Report - goo.su/Cw4mR6O

Report Overview

Visited public
2024-05-01 15:38:22
Tags
Submit Tags
URL
goo.su/Cw4mR6O
Finishing URL
viidey.click/gfhfghtrgfnfg.html
IP / ASN
172.67.139.105
#13335 CLOUDFLARENET
Title
BOLUDO 🤏

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
viidey.click	unknown	unknown	No data	No data	960 B	7.8 kB	185.199.108.153
richinfo.co	285236	2019-06-20	2019-06-26 15:58:03	2024-04-09 09:00:45	447 B	97 kB	109.200.199.111
fonts.googleapis.com	8877	2005-01-25	2013-06-10 22:14:26	2024-05-01 03:58:46	877 B	9.6 kB	142.250.74.170
enduresopens.com	unknown	2023-08-31	2023-08-31 14:06:40	2024-04-18 01:17:38	399 B	1.5 kB	23.109.170.155
rtb.pushdom.co	244282	2018-12-28	2019-01-08 20:36:00	2024-03-22 10:05:08	509 B	158 B	109.200.209.143
st.top100.ru	27374	1999-09-30	2014-03-27 17:20:51	2024-04-30 18:11:48	800 B	56 kB	81.19.89.18
cdn.videy.co	unknown	2021-02-09	2022-10-28 04:09:08	2024-04-20 23:26:47	500 B	27 kB	104.21.235.106
t.dtscout.com	11951	2013-11-01	2017-01-30 05:52:42	2024-04-30 21:30:22	984 B	12 kB	141.101.120.10
waust.at	38137	unknown	2016-01-28 19:24:33	2024-04-29 11:48:32	386 B	16 kB	104.26.4.7
goo.su	377451	2019-06-14	2017-05-12 21:35:59	2024-04-18 08:40:20	8.2 kB	75 kB	172.67.139.105
fonts.gstatic.com	unknown	2008-02-11	2014-09-09 02:40:21	2024-05-01 03:38:37	1.1 kB	36 kB	216.58.207.227

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2024-05-01	medium	enduresopens.com	Sinkholed

ThreatFox

No alerts detected

JavaScript (6)

	URL	From	Size	First Seen	Last Seen
	t.dtscout.com/pv/?_a=v&_h=viidey.click&_ss=6k9ozhjf1d&_pv=1&_ls=0&_u1=1&_u3=1&_cc=no&_pl=d&_cbid=xu4r&_cb=_dtspv.c	ScriptElement	51 B	2024-08-20	2024-08-20
Pretty URL t.dtscout.com/pv/?_a=v&_h=viidey.click&_ss=6k9ozhjf1d&_pv=1&_ls=0&_u1=1&_u3=1&_cc=no&_pl=d&_cbid=xu4r&_cb=_dtspv.c IP 141.101.120.10 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-08-20 01:27 Last Seen2024-08-20 01:27 Times Seen1 Hash 84ea3e5918919dd493e64b11d5356dcf 7f799c96004ed889f02b8704611823fdba6c8502 78382dcc499576ceaefa7ff3608c6e00d570f3a674be364efe0e4e34228d0a67 Loading...

	viidey.click/gfhfghtrgfnfg.html	ScriptElement	0 B	0001-01-01	2025-06-29
Pretty URL viidey.click/gfhfghtrgfnfg.html IP 185.199.108.153 ASN #54113 FASTLY Introduced by scriptElement Embedded in HTML true Observations First Seen0001-01-01 00:00 Last Seen2025-06-29 05:59 Times Seen5190254 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	t.dtscout.com/i/?l=https%3A%2F%2Fviidey.click%2Fgfhfghtrgfnfg.html&j=https%3A%2F%2Fgoo.su%2F	ScriptElement	2.1 kB	2023-03-07	2025-06-29
Pretty URL t.dtscout.com/i/?l=https%3A%2F%2Fviidey.click%2Fgfhfghtrgfnfg.html&j=https%3A%2F%2Fgoo.su%2F IP 141.101.120.10 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03 Last Seen2025-06-29 05:40 Times Seen4330 Hash 51bd741af3fcc4984d1a753eebfa1141 534664acf69cbbb5c9b97c96b63dd37bdc580da2 3e9c8e5dcf3cbff9e1b7211551a31fe388f1b8e607fd78a0a34855be65da721c Loading...

	viidey.click/gfhfghtrgfnfg.html	ScriptElement	106 B	2024-04-30	2024-08-20
Pretty URL viidey.click/gfhfghtrgfnfg.html IP 185.199.108.153 ASN #54113 FASTLY Introduced by scriptElement Embedded in HTML true Observations First Seen2024-04-30 20:20 Last Seen2024-08-20 01:38 Times Seen2 Hash 3861e8b05dc68b569ba36ae3ce1d70ef 01d13b44061a8af9a473f58859c02011d3b7db01 7cf20282fd5b1f52d035894ef5a5efc5448e648d8d294ef4d4c654643f65e339 Loading...

	waust.at/d.js	ScriptElement	15 kB	2023-03-08	2025-04-10
Pretty URL waust.at/d.js IP 104.26.4.7 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:22 Last Seen2025-04-10 09:23 Times Seen1874 Hash 38cdedd658fa41770f607c0b117c1f82 3f3c9c6c330ab649e27ec56a8d852e9d41b0edf4 951feaddb6ad45bcc58fee7033004366978150e8f2927692781c3e2755c7c15c Loading...

		Size	First Seen	Last Seen
	#1 Write - 7f6846cc0a61c81e3f1ba3d94022b5e8	236 B	2024-08-20 01:27	2024-08-20 01:27
Pretty Observations First Seen2024-08-20 01:27 Last Seen2024-08-20 01:27 Times Seen1 Hash 7f6846cc0a61c81e3f1ba3d94022b5e8 d325221351321d528f55512de201e970c62649aa a99729d7d825f8d197bc61f30e4c6b4affa154da5e9ba8c8876613758e557619 Loading...

HTTP Transactions (22)

URL IP Response Size

GET goo.su/frontend/js/redirect.js?id=399eaf833ac5f607b305c4ace0c25eb5

172.67.139.105

200 OK

32 kB

URL GET HTTP/3
goo.su/frontend/js/redirect.js?id=399eaf833ac5f607b305c4ace0c25eb5
IP
172.67.139.105:443
ASN
#13335 CLOUDFLARENET

Requested by
https://goo.su/Cw4mR6O
Certificate
IssuerGoogle Trust Services LLC
Subjectgoo.su
FingerprintDE:C6:4D:AF:DC:06:3A:ED:C6:AF:B6:FD:D7:3A:E7:C4:A6:AB:A2:60
ValidityMon, 01 Apr 2024 06:02:27 GMT - Sun, 30 Jun 2024 06:02:26 GMT

File type
JavaScript source, Unicode text, UTF-8 text, with very long lines (65534), with no line terminators
Size
32 kB (32113 bytes)
Hash
f152f828206d2cf93e62818f9504e023
182c57654b3f05537cd722545f8d8dd99a8e2652
237a9a5d407ec860020474b01d73aaf1ca71ba2519c8ca92dba2ec81cf479d0b

