www.goo.su/z4lUTHq/
104.21.38.221301 Moved Permanently 187 B IP 104.21.38.221:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text
Hash a3ff447f49262fbe83ee1fea4302ee5e
2ed41905d0e02243822a695cf515f32c99b47844
f15d59be3d28bf3b10791fcfa6ea99423e1fc049f49104b68d8aad978b0d5fee
NIDS Severity Alert suricata medium ET POLICY HTTP Request to .su TLD (Soviet Union) Often Malware Related
GET /z4lUTHq/ HTTP/1.1
Host: www.goo.su
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Date: Sun, 15 Jan 2023 18:42:47 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://goo.su/z4lUTHq/
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1WFIS85ChjsVsF5ORK5JVHy45DKCOsBiNb56p1dsBU2LuA0BYDuvE0766Bnhzdp8lrvVwhc6slaxuvvNtBpxWTf3cREyWfuRkJOLGXhlSDQHKminOfW1OhSK6%2FSZ"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 78a0c0d4ea43b4fd-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 3063227f59d1935298b0620fa7919145
478e1d8bef04b1f95381cac01829c03b6779d420
619281d3b9753bc6d2845786da75e8566687362769517aacf90f953ffbb8407c
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "619281D3B9753BC6D2845786DA75E8566687362769517AACF90F953FFBB8407C"
Last-Modified: Sat, 14 Jan 2023 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14434
Expires: Sun, 15 Jan 2023 22:43:21 GMT
Date: Sun, 15 Jan 2023 18:42:47 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 2258cd6b877a3aca8f4c84074e65ac4b
4e46c70941f8e497e8afc8d078644e7f81761a1c
faac4e0d123f2112b58953c104ea746cd53047fc1ada0ef5d669feecf78ddfff
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "FAAC4E0D123F2112B58953C104EA746CD53047FC1ADA0EF5D669FEECF78DDFFF"
Last-Modified: Sat, 14 Jan 2023 19:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6221
Expires: Sun, 15 Jan 2023 20:26:28 GMT
Date: Sun, 15 Jan 2023 18:42:47 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 30db107dcf4380cef05efea409c2e6a3
96e6a306fbc07299aba64e5c14e2bfca35872fa9
b64051a4a8e346e3c72b2aef77f360a5736ab5e16711d8e0bae3876feaa15b6e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Content-Length, Alert, Backoff, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Sun, 15 Jan 2023 18:42:08 GMT
content-type: application/json
age: 39
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash d6e2abd68203014e8e24d4a9e20e980a
5edbbb1a36083d5077b90b82e7aa10049e90c5d6
88cf8dae194a5e92a8c36a4c54ae71a609eaaed6e99d3986b3834c40d2fceeaa
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "88CF8DAE194A5E92A8C36A4C54AE71A609EAAED6E99D3986B3834C40D2FCEEAA"
Last-Modified: Sun, 15 Jan 2023 11:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7716
Expires: Sun, 15 Jan 2023 20:51:23 GMT
Date: Sun, 15 Jan 2023 18:42:47 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 7b922915ebf1fa3639b333f994c74f24
144a3f80b98fd0652d4614f24cf6cbbee40f8938
adbb3e06df0e870f5c7a9cb81e8979d4e92735853d75c9b779c06470d4db5d9c
GET /chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: Oga/l00YlepHX6ZqFa3bZP7/uVyTNtf/RMEAeG9yxA7kI9Eo5CU06bkOhJPthY7dftmtYRPsQG4=
x-amz-request-id: NNFJG2RJ46RYM7X3
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sun, 15 Jan 2023 17:55:27 GMT
age: 2840
last-modified: Mon, 09 Jan 2023 18:04:21 GMT
etag: "7b922915ebf1fa3639b333f994c74f24"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sun, 15 Jan 2023 18:42:47 GMT
content-type: application/json
content-length: 12
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-expose-headers: content-type
access-control-allow-credentials: true
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 1.1 kB IP 142.250.74.131:0
Hash e9500bcea2b48f786e684e7bdd1b738f
f72e4f809b0b9e183d85115853feae5bc1833156
f4c51b276041084999fe2c89ead15352ff55e074316a51847e5595d899fb0745
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 15 Jan 2023 18:42:48 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash f3ee298482e8025b16b90899b84c98d1
ce5050ce27200b3408a8e5113adcc7a8d14b4796
4c3dd7d296e502765b2de450a4ecb5f8c872ed477b464b9913d2633125680ff0
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 15 Jan 2023 18:42:48 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.googleapis.com/css?family=Roboto:400&display=swap
142.250.74.106200 OK 995 B URL HTTP/2 fonts.googleapis.com/css?family=Roboto:400&display=swap
IP 142.250.74.106:0
Hash 4811619548622ef05a09e4d8042b9959
4beb1d9b93b5716665f4e7a3cda6e450b3ba58af
ed5b6470174aac8ef19f005ca322171f21768953eebd905642d29d99fc09a34b
GET /css?family=Roboto:400&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://goo.su/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sun, 15 Jan 2023 18:42:48 GMT
date: Sun, 15 Jan 2023 18:42:48 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 6fc52c452b4176dabdd1a319c5e3fa51
e00b78bd1c6b5d71f2987fd9cdc8975804b668ae
224beac380dd44474b39343d4138c0e5d8a547523eb06a1c6d6c4a893d511e63
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 15 Jan 2023 18:42:48 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Pragma, Content-Length, Alert, Expires, ETag, Last-Modified, Backoff, Content-Type, Cache-Control
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Sun, 15 Jan 2023 18:17:25 GMT
age: 1523
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 6fc52c452b4176dabdd1a319c5e3fa51
e00b78bd1c6b5d71f2987fd9cdc8975804b668ae
224beac380dd44474b39343d4138c0e5d8a547523eb06a1c6d6c4a893d511e63
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 15 Jan 2023 18:42:48 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/opensans/v34/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4gaVI.woff2
216.58.207.227200 OK 17 kB URL HTTP/2 fonts.gstatic.com/s/opensans/v34/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4gaVI.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 16740, version 1.0\012- data
Hash e43b535855a4ae53bd5b07a6eeb3bf67
6507312d9491156036316484bf8dc41e8b52ddd9
b34551ae25916c460423b82beb8e0675b27f76a9a2908f18286260fbd6de6681
GET /s/opensans/v34/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4gaVI.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://goo.su
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 16740
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 09 Jan 2023 18:52:55 GMT
expires: Tue, 09 Jan 2024 18:52:55 GMT
cache-control: public, max-age=31536000
age: 517793
last-modified: Mon, 15 Aug 2022 18:14:44 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
216.58.207.227200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 15744, version 1.0\012- data
Hash 15d9f621c3bd1599f0169dcf0bd5e63e
7ca9c5967f3bb8bffeab24b639b49c1e7d03fa52
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://goo.su
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15744
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 11 Jan 2023 19:33:54 GMT
expires: Thu, 11 Jan 2024 19:33:54 GMT
cache-control: public, max-age=31536000
age: 342534
last-modified: Wed, 11 May 2022 19:24:48 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 6fc52c452b4176dabdd1a319c5e3fa51
e00b78bd1c6b5d71f2987fd9cdc8975804b668ae
224beac380dd44474b39343d4138c0e5d8a547523eb06a1c6d6c4a893d511e63
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 15 Jan 2023 18:42:48 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash ab8f567a5b349f8bfd0e98b9352ddcd8
11f9d262ffcc02f1654656e98fe165678fe257ef
db6ecc94321aa400979d7c6a8cf7826623da3b8abc22218c4a3e837b1450e4e5
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3125
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 15 Jan 2023 18:42:48 GMT
Last-Modified: Sun, 15 Jan 2023 17:50:43 GMT
Server: ECS (ska/F710)
X-Cache: HIT
Content-Length: 471
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash e5f9cfd32ba0e755eba2eba2bca5bc3c
012c01ac7a06da9f57e0e1c24658a4bd40e82518
ffd7fc715a11f6579f953c2f0f65128000733620fcc777cd0a4c5bb895c64ad2
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6499
Cache-Control: max-age=144737
Content-Type: application/ocsp-response
Date: Sun, 15 Jan 2023 18:42:48 GMT
Etag: "63c3c226-1d7"
Expires: Tue, 17 Jan 2023 10:55:05 GMT
Last-Modified: Sun, 15 Jan 2023 09:06:46 GMT
Server: ECS (ska/F710)
X-Cache: HIT
Content-Length: 471
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 2f8ae4ab9ee17e2598e9299bdc0f44c0
ab4c7d1750edf513359218ab6d0b81cdd4dcb90c
75e680ab62ee77f0811fdb770d1c913dd41a911e7efb4ca99bc4cfe7fcb432c7
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 15 Jan 2023 18:42:48 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.globalsign.com/gseccovsslca2018
104.18.21.226200 OK 939 B URL HTTP/1.1 ocsp.globalsign.com/gseccovsslca2018
IP 104.18.21.226:0
Hash 805f26e5d5c3e347a1a8a56b3d5b46d9
7c958a2d0dc215bac602d2390bb417bc88a7106e
49085d94ba858cccc52d3d466faeda19f0e2a17a1c0153363e6f30382b75299d
POST /gseccovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 15 Jan 2023 18:42:48 GMT
Content-Type: application/ocsp-response
Content-Length: 939
Connection: keep-alive
Expires: Thu, 19 Jan 2023 15:02:02 GMT
ETag: "7c958a2d0dc215bac602d2390bb417bc88a7106e"
Last-Modified: Sun, 15 Jan 2023 15:02:03 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 264
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 78a0c0de4f520b69-OSL
ocsp.globalsign.com/gseccovsslca2018
104.18.21.226200 OK 939 B URL HTTP/1.1 ocsp.globalsign.com/gseccovsslca2018
IP 104.18.21.226:0
Hash 805f26e5d5c3e347a1a8a56b3d5b46d9
7c958a2d0dc215bac602d2390bb417bc88a7106e
49085d94ba858cccc52d3d466faeda19f0e2a17a1c0153363e6f30382b75299d
POST /gseccovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 15 Jan 2023 18:42:48 GMT
Content-Type: application/ocsp-response
Content-Length: 939
Connection: keep-alive
Expires: Thu, 19 Jan 2023 15:02:02 GMT
ETag: "7c958a2d0dc215bac602d2390bb417bc88a7106e"
Last-Modified: Sun, 15 Jan 2023 15:02:03 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 264
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 78a0c0de4ea1b4f9-OSL
ocsp.globalsign.com/gseccovsslca2018
104.18.21.226200 OK 939 B URL HTTP/1.1 ocsp.globalsign.com/gseccovsslca2018
IP 104.18.21.226:0
Hash 805f26e5d5c3e347a1a8a56b3d5b46d9
7c958a2d0dc215bac602d2390bb417bc88a7106e
49085d94ba858cccc52d3d466faeda19f0e2a17a1c0153363e6f30382b75299d
POST /gseccovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 15 Jan 2023 18:42:48 GMT
Content-Type: application/ocsp-response
Content-Length: 939
Connection: keep-alive
Expires: Thu, 19 Jan 2023 15:02:02 GMT
ETag: "7c958a2d0dc215bac602d2390bb417bc88a7106e"
Last-Modified: Sun, 15 Jan 2023 15:02:03 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 264
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 78a0c0de4e2bb505-OSL
pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-4358137683029217
142.250.74.2200 OK 49 kB URL HTTP/2 pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-4358137683029217
IP 142.250.74.2:0
File type ASCII text, with very long lines (4885)
Hash 91a8ca813a666d38de1fc54b817bcb91
81ef81cafce79184aada7070a3d2cf6d5083ca4b
61c39ac1e6a4b4b91e0c1129eaad8ccb976d3174996f1987ecd1d5f11109de67
GET /pagead/js/adsbygoogle.js?client=ca-pub-4358137683029217 HTTP/1.1
Host: pagead2.googlesyndication.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://goo.su
Connection: keep-alive
Referer: https://goo.su/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Sun, 15 Jan 2023 18:42:48 GMT
expires: Sun, 15 Jan 2023 18:42:48 GMT
cache-control: private, max-age=3600
content-type: text/javascript; charset=UTF-8
etag: 12132793325208485839
access-control-allow-origin: *
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 49320
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp2.globalsign.com/gsalphasha2g2
104.18.20.226200 OK 1.4 kB URL HTTP/1.1 ocsp2.globalsign.com/gsalphasha2g2
IP 104.18.20.226:0
Hash ea2a81f2234c4e1fbdeea321ff18d614
5fd65ebde71d993fff7d0d23118f472d86cc62f4
547355c3d7effea8e6283e0a3ecfe4f44b7eb2ee09d3ed90eef9bb44af2932ee
POST /gsalphasha2g2 HTTP/1.1
Host: ocsp2.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 15 Jan 2023 18:42:48 GMT
Content-Type: application/ocsp-response
Content-Length: 1423
Connection: keep-alive
Expires: Thu, 19 Jan 2023 15:26:48 GMT
ETag: "5fd65ebde71d993fff7d0d23118f472d86cc62f4"
Last-Modified: Sun, 15 Jan 2023 15:26:49 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 3069
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 78a0c0de4c9d0b02-OSL
ocsp.globalsign.com/gseccovsslca2018
104.18.21.226200 OK 940 B URL HTTP/1.1 ocsp.globalsign.com/gseccovsslca2018
IP 104.18.21.226:0
Hash 587ed181a51ea2d811cfaedf0671bc7b
883c82deba48c897bd1b521f368b88b76dc94eb2
0dfed53c2ac2bd2da5f2f7d3dd599a90e1ef9a3ae385aeafc322248e83c86d9c
POST /gseccovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 15 Jan 2023 18:42:48 GMT
Content-Type: application/ocsp-response
Content-Length: 940
Connection: keep-alive
Expires: Thu, 19 Jan 2023 16:56:56 GMT
ETag: "883c82deba48c897bd1b521f368b88b76dc94eb2"
Last-Modified: Sun, 15 Jan 2023 16:56:57 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 3083
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 78a0c0de7fa20b69-OSL
counter.yadro.ru/hit?t44.11;r;s1280*1024*24;uhttps%3A//goo.su/z4lUTHq/;hRedirecting...;0.5759190050694482
88.212.201.204200 OK 132 B URL HTTP/1.1 counter.yadro.ru/hit?t44.11;r;s1280*1024*24;uhttps%3A//goo.su/z4lUTHq/;hRedirecting...;0.5759190050694482
IP 88.212.201.204:0
ASN #39134 United Network LLC
File type GIF image data, version 87a, 31 x 31\012- data
Hash 099e70b2712eaea2a982b474b20a0a80
e3ce99d03d1ae5dc89050a8287f7c390374dd2cb
e10cd8d343f9c37e3500c69d92f7ac7e78b6c7df29a2ace8cffe71bfa494e8c9
GET /hit?t44.11;r;s1280*1024*24;uhttps%3A//goo.su/z4lUTHq/;hRedirecting...;0.5759190050694482 HTTP/1.1
Host: counter.yadro.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://goo.su/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.9
Date: Sun, 15 Jan 2023 18:42:48 GMT
Content-Type: image/gif
Content-Length: 132
Connection: keep-alive
Expires: Fri, 14 Jan 2022 21:00:00 GMT
Pragma: no-cache
Cache-control: no-cache
Access-Control-Allow-Origin: *
Strict-Transport-Security: max-age=86400
st.top100.ru/top100/top100.js
81.19.89.17200 OK 65 kB URL HTTP/2 st.top100.ru/top100/top100.js
IP 81.19.89.17:0
ASN #24638 Rambler Internet Holding LLC
Hash 60cd7a1873158a7478c8cc2b2965db20
05825b6be682ba8e16043377ab62a0a2ae674ebe
e8fc6642b0e7eb0415f3e06b2e9c9486b7b1a06c44045730517a067e7e21047c
GET /top100/top100.js HTTP/1.1
Host: st.top100.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://goo.su/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx/1.19.4
date: Sun, 15 Jan 2023 18:42:48 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Thu, 22 Dec 2022 14:27:14 GMT
x-rgw-object-type: Normal
etag: W/"ea6aa0a086ee4977f5a4b68c46691b4c"
x-amz-request-id: tx0000000000002a4aa57a5-0063c448eb-f87fab-default
expires: Sun, 15 Jan 2023 19:42:48 GMT
cache-control: max-age=3600
set-cookie: proto_uid=1CIAAChJxGMftG2XAZiV1AB=; expires=Thu, 31-Dec-37 23:55:55 GMT; domain=.rambler.ru; path=/
p3p: CP="NON DSP NID ADMa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
content-encoding: gzip
X-Firefox-Spdy: h2
push.services.mozilla.com/
35.162.121.89101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 35.162.121.89:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: DFPjpbzF+Q/fQTEgAkTwUg==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: IZwX8TXCrXqBzUwbQypsJGpkgLs=
googleads.g.doubleclick.net/pagead/html/r20230111/r20190131/zrt_lookup.html
142.250.74.98200 OK 4.2 kB URL HTTP/2 googleads.g.doubleclick.net/pagead/html/r20230111/r20190131/zrt_lookup.html
IP 142.250.74.98:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (2579)
Hash 2fb3574102373e2e076cfa2ff90cdf25
d06c985183def975546d6e47ab6369c11dcf7195
e61cbc207f7fc2f429deceff11e7a339a3d9a9574da6d035054eba02ee381345
GET /pagead/html/r20230111/r20190131/zrt_lookup.html HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://goo.su/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
x-content-type-options: nosniff
content-encoding: br
server: cafe
content-length: 4242
x-xss-protection: 0
date: Sun, 15 Jan 2023 13:18:12 GMT
expires: Sun, 29 Jan 2023 13:18:12 GMT
cache-control: public, max-age=1209600
age: 19476
etag: 10353107486223812946
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.globalsign.com/gsgccr3dvtlsca2020
104.18.21.226200 OK 1.4 kB URL HTTP/1.1 ocsp.globalsign.com/gsgccr3dvtlsca2020
IP 104.18.21.226:0
Hash 84f6094887b32130dfe14d585452766f
8fc80c0ec9627d9a5fa80b7ff29b7a4fc12e769a
ebd497dc8e9225f4bbadb32d37bc06d9b182b1abf3036d061e96c0c629a92fc1
POST /gsgccr3dvtlsca2020 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 15 Jan 2023 18:42:48 GMT
Content-Type: application/ocsp-response
Content-Length: 1414
Connection: keep-alive
Expires: Thu, 19 Jan 2023 17:59:17 GMT
ETag: "8fc80c0ec9627d9a5fa80b7ff29b7a4fc12e769a"
Last-Modified: Sun, 15 Jan 2023 17:59:18 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 1489
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 78a0c0e019b70b69-OSL
kraken.rambler.ru/userip
81.19.89.18200 OK 12 B IP 81.19.89.18:0
ASN #24638 Rambler Internet Holding LLC
File type ASCII text, with no line terminators
Hash 35b0bce9d250429df012c0426f88d0bd
f81d80af9cbeb0011316fbba3da8002b32251f7a
da9add592d7eb9cca7705cb4870d7fd4e9718ccd51486c4261a727a8d566960d
GET /userip HTTP/1.1
Host: kraken.rambler.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://goo.su
Connection: keep-alive
Referer: https://goo.su/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx/1.19.4
date: Sun, 15 Jan 2023 18:42:49 GMT
content-type: application/octet-stream
content-length: 12
access-control-allow-origin: https://goo.su
x-srv: 2kraken-prod0003.ad.rambler.tech
set-cookie: ruid=1CIAAClJxGMkBoO5AffS0gB=; expires=Thu, 31-Dec-37 23:55:55 GMT; domain=.rambler.ru; path=/
proto_uid=1CIAAClJxGMkBoO5AffS0gB=; expires=Thu, 31-Dec-37 23:55:55 GMT; domain=.rambler.ru; path=/
p3p: CP="NON DSP NID ADMa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
X-Firefox-Spdy: h2
top-fwz1.mail.ru/counter?js=13;id=3128781;u=https%3A//goo.su/z4lUTHq/;st=1673808168550;title=Redirecting...;s=1280*1024;vp=1268*939;touch=0;hds=1;frame=0;flash=;sid=473a895617346e28;ver=60.3.0;tz=0%2FUTC;ni=;lvid=1673808169208%3A1673808169234%3A1%3A2d3b45b0401b7ed1ef0893946c0ca700;visible=true;_=0.28749232694283877
95.163.52.67302 Found 0 B URL HTTP/2 top-fwz1.mail.ru/counter?js=13;id=3128781;u=https%3A//goo.su/z4lUTHq/;st=1673808168550;title=Redirecting...;s=1280*1024;vp=1268*939;touch=0;hds=1;frame=0;flash=;sid=473a895617346e28;ver=60.3.0;tz=0%2FUTC;ni=;lvid=1673808169208%3A1673808169234%3A1%3A2d3b45b0401b7ed1ef0893946c0ca700;visible=true;_=0.28749232694283877
IP 95.163.52.67:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /counter?js=13;id=3128781;u=https%3A//goo.su/z4lUTHq/;st=1673808168550;title=Redirecting...;s=1280*1024;vp=1268*939;touch=0;hds=1;frame=0;flash=;sid=473a895617346e28;ver=60.3.0;tz=0%2FUTC;ni=;lvid=1673808169208%3A1673808169234%3A1%3A2d3b45b0401b7ed1ef0893946c0ca700;visible=true;_=0.28749232694283877 HTTP/1.1
Host: top-fwz1.mail.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://goo.su/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
server: nginx
date: Sun, 15 Jan 2023 18:42:49 GMT
content-length: 0
location: https://top-fwz1.mail.ru/counter2?js=13;id=3128781;u=https%3A//goo.su/z4lUTHq/;st=1673808168550;title=Redirecting...;s=1280*1024;vp=1268*939;touch=0;hds=1;frame=0;flash=;sid=473a895617346e28;ver=60.3.0;tz=0%2FUTC;ni=;lvid=1673808169208%3A1673808169234%3A1%3A2d3b45b0401b7ed1ef0893946c0ca700;visible=true;_=0.28749232694283877
set-cookie: FTID=1RMYgQ0tkIIF:1673808169:3128781:::; path=/; expires=Tue, 16-Jan-24 18:42:49 GMT; domain=.mail.ru; HttpOnly; SameSite=None; Secure
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, HEAD, PUT, OPTIONS
access-control-allow-headers: *
amp-access-control-allow-source-origin: *
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
timing-allow-origin: *
x-content-type-options: nosniff
p3p: CP="NOI DSP COR NID CUR PSA OUR NOR"
cache-control: private, no-cache, no-store, max-age=0
pragma: no-cache
accept-ch: DPR, Width, Viewport-Width, Downlink, Device-Memory, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version
accept-ch-lifetime: 86400
X-Firefox-Spdy: h2
ocsp.globalsign.com/gseccovsslca2018
104.18.21.226200 OK 939 B URL HTTP/1.1 ocsp.globalsign.com/gseccovsslca2018
IP 104.18.21.226:0
Hash e85762a5c355a327eaa1189c973172f9
4fc5c53aa7aafbc1a0c8f21730550c879e2e9c17
c1e63dfa2664e3659d2a15686f8a7d96e77584605a06f57727bc2240a4b319d5
POST /gseccovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 15 Jan 2023 18:42:49 GMT
Content-Type: application/ocsp-response
Content-Length: 939
Connection: keep-alive
Expires: Thu, 19 Jan 2023 16:49:50 GMT
ETag: "4fc5c53aa7aafbc1a0c8f21730550c879e2e9c17"
Last-Modified: Sun, 15 Jan 2023 16:49:51 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 818
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 78a0c0e14b4f0b69-OSL
ocsp.globalsign.com/gseccovsslca2018
104.18.21.226200 OK 939 B URL HTTP/1.1 ocsp.globalsign.com/gseccovsslca2018
IP 104.18.21.226:0
Hash e85762a5c355a327eaa1189c973172f9
4fc5c53aa7aafbc1a0c8f21730550c879e2e9c17
c1e63dfa2664e3659d2a15686f8a7d96e77584605a06f57727bc2240a4b319d5
POST /gseccovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 15 Jan 2023 18:42:49 GMT
Content-Type: application/ocsp-response
Content-Length: 939
Connection: keep-alive
Expires: Thu, 19 Jan 2023 16:49:50 GMT
ETag: "4fc5c53aa7aafbc1a0c8f21730550c879e2e9c17"
Last-Modified: Sun, 15 Jan 2023 16:49:51 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 818
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 78a0c0e16a62b505-OSL
ocsp.globalsign.com/gseccovsslca2018
104.18.21.226200 OK 939 B URL HTTP/1.1 ocsp.globalsign.com/gseccovsslca2018
IP 104.18.21.226:0
Hash e85762a5c355a327eaa1189c973172f9
4fc5c53aa7aafbc1a0c8f21730550c879e2e9c17
c1e63dfa2664e3659d2a15686f8a7d96e77584605a06f57727bc2240a4b319d5
POST /gseccovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 15 Jan 2023 18:42:49 GMT
Content-Type: application/ocsp-response
Content-Length: 939
Connection: keep-alive
Expires: Thu, 19 Jan 2023 16:49:50 GMT
ETag: "4fc5c53aa7aafbc1a0c8f21730550c879e2e9c17"
Last-Modified: Sun, 15 Jan 2023 16:49:51 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 818
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 78a0c0e16afbb4f9-OSL
ocsp.globalsign.com/gseccovsslca2018
104.18.21.226200 OK 939 B URL HTTP/1.1 ocsp.globalsign.com/gseccovsslca2018
IP 104.18.21.226:0
Hash e85762a5c355a327eaa1189c973172f9
4fc5c53aa7aafbc1a0c8f21730550c879e2e9c17
c1e63dfa2664e3659d2a15686f8a7d96e77584605a06f57727bc2240a4b319d5
POST /gseccovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 15 Jan 2023 18:42:49 GMT
Content-Type: application/ocsp-response
Content-Length: 939
Connection: keep-alive
Expires: Thu, 19 Jan 2023 16:49:50 GMT
ETag: "4fc5c53aa7aafbc1a0c8f21730550c879e2e9c17"
Last-Modified: Sun, 15 Jan 2023 16:49:51 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 818
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 78a0c0e16b8a0b69-OSL
yastatic.net/s3/home/fonts/ys/3/text-variable-full.woff2
178.154.131.217200 OK 26 kB URL HTTP/2 yastatic.net/s3/home/fonts/ys/3/text-variable-full.woff2
IP 178.154.131.217:0
File type Web Open Font Format (Version 2), TrueType, length 26004, version 1.0\012- data
Hash 7f0cdaf91230f9789ca4162aedff612e
965de571aa794dab64076c3cc64dc8894b843f23
033696b7f1ac04d1dcc102be84550e146236ceffc25a6cabc12aa51a6ee410b9
GET /s3/home/fonts/ys/3/text-variable-full.woff2 HTTP/1.1
Host: yastatic.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://goo.su
Connection: keep-alive
Referer: https://goo.su/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx/1.17.9
date: Sun, 15 Jan 2023 18:42:49 GMT
content-type: font/woff2
content-length: 26004
access-control-allow-origin: *
cache-control: public, max-age=31556952
etag: "7f0cdaf91230f9789ca4162aedff612e"
expires: Tue, 16 Jan 2024 00:31:18 GMT
last-modified: Mon, 25 Apr 2022 14:02:39 GMT
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
strict-transport-security: max-age=43200000; includeSubDomains;
timing-allow-origin: *
vary: Accept-Encoding
x-amz-meta-owner: {"role":"admin","login":"4eb0da"}
x-nginx-request-id: 0403c903dde371ba
accept-ranges: bytes
X-Firefox-Spdy: h2
yastatic.net/partner-code-bundles/705738/1c0942547d39e10f5f56.js
178.154.131.217200 OK 4.8 kB URL HTTP/2 yastatic.net/partner-code-bundles/705738/1c0942547d39e10f5f56.js
IP 178.154.131.217:0
File type ASCII text, with very long lines (14344)
Hash e22179b6d5dc4528f9af9475e5639e8e
d7aa3f3b383e7a082f4b6526bd4a44bffbf43c9c
2f22b4c0139b84e91b2c96d6bdee94156992fe654ec8711278e0022274a3979f
