r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 20d267853e48ef7d476459ed67da5d97
06d1bd08efd69c0e93486d3c423fa2640f372d29
24323cd45ca2ed01c63f908233d9b2ad5bb6f63394884c45bf6abb0221d0edd6
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "24323CD45CA2ED01C63F908233D9B2AD5BB6F63394884C45BF6ABB0221D0EDD6"
Last-Modified: Fri, 20 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9626
Expires: Sun, 22 Jan 2023 11:16:24 GMT
Date: Sun, 22 Jan 2023 08:35:58 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 4714c95a0c854e38f9be444f9343bf14
07ce5eb635448f2b3bafbe51e4dfeef47cdf4f7b
4d47e08c9afb704096e93a51f6e95c0dc7c7bc31e67ded39998ff37ed56e0965
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4D47E08C9AFB704096E93A51F6E95C0DC7C7BC31E67DED39998FF37ED56E0965"
Last-Modified: Sat, 21 Jan 2023 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9308
Expires: Sun, 22 Jan 2023 11:11:06 GMT
Date: Sun, 22 Jan 2023 08:35:58 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash ff250d3ef3fa45322bf05039a0122a9f
b3e7a2c383bce1bab807dbe1a03c375258b51f1d
d07f109a96e0ae6ec7b1d46ce8761b3f06fe845769ce65d69e053dd40aa561ba
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Alert, Content-Type, Content-Length, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Sun, 22 Jan 2023 07:42:30 GMT
content-type: application/json
age: 3208
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 38c102db4bcfb9c4fb19174986950fd3
51c2cc8a3aca4da5c9ab3438467c29203fc0b0c3
dad6b64bc9f4dd827471ccc2e5273fceee574685376083aaa80f9d2f918037f2
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "DAD6B64BC9F4DD827471CCC2E5273FCEEE574685376083AAA80F9D2F918037F2"
Last-Modified: Fri, 20 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=19096
Expires: Sun, 22 Jan 2023 13:54:14 GMT
Date: Sun, 22 Jan 2023 08:35:58 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 7b922915ebf1fa3639b333f994c74f24
144a3f80b98fd0652d4614f24cf6cbbee40f8938
adbb3e06df0e870f5c7a9cb81e8979d4e92735853d75c9b779c06470d4db5d9c
GET /chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: Y6yskyqbBgHc5h+Iso5J20I1q3ReB334GBI0rNW8KXtPkM1zJKR/T2wP0HQQLT7l+JriIl4GCxI=
x-amz-request-id: A2FZSM0CDAWBTBZY
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sun, 22 Jan 2023 07:47:12 GMT
age: 2926
last-modified: Mon, 09 Jan 2023 18:04:21 GMT
etag: "7b922915ebf1fa3639b333f994c74f24"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sun, 22 Jan 2023 08:35:58 GMT
content-type: application/json
content-length: 12
access-control-expose-headers: content-type
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash 032ea16a79a95a9f16a60674c5f3ad5c
daea213df10fabce0cd857bcd4f3e64dd1293fad
4637cdfefc8df89f6f6cc042daa30247921cbd001bd16484b18c384f1e7b9781
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 22 Jan 2023 08:35:58 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash 032ea16a79a95a9f16a60674c5f3ad5c
daea213df10fabce0cd857bcd4f3e64dd1293fad
4637cdfefc8df89f6f6cc042daa30247921cbd001bd16484b18c384f1e7b9781
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 22 Jan 2023 08:35:58 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash 032ea16a79a95a9f16a60674c5f3ad5c
daea213df10fabce0cd857bcd4f3e64dd1293fad
4637cdfefc8df89f6f6cc042daa30247921cbd001bd16484b18c384f1e7b9781
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 22 Jan 2023 08:35:58 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 471 B IP 216.58.211.3:0
Hash 25d59e4444b16818a49fec7128c90dcd
ea263f33790881a01e317fa03d935f7109523e41
22e26ea1917d1a0fed0b2af636f1baecb59768b0f85c9ab6b1c37d45e84dfa2d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 22 Jan 2023 08:35:58 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 471 B IP 216.58.211.3:0
Hash 25d59e4444b16818a49fec7128c90dcd
ea263f33790881a01e317fa03d935f7109523e41
22e26ea1917d1a0fed0b2af636f1baecb59768b0f85c9ab6b1c37d45e84dfa2d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 22 Jan 2023 08:35:58 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
142.250.74.35200 OK 48 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
IP 142.250.74.35:0
Hash 2026dd1c6c6d455b18cae237048bcdde
a92018a06573e31f2c4f1679ffc94bfa81b9495c
1dbb8b1fd26e7065d50335855c048ba43bf4d2fdecc81a97ef2221ffd4dfeb84
GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://goo.su
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15744
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 18 Jan 2023 19:33:54 GMT
expires: Thu, 18 Jan 2024 19:33:54 GMT
cache-control: public, max-age=31536000
age: 306124
last-modified: Wed, 11 May 2022 19:24:48 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/opensans/v34/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4gaVI.woff2
142.250.74.35200 OK 17 kB URL HTTP/2 fonts.gstatic.com/s/opensans/v34/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4gaVI.woff2
IP 142.250.74.35:0
File type Web Open Font Format (Version 2), TrueType, length 16740, version 1.0\012- data
Hash e43b535855a4ae53bd5b07a6eeb3bf67
6507312d9491156036316484bf8dc41e8b52ddd9
b34551ae25916c460423b82beb8e0675b27f76a9a2908f18286260fbd6de6681
GET /s/opensans/v34/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4gaVI.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://goo.su
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 16740
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 16 Jan 2023 18:52:55 GMT
expires: Tue, 16 Jan 2024 18:52:55 GMT
cache-control: public, max-age=31536000
age: 481383
last-modified: Mon, 15 Aug 2022 18:14:44 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 471 B IP 216.58.211.3:0
Hash 25d59e4444b16818a49fec7128c90dcd
ea263f33790881a01e317fa03d935f7109523e41
22e26ea1917d1a0fed0b2af636f1baecb59768b0f85c9ab6b1c37d45e84dfa2d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 22 Jan 2023 08:35:58 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 2d381f69c430ba87c707c944cb9745f9
b43bd45573dc23acd9355b15e3dade21e97b7497
d5b71573f9deae0f7ad6313f97292fdeb0deb1e1e675ed1cad865a9e092f807d
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 807
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 22 Jan 2023 08:35:59 GMT
Last-Modified: Sun, 22 Jan 2023 08:22:32 GMT
Server: ECS (ska/F714)
X-Cache: HIT
Content-Length: 471
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Expires, Last-Modified, Alert, Content-Type, Content-Length, ETag, Pragma, Cache-Control, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Sun, 22 Jan 2023 08:17:30 GMT
age: 1109
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash 5074bfa38808c4a0f18b00a601cfef53
ffc0c526e49251605b2c95d0d1d595f9c702cd9a
6262e4155e8fbf18388f2f38c8e65cb87db94dae66d1dbbd329b4973d8b243df
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 22 Jan 2023 08:35:59 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.globalsign.com/gseccovsslca2018
104.18.21.226200 OK 939 B URL HTTP/1.1 ocsp.globalsign.com/gseccovsslca2018
IP 104.18.21.226:0
Hash 42bac64ad6b5e3de720da0de8adeb952
ae40d36b55969a75abcc5bbff77b7b36fbfe72b2
6a0ff0304fb93ae704b846ceb73f1d3ebe084dfcf1a8e2ccdc43fcd2253b30c2
POST /gseccovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 22 Jan 2023 08:35:59 GMT
Content-Type: application/ocsp-response
Content-Length: 939
Connection: keep-alive
Expires: Thu, 26 Jan 2023 04:52:44 GMT
ETag: "ae40d36b55969a75abcc5bbff77b7b36fbfe72b2"
Last-Modified: Sun, 22 Jan 2023 04:52:45 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 3139
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 78d6f596ce1db515-OSL
ocsp2.globalsign.com/gsalphasha2g2
104.18.21.226200 OK 1.4 kB URL HTTP/1.1 ocsp2.globalsign.com/gsalphasha2g2
IP 104.18.21.226:0
Hash 0cdef366624b700409d081cfae53e34a
80269a54a2949adf66bf99a83508bba3d87432f3
da7ceaaca858db9b468e3ac1d08179ab480bdb0959f284716bbd422b263c82ec
POST /gsalphasha2g2 HTTP/1.1
Host: ocsp2.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 22 Jan 2023 08:35:59 GMT
Content-Type: application/ocsp-response
Content-Length: 1423
Connection: keep-alive
Expires: Thu, 26 Jan 2023 06:58:44 GMT
ETag: "80269a54a2949adf66bf99a83508bba3d87432f3"
Last-Modified: Sun, 22 Jan 2023 06:58:45 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 287
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 78d6f596ccfd1c16-OSL
fonts.googleapis.com/css?family=Open%20Sans:400&display=swap
142.250.74.138200 OK 1.6 kB URL HTTP/2 fonts.googleapis.com/css?family=Open%20Sans:400&display=swap
IP 142.250.74.138:0
Hash 2692e33839baea69673ce9b12bb539eb
6f6cf16a6c767a046f9f999d9b92ad243a059df0
8973b09338337ec3111524a76f7b232e1eaed5f553d2556f4d17c7b306888eb6
GET /css?family=Open%20Sans:400&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://goo.su/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sun, 22 Jan 2023 08:35:58 GMT
date: Sun, 22 Jan 2023 08:35:58 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-4358137683029217
216.58.211.2200 OK 50 kB URL HTTP/2 pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-4358137683029217
IP 216.58.211.2:0
File type ASCII text, with very long lines (4879)
Hash 42ee09b77f76d9f5c7b8044785a74b5e
14989000decedd58b2bec607bc24083ba79a5014
b9db30441f29eb9782d743457f338e60dafa2fd10c9b5cbe21d5a3579d384dce
GET /pagead/js/adsbygoogle.js?client=ca-pub-4358137683029217 HTTP/1.1
Host: pagead2.googlesyndication.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://goo.su
Connection: keep-alive
Referer: https://goo.su/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Sun, 22 Jan 2023 08:35:59 GMT
expires: Sun, 22 Jan 2023 08:35:59 GMT
cache-control: private, max-age=3600
content-type: text/javascript; charset=UTF-8
etag: 4780504189931768346
access-control-allow-origin: *
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 49614
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
counter.yadro.ru/hit?t44.11;r;s1280*1024*24;uhttps%3A//goo.su/jYgQrdi;hRedirecting...;0.9861109030527023
88.212.201.198200 OK 132 B URL HTTP/1.1 counter.yadro.ru/hit?t44.11;r;s1280*1024*24;uhttps%3A//goo.su/jYgQrdi;hRedirecting...;0.9861109030527023
IP 88.212.201.198:0
ASN #39134 United Network LLC
File type GIF image data, version 87a, 31 x 31\012- data
Hash 099e70b2712eaea2a982b474b20a0a80
e3ce99d03d1ae5dc89050a8287f7c390374dd2cb
e10cd8d343f9c37e3500c69d92f7ac7e78b6c7df29a2ace8cffe71bfa494e8c9
GET /hit?t44.11;r;s1280*1024*24;uhttps%3A//goo.su/jYgQrdi;hRedirecting...;0.9861109030527023 HTTP/1.1
Host: counter.yadro.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://goo.su/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.9
Date: Sun, 22 Jan 2023 08:35:59 GMT
Content-Type: image/gif
Content-Length: 132
Connection: keep-alive
Expires: Fri, 21 Jan 2022 21:00:00 GMT
Pragma: no-cache
Cache-control: no-cache
Access-Control-Allow-Origin: *
Strict-Transport-Security: max-age=86400
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash 5074bfa38808c4a0f18b00a601cfef53
ffc0c526e49251605b2c95d0d1d595f9c702cd9a
6262e4155e8fbf18388f2f38c8e65cb87db94dae66d1dbbd329b4973d8b243df
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 22 Jan 2023 08:35:59 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.globalsign.com/gseccovsslca2018
104.18.21.226200 OK 939 B URL HTTP/1.1 ocsp.globalsign.com/gseccovsslca2018
IP 104.18.21.226:0
Hash 92f7388d5f261ff9240fd0964787321e
8b2387294ab45025c6f04451b5011c630f735ebd
6faebfe566a8a8da426411fc7a4b6e63771b07ec3a30717941572778d6272d4b
POST /gseccovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 22 Jan 2023 08:35:59 GMT
Content-Type: application/ocsp-response
Content-Length: 939
Connection: keep-alive
Expires: Thu, 26 Jan 2023 05:08:03 GMT
ETag: "8b2387294ab45025c6f04451b5011c630f735ebd"
Last-Modified: Sun, 22 Jan 2023 05:08:04 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 2195
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 78d6f5975eb2b515-OSL
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash fc96297d0b59147e8f6052b16f1ca13f
23aeddfa143bb9be19b2ed06f2024a3a8aa120ce
034327c6ada560c662f451f3c95cd8531482d4ab51629e95875fab54c8f3e49a
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 637
Cache-Control: max-age=88886
Content-Type: application/ocsp-response
Date: Sun, 22 Jan 2023 08:35:59 GMT
Etag: "63cbab28-1d7"
Expires: Mon, 23 Jan 2023 09:17:25 GMT
Last-Modified: Sat, 21 Jan 2023 09:06:48 GMT
Server: ECS (ska/F714)
X-Cache: HIT
Content-Length: 471
ocsp.globalsign.com/gsgccr3dvtlsca2020
104.18.21.226200 OK 1.4 kB URL HTTP/1.1 ocsp.globalsign.com/gsgccr3dvtlsca2020
IP 104.18.21.226:0
Hash f824463347d267f88a90e2c719e116e3
49bb49694edd280222189c18995227e368a4670c
b30f6131c506a99cb40733e5435e04fb7c7cfd9edecf7f8a4ca1f1c6f7279bfd
POST /gsgccr3dvtlsca2020 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 22 Jan 2023 08:35:59 GMT
Content-Type: application/ocsp-response
Content-Length: 1414
Connection: keep-alive
Expires: Thu, 26 Jan 2023 06:38:12 GMT
ETag: "49bb49694edd280222189c18995227e368a4670c"
Last-Modified: Sun, 22 Jan 2023 06:38:13 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 1224
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 78d6f597ff5cb515-OSL
kraken.rambler.ru/userip
81.19.89.17200 OK 12 B IP 81.19.89.17:0
ASN #24638 Rambler Internet Holding LLC
File type ASCII text, with no line terminators
Hash 35b0bce9d250429df012c0426f88d0bd
f81d80af9cbeb0011316fbba3da8002b32251f7a
da9add592d7eb9cca7705cb4870d7fd4e9718ccd51486c4261a727a8d566960d
GET /userip HTTP/1.1
Host: kraken.rambler.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://goo.su
Connection: keep-alive
Referer: https://goo.su/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx/1.19.4
date: Sun, 22 Jan 2023 08:35:59 GMT
content-type: application/octet-stream
content-length: 12
access-control-allow-origin: https://goo.su
x-srv: 1kraken-prod0001.ad.rambler.tech
set-cookie: ruid=1CIAAG/1zGOTbkpgAXaLwwB=; expires=Thu, 31-Dec-37 23:55:55 GMT; domain=.rambler.ru; path=/
proto_uid=1CIAAG/1zGOTbkpgAXaLwwB=; expires=Thu, 31-Dec-37 23:55:55 GMT; domain=.rambler.ru; path=/
p3p: CP="NON DSP NID ADMa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
X-Firefox-Spdy: h2
ocsp.globalsign.com/gseccovsslca2018
104.18.21.226200 OK 939 B URL HTTP/1.1 ocsp.globalsign.com/gseccovsslca2018
IP 104.18.21.226:0
Hash c5ea9fd2283c643b0d9073392e1cc798
ab1a319bf4087860565010964d63683e2ed7b126
20c17c9c03095419f4463d1b37203d85e11922cd0a118d1607623630326798b6
POST /gseccovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 22 Jan 2023 08:35:59 GMT
Content-Type: application/ocsp-response
Content-Length: 939
Connection: keep-alive
Expires: Thu, 26 Jan 2023 05:46:10 GMT
ETag: "ab1a319bf4087860565010964d63683e2ed7b126"
Last-Modified: Sun, 22 Jan 2023 05:46:11 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 855
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 78d6f598bef6b50b-OSL
ocsp.globalsign.com/gseccovsslca2018
104.18.21.226200 OK 939 B URL HTTP/1.1 ocsp.globalsign.com/gseccovsslca2018
IP 104.18.21.226:0
Hash c5ea9fd2283c643b0d9073392e1cc798
ab1a319bf4087860565010964d63683e2ed7b126
20c17c9c03095419f4463d1b37203d85e11922cd0a118d1607623630326798b6
POST /gseccovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 22 Jan 2023 08:35:59 GMT
Content-Type: application/ocsp-response
Content-Length: 939
Connection: keep-alive
Expires: Thu, 26 Jan 2023 05:46:10 GMT
ETag: "ab1a319bf4087860565010964d63683e2ed7b126"
Last-Modified: Sun, 22 Jan 2023 05:46:11 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 855
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 78d6f598bd3a0b06-OSL
ocsp.globalsign.com/gseccovsslca2018
104.18.21.226200 OK 939 B URL HTTP/1.1 ocsp.globalsign.com/gseccovsslca2018
IP 104.18.21.226:0
Hash c5ea9fd2283c643b0d9073392e1cc798
ab1a319bf4087860565010964d63683e2ed7b126
20c17c9c03095419f4463d1b37203d85e11922cd0a118d1607623630326798b6
POST /gseccovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 22 Jan 2023 08:35:59 GMT
Content-Type: application/ocsp-response
Content-Length: 939
Connection: keep-alive
Expires: Thu, 26 Jan 2023 05:46:10 GMT
ETag: "ab1a319bf4087860565010964d63683e2ed7b126"
Last-Modified: Sun, 22 Jan 2023 05:46:11 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 855
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 78d6f598b816b515-OSL
ocsp.globalsign.com/gseccovsslca2018
104.18.21.226200 OK 939 B URL HTTP/1.1 ocsp.globalsign.com/gseccovsslca2018
IP 104.18.21.226:0
Hash c5ea9fd2283c643b0d9073392e1cc798
ab1a319bf4087860565010964d63683e2ed7b126
20c17c9c03095419f4463d1b37203d85e11922cd0a118d1607623630326798b6
POST /gseccovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 22 Jan 2023 08:35:59 GMT
Content-Type: application/ocsp-response
Content-Length: 939
Connection: keep-alive
Expires: Thu, 26 Jan 2023 05:46:10 GMT
ETag: "ab1a319bf4087860565010964d63683e2ed7b126"
Last-Modified: Sun, 22 Jan 2023 05:46:11 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 855
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 78d6f598cf0eb50b-OSL
yastatic.net/partner-code-bundles/709056/66ee3204e86a38a1d2af.js
178.154.131.217200 OK 24 kB URL HTTP/2 yastatic.net/partner-code-bundles/709056/66ee3204e86a38a1d2af.js
IP 178.154.131.217:0
File type ASCII text, with very long lines (65494)
Hash 0555df1e148b784e2251e1c9a8729809
fd531b4f2c3273d00e76ba2898baa6f61b1962fd
9f51f4082ed866e87c8fec7c0572dfef436dc7358db3df0ad211937858b18957
GET /partner-code-bundles/709056/66ee3204e86a38a1d2af.js HTTP/1.1
Host: yastatic.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://goo.su
Connection: keep-alive
Referer: https://goo.su/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx/1.17.9
date: Sun, 22 Jan 2023 08:35:59 GMT
content-type: text/javascript; charset=utf-8
content-length: 23532
access-control-allow-origin: *
cache-control: public, max-age=946708560
content-encoding: br
etag: "0555df1e148b784e2251e1c9a8729809"
expires: Tue, 21 Jan 2053 15:10:52 GMT
last-modified: Thu, 19 Jan 2023 15:08:41 GMT
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
strict-transport-security: max-age=43200000; includeSubDomains;
timing-allow-origin: *
vary: Accept-Encoding
x-robots-tag: noindex, noarchive, nofollow
accept-ranges: bytes
X-Firefox-Spdy: h2
yastatic.net/partner-code-bundles/709056/1c0942547d39e10f5f56.js
178.154.131.217200 OK 4.8 kB URL HTTP/2 yastatic.net/partner-code-bundles/709056/1c0942547d39e10f5f56.js
IP 178.154.131.217:0
File type ASCII text, with very long lines (14344)
Hash dfa10e0344504a7f33fd4c2482ee2de2
af79254618c823aa18b5952c16efb4829e2bf31c
e3a5fb087da3393106337a58e97e3cea551e3c5ea1e3762abc499f38b5c34944
GET /partner-code-bundles/709056/1c0942547d39e10f5f56.js HTTP/1.1
Host: yastatic.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://goo.su
Connection: keep-alive
Referer: https://goo.su/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx/1.17.9
date: Sun, 22 Jan 2023 08:35:59 GMT
content-type: text/javascript; charset=utf-8
content-length: 4802
access-control-allow-origin: *
cache-control: public, max-age=946708560
content-encoding: br
etag: "dfa10e0344504a7f33fd4c2482ee2de2"
expires: Tue, 21 Jan 2053 15:10:52 GMT
last-modified: Thu, 19 Jan 2023 15:08:41 GMT
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
strict-transport-security: max-age=43200000; includeSubDomains;
timing-allow-origin: *
vary: Accept-Encoding
x-robots-tag: noindex, noarchive, nofollow
accept-ranges: bytes
X-Firefox-Spdy: h2
yastatic.net/safeframe-bundles/0.83/host.js
178.154.131.217200 OK 8.9 kB URL HTTP/2 yastatic.net/safeframe-bundles/0.83/host.js
IP 178.154.131.217:0
File type ASCII text, with very long lines (33703), with no line terminators
Hash f80882bf67cf261aa08d636da095149a
3e5bf3fbdb45c9696f9b925d3e71b2e9777c82cd
4794febaad77bf94edba1c860dbcf9612722ad0a18b95831dad359b0bba4bed6
GET /safeframe-bundles/0.83/host.js HTTP/1.1
Host: yastatic.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://goo.su
Connection: keep-alive
Referer: https://goo.su/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx/1.17.9
date: Sun, 22 Jan 2023 08:35:59 GMT
content-type: text/javascript; charset=utf-8
content-length: 8878
access-control-allow-origin: *
cache-control: public, max-age=946708560
content-encoding: br
etag: "f80882bf67cf261aa08d636da095149a"
expires: Tue, 21 Jan 2053 15:10:52 GMT
last-modified: Wed, 03 Nov 2021 13:42:58 GMT
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
strict-transport-security: max-age=43200000; includeSubDomains;
timing-allow-origin: *
vary: Accept-Encoding
x-robots-tag: noindex, noarchive, nofollow
accept-ranges: bytes
X-Firefox-Spdy: h2
yastatic.net/s3/home/fonts/ys/3/text-variable-full.woff2
178.154.131.217200 OK 26 kB URL HTTP/2 yastatic.net/s3/home/fonts/ys/3/text-variable-full.woff2
IP 178.154.131.217:0
File type Web Open Font Format (Version 2), TrueType, length 26004, version 1.0\012- data
Hash 7f0cdaf91230f9789ca4162aedff612e
965de571aa794dab64076c3cc64dc8894b843f23
033696b7f1ac04d1dcc102be84550e146236ceffc25a6cabc12aa51a6ee410b9
GET /s3/home/fonts/ys/3/text-variable-full.woff2 HTTP/1.1
Host: yastatic.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://goo.su
Connection: keep-alive
Referer: https://goo.su/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx/1.17.9
date: Sun, 22 Jan 2023 08:35:59 GMT
content-type: font/woff2
content-length: 26004
access-control-allow-origin: *
cache-control: public, max-age=31556952
etag: "7f0cdaf91230f9789ca4162aedff612e"
expires: Mon, 22 Jan 2024 14:24:04 GMT
last-modified: Mon, 25 Apr 2022 14:02:39 GMT
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
strict-transport-security: max-age=43200000; includeSubDomains;
timing-allow-origin: *
vary: Accept-Encoding
x-amz-meta-owner: {"role":"admin","login":"4eb0da"}
x-nginx-request-id: 6e17c063481a8760
accept-ranges: bytes
X-Firefox-Spdy: h2
push.services.mozilla.com/
44.226.190.180101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 44.226.190.180:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: NBIJNaiwMrtsCqVUPu6t+A==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: 2ELeUzzSg6dOCfa8VlZ3xxx7bPE=
yastatic.net/partner-code-bundles/709056/07cea2bf8567304efc16.js
178.154.131.217200 OK 7.9 kB URL HTTP/2 yastatic.net/partner-code-bundles/709056/07cea2bf8567304efc16.js
IP 178.154.131.217:0
File type ASCII text, with very long lines (23593)
Hash 19e508c937da56403f143d83a7737e52
cf09382547b53452aa5202ad8a66f085418d5a61
53768fc6ed276bf0f48abb6960e9fc665b9fd2de6b396465f47610cd83fdae75
GET /partner-code-bundles/709056/07cea2bf8567304efc16.js HTTP/1.1
Host: yastatic.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://goo.su
Connection: keep-alive
Referer: https://goo.su/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx/1.17.9
date: Sun, 22 Jan 2023 08:35:59 GMT
content-type: text/javascript; charset=utf-8
content-length: 7926
access-control-allow-origin: *
cache-control: public, max-age=946708560
content-encoding: br
etag: "19e508c937da56403f143d83a7737e52"
expires: Tue, 21 Jan 2053 15:10:52 GMT
last-modified: Thu, 19 Jan 2023 15:08:41 GMT
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
strict-transport-security: max-age=43200000; includeSubDomains;
timing-allow-origin: *
vary: Accept-Encoding
x-robots-tag: noindex, noarchive, nofollow
accept-ranges: bytes
X-Firefox-Spdy: h2
yastatic.net/partner-code-bundles/709056/c61ff59ff7f883706e40.js
178.154.131.217200 OK 112 kB URL HTTP/2 yastatic.net/partner-code-bundles/709056/c61ff59ff7f883706e40.js
IP 178.154.131.217:0
File type ASCII text, with very long lines (65497)
Size 112 kB (111493 bytes)
Hash 2b70087db8ff2c2570cad0cfcf0996c0
eaada3291b935fdfeafba30515987a212001accd
3468ce5868c0a4499fc0fc80eab5397e78b8ac6e913f3899695ab8836368fbd5
GET /partner-code-bundles/709056/c61ff59ff7f883706e40.js HTTP/1.1
Host: yastatic.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://goo.su
Connection: keep-alive
Referer: https://goo.su/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx/1.17.9
date: Sun, 22 Jan 2023 08:35:59 GMT
content-type: text/javascript; charset=utf-8
content-length: 111493
access-control-allow-origin: *
cache-control: public, max-age=946708560
content-encoding: br
etag: "2b70087db8ff2c2570cad0cfcf0996c0"
expires: Tue, 21 Jan 2053 15:10:52 GMT
last-modified: Thu, 19 Jan 2023 15:08:41 GMT
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
strict-transport-security: max-age=43200000; includeSubDomains;
timing-allow-origin: *
vary: Accept-Encoding
x-robots-tag: noindex, noarchive, nofollow
accept-ranges: bytes
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash 6f395936694ad6425512fdf9f562c4bf
f58cfa08b44f9ddde774026b92bc4e10fc9b99f5
1944b3b16c3b38fe6cc4f3447c1e410ba3d13b8ee098a2e3471e5921a0ce1361
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 22 Jan 2023 08:35:59 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
top-fwz1.mail.ru/counter?js=13;id=3128781;u=https%3A//goo.su/jYgQrdi;st=1674376557765;title=Redirecting...;s=1280*1024;vp=1268*939;touch=0;hds=1;frame=0;flash=;sid=02d861c9ac254301;ver=60.3.0;tz=0%2FUTC;ni=;lvid=1674376558432%3A1674376558453%3A1%3Aa83861d1ab5403e5a33f7525d888d25a;visible=true;_=0.48480019724072465
95.163.52.67302 Found 0 B URL HTTP/2 top-fwz1.mail.ru/counter?js=13;id=3128781;u=https%3A//goo.su/jYgQrdi;st=1674376557765;title=Redirecting...;s=1280*1024;vp=1268*939;touch=0;hds=1;frame=0;flash=;sid=02d861c9ac254301;ver=60.3.0;tz=0%2FUTC;ni=;lvid=1674376558432%3A1674376558453%3A1%3Aa83861d1ab5403e5a33f7525d888d25a;visible=true;_=0.48480019724072465
IP 95.163.52.67:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /counter?js=13;id=3128781;u=https%3A//goo.su/jYgQrdi;st=1674376557765;title=Redirecting...;s=1280*1024;vp=1268*939;touch=0;hds=1;frame=0;flash=;sid=02d861c9ac254301;ver=60.3.0;tz=0%2FUTC;ni=;lvid=1674376558432%3A1674376558453%3A1%3Aa83861d1ab5403e5a33f7525d888d25a;visible=true;_=0.48480019724072465 HTTP/1.1
Host: top-fwz1.mail.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://goo.su/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
server: nginx
date: Sun, 22 Jan 2023 08:35:59 GMT
content-length: 0
location: https://top-fwz1.mail.ru/counter2?js=13;id=3128781;u=https%3A//goo.su/jYgQrdi;st=1674376557765;title=Redirecting...;s=1280*1024;vp=1268*939;touch=0;hds=1;frame=0;flash=;sid=02d861c9ac254301;ver=60.3.0;tz=0%2FUTC;ni=;lvid=1674376558432%3A1674376558453%3A1%3Aa83861d1ab5403e5a33f7525d888d25a;visible=true;_=0.48480019724072465
set-cookie: FTID=1RMYgQ0tkIIF:1674376559:3128781:::; path=/; expires=Tue, 23-Jan-24 08:35:59 GMT; domain=.mail.ru; HttpOnly; SameSite=None; Secure
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, HEAD, PUT, OPTIONS
access-control-allow-headers: *
amp-access-control-allow-source-origin: *
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
timing-allow-origin: *
x-content-type-options: nosniff
p3p: CP="NOI DSP COR NID CUR PSA OUR NOR"
cache-control: private, no-cache, no-store, max-age=0
pragma: no-cache
accept-ch: DPR, Width, Viewport-Width, Downlink, Device-Memory, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version
accept-ch-lifetime: 86400
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 471 B IP 216.58.211.3:0
Hash ace90ee2f1ce8ca0d69556c6398555a6
49b53ab37b77ebf26525ef3a84aaa9a817af9df4
6d66736ed5245c62987c88f0c3570eefd8f45c09f60dc9b2e1d585f05d1f00e2
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 22 Jan 2023 08:35:59 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
adservice.google.com/adsid/integrator.js?domain=goo.su
216.58.211.2200 OK 100 B URL HTTP/2 adservice.google.com/adsid/integrator.js?domain=goo.su
IP 216.58.211.2:0
File type ASCII text, with no line terminators
Hash 917951a58be8c6c6f3680159550ba3c2
21cd25c2a4eb9ec7e0f37021ce7b69e852dab4b4
cd8c45d9a0d98ca2e23d967483ec538bcafa246afdcf434bf60c8257acfacfac
GET /adsid/integrator.js?domain=goo.su HTTP/1.1
Host: adservice.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://goo.su/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: private, no-cache, no-store
content-type: application/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
date: Sun, 22 Jan 2023 08:35:59 GMT
server: cafe
content-length: 100
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
partner.googleadservices.com/gampad/cookie.js?domain=goo.su&callback=_gfp_s_&client=ca-pub-4358137683029217
216.58.207.226200 OK 247 B URL HTTP/2 partner.googleadservices.com/gampad/cookie.js?domain=goo.su&callback=_gfp_s_&client=ca-pub-4358137683029217
IP 216.58.207.226:0
File type ASCII text, with very long lines (379), with no line terminators
Hash bc7f352d69bf13dfd5fb4d1f24252e77
631b1c9c52f9d655c31701c70090bd8430890acb
ea3b0ae25d257a74da4879cecdfdf9c29345023b1ac0fe753f7cd4dbabd2b310
GET /gampad/cookie.js?domain=goo.su&callback=_gfp_s_&client=ca-pub-4358137683029217 HTTP/1.1
Host: partner.googleadservices.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://goo.su/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
date: Sun, 22 Jan 2023 08:35:59 GMT
server: cafe
cache-control: private
content-length: 247
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 471 B IP 216.58.211.3:0
Hash ace90ee2f1ce8ca0d69556c6398555a6
49b53ab37b77ebf26525ef3a84aaa9a817af9df4
6d66736ed5245c62987c88f0c3570eefd8f45c09f60dc9b2e1d585f05d1f00e2
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 22 Jan 2023 08:35:59 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash 6f395936694ad6425512fdf9f562c4bf
f58cfa08b44f9ddde774026b92bc4e10fc9b99f5
1944b3b16c3b38fe6cc4f3447c1e410ba3d13b8ee098a2e3471e5921a0ce1361
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 22 Jan 2023 08:35:59 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash fb07d2c1d8bcee019ca03761dea26da2
eeb2c1a38a93b84ee59d073de34c82ab078d880e
ba1d0bc1bb2685cb37ea47d0486f1f56668d1619cc1f081b505fbaa7662375e4
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 22 Jan 2023 08:35:59 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
adservice.google.no/adsid/integrator.js?domain=goo.su
142.250.74.162200 OK 100 B URL HTTP/2 adservice.google.no/adsid/integrator.js?domain=goo.su
IP 142.250.74.162:0
File type ASCII text, with no line terminators
Hash 917951a58be8c6c6f3680159550ba3c2
21cd25c2a4eb9ec7e0f37021ce7b69e852dab4b4
cd8c45d9a0d98ca2e23d967483ec538bcafa246afdcf434bf60c8257acfacfac
GET /adsid/integrator.js?domain=goo.su HTTP/1.1
Host: adservice.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://goo.su/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: private, no-cache, no-store
content-type: application/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
date: Sun, 22 Jan 2023 08:35:59 GMT
server: cafe
content-length: 100
x-xss-protection: 0
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
an.yandex.ru/meta/1677322?target-ref=https%3A%2F%2Fgoo.su%2FjYgQrdi&charset=utf-8&pcode-test-ids=657519%2C0%2C73%3B706837%2C0%2C70%3B685674%2C0%2C23%3B672577%2C0%2C10%3B705194%2C0%2C56%3B709056%2C0%2C96%3B681853%2C0%2C60&pcode-flags-map=eJytWG1v2zYQ%2FiuDPxedXimp3yiJsjlLlEZSTtyiINzWTQIk6dCmRbYi%2F31HUbYlOaGTbkAQ2ILu4fFennvOP2d0zmpOVEWFILnKscSqwRxXQhU1Vyuak1pRprK6SuvZm3c%2FZz8219%2B3szez7f1fs1ezu%2B23O%2FoJvoaJE4Th7OH9q9kKC8XJny0RUq0q3KiC15XCuRjZS96SIQByIy92OgDCcFqSyeHwoaCMSgL%2BZUuxqKU6o3JRt1Jh8F0Km3coDFHsvxj8%2F0DGZakaXudtJsXxMS%2BDJgD5wrwMQHRe4MwzSIUqcUrKDgpAUswY4fbsIN8PoqEvjJwpsQRr%2BNOANc4JV02J1xOoqUNx6CXJ3iHKGjwnSkiaLdcqp0KD513UUp3avKjP4TEnmVSClOUImpw3Y%2BjI9Q7QrRh7yTBrWvstEzdygj2AXHCIFuFch6lQouUrsoaQQxLnigrFoExWuKT5CVAPhfEeFOc6%2Bmtdtz2SrE2b9D1jBYucKIijQzqlKTnCBa3ZyDJykB%2FEY9vYDd3OtmW0T5guAVw1Q9O7r9%2B3A7PAi%2F3ENKaOqBBdzUxsplkeGEFxCEKYqlNBIICT4rjdfLjejix95CXmhgU9B2JiakHofCEVk%2FYjg9BPzPXWmOXkXPFW5XWFKbMSlxN5Ptqfl%2FJ6Cc7CWWrOJ5mdWrpRGKNHD9SFLDlNreae6yBTbG8J81TRQs2f0Rxoh1bQE1bbwA16suxs%2B75Rac11UjnOaSt%2BeybCGmu%2FjcPQeGd4bWW8MPCjPs55oatWNDWDwpC0IlDVI1PPcZyxbeD45s5NVudEt4AgzEqDYRACTF9Kmg040bW7O09pErCaB1HkHZtDQ8P%2FM91EUJ2%2FgrBzACigHWXLdx63LgnmTFV63q4wp3hyb290aOg4fZQbTmtO5VqlayB%2BctbU3B4wFKG%2B93Z10RNoJqzUHAL9xYOKBIrLMLAf0HCWQZaEhSXCxA9dd2TbVbHYT%2BkGmI%2ByuR0kCAPjeVa3TEIpy3VDlG%2F3GhgxHKSn4hnESdCUlhA1%2B3FJhJ60VDXM1xLm0onTdxhVW0pqZqkCgi0ozDGqL1HgzN7NSexF0cCPHsRMeRgPUGx6sKYgGnTHSF6X5Ykp63iBb6puznHq2d%2BFEnUO7ypB3478DV3Psb3%2FSOe74RMWu%2BJYkG78cJITARrU6p8beshY63HOSQGcswDFMaeZ3S72e4LtJi2vdAdxwnZzr%2BEktVM8Ao723FErwQzkUNcMumlBIB%2BatkXG9YQTwspEyE3cwPgzMMJNo68yh9awG3tuEo48WVDZXWMABsFcytruhR953khVZk2lKpJTrAAES7rqhrwdI%2FHHWj1rsv%2BMMRHOOSkwdNQLNXMQOgiNwiQqzKUCadUSDX4qSSFCyMS5xG%2FXna5V3awaWv2cfd7efbysNl8vrm77ar%2F58uHqeis%2Bbq6vbi9mb7yHkXwOnV7UDN2B0aXSUnd1ScfC793sZnN1%2Ffrrd%2FDt783tp%2B09fP796mZzsf02enSxuemefPpne2te3%2Fy4uvtiPt683n95%2F7g3B5k7ib5RvbUWzp3EVaI8EfnIjXrGybR6r1nfabjQPE4LWCqJWRPsLRfFCUr2crPgFGDKtTL2tGuYF9inyyM6O7JAid%2F35cDipQswipLAifYoMOtzjVDZT44D5E5PNo1kP8vzHG%2FKJFqvPosBYhS4%2Fo4XQfbBagpXhcZQvucYHdrNPSMpj5fDI7wo9o9vIef2O0Ca4oPVYawJ1cDIBPUAW%2FOKVFPdMfv8Td19%2Bf7xcrK4ObE3XU%2FNaHkkj%2F1yfyI5sLf1BCWI3NNRt66ytkpPBAVUwajjYQttlOTdCD8lKlCSBL45euJ4UdZ6YcuVueYJkLhvyKdAujofB%2FfqXt1s7tXl9uri8u6ZcIcSzMoacgmsYegjJYUWu7Cl2hUrLN2Rh05gA%2FW3Zb6b3ztVeXyFp7Ep08N2SVKcKtj1TljFvWrnnVBY6YlvFOzOhZKypZKYllrlwQ6PJ7t7X9JjWBT7B%2Bbta7UTiQIEOuzw%2BzW5r5WBHOVEK%2F%2FxZTNZjpsKxH%2Fwi%2FggyVa7U555CGV%2F6L1iWAH7PtbCNVu0bPlyJvXCXg5D7I3kky1sTmaSdN3TDa12vjjxY0noJoNtc%2FrjQ%2BQkTojGFt2Th%2FcP%2FwICRTMW&pcode-icookie=f4oGgasDYHs2yb98uO49Pj%2BhCrthawTUnRzZ7hprBv2jnRek96x31rBCHVg%2FQZIrstVFVndF%2BWn5OVENdH2EoXy7V64%3D&imp-id=1&enable-flat-highlight=1&comboblock-unencoded-vast=1&test-tag=246290604621826&ad-session-id=2508161674376558375&target-id=71623927&tga-with-creatives=1&top-ancestor=https%3A%2F%2Fgoo.su&top-ancestor-undetermined=0&pcode-version=709056&pcodever=709056&flash-ver=0&available-width=145&layout-config=%7B%22win_width%22%3A1280%2C%22win_height%22%3A939%2C%22pixel_ratio%22%3A1%2C%22bandwidth%22%3A-1%2C%22isInIframe%22%3Afalse%2C%22w%22%3A1268%2C%22h%22%3A939%2C%22width%22%3A145%2C%22height%22%3A0%2C%22visible%22%3A1%2C%22fullscreenHeaderHeight%22%3A80%2C%22left%22%3A561%2C%22top%22%3A129%2C%22ad_no%22%3A0%2C%22darkTheme%22%3Afalse%2C%22req_no%22%3A0%7D&grab-orig-len=384&grab=eyJncmFiX3ZlcnNpb24iOjIsImlzX2FzeW5jIjoxLCJvbGRfZ3JhYl9zaXplIjo1Nn0Kgq6-kTvf80MM9dSIvWpXyDVKKJWAv3dMTrXf_RCJBARtWiSSJVXo23A4YeY8-OPWXpz1OEmSuvgwzkkG-114gvShwyVzD5l2vhdm6JALc4nLZXbCZcKiVHWVqsa84yBy4RbzMSRjYGW68Y3mfg49jQ8pQjU4-GfElzUpMZeUi6GSR07MWczGaz7RJ-eusvVSybEuT2SxZq26n1jNhkO3eH7OPuXMzjrf7LHPYkNozC2OGZnIHp3eeOAfQUXZfOVfixc0G7Xen9VvXcBDK1MqM2lNyB1g7Gi_ApI2EAhEZASpR2QA2yhMVBSQgv8%3D&uniformat=true&callback=Ya%5B7655457706048%5D
