goo.su Open in urlscan Pro
2606:4700:3036::ac43:8b69 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://goo.su/XgkQ
Submission: On September 28 via api (September 28th 2024, 12:41:17 pm UTC) from JP — Scanned from JP

Summary HTTP 56 Redirects Behaviour Indicators

Summary

This website contacted 15 IPs in 3 countries across 11 domains to perform 56 HTTP transactions. The main IP is 2606:4700:3036::ac43:8b69, located in United States and belongs to CLOUDFLARENET, US. The main domain is goo.su. The Cisco Umbrella rank of the primary domain is 471356.
TLS certificate: Issued by WE1 on September 25th 2024. Valid for: 3 months.

This is the only time goo.su was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	2606:4700:303... 2606:4700:3036::ac43:8b69	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	172.67.139.105 172.67.139.105	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2404:6800:400... 2404:6800:4008:c04::5f	15169 (GOOGLE) (GOOGLE)
8	2a02:6b8::90 2a02:6b8::90	13238 (YANDEX) (YANDEX)
3	172.217.161.67 172.217.161.67	15169 (GOOGLE) (GOOGLE)
3	95.163.52.67 95.163.52.67	47764 (VK-AS) (VK-AS)
1 2	88.212.201.198 88.212.201.198	39134 (UNITEDNET) (UNITEDNET)
1	91.240.171.29 91.240.171.29	57363 (CDNVIDEO-AS) (CDNVIDEO-AS)
3	2a00:1148:100... 2a00:1148:1000:101:8:3:0:17	47764 (VK-AS) (VK-AS)
2	81.19.89.17 81.19.89.17	24638 (RAMBLER-T...) (RAMBLER-TELECOM-AS)
7	2a02:6b8:20::215 2a02:6b8:20::215	13238 (YANDEX) (YANDEX)
6	2a02:6b8:a::a 2a02:6b8:a::a	13238 (YANDEX) (YANDEX)
3	2a02:6b8::184 2a02:6b8::184	13238 (YANDEX) (YANDEX)
4	2a02:6b8::36 2a02:6b8::36	13238 (YANDEX) (YANDEX)
56	15

1 2606:4700:3036::ac43:8b69 (United States)

ASN13335 (CLOUDFLARENET, US)

goo.su	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.67.139.105 (United States)

ASN13335 (CLOUDFLARENET, US)

goo.su	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2404:6800:4008:c04::5f (Taipei, Taiwan)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a02:6b8::90 (Moscow, Russian Federation)

ASN13238 (YANDEX, RU)

an.yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 172.217.161.67 (United States)

ASN15169 (GOOGLE, US)
PTR: nrt20s09-in-f3.1e100.net

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 95.163.52.67 (Russian Federation)

ASN47764 (VK-AS, RU)
PTR: top-fwz1.mail.ru

top-fwz1.mail.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 88.212.201.198 (Russian Federation) 1 redirects

ASN39134 (UNITEDNET, RU)
PTR: host198.rax.ru

counter.yadro.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 91.240.171.29 (Russian Federation)

ASN57363 (CDNVIDEO-AS, RU)

st.top100.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1148:1000:101:8:3:0:17 (Russian Federation)

ASN47764 (VK-AS, RU)

privacy-cs.mail.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 81.19.89.17 (Russian Federation)

ASN24638 (RAMBLER-TELECOM-AS, RU)
PTR: kraken.rambler.ru

kraken.rambler.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a02:6b8:20::215 (Moscow, Russian Federation)

ASN13238 (YANDEX, RU)

yastatic.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a02:6b8:a::a (Moscow, Russian Federation)

ASN13238 (YANDEX, RU)

yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a02:6b8::184 (Moscow, Russian Federation)

ASN13238 (YANDEX, RU)

avatars.mds.yandex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a02:6b8::36 (Moscow, Russian Federation)

ASN13238 (YANDEX, RU)

favicon.yandex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
14	yandex.ru an.yandex.ru — Cisco Umbrella Rank: 5705 yandex.ru — Cisco Umbrella Rank: 1714 mc.yandex.ru Failed	175 KB
7	yandex.net avatars.mds.yandex.net — Cisco Umbrella Rank: 7151 favicon.yandex.net — Cisco Umbrella Rank: 9063	28 KB
7	yastatic.net yastatic.net — Cisco Umbrella Rank: 6091	195 KB
6	mail.ru top-fwz1.mail.ru — Cisco Umbrella Rank: 10090 privacy-cs.mail.ru — Cisco Umbrella Rank: 16044	63 KB
3	gstatic.com fonts.gstatic.com	47 KB
3	goo.su goo.su — Cisco Umbrella Rank: 471356	42 KB
2	rambler.ru kraken.rambler.ru — Cisco Umbrella Rank: 43303	2 KB
2	yadro.ru 1 redirects counter.yadro.ru — Cisco Umbrella Rank: 12870	1 KB
2	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 46	3 KB
1	top100.ru st.top100.ru — Cisco Umbrella Rank: 60807	39 KB
0	0xq3zog9vuwhxct.xyz Failed 0xq3zog9vuwhxct.xyz Failed
56	11

	Domain	Requested by
8	an.yandex.ru	goo.su an.yandex.ru
7	yastatic.net	an.yandex.ru yastatic.net
6	yandex.ru	an.yandex.ru privacy-cs.mail.ru yastatic.net
4	favicon.yandex.net	goo.su
3	avatars.mds.yandex.net	goo.su
3	privacy-cs.mail.ru	top-fwz1.mail.ru privacy-cs.mail.ru
3	top-fwz1.mail.ru	goo.su top-fwz1.mail.ru
3	fonts.gstatic.com	fonts.googleapis.com
3	goo.su	goo.su
2	kraken.rambler.ru	st.top100.ru goo.su
2	counter.yadro.ru	1 redirects goo.su
2	fonts.googleapis.com	goo.su
1	st.top100.ru	goo.su
0	0xq3zog9vuwhxct.xyz Failed	goo.su
0	mc.yandex.ru Failed	an.yandex.ru
56	15

This site contains no links.

Subject Issuer	Validity	Valid
goo.su WE1	`2024-09-25` - `2024-12-24`	3 months	crt.sh
upload.video.google.com WR2	`2024-08-26` - `2024-11-18`	3 months	crt.sh
bs.yandex.ru GlobalSign ECC OV SSL CA 2018	`2024-08-27` - `2025-02-25`	6 months	crt.sh
*.gstatic.com WR2	`2024-08-26` - `2024-11-18`	3 months	crt.sh
*.mail.ru GlobalSign ECC OV SSL CA 2018	`2023-10-06` - `2024-11-06`	a year	crt.sh
*.top100.ru GlobalSign GCC R3 DV TLS CA 2020	`2024-02-14` - `2025-03-17`	a year	crt.sh
*.rambler.ru GlobalSign GCC R3 DV TLS CA 2020	`2024-05-02` - `2025-06-03`	a year	crt.sh
*.yastatic-net.ru GlobalSign ECC OV SSL CA 2018	`2024-05-20` - `2024-11-17`	6 months	crt.sh
*.xn--d1acpjx3f.xn--p1ai GlobalSign ECC OV SSL CA 2018	`2024-07-12` - `2025-01-09`	6 months	crt.sh
*.avatars.mds.yandex.net GlobalSign RSA OV SSL CA 2018	`2024-03-20` - `2024-10-20`	7 months	crt.sh
favicon.yandex.net GlobalSign ECC OV SSL CA 2018	`2024-07-23` - `2024-12-22`	5 months	crt.sh

This page contains 2 frames:

Frame: https://0xq3zog9vuwhxct.xyz/?e=kayn33335@gmail.com
Frame ID: 8B19029463D151C55EB84A8DF5A54B9C
Requests: 55 HTTP requests in this frame

Frame: https://yastatic.net/safeframe-bundles/0.83/1-1-0/render.html
Frame ID: BDC93823AC3994C3E587B08074C13AF9
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

0xq3zog9vuwhxct.xyz

Detected technologies

Yandex.Direct (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://an\.yandex\.ru/

Page Statistics

56
Requests

80 %
HTTPS

57 %
IPv6

11
Domains

15
Subdomains

15
IPs

3
Countries

594 kB
Transfer

2157 kB
Size

23
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 10

https://counter.yadro.ru/hit?t44.11;r;s1600*1200*24;uhttps%3A//goo.su/XgkQ;h%u041F%u0440%u043E%u0438%u0441%u0445%u043E%u0434%u0438%u0442%20%u043F%u0435%u0440%u0435%u043D%u0430%u043F%u0440%u0430%u0432%u043B%u0435%u043D%u0438%u0435;0.9223692937919503 HTTP 302
https://counter.yadro.ru/hit?q;t44.11;r;s1600*1200*24;uhttps%3A//goo.su/XgkQ;h%u041F%u0440%u043E%u0438%u0441%u0445%u043E%u0434%u0438%u0442%20%u043F%u0435%u0440%u0435%u043D%u0430%u043F%u0440%u0430%u0432%u043B%u0435%u043D%u0438%u0435;0.9223692937919503

56 HTTP transactions
5 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request XgkQ Show response
goo.su/ 20 KB
10 KB 1173ms
1158ms Document
text/html 2606:4700:3036::ac43:8b69
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://goo.su/XgkQ
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700:3036::ac43:8b69 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/8.2.13
Resource Hash: 8465c026bde37f2f0f2471b5f117797f891e654dabd41285d3629398f7739d1e

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

cache-control: private, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 8ca3ce411c18f651-NRT
content-encoding: br
content-type: text/html; charset=UTF-8
date: Sat, 28 Sep 2024 12:41:06 GMT
expires: -1
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=mwwr49eHIqOTeKFdIMib7rTqY5sOni3zxmID1PCDZrjAvwITo3053dOVSydJLf%2FQoHAs0Ev0ap9RGDkDNrETv2AJ99DW1c3MqVBfhxWmETmkg3TvOG0oZPSZSmZ3Pg%2BL4jnAxo0%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
speculation-rules: "/cdn-cgi/speculation"
vary: Accept-Encoding
x-powered-by: PHP/8.2.13

GET
H3 200 speculation
goo.su/cdn-cgi/ 128 B
578 B 25ms
24ms Other
application/speculationrules+json 172.67.139.105
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://goo.su/cdn-cgi/speculation
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.139.105 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 11a2142988720cd49ff000e5d488493947b3d34821301c5a706b3495b8381f7d

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://goo.su
Referer: https://goo.su/XgkQ

Response headers

nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=MolWokRQ50y%2FxPtsJQHHQk6rPYE2xhIPy%2BikD2lIZpMt4kNNGVWUPlumX8oTmLUJGfd3sAT5MqaQu5f%2F5LYRYF00TXMT9GvamROR24sFa8UugOfnPZPjgxg%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8ca3ce486e667969-NRT
access-control-allow-origin: https://goo.su
alt-svc: h3=":443"; ma=86400
content-length: 128
date: Sat, 28 Sep 2024 12:41:06 GMT
content-type: application/speculationrules+json
vary: Origin, Accept-Encoding
server: cloudflare

GET
H2 200 css
fonts.googleapis.com/ 6 KB
2 KB 123ms
40ms Stylesheet
text/css 2404:6800:4008:c04::5f
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open%20Sans:400&display=swap

Requested by

Host: goo.su
URL: https://goo.su/XgkQ

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4008:c04::5f Taipei, Taiwan, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

12eebba255ce6f856459cab6b183b507be0417a322f46faf7dd71b3c4b0eec27

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://goo.su/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Sat, 28 Sep 2024 12:41:06 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sat, 28 Sep 2024 12:41:06 GMT
content-type: text/css; charset=utf-8
last-modified: Sat, 28 Sep 2024 12:41:06 GMT
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-xss-protection: 0
server: ESF

GET
H2 200 css
fonts.googleapis.com/ 2 KB
1016 B 121ms
39ms Stylesheet
text/css 2404:6800:4008:c04::5f
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:400&display=swap

Requested by

Host: goo.su
URL: https://goo.su/XgkQ

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4008:c04::5f Taipei, Taiwan, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

ec34b6213ac38d00a879e30fe141b37c9ba2ea49c7c9efbd7a35e8fddfcee2ee

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://goo.su/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Sat, 28 Sep 2024 12:41:06 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sat, 28 Sep 2024 12:41:06 GMT
content-type: text/css; charset=utf-8
last-modified: Sat, 28 Sep 2024 12:41:06 GMT
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-xss-protection: 0
server: ESF

GET
H3 200 redirect.js Show response
goo.su/frontend/js/ 86 KB
31 KB 28ms
27ms Script
application/javascript 172.67.139.105
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://goo.su/frontend/js/redirect.js?id=399eaf833ac5f607b305c4ace0c25eb5
Requested by: Host: goo.su
URL: https://goo.su/XgkQ
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.139.105 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 237a9a5d407ec860020474b01d73aaf1ca71ba2519c8ca92dba2ec81cf479d0b

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://goo.su/XgkQ

Response headers

content-encoding: br
cf-bgj: minify
etag: W/"65896ec2-156eb"
age: 388869
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=fVyHtdAKmtcuJ5mVjoqR8f%2F66QJQRwwJMaN6KDctH7zuE86IiAeGvPUJEco0Koff7O2HqrghrWLtKjkTD%2BdDt0JlTU2LXxem7nSehUbotLdMmmrntM%2BcVXM%3D"}],"group":"cf-nel","max_age":604800}
expires: Tue, 01 Oct 2024 00:39:56 GMT
cf-polished: origSize=87787
alt-svc: h3=":443"; ma=86400
date: Sat, 28 Sep 2024 12:41:06 GMT
content-type: application/javascript
last-modified: Mon, 25 Dec 2023 12:00:02 GMT
vary: Accept-Encoding
cache-control: max-age=604800
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8ca3ce48ae9c7969-NRT
server: cloudflare

GET
DATA 200
OK truncated
/ 5 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 52a8d3417ef880bed0286137f27374248962272a0872cbedae0e61dd38b1a5bd

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: image/png

GET
H2 200 context.js Show response
an.yandex.ru/system/ 373 KB
106 KB 956ms
319ms Script
text/javascript 2a02:6b8::90
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://an.yandex.ru/system/context.js

Requested by

Host: goo.su
URL: https://goo.su/XgkQ

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::90 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

