{"report_id":"75d077d6-3a3a-42c2-a4d7-bc0fa1dfae74","version":6,"status":"done","tags":[],"date":"2023-12-02T20:09:36Z","url":{"schema":"http","addr":"goo.su/F0KU","fqdn":"goo.su","domain":"goo.su","tld":"su"},"ip":{"addr":"172.67.139.105","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"United States","country_code":"US"},"final":{"url":{"schema":"https","addr":"goo.su/F0KU","fqdn":"goo.su","domain":"goo.su","tld":"su"},"title":"Redirecting..."},"submit":{"url":{"schema":"","addr":"","fqdn":"","domain":"","tld":""},"ip":{"addr":"","port":0,"asn":0,"as":"","country":"","country_code":""},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2026-10-26T09:29:26Z","useragent":"Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0","referer":"","cookies":null,"exit_node":"default"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":0}},"detection":{"ids":null,"analyzer":null,"urlquery":null},"summary":[{"fqdn":"enduresopens.com","ip":{"addr":"23.109.248.102","port":443,"asn":7979,"as":"SERVERS-COM","country":"Netherlands","country_code":"NL"},"domain_registered":"2023-08-31","domain_rank":0,"first_seen":"2023-08-31 14:06:40","last_seen":"2023-11-30 22:55:36","alert_count":0,"request_count":1,"received_data":1456,"sent_data":411,"comment":"","tags":null,"fingerprints":null},{"fqdn":"richinfo.co","ip":{"addr":"5.200.15.240","port":443,"asn":49544,"as":"i3D.net B.V","country":"Netherlands","country_code":"NL"},"domain_registered":"2019-06-20","domain_rank":285236,"first_seen":"2019-06-26 15:58:03","last_seen":"2023-12-02 20:00:14","alert_count":0,"request_count":1,"received_data":46279,"sent_data":457,"comment":"","tags":null,"fingerprints":null},{"fqdn":"fonts.gstatic.com","ip":{"addr":"216.58.207.227","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"2008-02-11","domain_rank":0,"first_seen":"2014-09-09 02:40:21","last_seen":"2023-12-02 07:24:06","alert_count":0,"request_count":2,"received_data":36076,"sent_data":1085,"comment":"","tags":null,"fingerprints":null},{"fqdn":"rtb.pushdom.co","ip":{"addr":"31.204.132.208","port":443,"asn":49544,"as":"i3D.net B.V","country":"Netherlands","country_code":"NL"},"domain_registered":"2018-12-28","domain_rank":244282,"first_seen":"2019-01-08 20:36:00","last_seen":"2023-11-30 21:04:18","alert_count":0,"request_count":1,"received_data":158,"sent_data":521,"comment":"","tags":null,"fingerprints":null},{"fqdn":"st.top100.ru","ip":{"addr":"81.19.89.18","port":443,"asn":24638,"as":"Rambler Internet Holding LLC","country":"Russia","country_code":"RU"},"domain_registered":"1999-09-30","domain_rank":27374,"first_seen":"2014-03-27 17:20:51","last_seen":"2023-12-01 18:34:05","alert_count":0,"request_count":2,"received_data":130283,"sent_data":827,"comment":"","tags":null,"fingerprints":null},{"fqdn":"goo.su","ip":{"addr":"172.67.139.105","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"United States","country_code":"US"},"domain_registered":"2019-06-14","domain_rank":377451,"first_seen":"2017-05-12 21:35:59","last_seen":"2023-12-01 13:03:18","alert_count":0,"request_count":7,"received_data":86584,"sent_data":7743,"comment":"","tags":null,"fingerprints":null},{"fqdn":"fonts.googleapis.com","ip":{"addr":"142.250.74.138","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"2005-01-25","domain_rank":8877,"first_seen":"2013-06-10 22:14:26","last_seen":"2023-12-02 07:17:09","alert_count":0,"request_count":2,"received_data":3440,"sent_data":897,"comment":"","tags":null,"fingerprints":null}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":[{"sensor_name":"suricata","description":"Suricata /w Emerging Threats Pro","alerts":[{"sensor_name":"suricata","title":"","description":"","date":"2023-12-02T20:09:24Z","timestamp":1701547764,"ip_dst":{"addr":"Internal IP","port":53,"asn":0,"as":"","country":"","country_code":"zz"},"ip_src":{"addr":"Client IP","port":39896,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET DNS Query for .su TLD (Soviet Union) Often Malware Related","source":"{\"timestamp\":\"2023-12-02T20:09:24.229364+0000\",\"flow_id\":1708699302526964,\"in_iface\":\"lxdbr0\",\"event_type\":\"alert\",\"src_ip\":\"10.70.215.22\",\"src_port\":39896,\"dest_ip\":\"10.70.215.1\",\"dest_port\":53,\"proto\":\"UDP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2014169,\"rev\":4,\"signature\":\"ET DNS Query for .su TLD (Soviet Union) Often Malware Related\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"created_at\":[\"2012_01_31\"],\"updated_at\":[\"2020_09_14\"]}},\"dns\":{\"query\":[{\"type\":\"query\",\"id\":56563,\"rrname\":\"goo.su\",\"rrtype\":\"A\",\"tx_id\":0}]},\"app_proto\":\"dns\",\"flow\":{\"pkts_toserver\":1,\"pkts_toclient\":0,\"bytes_toserver\":77,\"bytes_toclient\":0,\"start\":\"2023-12-02T20:09:24.229364+0000\"}}"},{"sensor_name":"suricata","title":"","description":"","date":"2023-12-02T20:09:24Z","timestamp":1701547764,"ip_dst":{"addr":"Internal IP","port":53,"asn":0,"as":"","country":"","country_code":"zz"},"ip_src":{"addr":"Client IP","port":39896,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Observed URL Shortener Service Domain in DNS Lookup (goo .su)","source":"{\"timestamp\":\"2023-12-02T20:09:24.229364+0000\",\"flow_id\":1708699302526964,\"in_iface\":\"lxdbr0\",\"event_type\":\"alert\",\"src_ip\":\"10.70.215.22\",\"src_port\":39896,\"dest_ip\":\"10.70.215.1\",\"dest_port\":53,\"proto\":\"UDP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2044830,\"rev\":1,\"signature\":\"ET INFO Observed URL Shortener Service Domain in DNS Lookup (goo .su)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"affected_product\":[\"Windows_XP_Vista_7_8_10_Server_32_64_Bit\"],\"attack_target\":[\"Client_Endpoint\"],\"created_at\":[\"2023_03_29\"],\"deployment\":[\"Perimeter\"],\"former_category\":[\"INFO\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_03_29\"]}},\"dns\":{\"query\":[{\"type\":\"query\",\"id\":56563,\"rrname\":\"goo.su\",\"rrtype\":\"A\",\"tx_id\":0}]},\"app_proto\":\"dns\",\"flow\":{\"pkts_toserver\":1,\"pkts_toclient\":0,\"bytes_toserver\":77,\"bytes_toclient\":0,\"start\":\"2023-12-02T20:09:24.229364+0000\"}}"},{"sensor_name":"suricata","title":"","description":"","date":"2023-12-02T20:09:24Z","timestamp":1701547764,"ip_dst":{"addr":"Internal IP","port":53,"asn":0,"as":"","country":"","country_code":"zz"},"ip_src":{"addr":"Client IP","port":34785,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET DNS Query for .su TLD (Soviet Union) Often Malware Related","source":"{\"timestamp\":\"2023-12-02T20:09:24.229545+0000\",\"flow_id\":843040054083753,\"in_iface\":\"lxdbr0\",\"event_type\":\"alert\",\"src_ip\":\"10.70.215.22\",\"src_port\":34785,\"dest_ip\":\"10.70.215.1\",\"dest_port\":53,\"proto\":\"UDP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2014169,\"rev\":4,\"signature\":\"ET DNS Query for .su TLD (Soviet Union) Often Malware Related\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"created_at\":[\"2012_01_31\"],\"updated_at\":[\"2020_09_14\"]}},\"dns\":{\"query\":[{\"type\":\"query\",\"id\":18688,\"rrname\":\"goo.su\",\"rrtype\":\"AAAA\",\"tx_id\":0}]},\"app_proto\":\"dns\",\"flow\":{\"pkts_toserver\":1,\"pkts_toclient\":0,\"bytes_toserver\":77,\"bytes_toclient\":0,\"start\":\"2023-12-02T20:09:24.229545+0000\"}}"},{"sensor_name":"suricata","title":"","description":"","date":"2023-12-02T20:09:24Z","timestamp":1701547764,"ip_dst":{"addr":"Internal IP","port":53,"asn":0,"as":"","country":"","country_code":"zz"},"ip_src":{"addr":"Client IP","port":34785,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Observed URL Shortener Service Domain in DNS Lookup (goo .su)","source":"{\"timestamp\":\"2023-12-02T20:09:24.229545+0000\",\"flow_id\":843040054083753,\"in_iface\":\"lxdbr0\",\"event_type\":\"alert\",\"src_ip\":\"10.70.215.22\",\"src_port\":34785,\"dest_ip\":\"10.70.215.1\",\"dest_port\":53,\"proto\":\"UDP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2044830,\"rev\":1,\"signature\":\"ET INFO Observed URL Shortener Service Domain in DNS Lookup (goo .su)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"affected_product\":[\"Windows_XP_Vista_7_8_10_Server_32_64_Bit\"],\"attack_target\":[\"Client_Endpoint\"],\"created_at\":[\"2023_03_29\"],\"deployment\":[\"Perimeter\"],\"former_category\":[\"INFO\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_03_29\"]}},\"dns\":{\"query\":[{\"type\":\"query\",\"id\":18688,\"rrname\":\"goo.su\",\"rrtype\":\"AAAA\",\"tx_id\":0}]},\"app_proto\":\"dns\",\"flow\":{\"pkts_toserver\":1,\"pkts_toclient\":0,\"bytes_toserver\":77,\"bytes_toclient\":0,\"start\":\"2023-12-02T20:09:24.229545+0000\"}}"},{"sensor_name":"suricata","title":"","description":"","date":"2023-12-02T20:09:24Z","timestamp":1701547764,"ip_dst":{"addr":"172.67.139.105","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"United States","country_code":"US"},"ip_src":{"addr":"Client IP","port":52362,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Observed URL Shortener Service Domain (goo .su in TLS SNI)","source":"{\"timestamp\":\"2023-12-02T20:09:24.274148+0000\",\"flow_id\":512336162195447,\"in_iface\":\"lxdbr0\",\"event_type\":\"alert\",\"src_ip\":\"10.70.215.22\",\"src_port\":52362,\"dest_ip\":\"172.67.139.105\",\"dest_port\":443,\"proto\":\"TCP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2044831,\"rev\":1,\"signature\":\"ET INFO Observed URL Shortener Service Domain (goo .su in TLS SNI)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"affected_product\":[\"Windows_XP_Vista_7_8_10_Server_32_64_Bit\"],\"attack_target\":[\"Client_Endpoint\"],\"created_at\":[\"2023_03_29\"],\"deployment\":[\"Perimeter\"],\"former_category\":[\"INFO\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_03_29\"]}},\"tls\":{\"sni\":\"goo.su\",\"version\":\"TLS 1.2\",\"ja3\":{\"hash\":\"0faf2a91198d40dbd58b9308f3fca2fd\",\"string\":\"771,4865-4867-4866-49195-49199-52393-52392-49196-49200-49171-49172-156-157-47-53,0-23-65281-10-11-16-5-34-51-43-13-28-65037,29-23-24-25-256-257,0\"},\"ja3s\":{\"hash\":\"7b54a7d14b24b747838e39a27c2de875\",\"string\":\"771,49199,0-23-65281-11-16-5\"}},\"app_proto\":\"tls\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":6,\"bytes_toserver\":908,\"bytes_toclient\":5518,\"start\":\"2023-12-02T20:09:24.264183+0000\"}}"}]}],"analyzer":[{"sensor_name":"infosec_yara","type":"yara","description":"Public InfoSec YARA rules","link":"","alerts":null},{"sensor_name":"openphish","type":"url","description":"OpenPhish","link":"","alerts":null},{"sensor_name":"phishtank","type":"url","description":"PhishTank","link":"","alerts":null},{"sensor_name":"mnemonic_dns","type":"domain","description":"mnemonic secure dns","link":"","alerts":null},{"sensor_name":"quad9","type":"domain","description":"Quad9 DNS","link":"","alerts":null},{"sensor_name":"threatfox","type":"url","description":"ThreatFox","link":"","alerts":null}],"urlquery":null},"javascript":{"script":[{"url":{"schema":"https","addr":"goo.su/F0KU","fqdn":"goo.su","domain":"goo.su","tld":"su"},"ip":{"addr":"172.67.139.105","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"2b380b3e889f216df5c1a02cc5b137f9","sha1":"f634ca3decc0ae35c3ecc085109423d471fadbb2","sha256":"516a69de48e4087bf540894064ddcc49d1985f4799ab583fb1a12003af517821","sha512":"073b8a27b5394d4f1035084fe8621bd1b7f136102fa195a949a4d6d1117cce31d5372d4ec2c1a1fbb3e31bbedd7554cb669849fcbdb183efb8917e1fa32fa3d0","ssdeep":"","tlshash":"43f0595f299724705067b0bb465f8824355310276a48d0027dec42992fe8e77096ef7c","size":586,"data":"","first_seen":"2023-03-07T12:04:54Z","last_seen":"2025-01-27T13:24:35.429981Z","times_seen":55,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"goo.su/frontend/js/redirect.js?id=0206716eb65eec68ba60","fqdn":"goo.su","domain":"goo.su","tld":"su"},"ip":{"addr":"172.67.139.105","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"5133d0220333bcdfae34ba770e7c9b42","sha1":"9a351d7b7ac64a836f602816548c86a249299003","sha256":"2c84d9ab5b2dd5c770675c7c9e9219710fdd23745fbaf02a07e8c90ef078d38e","sha512":"591cd556fa7114ecf0c70a2ae373c0ff48b82e7eba3f47da059f534e1cc0750801d2f71f09d157d0750a714c72eae83980d265d2ce122f0f390f5e680e62581e","ssdeep":"1536:EORLi9qxGCs+4Ezy4bx60BW1GkWcAupPb8prpDVGf9oOcEWMNsBdPKwH1lseVgGy:EOmVPAprTlKMK49Yg4r","tlshash":"c5930addb2c6b06247a770ba40bf550bf236199d684d8400f125e4e9bc78b4a927bf3d","size":90590,"data":"","first_seen":"2023-03-07T12:04:54Z","last_seen":"2024-08-21T09:42:52.929456Z","times_seen":29,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"","addr":"","fqdn":"","domain":"","tld":""},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"scriptElement","is_inline":false,"md5":"1a9fe897ff3837e3426768e6ac010f8d","sha1":"6a1a3de0d0b89856ce065d9cb88618af25a20d04","sha256":"b004a83e4da8738ff78a422bc9a9d84d92c80bbc046264b935d2a12b87cdb1e4","sha512":"18fac19b5b44e65097e8e79912f15666a6eea0271cb2e80f545beb20e251d0febb219f02ab5404e561de844e571d27a7a8ffee51285ad04472b287b6c41708eb","ssdeep":"","tlshash":"67d0976648aac83822c8005f60bad6a8392122d42f1b250043cfcc6eda00ec38c62d68","size":247,"data":"","first_seen":"2024-08-20T17:01:37.329703Z","last_seen":"2024-08-20T17:01:37.329703Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"goo.su/cdn-cgi/challenge-platform/scripts/jsd/main.js","fqdn":"goo.su","domain":"goo.su","tld":"su"},"ip":{"addr":"172.67.139.105","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"a367c21c47ccf603e799919d52102fad","sha1":"3f114f1a04447b965187a829cf51bf3d9e096161","sha256":"da8b7eb9a8f8e9f26ef4a18d62dacde8945b8f682cec85d232ff73c917f91272","sha512":"779bfbc12416020fb5cc018e07843d8fd5b31bd93a6fdbe4ce36f26f4b47637284e39df1bd1daebe641c57694256b93febadf832959452abd961f9ac534144e0","ssdeep":"96:hX55c0lcAPXrbkE1RtfzvRbm1jpUIa56sXckY1XZKsjkmXHTxTNlOWvkCzgxX/Yz:hfcecAtfCT1pjdpOW8XgfkY0AMvm6M","tlshash":"3ce1a5cb770e706313727cbb415f586b660d9fa618c868c29a48c4f8bab134944efe56","size":7432,"data":"","first_seen":"2023-12-02T21:09:37Z","last_seen":"2023-12-02T21:09:37Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"enduresopens.com/ttkXIvunodY/69489","fqdn":"enduresopens.com","domain":"enduresopens.com","tld":"com"},"ip":{"addr":"23.109.248.102","port":443,"asn":7979,"as":"SERVERS-COM","country":"Netherlands","country_code":"NL"},"introduction_type":"scriptElement","is_inline":false,"md5":"f7a2939527fd9e68723da600e96d76bd","sha1":"a9e717b6364d2895ee0a716050db32ca0ef1bb42","sha256":"d810f5146f4cd1517512a6e31946e764a73c58fb01427aae88d42cc2ae28718a","sha512":"e6956ec633c76eb3ebc408528f950b81373238cd1d5b9fff5ddd97089ea14a1ff5934f23769bac5d93cc4cdb6a1fbc4ce69baebfb940a55d8a7a89caccaf92b5","ssdeep":"","tlshash":"5340000c00300000000000000000f000000c00000c000300c000000c00030c000c0000","size":5,"data":"","first_seen":"2023-03-07T01:14:39Z","last_seen":"2026-04-23T16:07:27.644788Z","times_seen":14020,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"st.top100.ru/top100/top100.js","fqdn":"st.top100.ru","domain":"top100.ru","tld":"ru"},"ip":{"addr":"81.19.89.18","port":443,"asn":24638,"as":"Rambler Internet Holding LLC","country":"Russia","country_code":"RU"},"introduction_type":"scriptElement","is_inline":false,"md5":"41c3677568a4c937e2c12b14c97d5403","sha1":"717e6988b588fcc21a21e54fc5681ec686c15c19","sha256":"52042fa86553029692e962a7f139b2073d16496916a5248e5c1abda1f2c977a7","sha512":"44f02e7e4b6b66b9f23936bcaf9052b253f7f38fb530b65bcd8f3e17fc8f1ab1a517f7b022bb4173cf2b28ce4e028289d56b7a9fbce7e9ffb8f062345b19a899","ssdeep":"1536:js3/oOvFfNWxWxz8jK53sCYftgt/0XIU/J9XXFN+bW:jPWwwxW8/0XpbXXFN/","tlshash":"c7b3968df5a2b06543a3a0f1422f010ae33f291cf44a556cb699d8e16df590e963bf7c","size":114426,"data":"","first_seen":"2023-11-23T17:52:44Z","last_seen":"2024-08-20T18:08:46.869028Z","times_seen":57,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"st.top100.ru/top100/3.13.44/usability.js","fqdn":"st.top100.ru","domain":"top100.ru","tld":"ru"},"ip":{"addr":"81.19.89.18","port":443,"asn":24638,"as":"Rambler Internet Holding