87.250.250.90200 OK 35 kB URL HTTP/2 an.yandex.ru/meta/1677322?target-ref=https%3A%2F%2Fgoo.su%2FjYgQrdi&charset=utf-8&pcode-test-ids=657519%2C0%2C73%3B706837%2C0%2C70%3B685674%2C0%2C23%3B672577%2C0%2C10%3B705194%2C0%2C56%3B709056%2C0%2C96%3B681853%2C0%2C60&pcode-flags-map=eJytWG1v2zYQ%2FiuDPxedXimp3yiJsjlLlEZSTtyiINzWTQIk6dCmRbYi%2F31HUbYlOaGTbkAQ2ILu4fFennvOP2d0zmpOVEWFILnKscSqwRxXQhU1Vyuak1pRprK6SuvZm3c%2FZz8219%2B3szez7f1fs1ezu%2B23O%2FoJvoaJE4Th7OH9q9kKC8XJny0RUq0q3KiC15XCuRjZS96SIQByIy92OgDCcFqSyeHwoaCMSgL%2BZUuxqKU6o3JRt1Jh8F0Km3coDFHsvxj8%2F0DGZakaXudtJsXxMS%2BDJgD5wrwMQHRe4MwzSIUqcUrKDgpAUswY4fbsIN8PoqEvjJwpsQRr%2BNOANc4JV02J1xOoqUNx6CXJ3iHKGjwnSkiaLdcqp0KD513UUp3avKjP4TEnmVSClOUImpw3Y%2BjI9Q7QrRh7yTBrWvstEzdygj2AXHCIFuFch6lQouUrsoaQQxLnigrFoExWuKT5CVAPhfEeFOc6%2Bmtdtz2SrE2b9D1jBYucKIijQzqlKTnCBa3ZyDJykB%2FEY9vYDd3OtmW0T5guAVw1Q9O7r9%2B3A7PAi%2F3ENKaOqBBdzUxsplkeGEFxCEKYqlNBIICT4rjdfLjejix95CXmhgU9B2JiakHofCEVk%2FYjg9BPzPXWmOXkXPFW5XWFKbMSlxN5Ptqfl%2FJ6Cc7CWWrOJ5mdWrpRGKNHD9SFLDlNreae6yBTbG8J81TRQs2f0Rxoh1bQE1bbwA16suxs%2B75Rac11UjnOaSt%2BeybCGmu%2FjcPQeGd4bWW8MPCjPs55oatWNDWDwpC0IlDVI1PPcZyxbeD45s5NVudEt4AgzEqDYRACTF9Kmg040bW7O09pErCaB1HkHZtDQ8P%2FM91EUJ2%2FgrBzACigHWXLdx63LgnmTFV63q4wp3hyb290aOg4fZQbTmtO5VqlayB%2BctbU3B4wFKG%2B93Z10RNoJqzUHAL9xYOKBIrLMLAf0HCWQZaEhSXCxA9dd2TbVbHYT%2BkGmI%2ByuR0kCAPjeVa3TEIpy3VDlG%2F3GhgxHKSn4hnESdCUlhA1%2B3FJhJ60VDXM1xLm0onTdxhVW0pqZqkCgi0ozDGqL1HgzN7NSexF0cCPHsRMeRgPUGx6sKYgGnTHSF6X5Ykp63iBb6puznHq2d%2BFEnUO7ypB3478DV3Psb3%2FSOe74RMWu%2BJYkG78cJITARrU6p8beshY63HOSQGcswDFMaeZ3S72e4LtJi2vdAdxwnZzr%2BEktVM8Ao723FErwQzkUNcMumlBIB%2BatkXG9YQTwspEyE3cwPgzMMJNo68yh9awG3tuEo48WVDZXWMABsFcytruhR953khVZk2lKpJTrAAES7rqhrwdI%2FHHWj1rsv%2BMMRHOOSkwdNQLNXMQOgiNwiQqzKUCadUSDX4qSSFCyMS5xG%2FXna5V3awaWv2cfd7efbysNl8vrm77ar%2F58uHqeis%2Bbq6vbi9mb7yHkXwOnV7UDN2B0aXSUnd1ScfC793sZnN1%2Ffrrd%2FDt783tp%2B09fP796mZzsf02enSxuemefPpne2te3%2Fy4uvtiPt683n95%2F7g3B5k7ib5RvbUWzp3EVaI8EfnIjXrGybR6r1nfabjQPE4LWCqJWRPsLRfFCUr2crPgFGDKtTL2tGuYF9inyyM6O7JAid%2F35cDipQswipLAifYoMOtzjVDZT44D5E5PNo1kP8vzHG%2FKJFqvPosBYhS4%2Fo4XQfbBagpXhcZQvucYHdrNPSMpj5fDI7wo9o9vIef2O0Ca4oPVYawJ1cDIBPUAW%2FOKVFPdMfv8Td19%2Bf7xcrK4ObE3XU%2FNaHkkj%2F1yfyI5sLf1BCWI3NNRt66ytkpPBAVUwajjYQttlOTdCD8lKlCSBL45euJ4UdZ6YcuVueYJkLhvyKdAujofB%2FfqXt1s7tXl9uri8u6ZcIcSzMoacgmsYegjJYUWu7Cl2hUrLN2Rh05gA%2FW3Zb6b3ztVeXyFp7Ep08N2SVKcKtj1TljFvWrnnVBY6YlvFOzOhZKypZKYllrlwQ6PJ7t7X9JjWBT7B%2Bbta7UTiQIEOuzw%2BzW5r5WBHOVEK%2F%2FxZTNZjpsKxH%2Fwi%2FggyVa7U555CGV%2F6L1iWAH7PtbCNVu0bPlyJvXCXg5D7I3kky1sTmaSdN3TDa12vjjxY0noJoNtc%2FrjQ%2BQkTojGFt2Th%2FcP%2FwICRTMW&pcode-icookie=f4oGgasDYHs2yb98uO49Pj%2BhCrthawTUnRzZ7hprBv2jnRek96x31rBCHVg%2FQZIrstVFVndF%2BWn5OVENdH2EoXy7V64%3D&imp-id=1&enable-flat-highlight=1&comboblock-unencoded-vast=1&test-tag=246290604621826&ad-session-id=2508161674376558375&target-id=71623927&tga-with-creatives=1&top-ancestor=https%3A%2F%2Fgoo.su&top-ancestor-undetermined=0&pcode-version=709056&pcodever=709056&flash-ver=0&available-width=145&layout-config=%7B%22win_width%22%3A1280%2C%22win_height%22%3A939%2C%22pixel_ratio%22%3A1%2C%22bandwidth%22%3A-1%2C%22isInIframe%22%3Afalse%2C%22w%22%3A1268%2C%22h%22%3A939%2C%22width%22%3A145%2C%22height%22%3A0%2C%22visible%22%3A1%2C%22fullscreenHeaderHeight%22%3A80%2C%22left%22%3A561%2C%22top%22%3A129%2C%22ad_no%22%3A0%2C%22darkTheme%22%3Afalse%2C%22req_no%22%3A0%7D&grab-orig-len=384&grab=eyJncmFiX3ZlcnNpb24iOjIsImlzX2FzeW5jIjoxLCJvbGRfZ3JhYl9zaXplIjo1Nn0Kgq6-kTvf80MM9dSIvWpXyDVKKJWAv3dMTrXf_RCJBARtWiSSJVXo23A4YeY8-OPWXpz1OEmSuvgwzkkG-114gvShwyVzD5l2vhdm6JALc4nLZXbCZcKiVHWVqsa84yBy4RbzMSRjYGW68Y3mfg49jQ8pQjU4-GfElzUpMZeUi6GSR07MWczGaz7RJ-eusvVSybEuT2SxZq26n1jNhkO3eH7OPuXMzjrf7LHPYkNozC2OGZnIHp3eeOAfQUXZfOVfixc0G7Xen9VvXcBDK1MqM2lNyB1g7Gi_ApI2EAhEZASpR2QA2yhMVBSQgv8%3D&uniformat=true&callback=Ya%5B7655457706048%5D
IP 87.250.250.90:0
Hash bb766007ce0850f506c88b6f380b0d3a
8a260216b05bdddc596aaf4661db8bf3aae43759
93f5aad83136fc4edd793721aa4a13f71cc5c1893e7a45716d910526d84c1e65
GET /meta/1677322?target-ref=https%3A%2F%2Fgoo.su%2FjYgQrdi&charset=utf-8&pcode-test-ids=657519%2C0%2C73%3B706837%2C0%2C70%3B685674%2C0%2C23%3B672577%2C0%2C10%3B705194%2C0%2C56%3B709056%2C0%2C96%3B681853%2C0%2C60&pcode-flags-map=eJytWG1v2zYQ%2FiuDPxedXimp3yiJsjlLlEZSTtyiINzWTQIk6dCmRbYi%2F31HUbYlOaGTbkAQ2ILu4fFennvOP2d0zmpOVEWFILnKscSqwRxXQhU1Vyuak1pRprK6SuvZm3c%2FZz8219%2B3szez7f1fs1ezu%2B23O%2FoJvoaJE4Th7OH9q9kKC8XJny0RUq0q3KiC15XCuRjZS96SIQByIy92OgDCcFqSyeHwoaCMSgL%2BZUuxqKU6o3JRt1Jh8F0Km3coDFHsvxj8%2F0DGZakaXudtJsXxMS%2BDJgD5wrwMQHRe4MwzSIUqcUrKDgpAUswY4fbsIN8PoqEvjJwpsQRr%2BNOANc4JV02J1xOoqUNx6CXJ3iHKGjwnSkiaLdcqp0KD513UUp3avKjP4TEnmVSClOUImpw3Y%2BjI9Q7QrRh7yTBrWvstEzdygj2AXHCIFuFch6lQouUrsoaQQxLnigrFoExWuKT5CVAPhfEeFOc6%2Bmtdtz2SrE2b9D1jBYucKIijQzqlKTnCBa3ZyDJykB%2FEY9vYDd3OtmW0T5guAVw1Q9O7r9%2B3A7PAi%2F3ENKaOqBBdzUxsplkeGEFxCEKYqlNBIICT4rjdfLjejix95CXmhgU9B2JiakHofCEVk%2FYjg9BPzPXWmOXkXPFW5XWFKbMSlxN5Ptqfl%2FJ6Cc7CWWrOJ5mdWrpRGKNHD9SFLDlNreae6yBTbG8J81TRQs2f0Rxoh1bQE1bbwA16suxs%2B75Rac11UjnOaSt%2BeybCGmu%2FjcPQeGd4bWW8MPCjPs55oatWNDWDwpC0IlDVI1PPcZyxbeD45s5NVudEt4AgzEqDYRACTF9Kmg040bW7O09pErCaB1HkHZtDQ8P%2FM91EUJ2%2FgrBzACigHWXLdx63LgnmTFV63q4wp3hyb290aOg4fZQbTmtO5VqlayB%2BctbU3B4wFKG%2B93Z10RNoJqzUHAL9xYOKBIrLMLAf0HCWQZaEhSXCxA9dd2TbVbHYT%2BkGmI%2ByuR0kCAPjeVa3TEIpy3VDlG%2F3GhgxHKSn4hnESdCUlhA1%2B3FJhJ60VDXM1xLm0onTdxhVW0pqZqkCgi0ozDGqL1HgzN7NSexF0cCPHsRMeRgPUGx6sKYgGnTHSF6X5Ykp63iBb6puznHq2d%2BFEnUO7ypB3478DV3Psb3%2FSOe74RMWu%2BJYkG78cJITARrU6p8beshY63HOSQGcswDFMaeZ3S72e4LtJi2vdAdxwnZzr%2BEktVM8Ao723FErwQzkUNcMumlBIB%2BatkXG9YQTwspEyE3cwPgzMMJNo68yh9awG3tuEo48WVDZXWMABsFcytruhR953khVZk2lKpJTrAAES7rqhrwdI%2FHHWj1rsv%2BMMRHOOSkwdNQLNXMQOgiNwiQqzKUCadUSDX4qSSFCyMS5xG%2FXna5V3awaWv2cfd7efbysNl8vrm77ar%2F58uHqeis%2Bbq6vbi9mb7yHkXwOnV7UDN2B0aXSUnd1ScfC793sZnN1%2Ffrrd%2FDt783tp%2B09fP796mZzsf02enSxuemefPpne2te3%2Fy4uvtiPt683n95%2F7g3B5k7ib5RvbUWzp3EVaI8EfnIjXrGybR6r1nfabjQPE4LWCqJWRPsLRfFCUr2crPgFGDKtTL2tGuYF9inyyM6O7JAid%2F35cDipQswipLAifYoMOtzjVDZT44D5E5PNo1kP8vzHG%2FKJFqvPosBYhS4%2Fo4XQfbBagpXhcZQvucYHdrNPSMpj5fDI7wo9o9vIef2O0Ca4oPVYawJ1cDIBPUAW%2FOKVFPdMfv8Td19%2Bf7xcrK4ObE3XU%2FNaHkkj%2F1yfyI5sLf1BCWI3NNRt66ytkpPBAVUwajjYQttlOTdCD8lKlCSBL45euJ4UdZ6YcuVueYJkLhvyKdAujofB%2FfqXt1s7tXl9uri8u6ZcIcSzMoacgmsYegjJYUWu7Cl2hUrLN2Rh05gA%2FW3Zb6b3ztVeXyFp7Ep08N2SVKcKtj1TljFvWrnnVBY6YlvFOzOhZKypZKYllrlwQ6PJ7t7X9JjWBT7B%2Bbta7UTiQIEOuzw%2BzW5r5WBHOVEK%2F%2FxZTNZjpsKxH%2Fwi%2FggyVa7U555CGV%2F6L1iWAH7PtbCNVu0bPlyJvXCXg5D7I3kky1sTmaSdN3TDa12vjjxY0noJoNtc%2FrjQ%2BQkTojGFt2Th%2FcP%2FwICRTMW&pcode-icookie=f4oGgasDYHs2yb98uO49Pj%2BhCrthawTUnRzZ7hprBv2jnRek96x31rBCHVg%2FQZIrstVFVndF%2BWn5OVENdH2EoXy7V64%3D&imp-id=1&enable-flat-highlight=1&comboblock-unencoded-vast=1&test-tag=246290604621826&ad-session-id=2508161674376558375&target-id=71623927&tga-with-creatives=1&top-ancestor=https%3A%2F%2Fgoo.su&top-ancestor-undetermined=0&pcode-version=709056&pcodever=709056&flash-ver=0&available-width=145&layout-config=%7B%22win_width%22%3A1280%2C%22win_height%22%3A939%2C%22pixel_ratio%22%3A1%2C%22bandwidth%22%3A-1%2C%22isInIframe%22%3Afalse%2C%22w%22%3A1268%2C%22h%22%3A939%2C%22width%22%3A145%2C%22height%22%3A0%2C%22visible%22%3A1%2C%22fullscreenHeaderHeight%22%3A80%2C%22left%22%3A561%2C%22top%22%3A129%2C%22ad_no%22%3A0%2C%22darkTheme%22%3Afalse%2C%22req_no%22%3A0%7D&grab-orig-len=384&grab=eyJncmFiX3ZlcnNpb24iOjIsImlzX2FzeW5jIjoxLCJvbGRfZ3JhYl9zaXplIjo1Nn0Kgq6-kTvf80MM9dSIvWpXyDVKKJWAv3dMTrXf_RCJBARtWiSSJVXo23A4YeY8-OPWXpz1OEmSuvgwzkkG-114gvShwyVzD5l2vhdm6JALc4nLZXbCZcKiVHWVqsa84yBy4RbzMSRjYGW68Y3mfg49jQ8pQjU4-GfElzUpMZeUi6GSR07MWczGaz7RJ-eusvVSybEuT2SxZq26n1jNhkO3eH7OPuXMzjrf7LHPYkNozC2OGZnIHp3eeOAfQUXZfOVfixc0G7Xen9VvXcBDK1MqM2lNyB1g7Gi_ApI2EAhEZASpR2QA2yhMVBSQgv8%3D&uniformat=true&callback=Ya%5B7655457706048%5D HTTP/1.1
Host: an.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Origin: https://goo.su
Connection: keep-alive
Referer: https://goo.su/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
uniformat: true
uniformat-product-type: Direct
content-encoding: gzip
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
access-control-allow-origin: https://goo.su
x-xss-protection: 1; mode=block
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
x-yandex-req-id: 1674376559634282-1678411836116700799300106-production-app-host-vla-pcode-174
last-modified: Sun, 22 Jan 2023 08:35:59 GMT
date: Sun, 22 Jan 2023 08:35:59 GMT
set-cookie: yabs-vdrf=A0; domain=an.yandex.ru; path=/; expires=Sun, 29-Jan-2023 08:35:59 GMT
i=jIlEWgKDt8FMTONcopI+Ecc0ORJnj2ZsRuCLYNepo+NuhrI9a+So4uCX1EAlxrJn8kUJVmoy/4FxQn4Vo/WMo+J31YE=; Expires=Tue, 21-Jan-2025 08:35:59 GMT; Domain=.yandex.ru; Path=/; Secure; HttpOnly; SameSite=None
content-type: application/json
pragma: no-cache
access-control-allow-credentials: true
timing-allow-origin: *
ssr: true
strict-transport-security: max-age=31536000
expires: Sun, 22 Jan 2023 08:35:59 GMT
X-Firefox-Spdy: h2
top-fwz1.mail.ru/counter2?js=13;id=3128781;u=https%3A//goo.su/jYgQrdi;st=1674376557765;title=Redirecting...;s=1280*1024;vp=1268*939;touch=0;hds=1;frame=0;flash=;sid=02d861c9ac254301;ver=60.3.0;tz=0%2FUTC;ni=;lvid=1674376558432%3A1674376558453%3A1%3Aa83861d1ab5403e5a33f7525d888d25a;visible=true;_=0.48480019724072465
95.163.52.67200 OK 43 B URL HTTP/2 top-fwz1.mail.ru/counter2?js=13;id=3128781;u=https%3A//goo.su/jYgQrdi;st=1674376557765;title=Redirecting...;s=1280*1024;vp=1268*939;touch=0;hds=1;frame=0;flash=;sid=02d861c9ac254301;ver=60.3.0;tz=0%2FUTC;ni=;lvid=1674376558432%3A1674376558453%3A1%3Aa83861d1ab5403e5a33f7525d888d25a;visible=true;_=0.48480019724072465
IP 95.163.52.67:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 9bb191c6827273aa978cab39a3587950
25d8043336eb799e52b1a0e15ff6b95e09c24e35
24e480e4659fbae818853a38f8a3036f529f539024dc3e772c0b594ce02ea9db
GET /counter2?js=13;id=3128781;u=https%3A//goo.su/jYgQrdi;st=1674376557765;title=Redirecting...;s=1280*1024;vp=1268*939;touch=0;hds=1;frame=0;flash=;sid=02d861c9ac254301;ver=60.3.0;tz=0%2FUTC;ni=;lvid=1674376558432%3A1674376558453%3A1%3Aa83861d1ab5403e5a33f7525d888d25a;visible=true;_=0.48480019724072465 HTTP/1.1
Host: top-fwz1.mail.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://goo.su/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 22 Jan 2023 08:35:59 GMT
content-type: image/gif
content-length: 43
set-cookie: FTID=1RMYgQ0tkIIF:1674376559:3128781:::; path=/; expires=Tue, 23-Jan-24 08:35:59 GMT; domain=.mail.ru; HttpOnly; SameSite=None; Secure
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, HEAD, PUT, OPTIONS
access-control-allow-headers: *
amp-access-control-allow-source-origin: *
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
timing-allow-origin: *
x-content-type-options: nosniff
p3p: CP="NOI DSP COR NID CUR PSA OUR NOR"
cache-control: private, no-cache, no-store, max-age=0
pragma: no-cache
accept-ch: DPR, Width, Viewport-Width, Downlink, Device-Memory, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version
accept-ch-lifetime: 86400
X-Firefox-Spdy: h2
yastatic.net/s3/games-static/favicons/icon-192.png
178.154.131.217200 OK 24 kB URL HTTP/2 yastatic.net/s3/games-static/favicons/icon-192.png
IP 178.154.131.217:0
File type PNG image data, 192 x 192, 8-bit/color RGBA, non-interlaced\012- data
Hash 7819c957eaa80af5bf14f760d49b64a7
93b670523acd14f884c3a538d59d408da0888a6c
ca78c114bba40b141a59c55a9d3fb6db7672bc3effd4337f2b1ce512b4d06c9e
GET /s3/games-static/favicons/icon-192.png HTTP/1.1
Host: yastatic.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://goo.su/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx/1.17.9
date: Sun, 22 Jan 2023 08:35:59 GMT
content-type: image/png
content-length: 24134
access-control-allow-origin: *
cache-control: public, max-age=216013
etag: "7819c957eaa80af5bf14f760d49b64a7"
expires: Tue, 24 Jan 2023 20:33:17 GMT
last-modified: Thu, 14 Apr 2022 12:22:42 GMT
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
strict-transport-security: max-age=43200000; includeSubDomains;
timing-allow-origin: *
vary: Accept-Encoding
x-nginx-request-id: 57999ca558205e0a
accept-ranges: bytes
X-Firefox-Spdy: h2
yastatic.net/safeframe-bundles/0.83/1-1-0/render.html
178.154.131.217200 OK 6.3 kB URL HTTP/2 yastatic.net/safeframe-bundles/0.83/1-1-0/render.html
IP 178.154.131.217:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (23297)
Hash eb77de48712912aadc9aa8171ac75ede
f375e4ed6b585c4e30b2d56f4f41c3beed909349
437ee0c22002ccd77158d7a7018113f26384324158ab3cef65373007f29b1bcf
GET /safeframe-bundles/0.83/1-1-0/render.html HTTP/1.1
Host: yastatic.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://goo.su/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx/1.17.9
date: Sun, 22 Jan 2023 08:36:00 GMT
content-type: text/html
content-length: 6262
access-control-allow-origin: *
cache-control: public, max-age=946708560
content-encoding: br
etag: "eb77de48712912aadc9aa8171ac75ede"
expires: Tue, 21 Jan 2053 15:08:22 GMT
last-modified: Wed, 03 Nov 2021 13:42:58 GMT
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
strict-transport-security: max-age=43200000; includeSubDomains;
timing-allow-origin: *
vary: Accept-Encoding
x-robots-tag: noindex, noarchive, nofollow
accept-ranges: bytes
X-Firefox-Spdy: h2
ocsp.globalsign.com/gseccovsslca2018
104.18.21.226200 OK 940 B URL HTTP/1.1 ocsp.globalsign.com/gseccovsslca2018
IP 104.18.21.226:0
Hash eb3468883903c4ed92f6d67520231eb7
2a82285b9b350571be6f4fe6e8249c9dc2985715
25c1da146a97765fe25009ea1897e419db530bedea07ecd7743f1686e2da2e2a
POST /gseccovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 22 Jan 2023 08:36:00 GMT
Content-Type: application/ocsp-response
Content-Length: 940
Connection: keep-alive
Expires: Thu, 26 Jan 2023 06:30:05 GMT
ETag: "2a82285b9b350571be6f4fe6e8249c9dc2985715"
Last-Modified: Sun, 22 Jan 2023 06:30:06 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 2829
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 78d6f59c2b31b515-OSL
kraken.rambler.ru/cnt/?et=pv&v=3.13.4&pid=6673155&tid=t1.6673155.1862463574.1674376558121&rid=1674376558.12-847572608&fid=pA8AAENKs1e4GYz8AQlryQA%3D&fip=pA8AAENKs1cnnUv2AauVQAA%3D&eid=436665585945643&aduid=35b16c7a-cd93-427c-ae8a-0ff365daf5fe&aduidsc=goo.su&stid=348357855_1674376558122&sn=1&sen=1&ce=1&bs=1268x939&rf&en=UTF-8&pt=Redirecting...&sr=1280x1024&cd=24-bit&la=en-US&ja=0&acn=Mozilla&an=Netscape&pl=Linux%20x86_64&tz=0&le=2&ct=web&url=https%3A%2F%2Fgoo.su%2FjYgQrdi&lv&exp=%5B%5B%22exp_bot%22%2C%22split_b%22%5D%2C%5B%22exp_ping%22%2C%22no%22%5D%5D&rn=387506860
81.19.89.17200 OK 595 B URL HTTP/2 kraken.rambler.ru/cnt/?et=pv&v=3.13.4&pid=6673155&tid=t1.6673155.1862463574.1674376558121&rid=1674376558.12-847572608&fid=pA8AAENKs1e4GYz8AQlryQA%3D&fip=pA8AAENKs1cnnUv2AauVQAA%3D&eid=436665585945643&aduid=35b16c7a-cd93-427c-ae8a-0ff365daf5fe&aduidsc=goo.su&stid=348357855_1674376558122&sn=1&sen=1&ce=1&bs=1268x939&rf&en=UTF-8&pt=Redirecting...&sr=1280x1024&cd=24-bit&la=en-US&ja=0&acn=Mozilla&an=Netscape&pl=Linux%20x86_64&tz=0&le=2&ct=web&url=https%3A%2F%2Fgoo.su%2FjYgQrdi&lv&exp=%5B%5B%22exp_bot%22%2C%22split_b%22%5D%2C%5B%22exp_ping%22%2C%22no%22%5D%5D&rn=387506860
IP 81.19.89.17:0
ASN #24638 Rambler Internet Holding LLC
File type GIF image data, version 87a, 88 x 31\012- data
Hash b566a466c8d8c0361839677785e69240
c6e6a583e76e699806f806dbd63cebd9037f551e
86d9d7d32ba3d9eb9fbea6508c725c17c44f80d6a7d16ca1fa79a85c4b632e91
GET /cnt/?et=pv&v=3.13.4&pid=6673155&tid=t1.6673155.1862463574.1674376558121&rid=1674376558.12-847572608&fid=pA8AAENKs1e4GYz8AQlryQA%3D&fip=pA8AAENKs1cnnUv2AauVQAA%3D&eid=436665585945643&aduid=35b16c7a-cd93-427c-ae8a-0ff365daf5fe&aduidsc=goo.su&stid=348357855_1674376558122&sn=1&sen=1&ce=1&bs=1268x939&rf&en=UTF-8&pt=Redirecting...&sr=1280x1024&cd=24-bit&la=en-US&ja=0&acn=Mozilla&an=Netscape&pl=Linux%20x86_64&tz=0&le=2&ct=web&url=https%3A%2F%2Fgoo.su%2FjYgQrdi&lv&exp=%5B%5B%22exp_bot%22%2C%22split_b%22%5D%2C%5B%22exp_ping%22%2C%22no%22%5D%5D&rn=387506860 HTTP/1.1
Host: kraken.rambler.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://goo.su/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx/1.19.4
date: Sun, 22 Jan 2023 08:36:00 GMT
content-type: image/gif
content-length: 595
last-modified: Tue, 12 Nov 2019 12:50:59 GMT
etag: "5dcaaab3-253"
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: content-type
access-control-allow-credentials: true
x-srv: 1kraken-prod0003.ad.rambler.tech
set-cookie: ruid=1CIAAHD1zGPZtXWfAbzHEgB=; expires=Thu, 31-Dec-37 23:55:55 GMT; domain=.rambler.ru; path=/
proto_uid=1CIAAHD1zGPZtXWfAbzHEgB=; expires=Thu, 31-Dec-37 23:55:55 GMT; domain=.rambler.ru; path=/
p3p: CP="NON DSP NID ADMa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
accept-ranges: bytes
X-Firefox-Spdy: h2
kraken.rambler.ru/cnt/v2/?event_type=base&event_name=page_view&project_id=6673155&session_id=348357855_1674376558122&session_number=1&session_event_number=1&version=3.13.4&counter_type=web&experiment=%5B%5B%22exp_bot%22%2C%22split_b%22%5D%2C%5B%22exp_ping%22%2C%22no%22%5D%5D&top100_id=t1.6673155.1862463574.1674376558121&adtech_uid=35b16c7a-cd93-427c-ae8a-0ff365daf5fe&adtech_uid_scope=goo.su&fingerprint=pA8AAENKs1e4GYz8AQlryQA%3D&fingerprint_ip=pA8AAENKs1cnnUv2AauVQAA%3D&url=https%3A%2F%2Fgoo.su%2FjYgQrdi&request_id=1674376558.12-847572608&event_id=729565585942918&meta=%7B%22title%22%3A%22Redirecting...%22%2C%22referer%22%3A%22%22%2C%22screen_size%22%3A%221280x1024%22%2C%22browser_size%22%3A%221268x939%22%2C%22color_depth%22%3A%2224-bit%22%2C%22language%22%3A%22en-US%22%2C%22browser%22%3A%22Netscape%22%2C%22platform%22%3A%22Linux%20x86_64%22%2C%22timezone%22%3A%220%22%7D&rn=1497394564
81.19.89.17200 OK 595 B URL HTTP/2 kraken.rambler.ru/cnt/v2/?event_type=base&event_name=page_view&project_id=6673155&session_id=348357855_1674376558122&session_number=1&session_event_number=1&version=3.13.4&counter_type=web&experiment=%5B%5B%22exp_bot%22%2C%22split_b%22%5D%2C%5B%22exp_ping%22%2C%22no%22%5D%5D&top100_id=t1.6673155.1862463574.1674376558121&adtech_uid=35b16c7a-cd93-427c-ae8a-0ff365daf5fe&adtech_uid_scope=goo.su&fingerprint=pA8AAENKs1e4GYz8AQlryQA%3D&fingerprint_ip=pA8AAENKs1cnnUv2AauVQAA%3D&url=https%3A%2F%2Fgoo.su%2FjYgQrdi&request_id=1674376558.12-847572608&event_id=729565585942918&meta=%7B%22title%22%3A%22Redirecting...%22%2C%22referer%22%3A%22%22%2C%22screen_size%22%3A%221280x1024%22%2C%22browser_size%22%3A%221268x939%22%2C%22color_depth%22%3A%2224-bit%22%2C%22language%22%3A%22en-US%22%2C%22browser%22%3A%22Netscape%22%2C%22platform%22%3A%22Linux%20x86_64%22%2C%22timezone%22%3A%220%22%7D&rn=1497394564
IP 81.19.89.17:0
ASN #24638 Rambler Internet Holding LLC
File type GIF image data, version 87a, 88 x 31\012- data
Hash b566a466c8d8c0361839677785e69240
c6e6a583e76e699806f806dbd63cebd9037f551e
86d9d7d32ba3d9eb9fbea6508c725c17c44f80d6a7d16ca1fa79a85c4b632e91
GET /cnt/v2/?event_type=base&event_name=page_view&project_id=6673155&session_id=348357855_1674376558122&session_number=1&session_event_number=1&version=3.13.4&counter_type=web&experiment=%5B%5B%22exp_bot%22%2C%22split_b%22%5D%2C%5B%22exp_ping%22%2C%22no%22%5D%5D&top100_id=t1.6673155.1862463574.1674376558121&adtech_uid=35b16c7a-cd93-427c-ae8a-0ff365daf5fe&adtech_uid_scope=goo.su&fingerprint=pA8AAENKs1e4GYz8AQlryQA%3D&fingerprint_ip=pA8AAENKs1cnnUv2AauVQAA%3D&url=https%3A%2F%2Fgoo.su%2FjYgQrdi&request_id=1674376558.12-847572608&event_id=729565585942918&meta=%7B%22title%22%3A%22Redirecting...%22%2C%22referer%22%3A%22%22%2C%22screen_size%22%3A%221280x1024%22%2C%22browser_size%22%3A%221268x939%22%2C%22color_depth%22%3A%2224-bit%22%2C%22language%22%3A%22en-US%22%2C%22browser%22%3A%22Netscape%22%2C%22platform%22%3A%22Linux%20x86_64%22%2C%22timezone%22%3A%220%22%7D&rn=1497394564 HTTP/1.1
Host: kraken.rambler.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://goo.su/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx/1.19.4
date: Sun, 22 Jan 2023 08:36:00 GMT
content-type: image/gif
content-length: 595
last-modified: Tue, 12 Nov 2019 12:50:59 GMT
etag: "5dcaaab3-253"
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: content-type
access-control-allow-credentials: true
x-srv: 1kraken-prod0003.ad.rambler.tech
set-cookie: ruid=1CIAAHD1zGPZtXWfAb7HEgB=; expires=Thu, 31-Dec-37 23:55:55 GMT; domain=.rambler.ru; path=/
proto_uid=1CIAAHD1zGPZtXWfAb7HEgB=; expires=Thu, 31-Dec-37 23:55:55 GMT; domain=.rambler.ru; path=/
p3p: CP="NON DSP NID ADMa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
accept-ranges: bytes
X-Firefox-Spdy: h2
ocsp.globalsign.com/gseccovsslca2018
104.18.21.226200 OK 939 B URL HTTP/1.1 ocsp.globalsign.com/gseccovsslca2018
IP 104.18.21.226:0
Hash b53f590535894642fdeeb0e6112bc72a
e71deab0a83cf3b5786cfb4271376cd4fe8db493
3dbd13d532e0fdf8b19f51dc0237faa69fde23071da5ee533e559c70db236162
POST /gseccovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 22 Jan 2023 08:36:00 GMT
Content-Type: application/ocsp-response
Content-Length: 939
Connection: keep-alive
Expires: Thu, 26 Jan 2023 04:51:32 GMT
ETag: "e71deab0a83cf3b5786cfb4271376cd4fe8db493"
Last-Modified: Sun, 22 Jan 2023 04:51:33 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 2121
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 78d6f59c6b62b515-OSL
ocsp.globalsign.com/gsrsaovsslca2018
104.18.21.226200 OK 1.4 kB URL HTTP/1.1 ocsp.globalsign.com/gsrsaovsslca2018
IP 104.18.21.226:0
Hash 5639bb0014ed46acd789d14a315d4626
4c451fae31d97d2c892be05ce8c961f3aacfbad0
7a42cd7a0a1f4e63b5f469ad618fa27358defcf4d57f2595739131faa977ce07
POST /gsrsaovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 22 Jan 2023 08:36:00 GMT
Content-Type: application/ocsp-response
Content-Length: 1432
Connection: keep-alive
Expires: Thu, 26 Jan 2023 04:20:20 GMT
ETag: "4c451fae31d97d2c892be05ce8c961f3aacfbad0"
Last-Modified: Sun, 22 Jan 2023 04:20:21 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 3394
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 78d6f59c9b8fb515-OSL
avatars.mds.yandex.net/get-direct/5277984/ZRXc9r9ISXso7B-6aWQt4Q/y150
87.250.247.182200 OK 6.3 kB URL HTTP/2 avatars.mds.yandex.net/get-direct/5277984/ZRXc9r9ISXso7B-6aWQt4Q/y150
IP 87.250.247.182:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 150x150, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash d059f086bc3199ffe9afef6b22b62ea3
dbf8cc4fe77554fc9bf7ecc781a9649194a65658
ba97c8aba0483f89533100e4bce55ff24515db61d8c6f355fb2f579be172c876
GET /get-direct/5277984/ZRXc9r9ISXso7B-6aWQt4Q/y150 HTTP/1.1
Host: avatars.mds.yandex.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://goo.su/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sun, 22 Jan 2023 08:36:00 GMT
content-type: image/webp
content-length: 6282
access-control-allow-origin: *
access-control-allow-credentials: true
last-modified: Thu, 24 Nov 2022 12:55:26 GMT
cache-control: max-age=31536000,immutable
x-request-id: 4ce2d6f5616b5c11
nel: {"report_to": "network-errors", "max_age": 600, "success_fraction": 0.001, "failure_fraction": 0.01}
report-to: {"group": "network-errors", "max_age": 600, "endpoints": [ { "url": "https://dr.yandex.net/s3_nel?datacenter=VLA"}]}
X-Firefox-Spdy: h2
mc.yandex.ru/metrika/watch.js
87.250.251.119200 OK 58 kB URL HTTP/2 mc.yandex.ru/metrika/watch.js
IP 87.250.251.119:0
File type Unicode text, UTF-8 (with BOM) text, with very long lines (554)
Hash 315a601116a9b3b0fbc85feb58375ba4
5d283ed923d0b3beb8a2ec4e80c2958d1d132fbf
251ba0fc04953e3615e7c19a9a10c5d6a4f25cc03bef190f8a5e7c6cd72a991a
GET /metrika/watch.js HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://goo.su
Connection: keep-alive
Referer: https://goo.su/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-length: 58140
date: Sun, 22 Jan 2023 08:36:00 GMT
access-control-allow-origin: *
etag: "63c93a4b-e31c"
expires: Sun, 22 Jan 2023 09:36:00 GMT
last-modified: Thu, 19 Jan 2023 15:40:43 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cache-control: max-age=3600
content-type: application/javascript
content-encoding: br
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
avatars.mds.yandex.net/get-direct/5244561/umpXE6oiHVYUUHrN4cb3Yg/y150
87.250.247.182200 OK 7.7 kB URL HTTP/2 avatars.mds.yandex.net/get-direct/5244561/umpXE6oiHVYUUHrN4cb3Yg/y150
IP 87.250.247.182:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 150x150, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 824c82220db635a33cda58ec453989b5
7e2668f05690149408207c04ffb53f354d036ced
eafb29672ddca3f712b0e294a883a3835c8715e312deaa7d84eb3efc5b9158ea
GET /get-direct/5244561/umpXE6oiHVYUUHrN4cb3Yg/y150 HTTP/1.1
Host: avatars.mds.yandex.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://goo.su/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sun, 22 Jan 2023 08:36:00 GMT
content-type: image/webp
content-length: 7694
access-control-allow-origin: *
access-control-allow-credentials: true
last-modified: Tue, 06 Dec 2022 00:08:47 GMT
cache-control: max-age=31536000,immutable
x-request-id: bd38cbfe36fdb4dc
nel: {"report_to": "network-errors", "max_age": 600, "success_fraction": 0.001, "failure_fraction": 0.01}
report-to: {"group": "network-errors", "max_age": 600, "endpoints": [ { "url": "https://dr.yandex.net/s3_nel?datacenter=VLA"}]}
X-Firefox-Spdy: h2
avatars.mds.yandex.net/get-direct/5076421/VWAzapxV99OfeNYUqYmHRA/wy150
87.250.247.182200 OK 8.7 kB URL HTTP/2 avatars.mds.yandex.net/get-direct/5076421/VWAzapxV99OfeNYUqYmHRA/wy150
IP 87.250.247.182:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash 3e15d2fcf6b004cb05fa210af5b083b0
580b7957c8fd852c174f884189275fcba6532842
f64d2bab7c78c08caac2ab09393ecc8839d5c8787db3ed68a8d9a3b6627b97ac
GET /get-direct/5076421/VWAzapxV99OfeNYUqYmHRA/wy150 HTTP/1.1
Host: avatars.mds.yandex.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://goo.su/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sun, 22 Jan 2023 08:36:00 GMT
content-type: image/webp
content-length: 8718
access-control-allow-origin: *
access-control-allow-credentials: true
last-modified: Mon, 05 Dec 2022 23:33:18 GMT
cache-control: max-age=31536000,immutable
x-request-id: b688e2bf778e0eaf
nel: {"report_to": "network-errors", "max_age": 600, "success_fraction": 0.001, "failure_fraction": 0.01}
report-to: {"group": "network-errors", "max_age": 600, "endpoints": [ { "url": "https://dr.yandex.net/s3_nel?datacenter=VLA"}]}
X-Firefox-Spdy: h2
an.yandex.ru/event_confirmation
87.250.250.90200 OK 960 B URL HTTP/2 an.yandex.ru/event_confirmation
IP 87.250.250.90:0
Hash 675655431faf701949ca556976774466
7f753fc89d6a82d012273e4b6a600714c7a68261
382b467e6a3380d89306cd42af775483814d2bea30e3d7279c11fbe929a50107
POST /event_confirmation HTTP/1.1
Host: an.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Content-Length: 319
Origin: https://goo.su
Connection: keep-alive
Referer: https://goo.su/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
timing-allow-origin: *
date: Sun, 22 Jan 2023 08:36:00 GMT
access-control-allow-origin: https://goo.su
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Sun, 22 Jan 2023 08:36:00 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
last-modified: Sun, 22 Jan 2023 08:36:00 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-encoding: gzip
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
avatars.mds.yandex.net/get-direct/225309/A7Kz2n-cdWez81mj8tDxOg/wy300
87.250.247.182200 OK 14 kB URL HTTP/2 avatars.mds.yandex.net/get-direct/225309/A7Kz2n-cdWez81mj8tDxOg/wy300
IP 87.250.247.182:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 533x300, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 6d5acc2ab2f352f7e8c75c643086c0a7
0f8225dc97d23218133caeb8a71e8c7738e2a91c
52be328ad7058d85056f54c8f667325f3134c68431a415288147e06b56e92eef
GET /get-direct/225309/A7Kz2n-cdWez81mj8tDxOg/wy300 HTTP/1.1
Host: avatars.mds.yandex.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://goo.su/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 22 Jan 2023 08:36:00 GMT
content-type: image/webp
content-length: 13738
access-control-allow-origin: *
access-control-allow-credentials: true
last-modified: Fri, 11 Jan 2019 09:30:35 GMT
cache-control: max-age=31536000,immutable
x-request-id: 66c657e822a65cd2
nel: {"report_to": "network-errors", "max_age": 600, "success_fraction": 0.001, "failure_fraction": 0.01}
report-to: {"group": "network-errors", "max_age": 600, "endpoints": [ { "url": "https://dr.yandex.net/s3_nel?datacenter=VLA"}]}
X-Firefox-Spdy: h2
favicon.yandex.net/favicon/octobrowser.net?size=120&stub=2
213.180.204.36200 Ok 1.2 kB URL HTTP/1.1 favicon.yandex.net/favicon/octobrowser.net?size=120&stub=2
IP 213.180.204.36:0
File type PNG image data, 120 x 120, 8-bit/color RGBA, non-interlaced\012- data
Hash 5c3ed7f27c7de97d2a5b69043287d63b
c17026ca26200fab36e37ee2eae6e8318d122c4d
ff973a73cc160c479111b4e5c82195c85c73cc4ff6c747a5bc76638e04a3c9fb
GET /favicon/octobrowser.net?size=120&stub=2 HTTP/1.1
Host: favicon.yandex.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://goo.su/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 Ok
Cache-Control: max-age=691200
Content-Type: image/png
Transfer-Encoding: chunked
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
access-control-allow-origin: *
ysa-static.passport.yandex.ru/static/1/d959d7e39d5067fad30d9c06204866e9/d.png?ex=yes
87.250.250.114200 Ok 95 B URL HTTP/1.1 ysa-static.passport.yandex.ru/static/1/d959d7e39d5067fad30d9c06204866e9/d.png?ex=yes
IP 87.250.250.114:0
File type PNG image data, 1 x 1, 1-bit colormap, non-interlaced\012- data
Hash 60cf42b4d05caf10cf8bb15c0817a7b4
bd269860bb508aebcb6f08fe7289d5f117830383
18c327afa903633f86c3efcf12b77f098077eacaa8be101bb007846fd74f8b93
GET /static/1/d959d7e39d5067fad30d9c06204866e9/d.png?ex=yes HTTP/1.1
Host: ysa-static.passport.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://yastatic.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 Ok
Server: nginx/1.14.2
Date: Sun, 22 Jan 2023 08:36:00 GMT
Content-Type: image/png
Content-Length: 95
Connection: close
Cache-Control: private
Expires: Mon, 23 Jan 2023 08:36:00 GMT
X-RT-IQ: 0.0001
X-RT-IH: 0.0002
Strict-Transport-Security: max-age=315360000; includeSubDomains
pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230118&st=env
216.58.211.2200 OK 11 kB URL HTTP/2 pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230118&st=env
IP 216.58.211.2:0
File type JSON data\012- , ASCII text, with very long lines (14490), with no line terminators
Hash 09d4c3252f77ed5114a3f9e32aa5ee6c
32745fff481e6b41e777af2d2b223602251422f5
ed271b3dd680ea7a96cfdd618bc47f5e1d7c43e9cf5580ae62fd0109557527ba
GET /getconfig/sodar?sv=200&tid=gda&tv=r20230118&st=env HTTP/1.1
Host: pagead2.googlesyndication.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://goo.su
Connection: keep-alive
Referer: https://goo.su/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
content-type: application/json; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
date: Sun, 22 Jan 2023 08:36:00 GMT
server: cafe
content-length: 10936
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
top-fwz1.mail.ru/tracker?js=13;id=3128781;u=https%3A//goo.su/jYgQrdi;st=1674376557765;title=Redirecting...;s=1280*1024;vp=1268*939;touch=0;hds=1;frame=0;flash=;sid=02d861c9ac254301;ver=60.3.0;tz=0%2FUTC;nt=0/0/1674376557070/////-5/43/45/46/111/51/111/375/376/457/695/724/727/2227/2228/;ni=;lvid=1674376558432%3A1674376559300%3A2%3Aa83861d1ab5403e5a33f7525d888d25a;visible=true;_=0.03688336958897953;e=RT/load;et=1674376559298
95.163.52.67200 OK 43 B URL HTTP/2 top-fwz1.mail.ru/tracker?js=13;id=3128781;u=https%3A//goo.su/jYgQrdi;st=1674376557765;title=Redirecting...;s=1280*1024;vp=1268*939;touch=0;hds=1;frame=0;flash=;sid=02d861c9ac254301;ver=60.3.0;tz=0%2FUTC;nt=0/0/1674376557070/////-5/43/45/46/111/51/111/375/376/457/695/724/727/2227/2228/;ni=;lvid=1674376558432%3A1674376559300%3A2%3Aa83861d1ab5403e5a33f7525d888d25a;visible=true;_=0.03688336958897953;e=RT/load;et=1674376559298
IP 95.163.52.67:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 9bb191c6827273aa978cab39a3587950
25d8043336eb799e52b1a0e15ff6b95e09c24e35
24e480e4659fbae818853a38f8a3036f529f539024dc3e772c0b594ce02ea9db
GET /tracker?js=13;id=3128781;u=https%3A//goo.su/jYgQrdi;st=1674376557765;title=Redirecting...;s=1280*1024;vp=1268*939;touch=0;hds=1;frame=0;flash=;sid=02d861c9ac254301;ver=60.3.0;tz=0%2FUTC;nt=0/0/1674376557070/////-5/43/45/46/111/51/111/375/376/457/695/724/727/2227/2228/;ni=;lvid=1674376558432%3A1674376559300%3A2%3Aa83861d1ab5403e5a33f7525d888d25a;visible=true;_=0.03688336958897953;e=RT/load;et=1674376559298 HTTP/1.1
Host: top-fwz1.mail.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://goo.su/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 22 Jan 2023 08:36:00 GMT
content-type: image/gif
content-length: 43
set-cookie: FTID=1RMYgQ0tkIIF:1674376560:3128781:::; path=/; expires=Tue, 23-Jan-24 08:36:00 GMT; domain=.mail.ru; HttpOnly; SameSite=None; Secure
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, HEAD, PUT, OPTIONS
access-control-allow-headers: *
amp-access-control-allow-source-origin: *
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
timing-allow-origin: *
x-content-type-options: nosniff
p3p: CP="NOI DSP COR NID CUR PSA OUR NOR"
cache-control: private, no-cache, no-store, max-age=0
pragma: no-cache
accept-ch: DPR, Width, Viewport-Width, Downlink, Device-Memory, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version
accept-ch-lifetime: 86400
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash 9200af48311c2b333eae1366dfdef80e
1b152e98696ae273eb41568ea22dc977e2a0949e
491c4e6de729cace7e2eb4002c5f1509de063db13a7c3bf27baa6d16e12b08c6
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 22 Jan 2023 08:36:00 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
tpc.googlesyndication.com/sodar/sodar2.js
142.250.74.1200 OK 6.4 kB URL HTTP/2 tpc.googlesyndication.com/sodar/sodar2.js
IP 142.250.74.1:0
File type ASCII text, with very long lines (1321)
Hash ac906814ed812c4ecdbb624a3bd2f6c3
8e4547eaffaa66a1ee61b36028dbcd7091d0e7de
8ab8cef6156022c4547455defd8252b48b6bcb8b734072849345bb99758705fe
GET /sodar/sodar2.js HTTP/1.1
Host: tpc.googlesyndication.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://goo.su/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/javascript
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length: 6386
date: Sun, 22 Jan 2023 08:36:00 GMT
expires: Sun, 22 Jan 2023 08:36:00 GMT
cache-control: private, max-age=3000
etag: "1637097310169751"
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
avatars.mds.yandex.net/get-direct/5260657/QUHG5Iie7j6-OtR7ExNzMQ/y150
87.250.247.182200 OK 6.5 kB URL HTTP/2 avatars.mds.yandex.net/get-direct/5260657/QUHG5Iie7j6-OtR7ExNzMQ/y150