GET /partner-code-bundles/705738/1c0942547d39e10f5f56.js HTTP/1.1
Host: yastatic.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://goo.su
Connection: keep-alive
Referer: https://goo.su/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx/1.17.9
date: Sun, 15 Jan 2023 18:42:49 GMT
content-type: text/javascript; charset=utf-8
content-length: 4801
access-control-allow-origin: *
cache-control: public, max-age=946708560
content-encoding: br
etag: "e22179b6d5dc4528f9af9475e5639e8e"
expires: Wed, 15 Jan 2053 01:14:27 GMT
last-modified: Thu, 12 Jan 2023 18:09:23 GMT
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
strict-transport-security: max-age=43200000; includeSubDomains;
timing-allow-origin: *
vary: Accept-Encoding
x-robots-tag: noindex, noarchive, nofollow
accept-ranges: bytes
X-Firefox-Spdy: h2
yastatic.net/partner-code-bundles/705738/c202ea9ae22545ea4df0.js
178.154.131.217200 OK 24 kB URL HTTP/2 yastatic.net/partner-code-bundles/705738/c202ea9ae22545ea4df0.js
IP 178.154.131.217:0
File type ASCII text, with very long lines (65494)
Hash b64eaa48ef08cfb9981a2a3ee27e8c66
981cfc40294adcdb4f7489c09680e468f57fa552
76fa8a60130e50b15070aa8193b78b45c3ea78f6c92aebad8b6700e6f5029efc
GET /partner-code-bundles/705738/c202ea9ae22545ea4df0.js HTTP/1.1
Host: yastatic.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://goo.su
Connection: keep-alive
Referer: https://goo.su/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx/1.17.9
date: Sun, 15 Jan 2023 18:42:49 GMT
content-type: text/javascript; charset=utf-8
content-length: 23670
access-control-allow-origin: *
cache-control: public, max-age=946708560
content-encoding: br
etag: "b64eaa48ef08cfb9981a2a3ee27e8c66"
expires: Wed, 15 Jan 2053 01:16:03 GMT
last-modified: Thu, 12 Jan 2023 18:09:24 GMT
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
strict-transport-security: max-age=43200000; includeSubDomains;
timing-allow-origin: *
vary: Accept-Encoding
x-robots-tag: noindex, noarchive, nofollow
accept-ranges: bytes
X-Firefox-Spdy: h2
yastatic.net/partner-code-bundles/705738/17f23581297657945dc6.js
178.154.131.217200 OK 100 kB URL HTTP/2 yastatic.net/partner-code-bundles/705738/17f23581297657945dc6.js
IP 178.154.131.217:0
File type ASCII text, with very long lines (65497)
Hash 6079d4a2bb9e62c62dc7b2843117792c
09149b651c1216bf44f1dddaf7fea87f658aa2ba
a5b10282f22c7e58032c7b8c729a147efb5d4b9487f3c4c43fd2fea0c066eec8
GET /partner-code-bundles/705738/17f23581297657945dc6.js HTTP/1.1
Host: yastatic.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://goo.su
Connection: keep-alive
Referer: https://goo.su/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx/1.17.9
date: Sun, 15 Jan 2023 18:42:49 GMT
content-type: text/javascript; charset=utf-8
content-length: 99819
access-control-allow-origin: *
cache-control: public, max-age=946708560
content-encoding: br
etag: "6079d4a2bb9e62c62dc7b2843117792c"
expires: Wed, 15 Jan 2053 01:16:03 GMT
last-modified: Thu, 12 Jan 2023 18:09:23 GMT
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
strict-transport-security: max-age=43200000; includeSubDomains;
timing-allow-origin: *
vary: Accept-Encoding
x-robots-tag: noindex, noarchive, nofollow
accept-ranges: bytes
X-Firefox-Spdy: h2
top-fwz1.mail.ru/counter2?js=13;id=3128781;u=https%3A//goo.su/z4lUTHq/;st=1673808168550;title=Redirecting...;s=1280*1024;vp=1268*939;touch=0;hds=1;frame=0;flash=;sid=473a895617346e28;ver=60.3.0;tz=0%2FUTC;ni=;lvid=1673808169208%3A1673808169234%3A1%3A2d3b45b0401b7ed1ef0893946c0ca700;visible=true;_=0.28749232694283877
95.163.52.67200 OK 43 B URL HTTP/2 top-fwz1.mail.ru/counter2?js=13;id=3128781;u=https%3A//goo.su/z4lUTHq/;st=1673808168550;title=Redirecting...;s=1280*1024;vp=1268*939;touch=0;hds=1;frame=0;flash=;sid=473a895617346e28;ver=60.3.0;tz=0%2FUTC;ni=;lvid=1673808169208%3A1673808169234%3A1%3A2d3b45b0401b7ed1ef0893946c0ca700;visible=true;_=0.28749232694283877
IP 95.163.52.67:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 9bb191c6827273aa978cab39a3587950
25d8043336eb799e52b1a0e15ff6b95e09c24e35
24e480e4659fbae818853a38f8a3036f529f539024dc3e772c0b594ce02ea9db
GET /counter2?js=13;id=3128781;u=https%3A//goo.su/z4lUTHq/;st=1673808168550;title=Redirecting...;s=1280*1024;vp=1268*939;touch=0;hds=1;frame=0;flash=;sid=473a895617346e28;ver=60.3.0;tz=0%2FUTC;ni=;lvid=1673808169208%3A1673808169234%3A1%3A2d3b45b0401b7ed1ef0893946c0ca700;visible=true;_=0.28749232694283877 HTTP/1.1
Host: top-fwz1.mail.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://goo.su/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 15 Jan 2023 18:42:49 GMT
content-type: image/gif
content-length: 43
set-cookie: FTID=1RMYgQ0tkIIF:1673808169:3128781:::; path=/; expires=Tue, 16-Jan-24 18:42:49 GMT; domain=.mail.ru; HttpOnly; SameSite=None; Secure
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, HEAD, PUT, OPTIONS
access-control-allow-headers: *
amp-access-control-allow-source-origin: *
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
timing-allow-origin: *
x-content-type-options: nosniff
p3p: CP="NOI DSP COR NID CUR PSA OUR NOR"
cache-control: private, no-cache, no-store, max-age=0
pragma: no-cache
accept-ch: DPR, Width, Viewport-Width, Downlink, Device-Memory, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version
accept-ch-lifetime: 86400
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash f4b5649f5553a4164fe8f5d6a7861657
2f22cc9acb845ca7a81a104463ebf94d3059ccf1
06ac062617836f62efe6321ef5a013c24d2a04160670a7f6f2e04c78aaf7ca4b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 15 Jan 2023 18:42:49 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 5ac0e204e812ce8905ac046581ff4e95
c0322d4ecff9356cca1a8e55d62e8d2f9540eca7
de65a926e0a1ce8b9724754564cef8e4bbe7709cef911e5dbd30db03211e6673
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 15 Jan 2023 18:42:49 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
adservice.google.com/adsid/integrator.js?domain=goo.su
216.58.207.226200 OK 100 B URL HTTP/2 adservice.google.com/adsid/integrator.js?domain=goo.su
IP 216.58.207.226:0
File type ASCII text, with no line terminators
Hash 917951a58be8c6c6f3680159550ba3c2
21cd25c2a4eb9ec7e0f37021ce7b69e852dab4b4
cd8c45d9a0d98ca2e23d967483ec538bcafa246afdcf434bf60c8257acfacfac
GET /adsid/integrator.js?domain=goo.su HTTP/1.1
Host: adservice.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://goo.su/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: private, no-cache, no-store
content-type: application/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
date: Sun, 15 Jan 2023 18:42:49 GMT
server: cafe
content-length: 100
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
adservice.google.no/adsid/integrator.js?domain=goo.su
142.250.74.66200 OK 100 B URL HTTP/2 adservice.google.no/adsid/integrator.js?domain=goo.su
IP 142.250.74.66:0
File type ASCII text, with no line terminators
Hash 917951a58be8c6c6f3680159550ba3c2
21cd25c2a4eb9ec7e0f37021ce7b69e852dab4b4
cd8c45d9a0d98ca2e23d967483ec538bcafa246afdcf434bf60c8257acfacfac
GET /adsid/integrator.js?domain=goo.su HTTP/1.1
Host: adservice.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://goo.su/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: private, no-cache, no-store
content-type: application/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
date: Sun, 15 Jan 2023 18:42:49 GMT
server: cafe
content-length: 100
x-xss-protection: 0
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash c2ef9670464991d62cc84885ed91393f
677c7fc5e7aafe8f96671f0457d338c7579c1743
5a8a89041320c685adad960bc61e5d4ab4623a448788eeddafcf9df098414366
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 15 Jan 2023 18:42:49 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 9fce534630aa72d8eed86f47d054e241
b03d1933fe2a63c4e983992905e2145d187047e4
c5f23f70521f9fdea1d4b9180293c30d04e6476bad539415a073db4dc46334ac
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 15 Jan 2023 18:42:49 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash e6c8f8a0e3ef850c66d344a842dfa3c3
c8475fa1d4d3d8ca3394272ade4c97c6bab3a286
58226f2841670d93086aa4dc60373f7770bfbcc11760cacd7691299b6c403efa
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 15 Jan 2023 18:42:49 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 5ac0e204e812ce8905ac046581ff4e95
c0322d4ecff9356cca1a8e55d62e8d2f9540eca7
de65a926e0a1ce8b9724754564cef8e4bbe7709cef911e5dbd30db03211e6673
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 15 Jan 2023 18:42:49 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
kraken.rambler.ru/cnt/?et=pv&v=3.13.2&pid=6673155&tid=t1.6673155.209297340.1673808169099&rid=1673808169.099-78221883&fid=pA8AAENKs1e4GYz8AQlryQA%3D&fip=pA8AAENKs1cnnUv2AauVQAA%3D&eid=963481697305933&aduid=f54a6255-57ee-4289-a00c-edf92207d5c6&aduidsc=goo.su&stid=357919870_1673808169102&sn=1&sen=1&ce=1&bs=1268x939&rf&en=UTF-8&pt=Redirecting...&sr=1280x1024&cd=24-bit&la=en-US&ja=0&acn=Mozilla&an=Netscape&pl=Linux%20x86_64&tz=0&le=2&ct=web&url=https%3A%2F%2Fgoo.su%2Fz4lUTHq%2F&lv&exp=%5B%5B%22exp_bot%22%2C%22split_a%22%5D%2C%5B%22exp_ping%22%2C%22no%22%5D%5D&rn=2036741004
81.19.89.18200 OK 595 B URL HTTP/2 kraken.rambler.ru/cnt/?et=pv&v=3.13.2&pid=6673155&tid=t1.6673155.209297340.1673808169099&rid=1673808169.099-78221883&fid=pA8AAENKs1e4GYz8AQlryQA%3D&fip=pA8AAENKs1cnnUv2AauVQAA%3D&eid=963481697305933&aduid=f54a6255-57ee-4289-a00c-edf92207d5c6&aduidsc=goo.su&stid=357919870_1673808169102&sn=1&sen=1&ce=1&bs=1268x939&rf&en=UTF-8&pt=Redirecting...&sr=1280x1024&cd=24-bit&la=en-US&ja=0&acn=Mozilla&an=Netscape&pl=Linux%20x86_64&tz=0&le=2&ct=web&url=https%3A%2F%2Fgoo.su%2Fz4lUTHq%2F&lv&exp=%5B%5B%22exp_bot%22%2C%22split_a%22%5D%2C%5B%22exp_ping%22%2C%22no%22%5D%5D&rn=2036741004
IP 81.19.89.18:0
ASN #24638 Rambler Internet Holding LLC
File type GIF image data, version 87a, 88 x 31\012- data
Hash b566a466c8d8c0361839677785e69240
c6e6a583e76e699806f806dbd63cebd9037f551e
86d9d7d32ba3d9eb9fbea6508c725c17c44f80d6a7d16ca1fa79a85c4b632e91
GET /cnt/?et=pv&v=3.13.2&pid=6673155&tid=t1.6673155.209297340.1673808169099&rid=1673808169.099-78221883&fid=pA8AAENKs1e4GYz8AQlryQA%3D&fip=pA8AAENKs1cnnUv2AauVQAA%3D&eid=963481697305933&aduid=f54a6255-57ee-4289-a00c-edf92207d5c6&aduidsc=goo.su&stid=357919870_1673808169102&sn=1&sen=1&ce=1&bs=1268x939&rf&en=UTF-8&pt=Redirecting...&sr=1280x1024&cd=24-bit&la=en-US&ja=0&acn=Mozilla&an=Netscape&pl=Linux%20x86_64&tz=0&le=2&ct=web&url=https%3A%2F%2Fgoo.su%2Fz4lUTHq%2F&lv&exp=%5B%5B%22exp_bot%22%2C%22split_a%22%5D%2C%5B%22exp_ping%22%2C%22no%22%5D%5D&rn=2036741004 HTTP/1.1
Host: kraken.rambler.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://goo.su/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx/1.19.4
date: Sun, 15 Jan 2023 18:42:49 GMT
content-type: image/gif
content-length: 595
last-modified: Tue, 12 Nov 2019 12:50:59 GMT
etag: "5dcaaab3-253"
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: content-type
access-control-allow-credentials: true
x-srv: 2kraken-prod0002.ad.rambler.tech
set-cookie: ruid=1CIAAClJxGOTIoiZATui9gB=; expires=Thu, 31-Dec-37 23:55:55 GMT; domain=.rambler.ru; path=/
proto_uid=1CIAAClJxGOTIoiZATui9gB=; expires=Thu, 31-Dec-37 23:55:55 GMT; domain=.rambler.ru; path=/
p3p: CP="NON DSP NID ADMa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
accept-ranges: bytes
X-Firefox-Spdy: h2
kraken.rambler.ru/cnt/v2/?event_type=base&event_name=page_view&project_id=6673155&session_id=357919870_1673808169102&session_number=1&session_event_number=1&version=3.13.2&counter_type=web&experiment=%5B%5B%22exp_bot%22%2C%22split_a%22%5D%2C%5B%22exp_ping%22%2C%22no%22%5D%5D&top100_id=t1.6673155.209297340.1673808169099&adtech_uid=f54a6255-57ee-4289-a00c-edf92207d5c6&adtech_uid_scope=goo.su&fingerprint=pA8AAENKs1e4GYz8AQlryQA%3D&fingerprint_ip=pA8AAENKs1cnnUv2AauVQAA%3D&url=https%3A%2F%2Fgoo.su%2Fz4lUTHq%2F&request_id=1673808169.099-78221883&event_id=520881697314409&meta=%7B%22title%22%3A%22Redirecting...%22%2C%22referer%22%3A%22%22%2C%22screen_size%22%3A%221280x1024%22%2C%22browser_size%22%3A%221268x939%22%2C%22color_depth%22%3A%2224-bit%22%2C%22language%22%3A%22en-US%22%2C%22browser%22%3A%22Netscape%22%2C%22platform%22%3A%22Linux%20x86_64%22%2C%22timezone%22%3A%220%22%7D&rn=2059890519
81.19.89.18200 OK 595 B URL HTTP/2 kraken.rambler.ru/cnt/v2/?event_type=base&event_name=page_view&project_id=6673155&session_id=357919870_1673808169102&session_number=1&session_event_number=1&version=3.13.2&counter_type=web&experiment=%5B%5B%22exp_bot%22%2C%22split_a%22%5D%2C%5B%22exp_ping%22%2C%22no%22%5D%5D&top100_id=t1.6673155.209297340.1673808169099&adtech_uid=f54a6255-57ee-4289-a00c-edf92207d5c6&adtech_uid_scope=goo.su&fingerprint=pA8AAENKs1e4GYz8AQlryQA%3D&fingerprint_ip=pA8AAENKs1cnnUv2AauVQAA%3D&url=https%3A%2F%2Fgoo.su%2Fz4lUTHq%2F&request_id=1673808169.099-78221883&event_id=520881697314409&meta=%7B%22title%22%3A%22Redirecting...%22%2C%22referer%22%3A%22%22%2C%22screen_size%22%3A%221280x1024%22%2C%22browser_size%22%3A%221268x939%22%2C%22color_depth%22%3A%2224-bit%22%2C%22language%22%3A%22en-US%22%2C%22browser%22%3A%22Netscape%22%2C%22platform%22%3A%22Linux%20x86_64%22%2C%22timezone%22%3A%220%22%7D&rn=2059890519
IP 81.19.89.18:0
ASN #24638 Rambler Internet Holding LLC
File type GIF image data, version 87a, 88 x 31\012- data
Hash b566a466c8d8c0361839677785e69240
c6e6a583e76e699806f806dbd63cebd9037f551e
86d9d7d32ba3d9eb9fbea6508c725c17c44f80d6a7d16ca1fa79a85c4b632e91
GET /cnt/v2/?event_type=base&event_name=page_view&project_id=6673155&session_id=357919870_1673808169102&session_number=1&session_event_number=1&version=3.13.2&counter_type=web&experiment=%5B%5B%22exp_bot%22%2C%22split_a%22%5D%2C%5B%22exp_ping%22%2C%22no%22%5D%5D&top100_id=t1.6673155.209297340.1673808169099&adtech_uid=f54a6255-57ee-4289-a00c-edf92207d5c6&adtech_uid_scope=goo.su&fingerprint=pA8AAENKs1e4GYz8AQlryQA%3D&fingerprint_ip=pA8AAENKs1cnnUv2AauVQAA%3D&url=https%3A%2F%2Fgoo.su%2Fz4lUTHq%2F&request_id=1673808169.099-78221883&event_id=520881697314409&meta=%7B%22title%22%3A%22Redirecting...%22%2C%22referer%22%3A%22%22%2C%22screen_size%22%3A%221280x1024%22%2C%22browser_size%22%3A%221268x939%22%2C%22color_depth%22%3A%2224-bit%22%2C%22language%22%3A%22en-US%22%2C%22browser%22%3A%22Netscape%22%2C%22platform%22%3A%22Linux%20x86_64%22%2C%22timezone%22%3A%220%22%7D&rn=2059890519 HTTP/1.1
Host: kraken.rambler.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://goo.su/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx/1.19.4
date: Sun, 15 Jan 2023 18:42:49 GMT
content-type: image/gif
content-length: 595
last-modified: Tue, 12 Nov 2019 12:50:59 GMT
etag: "5dcaaab3-253"
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: content-type
access-control-allow-credentials: true
x-srv: 2kraken-prod0002.ad.rambler.tech
set-cookie: ruid=1CIAAClJxGOTIoiZAUOi9gB=; expires=Thu, 31-Dec-37 23:55:55 GMT; domain=.rambler.ru; path=/
proto_uid=1CIAAClJxGOTIoiZAUOi9gB=; expires=Thu, 31-Dec-37 23:55:55 GMT; domain=.rambler.ru; path=/
p3p: CP="NON DSP NID ADMa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
accept-ranges: bytes
X-Firefox-Spdy: h2
yastatic.net/s3/games-static/favicons/icon-192.png
178.154.131.217200 OK 24 kB URL HTTP/2 yastatic.net/s3/games-static/favicons/icon-192.png
IP 178.154.131.217:0
File type PNG image data, 192 x 192, 8-bit/color RGBA, non-interlaced\012- data
Hash 7819c957eaa80af5bf14f760d49b64a7
93b670523acd14f884c3a538d59d408da0888a6c
ca78c114bba40b141a59c55a9d3fb6db7672bc3effd4337f2b1ce512b4d06c9e
GET /s3/games-static/favicons/icon-192.png HTTP/1.1
Host: yastatic.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://goo.su/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx/1.17.9
date: Sun, 15 Jan 2023 18:42:49 GMT
content-type: image/png
content-length: 24134
access-control-allow-origin: *
cache-control: public, max-age=216013
etag: "7819c957eaa80af5bf14f760d49b64a7"
expires: Wed, 18 Jan 2023 06:40:29 GMT
last-modified: Thu, 14 Apr 2022 12:22:42 GMT
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
strict-transport-security: max-age=43200000; includeSubDomains;
timing-allow-origin: *
vary: Accept-Encoding
x-nginx-request-id: d300ee80e4b698dc
accept-ranges: bytes
X-Firefox-Spdy: h2
an.yandex.ru/event_confirmation
77.88.21.90200 OK 958 B URL HTTP/2 an.yandex.ru/event_confirmation
IP 77.88.21.90:0
Hash d73296da84e3299fb6934ce823b21188
b5c7bbb61350023bd83baaec29a7df6dea7a3518
2a8a308ab061ea12c8f2abfc0eebbe641914a399608eb4333862ea5320ffcc12
POST /event_confirmation HTTP/1.1
Host: an.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Content-Length: 300
Origin: https://goo.su
Connection: keep-alive
Referer: https://goo.su/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
timing-allow-origin: *
date: Sun, 15 Jan 2023 18:42:49 GMT
access-control-allow-origin: https://goo.su
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Sun, 15 Jan 2023 18:42:49 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
last-modified: Sun, 15 Jan 2023 18:42:49 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-encoding: gzip
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
ocsp.globalsign.com/gsrsaovsslca2018
104.18.21.226200 OK 1.4 kB URL HTTP/1.1 ocsp.globalsign.com/gsrsaovsslca2018
IP 104.18.21.226:0
Hash f4263578ba4028b44b99bc71fe7154d6
ec23c16fbde1988d6bdf8534945b885a7af96507
05fce275af062293e7ee21fe5d8bee0c92ed5e6765f0c7a147fba09ec7b11316
POST /gsrsaovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 15 Jan 2023 18:42:49 GMT
Content-Type: application/ocsp-response
Content-Length: 1432
Connection: keep-alive
Expires: Thu, 19 Jan 2023 15:59:54 GMT
ETag: "ec23c16fbde1988d6bdf8534945b885a7af96507"
Last-Modified: Sun, 15 Jan 2023 15:59:55 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 794
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 78a0c0e558550b69-OSL
ocsp.globalsign.com/gsrsaovsslca2018
104.18.21.226200 OK 1.4 kB URL HTTP/1.1 ocsp.globalsign.com/gsrsaovsslca2018
IP 104.18.21.226:0
Hash f4263578ba4028b44b99bc71fe7154d6
ec23c16fbde1988d6bdf8534945b885a7af96507
05fce275af062293e7ee21fe5d8bee0c92ed5e6765f0c7a147fba09ec7b11316
POST /gsrsaovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 15 Jan 2023 18:42:49 GMT
Content-Type: application/ocsp-response
Content-Length: 1432
Connection: keep-alive
Expires: Thu, 19 Jan 2023 15:59:54 GMT
ETag: "ec23c16fbde1988d6bdf8534945b885a7af96507"
Last-Modified: Sun, 15 Jan 2023 15:59:55 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 794
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 78a0c0e568f5b505-OSL
ocsp.globalsign.com/gseccovsslca2018
104.18.21.226200 OK 938 B URL HTTP/1.1 ocsp.globalsign.com/gseccovsslca2018
IP 104.18.21.226:0
Hash 462923abacf5d499b4bd4718f1549230
9ebe2542937f5070a9324f41d84efb7f98eb9709
d82dff4c2d14ac494eaa56ce2d8e9e9553d2cac96b1f26565935525be117555f
POST /gseccovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 15 Jan 2023 18:42:49 GMT
Content-Type: application/ocsp-response
Content-Length: 938
Connection: keep-alive
Expires: Thu, 19 Jan 2023 17:19:55 GMT
ETag: "9ebe2542937f5070a9324f41d84efb7f98eb9709"
Last-Modified: Sun, 15 Jan 2023 17:19:56 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 2167
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 78a0c0e568780b69-OSL
avatars.mds.yandex.net/get-direct/5277984/ZRXc9r9ISXso7B-6aWQt4Q/y150
87.250.247.184200 OK 6.3 kB URL HTTP/2 avatars.mds.yandex.net/get-direct/5277984/ZRXc9r9ISXso7B-6aWQt4Q/y150
IP 87.250.247.184:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 150x150, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash d059f086bc3199ffe9afef6b22b62ea3
dbf8cc4fe77554fc9bf7ecc781a9649194a65658
ba97c8aba0483f89533100e4bce55ff24515db61d8c6f355fb2f579be172c876
GET /get-direct/5277984/ZRXc9r9ISXso7B-6aWQt4Q/y150 HTTP/1.1
Host: avatars.mds.yandex.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://goo.su/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sun, 15 Jan 2023 18:42:49 GMT
content-type: image/webp
content-length: 6282
access-control-allow-origin: *
access-control-allow-credentials: true
last-modified: Thu, 24 Nov 2022 12:55:26 GMT
cache-control: max-age=31536000,immutable
x-request-id: 6ffc29efe690b0a3
nel: {"report_to": "network-errors", "max_age": 600, "success_fraction": 0.001, "failure_fraction": 0.01}
report-to: {"group": "network-errors", "max_age": 600, "endpoints": [ { "url": "https://dr.yandex.net/s3_nel?datacenter=SAS"}]}
X-Firefox-Spdy: h2
yastatic.net/safeframe-bundles/0.83/1-1-0/render.html
178.154.131.217200 OK 6.3 kB URL HTTP/2 yastatic.net/safeframe-bundles/0.83/1-1-0/render.html
IP 178.154.131.217:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (23297)
Hash eb77de48712912aadc9aa8171ac75ede
f375e4ed6b585c4e30b2d56f4f41c3beed909349
437ee0c22002ccd77158d7a7018113f26384324158ab3cef65373007f29b1bcf
GET /safeframe-bundles/0.83/1-1-0/render.html HTTP/1.1
Host: yastatic.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://goo.su/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx/1.17.9
date: Sun, 15 Jan 2023 18:42:49 GMT
content-type: text/html
content-length: 6262
access-control-allow-origin: *
cache-control: public, max-age=946708560
content-encoding: br
etag: "eb77de48712912aadc9aa8171ac75ede"
expires: Wed, 15 Jan 2053 01:18:09 GMT
last-modified: Wed, 03 Nov 2021 13:42:58 GMT
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
strict-transport-security: max-age=43200000; includeSubDomains;
timing-allow-origin: *
vary: Accept-Encoding
x-robots-tag: noindex, noarchive, nofollow
accept-ranges: bytes
X-Firefox-Spdy: h2
an.yandex.ru/meta/1677322?target-ref=https%3A%2F%2Fgoo.su%2Fz4lUTHq%2F&charset=utf-8&pcode-test-ids=657519%2C0%2C67%3B204184%2C0%2C69%3B685676%2C0%2C77%3B706294%2C0%2C82%3B704150%2C0%2C0%3B703900%2C0%2C82%3B672576%2C0%2C83&pcode-flags-map=eJytWNtu2zgQ%2FZWFn4uurpTUN0qibK4lUktKTtyiINzETQzkskjcIrtF%2F32HkmxLckIn3QWKIjE8Z4ZzOXMmPyZ0yrggqqBSklSluMKqxAIXUmVcqAVNCVeUqYQXMZ98%2BPRj8n118209%2BTBZP%2F01eTfZrh%2B39BJ%2B9SPL8%2F3Jz8%2FvJgsslSB%2F1kRWalHgUmWCFwqncmBfiZr0AZAdOKHVABCG45yMnMMPGWW0IhBfMpczXqkzWs14XSkMsVfSFB3yfRS6bwb%2FP5BxnqtS8LROKnns5m3QBCDfWJceiK4L%2BDyDUqgcxyRvoAAkxowRYa4Ocl0v6MfCyJmSc7CGfxqQ45QIVeZ4OYIaBxT6ThTtA6KsxFOiZEWT%2BVKlVGrwtMlarEubZvwcPhYkqZQkeT6AJuflEDqwnQN0LYdRMszK2vzKyA4sbw9QzQRkiwih05QpWYsFWULKoYhTRaVi0CYLnNP0BKiD%2FPBQgartEiIk5WxgiaIgtNDQNkJBW72a0S7Humq4KPum24dv656Z54Ru1M6SToKUTZlHNuPC9IygnpIQpngsCbx5VM%2B71Zeb9cDSRU7UNkdGz4FLmJoROp1VilVml57vRnZjuMQsJedK1CrlBabMyDVW4Lho7y8WfA7Bgi81FaNijC3twA%2FRsw5171WCxkZzx7ZQ2x8fCXNUVkObntEUmIIW0MZGW8%2F2On5rbLtWVzEXuqgCp7SWv70SYYl13G3AMCtneGkkKd9zgy7PaVYCOcuSM2iMihYECHRg6liWNbT1LLd9c5nwlOj%2Bl4QZmcv3fIDpWkkPsCC6d3f%2BlJ5bo7kXBM6xOcwg%2FH%2Bmhwi681cQdgHA1NaDarnW89Y5wYKpQq%2FIBRYUj97tDJz6ltVluRSUC1otVbwEriZnJRfmhKEAdbO364uO8xJpZFMfGCvsdSSwUoKBsIA5kwSqJA0s4Ueub9sD26aL5X6xljhNKZuaQTzfayNPeM0qaOVqWRLlmqP2wsDvlacQCeRJ0pjmkDWzuyhAL1oqDisxh1VywvsOo6jzirbrTwHBZhRWD9WPyHBinuYodIKgF0cH0i7miutG1bswhj2vJ6YSPM9PLEbL8dy266YCx475u9Ci1uG7StKPg3h927FM339m8m3%2FBYtdc8xIs34ESYkE2WiMz%2FYd1FrrDSxIBpwzA5EwpYnZLnQ7gm3WrCj0BAnCdnuvFCQ2UzwCjnbswSjBDhTQ1wymaUagHpq2ZSL0hpPSyETIjmyvjadnhMtSP2UKo2E2duzIH0Qyo1XzjB4YJHNecXMUbuA4AyGYlIUqSEqxAhBc0UWz5M0YkTuU10mZ%2FGeMkdZNSYZhot4ocz3fQmiQJllgUSm4IGqiwU8VyUcItXnO8cdlI0VVs6v6Vj8mX9fbi%2Bti9XC1ueu6%2Ffb%2By%2BZmLS9WN5u7q8kH5%2BdA8fpWJ2r64cDqUnGupzqH9dt38Glyu9rcvH%2F4BrH9vbq7XD%2FBz79vbldX68fBR1er2%2BaTy3%2FWd%2B3XV9832%2Fv2x9v3%2B18%2BPx%2FNQZmOst8KVa61bqNKlcxPZD6wg45xEi24OesmDWeax2kGdyBplb155IIwQtFebmaCAky%2BVK09bQbmDfbx%2FIjOjixQ5HZz2bN4682Kgsizgj0K7PpUIxRmz6GH7LHndpDMvhzHcsZMovXqqxggRJ7t7ngRZB9ck%2FBUGAzlOlarQ5u910rK43vuCC8I3eNXVFPzG6BM4cHqsNakKmFlgnqAQ3dBirHumHx9VNv7bxfXo1vLCp3xRdmulmfq2N3jJ4oDp1ZHUHC37%2BmouTBZXcQnkgKqYDDxcDiWqhLNCj8lKuBS89zW9SjwLOf6YEtV%2B8wTIGE3kC%2BBNH0%2BTO7mSd2untT1enN1vX0l3KEFk5xDLYE1WvqISabFLlypZsUKd3LgoBPYQP11nu72905VHj%2FhZWzK9LKdkxjHCm69E1Zhp9o1RXZN1ag5CUoaju39PdsVtacbBdES%2FcRfqEIt03%2FRAYinxc7Na73gVKbz8fkdWHBse8OHN58c%2BrbgElOQxUYJCemCHbiXaLvB2%2FUZbeQsKNjxfXi%2FvV4%2FDIHcyHoRaGD7sL5cP26u7l4wp%2BwPffL0m3NPMVpTJ7OazU%2BS%2FMX2ZkS8fpPPn%2F8CImMmsw%3D%3D&pcode-icookie=Rec2F4dMB94NL6%2BUS9Gn%2F03CkmiCPGago6hXHFUx%2BTgBmT9QCWMP2bAePfgdymeo0RDHtuvR40zs0p0BwGOrJlVz4zI%3D&imp-id=1&enable-flat-highlight=1&comboblock-unencoded-vast=1&test-tag=111050674405378&ad-session-id=2499591673808169431&target-id=65597474&tga-with-creatives=1&top-ancestor=https%3A%2F%2Fgoo.su&top-ancestor-undetermined=0&pcode-version=705738&pcodever=705738&flash-ver=0&available-width=145&layout-config=%7B%22win_width%22%3A1280%2C%22win_height%22%3A939%2C%22pixel_ratio%22%3A1%2C%22bandwidth%22%3A-1%2C%22isInIframe%22%3Afalse%2C%22w%22%3A1268%2C%22h%22%3A939%2C%22width%22%3A145%2C%22height%22%3A0%2C%22visible%22%3A1%2C%22fullscreenHeaderHeight%22%3A80%2C%22left%22%3A561%2C%22top%22%3A129%2C%22ad_no%22%3A0%2C%22darkTheme%22%3Afalse%2C%22req_no%22%3A0%7D&grab-orig-len=384&grab=eyJncmFiX3ZlcnNpb24iOjIsImlzX2FzeW5jIjoxLCJvbGRfZ3JhYl9zaXplIjo1Nn0Kgq6-kTvf80MM9dSIvWpXyDVKKJWAv3dMTrXf_RCJBARtWiSSJVXo23A4YeY8-OPWXpz1OEmSuvgwzkkG-114gvShwyVzD5l2vhdm6JALc4nLZXbCZcKiVHWVqsa84yBy4RbzMSRjYGW68Y3mfg49jQ8pQjU4-GfElzUpMZeUi6GSR07MWczGaz7RJ-eusvVSybEuT2SxZq26n1jNhkO3eH7OPuXMzjrf7LHPYkNozC2OGZnIHp3eeOAfQUXZfOVfixc0G7Xen9VvXcBDK1MqM2lNyB1g7Gi_ApI2EAhEZASpR2QA2yhMVBSQgv8%3D&uniformat=true&callback=Ya%5B7117269104546%5D