388b37d634c70c67b3c1297339e1a2f37d3bbd560161e2b5c2a023e0ed267155

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://goo.su/

Response headers

strict-transport-security: max-age=31536000
x-robots-tag: noindex, noarchive, nofollow
x-yandex-req-id: 1727527267557114-1118618982673424250600315-production-app-host-sas-pcode-545
cache-control: private, max-age=3600
timing-allow-origin: *
content-encoding: br
etag: "78da15a7c506bdfde752608617d3c473-1124850"
expires: Sat, 28 Sep 2024 13:41:07 GMT
access-control-allow-origin: *
content-type: text/javascript; charset=utf-8

GET
H3 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v32/ 18 KB
18 KB 44ms
6ms Font
font/woff2 172.217.161.67
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v32/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400&display=swap

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.161.67 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt20s09-in-f3.1e100.net

Software

sffe /

Resource Hash

89978e658e840b927dddb5cb3a835c7d8526ece79933bd9f3096b301fe1a8571

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://goo.su
Referer: https://fonts.googleapis.com/

Response headers

age: 214775
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Fri, 26 Sep 2025 01:01:31 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Thu, 26 Sep 2024 01:01:31 GMT
last-modified: Thu, 01 Aug 2024 20:41:24 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 18536
x-xss-protection: 0
server: sffe

GET
H3 200 memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4gaVI.woff2
fonts.gstatic.com/s/opensans/v40/ 18 KB
18 KB 44ms
6ms Font
font/woff2 172.217.161.67
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v40/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4gaVI.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open%20Sans:400&display=swap

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.161.67 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt20s09-in-f3.1e100.net

Software

sffe /

Resource Hash

e7af9d60d875eb1c1b1037bbbfdec41fcb096d0ebcf98a48717ad8b07906ced6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://goo.su
Referer: https://fonts.googleapis.com/

Response headers

age: 180175
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Fri, 26 Sep 2025 10:38:11 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Thu, 26 Sep 2024 10:38:11 GMT
last-modified: Thu, 14 Dec 2023 02:00:39 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 18668
x-xss-protection: 0
server: sffe

GET
DATA 200
OK truncated
/ 2 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c7a987be3cbd97bc18f5c4dac63af0993a04e647ee2504812471192f423e591d

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: image/svg+xml

GET
H2 200 code.js Show response
top-fwz1.mail.ru/js/ 46 KB
20 KB 1262ms
625ms Script
application/javascript 95.163.52.67
VK-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://top-fwz1.mail.ru/js/code.js

Requested by

Host: goo.su
URL: https://goo.su/XgkQ

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

95.163.52.67 , Russian Federation, ASN47764 (VK-AS, RU),

Reverse DNS

top-fwz1.mail.ru

Software

nginx /

Resource Hash

557f3d629cbf8c40716f4c9d7c0147dc3f904ab7bc90b75b43bdf46ff79aad51

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://goo.su/

Response headers

access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
content-encoding: gzip
etag: W/"66f68af3-b7eb"
access-control-allow-methods: GET, POST, HEAD, PUT, OPTIONS
x-content-type-options: nosniff
accept-ch-lifetime: 86400
expires: Sat, 28 Sep 2024 13:41:07 GMT
p3p: CP="NOI DSP COR NID CUR PSA OUR NOR"
date: Sat, 28 Sep 2024 12:41:07 GMT
content-type: application/javascript
last-modified: Fri, 27 Sep 2024 10:37:39 GMT
access-control-allow-headers: *
cache-control: max-age=3600, private
timing-allow-origin: *
accept-ch: DPR, Width, Viewport-Width, Downlink, Device-Memory, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version
access-control-allow-credentials: true
amp-access-control-allow-source-origin: *
access-control-allow-origin: *
server: nginx

GET
H/1.1

200
OK

hit
counter.yadro.ru/
Redirect Chain

https://counter.yadro.ru/hit?t44.11;r;s1600*1200*24;uhttps%3A//goo.su/XgkQ;h%u041F%u0440%u043E%u0438%u0441%u0445%u043E%u0434%u0438%u0442%20%u043F%u0435%u0440%u0435%u043D%u0430%u043F%u0440%u0430%u04...
https://counter.yadro.ru/hit?q;t44.11;r;s1600*1200*24;uhttps%3A//goo.su/XgkQ;h%u041F%u0440%u043E%u0438%u0441%u0445%u043E%u0434%u0438%u0442%20%u043F%u0435%u0440%u0435%u043D%u0430%u043F%u0440%u0430%u...

132 B
618 B

314ms
313ms

Image
image/gif

88.212.201.198
UNITEDNET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://counter.yadro.ru/hit?q;t44.11;r;s1600*1200*24;uhttps%3A//goo.su/XgkQ;h%u041F%u0440%u043E%u0438%u0441%u0445%u043E%u0434%u0438%u0442%20%u043F%u0435%u0440%u0435%u043D%u0430%u043F%u0440%u0430%u0432%u043B%u0435%u043D%u0438%u0435;0.9223692937919503

Requested by

Host: goo.su
URL: https://goo.su/XgkQ

Protocol

HTTP/1.1

Server

88.212.201.198 , Russian Federation, ASN39134 (UNITEDNET, RU),

Reverse DNS

host198.rax.ru

Software

nginx/1.17.9 /

Resource Hash

e10cd8d343f9c37e3500c69d92f7ac7e78b6c7df29a2ace8cffe71bfa494e8c9

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://goo.su/

Response headers

Strict-Transport-Security: max-age=86400
Cache-control: no-cache
Pragma: no-cache
Connection: keep-alive
Expires: Thu, 28 Sep 2023 21:00:00 GMT
Access-Control-Allow-Origin: *
Content-Length: 132
P3P: policyref="/w3c/p3p.xml", CP="UNI"
Date: Sat, 28 Sep 2024 12:41:08 GMT
Content-Type: image/gif
Server: nginx/1.17.9

Redirect headers

Strict-Transport-Security: max-age=86400
Cache-control: no-cache
Location: https://counter.yadro.ru/hit?q;t44.11;r;s1600*1200*24;uhttps%3A//goo.su/XgkQ;h%u041F%u0440%u043E%u0438%u0441%u0445%u043E%u0434%u0438%u0442%20%u043F%u0435%u0440%u0435%u043D%u0430%u043F%u0440%u0430%u0432%u043B%u0435%u043D%u0438%u0435;0.9223692937919503
Pragma: no-cache
Connection: keep-alive
Expires: Thu, 28 Sep 2023 21:00:00 GMT
Content-Length: 32
P3P: policyref="/w3c/p3p.xml", CP="UNI"
Date: Sat, 28 Sep 2024 12:41:07 GMT
Content-Type: text/html
Server: nginx/1.17.9

GET
H2 200 top100.js Show response
st.top100.ru/top100/ 128 KB
39 KB 1506ms
27ms Script
application/javascript 91.240.171.29
CDNVIDEO-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://st.top100.ru/top100/top100.js
Requested by: Host: goo.su
URL: https://goo.su/XgkQ
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 91.240.171.29 , Russian Federation, ASN57363 (CDNVIDEO-AS, RU),
Reverse DNS
Software: nginx /
Resource Hash: e9e2cdd0b14593792b034dd03f667abbe33e54d6ac792fca694424f779edef2f

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://goo.su/

Response headers

x-amz-content-sha256: e9e2cdd0b14593792b034dd03f667abbe33e54d6ac792fca694424f779edef2f
x-amz-tagging-count: 0
x-cdn-edge-id: 2012
x-cdn-edge-cache: HIT
x-cdn-request-id: e97476a95da48ac6688e44d28fd72a47
content-encoding: gzip
x-amz-meta-s3cmd-attrs: atime:1727434505/ctime:1727434504/gid:0/gname:root/md5:b26220e51cae4662e0c8e6e259947973/mode:33188/mtime:1727434500/uid:0/uname:root
etag: W/"b26220e51cae4662e0c8e6e259947973"
x-amz-request-id: 000001923882840DB026F684860137B0
date: Sat, 28 Sep 2024 12:41:08 GMT
content-type: application/javascript
last-modified: Fri, 27 Sep 2024 10:57:18 GMT
server: nginx
x-reserved: amazon, aws and amazon web services are trademarks or registered trademarks of Amazon Technologies, Inc
x-amz-id-2: 32AAAQAAEAABAAAQAAEAABAAAQAAEAABCSAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA

GET
H3 200 memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4kaVIGxA.woff2
fonts.gstatic.com/s/opensans/v40/ 11 KB
11 KB 36ms
5ms Font
font/woff2 172.217.161.67
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v40/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4kaVIGxA.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open%20Sans:400&display=swap

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.161.67 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt20s09-in-f3.1e100.net

Software

sffe /

Resource Hash

21e75944d3f77408d1f5f2fab67c89c7fc43f4a80a3b8e4dcf38185f9d9f46e6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://goo.su
Referer: https://fonts.googleapis.com/

Response headers

age: 188625
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Fri, 26 Sep 2025 08:17:21 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Thu, 26 Sep 2024 08:17:21 GMT
last-modified: Thu, 14 Dec 2023 02:00:21 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 11116
x-xss-protection: 0
server: sffe

GET
H/1.1 200
OK sync-loader.js Show response
privacy-cs.mail.ru/static/ 151 KB
40 KB 1279ms
505ms Script
application/javascript 2a00:1148:1000:101:8:3:0:17
VK-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://privacy-cs.mail.ru/static/sync-loader.js
Requested by: Host: top-fwz1.mail.ru
URL: https://top-fwz1.mail.ru/js/code.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a00:1148:1000:101:8:3:0:17 , Russian Federation, ASN47764 (VK-AS, RU),
Reverse DNS
Software: nginx /
Resource Hash: 50a0e67fda5042b08e0473f15a1b01be5618e8a10ee417e6c4eb33430157c8db

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://goo.su/

Response headers

Transfer-Encoding: chunked
Cache-Control: max-age=600
Timing-Allow-Origin: *
Content-Encoding: gzip
Connection: keep-alive
Expires: Sat, 28 Sep 2024 12:51:08 GMT
Access-Control-Allow-Origin: *
Date: Sat, 28 Sep 2024 12:41:08 GMT
Content-Type: application/javascript;charset=UTF-8
Server: nginx

GET
H2 200 dyn-goal-config.js Show response
top-fwz1.mail.ru/js/ 3 KB
2 KB 313ms
312ms Script
application/javascript 95.163.52.67
VK-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://top-fwz1.mail.ru/js/dyn-goal-config.js?ids=3128781

Requested by

Host: top-fwz1.mail.ru
URL: https://top-fwz1.mail.ru/js/code.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

95.163.52.67 , Russian Federation, ASN47764 (VK-AS, RU),

Reverse DNS

top-fwz1.mail.ru

Software

nginx /

Resource Hash

0e7e3045519beaff2095d4a64b8dfb1b581013eb5b8f4b3549983c69abe7139b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://goo.su/

Response headers

access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
content-encoding: gzip
access-control-allow-methods: GET, POST, HEAD, PUT, OPTIONS
x-content-type-options: nosniff
accept-ch-lifetime: 86400
expires: Sat, 28 Sep 2024 12:51:08 GMT
p3p: CP="NOI DSP COR NID CUR PSA OUR NOR"
date: Sat, 28 Sep 2024 12:41:08 GMT
content-type: application/javascript; charset=utf-8
access-control-allow-headers: *
cache-control: max-age=600, private
timing-allow-origin: *
accept-ch: DPR, Width, Viewport-Width, Downlink, Device-Memory, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version
access-control-allow-credentials: true
amp-access-control-allow-source-origin: *
access-control-allow-origin: *
server: nginx

GET
H2 200 counter
top-fwz1.mail.ru/ 43 B
1 KB 314ms
314ms Image
image/gif 95.163.52.67
VK-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://top-fwz1.mail.ru/counter?_=0.19600372702766622;id=3128781;u=https%3A//goo.su/XgkQ;title=%D0%9F%D1%80%D0%BE%D0%B8%D1%81%D1%85%D0%BE%D0%B4%D0%B8%D1%82%20%D0%BF%D0%B5%D1%80%D0%B5%D0%BD%D0%B0%D0%BF%D1%80%D0%B0%D0%B2%D0%BB%D0%B5%D0%BD%D0%B8%D0%B5;s=1600*1200;vp=1600*1200;touch=0;hds=1;sid=e1c7503032d0f537;ver=60.6.0;tz=-540%2FAsia%2FTokyo;st=1727527266766;ct=2599/2603/2603//1326;rt=1327/1268/0/0/0/1327/1327/1330/1330/1964/1642/1964/2588/2595;gl=u;ni=10//4g/0/0/;lvid=1727527268039%3A1727527268057%3A1%3Aff8e9f745d8710c90314d2b2703b587a;opts=cnhp%3Dh2%2Ccs%3D19192-47083-19492;visible=true;js=13

Requested by

Host: goo.su
URL: https://goo.su/XgkQ

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

95.163.52.67 , Russian Federation, ASN47764 (VK-AS, RU),

Reverse DNS

top-fwz1.mail.ru

Software

nginx /

Resource Hash

24e480e4659fbae818853a38f8a3036f529f539024dc3e772c0b594ce02ea9db

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://goo.su/

Response headers

access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
access-control-allow-methods: GET, POST, HEAD, PUT, OPTIONS
x-content-type-options: nosniff
accept-ch-lifetime: 86400
p3p: CP="NOI DSP COR NID CUR PSA OUR NOR"
date: Sat, 28 Sep 2024 12:41:08 GMT
content-type: image/gif
access-control-allow-headers: *
cache-control: private, no-cache, no-store, max-age=0
timing-allow-origin: *
pragma: no-cache
accept-ch: DPR, Width, Viewport-Width, Downlink, Device-Memory, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version
access-control-allow-credentials: true
amp-access-control-allow-source-origin: *
access-control-allow-origin: *
content-length: 43
server: nginx

POST
H2 200 / Show response
kraken.rambler.ru/cnt/v2/ 43 B
684 B 959ms
316ms XHR
image/gif 81.19.89.17
RAMBLER-TELECOM-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://kraken.rambler.ru/cnt/v2/

Requested by

Host: st.top100.ru
URL: https://st.top100.ru/top100/top100.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

81.19.89.17 , Russian Federation, ASN24638 (RAMBLER-TELECOM-AS, RU),

Reverse DNS

kraken.rambler.ru

Software

nginx /

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type: application/x-www-form-urlencoded
Referer: https://goo.su/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
cache-control: no-cache
accept-ch: Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
pragma: no-cache
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
expires: Thu, 01 Jan 1970 00:00:01 GMT
access-control-allow-origin: https://goo.su
x-sca-elb: nginx-top100-ext-dedicated
content-length: 43
date: Sat, 28 Sep 2024 12:41:09 GMT
content-type: image/gif
server: nginx
access-control-allow-headers: content-type