LLC","country":"Russia","country_code":"RU"},"introduction_type":"scriptElement","is_inline":false,"md5":"5631c815de35a6f6b448b0abbb1dd60c","sha1":"9f35207e42f536afca4fe47eb4833ad3d4d370a8","sha256":"022038891c775d0e6639f4cafd1607c96ec9fb39eccfd0b8d7d411af03767a33","sha512":"8b00c1de0726743a5fbc2a48931f323dcfb1fad9d4b4b1de495fb474d6b8b384a091321a231e428670f0cef2c7cc01477043ac8edc708a8c3b854c9acfec63c0","ssdeep":"384:/7nOp/yHy/ZUku3ZDMYgznGD+TF09F0FXBsE:DlHAG3Z3gLS+YFc","tlshash":"1b62b08cb9a1f4668363a0f1015f104ea33e695ce4ec656cb189e4e56cfd40e9627f7c","size":14628,"data":"","first_seen":"2023-11-20T15:41:18Z","last_seen":"2023-12-05T17:39:15Z","times_seen":67,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"goo.su/F0KU","fqdn":"goo.su","domain":"goo.su","tld":"su"},"ip":{"addr":"172.67.139.105","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"e843b00692de2f72a9b77637c18329df","sha1":"849c7da6b5c326356438106ed917adaa8806c6a6","sha256":"816fdf433e4de91232f983788ac259925547207a34f59fcc35b9a719b4c8fc07","sha512":"206cd5e2967441648289bcf6b5d15a1587aae6f6e8e14865d5da41aae89fe4a42e155e52f590738bcf398b1c2e54caefa80840b780e7457a806a5acdb025b906","ssdeep":"","tlshash":"57f0595b299324305067b0bb465f8824396310276608d0027dec42992fe8e76096ef7c","size":586,"data":"","first_seen":"2023-03-07T12:04:54Z","last_seen":"2025-01-27T13:24:35.432016Z","times_seen":55,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"goo.su/F0KU","fqdn":"goo.su","domain":"goo.su","tld":"su"},"ip":{"addr":"172.67.139.105","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"fa19ccefbef80e7038a02bd77a51340c","sha1":"7b23f6d75ba14d3012691e026bfcb8dce3f3eae2","sha256":"cd9073cb8c8675f83be0441026bb46742b015dd2785294ad1f3561d57786532e","sha512":"82597b55297cb411082d78f3eb0b0670d2f34cfbbaad73e5079cc6d5a4d99b113af60afdbf494e680b34dc9cc5d08b32850a2247a16f87f80cad7bb4bd8028a9","ssdeep":"","tlshash":"3411fc3920e8a13ec7c6609e257dd7ac3e7c21522a0b5080816ddc6dac14d97d86fdbe","size":1074,"data":"","first_seen":"2024-08-20T17:01:37.334253Z","last_seen":"2024-08-20T17:01:37.334253Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"goo.su/F0KU","fqdn":"goo.su","domain":"goo.su","tld":"su"},"ip":{"addr":"172.67.139.105","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"6a129b9966ad9370833e0bdb6056c91b","sha1":"eca2659bb27e32e86e02dc3c70b6528d08617d63","sha256":"12b337f70504184e85b32753b25ae4870675033a4b862d256a10b709ac5d769b","sha512":"73092adc8bb9118af4b51dfa1d0aef2f0a9c4638d497afc28a8e77c1dc1c530113fe4228543af2d5a1092b695bb3d25741e8092de621db29928465d69ff01b28","ssdeep":"","tlshash":"32f0780b59a3347467e250bd677fea0d62aaa4074590d8007cadc0897f50e6b8a3eacc","size":622,"data":"","first_seen":"2023-03-07T12:04:54Z","last_seen":"2026-03-31T09:45:47.138413Z","times_seen":80,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"goo.su/F0KU","fqdn":"goo.su","domain":"goo.su","tld":"su"},"ip":{"addr":"172.67.139.105","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"db473c0638ca9295f4850801c7a35db2","sha1":"b7db18f7bc30c96199489c29505fa72c2b1d6338","sha256":"88a3c541e64d9ddafd066f9d4747a6088cf8255e8c1552b2e8b782e59cd12ee5","sha512":"72db0590f025047cc9b2b534a9b7d27eb078ce33df93501dc9d1fe9325c12b177c2749e7e5123db6f52910fa06d8d48ca4f87e3d41ff6901383c4c3d5499f648","ssdeep":"","tlshash":"1ef09eb18403a4b9840748b37468a5556865b0a32d513597705e273a6fc5ba1b02eab8","size":514,"data":"","first_seen":"2023-03-07T12:04:54Z","last_seen":"2026-03-31T09:45:47.136538Z","times_seen":80,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"richinfo.co/richpartners/push/js/rp-cl-ob.js?pubid=883146\u0026siteid=330256\u0026niche=33","fqdn":"richinfo.co","domain":"richinfo.co","tld":"co"},"ip":{"addr":"5.200.15.240","port":443,"asn":49544,"as":"i3D.net B.V","country":"Netherlands","country_code":"NL"},"introduction_type":"scriptElement","is_inline":false,"md5":"482657d8dc8d45dca5dbd78e2e988097","sha1":"4d2eae324d0dd95de1c8d7a2c2d5a0f9d46eabf6","sha256":"95bfb0165ee20b9404f599edcb7f7fee4bfedc1df340dfdce225ad35f3506ff7","sha512":"7c23901a9ce67ef820af2166774a1818e42df534c6663a68c310aa4e3fcf83e137b63edb63ac0f3ff2b4d452e74141607c46c7ea5cfae3fc610650b15cc7531e","ssdeep":"1536:+RVPiKF3uB2oh5QsbjJkyOz66a6SemlVdv5dhCyMwn6XIbt:wPrF3kXhWsBkyOhS9BdhD6XOt","tlshash":"e463528277d1b88123875b7b731bb5e5e93b4ce87584088af018bc90f4f9a16fae1535","size":70686,"data":"","first_seen":"2023-08-18T17:52:37Z","last_seen":"2024-08-21T08:26:40.202791Z","times_seen":254,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"","addr":"","fqdn":"","domain":"","tld":""},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"Function","is_inline":false,"md5":"29d0c84b9d1d8da446a6062c6a840ad9","sha1":"6d6b3a6065667c7c50d92f3889c85ed65a9ad784","sha256":"3c3cbdb71d0d2c22f504f4d63d8a6ffe8d250cde7e58300619be35b6bbab26a1","sha512":"52cfcbf2f7c3521c5a6c6120099ee6822d16e04ffbc04720da925a11242c8c2050f9cfc8d864a6d39a0036ac599f701080195a29a7c5e8d3e9308b91f9f0390f","ssdeep":"","tlshash":"679004dd3d51d000433350f04c17d4d5f0340c3030541d00750dd4475c7111c4135c7c","size":37,"data":"","first_seen":"2023-04-11T21:31:25Z","last_seen":"2026-04-23T16:10:57.961385Z","times_seen":624464,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"goo.su/F0KU","fqdn":"goo.su","domain":"goo.su","tld":"su"},"ip":{"addr":"172.67.139.105","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"10a3a6c66b892d8538eec3608bca22e2","sha1":"b226797b6cc2481382d7b760b5af97a9a7173689","sha256":"269f0da0a1250e47ea814800ea6727502fbf6cba510026e23963122b29232035","sha512":"685dd1659a06c0c42d9476e39ed849abe2198ad41d585f1071d408fdda4c77bf3be8ab9e8146fab61249b2324f45099545bd96bbdf779e0d63ee685515241068","ssdeep":"","tlshash":"a711479b2de320345293a0e9976f91187437500b4804f8363e8cd28a6f65bbd4e75a9c","size":861,"data":"","first_seen":"2023-03-07T12:04:54Z","last_seen":"2026-03-31T09:45:47.139395Z","times_seen":76,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"","addr":"","fqdn":"","domain":"","tld":""},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"Function","is_inline":false,"md5":"aa049e2749b8531cb8f233c2f64fc2b2","sha1":"b611a5a62c1813ae5b4763378b3a4a565556530a","sha256":"e52e51d5897d7a179089ddcf8f5de7aeb3ef4f27b054b63e937cf308b685c9e2","sha512":"fa951f3911de780608d6235a597758320388dff58cf18dd584a6941ac88cc36cac7d52caa72b678ee6f4dff47ee23955ab282714d03e713ae2bed4cb73a3c14e","ssdeep":"","tlshash":"afa012c87a99f408423260f04c3b808de0352c20348c544069098c556c711098336d1c","size":79,"data":"","first_seen":"2023-04-11T21:38:58Z","last_seen":"2026-04-23T16:10:57.958959Z","times_seen":213112,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":[{"md5":"fe19b8b0a51f0320dbbf6d0750b7a075","sha1":"fce1f60043d2356bed25ae9afbb6faeb799a010e","sha256":"589008623b4f4d7cd7391287db785719e1102474e3e948c304bfc446f30ea682","sha512":"a4ff164911066fcbf95226cdd5438ee4e3240406998537641501bab861fc4b361e991e0fc41e3ac1ce8d2d5b867772d98db02c63ee8dec9938d0bac20bfdb1ac","ssdeep":"","tlshash":"b5d09721d184e8897180e198f028b530c40371288710fedefc900f34428f1a2d04234d","size":235,"data":"","first_seen":"2024-08-20T17:01:37.34775Z","last_seen":"2024-08-20T17:01:37.34775Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}]},"http":[{"url":{"schema":"https","addr":"goo.su/frontend/js/redirect.js?id=0206716eb65eec68ba60","fqdn":"goo.su","domain":"goo.su","tld":"su"},"ip":{"addr":"172.67.139.105","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://goo.su/F0KU","date":"2023-12-02T20:09:25.103Z","timestamp":1701547765103,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"goo.su","organization":""},"issuer":{"commonName":"GTS CA 1P5","organization":"Google Trust Services LLC"},"validity":{"start":"Fri, 06 Oct 2023 22:31:19 GMT","end":"Thu, 04 Jan 2024 22:31:18 GMT"},"fingerprint":{"sha1":"C7:43:5F:AB:2E:5B:9D:DF:91:5A:64:48:54:CA:F4:CD:DF:39:92:A6","sha256":"C4:55:87:E0:49:48:08:27:19:CF:11:2A:70:C0:06:01:0B:D4:BD:FA:D1:5A:08:E9:B4:5F:2E:1E:1C:23:FA:F0"}}},"request":{"raw":"GET /frontend/js/redirect.js?id=0206716eb65eec68ba60 HTTP/1.1\r\nHost: goo.su\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://goo.su/F0KU\r\nCookie: XSRF-TOKEN=eyJpdiI6IjkvZGgvY0NheUlMNmk0SEVsOHIvQmc9PSIsInZhbHVlIjoiVkhJQm1NcVFZZmVwL0pBNFUySkJ0MUlaYVdReUFiYjdoRFVlNitrZ0J0amFIN09yWkNlOTFRRXdoWFJSWFNHNGdpbnc3NG5aWUt2STZ6MldqeVRRUktsaytpWmhjUldha1dJektVOWJKZjVISDlhQWFNT0s5VnZBNFlOMU5kNWUiLCJtYWMiOiIyNmY0ZWQ0ZjZiNGViZmJiMDZmNWIwZmJlOGM2MDEwMmU3Njg2OGJmNDdmNTY5MTQ3MmI3OWM4NTkxNWI1MjZkIiwidGFnIjoiIn0%3D; goosu_session=eyJpdiI6ImlZZmdudldIa0dzM3FyNHF5ZEZic2c9PSIsInZhbHVlIjoiOWV3SUVTY2ZIcFhDMzlpK2JXTWNJZGNmTUNsc1FocDAzeklTWmZLdEZqa2JxbDlEUmhkSUM2RnAwTm55WFF5Umt4cnhWalltWnh2Sm9YQWc0anBBeTF5dXFNbXRES3UvamJEdUxXT0JnZWNZd2F2MDZnUkhmdk1xUmVQTVdVZzAiLCJtYWMiOiJjNWE2MDc4NjA4YTcyZjJiNGE0NzViMTNiZjkyYjgxMzI3OTJjZGRjMjgwZWY1M2ExMTFiZDZjOTY0NGQ0MDMyIiwidGFnIjoiIn0%3D\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Sat, 