77.88.21.90200 OK 42 kB URL HTTP/2 an.yandex.ru/meta/1677322?target-ref=https%3A%2F%2Fgoo.su%2Fz4lUTHq%2F&charset=utf-8&pcode-test-ids=657519%2C0%2C67%3B204184%2C0%2C69%3B685676%2C0%2C77%3B706294%2C0%2C82%3B704150%2C0%2C0%3B703900%2C0%2C82%3B672576%2C0%2C83&pcode-flags-map=eJytWNtu2zgQ%2FZWFn4uurpTUN0qibK4lUktKTtyiINzETQzkskjcIrtF%2F32HkmxLckIn3QWKIjE8Z4ZzOXMmPyZ0yrggqqBSklSluMKqxAIXUmVcqAVNCVeUqYQXMZ98%2BPRj8n118209%2BTBZP%2F01eTfZrh%2B39BJ%2B9SPL8%2F3Jz8%2FvJgsslSB%2F1kRWalHgUmWCFwqncmBfiZr0AZAdOKHVABCG45yMnMMPGWW0IhBfMpczXqkzWs14XSkMsVfSFB3yfRS6bwb%2FP5BxnqtS8LROKnns5m3QBCDfWJceiK4L%2BDyDUqgcxyRvoAAkxowRYa4Ocl0v6MfCyJmSc7CGfxqQ45QIVeZ4OYIaBxT6ThTtA6KsxFOiZEWT%2BVKlVGrwtMlarEubZvwcPhYkqZQkeT6AJuflEDqwnQN0LYdRMszK2vzKyA4sbw9QzQRkiwih05QpWYsFWULKoYhTRaVi0CYLnNP0BKiD%2FPBQgartEiIk5WxgiaIgtNDQNkJBW72a0S7Humq4KPum24dv656Z54Ru1M6SToKUTZlHNuPC9IygnpIQpngsCbx5VM%2B71Zeb9cDSRU7UNkdGz4FLmJoROp1VilVml57vRnZjuMQsJedK1CrlBabMyDVW4Lho7y8WfA7Bgi81FaNijC3twA%2FRsw5171WCxkZzx7ZQ2x8fCXNUVkObntEUmIIW0MZGW8%2F2On5rbLtWVzEXuqgCp7SWv70SYYl13G3AMCtneGkkKd9zgy7PaVYCOcuSM2iMihYECHRg6liWNbT1LLd9c5nwlOj%2Bl4QZmcv3fIDpWkkPsCC6d3f%2BlJ5bo7kXBM6xOcwg%2FH%2Bmhwi681cQdgHA1NaDarnW89Y5wYKpQq%2FIBRYUj97tDJz6ltVluRSUC1otVbwEriZnJRfmhKEAdbO364uO8xJpZFMfGCvsdSSwUoKBsIA5kwSqJA0s4Ueub9sD26aL5X6xljhNKZuaQTzfayNPeM0qaOVqWRLlmqP2wsDvlacQCeRJ0pjmkDWzuyhAL1oqDisxh1VywvsOo6jzirbrTwHBZhRWD9WPyHBinuYodIKgF0cH0i7miutG1bswhj2vJ6YSPM9PLEbL8dy266YCx475u9Ci1uG7StKPg3h927FM339m8m3%2FBYtdc8xIs34ESYkE2WiMz%2FYd1FrrDSxIBpwzA5EwpYnZLnQ7gm3WrCj0BAnCdnuvFCQ2UzwCjnbswSjBDhTQ1wymaUagHpq2ZSL0hpPSyETIjmyvjadnhMtSP2UKo2E2duzIH0Qyo1XzjB4YJHNecXMUbuA4AyGYlIUqSEqxAhBc0UWz5M0YkTuU10mZ%2FGeMkdZNSYZhot4ocz3fQmiQJllgUSm4IGqiwU8VyUcItXnO8cdlI0VVs6v6Vj8mX9fbi%2Bti9XC1ueu6%2Ffb%2By%2BZmLS9WN5u7q8kH5%2BdA8fpWJ2r64cDqUnGupzqH9dt38Glyu9rcvH%2F4BrH9vbq7XD%2FBz79vbldX68fBR1er2%2BaTy3%2FWd%2B3XV9832%2Fv2x9v3%2B18%2BPx%2FNQZmOst8KVa61bqNKlcxPZD6wg45xEi24OesmDWeax2kGdyBplb155IIwQtFebmaCAky%2BVK09bQbmDfbx%2FIjOjixQ5HZz2bN4682Kgsizgj0K7PpUIxRmz6GH7LHndpDMvhzHcsZMovXqqxggRJ7t7ngRZB9ck%2FBUGAzlOlarQ5u910rK43vuCC8I3eNXVFPzG6BM4cHqsNakKmFlgnqAQ3dBirHumHx9VNv7bxfXo1vLCp3xRdmulmfq2N3jJ4oDp1ZHUHC37%2BmouTBZXcQnkgKqYDDxcDiWqhLNCj8lKuBS89zW9SjwLOf6YEtV%2B8wTIGE3kC%2BBNH0%2BTO7mSd2untT1enN1vX0l3KEFk5xDLYE1WvqISabFLlypZsUKd3LgoBPYQP11nu72905VHj%2FhZWzK9LKdkxjHCm69E1Zhp9o1RXZN1ag5CUoaju39PdsVtacbBdES%2FcRfqEIt03%2FRAYinxc7Na73gVKbz8fkdWHBse8OHN58c%2BrbgElOQxUYJCemCHbiXaLvB2%2FUZbeQsKNjxfXi%2FvV4%2FDIHcyHoRaGD7sL5cP26u7l4wp%2BwPffL0m3NPMVpTJ7OazU%2BS%2FMX2ZkS8fpPPn%2F8CImMmsw%3D%3D&pcode-icookie=Rec2F4dMB94NL6%2BUS9Gn%2F03CkmiCPGago6hXHFUx%2BTgBmT9QCWMP2bAePfgdymeo0RDHtuvR40zs0p0BwGOrJlVz4zI%3D&imp-id=1&enable-flat-highlight=1&comboblock-unencoded-vast=1&test-tag=111050674405378&ad-session-id=2499591673808169431&target-id=65597474&tga-with-creatives=1&top-ancestor=https%3A%2F%2Fgoo.su&top-ancestor-undetermined=0&pcode-version=705738&pcodever=705738&flash-ver=0&available-width=145&layout-config=%7B%22win_width%22%3A1280%2C%22win_height%22%3A939%2C%22pixel_ratio%22%3A1%2C%22bandwidth%22%3A-1%2C%22isInIframe%22%3Afalse%2C%22w%22%3A1268%2C%22h%22%3A939%2C%22width%22%3A145%2C%22height%22%3A0%2C%22visible%22%3A1%2C%22fullscreenHeaderHeight%22%3A80%2C%22left%22%3A561%2C%22top%22%3A129%2C%22ad_no%22%3A0%2C%22darkTheme%22%3Afalse%2C%22req_no%22%3A0%7D&grab-orig-len=384&grab=eyJncmFiX3ZlcnNpb24iOjIsImlzX2FzeW5jIjoxLCJvbGRfZ3JhYl9zaXplIjo1Nn0Kgq6-kTvf80MM9dSIvWpXyDVKKJWAv3dMTrXf_RCJBARtWiSSJVXo23A4YeY8-OPWXpz1OEmSuvgwzkkG-114gvShwyVzD5l2vhdm6JALc4nLZXbCZcKiVHWVqsa84yBy4RbzMSRjYGW68Y3mfg49jQ8pQjU4-GfElzUpMZeUi6GSR07MWczGaz7RJ-eusvVSybEuT2SxZq26n1jNhkO3eH7OPuXMzjrf7LHPYkNozC2OGZnIHp3eeOAfQUXZfOVfixc0G7Xen9VvXcBDK1MqM2lNyB1g7Gi_ApI2EAhEZASpR2QA2yhMVBSQgv8%3D&uniformat=true&callback=Ya%5B7117269104546%5D
IP 77.88.21.90:0
Hash ecdec512e7bf8f26cb08f8d5ab2dec18
845f9dc76fccefba62bdfdaaf2f95876f6ed62cb
3d591523e7b47547191263532380dc6ba2b875bbddbf03811f4a296af5055816
GET /meta/1677322?target-ref=https%3A%2F%2Fgoo.su%2Fz4lUTHq%2F&charset=utf-8&pcode-test-ids=657519%2C0%2C67%3B204184%2C0%2C69%3B685676%2C0%2C77%3B706294%2C0%2C82%3B704150%2C0%2C0%3B703900%2C0%2C82%3B672576%2C0%2C83&pcode-flags-map=eJytWNtu2zgQ%2FZWFn4uurpTUN0qibK4lUktKTtyiINzETQzkskjcIrtF%2F32HkmxLckIn3QWKIjE8Z4ZzOXMmPyZ0yrggqqBSklSluMKqxAIXUmVcqAVNCVeUqYQXMZ98%2BPRj8n118209%2BTBZP%2F01eTfZrh%2B39BJ%2B9SPL8%2F3Jz8%2FvJgsslSB%2F1kRWalHgUmWCFwqncmBfiZr0AZAdOKHVABCG45yMnMMPGWW0IhBfMpczXqkzWs14XSkMsVfSFB3yfRS6bwb%2FP5BxnqtS8LROKnns5m3QBCDfWJceiK4L%2BDyDUqgcxyRvoAAkxowRYa4Ocl0v6MfCyJmSc7CGfxqQ45QIVeZ4OYIaBxT6ThTtA6KsxFOiZEWT%2BVKlVGrwtMlarEubZvwcPhYkqZQkeT6AJuflEDqwnQN0LYdRMszK2vzKyA4sbw9QzQRkiwih05QpWYsFWULKoYhTRaVi0CYLnNP0BKiD%2FPBQgartEiIk5WxgiaIgtNDQNkJBW72a0S7Humq4KPum24dv656Z54Ru1M6SToKUTZlHNuPC9IygnpIQpngsCbx5VM%2B71Zeb9cDSRU7UNkdGz4FLmJoROp1VilVml57vRnZjuMQsJedK1CrlBabMyDVW4Lho7y8WfA7Bgi81FaNijC3twA%2FRsw5171WCxkZzx7ZQ2x8fCXNUVkObntEUmIIW0MZGW8%2F2On5rbLtWVzEXuqgCp7SWv70SYYl13G3AMCtneGkkKd9zgy7PaVYCOcuSM2iMihYECHRg6liWNbT1LLd9c5nwlOj%2Bl4QZmcv3fIDpWkkPsCC6d3f%2BlJ5bo7kXBM6xOcwg%2FH%2Bmhwi681cQdgHA1NaDarnW89Y5wYKpQq%2FIBRYUj97tDJz6ltVluRSUC1otVbwEriZnJRfmhKEAdbO364uO8xJpZFMfGCvsdSSwUoKBsIA5kwSqJA0s4Ueub9sD26aL5X6xljhNKZuaQTzfayNPeM0qaOVqWRLlmqP2wsDvlacQCeRJ0pjmkDWzuyhAL1oqDisxh1VywvsOo6jzirbrTwHBZhRWD9WPyHBinuYodIKgF0cH0i7miutG1bswhj2vJ6YSPM9PLEbL8dy266YCx475u9Ci1uG7StKPg3h927FM339m8m3%2FBYtdc8xIs34ESYkE2WiMz%2FYd1FrrDSxIBpwzA5EwpYnZLnQ7gm3WrCj0BAnCdnuvFCQ2UzwCjnbswSjBDhTQ1wymaUagHpq2ZSL0hpPSyETIjmyvjadnhMtSP2UKo2E2duzIH0Qyo1XzjB4YJHNecXMUbuA4AyGYlIUqSEqxAhBc0UWz5M0YkTuU10mZ%2FGeMkdZNSYZhot4ocz3fQmiQJllgUSm4IGqiwU8VyUcItXnO8cdlI0VVs6v6Vj8mX9fbi%2Bti9XC1ueu6%2Ffb%2By%2BZmLS9WN5u7q8kH5%2BdA8fpWJ2r64cDqUnGupzqH9dt38Glyu9rcvH%2F4BrH9vbq7XD%2FBz79vbldX68fBR1er2%2BaTy3%2FWd%2B3XV9832%2Fv2x9v3%2B18%2BPx%2FNQZmOst8KVa61bqNKlcxPZD6wg45xEi24OesmDWeax2kGdyBplb155IIwQtFebmaCAky%2BVK09bQbmDfbx%2FIjOjixQ5HZz2bN4682Kgsizgj0K7PpUIxRmz6GH7LHndpDMvhzHcsZMovXqqxggRJ7t7ngRZB9ck%2FBUGAzlOlarQ5u910rK43vuCC8I3eNXVFPzG6BM4cHqsNakKmFlgnqAQ3dBirHumHx9VNv7bxfXo1vLCp3xRdmulmfq2N3jJ4oDp1ZHUHC37%2BmouTBZXcQnkgKqYDDxcDiWqhLNCj8lKuBS89zW9SjwLOf6YEtV%2B8wTIGE3kC%2BBNH0%2BTO7mSd2untT1enN1vX0l3KEFk5xDLYE1WvqISabFLlypZsUKd3LgoBPYQP11nu72905VHj%2FhZWzK9LKdkxjHCm69E1Zhp9o1RXZN1ag5CUoaju39PdsVtacbBdES%2FcRfqEIt03%2FRAYinxc7Na73gVKbz8fkdWHBse8OHN58c%2BrbgElOQxUYJCemCHbiXaLvB2%2FUZbeQsKNjxfXi%2FvV4%2FDIHcyHoRaGD7sL5cP26u7l4wp%2BwPffL0m3NPMVpTJ7OazU%2BS%2FMX2ZkS8fpPPn%2F8CImMmsw%3D%3D&pcode-icookie=Rec2F4dMB94NL6%2BUS9Gn%2F03CkmiCPGago6hXHFUx%2BTgBmT9QCWMP2bAePfgdymeo0RDHtuvR40zs0p0BwGOrJlVz4zI%3D&imp-id=1&enable-flat-highlight=1&comboblock-unencoded-vast=1&test-tag=111050674405378&ad-session-id=2499591673808169431&target-id=65597474&tga-with-creatives=1&top-ancestor=https%3A%2F%2Fgoo.su&top-ancestor-undetermined=0&pcode-version=705738&pcodever=705738&flash-ver=0&available-width=145&layout-config=%7B%22win_width%22%3A1280%2C%22win_height%22%3A939%2C%22pixel_ratio%22%3A1%2C%22bandwidth%22%3A-1%2C%22isInIframe%22%3Afalse%2C%22w%22%3A1268%2C%22h%22%3A939%2C%22width%22%3A145%2C%22height%22%3A0%2C%22visible%22%3A1%2C%22fullscreenHeaderHeight%22%3A80%2C%22left%22%3A561%2C%22top%22%3A129%2C%22ad_no%22%3A0%2C%22darkTheme%22%3Afalse%2C%22req_no%22%3A0%7D&grab-orig-len=384&grab=eyJncmFiX3ZlcnNpb24iOjIsImlzX2FzeW5jIjoxLCJvbGRfZ3JhYl9zaXplIjo1Nn0Kgq6-kTvf80MM9dSIvWpXyDVKKJWAv3dMTrXf_RCJBARtWiSSJVXo23A4YeY8-OPWXpz1OEmSuvgwzkkG-114gvShwyVzD5l2vhdm6JALc4nLZXbCZcKiVHWVqsa84yBy4RbzMSRjYGW68Y3mfg49jQ8pQjU4-GfElzUpMZeUi6GSR07MWczGaz7RJ-eusvVSybEuT2SxZq26n1jNhkO3eH7OPuXMzjrf7LHPYkNozC2OGZnIHp3eeOAfQUXZfOVfixc0G7Xen9VvXcBDK1MqM2lNyB1g7Gi_ApI2EAhEZASpR2QA2yhMVBSQgv8%3D&uniformat=true&callback=Ya%5B7117269104546%5D HTTP/1.1
Host: an.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Origin: https://goo.su
Connection: keep-alive
Referer: https://goo.su/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
uniformat: true
uniformat-product-type: Direct
content-encoding: gzip
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
access-control-allow-origin: https://goo.su
x-xss-protection: 1; mode=block
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
x-yandex-req-id: 1673808169316224-294276491746351436600106-production-app-host-sas-pcode-217
last-modified: Sun, 15 Jan 2023 18:42:49 GMT
date: Sun, 15 Jan 2023 18:42:49 GMT
set-cookie: yabs-vdrf=A0; domain=an.yandex.ru; path=/; expires=Sun, 22-Jan-2023 18:42:49 GMT
i=eewhcmTr5gf9up8aYkTM2YgX95jpInILXa3GDgZWapKVddF9/A6WaUqM1KUGMx+fQZbgCsejqXLwhiLMr3fbQqpkrr0=; Expires=Tue, 14-Jan-2025 18:42:49 GMT; Domain=.yandex.ru; Path=/; Secure; HttpOnly; SameSite=None
content-type: application/json
pragma: no-cache
access-control-allow-credentials: true
timing-allow-origin: *
ssr: true
strict-transport-security: max-age=31536000
expires: Sun, 15 Jan 2023 18:42:49 GMT
X-Firefox-Spdy: h2
mc.yandex.ru/metrika/watch.js
93.158.134.119200 OK 58 kB URL HTTP/2 mc.yandex.ru/metrika/watch.js
IP 93.158.134.119:0
File type Unicode text, UTF-8 (with BOM) text, with very long lines (549)
Hash de2358897e7c404f08d51cca8e09c2b0
72b0520b2c87601502afa1c5ade8db417f0ff66e
e5d6dac73a736f73f293f24148181b57af832e22fa98529219fb16711e13d1d0
GET /metrika/watch.js HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://goo.su
Connection: keep-alive
Referer: https://goo.su/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-length: 58069
date: Sun, 15 Jan 2023 18:42:49 GMT
access-control-allow-origin: *
etag: "63bfb9f8-e2d5"
expires: Sun, 15 Jan 2023 19:42:49 GMT
last-modified: Thu, 12 Jan 2023 10:42:48 GMT
cache-control: max-age=3600
content-encoding: br
content-type: application/javascript
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
avatars.mds.yandex.net/get-direct/5076421/VWAzapxV99OfeNYUqYmHRA/wy150
87.250.247.184200 OK 8.7 kB URL HTTP/2 avatars.mds.yandex.net/get-direct/5076421/VWAzapxV99OfeNYUqYmHRA/wy150
IP 87.250.247.184:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash 3e15d2fcf6b004cb05fa210af5b083b0
580b7957c8fd852c174f884189275fcba6532842
f64d2bab7c78c08caac2ab09393ecc8839d5c8787db3ed68a8d9a3b6627b97ac
GET /get-direct/5076421/VWAzapxV99OfeNYUqYmHRA/wy150 HTTP/1.1
Host: avatars.mds.yandex.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://goo.su/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sun, 15 Jan 2023 18:42:49 GMT
content-type: image/webp
content-length: 8718
access-control-allow-origin: *
access-control-allow-credentials: true
last-modified: Mon, 05 Dec 2022 23:33:18 GMT
cache-control: max-age=31536000,immutable
x-request-id: c4f3f37dbf32e153
nel: {"report_to": "network-errors", "max_age": 600, "success_fraction": 0.001, "failure_fraction": 0.01}
report-to: {"group": "network-errors", "max_age": 600, "endpoints": [ { "url": "https://dr.yandex.net/s3_nel?datacenter=SAS"}]}
X-Firefox-Spdy: h2
favicon.yandex.net/favicon/octobrowser.net?size=120&stub=2
87.250.250.36200 Ok 20 kB URL HTTP/1.1 favicon.yandex.net/favicon/octobrowser.net?size=120&stub=2
IP 87.250.250.36:0
File type PNG image data, 120 x 120, 8-bit/color RGBA, non-interlaced\012- data
Hash c887a23b5e5d75329370eb1b9876665b
46ddd495bef9e215c011588ec8648d2c6e5a940e
5c2b2d62f38de62577f7d1f8d3927942a237de90f85cfc4b647f34b2288f2c3c
GET /favicon/octobrowser.net?size=120&stub=2 HTTP/1.1
Host: favicon.yandex.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://goo.su/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 Ok
Cache-Control: max-age=691200
Content-Type: image/png
Transfer-Encoding: chunked
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
access-control-allow-origin: *
an.yandex.ru/event_confirmation
77.88.21.90200 OK 958 B URL HTTP/2 an.yandex.ru/event_confirmation
IP 77.88.21.90:0
Hash 05d0b8806021a05a1a6fe66fe3804cd5
8b315ded3e67456c8f2bb6f05644c6595a44130c
8bbdd7ff59ce7bf745170c1edef6e050e51ff05d85d13e8e666b27e9032f8263
POST /event_confirmation HTTP/1.1
Host: an.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Content-Length: 325
Origin: https://goo.su
Connection: keep-alive
Referer: https://goo.su/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
timing-allow-origin: *
date: Sun, 15 Jan 2023 18:42:50 GMT
access-control-allow-origin: https://goo.su
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Sun, 15 Jan 2023 18:42:50 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
last-modified: Sun, 15 Jan 2023 18:42:50 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-encoding: gzip
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
ysa-static.passport.yandex.ru/static/1/d959d7e39d5067fad30d9c06204866e9/d.png?ex=yes
87.250.250.114200 Ok 95 B URL HTTP/1.1 ysa-static.passport.yandex.ru/static/1/d959d7e39d5067fad30d9c06204866e9/d.png?ex=yes
IP 87.250.250.114:0
File type PNG image data, 1 x 1, 1-bit colormap, non-interlaced\012- data
Hash 60cf42b4d05caf10cf8bb15c0817a7b4
bd269860bb508aebcb6f08fe7289d5f117830383
18c327afa903633f86c3efcf12b77f098077eacaa8be101bb007846fd74f8b93
GET /static/1/d959d7e39d5067fad30d9c06204866e9/d.png?ex=yes HTTP/1.1
Host: ysa-static.passport.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://yastatic.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 Ok
Server: nginx/1.14.2
Date: Sun, 15 Jan 2023 18:42:50 GMT
Content-Type: image/png
Content-Length: 95
Connection: close
Cache-Control: private
Expires: Mon, 16 Jan 2023 18:42:50 GMT
X-RT-IQ: 0.0002
X-RT-IH: 0.0002
Strict-Transport-Security: max-age=315360000; includeSubDomains
an.yandex.ru/rtbcount/1HFbLN6U0Ve100000000U9nJr4oCNNpqm-rSmsa71P9TCzVyizJqF9BC00IUC95GbufK-LYk6P8CgOn0ySnf1tF2GEAb85vjEP1ePGIHdI0-430np6HSA0TXBsGiueQmLZ8ciK1O6q7gDZ03YRsCDfjb6Ow2PSuoWaIkCe8axp8oo30m_6MSnSJ0C9S99BAMAGf8dcNw3mIlc0GcUTlDd7QGWM7pbgYhWPzO6VuoWSnkPMO5ahtCYa1oAZD8srncDf3Lp4mC2Y2RMJOoNzUyuv4Kka7f9BDcu3Ifefyct5V1Ak-2oP_C3axy48Upp7rr1inQmRBGTWFBVnXWt874Fe34lWdrtWVxXon-5o8-DxVSi7_B0lBQ0bRUawnSCxZ0qXTO6neQM6woQZoz4V1pJat6LrQGxWws1fOPR5SE1ozWwzwpUKFhtpFxorQomOmvmEPnWetv4HkljvUbLQXZfaMajsUQ-Kisc8K_uQo9x8ai-X-MB7rdFukTpTp0rDpOOWCxqmvsdXFiuW_OssyrxPpqQSDYxX_iF01xlAXy
77.88.21.90200 OK 553 B URL HTTP/2 an.yandex.ru/rtbcount/1HFbLN6U0Ve100000000U9nJr4oCNNpqm-rSmsa71P9TCzVyizJqF9BC00IUC95GbufK-LYk6P8CgOn0ySnf1tF2GEAb85vjEP1ePGIHdI0-430np6HSA0TXBsGiueQmLZ8ciK1O6q7gDZ03YRsCDfjb6Ow2PSuoWaIkCe8axp8oo30m_6MSnSJ0C9S99BAMAGf8dcNw3mIlc0GcUTlDd7QGWM7pbgYhWPzO6VuoWSnkPMO5ahtCYa1oAZD8srncDf3Lp4mC2Y2RMJOoNzUyuv4Kka7f9BDcu3Ifefyct5V1Ak-2oP_C3axy48Upp7rr1inQmRBGTWFBVnXWt874Fe34lWdrtWVxXon-5o8-DxVSi7_B0lBQ0bRUawnSCxZ0qXTO6neQM6woQZoz4V1pJat6LrQGxWws1fOPR5SE1ozWwzwpUKFhtpFxorQomOmvmEPnWetv4HkljvUbLQXZfaMajsUQ-Kisc8K_uQo9x8ai-X-MB7rdFukTpTp0rDpOOWCxqmvsdXFiuW_OssyrxPpqQSDYxX_iF01xlAXy
IP 77.88.21.90:0
Hash bc04a9d06a65ad372f0fa138558fb2d2
8488905a8e345c481389d4a294a2844ec540aa24
684c49cb6434fb5c50ff82edf48130e701c58111bf797bdfad7a31eaccb5feeb
GET /rtbcount/1HFbLN6U0Ve100000000U9nJr4oCNNpqm-rSmsa71P9TCzVyizJqF9BC00IUC95GbufK-LYk6P8CgOn0ySnf1tF2GEAb85vjEP1ePGIHdI0-430np6HSA0TXBsGiueQmLZ8ciK1O6q7gDZ03YRsCDfjb6Ow2PSuoWaIkCe8axp8oo30m_6MSnSJ0C9S99BAMAGf8dcNw3mIlc0GcUTlDd7QGWM7pbgYhWPzO6VuoWSnkPMO5ahtCYa1oAZD8srncDf3Lp4mC2Y2RMJOoNzUyuv4Kka7f9BDcu3Ifefyct5V1Ak-2oP_C3axy48Upp7rr1inQmRBGTWFBVnXWt874Fe34lWdrtWVxXon-5o8-DxVSi7_B0lBQ0bRUawnSCxZ0qXTO6neQM6woQZoz4V1pJat6LrQGxWws1fOPR5SE1ozWwzwpUKFhtpFxorQomOmvmEPnWetv4HkljvUbLQXZfaMajsUQ-Kisc8K_uQo9x8ai-X-MB7rdFukTpTp0rDpOOWCxqmvsdXFiuW_OssyrxPpqQSDYxX_iF01xlAXy HTTP/1.1
Host: an.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Origin: https://goo.su
Connection: keep-alive
Referer: https://goo.su/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
timing-allow-origin: *
date: Sun, 15 Jan 2023 18:42:50 GMT
access-control-allow-origin: https://goo.su
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Sun, 15 Jan 2023 18:42:50 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
last-modified: Sun, 15 Jan 2023 18:42:50 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: image/gif
content-encoding: gzip
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 871ced6cfe919499937981d7534580e9
2e8c0fb97592bd7868be241ade707d1b38e49c34
35a05f202611c548fd0768c5f1b3d749a0dd50ade93e6df29940547480c5ec91
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "35A05F202611C548FD0768C5F1B3D749A0DD50ADE93E6DF29940547480C5EC91"
Last-Modified: Sun, 15 Jan 2023 01:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10574
Expires: Sun, 15 Jan 2023 21:39:04 GMT
Date: Sun, 15 Jan 2023 18:42:50 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 871ced6cfe919499937981d7534580e9
2e8c0fb97592bd7868be241ade707d1b38e49c34
35a05f202611c548fd0768c5f1b3d749a0dd50ade93e6df29940547480c5ec91
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "35A05F202611C548FD0768C5F1B3D749A0DD50ADE93E6DF29940547480C5EC91"
Last-Modified: Sun, 15 Jan 2023 01:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10574
Expires: Sun, 15 Jan 2023 21:39:04 GMT
Date: Sun, 15 Jan 2023 18:42:50 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 871ced6cfe919499937981d7534580e9
2e8c0fb97592bd7868be241ade707d1b38e49c34
35a05f202611c548fd0768c5f1b3d749a0dd50ade93e6df29940547480c5ec91
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "35A05F202611C548FD0768C5F1B3D749A0DD50ADE93E6DF29940547480C5EC91"
Last-Modified: Sun, 15 Jan 2023 01:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10574
Expires: Sun, 15 Jan 2023 21:39:04 GMT
Date: Sun, 15 Jan 2023 18:42:50 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 871ced6cfe919499937981d7534580e9
2e8c0fb97592bd7868be241ade707d1b38e49c34
35a05f202611c548fd0768c5f1b3d749a0dd50ade93e6df29940547480c5ec91
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "35A05F202611C548FD0768C5F1B3D749A0DD50ADE93E6DF29940547480C5EC91"
Last-Modified: Sun, 15 Jan 2023 01:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10574
Expires: Sun, 15 Jan 2023 21:39:04 GMT
Date: Sun, 15 Jan 2023 18:42:50 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F362ec1c0-4616-4ccf-bbc5-8dc0f979c801.jpeg
34.120.237.76200 OK 6.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F362ec1c0-4616-4ccf-bbc5-8dc0f979c801.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 3c8e4b9f12af5bbc6b743aeae4dfc55a
97f874ba034be152dfecd90e4996c928aa268950
bfc0ef4f4d13b729a3a38efbb04d2c58e6b05bbc2bd3492611c0fc26457d1dec
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F362ec1c0-4616-4ccf-bbc5-8dc0f979c801.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6658
x-amzn-requestid: 4a356eaa-4717-410c-af86-5d3770f0cf7e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: eniyVExqoAMFWkA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63bfb1a8-05a4e869449e4d730a5dd438;Sampled=0
x-amzn-remapped-date: Thu, 12 Jan 2023 07:07:20 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: IzYUcms6JyXRedHLwcIrfR3Jq158b76rK85QdIpxF9poWgzPjZwknA==
via: 1.1 01c28b52813cd0e82f810c492808b142.cloudfront.net (CloudFront), 1.1 7e87179efaa9e3c316bd3d3a74cfded8.cloudfront.net (CloudFront), 1.1 google
date: Sun, 15 Jan 2023 09:16:27 GMT
age: 33983
etag: "97f874ba034be152dfecd90e4996c928aa268950"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F77d2ca2b-548c-4f63-b8a5-e55b6e92d5e9.jpeg
34.120.237.76200 OK 5.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F77d2ca2b-548c-4f63-b8a5-e55b6e92d5e9.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 5c609c89120eef87bbdd0d8ee5ee18f9
be8e369be0ccc707b904546798aacc9afe413cfa
feaa9f41b45aaa71d87008fe3112bc09e41cf6c2c500b4bc1adc125c7c82eee1
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F77d2ca2b-548c-4f63-b8a5-e55b6e92d5e9.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4981
x-amzn-requestid: b6c3a2c1-b88e-4eb9-9c22-788748559fea
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ewISXEQ9oAMFbkg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63c320db-0a9f9ac1084e4f02006598cf;Sampled=0
x-amzn-remapped-date: Sat, 14 Jan 2023 21:38:35 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: a8kL20Yet_IuO2ZztlKmenTGOFa4BCYHi2B-4B1W1eq5-tCqGK3isg==
via: 1.1 da5952aa802df39905ceb16592e9698a.cloudfront.net (CloudFront), 1.1 3cd7af07832481c336aa1c93c9b4a6fe.cloudfront.net (CloudFront), 1.1 google
date: Sat, 14 Jan 2023 21:38:35 GMT
etag: "be8e369be0ccc707b904546798aacc9afe413cfa"
content-type: image/jpeg
age: 75855
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3456fd70-5207-41e6-abed-adbc381fd7a4.jpeg
34.120.237.76200 OK 9.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3456fd70-5207-41e6-abed-adbc381fd7a4.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 74ac30be02dee9dcfeee79a7dc54edff
1368d81de22ea2e4054a3e1a8f01ef337c63e35b
8abc2f276906dfb9ce75c2526d2c2cfa6aea6dbe13f4046de1040cd611cbbc1f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3456fd70-5207-41e6-abed-adbc381fd7a4.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9801
x-amzn-requestid: 39d84a20-55f7-4b7c-abc4-9ac1ff100da9
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: eqSkoGCZoAMF1zA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63c0caea-4f7a1cf676335cc83018dc51;Sampled=0
x-amzn-remapped-date: Fri, 13 Jan 2023 03:07:22 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: rUFicgD94yxyZhMtQm-aYS-QpZXn07rLRBhnBLMTIQh6qHKOX_LRFg==
via: 1.1 000f4a2f631bace380a0afa747a82482.cloudfront.net (CloudFront), 1.1 7eb3b782ab09047ce0d11ee03763894c.cloudfront.net (CloudFront), 1.1 google
date: Sun, 15 Jan 2023 05:32:33 GMT
age: 47417
etag: "1368d81de22ea2e4054a3e1a8f01ef337c63e35b"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F67bd45fb-ae78-4593-88df-aa9d625197e7.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F67bd45fb-ae78-4593-88df-aa9d625197e7.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 6f82c507da28e1b4557ea7f2bdf0f7fc
4be269ad35497a42bf7fce03d711ddf9496abbb4
f51879b87cb99b4883f320fe4abe44032968c42e32b88dc5f788b40ddc6494db
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F67bd45fb-ae78-4593-88df-aa9d625197e7.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10558
x-amzn-requestid: 3744e167-2dc5-4f3f-a5c1-6911ce4677e7
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ewYtTEfBIAMF72g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63c33b21-310877892cbb54267a12e19c;Sampled=0
x-amzn-remapped-date: Sat, 14 Jan 2023 23:30:41 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: 2SflopNrTx28LdOAGsDxw_FSjt3phZl3ivdfJ6AnrlK2u-nz0DVPqw==
via: 1.1 0aebf3fe433ff96e68d785fad4ea4c0e.cloudfront.net (CloudFront), 1.1 1a53057db389e96b4ef1bfbc925dde1c.cloudfront.net (CloudFront), 1.1 google
date: Sun, 15 Jan 2023 14:55:42 GMT
age: 13628
etag: "4be269ad35497a42bf7fce03d711ddf9496abbb4"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7c678ae9-1df5-47c4-bbe3-ec12e97322d9.jpeg
34.120.237.76200 OK 5.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7c678ae9-1df5-47c4-bbe3-ec12e97322d9.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 90fc5463f271bab652af099cb526f189
805c27d8f82a5eb6583814313c36f5e7699408e5
749dca33aa337b494fb113896bf035bc9dcb17068ecffdf30fc5ac85a4ac5185
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7c678ae9-1df5-47c4-bbe3-ec12e97322d9.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5495
x-amzn-requestid: d76b8f1d-37a2-47ac-9acf-1b0a44a4a5fe
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: eqsroF62IAMF-mg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63c0f4b0-67700bfd11f1ad5d0aaab92d;Sampled=0
x-amzn-remapped-date: Fri, 13 Jan 2023 06:05:36 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: i1qN9bIaz5ekgkM81KehmDDQpzBULDfPkp-fjEOHiZxFVogDBOIGzg==
via: 1.1 01c28b52813cd0e82f810c492808b142.cloudfront.net (CloudFront), 1.1 61bc723adb3b1884ed759711e84e13a8.cloudfront.net (CloudFront), 1.1 google
date: Sat, 14 Jan 2023 23:08:05 GMT
age: 70485
etag: "805c27d8f82a5eb6583814313c36f5e7699408e5"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F33bbc100-e509-4a4f-8b98-1d44a52a7a3c.jpeg
34.120.237.76200 OK 9.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F33bbc100-e509-4a4f-8b98-1d44a52a7a3c.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash a23d61d610c7b55d943fcb2636a01b65
82c4c5170c7b586c2a7a1f2d2d5c9ff0219af065
28bf3039cc8c1213e64893c71bc150eda573223feb2cc15ad0814a44960d434a