GET
H2 200 top100_0062b1.gif
kraken.rambler.ru/counter-static/images/ 595 B
1 KB 963ms
322ms Image
image/gif 81.19.89.17
RAMBLER-TELECOM-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://kraken.rambler.ru/counter-static/images/top100_0062b1.gif

Requested by

Host: goo.su
URL: https://goo.su/XgkQ

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

81.19.89.17 , Russian Federation, ASN24638 (RAMBLER-TELECOM-AS, RU),

Reverse DNS

kraken.rambler.ru

Software

nginx /

Resource Hash

fda0897f4cdbbab911245c9ebaa4885f54a7e572b8c9b071dc976d1d27cab1a6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://goo.su/

Response headers

x-obs-id-2: 32AAAQAAEAABAAAQAAEAABAAAQAAEAABCTAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
x-obs-meta-s3cmd-attrs: atime:1718733846/ctime:1718733846/gid:0/gname:root/md5:10d95efe74b84de86398a30e7b958b79/mode:33206/mtime:1718733846/uid:0/uname:root
access-control-allow-methods: OPTIONS,GET
date: Sat, 28 Sep 2024 12:41:09 GMT
content-type: image/gif
x-obs-request-id: 20e1386ce4606fffdfe837b4d09662af
access-control-allow-headers: DNT
x-cache-status: HIT
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: max-age=86400
access-control-allow-credentials: true
x-obs-tagging-count: 0
access-control-allow-origin: *
content-length: 595
x-obs-content-sha256: fda0897f4cdbbab911245c9ebaa4885f54a7e572b8c9b071dc976d1d27cab1a6
server: nginx

GET
H2 200 text-variable-full.woff2
yastatic.net/s3/home/fonts/ys/3/ 25 KB
26 KB 777ms
244ms Font
font/woff2 2a02:6b8:20::215
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://yastatic.net/s3/home/fonts/ys/3/text-variable-full.woff2

Requested by

Host: an.yandex.ru
URL: https://an.yandex.ru/system/context.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:20::215 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

033696b7f1ac04d1dcc102be84550e146236ceffc25a6cabc12aa51a6ee410b9

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://goo.su
Referer: https://goo.su/

Response headers

etag: "7f0cdaf91230f9789ca4162aedff612e"
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
expires: Sun, 28 Sep 2025 18:27:31 GMT
date: Sat, 28 Sep 2024 12:41:09 GMT
content-type: font/woff2
last-modified: Mon, 25 Apr 2022 14:02:39 GMT
vary: Accept-Encoding
strict-transport-security: max-age=43200000; includeSubDomains;
cache-control: public, max-age=31556952
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
timing-allow-origin: *
x-amz-meta-owner: {"role":"admin","login":"4eb0da"}
x-nginx-request-id: 5e504cf95bd80c93
accept-ranges: bytes
access-control-allow-origin: *
content-length: 26004
server: nginx/1.17.9

GET
H2 200 eb8fa3db2e8d709b36ab.js Show response
yastatic.net/partner-code-bundles/1124850/ 44 KB
13 KB 1472ms
945ms Script
text/javascript 2a02:6b8:20::215
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://yastatic.net/partner-code-bundles/1124850/eb8fa3db2e8d709b36ab.js

Requested by

Host: an.yandex.ru
URL: https://an.yandex.ru/system/context.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:20::215 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

9519ead81b27930f2599740121be7c46d232a0056d8693737dcbf5531af55118

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://goo.su
Referer: https://goo.su/

Response headers

x-robots-tag: noindex, noarchive, nofollow
content-encoding: br
etag: "516a3f39f36931c0fac52203506215de"
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
expires: Mon, 28 Sep 2054 19:14:30 GMT
date: Sat, 28 Sep 2024 12:41:09 GMT
content-type: text/javascript; charset=utf-8
last-modified: Fri, 27 Sep 2024 09:42:26 GMT
vary: Accept-Encoding
strict-transport-security: max-age=43200000; includeSubDomains;
cache-control: public, max-age=946708560
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
timing-allow-origin: *
accept-ranges: bytes
access-control-allow-origin: *
content-length: 12706
server: nginx/1.17.9

GET
H2 200 efa3b2d2d33799e15d56.js Show response
yastatic.net/partner-code-bundles/1124850/ 24 KB
8 KB 1471ms
944ms Script
text/javascript 2a02:6b8:20::215
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://yastatic.net/partner-code-bundles/1124850/efa3b2d2d33799e15d56.js

Requested by

Host: an.yandex.ru
URL: https://an.yandex.ru/system/context.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:20::215 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

9f15cd512a7931c3e02ceea28f2186516a60527aaad7c745284aa09adeaddc85

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://goo.su
Referer: https://goo.su/

Response headers

x-robots-tag: noindex, noarchive, nofollow
content-encoding: br
etag: "31c478409a7f9dcf597ddafb24a1fbde"
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
expires: Mon, 28 Sep 2054 19:14:30 GMT
date: Sat, 28 Sep 2024 12:41:09 GMT
content-type: text/javascript; charset=utf-8
last-modified: Fri, 27 Sep 2024 09:42:26 GMT
vary: Accept-Encoding
strict-transport-security: max-age=43200000; includeSubDomains;
cache-control: public, max-age=946708560
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
timing-allow-origin: *
accept-ranges: bytes
access-control-allow-origin: *
content-length: 7949
server: nginx/1.17.9

GET
H2 200 e4f45f04bfd7fea3737f.js Show response
yastatic.net/partner-code-bundles/1124850/ 624 KB
114 KB 1401ms
875ms Script
text/javascript 2a02:6b8:20::215
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://yastatic.net/partner-code-bundles/1124850/e4f45f04bfd7fea3737f.js

Requested by

Host: an.yandex.ru
URL: https://an.yandex.ru/system/context.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:20::215 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

7a332cb691c614f8db35315c35265b7a7e5280f346c70ecbb208293173bccf1c

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://goo.su
Referer: https://goo.su/

Response headers

x-robots-tag: noindex, noarchive, nofollow
content-encoding: br
etag: "d7f1034d729f5873ec9a72c0ab679b8c"
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
expires: Mon, 28 Sep 2054 19:14:38 GMT
date: Sat, 28 Sep 2024 12:41:09 GMT
content-type: text/javascript; charset=utf-8
last-modified: Fri, 27 Sep 2024 09:42:26 GMT
vary: Accept-Encoding
strict-transport-security: max-age=43200000; includeSubDomains;
cache-control: public, max-age=946708560
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
timing-allow-origin: *
accept-ranges: bytes
access-control-allow-origin: *
content-length: 116003
server: nginx/1.17.9

GET
H2 200 host.js Show response
yastatic.net/safeframe-bundles/0.83/ 33 KB
9 KB 1141ms
616ms Script
text/javascript 2a02:6b8:20::215
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://yastatic.net/safeframe-bundles/0.83/host.js

Requested by

Host: an.yandex.ru
URL: https://an.yandex.ru/system/context.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:20::215 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

34806ef573086241dd1a596a860b0295b51c24f1c37eab36eb9d0665683abb55

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://goo.su
Referer: https://goo.su/

Response headers

x-robots-tag: noindex, noarchive, nofollow
content-encoding: br
etag: "f80882bf67cf261aa08d636da095149a"
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
expires: Mon, 28 Sep 2054 19:14:18 GMT
date: Sat, 28 Sep 2024 12:41:09 GMT
content-type: text/javascript; charset=utf-8
last-modified: Wed, 03 Nov 2021 13:42:58 GMT
vary: Accept-Encoding
strict-transport-security: max-age=43200000; includeSubDomains;
cache-control: public, max-age=946708560
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
timing-allow-origin: *
accept-ranges: bytes
access-control-allow-origin: *
content-length: 8878
server: nginx/1.17.9

GET
H2 200 5d833fb4d76658946499.js Show response
yastatic.net/partner-code-bundles/1124850/ 122 KB
24 KB 1302ms
779ms Script
text/javascript 2a02:6b8:20::215
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://yastatic.net/partner-code-bundles/1124850/5d833fb4d76658946499.js

Requested by

Host: an.yandex.ru
URL: https://an.yandex.ru/system/context.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:20::215 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

c319c41d692da45b3d0cd5e1c47645c6f69b889e3ce8ed81fb9a02e2b58ec12b

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://goo.su
Referer: https://goo.su/

Response headers

x-robots-tag: noindex, noarchive, nofollow
content-encoding: br
etag: "2e3d8a89a9b811c02100b614437e5fc7"
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
expires: Mon, 28 Sep 2054 19:14:23 GMT
date: Sat, 28 Sep 2024 12:41:09 GMT
content-type: text/javascript; charset=utf-8
last-modified: Fri, 27 Sep 2024 09:42:25 GMT
vary: Accept-Encoding
strict-transport-security: max-age=43200000; includeSubDomains;
cache-control: public, max-age=946708560
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
timing-allow-origin: *
accept-ranges: bytes
access-control-allow-origin: *
content-length: 24500
server: nginx/1.17.9

