goo.su/z2HvHzz
104.21.38.221301 Moved Permanently 187 B IP 104.21.38.221:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text
Hash a3ff447f49262fbe83ee1fea4302ee5e
2ed41905d0e02243822a695cf515f32c99b47844
f15d59be3d28bf3b10791fcfa6ea99423e1fc049f49104b68d8aad978b0d5fee
NIDS Severity Alert suricata medium ET POLICY HTTP Request to .su TLD (Soviet Union) Often Malware Related
GET /z2HvHzz HTTP/1.1
Host: goo.su
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Date: Tue, 31 Jan 2023 02:45:11 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://goo.su/z2HvHzz
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FKYNM9dgTSwZtBZSCzARIBrdMJlW9WQNHZA8svdK6vBrxzOuUA7%2FzphztJ1KqUex4APxolbGFneA4ufKKChRef9144vJb4p2XQeF4by6%2B0J60qioTqXHoA8%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 791f1c188b6fb4eb-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash d2e72d45afe3d391c204b5391599607c
149d68b9d00a720b6f380fa2324779dca9dbe26d
f6f1c295c68dfebadacb1fc812b44e01c7ede0e203615ef3e2cced2ce2251e7e
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F6F1C295C68DFEBADACB1FC812B44E01C7EDE0E203615EF3E2CCED2CE2251E7E"
Last-Modified: Mon, 30 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5679
Expires: Tue, 31 Jan 2023 04:19:50 GMT
Date: Tue, 31 Jan 2023 02:45:11 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 0c35c3ec659d3a26ea97e68d787bb043
d97e3672244efec5b7814f2d8a734cd1a9387854
4c946a026114ff05316d92277750facf3d5f5d162839149da0b7fb1a4cff6b5e
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4C946A026114FF05316D92277750FACF3D5F5D162839149DA0B7FB1A4CFF6B5E"
Last-Modified: Mon, 30 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7845
Expires: Tue, 31 Jan 2023 04:55:56 GMT
Date: Tue, 31 Jan 2023 02:45:11 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash dcd75ca6daca51c5e39d431468511793
07f76d3bf23d65c9110d810fa71a994e39e085d3
73672a816da4450fe2c938b08d7ae002d9ca29fdcbd3e29cc97084d826f8b459
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Alert, Retry-After, Content-Type, Content-Length, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Tue, 31 Jan 2023 02:43:15 GMT
content-type: application/json
age: 116
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 302c7548412192add063ad6c8b99cf3b
e5d178931a27db036ce8daae302594d3ff7050b8
fc2bd9091006189e67e8074093805ee5492ce16e1dbfba32e083abeeae34969d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "FC2BD9091006189E67E8074093805EE5492CE16E1DBFBA32E083ABEEAE34969D"
Last-Modified: Sat, 28 Jan 2023 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3127
Expires: Tue, 31 Jan 2023 03:37:18 GMT
Date: Tue, 31 Jan 2023 02:45:11 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 7b922915ebf1fa3639b333f994c74f24
144a3f80b98fd0652d4614f24cf6cbbee40f8938
adbb3e06df0e870f5c7a9cb81e8979d4e92735853d75c9b779c06470d4db5d9c
GET /chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: mWsknPJf+NqCTeuImbB+4+aPuWFFqPz9u61bcx7RmP8xXU5xB3KM1SQfOTnDe3fFDziNC+R9yYMenufFOk/6qw==
x-amz-request-id: NWCC9NHBRPA55VMK
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Tue, 31 Jan 2023 01:50:59 GMT
age: 3252
last-modified: Mon, 09 Jan 2023 18:04:21 GMT
etag: "7b922915ebf1fa3639b333f994c74f24"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.pki.goog/s/gts1p5/TOB3ExjSLG4
142.250.74.131200 OK 471 B URL HTTP/1.1 ocsp.pki.goog/s/gts1p5/TOB3ExjSLG4
IP 142.250.74.131:0
Hash a61600721f5d73df0fb1c528941b657d
5223337f51a913503b309f2f203dc76d8a3f542d
2514835b8cdc7d37d3005f199c2e6c469e2a50d8512c2ed3d50cfc02857da370
POST /s/gts1p5/TOB3ExjSLG4 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 31 Jan 2023 02:45:11 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 31 Jan 2023 02:45:11 GMT
content-type: application/json
content-length: 12
access-control-expose-headers: content-type
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Alert, Last-Modified, Pragma, ETag, Retry-After, Content-Type, Content-Length, Expires, Cache-Control, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Tue, 31 Jan 2023 02:41:41 GMT
age: 210
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.pki.goog/s/gts1p5/TOB3ExjSLG4
142.250.74.131200 OK 471 B URL HTTP/1.1 ocsp.pki.goog/s/gts1p5/TOB3ExjSLG4
IP 142.250.74.131:0
Hash a61600721f5d73df0fb1c528941b657d
5223337f51a913503b309f2f203dc76d8a3f542d
2514835b8cdc7d37d3005f199c2e6c469e2a50d8512c2ed3d50cfc02857da370
POST /s/gts1p5/TOB3ExjSLG4 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 31 Jan 2023 02:45:11 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 40bac282ee9730b7a7fde839fcf58736
be00063ec5c760560f34663d0a6a9cad87cfebe4
45b83537d8621d3c4a7c046a9b78f6745977c359db2868d720f19dbb0eb80d3d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 31 Jan 2023 02:45:12 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 22b9916fc1fafc9bdc9bb37f9eac8a9a
86f640e134a741a0f906a8e3a0f5c6659dd0e394
a29ee843c8a39551a1507cc6ad949ad509e33aaae8b72c58ac4884bad8b0b38e
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A29EE843C8A39551A1507CC6AD949AD509E33AAAE8B72C58AC4884BAD8B0B38E"
Last-Modified: Sun, 29 Jan 2023 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6338
Expires: Tue, 31 Jan 2023 04:30:50 GMT
Date: Tue, 31 Jan 2023 02:45:12 GMT
Connection: keep-alive
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 40bac282ee9730b7a7fde839fcf58736
be00063ec5c760560f34663d0a6a9cad87cfebe4
45b83537d8621d3c4a7c046a9b78f6745977c359db2868d720f19dbb0eb80d3d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 31 Jan 2023 02:45:12 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 33 kB IP 142.250.74.131:0
Hash 133176a88d3c883372d2b20056e3196e
499a1792e15fe99ea2b9ebbb66e095d31c7a63a0
aca1d1f3dd16bfe10d53c647582e17488ca749c925acee4500f6ed01582d5081
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 31 Jan 2023 02:45:12 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash f075625a67cefc01c034a3c732ec8023
c3ef563fbf1cf30f75fc931f82426a0f859ccb6d
75ce941806680157fcca91d6074496cbbc7cdcf6da28fa35384273bf9a76d588
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 31 Jan 2023 02:45:12 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash f075625a67cefc01c034a3c732ec8023
c3ef563fbf1cf30f75fc931f82426a0f859ccb6d
75ce941806680157fcca91d6074496cbbc7cdcf6da28fa35384273bf9a76d588
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 31 Jan 2023 02:45:12 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/opensans/v34/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4gaVI.woff2
216.58.207.227200 OK 17 kB URL HTTP/2 fonts.gstatic.com/s/opensans/v34/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4gaVI.woff2
IP 216.58.207.227:0
Hash 0087c1c0e020a68b63cadb48e74cdc85
eeb99ff25ab79ff20e0ad571cd53f8c837a250c7
923cdc9ac541741348b8a70ee65721d476e2cbf650a3bf93cb4d20876ce755e3
GET /s/opensans/v34/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4gaVI.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://goo.su
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 16740
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sun, 29 Jan 2023 10:00:11 GMT
expires: Mon, 29 Jan 2024 10:00:11 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 15 Aug 2022 18:14:44 GMT
content-type: font/woff2
age: 146701
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
216.58.207.227200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 15744, version 1.0\012- data
Hash 15d9f621c3bd1599f0169dcf0bd5e63e
7ca9c5967f3bb8bffeab24b639b49c1e7d03fa52
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://goo.su
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15744
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sun, 29 Jan 2023 22:02:00 GMT
expires: Mon, 29 Jan 2024 22:02:00 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 11 May 2022 19:24:48 GMT
content-type: font/woff2
age: 103392
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash f075625a67cefc01c034a3c732ec8023
c3ef563fbf1cf30f75fc931f82426a0f859ccb6d
75ce941806680157fcca91d6074496cbbc7cdcf6da28fa35384273bf9a76d588
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 31 Jan 2023 02:45:12 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash a5deae8ed1c2d8bf26d86d9a941d7156
f56cf0299c46717272517dd4710475af03b070ee
7180d0473bc799f62162797c1737953691fedf3179b78f68592bd9031065e0a8
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1366
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 31 Jan 2023 02:45:12 GMT
Last-Modified: Tue, 31 Jan 2023 02:22:26 GMT
Server: ECS (ska/F71E)
X-Cache: HIT
Content-Length: 471
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 69ffc0a3f7ca2b025a6b99f9c38889be
1b436bda66cd246a1024f8c3d8e91e3aeef31eaa
9aaaf6c2a570c6a73a623f4fdfb0e1dfd5f16f086ae5d9c8d5b2403b0d016e4f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 31 Jan 2023 02:45:12 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
push.services.mozilla.com/
44.236.232.139101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 44.236.232.139:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: 5z0BJjIBNzR1r4HVPM0OPQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: d4COaEgLyAv00AmrDhxeEn9iH7g=
pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-4358137683029217
142.250.74.98200 OK 50 kB URL HTTP/2 pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-4358137683029217
IP 142.250.74.98:0
File type ASCII text, with very long lines (3642)
Hash 3bc3b8520451fe5e4262381cf1afa4d2
f0d7f9c8fee03c88a80037407879b113070217d6
13482776cdaaa9d14d7e7ad19810c6cff96712d575530bc303820b3ccfe8ddc9
GET /pagead/js/adsbygoogle.js?client=ca-pub-4358137683029217 HTTP/1.1
Host: pagead2.googlesyndication.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://goo.su
Connection: keep-alive
Referer: https://goo.su/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Tue, 31 Jan 2023 02:45:12 GMT
expires: Tue, 31 Jan 2023 02:45:12 GMT
cache-control: private, max-age=3600
content-type: text/javascript; charset=UTF-8
etag: 14014491206150056450
access-control-allow-origin: *
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 50051
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp2.globalsign.com/gsalphasha2g2
104.18.20.226200 OK 1.4 kB URL HTTP/1.1 ocsp2.globalsign.com/gsalphasha2g2
IP 104.18.20.226:0
Hash 2e4acfc2c15a45e0dd8b5c27b2ec412c
4142f9b3956f328e9439f0680728d0eb3d197b17
ca2a97dffc5816ea7122bda62a92b9f8b8dfa07156a5faf3bfec3a2dd3a53ca8
POST /gsalphasha2g2 HTTP/1.1
Host: ocsp2.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 31 Jan 2023 02:45:12 GMT
Content-Type: application/ocsp-response
Content-Length: 1423
Connection: keep-alive
Expires: Sat, 04 Feb 2023 01:38:31 GMT
ETag: "4142f9b3956f328e9439f0680728d0eb3d197b17"
Last-Modified: Tue, 31 Jan 2023 01:38:32 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 1009
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 791f1c20db9b1bfe-OSL
ocsp.globalsign.com/gseccovsslca2018
104.18.20.226200 OK 940 B URL HTTP/1.1 ocsp.globalsign.com/gseccovsslca2018
IP 104.18.20.226:0
Hash 93664b45638e51c00febb4d532de042c
43bdd84cbd3dc682b64901e43ac3bebd087255f1
b8acbaf561428592aa3ffc688880ead413826fcf60423481bd8951293f70604e
POST /gseccovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 31 Jan 2023 02:45:12 GMT
Content-Type: application/ocsp-response
Content-Length: 940
Connection: keep-alive
Expires: Fri, 03 Feb 2023 23:44:28 GMT
ETag: "43bdd84cbd3dc682b64901e43ac3bebd087255f1"
Last-Modified: Mon, 30 Jan 2023 23:44:29 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 2571
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 791f1c20df8c0b41-OSL
ocsp.globalsign.com/gseccovsslca2018
104.18.20.226200 OK 939 B URL HTTP/1.1 ocsp.globalsign.com/gseccovsslca2018
IP 104.18.20.226:0
Hash 5775acab72a352155ab683ebebe8c2b8
460316bca37bbb8a7231907c6bdbeef647e51bcf
5f92786acef285cd9f3d892aec480576f6bae58642cce251e1e6accb3b7a1685
POST /gseccovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 31 Jan 2023 02:45:12 GMT
Content-Type: application/ocsp-response
Content-Length: 939
Connection: keep-alive
Expires: Fri, 03 Feb 2023 23:53:56 GMT
ETag: "460316bca37bbb8a7231907c6bdbeef647e51bcf"
Last-Modified: Mon, 30 Jan 2023 23:53:57 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 1779
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 791f1c20dd840b3d-OSL
ocsp.globalsign.com/gseccovsslca2018
104.18.20.226200 OK 940 B URL HTTP/1.1 ocsp.globalsign.com/gseccovsslca2018
IP 104.18.20.226:0
Hash 93664b45638e51c00febb4d532de042c
43bdd84cbd3dc682b64901e43ac3bebd087255f1
b8acbaf561428592aa3ffc688880ead413826fcf60423481bd8951293f70604e
POST /gseccovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 31 Jan 2023 02:45:12 GMT
Content-Type: application/ocsp-response
Content-Length: 940
Connection: keep-alive
Expires: Fri, 03 Feb 2023 23:44:28 GMT
ETag: "43bdd84cbd3dc682b64901e43ac3bebd087255f1"
Last-Modified: Mon, 30 Jan 2023 23:44:29 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 2571
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 791f1c20de48b50f-OSL
ocsp.globalsign.com/gseccovsslca2018
104.18.20.226200 OK 940 B URL HTTP/1.1 ocsp.globalsign.com/gseccovsslca2018
IP 104.18.20.226:0
Hash 93664b45638e51c00febb4d532de042c
43bdd84cbd3dc682b64901e43ac3bebd087255f1
b8acbaf561428592aa3ffc688880ead413826fcf60423481bd8951293f70604e
POST /gseccovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 31 Jan 2023 02:45:12 GMT
Content-Type: application/ocsp-response
Content-Length: 940
Connection: keep-alive
Expires: Fri, 03 Feb 2023 23:44:28 GMT
ETag: "43bdd84cbd3dc682b64901e43ac3bebd087255f1"
Last-Modified: Mon, 30 Jan 2023 23:44:29 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 2571
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 791f1c20df240b59-OSL
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 69ffc0a3f7ca2b025a6b99f9c38889be
1b436bda66cd246a1024f8c3d8e91e3aeef31eaa
9aaaf6c2a570c6a73a623f4fdfb0e1dfd5f16f086ae5d9c8d5b2403b0d016e4f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 31 Jan 2023 02:45:12 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
counter.yadro.ru/hit?t44.11;r;s1280*1024*24;uhttps%3A//goo.su/z2HvHzz;hRedirecting...;0.5481840487984857
88.212.201.198200 OK 132 B URL HTTP/1.1 counter.yadro.ru/hit?t44.11;r;s1280*1024*24;uhttps%3A//goo.su/z2HvHzz;hRedirecting...;0.5481840487984857
IP 88.212.201.198:0
ASN #39134 United Network LLC
File type GIF image data, version 87a, 31 x 31\012- data
Hash 099e70b2712eaea2a982b474b20a0a80
e3ce99d03d1ae5dc89050a8287f7c390374dd2cb
e10cd8d343f9c37e3500c69d92f7ac7e78b6c7df29a2ace8cffe71bfa494e8c9
GET /hit?t44.11;r;s1280*1024*24;uhttps%3A//goo.su/z2HvHzz;hRedirecting...;0.5481840487984857 HTTP/1.1
Host: counter.yadro.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://goo.su/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.9
Date: Tue, 31 Jan 2023 02:45:12 GMT
Content-Type: image/gif
Content-Length: 132
Connection: keep-alive
Expires: Sun, 30 Jan 2022 21:00:00 GMT
Pragma: no-cache
Cache-control: no-cache
Access-Control-Allow-Origin: *
Strict-Transport-Security: max-age=86400
ocsp.globalsign.com/gsgccr3dvtlsca2020
104.18.20.226200 OK 1.4 kB URL HTTP/1.1 ocsp.globalsign.com/gsgccr3dvtlsca2020
IP 104.18.20.226:0
Hash 7e7d041127a9c4800d3eb8280111dc5d
6c02350ce8cb6a9a5d335f4136cd25ceafe8042a
fa00b8182f3e4588e403414a770bfd945bbf42290a370b2298dbd85ec46f1e41
POST /gsgccr3dvtlsca2020 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 31 Jan 2023 02:45:12 GMT
Content-Type: application/ocsp-response
Content-Length: 1414
Connection: keep-alive
Expires: Sat, 04 Feb 2023 01:39:06 GMT
ETag: "6c02350ce8cb6a9a5d335f4136cd25ceafe8042a"
Last-Modified: Tue, 31 Jan 2023 01:39:07 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 1573
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 791f1c214fa30b41-OSL
googleads.g.doubleclick.net/pagead/html/r20230125/r20190131/zrt_lookup.html
142.250.74.130200 OK 4.2 kB URL HTTP/2 googleads.g.doubleclick.net/pagead/html/r20230125/r20190131/zrt_lookup.html
IP 142.250.74.130:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (2579)
Hash 2fb3574102373e2e076cfa2ff90cdf25
d06c985183def975546d6e47ab6369c11dcf7195
e61cbc207f7fc2f429deceff11e7a339a3d9a9574da6d035054eba02ee381345
GET /pagead/html/r20230125/r20190131/zrt_lookup.html HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://goo.su/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
x-content-type-options: nosniff
content-encoding: br
server: cafe
content-length: 4242
x-xss-protection: 0
date: Mon, 30 Jan 2023 18:55:48 GMT
expires: Mon, 13 Feb 2023 18:55:48 GMT
cache-control: public, max-age=1209600
age: 28164
etag: 10353107486223812946
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
st.top100.ru/top100/top100.js
81.19.89.16200 OK 33 kB URL HTTP/2 st.top100.ru/top100/top100.js
IP 81.19.89.16:0
ASN #24638 Rambler Internet Holding LLC
Hash 68379cc130361ab989617711e61dfd39
a2363fdd13e0fce26b9461beb52b1dc2e79c9c48
1d4ed455223f4307543378f62ca4710db42d8423c0f49c475be4a5a9f50d4d66
GET /top100/top100.js HTTP/1.1
Host: st.top100.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://goo.su/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx/1.19.4
date: Tue, 31 Jan 2023 02:45:12 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Mon, 30 Jan 2023 10:42:42 GMT
x-rgw-object-type: Normal
etag: W/"85fd0629b4936ca6bd7f6dca635c0da1"
x-amz-request-id: tx00000000000021eb6b5a5-0063d8809c-f85be6-default
expires: Tue, 31 Jan 2023 03:45:12 GMT
cache-control: max-age=3600
set-cookie: proto_uid=1CIAALiA2GOIHNF7AVfSWgB=; expires=Thu, 31-Dec-37 23:55:55 GMT; domain=.rambler.ru; path=/
p3p: CP="NON DSP NID ADMa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
content-encoding: gzip
X-Firefox-Spdy: h2
top-fwz1.mail.ru/counter?js=13;id=3128781;u=https%3A//goo.su/z2HvHzz;st=1675133126925;title=Redirecting...;s=1280*1024;vp=1268*939;touch=0;hds=1;frame=0;flash=;sid=a58aced37af456fe;ver=60.3.0;tz=0%2FUTC;ni=;lvid=1675133127400%3A1675133127416%3A1%3A0e66ecb9f6469670fc0df48863415a1b;visible=true;_=0.06461864942178441
95.163.52.67302 Found 0 B URL HTTP/2 top-fwz1.mail.ru/counter?js=13;id=3128781;u=https%3A//goo.su/z2HvHzz;st=1675133126925;title=Redirecting...;s=1280*1024;vp=1268*939;touch=0;hds=1;frame=0;flash=;sid=a58aced37af456fe;ver=60.3.0;tz=0%2FUTC;ni=;lvid=1675133127400%3A1675133127416%3A1%3A0e66ecb9f6469670fc0df48863415a1b;visible=true;_=0.06461864942178441
IP 95.163.52.67:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /counter?js=13;id=3128781;u=https%3A//goo.su/z2HvHzz;st=1675133126925;title=Redirecting...;s=1280*1024;vp=1268*939;touch=0;hds=1;frame=0;flash=;sid=a58aced37af456fe;ver=60.3.0;tz=0%2FUTC;ni=;lvid=1675133127400%3A1675133127416%3A1%3A0e66ecb9f6469670fc0df48863415a1b;visible=true;_=0.06461864942178441 HTTP/1.1
Host: top-fwz1.mail.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://goo.su/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
server: nginx
date: Tue, 31 Jan 2023 02:45:12 GMT
content-length: 0
location: https://top-fwz1.mail.ru/counter2?js=13;id=3128781;u=https%3A//goo.su/z2HvHzz;st=1675133126925;title=Redirecting...;s=1280*1024;vp=1268*939;touch=0;hds=1;frame=0;flash=;sid=a58aced37af456fe;ver=60.3.0;tz=0%2FUTC;ni=;lvid=1675133127400%3A1675133127416%3A1%3A0e66ecb9f6469670fc0df48863415a1b;visible=true;_=0.06461864942178441
set-cookie: FTID=1RMYgQ0tkIIF:1675133112:3128781:::; path=/; expires=Thu, 01-Feb-24 02:45:12 GMT; domain=.mail.ru; HttpOnly; SameSite=None; Secure
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, HEAD, PUT, OPTIONS
access-control-allow-headers: *
amp-access-control-allow-source-origin: *
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
timing-allow-origin: *
x-content-type-options: nosniff
p3p: CP="NOI DSP COR NID CUR PSA OUR NOR"
cache-control: private, no-cache, no-store, max-age=0
pragma: no-cache
accept-ch: DPR, Width, Viewport-Width, Downlink, Device-Memory, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version
accept-ch-lifetime: 86400
X-Firefox-Spdy: h2
top-fwz1.mail.ru/counter2?js=13;id=3128781;u=https%3A//goo.su/z2HvHzz;st=1675133126925;title=Redirecting...;s=1280*1024;vp=1268*939;touch=0;hds=1;frame=0;flash=;sid=a58aced37af456fe;ver=60.3.0;tz=0%2FUTC;ni=;lvid=1675133127400%3A1675133127416%3A1%3A0e66ecb9f6469670fc0df48863415a1b;visible=true;_=0.06461864942178441
95.163.52.67200 OK 43 B URL HTTP/2 top-fwz1.mail.ru/counter2?js=13;id=3128781;u=https%3A//goo.su/z2HvHzz;st=1675133126925;title=Redirecting...;s=1280*1024;vp=1268*939;touch=0;hds=1;frame=0;flash=;sid=a58aced37af456fe;ver=60.3.0;tz=0%2FUTC;ni=;lvid=1675133127400%3A1675133127416%3A1%3A0e66ecb9f6469670fc0df48863415a1b;visible=true;_=0.06461864942178441
IP 95.163.52.67:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 9bb191c6827273aa978cab39a3587950
25d8043336eb799e52b1a0e15ff6b95e09c24e35
24e480e4659fbae818853a38f8a3036f529f539024dc3e772c0b594ce02ea9db
GET /counter2?js=13;id=3128781;u=https%3A//goo.su/z2HvHzz;st=1675133126925;title=Redirecting...;s=1280*1024;vp=1268*939;touch=0;hds=1;frame=0;flash=;sid=a58aced37af456fe;ver=60.3.0;tz=0%2FUTC;ni=;lvid=1675133127400%3A1675133127416%3A1%3A0e66ecb9f6469670fc0df48863415a1b;visible=true;_=0.06461864942178441 HTTP/1.1
Host: top-fwz1.mail.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://goo.su/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 31 Jan 2023 02:45:12 GMT
content-type: image/gif
content-length: 43
set-cookie: FTID=1RMYgQ0tkIIF:1675133112:3128781:::; path=/; expires=Thu, 01-Feb-24 02:45:12 GMT; domain=.mail.ru; HttpOnly; SameSite=None; Secure
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, HEAD, PUT, OPTIONS
access-control-allow-headers: *
amp-access-control-allow-source-origin: *
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
timing-allow-origin: *
x-content-type-options: nosniff
p3p: CP="NOI DSP COR NID CUR PSA OUR NOR"
cache-control: private, no-cache, no-store, max-age=0
pragma: no-cache
accept-ch: DPR, Width, Viewport-Width, Downlink, Device-Memory, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version
accept-ch-lifetime: 86400
X-Firefox-Spdy: h2
ocsp.globalsign.com/gseccovsslca2018
104.18.20.226200 OK 940 B URL HTTP/1.1 ocsp.globalsign.com/gseccovsslca2018
IP 104.18.20.226:0
Hash fdf353ea298ee6b7088b3bac2629ebb7
f43eb22df81b6af79a09b5b672cadf1da7b6c77f
072ea11c40b054ce3c6395c31f11835a25f4a760517341d8fa7eab49087d35b3
