goo.su/wunD?10006039TPMCRY31HAKWLU10249191024919
172.67.139.105301 Moved Permanently 187 B URL HTTP/1.1 goo.su/wunD?10006039TPMCRY31HAKWLU10249191024919
IP 172.67.139.105:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text
Hash a3ff447f49262fbe83ee1fea4302ee5e
2ed41905d0e02243822a695cf515f32c99b47844
f15d59be3d28bf3b10791fcfa6ea99423e1fc049f49104b68d8aad978b0d5fee
NIDS Severity Alert suricata medium ET POLICY HTTP Request to .su TLD (Soviet Union) Often Malware Related
GET /wunD?10006039TPMCRY31HAKWLU10249191024919 HTTP/1.1
Host: goo.su
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Date: Sun, 29 Jan 2023 00:47:50 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://goo.su/wunD?10006039TPMCRY31HAKWLU10249191024919
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=epATYkAJyRG0Ntaog8Ax9qEjgheg3%2BfceDUrbxpwYdMgIkMpb4TWmUPX2ZHpRLytlc%2FpIzveC3rLRk3cLVHxoVhPdOqEpgiIoniLnNQYg3yBtoFUQXl87UA%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 790df575fbc0b51d-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 9fbe85f42e8ae8ae41cc12df5f98b141
949fa36ff0f22f72565fd584bef094dd4de23037
184d3e4df4bce559b4d7c4836372f5fd2de9782a96b04d364230b7d695d737d8
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "184D3E4DF4BCE559B4D7C4836372F5FD2DE9782A96B04D364230B7D695D737D8"
Last-Modified: Thu, 26 Jan 2023 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10370
Expires: Sun, 29 Jan 2023 03:40:40 GMT
Date: Sun, 29 Jan 2023 00:47:50 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 3eb88dea4fe00db1182370e72683c3ab
ca520abf1e91bfd2aef40c6a1270a911071e8922
d8083ee567c7b3023111dc30f32c94237df7db30d4d2daaea0a569e8a3069ad7
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D8083EE567C7B3023111DC30F32C94237DF7DB30D4D2DAAEA0A569E8A3069AD7"
Last-Modified: Sat, 28 Jan 2023 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12513
Expires: Sun, 29 Jan 2023 04:16:23 GMT
Date: Sun, 29 Jan 2023 00:47:50 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash bf0c602d32b3c14606f22a86183b5e3c
6eabd8d83475eba731968abe1a05a8bfd272f160
6c6a7c519a9e950c2445ed874a25211a94dd4d3cf3afb0103af9dcd1dbd5ff9e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Backoff, Content-Length, Retry-After, Content-Type, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Sun, 29 Jan 2023 00:35:32 GMT
content-type: application/json
age: 738
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 03092d1a1bc7ac91ee342a1a7ab2a562
52db06ce1fd2c74ddd36b6a0a7aee1b5c891600a
03b8ff2629abac9fc30ebec059c2e2018fcbc41646ad5f71c965ff630fbf1ffd
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "03B8FF2629ABAC9FC30EBEC059C2E2018FCBC41646AD5F71C965FF630FBF1FFD"
Last-Modified: Fri, 27 Jan 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7572
Expires: Sun, 29 Jan 2023 02:54:03 GMT
Date: Sun, 29 Jan 2023 00:47:51 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 7b922915ebf1fa3639b333f994c74f24
144a3f80b98fd0652d4614f24cf6cbbee40f8938
adbb3e06df0e870f5c7a9cb81e8979d4e92735853d75c9b779c06470d4db5d9c
GET /chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: PMI1cn1XuEFr4EXSRjjfIwAUmDrKOrHTrhtxOJny9j1rDh9hZpjqFWB9tr2btagzHp9ktPSAKwo=
x-amz-request-id: V9PEA1M2GNP2JJC2
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sun, 29 Jan 2023 00:21:10 GMT
age: 1601
last-modified: Mon, 09 Jan 2023 18:04:21 GMT
etag: "7b922915ebf1fa3639b333f994c74f24"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sun, 29 Jan 2023 00:47:51 GMT
content-type: application/json
content-length: 12
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-expose-headers: content-type
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 8c630e9bbc930d1c367efa81b67be3f7
ec536695531d40a813d99a06271c7c2d698d51d3
39ca0a60c3e2e85712757ead0830d0da82beac1e4f44b6e90243e5ca9326bf4b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 29 Jan 2023 00:47:51 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 8c630e9bbc930d1c367efa81b67be3f7
ec536695531d40a813d99a06271c7c2d698d51d3
39ca0a60c3e2e85712757ead0830d0da82beac1e4f44b6e90243e5ca9326bf4b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 29 Jan 2023 00:47:51 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.googleapis.com/css?family=Roboto:400&display=swap
216.58.207.202200 OK 995 B URL HTTP/2 fonts.googleapis.com/css?family=Roboto:400&display=swap
IP 216.58.207.202:0
Hash 42976ab15a40e0c15af14519b408542d
4122a42533353bde0d89794d83f78fb372a13103
5635e7b57c3eb5217370e5c5091aaed01d4745e35e5a6d81658d05147d14b88b
GET /css?family=Roboto:400&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://goo.su/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sun, 29 Jan 2023 00:47:51 GMT
date: Sun, 29 Jan 2023 00:47:51 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 8cf65fcdafa84b63cf7005fe57927fcb
3f7d163a96e7f00eb2de9828624ec46e22b4b40a
dfcf629cc49444f646f3a014014a91e36251b4b43655ce2e2eca55263dd196e3
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 29 Jan 2023 00:47:51 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.googleapis.com/css?family=Open%20Sans:400&display=swap
216.58.207.202200 OK 17 kB URL HTTP/2 fonts.googleapis.com/css?family=Open%20Sans:400&display=swap
IP 216.58.207.202:0
Hash 613dd2b90bbe48c8b650bbcce40c79cc
64e2ff65388558aaeacae66c2b397ad85a08d830
9f39bec9dcf40239fc771ab0a093f9b58a9f48609d6bf4ceb56dc2252815a271
GET /css?family=Open%20Sans:400&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://goo.su/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sun, 29 Jan 2023 00:47:51 GMT
date: Sun, 29 Jan 2023 00:47:51 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Alert, Last-Modified, Pragma, ETag, Retry-After, Content-Type, Content-Length, Expires, Cache-Control, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Sat, 28 Jan 2023 23:49:03 GMT
age: 3528
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
216.58.207.227200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 15744, version 1.0\012- data
Hash 15d9f621c3bd1599f0169dcf0bd5e63e
7ca9c5967f3bb8bffeab24b639b49c1e7d03fa52
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://goo.su
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15744
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 25 Jan 2023 19:33:54 GMT
expires: Thu, 25 Jan 2024 19:33:54 GMT
cache-control: public, max-age=31536000
age: 278037
last-modified: Wed, 11 May 2022 19:24:48 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 8cf65fcdafa84b63cf7005fe57927fcb
3f7d163a96e7f00eb2de9828624ec46e22b4b40a
dfcf629cc49444f646f3a014014a91e36251b4b43655ce2e2eca55263dd196e3
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 29 Jan 2023 00:47:51 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 4f075ee209f791b11f478c89c883a906
6365113cc8c7f45cddf85c5fb2ae088020291a89
35158fb453561f2389a735ae0d47aeace4d6e513f7511a2fab0cbadff43bf090
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 807
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 29 Jan 2023 00:47:51 GMT
Last-Modified: Sun, 29 Jan 2023 00:34:24 GMT
Server: ECS (ska/F70B)
X-Cache: HIT
Content-Length: 471
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 16a7b6a7128312e2f985d30df18c4487
6017bff79ffb525d9c7f9f32b999b74b5dc69602
663fd12209627f08e759c2ed1c76278a5da79dae1e0b46082dd1bb44775f7a16
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "663FD12209627F08E759C2ED1C76278A5DA79DAE1E0B46082DD1BB44775F7A16"
Last-Modified: Fri, 27 Jan 2023 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11283
Expires: Sun, 29 Jan 2023 03:55:54 GMT
Date: Sun, 29 Jan 2023 00:47:51 GMT
Connection: keep-alive
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash ed8a8c45dceab588456b222e04775919
0242859712655caa3c3e9b936878c7c7874b7b5a
669f0691b8bf32a10fb219ce47ad69495e5cd2a11317b672aecca53f50b51de3
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 29 Jan 2023 00:47:51 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp2.globalsign.com/gsalphasha2g2
104.18.20.226200 OK 1.4 kB URL HTTP/1.1 ocsp2.globalsign.com/gsalphasha2g2
IP 104.18.20.226:0
Hash 1c21101e150e3f2845627dd99fe42dc3
4392787759a3de1c58fe825aa798b740a4fd4c24
896b9c02a6d0e83122fa402d7a9cb0e756e5b246ba4cb67256efe3ec5dab0562
POST /gsalphasha2g2 HTTP/1.1
Host: ocsp2.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 29 Jan 2023 00:47:51 GMT
Content-Type: application/ocsp-response
Content-Length: 1423
Connection: keep-alive
Expires: Wed, 01 Feb 2023 20:47:14 GMT
ETag: "4392787759a3de1c58fe825aa798b740a4fd4c24"
Last-Modified: Sat, 28 Jan 2023 20:47:15 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 2305
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 790df57d3e4c0b02-OSL
ocsp.globalsign.com/gseccovsslca2018
104.18.21.226200 OK 940 B URL HTTP/1.1 ocsp.globalsign.com/gseccovsslca2018
IP 104.18.21.226:0
Hash 14eb49e79807ce9abb43730fde7370a1
2efbae5e52ebec5abd7fa6db7846ed56b6b5bda0
87bb1c22a4ed94545bf8862cdadc1398fd8c724fbcf8464234039d535e5dbb07
POST /gseccovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 29 Jan 2023 00:47:51 GMT
Content-Type: application/ocsp-response
Content-Length: 940
Connection: keep-alive
Expires: Wed, 01 Feb 2023 23:16:39 GMT
ETag: "2efbae5e52ebec5abd7fa6db7846ed56b6b5bda0"
Last-Modified: Sat, 28 Jan 2023 23:16:40 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 827
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 790df57d3ce70afe-OSL
ocsp.globalsign.com/gseccovsslca2018
104.18.21.226200 OK 940 B URL HTTP/1.1 ocsp.globalsign.com/gseccovsslca2018
IP 104.18.21.226:0
Hash 14eb49e79807ce9abb43730fde7370a1
2efbae5e52ebec5abd7fa6db7846ed56b6b5bda0
87bb1c22a4ed94545bf8862cdadc1398fd8c724fbcf8464234039d535e5dbb07
POST /gseccovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 29 Jan 2023 00:47:51 GMT
Content-Type: application/ocsp-response
Content-Length: 940
Connection: keep-alive
Expires: Wed, 01 Feb 2023 23:16:39 GMT
ETag: "2efbae5e52ebec5abd7fa6db7846ed56b6b5bda0"
Last-Modified: Sat, 28 Jan 2023 23:16:40 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 827
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 790df57d4957b51d-OSL
pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-4358137683029217
142.250.74.130200 OK 50 kB URL HTTP/2 pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-4358137683029217
IP 142.250.74.130:0
File type ASCII text, with very long lines (3649)
Hash 0dc713f55ec72fa795bc1ef2e1ac8d64
cb37247461090e89c7b5464c599833a5205c9afb
82fd5d2aeb8c54da738aac6f7b5fe096386919ddba6962d5fcde6daa554daf38
GET /pagead/js/adsbygoogle.js?client=ca-pub-4358137683029217 HTTP/1.1
Host: pagead2.googlesyndication.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://goo.su
Connection: keep-alive
Referer: https://goo.su/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Sun, 29 Jan 2023 00:47:51 GMT
expires: Sun, 29 Jan 2023 00:47:51 GMT
cache-control: private, max-age=3600
content-type: text/javascript; charset=UTF-8
etag: 876176595848298681
access-control-allow-origin: *
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 49966
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash ed8a8c45dceab588456b222e04775919
0242859712655caa3c3e9b936878c7c7874b7b5a
669f0691b8bf32a10fb219ce47ad69495e5cd2a11317b672aecca53f50b51de3
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 29 Jan 2023 00:47:51 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
counter.yadro.ru/hit?t44.11;r;s1280*1024*24;uhttps%3A//goo.su/wunD%3F10006039TPMCRY31HAKWLU10249191024919;hRedirecting...;0.2078623410706465
88.212.201.198200 OK 132 B URL HTTP/1.1 counter.yadro.ru/hit?t44.11;r;s1280*1024*24;uhttps%3A//goo.su/wunD%3F10006039TPMCRY31HAKWLU10249191024919;hRedirecting...;0.2078623410706465
IP 88.212.201.198:0
ASN #39134 United Network LLC
File type GIF image data, version 87a, 31 x 31\012- data
Hash 099e70b2712eaea2a982b474b20a0a80
e3ce99d03d1ae5dc89050a8287f7c390374dd2cb
e10cd8d343f9c37e3500c69d92f7ac7e78b6c7df29a2ace8cffe71bfa494e8c9
GET /hit?t44.11;r;s1280*1024*24;uhttps%3A//goo.su/wunD%3F10006039TPMCRY31HAKWLU10249191024919;hRedirecting...;0.2078623410706465 HTTP/1.1
Host: counter.yadro.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://goo.su/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.9
Date: Sun, 29 Jan 2023 00:47:51 GMT
Content-Type: image/gif
Content-Length: 132
Connection: keep-alive
Expires: Fri, 28 Jan 2022 21:00:00 GMT
Pragma: no-cache
Cache-control: no-cache
Access-Control-Allow-Origin: *
Strict-Transport-Security: max-age=86400
ocsp.globalsign.com/gsgccr3dvtlsca2020
104.18.21.226200 OK 1.4 kB URL HTTP/1.1 ocsp.globalsign.com/gsgccr3dvtlsca2020
IP 104.18.21.226:0
Hash d1b89dc53fabde6e97da18ffda04347b
8c514c6aab6d586d090d9e542b1c580035be40d8
dcc7e8eac40df6ce9f82bbc1dfddb255891abbe0c101d7c3e9ba9b6217d27de2
POST /gsgccr3dvtlsca2020 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 29 Jan 2023 00:47:52 GMT
Content-Type: application/ocsp-response
Content-Length: 1414
Connection: keep-alive
Expires: Wed, 01 Feb 2023 22:23:06 GMT
ETag: "8c514c6aab6d586d090d9e542b1c580035be40d8"
Last-Modified: Sat, 28 Jan 2023 22:23:07 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 2957
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 790df57e0a09b51d-OSL
googleads.g.doubleclick.net/pagead/html/r20230124/r20190131/zrt_lookup.html
142.250.74.66200 OK 4.2 kB URL HTTP/2 googleads.g.doubleclick.net/pagead/html/r20230124/r20190131/zrt_lookup.html
IP 142.250.74.66:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (2579)
Hash 2fb3574102373e2e076cfa2ff90cdf25
d06c985183def975546d6e47ab6369c11dcf7195
e61cbc207f7fc2f429deceff11e7a339a3d9a9574da6d035054eba02ee381345
GET /pagead/html/r20230124/r20190131/zrt_lookup.html HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://goo.su/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
x-content-type-options: nosniff
content-encoding: br
server: cafe
content-length: 4242
x-xss-protection: 0
date: Sat, 28 Jan 2023 09:23:45 GMT
expires: Sat, 11 Feb 2023 09:23:45 GMT
cache-control: public, max-age=1209600
etag: 10353107486223812946
content-type: text/html; charset=UTF-8
age: 55447
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
kraken.rambler.ru/userip
81.19.89.16200 OK 12 B IP 81.19.89.16:0
ASN #24638 Rambler Internet Holding LLC
File type ASCII text, with no line terminators
Hash 35b0bce9d250429df012c0426f88d0bd
f81d80af9cbeb0011316fbba3da8002b32251f7a
da9add592d7eb9cca7705cb4870d7fd4e9718ccd51486c4261a727a8d566960d
GET /userip HTTP/1.1
Host: kraken.rambler.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://goo.su
Connection: keep-alive
Referer: https://goo.su/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx/1.19.4
date: Sun, 29 Jan 2023 00:47:52 GMT
content-type: application/octet-stream
content-length: 12
access-control-allow-origin: https://goo.su
x-srv: 0kraken-prod0003.ad.rambler.tech
set-cookie: ruid=1CIAADjC1WNALEM9AZJlEQB=; expires=Thu, 31-Dec-37 23:55:55 GMT; domain=.rambler.ru; path=/
proto_uid=1CIAADjC1WNALEM9AZJlEQB=; expires=Thu, 31-Dec-37 23:55:55 GMT; domain=.rambler.ru; path=/
p3p: CP="NON DSP NID ADMa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
X-Firefox-Spdy: h2
push.services.mozilla.com/
52.10.73.188101 Switching Protocols 32 kB URL HTTP/1.1 push.services.mozilla.com/
IP 52.10.73.188:0
Hash 0df22f443f19844168e0e0bf2f6e0f78
069d9898d562064ef76c6f8e25e0f13cf3eea98c
13c0c313c47910a2e8c4b341db6314395f8577fa413a3d2fe53680b6468bf78c
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: TdwTjbwA1ZxqJCq5lkKrmA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: lPhP3Uxh7yJmWBcka9cFp9bOMsA=
top-fwz1.mail.ru/counter?js=13;id=3128781;u=https%3A//goo.su/wunD%3F10006039TPMCRY31HAKWLU10249191024919;st=1674953276580;title=Redirecting...;s=1280*1024;vp=1268*939;touch=0;hds=1;frame=0;flash=;sid=2e22c20d7a7e11b1;ver=60.3.0;tz=0%2FUTC;ni=;lvid=1674953277120%3A1674953277140%3A1%3A696c35c8aff48f30d11559e98c9ca169;visible=true;_=0.7257666614266599
95.163.52.67302 Found 0 B URL HTTP/2 top-fwz1.mail.ru/counter?js=13;id=3128781;u=https%3A//goo.su/wunD%3F10006039TPMCRY31HAKWLU10249191024919;st=1674953276580;title=Redirecting...;s=1280*1024;vp=1268*939;touch=0;hds=1;frame=0;flash=;sid=2e22c20d7a7e11b1;ver=60.3.0;tz=0%2FUTC;ni=;lvid=1674953277120%3A1674953277140%3A1%3A696c35c8aff48f30d11559e98c9ca169;visible=true;_=0.7257666614266599
IP 95.163.52.67:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /counter?js=13;id=3128781;u=https%3A//goo.su/wunD%3F10006039TPMCRY31HAKWLU10249191024919;st=1674953276580;title=Redirecting...;s=1280*1024;vp=1268*939;touch=0;hds=1;frame=0;flash=;sid=2e22c20d7a7e11b1;ver=60.3.0;tz=0%2FUTC;ni=;lvid=1674953277120%3A1674953277140%3A1%3A696c35c8aff48f30d11559e98c9ca169;visible=true;_=0.7257666614266599 HTTP/1.1
Host: top-fwz1.mail.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://goo.su/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
server: nginx
date: Sun, 29 Jan 2023 00:47:52 GMT
content-length: 0
location: https://top-fwz1.mail.ru/counter2?js=13;id=3128781;u=https%3A//goo.su/wunD%3F10006039TPMCRY31HAKWLU10249191024919;st=1674953276580;title=Redirecting...;s=1280*1024;vp=1268*939;touch=0;hds=1;frame=0;flash=;sid=2e22c20d7a7e11b1;ver=60.3.0;tz=0%2FUTC;ni=;lvid=1674953277120%3A1674953277140%3A1%3A696c35c8aff48f30d11559e98c9ca169;visible=true;_=0.7257666614266599
set-cookie: FTID=1RMYgQ0tkIIF:1674953272:3128781:::; path=/; expires=Tue, 30-Jan-24 00:47:52 GMT; domain=.mail.ru; HttpOnly; SameSite=None; Secure
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, HEAD, PUT, OPTIONS
access-control-allow-headers: *
amp-access-control-allow-source-origin: *
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
timing-allow-origin: *
x-content-type-options: nosniff
p3p: CP="NOI DSP COR NID CUR PSA OUR NOR"
cache-control: private, no-cache, no-store, max-age=0
pragma: no-cache
accept-ch: DPR, Width, Viewport-Width, Downlink, Device-Memory, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version
accept-ch-lifetime: 86400
X-Firefox-Spdy: h2
ocsp.globalsign.com/gseccovsslca2018
104.18.21.226200 OK 939 B URL HTTP/1.1 ocsp.globalsign.com/gseccovsslca2018
IP 104.18.21.226:0
Hash 815119ca229b4c8f5f3a43815ac656f9
415254313bf786ee91fe7d7bf0fc6273a98cefb5
9b3947d58369d282d1fb6c9f53b9dfd56abebfa27f1a75f50947e94164a66bca
POST /gseccovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 29 Jan 2023 00:47:52 GMT
Content-Type: application/ocsp-response
Content-Length: 939
Connection: keep-alive
Expires: Wed, 01 Feb 2023 21:38:12 GMT
ETag: "415254313bf786ee91fe7d7bf0fc6273a98cefb5"
Last-Modified: Sat, 28 Jan 2023 21:38:13 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 2699
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 790df57f7ae8b51d-OSL
ocsp.globalsign.com/gseccovsslca2018
104.18.21.226200 OK 939 B URL HTTP/1.1 ocsp.globalsign.com/gseccovsslca2018
IP 104.18.21.226:0
Hash 815119ca229b4c8f5f3a43815ac656f9
415254313bf786ee91fe7d7bf0fc6273a98cefb5
9b3947d58369d282d1fb6c9f53b9dfd56abebfa27f1a75f50947e94164a66bca
POST /gseccovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 29 Jan 2023 00:47:52 GMT
Content-Type: application/ocsp-response
Content-Length: 939
Connection: keep-alive
Expires: Wed, 01 Feb 2023 21:38:12 GMT
ETag: "415254313bf786ee91fe7d7bf0fc6273a98cefb5"
Last-Modified: Sat, 28 Jan 2023 21:38:13 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 2699
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 790df57f8aefb51d-OSL
ocsp.globalsign.com/gseccovsslca2018
104.18.21.226200 OK 939 B URL HTTP/1.1 ocsp.globalsign.com/gseccovsslca2018
IP 104.18.21.226:0
Hash 815119ca229b4c8f5f3a43815ac656f9
415254313bf786ee91fe7d7bf0fc6273a98cefb5
9b3947d58369d282d1fb6c9f53b9dfd56abebfa27f1a75f50947e94164a66bca
POST /gseccovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 29 Jan 2023 00:47:52 GMT
Content-Type: application/ocsp-response
Content-Length: 939
Connection: keep-alive
Expires: Wed, 01 Feb 2023 21:38:12 GMT
ETag: "415254313bf786ee91fe7d7bf0fc6273a98cefb5"
Last-Modified: Sat, 28 Jan 2023 21:38:13 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 2699
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 790df57f8de40afe-OSL
ocsp.globalsign.com/gseccovsslca2018
104.18.21.226200 OK 939 B URL HTTP/1.1 ocsp.globalsign.com/gseccovsslca2018
IP 104.18.21.226:0
Hash 815119ca229b4c8f5f3a43815ac656f9
415254313bf786ee91fe7d7bf0fc6273a98cefb5
9b3947d58369d282d1fb6c9f53b9dfd56abebfa27f1a75f50947e94164a66bca
POST /gseccovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 29 Jan 2023 00:47:52 GMT
Content-Type: application/ocsp-response
Content-Length: 939
Connection: keep-alive
Expires: Wed, 01 Feb 2023 21:38:12 GMT
ETag: "415254313bf786ee91fe7d7bf0fc6273a98cefb5"
Last-Modified: Sat, 28 Jan 2023 21:38:13 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 2699
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 790df57f8912b51e-OSL
yastatic.net/s3/home/fonts/ys/3/text-variable-full.woff2
178.154.131.217200 OK 26 kB URL HTTP/2 yastatic.net/s3/home/fonts/ys/3/text-variable-full.woff2
IP 178.154.131.217:0
File type Web Open Font Format (Version 2), TrueType, length 26004, version 1.0\012- data
Hash 7f0cdaf91230f9789ca4162aedff612e
965de571aa794dab64076c3cc64dc8894b843f23
033696b7f1ac04d1dcc102be84550e146236ceffc25a6cabc12aa51a6ee410b9
GET /s3/home/fonts/ys/3/text-variable-full.woff2 HTTP/1.1
Host: yastatic.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://goo.su
Connection: keep-alive
Referer: https://goo.su/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx/1.17.9
date: Sun, 29 Jan 2023 00:47:52 GMT
content-type: font/woff2
content-length: 26004
access-control-allow-origin: *
cache-control: public, max-age=31556952
etag: "7f0cdaf91230f9789ca4162aedff612e"
expires: Mon, 29 Jan 2024 06:36:12 GMT
last-modified: Mon, 25 Apr 2022 14:02:39 GMT
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
strict-transport-security: max-age=43200000; includeSubDomains;
timing-allow-origin: *
vary: Accept-Encoding
x-amz-meta-owner: {"role":"admin","login":"4eb0da"}
x-nginx-request-id: 54203fe77ba2d9ad
accept-ranges: bytes
X-Firefox-Spdy: h2
yastatic.net/partner-code-bundles/712629/8bd966b1ebb9efe38c58.js
178.154.131.217200 OK 113 kB URL HTTP/2 yastatic.net/partner-code-bundles/712629/8bd966b1ebb9efe38c58.js
IP 178.154.131.217:0
File type ASCII text, with very long lines (65497)
Size 113 kB (113036 bytes)
Hash 0ad372efe8fc0d736134889277837d12
912f023a376b08c56f95a13c44b2ea4e68f8890c
ea8af00518d354acf9f4571a05d7d7e09d5bfd008c3886adbcc3135cdd5e3445
GET /partner-code-bundles/712629/8bd966b1ebb9efe38c58.js HTTP/1.1
Host: yastatic.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://goo.su
Connection: keep-alive
Referer: https://goo.su/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx/1.17.9
date: Sun, 29 Jan 2023 00:47:52 GMT
content-type: text/javascript; charset=utf-8
content-length: 113036
access-control-allow-origin: *
cache-control: public, max-age=946708560
content-encoding: br
etag: "0ad372efe8fc0d736134889277837d12"
expires: Tue, 28 Jan 2053 07:21:28 GMT
last-modified: Thu, 26 Jan 2023 20:16:11 GMT
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
strict-transport-security: max-age=43200000; includeSubDomains;
timing-allow-origin: *
vary: Accept-Encoding
x-robots-tag: noindex, noarchive, nofollow
accept-ranges: bytes
X-Firefox-Spdy: h2
yastatic.net/partner-code-bundles/712629/50f74285ee5803022691.js
178.154.131.217200 OK 24 kB URL HTTP/2 yastatic.net/partner-code-bundles/712629/50f74285ee5803022691.js
IP 178.154.131.217:0
File type ASCII text, with very long lines (65494)
Hash 07beb91d2fa3826d789571c582f29e38
e50036d61b666246932f0fc714419773d6461008
6968962c662bee3bef58864a266efd30301b98d09118cf87bfcfdf00bb3dd2b9
GET /partner-code-bundles/712629/50f74285ee5803022691.js HTTP/1.1
Host: yastatic.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://goo.su
Connection: keep-alive
Referer: https://goo.su/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx/1.17.9
date: Sun, 29 Jan 2023 00:47:52 GMT
content-type: text/javascript; charset=utf-8
content-length: 23537
access-control-allow-origin: *
cache-control: public, max-age=946708560
content-encoding: br
etag: "07beb91d2fa3826d789571c582f29e38"
expires: Tue, 28 Jan 2053 07:21:27 GMT
last-modified: Thu, 26 Jan 2023 20:16:11 GMT
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
strict-transport-security: max-age=43200000; includeSubDomains;
timing-allow-origin: *
vary: Accept-Encoding
x-robots-tag: noindex, noarchive, nofollow
accept-ranges: bytes
X-Firefox-Spdy: h2
yastatic.net/partner-code-bundles/712629/1c0942547d39e10f5f56.js
178.154.131.217200 OK 4.8 kB URL HTTP/2 yastatic.net/partner-code-bundles/712629/1c0942547d39e10f5f56.js
IP 178.154.131.217:0
File type ASCII text, with very long lines (14344)
Hash c86c86ca9ae84ed8be753763d3c39f04
eaca4f150cd54332a7667b3e0980bea8a27ce124
8cc9b41e0a8bef92fe21f9287d6c8974979627c20443c8064623bfcb12bec2a1
GET /partner-code-bundles/712629/1c0942547d39e10f5f56.js HTTP/1.1
Host: yastatic.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://goo.su
Connection: keep-alive
Referer: https://goo.su/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx/1.17.9
date: Sun, 29 Jan 2023 00:47:52 GMT
content-type: text/javascript; charset=utf-8
content-length: 4801
access-control-allow-origin: *
cache-control: public, max-age=946708560
content-encoding: br
etag: "c86c86ca9ae84ed8be753763d3c39f04"
expires: Tue, 28 Jan 2053 07:19:17 GMT
last-modified: Thu, 26 Jan 2023 20:16:11 GMT
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
strict-transport-security: max-age=43200000; includeSubDomains;
timing-allow-origin: *
vary: Accept-Encoding
x-robots-tag: noindex, noarchive, nofollow
accept-ranges: bytes
X-Firefox-Spdy: h2
yastatic.net/partner-code-bundles/712629/07cea2bf8567304efc16.js
178.154.131.217200 OK 7.9 kB URL HTTP/2 yastatic.net/partner-code-bundles/712629/07cea2bf8567304efc16.js
IP 178.154.131.217:0
File type ASCII text, with very long lines (23593)
Hash 98aa37fde1bb8ac66df1dc7fce71b501
0dfe5cdc1acb93a5879cf93c69254d884ecb6ff6
3c116d0b11e18cfe05003fc31c7aa1d06caa18c2c8a7f6f177cf3c623ea63623
GET /partner-code-bundles/712629/07cea2bf8567304efc16.js HTTP/1.1
Host: yastatic.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://goo.su
Connection: keep-alive
Referer: https://goo.su/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx/1.17.9
date: Sun, 29 Jan 2023 00:47:52 GMT
content-type: text/javascript; charset=utf-8
content-length: 7926
access-control-allow-origin: *
cache-control: public, max-age=946708560
content-encoding: br
etag: "98aa37fde1bb8ac66df1dc7fce71b501"
expires: Tue, 28 Jan 2053 07:19:17 GMT
last-modified: Thu, 26 Jan 2023 20:16:11 GMT
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
strict-transport-security: max-age=43200000; includeSubDomains;
timing-allow-origin: *
vary: Accept-Encoding
x-robots-tag: noindex, noarchive, nofollow
accept-ranges: bytes
X-Firefox-Spdy: h2
st.top100.ru/top100/top100.js
81.19.89.18200 OK 35 kB URL HTTP/2 st.top100.ru/top100/top100.js
IP 81.19.89.18:0
ASN #24638 Rambler Internet Holding LLC
Hash 9274a2b116fea7582d5e795dee3b87cc
eadcaafc5793460bcb92889bb895fabc7582f3fc