02 Dec 2023 20:09:19 GMT\r\ncontent-type: application/javascript\r\ncache-control: max-age=604800\r\ncf-bgj: minify\r\ncf-polished: origSize=90593\r\netag: W/\"620befd7-161e1\"\r\nexpires: Sat, 09 Dec 2023 05:00:37 GMT\r\nlast-modified: Tue, 15 Feb 2022 18:24:23 GMT\r\ncf-cache-status: HIT\r\nage: 54522\r\nreport-to: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v3?s=sPUWnbEd70wESXl7cP0Gn68fveAFRdf6YXquQrr0BPLab%2FgfDPG9fTWyPIssiC0eQV3zlVzSeZ0NLXBhWfsxxfwLNfAsxTEfOd4il6LjkTNdY72PjpSv7G4%3D\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\nnel: {\"success_fraction\":0,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nvary: Accept-Encoding\r\nserver: cloudflare\r\ncf-ray: 82f634fbcb1256c1-OSL\r\ncontent-encoding: br\r\nalt-svc: h3=\":443\"; ma=86400\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":32829,"size_decoded":0,"mime_type":"application/javascript","magic":"Unicode text, UTF-8 text, with very long lines (65534), with no line terminators","md5":"5133d0220333bcdfae34ba770e7c9b42","sha1":"9a351d7b7ac64a836f602816548c86a249299003","sha256":"2c84d9ab5b2dd5c770675c7c9e9219710fdd23745fbaf02a07e8c90ef078d38e","sha512":"591cd556fa7114ecf0c70a2ae373c0ff48b82e7eba3f47da059f534e1cc0750801d2f71f09d157d0750a714c72eae83980d265d2ce122f0f390f5e680e62581e","ssdeep":"1536:EORLi9qxGCs+4Ezy4bx60BW1GkWcAupPb8prpDVGf9oOcEWMNsBdPKwH1lseVgGy:EOmVPAprTlKMK49Yg4r","tlshash":"c5930addb2c6b06247a770ba40bf550bf236199d684d8400f125e4e9bc78b4a927bf3d","first_seen":"2023-03-07T12:04:54Z","last_seen":"2024-08-21T09:42:52.929456Z","times_seen":29,"resource_available":true,"data":null}},"time_used":19,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":17,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"fonts.googleapis.com/css?family=Open%20Sans:400\u0026display=swap","fqdn":"fonts.googleapis.com","domain":"fonts.googleapis.com","tld":"googleapis.com"},"ip":{"addr":"142.250.74.138","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://goo.su/F0KU","date":"2023-12-02T20:09:25.093Z","timestamp":1701547765093,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"upload.video.google.com","organization":""},"issuer":{"commonName":"GTS CA 1C3","organization":"Google Trust Services LLC"},"validity":{"start":"Mon, 23 Oct 2023 11:24:07 GMT","end":"Mon, 15 Jan 2024 11:24:06 GMT"},"fingerprint":{"sha1":"CC:96:E0:52:E0:9B:EA:A9:A0:F8:88:9A:90:20:11:47:61:00:3C:42","sha256":"9A:90:D4:1D:0C:D1:CA:9D:4D:19:37:44:C4:E6:E4:28:27:C0:F5:0A:9C:B4:56:89:C4:D1:8A:63:A7:01:28:54"}}},"request":{"raw":"GET /css?family=Open%20Sans:400\u0026display=swap HTTP/1.1\r\nHost: fonts.googleapis.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://goo.su/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: text/css; charset=utf-8\r\naccess-control-allow-origin: *\r\ntiming-allow-origin: *\r\nlink: \u003chttps://fonts.gstatic.com\u003e; rel=preconnect; crossorigin\r\nstrict-transport-security: max-age=31536000\r\nexpires: Sat, 02 Dec 2023 20:09:20 GMT\r\ndate: Sat, 02 Dec 2023 20:09:20 GMT\r\ncache-control: private, max-age=86400\r\ncross-origin-opener-policy: same-origin-allow-popups\r\ncross-origin-resource-policy: cross-origin\r\ncontent-encoding: gzip\r\nserver: ESF\r\nx-xss-protection: 0\r\nx-frame-options: SAMEORIGIN\r\nx-content-type-options: nosniff\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":1120,"size_decoded":0,"mime_type":"text/css; charset=utf-8","magic":"gzip compressed data, max compression\\012- data","md5":"e1af0ddfa904797da5eaa882d7063d96","sha1":"2600748c76f6baea97d20802b0d94e1a25e716e9","sha256":"8a4d927477942ed874f4dd4387c5bb70e6b47a8a37245c4277ebff9337ea5504","sha512":"8d1e303e995f2060b1352d70f52a91f4fc0eb358472efba6d9a5576c5a2308de30f2fd29fc7186cf551ca74165ff1c0210dcf9c173953d99e6971345e085c5ad","ssdeep":"","tlshash":"6421b60a46fc61cae8d64edd78579572f00ce6e18f401a3d847a639d2de37fa9597400","first_seen":"2023-12-02T10:56:25Z","last_seen":"2023-12-02T21:09:37Z","times_seen":3,"resource_available":false,"data":null}},"time_used":158,"timings":{"blocked":65,"dns":1,"connect":8,"send":0,"wait":21,"receive":0,"ssl":59},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"fonts.googleapis.com/css?family=Roboto:400\u0026display=swap","fqdn":"fonts.googleapis.com","domain":"fonts.googleapis.com","tld":"googleapis.com"},"ip":{"addr":"142.250.74.138","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://goo.su/F0KU","date":"2023-12-02T20:09:25.097Z","timestamp":1701547765097,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"upload.video.google.com","organization":""},"issuer":{"commonName":"GTS CA 1C3","organization":"Google Trust Services LLC"},"validity":{"start":"Mon, 23 Oct 2023 11:24:07 GMT","end":"Mon, 15 Jan 2024 11:24:06 GMT"},"fingerprint":{"sha1":"CC:96:E0:52:E0:9B:EA:A9:A0:F8:88:9A:90:20:11:47:61:00:3C:42","sha256":"9A:90:D4:1D:0C:D1:CA:9D:4D:19:37:44:C4:E6:E4:28:27:C0:F5:0A:9C:B4:56:89:C4:D1:8A:63:A7:01:28:54"}}},"request":{"raw":"GET /css?family=Roboto:400\u0026display=swap HTTP/1.1\r\nHost: fonts.googleapis.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://goo.su/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: text/css; charset=utf-8\r\naccess-control-allow-origin: *\r\ntiming-allow-origin: *\r\nlink: \u003chttps://fonts.gstatic.com\u003e; rel=preconnect; crossorigin\r\nstrict-transport-security: max-age=31536000\r\nexpires: Sat, 02 Dec 2023 20:09:20 GMT\r\ndate: Sat, 02 Dec 2023 20:09:20 GMT\r\ncache-control: private, max-age=86400\r\ncross-origin-opener-policy: same-origin-allow-popups\r\ncross-origin-resource-policy: cross-origin\r\ncontent-encoding: gzip\r\nserver: ESF\r\nx-xss-protection: 0\r\nx-frame-options: SAMEORIGIN\r\nx-content-type-options: nosniff\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":1060,"size_decoded":0,"mime_type":"text/css; charset=utf-8","magic":"gzip compressed data, max compression\\012- data","md5":"6da4fb58c1129cdde8b8412f3b24d90b","sha1":"5c422e50b978e0d721dee818dfd3f5c52f157e84","sha256":"7a7f216f0dd90fdf0e3459be207c7689f18c818ee9bddda97e08ebf0fd11716d","sha512":"a66db1610d76ff652d2580321a9ac3795bc1c4a5f02516278393ce966f08e7cda75b4655c39ead9813934e5b9c2a64d996976e8e3ff1dd2be5c34a81f33473fc","ssdeep":"","tlshash":"1911821c4396bc86eda97c726e7de22494a02d8605802cbe7d589de09ce23db160095c","first_seen":"2023-12-02T21:09:37Z","last_seen":"2023-12-02T21:09:37Z","times_seen":1,"resource_available":false,"data":null}},"time_used":154,"timings":{"blocked":63,"dns":0,"connect":10,"send":0,"wait":20,"receive":0,"ssl":58},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"enduresopens.com/ttkXIvunodY/69489","fqdn":"enduresopens.com","domain":"enduresopens.com","tld":"com"},"ip":{"addr":"23.109.248.102","port":443,"asn":7979,"as":"SERVERS-COM","country":"Netherlands","country_code":"NL"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://goo.su/F0KU","date":"2023-12-02T20:09:25.101Z","timestamp":1701547765101,"http_version":"HTTP/1.1","security_state":"secure","security_info":{"cipher_suite":"TLS_RSA_WITH_AES_128_CBC_SHA","key_group_name":"none","signature_name":"none","protocol":"TLSv1.2","cert":{"subject":{"commonName":"enduresopens.com","organization":""},"issuer":{"commonName":"R3","organization":"Let's Encrypt"},"validity":{"start":"Wed, 08 Nov 2023 23:08:29 GMT","end":"Tue, 06 Feb 2024 23:08:28 GMT"},"fingerprint":{"sha1":"B6:C5:5B:70:B5:C3:9D:34:75:17:50:9E:4E:CE:9A:FB:8A:87:E2:E4","sha256":"A7:F6:EA:3B:25:E2:49:A8:87:2B:F6:BE:65:A2:22:10:D0:F9:8A:B7:45:D6:5F:DC:45:16:DB:91:26:57:81:DC"}}},"request":{"raw":"GET /ttkXIvunodY/69489 HTTP/1.1\r\nHost: enduresopens.