IP 87.250.247.182:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 150x150, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 4307495f3f51f471948d5bf545c43f09
04c15cc682e4b9e981372e35cd58b37ff6afac01
d19cc83fd3ab6369726d9b14b083481a4fa902c5bc7031ee6dc8774da5e3688f
GET /get-direct/5260657/QUHG5Iie7j6-OtR7ExNzMQ/y150 HTTP/1.1
Host: avatars.mds.yandex.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://goo.su/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 22 Jan 2023 08:36:00 GMT
content-type: image/webp
content-length: 6484
access-control-allow-origin: *
access-control-allow-credentials: true
last-modified: Wed, 18 Jan 2023 23:53:58 GMT
cache-control: max-age=31536000,immutable
x-request-id: d478e489d1a149e4
nel: {"report_to": "network-errors", "max_age": 600, "success_fraction": 0.001, "failure_fraction": 0.01}
report-to: {"group": "network-errors", "max_age": 600, "endpoints": [ { "url": "https://dr.yandex.net/s3_nel?datacenter=VLA"}]}
X-Firefox-Spdy: h2
favicon.yandex.net/favicon/rpgamesrn.netlify.app?size=120&stub=2
213.180.204.36200 Ok 866 B URL HTTP/1.1 favicon.yandex.net/favicon/rpgamesrn.netlify.app?size=120&stub=2
IP 213.180.204.36:0
File type PNG image data, 120 x 120, 8-bit/color RGBA, non-interlaced\012- data
Hash 4b3b05a304db0751d45f8ca5c1fa1ab6
660c4cfbcc3121b7be56e5528404f9a9f7563449
343a6fb5ac42d4d5dcae03fa86be33db3ee047bb2b7d125d32723846dcfc3ed5
GET /favicon/rpgamesrn.netlify.app?size=120&stub=2 HTTP/1.1
Host: favicon.yandex.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://goo.su/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 Ok
Cache-Control: max-age=691200
Content-Type: image/png
Transfer-Encoding: chunked
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
access-control-allow-origin: *
avatars.mds.yandex.net/get-direct/5264111/j7fPNj0AOtulenMyw-K3Jw/y150
87.250.247.182200 OK 7.1 kB URL HTTP/2 avatars.mds.yandex.net/get-direct/5264111/j7fPNj0AOtulenMyw-K3Jw/y150
IP 87.250.247.182:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 150x150, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash b8dc4a1e314f47ed784644acf5915f70
4afd985fc39461a4c52c09f2936ee7da46f69399
9f77ba6d17ebdd5e70ebe8ff1b2ec073f9814e4ebd9109cd74084860192be758
GET /get-direct/5264111/j7fPNj0AOtulenMyw-K3Jw/y150 HTTP/1.1
Host: avatars.mds.yandex.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://goo.su/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 22 Jan 2023 08:36:00 GMT
content-type: image/webp
content-length: 7110
access-control-allow-origin: *
access-control-allow-credentials: true
last-modified: Thu, 15 Dec 2022 12:49:34 GMT
cache-control: max-age=31536000,immutable
x-request-id: 4428c191cdde840a
nel: {"report_to": "network-errors", "max_age": 600, "success_fraction": 0.001, "failure_fraction": 0.01}
report-to: {"group": "network-errors", "max_age": 600, "endpoints": [ { "url": "https://dr.yandex.net/s3_nel?datacenter=VLA"}]}
X-Firefox-Spdy: h2
avatars.mds.yandex.net/get-direct/5391252/4WC_U371FRBn_Gd87FAAwQ/x180
87.250.247.182200 OK 4.1 kB URL HTTP/2 avatars.mds.yandex.net/get-direct/5391252/4WC_U371FRBn_Gd87FAAwQ/x180
IP 87.250.247.182:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 180x171, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 0a887e147d540d9aedc141c0dab7a903
15c357b57b6b95c269a3eb6b48d9cbbe3fee1ca4
7196cefc42508d23a41f1642a92a7acd5b2ed61ad72a6988b5e2525e00adff0d
GET /get-direct/5391252/4WC_U371FRBn_Gd87FAAwQ/x180 HTTP/1.1
Host: avatars.mds.yandex.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://goo.su/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 22 Jan 2023 08:36:00 GMT
content-type: image/webp
content-length: 4094
access-control-allow-origin: *
access-control-allow-credentials: true
last-modified: Thu, 28 Apr 2022 12:13:02 GMT
cache-control: max-age=31536000,immutable
x-request-id: b5d4c993349f215e
nel: {"report_to": "network-errors", "max_age": 600, "success_fraction": 0.001, "failure_fraction": 0.01}
report-to: {"group": "network-errors", "max_age": 600, "endpoints": [ { "url": "https://dr.yandex.net/s3_nel?datacenter=VLA"}]}
X-Firefox-Spdy: h2
yastatic.net/partner-code-bundles/709056/693b942ff4ce8cccc104.js
178.154.131.217200 OK 5.1 kB URL HTTP/2 yastatic.net/partner-code-bundles/709056/693b942ff4ce8cccc104.js
IP 178.154.131.217:0
File type ASCII text, with very long lines (14720)
Hash 25616aaab73d175ab195a5d4b8f8f238
edacba95ac859cf89e3464ede3503e571892e70a
789b7ad74e403296295f2e26f8af43806fb735afb801f765c7f76d71b2f2b28e
GET /partner-code-bundles/709056/693b942ff4ce8cccc104.js HTTP/1.1
Host: yastatic.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://goo.su
Connection: keep-alive
Referer: https://goo.su/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx/1.17.9
date: Sun, 22 Jan 2023 08:36:00 GMT
content-type: text/javascript; charset=utf-8
content-length: 5090
access-control-allow-origin: *
cache-control: public, max-age=946708560
content-encoding: br
etag: "25616aaab73d175ab195a5d4b8f8f238"
expires: Tue, 21 Jan 2053 15:07:15 GMT
last-modified: Thu, 19 Jan 2023 15:08:41 GMT
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
strict-transport-security: max-age=43200000; includeSubDomains;
timing-allow-origin: *
vary: Accept-Encoding
x-robots-tag: noindex, noarchive, nofollow
accept-ranges: bytes
X-Firefox-Spdy: h2
yastatic.net/partner-code-bundles/709056/4fcb262e9b00ec06ba27.js
178.154.131.217200 OK 3.3 kB URL HTTP/2 yastatic.net/partner-code-bundles/709056/4fcb262e9b00ec06ba27.js
IP 178.154.131.217:0
File type ASCII text, with very long lines (10177)
Hash b2d9766e0e86da353443d58273db63c7
c71acd16ba77b0ca166b27589734f88e2d2b5a7c
8ff62e03e3e150fbb1b08d58308adf7b35bc6eab0368bc8c98d6eae9a73fb365
GET /partner-code-bundles/709056/4fcb262e9b00ec06ba27.js HTTP/1.1
Host: yastatic.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://goo.su
Connection: keep-alive
Referer: https://goo.su/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx/1.17.9
date: Sun, 22 Jan 2023 08:36:00 GMT
content-type: text/javascript; charset=utf-8
content-length: 3288
access-control-allow-origin: *
cache-control: public, max-age=946708560
content-encoding: br
etag: "b2d9766e0e86da353443d58273db63c7"
expires: Tue, 21 Jan 2053 15:07:21 GMT
last-modified: Thu, 19 Jan 2023 15:08:41 GMT
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
strict-transport-security: max-age=43200000; includeSubDomains;
timing-allow-origin: *
vary: Accept-Encoding
x-robots-tag: noindex, noarchive, nofollow
accept-ranges: bytes
X-Firefox-Spdy: h2
yastatic.net/partner-code-bundles/709056/1141b7defa2ce305ef46.js
178.154.131.217200 OK 6.8 kB URL HTTP/2 yastatic.net/partner-code-bundles/709056/1141b7defa2ce305ef46.js
IP 178.154.131.217:0
File type ASCII text, with very long lines (24421)
Hash 21348532f80d9e52cbf57200f417f3c9
7f5aeb37371c0d7bb85b65d456b1fcd67ab5c56f
2f7943231e5737ee1160038b6aa35c234ad44b621c408325cfad693423af35d4
GET /partner-code-bundles/709056/1141b7defa2ce305ef46.js HTTP/1.1
Host: yastatic.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://goo.su
Connection: keep-alive
Referer: https://goo.su/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx/1.17.9
date: Sun, 22 Jan 2023 08:36:00 GMT
content-type: text/javascript; charset=utf-8
content-length: 6797
access-control-allow-origin: *
cache-control: public, max-age=946708560
content-encoding: br
etag: "21348532f80d9e52cbf57200f417f3c9"
expires: Tue, 21 Jan 2053 15:08:59 GMT
last-modified: Thu, 19 Jan 2023 15:08:41 GMT
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
strict-transport-security: max-age=43200000; includeSubDomains;
timing-allow-origin: *
vary: Accept-Encoding
x-robots-tag: noindex, noarchive, nofollow
accept-ranges: bytes
X-Firefox-Spdy: h2
favicon.yandex.net/favicon/vitaliberta-hk.com?size=120&stub=2
213.180.204.36200 Ok 2.4 kB URL HTTP/1.1 favicon.yandex.net/favicon/vitaliberta-hk.com?size=120&stub=2
IP 213.180.204.36:0
File type PNG image data, 120 x 120, 8-bit/color RGBA, non-interlaced\012- data
Hash e4a69ded162d244dcb4963ae8a76dae5
4f13b5b11a90b4c0f92147d7a26860ea08e73194
c774cce56ca59d6501397cf9d64b79efc3710cc1f4a5192969355621692e4c4e
GET /favicon/vitaliberta-hk.com?size=120&stub=2 HTTP/1.1
Host: favicon.yandex.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://goo.su/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 Ok
Cache-Control: max-age=691200
Content-Type: image/png
Transfer-Encoding: chunked
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
access-control-allow-origin: *
avatars.mds.yandex.net/get-vh/6491029/2a00000185c7574f5e9c22764d3f5039ff4a/orig
87.250.247.182200 OK 71 kB URL HTTP/2 avatars.mds.yandex.net/get-vh/6491029/2a00000185c7574f5e9c22764d3f5039ff4a/orig
IP 87.250.247.182:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 1x1, segment length 16, comment: "Lavc59.18.100", baseline, precision 8, 1080x1080, components 3\012- data
Hash b3b05e967ca895cc469686a343dada4c
ec90adc74fd39118f138c3b9b9a684dfe84b00e0
49127a17b40b864bdc0bb83239333f74e1e8d7a437272ca6bcc58413545d4cd6
GET /get-vh/6491029/2a00000185c7574f5e9c22764d3f5039ff4a/orig HTTP/1.1
Host: avatars.mds.yandex.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://goo.su/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 22 Jan 2023 08:36:00 GMT
content-type: image/jpeg
content-length: 71179
last-modified: Thu, 19 Jan 2023 00:04:26 GMT
cache-control: max-age=86400,immutable
x-request-id: 168d318b67817ef4
nel: {"report_to": "network-errors", "max_age": 600, "success_fraction": 0.001, "failure_fraction": 0.01}
report-to: {"group": "network-errors", "max_age": 600, "endpoints": [ { "url": "https://dr.yandex.net/s3_nel?datacenter=VLA"}]}
timing-allow-origin: *
X-Firefox-Spdy: h2
favicon.yandex.net/favicon/books.ppublishing.org?size=120&stub=2
213.180.204.36200 Ok 381 B URL HTTP/1.1 favicon.yandex.net/favicon/books.ppublishing.org?size=120&stub=2
IP 213.180.204.36:0
File type PNG image data, 120 x 120, 8-bit/color RGBA, non-interlaced\012- data
Hash b03d80da6274e7ce42adb7d15d149cd1
5c824ef658f681dea180963d6404ec5701e56d3b
b1ce7dde0c467322731a75e43fa3f385b209f7a5f8662f5dfeb52641651d6e17
GET /favicon/books.ppublishing.org?size=120&stub=2 HTTP/1.1
Host: favicon.yandex.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://goo.su/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 Ok
Cache-Control: max-age=691200
Content-Type: image/png
Transfer-Encoding: chunked
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
access-control-allow-origin: *
yastatic.net/vas-bundles/706348/bundles-es2017/loader.bundle.js
178.154.131.217200 OK 165 kB URL HTTP/2 yastatic.net/vas-bundles/706348/bundles-es2017/loader.bundle.js
IP 178.154.131.217:0
File type ASCII text, with very long lines (65536), with no line terminators
Size 165 kB (165175 bytes)
Hash f4f9052085826234cd2f3b61f613865c
29640d9c693656de79d5ac486652d1bdffb21b38
e84323ecd5d78d68f2122eca553df0fbc237de63bec5ff222e254e328d2ed19a
GET /vas-bundles/706348/bundles-es2017/loader.bundle.js HTTP/1.1
Host: yastatic.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://goo.su
Connection: keep-alive
Referer: https://goo.su/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx/1.17.9
date: Sun, 22 Jan 2023 08:36:00 GMT
content-type: text/javascript; charset=utf-8
content-length: 165175
access-control-allow-origin: *
cache-control: max-age=946708560
content-encoding: br
etag: "f4f9052085826234cd2f3b61f613865c"
expires: Tue, 21 Jan 2053 15:08:06 GMT
last-modified: Fri, 13 Jan 2023 13:10:55 GMT
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
strict-transport-security: max-age=946708560; includeSubDomains;
timing-allow-origin: *
vary: Accept-Encoding
x-robots-tag: noindex, noarchive, nofollow
accept-ranges: bytes
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 471 B IP 216.58.211.3:0
Hash f4d171538addb3e350e03876c9c23d81
9874648e426c9a8b65ddcb1d3fc944b8464be9f5
e89b056e51c85f967d05f0cb23a2212d0f391838df414dda9f61e67a96dbefff
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 22 Jan 2023 08:36:00 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
mc.yandex.ru/watch/1677322/1?wmode=7&page-url=https%3A%2F%2Fgoo.su%2FjYgQrdi&nohit=1&charset=utf-8&cnt-class=1&browser-info=pv%3A1%3Avf%3A3kqlg6e9sjiwxr6f2njdv%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A960%3Acn%3A1%3Adp%3A0%3Als%3A1418218279563%3Ahid%3A989927223%3Az%3A0%3Ai%3A20230122083559%3Aet%3A1674376559%3Ac%3A1%3Arn%3A197469341%3Au%3A1674376559735048639%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Aco%3A0%3Ans%3A1674376557070%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1674376559%3At%3ARedirecting...&t=gdpr%2814%29clc%280-0-0%29aw%281%29fip%281%29ti%282%29
87.250.251.119200 OK 236 B URL HTTP/2 mc.yandex.ru/watch/1677322/1?wmode=7&page-url=https%3A%2F%2Fgoo.su%2FjYgQrdi&nohit=1&charset=utf-8&cnt-class=1&browser-info=pv%3A1%3Avf%3A3kqlg6e9sjiwxr6f2njdv%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A960%3Acn%3A1%3Adp%3A0%3Als%3A1418218279563%3Ahid%3A989927223%3Az%3A0%3Ai%3A20230122083559%3Aet%3A1674376559%3Ac%3A1%3Arn%3A197469341%3Au%3A1674376559735048639%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Aco%3A0%3Ans%3A1674376557070%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1674376559%3At%3ARedirecting...&t=gdpr%2814%29clc%280-0-0%29aw%281%29fip%281%29ti%282%29
IP 87.250.251.119:0
File type JSON data\012- , ASCII text, with no line terminators
Hash e294e54f2bfef5a87a663e5ccc0cb345
8bc5d72df5f277b9dcbb983a5b3a29fe74a3faf9
24b96a19b42965df1e9521b642132182c1b29efc345886cfe70e5114d83f40ba
GET /watch/1677322/1?wmode=7&page-url=https%3A%2F%2Fgoo.su%2FjYgQrdi&nohit=1&charset=utf-8&cnt-class=1&browser-info=pv%3A1%3Avf%3A3kqlg6e9sjiwxr6f2njdv%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A960%3Acn%3A1%3Adp%3A0%3Als%3A1418218279563%3Ahid%3A989927223%3Az%3A0%3Ai%3A20230122083559%3Aet%3A1674376559%3Ac%3A1%3Arn%3A197469341%3Au%3A1674376559735048639%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Aco%3A0%3Ans%3A1674376557070%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1674376559%3At%3ARedirecting...&t=gdpr%2814%29clc%280-0-0%29aw%281%29fip%281%29ti%282%29 HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://goo.su
Referer: https://goo.su/
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 236
date: Sun, 22 Jan 2023 08:36:00 GMT
x-content-type-options: nosniff
access-control-allow-origin: https://goo.su
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Sun, 22-Jan-2023 08:36:00 GMT
last-modified: Sun, 22-Jan-2023 08:36:00 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: application/json; charset=utf-8
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
www.google.com/recaptcha/api2/aframe
216.58.207.228200 OK 513 B URL HTTP/2 www.google.com/recaptcha/api2/aframe
IP 216.58.207.228:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (783), with no line terminators
Hash ee132eb90d3a84e27714697265bd5df3
fab485c23e8f8351df323cfd91e923017b0df102
f2616b1f40030002a9c7f8c9e6faa0486af1cccba59c9003c8d65ad8c1c4afa0
GET /recaptcha/api2/aframe HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://goo.su/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires: Sun, 22 Jan 2023 08:36:00 GMT
date: Sun, 22 Jan 2023 08:36:00 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'nonce-I4jx6_EZZxd_dpTOyl4B6w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 513
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
pagead2.googlesyndication.com/bg/JwRg8GnJRbSbwgtubA3x1Twn6jgCPCxSQn9TsX0K1wE.js
216.58.211.2200 OK 16 kB URL HTTP/2 pagead2.googlesyndication.com/bg/JwRg8GnJRbSbwgtubA3x1Twn6jgCPCxSQn9TsX0K1wE.js
IP 216.58.211.2:0
File type ASCII text, with very long lines (36069)
Hash f39072f78771cb7df1b9755f5a8b038d
c1837bc15137dd0527b68dcd178ab8331021ec08
81b62b3f30b05986d35f5bc3b4c0ce138d7b29edefb96993dd3f39bbedee0450
GET /bg/JwRg8GnJRbSbwgtubA3x1Twn6jgCPCxSQn9TsX0K1wE.js HTTP/1.1
Host: pagead2.googlesyndication.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tpc.googlesyndication.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-length: 16089
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 18 Jan 2023 04:09:07 GMT
expires: Thu, 18 Jan 2024 04:09:07 GMT
cache-control: public, max-age=31536000
age: 361613
last-modified: Tue, 03 Jan 2023 14:58:00 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
mc.yandex.ru/watch/1677322/1?page-url=https%3A%2F%2Fgoo.su%2FjYgQrdi&charset=utf-8&cnt-class=1&hittoken=1674376560_82e79351e220c282922e98d1784eaf1dba710a8d5257798a0e6c4634b518bc7e&browser-info=pa%3A1%3Aar%3A1%3Avf%3A3kqlg6e9sjiwxr6f2njdv%3Afp%3A738%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A960%3Acn%3A1%3Adp%3A0%3Als%3A1418218279563%3Ahid%3A989927223%3Az%3A0%3Ai%3A20230122083559%3Aet%3A1674376560%3Ac%3A1%3Arn%3A319495258%3Arqn%3A1%3Au%3A1674376559735048639%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Ads%3A2%2C65%2C265%2C0%2C-6%2C0%2C%2C320%2C4%2C2228%2C2228%2C3%2C724%3Aco%3A0%3Ans%3A1674376557070%3Ast%3A1674376560&t=gdpr(14)mc(p-1-h-1)clc(0-0-0)rqnt(1)aw(1)ti(2)
87.250.251.119200 OK 43 B URL HTTP/2 mc.yandex.ru/watch/1677322/1?page-url=https%3A%2F%2Fgoo.su%2FjYgQrdi&charset=utf-8&cnt-class=1&hittoken=1674376560_82e79351e220c282922e98d1784eaf1dba710a8d5257798a0e6c4634b518bc7e&browser-info=pa%3A1%3Aar%3A1%3Avf%3A3kqlg6e9sjiwxr6f2njdv%3Afp%3A738%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A960%3Acn%3A1%3Adp%3A0%3Als%3A1418218279563%3Ahid%3A989927223%3Az%3A0%3Ai%3A20230122083559%3Aet%3A1674376560%3Ac%3A1%3Arn%3A319495258%3Arqn%3A1%3Au%3A1674376559735048639%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Ads%3A2%2C65%2C265%2C0%2C-6%2C0%2C%2C320%2C4%2C2228%2C2228%2C3%2C724%3Aco%3A0%3Ans%3A1674376557070%3Ast%3A1674376560&t=gdpr(14)mc(p-1-h-1)clc(0-0-0)rqnt(1)aw(1)ti(2)
IP 87.250.251.119:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash df3e567d6f16d040326c7a0ea29a4f41
ea7df583983133b62712b5e73bffbcd45cc53736
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
POST /watch/1677322/1?page-url=https%3A%2F%2Fgoo.su%2FjYgQrdi&charset=utf-8&cnt-class=1&hittoken=1674376560_82e79351e220c282922e98d1784eaf1dba710a8d5257798a0e6c4634b518bc7e&browser-info=pa%3A1%3Aar%3A1%3Avf%3A3kqlg6e9sjiwxr6f2njdv%3Afp%3A738%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A960%3Acn%3A1%3Adp%3A0%3Als%3A1418218279563%3Ahid%3A989927223%3Az%3A0%3Ai%3A20230122083559%3Aet%3A1674376560%3Ac%3A1%3Arn%3A319495258%3Arqn%3A1%3Au%3A1674376559735048639%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Ads%3A2%2C65%2C265%2C0%2C-6%2C0%2C%2C320%2C4%2C2228%2C2228%2C3%2C724%3Aco%3A0%3Ans%3A1674376557070%3Ast%3A1674376560&t=gdpr(14)mc(p-1-h-1)clc(0-0-0)rqnt(1)aw(1)ti(2) HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 80
Origin: https://goo.su
Connection: keep-alive
Referer: https://goo.su/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 43
date: Sun, 22 Jan 2023 08:36:00 GMT
access-control-allow-origin: https://goo.su
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Sun, 22-Jan-2023 08:36:00 GMT
last-modified: Sun, 22-Jan-2023 08:36:00 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: image/gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
an.yandex.ru/event_confirmation
87.250.250.90200 OK 20 B URL HTTP/2 an.yandex.ru/event_confirmation
IP 87.250.250.90:0
Hash 7029066c27ac6f5ef18d660d5741979a
46c6643f07aa7f6bfe7118de926b86defc5087c4
59869db34853933b239f1e2219cf7d431da006aa919635478511fabbfc8849d2
POST /event_confirmation HTTP/1.1
Host: an.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Content-Length: 294
Origin: https://goo.su
Connection: keep-alive
Referer: https://goo.su/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
timing-allow-origin: *
date: Sun, 22 Jan 2023 08:36:00 GMT
access-control-allow-origin: https://goo.su
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Sun, 22 Jan 2023 08:36:00 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
last-modified: Sun, 22 Jan 2023 08:36:00 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-encoding: gzip
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 6033dad399355478c264e1c7c27e7f62
7d5546258015b8a834ee87b5a679be0545723e9d
5126b70d194535387e80aab563a02db1ade53c682b9db45eb533ff4001e6ed1c
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "5126B70D194535387E80AAB563A02DB1ADE53C682B9DB45EB533FF4001E6ED1C"
Last-Modified: Fri, 20 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=19412
Expires: Sun, 22 Jan 2023 13:59:32 GMT
Date: Sun, 22 Jan 2023 08:36:00 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 6033dad399355478c264e1c7c27e7f62
7d5546258015b8a834ee87b5a679be0545723e9d
5126b70d194535387e80aab563a02db1ade53c682b9db45eb533ff4001e6ed1c
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "5126B70D194535387E80AAB563A02DB1ADE53C682B9DB45EB533FF4001E6ED1C"
Last-Modified: Fri, 20 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=19412
Expires: Sun, 22 Jan 2023 13:59:32 GMT
Date: Sun, 22 Jan 2023 08:36:00 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 6033dad399355478c264e1c7c27e7f62
7d5546258015b8a834ee87b5a679be0545723e9d
5126b70d194535387e80aab563a02db1ade53c682b9db45eb533ff4001e6ed1c
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "5126B70D194535387E80AAB563A02DB1ADE53C682B9DB45EB533FF4001E6ED1C"
Last-Modified: Fri, 20 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=19412
Expires: Sun, 22 Jan 2023 13:59:32 GMT
Date: Sun, 22 Jan 2023 08:36:00 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc284e6ec-6c43-4a8d-a291-83519d5a4d4c.jpeg
34.120.237.76200 OK 8.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc284e6ec-6c43-4a8d-a291-83519d5a4d4c.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 6f86ec004a2042b4030cd2cce2bf1e1d
e3c00dcc55f095f03a6f4505960ac1cee0b3877c
64b5084d4145d5931af05c335d21e31e75db30b1f9e8a2efd92fc4cd0aa7ac07
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc284e6ec-6c43-4a8d-a291-83519d5a4d4c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8221
x-amzn-requestid: 02db02af-4f05-450d-9370-0e7a9dda6948
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fHOEWGUMoAMF2QQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63cc5d4e-050e7cdf21878aa159f36d0b;Sampled=0
x-amzn-remapped-date: Sat, 21 Jan 2023 21:46:54 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: VtzsQ7NI9ODiQfxm_EaSDsizPQhDOSH3O23UEaHg1KI9bg8imLdOnw==
via: 1.1 da5952aa802df39905ceb16592e9698a.cloudfront.net (CloudFront), 1.1 32c16f33c8f5601364fa8229b0d74dc2.cloudfront.net (CloudFront), 1.1 google
date: Sat, 21 Jan 2023 21:48:16 GMT
age: 38864
etag: "e3c00dcc55f095f03a6f4505960ac1cee0b3877c"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffa8dd86d-d1f8-4246-a33c-c80dbc2c2538.jpeg
34.120.237.76200 OK 13 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffa8dd86d-d1f8-4246-a33c-c80dbc2c2538.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash b429642344aabb638e3acbd63463fe8d
f9ea147291359b0fb6e7a78983643949665003d7
acda68bb2566774c9b279e048b62aaaa5a27b87e783048d6765e598ac2c584fd
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffa8dd86d-d1f8-4246-a33c-c80dbc2c2538.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 12743
x-amzn-requestid: 6c542779-10fa-4bbd-9294-3127a104de12
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fHNkBEa3IAMF6-w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63cc5c7f-4d5a606011cb84fd14d7b175;Sampled=0
x-amzn-remapped-date: Sat, 21 Jan 2023 21:43:27 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: NLwQoDRTYi8Ol0cDp3gaJpQ7-0kq6ITtm9lzj1qFrKe2oGOK7YWMzg==
via: 1.1 4dde8ec6d6c12741888c2d3a059d4a2e.cloudfront.net (CloudFront), 1.1 1b74ccf4cb51eacf97a0e6d60ae46a3e.cloudfront.net (CloudFront), 1.1 google
date: Sat, 21 Jan 2023 21:48:06 GMT
age: 38874
etag: "f9ea147291359b0fb6e7a78983643949665003d7"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F831c16ae-85e5-4da2-b22e-f840afcd3678.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F831c16ae-85e5-4da2-b22e-f840afcd3678.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 5a7ab95a69ddfa5014258076e66a6e19
1a54cca86788536002d6d18c5180ccf265ba1169
09348afd6055b26b5dba6f8f6ef763d52e6e040c039c6f763d64f71b8ca08d51
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F831c16ae-85e5-4da2-b22e-f840afcd3678.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10988
x-amzn-requestid: 67c03c6c-3896-4890-a75b-ecd7c1c1a4e9
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: e3foHG8tIAMF3XQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63c61300-2de17e5b0225f9427c197bc5;Sampled=0
x-amzn-remapped-date: Tue, 17 Jan 2023 03:16:16 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: RlbJymJhU6Ti5RZCSIvPzloackAiBEBGapKI440u4ZIfB5FYBNugLw==
via: 1.1 5a1753718d8b33365e5f693dd338c510.cloudfront.net (CloudFront), 1.1 5565a51537c689d1d16f6b4d41f40082.cloudfront.net (CloudFront), 1.1 google
date: Sun, 22 Jan 2023 03:24:49 GMT
age: 18671
etag: "1a54cca86788536002d6d18c5180ccf265ba1169"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6a1de880-d267-45a1-8abe-5bbb4e38b0fa.jpeg
34.120.237.76200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6a1de880-d267-45a1-8abe-5bbb4e38b0fa.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 965b482ff463008a1b5ff0d71d7e6d40
d76bd06810c236fd5fc1450b2bd0b851ebc11d46
0ed628d9cf3c181d5b95da521f0e725661e858e24bff1bb78b5f933c580b3e97
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6a1de880-d267-45a1-8abe-5bbb4e38b0fa.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10470
x-amzn-requestid: 572b1438-68f8-4492-9e57-5d0177114b68
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fBYVuF8sIAMFq5w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63ca0757-207d1a1d29c50a80328d65c2;Sampled=0
x-amzn-remapped-date: Fri, 20 Jan 2023 03:15:35 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: DIOBA_5UREdjzutxlCzf-4_71pY84L-3tf6iDCgP-ziBTtPMJr71Tw==
via: 1.1 030fe0607711293dda988e571617a9f2.cloudfront.net (CloudFront), 1.1 981753271eb5b6d11bc29d52f173a5da.cloudfront.net (CloudFront), 1.1 google
date: Sun, 22 Jan 2023 05:26:33 GMT
age: 11367
etag: "d76bd06810c236fd5fc1450b2bd0b851ebc11d46"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb253a292-08cb-455a-bf4c-63bdca08af64.webp
34.120.237.76200 OK 7.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb253a292-08cb-455a-bf4c-63bdca08af64.webp
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 7ec85cf23f6ed6a70e62e17998dfcede
2a690f14cf97f33da2c4f4b21c737a7ca37665b4
ae3cedd8f51f9ed2d996f1d75e7288802d68fa3c27d928934311e4d8821940cc
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb253a292-08cb-455a-bf4c-63bdca08af64.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7609
x-amzn-requestid: 86dec496-ff1b-4db8-9bcb-12275f6feeb3
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fHNkBGiOIAMFaCQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63cc5c7f-16c24501673bc2161c1e8a3b;Sampled=0
x-amzn-remapped-date: Sat, 21 Jan 2023 21:43:27 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: EIRH5l-dSShdZbMvwSEE8jKooGny-prLtbXwx8ZNUi0Wfj4GItKV7g==
via: 1.1 e5af640ced3aa8764b82c4bc3f7af38e.cloudfront.net (CloudFront), 1.1 556b99c6be8d7078b9f067347c62df6a.cloudfront.net (CloudFront), 1.1 google
date: Sat, 21 Jan 2023 22:08:36 GMT
age: 37644
etag: "2a690f14cf97f33da2c4f4b21c737a7ca37665b4"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
an.yandex.ru/event_confirmation
87.250.250.90200 OK 2.6 kB URL HTTP/2 an.yandex.ru/event_confirmation
IP 87.250.250.90:0
Hash 87fcef067b90e62d9798376447335d22
f6cb198a81bf98a982fd4d6e8b41f37a2ccef289
ca66476f1ae5e30d69731e46e44606f253cb8deec22805a93a64c6527ae9579b
OPTIONS /event_confirmation HTTP/1.1
Host: an.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://goo.su/
Origin: https://goo.su
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
timing-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
date: Sun, 22 Jan 2023 08:35:59 GMT
access-control-max-age: 1728000
access-control-allow-headers: content-type
access-control-allow-origin: https://goo.su
access-control-allow-credentials: true
x-xss-protection: 1; mode=block
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
content-encoding: gzip
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
mc.yandex.ru/watch/1677322/1?page-url=https%3A%2F%2Fgoo.su%2FjYgQrdi&charset=utf-8&cnt-class=1&hittoken=1674376560_82e79351e220c282922e98d1784eaf1dba710a8d5257798a0e6c4634b518bc7e&browser-info=pv%3A1%3Aar%3A1%3Avf%3A3kqlg6e9sjiwxr6f2njdv%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A960%3Acn%3A1%3Adp%3A0%3Als%3A1418218279563%3Ahid%3A989927223%3Az%3A0%3Ai%3A20230122083559%3Aet%3A1674376560%3Ac%3A1%3Arn%3A1014720486%3Arqn%3A2%3Au%3A1674376559735048639%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Aco%3A0%3Ans%3A1674376557070%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1674376560%3At%3ARedirecting...&t=gdpr%2814%29mc%28p-1-h-1%29clc%280-0-0%29rqnt%282%29aw%281%29fip%281%29ti%282%29
87.250.251.119200 OK 43 B URL HTTP/2 mc.yandex.ru/watch/1677322/1?page-url=https%3A%2F%2Fgoo.su%2FjYgQrdi&charset=utf-8&cnt-class=1&hittoken=1674376560_82e79351e220c282922e98d1784eaf1dba710a8d5257798a0e6c4634b518bc7e&browser-info=pv%3A1%3Aar%3A1%3Avf%3A3kqlg6e9sjiwxr6f2njdv%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A960%3Acn%3A1%3Adp%3A0%3Als%3A1418218279563%3Ahid%3A989927223%3Az%3A0%3Ai%3A20230122083559%3Aet%3A1674376560%3Ac%3A1%3Arn%3A1014720486%3Arqn%3A2%3Au%3A1674376559735048639%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Aco%3A0%3Ans%3A1674376557070%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1674376560%3At%3ARedirecting...&t=gdpr%2814%29mc%28p-1-h-1%29clc%280-0-0%29rqnt%282%29aw%281%29fip%281%29ti%282%29
IP 87.250.251.119:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash df3e567d6f16d040326c7a0ea29a4f41
ea7df583983133b62712b5e73bffbcd45cc53736
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
GET /watch/1677322/1?page-url=https%3A%2F%2Fgoo.su%2FjYgQrdi&charset=utf-8&cnt-class=1&hittoken=1674376560_82e79351e220c282922e98d1784eaf1dba710a8d5257798a0e6c4634b518bc7e&browser-info=pv%3A1%3Aar%3A1%3Avf%3A3kqlg6e9sjiwxr6f2njdv%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A960%3Acn%3A1%3Adp%3A0%3Als%3A1418218279563%3Ahid%3A989927223%3Az%3A0%3Ai%3A20230122083559%3Aet%3A1674376560%3Ac%3A1%3Arn%3A1014720486%3Arqn%3A2%3Au%3A1674376559735048639%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Aco%3A0%3Ans%3A1674376557070%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1674376560%3At%3ARedirecting...&t=gdpr%2814%29mc%28p-1-h-1%29clc%280-0-0%29rqnt%282%29aw%281%29fip%281%29ti%282%29 HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://goo.su
Referer: https://goo.su/
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 43
date: Sun, 22 Jan 2023 08:36:00 GMT
access-control-allow-origin: https://goo.su
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Sun, 22-Jan-2023 08:36:00 GMT
last-modified: Sun, 22-Jan-2023 08:36:00 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: image/gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
ocsp.globalsign.com/gsrsaovsslca2018
104.18.21.226200 OK 1.4 kB URL HTTP/1.1 ocsp.globalsign.com/gsrsaovsslca2018
IP 104.18.21.226:0
Hash 4863a273191e3930ddccdd1a96f1b6b6
3627eebe8e13b308d26372f73b8eb92bb720c15c
5da4100e133b5a80a12a976fc9e7e23de59e9afdbe18283227289cb90b2067e8
POST /gsrsaovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 22 Jan 2023 08:36:01 GMT
Content-Type: application/ocsp-response
Content-Length: 1432
Connection: keep-alive
Expires: Thu, 26 Jan 2023 06:02:15 GMT
ETag: "3627eebe8e13b308d26372f73b8eb92bb720c15c"
Last-Modified: Sun, 22 Jan 2023 06:02:16 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 429
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 78d6f5a28ad5b515-OSL
strm.yandex.ru/vh-canvas-converted/vod-content/7984084796419151482/5625004b-f85e-4c88-9d58-d388761f9fe0/webm/VP8_240_426_500.webm?vsid=1b98ca9d5c12d24e7510381f13a496e4fc17ed1a8becxVASx9056x1674376558
87.250.254.45302 Found 0 B URL HTTP/2 strm.yandex.ru/vh-canvas-converted/vod-content/7984084796419151482/5625004b-f85e-4c88-9d58-d388761f9fe0/webm/VP8_240_426_500.webm?vsid=1b98ca9d5c12d24e7510381f13a496e4fc17ed1a8becxVASx9056x1674376558
IP 87.250.254.45:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /vh-canvas-converted/vod-content/7984084796419151482/5625004b-f85e-4c88-9d58-d388761f9fe0/webm/VP8_240_426_500.webm?vsid=1b98ca9d5c12d24e7510381f13a496e4fc17ed1a8becxVASx9056x1674376558 HTTP/1.1
Host: strm.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: video/webm,video/ogg,video/*;q=0.9,application/ogg;q=0.7,audio/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
Connection: keep-alive
Referer: https://goo.su/
Sec-Fetch-Dest: video
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
server: nginx/1.18.0
date: Sun, 22 Jan 2023 08:36:01 GMT
content-length: 0
location: https://ext-strm-itt06.strm.yandex.net/vh-canvas-converted/vod-content/7984084796419151482/5625004b-f85e-4c88-9d58-d388761f9fe0/webm/VP8_240_426_500.webm?vsid=1b98ca9d5c12d24e7510381f13a496e4fc17ed1a8becxVASx9056x1674376558&noredir=1&lid=1529
x-plg: host=strm-plgo-production-74.sas.yp-c.yandex.net; version=10688912
x-request-id: d0d80c0fd9a2e3c0
x-strm-request-id: d0d80c0fd9a2e3c0
x_h: strm-anycast-ru-net-production-46.vla.yp-c.yandex.net
x-strm-log-split: 5
report-to: {"group": "network-errors", "max_age": 1200, "include_subdomains": true, "endpoints": [ {"url": "https://dr.yandex.net/strm", "priority": 1}, {"url": "https://dr2.yandex.net/strm", "priority": 2} ]}
nel: {"report_to": "network-errors", "max_age": 1200, "success_fraction": 0.005, "failure_fraction": 0.05, "include_subdomains": true}
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Range, X-Client-Timestamp, X-Strm-Session
access-control-expose-headers: Date, X-Strm-Session, X-Estimated-RTT, X-Estimated-Bandwidth, X-Connection-ID, Age, X-Server-Time-Ms, X-Plg-URL
expires: Thu, 01 Jan 1970 00:00:01 GMT
cache-control: no-cache
X-Firefox-Spdy: h2
ext-strm-itt06.strm.yandex.net/vh-canvas-converted/vod-content/7984084796419151482/5625004b-f85e-4c88-9d58-d388761f9fe0/webm/VP8_240_426_500.webm?vsid=1b98ca9d5c12d24e7510381f13a496e4fc17ed1a8becxVASx9056x1674376558&noredir=1&lid=1529
185.70.202.8206 Partial Content 1.4 MB URL HTTP/2 ext-strm-itt06.strm.yandex.net/vh-canvas-converted/vod-content/7984084796419151482/5625004b-f85e-4c88-9d58-d388761f9fe0/webm/VP8_240_426_500.webm?vsid=1b98ca9d5c12d24e7510381f13a496e4fc17ed1a8becxVASx9056x1674376558&noredir=1&lid=1529
IP 185.70.202.8:0
ASN #6762 TELECOM ITALIA SPARKLE S.p.A.