e148ef0d8e70430fead01b3901ea022884c823efef1088b718a83b2363376fa8
GET /top100/top100.js HTTP/1.1
Host: st.top100.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://goo.su/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx/1.19.4
date: Sun, 29 Jan 2023 00:47:51 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Thu, 26 Jan 2023 13:46:21 GMT
x-rgw-object-type: Normal
etag: W/"8be646a5749885e8313282bc835db0fd"
x-amz-request-id: tx0000000000000070d30b5-0063d5c212-783970ff-default
expires: Sun, 29 Jan 2023 01:47:51 GMT
cache-control: max-age=3600
set-cookie: proto_uid=1CIAADfC1WOJV1gfAVFjEQB=; expires=Thu, 31-Dec-37 23:55:55 GMT; domain=.rambler.ru; path=/
p3p: CP="NON DSP NID ADMa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
content-encoding: gzip
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash b7da7d1d3e5880d5d4e313ac7fcf2a83
60a1e887ccb7c7cdae0035c65ef7df9908547fef
af17efcd17df50324c29cff05cea79f18cba79f6b1134ec0e6d1637759b5e895
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 29 Jan 2023 00:47:52 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash ef589be52a3e55b643978f17949a73da
74545de6f144282252ff92c751f97cc835c80341
7bfa68c43e60a2627770163b5c1b96fbd7e4843984ad5ff6225c5490b8073b26
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 29 Jan 2023 00:47:52 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
adservice.google.no/adsid/integrator.js?domain=goo.su
216.58.207.226200 OK 100 B URL HTTP/2 adservice.google.no/adsid/integrator.js?domain=goo.su
IP 216.58.207.226:0
File type ASCII text, with no line terminators
Hash 917951a58be8c6c6f3680159550ba3c2
21cd25c2a4eb9ec7e0f37021ce7b69e852dab4b4
cd8c45d9a0d98ca2e23d967483ec538bcafa246afdcf434bf60c8257acfacfac
GET /adsid/integrator.js?domain=goo.su HTTP/1.1
Host: adservice.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://goo.su/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: private, no-cache, no-store
content-type: application/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
date: Sun, 29 Jan 2023 00:47:52 GMT
server: cafe
content-length: 100
x-xss-protection: 0
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
adservice.google.com/adsid/integrator.js?domain=goo.su
142.250.74.98200 OK 100 B URL HTTP/2 adservice.google.com/adsid/integrator.js?domain=goo.su
IP 142.250.74.98:0
File type ASCII text, with no line terminators
Hash 917951a58be8c6c6f3680159550ba3c2
21cd25c2a4eb9ec7e0f37021ce7b69e852dab4b4
cd8c45d9a0d98ca2e23d967483ec538bcafa246afdcf434bf60c8257acfacfac
GET /adsid/integrator.js?domain=goo.su HTTP/1.1
Host: adservice.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://goo.su/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: private, no-cache, no-store
content-type: application/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
date: Sun, 29 Jan 2023 00:47:52 GMT
server: cafe
content-length: 100
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash b7da7d1d3e5880d5d4e313ac7fcf2a83
60a1e887ccb7c7cdae0035c65ef7df9908547fef
af17efcd17df50324c29cff05cea79f18cba79f6b1134ec0e6d1637759b5e895
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 29 Jan 2023 00:47:52 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
st.top100.ru/top100/3.13.5/usability.js
81.19.89.18200 OK 3.9 kB URL HTTP/2 st.top100.ru/top100/3.13.5/usability.js
IP 81.19.89.18:0
ASN #24638 Rambler Internet Holding LLC
Hash aa18fb0b9b13cc042044a9d2e3943bd0
fcd99529d93fd4c04a930475839db047ecb27af5
cd05701cd8ed46bb57d7741bd6eb0c58e117e107bc7d3c51db55b6526d4a0426
GET /top100/3.13.5/usability.js HTTP/1.1
Host: st.top100.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://goo.su/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx/1.19.4
date: Sun, 29 Jan 2023 00:47:51 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Thu, 26 Jan 2023 13:46:21 GMT
x-rgw-object-type: Normal
etag: W/"c057d219824a2c96eba73ee915d4fb84"
x-amz-request-id: tx0000000000000070cf3ca-0063d5c0f6-783970ff-default
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
set-cookie: proto_uid=1CIAADfC1WOJV1gfAVtjEQB=; expires=Thu, 31-Dec-37 23:55:55 GMT; domain=.rambler.ru; path=/
p3p: CP="NON DSP NID ADMa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
content-encoding: gzip
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash ef589be52a3e55b643978f17949a73da
74545de6f144282252ff92c751f97cc835c80341
7bfa68c43e60a2627770163b5c1b96fbd7e4843984ad5ff6225c5490b8073b26
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 29 Jan 2023 00:47:52 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash ae45eeb8e62398ce3fc49c0234699163
f5506898f66248b331e84b573a010c5c1a8ad0d2
3d298a54e6d0f6e8f6a48a398e372720fb871623080b7408d66f296068ec6ddc
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 29 Jan 2023 00:47:52 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
partner.googleadservices.com/gampad/cookie.js?domain=goo.su&callback=_gfp_s_&client=ca-pub-4358137683029217
216.58.207.226200 OK 247 B URL HTTP/2 partner.googleadservices.com/gampad/cookie.js?domain=goo.su&callback=_gfp_s_&client=ca-pub-4358137683029217
IP 216.58.207.226:0
File type ASCII text, with very long lines (379), with no line terminators
Hash 7936370503da601dd1eb13502f782574
a23f6221a37dc3eccdca966dabf98082d56ed9ac
bae9cc3d389cb178b9e84c2e14e6156c615d54abb3aabf328fab2f7c575c7afb
GET /gampad/cookie.js?domain=goo.su&callback=_gfp_s_&client=ca-pub-4358137683029217 HTTP/1.1
Host: partner.googleadservices.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://goo.su/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
date: Sun, 29 Jan 2023 00:47:52 GMT
server: cafe
cache-control: private
content-length: 247
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
kraken.rambler.ru/cnt/?et=pv&v=3.13.5&pid=6673155&tid=t1.6673155.904980135.1674953276904&rid=1674953276.904-776274694&fid=pA8AAENKs1e4GYz8AQlryQA%3D&fip=pA8AAENKs1cnnUv2AauVQAA%3D&eid=434932772684616&aduid=4ff0f158-17a1-4436-af08-5bcb0be46cf4&aduidsc=goo.su&stid=705700378_1674953276906&sn=1&sen=1&ce=1&bs=1268x939&rf&en=UTF-8&pt=Redirecting...&sr=1280x1024&cd=24-bit&la=en-US&ja=0&acn=Mozilla&an=Netscape&pl=Linux%20x86_64&tz=0&le=2&ct=web&url=https%3A%2F%2Fgoo.su%2FwunD%3F10006039TPMCRY31HAKWLU10249191024919&lv&exp=%5B%5B%22exp_bot%22%2C%22split_b%22%5D%2C%5B%22exp_ping%22%2C%22no%22%5D%5D&rn=723205217
81.19.89.16200 OK 595 B URL HTTP/2 kraken.rambler.ru/cnt/?et=pv&v=3.13.5&pid=6673155&tid=t1.6673155.904980135.1674953276904&rid=1674953276.904-776274694&fid=pA8AAENKs1e4GYz8AQlryQA%3D&fip=pA8AAENKs1cnnUv2AauVQAA%3D&eid=434932772684616&aduid=4ff0f158-17a1-4436-af08-5bcb0be46cf4&aduidsc=goo.su&stid=705700378_1674953276906&sn=1&sen=1&ce=1&bs=1268x939&rf&en=UTF-8&pt=Redirecting...&sr=1280x1024&cd=24-bit&la=en-US&ja=0&acn=Mozilla&an=Netscape&pl=Linux%20x86_64&tz=0&le=2&ct=web&url=https%3A%2F%2Fgoo.su%2FwunD%3F10006039TPMCRY31HAKWLU10249191024919&lv&exp=%5B%5B%22exp_bot%22%2C%22split_b%22%5D%2C%5B%22exp_ping%22%2C%22no%22%5D%5D&rn=723205217
IP 81.19.89.16:0
ASN #24638 Rambler Internet Holding LLC
File type GIF image data, version 87a, 88 x 31\012- data
Hash b566a466c8d8c0361839677785e69240
c6e6a583e76e699806f806dbd63cebd9037f551e
86d9d7d32ba3d9eb9fbea6508c725c17c44f80d6a7d16ca1fa79a85c4b632e91
GET /cnt/?et=pv&v=3.13.5&pid=6673155&tid=t1.6673155.904980135.1674953276904&rid=1674953276.904-776274694&fid=pA8AAENKs1e4GYz8AQlryQA%3D&fip=pA8AAENKs1cnnUv2AauVQAA%3D&eid=434932772684616&aduid=4ff0f158-17a1-4436-af08-5bcb0be46cf4&aduidsc=goo.su&stid=705700378_1674953276906&sn=1&sen=1&ce=1&bs=1268x939&rf&en=UTF-8&pt=Redirecting...&sr=1280x1024&cd=24-bit&la=en-US&ja=0&acn=Mozilla&an=Netscape&pl=Linux%20x86_64&tz=0&le=2&ct=web&url=https%3A%2F%2Fgoo.su%2FwunD%3F10006039TPMCRY31HAKWLU10249191024919&lv&exp=%5B%5B%22exp_bot%22%2C%22split_b%22%5D%2C%5B%22exp_ping%22%2C%22no%22%5D%5D&rn=723205217 HTTP/1.1
Host: kraken.rambler.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://goo.su/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx/1.19.4
date: Sun, 29 Jan 2023 00:47:52 GMT
content-type: image/gif
content-length: 595
last-modified: Tue, 12 Nov 2019 12:50:59 GMT
etag: "5dcaaab3-253"
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: content-type
access-control-allow-credentials: true
x-srv: 0kraken-prod0001.ad.rambler.tech
set-cookie: ruid=1CIAADjC1WOLgw2xAY4DIAB=; expires=Thu, 31-Dec-37 23:55:55 GMT; domain=.rambler.ru; path=/
proto_uid=1CIAADjC1WOLgw2xAY4DIAB=; expires=Thu, 31-Dec-37 23:55:55 GMT; domain=.rambler.ru; path=/
p3p: CP="NON DSP NID ADMa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
accept-ranges: bytes
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash ae45eeb8e62398ce3fc49c0234699163
f5506898f66248b331e84b573a010c5c1a8ad0d2
3d298a54e6d0f6e8f6a48a398e372720fb871623080b7408d66f296068ec6ddc
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 29 Jan 2023 00:47:52 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
kraken.rambler.ru/cnt/v2/?event_type=base&event_name=page_view&project_id=6673155&session_id=705700378_1674953276906&session_number=1&session_event_number=1&version=3.13.5&counter_type=web&experiment=%5B%5B%22exp_bot%22%2C%22split_b%22%5D%2C%5B%22exp_ping%22%2C%22no%22%5D%5D&top100_id=t1.6673155.904980135.1674953276904&adtech_uid=4ff0f158-17a1-4436-af08-5bcb0be46cf4&adtech_uid_scope=goo.su&fingerprint=pA8AAENKs1e4GYz8AQlryQA%3D&fingerprint_ip=pA8AAENKs1cnnUv2AauVQAA%3D&url=https%3A%2F%2Fgoo.su%2FwunD%3F10006039TPMCRY31HAKWLU10249191024919&request_id=1674953276.904-776274694&event_id=843932772691762&meta=%7B%22title%22%3A%22Redirecting...%22%2C%22referer%22%3A%22%22%2C%22screen_size%22%3A%221280x1024%22%2C%22browser_size%22%3A%221268x939%22%2C%22color_depth%22%3A%2224-bit%22%2C%22language%22%3A%22en-US%22%2C%22browser%22%3A%22Netscape%22%2C%22platform%22%3A%22Linux%20x86_64%22%2C%22timezone%22%3A%220%22%7D&rn=1652828150
81.19.89.16200 OK 595 B URL HTTP/2 kraken.rambler.ru/cnt/v2/?event_type=base&event_name=page_view&project_id=6673155&session_id=705700378_1674953276906&session_number=1&session_event_number=1&version=3.13.5&counter_type=web&experiment=%5B%5B%22exp_bot%22%2C%22split_b%22%5D%2C%5B%22exp_ping%22%2C%22no%22%5D%5D&top100_id=t1.6673155.904980135.1674953276904&adtech_uid=4ff0f158-17a1-4436-af08-5bcb0be46cf4&adtech_uid_scope=goo.su&fingerprint=pA8AAENKs1e4GYz8AQlryQA%3D&fingerprint_ip=pA8AAENKs1cnnUv2AauVQAA%3D&url=https%3A%2F%2Fgoo.su%2FwunD%3F10006039TPMCRY31HAKWLU10249191024919&request_id=1674953276.904-776274694&event_id=843932772691762&meta=%7B%22title%22%3A%22Redirecting...%22%2C%22referer%22%3A%22%22%2C%22screen_size%22%3A%221280x1024%22%2C%22browser_size%22%3A%221268x939%22%2C%22color_depth%22%3A%2224-bit%22%2C%22language%22%3A%22en-US%22%2C%22browser%22%3A%22Netscape%22%2C%22platform%22%3A%22Linux%20x86_64%22%2C%22timezone%22%3A%220%22%7D&rn=1652828150
IP 81.19.89.16:0
ASN #24638 Rambler Internet Holding LLC
File type GIF image data, version 87a, 88 x 31\012- data
Hash b566a466c8d8c0361839677785e69240
c6e6a583e76e699806f806dbd63cebd9037f551e
86d9d7d32ba3d9eb9fbea6508c725c17c44f80d6a7d16ca1fa79a85c4b632e91
GET /cnt/v2/?event_type=base&event_name=page_view&project_id=6673155&session_id=705700378_1674953276906&session_number=1&session_event_number=1&version=3.13.5&counter_type=web&experiment=%5B%5B%22exp_bot%22%2C%22split_b%22%5D%2C%5B%22exp_ping%22%2C%22no%22%5D%5D&top100_id=t1.6673155.904980135.1674953276904&adtech_uid=4ff0f158-17a1-4436-af08-5bcb0be46cf4&adtech_uid_scope=goo.su&fingerprint=pA8AAENKs1e4GYz8AQlryQA%3D&fingerprint_ip=pA8AAENKs1cnnUv2AauVQAA%3D&url=https%3A%2F%2Fgoo.su%2FwunD%3F10006039TPMCRY31HAKWLU10249191024919&request_id=1674953276.904-776274694&event_id=843932772691762&meta=%7B%22title%22%3A%22Redirecting...%22%2C%22referer%22%3A%22%22%2C%22screen_size%22%3A%221280x1024%22%2C%22browser_size%22%3A%221268x939%22%2C%22color_depth%22%3A%2224-bit%22%2C%22language%22%3A%22en-US%22%2C%22browser%22%3A%22Netscape%22%2C%22platform%22%3A%22Linux%20x86_64%22%2C%22timezone%22%3A%220%22%7D&rn=1652828150 HTTP/1.1
Host: kraken.rambler.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://goo.su/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx/1.19.4
date: Sun, 29 Jan 2023 00:47:52 GMT
content-type: image/gif
content-length: 595
last-modified: Tue, 12 Nov 2019 12:50:59 GMT
etag: "5dcaaab3-253"
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: content-type
access-control-allow-credentials: true
x-srv: 0kraken-prod0001.ad.rambler.tech
set-cookie: ruid=1CIAADjC1WOLgw2xAY8DIAB=; expires=Thu, 31-Dec-37 23:55:55 GMT; domain=.rambler.ru; path=/
proto_uid=1CIAADjC1WOLgw2xAY8DIAB=; expires=Thu, 31-Dec-37 23:55:55 GMT; domain=.rambler.ru; path=/
p3p: CP="NON DSP NID ADMa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
accept-ranges: bytes
X-Firefox-Spdy: h2
pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230124&st=env
142.250.74.130200 OK 11 kB URL HTTP/2 pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230124&st=env
IP 142.250.74.130:0
File type JSON data\012- , ASCII text, with very long lines (14713), with no line terminators
Hash 916e27d5b0c570d78b4c3e1a88b4ed81
f2ccbc3806d5654a3cab83a77b07a1759d1afa4b
206a31c62a5186d48de8313778ca30ebb408fc682f404eeeaf313c4f40cf4060
GET /getconfig/sodar?sv=200&tid=gda&tv=r20230124&st=env HTTP/1.1
Host: pagead2.googlesyndication.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://goo.su
Connection: keep-alive
Referer: https://goo.su/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
content-type: application/json; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
date: Sun, 29 Jan 2023 00:47:52 GMT
server: cafe
content-length: 11103
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
top-fwz1.mail.ru/tracker?js=13;id=3128781;u=https%3A//goo.su/wunD%3F10006039TPMCRY31HAKWLU10249191024919;st=1674953276580;title=Redirecting...;s=1280*1024;vp=1268*939;touch=0;hds=1;frame=0;flash=;sid=2e22c20d7a7e11b1;ver=60.3.0;tz=0%2FUTC;nt=0/0/1674953275596/////363/386/391/394/424/398/424/682/683/700/984/1003/1004/1990/1990/;ni=;lvid=1674953277120%3A1674953277588%3A2%3A696c35c8aff48f30d11559e98c9ca169;visible=true;_=0.8306764575308622;e=RT/load;et=1674953277586
95.163.52.67200 OK 43 B URL HTTP/2 top-fwz1.mail.ru/tracker?js=13;id=3128781;u=https%3A//goo.su/wunD%3F10006039TPMCRY31HAKWLU10249191024919;st=1674953276580;title=Redirecting...;s=1280*1024;vp=1268*939;touch=0;hds=1;frame=0;flash=;sid=2e22c20d7a7e11b1;ver=60.3.0;tz=0%2FUTC;nt=0/0/1674953275596/////363/386/391/394/424/398/424/682/683/700/984/1003/1004/1990/1990/;ni=;lvid=1674953277120%3A1674953277588%3A2%3A696c35c8aff48f30d11559e98c9ca169;visible=true;_=0.8306764575308622;e=RT/load;et=1674953277586
IP 95.163.52.67:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 9bb191c6827273aa978cab39a3587950
25d8043336eb799e52b1a0e15ff6b95e09c24e35
24e480e4659fbae818853a38f8a3036f529f539024dc3e772c0b594ce02ea9db
GET /tracker?js=13;id=3128781;u=https%3A//goo.su/wunD%3F10006039TPMCRY31HAKWLU10249191024919;st=1674953276580;title=Redirecting...;s=1280*1024;vp=1268*939;touch=0;hds=1;frame=0;flash=;sid=2e22c20d7a7e11b1;ver=60.3.0;tz=0%2FUTC;nt=0/0/1674953275596/////363/386/391/394/424/398/424/682/683/700/984/1003/1004/1990/1990/;ni=;lvid=1674953277120%3A1674953277588%3A2%3A696c35c8aff48f30d11559e98c9ca169;visible=true;_=0.8306764575308622;e=RT/load;et=1674953277586 HTTP/1.1
Host: top-fwz1.mail.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://goo.su/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 29 Jan 2023 00:47:52 GMT
content-type: image/gif
content-length: 43
set-cookie: FTID=1RMYgQ0tkIIF:1674953272:3128781:::; path=/; expires=Tue, 30-Jan-24 00:47:52 GMT; domain=.mail.ru; HttpOnly; SameSite=None; Secure
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, HEAD, PUT, OPTIONS
access-control-allow-headers: *
amp-access-control-allow-source-origin: *
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
timing-allow-origin: *
x-content-type-options: nosniff
p3p: CP="NOI DSP COR NID CUR PSA OUR NOR"
cache-control: private, no-cache, no-store, max-age=0
pragma: no-cache
accept-ch: DPR, Width, Viewport-Width, Downlink, Device-Memory, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version
accept-ch-lifetime: 86400
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 622fef0135648b055d1691ae97508eff
535c21115ccc50934d06c70e153df6ae542f1b5c
a66508fe21cab04638a3988ee90babe52167f0399a5440e329cf397182c813b4
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 29 Jan 2023 00:47:52 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
tpc.googlesyndication.com/sodar/sodar2.js
142.250.74.65200 OK 6.4 kB URL HTTP/2 tpc.googlesyndication.com/sodar/sodar2.js
IP 142.250.74.65:0
File type ASCII text, with very long lines (1321)
Hash ac906814ed812c4ecdbb624a3bd2f6c3
8e4547eaffaa66a1ee61b36028dbcd7091d0e7de
8ab8cef6156022c4547455defd8252b48b6bcb8b734072849345bb99758705fe
GET /sodar/sodar2.js HTTP/1.1
Host: tpc.googlesyndication.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://goo.su/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/javascript
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length: 6386
date: Sun, 29 Jan 2023 00:47:52 GMT
expires: Sun, 29 Jan 2023 00:47:52 GMT
cache-control: private, max-age=3000
etag: "1637097310169751"
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
tpc.googlesyndication.com/sodar/sodar2/225/runner.html
142.250.74.65200 OK 5.0 kB URL HTTP/2 tpc.googlesyndication.com/sodar/sodar2/225/runner.html
IP 142.250.74.65:0
File type HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (2020)
Hash f530c16b248be97e10df228df6a41c24
ca3c3a38bbeef6906682b3e0b2a7be40c08b0925
f45287dcfd79a2411e79f98c834c6f7eff8a281a9b4fdba0124be9d204987786
GET /sodar/sodar2/225/runner.html HTTP/1.1
Host: tpc.googlesyndication.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://goo.su/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length: 5046
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sun, 22 Jan 2023 22:10:29 GMT
expires: Mon, 22 Jan 2024 22:10:29 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
content-type: text/html
age: 527843
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 86352d15c37831cf9bf1e41325029224
ac8b28bcc1e6dd026e1f62d1ef8b9f80a42eee21
154f5f5e116df41f5d3bd414c671138b2afc198071529a0f3573109277566cd8
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 29 Jan 2023 00:47:52 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
yastatic.net/s3/games-static/favicons/icon-192.png
178.154.131.217200 OK 24 kB URL HTTP/2 yastatic.net/s3/games-static/favicons/icon-192.png
IP 178.154.131.217:0
File type PNG image data, 192 x 192, 8-bit/color RGBA, non-interlaced\012- data
Hash 7819c957eaa80af5bf14f760d49b64a7
93b670523acd14f884c3a538d59d408da0888a6c
ca78c114bba40b141a59c55a9d3fb6db7672bc3effd4337f2b1ce512b4d06c9e
GET /s3/games-static/favicons/icon-192.png HTTP/1.1
Host: yastatic.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://goo.su/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx/1.17.9
date: Sun, 29 Jan 2023 00:47:52 GMT
content-type: image/png
content-length: 24134
access-control-allow-origin: *
cache-control: public, max-age=216013
etag: "7819c957eaa80af5bf14f760d49b64a7"
expires: Tue, 31 Jan 2023 12:46:24 GMT
last-modified: Thu, 14 Apr 2022 12:22:42 GMT
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
strict-transport-security: max-age=43200000; includeSubDomains;
timing-allow-origin: *
vary: Accept-Encoding
x-nginx-request-id: 2fbc47f8e31743b8
accept-ranges: bytes
X-Firefox-Spdy: h2
www.google.com/recaptcha/api2/aframe
216.58.207.228200 OK 512 B URL HTTP/2 www.google.com/recaptcha/api2/aframe
IP 216.58.207.228:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (783), with no line terminators
Hash d636c342db86a8c45b9d1180ae7b71e7
9740df0f2fddf4790d866ed88cd879a4465fc6f9
e642008b0c645870f92b20b71fbc34051204d1caba2c1f9d82a5ed78e33f155e
GET /recaptcha/api2/aframe HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://goo.su/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires: Sun, 29 Jan 2023 00:47:52 GMT
date: Sun, 29 Jan 2023 00:47:52 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'nonce--YkQhKdChH4CQQC1tnzpPg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 512
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.globalsign.com/gseccovsslca2018
104.18.21.226200 OK 939 B URL HTTP/1.1 ocsp.globalsign.com/gseccovsslca2018
IP 104.18.21.226:0
Hash e7cda831d38f02f4a658d1c65b65153d
22977a3cceda51d0c5d7c05bd6ea994e3ea9eb30
131e5e31a7d872e5723d52c785b27ea1296c6ad66d9657efd3dfc4ce136d7003
POST /gseccovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 29 Jan 2023 00:47:52 GMT
Content-Type: application/ocsp-response
Content-Length: 939
Connection: keep-alive
Expires: Wed, 01 Feb 2023 21:50:33 GMT
ETag: "22977a3cceda51d0c5d7c05bd6ea994e3ea9eb30"
Last-Modified: Sat, 28 Jan 2023 21:50:34 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 2898
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 790df5834dddb51d-OSL
yastatic.net/safeframe-bundles/0.83/1-1-0/render.html
178.154.131.217200 OK 6.3 kB URL HTTP/2 yastatic.net/safeframe-bundles/0.83/1-1-0/render.html
IP 178.154.131.217:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (23297)
Hash eb77de48712912aadc9aa8171ac75ede
f375e4ed6b585c4e30b2d56f4f41c3beed909349
437ee0c22002ccd77158d7a7018113f26384324158ab3cef65373007f29b1bcf
GET /safeframe-bundles/0.83/1-1-0/render.html HTTP/1.1
Host: yastatic.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://goo.su/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx/1.17.9
date: Sun, 29 Jan 2023 00:47:52 GMT
content-type: text/html
content-length: 6262
access-control-allow-origin: *
cache-control: public, max-age=946708560
content-encoding: br
etag: "eb77de48712912aadc9aa8171ac75ede"
expires: Tue, 28 Jan 2053 07:21:44 GMT
last-modified: Wed, 03 Nov 2021 13:42:58 GMT
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
strict-transport-security: max-age=43200000; includeSubDomains;
timing-allow-origin: *
vary: Accept-Encoding
x-robots-tag: noindex, noarchive, nofollow
accept-ranges: bytes
X-Firefox-Spdy: h2
pagead2.googlesyndication.com/bg/V3SsRWZOfA-pKEWNVYsb3GaVjAUiaK0X1iPK6a1PXlU.js
142.250.74.130200 OK 14 kB URL HTTP/2 pagead2.googlesyndication.com/bg/V3SsRWZOfA-pKEWNVYsb3GaVjAUiaK0X1iPK6a1PXlU.js
IP 142.250.74.130:0
File type ASCII text, with very long lines (35919)
Hash 9c4d98a05d87a2f96a5fdf4e1d245e31
b18eefe1c4140845b80225411f631f959831ce20
f36daa66f69510ecf68327c96697ff61c7fdfd052501b5d04483e02d5bd7251a
GET /bg/V3SsRWZOfA-pKEWNVYsb3GaVjAUiaK0X1iPK6a1PXlU.js HTTP/1.1
Host: pagead2.googlesyndication.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tpc.googlesyndication.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-length: 14206
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 26 Jan 2023 05:06:00 GMT
expires: Fri, 26 Jan 2024 05:06:00 GMT
cache-control: public, max-age=31536000
last-modified: Thu, 19 Jan 2023 11:48:00 GMT
content-type: text/javascript
age: 243712
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20230124&jk=4254640517303964&rc=
142.250.74.130204 No Content 0 B URL HTTP/2 pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20230124&jk=4254640517303964&rc=
IP 142.250.74.130:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /pagead/sodar?id=sodar2&v=225&li=gda_r20230124&jk=4254640517303964&rc= HTTP/1.1
Host: pagead2.googlesyndication.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Sun, 29 Jan 2023 00:47:52 GMT
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.globalsign.com/gseccovsslca2018
104.18.21.226200 OK 939 B URL HTTP/1.1 ocsp.globalsign.com/gseccovsslca2018
IP 104.18.21.226:0
Hash 2f9885f43c999c673c3a84d251d66d85
2864b34c1dcc3f0ba6bb274a1dc2eead6b034900
b64e1eba7876209a90e7cb384558a30738a63298e29b9df238281f93c11528fc
POST /gseccovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 29 Jan 2023 00:47:52 GMT
Content-Type: application/ocsp-response
Content-Length: 939
Connection: keep-alive
Expires: Wed, 01 Feb 2023 23:28:12 GMT
ETag: "2864b34c1dcc3f0ba6bb274a1dc2eead6b034900"
Last-Modified: Sat, 28 Jan 2023 23:28:13 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 752
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 790df5838e13b51d-OSL
ocsp.globalsign.com/gsrsaovsslca2018
104.18.21.226200 OK 1.4 kB URL HTTP/1.1 ocsp.globalsign.com/gsrsaovsslca2018
IP 104.18.21.226:0
Hash 7991ff88f4c0a7c050e308f7a7320ceb
a07af2e8b0ae5bad7fb4e8a58ada047cae9c53f6
16a48bf19bd04e9b15961eaeedf89be7e30f73c27e76a2013126adae6b2c3b97
POST /gsrsaovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 29 Jan 2023 00:47:52 GMT
Content-Type: application/ocsp-response
Content-Length: 1432
Connection: keep-alive
Expires: Wed, 01 Feb 2023 23:31:31 GMT
ETag: "a07af2e8b0ae5bad7fb4e8a58ada047cae9c53f6"
Last-Modified: Sat, 28 Jan 2023 23:31:32 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 96
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 790df5839fcc0afe-OSL
ocsp.globalsign.com/gsrsaovsslca2018
104.18.21.226200 OK 1.4 kB URL HTTP/1.1 ocsp.globalsign.com/gsrsaovsslca2018
IP 104.18.21.226:0
Hash 7991ff88f4c0a7c050e308f7a7320ceb
a07af2e8b0ae5bad7fb4e8a58ada047cae9c53f6
16a48bf19bd04e9b15961eaeedf89be7e30f73c27e76a2013126adae6b2c3b97
POST /gsrsaovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 29 Jan 2023 00:47:52 GMT
Content-Type: application/ocsp-response
Content-Length: 1432
Connection: keep-alive
Expires: Wed, 01 Feb 2023 23:31:31 GMT
ETag: "a07af2e8b0ae5bad7fb4e8a58ada047cae9c53f6"
Last-Modified: Sat, 28 Jan 2023 23:31:32 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 96
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 790df5839c4ab51e-OSL
ocsp.globalsign.com/gsrsaovsslca2018
104.18.21.226200 OK 1.4 kB URL HTTP/1.1 ocsp.globalsign.com/gsrsaovsslca2018
IP 104.18.21.226:0
Hash 7991ff88f4c0a7c050e308f7a7320ceb
a07af2e8b0ae5bad7fb4e8a58ada047cae9c53f6
16a48bf19bd04e9b15961eaeedf89be7e30f73c27e76a2013126adae6b2c3b97
POST /gsrsaovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 29 Jan 2023 00:47:52 GMT
Content-Type: application/ocsp-response
Content-Length: 1432
Connection: keep-alive
Expires: Wed, 01 Feb 2023 23:31:31 GMT
ETag: "a07af2e8b0ae5bad7fb4e8a58ada047cae9c53f6"
Last-Modified: Sat, 28 Jan 2023 23:31:32 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 96
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 790df583afd80afe-OSL
favicon.yandex.net/favicon/ridero.eu?size=120&stub=2
213.180.204.36200 Ok 1.2 kB URL HTTP/1.1 favicon.yandex.net/favicon/ridero.eu?size=120&stub=2
IP 213.180.204.36:0
File type PNG image data, 120 x 120, 8-bit/color RGBA, non-interlaced\012- data
Hash 5c3ed7f27c7de97d2a5b69043287d63b
c17026ca26200fab36e37ee2eae6e8318d122c4d
ff973a73cc160c479111b4e5c82195c85c73cc4ff6c747a5bc76638e04a3c9fb
GET /favicon/ridero.eu?size=120&stub=2 HTTP/1.1
Host: favicon.yandex.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://goo.su/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 Ok
Cache-Control: max-age=691200
Content-Type: image/png
Transfer-Encoding: chunked
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
access-control-allow-origin: *