GET
H2 200 1677322 Show response
yandex.ru/ads/meta/ 180 KB
40 KB 1061ms
462ms XHR
application/json 2a02:6b8:a::a
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://yandex.ru/ads/meta/1677322?target-ref=https%3A%2F%2Fgoo.su%2FXgkQ&pcode-version=1124850&pcodever=1124850&comboblock-unencoded-vast=1&ad-session-id=8349691727527268757&target-id=32374963&pcode-test-ids=1114588%2C0%2C20%3B1108910%2C0%2C62%3B1124316%2C0%2C57%3B1106679%2C0%2C66%3B1094980%2C0%2C24%3B1095100%2C0%2C25%3B1112047%2C0%2C94%3B1112882%2C0%2C38%3B1122821%2C0%2C95%3B1112582%2C0%2C48%3B1035458%2C0%2C15%3B1122619%2C0%2C70%3B1116503%2C0%2C39%3B1116506%2C0%2C0%3B1121388%2C0%2C61%3B1121754%2C0%2C31%3B1110876%2C0%2C11%3B1111353%2C0%2C50%3B1110879%2C0%2C21%3B1110884%2C0%2C44%3B1085920%2C0%2C47%3B1121757%2C0%2C5%3B1110867%2C0%2C23%3B1122925%2C0%2C37%3B1124850%2C0%2C24&pcode-flags-map=eJy1WVlz2zYX%2FS96jlLuS94gEqIw4lYQlKx2MhilVhO3jp2JnTRNJv%2F9OyChhZRMOv1av0giicOLu5x7LvxtErOKzFIqo6LOheQ0ZpxGQrKclOXk1a%2FfJp%2B3t592k1cTwWs6eTF53D08smv89i3DcazJ99cvJitSybqiMqtTwXiRpkDLhfpCuVwTES1oLAXLqCzm84qKYVzbMnz%2FgMup4BtZ5DKnYl3wpaScF3wYwfUcP2wQ1EuLWsiS08auo4UrFtNC6vsdONPAXwcvtEPfGMGb1fM5dkuzUmxkyjLWB%2F1hxFVJWPzvWziv8f2fouYIxL9t6ROY%2F1d8LmP%2Bdx74p9FXGZ5wMpMpzROx6CxCfQWnywIjMHznsKxaFHUaq4%2B1JJFgsGtWC4EPBgtJtMSdrhW7Lx9O8UzDdgL3CEijIpORIFgfcUpQzxqvYr%2FQDtDt2y6O6%2FrBkQlo3hBKWmBH9GrEBM%2FxPK9ZqghkQySvZVxkBHuYF1ySGATwc00rUQ2WPIACzwgONmiIIk83yh3Y1bAZfmAGp5yTFStsnyXYRSJjopwiaFYNgwSeFR7DWpKqUpmCvGj8ga0oR0pRyFVGyhGoILBat3BkVR4VMQCykvKK5LHaEd4g2hqJUoZYD8OFgW24x8yp%2BYpuQKhr2FcknMLQGeEjEK7reOe5QuJ47%2BwqhTkjIKFxAjJnVw1GSgnPZVbw4dUmQuTZx12Ixq0r%2BAS53y030wxd2%2B2uthzTb33QlO2M5Dkqts7ZnFHlUkH5nESDJrhhYOnWpLJ1tmwiWjWZ2vKVyrUimxVDKJ4fOoa%2FD66KAnpcDQ%2BQOWyQTTylWPCiThbDfc40Daftc1VGuJAolJpKelXKWQoCABFVnfL7dfJ%2Be3P78uMnoPy9vbvefcH3n27eb9%2FuHjqX3m7fN1euv%2B7u2se3n28e79uv71%2Be%2FLi%2Bu9FXFfIBARc%2Bbr%2Fe3n99p29%2F%2Fdh%2Bfvq4fXm3%2B%2Bvh7IE%2Ftvfvb%2FTS%2Bz%2FV5%2BvOVl24vt0qFTKmc4IgosYSKvM6m9HB7PVd09aEu0HdEMEiOaeI%2Biwt4Cb0rvUC9X3BX3zKppYTmuDiqQnI099W77fd%2B%2B00v8nUctFXfEuvJ1M3CBzPnCJJ9xc8bM9XL3jdofvQM9timVfgoaJUBTO0zcC1bbMtkBx7BIOhL9QkVfmZEaFElNJl4GSZ0bwehnJCq%2FWYStCkFLKKOCsH2TyAdAudvcUxrZYCRu8FJjwsG55QQRuECcF%2F4R6G0zXhsdKPm3JwWWhZhu4AB03blBL2PGfKAX2aOANw7cA%2BVPceZN%2F4VZHHRVTDdXCG4ETQBMJ0VlGw6WD6hZbjasueoI05wqua3Yh5oLWW%2Fjpc0%2BgZRIfSvFHhSHDeBHvFKjZjKRMHMwfx0SKCNt%2FiX%2FZQS5pSMeY2M7Bau%2FZlCXfBQZRkDQhJQWs6IU9MOriQXkVpjf6WcajIYQs9xzy2MYW9QDtUWoPlSx3tVjWIOh%2FZrG%2B5bUgqkinhkcf0SneywYW%2B4XthJ8uKkuZczFSvL1FYaGizOl0OgoSuo%2FsIHk%2FkgpJ4OIXAIIHrmc0SUm3yqOX60yXfJg%2B7R8VZJ%2FelsquRL2mB7HrRvUex5ybrutf1jd5VpVKfAnjyFSxH0bcXSDwvrnq34SzOlqSdPc%2FeGBXFkuEhNT%2ByPHniKSiYjFX07MVNa1Db11Y2NdN7qldHjXSGcoeP390%2FPD4oZ25vbyevv3ciARkS6q5bla0QyzA2E7lmYqGY4jBEN%2FJTPTAcWsuHsm%2F5ThxoB%2BN3WqxgGyuUpI4jsOAIDBj7WB0HnAoN85RrlLZvahGf0aIxWj0cpQREN5KEFiaX49aVfrtiBP6%2FLNLP5w3L1RJMLY%2FqSkBFKoXN5qTbdx13t92%2BMb1puNv%2BPnX8rT1943vX0%2B3vbzwH19xr1%2Bp0SzXMhEFwCRyqOQJnn77AeGkY7vNWR%2FOkW2WhCd3lh9bklfliYhvQ1pZjmPj1%2FQlAVRd7mdoWw7CXHBBM66Wo4ipT%2BUYmLMtGtDUatp6kjsva3jStRoW5a1haaxxyuhFIT%2Bkiz4aS9yGxuzFwbcdqTV9zAjJUqhrEkUqSV%2Bux5HJD1zyZIpsJg0AFVzRFswC3osdh1h6ZJz3bat2uSidrSIBCirBEzUyckW4iTP66eXw3%2FXxzvbs%2FGydt9zLOiAHnC0vFYDIdCbsX7BvLgZZEQk6bu1ZUHZgPXxgk993jQw8s3E%2F2Kp68WD%2FTet%2FydZdR61rD0aejJdK3mwG2YVpIOFdNWfjuOYh8Px0CJ9BZpSrg2PpRVwko%2BUJhmr31%2BxriGTQSScYG8NDXU7w%2Bgyg5iyC04ErMR0s6wsOobH2MUZU0audCzIc%2Fq34SNwzajMwYrWjWs%2FvSvOzpUkgwsKyWiF5W6IFjtpFo%2B12x821iui74%2B9Xk4eHDTwqoTcvp5z%2Bnu%2Bubu%2Ftd%2B%2FvlHw%2F3d5Mu14SeYTrnqdNQe5uC0MDQW3UkiuEiRHcz9YS%2BbyBxXUJYQarBBVW7geEwIIuQDYdCVicEJeEkq9TRRyPSap6eNCSRDI7Lptqfnt6KEmpcHaJECwo%2FHkx7RnKordmtVdBpKob7EwR9Vj222jLb1GrOdbQ2wYZmg0oPC63AOXblH1%2BsVWpPqjSnfhj60xRdd3%2Bgg7skJmXT3LMCtdYl%2FQ9270DECMzjmZeuGLFAbutzTH2qWJKcpj94xgF0MzCOhzVKq2MIU22FK73NMVesiBqkVDRLdb414gnHDYK%2Bseena6dCp2YjaaUGzeNxkjpBEatnzA7qKMk2j8dYLD8ZdmJSLdD3sMWzefW3%2B7vHj%2Fe3PSM8T%2F%2BrYtxN%2Bxd1UR9ve8QD0jRGSVf1%2BI4i6pEXBo4nrVLT4WHEGzRGJZnjd4BIXiDHuOR12pRA%2B38nlpXqGFKlmwpgSniiYlqNoQeasPFovOyP4bhvBZbZi11z6eSMZFGTNWXSCqRA2qdgk7GXuvvD7ibNusMuMhIbWfQsOQuS7Tqdwj6CHAAOBw%2FtsaAW7wVMpF0TXcMwfhg8I1cH0d7G4Ok2fMRToqBaEI5cVDFLJFenKsP%2BgkowuwPzjFTUc%2FTQZI1423M1jVxcTcjsOQhenzm6EqtqJzWelU82yvNtmbYmpGagUpGvihq1Bb1Ex%2FjD9PfqTKAdbrSybfc01ocgE3UX07JWma3E%2BogbTNu1L7zz2cpAvTm8ALBmcTKirNTa4KgITiStPr%2BJ8ImCLzgDNY0e1AHN3Z9OVmKT0qRGOJUh0DtlwUfXNwHwL%2BzlRxqc%2Bn%2BP31Ul6vAnrob%2FtYN6CLUwbNreBdJyAtfoNxx16fvr7%2F8DFx42AA%3D%3D&pcode-icookie=VSBqxrwcvHfaaSXQFWPuBgSoWDZBLJCJysIW0y98XF5sIJ1PMduHMg5e2qK8GXR1Ao5miR6XZKQmpS3FkuFGnYxDDzs%3D&imp-id=1&ecma-version=es2017&charset=utf-8&test-tag=273778395316226&tga-with-creatives=1&top-ancestor=https%3A%2F%2Fgoo.su&top-ancestor-undetermined=0&layout-config=%7B%22win_width%22%3A1600%2C%22win_height%22%3A1200%2C%22pixel_ratio%22%3A1%2C%22bandwidth%22%3A10%2C%22isInIframe%22%3Afalse%2C%22w%22%3A1600%2C%22h%22%3A1200%2C%22width%22%3A379%2C%22height%22%3A0%2C%22visible%22%3A1%2C%22fullscreenHeaderHeight%22%3A80%2C%22left%22%3A611%2C%22top%22%3A128%2C%22ad_no%22%3A0%2C%22safeArea%22%3A%7B%22top%22%3A0%2C%22bottom%22%3A0%2C%22left%22%3A0%2C%22right%22%3A0%7D%2C%22req_no%22%3A0%7D&grab-orig-len=448&grab=eyJncmFiX3ZlcnNpb24iOjJ9CmKttLE8z-sjCOtpKMe-UidGIY3xyIbaqQysE2mJ-LpjXKhX77666gv10MgdxhZ4_9TJAcMwh5lh0uxoWrXZX5zaYo7W1yPL8Ad2RBlOhlkGaqmUefhTVqMc-JEOv1TSQR9BIhBPaZ64aubHMo1iPmc4n1w1azHrxpiubsQ3ImcMT_hlPhVBV50E_O6Jgdm6Q63NyfTpWiUlzjA7u5vOjE-LnW0Vl9mRUabNm2Pt82ortSWtGNhLepWe3e-hdVQ-kq77icFvXjhveQnFO_W2X1jNsp7W3c386tT0lIP7rj5rshiW1e3PiHYcwjkug0AnIErynaL_xc6YbFo2jFdX62XAQ4umxMzBGrfyAQ7Bvu_PI-8HchUEGfYgdkM5EmoYBtQDtoTuKXNFzcXGBsKBcItOOdHix31ESPQkEAr6&uniformat=true&callback=Ya%5B8173470334498%5D

Requested by

Host: an.yandex.ru
URL: https://an.yandex.ru/system/context.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:6b8:a::a Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

6d569cba488e90ad9f5e7458c4dadd05515109fdf1a3f860af1094fb0a845dd2

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; default-src 'none'; base-uri 'none'; script-src 'report-sample' 'unsafe-inline' 'self' yandex.ru an.yandex.ru api-maps.yandex.ru mc.yandex.ru yastatic.net pcode.yads.tech .maps.yandex.net; style-src 'unsafe-inline' yastatic.net; img-src 'self' data: avatars.mds.yandex.net favicon.yandex.net .captcha.yandex.net yastatic.net .maps.yandex.net .yandex.ru avatars.yads.tech; media-src blob: strm.yandex.ru *.strm.yandex.net; font-src yastatic.net; connect-src 'self' blob: abs.yandex.ru an.yandex.ru yandex.ru mc.yandex.ru yastatic.net log.strm.yandex.ru display.yads.tech display-logs.yads.tech; frame-src yandexadexchange.net yandex.ru an.yandex.ru; report-uri https://csp.yandex.net/csp?from=yabs&project=yabs&yandex_login=&platform=
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type: application/x-www-form-urlencoded
Referer: https://goo.su/

Response headers

x-yandex-req-id: 1727527269513011-5763409161665520417-balancer-l7leveler-kubr-yp-vla-50-BAL
content-encoding: gzip
report-to: { "group": "network-errors", "max_age": 100, "endpoints": [{"url": "https://dr.yandex.net/nel", "priority": 1}, {"url": "https://dr2.yandex.net/nel", "priority": 2}]}
x-content-type-options: nosniff
expires: Sat, 28 Sep 2024 12:41:09 GMT
uniformat: true
date: Sat, 28 Sep 2024 12:41:09 GMT
content-type: application/json
last-modified: Sat, 28 Sep 2024 12:41:09 GMT
content-security-policy: upgrade-insecure-requests; default-src 'none'; base-uri 'none'; script-src 'report-sample' 'unsafe-inline' 'self' yandex.ru an.yandex.ru api-maps.yandex.ru mc.yandex.ru yastatic.net pcode.yads.tech *.maps.yandex.net; style-src 'unsafe-inline' yastatic.net; img-src 'self' data: avatars.mds.yandex.net favicon.yandex.net *.captcha.yandex.net yastatic.net *.maps.yandex.net *.yandex.ru avatars.yads.tech; media-src blob: strm.yandex.ru *.strm.yandex.net; font-src yastatic.net; connect-src 'self' blob: abs.yandex.ru an.yandex.ru yandex.ru mc.yandex.ru yastatic.net log.strm.yandex.ru display.yads.tech display-logs.yads.tech; frame-src yandexadexchange.net yandex.ru an.yandex.ru; report-uri https://csp.yandex.net/csp?from=yabs&project=yabs&yandex_login=&platform=
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin: *
nel: {"report_to": "network-errors", "max_age": 100, "success_fraction": 0.001, "failure_fraction": 0.1}
accept-ch: Sec-CH-UA-Platform-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Platform, Sec-CH-UA-Full-Version, Viewport-Width, DPR, Device-Memory, RTT, Downlink, ECT, Width
pragma: no-cache
access-control-allow-credentials: true
access-control-allow-origin: https://goo.su
uniformat-product-type: Direct
x-xss-protection: 1; mode=block

OPTIONS
H/1.1 200
OK /
privacy-cs.mail.ru/fp/ Frame 0
0 760ms
253ms Preflight
application/octet-stream 2a00:1148:1000:101:8:3:0:17
VK-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://privacy-cs.mail.ru/fp/?id=EqD34UkuL_t8LawrMwPiH
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a00:1148:1000:101:8:3:0:17 , Russian Federation, ASN47764 (VK-AS, RU),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://goo.su
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: content-type
Access-Control-Allow-Method: POST
Access-Control-Allow-Origin: https://goo.su
Access-Control-Max-Age: 1728000
Cache-Control: max-age=7200
Connection: keep-alive
Content-Length: 0
Content-Type: application/octet-stream
Date: Sat, 28 Sep 2024 12:41:10 GMT
Expires: Sat, 28 Sep 2024 14:41:10 GMT
Server: nginx

POST
H/1.1 200
OK /
privacy-cs.mail.ru/fp/ 0
0 258ms
256ms Fetch
application/octet-stream 2a00:1148:1000:101:8:3:0:17
VK-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://privacy-cs.mail.ru/fp/?id=EqD34UkuL_t8LawrMwPiH
Requested by: Host: privacy-cs.mail.ru
URL: https://privacy-cs.mail.ru/static/sync-loader.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a00:1148:1000:101:8:3:0:17 , Russian Federation, ASN47764 (VK-AS, RU),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type: application/json
Referer: https://goo.su/

Response headers

Transfer-Encoding: chunked
Cache-Control: max-age=7200
Timing-Allow-Origin: *
Connection: keep-alive
Access-Control-Allow-Credentials: true
Expires: Sat, 28 Sep 2024 14:41:10 GMT
Access-Control-Allow-Origin: https://goo.su
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSAo PSDo OUR BUS UNI NAV STA INT"
Date: Sat, 28 Sep 2024 12:41:10 GMT
Content-Type: application/octet-stream
Server: nginx

HEAD
H2 200 context.js
yandex.ru/ads/system/ 0
0 891ms
307ms Fetch
text/javascript 2a02:6b8:a::a
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://yandex.ru/ads/system/context.js

Requested by

Host: privacy-cs.mail.ru
URL: https://privacy-cs.mail.ru/static/sync-loader.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:6b8:a::a Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://goo.su/

Response headers

x-robots-tag: noindex, noarchive, nofollow
x-yandex-req-id: 1727527271194579-3036772427431878868-balancer-l7leveler-kubr-yp-klg-177-BAL
nel: {"report_to": "network-errors", "max_age": 100, "success_fraction": 0.001, "failure_fraction": 0.1}
timing-allow-origin: *
content-encoding: br
cache-control: private, max-age=3600
etag: "e87108a5337a4a34a6e08b27264b6619-1124850"
accept-ch: Sec-CH-UA-Platform-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Platform, Sec-CH-UA-Full-Version, Viewport-Width, DPR, Device-Memory, RTT, Downlink, ECT, Width
report-to: { "group": "network-errors", "max_age": 100, "endpoints": [{"url": "https://dr.yandex.net/nel", "priority": 1}, {"url": "https://dr2.yandex.net/nel", "priority": 2}]}
x-content-type-options: nosniff
expires: Sat, 28 Sep 2024 13:41:11 GMT
access-control-allow-origin: *
content-type: text/javascript; charset=utf-8

OPTIONS
H2 200 event_confirmation
an.yandex.ru/ Frame 0
0 934ms
317ms Preflight 2a02:6b8::90
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://an.yandex.ru/event_confirmation

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::90 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://goo.su
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://goo.su
access-control-max-age: 1728000
content-encoding: gzip
date: Sat, 28 Sep 2024 12:41:11 GMT
strict-transport-security: max-age=31536000
timing-allow-origin: *
x-xss-protection: 1; mode=block

POST
H2 200 event_confirmation Show response
an.yandex.ru/ 0
257 B 323ms
321ms XHR
text/plain 2a02:6b8::90
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://an.yandex.ru/event_confirmation

Requested by

Host: an.yandex.ru
URL: https://an.yandex.ru/system/context.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::90 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type: application/json
Referer: https://goo.su/

Response headers

strict-transport-security: max-age=31536000
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin: *
content-encoding: gzip
pragma: no-cache
access-control-allow-credentials: true
expires: Sat, 28 Sep 2024 12:41:11 GMT
access-control-allow-origin: https://goo.su
date: Sat, 28 Sep 2024 12:41:11 GMT
x-xss-protection: 1; mode=block
last-modified: Sat, 28 Sep 2024 12:41:11 GMT