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F33bbc100-e509-4a4f-8b98-1d44a52a7a3c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9539
x-amzn-requestid: 33735807-3403-41ee-a488-a3f25f9b12d5
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ewX9XFvoIAMFzMg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63c339ee-65def8747314ecb63b000a4c;Sampled=0
x-amzn-remapped-date: Sat, 14 Jan 2023 23:25:34 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: D6FaDcaWbJehldBR7ASM60ey56hQS1H4ZpLlGqI-ptDupfJT-iugfw==
via: 1.1 e5af640ced3aa8764b82c4bc3f7af38e.cloudfront.net (CloudFront), 1.1 57a21088b36c69a83578b5a5579df58e.cloudfront.net (CloudFront), 1.1 google
date: Sun, 15 Jan 2023 05:58:31 GMT
age: 45859
etag: "82c4c5170c7b586c2a7a1f2d2d5c9ff0219af065"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
yastatic.net/partner-code-bundles/705738/b887192c4a62fd372984.js
178.154.131.217200 OK 3.5 kB URL HTTP/2 yastatic.net/partner-code-bundles/705738/b887192c4a62fd372984.js
IP 178.154.131.217:0
File type ASCII text, with very long lines (9149)
Hash d1269fcf7bc98ff1c2e76956c5c08935
0f8439b6341661a01a1d5ba75b81cda165bf1ebd
3e9976fad7919aae24d86fb2bdd6e03dc9e6b8b632b71f326ab30cdefe3c16e3
GET /partner-code-bundles/705738/b887192c4a62fd372984.js HTTP/1.1
Host: yastatic.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://goo.su
Connection: keep-alive
Referer: https://goo.su/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx/1.17.9
date: Sun, 15 Jan 2023 18:42:50 GMT
content-type: text/javascript; charset=utf-8
content-length: 3549
access-control-allow-origin: *
cache-control: public, max-age=946708560
content-encoding: br
etag: "d1269fcf7bc98ff1c2e76956c5c08935"
expires: Wed, 15 Jan 2053 01:16:27 GMT
last-modified: Thu, 12 Jan 2023 18:09:24 GMT
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
strict-transport-security: max-age=43200000; includeSubDomains;
timing-allow-origin: *
vary: Accept-Encoding
x-robots-tag: noindex, noarchive, nofollow
accept-ranges: bytes
X-Firefox-Spdy: h2
favicon.yandex.net/favicon/rpgamesrn.netlify.app?size=120&stub=2
87.250.250.36200 Ok 866 B URL HTTP/1.1 favicon.yandex.net/favicon/rpgamesrn.netlify.app?size=120&stub=2
IP 87.250.250.36:0
File type PNG image data, 120 x 120, 8-bit/color RGBA, non-interlaced\012- data
Hash 4b3b05a304db0751d45f8ca5c1fa1ab6
660c4cfbcc3121b7be56e5528404f9a9f7563449
343a6fb5ac42d4d5dcae03fa86be33db3ee047bb2b7d125d32723846dcfc3ed5
GET /favicon/rpgamesrn.netlify.app?size=120&stub=2 HTTP/1.1
Host: favicon.yandex.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://goo.su/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 Ok
Cache-Control: max-age=691200
Content-Type: image/png
Transfer-Encoding: chunked
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
access-control-allow-origin: *
pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230111&st=env
142.250.74.2200 OK 11 kB URL HTTP/2 pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230111&st=env
IP 142.250.74.2:0
File type JSON data\012- , ASCII text, with very long lines (14477), with no line terminators
Hash 40f6a109668f51a141a9f3cf6320c226
06fbd11d21ef31a98ba507039ede739099c7fccf
97f23b73b0234a94474afce9c3d3b664e05730cc3f8b3a2d4c837f341b2ff775
GET /getconfig/sodar?sv=200&tid=gda&tv=r20230111&st=env HTTP/1.1
Host: pagead2.googlesyndication.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://goo.su
Connection: keep-alive
Referer: https://goo.su/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
content-type: application/json; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
date: Sun, 15 Jan 2023 18:42:50 GMT
server: cafe
content-length: 10927
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
top-fwz1.mail.ru/tracker?js=13;id=3128781;u=https%3A//goo.su/z4lUTHq/;st=1673808168550;title=Redirecting...;s=1280*1024;vp=1268*939;touch=0;hds=1;frame=0;flash=;sid=473a895617346e28;ver=60.3.0;tz=0%2FUTC;nt=0/0/1673808167334/////526/557/563/563/588/569/588/849/850/872/1216/1251/1257/3159/3159/;ni=;lvid=1673808169208%3A1673808170497%3A2%3A2d3b45b0401b7ed1ef0893946c0ca700;visible=true;_=0.010489453046576669;e=RT/load;et=1673808170495
95.163.52.67200 OK 43 B URL HTTP/2 top-fwz1.mail.ru/tracker?js=13;id=3128781;u=https%3A//goo.su/z4lUTHq/;st=1673808168550;title=Redirecting...;s=1280*1024;vp=1268*939;touch=0;hds=1;frame=0;flash=;sid=473a895617346e28;ver=60.3.0;tz=0%2FUTC;nt=0/0/1673808167334/////526/557/563/563/588/569/588/849/850/872/1216/1251/1257/3159/3159/;ni=;lvid=1673808169208%3A1673808170497%3A2%3A2d3b45b0401b7ed1ef0893946c0ca700;visible=true;_=0.010489453046576669;e=RT/load;et=1673808170495
IP 95.163.52.67:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 9bb191c6827273aa978cab39a3587950
25d8043336eb799e52b1a0e15ff6b95e09c24e35
24e480e4659fbae818853a38f8a3036f529f539024dc3e772c0b594ce02ea9db
GET /tracker?js=13;id=3128781;u=https%3A//goo.su/z4lUTHq/;st=1673808168550;title=Redirecting...;s=1280*1024;vp=1268*939;touch=0;hds=1;frame=0;flash=;sid=473a895617346e28;ver=60.3.0;tz=0%2FUTC;nt=0/0/1673808167334/////526/557/563/563/588/569/588/849/850/872/1216/1251/1257/3159/3159/;ni=;lvid=1673808169208%3A1673808170497%3A2%3A2d3b45b0401b7ed1ef0893946c0ca700;visible=true;_=0.010489453046576669;e=RT/load;et=1673808170495 HTTP/1.1
Host: top-fwz1.mail.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://goo.su/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 15 Jan 2023 18:42:50 GMT
content-type: image/gif
content-length: 43
set-cookie: FTID=1RMYgQ0tkIIF:1673808170:3128781:::; path=/; expires=Tue, 16-Jan-24 18:42:50 GMT; domain=.mail.ru; HttpOnly; SameSite=None; Secure
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, HEAD, PUT, OPTIONS
access-control-allow-headers: *
amp-access-control-allow-source-origin: *
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
timing-allow-origin: *
x-content-type-options: nosniff
p3p: CP="NOI DSP COR NID CUR PSA OUR NOR"
cache-control: private, no-cache, no-store, max-age=0
pragma: no-cache
accept-ch: DPR, Width, Viewport-Width, Downlink, Device-Memory, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version
accept-ch-lifetime: 86400
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 91c8e08b8aebb21636749787f171e608
153bfed51979364855083bc8123f00901cd514bb
3afbe409f16cd32f4c97afface18084747bac7dbafce5b6832996435b1f58259
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 15 Jan 2023 18:42:50 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
tpc.googlesyndication.com/sodar/sodar2.js
142.250.74.97200 OK 6.4 kB URL HTTP/2 tpc.googlesyndication.com/sodar/sodar2.js
IP 142.250.74.97:0
File type ASCII text, with very long lines (1321)
Hash ac906814ed812c4ecdbb624a3bd2f6c3
8e4547eaffaa66a1ee61b36028dbcd7091d0e7de
8ab8cef6156022c4547455defd8252b48b6bcb8b734072849345bb99758705fe
GET /sodar/sodar2.js HTTP/1.1
Host: tpc.googlesyndication.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://goo.su/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/javascript
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length: 6386
date: Sun, 15 Jan 2023 18:42:50 GMT
expires: Sun, 15 Jan 2023 18:42:50 GMT
cache-control: private, max-age=3000
etag: "1637097310169751"
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
tpc.googlesyndication.com/sodar/sodar2/225/runner.html
142.250.74.97200 OK 5.0 kB URL HTTP/2 tpc.googlesyndication.com/sodar/sodar2/225/runner.html
IP 142.250.74.97:0
File type HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (2020)
Hash f530c16b248be97e10df228df6a41c24
ca3c3a38bbeef6906682b3e0b2a7be40c08b0925
f45287dcfd79a2411e79f98c834c6f7eff8a281a9b4fdba0124be9d204987786
GET /sodar/sodar2/225/runner.html HTTP/1.1
Host: tpc.googlesyndication.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://goo.su/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length: 5046
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 14 Jan 2023 13:18:32 GMT
expires: Sun, 14 Jan 2024 13:18:32 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
content-type: text/html
age: 105858
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
pagead2.googlesyndication.com/bg/OU_aD-3-G2pcaJqwlUagl315JVS_daCE4k47Wxj7Xso.js
142.250.74.2200 OK 16 kB URL HTTP/2 pagead2.googlesyndication.com/bg/OU_aD-3-G2pcaJqwlUagl315JVS_daCE4k47Wxj7Xso.js
IP 142.250.74.2:0
File type ASCII text, with very long lines (35945)
Hash 27c8499b3290a396bbe40d44eae80927
0b2950a56db5fd26cca417f54006f710d0b5c030
78b30831a4fc3bb95c51181e9771af22c5428b1d9c278954ecce05ee1fb8b5dc
GET /bg/OU_aD-3-G2pcaJqwlUagl315JVS_daCE4k47Wxj7Xso.js HTTP/1.1
Host: pagead2.googlesyndication.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tpc.googlesyndication.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-length: 16095
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 13 Jan 2023 22:30:50 GMT
expires: Sat, 13 Jan 2024 22:30:50 GMT
cache-control: public, max-age=31536000
age: 159120
last-modified: Tue, 03 Jan 2023 14:58:00 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
mc.yandex.ru/watch/1677322/1?wmode=7&page-url=https%3A%2F%2Fgoo.su%2Fz4lUTHq%2F&nohit=1&charset=utf-8&cnt-class=1&browser-info=pv%3A1%3Avf%3A3kqlg6e9sjiwxr6f2njdv%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A953%3Acn%3A1%3Adp%3A0%3Als%3A1057499882529%3Ahid%3A823855744%3Az%3A0%3Ai%3A20230115184250%3Aet%3A1673808170%3Ac%3A1%3Arn%3A931193512%3Au%3A1673808170106650993%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Aco%3A0%3Ans%3A1673808167334%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1673808170%3At%3ARedirecting...&t=gdpr%2814%29clc%280-0-0%29aw%281%29fip%281%29ti%282%29
93.158.134.119200 OK 236 B URL HTTP/2 mc.yandex.ru/watch/1677322/1?wmode=7&page-url=https%3A%2F%2Fgoo.su%2Fz4lUTHq%2F&nohit=1&charset=utf-8&cnt-class=1&browser-info=pv%3A1%3Avf%3A3kqlg6e9sjiwxr6f2njdv%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A953%3Acn%3A1%3Adp%3A0%3Als%3A1057499882529%3Ahid%3A823855744%3Az%3A0%3Ai%3A20230115184250%3Aet%3A1673808170%3Ac%3A1%3Arn%3A931193512%3Au%3A1673808170106650993%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Aco%3A0%3Ans%3A1673808167334%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1673808170%3At%3ARedirecting...&t=gdpr%2814%29clc%280-0-0%29aw%281%29fip%281%29ti%282%29
IP 93.158.134.119:0
File type JSON data\012- , ASCII text, with no line terminators
Hash aefcfe7f82837088f5959beda57440d1
cb36c1ab031eb5ef176d9eec1436219fbdf64884
771c326acb7087e60e666a0acbdfe07d5046c0147102dd54b6f271457e1d66c8
GET /watch/1677322/1?wmode=7&page-url=https%3A%2F%2Fgoo.su%2Fz4lUTHq%2F&nohit=1&charset=utf-8&cnt-class=1&browser-info=pv%3A1%3Avf%3A3kqlg6e9sjiwxr6f2njdv%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A953%3Acn%3A1%3Adp%3A0%3Als%3A1057499882529%3Ahid%3A823855744%3Az%3A0%3Ai%3A20230115184250%3Aet%3A1673808170%3Ac%3A1%3Arn%3A931193512%3Au%3A1673808170106650993%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Aco%3A0%3Ans%3A1673808167334%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1673808170%3At%3ARedirecting...&t=gdpr%2814%29clc%280-0-0%29aw%281%29fip%281%29ti%282%29 HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://goo.su
Referer: https://goo.su/
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 236
date: Sun, 15 Jan 2023 18:42:50 GMT
x-content-type-options: nosniff
access-control-allow-origin: https://goo.su
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Sun, 15-Jan-2023 18:42:50 GMT
last-modified: Sun, 15-Jan-2023 18:42:50 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: application/json; charset=utf-8
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
mc.yandex.ru/watch/1677322?wmode=7&page-url=https%3A%2F%2Fgoo.su%2Fz4lUTHq%2F&nohit=1&charset=utf-8&cnt-class=1&browser-info=pv%3A1%3Avf%3A3kqlg6e9sjiwxr6f2njdv%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A953%3Acn%3A1%3Adp%3A0%3Als%3A1057499882529%3Ahid%3A823855744%3Az%3A0%3Ai%3A20230115184250%3Aet%3A1673808170%3Ac%3A1%3Arn%3A931193512%3Au%3A1673808170106650993%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Aco%3A0%3Ans%3A1673808167334%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1673808170%3At%3ARedirecting...&t=gdpr(14)clc(0-0-0)aw(1)fip(1)ti(2)
93.158.134.119302 Found 472 B URL HTTP/2 mc.yandex.ru/watch/1677322?wmode=7&page-url=https%3A%2F%2Fgoo.su%2Fz4lUTHq%2F&nohit=1&charset=utf-8&cnt-class=1&browser-info=pv%3A1%3Avf%3A3kqlg6e9sjiwxr6f2njdv%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A953%3Acn%3A1%3Adp%3A0%3Als%3A1057499882529%3Ahid%3A823855744%3Az%3A0%3Ai%3A20230115184250%3Aet%3A1673808170%3Ac%3A1%3Arn%3A931193512%3Au%3A1673808170106650993%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Aco%3A0%3Ans%3A1673808167334%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1673808170%3At%3ARedirecting...&t=gdpr(14)clc(0-0-0)aw(1)fip(1)ti(2)
IP 93.158.134.119:0
Hash 4dc72ba06ace9ad5795c9de974b66afa
d56fbd77e052b69ce1eaf5e43d24596d162c45fa
f8986ca3bd2b5c850b42dc287b7ea42b02eb8dee4943344ade7a03946d6f7325
GET /watch/1677322?wmode=7&page-url=https%3A%2F%2Fgoo.su%2Fz4lUTHq%2F&nohit=1&charset=utf-8&cnt-class=1&browser-info=pv%3A1%3Avf%3A3kqlg6e9sjiwxr6f2njdv%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A953%3Acn%3A1%3Adp%3A0%3Als%3A1057499882529%3Ahid%3A823855744%3Az%3A0%3Ai%3A20230115184250%3Aet%3A1673808170%3Ac%3A1%3Arn%3A931193512%3Au%3A1673808170106650993%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Aco%3A0%3Ans%3A1673808167334%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1673808170%3At%3ARedirecting...&t=gdpr(14)clc(0-0-0)aw(1)fip(1)ti(2) HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://goo.su
Connection: keep-alive
Referer: https://goo.su/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
location: /watch/1677322/1?wmode=7&page-url=https%3A%2F%2Fgoo.su%2Fz4lUTHq%2F&nohit=1&charset=utf-8&cnt-class=1&browser-info=pv%3A1%3Avf%3A3kqlg6e9sjiwxr6f2njdv%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A953%3Acn%3A1%3Adp%3A0%3Als%3A1057499882529%3Ahid%3A823855744%3Az%3A0%3Ai%3A20230115184250%3Aet%3A1673808170%3Ac%3A1%3Arn%3A931193512%3Au%3A1673808170106650993%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Aco%3A0%3Ans%3A1673808167334%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1673808170%3At%3ARedirecting...&t=gdpr%2814%29clc%280-0-0%29aw%281%29fip%281%29ti%282%29
date: Sun, 15 Jan 2023 18:42:50 GMT
access-control-allow-origin: https://goo.su
set-cookie: yabs-sid=2284260491673808170; Path=/; SameSite=None; Secure
i=WLOGT5UKwPTNPu/wFsyMzEG2VJFWJrkHlwlf/nke2M0hINM6acOs8uSZLtn1hNFw4gMOwcWoQJHopFxLNDfd/IA6Uqk=; Expires=Wed, 12-Jan-2033 18:42:50 GMT; Domain=.yandex.ru; Path=/; Secure; HttpOnly; SameSite=None
yandexuid=5334728261673808170; Expires=Mon, 15-Jan-2024 18:42:50 GMT; Domain=.yandex.ru; Path=/; SameSite=None; Secure
yuidss=5334728261673808170; Expires=Mon, 15-Jan-2024 18:42:50 GMT; Domain=.yandex.ru; Path=/; SameSite=None; Secure
ymex=1705344170.yc.1673808170#1705344170.yrts.1673808170#1705344170.yrtsi.1673808170; Expires=Mon, 15-Jan-2024 18:42:50 GMT; Domain=.yandex.ru; Path=/; SameSite=None; Secure
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Sun, 15-Jan-2023 18:42:50 GMT
last-modified: Sun, 15-Jan-2023 18:42:50 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
www.google.com/recaptcha/api2/aframe
216.58.211.4200 OK 511 B URL HTTP/2 www.google.com/recaptcha/api2/aframe
IP 216.58.211.4:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (783), with no line terminators
Hash 79fbdfc1e5bee994ae91ccac60f2aad6
dbee70ebcb2768cb2ab91ae5e018b2b919082c88
f53a7215ba26f55d1156c5ccf2aa8f5a210ebb9b6a4b54f12034aa6180625772
GET /recaptcha/api2/aframe HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://goo.su/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires: Sun, 15 Jan 2023 18:42:50 GMT
date: Sun, 15 Jan 2023 18:42:50 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'nonce-R9dvImMeqctpohYQfaN8aA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 511
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
an.yandex.ru/event_confirmation
77.88.21.90200 OK 5.0 kB URL HTTP/2 an.yandex.ru/event_confirmation
IP 77.88.21.90:0
Hash 59722d53aee0bc752f4fbbc518f6abdb
120221834544b8b527acfb51319e7ad32d808606
485d6d1efb9969960367a06789fe3169570da78f86d33beb39d9b45f2a4a2ef1
POST /event_confirmation HTTP/1.1
Host: an.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Content-Length: 325
Origin: https://goo.su
Connection: keep-alive
Referer: https://goo.su/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
timing-allow-origin: *
date: Sun, 15 Jan 2023 18:42:50 GMT
access-control-allow-origin: https://goo.su
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Sun, 15 Jan 2023 18:42:50 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
last-modified: Sun, 15 Jan 2023 18:42:50 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-encoding: gzip
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
favicon.yandex.net/favicon/ridero.eu?size=120&stub=2
87.250.250.36200 Ok 1.2 kB URL HTTP/1.1 favicon.yandex.net/favicon/ridero.eu?size=120&stub=2
IP 87.250.250.36:0
File type PNG image data, 120 x 120, 8-bit/color RGBA, non-interlaced\012- data
Hash 5c3ed7f27c7de97d2a5b69043287d63b
c17026ca26200fab36e37ee2eae6e8318d122c4d
ff973a73cc160c479111b4e5c82195c85c73cc4ff6c747a5bc76638e04a3c9fb
GET /favicon/ridero.eu?size=120&stub=2 HTTP/1.1
Host: favicon.yandex.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://goo.su/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 Ok
Cache-Control: max-age=691200
Content-Type: image/png
Transfer-Encoding: chunked
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
access-control-allow-origin: *
an.yandex.ru/event_confirmation
77.88.21.90200 OK 12 kB URL HTTP/2 an.yandex.ru/event_confirmation
IP 77.88.21.90:0
Hash c4ccbd5b03e56364cfec4c302e82230d
fb1a5c61bbf04ee5b3287c4a9b0854468eaf7c55
2625519b0436568b870f91f8d3a303106145ce9b788b567a85324606662a57d4
POST /event_confirmation HTTP/1.1
Host: an.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Content-Length: 300
Origin: https://goo.su
Connection: keep-alive
Referer: https://goo.su/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
timing-allow-origin: *
date: Sun, 15 Jan 2023 18:42:50 GMT
access-control-allow-origin: https://goo.su
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Sun, 15 Jan 2023 18:42:50 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
last-modified: Sun, 15 Jan 2023 18:42:50 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-encoding: gzip
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
favicon.yandex.net/favicon/video-shoper.ru?size=120&stub=2
87.250.250.36200 Ok 3.9 kB URL HTTP/1.1 favicon.yandex.net/favicon/video-shoper.ru?size=120&stub=2
IP 87.250.250.36:0
File type PNG image data, 120 x 120, 8-bit/color RGBA, non-interlaced\012- data
Hash 319aa1f62c71f4f64174eed9f87fe065
f191e0f69f7815c72e2f315b73ab21666602e4ba
37510ebb2df42fa5f81d3fe5263acc2713ee3c34fbd22a8563dec6a97d691093
GET /favicon/video-shoper.ru?size=120&stub=2 HTTP/1.1
Host: favicon.yandex.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://goo.su/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 Ok
Cache-Control: max-age=691200
Content-Type: image/png
Transfer-Encoding: chunked
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
access-control-allow-origin: *
favicon.yandex.net/favicon/mysqlforexcel.com?size=120&stub=2
87.250.250.36200 Ok 2.0 kB URL HTTP/1.1 favicon.yandex.net/favicon/mysqlforexcel.com?size=120&stub=2
IP 87.250.250.36:0
File type PNG image data, 120 x 120, 8-bit/color RGBA, non-interlaced\012- data
Hash 6a282d005c23f2bd6f129e8fdb9e8512
6853d133ebd2bc431bcf2575a56e4f730265d23c
2ec4dce4caa04aea9879682a58ee8a840614e7480bcee3f58b6a086b971d2bf5
GET /favicon/mysqlforexcel.com?size=120&stub=2 HTTP/1.1
Host: favicon.yandex.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://goo.su/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 Ok
Cache-Control: max-age=691200
Content-Type: image/png
Transfer-Encoding: chunked
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
access-control-allow-origin: *
mc.yandex.ru/watch/1677322/1?page-url=https%3A%2F%2Fgoo.su%2Fz4lUTHq%2F&charset=utf-8&cnt-class=1&hittoken=1673808170_617532075e5f14a692a7404354fe16f5435b1fedeed24a72218ab744fb26625e&browser-info=pa%3A1%3Aar%3A1%3Avf%3A3kqlg6e9sjiwxr6f2njdv%3Afp%3A1264%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A953%3Acn%3A1%3Adp%3A0%3Als%3A1057499882529%3Ahid%3A823855744%3Az%3A0%3Ai%3A20230115184250%3Aet%3A1673808171%3Ac%3A1%3Arn%3A811948511%3Arqn%3A1%3Au%3A1673808170106650993%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Ads%3A7%2C24%2C262%2C1%2C527%2C0%2C%2C365%2C5%2C3159%2C3159%2C6%2C1252%3Aco%3A0%3Ans%3A1673808167334%3Ast%3A1673808171&t=gdpr(14)mc(p-1-h-1)clc(0-0-0)rqnt(1)aw(1)ti(2)
93.158.134.119200 OK 43 B URL HTTP/2 mc.yandex.ru/watch/1677322/1?page-url=https%3A%2F%2Fgoo.su%2Fz4lUTHq%2F&charset=utf-8&cnt-class=1&hittoken=1673808170_617532075e5f14a692a7404354fe16f5435b1fedeed24a72218ab744fb26625e&browser-info=pa%3A1%3Aar%3A1%3Avf%3A3kqlg6e9sjiwxr6f2njdv%3Afp%3A1264%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A953%3Acn%3A1%3Adp%3A0%3Als%3A1057499882529%3Ahid%3A823855744%3Az%3A0%3Ai%3A20230115184250%3Aet%3A1673808171%3Ac%3A1%3Arn%3A811948511%3Arqn%3A1%3Au%3A1673808170106650993%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Ads%3A7%2C24%2C262%2C1%2C527%2C0%2C%2C365%2C5%2C3159%2C3159%2C6%2C1252%3Aco%3A0%3Ans%3A1673808167334%3Ast%3A1673808171&t=gdpr(14)mc(p-1-h-1)clc(0-0-0)rqnt(1)aw(1)ti(2)
IP 93.158.134.119:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash df3e567d6f16d040326c7a0ea29a4f41
ea7df583983133b62712b5e73bffbcd45cc53736
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
POST /watch/1677322/1?page-url=https%3A%2F%2Fgoo.su%2Fz4lUTHq%2F&charset=utf-8&cnt-class=1&hittoken=1673808170_617532075e5f14a692a7404354fe16f5435b1fedeed24a72218ab744fb26625e&browser-info=pa%3A1%3Aar%3A1%3Avf%3A3kqlg6e9sjiwxr6f2njdv%3Afp%3A1264%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A953%3Acn%3A1%3Adp%3A0%3Als%3A1057499882529%3Ahid%3A823855744%3Az%3A0%3Ai%3A20230115184250%3Aet%3A1673808171%3Ac%3A1%3Arn%3A811948511%3Arqn%3A1%3Au%3A1673808170106650993%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Ads%3A7%2C24%2C262%2C1%2C527%2C0%2C%2C365%2C5%2C3159%2C3159%2C6%2C1252%3Aco%3A0%3Ans%3A1673808167334%3Ast%3A1673808171&t=gdpr(14)mc(p-1-h-1)clc(0-0-0)rqnt(1)aw(1)ti(2) HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 80
Origin: https://goo.su
Connection: keep-alive
Referer: https://goo.su/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 43
date: Sun, 15 Jan 2023 18:42:50 GMT
access-control-allow-origin: https://goo.su
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Sun, 15-Jan-2023 18:42:50 GMT
last-modified: Sun, 15-Jan-2023 18:42:50 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: image/gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20230111&jk=983952758395918&rc=
142.250.74.2204 No Content 0 B URL HTTP/2 pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20230111&jk=983952758395918&rc=
IP 142.250.74.2:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /pagead/sodar?id=sodar2&v=225&li=gda_r20230111&jk=983952758395918&rc= HTTP/1.1
Host: pagead2.googlesyndication.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Sun, 15 Jan 2023 18:42:50 GMT
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
mc.yandex.ru/watch/1677322/1?page-url=https%3A%2F%2Fgoo.su%2Fz4lUTHq%2F&charset=utf-8&cnt-class=1&hittoken=1673808170_617532075e5f14a692a7404354fe16f5435b1fedeed24a72218ab744fb26625e&browser-info=pv%3A1%3Aar%3A1%3Avf%3A3kqlg6e9sjiwxr6f2njdv%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A953%3Acn%3A1%3Adp%3A0%3Als%3A1057499882529%3Ahid%3A823855744%3Az%3A0%3Ai%3A20230115184250%3Aet%3A1673808171%3Ac%3A1%3Arn%3A167480967%3Arqn%3A2%3Au%3A1673808170106650993%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Aco%3A0%3Ans%3A1673808167334%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1673808171%3At%3ARedirecting...&t=gdpr%2814%29mc%28p-1-h-1%29clc%280-0-0%29rqnt%282%29aw%281%29fip%281%29ti%282%29
93.158.134.119200 OK 43 B URL HTTP/2 mc.yandex.ru/watch/1677322/1?page-url=https%3A%2F%2Fgoo.su%2Fz4lUTHq%2F&charset=utf-8&cnt-class=1&hittoken=1673808170_617532075e5f14a692a7404354fe16f5435b1fedeed24a72218ab744fb26625e&browser-info=pv%3A1%3Aar%3A1%3Avf%3A3kqlg6e9sjiwxr6f2njdv%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A953%3Acn%3A1%3Adp%3A0%3Als%3A1057499882529%3Ahid%3A823855744%3Az%3A0%3Ai%3A20230115184250%3Aet%3A1673808171%3Ac%3A1%3Arn%3A167480967%3Arqn%3A2%3Au%3A1673808170106650993%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Aco%3A0%3Ans%3A1673808167334%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1673808171%3At%3ARedirecting...&t=gdpr%2814%29mc%28p-1-h-1%29clc%280-0-0%29rqnt%282%29aw%281%29fip%281%29ti%282%29