avatars.mds.yandex.net/get-direct/5244561/umpXE6oiHVYUUHrN4cb3Yg/y150
87.250.247.183200 OK 7.7 kB URL HTTP/2 avatars.mds.yandex.net/get-direct/5244561/umpXE6oiHVYUUHrN4cb3Yg/y150
IP 87.250.247.183:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 150x150, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 824c82220db635a33cda58ec453989b5
7e2668f05690149408207c04ffb53f354d036ced
eafb29672ddca3f712b0e294a883a3835c8715e312deaa7d84eb3efc5b9158ea
GET /get-direct/5244561/umpXE6oiHVYUUHrN4cb3Yg/y150 HTTP/1.1
Host: avatars.mds.yandex.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://goo.su/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sun, 29 Jan 2023 00:47:52 GMT
content-type: image/webp
content-length: 7694
access-control-allow-origin: *
access-control-allow-credentials: true
last-modified: Tue, 06 Dec 2022 00:08:47 GMT
cache-control: max-age=31536000,immutable
x-request-id: 1b4db36201ef013f
nel: {"report_to": "network-errors", "max_age": 600, "success_fraction": 0.001, "failure_fraction": 0.01}
report-to: {"group": "network-errors", "max_age": 600, "endpoints": [ { "url": "https://dr.yandex.net/s3_nel?datacenter=VLA"}]}
X-Firefox-Spdy: h2
avatars.mds.yandex.net/get-direct/4114595/C4UfDaW0vuGBUEnYVyQCqA/y150
87.250.247.183200 OK 6.1 kB URL HTTP/2 avatars.mds.yandex.net/get-direct/4114595/C4UfDaW0vuGBUEnYVyQCqA/y150
IP 87.250.247.183:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 150x150, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 3748a14438fa3ed9194a223b621b2b4b
de2560de94f8d24f4132a6f54e487856e194a034
9f91a640d84aaf52df93bbfba0708b3b206ca833cfdedf38a5ca9bea264f1e17
GET /get-direct/4114595/C4UfDaW0vuGBUEnYVyQCqA/y150 HTTP/1.1
Host: avatars.mds.yandex.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://goo.su/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sun, 29 Jan 2023 00:47:52 GMT
content-type: image/webp
content-length: 6138
access-control-allow-origin: *
access-control-allow-credentials: true
last-modified: Thu, 22 Dec 2022 13:18:42 GMT
cache-control: max-age=31536000,immutable
x-request-id: 49cb10a0ccf3bdc8
nel: {"report_to": "network-errors", "max_age": 600, "success_fraction": 0.001, "failure_fraction": 0.01}
report-to: {"group": "network-errors", "max_age": 600, "endpoints": [ { "url": "https://dr.yandex.net/s3_nel?datacenter=VLA"}]}
X-Firefox-Spdy: h2
avatars.mds.yandex.net/get-direct/225309/A7Kz2n-cdWez81mj8tDxOg/wy150
87.250.247.183200 OK 5.0 kB URL HTTP/2 avatars.mds.yandex.net/get-direct/225309/A7Kz2n-cdWez81mj8tDxOg/wy150
IP 87.250.247.183:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 267x150, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash d6c25e25f711ee5dd8ea12e345a176dc
63e8ee396173b14bcf19816567dfc3149280fc32
0a68fa3877c10a6098635ed295b34819ca1aa45006ae4d9804b0884a7975eddb
GET /get-direct/225309/A7Kz2n-cdWez81mj8tDxOg/wy150 HTTP/1.1
Host: avatars.mds.yandex.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://goo.su/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sun, 29 Jan 2023 00:47:52 GMT
content-type: image/webp
content-length: 5026
access-control-allow-origin: *
access-control-allow-credentials: true
last-modified: Fri, 11 Jan 2019 09:30:35 GMT
cache-control: max-age=31536000,immutable
x-request-id: 27a6a4afe1958fd7
nel: {"report_to": "network-errors", "max_age": 600, "success_fraction": 0.001, "failure_fraction": 0.01}
report-to: {"group": "network-errors", "max_age": 600, "endpoints": [ { "url": "https://dr.yandex.net/s3_nel?datacenter=VLA"}]}
X-Firefox-Spdy: h2
favicon.yandex.net/favicon/clevelandinterbank.com?size=120&stub=2
213.180.204.36200 Ok 940 B URL HTTP/1.1 favicon.yandex.net/favicon/clevelandinterbank.com?size=120&stub=2
IP 213.180.204.36:0
File type PNG image data, 120 x 120, 8-bit/color RGBA, non-interlaced\012- data
Hash 7674d1eff052c0447179a391e9190a29
340413bbff18e7b1d29a371a2910d854850598ac
a4bd04a0abb7ed285e39dcb8b72b429907ed415cde4a5ed666ae863195d7eca6
GET /favicon/clevelandinterbank.com?size=120&stub=2 HTTP/1.1
Host: favicon.yandex.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://goo.su/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 Ok
Cache-Control: max-age=691200
Content-Type: image/png
Transfer-Encoding: chunked
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
access-control-allow-origin: *
ocsp.globalsign.com/gseccovsslca2018
104.18.21.226200 OK 938 B URL HTTP/1.1 ocsp.globalsign.com/gseccovsslca2018
IP 104.18.21.226:0
Hash dc839387ebdf5121dc38c29f2ccbaa5c
57b6fb2be8df93c98ef89d647fda08dce5ccf70e
fc1a6f2a8d168180ee46056aa4227ac06a378e319154b15f67e0d1bb9b6f0bd2
POST /gseccovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 29 Jan 2023 00:47:53 GMT
Content-Type: application/ocsp-response
Content-Length: 938
Connection: keep-alive
Expires: Wed, 01 Feb 2023 21:52:58 GMT
ETag: "57b6fb2be8df93c98ef89d647fda08dce5ccf70e"
Last-Modified: Sat, 28 Jan 2023 21:52:59 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 1601
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 790df5848d08b51e-OSL
favicon.yandex.net/favicon/rpgamesrn.netlify.app?size=120&stub=2
213.180.204.36200 Ok 866 B URL HTTP/1.1 favicon.yandex.net/favicon/rpgamesrn.netlify.app?size=120&stub=2
IP 213.180.204.36:0
File type PNG image data, 120 x 120, 8-bit/color RGBA, non-interlaced\012- data
Hash 4b3b05a304db0751d45f8ca5c1fa1ab6
660c4cfbcc3121b7be56e5528404f9a9f7563449
343a6fb5ac42d4d5dcae03fa86be33db3ee047bb2b7d125d32723846dcfc3ed5
GET /favicon/rpgamesrn.netlify.app?size=120&stub=2 HTTP/1.1
Host: favicon.yandex.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://goo.su/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 Ok
Cache-Control: max-age=691200
Content-Type: image/png
Transfer-Encoding: chunked
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
access-control-allow-origin: *
avatars.mds.yandex.net/get-direct/5260657/QUHG5Iie7j6-OtR7ExNzMQ/y300
87.250.247.183200 OK 18 kB URL HTTP/2 avatars.mds.yandex.net/get-direct/5260657/QUHG5Iie7j6-OtR7ExNzMQ/y300
IP 87.250.247.183:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 300x300, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash a3513d0765144505354508cb50f76455
d1ae7a44bdcea2ceee4869a8b9560afb8e5e76a6
70a4eaf4c338fc3fc0b7e97416e4a54a3ec04952694d498a6da30360693aa67b
GET /get-direct/5260657/QUHG5Iie7j6-OtR7ExNzMQ/y300 HTTP/1.1
Host: avatars.mds.yandex.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://goo.su/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 29 Jan 2023 00:47:53 GMT
content-type: image/webp
content-length: 18424
access-control-allow-origin: *
access-control-allow-credentials: true
last-modified: Wed, 18 Jan 2023 23:53:58 GMT
cache-control: max-age=31536000,immutable
x-request-id: 2b68bd2e09818e01
nel: {"report_to": "network-errors", "max_age": 600, "success_fraction": 0.001, "failure_fraction": 0.01}
report-to: {"group": "network-errors", "max_age": 600, "endpoints": [ { "url": "https://dr.yandex.net/s3_nel?datacenter=VLA"}]}
X-Firefox-Spdy: h2
ysa-static.passport.yandex.ru/static/1/d959d7e39d5067fad30d9c06204866e9/d.png?ex=yes
87.250.250.114200 Ok 95 B URL HTTP/1.1 ysa-static.passport.yandex.ru/static/1/d959d7e39d5067fad30d9c06204866e9/d.png?ex=yes
IP 87.250.250.114:0
File type PNG image data, 1 x 1, 1-bit colormap, non-interlaced\012- data
Hash 60cf42b4d05caf10cf8bb15c0817a7b4
bd269860bb508aebcb6f08fe7289d5f117830383
18c327afa903633f86c3efcf12b77f098077eacaa8be101bb007846fd74f8b93
GET /static/1/d959d7e39d5067fad30d9c06204866e9/d.png?ex=yes HTTP/1.1
Host: ysa-static.passport.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://yastatic.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 Ok
Server: nginx/1.14.2
Date: Sun, 29 Jan 2023 00:47:53 GMT
Content-Type: image/png
Content-Length: 95
Connection: close
Cache-Control: private
Expires: Mon, 30 Jan 2023 00:47:53 GMT
X-RT-IQ: 0.0001
X-RT-IH: 0.0002
Strict-Transport-Security: max-age=315360000; includeSubDomains
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 2e21811f62c077f45a93d7c3b543998d
3e890a73bb51d9dd1021d5339271aa40833ba258
c6b77371a50390fd68d44ff05e080f064c16c3095df8856b330ab0c6685cd3d1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C6B77371A50390FD68D44FF05E080F064C16C3095DF8856B330AB0C6685CD3D1"
Last-Modified: Thu, 26 Jan 2023 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3591
Expires: Sun, 29 Jan 2023 01:47:44 GMT
Date: Sun, 29 Jan 2023 00:47:53 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 2e21811f62c077f45a93d7c3b543998d
3e890a73bb51d9dd1021d5339271aa40833ba258
c6b77371a50390fd68d44ff05e080f064c16c3095df8856b330ab0c6685cd3d1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C6B77371A50390FD68D44FF05E080F064C16C3095DF8856B330AB0C6685CD3D1"
Last-Modified: Thu, 26 Jan 2023 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3591
Expires: Sun, 29 Jan 2023 01:47:44 GMT
Date: Sun, 29 Jan 2023 00:47:53 GMT
Connection: keep-alive
an.yandex.ru/meta/1677322?target-ref=https%3A%2F%2Fgoo.su%2FwunD%3F10006039TPMCRY31HAKWLU10249191024919&charset=utf-8&pcode-test-ids=657518%2C0%2C88%3B712232%2C0%2C48%3B706838%2C0%2C95%3B712202%2C0%2C87%3B707670%2C0%2C55%3B709027%2C0%2C49%3B710490%2C0%2C92%3B710388%2C0%2C55%3B712532%2C0%2C24%3B710373%2C0%2C36&pcode-flags-map=eJytWNtu2zgQ%2FZWFn4uu7pe%2BURJlE9ZtScqOWxSEm7iJF7ks0qSbTdF%2F3yEp25KS0E12gSJ1FM3hcObMmRn%2FmJBpVVMsSsIYzkSGOBINoqhkIq%2BpWJAM14JUIq3LpJ58%2BPRj8n19eb%2BZfJhsHv6avJvcbb7dkTP41Y8tz%2FcnPz%2B%2FmywQExT%2F0WLGxaJEjchpXQqUsYE9py3uAwR26ESWAsAVSgo8Ohw%2B5KQiHIN%2F6ZzNai6WhM%2FqlgsEvnNm8i7w%2FSByXw3%2BfyCjohANrbM25ezpMa%2BDxgD5yrz0QGRe4MwlpEIUKMGFggKQBFUVpubsBK7rhX1fKrwUbA7W8E8C1ijDVDQFWo2gxg5FvhPHe4dI1aApFoyTdL4SGWESPFNRS2Rqs7w%2BgccUp1wwXBQDaHzSDKFD2zlAt2zoZYWqpjXfMrZDy9sD8BmFaGFKZZhywVq6wCsIOSRxKggTFdBkgQqSHQF1Aj%2Fag6JMRn8ledsh8VqXSVczRrDQCr0oPIAVBXhYV8VKNG1SkFSghqi0QkoYh8o2o9m25dsHcnBNYEwZqauBJbxpe9HQ1rFtHey2Il361cll0ze9u73f9Mw8J3JjXeYyP4wpBo5sxpzpGcl7YVyJOmEY0jGi2vX6y%2BVmYOkGTqzjlZMTkLlKzDCZzriouPlIz3djHZoVqjJ8ImgrsrpEpDLKoBU6brA%2FL6H1HJyFs8SUjngytrRDPwqePVCWBackMZo7thVo6n7ElSPyFipoSTIQMVJChRltPcitdbDtqlAkNZVJpSgjLfvtFxFWSPqtHQZ%2BLtHKqJ%2B%2B54ZdnLNc1gBr6gqIwUmJoUYGpo5lWUNbz3L1nZu0zrAsKIYro6j6ng8wHZWktlAsubs7T0hJMZp7Yeg8NQd5gJ9LWUTAzrcg7BwAQWkH2XKt560LjGglStm9F4gSNLq3MzjUt6wuyg0lNSV8JZIVtBG8bGpqDlgQBl3t7XjRyXHKjELvg5hGPUaCYKYItBREPU0hS8ygEn7s%2BrY9sFUsZvue34COkmpqBvF8T3ue1m3Fgcp81WDhmr0GffV76SlpCnFiJCEFRM18XBwGL1qCSosUFHp%2B5PQdRtkWnOjOLEBgcwJdkchL5Cg1V3McOWHY86MD0TMDNBsgm2zTCYwgsmI4rYviSM%2B2HM%2FVrJtSlDjmd4Gi1uFdwcjHgb%2B%2B7Vim95%2BpfNt%2FwWJHjhlW7YfiDDOYaI3%2B2b4TaGs5HFCcg%2BbMYH6ZktRsF7mdwKq%2BTUtZQRRXu77XUJyYJT4AjXbsQSlBD6TA6wqqaYYhH1K2WUplh2PMqESBHdue9qdnhJpGXmUKpWE2duzYH3gyI1xdowcGwZzz2uyFGzrOYEZNm1KUOCNIAAjiZKGavBkjdoeTf9qk%2FxljNIZnOEdQUa%2BcwD3fCoJBmFiJKBcwqLVYgh9Lkh8EwWEr0gPlyDM9X9ZyRFXDpGDFEa9CO%2ByqMZVzcl11LES51DiSw%2FqG9UBupmMYxUG8H8VySgAGJkltTxSZXmGfzJ%2BU%2BhOLIHY7zvYsXrtqBmHsWeEeBfpgJhFK88mRF9jjkzXJzGc5juWMq0zOcr9UHVHg2e5OM2AkgiUQrgqkEa5j6RlN9QQ9bj1dw57ghZH79BZ8ar4DpCk6WB0kn4kG2gl0VthPF7gc9%2BTJ12%2Fi7ub%2B9GK0IlmRM14Etew%2Bk8dujT6SHNiQuuKFdXtfqmoxrNoyORIU6JjdiK%2BLE%2Fa9RnCq2tuxhhvEsefqo0eO50Wt1yh9zSMgUVeQL4Eong%2BDu30QV%2BsHcbHZnl%2FcvQBHKinoc5ygRMA%2BYXICFtcoHKiCFpblDAjb465cWvXi2UK7VEs2THMYNNYoFqFted1cRKnQnZO3MIBq0VGBVvrWTmdHd07vsKSrLyT234%2BACjYISDpA6Ag7Wj6dLkRUdd6FbKF6JNz15IJU4BEihRybYMVGR1frIHKjbm5i2Xy8XMozLWfsRScODFqKPFBdASw5gSTosM%2FpeCM4vbsc7fRBN8%2FIiCwaRAzrQAhL0MA4tpzDFwLdkPc2Y6kOCPgxk5MyKWUs94Oi%2BlIQcykaB%2FaY%2BfgG7FcAJm2eAxYuG5itC0B85rq%2B4bKdvdLgN8SrQB9XqscKtXr2jX5Mvm7uTi%2FK9e359robXq9uvmwvN%2Bx0fbm9Pp98cH6OSqvbsPrTBWyiIilkfAoypO6nydV6e%2Fn%2B9h7C88%2F6%2BmzzAJ9%2F316tzzffBo%2FO11fqydnj5lq%2Fvv6%2BvbvRH6%2Fe9345u952TyXyHgEe3K4fL28eL7o%2FP97q%2F%2B9v1%2B%2BvN39%2Fe%2FLCn%2Bubq60y%2Ffz8FfuNUE5Du5lddsRB%2BtV9RhLkRtFh3X%2BmQH13XKC%2Bkomf%2FwK%2Bj7p7&pcode-icookie=Fw1mEvJ%2FnJXMukO%2Fq9aPtVLdxK3nuA6q%2Biy2dbSeZRgG9UebwTt72oo64tmQ8oMps3ritMX%2BNfxCkZEIz88WH06Ofaw%3D&imp-id=4&enable-flat-highlight=1&comboblock-unencoded-vast=1&test-tag=521718267379714&ad-session-id=1164051674953277186&target-id=44797601&tga-with-creatives=1&top-ancestor=https%3A%2F%2Fgoo.su&top-ancestor-undetermined=0&pcode-version=712629&pcodever=712629&flash-ver=0&available-width=145&skip-token=yabs.NzIwNTc2MDcyMTQ3MjEzODcKNzIwNTc2MDUzODE3MDI1NTEKNzIwNTc2MDcyOTIwNzY0OTIKNzIwNTc2MDczNDA0MDg4MjA%3D&layout-config=%7B%22win_width%22%3A1280%2C%22win_height%22%3A939%2C%22pixel_ratio%22%3A1%2C%22bandwidth%22%3A-1%2C%22isInIframe%22%3Afalse%2C%22w%22%3A1268%2C%22h%22%3A939%2C%22width%22%3A1268%2C%22height%22%3A0%2C%22visible%22%3A1%2C%22fullscreenHeaderHeight%22%3A80%2C%22left%22%3A0%2C%22top%22%3A657%2C%22ad_no%22%3A4%2C%22darkTheme%22%3Afalse%2C%22req_no%22%3A2%7D&grab-orig-len=384&grab=eyJncmFiX3ZlcnNpb24iOjIsImlzX2FzeW5jIjoxLCJvbGRfZ3JhYl9zaXplIjo1Nn0Kgq6-kTvf80MM9dSIvWpXyDVKKJWAv3dMTrXf_RCJBARtWiSSJVXo23A4YeY8-OPWXpz1OEmSuvgwzkkG-114gvShwyVzD5l2vhdm6JALc4nLZXbCZcKiVHWVqsa84yBy4RbzMSRjYGW68Y3mfg49jQ8pQjU4-GfElzUpMZeUi6GSR07MWczGaz7RJ-eusvVSybEuT2SxZq26n1jNhkO3eH7OPuXMzjrf7LHPYkNozC2OGZnIHp3eeOAfQUXZfOVfixc0G7Xen9VvXcBDK1MqM2lNyB1g7Gi_ApI2EAhEZASpR2QA2yhMVBSQgv8%3D&uniformat=true&callback=Ya%5B3277687660506%5D
87.250.250.90200 OK 55 kB URL HTTP/2 an.yandex.ru/meta/1677322?target-ref=https%3A%2F%2Fgoo.su%2FwunD%3F10006039TPMCRY31HAKWLU10249191024919&charset=utf-8&pcode-test-ids=657518%2C0%2C88%3B712232%2C0%2C48%3B706838%2C0%2C95%3B712202%2C0%2C87%3B707670%2C0%2C55%3B709027%2C0%2C49%3B710490%2C0%2C92%3B710388%2C0%2C55%3B712532%2C0%2C24%3B710373%2C0%2C36&pcode-flags-map=eJytWNtu2zgQ%2FZWFn4uu7pe%2BURJlE9ZtScqOWxSEm7iJF7ks0qSbTdF%2F3yEp25KS0E12gSJ1FM3hcObMmRn%2FmJBpVVMsSsIYzkSGOBINoqhkIq%2BpWJAM14JUIq3LpJ58%2BPRj8n19eb%2BZfJhsHv6avJvcbb7dkTP41Y8tz%2FcnPz%2B%2FmywQExT%2F0WLGxaJEjchpXQqUsYE9py3uAwR26ESWAsAVSgo8Ohw%2B5KQiHIN%2F6ZzNai6WhM%2FqlgsEvnNm8i7w%2FSByXw3%2BfyCjohANrbM25ezpMa%2BDxgD5yrz0QGRe4MwlpEIUKMGFggKQBFUVpubsBK7rhX1fKrwUbA7W8E8C1ijDVDQFWo2gxg5FvhPHe4dI1aApFoyTdL4SGWESPFNRS2Rqs7w%2BgccUp1wwXBQDaHzSDKFD2zlAt2zoZYWqpjXfMrZDy9sD8BmFaGFKZZhywVq6wCsIOSRxKggTFdBkgQqSHQF1Aj%2Fag6JMRn8ledsh8VqXSVczRrDQCr0oPIAVBXhYV8VKNG1SkFSghqi0QkoYh8o2o9m25dsHcnBNYEwZqauBJbxpe9HQ1rFtHey2Il361cll0ze9u73f9Mw8J3JjXeYyP4wpBo5sxpzpGcl7YVyJOmEY0jGi2vX6y%2BVmYOkGTqzjlZMTkLlKzDCZzriouPlIz3djHZoVqjJ8ImgrsrpEpDLKoBU6brA%2FL6H1HJyFs8SUjngytrRDPwqePVCWBackMZo7thVo6n7ElSPyFipoSTIQMVJChRltPcitdbDtqlAkNZVJpSgjLfvtFxFWSPqtHQZ%2BLtHKqJ%2B%2B54ZdnLNc1gBr6gqIwUmJoUYGpo5lWUNbz3L1nZu0zrAsKIYro6j6ng8wHZWktlAsubs7T0hJMZp7Yeg8NQd5gJ9LWUTAzrcg7BwAQWkH2XKt560LjGglStm9F4gSNLq3MzjUt6wuyg0lNSV8JZIVtBG8bGpqDlgQBl3t7XjRyXHKjELvg5hGPUaCYKYItBREPU0hS8ygEn7s%2BrY9sFUsZvue34COkmpqBvF8T3ue1m3Fgcp81WDhmr0GffV76SlpCnFiJCEFRM18XBwGL1qCSosUFHp%2B5PQdRtkWnOjOLEBgcwJdkchL5Cg1V3McOWHY86MD0TMDNBsgm2zTCYwgsmI4rYviSM%2B2HM%2FVrJtSlDjmd4Gi1uFdwcjHgb%2B%2B7Vim95%2BpfNt%2FwWJHjhlW7YfiDDOYaI3%2B2b4TaGs5HFCcg%2BbMYH6ZktRsF7mdwKq%2BTUtZQRRXu77XUJyYJT4AjXbsQSlBD6TA6wqqaYYhH1K2WUplh2PMqESBHdue9qdnhJpGXmUKpWE2duzYH3gyI1xdowcGwZzz2uyFGzrOYEZNm1KUOCNIAAjiZKGavBkjdoeTf9qk%2FxljNIZnOEdQUa%2BcwD3fCoJBmFiJKBcwqLVYgh9Lkh8EwWEr0gPlyDM9X9ZyRFXDpGDFEa9CO%2ByqMZVzcl11LES51DiSw%2FqG9UBupmMYxUG8H8VySgAGJkltTxSZXmGfzJ%2BU%2BhOLIHY7zvYsXrtqBmHsWeEeBfpgJhFK88mRF9jjkzXJzGc5juWMq0zOcr9UHVHg2e5OM2AkgiUQrgqkEa5j6RlN9QQ9bj1dw57ghZH79BZ8ar4DpCk6WB0kn4kG2gl0VthPF7gc9%2BTJ12%2Fi7ub%2B9GK0IlmRM14Etew%2Bk8dujT6SHNiQuuKFdXtfqmoxrNoyORIU6JjdiK%2BLE%2Fa9RnCq2tuxhhvEsefqo0eO50Wt1yh9zSMgUVeQL4Eong%2BDu30QV%2BsHcbHZnl%2FcvQBHKinoc5ygRMA%2BYXICFtcoHKiCFpblDAjb465cWvXi2UK7VEs2THMYNNYoFqFted1cRKnQnZO3MIBq0VGBVvrWTmdHd07vsKSrLyT234%2BACjYISDpA6Ag7Wj6dLkRUdd6FbKF6JNz15IJU4BEihRybYMVGR1frIHKjbm5i2Xy8XMozLWfsRScODFqKPFBdASw5gSTosM%2FpeCM4vbsc7fRBN8%2FIiCwaRAzrQAhL0MA4tpzDFwLdkPc2Y6kOCPgxk5MyKWUs94Oi%2BlIQcykaB%2FaY%2BfgG7FcAJm2eAxYuG5itC0B85rq%2B4bKdvdLgN8SrQB9XqscKtXr2jX5Mvm7uTi%2FK9e359robXq9uvmwvN%2Bx0fbm9Pp98cH6OSqvbsPrTBWyiIilkfAoypO6nydV6e%2Fn%2B9h7C88%2F6%2BmzzAJ9%2F316tzzffBo%2FO11fqydnj5lq%2Fvv6%2BvbvRH6%2Fe9345u952TyXyHgEe3K4fL28eL7o%2FP97q%2F%2B9v1%2B%2BvN39%2Fe%2FLCn%2Bubq60y%2Ffz8FfuNUE5Du5lddsRB%2BtV9RhLkRtFh3X%2BmQH13XKC%2Bkomf%2FwK%2Bj7p7&pcode-icookie=Fw1mEvJ%2FnJXMukO%2Fq9aPtVLdxK3nuA6q%2Biy2dbSeZRgG9UebwTt72oo64tmQ8oMps3ritMX%2BNfxCkZEIz88WH06Ofaw%3D&imp-id=4&enable-flat-highlight=1&comboblock-unencoded-vast=1&test-tag=521718267379714&ad-session-id=1164051674953277186&target-id=44797601&tga-with-creatives=1&top-ancestor=https%3A%2F%2Fgoo.su&top-ancestor-undetermined=0&pcode-version=712629&pcodever=712629&flash-ver=0&available-width=145&skip-token=yabs.NzIwNTc2MDcyMTQ3MjEzODcKNzIwNTc2MDUzODE3MDI1NTEKNzIwNTc2MDcyOTIwNzY0OTIKNzIwNTc2MDczNDA0MDg4MjA%3D&layout-config=%7B%22win_width%22%3A1280%2C%22win_height%22%3A939%2C%22pixel_ratio%22%3A1%2C%22bandwidth%22%3A-1%2C%22isInIframe%22%3Afalse%2C%22w%22%3A1268%2C%22h%22%3A939%2C%22width%22%3A1268%2C%22height%22%3A0%2C%22visible%22%3A1%2C%22fullscreenHeaderHeight%22%3A80%2C%22left%22%3A0%2C%22top%22%3A657%2C%22ad_no%22%3A4%2C%22darkTheme%22%3Afalse%2C%22req_no%22%3A2%7D&grab-orig-len=384&grab=eyJncmFiX3ZlcnNpb24iOjIsImlzX2FzeW5jIjoxLCJvbGRfZ3JhYl9zaXplIjo1Nn0Kgq6-kTvf80MM9dSIvWpXyDVKKJWAv3dMTrXf_RCJBARtWiSSJVXo23A4YeY8-OPWXpz1OEmSuvgwzkkG-114gvShwyVzD5l2vhdm6JALc4nLZXbCZcKiVHWVqsa84yBy4RbzMSRjYGW68Y3mfg49jQ8pQjU4-GfElzUpMZeUi6GSR07MWczGaz7RJ-eusvVSybEuT2SxZq26n1jNhkO3eH7OPuXMzjrf7LHPYkNozC2OGZnIHp3eeOAfQUXZfOVfixc0G7Xen9VvXcBDK1MqM2lNyB1g7Gi_ApI2EAhEZASpR2QA2yhMVBSQgv8%3D&uniformat=true&callback=Ya%5B3277687660506%5D
IP 87.250.250.90:0
Hash e64c887eeae8d40256328b4c755f3e6f
72908c54ac1382f4e45d248a1ec0657a0e2fc5ba
11dd72bfca235a353785fa5bf3b01a31de1200dd557c5e3cf7b37ae4e1e98a4f
GET /meta/1677322?target-ref=https%3A%2F%2Fgoo.su%2FwunD%3F10006039TPMCRY31HAKWLU10249191024919&charset=utf-8&pcode-test-ids=657518%2C0%2C88%3B712232%2C0%2C48%3B706838%2C0%2C95%3B712202%2C0%2C87%3B707670%2C0%2C55%3B709027%2C0%2C49%3B710490%2C0%2C92%3B710388%2C0%2C55%3B712532%2C0%2C24%3B710373%2C0%2C36&pcode-flags-map=eJytWNtu2zgQ%2FZWFn4uu7pe%2BURJlE9ZtScqOWxSEm7iJF7ks0qSbTdF%2F3yEp25KS0E12gSJ1FM3hcObMmRn%2FmJBpVVMsSsIYzkSGOBINoqhkIq%2BpWJAM14JUIq3LpJ58%2BPRj8n19eb%2BZfJhsHv6avJvcbb7dkTP41Y8tz%2FcnPz%2B%2FmywQExT%2F0WLGxaJEjchpXQqUsYE9py3uAwR26ESWAsAVSgo8Ohw%2B5KQiHIN%2F6ZzNai6WhM%2FqlgsEvnNm8i7w%2FSByXw3%2BfyCjohANrbM25ezpMa%2BDxgD5yrz0QGRe4MwlpEIUKMGFggKQBFUVpubsBK7rhX1fKrwUbA7W8E8C1ijDVDQFWo2gxg5FvhPHe4dI1aApFoyTdL4SGWESPFNRS2Rqs7w%2BgccUp1wwXBQDaHzSDKFD2zlAt2zoZYWqpjXfMrZDy9sD8BmFaGFKZZhywVq6wCsIOSRxKggTFdBkgQqSHQF1Aj%2Fag6JMRn8ledsh8VqXSVczRrDQCr0oPIAVBXhYV8VKNG1SkFSghqi0QkoYh8o2o9m25dsHcnBNYEwZqauBJbxpe9HQ1rFtHey2Il361cll0ze9u73f9Mw8J3JjXeYyP4wpBo5sxpzpGcl7YVyJOmEY0jGi2vX6y%2BVmYOkGTqzjlZMTkLlKzDCZzriouPlIz3djHZoVqjJ8ImgrsrpEpDLKoBU6brA%2FL6H1HJyFs8SUjngytrRDPwqePVCWBackMZo7thVo6n7ElSPyFipoSTIQMVJChRltPcitdbDtqlAkNZVJpSgjLfvtFxFWSPqtHQZ%2BLtHKqJ%2B%2B54ZdnLNc1gBr6gqIwUmJoUYGpo5lWUNbz3L1nZu0zrAsKIYro6j6ng8wHZWktlAsubs7T0hJMZp7Yeg8NQd5gJ9LWUTAzrcg7BwAQWkH2XKt560LjGglStm9F4gSNLq3MzjUt6wuyg0lNSV8JZIVtBG8bGpqDlgQBl3t7XjRyXHKjELvg5hGPUaCYKYItBREPU0hS8ygEn7s%2BrY9sFUsZvue34COkmpqBvF8T3ue1m3Fgcp81WDhmr0GffV76SlpCnFiJCEFRM18XBwGL1qCSosUFHp%2B5PQdRtkWnOjOLEBgcwJdkchL5Cg1V3McOWHY86MD0TMDNBsgm2zTCYwgsmI4rYviSM%2B2HM%2FVrJtSlDjmd4Gi1uFdwcjHgb%2B%2B7Vim95%2BpfNt%2FwWJHjhlW7YfiDDOYaI3%2B2b4TaGs5HFCcg%2BbMYH6ZktRsF7mdwKq%2BTUtZQRRXu77XUJyYJT4AjXbsQSlBD6TA6wqqaYYhH1K2WUplh2PMqESBHdue9qdnhJpGXmUKpWE2duzYH3gyI1xdowcGwZzz2uyFGzrOYEZNm1KUOCNIAAjiZKGavBkjdoeTf9qk%2FxljNIZnOEdQUa%2BcwD3fCoJBmFiJKBcwqLVYgh9Lkh8EwWEr0gPlyDM9X9ZyRFXDpGDFEa9CO%2ByqMZVzcl11LES51DiSw%2FqG9UBupmMYxUG8H8VySgAGJkltTxSZXmGfzJ%2BU%2BhOLIHY7zvYsXrtqBmHsWeEeBfpgJhFK88mRF9jjkzXJzGc5juWMq0zOcr9UHVHg2e5OM2AkgiUQrgqkEa5j6RlN9QQ9bj1dw57ghZH79BZ8ar4DpCk6WB0kn4kG2gl0VthPF7gc9%2BTJ12%2Fi7ub%2B9GK0IlmRM14Etew%2Bk8dujT6SHNiQuuKFdXtfqmoxrNoyORIU6JjdiK%2BLE%2Fa9RnCq2tuxhhvEsefqo0eO50Wt1yh9zSMgUVeQL4Eong%2BDu30QV%2BsHcbHZnl%2FcvQBHKinoc5ygRMA%2BYXICFtcoHKiCFpblDAjb465cWvXi2UK7VEs2THMYNNYoFqFted1cRKnQnZO3MIBq0VGBVvrWTmdHd07vsKSrLyT234%2BACjYISDpA6Ag7Wj6dLkRUdd6FbKF6JNz15IJU4BEihRybYMVGR1frIHKjbm5i2Xy8XMozLWfsRScODFqKPFBdASw5gSTosM%2FpeCM4vbsc7fRBN8%2FIiCwaRAzrQAhL0MA4tpzDFwLdkPc2Y6kOCPgxk5MyKWUs94Oi%2BlIQcykaB%2FaY%2BfgG7FcAJm2eAxYuG5itC0B85rq%2B4bKdvdLgN8SrQB9XqscKtXr2jX5Mvm7uTi%2FK9e359robXq9uvmwvN%2Bx0fbm9Pp98cH6OSqvbsPrTBWyiIilkfAoypO6nydV6e%2Fn%2B9h7C88%2F6%2BmzzAJ9%2F316tzzffBo%2FO11fqydnj5lq%2Fvv6%2BvbvRH6%2Fe9345u952TyXyHgEe3K4fL28eL7o%2FP97q%2F%2B9v1%2B%2BvN39%2Fe%2FLCn%2Bubq60y%2Ffz8FfuNUE5Du5lddsRB%2BtV9RhLkRtFh3X%2BmQH13XKC%2Bkomf%2FwK%2Bj7p7&pcode-icookie=Fw1mEvJ%2FnJXMukO%2Fq9aPtVLdxK3nuA6q%2Biy2dbSeZRgG9UebwTt72oo64tmQ8oMps3ritMX%2BNfxCkZEIz88WH06Ofaw%3D&imp-id=4&enable-flat-highlight=1&comboblock-unencoded-vast=1&test-tag=521718267379714&ad-session-id=1164051674953277186&target-id=44797601&tga-with-creatives=1&top-ancestor=https%3A%2F%2Fgoo.su&top-ancestor-undetermined=0&pcode-version=712629&pcodever=712629&flash-ver=0&available-width=145&skip-token=yabs.NzIwNTc2MDcyMTQ3MjEzODcKNzIwNTc2MDUzODE3MDI1NTEKNzIwNTc2MDcyOTIwNzY0OTIKNzIwNTc2MDczNDA0MDg4MjA%3D&layout-config=%7B%22win_width%22%3A1280%2C%22win_height%22%3A939%2C%22pixel_ratio%22%3A1%2C%22bandwidth%22%3A-1%2C%22isInIframe%22%3Afalse%2C%22w%22%3A1268%2C%22h%22%3A939%2C%22width%22%3A1268%2C%22height%22%3A0%2C%22visible%22%3A1%2C%22fullscreenHeaderHeight%22%3A80%2C%22left%22%3A0%2C%22top%22%3A657%2C%22ad_no%22%3A4%2C%22darkTheme%22%3Afalse%2C%22req_no%22%3A2%7D&grab-orig-len=384&grab=eyJncmFiX3ZlcnNpb24iOjIsImlzX2FzeW5jIjoxLCJvbGRfZ3JhYl9zaXplIjo1Nn0Kgq6-kTvf80MM9dSIvWpXyDVKKJWAv3dMTrXf_RCJBARtWiSSJVXo23A4YeY8-OPWXpz1OEmSuvgwzkkG-114gvShwyVzD5l2vhdm6JALc4nLZXbCZcKiVHWVqsa84yBy4RbzMSRjYGW68Y3mfg49jQ8pQjU4-GfElzUpMZeUi6GSR07MWczGaz7RJ-eusvVSybEuT2SxZq26n1jNhkO3eH7OPuXMzjrf7LHPYkNozC2OGZnIHp3eeOAfQUXZfOVfixc0G7Xen9VvXcBDK1MqM2lNyB1g7Gi_ApI2EAhEZASpR2QA2yhMVBSQgv8%3D&uniformat=true&callback=Ya%5B3277687660506%5D HTTP/1.1
Host: an.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Origin: https://goo.su
Connection: keep-alive
Referer: https://goo.su/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
uniformat: true
uniformat-product-type: Direct
content-encoding: gzip
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
access-control-allow-origin: https://goo.su
x-xss-protection: 1; mode=block
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
x-yandex-req-id: 1674953273096958-605909716902820885400108-production-app-host-vla-pcode-27
last-modified: Sun, 29 Jan 2023 00:47:53 GMT
date: Sun, 29 Jan 2023 00:47:53 GMT
set-cookie: yabs-vdrf=A0; domain=an.yandex.ru; path=/; expires=Sun, 05-Feb-2023 00:47:53 GMT
i=bR6WZuH5UtqRVML4xRVAhn3+oneO1ne28crxIT5f86QiH5ToUT48U4PexNW9QpFblg1eOR8hK+/T0dyB6DryYjNDn8E=; Expires=Tue, 28-Jan-2025 00:47:53 GMT; Domain=.yandex.ru; Path=/; Secure; HttpOnly; SameSite=None
content-type: application/json
pragma: no-cache
access-control-allow-credentials: true
timing-allow-origin: *
ssr: true
strict-transport-security: max-age=31536000
expires: Sun, 29 Jan 2023 00:47:53 GMT
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3e63fa9f-a982-4d0a-ac29-9acbfe59f503.jpeg
34.120.237.76200 OK 4.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3e63fa9f-a982-4d0a-ac29-9acbfe59f503.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 61dd48155b70501a72ec13f79745433d
4efc3d15f04a290a590b54122822d55a9d3fa1ca
9345056c111439b34aff08323fc99a2d315fa91293039dc5acf67affb50636d3
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3e63fa9f-a982-4d0a-ac29-9acbfe59f503.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4202
x-amzn-requestid: d33bee10-9642-4138-8dde-3486ec7f6535
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fa9ABFFvIAMFbqQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d441ff-3b3a99db469e3f8c068d553c;Sampled=0
x-amzn-remapped-date: Fri, 27 Jan 2023 21:28:31 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: RIvTaBE3RpB7sP9Bb1Ku1ItsiaCFKNmyHArESR1FuqDIHXt2uOLG6A==
via: 1.1 ddd913fbbe7367d44af4ac06097e7a2a.cloudfront.net (CloudFront), 1.1 12a392bc3a7281f8d5d4591bfadc41fc.cloudfront.net (CloudFront), 1.1 google
date: Sat, 28 Jan 2023 06:41:58 GMT
age: 65155
etag: "4efc3d15f04a290a590b54122822d55a9d3fa1ca"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd9a423a9-16ee-4e3f-b9b4-34f6a469aba9.jpeg
34.120.237.76200 OK 9.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd9a423a9-16ee-4e3f-b9b4-34f6a469aba9.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 3be81f83687ddb6c93d3ff3c09a9dba2
50a48e737310d3f31840db4301b25927fbcc12c5
e78c909e2381898e7f546183784a05dff47c31734c95358aaada8c2777ad47be
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd9a423a9-16ee-4e3f-b9b4-34f6a469aba9.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9167
x-amzn-requestid: e6e0789c-a4a9-4ffa-a0ae-691770d1035b
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fPF9YEBmIAMF0kQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63cf8388-01d2093432d3959903671a69;Sampled=0
x-amzn-remapped-date: Tue, 24 Jan 2023 07:06:48 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: awfNeaKbFw2bjiTGwUrwUTxU-qbVS2eTjn948H8kn1hy7pi_DwLMlQ==
via: 1.1 01c28b52813cd0e82f810c492808b142.cloudfront.net (CloudFront), 1.1 b2f9564ebf9c745cc2ceae96d434977e.cloudfront.net (CloudFront), 1.1 google
date: Sat, 28 Jan 2023 17:35:56 GMT
age: 25917
etag: "50a48e737310d3f31840db4301b25927fbcc12c5"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F61c84a42-94fd-4328-97f3-9602ba58a2d1.jpeg
34.120.237.76200 OK 5.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F61c84a42-94fd-4328-97f3-9602ba58a2d1.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash d19ea264e32a923808112293d74b97c7
19a01a961cca989ee07ff53e50d6f2e65d73729a
16792f5d3ff24bda8f7ac4b6b522c736c4e070b5aa9fd109fa868906064278c8
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F61c84a42-94fd-4328-97f3-9602ba58a2d1.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5021
x-amzn-requestid: e31ce00f-0014-42a0-832d-90852c823cd1
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fFNoZGgxIAMFz1w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63cb8fcf-72f835c06d6604ec1eeee3d3;Sampled=0
x-amzn-remapped-date: Sat, 21 Jan 2023 07:10:07 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: nh1ha9gcWLXGZFahBAETcNpC6wB6Va4tUpYV76mz5BwVknVn1m7dzQ==
via: 1.1 0005a84c2971ff4f5bbb79e7ebc622a8.cloudfront.net (CloudFront), 1.1 f9d716a351f14a0ac1fac2449734849a.cloudfront.net (CloudFront), 1.1 google
date: Sat, 28 Jan 2023 12:02:22 GMT
age: 45931
etag: "19a01a961cca989ee07ff53e50d6f2e65d73729a"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
mc.yandex.ru/metrika/watch.js
87.250.251.119200 OK 9.4 kB URL HTTP/2 mc.yandex.ru/metrika/watch.js
IP 87.250.251.119:0
Hash e59316e1b1333c42d9d120fa88619bc2
669cdc8dfeba9d64f93f260adbb5f493a5649bb0
c4e78ec96322f1f151b07f9a45d51e6ca3fd46613472cf627f53bf399193a533
GET /metrika/watch.js HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://goo.su
Connection: keep-alive
Referer: https://goo.su/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-length: 58140
date: Sun, 29 Jan 2023 00:47:52 GMT
access-control-allow-origin: *
etag: "63c93a4b-e31c"
expires: Sun, 29 Jan 2023 01:47:52 GMT
last-modified: Thu, 19 Jan 2023 15:40:43 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cache-control: max-age=3600