POST /gseccovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 31 Jan 2023 02:45:12 GMT
Content-Type: application/ocsp-response
Content-Length: 940
Connection: keep-alive
Expires: Sat, 04 Feb 2023 00:48:18 GMT
ETag: "f43eb22df81b6af79a09b5b672cadf1da7b6c77f"
Last-Modified: Tue, 31 Jan 2023 00:48:19 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 1579
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 791f1c22dfb20b59-OSL
ocsp.globalsign.com/gseccovsslca2018
104.18.20.226200 OK 940 B URL HTTP/1.1 ocsp.globalsign.com/gseccovsslca2018
IP 104.18.20.226:0
Hash fdf353ea298ee6b7088b3bac2629ebb7
f43eb22df81b6af79a09b5b672cadf1da7b6c77f
072ea11c40b054ce3c6395c31f11835a25f4a760517341d8fa7eab49087d35b3
POST /gseccovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 31 Jan 2023 02:45:12 GMT
Content-Type: application/ocsp-response
Content-Length: 940
Connection: keep-alive
Expires: Sat, 04 Feb 2023 00:48:18 GMT
ETag: "f43eb22df81b6af79a09b5b672cadf1da7b6c77f"
Last-Modified: Tue, 31 Jan 2023 00:48:19 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 1579
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 791f1c22dff50b41-OSL
ocsp.globalsign.com/gseccovsslca2018
104.18.20.226200 OK 940 B URL HTTP/1.1 ocsp.globalsign.com/gseccovsslca2018
IP 104.18.20.226:0
Hash fdf353ea298ee6b7088b3bac2629ebb7
f43eb22df81b6af79a09b5b672cadf1da7b6c77f
072ea11c40b054ce3c6395c31f11835a25f4a760517341d8fa7eab49087d35b3
POST /gseccovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 31 Jan 2023 02:45:12 GMT
Content-Type: application/ocsp-response
Content-Length: 940
Connection: keep-alive
Expires: Sat, 04 Feb 2023 00:48:18 GMT
ETag: "f43eb22df81b6af79a09b5b672cadf1da7b6c77f"
Last-Modified: Tue, 31 Jan 2023 00:48:19 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 1579
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 791f1c22df5db50f-OSL
ocsp.globalsign.com/gseccovsslca2018
104.18.20.226200 OK 940 B URL HTTP/1.1 ocsp.globalsign.com/gseccovsslca2018
IP 104.18.20.226:0
Hash fdf353ea298ee6b7088b3bac2629ebb7
f43eb22df81b6af79a09b5b672cadf1da7b6c77f
072ea11c40b054ce3c6395c31f11835a25f4a760517341d8fa7eab49087d35b3
POST /gseccovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 31 Jan 2023 02:45:12 GMT
Content-Type: application/ocsp-response
Content-Length: 940
Connection: keep-alive
Expires: Sat, 04 Feb 2023 00:48:18 GMT
ETag: "f43eb22df81b6af79a09b5b672cadf1da7b6c77f"
Last-Modified: Tue, 31 Jan 2023 00:48:19 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 1579
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 791f1c22ee330b3d-OSL
yastatic.net/partner-code-bundles/713077/bcc701c4e0c40a67ee80.js
178.154.131.216200 OK 24 kB URL HTTP/2 yastatic.net/partner-code-bundles/713077/bcc701c4e0c40a67ee80.js
IP 178.154.131.216:0
File type ASCII text, with very long lines (65494)
Hash 2f0e71e3dcc4cf007ef49f415fcfff10
3c73680edc93eb2e259c098447706d83d2515a1b
a8638485a944cccb8a373a0290d6488ec30a7b7ad6b83fc8b48429cd4615ed1f
GET /partner-code-bundles/713077/bcc701c4e0c40a67ee80.js HTTP/1.1
Host: yastatic.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://goo.su
Connection: keep-alive
Referer: https://goo.su/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx/1.17.9
date: Tue, 31 Jan 2023 02:45:12 GMT
content-type: text/javascript; charset=utf-8
content-length: 23545
access-control-allow-origin: *
cache-control: public, max-age=946708560
content-encoding: br
etag: "2f0e71e3dcc4cf007ef49f415fcfff10"
expires: Thu, 30 Jan 2053 09:19:30 GMT
last-modified: Fri, 27 Jan 2023 12:32:21 GMT
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
strict-transport-security: max-age=43200000; includeSubDomains;
timing-allow-origin: *
vary: Accept-Encoding
x-robots-tag: noindex, noarchive, nofollow
accept-ranges: bytes
X-Firefox-Spdy: h2
yastatic.net/partner-code-bundles/713077/6dafa37f1ccb8d2d52f1.js
178.154.131.216200 OK 113 kB URL HTTP/2 yastatic.net/partner-code-bundles/713077/6dafa37f1ccb8d2d52f1.js
IP 178.154.131.216:0
File type ASCII text, with very long lines (65497)
Size 113 kB (113054 bytes)
Hash 02f20e51ce02c8aa52367f840e206913
28e2415c99d5086474ebd85d8f83d381d3be3af5
b663c52404f90822c3a670ab31ba3287ce1c79765a00b7f460b6899fde49e711
GET /partner-code-bundles/713077/6dafa37f1ccb8d2d52f1.js HTTP/1.1
Host: yastatic.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://goo.su
Connection: keep-alive
Referer: https://goo.su/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx/1.17.9
date: Tue, 31 Jan 2023 02:45:12 GMT
content-type: text/javascript; charset=utf-8
content-length: 113054
access-control-allow-origin: *
cache-control: public, max-age=946708560
content-encoding: br
etag: "02f20e51ce02c8aa52367f840e206913"
expires: Thu, 30 Jan 2053 09:19:30 GMT
last-modified: Fri, 27 Jan 2023 12:32:21 GMT
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
strict-transport-security: max-age=43200000; includeSubDomains;
timing-allow-origin: *
vary: Accept-Encoding
x-robots-tag: noindex, noarchive, nofollow
accept-ranges: bytes
X-Firefox-Spdy: h2
yastatic.net/s3/home/fonts/ys/3/text-variable-full.woff2
178.154.131.216200 OK 26 kB URL HTTP/2 yastatic.net/s3/home/fonts/ys/3/text-variable-full.woff2
IP 178.154.131.216:0
File type Web Open Font Format (Version 2), TrueType, length 26004, version 1.0\012- data
Hash 7f0cdaf91230f9789ca4162aedff612e
965de571aa794dab64076c3cc64dc8894b843f23
033696b7f1ac04d1dcc102be84550e146236ceffc25a6cabc12aa51a6ee410b9
GET /s3/home/fonts/ys/3/text-variable-full.woff2 HTTP/1.1
Host: yastatic.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://goo.su
Connection: keep-alive
Referer: https://goo.su/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx/1.17.9
date: Tue, 31 Jan 2023 02:45:12 GMT
content-type: font/woff2
content-length: 26004
access-control-allow-origin: *
cache-control: public, max-age=31556952
etag: "7f0cdaf91230f9789ca4162aedff612e"
expires: Wed, 31 Jan 2024 08:30:51 GMT
last-modified: Mon, 25 Apr 2022 14:02:39 GMT
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
strict-transport-security: max-age=43200000; includeSubDomains;
timing-allow-origin: *
vary: Accept-Encoding
x-amz-meta-owner: {"role":"admin","login":"4eb0da"}
x-nginx-request-id: 42854d20dd7c892b
accept-ranges: bytes
X-Firefox-Spdy: h2
yastatic.net/partner-code-bundles/713077/1c0942547d39e10f5f56.js
178.154.131.216200 OK 4.8 kB URL HTTP/2 yastatic.net/partner-code-bundles/713077/1c0942547d39e10f5f56.js
IP 178.154.131.216:0
File type ASCII text, with very long lines (14344)
Hash 203ce55d4950eebbd47e604514b2b52a
9dcc982b6e72550260e27d183812ffcd1341f9d4
df1050b4eaccd33672c3c590b52a6ac15a68b8590e9af7c9d3bd1221454b9e87
GET /partner-code-bundles/713077/1c0942547d39e10f5f56.js HTTP/1.1
Host: yastatic.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://goo.su
Connection: keep-alive
Referer: https://goo.su/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx/1.17.9
date: Tue, 31 Jan 2023 02:45:12 GMT
content-type: text/javascript; charset=utf-8
content-length: 4801
access-control-allow-origin: *
cache-control: public, max-age=946708560
content-encoding: br
etag: "203ce55d4950eebbd47e604514b2b52a"
expires: Thu, 30 Jan 2053 09:19:30 GMT
last-modified: Fri, 27 Jan 2023 12:32:21 GMT
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
strict-transport-security: max-age=43200000; includeSubDomains;
timing-allow-origin: *
vary: Accept-Encoding
x-robots-tag: noindex, noarchive, nofollow
accept-ranges: bytes
X-Firefox-Spdy: h2
yastatic.net/safeframe-bundles/0.83/host.js
178.154.131.216200 OK 8.9 kB URL HTTP/2 yastatic.net/safeframe-bundles/0.83/host.js
IP 178.154.131.216:0
File type ASCII text, with very long lines (33703), with no line terminators
Hash f80882bf67cf261aa08d636da095149a
3e5bf3fbdb45c9696f9b925d3e71b2e9777c82cd
4794febaad77bf94edba1c860dbcf9612722ad0a18b95831dad359b0bba4bed6
GET /safeframe-bundles/0.83/host.js HTTP/1.1
Host: yastatic.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://goo.su
Connection: keep-alive
Referer: https://goo.su/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx/1.17.9
date: Tue, 31 Jan 2023 02:45:12 GMT
content-type: text/javascript; charset=utf-8
content-length: 8878
access-control-allow-origin: *
cache-control: public, max-age=946708560
content-encoding: br
etag: "f80882bf67cf261aa08d636da095149a"
expires: Thu, 30 Jan 2053 09:17:39 GMT
last-modified: Wed, 03 Nov 2021 13:42:58 GMT
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
strict-transport-security: max-age=43200000; includeSubDomains;
timing-allow-origin: *
vary: Accept-Encoding
x-robots-tag: noindex, noarchive, nofollow
accept-ranges: bytes
X-Firefox-Spdy: h2
yastatic.net/partner-code-bundles/713077/07cea2bf8567304efc16.js
178.154.131.216200 OK 7.9 kB URL HTTP/2 yastatic.net/partner-code-bundles/713077/07cea2bf8567304efc16.js
IP 178.154.131.216:0
File type ASCII text, with very long lines (23593)
Hash 25572d714e4ddf4effd0e750dc4fc8fc
c9c7730519938da47bd0d977ddb80949137f4922
4471cd3f2f6a2c9002d96de9b8c10d3f7bed258326d635c8fb208a377247ef3f
GET /partner-code-bundles/713077/07cea2bf8567304efc16.js HTTP/1.1
Host: yastatic.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://goo.su
Connection: keep-alive
Referer: https://goo.su/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx/1.17.9
date: Tue, 31 Jan 2023 02:45:12 GMT
content-type: text/javascript; charset=utf-8
content-length: 7926
access-control-allow-origin: *
cache-control: public, max-age=946708560
content-encoding: br
etag: "25572d714e4ddf4effd0e750dc4fc8fc"
expires: Thu, 30 Jan 2053 09:19:30 GMT
last-modified: Fri, 27 Jan 2023 12:32:21 GMT
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
strict-transport-security: max-age=43200000; includeSubDomains;
timing-allow-origin: *
vary: Accept-Encoding
x-robots-tag: noindex, noarchive, nofollow
accept-ranges: bytes
X-Firefox-Spdy: h2
yastatic.net/partner-code-bundles/713077/2ec9a88e40a26b53acde.js
178.154.131.216200 OK 2.1 kB URL HTTP/2 yastatic.net/partner-code-bundles/713077/2ec9a88e40a26b53acde.js
IP 178.154.131.216:0
File type ASCII text, with very long lines (6989)
Hash 4d93c47caa1d77cb0165f84f5768df7e
782b6b4b6bbd0712766175bb5cccbcd10621bce1
95b03726ccff1fe263804dc876294fed05c802f688838c48259af61467d00289
GET /partner-code-bundles/713077/2ec9a88e40a26b53acde.js HTTP/1.1
Host: yastatic.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://goo.su
Connection: keep-alive
Referer: https://goo.su/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx/1.17.9
date: Tue, 31 Jan 2023 02:45:12 GMT
content-type: text/javascript; charset=utf-8
content-length: 2065
access-control-allow-origin: *
cache-control: public, max-age=946708560
content-encoding: br
etag: "4d93c47caa1d77cb0165f84f5768df7e"
expires: Thu, 30 Jan 2053 09:17:01 GMT
last-modified: Fri, 27 Jan 2023 12:32:21 GMT
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
strict-transport-security: max-age=43200000; includeSubDomains;
timing-allow-origin: *
vary: Accept-Encoding
x-robots-tag: noindex, noarchive, nofollow
accept-ranges: bytes
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash a5ff07b9b81cdf319f4a57d8d6dbbd6d
736ae15d0ed2068580d35a7cff8b33c0ec87af52
24406eda914ef8f78e1f60d6b54237ea6311f2fdf54b2b63647d84b397b41de0
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 31 Jan 2023 02:45:12 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
adservice.google.no/adsid/integrator.js?domain=goo.su
142.250.74.130200 OK 100 B URL HTTP/2 adservice.google.no/adsid/integrator.js?domain=goo.su
IP 142.250.74.130:0
File type ASCII text, with no line terminators
Hash 917951a58be8c6c6f3680159550ba3c2
21cd25c2a4eb9ec7e0f37021ce7b69e852dab4b4
cd8c45d9a0d98ca2e23d967483ec538bcafa246afdcf434bf60c8257acfacfac
GET /adsid/integrator.js?domain=goo.su HTTP/1.1
Host: adservice.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://goo.su/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: private, no-cache, no-store
content-type: application/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
date: Tue, 31 Jan 2023 02:45:12 GMT
server: cafe
content-length: 100
x-xss-protection: 0
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
adservice.google.com/adsid/integrator.js?domain=goo.su
142.250.74.66200 OK 100 B URL HTTP/2 adservice.google.com/adsid/integrator.js?domain=goo.su
IP 142.250.74.66:0
File type ASCII text, with no line terminators
Hash 917951a58be8c6c6f3680159550ba3c2
21cd25c2a4eb9ec7e0f37021ce7b69e852dab4b4
cd8c45d9a0d98ca2e23d967483ec538bcafa246afdcf434bf60c8257acfacfac
GET /adsid/integrator.js?domain=goo.su HTTP/1.1
Host: adservice.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://goo.su/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: private, no-cache, no-store
content-type: application/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
date: Tue, 31 Jan 2023 02:45:12 GMT
server: cafe
content-length: 100
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 73d6f94eec5f7bf78dc11951011af215
2d7941713a82a83c174bf782b618a6f86a8ab2d7
9de1920abadb3501bcf9f787608807f13a266efea69f12fc811bc7cac14a3552
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 31 Jan 2023 02:45:12 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash a5ff07b9b81cdf319f4a57d8d6dbbd6d
736ae15d0ed2068580d35a7cff8b33c0ec87af52
24406eda914ef8f78e1f60d6b54237ea6311f2fdf54b2b63647d84b397b41de0
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 31 Jan 2023 02:45:12 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 1b05a0b3c19155ff38f58b7dd4606775
ef6a909125ff3c1e9ea077163a86df4028ff490e
b0708b95554274b9cf8bced7a8668069a39b99a5e216c11b6c277bb912dcecf7
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 31 Jan 2023 02:45:12 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
partner.googleadservices.com/gampad/cookie.js?domain=goo.su&callback=_gfp_s_&client=ca-pub-4358137683029217
216.58.207.226200 OK 248 B URL HTTP/2 partner.googleadservices.com/gampad/cookie.js?domain=goo.su&callback=_gfp_s_&client=ca-pub-4358137683029217
IP 216.58.207.226:0
File type ASCII text, with very long lines (379), with no line terminators
Hash bd732d7cd0889e18e71421473c483488
20905512c37bbe833bd0ed014bf6099e9e6b255a
02128be49985e5d01cfcc694cea75144d2eac8025c04315e5f82cdffcd0dd1ec
GET /gampad/cookie.js?domain=goo.su&callback=_gfp_s_&client=ca-pub-4358137683029217 HTTP/1.1
Host: partner.googleadservices.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://goo.su/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
date: Tue, 31 Jan 2023 02:45:13 GMT
server: cafe
cache-control: private
content-length: 248
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
kraken.rambler.ru/cnt/v2/?event_type=base&event_name=page_view&project_id=6673155&session_id=2026250319_1675133127169&session_number=1&session_event_number=1&version=3.13.6&counter_type=web&experiment=%5B%5B%22exp_bot%22%2C%22split_a%22%5D%2C%5B%22exp_ping%22%2C%22no%22%5D%5D&top100_id=t1.6673155.1919340478.1675133127167&adtech_uid=4d063834-076a-43c2-9ec1-852f6287b920&adtech_uid_scope=goo.su&fingerprint=pA8AAENKs1e4GYz8AQlryQA%3D&fingerprint_ip=pA8AAENKs1cnnUv2AauVQAA%3D&url=https%3A%2F%2Fgoo.su%2Fz2HvHzz&request_id=1675133127.166-771390411&event_id=143231276488448&meta=%7B%22title%22%3A%22Redirecting...%22%2C%22referer%22%3A%22%22%2C%22screen_size%22%3A%221280x1024%22%2C%22browser_size%22%3A%221268x939%22%2C%22color_depth%22%3A%2224-bit%22%2C%22language%22%3A%22en-US%22%2C%22browser%22%3A%22Netscape%22%2C%22platform%22%3A%22Linux%20x86_64%22%2C%22timezone%22%3A%220%22%7D&rn=1992620436
81.19.89.16200 OK 595 B URL HTTP/2 kraken.rambler.ru/cnt/v2/?event_type=base&event_name=page_view&project_id=6673155&session_id=2026250319_1675133127169&session_number=1&session_event_number=1&version=3.13.6&counter_type=web&experiment=%5B%5B%22exp_bot%22%2C%22split_a%22%5D%2C%5B%22exp_ping%22%2C%22no%22%5D%5D&top100_id=t1.6673155.1919340478.1675133127167&adtech_uid=4d063834-076a-43c2-9ec1-852f6287b920&adtech_uid_scope=goo.su&fingerprint=pA8AAENKs1e4GYz8AQlryQA%3D&fingerprint_ip=pA8AAENKs1cnnUv2AauVQAA%3D&url=https%3A%2F%2Fgoo.su%2Fz2HvHzz&request_id=1675133127.166-771390411&event_id=143231276488448&meta=%7B%22title%22%3A%22Redirecting...%22%2C%22referer%22%3A%22%22%2C%22screen_size%22%3A%221280x1024%22%2C%22browser_size%22%3A%221268x939%22%2C%22color_depth%22%3A%2224-bit%22%2C%22language%22%3A%22en-US%22%2C%22browser%22%3A%22Netscape%22%2C%22platform%22%3A%22Linux%20x86_64%22%2C%22timezone%22%3A%220%22%7D&rn=1992620436
IP 81.19.89.16:0
ASN #24638 Rambler Internet Holding LLC
File type GIF image data, version 87a, 88 x 31\012- data
Hash b566a466c8d8c0361839677785e69240
c6e6a583e76e699806f806dbd63cebd9037f551e
86d9d7d32ba3d9eb9fbea6508c725c17c44f80d6a7d16ca1fa79a85c4b632e91
GET /cnt/v2/?event_type=base&event_name=page_view&project_id=6673155&session_id=2026250319_1675133127169&session_number=1&session_event_number=1&version=3.13.6&counter_type=web&experiment=%5B%5B%22exp_bot%22%2C%22split_a%22%5D%2C%5B%22exp_ping%22%2C%22no%22%5D%5D&top100_id=t1.6673155.1919340478.1675133127167&adtech_uid=4d063834-076a-43c2-9ec1-852f6287b920&adtech_uid_scope=goo.su&fingerprint=pA8AAENKs1e4GYz8AQlryQA%3D&fingerprint_ip=pA8AAENKs1cnnUv2AauVQAA%3D&url=https%3A%2F%2Fgoo.su%2Fz2HvHzz&request_id=1675133127.166-771390411&event_id=143231276488448&meta=%7B%22title%22%3A%22Redirecting...%22%2C%22referer%22%3A%22%22%2C%22screen_size%22%3A%221280x1024%22%2C%22browser_size%22%3A%221268x939%22%2C%22color_depth%22%3A%2224-bit%22%2C%22language%22%3A%22en-US%22%2C%22browser%22%3A%22Netscape%22%2C%22platform%22%3A%22Linux%20x86_64%22%2C%22timezone%22%3A%220%22%7D&rn=1992620436 HTTP/1.1
Host: kraken.rambler.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://goo.su/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx/1.19.4
date: Tue, 31 Jan 2023 02:45:13 GMT
content-type: image/gif
content-length: 595
last-modified: Tue, 12 Nov 2019 12:50:59 GMT
etag: "5dcaaab3-253"
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: content-type
access-control-allow-credentials: true
x-srv: 0kraken-prod0003.ad.rambler.tech
set-cookie: ruid=1CIAALmA2GNILMI+AeMLRQB=; expires=Thu, 31-Dec-37 23:55:55 GMT; domain=.rambler.ru; path=/
proto_uid=1CIAALmA2GNILMI+AeMLRQB=; expires=Thu, 31-Dec-37 23:55:55 GMT; domain=.rambler.ru; path=/
p3p: CP="NON DSP NID ADMa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
accept-ranges: bytes
X-Firefox-Spdy: h2
kraken.rambler.ru/cnt/?et=pv&v=3.13.6&pid=6673155&tid=t1.6673155.1919340478.1675133127167&rid=1675133127.166-771390411&fid=pA8AAENKs1e4GYz8AQlryQA%3D&fip=pA8AAENKs1cnnUv2AauVQAA%3D&eid=634331276481482&aduid=4d063834-076a-43c2-9ec1-852f6287b920&aduidsc=goo.su&stid=2026250319_1675133127169&sn=1&sen=1&ce=1&bs=1268x939&rf&en=UTF-8&pt=Redirecting...&sr=1280x1024&cd=24-bit&la=en-US&ja=0&acn=Mozilla&an=Netscape&pl=Linux%20x86_64&tz=0&le=2&ct=web&url=https%3A%2F%2Fgoo.su%2Fz2HvHzz&lv&exp=%5B%5B%22exp_bot%22%2C%22split_a%22%5D%2C%5B%22exp_ping%22%2C%22no%22%5D%5D&rn=2104379504
81.19.89.16200 OK 595 B URL HTTP/2 kraken.rambler.ru/cnt/?et=pv&v=3.13.6&pid=6673155&tid=t1.6673155.1919340478.1675133127167&rid=1675133127.166-771390411&fid=pA8AAENKs1e4GYz8AQlryQA%3D&fip=pA8AAENKs1cnnUv2AauVQAA%3D&eid=634331276481482&aduid=4d063834-076a-43c2-9ec1-852f6287b920&aduidsc=goo.su&stid=2026250319_1675133127169&sn=1&sen=1&ce=1&bs=1268x939&rf&en=UTF-8&pt=Redirecting...&sr=1280x1024&cd=24-bit&la=en-US&ja=0&acn=Mozilla&an=Netscape&pl=Linux%20x86_64&tz=0&le=2&ct=web&url=https%3A%2F%2Fgoo.su%2Fz2HvHzz&lv&exp=%5B%5B%22exp_bot%22%2C%22split_a%22%5D%2C%5B%22exp_ping%22%2C%22no%22%5D%5D&rn=2104379504
IP 81.19.89.16:0
ASN #24638 Rambler Internet Holding LLC
File type GIF image data, version 87a, 88 x 31\012- data
Hash b566a466c8d8c0361839677785e69240
c6e6a583e76e699806f806dbd63cebd9037f551e
86d9d7d32ba3d9eb9fbea6508c725c17c44f80d6a7d16ca1fa79a85c4b632e91
GET /cnt/?et=pv&v=3.13.6&pid=6673155&tid=t1.6673155.1919340478.1675133127167&rid=1675133127.166-771390411&fid=pA8AAENKs1e4GYz8AQlryQA%3D&fip=pA8AAENKs1cnnUv2AauVQAA%3D&eid=634331276481482&aduid=4d063834-076a-43c2-9ec1-852f6287b920&aduidsc=goo.su&stid=2026250319_1675133127169&sn=1&sen=1&ce=1&bs=1268x939&rf&en=UTF-8&pt=Redirecting...&sr=1280x1024&cd=24-bit&la=en-US&ja=0&acn=Mozilla&an=Netscape&pl=Linux%20x86_64&tz=0&le=2&ct=web&url=https%3A%2F%2Fgoo.su%2Fz2HvHzz&lv&exp=%5B%5B%22exp_bot%22%2C%22split_a%22%5D%2C%5B%22exp_ping%22%2C%22no%22%5D%5D&rn=2104379504 HTTP/1.1
Host: kraken.rambler.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://goo.su/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx/1.19.4
date: Tue, 31 Jan 2023 02:45:13 GMT
content-type: image/gif
content-length: 595
last-modified: Tue, 12 Nov 2019 12:50:59 GMT
etag: "5dcaaab3-253"
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: content-type
access-control-allow-credentials: true
x-srv: 0kraken-prod0003.ad.rambler.tech
set-cookie: ruid=1CIAALmA2GNILMI+AeQLRQB=; expires=Thu, 31-Dec-37 23:55:55 GMT; domain=.rambler.ru; path=/
proto_uid=1CIAALmA2GNILMI+AeQLRQB=; expires=Thu, 31-Dec-37 23:55:55 GMT; domain=.rambler.ru; path=/
p3p: CP="NON DSP NID ADMa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
accept-ranges: bytes
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 1b05a0b3c19155ff38f58b7dd4606775
ef6a909125ff3c1e9ea077163a86df4028ff490e
b0708b95554274b9cf8bced7a8668069a39b99a5e216c11b6c277bb912dcecf7
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 31 Jan 2023 02:45:13 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
an.yandex.ru/system/context.js
87.250.250.90200 OK 94 kB URL HTTP/2 an.yandex.ru/system/context.js
IP 87.250.250.90:0
File type ASCII text, with very long lines (65492)
Hash 7e642cd3f46719ae1da97d613af6b065
9f02984718e5b1c05cc8afb6259927b4d208c9e7
8342f0f61b38ff76cc14ec0b9e78eb3fad23c97a61a5bc4120b5fb88286baf57
GET /system/context.js HTTP/1.1
Host: an.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://goo.su/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
timing-allow-origin: *
access-control-allow-origin: *
expires: Tue, 31 Jan 2023 03:45:12 GMT
x-yandex-req-id: 1675133112508641-1390970766782721680500103-production-app-host-sas-pcode-347
cache-control: private, max-age=3600
content-encoding: br
content-type: text/javascript; charset=utf-8
x-robots-tag: noindex, noarchive, nofollow