File type WebM\012- EBML file, creator webmB\20\012- data
Size 1.4 MB (1410720 bytes)
Hash 4c71d2a966b05c46c3f707a98c6608ce
b07c93d31a9c5459a1e72ef44c63598f0462c63b
8a357676caee511271d45912400b3cde0d22ad88c9f0965a283f2691ae72d5f6
GET /vh-canvas-converted/vod-content/7984084796419151482/5625004b-f85e-4c88-9d58-d388761f9fe0/webm/VP8_240_426_500.webm?vsid=1b98ca9d5c12d24e7510381f13a496e4fc17ed1a8becxVASx9056x1674376558&noredir=1&lid=1529 HTTP/1.1
Host: ext-strm-itt06.strm.yandex.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: video/webm,video/ogg,video/*;q=0.9,application/ogg;q=0.7,audio/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Range: bytes=0-
Referer: https://goo.su/
Connection: keep-alive
Sec-Fetch-Dest: video
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 206 Partial Content
server: nginx/1.18.0
date: Sun, 22 Jan 2023 08:36:01 GMT
content-type: video/webm
content-length: 1410720
etag: "4c71d2a966b05c46c3f707a98c6608ce"
last-modified: Thu, 19 Jan 2023 00:04:34 GMT
x-robots-tag: noindex, noarchive, nofollow
x-strm-log-split: 9
x_h: strm-ams06.strm.yandex.net
x-strm-request-id: 6301790d03ef090e
x-request-id: 6301790d03ef090e
expires: Sun, 22 Jan 2023 08:41:01 GMT
cache-control: max-age=300
report-to: {"group": "network-errors", "max_age": 1200, "include_subdomains": true, "endpoints": [ {"url": "https://dr.yandex.net/strm", "priority": 1}, {"url": "https://dr2.yandex.net/strm", "priority": 2} ]}
nel: {"report_to": "network-errors", "max_age": 1200, "success_fraction": 0.005, "failure_fraction": 0.05, "include_subdomains": true}
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Range, X-Client-Timestamp, X-Strm-Session
access-control-expose-headers: Date, X-Strm-Session, X-Estimated-RTT, X-Estimated-Bandwidth, X-Connection-ID, Age, X-Server-Time-Ms, X-Plg-URL
x-estimated-rtt: 33795
x-estimated-bandwidth: 1293232
x-connection-id: 455423663
x-server-time-ms: 1674376561221
content-range: bytes 0-1410719/1410720
X-Firefox-Spdy: h2
pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20230118&jk=3418053325230061&bg=!Hh2lHVnNAAYDMoyoIzI7ACkAdvg8WuEgyFFap-puRZ-Vbnfiu8BUOCgOLWqwcQaSLCPOydtqtfh9TwIAAAEmUgAAAAVoAQcKAHsBtR_z2dhba_zyvTwuxdHgrgSXANuwfQ1wbGK9MsLpHPIlck-PTy3maSQ1BcJK8ca8RPsyS9FDTkRYk88LkPNvwVBu_ZLBExbqOxwF204cU-Ot02xP9qxKgpUOXsQpWmwEm6B8gPkTWU6xAV8I-hPQtNG0hWDDx6qWxomZAoOsj4tTt61FHu_cRmpDplcCJgWepbOdGtpOsXKbxnKBU9j-GOmZXPmMGyAeIbnprP27ujZ4wdd2k9wP8YWqXRCf_9Fpg8YsUcSOu900DMkKRZUT35ipUV_nHPKEGGr2cmUvjfnvXxHlK5juTLT-1kQQxJwk8cHJnU_FNVxEbPCc5K0NrtxfMwGLR5pcKDuopP7VqyrccyH_lr3QEJwTmm2bDljjB-YhOdr86IgbpUX_kW9P0W9h4e_Ni8xQaa1e4nRVAIj_SLZtSyFAufNUio9oaYdR8IgUDqpH4Uw7dlrOagAni0tBWSbdCwZhv6pg-tE63KL3alZVIq66rXcBNnhG7wrySnneRZ6_V41A8FJu44RWKFTrCJ4EgxjSctc4v9ZDHIEHkHC2gJuDuyD9qvNVwjqIh4ncW_zPtDxnUFtS5sZwKfWn87F-8EX-R5ZzCBUn32i4svZ4f98isnLvej6YzqBdKTuXeomWWRTmp5jzpPs1IKuUzZCjMf8gD7Wqsvl9SW-qVXmgyhjHzoeXeFOdHPMKQvQh9EaJ9Ephv7vphCbWl_Zew0Z5EptJG7FhXv9_fIuRC6FlOc8mzcnA9QxoAVJKFXI03fuFMa-E1iCc_nXdZ_RAVJzkYcMBnMW_yNprUdaOdI6rA_1U3vHD4th_HJG531cj4n7FaRtFlFY1au6INdLVI3V-jXbVDlIEzCIdx1t9-2DRPKvGIAekdv_ZferHgbWToyBrYiNnN_oJg8P4HTofl3jXsABX1wqzDyO371hCYcN1DES2z9Nx24sSILKRiU5kPxz779wLJ9mzPEzCTCNpvlGiAkBPVOJVyhB4mnM4t8iFNozgKxXMqJ2aR-Co
216.58.211.2204 No Content 0 B URL HTTP/2 pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20230118&jk=3418053325230061&bg=!Hh2lHVnNAAYDMoyoIzI7ACkAdvg8WuEgyFFap-puRZ-Vbnfiu8BUOCgOLWqwcQaSLCPOydtqtfh9TwIAAAEmUgAAAAVoAQcKAHsBtR_z2dhba_zyvTwuxdHgrgSXANuwfQ1wbGK9MsLpHPIlck-PTy3maSQ1BcJK8ca8RPsyS9FDTkRYk88LkPNvwVBu_ZLBExbqOxwF204cU-Ot02xP9qxKgpUOXsQpWmwEm6B8gPkTWU6xAV8I-hPQtNG0hWDDx6qWxomZAoOsj4tTt61FHu_cRmpDplcCJgWepbOdGtpOsXKbxnKBU9j-GOmZXPmMGyAeIbnprP27ujZ4wdd2k9wP8YWqXRCf_9Fpg8YsUcSOu900DMkKRZUT35ipUV_nHPKEGGr2cmUvjfnvXxHlK5juTLT-1kQQxJwk8cHJnU_FNVxEbPCc5K0NrtxfMwGLR5pcKDuopP7VqyrccyH_lr3QEJwTmm2bDljjB-YhOdr86IgbpUX_kW9P0W9h4e_Ni8xQaa1e4nRVAIj_SLZtSyFAufNUio9oaYdR8IgUDqpH4Uw7dlrOagAni0tBWSbdCwZhv6pg-tE63KL3alZVIq66rXcBNnhG7wrySnneRZ6_V41A8FJu44RWKFTrCJ4EgxjSctc4v9ZDHIEHkHC2gJuDuyD9qvNVwjqIh4ncW_zPtDxnUFtS5sZwKfWn87F-8EX-R5ZzCBUn32i4svZ4f98isnLvej6YzqBdKTuXeomWWRTmp5jzpPs1IKuUzZCjMf8gD7Wqsvl9SW-qVXmgyhjHzoeXeFOdHPMKQvQh9EaJ9Ephv7vphCbWl_Zew0Z5EptJG7FhXv9_fIuRC6FlOc8mzcnA9QxoAVJKFXI03fuFMa-E1iCc_nXdZ_RAVJzkYcMBnMW_yNprUdaOdI6rA_1U3vHD4th_HJG531cj4n7FaRtFlFY1au6INdLVI3V-jXbVDlIEzCIdx1t9-2DRPKvGIAekdv_ZferHgbWToyBrYiNnN_oJg8P4HTofl3jXsABX1wqzDyO371hCYcN1DES2z9Nx24sSILKRiU5kPxz779wLJ9mzPEzCTCNpvlGiAkBPVOJVyhB4mnM4t8iFNozgKxXMqJ2aR-Co
IP 216.58.211.2:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20230118&jk=3418053325230061&bg=!Hh2lHVnNAAYDMoyoIzI7ACkAdvg8WuEgyFFap-puRZ-Vbnfiu8BUOCgOLWqwcQaSLCPOydtqtfh9TwIAAAEmUgAAAAVoAQcKAHsBtR_z2dhba_zyvTwuxdHgrgSXANuwfQ1wbGK9MsLpHPIlck-PTy3maSQ1BcJK8ca8RPsyS9FDTkRYk88LkPNvwVBu_ZLBExbqOxwF204cU-Ot02xP9qxKgpUOXsQpWmwEm6B8gPkTWU6xAV8I-hPQtNG0hWDDx6qWxomZAoOsj4tTt61FHu_cRmpDplcCJgWepbOdGtpOsXKbxnKBU9j-GOmZXPmMGyAeIbnprP27ujZ4wdd2k9wP8YWqXRCf_9Fpg8YsUcSOu900DMkKRZUT35ipUV_nHPKEGGr2cmUvjfnvXxHlK5juTLT-1kQQxJwk8cHJnU_FNVxEbPCc5K0NrtxfMwGLR5pcKDuopP7VqyrccyH_lr3QEJwTmm2bDljjB-YhOdr86IgbpUX_kW9P0W9h4e_Ni8xQaa1e4nRVAIj_SLZtSyFAufNUio9oaYdR8IgUDqpH4Uw7dlrOagAni0tBWSbdCwZhv6pg-tE63KL3alZVIq66rXcBNnhG7wrySnneRZ6_V41A8FJu44RWKFTrCJ4EgxjSctc4v9ZDHIEHkHC2gJuDuyD9qvNVwjqIh4ncW_zPtDxnUFtS5sZwKfWn87F-8EX-R5ZzCBUn32i4svZ4f98isnLvej6YzqBdKTuXeomWWRTmp5jzpPs1IKuUzZCjMf8gD7Wqsvl9SW-qVXmgyhjHzoeXeFOdHPMKQvQh9EaJ9Ephv7vphCbWl_Zew0Z5EptJG7FhXv9_fIuRC6FlOc8mzcnA9QxoAVJKFXI03fuFMa-E1iCc_nXdZ_RAVJzkYcMBnMW_yNprUdaOdI6rA_1U3vHD4th_HJG531cj4n7FaRtFlFY1au6INdLVI3V-jXbVDlIEzCIdx1t9-2DRPKvGIAekdv_ZferHgbWToyBrYiNnN_oJg8P4HTofl3jXsABX1wqzDyO371hCYcN1DES2z9Nx24sSILKRiU5kPxz779wLJ9mzPEzCTCNpvlGiAkBPVOJVyhB4mnM4t8iFNozgKxXMqJ2aR-Co HTTP/1.1
Host: pagead2.googlesyndication.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://goo.su/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Sun, 22 Jan 2023 08:36:01 GMT
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
mc.yandex.ru/watch/39370120/1?vsid=1b98ca9d5c12d24e7510381f13a496e4fc17ed1a8becxVASx9056x1674376558
87.250.251.119200 OK 43 B URL HTTP/2 mc.yandex.ru/watch/39370120/1?vsid=1b98ca9d5c12d24e7510381f13a496e4fc17ed1a8becxVASx9056x1674376558
IP 87.250.251.119:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash df3e567d6f16d040326c7a0ea29a4f41
ea7df583983133b62712b5e73bffbcd45cc53736
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
GET /watch/39370120/1?vsid=1b98ca9d5c12d24e7510381f13a496e4fc17ed1a8becxVASx9056x1674376558 HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://goo.su/
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 43
date: Sun, 22 Jan 2023 08:36:01 GMT
pragma: no-cache
expires: Sun, 22-Jan-2023 08:36:01 GMT
x-xss-protection: 1; mode=block
last-modified: Sun, 22-Jan-2023 08:36:01 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: image/gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
ocsp.globalsign.com/gsrsaovsslca2018
104.18.21.226200 OK 1.4 kB URL HTTP/1.1 ocsp.globalsign.com/gsrsaovsslca2018
IP 104.18.21.226:0
Hash 934d0c6f2cd2468ea68cdc50374cae8f
5bd2b307b3aa42e5ccda5d429818c0ad45f37593
8b287f1d0fbe79c53fc5457dd826188c361ae1e054e71281486922aa86a79b13
POST /gsrsaovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 22 Jan 2023 08:36:01 GMT
Content-Type: application/ocsp-response
Content-Length: 1432
Connection: keep-alive
Expires: Thu, 26 Jan 2023 06:09:46 GMT
ETag: "5bd2b307b3aa42e5ccda5d429818c0ad45f37593"
Last-Modified: Sun, 22 Jan 2023 06:09:47 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 3140
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 78d6f5a63ed2b515-OSL
log.strm.yandex.ru/log?VAS=706348&event=PrioritiseMediaFiles
87.250.251.15200 OK 0 B URL HTTP/2 log.strm.yandex.ru/log?VAS=706348&event=PrioritiseMediaFiles
IP 87.250.251.15:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /log?VAS=706348&event=PrioritiseMediaFiles HTTP/1.1
Host: log.strm.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 13465
Origin: https://goo.su
Connection: keep-alive
Referer: https://goo.su/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-length: 0
access-control-allow-credentials: true
access-control-expose-headers: Date
date: Sun, 22 Jan 2023 08:36:01 GMT
timing-allow-origin: https://goo.su
access-control-allow-origin: https://goo.su
x-request-id: 1674376561674941-10805074272123471566
X-Firefox-Spdy: h2
ocsp.globalsign.com/gseccovsslca2018
104.18.21.226200 OK 938 B URL HTTP/1.1 ocsp.globalsign.com/gseccovsslca2018
IP 104.18.21.226:0
Hash 8796cb48be787446eca8decaa9c6caa7
77e625b133a54d5646c0f9cbea88ff4c6a386e3a
91e59a82ec9321556a6ad95c79dbba90384c5a14abb905680ec218a1b924f852
POST /gseccovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 22 Jan 2023 08:36:02 GMT
Content-Type: application/ocsp-response
Content-Length: 938
Connection: keep-alive
Expires: Thu, 26 Jan 2023 06:04:50 GMT
ETag: "77e625b133a54d5646c0f9cbea88ff4c6a386e3a"
Last-Modified: Sun, 22 Jan 2023 06:04:51 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 1951
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 78d6f5a91bcab515-OSL
mc.yandex.ru/metrika/watch.js
87.250.251.119200 OK 58 kB URL HTTP/2 mc.yandex.ru/metrika/watch.js
IP 87.250.251.119:0
File type Unicode text, UTF-8 (with BOM) text, with very long lines (554)
Hash 315a601116a9b3b0fbc85feb58375ba4
5d283ed923d0b3beb8a2ec4e80c2958d1d132fbf
251ba0fc04953e3615e7c19a9a10c5d6a4f25cc03bef190f8a5e7c6cd72a991a
GET /metrika/watch.js HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://yastatic.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 58140
date: Sun, 22 Jan 2023 08:36:02 GMT
access-control-allow-origin: *
etag: "63c93a4b-e31c"
expires: Sun, 22 Jan 2023 09:36:02 GMT
last-modified: Thu, 19 Jan 2023 15:40:43 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cache-control: max-age=3600
content-type: application/javascript
content-encoding: br
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 471 B IP 216.58.211.3:0
Hash 342d7c8fce0e3a91d408dcb50293489e
967ca1ab2c57242f6868937f5f3badf90aceaeeb
57449fe330ec7aa0851e4eb601d17934999d8a773cdb447942d3e51ad0385650
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 22 Jan 2023 08:36:02 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 471 B IP 216.58.211.3:0
Hash 342d7c8fce0e3a91d408dcb50293489e
967ca1ab2c57242f6868937f5f3badf90aceaeeb
57449fe330ec7aa0851e4eb601d17934999d8a773cdb447942d3e51ad0385650
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 22 Jan 2023 08:36:02 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 471 B IP 216.58.211.3:0
Hash 342d7c8fce0e3a91d408dcb50293489e
967ca1ab2c57242f6868937f5f3badf90aceaeeb
57449fe330ec7aa0851e4eb601d17934999d8a773cdb447942d3e51ad0385650
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 22 Jan 2023 08:36:02 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
mc.yandex.ru/metrika/advert.gif
87.250.251.119200 OK 43 B URL HTTP/2 mc.yandex.ru/metrika/advert.gif
IP 87.250.251.119:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash df3e567d6f16d040326c7a0ea29a4f41
ea7df583983133b62712b5e73bffbcd45cc53736
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
GET /metrika/advert.gif HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://yastatic.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 43
date: Sun, 22 Jan 2023 08:36:02 GMT
access-control-allow-origin: *
etag: "63c93a4b-2b"
expires: Sun, 22 Jan 2023 09:36:02 GMT
accept-ranges: bytes
last-modified: Thu, 19 Jan 2023 15:40:43 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cache-control: max-age=3600
content-type: image/gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
www.googleadservices.com/pagead/conversion/1014923426/?label=eA9lCJXGrmMQooH64wM&value=0&script=0
142.250.74.34302 Found 42 B URL HTTP/2 www.googleadservices.com/pagead/conversion/1014923426/?label=eA9lCJXGrmMQooH64wM&value=0&script=0
IP 142.250.74.34:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pagead/conversion/1014923426/?label=eA9lCJXGrmMQooH64wM&value=0&script=0 HTTP/1.1
Host: www.googleadservices.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://yastatic.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sun, 22 Jan 2023 08:36:02 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: image/gif
location: https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1014923426/?label=eA9lCJXGrmMQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=cvXMY9eJEZT56gSbrrFY&random=304918752&sscte=1&crd=
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.googleadservices.com/pagead/conversion_async.js
142.250.74.34200 OK 15 kB URL HTTP/2 www.googleadservices.com/pagead/conversion_async.js
IP 142.250.74.34:0
File type ASCII text, with very long lines (1654)
Hash 4bf0449ec695e4551e36da71f09c3bc8
5efa3c9bfee50af772728c206943836715ae5928
aaf4685f2a3f081a913a25cc341e4530272a59fc7462692f49ee90dcd1312200
GET /pagead/conversion_async.js HTTP/1.1
Host: www.googleadservices.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://yastatic.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Sun, 22 Jan 2023 08:36:02 GMT
expires: Sun, 22 Jan 2023 08:36:02 GMT
cache-control: private, max-age=3600
content-type: text/javascript; charset=UTF-8
etag: 10049755982691765357
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 15155
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 471 B IP 216.58.211.3:0
Hash 342d7c8fce0e3a91d408dcb50293489e
967ca1ab2c57242f6868937f5f3badf90aceaeeb
57449fe330ec7aa0851e4eb601d17934999d8a773cdb447942d3e51ad0385650
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 22 Jan 2023 08:36:02 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
mc.yandex.ru/watch/3/1?wmode=7&page-url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.83%2F1-1-0%2Frender.html&page-ref=https%3A%2F%2Fgoo.su%2F&charset=utf-8&browser-info=pv%3A1%3Avf%3A3kqlg6e9sjiwxr6f2njdv%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A960%3Acn%3A1%3Adp%3A0%3Als%3A975476162514%3Ahid%3A540196772%3Az%3A0%3Ai%3A20230122083601%3Aet%3A1674376561%3Arn%3A805386553%3Arqn%3A1%3Au%3A1674376561175737730%3Aw%3A1x1%3As%3A1280x1024x24%3Ask%3A1%3Aifr%3A1%3Ads%3A0%2C0%2C14%2C0%2C%2C0%2C%2C23%2C1%2C43%2C43%2C1%2C42%3Aco%3A0%3Ans%3A1674376558929%3Ast%3A1674376561&t=clc%280-0-0%29rqnt%281%29aw%281%29ti%282%29
87.250.251.119200 OK 236 B URL HTTP/2 mc.yandex.ru/watch/3/1?wmode=7&page-url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.83%2F1-1-0%2Frender.html&page-ref=https%3A%2F%2Fgoo.su%2F&charset=utf-8&browser-info=pv%3A1%3Avf%3A3kqlg6e9sjiwxr6f2njdv%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A960%3Acn%3A1%3Adp%3A0%3Als%3A975476162514%3Ahid%3A540196772%3Az%3A0%3Ai%3A20230122083601%3Aet%3A1674376561%3Arn%3A805386553%3Arqn%3A1%3Au%3A1674376561175737730%3Aw%3A1x1%3As%3A1280x1024x24%3Ask%3A1%3Aifr%3A1%3Ads%3A0%2C0%2C14%2C0%2C%2C0%2C%2C23%2C1%2C43%2C43%2C1%2C42%3Aco%3A0%3Ans%3A1674376558929%3Ast%3A1674376561&t=clc%280-0-0%29rqnt%281%29aw%281%29ti%282%29
IP 87.250.251.119:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 69d32451df0768a74e7d86c047f5dbcf
04f98bb3d822f3ac284ea680cd1d49ce9716a01d
6a955d0a7f1117a69df02936d897ff013ca122da81533ab0c8674341900f36db
GET /watch/3/1?wmode=7&page-url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.83%2F1-1-0%2Frender.html&page-ref=https%3A%2F%2Fgoo.su%2F&charset=utf-8&browser-info=pv%3A1%3Avf%3A3kqlg6e9sjiwxr6f2njdv%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A960%3Acn%3A1%3Adp%3A0%3Als%3A975476162514%3Ahid%3A540196772%3Az%3A0%3Ai%3A20230122083601%3Aet%3A1674376561%3Arn%3A805386553%3Arqn%3A1%3Au%3A1674376561175737730%3Aw%3A1x1%3As%3A1280x1024x24%3Ask%3A1%3Aifr%3A1%3Ads%3A0%2C0%2C14%2C0%2C%2C0%2C%2C23%2C1%2C43%2C43%2C1%2C42%3Aco%3A0%3Ans%3A1674376558929%3Ast%3A1674376561&t=clc%280-0-0%29rqnt%281%29aw%281%29ti%282%29 HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://yastatic.net
Referer: https://yastatic.net/
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 236
date: Sun, 22 Jan 2023 08:36:02 GMT
x-content-type-options: nosniff
access-control-allow-origin: https://yastatic.net
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Sun, 22-Jan-2023 08:36:02 GMT
last-modified: Sun, 22-Jan-2023 08:36:02 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: application/json; charset=utf-8
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
mc.yandex.ru/watch/3?wmode=7&page-url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.83%2F1-1-0%2Frender.html&page-ref=https%3A%2F%2Fgoo.su%2F&charset=utf-8&browser-info=pv%3A1%3Avf%3A3kqlg6e9sjiwxr6f2njdv%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A960%3Acn%3A1%3Adp%3A0%3Als%3A975476162514%3Ahid%3A540196772%3Az%3A0%3Ai%3A20230122083601%3Aet%3A1674376561%3Arn%3A805386553%3Arqn%3A1%3Au%3A1674376561175737730%3Aw%3A1x1%3As%3A1280x1024x24%3Ask%3A1%3Aifr%3A1%3Ads%3A0%2C0%2C14%2C0%2C%2C0%2C%2C23%2C1%2C43%2C43%2C1%2C42%3Aco%3A0%3Ans%3A1674376558929%3Ast%3A1674376561&t=clc(0-0-0)rqnt(1)aw(1)ti(2)
87.250.251.119302 Found 42 B URL HTTP/2 mc.yandex.ru/watch/3?wmode=7&page-url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.83%2F1-1-0%2Frender.html&page-ref=https%3A%2F%2Fgoo.su%2F&charset=utf-8&browser-info=pv%3A1%3Avf%3A3kqlg6e9sjiwxr6f2njdv%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A960%3Acn%3A1%3Adp%3A0%3Als%3A975476162514%3Ahid%3A540196772%3Az%3A0%3Ai%3A20230122083601%3Aet%3A1674376561%3Arn%3A805386553%3Arqn%3A1%3Au%3A1674376561175737730%3Aw%3A1x1%3As%3A1280x1024x24%3Ask%3A1%3Aifr%3A1%3Ads%3A0%2C0%2C14%2C0%2C%2C0%2C%2C23%2C1%2C43%2C43%2C1%2C42%3Aco%3A0%3Ans%3A1674376558929%3Ast%3A1674376561&t=clc(0-0-0)rqnt(1)aw(1)ti(2)
IP 87.250.251.119:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /watch/3?wmode=7&page-url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.83%2F1-1-0%2Frender.html&page-ref=https%3A%2F%2Fgoo.su%2F&charset=utf-8&browser-info=pv%3A1%3Avf%3A3kqlg6e9sjiwxr6f2njdv%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A960%3Acn%3A1%3Adp%3A0%3Als%3A975476162514%3Ahid%3A540196772%3Az%3A0%3Ai%3A20230122083601%3Aet%3A1674376561%3Arn%3A805386553%3Arqn%3A1%3Au%3A1674376561175737730%3Aw%3A1x1%3As%3A1280x1024x24%3Ask%3A1%3Aifr%3A1%3Ads%3A0%2C0%2C14%2C0%2C%2C0%2C%2C23%2C1%2C43%2C43%2C1%2C42%3Aco%3A0%3Ans%3A1674376558929%3Ast%3A1674376561&t=clc(0-0-0)rqnt(1)aw(1)ti(2) HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://yastatic.net
Connection: keep-alive
Referer: https://yastatic.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
location: /watch/3/1?wmode=7&page-url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.83%2F1-1-0%2Frender.html&page-ref=https%3A%2F%2Fgoo.su%2F&charset=utf-8&browser-info=pv%3A1%3Avf%3A3kqlg6e9sjiwxr6f2njdv%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A960%3Acn%3A1%3Adp%3A0%3Als%3A975476162514%3Ahid%3A540196772%3Az%3A0%3Ai%3A20230122083601%3Aet%3A1674376561%3Arn%3A805386553%3Arqn%3A1%3Au%3A1674376561175737730%3Aw%3A1x1%3As%3A1280x1024x24%3Ask%3A1%3Aifr%3A1%3Ads%3A0%2C0%2C14%2C0%2C%2C0%2C%2C23%2C1%2C43%2C43%2C1%2C42%3Aco%3A0%3Ans%3A1674376558929%3Ast%3A1674376561&t=clc%280-0-0%29rqnt%281%29aw%281%29ti%282%29
date: Sun, 22 Jan 2023 08:36:02 GMT
access-control-allow-origin: https://yastatic.net
set-cookie: yabs-sid=1495769261674376562; Path=/; SameSite=None; Secure
i=puVho9fA7yjweAlAqJm/O/1duiswygg6/badKmhdWEXqWbi9yjxXlqlLDU9eFaXIDREe7ffPJ8cdEgb2urOpzvcjfQs=; Expires=Wed, 19-Jan-2033 08:35:59 GMT; Domain=.yandex.ru; Path=/; Secure; HttpOnly; SameSite=None
yandexuid=5077998891674376562; Expires=Mon, 22-Jan-2024 08:36:02 GMT; Domain=.yandex.ru; Path=/; SameSite=None; Secure
yuidss=5077998891674376562; Expires=Mon, 22-Jan-2024 08:36:02 GMT; Domain=.yandex.ru; Path=/; SameSite=None; Secure
ymex=1705912562.yc.1674376562#1705912562.yrts.1674376562#1705912562.yrtsi.1674376562; Expires=Mon, 22-Jan-2024 08:36:02 GMT; Domain=.yandex.ru; Path=/; SameSite=None; Secure
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Sun, 22-Jan-2023 08:36:02 GMT
last-modified: Sun, 22-Jan-2023 08:36:02 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
www.google.no/pagead/1p-user-list/947884341/?random=1674376561235&cv=9&fst=1674374400000&num=1&guid=ON&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&sendb=1&data=extensions%3D%3BfromGoogle%3Dfalse%3BfromCancel%3Dfalse%3Bloyal%3D0%3Bsbscrb%3D%3Bp%3D%3Bb%3D%3Bfresh%3D%3Binfected%3D%3Bslow%3D%3Bos%3Dwindows%3Bbrowser%3Dfirefox%3Bwinxp%3Dfalse%3Bold%3Dactual&frm=2&url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.83%2F1-1-0%2Frender.html&ref=https%3A%2F%2Fgoo.su%2F&async=1&fmt=3&is_vtc=1&random=1408353167&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
142.250.74.163200 OK 42 B URL HTTP/2 www.google.no/pagead/1p-user-list/947884341/?random=1674376561235&cv=9&fst=1674374400000&num=1&guid=ON&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&sendb=1&data=extensions%3D%3BfromGoogle%3Dfalse%3BfromCancel%3Dfalse%3Bloyal%3D0%3Bsbscrb%3D%3Bp%3D%3Bb%3D%3Bfresh%3D%3Binfected%3D%3Bslow%3D%3Bos%3Dwindows%3Bbrowser%3Dfirefox%3Bwinxp%3Dfalse%3Bold%3Dactual&frm=2&url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.83%2F1-1-0%2Frender.html&ref=https%3A%2F%2Fgoo.su%2F&async=1&fmt=3&is_vtc=1&random=1408353167&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
IP 142.250.74.163:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pagead/1p-user-list/947884341/?random=1674376561235&cv=9&fst=1674374400000&num=1&guid=ON&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&sendb=1&data=extensions%3D%3BfromGoogle%3Dfalse%3BfromCancel%3Dfalse%3Bloyal%3D0%3Bsbscrb%3D%3Bp%3D%3Bb%3D%3Bfresh%3D%3Binfected%3D%3Bslow%3D%3Bos%3Dwindows%3Bbrowser%3Dfirefox%3Bwinxp%3Dfalse%3Bold%3Dactual&frm=2&url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.83%2F1-1-0%2Frender.html&ref=https%3A%2F%2Fgoo.su%2F&async=1&fmt=3&is_vtc=1&random=1408353167&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://yastatic.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sun, 22 Jan 2023 08:36:02 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
an.yandex.ru/rtbcount/1OInWGUO0US100000000U9nJBF1S_Z6ugRFUSCbda-CsH_OoM1PyFPFC00IUC97Gdp7E8h5SCoGPKXc1ufbBFi_O3H8lPG7oQik1H2iZYEm4oG814yDCHduk27iXupPc26ibOnPKVY-Zh0qFmr4m_omZIFeg8qZgBYE330F3NyPPJ0mCSvb08ckPee3aMQR_GF2AII1Bq3LkoMS6XfEz4ZhNFh4o_6K2kQ2LcHL8zZ8h0icfp21jSvdPG1OoCp4eWEnZsSYilhsCu-3nSqedcGiyvxzFFl3Q_IfOvLqm-PFPmOaVuboMYw_EW5ahMFf5Dh3yXm767InC1v2uDraWVlbW_v15O-fcTywC6_PlMK0-Mi3AUvALQmR4_nTO6ngQM6wovak-VEGszMxkLrQGxWws1fOPR5SE1ozWwzwpUKFhtpFxorQomOmvmEPnWetv4HjlVegpLQYNHr2bTt2Q-Kisc8K_uQo9x4LL2sPoDxspdyNEPcvWQM1gje6TQGSxpmbsyGVixRUQTaxwj64nzmzs7W2VEfrj
87.250.250.90200 OK 353 B URL HTTP/2 an.yandex.ru/rtbcount/1OInWGUO0US100000000U9nJBF1S_Z6ugRFUSCbda-CsH_OoM1PyFPFC00IUC97Gdp7E8h5SCoGPKXc1ufbBFi_O3H8lPG7oQik1H2iZYEm4oG814yDCHduk27iXupPc26ibOnPKVY-Zh0qFmr4m_omZIFeg8qZgBYE330F3NyPPJ0mCSvb08ckPee3aMQR_GF2AII1Bq3LkoMS6XfEz4ZhNFh4o_6K2kQ2LcHL8zZ8h0icfp21jSvdPG1OoCp4eWEnZsSYilhsCu-3nSqedcGiyvxzFFl3Q_IfOvLqm-PFPmOaVuboMYw_EW5ahMFf5Dh3yXm767InC1v2uDraWVlbW_v15O-fcTywC6_PlMK0-Mi3AUvALQmR4_nTO6ngQM6wovak-VEGszMxkLrQGxWws1fOPR5SE1ozWwzwpUKFhtpFxorQomOmvmEPnWetv4HjlVegpLQYNHr2bTt2Q-Kisc8K_uQo9x4LL2sPoDxspdyNEPcvWQM1gje6TQGSxpmbsyGVixRUQTaxwj64nzmzs7W2VEfrj
IP 87.250.250.90:0
Hash 2a6c6ba6d5400fe48c4068dcd92ee9ba
41c989d8940f13a6da92a93324e51ab1ae9ea501
a51e52dc8344444a259e2dc499a5e4d60b4d000aab6cc6de5d98bffb97a15bec
GET /rtbcount/1OInWGUO0US100000000U9nJBF1S_Z6ugRFUSCbda-CsH_OoM1PyFPFC00IUC97Gdp7E8h5SCoGPKXc1ufbBFi_O3H8lPG7oQik1H2iZYEm4oG814yDCHduk27iXupPc26ibOnPKVY-Zh0qFmr4m_omZIFeg8qZgBYE330F3NyPPJ0mCSvb08ckPee3aMQR_GF2AII1Bq3LkoMS6XfEz4ZhNFh4o_6K2kQ2LcHL8zZ8h0icfp21jSvdPG1OoCp4eWEnZsSYilhsCu-3nSqedcGiyvxzFFl3Q_IfOvLqm-PFPmOaVuboMYw_EW5ahMFf5Dh3yXm767InC1v2uDraWVlbW_v15O-fcTywC6_PlMK0-Mi3AUvALQmR4_nTO6ngQM6wovak-VEGszMxkLrQGxWws1fOPR5SE1ozWwzwpUKFhtpFxorQomOmvmEPnWetv4HjlVegpLQYNHr2bTt2Q-Kisc8K_uQo9x4LL2sPoDxspdyNEPcvWQM1gje6TQGSxpmbsyGVixRUQTaxwj64nzmzs7W2VEfrj HTTP/1.1
Host: an.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Origin: https://goo.su
Connection: keep-alive
Referer: https://goo.su/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
timing-allow-origin: *
date: Sun, 22 Jan 2023 08:36:00 GMT
access-control-allow-origin: https://goo.su
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Sun, 22 Jan 2023 08:36:00 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
last-modified: Sun, 22 Jan 2023 08:36:00 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: image/gif
content-encoding: gzip
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
www.google.no/pagead/1p-user-list/693627671/?random=1674376561240&cv=9&fst=1674374400000&num=1&guid=ON&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&sendb=1&data=extensions%3D%3BfromGoogle%3Dfalse%3BfromCancel%3Dfalse%3Bloyal%3D0%3Bsbscrb%3D%3Bp%3D%3Bb%3D%3Bfresh%3D%3Binfected%3D%3Bslow%3D%3Bos%3Dwindows%3Bbrowser%3Dfirefox%3Bwinxp%3Dfalse%3Bold%3Dactual&frm=2&url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.83%2F1-1-0%2Frender.html&ref=https%3A%2F%2Fgoo.su%2F&async=1&fmt=3&is_vtc=1&random=2762656210&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
142.250.74.163200 OK 42 B URL HTTP/2 www.google.no/pagead/1p-user-list/693627671/?random=1674376561240&cv=9&fst=1674374400000&num=1&guid=ON&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&sendb=1&data=extensions%3D%3BfromGoogle%3Dfalse%3BfromCancel%3Dfalse%3Bloyal%3D0%3Bsbscrb%3D%3Bp%3D%3Bb%3D%3Bfresh%3D%3Binfected%3D%3Bslow%3D%3Bos%3Dwindows%3Bbrowser%3Dfirefox%3Bwinxp%3Dfalse%3Bold%3Dactual&frm=2&url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.83%2F1-1-0%2Frender.html&ref=https%3A%2F%2Fgoo.su%2F&async=1&fmt=3&is_vtc=1&random=2762656210&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
IP 142.250.74.163:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pagead/1p-user-list/693627671/?random=1674376561240&cv=9&fst=1674374400000&num=1&guid=ON&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&sendb=1&data=extensions%3D%3BfromGoogle%3Dfalse%3BfromCancel%3Dfalse%3Bloyal%3D0%3Bsbscrb%3D%3Bp%3D%3Bb%3D%3Bfresh%3D%3Binfected%3D%3Bslow%3D%3Bos%3Dwindows%3Bbrowser%3Dfirefox%3Bwinxp%3Dfalse%3Bold%3Dactual&frm=2&url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.83%2F1-1-0%2Frender.html&ref=https%3A%2F%2Fgoo.su%2F&async=1&fmt=3&is_vtc=1&random=2762656210&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://yastatic.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sun, 22 Jan 2023 08:36:02 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.google.no/pagead/1p-user-list/1014923426/?label=eA9lCJXGrmMQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&random=304918752&crd=&is_vtc=1&random=1717879525&ipr=y
142.250.74.163200 OK 42 B URL HTTP/2 www.google.no/pagead/1p-user-list/1014923426/?label=eA9lCJXGrmMQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&random=304918752&crd=&is_vtc=1&random=1717879525&ipr=y
IP 142.250.74.163:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pagead/1p-user-list/1014923426/?label=eA9lCJXGrmMQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&random=304918752&crd=&is_vtc=1&random=1717879525&ipr=y HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://yastatic.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sun, 22 Jan 2023 08:36:02 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.google.no/pagead/1p-user-list/693627671/?random=1674376561255&cv=9&fst=1674374400000&num=1&guid=ON&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&sendb=1&data=extensions%3D%3BfromGoogle%3Dfalse%3BfromCancel%3Dfalse%3Bloyal%3D0%3Bsbscrb%3D%3Bp%3D%3Bb%3D%3Bfresh%3D%3Binfected%3D%3Bslow%3D%3Bos%3Dwindows%3Bbrowser%3Dfirefox%3Bwinxp%3Dfalse%3Bold%3Dactual&frm=2&url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.83%2F1-1-0%2Frender.html&ref=https%3A%2F%2Fgoo.su%2F&async=1&fmt=3&is_vtc=1&random=891990386&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
142.250.74.163200 OK 42 B URL HTTP/2 www.google.no/pagead/1p-user-list/693627671/?random=1674376561255&cv=9&fst=1674374400000&num=1&guid=ON&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&sendb=1&data=extensions%3D%3BfromGoogle%3Dfalse%3BfromCancel%3Dfalse%3Bloyal%3D0%3Bsbscrb%3D%3Bp%3D%3Bb%3D%3Bfresh%3D%3Binfected%3D%3Bslow%3D%3Bos%3Dwindows%3Bbrowser%3Dfirefox%3Bwinxp%3Dfalse%3Bold%3Dactual&frm=2&url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.83%2F1-1-0%2Frender.html&ref=https%3A%2F%2Fgoo.su%2F&async=1&fmt=3&is_vtc=1&random=891990386&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
IP 142.250.74.163:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pagead/1p-user-list/693627671/?random=1674376561255&cv=9&fst=1674374400000&num=1&guid=ON&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&sendb=1&data=extensions%3D%3BfromGoogle%3Dfalse%3BfromCancel%3Dfalse%3Bloyal%3D0%3Bsbscrb%3D%3Bp%3D%3Bb%3D%3Bfresh%3D%3Binfected%3D%3Bslow%3D%3Bos%3Dwindows%3Bbrowser%3Dfirefox%3Bwinxp%3Dfalse%3Bold%3Dactual&frm=2&url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.83%2F1-1-0%2Frender.html&ref=https%3A%2F%2Fgoo.su%2F&async=1&fmt=3&is_vtc=1&random=891990386&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://yastatic.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sun, 22 Jan 2023 08:36:02 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.google.no/pagead/1p-user-list/1014923426/?label=uXlUCLqxpmMQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&random=1897395011&crd=&is_vtc=1&random=2309095314&ipr=y