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://goo.su/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Sat, 02 Dec 2023 20:09:20 GMT\r\nContent-Type: application/javascript; charset=utf-8\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nKeep-Alive: timeout=20\r\nAccept-ch: sec-ch-ua-platform-version,sec-ch-ua-model,sec-ch-ua-full-version\r\nAccess-Control-Allow-Credentials: true\r\nAccess-Control-Allow-Origin: https://goo.su\r\nAccess-Control-Allow-Headers: content-type, megageocheckolololo, x-forwarded-for, x-requested-with, cache-control, pragma, expires\r\nAccess-Control-Max-Age: 600\r\nAccess-Control-Allow-Methods: GET, POST, OPTIONS\r\nX-Frame-Options: SAMEORIGIN\r\nSet-Cookie: GL_UI4=eJw9zV1OhDAcBHC%2BWXVBJ%2BEAHqFVQXz0Za%2FgIyntH6wL7aZU0NtLTPRtMvlNJgiCqLpFuGYp4k9R414NvJGs5fKhfmRNUz8JRkPfvvTtc8MFa3Gll86LfiKf4LDMwvnOrwmOIxlyWnbSKipwt6u%2F5mzsZhKkvRNGFUjnXUwF8t7ZbSFXxUiMmAn5STsa7NcuxId1iDmr96zNnkOGyC5VXF4jf9NG7cvyiIizsswC3Fwm4Qfr5k6rLEQ6OqEI4SsOUngarftGrmg5e3sB7KS6f%2F97HG%2BcIVO0aklIrX8n9wNBjE5s; expires=Sun, 03-Dec-2023 20:09:20 GMT; Max-Age=86400; path=/; secure; SameSite=None\nGL_GI10=eJwViE0KgzAUBvMeJVAqhY96AE%2BQamsXbmuXRReewGopgZBIEvtz%2B%2BpiBmaEEJwmYD0hqQpV5ao8qeJSgl7gpgUPFrJx%2FtP%2FQB6cn8HeYtcG47LazTYuf8BmbZDG%2Fmr0N%2BucmaN2NoAXtnX%2FMM%2FjrbuDJkng6FaHMRWgtzz8AV7hHdE%3D; expires=Sun, 03-Dec-2023 20:09:20 GMT; Max-Age=86400; path=/; secure; SameSite=None\r\nContent-Encoding: gzip\r\nVary: Accept-Encoding\r\nStrict-Transport-Security: max-age=1\r\nX-Content-Type-Options: nosniff\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":25,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"ASCII text, with no line terminators","md5":"f7a2939527fd9e68723da600e96d76bd","sha1":"a9e717b6364d2895ee0a716050db32ca0ef1bb42","sha256":"d810f5146f4cd1517512a6e31946e764a73c58fb01427aae88d42cc2ae28718a","sha512":"e6956ec633c76eb3ebc408528f950b81373238cd1d5b9fff5ddd97089ea14a1ff5934f23769bac5d93cc4cdb6a1fbc4ce69baebfb940a55d8a7a89caccaf92b5","ssdeep":"","tlshash":"5340000c00300000000000000000f000000c00000c000300c000000c00030c000c0000","first_seen":"2023-03-07T01:14:39Z","last_seen":"2026-04-23T16:07:27.644788Z","times_seen":14020,"resource_available":true,"data":null}},"time_used":623,"timings":{"blocked":290,"dns":77,"connect":22,"send":0,"wait":31,"receive":0,"ssl":200},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"richinfo.co/richpartners/push/js/rp-cl-ob.js?pubid=883146\u0026siteid=330256\u0026niche=33","fqdn":"richinfo.co","domain":"richinfo.co","tld":"co"},"ip":{"addr":"5.200.15.240","port":443,"asn":49544,"as":"i3D.net B.V","country":"Netherlands","country_code":"NL"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://goo.su/F0KU","date":"2023-12-02T20:09:25.100Z","timestamp":1701547765100,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"richinfo.co","organization":""},"issuer":{"commonName":"R3","organization":"Let's Encrypt"},"validity":{"start":"Sat, 25 Nov 2023 15:24:58 GMT","end":"Fri, 23 Feb 2024 15:24:57 GMT"},"fingerprint":{"sha1":"DC:D3:66:CE:54:D0:16:6E:8F:14:83:03:42:F9:BA:DB:D3:17:99:55","sha256":"36:B9:E6:1C:4C:49:77:8F:86:BB:58:6F:F6:CD:8D:20:4B:6E:1A:68:23:B5:42:D7:A0:C7:5A:77:F6:06:39:C0"}}},"request":{"raw":"GET /richpartners/push/js/rp-cl-ob.js?pubid=883146\u0026siteid=330256\u0026niche=33 HTTP/1.1\r\nHost: richinfo.co\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://goo.su/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: openresty/1.21.4.1\r\ndate: Sat, 02 Dec 2023 20:09:20 GMT\r\ncontent-type: application/x-javascript\r\nx-amz-id-2: pKgSrCYiGz0kMoIQ+3ruOxO17on5o4k1mZ3sEqu4M6Q4zOCn+Q390idiKReZotSwfxFBnazRTOk=\r\nx-amz-request-id: TWB61Z161NSNACJD\r\nlast-modified: Mon, 27 Nov 2023 12:20:56 GMT\r\netag: W/\"482657d8dc8d45dca5dbd78e2e988097\"\r\nx-amz-server-side-encryption: AES256\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":45861,"size_decoded":0,"mime_type":"application/x-javascript","magic":"gzip compressed data, max speed, from Unix\\012- data","md5":"30b9acb7816a856851e6004ff03c5e83","sha1":"501669927ad977af68ac2792e512ec982d32cf5a","sha256":"d8228e23326200af906e1b2948d28290bf854e0a0434d39f6972956912aff639","sha512":"246c73eed3beba164cf682c22b4aca2639cfe3773fbb203e17d7d4a3b5585bf27c3ef4ebbbccec8c509d8f16411ca5d8ad7c3e06629c874b75b9f8aaac59f8c8","ssdeep":"768:OiLRVV3OF/kD9YC47RxxNjPx9uHyymBkuOv2LQv37EJ5E2bJwi5jLwK79/:OiFX3L9YhJN7ruvNTvZIwiZLD/","tlshash":"7523024814a43288ea93377d912f9bd3c028e1516fbe49c81749a837e7b937cef59112","first_seen":"2023-10-18T06:22:20Z","last_seen":"2023-12-02T21:09:37Z","times_seen":4,"resource_available":false,"data":null}},"time_used":222,"timings":{"blocked":95,"dns":41,"connect":21,"send":0,"wait":21,"receive":0,"ssl":41},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"fonts.gstatic.com/s/opensans/v36/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4gaVI.woff2","fqdn":"fonts.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"216.58.207.227","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://goo.su/F0KU","date":"2023-12-02T20:09:25.349Z","timestamp":1701547765349,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"GTS CA 1C3","organization":"Google Trust Services LLC"},"validity":{"start":"Mon, 23 Oct 2023 11:24:07 GMT","end":"Mon, 15 Jan 2024 11:24:06 GMT"},"fingerprint":{"sha1":"E5:79:1F:1A:04:3F:B9:B0:FB:41:4E:B5:E5:97:AD:FE:D9:2C:4A:CD","sha256":"EF:BD:DB:F8:2A:77:8C:C2:9E:F9:E0:B2:26:39:CB:EC:63:F1:80:36:F6:06:6E:F5:E1:6C:45:66:A4:D1:A6:C8"}}},"request":{"raw":"GET /s/opensans/v36/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4gaVI.woff2 HTTP/1.1\r\nHost: fonts.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nOrigin: https://goo.su\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://fonts.googleapis.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"apps-themes\"\r\nreport-to: {\"group\":\"apps-themes\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/apps-themes\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 18664\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Thu, 30 Nov 2023 23:21:50 GMT\r\nexpires: Fri, 29 Nov 2024 23:21:50 GMT\r\ncache-control: public, max-age=31536000\r\nage: 161250\r\nlast-modified: Thu, 14 Sep 2023 01:36:18 GMT\r\ncontent-type: font/woff2\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":18664,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 18664, version 1.0\\012- data","md5":"8d1c44b2bf75a4e6f1bd141f9a965f4f","sha1":"1e5dfdb7ca5ee8e823f9f5787f84b18fbdc38434","sha256":"441e23601fe7525a142857c98cbb2784997579d51a17f736d7964dceee609709","sha512":"ab0e1ac0f84c084b0a7af7eb0632c40464b8b4fa9255e1d7ee42c1d7eb759dfb700e8e2129728ce07e85ea262b0bb60fb9327a0163897bb2916a81764cd5f0bc","ssdeep":"384:qpcRVULHjNgh9oqyQPxSjNuI41/CBo0UWrkmmvRKea:qpsWDGh+5QPxSjUI41KJU1wea","tlshash":"3882d12ae885a296e34b3137fde67dc7be58b1207c4250cfce7d51b4a4d00ae53d5145","first_seen":"2023-05-03T03:58:01Z","last_seen":"2026-04-22T13:44:04.165145Z","times_seen":6539,"resource_available":false,"data":null}},"time_used":318,"timings":{"blocked":150,"dns":32,"connect":8,"send":0,"wait":8,"receive":3,"ssl":107},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"goo.su/img/favicons/favicon-16x16.png","fqdn":"goo.su","domain":"goo.su","tld":"su"},"ip":{"addr":"172.67.139.105","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://goo.su/F0KU","date":"2023-12-02T20:09:25.731Z","timestamp":1701547765731,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"goo.su","organization":""},"issuer":{"commonName":"GTS CA 1P5","organization":"Google Trust Services LLC"},"validity":{"start":"Fri, 06 Oct 2023 22:31:19 GMT","end":"Thu, 04 Jan 2024 22:31:18 GMT"},"fingerprint":{"sha1":"C7:43:5F:AB:2E:5B:9D:DF:91:5A:64:48:54:CA:F4:CD:DF:39:92:A6","sha256":"C4:55:87:E0:49:48:08:27:19:CF:11:2A:70:C0:06:01:0B:D4:BD:FA:D1:5A:08:E9:B4:5F:2E:1E:1C:23:FA:F0"}}},"request":{"raw":"GET /img/favicons/favicon-16x16.png HTTP/1.1\r\nHost: goo.su\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://goo.su/F0KU\r\nCookie: XSRF-TOKEN=eyJpdiI6IjkvZGgvY0NheUlMNmk0SEVsOHIvQmc9PSIsInZhbHVlIjoiVkhJQm1NcVFZZmVwL0pBNFUySkJ0MUlaYVdReUFiYjdoRFVlNitrZ0J0amFIN09yWkNlOTFRRXdoWFJSWFNHNGdpbnc3NG5aWUt2STZ6MldqeVRRUktsaytpWmhjUldha1dJektVOWJKZjVISDlhQWFNT0s5VnZBNFlOMU5kNWUiLCJtYWMiOiIyNmY0ZWQ0ZjZiNGViZmJiMDZmNWIwZmJlOGM2MDEwMmU3Njg2OGJmNDdmNTY5MTQ3MmI3OWM4NTkxNWI1MjZkIiwidGFnIjoiIn0%3D; goosu_session=eyJpdiI6ImlZZmdudldIa0dzM3FyNHF5ZEZic2c9PSIsInZhbHVlIjoiOWV3SUVTY2ZIcFhDMzlpK2JXTWNJZGNmTUNsc1FocDAzeklTWmZLdEZqa2JxbDlEUmhkSUM2RnAwTm55WFF5Umt4cnhWalltWnh2Sm9YQWc0anBBeTF5dXFNbXRES3UvamJEdUxXT0JnZWNZd2F2MDZnUkhmdk1xUmVQTVdVZzAiLCJtYWMiOiJjNWE2MDc4NjA4YTcyZjJiNGE0NzViMTNiZjkyYjgxMzI3OTJjZGRjMjgwZWY1M2ExMTFiZDZjOTY0NGQ0MDMyIiwidGFnIjoiIn0%3D; cf_clearance=rYzlaK8J.fGaq1WZj5V5mkkBcABqPS7K.tiyOMm54YA-1701547760-0-1-730ca2d2.73a07051.5b213570-0.2.1701547760\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Sat, 02 Dec 