IP 93.158.134.119:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash df3e567d6f16d040326c7a0ea29a4f41
ea7df583983133b62712b5e73bffbcd45cc53736
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
GET /watch/1677322/1?page-url=https%3A%2F%2Fgoo.su%2Fz4lUTHq%2F&charset=utf-8&cnt-class=1&hittoken=1673808170_617532075e5f14a692a7404354fe16f5435b1fedeed24a72218ab744fb26625e&browser-info=pv%3A1%3Aar%3A1%3Avf%3A3kqlg6e9sjiwxr6f2njdv%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A953%3Acn%3A1%3Adp%3A0%3Als%3A1057499882529%3Ahid%3A823855744%3Az%3A0%3Ai%3A20230115184250%3Aet%3A1673808171%3Ac%3A1%3Arn%3A167480967%3Arqn%3A2%3Au%3A1673808170106650993%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Aco%3A0%3Ans%3A1673808167334%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1673808171%3At%3ARedirecting...&t=gdpr%2814%29mc%28p-1-h-1%29clc%280-0-0%29rqnt%282%29aw%281%29fip%281%29ti%282%29 HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://goo.su
Referer: https://goo.su/
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 43
date: Sun, 15 Jan 2023 18:42:50 GMT
access-control-allow-origin: https://goo.su
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Sun, 15-Jan-2023 18:42:50 GMT
last-modified: Sun, 15-Jan-2023 18:42:50 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: image/gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
an.yandex.ru/event_confirmation
77.88.21.90200 OK 959 B URL HTTP/2 an.yandex.ru/event_confirmation
IP 77.88.21.90:0
Hash 4ee8c8dd44b3c59c7f0e432616e5a401
b766a3bad936d2b80cb4b440471188389d85105f
7eb38f1f572b562f330d35ecfb31b6c6e4ed490129140336eb2a82ed88b26194
POST /event_confirmation HTTP/1.1
Host: an.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Content-Length: 325
Origin: https://goo.su
Connection: keep-alive
Referer: https://goo.su/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
timing-allow-origin: *
date: Sun, 15 Jan 2023 18:42:50 GMT
access-control-allow-origin: https://goo.su
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Sun, 15 Jan 2023 18:42:50 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
last-modified: Sun, 15 Jan 2023 18:42:50 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-encoding: gzip
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
yandex.ru/clck/click
77.88.55.55200 OK 43 B IP 77.88.55.55:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash ea05ec2274832731bf2413a6192a245d
d36405c92765acc00a3f0b73c02443927f439d2f
7e928161cd626935d39ff08188caa3f3a918811ca87194082dedf28b697ce6fd
POST /clck/click HTTP/1.1
Host: yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 5582
Origin: https://goo.su
Connection: keep-alive
Referer: https://goo.su/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-length: 43
content-type: image/gif
report-to: { "group": "network-errors", "max_age": 100, "endpoints": [{"url": "https://dr.yandex.net/nel", "priority": 1}, {"url": "https://dr2.yandex.net/nel", "priority": 2}]}
cache-control: no-cache
nel: {"report_to": "network-errors", "max_age": 100, "success_fraction": 0.001, "failure_fraction": 0.1}
x-content-type-options: nosniff
set-cookie: i=uOZnEYIzYSe+tokVvjdXm5vjawNwB9Dr7Lp+u02icJm35IIBa4FTRQOzqModhkCwygtKKkG9rp5Pr0ITBCPZHy27Rs4=; Expires=Tue, 14-Jan-2025 18:42:51 GMT; Domain=.yandex.ru; Path=/; Secure; HttpOnly; SameSite=None
X-Firefox-Spdy: h2
pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20230111&jk=983952758395918&bg=!b2ylbCjNAAYDMoyoIzI7ACkAdvg8WkE_WgYHDF1zBvoMcJdK44kLy3TBzL-m98XIJ2b7E8wNEP68RgIAAAEGUgAAAARoAQcKAQYiDej363yO1RKWCqr0YIF4Sd13UpF7FWIjmn48LCNkdjG50AcTEUBWksZbM3UWb8dkRpKvtfDYwkgWazeRh5XEC5CWHhgEf80xwFk61lnDkD6NJECx2pBNyeHL0XfYHDgBrydLWjHbowl707jjK6piRxYRT75-mmUlfAdyzNqzrLMvdeq3mJjMJ4e9WHPpPNWJkJK9aPvpD4JCrIouJiJkzxRVh_UDmdRqVRFpUya0-VU63dkbdslyvU_bNUq5-NtIfmgm8QfZ1oDW_ABfWm9eIGdtWPBVM4iX38qsXgfSn3Ixj1vHTjiPoJmW2c1m7YUzfz6iRWyMQZlqmKBfvepH8iTOCWlcmQKAt6W0vxocgmyA3ZBB6AQwIpul__PFWneHDQmQLjugST2NH6id6nL6JYtddUSKFGIRONeQSHg-CSBAVRqfqKv2QGSYn6G6qoOfi2X5_MFQwOPP0Txun17qfT55qpOQhL7sW9AFT6dJTl0M5JQGOVHARiA4u1LpGDFBIfpkF6hjdn2vnDyCzuldojG4fuhtsEmI7ez145zAB5sfU5e7O1Q3yYqEZafTcSUAkK1fvEM0k5qtawI-0-oZoJ_Q5p5j7OVL-5OgjVYa5T7_uQ7oT3RZBgL6x1dUy01S2kI1dD8CZdpz10IVBc5czxZ2j8pku3zXuP-N9UDqBn4z6vNKnuRqjE_ahTtSzxpeEbiu_5Y9nStongAtcbHpVc5G_18feKEogAkN8XCX_AddqeDfDBy21ZkA28OqqMHejbqBpHXn1Pgf3zVYpZxPar7sJ3npf9lpZPWE6UJqwPgWasLuHEDd5nV65Gg5Sw1L9b0vHPQoC1frvfYTdyod5Ro7eeW_mZ5efNynF5t65kS3X42KWHLtbVKER4ajyf1gr5m7_5_x25QXjBD5J7bYduvLXvWKeyRudV-tYqkYBXhrb1F7ZKhWRFj3BVfSFBrONWxtYoYRc_ME3Lc53Yfj561ZkLIKs5K7MJvY_tMfAGpbtt1dPgfM9NWaS6jENRXYDQ8LhsEJJpoGR4-WW9ZxGPfHi560ngnq2krGlAoS7xdDepmDmsiXdYqOxrxhELPFPW2yKaVjPN3zFpU2W_4Ac6yFcCejNUusj25LDx20RxPnSlrxhx4XOeerLceRbrYXIS3MiG4KrbJTDMLjSIucrGNi-epNDNTJrQEWFORy0DVLe-ApEB3MDA
142.250.74.2204 No Content 0 B URL HTTP/2 pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20230111&jk=983952758395918&bg=!b2ylbCjNAAYDMoyoIzI7ACkAdvg8WkE_WgYHDF1zBvoMcJdK44kLy3TBzL-m98XIJ2b7E8wNEP68RgIAAAEGUgAAAARoAQcKAQYiDej363yO1RKWCqr0YIF4Sd13UpF7FWIjmn48LCNkdjG50AcTEUBWksZbM3UWb8dkRpKvtfDYwkgWazeRh5XEC5CWHhgEf80xwFk61lnDkD6NJECx2pBNyeHL0XfYHDgBrydLWjHbowl707jjK6piRxYRT75-mmUlfAdyzNqzrLMvdeq3mJjMJ4e9WHPpPNWJkJK9aPvpD4JCrIouJiJkzxRVh_UDmdRqVRFpUya0-VU63dkbdslyvU_bNUq5-NtIfmgm8QfZ1oDW_ABfWm9eIGdtWPBVM4iX38qsXgfSn3Ixj1vHTjiPoJmW2c1m7YUzfz6iRWyMQZlqmKBfvepH8iTOCWlcmQKAt6W0vxocgmyA3ZBB6AQwIpul__PFWneHDQmQLjugST2NH6id6nL6JYtddUSKFGIRONeQSHg-CSBAVRqfqKv2QGSYn6G6qoOfi2X5_MFQwOPP0Txun17qfT55qpOQhL7sW9AFT6dJTl0M5JQGOVHARiA4u1LpGDFBIfpkF6hjdn2vnDyCzuldojG4fuhtsEmI7ez145zAB5sfU5e7O1Q3yYqEZafTcSUAkK1fvEM0k5qtawI-0-oZoJ_Q5p5j7OVL-5OgjVYa5T7_uQ7oT3RZBgL6x1dUy01S2kI1dD8CZdpz10IVBc5czxZ2j8pku3zXuP-N9UDqBn4z6vNKnuRqjE_ahTtSzxpeEbiu_5Y9nStongAtcbHpVc5G_18feKEogAkN8XCX_AddqeDfDBy21ZkA28OqqMHejbqBpHXn1Pgf3zVYpZxPar7sJ3npf9lpZPWE6UJqwPgWasLuHEDd5nV65Gg5Sw1L9b0vHPQoC1frvfYTdyod5Ro7eeW_mZ5efNynF5t65kS3X42KWHLtbVKER4ajyf1gr5m7_5_x25QXjBD5J7bYduvLXvWKeyRudV-tYqkYBXhrb1F7ZKhWRFj3BVfSFBrONWxtYoYRc_ME3Lc53Yfj561ZkLIKs5K7MJvY_tMfAGpbtt1dPgfM9NWaS6jENRXYDQ8LhsEJJpoGR4-WW9ZxGPfHi560ngnq2krGlAoS7xdDepmDmsiXdYqOxrxhELPFPW2yKaVjPN3zFpU2W_4Ac6yFcCejNUusj25LDx20RxPnSlrxhx4XOeerLceRbrYXIS3MiG4KrbJTDMLjSIucrGNi-epNDNTJrQEWFORy0DVLe-ApEB3MDA
IP 142.250.74.2:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20230111&jk=983952758395918&bg=!b2ylbCjNAAYDMoyoIzI7ACkAdvg8WkE_WgYHDF1zBvoMcJdK44kLy3TBzL-m98XIJ2b7E8wNEP68RgIAAAEGUgAAAARoAQcKAQYiDej363yO1RKWCqr0YIF4Sd13UpF7FWIjmn48LCNkdjG50AcTEUBWksZbM3UWb8dkRpKvtfDYwkgWazeRh5XEC5CWHhgEf80xwFk61lnDkD6NJECx2pBNyeHL0XfYHDgBrydLWjHbowl707jjK6piRxYRT75-mmUlfAdyzNqzrLMvdeq3mJjMJ4e9WHPpPNWJkJK9aPvpD4JCrIouJiJkzxRVh_UDmdRqVRFpUya0-VU63dkbdslyvU_bNUq5-NtIfmgm8QfZ1oDW_ABfWm9eIGdtWPBVM4iX38qsXgfSn3Ixj1vHTjiPoJmW2c1m7YUzfz6iRWyMQZlqmKBfvepH8iTOCWlcmQKAt6W0vxocgmyA3ZBB6AQwIpul__PFWneHDQmQLjugST2NH6id6nL6JYtddUSKFGIRONeQSHg-CSBAVRqfqKv2QGSYn6G6qoOfi2X5_MFQwOPP0Txun17qfT55qpOQhL7sW9AFT6dJTl0M5JQGOVHARiA4u1LpGDFBIfpkF6hjdn2vnDyCzuldojG4fuhtsEmI7ez145zAB5sfU5e7O1Q3yYqEZafTcSUAkK1fvEM0k5qtawI-0-oZoJ_Q5p5j7OVL-5OgjVYa5T7_uQ7oT3RZBgL6x1dUy01S2kI1dD8CZdpz10IVBc5czxZ2j8pku3zXuP-N9UDqBn4z6vNKnuRqjE_ahTtSzxpeEbiu_5Y9nStongAtcbHpVc5G_18feKEogAkN8XCX_AddqeDfDBy21ZkA28OqqMHejbqBpHXn1Pgf3zVYpZxPar7sJ3npf9lpZPWE6UJqwPgWasLuHEDd5nV65Gg5Sw1L9b0vHPQoC1frvfYTdyod5Ro7eeW_mZ5efNynF5t65kS3X42KWHLtbVKER4ajyf1gr5m7_5_x25QXjBD5J7bYduvLXvWKeyRudV-tYqkYBXhrb1F7ZKhWRFj3BVfSFBrONWxtYoYRc_ME3Lc53Yfj561ZkLIKs5K7MJvY_tMfAGpbtt1dPgfM9NWaS6jENRXYDQ8LhsEJJpoGR4-WW9ZxGPfHi560ngnq2krGlAoS7xdDepmDmsiXdYqOxrxhELPFPW2yKaVjPN3zFpU2W_4Ac6yFcCejNUusj25LDx20RxPnSlrxhx4XOeerLceRbrYXIS3MiG4KrbJTDMLjSIucrGNi-epNDNTJrQEWFORy0DVLe-ApEB3MDA HTTP/1.1
Host: pagead2.googlesyndication.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://goo.su/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Sun, 15 Jan 2023 18:42:51 GMT
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
an.yandex.ru/rtbcount/1MF3AM-O0V0100000000U9nJr99jkthny8D6msa7VvYrPgxvPwdbUIIP0GWyOIAX_HnzhB5SCoGPKXc1ufdJ3jxH1ecNiW1vjUL0efKHH7Q2P860YM4cOnYKlP1n6eJ1i9BH4ihQotZFaPFXA9X_bf4PI5vb12c_oyWWmy3mbt4M4mF3N2QGo5gcA90Qflz0y8f9G49186VQGGO6erLPLmC_iJByPGAve9MP5KZsCYi2oQdC86rpcTb05Z8pCIY0x6FPo7nTyuv7KkW6fPFCMZTjxSIjwrslWbNU1PC_cHsS-27EPRduwWoOjOBb6jC6blymmBW3YNq0YNsJ1UAf3_OFMVmkH7nkRhbX_vO5vBK5hBmdMRbcS86bBx0sB6XWkScgyVH6mCyvDHbVMK6wEzWQM6QmNJaSl82jUy_c3Qr_p-mlMya6C-O0cyS9DkP7RBpUNfPM9cvcBf7UdcdcBzbW5lw4ioQo9xBeVrYoz9tzB7OsSmDJSsEB3UnCEzXvJh2BFs1llzMqSzAd3OkvVx3p003NLASc
77.88.21.90200 OK 58 kB URL HTTP/2 an.yandex.ru/rtbcount/1MF3AM-O0V0100000000U9nJr99jkthny8D6msa7VvYrPgxvPwdbUIIP0GWyOIAX_HnzhB5SCoGPKXc1ufdJ3jxH1ecNiW1vjUL0efKHH7Q2P860YM4cOnYKlP1n6eJ1i9BH4ihQotZFaPFXA9X_bf4PI5vb12c_oyWWmy3mbt4M4mF3N2QGo5gcA90Qflz0y8f9G49186VQGGO6erLPLmC_iJByPGAve9MP5KZsCYi2oQdC86rpcTb05Z8pCIY0x6FPo7nTyuv7KkW6fPFCMZTjxSIjwrslWbNU1PC_cHsS-27EPRduwWoOjOBb6jC6blymmBW3YNq0YNsJ1UAf3_OFMVmkH7nkRhbX_vO5vBK5hBmdMRbcS86bBx0sB6XWkScgyVH6mCyvDHbVMK6wEzWQM6QmNJaSl82jUy_c3Qr_p-mlMya6C-O0cyS9DkP7RBpUNfPM9cvcBf7UdcdcBzbW5lw4ioQo9xBeVrYoz9tzB7OsSmDJSsEB3UnCEzXvJh2BFs1llzMqSzAd3OkvVx3p003NLASc
IP 77.88.21.90:0
Hash bc5e210539d0796572b2a0f37bc6614f
5f4e582090f3afb93157b4c748bf28788fb39a23
6b19117318fa6abc11b205ac4f5caec07a2cc3b831b5799b46df04866b56a968
GET /rtbcount/1MF3AM-O0V0100000000U9nJr99jkthny8D6msa7VvYrPgxvPwdbUIIP0GWyOIAX_HnzhB5SCoGPKXc1ufdJ3jxH1ecNiW1vjUL0efKHH7Q2P860YM4cOnYKlP1n6eJ1i9BH4ihQotZFaPFXA9X_bf4PI5vb12c_oyWWmy3mbt4M4mF3N2QGo5gcA90Qflz0y8f9G49186VQGGO6erLPLmC_iJByPGAve9MP5KZsCYi2oQdC86rpcTb05Z8pCIY0x6FPo7nTyuv7KkW6fPFCMZTjxSIjwrslWbNU1PC_cHsS-27EPRduwWoOjOBb6jC6blymmBW3YNq0YNsJ1UAf3_OFMVmkH7nkRhbX_vO5vBK5hBmdMRbcS86bBx0sB6XWkScgyVH6mCyvDHbVMK6wEzWQM6QmNJaSl82jUy_c3Qr_p-mlMya6C-O0cyS9DkP7RBpUNfPM9cvcBf7UdcdcBzbW5lw4ioQo9xBeVrYoz9tzB7OsSmDJSsEB3UnCEzXvJh2BFs1llzMqSzAd3OkvVx3p003NLASc HTTP/1.1
Host: an.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Origin: https://goo.su
Connection: keep-alive
Referer: https://goo.su/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
timing-allow-origin: *
date: Sun, 15 Jan 2023 18:42:50 GMT
access-control-allow-origin: https://goo.su
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Sun, 15 Jan 2023 18:42:50 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
last-modified: Sun, 15 Jan 2023 18:42:50 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: image/gif
content-encoding: gzip
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 853ee2aeb05bcbb1a71031f4d7e313da
7fb47987dfc643930c2fbd1aa3eab9360d586654
80c98dbbd69a11b7efdb336367460a5bb0cfcdfb0352bb1da6f204d1db57ca53
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 15 Jan 2023 18:42:51 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 853ee2aeb05bcbb1a71031f4d7e313da
7fb47987dfc643930c2fbd1aa3eab9360d586654
80c98dbbd69a11b7efdb336367460a5bb0cfcdfb0352bb1da6f204d1db57ca53
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 15 Jan 2023 18:42:51 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
an.yandex.ru/rtbcount/1IW3LToN0V0100000000U9nJrBovqwtgehILuRI31QBncMl-MMfw7abc009Fc4ZecmjNicEvPaWof382nJEd7QnX1ucNCWDvjUL0efKHH7Q2P860YM4cumaeUo7Z9GY3OILZ09Irb_75MdQ6es3-MKQG8LSPGShlCZB8C33yPPp5nC0mbmaaifOf2gI6wJyGl68IS3UUks_QGGQ6LGg9LmC_iJByPM81MSxC2YHxcHM1v5HcaBQvp6mW2vcP61H0zh5iPBwkUSSZANI3qabcJTOG8MlLMq5NmIhlWicVp0vE_13difnwTGRCMi5oWda3otyOODo1n3w0nBx90l7K1_k7B7uN8ZutjzomVyi2yje2LjwJhBcId63f2wmD3GqiDrardju8-3cd9kChAqXt1ri3omosAuU35x1rxzcyeVNlcVrbAzbWnXnWypZ1nlo8ZTVRoz8g8ot4CTBRCyty9HlCmfzmraJsH1Rz3qkMlhEVnSvcRc1gRconWPrf1plF2NRn1-pjjvfsJlgqOJ7t3tOU0Epufyu0
77.88.21.90200 OK 522 B URL HTTP/2 an.yandex.ru/rtbcount/1IW3LToN0V0100000000U9nJrBovqwtgehILuRI31QBncMl-MMfw7abc009Fc4ZecmjNicEvPaWof382nJEd7QnX1ucNCWDvjUL0efKHH7Q2P860YM4cumaeUo7Z9GY3OILZ09Irb_75MdQ6es3-MKQG8LSPGShlCZB8C33yPPp5nC0mbmaaifOf2gI6wJyGl68IS3UUks_QGGQ6LGg9LmC_iJByPM81MSxC2YHxcHM1v5HcaBQvp6mW2vcP61H0zh5iPBwkUSSZANI3qabcJTOG8MlLMq5NmIhlWicVp0vE_13difnwTGRCMi5oWda3otyOODo1n3w0nBx90l7K1_k7B7uN8ZutjzomVyi2yje2LjwJhBcId63f2wmD3GqiDrardju8-3cd9kChAqXt1ri3omosAuU35x1rxzcyeVNlcVrbAzbWnXnWypZ1nlo8ZTVRoz8g8ot4CTBRCyty9HlCmfzmraJsH1Rz3qkMlhEVnSvcRc1gRconWPrf1plF2NRn1-pjjvfsJlgqOJ7t3tOU0Epufyu0
IP 77.88.21.90:0
Hash 09cac0c29982e08dc94ed75c36e82fbf
3a7b1e1b8be031bb25b7d3bd168cd54bfd7a6dbe
70b5bee951b069faf66acff3e45f955fc4a6843389251c981bac7e7dd9c4d229
GET /rtbcount/1IW3LToN0V0100000000U9nJrBovqwtgehILuRI31QBncMl-MMfw7abc009Fc4ZecmjNicEvPaWof382nJEd7QnX1ucNCWDvjUL0efKHH7Q2P860YM4cumaeUo7Z9GY3OILZ09Irb_75MdQ6es3-MKQG8LSPGShlCZB8C33yPPp5nC0mbmaaifOf2gI6wJyGl68IS3UUks_QGGQ6LGg9LmC_iJByPM81MSxC2YHxcHM1v5HcaBQvp6mW2vcP61H0zh5iPBwkUSSZANI3qabcJTOG8MlLMq5NmIhlWicVp0vE_13difnwTGRCMi5oWda3otyOODo1n3w0nBx90l7K1_k7B7uN8ZutjzomVyi2yje2LjwJhBcId63f2wmD3GqiDrardju8-3cd9kChAqXt1ri3omosAuU35x1rxzcyeVNlcVrbAzbWnXnWypZ1nlo8ZTVRoz8g8ot4CTBRCyty9HlCmfzmraJsH1Rz3qkMlhEVnSvcRc1gRconWPrf1plF2NRn1-pjjvfsJlgqOJ7t3tOU0Epufyu0 HTTP/1.1
Host: an.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Origin: https://goo.su
Connection: keep-alive
Referer: https://goo.su/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
timing-allow-origin: *
date: Sun, 15 Jan 2023 18:42:50 GMT
access-control-allow-origin: https://goo.su
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Sun, 15 Jan 2023 18:42:50 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
last-modified: Sun, 15 Jan 2023 18:42:50 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: image/gif
content-encoding: gzip
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 853ee2aeb05bcbb1a71031f4d7e313da
7fb47987dfc643930c2fbd1aa3eab9360d586654
80c98dbbd69a11b7efdb336367460a5bb0cfcdfb0352bb1da6f204d1db57ca53
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 15 Jan 2023 18:42:51 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.googleadservices.com/pagead/conversion/1014923426/?label=eA9lCJXGrmMQooH64wM&value=0&script=0
142.250.74.162302 Found 42 B URL HTTP/2 www.googleadservices.com/pagead/conversion/1014923426/?label=eA9lCJXGrmMQooH64wM&value=0&script=0
IP 142.250.74.162:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pagead/conversion/1014923426/?label=eA9lCJXGrmMQooH64wM&value=0&script=0 HTTP/1.1
Host: www.googleadservices.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://yastatic.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sun, 15 Jan 2023 18:42:51 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: image/gif
location: https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1014923426/?label=eA9lCJXGrmMQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=K0nEY579OeOQ-cAPn66V6A8&random=278767551&sscte=1&crd=
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.googleadservices.com/pagead/conversion_async.js
142.250.74.162200 OK 15 kB URL HTTP/2 www.googleadservices.com/pagead/conversion_async.js
IP 142.250.74.162:0
File type ASCII text, with very long lines (1654)
Hash 57d846f4595d22590eafe49556e63c61
7732ded8fd65c4c5e0ffde75391f73a715cfc473
24050742b331538f073a4eb776c497b96e651a95e65dc297d5f8a5a3af60c802
GET /pagead/conversion_async.js HTTP/1.1
Host: www.googleadservices.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://yastatic.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Sun, 15 Jan 2023 18:42:51 GMT
expires: Sun, 15 Jan 2023 18:42:51 GMT
cache-control: private, max-age=3600
content-type: text/javascript; charset=UTF-8
etag: 15007264592431658177
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 15155
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.googleadservices.com/pagead/conversion/1014923426/?label=uXlUCLqxpmMQooH64wM&value=0&script=0
142.250.74.162302 Found 42 B URL HTTP/2 www.googleadservices.com/pagead/conversion/1014923426/?label=uXlUCLqxpmMQooH64wM&value=0&script=0
IP 142.250.74.162:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pagead/conversion/1014923426/?label=uXlUCLqxpmMQooH64wM&value=0&script=0 HTTP/1.1
Host: www.googleadservices.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://yastatic.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sun, 15 Jan 2023 18:42:51 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: image/gif
location: https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1014923426/?label=uXlUCLqxpmMQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=K0nEY6WAO4rAZuOrtdAF&random=415047626&sscte=1&crd=
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
mc.yandex.ru/metrika/advert.gif
93.158.134.119200 OK 43 B URL HTTP/2 mc.yandex.ru/metrika/advert.gif
IP 93.158.134.119:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash df3e567d6f16d040326c7a0ea29a4f41
ea7df583983133b62712b5e73bffbcd45cc53736
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
GET /metrika/advert.gif HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://yastatic.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 43
date: Sun, 15 Jan 2023 18:42:52 GMT
access-control-allow-origin: *
etag: "63bfb9f8-2b"
expires: Sun, 15 Jan 2023 19:42:52 GMT
accept-ranges: bytes
last-modified: Thu, 12 Jan 2023 10:42:48 GMT
cache-control: max-age=3600
content-type: image/gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
yastatic.net/q/set/s/rsya-tag-users/bundle.js
178.154.131.217200 OK 37 kB URL HTTP/2 yastatic.net/q/set/s/rsya-tag-users/bundle.js
IP 178.154.131.217:0
File type ASCII text, with very long lines (65536), with no line terminators
Hash 0b4b0834c1fa6be5c7949e526364f87a
1fb2ecb6c3e70bbf3dc2dfe95f240dfaa2b28b35
01e04afd31645cd28117b1bffad411d530e2b10e8e6e16b1d4b1e3d64d34b82e
GET /q/set/s/rsya-tag-users/bundle.js HTTP/1.1
Host: yastatic.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://yastatic.net/safeframe-bundles/0.83/1-1-0/render.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx/1.17.9
date: Sun, 15 Jan 2023 18:42:51 GMT
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31556952
content-encoding: br
etag: W/"82bdc8db563d3e71c35534315f8a9fd5"
expires: Wed, 18 Jan 2023 06:41:56 GMT
last-modified: Fri, 29 Oct 2021 11:19:01 GMT
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
strict-transport-security: max-age=43200000; includeSubDomains;
timing-allow-origin: *
vary: Accept-Encoding
x-nginx-request-id: 1a881674e0030fd1
X-Firefox-Spdy: h2
www.google.no/pagead/1p-user-list/693627671/?random=1673808172322&cv=9&fst=1673805600000&num=1&guid=ON&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&sendb=1&data=extensions%3D%3BfromGoogle%3Dfalse%3BfromCancel%3Dfalse%3Bloyal%3D0%3Bsbscrb%3D%3Bp%3D%3Bb%3D%3Bfresh%3D%3Binfected%3D%3Bslow%3D%3Bos%3Dwindows%3Bbrowser%3Dfirefox%3Bwinxp%3Dfalse%3Bold%3Dactual&frm=2&url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.83%2F1-1-0%2Frender.html&ref=https%3A%2F%2Fgoo.su%2F&async=1&fmt=3&is_vtc=1&random=1103383976&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
142.250.74.163200 OK 42 B URL HTTP/2 www.google.no/pagead/1p-user-list/693627671/?random=1673808172322&cv=9&fst=1673805600000&num=1&guid=ON&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&sendb=1&data=extensions%3D%3BfromGoogle%3Dfalse%3BfromCancel%3Dfalse%3Bloyal%3D0%3Bsbscrb%3D%3Bp%3D%3Bb%3D%3Bfresh%3D%3Binfected%3D%3Bslow%3D%3Bos%3Dwindows%3Bbrowser%3Dfirefox%3Bwinxp%3Dfalse%3Bold%3Dactual&frm=2&url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.83%2F1-1-0%2Frender.html&ref=https%3A%2F%2Fgoo.su%2F&async=1&fmt=3&is_vtc=1&random=1103383976&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
IP 142.250.74.163:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pagead/1p-user-list/693627671/?random=1673808172322&cv=9&fst=1673805600000&num=1&guid=ON&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&sendb=1&data=extensions%3D%3BfromGoogle%3Dfalse%3BfromCancel%3Dfalse%3Bloyal%3D0%3Bsbscrb%3D%3Bp%3D%3Bb%3D%3Bfresh%3D%3Binfected%3D%3Bslow%3D%3Bos%3Dwindows%3Bbrowser%3Dfirefox%3Bwinxp%3Dfalse%3Bold%3Dactual&frm=2&url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.83%2F1-1-0%2Frender.html&ref=https%3A%2F%2Fgoo.su%2F&async=1&fmt=3&is_vtc=1&random=1103383976&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://yastatic.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sun, 15 Jan 2023 18:42:52 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.google.no/pagead/1p-user-list/947884341/?random=1673808172328&cv=9&fst=1673805600000&num=1&guid=ON&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&sendb=1&data=extensions%3D%3BfromGoogle%3Dfalse%3BfromCancel%3Dfalse%3Bloyal%3D0%3Bsbscrb%3D%3Bp%3D%3Bb%3D%3Bfresh%3D%3Binfected%3D%3Bslow%3D%3Bos%3Dwindows%3Bbrowser%3Dfirefox%3Bwinxp%3Dfalse%3Bold%3Dactual&frm=2&url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.83%2F1-1-0%2Frender.html&ref=https%3A%2F%2Fgoo.su%2F&async=1&fmt=3&is_vtc=1&random=1650152941&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
142.250.74.163200 OK 42 B URL HTTP/2 www.google.no/pagead/1p-user-list/947884341/?random=1673808172328&cv=9&fst=1673805600000&num=1&guid=ON&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&sendb=1&data=extensions%3D%3BfromGoogle%3Dfalse%3BfromCancel%3Dfalse%3Bloyal%3D0%3Bsbscrb%3D%3Bp%3D%3Bb%3D%3Bfresh%3D%3Binfected%3D%3Bslow%3D%3Bos%3Dwindows%3Bbrowser%3Dfirefox%3Bwinxp%3Dfalse%3Bold%3Dactual&frm=2&url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.83%2F1-1-0%2Frender.html&ref=https%3A%2F%2Fgoo.su%2F&async=1&fmt=3&is_vtc=1&random=1650152941&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
IP 142.250.74.163:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pagead/1p-user-list/947884341/?random=1673808172328&cv=9&fst=1673805600000&num=1&guid=ON&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&sendb=1&data=extensions%3D%3BfromGoogle%3Dfalse%3BfromCancel%3Dfalse%3Bloyal%3D0%3Bsbscrb%3D%3Bp%3D%3Bb%3D%3Bfresh%3D%3Binfected%3D%3Bslow%3D%3Bos%3Dwindows%3Bbrowser%3Dfirefox%3Bwinxp%3Dfalse%3Bold%3Dactual&frm=2&url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.83%2F1-1-0%2Frender.html&ref=https%3A%2F%2Fgoo.su%2F&async=1&fmt=3&is_vtc=1&random=1650152941&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://yastatic.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sun, 15 Jan 2023 18:42:52 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.google.no/pagead/1p-user-list/947884341/?random=1673808172317&cv=9&fst=1673805600000&num=1&guid=ON&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&sendb=1&data=extensions%3D%3BfromGoogle%3Dfalse%3BfromCancel%3Dfalse%3Bloyal%3D0%3Bsbscrb%3D%3Bp%3D%3Bb%3D%3Bfresh%3D%3Binfected%3D%3Bslow%3D%3Bos%3Dwindows%3Bbrowser%3Dfirefox%3Bwinxp%3Dfalse%3Bold%3Dactual&frm=2&url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.83%2F1-1-0%2Frender.html&ref=https%3A%2F%2Fgoo.su%2F&async=1&fmt=3&is_vtc=1&random=2637285211&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
142.250.74.163200 OK 42 B URL HTTP/2 www.google.no/pagead/1p-user-list/947884341/?random=1673808172317&cv=9&fst=1673805600000&num=1&guid=ON&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&sendb=1&data=extensions%3D%3BfromGoogle%3Dfalse%3BfromCancel%3Dfalse%3Bloyal%3D0%3Bsbscrb%3D%3Bp%3D%3Bb%3D%3Bfresh%3D%3Binfected%3D%3Bslow%3D%3Bos%3Dwindows%3Bbrowser%3Dfirefox%3Bwinxp%3Dfalse%3Bold%3Dactual&frm=2&url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.83%2F1-1-0%2Frender.html&ref=https%3A%2F%2Fgoo.su%2F&async=1&fmt=3&is_vtc=1&random=2637285211&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
IP 142.250.74.163:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pagead/1p-user-list/947884341/?random=1673808172317&cv=9&fst=1673805600000&num=1&guid=ON&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&sendb=1&data=extensions%3D%3BfromGoogle%3Dfalse%3BfromCancel%3Dfalse%3Bloyal%3D0%3Bsbscrb%3D%3Bp%3D%3Bb%3D%3Bfresh%3D%3Binfected%3D%3Bslow%3D%3Bos%3Dwindows%3Bbrowser%3Dfirefox%3Bwinxp%3Dfalse%3Bold%3Dactual&frm=2&url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.83%2F1-1-0%2Frender.html&ref=https%3A%2F%2Fgoo.su%2F&async=1&fmt=3&is_vtc=1&random=2637285211&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://yastatic.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sun, 15 Jan 2023 18:42:52 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
mc.yandex.ru/watch/3/1?wmode=7&page-url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.83%2F1-1-0%2Frender.html&page-ref=https%3A%2F%2Fgoo.su%2F&charset=utf-8&browser-info=pv%3A1%3Avf%3A3kqlg6e9sjiwxr6f2njdv%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A953%3Acn%3A1%3Adp%3A0%3Als%3A841308765836%3Ahid%3A863730191%3Az%3A0%3Ai%3A20230115184252%3Aet%3A1673808172%3Arn%3A426705018%3Arqn%3A1%3Au%3A1673808172711878099%3Aw%3A1x1%3As%3A1280x1024x24%3Ask%3A1%3Aifr%3A1%3Ads%3A0%2C0%2C15%2C1%2C1%2C0%2C%2C45%2C1%2C65%2C65%2C0%2C63%3Aco%3A0%3Ans%3A1673808170151%3Ast%3A1673808172&t=clc%280-0-0%29rqnt%281%29aw%281%29ti%282%29