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
top-fwz1.mail.ru/tracker?js=13;id=3128781;u=https%3A//goo.su/z2HvHzz;st=1675133126925;title=Redirecting...;s=1280*1024;vp=1268*939;touch=0;hds=1;frame=0;flash=;sid=a58aced37af456fe;ver=60.3.0;tz=0%2FUTC;nt=0/0/1675133125830/////360/367/368/369/428/371/428/722/723/802/1095/1118/1122/2020/2020/;ni=;lvid=1675133127400%3A1675133127854%3A2%3A0e66ecb9f6469670fc0df48863415a1b;visible=true;_=0.2009460298664838;e=RT/load;et=1675133127852
95.163.52.67200 OK 43 B URL HTTP/2 top-fwz1.mail.ru/tracker?js=13;id=3128781;u=https%3A//goo.su/z2HvHzz;st=1675133126925;title=Redirecting...;s=1280*1024;vp=1268*939;touch=0;hds=1;frame=0;flash=;sid=a58aced37af456fe;ver=60.3.0;tz=0%2FUTC;nt=0/0/1675133125830/////360/367/368/369/428/371/428/722/723/802/1095/1118/1122/2020/2020/;ni=;lvid=1675133127400%3A1675133127854%3A2%3A0e66ecb9f6469670fc0df48863415a1b;visible=true;_=0.2009460298664838;e=RT/load;et=1675133127852
IP 95.163.52.67:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 9bb191c6827273aa978cab39a3587950
25d8043336eb799e52b1a0e15ff6b95e09c24e35
24e480e4659fbae818853a38f8a3036f529f539024dc3e772c0b594ce02ea9db
GET /tracker?js=13;id=3128781;u=https%3A//goo.su/z2HvHzz;st=1675133126925;title=Redirecting...;s=1280*1024;vp=1268*939;touch=0;hds=1;frame=0;flash=;sid=a58aced37af456fe;ver=60.3.0;tz=0%2FUTC;nt=0/0/1675133125830/////360/367/368/369/428/371/428/722/723/802/1095/1118/1122/2020/2020/;ni=;lvid=1675133127400%3A1675133127854%3A2%3A0e66ecb9f6469670fc0df48863415a1b;visible=true;_=0.2009460298664838;e=RT/load;et=1675133127852 HTTP/1.1
Host: top-fwz1.mail.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://goo.su/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 31 Jan 2023 02:45:13 GMT
content-type: image/gif
content-length: 43
set-cookie: FTID=1RMYgQ0tkIIF:1675133113:3128781:::; path=/; expires=Thu, 01-Feb-24 02:45:13 GMT; domain=.mail.ru; HttpOnly; SameSite=None; Secure
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, HEAD, PUT, OPTIONS
access-control-allow-headers: *
amp-access-control-allow-source-origin: *
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
timing-allow-origin: *
x-content-type-options: nosniff
p3p: CP="NOI DSP COR NID CUR PSA OUR NOR"
cache-control: private, no-cache, no-store, max-age=0
pragma: no-cache
accept-ch: DPR, Width, Viewport-Width, Downlink, Device-Memory, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version
accept-ch-lifetime: 86400
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 087182d3a6a359284853764004bfb9b4
0297b9b2cb72a979d6a1267f587bab0fb79b7b40
aa00ff2ec55972ad493cedf34c369da582f052df3a1f660610b8cbbcb78ce5ff
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 31 Jan 2023 02:45:13 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
tpc.googlesyndication.com/sodar/sodar2.js
172.217.21.161200 OK 6.4 kB URL HTTP/2 tpc.googlesyndication.com/sodar/sodar2.js
IP 172.217.21.161:0
File type ASCII text, with very long lines (1321)
Hash ac906814ed812c4ecdbb624a3bd2f6c3
8e4547eaffaa66a1ee61b36028dbcd7091d0e7de
8ab8cef6156022c4547455defd8252b48b6bcb8b734072849345bb99758705fe
GET /sodar/sodar2.js HTTP/1.1
Host: tpc.googlesyndication.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://goo.su/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/javascript
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length: 6386
date: Tue, 31 Jan 2023 02:45:13 GMT
expires: Tue, 31 Jan 2023 02:45:13 GMT
cache-control: private, max-age=3000
etag: "1637097310169751"
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
tpc.googlesyndication.com/sodar/sodar2/225/runner.html
172.217.21.161200 OK 5.0 kB URL HTTP/2 tpc.googlesyndication.com/sodar/sodar2/225/runner.html
IP 172.217.21.161:0
File type HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (2020)
Hash f530c16b248be97e10df228df6a41c24
ca3c3a38bbeef6906682b3e0b2a7be40c08b0925
f45287dcfd79a2411e79f98c834c6f7eff8a281a9b4fdba0124be9d204987786
GET /sodar/sodar2/225/runner.html HTTP/1.1
Host: tpc.googlesyndication.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://goo.su/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length: 5046
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 26 Jan 2023 20:43:30 GMT
expires: Fri, 26 Jan 2024 20:43:30 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
content-type: text/html
age: 367303
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 2ac1bcdceabf1fc4e07017906aa8a815
ba00b737325fc50b35af8d851ced0fe13d1cba22
c6c54f5dbbfc40b454b9c67a7972827f500d83b10a1594f7cb56c69158278c08
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 31 Jan 2023 02:45:13 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
yastatic.net/s3/games-static/favicons/icon-192.png
178.154.131.216200 OK 24 kB URL HTTP/2 yastatic.net/s3/games-static/favicons/icon-192.png
IP 178.154.131.216:0
File type PNG image data, 192 x 192, 8-bit/color RGBA, non-interlaced\012- data
Hash 7819c957eaa80af5bf14f760d49b64a7
93b670523acd14f884c3a538d59d408da0888a6c
ca78c114bba40b141a59c55a9d3fb6db7672bc3effd4337f2b1ce512b4d06c9e
GET /s3/games-static/favicons/icon-192.png HTTP/1.1
Host: yastatic.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://goo.su/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx/1.17.9
date: Tue, 31 Jan 2023 02:45:13 GMT
content-type: image/png
content-length: 24134
access-control-allow-origin: *
cache-control: public, max-age=216013
etag: "7819c957eaa80af5bf14f760d49b64a7"
expires: Thu, 02 Feb 2023 14:43:32 GMT
last-modified: Thu, 14 Apr 2022 12:22:42 GMT
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
strict-transport-security: max-age=43200000; includeSubDomains;
timing-allow-origin: *
vary: Accept-Encoding
x-nginx-request-id: 91fa55b77013e6b1
accept-ranges: bytes
X-Firefox-Spdy: h2
www.google.com/recaptcha/api2/aframe
142.250.74.164200 OK 513 B URL HTTP/2 www.google.com/recaptcha/api2/aframe
IP 142.250.74.164:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (783), with no line terminators
Hash d5cdeb58419e603a9f10987533a0255c
4d526b32a215b4cdaa53bed5037430788bb638bd
398366f22a1b6c0598f03f8c449c26a577298255d3f54d02695e76d7a332fa93
GET /recaptcha/api2/aframe HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://goo.su/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires: Tue, 31 Jan 2023 02:45:13 GMT
date: Tue, 31 Jan 2023 02:45:13 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'nonce-BJCnrfZypHOZJR2ifWRD6g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 513
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
yastatic.net/safeframe-bundles/0.83/1-1-0/render.html
178.154.131.216200 OK 6.3 kB URL HTTP/2 yastatic.net/safeframe-bundles/0.83/1-1-0/render.html
IP 178.154.131.216:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (23297)
Hash eb77de48712912aadc9aa8171ac75ede
f375e4ed6b585c4e30b2d56f4f41c3beed909349
437ee0c22002ccd77158d7a7018113f26384324158ab3cef65373007f29b1bcf
GET /safeframe-bundles/0.83/1-1-0/render.html HTTP/1.1
Host: yastatic.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://goo.su/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx/1.17.9
date: Tue, 31 Jan 2023 02:45:13 GMT
content-type: text/html
content-length: 6262
access-control-allow-origin: *
cache-control: public, max-age=946708560
content-encoding: br
etag: "eb77de48712912aadc9aa8171ac75ede"
expires: Thu, 30 Jan 2053 09:16:36 GMT
last-modified: Wed, 03 Nov 2021 13:42:58 GMT
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
strict-transport-security: max-age=43200000; includeSubDomains;
timing-allow-origin: *
vary: Accept-Encoding
x-robots-tag: noindex, noarchive, nofollow
accept-ranges: bytes
X-Firefox-Spdy: h2
ocsp.globalsign.com/gseccovsslca2018
104.18.20.226200 OK 940 B URL HTTP/1.1 ocsp.globalsign.com/gseccovsslca2018
IP 104.18.20.226:0
Hash dccc4d3b820e9cf4e63b6a672580ac77
8c3384f72a4e5000ec57b0f69dc1d07c0625a812
4893bca4026c81809805e6abd67a99dcce5ae4fe7b9cde43e0a613ddf3bebba7
POST /gseccovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 31 Jan 2023 02:45:13 GMT
Content-Type: application/ocsp-response
Content-Length: 940
Connection: keep-alive
Expires: Fri, 03 Feb 2023 22:21:08 GMT
ETag: "8c3384f72a4e5000ec57b0f69dc1d07c0625a812"
Last-Modified: Mon, 30 Jan 2023 22:21:09 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 2429
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 791f1c2658ca0b41-OSL
ocsp.globalsign.com/gsrsaovsslca2018
104.18.20.226200 OK 1.4 kB URL HTTP/1.1 ocsp.globalsign.com/gsrsaovsslca2018
IP 104.18.20.226:0
Hash 2f3f67b1d8eca3583f46181e2119c265
b9ef8aa202cd3a0e6980f5e4fb0f6e1dfbc03e5d
2b70fbb09e0eaa80f9993eb39a31dbdc721c7d1f6f894a0eb8b5e7e5e95d2011
POST /gsrsaovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 31 Jan 2023 02:45:13 GMT
Content-Type: application/ocsp-response
Content-Length: 1432
Connection: keep-alive
Expires: Fri, 03 Feb 2023 23:40:31 GMT
ETag: "b9ef8aa202cd3a0e6980f5e4fb0f6e1dfbc03e5d"
Last-Modified: Mon, 30 Jan 2023 23:40:32 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 1578
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 791f1c2688d30b41-OSL
ocsp.globalsign.com/gseccovsslca2018
104.18.20.226200 OK 938 B URL HTTP/1.1 ocsp.globalsign.com/gseccovsslca2018
IP 104.18.20.226:0
Hash 76c6e76ba1701526366645681045db0d
63a78f21eb4c795f5636123f880bad44969bb740
72bb9f1d27515ed5b542c8814f6865930ad9e1ce807fa338d5f5731aea673053
POST /gseccovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 31 Jan 2023 02:45:13 GMT
Content-Type: application/ocsp-response
Content-Length: 938
Connection: keep-alive
Expires: Fri, 03 Feb 2023 23:52:27 GMT
ETag: "63a78f21eb4c795f5636123f880bad44969bb740"
Last-Modified: Mon, 30 Jan 2023 23:52:28 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 1471
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 791f1c2698bcb50f-OSL
ocsp.globalsign.com/gsrsaovsslca2018
104.18.20.226200 OK 1.4 kB URL HTTP/1.1 ocsp.globalsign.com/gsrsaovsslca2018
IP 104.18.20.226:0
Hash 2f3f67b1d8eca3583f46181e2119c265
b9ef8aa202cd3a0e6980f5e4fb0f6e1dfbc03e5d
2b70fbb09e0eaa80f9993eb39a31dbdc721c7d1f6f894a0eb8b5e7e5e95d2011
POST /gsrsaovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 31 Jan 2023 02:45:13 GMT
Content-Type: application/ocsp-response
Content-Length: 1432
Connection: keep-alive
Expires: Fri, 03 Feb 2023 23:40:31 GMT
ETag: "b9ef8aa202cd3a0e6980f5e4fb0f6e1dfbc03e5d"
Last-Modified: Mon, 30 Jan 2023 23:40:32 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 1578
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 791f1c2688b10b59-OSL
ocsp.globalsign.com/gseccovsslca2018
104.18.20.226200 OK 938 B URL HTTP/1.1 ocsp.globalsign.com/gseccovsslca2018
IP 104.18.20.226:0
Hash 76c6e76ba1701526366645681045db0d
63a78f21eb4c795f5636123f880bad44969bb740
72bb9f1d27515ed5b542c8814f6865930ad9e1ce807fa338d5f5731aea673053
POST /gseccovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 31 Jan 2023 02:45:13 GMT
Content-Type: application/ocsp-response
Content-Length: 938
Connection: keep-alive
Expires: Fri, 03 Feb 2023 23:52:27 GMT
ETag: "63a78f21eb4c795f5636123f880bad44969bb740"
Last-Modified: Mon, 30 Jan 2023 23:52:28 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 1471
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 791f1c26a8d70b41-OSL
avatars.mds.yandex.net/get-direct/5260657/QUHG5Iie7j6-OtR7ExNzMQ/y150
87.250.247.181200 OK 6.5 kB URL HTTP/2 avatars.mds.yandex.net/get-direct/5260657/QUHG5Iie7j6-OtR7ExNzMQ/y150
IP 87.250.247.181:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 150x150, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 4307495f3f51f471948d5bf545c43f09
04c15cc682e4b9e981372e35cd58b37ff6afac01
d19cc83fd3ab6369726d9b14b083481a4fa902c5bc7031ee6dc8774da5e3688f
GET /get-direct/5260657/QUHG5Iie7j6-OtR7ExNzMQ/y150 HTTP/1.1
Host: avatars.mds.yandex.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://goo.su/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 31 Jan 2023 02:45:13 GMT
content-type: image/webp
content-length: 6484
access-control-allow-origin: *
access-control-allow-credentials: true
last-modified: Wed, 18 Jan 2023 23:53:58 GMT
cache-control: max-age=31536000,immutable
x-request-id: 80c624574063f3b0
nel: {"report_to": "network-errors", "max_age": 600, "success_fraction": 0.001, "failure_fraction": 0.01}
report-to: {"group": "network-errors", "max_age": 600, "endpoints": [ { "url": "https://dr.yandex.net/s3_nel?datacenter=SAS"}]}
X-Firefox-Spdy: h2
avatars.mds.yandex.net/get-direct/4936745/3OY2d4ZE407HJUNB-x6ldQ/y150
87.250.247.181200 OK 5.2 kB URL HTTP/2 avatars.mds.yandex.net/get-direct/4936745/3OY2d4ZE407HJUNB-x6ldQ/y150
IP 87.250.247.181:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 150x150, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 2ce0512b099cfcdca350c3e3e697c8ac
e21d4b6cef09b58c0641018b2f2e6b0b3201ae91
ae5aca8b2b32cf361fbb9902bb5be80d7f524ab4c1bbbd80431b37d93d9f0bd8
GET /get-direct/4936745/3OY2d4ZE407HJUNB-x6ldQ/y150 HTTP/1.1
Host: avatars.mds.yandex.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://goo.su/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 31 Jan 2023 02:45:13 GMT
content-type: image/webp
content-length: 5226
access-control-allow-origin: *
access-control-allow-credentials: true
last-modified: Tue, 01 Feb 2022 04:08:42 GMT
cache-control: max-age=31536000,immutable
x-request-id: edbb157bfa10aaa5
nel: {"report_to": "network-errors", "max_age": 600, "success_fraction": 0.001, "failure_fraction": 0.01}
report-to: {"group": "network-errors", "max_age": 600, "endpoints": [ { "url": "https://dr.yandex.net/s3_nel?datacenter=SAS"}]}
X-Firefox-Spdy: h2
an.yandex.ru/meta/1677322?target-ref=https%3A%2F%2Fgoo.su%2Fz2HvHzz&charset=utf-8&pcode-test-ids=657519%2C0%2C63%3B712232%2C0%2C28%3B711101%2C0%2C7%3B708840%2C0%2C24%3B709005%2C0%2C31%3B710490%2C0%2C17%3B711079%2C0%2C86%3B710387%2C0%2C5%3B710373%2C0%2C55%3B681843%2C0%2C54%3B711252%2C0%2C88&pcode-flags-map=eJytWNtu2zgQ%2FZWFn4uu7pe%2BURJlE9FtScqOWxSEm7iJF7ks0qSbTdF%2F3yEp25Kc0E12gSJ1HM3hcObMmRn9mJBpVVMsSsIYzkSGOBINoqhkIq%2BpmJMM14JUIq3LpJ58%2BPRj8n119bCefJisH%2F%2BavJvcr7%2Fdk3P41Y8tz%2FcnPz%2B%2Fm8wRExT%2F0WLGxbxEjchpXQqUsYE9py3uAwR26ESWAsAVSgo8Ohw%2B5KQiHIN%2F6Qmb1VwsCJ%2FVLRcIfOfM5F3g%2B0Hkvhr8%2F0BGRSEaWmdtytnhMa%2BDxgD5yrz0QGRe4MwFpEIUKMGFggKQBFUVpubsBK7rhX1fKrwQ7ASs4Z8ErFGGqWgKtBxBjR2KfCeOdw6RqkFTLBgn6clSZIRJ8ExFLZGpzfL6FL6mOOWC4aIYQOPTZggd2s4eumVDLytUNa35lrEdWt4OgM8oRAtTKsOUC9bSOV5CyCGJU0GYqIAmc1SQ7AioE%2FjRDhRlMvpLydsOide6TLqaMYKFVuhF4R6sKMDDuiqWommTgqQCNUSlFVLCOFS2Gc22Ld%2Fek4NrAmPKSF0NLCGwXhQPbV0IV6%2Fgy3qORV3AueQj3omILP1fv53tRp7WgLYiHaXUbcqmb3h%2F97DumXlO5MadGeScMcXqkc2Yhz0jGSuMK1EnDEOKR%2FS9WX25Wg8s3cCJdQ5ycgrSWYkZJtMZFxU3H%2Bn5bheyJaoyfCpoK7K6RKQySqsVOm6wOy%2Bh9Qk4C2eJKR1xb2xph34UPHugLDVOSWI0d2wr0OXwEVeOyFuoygXJQBhJCVVrtPVsr5NzZdtVtkhqKpNKUUZa9tsvIiyR9Fs7DJxfoKVRk33PDbs4Z7lkHmvqCojBSYmh7gamjmVZQ1vPcvWdm7TOsCxShiujUPueDzAdlaReUSy5uz1PSJkymnth6Byag%2BTAz4UsTGDnWxC2DoBItYNsudbz1gVGtBKlnAjmiBI0urczONS3rC7KDSU1JXwpkiW0JrxoamoOWBAGXe1tedFJfMqMzcMHgY56jAQRThHoMzSKNIUsMYNK%2BLHr2%2FbAVrGY7eaIBrSZVFMziOd3CpXWbcWBynzZYOGavQbN9nvpKWkKcWIkIQVEzXxcHAYvWoLyixRU%2F%2BTI6VuMsi040d1egMDmBDotkZfIUWqu5jhywrDnRwei5xBoYEA22foTGGtkxXBaF8WROcByPFezbkpR4pifBYpa%2B2dVi%2Bkb%2BLZjmZ5%2FpvJt%2FwWLLTlmWLUfijPMYEo2%2Bmf7TqCt5cBBcQ6aM4OZaEpSs13kdgKrZgFaygqiuNr2vYbixCzxAWi0Yw9KCXogBV5XUE0zDPmQss1SKjscY0YlCuzY9rQ%2FPSPUNPIqUygNs7Fjx%2F7Akxnh6ho9MAjmCa%2FNXrih4wzm3rQpRYkzggSAIE7mqsmbMWJ3uE2kTfqfMUajfYZzBBX1yqne860gGISJlYhyAeNRiyX4sST5QRDsNy09pI480zNrLcdeNaAKVhzxKrTDrhpTOXvXVcdClEuNIzlMc1gP%2BWY6hlEcxLtRLKcEYGA61fZEkekV9snJQakfWASx23G2Z%2FHa9TUIY88KdyjQBzOJUJpPjrzAHp%2BsSWY%2By3EsZ1xlcpb7peqIAs92t5oBIxEslnBVII1wHUvPaKon6HHrcLU7wAsj9%2FAWfGq%2BA6Qp2lvtJZ%2BJBtoJdFbYeee4HPfkyddv4v724exytHZZkTNeLrXsPpPHbjU%2FkhzYurrihRV%2BV6pq2azaMjkSFOiY3YivixN2yEZwqtrbsYYbxLHn6qNHjudFrVczfc0jIFFXkC%2BBKJ4Pg7t5FNerR3G53lxc3r8ARyop6Cc4QYmAfcLkBCzDUThQBS0sixkQtsdduQjrZbaFdqkWd5jmMGisUSxC2%2FK6uYhSoTsnb2EA1aKjAq30rZ3Oju6x3n7xVy85du9cQAUbBCQdIHSEHYJA1xmwUL1u2eEUsH%2FILIzf74x4eHZ%2FNXLNtuxxsdeHKj%2B2s6LtKiyvNG8QMczzNmwx1sA6tqx9j%2BjGtDdaywJHkOKZHHYJrLvT%2Fayn1nzMZd3vCWCm1BuwXwGYtHkOWLhsYDwuAPGZ%2B%2FqGy3b2SkbfErACfVyqPinU%2Bti3%2BjH5ur4%2FuyxXdxebm24Avb79srlas7PV1ebmYvLB%2BTkqj25L6k8IsE2KpJABkozsH%2FBpcr3aXL2%2Fe4D4%2FLO6OV8%2FwuffN9eri%2FW3wVcXq2v1zfnT%2BkY%2Fvvq%2Bub%2FVH6%2Ff9345v9l030rkHQJ8cbd6urp9uuz%2B%2FHSn%2F3%2B4W72%2FWf%2F97eCBP1e31xtl%2Bvn5K4LOp1gH7ZkWelhVVhgfNEE5CW3nddkNj4iPq96k%2FfwXUy3EsQ%3D%3D&pcode-icookie=H6bNVUtThkp29lGCzyMQCLo0gRhnxk4NNfvFDFet5UibTj9vKFUI0l7UJEUWGGhni585KWvmW53iu5Zey2lxNmclapM%3D&imp-id=1&enable-flat-highlight=1&comboblock-unencoded-vast=1&test-tag=205058918580226&ad-session-id=8231961675133127528&target-id=39153815&tga-with-creatives=1&top-ancestor=https%3A%2F%2Fgoo.su&top-ancestor-undetermined=0&pcode-version=713077&pcodever=713077&flash-ver=0&available-width=145&layout-config=%7B%22win_width%22%3A1280%2C%22win_height%22%3A939%2C%22pixel_ratio%22%3A1%2C%22bandwidth%22%3A-1%2C%22isInIframe%22%3Afalse%2C%22w%22%3A1268%2C%22h%22%3A939%2C%22width%22%3A145%2C%22height%22%3A0%2C%22visible%22%3A1%2C%22fullscreenHeaderHeight%22%3A80%2C%22left%22%3A561%2C%22top%22%3A129%2C%22ad_no%22%3A0%2C%22darkTheme%22%3Afalse%2C%22req_no%22%3A0%7D&grab-orig-len=384&grab=eyJncmFiX3ZlcnNpb24iOjIsImlzX2FzeW5jIjoxLCJvbGRfZ3JhYl9zaXplIjo1Nn0Kgq6-kTvf80MM9dSIvWpXyDVKKJWAv3dMTrXf_RCJBARtWiSSJVXo23A4YeY8-OPWXpz1OEmSuvgwzkkG-114gvShwyVzD5l2vhdm6JALc4nLZXbCZcKiVHWVqsa84yBy4RbzMSRjYGW68Y3mfg49jQ8pQjU4-GfElzUpMZeUi6GSR07MWczGaz7RJ-eusvVSybEuT2SxZq26n1jNhkO3eH7OPuXMzjrf7LHPYkNozC2OGZnIHp3eeOAfQUXZfOVfixc0G7Xen9VvXcBDK1MqM2lNyB1g7Gi_ApI2EAhEZASpR2QA2yhMVBSQgv8%3D&uniformat=true&callback=Ya%5B7619374896379%5D
87.250.250.90200 OK 35 kB URL HTTP/2 an.yandex.ru/meta/1677322?target-ref=https%3A%2F%2Fgoo.su%2Fz2HvHzz&charset=utf-8&pcode-test-ids=657519%2C0%2C63%3B712232%2C0%2C28%3B711101%2C0%2C7%3B708840%2C0%2C24%3B709005%2C0%2C31%3B710490%2C0%2C17%3B711079%2C0%2C86%3B710387%2C0%2C5%3B710373%2C0%2C55%3B681843%2C0%2C54%3B711252%2C0%2C88&pcode-flags-map=eJytWNtu2zgQ%2FZWFn4uu7pe%2BURJlE9FtScqOWxSEm7iJF7ks0qSbTdF%2F3yEp25Kc0E12gSJ1HM3hcObMmRn9mJBpVVMsSsIYzkSGOBINoqhkIq%2BpmJMM14JUIq3LpJ58%2BPRj8n119bCefJisH%2F%2BavJvcr7%2Fdk3P41Y8tz%2FcnPz%2B%2Fm8wRExT%2F0WLGxbxEjchpXQqUsYE9py3uAwR26ESWAsAVSgo8Ohw%2B5KQiHIN%2F6Qmb1VwsCJ%2FVLRcIfOfM5F3g%2B0Hkvhr8%2F0BGRSEaWmdtytnhMa%2BDxgD5yrz0QGRe4MwFpEIUKMGFggKQBFUVpubsBK7rhX1fKrwQ7ASs4Z8ErFGGqWgKtBxBjR2KfCeOdw6RqkFTLBgn6clSZIRJ8ExFLZGpzfL6FL6mOOWC4aIYQOPTZggd2s4eumVDLytUNa35lrEdWt4OgM8oRAtTKsOUC9bSOV5CyCGJU0GYqIAmc1SQ7AioE%2FjRDhRlMvpLydsOide6TLqaMYKFVuhF4R6sKMDDuiqWommTgqQCNUSlFVLCOFS2Gc22Ld%2Fek4NrAmPKSF0NLCGwXhQPbV0IV6%2Fgy3qORV3AueQj3omILP1fv53tRp7WgLYiHaXUbcqmb3h%2F97DumXlO5MadGeScMcXqkc2Yhz0jGSuMK1EnDEOKR%2FS9WX25Wg8s3cCJdQ5ycgrSWYkZJtMZFxU3H%2Bn5bheyJaoyfCpoK7K6RKQySqsVOm6wOy%2Bh9Qk4C2eJKR1xb2xph34UPHugLDVOSWI0d2wr0OXwEVeOyFuoygXJQBhJCVVrtPVsr5NzZdtVtkhqKpNKUUZa9tsvIiyR9Fs7DJxfoKVRk33PDbs4Z7lkHmvqCojBSYmh7gamjmVZQ1vPcvWdm7TOsCxShiujUPueDzAdlaReUSy5uz1PSJkymnth6Byag%2BTAz4UsTGDnWxC2DoBItYNsudbz1gVGtBKlnAjmiBI0urczONS3rC7KDSU1JXwpkiW0JrxoamoOWBAGXe1tedFJfMqMzcMHgY56jAQRThHoMzSKNIUsMYNK%2BLHr2%2FbAVrGY7eaIBrSZVFMziOd3CpXWbcWBynzZYOGavQbN9nvpKWkKcWIkIQVEzXxcHAYvWoLyixRU%2F%2BTI6VuMsi040d1egMDmBDotkZfIUWqu5jhywrDnRwei5xBoYEA22foTGGtkxXBaF8WROcByPFezbkpR4pifBYpa%2B2dVi%2Bkb%2BLZjmZ5%2FpvJt%2FwWLLTlmWLUfijPMYEo2%2Bmf7TqCt5cBBcQ6aM4OZaEpSs13kdgKrZgFaygqiuNr2vYbixCzxAWi0Yw9KCXogBV5XUE0zDPmQss1SKjscY0YlCuzY9rQ%2FPSPUNPIqUygNs7Fjx%2F7Akxnh6ho9MAjmCa%2FNXrih4wzm3rQpRYkzggSAIE7mqsmbMWJ3uE2kTfqfMUajfYZzBBX1yqne860gGISJlYhyAeNRiyX4sST5QRDsNy09pI480zNrLcdeNaAKVhzxKrTDrhpTOXvXVcdClEuNIzlMc1gP%2BWY6hlEcxLtRLKcEYGA61fZEkekV9snJQakfWASx23G2Z%2FHa9TUIY88KdyjQBzOJUJpPjrzAHp%2BsSWY%2By3EsZ1xlcpb7peqIAs92t5oBIxEslnBVII1wHUvPaKon6HHrcLU7wAsj9%2FAWfGq%2BA6Qp2lvtJZ%2BJBtoJdFbYeee4HPfkyddv4v724exytHZZkTNeLrXsPpPHbjU%2FkhzYurrihRV%2BV6pq2azaMjkSFOiY3YivixN2yEZwqtrbsYYbxLHn6qNHjudFrVczfc0jIFFXkC%2BBKJ4Pg7t5FNerR3G53lxc3r8ARyop6Cc4QYmAfcLkBCzDUThQBS0sixkQtsdduQjrZbaFdqkWd5jmMGisUSxC2%2FK6uYhSoTsnb2EA1aKjAq30rZ3Oju6x3n7xVy85du9cQAUbBCQdIHSEHYJA1xmwUL1u2eEUsH%2FILIzf74x4eHZ%2FNXLNtuxxsdeHKj%2B2s6LtKiyvNG8QMczzNmwx1sA6tqx9j%2BjGtDdaywJHkOKZHHYJrLvT%2Fayn1nzMZd3vCWCm1BuwXwGYtHkOWLhsYDwuAPGZ%2B%2FqGy3b2SkbfErACfVyqPinU%2Bti3%2BjH5ur4%2FuyxXdxebm24Avb79srlas7PV1ebmYvLB%2BTkqj25L6k8IsE2KpJABkozsH%2FBpcr3aXL2%2Fe4D4%2FLO6OV8%2FwuffN9eri%2FW3wVcXq2v1zfnT%2BkY%2Fvvq%2Bub%2FVH6%2Ff9345v9l030rkHQJ8cbd6urp9uuz%2B%2FHSn%2F3%2B4W72%2FWf%2F97eCBP1e31xtl%2Bvn5K4LOp1gH7ZkWelhVVhgfNEE5CW3nddkNj4iPq96k%2FfwXUy3EsQ%3D%3D&pcode-icookie=H6bNVUtThkp29lGCzyMQCLo0gRhnxk4NNfvFDFet5UibTj9vKFUI0l7UJEUWGGhni585KWvmW53iu5Zey2lxNmclapM%3D&imp-id=1&enable-flat-highlight=1&comboblock-unencoded-vast=1&test-tag=205058918580226&ad-session-id=8231961675133127528&target-id=39153815&tga-with-creatives=1&top-ancestor=https%3A%2F%2Fgoo.su&top-ancestor-undetermined=0&pcode-version=713077&pcodever=713077&flash-ver=0&available-width=145&layout-config=%7B%22win_width%22%3A1280%2C%22win_height%22%3A939%2C%22pixel_ratio%22%3A1%2C%22bandwidth%22%3A-1%2C%22isInIframe%22%3Afalse%2C%22w%22%3A1268%2C%22h%22%3A939%2C%22width%22%3A145%2C%22height%22%3A0%2C%22visible%22%3A1%2C%22fullscreenHeaderHeight%22%3A80%2C%22left%22%3A561%2C%22top%22%3A129%2C%22ad_no%22%3A0%2C%22darkTheme%22%3Afalse%2C%22req_no%22%3A0%7D&grab-orig-len=384&grab=eyJncmFiX3ZlcnNpb24iOjIsImlzX2FzeW5jIjoxLCJvbGRfZ3JhYl9zaXplIjo1Nn0Kgq6-kTvf80MM9dSIvWpXyDVKKJWAv3dMTrXf_RCJBARtWiSSJVXo23A4YeY8-OPWXpz1OEmSuvgwzkkG-114gvShwyVzD5l2vhdm6JALc4nLZXbCZcKiVHWVqsa84yBy4RbzMSRjYGW68Y3mfg49jQ8pQjU4-GfElzUpMZeUi6GSR07MWczGaz7RJ-eusvVSybEuT2SxZq26n1jNhkO3eH7OPuXMzjrf7LHPYkNozC2OGZnIHp3eeOAfQUXZfOVfixc0G7Xen9VvXcBDK1MqM2lNyB1g7Gi_ApI2EAhEZASpR2QA2yhMVBSQgv8%3D&uniformat=true&callback=Ya%5B7619374896379%5D
IP 87.250.250.90:0
Hash 518fba644d1602451c4e260c8de81abe
959a648a3479d7484c3aa79f58bbc26acae01956
eb7d7ef5ae989a96a9da81e4dee2f003c38fd3464c662bcd9eb1a6657ab46180