HTTP Headers

GET /frontend/js/redirect.js?id=399eaf833ac5f607b305c4ace0c25eb5 HTTP/1.1
Host: goo.su
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://goo.su/Cw4mR6O
Cookie: XSRF-TOKEN=eyJpdiI6ImdKeVRkNGIwM0dhRnZqdXVGUCticnc9PSIsInZhbHVlIjoiRHN2Rk9iR25ZeXdpTFdBbDdwaXU1RFVWd0VaMkljN2krWGM4WVBaUm9Qc1E2SnQwTU9hMmRlbGRVWmQ5TWRnbzkwSXVqcTZZeGtiNXR0UHVuVWliNDZUcDZvRUlzUXVLZSsrWG1HdThFQnFydTRQaVUzcmp5Q3VvTkoxcVExcDYiLCJtYWMiOiI4MjlkOTM1NDBlNzY1NGU1MzJlNDhhZjhjMzFjMDMwN2M1NjA4NjI2YmIyZDkxY2MyYzRkMzFkYzE3MTdiY2ZhIiwidGFnIjoiIn0%3D; goosu_session=eyJpdiI6IkVSRkRPbzd1VEkrcVNLdVJzQUxUREE9PSIsInZhbHVlIjoiNnludjhHTitaTFkzSkYvUXBNd1RGQXVZL3FrWGVZbE4raGNQSVlGbldCbUdpSmRjb2JzNzhuWlVlSnFQeUxidVM3OXVDWE1qTnhiYllUc1lHY1h5NTVrc3dOVkkrZnk5UEh3T0VzbWZsM1NqZDlyTEcrR3VRLytxSm5aSWdTeVEiLCJtYWMiOiI2OTIwMDE3MDE0NzRlYzM5ZDk0NjQxZjU3N2VkZWI0MGU3YmQ4ZmQ5NGViNWFiMGZkOGY2MjZjNDIxZDZkMjQ1IiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Wed, 01 May 2024 15:37:57 GMT
content-type: application/javascript
cache-control: max-age=604800
cf-bgj: minify
cf-polished: origSize=87787
etag: W/"65896ec2-156eb"
expires: Tue, 07 May 2024 18:40:19 GMT
last-modified: Mon, 25 Dec 2023 12:00:02 GMT
cf-cache-status: HIT
age: 75458
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=VAdD6440rqpXEMwY4KuTK%2FX98SK%2FyF2orcDdMH%2BZIJfBdVT8%2B7RqwBOpmeGKVHBxLbq5A2pLn64XIrDes%2FGfI2iYc6SpaG6sAQAnK%2Fpyh2DRWgADvOC2%2BzA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87d0db18cd380afe-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

GET goo.su/Cw4mR6O

172.67.139.105

200 OK

10 kB

URL User Request GET HTTP/2
goo.su/Cw4mR6O
IP
172.67.139.105:443
ASN
#13335 CLOUDFLARENET

Certificate
IssuerGoogle Trust Services LLC
Subjectgoo.su
FingerprintDE:C6:4D:AF:DC:06:3A:ED:C6:AF:B6:FD:D7:3A:E7:C4:A6:AB:A2:60
ValidityMon, 01 Apr 2024 06:02:27 GMT - Sun, 30 Jun 2024 06:02:26 GMT

File type
HTML document, Unicode text, UTF-8 text, with very long lines (7391)
Size
10 kB (10311 bytes)
Hash
79e518d6e7f4d041a5413f1cbeb3d86c
3ea3b37dbce9d1ce10cf10c0ae485cb9ea347097
100b22847ea53faba52fb177b02c8ff1f2f1ecea3d42aca40e713fcfbe364bd1

HTTP Headers

GET /Cw4mR6O HTTP/1.1
Host: goo.su
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Wed, 01 May 2024 15:37:57 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
x-powered-by: PHP/8.2.13
cache-control: private, must-revalidate
pragma: no-cache
expires: -1
set-cookie: XSRF-TOKEN=eyJpdiI6ImdKeVRkNGIwM0dhRnZqdXVGUCticnc9PSIsInZhbHVlIjoiRHN2Rk9iR25ZeXdpTFdBbDdwaXU1RFVWd0VaMkljN2krWGM4WVBaUm9Qc1E2SnQwTU9hMmRlbGRVWmQ5TWRnbzkwSXVqcTZZeGtiNXR0UHVuVWliNDZUcDZvRUlzUXVLZSsrWG1HdThFQnFydTRQaVUzcmp5Q3VvTkoxcVExcDYiLCJtYWMiOiI4MjlkOTM1NDBlNzY1NGU1MzJlNDhhZjhjMzFjMDMwN2M1NjA4NjI2YmIyZDkxY2MyYzRkMzFkYzE3MTdiY2ZhIiwidGFnIjoiIn0%3D; expires=Thu, 02 May 2024 10:17:57 GMT; Max-Age=67200; path=/; secure; samesite=lax
goosu_session=eyJpdiI6IkVSRkRPbzd1VEkrcVNLdVJzQUxUREE9PSIsInZhbHVlIjoiNnludjhHTitaTFkzSkYvUXBNd1RGQXVZL3FrWGVZbE4raGNQSVlGbldCbUdpSmRjb2JzNzhuWlVlSnFQeUxidVM3OXVDWE1qTnhiYllUc1lHY1h5NTVrc3dOVkkrZnk5UEh3T0VzbWZsM1NqZDlyTEcrR3VRLytxSm5aSWdTeVEiLCJtYWMiOiI2OTIwMDE3MDE0NzRlYzM5ZDk0NjQxZjU3N2VkZWI0MGU3YmQ4ZmQ5NGViNWFiMGZkOGY2MjZjNDIxZDZkMjQ1IiwidGFnIjoiIn0%3D; expires=Thu, 02 May 2024 10:17:57 GMT; Max-Age=67200; path=/; httponly; samesite=lax
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=17stmjPOuAHRgZGE%2B6%2BTJeZAr6xqhJSx6Fwzl%2Fia2M4LsVZ5gfXgUj37TkGOLWoJD51rWvc5jsxecJou2CmBH%2BmkMrxX3DirJUYfQjt37AdDoI%2B%2FxUpUULM%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87d0db15983d56c5-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

GET goo.su/cdn-cgi/challenge-platform/scripts/jsd/main.js

172.67.139.105

302 Found

0 B

URL GET HTTP/3
goo.su/cdn-cgi/challenge-platform/scripts/jsd/main.js
IP
172.67.139.105:443
ASN
#13335 CLOUDFLARENET

Requested by
https://goo.su/Cw4mR6O
Certificate
IssuerGoogle Trust Services LLC
Subjectgoo.su
FingerprintDE:C6:4D:AF:DC:06:3A:ED:C6:AF:B6:FD:D7:3A:E7:C4:A6:AB:A2:60
ValidityMon, 01 Apr 2024 06:02:27 GMT - Sun, 30 Jun 2024 06:02:26 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP/1.1
Host: goo.su
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: XSRF-TOKEN=eyJpdiI6ImdKeVRkNGIwM0dhRnZqdXVGUCticnc9PSIsInZhbHVlIjoiRHN2Rk9iR25ZeXdpTFdBbDdwaXU1RFVWd0VaMkljN2krWGM4WVBaUm9Qc1E2SnQwTU9hMmRlbGRVWmQ5TWRnbzkwSXVqcTZZeGtiNXR0UHVuVWliNDZUcDZvRUlzUXVLZSsrWG1HdThFQnFydTRQaVUzcmp5Q3VvTkoxcVExcDYiLCJtYWMiOiI4MjlkOTM1NDBlNzY1NGU1MzJlNDhhZjhjMzFjMDMwN2M1NjA4NjI2YmIyZDkxY2MyYzRkMzFkYzE3MTdiY2ZhIiwidGFnIjoiIn0%3D; goosu_session=eyJpdiI6IkVSRkRPbzd1VEkrcVNLdVJzQUxUREE9PSIsInZhbHVlIjoiNnludjhHTitaTFkzSkYvUXBNd1RGQXVZL3FrWGVZbE4raGNQSVlGbldCbUdpSmRjb2JzNzhuWlVlSnFQeUxidVM3OXVDWE1qTnhiYllUc1lHY1h5NTVrc3dOVkkrZnk5UEh3T0VzbWZsM1NqZDlyTEcrR3VRLytxSm5aSWdTeVEiLCJtYWMiOiI2OTIwMDE3MDE0NzRlYzM5ZDk0NjQxZjU3N2VkZWI0MGU3YmQ4ZmQ5NGViNWFiMGZkOGY2MjZjNDIxZDZkMjQ1IiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 302 Found
date: Wed, 01 May 2024 15:37:58 GMT
content-length: 0
location: /cdn-cgi/challenge-platform/h/g/scripts/jsd/d0ff3ebede6b/main.js
cache-control: max-age=300, public
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Y5CTNQ4aqKhesAYRh0ukSoQxFG3nL4hktYW5uhBA9Og2nPL8nAzIBG8yfl4UnowqfOM%2Fe3UzW1e0zuYBbCG0NnS1FKkiWHQT6s5d%2B0CXO4RxhFpFR%2Bdci0g%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87d0db1a9eef0afe-OSL
alt-svc: h3=":443"; ma=86400