93.158.134.119200 OK 236 B URL HTTP/2 mc.yandex.ru/watch/3/1?wmode=7&page-url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.83%2F1-1-0%2Frender.html&page-ref=https%3A%2F%2Fgoo.su%2F&charset=utf-8&browser-info=pv%3A1%3Avf%3A3kqlg6e9sjiwxr6f2njdv%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A953%3Acn%3A1%3Adp%3A0%3Als%3A841308765836%3Ahid%3A863730191%3Az%3A0%3Ai%3A20230115184252%3Aet%3A1673808172%3Arn%3A426705018%3Arqn%3A1%3Au%3A1673808172711878099%3Aw%3A1x1%3As%3A1280x1024x24%3Ask%3A1%3Aifr%3A1%3Ads%3A0%2C0%2C15%2C1%2C1%2C0%2C%2C45%2C1%2C65%2C65%2C0%2C63%3Aco%3A0%3Ans%3A1673808170151%3Ast%3A1673808172&t=clc%280-0-0%29rqnt%281%29aw%281%29ti%282%29
IP 93.158.134.119:0
File type JSON data\012- , ASCII text, with no line terminators
Hash ac7dd20eb6c1e7ec17a6bf4a82e6b13b
ada4d7432035b55e303293acbbf4d9fd7e007403
94d4354a2756f8ff6c19d8961358457ae30b05b8b9f31f30c0f175c27bf1a8b3
GET /watch/3/1?wmode=7&page-url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.83%2F1-1-0%2Frender.html&page-ref=https%3A%2F%2Fgoo.su%2F&charset=utf-8&browser-info=pv%3A1%3Avf%3A3kqlg6e9sjiwxr6f2njdv%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A953%3Acn%3A1%3Adp%3A0%3Als%3A841308765836%3Ahid%3A863730191%3Az%3A0%3Ai%3A20230115184252%3Aet%3A1673808172%3Arn%3A426705018%3Arqn%3A1%3Au%3A1673808172711878099%3Aw%3A1x1%3As%3A1280x1024x24%3Ask%3A1%3Aifr%3A1%3Ads%3A0%2C0%2C15%2C1%2C1%2C0%2C%2C45%2C1%2C65%2C65%2C0%2C63%3Aco%3A0%3Ans%3A1673808170151%3Ast%3A1673808172&t=clc%280-0-0%29rqnt%281%29aw%281%29ti%282%29 HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://yastatic.net
Referer: https://yastatic.net/
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 236
date: Sun, 15 Jan 2023 18:42:52 GMT
x-content-type-options: nosniff
access-control-allow-origin: https://yastatic.net
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Sun, 15-Jan-2023 18:42:52 GMT
last-modified: Sun, 15-Jan-2023 18:42:52 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: application/json; charset=utf-8
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
mc.yandex.ru/watch/3?wmode=7&page-url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.83%2F1-1-0%2Frender.html&page-ref=https%3A%2F%2Fgoo.su%2F&charset=utf-8&browser-info=pv%3A1%3Avf%3A3kqlg6e9sjiwxr6f2njdv%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A953%3Acn%3A1%3Adp%3A0%3Als%3A841308765836%3Ahid%3A863730191%3Az%3A0%3Ai%3A20230115184252%3Aet%3A1673808172%3Arn%3A426705018%3Arqn%3A1%3Au%3A1673808172711878099%3Aw%3A1x1%3As%3A1280x1024x24%3Ask%3A1%3Aifr%3A1%3Ads%3A0%2C0%2C15%2C1%2C1%2C0%2C%2C45%2C1%2C65%2C65%2C0%2C63%3Aco%3A0%3Ans%3A1673808170151%3Ast%3A1673808172&t=clc(0-0-0)rqnt(1)aw(1)ti(2)
93.158.134.119302 Found 42 B URL HTTP/2 mc.yandex.ru/watch/3?wmode=7&page-url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.83%2F1-1-0%2Frender.html&page-ref=https%3A%2F%2Fgoo.su%2F&charset=utf-8&browser-info=pv%3A1%3Avf%3A3kqlg6e9sjiwxr6f2njdv%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A953%3Acn%3A1%3Adp%3A0%3Als%3A841308765836%3Ahid%3A863730191%3Az%3A0%3Ai%3A20230115184252%3Aet%3A1673808172%3Arn%3A426705018%3Arqn%3A1%3Au%3A1673808172711878099%3Aw%3A1x1%3As%3A1280x1024x24%3Ask%3A1%3Aifr%3A1%3Ads%3A0%2C0%2C15%2C1%2C1%2C0%2C%2C45%2C1%2C65%2C65%2C0%2C63%3Aco%3A0%3Ans%3A1673808170151%3Ast%3A1673808172&t=clc(0-0-0)rqnt(1)aw(1)ti(2)
IP 93.158.134.119:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /watch/3?wmode=7&page-url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.83%2F1-1-0%2Frender.html&page-ref=https%3A%2F%2Fgoo.su%2F&charset=utf-8&browser-info=pv%3A1%3Avf%3A3kqlg6e9sjiwxr6f2njdv%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A953%3Acn%3A1%3Adp%3A0%3Als%3A841308765836%3Ahid%3A863730191%3Az%3A0%3Ai%3A20230115184252%3Aet%3A1673808172%3Arn%3A426705018%3Arqn%3A1%3Au%3A1673808172711878099%3Aw%3A1x1%3As%3A1280x1024x24%3Ask%3A1%3Aifr%3A1%3Ads%3A0%2C0%2C15%2C1%2C1%2C0%2C%2C45%2C1%2C65%2C65%2C0%2C63%3Aco%3A0%3Ans%3A1673808170151%3Ast%3A1673808172&t=clc(0-0-0)rqnt(1)aw(1)ti(2) HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://yastatic.net
Connection: keep-alive
Referer: https://yastatic.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
location: /watch/3/1?wmode=7&page-url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.83%2F1-1-0%2Frender.html&page-ref=https%3A%2F%2Fgoo.su%2F&charset=utf-8&browser-info=pv%3A1%3Avf%3A3kqlg6e9sjiwxr6f2njdv%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A953%3Acn%3A1%3Adp%3A0%3Als%3A841308765836%3Ahid%3A863730191%3Az%3A0%3Ai%3A20230115184252%3Aet%3A1673808172%3Arn%3A426705018%3Arqn%3A1%3Au%3A1673808172711878099%3Aw%3A1x1%3As%3A1280x1024x24%3Ask%3A1%3Aifr%3A1%3Ads%3A0%2C0%2C15%2C1%2C1%2C0%2C%2C45%2C1%2C65%2C65%2C0%2C63%3Aco%3A0%3Ans%3A1673808170151%3Ast%3A1673808172&t=clc%280-0-0%29rqnt%281%29aw%281%29ti%282%29
date: Sun, 15 Jan 2023 18:42:52 GMT
access-control-allow-origin: https://yastatic.net
set-cookie: yabs-sid=666654601673808172; Path=/; SameSite=None; Secure
i=0wfssPNU1OY5OccO406OmmCZw9R1LSoVn6YO7tqdCQA3QlQRUWwX+8/UkA7KjW3XWKQQBhfnmqKkzUI0GpvGOlVVd/E=; Expires=Wed, 12-Jan-2033 18:42:45 GMT; Domain=.yandex.ru; Path=/; Secure; HttpOnly; SameSite=None
yandexuid=3921126191673808172; Expires=Mon, 15-Jan-2024 18:42:52 GMT; Domain=.yandex.ru; Path=/; SameSite=None; Secure
yuidss=3921126191673808172; Expires=Mon, 15-Jan-2024 18:42:52 GMT; Domain=.yandex.ru; Path=/; SameSite=None; Secure
ymex=1705344172.yc.1673808172#1705344172.yrts.1673808172#1705344172.yrtsi.1673808172; Expires=Mon, 15-Jan-2024 18:42:52 GMT; Domain=.yandex.ru; Path=/; SameSite=None; Secure
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Sun, 15-Jan-2023 18:42:52 GMT
last-modified: Sun, 15-Jan-2023 18:42:52 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
www.google.no/pagead/1p-user-list/1014923426/?label=eA9lCJXGrmMQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&random=278767551&crd=&is_vtc=1&random=1509373993&ipr=y
142.250.74.163200 OK 42 B URL HTTP/2 www.google.no/pagead/1p-user-list/1014923426/?label=eA9lCJXGrmMQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&random=278767551&crd=&is_vtc=1&random=1509373993&ipr=y
IP 142.250.74.163:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pagead/1p-user-list/1014923426/?label=eA9lCJXGrmMQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&random=278767551&crd=&is_vtc=1&random=1509373993&ipr=y HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://yastatic.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sun, 15 Jan 2023 18:42:52 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.google.no/pagead/1p-user-list/1014923426/?label=uXlUCLqxpmMQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&random=415047626&crd=&is_vtc=1&random=171573109&ipr=y
142.250.74.163200 OK 42 B URL HTTP/2 www.google.no/pagead/1p-user-list/1014923426/?label=uXlUCLqxpmMQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&random=415047626&crd=&is_vtc=1&random=171573109&ipr=y
IP 142.250.74.163:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pagead/1p-user-list/1014923426/?label=uXlUCLqxpmMQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&random=415047626&crd=&is_vtc=1&random=171573109&ipr=y HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://yastatic.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sun, 15 Jan 2023 18:42:52 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
goo.su/z4lUTHq/
172.67.139.105200 OK 0 B IP 172.67.139.105:0
GET /z4lUTHq/ HTTP/1.1
Host: goo.su
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
date: Sun, 15 Jan 2023 18:42:47 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
x-powered-by: PHP/8.0.15
cache-control: private, must-revalidate
pragma: no-cache
expires: -1
set-cookie: XSRF-TOKEN=eyJpdiI6IjJ5T2REOWloNjBDYzZKVVAyckZuVGc9PSIsInZhbHVlIjoiVXY0WjVkZ1V4VjdoUlJEeUNhTWZjZ2hHS2dmTC9INitteWxUaGxvYjROcnJ3dVZpdnhWUVVxYkpJV1ZDSUNZTGdZVytEOEFMc3huYVhHOFJJVDlnK0VZWWlqSTBqZ0pNdkl0NEFKK2hRMWdaQ2tmSTFMRU83amJ0VW9ER1dwK2IiLCJtYWMiOiJjMGM3MzVhNTUzMTJjZGVjN2UxNzk3Y2I5ZjYzMzQxMmE5Y2ZjYWQ0YmIyMWYyZGE1MjQ3NGUxMjZlZDM3M2Q5IiwidGFnIjoiIn0%3D; expires=Mon, 16-Jan-2023 13:22:47 GMT; Max-Age=67200; path=/; samesite=lax
goosu_session=eyJpdiI6IlR5UDR3QUR1b0NKYkRESVJtZEZ5V2c9PSIsInZhbHVlIjoiMlJvVzk3QTlCUk82VzNMbEtLYTlvZDQweGhhUVQzLzJ0OXBHSlhTeU9ENGZ5NkJxN2V6eGE3WGFyYW1OWGsrWjhsd0ZtbVl5K0pJYmRzSjlRamVPczk1S0NHdkY5R045d0Q2cVZjbERTZCtWbFdERXJhRUtzWlFSY1BLSFhTMzciLCJtYWMiOiI4ZDdhODU0Yzk2YWY5ZTczYzY3ZmUwZTc4MjRlNTgxMmFiODhlNWNhNmRkNmYxNzM0Mzk2YTUzNzY5MGUxNjJhIiwidGFnIjoiIn0%3D; expires=Mon, 16-Jan-2023 13:22:47 GMT; Max-Age=67200; path=/; httponly; samesite=lax
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2odciJhXMDcZDB%2FMAJshzFC2rrAOUwKAXWBZz%2BCFS5unqTorRBEnUEhFxtUNlY17CUlwy6QpTyXHSAVUKBMk1iozX6mLb6u4gkrAjc1KSq%2F%2BOf5dAID%2BYIo%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 78a0c0d7ae9e1c16-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Open%20Sans:400&display=swap
142.250.74.106200 OK 0 B URL HTTP/2 fonts.googleapis.com/css?family=Open%20Sans:400&display=swap
IP 142.250.74.106:0
GET /css?family=Open%20Sans:400&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://goo.su/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sun, 15 Jan 2023 18:42:48 GMT
date: Sun, 15 Jan 2023 18:42:48 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
st.top100.ru/top100/3.13.2/usability.js
81.19.89.17200 OK 0 B URL HTTP/2 st.top100.ru/top100/3.13.2/usability.js
IP 81.19.89.17:0
ASN #24638 Rambler Internet Holding LLC
GET /top100/3.13.2/usability.js HTTP/1.1
Host: st.top100.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://goo.su/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx/1.19.4
date: Sun, 15 Jan 2023 18:42:48 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Thu, 22 Dec 2022 14:27:14 GMT
x-rgw-object-type: Normal
etag: W/"fac68c3f89b4276f7d9d458dd74df21a"
x-amz-request-id: tx0000000000002a4aa1260-0063c447f0-f87fab-default
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
set-cookie: proto_uid=1CIAAChJxGMftG2XAb2V1AB=; expires=Thu, 31-Dec-37 23:55:55 GMT; domain=.rambler.ru; path=/
p3p: CP="NON DSP NID ADMa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
content-encoding: gzip
X-Firefox-Spdy: h2
an.yandex.ru/meta/1677322?target-ref=https%3A%2F%2Fgoo.su%2Fz4lUTHq%2F&charset=utf-8&pcode-test-ids=657519%2C0%2C67%3B204184%2C0%2C69%3B685676%2C0%2C77%3B706294%2C0%2C82%3B704150%2C0%2C0%3B703900%2C0%2C82%3B672576%2C0%2C83&pcode-flags-map=eJytWNtu2zgQ%2FZWFn4uurpTUN0qibK4lUktKTtyiINzETQzkskjcIrtF%2F32HkmxLckIn3QWKIjE8Z4ZzOXMmPyZ0yrggqqBSklSluMKqxAIXUmVcqAVNCVeUqYQXMZ98%2BPRj8n118209%2BTBZP%2F01eTfZrh%2B39BJ%2B9SPL8%2F3Jz8%2FvJgsslSB%2F1kRWalHgUmWCFwqncmBfiZr0AZAdOKHVABCG45yMnMMPGWW0IhBfMpczXqkzWs14XSkMsVfSFB3yfRS6bwb%2FP5BxnqtS8LROKnns5m3QBCDfWJceiK4L%2BDyDUqgcxyRvoAAkxowRYa4Ocl0v6MfCyJmSc7CGfxqQ45QIVeZ4OYIaBxT6ThTtA6KsxFOiZEWT%2BVKlVGrwtMlarEubZvwcPhYkqZQkeT6AJuflEDqwnQN0LYdRMszK2vzKyA4sbw9QzQRkiwih05QpWYsFWULKoYhTRaVi0CYLnNP0BKiD%2FPBQgartEiIk5WxgiaIgtNDQNkJBW72a0S7Humq4KPum24dv656Z54Ru1M6SToKUTZlHNuPC9IygnpIQpngsCbx5VM%2B71Zeb9cDSRU7UNkdGz4FLmJoROp1VilVml57vRnZjuMQsJedK1CrlBabMyDVW4Lho7y8WfA7Bgi81FaNijC3twA%2FRsw5171WCxkZzx7ZQ2x8fCXNUVkObntEUmIIW0MZGW8%2F2On5rbLtWVzEXuqgCp7SWv70SYYl13G3AMCtneGkkKd9zgy7PaVYCOcuSM2iMihYECHRg6liWNbT1LLd9c5nwlOj%2Bl4QZmcv3fIDpWkkPsCC6d3f%2BlJ5bo7kXBM6xOcwg%2FH%2Bmhwi681cQdgHA1NaDarnW89Y5wYKpQq%2FIBRYUj97tDJz6ltVluRSUC1otVbwEriZnJRfmhKEAdbO364uO8xJpZFMfGCvsdSSwUoKBsIA5kwSqJA0s4Ueub9sD26aL5X6xljhNKZuaQTzfayNPeM0qaOVqWRLlmqP2wsDvlacQCeRJ0pjmkDWzuyhAL1oqDisxh1VywvsOo6jzirbrTwHBZhRWD9WPyHBinuYodIKgF0cH0i7miutG1bswhj2vJ6YSPM9PLEbL8dy266YCx475u9Ci1uG7StKPg3h927FM339m8m3%2FBYtdc8xIs34ESYkE2WiMz%2FYd1FrrDSxIBpwzA5EwpYnZLnQ7gm3WrCj0BAnCdnuvFCQ2UzwCjnbswSjBDhTQ1wymaUagHpq2ZSL0hpPSyETIjmyvjadnhMtSP2UKo2E2duzIH0Qyo1XzjB4YJHNecXMUbuA4AyGYlIUqSEqxAhBc0UWz5M0YkTuU10mZ%2FGeMkdZNSYZhot4ocz3fQmiQJllgUSm4IGqiwU8VyUcItXnO8cdlI0VVs6v6Vj8mX9fbi%2Bti9XC1ueu6%2Ffb%2By%2BZmLS9WN5u7q8kH5%2BdA8fpWJ2r64cDqUnGupzqH9dt38Glyu9rcvH%2F4BrH9vbq7XD%2FBz79vbldX68fBR1er2%2BaTy3%2FWd%2B3XV9832%2Fv2x9v3%2B18%2BPx%2FNQZmOst8KVa61bqNKlcxPZD6wg45xEi24OesmDWeax2kGdyBplb155IIwQtFebmaCAky%2BVK09bQbmDfbx%2FIjOjixQ5HZz2bN4682Kgsizgj0K7PpUIxRmz6GH7LHndpDMvhzHcsZMovXqqxggRJ7t7ngRZB9ck%2FBUGAzlOlarQ5u910rK43vuCC8I3eNXVFPzG6BM4cHqsNakKmFlgnqAQ3dBirHumHx9VNv7bxfXo1vLCp3xRdmulmfq2N3jJ4oDp1ZHUHC37%2BmouTBZXcQnkgKqYDDxcDiWqhLNCj8lKuBS89zW9SjwLOf6YEtV%2B8wTIGE3kC%2BBNH0%2BTO7mSd2untT1enN1vX0l3KEFk5xDLYE1WvqISabFLlypZsUKd3LgoBPYQP11nu72905VHj%2FhZWzK9LKdkxjHCm69E1Zhp9o1RXZN1ag5CUoaju39PdsVtacbBdES%2FcRfqEIt03%2FRAYinxc7Na73gVKbz8fkdWHBse8OHN58c%2BrbgElOQxUYJCemCHbiXaLvB2%2FUZbeQsKNjxfXi%2FvV4%2FDIHcyHoRaGD7sL5cP26u7l4wp%2BwPffL0m3NPMVpTJ7OazU%2BS%2FMX2ZkS8fpPPn%2F8CImMmsw%3D%3D&pcode-icookie=Rec2F4dMB94NL6%2BUS9Gn%2F03CkmiCPGago6hXHFUx%2BTgBmT9QCWMP2bAePfgdymeo0RDHtuvR40zs0p0BwGOrJlVz4zI%3D&imp-id=4&enable-flat-highlight=1&comboblock-unencoded-vast=1&test-tag=111050674405378&ad-session-id=2499591673808169431&target-id=30540971&tga-with-creatives=1&top-ancestor=https%3A%2F%2Fgoo.su&top-ancestor-undetermined=0&pcode-version=705738&pcodever=705738&flash-ver=0&available-width=145&skip-token=yabs.NzIwNTc2MDcyMTQ3MjEzODUKNzIwNTc2MDcyMTQ2MDQ2MjkKNzIwNTc2MDcxNjE0MDM0NTcKNzIwNTc2MDczNDA0MDg4MjA%3D&layout-config=%7B%22win_width%22%3A1280%2C%22win_height%22%3A939%2C%22pixel_ratio%22%3A1%2C%22bandwidth%22%3A-1%2C%22isInIframe%22%3Afalse%2C%22w%22%3A1268%2C%22h%22%3A939%2C%22width%22%3A1268%2C%22height%22%3A0%2C%22visible%22%3A1%2C%22fullscreenHeaderHeight%22%3A80%2C%22left%22%3A0%2C%22top%22%3A657%2C%22ad_no%22%3A4%2C%22darkTheme%22%3Afalse%2C%22req_no%22%3A2%7D&grab-orig-len=384&grab=eyJncmFiX3ZlcnNpb24iOjIsImlzX2FzeW5jIjoxLCJvbGRfZ3JhYl9zaXplIjo1Nn0Kgq6-kTvf80MM9dSIvWpXyDVKKJWAv3dMTrXf_RCJBARtWiSSJVXo23A4YeY8-OPWXpz1OEmSuvgwzkkG-114gvShwyVzD5l2vhdm6JALc4nLZXbCZcKiVHWVqsa84yBy4RbzMSRjYGW68Y3mfg49jQ8pQjU4-GfElzUpMZeUi6GSR07MWczGaz7RJ-eusvVSybEuT2SxZq26n1jNhkO3eH7OPuXMzjrf7LHPYkNozC2OGZnIHp3eeOAfQUXZfOVfixc0G7Xen9VvXcBDK1MqM2lNyB1g7Gi_ApI2EAhEZASpR2QA2yhMVBSQgv8%3D&uniformat=true&callback=Ya%5B8255426295414%5D
77.88.21.90200 OK 0 B URL HTTP/2 an.yandex.ru/meta/1677322?target-ref=https%3A%2F%2Fgoo.su%2Fz4lUTHq%2F&charset=utf-8&pcode-test-ids=657519%2C0%2C67%3B204184%2C0%2C69%3B685676%2C0%2C77%3B706294%2C0%2C82%3B704150%2C0%2C0%3B703900%2C0%2C82%3B672576%2C0%2C83&pcode-flags-map=eJytWNtu2zgQ%2FZWFn4uurpTUN0qibK4lUktKTtyiINzETQzkskjcIrtF%2F32HkmxLckIn3QWKIjE8Z4ZzOXMmPyZ0yrggqqBSklSluMKqxAIXUmVcqAVNCVeUqYQXMZ98%2BPRj8n118209%2BTBZP%2F01eTfZrh%2B39BJ%2B9SPL8%2F3Jz8%2FvJgsslSB%2F1kRWalHgUmWCFwqncmBfiZr0AZAdOKHVABCG45yMnMMPGWW0IhBfMpczXqkzWs14XSkMsVfSFB3yfRS6bwb%2FP5BxnqtS8LROKnns5m3QBCDfWJceiK4L%2BDyDUqgcxyRvoAAkxowRYa4Ocl0v6MfCyJmSc7CGfxqQ45QIVeZ4OYIaBxT6ThTtA6KsxFOiZEWT%2BVKlVGrwtMlarEubZvwcPhYkqZQkeT6AJuflEDqwnQN0LYdRMszK2vzKyA4sbw9QzQRkiwih05QpWYsFWULKoYhTRaVi0CYLnNP0BKiD%2FPBQgartEiIk5WxgiaIgtNDQNkJBW72a0S7Humq4KPum24dv656Z54Ru1M6SToKUTZlHNuPC9IygnpIQpngsCbx5VM%2B71Zeb9cDSRU7UNkdGz4FLmJoROp1VilVml57vRnZjuMQsJedK1CrlBabMyDVW4Lho7y8WfA7Bgi81FaNijC3twA%2FRsw5171WCxkZzx7ZQ2x8fCXNUVkObntEUmIIW0MZGW8%2F2On5rbLtWVzEXuqgCp7SWv70SYYl13G3AMCtneGkkKd9zgy7PaVYCOcuSM2iMihYECHRg6liWNbT1LLd9c5nwlOj%2Bl4QZmcv3fIDpWkkPsCC6d3f%2BlJ5bo7kXBM6xOcwg%2FH%2Bmhwi681cQdgHA1NaDarnW89Y5wYKpQq%2FIBRYUj97tDJz6ltVluRSUC1otVbwEriZnJRfmhKEAdbO364uO8xJpZFMfGCvsdSSwUoKBsIA5kwSqJA0s4Ueub9sD26aL5X6xljhNKZuaQTzfayNPeM0qaOVqWRLlmqP2wsDvlacQCeRJ0pjmkDWzuyhAL1oqDisxh1VywvsOo6jzirbrTwHBZhRWD9WPyHBinuYodIKgF0cH0i7miutG1bswhj2vJ6YSPM9PLEbL8dy266YCx475u9Ci1uG7StKPg3h927FM339m8m3%2FBYtdc8xIs34ESYkE2WiMz%2FYd1FrrDSxIBpwzA5EwpYnZLnQ7gm3WrCj0BAnCdnuvFCQ2UzwCjnbswSjBDhTQ1wymaUagHpq2ZSL0hpPSyETIjmyvjadnhMtSP2UKo2E2duzIH0Qyo1XzjB4YJHNecXMUbuA4AyGYlIUqSEqxAhBc0UWz5M0YkTuU10mZ%2FGeMkdZNSYZhot4ocz3fQmiQJllgUSm4IGqiwU8VyUcItXnO8cdlI0VVs6v6Vj8mX9fbi%2Bti9XC1ueu6%2Ffb%2By%2BZmLS9WN5u7q8kH5%2BdA8fpWJ2r64cDqUnGupzqH9dt38Glyu9rcvH%2F4BrH9vbq7XD%2FBz79vbldX68fBR1er2%2BaTy3%2FWd%2B3XV9832%2Fv2x9v3%2B18%2BPx%2FNQZmOst8KVa61bqNKlcxPZD6wg45xEi24OesmDWeax2kGdyBplb155IIwQtFebmaCAky%2BVK09bQbmDfbx%2FIjOjixQ5HZz2bN4682Kgsizgj0K7PpUIxRmz6GH7LHndpDMvhzHcsZMovXqqxggRJ7t7ngRZB9ck%2FBUGAzlOlarQ5u910rK43vuCC8I3eNXVFPzG6BM4cHqsNakKmFlgnqAQ3dBirHumHx9VNv7bxfXo1vLCp3xRdmulmfq2N3jJ4oDp1ZHUHC37%2BmouTBZXcQnkgKqYDDxcDiWqhLNCj8lKuBS89zW9SjwLOf6YEtV%2B8wTIGE3kC%2BBNH0%2BTO7mSd2untT1enN1vX0l3KEFk5xDLYE1WvqISabFLlypZsUKd3LgoBPYQP11nu72905VHj%2FhZWzK9LKdkxjHCm69E1Zhp9o1RXZN1ag5CUoaju39PdsVtacbBdES%2FcRfqEIt03%2FRAYinxc7Na73gVKbz8fkdWHBse8OHN58c%2BrbgElOQxUYJCemCHbiXaLvB2%2FUZbeQsKNjxfXi%2FvV4%2FDIHcyHoRaGD7sL5cP26u7l4wp%2BwPffL0m3NPMVpTJ7OazU%2BS%2FMX2ZkS8fpPPn%2F8CImMmsw%3D%3D&pcode-icookie=Rec2F4dMB94NL6%2BUS9Gn%2F03CkmiCPGago6hXHFUx%2BTgBmT9QCWMP2bAePfgdymeo0RDHtuvR40zs0p0BwGOrJlVz4zI%3D&imp-id=4&enable-flat-highlight=1&comboblock-unencoded-vast=1&test-tag=111050674405378&ad-session-id=2499591673808169431&target-id=30540971&tga-with-creatives=1&top-ancestor=https%3A%2F%2Fgoo.su&top-ancestor-undetermined=0&pcode-version=705738&pcodever=705738&flash-ver=0&available-width=145&skip-token=yabs.NzIwNTc2MDcyMTQ3MjEzODUKNzIwNTc2MDcyMTQ2MDQ2MjkKNzIwNTc2MDcxNjE0MDM0NTcKNzIwNTc2MDczNDA0MDg4MjA%3D&layout-config=%7B%22win_width%22%3A1280%2C%22win_height%22%3A939%2C%22pixel_ratio%22%3A1%2C%22bandwidth%22%3A-1%2C%22isInIframe%22%3Afalse%2C%22w%22%3A1268%2C%22h%22%3A939%2C%22width%22%3A1268%2C%22height%22%3A0%2C%22visible%22%3A1%2C%22fullscreenHeaderHeight%22%3A80%2C%22left%22%3A0%2C%22top%22%3A657%2C%22ad_no%22%3A4%2C%22darkTheme%22%3Afalse%2C%22req_no%22%3A2%7D&grab-orig-len=384&grab=eyJncmFiX3ZlcnNpb24iOjIsImlzX2FzeW5jIjoxLCJvbGRfZ3JhYl9zaXplIjo1Nn0Kgq6-kTvf80MM9dSIvWpXyDVKKJWAv3dMTrXf_RCJBARtWiSSJVXo23A4YeY8-OPWXpz1OEmSuvgwzkkG-114gvShwyVzD5l2vhdm6JALc4nLZXbCZcKiVHWVqsa84yBy4RbzMSRjYGW68Y3mfg49jQ8pQjU4-GfElzUpMZeUi6GSR07MWczGaz7RJ-eusvVSybEuT2SxZq26n1jNhkO3eH7OPuXMzjrf7LHPYkNozC2OGZnIHp3eeOAfQUXZfOVfixc0G7Xen9VvXcBDK1MqM2lNyB1g7Gi_ApI2EAhEZASpR2QA2yhMVBSQgv8%3D&uniformat=true&callback=Ya%5B8255426295414%5D
IP 77.88.21.90:0
GET /meta/1677322?target-ref=https%3A%2F%2Fgoo.su%2Fz4lUTHq%2F&charset=utf-8&pcode-test-ids=657519%2C0%2C67%3B204184%2C0%2C69%3B685676%2C0%2C77%3B706294%2C0%2C82%3B704150%2C0%2C0%3B703900%2C0%2C82%3B672576%2C0%2C83&pcode-flags-map=eJytWNtu2zgQ%2FZWFn4uurpTUN0qibK4lUktKTtyiINzETQzkskjcIrtF%2F32HkmxLckIn3QWKIjE8Z4ZzOXMmPyZ0yrggqqBSklSluMKqxAIXUmVcqAVNCVeUqYQXMZ98%2BPRj8n118209%2BTBZP%2F01eTfZrh%2B39BJ%2B9SPL8%2F3Jz8%2FvJgsslSB%2F1kRWalHgUmWCFwqncmBfiZr0AZAdOKHVABCG45yMnMMPGWW0IhBfMpczXqkzWs14XSkMsVfSFB3yfRS6bwb%2FP5BxnqtS8LROKnns5m3QBCDfWJceiK4L%2BDyDUqgcxyRvoAAkxowRYa4Ocl0v6MfCyJmSc7CGfxqQ45QIVeZ4OYIaBxT6ThTtA6KsxFOiZEWT%2BVKlVGrwtMlarEubZvwcPhYkqZQkeT6AJuflEDqwnQN0LYdRMszK2vzKyA4sbw9QzQRkiwih05QpWYsFWULKoYhTRaVi0CYLnNP0BKiD%2FPBQgartEiIk5WxgiaIgtNDQNkJBW72a0S7Humq4KPum24dv656Z54Ru1M6SToKUTZlHNuPC9IygnpIQpngsCbx5VM%2B71Zeb9cDSRU7UNkdGz4FLmJoROp1VilVml57vRnZjuMQsJedK1CrlBabMyDVW4Lho7y8WfA7Bgi81FaNijC3twA%2FRsw5171WCxkZzx7ZQ2x8fCXNUVkObntEUmIIW0MZGW8%2F2On5rbLtWVzEXuqgCp7SWv70SYYl13G3AMCtneGkkKd9zgy7PaVYCOcuSM2iMihYECHRg6liWNbT1LLd9c5nwlOj%2Bl4QZmcv3fIDpWkkPsCC6d3f%2BlJ5bo7kXBM6xOcwg%2FH%2Bmhwi681cQdgHA1NaDarnW89Y5wYKpQq%2FIBRYUj97tDJz6ltVluRSUC1otVbwEriZnJRfmhKEAdbO364uO8xJpZFMfGCvsdSSwUoKBsIA5kwSqJA0s4Ueub9sD26aL5X6xljhNKZuaQTzfayNPeM0qaOVqWRLlmqP2wsDvlacQCeRJ0pjmkDWzuyhAL1oqDisxh1VywvsOo6jzirbrTwHBZhRWD9WPyHBinuYodIKgF0cH0i7miutG1bswhj2vJ6YSPM9PLEbL8dy266YCx475u9Ci1uG7StKPg3h927FM339m8m3%2FBYtdc8xIs34ESYkE2WiMz%2FYd1FrrDSxIBpwzA5EwpYnZLnQ7gm3WrCj0BAnCdnuvFCQ2UzwCjnbswSjBDhTQ1wymaUagHpq2ZSL0hpPSyETIjmyvjadnhMtSP2UKo2E2duzIH0Qyo1XzjB4YJHNecXMUbuA4AyGYlIUqSEqxAhBc0UWz5M0YkTuU10mZ%2FGeMkdZNSYZhot4ocz3fQmiQJllgUSm4IGqiwU8VyUcItXnO8cdlI0VVs6v6Vj8mX9fbi%2Bti9XC1ueu6%2Ffb%2By%2BZmLS9WN5u7q8kH5%2BdA8fpWJ2r64cDqUnGupzqH9dt38Glyu9rcvH%2F4BrH9vbq7XD%2FBz79vbldX68fBR1er2%2BaTy3%2FWd%2B3XV9832%2Fv2x9v3%2B18%2BPx%2FNQZmOst8KVa61bqNKlcxPZD6wg45xEi24OesmDWeax2kGdyBplb155IIwQtFebmaCAky%2BVK09bQbmDfbx%2FIjOjixQ5HZz2bN4682Kgsizgj0K7PpUIxRmz6GH7LHndpDMvhzHcsZMovXqqxggRJ7t7ngRZB9ck%2FBUGAzlOlarQ5u910rK43vuCC8I3eNXVFPzG6BM4cHqsNakKmFlgnqAQ3dBirHumHx9VNv7bxfXo1vLCp3xRdmulmfq2N3jJ4oDp1ZHUHC37%2BmouTBZXcQnkgKqYDDxcDiWqhLNCj8lKuBS89zW9SjwLOf6YEtV%2B8wTIGE3kC%2BBNH0%2BTO7mSd2untT1enN1vX0l3KEFk5xDLYE1WvqISabFLlypZsUKd3LgoBPYQP11nu72905VHj%2FhZWzK9LKdkxjHCm69E1Zhp9o1RXZN1ag5CUoaju39PdsVtacbBdES%2FcRfqEIt03%2FRAYinxc7Na73gVKbz8fkdWHBse8OHN58c%2BrbgElOQxUYJCemCHbiXaLvB2%2FUZbeQsKNjxfXi%2FvV4%2FDIHcyHoRaGD7sL5cP26u7l4wp%2BwPffL0m3NPMVpTJ7OazU%2BS%2FMX2ZkS8fpPPn%2F8CImMmsw%3D%3D&pcode-icookie=Rec2F4dMB94NL6%2BUS9Gn%2F03CkmiCPGago6hXHFUx%2BTgBmT9QCWMP2bAePfgdymeo0RDHtuvR40zs0p0BwGOrJlVz4zI%3D&imp-id=4&enable-flat-highlight=1&comboblock-unencoded-vast=1&test-tag=111050674405378&ad-session-id=2499591673808169431&target-id=30540971&tga-with-creatives=1&top-ancestor=https%3A%2F%2Fgoo.su&top-ancestor-undetermined=0&pcode-version=705738&pcodever=705738&flash-ver=0&available-width=145&skip-token=yabs.NzIwNTc2MDcyMTQ3MjEzODUKNzIwNTc2MDcyMTQ2MDQ2MjkKNzIwNTc2MDcxNjE0MDM0NTcKNzIwNTc2MDczNDA0MDg4MjA%3D&layout-config=%7B%22win_width%22%3A1280%2C%22win_height%22%3A939%2C%22pixel_ratio%22%3A1%2C%22bandwidth%22%3A-1%2C%22isInIframe%22%3Afalse%2C%22w%22%3A1268%2C%22h%22%3A939%2C%22width%22%3A1268%2C%22height%22%3A0%2C%22visible%22%3A1%2C%22fullscreenHeaderHeight%22%3A80%2C%22left%22%3A0%2C%22top%22%3A657%2C%22ad_no%22%3A4%2C%22darkTheme%22%3Afalse%2C%22req_no%22%3A2%7D&grab-orig-len=384&grab=eyJncmFiX3ZlcnNpb24iOjIsImlzX2FzeW5jIjoxLCJvbGRfZ3JhYl9zaXplIjo1Nn0Kgq6-kTvf80MM9dSIvWpXyDVKKJWAv3dMTrXf_RCJBARtWiSSJVXo23A4YeY8-OPWXpz1OEmSuvgwzkkG-114gvShwyVzD5l2vhdm6JALc4nLZXbCZcKiVHWVqsa84yBy4RbzMSRjYGW68Y3mfg49jQ8pQjU4-GfElzUpMZeUi6GSR07MWczGaz7RJ-eusvVSybEuT2SxZq26n1jNhkO3eH7OPuXMzjrf7LHPYkNozC2OGZnIHp3eeOAfQUXZfOVfixc0G7Xen9VvXcBDK1MqM2lNyB1g7Gi_ApI2EAhEZASpR2QA2yhMVBSQgv8%3D&uniformat=true&callback=Ya%5B8255426295414%5D HTTP/1.1
Host: an.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Origin: https://goo.su
Connection: keep-alive
Referer: https://goo.su/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
uniformat: true
uniformat-product-type: Direct
content-encoding: gzip
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
access-control-allow-origin: https://goo.su
x-xss-protection: 1; mode=block
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
x-yandex-req-id: 1673808170361684-1290391234594784471100125-production-app-host-vla-pcode-345
last-modified: Sun, 15 Jan 2023 18:42:50 GMT
date: Sun, 15 Jan 2023 18:42:50 GMT
set-cookie: yabs-vdrf=A0; domain=an.yandex.ru; path=/; expires=Sun, 22-Jan-2023 18:42:50 GMT
i=1Dh8izUjkStNAVTt+otyBEuojKYWiHWjtQXFf1dMiFjN6tsWKjaISG1SZghn35COw9NwQbU2Raae5T3XbqL8FKQH3cg=; Expires=Tue, 14-Jan-2025 18:42:50 GMT; Domain=.yandex.ru; Path=/; Secure; HttpOnly; SameSite=None
content-type: application/json
pragma: no-cache
access-control-allow-credentials: true
timing-allow-origin: *
ssr: true
strict-transport-security: max-age=31536000
expires: Sun, 15 Jan 2023 18:42:50 GMT
X-Firefox-Spdy: h2
an.yandex.ru/count/WNKejI_zOEG0NGi0D1C5ZWYF_htPpWK0v04GW8200J4gISHZ000003YKuCm1Y084kGAb8RhTqOp1cF02cwYbwQ0Py0K1e0Rk0Sa6AXs6rT73u86f1vR1t2k5QQp--0S1q0Y2W8200WYg2n0O811ibi4003AgQjLHye60W8281AWFbeFZjzEmcjR-0P0GrlVlsTh3kut10RIDZBu-u1G1y1N1YlRieu-y_6EW5f3Iz9q6oHRmFzWMWHUe5mtG627u68ZsuAZPZSUIUe0PYHaAc0e000000BWP____0S0PgChZXfMVfxveqXaIUM5YSrzpPN9sPN8lSZStCYqnw1dq2V0PgmUO6jJ3Kx0RIBWR0u8S3KjAEJeqHZP4MKj9PZVf780T_t-080A880pG8V___m7L8l__V_-18m0000000F0_400o0scOCH4yEV0xQ2CKcqEQZdSUJ0njMdFKy55PS91At-7HBm1hvmGdKKrwaQHHd21A18C2~1=WOeejI_zOAK01Gm0f1KMkB-XfG6ux8UJulRAhlK1W06IijYAWRl-jZk80REcbQo10P01g8wYmjI0W802c06SZgB2LBW1ahoufIFO0VYTffy1u06WgjuMw06Y0_W1niVUlW6W0fI-YHcm0mBx0OW5ryO2a0NSeWMm1SMh0RW5nQi1m0MBv0p81VgV0z05paIe1ku1gGUMmTmhXMci_hW7j0RW1uR2W806u0YAtyGCw0a7W0e1-0g0jHZe39C2o130i9A20Q4HPu0KWA201D0Kzyp3Q-WKZ0AW5f3Iz9q6oHRG5iR7thu1c1U8azSPk1S1m1UrrW6W6Uu1k1d___y1-1cbtOOUWHh__zCIiJC7Vg0QejVPiV2Iw_h20QWUlt2m7m787_oEqq-f89UDJ_h9eje_k23UtIcG8i7vAf0Ymlaga2B3-IhL8l__V_-18uaZsJ-G8-cUzRd0jAdkK9WZhjdgyf3mclv22W2AF0-S_Y1dsZLm9GH11yDO54hiad7DBuyCCrmJWUK4smGS~1=WNqejI_zO900dGi011L8D71Aa07ksg21g_pSqvm1W06ree81Y06ree81a06WXxkFWRJApmIW0QBdgDlVW8200gW1ekUesr-m0UhksWYu0TYZwyabs074zD2g0U01gDh3fm6IcTw-0Q02hjQx1g031B03xmI81PXSa0N3Qx05gnku1QiRm0NNb0x81UtC0z05zmge1ku1gGUMmTmhXMci_hW7mWlW1uOAq0YQYf29me200k08b-kT0-W91u0A0VWAWBKOw0oJ0iWGmB2GYW6X4MU84W6G4W605820W0ZG5FQTww8Bw1IC0g0MaDBqdGR95j0MafdUlW6O5-3hcI-u5m705xNM0Q0PxW6u6V___m616l__OvEACqxTg1u1i1y2o1-YkgXLgI1Ci3t2tNAkFxWWtjqfa2B1-IgG8iBvAf0Ym_agrIB__t__WIFmFuaZsJ-G8vgjo-QGX_VRhm4907yy6mHab67cNGC32BqiOXyqhlcubT8PE1m86p7O9ee0~1=WNWejI_zO8O0TGi0D1K4OYDiXW6asDhzeVoap801W041Y07Jjv-Rdm6G0OAghltYW8200fW1Wggk_MAu0TR6u8Scs06Ktxoj0U01XCsdhG7e0PO4-06Iajw-0Q02gikc6w031h030kW4kGA81SfYa0Mbv06m1OKwk0M5Ei05--e3o0NfVD05cnUe1ku1gGUMmTmhXMci_hW7W0NW1uOAq0YQYe21meA01k08rQNJ3UW91u0A0VWAWBKOw0oJ0iWGmB2GWW6X4MU84W6G4W605820W0JG5CA7g8G1w1IC0g0MaDBqdGR95j0MkA_UlW6O5xQZx32u5m705xNM0Q0PxW6u6V___m616l__CyaahFFdg1u1i1y3o1_AhzvMgI3WjZzwF8BUFxWWtjqfa2B1-IgG8iBvAf0Ym_agrIB__t__WIFmFuaZsJ-G8yBUiuoJyUQ_Xm6O8yxzhDAhoBgAwm4706ay6mGCb64sNGC326KiOccwk6OPR1D5~1?stat-id=4&test-tag=111050674461233&banner-sizes=eyI3MjA1NzYwNTM4MTcwMjU0OCI6IjQxOXgxNTAiLCIxNjY1MTUzMzI0NjA1MzYyNzIiOiI0MTl4MTUwIiwiNzIwNTc2MDczMjI3MTY4MDEiOiI0MTl4MTUwIn0%3D&format-type=118&actual-format=10&pcodever=705738&banner-test-tags=eyI3MjA1NzYwNTM4MTcwMjU0OCI6IjQzODI3NjkiLCIxNjY1MTUzMzI0NjA1MzYyNzIiOiI0OTE3MCIsIjcyMDU3NjA3MzIyNzE2ODAxIjoiMjQ1OTUifQ%3D%3D&width=1268&height=150&confirmTime=2100000&confirmRatio=1000000&wmode=0