GET /meta/1677322?target-ref=https%3A%2F%2Fgoo.su%2Fz2HvHzz&charset=utf-8&pcode-test-ids=657519%2C0%2C63%3B712232%2C0%2C28%3B711101%2C0%2C7%3B708840%2C0%2C24%3B709005%2C0%2C31%3B710490%2C0%2C17%3B711079%2C0%2C86%3B710387%2C0%2C5%3B710373%2C0%2C55%3B681843%2C0%2C54%3B711252%2C0%2C88&pcode-flags-map=eJytWNtu2zgQ%2FZWFn4uu7pe%2BURJlE9FtScqOWxSEm7iJF7ks0qSbTdF%2F3yEp25Kc0E12gSJ1HM3hcObMmRn9mJBpVVMsSsIYzkSGOBINoqhkIq%2BpmJMM14JUIq3LpJ58%2BPRj8n119bCefJisH%2F%2BavJvcr7%2Fdk3P41Y8tz%2FcnPz%2B%2Fm8wRExT%2F0WLGxbxEjchpXQqUsYE9py3uAwR26ESWAsAVSgo8Ohw%2B5KQiHIN%2F6Qmb1VwsCJ%2FVLRcIfOfM5F3g%2B0Hkvhr8%2F0BGRSEaWmdtytnhMa%2BDxgD5yrz0QGRe4MwFpEIUKMGFggKQBFUVpubsBK7rhX1fKrwQ7ASs4Z8ErFGGqWgKtBxBjR2KfCeOdw6RqkFTLBgn6clSZIRJ8ExFLZGpzfL6FL6mOOWC4aIYQOPTZggd2s4eumVDLytUNa35lrEdWt4OgM8oRAtTKsOUC9bSOV5CyCGJU0GYqIAmc1SQ7AioE%2FjRDhRlMvpLydsOide6TLqaMYKFVuhF4R6sKMDDuiqWommTgqQCNUSlFVLCOFS2Gc22Ld%2Fek4NrAmPKSF0NLCGwXhQPbV0IV6%2Fgy3qORV3AueQj3omILP1fv53tRp7WgLYiHaXUbcqmb3h%2F97DumXlO5MadGeScMcXqkc2Yhz0jGSuMK1EnDEOKR%2FS9WX25Wg8s3cCJdQ5ycgrSWYkZJtMZFxU3H%2Bn5bheyJaoyfCpoK7K6RKQySqsVOm6wOy%2Bh9Qk4C2eJKR1xb2xph34UPHugLDVOSWI0d2wr0OXwEVeOyFuoygXJQBhJCVVrtPVsr5NzZdtVtkhqKpNKUUZa9tsvIiyR9Fs7DJxfoKVRk33PDbs4Z7lkHmvqCojBSYmh7gamjmVZQ1vPcvWdm7TOsCxShiujUPueDzAdlaReUSy5uz1PSJkymnth6Byag%2BTAz4UsTGDnWxC2DoBItYNsudbz1gVGtBKlnAjmiBI0urczONS3rC7KDSU1JXwpkiW0JrxoamoOWBAGXe1tedFJfMqMzcMHgY56jAQRThHoMzSKNIUsMYNK%2BLHr2%2FbAVrGY7eaIBrSZVFMziOd3CpXWbcWBynzZYOGavQbN9nvpKWkKcWIkIQVEzXxcHAYvWoLyixRU%2F%2BTI6VuMsi040d1egMDmBDotkZfIUWqu5jhywrDnRwei5xBoYEA22foTGGtkxXBaF8WROcByPFezbkpR4pifBYpa%2B2dVi%2Bkb%2BLZjmZ5%2FpvJt%2FwWLLTlmWLUfijPMYEo2%2Bmf7TqCt5cBBcQ6aM4OZaEpSs13kdgKrZgFaygqiuNr2vYbixCzxAWi0Yw9KCXogBV5XUE0zDPmQss1SKjscY0YlCuzY9rQ%2FPSPUNPIqUygNs7Fjx%2F7Akxnh6ho9MAjmCa%2FNXrih4wzm3rQpRYkzggSAIE7mqsmbMWJ3uE2kTfqfMUajfYZzBBX1yqne860gGISJlYhyAeNRiyX4sST5QRDsNy09pI480zNrLcdeNaAKVhzxKrTDrhpTOXvXVcdClEuNIzlMc1gP%2BWY6hlEcxLtRLKcEYGA61fZEkekV9snJQakfWASx23G2Z%2FHa9TUIY88KdyjQBzOJUJpPjrzAHp%2BsSWY%2By3EsZ1xlcpb7peqIAs92t5oBIxEslnBVII1wHUvPaKon6HHrcLU7wAsj9%2FAWfGq%2BA6Qp2lvtJZ%2BJBtoJdFbYeee4HPfkyddv4v724exytHZZkTNeLrXsPpPHbjU%2FkhzYurrihRV%2BV6pq2azaMjkSFOiY3YivixN2yEZwqtrbsYYbxLHn6qNHjudFrVczfc0jIFFXkC%2BBKJ4Pg7t5FNerR3G53lxc3r8ARyop6Cc4QYmAfcLkBCzDUThQBS0sixkQtsdduQjrZbaFdqkWd5jmMGisUSxC2%2FK6uYhSoTsnb2EA1aKjAq30rZ3Oju6x3n7xVy85du9cQAUbBCQdIHSEHYJA1xmwUL1u2eEUsH%2FILIzf74x4eHZ%2FNXLNtuxxsdeHKj%2B2s6LtKiyvNG8QMczzNmwx1sA6tqx9j%2BjGtDdaywJHkOKZHHYJrLvT%2Fayn1nzMZd3vCWCm1BuwXwGYtHkOWLhsYDwuAPGZ%2B%2FqGy3b2SkbfErACfVyqPinU%2Bti3%2BjH5ur4%2FuyxXdxebm24Avb79srlas7PV1ebmYvLB%2BTkqj25L6k8IsE2KpJABkozsH%2FBpcr3aXL2%2Fe4D4%2FLO6OV8%2FwuffN9eri%2FW3wVcXq2v1zfnT%2BkY%2Fvvq%2Bub%2FVH6%2Ff9345v9l030rkHQJ8cbd6urp9uuz%2B%2FHSn%2F3%2B4W72%2FWf%2F97eCBP1e31xtl%2Bvn5K4LOp1gH7ZkWelhVVhgfNEE5CW3nddkNj4iPq96k%2FfwXUy3EsQ%3D%3D&pcode-icookie=H6bNVUtThkp29lGCzyMQCLo0gRhnxk4NNfvFDFet5UibTj9vKFUI0l7UJEUWGGhni585KWvmW53iu5Zey2lxNmclapM%3D&imp-id=1&enable-flat-highlight=1&comboblock-unencoded-vast=1&test-tag=205058918580226&ad-session-id=8231961675133127528&target-id=39153815&tga-with-creatives=1&top-ancestor=https%3A%2F%2Fgoo.su&top-ancestor-undetermined=0&pcode-version=713077&pcodever=713077&flash-ver=0&available-width=145&layout-config=%7B%22win_width%22%3A1280%2C%22win_height%22%3A939%2C%22pixel_ratio%22%3A1%2C%22bandwidth%22%3A-1%2C%22isInIframe%22%3Afalse%2C%22w%22%3A1268%2C%22h%22%3A939%2C%22width%22%3A145%2C%22height%22%3A0%2C%22visible%22%3A1%2C%22fullscreenHeaderHeight%22%3A80%2C%22left%22%3A561%2C%22top%22%3A129%2C%22ad_no%22%3A0%2C%22darkTheme%22%3Afalse%2C%22req_no%22%3A0%7D&grab-orig-len=384&grab=eyJncmFiX3ZlcnNpb24iOjIsImlzX2FzeW5jIjoxLCJvbGRfZ3JhYl9zaXplIjo1Nn0Kgq6-kTvf80MM9dSIvWpXyDVKKJWAv3dMTrXf_RCJBARtWiSSJVXo23A4YeY8-OPWXpz1OEmSuvgwzkkG-114gvShwyVzD5l2vhdm6JALc4nLZXbCZcKiVHWVqsa84yBy4RbzMSRjYGW68Y3mfg49jQ8pQjU4-GfElzUpMZeUi6GSR07MWczGaz7RJ-eusvVSybEuT2SxZq26n1jNhkO3eH7OPuXMzjrf7LHPYkNozC2OGZnIHp3eeOAfQUXZfOVfixc0G7Xen9VvXcBDK1MqM2lNyB1g7Gi_ApI2EAhEZASpR2QA2yhMVBSQgv8%3D&uniformat=true&callback=Ya%5B7619374896379%5D HTTP/1.1
Host: an.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Origin: https://goo.su
Connection: keep-alive
Referer: https://goo.su/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
uniformat: true
uniformat-product-type: Direct
content-encoding: gzip
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
access-control-allow-origin: https://goo.su
x-xss-protection: 1; mode=block
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
x-yandex-req-id: 1675133112954313-1271783898118600198100104-production-app-host-sas-pcode-45
last-modified: Tue, 31 Jan 2023 02:45:13 GMT
date: Tue, 31 Jan 2023 02:45:13 GMT
set-cookie: yabs-vdrf=A0; domain=an.yandex.ru; path=/; expires=Tue, 07-Feb-2023 02:45:12 GMT
i=jne9htSXeEyPASL3CjZNeQoIe753fLFRi6Tub+r/Jkb6VPpd3TMSrJXvfWdqSwz4WCyFl9bj/fp49dg9hiVRt18iabk=; Expires=Thu, 30-Jan-2025 02:45:12 GMT; Domain=.yandex.ru; Path=/; Secure; HttpOnly; SameSite=None
content-type: application/json
pragma: no-cache
access-control-allow-credentials: true
timing-allow-origin: *
ssr: true
strict-transport-security: max-age=31536000
expires: Tue, 31 Jan 2023 02:45:13 GMT
X-Firefox-Spdy: h2
favicon.yandex.net/favicon/turkeyimportdata.com?size=120&stub=2
93.158.134.36200 Ok 8.5 kB URL HTTP/1.1 favicon.yandex.net/favicon/turkeyimportdata.com?size=120&stub=2
IP 93.158.134.36:0
File type PNG image data, 120 x 120, 8-bit/color RGBA, non-interlaced\012- data
Hash c713fc387b7a424e581fa74aa0e69c4e
934c43b5735b8981869d27fe4c89baff2564ac20
f4b600dfed741bfefd1ea5ddc6a8fa5e5893edc0f2fae75315b48148c39a4503
GET /favicon/turkeyimportdata.com?size=120&stub=2 HTTP/1.1
Host: favicon.yandex.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://goo.su/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 Ok
Cache-Control: max-age=691200
Content-Type: image/png
Transfer-Encoding: chunked
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
access-control-allow-origin: *
mc.yandex.ru/metrika/watch.js
93.158.134.119200 OK 58 kB URL HTTP/2 mc.yandex.ru/metrika/watch.js
IP 93.158.134.119:0
File type Unicode text, UTF-8 (with BOM) text, with very long lines (554)
Hash 315a601116a9b3b0fbc85feb58375ba4
5d283ed923d0b3beb8a2ec4e80c2958d1d132fbf
251ba0fc04953e3615e7c19a9a10c5d6a4f25cc03bef190f8a5e7c6cd72a991a
GET /metrika/watch.js HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://goo.su
Connection: keep-alive
Referer: https://goo.su/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-length: 58140
date: Tue, 31 Jan 2023 02:45:13 GMT
access-control-allow-origin: *
etag: "63c93a4b-e31c"
expires: Tue, 31 Jan 2023 03:45:13 GMT
last-modified: Thu, 19 Jan 2023 15:40:43 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cache-control: max-age=3600
content-type: application/javascript
content-encoding: br
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
favicon.yandex.net/favicon/coddyschool.com?size=120&stub=2
93.158.134.36200 Ok 4.2 kB URL HTTP/1.1 favicon.yandex.net/favicon/coddyschool.com?size=120&stub=2
IP 93.158.134.36:0
File type PNG image data, 120 x 120, 8-bit/color RGBA, non-interlaced\012- data
Hash fc83f1fc2d4deb8597e9c954b53b5277
324ad167a2630c3ff97c3e71702c38d923a4539f
4b307d56f3dc06c64c62aeff0e608d98c85a6367b20c33d292a0ec32791521cf
GET /favicon/coddyschool.com?size=120&stub=2 HTTP/1.1
Host: favicon.yandex.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://goo.su/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 Ok
Cache-Control: max-age=691200
Content-Type: image/png
Transfer-Encoding: chunked
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
access-control-allow-origin: *
avatars.mds.yandex.net/get-direct/5234214/5D8RkzgjJq0K4Zd-8qpugw/x300
87.250.247.181200 OK 14 kB URL HTTP/2 avatars.mds.yandex.net/get-direct/5234214/5D8RkzgjJq0K4Zd-8qpugw/x300
IP 87.250.247.181:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 300x225, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash cff8e3eccc3e833430060e8808b7478d
2eb3dc6c44248d06fac6b0566f5e769ae28a5138
31b71a0278719060466d0cce35d872eb4f09977db27409e4bb0d2a91b100e804
GET /get-direct/5234214/5D8RkzgjJq0K4Zd-8qpugw/x300 HTTP/1.1
Host: avatars.mds.yandex.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://goo.su/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 31 Jan 2023 02:45:13 GMT
content-type: image/webp
content-length: 13830
access-control-allow-origin: *
access-control-allow-credentials: true
last-modified: Wed, 12 Oct 2022 13:27:08 GMT
cache-control: max-age=31536000,immutable
x-request-id: 1878d55df2a63a83
nel: {"report_to": "network-errors", "max_age": 600, "success_fraction": 0.001, "failure_fraction": 0.01}
report-to: {"group": "network-errors", "max_age": 600, "endpoints": [ { "url": "https://dr.yandex.net/s3_nel?datacenter=SAS"}]}
X-Firefox-Spdy: h2
ocsp.globalsign.com/gseccovsslca2018
104.18.20.226200 OK 939 B URL HTTP/1.1 ocsp.globalsign.com/gseccovsslca2018
IP 104.18.20.226:0
Hash b8664e23a79136d9a40371413c899423
fc38502dfa170e834e522a797ad1d78be1031d70
6e73c71490feabff62efb0962d15785a570b82ad4f157cecf8bf6c782109dc81
POST /gseccovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 31 Jan 2023 02:45:13 GMT
Content-Type: application/ocsp-response
Content-Length: 939
Connection: keep-alive
Expires: Sat, 04 Feb 2023 01:39:10 GMT
ETag: "fc38502dfa170e834e522a797ad1d78be1031d70"
Last-Modified: Tue, 31 Jan 2023 01:39:11 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 446
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 791f1c28190f0b59-OSL
ysa-static.passport.yandex.ru/static/1/d959d7e39d5067fad30d9c06204866e9/d.png?ex=yes
87.250.250.114200 Ok 95 B URL HTTP/1.1 ysa-static.passport.yandex.ru/static/1/d959d7e39d5067fad30d9c06204866e9/d.png?ex=yes
IP 87.250.250.114:0
File type PNG image data, 1 x 1, 1-bit colormap, non-interlaced\012- data
Hash 60cf42b4d05caf10cf8bb15c0817a7b4
bd269860bb508aebcb6f08fe7289d5f117830383
18c327afa903633f86c3efcf12b77f098077eacaa8be101bb007846fd74f8b93
GET /static/1/d959d7e39d5067fad30d9c06204866e9/d.png?ex=yes HTTP/1.1
Host: ysa-static.passport.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://yastatic.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 Ok
Server: nginx/1.14.2
Date: Tue, 31 Jan 2023 02:45:13 GMT
Content-Type: image/png
Content-Length: 95
Connection: close
Cache-Control: private
Expires: Wed, 01 Feb 2023 02:45:13 GMT
X-RT-IQ: 0.0001
X-RT-IH: 0.0002
Strict-Transport-Security: max-age=315360000; includeSubDomains
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash dfb84426fed94988d5c90372baff059c
f1c4740830034ff8a5759d59ae3f657ea524d083
d97efec67504b084ca6ff9e2af973b45b916f90aa021603e3615806bb2737b6a
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D97EFEC67504B084CA6FF9E2AF973B45B916F90AA021603E3615806BB2737B6A"
Last-Modified: Sun, 29 Jan 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2763
Expires: Tue, 31 Jan 2023 03:31:16 GMT
Date: Tue, 31 Jan 2023 02:45:13 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash dfb84426fed94988d5c90372baff059c
f1c4740830034ff8a5759d59ae3f657ea524d083
d97efec67504b084ca6ff9e2af973b45b916f90aa021603e3615806bb2737b6a
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D97EFEC67504B084CA6FF9E2AF973B45B916F90AA021603E3615806BB2737B6A"
Last-Modified: Sun, 29 Jan 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2763
Expires: Tue, 31 Jan 2023 03:31:16 GMT
Date: Tue, 31 Jan 2023 02:45:13 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc569de21-1642-45cb-a849-06e0eb6ce398.jpeg
34.120.237.76200 OK 6.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc569de21-1642-45cb-a849-06e0eb6ce398.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 932f9938c0cf6a0073ade7aa5fbe63ee
10b2c53728e16614bc96fbce22e98a135e8fdc16
25c6402614ad4f04d35ea2512b613a5c239609ce03886a22b1a89d62ddf344f1
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc569de21-1642-45cb-a849-06e0eb6ce398.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6660
x-amzn-requestid: d1b88b8f-d5c5-4da3-b93a-ade94338e746
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fRa8DFMaIAMF2Sw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d071e6-1fa8a996195c9b3406399769;Sampled=0
x-amzn-remapped-date: Wed, 25 Jan 2023 00:03:50 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: HkhlfofiCFusEluIswICaWL-lR_nnmhszPSRTqZL_tRixYUUqlUZ_g==
via: 1.1 01c28b52813cd0e82f810c492808b142.cloudfront.net (CloudFront), 1.1 d8792dbd3191bbe722eba5b536b979c8.cloudfront.net (CloudFront), 1.1 google
date: Mon, 30 Jan 2023 21:49:14 GMT
age: 17759
etag: "10b2c53728e16614bc96fbce22e98a135e8fdc16"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
an.yandex.ru/event_confirmation
87.250.250.90200 OK 5.9 kB URL HTTP/2 an.yandex.ru/event_confirmation
IP 87.250.250.90:0
Hash b45fe845f7a7b5c1c402ac1d08813e22
fcbe8f1bbcdf4463d7c5ecb1240087a4dbbb58bf
f16568bef5c9a9d31077f9035c29e590ef7548c4944ad44ef046a82a8374207f
POST /event_confirmation HTTP/1.1
Host: an.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Content-Length: 321
Origin: https://goo.su
Connection: keep-alive
Referer: https://goo.su/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
timing-allow-origin: *
date: Tue, 31 Jan 2023 02:45:13 GMT
access-control-allow-origin: https://goo.su
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Tue, 31 Jan 2023 02:45:13 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
last-modified: Tue, 31 Jan 2023 02:45:13 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-encoding: gzip
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F003f28f8-6845-4b0d-8d8d-11c9deea4eaf.jpeg
34.120.237.76200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F003f28f8-6845-4b0d-8d8d-11c9deea4eaf.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 2c4934be94898028e2ab696561b51462
6cf734e2d29938688913daacfb75506d8e004a94
239adcbb538b7a6d1483c65c7694d4a9f9fa9cadf456ab5681c4b764185e3596
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F003f28f8-6845-4b0d-8d8d-11c9deea4eaf.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9987
x-amzn-requestid: 67109f87-6073-4991-b540-cdeedc2d7b3c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: flYlPF9uIAMFXMg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d86e21-60ac2c7b37c72e6e54a5c69d;Sampled=0
x-amzn-remapped-date: Tue, 31 Jan 2023 01:25:53 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: Gif_csWkacU59D_hnOrJpK6u2aPI8Ylf2JyQEJZ2RLNMCrXSmmMa9w==
via: 1.1 c7c3cdef911c9ee3c1a83a78f425dc5a.cloudfront.net (CloudFront), 1.1 9046e5a276a05e60ee34c8475e92b8e6.cloudfront.net (CloudFront), 1.1 google
date: Tue, 31 Jan 2023 01:56:35 GMT
age: 2918
etag: "6cf734e2d29938688913daacfb75506d8e004a94"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F43ae4cd9-2533-48ae-8086-f8fea8a4e269.jpeg
34.120.237.76200 OK 6.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F43ae4cd9-2533-48ae-8086-f8fea8a4e269.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 976dda397f9292a498ca9db5599c0378
dad9e9c3462907a2475046aee36d57f8309cd44e
7ed9ccf2ff75ca53f5ba56a1d2127e0f09b0ae941cad8b042e8df01ad01e614b
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F43ae4cd9-2533-48ae-8086-f8fea8a4e269.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6844
x-amzn-requestid: 0542cf46-5045-459f-a35f-f6c0d3f5f7b7
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: flZsxH0YIAMF9ew=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d86feb-692d50f710a131df2ee49aa8;Sampled=0
x-amzn-remapped-date: Tue, 31 Jan 2023 01:33:31 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: oLMUuQVwUyKMuYAvTkA4wlVDb3-kZjStTJFfUZRb7JwKcK11waY0kQ==
via: 1.1 5a1753718d8b33365e5f693dd338c510.cloudfront.net (CloudFront), 1.1 64f86ae1c24221f3a2e4d653d6dbc416.cloudfront.net (CloudFront), 1.1 google
date: Tue, 31 Jan 2023 01:42:39 GMT
age: 3754
etag: "dad9e9c3462907a2475046aee36d57f8309cd44e"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
st.top100.ru/top100/3.13.6/usability.js
81.19.89.16200 OK 15 kB URL HTTP/2 st.top100.ru/top100/3.13.6/usability.js
IP 81.19.89.16:0
ASN #24638 Rambler Internet Holding LLC
Hash c9f956e746265e1c433b420c3509e2b3
36ccfeca9b5de055a14cc9d7fd01a115597b9393
0b6304d07b2dd83b6eb4cda2ef91ac3feffa2618caa0e9f17f84fc9c6d67179e
GET /top100/3.13.6/usability.js HTTP/1.1
Host: st.top100.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://goo.su/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx/1.19.4
date: Tue, 31 Jan 2023 02:45:12 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Mon, 30 Jan 2023 10:42:42 GMT
x-rgw-object-type: Normal
etag: W/"e8cd7191520320c30825c4c7c12b0d42"
x-amz-request-id: tx00000000000021eb6b5a6-0063d8809c-f85be6-default
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
set-cookie: proto_uid=1CIAALiA2GOIHNF7AWLSWgB=; expires=Thu, 31-Dec-37 23:55:55 GMT; domain=.rambler.ru; path=/
p3p: CP="NON DSP NID ADMa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
content-encoding: gzip
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F46e30ba8-4b02-4bad-8cbf-1a128aa4376f.jpeg
34.120.237.76200 OK 9.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F46e30ba8-4b02-4bad-8cbf-1a128aa4376f.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 3366ef4f8733cb9c89a5c88f63a0a441
7da46843b6d885f38a4759a08e6c899906ab7b97
7114397ee5c251cc5cb46f3433c2cc17ff68a08e0872e227671198e9b61eba0a
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F46e30ba8-4b02-4bad-8cbf-1a128aa4376f.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9600
x-amzn-requestid: 48094e1a-d550-4a91-b87c-4a08505f7cce
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fVsWcFN7IAMF2pg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d2275c-5ced593a7e2126c9494563df;Sampled=0
x-amzn-remapped-date: Thu, 26 Jan 2023 07:10:20 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: aZOeDFqBJQoGwLpIs-GpPvY0FKGCAOXY6MgzG32qzX-kVzUCKKv-kw==
via: 1.1 5ab5dc09da67e3ea794ec8a82992cc88.cloudfront.net (CloudFront), 1.1 57a21088b36c69a83578b5a5579df58e.cloudfront.net (CloudFront), 1.1 google
date: Tue, 31 Jan 2023 00:33:02 GMT
age: 7931
etag: "7da46843b6d885f38a4759a08e6c899906ab7b97"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
mc.yandex.ru/watch/1677322/1?wmode=7&page-url=https%3A%2F%2Fgoo.su%2Fz2HvHzz&nohit=1&charset=utf-8&cnt-class=1&browser-info=pv%3A1%3Avf%3A3kqlg6e9sjiwxr6f2njdv%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A960%3Acn%3A1%3Adp%3A0%3Als%3A1196976593889%3Ahid%3A179404058%3Az%3A0%3Ai%3A20230131024528%3Aet%3A1675133128%3Ac%3A1%3Arn%3A498930657%3Au%3A1675133128109377745%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Aco%3A0%3Ans%3A1675133125830%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1675133128%3At%3ARedirecting...&t=gdpr%2814%29clc%280-0-0%29aw%281%29fip%281%29ti%282%29
93.158.134.119200 OK 236 B URL HTTP/2 mc.yandex.ru/watch/1677322/1?wmode=7&page-url=https%3A%2F%2Fgoo.su%2Fz2HvHzz&nohit=1&charset=utf-8&cnt-class=1&browser-info=pv%3A1%3Avf%3A3kqlg6e9sjiwxr6f2njdv%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A960%3Acn%3A1%3Adp%3A0%3Als%3A1196976593889%3Ahid%3A179404058%3Az%3A0%3Ai%3A20230131024528%3Aet%3A1675133128%3Ac%3A1%3Arn%3A498930657%3Au%3A1675133128109377745%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Aco%3A0%3Ans%3A1675133125830%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1675133128%3At%3ARedirecting...&t=gdpr%2814%29clc%280-0-0%29aw%281%29fip%281%29ti%282%29
IP 93.158.134.119:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 598c811038dc7c3a5970654b21ebbb4a
6677374648d1ee33999b9aa9ce2efad28fc28fff
e89edd219e34d28a6e1dbf90e77d18e81a9b26a0a857298f11c903e972f6c18e
GET /watch/1677322/1?wmode=7&page-url=https%3A%2F%2Fgoo.su%2Fz2HvHzz&nohit=1&charset=utf-8&cnt-class=1&browser-info=pv%3A1%3Avf%3A3kqlg6e9sjiwxr6f2njdv%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A960%3Acn%3A1%3Adp%3A0%3Als%3A1196976593889%3Ahid%3A179404058%3Az%3A0%3Ai%3A20230131024528%3Aet%3A1675133128%3Ac%3A1%3Arn%3A498930657%3Au%3A1675133128109377745%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Aco%3A0%3Ans%3A1675133125830%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1675133128%3At%3ARedirecting...&t=gdpr%2814%29clc%280-0-0%29aw%281%29fip%281%29ti%282%29 HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://goo.su
Referer: https://goo.su/
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 236
date: Tue, 31 Jan 2023 02:45:13 GMT
x-content-type-options: nosniff
access-control-allow-origin: https://goo.su
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Tue, 31-Jan-2023 02:45:13 GMT
last-modified: Tue, 31-Jan-2023 02:45:13 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: application/json; charset=utf-8
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
mc.yandex.ru/watch/1677322/1?page-url=https%3A%2F%2Fgoo.su%2Fz2HvHzz&charset=utf-8&cnt-class=1&hittoken=1675133113_153494e34851627e5c504690a57b6f9f633e700936f72fffcc8fc708927102ef&browser-info=pa%3A1%3Aar%3A1%3Avf%3A3kqlg6e9sjiwxr6f2njdv%3Afp%3A1100%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A960%3Acn%3A1%3Adp%3A0%3Als%3A1196976593889%3Ahid%3A179404058%3Az%3A0%3Ai%3A20230131024528%3Aet%3A1675133129%3Ac%3A1%3Arn%3A938656901%3Arqn%3A1%3Au%3A1675133128109377745%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Ads%3A1%2C60%2C294%2C1%2C360%2C0%2C%2C372%2C4%2C2021%2C2021%2C3%2C1119%3Aco%3A0%3Ans%3A1675133125830%3Ast%3A1675133129&t=gdpr(14)mc(p-1-h-1)clc(0-0-0)rqnt(1)aw(1)ti(2)
93.158.134.119200 OK 43 B URL HTTP/2 mc.yandex.ru/watch/1677322/1?page-url=https%3A%2F%2Fgoo.su%2Fz2HvHzz&charset=utf-8&cnt-class=1&hittoken=1675133113_153494e34851627e5c504690a57b6f9f633e700936f72fffcc8fc708927102ef&browser-info=pa%3A1%3Aar%3A1%3Avf%3A3kqlg6e9sjiwxr6f2njdv%3Afp%3A1100%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A960%3Acn%3A1%3Adp%3A0%3Als%3A1196976593889%3Ahid%3A179404058%3Az%3A0%3Ai%3A20230131024528%3Aet%3A1675133129%3Ac%3A1%3Arn%3A938656901%3Arqn%3A1%3Au%3A1675133128109377745%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Ads%3A1%2C60%2C294%2C1%2C360%2C0%2C%2C372%2C4%2C2021%2C2021%2C3%2C1119%3Aco%3A0%3Ans%3A1675133125830%3Ast%3A1675133129&t=gdpr(14)mc(p-1-h-1)clc(0-0-0)rqnt(1)aw(1)ti(2)
IP 93.158.134.119:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash df3e567d6f16d040326c7a0ea29a4f41
ea7df583983133b62712b5e73bffbcd45cc53736
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
POST /watch/1677322/1?page-url=https%3A%2F%2Fgoo.su%2Fz2HvHzz&charset=utf-8&cnt-class=1&hittoken=1675133113_153494e34851627e5c504690a57b6f9f633e700936f72fffcc8fc708927102ef&browser-info=pa%3A1%3Aar%3A1%3Avf%3A3kqlg6e9sjiwxr6f2njdv%3Afp%3A1100%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A960%3Acn%3A1%3Adp%3A0%3Als%3A1196976593889%3Ahid%3A179404058%3Az%3A0%3Ai%3A20230131024528%3Aet%3A1675133129%3Ac%3A1%3Arn%3A938656901%3Arqn%3A1%3Au%3A1675133128109377745%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Ads%3A1%2C60%2C294%2C1%2C360%2C0%2C%2C372%2C4%2C2021%2C2021%2C3%2C1119%3Aco%3A0%3Ans%3A1675133125830%3Ast%3A1675133129&t=gdpr(14)mc(p-1-h-1)clc(0-0-0)rqnt(1)aw(1)ti(2) HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 80
