
last-modified: Sat, 28 Jan 2023 04:01:09 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-encoding: gzip
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
an.yandex.ru/rtbcount/1TgsS3gM0Uy100000000U9nJPDsqUDlMAosfXlVlNeZRRZAHoP9rtfLa1Y3mX8c46ZrW58xbcY79aCe85C-yVzSZ22HUoWBarPO3YLP64Da9aWK29eQPZ2OG9iD2HZaeQoKZDvIrbp7t5mF3KJ3_B2CpaBpA2D9wbv51Xe7XB-Ci9WQ6kKmWaRLCKI0rJF-1u1MJWDUotTdtxp8mj1YRStX_PcNuomHoGIipAv3iPLO4abEPGThcChE1B6HcOb00sSUoaRdpw56XAfaxaIUPMUESrFYE2MLT1Qky2oP_CZiuyKESotBnrHamQmMBoGQM_p30k0E9VG29VPC5ugSFzWzPl7HCT7Q9tR1_omBosG9MtfEivjUvmD8NM1iMDB3SP6Mvz6YIbBTWt5TMaEuEjWQM6MnN3WSlOElUitb3wzyp-yjMii6CES3cSOAD-H4RhvcparLUeKL4WMDIclbBDfY5F-6iYUmnvexRCsJUsSzYPpCtD38pijp0phI3dUS4k_W3zlPRJJidVTgmcFi7Emy0-XYUim00
87.250.250.90200 OK 50 B URL HTTP/2 an.yandex.ru/rtbcount/1TgsS3gM0Uy100000000U9nJPDsqUDlMAosfXlVlNeZRRZAHoP9rtfLa1Y3mX8c46ZrW58xbcY79aCe85C-yVzSZ22HUoWBarPO3YLP64Da9aWK29eQPZ2OG9iD2HZaeQoKZDvIrbp7t5mF3KJ3_B2CpaBpA2D9wbv51Xe7XB-Ci9WQ6kKmWaRLCKI0rJF-1u1MJWDUotTdtxp8mj1YRStX_PcNuomHoGIipAv3iPLO4abEPGThcChE1B6HcOb00sSUoaRdpw56XAfaxaIUPMUESrFYE2MLT1Qky2oP_CZiuyKESotBnrHamQmMBoGQM_p30k0E9VG29VPC5ugSFzWzPl7HCT7Q9tR1_omBosG9MtfEivjUvmD8NM1iMDB3SP6Mvz6YIbBTWt5TMaEuEjWQM6MnN3WSlOElUitb3wzyp-yjMii6CES3cSOAD-H4RhvcparLUeKL4WMDIclbBDfY5F-6iYUmnvexRCsJUsSzYPpCtD38pijp0phI3dUS4k_W3zlPRJJidVTgmcFi7Emy0-XYUim00
IP 87.250.250.90:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash bef53a5c76b7ad469692178eeaeb08d8
aaae1c11fa0b5a086770957c8857d3937ed653e9
be24bb564cc16e1fe9113f63db905a1b7a3a653c6642f0c27d5e823729a99ee3
GET /rtbcount/1TgsS3gM0Uy100000000U9nJPDsqUDlMAosfXlVlNeZRRZAHoP9rtfLa1Y3mX8c46ZrW58xbcY79aCe85C-yVzSZ22HUoWBarPO3YLP64Da9aWK29eQPZ2OG9iD2HZaeQoKZDvIrbp7t5mF3KJ3_B2CpaBpA2D9wbv51Xe7XB-Ci9WQ6kKmWaRLCKI0rJF-1u1MJWDUotTdtxp8mj1YRStX_PcNuomHoGIipAv3iPLO4abEPGThcChE1B6HcOb00sSUoaRdpw56XAfaxaIUPMUESrFYE2MLT1Qky2oP_CZiuyKESotBnrHamQmMBoGQM_p30k0E9VG29VPC5ugSFzWzPl7HCT7Q9tR1_omBosG9MtfEivjUvmD8NM1iMDB3SP6Mvz6YIbBTWt5TMaEuEjWQM6MnN3WSlOElUitb3wzyp-yjMii6CES3cSOAD-H4RhvcparLUeKL4WMDIclbBDfY5F-6iYUmnvexRCsJUsSzYPpCtD38pijp0phI3dUS4k_W3zlPRJJidVTgmcFi7Emy0-XYUim00 HTTP/1.1
Host: an.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Origin: https://goo.su
Connection: keep-alive
Referer: https://goo.su/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
timing-allow-origin: *
date: Sat, 28 Jan 2023 04:01:09 GMT
access-control-allow-origin: https://goo.su
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Sat, 28 Jan 2023 04:01:09 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
last-modified: Sat, 28 Jan 2023 04:01:09 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: image/gif
content-encoding: gzip
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
mc.yandex.ru/metrika/watch.js
93.158.134.119200 OK 58 kB URL HTTP/2 mc.yandex.ru/metrika/watch.js
IP 93.158.134.119:0
File type Unicode text, UTF-8 (with BOM) text, with very long lines (554)
Hash 315a601116a9b3b0fbc85feb58375ba4
5d283ed923d0b3beb8a2ec4e80c2958d1d132fbf
251ba0fc04953e3615e7c19a9a10c5d6a4f25cc03bef190f8a5e7c6cd72a991a
GET /metrika/watch.js HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://yastatic.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 58140
date: Sat, 28 Jan 2023 04:01:11 GMT
access-control-allow-origin: *
etag: "63c93a4b-e31c"
expires: Sat, 28 Jan 2023 05:01:11 GMT
last-modified: Thu, 19 Jan 2023 15:40:43 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cache-control: max-age=3600
content-type: application/javascript
content-encoding: br
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 471 B IP 216.58.211.3:0
Hash a6a37ab4140c561a21149fe23c5039ba
b92bf9ee84da841b64091e2e6d094477e9c506d7
20e865aaea3b329562a4017c7a4123694c902cdb10a044fd0ef2831c20f6b3c5
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 28 Jan 2023 04:01:13 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 471 B IP 216.58.211.3:0
Hash a6a37ab4140c561a21149fe23c5039ba
b92bf9ee84da841b64091e2e6d094477e9c506d7
20e865aaea3b329562a4017c7a4123694c902cdb10a044fd0ef2831c20f6b3c5
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 28 Jan 2023 04:01:13 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
mc.yandex.ru/metrika/advert.gif
93.158.134.119200 OK 43 B URL HTTP/2 mc.yandex.ru/metrika/advert.gif
IP 93.158.134.119:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash df3e567d6f16d040326c7a0ea29a4f41
ea7df583983133b62712b5e73bffbcd45cc53736
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
GET /metrika/advert.gif HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://yastatic.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 43
date: Sat, 28 Jan 2023 04:01:13 GMT
access-control-allow-origin: *
etag: "63c93a4b-2b"
expires: Sat, 28 Jan 2023 05:01:13 GMT
accept-ranges: bytes
last-modified: Thu, 19 Jan 2023 15:40:43 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cache-control: max-age=3600
content-type: image/gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
www.googleadservices.com/pagead/conversion_async.js
142.250.74.66200 OK 15 kB URL HTTP/2 www.googleadservices.com/pagead/conversion_async.js
IP 142.250.74.66:0
File type ASCII text, with very long lines (1654)
Hash 22eaa6491556c40c984bed61ff9892b5
253ec7921f896fab2d49656208b10d2a227c82de
f690af44bc7bb9724442c2f52648ce1c8365cc6010cc0af574f5e0dcddf7ee7f
GET /pagead/conversion_async.js HTTP/1.1
Host: www.googleadservices.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://yastatic.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Sat, 28 Jan 2023 04:01:13 GMT
expires: Sat, 28 Jan 2023 04:01:13 GMT
cache-control: private, max-age=3600
content-type: text/javascript; charset=UTF-8
etag: 8608601048380966470
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 15164
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
mc.yandex.ru/watch/3/1?wmode=7&page-url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.83%2F1-1-0%2Frender.html&page-ref=https%3A%2F%2Fgoo.su%2F&charset=utf-8&browser-info=pv%3A1%3Avf%3A3kqlg6e9sjiwxr6f2njdv%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A960%3Acn%3A1%3Adp%3A0%3Als%3A1646100434517%3Ahid%3A42188041%3Az%3A0%3Ai%3A20230128040114%3Aet%3A1674878474%3Arn%3A148260180%3Arqn%3A1%3Au%3A1674878474374320643%3Aw%3A1x1%3As%3A1280x1024x24%3Ask%3A1%3Aifr%3A1%3Ads%3A0%2C0%2C14%2C1%2C1%2C0%2C%2C57%2C0%2C508%2C508%2C1%2C77%3Aco%3A0%3Ans%3A1674878470165%3Ast%3A1674878474&t=clc%280-0-0%29rqnt%281%29aw%281%29ti%282%29
93.158.134.119200 OK 236 B URL HTTP/2 mc.yandex.ru/watch/3/1?wmode=7&page-url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.83%2F1-1-0%2Frender.html&page-ref=https%3A%2F%2Fgoo.su%2F&charset=utf-8&browser-info=pv%3A1%3Avf%3A3kqlg6e9sjiwxr6f2njdv%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A960%3Acn%3A1%3Adp%3A0%3Als%3A1646100434517%3Ahid%3A42188041%3Az%3A0%3Ai%3A20230128040114%3Aet%3A1674878474%3Arn%3A148260180%3Arqn%3A1%3Au%3A1674878474374320643%3Aw%3A1x1%3As%3A1280x1024x24%3Ask%3A1%3Aifr%3A1%3Ads%3A0%2C0%2C14%2C1%2C1%2C0%2C%2C57%2C0%2C508%2C508%2C1%2C77%3Aco%3A0%3Ans%3A1674878470165%3Ast%3A1674878474&t=clc%280-0-0%29rqnt%281%29aw%281%29ti%282%29
IP 93.158.134.119:0
File type JSON data\012- , ASCII text, with no line terminators