GET enduresopens.com/ttkXIvunodY/69489

23.109.170.155

200 OK

25 B

URL GET HTTP/1.1
enduresopens.com/ttkXIvunodY/69489
IP
23.109.170.155:443
ASN
#7979 SERVERS-COM

Requested by
https://goo.su/Cw4mR6O
Certificate
IssuerLet's Encrypt
Subjectenduresopens.com
FingerprintC4:F1:82:55:01:80:DE:E4:BA:76:D0:1C:20:FC:58:30:9D:43:C0:2B
ValidityMon, 25 Mar 2024 23:51:07 GMT - Sun, 23 Jun 2024 23:51:06 GMT

File type
ASCII text, with no line terminators
Size
25 B (25 bytes)
Hash
f7a2939527fd9e68723da600e96d76bd
a9e717b6364d2895ee0a716050db32ca0ef1bb42
d810f5146f4cd1517512a6e31946e764a73c58fb01427aae88d42cc2ae28718a

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /ttkXIvunodY/69489 HTTP/1.1
Host: enduresopens.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://goo.su/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 01 May 2024 15:37:58 GMT
Content-Type: application/javascript; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=20
Accept-ch: sec-ch-ua-platform-version,sec-ch-ua-model,sec-ch-ua-full-version,sec-ch-ua-full-version-list
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://goo.su
Access-Control-Allow-Headers: content-type, megageocheckolololo, x-forwarded-for, x-requested-with, cache-control, pragma, expires
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET, POST, OPTIONS
X-Frame-Options: SAMEORIGIN
Set-Cookie: GL_UI4=eJw9jUtug0AQRPljJ4akJQ7gIxgUjL3MJivfAQ0zDZ4Ypq1mjJ3bZxIp2dUrPVV5nhcUL%2BAvyRrCm6hhe1R9s5dYojyUVVW%2BHSrZ151o%2BlJVTVnvYK3n1opuRBvBap4E29YuEWwGNMhatpIUZvDqrL%2FmYuhuIog7FkZlEE%2FOGDNIO6b7jFyEEBkxIaQfmrGnhzPEJzEEx72L2rjo7yCguQjzJ4hP2twe%2BSbx8jzx4Pk6CtsTT61WDuOBhULw32ElhcWB%2BAtShfPF0hWARtX%2B%2B7%2Bf8fizBonCRUuHZM%2FI38wATrY%3D; expires=Thu, 02-May-2024 15:37:58 GMT; Max-Age=86400; path=/; secure; SameSite=None
GL_GI10=eJwVyM0KgkAUhuE5hxiIJPjIC%2FAKTMsWbrNl6MIrMIsYGObIzNjP3WeLd%2FG8SilOE7CZkNRlXhd5dcjLUwV6gtsOPDroVvx7%2BII8uDiCvcOmC1ayRmYXlz9i9TfIYHu25pP1YudoxAXw0roZbvaxv%2FRX0KQJHEUzONxTBXrp3Q9e7R3S; expires=Thu, 02-May-2024 15:37:58 GMT; Max-Age=86400; path=/; secure; SameSite=None
Content-Encoding: gzip
Vary: Accept-Encoding
Strict-Transport-Security: max-age=1
X-Content-Type-Options: nosniff

GET fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

216.58.207.227

200 OK

16 kB

URL GET HTTP/2
fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://goo.su/Cw4mR6O
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint93:EC:35:60:8A:5B:23:EA:C0:36:D7:AE:03:0C:C3:77:17:5A:20:33
ValidityMon, 08 Apr 2024 07:31:57 GMT - Mon, 01 Jul 2024 07:31:56 GMT

File type
Web Open Font Format (Version 2), TrueType, length 15744, version 1.0
Size
16 kB (15744 bytes)
Hash
15d9f621c3bd1599f0169dcf0bd5e63e
7ca9c5967f3bb8bffeab24b639b49c1e7d03fa52
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

HTTP Headers

GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://goo.su
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15744
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 26 Apr 2024 06:02:10 GMT
expires: Sat, 26 Apr 2025 06:02:10 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 11 May 2022 19:24:48 GMT
content-type: font/woff2
age: 466548
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

GET fonts.gstatic.com/s/opensans/v40/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4gaVI.woff2

216.58.207.227

200 OK

19 kB

URL GET HTTP/2
fonts.gstatic.com/s/opensans/v40/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4gaVI.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://goo.su/Cw4mR6O
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint93:EC:35:60:8A:5B:23:EA:C0:36:D7:AE:03:0C:C3:77:17:5A:20:33
ValidityMon, 08 Apr 2024 07:31:57 GMT - Mon, 01 Jul 2024 07:31:56 GMT

File type
Web Open Font Format (Version 2), TrueType, length 18668, version 1.0
Size
19 kB (18668 bytes)
Hash
8655d20bbcc8cdbfab17b6be6cf55df3
90edbfa9a7dabb185487b4774076f82eb6412270
e7af9d60d875eb1c1b1037bbbfdec41fcb096d0ebcf98a48717ad8b07906ced6

HTTP Headers

GET /s/opensans/v40/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4gaVI.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://goo.su
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 18668
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 26 Apr 2024 06:01:38 GMT
expires: Sat, 26 Apr 2025 06:01:38 GMT
cache-control: public, max-age=31536000
last-modified: Thu, 14 Dec 2023 02:00:39 GMT
content-type: font/woff2
age: 466580
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

POST goo.su/cdn-cgi/challenge-platform/h/g/jsd/r/87d0db15983d56c5

172.67.139.105

200 OK

0 B

URL POST HTTP/3
goo.su/cdn-cgi/challenge-platform/h/g/jsd/r/87d0db15983d56c5
IP
172.67.139.105:443
ASN
#13335 CLOUDFLARENET