Origin: https://goo.su
Connection: keep-alive
Referer: https://goo.su/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 43
date: Tue, 31 Jan 2023 02:45:13 GMT
access-control-allow-origin: https://goo.su
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Tue, 31-Jan-2023 02:45:13 GMT
last-modified: Tue, 31-Jan-2023 02:45:13 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: image/gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
mc.yandex.ru/watch/1677322/1?page-url=https%3A%2F%2Fgoo.su%2Fz2HvHzz&charset=utf-8&cnt-class=1&hittoken=1675133113_153494e34851627e5c504690a57b6f9f633e700936f72fffcc8fc708927102ef&browser-info=pv%3A1%3Aar%3A1%3Avf%3A3kqlg6e9sjiwxr6f2njdv%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A960%3Acn%3A1%3Adp%3A0%3Als%3A1196976593889%3Ahid%3A179404058%3Az%3A0%3Ai%3A20230131024528%3Aet%3A1675133129%3Ac%3A1%3Arn%3A357245188%3Arqn%3A2%3Au%3A1675133128109377745%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Aco%3A0%3Ans%3A1675133125830%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1675133129%3At%3ARedirecting...&t=gdpr%2814%29mc%28p-1-h-1%29clc%280-0-0%29rqnt%282%29aw%281%29fip%281%29ti%282%29
93.158.134.119200 OK 43 B URL HTTP/2 mc.yandex.ru/watch/1677322/1?page-url=https%3A%2F%2Fgoo.su%2Fz2HvHzz&charset=utf-8&cnt-class=1&hittoken=1675133113_153494e34851627e5c504690a57b6f9f633e700936f72fffcc8fc708927102ef&browser-info=pv%3A1%3Aar%3A1%3Avf%3A3kqlg6e9sjiwxr6f2njdv%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A960%3Acn%3A1%3Adp%3A0%3Als%3A1196976593889%3Ahid%3A179404058%3Az%3A0%3Ai%3A20230131024528%3Aet%3A1675133129%3Ac%3A1%3Arn%3A357245188%3Arqn%3A2%3Au%3A1675133128109377745%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Aco%3A0%3Ans%3A1675133125830%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1675133129%3At%3ARedirecting...&t=gdpr%2814%29mc%28p-1-h-1%29clc%280-0-0%29rqnt%282%29aw%281%29fip%281%29ti%282%29
IP 93.158.134.119:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash df3e567d6f16d040326c7a0ea29a4f41
ea7df583983133b62712b5e73bffbcd45cc53736
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
GET /watch/1677322/1?page-url=https%3A%2F%2Fgoo.su%2Fz2HvHzz&charset=utf-8&cnt-class=1&hittoken=1675133113_153494e34851627e5c504690a57b6f9f633e700936f72fffcc8fc708927102ef&browser-info=pv%3A1%3Aar%3A1%3Avf%3A3kqlg6e9sjiwxr6f2njdv%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A960%3Acn%3A1%3Adp%3A0%3Als%3A1196976593889%3Ahid%3A179404058%3Az%3A0%3Ai%3A20230131024528%3Aet%3A1675133129%3Ac%3A1%3Arn%3A357245188%3Arqn%3A2%3Au%3A1675133128109377745%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Aco%3A0%3Ans%3A1675133125830%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1675133129%3At%3ARedirecting...&t=gdpr%2814%29mc%28p-1-h-1%29clc%280-0-0%29rqnt%282%29aw%281%29fip%281%29ti%282%29 HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://goo.su
Referer: https://goo.su/
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 43
date: Tue, 31 Jan 2023 02:45:13 GMT
access-control-allow-origin: https://goo.su
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Tue, 31-Jan-2023 02:45:13 GMT
last-modified: Tue, 31-Jan-2023 02:45:13 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: image/gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
ocsp.globalsign.com/gseccovsslca2018
104.18.20.226200 OK 939 B URL HTTP/1.1 ocsp.globalsign.com/gseccovsslca2018
IP 104.18.20.226:0
Hash d9006aed932b0081d645cb2c69b4ee84
9e54d61f27937ceb5b04eb9369e9c109e25424a7
3af1423dbee9ff18e484f8da7b23bcc1a0118a032cdc37b7cb6bc9fd9e449f42
POST /gseccovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 31 Jan 2023 02:45:15 GMT
Content-Type: application/ocsp-response
Content-Length: 939
Connection: keep-alive
Expires: Fri, 03 Feb 2023 23:38:56 GMT
ETag: "9e54d61f27937ceb5b04eb9369e9c109e25424a7"
Last-Modified: Mon, 30 Jan 2023 23:38:57 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 1310
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 791f1c332b0b0b41-OSL
mc.yandex.ru/metrika/watch.js
93.158.134.119200 OK 58 kB URL HTTP/2 mc.yandex.ru/metrika/watch.js
IP 93.158.134.119:0
File type Unicode text, UTF-8 (with BOM) text, with very long lines (554)
Hash 315a601116a9b3b0fbc85feb58375ba4
5d283ed923d0b3beb8a2ec4e80c2958d1d132fbf
251ba0fc04953e3615e7c19a9a10c5d6a4f25cc03bef190f8a5e7c6cd72a991a
GET /metrika/watch.js HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://yastatic.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 58140
date: Tue, 31 Jan 2023 02:45:15 GMT
access-control-allow-origin: *
etag: "63c93a4b-e31c"
expires: Tue, 31 Jan 2023 03:45:15 GMT
last-modified: Thu, 19 Jan 2023 15:40:43 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cache-control: max-age=3600
content-type: application/javascript
content-encoding: br
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 068b99770dbe915df78d29b83e82e6b4
4377189fd27feab4924b0e33e735755c00830c9b
538d56c75e0213f3dfa3f49859c796f6f53246699cd7335139a78dddc1f1f5e2
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 31 Jan 2023 02:45:15 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 068b99770dbe915df78d29b83e82e6b4
4377189fd27feab4924b0e33e735755c00830c9b
538d56c75e0213f3dfa3f49859c796f6f53246699cd7335139a78dddc1f1f5e2
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 31 Jan 2023 02:45:15 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 068b99770dbe915df78d29b83e82e6b4
4377189fd27feab4924b0e33e735755c00830c9b
538d56c75e0213f3dfa3f49859c796f6f53246699cd7335139a78dddc1f1f5e2
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 31 Jan 2023 02:45:15 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
mc.yandex.ru/metrika/advert.gif
93.158.134.119200 OK 43 B URL HTTP/2 mc.yandex.ru/metrika/advert.gif
IP 93.158.134.119:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash df3e567d6f16d040326c7a0ea29a4f41
ea7df583983133b62712b5e73bffbcd45cc53736
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
GET /metrika/advert.gif HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://yastatic.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 43
date: Tue, 31 Jan 2023 02:45:15 GMT
access-control-allow-origin: *
etag: "63c93a4b-2b"
expires: Tue, 31 Jan 2023 03:45:15 GMT
accept-ranges: bytes
last-modified: Thu, 19 Jan 2023 15:40:43 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cache-control: max-age=3600
content-type: image/gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 068b99770dbe915df78d29b83e82e6b4
4377189fd27feab4924b0e33e735755c00830c9b
538d56c75e0213f3dfa3f49859c796f6f53246699cd7335139a78dddc1f1f5e2
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 31 Jan 2023 02:45:15 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.googleadservices.com/pagead/conversion/1014923426/?label=eA9lCJXGrmMQooH64wM&value=0&script=0
216.58.207.194302 Found 42 B URL HTTP/2 www.googleadservices.com/pagead/conversion/1014923426/?label=eA9lCJXGrmMQooH64wM&value=0&script=0
IP 216.58.207.194:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pagead/conversion/1014923426/?label=eA9lCJXGrmMQooH64wM&value=0&script=0 HTTP/1.1
Host: www.googleadservices.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://yastatic.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Tue, 31 Jan 2023 02:45:15 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: image/gif
location: https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1014923426/?label=eA9lCJXGrmMQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=u4DYY_P-IKyD78EP5tunkAQ&random=429674124&sscte=1&crd=
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.googleadservices.com/pagead/conversion_async.js
216.58.207.194200 OK 15 kB URL HTTP/2 www.googleadservices.com/pagead/conversion_async.js
IP 216.58.207.194:0
File type ASCII text, with very long lines (1654)
Hash 22eaa6491556c40c984bed61ff9892b5
253ec7921f896fab2d49656208b10d2a227c82de
f690af44bc7bb9724442c2f52648ce1c8365cc6010cc0af574f5e0dcddf7ee7f
GET /pagead/conversion_async.js HTTP/1.1
Host: www.googleadservices.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://yastatic.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Tue, 31 Jan 2023 02:45:15 GMT
expires: Tue, 31 Jan 2023 02:45:15 GMT
cache-control: private, max-age=3600
content-type: text/javascript; charset=UTF-8
etag: 8608601048380966470
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 15164
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.googleadservices.com/pagead/conversion/1014923426/?label=uXlUCLqxpmMQooH64wM&value=0&script=0
216.58.207.194302 Found 42 B URL HTTP/2 www.googleadservices.com/pagead/conversion/1014923426/?label=uXlUCLqxpmMQooH64wM&value=0&script=0
IP 216.58.207.194:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pagead/conversion/1014923426/?label=uXlUCLqxpmMQooH64wM&value=0&script=0 HTTP/1.1
Host: www.googleadservices.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://yastatic.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Tue, 31 Jan 2023 02:45:15 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: image/gif
location: https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1014923426/?label=uXlUCLqxpmMQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=u4DYY7qXIoGn7gSE7JawBg&random=663432163&sscte=1&crd=
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
mc.yandex.ru/watch/3?wmode=7&page-url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.83%2F1-1-0%2Frender.html&page-ref=https%3A%2F%2Fgoo.su%2F&charset=utf-8&browser-info=pv%3A1%3Avf%3A3kqlg6e9sjiwxr6f2njdv%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A960%3Acn%3A1%3Adp%3A0%3Als%3A248186207696%3Ahid%3A66811662%3Az%3A0%3Ai%3A20230131024530%3Aet%3A1675133130%3Arn%3A969430095%3Arqn%3A1%3Au%3A1675133130236804352%3Aw%3A1x1%3As%3A1280x1024x24%3Ask%3A1%3Aifr%3A1%3Ads%3A0%2C0%2C14%2C0%2C1%2C0%2C%2C144%2C1%2C389%2C389%2C0%2C182%3Aco%3A0%3Ans%3A1675133128114%3Ast%3A1675133130&t=clc(0-0-0)rqnt(1)aw(1)ti(2)
93.158.134.119302 Found 42 B URL HTTP/2 mc.yandex.ru/watch/3?wmode=7&page-url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.83%2F1-1-0%2Frender.html&page-ref=https%3A%2F%2Fgoo.su%2F&charset=utf-8&browser-info=pv%3A1%3Avf%3A3kqlg6e9sjiwxr6f2njdv%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A960%3Acn%3A1%3Adp%3A0%3Als%3A248186207696%3Ahid%3A66811662%3Az%3A0%3Ai%3A20230131024530%3Aet%3A1675133130%3Arn%3A969430095%3Arqn%3A1%3Au%3A1675133130236804352%3Aw%3A1x1%3As%3A1280x1024x24%3Ask%3A1%3Aifr%3A1%3Ads%3A0%2C0%2C14%2C0%2C1%2C0%2C%2C144%2C1%2C389%2C389%2C0%2C182%3Aco%3A0%3Ans%3A1675133128114%3Ast%3A1675133130&t=clc(0-0-0)rqnt(1)aw(1)ti(2)
IP 93.158.134.119:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /watch/3?wmode=7&page-url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.83%2F1-1-0%2Frender.html&page-ref=https%3A%2F%2Fgoo.su%2F&charset=utf-8&browser-info=pv%3A1%3Avf%3A3kqlg6e9sjiwxr6f2njdv%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A960%3Acn%3A1%3Adp%3A0%3Als%3A248186207696%3Ahid%3A66811662%3Az%3A0%3Ai%3A20230131024530%3Aet%3A1675133130%3Arn%3A969430095%3Arqn%3A1%3Au%3A1675133130236804352%3Aw%3A1x1%3As%3A1280x1024x24%3Ask%3A1%3Aifr%3A1%3Ads%3A0%2C0%2C14%2C0%2C1%2C0%2C%2C144%2C1%2C389%2C389%2C0%2C182%3Aco%3A0%3Ans%3A1675133128114%3Ast%3A1675133130&t=clc(0-0-0)rqnt(1)aw(1)ti(2) HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://yastatic.net
Connection: keep-alive
Referer: https://yastatic.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
location: /watch/3/1?wmode=7&page-url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.83%2F1-1-0%2Frender.html&page-ref=https%3A%2F%2Fgoo.su%2F&charset=utf-8&browser-info=pv%3A1%3Avf%3A3kqlg6e9sjiwxr6f2njdv%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A960%3Acn%3A1%3Adp%3A0%3Als%3A248186207696%3Ahid%3A66811662%3Az%3A0%3Ai%3A20230131024530%3Aet%3A1675133130%3Arn%3A969430095%3Arqn%3A1%3Au%3A1675133130236804352%3Aw%3A1x1%3As%3A1280x1024x24%3Ask%3A1%3Aifr%3A1%3Ads%3A0%2C0%2C14%2C0%2C1%2C0%2C%2C144%2C1%2C389%2C389%2C0%2C182%3Aco%3A0%3Ans%3A1675133128114%3Ast%3A1675133130&t=clc%280-0-0%29rqnt%281%29aw%281%29ti%282%29
date: Tue, 31 Jan 2023 02:45:15 GMT
access-control-allow-origin: https://yastatic.net
set-cookie: yabs-sid=2457801831675133115; Path=/; SameSite=None; Secure
i=SF/W8z1ftcvq8k9jQQaIJeXCbfW80dHLJrT/Otw4qANz+C71RHikfv/UbJkkvm/JB6i5k2gDpnyrKF0wyMGFy57QbwY=; Expires=Fri, 28-Jan-2033 02:45:06 GMT; Domain=.yandex.ru; Path=/; Secure; HttpOnly; SameSite=None
yandexuid=4645983671675133115; Expires=Wed, 31-Jan-2024 02:45:15 GMT; Domain=.yandex.ru; Path=/; SameSite=None; Secure
yuidss=4645983671675133115; Expires=Wed, 31-Jan-2024 02:45:15 GMT; Domain=.yandex.ru; Path=/; SameSite=None; Secure
ymex=1706669115.yc.1675133115#1706669115.yrts.1675133115#1706669115.yrtsi.1675133115; Expires=Wed, 31-Jan-2024 02:45:15 GMT; Domain=.yandex.ru; Path=/; SameSite=None; Secure
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Tue, 31-Jan-2023 02:45:15 GMT
last-modified: Tue, 31-Jan-2023 02:45:15 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
mc.yandex.ru/watch/3/1?wmode=7&page-url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.83%2F1-1-0%2Frender.html&page-ref=https%3A%2F%2Fgoo.su%2F&charset=utf-8&browser-info=pv%3A1%3Avf%3A3kqlg6e9sjiwxr6f2njdv%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A960%3Acn%3A1%3Adp%3A0%3Als%3A248186207696%3Ahid%3A66811662%3Az%3A0%3Ai%3A20230131024530%3Aet%3A1675133130%3Arn%3A969430095%3Arqn%3A1%3Au%3A1675133130236804352%3Aw%3A1x1%3As%3A1280x1024x24%3Ask%3A1%3Aifr%3A1%3Ads%3A0%2C0%2C14%2C0%2C1%2C0%2C%2C144%2C1%2C389%2C389%2C0%2C182%3Aco%3A0%3Ans%3A1675133128114%3Ast%3A1675133130&t=clc%280-0-0%29rqnt%281%29aw%281%29ti%282%29
93.158.134.119200 OK 236 B URL HTTP/2 mc.yandex.ru/watch/3/1?wmode=7&page-url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.83%2F1-1-0%2Frender.html&page-ref=https%3A%2F%2Fgoo.su%2F&charset=utf-8&browser-info=pv%3A1%3Avf%3A3kqlg6e9sjiwxr6f2njdv%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A960%3Acn%3A1%3Adp%3A0%3Als%3A248186207696%3Ahid%3A66811662%3Az%3A0%3Ai%3A20230131024530%3Aet%3A1675133130%3Arn%3A969430095%3Arqn%3A1%3Au%3A1675133130236804352%3Aw%3A1x1%3As%3A1280x1024x24%3Ask%3A1%3Aifr%3A1%3Ads%3A0%2C0%2C14%2C0%2C1%2C0%2C%2C144%2C1%2C389%2C389%2C0%2C182%3Aco%3A0%3Ans%3A1675133128114%3Ast%3A1675133130&t=clc%280-0-0%29rqnt%281%29aw%281%29ti%282%29
IP 93.158.134.119:0
File type JSON data\012- , ASCII text, with no line terminators
Hash ce276d45af857f1dac90e8c161d06028
ca908dbf1bd0f127997f6c453425dc17297d1426
442f5eb78110e648268fcfd1f139d74afc459c5f7ca2bfce28f4626bffc64df9
GET /watch/3/1?wmode=7&page-url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.83%2F1-1-0%2Frender.html&page-ref=https%3A%2F%2Fgoo.su%2F&charset=utf-8&browser-info=pv%3A1%3Avf%3A3kqlg6e9sjiwxr6f2njdv%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A960%3Acn%3A1%3Adp%3A0%3Als%3A248186207696%3Ahid%3A66811662%3Az%3A0%3Ai%3A20230131024530%3Aet%3A1675133130%3Arn%3A969430095%3Arqn%3A1%3Au%3A1675133130236804352%3Aw%3A1x1%3As%3A1280x1024x24%3Ask%3A1%3Aifr%3A1%3Ads%3A0%2C0%2C14%2C0%2C1%2C0%2C%2C144%2C1%2C389%2C389%2C0%2C182%3Aco%3A0%3Ans%3A1675133128114%3Ast%3A1675133130&t=clc%280-0-0%29rqnt%281%29aw%281%29ti%282%29 HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://yastatic.net
Referer: https://yastatic.net/
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 236
date: Tue, 31 Jan 2023 02:45:15 GMT
x-content-type-options: nosniff
access-control-allow-origin: https://yastatic.net
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Tue, 31-Jan-2023 02:45:15 GMT
last-modified: Tue, 31-Jan-2023 02:45:15 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: application/json; charset=utf-8
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
www.google.no/pagead/1p-user-list/947884341/?random=1675133130373&cv=9&fst=1675130400000&num=1&guid=ON&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&sendb=1&data=extensions%3D%3BfromGoogle%3Dfalse%3BfromCancel%3Dfalse%3Bloyal%3D0%3Bsbscrb%3D%3Bp%3D%3Bb%3D%3Bfresh%3D%3Binfected%3D%3Bslow%3D%3Bos%3Dwindows%3Bbrowser%3Dfirefox%3Bwinxp%3Dfalse%3Bold%3Dactual&frm=2&url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.83%2F1-1-0%2Frender.html&ref=https%3A%2F%2Fgoo.su%2F&async=1&fmt=3&is_vtc=1&random=3633912918&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
142.250.74.163200 OK 42 B URL HTTP/2 www.google.no/pagead/1p-user-list/947884341/?random=1675133130373&cv=9&fst=1675130400000&num=1&guid=ON&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&sendb=1&data=extensions%3D%3BfromGoogle%3Dfalse%3BfromCancel%3Dfalse%3Bloyal%3D0%3Bsbscrb%3D%3Bp%3D%3Bb%3D%3Bfresh%3D%3Binfected%3D%3Bslow%3D%3Bos%3Dwindows%3Bbrowser%3Dfirefox%3Bwinxp%3Dfalse%3Bold%3Dactual&frm=2&url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.83%2F1-1-0%2Frender.html&ref=https%3A%2F%2Fgoo.su%2F&async=1&fmt=3&is_vtc=1&random=3633912918&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
IP 142.250.74.163:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pagead/1p-user-list/947884341/?random=1675133130373&cv=9&fst=1675130400000&num=1&guid=ON&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&sendb=1&data=extensions%3D%3BfromGoogle%3Dfalse%3BfromCancel%3Dfalse%3Bloyal%3D0%3Bsbscrb%3D%3Bp%3D%3Bb%3D%3Bfresh%3D%3Binfected%3D%3Bslow%3D%3Bos%3Dwindows%3Bbrowser%3Dfirefox%3Bwinxp%3Dfalse%3Bold%3Dactual&frm=2&url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.83%2F1-1-0%2Frender.html&ref=https%3A%2F%2Fgoo.su%2F&async=1&fmt=3&is_vtc=1&random=3633912918&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://yastatic.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Tue, 31 Jan 2023 02:45:15 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.google.no/pagead/1p-user-list/1014923426/?label=eA9lCJXGrmMQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&random=429674124&crd=&is_vtc=1&random=3467062404&ipr=y
142.250.74.163200 OK 42 B URL HTTP/2 www.google.no/pagead/1p-user-list/1014923426/?label=eA9lCJXGrmMQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&random=429674124&crd=&is_vtc=1&random=3467062404&ipr=y
IP 142.250.74.163:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pagead/1p-user-list/1014923426/?label=eA9lCJXGrmMQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&random=429674124&crd=&is_vtc=1&random=3467062404&ipr=y HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://yastatic.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Tue, 31 Jan 2023 02:45:15 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
an.yandex.ru/rtbcount/1REbUCwN0V0100000000U9nJt772TOdH9VjEmmFdUDABO-gOBNSqt4Xc009Fc4YeIV8HsLYk6P8CgOn0ySm3vrh2GUAb85vjEP1ePGIHdI0-430np6HSA0rXBsGCue2mLZ8gCqDOUnb_l1LYE0hcdsK4QReA9kyoCiWmCFnbdCN4m32N2IIobYaAI9vb-Wy4hvW4l4uAlJrmZe5XgebQKDjdLeQ_J2mWovbPWMGlioAGdCeCqZQNcGra8JCJWmB8FfQDp1dT7wBQpzeMdMJUmR7YXOrmSE5LiCgxOF8diuCJFyIvB7DVdG6pLh0iDD_0yXy667SWiGyWiM-oG3prmVuXotS7g-sB56xOlsK1UMq1A-z9LlFhN63f2wmD3GqiDrbt51pOORu-Z-ihAqXt1ri3omosAuU35x1rxzcyeVNlcVrbAzbWnXnWypZ1nlo8ZJVToT4gqjGvApSrBSty9HlCmfzmraHsauiSgQSrtjdFOcSpDpGsC3VVmCwqWvtd1Blu0_RsMqqx9ttQi9Zx1piF08pbfC00?confirmTime=2100000&confirmRatio=1000000&test-tag=205058918580226&format-type=118&actual-format=10&rnd=3975272420488&pcode-active-testids=710490%2C0%2C17&banner-sizes=eyI3MjA1NzYwNjkyNjM4MTg5OSI6IjQxOXgxMDAiLCI3MjA1NzYwNzA0MTkwMjgyMSI6IjQxOXgxMDAiLCI3MjA1NzYwNzM0MDQwODgyMCI6IjQxOXgxMDAifQ%3D%3D&width=1268&height=100
87.250.250.90200 OK 92 B URL HTTP/2 an.yandex.ru/rtbcount/1REbUCwN0V0100000000U9nJt772TOdH9VjEmmFdUDABO-gOBNSqt4Xc009Fc4YeIV8HsLYk6P8CgOn0ySm3vrh2GUAb85vjEP1ePGIHdI0-430np6HSA0rXBsGCue2mLZ8gCqDOUnb_l1LYE0hcdsK4QReA9kyoCiWmCFnbdCN4m32N2IIobYaAI9vb-Wy4hvW4l4uAlJrmZe5XgebQKDjdLeQ_J2mWovbPWMGlioAGdCeCqZQNcGra8JCJWmB8FfQDp1dT7wBQpzeMdMJUmR7YXOrmSE5LiCgxOF8diuCJFyIvB7DVdG6pLh0iDD_0yXy667SWiGyWiM-oG3prmVuXotS7g-sB56xOlsK1UMq1A-z9LlFhN63f2wmD3GqiDrbt51pOORu-Z-ihAqXt1ri3omosAuU35x1rxzcyeVNlcVrbAzbWnXnWypZ1nlo8ZJVToT4gqjGvApSrBSty9HlCmfzmraHsauiSgQSrtjdFOcSpDpGsC3VVmCwqWvtd1Blu0_RsMqqx9ttQi9Zx1piF08pbfC00?confirmTime=2100000&confirmRatio=1000000&test-tag=205058918580226&format-type=118&actual-format=10&rnd=3975272420488&pcode-active-testids=710490%2C0%2C17&banner-sizes=eyI3MjA1NzYwNjkyNjM4MTg5OSI6IjQxOXgxMDAiLCI3MjA1NzYwNzA0MTkwMjgyMSI6IjQxOXgxMDAiLCI3MjA1NzYwNzM0MDQwODgyMCI6IjQxOXgxMDAifQ%3D%3D&width=1268&height=100
IP 87.250.250.90:0
Hash 32dc91aa5e5be7a85228811d496edc1d
1b2558db24575ae602cc57f361118b1172b74fe9
32c4b4fd4cd3b0db30793f29472d2c0b804cfe89fb13f299261b322ae4a78052
GET /rtbcount/1REbUCwN0V0100000000U9nJt772TOdH9VjEmmFdUDABO-gOBNSqt4Xc009Fc4YeIV8HsLYk6P8CgOn0ySm3vrh2GUAb85vjEP1ePGIHdI0-430np6HSA0rXBsGCue2mLZ8gCqDOUnb_l1LYE0hcdsK4QReA9kyoCiWmCFnbdCN4m32N2IIobYaAI9vb-Wy4hvW4l4uAlJrmZe5XgebQKDjdLeQ_J2mWovbPWMGlioAGdCeCqZQNcGra8JCJWmB8FfQDp1dT7wBQpzeMdMJUmR7YXOrmSE5LiCgxOF8diuCJFyIvB7DVdG6pLh0iDD_0yXy667SWiGyWiM-oG3prmVuXotS7g-sB56xOlsK1UMq1A-z9LlFhN63f2wmD3GqiDrbt51pOORu-Z-ihAqXt1ri3omosAuU35x1rxzcyeVNlcVrbAzbWnXnWypZ1nlo8ZJVToT4gqjGvApSrBSty9HlCmfzmraHsauiSgQSrtjdFOcSpDpGsC3VVmCwqWvtd1Blu0_RsMqqx9ttQi9Zx1piF08pbfC00?confirmTime=2100000&confirmRatio=1000000&test-tag=205058918580226&format-type=118&actual-format=10&rnd=3975272420488&pcode-active-testids=710490%2C0%2C17&banner-sizes=eyI3MjA1NzYwNjkyNjM4MTg5OSI6IjQxOXgxMDAiLCI3MjA1NzYwNzA0MTkwMjgyMSI6IjQxOXgxMDAiLCI3MjA1NzYwNzM0MDQwODgyMCI6IjQxOXgxMDAifQ%3D%3D&width=1268&height=100 HTTP/1.1
Host: an.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Origin: https://goo.su
Connection: keep-alive
Referer: https://goo.su/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
timing-allow-origin: *
date: Tue, 31 Jan 2023 02:45:15 GMT
access-control-allow-origin: https://goo.su
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Tue, 31 Jan 2023 02:45:15 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
last-modified: Tue, 31 Jan 2023 02:45:15 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: image/gif
content-encoding: gzip
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