content-type: application/javascript
content-encoding: br
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fce27f1aa-8d31-4110-a47f-73de0b95926d.jpeg
34.120.237.76200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fce27f1aa-8d31-4110-a47f-73de0b95926d.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 10a6491e2c1dfde68c7cd7297e70700f
d0f195319825a6d3e5e50ad15b2fcab27cb65896
4d9353d5874e5ea03c25e1562db5f479c222a48db526fdd10ede7c2e6a4dd874
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fce27f1aa-8d31-4110-a47f-73de0b95926d.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11470
x-amzn-requestid: 62d61967-9380-4ca9-b11a-531425dbd2ae
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fIf6WFgAIAMF6gw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63cce042-6d9fe51029094b7f37c0a648;Sampled=0
x-amzn-remapped-date: Sun, 22 Jan 2023 07:05:38 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: rUIvvkZQ028ey3klplI-x9oZFugon5HsAWT-SN2GQo5hBeBJWqoMAg==
via: 1.1 98e601970ea59f4d5f56a752787ff9fc.cloudfront.net (CloudFront), 1.1 fda3b2797d2719576f6b916583a28e52.cloudfront.net (CloudFront), 1.1 google
date: Sat, 28 Jan 2023 23:12:28 GMT
age: 5725
etag: "d0f195319825a6d3e5e50ad15b2fcab27cb65896"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6df8e551-afc5-4ea3-a9ef-8af42c4cbea5.jpeg
34.120.237.76200 OK 7.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6df8e551-afc5-4ea3-a9ef-8af42c4cbea5.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 47514f1386d4e6962ac2c931647f60f4
c8da685b6a5aee80c98d4173ffe226b672f054c3
474d462b5d4dbd15b7f759457fe1ed084819cea563ef7c1285028dad9a4a404c
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6df8e551-afc5-4ea3-a9ef-8af42c4cbea5.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7201
x-amzn-requestid: ba830369-3a5f-45bc-9af9-5ad9ee58f43f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fbvRREJqIAMF8Uw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d4926e-6983a44e506dcd4d203c2688;Sampled=0
x-amzn-remapped-date: Sat, 28 Jan 2023 03:11:42 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: k8zu8NNW1XfVlVQuIh495I2sE9YzQQXRooJmVFb2Yqav_D5UCehhLw==
via: 1.1 86b676273517904f44af31586adb06ae.cloudfront.net (CloudFront), 1.1 476c2ba6d9f6cd69dbcedbd65688cbc0.cloudfront.net (CloudFront), 1.1 google
date: Sun, 29 Jan 2023 00:23:18 GMT
age: 66533
etag: "c8da685b6a5aee80c98d4173ffe226b672f054c3"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
avatars.mds.yandex.net/get-direct/5132352/hpdBMa55cDV_p47xXx4y5w/y180
87.250.247.183200 OK 11 kB URL HTTP/2 avatars.mds.yandex.net/get-direct/5132352/hpdBMa55cDV_p47xXx4y5w/y180
IP 87.250.247.183:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 240x180, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash e5b10c69261833342e59c211b24798c5
01ddd54d8342a689372fbdfdaf1302344c109d88
79fa6d6887d784f9d96a219d3be439ad803aa28e92d3315f00ee090d58a641f3
GET /get-direct/5132352/hpdBMa55cDV_p47xXx4y5w/y180 HTTP/1.1
Host: avatars.mds.yandex.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://goo.su/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 29 Jan 2023 00:47:53 GMT
content-type: image/webp
content-length: 10894
access-control-allow-origin: *
access-control-allow-credentials: true
last-modified: Tue, 24 Jan 2023 21:50:39 GMT
cache-control: max-age=31536000,immutable
x-request-id: 57a552b06878a86e
nel: {"report_to": "network-errors", "max_age": 600, "success_fraction": 0.001, "failure_fraction": 0.01}
report-to: {"group": "network-errors", "max_age": 600, "endpoints": [ { "url": "https://dr.yandex.net/s3_nel?datacenter=VLA"}]}
X-Firefox-Spdy: h2
an.yandex.ru/event_confirmation
87.250.250.90200 OK 5.8 kB URL HTTP/2 an.yandex.ru/event_confirmation
IP 87.250.250.90:0
Hash 0a16ec55a87e17dbf661be7b96758a51
206a574c90f1ba170d862be5802475e75dda24e5
22df9279bd5e654ee7b98f24110d6174ea21d0e9bc54176a84fda649f6dba219
POST /event_confirmation HTTP/1.1
Host: an.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Content-Length: 296
Origin: https://goo.su
Connection: keep-alive
Referer: https://goo.su/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
timing-allow-origin: *
date: Sun, 29 Jan 2023 00:47:53 GMT
access-control-allow-origin: https://goo.su
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Sun, 29 Jan 2023 00:47:53 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
last-modified: Sun, 29 Jan 2023 00:47:53 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-encoding: gzip
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
avatars.mds.yandex.net/get-direct/5234214/5D8RkzgjJq0K4Zd-8qpugw/y150
87.250.247.183200 OK 8.4 kB URL HTTP/2 avatars.mds.yandex.net/get-direct/5234214/5D8RkzgjJq0K4Zd-8qpugw/y150
IP 87.250.247.183:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 200x150, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 3b6c414f925892dadd8a6db266fd9ef2
2416ec22b9128e239b6b6058b4d963729d671c6e
e164fa8356b34a92e8b6e46c7466b02779f110035106f1b27a8c0a2cd0fee98d
GET /get-direct/5234214/5D8RkzgjJq0K4Zd-8qpugw/y150 HTTP/1.1
Host: avatars.mds.yandex.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://goo.su/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 29 Jan 2023 00:47:53 GMT
content-type: image/webp
content-length: 8358
access-control-allow-origin: *
access-control-allow-credentials: true
last-modified: Wed, 12 Oct 2022 13:27:08 GMT
cache-control: max-age=31536000,immutable
x-request-id: 96b5fe27c88d6718
nel: {"report_to": "network-errors", "max_age": 600, "success_fraction": 0.001, "failure_fraction": 0.01}
report-to: {"group": "network-errors", "max_age": 600, "endpoints": [ { "url": "https://dr.yandex.net/s3_nel?datacenter=VLA"}]}
X-Firefox-Spdy: h2
avatars.mds.yandex.net/get-direct/5391252/4WC_U371FRBn_Gd87FAAwQ/x180
87.250.247.183200 OK 4.1 kB URL HTTP/2 avatars.mds.yandex.net/get-direct/5391252/4WC_U371FRBn_Gd87FAAwQ/x180
IP 87.250.247.183:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 180x171, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 0a887e147d540d9aedc141c0dab7a903
15c357b57b6b95c269a3eb6b48d9cbbe3fee1ca4
7196cefc42508d23a41f1642a92a7acd5b2ed61ad72a6988b5e2525e00adff0d
GET /get-direct/5391252/4WC_U371FRBn_Gd87FAAwQ/x180 HTTP/1.1
Host: avatars.mds.yandex.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://goo.su/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 29 Jan 2023 00:47:53 GMT
content-type: image/webp
content-length: 4094
access-control-allow-origin: *
access-control-allow-credentials: true
last-modified: Thu, 28 Apr 2022 12:13:02 GMT
cache-control: max-age=31536000,immutable
x-request-id: 4c64305af82cb934
nel: {"report_to": "network-errors", "max_age": 600, "success_fraction": 0.001, "failure_fraction": 0.01}
report-to: {"group": "network-errors", "max_age": 600, "endpoints": [ { "url": "https://dr.yandex.net/s3_nel?datacenter=VLA"}]}
X-Firefox-Spdy: h2
yastatic.net/partner-code-bundles/712629/99bb0f6dfde922bb45df.js
178.154.131.217200 OK 8.7 kB URL HTTP/2 yastatic.net/partner-code-bundles/712629/99bb0f6dfde922bb45df.js
IP 178.154.131.217:0
File type ASCII text, with very long lines (29049)
Hash 1e92b5bb09296bc8eaa3f7caa7f34be2
95e06e60112eb01a46131580314ecec1bbc8f749
7f53930ac6aa79d499c2feb25c82b2ff62a291e8fb80bfc4683f13a5399a2b1a
GET /partner-code-bundles/712629/99bb0f6dfde922bb45df.js HTTP/1.1
Host: yastatic.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://goo.su
Connection: keep-alive
Referer: https://goo.su/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx/1.17.9
date: Sun, 29 Jan 2023 00:47:53 GMT
content-type: text/javascript; charset=utf-8
content-length: 8721
access-control-allow-origin: *
cache-control: public, max-age=946708560
content-encoding: br
etag: "1e92b5bb09296bc8eaa3f7caa7f34be2"
expires: Tue, 28 Jan 2053 07:21:35 GMT
last-modified: Thu, 26 Jan 2023 20:16:11 GMT
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
strict-transport-security: max-age=43200000; includeSubDomains;
timing-allow-origin: *
vary: Accept-Encoding
x-robots-tag: noindex, noarchive, nofollow
accept-ranges: bytes
X-Firefox-Spdy: h2
yastatic.net/partner-code-bundles/712629/2bcb1d8fb0dd99e08769.js
178.154.131.217200 OK 6.7 kB URL HTTP/2 yastatic.net/partner-code-bundles/712629/2bcb1d8fb0dd99e08769.js
IP 178.154.131.217:0
File type ASCII text, with very long lines (22894)
Hash 1649474f6f4578d7e652daa891aa7a32
a2231b54faa0af305dac9bc9429cc95cdf6452a5
08359c590f544ebe03b07eb78583e46e5dcec51771b62787cffcadfdb702c031
GET /partner-code-bundles/712629/2bcb1d8fb0dd99e08769.js HTTP/1.1
Host: yastatic.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://goo.su
Connection: keep-alive
Referer: https://goo.su/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx/1.17.9
date: Sun, 29 Jan 2023 00:47:53 GMT
content-type: text/javascript; charset=utf-8
content-length: 6735
access-control-allow-origin: *
cache-control: public, max-age=946708560
content-encoding: br
etag: "1649474f6f4578d7e652daa891aa7a32"
expires: Tue, 28 Jan 2053 07:21:35 GMT
last-modified: Thu, 26 Jan 2023 20:16:11 GMT
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
strict-transport-security: max-age=43200000; includeSubDomains;
timing-allow-origin: *
vary: Accept-Encoding
x-robots-tag: noindex, noarchive, nofollow
accept-ranges: bytes
X-Firefox-Spdy: h2
yastatic.net/partner-code-bundles/712629/8d1a43fc1f1deb2d16bd.js
178.154.131.217200 OK 2.9 kB URL HTTP/2 yastatic.net/partner-code-bundles/712629/8d1a43fc1f1deb2d16bd.js
IP 178.154.131.217:0
File type ASCII text, with very long lines (9030)
Hash 93b57e0d8e28fa4028017467da48d4d8
99cfe5ece563570cad908714f567957ce8aa2aca
5849239b39d45fa892a78894ecaa85a46b4a10607a11275e1bc8997b7cfcfc97
GET /partner-code-bundles/712629/8d1a43fc1f1deb2d16bd.js HTTP/1.1
Host: yastatic.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://goo.su
Connection: keep-alive
Referer: https://goo.su/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx/1.17.9
date: Sun, 29 Jan 2023 00:47:53 GMT
content-type: text/javascript; charset=utf-8
content-length: 2948
access-control-allow-origin: *
cache-control: public, max-age=946708560
content-encoding: br
etag: "93b57e0d8e28fa4028017467da48d4d8"
expires: Tue, 28 Jan 2053 07:21:35 GMT
last-modified: Thu, 26 Jan 2023 20:16:11 GMT
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
strict-transport-security: max-age=43200000; includeSubDomains;
timing-allow-origin: *
vary: Accept-Encoding
x-robots-tag: noindex, noarchive, nofollow
accept-ranges: bytes
X-Firefox-Spdy: h2
avatars.mds.yandex.net/get-vh/6502245/2a00000185cf4ac1ebe53366cec7ea75c37c/orig
87.250.247.183200 OK 12 kB URL HTTP/2 avatars.mds.yandex.net/get-vh/6502245/2a00000185cf4ac1ebe53366cec7ea75c37c/orig
IP 87.250.247.183:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 1x1, segment length 16, comment: "Lavc59.18.100", baseline, precision 8, 1280x720, components 3\012- data
Hash b8ecdbcfd38b47265c5c1778e61d9622
1e0eba07cde364b18d9253710faecd44bb264559
cd55170ca2b6b58f60cef7ac205b07899e1a8b259c49aee9b17b49af0b0212f8
GET /get-vh/6502245/2a00000185cf4ac1ebe53366cec7ea75c37c/orig HTTP/1.1
Host: avatars.mds.yandex.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://goo.su/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 29 Jan 2023 00:47:53 GMT
content-type: image/jpeg
content-length: 11455
last-modified: Fri, 20 Jan 2023 13:07:41 GMT
cache-control: max-age=86400,immutable
x-request-id: aeb017435b01e006
nel: {"report_to": "network-errors", "max_age": 600, "success_fraction": 0.001, "failure_fraction": 0.01}
report-to: {"group": "network-errors", "max_age": 600, "endpoints": [ { "url": "https://dr.yandex.net/s3_nel?datacenter=VLA"}]}
timing-allow-origin: *
X-Firefox-Spdy: h2
yastatic.net/partner-code-bundles/712629/e624d04cffc8c1b7c5ac.js
178.154.131.217200 OK 6.8 kB URL HTTP/2 yastatic.net/partner-code-bundles/712629/e624d04cffc8c1b7c5ac.js
IP 178.154.131.217:0
File type ASCII text, with very long lines (24421)
Hash cdf0fb1314dc77865829a8eb8bcea848
73afd3ae2791de302938a51c06a90943ee81640c
abdc51e58de74f94d176482b953917a7da163390743976c927dcc9efc8930537
GET /partner-code-bundles/712629/e624d04cffc8c1b7c5ac.js HTTP/1.1
Host: yastatic.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://goo.su
Connection: keep-alive
Referer: https://goo.su/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx/1.17.9
date: Sun, 29 Jan 2023 00:47:53 GMT
content-type: text/javascript; charset=utf-8
content-length: 6797
access-control-allow-origin: *
cache-control: public, max-age=946708560
content-encoding: br
etag: "cdf0fb1314dc77865829a8eb8bcea848"
expires: Tue, 28 Jan 2053 07:21:46 GMT
last-modified: Thu, 26 Jan 2023 20:16:11 GMT
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
strict-transport-security: max-age=43200000; includeSubDomains;
timing-allow-origin: *
vary: Accept-Encoding
x-robots-tag: noindex, noarchive, nofollow
accept-ranges: bytes
X-Firefox-Spdy: h2
favicon.yandex.net/favicon/coddyschool.com?size=120&stub=2
213.180.204.36200 Ok 4.2 kB URL HTTP/1.1 favicon.yandex.net/favicon/coddyschool.com?size=120&stub=2
IP 213.180.204.36:0
File type PNG image data, 120 x 120, 8-bit/color RGBA, non-interlaced\012- data
Hash fc83f1fc2d4deb8597e9c954b53b5277
324ad167a2630c3ff97c3e71702c38d923a4539f
4b307d56f3dc06c64c62aeff0e608d98c85a6367b20c33d292a0ec32791521cf
GET /favicon/coddyschool.com?size=120&stub=2 HTTP/1.1
Host: favicon.yandex.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://goo.su/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 Ok
Cache-Control: max-age=691200
Content-Type: image/png
Transfer-Encoding: chunked
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
access-control-allow-origin: *
favicon.yandex.net/favicon/books.ppublishing.org?size=120&stub=2
213.180.204.36200 Ok 381 B URL HTTP/1.1 favicon.yandex.net/favicon/books.ppublishing.org?size=120&stub=2
IP 213.180.204.36:0
File type PNG image data, 120 x 120, 8-bit/color RGBA, non-interlaced\012- data
Hash b03d80da6274e7ce42adb7d15d149cd1
5c824ef658f681dea180963d6404ec5701e56d3b
b1ce7dde0c467322731a75e43fa3f385b209f7a5f8662f5dfeb52641651d6e17
GET /favicon/books.ppublishing.org?size=120&stub=2 HTTP/1.1
Host: favicon.yandex.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://goo.su/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 Ok
Cache-Control: max-age=691200
Content-Type: image/png
Transfer-Encoding: chunked
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
access-control-allow-origin: *
an.yandex.ru/event_confirmation
87.250.250.90200 OK 165 kB URL HTTP/2 an.yandex.ru/event_confirmation
IP 87.250.250.90:0
Size 165 kB (165447 bytes)
Hash 20bde9bcc93aacc7185ac8011d4d6683
574d8b95ede8a63982017a46a3da9fa5cdb54df1
53e9c011c1be3450e5a954b3bc60db800291597c2f8a3ab93dddc67407624125
POST /event_confirmation HTTP/1.1
Host: an.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Content-Length: 321
Origin: https://goo.su
Connection: keep-alive
Referer: https://goo.su/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
timing-allow-origin: *
date: Sun, 29 Jan 2023 00:47:53 GMT
access-control-allow-origin: https://goo.su
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Sun, 29 Jan 2023 00:47:53 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
last-modified: Sun, 29 Jan 2023 00:47:53 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-encoding: gzip
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
mc.yandex.ru/watch/1677322?wmode=7&page-url=https%3A%2F%2Fgoo.su%2FwunD%3F10006039TPMCRY31HAKWLU10249191024919&nohit=1&charset=utf-8&cnt-class=1&browser-info=pv%3A1%3Avf%3A3kqlg6e9sjiwxr6f2njdv%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A960%3Acn%3A1%3Adp%3A0%3Als%3A1404411639727%3Ahid%3A1005851940%3Az%3A0%3Ai%3A20230129004758%3Aet%3A1674953278%3Ac%3A1%3Arn%3A275009315%3Au%3A1674953278555521155%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Aco%3A0%3Ans%3A1674953275596%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1674953278%3At%3ARedirecting...&t=gdpr(14)clc(0-0-0)aw(1)fip(1)ti(2)
87.250.251.119302 Found 236 B URL HTTP/2 mc.yandex.ru/watch/1677322?wmode=7&page-url=https%3A%2F%2Fgoo.su%2FwunD%3F10006039TPMCRY31HAKWLU10249191024919&nohit=1&charset=utf-8&cnt-class=1&browser-info=pv%3A1%3Avf%3A3kqlg6e9sjiwxr6f2njdv%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A960%3Acn%3A1%3Adp%3A0%3Als%3A1404411639727%3Ahid%3A1005851940%3Az%3A0%3Ai%3A20230129004758%3Aet%3A1674953278%3Ac%3A1%3Arn%3A275009315%3Au%3A1674953278555521155%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Aco%3A0%3Ans%3A1674953275596%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1674953278%3At%3ARedirecting...&t=gdpr(14)clc(0-0-0)aw(1)fip(1)ti(2)
IP 87.250.251.119:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 13acaa5298affd83f1f3cb86f646c99f
4e4621d9cf7953364ff34dd3c0e90c1b9403942d
ebae1952ca5c6dee06ebe03f8752929b517871786bc527b38ea74dafd489456b
GET /watch/1677322?wmode=7&page-url=https%3A%2F%2Fgoo.su%2FwunD%3F10006039TPMCRY31HAKWLU10249191024919&nohit=1&charset=utf-8&cnt-class=1&browser-info=pv%3A1%3Avf%3A3kqlg6e9sjiwxr6f2njdv%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A960%3Acn%3A1%3Adp%3A0%3Als%3A1404411639727%3Ahid%3A1005851940%3Az%3A0%3Ai%3A20230129004758%3Aet%3A1674953278%3Ac%3A1%3Arn%3A275009315%3Au%3A1674953278555521155%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Aco%3A0%3Ans%3A1674953275596%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1674953278%3At%3ARedirecting...&t=gdpr(14)clc(0-0-0)aw(1)fip(1)ti(2) HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://goo.su
Connection: keep-alive
Referer: https://goo.su/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
location: /watch/1677322/1?wmode=7&page-url=https%3A%2F%2Fgoo.su%2FwunD%3F10006039TPMCRY31HAKWLU10249191024919&nohit=1&charset=utf-8&cnt-class=1&browser-info=pv%3A1%3Avf%3A3kqlg6e9sjiwxr6f2njdv%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A960%3Acn%3A1%3Adp%3A0%3Als%3A1404411639727%3Ahid%3A1005851940%3Az%3A0%3Ai%3A20230129004758%3Aet%3A1674953278%3Ac%3A1%3Arn%3A275009315%3Au%3A1674953278555521155%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Aco%3A0%3Ans%3A1674953275596%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1674953278%3At%3ARedirecting...&t=gdpr%2814%29clc%280-0-0%29aw%281%29fip%281%29ti%282%29
date: Sun, 29 Jan 2023 00:47:53 GMT
access-control-allow-origin: https://goo.su
set-cookie: yabs-sid=1700645201674953273; Path=/; SameSite=None; Secure
i=XT86xbsdSPeqRB8k1kkH1dbemIvhUKGJ12l4LUHJwdheBlJvAr5XxBvxx505F8LEe0quV1/SfrZG11+WvuUk4PW5H5o=; Expires=Wed, 26-Jan-2033 00:47:44 GMT; Domain=.yandex.ru; Path=/; Secure; HttpOnly; SameSite=None
yandexuid=1482261311674953273; Expires=Mon, 29-Jan-2024 00:47:53 GMT; Domain=.yandex.ru; Path=/; SameSite=None; Secure
yuidss=1482261311674953273; Expires=Mon, 29-Jan-2024 00:47:53 GMT; Domain=.yandex.ru; Path=/; SameSite=None; Secure
ymex=1706489273.yc.1674953273#1706489273.yrts.1674953273#1706489273.yrtsi.1674953273; Expires=Mon, 29-Jan-2024 00:47:53 GMT; Domain=.yandex.ru; Path=/; SameSite=None; Secure
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Sun, 29-Jan-2023 00:47:53 GMT
last-modified: Sun, 29-Jan-2023 00:47:53 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
mc.yandex.ru/watch/1677322/1?page-url=https%3A%2F%2Fgoo.su%2FwunD%3F10006039TPMCRY31HAKWLU10249191024919&charset=utf-8&cnt-class=1&hittoken=1674953273_eb0cf57bdeb0cafee5e84693cf0373a84065d065969c74f23b02a1a30fe660fd&browser-info=pa%3A1%3Aar%3A1%3Avf%3A3kqlg6e9sjiwxr6f2njdv%3Afp%3A989%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A960%3Acn%3A1%3Adp%3A0%3Als%3A1404411639727%3Ahid%3A1005851940%3Az%3A0%3Ai%3A20230129004758%3Aet%3A1674953279%3Ac%3A1%3Arn%3A841945764%3Arqn%3A1%3Au%3A1674953278555521155%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Ads%3A4%2C30%2C257%2C1%2C363%2C0%2C%2C302%2C2%2C1990%2C1990%2C3%2C1003%3Aco%3A0%3Ans%3A1674953275596%3Ast%3A1674953279&t=gdpr(14)mc(p-1-h-1)clc(0-0-0)rqnt(1)aw(1)ti(2)
87.250.251.119200 OK 43 B URL HTTP/2 mc.yandex.ru/watch/1677322/1?page-url=https%3A%2F%2Fgoo.su%2FwunD%3F10006039TPMCRY31HAKWLU10249191024919&charset=utf-8&cnt-class=1&hittoken=1674953273_eb0cf57bdeb0cafee5e84693cf0373a84065d065969c74f23b02a1a30fe660fd&browser-info=pa%3A1%3Aar%3A1%3Avf%3A3kqlg6e9sjiwxr6f2njdv%3Afp%3A989%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A960%3Acn%3A1%3Adp%3A0%3Als%3A1404411639727%3Ahid%3A1005851940%3Az%3A0%3Ai%3A20230129004758%3Aet%3A1674953279%3Ac%3A1%3Arn%3A841945764%3Arqn%3A1%3Au%3A1674953278555521155%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Ads%3A4%2C30%2C257%2C1%2C363%2C0%2C%2C302%2C2%2C1990%2C1990%2C3%2C1003%3Aco%3A0%3Ans%3A1674953275596%3Ast%3A1674953279&t=gdpr(14)mc(p-1-h-1)clc(0-0-0)rqnt(1)aw(1)ti(2)
IP 87.250.251.119:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash df3e567d6f16d040326c7a0ea29a4f41
ea7df583983133b62712b5e73bffbcd45cc53736
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
POST /watch/1677322/1?page-url=https%3A%2F%2Fgoo.su%2FwunD%3F10006039TPMCRY31HAKWLU10249191024919&charset=utf-8&cnt-class=1&hittoken=1674953273_eb0cf57bdeb0cafee5e84693cf0373a84065d065969c74f23b02a1a30fe660fd&browser-info=pa%3A1%3Aar%3A1%3Avf%3A3kqlg6e9sjiwxr6f2njdv%3Afp%3A989%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A960%3Acn%3A1%3Adp%3A0%3Als%3A1404411639727%3Ahid%3A1005851940%3Az%3A0%3Ai%3A20230129004758%3Aet%3A1674953279%3Ac%3A1%3Arn%3A841945764%3Arqn%3A1%3Au%3A1674953278555521155%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Ads%3A4%2C30%2C257%2C1%2C363%2C0%2C%2C302%2C2%2C1990%2C1990%2C3%2C1003%3Aco%3A0%3Ans%3A1674953275596%3Ast%3A1674953279&t=gdpr(14)mc(p-1-h-1)clc(0-0-0)rqnt(1)aw(1)ti(2) HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 80
Origin: https://goo.su
Connection: keep-alive
Referer: https://goo.su/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 43
date: Sun, 29 Jan 2023 00:47:53 GMT
access-control-allow-origin: https://goo.su
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Sun, 29-Jan-2023 00:47:53 GMT
last-modified: Sun, 29-Jan-2023 00:47:53 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: image/gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
mc.yandex.ru/watch/1677322/1?page-url=https%3A%2F%2Fgoo.su%2FwunD%3F10006039TPMCRY31HAKWLU10249191024919&charset=utf-8&cnt-class=1&hittoken=1674953273_eb0cf57bdeb0cafee5e84693cf0373a84065d065969c74f23b02a1a30fe660fd&browser-info=pv%3A1%3Aar%3A1%3Avf%3A3kqlg6e9sjiwxr6f2njdv%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A960%3Acn%3A1%3Adp%3A0%3Als%3A1404411639727%3Ahid%3A1005851940%3Az%3A0%3Ai%3A20230129004758%3Aet%3A1674953279%3Ac%3A1%3Arn%3A954325653%3Arqn%3A2%3Au%3A1674953278555521155%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Aco%3A0%3Ans%3A1674953275596%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1674953279%3At%3ARedirecting...&t=gdpr%2814%29mc%28p-1-h-1%29clc%280-0-0%29rqnt%282%29aw%281%29fip%281%29ti%282%29
87.250.251.119200 OK 43 B URL HTTP/2 mc.yandex.ru/watch/1677322/1?page-url=https%3A%2F%2Fgoo.su%2FwunD%3F10006039TPMCRY31HAKWLU10249191024919&charset=utf-8&cnt-class=1&hittoken=1674953273_eb0cf57bdeb0cafee5e84693cf0373a84065d065969c74f23b02a1a30fe660fd&browser-info=pv%3A1%3Aar%3A1%3Avf%3A3kqlg6e9sjiwxr6f2njdv%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A960%3Acn%3A1%3Adp%3A0%3Als%3A1404411639727%3Ahid%3A1005851940%3Az%3A0%3Ai%3A20230129004758%3Aet%3A1674953279%3Ac%3A1%3Arn%3A954325653%3Arqn%3A2%3Au%3A1674953278555521155%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Aco%3A0%3Ans%3A1674953275596%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1674953279%3At%3ARedirecting...&t=gdpr%2814%29mc%28p-1-h-1%29clc%280-0-0%29rqnt%282%29aw%281%29fip%281%29ti%282%29
IP 87.250.251.119:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash df3e567d6f16d040326c7a0ea29a4f41
ea7df583983133b62712b5e73bffbcd45cc53736
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
GET /watch/1677322/1?page-url=https%3A%2F%2Fgoo.su%2FwunD%3F10006039TPMCRY31HAKWLU10249191024919&charset=utf-8&cnt-class=1&hittoken=1674953273_eb0cf57bdeb0cafee5e84693cf0373a84065d065969c74f23b02a1a30fe660fd&browser-info=pv%3A1%3Aar%3A1%3Avf%3A3kqlg6e9sjiwxr6f2njdv%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A960%3Acn%3A1%3Adp%3A0%3Als%3A1404411639727%3Ahid%3A1005851940%3Az%3A0%3Ai%3A20230129004758%3Aet%3A1674953279%3Ac%3A1%3Arn%3A954325653%3Arqn%3A2%3Au%3A1674953278555521155%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Aco%3A0%3Ans%3A1674953275596%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1674953279%3At%3ARedirecting...&t=gdpr%2814%29mc%28p-1-h-1%29clc%280-0-0%29rqnt%282%29aw%281%29fip%281%29ti%282%29 HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://goo.su
Referer: https://goo.su/
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 43
date: Sun, 29 Jan 2023 00:47:53 GMT
access-control-allow-origin: https://goo.su
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Sun, 29-Jan-2023 00:47:53 GMT
last-modified: Sun, 29-Jan-2023 00:47:53 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: image/gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
ocsp.globalsign.com/gsrsaovsslca2018
104.18.21.226200 OK 1.4 kB URL HTTP/1.1 ocsp.globalsign.com/gsrsaovsslca2018
IP 104.18.21.226:0
Hash f978fbabdcadadb500e64003205d2951
97b7f4ca87d6e0c7edb8be8df15349b429e7d667
d0832995442505ce1c5bce9f53036bfcd2a94bcc2b6d381fe16a6685b4698f6f
POST /gsrsaovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 29 Jan 2023 00:47:53 GMT
Content-Type: application/ocsp-response
Content-Length: 1432
Connection: keep-alive
Expires: Wed, 01 Feb 2023 21:50:22 GMT
ETag: "97b7f4ca87d6e0c7edb8be8df15349b429e7d667"
Last-Modified: Sat, 28 Jan 2023 21:50:23 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 3272
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 790df589fb080afe-OSL
an.yandex.ru/event_confirmation
87.250.250.90200 OK 20 B URL HTTP/2 an.yandex.ru/event_confirmation
IP 87.250.250.90:0
Hash 7029066c27ac6f5ef18d660d5741979a
46c6643f07aa7f6bfe7118de926b86defc5087c4
59869db34853933b239f1e2219cf7d431da006aa919635478511fabbfc8849d2
POST /event_confirmation HTTP/1.1
Host: an.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Content-Length: 321
Origin: https://goo.su
Connection: keep-alive
Referer: https://goo.su/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
timing-allow-origin: *
date: Sun, 29 Jan 2023 00:47:53 GMT
access-control-allow-origin: https://goo.su
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Sun, 29 Jan 2023 00:47:53 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
last-modified: Sun, 29 Jan 2023 00:47:53 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-encoding: gzip
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
an.yandex.ru/rtbcount/1R1aV0cc0GC200000000U9nJj50wThrUs2hKK9bxvZQp-zUOB2qENKrc009Fc4YeNwybTopN34c6L4QWUAOozzlL8F5IPY2ljXn8j3A2o4wGB10mCSnaLEE6i1SoSh13M2iPbp91M1j1wZQ0DEzbNDCWm70KB7EM4IHobH4aUPUHGOQ1uI_ZBA3uN2QGo5gcA21vbka_4BnY4WW_O2YipCt8KCXrlIZcCol3NoOMa3EOMO5aBxCYa9pA3D8sbvaDP3Kp4uC2o6QMZSnCzq_klDAbBd2IsM9RWOrZVBFnLR3Aks3o9xE34p_4uIodNfq1irQmB1FRmF8V1XXt8B4F8B5lia2yzy7-8OkNZedEBh4RzczPG5vRmCfxabKYdGiiVO6reQ61vIQh-Q-VbvM-prR-oWhItS7Mm3A3xShXu0LitNisRsZzUsP_sKesc347s3nEi34_OkCDSdQrIlTrAWq9JKupVya6i_0dd3MHFSRSSNk6p3lxMUniveP6PaQM2zWPLx0pRc1l0bgxWvtd1Blu0_RsMqqx9ttQi9Zx1piF0A9AecG0