GET
H2 200 wy150
avatars.mds.yandex.net/get-direct/5175147/nJx99QMEQpvEM5-FhltbbA/ 6 KB
6 KB 980ms
356ms Image
image/webp 2a02:6b8::184
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://avatars.mds.yandex.net/get-direct/5175147/nJx99QMEQpvEM5-FhltbbA/wy150
Requested by: Host: goo.su
URL: https://goo.su/XgkQ
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6b8::184 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software: nginx /
Resource Hash: e42f344a1cf21abe7fb9c31ccc4714faa616c7aba785ddba0b9620be92da560f

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://goo.su/

Response headers

x-request-id: 8f2b7ad2c343d87d
cache-control: max-age=31536000,immutable
nel: {"report_to": "network-errors", "max_age": 600, "success_fraction": 0.001, "failure_fraction": 0.01}
access-control-allow-credentials: true
report-to: {"group": "network-errors", "max_age": 600, "endpoints": [ { "url": "https://dr.yandex.net/s3_nel?datacenter=SAS"}]}
access-control-allow-origin: *
content-length: 6202
date: Sat, 28 Sep 2024 12:41:11 GMT
content-type: image/webp
last-modified: Thu, 05 Sep 2024 08:35:08 GMT
server: nginx

GET
H/1.1 200
Ok dodo.gazprombonus.ru
favicon.yandex.net/favicon/ 738 B
1 KB 959ms
327ms Image
image/png 2a02:6b8::36
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://favicon.yandex.net/favicon/dodo.gazprombonus.ru?size=32&stub=2

Requested by

Host: goo.su
URL: https://goo.su/XgkQ

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:6b8::36 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

1317b15498da5bb35c35c04ecc60f9d3a59bde97e9fb99138a31645cec0b6f70

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://goo.su/

Response headers

Transfer-Encoding: chunked
X-Yandex-Req-Id: 1727527271328264-772995798641252833300352-production-app-host-sas-favicon-11
Cache-Control: max-age=691200
access-control-allow-origin: *
X-XSS-Protection: 1; mode=block
Content-Type: image/png
X-Content-Type-Options: nosniff

GET
H2 200 x90
avatars.mds.yandex.net/get-direct/4488415/CZQEPV-rhimEzhReIL3tIQ/ 5 KB
5 KB 1021ms
398ms Image
image/webp 2a02:6b8::184
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://avatars.mds.yandex.net/get-direct/4488415/CZQEPV-rhimEzhReIL3tIQ/x90
Requested by: Host: goo.su
URL: https://goo.su/XgkQ
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6b8::184 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software: nginx /
Resource Hash: 6625faec8fdcd9ce20a566cf73323d07a747271c7bf73fa57f1da608b2f33b33

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://goo.su/

Response headers

x-request-id: b9b8a097e89561d8
cache-control: max-age=31536000,immutable
nel: {"report_to": "network-errors", "max_age": 600, "success_fraction": 0.001, "failure_fraction": 0.01}
access-control-allow-credentials: true
report-to: {"group": "network-errors", "max_age": 600, "endpoints": [ { "url": "https://dr.yandex.net/s3_nel?datacenter=SAS"}]}
access-control-allow-origin: *
content-length: 4734
date: Sat, 28 Sep 2024 12:41:11 GMT
content-type: image/webp
last-modified: Wed, 11 Sep 2024 08:57:39 GMT
server: nginx

GET
H/1.1 200
Ok blockchain-life.com
favicon.yandex.net/favicon/ 1 KB
2 KB 963ms
330ms Image
image/png 2a02:6b8::36
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://favicon.yandex.net/favicon/blockchain-life.com?size=32&stub=2

Requested by

Host: goo.su
URL: https://goo.su/XgkQ

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:6b8::36 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

b6207095fd289e57bfa7fd35ac04ff8f19c7771afbf9397a6ff64032b249f2d7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://goo.su/

Response headers

Transfer-Encoding: chunked
X-Yandex-Req-Id: 1727527271324578-1342255962146650960700277-production-app-host-vla-favicon-1
Cache-Control: max-age=691200
access-control-allow-origin: *
X-XSS-Protection: 1; mode=block
Content-Type: image/png
X-Content-Type-Options: nosniff

GET
H2 200 x150
avatars.mds.yandex.net/get-direct/4902855/rUDIQYmdIO-TfLn3LMKXFQ/ 4 KB
4 KB 1252ms
629ms Image
image/webp 2a02:6b8::184
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://avatars.mds.yandex.net/get-direct/4902855/rUDIQYmdIO-TfLn3LMKXFQ/x150
Requested by: Host: goo.su
URL: https://goo.su/XgkQ
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6b8::184 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://goo.su/

Response headers

x-request-id: e07c946a3d820a84
cache-control: max-age=31536000,immutable
nel: {"report_to": "network-errors", "max_age": 600, "success_fraction": 0.001, "failure_fraction": 0.01}
access-control-allow-credentials: true
report-to: {"group": "network-errors", "max_age": 600, "endpoints": [ { "url": "https://dr.yandex.net/s3_nel?datacenter=SAS"}]}
access-control-allow-origin: *
content-length: 3860
date: Sat, 28 Sep 2024 12:41:11 GMT
content-type: image/webp
last-modified: Tue, 27 Aug 2024 08:46:16 GMT
server: nginx

GET
H/1.1 200
Ok kata.academy
favicon.yandex.net/favicon/ 975 B
1 KB 961ms
328ms Image
image/png 2a02:6b8::36
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://favicon.yandex.net/favicon/kata.academy?size=32&stub=2

Requested by

Host: goo.su
URL: https://goo.su/XgkQ

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:6b8::36 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

34dcd1e9bc213560b5dc69ca3ad9086e894129df080f021932b68062fa589a7a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://goo.su/

Response headers

Transfer-Encoding: chunked
X-Yandex-Req-Id: 1727527271327603-1092748301833069748700277-production-app-host-vla-favicon-26
Cache-Control: max-age=691200
access-control-allow-origin: *
X-XSS-Protection: 1; mode=block
Content-Type: image/png
X-Content-Type-Options: nosniff

GET
H2 200 1677322 Show response
yandex.ru/ads/meta/ 127 KB
28 KB 485ms
485ms XHR
application/json 2a02:6b8:a::a
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://yandex.ru/ads/meta/1677322?target-ref=https%3A%2F%2Fgoo.su%2FXgkQ&pcode-version=1124850&pcodever=1124850&comboblock-unencoded-vast=1&ad-session-id=8349691727527268757&target-id=18720876&pcode-test-ids=1114588%2C0%2C20%3B1108910%2C0%2C62%3B1124316%2C0%2C57%3B1106679%2C0%2C66%3B1094980%2C0%2C24%3B1095100%2C0%2C25%3B1112047%2C0%2C94%3B1112882%2C0%2C38%3B1122821%2C0%2C95%3B1112582%2C0%2C48%3B1035458%2C0%2C15%3B1122619%2C0%2C70%3B1116503%2C0%2C39%3B1116506%2C0%2C0%3B1121388%2C0%2C61%3B1121754%2C0%2C31%3B1110876%2C0%2C11%3B1111353%2C0%2C50%3B1110879%2C0%2C21%3B1110884%2C0%2C44%3B1085920%2C0%2C47%3B1121757%2C0%2C5%3B1110867%2C0%2C23%3B1122925%2C0%2C37%3B1124850%2C0%2C24&pcode-flags-map=eJy1WVlz2zYX%2FS96jlLuS94gEqIw4lYQlKx2MhilVhO3jp2JnTRNJv%2F9OyChhZRMOv1av0giicOLu5x7LvxtErOKzFIqo6LOheQ0ZpxGQrKclOXk1a%2FfJp%2B3t592k1cTwWs6eTF53D08smv89i3DcazJ99cvJitSybqiMqtTwXiRpkDLhfpCuVwTES1oLAXLqCzm84qKYVzbMnz%2FgMup4BtZ5DKnYl3wpaScF3wYwfUcP2wQ1EuLWsiS08auo4UrFtNC6vsdONPAXwcvtEPfGMGb1fM5dkuzUmxkyjLWB%2F1hxFVJWPzvWziv8f2fouYIxL9t6ROY%2F1d8LmP%2Bdx74p9FXGZ5wMpMpzROx6CxCfQWnywIjMHznsKxaFHUaq4%2B1JJFgsGtWC4EPBgtJtMSdrhW7Lx9O8UzDdgL3CEijIpORIFgfcUpQzxqvYr%2FQDtDt2y6O6%2FrBkQlo3hBKWmBH9GrEBM%2FxPK9ZqghkQySvZVxkBHuYF1ySGATwc00rUQ2WPIACzwgONmiIIk83yh3Y1bAZfmAGp5yTFStsnyXYRSJjopwiaFYNgwSeFR7DWpKqUpmCvGj8ga0oR0pRyFVGyhGoILBat3BkVR4VMQCykvKK5LHaEd4g2hqJUoZYD8OFgW24x8yp%2BYpuQKhr2FcknMLQGeEjEK7reOe5QuJ47%2BwqhTkjIKFxAjJnVw1GSgnPZVbw4dUmQuTZx12Ixq0r%2BAS53y030wxd2%2B2uthzTb33QlO2M5Dkqts7ZnFHlUkH5nESDJrhhYOnWpLJ1tmwiWjWZ2vKVyrUimxVDKJ4fOoa%2FD66KAnpcDQ%2BQOWyQTTylWPCiThbDfc40Daftc1VGuJAolJpKelXKWQoCABFVnfL7dfJ%2Be3P78uMnoPy9vbvefcH3n27eb9%2FuHjqX3m7fN1euv%2B7u2se3n28e79uv71%2Be%2FLi%2Bu9FXFfIBARc%2Bbr%2Fe3n99p29%2F%2Fdh%2Bfvq4fXm3%2B%2Bvh7IE%2Ftvfvb%2FTS%2Bz%2FV5%2BvOVl24vt0qFTKmc4IgosYSKvM6m9HB7PVd09aEu0HdEMEiOaeI%2Biwt4Cb0rvUC9X3BX3zKppYTmuDiqQnI099W77fd%2B%2B00v8nUctFXfEuvJ1M3CBzPnCJJ9xc8bM9XL3jdofvQM9timVfgoaJUBTO0zcC1bbMtkBx7BIOhL9QkVfmZEaFElNJl4GSZ0bwehnJCq%2FWYStCkFLKKOCsH2TyAdAudvcUxrZYCRu8FJjwsG55QQRuECcF%2F4R6G0zXhsdKPm3JwWWhZhu4AB03blBL2PGfKAX2aOANw7cA%2BVPceZN%2F4VZHHRVTDdXCG4ETQBMJ0VlGw6WD6hZbjasueoI05wqua3Yh5oLWW%2Fjpc0%2BgZRIfSvFHhSHDeBHvFKjZjKRMHMwfx0SKCNt%2FiX%2FZQS5pSMeY2M7Bau%2FZlCXfBQZRkDQhJQWs6IU9MOriQXkVpjf6WcajIYQs9xzy2MYW9QDtUWoPlSx3tVjWIOh%2FZrG%2B5bUgqkinhkcf0SneywYW%2B4XthJ8uKkuZczFSvL1FYaGizOl0OgoSuo%2FsIHk%2FkgpJ4OIXAIIHrmc0SUm3yqOX60yXfJg%2B7R8VZJ%2FelsquRL2mB7HrRvUex5ybrutf1jd5VpVKfAnjyFSxH0bcXSDwvrnq34SzOlqSdPc%2FeGBXFkuEhNT%2ByPHniKSiYjFX07MVNa1Db11Y2NdN7qldHjXSGcoeP390%2FPD4oZ25vbyevv3ciARkS6q5bla0QyzA2E7lmYqGY4jBEN%2FJTPTAcWsuHsm%2F5ThxoB%2BN3WqxgGyuUpI4jsOAIDBj7WB0HnAoN85RrlLZvahGf0aIxWj0cpQREN5KEFiaX49aVfrtiBP6%2FLNLP5w3L1RJMLY%2FqSkBFKoXN5qTbdx13t92%2BMb1puNv%2BPnX8rT1943vX0%2B3vbzwH19xr1%2Bp0SzXMhEFwCRyqOQJnn77AeGkY7vNWR%2FOkW2WhCd3lh9bklfliYhvQ1pZjmPj1%2FQlAVRd7mdoWw7CXHBBM66Wo4ipT%2BUYmLMtGtDUatp6kjsva3jStRoW5a1haaxxyuhFIT%2Bkiz4aS9yGxuzFwbcdqTV9zAjJUqhrEkUqSV%2Bux5HJD1zyZIpsJg0AFVzRFswC3osdh1h6ZJz3bat2uSidrSIBCirBEzUyckW4iTP66eXw3%2FXxzvbs%2FGydt9zLOiAHnC0vFYDIdCbsX7BvLgZZEQk6bu1ZUHZgPXxgk993jQw8s3E%2F2Kp68WD%2FTet%2FydZdR61rD0aejJdK3mwG2YVpIOFdNWfjuOYh8Px0CJ9BZpSrg2PpRVwko%2BUJhmr31%2BxriGTQSScYG8NDXU7w%2Bgyg5iyC04ErMR0s6wsOobH2MUZU0audCzIc%2Fq34SNwzajMwYrWjWs%2FvSvOzpUkgwsKyWiF5W6IFjtpFo%2B12x821iui74%2B9Xk4eHDTwqoTcvp5z%2Bnu%2Bubu%2Ftd%2B%2FvlHw%2F3d5Mu14SeYTrnqdNQe5uC0MDQW3UkiuEiRHcz9YS%2BbyBxXUJYQarBBVW7geEwIIuQDYdCVicEJeEkq9TRRyPSap6eNCSRDI7Lptqfnt6KEmpcHaJECwo%2FHkx7RnKordmtVdBpKob7EwR9Vj222jLb1GrOdbQ2wYZmg0oPC63AOXblH1%2BsVWpPqjSnfhj60xRdd3%2Bgg7skJmXT3LMCtdYl%2FQ9270DECMzjmZeuGLFAbutzTH2qWJKcpj94xgF0MzCOhzVKq2MIU22FK73NMVesiBqkVDRLdb414gnHDYK%2Bseena6dCp2YjaaUGzeNxkjpBEatnzA7qKMk2j8dYLD8ZdmJSLdD3sMWzefW3%2B7vHj%2Fe3PSM8T%2F%2BrYtxN%2Bxd1UR9ve8QD0jRGSVf1%2BI4i6pEXBo4nrVLT4WHEGzRGJZnjd4BIXiDHuOR12pRA%2B38nlpXqGFKlmwpgSniiYlqNoQeasPFovOyP4bhvBZbZi11z6eSMZFGTNWXSCqRA2qdgk7GXuvvD7ibNusMuMhIbWfQsOQuS7Tqdwj6CHAAOBw%2FtsaAW7wVMpF0TXcMwfhg8I1cH0d7G4Ok2fMRToqBaEI5cVDFLJFenKsP%2BgkowuwPzjFTUc%2FTQZI1423M1jVxcTcjsOQhenzm6EqtqJzWelU82yvNtmbYmpGagUpGvihq1Bb1Ex%2FjD9PfqTKAdbrSybfc01ocgE3UX07JWma3E%2BogbTNu1L7zz2cpAvTm8ALBmcTKirNTa4KgITiStPr%2BJ8ImCLzgDNY0e1AHN3Z9OVmKT0qRGOJUh0DtlwUfXNwHwL%2BzlRxqc%2Bn%2BP31Ul6vAnrob%2FtYN6CLUwbNreBdJyAtfoNxx16fvr7%2F8DFx42AA%3D%3D&pcode-icookie=VSBqxrwcvHfaaSXQFWPuBgSoWDZBLJCJysIW0y98XF5sIJ1PMduHMg5e2qK8GXR1Ao5miR6XZKQmpS3FkuFGnYxDDzs%3D&imp-id=3&ecma-version=es2017&charset=utf-8&skip-token=yabs.NzIwNTc2MTA1MzQ5NTgyNjcKNzIwNTc2MTA0NjkwNjk1NzAKNzIwNTc2MTA0ODU3NTU2MjY%3D&test-tag=273778395316226&tga-with-creatives=1&top-ancestor=https%3A%2F%2Fgoo.su&top-ancestor-undetermined=0&layout-config=%7B%22win_width%22%3A1600%2C%22win_height%22%3A1200%2C%22pixel_ratio%22%3A1%2C%22bandwidth%22%3A10%2C%22isInIframe%22%3Afalse%2C%22w%22%3A4000%2C%22h%22%3A1200%2C%22width%22%3A379%2C%22height%22%3A0%2C%22visible%22%3A0%2C%22fullscreenHeaderHeight%22%3A80%2C%22left%22%3A1811%2C%22top%22%3A326%2C%22ad_no%22%3A3%2C%22safeArea%22%3A%7B%22top%22%3A0%2C%22bottom%22%3A0%2C%22left%22%3A0%2C%22right%22%3A0%7D%2C%22req_no%22%3A1%7D&grab-orig-len=448&grab=eyJncmFiX3ZlcnNpb24iOjJ9CmKttLE8z-sjCOtpKMe-UidGIY3xyIbaqQysE2mJ-LpjXKhX77666gv10MgdxhZ4_9TJAcMwh5lh0uxoWrXZX5zaYo7W1yPL8Ad2RBlOhlkGaqmUefhTVqMc-JEOv1TSQR9BIhBPaZ64aubHMo1iPmc4n1w1azHrxpiubsQ3ImcMT_hlPhVBV50E_O6Jgdm6Q63NyfTpWiUlzjA7u5vOjE-LnW0Vl9mRUabNm2Pt82ortSWtGNhLepWe3e-hdVQ-kq77icFvXjhveQnFO_W2X1jNsp7W3c386tT0lIP7rj5rshiW1e3PiHYcwjkug0AnIErynaL_xc6YbFo2jFdX62XAQ4umxMzBGrfyAQ7Bvu_PI-8HchUEGfYgdkM5EmoYBtQDtoTuKXNFzcXGBsKBcItOOdHix31ESPQkEAr6&uniformat=true&callback=Ya%5B6417925197859%5D