www.google.no/pagead/1p-user-list/693627671/?random=1675133130381&cv=9&fst=1675130400000&num=1&guid=ON&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&sendb=1&data=extensions%3D%3BfromGoogle%3Dfalse%3BfromCancel%3Dfalse%3Bloyal%3D0%3Bsbscrb%3D%3Bp%3D%3Bb%3D%3Bfresh%3D%3Binfected%3D%3Bslow%3D%3Bos%3Dwindows%3Bbrowser%3Dfirefox%3Bwinxp%3Dfalse%3Bold%3Dactual&frm=2&url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.83%2F1-1-0%2Frender.html&ref=https%3A%2F%2Fgoo.su%2F&async=1&fmt=3&is_vtc=1&random=1524022050&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
142.250.74.163200 OK 42 B URL HTTP/2 www.google.no/pagead/1p-user-list/693627671/?random=1675133130381&cv=9&fst=1675130400000&num=1&guid=ON&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&sendb=1&data=extensions%3D%3BfromGoogle%3Dfalse%3BfromCancel%3Dfalse%3Bloyal%3D0%3Bsbscrb%3D%3Bp%3D%3Bb%3D%3Bfresh%3D%3Binfected%3D%3Bslow%3D%3Bos%3Dwindows%3Bbrowser%3Dfirefox%3Bwinxp%3Dfalse%3Bold%3Dactual&frm=2&url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.83%2F1-1-0%2Frender.html&ref=https%3A%2F%2Fgoo.su%2F&async=1&fmt=3&is_vtc=1&random=1524022050&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
IP 142.250.74.163:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pagead/1p-user-list/693627671/?random=1675133130381&cv=9&fst=1675130400000&num=1&guid=ON&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&sendb=1&data=extensions%3D%3BfromGoogle%3Dfalse%3BfromCancel%3Dfalse%3Bloyal%3D0%3Bsbscrb%3D%3Bp%3D%3Bb%3D%3Bfresh%3D%3Binfected%3D%3Bslow%3D%3Bos%3Dwindows%3Bbrowser%3Dfirefox%3Bwinxp%3Dfalse%3Bold%3Dactual&frm=2&url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.83%2F1-1-0%2Frender.html&ref=https%3A%2F%2Fgoo.su%2F&async=1&fmt=3&is_vtc=1&random=1524022050&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://yastatic.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Tue, 31 Jan 2023 02:45:15 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.google.no/pagead/1p-user-list/693627671/?random=1675133130375&cv=9&fst=1675130400000&num=1&guid=ON&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&sendb=1&data=extensions%3D%3BfromGoogle%3Dfalse%3BfromCancel%3Dfalse%3Bloyal%3D0%3Bsbscrb%3D%3Bp%3D%3Bb%3D%3Bfresh%3D%3Binfected%3D%3Bslow%3D%3Bos%3Dwindows%3Bbrowser%3Dfirefox%3Bwinxp%3Dfalse%3Bold%3Dactual&frm=2&url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.83%2F1-1-0%2Frender.html&ref=https%3A%2F%2Fgoo.su%2F&async=1&fmt=3&is_vtc=1&random=1274644029&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
142.250.74.163200 OK 42 B URL HTTP/2 www.google.no/pagead/1p-user-list/693627671/?random=1675133130375&cv=9&fst=1675130400000&num=1&guid=ON&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&sendb=1&data=extensions%3D%3BfromGoogle%3Dfalse%3BfromCancel%3Dfalse%3Bloyal%3D0%3Bsbscrb%3D%3Bp%3D%3Bb%3D%3Bfresh%3D%3Binfected%3D%3Bslow%3D%3Bos%3Dwindows%3Bbrowser%3Dfirefox%3Bwinxp%3Dfalse%3Bold%3Dactual&frm=2&url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.83%2F1-1-0%2Frender.html&ref=https%3A%2F%2Fgoo.su%2F&async=1&fmt=3&is_vtc=1&random=1274644029&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
IP 142.250.74.163:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pagead/1p-user-list/693627671/?random=1675133130375&cv=9&fst=1675130400000&num=1&guid=ON&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&sendb=1&data=extensions%3D%3BfromGoogle%3Dfalse%3BfromCancel%3Dfalse%3Bloyal%3D0%3Bsbscrb%3D%3Bp%3D%3Bb%3D%3Bfresh%3D%3Binfected%3D%3Bslow%3D%3Bos%3Dwindows%3Bbrowser%3Dfirefox%3Bwinxp%3Dfalse%3Bold%3Dactual&frm=2&url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.83%2F1-1-0%2Frender.html&ref=https%3A%2F%2Fgoo.su%2F&async=1&fmt=3&is_vtc=1&random=1274644029&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://yastatic.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Tue, 31 Jan 2023 02:45:15 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
mc.yandex.ru/watch/37412095?wmode=7&page-url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.83%2F1-1-0%2Frender.html&page-ref=https%3A%2F%2Fgoo.su%2F&charset=utf-8&site-info=%7B%22extensions%22%3A%22%22%2C%22fromGoogle%22%3A%22false%22%2C%22fromCancel%22%3A%22false%22%2C%22loyal%22%3A%220%22%2C%22sbscrb%22%3A%22%22%2C%22p%22%3A%22%22%2C%22b%22%3A%22%22%2C%22fresh%22%3A%22%22%2C%22infected%22%3A%22%22%2C%22slow%22%3A%22%22%2C%22os%22%3A%22windows%22%2C%22browser%22%3A%22firefox%22%2C%22winxp%22%3A%22false%22%2C%22old%22%3A%22actual%22%2C%22yabroAge%22%3Anull%7D&browser-info=pv%3A1%3Avf%3A3kqlg6e9sjiwxr6f2njdv%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A960%3Acn%3A2%3Adp%3A0%3Als%3A939231577307%3Ahid%3A66811662%3Aphid%3A179404058%3Az%3A0%3Ai%3A20230131024533%3Aet%3A1675133134%3Arn%3A335261395%3Arqn%3A1%3Au%3A1675133130236804352%3Aw%3A1x1%3As%3A1280x1024x24%3Ask%3A1%3Aifr%3A1%3Ads%3A0%2C0%2C14%2C0%2C1%2C0%2C%2C144%2C1%2C389%2C389%2C0%2C182%3Aco%3A0%3Ans%3A1675133128114%3Aadb%3A2%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-5cbccea2ed3dd5c7a75380ef1cbfadf6-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1675133134%3At%3A&t=gdpr(6)clc(0-0-0)rqnt(1)aw(1)fip(1)ti(2)
93.158.134.119302 Found 419 B URL HTTP/2 mc.yandex.ru/watch/37412095?wmode=7&page-url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.83%2F1-1-0%2Frender.html&page-ref=https%3A%2F%2Fgoo.su%2F&charset=utf-8&site-info=%7B%22extensions%22%3A%22%22%2C%22fromGoogle%22%3A%22false%22%2C%22fromCancel%22%3A%22false%22%2C%22loyal%22%3A%220%22%2C%22sbscrb%22%3A%22%22%2C%22p%22%3A%22%22%2C%22b%22%3A%22%22%2C%22fresh%22%3A%22%22%2C%22infected%22%3A%22%22%2C%22slow%22%3A%22%22%2C%22os%22%3A%22windows%22%2C%22browser%22%3A%22firefox%22%2C%22winxp%22%3A%22false%22%2C%22old%22%3A%22actual%22%2C%22yabroAge%22%3Anull%7D&browser-info=pv%3A1%3Avf%3A3kqlg6e9sjiwxr6f2njdv%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A960%3Acn%3A2%3Adp%3A0%3Als%3A939231577307%3Ahid%3A66811662%3Aphid%3A179404058%3Az%3A0%3Ai%3A20230131024533%3Aet%3A1675133134%3Arn%3A335261395%3Arqn%3A1%3Au%3A1675133130236804352%3Aw%3A1x1%3As%3A1280x1024x24%3Ask%3A1%3Aifr%3A1%3Ads%3A0%2C0%2C14%2C0%2C1%2C0%2C%2C144%2C1%2C389%2C389%2C0%2C182%3Aco%3A0%3Ans%3A1675133128114%3Aadb%3A2%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-5cbccea2ed3dd5c7a75380ef1cbfadf6-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1675133134%3At%3A&t=gdpr(6)clc(0-0-0)rqnt(1)aw(1)fip(1)ti(2)
IP 93.158.134.119:0
File type JSON data\012- , ASCII text, with very long lines (419), with no line terminators
Hash ff1ac99f180d309219954399a7dce337
4161b88c40d234afa324157953eab97d7252a762
5ad33c096f41a7640aef8bc21b0e2a48d28c50dfb03b6aa45be8990dbcbe17bc
GET /watch/37412095?wmode=7&page-url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.83%2F1-1-0%2Frender.html&page-ref=https%3A%2F%2Fgoo.su%2F&charset=utf-8&site-info=%7B%22extensions%22%3A%22%22%2C%22fromGoogle%22%3A%22false%22%2C%22fromCancel%22%3A%22false%22%2C%22loyal%22%3A%220%22%2C%22sbscrb%22%3A%22%22%2C%22p%22%3A%22%22%2C%22b%22%3A%22%22%2C%22fresh%22%3A%22%22%2C%22infected%22%3A%22%22%2C%22slow%22%3A%22%22%2C%22os%22%3A%22windows%22%2C%22browser%22%3A%22firefox%22%2C%22winxp%22%3A%22false%22%2C%22old%22%3A%22actual%22%2C%22yabroAge%22%3Anull%7D&browser-info=pv%3A1%3Avf%3A3kqlg6e9sjiwxr6f2njdv%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A960%3Acn%3A2%3Adp%3A0%3Als%3A939231577307%3Ahid%3A66811662%3Aphid%3A179404058%3Az%3A0%3Ai%3A20230131024533%3Aet%3A1675133134%3Arn%3A335261395%3Arqn%3A1%3Au%3A1675133130236804352%3Aw%3A1x1%3As%3A1280x1024x24%3Ask%3A1%3Aifr%3A1%3Ads%3A0%2C0%2C14%2C0%2C1%2C0%2C%2C144%2C1%2C389%2C389%2C0%2C182%3Aco%3A0%3Ans%3A1675133128114%3Aadb%3A2%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-5cbccea2ed3dd5c7a75380ef1cbfadf6-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1675133134%3At%3A&t=gdpr(6)clc(0-0-0)rqnt(1)aw(1)fip(1)ti(2) HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://yastatic.net
Connection: keep-alive
Referer: https://yastatic.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
location: /watch/37412095/1?wmode=7&page-url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.83%2F1-1-0%2Frender.html&page-ref=https%3A%2F%2Fgoo.su%2F&charset=utf-8&site-info=%7B%22extensions%22%3A%22%22%2C%22fromGoogle%22%3A%22false%22%2C%22fromCancel%22%3A%22false%22%2C%22loyal%22%3A%220%22%2C%22sbscrb%22%3A%22%22%2C%22p%22%3A%22%22%2C%22b%22%3A%22%22%2C%22fresh%22%3A%22%22%2C%22infected%22%3A%22%22%2C%22slow%22%3A%22%22%2C%22os%22%3A%22windows%22%2C%22browser%22%3A%22firefox%22%2C%22winxp%22%3A%22false%22%2C%22old%22%3A%22actual%22%2C%22yabroAge%22%3Anull%7D&browser-info=pv%3A1%3Avf%3A3kqlg6e9sjiwxr6f2njdv%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A960%3Acn%3A2%3Adp%3A0%3Als%3A939231577307%3Ahid%3A66811662%3Aphid%3A179404058%3Az%3A0%3Ai%3A20230131024533%3Aet%3A1675133134%3Arn%3A335261395%3Arqn%3A1%3Au%3A1675133130236804352%3Aw%3A1x1%3As%3A1280x1024x24%3Ask%3A1%3Aifr%3A1%3Ads%3A0%2C0%2C14%2C0%2C1%2C0%2C%2C144%2C1%2C389%2C389%2C0%2C182%3Aco%3A0%3Ans%3A1675133128114%3Aadb%3A2%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-5cbccea2ed3dd5c7a75380ef1cbfadf6-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1675133134%3At%3A&t=gdpr%286%29clc%280-0-0%29rqnt%281%29aw%281%29fip%281%29ti%282%29
date: Tue, 31 Jan 2023 02:45:18 GMT
access-control-allow-origin: https://yastatic.net
set-cookie: yabs-sid=857576971675133118; Path=/; SameSite=None; Secure
i=KS13p9HBmlNR21PwQ6639ibQFUsceAWT/ei2wtBZdX/wNWfI3DHsQOp9bFLzJTqBI7YQdcQN+Z72Dvi0+zRiOxePys8=; Expires=Fri, 28-Jan-2033 02:45:14 GMT; Domain=.yandex.ru; Path=/; Secure; HttpOnly; SameSite=None
yandexuid=1954576771675133118; Expires=Wed, 31-Jan-2024 02:45:18 GMT; Domain=.yandex.ru; Path=/; SameSite=None; Secure
yuidss=1954576771675133118; Expires=Wed, 31-Jan-2024 02:45:18 GMT; Domain=.yandex.ru; Path=/; SameSite=None; Secure
ymex=1706669118.yc.1675133118#1706669118.yrts.1675133118#1706669118.yrtsi.1675133118; Expires=Wed, 31-Jan-2024 02:45:18 GMT; Domain=.yandex.ru; Path=/; SameSite=None; Secure
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Tue, 31-Jan-2023 02:45:18 GMT
last-modified: Tue, 31-Jan-2023 02:45:18 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
top-fwz1.mail.ru/tracker?js=13;id=3128781;u=https%3A//goo.su/z2HvHzz;st=1675133126925;title=Redirecting...;s=1280*1024;vp=1268*939;touch=0;hds=1;frame=0;flash=;sid=a58aced37af456fe;ver=60.3.0;tz=0%2FUTC;ni=;detect=0;lvid=1675133127400%3A1675133134834%3A3%3A0e66ecb9f6469670fc0df48863415a1b;opts=jst-ym;visible=true;_=0.11869455939265605;e=RT/unload;et=1675133134832;pvt=7907;vtauto=7438
95.163.52.67200 OK 43 B URL HTTP/2 top-fwz1.mail.ru/tracker?js=13;id=3128781;u=https%3A//goo.su/z2HvHzz;st=1675133126925;title=Redirecting...;s=1280*1024;vp=1268*939;touch=0;hds=1;frame=0;flash=;sid=a58aced37af456fe;ver=60.3.0;tz=0%2FUTC;ni=;detect=0;lvid=1675133127400%3A1675133134834%3A3%3A0e66ecb9f6469670fc0df48863415a1b;opts=jst-ym;visible=true;_=0.11869455939265605;e=RT/unload;et=1675133134832;pvt=7907;vtauto=7438
IP 95.163.52.67:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 9bb191c6827273aa978cab39a3587950
25d8043336eb799e52b1a0e15ff6b95e09c24e35
24e480e4659fbae818853a38f8a3036f529f539024dc3e772c0b594ce02ea9db
GET /tracker?js=13;id=3128781;u=https%3A//goo.su/z2HvHzz;st=1675133126925;title=Redirecting...;s=1280*1024;vp=1268*939;touch=0;hds=1;frame=0;flash=;sid=a58aced37af456fe;ver=60.3.0;tz=0%2FUTC;ni=;detect=0;lvid=1675133127400%3A1675133134834%3A3%3A0e66ecb9f6469670fc0df48863415a1b;opts=jst-ym;visible=true;_=0.11869455939265605;e=RT/unload;et=1675133134832;pvt=7907;vtauto=7438 HTTP/1.1
Host: top-fwz1.mail.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://goo.su/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 31 Jan 2023 02:45:20 GMT
content-type: image/gif
content-length: 43
set-cookie: FTID=1RMYgQ0tkIIF:1675133120:3128781:::; path=/; expires=Thu, 01-Feb-24 02:45:20 GMT; domain=.mail.ru; HttpOnly; SameSite=None; Secure
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, HEAD, PUT, OPTIONS
access-control-allow-headers: *
amp-access-control-allow-source-origin: *
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
timing-allow-origin: *
x-content-type-options: nosniff
p3p: CP="NOI DSP COR NID CUR PSA OUR NOR"
cache-control: private, no-cache, no-store, max-age=0
pragma: no-cache
accept-ch: DPR, Width, Viewport-Width, Downlink, Device-Memory, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version
accept-ch-lifetime: 86400
X-Firefox-Spdy: h2
an.yandex.ru/event_confirmation
87.250.250.90200 OK 0 B URL HTTP/2 an.yandex.ru/event_confirmation
IP 87.250.250.90:0
OPTIONS /event_confirmation HTTP/1.1
Host: an.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://goo.su/
Origin: https://goo.su
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
timing-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
date: Tue, 31 Jan 2023 02:45:13 GMT
access-control-max-age: 1728000
access-control-allow-headers: content-type
access-control-allow-origin: https://goo.su
access-control-allow-credentials: true
x-xss-protection: 1; mode=block
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
content-encoding: gzip
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
yastatic.net/q/set/s/rsya-tag-users/bundle.js
178.154.131.216200 OK 0 B URL HTTP/2 yastatic.net/q/set/s/rsya-tag-users/bundle.js
IP 178.154.131.216:0
GET /q/set/s/rsya-tag-users/bundle.js HTTP/1.1
Host: yastatic.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://yastatic.net/safeframe-bundles/0.83/1-1-0/render.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx/1.17.9
date: Tue, 31 Jan 2023 02:45:15 GMT
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31556952
content-encoding: br
etag: W/"82bdc8db563d3e71c35534315f8a9fd5"
expires: Thu, 02 Feb 2023 14:41:57 GMT
last-modified: Fri, 29 Oct 2021 11:19:01 GMT
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
strict-transport-security: max-age=43200000; includeSubDomains;
timing-allow-origin: *
vary: Accept-Encoding
x-nginx-request-id: 7034958f965b6416
X-Firefox-Spdy: h2
an.yandex.ru/rtbcount/1QRrdYQL0V0100000000U9nJt1d2whvvgv-HuO5pRswqnTGnM-vik97C00IUC97GbgB8-bYk6P8CgOn0ySm3vmfEWSHBcO6ysd8WqSe88Zj1ia30n32JKGlANiYu2i9WMCde06NjPJpaoy9m5Cm_omXIU1LCtcLaa65W-CiuYuc1OIuJI6GjKnH83TD_87Z59E3n8p7ym3a6Xc-2sa5jdraP_ZAnW2ndPWMIlSoAG78gCqZRN6Osa8NCJ0mA8FjODZ9dT7-8QZzhMtIIUUU9rn4QhN6nLy4gxuB9dymEJlmGvxASUdK6p5h1ieff0yj_663SWSG-WCI-oGBnr0VxXopV7QosBrAuOV-M1UIr1Qoy9rbp9Jd1qXTO6neQM6woxYWuiCDyVHxNLrQGxWws1fOPR5SE1ozWwzwpUKFhtpFxorQomOmvmEPnWetv4HjlkfEZbMbLU7PkQbgQ-Kisc8K_uQo9x2ONEL9FQxopdyNEPcveR61kle6TQGSxpmbsyGVixRUQTaxwj64nzmzs7W2aAASe?confirmTime=2100000&confirmRatio=1000000&test-tag=205058918580226&format-type=118&actual-format=8&rnd=1815259561679&pcode-active-testids=710490%2C0%2C17&banner-sizes=eyI3MjA1NzYwNzEyNzE0NDM2MSI6IjEyNjh4MjAwIn0%3D&width=1268&height=200
87.250.250.90200 OK 0 B URL HTTP/2 an.yandex.ru/rtbcount/1QRrdYQL0V0100000000U9nJt1d2whvvgv-HuO5pRswqnTGnM-vik97C00IUC97GbgB8-bYk6P8CgOn0ySm3vmfEWSHBcO6ysd8WqSe88Zj1ia30n32JKGlANiYu2i9WMCde06NjPJpaoy9m5Cm_omXIU1LCtcLaa65W-CiuYuc1OIuJI6GjKnH83TD_87Z59E3n8p7ym3a6Xc-2sa5jdraP_ZAnW2ndPWMIlSoAG78gCqZRN6Osa8NCJ0mA8FjODZ9dT7-8QZzhMtIIUUU9rn4QhN6nLy4gxuB9dymEJlmGvxASUdK6p5h1ieff0yj_663SWSG-WCI-oGBnr0VxXopV7QosBrAuOV-M1UIr1Qoy9rbp9Jd1qXTO6neQM6woxYWuiCDyVHxNLrQGxWws1fOPR5SE1ozWwzwpUKFhtpFxorQomOmvmEPnWetv4HjlkfEZbMbLU7PkQbgQ-Kisc8K_uQo9x2ONEL9FQxopdyNEPcveR61kle6TQGSxpmbsyGVixRUQTaxwj64nzmzs7W2aAASe?confirmTime=2100000&confirmRatio=1000000&test-tag=205058918580226&format-type=118&actual-format=8&rnd=1815259561679&pcode-active-testids=710490%2C0%2C17&banner-sizes=eyI3MjA1NzYwNzEyNzE0NDM2MSI6IjEyNjh4MjAwIn0%3D&width=1268&height=200
IP 87.250.250.90:0
GET /rtbcount/1QRrdYQL0V0100000000U9nJt1d2whvvgv-HuO5pRswqnTGnM-vik97C00IUC97GbgB8-bYk6P8CgOn0ySm3vmfEWSHBcO6ysd8WqSe88Zj1ia30n32JKGlANiYu2i9WMCde06NjPJpaoy9m5Cm_omXIU1LCtcLaa65W-CiuYuc1OIuJI6GjKnH83TD_87Z59E3n8p7ym3a6Xc-2sa5jdraP_ZAnW2ndPWMIlSoAG78gCqZRN6Osa8NCJ0mA8FjODZ9dT7-8QZzhMtIIUUU9rn4QhN6nLy4gxuB9dymEJlmGvxASUdK6p5h1ieff0yj_663SWSG-WCI-oGBnr0VxXopV7QosBrAuOV-M1UIr1Qoy9rbp9Jd1qXTO6neQM6woxYWuiCDyVHxNLrQGxWws1fOPR5SE1ozWwzwpUKFhtpFxorQomOmvmEPnWetv4HjlkfEZbMbLU7PkQbgQ-Kisc8K_uQo9x2ONEL9FQxopdyNEPcveR61kle6TQGSxpmbsyGVixRUQTaxwj64nzmzs7W2aAASe?confirmTime=2100000&confirmRatio=1000000&test-tag=205058918580226&format-type=118&actual-format=8&rnd=1815259561679&pcode-active-testids=710490%2C0%2C17&banner-sizes=eyI3MjA1NzYwNzEyNzE0NDM2MSI6IjEyNjh4MjAwIn0%3D&width=1268&height=200 HTTP/1.1
Host: an.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Origin: https://goo.su
Connection: keep-alive
Referer: https://goo.su/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
timing-allow-origin: *
date: Tue, 31 Jan 2023 02:45:15 GMT
access-control-allow-origin: https://goo.su
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Tue, 31 Jan 2023 02:45:15 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
last-modified: Tue, 31 Jan 2023 02:45:15 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: image/gif
content-encoding: gzip
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
an.yandex.ru/count/WMuejI_zOEC09Gi0b18Tn6Cq0UlZ80K0um4GW8200J6uWDXZ000003YKuCm1Y081kGB8_jlwaKPvhl02ryVcn0RGBl050Q06xW791hZ8HQGoqZ-9gGV0peHNSrn-0_W70T08We20W09AoHBjmCu009Kq9bA6yu60W8281AWFm9spkBQEbxy3a13Mz-_PsiExZS41j8sClZxW507m5S6AzkoZZxpyOw0MaANEdWR95l0_s1Q15wWN3T0O8VWOYFRWgDcDnv9wW1c96JVNk1d___y1m1cuuO76--QhjmhI6H9vOM9pNtDbSdPbSYzoDpWmBJBe6P41y1ch1vWQrCDJi1j8k1i3WXmDPq91EbarGsfjPMPcD-aSW1t_Vu0W0eWW3D0X____0TKY__z__u4Z00000000y3yH0383QPWn4JmvxpkQtuxS22NaaARZdGCJGtlM71LyL1OIfD9tUFGBmDevb9EevgX8qYXkyh6CGG40~1=WNOejI_zO9i0PGi0X1IFTTh6cm7qng_2yzdzsPO1W07ElAoanUJda1w80SxRszEQ0P01bisnW-20W802c06MpR63OBW1lCsQq2NO0TAv_ga1u06MbQ-P0UW1X07u0TYFthu1e0AE-eK1i0Eh0eW5iA0Ka0Mth3wm1VRi3xW5zkmFm0MOfUa1o0NgfplG1SYh1gW6xW6f1y3EX5TpN7u3k0U01T08keY0WSA0W0RW28VzGkW91u0A0VWAWBKOw0oJ0fWDnyCnmB2GWeWI0P0I0O0KW8201D0KtztM7kWKZ0AW5f2bpfu6oHRmFz0Ms8_UlW6O5vUrj2ou5m705xNM0Q0PxW6u6V___m616l__xwoRbpYAg1u1i1y1o1_fdFzKgI2lQ3qklt3GFxWWtjqfi281o281rIB__t__WIE98za_a2F_fAIb-PNqttkO8xN4fl7_hzP_2G21F0zyOn3OyHhkNM9mJ78IiXYoV3WGC0UNgfHs9nWiu000~1=WMuejI_zO8y09Gi0b1H_rYcpZm7UeeN_aDkokTS1W041Y063vF_Cc06G0SgZn_7WW8200fW1ogF7yM2u0QoEch8bs06sy_cf0U01mgZkg07e0SO2-06Iazw-0Q02jD3X6Q031B030h040RW4_07e1982Y0MNmWgG1RVG5R05h_C7k0MlymV01QhE4yW5YfK7q0N4cGAe1ku1gGV0peHNSrn-0xW7W0NG1nRW1v0Dq0YQYe21meA01k08ckZm3EW91u0A0UWCamAO3SV3CS2W4j0Kcg-fU-WKZ0AW5f2bpfu6oHRG5fAJthu1c1VQqhGlk1S1m1UrrW6W6Uu1k1d___y1WHh__okuS5ItNgWUe9a2i1y2o1_R-VnKgI0zQIzmbk7nFxWWtjqfi281o281rIB__t__WIE98vgPcPcPcTa_a2EwaTY3wBI_jqsO8ycqbj70axRWTWS0kKW877UDaIbY68R3IZ4zboEb4WM31Hm0~1=WMmejI_zO9a05Gi091JWpHlbcG7EgE2uzFcVyRS1W041Y07QxxxJcm6G0UZ_dOxZW8200fW1wF-TZcEu0VgHfzibs076cCoh0U01se2cfW7e0Qm3-07gdDw-0PW2XgZX6g02_92h5Q031h030kW4gGA81T6j0v05xeq9i0NBXmEu1Sk70y05kFq2o0MFW07G1STsg0Rk0Qa7mCw4LtDSVWEu1u05q0SMu0Ve2yA2W0RW2Bx8rGhe2GU02W7e39C2c0t7mp6WA8WI0P0I0O0KW820w1IC0g0MaANEdWR95j0MeF3blW6O5w-__Ywu5m705xNM0Q0PxW6u6O4Q__-7XCtPUucW6gB4iTAelhQ47QWUlt2m7mF87wECvbMu8DxTAR0Y0SWY0TKY__z__u4ZYIEQcPcPcPdPFv0ZzQJWp--Mlev0c2FPhOZXgPBIpu412G1L1W9mn8H16B4YljEVmvkO7awKoe6XEsCKR1Dm~1?stat-id=1&test-tag=205058918636081&banner-sizes=eyI3MjA1NzYwNjkyNjM4MTg5OSI6IjQxOXgxMDAiLCI3MjA1NzYwNzA0MTkwMjgyMSI6IjQxOXgxMDAiLCI3MjA1NzYwNzM0MDQwODgyMCI6IjQxOXgxMDAifQ%3D%3D&format-type=118&actual-format=10&pcodever=713077&banner-test-tags=eyI3MjA1NzYwNjkyNjM4MTg5OSI6IjU3MzkzIiwiNzIwNTc2MDcwNDE5MDI4MjEiOiIyNDU5NCIsIjcyMDU3NjA3MzQwNDA4ODIwIjoiNTczOTUifQ%3D%3D&pcode-active-testids=710490%2C0%2C17&width=1268&height=100&confirmTime=2105000&confirmRatio=1000000&wmode=0
87.250.250.90302 Found 0 B URL HTTP/2 an.yandex.ru/count/WMuejI_zOEC09Gi0b18Tn6Cq0UlZ80K0um4GW8200J6uWDXZ000003YKuCm1Y081kGB8_jlwaKPvhl02ryVcn0RGBl050Q06xW791hZ8HQGoqZ-9gGV0peHNSrn-0_W70T08We20W09AoHBjmCu009Kq9bA6yu60W8281AWFm9spkBQEbxy3a13Mz-_PsiExZS41j8sClZxW507m5S6AzkoZZxpyOw0MaANEdWR95l0_s1Q15wWN3T0O8VWOYFRWgDcDnv9wW1c96JVNk1d___y1m1cuuO76--QhjmhI6H9vOM9pNtDbSdPbSYzoDpWmBJBe6P41y1ch1vWQrCDJi1j8k1i3WXmDPq91EbarGsfjPMPcD-aSW1t_Vu0W0eWW3D0X____0TKY__z__u4Z00000000y3yH0383QPWn4JmvxpkQtuxS22NaaARZdGCJGtlM71LyL1OIfD9tUFGBmDevb9EevgX8qYXkyh6CGG40~1=WNOejI_zO9i0PGi0X1IFTTh6cm7qng_2yzdzsPO1W07ElAoanUJda1w80SxRszEQ0P01bisnW-20W802c06MpR63OBW1lCsQq2NO0TAv_ga1u06MbQ-P0UW1X07u0TYFthu1e0AE-eK1i0Eh0eW5iA0Ka0Mth3wm1VRi3xW5zkmFm0MOfUa1o0NgfplG1SYh1gW6xW6f1y3EX5TpN7u3k0U01T08keY0WSA0W0RW28VzGkW91u0A0VWAWBKOw0oJ0fWDnyCnmB2GWeWI0P0I0O0KW8201D0KtztM7kWKZ0AW5f2bpfu6oHRmFz0Ms8_UlW6O5vUrj2ou5m705xNM0Q0PxW6u6V___m616l__xwoRbpYAg1u1i1y1o1_fdFzKgI2lQ3qklt3GFxWWtjqfi281o281rIB__t__WIE98za_a2F_fAIb-PNqttkO8xN4fl7_hzP_2G21F0zyOn3OyHhkNM9mJ78IiXYoV3WGC0UNgfHs9nWiu000~1=WMuejI_zO8y09Gi0b1H_rYcpZm7UeeN_aDkokTS1W041Y063vF_Cc06G0SgZn_7WW8200fW1ogF7yM2u0QoEch8bs06sy_cf0U01mgZkg07e0SO2-06Iazw-0Q02jD3X6Q031B030h040RW4_07e1982Y0MNmWgG1RVG5R05h_C7k0MlymV01QhE4yW5YfK7q0N4cGAe1ku1gGV0peHNSrn-0xW7W0NG1nRW1v0Dq0YQYe21meA01k08ckZm3EW91u0A0UWCamAO3SV3CS2W4j0Kcg-fU-WKZ0AW5f2bpfu6oHRG5fAJthu1c1VQqhGlk1S1m1UrrW6W6Uu1k1d___y1WHh__okuS5ItNgWUe9a2i1y2o1_R-VnKgI0zQIzmbk7nFxWWtjqfi281o281rIB__t__WIE98vgPcPcPcTa_a2EwaTY3wBI_jqsO8ycqbj70axRWTWS0kKW877UDaIbY68R3IZ4zboEb4WM31Hm0~1=WMmejI_zO9a05Gi091JWpHlbcG7EgE2uzFcVyRS1W041Y07QxxxJcm6G0UZ_dOxZW8200fW1wF-TZcEu0VgHfzibs076cCoh0U01se2cfW7e0Qm3-07gdDw-0PW2XgZX6g02_92h5Q031h030kW4gGA81T6j0v05xeq9i0NBXmEu1Sk70y05kFq2o0MFW07G1STsg0Rk0Qa7mCw4LtDSVWEu1u05q0SMu0Ve2yA2W0RW2Bx8rGhe2GU02W7e39C2c0t7mp6WA8WI0P0I0O0KW820w1IC0g0MaANEdWR95j0MeF3blW6O5w-__Ywu5m705xNM0Q0PxW6u6O4Q__-7XCtPUucW6gB4iTAelhQ47QWUlt2m7mF87wECvbMu8DxTAR0Y0SWY0TKY__z__u4ZYIEQcPcPcPdPFv0ZzQJWp--Mlev0c2FPhOZXgPBIpu412G1L1W9mn8H16B4YljEVmvkO7awKoe6XEsCKR1Dm~1?stat-id=1&test-tag=205058918636081&banner-sizes=eyI3MjA1NzYwNjkyNjM4MTg5OSI6IjQxOXgxMDAiLCI3MjA1NzYwNzA0MTkwMjgyMSI6IjQxOXgxMDAiLCI3MjA1NzYwNzM0MDQwODgyMCI6IjQxOXgxMDAifQ%3D%3D&format-type=118&actual-format=10&pcodever=713077&banner-test-tags=eyI3MjA1NzYwNjkyNjM4MTg5OSI6IjU3MzkzIiwiNzIwNTc2MDcwNDE5MDI4MjEiOiIyNDU5NCIsIjcyMDU3NjA3MzQwNDA4ODIwIjoiNTczOTUifQ%3D%3D&pcode-active-testids=710490%2C0%2C17&width=1268&height=100&confirmTime=2105000&confirmRatio=1000000&wmode=0
IP 87.250.250.90:0