Requested by
https://goo.su/Cw4mR6O
Certificate
IssuerGoogle Trust Services LLC
Subjectgoo.su
FingerprintDE:C6:4D:AF:DC:06:3A:ED:C6:AF:B6:FD:D7:3A:E7:C4:A6:AB:A2:60
ValidityMon, 01 Apr 2024 06:02:27 GMT - Sun, 30 Jun 2024 06:02:26 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /cdn-cgi/challenge-platform/h/g/jsd/r/87d0db15983d56c5 HTTP/1.1
Host: goo.su
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Content-Length: 12141
Origin: https://goo.su
DNT: 1
Connection: keep-alive
Referer: https://goo.su/Cw4mR6O
Cookie: XSRF-TOKEN=eyJpdiI6ImdKeVRkNGIwM0dhRnZqdXVGUCticnc9PSIsInZhbHVlIjoiRHN2Rk9iR25ZeXdpTFdBbDdwaXU1RFVWd0VaMkljN2krWGM4WVBaUm9Qc1E2SnQwTU9hMmRlbGRVWmQ5TWRnbzkwSXVqcTZZeGtiNXR0UHVuVWliNDZUcDZvRUlzUXVLZSsrWG1HdThFQnFydTRQaVUzcmp5Q3VvTkoxcVExcDYiLCJtYWMiOiI4MjlkOTM1NDBlNzY1NGU1MzJlNDhhZjhjMzFjMDMwN2M1NjA4NjI2YmIyZDkxY2MyYzRkMzFkYzE3MTdiY2ZhIiwidGFnIjoiIn0%3D; goosu_session=eyJpdiI6IkVSRkRPbzd1VEkrcVNLdVJzQUxUREE9PSIsInZhbHVlIjoiNnludjhHTitaTFkzSkYvUXBNd1RGQXVZL3FrWGVZbE4raGNQSVlGbldCbUdpSmRjb2JzNzhuWlVlSnFQeUxidVM3OXVDWE1qTnhiYllUc1lHY1h5NTVrc3dOVkkrZnk5UEh3T0VzbWZsM1NqZDlyTEcrR3VRLytxSm5aSWdTeVEiLCJtYWMiOiI2OTIwMDE3MDE0NzRlYzM5ZDk0NjQxZjU3N2VkZWI0MGU3YmQ4ZmQ5NGViNWFiMGZkOGY2MjZjNDIxZDZkMjQ1IiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Wed, 01 May 2024 15:37:58 GMT
content-type: text/plain; charset=UTF-8
content-length: 0
set-cookie: cf_clearance=DflsdVmiJqle.a7bywvXRXul59ZG4.uEsWlPhwiVj6w-1714577878-1.0.1.1-xGdWYSX5uTPI.8gTbXZa5d5jGI8zQFb.TsjpjtzD.SdMGvFXFNRDtsT_pY0V07aaWfGsbShO5dWtBdaPrGxb_w; path=/; expires=Thu, 01-May-25 15:37:58 GMT; domain=.goo.su; HttpOnly; Secure; SameSite=None
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=bxI33LOqoNnP71orkY%2BBWyrbaw6KCzSs1Sbn2P%2BbtyEARgkOIL7AsQbyc5wMWjUCJzFEm0x775wgOW%2FckRFAkUz6IvXX8QgCtLJfWh2LCAtC5goOyUx74jc%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87d0db1c382c0afe-OSL
alt-svc: h3=":443"; ma=86400

GET rtb.pushdom.co/pb/st?sctp=content-locker&m=ht&pid=883146&sid=330256&dm=goo.su&c1=https&c2=1&c3=https://rtb.pushdom.co/pb/st

109.200.209.143

200 OK

0 B

URL GET HTTP/2
rtb.pushdom.co/pb/st?sctp=content-locker&m=ht&pid=883146&sid=330256&dm=goo.su&c1=https&c2=1&c3=https://rtb.pushdom.co/pb/st
IP
109.200.209.143:443
ASN
#49544 i3D.net B.V

Requested by
https://goo.su/Cw4mR6O
Certificate
IssuerLet's Encrypt
Subjectrtb.pushdom.co
Fingerprint12:C4:C5:EF:24:BE:28:31:C7:C1:45:E0:0F:F3:7E:9C:7F:5E:3E:30
ValidityMon, 01 Apr 2024 18:28:04 GMT - Sun, 30 Jun 2024 18:28:03 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /pb/st?sctp=content-locker&m=ht&pid=883146&sid=330256&dm=goo.su&c1=https&c2=1&c3=https://rtb.pushdom.co/pb/st HTTP/1.1
Host: rtb.pushdom.co
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://goo.su/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: openresty/1.21.4.1
date: Wed, 01 May 2024 15:37:58 GMT
content-type: text/html;charset=UTF-8
content-length: 0
X-Firefox-Spdy: h2

GET goo.su/img/favicons/favicon-16x16.png

172.67.139.105

200 OK

1.6 kB

URL GET HTTP/3
goo.su/img/favicons/favicon-16x16.png
IP
172.67.139.105:443
ASN
#13335 CLOUDFLARENET

Requested by
https://goo.su/Cw4mR6O
Certificate
IssuerGoogle Trust Services LLC
Subjectgoo.su
FingerprintDE:C6:4D:AF:DC:06:3A:ED:C6:AF:B6:FD:D7:3A:E7:C4:A6:AB:A2:60
ValidityMon, 01 Apr 2024 06:02:27 GMT - Sun, 30 Jun 2024 06:02:26 GMT

File type
PNG image data, 16 x 16, 8-bit colormap, non-interlaced
Size
1.6 kB (1567 bytes)
Hash
2b201347b6d90e0ad2bbad3be209db73
ae5de3e7f779cf33aefd5dc738f2126633bb7824
df0a5932ec719656fd8f147bcc0c14312e53e52c2df13f5f815d72833de9c852

HTTP Headers

GET /img/favicons/favicon-16x16.png HTTP/1.1
Host: goo.su
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://goo.su/Cw4mR6O
Cookie: XSRF-TOKEN=eyJpdiI6ImdKeVRkNGIwM0dhRnZqdXVGUCticnc9PSIsInZhbHVlIjoiRHN2Rk9iR25ZeXdpTFdBbDdwaXU1RFVWd0VaMkljN2krWGM4WVBaUm9Qc1E2SnQwTU9hMmRlbGRVWmQ5TWRnbzkwSXVqcTZZeGtiNXR0UHVuVWliNDZUcDZvRUlzUXVLZSsrWG1HdThFQnFydTRQaVUzcmp5Q3VvTkoxcVExcDYiLCJtYWMiOiI4MjlkOTM1NDBlNzY1NGU1MzJlNDhhZjhjMzFjMDMwN2M1NjA4NjI2YmIyZDkxY2MyYzRkMzFkYzE3MTdiY2ZhIiwidGFnIjoiIn0%3D; goosu_session=eyJpdiI6IkVSRkRPbzd1VEkrcVNLdVJzQUxUREE9PSIsInZhbHVlIjoiNnludjhHTitaTFkzSkYvUXBNd1RGQXVZL3FrWGVZbE4raGNQSVlGbldCbUdpSmRjb2JzNzhuWlVlSnFQeUxidVM3OXVDWE1qTnhiYllUc1lHY1h5NTVrc3dOVkkrZnk5UEh3T0VzbWZsM1NqZDlyTEcrR3VRLytxSm5aSWdTeVEiLCJtYWMiOiI2OTIwMDE3MDE0NzRlYzM5ZDk0NjQxZjU3N2VkZWI0MGU3YmQ4ZmQ5NGViNWFiMGZkOGY2MjZjNDIxZDZkMjQ1IiwidGFnIjoiIn0%3D; cf_clearance=DflsdVmiJqle.a7bywvXRXul59ZG4.uEsWlPhwiVj6w-1714577878-1.0.1.1-xGdWYSX5uTPI.8gTbXZa5d5jGI8zQFb.TsjpjtzD.SdMGvFXFNRDtsT_pY0V07aaWfGsbShO5dWtBdaPrGxb_w; adtech_uid=d6e9c416-d963-4df4-b329-660ddefb45a7%3Agoo.su; top100_id=t1.6673155.1061327371.1714577878501; t3_sid_6673155=s1.1395875033.1714577878503.1714577878503.1.1; last_visit=1714577878509%3A%3A1714577878509
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Wed, 01 May 2024 15:37:58 GMT
content-type: image/png
content-length: 1567
last-modified: Sun, 24 Dec 2023 16:31:41 GMT
etag: "65885ced-61f"
expires: Tue, 07 May 2024 20:21:06 GMT
cache-control: max-age=604800
cf-cache-status: HIT
age: 69412
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=QeLJQhc33yMZSWUqjVkH1hJVHWF9xvLBR2f%2FQ5Opm%2ByG0vZVU6nX%2FjUM5coGuZLi0iIThED5JbOrV%2F8F1Wh8pTTeNYprqvOvIzMiqVnh0rP2lCwhp2Yq0Bw%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87d0db1d99460afe-OSL
alt-svc: h3=":443"; ma=86400