Requested by

Host: an.yandex.ru
URL: https://an.yandex.ru/system/context.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:6b8:a::a Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

03a5101a2f209f02c7524d6d6d2564a1a1c07b7196548a32a17d2dd5faa2fe59

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; default-src 'none'; base-uri 'none'; script-src 'report-sample' 'unsafe-inline' 'self' yandex.ru an.yandex.ru api-maps.yandex.ru mc.yandex.ru yastatic.net pcode.yads.tech .maps.yandex.net; style-src 'unsafe-inline' yastatic.net; img-src 'self' data: avatars.mds.yandex.net favicon.yandex.net .captcha.yandex.net yastatic.net .maps.yandex.net .yandex.ru avatars.yads.tech; media-src blob: strm.yandex.ru *.strm.yandex.net; font-src yastatic.net; connect-src 'self' blob: abs.yandex.ru an.yandex.ru yandex.ru mc.yandex.ru yastatic.net log.strm.yandex.ru display.yads.tech display-logs.yads.tech; frame-src yandexadexchange.net yandex.ru an.yandex.ru; report-uri https://csp.yandex.net/csp?from=yabs&project=yabs&yandex_login=&platform=
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type: application/x-www-form-urlencoded
Referer: https://goo.su/

Response headers

x-yandex-req-id: 1727527270704313-12289192332920825999-balancer-l7leveler-kubr-yp-vla-50-BAL
content-encoding: gzip
report-to: { "group": "network-errors", "max_age": 100, "endpoints": [{"url": "https://dr.yandex.net/nel", "priority": 1}, {"url": "https://dr2.yandex.net/nel", "priority": 2}]}
x-content-type-options: nosniff
expires: Sat, 28 Sep 2024 12:41:10 GMT
uniformat: true
date: Sat, 28 Sep 2024 12:41:10 GMT
content-type: application/json
last-modified: Sat, 28 Sep 2024 12:41:10 GMT
content-security-policy: upgrade-insecure-requests; default-src 'none'; base-uri 'none'; script-src 'report-sample' 'unsafe-inline' 'self' yandex.ru an.yandex.ru api-maps.yandex.ru mc.yandex.ru yastatic.net pcode.yads.tech *.maps.yandex.net; style-src 'unsafe-inline' yastatic.net; img-src 'self' data: avatars.mds.yandex.net favicon.yandex.net *.captcha.yandex.net yastatic.net *.maps.yandex.net *.yandex.ru avatars.yads.tech; media-src blob: strm.yandex.ru *.strm.yandex.net; font-src yastatic.net; connect-src 'self' blob: abs.yandex.ru an.yandex.ru yandex.ru mc.yandex.ru yastatic.net log.strm.yandex.ru display.yads.tech display-logs.yads.tech; frame-src yandexadexchange.net yandex.ru an.yandex.ru; report-uri https://csp.yandex.net/csp?from=yabs&project=yabs&yandex_login=&platform=
nel: {"report_to": "network-errors", "max_age": 100, "success_fraction": 0.001, "failure_fraction": 0.1}
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin: *
accept-ch: Sec-CH-UA-Platform-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Platform, Sec-CH-UA-Full-Version, Viewport-Width, DPR, Device-Memory, RTT, Downlink, ECT, Width
pragma: no-cache
access-control-allow-credentials: true
access-control-allow-origin: https://goo.su
uniformat-product-type: Direct
x-xss-protection: 1; mode=block

GET
H2 200 render.html
yastatic.net/safeframe-bundles/0.83/1-1-0/ Frame BDC9 0
0 769ms
273ms Document
text/html 2a02:6b8:20::215
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://yastatic.net/safeframe-bundles/0.83/1-1-0/render.html

Requested by

Host: yastatic.net
URL: https://yastatic.net/safeframe-bundles/0.83/host.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:20::215 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

Referer: https://goo.su/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
access-control-allow-origin: *
cache-control: public, max-age=946708560
content-encoding: br
content-length: 6262
content-type: text/html
date: Sat, 28 Sep 2024 12:41:11 GMT
etag: "eb77de48712912aadc9aa8171ac75ede"
expires: Mon, 28 Sep 2054 19:14:58 GMT
last-modified: Wed, 03 Nov 2021 13:42:58 GMT
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
server: nginx/1.17.9
strict-transport-security: max-age=43200000; includeSubDomains;
timing-allow-origin: *
vary: Accept-Encoding
x-robots-tag: noindex, noarchive, nofollow

GET watch.js
mc.yandex.ru/metrika/ 0
0

POST
H2 200 1Kx-0xJs0Kq200000000U9nJJ3vfebLToTXWM65cwT30aU1lcVhpUne347Z2H4BR2y-AnNBDa6H8PGIAPrQORRG0YPU2UBLNWKGhOoUGdCd8nGKIOc1OoEXt0CnWMCbusG72silu8OU3uIYOVvQH6IXobH6a-YuZWmm3mr_6MKmC37EPG29BcHQmCZ2iPOe2iiyo_...
yandex.ru/an/rtbcount/ 43 B
984 B 296ms
295ms Ping
image/gif 2a02:6b8:a::a
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://yandex.ru/an/rtbcount/1Kx-0xJs0Kq200000000U9nJJ3vfebLToTXWM65cwT30aU1lcVhpUne347Z2H4BR2y-AnNBDa6H8PGIAPrQORRG0YPU2UBLNWKGhOoUGdCd8nGKIOc1OoEXt0CnWMCbusG72silu8OU3uIYOVvQH6IXobH6a-YuZWmm3mr_6MKmC37EPG29BcHQmCZ2iPOe2iiyo_GU2Lqm29e5X7olC61dEEjjwwYgpCVnb0XdHoWnKoT3Bp0yafpA3DCzbPW9P2vHK05kxaNdgHNVhP847nIUPONwz2bPv5qp-P7PmueSuccNkgpDWrWgMhYaiErYO3h3yXm76comGRtomVyYoMVnhEjlag_PlMK2UMS3AUP8rNqOGB7sJ5MR9LrQGlWws1fO9R8ydNRwuQVszXWR66MnN3WSlOBjzw_BIpg_hhlnZNCa6C-q0cyS9DkP7RBo1nXvMNkKffJwcaQNcFzbWzavarzn_NBP7_QtzB7PsGqCZ4mjJWmtiZ3lOcK-mYpzWNxxqmhzl-tVigF_1pjF14Ro00-Y75Hpd6fWtS5nkPDp1mNYB0oCGdt8mC3JOztA2l36L4nIW2pWRc5TmRcFSmCbzWfFv0YVZ2qx63voCFpWP5t013Vp8LLptUkPramiEZTmWx-tdVE7GoGrotu857nm0wxQy4000?pcode-active-testids=1121754%2C0%2C31

Requested by

Host: yastatic.net
URL: https://yastatic.net/partner-code-bundles/1124850/e4f45f04bfd7fea3737f.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:6b8:a::a Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; default-src 'none'; base-uri 'none'; script-src 'report-sample' 'unsafe-inline' 'self' yandex.ru an.yandex.ru api-maps.yandex.ru mc.yandex.ru yastatic.net pcode.yads.tech .maps.yandex.net; style-src 'unsafe-inline' yastatic.net; img-src 'self' data: avatars.mds.yandex.net favicon.yandex.net .captcha.yandex.net yastatic.net .maps.yandex.net .yandex.ru avatars.yads.tech; media-src blob: strm.yandex.ru *.strm.yandex.net; font-src yastatic.net; connect-src 'self' blob: abs.yandex.ru an.yandex.ru yandex.ru mc.yandex.ru yastatic.net log.strm.yandex.ru display.yads.tech display-logs.yads.tech; frame-src yandexadexchange.net yandex.ru an.yandex.ru; report-uri https://csp.yandex.net/csp?from=yabs&project=yabs&yandex_login=&platform=
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://goo.su/

Response headers

x-yandex-req-id: 1727527270786898-10751151524733645427-balancer-l7leveler-kubr-yp-vla-50-BAL
content-encoding: gzip
report-to: { "group": "network-errors", "max_age": 100, "endpoints": [{"url": "https://dr.yandex.net/nel", "priority": 1}, {"url": "https://dr2.yandex.net/nel", "priority": 2}]}
x-content-type-options: nosniff
expires: Sat, 28 Sep 2024 12:41:10 GMT
date: Sat, 28 Sep 2024 12:41:10 GMT
content-type: image/gif
last-modified: Sat, 28 Sep 2024 12:41:10 GMT
content-security-policy: upgrade-insecure-requests; default-src 'none'; base-uri 'none'; script-src 'report-sample' 'unsafe-inline' 'self' yandex.ru an.yandex.ru api-maps.yandex.ru mc.yandex.ru yastatic.net pcode.yads.tech *.maps.yandex.net; style-src 'unsafe-inline' yastatic.net; img-src 'self' data: avatars.mds.yandex.net favicon.yandex.net *.captcha.yandex.net yastatic.net *.maps.yandex.net *.yandex.ru avatars.yads.tech; media-src blob: strm.yandex.ru *.strm.yandex.net; font-src yastatic.net; connect-src 'self' blob: abs.yandex.ru an.yandex.ru yandex.ru mc.yandex.ru yastatic.net log.strm.yandex.ru display.yads.tech display-logs.yads.tech; frame-src yandexadexchange.net yandex.ru an.yandex.ru; report-uri https://csp.yandex.net/csp?from=yabs&project=yabs&yandex_login=&platform=
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
nel: {"report_to": "network-errors", "max_age": 100, "success_fraction": 0.001, "failure_fraction": 0.1}
timing-allow-origin: *
pragma: no-cache
accept-ch: Sec-CH-UA-Platform-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Platform, Sec-CH-UA-Full-Version, Viewport-Width, DPR, Device-Memory, RTT, Downlink, ECT, Width
access-control-allow-credentials: true
access-control-allow-origin: https://goo.su
x-xss-protection: 1; mode=block

OPTIONS
H2 200 event_confirmation
an.yandex.ru/ Frame 0
0 772ms
320ms Preflight 2a02:6b8::90
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://an.yandex.ru/event_confirmation

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::90 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://goo.su
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://goo.su
access-control-max-age: 1728000
content-encoding: gzip
date: Sat, 28 Sep 2024 12:41:11 GMT
strict-transport-security: max-age=31536000
timing-allow-origin: *
x-xss-protection: 1; mode=block

POST
H2 200 event_confirmation Show response
an.yandex.ru/ 0
50 B 325ms
324ms XHR
text/plain 2a02:6b8::90
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://an.yandex.ru/event_confirmation

Requested by

Host: an.yandex.ru
URL: https://an.yandex.ru/system/context.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::90 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type: application/json
Referer: https://goo.su/

Response headers

strict-transport-security: max-age=31536000
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin: *
content-encoding: gzip
pragma: no-cache
access-control-allow-credentials: true
expires: Sat, 28 Sep 2024 12:41:11 GMT
access-control-allow-origin: https://goo.su
x-xss-protection: 1; mode=block
date: Sat, 28 Sep 2024 12:41:11 GMT
last-modified: Sat, 28 Sep 2024 12:41:11 GMT