2023 20:09:20 GMT\r\ncontent-type: image/png\r\ncontent-length: 1567\r\nlast-modified: Sun, 13 Feb 2022 17:51:43 GMT\r\netag: \"6209452f-61f\"\r\nexpires: Tue, 05 Dec 2023 08:21:25 GMT\r\ncache-control: max-age=604800\r\ncf-cache-status: HIT\r\nage: 388075\r\naccept-ranges: bytes\r\nreport-to: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v3?s=2%2BFHyk50R69JSN0tyMdLhmeFTlC%2B8WhP2J2xZowgD6R04J0NulmjBgwx%2FLaK5ZuX%2Fd8xOBH27Inh4vUoaXYVoZSTxTUqC0GYRhiw1RP7rCTBGWLF84Iein8%3D\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\nnel: {\"success_fraction\":0,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nvary: Accept-Encoding\r\nserver: cloudflare\r\ncf-ray: 82f634ffb85456c1-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":1567,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 16 x 16, 8-bit colormap, non-interlaced\\012- data","md5":"2b201347b6d90e0ad2bbad3be209db73","sha1":"ae5de3e7f779cf33aefd5dc738f2126633bb7824","sha256":"df0a5932ec719656fd8f147bcc0c14312e53e52c2df13f5f815d72833de9c852","sha512":"577839e7493e86954bdf7e0fec853520b9cd1f714a9e560f9e9270a5ee118bd63907d8bdcc9f7f65bd11e01b2669908b78b550e6b77426d897431044523fc6b1","ssdeep":"","tlshash":"5831e7c9893cce18dc6b65ff21e202d978389ad311deaa3951df45197854eb0009d51d","first_seen":"2023-04-06T08:25:23Z","last_seen":"2026-04-23T14:24:07.524909Z","times_seen":967,"resource_available":false,"data":null}},"time_used":10,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":10,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"goo.su/img/favicons/apple-touch-icon.png","fqdn":"goo.su","domain":"goo.su","tld":"su"},"ip":{"addr":"172.67.139.105","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://goo.su/F0KU","date":"2023-12-02T20:09:25.724Z","timestamp":1701547765724,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"goo.su","organization":""},"issuer":{"commonName":"GTS CA 1P5","organization":"Google Trust Services LLC"},"validity":{"start":"Fri, 06 Oct 2023 22:31:19 GMT","end":"Thu, 04 Jan 2024 22:31:18 GMT"},"fingerprint":{"sha1":"C7:43:5F:AB:2E:5B:9D:DF:91:5A:64:48:54:CA:F4:CD:DF:39:92:A6","sha256":"C4:55:87:E0:49:48:08:27:19:CF:11:2A:70:C0:06:01:0B:D4:BD:FA:D1:5A:08:E9:B4:5F:2E:1E:1C:23:FA:F0"}}},"request":{"raw":"GET /img/favicons/apple-touch-icon.png HTTP/1.1\r\nHost: goo.su\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://goo.su/F0KU\r\nCookie: XSRF-TOKEN=eyJpdiI6IjkvZGgvY0NheUlMNmk0SEVsOHIvQmc9PSIsInZhbHVlIjoiVkhJQm1NcVFZZmVwL0pBNFUySkJ0MUlaYVdReUFiYjdoRFVlNitrZ0J0amFIN09yWkNlOTFRRXdoWFJSWFNHNGdpbnc3NG5aWUt2STZ6MldqeVRRUktsaytpWmhjUldha1dJektVOWJKZjVISDlhQWFNT0s5VnZBNFlOMU5kNWUiLCJtYWMiOiIyNmY0ZWQ0ZjZiNGViZmJiMDZmNWIwZmJlOGM2MDEwMmU3Njg2OGJmNDdmNTY5MTQ3MmI3OWM4NTkxNWI1MjZkIiwidGFnIjoiIn0%3D; goosu_session=eyJpdiI6ImlZZmdudldIa0dzM3FyNHF5ZEZic2c9PSIsInZhbHVlIjoiOWV3SUVTY2ZIcFhDMzlpK2JXTWNJZGNmTUNsc1FocDAzeklTWmZLdEZqa2JxbDlEUmhkSUM2RnAwTm55WFF5Umt4cnhWalltWnh2Sm9YQWc0anBBeTF5dXFNbXRES3UvamJEdUxXT0JnZWNZd2F2MDZnUkhmdk1xUmVQTVdVZzAiLCJtYWMiOiJjNWE2MDc4NjA4YTcyZjJiNGE0NzViMTNiZjkyYjgxMzI3OTJjZGRjMjgwZWY1M2ExMTFiZDZjOTY0NGQ0MDMyIiwidGFnIjoiIn0%3D; cf_clearance=rYzlaK8J.fGaq1WZj5V5mkkBcABqPS7K.tiyOMm54YA-1701547760-0-1-730ca2d2.73a07051.5b213570-0.2.1701547760\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Sat, 02 Dec 2023 20:09:20 GMT\r\ncontent-type: image/png\r\ncontent-length: 10926\r\nlast-modified: Sun, 13 Feb 2022 17:51:43 GMT\r\netag: \"6209452f-2aae\"\r\nexpires: Fri, 08 Dec 2023 07:34:06 GMT\r\ncache-control: max-age=604800\r\ncf-cache-status: HIT\r\nage: 131714\r\naccept-ranges: bytes\r\nreport-to: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v3?s=BzyBf458vMxSe87jfquErT7%2Bp0WYuMEaupS4YeHleQPH31szTXiG6hPhyPaJzO5mhYgpZCjpyXpH2ntkWPHo8%2F48OmsgVDWCL4rfdB%2Br66Jgb2bMzNuomnI%3D\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\nnel: {\"success_fraction\":0,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nvary: Accept-Encoding\r\nserver: cloudflare\r\ncf-ray: 82f634ffb85056c1-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":10926,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 180 x 180, 8-bit/color RGB, non-interlaced\\012- data","md5":"dc1648f034a8879145ce2db071bdc305","sha1":"28dfdc4f3f97f00e54528685427a83974cb04a81","sha256":"7c51dc3139a5a8a07e00884f6558ed62511359803bcb4123668b8e0ccab896c7","sha512":"48c659196c00e9464bd764d50c670ad0b5b663fec53b0506ad70413cd0c5521a792350510a53ef6bc24bcddcc6ca3606b7126533eb19baf7d3980c9605852d38","ssdeep":"192:W5V2ejIAELnyaW5IvcbdNTeUjWkou4G/ryGMKMMedq//JDKb+pwxnHESxqL9:WtfueIidNTeuWkj46FMMee/JDWxG","tlshash":"0032bfaf00f58ca4ea3681ae2c13414c54121f8744db2feb18d7d89856caf1479f123d","first_seen":"2023-04-06T08:25:23Z","last_seen":"2026-04-23T14:24:07.46703Z","times_seen":1141,"resource_available":false,"data":null}},"time_used":14,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":14,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"rtb.pushdom.co/pb/st?sctp=content-locker\u0026m=ht\u0026pid=883146\u0026sid=330256\u0026dm=goo.su\u0026c1=https\u0026c2=1\u0026c3=https://rtb.pushdom.co/pb/st","fqdn":"rtb.pushdom.co","domain":"pushdom.co","tld":"co"},"ip":{"addr":"31.204.132.208","port":443,"asn":49544,"as":"i3D.net B.V","country":"Netherlands","country_code":"NL"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://goo.su/F0KU","date":"2023-12-02T20:09:25.392Z","timestamp":1701547765392,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"rtb.pushdom.co","organization":""},"issuer":{"commonName":"R3","organization":"Let's Encrypt"},"validity":{"start":"Wed, 04 Oct 2023 13:08:31 GMT","end":"Tue, 02 Jan 2024 13:08:30 GMT"},"fingerprint":{"sha1":"24:5E:C5:CD:AF:AA:7D:3F:BA:DD:C0:63:32:DB:F1:38:20:5F:70:88","sha256":"6D:8E:6F:05:5D:6D:18:DF:24:6B:31:E3:3B:55:8B:C4:7A:F0:E2:92:F7:EF:8B:D1:36:8E:2E:AF:68:95:5C:69"}}},"request":{"raw":"GET /pb/st?sctp=content-locker\u0026m=ht\u0026pid=883146\u0026sid=330256\u0026dm=goo.su\u0026c1=https\u0026c2=1\u0026c3=https://rtb.pushdom.co/pb/st HTTP/1.1\r\nHost: rtb.pushdom.co\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://goo.su/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: openresty/1.21.4.1\r\ndate: Sat, 02 Dec 2023 20:09:20 GMT\r\ncontent-type: text/html;charset=UTF-8\r\ncontent-length: 0\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-23T16:09:28.727144Z","times_seen":14109060,"resource_available":true,"data":null}},"time_used":888,"timings":{"blocked":386,"dns":128,"connect":115,"send":0,"wait":116,"receive":0,"ssl":141},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"st.top100.ru/top100/3.13.44/usability.js","fqdn":"st.top100.ru","domain":"top100.ru","tld":"ru"},"ip":{"addr":"81.19.89.18","port":443,"asn":24638,"as":"Rambler Internet Holding LLC","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://goo.su/F0KU","date":"2023-12-02T20:09:25.751Z","timestamp":1701547765751,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384","key_group_name":"P256","signature_name":"ECDSA-P521-SHA512","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.top100.ru","organization":""},"issuer":{"commonName":"GlobalSign GCC R3 DV TLS CA 2020","organization":"GlobalSign nv-sa"},"validity":{"start":"Wed, 08 Feb 2023 07:55:45 GMT","end":"Mon, 11 Mar 2024 07:55:44 GMT"},"fingerprint":{"sha1":"69:AD:E6:85:0B:3A:87:2C:3B:C1:7E:CB:EF:53:D7:2E:12:F3:76:6B","sha256":"7A:54:9F:99:23:46:4D:CC:F2:D7:48:B9:78:2A:1B:78:64:98:81:CC:D3:18:57:F1:CA:F8:C9:16:96:C3:67:29"}}},"request":{"raw":"GET /top100/3.13.44/usability.js HTTP/1.1\r\nHost: st.top100.ru\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://goo.su/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sat, 02 Dec 2023 20:09:20 GMT\r\ncontent-type: application/javascript\r\nvary: Accept-Encoding\r\nlast-modified: Thu, 23 Nov 2023 11:30:43 GMT\r\nx-rgw-object-type: Normal\r\netag: W/\"5631c815de35a6f6b448b0abbb1dd60c\"\r\nx-amz-request-id: tx00000000000012b2153e9-00656b8d8b-783970ff-default\r\nexpires: Thu, 31 Dec 2037 23:55:55 GMT\r\ncache-control: max-age=315360000\r\nset-cookie: proto_uid=1CIAAPCOa2WcSD9iARuI2QB=; expires=Thu, 31-Dec-37 23:55:55 GMT; domain=.rambler.ru; path=/\r\np3p: CP=\"NON DSP NID ADMa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":14628,"size_decoded":0,"mime_type":"application/javascript","magic":"ASCII