Hash bc3ac0bd9de7897c6f32b3c3bf7f3391
eeeda6c8de22b06dd299f4ce9713fceba6fc683b
ce0d97fc5bbe405bbe54be364895332b129bb134be5f4a08fcfb5e355e23f6be
GET /watch/3/1?wmode=7&page-url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.83%2F1-1-0%2Frender.html&page-ref=https%3A%2F%2Fgoo.su%2F&charset=utf-8&browser-info=pv%3A1%3Avf%3A3kqlg6e9sjiwxr6f2njdv%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A960%3Acn%3A1%3Adp%3A0%3Als%3A1646100434517%3Ahid%3A42188041%3Az%3A0%3Ai%3A20230128040114%3Aet%3A1674878474%3Arn%3A148260180%3Arqn%3A1%3Au%3A1674878474374320643%3Aw%3A1x1%3As%3A1280x1024x24%3Ask%3A1%3Aifr%3A1%3Ads%3A0%2C0%2C14%2C1%2C1%2C0%2C%2C57%2C0%2C508%2C508%2C1%2C77%3Aco%3A0%3Ans%3A1674878470165%3Ast%3A1674878474&t=clc%280-0-0%29rqnt%281%29aw%281%29ti%282%29 HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://yastatic.net
Referer: https://yastatic.net/
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 236
date: Sat, 28 Jan 2023 04:01:13 GMT
x-content-type-options: nosniff
access-control-allow-origin: https://yastatic.net
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Sat, 28-Jan-2023 04:01:13 GMT
last-modified: Sat, 28-Jan-2023 04:01:13 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: application/json; charset=utf-8
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
mc.yandex.ru/watch/3?wmode=7&page-url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.83%2F1-1-0%2Frender.html&page-ref=https%3A%2F%2Fgoo.su%2F&charset=utf-8&browser-info=pv%3A1%3Avf%3A3kqlg6e9sjiwxr6f2njdv%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A960%3Acn%3A1%3Adp%3A0%3Als%3A1646100434517%3Ahid%3A42188041%3Az%3A0%3Ai%3A20230128040114%3Aet%3A1674878474%3Arn%3A148260180%3Arqn%3A1%3Au%3A1674878474374320643%3Aw%3A1x1%3As%3A1280x1024x24%3Ask%3A1%3Aifr%3A1%3Ads%3A0%2C0%2C14%2C1%2C1%2C0%2C%2C57%2C0%2C508%2C508%2C1%2C77%3Aco%3A0%3Ans%3A1674878470165%3Ast%3A1674878474&t=clc(0-0-0)rqnt(1)aw(1)ti(2)
93.158.134.119302 Found 930 B URL HTTP/2 mc.yandex.ru/watch/3?wmode=7&page-url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.83%2F1-1-0%2Frender.html&page-ref=https%3A%2F%2Fgoo.su%2F&charset=utf-8&browser-info=pv%3A1%3Avf%3A3kqlg6e9sjiwxr6f2njdv%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A960%3Acn%3A1%3Adp%3A0%3Als%3A1646100434517%3Ahid%3A42188041%3Az%3A0%3Ai%3A20230128040114%3Aet%3A1674878474%3Arn%3A148260180%3Arqn%3A1%3Au%3A1674878474374320643%3Aw%3A1x1%3As%3A1280x1024x24%3Ask%3A1%3Aifr%3A1%3Ads%3A0%2C0%2C14%2C1%2C1%2C0%2C%2C57%2C0%2C508%2C508%2C1%2C77%3Aco%3A0%3Ans%3A1674878470165%3Ast%3A1674878474&t=clc(0-0-0)rqnt(1)aw(1)ti(2)
IP 93.158.134.119:0
Hash 07dcde590b15babb14a0fcd9f35c8184
647b4d6fa1ed64ff8a9a53e671986ffb1e133cbb
1370d9a99d6e7b93755e77fea56a8b857d7562eb191f32b88698ffb939607c1a
GET /watch/3?wmode=7&page-url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.83%2F1-1-0%2Frender.html&page-ref=https%3A%2F%2Fgoo.su%2F&charset=utf-8&browser-info=pv%3A1%3Avf%3A3kqlg6e9sjiwxr6f2njdv%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A960%3Acn%3A1%3Adp%3A0%3Als%3A1646100434517%3Ahid%3A42188041%3Az%3A0%3Ai%3A20230128040114%3Aet%3A1674878474%3Arn%3A148260180%3Arqn%3A1%3Au%3A1674878474374320643%3Aw%3A1x1%3As%3A1280x1024x24%3Ask%3A1%3Aifr%3A1%3Ads%3A0%2C0%2C14%2C1%2C1%2C0%2C%2C57%2C0%2C508%2C508%2C1%2C77%3Aco%3A0%3Ans%3A1674878470165%3Ast%3A1674878474&t=clc(0-0-0)rqnt(1)aw(1)ti(2) HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://yastatic.net
Connection: keep-alive
Referer: https://yastatic.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
location: /watch/3/1?wmode=7&page-url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.83%2F1-1-0%2Frender.html&page-ref=https%3A%2F%2Fgoo.su%2F&charset=utf-8&browser-info=pv%3A1%3Avf%3A3kqlg6e9sjiwxr6f2njdv%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A960%3Acn%3A1%3Adp%3A0%3Als%3A1646100434517%3Ahid%3A42188041%3Az%3A0%3Ai%3A20230128040114%3Aet%3A1674878474%3Arn%3A148260180%3Arqn%3A1%3Au%3A1674878474374320643%3Aw%3A1x1%3As%3A1280x1024x24%3Ask%3A1%3Aifr%3A1%3Ads%3A0%2C0%2C14%2C1%2C1%2C0%2C%2C57%2C0%2C508%2C508%2C1%2C77%3Aco%3A0%3Ans%3A1674878470165%3Ast%3A1674878474&t=clc%280-0-0%29rqnt%281%29aw%281%29ti%282%29
date: Sat, 28 Jan 2023 04:01:13 GMT
access-control-allow-origin: https://yastatic.net
set-cookie: yabs-sid=1947408781674878473; Path=/; SameSite=None; Secure
i=4vDRMHFMaEJsUX6+QhIr40/rbBz2KINuUkXBJro6EA2iKBR3t0cblOCdkaKCm5SMzRsWyI8g5g/YHIE2R6XaSR3chmY=; Expires=Tue, 25-Jan-2033 04:01:04 GMT; Domain=.yandex.ru; Path=/; Secure; HttpOnly; SameSite=None
yandexuid=1085045771674878473; Expires=Sun, 28-Jan-2024 04:01:13 GMT; Domain=.yandex.ru; Path=/; SameSite=None; Secure
yuidss=1085045771674878473; Expires=Sun, 28-Jan-2024 04:01:13 GMT; Domain=.yandex.ru; Path=/; SameSite=None; Secure
ymex=1706414473.yc.1674878473#1706414473.yrts.1674878473#1706414473.yrtsi.1674878473; Expires=Sun, 28-Jan-2024 04:01:13 GMT; Domain=.yandex.ru; Path=/; SameSite=None; Secure
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Sat, 28-Jan-2023 04:01:13 GMT
last-modified: Sat, 28-Jan-2023 04:01:13 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Open%20Sans:400&display=swap
142.250.74.106200 OK 0 B URL HTTP/2 fonts.googleapis.com/css?family=Open%20Sans:400&display=swap
IP 142.250.74.106:0
GET /css?family=Open%20Sans:400&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://goo.su/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sat, 28 Jan 2023 04:01:07 GMT
date: Sat, 28 Jan 2023 04:01:07 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
an.yandex.ru/meta/1677322?target-ref=https%3A%2F%2Fgoo.su%2Fs0Tp%2F&charset=utf-8&pcode-test-ids=657519%2C0%2C2%3B712232%2C0%2C19%3B706837%2C0%2C57%3B709348%2C0%2C27%3B712489%2C0%2C74%3B708840%2C0%2C96%3B705135%2C0%2C10%3B709005%2C0%2C48%3B672576%2C0%2C0%3B710480%2C0%2C57%3B712948%2C0%2C78%3B712532%2C0%2C13%3B681843%2C0%2C22&pcode-flags-map=eJytWNuO2zYQ%2FZXCz32gLtQlb5RE2awlUiUpe52iILbppgmwvaDZFAGC%2FHuHomxL8i4dpwUWwWbhOTOcOXNmxp9XbM2FpKZlStHKVEQT0xFJWmVqIc2OVVQYxk0p2kKsXv30efXP%2FePHh9Wr1cOnv1bfr54ePjyxX%2BG%2FOEcxxqsvP3%2B%2F2hFlJP2xp0qbXUs6U0vRGlKpmb2WPZ0CJEEaZmgAoJwUDV04h19qxpmmEF%2B5VRuhzZ7pjei1IRC7Vr7oEoyTLLoZ%2FP9AJk1jOimqvtTq0s1t0BQgb6zLBMTWBXzuoRSmIQVtBigAKQjnVPqrk0RRnE5j4XRv1Bas4ccCClJRabqGHBZQy4AyHOb5KSDGO7KmRmlWbg%2BmYsqCV0PWClvaqhZ38GdJS20UbZoZNL3r5tBpEJ6hezWPkhPe9f5X5kGK4hOA3kjIFpXSpqk2qpc7eoCUQxHXhinDgSY70rDqCmiY4OwESiqb%2FYPl7YikhWuTsWe8YClK4yw9gzUNRCh4czBdXzSsNKRjQ1mhJEpDZ%2FvRggDh4EwO7QhMpWKCzyzhk0GczW3DIHDJ7jkbyz94brup6dPfHx8mZnGYRblrc1sfpQYGLmyWnJkY2XdRyo0oFIVyLKj2x%2F0vjw8zyygJc5evmt2BzHGzoWy90YZrv8sYR7lLzYHwit4Z2ZtKtIRxrwyiNIySk79Cii0EC77MWi54srQMUpwlzzq0baElK7zmYYASR93XlIem7qGD9qwCEWMtdJjXNobaorPt2IWmENIWVZKK9eq7r0Q4EBu3Cxj4uScHr37iOErHPFe17QHVCQ7E0Kyl0CMz0xAhNLeNUeTe3JWiorahFOVeUcUxBpiRSlZbJLXcPfozVlK85nGahpfmIA%2Fw7942EbDzWxCOAYCg9LNqReh564YSyU1rp%2FeOSEYW7w5nTjFCY5Y7yYRk%2BmCKA4wRuu%2BE9CcsSZOx9468GOW4VF6hxyCm2YSRIJglAS0FUS9LqJLyqATOIxwEM9uBxeo08zvQUcbXfpAYxy7yUvRcA5X1oaMm8kcN%2Boon5WllCXlSrGANZM3vLk%2BTFy1BpU0JCr294v2I0faNZm4yGxDYmsFUZPYRNSn93ZxnYZpO4hhB3M4AwwbIZsd0ASuI7RgtRdNcmdkojCPHurUkRej%2FLFAUnT9rFHs9ixcHIfJ9%2FpnOD%2FALFkdybOgwfiStqIKN1htfgMPEWdvlQNIaNGcD%2B8ualX67LBoFdpjbsrUdJCk%2Fzr1O0sIv8QlodBjMWglmoARec%2BimDYV6WNlWpbQTTimvEiVBHsQunokR6Tr7lDW0ht84DHI8i2TD9PCMCRgkc6uFP4ooDcPZjlp2rWlpxYgBEKLZbhjyfow8mm%2F%2BZVf%2BZ4zFGl7RmkBH3biBxxglySxNqiVSG1jUemrBrxUJJ0lyvorcQrmIzO2Xwq6owzJpVHMlqjRIx24s7Z4s%2BMhCUluNYzWcb9Qt5H46plme5KdVrJYMYGCTdPZsINMN9sX2otUvLJI8Gjk7sbj11EzSPEbpCQXmYGURWr%2FnLE6CpWdHMr%2BvMEThssvsLvdV3ZElcRAdNQNWIjgC4alAGhOFyO1ow0xw69blGXaBl2bR5Sv02v8GKFN2tjpLvjIdjBOYrHCf7mi7nMmrtx%2FM058f37xbnEgoC5eHoJPdZ%2Bo4ntFXigMX0ti8cG6fWnU4DHnfFleSAhNzXPFdc8K91xkth%2FF2beAmeR5HzvUi8LoR7oxyz7wCko0N%2BRLIwPN5ct9%2FMr%2FffzLvHt7%2F9u7pBTjGraBvaUEKA%2FeELwg4XLN0pgpOWPYbIOyEu%2FZodYdnD%2BNyOLJhm6OgsV6xSAMUj3uRlMZNTt3DAupEZ0j0oG%2F9enP15ozPR%2FrwhcTp%2BxFQwY4ASWcII2EXx2c4pkgOk3dnR6hbCY8zuWEcIiKssWsTnNhkcVo%2FB4uSLDpf15K20BdGNK5%2Bpy%2FG7NdZN1zsoHnZuI6paru8WeEpcZYvHmf%2FstAccTls3jw9zj1l2bjvKmEHSSeUrU1hd0DvOpAiHETnMbXrCPMcJAGcYWj%2BQoQm1m7P%2FEZrq1AEOLqx2zprbT1Py%2BqQf6qtcJ0Z7H%2FXN2DfAFj0dQ1YtO1gv28A8Zn3Ys9jR%2FthDnxLwhj%2FwR5iE5acxd1u%2BuWm59ur43VBIxh5eLxBGvL6MCwSZrivp1Zv7x8%2FPCz0IUMXo2kQQHJFWcJ8bJDByzMNgqNwYYGH7v%2FyL4eDpfw%3D&pcode-icookie=zpuQMXp40BX184iGPoCkLkFwzrRFUdmCyx9pKg7Uvufjeyd2K2OjvUjGoxXMy%2B6m5jdhY3XaHetXpJPWUvF9%2BnR7aL4%3D&imp-id=4&enable-flat-highlight=1&comboblock-unencoded-vast=1&test-tag=521718267379714&ad-session-id=6475081674878469513&target-id=70086208&tga-with-creatives=1&top-ancestor=https%3A%2F%2Fgoo.su&top-ancestor-undetermined=0&pcode-version=712629&pcodever=712629&flash-ver=0&available-width=145&skip-token=yabs.NzIwNTc2MDcyMjUxMDIyMzQKNzIwNTc2MDczNDA0MDg4MjAKNzIwNTc2MDcxMjcxNDQzNjEKNzIwNTc2MDczOTgwNTU3NTQ%3D&layout-config=%7B%22win_width%22%3A1152%2C%22win_height%22%3A836%2C%22pixel_ratio%22%3A1%2C%22bandwidth%22%3A-1%2C%22isInIframe%22%3Afalse%2C%22w%22%3A1140%2C%22h%22%3A836%2C%22width%22%3A1140%2C%22height%22%3A0%2C%22visible%22%3A1%2C%22fullscreenHeaderHeight%22%3A80%2C%22left%22%3A0%2C%22top%22%3A657%2C%22ad_no%22%3A4%2C%22darkTheme%22%3Afalse%2C%22req_no%22%3A2%7D&grab-orig-len=384&grab=eyJncmFiX3ZlcnNpb24iOjIsImlzX2FzeW5jIjoxLCJvbGRfZ3JhYl9zaXplIjo1Nn0Kgq6-kTvf80MM9dSIvWpXyDVKKJWAv3dMTrXf_RCJBARtWiSSJVXo23A4YeY8-OPWXpz1OEmSuvgwzkkG-114gvShwyVzD5l2vhdm6JALc4nLZXbCZcKiVHWVqsa84yBy4RbzMSRjYGW68Y3mfg49jQ8pQjU4-GfElzUpMZeUi6GSR07MWczGaz7RJ-eusvVSybEuT2SxZq26n1jNhkO3eH7OPuXMzjrf7LHPYkNozC2OGZnIHp3eeOAfQUXZfOVfixc0G7Xen9VvXcBDK1MqM2lNyB1g7Gi_ApI2EAhEZASpR2QA2yhMVBSQgv8%3D&uniformat=true&callback=Ya%5B7593547566149%5D
87.250.250.90200 OK 0 B URL HTTP/2 an.yandex.ru/meta/1677322?target-ref=https%3A%2F%2Fgoo.su%2Fs0Tp%2F&charset=utf-8&pcode-test-ids=657519%2C0%2C2%3B712232%2C0%2C19%3B706837%2C0%2C57%3B709348%2C0%2C27%3B712489%2C0%2C74%3B708840%2C0%2C96%3B705135%2C0%2C10%3B709005%2C0%2C48%3B672576%2C0%2C0%3B710480%2C0%2C57%3B712948%2C0%2C78%3B712532%2C0%2C13%3B681843%2C0%2C22&pcode-flags-map=eJytWNuO2zYQ%2FZXCz32gLtQlb5RE2awlUiUpe52iILbppgmwvaDZFAGC%2FHuHomxL8i4dpwUWwWbhOTOcOXNmxp9XbM2FpKZlStHKVEQT0xFJWmVqIc2OVVQYxk0p2kKsXv30efXP%2FePHh9Wr1cOnv1bfr54ePjyxX%2BG%2FOEcxxqsvP3%2B%2F2hFlJP2xp0qbXUs6U0vRGlKpmb2WPZ0CJEEaZmgAoJwUDV04h19qxpmmEF%2B5VRuhzZ7pjei1IRC7Vr7oEoyTLLoZ%2FP9AJk1jOimqvtTq0s1t0BQgb6zLBMTWBXzuoRSmIQVtBigAKQjnVPqrk0RRnE5j4XRv1Bas4ccCClJRabqGHBZQy4AyHOb5KSDGO7KmRmlWbg%2BmYsqCV0PWClvaqhZ38GdJS20UbZoZNL3r5tBpEJ6hezWPkhPe9f5X5kGK4hOA3kjIFpXSpqk2qpc7eoCUQxHXhinDgSY70rDqCmiY4OwESiqb%2FYPl7YikhWuTsWe8YClK4yw9gzUNRCh4czBdXzSsNKRjQ1mhJEpDZ%2FvRggDh4EwO7QhMpWKCzyzhk0GczW3DIHDJ7jkbyz94brup6dPfHx8mZnGYRblrc1sfpQYGLmyWnJkY2XdRyo0oFIVyLKj2x%2F0vjw8zyygJc5evmt2BzHGzoWy90YZrv8sYR7lLzYHwit4Z2ZtKtIRxrwyiNIySk79Cii0EC77MWi54srQMUpwlzzq0baElK7zmYYASR93XlIem7qGD9qwCEWMtdJjXNobaorPt2IWmENIWVZKK9eq7r0Q4EBu3Cxj4uScHr37iOErHPFe17QHVCQ7E0Kyl0CMz0xAhNLeNUeTe3JWiorahFOVeUcUxBpiRSlZbJLXcPfozVlK85nGahpfmIA%2Fw7942EbDzWxCOAYCg9LNqReh564YSyU1rp%2FeOSEYW7w5nTjFCY5Y7yYRk%2BmCKA4wRuu%2BE9CcsSZOx9468GOW4VF6hxyCm2YSRIJglAS0FUS9LqJLyqATOIxwEM9uBxeo08zvQUcbXfpAYxy7yUvRcA5X1oaMm8kcN%2Boon5WllCXlSrGANZM3vLk%2BTFy1BpU0JCr294v2I0faNZm4yGxDYmsFUZPYRNSn93ZxnYZpO4hhB3M4AwwbIZsd0ASuI7RgtRdNcmdkojCPHurUkRej%2FLFAUnT9rFHs9ixcHIfJ9%2FpnOD%2FALFkdybOgwfiStqIKN1htfgMPEWdvlQNIaNGcD%2B8ualX67LBoFdpjbsrUdJCk%2Fzr1O0sIv8QlodBjMWglmoARec%2BimDYV6WNlWpbQTTimvEiVBHsQunokR6Tr7lDW0ht84DHI8i2TD9PCMCRgkc6uFP4ooDcPZjlp2rWlpxYgBEKLZbhjyfow8mm%2F%2BZVf%2BZ4zFGl7RmkBH3biBxxglySxNqiVSG1jUemrBrxUJJ0lyvorcQrmIzO2Xwq6owzJpVHMlqjRIx24s7Z4s%2BMhCUluNYzWcb9Qt5H46plme5KdVrJYMYGCTdPZsINMN9sX2otUvLJI8Gjk7sbj11EzSPEbpCQXmYGURWr%2FnLE6CpWdHMr%2BvMEThssvsLvdV3ZElcRAdNQNWIjgC4alAGhOFyO1ow0xw69blGXaBl2bR5Sv02v8GKFN2tjpLvjIdjBOYrHCf7mi7nMmrtx%2FM058f37xbnEgoC5eHoJPdZ%2Bo4ntFXigMX0ti8cG6fWnU4DHnfFleSAhNzXPFdc8K91xkth%2FF2beAmeR5HzvUi8LoR7oxyz7wCko0N%2BRLIwPN5ct9%2FMr%2FffzLvHt7%2F9u7pBTjGraBvaUEKA%2FeELwg4XLN0pgpOWPYbIOyEu%2FZodYdnD%2BNyOLJhm6OgsV6xSAMUj3uRlMZNTt3DAupEZ0j0oG%2F9enP15ozPR%2FrwhcTp%2BxFQwY4ASWcII2EXx2c4pkgOk3dnR6hbCY8zuWEcIiKssWsTnNhkcVo%2FB4uSLDpf15K20BdGNK5%2Bpy%2FG7NdZN1zsoHnZuI6paru8WeEpcZYvHmf%2FstAccTls3jw9zj1l2bjvKmEHSSeUrU1hd0DvOpAiHETnMbXrCPMcJAGcYWj%2BQoQm1m7P%2FEZrq1AEOLqx2zprbT1Py%2BqQf6qtcJ0Z7H%2FXN2DfAFj0dQ1YtO1gv28A8Zn3Ys9jR%2FthDnxLwhj%2FwR5iE5acxd1u%2BuWm59ur43VBIxh5eLxBGvL6MCwSZrivp1Zv7x8%2FPCz0IUMXo2kQQHJFWcJ8bJDByzMNgqNwYYGH7v%2FyL4eDpfw%3D&pcode-icookie=zpuQMXp40BX184iGPoCkLkFwzrRFUdmCyx9pKg7Uvufjeyd2K2OjvUjGoxXMy%2B6m5jdhY3XaHetXpJPWUvF9%2BnR7aL4%3D&imp-id=4&enable-flat-highlight=1&comboblock-unencoded-vast=1&test-tag=521718267379714&ad-session-id=6475081674878469513&target-id=70086208&tga-with-creatives=1&top-ancestor=https%3A%2F%2Fgoo.su&top-ancestor-undetermined=0&pcode-version=712629&pcodever=712629&flash-ver=0&available-width=145&skip-token=yabs.NzIwNTc2MDcyMjUxMDIyMzQKNzIwNTc2MDczNDA0MDg4MjAKNzIwNTc2MDcxMjcxNDQzNjEKNzIwNTc2MDczOTgwNTU3NTQ%3D&layout-config=%7B%22win_width%22%3A1152%2C%22win_height%22%3A836%2C%22pixel_ratio%22%3A1%2C%22bandwidth%22%3A-1%2C%22isInIframe%22%3Afalse%2C%22w%22%3A1140%2C%22h%22%3A836%2C%22width%22%3A1140%2C%22height%22%3A0%2C%22visible%22%3A1%2C%22fullscreenHeaderHeight%22%3A80%2C%22left%22%3A0%2C%22top%22%3A657%2C%22ad_no%22%3A4%2C%22darkTheme%22%3Afalse%2C%22req_no%22%3A2%7D&grab-orig-len=384&grab=eyJncmFiX3ZlcnNpb24iOjIsImlzX2FzeW5jIjoxLCJvbGRfZ3JhYl9zaXplIjo1Nn0Kgq6-kTvf80MM9dSIvWpXyDVKKJWAv3dMTrXf_RCJBARtWiSSJVXo23A4YeY8-OPWXpz1OEmSuvgwzkkG-114gvShwyVzD5l2vhdm6JALc4nLZXbCZcKiVHWVqsa84yBy4RbzMSRjYGW68Y3mfg49jQ8pQjU4-GfElzUpMZeUi6GSR07MWczGaz7RJ-eusvVSybEuT2SxZq26n1jNhkO3eH7OPuXMzjrf7LHPYkNozC2OGZnIHp3eeOAfQUXZfOVfixc0G7Xen9VvXcBDK1MqM2lNyB1g7Gi_ApI2EAhEZASpR2QA2yhMVBSQgv8%3D&uniformat=true&callback=Ya%5B7593547566149%5D
IP 87.250.250.90:0