142.250.74.163200 OK 42 B URL HTTP/2 www.google.no/pagead/1p-user-list/1014923426/?label=uXlUCLqxpmMQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&random=1897395011&crd=&is_vtc=1&random=2309095314&ipr=y
IP 142.250.74.163:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pagead/1p-user-list/1014923426/?label=uXlUCLqxpmMQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&random=1897395011&crd=&is_vtc=1&random=2309095314&ipr=y HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://yastatic.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sun, 22 Jan 2023 08:36:02 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash d51a8da54f8ce6e3de75f41571d692f5
91f2eac0de75f83fa7f277df01722459085d8ce9
142bc1a85c8cad354df5b7aa7a9cda9b6d29f413d173c7191cda283bf3f726a7
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "142BC1A85C8CAD354DF5B7AA7A9CDA9B6D29F413D173C7191CDA283BF3F726A7"
Last-Modified: Sat, 21 Jan 2023 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7267
Expires: Sun, 22 Jan 2023 10:37:11 GMT
Date: Sun, 22 Jan 2023 08:36:04 GMT
Connection: keep-alive
an.yandex.ru/count/WMaejI_zOE80_Ge0L18YybXYCwoX7WK0uW4GW8200J5lzSnZ000003YKuCm1Y081kG9BU1GOu_hAQl02rElDq80uy0K1e0Rk0Sa6Rz5h_XlZG6If1wJpq5mLnBq0-0S1q0Y2W8200d559tEaym00tBKEBDRoWO20W8W4g0-avzEhruBnNf0GrlVlsTh3kut10QQDZBu-u1G1y1N1YlRieu-y_6EW5f3Iz9q6oHRmFzWMWHUe5mtG627u68ZsuAZPZSUIUe0PYHaAcBWP____0S0PxxAab-wevUvjqXaIUM5YSrzpPN9sPN8lSZStDYqqw1cH0V0PgmUO6jJ3Kx0RIBWR0u8S3MzaGpfXLbfFUKjJPZVf780T_t-080A880pG8Vy1rIB__t__WIC00000003mFn40W20yJo8mOjntjBuTkH5Ao25Dnpl_9OQsh3dgzwWi44Ybx_3e5u2rSoWdKSrHaQHHdEHZ18C2~1=WOSejI_zO9u0xGi051PhHy5rdW6dkVhvai7Yy0600G680UNQewAU0P01rgMlbkA0W802c07MfQ-MOhW1bBFA-2NO0Ugxvwm1u07En-wc0UW1gWFu0UYBthu1e0AE-eK1i0Ez0uW5kemIa0Nul4cm1OlN4hW5YzSIm0MKcxi1o0Mgp2_G1RUy1wW6xW6f1wJpq5mLnBq0k0U01U07XWhG2Bg8W872We06u0Y7_KBe2GU02W7u2e2r6EWCamAO3PRvDC2m4A4HPsPcPcPcveWI0P0I0O0KW8201D0KcURLM-WKZ0AW5f3Iz9q6oHRG5kYBthu1c1UmlOelk1S1m1UrrW6W6Uu1k1d___y1WHh__rVAkVMydAWU0R0V0SWVzTspLgaWfkqyWpn4sJ-u8DxTAP0YmVaga2B2-IgG8iFvAh0Y0SWY0TKY__z__u4Zy3-98vgPcPcPcTa_a2EpihQOnj-NpboO8-BezPcjaTZFQWS0HaSPSTqrne3a4hEW7oYLuOXAQNU2nG8E~1=WPGejI_zOB40LGm0X1P1KWMbiG6dkVhvai7Yy0600SNdtDdBfxhr6uW1oSwvXfu1a06gXQ6Mue20W0AO0Qg5ePPYk07o-iVu9TW1eeJah07W0PQLhva1w06s1A02j8q2e0C4i0FJ0eW5hu8Ea0MmWHYm1Q-D1hW5huq6m0Nyd7x81TgB8D05nRW2g0Rk0Qa7fFFGN1N4lG2u1u05u0U62j08keY0WSA0W0RW2Dg60UW91u0A0VWAWBKOw0oJ0fWDblaqmB2GWW6X4MU84W6G4W605820W0JG5D_TrXxe58m2e1QGqlIT1iaM0F0_q1REdzw-0PWNbxMqBBWN0S0NjTO1e1dk0RWP____0VWPW-7kAu4Q___FAZgeFooe7W6m7mB87v62ibQf8Al4VW5pmyS_k23UtIcG8i7vAf0Ymlaga2B3-Igm8W788W7L8l__V_-18uaZcfcPcPcPsJ-G8_Ycwgs6WRFlgm6O8zghuAwXh_Mrmm4900mU95QynW7kvom2j75bxALIULYbjElZ-pxS2HOBE000~1=WOqejI_zOAq07Gm0r1KhRfgWhG68wvlJuP27huy1W06ZbUoCtgEiZmo80RMRYhET0P01Wk72u-60W802c062uSBZORW1n9oJy2NO0TppmAm1u06kohsU0UW1s0Ju0Qgcthu1e0AKm_0Oe0C6i0Em0uW5ugG7a0MmsGgm1OBx0xW5Wli3m0MztmZ81R-U0z05eOi1g0Rk0Qa7fFFGN1N4lG2u1u05u0UG3SA0W0RW2CgXk0pe2GU02W7e39C2c0sM-JJ0e12X4MU05820W0JG50te58m2e1QGqlIT1iaMq1Q-lTw-0PWNselABRWN0S0NjTO1e1dk0RWP____0O4Q___hbJnW5KsW6fo0mwYPZBlewW6e7W6m7mF87-wve5Qf8BFYMxqy4_C_k23UtIcG8i7vAf0Ymlaga2B3-Igm8W788W7L8l__V_-18uaZcfcPcPcPsJ-G8vEOYVM9mv6I8fWZlTNBe9wI-wyj2W2I7oJUkyRWGX3HC0oZeIHKuyfAfbIEnJlZhRLAwHo3RQ88~1?stat-id=1&test-tag=246290604677681&banner-sizes=eyI3MjA1NzYwNzIxNDcyMTM4NyI6IjQxOXgxMDAiLCI3MjA1NzYwNzIxNDYwNDYyOSI6IjQxOXgxMDAiLCI3MjA1NzYwNzE2MTQwMzQ1NyI6IjQxOXgxMDAifQ%3D%3D&format-type=118&actual-format=10&pcodever=709056&banner-test-tags=eyI3MjA1NzYwNzIxNDcyMTM4NyI6IjU3MzYxIiwiNzIwNTc2MDcyMTQ2MDQ2MjkiOiI1NzM5NCIsIjcyMDU3NjA3MTYxNDAzNDU3IjoiNTczOTUifQ%3D%3D&pcode-active-testids=685674%2C0%2C23&width=1268&height=100&confirmTime=2101000&confirmRatio=1000000&wmode=0
87.250.250.90302 Found 140 B URL HTTP/2 an.yandex.ru/count/WMaejI_zOE80_Ge0L18YybXYCwoX7WK0uW4GW8200J5lzSnZ000003YKuCm1Y081kG9BU1GOu_hAQl02rElDq80uy0K1e0Rk0Sa6Rz5h_XlZG6If1wJpq5mLnBq0-0S1q0Y2W8200d559tEaym00tBKEBDRoWO20W8W4g0-avzEhruBnNf0GrlVlsTh3kut10QQDZBu-u1G1y1N1YlRieu-y_6EW5f3Iz9q6oHRmFzWMWHUe5mtG627u68ZsuAZPZSUIUe0PYHaAcBWP____0S0PxxAab-wevUvjqXaIUM5YSrzpPN9sPN8lSZStDYqqw1cH0V0PgmUO6jJ3Kx0RIBWR0u8S3MzaGpfXLbfFUKjJPZVf780T_t-080A880pG8Vy1rIB__t__WIC00000003mFn40W20yJo8mOjntjBuTkH5Ao25Dnpl_9OQsh3dgzwWi44Ybx_3e5u2rSoWdKSrHaQHHdEHZ18C2~1=WOSejI_zO9u0xGi051PhHy5rdW6dkVhvai7Yy0600G680UNQewAU0P01rgMlbkA0W802c07MfQ-MOhW1bBFA-2NO0Ugxvwm1u07En-wc0UW1gWFu0UYBthu1e0AE-eK1i0Ez0uW5kemIa0Nul4cm1OlN4hW5YzSIm0MKcxi1o0Mgp2_G1RUy1wW6xW6f1wJpq5mLnBq0k0U01U07XWhG2Bg8W872We06u0Y7_KBe2GU02W7u2e2r6EWCamAO3PRvDC2m4A4HPsPcPcPcveWI0P0I0O0KW8201D0KcURLM-WKZ0AW5f3Iz9q6oHRG5kYBthu1c1UmlOelk1S1m1UrrW6W6Uu1k1d___y1WHh__rVAkVMydAWU0R0V0SWVzTspLgaWfkqyWpn4sJ-u8DxTAP0YmVaga2B2-IgG8iFvAh0Y0SWY0TKY__z__u4Zy3-98vgPcPcPcTa_a2EpihQOnj-NpboO8-BezPcjaTZFQWS0HaSPSTqrne3a4hEW7oYLuOXAQNU2nG8E~1=WPGejI_zOB40LGm0X1P1KWMbiG6dkVhvai7Yy0600SNdtDdBfxhr6uW1oSwvXfu1a06gXQ6Mue20W0AO0Qg5ePPYk07o-iVu9TW1eeJah07W0PQLhva1w06s1A02j8q2e0C4i0FJ0eW5hu8Ea0MmWHYm1Q-D1hW5huq6m0Nyd7x81TgB8D05nRW2g0Rk0Qa7fFFGN1N4lG2u1u05u0U62j08keY0WSA0W0RW2Dg60UW91u0A0VWAWBKOw0oJ0fWDblaqmB2GWW6X4MU84W6G4W605820W0JG5D_TrXxe58m2e1QGqlIT1iaM0F0_q1REdzw-0PWNbxMqBBWN0S0NjTO1e1dk0RWP____0VWPW-7kAu4Q___FAZgeFooe7W6m7mB87v62ibQf8Al4VW5pmyS_k23UtIcG8i7vAf0Ymlaga2B3-Igm8W788W7L8l__V_-18uaZcfcPcPcPsJ-G8_Ycwgs6WRFlgm6O8zghuAwXh_Mrmm4900mU95QynW7kvom2j75bxALIULYbjElZ-pxS2HOBE000~1=WOqejI_zOAq07Gm0r1KhRfgWhG68wvlJuP27huy1W06ZbUoCtgEiZmo80RMRYhET0P01Wk72u-60W802c062uSBZORW1n9oJy2NO0TppmAm1u06kohsU0UW1s0Ju0Qgcthu1e0AKm_0Oe0C6i0Em0uW5ugG7a0MmsGgm1OBx0xW5Wli3m0MztmZ81R-U0z05eOi1g0Rk0Qa7fFFGN1N4lG2u1u05u0UG3SA0W0RW2CgXk0pe2GU02W7e39C2c0sM-JJ0e12X4MU05820W0JG50te58m2e1QGqlIT1iaMq1Q-lTw-0PWNselABRWN0S0NjTO1e1dk0RWP____0O4Q___hbJnW5KsW6fo0mwYPZBlewW6e7W6m7mF87-wve5Qf8BFYMxqy4_C_k23UtIcG8i7vAf0Ymlaga2B3-Igm8W788W7L8l__V_-18uaZcfcPcPcPsJ-G8vEOYVM9mv6I8fWZlTNBe9wI-wyj2W2I7oJUkyRWGX3HC0oZeIHKuyfAfbIEnJlZhRLAwHo3RQ88~1?stat-id=1&test-tag=246290604677681&banner-sizes=eyI3MjA1NzYwNzIxNDcyMTM4NyI6IjQxOXgxMDAiLCI3MjA1NzYwNzIxNDYwNDYyOSI6IjQxOXgxMDAiLCI3MjA1NzYwNzE2MTQwMzQ1NyI6IjQxOXgxMDAifQ%3D%3D&format-type=118&actual-format=10&pcodever=709056&banner-test-tags=eyI3MjA1NzYwNzIxNDcyMTM4NyI6IjU3MzYxIiwiNzIwNTc2MDcyMTQ2MDQ2MjkiOiI1NzM5NCIsIjcyMDU3NjA3MTYxNDAzNDU3IjoiNTczOTUifQ%3D%3D&pcode-active-testids=685674%2C0%2C23&width=1268&height=100&confirmTime=2101000&confirmRatio=1000000&wmode=0
IP 87.250.250.90:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 1837d0a9c39654e6b6fa127b87c83e6c
5cd36108d1832fb75e5e4a1b74815473d20cfb49
3adb8c7298f28a4a82ce5d3008c6c10a33fdb8c65e1e0d88a03832d82ca6a375
GET /count/WMaejI_zOE80_Ge0L18YybXYCwoX7WK0uW4GW8200J5lzSnZ000003YKuCm1Y081kG9BU1GOu_hAQl02rElDq80uy0K1e0Rk0Sa6Rz5h_XlZG6If1wJpq5mLnBq0-0S1q0Y2W8200d559tEaym00tBKEBDRoWO20W8W4g0-avzEhruBnNf0GrlVlsTh3kut10QQDZBu-u1G1y1N1YlRieu-y_6EW5f3Iz9q6oHRmFzWMWHUe5mtG627u68ZsuAZPZSUIUe0PYHaAcBWP____0S0PxxAab-wevUvjqXaIUM5YSrzpPN9sPN8lSZStDYqqw1cH0V0PgmUO6jJ3Kx0RIBWR0u8S3MzaGpfXLbfFUKjJPZVf780T_t-080A880pG8Vy1rIB__t__WIC00000003mFn40W20yJo8mOjntjBuTkH5Ao25Dnpl_9OQsh3dgzwWi44Ybx_3e5u2rSoWdKSrHaQHHdEHZ18C2~1=WOSejI_zO9u0xGi051PhHy5rdW6dkVhvai7Yy0600G680UNQewAU0P01rgMlbkA0W802c07MfQ-MOhW1bBFA-2NO0Ugxvwm1u07En-wc0UW1gWFu0UYBthu1e0AE-eK1i0Ez0uW5kemIa0Nul4cm1OlN4hW5YzSIm0MKcxi1o0Mgp2_G1RUy1wW6xW6f1wJpq5mLnBq0k0U01U07XWhG2Bg8W872We06u0Y7_KBe2GU02W7u2e2r6EWCamAO3PRvDC2m4A4HPsPcPcPcveWI0P0I0O0KW8201D0KcURLM-WKZ0AW5f3Iz9q6oHRG5kYBthu1c1UmlOelk1S1m1UrrW6W6Uu1k1d___y1WHh__rVAkVMydAWU0R0V0SWVzTspLgaWfkqyWpn4sJ-u8DxTAP0YmVaga2B2-IgG8iFvAh0Y0SWY0TKY__z__u4Zy3-98vgPcPcPcTa_a2EpihQOnj-NpboO8-BezPcjaTZFQWS0HaSPSTqrne3a4hEW7oYLuOXAQNU2nG8E~1=WPGejI_zOB40LGm0X1P1KWMbiG6dkVhvai7Yy0600SNdtDdBfxhr6uW1oSwvXfu1a06gXQ6Mue20W0AO0Qg5ePPYk07o-iVu9TW1eeJah07W0PQLhva1w06s1A02j8q2e0C4i0FJ0eW5hu8Ea0MmWHYm1Q-D1hW5huq6m0Nyd7x81TgB8D05nRW2g0Rk0Qa7fFFGN1N4lG2u1u05u0U62j08keY0WSA0W0RW2Dg60UW91u0A0VWAWBKOw0oJ0fWDblaqmB2GWW6X4MU84W6G4W605820W0JG5D_TrXxe58m2e1QGqlIT1iaM0F0_q1REdzw-0PWNbxMqBBWN0S0NjTO1e1dk0RWP____0VWPW-7kAu4Q___FAZgeFooe7W6m7mB87v62ibQf8Al4VW5pmyS_k23UtIcG8i7vAf0Ymlaga2B3-Igm8W788W7L8l__V_-18uaZcfcPcPcPsJ-G8_Ycwgs6WRFlgm6O8zghuAwXh_Mrmm4900mU95QynW7kvom2j75bxALIULYbjElZ-pxS2HOBE000~1=WOqejI_zOAq07Gm0r1KhRfgWhG68wvlJuP27huy1W06ZbUoCtgEiZmo80RMRYhET0P01Wk72u-60W802c062uSBZORW1n9oJy2NO0TppmAm1u06kohsU0UW1s0Ju0Qgcthu1e0AKm_0Oe0C6i0Em0uW5ugG7a0MmsGgm1OBx0xW5Wli3m0MztmZ81R-U0z05eOi1g0Rk0Qa7fFFGN1N4lG2u1u05u0UG3SA0W0RW2CgXk0pe2GU02W7e39C2c0sM-JJ0e12X4MU05820W0JG50te58m2e1QGqlIT1iaMq1Q-lTw-0PWNselABRWN0S0NjTO1e1dk0RWP____0O4Q___hbJnW5KsW6fo0mwYPZBlewW6e7W6m7mF87-wve5Qf8BFYMxqy4_C_k23UtIcG8i7vAf0Ymlaga2B3-Igm8W788W7L8l__V_-18uaZcfcPcPcPsJ-G8vEOYVM9mv6I8fWZlTNBe9wI-wyj2W2I7oJUkyRWGX3HC0oZeIHKuyfAfbIEnJlZhRLAwHo3RQ88~1?stat-id=1&test-tag=246290604677681&banner-sizes=eyI3MjA1NzYwNzIxNDcyMTM4NyI6IjQxOXgxMDAiLCI3MjA1NzYwNzIxNDYwNDYyOSI6IjQxOXgxMDAiLCI3MjA1NzYwNzE2MTQwMzQ1NyI6IjQxOXgxMDAifQ%3D%3D&format-type=118&actual-format=10&pcodever=709056&banner-test-tags=eyI3MjA1NzYwNzIxNDcyMTM4NyI6IjU3MzYxIiwiNzIwNTc2MDcyMTQ2MDQ2MjkiOiI1NzM5NCIsIjcyMDU3NjA3MTYxNDAzNDU3IjoiNTczOTUifQ%3D%3D&pcode-active-testids=685674%2C0%2C23&width=1268&height=100&confirmTime=2101000&confirmRatio=1000000&wmode=0 HTTP/1.1
Host: an.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Origin: https://goo.su
Connection: keep-alive
Referer: https://goo.su/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
timing-allow-origin: *
location: https://an.yandex.ru/count/WMaejI_zOE80_Ge0L18YybXYl83Hk0K0uW4GmO200J5lzSnZ000003YKuCm1Y081kG9BU1GOu_hAQl02rElDq80uy0K1e0Rk0Sa6Rz5h_XlZG6If1wJpq5mLnBq0-0S1q0Y2W8200d559tEaym00tBKEBDRoWO20W8W4g0-avzEhruBnNf0GrlVlsTh3kut10QQDZBu-u1G1y1N1YlRieu-y_6EW5f3Iz9q6oHRmFzWMWHUe5mtG627u68ZsuAZPZSUIUe0PYHaAcBWP____0S0PxxAab-wevUvjqXaIUM5YSrzpPN9sPN8lSZStDYqqw1cH0V0PgmUO6jJ3Kx0RIBWR0u8S3MzaGpfXLbfFUKjJPZVf780T_t-080A880pG8Vy1rIB__t__WIC00000003mFn40W20yJo8mOjntjBuTkH5Ao25Dnpl_9OQsh3dgzwWi44Ybx_3e5u2rSoWdKSrHaQHHdEHZ18C2~1=WOqejI_zOAq07Gm0r1KhRfgWhG68wvlJuP27huy1W06ZbUoCtgEiZmo80RMRYhET0P01Wk72u-60W802c062uSBZORW1n9oJy2NO0TppmAm1u06kohsU0UW1s0Ju0Qgcthu1e0AKm_0Oe0C6i0Em0uW5ugG7a0MmsGgm1OBx0xW5Wli3m0MztmZ81R-U0z05eOi1g0Rk0Qa7fFFGN1N4lG2u1u05u0UG3SA0W0RW2CgXk0pe2GU02W7e39C2c0sM-JJ0e12X4MU05820W0JG50te58m2e1QGqlIT1iaMq1Q-lTw-0PWNselABRWN0S0NjTO1e1dk0RWP____0O4Q___hbJnW5KsW6fo0mwYPZBlewW6e7W6m7mF87-wve5Qf8BFYMxqy4_C_k23UtIcG8i7vAf0Ymlaga2B3-Igm8W788W7L8l__V_-18uaZcfcPcPcPsJ-G8vEOYVM9mv6I8fWZlTNBe9wI-wyj2W2I7oJUkyRWGX3HC0oZeIHKuyfAfbIEnJlZhRLAwHo3RQ88~1=WPGejI_zOB40LGm0X1P1KWMbiG6dkVhvai7Yy0600SNdtDdBfxhr6uW1oSwvXfu1a06gXQ6Mue20W0AO0Qg5ePPYk07o-iVu9TW1eeJah07W0PQLhva1w06s1A02j8q2e0C4i0FJ0eW5hu8Ea0MmWHYm1Q-D1hW5huq6m0Nyd7x81TgB8D05nRW2g0Rk0Qa7fFFGN1N4lG2u1u05u0U62j08keY0WSA0W0RW2Dg60UW91u0A0VWAWBKOw0oJ0fWDblaqmB2GWW6X4MU84W6G4W605820W0JG5D_TrXxe58m2e1QGqlIT1iaM0F0_q1REdzw-0PWNbxMqBBWN0S0NjTO1e1dk0RWP____0VWPW-7kAu4Q___FAZgeFooe7W6m7mB87v62ibQf8Al4VW5pmyS_k23UtIcG8i7vAf0Ymlaga2B3-Igm8W788W7L8l__V_-18uaZcfcPcPcPsJ-G8_Ycwgs6WRFlgm6O8zghuAwXh_Mrmm4900mU95QynW7kvom2j75bxALIULYbjElZ-pxS2HOBE000~1=WOmejI_zOAC05Gm0P1Qadd5wem4GW8200QUv-lcImUBm0O010OW1vTgZefu1a07MfQ-Mue20W0AO0TQbhvPYk06Kiyhu9TW1whldh07W0Sx7xgO1w06g0_W1w8lUlW6W0exwXG6m0xq3Y0MwZ1AG1VYyIR05YzSIk0MBrnB01PIRkm781QhCBz05jxm7g0Rk0Qa7fFFGN1N4lG2u1u05u0U62j08keY0WSA2W0RW28VzGkW91u0A0VWAWBKOw0oJ0fWDblaqmB0GeH5dPcPcPcRcY181a181W1I0W804q1IPvjLRw1IC0g0MaDBqdGR95j0Mw8lUlW6O5x2zYY-u5m705xNM0Q0PxW6u6V___m616l__LygvzRoSg1u1i1y1o1_rtRDMgI2cxJo3F4JPFxWWtjqfa2B1-IgG8iBvAf0Ym_agi281o281rIB__t__WIFmFuaZcfcPcPcPsJ-G8xEojfZ6tvVEN9WZukZrcQsHsCzg1m26I1dntpN6W6GLiw1VAPNXd4ffTup5OWu0~1?stat-id=1&test-tag=246290604677681&banner-sizes=eyI3MjA1NzYwNzIxNDcyMTM4NyI6IjQxOXgxMDAiLCI3MjA1NzYwNzIxNDYwNDYyOSI6IjQxOXgxMDAiLCI3MjA1NzYwNzE2MTQwMzQ1NyI6IjQxOXgxMDAifQ%3D%3D&format-type=118&actual-format=10&pcodever=709056&banner-test-tags=eyI3MjA1NzYwNzIxNDcyMTM4NyI6IjU3MzYxIiwiNzIwNTc2MDcyMTQ2MDQ2MjkiOiI1NzM5NCIsIjcyMDU3NjA3MTYxNDAzNDU3IjoiNTczOTUifQ%3D%3D&pcode-active-testids=685674%2C0%2C23&width=1268&height=100&confirmTime=2101000&confirmRatio=1000000&wmode=0
date: Sun, 22 Jan 2023 08:36:02 GMT
access-control-allow-origin: https://goo.su
set-cookie: yandexuid=4386782411674376562; domain=.yandex.ru; path=/; expires=Wed, 19-Jan-2033 08:36:02 GMT
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
expires: Sun, 22 Jan 2023 08:36:02 GMT
last-modified: Sun, 22 Jan 2023 08:36:02 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-encoding: gzip
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash bf8adb895fe58216ec698c24684e59f8
0bfc38b5918b7d22e0fd8394ec5f4d2acffbfcb8
3f9d9c9f28fdafd7dbfc388a15cb810066c78e1b2b22dbf431a141af58903d9a
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "3F9D9C9F28FDAFD7DBFC388A15CB810066C78E1B2B22DBF431A141AF58903D9A"
Last-Modified: Sat, 21 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21600
Expires: Sun, 22 Jan 2023 14:36:04 GMT
Date: Sun, 22 Jan 2023 08:36:04 GMT
Connection: keep-alive
mc.yandex.ru/watch/37412095?wmode=7&page-url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.83%2F1-1-0%2Frender.html&page-ref=https%3A%2F%2Fgoo.su%2F&charset=utf-8&site-info=%7B%22extensions%22%3A%22%22%2C%22fromGoogle%22%3A%22false%22%2C%22fromCancel%22%3A%22false%22%2C%22loyal%22%3A%220%22%2C%22sbscrb%22%3A%22%22%2C%22p%22%3A%22%22%2C%22b%22%3A%22%22%2C%22fresh%22%3A%22%22%2C%22infected%22%3A%22%22%2C%22slow%22%3A%22%22%2C%22os%22%3A%22windows%22%2C%22browser%22%3A%22firefox%22%2C%22winxp%22%3A%22false%22%2C%22old%22%3A%22actual%22%2C%22yabroAge%22%3Anull%7D&browser-info=pv%3A1%3Avf%3A3kqlg6e9sjiwxr6f2njdv%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A960%3Acn%3A2%3Adp%3A0%3Als%3A421099280425%3Ahid%3A540196772%3Aphid%3A989927223%3Az%3A0%3Ai%3A20230122083604%3Aet%3A1674376564%3Arn%3A993166409%3Arqn%3A1%3Au%3A1674376561175737730%3Aw%3A1x1%3As%3A1280x1024x24%3Ask%3A1%3Aifr%3A1%3Ads%3A0%2C0%2C14%2C0%2C%2C0%2C%2C23%2C1%2C43%2C43%2C1%2C42%3Aco%3A0%3Ans%3A1674376558929%3Aadb%3A2%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-5cbccea2ed3dd5c7a75380ef1cbfadf6-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1674376564%3At%3A&t=gdpr(6)clc(0-0-0)rqnt(1)aw(1)fip(1)ti(2)
87.250.251.119302 Found 419 B URL HTTP/2 mc.yandex.ru/watch/37412095?wmode=7&page-url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.83%2F1-1-0%2Frender.html&page-ref=https%3A%2F%2Fgoo.su%2F&charset=utf-8&site-info=%7B%22extensions%22%3A%22%22%2C%22fromGoogle%22%3A%22false%22%2C%22fromCancel%22%3A%22false%22%2C%22loyal%22%3A%220%22%2C%22sbscrb%22%3A%22%22%2C%22p%22%3A%22%22%2C%22b%22%3A%22%22%2C%22fresh%22%3A%22%22%2C%22infected%22%3A%22%22%2C%22slow%22%3A%22%22%2C%22os%22%3A%22windows%22%2C%22browser%22%3A%22firefox%22%2C%22winxp%22%3A%22false%22%2C%22old%22%3A%22actual%22%2C%22yabroAge%22%3Anull%7D&browser-info=pv%3A1%3Avf%3A3kqlg6e9sjiwxr6f2njdv%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A960%3Acn%3A2%3Adp%3A0%3Als%3A421099280425%3Ahid%3A540196772%3Aphid%3A989927223%3Az%3A0%3Ai%3A20230122083604%3Aet%3A1674376564%3Arn%3A993166409%3Arqn%3A1%3Au%3A1674376561175737730%3Aw%3A1x1%3As%3A1280x1024x24%3Ask%3A1%3Aifr%3A1%3Ads%3A0%2C0%2C14%2C0%2C%2C0%2C%2C23%2C1%2C43%2C43%2C1%2C42%3Aco%3A0%3Ans%3A1674376558929%3Aadb%3A2%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-5cbccea2ed3dd5c7a75380ef1cbfadf6-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1674376564%3At%3A&t=gdpr(6)clc(0-0-0)rqnt(1)aw(1)fip(1)ti(2)
IP 87.250.251.119:0
File type JSON data\012- , ASCII text, with very long lines (419), with no line terminators
Hash 9895116a48a395b8c71e56c417d68dc6
b818a5ff406aee3028ec9c9445f08661db598781
ae285449c1f9bb2e59c67b10e62cfb9c6c7a3057b7a2617c343f23d5cdfe7ddc
GET /watch/37412095?wmode=7&page-url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.83%2F1-1-0%2Frender.html&page-ref=https%3A%2F%2Fgoo.su%2F&charset=utf-8&site-info=%7B%22extensions%22%3A%22%22%2C%22fromGoogle%22%3A%22false%22%2C%22fromCancel%22%3A%22false%22%2C%22loyal%22%3A%220%22%2C%22sbscrb%22%3A%22%22%2C%22p%22%3A%22%22%2C%22b%22%3A%22%22%2C%22fresh%22%3A%22%22%2C%22infected%22%3A%22%22%2C%22slow%22%3A%22%22%2C%22os%22%3A%22windows%22%2C%22browser%22%3A%22firefox%22%2C%22winxp%22%3A%22false%22%2C%22old%22%3A%22actual%22%2C%22yabroAge%22%3Anull%7D&browser-info=pv%3A1%3Avf%3A3kqlg6e9sjiwxr6f2njdv%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A960%3Acn%3A2%3Adp%3A0%3Als%3A421099280425%3Ahid%3A540196772%3Aphid%3A989927223%3Az%3A0%3Ai%3A20230122083604%3Aet%3A1674376564%3Arn%3A993166409%3Arqn%3A1%3Au%3A1674376561175737730%3Aw%3A1x1%3As%3A1280x1024x24%3Ask%3A1%3Aifr%3A1%3Ads%3A0%2C0%2C14%2C0%2C%2C0%2C%2C23%2C1%2C43%2C43%2C1%2C42%3Aco%3A0%3Ans%3A1674376558929%3Aadb%3A2%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-5cbccea2ed3dd5c7a75380ef1cbfadf6-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1674376564%3At%3A&t=gdpr(6)clc(0-0-0)rqnt(1)aw(1)fip(1)ti(2) HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://yastatic.net
Connection: keep-alive
Referer: https://yastatic.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
location: /watch/37412095/1?wmode=7&page-url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.83%2F1-1-0%2Frender.html&page-ref=https%3A%2F%2Fgoo.su%2F&charset=utf-8&site-info=%7B%22extensions%22%3A%22%22%2C%22fromGoogle%22%3A%22false%22%2C%22fromCancel%22%3A%22false%22%2C%22loyal%22%3A%220%22%2C%22sbscrb%22%3A%22%22%2C%22p%22%3A%22%22%2C%22b%22%3A%22%22%2C%22fresh%22%3A%22%22%2C%22infected%22%3A%22%22%2C%22slow%22%3A%22%22%2C%22os%22%3A%22windows%22%2C%22browser%22%3A%22firefox%22%2C%22winxp%22%3A%22false%22%2C%22old%22%3A%22actual%22%2C%22yabroAge%22%3Anull%7D&browser-info=pv%3A1%3Avf%3A3kqlg6e9sjiwxr6f2njdv%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A960%3Acn%3A2%3Adp%3A0%3Als%3A421099280425%3Ahid%3A540196772%3Aphid%3A989927223%3Az%3A0%3Ai%3A20230122083604%3Aet%3A1674376564%3Arn%3A993166409%3Arqn%3A1%3Au%3A1674376561175737730%3Aw%3A1x1%3As%3A1280x1024x24%3Ask%3A1%3Aifr%3A1%3Ads%3A0%2C0%2C14%2C0%2C%2C0%2C%2C23%2C1%2C43%2C43%2C1%2C42%3Aco%3A0%3Ans%3A1674376558929%3Aadb%3A2%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-5cbccea2ed3dd5c7a75380ef1cbfadf6-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1674376564%3At%3A&t=gdpr%286%29clc%280-0-0%29rqnt%281%29aw%281%29fip%281%29ti%282%29
date: Sun, 22 Jan 2023 08:36:05 GMT
access-control-allow-origin: https://yastatic.net
set-cookie: yabs-sid=276765571674376565; Path=/; SameSite=None; Secure
i=6Q5kd5rkt1qewQt5xLyfE8EwuYIog6HT4Iu34EZlJj3wZkSY8a+8WQ+rJ8y37ZIr8yiCVik+VqTp2GHWkSQSIpBAYn4=; Expires=Wed, 19-Jan-2033 08:36:04 GMT; Domain=.yandex.ru; Path=/; Secure; HttpOnly; SameSite=None
yandexuid=804184641674376565; Expires=Mon, 22-Jan-2024 08:36:05 GMT; Domain=.yandex.ru; Path=/; SameSite=None; Secure
yuidss=804184641674376565; Expires=Mon, 22-Jan-2024 08:36:05 GMT; Domain=.yandex.ru; Path=/; SameSite=None; Secure
ymex=1705912565.yc.1674376565#1705912565.yrts.1674376565#1705912565.yrtsi.1674376565; Expires=Mon, 22-Jan-2024 08:36:05 GMT; Domain=.yandex.ru; Path=/; SameSite=None; Secure
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Sun, 22-Jan-2023 08:36:05 GMT
last-modified: Sun, 22-Jan-2023 08:36:05 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
cdnjs.cloudflare.com/ajax/libs/clipboard.js/1.5.15/clipboard.min.js?v=1.5.15
104.17.24.14200 OK 2.9 kB URL HTTP/2 cdnjs.cloudflare.com/ajax/libs/clipboard.js/1.5.15/clipboard.min.js?v=1.5.15
IP 104.17.24.14:0
File type Unicode text, UTF-8 text, with very long lines (10167)
Hash 0484dcebfbab7dccc5d99b4495b3f8bf
daa4e1f1a603f9f67f02df90bd0326e6b977760b
bfb2de15270f7034f9ff37518a5a1038838c9dcefdab5e9d132edf11fcb78ee1
GET /ajax/libs/clipboard.js/1.5.15/clipboard.min.js?v=1.5.15 HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ap.lc/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 22 Jan 2023 08:36:06 GMT
content-type: application/javascript; charset=utf-8
content-length: 2906
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03e29-2824"
last-modified: Mon, 04 May 2020 16:09:13 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 832658
expires: Fri, 12 Jan 2024 08:36:06 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CITf32%2BP2gBV9tRuhTt9yHBQ%2FuwQ%2BMBvnfOY9ybtVJ%2BtwjFWFQ3gDb1fnqNHWPEbarvVsbO%2FxSYnP1SMb%2F6IGnmP12t%2BUTfrpHesDGt4CgKSl3JY0kghEGURpRJG1jyZmRXeHn7w"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 78d6f5c2493eb503-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdnjs.cloudflare.com/ajax/libs/pace/0.4.17/pace.js?v=0.4.17
104.17.24.14200 OK 5.2 kB URL HTTP/2 cdnjs.cloudflare.com/ajax/libs/pace/0.4.17/pace.js?v=0.4.17
IP 104.17.24.14:0
File type ASCII text, with very long lines (587)
Hash 1a2547d6f71b7fee8ae95ddae3f22e73
99a2ef7dd879b6defc909b8fea189df314100aa8
877343574a2ad351c37b1df9d3911fd2815a25759b0328857b91a8699ff5b7f2
GET /ajax/libs/pace/0.4.17/pace.js?v=0.4.17 HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ap.lc/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 22 Jan 2023 08:36:06 GMT
content-type: application/javascript; charset=utf-8
content-length: 5158
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03f40-621b"
last-modified: Mon, 04 May 2020 16:13:52 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 268921
expires: Fri, 12 Jan 2024 08:36:06 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=siZjctmDD8ikVMkU24OGfXjt%2BhZ63%2FukV15WVWkzNvmgaN62B9QFT15vKcKkBOA4YVhERUIlgiNKyLdquQm84CXi2Z0ljFLaRTEO0shOcABTyx1R%2BDug9K%2FJJoE4JVYtvifINlLW"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 78d6f5c2594db503-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdnjs.cloudflare.com/ajax/libs/chosen/1.1.0/chosen.jquery.min.js?v=1.1.0
104.17.24.14200 OK 5.5 kB URL HTTP/2 cdnjs.cloudflare.com/ajax/libs/chosen/1.1.0/chosen.jquery.min.js?v=1.1.0
IP 104.17.24.14:0
File type ASCII text, with very long lines (26845)
Hash 7818ad87d68a3d9397bd6ffb254bf913
7a1344aad87c3a404a7dee26bb0b9de2c9ab9848
ebc72f41a00cc2f00e327e65a2b32dddd50fd8b5957968cc983344812a728de1
GET /ajax/libs/chosen/1.1.0/chosen.jquery.min.js?v=1.1.0 HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ap.lc/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 22 Jan 2023 08:36:06 GMT
content-type: application/javascript; charset=utf-8
content-length: 5483
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03e23-6956"
last-modified: Mon, 04 May 2020 16:09:07 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 223064
expires: Fri, 12 Jan 2024 08:36:06 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2g%2FQfMe3epy%2FuXbFY5kB0RBtCtaRn9ChjYQFeUlMfJK%2BdfMADb2JbWrSk73VYqpTMGjSYbW8MLeXVXw%2FqqdAAf7amUVoe5KEXc0LSpZJbh3BGoq6kZABk136%2BcN6SNdpatcrRXvD"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 78d6f5c25959b503-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdnjs.cloudflare.com/ajax/libs/iCheck/1.0.1/icheck.min.js?v=1.0.1
104.17.24.14200 OK 1.9 kB URL HTTP/2 cdnjs.cloudflare.com/ajax/libs/iCheck/1.0.1/icheck.min.js?v=1.0.1
IP 104.17.24.14:0
File type ASCII text, with very long lines (534)
Hash 64775f818e0b9e2575dcce786ef91260
6b72b22e187bb54906b83983e3ebc31944941048
7e41e47179c0a56f079ab52243cc43ca8578a746cfba6667473ac15fca8ef39d
GET /ajax/libs/iCheck/1.0.1/icheck.min.js?v=1.0.1 HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ap.lc/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 22 Jan 2023 08:36:06 GMT
content-type: application/javascript; charset=utf-8
content-length: 1911
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03e9e-11a4"
last-modified: Mon, 04 May 2020 16:11:10 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 5221743
expires: Fri, 12 Jan 2024 08:36:06 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ULGXTVz%2BiHJxCIUAxgWZLEApOOCFmkDcIAJ7lyoqIIN5gUZ1o7kz9LfivwaDBp05X%2FNxdRsbooiKsDGY%2FTMa6xsbYCBH1byxVjEnTeU7E7bHPO8a5NfRYt%2B7hdIK3q8P%2Fzhtcgyx"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 78d6f5c2695db503-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdnjs.cloudflare.com/ajax/libs/jquery.devbridge-autocomplete/1.4.10/jquery.autocomplete.min.js?v=1.1.5
104.17.24.14200 OK 3.9 kB URL HTTP/2 cdnjs.cloudflare.com/ajax/libs/jquery.devbridge-autocomplete/1.4.10/jquery.autocomplete.min.js?v=1.1.5
IP 104.17.24.14:0
File type ASCII text, with very long lines (12822)
Hash b5757407a0e24c6ad5b0452a6d6f5984
45b1b72288c62128ef3ddfbe7f58759c55b629ff
177ff31938b307f11cd17147bd884597b9f83ff24995910c0282bd602df288e4
GET /ajax/libs/jquery.devbridge-autocomplete/1.4.10/jquery.autocomplete.min.js?v=1.1.5 HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ap.lc/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 22 Jan 2023 08:36:06 GMT
content-type: application/javascript; charset=utf-8
content-length: 3860
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03ec2-331b"
last-modified: Mon, 04 May 2020 16:11:46 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
cf-cache-status: HIT
age: 19825874
expires: Fri, 12 Jan 2024 08:36:06 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5GcH1fDAYJSg0bTAzDJEMMe%2BJNnsBw%2B5KMSp%2BbdB%2F3GGydZzpz4%2Fquoq2hJX1D%2BNSpY8c6fEtjmOIN3t1N6T3x%2BuJT417CtmY3fjr%2F5GGRJ%2BBEwaN2VnYZhq6h0ldX0%2BkL4uZM9C"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 78d6f5c2797ab503-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.0.3/cookieconsent.min.js?v=3.0.3
104.17.24.14200 OK 5.7 kB URL HTTP/2 cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.0.3/cookieconsent.min.js?v=3.0.3
IP 104.17.24.14:0
File type ASCII text, with very long lines (19802), with no line terminators
Hash 58f4ceec3a7d093bfd1950958cbe154b
caf26cce5c1f0aed15242563d761a49871049862
1e7bb2486d8ebbf38a33a57a9021264ff4979716ed8271630410be0c328a8a34
GET /ajax/libs/cookieconsent2/3.0.3/cookieconsent.min.js?v=3.0.3 HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ap.lc/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 22 Jan 2023 08:36:06 GMT
content-type: application/javascript; charset=utf-8
content-length: 5676
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03e2d-4d5a"
last-modified: Mon, 04 May 2020 16:09:17 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 199696
expires: Fri, 12 Jan 2024 08:36:06 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ddjCfkwN0usFR%2B8jk6iib4U%2BWKoxQRv3Au%2FbjM4Vd%2BUNf%2FNkkYqQqwFh%2B9MXM8yAEIuuCSOg4d%2FAyqEeHtc4NXCGpQjRxIQAeneLgJKCGpbadfI4vzNkRTysmmvV%2Bug%2FJ6TVnJoG"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 78d6f5c27972b503-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.0.3/cookieconsent.min.css?v=3.0.3
104.17.24.14200 OK 948 B URL HTTP/2 cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.0.3/cookieconsent.min.css?v=3.0.3
IP 104.17.24.14:0
File type ASCII text, with very long lines (1323)
Hash 7ebddc52578cfcef8faf6bae26114686
9355e6820363f0c4ae0d31182aae76531bc82f31
2ca0c9f084305f3c1551e1a6eaa92bfa72fc383a706332ff2deaf7c164bef119
GET /ajax/libs/cookieconsent2/3.0.3/cookieconsent.min.css?v=3.0.3 HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ap.lc/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 22 Jan 2023 08:36:06 GMT
content-type: text/css; charset=utf-8
content-length: 948
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03e2d-f62"
last-modified: Mon, 04 May 2020 16:09:17 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 7373078
expires: Fri, 12 Jan 2024 08:36:06 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BW%2BJlzrwfMjPZiDIiiQ5bUeemVcag1uST0ozlkSHqttAp7YNUDlirSfYxa%2Bb2w1ymgOq%2FPoRrXOSaXWfxBEzq3FSex9mlsoaLpM7utQNf9MfE%2B4yjpFMJa1ThFAVlEMKSYyH4u4c"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 78d6f5c2898eb503-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash 032ea16a79a95a9f16a60674c5f3ad5c
daea213df10fabce0cd857bcd4f3e64dd1293fad
4637cdfefc8df89f6f6cc042daa30247921cbd001bd16484b18c384f1e7b9781
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 22 Jan 2023 08:36:06 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 471 B IP 216.58.211.3:0
Hash c0f67edfa92ff11474d17ad3160ed43e
a43cc627d3c9258bdbe14ff3ceeed1c98496ff50
309dea4b94ceda4ec43c2f944cdfad61434c96eaafd172bc55c39545f3bf5a1e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 22 Jan 2023 08:36:06 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.googletagmanager.com/gtag/js?id=UA-41493571-1
142.250.74.168200 OK 44 kB URL HTTP/2 www.googletagmanager.com/gtag/js?id=UA-41493571-1
IP 142.250.74.168:0
File type ASCII text, with very long lines (1921)
Hash 318190955a97a40a2c31db6a90b588e7
c3d028cc1ea714b497222db9ac7e7ab4c5d24b15
800a67d99d81936ef944c4cbfffe77a5f030823ed01f87b8f938c467290555d9
GET /gtag/js?id=UA-41493571-1 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ap.lc/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Sun, 22 Jan 2023 08:36:06 GMT
expires: Sun, 22 Jan 2023 08:36:06 GMT
cache-control: private, max-age=900
last-modified: Sun, 22 Jan 2023 06:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 43985
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 471 B IP 216.58.211.3:0
Hash c0f67edfa92ff11474d17ad3160ed43e