GET goo.su/cdn-cgi/challenge-platform/h/g/scripts/jsd/d0ff3ebede6b/main.js

172.67.139.105

200 OK

15 kB

URL GET HTTP/3
goo.su/cdn-cgi/challenge-platform/h/g/scripts/jsd/d0ff3ebede6b/main.js
IP
172.67.139.105:443
ASN
#13335 CLOUDFLARENET

Requested by
https://goo.su/Cw4mR6O
Certificate
IssuerGoogle Trust Services LLC
Subjectgoo.su
FingerprintDE:C6:4D:AF:DC:06:3A:ED:C6:AF:B6:FD:D7:3A:E7:C4:A6:AB:A2:60
ValidityMon, 01 Apr 2024 06:02:27 GMT - Sun, 30 Jun 2024 06:02:26 GMT

File type
JavaScript source, ASCII text, with very long lines (7845), with no line terminators
Size
15 kB (14709 bytes)
Hash
ab45ae31c708f8ba289b146be4c923e4
82ea8d7e302148a29f008640a186953e11fdf004
132cd20619b5c18089516d8a5f136e09f4d5d9666eae19df26ae7a78df9ae9b9

HTTP Headers

GET /cdn-cgi/challenge-platform/h/g/scripts/jsd/d0ff3ebede6b/main.js HTTP/1.1
Host: goo.su
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: XSRF-TOKEN=eyJpdiI6ImdKeVRkNGIwM0dhRnZqdXVGUCticnc9PSIsInZhbHVlIjoiRHN2Rk9iR25ZeXdpTFdBbDdwaXU1RFVWd0VaMkljN2krWGM4WVBaUm9Qc1E2SnQwTU9hMmRlbGRVWmQ5TWRnbzkwSXVqcTZZeGtiNXR0UHVuVWliNDZUcDZvRUlzUXVLZSsrWG1HdThFQnFydTRQaVUzcmp5Q3VvTkoxcVExcDYiLCJtYWMiOiI4MjlkOTM1NDBlNzY1NGU1MzJlNDhhZjhjMzFjMDMwN2M1NjA4NjI2YmIyZDkxY2MyYzRkMzFkYzE3MTdiY2ZhIiwidGFnIjoiIn0%3D; goosu_session=eyJpdiI6IkVSRkRPbzd1VEkrcVNLdVJzQUxUREE9PSIsInZhbHVlIjoiNnludjhHTitaTFkzSkYvUXBNd1RGQXVZL3FrWGVZbE4raGNQSVlGbldCbUdpSmRjb2JzNzhuWlVlSnFQeUxidVM3OXVDWE1qTnhiYllUc1lHY1h5NTVrc3dOVkkrZnk5UEh3T0VzbWZsM1NqZDlyTEcrR3VRLytxSm5aSWdTeVEiLCJtYWMiOiI2OTIwMDE3MDE0NzRlYzM5ZDk0NjQxZjU3N2VkZWI0MGU3YmQ4ZmQ5NGViNWFiMGZkOGY2MjZjNDIxZDZkMjQ1IiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Wed, 01 May 2024 15:37:58 GMT
content-type: application/javascript; charset=UTF-8
vary: accept-encoding
cache-control: max-age=14400, public
x-content-type-options: nosniff
content-encoding: br
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=XbW7clnX0jhk%2BD2aV8Tda5oxcvdCci7U7CxbB0znN1aYIm2VaPixYbfxOfGe3pJwBNF%2FdN3D7NWMaQbjAI0jWhPgfupxgWkx4cT5wNYhOFEg%2BM2Q3q74Ny8%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87d0db1abf060afe-OSL
alt-svc: h3=":443"; ma=86400

GET st.top100.ru/top100/top100.js

81.19.89.18

200 OK

40 kB

URL GET HTTP/2
st.top100.ru/top100/top100.js
IP
81.19.89.18:443
ASN
#24638 Rambler Internet Holding LLC

Requested by
https://goo.su/Cw4mR6O
Certificate
IssuerGlobalSign nv-sa
Subject*.top100.ru
Fingerprint67:1D:AC:E1:B4:A0:6A:53:F1:28:8C:9E:68:9F:77:67:A2:55:01:F3
ValidityWed, 14 Feb 2024 08:25:42 GMT - Mon, 17 Mar 2025 08:25:41 GMT

File type
gzip compressed data, from Unix
Size
40 kB (40165 bytes)
Hash
1b08c67a2f3662946cfb2f89105e7c5c
32448cd92f058c147b9de58070e423148525b1e1
8fb78a54b6117725011a331b116457e5051ce3c3e3b5567ff49c412f91c9d021

HTTP Headers

GET /top100/top100.js HTTP/1.1
Host: st.top100.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://goo.su/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Wed, 01 May 2024 15:37:58 GMT
content-type: application/javascript
vary: Accept-Encoding
x-obs-request-id: 0000018F34C611E4A80426EE81E6EEF9
etag: W/"0e29947931decab2f885d8d5c6de8f32"
last-modified: Fri, 26 Apr 2024 10:03:47 GMT
x-obs-meta-s3cmd-attrs: atime:1714125662/ctime:1714125825/gid:0/gname:root/md5:0e29947931decab2f885d8d5c6de8f32/mode:33188/mtime:1714125662/uid:0/uname:root
x-obs-tagging-count: 0
x-obs-id-2: 32AAAQAAEAABAAAQAAEAABAAAQAAEAABCSPjgBLVzMjtOCZx7y+3c0P/LjnTelhv
expires: Wed, 01 May 2024 16:37:58 GMT
cache-control: max-age=3600
set-cookie: proto_uid=1CIAANZhMmatvh2VAa2g0wB=; expires=Thu, 31-Dec-37 23:55:55 GMT; domain=.rambler.ru; path=/
p3p: CP="NON DSP NID ADMa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
content-encoding: gzip
X-Firefox-Spdy: h2

GET viidey.click/gfhfghtrgfnfg.html

185.199.108.153

200 OK

1.2 kB

URL User Request GET HTTP/2
viidey.click/gfhfghtrgfnfg.html
IP
185.199.108.153:443
ASN
#54113 FASTLY

Certificate
IssuerLet's Encrypt
Subjectviidey.click
Fingerprint61:82:93:76:76:FA:7E:E0:0B:CD:58:1C:30:7D:FC:B2:D0:E8:58:AD
ValidityWed, 01 May 2024 13:14:51 GMT - Tue, 30 Jul 2024 13:14:50 GMT

File type
HTML document, Unicode text, UTF-8 text
Size
1.2 kB (1159 bytes)
Hash
7c3f1c896d07a6062583f06a7e411f01
808a4d86b548f46eff59aad3ebe4d5a38b8aefb5
9650dbcd45d15bcad20baeef3f7f1da20e1f983812f6e6f4e5a17ef3d34cf3fc