OPTIONS
H2 200 event_confirmation
an.yandex.ru/ Frame 0
0 321ms
320ms Preflight 2a02:6b8::90
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://an.yandex.ru/event_confirmation

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::90 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://goo.su
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://goo.su
access-control-max-age: 1728000
content-encoding: gzip
date: Sat, 28 Sep 2024 12:41:11 GMT
strict-transport-security: max-age=31536000
timing-allow-origin: *
x-xss-protection: 1; mode=block

POST
H2 200 event_confirmation
an.yandex.ru/ 0
50 B 325ms
322ms XHR
text/plain 2a02:6b8::90
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://an.yandex.ru/event_confirmation

Requested by

Host: an.yandex.ru
URL: https://an.yandex.ru/system/context.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::90 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type: application/json
Referer: https://goo.su/

Response headers

strict-transport-security: max-age=31536000
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin: *
content-encoding: gzip
pragma: no-cache
access-control-allow-credentials: true
expires: Sat, 28 Sep 2024 12:41:11 GMT
access-control-allow-origin: https://goo.su
date: Sat, 28 Sep 2024 12:41:11 GMT
x-xss-protection: 1; mode=block
last-modified: Sat, 28 Sep 2024 12:41:11 GMT

GET
H/1.1 200
Ok joinexcellence.ru
favicon.yandex.net/favicon/ 8 KB
9 KB 542ms
330ms Image
image/png 2a02:6b8::36
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://favicon.yandex.net/favicon/joinexcellence.ru?size=120&stub=2

Requested by

Host: goo.su
URL: https://goo.su/XgkQ

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:6b8::36 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

96eea218543d77b2eefa97aac4255a9433480915553fb6eed3fe8806506fb006

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://goo.su/

Response headers

Transfer-Encoding: chunked
X-Yandex-Req-Id: 1727527271571417-41646982013549594400262-production-app-host-klg-favicon-7.klg.yp-c.yandex.net
Cache-Control: max-age=691200
access-control-allow-origin: *
X-XSS-Protection: 1; mode=block
Content-Type: image/png
X-Content-Type-Options: nosniff

GET big
avatars.mds.yandex.net/get-yabs_performance/10092782/hatfd7daa27733e99c84f6d3c0e9246541b/ 0
0

GET big
avatars.mds.yandex.net/get-yabs_performance/10231750/hat8293c8b625a5c1d132908a6b9b6a2d87/ 0
0

GET big
avatars.mds.yandex.net/get-yabs_performance/13599385/hatc0e1597fdd018b8967787d983860279c/ 0
0

GET big
avatars.mds.yandex.net/get-yabs_performance/14161267/hatd031acd4b61e3d19ca9baa668472c2bc/ 0
0

GET
H2 200 1677322
yandex.ru/ads/meta/ 74 KB
0 491ms
490ms XHR
application/json 2a02:6b8:a::a
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://yandex.ru/ads/meta/1677322?target-ref=https%3A%2F%2Fgoo.su%2FXgkQ&pcode-version=1124850&pcodever=1124850&comboblock-unencoded-vast=1&ad-session-id=8349691727527268757&target-id=38151720&pcode-test-ids=1114588%2C0%2C20%3B1108910%2C0%2C62%3B1124316%2C0%2C57%3B1106679%2C0%2C66%3B1094980%2C0%2C24%3B1095100%2C0%2C25%3B1112047%2C0%2C94%3B1112882%2C0%2C38%3B1122821%2C0%2C95%3B1112582%2C0%2C48%3B1035458%2C0%2C15%3B1122619%2C0%2C70%3B1116503%2C0%2C39%3B1116506%2C0%2C0%3B1121388%2C0%2C61%3B1121754%2C0%2C31%3B1110876%2C0%2C11%3B1111353%2C0%2C50%3B1110879%2C0%2C21%3B1110884%2C0%2C44%3B1085920%2C0%2C47%3B1121757%2C0%2C5%3B1110867%2C0%2C23%3B1122925%2C0%2C37%3B1124850%2C0%2C24&pcode-flags-map=eJy1WVlz2zYX%2FS96jlLuS94gEqIw4lYQlKx2MhilVhO3jp2JnTRNJv%2F9OyChhZRMOv1av0giicOLu5x7LvxtErOKzFIqo6LOheQ0ZpxGQrKclOXk1a%2FfJp%2B3t592k1cTwWs6eTF53D08smv89i3DcazJ99cvJitSybqiMqtTwXiRpkDLhfpCuVwTES1oLAXLqCzm84qKYVzbMnz%2FgMup4BtZ5DKnYl3wpaScF3wYwfUcP2wQ1EuLWsiS08auo4UrFtNC6vsdONPAXwcvtEPfGMGb1fM5dkuzUmxkyjLWB%2F1hxFVJWPzvWziv8f2fouYIxL9t6ROY%2F1d8LmP%2Bdx74p9FXGZ5wMpMpzROx6CxCfQWnywIjMHznsKxaFHUaq4%2B1JJFgsGtWC4EPBgtJtMSdrhW7Lx9O8UzDdgL3CEijIpORIFgfcUpQzxqvYr%2FQDtDt2y6O6%2FrBkQlo3hBKWmBH9GrEBM%2FxPK9ZqghkQySvZVxkBHuYF1ySGATwc00rUQ2WPIACzwgONmiIIk83yh3Y1bAZfmAGp5yTFStsnyXYRSJjopwiaFYNgwSeFR7DWpKqUpmCvGj8ga0oR0pRyFVGyhGoILBat3BkVR4VMQCykvKK5LHaEd4g2hqJUoZYD8OFgW24x8yp%2BYpuQKhr2FcknMLQGeEjEK7reOe5QuJ47%2BwqhTkjIKFxAjJnVw1GSgnPZVbw4dUmQuTZx12Ixq0r%2BAS53y030wxd2%2B2uthzTb33QlO2M5Dkqts7ZnFHlUkH5nESDJrhhYOnWpLJ1tmwiWjWZ2vKVyrUimxVDKJ4fOoa%2FD66KAnpcDQ%2BQOWyQTTylWPCiThbDfc40Daftc1VGuJAolJpKelXKWQoCABFVnfL7dfJ%2Be3P78uMnoPy9vbvefcH3n27eb9%2FuHjqX3m7fN1euv%2B7u2se3n28e79uv71%2Be%2FLi%2Bu9FXFfIBARc%2Bbr%2Fe3n99p29%2F%2Fdh%2Bfvq4fXm3%2B%2Bvh7IE%2Ftvfvb%2FTS%2Bz%2FV5%2BvOVl24vt0qFTKmc4IgosYSKvM6m9HB7PVd09aEu0HdEMEiOaeI%2Biwt4Cb0rvUC9X3BX3zKppYTmuDiqQnI099W77fd%2B%2B00v8nUctFXfEuvJ1M3CBzPnCJJ9xc8bM9XL3jdofvQM9timVfgoaJUBTO0zcC1bbMtkBx7BIOhL9QkVfmZEaFElNJl4GSZ0bwehnJCq%2FWYStCkFLKKOCsH2TyAdAudvcUxrZYCRu8FJjwsG55QQRuECcF%2F4R6G0zXhsdKPm3JwWWhZhu4AB03blBL2PGfKAX2aOANw7cA%2BVPceZN%2F4VZHHRVTDdXCG4ETQBMJ0VlGw6WD6hZbjasueoI05wqua3Yh5oLWW%2Fjpc0%2BgZRIfSvFHhSHDeBHvFKjZjKRMHMwfx0SKCNt%2FiX%2FZQS5pSMeY2M7Bau%2FZlCXfBQZRkDQhJQWs6IU9MOriQXkVpjf6WcajIYQs9xzy2MYW9QDtUWoPlSx3tVjWIOh%2FZrG%2B5bUgqkinhkcf0SneywYW%2B4XthJ8uKkuZczFSvL1FYaGizOl0OgoSuo%2FsIHk%2FkgpJ4OIXAIIHrmc0SUm3yqOX60yXfJg%2B7R8VZJ%2FelsquRL2mB7HrRvUex5ybrutf1jd5VpVKfAnjyFSxH0bcXSDwvrnq34SzOlqSdPc%2FeGBXFkuEhNT%2ByPHniKSiYjFX07MVNa1Db11Y2NdN7qldHjXSGcoeP390%2FPD4oZ25vbyevv3ciARkS6q5bla0QyzA2E7lmYqGY4jBEN%2FJTPTAcWsuHsm%2F5ThxoB%2BN3WqxgGyuUpI4jsOAIDBj7WB0HnAoN85RrlLZvahGf0aIxWj0cpQREN5KEFiaX49aVfrtiBP6%2FLNLP5w3L1RJMLY%2FqSkBFKoXN5qTbdx13t92%2BMb1puNv%2BPnX8rT1943vX0%2B3vbzwH19xr1%2Bp0SzXMhEFwCRyqOQJnn77AeGkY7vNWR%2FOkW2WhCd3lh9bklfliYhvQ1pZjmPj1%2FQlAVRd7mdoWw7CXHBBM66Wo4ipT%2BUYmLMtGtDUatp6kjsva3jStRoW5a1haaxxyuhFIT%2Bkiz4aS9yGxuzFwbcdqTV9zAjJUqhrEkUqSV%2Bux5HJD1zyZIpsJg0AFVzRFswC3osdh1h6ZJz3bat2uSidrSIBCirBEzUyckW4iTP66eXw3%2FXxzvbs%2FGydt9zLOiAHnC0vFYDIdCbsX7BvLgZZEQk6bu1ZUHZgPXxgk993jQw8s3E%2F2Kp68WD%2FTet%2FydZdR61rD0aejJdK3mwG2YVpIOFdNWfjuOYh8Px0CJ9BZpSrg2PpRVwko%2BUJhmr31%2BxriGTQSScYG8NDXU7w%2Bgyg5iyC04ErMR0s6wsOobH2MUZU0audCzIc%2Fq34SNwzajMwYrWjWs%2FvSvOzpUkgwsKyWiF5W6IFjtpFo%2B12x821iui74%2B9Xk4eHDTwqoTcvp5z%2Bnu%2Bubu%2Ftd%2B%2FvlHw%2F3d5Mu14SeYTrnqdNQe5uC0MDQW3UkiuEiRHcz9YS%2BbyBxXUJYQarBBVW7geEwIIuQDYdCVicEJeEkq9TRRyPSap6eNCSRDI7Lptqfnt6KEmpcHaJECwo%2FHkx7RnKordmtVdBpKob7EwR9Vj222jLb1GrOdbQ2wYZmg0oPC63AOXblH1%2BsVWpPqjSnfhj60xRdd3%2Bgg7skJmXT3LMCtdYl%2FQ9270DECMzjmZeuGLFAbutzTH2qWJKcpj94xgF0MzCOhzVKq2MIU22FK73NMVesiBqkVDRLdb414gnHDYK%2Bseena6dCp2YjaaUGzeNxkjpBEatnzA7qKMk2j8dYLD8ZdmJSLdD3sMWzefW3%2B7vHj%2Fe3PSM8T%2F%2BrYtxN%2Bxd1UR9ve8QD0jRGSVf1%2BI4i6pEXBo4nrVLT4WHEGzRGJZnjd4BIXiDHuOR12pRA%2B38nlpXqGFKlmwpgSniiYlqNoQeasPFovOyP4bhvBZbZi11z6eSMZFGTNWXSCqRA2qdgk7GXuvvD7ibNusMuMhIbWfQsOQuS7Tqdwj6CHAAOBw%2FtsaAW7wVMpF0TXcMwfhg8I1cH0d7G4Ok2fMRToqBaEI5cVDFLJFenKsP%2BgkowuwPzjFTUc%2FTQZI1423M1jVxcTcjsOQhenzm6EqtqJzWelU82yvNtmbYmpGagUpGvihq1Bb1Ex%2FjD9PfqTKAdbrSybfc01ocgE3UX07JWma3E%2BogbTNu1L7zz2cpAvTm8ALBmcTKirNTa4KgITiStPr%2BJ8ImCLzgDNY0e1AHN3Z9OVmKT0qRGOJUh0DtlwUfXNwHwL%2BzlRxqc%2Bn%2BP31Ul6vAnrob%2FtYN6CLUwbNreBdJyAtfoNxx16fvr7%2F8DFx42AA%3D%3D&pcode-icookie=VSBqxrwcvHfaaSXQFWPuBgSoWDZBLJCJysIW0y98XF5sIJ1PMduHMg5e2qK8GXR1Ao5miR6XZKQmpS3FkuFGnYxDDzs%3D&imp-id=4&ecma-version=es2017&charset=utf-8&skip-token=yabs.NzIwNTc2MTA1MzQ5NTgyNjcKNzIwNTc2MTA0NjkwNjk1NzAKNzIwNTc2MTA0ODU3NTU2MjYKMTg1MjgwMzQyMzg5NzU5ODQ0NAoxODUyODAzODIwMTA3ODMxMzc2CjE4NTI4MDM5Mjg1NTU5MDI0NDEKMTg1MjgwNDMwOTczNDIwMzUyMw%3D%3D&test-tag=273778395316226&tga-with-creatives=1&top-ancestor=https%3A%2F%2Fgoo.su&top-ancestor-undetermined=0&layout-config=%7B%22win_width%22%3A1600%2C%22win_height%22%3A1200%2C%22pixel_ratio%22%3A1%2C%22bandwidth%22%3A10%2C%22isInIframe%22%3Afalse%2C%22w%22%3A4000%2C%22h%22%3A1200%2C%22width%22%3A4000%2C%22height%22%3A0%2C%22visible%22%3A0%2C%22fullscreenHeaderHeight%22%3A80%2C%22left%22%3A0%2C%22top%22%3A426%2C%22ad_no%22%3A4%2C%22safeArea%22%3A%7B%22top%22%3A0%2C%22bottom%22%3A0%2C%22left%22%3A0%2C%22right%22%3A0%7D%2C%22req_no%22%3A2%7D&grab-orig-len=448&grab=eyJncmFiX3ZlcnNpb24iOjJ9CmKttLE8z-sjCOtpKMe-UidGIY3xyIbaqQysE2mJ-LpjXKhX77666gv10MgdxhZ4_9TJAcMwh5lh0uxoWrXZX5zaYo7W1yPL8Ad2RBlOhlkGaqmUefhTVqMc-JEOv1TSQR9BIhBPaZ64aubHMo1iPmc4n1w1azHrxpiubsQ3ImcMT_hlPhVBV50E_O6Jgdm6Q63NyfTpWiUlzjA7u5vOjE-LnW0Vl9mRUabNm2Pt82ortSWtGNhLepWe3e-hdVQ-kq77icFvXjhveQnFO_W2X1jNsp7W3c386tT0lIP7rj5rshiW1e3PiHYcwjkug0AnIErynaL_xc6YbFo2jFdX62XAQ4umxMzBGrfyAQ7Bvu_PI-8HchUEGfYgdkM5EmoYBtQDtoTuKXNFzcXGBsKBcItOOdHix31ESPQkEAr6&uniformat=true&callback=Ya%5B5068246745605%5D