GET /count/WMuejI_zOEC09Gi0b18Tn6Cq0UlZ80K0um4GW8200J6uWDXZ000003YKuCm1Y081kGB8_jlwaKPvhl02ryVcn0RGBl050Q06xW791hZ8HQGoqZ-9gGV0peHNSrn-0_W70T08We20W09AoHBjmCu009Kq9bA6yu60W8281AWFm9spkBQEbxy3a13Mz-_PsiExZS41j8sClZxW507m5S6AzkoZZxpyOw0MaANEdWR95l0_s1Q15wWN3T0O8VWOYFRWgDcDnv9wW1c96JVNk1d___y1m1cuuO76--QhjmhI6H9vOM9pNtDbSdPbSYzoDpWmBJBe6P41y1ch1vWQrCDJi1j8k1i3WXmDPq91EbarGsfjPMPcD-aSW1t_Vu0W0eWW3D0X____0TKY__z__u4Z00000000y3yH0383QPWn4JmvxpkQtuxS22NaaARZdGCJGtlM71LyL1OIfD9tUFGBmDevb9EevgX8qYXkyh6CGG40~1=WNOejI_zO9i0PGi0X1IFTTh6cm7qng_2yzdzsPO1W07ElAoanUJda1w80SxRszEQ0P01bisnW-20W802c06MpR63OBW1lCsQq2NO0TAv_ga1u06MbQ-P0UW1X07u0TYFthu1e0AE-eK1i0Eh0eW5iA0Ka0Mth3wm1VRi3xW5zkmFm0MOfUa1o0NgfplG1SYh1gW6xW6f1y3EX5TpN7u3k0U01T08keY0WSA0W0RW28VzGkW91u0A0VWAWBKOw0oJ0fWDnyCnmB2GWeWI0P0I0O0KW8201D0KtztM7kWKZ0AW5f2bpfu6oHRmFz0Ms8_UlW6O5vUrj2ou5m705xNM0Q0PxW6u6V___m616l__xwoRbpYAg1u1i1y1o1_fdFzKgI2lQ3qklt3GFxWWtjqfi281o281rIB__t__WIE98za_a2F_fAIb-PNqttkO8xN4fl7_hzP_2G21F0zyOn3OyHhkNM9mJ78IiXYoV3WGC0UNgfHs9nWiu000~1=WMuejI_zO8y09Gi0b1H_rYcpZm7UeeN_aDkokTS1W041Y063vF_Cc06G0SgZn_7WW8200fW1ogF7yM2u0QoEch8bs06sy_cf0U01mgZkg07e0SO2-06Iazw-0Q02jD3X6Q031B030h040RW4_07e1982Y0MNmWgG1RVG5R05h_C7k0MlymV01QhE4yW5YfK7q0N4cGAe1ku1gGV0peHNSrn-0xW7W0NG1nRW1v0Dq0YQYe21meA01k08ckZm3EW91u0A0UWCamAO3SV3CS2W4j0Kcg-fU-WKZ0AW5f2bpfu6oHRG5fAJthu1c1VQqhGlk1S1m1UrrW6W6Uu1k1d___y1WHh__okuS5ItNgWUe9a2i1y2o1_R-VnKgI0zQIzmbk7nFxWWtjqfi281o281rIB__t__WIE98vgPcPcPcTa_a2EwaTY3wBI_jqsO8ycqbj70axRWTWS0kKW877UDaIbY68R3IZ4zboEb4WM31Hm0~1=WMmejI_zO9a05Gi091JWpHlbcG7EgE2uzFcVyRS1W041Y07QxxxJcm6G0UZ_dOxZW8200fW1wF-TZcEu0VgHfzibs076cCoh0U01se2cfW7e0Qm3-07gdDw-0PW2XgZX6g02_92h5Q031h030kW4gGA81T6j0v05xeq9i0NBXmEu1Sk70y05kFq2o0MFW07G1STsg0Rk0Qa7mCw4LtDSVWEu1u05q0SMu0Ve2yA2W0RW2Bx8rGhe2GU02W7e39C2c0t7mp6WA8WI0P0I0O0KW820w1IC0g0MaANEdWR95j0MeF3blW6O5w-__Ywu5m705xNM0Q0PxW6u6O4Q__-7XCtPUucW6gB4iTAelhQ47QWUlt2m7mF87wECvbMu8DxTAR0Y0SWY0TKY__z__u4ZYIEQcPcPcPdPFv0ZzQJWp--Mlev0c2FPhOZXgPBIpu412G1L1W9mn8H16B4YljEVmvkO7awKoe6XEsCKR1Dm~1?stat-id=1&test-tag=205058918636081&banner-sizes=eyI3MjA1NzYwNjkyNjM4MTg5OSI6IjQxOXgxMDAiLCI3MjA1NzYwNzA0MTkwMjgyMSI6IjQxOXgxMDAiLCI3MjA1NzYwNzM0MDQwODgyMCI6IjQxOXgxMDAifQ%3D%3D&format-type=118&actual-format=10&pcodever=713077&banner-test-tags=eyI3MjA1NzYwNjkyNjM4MTg5OSI6IjU3MzkzIiwiNzIwNTc2MDcwNDE5MDI4MjEiOiIyNDU5NCIsIjcyMDU3NjA3MzQwNDA4ODIwIjoiNTczOTUifQ%3D%3D&pcode-active-testids=710490%2C0%2C17&width=1268&height=100&confirmTime=2105000&confirmRatio=1000000&wmode=0 HTTP/1.1
Host: an.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Origin: https://goo.su
Connection: keep-alive
Referer: https://goo.su/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
timing-allow-origin: *
location: https://an.yandex.ru/count/WMuejI_zOEC09Gi0b18Tn6CqFj79ZGK0um4GmO200J6uWDXZ000003YKuCm1Y081kGB8_jlwaKPvhl02ryVcn0RGBl050Q06xW791hZ8HQGoqZ-9gGV0peHNSrn-0_W70T08We20W09AoHBjmCu009Kq9bA6yu60W8281AWFm9spkBQEbxy3a13Mz-_PsiExZS41j8sClZxW507m5S6AzkoZZxpyOw0MaANEdWR95l0_s1Q15wWN3T0O8VWOYFRWgDcDnv9wW1c96JVNk1d___y1m1cuuO76--QhjmhI6H9vOM9pNtDbSdPbSYzoDpWmBJBe6P41y1ch1vWQrCDJi1j8k1i3WXmDPq91EbarGsfjPMPcD-aSW1t_Vu0W0eWW3D0X____0TKY__z__u4Z00000000y3yH0383QPWn4JmvxpkQtuxS22NaaARZdGCJGtlM71LyL1OIfD9tUFGBmDevb9EevgX8qYXkyh6CGG40~1=WMmejI_zO9a05Gi091JWpHlbcG7EgE2uzFcVyRS1W041Y07QxxxJcm6G0UZ_dOxZW8200fW1wF-TZcEu0VgHfzibs076cCoh0U01se2cfW7e0Qm3-07gdDw-0PW2XgZX6g02_92h5Q031h030kW4gGA81T6j0v05xeq9i0NBXmEu1Sk70y05kFq2o0MFW07G1STsg0Rk0Qa7mCw4LtDSVWEu1u05q0SMu0Ve2yA2W0RW2Bx8rGhe2GU02W7e39C2c0t7mp6WA8WI0P0I0O0KW820w1IC0g0MaANEdWR95j0MeF3blW6O5w-__Ywu5m705xNM0Q0PxW6u6O4Q__-7XCtPUucW6gB4iTAelhQ47QWUlt2m7mF87wECvbMu8DxTAR0Y0SWY0TKY__z__u4ZYIEQcPcPcPdPFv0ZzQJWp--Mlev0c2FPhOZXgPBIpu412G1L1W9mn8H16B4YljEVmvkO7awKoe6XEsCKR1Dm~1=WMuejI_zO8y09Gi0b1H_rYcpZm7UeeN_aDkokTS1W041Y063vF_Cc06G0SgZn_7WW8200fW1ogF7yM2u0QoEch8bs06sy_cf0U01mgZkg07e0SO2-06Iazw-0Q02jD3X6Q031B030h040RW4_07e1982Y0MNmWgG1RVG5R05h_C7k0MlymV01QhE4yW5YfK7q0N4cGAe1ku1gGV0peHNSrn-0xW7W0NG1nRW1v0Dq0YQYe21meA01k08ckZm3EW91u0A0UWCamAO3SV3CS2W4j0Kcg-fU-WKZ0AW5f2bpfu6oHRG5fAJthu1c1VQqhGlk1S1m1UrrW6W6Uu1k1d___y1WHh__okuS5ItNgWUe9a2i1y2o1_R-VnKgI0zQIzmbk7nFxWWtjqfi281o281rIB__t__WIE98vgPcPcPcTa_a2EwaTY3wBI_jqsO8ycqbj70axRWTWS0kKW877UDaIbY68R3IZ4zboEb4WM31Hm0~1=WNiejI_zOA00ZGi0r1Ii_NWne04GW8200VJ6hyBpsVtPbW600SwyhAJ5vEUG7eW1pjlRqve1a06MpR63u820W0AO0PRDiODWk06ypPhG9TW1qhd-gG7W0PQLhva1w0640VW1s8_UlW6W0exwXG6m0wi2Y0Mme1IG1RUiFh05zkmFk0Nsx0_01PYbwG781UgdEz05oAi6g0Rk0Qa7mCw4LtDSVWEu1u05q0YwY821me201k08X_r2w0a7W0e1-0g0jHZe39C2c0t7mp70i922Y181a181W1I0W804q1JVtTOUw1IC0g0MaANEdWR95l0_q1ROZzw-0PWNbxMqBBWN0S0NjTO1e1dk0RWP____0O4Q___lh9kNE8ge7W6m7m787-cS_rIf8AzeFIw_SD0_k23UtIcm8W788W7L8l__V_-18uaZsJ-G8_-afANvbVJVUvWZjSIcyV-lrdy908Oy3tnZ41Zp6cvWOd1HSX8o6x9yY10m1zUhb7R762pc~1?stat-id=1&test-tag=205058918636081&banner-sizes=eyI3MjA1NzYwNjkyNjM4MTg5OSI6IjQxOXgxMDAiLCI3MjA1NzYwNzA0MTkwMjgyMSI6IjQxOXgxMDAiLCI3MjA1NzYwNzM0MDQwODgyMCI6IjQxOXgxMDAifQ%3D%3D&format-type=118&actual-format=10&pcodever=713077&banner-test-tags=eyI3MjA1NzYwNjkyNjM4MTg5OSI6IjU3MzkzIiwiNzIwNTc2MDcwNDE5MDI4MjEiOiIyNDU5NCIsIjcyMDU3NjA3MzQwNDA4ODIwIjoiNTczOTUifQ%3D%3D&pcode-active-testids=710490%2C0%2C17&width=1268&height=100&confirmTime=2105000&confirmRatio=1000000&wmode=0
date: Tue, 31 Jan 2023 02:45:15 GMT
access-control-allow-origin: https://goo.su
set-cookie: yandexuid=7881198441675133115; domain=.yandex.ru; path=/; expires=Fri, 28-Jan-2033 02:45:15 GMT
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
expires: Tue, 31 Jan 2023 02:45:15 GMT
last-modified: Tue, 31 Jan 2023 02:45:15 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-encoding: gzip
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
an.yandex.ru/event_confirmation
87.250.250.90200 OK 0 B URL HTTP/2 an.yandex.ru/event_confirmation
IP 87.250.250.90:0
POST /event_confirmation HTTP/1.1
Host: an.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Content-Length: 296
Origin: https://goo.su
Connection: keep-alive
Referer: https://goo.su/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
timing-allow-origin: *
date: Tue, 31 Jan 2023 02:45:13 GMT
access-control-allow-origin: https://goo.su
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Tue, 31 Jan 2023 02:45:13 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
last-modified: Tue, 31 Jan 2023 02:45:13 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-encoding: gzip
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
mc.yandex.ru/watch/1677322?wmode=7&page-url=https%3A%2F%2Fgoo.su%2Fz2HvHzz&nohit=1&charset=utf-8&cnt-class=1&browser-info=pv%3A1%3Avf%3A3kqlg6e9sjiwxr6f2njdv%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A960%3Acn%3A1%3Adp%3A0%3Als%3A1196976593889%3Ahid%3A179404058%3Az%3A0%3Ai%3A20230131024528%3Aet%3A1675133128%3Ac%3A1%3Arn%3A498930657%3Au%3A1675133128109377745%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Aco%3A0%3Ans%3A1675133125830%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1675133128%3At%3ARedirecting...&t=gdpr(14)clc(0-0-0)aw(1)fip(1)ti(2)
93.158.134.119302 Found 0 B URL HTTP/2 mc.yandex.ru/watch/1677322?wmode=7&page-url=https%3A%2F%2Fgoo.su%2Fz2HvHzz&nohit=1&charset=utf-8&cnt-class=1&browser-info=pv%3A1%3Avf%3A3kqlg6e9sjiwxr6f2njdv%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A960%3Acn%3A1%3Adp%3A0%3Als%3A1196976593889%3Ahid%3A179404058%3Az%3A0%3Ai%3A20230131024528%3Aet%3A1675133128%3Ac%3A1%3Arn%3A498930657%3Au%3A1675133128109377745%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Aco%3A0%3Ans%3A1675133125830%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1675133128%3At%3ARedirecting...&t=gdpr(14)clc(0-0-0)aw(1)fip(1)ti(2)
IP 93.158.134.119:0
GET /watch/1677322?wmode=7&page-url=https%3A%2F%2Fgoo.su%2Fz2HvHzz&nohit=1&charset=utf-8&cnt-class=1&browser-info=pv%3A1%3Avf%3A3kqlg6e9sjiwxr6f2njdv%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A960%3Acn%3A1%3Adp%3A0%3Als%3A1196976593889%3Ahid%3A179404058%3Az%3A0%3Ai%3A20230131024528%3Aet%3A1675133128%3Ac%3A1%3Arn%3A498930657%3Au%3A1675133128109377745%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Aco%3A0%3Ans%3A1675133125830%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1675133128%3At%3ARedirecting...&t=gdpr(14)clc(0-0-0)aw(1)fip(1)ti(2) HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://goo.su
Connection: keep-alive
Referer: https://goo.su/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
location: /watch/1677322/1?wmode=7&page-url=https%3A%2F%2Fgoo.su%2Fz2HvHzz&nohit=1&charset=utf-8&cnt-class=1&browser-info=pv%3A1%3Avf%3A3kqlg6e9sjiwxr6f2njdv%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A960%3Acn%3A1%3Adp%3A0%3Als%3A1196976593889%3Ahid%3A179404058%3Az%3A0%3Ai%3A20230131024528%3Aet%3A1675133128%3Ac%3A1%3Arn%3A498930657%3Au%3A1675133128109377745%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Aco%3A0%3Ans%3A1675133125830%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1675133128%3At%3ARedirecting...&t=gdpr%2814%29clc%280-0-0%29aw%281%29fip%281%29ti%282%29
date: Tue, 31 Jan 2023 02:45:13 GMT
access-control-allow-origin: https://goo.su
set-cookie: yabs-sid=603573471675133113; Path=/; SameSite=None; Secure
i=HWbQ6pc6jh3lCBfnJqdUxf4eMNed/6lAX2z7Xq+MLxQY7gN09JqOoSIDE2OQaFMMADW+liGN6Fi0OCEWNfco7zQOkIE=; Expires=Fri, 28-Jan-2033 02:45:07 GMT; Domain=.yandex.ru; Path=/; Secure; HttpOnly; SameSite=None
yandexuid=2059146601675133113; Expires=Wed, 31-Jan-2024 02:45:13 GMT; Domain=.yandex.ru; Path=/; SameSite=None; Secure
yuidss=2059146601675133113; Expires=Wed, 31-Jan-2024 02:45:13 GMT; Domain=.yandex.ru; Path=/; SameSite=None; Secure
ymex=1706669113.yc.1675133113#1706669113.yrts.1675133113#1706669113.yrtsi.1675133113; Expires=Wed, 31-Jan-2024 02:45:13 GMT; Domain=.yandex.ru; Path=/; SameSite=None; Secure
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Tue, 31-Jan-2023 02:45:13 GMT
last-modified: Tue, 31-Jan-2023 02:45:13 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
an.yandex.ru/event_confirmation
87.250.250.90200 OK 0 B URL HTTP/2 an.yandex.ru/event_confirmation
IP 87.250.250.90:0
POST /event_confirmation HTTP/1.1
Host: an.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Content-Length: 321
Origin: https://goo.su
Connection: keep-alive
Referer: https://goo.su/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
timing-allow-origin: *
date: Tue, 31 Jan 2023 02:45:13 GMT
access-control-allow-origin: https://goo.su
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Tue, 31 Jan 2023 02:45:13 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
last-modified: Tue, 31 Jan 2023 02:45:13 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-encoding: gzip
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
an.yandex.ru/rtbcount/1SY4lXMO0V0100000000U9nJt772TOdH9VjEmmFdUDABO-gOBNSqt4Xc009Fc4YeIV8HsLYk6P8CgOn0ySm3vrh2GUAb85vjEP1ePGIHdI0-430np6HSA0rXBsGCue2mLZ8gCqDOUnb_l1LYE0hcdsK42Lvb16czoyWWmy3mbt4M4mF3N2QGo5gcA21vbka_4BnY4l0wAVJsm3a6XgacQa5jdraP_ZAnW2ndPWMIlSoAG78gCqZRN6Osa8NCJ0mA8FjODZ9dT7-8QZzhMtIIUGV7YXSsmi65Ly4gxuB9dymEJlmGvxBCVNK6p5h1ij1y0yj_663SWSG-WCI-oGBnr0VxXopV7QosBrAuOV-M1UIr1Qoy9rdDhtE1fI-mDZGqiDnatL5mO8Vv-ZokhwmWtHri3ImpsAuS3bx0rhrdyuRMlsVsbwraWnbpWCtZ11lp8pRUT2T7gqXJvwpSrBGqyvTiC0j_mbaJsKqkSgIUrdXdFukTpTpGsC3SV0CxqmvsdXFiuW_OssyrxPpqQSDYxX_iF02FmQJ2
87.250.250.90200 OK 0 B URL HTTP/2 an.yandex.ru/rtbcount/1SY4lXMO0V0100000000U9nJt772TOdH9VjEmmFdUDABO-gOBNSqt4Xc009Fc4YeIV8HsLYk6P8CgOn0ySm3vrh2GUAb85vjEP1ePGIHdI0-430np6HSA0rXBsGCue2mLZ8gCqDOUnb_l1LYE0hcdsK42Lvb16czoyWWmy3mbt4M4mF3N2QGo5gcA21vbka_4BnY4l0wAVJsm3a6XgacQa5jdraP_ZAnW2ndPWMIlSoAG78gCqZRN6Osa8NCJ0mA8FjODZ9dT7-8QZzhMtIIUGV7YXSsmi65Ly4gxuB9dymEJlmGvxBCVNK6p5h1ij1y0yj_663SWSG-WCI-oGBnr0VxXopV7QosBrAuOV-M1UIr1Qoy9rdDhtE1fI-mDZGqiDnatL5mO8Vv-ZokhwmWtHri3ImpsAuS3bx0rhrdyuRMlsVsbwraWnbpWCtZ11lp8pRUT2T7gqXJvwpSrBGqyvTiC0j_mbaJsKqkSgIUrdXdFukTpTpGsC3SV0CxqmvsdXFiuW_OssyrxPpqQSDYxX_iF02FmQJ2
IP 87.250.250.90:0
GET /rtbcount/1SY4lXMO0V0100000000U9nJt772TOdH9VjEmmFdUDABO-gOBNSqt4Xc009Fc4YeIV8HsLYk6P8CgOn0ySm3vrh2GUAb85vjEP1ePGIHdI0-430np6HSA0rXBsGCue2mLZ8gCqDOUnb_l1LYE0hcdsK42Lvb16czoyWWmy3mbt4M4mF3N2QGo5gcA21vbka_4BnY4l0wAVJsm3a6XgacQa5jdraP_ZAnW2ndPWMIlSoAG78gCqZRN6Osa8NCJ0mA8FjODZ9dT7-8QZzhMtIIUGV7YXSsmi65Ly4gxuB9dymEJlmGvxBCVNK6p5h1ij1y0yj_663SWSG-WCI-oGBnr0VxXopV7QosBrAuOV-M1UIr1Qoy9rdDhtE1fI-mDZGqiDnatL5mO8Vv-ZokhwmWtHri3ImpsAuS3bx0rhrdyuRMlsVsbwraWnbpWCtZ11lp8pRUT2T7gqXJvwpSrBGqyvTiC0j_mbaJsKqkSgIUrdXdFukTpTpGsC3SV0CxqmvsdXFiuW_OssyrxPpqQSDYxX_iF02FmQJ2 HTTP/1.1
Host: an.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Origin: https://goo.su
Connection: keep-alive
Referer: https://goo.su/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
timing-allow-origin: *
date: Tue, 31 Jan 2023 02:45:13 GMT
access-control-allow-origin: https://goo.su
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Tue, 31 Jan 2023 02:45:13 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
last-modified: Tue, 31 Jan 2023 02:45:13 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: image/gif
content-encoding: gzip
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Open%20Sans:400&display=swap
142.250.74.106200 OK 0 B URL HTTP/2 fonts.googleapis.com/css?family=Open%20Sans:400&display=swap
IP 142.250.74.106:0
GET /css?family=Open%20Sans:400&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://goo.su/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Tue, 31 Jan 2023 02:45:12 GMT
date: Tue, 31 Jan 2023 02:45:12 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
top-fwz1.mail.ru/js/code.js
95.163.52.67200 OK 0 B URL HTTP/2 top-fwz1.mail.ru/js/code.js
IP 95.163.52.67:0
GET /js/code.js HTTP/1.1
Host: top-fwz1.mail.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://goo.su/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 31 Jan 2023 02:45:12 GMT
content-type: application/javascript
last-modified: Wed, 11 Jan 2023 13:29:54 GMT
set-cookie: FTID=1RMYgQ0tkIIF:1675133112:0:::; path=/; expires=Thu, 01-Feb-24 02:45:12 GMT; domain=.mail.ru; HttpOnly; SameSite=None; Secure
etag: W/"63beb9d2-85cc"
expires: Tue, 31 Jan 2023 03:45:12 GMT
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, HEAD, PUT, OPTIONS
access-control-allow-headers: *
amp-access-control-allow-source-origin: *
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
timing-allow-origin: *
x-content-type-options: nosniff
p3p: CP="NOI DSP COR NID CUR PSA OUR NOR"
cache-control: max-age=3600, private
accept-ch: DPR, Width, Viewport-Width, Downlink, Device-Memory, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version
accept-ch-lifetime: 86400
content-encoding: gzip
X-Firefox-Spdy: h2
an.yandex.ru/meta/1677322?target-ref=https%3A%2F%2Fgoo.su%2Fz2HvHzz&charset=utf-8&pcode-test-ids=657519%2C0%2C63%3B712232%2C0%2C28%3B711101%2C0%2C7%3B708840%2C0%2C24%3B709005%2C0%2C31%3B710490%2C0%2C17%3B711079%2C0%2C86%3B710387%2C0%2C5%3B710373%2C0%2C55%3B681843%2C0%2C54%3B711252%2C0%2C88&pcode-flags-map=eJytWNtu2zgQ%2FZWFn4uu7pe%2BURJlE9FtScqOWxSEm7iJF7ks0qSbTdF%2F3yEp25Kc0E12gSJ1HM3hcObMmRn9mJBpVVMsSsIYzkSGOBINoqhkIq%2BpmJMM14JUIq3LpJ58%2BPRj8n119bCefJisH%2F%2BavJvcr7%2Fdk3P41Y8tz%2FcnPz%2B%2Fm8wRExT%2F0WLGxbxEjchpXQqUsYE9py3uAwR26ESWAsAVSgo8Ohw%2B5KQiHIN%2F6Qmb1VwsCJ%2FVLRcIfOfM5F3g%2B0Hkvhr8%2F0BGRSEaWmdtytnhMa%2BDxgD5yrz0QGRe4MwFpEIUKMGFggKQBFUVpubsBK7rhX1fKrwQ7ASs4Z8ErFGGqWgKtBxBjR2KfCeOdw6RqkFTLBgn6clSZIRJ8ExFLZGpzfL6FL6mOOWC4aIYQOPTZggd2s4eumVDLytUNa35lrEdWt4OgM8oRAtTKsOUC9bSOV5CyCGJU0GYqIAmc1SQ7AioE%2FjRDhRlMvpLydsOide6TLqaMYKFVuhF4R6sKMDDuiqWommTgqQCNUSlFVLCOFS2Gc22Ld%2Fek4NrAmPKSF0NLCGwXhQPbV0IV6%2Fgy3qORV3AueQj3omILP1fv53tRp7WgLYiHaXUbcqmb3h%2F97DumXlO5MadGeScMcXqkc2Yhz0jGSuMK1EnDEOKR%2FS9WX25Wg8s3cCJdQ5ycgrSWYkZJtMZFxU3H%2Bn5bheyJaoyfCpoK7K6RKQySqsVOm6wOy%2Bh9Qk4C2eJKR1xb2xph34UPHugLDVOSWI0d2wr0OXwEVeOyFuoygXJQBhJCVVrtPVsr5NzZdtVtkhqKpNKUUZa9tsvIiyR9Fs7DJxfoKVRk33PDbs4Z7lkHmvqCojBSYmh7gamjmVZQ1vPcvWdm7TOsCxShiujUPueDzAdlaReUSy5uz1PSJkymnth6Byag%2BTAz4UsTGDnWxC2DoBItYNsudbz1gVGtBKlnAjmiBI0urczONS3rC7KDSU1JXwpkiW0JrxoamoOWBAGXe1tedFJfMqMzcMHgY56jAQRThHoMzSKNIUsMYNK%2BLHr2%2FbAVrGY7eaIBrSZVFMziOd3CpXWbcWBynzZYOGavQbN9nvpKWkKcWIkIQVEzXxcHAYvWoLyixRU%2F%2BTI6VuMsi040d1egMDmBDotkZfIUWqu5jhywrDnRwei5xBoYEA22foTGGtkxXBaF8WROcByPFezbkpR4pifBYpa%2B2dVi%2Bkb%2BLZjmZ5%2FpvJt%2FwWLLTlmWLUfijPMYEo2%2Bmf7TqCt5cBBcQ6aM4OZaEpSs13kdgKrZgFaygqiuNr2vYbixCzxAWi0Yw9KCXogBV5XUE0zDPmQss1SKjscY0YlCuzY9rQ%2FPSPUNPIqUygNs7Fjx%2F7Akxnh6ho9MAjmCa%2FNXrih4wzm3rQpRYkzggSAIE7mqsmbMWJ3uE2kTfqfMUajfYZzBBX1yqne860gGISJlYhyAeNRiyX4sST5QRDsNy09pI480zNrLcdeNaAKVhzxKrTDrhpTOXvXVcdClEuNIzlMc1gP%2BWY6hlEcxLtRLKcEYGA61fZEkekV9snJQakfWASx23G2Z%2FHa9TUIY88KdyjQBzOJUJpPjrzAHp%2BsSWY%2By3EsZ1xlcpb7peqIAs92t5oBIxEslnBVII1wHUvPaKon6HHrcLU7wAsj9%2FAWfGq%2BA6Qp2lvtJZ%2BJBtoJdFbYeee4HPfkyddv4v724exytHZZkTNeLrXsPpPHbjU%2FkhzYurrihRV%2BV6pq2azaMjkSFOiY3YivixN2yEZwqtrbsYYbxLHn6qNHjudFrVczfc0jIFFXkC%2BBKJ4Pg7t5FNerR3G53lxc3r8ARyop6Cc4QYmAfcLkBCzDUThQBS0sixkQtsdduQjrZbaFdqkWd5jmMGisUSxC2%2FK6uYhSoTsnb2EA1aKjAq30rZ3Oju6x3n7xVy85du9cQAUbBCQdIHSEHYJA1xmwUL1u2eEUsH%2FILIzf74x4eHZ%2FNXLNtuxxsdeHKj%2B2s6LtKiyvNG8QMczzNmwx1sA6tqx9j%2BjGtDdaywJHkOKZHHYJrLvT%2Fayn1nzMZd3vCWCm1BuwXwGYtHkOWLhsYDwuAPGZ%2B%2FqGy3b2SkbfErACfVyqPinU%2Bti3%2BjH5ur4%2FuyxXdxebm24Avb79srlas7PV1ebmYvLB%2BTkqj25L6k8IsE2KpJABkozsH%2FBpcr3aXL2%2Fe4D4%2FLO6OV8%2FwuffN9eri%2FW3wVcXq2v1zfnT%2BkY%2Fvvq%2Bub%2FVH6%2Ff9345v9l030rkHQJ8cbd6urp9uuz%2B%2FHSn%2F3%2B4W72%2FWf%2F97eCBP1e31xtl%2Bvn5K4LOp1gH7ZkWelhVVhgfNEE5CW3nddkNj4iPq96k%2FfwXUy3EsQ%3D%3D&pcode-icookie=H6bNVUtThkp29lGCzyMQCLo0gRhnxk4NNfvFDFet5UibTj9vKFUI0l7UJEUWGGhni585KWvmW53iu5Zey2lxNmclapM%3D&imp-id=3&enable-flat-highlight=1&comboblock-unencoded-vast=1&test-tag=205058918580226&ad-session-id=8231961675133127528&target-id=72136192&tga-with-creatives=1&top-ancestor=https%3A%2F%2Fgoo.su&top-ancestor-undetermined=0&pcode-version=713077&pcodever=713077&flash-ver=0&available-width=145&skip-token=yabs.NzIwNTc2MDY5MjYzODE4OTkKNzIwNTc2MDcwNDE5MDI4MjEKNzIwNTc2MDczNDA0MDg4MjA%3D&layout-config=%7B%22win_width%22%3A1280%2C%22win_height%22%3A939%2C%22pixel_ratio%22%3A1%2C%22bandwidth%22%3A-1%2C%22isInIframe%22%3Afalse%2C%22w%22%3A1268%2C%22h%22%3A939%2C%22width%22%3A145%2C%22height%22%3A0%2C%22visible%22%3A1%2C%22fullscreenHeaderHeight%22%3A80%2C%22left%22%3A561%2C%22top%22%3A327%2C%22ad_no%22%3A3%2C%22darkTheme%22%3Afalse%2C%22req_no%22%3A1%7D&grab-orig-len=384&grab=eyJncmFiX3ZlcnNpb24iOjIsImlzX2FzeW5jIjoxLCJvbGRfZ3JhYl9zaXplIjo1Nn0Kgq6-kTvf80MM9dSIvWpXyDVKKJWAv3dMTrXf_RCJBARtWiSSJVXo23A4YeY8-OPWXpz1OEmSuvgwzkkG-114gvShwyVzD5l2vhdm6JALc4nLZXbCZcKiVHWVqsa84yBy4RbzMSRjYGW68Y3mfg49jQ8pQjU4-GfElzUpMZeUi6GSR07MWczGaz7RJ-eusvVSybEuT2SxZq26n1jNhkO3eH7OPuXMzjrf7LHPYkNozC2OGZnIHp3eeOAfQUXZfOVfixc0G7Xen9VvXcBDK1MqM2lNyB1g7Gi_ApI2EAhEZASpR2QA2yhMVBSQgv8%3D&uniformat=true&callback=Ya%5B8950753137565%5D
87.250.250.90200 OK 0 B URL HTTP/2 an.yandex.ru/meta/1677322?target-ref=https%3A%2F%2Fgoo.su%2Fz2HvHzz&charset=utf-8&pcode-test-ids=657519%2C0%2C63%3B712232%2C0%2C28%3B711101%2C0%2C7%3B708840%2C0%2C24%3B709005%2C0%2C31%3B710490%2C0%2C17%3B711079%2C0%2C86%3B710387%2C0%2C5%3B710373%2C0%2C55%3B681843%2C0%2C54%3B711252%2C0%2C88&pcode-flags-map=eJytWNtu2zgQ%2FZWFn4uu7pe%2BURJlE9FtScqOWxSEm7iJF7ks0qSbTdF%2F3yEp25Kc0E12gSJ1HM3hcObMmRn9mJBpVVMsSsIYzkSGOBINoqhkIq%2BpmJMM14JUIq3LpJ58%2BPRj8n119bCefJisH%2F%2BavJvcr7%2Fdk3P41Y8tz%2FcnPz%2B%2Fm8wRExT%2F0WLGxbxEjchpXQqUsYE9py3uAwR26ESWAsAVSgo8Ohw%2B5KQiHIN%2F6Qmb1VwsCJ%2FVLRcIfOfM5F3g%2B0Hkvhr8%2F0BGRSEaWmdtytnhMa%2BDxgD5yrz0QGRe4MwFpEIUKMGFggKQBFUVpubsBK7rhX1fKrwQ7ASs4Z8ErFGGqWgKtBxBjR2KfCeOdw6RqkFTLBgn6clSZIRJ8ExFLZGpzfL6FL6mOOWC4aIYQOPTZggd2s4eumVDLytUNa35lrEdWt4OgM8oRAtTKsOUC9bSOV5CyCGJU0GYqIAmc1SQ7AioE%2FjRDhRlMvpLydsOide6TLqaMYKFVuhF4R6sKMDDuiqWommTgqQCNUSlFVLCOFS2Gc22Ld%2Fek4NrAmPKSF0NLCGwXhQPbV0IV6%2Fgy3qORV3AueQj3omILP1fv53tRp7WgLYiHaXUbcqmb3h%2F97DumXlO5MadGeScMcXqkc2Yhz0jGSuMK1EnDEOKR%2FS9WX25Wg8s3cCJdQ5ycgrSWYkZJtMZFxU3H%2Bn5bheyJaoyfCpoK7K6RKQySqsVOm6wOy%2Bh9Qk4C2eJKR1xb2xph34UPHugLDVOSWI0d2wr0OXwEVeOyFuoygXJQBhJCVVrtPVsr5NzZdtVtkhqKpNKUUZa9tsvIiyR9Fs7DJxfoKVRk33PDbs4Z7lkHmvqCojBSYmh7gamjmVZQ1vPcvWdm7TOsCxShiujUPueDzAdlaReUSy5uz1PSJkymnth6Byag%2BTAz4UsTGDnWxC2DoBItYNsudbz1gVGtBKlnAjmiBI0urczONS3rC7KDSU1JXwpkiW0JrxoamoOWBAGXe1tedFJfMqMzcMHgY56jAQRThHoMzSKNIUsMYNK%2BLHr2%2FbAVrGY7eaIBrSZVFMziOd3CpXWbcWBynzZYOGavQbN9nvpKWkKcWIkIQVEzXxcHAYvWoLyixRU%2F%2BTI6VuMsi040d1egMDmBDotkZfIUWqu5jhywrDnRwei5xBoYEA22foTGGtkxXBaF8WROcByPFezbkpR4pifBYpa%2B2dVi%2Bkb%2BLZjmZ5%2FpvJt%2FwWLLTlmWLUfijPMYEo2%2Bmf7TqCt5cBBcQ6aM4OZaEpSs13kdgKrZgFaygqiuNr2vYbixCzxAWi0Yw9KCXogBV5XUE0zDPmQss1SKjscY0YlCuzY9rQ%2FPSPUNPIqUygNs7Fjx%2F7Akxnh6ho9MAjmCa%2FNXrih4wzm3rQpRYkzggSAIE7mqsmbMWJ3uE2kTfqfMUajfYZzBBX1yqne860gGISJlYhyAeNRiyX4sST5QRDsNy09pI480zNrLcdeNaAKVhzxKrTDrhpTOXvXVcdClEuNIzlMc1gP%2BWY6hlEcxLtRLKcEYGA61fZEkekV9snJQakfWASx23G2Z%2FHa9TUIY88KdyjQBzOJUJpPjrzAHp%2BsSWY%2By3EsZ1xlcpb7peqIAs92t5oBIxEslnBVII1wHUvPaKon6HHrcLU7wAsj9%2FAWfGq%2BA6Qp2lvtJZ%2BJBtoJdFbYeee4HPfkyddv4v724exytHZZkTNeLrXsPpPHbjU%2FkhzYurrihRV%2BV6pq2azaMjkSFOiY3YivixN2yEZwqtrbsYYbxLHn6qNHjudFrVczfc0jIFFXkC%2BBKJ4Pg7t5FNerR3G53lxc3r8ARyop6Cc4QYmAfcLkBCzDUThQBS0sixkQtsdduQjrZbaFdqkWd5jmMGisUSxC2%2FK6uYhSoTsnb2EA1aKjAq30rZ3Oju6x3n7xVy85du9cQAUbBCQdIHSEHYJA1xmwUL1u2eEUsH%2FILIzf74x4eHZ%2FNXLNtuxxsdeHKj%2B2s6LtKiyvNG8QMczzNmwx1sA6tqx9j%2BjGtDdaywJHkOKZHHYJrLvT%2Fayn1nzMZd3vCWCm1BuwXwGYtHkOWLhsYDwuAPGZ%2B%2FqGy3b2SkbfErACfVyqPinU%2Bti3%2BjH5ur4%2FuyxXdxebm24Avb79srlas7PV1ebmYvLB%2BTkqj25L6k8IsE2KpJABkozsH%2FBpcr3aXL2%2Fe4D4%2FLO6OV8%2FwuffN9eri%2FW3wVcXq2v1zfnT%2BkY%2Fvvq%2Bub%2FVH6%2Ff9345v9l030rkHQJ8cbd6urp9uuz%2B%2FHSn%2F3%2B4W72%2FWf%2F97eCBP1e31xtl%2Bvn5K4LOp1gH7ZkWelhVVhgfNEE5CW3nddkNj4iPq96k%2FfwXUy3EsQ%3D%3D&pcode-icookie=H6bNVUtThkp29lGCzyMQCLo0gRhnxk4NNfvFDFet5UibTj9vKFUI0l7UJEUWGGhni585KWvmW53iu5Zey2lxNmclapM%3D&imp-id=3&enable-flat-highlight=1&comboblock-unencoded-vast=1&test-tag=205058918580226&ad-session-id=8231961675133127528&target-id=72136192&tga-with-creatives=1&top-ancestor=https%3A%2F%2Fgoo.su&top-ancestor-undetermined=0&pcode-version=713077&pcodever=713077&flash-ver=0&available-width=145&skip-token=yabs.NzIwNTc2MDY5MjYzODE4OTkKNzIwNTc2MDcwNDE5MDI4MjEKNzIwNTc2MDczNDA0MDg4MjA%3D&layout-config=%7B%22win_width%22%3A1280%2C%22win_height%22%3A939%2C%22pixel_ratio%22%3A1%2C%22bandwidth%22%3A-1%2C%22isInIframe%22%3Afalse%2C%22w%22%3A1268%2C%22h%22%3A939%2C%22width%22%3A145%2C%22height%22%3A0%2C%22visible%22%3A1%2C%22fullscreenHeaderHeight%22%3A80%2C%22left%22%3A561%2C%22top%22%3A327%2C%22ad_no%22%3A3%2C%22darkTheme%22%3Afalse%2C%22req_no%22%3A1%7D&grab-orig-len=384&grab=eyJncmFiX3ZlcnNpb24iOjIsImlzX2FzeW5jIjoxLCJvbGRfZ3JhYl9zaXplIjo1Nn0Kgq6-kTvf80MM9dSIvWpXyDVKKJWAv3dMTrXf_RCJBARtWiSSJVXo23A4YeY8-OPWXpz1OEmSuvgwzkkG-114gvShwyVzD5l2vhdm6JALc4nLZXbCZcKiVHWVqsa84yBy4RbzMSRjYGW68Y3mfg49jQ8pQjU4-GfElzUpMZeUi6GSR07MWczGaz7RJ-eusvVSybEuT2SxZq26n1jNhkO3eH7OPuXMzjrf7LHPYkNozC2OGZnIHp3eeOAfQUXZfOVfixc0G7Xen9VvXcBDK1MqM2lNyB1g7Gi_ApI2EAhEZASpR2QA2yhMVBSQgv8%3D&uniformat=true&callback=Ya%5B8950753137565%5D