GET /meta/1677322?target-ref=https%3A%2F%2Fgoo.su%2Fs0Tp%2F&charset=utf-8&pcode-test-ids=657519%2C0%2C2%3B712232%2C0%2C19%3B706837%2C0%2C57%3B709348%2C0%2C27%3B712489%2C0%2C74%3B708840%2C0%2C96%3B705135%2C0%2C10%3B709005%2C0%2C48%3B672576%2C0%2C0%3B710480%2C0%2C57%3B712948%2C0%2C78%3B712532%2C0%2C13%3B681843%2C0%2C22&pcode-flags-map=eJytWNuO2zYQ%2FZXCz32gLtQlb5RE2awlUiUpe52iILbppgmwvaDZFAGC%2FHuHomxL8i4dpwUWwWbhOTOcOXNmxp9XbM2FpKZlStHKVEQT0xFJWmVqIc2OVVQYxk0p2kKsXv30efXP%2FePHh9Wr1cOnv1bfr54ePjyxX%2BG%2FOEcxxqsvP3%2B%2F2hFlJP2xp0qbXUs6U0vRGlKpmb2WPZ0CJEEaZmgAoJwUDV04h19qxpmmEF%2B5VRuhzZ7pjei1IRC7Vr7oEoyTLLoZ%2FP9AJk1jOimqvtTq0s1t0BQgb6zLBMTWBXzuoRSmIQVtBigAKQjnVPqrk0RRnE5j4XRv1Bas4ccCClJRabqGHBZQy4AyHOb5KSDGO7KmRmlWbg%2BmYsqCV0PWClvaqhZ38GdJS20UbZoZNL3r5tBpEJ6hezWPkhPe9f5X5kGK4hOA3kjIFpXSpqk2qpc7eoCUQxHXhinDgSY70rDqCmiY4OwESiqb%2FYPl7YikhWuTsWe8YClK4yw9gzUNRCh4czBdXzSsNKRjQ1mhJEpDZ%2FvRggDh4EwO7QhMpWKCzyzhk0GczW3DIHDJ7jkbyz94brup6dPfHx8mZnGYRblrc1sfpQYGLmyWnJkY2XdRyo0oFIVyLKj2x%2F0vjw8zyygJc5evmt2BzHGzoWy90YZrv8sYR7lLzYHwit4Z2ZtKtIRxrwyiNIySk79Cii0EC77MWi54srQMUpwlzzq0baElK7zmYYASR93XlIem7qGD9qwCEWMtdJjXNobaorPt2IWmENIWVZKK9eq7r0Q4EBu3Cxj4uScHr37iOErHPFe17QHVCQ7E0Kyl0CMz0xAhNLeNUeTe3JWiorahFOVeUcUxBpiRSlZbJLXcPfozVlK85nGahpfmIA%2Fw7942EbDzWxCOAYCg9LNqReh564YSyU1rp%2FeOSEYW7w5nTjFCY5Y7yYRk%2BmCKA4wRuu%2BE9CcsSZOx9468GOW4VF6hxyCm2YSRIJglAS0FUS9LqJLyqATOIxwEM9uBxeo08zvQUcbXfpAYxy7yUvRcA5X1oaMm8kcN%2Boon5WllCXlSrGANZM3vLk%2BTFy1BpU0JCr294v2I0faNZm4yGxDYmsFUZPYRNSn93ZxnYZpO4hhB3M4AwwbIZsd0ASuI7RgtRdNcmdkojCPHurUkRej%2FLFAUnT9rFHs9ixcHIfJ9%2FpnOD%2FALFkdybOgwfiStqIKN1htfgMPEWdvlQNIaNGcD%2B8ualX67LBoFdpjbsrUdJCk%2Fzr1O0sIv8QlodBjMWglmoARec%2BimDYV6WNlWpbQTTimvEiVBHsQunokR6Tr7lDW0ht84DHI8i2TD9PCMCRgkc6uFP4ooDcPZjlp2rWlpxYgBEKLZbhjyfow8mm%2F%2BZVf%2BZ4zFGl7RmkBH3biBxxglySxNqiVSG1jUemrBrxUJJ0lyvorcQrmIzO2Xwq6owzJpVHMlqjRIx24s7Z4s%2BMhCUluNYzWcb9Qt5H46plme5KdVrJYMYGCTdPZsINMN9sX2otUvLJI8Gjk7sbj11EzSPEbpCQXmYGURWr%2FnLE6CpWdHMr%2BvMEThssvsLvdV3ZElcRAdNQNWIjgC4alAGhOFyO1ow0xw69blGXaBl2bR5Sv02v8GKFN2tjpLvjIdjBOYrHCf7mi7nMmrtx%2FM058f37xbnEgoC5eHoJPdZ%2Bo4ntFXigMX0ti8cG6fWnU4DHnfFleSAhNzXPFdc8K91xkth%2FF2beAmeR5HzvUi8LoR7oxyz7wCko0N%2BRLIwPN5ct9%2FMr%2FffzLvHt7%2F9u7pBTjGraBvaUEKA%2FeELwg4XLN0pgpOWPYbIOyEu%2FZodYdnD%2BNyOLJhm6OgsV6xSAMUj3uRlMZNTt3DAupEZ0j0oG%2F9enP15ozPR%2FrwhcTp%2BxFQwY4ASWcII2EXx2c4pkgOk3dnR6hbCY8zuWEcIiKssWsTnNhkcVo%2FB4uSLDpf15K20BdGNK5%2Bpy%2FG7NdZN1zsoHnZuI6paru8WeEpcZYvHmf%2FstAccTls3jw9zj1l2bjvKmEHSSeUrU1hd0DvOpAiHETnMbXrCPMcJAGcYWj%2BQoQm1m7P%2FEZrq1AEOLqx2zprbT1Py%2BqQf6qtcJ0Z7H%2FXN2DfAFj0dQ1YtO1gv28A8Zn3Ys9jR%2FthDnxLwhj%2FwR5iE5acxd1u%2BuWm59ur43VBIxh5eLxBGvL6MCwSZrivp1Zv7x8%2FPCz0IUMXo2kQQHJFWcJ8bJDByzMNgqNwYYGH7v%2FyL4eDpfw%3D&pcode-icookie=zpuQMXp40BX184iGPoCkLkFwzrRFUdmCyx9pKg7Uvufjeyd2K2OjvUjGoxXMy%2B6m5jdhY3XaHetXpJPWUvF9%2BnR7aL4%3D&imp-id=4&enable-flat-highlight=1&comboblock-unencoded-vast=1&test-tag=521718267379714&ad-session-id=6475081674878469513&target-id=70086208&tga-with-creatives=1&top-ancestor=https%3A%2F%2Fgoo.su&top-ancestor-undetermined=0&pcode-version=712629&pcodever=712629&flash-ver=0&available-width=145&skip-token=yabs.NzIwNTc2MDcyMjUxMDIyMzQKNzIwNTc2MDczNDA0MDg4MjAKNzIwNTc2MDcxMjcxNDQzNjEKNzIwNTc2MDczOTgwNTU3NTQ%3D&layout-config=%7B%22win_width%22%3A1152%2C%22win_height%22%3A836%2C%22pixel_ratio%22%3A1%2C%22bandwidth%22%3A-1%2C%22isInIframe%22%3Afalse%2C%22w%22%3A1140%2C%22h%22%3A836%2C%22width%22%3A1140%2C%22height%22%3A0%2C%22visible%22%3A1%2C%22fullscreenHeaderHeight%22%3A80%2C%22left%22%3A0%2C%22top%22%3A657%2C%22ad_no%22%3A4%2C%22darkTheme%22%3Afalse%2C%22req_no%22%3A2%7D&grab-orig-len=384&grab=eyJncmFiX3ZlcnNpb24iOjIsImlzX2FzeW5jIjoxLCJvbGRfZ3JhYl9zaXplIjo1Nn0Kgq6-kTvf80MM9dSIvWpXyDVKKJWAv3dMTrXf_RCJBARtWiSSJVXo23A4YeY8-OPWXpz1OEmSuvgwzkkG-114gvShwyVzD5l2vhdm6JALc4nLZXbCZcKiVHWVqsa84yBy4RbzMSRjYGW68Y3mfg49jQ8pQjU4-GfElzUpMZeUi6GSR07MWczGaz7RJ-eusvVSybEuT2SxZq26n1jNhkO3eH7OPuXMzjrf7LHPYkNozC2OGZnIHp3eeOAfQUXZfOVfixc0G7Xen9VvXcBDK1MqM2lNyB1g7Gi_ApI2EAhEZASpR2QA2yhMVBSQgv8%3D&uniformat=true&callback=Ya%5B7593547566149%5D HTTP/1.1
Host: an.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Origin: https://goo.su
Connection: keep-alive
Referer: https://goo.su/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
uniformat: true
uniformat-product-type: Direct
content-encoding: gzip
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
access-control-allow-origin: https://goo.su
x-xss-protection: 1; mode=block
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
x-yandex-req-id: 1674878469483164-1200908558473730986300123-production-app-host-vla-pcode-323
last-modified: Sat, 28 Jan 2023 04:01:09 GMT
date: Sat, 28 Jan 2023 04:01:09 GMT
set-cookie: yabs-vdrf=A0; domain=an.yandex.ru; path=/; expires=Sat, 04-Feb-2023 04:01:09 GMT
i=vYVRyXcHzcq8ffYYQDmSkwAdnOWDRJAbwazaLKig27du5GlbaNARAPyXFfddgfYD9skXgH7Vav71FNFycB+V++HlgB0=; Expires=Mon, 27-Jan-2025 04:01:09 GMT; Domain=.yandex.ru; Path=/; Secure; HttpOnly; SameSite=None
content-type: application/json
pragma: no-cache
access-control-allow-credentials: true
timing-allow-origin: *
ssr: true
strict-transport-security: max-age=31536000
expires: Sat, 28 Jan 2023 04:01:09 GMT
X-Firefox-Spdy: h2
goo.su/s0Tp/
172.67.139.105200 OK 0 B IP 172.67.139.105:0
Analyzer Verdict Alert fortinet Phishing
GET /s0Tp/ HTTP/1.1
Host: goo.su
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
date: Sat, 28 Jan 2023 04:01:07 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
x-powered-by: PHP/8.0.15
cache-control: private, must-revalidate
pragma: no-cache
expires: -1
set-cookie: XSRF-TOKEN=eyJpdiI6InhiUVp3eWVUak85anpjRWNZbExiTXc9PSIsInZhbHVlIjoiMERXaWZuQ3VmL0dLM2drUjFWTThiQWFXU0pyWmdOdEI5bDVJTUVlUGM4SEsxeFphZmkwUndaZ1ZBK3d1L2xHbExielhwQVlSdVI2cktROVIxSjlFRTZEcUhIbFBaWFU2YTRnNkpMcGpQRVhNaGlZNjRhU0IxQlk0K1VxcUJ1eHQiLCJtYWMiOiJmMzk4MjMxMDk4MjZiMzVjZWVkN2U4NDk4M2Y0MDlmZTIxNjU3YjVmMWE4ZTcxY2FlOTdiMzViYTc3MTE0ZDc5IiwidGFnIjoiIn0%3D; expires=Sat, 28-Jan-2023 22:41:07 GMT; Max-Age=67200; path=/; samesite=lax
goosu_session=eyJpdiI6Ik9FblBaTjdid1NQVk5rZWxXMVlJWlE9PSIsInZhbHVlIjoiejdka1NHcVJkYk9mOVpMWGgwS0llTHhmaVRrRVlhSlFhSFJ3a2w0cjlYeEFsQWpMc3RnNEF6YlBBUXpyQ0l4VmZBcEpVWTRWL0pXTTdVcEs0MWF6cHo2VGNpQ05MK282TnBOVjhkOVhySE90Tk0zZER5dk9tdFVtTzlxeGgyUTIiLCJtYWMiOiJjZDllZGE5NDhiYWQxZDY5NGNjZGRkZjM2M2E3YjI4ZmViNzk5NDMwNWMyMzc2NDkwYzg0YWI1ZGUzOTg2MTVmIiwidGFnIjoiIn0%3D; expires=Sat, 28-Jan-2023 22:41:07 GMT; Max-Age=67200; path=/; httponly; samesite=lax
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4evcLGxnFmQx2hUBZl7o704qVxg%2Blw2Wv9BghRSbxG5tXZA6%2FejtIhtokVy28qfOokSns0DX9Xbj%2F04ThawwqyCAiSFuhSZE7d8HEHs6RFRyK6Yu698MmYM%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7906d335a9970b02-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
an.yandex.ru/rtbcount/1SgCKQUN0V0100000000U9nJP3d6s_VkrIHFm_jtTTvDCfd8PCaoxqeo0n1umaH26TvoICHopP1aI6K4YcVUltlYDaYy5CIhBGSIhOmWiXF41m8cXfcCB3mGzaB6DgZeIiR940R3NiQwrQmCHy7yiupCGF8g8qZHNKO66GQ6luopc1WOvZA1HDOoHO7KCFq7WbTC0WyJhohVlyl0a2wgn-7zcPNXBnCBo79cLY3Powm89ASoWxJDPMO3MSZCnA00iezb8tFdqQD2LJ9t8ayoiyoAYbrxOcheLR3Aks3o9xE34p_4kInpNvq1irQmj4XiOFaF0umxaDW7aDWtMI2U-c3_aCLBnqHdbzWD-xSi8AyjOEKzoSerWmiiVO6reQ61vIOhowL7awIy1UE-ie9qTx0riCnWkt8uU05RzvxD6rh_djbVjf8DPim1DeyJRCoFs7ZDd9siB8DIGWiSazBCNxB1BFm9PqraZp5tt9uXyyv-5ZkRkQ6HcP7b1dQc7Umy9zZ57x2ttshQEUdJXiNSFzXv02h1eJW0
87.250.250.90200 OK 0 B URL HTTP/2 an.yandex.ru/rtbcount/1SgCKQUN0V0100000000U9nJP3d6s_VkrIHFm_jtTTvDCfd8PCaoxqeo0n1umaH26TvoICHopP1aI6K4YcVUltlYDaYy5CIhBGSIhOmWiXF41m8cXfcCB3mGzaB6DgZeIiR940R3NiQwrQmCHy7yiupCGF8g8qZHNKO66GQ6luopc1WOvZA1HDOoHO7KCFq7WbTC0WyJhohVlyl0a2wgn-7zcPNXBnCBo79cLY3Powm89ASoWxJDPMO3MSZCnA00iezb8tFdqQD2LJ9t8ayoiyoAYbrxOcheLR3Aks3o9xE34p_4kInpNvq1irQmj4XiOFaF0umxaDW7aDWtMI2U-c3_aCLBnqHdbzWD-xSi8AyjOEKzoSerWmiiVO6reQ61vIOhowL7awIy1UE-ie9qTx0riCnWkt8uU05RzvxD6rh_djbVjf8DPim1DeyJRCoFs7ZDd9siB8DIGWiSazBCNxB1BFm9PqraZp5tt9uXyyv-5ZkRkQ6HcP7b1dQc7Umy9zZ57x2ttshQEUdJXiNSFzXv02h1eJW0