87.250.250.90200 OK 50 B URL HTTP/2 an.yandex.ru/rtbcount/1R1aV0cc0GC200000000U9nJj50wThrUs2hKK9bxvZQp-zUOB2qENKrc009Fc4YeNwybTopN34c6L4QWUAOozzlL8F5IPY2ljXn8j3A2o4wGB10mCSnaLEE6i1SoSh13M2iPbp91M1j1wZQ0DEzbNDCWm70KB7EM4IHobH4aUPUHGOQ1uI_ZBA3uN2QGo5gcA21vbka_4BnY4WW_O2YipCt8KCXrlIZcCol3NoOMa3EOMO5aBxCYa9pA3D8sbvaDP3Kp4uC2o6QMZSnCzq_klDAbBd2IsM9RWOrZVBFnLR3Aks3o9xE34p_4uIodNfq1irQmB1FRmF8V1XXt8B4F8B5lia2yzy7-8OkNZedEBh4RzczPG5vRmCfxabKYdGiiVO6reQ61vIQh-Q-VbvM-prR-oWhItS7Mm3A3xShXu0LitNisRsZzUsP_sKesc347s3nEi34_OkCDSdQrIlTrAWq9JKupVya6i_0dd3MHFSRSSNk6p3lxMUniveP6PaQM2zWPLx0pRc1l0bgxWvtd1Blu0_RsMqqx9ttQi9Zx1piF0A9AecG0
IP 87.250.250.90:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash bef53a5c76b7ad469692178eeaeb08d8
aaae1c11fa0b5a086770957c8857d3937ed653e9
be24bb564cc16e1fe9113f63db905a1b7a3a653c6642f0c27d5e823729a99ee3
GET /rtbcount/1R1aV0cc0GC200000000U9nJj50wThrUs2hKK9bxvZQp-zUOB2qENKrc009Fc4YeNwybTopN34c6L4QWUAOozzlL8F5IPY2ljXn8j3A2o4wGB10mCSnaLEE6i1SoSh13M2iPbp91M1j1wZQ0DEzbNDCWm70KB7EM4IHobH4aUPUHGOQ1uI_ZBA3uN2QGo5gcA21vbka_4BnY4WW_O2YipCt8KCXrlIZcCol3NoOMa3EOMO5aBxCYa9pA3D8sbvaDP3Kp4uC2o6QMZSnCzq_klDAbBd2IsM9RWOrZVBFnLR3Aks3o9xE34p_4uIodNfq1irQmB1FRmF8V1XXt8B4F8B5lia2yzy7-8OkNZedEBh4RzczPG5vRmCfxabKYdGiiVO6reQ61vIQh-Q-VbvM-prR-oWhItS7Mm3A3xShXu0LitNisRsZzUsP_sKesc347s3nEi34_OkCDSdQrIlTrAWq9JKupVya6i_0dd3MHFSRSSNk6p3lxMUniveP6PaQM2zWPLx0pRc1l0bgxWvtd1Blu0_RsMqqx9ttQi9Zx1piF0A9AecG0 HTTP/1.1
Host: an.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Origin: https://goo.su
Connection: keep-alive
Referer: https://goo.su/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
timing-allow-origin: *
date: Sun, 29 Jan 2023 00:47:53 GMT
access-control-allow-origin: https://goo.su
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Sun, 29 Jan 2023 00:47:53 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
last-modified: Sun, 29 Jan 2023 00:47:53 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: image/gif
content-encoding: gzip
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
ext-strm-itt08.strm.yandex.net/vh-canvas-converted/vod-content/4953398316594226648/eddb8126-5d28-4fbe-9705-1524604d8c54/webm/VP8_256_144_300.webm?vsid=26121fa2e6bd8e93d10da42d0b3efc3c79fd0ce9e3f1xVASx2629x1674953277&noredir=1&lid=1529
185.70.202.10206 Partial Content 2.7 MB URL HTTP/2 ext-strm-itt08.strm.yandex.net/vh-canvas-converted/vod-content/4953398316594226648/eddb8126-5d28-4fbe-9705-1524604d8c54/webm/VP8_256_144_300.webm?vsid=26121fa2e6bd8e93d10da42d0b3efc3c79fd0ce9e3f1xVASx2629x1674953277&noredir=1&lid=1529
IP 185.70.202.10:0
ASN #6762 TELECOM ITALIA SPARKLE S.p.A.
File type WebM\012- EBML file, creator webmB\20\012- data
Size 2.7 MB (2703770 bytes)
Hash 29fab9fb9333f2907af07693715310d4
83e9968f837561f31ceb04ef6e77790760099793
f19dcf0eb50e6285a49eaddee7e013f2cfbb70842c7a37d44d5f8086d07bb184
GET /vh-canvas-converted/vod-content/4953398316594226648/eddb8126-5d28-4fbe-9705-1524604d8c54/webm/VP8_256_144_300.webm?vsid=26121fa2e6bd8e93d10da42d0b3efc3c79fd0ce9e3f1xVASx2629x1674953277&noredir=1&lid=1529 HTTP/1.1
Host: ext-strm-itt08.strm.yandex.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: video/webm,video/ogg,video/*;q=0.9,application/ogg;q=0.7,audio/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Range: bytes=0-
Referer: https://goo.su/
Connection: keep-alive
Sec-Fetch-Dest: video
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 206 Partial Content
server: nginx/1.18.0
date: Sun, 29 Jan 2023 00:47:54 GMT
content-type: video/webm
content-length: 2703770
etag: "29fab9fb9333f2907af07693715310d4"
last-modified: Fri, 20 Jan 2023 13:07:50 GMT
x-robots-tag: noindex, noarchive, nofollow
x-strm-log-split: 9
x_h: strm-ams08.strm.yandex.net
x-strm-request-id: 9eb05ad067ea30ec
x-request-id: 9eb05ad067ea30ec
expires: Sun, 29 Jan 2023 00:52:54 GMT
cache-control: max-age=300
report-to: {"group": "network-errors", "max_age": 1200, "include_subdomains": true, "endpoints": [ {"url": "https://dr.yandex.net/strm", "priority": 1}, {"url": "https://dr2.yandex.net/strm", "priority": 2} ]}
nel: {"report_to": "network-errors", "max_age": 1200, "success_fraction": 0.005, "failure_fraction": 0.05, "include_subdomains": true}
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Range, X-Client-Timestamp, X-Strm-Session
access-control-expose-headers: Date, X-Strm-Session, X-Estimated-RTT, X-Estimated-Bandwidth, X-Connection-ID, Age, X-Server-Time-Ms, X-Plg-URL
x-estimated-rtt: 38406
x-estimated-bandwidth: 1141248
x-connection-id: 194824042
x-server-time-ms: 1674953274104
content-range: bytes 0-2703769/2703770
X-Firefox-Spdy: h2
mc.yandex.ru/watch/39370120/1?vsid=26121fa2e6bd8e93d10da42d0b3efc3c79fd0ce9e3f1xVASx2629x1674953277
87.250.251.119200 OK 43 B URL HTTP/2 mc.yandex.ru/watch/39370120/1?vsid=26121fa2e6bd8e93d10da42d0b3efc3c79fd0ce9e3f1xVASx2629x1674953277
IP 87.250.251.119:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash df3e567d6f16d040326c7a0ea29a4f41
ea7df583983133b62712b5e73bffbcd45cc53736
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
GET /watch/39370120/1?vsid=26121fa2e6bd8e93d10da42d0b3efc3c79fd0ce9e3f1xVASx2629x1674953277 HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://goo.su/
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 43
date: Sun, 29 Jan 2023 00:47:54 GMT
pragma: no-cache
expires: Sun, 29-Jan-2023 00:47:54 GMT
x-xss-protection: 1; mode=block
last-modified: Sun, 29-Jan-2023 00:47:54 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: image/gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
ocsp.globalsign.com/gsrsaovsslca2018
104.18.21.226200 OK 1.4 kB URL HTTP/1.1 ocsp.globalsign.com/gsrsaovsslca2018
IP 104.18.21.226:0
Hash 41ed94601a6b9b7507bd5f8493d1397f
312dd12ebeecad23e1307217dd21a1f1356b4b66
1bdd5e230d4fcb1d344408a2adda60fd98447890e82f36655c013b1281fe829c
POST /gsrsaovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 29 Jan 2023 00:47:54 GMT
Content-Type: application/ocsp-response
Content-Length: 1432
Connection: keep-alive
Expires: Wed, 01 Feb 2023 22:15:55 GMT
ETag: "312dd12ebeecad23e1307217dd21a1f1356b4b66"
Last-Modified: Sat, 28 Jan 2023 22:15:56 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 399
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 790df58dacceb51e-OSL
log.strm.yandex.ru/log?VAS=712202&event=PrioritiseMediaFiles
87.250.251.15200 OK 0 B URL HTTP/2 log.strm.yandex.ru/log?VAS=712202&event=PrioritiseMediaFiles
IP 87.250.251.15:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /log?VAS=712202&event=PrioritiseMediaFiles HTTP/1.1
Host: log.strm.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 12568
Origin: https://goo.su
Connection: keep-alive
Referer: https://goo.su/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-length: 0
access-control-allow-credentials: true
access-control-expose-headers: Date
date: Sun, 29 Jan 2023 00:47:54 GMT
timing-allow-origin: https://goo.su
access-control-allow-origin: https://goo.su
x-request-id: 1674953274557914-9541624043578303596
X-Firefox-Spdy: h2
ocsp.globalsign.com/gseccovsslca2018
104.18.21.226200 OK 939 B URL HTTP/1.1 ocsp.globalsign.com/gseccovsslca2018
IP 104.18.21.226:0
Hash efbff82d6e2c5f880ecb871cafec7b2a
10a30ab572782b21f3d304eb22df6c6fb0c08c26
71f36f4b5b2bad5c00bc806b39948754f9a51c5720338a20511d404298d97f40
POST /gseccovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 29 Jan 2023 00:47:54 GMT
Content-Type: application/ocsp-response
Content-Length: 939
Connection: keep-alive
Expires: Wed, 01 Feb 2023 20:23:46 GMT
ETag: "10a30ab572782b21f3d304eb22df6c6fb0c08c26"
Last-Modified: Sat, 28 Jan 2023 20:23:47 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 3119
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 790df5903e570afe-OSL
mc.yandex.ru/metrika/watch.js
87.250.251.119200 OK 58 kB URL HTTP/2 mc.yandex.ru/metrika/watch.js
IP 87.250.251.119:0
File type Unicode text, UTF-8 (with BOM) text, with very long lines (554)
Hash 315a601116a9b3b0fbc85feb58375ba4
5d283ed923d0b3beb8a2ec4e80c2958d1d132fbf
251ba0fc04953e3615e7c19a9a10c5d6a4f25cc03bef190f8a5e7c6cd72a991a
GET /metrika/watch.js HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://yastatic.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 58140
date: Sun, 29 Jan 2023 00:47:54 GMT
access-control-allow-origin: *
etag: "63c93a4b-e31c"
expires: Sun, 29 Jan 2023 01:47:54 GMT
last-modified: Thu, 19 Jan 2023 15:40:43 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cache-control: max-age=3600
content-type: application/javascript
content-encoding: br
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 088d5aaa89319f1c6aed26c571993f13
5f8447ffddafe1dd092ba2dfc8777b83e7d228bf
7b26a998ea0d466614c8075d57faf034b46477ed1dd9185107ab4323f3018905
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 29 Jan 2023 00:47:55 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
an.yandex.ru/tracking/WUyejI_zO3O1BGy0r1e00000zB17rmK0DW8nESBLOm00000ubE3C0M2y26W4W06qqfsfticZZak80PUszjcV0P01bFsQnUE0W802c06K_Ph5OxW1eDN_YIRO0TwCogq1u07YjE-i0PW2g8U-0w02hgtl0T1sw0JH1FW4XUSGY0MeyWMG1ONd4A05e905g0NmeWIm1V2Y1BW5yA84m0N8qGd81S-v0k05Tw06xW6e1ku1oGOvsbBUFUr1Rwa78mi5d4dVrWAu1xG6me201kW9E4sTcMa20K282mYg2n0eFQ_J8mi102l6st9SymK0WO20W8W4WPqJ-0wHh9ge2QWFevQKkfhfj-i2W12ln8qdmA8IW1I0e884g1I5vn07q1GDs1JpsjEU1k0K0TWMrlVlsTh3kut10O4Nc1Urljymq1VGXWFO5wsbF-0NW9B2dGRG627u6C6AzkoZZxpyOu0Pk1e1WXmDKaD5Ea4rLNPKLMDcD-aSW1r_q1xmbDtipDQkfcZO7lhQ7g0VhyID9x0V0SWVhuRbLj8V1ZSnCZOoEU0W0T0X_m7L8l__V_-18m3mFuaZcfcPcPcPsJyG042WuwHCZBHG8FUkGZ02oQ0a8p7ePRuUpPjRWP2O2LK7JUNHBwi41WRsmxsiftE9KXSPF0C0~1?action-id=0&adsdk-bundle-version=712202&adsdk-bundle-name=AdLoader&adsdk-container-visibility=100&adsdk-container-width=233&adsdk-container-height=152&video-avatar-width=233&video-avatar-height=131&ad-session-id=1164051674953277186&vsid=26121fa2e6bd8e93d10da42d0b3efc3c79fd0ce9e3f1xVASx2629x1674953277&top-ancestor=https%3A%2F%2Fgoo.su&top-ancestor-undetermined=0&client-ts=1674953279243&client-timezone-offset=0&viewability-undetermined=0&video-volume=100&video-muted=1&pcode-active-testids=712202%2C0%2C87%3B709027%2C0%2C49&document-has-focus=true&is-fullscreen=false&ad-pod-id=a34sdf%3B1125286871%3B0%3Bff440f270d7cc146%3B204596340523862819%3B0%3B1677322%3B4%3B0&product-theme=unknown&layout-config=%7B%22win_width%22%3A1280%2C%22win_height%22%3A1024%2C%22pixel_ratio%22%3A1%2C%22bandwidth%22%3A-1%2C%22width%22%3A233%2C%22height%22%3A152%2C%22w%22%3A233%2C%22h%22%3A152%2C%22left%22%3A-1%2C%22top%22%3A656%2C%22visible%22%3A1%2C%22req_no%22%3A1%7D
87.250.250.90200 OK 491 B URL HTTP/2 an.yandex.ru/tracking/WUyejI_zO3O1BGy0r1e00000zB17rmK0DW8nESBLOm00000ubE3C0M2y26W4W06qqfsfticZZak80PUszjcV0P01bFsQnUE0W802c06K_Ph5OxW1eDN_YIRO0TwCogq1u07YjE-i0PW2g8U-0w02hgtl0T1sw0JH1FW4XUSGY0MeyWMG1ONd4A05e905g0NmeWIm1V2Y1BW5yA84m0N8qGd81S-v0k05Tw06xW6e1ku1oGOvsbBUFUr1Rwa78mi5d4dVrWAu1xG6me201kW9E4sTcMa20K282mYg2n0eFQ_J8mi102l6st9SymK0WO20W8W4WPqJ-0wHh9ge2QWFevQKkfhfj-i2W12ln8qdmA8IW1I0e884g1I5vn07q1GDs1JpsjEU1k0K0TWMrlVlsTh3kut10O4Nc1Urljymq1VGXWFO5wsbF-0NW9B2dGRG627u6C6AzkoZZxpyOu0Pk1e1WXmDKaD5Ea4rLNPKLMDcD-aSW1r_q1xmbDtipDQkfcZO7lhQ7g0VhyID9x0V0SWVhuRbLj8V1ZSnCZOoEU0W0T0X_m7L8l__V_-18m3mFuaZcfcPcPcPsJyG042WuwHCZBHG8FUkGZ02oQ0a8p7ePRuUpPjRWP2O2LK7JUNHBwi41WRsmxsiftE9KXSPF0C0~1?action-id=0&adsdk-bundle-version=712202&adsdk-bundle-name=AdLoader&adsdk-container-visibility=100&adsdk-container-width=233&adsdk-container-height=152&video-avatar-width=233&video-avatar-height=131&ad-session-id=1164051674953277186&vsid=26121fa2e6bd8e93d10da42d0b3efc3c79fd0ce9e3f1xVASx2629x1674953277&top-ancestor=https%3A%2F%2Fgoo.su&top-ancestor-undetermined=0&client-ts=1674953279243&client-timezone-offset=0&viewability-undetermined=0&video-volume=100&video-muted=1&pcode-active-testids=712202%2C0%2C87%3B709027%2C0%2C49&document-has-focus=true&is-fullscreen=false&ad-pod-id=a34sdf%3B1125286871%3B0%3Bff440f270d7cc146%3B204596340523862819%3B0%3B1677322%3B4%3B0&product-theme=unknown&layout-config=%7B%22win_width%22%3A1280%2C%22win_height%22%3A1024%2C%22pixel_ratio%22%3A1%2C%22bandwidth%22%3A-1%2C%22width%22%3A233%2C%22height%22%3A152%2C%22w%22%3A233%2C%22h%22%3A152%2C%22left%22%3A-1%2C%22top%22%3A656%2C%22visible%22%3A1%2C%22req_no%22%3A1%7D
IP 87.250.250.90:0
Hash 7d0cdd4c01e6953667f63a61f8401a72
4b119d10444d948d3435ab52411c78557bdf884a
e05fcb27eaf199e11a0a5ab37ae0036be0446bd197c3ebb53dda3c1a17117ee6
POST /tracking/WUyejI_zO3O1BGy0r1e00000zB17rmK0DW8nESBLOm00000ubE3C0M2y26W4W06qqfsfticZZak80PUszjcV0P01bFsQnUE0W802c06K_Ph5OxW1eDN_YIRO0TwCogq1u07YjE-i0PW2g8U-0w02hgtl0T1sw0JH1FW4XUSGY0MeyWMG1ONd4A05e905g0NmeWIm1V2Y1BW5yA84m0N8qGd81S-v0k05Tw06xW6e1ku1oGOvsbBUFUr1Rwa78mi5d4dVrWAu1xG6me201kW9E4sTcMa20K282mYg2n0eFQ_J8mi102l6st9SymK0WO20W8W4WPqJ-0wHh9ge2QWFevQKkfhfj-i2W12ln8qdmA8IW1I0e884g1I5vn07q1GDs1JpsjEU1k0K0TWMrlVlsTh3kut10O4Nc1Urljymq1VGXWFO5wsbF-0NW9B2dGRG627u6C6AzkoZZxpyOu0Pk1e1WXmDKaD5Ea4rLNPKLMDcD-aSW1r_q1xmbDtipDQkfcZO7lhQ7g0VhyID9x0V0SWVhuRbLj8V1ZSnCZOoEU0W0T0X_m7L8l__V_-18m3mFuaZcfcPcPcPsJyG042WuwHCZBHG8FUkGZ02oQ0a8p7ePRuUpPjRWP2O2LK7JUNHBwi41WRsmxsiftE9KXSPF0C0~1?action-id=0&adsdk-bundle-version=712202&adsdk-bundle-name=AdLoader&adsdk-container-visibility=100&adsdk-container-width=233&adsdk-container-height=152&video-avatar-width=233&video-avatar-height=131&ad-session-id=1164051674953277186&vsid=26121fa2e6bd8e93d10da42d0b3efc3c79fd0ce9e3f1xVASx2629x1674953277&top-ancestor=https%3A%2F%2Fgoo.su&top-ancestor-undetermined=0&client-ts=1674953279243&client-timezone-offset=0&viewability-undetermined=0&video-volume=100&video-muted=1&pcode-active-testids=712202%2C0%2C87%3B709027%2C0%2C49&document-has-focus=true&is-fullscreen=false&ad-pod-id=a34sdf%3B1125286871%3B0%3Bff440f270d7cc146%3B204596340523862819%3B0%3B1677322%3B4%3B0&product-theme=unknown&layout-config=%7B%22win_width%22%3A1280%2C%22win_height%22%3A1024%2C%22pixel_ratio%22%3A1%2C%22bandwidth%22%3A-1%2C%22width%22%3A233%2C%22height%22%3A152%2C%22w%22%3A233%2C%22h%22%3A152%2C%22left%22%3A-1%2C%22top%22%3A656%2C%22visible%22%3A1%2C%22req_no%22%3A1%7D HTTP/1.1
Host: an.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://goo.su
Connection: keep-alive
Referer: https://goo.su/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
TE: trailers
HTTP/2 200 OK
timing-allow-origin: *
date: Sun, 29 Jan 2023 00:47:54 GMT
access-control-allow-origin: https://goo.su
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Sun, 29 Jan 2023 00:47:54 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
last-modified: Sun, 29 Jan 2023 00:47:54 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-encoding: gzip
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 088d5aaa89319f1c6aed26c571993f13
5f8447ffddafe1dd092ba2dfc8777b83e7d228bf
7b26a998ea0d466614c8075d57faf034b46477ed1dd9185107ab4323f3018905
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 29 Jan 2023 00:47:55 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
mc.yandex.ru/metrika/advert.gif
87.250.251.119200 OK 43 B URL HTTP/2 mc.yandex.ru/metrika/advert.gif
IP 87.250.251.119:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash df3e567d6f16d040326c7a0ea29a4f41
ea7df583983133b62712b5e73bffbcd45cc53736
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
GET /metrika/advert.gif HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://yastatic.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 43
date: Sun, 29 Jan 2023 00:47:55 GMT
access-control-allow-origin: *
etag: "63c93a4b-2b"
expires: Sun, 29 Jan 2023 01:47:55 GMT
accept-ranges: bytes
last-modified: Thu, 19 Jan 2023 15:40:43 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cache-control: max-age=3600
content-type: image/gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
www.googleadservices.com/pagead/conversion/1014923426/?label=eA9lCJXGrmMQooH64wM&value=0&script=0
142.250.74.34302 Found 42 B URL HTTP/2 www.googleadservices.com/pagead/conversion/1014923426/?label=eA9lCJXGrmMQooH64wM&value=0&script=0
IP 142.250.74.34:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pagead/conversion/1014923426/?label=eA9lCJXGrmMQooH64wM&value=0&script=0 HTTP/1.1
Host: www.googleadservices.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://yastatic.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sun, 29 Jan 2023 00:47:55 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: image/gif
location: https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1014923426/?label=eA9lCJXGrmMQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=O8LVY7SpCNOZ78EP9PeE2AQ&random=1403051199&sscte=1&crd=
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.googleadservices.com/pagead/conversion/1014923426/?label=uXlUCLqxpmMQooH64wM&value=0&script=0
142.250.74.34302 Found 42 B URL HTTP/2 www.googleadservices.com/pagead/conversion/1014923426/?label=uXlUCLqxpmMQooH64wM&value=0&script=0
IP 142.250.74.34:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pagead/conversion/1014923426/?label=uXlUCLqxpmMQooH64wM&value=0&script=0 HTTP/1.1
Host: www.googleadservices.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://yastatic.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sun, 29 Jan 2023 00:47:55 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: image/gif
location: https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1014923426/?label=uXlUCLqxpmMQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=O8LVY9nCCP2Q78EPmcSMiA4&random=1035563750&sscte=1&crd=
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.googleadservices.com/pagead/conversion_async.js
142.250.74.34200 OK 15 kB URL HTTP/2 www.googleadservices.com/pagead/conversion_async.js
IP 142.250.74.34:0
File type ASCII text, with very long lines (1654)
Hash 22eaa6491556c40c984bed61ff9892b5
253ec7921f896fab2d49656208b10d2a227c82de
f690af44bc7bb9724442c2f52648ce1c8365cc6010cc0af574f5e0dcddf7ee7f
GET /pagead/conversion_async.js HTTP/1.1
Host: www.googleadservices.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://yastatic.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Sun, 29 Jan 2023 00:47:55 GMT
expires: Sun, 29 Jan 2023 00:47:55 GMT
cache-control: private, max-age=3600
content-type: text/javascript; charset=UTF-8
etag: 8608601048380966470
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 15164
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 088d5aaa89319f1c6aed26c571993f13
5f8447ffddafe1dd092ba2dfc8777b83e7d228bf
7b26a998ea0d466614c8075d57faf034b46477ed1dd9185107ab4323f3018905
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 29 Jan 2023 00:47:55 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
mc.yandex.ru/watch/3/1?wmode=7&page-url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.83%2F1-1-0%2Frender.html&page-ref=https%3A%2F%2Fgoo.su%2F&charset=utf-8&browser-info=pv%3A1%3Avf%3A3kqlg6e9sjiwxr6f2njdv%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A960%3Acn%3A1%3Adp%3A0%3Als%3A1150883682463%3Ahid%3A433393196%3Az%3A0%3Ai%3A20230129004800%3Aet%3A1674953280%3Arn%3A913103916%3Arqn%3A1%3Au%3A1674953280452368868%3Aw%3A1x1%3As%3A1280x1024x24%3Ask%3A1%3Aifr%3A1%3Ads%3A0%2C0%2C19%2C1%2C%2C0%2C%2C34%2C1%2C472%2C472%2C1%2C63%3Aco%3A0%3Ans%3A1674953277830%3Ast%3A1674953280&t=clc%280-0-0%29rqnt%281%29aw%281%29ti%282%29
87.250.251.119200 OK 236 B URL HTTP/2 mc.yandex.ru/watch/3/1?wmode=7&page-url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.83%2F1-1-0%2Frender.html&page-ref=https%3A%2F%2Fgoo.su%2F&charset=utf-8&browser-info=pv%3A1%3Avf%3A3kqlg6e9sjiwxr6f2njdv%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A960%3Acn%3A1%3Adp%3A0%3Als%3A1150883682463%3Ahid%3A433393196%3Az%3A0%3Ai%3A20230129004800%3Aet%3A1674953280%3Arn%3A913103916%3Arqn%3A1%3Au%3A1674953280452368868%3Aw%3A1x1%3As%3A1280x1024x24%3Ask%3A1%3Aifr%3A1%3Ads%3A0%2C0%2C19%2C1%2C%2C0%2C%2C34%2C1%2C472%2C472%2C1%2C63%3Aco%3A0%3Ans%3A1674953277830%3Ast%3A1674953280&t=clc%280-0-0%29rqnt%281%29aw%281%29ti%282%29
IP 87.250.251.119:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 1abfa182df30d03cca76ed4a43a64596
3f85b6a7b125d357bdd4c6307901ee074ee5f956
020624fd71f32b8e6301e707fe7444128e9b0864be90f0389cc0dc15c2acc81c
GET /watch/3/1?wmode=7&page-url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.83%2F1-1-0%2Frender.html&page-ref=https%3A%2F%2Fgoo.su%2F&charset=utf-8&browser-info=pv%3A1%3Avf%3A3kqlg6e9sjiwxr6f2njdv%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A960%3Acn%3A1%3Adp%3A0%3Als%3A1150883682463%3Ahid%3A433393196%3Az%3A0%3Ai%3A20230129004800%3Aet%3A1674953280%3Arn%3A913103916%3Arqn%3A1%3Au%3A1674953280452368868%3Aw%3A1x1%3As%3A1280x1024x24%3Ask%3A1%3Aifr%3A1%3Ads%3A0%2C0%2C19%2C1%2C%2C0%2C%2C34%2C1%2C472%2C472%2C1%2C63%3Aco%3A0%3Ans%3A1674953277830%3Ast%3A1674953280&t=clc%280-0-0%29rqnt%281%29aw%281%29ti%282%29 HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://yastatic.net
Referer: https://yastatic.net/
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 236
date: Sun, 29 Jan 2023 00:47:55 GMT
x-content-type-options: nosniff
access-control-allow-origin: https://yastatic.net
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Sun, 29-Jan-2023 00:47:55 GMT
last-modified: Sun, 29-Jan-2023 00:47:55 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: application/json; charset=utf-8
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
www.google.no/pagead/1p-user-list/1014923426/?label=uXlUCLqxpmMQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&random=1035563750&crd=&is_vtc=1&random=931433294&ipr=y
142.250.74.131200 OK 42 B URL HTTP/2 www.google.no/pagead/1p-user-list/1014923426/?label=uXlUCLqxpmMQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&random=1035563750&crd=&is_vtc=1&random=931433294&ipr=y
IP 142.250.74.131:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pagead/1p-user-list/1014923426/?label=uXlUCLqxpmMQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&random=1035563750&crd=&is_vtc=1&random=931433294&ipr=y HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://yastatic.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sun, 29 Jan 2023 00:47:55 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.google.no/pagead/1p-user-list/947884341/?random=1674953280212&cv=9&fst=1674950400000&num=1&guid=ON&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&sendb=1&data=extensions%3D%3BfromGoogle%3Dfalse%3BfromCancel%3Dfalse%3Bloyal%3D0%3Bsbscrb%3D%3Bp%3D%3Bb%3D%3Bfresh%3D%3Binfected%3D%3Bslow%3D%3Bos%3Dwindows%3Bbrowser%3Dfirefox%3Bwinxp%3Dfalse%3Bold%3Dactual&frm=2&url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.83%2F1-1-0%2Frender.html&ref=https%3A%2F%2Fgoo.su%2F&async=1&fmt=3&is_vtc=1&random=3912713091&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
142.250.74.131200 OK 42 B URL HTTP/2 www.google.no/pagead/1p-user-list/947884341/?random=1674953280212&cv=9&fst=1674950400000&num=1&guid=ON&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&sendb=1&data=extensions%3D%3BfromGoogle%3Dfalse%3BfromCancel%3Dfalse%3Bloyal%3D0%3Bsbscrb%3D%3Bp%3D%3Bb%3D%3Bfresh%3D%3Binfected%3D%3Bslow%3D%3Bos%3Dwindows%3Bbrowser%3Dfirefox%3Bwinxp%3Dfalse%3Bold%3Dactual&frm=2&url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.83%2F1-1-0%2Frender.html&ref=https%3A%2F%2Fgoo.su%2F&async=1&fmt=3&is_vtc=1&random=3912713091&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
IP 142.250.74.131:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pagead/1p-user-list/947884341/?random=1674953280212&cv=9&fst=1674950400000&num=1&guid=ON&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&sendb=1&data=extensions%3D%3BfromGoogle%3Dfalse%3BfromCancel%3Dfalse%3Bloyal%3D0%3Bsbscrb%3D%3Bp%3D%3Bb%3D%3Bfresh%3D%3Binfected%3D%3Bslow%3D%3Bos%3Dwindows%3Bbrowser%3Dfirefox%3Bwinxp%3Dfalse%3Bold%3Dactual&frm=2&url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.83%2F1-1-0%2Frender.html&ref=https%3A%2F%2Fgoo.su%2F&async=1&fmt=3&is_vtc=1&random=3912713091&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://yastatic.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sun, 29 Jan 2023 00:47:55 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.google.no/pagead/1p-user-list/693627671/?random=1674953280215&cv=9&fst=1674950400000&num=1&guid=ON&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&sendb=1&data=extensions%3D%3BfromGoogle%3Dfalse%3BfromCancel%3Dfalse%3Bloyal%3D0%3Bsbscrb%3D%3Bp%3D%3Bb%3D%3Bfresh%3D%3Binfected%3D%3Bslow%3D%3Bos%3Dwindows%3Bbrowser%3Dfirefox%3Bwinxp%3Dfalse%3Bold%3Dactual&frm=2&url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.83%2F1-1-0%2Frender.html&ref=https%3A%2F%2Fgoo.su%2F&async=1&fmt=3&is_vtc=1&random=1779288733&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
142.250.74.131200 OK 42 B URL HTTP/2 www.google.no/pagead/1p-user-list/693627671/?random=1674953280215&cv=9&fst=1674950400000&num=1&guid=ON&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&sendb=1&data=extensions%3D%3BfromGoogle%3Dfalse%3BfromCancel%3Dfalse%3Bloyal%3D0%3Bsbscrb%3D%3Bp%3D%3Bb%3D%3Bfresh%3D%3Binfected%3D%3Bslow%3D%3Bos%3Dwindows%3Bbrowser%3Dfirefox%3Bwinxp%3Dfalse%3Bold%3Dactual&frm=2&url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.83%2F1-1-0%2Frender.html&ref=https%3A%2F%2Fgoo.su%2F&async=1&fmt=3&is_vtc=1&random=1779288733&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
IP 142.250.74.131:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pagead/1p-user-list/693627671/?random=1674953280215&cv=9&fst=1674950400000&num=1&guid=ON&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&sendb=1&data=extensions%3D%3BfromGoogle%3Dfalse%3BfromCancel%3Dfalse%3Bloyal%3D0%3Bsbscrb%3D%3Bp%3D%3Bb%3D%3Bfresh%3D%3Binfected%3D%3Bslow%3D%3Bos%3Dwindows%3Bbrowser%3Dfirefox%3Bwinxp%3Dfalse%3Bold%3Dactual&frm=2&url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.83%2F1-1-0%2Frender.html&ref=https%3A%2F%2Fgoo.su%2F&async=1&fmt=3&is_vtc=1&random=1779288733&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://yastatic.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sun, 29 Jan 2023 00:47:55 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.google.no/pagead/1p-user-list/693627671/?random=1674953280198&cv=9&fst=1674950400000&num=1&guid=ON&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&sendb=1&data=extensions%3D%3BfromGoogle%3Dfalse%3BfromCancel%3Dfalse%3Bloyal%3D0%3Bsbscrb%3D%3Bp%3D%3Bb%3D%3Bfresh%3D%3Binfected%3D%3Bslow%3D%3Bos%3Dwindows%3Bbrowser%3Dfirefox%3Bwinxp%3Dfalse%3Bold%3Dactual&frm=2&url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.83%2F1-1-0%2Frender.html&ref=https%3A%2F%2Fgoo.su%2F&async=1&fmt=3&is_vtc=1&random=752669675&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
142.250.74.131200 OK 42 B URL HTTP/2 www.google.no/pagead/1p-user-list/693627671/?random=1674953280198&cv=9&fst=1674950400000&num=1&guid=ON&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&sendb=1&data=extensions%3D%3BfromGoogle%3Dfalse%3BfromCancel%3Dfalse%3Bloyal%3D0%3Bsbscrb%3D%3Bp%3D%3Bb%3D%3Bfresh%3D%3Binfected%3D%3Bslow%3D%3Bos%3Dwindows%3Bbrowser%3Dfirefox%3Bwinxp%3Dfalse%3Bold%3Dactual&frm=2&url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.83%2F1-1-0%2Frender.html&ref=https%3A%2F%2Fgoo.su%2F&async=1&fmt=3&is_vtc=1&random=752669675&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