text, with very long lines (14628), with no line terminators","md5":"5631c815de35a6f6b448b0abbb1dd60c","sha1":"9f35207e42f536afca4fe47eb4833ad3d4d370a8","sha256":"022038891c775d0e6639f4cafd1607c96ec9fb39eccfd0b8d7d411af03767a33","sha512":"8b00c1de0726743a5fbc2a48931f323dcfb1fad9d4b4b1de495fb474d6b8b384a091321a231e428670f0cef2c7cc01477043ac8edc708a8c3b854c9acfec63c0","ssdeep":"384:/7nOp/yHy/ZUku3ZDMYgznGD+TF09F0FXBsE:DlHAG3Z3gLS+YFc","tlshash":"1b62b08cb9a1f4668363a0f1015f104ea33e695ce4ec656cb189e4e56cfd40e9627f7c","first_seen":"2023-11-20T15:41:18Z","last_seen":"2023-12-05T17:39:15Z","times_seen":67,"resource_available":true,"data":null}},"time_used":26,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":26,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"goo.su/cdn-cgi/challenge-platform/h/b/scripts/jsd/56d3063b/main.js","fqdn":"goo.su","domain":"goo.su","tld":"su"},"ip":{"addr":"172.67.139.105","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://goo.su/F0KU","date":"2023-12-02T20:09:25.405Z","timestamp":1701547765405,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"goo.su","organization":""},"issuer":{"commonName":"GTS CA 1P5","organization":"Google Trust Services LLC"},"validity":{"start":"Fri, 06 Oct 2023 22:31:19 GMT","end":"Thu, 04 Jan 2024 22:31:18 GMT"},"fingerprint":{"sha1":"C7:43:5F:AB:2E:5B:9D:DF:91:5A:64:48:54:CA:F4:CD:DF:39:92:A6","sha256":"C4:55:87:E0:49:48:08:27:19:CF:11:2A:70:C0:06:01:0B:D4:BD:FA:D1:5A:08:E9:B4:5F:2E:1E:1C:23:FA:F0"}}},"request":{"raw":"GET /cdn-cgi/challenge-platform/h/b/scripts/jsd/56d3063b/main.js HTTP/1.1\r\nHost: goo.su\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: XSRF-TOKEN=eyJpdiI6IjkvZGgvY0NheUlMNmk0SEVsOHIvQmc9PSIsInZhbHVlIjoiVkhJQm1NcVFZZmVwL0pBNFUySkJ0MUlaYVdReUFiYjdoRFVlNitrZ0J0amFIN09yWkNlOTFRRXdoWFJSWFNHNGdpbnc3NG5aWUt2STZ6MldqeVRRUktsaytpWmhjUldha1dJektVOWJKZjVISDlhQWFNT0s5VnZBNFlOMU5kNWUiLCJtYWMiOiIyNmY0ZWQ0ZjZiNGViZmJiMDZmNWIwZmJlOGM2MDEwMmU3Njg2OGJmNDdmNTY5MTQ3MmI3OWM4NTkxNWI1MjZkIiwidGFnIjoiIn0%3D; goosu_session=eyJpdiI6ImlZZmdudldIa0dzM3FyNHF5ZEZic2c9PSIsInZhbHVlIjoiOWV3SUVTY2ZIcFhDMzlpK2JXTWNJZGNmTUNsc1FocDAzeklTWmZLdEZqa2JxbDlEUmhkSUM2RnAwTm55WFF5Umt4cnhWalltWnh2Sm9YQWc0anBBeTF5dXFNbXRES3UvamJEdUxXT0JnZWNZd2F2MDZnUkhmdk1xUmVQTVdVZzAiLCJtYWMiOiJjNWE2MDc4NjA4YTcyZjJiNGE0NzViMTNiZjkyYjgxMzI3OTJjZGRjMjgwZWY1M2ExMTFiZDZjOTY0NGQ0MDMyIiwidGFnIjoiIn0%3D\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Sat, 02 Dec 2023 20:09:20 GMT\r\ncontent-type: application/javascript; charset=UTF-8\r\ncache-control: max-age=14400, public\r\nvary: accept-encoding\r\nx-content-type-options: nosniff\r\nreport-to: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v3?s=fv9kpiiUkSrYaobCxLjft10KGhljBiHXYzfRTGqMzRYpMw6ll07PZ4cu%2Bl3zZguYtOIPZasXA23TD5k2sZoPXCzic%2F2RAJiSwjvF9HSSGQRlG7ORCGhHCD0%3D\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\nnel: {\"success_fraction\":0,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nserver: cloudflare\r\ncf-ray: 82f634fdbd9456c1-OSL\r\ncontent-encoding: br\r\nalt-svc: h3=\":443\"; ma=86400\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":7432,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"ASCII text, with very long lines (7432), with no line terminators","md5":"a367c21c47ccf603e799919d52102fad","sha1":"3f114f1a04447b965187a829cf51bf3d9e096161","sha256":"da8b7eb9a8f8e9f26ef4a18d62dacde8945b8f682cec85d232ff73c917f91272","sha512":"779bfbc12416020fb5cc018e07843d8fd5b31bd93a6fdbe4ce36f26f4b47637284e39df1bd1daebe641c57694256b93febadf832959452abd961f9ac534144e0","ssdeep":"96:hX55c0lcAPXrbkE1RtfzvRbm1jpUIa56sXckY1XZKsjkmXHTxTNlOWvkCzgxX/Yz:hfcecAtfCT1pjdpOW8XgfkY0AMvm6M","tlshash":"3ce1a5cb770e706313727cbb415f586b660d9fa618c868c29a48c4f8bab134944efe56","first_seen":"2023-12-02T21:09:37Z","last_seen":"2023-12-02T21:09:37Z","times_seen":1,"resource_available":true,"data":null}},"time_used":13,"timings":{"blocked":1,"dns":0,"connect":0,"send":0,"wait":12,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"goo.su/F0KU","fqdn":"goo.su","domain":"goo.su","tld":"su"},"ip":{"addr":"172.67.139.105","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"United States","country_code":"US"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2023-12-02T20:09:24.275Z","timestamp":1701547764275,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"goo.su","organization":""},"issuer":{"commonName":"GTS CA 1P5","organization":"Google Trust Services LLC"},"validity":{"start":"Fri, 06 Oct 2023 22:31:19 GMT","end":"Thu, 04 Jan 2024 22:31:18 GMT"},"fingerprint":{"sha1":"C7:43:5F:AB:2E:5B:9D:DF:91:5A:64:48:54:CA:F4:CD:DF:39:92:A6","sha256":"C4:55:87:E0:49:48:08:27:19:CF:11:2A:70:C0:06:01:0B:D4:BD:FA:D1:5A:08:E9:B4:5F:2E:1E:1C:23:FA:F0"}}},"request":{"raw":"GET /F0KU HTTP/1.1\r\nHost: goo.su\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sat, 02 Dec 2023 20:09:19 GMT\r\ncontent-type: text/html; charset=UTF-8\r\nvary: Accept-Encoding\r\nx-powered-by: PHP/8.0.15\r\ncache-control: private, must-revalidate\r\npragma: no-cache\r\nexpires: -1\r\nset-cookie: XSRF-TOKEN=eyJpdiI6IjkvZGgvY0NheUlMNmk0SEVsOHIvQmc9PSIsInZhbHVlIjoiVkhJQm1NcVFZZmVwL0pBNFUySkJ0MUlaYVdReUFiYjdoRFVlNitrZ0J0amFIN09yWkNlOTFRRXdoWFJSWFNHNGdpbnc3NG5aWUt2STZ6MldqeVRRUktsaytpWmhjUldha1dJektVOWJKZjVISDlhQWFNT0s5VnZBNFlOMU5kNWUiLCJtYWMiOiIyNmY0ZWQ0ZjZiNGViZmJiMDZmNWIwZmJlOGM2MDEwMmU3Njg2OGJmNDdmNTY5MTQ3MmI3OWM4NTkxNWI1MjZkIiwidGFnIjoiIn0%3D; expires=Sun, 03-Dec-2023 14:49:19 GMT; Max-Age=67200; path=/; samesite=lax\ngoosu_session=eyJpdiI6ImlZZmdudldIa0dzM3FyNHF5ZEZic2c9PSIsInZhbHVlIjoiOWV3SUVTY2ZIcFhDMzlpK2JXTWNJZGNmTUNsc1FocDAzeklTWmZLdEZqa2JxbDlEUmhkSUM2RnAwTm55WFF5Umt4cnhWalltWnh2Sm9YQWc0anBBeTF5dXFNbXRES3UvamJEdUxXT0JnZWNZd2F2MDZnUkhmdk1xUmVQTVdVZzAiLCJtYWMiOiJjNWE2MDc4NjA4YTcyZjJiNGE0NzViMTNiZjkyYjgxMzI3OTJjZGRjMjgwZWY1M2ExMTFiZDZjOTY0NGQ0MDMyIiwidGFnIjoiIn0%3D; expires=Sun, 03-Dec-2023 14:49:19 GMT; Max-Age=67200; path=/; httponly; samesite=lax\r\ncf-cache-status: DYNAMIC\r\nreport-to: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v3?s=PP4%2FngQClSO894bzz7LR4aIg8XoV54d%2Fs%2FU0z7QKhQc7ncuNU5rxdlZWhnUsHIhFJtWfsk4U57X6s5C7d7P5Fu%2FFUpvyTrT2P2XZsLJ97m14bcE730AksUk%3D\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\nnel: {\"success_fraction\":0,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nserver: cloudflare\r\ncf-ray: 82f634f6bb2556ab-OSL\r\ncontent-encoding: br\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":20704,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-23T16:09:28.727144Z","times_seen":14109060,"resource_available":true,"data":null}},"time_used":594,"timings":{"blocked":8,"dns":0,"connect":1,"send":0,"wait":566,"receive":0,"ssl":15},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"st.top100.ru/top100/top100.js","fqdn":"st.top100.ru","domain":"top100.ru","tld":"ru"},"ip":{"addr":"81.19.89.18","port":443,"asn":24638,"as":"Rambler Internet Holding LLC","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://goo.su/F0KU","date":"2023-12-02T20:09:25.371Z","timestamp":1701547765371,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384","key_group_name":"P256","signature_name":"ECDSA-P521-SHA512","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.top100.ru","organization":""},"issuer":{"commonName":"GlobalSign GCC R3 DV TLS CA 2020","organization":"GlobalSign nv-sa"},"validity":{"start":"Wed, 08 Feb 2023 07:55:45 GMT","end":"Mon, 11 Mar 2024 07:55:44 GMT"},"fingerprint":{"sha1":"69:AD:E6:85:0B:3A:87:2C:3B:C1:7E:CB:EF:53:D7:2E:12:F3:76:6B","sha256":"7A:54:9F:99:23:46:4D:CC:F2:D7:48:B9:78:2A:1B:78:64:98:81:CC:D3:18:57:F1:CA:F8:C9:16:96:C3:67:29"}}},"request":{"raw":"GET /top100/top100.js HTTP/1.1\r\nHost: st.top100.ru\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://goo.su/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sat, 02 Dec 2023 20:09:20 GMT\r\ncontent-type: application/javascript\r\nvary: Accept-Encoding\r\nlast-modified: Thu, 23 Nov 2023 11:30:43 GMT\r\nx-rgw-object-type: Normal\r\netag: W/\"41c3677568a4c937e2c12b14c97d5403\"\r\nx-amz-request-id: tx00000000000012b20d26f-00656b8d01-783970ff-default\r\nexpires: Sat, 02 Dec 2023 21:09:20 GMT\r\ncache-control: max-age=3600\r\nset-cookie: proto_uid=1CIAAPCOa2WcSD9iAe6H2QB=; expires=Thu, 31-Dec-37 23:55:55 