IP 87.250.250.90:0
GET /rtbcount/1SgCKQUN0V0100000000U9nJP3d6s_VkrIHFm_jtTTvDCfd8PCaoxqeo0n1umaH26TvoICHopP1aI6K4YcVUltlYDaYy5CIhBGSIhOmWiXF41m8cXfcCB3mGzaB6DgZeIiR940R3NiQwrQmCHy7yiupCGF8g8qZHNKO66GQ6luopc1WOvZA1HDOoHO7KCFq7WbTC0WyJhohVlyl0a2wgn-7zcPNXBnCBo79cLY3Powm89ASoWxJDPMO3MSZCnA00iezb8tFdqQD2LJ9t8ayoiyoAYbrxOcheLR3Aks3o9xE34p_4kInpNvq1irQmj4XiOFaF0umxaDW7aDWtMI2U-c3_aCLBnqHdbzWD-xSi8AyjOEKzoSerWmiiVO6reQ61vIOhowL7awIy1UE-ie9qTx0riCnWkt8uU05RzvxD6rh_djbVjf8DPim1DeyJRCoFs7ZDd9siB8DIGWiSazBCNxB1BFm9PqraZp5tt9uXyyv-5ZkRkQ6HcP7b1dQc7Umy9zZ57x2ttshQEUdJXiNSFzXv02h1eJW0 HTTP/1.1
Host: an.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Origin: https://goo.su
Connection: keep-alive
Referer: https://goo.su/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
timing-allow-origin: *
date: Sat, 28 Jan 2023 04:01:09 GMT
access-control-allow-origin: https://goo.su
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Sat, 28 Jan 2023 04:01:09 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
last-modified: Sat, 28 Jan 2023 04:01:09 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: image/gif
content-encoding: gzip
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
top-fwz1.mail.ru/js/code.js
95.163.52.67200 OK 0 B URL HTTP/2 top-fwz1.mail.ru/js/code.js
IP 95.163.52.67:0
GET /js/code.js HTTP/1.1
Host: top-fwz1.mail.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://goo.su/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 28 Jan 2023 04:01:08 GMT
content-type: application/javascript
last-modified: Wed, 11 Jan 2023 13:29:54 GMT
set-cookie: FTID=1RMYgQ0tkIIF:1674878468:0:::; path=/; expires=Mon, 29-Jan-24 04:01:08 GMT; domain=.mail.ru; HttpOnly; SameSite=None; Secure
etag: W/"63beb9d2-85cc"
expires: Sat, 28 Jan 2023 05:01:08 GMT
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, HEAD, PUT, OPTIONS
access-control-allow-headers: *
amp-access-control-allow-source-origin: *
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
timing-allow-origin: *
x-content-type-options: nosniff
p3p: CP="NOI DSP COR NID CUR PSA OUR NOR"
cache-control: max-age=3600, private
accept-ch: DPR, Width, Viewport-Width, Downlink, Device-Memory, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version
accept-ch-lifetime: 86400
content-encoding: gzip
X-Firefox-Spdy: h2
yastatic.net/q/set/s/rsya-tag-users/bundle.js
178.154.131.217200 OK 0 B URL HTTP/2 yastatic.net/q/set/s/rsya-tag-users/bundle.js
IP 178.154.131.217:0
GET /q/set/s/rsya-tag-users/bundle.js HTTP/1.1
Host: yastatic.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://yastatic.net/safeframe-bundles/0.83/1-1-0/render.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx/1.17.9
date: Sat, 28 Jan 2023 04:01:11 GMT
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31556952
content-encoding: br
etag: W/"82bdc8db563d3e71c35534315f8a9fd5"
expires: Mon, 30 Jan 2023 15:58:53 GMT
last-modified: Fri, 29 Oct 2021 11:19:01 GMT
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
strict-transport-security: max-age=43200000; includeSubDomains;
timing-allow-origin: *
vary: Accept-Encoding
x-nginx-request-id: 7a683adbed6d7e3b
X-Firefox-Spdy: h2
an.yandex.ru/event_confirmation
87.250.250.90200 OK 0 B URL HTTP/2 an.yandex.ru/event_confirmation
IP 87.250.250.90:0
POST /event_confirmation HTTP/1.1
Host: an.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Content-Length: 296
Origin: https://goo.su
Connection: keep-alive
Referer: https://goo.su/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
timing-allow-origin: *
date: Sat, 28 Jan 2023 04:01:09 GMT
access-control-allow-origin: https://goo.su
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Sat, 28 Jan 2023 04:01:09 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
last-modified: Sat, 28 Jan 2023 04:01:09 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-encoding: gzip
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
an.yandex.ru/event_confirmation
87.250.250.90200 OK 0 B URL HTTP/2 an.yandex.ru/event_confirmation
IP 87.250.250.90:0
POST /event_confirmation HTTP/1.1
Host: an.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Content-Length: 321
Origin: https://goo.su
Connection: keep-alive
Referer: https://goo.su/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
timing-allow-origin: *
date: Sat, 28 Jan 2023 04:01:09 GMT
access-control-allow-origin: https://goo.su
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Sat, 28 Jan 2023 04:01:09 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
last-modified: Sat, 28 Jan 2023 04:01:09 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-encoding: gzip
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Roboto:400&display=swap
142.250.74.106200 OK 0 B URL HTTP/2 fonts.googleapis.com/css?family=Roboto:400&display=swap
IP 142.250.74.106:0
GET /css?family=Roboto:400&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://goo.su/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sat, 28 Jan 2023 04:01:07 GMT
date: Sat, 28 Jan 2023 04:01:07 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
st.top100.ru/top100/3.13.5/usability.js
81.19.89.17200 OK 0 B URL HTTP/2 st.top100.ru/top100/3.13.5/usability.js
IP 81.19.89.17:0
ASN #24638 Rambler Internet Holding LLC
GET /top100/3.13.5/usability.js HTTP/1.1
Host: st.top100.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://goo.su/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx/1.19.4
date: Sat, 28 Jan 2023 04:01:08 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Thu, 26 Jan 2023 13:46:21 GMT
x-rgw-object-type: Normal
etag: W/"c057d219824a2c96eba73ee915d4fb84"
x-amz-request-id: tx0000000000002ab212a14-0063d49ded-f87fab-default
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
set-cookie: proto_uid=1CIAAASe1GNJaAaIARvtlwB=; expires=Thu, 31-Dec-37 23:55:55 GMT; domain=.rambler.ru; path=/
p3p: CP="NON DSP NID ADMa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
content-encoding: gzip
X-Firefox-Spdy: h2
mc.yandex.ru/watch/1677322?page-url=https%3A%2F%2Fgoo.su%2Fs0Tp%2F&charset=utf-8&cnt-class=1&hittoken=1674878469_2b77aa5c0de4b65093bb13fbf0e7a69ef464085ff1827a625971e0cee2389316&browser-info=pv%3A1%3Aar%3A1%3Avf%3A3kqlg6e9sjiwxr6f2njdv%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A960%3Acn%3A1%3Adp%3A0%3Als%3A356594914695%3Ahid%3A615338535%3Az%3A0%3Ai%3A20230128040110%3Aet%3A1674878471%3Ac%3A1%3Arn%3A220044953%3Arqn%3A2%3Au%3A1674878471318253587%3Aw%3A1140x836%3As%3A1280x1024x24%3Ask%3A1%3Aco%3A0%3Ans%3A1674878468065%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-5274424d88b08056c17f1a11bd3f2aff-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1674878471%3At%3ARedirecting...&t=gdpr(14)mc(p-1-h-1)clc(0-0-0)rqnt(2)aw(1)fip(1)ti(2)