IP 142.250.74.131:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pagead/1p-user-list/693627671/?random=1674953280198&cv=9&fst=1674950400000&num=1&guid=ON&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&sendb=1&data=extensions%3D%3BfromGoogle%3Dfalse%3BfromCancel%3Dfalse%3Bloyal%3D0%3Bsbscrb%3D%3Bp%3D%3Bb%3D%3Bfresh%3D%3Binfected%3D%3Bslow%3D%3Bos%3Dwindows%3Bbrowser%3Dfirefox%3Bwinxp%3Dfalse%3Bold%3Dactual&frm=2&url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.83%2F1-1-0%2Frender.html&ref=https%3A%2F%2Fgoo.su%2F&async=1&fmt=3&is_vtc=1&random=752669675&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://yastatic.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sun, 29 Jan 2023 00:47:55 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.google.no/pagead/1p-user-list/1014923426/?label=eA9lCJXGrmMQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&random=1403051199&crd=&is_vtc=1&random=2684554821&ipr=y
142.250.74.131200 OK 42 B URL HTTP/2 www.google.no/pagead/1p-user-list/1014923426/?label=eA9lCJXGrmMQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&random=1403051199&crd=&is_vtc=1&random=2684554821&ipr=y
IP 142.250.74.131:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pagead/1p-user-list/1014923426/?label=eA9lCJXGrmMQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&random=1403051199&crd=&is_vtc=1&random=2684554821&ipr=y HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://yastatic.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sun, 29 Jan 2023 00:47:55 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.google.no/pagead/1p-user-list/947884341/?random=1674953280194&cv=9&fst=1674950400000&num=1&guid=ON&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&sendb=1&data=extensions%3D%3BfromGoogle%3Dfalse%3BfromCancel%3Dfalse%3Bloyal%3D0%3Bsbscrb%3D%3Bp%3D%3Bb%3D%3Bfresh%3D%3Binfected%3D%3Bslow%3D%3Bos%3Dwindows%3Bbrowser%3Dfirefox%3Bwinxp%3Dfalse%3Bold%3Dactual&frm=2&url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.83%2F1-1-0%2Frender.html&ref=https%3A%2F%2Fgoo.su%2F&async=1&fmt=3&is_vtc=1&random=1866943380&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
142.250.74.131200 OK 42 B URL HTTP/2 www.google.no/pagead/1p-user-list/947884341/?random=1674953280194&cv=9&fst=1674950400000&num=1&guid=ON&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&sendb=1&data=extensions%3D%3BfromGoogle%3Dfalse%3BfromCancel%3Dfalse%3Bloyal%3D0%3Bsbscrb%3D%3Bp%3D%3Bb%3D%3Bfresh%3D%3Binfected%3D%3Bslow%3D%3Bos%3Dwindows%3Bbrowser%3Dfirefox%3Bwinxp%3Dfalse%3Bold%3Dactual&frm=2&url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.83%2F1-1-0%2Frender.html&ref=https%3A%2F%2Fgoo.su%2F&async=1&fmt=3&is_vtc=1&random=1866943380&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
IP 142.250.74.131:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pagead/1p-user-list/947884341/?random=1674953280194&cv=9&fst=1674950400000&num=1&guid=ON&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&sendb=1&data=extensions%3D%3BfromGoogle%3Dfalse%3BfromCancel%3Dfalse%3Bloyal%3D0%3Bsbscrb%3D%3Bp%3D%3Bb%3D%3Bfresh%3D%3Binfected%3D%3Bslow%3D%3Bos%3Dwindows%3Bbrowser%3Dfirefox%3Bwinxp%3Dfalse%3Bold%3Dactual&frm=2&url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.83%2F1-1-0%2Frender.html&ref=https%3A%2F%2Fgoo.su%2F&async=1&fmt=3&is_vtc=1&random=1866943380&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://yastatic.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sun, 29 Jan 2023 00:47:55 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
an.yandex.ru/count/WNeejI_zOEq0XGi011DE--XNkKOmymK0xG4GW8200J4umjLZ000003YKuCm1Y081kG84754Xdf-1Ll02ohNmj0ZGTl050Q06xW791ZXwFZhB3zI61ICBBGWatzO2-0S1q0Y2W8200bPet1aZ2m40uM3ISbppy0iAu0s2W821W820Y0Ie3wEMrEN1vBVh0f0GrlVlsTh3kut10RIDZBu-u1G1y1N1YlRieu-y_6EW5f2bpfu6oHRmFzWMWHUe5mtG627u68ZsuAZPZSUIUe0PYHaAcBWP____0S0Pj_Jddwta_SqZqXaIUM5YSrzpPN9sPN8lSZStEIqow1cH0V0PgmUO6jJ3Kx0RIBWR0u8S3L93HJemTdHpL5LZPZVf780T_t-080A880pG8V___m7L8l__V_-18m0000000F0_4m0o0scOCH4yEVax6kAEt0Wbv92cuvqh4qFtcW-WNpEUge_AGXcf_EZQEHIMgEQetZcAmMKR7ZRiv6CPsmC0~1=WMGejI_zO8W0rGe0j1FWMVBNY06dkVhvai7Yy0600G680UNQewAU0P01rgMlbkA0W802c07MfQ-MOhW1bBFA-2NO0Ugxvwm1u07En-wc0UW1gWFu0UYBthu1e0AE-eK1i0C2cWA81SMW3905mx1gi0NgXHku1Ug56y05tVPoo0M2d1tG1Tte2gW6xW6f1oCBBGWatzO2k0U01U07XWhG2Bg8W872We06u0Y7_KBe2GU02W7u2e2r6EWCamAO3TAMCi2m480KW8201D0KcURLM-WKZ0AW5f2bpfu6oHRG5kYBthu1c1UmlOelk1S1m1UrrW6W6Uu1k1d___y1WHh__sEvYk38owWU0R0V0SWVzTspLgaWd7ierFo-xZ-u8DxTATKY__z__u4ZYIEQcPcPcPdPFv0ZixAscCRVbyvSc2FYwFMPhP7Opse80D45WUUkCPAAu8JXi4XCptcVLCQJ48XFC4F00G00~1=WO4ejI_zOAm0lGi0L1MA0moTh06ux8UJulRAhlK1W078Yyg0s_t9iFq1Y065fvMiWG6G0QwEeiBKW8200fW1eewYmbIu0PIykAKZs07udQQV0U01eAhU5kW1eWFu0SR7thu1e0AKleaPe0C4i0C2zm681PoT2f05jPiEi0N8pWEu1SZE0y05_DGLo0N_m0NG1OEv0QW6xW6f1oCBBGWatzO2k0Uq1k07XiA0W0RW28hVn0pe2GU02W7u2e2r6EWCamAO3TAMCi2maeA0582WW0JG5FVCmsle58m2e1QGfSwU1iaMq1R6nzw-0PWNY9FN6RWN0S0NjTO1e1dk0RWP____0VWPfTs67e4Q___NPXzX6UIW6gBNsR7maklwmW6e7hzmi1y2o1_yZjDFgI0wNE3n4pVbFxWWtjqfrIB__t__WIE98vgPcPcPcTa_a2FfdlMvmBIfxb2O8wxPwlAGy9h-GWa011mahhnZrBC8aXWEwqakoRekwPJ9qC4MUzOds2RW~1=WLWejI_zO800TGe011CMvXAvW06ihPhPdiJzoie1W041Y06MdB7jdW6G0PY7ak3YW8200fW1c8UIu6Au0QpbjeCcs078wAMj0U01dBQQh07e0NBu0UhOthu1e0BwjAKRe0C6i0C2w0JE0eW5lT06a0Nsa0Um1UQp0hW5vhC2m0N5W0V81QEk0j05wroe1ku1gGSZ2oq89D_M0hW7W0NW1wGFmeA01k08lThI3UW91u0A0UWCamAO3TAMCi2ma8A84W6G4W7G58RkYO01w1IC0g0MaANEdWR95l0_q1RiyTw-0PWNqT79CBWN0S0NjTO1e1dk0RWP____0O4Q__yxfnHGHwwe7W6m7mF87wJqqbQf809yqp6k1_0_k23UtIdL8l__V_-18uaZcfcPcPcPsJ-G8v3CpCkGavJFam6O201VfaKN1FQwXdEK64QEN9B3N78urCuO1Ti47000~1?stat-id=1&test-tag=521718267435569&banner-sizes=eyI3MjA1NzYwNzIxNDcyMTM4NyI6IjQxOXgxMDAiLCI3MjA1NzYwNTM4MTcwMjU1MSI6IjQxOXgxMDAiLCI3MjA1NzYwNzI5MjA3NjQ5MiI6IjQxOXgxMDAifQ%3D%3D&format-type=118&actual-format=10&pcodever=712629&banner-test-tags=eyI3MjA1NzYwNzIxNDcyMTM4NyI6IjU3MzYxIiwiNzIwNTc2MDUzODE3MDI1NTEiOiI0MzgyNzcwIiwiNzIwNTc2MDcyOTIwNzY0OTIiOiI1NzM2MyJ9&pcode-active-testids=710490%2C0%2C92%3B709027%2C0%2C49&width=1268&height=100&confirmTime=2100000&confirmRatio=1000000&wmode=0
87.250.250.90302 Found 659 B URL HTTP/2 an.yandex.ru/count/WNeejI_zOEq0XGi011DE--XNkKOmymK0xG4GW8200J4umjLZ000003YKuCm1Y081kG84754Xdf-1Ll02ohNmj0ZGTl050Q06xW791ZXwFZhB3zI61ICBBGWatzO2-0S1q0Y2W8200bPet1aZ2m40uM3ISbppy0iAu0s2W821W820Y0Ie3wEMrEN1vBVh0f0GrlVlsTh3kut10RIDZBu-u1G1y1N1YlRieu-y_6EW5f2bpfu6oHRmFzWMWHUe5mtG627u68ZsuAZPZSUIUe0PYHaAcBWP____0S0Pj_Jddwta_SqZqXaIUM5YSrzpPN9sPN8lSZStEIqow1cH0V0PgmUO6jJ3Kx0RIBWR0u8S3L93HJemTdHpL5LZPZVf780T_t-080A880pG8V___m7L8l__V_-18m0000000F0_4m0o0scOCH4yEVax6kAEt0Wbv92cuvqh4qFtcW-WNpEUge_AGXcf_EZQEHIMgEQetZcAmMKR7ZRiv6CPsmC0~1=WMGejI_zO8W0rGe0j1FWMVBNY06dkVhvai7Yy0600G680UNQewAU0P01rgMlbkA0W802c07MfQ-MOhW1bBFA-2NO0Ugxvwm1u07En-wc0UW1gWFu0UYBthu1e0AE-eK1i0C2cWA81SMW3905mx1gi0NgXHku1Ug56y05tVPoo0M2d1tG1Tte2gW6xW6f1oCBBGWatzO2k0U01U07XWhG2Bg8W872We06u0Y7_KBe2GU02W7u2e2r6EWCamAO3TAMCi2m480KW8201D0KcURLM-WKZ0AW5f2bpfu6oHRG5kYBthu1c1UmlOelk1S1m1UrrW6W6Uu1k1d___y1WHh__sEvYk38owWU0R0V0SWVzTspLgaWd7ierFo-xZ-u8DxTATKY__z__u4ZYIEQcPcPcPdPFv0ZixAscCRVbyvSc2FYwFMPhP7Opse80D45WUUkCPAAu8JXi4XCptcVLCQJ48XFC4F00G00~1=WO4ejI_zOAm0lGi0L1MA0moTh06ux8UJulRAhlK1W078Yyg0s_t9iFq1Y065fvMiWG6G0QwEeiBKW8200fW1eewYmbIu0PIykAKZs07udQQV0U01eAhU5kW1eWFu0SR7thu1e0AKleaPe0C4i0C2zm681PoT2f05jPiEi0N8pWEu1SZE0y05_DGLo0N_m0NG1OEv0QW6xW6f1oCBBGWatzO2k0Uq1k07XiA0W0RW28hVn0pe2GU02W7u2e2r6EWCamAO3TAMCi2maeA0582WW0JG5FVCmsle58m2e1QGfSwU1iaMq1R6nzw-0PWNY9FN6RWN0S0NjTO1e1dk0RWP____0VWPfTs67e4Q___NPXzX6UIW6gBNsR7maklwmW6e7hzmi1y2o1_yZjDFgI0wNE3n4pVbFxWWtjqfrIB__t__WIE98vgPcPcPcTa_a2FfdlMvmBIfxb2O8wxPwlAGy9h-GWa011mahhnZrBC8aXWEwqakoRekwPJ9qC4MUzOds2RW~1=WLWejI_zO800TGe011CMvXAvW06ihPhPdiJzoie1W041Y06MdB7jdW6G0PY7ak3YW8200fW1c8UIu6Au0QpbjeCcs078wAMj0U01dBQQh07e0NBu0UhOthu1e0BwjAKRe0C6i0C2w0JE0eW5lT06a0Nsa0Um1UQp0hW5vhC2m0N5W0V81QEk0j05wroe1ku1gGSZ2oq89D_M0hW7W0NW1wGFmeA01k08lThI3UW91u0A0UWCamAO3TAMCi2ma8A84W6G4W7G58RkYO01w1IC0g0MaANEdWR95l0_q1RiyTw-0PWNqT79CBWN0S0NjTO1e1dk0RWP____0O4Q__yxfnHGHwwe7W6m7mF87wJqqbQf809yqp6k1_0_k23UtIdL8l__V_-18uaZcfcPcPcPsJ-G8v3CpCkGavJFam6O201VfaKN1FQwXdEK64QEN9B3N78urCuO1Ti47000~1?stat-id=1&test-tag=521718267435569&banner-sizes=eyI3MjA1NzYwNzIxNDcyMTM4NyI6IjQxOXgxMDAiLCI3MjA1NzYwNTM4MTcwMjU1MSI6IjQxOXgxMDAiLCI3MjA1NzYwNzI5MjA3NjQ5MiI6IjQxOXgxMDAifQ%3D%3D&format-type=118&actual-format=10&pcodever=712629&banner-test-tags=eyI3MjA1NzYwNzIxNDcyMTM4NyI6IjU3MzYxIiwiNzIwNTc2MDUzODE3MDI1NTEiOiI0MzgyNzcwIiwiNzIwNTc2MDcyOTIwNzY0OTIiOiI1NzM2MyJ9&pcode-active-testids=710490%2C0%2C92%3B709027%2C0%2C49&width=1268&height=100&confirmTime=2100000&confirmRatio=1000000&wmode=0
IP 87.250.250.90:0
Hash 11e3bd0dfed07613a4d028d2be98d489
a2ba020c901e59c5bfa840957961d7d8d7e61dc3
f304b009f49c93cd23c54e95d64340a536ab3f25e2992b78a48fbf33fe63a90c
GET /count/WNeejI_zOEq0XGi011DE--XNkKOmymK0xG4GW8200J4umjLZ000003YKuCm1Y081kG84754Xdf-1Ll02ohNmj0ZGTl050Q06xW791ZXwFZhB3zI61ICBBGWatzO2-0S1q0Y2W8200bPet1aZ2m40uM3ISbppy0iAu0s2W821W820Y0Ie3wEMrEN1vBVh0f0GrlVlsTh3kut10RIDZBu-u1G1y1N1YlRieu-y_6EW5f2bpfu6oHRmFzWMWHUe5mtG627u68ZsuAZPZSUIUe0PYHaAcBWP____0S0Pj_Jddwta_SqZqXaIUM5YSrzpPN9sPN8lSZStEIqow1cH0V0PgmUO6jJ3Kx0RIBWR0u8S3L93HJemTdHpL5LZPZVf780T_t-080A880pG8V___m7L8l__V_-18m0000000F0_4m0o0scOCH4yEVax6kAEt0Wbv92cuvqh4qFtcW-WNpEUge_AGXcf_EZQEHIMgEQetZcAmMKR7ZRiv6CPsmC0~1=WMGejI_zO8W0rGe0j1FWMVBNY06dkVhvai7Yy0600G680UNQewAU0P01rgMlbkA0W802c07MfQ-MOhW1bBFA-2NO0Ugxvwm1u07En-wc0UW1gWFu0UYBthu1e0AE-eK1i0C2cWA81SMW3905mx1gi0NgXHku1Ug56y05tVPoo0M2d1tG1Tte2gW6xW6f1oCBBGWatzO2k0U01U07XWhG2Bg8W872We06u0Y7_KBe2GU02W7u2e2r6EWCamAO3TAMCi2m480KW8201D0KcURLM-WKZ0AW5f2bpfu6oHRG5kYBthu1c1UmlOelk1S1m1UrrW6W6Uu1k1d___y1WHh__sEvYk38owWU0R0V0SWVzTspLgaWd7ierFo-xZ-u8DxTATKY__z__u4ZYIEQcPcPcPdPFv0ZixAscCRVbyvSc2FYwFMPhP7Opse80D45WUUkCPAAu8JXi4XCptcVLCQJ48XFC4F00G00~1=WO4ejI_zOAm0lGi0L1MA0moTh06ux8UJulRAhlK1W078Yyg0s_t9iFq1Y065fvMiWG6G0QwEeiBKW8200fW1eewYmbIu0PIykAKZs07udQQV0U01eAhU5kW1eWFu0SR7thu1e0AKleaPe0C4i0C2zm681PoT2f05jPiEi0N8pWEu1SZE0y05_DGLo0N_m0NG1OEv0QW6xW6f1oCBBGWatzO2k0Uq1k07XiA0W0RW28hVn0pe2GU02W7u2e2r6EWCamAO3TAMCi2maeA0582WW0JG5FVCmsle58m2e1QGfSwU1iaMq1R6nzw-0PWNY9FN6RWN0S0NjTO1e1dk0RWP____0VWPfTs67e4Q___NPXzX6UIW6gBNsR7maklwmW6e7hzmi1y2o1_yZjDFgI0wNE3n4pVbFxWWtjqfrIB__t__WIE98vgPcPcPcTa_a2FfdlMvmBIfxb2O8wxPwlAGy9h-GWa011mahhnZrBC8aXWEwqakoRekwPJ9qC4MUzOds2RW~1=WLWejI_zO800TGe011CMvXAvW06ihPhPdiJzoie1W041Y06MdB7jdW6G0PY7ak3YW8200fW1c8UIu6Au0QpbjeCcs078wAMj0U01dBQQh07e0NBu0UhOthu1e0BwjAKRe0C6i0C2w0JE0eW5lT06a0Nsa0Um1UQp0hW5vhC2m0N5W0V81QEk0j05wroe1ku1gGSZ2oq89D_M0hW7W0NW1wGFmeA01k08lThI3UW91u0A0UWCamAO3TAMCi2ma8A84W6G4W7G58RkYO01w1IC0g0MaANEdWR95l0_q1RiyTw-0PWNqT79CBWN0S0NjTO1e1dk0RWP____0O4Q__yxfnHGHwwe7W6m7mF87wJqqbQf809yqp6k1_0_k23UtIdL8l__V_-18uaZcfcPcPcPsJ-G8v3CpCkGavJFam6O201VfaKN1FQwXdEK64QEN9B3N78urCuO1Ti47000~1?stat-id=1&test-tag=521718267435569&banner-sizes=eyI3MjA1NzYwNzIxNDcyMTM4NyI6IjQxOXgxMDAiLCI3MjA1NzYwNTM4MTcwMjU1MSI6IjQxOXgxMDAiLCI3MjA1NzYwNzI5MjA3NjQ5MiI6IjQxOXgxMDAifQ%3D%3D&format-type=118&actual-format=10&pcodever=712629&banner-test-tags=eyI3MjA1NzYwNzIxNDcyMTM4NyI6IjU3MzYxIiwiNzIwNTc2MDUzODE3MDI1NTEiOiI0MzgyNzcwIiwiNzIwNTc2MDcyOTIwNzY0OTIiOiI1NzM2MyJ9&pcode-active-testids=710490%2C0%2C92%3B709027%2C0%2C49&width=1268&height=100&confirmTime=2100000&confirmRatio=1000000&wmode=0 HTTP/1.1
Host: an.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Origin: https://goo.su
Connection: keep-alive
Referer: https://goo.su/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
timing-allow-origin: *
location: https://an.yandex.ru/count/WNOejI_zOEq0PGi011DE--XNk1aZeGK0xG4GmO200J4umjLZ000003YKuCm1Y081kG84754Xdf-1Ll02ohNmj0ZGTl050Q06xW791ZXwFZhB3zI61ICBBGWatzO2-0S1q0Y2W8200bPet1aZ2m40uM3ISbppy0iAu0s2W821W820Y0Ie3wEMrEN1vBVh0f0GrlVlsTh3kut10RIDZBu-u1G1y1N1YlRieu-y_6EW5f2bpfu6oHRmFzWMWHUe5mtG627u68ZsuAZPZSUIUe0PYHaAcBWP____0S0Pj_Jddwta_SqZqXaIUM5YSrzpPN9sPN8lSZStEIqow1cH0V0PgmUO6jJ3Kx0RIBWR0u8S3L93HJemTdHpL5LZPZVf780T_t-080A880pG8V___m7L8l__V_-18m0000000F0_4W0o0scOCH4yEVax6kAEt0Wbv92cuvqh4qExrnnLVLGMoaZbHzVEeR14DKVrpb4CBjlmi64d7ylO7W00~1=WLWejI_zO800TGe011CMvXAvW06ihPhPdiJzoie1W041Y06MdB7jdW6G0PY7ak3YW8200fW1c8UIu6Au0QpbjeCcs078wAMj0U01dBQQh07e0NBu0UhOthu1e0BwjAKRe0C6i0C2w0JE0eW5lT06a0Nsa0Um1UQp0hW5vhC2m0N5W0V81QEk0j05wroe1ku1gGSZ2oq89D_M0hW7W0NW1wGFmeA01k08lThI3UW91u0A0UWCamAO3TAMCi2ma8A84W6G4W7G58RkYO01w1IC0g0MaANEdWR95l0_q1RiyTw-0PWNqT79CBWN0S0NjTO1e1dk0RWP____0O4Q__yxfnHGHwwe7W6m7mF87wJqqbQf809yqp6k1_0_k23UtIdL8l__V_-18uaZcfcPcPcPsJ-G8v3CpCkGavJFam6O201VfaKN1FQwXdEK64QEN9B3N78urCuO1Ti47000~1=WO4ejI_zOAm0lGi0L1MA0moTh06ux8UJulRAhlK1W078Yyg0s_t9iFq1Y065fvMiWG6G0QwEeiBKW8200fW1eewYmbIu0PIykAKZs07udQQV0U01eAhU5kW1eWFu0SR7thu1e0AKleaPe0C4i0C2zm681PoT2f05jPiEi0N8pWEu1SZE0y05_DGLo0N_m0NG1OEv0QW6xW6f1oCBBGWatzO2k0Uq1k07XiA0W0RW28hVn0pe2GU02W7u2e2r6EWCamAO3TAMCi2maeA0582WW0JG5FVCmsle58m2e1QGfSwU1iaMq1R6nzw-0PWNY9FN6RWN0S0NjTO1e1dk0RWP____0VWPfTs67e4Q___NPXzX6UIW6gBNsR7maklwmW6e7hzmi1y2o1_yZjDFgI0wNE3n4pVbFxWWtjqfrIB__t__WIE98vgPcPcPcTa_a2FfdlMvmBIfxb2O8wxPwlAGy9h-GWa011mahhnZrBC8aXWEwqakoRekwPJ9qC4MUzOds2RW~1=WMWejI_zO8q0zGe0z1EmZ5L5ZG4GW8200QUv-lcImUBm0O010OW1vTgZefu1a07MfQ-Mue20W0AO0TQbhvPYk06Kiyhu9TW1whldh07W0Sx7xgO1w06g0_W1w8lUlW6W0exwXG6m0ve2Y0N5e0oG1SEmQh05weKRk0NgXHl01TtsSiW5WfmTq0NTw0ge1ku1gGSZ2oq89D_M0hW7W0NW1uOAq0YwY821meA01k08X_r2w0a7W0e1-0g0jHZe39C2c0tIbZB0i1205820W0JG59dcrLle58m2e1QGfSwU1iaMq1ReYzw-0PWNiBsABxWN0S0NjTO1e1dk0RWP____0O4Q__zZkOhWoCke7W6m7m787_NTirQf89nxADJylku_k23UtIdL8l__V_-18uaZcfcPcPcPsJ-G8xEojfZ6tvVEN9WZukZrcQsHsCzg203H1O7xhZ6IYY26uR1IJCzvf5I6SogbtJ4MYpa0~1?stat-id=1&test-tag=521718267435569&banner-sizes=eyI3MjA1NzYwNzIxNDcyMTM4NyI6IjQxOXgxMDAiLCI3MjA1NzYwNTM4MTcwMjU1MSI6IjQxOXgxMDAiLCI3MjA1NzYwNzI5MjA3NjQ5MiI6IjQxOXgxMDAifQ%3D%3D&format-type=118&actual-format=10&pcodever=712629&banner-test-tags=eyI3MjA1NzYwNzIxNDcyMTM4NyI6IjU3MzYxIiwiNzIwNTc2MDUzODE3MDI1NTEiOiI0MzgyNzcwIiwiNzIwNTc2MDcyOTIwNzY0OTIiOiI1NzM2MyJ9&pcode-active-testids=710490%2C0%2C92%3B709027%2C0%2C49&width=1268&height=100&confirmTime=2100000&confirmRatio=1000000&wmode=0
date: Sun, 29 Jan 2023 00:47:55 GMT
access-control-allow-origin: https://goo.su
set-cookie: yandexuid=9348505031674953275; domain=.yandex.ru; path=/; expires=Wed, 26-Jan-2033 00:47:55 GMT
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
expires: Sun, 29 Jan 2023 00:47:55 GMT
last-modified: Sun, 29 Jan 2023 00:47:55 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-encoding: gzip
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
top-fwz1.mail.ru/tracker?js=13;id=3128781;u=https%3A//goo.su/wunD%3F10006039TPMCRY31HAKWLU10249191024919;st=1674953276580;title=Redirecting...;s=1280*1024;vp=1268*939;touch=0;hds=1;frame=0;flash=;sid=2e22c20d7a7e11b1;ver=60.3.0;tz=0%2FUTC;ni=;detect=0;lvid=1674953277120%3A1674953284613%3A3%3A696c35c8aff48f30d11559e98c9ca169;opts=jst-ym;visible=true;_=0.8821820663189065;e=RT/unload;et=1674953284611;pvt=8031;vtauto=7501
95.163.52.67200 OK 43 B URL HTTP/2 top-fwz1.mail.ru/tracker?js=13;id=3128781;u=https%3A//goo.su/wunD%3F10006039TPMCRY31HAKWLU10249191024919;st=1674953276580;title=Redirecting...;s=1280*1024;vp=1268*939;touch=0;hds=1;frame=0;flash=;sid=2e22c20d7a7e11b1;ver=60.3.0;tz=0%2FUTC;ni=;detect=0;lvid=1674953277120%3A1674953284613%3A3%3A696c35c8aff48f30d11559e98c9ca169;opts=jst-ym;visible=true;_=0.8821820663189065;e=RT/unload;et=1674953284611;pvt=8031;vtauto=7501
IP 95.163.52.67:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 9bb191c6827273aa978cab39a3587950
25d8043336eb799e52b1a0e15ff6b95e09c24e35
24e480e4659fbae818853a38f8a3036f529f539024dc3e772c0b594ce02ea9db
GET /tracker?js=13;id=3128781;u=https%3A//goo.su/wunD%3F10006039TPMCRY31HAKWLU10249191024919;st=1674953276580;title=Redirecting...;s=1280*1024;vp=1268*939;touch=0;hds=1;frame=0;flash=;sid=2e22c20d7a7e11b1;ver=60.3.0;tz=0%2FUTC;ni=;detect=0;lvid=1674953277120%3A1674953284613%3A3%3A696c35c8aff48f30d11559e98c9ca169;opts=jst-ym;visible=true;_=0.8821820663189065;e=RT/unload;et=1674953284611;pvt=8031;vtauto=7501 HTTP/1.1
Host: top-fwz1.mail.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://goo.su/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 29 Jan 2023 00:47:59 GMT
content-type: image/gif
content-length: 43
set-cookie: FTID=1RMYgQ0tkIIF:1674953279:3128781:::; path=/; expires=Tue, 30-Jan-24 00:47:59 GMT; domain=.mail.ru; HttpOnly; SameSite=None; Secure
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, HEAD, PUT, OPTIONS
access-control-allow-headers: *
amp-access-control-allow-source-origin: *
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
timing-allow-origin: *
x-content-type-options: nosniff
p3p: CP="NOI DSP COR NID CUR PSA OUR NOR"
cache-control: private, no-cache, no-store, max-age=0
pragma: no-cache
accept-ch: DPR, Width, Viewport-Width, Downlink, Device-Memory, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version
accept-ch-lifetime: 86400
X-Firefox-Spdy: h2
an.yandex.ru/system/context.js
87.250.250.90200 OK 0 B URL HTTP/2 an.yandex.ru/system/context.js
IP 87.250.250.90:0
GET /system/context.js HTTP/1.1
Host: an.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://goo.su/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
timing-allow-origin: *
access-control-allow-origin: *
expires: Sun, 29 Jan 2023 01:47:51 GMT
x-yandex-req-id: 1674953271926017-49224932756014750700122-production-app-host-vla-pcode-415
cache-control: private, max-age=3600
content-encoding: br
content-type: text/javascript; charset=utf-8
x-robots-tag: noindex, noarchive, nofollow
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
yastatic.net/q/set/s/rsya-tag-users/bundle.js
178.154.131.217200 OK 0 B URL HTTP/2 yastatic.net/q/set/s/rsya-tag-users/bundle.js
IP 178.154.131.217:0
GET /q/set/s/rsya-tag-users/bundle.js HTTP/1.1
Host: yastatic.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://yastatic.net/safeframe-bundles/0.83/1-1-0/render.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx/1.17.9
date: Sun, 29 Jan 2023 00:47:54 GMT
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31556952
content-encoding: br
etag: W/"82bdc8db563d3e71c35534315f8a9fd5"
expires: Tue, 31 Jan 2023 12:43:06 GMT
last-modified: Fri, 29 Oct 2021 11:19:01 GMT
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
strict-transport-security: max-age=43200000; includeSubDomains;
timing-allow-origin: *
vary: Accept-Encoding
x-nginx-request-id: 69578bcea5a901bb
X-Firefox-Spdy: h2
an.yandex.ru/rtbcount/1N_y0fES0Ve100000000U9nJjAYoiphDVwNDK9bxgupA_MjCbXQ7hYOp084dJ2Gq_CLllrYk6P8CgOn0yKnbRbqEa7WfY5TR3YHQ6K5a9uWF14mCCnadyK3O2nclGKLNCcw4C1WsWaG-i0A9lOolCjaPZe9bpZA2XA-2oRkC338C37yPPp4nCCnb0eciPOe2gM7w3mIlc0J2Ckv8AdCpCZnCk5GKyvcLuIyJ2yWPp213UvaLWUHKPf2skSni8AkPcHWKG3QpR6HckdzovvKkTO6Jp1Q7ScxD3p_5SHMiyYwO_CdiuCGFSJZBt5TdmAmLB9CaDx3yXm767KZi0qZicomGxtsmVyZYfMEYiqliXlrR5f3N5h3odcJbci45bhx0sj3Gm7AJrVpNpyjAtsShVsK5wUvWQs2PmNRbSF02jkuzcpUq_Zsplsmb6yoO0smU9zYO7x7n1ZcxMXcKbHI7X2QdcRzaWrdu4ywQo1vZxhWzG-QT_InsDdD38pCZomtiJ3lOUKwmYpzWRx_Lj7FIfmsBkN-mym00R2oYYG00?confirmTime=2131000&confirmRatio=1000000&test-tag=521718267379714&format-type=118&actual-format=10&rnd=6991598334560&pcode-active-testids=710490%2C0%2C92%3B709027%2C0%2C49&banner-sizes=eyI3MjA1NzYwNzIxNDcyMTM4NyI6IjQxOXgxMDAiLCI3MjA1NzYwNTM4MTcwMjU1MSI6IjQxOXgxMDAiLCI3MjA1NzYwNzI5MjA3NjQ5MiI6IjQxOXgxMDAifQ%3D%3D&width=1268&height=100
87.250.250.90200 OK 0 B URL HTTP/2 an.yandex.ru/rtbcount/1N_y0fES0Ve100000000U9nJjAYoiphDVwNDK9bxgupA_MjCbXQ7hYOp084dJ2Gq_CLllrYk6P8CgOn0yKnbRbqEa7WfY5TR3YHQ6K5a9uWF14mCCnadyK3O2nclGKLNCcw4C1WsWaG-i0A9lOolCjaPZe9bpZA2XA-2oRkC338C37yPPp4nCCnb0eciPOe2gM7w3mIlc0J2Ckv8AdCpCZnCk5GKyvcLuIyJ2yWPp213UvaLWUHKPf2skSni8AkPcHWKG3QpR6HckdzovvKkTO6Jp1Q7ScxD3p_5SHMiyYwO_CdiuCGFSJZBt5TdmAmLB9CaDx3yXm767KZi0qZicomGxtsmVyZYfMEYiqliXlrR5f3N5h3odcJbci45bhx0sj3Gm7AJrVpNpyjAtsShVsK5wUvWQs2PmNRbSF02jkuzcpUq_Zsplsmb6yoO0smU9zYO7x7n1ZcxMXcKbHI7X2QdcRzaWrdu4ywQo1vZxhWzG-QT_InsDdD38pCZomtiJ3lOUKwmYpzWRx_Lj7FIfmsBkN-mym00R2oYYG00?confirmTime=2131000&confirmRatio=1000000&test-tag=521718267379714&format-type=118&actual-format=10&rnd=6991598334560&pcode-active-testids=710490%2C0%2C92%3B709027%2C0%2C49&banner-sizes=eyI3MjA1NzYwNzIxNDcyMTM4NyI6IjQxOXgxMDAiLCI3MjA1NzYwNTM4MTcwMjU1MSI6IjQxOXgxMDAiLCI3MjA1NzYwNzI5MjA3NjQ5MiI6IjQxOXgxMDAifQ%3D%3D&width=1268&height=100
IP 87.250.250.90:0
GET /rtbcount/1N_y0fES0Ve100000000U9nJjAYoiphDVwNDK9bxgupA_MjCbXQ7hYOp084dJ2Gq_CLllrYk6P8CgOn0yKnbRbqEa7WfY5TR3YHQ6K5a9uWF14mCCnadyK3O2nclGKLNCcw4C1WsWaG-i0A9lOolCjaPZe9bpZA2XA-2oRkC338C37yPPp4nCCnb0eciPOe2gM7w3mIlc0J2Ckv8AdCpCZnCk5GKyvcLuIyJ2yWPp213UvaLWUHKPf2skSni8AkPcHWKG3QpR6HckdzovvKkTO6Jp1Q7ScxD3p_5SHMiyYwO_CdiuCGFSJZBt5TdmAmLB9CaDx3yXm767KZi0qZicomGxtsmVyZYfMEYiqliXlrR5f3N5h3odcJbci45bhx0sj3Gm7AJrVpNpyjAtsShVsK5wUvWQs2PmNRbSF02jkuzcpUq_Zsplsmb6yoO0smU9zYO7x7n1ZcxMXcKbHI7X2QdcRzaWrdu4ywQo1vZxhWzG-QT_InsDdD38pCZomtiJ3lOUKwmYpzWRx_Lj7FIfmsBkN-mym00R2oYYG00?confirmTime=2131000&confirmRatio=1000000&test-tag=521718267379714&format-type=118&actual-format=10&rnd=6991598334560&pcode-active-testids=710490%2C0%2C92%3B709027%2C0%2C49&banner-sizes=eyI3MjA1NzYwNzIxNDcyMTM4NyI6IjQxOXgxMDAiLCI3MjA1NzYwNTM4MTcwMjU1MSI6IjQxOXgxMDAiLCI3MjA1NzYwNzI5MjA3NjQ5MiI6IjQxOXgxMDAifQ%3D%3D&width=1268&height=100 HTTP/1.1
Host: an.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Origin: https://goo.su
Connection: keep-alive
Referer: https://goo.su/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
timing-allow-origin: *
date: Sun, 29 Jan 2023 00:47:55 GMT
access-control-allow-origin: https://goo.su
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Sun, 29 Jan 2023 00:47:55 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
last-modified: Sun, 29 Jan 2023 00:47:55 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: image/gif
content-encoding: gzip
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
yastatic.net/safeframe-bundles/0.83/host.js
178.154.131.217200 OK 0 B URL HTTP/2 yastatic.net/safeframe-bundles/0.83/host.js
IP 178.154.131.217:0
GET /safeframe-bundles/0.83/host.js HTTP/1.1
Host: yastatic.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://goo.su
Connection: keep-alive
Referer: https://goo.su/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx/1.17.9
date: Sun, 29 Jan 2023 00:47:52 GMT
content-type: text/javascript; charset=utf-8
content-length: 8878
access-control-allow-origin: *
cache-control: public, max-age=946708560
content-encoding: br
etag: "f80882bf67cf261aa08d636da095149a"
expires: Tue, 28 Jan 2053 07:22:50 GMT
last-modified: Wed, 03 Nov 2021 13:42:58 GMT
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
strict-transport-security: max-age=43200000; includeSubDomains;
timing-allow-origin: *
vary: Accept-Encoding
x-robots-tag: noindex, noarchive, nofollow
accept-ranges: bytes
X-Firefox-Spdy: h2
an.yandex.ru/event_confirmation
87.250.250.90200 OK 0 B URL HTTP/2 an.yandex.ru/event_confirmation
IP 87.250.250.90:0
POST /event_confirmation HTTP/1.1
Host: an.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Content-Length: 321
Origin: https://goo.su
Connection: keep-alive
Referer: https://goo.su/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
timing-allow-origin: *
date: Sun, 29 Jan 2023 00:47:53 GMT
access-control-allow-origin: https://goo.su
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Sun, 29 Jan 2023 00:47:53 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
last-modified: Sun, 29 Jan 2023 00:47:53 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-encoding: gzip
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
mc.yandex.ru/watch/39370120?vsid=26121fa2e6bd8e93d10da42d0b3efc3c79fd0ce9e3f1xVASx2629x1674953277
87.250.251.119302 Found 0 B URL HTTP/2 mc.yandex.ru/watch/39370120?vsid=26121fa2e6bd8e93d10da42d0b3efc3c79fd0ce9e3f1xVASx2629x1674953277
IP 87.250.251.119:0
POST /watch/39370120?vsid=26121fa2e6bd8e93d10da42d0b3efc3c79fd0ce9e3f1xVASx2629x1674953277 HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://goo.su
Connection: keep-alive
Referer: https://goo.su/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
TE: trailers
HTTP/2 302 Found
location: /watch/39370120/1?vsid=26121fa2e6bd8e93d10da42d0b3efc3c79fd0ce9e3f1xVASx2629x1674953277
date: Sun, 29 Jan 2023 00:47:54 GMT
access-control-allow-origin: https://goo.su
set-cookie: yabs-sid=341200421674953274; Path=/; SameSite=None; Secure
i=LqSSrdmS68s/TuGUu+YAmF0nZRhDgEXsamzn2/JQdFgk55inzZMTG8KEY/4wyidi0u7TZOzHZ2/yo41HNQUhHugXn4c=; Expires=Wed, 26-Jan-2033 00:47:42 GMT; Domain=.yandex.ru; Path=/; Secure; HttpOnly; SameSite=None
yandexuid=2161670281674953274; Expires=Mon, 29-Jan-2024 00:47:54 GMT; Domain=.yandex.ru; Path=/; SameSite=None; Secure
yuidss=2161670281674953274; Expires=Mon, 29-Jan-2024 00:47:54 GMT; Domain=.yandex.ru; Path=/; SameSite=None; Secure
ymex=1706489274.yc.1674953274#1706489274.yrts.1674953274#1706489274.yrtsi.1674953274; Expires=Mon, 29-Jan-2024 00:47:54 GMT; Domain=.yandex.ru; Path=/; SameSite=None; Secure
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Sun, 29-Jan-2023 00:47:54 GMT
last-modified: Sun, 29-Jan-2023 00:47:54 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
an.yandex.ru/tracking/WUyejI_zO3O1BGy0r1e00000zB17rmK0DW8nESBLOm00000ubE3C0M2y26W4W06qqfsfticZZak80PUszjcV0P01bFsQnUE0W802c06K_Ph5OxW1eDN_YIRO0TwCogq1u07YjE-i0PW2g8U-0w02hgtl0T1sw0JH1FW4XUSGY0MeyWMG1ONd4A05e905g0NmeWIm1V2Y1BW5yA84m0N8qGd81S-v0k05Tw06xW6e1ku1oGOvsbBUFUr1Rwa78mi5d4dVrWAu1xG6me201kW9E4sTcMa20K282mYg2n0eFQ_J8mi102l6st9SymK0WO20W8W4WPqJ-0wHh9ge2QWFevQKkfhfj-i2W12ln8qdmA8IW1I0e884g1I5vn07q1GDs1JpsjEU1k0K0TWMrlVlsTh3kut10O4Nc1Urljymq1VGXWFO5wsbF-0NW9B2dGRG627u6C6AzkoZZxpyOu0Pk1e1WXmDKaD5Ea4rLNPKLMDcD-aSW1r_q1xmbDtipDQkfcZO7lhQ7g0VhyID9x0V0SWVhuRbLj8V1ZSnCZOoEU0W0T0X_m7L8l__V_-18m3mFuaZcfcPcPcPsJyG042WuwHCZBHG8FUkGZ02oQ0a8p7ePRuUpPjRWP2O2LK7JUNHBwi41WRsmxsiftE9KXSPF0C0~1?action-id=11&adsdk-bundle-version=712202&adsdk-bundle-name=AdLoader&adsdk-container-visibility=100&adsdk-container-width=233&adsdk-container-height=152&video-avatar-width=233&video-avatar-height=131&ad-session-id=1164051674953277186&vsid=26121fa2e6bd8e93d10da42d0b3efc3c79fd0ce9e3f1xVASx2629x1674953277&top-ancestor=https%3A%2F%2Fgoo.su&top-ancestor-undetermined=0&client-ts=1674953279242&client-timezone-offset=0&viewability-undetermined=0&video-volume=100&video-muted=1&pcode-active-testids=712202%2C0%2C87%3B709027%2C0%2C49&document-has-focus=true&is-fullscreen=false&ad-pod-id=unknown&product-theme=unknown&layout-config=%7B%22win_width%22%3A1280%2C%22win_height%22%3A1024%2C%22pixel_ratio%22%3A1%2C%22bandwidth%22%3A-1%2C%22width%22%3A233%2C%22height%22%3A152%2C%22w%22%3A233%2C%22h%22%3A152%2C%22left%22%3A-1%2C%22top%22%3A656%2C%22visible%22%3A1%2C%22req_no%22%3A0%7D