GMT; domain=.rambler.ru; path=/\r\np3p: CP=\"NON DSP NID ADMa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":114426,"size_decoded":0,"mime_type":"application/javascript","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-23T16:09:28.727144Z","times_seen":14109060,"resource_available":true,"data":null}},"time_used":394,"timings":{"blocked":164,"dns":32,"connect":27,"send":0,"wait":55,"receive":0,"ssl":113},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"goo.su/cdn-cgi/challenge-platform/h/b/jsd/r/82f634f6bb2556ab","fqdn":"goo.su","domain":"goo.su","tld":"su"},"ip":{"addr":"172.67.139.105","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://goo.su/F0KU","date":"2023-12-02T20:09:25.649Z","timestamp":1701547765649,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"goo.su","organization":""},"issuer":{"commonName":"GTS CA 1P5","organization":"Google Trust Services LLC"},"validity":{"start":"Fri, 06 Oct 2023 22:31:19 GMT","end":"Thu, 04 Jan 2024 22:31:18 GMT"},"fingerprint":{"sha1":"C7:43:5F:AB:2E:5B:9D:DF:91:5A:64:48:54:CA:F4:CD:DF:39:92:A6","sha256":"C4:55:87:E0:49:48:08:27:19:CF:11:2A:70:C0:06:01:0B:D4:BD:FA:D1:5A:08:E9:B4:5F:2E:1E:1C:23:FA:F0"}}},"request":{"raw":"POST /cdn-cgi/challenge-platform/h/b/jsd/r/82f634f6bb2556ab HTTP/1.1\r\nHost: goo.su\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nContent-Type: application/json\r\nContent-Length: 12163\r\nOrigin: https://goo.su\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://goo.su/F0KU\r\nCookie: XSRF-TOKEN=eyJpdiI6IjkvZGgvY0NheUlMNmk0SEVsOHIvQmc9PSIsInZhbHVlIjoiVkhJQm1NcVFZZmVwL0pBNFUySkJ0MUlaYVdReUFiYjdoRFVlNitrZ0J0amFIN09yWkNlOTFRRXdoWFJSWFNHNGdpbnc3NG5aWUt2STZ6MldqeVRRUktsaytpWmhjUldha1dJektVOWJKZjVISDlhQWFNT0s5VnZBNFlOMU5kNWUiLCJtYWMiOiIyNmY0ZWQ0ZjZiNGViZmJiMDZmNWIwZmJlOGM2MDEwMmU3Njg2OGJmNDdmNTY5MTQ3MmI3OWM4NTkxNWI1MjZkIiwidGFnIjoiIn0%3D; goosu_session=eyJpdiI6ImlZZmdudldIa0dzM3FyNHF5ZEZic2c9PSIsInZhbHVlIjoiOWV3SUVTY2ZIcFhDMzlpK2JXTWNJZGNmTUNsc1FocDAzeklTWmZLdEZqa2JxbDlEUmhkSUM2RnAwTm55WFF5Umt4cnhWalltWnh2Sm9YQWc0anBBeTF5dXFNbXRES3UvamJEdUxXT0JnZWNZd2F2MDZnUkhmdk1xUmVQTVdVZzAiLCJtYWMiOiJjNWE2MDc4NjA4YTcyZjJiNGE0NzViMTNiZjkyYjgxMzI3OTJjZGRjMjgwZWY1M2ExMTFiZDZjOTY0NGQ0MDMyIiwidGFnIjoiIn0%3D\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Sat, 02 Dec 2023 20:09:20 GMT\r\ncontent-type: text/plain; charset=UTF-8\r\nset-cookie: cf_clearance=rYzlaK8J.fGaq1WZj5V5mkkBcABqPS7K.tiyOMm54YA-1701547760-0-1-730ca2d2.73a07051.5b213570-0.2.1701547760; path=/; expires=Sun, 01-Dec-24 20:09:20 GMT; domain=.goo.su; HttpOnly; Secure; SameSite=None\r\nreport-to: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v3?s=rUY%2Fn4VNHVWpinE39eNVHgvRpzx8Ynrqv40JKU9N2Ku7FM5x6ZYvtEEOqWEpn7rOf7BIBJOGI112ySSNUe08K17TRr8V30gjKYIJMZtmaPfFa2V7cS4nRsY%3D\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\nnel: {\"success_fraction\":0,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nserver: cloudflare\r\ncf-ray: 82f634ff3f9556c1-OSL\r\ncontent-encoding: br\r\nalt-svc: h3=\":443\"; ma=86400\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"text/plain; charset=UTF-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-23T16:09:28.727144Z","times_seen":14109060,"resource_available":true,"data":null}},"time_used":25,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":25,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"goo.su/cdn-cgi/challenge-platform/scripts/jsd/main.js","fqdn":"goo.su","domain":"goo.su","tld":"su"},"ip":{"addr":"172.67.139.105","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://goo.su/F0KU","date":"2023-12-02T20:09:25.388Z","timestamp":1701547765388,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"goo.su","organization":""},"issuer":{"commonName":"GTS CA 1P5","organization":"Google Trust Services LLC"},"validity":{"start":"Fri, 06 Oct 2023 22:31:19 GMT","end":"Thu, 04 Jan 2024 22:31:18 GMT"},"fingerprint":{"sha1":"C7:43:5F:AB:2E:5B:9D:DF:91:5A:64:48:54:CA:F4:CD:DF:39:92:A6","sha256":"C4:55:87:E0:49:48:08:27:19:CF:11:2A:70:C0:06:01:0B:D4:BD:FA:D1:5A:08:E9:B4:5F:2E:1E:1C:23:FA:F0"}}},"request":{"raw":"GET /cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP/1.1\r\nHost: goo.su\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: XSRF-TOKEN=eyJpdiI6IjkvZGgvY0NheUlMNmk0SEVsOHIvQmc9PSIsInZhbHVlIjoiVkhJQm1NcVFZZmVwL0pBNFUySkJ0MUlaYVdReUFiYjdoRFVlNitrZ0J0amFIN09yWkNlOTFRRXdoWFJSWFNHNGdpbnc3NG5aWUt2STZ6MldqeVRRUktsaytpWmhjUldha1dJektVOWJKZjVISDlhQWFNT0s5VnZBNFlOMU5kNWUiLCJtYWMiOiIyNmY0ZWQ0ZjZiNGViZmJiMDZmNWIwZmJlOGM2MDEwMmU3Njg2OGJmNDdmNTY5MTQ3MmI3OWM4NTkxNWI1MjZkIiwidGFnIjoiIn0%3D; goosu_session=eyJpdiI6ImlZZmdudldIa0dzM3FyNHF5ZEZic2c9PSIsInZhbHVlIjoiOWV3SUVTY2ZIcFhDMzlpK2JXTWNJZGNmTUNsc1FocDAzeklTWmZLdEZqa2JxbDlEUmhkSUM2RnAwTm55WFF5Umt4cnhWalltWnh2Sm9YQWc0anBBeTF5dXFNbXRES3UvamJEdUxXT0JnZWNZd2F2MDZnUkhmdk1xUmVQTVdVZzAiLCJtYWMiOiJjNWE2MDc4NjA4YTcyZjJiNGE0NzViMTNiZjkyYjgxMzI3OTJjZGRjMjgwZWY1M2ExMTFiZDZjOTY0NGQ0MDMyIiwidGFnIjoiIn0%3D\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 302 Found\r\ndate: Sat, 02 Dec 2023 20:09:20 GMT\r\naccess-control-allow-origin: *\r\nlocation: /cdn-cgi/challenge-platform/h/b/scripts/jsd/56d3063b/main.js\r\ncache-control: max-age=300, public\r\nvary: accept-encoding\r\nreport-to: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v3?s=U1XxxOIArFlFDZGZl5ovG7KWylBZK01m3KTcK6ruYBGjLKJ%2FAW%2FU9ye5J%2Fqj8qO6ti0sjGxK5slt45EQxW6XU%2BJXq%2Bl8jVfEn06FNV9f7RMMeTH6fw7Tkw4%3D\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\nnel: {\"success_fraction\":0,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nserver: cloudflare\r\ncf-ray: 82f634fdad7b56c1-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\n\r\n","headers":null,"cookies":null,"status_code":"302","status_text":"Found","fingerprints":null,"data":{"size":7432,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-23T16:09:28.727144Z","times_seen":14109060,"resource_available":true,"data":null}},"time_used":11,"timings":{"blocked":3,"dns":0,"connect":0,"send":0,"wait":8,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2","fqdn":"fonts.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"216.58.207.227","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://goo.su/F0KU","date":"2023-12-02T20:09:25.351Z","timestamp":1701547765351,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"GTS CA 1C3","organization":"Google Trust Services LLC"},"validity":{"start":"Mon, 23 Oct 2023 11:24:07 GMT","end":"Mon, 15 Jan 2024 11:24:06 GMT"},"fingerprint":{"sha1":"E5:79:1F:1A:04:3F:B9:B0:FB:41:4E:B5:E5:97:AD:FE:D9:2C:4A:CD","sha256":"EF:BD:DB:F8:2A:77:8C:C2:9E:F9:E0:B2:26:39:CB:EC:63:F1:80:36:F6:06:6E:F5:E1:6C:45:66:A4:D1:A6:C8"}}},"request":{"raw":"GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1\r\nHost: fonts.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nOrigin: https://goo.su\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://fonts.googleapis.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"apps-themes\"\r\nreport-to: {\"group\":\"apps-themes\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/apps-themes\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 15744\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Thu, 30 Nov 2023 04:57:34 GMT\r\nexpires: Fri, 29 Nov 2024 04:57:34 GMT\r\ncache-control: public, max-age=31536000\r\nage: 227506\r\nlast-modified: Wed, 11 May 2022 19:24:48 GMT\r\ncontent-type: font/woff2\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":15744,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 15744, version 1.0\\012- data","md5":"15d9f621c3bd1599f0169dcf0bd5e63e","sha1":"7ca9c5967f3bb8bffeab24b639b49c1e7d03fa52","sha256":"f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615","sha512":"d35a47162fc160cd5f806c3bb7feb50ec96fdfc81753660ead22ef33f89be6b1bfd63d1135f6b479d35c2e9d30f2360ffc8819efca672270e230635bcb206c82","ssdeep":"384:z1TLklSElcS5V6qQTMUP07JwirW6RlLwK79/:p7EJ5E2bJwi5jLwK79/","tlshash":"8162e00158a163ade9b2327ed10b1b91c40660a27d2504e8c6e4fc95fe3d7ed5487b76","first_seen":"2023-04-05T08:15:27Z","last_seen":"2026-04-23T15:27:35.722474Z","times_seen":159096,"resource_available":true,"data":null}},"time_used":224,"timings":{"blocked":102,"dns":31,"connect":8,"send":0,"wait":11,"receive":2,"ssl":66},"alerts":{"ids":null,"analyzer":null,"urlquery":null}}]}