93.158.134.119302 Found 0 B URL HTTP/2 mc.yandex.ru/watch/1677322?page-url=https%3A%2F%2Fgoo.su%2Fs0Tp%2F&charset=utf-8&cnt-class=1&hittoken=1674878469_2b77aa5c0de4b65093bb13fbf0e7a69ef464085ff1827a625971e0cee2389316&browser-info=pv%3A1%3Aar%3A1%3Avf%3A3kqlg6e9sjiwxr6f2njdv%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A960%3Acn%3A1%3Adp%3A0%3Als%3A356594914695%3Ahid%3A615338535%3Az%3A0%3Ai%3A20230128040110%3Aet%3A1674878471%3Ac%3A1%3Arn%3A220044953%3Arqn%3A2%3Au%3A1674878471318253587%3Aw%3A1140x836%3As%3A1280x1024x24%3Ask%3A1%3Aco%3A0%3Ans%3A1674878468065%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-5274424d88b08056c17f1a11bd3f2aff-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1674878471%3At%3ARedirecting...&t=gdpr(14)mc(p-1-h-1)clc(0-0-0)rqnt(2)aw(1)fip(1)ti(2)
IP 93.158.134.119:0
GET /watch/1677322?page-url=https%3A%2F%2Fgoo.su%2Fs0Tp%2F&charset=utf-8&cnt-class=1&hittoken=1674878469_2b77aa5c0de4b65093bb13fbf0e7a69ef464085ff1827a625971e0cee2389316&browser-info=pv%3A1%3Aar%3A1%3Avf%3A3kqlg6e9sjiwxr6f2njdv%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A960%3Acn%3A1%3Adp%3A0%3Als%3A356594914695%3Ahid%3A615338535%3Az%3A0%3Ai%3A20230128040110%3Aet%3A1674878471%3Ac%3A1%3Arn%3A220044953%3Arqn%3A2%3Au%3A1674878471318253587%3Aw%3A1140x836%3As%3A1280x1024x24%3Ask%3A1%3Aco%3A0%3Ans%3A1674878468065%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-5274424d88b08056c17f1a11bd3f2aff-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1674878471%3At%3ARedirecting...&t=gdpr(14)mc(p-1-h-1)clc(0-0-0)rqnt(2)aw(1)fip(1)ti(2) HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://goo.su
Connection: keep-alive
Referer: https://goo.su/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
location: /watch/1677322/1?page-url=https%3A%2F%2Fgoo.su%2Fs0Tp%2F&charset=utf-8&cnt-class=1&hittoken=1674878469_2b77aa5c0de4b65093bb13fbf0e7a69ef464085ff1827a625971e0cee2389316&browser-info=pv%3A1%3Aar%3A1%3Avf%3A3kqlg6e9sjiwxr6f2njdv%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A960%3Acn%3A1%3Adp%3A0%3Als%3A356594914695%3Ahid%3A615338535%3Az%3A0%3Ai%3A20230128040110%3Aet%3A1674878471%3Ac%3A1%3Arn%3A220044953%3Arqn%3A2%3Au%3A1674878471318253587%3Aw%3A1140x836%3As%3A1280x1024x24%3Ask%3A1%3Aco%3A0%3Ans%3A1674878468065%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-5274424d88b08056c17f1a11bd3f2aff-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1674878471%3At%3ARedirecting...&t=gdpr%2814%29mc%28p-1-h-1%29clc%280-0-0%29rqnt%282%29aw%281%29fip%281%29ti%282%29
date: Sat, 28 Jan 2023 04:01:09 GMT
access-control-allow-origin: https://goo.su
set-cookie: yabs-sid=361134001674878469; Path=/; SameSite=None; Secure
i=0j0SBHRijZWqnXUWSpVL/YbcASon+uteeVGos38PpB9iYfvBmSBqvYSVeWIlEdu3LhFWPvJSOupCTroCjK+MN3N1xn4=; Expires=Tue, 25-Jan-2033 04:00:47 GMT; Domain=.yandex.ru; Path=/; Secure; HttpOnly; SameSite=None
yandexuid=1881007571674878469; Expires=Sun, 28-Jan-2024 04:01:09 GMT; Domain=.yandex.ru; Path=/; SameSite=None; Secure
yuidss=1881007571674878469; Expires=Sun, 28-Jan-2024 04:01:09 GMT; Domain=.yandex.ru; Path=/; SameSite=None; Secure
ymex=1706414469.yc.1674878469#1706414469.yrts.1674878469#1706414469.yrtsi.1674878469; Expires=Sun, 28-Jan-2024 04:01:09 GMT; Domain=.yandex.ru; Path=/; SameSite=None; Secure
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Sat, 28-Jan-2023 04:01:09 GMT
last-modified: Sat, 28-Jan-2023 04:01:09 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
kraken.rambler.ru/cnt/
81.19.89.17200 OK 0 B IP 81.19.89.17:0
ASN #24638 Rambler Internet Holding LLC
POST /cnt/ HTTP/1.1
Host: kraken.rambler.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 498
Origin: https://goo.su
Connection: keep-alive
Referer: https://goo.su/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx/1.19.4
date: Sat, 28 Jan 2023 04:01:13 GMT
content-type: application/octet-stream
expires: Thu, 01 Jan 1970 00:00:01 GMT
cache-control: no-cache
pragma: no-cache
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: content-type
access-control-allow-origin: https://goo.su
access-control-allow-credentials: true
x-srv: 1kraken-prod0003.ad.rambler.tech
set-cookie: ruid=1CIAAAme1GOXQbUUAVKqjAB=; expires=Thu, 31-Dec-37 23:55:55 GMT; domain=.rambler.ru; path=/
proto_uid=1CIAAAme1GOXQbUUAVKqjAB=; expires=Thu, 31-Dec-37 23:55:55 GMT; domain=.rambler.ru; path=/
p3p: CP="NON DSP NID ADMa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
X-Firefox-Spdy: h2
kraken.rambler.ru/cnt/v2/
81.19.89.17200 OK 0 B URL HTTP/2 kraken.rambler.ru/cnt/v2/
IP 81.19.89.17:0
ASN #24638 Rambler Internet Holding LLC
POST /cnt/v2/ HTTP/1.1
Host: kraken.rambler.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 645
Origin: https://goo.su
Connection: keep-alive
Referer: https://goo.su/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx/1.19.4
date: Sat, 28 Jan 2023 04:01:13 GMT
content-type: application/octet-stream
expires: Thu, 01 Jan 1970 00:00:01 GMT
cache-control: no-cache
pragma: no-cache
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: content-type
access-control-allow-origin: https://goo.su
access-control-allow-credentials: true
x-srv: 1kraken-prod0003.ad.rambler.tech
set-cookie: ruid=1CIAAAme1GOXQbUUAVOqjAB=; expires=Thu, 31-Dec-37 23:55:55 GMT; domain=.rambler.ru; path=/
proto_uid=1CIAAAme1GOXQbUUAVOqjAB=; expires=Thu, 31-Dec-37 23:55:55 GMT; domain=.rambler.ru; path=/
p3p: CP="NON DSP NID ADMa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
X-Firefox-Spdy: h2
kraken.rambler.ru/cnt/v2/
81.19.89.17200 OK 0 B URL HTTP/2 kraken.rambler.ru/cnt/v2/
IP 81.19.89.17:0
ASN #24638 Rambler Internet Holding LLC
POST /cnt/v2/ HTTP/1.1
Host: kraken.rambler.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 645
Origin: https://goo.su
Connection: keep-alive
Referer: https://goo.su/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx/1.19.4
date: Sat, 28 Jan 2023 04:01:13 GMT
content-type: application/octet-stream
expires: Thu, 01 Jan 1970 00:00:01 GMT
cache-control: no-cache
pragma: no-cache
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: content-type
access-control-allow-origin: https://goo.su
access-control-allow-credentials: true
x-srv: 1kraken-prod0003.ad.rambler.tech
set-cookie: ruid=1CIAAAme1GOXQbUUAWmqjAB=; expires=Thu, 31-Dec-37 23:55:55 GMT; domain=.rambler.ru; path=/
proto_uid=1CIAAAme1GOXQbUUAWmqjAB=; expires=Thu, 31-Dec-37 23:55:55 GMT; domain=.rambler.ru; path=/
p3p: CP="NON DSP NID ADMa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
X-Firefox-Spdy: h2