77.88.21.90302 Found 0 B URL HTTP/2 an.yandex.ru/count/WNKejI_zOEG0NGi0D1C5ZWYF_htPpWK0v04GW8200J4gISHZ000003YKuCm1Y084kGAb8RhTqOp1cF02cwYbwQ0Py0K1e0Rk0Sa6AXs6rT73u86f1vR1t2k5QQp--0S1q0Y2W8200WYg2n0O811ibi4003AgQjLHye60W8281AWFbeFZjzEmcjR-0P0GrlVlsTh3kut10RIDZBu-u1G1y1N1YlRieu-y_6EW5f3Iz9q6oHRmFzWMWHUe5mtG627u68ZsuAZPZSUIUe0PYHaAc0e000000BWP____0S0PgChZXfMVfxveqXaIUM5YSrzpPN9sPN8lSZStCYqnw1dq2V0PgmUO6jJ3Kx0RIBWR0u8S3KjAEJeqHZP4MKj9PZVf780T_t-080A880pG8V___m7L8l__V_-18m0000000F0_400o0scOCH4yEV0xQ2CKcqEQZdSUJ0njMdFKy55PS91At-7HBm1hvmGdKKrwaQHHd21A18C2~1=WOeejI_zOAK01Gm0f1KMkB-XfG6ux8UJulRAhlK1W06IijYAWRl-jZk80REcbQo10P01g8wYmjI0W802c06SZgB2LBW1ahoufIFO0VYTffy1u06WgjuMw06Y0_W1niVUlW6W0fI-YHcm0mBx0OW5ryO2a0NSeWMm1SMh0RW5nQi1m0MBv0p81VgV0z05paIe1ku1gGUMmTmhXMci_hW7j0RW1uR2W806u0YAtyGCw0a7W0e1-0g0jHZe39C2o130i9A20Q4HPu0KWA201D0Kzyp3Q-WKZ0AW5f3Iz9q6oHRG5iR7thu1c1U8azSPk1S1m1UrrW6W6Uu1k1d___y1-1cbtOOUWHh__zCIiJC7Vg0QejVPiV2Iw_h20QWUlt2m7m787_oEqq-f89UDJ_h9eje_k23UtIcG8i7vAf0Ymlaga2B3-IhL8l__V_-18uaZsJ-G8-cUzRd0jAdkK9WZhjdgyf3mclv22W2AF0-S_Y1dsZLm9GH11yDO54hiad7DBuyCCrmJWUK4smGS~1=WNqejI_zO900dGi011L8D71Aa07ksg21g_pSqvm1W06ree81Y06ree81a06WXxkFWRJApmIW0QBdgDlVW8200gW1ekUesr-m0UhksWYu0TYZwyabs074zD2g0U01gDh3fm6IcTw-0Q02hjQx1g031B03xmI81PXSa0N3Qx05gnku1QiRm0NNb0x81UtC0z05zmge1ku1gGUMmTmhXMci_hW7mWlW1uOAq0YQYf29me200k08b-kT0-W91u0A0VWAWBKOw0oJ0iWGmB2GYW6X4MU84W6G4W605820W0ZG5FQTww8Bw1IC0g0MaDBqdGR95j0MafdUlW6O5-3hcI-u5m705xNM0Q0PxW6u6V___m616l__OvEACqxTg1u1i1y2o1-YkgXLgI1Ci3t2tNAkFxWWtjqfa2B1-IgG8iBvAf0Ym_agrIB__t__WIFmFuaZsJ-G8vgjo-QGX_VRhm4907yy6mHab67cNGC32BqiOXyqhlcubT8PE1m86p7O9ee0~1=WNWejI_zO8O0TGi0D1K4OYDiXW6asDhzeVoap801W041Y07Jjv-Rdm6G0OAghltYW8200fW1Wggk_MAu0TR6u8Scs06Ktxoj0U01XCsdhG7e0PO4-06Iajw-0Q02gikc6w031h030kW4kGA81SfYa0Mbv06m1OKwk0M5Ei05--e3o0NfVD05cnUe1ku1gGUMmTmhXMci_hW7W0NW1uOAq0YQYe21meA01k08rQNJ3UW91u0A0VWAWBKOw0oJ0iWGmB2GWW6X4MU84W6G4W605820W0JG5CA7g8G1w1IC0g0MaDBqdGR95j0MkA_UlW6O5xQZx32u5m705xNM0Q0PxW6u6V___m616l__CyaahFFdg1u1i1y3o1_AhzvMgI3WjZzwF8BUFxWWtjqfa2B1-IgG8iBvAf0Ym_agrIB__t__WIFmFuaZsJ-G8yBUiuoJyUQ_Xm6O8yxzhDAhoBgAwm4706ay6mGCb64sNGC326KiOccwk6OPR1D5~1?stat-id=4&test-tag=111050674461233&banner-sizes=eyI3MjA1NzYwNTM4MTcwMjU0OCI6IjQxOXgxNTAiLCIxNjY1MTUzMzI0NjA1MzYyNzIiOiI0MTl4MTUwIiwiNzIwNTc2MDczMjI3MTY4MDEiOiI0MTl4MTUwIn0%3D&format-type=118&actual-format=10&pcodever=705738&banner-test-tags=eyI3MjA1NzYwNTM4MTcwMjU0OCI6IjQzODI3NjkiLCIxNjY1MTUzMzI0NjA1MzYyNzIiOiI0OTE3MCIsIjcyMDU3NjA3MzIyNzE2ODAxIjoiMjQ1OTUifQ%3D%3D&width=1268&height=150&confirmTime=2100000&confirmRatio=1000000&wmode=0
IP 77.88.21.90:0
GET /count/WNKejI_zOEG0NGi0D1C5ZWYF_htPpWK0v04GW8200J4gISHZ000003YKuCm1Y084kGAb8RhTqOp1cF02cwYbwQ0Py0K1e0Rk0Sa6AXs6rT73u86f1vR1t2k5QQp--0S1q0Y2W8200WYg2n0O811ibi4003AgQjLHye60W8281AWFbeFZjzEmcjR-0P0GrlVlsTh3kut10RIDZBu-u1G1y1N1YlRieu-y_6EW5f3Iz9q6oHRmFzWMWHUe5mtG627u68ZsuAZPZSUIUe0PYHaAc0e000000BWP____0S0PgChZXfMVfxveqXaIUM5YSrzpPN9sPN8lSZStCYqnw1dq2V0PgmUO6jJ3Kx0RIBWR0u8S3KjAEJeqHZP4MKj9PZVf780T_t-080A880pG8V___m7L8l__V_-18m0000000F0_400o0scOCH4yEV0xQ2CKcqEQZdSUJ0njMdFKy55PS91At-7HBm1hvmGdKKrwaQHHd21A18C2~1=WOeejI_zOAK01Gm0f1KMkB-XfG6ux8UJulRAhlK1W06IijYAWRl-jZk80REcbQo10P01g8wYmjI0W802c06SZgB2LBW1ahoufIFO0VYTffy1u06WgjuMw06Y0_W1niVUlW6W0fI-YHcm0mBx0OW5ryO2a0NSeWMm1SMh0RW5nQi1m0MBv0p81VgV0z05paIe1ku1gGUMmTmhXMci_hW7j0RW1uR2W806u0YAtyGCw0a7W0e1-0g0jHZe39C2o130i9A20Q4HPu0KWA201D0Kzyp3Q-WKZ0AW5f3Iz9q6oHRG5iR7thu1c1U8azSPk1S1m1UrrW6W6Uu1k1d___y1-1cbtOOUWHh__zCIiJC7Vg0QejVPiV2Iw_h20QWUlt2m7m787_oEqq-f89UDJ_h9eje_k23UtIcG8i7vAf0Ymlaga2B3-IhL8l__V_-18uaZsJ-G8-cUzRd0jAdkK9WZhjdgyf3mclv22W2AF0-S_Y1dsZLm9GH11yDO54hiad7DBuyCCrmJWUK4smGS~1=WNqejI_zO900dGi011L8D71Aa07ksg21g_pSqvm1W06ree81Y06ree81a06WXxkFWRJApmIW0QBdgDlVW8200gW1ekUesr-m0UhksWYu0TYZwyabs074zD2g0U01gDh3fm6IcTw-0Q02hjQx1g031B03xmI81PXSa0N3Qx05gnku1QiRm0NNb0x81UtC0z05zmge1ku1gGUMmTmhXMci_hW7mWlW1uOAq0YQYf29me200k08b-kT0-W91u0A0VWAWBKOw0oJ0iWGmB2GYW6X4MU84W6G4W605820W0ZG5FQTww8Bw1IC0g0MaDBqdGR95j0MafdUlW6O5-3hcI-u5m705xNM0Q0PxW6u6V___m616l__OvEACqxTg1u1i1y2o1-YkgXLgI1Ci3t2tNAkFxWWtjqfa2B1-IgG8iBvAf0Ym_agrIB__t__WIFmFuaZsJ-G8vgjo-QGX_VRhm4907yy6mHab67cNGC32BqiOXyqhlcubT8PE1m86p7O9ee0~1=WNWejI_zO8O0TGi0D1K4OYDiXW6asDhzeVoap801W041Y07Jjv-Rdm6G0OAghltYW8200fW1Wggk_MAu0TR6u8Scs06Ktxoj0U01XCsdhG7e0PO4-06Iajw-0Q02gikc6w031h030kW4kGA81SfYa0Mbv06m1OKwk0M5Ei05--e3o0NfVD05cnUe1ku1gGUMmTmhXMci_hW7W0NW1uOAq0YQYe21meA01k08rQNJ3UW91u0A0VWAWBKOw0oJ0iWGmB2GWW6X4MU84W6G4W605820W0JG5CA7g8G1w1IC0g0MaDBqdGR95j0MkA_UlW6O5xQZx32u5m705xNM0Q0PxW6u6V___m616l__CyaahFFdg1u1i1y3o1_AhzvMgI3WjZzwF8BUFxWWtjqfa2B1-IgG8iBvAf0Ym_agrIB__t__WIFmFuaZsJ-G8yBUiuoJyUQ_Xm6O8yxzhDAhoBgAwm4706ay6mGCb64sNGC326KiOccwk6OPR1D5~1?stat-id=4&test-tag=111050674461233&banner-sizes=eyI3MjA1NzYwNTM4MTcwMjU0OCI6IjQxOXgxNTAiLCIxNjY1MTUzMzI0NjA1MzYyNzIiOiI0MTl4MTUwIiwiNzIwNTc2MDczMjI3MTY4MDEiOiI0MTl4MTUwIn0%3D&format-type=118&actual-format=10&pcodever=705738&banner-test-tags=eyI3MjA1NzYwNTM4MTcwMjU0OCI6IjQzODI3NjkiLCIxNjY1MTUzMzI0NjA1MzYyNzIiOiI0OTE3MCIsIjcyMDU3NjA3MzIyNzE2ODAxIjoiMjQ1OTUifQ%3D%3D&width=1268&height=150&confirmTime=2100000&confirmRatio=1000000&wmode=0 HTTP/1.1
Host: an.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Origin: https://goo.su
Connection: keep-alive
Referer: https://goo.su/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
timing-allow-origin: *
location: https://an.yandex.ru/count/WN4ejI_zOEG0FGi091C5ZWYFLkKyiGK0v04GmO200J4gISHZ000003YKuCm1Y084kGAb8RhTqOp1cF02cwYbwQ0Py0K1e0Rk0Sa6AXs6rT73u86f1vR1t2k5QQp--0S1q0Y2W8200WYg2n0O811ibi4003AgQjLHye60W8281AWFbeFZjzEmcjR-0P0GrlVlsTh3kut10RIDZBu-u1G1y1N1YlRieu-y_6EW5f3Iz9q6oHRmFzWMWHUe5mtG627u68ZsuAZPZSUIUe0PYHaAc0e000000BWP_m706QZAuuQLdwU-QD8P4dbXOdDVSsLoTcLoBt8tDp8jCUWPz0dm6Qi7c1hKmrEm6qYu6mE270rBIZawD4OsH5bBIMOtwHm0y3-07Vz_W202Y20Cq27_0TKY__z__u4Z00000000y3yG080Wa7g0TkBlDu8EEQJfUEV1nD2cDKSD7vK51wdq7Hxz0h1sJd0IrQGNIHh52Q94C2W0~1=WNWejI_zO8O0TGi0D1K4OYDiXW6asDhzeVoap801W041Y07Jjv-Rdm6G0OAghltYW8200fW1Wggk_MAu0TR6u8Scs06Ktxoj0U01XCsdhG7e0PO4-06Iajw-0Q02gikc6w031h030kW4kGA81SfYa0Mbv06m1OKwk0M5Ei05--e3o0NfVD05cnUe1ku1gGUMmTmhXMci_hW7W0NW1uOAq0YQYe21meA01k08rQNJ3UW91u0A0VWAWBKOw0oJ0iWGmB2GWW6X4MU84W6G4W605820W0JG5CA7g8G1w1IC0g0MaDBqdGR95j0MkA_UlW6O5xQZx32u5m705xNM0Q0PxW6u6V___m616l__CyaahFFdg1u1i1y3o1_AhzvMgI3WjZzwF8BUFxWWtjqfa2B1-IgG8iBvAf0Ym_agrIB__t__WIFmFuaZsJ-G8yBUiuoJyUQ_Xm6O8yxzhDAhoBgAwm4706ay6mGCb64sNGC326KiOccwk6OPR1D5~1=WNqejI_zO900dGi011L8D71Aa07ksg21g_pSqvm1W06ree81Y06ree81a06WXxkFWRJApmIW0QBdgDlVW8200gW1ekUesr-m0UhksWYu0TYZwyabs074zD2g0U01gDh3fm6IcTw-0Q02hjQx1g031B03xmI81PXSa0N3Qx05gnku1QiRm0NNb0x81UtC0z05zmge1ku1gGUMmTmhXMci_hW7mWlW1uOAq0YQYf29me200k08b-kT0-W91u0A0VWAWBKOw0oJ0iWGmB2GYW6X4MU84W6G4W605820W0ZG5FQTww8Bw1IC0g0MaDBqdGR95j0MafdUlW6O5-3hcI-u5m705xNM0Q0PxW6u6V___m616l__OvEACqxTg1u1i1y2o1-YkgXLgI1Ci3t2tNAkFxWWtjqfa2B1-IgG8iBvAf0Ym_agrIB__t__WIFmFuaZsJ-G8vgjo-QGX_VRhm4907yy6mHab67cNGC32BqiOXyqhlcubT8PE1m86p7O9ee0~1=WOyejI_zOAe0BGm0z1LGyJz5gW4GW8200RZiXvFYzigkzG600PAos8g1k_wsEuW1iwQLh841a06eZgB2r820W0AO0PoEei9Kk06IlBYb8zW1-9scdm7W0Q2gtXRe0Q83-076nzw-0Q02bBw96R030li1Y0NNnWAG1ToY1R05nQi1k0N5gm701Ola3CW5-fy3q0NEHAW6xW6f1vR1t2k5QQp-k0Uq1k07XiA0W0RW28hVn0pe2GU02W7u2e2r6EWCamB84C2mae81eH5dW1I0e804q1JtpCDhw1IC0g0MaDBqdGR95j0MniVUlW6O5uYJrncu5m705xNM0Q0PxW6u6V___m7u6QNTXXw16l__qnAnCmT-e1gYrzcny9Bh-i81g1w_SB0V0SWV_8xJJwaWburF-icYsZ-u8DxTAP0YmVaga2B2-IgG8iFvAjKY__z__u4ZYIFPFv0ZwPxrkS2qgUvGc2EksUhoaF2Q_a8A08yy3vp-8EVSDN0g1C49mzWMIkoSSSqlcGmpN1Y1vHZRn1m0~1?stat-id=4&test-tag=111050674461233&banner-sizes=eyI3MjA1NzYwNTM4MTcwMjU0OCI6IjQxOXgxNTAiLCIxNjY1MTUzMzI0NjA1MzYyNzIiOiI0MTl4MTUwIiwiNzIwNTc2MDczMjI3MTY4MDEiOiI0MTl4MTUwIn0%3D&format-type=118&actual-format=10&pcodever=705738&banner-test-tags=eyI3MjA1NzYwNTM4MTcwMjU0OCI6IjQzODI3NjkiLCIxNjY1MTUzMzI0NjA1MzYyNzIiOiI0OTE3MCIsIjcyMDU3NjA3MzIyNzE2ODAxIjoiMjQ1OTUifQ%3D%3D&width=1268&height=150&confirmTime=2100000&confirmRatio=1000000&wmode=0
date: Sun, 15 Jan 2023 18:42:53 GMT
access-control-allow-origin: https://goo.su
set-cookie: yandexuid=4907611841673808173; domain=.yandex.ru; path=/; expires=Wed, 12-Jan-2033 18:42:53 GMT
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
expires: Sun, 15 Jan 2023 18:42:53 GMT
last-modified: Sun, 15 Jan 2023 18:42:53 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-encoding: gzip
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
kraken.rambler.ru/cnt/
81.19.89.18200 OK 0 B IP 81.19.89.18:0
ASN #24638 Rambler Internet Holding LLC
POST /cnt/ HTTP/1.1
Host: kraken.rambler.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 499
Origin: https://goo.su
Connection: keep-alive
Referer: https://goo.su/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx/1.19.4
date: Sun, 15 Jan 2023 18:42:53 GMT
content-type: application/octet-stream
expires: Thu, 01 Jan 1970 00:00:01 GMT
cache-control: no-cache
pragma: no-cache
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: content-type
access-control-allow-origin: https://goo.su
access-control-allow-credentials: true
x-srv: 2kraken-prod0002.ad.rambler.tech
set-cookie: ruid=1CIAAC1JxGOTIoiZAWil9gB=; expires=Thu, 31-Dec-37 23:55:55 GMT; domain=.rambler.ru; path=/
proto_uid=1CIAAC1JxGOTIoiZAWil9gB=; expires=Thu, 31-Dec-37 23:55:55 GMT; domain=.rambler.ru; path=/
p3p: CP="NON DSP NID ADMa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
X-Firefox-Spdy: h2
kraken.rambler.ru/cnt/
81.19.89.18200 OK 0 B IP 81.19.89.18:0
ASN #24638 Rambler Internet Holding LLC
POST /cnt/ HTTP/1.1
Host: kraken.rambler.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 499
Origin: https://goo.su
Connection: keep-alive
Referer: https://goo.su/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx/1.19.4
date: Sun, 15 Jan 2023 18:42:53 GMT
content-type: application/octet-stream
expires: Thu, 01 Jan 1970 00:00:01 GMT
cache-control: no-cache
pragma: no-cache
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: content-type
access-control-allow-origin: https://goo.su
access-control-allow-credentials: true
x-srv: 2kraken-prod0002.ad.rambler.tech
set-cookie: ruid=1CIAAC1JxGOTIoiZAXql9gB=; expires=Thu, 31-Dec-37 23:55:55 GMT; domain=.rambler.ru; path=/
proto_uid=1CIAAC1JxGOTIoiZAXql9gB=; expires=Thu, 31-Dec-37 23:55:55 GMT; domain=.rambler.ru; path=/
p3p: CP="NON DSP NID ADMa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
X-Firefox-Spdy: h2
an.yandex.ru/count/WN4ejI_zOEG0FGi091DhrD3iR7RZ4WK0v04GmO200J4fISHZ000003YKuCm1Y083kGAb8RhTqOp1cF02cwYbwQ0Py0K1e0Rk0Sa6ATcvHdhH6pgf1vR1V0TVQQp--0S1q0Y2W8200WQg2n17Cvs-bi400AeWOTLHye60W8281AWFbeF3g_6hcjR-0P0GrlVlsTh3kut10RIDZBu-u1G1y1N1YlRieu-y_6EW5f3Iz9q6oHRmFzWMWHUe5mtG627u68ZsuAZPZSUIUe0PYHbj6Ga000000BWP_m706QZAuuQLdwU-QD8P4dbXOdDVSsLoTcLoBt8tDp8jCUWPaG7m6Qi7c1hKmrEm6qYu6mE270rBIZawQ6PKGLbBIMOtwHm0y3-07Vz_W202Y20Cq27_0TKY__z__u4Z00000000y3yG080Wa7g0TkBlDu8EEQJfUEV1nD2cDKSD7vK51wdq7Hxz0h1sJd0IrQGNIHh52Q94C2W0~1=WNmejI_zO9C0bGi0H1NCv4Dpam4GW8200SweuBZq-P_njm600G680ThlljER0P01wF-TZkE0W802c07e_vsEOxW1-f6dsoNO0SQOpAi1u07QWAQc0UW1h0Fu0VAdthu1c0A6gE4Qe0ByaAiLi0C2w0Jm0uW5l905a0N4a0cm1Q2O0xW5e9W3m0ML_mB81U-50T05wdQe1ku1gGUMmNm7Nsci_hW7W0NW1-WBq0YQYe21meA01k08liZL2kW91u0A0UWCamB84A0eeH5dY181a181W1I0W83e58m2e1QGqlIT1iaMy3_G5lZXthu1c1Ull_ukk1S1m1UrrW6W6Uu1k1d_0O4Q___ZidHeG8UW6htXtF-3vDQ2KQWUlt2m7m787wECvbMu8DxTAP0YmVaga2B2-IgG8iFvAh0Y0TKY__z__u4Z0F0_YIFPFv0Z_8ZVglsHbBJS0PWZ_UsZlhYBz9n9201tF1iQm3NYI3vA39_dxtZ78c7cYskMnZRX1G00~1?stat-id=3&test-tag=111050674461201&banner-sizes=eyI3MjA1NzYwNzM0MDQwODgyMCI6IjEyNjh4MjAwIn0%3D&format-type=118&actual-format=8&pcodever=705738&banner-test-tags=eyI3MjA1NzYwNzM0MDQwODgyMCI6IjI0NjI1In0%3D&width=1268&height=200&confirmTime=2100000&confirmRatio=1000000&wmode=0
77.88.21.90200 OK 0 B URL HTTP/2 an.yandex.ru/count/WN4ejI_zOEG0FGi091DhrD3iR7RZ4WK0v04GmO200J4fISHZ000003YKuCm1Y083kGAb8RhTqOp1cF02cwYbwQ0Py0K1e0Rk0Sa6ATcvHdhH6pgf1vR1V0TVQQp--0S1q0Y2W8200WQg2n17Cvs-bi400AeWOTLHye60W8281AWFbeF3g_6hcjR-0P0GrlVlsTh3kut10RIDZBu-u1G1y1N1YlRieu-y_6EW5f3Iz9q6oHRmFzWMWHUe5mtG627u68ZsuAZPZSUIUe0PYHbj6Ga000000BWP_m706QZAuuQLdwU-QD8P4dbXOdDVSsLoTcLoBt8tDp8jCUWPaG7m6Qi7c1hKmrEm6qYu6mE270rBIZawQ6PKGLbBIMOtwHm0y3-07Vz_W202Y20Cq27_0TKY__z__u4Z00000000y3yG080Wa7g0TkBlDu8EEQJfUEV1nD2cDKSD7vK51wdq7Hxz0h1sJd0IrQGNIHh52Q94C2W0~1=WNmejI_zO9C0bGi0H1NCv4Dpam4GW8200SweuBZq-P_njm600G680ThlljER0P01wF-TZkE0W802c07e_vsEOxW1-f6dsoNO0SQOpAi1u07QWAQc0UW1h0Fu0VAdthu1c0A6gE4Qe0ByaAiLi0C2w0Jm0uW5l905a0N4a0cm1Q2O0xW5e9W3m0ML_mB81U-50T05wdQe1ku1gGUMmNm7Nsci_hW7W0NW1-WBq0YQYe21meA01k08liZL2kW91u0A0UWCamB84A0eeH5dY181a181W1I0W83e58m2e1QGqlIT1iaMy3_G5lZXthu1c1Ull_ukk1S1m1UrrW6W6Uu1k1d_0O4Q___ZidHeG8UW6htXtF-3vDQ2KQWUlt2m7m787wECvbMu8DxTAP0YmVaga2B2-IgG8iFvAh0Y0TKY__z__u4Z0F0_YIFPFv0Z_8ZVglsHbBJS0PWZ_UsZlhYBz9n9201tF1iQm3NYI3vA39_dxtZ78c7cYskMnZRX1G00~1?stat-id=3&test-tag=111050674461201&banner-sizes=eyI3MjA1NzYwNzM0MDQwODgyMCI6IjEyNjh4MjAwIn0%3D&format-type=118&actual-format=8&pcodever=705738&banner-test-tags=eyI3MjA1NzYwNzM0MDQwODgyMCI6IjI0NjI1In0%3D&width=1268&height=200&confirmTime=2100000&confirmRatio=1000000&wmode=0
IP 77.88.21.90:0
GET /count/WN4ejI_zOEG0FGi091DhrD3iR7RZ4WK0v04GmO200J4fISHZ000003YKuCm1Y083kGAb8RhTqOp1cF02cwYbwQ0Py0K1e0Rk0Sa6ATcvHdhH6pgf1vR1V0TVQQp--0S1q0Y2W8200WQg2n17Cvs-bi400AeWOTLHye60W8281AWFbeF3g_6hcjR-0P0GrlVlsTh3kut10RIDZBu-u1G1y1N1YlRieu-y_6EW5f3Iz9q6oHRmFzWMWHUe5mtG627u68ZsuAZPZSUIUe0PYHbj6Ga000000BWP_m706QZAuuQLdwU-QD8P4dbXOdDVSsLoTcLoBt8tDp8jCUWPaG7m6Qi7c1hKmrEm6qYu6mE270rBIZawQ6PKGLbBIMOtwHm0y3-07Vz_W202Y20Cq27_0TKY__z__u4Z00000000y3yG080Wa7g0TkBlDu8EEQJfUEV1nD2cDKSD7vK51wdq7Hxz0h1sJd0IrQGNIHh52Q94C2W0~1=WNmejI_zO9C0bGi0H1NCv4Dpam4GW8200SweuBZq-P_njm600G680ThlljER0P01wF-TZkE0W802c07e_vsEOxW1-f6dsoNO0SQOpAi1u07QWAQc0UW1h0Fu0VAdthu1c0A6gE4Qe0ByaAiLi0C2w0Jm0uW5l905a0N4a0cm1Q2O0xW5e9W3m0ML_mB81U-50T05wdQe1ku1gGUMmNm7Nsci_hW7W0NW1-WBq0YQYe21meA01k08liZL2kW91u0A0UWCamB84A0eeH5dY181a181W1I0W83e58m2e1QGqlIT1iaMy3_G5lZXthu1c1Ull_ukk1S1m1UrrW6W6Uu1k1d_0O4Q___ZidHeG8UW6htXtF-3vDQ2KQWUlt2m7m787wECvbMu8DxTAP0YmVaga2B2-IgG8iFvAh0Y0TKY__z__u4Z0F0_YIFPFv0Z_8ZVglsHbBJS0PWZ_UsZlhYBz9n9201tF1iQm3NYI3vA39_dxtZ78c7cYskMnZRX1G00~1?stat-id=3&test-tag=111050674461201&banner-sizes=eyI3MjA1NzYwNzM0MDQwODgyMCI6IjEyNjh4MjAwIn0%3D&format-type=118&actual-format=8&pcodever=705738&banner-test-tags=eyI3MjA1NzYwNzM0MDQwODgyMCI6IjI0NjI1In0%3D&width=1268&height=200&confirmTime=2100000&confirmRatio=1000000&wmode=0 HTTP/1.1
Host: an.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://goo.su
Content-Type: application/x-www-form-urlencoded
Referer: https://goo.su/
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
timing-allow-origin: *
date: Sun, 15 Jan 2023 18:42:52 GMT
access-control-allow-origin: https://goo.su
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Sun, 15 Jan 2023 18:42:52 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
last-modified: Sun, 15 Jan 2023 18:42:52 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: image/gif
content-encoding: gzip
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
top-fwz1.mail.ru/js/code.js
95.163.52.67200 OK 0 B URL HTTP/2 top-fwz1.mail.ru/js/code.js
IP 95.163.52.67:0
GET /js/code.js HTTP/1.1
Host: top-fwz1.mail.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://goo.su/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sun, 15 Jan 2023 18:42:48 GMT
content-type: application/javascript
last-modified: Wed, 11 Jan 2023 13:29:54 GMT
set-cookie: FTID=1RMYgQ0tkIIF:1673808168:0:::; path=/; expires=Tue, 16-Jan-24 18:42:48 GMT; domain=.mail.ru; HttpOnly; SameSite=None; Secure
etag: W/"63beb9d2-85cc"
expires: Sun, 15 Jan 2023 19:42:48 GMT
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, HEAD, PUT, OPTIONS
access-control-allow-headers: *
amp-access-control-allow-source-origin: *
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
timing-allow-origin: *
x-content-type-options: nosniff
p3p: CP="NOI DSP COR NID CUR PSA OUR NOR"
cache-control: max-age=3600, private
accept-ch: DPR, Width, Viewport-Width, Downlink, Device-Memory, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version
accept-ch-lifetime: 86400
content-encoding: gzip
X-Firefox-Spdy: h2
an.yandex.ru/meta/1677322?target-ref=https%3A%2F%2Fgoo.su%2Fz4lUTHq%2F&charset=utf-8&pcode-test-ids=657519%2C0%2C67%3B204184%2C0%2C69%3B685676%2C0%2C77%3B706294%2C0%2C82%3B704150%2C0%2C0%3B703900%2C0%2C82%3B672576%2C0%2C83&pcode-flags-map=eJytWNtu2zgQ%2FZWFn4uurpTUN0qibK4lUktKTtyiINzETQzkskjcIrtF%2F32HkmxLckIn3QWKIjE8Z4ZzOXMmPyZ0yrggqqBSklSluMKqxAIXUmVcqAVNCVeUqYQXMZ98%2BPRj8n118209%2BTBZP%2F01eTfZrh%2B39BJ%2B9SPL8%2F3Jz8%2FvJgsslSB%2F1kRWalHgUmWCFwqncmBfiZr0AZAdOKHVABCG45yMnMMPGWW0IhBfMpczXqkzWs14XSkMsVfSFB3yfRS6bwb%2FP5BxnqtS8LROKnns5m3QBCDfWJceiK4L%2BDyDUqgcxyRvoAAkxowRYa4Ocl0v6MfCyJmSc7CGfxqQ45QIVeZ4OYIaBxT6ThTtA6KsxFOiZEWT%2BVKlVGrwtMlarEubZvwcPhYkqZQkeT6AJuflEDqwnQN0LYdRMszK2vzKyA4sbw9QzQRkiwih05QpWYsFWULKoYhTRaVi0CYLnNP0BKiD%2FPBQgartEiIk5WxgiaIgtNDQNkJBW72a0S7Humq4KPum24dv656Z54Ru1M6SToKUTZlHNuPC9IygnpIQpngsCbx5VM%2B71Zeb9cDSRU7UNkdGz4FLmJoROp1VilVml57vRnZjuMQsJedK1CrlBabMyDVW4Lho7y8WfA7Bgi81FaNijC3twA%2FRsw5171WCxkZzx7ZQ2x8fCXNUVkObntEUmIIW0MZGW8%2F2On5rbLtWVzEXuqgCp7SWv70SYYl13G3AMCtneGkkKd9zgy7PaVYCOcuSM2iMihYECHRg6liWNbT1LLd9c5nwlOj%2Bl4QZmcv3fIDpWkkPsCC6d3f%2BlJ5bo7kXBM6xOcwg%2FH%2Bmhwi681cQdgHA1NaDarnW89Y5wYKpQq%2FIBRYUj97tDJz6ltVluRSUC1otVbwEriZnJRfmhKEAdbO364uO8xJpZFMfGCvsdSSwUoKBsIA5kwSqJA0s4Ueub9sD26aL5X6xljhNKZuaQTzfayNPeM0qaOVqWRLlmqP2wsDvlacQCeRJ0pjmkDWzuyhAL1oqDisxh1VywvsOo6jzirbrTwHBZhRWD9WPyHBinuYodIKgF0cH0i7miutG1bswhj2vJ6YSPM9PLEbL8dy266YCx475u9Ci1uG7StKPg3h927FM339m8m3%2FBYtdc8xIs34ESYkE2WiMz%2FYd1FrrDSxIBpwzA5EwpYnZLnQ7gm3WrCj0BAnCdnuvFCQ2UzwCjnbswSjBDhTQ1wymaUagHpq2ZSL0hpPSyETIjmyvjadnhMtSP2UKo2E2duzIH0Qyo1XzjB4YJHNecXMUbuA4AyGYlIUqSEqxAhBc0UWz5M0YkTuU10mZ%2FGeMkdZNSYZhot4ocz3fQmiQJllgUSm4IGqiwU8VyUcItXnO8cdlI0VVs6v6Vj8mX9fbi%2Bti9XC1ueu6%2Ffb%2By%2BZmLS9WN5u7q8kH5%2BdA8fpWJ2r64cDqUnGupzqH9dt38Glyu9rcvH%2F4BrH9vbq7XD%2FBz79vbldX68fBR1er2%2BaTy3%2FWd%2B3XV9832%2Fv2x9v3%2B18%2BPx%2FNQZmOst8KVa61bqNKlcxPZD6wg45xEi24OesmDWeax2kGdyBplb155IIwQtFebmaCAky%2BVK09bQbmDfbx%2FIjOjixQ5HZz2bN4682Kgsizgj0K7PpUIxRmz6GH7LHndpDMvhzHcsZMovXqqxggRJ7t7ngRZB9ck%2FBUGAzlOlarQ5u910rK43vuCC8I3eNXVFPzG6BM4cHqsNakKmFlgnqAQ3dBirHumHx9VNv7bxfXo1vLCp3xRdmulmfq2N3jJ4oDp1ZHUHC37%2BmouTBZXcQnkgKqYDDxcDiWqhLNCj8lKuBS89zW9SjwLOf6YEtV%2B8wTIGE3kC%2BBNH0%2BTO7mSd2untT1enN1vX0l3KEFk5xDLYE1WvqISabFLlypZsUKd3LgoBPYQP11nu72905VHj%2FhZWzK9LKdkxjHCm69E1Zhp9o1RXZN1ag5CUoaju39PdsVtacbBdES%2FcRfqEIt03%2FRAYinxc7Na73gVKbz8fkdWHBse8OHN58c%2BrbgElOQxUYJCemCHbiXaLvB2%2FUZbeQsKNjxfXi%2FvV4%2FDIHcyHoRaGD7sL5cP26u7l4wp%2BwPffL0m3NPMVpTJ7OazU%2BS%2FMX2ZkS8fpPPn%2F8CImMmsw%3D%3D&pcode-icookie=Rec2F4dMB94NL6%2BUS9Gn%2F03CkmiCPGago6hXHFUx%2BTgBmT9QCWMP2bAePfgdymeo0RDHtuvR40zs0p0BwGOrJlVz4zI%3D&imp-id=3&enable-flat-highlight=1&comboblock-unencoded-vast=1&test-tag=111050674405378&ad-session-id=2499591673808169431&target-id=69411499&tga-with-creatives=1&top-ancestor=https%3A%2F%2Fgoo.su&top-ancestor-undetermined=0&pcode-version=705738&pcodever=705738&flash-ver=0&available-width=145&skip-token=yabs.NzIwNTc2MDcyMTQ3MjEzODUKNzIwNTc2MDcyMTQ2MDQ2MjkKNzIwNTc2MDcxNjE0MDM0NTc%3D&layout-config=%7B%22win_width%22%3A1280%2C%22win_height%22%3A939%2C%22pixel_ratio%22%3A1%2C%22bandwidth%22%3A-1%2C%22isInIframe%22%3Afalse%2C%22w%22%3A1268%2C%22h%22%3A939%2C%22width%22%3A145%2C%22height%22%3A0%2C%22visible%22%3A1%2C%22fullscreenHeaderHeight%22%3A80%2C%22left%22%3A561%2C%22top%22%3A327%2C%22ad_no%22%3A3%2C%22darkTheme%22%3Afalse%2C%22req_no%22%3A1%7D&grab-orig-len=384&grab=eyJncmFiX3ZlcnNpb24iOjIsImlzX2FzeW5jIjoxLCJvbGRfZ3JhYl9zaXplIjo1Nn0Kgq6-kTvf80MM9dSIvWpXyDVKKJWAv3dMTrXf_RCJBARtWiSSJVXo23A4YeY8-OPWXpz1OEmSuvgwzkkG-114gvShwyVzD5l2vhdm6JALc4nLZXbCZcKiVHWVqsa84yBy4RbzMSRjYGW68Y3mfg49jQ8pQjU4-GfElzUpMZeUi6GSR07MWczGaz7RJ-eusvVSybEuT2SxZq26n1jNhkO3eH7OPuXMzjrf7LHPYkNozC2OGZnIHp3eeOAfQUXZfOVfixc0G7Xen9VvXcBDK1MqM2lNyB1g7Gi_ApI2EAhEZASpR2QA2yhMVBSQgv8%3D&uniformat=true&callback=Ya%5B3515629952933%5D
77.88.21.90200 OK 0 B URL HTTP/2 an.yandex.ru/meta/1677322?target-ref=https%3A%2F%2Fgoo.su%2Fz4lUTHq%2F&charset=utf-8&pcode-test-ids=657519%2C0%2C67%3B204184%2C0%2C69%3B685676%2C0%2C77%3B706294%2C0%2C82%3B704150%2C0%2C0%3B703900%2C0%2C82%3B672576%2C0%2C83&pcode-flags-map=eJytWNtu2zgQ%2FZWFn4uurpTUN0qibK4lUktKTtyiINzETQzkskjcIrtF%2F32HkmxLckIn3QWKIjE8Z4ZzOXMmPyZ0yrggqqBSklSluMKqxAIXUmVcqAVNCVeUqYQXMZ98%2BPRj8n118209%2BTBZP%2F01eTfZrh%2B39BJ%2B9SPL8%2F3Jz8%2FvJgsslSB%2F1kRWalHgUmWCFwqncmBfiZr0AZAdOKHVABCG45yMnMMPGWW0IhBfMpczXqkzWs14XSkMsVfSFB3yfRS6bwb%2FP5BxnqtS8LROKnns5m3QBCDfWJceiK4L%2BDyDUqgcxyRvoAAkxowRYa4Ocl0v6MfCyJmSc7CGfxqQ45QIVeZ4OYIaBxT6ThTtA6KsxFOiZEWT%2BVKlVGrwtMlarEubZvwcPhYkqZQkeT6AJuflEDqwnQN0LYdRMszK2vzKyA4sbw9QzQRkiwih05QpWYsFWULKoYhTRaVi0CYLnNP0BKiD%2FPBQgartEiIk5WxgiaIgtNDQNkJBW72a0S7Humq4KPum24dv656Z54Ru1M6SToKUTZlHNuPC9IygnpIQpngsCbx5VM%2B71Zeb9cDSRU7UNkdGz4FLmJoROp1VilVml57vRnZjuMQsJedK1CrlBabMyDVW4Lho7y8WfA7Bgi81FaNijC3twA%2FRsw5171WCxkZzx7ZQ2x8fCXNUVkObntEUmIIW0MZGW8%2F2On5rbLtWVzEXuqgCp7SWv70SYYl13G3AMCtneGkkKd9zgy7PaVYCOcuSM2iMihYECHRg6liWNbT1LLd9c5nwlOj%2Bl4QZmcv3fIDpWkkPsCC6d3f%2BlJ5bo7kXBM6xOcwg%2FH%2Bmhwi681cQdgHA1NaDarnW89Y5wYKpQq%2FIBRYUj97tDJz6ltVluRSUC1otVbwEriZnJRfmhKEAdbO364uO8xJpZFMfGCvsdSSwUoKBsIA5kwSqJA0s4Ueub9sD26aL5X6xljhNKZuaQTzfayNPeM0qaOVqWRLlmqP2wsDvlacQCeRJ0pjmkDWzuyhAL1oqDisxh1VywvsOo6jzirbrTwHBZhRWD9WPyHBinuYodIKgF0cH0i7miutG1bswhj2vJ6YSPM9PLEbL8dy266YCx475u9Ci1uG7StKPg3h927FM339m8m3%2FBYtdc8xIs34ESYkE2WiMz%2FYd1FrrDSxIBpwzA5EwpYnZLnQ7gm3WrCj0BAnCdnuvFCQ2UzwCjnbswSjBDhTQ1wymaUagHpq2ZSL0hpPSyETIjmyvjadnhMtSP2UKo2E2duzIH0Qyo1XzjB4YJHNecXMUbuA4AyGYlIUqSEqxAhBc0UWz5M0YkTuU10mZ%2FGeMkdZNSYZhot4ocz3fQmiQJllgUSm4IGqiwU8VyUcItXnO8cdlI0VVs6v6Vj8mX9fbi%2Bti9XC1ueu6%2Ffb%2By%2BZmLS9WN5u7q8kH5%2BdA8fpWJ2r64cDqUnGupzqH9dt38Glyu9rcvH%2F4BrH9vbq7XD%2FBz79vbldX68fBR1er2%2BaTy3%2FWd%2B3XV9832%2Fv2x9v3%2B18%2BPx%2FNQZmOst8KVa61bqNKlcxPZD6wg45xEi24OesmDWeax2kGdyBplb155IIwQtFebmaCAky%2BVK09bQbmDfbx%2FIjOjixQ5HZz2bN4682Kgsizgj0K7PpUIxRmz6GH7LHndpDMvhzHcsZMovXqqxggRJ7t7ngRZB9ck%2FBUGAzlOlarQ5u910rK43vuCC8I3eNXVFPzG6BM4cHqsNakKmFlgnqAQ3dBirHumHx9VNv7bxfXo1vLCp3xRdmulmfq2N3jJ4oDp1ZHUHC37%2BmouTBZXcQnkgKqYDDxcDiWqhLNCj8lKuBS89zW9SjwLOf6YEtV%2B8wTIGE3kC%2BBNH0%2BTO7mSd2untT1enN1vX0l3KEFk5xDLYE1WvqISabFLlypZsUKd3LgoBPYQP11nu72905VHj%2FhZWzK9LKdkxjHCm69E1Zhp9o1RXZN1ag5CUoaju39PdsVtacbBdES%2FcRfqEIt03%2FRAYinxc7Na73gVKbz8fkdWHBse8OHN58c%2BrbgElOQxUYJCemCHbiXaLvB2%2FUZbeQsKNjxfXi%2FvV4%2FDIHcyHoRaGD7sL5cP26u7l4wp%2BwPffL0m3NPMVpTJ7OazU%2BS%2FMX2ZkS8fpPPn%2F8CImMmsw%3D%3D&pcode-icookie=Rec2F4dMB94NL6%2BUS9Gn%2F03CkmiCPGago6hXHFUx%2BTgBmT9QCWMP2bAePfgdymeo0RDHtuvR40zs0p0BwGOrJlVz4zI%3D&imp-id=3&enable-flat-highlight=1&comboblock-unencoded-vast=1&test-tag=111050674405378&ad-session-id=2499591673808169431&target-id=69411499&tga-with-creatives=1&top-ancestor=https%3A%2F%2Fgoo.su&top-ancestor-undetermined=0&pcode-version=705738&pcodever=705738&flash-ver=0&available-width=145&skip-token=yabs.NzIwNTc2MDcyMTQ3MjEzODUKNzIwNTc2MDcyMTQ2MDQ2MjkKNzIwNTc2MDcxNjE0MDM0NTc%3D&layout-config=%7B%22win_width%22%3A1280%2C%22win_height%22%3A939%2C%22pixel_ratio%22%3A1%2C%22bandwidth%22%3A-1%2C%22isInIframe%22%3Afalse%2C%22w%22%3A1268%2C%22h%22%3A939%2C%22width%22%3A145%2C%22height%22%3A0%2C%22visible%22%3A1%2C%22fullscreenHeaderHeight%22%3A80%2C%22left%22%3A561%2C%22top%22%3A327%2C%22ad_no%22%3A3%2C%22darkTheme%22%3Afalse%2C%22req_no%22%3A1%7D&grab-orig-len=384&grab=eyJncmFiX3ZlcnNpb24iOjIsImlzX2FzeW5jIjoxLCJvbGRfZ3JhYl9zaXplIjo1Nn0Kgq6-kTvf80MM9dSIvWpXyDVKKJWAv3dMTrXf_RCJBARtWiSSJVXo23A4YeY8-OPWXpz1OEmSuvgwzkkG-114gvShwyVzD5l2vhdm6JALc4nLZXbCZcKiVHWVqsa84yBy4RbzMSRjYGW68Y3mfg49jQ8pQjU4-GfElzUpMZeUi6GSR07MWczGaz7RJ-eusvVSybEuT2SxZq26n1jNhkO3eH7OPuXMzjrf7LHPYkNozC2OGZnIHp3eeOAfQUXZfOVfixc0G7Xen9VvXcBDK1MqM2lNyB1g7Gi_ApI2EAhEZASpR2QA2yhMVBSQgv8%3D&uniformat=true&callback=Ya%5B3515629952933%5D
IP 77.88.21.90:0