a43cc627d3c9258bdbe14ff3ceeed1c98496ff50
309dea4b94ceda4ec43c2f944cdfad61434c96eaafd172bc55c39545f3bf5a1e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 22 Jan 2023 08:36:06 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ap.lc/apple-touch-icon.png
78.47.194.146200 OK 4.2 kB URL HTTP/2 ap.lc/apple-touch-icon.png
IP 78.47.194.146:0
ASN #24940 Hetzner Online GmbH
File type PNG image data, 180 x 180, 8-bit/color RGBA, non-interlaced\012- data
Hash 2decd0d5f10fe8fe3fc11e1dd44fcec0
cf22d4a8e8d276184a69a776ff6340b2a38291ef
23db8059f70974e1d869efff01c209c49419d3da669b612e28cae7613220503e
GET /apple-touch-icon.png HTTP/1.1
Host: ap.lc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ap.lc/uubBS?asdnwbdowqkamwo
Cookie: PHPSESSID=0t3ceshlu0r9kjg6pm7u8lenl6; XSRF-TOKEN=eyJpdiI6Ik9XWHFINEViVXdIcExCY3hjZFUvNlE9PSIsInZhbHVlIjoic1FnZW4ySXhLdytpS3MzRk1CM0loTktUTFhSYVJtYkF1RWZoUGlqUmhkYXE3SE9UUzNjYzdGNmFLNjRvRVdZckZ5Q3VudjZwdnlQeXgweWRJektkZWJxc0RsVnBLVDlEU0F2VGxCMVlLWGgzMm1McXYvUDBwL085b1lIOUNCQTkiLCJtYWMiOiJkY2RlMDQ5NDdmZTdhZmE1OGMwMDA3NzI5ODM4NzRkOTlkOGQ0NDdkNzMxYjJhMWNjOWMwOTIyNmE4ZTMzNDI0In0%3D; urlverkorten_session=eyJpdiI6IlArTmdvaWhkS29Ma1BkQmZWYkZEUXc9PSIsInZhbHVlIjoiRmR2ODJCU1hYMG8zR1lpQnVNNVZMOXJkVEhxUjJXY1drSjRXcXd3QUdMOTJRQzZDLytVVk9aOWdOLzAzczNsOXlCWHdHSXRJTEQ0YTVWanp4QXhrRDRiMklIWmM3UWF6VTI3Zkd2ZFppSzlCT0xkMnJiZGpNYlpBbXpvTk1xcHoiLCJtYWMiOiJhNTcyZjVmZDY4NTlmNWQzM2VhMDlhZTc1ZDA2N2NjMGEwNWZmNGIxZDk4MmZhZjUyNjA3NzM2OTY3MzliN2Y0In0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 22 Jan 2023 08:36:06 GMT
content-type: image/png
content-length: 4214
last-modified: Tue, 23 Feb 2021 20:32:36 GMT
etag: "60356664-1076"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
accept-ranges: bytes
X-Firefox-Spdy: h2
ap.lc/favicon-16x16.png
78.47.194.146200 OK 605 B IP 78.47.194.146:0
ASN #24940 Hetzner Online GmbH
File type PNG image data, 16 x 16, 8-bit colormap, non-interlaced\012- data
Hash 91f2e39110668797a3f60672db47ec46
d465059166b4144e7c93c4e48d060753ad75e4c7
5ae191850f9e1dd559c477085624ddaf72149e68193cc3b9b45a2ec1803f0e87
GET /favicon-16x16.png HTTP/1.1
Host: ap.lc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ap.lc/uubBS?asdnwbdowqkamwo
Cookie: PHPSESSID=0t3ceshlu0r9kjg6pm7u8lenl6; XSRF-TOKEN=eyJpdiI6Ik9XWHFINEViVXdIcExCY3hjZFUvNlE9PSIsInZhbHVlIjoic1FnZW4ySXhLdytpS3MzRk1CM0loTktUTFhSYVJtYkF1RWZoUGlqUmhkYXE3SE9UUzNjYzdGNmFLNjRvRVdZckZ5Q3VudjZwdnlQeXgweWRJektkZWJxc0RsVnBLVDlEU0F2VGxCMVlLWGgzMm1McXYvUDBwL085b1lIOUNCQTkiLCJtYWMiOiJkY2RlMDQ5NDdmZTdhZmE1OGMwMDA3NzI5ODM4NzRkOTlkOGQ0NDdkNzMxYjJhMWNjOWMwOTIyNmE4ZTMzNDI0In0%3D; urlverkorten_session=eyJpdiI6IlArTmdvaWhkS29Ma1BkQmZWYkZEUXc9PSIsInZhbHVlIjoiRmR2ODJCU1hYMG8zR1lpQnVNNVZMOXJkVEhxUjJXY1drSjRXcXd3QUdMOTJRQzZDLytVVk9aOWdOLzAzczNsOXlCWHdHSXRJTEQ0YTVWanp4QXhrRDRiMklIWmM3UWF6VTI3Zkd2ZFppSzlCT0xkMnJiZGpNYlpBbXpvTk1xcHoiLCJtYWMiOiJhNTcyZjVmZDY4NTlmNWQzM2VhMDlhZTc1ZDA2N2NjMGEwNWZmNGIxZDk4MmZhZjUyNjA3NzM2OTY3MzliN2Y0In0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 22 Jan 2023 08:36:06 GMT
content-type: image/png
content-length: 605
last-modified: Tue, 23 Feb 2021 20:32:36 GMT
etag: "60356664-25d"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
accept-ranges: bytes
X-Firefox-Spdy: h2
ap.lc/static/fonts/glyphicons-halflings-regular.woff
78.47.194.146200 OK 23 kB URL HTTP/2 ap.lc/static/fonts/glyphicons-halflings-regular.woff
IP 78.47.194.146:0
ASN #24940 Hetzner Online GmbH
File type Web Open Font Format, TrueType, length 23320, version 1.0\012- data
Hash 68ed1dac06bf0409c18ae7bc62889170
22037a3455914e5662fa51a596677bdb329e2c5c
fc969dc1c6ff531abcf368089dcbaf5775133b0626ff56b52301a059fc0f9e1e
GET /static/fonts/glyphicons-halflings-regular.woff HTTP/1.1
Host: ap.lc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://ap.lc/static/css/bootstrap.min.css
Cookie: PHPSESSID=0t3ceshlu0r9kjg6pm7u8lenl6; XSRF-TOKEN=eyJpdiI6Ik9XWHFINEViVXdIcExCY3hjZFUvNlE9PSIsInZhbHVlIjoic1FnZW4ySXhLdytpS3MzRk1CM0loTktUTFhSYVJtYkF1RWZoUGlqUmhkYXE3SE9UUzNjYzdGNmFLNjRvRVdZckZ5Q3VudjZwdnlQeXgweWRJektkZWJxc0RsVnBLVDlEU0F2VGxCMVlLWGgzMm1McXYvUDBwL085b1lIOUNCQTkiLCJtYWMiOiJkY2RlMDQ5NDdmZTdhZmE1OGMwMDA3NzI5ODM4NzRkOTlkOGQ0NDdkNzMxYjJhMWNjOWMwOTIyNmE4ZTMzNDI0In0%3D; urlverkorten_session=eyJpdiI6IlArTmdvaWhkS29Ma1BkQmZWYkZEUXc9PSIsInZhbHVlIjoiRmR2ODJCU1hYMG8zR1lpQnVNNVZMOXJkVEhxUjJXY1drSjRXcXd3QUdMOTJRQzZDLytVVk9aOWdOLzAzczNsOXlCWHdHSXRJTEQ0YTVWanp4QXhrRDRiMklIWmM3UWF6VTI3Zkd2ZFppSzlCT0xkMnJiZGpNYlpBbXpvTk1xcHoiLCJtYWMiOiJhNTcyZjVmZDY4NTlmNWQzM2VhMDlhZTc1ZDA2N2NjMGEwNWZmNGIxZDk4MmZhZjUyNjA3NzM2OTY3MzliN2Y0In0%3D
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 22 Jan 2023 08:36:06 GMT
content-type: font/woff
content-length: 23320
last-modified: Wed, 27 Jan 2021 14:47:50 GMT
etag: "60117d16-5b18"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
accept-ranges: bytes
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 471 B IP 216.58.211.3:0
Hash 25d59e4444b16818a49fec7128c90dcd
ea263f33790881a01e317fa03d935f7109523e41
22e26ea1917d1a0fed0b2af636f1baecb59768b0f85c9ab6b1c37d45e84dfa2d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 22 Jan 2023 08:36:06 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/opensans/v34/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4gaVI.woff2
142.250.74.35200 OK 17 kB URL HTTP/2 fonts.gstatic.com/s/opensans/v34/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4gaVI.woff2
IP 142.250.74.35:0
File type Web Open Font Format (Version 2), TrueType, length 16740, version 1.0\012- data
Hash e43b535855a4ae53bd5b07a6eeb3bf67
6507312d9491156036316484bf8dc41e8b52ddd9
b34551ae25916c460423b82beb8e0675b27f76a9a2908f18286260fbd6de6681
GET /s/opensans/v34/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4gaVI.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://ap.lc
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 16740
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 16 Jan 2023 18:52:55 GMT
expires: Tue, 16 Jan 2024 18:52:55 GMT
cache-control: public, max-age=31536000
age: 481391
last-modified: Mon, 15 Aug 2022 18:14:44 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.google-analytics.com/analytics.js
142.250.74.46200 OK 20 kB URL HTTP/2 www.google-analytics.com/analytics.js
IP 142.250.74.46:0
File type ASCII text, with very long lines (1490)
Hash ca7fbbfd120e3e329633044190bbf134
d17f81e03dd827554ddd207ea081fb46b3415445
847004cefb32f85a9cc16b0b1eb77529ff5753680c145bfcb23f651d214737db
GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ap.lc/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20085
date: Sun, 22 Jan 2023 07:45:20 GMT
expires: Sun, 22 Jan 2023 09:45:20 GMT
cache-control: public, max-age=7200
age: 3046
last-modified: Tue, 10 Jan 2023 21:29:14 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash 5074bfa38808c4a0f18b00a601cfef53
ffc0c526e49251605b2c95d0d1d595f9c702cd9a
6262e4155e8fbf18388f2f38c8e65cb87db94dae66d1dbbd329b4973d8b243df
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 22 Jan 2023 08:36:06 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-41493571-1&cid=218510959.1674376565&jid=251332993&gjid=642601579&_gid=1952872557.1674376565&_u=YEBAAUAAAAAAACAAI~&z=1476587521
108.177.14.156200 OK 1 B URL HTTP/2 stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-41493571-1&cid=218510959.1674376565&jid=251332993&gjid=642601579&_gid=1952872557.1674376565&_u=YEBAAUAAAAAAACAAI~&z=1476587521
IP 108.177.14.156:0
File type very short file (no magic)
Hash c4ca4238a0b923820dcc509a6f75849b
356a192b7913b04c54574d18c28d46e6395428ab
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
POST /j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-41493571-1&cid=218510959.1674376565&jid=251332993&gjid=642601579&_gid=1952872557.1674376565&_u=YEBAAUAAAAAAACAAI~&z=1476587521 HTTP/1.1
Host: stats.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: https://ap.lc
Connection: keep-alive
Referer: https://ap.lc/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: https://ap.lc
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Sun, 22 Jan 2023 08:36:06 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ap.lc/uubBS?asdnwbdowqkamwo
78.47.194.146200 OK 0 B URL HTTP/2 ap.lc/uubBS?asdnwbdowqkamwo
IP 78.47.194.146:0
ASN #24940 Hetzner Online GmbH
GET /uubBS?asdnwbdowqkamwo HTTP/1.1
Host: ap.lc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://goo.su/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-type: text/html; charset=UTF-8
expires: Thu, 19 Nov 1981 08:52:00 GMT
pragma: no-cache
cache-control: no-store, no-cache, must-revalidate, no-cache, private
date: Sun, 22 Jan 2023 08:36:05 GMT
set-cookie: PHPSESSID=0t3ceshlu0r9kjg6pm7u8lenl6; path=/
XSRF-TOKEN=eyJpdiI6Ik9XWHFINEViVXdIcExCY3hjZFUvNlE9PSIsInZhbHVlIjoic1FnZW4ySXhLdytpS3MzRk1CM0loTktUTFhSYVJtYkF1RWZoUGlqUmhkYXE3SE9UUzNjYzdGNmFLNjRvRVdZckZ5Q3VudjZwdnlQeXgweWRJektkZWJxc0RsVnBLVDlEU0F2VGxCMVlLWGgzMm1McXYvUDBwL085b1lIOUNCQTkiLCJtYWMiOiJkY2RlMDQ5NDdmZTdhZmE1OGMwMDA3NzI5ODM4NzRkOTlkOGQ0NDdkNzMxYjJhMWNjOWMwOTIyNmE4ZTMzNDI0In0%3D; expires=Sun, 22-Jan-2023 10:36:05 GMT; Max-Age=7200; path=/; samesite=lax
urlverkorten_session=eyJpdiI6IlArTmdvaWhkS29Ma1BkQmZWYkZEUXc9PSIsInZhbHVlIjoiRmR2ODJCU1hYMG8zR1lpQnVNNVZMOXJkVEhxUjJXY1drSjRXcXd3QUdMOTJRQzZDLytVVk9aOWdOLzAzczNsOXlCWHdHSXRJTEQ0YTVWanp4QXhrRDRiMklIWmM3UWF6VTI3Zkd2ZFppSzlCT0xkMnJiZGpNYlpBbXpvTk1xcHoiLCJtYWMiOiJhNTcyZjVmZDY4NTlmNWQzM2VhMDlhZTc1ZDA2N2NjMGEwNWZmNGIxZDk4MmZhZjUyNjA3NzM2OTY3MzliN2Y0In0%3D; expires=Sun, 22-Jan-2023 10:36:05 GMT; Max-Age=7200; path=/; httponly; samesite=lax
content-encoding: gzip
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
X-Firefox-Spdy: h2
an.yandex.ru/count/WMaejI_zODW0_Ge0L18np96LnNF8d0K0s04GW8200J5lzSnZ000003YKuCm1Y083kG9BU1GOu_hAQl02rElDq0I0EF050Q06xW791c-zLrZx_VXSgGUaynnnASIz0FW70T080WQg2n2X1qb-fFC00Egw4opMye60W8281AWFfEVZXvY5yLwG4DRtxzdQmxkDmG6cZOo-Fl0LmOhsxAEFlFnZe1QGqlIT1iaMy3_O5e4Ng1SDq1WX-1Y8zk2esOt7adg06OaP2fYu6V___m706U-of9VkgENkRT8P4dbXOdDVSsLoTcLoBt8tDpOjDEWPaG7m6Qi7c1hKmrEm6qYu6mE270rlP4CwQ3LuK7bBKsOtwHo07Vz_W202Y20Cq27___y1rIB__t__WIC00000003mFn40CWDfc34HF3daEzhSZjm89UIGTkETrH83UzKS5NjK5j2Zqcbuz0kasZdXI5GJM2HfZ3o8oE0U~1=WP4ejI_zOBS0FGm051ODqAwgjm6ux8UJulRAhlK1W06EbT3ouwpPtgS1Y06JffMiWG6G0QYEeiBKW8200fW1d8wYmbIu0PAykAKZs07udQQV0U01eAhU5kW1eWFu0SR7thu1e0AKleaPi0C2Z0I81UF72905uyS8i0NBbWAu1SkM0i05hk8Ao0MttWBG1RTlg0Rk0Qa7fFCSSId4lG2u1xG6u0U61k08Yj_43EW91u0A0VWAWBKOw0oJ0fWDblaqmB2IWW6X4MU0582WW0JG5FVCmsle58m2e1QGqlIT1iaMq1R6nzw-0PWNY9FN6RWN0S0NjTO1e1dk0RWP____0VWPfTs67e4Q__zpinRM6YwW6gBNsR7maklwmW6e7hzmi1y1o1_yZjDFgI3STExgNX3fFxWWtjqfa2B1-IgG8iBvAf0Ym_agrIB__t__WIE98vgPcPcPcTa_a2FfdlMvmBIfxb2O8wxPwlAGy9h-GWe0qnyaRhp6w8OW268OgqE9tSQLyLMf78ba23T64QXZi4qK0G00~1?stat-id=3&test-tag=246290604677649&banner-sizes=eyI3MjA1NzYwNTM4MTcwMjU0OCI6IjEyNjh4MjAwIn0%3D&format-type=118&actual-format=8&pcodever=709056&banner-test-tags=eyI3MjA1NzYwNTM4MTcwMjU0OCI6IjQzODI3NjkifQ%3D%3D&pcode-active-testids=685674%2C0%2C23&width=1268&height=200&confirmTime=2100000&confirmRatio=1000000&wmode=0
87.250.250.90302 Found 0 B URL HTTP/2 an.yandex.ru/count/WMaejI_zODW0_Ge0L18np96LnNF8d0K0s04GW8200J5lzSnZ000003YKuCm1Y083kG9BU1GOu_hAQl02rElDq0I0EF050Q06xW791c-zLrZx_VXSgGUaynnnASIz0FW70T080WQg2n2X1qb-fFC00Egw4opMye60W8281AWFfEVZXvY5yLwG4DRtxzdQmxkDmG6cZOo-Fl0LmOhsxAEFlFnZe1QGqlIT1iaMy3_O5e4Ng1SDq1WX-1Y8zk2esOt7adg06OaP2fYu6V___m706U-of9VkgENkRT8P4dbXOdDVSsLoTcLoBt8tDpOjDEWPaG7m6Qi7c1hKmrEm6qYu6mE270rlP4CwQ3LuK7bBKsOtwHo07Vz_W202Y20Cq27___y1rIB__t__WIC00000003mFn40CWDfc34HF3daEzhSZjm89UIGTkETrH83UzKS5NjK5j2Zqcbuz0kasZdXI5GJM2HfZ3o8oE0U~1=WP4ejI_zOBS0FGm051ODqAwgjm6ux8UJulRAhlK1W06EbT3ouwpPtgS1Y06JffMiWG6G0QYEeiBKW8200fW1d8wYmbIu0PAykAKZs07udQQV0U01eAhU5kW1eWFu0SR7thu1e0AKleaPi0C2Z0I81UF72905uyS8i0NBbWAu1SkM0i05hk8Ao0MttWBG1RTlg0Rk0Qa7fFCSSId4lG2u1xG6u0U61k08Yj_43EW91u0A0VWAWBKOw0oJ0fWDblaqmB2IWW6X4MU0582WW0JG5FVCmsle58m2e1QGqlIT1iaMq1R6nzw-0PWNY9FN6RWN0S0NjTO1e1dk0RWP____0VWPfTs67e4Q__zpinRM6YwW6gBNsR7maklwmW6e7hzmi1y1o1_yZjDFgI3STExgNX3fFxWWtjqfa2B1-IgG8iBvAf0Ym_agrIB__t__WIE98vgPcPcPcTa_a2FfdlMvmBIfxb2O8wxPwlAGy9h-GWe0qnyaRhp6w8OW268OgqE9tSQLyLMf78ba23T64QXZi4qK0G00~1?stat-id=3&test-tag=246290604677649&banner-sizes=eyI3MjA1NzYwNTM4MTcwMjU0OCI6IjEyNjh4MjAwIn0%3D&format-type=118&actual-format=8&pcodever=709056&banner-test-tags=eyI3MjA1NzYwNTM4MTcwMjU0OCI6IjQzODI3NjkifQ%3D%3D&pcode-active-testids=685674%2C0%2C23&width=1268&height=200&confirmTime=2100000&confirmRatio=1000000&wmode=0
IP 87.250.250.90:0
GET /count/WMaejI_zODW0_Ge0L18np96LnNF8d0K0s04GW8200J5lzSnZ000003YKuCm1Y083kG9BU1GOu_hAQl02rElDq0I0EF050Q06xW791c-zLrZx_VXSgGUaynnnASIz0FW70T080WQg2n2X1qb-fFC00Egw4opMye60W8281AWFfEVZXvY5yLwG4DRtxzdQmxkDmG6cZOo-Fl0LmOhsxAEFlFnZe1QGqlIT1iaMy3_O5e4Ng1SDq1WX-1Y8zk2esOt7adg06OaP2fYu6V___m706U-of9VkgENkRT8P4dbXOdDVSsLoTcLoBt8tDpOjDEWPaG7m6Qi7c1hKmrEm6qYu6mE270rlP4CwQ3LuK7bBKsOtwHo07Vz_W202Y20Cq27___y1rIB__t__WIC00000003mFn40CWDfc34HF3daEzhSZjm89UIGTkETrH83UzKS5NjK5j2Zqcbuz0kasZdXI5GJM2HfZ3o8oE0U~1=WP4ejI_zOBS0FGm051ODqAwgjm6ux8UJulRAhlK1W06EbT3ouwpPtgS1Y06JffMiWG6G0QYEeiBKW8200fW1d8wYmbIu0PAykAKZs07udQQV0U01eAhU5kW1eWFu0SR7thu1e0AKleaPi0C2Z0I81UF72905uyS8i0NBbWAu1SkM0i05hk8Ao0MttWBG1RTlg0Rk0Qa7fFCSSId4lG2u1xG6u0U61k08Yj_43EW91u0A0VWAWBKOw0oJ0fWDblaqmB2IWW6X4MU0582WW0JG5FVCmsle58m2e1QGqlIT1iaMq1R6nzw-0PWNY9FN6RWN0S0NjTO1e1dk0RWP____0VWPfTs67e4Q__zpinRM6YwW6gBNsR7maklwmW6e7hzmi1y1o1_yZjDFgI3STExgNX3fFxWWtjqfa2B1-IgG8iBvAf0Ym_agrIB__t__WIE98vgPcPcPcTa_a2FfdlMvmBIfxb2O8wxPwlAGy9h-GWe0qnyaRhp6w8OW268OgqE9tSQLyLMf78ba23T64QXZi4qK0G00~1?stat-id=3&test-tag=246290604677649&banner-sizes=eyI3MjA1NzYwNTM4MTcwMjU0OCI6IjEyNjh4MjAwIn0%3D&format-type=118&actual-format=8&pcodever=709056&banner-test-tags=eyI3MjA1NzYwNTM4MTcwMjU0OCI6IjQzODI3NjkifQ%3D%3D&pcode-active-testids=685674%2C0%2C23&width=1268&height=200&confirmTime=2100000&confirmRatio=1000000&wmode=0 HTTP/1.1
Host: an.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Origin: https://goo.su
Connection: keep-alive
Referer: https://goo.su/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
timing-allow-origin: *
location: https://an.yandex.ru/count/WMaejI_zODi0_Ge0L18np96LGnKFC0K0sm4GmO200J5lzSnZ000003YKuCm1Y083kG9BU1GOu_hAQl02rElDq0I0EF050Q06xW791c-zLrZx_VXSgGUaynnnASIz0FW70T080WQg2n2X1qb-fFC00Egw4opMye60W8281AWFfEVZXvY5yLwG4DRtxzdQmxkDmG6cZOo-Fl0LmOhsxAEFlFnZe1QGqlIT1iaMy3_O5e4Ng1SDq1WX-1Y8zk2esOt7adg06OaP2fYu6V___m706U-of9VkgENkRT8P4dbXOdDVSsLoTcLoBt8tDpOjDEWPaG7m6Qi7c1hKmrEm6qYu6mE270rlP4CwQ3LuK7bBKsOtwHo07Vz_W202Y20Cq27___y1rIB__t__WIC00000003mFn40CWDfc34HF3ddEvhTZjm89UIGTkETuH83szKSTNjK5kYZqczuz0kmsZb1ILGJM2Hfb3o8oE0U~1=WPOejI_zOBm0PGm0P1Qt0Y0Hl04GW8200RZiXvFYzigkzG600OwLqFBZhDdUfm680PEcbQo10P01g8wYmjI0W802c06SZgB2LBW1ahoufIFO0VYTffy1u06WgjuMw06Y0_W1niVUlW6W0fI-YHcm0mAC18W5uyS8a0NZnmYm1SkM0hW5ovO2m0MkuWh81RVU0j05js-e1ku1gGUaynnnASIz0BW7j0RW1uO6u0YAtyGCw0a7W0e1-0g0jHZe39C2c0sM-JJ0i9A20Q4HPu0KWA201D0Kzyp3Q-WKZ0AW5f3Iz9q6oHRG5iR7thu1c1U8azSPk1S1m1UrrW6W6Uu1k1d___y1-1cbtOOUWHh__tEp5jOQBg0QejVPiV2Iw_h20QWUlt2m7m787_oEqq-f8DnqxkfU4Ea_k23UtIcG8i7vAf0Ymlaga2B3-IhL8l__V_-18uaZcfcPcPcPsJ-G8-cUzRd0jAdkK9WZhjdgyf3mclv22W3J7oI-lCQ8Xo1OOXZxGua5nvNnNwaSsMG8DvOHgAEnJNW1~1?stat-id=3&test-tag=246290604677649&banner-sizes=eyI3MjA1NzYwNTM4MTcwMjU0OCI6IjEyNjh4MjAwIn0%3D&format-type=118&actual-format=8&pcodever=709056&banner-test-tags=eyI3MjA1NzYwNTM4MTcwMjU0OCI6IjQzODI3NjkifQ%3D%3D&pcode-active-testids=685674%2C0%2C23&width=1268&height=200&confirmTime=2100000&confirmRatio=1000000&wmode=0
date: Sun, 22 Jan 2023 08:36:02 GMT
access-control-allow-origin: https://goo.su
set-cookie: yandexuid=4148443241674376562; domain=.yandex.ru; path=/; expires=Wed, 19-Jan-2033 08:36:02 GMT
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
expires: Sun, 22 Jan 2023 08:36:02 GMT
last-modified: Sun, 22 Jan 2023 08:36:02 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-encoding: gzip
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
ap.lc/static/css/bootstrap.min.css
78.47.194.146200 OK 0 B URL HTTP/2 ap.lc/static/css/bootstrap.min.css
IP 78.47.194.146:0
ASN #24940 Hetzner Online GmbH
GET /static/css/bootstrap.min.css HTTP/1.1
Host: ap.lc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ap.lc/uubBS?asdnwbdowqkamwo
Cookie: PHPSESSID=0t3ceshlu0r9kjg6pm7u8lenl6; XSRF-TOKEN=eyJpdiI6Ik9XWHFINEViVXdIcExCY3hjZFUvNlE9PSIsInZhbHVlIjoic1FnZW4ySXhLdytpS3MzRk1CM0loTktUTFhSYVJtYkF1RWZoUGlqUmhkYXE3SE9UUzNjYzdGNmFLNjRvRVdZckZ5Q3VudjZwdnlQeXgweWRJektkZWJxc0RsVnBLVDlEU0F2VGxCMVlLWGgzMm1McXYvUDBwL085b1lIOUNCQTkiLCJtYWMiOiJkY2RlMDQ5NDdmZTdhZmE1OGMwMDA3NzI5ODM4NzRkOTlkOGQ0NDdkNzMxYjJhMWNjOWMwOTIyNmE4ZTMzNDI0In0%3D; urlverkorten_session=eyJpdiI6IlArTmdvaWhkS29Ma1BkQmZWYkZEUXc9PSIsInZhbHVlIjoiRmR2ODJCU1hYMG8zR1lpQnVNNVZMOXJkVEhxUjJXY1drSjRXcXd3QUdMOTJRQzZDLytVVk9aOWdOLzAzczNsOXlCWHdHSXRJTEQ0YTVWanp4QXhrRDRiMklIWmM3UWF6VTI3Zkd2ZFppSzlCT0xkMnJiZGpNYlpBbXpvTk1xcHoiLCJtYWMiOiJhNTcyZjVmZDY4NTlmNWQzM2VhMDlhZTc1ZDA2N2NjMGEwNWZmNGIxZDk4MmZhZjUyNjA3NzM2OTY3MzliN2Y0In0%3D
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 22 Jan 2023 08:36:06 GMT
content-type: text/css
last-modified: Wed, 27 Jan 2021 14:47:50 GMT
vary: Accept-Encoding
etag: W/"60117d16-1631a"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
content-encoding: gzip
X-Firefox-Spdy: h2
an.yandex.ru/rtbcount/1QJ3wWMO0US100000000U9nJpB-O_K_wiKEAuPBF9QMYH_OoMEP_FPFC00IUC97Gf8XFIh5SCoGPKXc1ufbBFb-80OcNWdYrvK2YbH54TeBuGC34C9EHMGB2NiZuWHN2MidemWHXxMLqPHDWE0hcdsLa1efSPGHflSl88CF0y9Tn5b1yBXD8P2rJ590yo_GV25un2HIwgXSl-Sp0S6ShdywrJwmCVvbOG9OpWspePLO4abEPGThcChE1B6HcOb00sSUoaLbzUnd7mUFdb4uovwyzjwJijdd4LR3Aks3o9xE34p_4kInpNvq1irQmD1jiOFaF0umxM9WE875lia3yyi7-8Ol6rCtkd1atxD-oW7oqW9Nt92lN32wmz0NMXeO6bfki-P8l7xbDlPlxbHMakuEjWMK6svN3mGlOklTitj3wzyp-ifLiC6CEi7cSO6D-nCQRd-9ibHWMvL_f7Pnc_f8DPk5FE6iYUr7LWfdSJU_iPx6pcHjO6fYQRM1dsi7ESu9T_05x-wscdPC-RLZC_OET1m31EvpZ
87.250.250.90200 OK 0 B URL HTTP/2 an.yandex.ru/rtbcount/1QJ3wWMO0US100000000U9nJpB-O_K_wiKEAuPBF9QMYH_OoMEP_FPFC00IUC97Gf8XFIh5SCoGPKXc1ufbBFb-80OcNWdYrvK2YbH54TeBuGC34C9EHMGB2NiZuWHN2MidemWHXxMLqPHDWE0hcdsLa1efSPGHflSl88CF0y9Tn5b1yBXD8P2rJ590yo_GV25un2HIwgXSl-Sp0S6ShdywrJwmCVvbOG9OpWspePLO4abEPGThcChE1B6HcOb00sSUoaLbzUnd7mUFdb4uovwyzjwJijdd4LR3Aks3o9xE34p_4kInpNvq1irQmD1jiOFaF0umxM9WE875lia3yyi7-8Ol6rCtkd1atxD-oW7oqW9Nt92lN32wmz0NMXeO6bfki-P8l7xbDlPlxbHMakuEjWMK6svN3mGlOklTitj3wzyp-ifLiC6CEi7cSO6D-nCQRd-9ibHWMvL_f7Pnc_f8DPk5FE6iYUr7LWfdSJU_iPx6pcHjO6fYQRM1dsi7ESu9T_05x-wscdPC-RLZC_OET1m31EvpZ
IP 87.250.250.90:0
GET /rtbcount/1QJ3wWMO0US100000000U9nJpB-O_K_wiKEAuPBF9QMYH_OoMEP_FPFC00IUC97Gf8XFIh5SCoGPKXc1ufbBFb-80OcNWdYrvK2YbH54TeBuGC34C9EHMGB2NiZuWHN2MidemWHXxMLqPHDWE0hcdsLa1efSPGHflSl88CF0y9Tn5b1yBXD8P2rJ590yo_GV25un2HIwgXSl-Sp0S6ShdywrJwmCVvbOG9OpWspePLO4abEPGThcChE1B6HcOb00sSUoaLbzUnd7mUFdb4uovwyzjwJijdd4LR3Aks3o9xE34p_4kInpNvq1irQmD1jiOFaF0umxM9WE875lia3yyi7-8Ol6rCtkd1atxD-oW7oqW9Nt92lN32wmz0NMXeO6bfki-P8l7xbDlPlxbHMakuEjWMK6svN3mGlOklTitj3wzyp-ifLiC6CEi7cSO6D-nCQRd-9ibHWMvL_f7Pnc_f8DPk5FE6iYUr7LWfdSJU_iPx6pcHjO6fYQRM1dsi7ESu9T_05x-wscdPC-RLZC_OET1m31EvpZ HTTP/1.1
Host: an.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Origin: https://goo.su
Connection: keep-alive
Referer: https://goo.su/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
timing-allow-origin: *
date: Sun, 22 Jan 2023 08:36:00 GMT
access-control-allow-origin: https://goo.su
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Sun, 22 Jan 2023 08:36:00 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
last-modified: Sun, 22 Jan 2023 08:36:00 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: image/gif
content-encoding: gzip
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
an.yandex.ru/system/context.js
87.250.250.90200 OK 0 B URL HTTP/2 an.yandex.ru/system/context.js
IP 87.250.250.90:0
GET /system/context.js HTTP/1.1
Host: an.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://goo.su/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
timing-allow-origin: *
access-control-allow-origin: *
expires: Sun, 22 Jan 2023 09:35:59 GMT
x-yandex-req-id: 1674376559215454-1614463027456724288900104-production-app-host-sas-pcode-203
cache-control: private, max-age=3600
content-encoding: br
content-type: text/javascript; charset=utf-8
x-robots-tag: noindex, noarchive, nofollow
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
mc.yandex.ru/watch/1677322?wmode=7&page-url=https%3A%2F%2Fgoo.su%2FjYgQrdi&nohit=1&charset=utf-8&cnt-class=1&browser-info=pv%3A1%3Avf%3A3kqlg6e9sjiwxr6f2njdv%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A960%3Acn%3A1%3Adp%3A0%3Als%3A1418218279563%3Ahid%3A989927223%3Az%3A0%3Ai%3A20230122083559%3Aet%3A1674376559%3Ac%3A1%3Arn%3A197469341%3Au%3A1674376559735048639%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Aco%3A0%3Ans%3A1674376557070%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1674376559%3At%3ARedirecting...&t=gdpr(14)clc(0-0-0)aw(1)fip(1)ti(2)
87.250.251.119302 Found 0 B URL HTTP/2 mc.yandex.ru/watch/1677322?wmode=7&page-url=https%3A%2F%2Fgoo.su%2FjYgQrdi&nohit=1&charset=utf-8&cnt-class=1&browser-info=pv%3A1%3Avf%3A3kqlg6e9sjiwxr6f2njdv%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A960%3Acn%3A1%3Adp%3A0%3Als%3A1418218279563%3Ahid%3A989927223%3Az%3A0%3Ai%3A20230122083559%3Aet%3A1674376559%3Ac%3A1%3Arn%3A197469341%3Au%3A1674376559735048639%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Aco%3A0%3Ans%3A1674376557070%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1674376559%3At%3ARedirecting...&t=gdpr(14)clc(0-0-0)aw(1)fip(1)ti(2)
IP 87.250.251.119:0
GET /watch/1677322?wmode=7&page-url=https%3A%2F%2Fgoo.su%2FjYgQrdi&nohit=1&charset=utf-8&cnt-class=1&browser-info=pv%3A1%3Avf%3A3kqlg6e9sjiwxr6f2njdv%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A960%3Acn%3A1%3Adp%3A0%3Als%3A1418218279563%3Ahid%3A989927223%3Az%3A0%3Ai%3A20230122083559%3Aet%3A1674376559%3Ac%3A1%3Arn%3A197469341%3Au%3A1674376559735048639%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Aco%3A0%3Ans%3A1674376557070%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1674376559%3At%3ARedirecting...&t=gdpr(14)clc(0-0-0)aw(1)fip(1)ti(2) HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://goo.su
Connection: keep-alive
Referer: https://goo.su/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
location: /watch/1677322/1?wmode=7&page-url=https%3A%2F%2Fgoo.su%2FjYgQrdi&nohit=1&charset=utf-8&cnt-class=1&browser-info=pv%3A1%3Avf%3A3kqlg6e9sjiwxr6f2njdv%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A960%3Acn%3A1%3Adp%3A0%3Als%3A1418218279563%3Ahid%3A989927223%3Az%3A0%3Ai%3A20230122083559%3Aet%3A1674376559%3Ac%3A1%3Arn%3A197469341%3Au%3A1674376559735048639%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Aco%3A0%3Ans%3A1674376557070%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1674376559%3At%3ARedirecting...&t=gdpr%2814%29clc%280-0-0%29aw%281%29fip%281%29ti%282%29
date: Sun, 22 Jan 2023 08:36:00 GMT
access-control-allow-origin: https://goo.su
set-cookie: yabs-sid=1454278581674376560; Path=/; SameSite=None; Secure
i=FbMlB5e9hnbpgt3c7kaFxLgjX1gJtsMKaSLTYE1e6s+OMJ1MLoEtiPjFrIjJyQBld2CV52LmzqLn5T5uH6XhX2OFkiY=; Expires=Wed, 19-Jan-2033 08:36:00 GMT; Domain=.yandex.ru; Path=/; Secure; HttpOnly; SameSite=None
yandexuid=2353710901674376560; Expires=Mon, 22-Jan-2024 08:36:00 GMT; Domain=.yandex.ru; Path=/; SameSite=None; Secure
yuidss=2353710901674376560; Expires=Mon, 22-Jan-2024 08:36:00 GMT; Domain=.yandex.ru; Path=/; SameSite=None; Secure
ymex=1705912560.yc.1674376560#1705912560.yrts.1674376560#1705912560.yrtsi.1674376560; Expires=Mon, 22-Jan-2024 08:36:00 GMT; Domain=.yandex.ru; Path=/; SameSite=None; Secure
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Sun, 22-Jan-2023 08:36:00 GMT
last-modified: Sun, 22-Jan-2023 08:36:00 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
ap.lc/static/css/fa-all.min.css
78.47.194.146200 OK 0 B URL HTTP/2 ap.lc/static/css/fa-all.min.css
IP 78.47.194.146:0
ASN #24940 Hetzner Online GmbH
GET /static/css/fa-all.min.css HTTP/1.1
Host: ap.lc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ap.lc/uubBS?asdnwbdowqkamwo
Cookie: PHPSESSID=0t3ceshlu0r9kjg6pm7u8lenl6; XSRF-TOKEN=eyJpdiI6Ik9XWHFINEViVXdIcExCY3hjZFUvNlE9PSIsInZhbHVlIjoic1FnZW4ySXhLdytpS3MzRk1CM0loTktUTFhSYVJtYkF1RWZoUGlqUmhkYXE3SE9UUzNjYzdGNmFLNjRvRVdZckZ5Q3VudjZwdnlQeXgweWRJektkZWJxc0RsVnBLVDlEU0F2VGxCMVlLWGgzMm1McXYvUDBwL085b1lIOUNCQTkiLCJtYWMiOiJkY2RlMDQ5NDdmZTdhZmE1OGMwMDA3NzI5ODM4NzRkOTlkOGQ0NDdkNzMxYjJhMWNjOWMwOTIyNmE4ZTMzNDI0In0%3D; urlverkorten_session=eyJpdiI6IlArTmdvaWhkS29Ma1BkQmZWYkZEUXc9PSIsInZhbHVlIjoiRmR2ODJCU1hYMG8zR1lpQnVNNVZMOXJkVEhxUjJXY1drSjRXcXd3QUdMOTJRQzZDLytVVk9aOWdOLzAzczNsOXlCWHdHSXRJTEQ0YTVWanp4QXhrRDRiMklIWmM3UWF6VTI3Zkd2ZFppSzlCT0xkMnJiZGpNYlpBbXpvTk1xcHoiLCJtYWMiOiJhNTcyZjVmZDY4NTlmNWQzM2VhMDlhZTc1ZDA2N2NjMGEwNWZmNGIxZDk4MmZhZjUyNjA3NzM2OTY3MzliN2Y0In0%3D
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 22 Jan 2023 08:36:06 GMT
content-type: text/css
last-modified: Wed, 27 Jan 2021 14:47:50 GMT
vary: Accept-Encoding
etag: W/"60117d16-df5c"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
content-encoding: gzip
X-Firefox-Spdy: h2
ap.lc/static/js/jquery.min.js
78.47.194.146200 OK 0 B URL HTTP/2 ap.lc/static/js/jquery.min.js
IP 78.47.194.146:0
ASN #24940 Hetzner Online GmbH
GET /static/js/jquery.min.js HTTP/1.1
Host: ap.lc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ap.lc/uubBS?asdnwbdowqkamwo
Cookie: PHPSESSID=0t3ceshlu0r9kjg6pm7u8lenl6; XSRF-TOKEN=eyJpdiI6Ik9XWHFINEViVXdIcExCY3hjZFUvNlE9PSIsInZhbHVlIjoic1FnZW4ySXhLdytpS3MzRk1CM0loTktUTFhSYVJtYkF1RWZoUGlqUmhkYXE3SE9UUzNjYzdGNmFLNjRvRVdZckZ5Q3VudjZwdnlQeXgweWRJektkZWJxc0RsVnBLVDlEU0F2VGxCMVlLWGgzMm1McXYvUDBwL085b1lIOUNCQTkiLCJtYWMiOiJkY2RlMDQ5NDdmZTdhZmE1OGMwMDA3NzI5ODM4NzRkOTlkOGQ0NDdkNzMxYjJhMWNjOWMwOTIyNmE4ZTMzNDI0In0%3D; urlverkorten_session=eyJpdiI6IlArTmdvaWhkS29Ma1BkQmZWYkZEUXc9PSIsInZhbHVlIjoiRmR2ODJCU1hYMG8zR1lpQnVNNVZMOXJkVEhxUjJXY1drSjRXcXd3QUdMOTJRQzZDLytVVk9aOWdOLzAzczNsOXlCWHdHSXRJTEQ0YTVWanp4QXhrRDRiMklIWmM3UWF6VTI3Zkd2ZFppSzlCT0xkMnJiZGpNYlpBbXpvTk1xcHoiLCJtYWMiOiJhNTcyZjVmZDY4NTlmNWQzM2VhMDlhZTc1ZDA2N2NjMGEwNWZmNGIxZDk4MmZhZjUyNjA3NzM2OTY3MzliN2Y0In0%3D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 22 Jan 2023 08:36:06 GMT
content-type: application/javascript; charset=utf-8
last-modified: Wed, 27 Jan 2021 14:47:50 GMT
vary: Accept-Encoding
etag: W/"60117d16-14696"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
content-encoding: gzip
X-Firefox-Spdy: h2
ap.lc/static/application.fn.js
78.47.194.146200 OK 0 B URL HTTP/2 ap.lc/static/application.fn.js
IP 78.47.194.146:0
ASN #24940 Hetzner Online GmbH
GET /static/application.fn.js HTTP/1.1
Host: ap.lc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ap.lc/uubBS?asdnwbdowqkamwo
Cookie: PHPSESSID=0t3ceshlu0r9kjg6pm7u8lenl6; XSRF-TOKEN=eyJpdiI6Ik9XWHFINEViVXdIcExCY3hjZFUvNlE9PSIsInZhbHVlIjoic1FnZW4ySXhLdytpS3MzRk1CM0loTktUTFhSYVJtYkF1RWZoUGlqUmhkYXE3SE9UUzNjYzdGNmFLNjRvRVdZckZ5Q3VudjZwdnlQeXgweWRJektkZWJxc0RsVnBLVDlEU0F2VGxCMVlLWGgzMm1McXYvUDBwL085b1lIOUNCQTkiLCJtYWMiOiJkY2RlMDQ5NDdmZTdhZmE1OGMwMDA3NzI5ODM4NzRkOTlkOGQ0NDdkNzMxYjJhMWNjOWMwOTIyNmE4ZTMzNDI0In0%3D; urlverkorten_session=eyJpdiI6IlArTmdvaWhkS29Ma1BkQmZWYkZEUXc9PSIsInZhbHVlIjoiRmR2ODJCU1hYMG8zR1lpQnVNNVZMOXJkVEhxUjJXY1drSjRXcXd3QUdMOTJRQzZDLytVVk9aOWdOLzAzczNsOXlCWHdHSXRJTEQ0YTVWanp4QXhrRDRiMklIWmM3UWF6VTI3Zkd2ZFppSzlCT0xkMnJiZGpNYlpBbXpvTk1xcHoiLCJtYWMiOiJhNTcyZjVmZDY4NTlmNWQzM2VhMDlhZTc1ZDA2N2NjMGEwNWZmNGIxZDk4MmZhZjUyNjA3NzM2OTY3MzliN2Y0In0%3D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 22 Jan 2023 08:36:06 GMT
content-type: application/javascript; charset=utf-8
last-modified: Thu, 28 Jan 2021 09:40:14 GMT
vary: Accept-Encoding
etag: W/"6012867e-1109"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
content-encoding: gzip
X-Firefox-Spdy: h2
ap.lc/static/application.js
78.47.194.146200 OK 0 B URL HTTP/2 ap.lc/static/application.js
IP 78.47.194.146:0
ASN #24940 Hetzner Online GmbH
GET /static/application.js HTTP/1.1
Host: ap.lc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ap.lc/uubBS?asdnwbdowqkamwo
Cookie: PHPSESSID=0t3ceshlu0r9kjg6pm7u8lenl6; XSRF-TOKEN=eyJpdiI6Ik9XWHFINEViVXdIcExCY3hjZFUvNlE9PSIsInZhbHVlIjoic1FnZW4ySXhLdytpS3MzRk1CM0loTktUTFhSYVJtYkF1RWZoUGlqUmhkYXE3SE9UUzNjYzdGNmFLNjRvRVdZckZ5Q3VudjZwdnlQeXgweWRJektkZWJxc0RsVnBLVDlEU0F2VGxCMVlLWGgzMm1McXYvUDBwL085b1lIOUNCQTkiLCJtYWMiOiJkY2RlMDQ5NDdmZTdhZmE1OGMwMDA3NzI5ODM4NzRkOTlkOGQ0NDdkNzMxYjJhMWNjOWMwOTIyNmE4ZTMzNDI0In0%3D; urlverkorten_session=eyJpdiI6IlArTmdvaWhkS29Ma1BkQmZWYkZEUXc9PSIsInZhbHVlIjoiRmR2ODJCU1hYMG8zR1lpQnVNNVZMOXJkVEhxUjJXY1drSjRXcXd3QUdMOTJRQzZDLytVVk9aOWdOLzAzczNsOXlCWHdHSXRJTEQ0YTVWanp4QXhrRDRiMklIWmM3UWF6VTI3Zkd2ZFppSzlCT0xkMnJiZGpNYlpBbXpvTk1xcHoiLCJtYWMiOiJhNTcyZjVmZDY4NTlmNWQzM2VhMDlhZTc1ZDA2N2NjMGEwNWZmNGIxZDk4MmZhZjUyNjA3NzM2OTY3MzliN2Y0In0%3D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 22 Jan 2023 08:36:06 GMT
content-type: application/javascript; charset=utf-8
last-modified: Thu, 28 Jan 2021 09:40:14 GMT
vary: Accept-Encoding
etag: W/"6012867e-4bf2"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
content-encoding: gzip
X-Firefox-Spdy: h2
goo.su/jYgQrdi
172.67.139.105200 OK 0 B IP 172.67.139.105:0
Analyzer Verdict Alert openphish Webmail Providers
fortinet Phishing
GET /jYgQrdi HTTP/1.1
Host: goo.su