an.yandex.ru/meta/1677322?target-ref=https%3A%2F%2Fgoo.su%2Fs0Tp%2F&charset=utf-8&pcode-test-ids=657519%2C0%2C2%3B712232%2C0%2C19%3B706837%2C0%2C57%3B709348%2C0%2C27%3B712489%2C0%2C74%3B708840%2C0%2C96%3B705135%2C0%2C10%3B709005%2C0%2C48%3B672576%2C0%2C0%3B710480%2C0%2C57%3B712948%2C0%2C78%3B712532%2C0%2C13%3B681843%2C0%2C22&pcode-flags-map=eJytWNuO2zYQ%2FZXCz32gLtQlb5RE2awlUiUpe52iILbppgmwvaDZFAGC%2FHuHomxL8i4dpwUWwWbhOTOcOXNmxp9XbM2FpKZlStHKVEQT0xFJWmVqIc2OVVQYxk0p2kKsXv30efXP%2FePHh9Wr1cOnv1bfr54ePjyxX%2BG%2FOEcxxqsvP3%2B%2F2hFlJP2xp0qbXUs6U0vRGlKpmb2WPZ0CJEEaZmgAoJwUDV04h19qxpmmEF%2B5VRuhzZ7pjei1IRC7Vr7oEoyTLLoZ%2FP9AJk1jOimqvtTq0s1t0BQgb6zLBMTWBXzuoRSmIQVtBigAKQjnVPqrk0RRnE5j4XRv1Bas4ccCClJRabqGHBZQy4AyHOb5KSDGO7KmRmlWbg%2BmYsqCV0PWClvaqhZ38GdJS20UbZoZNL3r5tBpEJ6hezWPkhPe9f5X5kGK4hOA3kjIFpXSpqk2qpc7eoCUQxHXhinDgSY70rDqCmiY4OwESiqb%2FYPl7YikhWuTsWe8YClK4yw9gzUNRCh4czBdXzSsNKRjQ1mhJEpDZ%2FvRggDh4EwO7QhMpWKCzyzhk0GczW3DIHDJ7jkbyz94brup6dPfHx8mZnGYRblrc1sfpQYGLmyWnJkY2XdRyo0oFIVyLKj2x%2F0vjw8zyygJc5evmt2BzHGzoWy90YZrv8sYR7lLzYHwit4Z2ZtKtIRxrwyiNIySk79Cii0EC77MWi54srQMUpwlzzq0baElK7zmYYASR93XlIem7qGD9qwCEWMtdJjXNobaorPt2IWmENIWVZKK9eq7r0Q4EBu3Cxj4uScHr37iOErHPFe17QHVCQ7E0Kyl0CMz0xAhNLeNUeTe3JWiorahFOVeUcUxBpiRSlZbJLXcPfozVlK85nGahpfmIA%2Fw7942EbDzWxCOAYCg9LNqReh564YSyU1rp%2FeOSEYW7w5nTjFCY5Y7yYRk%2BmCKA4wRuu%2BE9CcsSZOx9468GOW4VF6hxyCm2YSRIJglAS0FUS9LqJLyqATOIxwEM9uBxeo08zvQUcbXfpAYxy7yUvRcA5X1oaMm8kcN%2Boon5WllCXlSrGANZM3vLk%2BTFy1BpU0JCr294v2I0faNZm4yGxDYmsFUZPYRNSn93ZxnYZpO4hhB3M4AwwbIZsd0ASuI7RgtRdNcmdkojCPHurUkRej%2FLFAUnT9rFHs9ixcHIfJ9%2FpnOD%2FALFkdybOgwfiStqIKN1htfgMPEWdvlQNIaNGcD%2B8ualX67LBoFdpjbsrUdJCk%2Fzr1O0sIv8QlodBjMWglmoARec%2BimDYV6WNlWpbQTTimvEiVBHsQunokR6Tr7lDW0ht84DHI8i2TD9PCMCRgkc6uFP4ooDcPZjlp2rWlpxYgBEKLZbhjyfow8mm%2F%2BZVf%2BZ4zFGl7RmkBH3biBxxglySxNqiVSG1jUemrBrxUJJ0lyvorcQrmIzO2Xwq6owzJpVHMlqjRIx24s7Z4s%2BMhCUluNYzWcb9Qt5H46plme5KdVrJYMYGCTdPZsINMN9sX2otUvLJI8Gjk7sbj11EzSPEbpCQXmYGURWr%2FnLE6CpWdHMr%2BvMEThssvsLvdV3ZElcRAdNQNWIjgC4alAGhOFyO1ow0xw69blGXaBl2bR5Sv02v8GKFN2tjpLvjIdjBOYrHCf7mi7nMmrtx%2FM058f37xbnEgoC5eHoJPdZ%2Bo4ntFXigMX0ti8cG6fWnU4DHnfFleSAhNzXPFdc8K91xkth%2FF2beAmeR5HzvUi8LoR7oxyz7wCko0N%2BRLIwPN5ct9%2FMr%2FffzLvHt7%2F9u7pBTjGraBvaUEKA%2FeELwg4XLN0pgpOWPYbIOyEu%2FZodYdnD%2BNyOLJhm6OgsV6xSAMUj3uRlMZNTt3DAupEZ0j0oG%2F9enP15ozPR%2FrwhcTp%2BxFQwY4ASWcII2EXx2c4pkgOk3dnR6hbCY8zuWEcIiKssWsTnNhkcVo%2FB4uSLDpf15K20BdGNK5%2Bpy%2FG7NdZN1zsoHnZuI6paru8WeEpcZYvHmf%2FstAccTls3jw9zj1l2bjvKmEHSSeUrU1hd0DvOpAiHETnMbXrCPMcJAGcYWj%2BQoQm1m7P%2FEZrq1AEOLqx2zprbT1Py%2BqQf6qtcJ0Z7H%2FXN2DfAFj0dQ1YtO1gv28A8Zn3Ys9jR%2FthDnxLwhj%2FwR5iE5acxd1u%2BuWm59ur43VBIxh5eLxBGvL6MCwSZrivp1Zv7x8%2FPCz0IUMXo2kQQHJFWcJ8bJDByzMNgqNwYYGH7v%2FyL4eDpfw%3D&pcode-icookie=zpuQMXp40BX184iGPoCkLkFwzrRFUdmCyx9pKg7Uvufjeyd2K2OjvUjGoxXMy%2B6m5jdhY3XaHetXpJPWUvF9%2BnR7aL4%3D&imp-id=1&enable-flat-highlight=1&comboblock-unencoded-vast=1&test-tag=521718267379714&ad-session-id=6475081674878469513&target-id=58465839&tga-with-creatives=1&top-ancestor=https%3A%2F%2Fgoo.su&top-ancestor-undetermined=0&pcode-version=712629&pcodever=712629&flash-ver=0&available-width=145&layout-config=%7B%22win_width%22%3A1152%2C%22win_height%22%3A836%2C%22pixel_ratio%22%3A1%2C%22bandwidth%22%3A-1%2C%22isInIframe%22%3Afalse%2C%22w%22%3A1140%2C%22h%22%3A836%2C%22width%22%3A145%2C%22height%22%3A0%2C%22visible%22%3A1%2C%22fullscreenHeaderHeight%22%3A80%2C%22left%22%3A497%2C%22top%22%3A129%2C%22ad_no%22%3A0%2C%22darkTheme%22%3Afalse%2C%22req_no%22%3A0%7D&grab-orig-len=384&grab=eyJncmFiX3ZlcnNpb24iOjIsImlzX2FzeW5jIjoxLCJvbGRfZ3JhYl9zaXplIjo1Nn0Kgq6-kTvf80MM9dSIvWpXyDVKKJWAv3dMTrXf_RCJBARtWiSSJVXo23A4YeY8-OPWXpz1OEmSuvgwzkkG-114gvShwyVzD5l2vhdm6JALc4nLZXbCZcKiVHWVqsa84yBy4RbzMSRjYGW68Y3mfg49jQ8pQjU4-GfElzUpMZeUi6GSR07MWczGaz7RJ-eusvVSybEuT2SxZq26n1jNhkO3eH7OPuXMzjrf7LHPYkNozC2OGZnIHp3eeOAfQUXZfOVfixc0G7Xen9VvXcBDK1MqM2lNyB1g7Gi_ApI2EAhEZASpR2QA2yhMVBSQgv8%3D&uniformat=true&callback=Ya%5B1485383301466%5D
87.250.250.90200 OK 0 B URL HTTP/2 an.yandex.ru/meta/1677322?target-ref=https%3A%2F%2Fgoo.su%2Fs0Tp%2F&charset=utf-8&pcode-test-ids=657519%2C0%2C2%3B712232%2C0%2C19%3B706837%2C0%2C57%3B709348%2C0%2C27%3B712489%2C0%2C74%3B708840%2C0%2C96%3B705135%2C0%2C10%3B709005%2C0%2C48%3B672576%2C0%2C0%3B710480%2C0%2C57%3B712948%2C0%2C78%3B712532%2C0%2C13%3B681843%2C0%2C22&pcode-flags-map=eJytWNuO2zYQ%2FZXCz32gLtQlb5RE2awlUiUpe52iILbppgmwvaDZFAGC%2FHuHomxL8i4dpwUWwWbhOTOcOXNmxp9XbM2FpKZlStHKVEQT0xFJWmVqIc2OVVQYxk0p2kKsXv30efXP%2FePHh9Wr1cOnv1bfr54ePjyxX%2BG%2FOEcxxqsvP3%2B%2F2hFlJP2xp0qbXUs6U0vRGlKpmb2WPZ0CJEEaZmgAoJwUDV04h19qxpmmEF%2B5VRuhzZ7pjei1IRC7Vr7oEoyTLLoZ%2FP9AJk1jOimqvtTq0s1t0BQgb6zLBMTWBXzuoRSmIQVtBigAKQjnVPqrk0RRnE5j4XRv1Bas4ccCClJRabqGHBZQy4AyHOb5KSDGO7KmRmlWbg%2BmYsqCV0PWClvaqhZ38GdJS20UbZoZNL3r5tBpEJ6hezWPkhPe9f5X5kGK4hOA3kjIFpXSpqk2qpc7eoCUQxHXhinDgSY70rDqCmiY4OwESiqb%2FYPl7YikhWuTsWe8YClK4yw9gzUNRCh4czBdXzSsNKRjQ1mhJEpDZ%2FvRggDh4EwO7QhMpWKCzyzhk0GczW3DIHDJ7jkbyz94brup6dPfHx8mZnGYRblrc1sfpQYGLmyWnJkY2XdRyo0oFIVyLKj2x%2F0vjw8zyygJc5evmt2BzHGzoWy90YZrv8sYR7lLzYHwit4Z2ZtKtIRxrwyiNIySk79Cii0EC77MWi54srQMUpwlzzq0baElK7zmYYASR93XlIem7qGD9qwCEWMtdJjXNobaorPt2IWmENIWVZKK9eq7r0Q4EBu3Cxj4uScHr37iOErHPFe17QHVCQ7E0Kyl0CMz0xAhNLeNUeTe3JWiorahFOVeUcUxBpiRSlZbJLXcPfozVlK85nGahpfmIA%2Fw7942EbDzWxCOAYCg9LNqReh564YSyU1rp%2FeOSEYW7w5nTjFCY5Y7yYRk%2BmCKA4wRuu%2BE9CcsSZOx9468GOW4VF6hxyCm2YSRIJglAS0FUS9LqJLyqATOIxwEM9uBxeo08zvQUcbXfpAYxy7yUvRcA5X1oaMm8kcN%2Boon5WllCXlSrGANZM3vLk%2BTFy1BpU0JCr294v2I0faNZm4yGxDYmsFUZPYRNSn93ZxnYZpO4hhB3M4AwwbIZsd0ASuI7RgtRdNcmdkojCPHurUkRej%2FLFAUnT9rFHs9ixcHIfJ9%2FpnOD%2FALFkdybOgwfiStqIKN1htfgMPEWdvlQNIaNGcD%2B8ualX67LBoFdpjbsrUdJCk%2Fzr1O0sIv8QlodBjMWglmoARec%2BimDYV6WNlWpbQTTimvEiVBHsQunokR6Tr7lDW0ht84DHI8i2TD9PCMCRgkc6uFP4ooDcPZjlp2rWlpxYgBEKLZbhjyfow8mm%2F%2BZVf%2BZ4zFGl7RmkBH3biBxxglySxNqiVSG1jUemrBrxUJJ0lyvorcQrmIzO2Xwq6owzJpVHMlqjRIx24s7Z4s%2BMhCUluNYzWcb9Qt5H46plme5KdVrJYMYGCTdPZsINMN9sX2otUvLJI8Gjk7sbj11EzSPEbpCQXmYGURWr%2FnLE6CpWdHMr%2BvMEThssvsLvdV3ZElcRAdNQNWIjgC4alAGhOFyO1ow0xw69blGXaBl2bR5Sv02v8GKFN2tjpLvjIdjBOYrHCf7mi7nMmrtx%2FM058f37xbnEgoC5eHoJPdZ%2Bo4ntFXigMX0ti8cG6fWnU4DHnfFleSAhNzXPFdc8K91xkth%2FF2beAmeR5HzvUi8LoR7oxyz7wCko0N%2BRLIwPN5ct9%2FMr%2FffzLvHt7%2F9u7pBTjGraBvaUEKA%2FeELwg4XLN0pgpOWPYbIOyEu%2FZodYdnD%2BNyOLJhm6OgsV6xSAMUj3uRlMZNTt3DAupEZ0j0oG%2F9enP15ozPR%2FrwhcTp%2BxFQwY4ASWcII2EXx2c4pkgOk3dnR6hbCY8zuWEcIiKssWsTnNhkcVo%2FB4uSLDpf15K20BdGNK5%2Bpy%2FG7NdZN1zsoHnZuI6paru8WeEpcZYvHmf%2FstAccTls3jw9zj1l2bjvKmEHSSeUrU1hd0DvOpAiHETnMbXrCPMcJAGcYWj%2BQoQm1m7P%2FEZrq1AEOLqx2zprbT1Py%2BqQf6qtcJ0Z7H%2FXN2DfAFj0dQ1YtO1gv28A8Zn3Ys9jR%2FthDnxLwhj%2FwR5iE5acxd1u%2BuWm59ur43VBIxh5eLxBGvL6MCwSZrivp1Zv7x8%2FPCz0IUMXo2kQQHJFWcJ8bJDByzMNgqNwYYGH7v%2FyL4eDpfw%3D&pcode-icookie=zpuQMXp40BX184iGPoCkLkFwzrRFUdmCyx9pKg7Uvufjeyd2K2OjvUjGoxXMy%2B6m5jdhY3XaHetXpJPWUvF9%2BnR7aL4%3D&imp-id=1&enable-flat-highlight=1&comboblock-unencoded-vast=1&test-tag=521718267379714&ad-session-id=6475081674878469513&target-id=58465839&tga-with-creatives=1&top-ancestor=https%3A%2F%2Fgoo.su&top-ancestor-undetermined=0&pcode-version=712629&pcodever=712629&flash-ver=0&available-width=145&layout-config=%7B%22win_width%22%3A1152%2C%22win_height%22%3A836%2C%22pixel_ratio%22%3A1%2C%22bandwidth%22%3A-1%2C%22isInIframe%22%3Afalse%2C%22w%22%3A1140%2C%22h%22%3A836%2C%22width%22%3A145%2C%22height%22%3A0%2C%22visible%22%3A1%2C%22fullscreenHeaderHeight%22%3A80%2C%22left%22%3A497%2C%22top%22%3A129%2C%22ad_no%22%3A0%2C%22darkTheme%22%3Afalse%2C%22req_no%22%3A0%7D&grab-orig-len=384&grab=eyJncmFiX3ZlcnNpb24iOjIsImlzX2FzeW5jIjoxLCJvbGRfZ3JhYl9zaXplIjo1Nn0Kgq6-kTvf80MM9dSIvWpXyDVKKJWAv3dMTrXf_RCJBARtWiSSJVXo23A4YeY8-OPWXpz1OEmSuvgwzkkG-114gvShwyVzD5l2vhdm6JALc4nLZXbCZcKiVHWVqsa84yBy4RbzMSRjYGW68Y3mfg49jQ8pQjU4-GfElzUpMZeUi6GSR07MWczGaz7RJ-eusvVSybEuT2SxZq26n1jNhkO3eH7OPuXMzjrf7LHPYkNozC2OGZnIHp3eeOAfQUXZfOVfixc0G7Xen9VvXcBDK1MqM2lNyB1g7Gi_ApI2EAhEZASpR2QA2yhMVBSQgv8%3D&uniformat=true&callback=Ya%5B1485383301466%5D
IP 87.250.250.90:0