IP 87.250.250.90:0
GET /meta/1677322?target-ref=https%3A%2F%2Fgoo.su%2Fz2HvHzz&charset=utf-8&pcode-test-ids=657519%2C0%2C63%3B712232%2C0%2C28%3B711101%2C0%2C7%3B708840%2C0%2C24%3B709005%2C0%2C31%3B710490%2C0%2C17%3B711079%2C0%2C86%3B710387%2C0%2C5%3B710373%2C0%2C55%3B681843%2C0%2C54%3B711252%2C0%2C88&pcode-flags-map=eJytWNtu2zgQ%2FZWFn4uu7pe%2BURJlE9FtScqOWxSEm7iJF7ks0qSbTdF%2F3yEp25Kc0E12gSJ1HM3hcObMmRn9mJBpVVMsSsIYzkSGOBINoqhkIq%2BpmJMM14JUIq3LpJ58%2BPRj8n119bCefJisH%2F%2BavJvcr7%2Fdk3P41Y8tz%2FcnPz%2B%2Fm8wRExT%2F0WLGxbxEjchpXQqUsYE9py3uAwR26ESWAsAVSgo8Ohw%2B5KQiHIN%2F6Qmb1VwsCJ%2FVLRcIfOfM5F3g%2B0Hkvhr8%2F0BGRSEaWmdtytnhMa%2BDxgD5yrz0QGRe4MwFpEIUKMGFggKQBFUVpubsBK7rhX1fKrwQ7ASs4Z8ErFGGqWgKtBxBjR2KfCeOdw6RqkFTLBgn6clSZIRJ8ExFLZGpzfL6FL6mOOWC4aIYQOPTZggd2s4eumVDLytUNa35lrEdWt4OgM8oRAtTKsOUC9bSOV5CyCGJU0GYqIAmc1SQ7AioE%2FjRDhRlMvpLydsOide6TLqaMYKFVuhF4R6sKMDDuiqWommTgqQCNUSlFVLCOFS2Gc22Ld%2Fek4NrAmPKSF0NLCGwXhQPbV0IV6%2Fgy3qORV3AueQj3omILP1fv53tRp7WgLYiHaXUbcqmb3h%2F97DumXlO5MadGeScMcXqkc2Yhz0jGSuMK1EnDEOKR%2FS9WX25Wg8s3cCJdQ5ycgrSWYkZJtMZFxU3H%2Bn5bheyJaoyfCpoK7K6RKQySqsVOm6wOy%2Bh9Qk4C2eJKR1xb2xph34UPHugLDVOSWI0d2wr0OXwEVeOyFuoygXJQBhJCVVrtPVsr5NzZdtVtkhqKpNKUUZa9tsvIiyR9Fs7DJxfoKVRk33PDbs4Z7lkHmvqCojBSYmh7gamjmVZQ1vPcvWdm7TOsCxShiujUPueDzAdlaReUSy5uz1PSJkymnth6Byag%2BTAz4UsTGDnWxC2DoBItYNsudbz1gVGtBKlnAjmiBI0urczONS3rC7KDSU1JXwpkiW0JrxoamoOWBAGXe1tedFJfMqMzcMHgY56jAQRThHoMzSKNIUsMYNK%2BLHr2%2FbAVrGY7eaIBrSZVFMziOd3CpXWbcWBynzZYOGavQbN9nvpKWkKcWIkIQVEzXxcHAYvWoLyixRU%2F%2BTI6VuMsi040d1egMDmBDotkZfIUWqu5jhywrDnRwei5xBoYEA22foTGGtkxXBaF8WROcByPFezbkpR4pifBYpa%2B2dVi%2Bkb%2BLZjmZ5%2FpvJt%2FwWLLTlmWLUfijPMYEo2%2Bmf7TqCt5cBBcQ6aM4OZaEpSs13kdgKrZgFaygqiuNr2vYbixCzxAWi0Yw9KCXogBV5XUE0zDPmQss1SKjscY0YlCuzY9rQ%2FPSPUNPIqUygNs7Fjx%2F7Akxnh6ho9MAjmCa%2FNXrih4wzm3rQpRYkzggSAIE7mqsmbMWJ3uE2kTfqfMUajfYZzBBX1yqne860gGISJlYhyAeNRiyX4sST5QRDsNy09pI480zNrLcdeNaAKVhzxKrTDrhpTOXvXVcdClEuNIzlMc1gP%2BWY6hlEcxLtRLKcEYGA61fZEkekV9snJQakfWASx23G2Z%2FHa9TUIY88KdyjQBzOJUJpPjrzAHp%2BsSWY%2By3EsZ1xlcpb7peqIAs92t5oBIxEslnBVII1wHUvPaKon6HHrcLU7wAsj9%2FAWfGq%2BA6Qp2lvtJZ%2BJBtoJdFbYeee4HPfkyddv4v724exytHZZkTNeLrXsPpPHbjU%2FkhzYurrihRV%2BV6pq2azaMjkSFOiY3YivixN2yEZwqtrbsYYbxLHn6qNHjudFrVczfc0jIFFXkC%2BBKJ4Pg7t5FNerR3G53lxc3r8ARyop6Cc4QYmAfcLkBCzDUThQBS0sixkQtsdduQjrZbaFdqkWd5jmMGisUSxC2%2FK6uYhSoTsnb2EA1aKjAq30rZ3Oju6x3n7xVy85du9cQAUbBCQdIHSEHYJA1xmwUL1u2eEUsH%2FILIzf74x4eHZ%2FNXLNtuxxsdeHKj%2B2s6LtKiyvNG8QMczzNmwx1sA6tqx9j%2BjGtDdaywJHkOKZHHYJrLvT%2Fayn1nzMZd3vCWCm1BuwXwGYtHkOWLhsYDwuAPGZ%2B%2FqGy3b2SkbfErACfVyqPinU%2Bti3%2BjH5ur4%2FuyxXdxebm24Avb79srlas7PV1ebmYvLB%2BTkqj25L6k8IsE2KpJABkozsH%2FBpcr3aXL2%2Fe4D4%2FLO6OV8%2FwuffN9eri%2FW3wVcXq2v1zfnT%2BkY%2Fvvq%2Bub%2FVH6%2Ff9345v9l030rkHQJ8cbd6urp9uuz%2B%2FHSn%2F3%2B4W72%2FWf%2F97eCBP1e31xtl%2Bvn5K4LOp1gH7ZkWelhVVhgfNEE5CW3nddkNj4iPq96k%2FfwXUy3EsQ%3D%3D&pcode-icookie=H6bNVUtThkp29lGCzyMQCLo0gRhnxk4NNfvFDFet5UibTj9vKFUI0l7UJEUWGGhni585KWvmW53iu5Zey2lxNmclapM%3D&imp-id=3&enable-flat-highlight=1&comboblock-unencoded-vast=1&test-tag=205058918580226&ad-session-id=8231961675133127528&target-id=72136192&tga-with-creatives=1&top-ancestor=https%3A%2F%2Fgoo.su&top-ancestor-undetermined=0&pcode-version=713077&pcodever=713077&flash-ver=0&available-width=145&skip-token=yabs.NzIwNTc2MDY5MjYzODE4OTkKNzIwNTc2MDcwNDE5MDI4MjEKNzIwNTc2MDczNDA0MDg4MjA%3D&layout-config=%7B%22win_width%22%3A1280%2C%22win_height%22%3A939%2C%22pixel_ratio%22%3A1%2C%22bandwidth%22%3A-1%2C%22isInIframe%22%3Afalse%2C%22w%22%3A1268%2C%22h%22%3A939%2C%22width%22%3A145%2C%22height%22%3A0%2C%22visible%22%3A1%2C%22fullscreenHeaderHeight%22%3A80%2C%22left%22%3A561%2C%22top%22%3A327%2C%22ad_no%22%3A3%2C%22darkTheme%22%3Afalse%2C%22req_no%22%3A1%7D&grab-orig-len=384&grab=eyJncmFiX3ZlcnNpb24iOjIsImlzX2FzeW5jIjoxLCJvbGRfZ3JhYl9zaXplIjo1Nn0Kgq6-kTvf80MM9dSIvWpXyDVKKJWAv3dMTrXf_RCJBARtWiSSJVXo23A4YeY8-OPWXpz1OEmSuvgwzkkG-114gvShwyVzD5l2vhdm6JALc4nLZXbCZcKiVHWVqsa84yBy4RbzMSRjYGW68Y3mfg49jQ8pQjU4-GfElzUpMZeUi6GSR07MWczGaz7RJ-eusvVSybEuT2SxZq26n1jNhkO3eH7OPuXMzjrf7LHPYkNozC2OGZnIHp3eeOAfQUXZfOVfixc0G7Xen9VvXcBDK1MqM2lNyB1g7Gi_ApI2EAhEZASpR2QA2yhMVBSQgv8%3D&uniformat=true&callback=Ya%5B8950753137565%5D HTTP/1.1
Host: an.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Origin: https://goo.su
Connection: keep-alive
Referer: https://goo.su/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
uniformat: true
uniformat-product-type: Direct
content-encoding: gzip
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
access-control-allow-origin: https://goo.su
x-xss-protection: 1; mode=block
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
x-yandex-req-id: 1675133113269826-548268008782922898200100-production-app-host-vla-pcode-445
last-modified: Tue, 31 Jan 2023 02:45:13 GMT
date: Tue, 31 Jan 2023 02:45:13 GMT
set-cookie: yabs-vdrf=A0; domain=an.yandex.ru; path=/; expires=Tue, 07-Feb-2023 02:45:13 GMT
i=0bzx37tCUQXMDAf24Ef2tJ2H9ajAGHS4sa+KdprpfcZnTlq4yrXzZTfTGm8axCRkfkhCCfG5rVvvSBkaU4Kd2KTJh0s=; Expires=Thu, 30-Jan-2025 02:45:13 GMT; Domain=.yandex.ru; Path=/; Secure; HttpOnly; SameSite=None
content-type: application/json
pragma: no-cache
access-control-allow-credentials: true
timing-allow-origin: *
ssr: true
strict-transport-security: max-age=31536000
expires: Tue, 31 Jan 2023 02:45:13 GMT
X-Firefox-Spdy: h2
mc.yandex.ru/watch/1677322?page-url=https%3A%2F%2Fgoo.su%2Fz2HvHzz&charset=utf-8&cnt-class=1&hittoken=1675133113_153494e34851627e5c504690a57b6f9f633e700936f72fffcc8fc708927102ef&browser-info=pv%3A1%3Aar%3A1%3Avf%3A3kqlg6e9sjiwxr6f2njdv%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A960%3Acn%3A1%3Adp%3A0%3Als%3A1196976593889%3Ahid%3A179404058%3Az%3A0%3Ai%3A20230131024528%3Aet%3A1675133129%3Ac%3A1%3Arn%3A357245188%3Arqn%3A2%3Au%3A1675133128109377745%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Aco%3A0%3Ans%3A1675133125830%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1675133129%3At%3ARedirecting...&t=gdpr(14)mc(p-1-h-1)clc(0-0-0)rqnt(2)aw(1)fip(1)ti(2)
93.158.134.119302 Found 0 B URL HTTP/2 mc.yandex.ru/watch/1677322?page-url=https%3A%2F%2Fgoo.su%2Fz2HvHzz&charset=utf-8&cnt-class=1&hittoken=1675133113_153494e34851627e5c504690a57b6f9f633e700936f72fffcc8fc708927102ef&browser-info=pv%3A1%3Aar%3A1%3Avf%3A3kqlg6e9sjiwxr6f2njdv%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A960%3Acn%3A1%3Adp%3A0%3Als%3A1196976593889%3Ahid%3A179404058%3Az%3A0%3Ai%3A20230131024528%3Aet%3A1675133129%3Ac%3A1%3Arn%3A357245188%3Arqn%3A2%3Au%3A1675133128109377745%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Aco%3A0%3Ans%3A1675133125830%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1675133129%3At%3ARedirecting...&t=gdpr(14)mc(p-1-h-1)clc(0-0-0)rqnt(2)aw(1)fip(1)ti(2)
IP 93.158.134.119:0
GET /watch/1677322?page-url=https%3A%2F%2Fgoo.su%2Fz2HvHzz&charset=utf-8&cnt-class=1&hittoken=1675133113_153494e34851627e5c504690a57b6f9f633e700936f72fffcc8fc708927102ef&browser-info=pv%3A1%3Aar%3A1%3Avf%3A3kqlg6e9sjiwxr6f2njdv%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A960%3Acn%3A1%3Adp%3A0%3Als%3A1196976593889%3Ahid%3A179404058%3Az%3A0%3Ai%3A20230131024528%3Aet%3A1675133129%3Ac%3A1%3Arn%3A357245188%3Arqn%3A2%3Au%3A1675133128109377745%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Aco%3A0%3Ans%3A1675133125830%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1675133129%3At%3ARedirecting...&t=gdpr(14)mc(p-1-h-1)clc(0-0-0)rqnt(2)aw(1)fip(1)ti(2) HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://goo.su
Connection: keep-alive
Referer: https://goo.su/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
location: /watch/1677322/1?page-url=https%3A%2F%2Fgoo.su%2Fz2HvHzz&charset=utf-8&cnt-class=1&hittoken=1675133113_153494e34851627e5c504690a57b6f9f633e700936f72fffcc8fc708927102ef&browser-info=pv%3A1%3Aar%3A1%3Avf%3A3kqlg6e9sjiwxr6f2njdv%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A960%3Acn%3A1%3Adp%3A0%3Als%3A1196976593889%3Ahid%3A179404058%3Az%3A0%3Ai%3A20230131024528%3Aet%3A1675133129%3Ac%3A1%3Arn%3A357245188%3Arqn%3A2%3Au%3A1675133128109377745%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Aco%3A0%3Ans%3A1675133125830%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1675133129%3At%3ARedirecting...&t=gdpr%2814%29mc%28p-1-h-1%29clc%280-0-0%29rqnt%282%29aw%281%29fip%281%29ti%282%29
date: Tue, 31 Jan 2023 02:45:13 GMT
access-control-allow-origin: https://goo.su
set-cookie: yabs-sid=920374581675133113; Path=/; SameSite=None; Secure
i=+Vq1hznsZTTykQJDuF3P6Oxz4+w5gauG03HieTJnz3ts602pGzYlrYlxH9UlGGLYlohbKGp5B8m/j//4v79axaZ+yrQ=; Expires=Fri, 28-Jan-2033 02:45:08 GMT; Domain=.yandex.ru; Path=/; Secure; HttpOnly; SameSite=None
yandexuid=5040932701675133113; Expires=Wed, 31-Jan-2024 02:45:13 GMT; Domain=.yandex.ru; Path=/; SameSite=None; Secure
yuidss=5040932701675133113; Expires=Wed, 31-Jan-2024 02:45:13 GMT; Domain=.yandex.ru; Path=/; SameSite=None; Secure
ymex=1706669113.yc.1675133113#1706669113.yrts.1675133113#1706669113.yrtsi.1675133113; Expires=Wed, 31-Jan-2024 02:45:13 GMT; Domain=.yandex.ru; Path=/; SameSite=None; Secure
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Tue, 31-Jan-2023 02:45:13 GMT
last-modified: Tue, 31-Jan-2023 02:45:13 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
an.yandex.ru/count/WNGejI_zOEC0LGi091D_MNA4NvbXimK0um4GW8200J6vWDXZ000003YKuCm1Y083kGB8_jlwaKPvhl02YF20nz0ky0K1e0Rk0Sa6kLG5HxErJZAf1y3ESCg6N7u3-0S1q0Y2W8200WQg2n18-65NmCu00FOHArA6yu60W8281AWFm9spn-sGbxy3a13Mz-_PsiExZS41j8sClZxW507m5S6AzkoZZxpyOw0MaANEdWR95l0_s1Q15wWN3T0O8VWOYFRWgDcDnv9wW1c96MqP2G000000k1d___y1m1cuuO76--QhjmhI6H9vOM9pNtDbSdPbSYzoDpWmBJBe6P41y1ch1vWQrCDJi1j8k1i3WXmDPq91EZLwLsjjPMPcD-aSW1t_Vu0W0eWW3D0X____0TKY__z__u4Z00000000y3yG0383QPWn4Jmvxpje8nIRGvgETmvC3ErPSrJmKLb8a4hVuT4l06ld12THJNgHf56S85m4Wm80~1=WMWejI_zO900zGe0r1F3E0_ca07KgiFy_EJeeVq1W041Y07oiPN-d06G0TBUxCBXW8200fW1qjximc6u0TZggUibs06gwAYi0U01kCBx4EW13FW1XA_UlW6W0gp8q1Qm0mBe1AaAY0MOcWAG1PwQ0x05fcYu1QPem0NEcmR81QFA0T05soce1ku1gGV0pd3AXbn-0xW7W0N2We06u0YMfAWBw0a7W0e1-0g0jHZe39C2c0t7mp70e1205820W0JG5D_3in3e58m2e1QGfSwU1iaMq1QMuE6-0PWNakwo4RWN0S0NjTO1e1dk0RWP____0VWPeTEhAO4Q__zdqndGHbAe7W6m7m787vMqb5Qf8BGPE1b8lDy_k23UtIcm8W788W7L8l__V_-18uaZcfcPcPcPsJ-G8zkIY_tk_V7Nu06O8ygmhPQ2pQh3OWa0dGQ1qwunaegWW-6mFapFgKbbdftn8eISCmgs2JW0~1?stat-id=3&test-tag=205058918636049&banner-sizes=eyI3MjA1NzYwNzEyNzE0NDM2MSI6IjEyNjh4MjAwIn0%3D&format-type=118&actual-format=8&pcodever=713077&banner-test-tags=eyI3MjA1NzYwNzEyNzE0NDM2MSI6IjU3MzYxIn0%3D&pcode-active-testids=710490%2C0%2C17&width=1268&height=200&confirmTime=2100000&confirmRatio=1000000&wmode=0
87.250.250.90302 Found 0 B URL HTTP/2 an.yandex.ru/count/WNGejI_zOEC0LGi091D_MNA4NvbXimK0um4GW8200J6vWDXZ000003YKuCm1Y083kGB8_jlwaKPvhl02YF20nz0ky0K1e0Rk0Sa6kLG5HxErJZAf1y3ESCg6N7u3-0S1q0Y2W8200WQg2n18-65NmCu00FOHArA6yu60W8281AWFm9spn-sGbxy3a13Mz-_PsiExZS41j8sClZxW507m5S6AzkoZZxpyOw0MaANEdWR95l0_s1Q15wWN3T0O8VWOYFRWgDcDnv9wW1c96MqP2G000000k1d___y1m1cuuO76--QhjmhI6H9vOM9pNtDbSdPbSYzoDpWmBJBe6P41y1ch1vWQrCDJi1j8k1i3WXmDPq91EZLwLsjjPMPcD-aSW1t_Vu0W0eWW3D0X____0TKY__z__u4Z00000000y3yG0383QPWn4Jmvxpje8nIRGvgETmvC3ErPSrJmKLb8a4hVuT4l06ld12THJNgHf56S85m4Wm80~1=WMWejI_zO900zGe0r1F3E0_ca07KgiFy_EJeeVq1W041Y07oiPN-d06G0TBUxCBXW8200fW1qjximc6u0TZggUibs06gwAYi0U01kCBx4EW13FW1XA_UlW6W0gp8q1Qm0mBe1AaAY0MOcWAG1PwQ0x05fcYu1QPem0NEcmR81QFA0T05soce1ku1gGV0pd3AXbn-0xW7W0N2We06u0YMfAWBw0a7W0e1-0g0jHZe39C2c0t7mp70e1205820W0JG5D_3in3e58m2e1QGfSwU1iaMq1QMuE6-0PWNakwo4RWN0S0NjTO1e1dk0RWP____0VWPeTEhAO4Q__zdqndGHbAe7W6m7m787vMqb5Qf8BGPE1b8lDy_k23UtIcm8W788W7L8l__V_-18uaZcfcPcPcPsJ-G8zkIY_tk_V7Nu06O8ygmhPQ2pQh3OWa0dGQ1qwunaegWW-6mFapFgKbbdftn8eISCmgs2JW0~1?stat-id=3&test-tag=205058918636049&banner-sizes=eyI3MjA1NzYwNzEyNzE0NDM2MSI6IjEyNjh4MjAwIn0%3D&format-type=118&actual-format=8&pcodever=713077&banner-test-tags=eyI3MjA1NzYwNzEyNzE0NDM2MSI6IjU3MzYxIn0%3D&pcode-active-testids=710490%2C0%2C17&width=1268&height=200&confirmTime=2100000&confirmRatio=1000000&wmode=0
IP 87.250.250.90:0
GET /count/WNGejI_zOEC0LGi091D_MNA4NvbXimK0um4GW8200J6vWDXZ000003YKuCm1Y083kGB8_jlwaKPvhl02YF20nz0ky0K1e0Rk0Sa6kLG5HxErJZAf1y3ESCg6N7u3-0S1q0Y2W8200WQg2n18-65NmCu00FOHArA6yu60W8281AWFm9spn-sGbxy3a13Mz-_PsiExZS41j8sClZxW507m5S6AzkoZZxpyOw0MaANEdWR95l0_s1Q15wWN3T0O8VWOYFRWgDcDnv9wW1c96MqP2G000000k1d___y1m1cuuO76--QhjmhI6H9vOM9pNtDbSdPbSYzoDpWmBJBe6P41y1ch1vWQrCDJi1j8k1i3WXmDPq91EZLwLsjjPMPcD-aSW1t_Vu0W0eWW3D0X____0TKY__z__u4Z00000000y3yG0383QPWn4Jmvxpje8nIRGvgETmvC3ErPSrJmKLb8a4hVuT4l06ld12THJNgHf56S85m4Wm80~1=WMWejI_zO900zGe0r1F3E0_ca07KgiFy_EJeeVq1W041Y07oiPN-d06G0TBUxCBXW8200fW1qjximc6u0TZggUibs06gwAYi0U01kCBx4EW13FW1XA_UlW6W0gp8q1Qm0mBe1AaAY0MOcWAG1PwQ0x05fcYu1QPem0NEcmR81QFA0T05soce1ku1gGV0pd3AXbn-0xW7W0N2We06u0YMfAWBw0a7W0e1-0g0jHZe39C2c0t7mp70e1205820W0JG5D_3in3e58m2e1QGfSwU1iaMq1QMuE6-0PWNakwo4RWN0S0NjTO1e1dk0RWP____0VWPeTEhAO4Q__zdqndGHbAe7W6m7m787vMqb5Qf8BGPE1b8lDy_k23UtIcm8W788W7L8l__V_-18uaZcfcPcPcPsJ-G8zkIY_tk_V7Nu06O8ygmhPQ2pQh3OWa0dGQ1qwunaegWW-6mFapFgKbbdftn8eISCmgs2JW0~1?stat-id=3&test-tag=205058918636049&banner-sizes=eyI3MjA1NzYwNzEyNzE0NDM2MSI6IjEyNjh4MjAwIn0%3D&format-type=118&actual-format=8&pcodever=713077&banner-test-tags=eyI3MjA1NzYwNzEyNzE0NDM2MSI6IjU3MzYxIn0%3D&pcode-active-testids=710490%2C0%2C17&width=1268&height=200&confirmTime=2100000&confirmRatio=1000000&wmode=0 HTTP/1.1
Host: an.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Origin: https://goo.su
Connection: keep-alive
Referer: https://goo.su/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
timing-allow-origin: *
location: https://an.yandex.ru/count/WNGejI_zOEC0LGi091D_MNA4OADB7WK0um4GmO200J6vWDXZ000003YKuCm1Y083kGB8_jlwaKPvhl02YF20nz0ky0K1e0Rk0Sa6kLG5HxErJZAf1y3ESCg6N7u3-0S1q0Y2W8200WQg2n18-65NmCu00FOHArA6yu60W8281AWFm9spn-sGbxy3a13Mz-_PsiExZS41j8sClZxW507m5S6AzkoZZxpyOw0MaANEdWR95l0_s1Q15wWN3T0O8VWOYFRWgDcDnv9wW1c96MqP2G000000k1d___y1m1cuuO76--QhjmhI6H9vOM9pNtDbSdPbSYzoDpWmBJBe6P41y1ch1vWQrCDJi1j8k1i3WXmDPq91EZLwLsjjPMPcD-aSW1t_Vu0W0eWW3D0X____0TKY__z__u4Z00000000y3yG0383QPWn4Jmvxpje8nIRGvgETmvC3ErPSrJmKLb8a4hVuT4l06ld12THJNgHf56S85m4Wm80~1=WMqejI_zO9K07Gi091HMSHFTbG4GW8200TIgm_pyvEYX_G600G680VAnbVwS0P01qjximk60W802c07Itkp2ORW1sEgfwoNO0QhegAm1u06umliGw04C-064hzw-0Q02hCZG5h030kW4gGg81PYQ0f05dfe3i0McQBW5fcZ01SwR1iW5eye1q0NRAQW6xW6f1y3ESCg6N7u3k0U01SA2W0RW29Qag0le2GU02W7u2e2r6EWCamAO3SV3CS2W480KW8201D0KtyEp4EWKZ0AW5f2bpfu6oHRG5fRWuRu1c1UIxh8Hk1S1m1UrrW6W6Uu1k1d___y1-1cXqwifWHh__sVJ6T16KgWU0R0V0SWVbRIKLgaWj1au6KYytp-u8DxTAR0Y0SWY0TKY__z__u4ZYIEQcPcPcPdPFv0ZsvAB_UxzyTVW0PWZoh2jbeBDgiDY2G2T1e7dhZ6IYk24uR18JC_vIMModV4Yc9mpChQ9EG00~1?stat-id=3&test-tag=205058918636049&banner-sizes=eyI3MjA1NzYwNzEyNzE0NDM2MSI6IjEyNjh4MjAwIn0%3D&format-type=118&actual-format=8&pcodever=713077&banner-test-tags=eyI3MjA1NzYwNzEyNzE0NDM2MSI6IjU3MzYxIn0%3D&pcode-active-testids=710490%2C0%2C17&width=1268&height=200&confirmTime=2100000&confirmRatio=1000000&wmode=0
date: Tue, 31 Jan 2023 02:45:15 GMT
access-control-allow-origin: https://goo.su
set-cookie: yandexuid=1021407451675133115; domain=.yandex.ru; path=/; expires=Fri, 28-Jan-2033 02:45:15 GMT
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
expires: Tue, 31 Jan 2023 02:45:15 GMT
last-modified: Tue, 31 Jan 2023 02:45:15 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-encoding: gzip
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
an.yandex.ru/count/WNGejI_zOEC0LGi091D_MNA4OADB7WK0um4GmO200J6vWDXZ000003YKuCm1Y083kGB8_jlwaKPvhl02YF20nz0ky0K1e0Rk0Sa6kLG5HxErJZAf1y3ESCg6N7u3-0S1q0Y2W8200WQg2n18-65NmCu00FOHArA6yu60W8281AWFm9spn-sGbxy3a13Mz-_PsiExZS41j8sClZxW507m5S6AzkoZZxpyOw0MaANEdWR95l0_s1Q15wWN3T0O8VWOYFRWgDcDnv9wW1c96MqP2G000000k1d___y1m1cuuO76--QhjmhI6H9vOM9pNtDbSdPbSYzoDpWmBJBe6P41y1ch1vWQrCDJi1j8k1i3WXmDPq91EZLwLsjjPMPcD-aSW1t_Vu0W0eWW3D0X____0TKY__z__u4Z00000000y3yG0383QPWn4Jmvxpje8nIRGvgETmvC3ErPSrJmKLb8a4hVuT4l06ld12THJNgHf56S85m4Wm80~1=WMqejI_zO9K07Gi091HMSHFTbG4GW8200TIgm_pyvEYX_G600G680VAnbVwS0P01qjximk60W802c07Itkp2ORW1sEgfwoNO0QhegAm1u06umliGw04C-064hzw-0Q02hCZG5h030kW4gGg81PYQ0f05dfe3i0McQBW5fcZ01SwR1iW5eye1q0NRAQW6xW6f1y3ESCg6N7u3k0U01SA2W0RW29Qag0le2GU02W7u2e2r6EWCamAO3SV3CS2W480KW8201D0KtyEp4EWKZ0AW5f2bpfu6oHRG5fRWuRu1c1UIxh8Hk1S1m1UrrW6W6Uu1k1d___y1-1cXqwifWHh__sVJ6T16KgWU0R0V0SWVbRIKLgaWj1au6KYytp-u8DxTAR0Y0SWY0TKY__z__u4ZYIEQcPcPcPdPFv0ZsvAB_UxzyTVW0PWZoh2jbeBDgiDY2G2T1e7dhZ6IYk24uR18JC_vIMModV4Yc9mpChQ9EG00~1?stat-id=3&test-tag=205058918636049&banner-sizes=eyI3MjA1NzYwNzEyNzE0NDM2MSI6IjEyNjh4MjAwIn0%3D&format-type=118&actual-format=8&pcodever=713077&banner-test-tags=eyI3MjA1NzYwNzEyNzE0NDM2MSI6IjU3MzYxIn0%3D&pcode-active-testids=710490%2C0%2C17&width=1268&height=200&confirmTime=2100000&confirmRatio=1000000&wmode=0
87.250.250.90200 OK 0 B URL HTTP/2 an.yandex.ru/count/WNGejI_zOEC0LGi091D_MNA4OADB7WK0um4GmO200J6vWDXZ000003YKuCm1Y083kGB8_jlwaKPvhl02YF20nz0ky0K1e0Rk0Sa6kLG5HxErJZAf1y3ESCg6N7u3-0S1q0Y2W8200WQg2n18-65NmCu00FOHArA6yu60W8281AWFm9spn-sGbxy3a13Mz-_PsiExZS41j8sClZxW507m5S6AzkoZZxpyOw0MaANEdWR95l0_s1Q15wWN3T0O8VWOYFRWgDcDnv9wW1c96MqP2G000000k1d___y1m1cuuO76--QhjmhI6H9vOM9pNtDbSdPbSYzoDpWmBJBe6P41y1ch1vWQrCDJi1j8k1i3WXmDPq91EZLwLsjjPMPcD-aSW1t_Vu0W0eWW3D0X____0TKY__z__u4Z00000000y3yG0383QPWn4Jmvxpje8nIRGvgETmvC3ErPSrJmKLb8a4hVuT4l06ld12THJNgHf56S85m4Wm80~1=WMqejI_zO9K07Gi091HMSHFTbG4GW8200TIgm_pyvEYX_G600G680VAnbVwS0P01qjximk60W802c07Itkp2ORW1sEgfwoNO0QhegAm1u06umliGw04C-064hzw-0Q02hCZG5h030kW4gGg81PYQ0f05dfe3i0McQBW5fcZ01SwR1iW5eye1q0NRAQW6xW6f1y3ESCg6N7u3k0U01SA2W0RW29Qag0le2GU02W7u2e2r6EWCamAO3SV3CS2W480KW8201D0KtyEp4EWKZ0AW5f2bpfu6oHRG5fRWuRu1c1UIxh8Hk1S1m1UrrW6W6Uu1k1d___y1-1cXqwifWHh__sVJ6T16KgWU0R0V0SWVbRIKLgaWj1au6KYytp-u8DxTAR0Y0SWY0TKY__z__u4ZYIEQcPcPcPdPFv0ZsvAB_UxzyTVW0PWZoh2jbeBDgiDY2G2T1e7dhZ6IYk24uR18JC_vIMModV4Yc9mpChQ9EG00~1?stat-id=3&test-tag=205058918636049&banner-sizes=eyI3MjA1NzYwNzEyNzE0NDM2MSI6IjEyNjh4MjAwIn0%3D&format-type=118&actual-format=8&pcodever=713077&banner-test-tags=eyI3MjA1NzYwNzEyNzE0NDM2MSI6IjU3MzYxIn0%3D&pcode-active-testids=710490%2C0%2C17&width=1268&height=200&confirmTime=2100000&confirmRatio=1000000&wmode=0
IP 87.250.250.90:0
GET /count/WNGejI_zOEC0LGi091D_MNA4OADB7WK0um4GmO200J6vWDXZ000003YKuCm1Y083kGB8_jlwaKPvhl02YF20nz0ky0K1e0Rk0Sa6kLG5HxErJZAf1y3ESCg6N7u3-0S1q0Y2W8200WQg2n18-65NmCu00FOHArA6yu60W8281AWFm9spn-sGbxy3a13Mz-_PsiExZS41j8sClZxW507m5S6AzkoZZxpyOw0MaANEdWR95l0_s1Q15wWN3T0O8VWOYFRWgDcDnv9wW1c96MqP2G000000k1d___y1m1cuuO76--QhjmhI6H9vOM9pNtDbSdPbSYzoDpWmBJBe6P41y1ch1vWQrCDJi1j8k1i3WXmDPq91EZLwLsjjPMPcD-aSW1t_Vu0W0eWW3D0X____0TKY__z__u4Z00000000y3yG0383QPWn4Jmvxpje8nIRGvgETmvC3ErPSrJmKLb8a4hVuT4l06ld12THJNgHf56S85m4Wm80~1=WMqejI_zO9K07Gi091HMSHFTbG4GW8200TIgm_pyvEYX_G600G680VAnbVwS0P01qjximk60W802c07Itkp2ORW1sEgfwoNO0QhegAm1u06umliGw04C-064hzw-0Q02hCZG5h030kW4gGg81PYQ0f05dfe3i0McQBW5fcZ01SwR1iW5eye1q0NRAQW6xW6f1y3ESCg6N7u3k0U01SA2W0RW29Qag0le2GU02W7u2e2r6EWCamAO3SV3CS2W480KW8201D0KtyEp4EWKZ0AW5f2bpfu6oHRG5fRWuRu1c1UIxh8Hk1S1m1UrrW6W6Uu1k1d___y1-1cXqwifWHh__sVJ6T16KgWU0R0V0SWVbRIKLgaWj1au6KYytp-u8DxTAR0Y0SWY0TKY__z__u4ZYIEQcPcPcPdPFv0ZsvAB_UxzyTVW0PWZoh2jbeBDgiDY2G2T1e7dhZ6IYk24uR18JC_vIMModV4Yc9mpChQ9EG00~1?stat-id=3&test-tag=205058918636049&banner-sizes=eyI3MjA1NzYwNzEyNzE0NDM2MSI6IjEyNjh4MjAwIn0%3D&format-type=118&actual-format=8&pcodever=713077&banner-test-tags=eyI3MjA1NzYwNzEyNzE0NDM2MSI6IjU3MzYxIn0%3D&pcode-active-testids=710490%2C0%2C17&width=1268&height=200&confirmTime=2100000&confirmRatio=1000000&wmode=0 HTTP/1.1
Host: an.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://goo.su
Content-Type: application/x-www-form-urlencoded
Referer: https://goo.su/
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
timing-allow-origin: *
date: Tue, 31 Jan 2023 02:45:15 GMT
access-control-allow-origin: https://goo.su
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Tue, 31 Jan 2023 02:45:15 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
last-modified: Tue, 31 Jan 2023 02:45:15 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: image/gif
content-encoding: gzip
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
goo.su/z2HvHzz
172.67.139.105200 OK 0 B IP 172.67.139.105:0
NIDS Severity Alert suricata medium ET POLICY HTTP Request to .su TLD (Soviet Union) Often Malware Related
GET /z2HvHzz HTTP/1.1
Host: goo.su
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
date: Tue, 31 Jan 2023 02:45:11 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
x-powered-by: PHP/8.0.15
cache-control: private, must-revalidate
pragma: no-cache
expires: -1
set-cookie: XSRF-TOKEN=eyJpdiI6IlB1WWtCYUZKWkpxamJPNmFQRGdYZEE9PSIsInZhbHVlIjoiOStyOVhDR3h4WHdyYnp5bURJa0tWL0NHREpsdzlhblFzRGJGR3BMMFBaaTlIcXEvMnhaNVdLNWZuWmNIR3NLODZ6N3JaVkFMdGZDMVVQODc1blJCV20rWGRML2xURURTTXMraVdIbXd1UkM4NEZ3R3RyN0lFK3o1aWtqVXoycHIiLCJtYWMiOiIyOTNhYmRhZDU3NjliMTljNjg5Mjc1ZTBiNGNiMDBmMGM4MjQ3N2Q4NTBiNDEwNGFiNmQwNmI3MWRiOGQxYjQ2IiwidGFnIjoiIn0%3D; expires=Tue, 31-Jan-2023 21:25:11 GMT; Max-Age=67200; path=/; samesite=lax
goosu_session=eyJpdiI6IkY4MHlmLzRueVNGU053bW14empDamc9PSIsInZhbHVlIjoiSmQ2bk1QM29obmNVQjlyU3Z1MWFTdldnK01sSXhyTnlmNVBkcDByTTB6aDhQL1l1REhZaElIUGx4VnpTalAwc2Q4UU9UaHRST01yRlFGTGdqaFBLazJ3ZVZGMEk4b3IybjRYditIVityRDRVKzJEblFGWUVMNGo3T0NWWjRYOXEiLCJtYWMiOiJjM2VjMDUzNjdmMzhlYmZkZmUyZjJkZTU3YjJmMTU4ZjI0MzQ1M2VkNzg2M2Y0MTYzMTgyYTE3YjhmYjg4NTQ2IiwidGFnIjoiIn0%3D; expires=Tue, 31-Jan-2023 21:25:11 GMT; Max-Age=67200; path=/; httponly; samesite=lax
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ub8limKLlBQctFmy7eS64RsLnMOdT29BNwPzaLoKtxTEYXwSM3a5tTSYJnuPUzbq8OIykPE1X59R7n6M7qeQlk%2FvazVGUdzKOdZDztPsVTiDyyjQtMfaweo%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 791f1c1aabcf1bfa-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Roboto:400&display=swap
142.250.74.106200 OK 0 B URL HTTP/2 fonts.googleapis.com/css?family=Roboto:400&display=swap
IP 142.250.74.106:0
GET /css?family=Roboto:400&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://goo.su/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Tue, 31 Jan 2023 02:45:12 GMT
date: Tue, 31 Jan 2023 02:45:12 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2