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
date: Sun, 22 Jan 2023 08:35:58 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
x-powered-by: PHP/8.0.15
cache-control: private, must-revalidate
pragma: no-cache
expires: -1
set-cookie: XSRF-TOKEN=eyJpdiI6ImJEaEU3RzNUc1FQck9Wckd0d0Y0M0E9PSIsInZhbHVlIjoiV2xMQVhYdDh6MVpyMExId3E2R0MyWUExVGFoNjBkc3pSbzlhMndoSjRVMXY1QkdnN1kwQmx4YXNXLzlPT0w5RVVMTnZqWjQvL0NELzM1N0l0UXFYTDlhNUJ0bTd1ODREK3ltQmxrRzJCUHVLYVE3Z0NRZDljTlhyQXhmYWFtVVciLCJtYWMiOiJhMTEyYjhmNzAxOGVjMjdkOTU0NTU3M2JiZjM4OGY0MzA0YjZlNDg2ZDJiMWE5NGRlNzUxMWIwMGI1YWUxMGE1IiwidGFnIjoiIn0%3D; expires=Mon, 23-Jan-2023 03:15:58 GMT; Max-Age=67200; path=/; samesite=lax
goosu_session=eyJpdiI6IktNeUNrTGdBZ2FTWVVpRHpGdEd5VkE9PSIsInZhbHVlIjoiSHZzaGFJc3ZFR29XbGF2YXB4Vno5dGpqWWNwT3BhMkJTT08rU0FNZEt4aHFjR2l1RXYwVHV6b0ZneEdaUHlhWFMzMlhzVi9HNkEveHkwSmNvak9UYXR0dnYzWUx1QU8vTDNtZCtEcmxTamZrd3g0OWVYQ0RMUnpnejJhS3h4elMiLCJtYWMiOiJhYTEzZjk5NGY5MDY1NGM3NDRlYjkwOWNmMjRhMzZlMjQ2NDI0ZjAwMTViYTBiYTkwYmQyMWZhOTIxMjJmOTE2IiwidGFnIjoiIn0%3D; expires=Mon, 23-Jan-2023 03:15:58 GMT; Max-Age=67200; path=/; httponly; samesite=lax
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XwJnBs3uw2QQNxgqTupDAVUjYP3xMDjLkayZJ9lpP50pMjRuGX2LLsnZuNKdM3LoJgbdfcaHz8Zf0Stw14j8LIJ1nfbKQzh%2BiCtD31hRks1Y2IysFEbKbZ0%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 78d6f5912ec2b518-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
an.yandex.ru/event_confirmation
87.250.250.90200 OK 0 B URL HTTP/2 an.yandex.ru/event_confirmation
IP 87.250.250.90:0
POST /event_confirmation HTTP/1.1
Host: an.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Content-Length: 319
Origin: https://goo.su
Connection: keep-alive
Referer: https://goo.su/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
timing-allow-origin: *
date: Sun, 22 Jan 2023 08:36:00 GMT
access-control-allow-origin: https://goo.su
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Sun, 22 Jan 2023 08:36:00 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
last-modified: Sun, 22 Jan 2023 08:36:00 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-encoding: gzip
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
ap.lc/themes/cleanex/style.css
78.47.194.146200 OK 0 B URL HTTP/2 ap.lc/themes/cleanex/style.css
IP 78.47.194.146:0
ASN #24940 Hetzner Online GmbH
GET /themes/cleanex/style.css HTTP/1.1
Host: ap.lc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ap.lc/uubBS?asdnwbdowqkamwo
Cookie: PHPSESSID=0t3ceshlu0r9kjg6pm7u8lenl6; XSRF-TOKEN=eyJpdiI6Ik9XWHFINEViVXdIcExCY3hjZFUvNlE9PSIsInZhbHVlIjoic1FnZW4ySXhLdytpS3MzRk1CM0loTktUTFhSYVJtYkF1RWZoUGlqUmhkYXE3SE9UUzNjYzdGNmFLNjRvRVdZckZ5Q3VudjZwdnlQeXgweWRJektkZWJxc0RsVnBLVDlEU0F2VGxCMVlLWGgzMm1McXYvUDBwL085b1lIOUNCQTkiLCJtYWMiOiJkY2RlMDQ5NDdmZTdhZmE1OGMwMDA3NzI5ODM4NzRkOTlkOGQ0NDdkNzMxYjJhMWNjOWMwOTIyNmE4ZTMzNDI0In0%3D; urlverkorten_session=eyJpdiI6IlArTmdvaWhkS29Ma1BkQmZWYkZEUXc9PSIsInZhbHVlIjoiRmR2ODJCU1hYMG8zR1lpQnVNNVZMOXJkVEhxUjJXY1drSjRXcXd3QUdMOTJRQzZDLytVVk9aOWdOLzAzczNsOXlCWHdHSXRJTEQ0YTVWanp4QXhrRDRiMklIWmM3UWF6VTI3Zkd2ZFppSzlCT0xkMnJiZGpNYlpBbXpvTk1xcHoiLCJtYWMiOiJhNTcyZjVmZDY4NTlmNWQzM2VhMDlhZTc1ZDA2N2NjMGEwNWZmNGIxZDk4MmZhZjUyNjA3NzM2OTY3MzliN2Y0In0%3D
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 22 Jan 2023 08:36:06 GMT
content-type: text/css
last-modified: Thu, 28 Jan 2021 09:40:14 GMT
vary: Accept-Encoding
etag: W/"6012867e-14b5d"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
content-encoding: gzip
X-Firefox-Spdy: h2
an.yandex.ru/rtbcount/1GZmNtYP0US100000000U9nJpDyR7l7xxuyOmoMVVpHe7jdBO9d_zKmo0n1umaH2fquyOnZBDKEI8PKHA9wvvBDC8KYyb1d8goq74gsC8B8J90i4J0mp6QypGzWB6UsWh9MCjb3vlOnhdWap70NpppA2fAyoWgJkCZB8C33yPPp5nC0mbmaaifOf2aYUPVeF1A-O11QoUzOj-Sp0y6gNiCwrJwmCVvbOG9OpimB9NcP583cL6QHjBZCRo49c9WO5a7qi6vdLjvTn73n-JkaaS_xTsPyg68Ighe9LtWMJFvaTdFWXpcKvzUeCcBM2vJhx1fR_CC2uWuNf01Bt9Wl4Bn_i7x9eJDtipfbnm_uj2yX72rXvJx9opU02IrzWRLZGm7AJDL_ovIEtgNTplxA2T7UmDR3COBjoE7W1M_UUpHjQ_vxPNxQI3MRC0JQF4spCZzXuyrEShJ9CAm8glOFJp5-omIpy2MTDP2-gMZ2Jk-cT_InsDdC3ImDJimtiJ3lOUKwmYpzWRx_Lj7FIfmsBkN-mym00HqkWCG00
87.250.250.90200 OK 0 B URL HTTP/2 an.yandex.ru/rtbcount/1GZmNtYP0US100000000U9nJpDyR7l7xxuyOmoMVVpHe7jdBO9d_zKmo0n1umaH2fquyOnZBDKEI8PKHA9wvvBDC8KYyb1d8goq74gsC8B8J90i4J0mp6QypGzWB6UsWh9MCjb3vlOnhdWap70NpppA2fAyoWgJkCZB8C33yPPp5nC0mbmaaifOf2aYUPVeF1A-O11QoUzOj-Sp0y6gNiCwrJwmCVvbOG9OpimB9NcP583cL6QHjBZCRo49c9WO5a7qi6vdLjvTn73n-JkaaS_xTsPyg68Ighe9LtWMJFvaTdFWXpcKvzUeCcBM2vJhx1fR_CC2uWuNf01Bt9Wl4Bn_i7x9eJDtipfbnm_uj2yX72rXvJx9opU02IrzWRLZGm7AJDL_ovIEtgNTplxA2T7UmDR3COBjoE7W1M_UUpHjQ_vxPNxQI3MRC0JQF4spCZzXuyrEShJ9CAm8glOFJp5-omIpy2MTDP2-gMZ2Jk-cT_InsDdC3ImDJimtiJ3lOUKwmYpzWRx_Lj7FIfmsBkN-mym00HqkWCG00
IP 87.250.250.90:0
GET /rtbcount/1GZmNtYP0US100000000U9nJpDyR7l7xxuyOmoMVVpHe7jdBO9d_zKmo0n1umaH2fquyOnZBDKEI8PKHA9wvvBDC8KYyb1d8goq74gsC8B8J90i4J0mp6QypGzWB6UsWh9MCjb3vlOnhdWap70NpppA2fAyoWgJkCZB8C33yPPp5nC0mbmaaifOf2aYUPVeF1A-O11QoUzOj-Sp0y6gNiCwrJwmCVvbOG9OpimB9NcP583cL6QHjBZCRo49c9WO5a7qi6vdLjvTn73n-JkaaS_xTsPyg68Ighe9LtWMJFvaTdFWXpcKvzUeCcBM2vJhx1fR_CC2uWuNf01Bt9Wl4Bn_i7x9eJDtipfbnm_uj2yX72rXvJx9opU02IrzWRLZGm7AJDL_ovIEtgNTplxA2T7UmDR3COBjoE7W1M_UUpHjQ_vxPNxQI3MRC0JQF4spCZzXuyrEShJ9CAm8glOFJp5-omIpy2MTDP2-gMZ2Jk-cT_InsDdC3ImDJimtiJ3lOUKwmYpzWRx_Lj7FIfmsBkN-mym00HqkWCG00 HTTP/1.1
Host: an.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Origin: https://goo.su
Connection: keep-alive
Referer: https://goo.su/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
timing-allow-origin: *
date: Sun, 22 Jan 2023 08:36:00 GMT
access-control-allow-origin: https://goo.su
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Sun, 22 Jan 2023 08:36:00 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
last-modified: Sun, 22 Jan 2023 08:36:00 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: image/gif
content-encoding: gzip
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
an.yandex.ru/rtbcount/1JGVRisM0US100000000U9nJpB-O_K_wiKEAuPBF9QMYH_OoMEP_FPFC00IUC97Gf8XFIh5SCoGPKXc1ufbBFb-80OcNWdYrvK2YbH54TeBuGC34C9EHMGB2NiZuWHN2MidemWHXxMLqPHDWE0hcdsK4QReA9kyoCiWmCFnbd0KKdyi44bdB50KappBz1u9NJ0A5hkh5IpupCDpPogTpxHChmryc5f3bp20RUfaLWUHKPf2skSni80kPcHWKGFQnR6HMtrx6SV3uEQMJpFbhpoqfksqUSHMiyYwO_CdiuCGFSIxBt5TdmAmLBCq66rZ-mm3Z3XQc0qZScomGltomVyYYCNMpEsV63VktB20VBM3bFSdADOCBB7s1jQ6XWUKcQxxaoqTkK-_cVcK5wUvWQs2PmNRbSF02jkuzcpUq_Zsplsmb6yoO0smU9zYO7x7nvgSuMoM6HVbNUWUdcRzaWrdu4ywQo5vKjM0cTzCx-rdiREO6bWQcPXlOcNQmyvnW5t_0tdwhQUUaJniMS_zWvm40ld6SuG00?confirmTime=2116000&confirmRatio=1000000&test-tag=246290604621826&format-type=118&actual-format=10&rnd=1773732327195&pcode-active-testids=685674%2C0%2C23&banner-sizes=eyI3MjA1NzYwNzIxNDcyMTM4NyI6IjQxOXgxMDAiLCI3MjA1NzYwNzIxNDYwNDYyOSI6IjQxOXgxMDAiLCI3MjA1NzYwNzE2MTQwMzQ1NyI6IjQxOXgxMDAifQ%3D%3D&width=1268&height=100
87.250.250.90200 OK 0 B URL HTTP/2 an.yandex.ru/rtbcount/1JGVRisM0US100000000U9nJpB-O_K_wiKEAuPBF9QMYH_OoMEP_FPFC00IUC97Gf8XFIh5SCoGPKXc1ufbBFb-80OcNWdYrvK2YbH54TeBuGC34C9EHMGB2NiZuWHN2MidemWHXxMLqPHDWE0hcdsK4QReA9kyoCiWmCFnbd0KKdyi44bdB50KappBz1u9NJ0A5hkh5IpupCDpPogTpxHChmryc5f3bp20RUfaLWUHKPf2skSni80kPcHWKGFQnR6HMtrx6SV3uEQMJpFbhpoqfksqUSHMiyYwO_CdiuCGFSIxBt5TdmAmLBCq66rZ-mm3Z3XQc0qZScomGltomVyYYCNMpEsV63VktB20VBM3bFSdADOCBB7s1jQ6XWUKcQxxaoqTkK-_cVcK5wUvWQs2PmNRbSF02jkuzcpUq_Zsplsmb6yoO0smU9zYO7x7nvgSuMoM6HVbNUWUdcRzaWrdu4ywQo5vKjM0cTzCx-rdiREO6bWQcPXlOcNQmyvnW5t_0tdwhQUUaJniMS_zWvm40ld6SuG00?confirmTime=2116000&confirmRatio=1000000&test-tag=246290604621826&format-type=118&actual-format=10&rnd=1773732327195&pcode-active-testids=685674%2C0%2C23&banner-sizes=eyI3MjA1NzYwNzIxNDcyMTM4NyI6IjQxOXgxMDAiLCI3MjA1NzYwNzIxNDYwNDYyOSI6IjQxOXgxMDAiLCI3MjA1NzYwNzE2MTQwMzQ1NyI6IjQxOXgxMDAifQ%3D%3D&width=1268&height=100
IP 87.250.250.90:0
GET /rtbcount/1JGVRisM0US100000000U9nJpB-O_K_wiKEAuPBF9QMYH_OoMEP_FPFC00IUC97Gf8XFIh5SCoGPKXc1ufbBFb-80OcNWdYrvK2YbH54TeBuGC34C9EHMGB2NiZuWHN2MidemWHXxMLqPHDWE0hcdsK4QReA9kyoCiWmCFnbd0KKdyi44bdB50KappBz1u9NJ0A5hkh5IpupCDpPogTpxHChmryc5f3bp20RUfaLWUHKPf2skSni80kPcHWKGFQnR6HMtrx6SV3uEQMJpFbhpoqfksqUSHMiyYwO_CdiuCGFSIxBt5TdmAmLBCq66rZ-mm3Z3XQc0qZScomGltomVyYYCNMpEsV63VktB20VBM3bFSdADOCBB7s1jQ6XWUKcQxxaoqTkK-_cVcK5wUvWQs2PmNRbSF02jkuzcpUq_Zsplsmb6yoO0smU9zYO7x7nvgSuMoM6HVbNUWUdcRzaWrdu4ywQo5vKjM0cTzCx-rdiREO6bWQcPXlOcNQmyvnW5t_0tdwhQUUaJniMS_zWvm40ld6SuG00?confirmTime=2116000&confirmRatio=1000000&test-tag=246290604621826&format-type=118&actual-format=10&rnd=1773732327195&pcode-active-testids=685674%2C0%2C23&banner-sizes=eyI3MjA1NzYwNzIxNDcyMTM4NyI6IjQxOXgxMDAiLCI3MjA1NzYwNzIxNDYwNDYyOSI6IjQxOXgxMDAiLCI3MjA1NzYwNzE2MTQwMzQ1NyI6IjQxOXgxMDAifQ%3D%3D&width=1268&height=100 HTTP/1.1
Host: an.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Origin: https://goo.su
Connection: keep-alive
Referer: https://goo.su/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
timing-allow-origin: *
date: Sun, 22 Jan 2023 08:36:02 GMT
access-control-allow-origin: https://goo.su
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Sun, 22 Jan 2023 08:36:02 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
last-modified: Sun, 22 Jan 2023 08:36:02 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: image/gif
content-encoding: gzip
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
an.yandex.ru/event_confirmation
87.250.250.90200 OK 0 B URL HTTP/2 an.yandex.ru/event_confirmation
IP 87.250.250.90:0
POST /event_confirmation HTTP/1.1
Host: an.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Content-Length: 319
Origin: https://goo.su
Connection: keep-alive
Referer: https://goo.su/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
timing-allow-origin: *
date: Sun, 22 Jan 2023 08:36:00 GMT
access-control-allow-origin: https://goo.su
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Sun, 22 Jan 2023 08:36:00 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
last-modified: Sun, 22 Jan 2023 08:36:00 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-encoding: gzip
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
kraken.rambler.ru/cnt/v2/
81.19.89.17200 OK 0 B URL HTTP/2 kraken.rambler.ru/cnt/v2/
IP 81.19.89.17:0
ASN #24638 Rambler Internet Holding LLC
POST /cnt/v2/ HTTP/1.1
Host: kraken.rambler.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 644
Origin: https://goo.su
Connection: keep-alive
Referer: https://goo.su/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx/1.19.4
date: Sun, 22 Jan 2023 08:36:04 GMT
content-type: application/octet-stream
expires: Thu, 01 Jan 1970 00:00:01 GMT
cache-control: no-cache
pragma: no-cache
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: content-type
access-control-allow-origin: https://goo.su
access-control-allow-credentials: true
x-srv: 1kraken-prod0003.ad.rambler.tech
set-cookie: ruid=1CIAAHT1zGPZtXWfAXHKEgB=; expires=Thu, 31-Dec-37 23:55:55 GMT; domain=.rambler.ru; path=/
proto_uid=1CIAAHT1zGPZtXWfAXHKEgB=; expires=Thu, 31-Dec-37 23:55:55 GMT; domain=.rambler.ru; path=/
p3p: CP="NON DSP NID ADMa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
X-Firefox-Spdy: h2
top-fwz1.mail.ru/js/code.js
95.163.52.67200 OK 0 B URL HTTP/2 top-fwz1.mail.ru/js/code.js
IP 95.163.52.67:0
GET /js/code.js HTTP/1.1
Host: top-fwz1.mail.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://goo.su/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sun, 22 Jan 2023 08:35:59 GMT
content-type: application/javascript
last-modified: Wed, 11 Jan 2023 13:29:54 GMT
set-cookie: FTID=1RMYgQ0tkIIF:1674376559:0:::; path=/; expires=Tue, 23-Jan-24 08:35:59 GMT; domain=.mail.ru; HttpOnly; SameSite=None; Secure
etag: W/"63beb9d2-85cc"
expires: Sun, 22 Jan 2023 09:35:59 GMT
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, HEAD, PUT, OPTIONS
access-control-allow-headers: *
amp-access-control-allow-source-origin: *
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
timing-allow-origin: *
x-content-type-options: nosniff
p3p: CP="NOI DSP COR NID CUR PSA OUR NOR"
cache-control: max-age=3600, private
accept-ch: DPR, Width, Viewport-Width, Downlink, Device-Memory, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version
accept-ch-lifetime: 86400
content-encoding: gzip
X-Firefox-Spdy: h2
an.yandex.ru/event_confirmation
87.250.250.90200 OK 0 B URL HTTP/2 an.yandex.ru/event_confirmation
IP 87.250.250.90:0
POST /event_confirmation HTTP/1.1
Host: an.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Content-Length: 294
Origin: https://goo.su
Connection: keep-alive
Referer: https://goo.su/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
timing-allow-origin: *
date: Sun, 22 Jan 2023 08:35:59 GMT
access-control-allow-origin: https://goo.su
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Sun, 22 Jan 2023 08:35:59 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
last-modified: Sun, 22 Jan 2023 08:35:59 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-encoding: gzip
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
an.yandex.ru/meta/1677322?target-ref=https%3A%2F%2Fgoo.su%2FjYgQrdi&charset=utf-8&pcode-test-ids=657519%2C0%2C73%3B706837%2C0%2C70%3B685674%2C0%2C23%3B672577%2C0%2C10%3B705194%2C0%2C56%3B709056%2C0%2C96%3B681853%2C0%2C60&pcode-flags-map=eJytWG1v2zYQ%2FiuDPxedXimp3yiJsjlLlEZSTtyiINzWTQIk6dCmRbYi%2F31HUbYlOaGTbkAQ2ILu4fFennvOP2d0zmpOVEWFILnKscSqwRxXQhU1Vyuak1pRprK6SuvZm3c%2FZz8219%2B3szez7f1fs1ezu%2B23O%2FoJvoaJE4Th7OH9q9kKC8XJny0RUq0q3KiC15XCuRjZS96SIQByIy92OgDCcFqSyeHwoaCMSgL%2BZUuxqKU6o3JRt1Jh8F0Km3coDFHsvxj8%2F0DGZakaXudtJsXxMS%2BDJgD5wrwMQHRe4MwzSIUqcUrKDgpAUswY4fbsIN8PoqEvjJwpsQRr%2BNOANc4JV02J1xOoqUNx6CXJ3iHKGjwnSkiaLdcqp0KD513UUp3avKjP4TEnmVSClOUImpw3Y%2BjI9Q7QrRh7yTBrWvstEzdygj2AXHCIFuFch6lQouUrsoaQQxLnigrFoExWuKT5CVAPhfEeFOc6%2Bmtdtz2SrE2b9D1jBYucKIijQzqlKTnCBa3ZyDJykB%2FEY9vYDd3OtmW0T5guAVw1Q9O7r9%2B3A7PAi%2F3ENKaOqBBdzUxsplkeGEFxCEKYqlNBIICT4rjdfLjejix95CXmhgU9B2JiakHofCEVk%2FYjg9BPzPXWmOXkXPFW5XWFKbMSlxN5Ptqfl%2FJ6Cc7CWWrOJ5mdWrpRGKNHD9SFLDlNreae6yBTbG8J81TRQs2f0Rxoh1bQE1bbwA16suxs%2B75Rac11UjnOaSt%2BeybCGmu%2FjcPQeGd4bWW8MPCjPs55oatWNDWDwpC0IlDVI1PPcZyxbeD45s5NVudEt4AgzEqDYRACTF9Kmg040bW7O09pErCaB1HkHZtDQ8P%2FM91EUJ2%2FgrBzACigHWXLdx63LgnmTFV63q4wp3hyb290aOg4fZQbTmtO5VqlayB%2BctbU3B4wFKG%2B93Z10RNoJqzUHAL9xYOKBIrLMLAf0HCWQZaEhSXCxA9dd2TbVbHYT%2BkGmI%2ByuR0kCAPjeVa3TEIpy3VDlG%2F3GhgxHKSn4hnESdCUlhA1%2B3FJhJ60VDXM1xLm0onTdxhVW0pqZqkCgi0ozDGqL1HgzN7NSexF0cCPHsRMeRgPUGx6sKYgGnTHSF6X5Ykp63iBb6puznHq2d%2BFEnUO7ypB3478DV3Psb3%2FSOe74RMWu%2BJYkG78cJITARrU6p8beshY63HOSQGcswDFMaeZ3S72e4LtJi2vdAdxwnZzr%2BEktVM8Ao723FErwQzkUNcMumlBIB%2BatkXG9YQTwspEyE3cwPgzMMJNo68yh9awG3tuEo48WVDZXWMABsFcytruhR953khVZk2lKpJTrAAES7rqhrwdI%2FHHWj1rsv%2BMMRHOOSkwdNQLNXMQOgiNwiQqzKUCadUSDX4qSSFCyMS5xG%2FXna5V3awaWv2cfd7efbysNl8vrm77ar%2F58uHqeis%2Bbq6vbi9mb7yHkXwOnV7UDN2B0aXSUnd1ScfC793sZnN1%2Ffrrd%2FDt783tp%2B09fP796mZzsf02enSxuemefPpne2te3%2Fy4uvtiPt683n95%2F7g3B5k7ib5RvbUWzp3EVaI8EfnIjXrGybR6r1nfabjQPE4LWCqJWRPsLRfFCUr2crPgFGDKtTL2tGuYF9inyyM6O7JAid%2F35cDipQswipLAifYoMOtzjVDZT44D5E5PNo1kP8vzHG%2FKJFqvPosBYhS4%2Fo4XQfbBagpXhcZQvucYHdrNPSMpj5fDI7wo9o9vIef2O0Ca4oPVYawJ1cDIBPUAW%2FOKVFPdMfv8Td19%2Bf7xcrK4ObE3XU%2FNaHkkj%2F1yfyI5sLf1BCWI3NNRt66ytkpPBAVUwajjYQttlOTdCD8lKlCSBL45euJ4UdZ6YcuVueYJkLhvyKdAujofB%2FfqXt1s7tXl9uri8u6ZcIcSzMoacgmsYegjJYUWu7Cl2hUrLN2Rh05gA%2FW3Zb6b3ztVeXyFp7Ep08N2SVKcKtj1TljFvWrnnVBY6YlvFOzOhZKypZKYllrlwQ6PJ7t7X9JjWBT7B%2Bbta7UTiQIEOuzw%2BzW5r5WBHOVEK%2F%2FxZTNZjpsKxH%2Fwi%2FggyVa7U555CGV%2F6L1iWAH7PtbCNVu0bPlyJvXCXg5D7I3kky1sTmaSdN3TDa12vjjxY0noJoNtc%2FrjQ%2BQkTojGFt2Th%2FcP%2FwICRTMW&pcode-icookie=f4oGgasDYHs2yb98uO49Pj%2BhCrthawTUnRzZ7hprBv2jnRek96x31rBCHVg%2FQZIrstVFVndF%2BWn5OVENdH2EoXy7V64%3D&imp-id=4&enable-flat-highlight=1&comboblock-unencoded-vast=1&test-tag=246290604621826&ad-session-id=2508161674376558375&target-id=60546126&tga-with-creatives=1&top-ancestor=https%3A%2F%2Fgoo.su&top-ancestor-undetermined=0&pcode-version=709056&pcodever=709056&flash-ver=0&available-width=145&skip-token=yabs.NzIwNTc2MDcyMTQ3MjEzODcKNzIwNTc2MDcyMTQ2MDQ2MjkKNzIwNTc2MDcxNjE0MDM0NTcKNzIwNTc2MDUzODE3MDI1NDg%3D&layout-config=%7B%22win_width%22%3A1280%2C%22win_height%22%3A939%2C%22pixel_ratio%22%3A1%2C%22bandwidth%22%3A-1%2C%22isInIframe%22%3Afalse%2C%22w%22%3A1268%2C%22h%22%3A939%2C%22width%22%3A1268%2C%22height%22%3A0%2C%22visible%22%3A1%2C%22fullscreenHeaderHeight%22%3A80%2C%22left%22%3A0%2C%22top%22%3A657%2C%22ad_no%22%3A4%2C%22darkTheme%22%3Afalse%2C%22req_no%22%3A2%7D&grab-orig-len=384&grab=eyJncmFiX3ZlcnNpb24iOjIsImlzX2FzeW5jIjoxLCJvbGRfZ3JhYl9zaXplIjo1Nn0Kgq6-kTvf80MM9dSIvWpXyDVKKJWAv3dMTrXf_RCJBARtWiSSJVXo23A4YeY8-OPWXpz1OEmSuvgwzkkG-114gvShwyVzD5l2vhdm6JALc4nLZXbCZcKiVHWVqsa84yBy4RbzMSRjYGW68Y3mfg49jQ8pQjU4-GfElzUpMZeUi6GSR07MWczGaz7RJ-eusvVSybEuT2SxZq26n1jNhkO3eH7OPuXMzjrf7LHPYkNozC2OGZnIHp3eeOAfQUXZfOVfixc0G7Xen9VvXcBDK1MqM2lNyB1g7Gi_ApI2EAhEZASpR2QA2yhMVBSQgv8%3D&uniformat=true&callback=Ya%5B2155387652803%5D
87.250.250.90200 OK 0 B URL HTTP/2 an.yandex.ru/meta/1677322?target-ref=https%3A%2F%2Fgoo.su%2FjYgQrdi&charset=utf-8&pcode-test-ids=657519%2C0%2C73%3B706837%2C0%2C70%3B685674%2C0%2C23%3B672577%2C0%2C10%3B705194%2C0%2C56%3B709056%2C0%2C96%3B681853%2C0%2C60&pcode-flags-map=eJytWG1v2zYQ%2FiuDPxedXimp3yiJsjlLlEZSTtyiINzWTQIk6dCmRbYi%2F31HUbYlOaGTbkAQ2ILu4fFennvOP2d0zmpOVEWFILnKscSqwRxXQhU1Vyuak1pRprK6SuvZm3c%2FZz8219%2B3szez7f1fs1ezu%2B23O%2FoJvoaJE4Th7OH9q9kKC8XJny0RUq0q3KiC15XCuRjZS96SIQByIy92OgDCcFqSyeHwoaCMSgL%2BZUuxqKU6o3JRt1Jh8F0Km3coDFHsvxj8%2F0DGZakaXudtJsXxMS%2BDJgD5wrwMQHRe4MwzSIUqcUrKDgpAUswY4fbsIN8PoqEvjJwpsQRr%2BNOANc4JV02J1xOoqUNx6CXJ3iHKGjwnSkiaLdcqp0KD513UUp3avKjP4TEnmVSClOUImpw3Y%2BjI9Q7QrRh7yTBrWvstEzdygj2AXHCIFuFch6lQouUrsoaQQxLnigrFoExWuKT5CVAPhfEeFOc6%2Bmtdtz2SrE2b9D1jBYucKIijQzqlKTnCBa3ZyDJykB%2FEY9vYDd3OtmW0T5guAVw1Q9O7r9%2B3A7PAi%2F3ENKaOqBBdzUxsplkeGEFxCEKYqlNBIICT4rjdfLjejix95CXmhgU9B2JiakHofCEVk%2FYjg9BPzPXWmOXkXPFW5XWFKbMSlxN5Ptqfl%2FJ6Cc7CWWrOJ5mdWrpRGKNHD9SFLDlNreae6yBTbG8J81TRQs2f0Rxoh1bQE1bbwA16suxs%2B75Rac11UjnOaSt%2BeybCGmu%2FjcPQeGd4bWW8MPCjPs55oatWNDWDwpC0IlDVI1PPcZyxbeD45s5NVudEt4AgzEqDYRACTF9Kmg040bW7O09pErCaB1HkHZtDQ8P%2FM91EUJ2%2FgrBzACigHWXLdx63LgnmTFV63q4wp3hyb290aOg4fZQbTmtO5VqlayB%2BctbU3B4wFKG%2B93Z10RNoJqzUHAL9xYOKBIrLMLAf0HCWQZaEhSXCxA9dd2TbVbHYT%2BkGmI%2ByuR0kCAPjeVa3TEIpy3VDlG%2F3GhgxHKSn4hnESdCUlhA1%2B3FJhJ60VDXM1xLm0onTdxhVW0pqZqkCgi0ozDGqL1HgzN7NSexF0cCPHsRMeRgPUGx6sKYgGnTHSF6X5Ykp63iBb6puznHq2d%2BFEnUO7ypB3478DV3Psb3%2FSOe74RMWu%2BJYkG78cJITARrU6p8beshY63HOSQGcswDFMaeZ3S72e4LtJi2vdAdxwnZzr%2BEktVM8Ao723FErwQzkUNcMumlBIB%2BatkXG9YQTwspEyE3cwPgzMMJNo68yh9awG3tuEo48WVDZXWMABsFcytruhR953khVZk2lKpJTrAAES7rqhrwdI%2FHHWj1rsv%2BMMRHOOSkwdNQLNXMQOgiNwiQqzKUCadUSDX4qSSFCyMS5xG%2FXna5V3awaWv2cfd7efbysNl8vrm77ar%2F58uHqeis%2Bbq6vbi9mb7yHkXwOnV7UDN2B0aXSUnd1ScfC793sZnN1%2Ffrrd%2FDt783tp%2B09fP796mZzsf02enSxuemefPpne2te3%2Fy4uvtiPt683n95%2F7g3B5k7ib5RvbUWzp3EVaI8EfnIjXrGybR6r1nfabjQPE4LWCqJWRPsLRfFCUr2crPgFGDKtTL2tGuYF9inyyM6O7JAid%2F35cDipQswipLAifYoMOtzjVDZT44D5E5PNo1kP8vzHG%2FKJFqvPosBYhS4%2Fo4XQfbBagpXhcZQvucYHdrNPSMpj5fDI7wo9o9vIef2O0Ca4oPVYawJ1cDIBPUAW%2FOKVFPdMfv8Td19%2Bf7xcrK4ObE3XU%2FNaHkkj%2F1yfyI5sLf1BCWI3NNRt66ytkpPBAVUwajjYQttlOTdCD8lKlCSBL45euJ4UdZ6YcuVueYJkLhvyKdAujofB%2FfqXt1s7tXl9uri8u6ZcIcSzMoacgmsYegjJYUWu7Cl2hUrLN2Rh05gA%2FW3Zb6b3ztVeXyFp7Ep08N2SVKcKtj1TljFvWrnnVBY6YlvFOzOhZKypZKYllrlwQ6PJ7t7X9JjWBT7B%2Bbta7UTiQIEOuzw%2BzW5r5WBHOVEK%2F%2FxZTNZjpsKxH%2Fwi%2FggyVa7U555CGV%2F6L1iWAH7PtbCNVu0bPlyJvXCXg5D7I3kky1sTmaSdN3TDa12vjjxY0noJoNtc%2FrjQ%2BQkTojGFt2Th%2FcP%2FwICRTMW&pcode-icookie=f4oGgasDYHs2yb98uO49Pj%2BhCrthawTUnRzZ7hprBv2jnRek96x31rBCHVg%2FQZIrstVFVndF%2BWn5OVENdH2EoXy7V64%3D&imp-id=4&enable-flat-highlight=1&comboblock-unencoded-vast=1&test-tag=246290604621826&ad-session-id=2508161674376558375&target-id=60546126&tga-with-creatives=1&top-ancestor=https%3A%2F%2Fgoo.su&top-ancestor-undetermined=0&pcode-version=709056&pcodever=709056&flash-ver=0&available-width=145&skip-token=yabs.NzIwNTc2MDcyMTQ3MjEzODcKNzIwNTc2MDcyMTQ2MDQ2MjkKNzIwNTc2MDcxNjE0MDM0NTcKNzIwNTc2MDUzODE3MDI1NDg%3D&layout-config=%7B%22win_width%22%3A1280%2C%22win_height%22%3A939%2C%22pixel_ratio%22%3A1%2C%22bandwidth%22%3A-1%2C%22isInIframe%22%3Afalse%2C%22w%22%3A1268%2C%22h%22%3A939%2C%22width%22%3A1268%2C%22height%22%3A0%2C%22visible%22%3A1%2C%22fullscreenHeaderHeight%22%3A80%2C%22left%22%3A0%2C%22top%22%3A657%2C%22ad_no%22%3A4%2C%22darkTheme%22%3Afalse%2C%22req_no%22%3A2%7D&grab-orig-len=384&grab=eyJncmFiX3ZlcnNpb24iOjIsImlzX2FzeW5jIjoxLCJvbGRfZ3JhYl9zaXplIjo1Nn0Kgq6-kTvf80MM9dSIvWpXyDVKKJWAv3dMTrXf_RCJBARtWiSSJVXo23A4YeY8-OPWXpz1OEmSuvgwzkkG-114gvShwyVzD5l2vhdm6JALc4nLZXbCZcKiVHWVqsa84yBy4RbzMSRjYGW68Y3mfg49jQ8pQjU4-GfElzUpMZeUi6GSR07MWczGaz7RJ-eusvVSybEuT2SxZq26n1jNhkO3eH7OPuXMzjrf7LHPYkNozC2OGZnIHp3eeOAfQUXZfOVfixc0G7Xen9VvXcBDK1MqM2lNyB1g7Gi_ApI2EAhEZASpR2QA2yhMVBSQgv8%3D&uniformat=true&callback=Ya%5B2155387652803%5D
IP 87.250.250.90:0
GET /meta/1677322?target-ref=https%3A%2F%2Fgoo.su%2FjYgQrdi&charset=utf-8&pcode-test-ids=657519%2C0%2C73%3B706837%2C0%2C70%3B685674%2C0%2C23%3B672577%2C0%2C10%3B705194%2C0%2C56%3B709056%2C0%2C96%3B681853%2C0%2C60&pcode-flags-map=eJytWG1v2zYQ%2FiuDPxedXimp3yiJsjlLlEZSTtyiINzWTQIk6dCmRbYi%2F31HUbYlOaGTbkAQ2ILu4fFennvOP2d0zmpOVEWFILnKscSqwRxXQhU1Vyuak1pRprK6SuvZm3c%2FZz8219%2B3szez7f1fs1ezu%2B23O%2FoJvoaJE4Th7OH9q9kKC8XJny0RUq0q3KiC15XCuRjZS96SIQByIy92OgDCcFqSyeHwoaCMSgL%2BZUuxqKU6o3JRt1Jh8F0Km3coDFHsvxj8%2F0DGZakaXudtJsXxMS%2BDJgD5wrwMQHRe4MwzSIUqcUrKDgpAUswY4fbsIN8PoqEvjJwpsQRr%2BNOANc4JV02J1xOoqUNx6CXJ3iHKGjwnSkiaLdcqp0KD513UUp3avKjP4TEnmVSClOUImpw3Y%2BjI9Q7QrRh7yTBrWvstEzdygj2AXHCIFuFch6lQouUrsoaQQxLnigrFoExWuKT5CVAPhfEeFOc6%2Bmtdtz2SrE2b9D1jBYucKIijQzqlKTnCBa3ZyDJykB%2FEY9vYDd3OtmW0T5guAVw1Q9O7r9%2B3A7PAi%2F3ENKaOqBBdzUxsplkeGEFxCEKYqlNBIICT4rjdfLjejix95CXmhgU9B2JiakHofCEVk%2FYjg9BPzPXWmOXkXPFW5XWFKbMSlxN5Ptqfl%2FJ6Cc7CWWrOJ5mdWrpRGKNHD9SFLDlNreae6yBTbG8J81TRQs2f0Rxoh1bQE1bbwA16suxs%2B75Rac11UjnOaSt%2BeybCGmu%2FjcPQeGd4bWW8MPCjPs55oatWNDWDwpC0IlDVI1PPcZyxbeD45s5NVudEt4AgzEqDYRACTF9Kmg040bW7O09pErCaB1HkHZtDQ8P%2FM91EUJ2%2FgrBzACigHWXLdx63LgnmTFV63q4wp3hyb290aOg4fZQbTmtO5VqlayB%2BctbU3B4wFKG%2B93Z10RNoJqzUHAL9xYOKBIrLMLAf0HCWQZaEhSXCxA9dd2TbVbHYT%2BkGmI%2ByuR0kCAPjeVa3TEIpy3VDlG%2F3GhgxHKSn4hnESdCUlhA1%2B3FJhJ60VDXM1xLm0onTdxhVW0pqZqkCgi0ozDGqL1HgzN7NSexF0cCPHsRMeRgPUGx6sKYgGnTHSF6X5Ykp63iBb6puznHq2d%2BFEnUO7ypB3478DV3Psb3%2FSOe74RMWu%2BJYkG78cJITARrU6p8beshY63HOSQGcswDFMaeZ3S72e4LtJi2vdAdxwnZzr%2BEktVM8Ao723FErwQzkUNcMumlBIB%2BatkXG9YQTwspEyE3cwPgzMMJNo68yh9awG3tuEo48WVDZXWMABsFcytruhR953khVZk2lKpJTrAAES7rqhrwdI%2FHHWj1rsv%2BMMRHOOSkwdNQLNXMQOgiNwiQqzKUCadUSDX4qSSFCyMS5xG%2FXna5V3awaWv2cfd7efbysNl8vrm77ar%2F58uHqeis%2Bbq6vbi9mb7yHkXwOnV7UDN2B0aXSUnd1ScfC793sZnN1%2Ffrrd%2FDt783tp%2B09fP796mZzsf02enSxuemefPpne2te3%2Fy4uvtiPt683n95%2F7g3B5k7ib5RvbUWzp3EVaI8EfnIjXrGybR6r1nfabjQPE4LWCqJWRPsLRfFCUr2crPgFGDKtTL2tGuYF9inyyM6O7JAid%2F35cDipQswipLAifYoMOtzjVDZT44D5E5PNo1kP8vzHG%2FKJFqvPosBYhS4%2Fo4XQfbBagpXhcZQvucYHdrNPSMpj5fDI7wo9o9vIef2O0Ca4oPVYawJ1cDIBPUAW%2FOKVFPdMfv8Td19%2Bf7xcrK4ObE3XU%2FNaHkkj%2F1yfyI5sLf1BCWI3NNRt66ytkpPBAVUwajjYQttlOTdCD8lKlCSBL45euJ4UdZ6YcuVueYJkLhvyKdAujofB%2FfqXt1s7tXl9uri8u6ZcIcSzMoacgmsYegjJYUWu7Cl2hUrLN2Rh05gA%2FW3Zb6b3ztVeXyFp7Ep08N2SVKcKtj1TljFvWrnnVBY6YlvFOzOhZKypZKYllrlwQ6PJ7t7X9JjWBT7B%2Bbta7UTiQIEOuzw%2BzW5r5WBHOVEK%2F%2FxZTNZjpsKxH%2Fwi%2FggyVa7U555CGV%2F6L1iWAH7PtbCNVu0bPlyJvXCXg5D7I3kky1sTmaSdN3TDa12vjjxY0noJoNtc%2FrjQ%2BQkTojGFt2Th%2FcP%2FwICRTMW&pcode-icookie=f4oGgasDYHs2yb98uO49Pj%2BhCrthawTUnRzZ7hprBv2jnRek96x31rBCHVg%2FQZIrstVFVndF%2BWn5OVENdH2EoXy7V64%3D&imp-id=4&enable-flat-highlight=1&comboblock-unencoded-vast=1&test-tag=246290604621826&ad-session-id=2508161674376558375&target-id=60546126&tga-with-creatives=1&top-ancestor=https%3A%2F%2Fgoo.su&top-ancestor-undetermined=0&pcode-version=709056&pcodever=709056&flash-ver=0&available-width=145&skip-token=yabs.NzIwNTc2MDcyMTQ3MjEzODcKNzIwNTc2MDcyMTQ2MDQ2MjkKNzIwNTc2MDcxNjE0MDM0NTcKNzIwNTc2MDUzODE3MDI1NDg%3D&layout-config=%7B%22win_width%22%3A1280%2C%22win_height%22%3A939%2C%22pixel_ratio%22%3A1%2C%22bandwidth%22%3A-1%2C%22isInIframe%22%3Afalse%2C%22w%22%3A1268%2C%22h%22%3A939%2C%22width%22%3A1268%2C%22height%22%3A0%2C%22visible%22%3A1%2C%22fullscreenHeaderHeight%22%3A80%2C%22left%22%3A0%2C%22top%22%3A657%2C%22ad_no%22%3A4%2C%22darkTheme%22%3Afalse%2C%22req_no%22%3A2%7D&grab-orig-len=384&grab=eyJncmFiX3ZlcnNpb24iOjIsImlzX2FzeW5jIjoxLCJvbGRfZ3JhYl9zaXplIjo1Nn0Kgq6-kTvf80MM9dSIvWpXyDVKKJWAv3dMTrXf_RCJBARtWiSSJVXo23A4YeY8-OPWXpz1OEmSuvgwzkkG-114gvShwyVzD5l2vhdm6JALc4nLZXbCZcKiVHWVqsa84yBy4RbzMSRjYGW68Y3mfg49jQ8pQjU4-GfElzUpMZeUi6GSR07MWczGaz7RJ-eusvVSybEuT2SxZq26n1jNhkO3eH7OPuXMzjrf7LHPYkNozC2OGZnIHp3eeOAfQUXZfOVfixc0G7Xen9VvXcBDK1MqM2lNyB1g7Gi_ApI2EAhEZASpR2QA2yhMVBSQgv8%3D&uniformat=true&callback=Ya%5B2155387652803%5D HTTP/1.1
Host: an.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Origin: https://goo.su
Connection: keep-alive
Referer: https://goo.su/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
uniformat: true
uniformat-product-type: Direct
content-encoding: gzip
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
access-control-allow-origin: https://goo.su
x-xss-protection: 1; mode=block
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
x-yandex-req-id: 1674376560276213-1145963224567260666300109-production-app-host-sas-pcode-494
last-modified: Sun, 22 Jan 2023 08:36:00 GMT
date: Sun, 22 Jan 2023 08:36:00 GMT
set-cookie: yabs-vdrf=A0; domain=an.yandex.ru; path=/; expires=Sun, 29-Jan-2023 08:36:00 GMT
i=ZBJHFgaDeyaa+KpI3l53SorjX8ZYvgMfNWB6N08uwemIwJffeOytARtWj8uI+uQPPkYyN00OfC6rB/Bey2aX5sfbVv8=; Expires=Tue, 21-Jan-2025 08:36:00 GMT; Domain=.yandex.ru; Path=/; Secure; HttpOnly
content-type: application/json
pragma: no-cache
access-control-allow-credentials: true
timing-allow-origin: *
ssr: true
strict-transport-security: max-age=31536000
expires: Sun, 22 Jan 2023 08:36:00 GMT
X-Firefox-Spdy: h2
mc.yandex.ru/watch/39370120?vsid=1b98ca9d5c12d24e7510381f13a496e4fc17ed1a8becxVASx9056x1674376558
87.250.251.119302 Found 0 B URL HTTP/2 mc.yandex.ru/watch/39370120?vsid=1b98ca9d5c12d24e7510381f13a496e4fc17ed1a8becxVASx9056x1674376558
IP 87.250.251.119:0
POST /watch/39370120?vsid=1b98ca9d5c12d24e7510381f13a496e4fc17ed1a8becxVASx9056x1674376558 HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://goo.su
Connection: keep-alive
Referer: https://goo.su/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
TE: trailers
HTTP/2 302 Found
location: /watch/39370120/1?vsid=1b98ca9d5c12d24e7510381f13a496e4fc17ed1a8becxVASx9056x1674376558
date: Sun, 22 Jan 2023 08:36:01 GMT
access-control-allow-origin: https://goo.su
set-cookie: yabs-sid=1534403871674376561; Path=/; SameSite=None; Secure
i=pdQ7wTCB8plcCs0lx3pg+dy2OwCwPYV/M/ji0Nbnchz0EhLeI9YMhSlhX7YQgmIo2neFYINdfivKuMj6KwcnG4VbF5I=; Expires=Wed, 19-Jan-2033 08:35:54 GMT; Domain=.yandex.ru; Path=/; Secure; HttpOnly; SameSite=None
yandexuid=4493122991674376561; Expires=Mon, 22-Jan-2024 08:36:01 GMT; Domain=.yandex.ru; Path=/; SameSite=None; Secure
yuidss=4493122991674376561; Expires=Mon, 22-Jan-2024 08:36:01 GMT; Domain=.yandex.ru; Path=/; SameSite=None; Secure
ymex=1705912561.yc.1674376561#1705912561.yrts.1674376561#1705912561.yrtsi.1674376561; Expires=Mon, 22-Jan-2024 08:36:01 GMT; Domain=.yandex.ru; Path=/; SameSite=None; Secure
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Sun, 22-Jan-2023 08:36:01 GMT
last-modified: Sun, 22-Jan-2023 08:36:01 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Roboto:400&display=swap
142.250.74.138200 OK 0 B URL HTTP/2 fonts.googleapis.com/css?family=Roboto:400&display=swap
IP 142.250.74.138:0
GET /css?family=Roboto:400&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://goo.su/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sun, 22 Jan 2023 08:35:58 GMT
date: Sun, 22 Jan 2023 08:35:58 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
yastatic.net/q/set/s/rsya-tag-users/bundle.js
178.154.131.217200 OK 0 B URL HTTP/2 yastatic.net/q/set/s/rsya-tag-users/bundle.js
IP 178.154.131.217:0
GET /q/set/s/rsya-tag-users/bundle.js HTTP/1.1
Host: yastatic.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://yastatic.net/safeframe-bundles/0.83/1-1-0/render.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx/1.17.9
date: Sun, 22 Jan 2023 08:36:01 GMT
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31556952
content-encoding: br
etag: W/"82bdc8db563d3e71c35534315f8a9fd5"
expires: Tue, 24 Jan 2023 20:34:19 GMT
last-modified: Fri, 29 Oct 2021 11:19:01 GMT
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
strict-transport-security: max-age=43200000; includeSubDomains;
timing-allow-origin: *
vary: Accept-Encoding
x-nginx-request-id: 24389691a877702a
X-Firefox-Spdy: h2
ap.lc/static/server.js
78.47.194.146200 OK 0 B IP 78.47.194.146:0
ASN #24940 Hetzner Online GmbH
GET /static/server.js HTTP/1.1
Host: ap.lc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ap.lc/uubBS?asdnwbdowqkamwo
Cookie: PHPSESSID=0t3ceshlu0r9kjg6pm7u8lenl6; XSRF-TOKEN=eyJpdiI6Ik9XWHFINEViVXdIcExCY3hjZFUvNlE9PSIsInZhbHVlIjoic1FnZW4ySXhLdytpS3MzRk1CM0loTktUTFhSYVJtYkF1RWZoUGlqUmhkYXE3SE9UUzNjYzdGNmFLNjRvRVdZckZ5Q3VudjZwdnlQeXgweWRJektkZWJxc0RsVnBLVDlEU0F2VGxCMVlLWGgzMm1McXYvUDBwL085b1lIOUNCQTkiLCJtYWMiOiJkY2RlMDQ5NDdmZTdhZmE1OGMwMDA3NzI5ODM4NzRkOTlkOGQ0NDdkNzMxYjJhMWNjOWMwOTIyNmE4ZTMzNDI0In0%3D; urlverkorten_session=eyJpdiI6IlArTmdvaWhkS29Ma1BkQmZWYkZEUXc9PSIsInZhbHVlIjoiRmR2ODJCU1hYMG8zR1lpQnVNNVZMOXJkVEhxUjJXY1drSjRXcXd3QUdMOTJRQzZDLytVVk9aOWdOLzAzczNsOXlCWHdHSXRJTEQ0YTVWanp4QXhrRDRiMklIWmM3UWF6VTI3Zkd2ZFppSzlCT0xkMnJiZGpNYlpBbXpvTk1xcHoiLCJtYWMiOiJhNTcyZjVmZDY4NTlmNWQzM2VhMDlhZTc1ZDA2N2NjMGEwNWZmNGIxZDk4MmZhZjUyNjA3NzM2OTY3MzliN2Y0In0%3D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 22 Jan 2023 08:36:06 GMT