87.250.250.90200 OK 0 B URL HTTP/2 an.yandex.ru/tracking/WUyejI_zO3O1BGy0r1e00000zB17rmK0DW8nESBLOm00000ubE3C0M2y26W4W06qqfsfticZZak80PUszjcV0P01bFsQnUE0W802c06K_Ph5OxW1eDN_YIRO0TwCogq1u07YjE-i0PW2g8U-0w02hgtl0T1sw0JH1FW4XUSGY0MeyWMG1ONd4A05e905g0NmeWIm1V2Y1BW5yA84m0N8qGd81S-v0k05Tw06xW6e1ku1oGOvsbBUFUr1Rwa78mi5d4dVrWAu1xG6me201kW9E4sTcMa20K282mYg2n0eFQ_J8mi102l6st9SymK0WO20W8W4WPqJ-0wHh9ge2QWFevQKkfhfj-i2W12ln8qdmA8IW1I0e884g1I5vn07q1GDs1JpsjEU1k0K0TWMrlVlsTh3kut10O4Nc1Urljymq1VGXWFO5wsbF-0NW9B2dGRG627u6C6AzkoZZxpyOu0Pk1e1WXmDKaD5Ea4rLNPKLMDcD-aSW1r_q1xmbDtipDQkfcZO7lhQ7g0VhyID9x0V0SWVhuRbLj8V1ZSnCZOoEU0W0T0X_m7L8l__V_-18m3mFuaZcfcPcPcPsJyG042WuwHCZBHG8FUkGZ02oQ0a8p7ePRuUpPjRWP2O2LK7JUNHBwi41WRsmxsiftE9KXSPF0C0~1?action-id=11&adsdk-bundle-version=712202&adsdk-bundle-name=AdLoader&adsdk-container-visibility=100&adsdk-container-width=233&adsdk-container-height=152&video-avatar-width=233&video-avatar-height=131&ad-session-id=1164051674953277186&vsid=26121fa2e6bd8e93d10da42d0b3efc3c79fd0ce9e3f1xVASx2629x1674953277&top-ancestor=https%3A%2F%2Fgoo.su&top-ancestor-undetermined=0&client-ts=1674953279242&client-timezone-offset=0&viewability-undetermined=0&video-volume=100&video-muted=1&pcode-active-testids=712202%2C0%2C87%3B709027%2C0%2C49&document-has-focus=true&is-fullscreen=false&ad-pod-id=unknown&product-theme=unknown&layout-config=%7B%22win_width%22%3A1280%2C%22win_height%22%3A1024%2C%22pixel_ratio%22%3A1%2C%22bandwidth%22%3A-1%2C%22width%22%3A233%2C%22height%22%3A152%2C%22w%22%3A233%2C%22h%22%3A152%2C%22left%22%3A-1%2C%22top%22%3A656%2C%22visible%22%3A1%2C%22req_no%22%3A0%7D
IP 87.250.250.90:0
POST /tracking/WUyejI_zO3O1BGy0r1e00000zB17rmK0DW8nESBLOm00000ubE3C0M2y26W4W06qqfsfticZZak80PUszjcV0P01bFsQnUE0W802c06K_Ph5OxW1eDN_YIRO0TwCogq1u07YjE-i0PW2g8U-0w02hgtl0T1sw0JH1FW4XUSGY0MeyWMG1ONd4A05e905g0NmeWIm1V2Y1BW5yA84m0N8qGd81S-v0k05Tw06xW6e1ku1oGOvsbBUFUr1Rwa78mi5d4dVrWAu1xG6me201kW9E4sTcMa20K282mYg2n0eFQ_J8mi102l6st9SymK0WO20W8W4WPqJ-0wHh9ge2QWFevQKkfhfj-i2W12ln8qdmA8IW1I0e884g1I5vn07q1GDs1JpsjEU1k0K0TWMrlVlsTh3kut10O4Nc1Urljymq1VGXWFO5wsbF-0NW9B2dGRG627u6C6AzkoZZxpyOu0Pk1e1WXmDKaD5Ea4rLNPKLMDcD-aSW1r_q1xmbDtipDQkfcZO7lhQ7g0VhyID9x0V0SWVhuRbLj8V1ZSnCZOoEU0W0T0X_m7L8l__V_-18m3mFuaZcfcPcPcPsJyG042WuwHCZBHG8FUkGZ02oQ0a8p7ePRuUpPjRWP2O2LK7JUNHBwi41WRsmxsiftE9KXSPF0C0~1?action-id=11&adsdk-bundle-version=712202&adsdk-bundle-name=AdLoader&adsdk-container-visibility=100&adsdk-container-width=233&adsdk-container-height=152&video-avatar-width=233&video-avatar-height=131&ad-session-id=1164051674953277186&vsid=26121fa2e6bd8e93d10da42d0b3efc3c79fd0ce9e3f1xVASx2629x1674953277&top-ancestor=https%3A%2F%2Fgoo.su&top-ancestor-undetermined=0&client-ts=1674953279242&client-timezone-offset=0&viewability-undetermined=0&video-volume=100&video-muted=1&pcode-active-testids=712202%2C0%2C87%3B709027%2C0%2C49&document-has-focus=true&is-fullscreen=false&ad-pod-id=unknown&product-theme=unknown&layout-config=%7B%22win_width%22%3A1280%2C%22win_height%22%3A1024%2C%22pixel_ratio%22%3A1%2C%22bandwidth%22%3A-1%2C%22width%22%3A233%2C%22height%22%3A152%2C%22w%22%3A233%2C%22h%22%3A152%2C%22left%22%3A-1%2C%22top%22%3A656%2C%22visible%22%3A1%2C%22req_no%22%3A0%7D HTTP/1.1
Host: an.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://goo.su
Connection: keep-alive
Referer: https://goo.su/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
TE: trailers
HTTP/2 200 OK
timing-allow-origin: *
date: Sun, 29 Jan 2023 00:47:54 GMT
access-control-allow-origin: https://goo.su
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Sun, 29 Jan 2023 00:47:54 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
last-modified: Sun, 29 Jan 2023 00:47:54 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-encoding: gzip
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
goo.su/wunD?10006039TPMCRY31HAKWLU10249191024919
172.67.139.105200 OK 0 B URL HTTP/2 goo.su/wunD?10006039TPMCRY31HAKWLU10249191024919
IP 172.67.139.105:0
NIDS Severity Alert suricata medium ET POLICY HTTP Request to .su TLD (Soviet Union) Often Malware Related
GET /wunD?10006039TPMCRY31HAKWLU10249191024919 HTTP/1.1
Host: goo.su
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
date: Sun, 29 Jan 2023 00:47:51 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
x-powered-by: PHP/8.0.15
cache-control: private, must-revalidate
pragma: no-cache
expires: -1
set-cookie: XSRF-TOKEN=eyJpdiI6InpWRzl0SytQTXFzL0IzWGdjVXFCQWc9PSIsInZhbHVlIjoiRkZTTjBOZWN1TURsWXAvSDRoc2xkdnFGOHhUc0JmYVh6enJGa3AyS25pd1JMN0JRa2pEWVJmL2xWTk5xMlB2bUVMVEpFRkJiSG5NUUQ5RlB5dlNkMlZENFNWWFpzNHZQQWFxdDdFWmJ1c3ZhNXNPTWVqYTdtdU41Wkk1dVU2TE0iLCJtYWMiOiJjOWY1MTMwYTcyOTE1MjkyZmZiY2RhOWUzZWU4NzM1NjIzZDQ4NTliNTE2YTJmY2M4ZDY0NDcxZDJjNDg4MmNjIiwidGFnIjoiIn0%3D; expires=Sun, 29-Jan-2023 19:27:51 GMT; Max-Age=67200; path=/; samesite=lax
goosu_session=eyJpdiI6IlFIWVlSVjhnVytpdTh4bG5RNm5IMHc9PSIsInZhbHVlIjoiUUhxZ3c3RGxidFFDa29Da1NtRVVKa2ZuZ0ZjTXdnYUMyb01vQzU1S3dMbTU5VzFjRnVpNXEwQlgxbGs5RkJCTVFGTHFtbHh5SENtSXJ0RjdER0t1dFN3cFNLcy8xVGptQ3FZNUM3SExOeDJpR3pIMWoyQytqc1ExRmRLM3NMaEQiLCJtYWMiOiJmOWZjZDk5OGM4ODI3ZmRlNjgwNzcwOGYyZTA3N2MwMjUyZWQzOTQ5NzhkNjBkOTM0NThhZmYzMDE2MjFmMWUyIiwidGFnIjoiIn0%3D; expires=Sun, 29-Jan-2023 19:27:51 GMT; Max-Age=67200; path=/; httponly; samesite=lax
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gEih4gCagxUbqwgWLfJdIzjLuerKIgwHT%2F42RgqbuVGfKPiSRFMW4xSBqHtl8xywOSC6leBCt4FM283QNXZrJ8FCACl7IhRHdT8f7g1ccPgqKY54EvMyz5M%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 790df577ec02b4e8-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
an.yandex.ru/event_confirmation
87.250.250.90200 OK 0 B URL HTTP/2 an.yandex.ru/event_confirmation
IP 87.250.250.90:0
OPTIONS /event_confirmation HTTP/1.1
Host: an.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://goo.su/
Origin: https://goo.su
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
timing-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
date: Sun, 29 Jan 2023 00:47:52 GMT
access-control-max-age: 1728000
access-control-allow-headers: content-type
access-control-allow-origin: https://goo.su
access-control-allow-credentials: true
x-xss-protection: 1; mode=block
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
content-encoding: gzip
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
top-fwz1.mail.ru/js/code.js
95.163.52.67200 OK 0 B URL HTTP/2 top-fwz1.mail.ru/js/code.js
IP 95.163.52.67:0
GET /js/code.js HTTP/1.1
Host: top-fwz1.mail.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://goo.su/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sun, 29 Jan 2023 00:47:51 GMT
content-type: application/javascript
last-modified: Wed, 11 Jan 2023 13:29:54 GMT
set-cookie: FTID=1RMYgQ0tkIIF:1674953271:0:::; path=/; expires=Tue, 30-Jan-24 00:47:51 GMT; domain=.mail.ru; HttpOnly; SameSite=None; Secure
etag: W/"63beb9d2-85cc"
expires: Sun, 29 Jan 2023 01:47:51 GMT
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, HEAD, PUT, OPTIONS
access-control-allow-headers: *
amp-access-control-allow-source-origin: *
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
timing-allow-origin: *
x-content-type-options: nosniff
p3p: CP="NOI DSP COR NID CUR PSA OUR NOR"
cache-control: max-age=3600, private
accept-ch: DPR, Width, Viewport-Width, Downlink, Device-Memory, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version
accept-ch-lifetime: 86400
content-encoding: gzip
X-Firefox-Spdy: h2
mc.yandex.ru/watch/37412095?wmode=7&page-url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.83%2F1-1-0%2Frender.html&page-ref=https%3A%2F%2Fgoo.su%2F&charset=utf-8&site-info=%7B%22extensions%22%3A%22%22%2C%22fromGoogle%22%3A%22false%22%2C%22fromCancel%22%3A%22false%22%2C%22loyal%22%3A%220%22%2C%22sbscrb%22%3A%22%22%2C%22p%22%3A%22%22%2C%22b%22%3A%22%22%2C%22fresh%22%3A%22%22%2C%22infected%22%3A%22%22%2C%22slow%22%3A%22%22%2C%22os%22%3A%22windows%22%2C%22browser%22%3A%22firefox%22%2C%22winxp%22%3A%22false%22%2C%22old%22%3A%22actual%22%2C%22yabroAge%22%3Anull%7D&browser-info=pv%3A1%3Avf%3A3kqlg6e9sjiwxr6f2njdv%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A960%3Acn%3A2%3Adp%3A0%3Als%3A150360436231%3Ahid%3A433393196%3Aphid%3A1005851940%3Az%3A0%3Ai%3A20230129004803%3Aet%3A1674953284%3Arn%3A755724732%3Arqn%3A1%3Au%3A1674953280452368868%3Aw%3A1x1%3As%3A1280x1024x24%3Ask%3A1%3Aifr%3A1%3Ads%3A0%2C0%2C19%2C1%2C%2C0%2C%2C34%2C1%2C472%2C472%2C1%2C63%3Aco%3A0%3Ans%3A1674953277830%3Aadb%3A2%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-5cbccea2ed3dd5c7a75380ef1cbfadf6-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1674953284%3At%3A&t=gdpr(6)clc(0-0-0)rqnt(1)aw(1)fip(1)ti(2)
87.250.251.119302 Found 0 B URL HTTP/2 mc.yandex.ru/watch/37412095?wmode=7&page-url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.83%2F1-1-0%2Frender.html&page-ref=https%3A%2F%2Fgoo.su%2F&charset=utf-8&site-info=%7B%22extensions%22%3A%22%22%2C%22fromGoogle%22%3A%22false%22%2C%22fromCancel%22%3A%22false%22%2C%22loyal%22%3A%220%22%2C%22sbscrb%22%3A%22%22%2C%22p%22%3A%22%22%2C%22b%22%3A%22%22%2C%22fresh%22%3A%22%22%2C%22infected%22%3A%22%22%2C%22slow%22%3A%22%22%2C%22os%22%3A%22windows%22%2C%22browser%22%3A%22firefox%22%2C%22winxp%22%3A%22false%22%2C%22old%22%3A%22actual%22%2C%22yabroAge%22%3Anull%7D&browser-info=pv%3A1%3Avf%3A3kqlg6e9sjiwxr6f2njdv%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A960%3Acn%3A2%3Adp%3A0%3Als%3A150360436231%3Ahid%3A433393196%3Aphid%3A1005851940%3Az%3A0%3Ai%3A20230129004803%3Aet%3A1674953284%3Arn%3A755724732%3Arqn%3A1%3Au%3A1674953280452368868%3Aw%3A1x1%3As%3A1280x1024x24%3Ask%3A1%3Aifr%3A1%3Ads%3A0%2C0%2C19%2C1%2C%2C0%2C%2C34%2C1%2C472%2C472%2C1%2C63%3Aco%3A0%3Ans%3A1674953277830%3Aadb%3A2%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-5cbccea2ed3dd5c7a75380ef1cbfadf6-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1674953284%3At%3A&t=gdpr(6)clc(0-0-0)rqnt(1)aw(1)fip(1)ti(2)
IP 87.250.251.119:0
GET /watch/37412095?wmode=7&page-url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.83%2F1-1-0%2Frender.html&page-ref=https%3A%2F%2Fgoo.su%2F&charset=utf-8&site-info=%7B%22extensions%22%3A%22%22%2C%22fromGoogle%22%3A%22false%22%2C%22fromCancel%22%3A%22false%22%2C%22loyal%22%3A%220%22%2C%22sbscrb%22%3A%22%22%2C%22p%22%3A%22%22%2C%22b%22%3A%22%22%2C%22fresh%22%3A%22%22%2C%22infected%22%3A%22%22%2C%22slow%22%3A%22%22%2C%22os%22%3A%22windows%22%2C%22browser%22%3A%22firefox%22%2C%22winxp%22%3A%22false%22%2C%22old%22%3A%22actual%22%2C%22yabroAge%22%3Anull%7D&browser-info=pv%3A1%3Avf%3A3kqlg6e9sjiwxr6f2njdv%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A960%3Acn%3A2%3Adp%3A0%3Als%3A150360436231%3Ahid%3A433393196%3Aphid%3A1005851940%3Az%3A0%3Ai%3A20230129004803%3Aet%3A1674953284%3Arn%3A755724732%3Arqn%3A1%3Au%3A1674953280452368868%3Aw%3A1x1%3As%3A1280x1024x24%3Ask%3A1%3Aifr%3A1%3Ads%3A0%2C0%2C19%2C1%2C%2C0%2C%2C34%2C1%2C472%2C472%2C1%2C63%3Aco%3A0%3Ans%3A1674953277830%3Aadb%3A2%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-5cbccea2ed3dd5c7a75380ef1cbfadf6-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1674953284%3At%3A&t=gdpr(6)clc(0-0-0)rqnt(1)aw(1)fip(1)ti(2) HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://yastatic.net
Connection: keep-alive
Referer: https://yastatic.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
location: /watch/37412095/1?wmode=7&page-url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.83%2F1-1-0%2Frender.html&page-ref=https%3A%2F%2Fgoo.su%2F&charset=utf-8&site-info=%7B%22extensions%22%3A%22%22%2C%22fromGoogle%22%3A%22false%22%2C%22fromCancel%22%3A%22false%22%2C%22loyal%22%3A%220%22%2C%22sbscrb%22%3A%22%22%2C%22p%22%3A%22%22%2C%22b%22%3A%22%22%2C%22fresh%22%3A%22%22%2C%22infected%22%3A%22%22%2C%22slow%22%3A%22%22%2C%22os%22%3A%22windows%22%2C%22browser%22%3A%22firefox%22%2C%22winxp%22%3A%22false%22%2C%22old%22%3A%22actual%22%2C%22yabroAge%22%3Anull%7D&browser-info=pv%3A1%3Avf%3A3kqlg6e9sjiwxr6f2njdv%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A960%3Acn%3A2%3Adp%3A0%3Als%3A150360436231%3Ahid%3A433393196%3Aphid%3A1005851940%3Az%3A0%3Ai%3A20230129004803%3Aet%3A1674953284%3Arn%3A755724732%3Arqn%3A1%3Au%3A1674953280452368868%3Aw%3A1x1%3As%3A1280x1024x24%3Ask%3A1%3Aifr%3A1%3Ads%3A0%2C0%2C19%2C1%2C%2C0%2C%2C34%2C1%2C472%2C472%2C1%2C63%3Aco%3A0%3Ans%3A1674953277830%3Aadb%3A2%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-5cbccea2ed3dd5c7a75380ef1cbfadf6-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1674953284%3At%3A&t=gdpr%286%29clc%280-0-0%29rqnt%281%29aw%281%29fip%281%29ti%282%29
date: Sun, 29 Jan 2023 00:47:58 GMT
access-control-allow-origin: https://yastatic.net
set-cookie: yabs-sid=2375806761674953278; Path=/; SameSite=None; Secure
i=qCb1IpdNIOXuQHEOgVD8FQfaCj7OAjA8qBAvDk4lZU867Db8kkztwI9heWfO12k9HmThGYjz9Qk34kFpVbW17Xm22Us=; Expires=Wed, 26-Jan-2033 00:47:55 GMT; Domain=.yandex.ru; Path=/; Secure; HttpOnly; SameSite=None
yandexuid=3581536221674953278; Expires=Mon, 29-Jan-2024 00:47:58 GMT; Domain=.yandex.ru; Path=/; SameSite=None; Secure
yuidss=3581536221674953278; Expires=Mon, 29-Jan-2024 00:47:58 GMT; Domain=.yandex.ru; Path=/; SameSite=None; Secure
ymex=1706489278.yc.1674953278#1706489278.yrts.1674953278#1706489278.yrtsi.1674953278; Expires=Mon, 29-Jan-2024 00:47:58 GMT; Domain=.yandex.ru; Path=/; SameSite=None; Secure
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Sun, 29-Jan-2023 00:47:58 GMT
last-modified: Sun, 29-Jan-2023 00:47:58 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
mc.yandex.ru/watch/3?wmode=7&page-url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.83%2F1-1-0%2Frender.html&page-ref=https%3A%2F%2Fgoo.su%2F&charset=utf-8&browser-info=pv%3A1%3Avf%3A3kqlg6e9sjiwxr6f2njdv%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A960%3Acn%3A1%3Adp%3A0%3Als%3A1150883682463%3Ahid%3A433393196%3Az%3A0%3Ai%3A20230129004800%3Aet%3A1674953280%3Arn%3A913103916%3Arqn%3A1%3Au%3A1674953280452368868%3Aw%3A1x1%3As%3A1280x1024x24%3Ask%3A1%3Aifr%3A1%3Ads%3A0%2C0%2C19%2C1%2C%2C0%2C%2C34%2C1%2C472%2C472%2C1%2C63%3Aco%3A0%3Ans%3A1674953277830%3Ast%3A1674953280&t=clc(0-0-0)rqnt(1)aw(1)ti(2)
87.250.251.119302 Found 0 B URL HTTP/2 mc.yandex.ru/watch/3?wmode=7&page-url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.83%2F1-1-0%2Frender.html&page-ref=https%3A%2F%2Fgoo.su%2F&charset=utf-8&browser-info=pv%3A1%3Avf%3A3kqlg6e9sjiwxr6f2njdv%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A960%3Acn%3A1%3Adp%3A0%3Als%3A1150883682463%3Ahid%3A433393196%3Az%3A0%3Ai%3A20230129004800%3Aet%3A1674953280%3Arn%3A913103916%3Arqn%3A1%3Au%3A1674953280452368868%3Aw%3A1x1%3As%3A1280x1024x24%3Ask%3A1%3Aifr%3A1%3Ads%3A0%2C0%2C19%2C1%2C%2C0%2C%2C34%2C1%2C472%2C472%2C1%2C63%3Aco%3A0%3Ans%3A1674953277830%3Ast%3A1674953280&t=clc(0-0-0)rqnt(1)aw(1)ti(2)
IP 87.250.251.119:0
GET /watch/3?wmode=7&page-url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.83%2F1-1-0%2Frender.html&page-ref=https%3A%2F%2Fgoo.su%2F&charset=utf-8&browser-info=pv%3A1%3Avf%3A3kqlg6e9sjiwxr6f2njdv%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A960%3Acn%3A1%3Adp%3A0%3Als%3A1150883682463%3Ahid%3A433393196%3Az%3A0%3Ai%3A20230129004800%3Aet%3A1674953280%3Arn%3A913103916%3Arqn%3A1%3Au%3A1674953280452368868%3Aw%3A1x1%3As%3A1280x1024x24%3Ask%3A1%3Aifr%3A1%3Ads%3A0%2C0%2C19%2C1%2C%2C0%2C%2C34%2C1%2C472%2C472%2C1%2C63%3Aco%3A0%3Ans%3A1674953277830%3Ast%3A1674953280&t=clc(0-0-0)rqnt(1)aw(1)ti(2) HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://yastatic.net
Connection: keep-alive
Referer: https://yastatic.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
location: /watch/3/1?wmode=7&page-url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.83%2F1-1-0%2Frender.html&page-ref=https%3A%2F%2Fgoo.su%2F&charset=utf-8&browser-info=pv%3A1%3Avf%3A3kqlg6e9sjiwxr6f2njdv%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A960%3Acn%3A1%3Adp%3A0%3Als%3A1150883682463%3Ahid%3A433393196%3Az%3A0%3Ai%3A20230129004800%3Aet%3A1674953280%3Arn%3A913103916%3Arqn%3A1%3Au%3A1674953280452368868%3Aw%3A1x1%3As%3A1280x1024x24%3Ask%3A1%3Aifr%3A1%3Ads%3A0%2C0%2C19%2C1%2C%2C0%2C%2C34%2C1%2C472%2C472%2C1%2C63%3Aco%3A0%3Ans%3A1674953277830%3Ast%3A1674953280&t=clc%280-0-0%29rqnt%281%29aw%281%29ti%282%29
date: Sun, 29 Jan 2023 00:47:55 GMT
access-control-allow-origin: https://yastatic.net
set-cookie: yabs-sid=2083633811674953275; Path=/; SameSite=None; Secure
i=GqXqofxHBHu/7sU8WcItW9Wg4VF54f4h+QV0f3hlFqoKTio+I2V63L5aQOew4qi/IOnBCnjyaDa5tuCNW9UyR8aNk50=; Expires=Wed, 26-Jan-2033 00:47:50 GMT; Domain=.yandex.ru; Path=/; Secure; HttpOnly; SameSite=None
yandexuid=2760824041674953275; Expires=Mon, 29-Jan-2024 00:47:55 GMT; Domain=.yandex.ru; Path=/; SameSite=None; Secure
yuidss=2760824041674953275; Expires=Mon, 29-Jan-2024 00:47:55 GMT; Domain=.yandex.ru; Path=/; SameSite=None; Secure
ymex=1706489275.yc.1674953275#1706489275.yrts.1674953275#1706489275.yrtsi.1674953275; Expires=Mon, 29-Jan-2024 00:47:55 GMT; Domain=.yandex.ru; Path=/; SameSite=None; Secure
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Sun, 29-Jan-2023 00:47:55 GMT
last-modified: Sun, 29-Jan-2023 00:47:55 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
an.yandex.ru/rtbcount/1RNVNoML0V0100000000U9nJjBmLTC_shME-eJAtwtBF-zUOB2qFNKrc009Fc4Xe-7GLdLYk6P8CgOn0yKnbRjOv8F5I5Y2ljXn8j3A2o4wGB10mCSnad09XCYnar82oLZBoGrbx6Uz-P60u2kQVPGHfkWecxp8oo30m_6MSnSJ0C9S99BAMAGgaXka_4BnY4j2mNNzPcPkHGVlOxQAOpwmCVvb0BcXbPWMIlSoAG78gCqZRN6Osa8NCJ0mA8FjODZ8ptJ-vyqgNki19Piiws-lhXUUfNWMhl0icVp8xE44Sjv3bugipODOAbYcC6rZ-mm3Z3YJs0IJsJHQ8fpxOFsJnqZ7HsILsm_uj2yYq1Qoy9rdDhtE1fI-mDYneOhd9QlxhvsMbxxELlxA2T7UmDR3COBjoE7W1M_UUpHjQ_vxPNxQI3MRC0JQF4spCZzXuWvnThHnDGyj2GfFJp5-omIpy2MTDP8ynTzoU8VFEVXOxcxcXaPcHvGPsfXtiF2VOnH-mjzzgsZdfquR5t3_OUG37ZfxM?confirmTime=2101000&confirmRatio=1000000&test-tag=521718267379714&format-type=118&actual-format=10&rnd=1835718058127&pcode-active-testids=710490%2C0%2C92%3B709027%2C0%2C49&banner-sizes=eyI3MjA1NzYwNzM5ODA1NTc1NCI6IjQxOXgxNTAiLCI3MjA1NzYwNzEyNzE0NDM2MSI6IjQxOXgxNTAiLCI3MjA1NzYwNjUzMDU1Nzg3MiI6IjQxOXgxNTAifQ%3D%3D&width=1268&height=150
87.250.250.90200 OK 0 B URL HTTP/2 an.yandex.ru/rtbcount/1RNVNoML0V0100000000U9nJjBmLTC_shME-eJAtwtBF-zUOB2qFNKrc009Fc4Xe-7GLdLYk6P8CgOn0yKnbRjOv8F5I5Y2ljXn8j3A2o4wGB10mCSnad09XCYnar82oLZBoGrbx6Uz-P60u2kQVPGHfkWecxp8oo30m_6MSnSJ0C9S99BAMAGgaXka_4BnY4j2mNNzPcPkHGVlOxQAOpwmCVvb0BcXbPWMIlSoAG78gCqZRN6Osa8NCJ0mA8FjODZ8ptJ-vyqgNki19Piiws-lhXUUfNWMhl0icVp8xE44Sjv3bugipODOAbYcC6rZ-mm3Z3YJs0IJsJHQ8fpxOFsJnqZ7HsILsm_uj2yYq1Qoy9rdDhtE1fI-mDYneOhd9QlxhvsMbxxELlxA2T7UmDR3COBjoE7W1M_UUpHjQ_vxPNxQI3MRC0JQF4spCZzXuWvnThHnDGyj2GfFJp5-omIpy2MTDP8ynTzoU8VFEVXOxcxcXaPcHvGPsfXtiF2VOnH-mjzzgsZdfquR5t3_OUG37ZfxM?confirmTime=2101000&confirmRatio=1000000&test-tag=521718267379714&format-type=118&actual-format=10&rnd=1835718058127&pcode-active-testids=710490%2C0%2C92%3B709027%2C0%2C49&banner-sizes=eyI3MjA1NzYwNzM5ODA1NTc1NCI6IjQxOXgxNTAiLCI3MjA1NzYwNzEyNzE0NDM2MSI6IjQxOXgxNTAiLCI3MjA1NzYwNjUzMDU1Nzg3MiI6IjQxOXgxNTAifQ%3D%3D&width=1268&height=150
IP 87.250.250.90:0
GET /rtbcount/1RNVNoML0V0100000000U9nJjBmLTC_shME-eJAtwtBF-zUOB2qFNKrc009Fc4Xe-7GLdLYk6P8CgOn0yKnbRjOv8F5I5Y2ljXn8j3A2o4wGB10mCSnad09XCYnar82oLZBoGrbx6Uz-P60u2kQVPGHfkWecxp8oo30m_6MSnSJ0C9S99BAMAGgaXka_4BnY4j2mNNzPcPkHGVlOxQAOpwmCVvb0BcXbPWMIlSoAG78gCqZRN6Osa8NCJ0mA8FjODZ8ptJ-vyqgNki19Piiws-lhXUUfNWMhl0icVp8xE44Sjv3bugipODOAbYcC6rZ-mm3Z3YJs0IJsJHQ8fpxOFsJnqZ7HsILsm_uj2yYq1Qoy9rdDhtE1fI-mDYneOhd9QlxhvsMbxxELlxA2T7UmDR3COBjoE7W1M_UUpHjQ_vxPNxQI3MRC0JQF4spCZzXuWvnThHnDGyj2GfFJp5-omIpy2MTDP8ynTzoU8VFEVXOxcxcXaPcHvGPsfXtiF2VOnH-mjzzgsZdfquR5t3_OUG37ZfxM?confirmTime=2101000&confirmRatio=1000000&test-tag=521718267379714&format-type=118&actual-format=10&rnd=1835718058127&pcode-active-testids=710490%2C0%2C92%3B709027%2C0%2C49&banner-sizes=eyI3MjA1NzYwNzM5ODA1NTc1NCI6IjQxOXgxNTAiLCI3MjA1NzYwNzEyNzE0NDM2MSI6IjQxOXgxNTAiLCI3MjA1NzYwNjUzMDU1Nzg3MiI6IjQxOXgxNTAifQ%3D%3D&width=1268&height=150 HTTP/1.1
Host: an.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Origin: https://goo.su
Connection: keep-alive
Referer: https://goo.su/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
timing-allow-origin: *
date: Sun, 29 Jan 2023 00:47:55 GMT
access-control-allow-origin: https://goo.su
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Sun, 29 Jan 2023 00:47:55 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
last-modified: Sun, 29 Jan 2023 00:47:55 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: image/gif
content-encoding: gzip
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
an.yandex.ru/count/WNqejI_zOEy0dGi0b1Ci99TN9KyIWGK0xm4GW8200J4vmjLZ000003YKuCm1Y084kG84754Xdf-1Ll02ohNmj0ZGTl050Q06xW791ZdQKjuzxK5lgGSZ2mMSIT_M0lW70T08We20W088gWiGA3slqoCB0G0hnjjoNFE1W820Y0Ie3wEMbBgQwRVh0f0GrlVlsTh3kut10RIDZBu-u1G1y1N1YlRieu-y_6EW5f2bpfu6oHRmFzWMWHUe5mtG627u68ZsuAZPZSUIUe0PYHatrxWP____0S0Pj_Jddwta_SqZqXaIUM5YSrzpPN9sPN8lSZStEIqow1dq2V0PgmUO6jJ3Kx0RIBWR0u8S3L93HJf1DLLsL5LZPZVf780T_t-080A880oo8GatCJ8vDJawDpZG8V___m7L8l__V_-18m0000000F0_4G1yHjCmOo9uSjvtDByTkH5Ao25Dnpi79eRsh3agzrmM4bpITtZq2y3QES59L9FUkdCKDuZ881G0~1=WOGejI_zOB80rGi0L1KFeU7miW66qkYr-f3-n981W06qqfsfticZZak80PUszjcV0P01bFsQnUE0W802c06K_Ph5OxW1eDN_YIRO0TwCogq1u07YjE-i0UW1h0Ju0Sp8thu1c0AeXxu3e0AkhUy1i0FH18W5gF85a0M5vn2m1V2Y1BW5yA84m0N8qGd81S-v0j05tze1g0Rk0Qa78mi5d4dVrWAu1xG6u0U6me201k08rzPtw0a7W0e1-0g0jHZe39C2c0tIbZB0eXA0582WWWJG50te58m2e1QGfSwU1iaMq1ONjRxVCBWN0S0NjTO1e1dk0RWP_m7u6UhSbHo16l__tzpuh6cee1h2dUkJnDwP-1Ee7W6m7m787w-6vLQf83XDdPbf0W50k23UtIco8GatCJ8vDJawDpZL8l__V_-18m3mFuaZcfdPFv0ZjutmZx7RzVRg0PWZlh6bb_ldwlA70Gi088e1ry399PhHF4Kan72mCgOtQgNIAPEXWmvMIhiJ31Pm~1=WNGejI_zO9W0LGi0j1JyPWmxc07KgiFy_EJeeVq1W041Y07oiPN-d06G0TBUxCBXW8200fW1qjximc6u0TZggUibs06gwAYi0U01kCBx4EW13FW1XA_UlW6W0gp8q1QW0mIm0mBe1CO5Y0M9emAG1R2F1B05YeO1k0MAXW701RoH1iW5sSS1q0NGDQW6xW6f1oCB1Pn9tzO2k0U01U07XiA2W0RW29Qag0le2GU02W7u2e2r6EWCamAO3TAMCi2W480KW8201D0KtyEp4EWKZ0AW5f2bpfu6oHRG5fRWuRu1c1UIxh8Hk1S1m1UrrW6W6Uu1k1d___y1-1cXqwifWHh__vC3xX5GjwWU0R0V0iWVbRIKLgaWdHa8nZNpv3-u8DxTAR8X2JSnCZarEJetEDKY__z__u4ZYIEQcPcPcPdPFv0ZsvAB_UxzyTVW0PWZoh2jbeBDgiDY20336oHkkyP8Ae8GXiCACJqd9vMPeMFeK31Om040~1=WN0ejI_zO9y0DGi0H1Grq60ydm64WDs2tRdEokW1W06el8lTk9VcYD01Y07dhRJobG6G0U2UyudTW8200fW1p9xpYLsu0PQLt8ybs06sqSge0U01qettem7e0RO1-07UeDw-0PW2zCVI5g02uE755g031h03amI81Tpd0P05riO2i0MIRhW5acx01Rc01CW5uwm1q0MS8QW6xW6f1oCB1Pn9tzO2k0U01U07f0_2W806u0ZmyA8Bw0a7W0e1w0oJ0fWDqfOoe2Y84W6G4W7e58m2e1QGfSwU1iaMy3_G5fwZthu1c1Ulahakk1S1m1UrrW6W6Uu1k1c16l__gws5lry7e1gYnB7IgBwsX1se7W6m7mF87zkefLIu8DxTAR8X2JSnCZarEJetEDKY__z__u4ZYIEQcPcPcPdPFv0ZY__IkvUyg-iDc2FnrysqrgY9WHK90Ae60kjgExV4y748LsxMmwakEP3lZ7T8AwLp3BQ98W00~1?stat-id=4&test-tag=521718267435569&banner-sizes=eyI3MjA1NzYwNzM5ODA1NTc1NCI6IjQxOXgxNTAiLCI3MjA1NzYwNzEyNzE0NDM2MSI6IjQxOXgxNTAiLCI3MjA1NzYwNjUzMDU1Nzg3MiI6IjQxOXgxNTAifQ%3D%3D&format-type=118&actual-format=10&pcodever=712629&banner-test-tags=eyI3MjA1NzYwNzM5ODA1NTc1NCI6IjcxMjc1MyIsIjcyMDU3NjA3MTI3MTQ0MzYxIjoiNTczNjIiLCI3MjA1NzYwNjUzMDU1Nzg3MiI6IjU3Mzk1In0%3D&order-banners-options=eyI3MjA1NzYwNzM5ODA1NTc1NCI6MjA0OH0&pcode-active-testids=710490%2C0%2C92%3B709027%2C0%2C49&width=1268&height=150&confirmTime=2101000&confirmRatio=1000000&wmode=0
87.250.250.90302 Found 0 B URL HTTP/2 an.yandex.ru/count/WNqejI_zOEy0dGi0b1Ci99TN9KyIWGK0xm4GW8200J4vmjLZ000003YKuCm1Y084kG84754Xdf-1Ll02ohNmj0ZGTl050Q06xW791ZdQKjuzxK5lgGSZ2mMSIT_M0lW70T08We20W088gWiGA3slqoCB0G0hnjjoNFE1W820Y0Ie3wEMbBgQwRVh0f0GrlVlsTh3kut10RIDZBu-u1G1y1N1YlRieu-y_6EW5f2bpfu6oHRmFzWMWHUe5mtG627u68ZsuAZPZSUIUe0PYHatrxWP____0S0Pj_Jddwta_SqZqXaIUM5YSrzpPN9sPN8lSZStEIqow1dq2V0PgmUO6jJ3Kx0RIBWR0u8S3L93HJf1DLLsL5LZPZVf780T_t-080A880oo8GatCJ8vDJawDpZG8V___m7L8l__V_-18m0000000F0_4G1yHjCmOo9uSjvtDByTkH5Ao25Dnpi79eRsh3agzrmM4bpITtZq2y3QES59L9FUkdCKDuZ881G0~1=WOGejI_zOB80rGi0L1KFeU7miW66qkYr-f3-n981W06qqfsfticZZak80PUszjcV0P01bFsQnUE0W802c06K_Ph5OxW1eDN_YIRO0TwCogq1u07YjE-i0UW1h0Ju0Sp8thu1c0AeXxu3e0AkhUy1i0FH18W5gF85a0M5vn2m1V2Y1BW5yA84m0N8qGd81S-v0j05tze1g0Rk0Qa78mi5d4dVrWAu1xG6u0U6me201k08rzPtw0a7W0e1-0g0jHZe39C2c0tIbZB0eXA0582WWWJG50te58m2e1QGfSwU1iaMq1ONjRxVCBWN0S0NjTO1e1dk0RWP_m7u6UhSbHo16l__tzpuh6cee1h2dUkJnDwP-1Ee7W6m7m787w-6vLQf83XDdPbf0W50k23UtIco8GatCJ8vDJawDpZL8l__V_-18m3mFuaZcfdPFv0ZjutmZx7RzVRg0PWZlh6bb_ldwlA70Gi088e1ry399PhHF4Kan72mCgOtQgNIAPEXWmvMIhiJ31Pm~1=WNGejI_zO9W0LGi0j1JyPWmxc07KgiFy_EJeeVq1W041Y07oiPN-d06G0TBUxCBXW8200fW1qjximc6u0TZggUibs06gwAYi0U01kCBx4EW13FW1XA_UlW6W0gp8q1QW0mIm0mBe1CO5Y0M9emAG1R2F1B05YeO1k0MAXW701RoH1iW5sSS1q0NGDQW6xW6f1oCB1Pn9tzO2k0U01U07XiA2W0RW29Qag0le2GU02W7u2e2r6EWCamAO3TAMCi2W480KW8201D0KtyEp4EWKZ0AW5f2bpfu6oHRG5fRWuRu1c1UIxh8Hk1S1m1UrrW6W6Uu1k1d___y1-1cXqwifWHh__vC3xX5GjwWU0R0V0iWVbRIKLgaWdHa8nZNpv3-u8DxTAR8X2JSnCZarEJetEDKY__z__u4ZYIEQcPcPcPdPFv0ZsvAB_UxzyTVW0PWZoh2jbeBDgiDY20336oHkkyP8Ae8GXiCACJqd9vMPeMFeK31Om040~1=WN0ejI_zO9y0DGi0H1Grq60ydm64WDs2tRdEokW1W06el8lTk9VcYD01Y07dhRJobG6G0U2UyudTW8200fW1p9xpYLsu0PQLt8ybs06sqSge0U01qettem7e0RO1-07UeDw-0PW2zCVI5g02uE755g031h03amI81Tpd0P05riO2i0MIRhW5acx01Rc01CW5uwm1q0MS8QW6xW6f1oCB1Pn9tzO2k0U01U07f0_2W806u0ZmyA8Bw0a7W0e1w0oJ0fWDqfOoe2Y84W6G4W7e58m2e1QGfSwU1iaMy3_G5fwZthu1c1Ulahakk1S1m1UrrW6W6Uu1k1c16l__gws5lry7e1gYnB7IgBwsX1se7W6m7mF87zkefLIu8DxTAR8X2JSnCZarEJetEDKY__z__u4ZYIEQcPcPcPdPFv0ZY__IkvUyg-iDc2FnrysqrgY9WHK90Ae60kjgExV4y748LsxMmwakEP3lZ7T8AwLp3BQ98W00~1?stat-id=4&test-tag=521718267435569&banner-sizes=eyI3MjA1NzYwNzM5ODA1NTc1NCI6IjQxOXgxNTAiLCI3MjA1NzYwNzEyNzE0NDM2MSI6IjQxOXgxNTAiLCI3MjA1NzYwNjUzMDU1Nzg3MiI6IjQxOXgxNTAifQ%3D%3D&format-type=118&actual-format=10&pcodever=712629&banner-test-tags=eyI3MjA1NzYwNzM5ODA1NTc1NCI6IjcxMjc1MyIsIjcyMDU3NjA3MTI3MTQ0MzYxIjoiNTczNjIiLCI3MjA1NzYwNjUzMDU1Nzg3MiI6IjU3Mzk1In0%3D&order-banners-options=eyI3MjA1NzYwNzM5ODA1NTc1NCI6MjA0OH0&pcode-active-testids=710490%2C0%2C92%3B709027%2C0%2C49&width=1268&height=150&confirmTime=2101000&confirmRatio=1000000&wmode=0
IP 87.250.250.90:0
GET /count/WNqejI_zOEy0dGi0b1Ci99TN9KyIWGK0xm4GW8200J4vmjLZ000003YKuCm1Y084kG84754Xdf-1Ll02ohNmj0ZGTl050Q06xW791ZdQKjuzxK5lgGSZ2mMSIT_M0lW70T08We20W088gWiGA3slqoCB0G0hnjjoNFE1W820Y0Ie3wEMbBgQwRVh0f0GrlVlsTh3kut10RIDZBu-u1G1y1N1YlRieu-y_6EW5f2bpfu6oHRmFzWMWHUe5mtG627u68ZsuAZPZSUIUe0PYHatrxWP____0S0Pj_Jddwta_SqZqXaIUM5YSrzpPN9sPN8lSZStEIqow1dq2V0PgmUO6jJ3Kx0RIBWR0u8S3L93HJf1DLLsL5LZPZVf780T_t-080A880oo8GatCJ8vDJawDpZG8V___m7L8l__V_-18m0000000F0_4G1yHjCmOo9uSjvtDByTkH5Ao25Dnpi79eRsh3agzrmM4bpITtZq2y3QES59L9FUkdCKDuZ881G0~1=WOGejI_zOB80rGi0L1KFeU7miW66qkYr-f3-n981W06qqfsfticZZak80PUszjcV0P01bFsQnUE0W802c06K_Ph5OxW1eDN_YIRO0TwCogq1u07YjE-i0UW1h0Ju0Sp8thu1c0AeXxu3e0AkhUy1i0FH18W5gF85a0M5vn2m1V2Y1BW5yA84m0N8qGd81S-v0j05tze1g0Rk0Qa78mi5d4dVrWAu1xG6u0U6me201k08rzPtw0a7W0e1-0g0jHZe39C2c0tIbZB0eXA0582WWWJG50te58m2e1QGfSwU1iaMq1ONjRxVCBWN0S0NjTO1e1dk0RWP_m7u6UhSbHo16l__tzpuh6cee1h2dUkJnDwP-1Ee7W6m7m787w-6vLQf83XDdPbf0W50k23UtIco8GatCJ8vDJawDpZL8l__V_-18m3mFuaZcfdPFv0ZjutmZx7RzVRg0PWZlh6bb_ldwlA70Gi088e1ry399PhHF4Kan72mCgOtQgNIAPEXWmvMIhiJ31Pm~1=WNGejI_zO9W0LGi0j1JyPWmxc07KgiFy_EJeeVq1W041Y07oiPN-d06G0TBUxCBXW8200fW1qjximc6u0TZggUibs06gwAYi0U01kCBx4EW13FW1XA_UlW6W0gp8q1QW0mIm0mBe1CO5Y0M9emAG1R2F1B05YeO1k0MAXW701RoH1iW5sSS1q0NGDQW6xW6f1oCB1Pn9tzO2k0U01U07XiA2W0RW29Qag0le2GU02W7u2e2r6EWCamAO3TAMCi2W480KW8201D0KtyEp4EWKZ0AW5f2bpfu6oHRG5fRWuRu1c1UIxh8Hk1S1m1UrrW6W6Uu1k1d___y1-1cXqwifWHh__vC3xX5GjwWU0R0V0iWVbRIKLgaWdHa8nZNpv3-u8DxTAR8X2JSnCZarEJetEDKY__z__u4ZYIEQcPcPcPdPFv0ZsvAB_UxzyTVW0PWZoh2jbeBDgiDY20336oHkkyP8Ae8GXiCACJqd9vMPeMFeK31Om040~1=WN0ejI_zO9y0DGi0H1Grq60ydm64WDs2tRdEokW1W06el8lTk9VcYD01Y07dhRJobG6G0U2UyudTW8200fW1p9xpYLsu0PQLt8ybs06sqSge0U01qettem7e0RO1-07UeDw-0PW2zCVI5g02uE755g031h03amI81Tpd0P05riO2i0MIRhW5acx01Rc01CW5uwm1q0MS8QW6xW6f1oCB1Pn9tzO2k0U01U07f0_2W806u0ZmyA8Bw0a7W0e1w0oJ0fWDqfOoe2Y84W6G4W7e58m2e1QGfSwU1iaMy3_G5fwZthu1c1Ulahakk1S1m1UrrW6W6Uu1k1c16l__gws5lry7e1gYnB7IgBwsX1se7W6m7mF87zkefLIu8DxTAR8X2JSnCZarEJetEDKY__z__u4ZYIEQcPcPcPdPFv0ZY__IkvUyg-iDc2FnrysqrgY9WHK90Ae60kjgExV4y748LsxMmwakEP3lZ7T8AwLp3BQ98W00~1?stat-id=4&test-tag=521718267435569&banner-sizes=eyI3MjA1NzYwNzM5ODA1NTc1NCI6IjQxOXgxNTAiLCI3MjA1NzYwNzEyNzE0NDM2MSI6IjQxOXgxNTAiLCI3MjA1NzYwNjUzMDU1Nzg3MiI6IjQxOXgxNTAifQ%3D%3D&format-type=118&actual-format=10&pcodever=712629&banner-test-tags=eyI3MjA1NzYwNzM5ODA1NTc1NCI6IjcxMjc1MyIsIjcyMDU3NjA3MTI3MTQ0MzYxIjoiNTczNjIiLCI3MjA1NzYwNjUzMDU1Nzg3MiI6IjU3Mzk1In0%3D&order-banners-options=eyI3MjA1NzYwNzM5ODA1NTc1NCI6MjA0OH0&pcode-active-testids=710490%2C0%2C92%3B709027%2C0%2C49&width=1268&height=150&confirmTime=2101000&confirmRatio=1000000&wmode=0 HTTP/1.1