HTTP Headers

GET /gfhfghtrgfnfg.html HTTP/1.1
Host: viidey.click
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://goo.su/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: GitHub.com
content-type: text/html; charset=utf-8
x-origin-cache: HIT
last-modified: Wed, 01 May 2024 15:05:33 GMT
access-control-allow-origin: *
etag: W/"66325a3d-a42"
expires: Wed, 01 May 2024 15:48:03 GMT
cache-control: max-age=600
content-encoding: gzip
x-proxy-cache: MISS
x-github-request-id: 18B0:32B785:F1A8A1:F7F7AF:663261DA
accept-ranges: bytes
age: 0
date: Wed, 01 May 2024 15:38:03 GMT
via: 1.1 varnish
x-served-by: cache-hel1410032-HEL
x-cache: MISS
x-cache-hits: 0
x-timer: S1714577883.331733,VS0,VE123
vary: Accept-Encoding
x-fastly-request-id: 528314b7c3875d5c971f3b282649dd2daf19808a
content-length: 1159
X-Firefox-Spdy: h2

GET cdn.videy.co/bihmApzp.mp4

104.21.235.106

206 Partial Content

26 kB

URL GET HTTP/2
cdn.videy.co/bihmApzp.mp4
IP
104.21.235.106:443
ASN
#13335 CLOUDFLARENET

Requested by
https://viidey.click/gfhfghtrgfnfg.html
Certificate
IssuerCloudflare, Inc.
Subjectcdn.videy.co
FingerprintAA:09:42:65:EF:00:EB:69:FD:D6:8C:E9:49:CD:E1:9F:C9:7E:68:E1
ValidityFri, 01 Sep 2023 00:00:00 GMT - Fri, 30 Aug 2024 23:59:59 GMT

File type
data
Size
26 kB (26532 bytes)
Hash
c900c4df397792d557b55cf7de1723a2
c8de878e7da05676945242735d19f245d09d179e
4915294a211e55cb37d583dda7fee7686e916bbc4a427b7231162aba57bebf9e

HTTP Headers

GET /bihmApzp.mp4 HTTP/1.1
Host: cdn.videy.co
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: video/webm,video/ogg,video/*;q=0.9,application/ogg;q=0.7,audio/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=2129920-
DNT: 1
Connection: keep-alive
Referer: https://viidey.click/
Sec-Fetch-Dest: video
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Accept-Encoding: identity
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 206 Partial Content
date: Wed, 01 May 2024 15:38:03 GMT
content-type: video/mp4
content-length: 26532
etag: "0461dd05812d1428d888eb6feae5c56a"
last-modified: Sun, 28 Apr 2024 22:15:09 GMT
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: HIT
age: 8
content-range: bytes 2129920-2156451/2156452
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=7XvrDY7W0TeDa1qH9rd6TQD%2FZdGu7M7S7eQvW6EEF1PoxBWwEKAUa6BdV6%2FrCisABXT4T9jD36G4MaimyXkIIxkFDA8MwM3EteVTKRVIXWtqy9Fe%2FB9jcq12JSBOFlc%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87d0db3e6e936421-LHR
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

GET viidey.click/favicon.ico

185.199.108.153

404 Not Found

5.3 kB

URL GET HTTP/2
viidey.click/favicon.ico
IP
185.199.108.153:443
ASN
#54113 FASTLY

Requested by
https://viidey.click/gfhfghtrgfnfg.html
Certificate
IssuerLet's Encrypt
Subjectviidey.click
Fingerprint61:82:93:76:76:FA:7E:E0:0B:CD:58:1C:30:7D:FC:B2:D0:E8:58:AD
ValidityWed, 01 May 2024 13:14:51 GMT - Tue, 30 Jul 2024 13:14:50 GMT

File type
HTML document, ASCII text, with very long lines (3909)
Size
5.3 kB (5254 bytes)
Hash
c1f9838a645648cb3b25359f7890a288
0cf12d25140e329bcb4c304feefce63f8f0ba7b3
b620507312c5e97566a3c6cfaf99144fefc18a0da7d941401dfa0f5f58fb0368

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: viidey.click
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://viidey.click/gfhfghtrgfnfg.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 404 Not Found
server: GitHub.com
content-type: text/html; charset=utf-8
access-control-allow-origin: *
etag: W/"64d39a40-24a3"
content-security-policy: default-src 'none'; style-src 'unsafe-inline'; img-src data:; connect-src 'self'
content-encoding: gzip
x-proxy-cache: MISS
x-github-request-id: 1A64:36C0D4:F1A2D9:F7F5CC:663261DC
accept-ranges: bytes
date: Wed, 01 May 2024 15:38:04 GMT
via: 1.1 varnish
age: 0
x-served-by: cache-hel1410032-HEL
x-cache: MISS
x-cache-hits: 0
x-timer: S1714577884.060351,VS0,VE156
vary: Accept-Encoding
x-fastly-request-id: 178de8c6a62f0ad5320b053885e777f96f9481e4
content-length: 5254
X-Firefox-Spdy: h2

GET t.dtscout.com/i/?l=https%3A%2F%2Fviidey.click%2Fgfhfghtrgfnfg.html&j=https%3A%2F%2Fgoo.su%2F

141.101.120.10

200 OK

9.9 kB

URL GET HTTP/2
t.dtscout.com/i/?l=https%3A%2F%2Fviidey.click%2Fgfhfghtrgfnfg.html&j=https%3A%2F%2Fgoo.su%2F
IP
141.101.120.10:443
ASN
#13335 CLOUDFLARENET

Requested by
https://viidey.click/gfhfghtrgfnfg.html
Certificate
IssuerGoogle Trust Services LLC
Subjectdtscout.com
Fingerprint69:9E:FB:2A:E2:0B:6B:60:8A:15:AF:4F:5A:3D:94:5B:68:70:F4:21
ValiditySun, 17 Mar 2024 14:35:30 GMT - Sat, 15 Jun 2024 14:35:29 GMT

File type
ASCII text, with very long lines (2077)
Size
9.9 kB (9938 bytes)
Hash
51bd741af3fcc4984d1a753eebfa1141
534664acf69cbbb5c9b97c96b63dd37bdc580da2
3e9c8e5dcf3cbff9e1b7211551a31fe388f1b8e607fd78a0a34855be65da721c

HTTP Headers

GET /i/?l=https%3A%2F%2Fviidey.click%2Fgfhfghtrgfnfg.html&j=https%3A%2F%2Fgoo.su%2F HTTP/1.1
Host: t.dtscout.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://viidey.click/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Wed, 01 May 2024 15:38:04 GMT
content-type: application/javascript
x-s: mtl1
set-cookie: m=1; Domain=dtscout.com; Expires=Wed, 01-May-2024 17:01:23 GMT; Max-Age=5000; Path=/; SameSite=None; Secure
oa=1; Domain=dtscout.com; Expires=Wed, 01-May-2024 19:38:03 GMT; Max-Age=14400; Path=/; SameSite=None; Secure
df=1714577883; Domain=dtscout.com; Expires=Fri, 09-Aug-2024 15:38:03 GMT; Max-Age=8640000; Path=/; SameSite=None; Secure
x-t: 0.254
expires: Wed, 01 May 2024 15:38:02 GMT
cache-control: no-cache
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=1Pteravo%2Fk6jJS%2F60mR3B%2BvLnu2P6hA6XbQFyVCTAlKz%2Ba6Wvv6MxlvHv5hDhtIw4U2c7f9FwxyB5xgPQcYSf4WNjKsN7MJX0oOCwMmdq%2F8kU1RIGoz%2BXYT8NoX5R8k%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87d0db3dde1a8d8c-HEL
content-encoding: br
X-Firefox-Spdy: h2