content-type: application/javascript; charset=utf-8
last-modified: Thu, 28 Jan 2021 09:40:14 GMT
vary: Accept-Encoding
etag: W/"6012867e-2f50"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
content-encoding: gzip
X-Firefox-Spdy: h2
st.top100.ru/top100/3.13.4/usability.js
81.19.89.16200 OK 0 B URL HTTP/2 st.top100.ru/top100/3.13.4/usability.js
IP 81.19.89.16:0
ASN #24638 Rambler Internet Holding LLC
GET /top100/3.13.4/usability.js HTTP/1.1
Host: st.top100.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://goo.su/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx/1.19.4
date: Sun, 22 Jan 2023 08:35:59 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Thu, 19 Jan 2023 11:16:44 GMT
x-rgw-object-type: Normal
etag: W/"c057d219824a2c96eba73ee915d4fb84"
x-amz-request-id: tx00000000000021bc53a07-0063ccf4ef-f85be6-default
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
set-cookie: proto_uid=1CIAAG/1zGNzI4tmAfbkDwB=; expires=Thu, 31-Dec-37 23:55:55 GMT; domain=.rambler.ru; path=/
p3p: CP="NON DSP NID ADMa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
content-encoding: gzip
X-Firefox-Spdy: h2
an.yandex.ru/tracking/WUGejI_zO3C1rGu0L1e00000-tIUEGK0Cm8nSFNCOm00000ubE3C0M2y26W4W041Y07QxxxJcm6G0UZ_dOxZW8200fW1wF-TZcEu0VgHfzibs076cCoh0U01se2cfW6O0eQeuHgW0loGgnN00Wk0EEW4pmFu18sC5OW5hEO8a0MDZ1MW1OQO1wW5XfW7i0M6c0Uu1OQO1y05fkS6o0Nog0BW1PG1e0Rk0QW6xW791d19f_5JWeb_gGUayvYxFCIz0BW7W0NG1nRW1-WB-0S1meA01kW91uWB2AeB46eHHLwaym00oOqOBDRo1G21W820Y0Ie3wJdqxdCX_5UW12ZoeuceIYO4SBvAg6vFu0KW8221AWKZOmLm1I0siG9o1G7ZVoWdWRW507O5jRtxzdQmxkDmG615_0_c1Ull_ukq1VGXWFO5vI6Fz0O8VWOmOhsxAEFlFnZW1cu6W6270rlP4CwLKf8KdbBKsOtwHo07N_G7ftWbxMnl_gwAzWUkTmUe1-Zoeuci1y1o1-ZZEPLqXy6Dp0vC3Ksu201q27___y1rIB__t__WIE98vgPcPcPcTa_3m1L8CbNHwc3j4aWLow5W2a6mPIGRo_16uAUB0eW95X25KAeFFeLY1H36pe4bWFM8eDH~1?action-id=0&adsdk-bundle-version=706348&adsdk-bundle-name=AdLoader&adsdk-container-visibility=100&adsdk-container-width=152&adsdk-container-height=152&video-avatar-width=152&video-avatar-height=152&ad-session-id=2508161674376558375&vsid=1b98ca9d5c12d24e7510381f13a496e4fc17ed1a8becxVASx9056x1674376558&top-ancestor=https%3A%2F%2Fgoo.su&top-ancestor-undetermined=0&client-ts=1674376560379&client-timezone-offset=0&viewability-undetermined=0&video-volume=100&video-muted=1&pcode-active-testids=685674%2C0%2C23&document-has-focus=true&is-fullscreen=false&ad-pod-id=a34sdf%3B1125267011%3B0%3B8d51ed3df9cff5c0%3B53414535917532068%3B0%3B1677322%3B4%3B0&product-theme=unknown&layout-config=%7B%22win_width%22%3A1280%2C%22win_height%22%3A1024%2C%22pixel_ratio%22%3A1%2C%22bandwidth%22%3A-1%2C%22width%22%3A152%2C%22height%22%3A152%2C%22w%22%3A152%2C%22h%22%3A152%2C%22left%22%3A-1%2C%22top%22%3A656%2C%22visible%22%3A1%2C%22req_no%22%3A1%7D
87.250.250.90200 OK 0 B URL HTTP/2 an.yandex.ru/tracking/WUGejI_zO3C1rGu0L1e00000-tIUEGK0Cm8nSFNCOm00000ubE3C0M2y26W4W041Y07QxxxJcm6G0UZ_dOxZW8200fW1wF-TZcEu0VgHfzibs076cCoh0U01se2cfW6O0eQeuHgW0loGgnN00Wk0EEW4pmFu18sC5OW5hEO8a0MDZ1MW1OQO1wW5XfW7i0M6c0Uu1OQO1y05fkS6o0Nog0BW1PG1e0Rk0QW6xW791d19f_5JWeb_gGUayvYxFCIz0BW7W0NG1nRW1-WB-0S1meA01kW91uWB2AeB46eHHLwaym00oOqOBDRo1G21W820Y0Ie3wJdqxdCX_5UW12ZoeuceIYO4SBvAg6vFu0KW8221AWKZOmLm1I0siG9o1G7ZVoWdWRW507O5jRtxzdQmxkDmG615_0_c1Ull_ukq1VGXWFO5vI6Fz0O8VWOmOhsxAEFlFnZW1cu6W6270rlP4CwLKf8KdbBKsOtwHo07N_G7ftWbxMnl_gwAzWUkTmUe1-Zoeuci1y1o1-ZZEPLqXy6Dp0vC3Ksu201q27___y1rIB__t__WIE98vgPcPcPcTa_3m1L8CbNHwc3j4aWLow5W2a6mPIGRo_16uAUB0eW95X25KAeFFeLY1H36pe4bWFM8eDH~1?action-id=0&adsdk-bundle-version=706348&adsdk-bundle-name=AdLoader&adsdk-container-visibility=100&adsdk-container-width=152&adsdk-container-height=152&video-avatar-width=152&video-avatar-height=152&ad-session-id=2508161674376558375&vsid=1b98ca9d5c12d24e7510381f13a496e4fc17ed1a8becxVASx9056x1674376558&top-ancestor=https%3A%2F%2Fgoo.su&top-ancestor-undetermined=0&client-ts=1674376560379&client-timezone-offset=0&viewability-undetermined=0&video-volume=100&video-muted=1&pcode-active-testids=685674%2C0%2C23&document-has-focus=true&is-fullscreen=false&ad-pod-id=a34sdf%3B1125267011%3B0%3B8d51ed3df9cff5c0%3B53414535917532068%3B0%3B1677322%3B4%3B0&product-theme=unknown&layout-config=%7B%22win_width%22%3A1280%2C%22win_height%22%3A1024%2C%22pixel_ratio%22%3A1%2C%22bandwidth%22%3A-1%2C%22width%22%3A152%2C%22height%22%3A152%2C%22w%22%3A152%2C%22h%22%3A152%2C%22left%22%3A-1%2C%22top%22%3A656%2C%22visible%22%3A1%2C%22req_no%22%3A1%7D
IP 87.250.250.90:0
POST /tracking/WUGejI_zO3C1rGu0L1e00000-tIUEGK0Cm8nSFNCOm00000ubE3C0M2y26W4W041Y07QxxxJcm6G0UZ_dOxZW8200fW1wF-TZcEu0VgHfzibs076cCoh0U01se2cfW6O0eQeuHgW0loGgnN00Wk0EEW4pmFu18sC5OW5hEO8a0MDZ1MW1OQO1wW5XfW7i0M6c0Uu1OQO1y05fkS6o0Nog0BW1PG1e0Rk0QW6xW791d19f_5JWeb_gGUayvYxFCIz0BW7W0NG1nRW1-WB-0S1meA01kW91uWB2AeB46eHHLwaym00oOqOBDRo1G21W820Y0Ie3wJdqxdCX_5UW12ZoeuceIYO4SBvAg6vFu0KW8221AWKZOmLm1I0siG9o1G7ZVoWdWRW507O5jRtxzdQmxkDmG615_0_c1Ull_ukq1VGXWFO5vI6Fz0O8VWOmOhsxAEFlFnZW1cu6W6270rlP4CwLKf8KdbBKsOtwHo07N_G7ftWbxMnl_gwAzWUkTmUe1-Zoeuci1y1o1-ZZEPLqXy6Dp0vC3Ksu201q27___y1rIB__t__WIE98vgPcPcPcTa_3m1L8CbNHwc3j4aWLow5W2a6mPIGRo_16uAUB0eW95X25KAeFFeLY1H36pe4bWFM8eDH~1?action-id=0&adsdk-bundle-version=706348&adsdk-bundle-name=AdLoader&adsdk-container-visibility=100&adsdk-container-width=152&adsdk-container-height=152&video-avatar-width=152&video-avatar-height=152&ad-session-id=2508161674376558375&vsid=1b98ca9d5c12d24e7510381f13a496e4fc17ed1a8becxVASx9056x1674376558&top-ancestor=https%3A%2F%2Fgoo.su&top-ancestor-undetermined=0&client-ts=1674376560379&client-timezone-offset=0&viewability-undetermined=0&video-volume=100&video-muted=1&pcode-active-testids=685674%2C0%2C23&document-has-focus=true&is-fullscreen=false&ad-pod-id=a34sdf%3B1125267011%3B0%3B8d51ed3df9cff5c0%3B53414535917532068%3B0%3B1677322%3B4%3B0&product-theme=unknown&layout-config=%7B%22win_width%22%3A1280%2C%22win_height%22%3A1024%2C%22pixel_ratio%22%3A1%2C%22bandwidth%22%3A-1%2C%22width%22%3A152%2C%22height%22%3A152%2C%22w%22%3A152%2C%22h%22%3A152%2C%22left%22%3A-1%2C%22top%22%3A656%2C%22visible%22%3A1%2C%22req_no%22%3A1%7D HTTP/1.1
Host: an.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://goo.su
Connection: keep-alive
Referer: https://goo.su/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
TE: trailers
HTTP/2 200 OK
timing-allow-origin: *
date: Sun, 22 Jan 2023 08:36:02 GMT
access-control-allow-origin: https://goo.su
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Sun, 22 Jan 2023 08:36:02 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
last-modified: Sun, 22 Jan 2023 08:36:02 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-encoding: gzip
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
an.yandex.ru/rtbcount/1MPb7isN0US100000000U9nJpDyR7l7xxuyOmoMVVpHe7jdBO9d_zKmo0n1umaH2fquyOnZBDKEI8PKHA9wvvBDC8KYyb1d8goq74gsC8B8J90i4J0mp6QypGzWB6UsWh9MCjb3vlOnhdWap70NpppA21A-2oRkC338C37yPPp4nCCnb0eciPOe2acUP_WF1AoQ1XUoUTKi-Cp2ysYMiS-qJAyDV9XQGvSoiGBANMH58JcK6QPlBp0Qoa9c9GG5a7yj6PlNjPHm7ZvzJEicSVtVsfme6eQghO9LtmUHFPWSdVeXpMKwzEWDchM2vphw1vJyCCEvWOJg0nBt90l7B1_k7B1fJDxjpPjomVyi2yj42LjwJh5mpkC3I5rWR5ZImt6JDbtpvo6tgtTolh23T7MmDB3FOhXmENi3MlMVpXjQ_P_QNhMI36NE0pUC46_CZDjxy56Uh3DEAW4hlu3Jpbsmm2t_2MHFPYweMpEHkUcS_YvtDtC3ImDHi0plJ3dQU4-pY3zZRRpNjdFHfmsBk7-my04I1e2y0?confirmTime=2101000&confirmRatio=1000000&test-tag=246290604621826&format-type=118&actual-format=8&rnd=6747792254520&pcode-active-testids=685674%2C0%2C23&banner-sizes=eyI3MjA1NzYwNTM4MTcwMjU0OCI6IjEyNjh4MjAwIn0%3D&width=1268&height=200
87.250.250.90200 OK 0 B URL HTTP/2 an.yandex.ru/rtbcount/1MPb7isN0US100000000U9nJpDyR7l7xxuyOmoMVVpHe7jdBO9d_zKmo0n1umaH2fquyOnZBDKEI8PKHA9wvvBDC8KYyb1d8goq74gsC8B8J90i4J0mp6QypGzWB6UsWh9MCjb3vlOnhdWap70NpppA21A-2oRkC338C37yPPp4nCCnb0eciPOe2acUP_WF1AoQ1XUoUTKi-Cp2ysYMiS-qJAyDV9XQGvSoiGBANMH58JcK6QPlBp0Qoa9c9GG5a7yj6PlNjPHm7ZvzJEicSVtVsfme6eQghO9LtmUHFPWSdVeXpMKwzEWDchM2vphw1vJyCCEvWOJg0nBt90l7B1_k7B1fJDxjpPjomVyi2yj42LjwJh5mpkC3I5rWR5ZImt6JDbtpvo6tgtTolh23T7MmDB3FOhXmENi3MlMVpXjQ_P_QNhMI36NE0pUC46_CZDjxy56Uh3DEAW4hlu3Jpbsmm2t_2MHFPYweMpEHkUcS_YvtDtC3ImDHi0plJ3dQU4-pY3zZRRpNjdFHfmsBk7-my04I1e2y0?confirmTime=2101000&confirmRatio=1000000&test-tag=246290604621826&format-type=118&actual-format=8&rnd=6747792254520&pcode-active-testids=685674%2C0%2C23&banner-sizes=eyI3MjA1NzYwNTM4MTcwMjU0OCI6IjEyNjh4MjAwIn0%3D&width=1268&height=200
IP 87.250.250.90:0
GET /rtbcount/1MPb7isN0US100000000U9nJpDyR7l7xxuyOmoMVVpHe7jdBO9d_zKmo0n1umaH2fquyOnZBDKEI8PKHA9wvvBDC8KYyb1d8goq74gsC8B8J90i4J0mp6QypGzWB6UsWh9MCjb3vlOnhdWap70NpppA21A-2oRkC338C37yPPp4nCCnb0eciPOe2acUP_WF1AoQ1XUoUTKi-Cp2ysYMiS-qJAyDV9XQGvSoiGBANMH58JcK6QPlBp0Qoa9c9GG5a7yj6PlNjPHm7ZvzJEicSVtVsfme6eQghO9LtmUHFPWSdVeXpMKwzEWDchM2vphw1vJyCCEvWOJg0nBt90l7B1_k7B1fJDxjpPjomVyi2yj42LjwJh5mpkC3I5rWR5ZImt6JDbtpvo6tgtTolh23T7MmDB3FOhXmENi3MlMVpXjQ_P_QNhMI36NE0pUC46_CZDjxy56Uh3DEAW4hlu3Jpbsmm2t_2MHFPYweMpEHkUcS_YvtDtC3ImDHi0plJ3dQU4-pY3zZRRpNjdFHfmsBk7-my04I1e2y0?confirmTime=2101000&confirmRatio=1000000&test-tag=246290604621826&format-type=118&actual-format=8&rnd=6747792254520&pcode-active-testids=685674%2C0%2C23&banner-sizes=eyI3MjA1NzYwNTM4MTcwMjU0OCI6IjEyNjh4MjAwIn0%3D&width=1268&height=200 HTTP/1.1
Host: an.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Origin: https://goo.su
Connection: keep-alive
Referer: https://goo.su/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
timing-allow-origin: *
date: Sun, 22 Jan 2023 08:36:02 GMT
access-control-allow-origin: https://goo.su
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Sun, 22 Jan 2023 08:36:02 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
last-modified: Sun, 22 Jan 2023 08:36:02 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: image/gif
content-encoding: gzip
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
ap.lc/static/css/components.min.css
78.47.194.146200 OK 0 B URL HTTP/2 ap.lc/static/css/components.min.css
IP 78.47.194.146:0
ASN #24940 Hetzner Online GmbH
GET /static/css/components.min.css HTTP/1.1
Host: ap.lc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ap.lc/uubBS?asdnwbdowqkamwo
Cookie: PHPSESSID=0t3ceshlu0r9kjg6pm7u8lenl6; XSRF-TOKEN=eyJpdiI6Ik9XWHFINEViVXdIcExCY3hjZFUvNlE9PSIsInZhbHVlIjoic1FnZW4ySXhLdytpS3MzRk1CM0loTktUTFhSYVJtYkF1RWZoUGlqUmhkYXE3SE9UUzNjYzdGNmFLNjRvRVdZckZ5Q3VudjZwdnlQeXgweWRJektkZWJxc0RsVnBLVDlEU0F2VGxCMVlLWGgzMm1McXYvUDBwL085b1lIOUNCQTkiLCJtYWMiOiJkY2RlMDQ5NDdmZTdhZmE1OGMwMDA3NzI5ODM4NzRkOTlkOGQ0NDdkNzMxYjJhMWNjOWMwOTIyNmE4ZTMzNDI0In0%3D; urlverkorten_session=eyJpdiI6IlArTmdvaWhkS29Ma1BkQmZWYkZEUXc9PSIsInZhbHVlIjoiRmR2ODJCU1hYMG8zR1lpQnVNNVZMOXJkVEhxUjJXY1drSjRXcXd3QUdMOTJRQzZDLytVVk9aOWdOLzAzczNsOXlCWHdHSXRJTEQ0YTVWanp4QXhrRDRiMklIWmM3UWF6VTI3Zkd2ZFppSzlCT0xkMnJiZGpNYlpBbXpvTk1xcHoiLCJtYWMiOiJhNTcyZjVmZDY4NTlmNWQzM2VhMDlhZTc1ZDA2N2NjMGEwNWZmNGIxZDk4MmZhZjUyNjA3NzM2OTY3MzliN2Y0In0%3D
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 22 Jan 2023 08:36:06 GMT
content-type: text/css
last-modified: Thu, 28 Jan 2021 09:40:14 GMT
vary: Accept-Encoding
etag: W/"6012867e-4b61"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
content-encoding: gzip
X-Firefox-Spdy: h2
ap.lc/themes/cleanex/assets/js/main.js
78.47.194.146200 OK 0 B URL HTTP/2 ap.lc/themes/cleanex/assets/js/main.js
IP 78.47.194.146:0
ASN #24940 Hetzner Online GmbH
GET /themes/cleanex/assets/js/main.js HTTP/1.1
Host: ap.lc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ap.lc/uubBS?asdnwbdowqkamwo
Cookie: PHPSESSID=0t3ceshlu0r9kjg6pm7u8lenl6; XSRF-TOKEN=eyJpdiI6Ik9XWHFINEViVXdIcExCY3hjZFUvNlE9PSIsInZhbHVlIjoic1FnZW4ySXhLdytpS3MzRk1CM0loTktUTFhSYVJtYkF1RWZoUGlqUmhkYXE3SE9UUzNjYzdGNmFLNjRvRVdZckZ5Q3VudjZwdnlQeXgweWRJektkZWJxc0RsVnBLVDlEU0F2VGxCMVlLWGgzMm1McXYvUDBwL085b1lIOUNCQTkiLCJtYWMiOiJkY2RlMDQ5NDdmZTdhZmE1OGMwMDA3NzI5ODM4NzRkOTlkOGQ0NDdkNzMxYjJhMWNjOWMwOTIyNmE4ZTMzNDI0In0%3D; urlverkorten_session=eyJpdiI6IlArTmdvaWhkS29Ma1BkQmZWYkZEUXc9PSIsInZhbHVlIjoiRmR2ODJCU1hYMG8zR1lpQnVNNVZMOXJkVEhxUjJXY1drSjRXcXd3QUdMOTJRQzZDLytVVk9aOWdOLzAzczNsOXlCWHdHSXRJTEQ0YTVWanp4QXhrRDRiMklIWmM3UWF6VTI3Zkd2ZFppSzlCT0xkMnJiZGpNYlpBbXpvTk1xcHoiLCJtYWMiOiJhNTcyZjVmZDY4NTlmNWQzM2VhMDlhZTc1ZDA2N2NjMGEwNWZmNGIxZDk4MmZhZjUyNjA3NzM2OTY3MzliN2Y0In0%3D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 22 Jan 2023 08:36:06 GMT
content-type: application/javascript; charset=utf-8
last-modified: Wed, 27 Jan 2021 14:47:50 GMT
vary: Accept-Encoding
etag: W/"60117d16-365"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
content-encoding: gzip
X-Firefox-Spdy: h2
st.top100.ru/top100/top100.js
81.19.89.16200 OK 0 B URL HTTP/2 st.top100.ru/top100/top100.js
IP 81.19.89.16:0
ASN #24638 Rambler Internet Holding LLC
GET /top100/top100.js HTTP/1.1
Host: st.top100.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://goo.su/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx/1.19.4
date: Sun, 22 Jan 2023 08:35:59 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Thu, 19 Jan 2023 11:16:44 GMT
x-rgw-object-type: Normal
etag: W/"23838a077af66b6710af27ded97d3678"
x-amz-request-id: tx00000000000021bc527be-0063ccf49e-f85be6-default
expires: Sun, 22 Jan 2023 09:35:59 GMT
cache-control: max-age=3600
set-cookie: proto_uid=1CIAAG/1zGNzI4tmAePkDwB=; expires=Thu, 31-Dec-37 23:55:55 GMT; domain=.rambler.ru; path=/
p3p: CP="NON DSP NID ADMa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
content-encoding: gzip
X-Firefox-Spdy: h2
kraken.rambler.ru/cnt/
81.19.89.17200 OK 0 B IP 81.19.89.17:0
ASN #24638 Rambler Internet Holding LLC
POST /cnt/ HTTP/1.1
Host: kraken.rambler.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 497
Origin: https://goo.su
Connection: keep-alive
Referer: https://goo.su/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx/1.19.4
date: Sun, 22 Jan 2023 08:36:04 GMT
content-type: application/octet-stream
expires: Thu, 01 Jan 1970 00:00:01 GMT
cache-control: no-cache
pragma: no-cache
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: content-type
access-control-allow-origin: https://goo.su
access-control-allow-credentials: true
x-srv: 1kraken-prod0003.ad.rambler.tech
set-cookie: ruid=1CIAAHT1zGPZtXWfAXDKEgB=; expires=Thu, 31-Dec-37 23:55:55 GMT; domain=.rambler.ru; path=/
proto_uid=1CIAAHT1zGPZtXWfAXDKEgB=; expires=Thu, 31-Dec-37 23:55:55 GMT; domain=.rambler.ru; path=/
p3p: CP="NON DSP NID ADMa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
X-Firefox-Spdy: h2
ap.lc/static/bootstrap.min.js
78.47.194.146200 OK 0 B URL HTTP/2 ap.lc/static/bootstrap.min.js
IP 78.47.194.146:0
ASN #24940 Hetzner Online GmbH
GET /static/bootstrap.min.js HTTP/1.1
Host: ap.lc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ap.lc/uubBS?asdnwbdowqkamwo
Cookie: PHPSESSID=0t3ceshlu0r9kjg6pm7u8lenl6; XSRF-TOKEN=eyJpdiI6Ik9XWHFINEViVXdIcExCY3hjZFUvNlE9PSIsInZhbHVlIjoic1FnZW4ySXhLdytpS3MzRk1CM0loTktUTFhSYVJtYkF1RWZoUGlqUmhkYXE3SE9UUzNjYzdGNmFLNjRvRVdZckZ5Q3VudjZwdnlQeXgweWRJektkZWJxc0RsVnBLVDlEU0F2VGxCMVlLWGgzMm1McXYvUDBwL085b1lIOUNCQTkiLCJtYWMiOiJkY2RlMDQ5NDdmZTdhZmE1OGMwMDA3NzI5ODM4NzRkOTlkOGQ0NDdkNzMxYjJhMWNjOWMwOTIyNmE4ZTMzNDI0In0%3D; urlverkorten_session=eyJpdiI6IlArTmdvaWhkS29Ma1BkQmZWYkZEUXc9PSIsInZhbHVlIjoiRmR2ODJCU1hYMG8zR1lpQnVNNVZMOXJkVEhxUjJXY1drSjRXcXd3QUdMOTJRQzZDLytVVk9aOWdOLzAzczNsOXlCWHdHSXRJTEQ0YTVWanp4QXhrRDRiMklIWmM3UWF6VTI3Zkd2ZFppSzlCT0xkMnJiZGpNYlpBbXpvTk1xcHoiLCJtYWMiOiJhNTcyZjVmZDY4NTlmNWQzM2VhMDlhZTc1ZDA2N2NjMGEwNWZmNGIxZDk4MmZhZjUyNjA3NzM2OTY3MzliN2Y0In0%3D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 22 Jan 2023 08:36:06 GMT
content-type: application/javascript; charset=utf-8
last-modified: Wed, 27 Jan 2021 14:47:50 GMT
vary: Accept-Encoding
etag: W/"60117d16-d5b"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
content-encoding: gzip
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Open+Sans
142.250.74.138200 OK 0 B URL HTTP/2 fonts.googleapis.com/css?family=Open+Sans
IP 142.250.74.138:0
GET /css?family=Open+Sans HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ap.lc/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sun, 22 Jan 2023 08:36:06 GMT
date: Sun, 22 Jan 2023 08:36:06 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
an.yandex.ru/meta/1677322?target-ref=https%3A%2F%2Fgoo.su%2FjYgQrdi&charset=utf-8&pcode-test-ids=657519%2C0%2C73%3B706837%2C0%2C70%3B685674%2C0%2C23%3B672577%2C0%2C10%3B705194%2C0%2C56%3B709056%2C0%2C96%3B681853%2C0%2C60&pcode-flags-map=eJytWG1v2zYQ%2FiuDPxedXimp3yiJsjlLlEZSTtyiINzWTQIk6dCmRbYi%2F31HUbYlOaGTbkAQ2ILu4fFennvOP2d0zmpOVEWFILnKscSqwRxXQhU1Vyuak1pRprK6SuvZm3c%2FZz8219%2B3szez7f1fs1ezu%2B23O%2FoJvoaJE4Th7OH9q9kKC8XJny0RUq0q3KiC15XCuRjZS96SIQByIy92OgDCcFqSyeHwoaCMSgL%2BZUuxqKU6o3JRt1Jh8F0Km3coDFHsvxj8%2F0DGZakaXudtJsXxMS%2BDJgD5wrwMQHRe4MwzSIUqcUrKDgpAUswY4fbsIN8PoqEvjJwpsQRr%2BNOANc4JV02J1xOoqUNx6CXJ3iHKGjwnSkiaLdcqp0KD513UUp3avKjP4TEnmVSClOUImpw3Y%2BjI9Q7QrRh7yTBrWvstEzdygj2AXHCIFuFch6lQouUrsoaQQxLnigrFoExWuKT5CVAPhfEeFOc6%2Bmtdtz2SrE2b9D1jBYucKIijQzqlKTnCBa3ZyDJykB%2FEY9vYDd3OtmW0T5guAVw1Q9O7r9%2B3A7PAi%2F3ENKaOqBBdzUxsplkeGEFxCEKYqlNBIICT4rjdfLjejix95CXmhgU9B2JiakHofCEVk%2FYjg9BPzPXWmOXkXPFW5XWFKbMSlxN5Ptqfl%2FJ6Cc7CWWrOJ5mdWrpRGKNHD9SFLDlNreae6yBTbG8J81TRQs2f0Rxoh1bQE1bbwA16suxs%2B75Rac11UjnOaSt%2BeybCGmu%2FjcPQeGd4bWW8MPCjPs55oatWNDWDwpC0IlDVI1PPcZyxbeD45s5NVudEt4AgzEqDYRACTF9Kmg040bW7O09pErCaB1HkHZtDQ8P%2FM91EUJ2%2FgrBzACigHWXLdx63LgnmTFV63q4wp3hyb290aOg4fZQbTmtO5VqlayB%2BctbU3B4wFKG%2B93Z10RNoJqzUHAL9xYOKBIrLMLAf0HCWQZaEhSXCxA9dd2TbVbHYT%2BkGmI%2ByuR0kCAPjeVa3TEIpy3VDlG%2F3GhgxHKSn4hnESdCUlhA1%2B3FJhJ60VDXM1xLm0onTdxhVW0pqZqkCgi0ozDGqL1HgzN7NSexF0cCPHsRMeRgPUGx6sKYgGnTHSF6X5Ykp63iBb6puznHq2d%2BFEnUO7ypB3478DV3Psb3%2FSOe74RMWu%2BJYkG78cJITARrU6p8beshY63HOSQGcswDFMaeZ3S72e4LtJi2vdAdxwnZzr%2BEktVM8Ao723FErwQzkUNcMumlBIB%2BatkXG9YQTwspEyE3cwPgzMMJNo68yh9awG3tuEo48WVDZXWMABsFcytruhR953khVZk2lKpJTrAAES7rqhrwdI%2FHHWj1rsv%2BMMRHOOSkwdNQLNXMQOgiNwiQqzKUCadUSDX4qSSFCyMS5xG%2FXna5V3awaWv2cfd7efbysNl8vrm77ar%2F58uHqeis%2Bbq6vbi9mb7yHkXwOnV7UDN2B0aXSUnd1ScfC793sZnN1%2Ffrrd%2FDt783tp%2B09fP796mZzsf02enSxuemefPpne2te3%2Fy4uvtiPt683n95%2F7g3B5k7ib5RvbUWzp3EVaI8EfnIjXrGybR6r1nfabjQPE4LWCqJWRPsLRfFCUr2crPgFGDKtTL2tGuYF9inyyM6O7JAid%2F35cDipQswipLAifYoMOtzjVDZT44D5E5PNo1kP8vzHG%2FKJFqvPosBYhS4%2Fo4XQfbBagpXhcZQvucYHdrNPSMpj5fDI7wo9o9vIef2O0Ca4oPVYawJ1cDIBPUAW%2FOKVFPdMfv8Td19%2Bf7xcrK4ObE3XU%2FNaHkkj%2F1yfyI5sLf1BCWI3NNRt66ytkpPBAVUwajjYQttlOTdCD8lKlCSBL45euJ4UdZ6YcuVueYJkLhvyKdAujofB%2FfqXt1s7tXl9uri8u6ZcIcSzMoacgmsYegjJYUWu7Cl2hUrLN2Rh05gA%2FW3Zb6b3ztVeXyFp7Ep08N2SVKcKtj1TljFvWrnnVBY6YlvFOzOhZKypZKYllrlwQ6PJ7t7X9JjWBT7B%2Bbta7UTiQIEOuzw%2BzW5r5WBHOVEK%2F%2FxZTNZjpsKxH%2Fwi%2FggyVa7U555CGV%2F6L1iWAH7PtbCNVu0bPlyJvXCXg5D7I3kky1sTmaSdN3TDa12vjjxY0noJoNtc%2FrjQ%2BQkTojGFt2Th%2FcP%2FwICRTMW&pcode-icookie=f4oGgasDYHs2yb98uO49Pj%2BhCrthawTUnRzZ7hprBv2jnRek96x31rBCHVg%2FQZIrstVFVndF%2BWn5OVENdH2EoXy7V64%3D&imp-id=3&enable-flat-highlight=1&comboblock-unencoded-vast=1&test-tag=246290604621826&ad-session-id=2508161674376558375&target-id=90472574&tga-with-creatives=1&top-ancestor=https%3A%2F%2Fgoo.su&top-ancestor-undetermined=0&pcode-version=709056&pcodever=709056&flash-ver=0&available-width=145&skip-token=yabs.NzIwNTc2MDcyMTQ3MjEzODcKNzIwNTc2MDcyMTQ2MDQ2MjkKNzIwNTc2MDcxNjE0MDM0NTc%3D&layout-config=%7B%22win_width%22%3A1280%2C%22win_height%22%3A939%2C%22pixel_ratio%22%3A1%2C%22bandwidth%22%3A-1%2C%22isInIframe%22%3Afalse%2C%22w%22%3A1268%2C%22h%22%3A939%2C%22width%22%3A145%2C%22height%22%3A0%2C%22visible%22%3A1%2C%22fullscreenHeaderHeight%22%3A80%2C%22left%22%3A561%2C%22top%22%3A327%2C%22ad_no%22%3A3%2C%22darkTheme%22%3Afalse%2C%22req_no%22%3A1%7D&grab-orig-len=384&grab=eyJncmFiX3ZlcnNpb24iOjIsImlzX2FzeW5jIjoxLCJvbGRfZ3JhYl9zaXplIjo1Nn0Kgq6-kTvf80MM9dSIvWpXyDVKKJWAv3dMTrXf_RCJBARtWiSSJVXo23A4YeY8-OPWXpz1OEmSuvgwzkkG-114gvShwyVzD5l2vhdm6JALc4nLZXbCZcKiVHWVqsa84yBy4RbzMSRjYGW68Y3mfg49jQ8pQjU4-GfElzUpMZeUi6GSR07MWczGaz7RJ-eusvVSybEuT2SxZq26n1jNhkO3eH7OPuXMzjrf7LHPYkNozC2OGZnIHp3eeOAfQUXZfOVfixc0G7Xen9VvXcBDK1MqM2lNyB1g7Gi_ApI2EAhEZASpR2QA2yhMVBSQgv8%3D&uniformat=true&callback=Ya%5B6322942734537%5D
87.250.250.90200 OK 0 B URL HTTP/2 an.yandex.ru/meta/1677322?target-ref=https%3A%2F%2Fgoo.su%2FjYgQrdi&charset=utf-8&pcode-test-ids=657519%2C0%2C73%3B706837%2C0%2C70%3B685674%2C0%2C23%3B672577%2C0%2C10%3B705194%2C0%2C56%3B709056%2C0%2C96%3B681853%2C0%2C60&pcode-flags-map=eJytWG1v2zYQ%2FiuDPxedXimp3yiJsjlLlEZSTtyiINzWTQIk6dCmRbYi%2F31HUbYlOaGTbkAQ2ILu4fFennvOP2d0zmpOVEWFILnKscSqwRxXQhU1Vyuak1pRprK6SuvZm3c%2FZz8219%2B3szez7f1fs1ezu%2B23O%2FoJvoaJE4Th7OH9q9kKC8XJny0RUq0q3KiC15XCuRjZS96SIQByIy92OgDCcFqSyeHwoaCMSgL%2BZUuxqKU6o3JRt1Jh8F0Km3coDFHsvxj8%2F0DGZakaXudtJsXxMS%2BDJgD5wrwMQHRe4MwzSIUqcUrKDgpAUswY4fbsIN8PoqEvjJwpsQRr%2BNOANc4JV02J1xOoqUNx6CXJ3iHKGjwnSkiaLdcqp0KD513UUp3avKjP4TEnmVSClOUImpw3Y%2BjI9Q7QrRh7yTBrWvstEzdygj2AXHCIFuFch6lQouUrsoaQQxLnigrFoExWuKT5CVAPhfEeFOc6%2Bmtdtz2SrE2b9D1jBYucKIijQzqlKTnCBa3ZyDJykB%2FEY9vYDd3OtmW0T5guAVw1Q9O7r9%2B3A7PAi%2F3ENKaOqBBdzUxsplkeGEFxCEKYqlNBIICT4rjdfLjejix95CXmhgU9B2JiakHofCEVk%2FYjg9BPzPXWmOXkXPFW5XWFKbMSlxN5Ptqfl%2FJ6Cc7CWWrOJ5mdWrpRGKNHD9SFLDlNreae6yBTbG8J81TRQs2f0Rxoh1bQE1bbwA16suxs%2B75Rac11UjnOaSt%2BeybCGmu%2FjcPQeGd4bWW8MPCjPs55oatWNDWDwpC0IlDVI1PPcZyxbeD45s5NVudEt4AgzEqDYRACTF9Kmg040bW7O09pErCaB1HkHZtDQ8P%2FM91EUJ2%2FgrBzACigHWXLdx63LgnmTFV63q4wp3hyb290aOg4fZQbTmtO5VqlayB%2BctbU3B4wFKG%2B93Z10RNoJqzUHAL9xYOKBIrLMLAf0HCWQZaEhSXCxA9dd2TbVbHYT%2BkGmI%2ByuR0kCAPjeVa3TEIpy3VDlG%2F3GhgxHKSn4hnESdCUlhA1%2B3FJhJ60VDXM1xLm0onTdxhVW0pqZqkCgi0ozDGqL1HgzN7NSexF0cCPHsRMeRgPUGx6sKYgGnTHSF6X5Ykp63iBb6puznHq2d%2BFEnUO7ypB3478DV3Psb3%2FSOe74RMWu%2BJYkG78cJITARrU6p8beshY63HOSQGcswDFMaeZ3S72e4LtJi2vdAdxwnZzr%2BEktVM8Ao723FErwQzkUNcMumlBIB%2BatkXG9YQTwspEyE3cwPgzMMJNo68yh9awG3tuEo48WVDZXWMABsFcytruhR953khVZk2lKpJTrAAES7rqhrwdI%2FHHWj1rsv%2BMMRHOOSkwdNQLNXMQOgiNwiQqzKUCadUSDX4qSSFCyMS5xG%2FXna5V3awaWv2cfd7efbysNl8vrm77ar%2F58uHqeis%2Bbq6vbi9mb7yHkXwOnV7UDN2B0aXSUnd1ScfC793sZnN1%2Ffrrd%2FDt783tp%2B09fP796mZzsf02enSxuemefPpne2te3%2Fy4uvtiPt683n95%2F7g3B5k7ib5RvbUWzp3EVaI8EfnIjXrGybR6r1nfabjQPE4LWCqJWRPsLRfFCUr2crPgFGDKtTL2tGuYF9inyyM6O7JAid%2F35cDipQswipLAifYoMOtzjVDZT44D5E5PNo1kP8vzHG%2FKJFqvPosBYhS4%2Fo4XQfbBagpXhcZQvucYHdrNPSMpj5fDI7wo9o9vIef2O0Ca4oPVYawJ1cDIBPUAW%2FOKVFPdMfv8Td19%2Bf7xcrK4ObE3XU%2FNaHkkj%2F1yfyI5sLf1BCWI3NNRt66ytkpPBAVUwajjYQttlOTdCD8lKlCSBL45euJ4UdZ6YcuVueYJkLhvyKdAujofB%2FfqXt1s7tXl9uri8u6ZcIcSzMoacgmsYegjJYUWu7Cl2hUrLN2Rh05gA%2FW3Zb6b3ztVeXyFp7Ep08N2SVKcKtj1TljFvWrnnVBY6YlvFOzOhZKypZKYllrlwQ6PJ7t7X9JjWBT7B%2Bbta7UTiQIEOuzw%2BzW5r5WBHOVEK%2F%2FxZTNZjpsKxH%2Fwi%2FggyVa7U555CGV%2F6L1iWAH7PtbCNVu0bPlyJvXCXg5D7I3kky1sTmaSdN3TDa12vjjxY0noJoNtc%2FrjQ%2BQkTojGFt2Th%2FcP%2FwICRTMW&pcode-icookie=f4oGgasDYHs2yb98uO49Pj%2BhCrthawTUnRzZ7hprBv2jnRek96x31rBCHVg%2FQZIrstVFVndF%2BWn5OVENdH2EoXy7V64%3D&imp-id=3&enable-flat-highlight=1&comboblock-unencoded-vast=1&test-tag=246290604621826&ad-session-id=2508161674376558375&target-id=90472574&tga-with-creatives=1&top-ancestor=https%3A%2F%2Fgoo.su&top-ancestor-undetermined=0&pcode-version=709056&pcodever=709056&flash-ver=0&available-width=145&skip-token=yabs.NzIwNTc2MDcyMTQ3MjEzODcKNzIwNTc2MDcyMTQ2MDQ2MjkKNzIwNTc2MDcxNjE0MDM0NTc%3D&layout-config=%7B%22win_width%22%3A1280%2C%22win_height%22%3A939%2C%22pixel_ratio%22%3A1%2C%22bandwidth%22%3A-1%2C%22isInIframe%22%3Afalse%2C%22w%22%3A1268%2C%22h%22%3A939%2C%22width%22%3A145%2C%22height%22%3A0%2C%22visible%22%3A1%2C%22fullscreenHeaderHeight%22%3A80%2C%22left%22%3A561%2C%22top%22%3A327%2C%22ad_no%22%3A3%2C%22darkTheme%22%3Afalse%2C%22req_no%22%3A1%7D&grab-orig-len=384&grab=eyJncmFiX3ZlcnNpb24iOjIsImlzX2FzeW5jIjoxLCJvbGRfZ3JhYl9zaXplIjo1Nn0Kgq6-kTvf80MM9dSIvWpXyDVKKJWAv3dMTrXf_RCJBARtWiSSJVXo23A4YeY8-OPWXpz1OEmSuvgwzkkG-114gvShwyVzD5l2vhdm6JALc4nLZXbCZcKiVHWVqsa84yBy4RbzMSRjYGW68Y3mfg49jQ8pQjU4-GfElzUpMZeUi6GSR07MWczGaz7RJ-eusvVSybEuT2SxZq26n1jNhkO3eH7OPuXMzjrf7LHPYkNozC2OGZnIHp3eeOAfQUXZfOVfixc0G7Xen9VvXcBDK1MqM2lNyB1g7Gi_ApI2EAhEZASpR2QA2yhMVBSQgv8%3D&uniformat=true&callback=Ya%5B6322942734537%5D
IP 87.250.250.90:0
GET /meta/1677322?target-ref=https%3A%2F%2Fgoo.su%2FjYgQrdi&charset=utf-8&pcode-test-ids=657519%2C0%2C73%3B706837%2C0%2C70%3B685674%2C0%2C23%3B672577%2C0%2C10%3B705194%2C0%2C56%3B709056%2C0%2C96%3B681853%2C0%2C60&pcode-flags-map=eJytWG1v2zYQ%2FiuDPxedXimp3yiJsjlLlEZSTtyiINzWTQIk6dCmRbYi%2F31HUbYlOaGTbkAQ2ILu4fFennvOP2d0zmpOVEWFILnKscSqwRxXQhU1Vyuak1pRprK6SuvZm3c%2FZz8219%2B3szez7f1fs1ezu%2B23O%2FoJvoaJE4Th7OH9q9kKC8XJny0RUq0q3KiC15XCuRjZS96SIQByIy92OgDCcFqSyeHwoaCMSgL%2BZUuxqKU6o3JRt1Jh8F0Km3coDFHsvxj8%2F0DGZakaXudtJsXxMS%2BDJgD5wrwMQHRe4MwzSIUqcUrKDgpAUswY4fbsIN8PoqEvjJwpsQRr%2BNOANc4JV02J1xOoqUNx6CXJ3iHKGjwnSkiaLdcqp0KD513UUp3avKjP4TEnmVSClOUImpw3Y%2BjI9Q7QrRh7yTBrWvstEzdygj2AXHCIFuFch6lQouUrsoaQQxLnigrFoExWuKT5CVAPhfEeFOc6%2Bmtdtz2SrE2b9D1jBYucKIijQzqlKTnCBa3ZyDJykB%2FEY9vYDd3OtmW0T5guAVw1Q9O7r9%2B3A7PAi%2F3ENKaOqBBdzUxsplkeGEFxCEKYqlNBIICT4rjdfLjejix95CXmhgU9B2JiakHofCEVk%2FYjg9BPzPXWmOXkXPFW5XWFKbMSlxN5Ptqfl%2FJ6Cc7CWWrOJ5mdWrpRGKNHD9SFLDlNreae6yBTbG8J81TRQs2f0Rxoh1bQE1bbwA16suxs%2B75Rac11UjnOaSt%2BeybCGmu%2FjcPQeGd4bWW8MPCjPs55oatWNDWDwpC0IlDVI1PPcZyxbeD45s5NVudEt4AgzEqDYRACTF9Kmg040bW7O09pErCaB1HkHZtDQ8P%2FM91EUJ2%2FgrBzACigHWXLdx63LgnmTFV63q4wp3hyb290aOg4fZQbTmtO5VqlayB%2BctbU3B4wFKG%2B93Z10RNoJqzUHAL9xYOKBIrLMLAf0HCWQZaEhSXCxA9dd2TbVbHYT%2BkGmI%2ByuR0kCAPjeVa3TEIpy3VDlG%2F3GhgxHKSn4hnESdCUlhA1%2B3FJhJ60VDXM1xLm0onTdxhVW0pqZqkCgi0ozDGqL1HgzN7NSexF0cCPHsRMeRgPUGx6sKYgGnTHSF6X5Ykp63iBb6puznHq2d%2BFEnUO7ypB3478DV3Psb3%2FSOe74RMWu%2BJYkG78cJITARrU6p8beshY63HOSQGcswDFMaeZ3S72e4LtJi2vdAdxwnZzr%2BEktVM8Ao723FErwQzkUNcMumlBIB%2BatkXG9YQTwspEyE3cwPgzMMJNo68yh9awG3tuEo48WVDZXWMABsFcytruhR953khVZk2lKpJTrAAES7rqhrwdI%2FHHWj1rsv%2BMMRHOOSkwdNQLNXMQOgiNwiQqzKUCadUSDX4qSSFCyMS5xG%2FXna5V3awaWv2cfd7efbysNl8vrm77ar%2F58uHqeis%2Bbq6vbi9mb7yHkXwOnV7UDN2B0aXSUnd1ScfC793sZnN1%2Ffrrd%2FDt783tp%2B09fP796mZzsf02enSxuemefPpne2te3%2Fy4uvtiPt683n95%2F7g3B5k7ib5RvbUWzp3EVaI8EfnIjXrGybR6r1nfabjQPE4LWCqJWRPsLRfFCUr2crPgFGDKtTL2tGuYF9inyyM6O7JAid%2F35cDipQswipLAifYoMOtzjVDZT44D5E5PNo1kP8vzHG%2FKJFqvPosBYhS4%2Fo4XQfbBagpXhcZQvucYHdrNPSMpj5fDI7wo9o9vIef2O0Ca4oPVYawJ1cDIBPUAW%2FOKVFPdMfv8Td19%2Bf7xcrK4ObE3XU%2FNaHkkj%2F1yfyI5sLf1BCWI3NNRt66ytkpPBAVUwajjYQttlOTdCD8lKlCSBL45euJ4UdZ6YcuVueYJkLhvyKdAujofB%2FfqXt1s7tXl9uri8u6ZcIcSzMoacgmsYegjJYUWu7Cl2hUrLN2Rh05gA%2FW3Zb6b3ztVeXyFp7Ep08N2SVKcKtj1TljFvWrnnVBY6YlvFOzOhZKypZKYllrlwQ6PJ7t7X9JjWBT7B%2Bbta7UTiQIEOuzw%2BzW5r5WBHOVEK%2F%2FxZTNZjpsKxH%2Fwi%2FggyVa7U555CGV%2F6L1iWAH7PtbCNVu0bPlyJvXCXg5D7I3kky1sTmaSdN3TDa12vjjxY0noJoNtc%2FrjQ%2BQkTojGFt2Th%2FcP%2FwICRTMW&pcode-icookie=f4oGgasDYHs2yb98uO49Pj%2BhCrthawTUnRzZ7hprBv2jnRek96x31rBCHVg%2FQZIrstVFVndF%2BWn5OVENdH2EoXy7V64%3D&imp-id=3&enable-flat-highlight=1&comboblock-unencoded-vast=1&test-tag=246290604621826&ad-session-id=2508161674376558375&target-id=90472574&tga-with-creatives=1&top-ancestor=https%3A%2F%2Fgoo.su&top-ancestor-undetermined=0&pcode-version=709056&pcodever=709056&flash-ver=0&available-width=145&skip-token=yabs.NzIwNTc2MDcyMTQ3MjEzODcKNzIwNTc2MDcyMTQ2MDQ2MjkKNzIwNTc2MDcxNjE0MDM0NTc%3D&layout-config=%7B%22win_width%22%3A1280%2C%22win_height%22%3A939%2C%22pixel_ratio%22%3A1%2C%22bandwidth%22%3A-1%2C%22isInIframe%22%3Afalse%2C%22w%22%3A1268%2C%22h%22%3A939%2C%22width%22%3A145%2C%22height%22%3A0%2C%22visible%22%3A1%2C%22fullscreenHeaderHeight%22%3A80%2C%22left%22%3A561%2C%22top%22%3A327%2C%22ad_no%22%3A3%2C%22darkTheme%22%3Afalse%2C%22req_no%22%3A1%7D&grab-orig-len=384&grab=eyJncmFiX3ZlcnNpb24iOjIsImlzX2FzeW5jIjoxLCJvbGRfZ3JhYl9zaXplIjo1Nn0Kgq6-kTvf80MM9dSIvWpXyDVKKJWAv3dMTrXf_RCJBARtWiSSJVXo23A4YeY8-OPWXpz1OEmSuvgwzkkG-114gvShwyVzD5l2vhdm6JALc4nLZXbCZcKiVHWVqsa84yBy4RbzMSRjYGW68Y3mfg49jQ8pQjU4-GfElzUpMZeUi6GSR07MWczGaz7RJ-eusvVSybEuT2SxZq26n1jNhkO3eH7OPuXMzjrf7LHPYkNozC2OGZnIHp3eeOAfQUXZfOVfixc0G7Xen9VvXcBDK1MqM2lNyB1g7Gi_ApI2EAhEZASpR2QA2yhMVBSQgv8%3D&uniformat=true&callback=Ya%5B6322942734537%5D HTTP/1.1
Host: an.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Origin: https://goo.su
Connection: keep-alive
Referer: https://goo.su/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
uniformat: true
uniformat-product-type: Direct
content-encoding: gzip
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
access-control-allow-origin: https://goo.su
x-xss-protection: 1; mode=block
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
x-yandex-req-id: 1674376559964074-1499523218548492086900127-production-app-host-vla-pcode-358
last-modified: Sun, 22 Jan 2023 08:36:00 GMT
date: Sun, 22 Jan 2023 08:36:00 GMT
set-cookie: yabs-vdrf=A0; domain=an.yandex.ru; path=/; expires=Sun, 29-Jan-2023 08:35:59 GMT
i=lJVGS4niHYmMbxzi2h18lUNHEz73Rxtibi8PuAWdI9U2V/NXHps2yTc8lYtqWOo+KlxrHxCFI6epVKw277vpEy5mwZI=; Expires=Tue, 21-Jan-2025 08:35:59 GMT; Domain=.yandex.ru; Path=/; Secure; HttpOnly; SameSite=None
content-type: application/json
pragma: no-cache
access-control-allow-credentials: true
timing-allow-origin: *
ssr: true
strict-transport-security: max-age=31536000
expires: Sun, 22 Jan 2023 08:36:00 GMT
X-Firefox-Spdy: h2