GET /meta/1677322?target-ref=https%3A%2F%2Fgoo.su%2Fz4lUTHq%2F&charset=utf-8&pcode-test-ids=657519%2C0%2C67%3B204184%2C0%2C69%3B685676%2C0%2C77%3B706294%2C0%2C82%3B704150%2C0%2C0%3B703900%2C0%2C82%3B672576%2C0%2C83&pcode-flags-map=eJytWNtu2zgQ%2FZWFn4uurpTUN0qibK4lUktKTtyiINzETQzkskjcIrtF%2F32HkmxLckIn3QWKIjE8Z4ZzOXMmPyZ0yrggqqBSklSluMKqxAIXUmVcqAVNCVeUqYQXMZ98%2BPRj8n118209%2BTBZP%2F01eTfZrh%2B39BJ%2B9SPL8%2F3Jz8%2FvJgsslSB%2F1kRWalHgUmWCFwqncmBfiZr0AZAdOKHVABCG45yMnMMPGWW0IhBfMpczXqkzWs14XSkMsVfSFB3yfRS6bwb%2FP5BxnqtS8LROKnns5m3QBCDfWJceiK4L%2BDyDUqgcxyRvoAAkxowRYa4Ocl0v6MfCyJmSc7CGfxqQ45QIVeZ4OYIaBxT6ThTtA6KsxFOiZEWT%2BVKlVGrwtMlarEubZvwcPhYkqZQkeT6AJuflEDqwnQN0LYdRMszK2vzKyA4sbw9QzQRkiwih05QpWYsFWULKoYhTRaVi0CYLnNP0BKiD%2FPBQgartEiIk5WxgiaIgtNDQNkJBW72a0S7Humq4KPum24dv656Z54Ru1M6SToKUTZlHNuPC9IygnpIQpngsCbx5VM%2B71Zeb9cDSRU7UNkdGz4FLmJoROp1VilVml57vRnZjuMQsJedK1CrlBabMyDVW4Lho7y8WfA7Bgi81FaNijC3twA%2FRsw5171WCxkZzx7ZQ2x8fCXNUVkObntEUmIIW0MZGW8%2F2On5rbLtWVzEXuqgCp7SWv70SYYl13G3AMCtneGkkKd9zgy7PaVYCOcuSM2iMihYECHRg6liWNbT1LLd9c5nwlOj%2Bl4QZmcv3fIDpWkkPsCC6d3f%2BlJ5bo7kXBM6xOcwg%2FH%2Bmhwi681cQdgHA1NaDarnW89Y5wYKpQq%2FIBRYUj97tDJz6ltVluRSUC1otVbwEriZnJRfmhKEAdbO364uO8xJpZFMfGCvsdSSwUoKBsIA5kwSqJA0s4Ueub9sD26aL5X6xljhNKZuaQTzfayNPeM0qaOVqWRLlmqP2wsDvlacQCeRJ0pjmkDWzuyhAL1oqDisxh1VywvsOo6jzirbrTwHBZhRWD9WPyHBinuYodIKgF0cH0i7miutG1bswhj2vJ6YSPM9PLEbL8dy266YCx475u9Ci1uG7StKPg3h927FM339m8m3%2FBYtdc8xIs34ESYkE2WiMz%2FYd1FrrDSxIBpwzA5EwpYnZLnQ7gm3WrCj0BAnCdnuvFCQ2UzwCjnbswSjBDhTQ1wymaUagHpq2ZSL0hpPSyETIjmyvjadnhMtSP2UKo2E2duzIH0Qyo1XzjB4YJHNecXMUbuA4AyGYlIUqSEqxAhBc0UWz5M0YkTuU10mZ%2FGeMkdZNSYZhot4ocz3fQmiQJllgUSm4IGqiwU8VyUcItXnO8cdlI0VVs6v6Vj8mX9fbi%2Bti9XC1ueu6%2Ffb%2By%2BZmLS9WN5u7q8kH5%2BdA8fpWJ2r64cDqUnGupzqH9dt38Glyu9rcvH%2F4BrH9vbq7XD%2FBz79vbldX68fBR1er2%2BaTy3%2FWd%2B3XV9832%2Fv2x9v3%2B18%2BPx%2FNQZmOst8KVa61bqNKlcxPZD6wg45xEi24OesmDWeax2kGdyBplb155IIwQtFebmaCAky%2BVK09bQbmDfbx%2FIjOjixQ5HZz2bN4682Kgsizgj0K7PpUIxRmz6GH7LHndpDMvhzHcsZMovXqqxggRJ7t7ngRZB9ck%2FBUGAzlOlarQ5u910rK43vuCC8I3eNXVFPzG6BM4cHqsNakKmFlgnqAQ3dBirHumHx9VNv7bxfXo1vLCp3xRdmulmfq2N3jJ4oDp1ZHUHC37%2BmouTBZXcQnkgKqYDDxcDiWqhLNCj8lKuBS89zW9SjwLOf6YEtV%2B8wTIGE3kC%2BBNH0%2BTO7mSd2untT1enN1vX0l3KEFk5xDLYE1WvqISabFLlypZsUKd3LgoBPYQP11nu72905VHj%2FhZWzK9LKdkxjHCm69E1Zhp9o1RXZN1ag5CUoaju39PdsVtacbBdES%2FcRfqEIt03%2FRAYinxc7Na73gVKbz8fkdWHBse8OHN58c%2BrbgElOQxUYJCemCHbiXaLvB2%2FUZbeQsKNjxfXi%2FvV4%2FDIHcyHoRaGD7sL5cP26u7l4wp%2BwPffL0m3NPMVpTJ7OazU%2BS%2FMX2ZkS8fpPPn%2F8CImMmsw%3D%3D&pcode-icookie=Rec2F4dMB94NL6%2BUS9Gn%2F03CkmiCPGago6hXHFUx%2BTgBmT9QCWMP2bAePfgdymeo0RDHtuvR40zs0p0BwGOrJlVz4zI%3D&imp-id=3&enable-flat-highlight=1&comboblock-unencoded-vast=1&test-tag=111050674405378&ad-session-id=2499591673808169431&target-id=69411499&tga-with-creatives=1&top-ancestor=https%3A%2F%2Fgoo.su&top-ancestor-undetermined=0&pcode-version=705738&pcodever=705738&flash-ver=0&available-width=145&skip-token=yabs.NzIwNTc2MDcyMTQ3MjEzODUKNzIwNTc2MDcyMTQ2MDQ2MjkKNzIwNTc2MDcxNjE0MDM0NTc%3D&layout-config=%7B%22win_width%22%3A1280%2C%22win_height%22%3A939%2C%22pixel_ratio%22%3A1%2C%22bandwidth%22%3A-1%2C%22isInIframe%22%3Afalse%2C%22w%22%3A1268%2C%22h%22%3A939%2C%22width%22%3A145%2C%22height%22%3A0%2C%22visible%22%3A1%2C%22fullscreenHeaderHeight%22%3A80%2C%22left%22%3A561%2C%22top%22%3A327%2C%22ad_no%22%3A3%2C%22darkTheme%22%3Afalse%2C%22req_no%22%3A1%7D&grab-orig-len=384&grab=eyJncmFiX3ZlcnNpb24iOjIsImlzX2FzeW5jIjoxLCJvbGRfZ3JhYl9zaXplIjo1Nn0Kgq6-kTvf80MM9dSIvWpXyDVKKJWAv3dMTrXf_RCJBARtWiSSJVXo23A4YeY8-OPWXpz1OEmSuvgwzkkG-114gvShwyVzD5l2vhdm6JALc4nLZXbCZcKiVHWVqsa84yBy4RbzMSRjYGW68Y3mfg49jQ8pQjU4-GfElzUpMZeUi6GSR07MWczGaz7RJ-eusvVSybEuT2SxZq26n1jNhkO3eH7OPuXMzjrf7LHPYkNozC2OGZnIHp3eeOAfQUXZfOVfixc0G7Xen9VvXcBDK1MqM2lNyB1g7Gi_ApI2EAhEZASpR2QA2yhMVBSQgv8%3D&uniformat=true&callback=Ya%5B3515629952933%5D HTTP/1.1
Host: an.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Origin: https://goo.su
Connection: keep-alive
Referer: https://goo.su/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
uniformat: true
uniformat-product-type: Direct
content-encoding: gzip
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
access-control-allow-origin: https://goo.su
x-xss-protection: 1; mode=block
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
x-yandex-req-id: 1673808169734140-1394295059312500896900103-production-app-host-vla-pcode-247
last-modified: Sun, 15 Jan 2023 18:42:49 GMT
date: Sun, 15 Jan 2023 18:42:49 GMT
set-cookie: yabs-vdrf=A0; domain=an.yandex.ru; path=/; expires=Sun, 22-Jan-2023 18:42:49 GMT
i=x0DVTDkHkwN3lzTbhvumL68ePYQ+EwQaxGqBhBvDsWlWNIGRMhsBnBOJJaBkLS9WFfzkuK9jMP4XODMg3G59ykYG8tY=; Expires=Tue, 14-Jan-2025 18:42:49 GMT; Domain=.yandex.ru; Path=/; Secure; HttpOnly; SameSite=None
content-type: application/json
pragma: no-cache
access-control-allow-credentials: true
timing-allow-origin: *
ssr: true
strict-transport-security: max-age=31536000
expires: Sun, 15 Jan 2023 18:42:49 GMT
X-Firefox-Spdy: h2
mc.yandex.ru/watch/1677322?page-url=https%3A%2F%2Fgoo.su%2Fz4lUTHq%2F&charset=utf-8&cnt-class=1&hittoken=1673808170_617532075e5f14a692a7404354fe16f5435b1fedeed24a72218ab744fb26625e&browser-info=pv%3A1%3Aar%3A1%3Avf%3A3kqlg6e9sjiwxr6f2njdv%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A953%3Acn%3A1%3Adp%3A0%3Als%3A1057499882529%3Ahid%3A823855744%3Az%3A0%3Ai%3A20230115184250%3Aet%3A1673808171%3Ac%3A1%3Arn%3A167480967%3Arqn%3A2%3Au%3A1673808170106650993%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Aco%3A0%3Ans%3A1673808167334%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1673808171%3At%3ARedirecting...&t=gdpr(14)mc(p-1-h-1)clc(0-0-0)rqnt(2)aw(1)fip(1)ti(2)
93.158.134.119302 Found 0 B URL HTTP/2 mc.yandex.ru/watch/1677322?page-url=https%3A%2F%2Fgoo.su%2Fz4lUTHq%2F&charset=utf-8&cnt-class=1&hittoken=1673808170_617532075e5f14a692a7404354fe16f5435b1fedeed24a72218ab744fb26625e&browser-info=pv%3A1%3Aar%3A1%3Avf%3A3kqlg6e9sjiwxr6f2njdv%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A953%3Acn%3A1%3Adp%3A0%3Als%3A1057499882529%3Ahid%3A823855744%3Az%3A0%3Ai%3A20230115184250%3Aet%3A1673808171%3Ac%3A1%3Arn%3A167480967%3Arqn%3A2%3Au%3A1673808170106650993%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Aco%3A0%3Ans%3A1673808167334%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1673808171%3At%3ARedirecting...&t=gdpr(14)mc(p-1-h-1)clc(0-0-0)rqnt(2)aw(1)fip(1)ti(2)
IP 93.158.134.119:0
GET /watch/1677322?page-url=https%3A%2F%2Fgoo.su%2Fz4lUTHq%2F&charset=utf-8&cnt-class=1&hittoken=1673808170_617532075e5f14a692a7404354fe16f5435b1fedeed24a72218ab744fb26625e&browser-info=pv%3A1%3Aar%3A1%3Avf%3A3kqlg6e9sjiwxr6f2njdv%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A953%3Acn%3A1%3Adp%3A0%3Als%3A1057499882529%3Ahid%3A823855744%3Az%3A0%3Ai%3A20230115184250%3Aet%3A1673808171%3Ac%3A1%3Arn%3A167480967%3Arqn%3A2%3Au%3A1673808170106650993%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Aco%3A0%3Ans%3A1673808167334%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1673808171%3At%3ARedirecting...&t=gdpr(14)mc(p-1-h-1)clc(0-0-0)rqnt(2)aw(1)fip(1)ti(2) HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://goo.su
Connection: keep-alive
Referer: https://goo.su/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
location: /watch/1677322/1?page-url=https%3A%2F%2Fgoo.su%2Fz4lUTHq%2F&charset=utf-8&cnt-class=1&hittoken=1673808170_617532075e5f14a692a7404354fe16f5435b1fedeed24a72218ab744fb26625e&browser-info=pv%3A1%3Aar%3A1%3Avf%3A3kqlg6e9sjiwxr6f2njdv%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A953%3Acn%3A1%3Adp%3A0%3Als%3A1057499882529%3Ahid%3A823855744%3Az%3A0%3Ai%3A20230115184250%3Aet%3A1673808171%3Ac%3A1%3Arn%3A167480967%3Arqn%3A2%3Au%3A1673808170106650993%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Aco%3A0%3Ans%3A1673808167334%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1673808171%3At%3ARedirecting...&t=gdpr%2814%29mc%28p-1-h-1%29clc%280-0-0%29rqnt%282%29aw%281%29fip%281%29ti%282%29
date: Sun, 15 Jan 2023 18:42:50 GMT
access-control-allow-origin: https://goo.su
set-cookie: yabs-sid=554602391673808170; Path=/; SameSite=None; Secure
i=XiKQ3jwC9jlQDnsZsEJSmv2fAl7qK7dJs29/haHadupFagQrtYIEqLi5/eOjv+8C6uP1sJ6qUdVNQasEErojPiYdZ3E=; Expires=Wed, 12-Jan-2033 18:42:49 GMT; Domain=.yandex.ru; Path=/; Secure; HttpOnly; SameSite=None
yandexuid=9050034131673808170; Expires=Mon, 15-Jan-2024 18:42:50 GMT; Domain=.yandex.ru; Path=/; SameSite=None; Secure
yuidss=9050034131673808170; Expires=Mon, 15-Jan-2024 18:42:50 GMT; Domain=.yandex.ru; Path=/; SameSite=None; Secure
ymex=1705344170.yc.1673808170#1705344170.yrts.1673808170#1705344170.yrtsi.1673808170; Expires=Mon, 15-Jan-2024 18:42:50 GMT; Domain=.yandex.ru; Path=/; SameSite=None; Secure
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Sun, 15-Jan-2023 18:42:50 GMT
last-modified: Sun, 15-Jan-2023 18:42:50 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
an.yandex.ru/count/WN8ejI_zOFK0HGi0r18VPNX4nKrhO0K0zG4GmO200J4fISHZ000003YKuCm1Y081kGAb8RhTqOp1cF02cwYbwQ0Py0K1e0Rk0Sa6AM5TeyNmsssMmMnMHMci_lW70T08We20W0AIIpwPbi400BEqMjLHye60W8281AWFbeF3cDQecjR-0P0GrlVlsTh3kut10RIDZBu-u1G1y1N1YlRieu-y_6EO5f3Iz9q6eCaMy3_O5e4Ng1SDq1WX-1Y8zk2esOt7adg06OaP2fWA0000002u6Vy1m1ceokE6bP-dlcZI6H9vOM9pNtDbSdPbSYzoDpSoBJ7e6P41y1ch1vWQrCDJi1j8k1i3WXmDIqevEbL1QJXPIqbcD-aS0F0_W1t_Vu0W0eWW3D0X_m7L8l__V_-18m0000000F0_4W20891wW7RYxs-23Zca1TxEqiJ0L8Qshpdg-gWis4Yb5_7e5z2rSoWiKStH9caKF8ST7WHH8jWU~1=WOmejI_zOAW05Gm0b1MM7EM0g068wvlJuP27huy1W06sfvMYmDAAqk41Y06ocugpdG6G0OBXmkFXW8200fW1Wk72us6u0SISa_0bs07Syy2i0U01higzdW7e0TW4-06gfjw-0Q02bCFm6A031h03d0A81TFF0P05bTG4i0Mcu06u1QRW0S05Xy85o0NIYGBG1T0yg0Rk0Qa7bi5iLaLfhFwu1u05u0UG3SA0W0RW2CgXk0pe2GU02W7e39C2o131e12O4SFvAg6vW1I0W804q1GDw1IC0fWMaDBqdGQWoHRG5hwzthu1c1VQYyejk1S1m1UrrW6W6Uu1k1d___y1WHh__zFksi23Jg0QwT7VvE32cuYS0QWU0R0V0yWVxhcWLgaW00IQMnQ_wJ-u8DxTAP0YmVaga2B2-IgG8iFvAh0Y0SWY0TKY__z__u4ZYIFPFv0ZavY9zOd3aP8Yc2EzrSkWdfBxhoqB08qy3vJy86VSDN0AGLgLSGw6OtsOYxWpJtQATnwmkKhfV89j0Wu0~1=WP8ejI_zOAq0HGm0v1N3RgJ3hG6dkVhvai7Yy0600SNdtDdBfxhr6uW1oSwvXfu1a06gXQ6Mue20W0AO0Qg5ePPYk07o-iVu9TW1eeJah07W0PQLhva1w06s1A02j8q2e0C4i0FJ0OW5kDK6a0Mvno6m1OZ42BW5YCG8m0NKxgS2o0MHd4lG1Ucq0wW6xW6f1vR1R5P5QQp-k0U01U07XWhG2Bg8W872W806u0ZQXW7e2GU02W7u2e2r6EWCamB84C6ma881c173-IgXkO0KW8201D0KtztM7kWKZ0AO5f3Iz9q6eCaMy3_G5iwVthu1c1UNjRGik1S1m1UrrW6W6Uu1k1d___y1-1c3uUuhWHh__-De1qUaGQWU0R0V0iWVaOAoLgaW5AIM-3_5kp-u8DxTAP0YmVaga2B2-IgG8iFvAh0Y0SWY0TKY__z__u4ZYIFPFv0Z-ARghOQ1i--h0PWZsglWhg6lzRN30Gi0a3mFPF0Wf-0rSYqn6Ye3AGp7AZ4NEKVpPCCgfNCVt_UHJp13m040~1=WOOejI_zO9u0vGi0b1N1eJH6dW4GW8200QUv-lcImUBm0O010OW1vTgZefu1a07IfQ-Mue20W0AO0TAbhvPYk06Kiyhu9TW1whldh07W0Sx7xgO1w06g0_W1w8lUlW6W0exwXG6m0uC2Y0NwWnkG1SkoDh05a-eDk0MJwWt01OdxVSW5YuCWq0M7n0Me1ku1gGUMmMnMHMci_hW7W0NW1uOAq0YwY821meA01k08X_r2w0a7W0e1-0g0jHZe39C2o131i12O4SFvAg6vW1I0W804q1IPvjLRw1IC0fWMaDBqdGQWoHRmFz0MlA3UlW6O5x2zYY-u5m705xNM0Q0PxW6u6Vy1WHh__tDE0OcmYAWU0R0V0SWVzTspLgaWpLPCQGdYsZ-u8DxTAP0YmVaga2B2-IgG8iFvAh0Y0SWY0TKY__z__u4Z0F0_YIEQcTa_a2FfcuRZzjtmgAC1c2E2vOUVXvMo-b0A022A0DU88xcL60sLWGo6OtMOYv2RUR9nJgLqZiOCuGK0~1?stat-id=1&test-tag=111050674461233&banner-sizes=eyI3MjA1NzYwNzIxNDcyMTM4NSI6IjQxOXgxMDAiLCI3MjA1NzYwNzIxNDYwNDYyOSI6IjQxOXgxMDAiLCI3MjA1NzYwNzE2MTQwMzQ1NyI6IjQxOXgxMDAifQ%3D%3D&format-type=118&actual-format=10&pcodever=705738&banner-test-tags=eyI3MjA1NzYwNzIxNDcyMTM4NSI6IjU3MzYxIiwiNzIwNTc2MDcyMTQ2MDQ2MjkiOiI1NzM5NCIsIjcyMDU3NjA3MTYxNDAzNDU3IjoiNTczOTUifQ%3D%3D&width=1268&height=100&confirmTime=2100000&confirmRatio=1000000&wmode=0
77.88.21.90200 OK 0 B URL HTTP/2 an.yandex.ru/count/WN8ejI_zOFK0HGi0r18VPNX4nKrhO0K0zG4GmO200J4fISHZ000003YKuCm1Y081kGAb8RhTqOp1cF02cwYbwQ0Py0K1e0Rk0Sa6AM5TeyNmsssMmMnMHMci_lW70T08We20W0AIIpwPbi400BEqMjLHye60W8281AWFbeF3cDQecjR-0P0GrlVlsTh3kut10RIDZBu-u1G1y1N1YlRieu-y_6EO5f3Iz9q6eCaMy3_O5e4Ng1SDq1WX-1Y8zk2esOt7adg06OaP2fWA0000002u6Vy1m1ceokE6bP-dlcZI6H9vOM9pNtDbSdPbSYzoDpSoBJ7e6P41y1ch1vWQrCDJi1j8k1i3WXmDIqevEbL1QJXPIqbcD-aS0F0_W1t_Vu0W0eWW3D0X_m7L8l__V_-18m0000000F0_4W20891wW7RYxs-23Zca1TxEqiJ0L8Qshpdg-gWis4Yb5_7e5z2rSoWiKStH9caKF8ST7WHH8jWU~1=WOmejI_zOAW05Gm0b1MM7EM0g068wvlJuP27huy1W06sfvMYmDAAqk41Y06ocugpdG6G0OBXmkFXW8200fW1Wk72us6u0SISa_0bs07Syy2i0U01higzdW7e0TW4-06gfjw-0Q02bCFm6A031h03d0A81TFF0P05bTG4i0Mcu06u1QRW0S05Xy85o0NIYGBG1T0yg0Rk0Qa7bi5iLaLfhFwu1u05u0UG3SA0W0RW2CgXk0pe2GU02W7e39C2o131e12O4SFvAg6vW1I0W804q1GDw1IC0fWMaDBqdGQWoHRG5hwzthu1c1VQYyejk1S1m1UrrW6W6Uu1k1d___y1WHh__zFksi23Jg0QwT7VvE32cuYS0QWU0R0V0yWVxhcWLgaW00IQMnQ_wJ-u8DxTAP0YmVaga2B2-IgG8iFvAh0Y0SWY0TKY__z__u4ZYIFPFv0ZavY9zOd3aP8Yc2EzrSkWdfBxhoqB08qy3vJy86VSDN0AGLgLSGw6OtsOYxWpJtQATnwmkKhfV89j0Wu0~1=WP8ejI_zOAq0HGm0v1N3RgJ3hG6dkVhvai7Yy0600SNdtDdBfxhr6uW1oSwvXfu1a06gXQ6Mue20W0AO0Qg5ePPYk07o-iVu9TW1eeJah07W0PQLhva1w06s1A02j8q2e0C4i0FJ0OW5kDK6a0Mvno6m1OZ42BW5YCG8m0NKxgS2o0MHd4lG1Ucq0wW6xW6f1vR1R5P5QQp-k0U01U07XWhG2Bg8W872W806u0ZQXW7e2GU02W7u2e2r6EWCamB84C6ma881c173-IgXkO0KW8201D0KtztM7kWKZ0AO5f3Iz9q6eCaMy3_G5iwVthu1c1UNjRGik1S1m1UrrW6W6Uu1k1d___y1-1c3uUuhWHh__-De1qUaGQWU0R0V0iWVaOAoLgaW5AIM-3_5kp-u8DxTAP0YmVaga2B2-IgG8iFvAh0Y0SWY0TKY__z__u4ZYIFPFv0Z-ARghOQ1i--h0PWZsglWhg6lzRN30Gi0a3mFPF0Wf-0rSYqn6Ye3AGp7AZ4NEKVpPCCgfNCVt_UHJp13m040~1=WOOejI_zO9u0vGi0b1N1eJH6dW4GW8200QUv-lcImUBm0O010OW1vTgZefu1a07IfQ-Mue20W0AO0TAbhvPYk06Kiyhu9TW1whldh07W0Sx7xgO1w06g0_W1w8lUlW6W0exwXG6m0uC2Y0NwWnkG1SkoDh05a-eDk0MJwWt01OdxVSW5YuCWq0M7n0Me1ku1gGUMmMnMHMci_hW7W0NW1uOAq0YwY821meA01k08X_r2w0a7W0e1-0g0jHZe39C2o131i12O4SFvAg6vW1I0W804q1IPvjLRw1IC0fWMaDBqdGQWoHRmFz0MlA3UlW6O5x2zYY-u5m705xNM0Q0PxW6u6Vy1WHh__tDE0OcmYAWU0R0V0SWVzTspLgaWpLPCQGdYsZ-u8DxTAP0YmVaga2B2-IgG8iFvAh0Y0SWY0TKY__z__u4Z0F0_YIEQcTa_a2FfcuRZzjtmgAC1c2E2vOUVXvMo-b0A022A0DU88xcL60sLWGo6OtMOYv2RUR9nJgLqZiOCuGK0~1?stat-id=1&test-tag=111050674461233&banner-sizes=eyI3MjA1NzYwNzIxNDcyMTM4NSI6IjQxOXgxMDAiLCI3MjA1NzYwNzIxNDYwNDYyOSI6IjQxOXgxMDAiLCI3MjA1NzYwNzE2MTQwMzQ1NyI6IjQxOXgxMDAifQ%3D%3D&format-type=118&actual-format=10&pcodever=705738&banner-test-tags=eyI3MjA1NzYwNzIxNDcyMTM4NSI6IjU3MzYxIiwiNzIwNTc2MDcyMTQ2MDQ2MjkiOiI1NzM5NCIsIjcyMDU3NjA3MTYxNDAzNDU3IjoiNTczOTUifQ%3D%3D&width=1268&height=100&confirmTime=2100000&confirmRatio=1000000&wmode=0
IP 77.88.21.90:0
GET /count/WN8ejI_zOFK0HGi0r18VPNX4nKrhO0K0zG4GmO200J4fISHZ000003YKuCm1Y081kGAb8RhTqOp1cF02cwYbwQ0Py0K1e0Rk0Sa6AM5TeyNmsssMmMnMHMci_lW70T08We20W0AIIpwPbi400BEqMjLHye60W8281AWFbeF3cDQecjR-0P0GrlVlsTh3kut10RIDZBu-u1G1y1N1YlRieu-y_6EO5f3Iz9q6eCaMy3_O5e4Ng1SDq1WX-1Y8zk2esOt7adg06OaP2fWA0000002u6Vy1m1ceokE6bP-dlcZI6H9vOM9pNtDbSdPbSYzoDpSoBJ7e6P41y1ch1vWQrCDJi1j8k1i3WXmDIqevEbL1QJXPIqbcD-aS0F0_W1t_Vu0W0eWW3D0X_m7L8l__V_-18m0000000F0_4W20891wW7RYxs-23Zca1TxEqiJ0L8Qshpdg-gWis4Yb5_7e5z2rSoWiKStH9caKF8ST7WHH8jWU~1=WOmejI_zOAW05Gm0b1MM7EM0g068wvlJuP27huy1W06sfvMYmDAAqk41Y06ocugpdG6G0OBXmkFXW8200fW1Wk72us6u0SISa_0bs07Syy2i0U01higzdW7e0TW4-06gfjw-0Q02bCFm6A031h03d0A81TFF0P05bTG4i0Mcu06u1QRW0S05Xy85o0NIYGBG1T0yg0Rk0Qa7bi5iLaLfhFwu1u05u0UG3SA0W0RW2CgXk0pe2GU02W7e39C2o131e12O4SFvAg6vW1I0W804q1GDw1IC0fWMaDBqdGQWoHRG5hwzthu1c1VQYyejk1S1m1UrrW6W6Uu1k1d___y1WHh__zFksi23Jg0QwT7VvE32cuYS0QWU0R0V0yWVxhcWLgaW00IQMnQ_wJ-u8DxTAP0YmVaga2B2-IgG8iFvAh0Y0SWY0TKY__z__u4ZYIFPFv0ZavY9zOd3aP8Yc2EzrSkWdfBxhoqB08qy3vJy86VSDN0AGLgLSGw6OtsOYxWpJtQATnwmkKhfV89j0Wu0~1=WP8ejI_zOAq0HGm0v1N3RgJ3hG6dkVhvai7Yy0600SNdtDdBfxhr6uW1oSwvXfu1a06gXQ6Mue20W0AO0Qg5ePPYk07o-iVu9TW1eeJah07W0PQLhva1w06s1A02j8q2e0C4i0FJ0OW5kDK6a0Mvno6m1OZ42BW5YCG8m0NKxgS2o0MHd4lG1Ucq0wW6xW6f1vR1R5P5QQp-k0U01U07XWhG2Bg8W872W806u0ZQXW7e2GU02W7u2e2r6EWCamB84C6ma881c173-IgXkO0KW8201D0KtztM7kWKZ0AO5f3Iz9q6eCaMy3_G5iwVthu1c1UNjRGik1S1m1UrrW6W6Uu1k1d___y1-1c3uUuhWHh__-De1qUaGQWU0R0V0iWVaOAoLgaW5AIM-3_5kp-u8DxTAP0YmVaga2B2-IgG8iFvAh0Y0SWY0TKY__z__u4ZYIFPFv0Z-ARghOQ1i--h0PWZsglWhg6lzRN30Gi0a3mFPF0Wf-0rSYqn6Ye3AGp7AZ4NEKVpPCCgfNCVt_UHJp13m040~1=WOOejI_zO9u0vGi0b1N1eJH6dW4GW8200QUv-lcImUBm0O010OW1vTgZefu1a07IfQ-Mue20W0AO0TAbhvPYk06Kiyhu9TW1whldh07W0Sx7xgO1w06g0_W1w8lUlW6W0exwXG6m0uC2Y0NwWnkG1SkoDh05a-eDk0MJwWt01OdxVSW5YuCWq0M7n0Me1ku1gGUMmMnMHMci_hW7W0NW1uOAq0YwY821meA01k08X_r2w0a7W0e1-0g0jHZe39C2o131i12O4SFvAg6vW1I0W804q1IPvjLRw1IC0fWMaDBqdGQWoHRmFz0MlA3UlW6O5x2zYY-u5m705xNM0Q0PxW6u6Vy1WHh__tDE0OcmYAWU0R0V0SWVzTspLgaWpLPCQGdYsZ-u8DxTAP0YmVaga2B2-IgG8iFvAh0Y0SWY0TKY__z__u4Z0F0_YIEQcTa_a2FfcuRZzjtmgAC1c2E2vOUVXvMo-b0A022A0DU88xcL60sLWGo6OtMOYv2RUR9nJgLqZiOCuGK0~1?stat-id=1&test-tag=111050674461233&banner-sizes=eyI3MjA1NzYwNzIxNDcyMTM4NSI6IjQxOXgxMDAiLCI3MjA1NzYwNzIxNDYwNDYyOSI6IjQxOXgxMDAiLCI3MjA1NzYwNzE2MTQwMzQ1NyI6IjQxOXgxMDAifQ%3D%3D&format-type=118&actual-format=10&pcodever=705738&banner-test-tags=eyI3MjA1NzYwNzIxNDcyMTM4NSI6IjU3MzYxIiwiNzIwNTc2MDcyMTQ2MDQ2MjkiOiI1NzM5NCIsIjcyMDU3NjA3MTYxNDAzNDU3IjoiNTczOTUifQ%3D%3D&width=1268&height=100&confirmTime=2100000&confirmRatio=1000000&wmode=0 HTTP/1.1
Host: an.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://goo.su
Content-Type: application/x-www-form-urlencoded
Referer: https://goo.su/
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
timing-allow-origin: *
date: Sun, 15 Jan 2023 18:42:52 GMT
access-control-allow-origin: https://goo.su
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Sun, 15 Jan 2023 18:42:52 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
last-modified: Sun, 15 Jan 2023 18:42:52 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: image/gif
content-encoding: gzip
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
yandex.ru/set/s/rsya-tag-users/data?referrer=https%3A%2F%2Fgoo.su%2F
77.88.55.55200 OK 0 B URL HTTP/2 yandex.ru/set/s/rsya-tag-users/data?referrer=https%3A%2F%2Fgoo.su%2F
IP 77.88.55.55:0
GET /set/s/rsya-tag-users/data?referrer=https%3A%2F%2Fgoo.su%2F HTTP/1.1
Host: yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://yastatic.net/
Origin: https://yastatic.net
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 15 Jan 2023 18:42:51 GMT
nel: {"report_to": "network-errors", "max_age": 100, "success_fraction": 0.001, "failure_fraction": 0.1}
x-content-type-options: nosniff
access-control-allow-origin: https://yastatic.net
set-cookie: is_gdpr=1; Path=/; Domain=.yandex.ru; Expires=Tue, 14 Jan 2025 18:42:51 GMT; SameSite=None; Secure
is_gdpr_b=CIGzBBCFoQEYAQ==; Path=/; Domain=.yandex.ru; Expires=Tue, 14 Jan 2025 18:42:51 GMT; SameSite=None; Secure
_yasc=nqWhsxy5cJBIhBnk1eFMzctJ47h6zPIWuT/BjRP8GdCYa0msxP082JbnqpFl; domain=.yandex.ru; path=/; expires=Wed, 12-Jan-2033 18:42:51 GMT; secure
i=wL0emG86JWIN9kCUPTk5bT9g8y8UmxPUYTfci91AE4ibWzRjhYbNE6+Z9Mam5AjneBzMqngLqclD5CyYuotZXjtgMMY=; Expires=Tue, 14-Jan-2025 18:42:51 GMT; Domain=.yandex.ru; Path=/; Secure; HttpOnly; SameSite=None
access-control-allow-credentials: true
x-xss-protection: 1; mode=block
report-to: { "group": "network-errors", "max_age": 100, "endpoints": [{"url": "https://dr.yandex.net/nel", "priority": 1}, {"url": "https://dr2.yandex.net/nel", "priority": 2}]}
cache-control: public,max-age=300
content-encoding: gzip
content-type: application/json; charset=utf-8
X-Firefox-Spdy: h2
an.yandex.ru/rtbcount/1LrR2ZsT0Ve100000000U9nJr4oCNNpqm-rSmsa71P9TCzVyizJqF9BC00IUC95GbufK-LYk6P8CgOn0ySnf1tF2GEAb85vjEP1ePGIHdI0-430np6HSA0TXBsGiueQmLZ8ciK1O6q7gDZ03YRsCDfjb6Ow2PSuoWeIlWicxZ0mo30n_6MSnCJ3CPGA9h6MA0f9dcVu3mIicWKdUTZEd7MHWsBmbwchW9rQ6lqmWirkPMO5aBxCYa9pA3D8sbvaDP3Kp4uC2o6QMZSpNDUzu98LkK3h9h1auJQhefmdtLR3Aks3o9xE34p_4uInpNvq1irQmBBJTmF8V1XXt8B4F8B5lGhttmVuXYz-5YC_DBJVitxA0lBQ0bVSaAzSCBh3q1TQ6XWQMcwmQJsy4_9nJa_6L5QIxWws1PGRRbSF12zYwzspUqFhtpFwobMmmOmwmUPnWOtx4nkljPMaLwfXf4UdjcMR-aWrcuKyuQo9x8el-XoLBtzdFOcSpDp0rDxROmCwqWvtd1Blu0_RsMqqx9ttQi9Zx1piF07ZWg7e0?confirmTime=2106000&confirmRatio=1000000&test-tag=111050674405378&format-type=118&actual-format=10&rnd=1983164153843&banner-sizes=eyI3MjA1NzYwNzIxNDcyMTM4NSI6IjQxOXgxMDAiLCI3MjA1NzYwNzIxNDYwNDYyOSI6IjQxOXgxMDAiLCI3MjA1NzYwNzE2MTQwMzQ1NyI6IjQxOXgxMDAifQ%3D%3D&width=1268&height=100
77.88.21.90200 OK 0 B URL HTTP/2 an.yandex.ru/rtbcount/1LrR2ZsT0Ve100000000U9nJr4oCNNpqm-rSmsa71P9TCzVyizJqF9BC00IUC95GbufK-LYk6P8CgOn0ySnf1tF2GEAb85vjEP1ePGIHdI0-430np6HSA0TXBsGiueQmLZ8ciK1O6q7gDZ03YRsCDfjb6Ow2PSuoWeIlWicxZ0mo30n_6MSnCJ3CPGA9h6MA0f9dcVu3mIicWKdUTZEd7MHWsBmbwchW9rQ6lqmWirkPMO5aBxCYa9pA3D8sbvaDP3Kp4uC2o6QMZSpNDUzu98LkK3h9h1auJQhefmdtLR3Aks3o9xE34p_4uInpNvq1irQmBBJTmF8V1XXt8B4F8B5lGhttmVuXYz-5YC_DBJVitxA0lBQ0bVSaAzSCBh3q1TQ6XWQMcwmQJsy4_9nJa_6L5QIxWws1PGRRbSF12zYwzspUqFhtpFwobMmmOmwmUPnWOtx4nkljPMaLwfXf4UdjcMR-aWrcuKyuQo9x8el-XoLBtzdFOcSpDp0rDxROmCwqWvtd1Blu0_RsMqqx9ttQi9Zx1piF07ZWg7e0?confirmTime=2106000&confirmRatio=1000000&test-tag=111050674405378&format-type=118&actual-format=10&rnd=1983164153843&banner-sizes=eyI3MjA1NzYwNzIxNDcyMTM4NSI6IjQxOXgxMDAiLCI3MjA1NzYwNzIxNDYwNDYyOSI6IjQxOXgxMDAiLCI3MjA1NzYwNzE2MTQwMzQ1NyI6IjQxOXgxMDAifQ%3D%3D&width=1268&height=100
IP 77.88.21.90:0
GET /rtbcount/1LrR2ZsT0Ve100000000U9nJr4oCNNpqm-rSmsa71P9TCzVyizJqF9BC00IUC95GbufK-LYk6P8CgOn0ySnf1tF2GEAb85vjEP1ePGIHdI0-430np6HSA0TXBsGiueQmLZ8ciK1O6q7gDZ03YRsCDfjb6Ow2PSuoWeIlWicxZ0mo30n_6MSnCJ3CPGA9h6MA0f9dcVu3mIicWKdUTZEd7MHWsBmbwchW9rQ6lqmWirkPMO5aBxCYa9pA3D8sbvaDP3Kp4uC2o6QMZSpNDUzu98LkK3h9h1auJQhefmdtLR3Aks3o9xE34p_4uInpNvq1irQmBBJTmF8V1XXt8B4F8B5lGhttmVuXYz-5YC_DBJVitxA0lBQ0bVSaAzSCBh3q1TQ6XWQMcwmQJsy4_9nJa_6L5QIxWws1PGRRbSF12zYwzspUqFhtpFwobMmmOmwmUPnWOtx4nkljPMaLwfXf4UdjcMR-aWrcuKyuQo9x8el-XoLBtzdFOcSpDp0rDxROmCwqWvtd1Blu0_RsMqqx9ttQi9Zx1piF07ZWg7e0?confirmTime=2106000&confirmRatio=1000000&test-tag=111050674405378&format-type=118&actual-format=10&rnd=1983164153843&banner-sizes=eyI3MjA1NzYwNzIxNDcyMTM4NSI6IjQxOXgxMDAiLCI3MjA1NzYwNzIxNDYwNDYyOSI6IjQxOXgxMDAiLCI3MjA1NzYwNzE2MTQwMzQ1NyI6IjQxOXgxMDAifQ%3D%3D&width=1268&height=100 HTTP/1.1
Host: an.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Origin: https://goo.su
Connection: keep-alive
Referer: https://goo.su/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
timing-allow-origin: *
date: Sun, 15 Jan 2023 18:42:52 GMT
access-control-allow-origin: https://goo.su
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Sun, 15 Jan 2023 18:42:52 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
last-modified: Sun, 15 Jan 2023 18:42:52 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: image/gif
content-encoding: gzip
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
kraken.rambler.ru/cnt/v2/
81.19.89.18200 OK 0 B URL HTTP/2 kraken.rambler.ru/cnt/v2/
IP 81.19.89.18:0
ASN #24638 Rambler Internet Holding LLC
POST /cnt/v2/ HTTP/1.1
Host: kraken.rambler.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 646
Origin: https://goo.su
Connection: keep-alive
Referer: https://goo.su/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx/1.19.4
date: Sun, 15 Jan 2023 18:42:53 GMT
content-type: application/octet-stream
expires: Thu, 01 Jan 1970 00:00:01 GMT
cache-control: no-cache
pragma: no-cache
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: content-type
access-control-allow-origin: https://goo.su
access-control-allow-credentials: true
x-srv: 2kraken-prod0002.ad.rambler.tech
set-cookie: ruid=1CIAAC1JxGOTIoiZAXil9gB=; expires=Thu, 31-Dec-37 23:55:55 GMT; domain=.rambler.ru; path=/
proto_uid=1CIAAC1JxGOTIoiZAXil9gB=; expires=Thu, 31-Dec-37 23:55:55 GMT; domain=.rambler.ru; path=/
p3p: CP="NON DSP NID ADMa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
X-Firefox-Spdy: h2
an.yandex.ru/system/context.js
77.88.21.90200 OK 0 B URL HTTP/2 an.yandex.ru/system/context.js
IP 77.88.21.90:0
GET /system/context.js HTTP/1.1
Host: an.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://goo.su/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
timing-allow-origin: *
access-control-allow-origin: *
expires: Sun, 15 Jan 2023 19:42:48 GMT
x-yandex-req-id: 1673808168769581-1735540746153223534800107-production-app-host-sas-pcode-445
cache-control: private, max-age=3600
content-encoding: br
content-type: text/javascript; charset=utf-8
x-robots-tag: noindex, noarchive, nofollow
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
kraken.rambler.ru/cnt/v2/
81.19.89.18200 OK 0 B URL HTTP/2 kraken.rambler.ru/cnt/v2/
IP 81.19.89.18:0
ASN #24638 Rambler Internet Holding LLC
POST /cnt/v2/ HTTP/1.1
Host: kraken.rambler.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 646
Origin: https://goo.su
Connection: keep-alive
Referer: https://goo.su/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx/1.19.4
date: Sun, 15 Jan 2023 18:42:53 GMT
content-type: application/octet-stream
expires: Thu, 01 Jan 1970 00:00:01 GMT
cache-control: no-cache
pragma: no-cache
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: content-type
access-control-allow-origin: https://goo.su
access-control-allow-credentials: true
x-srv: 2kraken-prod0002.ad.rambler.tech
set-cookie: ruid=1CIAAC1JxGOTIoiZAW2l9gB=; expires=Thu, 31-Dec-37 23:55:55 GMT; domain=.rambler.ru; path=/
proto_uid=1CIAAC1JxGOTIoiZAW2l9gB=; expires=Thu, 31-Dec-37 23:55:55 GMT; domain=.rambler.ru; path=/
p3p: CP="NON DSP NID ADMa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
X-Firefox-Spdy: h2