GET /meta/1677322?target-ref=https%3A%2F%2Fgoo.su%2Fs0Tp%2F&charset=utf-8&pcode-test-ids=657519%2C0%2C2%3B712232%2C0%2C19%3B706837%2C0%2C57%3B709348%2C0%2C27%3B712489%2C0%2C74%3B708840%2C0%2C96%3B705135%2C0%2C10%3B709005%2C0%2C48%3B672576%2C0%2C0%3B710480%2C0%2C57%3B712948%2C0%2C78%3B712532%2C0%2C13%3B681843%2C0%2C22&pcode-flags-map=eJytWNuO2zYQ%2FZXCz32gLtQlb5RE2awlUiUpe52iILbppgmwvaDZFAGC%2FHuHomxL8i4dpwUWwWbhOTOcOXNmxp9XbM2FpKZlStHKVEQT0xFJWmVqIc2OVVQYxk0p2kKsXv30efXP%2FePHh9Wr1cOnv1bfr54ePjyxX%2BG%2FOEcxxqsvP3%2B%2F2hFlJP2xp0qbXUs6U0vRGlKpmb2WPZ0CJEEaZmgAoJwUDV04h19qxpmmEF%2B5VRuhzZ7pjei1IRC7Vr7oEoyTLLoZ%2FP9AJk1jOimqvtTq0s1t0BQgb6zLBMTWBXzuoRSmIQVtBigAKQjnVPqrk0RRnE5j4XRv1Bas4ccCClJRabqGHBZQy4AyHOb5KSDGO7KmRmlWbg%2BmYsqCV0PWClvaqhZ38GdJS20UbZoZNL3r5tBpEJ6hezWPkhPe9f5X5kGK4hOA3kjIFpXSpqk2qpc7eoCUQxHXhinDgSY70rDqCmiY4OwESiqb%2FYPl7YikhWuTsWe8YClK4yw9gzUNRCh4czBdXzSsNKRjQ1mhJEpDZ%2FvRggDh4EwO7QhMpWKCzyzhk0GczW3DIHDJ7jkbyz94brup6dPfHx8mZnGYRblrc1sfpQYGLmyWnJkY2XdRyo0oFIVyLKj2x%2F0vjw8zyygJc5evmt2BzHGzoWy90YZrv8sYR7lLzYHwit4Z2ZtKtIRxrwyiNIySk79Cii0EC77MWi54srQMUpwlzzq0baElK7zmYYASR93XlIem7qGD9qwCEWMtdJjXNobaorPt2IWmENIWVZKK9eq7r0Q4EBu3Cxj4uScHr37iOErHPFe17QHVCQ7E0Kyl0CMz0xAhNLeNUeTe3JWiorahFOVeUcUxBpiRSlZbJLXcPfozVlK85nGahpfmIA%2Fw7942EbDzWxCOAYCg9LNqReh564YSyU1rp%2FeOSEYW7w5nTjFCY5Y7yYRk%2BmCKA4wRuu%2BE9CcsSZOx9468GOW4VF6hxyCm2YSRIJglAS0FUS9LqJLyqATOIxwEM9uBxeo08zvQUcbXfpAYxy7yUvRcA5X1oaMm8kcN%2Boon5WllCXlSrGANZM3vLk%2BTFy1BpU0JCr294v2I0faNZm4yGxDYmsFUZPYRNSn93ZxnYZpO4hhB3M4AwwbIZsd0ASuI7RgtRdNcmdkojCPHurUkRej%2FLFAUnT9rFHs9ixcHIfJ9%2FpnOD%2FALFkdybOgwfiStqIKN1htfgMPEWdvlQNIaNGcD%2B8ualX67LBoFdpjbsrUdJCk%2Fzr1O0sIv8QlodBjMWglmoARec%2BimDYV6WNlWpbQTTimvEiVBHsQunokR6Tr7lDW0ht84DHI8i2TD9PCMCRgkc6uFP4ooDcPZjlp2rWlpxYgBEKLZbhjyfow8mm%2F%2BZVf%2BZ4zFGl7RmkBH3biBxxglySxNqiVSG1jUemrBrxUJJ0lyvorcQrmIzO2Xwq6owzJpVHMlqjRIx24s7Z4s%2BMhCUluNYzWcb9Qt5H46plme5KdVrJYMYGCTdPZsINMN9sX2otUvLJI8Gjk7sbj11EzSPEbpCQXmYGURWr%2FnLE6CpWdHMr%2BvMEThssvsLvdV3ZElcRAdNQNWIjgC4alAGhOFyO1ow0xw69blGXaBl2bR5Sv02v8GKFN2tjpLvjIdjBOYrHCf7mi7nMmrtx%2FM058f37xbnEgoC5eHoJPdZ%2Bo4ntFXigMX0ti8cG6fWnU4DHnfFleSAhNzXPFdc8K91xkth%2FF2beAmeR5HzvUi8LoR7oxyz7wCko0N%2BRLIwPN5ct9%2FMr%2FffzLvHt7%2F9u7pBTjGraBvaUEKA%2FeELwg4XLN0pgpOWPYbIOyEu%2FZodYdnD%2BNyOLJhm6OgsV6xSAMUj3uRlMZNTt3DAupEZ0j0oG%2F9enP15ozPR%2FrwhcTp%2BxFQwY4ASWcII2EXx2c4pkgOk3dnR6hbCY8zuWEcIiKssWsTnNhkcVo%2FB4uSLDpf15K20BdGNK5%2Bpy%2FG7NdZN1zsoHnZuI6paru8WeEpcZYvHmf%2FstAccTls3jw9zj1l2bjvKmEHSSeUrU1hd0DvOpAiHETnMbXrCPMcJAGcYWj%2BQoQm1m7P%2FEZrq1AEOLqx2zprbT1Py%2BqQf6qtcJ0Z7H%2FXN2DfAFj0dQ1YtO1gv28A8Zn3Ys9jR%2FthDnxLwhj%2FwR5iE5acxd1u%2BuWm59ur43VBIxh5eLxBGvL6MCwSZrivp1Zv7x8%2FPCz0IUMXo2kQQHJFWcJ8bJDByzMNgqNwYYGH7v%2FyL4eDpfw%3D&pcode-icookie=zpuQMXp40BX184iGPoCkLkFwzrRFUdmCyx9pKg7Uvufjeyd2K2OjvUjGoxXMy%2B6m5jdhY3XaHetXpJPWUvF9%2BnR7aL4%3D&imp-id=1&enable-flat-highlight=1&comboblock-unencoded-vast=1&test-tag=521718267379714&ad-session-id=6475081674878469513&target-id=58465839&tga-with-creatives=1&top-ancestor=https%3A%2F%2Fgoo.su&top-ancestor-undetermined=0&pcode-version=712629&pcodever=712629&flash-ver=0&available-width=145&layout-config=%7B%22win_width%22%3A1152%2C%22win_height%22%3A836%2C%22pixel_ratio%22%3A1%2C%22bandwidth%22%3A-1%2C%22isInIframe%22%3Afalse%2C%22w%22%3A1140%2C%22h%22%3A836%2C%22width%22%3A145%2C%22height%22%3A0%2C%22visible%22%3A1%2C%22fullscreenHeaderHeight%22%3A80%2C%22left%22%3A497%2C%22top%22%3A129%2C%22ad_no%22%3A0%2C%22darkTheme%22%3Afalse%2C%22req_no%22%3A0%7D&grab-orig-len=384&grab=eyJncmFiX3ZlcnNpb24iOjIsImlzX2FzeW5jIjoxLCJvbGRfZ3JhYl9zaXplIjo1Nn0Kgq6-kTvf80MM9dSIvWpXyDVKKJWAv3dMTrXf_RCJBARtWiSSJVXo23A4YeY8-OPWXpz1OEmSuvgwzkkG-114gvShwyVzD5l2vhdm6JALc4nLZXbCZcKiVHWVqsa84yBy4RbzMSRjYGW68Y3mfg49jQ8pQjU4-GfElzUpMZeUi6GSR07MWczGaz7RJ-eusvVSybEuT2SxZq26n1jNhkO3eH7OPuXMzjrf7LHPYkNozC2OGZnIHp3eeOAfQUXZfOVfixc0G7Xen9VvXcBDK1MqM2lNyB1g7Gi_ApI2EAhEZASpR2QA2yhMVBSQgv8%3D&uniformat=true&callback=Ya%5B1485383301466%5D HTTP/1.1
Host: an.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Origin: https://goo.su
Connection: keep-alive
Referer: https://goo.su/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
uniformat: true
uniformat-product-type: Direct
content-encoding: gzip
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
access-control-allow-origin: https://goo.su
x-xss-protection: 1; mode=block
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
x-yandex-req-id: 1674878468886725-1169415807664258064300106-production-app-host-vla-pcode-339
last-modified: Sat, 28 Jan 2023 04:01:09 GMT
date: Sat, 28 Jan 2023 04:01:09 GMT
set-cookie: yabs-vdrf=A0; domain=an.yandex.ru; path=/; expires=Sat, 04-Feb-2023 04:01:08 GMT
i=IUQR0gVwedYIvzZoRRn+WEOTda32POjhDLeytcxz8gIalKizPSRAQHJLaFs6IZP6xaVgN+KbU5SUkwmKpRtPdZqmbbg=; Expires=Mon, 27-Jan-2025 04:01:08 GMT; Domain=.yandex.ru; Path=/; Secure; HttpOnly; SameSite=None
content-type: application/json
pragma: no-cache
access-control-allow-credentials: true
timing-allow-origin: *
ssr: true
strict-transport-security: max-age=31536000
expires: Sat, 28 Jan 2023 04:01:09 GMT
X-Firefox-Spdy: h2
an.yandex.ru/rtbcount/1SmDy9kO0V0100000000U9nJPEtRL96_HhtUyFxTdWbBJIOoMRBEkvBC00IUC95GSvwSobYk6P8CgOn0ySpxTzVKWSHBcO6ysd8WqSe88Zj1ia30n32JqOWPmbx8k0Ggkf9n7eJ1i9VnV2y7mr4m_omZIE5LHf2YkumCCWmCVnbdCJ4mp6K2YQnbYWAfOVeF1A-O13nsJBXp_ou3GyO-8mxlpwmCVvbOG9OpimB9NcP583cL6QHjBZCRo49c9WO5a7qi6vaxZnuLgfAv4tcIcTLjJrnFxBEugs2LTy7aJsO79tw8SrbElJe3PgrWsSIsWUK_333kG68VG6BVP85uweFzGnOl7HETNM8txD-oWBosW9Nt92lN32wmz0NMXWKDB3TPMIuzcYJbBHZtbHMakuEjWMK6svN3mGlOklTitj3wzyp-ifLiC6CEi7cSO6D-nCPhvknaLL5K6bRWc9Hc_f8DPk5FE6iYUuovu_OCcNVsizZPp0sDp8miDx0pxM3dES4k_e2z_LRJpacVDYpc_i7E0m0NCgAo
87.250.250.90200 OK 0 B URL HTTP/2 an.yandex.ru/rtbcount/1SmDy9kO0V0100000000U9nJPEtRL96_HhtUyFxTdWbBJIOoMRBEkvBC00IUC95GSvwSobYk6P8CgOn0ySpxTzVKWSHBcO6ysd8WqSe88Zj1ia30n32JqOWPmbx8k0Ggkf9n7eJ1i9VnV2y7mr4m_omZIE5LHf2YkumCCWmCVnbdCJ4mp6K2YQnbYWAfOVeF1A-O13nsJBXp_ou3GyO-8mxlpwmCVvbOG9OpimB9NcP583cL6QHjBZCRo49c9WO5a7qi6vaxZnuLgfAv4tcIcTLjJrnFxBEugs2LTy7aJsO79tw8SrbElJe3PgrWsSIsWUK_333kG68VG6BVP85uweFzGnOl7HETNM8txD-oWBosW9Nt92lN32wmz0NMXWKDB3TPMIuzcYJbBHZtbHMakuEjWMK6svN3mGlOklTitj3wzyp-ifLiC6CEi7cSO6D-nCPhvknaLL5K6bRWc9Hc_f8DPk5FE6iYUuovu_OCcNVsizZPp0sDp8miDx0pxM3dES4k_e2z_LRJpacVDYpc_i7E0m0NCgAo
IP 87.250.250.90:0
GET /rtbcount/1SmDy9kO0V0100000000U9nJPEtRL96_HhtUyFxTdWbBJIOoMRBEkvBC00IUC95GSvwSobYk6P8CgOn0ySpxTzVKWSHBcO6ysd8WqSe88Zj1ia30n32JqOWPmbx8k0Ggkf9n7eJ1i9VnV2y7mr4m_omZIE5LHf2YkumCCWmCVnbdCJ4mp6K2YQnbYWAfOVeF1A-O13nsJBXp_ou3GyO-8mxlpwmCVvbOG9OpimB9NcP583cL6QHjBZCRo49c9WO5a7qi6vaxZnuLgfAv4tcIcTLjJrnFxBEugs2LTy7aJsO79tw8SrbElJe3PgrWsSIsWUK_333kG68VG6BVP85uweFzGnOl7HETNM8txD-oWBosW9Nt92lN32wmz0NMXWKDB3TPMIuzcYJbBHZtbHMakuEjWMK6svN3mGlOklTitj3wzyp-ifLiC6CEi7cSO6D-nCPhvknaLL5K6bRWc9Hc_f8DPk5FE6iYUuovu_OCcNVsizZPp0sDp8miDx0pxM3dES4k_e2z_LRJpacVDYpc_i7E0m0NCgAo HTTP/1.1
Host: an.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Origin: https://goo.su
Connection: keep-alive
Referer: https://goo.su/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
timing-allow-origin: *
date: Sat, 28 Jan 2023 04:01:09 GMT
access-control-allow-origin: https://goo.su
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Sat, 28 Jan 2023 04:01:09 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
last-modified: Sat, 28 Jan 2023 04:01:09 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: image/gif
content-encoding: gzip
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2