Host: an.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Origin: https://goo.su
Connection: keep-alive
Referer: https://goo.su/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
timing-allow-origin: *
location: https://an.yandex.ru/count/WNqejI_zOEy0dGi0b1Ci99TNANnjrWK0xm4GmO200J4vmjLZ000003YKuCm1Y084kG84754Xdf-1Ll02ohNmj0ZGTl050Q06xW791ZdQKjuzxK5lgGSZ2mMSIT_M0lW70T08We20W088gWiGA3slqoCB0G0hnjjoNFE1W820Y0Ie3wEMbBgQwRVh0f0GrlVlsTh3kut10RIDZBu-u1G1y1N1YlRieu-y_6EW5f2bpfu6oHRmFzWMWHUe5mtG627u68ZsuAZPZSUIUe0PYHatrxWP____0S0Pj_Jddwta_SqZqXaIUM5YSrzpPN9sPN8lSZStEIqow1dq2V0PgmUO6jJ3Kx0RIBWR0u8S3L93HJf1DLLsL5LZPZVf780T_t-080A880oo8GatCJ8vDJawDpZG8V___m7L8l__V_-18m0000000F0_4G1yHjCmOo9uSjvtDByTkH5Ao25Dnpi79eRsh3agzrmM4bpITtZq2y3QES59L9FUkdCKDuZ881G0~1=WN0ejI_zO9y0DGi0H1Grq60ydm64WDs2tRdEokW1W06el8lTk9VcYD01Y07dhRJobG6G0U2UyudTW8200fW1p9xpYLsu0PQLt8ybs06sqSge0U01qettem7e0RO1-07UeDw-0PW2zCVI5g02uE755g031h03amI81Tpd0P05riO2i0MIRhW5acx01Rc01CW5uwm1q0MS8QW6xW6f1oCB1Pn9tzO2k0U01U07f0_2W806u0ZmyA8Bw0a7W0e1w0oJ0fWDqfOoe2Y84W6G4W7e58m2e1QGfSwU1iaMy3_G5fwZthu1c1Ulahakk1S1m1UrrW6W6Uu1k1c16l__gws5lry7e1gYnB7IgBwsX1se7W6m7mF87zkefLIu8DxTAR8X2JSnCZarEJetEDKY__z__u4ZYIEQcPcPcPdPFv0ZY__IkvUyg-iDc2FnrysqrgY9WHK90Ae60kjgExV4y748LsxMmwakEP3lZ7T8AwLp3BQ98W00~1=WNGejI_zO9W0LGi0j1JyPWmxc07KgiFy_EJeeVq1W041Y07oiPN-d06G0TBUxCBXW8200fW1qjximc6u0TZggUibs06gwAYi0U01kCBx4EW13FW1XA_UlW6W0gp8q1QW0mIm0mBe1CO5Y0M9emAG1R2F1B05YeO1k0MAXW701RoH1iW5sSS1q0NGDQW6xW6f1oCB1Pn9tzO2k0U01U07XiA2W0RW29Qag0le2GU02W7u2e2r6EWCamAO3TAMCi2W480KW8201D0KtyEp4EWKZ0AW5f2bpfu6oHRG5fRWuRu1c1UIxh8Hk1S1m1UrrW6W6Uu1k1d___y1-1cXqwifWHh__vC3xX5GjwWU0R0V0iWVbRIKLgaWdHa8nZNpv3-u8DxTAR8X2JSnCZarEJetEDKY__z__u4ZYIEQcPcPcPdPFv0ZsvAB_UxzyTVW0PWZoh2jbeBDgiDY20336oHkkyP8Ae8GXiCACJqd9vMPeMFeK31Om040~1=WOaejI_zOBS0_Gi0f1K_vqj2jm4GW8200ORIwBNwaFx4aW600RJIdQdUoQEEIuW1bxRssPy1a06K_Ph5uu20W0AO0PJzciLZk06WrV-99jW1tepAhG7W0UAqxwm1w06i1FW1pCZUlW6O0gY7lWEW0gwjxm6m0z44Y0MeyWMG1ONd4B05yA84k0NmeWJ01SZH2SW5pxa2q0NVsW6e1ku1gGSZ2mMSIT_M0hW7j0RW1uR2W806u0ZNrdVe2GU02W7u2e2r6EWCamAO3TAMCi2Y4e0KWA221D0K3UWKZ0AW5f2bpfu6oHRG5XUrljymk1S1m1UrrW6W6Uu1k1d_0VWPwjoL784Q___VtFYiQQYW6iATwvF4tfdu4wWU0R0V0SWVhuRbLgaWE4sTcMa20K2u8DxTAR8X2JSnCZarEJetEDKY__z__u4Z0F0_YIEQcTa_a2EtZV2FiTlrzke1c2E-iQMN--VgyeS12m0WYW7NmCabcj4yHSJ4SB0tfZUIfT9fbA63hbPAksCC5dC0~1?stat-id=4&test-tag=521718267435569&banner-sizes=eyI3MjA1NzYwNzM5ODA1NTc1NCI6IjQxOXgxNTAiLCI3MjA1NzYwNzEyNzE0NDM2MSI6IjQxOXgxNTAiLCI3MjA1NzYwNjUzMDU1Nzg3MiI6IjQxOXgxNTAifQ%3D%3D&format-type=118&actual-format=10&pcodever=712629&banner-test-tags=eyI3MjA1NzYwNzM5ODA1NTc1NCI6IjcxMjc1MyIsIjcyMDU3NjA3MTI3MTQ0MzYxIjoiNTczNjIiLCI3MjA1NzYwNjUzMDU1Nzg3MiI6IjU3Mzk1In0%3D&order-banners-options=eyI3MjA1NzYwNzM5ODA1NTc1NCI6MjA0OH0&pcode-active-testids=710490%2C0%2C92%3B709027%2C0%2C49&width=1268&height=150&confirmTime=2101000&confirmRatio=1000000&wmode=0
date: Sun, 29 Jan 2023 00:47:55 GMT
access-control-allow-origin: https://goo.su
set-cookie: yandexuid=8358861931674953275; domain=.yandex.ru; path=/; expires=Wed, 26-Jan-2033 00:47:55 GMT
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
expires: Sun, 29 Jan 2023 00:47:55 GMT
last-modified: Sun, 29 Jan 2023 00:47:55 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-encoding: gzip
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
an.yandex.ru/rtbcount/1PVTf86N0V0100000000U9nJjBmLTC_shME-eJAtwtBF-zUOB2qFNKrc009Fc4Xe-7GLdLYk6P8CgOn0yKnbRjOv8F5I5Y2ljXn8j3A2o4wGB10mCSnad09XCYnar82oLZBoGrbx6Uz-P60u2kQVPMG6abSPGLhlCZB8C33yPPp5nC0mbmaaifOf2gI6wJyGl68IqB1TVrcPcv51-zZjefZFh0n_cK0kQ6Lc1PAzp8f0SYepIDjSPZQGXSnC30eW-rWsCZFTFxdpIfUwm4bcophRw-k5vwbU1Qky2oP_CZiuGHotaENYgpDWrWgMAOmRMFx30ECE9FO19FPD5eYdFjW_PF7ICT7P9NR3_YqBoBG5hBmdMSslSu6bBx0sB6XYkSbg_kldPQNlivM_ie9qTx0riCnWkt8uU05RzvxD6rh_djbVjf8DPim1DeyJRCoFs7Y3d5sj74r3oq92azFCNxB1BFm9PqraZp5tt9uXyyv-5ZkRkQ6HcP7b1dQc7Umy9zZ57x2ttshQEUdJXiNSFzXv0CfgdjW0
87.250.250.90200 OK 0 B URL HTTP/2 an.yandex.ru/rtbcount/1PVTf86N0V0100000000U9nJjBmLTC_shME-eJAtwtBF-zUOB2qFNKrc009Fc4Xe-7GLdLYk6P8CgOn0yKnbRjOv8F5I5Y2ljXn8j3A2o4wGB10mCSnad09XCYnar82oLZBoGrbx6Uz-P60u2kQVPMG6abSPGLhlCZB8C33yPPp5nC0mbmaaifOf2gI6wJyGl68IqB1TVrcPcv51-zZjefZFh0n_cK0kQ6Lc1PAzp8f0SYepIDjSPZQGXSnC30eW-rWsCZFTFxdpIfUwm4bcophRw-k5vwbU1Qky2oP_CZiuGHotaENYgpDWrWgMAOmRMFx30ECE9FO19FPD5eYdFjW_PF7ICT7P9NR3_YqBoBG5hBmdMSslSu6bBx0sB6XYkSbg_kldPQNlivM_ie9qTx0riCnWkt8uU05RzvxD6rh_djbVjf8DPim1DeyJRCoFs7Y3d5sj74r3oq92azFCNxB1BFm9PqraZp5tt9uXyyv-5ZkRkQ6HcP7b1dQc7Umy9zZ57x2ttshQEUdJXiNSFzXv0CfgdjW0
IP 87.250.250.90:0
GET /rtbcount/1PVTf86N0V0100000000U9nJjBmLTC_shME-eJAtwtBF-zUOB2qFNKrc009Fc4Xe-7GLdLYk6P8CgOn0yKnbRjOv8F5I5Y2ljXn8j3A2o4wGB10mCSnad09XCYnar82oLZBoGrbx6Uz-P60u2kQVPMG6abSPGLhlCZB8C33yPPp5nC0mbmaaifOf2gI6wJyGl68IqB1TVrcPcv51-zZjefZFh0n_cK0kQ6Lc1PAzp8f0SYepIDjSPZQGXSnC30eW-rWsCZFTFxdpIfUwm4bcophRw-k5vwbU1Qky2oP_CZiuGHotaENYgpDWrWgMAOmRMFx30ECE9FO19FPD5eYdFjW_PF7ICT7P9NR3_YqBoBG5hBmdMSslSu6bBx0sB6XYkSbg_kldPQNlivM_ie9qTx0riCnWkt8uU05RzvxD6rh_djbVjf8DPim1DeyJRCoFs7Y3d5sj74r3oq92azFCNxB1BFm9PqraZp5tt9uXyyv-5ZkRkQ6HcP7b1dQc7Umy9zZ57x2ttshQEUdJXiNSFzXv0CfgdjW0 HTTP/1.1
Host: an.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Origin: https://goo.su
Connection: keep-alive
Referer: https://goo.su/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
timing-allow-origin: *
date: Sun, 29 Jan 2023 00:47:53 GMT
access-control-allow-origin: https://goo.su
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Sun, 29 Jan 2023 00:47:53 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
last-modified: Sun, 29 Jan 2023 00:47:53 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: image/gif
content-encoding: gzip
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
an.yandex.ru/event_confirmation
87.250.250.90200 OK 0 B URL HTTP/2 an.yandex.ru/event_confirmation
IP 87.250.250.90:0
POST /event_confirmation HTTP/1.1
Host: an.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Content-Length: 296
Origin: https://goo.su
Connection: keep-alive
Referer: https://goo.su/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
timing-allow-origin: *
date: Sun, 29 Jan 2023 00:47:53 GMT
access-control-allow-origin: https://goo.su
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Sun, 29 Jan 2023 00:47:53 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
last-modified: Sun, 29 Jan 2023 00:47:53 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-encoding: gzip
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
mc.yandex.ru/watch/1677322?page-url=https%3A%2F%2Fgoo.su%2FwunD%3F10006039TPMCRY31HAKWLU10249191024919&charset=utf-8&cnt-class=1&hittoken=1674953273_eb0cf57bdeb0cafee5e84693cf0373a84065d065969c74f23b02a1a30fe660fd&browser-info=pv%3A1%3Aar%3A1%3Avf%3A3kqlg6e9sjiwxr6f2njdv%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A960%3Acn%3A1%3Adp%3A0%3Als%3A1404411639727%3Ahid%3A1005851940%3Az%3A0%3Ai%3A20230129004758%3Aet%3A1674953279%3Ac%3A1%3Arn%3A954325653%3Arqn%3A2%3Au%3A1674953278555521155%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Aco%3A0%3Ans%3A1674953275596%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1674953279%3At%3ARedirecting...&t=gdpr(14)mc(p-1-h-1)clc(0-0-0)rqnt(2)aw(1)fip(1)ti(2)
87.250.251.119302 Found 0 B URL HTTP/2 mc.yandex.ru/watch/1677322?page-url=https%3A%2F%2Fgoo.su%2FwunD%3F10006039TPMCRY31HAKWLU10249191024919&charset=utf-8&cnt-class=1&hittoken=1674953273_eb0cf57bdeb0cafee5e84693cf0373a84065d065969c74f23b02a1a30fe660fd&browser-info=pv%3A1%3Aar%3A1%3Avf%3A3kqlg6e9sjiwxr6f2njdv%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A960%3Acn%3A1%3Adp%3A0%3Als%3A1404411639727%3Ahid%3A1005851940%3Az%3A0%3Ai%3A20230129004758%3Aet%3A1674953279%3Ac%3A1%3Arn%3A954325653%3Arqn%3A2%3Au%3A1674953278555521155%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Aco%3A0%3Ans%3A1674953275596%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1674953279%3At%3ARedirecting...&t=gdpr(14)mc(p-1-h-1)clc(0-0-0)rqnt(2)aw(1)fip(1)ti(2)
IP 87.250.251.119:0
GET /watch/1677322?page-url=https%3A%2F%2Fgoo.su%2FwunD%3F10006039TPMCRY31HAKWLU10249191024919&charset=utf-8&cnt-class=1&hittoken=1674953273_eb0cf57bdeb0cafee5e84693cf0373a84065d065969c74f23b02a1a30fe660fd&browser-info=pv%3A1%3Aar%3A1%3Avf%3A3kqlg6e9sjiwxr6f2njdv%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A960%3Acn%3A1%3Adp%3A0%3Als%3A1404411639727%3Ahid%3A1005851940%3Az%3A0%3Ai%3A20230129004758%3Aet%3A1674953279%3Ac%3A1%3Arn%3A954325653%3Arqn%3A2%3Au%3A1674953278555521155%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Aco%3A0%3Ans%3A1674953275596%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1674953279%3At%3ARedirecting...&t=gdpr(14)mc(p-1-h-1)clc(0-0-0)rqnt(2)aw(1)fip(1)ti(2) HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://goo.su
Connection: keep-alive
Referer: https://goo.su/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
location: /watch/1677322/1?page-url=https%3A%2F%2Fgoo.su%2FwunD%3F10006039TPMCRY31HAKWLU10249191024919&charset=utf-8&cnt-class=1&hittoken=1674953273_eb0cf57bdeb0cafee5e84693cf0373a84065d065969c74f23b02a1a30fe660fd&browser-info=pv%3A1%3Aar%3A1%3Avf%3A3kqlg6e9sjiwxr6f2njdv%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A960%3Acn%3A1%3Adp%3A0%3Als%3A1404411639727%3Ahid%3A1005851940%3Az%3A0%3Ai%3A20230129004758%3Aet%3A1674953279%3Ac%3A1%3Arn%3A954325653%3Arqn%3A2%3Au%3A1674953278555521155%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Aco%3A0%3Ans%3A1674953275596%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1674953279%3At%3ARedirecting...&t=gdpr%2814%29mc%28p-1-h-1%29clc%280-0-0%29rqnt%282%29aw%281%29fip%281%29ti%282%29
date: Sun, 29 Jan 2023 00:47:53 GMT
access-control-allow-origin: https://goo.su
set-cookie: yabs-sid=1507352161674953273; Path=/; SameSite=None; Secure
i=Zr20NhD0zRiFWxajbUdCPWq5B5H4vFSEhx0JVb5ALqtOBF2SeypJSlxZO4i3+5+jfqmJd5HHwDZYVtOgFN4vdJwaHzo=; Expires=Wed, 26-Jan-2033 00:47:45 GMT; Domain=.yandex.ru; Path=/; Secure; HttpOnly; SameSite=None
yandexuid=5125201241674953273; Expires=Mon, 29-Jan-2024 00:47:53 GMT; Domain=.yandex.ru; Path=/; SameSite=None; Secure
yuidss=5125201241674953273; Expires=Mon, 29-Jan-2024 00:47:53 GMT; Domain=.yandex.ru; Path=/; SameSite=None; Secure
ymex=1706489273.yc.1674953273#1706489273.yrts.1674953273#1706489273.yrtsi.1674953273; Expires=Mon, 29-Jan-2024 00:47:53 GMT; Domain=.yandex.ru; Path=/; SameSite=None; Secure
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Sun, 29-Jan-2023 00:47:53 GMT
last-modified: Sun, 29-Jan-2023 00:47:53 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
an.yandex.ru/meta/1677322?target-ref=https%3A%2F%2Fgoo.su%2FwunD%3F10006039TPMCRY31HAKWLU10249191024919&charset=utf-8&pcode-test-ids=657518%2C0%2C88%3B712232%2C0%2C48%3B706838%2C0%2C95%3B712202%2C0%2C87%3B707670%2C0%2C55%3B709027%2C0%2C49%3B710490%2C0%2C92%3B710388%2C0%2C55%3B712532%2C0%2C24%3B710373%2C0%2C36&pcode-flags-map=eJytWNtu2zgQ%2FZWFn4uu7pe%2BURJlE9ZtScqOWxSEm7iJF7ks0qSbTdF%2F3yEp25KS0E12gSJ1FM3hcObMmRn%2FmJBpVVMsSsIYzkSGOBINoqhkIq%2BpWJAM14JUIq3LpJ58%2BPRj8n19eb%2BZfJhsHv6avJvcbb7dkTP41Y8tz%2FcnPz%2B%2FmywQExT%2F0WLGxaJEjchpXQqUsYE9py3uAwR26ESWAsAVSgo8Ohw%2B5KQiHIN%2F6ZzNai6WhM%2FqlgsEvnNm8i7w%2FSByXw3%2BfyCjohANrbM25ezpMa%2BDxgD5yrz0QGRe4MwlpEIUKMGFggKQBFUVpubsBK7rhX1fKrwUbA7W8E8C1ijDVDQFWo2gxg5FvhPHe4dI1aApFoyTdL4SGWESPFNRS2Rqs7w%2BgccUp1wwXBQDaHzSDKFD2zlAt2zoZYWqpjXfMrZDy9sD8BmFaGFKZZhywVq6wCsIOSRxKggTFdBkgQqSHQF1Aj%2Fag6JMRn8ledsh8VqXSVczRrDQCr0oPIAVBXhYV8VKNG1SkFSghqi0QkoYh8o2o9m25dsHcnBNYEwZqauBJbxpe9HQ1rFtHey2Il361cll0ze9u73f9Mw8J3JjXeYyP4wpBo5sxpzpGcl7YVyJOmEY0jGi2vX6y%2BVmYOkGTqzjlZMTkLlKzDCZzriouPlIz3djHZoVqjJ8ImgrsrpEpDLKoBU6brA%2FL6H1HJyFs8SUjngytrRDPwqePVCWBackMZo7thVo6n7ElSPyFipoSTIQMVJChRltPcitdbDtqlAkNZVJpSgjLfvtFxFWSPqtHQZ%2BLtHKqJ%2B%2B54ZdnLNc1gBr6gqIwUmJoUYGpo5lWUNbz3L1nZu0zrAsKIYro6j6ng8wHZWktlAsubs7T0hJMZp7Yeg8NQd5gJ9LWUTAzrcg7BwAQWkH2XKt560LjGglStm9F4gSNLq3MzjUt6wuyg0lNSV8JZIVtBG8bGpqDlgQBl3t7XjRyXHKjELvg5hGPUaCYKYItBREPU0hS8ygEn7s%2BrY9sFUsZvue34COkmpqBvF8T3ue1m3Fgcp81WDhmr0GffV76SlpCnFiJCEFRM18XBwGL1qCSosUFHp%2B5PQdRtkWnOjOLEBgcwJdkchL5Cg1V3McOWHY86MD0TMDNBsgm2zTCYwgsmI4rYviSM%2B2HM%2FVrJtSlDjmd4Gi1uFdwcjHgb%2B%2B7Vim95%2BpfNt%2FwWJHjhlW7YfiDDOYaI3%2B2b4TaGs5HFCcg%2BbMYH6ZktRsF7mdwKq%2BTUtZQRRXu77XUJyYJT4AjXbsQSlBD6TA6wqqaYYhH1K2WUplh2PMqESBHdue9qdnhJpGXmUKpWE2duzYH3gyI1xdowcGwZzz2uyFGzrOYEZNm1KUOCNIAAjiZKGavBkjdoeTf9qk%2FxljNIZnOEdQUa%2BcwD3fCoJBmFiJKBcwqLVYgh9Lkh8EwWEr0gPlyDM9X9ZyRFXDpGDFEa9CO%2ByqMZVzcl11LES51DiSw%2FqG9UBupmMYxUG8H8VySgAGJkltTxSZXmGfzJ%2BU%2BhOLIHY7zvYsXrtqBmHsWeEeBfpgJhFK88mRF9jjkzXJzGc5juWMq0zOcr9UHVHg2e5OM2AkgiUQrgqkEa5j6RlN9QQ9bj1dw57ghZH79BZ8ar4DpCk6WB0kn4kG2gl0VthPF7gc9%2BTJ12%2Fi7ub%2B9GK0IlmRM14Etew%2Bk8dujT6SHNiQuuKFdXtfqmoxrNoyORIU6JjdiK%2BLE%2Fa9RnCq2tuxhhvEsefqo0eO50Wt1yh9zSMgUVeQL4Eong%2BDu30QV%2BsHcbHZnl%2FcvQBHKinoc5ygRMA%2BYXICFtcoHKiCFpblDAjb465cWvXi2UK7VEs2THMYNNYoFqFted1cRKnQnZO3MIBq0VGBVvrWTmdHd07vsKSrLyT234%2BACjYISDpA6Ag7Wj6dLkRUdd6FbKF6JNz15IJU4BEihRybYMVGR1frIHKjbm5i2Xy8XMozLWfsRScODFqKPFBdASw5gSTosM%2FpeCM4vbsc7fRBN8%2FIiCwaRAzrQAhL0MA4tpzDFwLdkPc2Y6kOCPgxk5MyKWUs94Oi%2BlIQcykaB%2FaY%2BfgG7FcAJm2eAxYuG5itC0B85rq%2B4bKdvdLgN8SrQB9XqscKtXr2jX5Mvm7uTi%2FK9e359robXq9uvmwvN%2Bx0fbm9Pp98cH6OSqvbsPrTBWyiIilkfAoypO6nydV6e%2Fn%2B9h7C88%2F6%2BmzzAJ9%2F316tzzffBo%2FO11fqydnj5lq%2Fvv6%2BvbvRH6%2Fe9345u952TyXyHgEe3K4fL28eL7o%2FP97q%2F%2B9v1%2B%2BvN39%2Fe%2FLCn%2Bubq60y%2Ffz8FfuNUE5Du5lddsRB%2BtV9RhLkRtFh3X%2BmQH13XKC%2Bkomf%2FwK%2Bj7p7&pcode-icookie=Fw1mEvJ%2FnJXMukO%2Fq9aPtVLdxK3nuA6q%2Biy2dbSeZRgG9UebwTt72oo64tmQ8oMps3ritMX%2BNfxCkZEIz88WH06Ofaw%3D&imp-id=1&enable-flat-highlight=1&comboblock-unencoded-vast=1&test-tag=521718267379714&ad-session-id=1164051674953277186&target-id=4439691&tga-with-creatives=1&top-ancestor=https%3A%2F%2Fgoo.su&top-ancestor-undetermined=0&pcode-version=712629&pcodever=712629&flash-ver=0&available-width=145&layout-config=%7B%22win_width%22%3A1280%2C%22win_height%22%3A939%2C%22pixel_ratio%22%3A1%2C%22bandwidth%22%3A-1%2C%22isInIframe%22%3Afalse%2C%22w%22%3A1268%2C%22h%22%3A939%2C%22width%22%3A145%2C%22height%22%3A0%2C%22visible%22%3A1%2C%22fullscreenHeaderHeight%22%3A80%2C%22left%22%3A561%2C%22top%22%3A129%2C%22ad_no%22%3A0%2C%22darkTheme%22%3Afalse%2C%22req_no%22%3A0%7D&grab-orig-len=384&grab=eyJncmFiX3ZlcnNpb24iOjIsImlzX2FzeW5jIjoxLCJvbGRfZ3JhYl9zaXplIjo1Nn0Kgq6-kTvf80MM9dSIvWpXyDVKKJWAv3dMTrXf_RCJBARtWiSSJVXo23A4YeY8-OPWXpz1OEmSuvgwzkkG-114gvShwyVzD5l2vhdm6JALc4nLZXbCZcKiVHWVqsa84yBy4RbzMSRjYGW68Y3mfg49jQ8pQjU4-GfElzUpMZeUi6GSR07MWczGaz7RJ-eusvVSybEuT2SxZq26n1jNhkO3eH7OPuXMzjrf7LHPYkNozC2OGZnIHp3eeOAfQUXZfOVfixc0G7Xen9VvXcBDK1MqM2lNyB1g7Gi_ApI2EAhEZASpR2QA2yhMVBSQgv8%3D&uniformat=true&callback=Ya%5B3673144756207%5D
87.250.250.90200 OK 0 B URL HTTP/2 an.yandex.ru/meta/1677322?target-ref=https%3A%2F%2Fgoo.su%2FwunD%3F10006039TPMCRY31HAKWLU10249191024919&charset=utf-8&pcode-test-ids=657518%2C0%2C88%3B712232%2C0%2C48%3B706838%2C0%2C95%3B712202%2C0%2C87%3B707670%2C0%2C55%3B709027%2C0%2C49%3B710490%2C0%2C92%3B710388%2C0%2C55%3B712532%2C0%2C24%3B710373%2C0%2C36&pcode-flags-map=eJytWNtu2zgQ%2FZWFn4uu7pe%2BURJlE9ZtScqOWxSEm7iJF7ks0qSbTdF%2F3yEp25KS0E12gSJ1FM3hcObMmRn%2FmJBpVVMsSsIYzkSGOBINoqhkIq%2BpWJAM14JUIq3LpJ58%2BPRj8n19eb%2BZfJhsHv6avJvcbb7dkTP41Y8tz%2FcnPz%2B%2FmywQExT%2F0WLGxaJEjchpXQqUsYE9py3uAwR26ESWAsAVSgo8Ohw%2B5KQiHIN%2F6ZzNai6WhM%2FqlgsEvnNm8i7w%2FSByXw3%2BfyCjohANrbM25ezpMa%2BDxgD5yrz0QGRe4MwlpEIUKMGFggKQBFUVpubsBK7rhX1fKrwUbA7W8E8C1ijDVDQFWo2gxg5FvhPHe4dI1aApFoyTdL4SGWESPFNRS2Rqs7w%2BgccUp1wwXBQDaHzSDKFD2zlAt2zoZYWqpjXfMrZDy9sD8BmFaGFKZZhywVq6wCsIOSRxKggTFdBkgQqSHQF1Aj%2Fag6JMRn8ledsh8VqXSVczRrDQCr0oPIAVBXhYV8VKNG1SkFSghqi0QkoYh8o2o9m25dsHcnBNYEwZqauBJbxpe9HQ1rFtHey2Il361cll0ze9u73f9Mw8J3JjXeYyP4wpBo5sxpzpGcl7YVyJOmEY0jGi2vX6y%2BVmYOkGTqzjlZMTkLlKzDCZzriouPlIz3djHZoVqjJ8ImgrsrpEpDLKoBU6brA%2FL6H1HJyFs8SUjngytrRDPwqePVCWBackMZo7thVo6n7ElSPyFipoSTIQMVJChRltPcitdbDtqlAkNZVJpSgjLfvtFxFWSPqtHQZ%2BLtHKqJ%2B%2B54ZdnLNc1gBr6gqIwUmJoUYGpo5lWUNbz3L1nZu0zrAsKIYro6j6ng8wHZWktlAsubs7T0hJMZp7Yeg8NQd5gJ9LWUTAzrcg7BwAQWkH2XKt560LjGglStm9F4gSNLq3MzjUt6wuyg0lNSV8JZIVtBG8bGpqDlgQBl3t7XjRyXHKjELvg5hGPUaCYKYItBREPU0hS8ygEn7s%2BrY9sFUsZvue34COkmpqBvF8T3ue1m3Fgcp81WDhmr0GffV76SlpCnFiJCEFRM18XBwGL1qCSosUFHp%2B5PQdRtkWnOjOLEBgcwJdkchL5Cg1V3McOWHY86MD0TMDNBsgm2zTCYwgsmI4rYviSM%2B2HM%2FVrJtSlDjmd4Gi1uFdwcjHgb%2B%2B7Vim95%2BpfNt%2FwWJHjhlW7YfiDDOYaI3%2B2b4TaGs5HFCcg%2BbMYH6ZktRsF7mdwKq%2BTUtZQRRXu77XUJyYJT4AjXbsQSlBD6TA6wqqaYYhH1K2WUplh2PMqESBHdue9qdnhJpGXmUKpWE2duzYH3gyI1xdowcGwZzz2uyFGzrOYEZNm1KUOCNIAAjiZKGavBkjdoeTf9qk%2FxljNIZnOEdQUa%2BcwD3fCoJBmFiJKBcwqLVYgh9Lkh8EwWEr0gPlyDM9X9ZyRFXDpGDFEa9CO%2ByqMZVzcl11LES51DiSw%2FqG9UBupmMYxUG8H8VySgAGJkltTxSZXmGfzJ%2BU%2BhOLIHY7zvYsXrtqBmHsWeEeBfpgJhFK88mRF9jjkzXJzGc5juWMq0zOcr9UHVHg2e5OM2AkgiUQrgqkEa5j6RlN9QQ9bj1dw57ghZH79BZ8ar4DpCk6WB0kn4kG2gl0VthPF7gc9%2BTJ12%2Fi7ub%2B9GK0IlmRM14Etew%2Bk8dujT6SHNiQuuKFdXtfqmoxrNoyORIU6JjdiK%2BLE%2Fa9RnCq2tuxhhvEsefqo0eO50Wt1yh9zSMgUVeQL4Eong%2BDu30QV%2BsHcbHZnl%2FcvQBHKinoc5ygRMA%2BYXICFtcoHKiCFpblDAjb465cWvXi2UK7VEs2THMYNNYoFqFted1cRKnQnZO3MIBq0VGBVvrWTmdHd07vsKSrLyT234%2BACjYISDpA6Ag7Wj6dLkRUdd6FbKF6JNz15IJU4BEihRybYMVGR1frIHKjbm5i2Xy8XMozLWfsRScODFqKPFBdASw5gSTosM%2FpeCM4vbsc7fRBN8%2FIiCwaRAzrQAhL0MA4tpzDFwLdkPc2Y6kOCPgxk5MyKWUs94Oi%2BlIQcykaB%2FaY%2BfgG7FcAJm2eAxYuG5itC0B85rq%2B4bKdvdLgN8SrQB9XqscKtXr2jX5Mvm7uTi%2FK9e359robXq9uvmwvN%2Bx0fbm9Pp98cH6OSqvbsPrTBWyiIilkfAoypO6nydV6e%2Fn%2B9h7C88%2F6%2BmzzAJ9%2F316tzzffBo%2FO11fqydnj5lq%2Fvv6%2BvbvRH6%2Fe9345u952TyXyHgEe3K4fL28eL7o%2FP97q%2F%2B9v1%2B%2BvN39%2Fe%2FLCn%2Bubq60y%2Ffz8FfuNUE5Du5lddsRB%2BtV9RhLkRtFh3X%2BmQH13XKC%2Bkomf%2FwK%2Bj7p7&pcode-icookie=Fw1mEvJ%2FnJXMukO%2Fq9aPtVLdxK3nuA6q%2Biy2dbSeZRgG9UebwTt72oo64tmQ8oMps3ritMX%2BNfxCkZEIz88WH06Ofaw%3D&imp-id=1&enable-flat-highlight=1&comboblock-unencoded-vast=1&test-tag=521718267379714&ad-session-id=1164051674953277186&target-id=4439691&tga-with-creatives=1&top-ancestor=https%3A%2F%2Fgoo.su&top-ancestor-undetermined=0&pcode-version=712629&pcodever=712629&flash-ver=0&available-width=145&layout-config=%7B%22win_width%22%3A1280%2C%22win_height%22%3A939%2C%22pixel_ratio%22%3A1%2C%22bandwidth%22%3A-1%2C%22isInIframe%22%3Afalse%2C%22w%22%3A1268%2C%22h%22%3A939%2C%22width%22%3A145%2C%22height%22%3A0%2C%22visible%22%3A1%2C%22fullscreenHeaderHeight%22%3A80%2C%22left%22%3A561%2C%22top%22%3A129%2C%22ad_no%22%3A0%2C%22darkTheme%22%3Afalse%2C%22req_no%22%3A0%7D&grab-orig-len=384&grab=eyJncmFiX3ZlcnNpb24iOjIsImlzX2FzeW5jIjoxLCJvbGRfZ3JhYl9zaXplIjo1Nn0Kgq6-kTvf80MM9dSIvWpXyDVKKJWAv3dMTrXf_RCJBARtWiSSJVXo23A4YeY8-OPWXpz1OEmSuvgwzkkG-114gvShwyVzD5l2vhdm6JALc4nLZXbCZcKiVHWVqsa84yBy4RbzMSRjYGW68Y3mfg49jQ8pQjU4-GfElzUpMZeUi6GSR07MWczGaz7RJ-eusvVSybEuT2SxZq26n1jNhkO3eH7OPuXMzjrf7LHPYkNozC2OGZnIHp3eeOAfQUXZfOVfixc0G7Xen9VvXcBDK1MqM2lNyB1g7Gi_ApI2EAhEZASpR2QA2yhMVBSQgv8%3D&uniformat=true&callback=Ya%5B3673144756207%5D
IP 87.250.250.90:0
GET /meta/1677322?target-ref=https%3A%2F%2Fgoo.su%2FwunD%3F10006039TPMCRY31HAKWLU10249191024919&charset=utf-8&pcode-test-ids=657518%2C0%2C88%3B712232%2C0%2C48%3B706838%2C0%2C95%3B712202%2C0%2C87%3B707670%2C0%2C55%3B709027%2C0%2C49%3B710490%2C0%2C92%3B710388%2C0%2C55%3B712532%2C0%2C24%3B710373%2C0%2C36&pcode-flags-map=eJytWNtu2zgQ%2FZWFn4uu7pe%2BURJlE9ZtScqOWxSEm7iJF7ks0qSbTdF%2F3yEp25KS0E12gSJ1FM3hcObMmRn%2FmJBpVVMsSsIYzkSGOBINoqhkIq%2BpWJAM14JUIq3LpJ58%2BPRj8n19eb%2BZfJhsHv6avJvcbb7dkTP41Y8tz%2FcnPz%2B%2FmywQExT%2F0WLGxaJEjchpXQqUsYE9py3uAwR26ESWAsAVSgo8Ohw%2B5KQiHIN%2F6ZzNai6WhM%2FqlgsEvnNm8i7w%2FSByXw3%2BfyCjohANrbM25ezpMa%2BDxgD5yrz0QGRe4MwlpEIUKMGFggKQBFUVpubsBK7rhX1fKrwUbA7W8E8C1ijDVDQFWo2gxg5FvhPHe4dI1aApFoyTdL4SGWESPFNRS2Rqs7w%2BgccUp1wwXBQDaHzSDKFD2zlAt2zoZYWqpjXfMrZDy9sD8BmFaGFKZZhywVq6wCsIOSRxKggTFdBkgQqSHQF1Aj%2Fag6JMRn8ledsh8VqXSVczRrDQCr0oPIAVBXhYV8VKNG1SkFSghqi0QkoYh8o2o9m25dsHcnBNYEwZqauBJbxpe9HQ1rFtHey2Il361cll0ze9u73f9Mw8J3JjXeYyP4wpBo5sxpzpGcl7YVyJOmEY0jGi2vX6y%2BVmYOkGTqzjlZMTkLlKzDCZzriouPlIz3djHZoVqjJ8ImgrsrpEpDLKoBU6brA%2FL6H1HJyFs8SUjngytrRDPwqePVCWBackMZo7thVo6n7ElSPyFipoSTIQMVJChRltPcitdbDtqlAkNZVJpSgjLfvtFxFWSPqtHQZ%2BLtHKqJ%2B%2B54ZdnLNc1gBr6gqIwUmJoUYGpo5lWUNbz3L1nZu0zrAsKIYro6j6ng8wHZWktlAsubs7T0hJMZp7Yeg8NQd5gJ9LWUTAzrcg7BwAQWkH2XKt560LjGglStm9F4gSNLq3MzjUt6wuyg0lNSV8JZIVtBG8bGpqDlgQBl3t7XjRyXHKjELvg5hGPUaCYKYItBREPU0hS8ygEn7s%2BrY9sFUsZvue34COkmpqBvF8T3ue1m3Fgcp81WDhmr0GffV76SlpCnFiJCEFRM18XBwGL1qCSosUFHp%2B5PQdRtkWnOjOLEBgcwJdkchL5Cg1V3McOWHY86MD0TMDNBsgm2zTCYwgsmI4rYviSM%2B2HM%2FVrJtSlDjmd4Gi1uFdwcjHgb%2B%2B7Vim95%2BpfNt%2FwWJHjhlW7YfiDDOYaI3%2B2b4TaGs5HFCcg%2BbMYH6ZktRsF7mdwKq%2BTUtZQRRXu77XUJyYJT4AjXbsQSlBD6TA6wqqaYYhH1K2WUplh2PMqESBHdue9qdnhJpGXmUKpWE2duzYH3gyI1xdowcGwZzz2uyFGzrOYEZNm1KUOCNIAAjiZKGavBkjdoeTf9qk%2FxljNIZnOEdQUa%2BcwD3fCoJBmFiJKBcwqLVYgh9Lkh8EwWEr0gPlyDM9X9ZyRFXDpGDFEa9CO%2ByqMZVzcl11LES51DiSw%2FqG9UBupmMYxUG8H8VySgAGJkltTxSZXmGfzJ%2BU%2BhOLIHY7zvYsXrtqBmHsWeEeBfpgJhFK88mRF9jjkzXJzGc5juWMq0zOcr9UHVHg2e5OM2AkgiUQrgqkEa5j6RlN9QQ9bj1dw57ghZH79BZ8ar4DpCk6WB0kn4kG2gl0VthPF7gc9%2BTJ12%2Fi7ub%2B9GK0IlmRM14Etew%2Bk8dujT6SHNiQuuKFdXtfqmoxrNoyORIU6JjdiK%2BLE%2Fa9RnCq2tuxhhvEsefqo0eO50Wt1yh9zSMgUVeQL4Eong%2BDu30QV%2BsHcbHZnl%2FcvQBHKinoc5ygRMA%2BYXICFtcoHKiCFpblDAjb465cWvXi2UK7VEs2THMYNNYoFqFted1cRKnQnZO3MIBq0VGBVvrWTmdHd07vsKSrLyT234%2BACjYISDpA6Ag7Wj6dLkRUdd6FbKF6JNz15IJU4BEihRybYMVGR1frIHKjbm5i2Xy8XMozLWfsRScODFqKPFBdASw5gSTosM%2FpeCM4vbsc7fRBN8%2FIiCwaRAzrQAhL0MA4tpzDFwLdkPc2Y6kOCPgxk5MyKWUs94Oi%2BlIQcykaB%2FaY%2BfgG7FcAJm2eAxYuG5itC0B85rq%2B4bKdvdLgN8SrQB9XqscKtXr2jX5Mvm7uTi%2FK9e359robXq9uvmwvN%2Bx0fbm9Pp98cH6OSqvbsPrTBWyiIilkfAoypO6nydV6e%2Fn%2B9h7C88%2F6%2BmzzAJ9%2F316tzzffBo%2FO11fqydnj5lq%2Fvv6%2BvbvRH6%2Fe9345u952TyXyHgEe3K4fL28eL7o%2FP97q%2F%2B9v1%2B%2BvN39%2Fe%2FLCn%2Bubq60y%2Ffz8FfuNUE5Du5lddsRB%2BtV9RhLkRtFh3X%2BmQH13XKC%2Bkomf%2FwK%2Bj7p7&pcode-icookie=Fw1mEvJ%2FnJXMukO%2Fq9aPtVLdxK3nuA6q%2Biy2dbSeZRgG9UebwTt72oo64tmQ8oMps3ritMX%2BNfxCkZEIz88WH06Ofaw%3D&imp-id=1&enable-flat-highlight=1&comboblock-unencoded-vast=1&test-tag=521718267379714&ad-session-id=1164051674953277186&target-id=4439691&tga-with-creatives=1&top-ancestor=https%3A%2F%2Fgoo.su&top-ancestor-undetermined=0&pcode-version=712629&pcodever=712629&flash-ver=0&available-width=145&layout-config=%7B%22win_width%22%3A1280%2C%22win_height%22%3A939%2C%22pixel_ratio%22%3A1%2C%22bandwidth%22%3A-1%2C%22isInIframe%22%3Afalse%2C%22w%22%3A1268%2C%22h%22%3A939%2C%22width%22%3A145%2C%22height%22%3A0%2C%22visible%22%3A1%2C%22fullscreenHeaderHeight%22%3A80%2C%22left%22%3A561%2C%22top%22%3A129%2C%22ad_no%22%3A0%2C%22darkTheme%22%3Afalse%2C%22req_no%22%3A0%7D&grab-orig-len=384&grab=eyJncmFiX3ZlcnNpb24iOjIsImlzX2FzeW5jIjoxLCJvbGRfZ3JhYl9zaXplIjo1Nn0Kgq6-kTvf80MM9dSIvWpXyDVKKJWAv3dMTrXf_RCJBARtWiSSJVXo23A4YeY8-OPWXpz1OEmSuvgwzkkG-114gvShwyVzD5l2vhdm6JALc4nLZXbCZcKiVHWVqsa84yBy4RbzMSRjYGW68Y3mfg49jQ8pQjU4-GfElzUpMZeUi6GSR07MWczGaz7RJ-eusvVSybEuT2SxZq26n1jNhkO3eH7OPuXMzjrf7LHPYkNozC2OGZnIHp3eeOAfQUXZfOVfixc0G7Xen9VvXcBDK1MqM2lNyB1g7Gi_ApI2EAhEZASpR2QA2yhMVBSQgv8%3D&uniformat=true&callback=Ya%5B3673144756207%5D HTTP/1.1
Host: an.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Origin: https://goo.su
Connection: keep-alive
Referer: https://goo.su/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
uniformat: true
uniformat-product-type: Direct
content-encoding: gzip
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
access-control-allow-origin: https://goo.su
x-xss-protection: 1; mode=block
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
x-yandex-req-id: 1674953272480723-592131246385034571500102-production-app-host-sas-pcode-233
last-modified: Sun, 29 Jan 2023 00:47:52 GMT
date: Sun, 29 Jan 2023 00:47:52 GMT
set-cookie: yabs-vdrf=A0; domain=an.yandex.ru; path=/; expires=Sun, 05-Feb-2023 00:47:52 GMT
i=g7AUyoMWnohTBX+77XXrFTd8AOqcrLYYqny+q3AyHsxa1fDG0SCJk8X1dcg6/7E+6EZ79UhkxZKvQVgpvNik8k9H72c=; Expires=Tue, 28-Jan-2025 00:47:52 GMT; Domain=.yandex.ru; Path=/; Secure; HttpOnly; SameSite=None
content-type: application/json
pragma: no-cache
access-control-allow-credentials: true
timing-allow-origin: *
ssr: true
strict-transport-security: max-age=31536000
expires: Sun, 29 Jan 2023 00:47:52 GMT
X-Firefox-Spdy: h2
an.yandex.ru/rtbcount/1IIwTv-U0Ve100000000U9nJjAYoiphDVwNDK9bxgupA_MjCbXQ7hYOp084dJ2Gq_CLllrYk6P8CgOn0yKnbRbqEa7WfY5TR3YHQ6K5a9uWF14mCCnadyK3O2nclGKLNCcw4C1WsWaG-i0A9lOolCjaPZe9bpZ8o0ychZ239kumCCWmCVnbdCJ4mp6K2YQnbYWAfOVeF1A-O1C8oxaWgSpCoF4ouL1JpcPNXBnCBo1dC84DxcHM1v5HcaBQvp6mWgvcP61H0DhDiP6QwVtBdbIvrWPFC5eToRiqFFyLn5QpoBfZyoUpWn0znEClSLsV0h1KiaoGtiFo70SOTIEm3IEoRB13lVR1_oEAbOwApI-o6_LiMaDSMiFAUPEMQmGMMli3QqD30SfFL_DVFoqhVPoj_PGNfxc1hO9d1TkLmy0AsxZsRDxJ-FRE_R2KRp9W3R1uds9WViV46ERjQ6PIL58U49gUPlsI3MVWJpfh87cFkk3r3vftzB7OsSqCZCoFB3UnCEzXvJh2BFs1llzMqSzAd3OkvVx3p001l2AAB
87.250.250.90200 OK 0 B URL HTTP/2 an.yandex.ru/rtbcount/1IIwTv-U0Ve100000000U9nJjAYoiphDVwNDK9bxgupA_MjCbXQ7hYOp084dJ2Gq_CLllrYk6P8CgOn0yKnbRbqEa7WfY5TR3YHQ6K5a9uWF14mCCnadyK3O2nclGKLNCcw4C1WsWaG-i0A9lOolCjaPZe9bpZ8o0ychZ239kumCCWmCVnbdCJ4mp6K2YQnbYWAfOVeF1A-O1C8oxaWgSpCoF4ouL1JpcPNXBnCBo1dC84DxcHM1v5HcaBQvp6mWgvcP61H0DhDiP6QwVtBdbIvrWPFC5eToRiqFFyLn5QpoBfZyoUpWn0znEClSLsV0h1KiaoGtiFo70SOTIEm3IEoRB13lVR1_oEAbOwApI-o6_LiMaDSMiFAUPEMQmGMMli3QqD30SfFL_DVFoqhVPoj_PGNfxc1hO9d1TkLmy0AsxZsRDxJ-FRE_R2KRp9W3R1uds9WViV46ERjQ6PIL58U49gUPlsI3MVWJpfh87cFkk3r3vftzB7OsSqCZCoFB3UnCEzXvJh2BFs1llzMqSzAd3OkvVx3p001l2AAB
IP 87.250.250.90:0
GET /rtbcount/1IIwTv-U0Ve100000000U9nJjAYoiphDVwNDK9bxgupA_MjCbXQ7hYOp084dJ2Gq_CLllrYk6P8CgOn0yKnbRbqEa7WfY5TR3YHQ6K5a9uWF14mCCnadyK3O2nclGKLNCcw4C1WsWaG-i0A9lOolCjaPZe9bpZ8o0ychZ239kumCCWmCVnbdCJ4mp6K2YQnbYWAfOVeF1A-O1C8oxaWgSpCoF4ouL1JpcPNXBnCBo1dC84DxcHM1v5HcaBQvp6mWgvcP61H0DhDiP6QwVtBdbIvrWPFC5eToRiqFFyLn5QpoBfZyoUpWn0znEClSLsV0h1KiaoGtiFo70SOTIEm3IEoRB13lVR1_oEAbOwApI-o6_LiMaDSMiFAUPEMQmGMMli3QqD30SfFL_DVFoqhVPoj_PGNfxc1hO9d1TkLmy0AsxZsRDxJ-FRE_R2KRp9W3R1uds9WViV46ERjQ6PIL58U49gUPlsI3MVWJpfh87cFkk3r3vftzB7OsSqCZCoFB3UnCEzXvJh2BFs1llzMqSzAd3OkvVx3p001l2AAB HTTP/1.1
Host: an.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Origin: https://goo.su
Connection: keep-alive
Referer: https://goo.su/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
timing-allow-origin: *
date: Sun, 29 Jan 2023 00:47:53 GMT
access-control-allow-origin: https://goo.su
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Sun, 29 Jan 2023 00:47:53 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
last-modified: Sun, 29 Jan 2023 00:47:53 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: image/gif
content-encoding: gzip
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2