GET richinfo.co/richpartners/push/js/rp-cl-ob.js?pubid=883146&siteid=330256&niche=33

109.200.199.111

200 OK

97 kB

URL GET HTTP/2
richinfo.co/richpartners/push/js/rp-cl-ob.js?pubid=883146&siteid=330256&niche=33
IP
109.200.199.111:443
ASN
#49544 i3D.net B.V

Requested by
https://goo.su/Cw4mR6O
Certificate
IssuerLet's Encrypt
Subjectrichinfo.co
Fingerprint25:29:37:EE:41:C6:34:D2:D5:4C:10:A7:3F:D7:C5:E4:2E:7D:3B:2D
ValidityMon, 25 Mar 2024 13:05:17 GMT - Sun, 23 Jun 2024 13:05:16 GMT

File type

Size
97 kB (96639 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /richpartners/push/js/rp-cl-ob.js?pubid=883146&siteid=330256&niche=33 HTTP/1.1
Host: richinfo.co
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://goo.su/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: openresty/1.21.4.1
date: Wed, 01 May 2024 15:37:58 GMT
content-type: application/x-javascript
x-amz-id-2: o7IYAWzPbAyyrswvuYzNP+bGi6jsPgdkc19ZLzTOfog/gvCo9wRkmXRoN/cjoKF3BU5wW2CB4U0=
x-amz-request-id: KC00K89KBCFTQ0XP
last-modified: Wed, 10 Apr 2024 13:16:50 GMT
etag: W/"48e0c66e13f063ffe401a275add23665"
x-amz-server-side-encryption: AES256
content-encoding: gzip
X-Firefox-Spdy: h2

GET waust.at/d.js

104.26.4.7

200 OK

15 kB

URL GET HTTP/2
waust.at/d.js
IP
104.26.4.7:443
ASN
#13335 CLOUDFLARENET

Requested by
https://viidey.click/gfhfghtrgfnfg.html
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
FingerprintA4:3D:6E:A9:C7:6B:CD:4B:7B:04:51:4F:D1:D7:10:2D:12:92:F9:58
ValiditySun, 04 Jun 2023 00:00:00 GMT - Mon, 03 Jun 2024 23:59:59 GMT

File type
JavaScript source, ASCII text, with very long lines (14706), with no line terminators
Size
15 kB (14706 bytes)
Hash
38cdedd658fa41770f607c0b117c1f82
3f3c9c6c330ab649e27ec56a8d852e9d41b0edf4
951feaddb6ad45bcc58fee7033004366978150e8f2927692781c3e2755c7c15c

HTTP Headers

GET /d.js HTTP/1.1
Host: waust.at
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://viidey.click/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Wed, 01 May 2024 15:38:03 GMT
content-type: application/x-javascript
last-modified: Thu, 12 Jan 2023 17:19:30 GMT
etag: W/"63c04122-3972"
expires: Thu, 02 May 2024 14:40:35 GMT
cache-control: max-age=86400
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
cf-cache-status: HIT
age: 3448
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=XsF7BtLJ0U2mCFzf6%2Bpfqq9eUcy2QDngH%2FF59Q2R0qFfWjjWTFhD5mephO28M4cBv1yr5oTOrnQoVwltIcVzybZAtR1Q5upDWEka6g5gzfUdE1Rs6NOScOum"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87d0db3cdbb8b523-OSL
content-encoding: br
X-Firefox-Spdy: h2

GET t.dtscout.com/pv/?_a=v&_h=viidey.click&_ss=6k9ozhjf1d&_pv=1&_ls=0&_u1=1&_u3=1&_cc=no&_pl=d&_cbid=xu4r&_cb=_dtspv.c

141.101.120.10

200 OK

51 B

URL GET HTTP/2
t.dtscout.com/pv/?_a=v&_h=viidey.click&_ss=6k9ozhjf1d&_pv=1&_ls=0&_u1=1&_u3=1&_cc=no&_pl=d&_cbid=xu4r&_cb=_dtspv.c
IP
141.101.120.10:443
ASN
#13335 CLOUDFLARENET

Requested by
https://viidey.click/gfhfghtrgfnfg.html
Certificate
IssuerGoogle Trust Services LLC
Subjectdtscout.com
Fingerprint69:9E:FB:2A:E2:0B:6B:60:8A:15:AF:4F:5A:3D:94:5B:68:70:F4:21
ValiditySun, 17 Mar 2024 14:35:30 GMT - Sat, 15 Jun 2024 14:35:29 GMT

File type
ASCII text, with no line terminators
Size
51 B (51 bytes)
Hash
59eb026efdcf8225f2a5b35d0a4b68a7
892a44feb107bc90b5a83303f8fbcbe6e081833a
431e7b9a1cac013caa375bf216a70c78fbda278c27d822eeef0cebcb5a0915be

HTTP Headers

GET /pv/?_a=v&_h=viidey.click&_ss=6k9ozhjf1d&_pv=1&_ls=0&_u1=1&_u3=1&_cc=no&_pl=d&_cbid=xu4r&_cb=_dtspv.c HTTP/1.1
Host: t.dtscout.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://viidey.click/
Cookie: m=1; oa=1; df=1714577883
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Wed, 01 May 2024 15:38:04 GMT
content-type: application/javascript
x-t: 0.163
x-c: 0
expires: Wed, 01 May 2024 15:38:03 GMT
cache-control: no-cache
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=TD63f9RIOWiEoX2jmGG9fHI%2FFaiht0aVem5SoP9Vgj2SSBZ%2ByrSQFECiD5M7DHbu%2F6bPrZpXmS9ol1JX699mODr%2Fys2dkg3Gs50cbeVROQNzYxcT17PVBSunAQ3oLxY%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87d0db3f9f3c8d8c-HEL
content-encoding: br
X-Firefox-Spdy: h2

GET fonts.googleapis.com/css?family=Open%20Sans:400&display=swap

142.250.74.170

200 OK

6.0 kB

URL GET HTTP/2
fonts.googleapis.com/css?family=Open%20Sans:400&display=swap
IP
142.250.74.170:443
ASN
#15169 GOOGLE

Requested by
https://goo.su/Cw4mR6O
Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint5F:6D:48:87:16:89:1E:A5:57:29:92:8B:34:BD:F2:92:0C:7F:F2:50
ValidityMon, 08 Apr 2024 07:32:03 GMT - Mon, 01 Jul 2024 07:32:02 GMT

File type
ASCII text, with very long lines (6096), with no line terminators
Size
6.0 kB (5996 bytes)
Hash
7e18a097b51eb70d0d781735844b6897
bee01b4d68b934b8a85650c2edd6e0b51fd961b8
4eadd38b698cc5058bc6909316f68e23ad7784bcde595476b27b47a652ff83f0

HTTP Headers

GET /css?family=Open%20Sans:400&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://goo.su/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Wed, 01 May 2024 15:37:57 GMT
date: Wed, 01 May 2024 15:37:57 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

GET fonts.googleapis.com/css?family=Roboto:400&display=swap

142.250.74.170

200 OK

2.3 kB

URL GET HTTP/2
fonts.googleapis.com/css?family=Roboto:400&display=swap
IP
142.250.74.170:443
ASN
#15169 GOOGLE

Requested by
https://goo.su/Cw4mR6O
Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint5F:6D:48:87:16:89:1E:A5:57:29:92:8B:34:BD:F2:92:0C:7F:F2:50
ValidityMon, 08 Apr 2024 07:32:03 GMT - Mon, 01 Jul 2024 07:32:02 GMT

File type
ASCII text, with very long lines (2379), with no line terminators
Size
2.3 kB (2316 bytes)
Hash
03278c047a3192f4a25c4644284d910b
61fc733be8553b3e6d9847d43b4bef84b5ae947d
d5e8a5e5b7bfea2764abadded25ab112a034543a2315c942bb9fd3cbe7ece8fb

HTTP Headers

GET /css?family=Roboto:400&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://goo.su/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Wed, 01 May 2024 15:37:57 GMT
date: Wed, 01 May 2024 15:37:57 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

GET st.top100.ru/top100/3.16.5/usability.js

81.19.89.18

200 OK

15 kB

URL GET HTTP/2
st.top100.ru/top100/3.16.5/usability.js
IP
81.19.89.18:443
ASN
#24638 Rambler Internet Holding LLC

Requested by
https://goo.su/Cw4mR6O
Certificate
IssuerGlobalSign nv-sa
Subject*.top100.ru
Fingerprint67:1D:AC:E1:B4:A0:6A:53:F1:28:8C:9E:68:9F:77:67:A2:55:01:F3
ValidityWed, 14 Feb 2024 08:25:42 GMT - Mon, 17 Mar 2025 08:25:41 GMT

File type
JavaScript source, ASCII text, with very long lines (14616), with no line terminators
Size
15 kB (14616 bytes)
Hash
c01593ee181ba9c66dea9fda43185a3a
81ab1b96d42c79b86b3274d4ab9672c9949af26b
999b77df76fb3335febe10f6926ef846882e1b9c669322ae3b3f6e314c6f022d

HTTP Headers

GET /top100/3.16.5/usability.js HTTP/1.1
Host: st.top100.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://goo.su/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Wed, 01 May 2024 15:37:58 GMT
content-type: application/javascript
vary: Accept-Encoding
x-obs-request-id: 0000018F34CD616DB027CE4DBC7F5802
etag: W/"c01593ee181ba9c66dea9fda43185a3a"
last-modified: Fri, 26 Apr 2024 10:03:47 GMT
x-obs-meta-s3cmd-attrs: atime:1714125662/ctime:1714125825/gid:0/gname:root/md5:c01593ee181ba9c66dea9fda43185a3a/mode:33188/mtime:1714125662/uid:0/uname:root
x-obs-tagging-count: 0
x-obs-id-2: 32AAAQAAEAABAAAQAAEAABAAAQAAEAABCSy2/febEV8/FU7IVjcqF66+4CwArrG/
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
set-cookie: proto_uid=1CIAANZhMmatvh2VAbug0wB=; expires=Thu, 31-Dec-37 23:55:55 GMT; domain=.rambler.ru; path=/
p3p: CP="NON DSP NID ADMa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
content-encoding: gzip
X-Firefox-Spdy: h2

GET goo.su/img/favicons/apple-touch-icon.png

172.67.139.105

200 OK

11 kB

URL GET HTTP/3
goo.su/img/favicons/apple-touch-icon.png
IP
172.67.139.105:443
ASN
#13335 CLOUDFLARENET

Requested by
https://goo.su/Cw4mR6O
Certificate
IssuerGoogle Trust Services LLC
Subjectgoo.su
FingerprintDE:C6:4D:AF:DC:06:3A:ED:C6:AF:B6:FD:D7:3A:E7:C4:A6:AB:A2:60
ValidityMon, 01 Apr 2024 06:02:27 GMT - Sun, 30 Jun 2024 06:02:26 GMT

File type
PNG image data, 180 x 180, 8-bit/color RGB, non-interlaced
Size
11 kB (10926 bytes)
Hash
dc1648f034a8879145ce2db071bdc305
28dfdc4f3f97f00e54528685427a83974cb04a81
7c51dc3139a5a8a07e00884f6558ed62511359803bcb4123668b8e0ccab896c7

HTTP Headers

GET /img/favicons/apple-touch-icon.png HTTP/1.1
Host: goo.su
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://goo.su/Cw4mR6O
Cookie: XSRF-TOKEN=eyJpdiI6ImdKeVRkNGIwM0dhRnZqdXVGUCticnc9PSIsInZhbHVlIjoiRHN2Rk9iR25ZeXdpTFdBbDdwaXU1RFVWd0VaMkljN2krWGM4WVBaUm9Qc1E2SnQwTU9hMmRlbGRVWmQ5TWRnbzkwSXVqcTZZeGtiNXR0UHVuVWliNDZUcDZvRUlzUXVLZSsrWG1HdThFQnFydTRQaVUzcmp5Q3VvTkoxcVExcDYiLCJtYWMiOiI4MjlkOTM1NDBlNzY1NGU1MzJlNDhhZjhjMzFjMDMwN2M1NjA4NjI2YmIyZDkxY2MyYzRkMzFkYzE3MTdiY2ZhIiwidGFnIjoiIn0%3D; goosu_session=eyJpdiI6IkVSRkRPbzd1VEkrcVNLdVJzQUxUREE9PSIsInZhbHVlIjoiNnludjhHTitaTFkzSkYvUXBNd1RGQXVZL3FrWGVZbE4raGNQSVlGbldCbUdpSmRjb2JzNzhuWlVlSnFQeUxidVM3OXVDWE1qTnhiYllUc1lHY1h5NTVrc3dOVkkrZnk5UEh3T0VzbWZsM1NqZDlyTEcrR3VRLytxSm5aSWdTeVEiLCJtYWMiOiI2OTIwMDE3MDE0NzRlYzM5ZDk0NjQxZjU3N2VkZWI0MGU3YmQ4ZmQ5NGViNWFiMGZkOGY2MjZjNDIxZDZkMjQ1IiwidGFnIjoiIn0%3D; cf_clearance=DflsdVmiJqle.a7bywvXRXul59ZG4.uEsWlPhwiVj6w-1714577878-1.0.1.1-xGdWYSX5uTPI.8gTbXZa5d5jGI8zQFb.TsjpjtzD.SdMGvFXFNRDtsT_pY0V07aaWfGsbShO5dWtBdaPrGxb_w; adtech_uid=d6e9c416-d963-4df4-b329-660ddefb45a7%3Agoo.su; top100_id=t1.6673155.1061327371.1714577878501; t3_sid_6673155=s1.1395875033.1714577878503.1714577878503.1.1; last_visit=1714577878509%3A%3A1714577878509
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Wed, 01 May 2024 15:37:58 GMT
content-type: image/png
content-length: 10926
last-modified: Sun, 24 Dec 2023 16:31:41 GMT
etag: "65885ced-2aae"
expires: Tue, 07 May 2024 20:54:43 GMT
cache-control: max-age=604800
cf-cache-status: HIT
age: 67395
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ULvV9zmHawQJs%2FKs%2FbJ%2FxfK5v%2FOtrmer%2B%2B5C0kCWCjJyy3Lgsjqx9nldwE6ssKgnc1iD820iZ2%2FS%2B5UT%2FesuuXkyVSf8QD7c3VzhuaODhmGxWgQWqc112yc%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87d0db1d99440afe-OSL
alt-svc: h3=":443"; ma=86400

Report Overview

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (6)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

Observations

Hash

HTTP Transactions (22)

URL GET HTTP/3

IP

ASN

Requested by

Certificate

File type

Size

Hash

HTTP Headers

URL User Request GET HTTP/2

IP

ASN

Certificate

File type

Size

Hash

HTTP Headers

URL GET HTTP/3

IP

ASN

Requested by

Certificate

File type

Size

Hash

HTTP Headers

URL GET HTTP/1.1

IP

ASN