Requested by

Host: an.yandex.ru
URL: https://an.yandex.ru/system/context.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:6b8:a::a Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; default-src 'none'; base-uri 'none'; script-src 'report-sample' 'unsafe-inline' 'self' yandex.ru an.yandex.ru api-maps.yandex.ru mc.yandex.ru yastatic.net pcode.yads.tech .maps.yandex.net; style-src 'unsafe-inline' yastatic.net; img-src 'self' data: avatars.mds.yandex.net favicon.yandex.net .captcha.yandex.net yastatic.net .maps.yandex.net .yandex.ru avatars.yads.tech; media-src blob: strm.yandex.ru *.strm.yandex.net; font-src yastatic.net; connect-src 'self' blob: abs.yandex.ru an.yandex.ru yandex.ru mc.yandex.ru yastatic.net log.strm.yandex.ru display.yads.tech display-logs.yads.tech; frame-src yandexadexchange.net yandex.ru an.yandex.ru; report-uri https://csp.yandex.net/csp?from=yabs&project=yabs&yandex_login=&platform=
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type: application/x-www-form-urlencoded
Referer: https://goo.su/

Response headers

x-yandex-req-id: 1727527271364358-15853432339554752976-balancer-l7leveler-kubr-yp-vla-50-BAL
content-encoding: gzip
report-to: { "group": "network-errors", "max_age": 100, "endpoints": [{"url": "https://dr.yandex.net/nel", "priority": 1}, {"url": "https://dr2.yandex.net/nel", "priority": 2}]}
x-content-type-options: nosniff
expires: Sat, 28 Sep 2024 12:41:11 GMT
uniformat: true
date: Sat, 28 Sep 2024 12:41:11 GMT
last-modified: Sat, 28 Sep 2024 12:41:11 GMT
content-type: application/json
content-security-policy: upgrade-insecure-requests; default-src 'none'; base-uri 'none'; script-src 'report-sample' 'unsafe-inline' 'self' yandex.ru an.yandex.ru api-maps.yandex.ru mc.yandex.ru yastatic.net pcode.yads.tech *.maps.yandex.net; style-src 'unsafe-inline' yastatic.net; img-src 'self' data: avatars.mds.yandex.net favicon.yandex.net *.captcha.yandex.net yastatic.net *.maps.yandex.net *.yandex.ru avatars.yads.tech; media-src blob: strm.yandex.ru *.strm.yandex.net; font-src yastatic.net; connect-src 'self' blob: abs.yandex.ru an.yandex.ru yandex.ru mc.yandex.ru yastatic.net log.strm.yandex.ru display.yads.tech display-logs.yads.tech; frame-src yandexadexchange.net yandex.ru an.yandex.ru; report-uri https://csp.yandex.net/csp?from=yabs&project=yabs&yandex_login=&platform=
nel: {"report_to": "network-errors", "max_age": 100, "success_fraction": 0.001, "failure_fraction": 0.1}
timing-allow-origin: *
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
pragma: no-cache
accept-ch: Sec-CH-UA-Platform-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Platform, Sec-CH-UA-Full-Version, Viewport-Width, DPR, Device-Memory, RTT, Downlink, ECT, Width
access-control-allow-credentials: true
access-control-allow-origin: https://goo.su
uniformat-product-type: Direct
x-xss-protection: 1; mode=block

POST
H2 200 1S41lw7s0Ky200000000U9nJJ3vfebLToTXWM676UVC4HuA_PThFxsaCGE094mcrV7W-E9PhXYH3AYDGFBF2xEjPa7WfCv1NUnL8j39s0icPZ7mM362ma5523y9QoTZ53s7jPTHDP6Ku2kQVPGHflSe8Ckuk8uCC8yDVnbbC30npcK0YPvd-0y4h9W7XWmNNAimO6...
yandex.ru/an/rtbcount/ 43 B
424 B 296ms
294ms Ping
image/gif 2a02:6b8:a::a
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://yandex.ru/an/rtbcount/1S41lw7s0Ky200000000U9nJJ3vfebLToTXWM676UVC4HuA_PThFxsaCGE094mcrV7W-E9PhXYH3AYDGFBF2xEjPa7WfCv1NUnL8j39s0icPZ7mM362ma5523y9QoTZ53s7jPTHDP6Ku2kQVPGHflSe8Ckuk8uCC8yDVnbbC30npcK0YPvd-0y4h9W7XWmNNAimO6HRa-tlgAhCn_6K2QMjbPWMIlSmWSwSoWpJCPMO2MGMKL01RjP5vwaLtwsI11yKdcM7-kmfMUHTC_cHsS8AuQY5BHcuwoBR_ArWMC-zWOJh0yXy666-oG5p-mVuXosRnh-biaw_QlsK1kNy1A-T9rdmPGR3q1TQ6XWQEcwmmcxwoWdHti3MmJ61xFEdonKthxpKqCCvWkt8uU07RxLkNbtP-NNVb7-DADfYP1zWyJh0nFsBZ3JJsiAhmJAdoCOqiDV_91hDz8hlc_kEoFUflxMUniniQ6fbOc1eiO6TSmSwuWTrn1plF2NRn1-mhh_sUyt5Pxt6Z7-my7Hp12pZw2bPmp8ZPmD4bluE3yHO7Hc0-vM1WQB3lvGJvPoedA60NS3Omh-3iPjh0oNs2a-K2fyCBJiOFd8m_E1axk3vidNcNUG5NNy57hiUUTbNjmkiT6hd1xkCvxj09OR6VSG00SD-y3G00?

Requested by

Host: yastatic.net
URL: https://yastatic.net/partner-code-bundles/1124850/e4f45f04bfd7fea3737f.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:6b8:a::a Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; default-src 'none'; base-uri 'none'; script-src 'report-sample' 'unsafe-inline' 'self' yandex.ru an.yandex.ru api-maps.yandex.ru mc.yandex.ru yastatic.net pcode.yads.tech .maps.yandex.net; style-src 'unsafe-inline' yastatic.net; img-src 'self' data: avatars.mds.yandex.net favicon.yandex.net .captcha.yandex.net yastatic.net .maps.yandex.net .yandex.ru avatars.yads.tech; media-src blob: strm.yandex.ru *.strm.yandex.net; font-src yastatic.net; connect-src 'self' blob: abs.yandex.ru an.yandex.ru yandex.ru mc.yandex.ru yastatic.net log.strm.yandex.ru display.yads.tech display-logs.yads.tech; frame-src yandexadexchange.net yandex.ru an.yandex.ru; report-uri https://csp.yandex.net/csp?from=yabs&project=yabs&yandex_login=&platform=
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://goo.su/

Response headers

x-yandex-req-id: 1727527271444853-16969949645170235355-balancer-l7leveler-kubr-yp-vla-50-BAL
content-encoding: gzip
report-to: { "group": "network-errors", "max_age": 100, "endpoints": [{"url": "https://dr.yandex.net/nel", "priority": 1}, {"url": "https://dr2.yandex.net/nel", "priority": 2}]}
x-content-type-options: nosniff
expires: Sat, 28 Sep 2024 12:41:11 GMT
date: Sat, 28 Sep 2024 12:41:11 GMT
last-modified: Sat, 28 Sep 2024 12:41:11 GMT
content-type: image/gif
content-security-policy: upgrade-insecure-requests; default-src 'none'; base-uri 'none'; script-src 'report-sample' 'unsafe-inline' 'self' yandex.ru an.yandex.ru api-maps.yandex.ru mc.yandex.ru yastatic.net pcode.yads.tech *.maps.yandex.net; style-src 'unsafe-inline' yastatic.net; img-src 'self' data: avatars.mds.yandex.net favicon.yandex.net *.captcha.yandex.net yastatic.net *.maps.yandex.net *.yandex.ru avatars.yads.tech; media-src blob: strm.yandex.ru *.strm.yandex.net; font-src yastatic.net; connect-src 'self' blob: abs.yandex.ru an.yandex.ru yandex.ru mc.yandex.ru yastatic.net log.strm.yandex.ru display.yads.tech display-logs.yads.tech; frame-src yandexadexchange.net yandex.ru an.yandex.ru; report-uri https://csp.yandex.net/csp?from=yabs&project=yabs&yandex_login=&platform=
nel: {"report_to": "network-errors", "max_age": 100, "success_fraction": 0.001, "failure_fraction": 0.1}
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin: *
pragma: no-cache
accept-ch: Sec-CH-UA-Platform-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Platform, Sec-CH-UA-Full-Version, Viewport-Width, DPR, Device-Memory, RTT, Downlink, ECT, Width
access-control-allow-credentials: true
access-control-allow-origin: https://goo.su
x-xss-protection: 1; mode=block

POST event_confirmation
an.yandex.ru/ 0
0

OPTIONS
H2 200 event_confirmation
an.yandex.ru/ Frame 0
0 323ms
322ms Preflight 2a02:6b8::90
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://an.yandex.ru/event_confirmation

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::90 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://goo.su
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://goo.su
access-control-max-age: 1728000
content-encoding: gzip
date: Sat, 28 Sep 2024 12:41:11 GMT
strict-transport-security: max-age=31536000
timing-allow-origin: *
x-xss-protection: 1; mode=block

GET /
0xq3zog9vuwhxct.xyz/ 0
0

POST /
kraken.rambler.ru/cnt/v2/ 0
0

GET
DATA 200
OK truncated
/ 3 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 04d05978fdb111358073ab0524e5c1fafc0826615c206987618416b8bd8a4747

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 5 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e4222715b556e7d99622c83e620d2f8e090047e56adb07923047f95828d561f2

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 155 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7808605ddd1f0eaa454aa444293d2f0260943e51e53838fca46506e6a69fe521

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: image/png

GET /
0xq3zog9vuwhxct.xyz/ 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/watch.js

Domain: avatars.mds.yandex.net
URL: https://avatars.mds.yandex.net/get-yabs_performance/10092782/hatfd7daa27733e99c84f6d3c0e9246541b/big

Domain: avatars.mds.yandex.net
URL: https://avatars.mds.yandex.net/get-yabs_performance/10231750/hat8293c8b625a5c1d132908a6b9b6a2d87/big

Domain: avatars.mds.yandex.net
URL: https://avatars.mds.yandex.net/get-yabs_performance/13599385/hatc0e1597fdd018b8967787d983860279c/big

Domain: avatars.mds.yandex.net
URL: https://avatars.mds.yandex.net/get-yabs_performance/14161267/hatd031acd4b61e3d19ca9baa668472c2bc/big

Domain: an.yandex.ru
URL: https://an.yandex.ru/event_confirmation

Domain: 0xq3zog9vuwhxct.xyz
URL: https://0xq3zog9vuwhxct.xyz/?e=kayn33335@gmail.com

Domain: kraken.rambler.ru
URL: https://kraken.rambler.ru/cnt/v2/

Domain: kraken.rambler.ru
URL: https://kraken.rambler.ru/cnt/v2/

Domain: 0xq3zog9vuwhxct.xyz
URL: https://0xq3zog9vuwhxct.xyz/?e=kayn33335@gmail.com

Verdicts & Comments Add Verdict or Comment

49 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

23 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
yastatic.net/safeframe-bundles/0.83/1-1-0	1970-01-21 00:00:45	Name: pcssspb Value: 1
goo.su/	1970-01-20 23:53:14	Name: XSRF-TOKEN Value: eyJpdiI6Iko4Ty9SWU55L2R5WXVpT3E0RnZpNGc9PSIsInZhbHVlIjoibis2ZVBtaTgvYUxtU21Zb1lZRi94SmJmRGtXcWc0Z1psUkFKNW5XZlVXZGdYd1doN0tQREs3SEZnV2lYT1Jremprblp3cVNHZ0tWVUJubm9CNEoxOEFkcDZ1ZWp5R3dKcm04TC9HTzBET1lXRXlhU2lJMW53OVVjaXViUGtsVWwiLCJtYWMiOiI2OGI4ZjA5MWRlYjE0ZjQ2OTlmZjY2YjE0NDU3NzYwYjQ5MDE5ZWJkZDFmZWVjMjUzYjU4ZGY5ZmU2ZjI2Zjk0IiwidGFnIjoiIn0%3D
goo.su/	1970-01-20 23:53:14	Name: goosu_session Value: eyJpdiI6IjBJUmhoMnZyQkoxWk1YcVd4Y0lyMUE9PSIsInZhbHVlIjoiZ1Ntd0FVWW5Ybjc4SjRnRVUrMjhkS3pOcVdTUnM0UGI3SXlxbVVLUU42RUdFRUU1MXlDN1NFajZZVzd6YWRveStKeFgwWXc1bFNkVDVVM2czMlpuSTBQdXNqTnJuRlkrYjUxYzkxM2lIZzZGb3Q3TDZOeE5KUUxWZVlVdVUxdmgiLCJtYWMiOiJhNTgzMWIxMDczMTZlOWEyNmQ5YjkyOWNmYTg5ZTY0NzNjYTI4NjAxOWYyMDA1NTE4M2I5NGY5Y2YzZjI0ODA4IiwidGFnIjoiIn0%3D
.yandex.ru/	1970-01-21 09:28:07	Name: i Value: crSJXizanPonJj6mLR/inQra9+FAnWu7RoXuSM9kpyYjHy+ZbAyrMrHhoBtLs5RbzfCZAWVhHEN2Ke9iizC1Gl5kXp0=
.yandex.ru/	1970-01-21 09:28:07	Name: yandexuid Value: 9223787081727527267
.yandex.ru/	1970-01-21 08:37:43	Name: yashr Value: 7879902821727527267
.yandex.ru/	1970-01-21 09:28:07	Name: bh Value: YOPy37cGahncyumIDvKst6UL+/rw5w3r//32D7WWzYcI
.yadro.ru/	1970-01-21 08:36:46	Name: FTID Value: 1cz_bZ3GyLOt1cz_bZ001DfP
.goo.su/	1970-01-21 07:51:38	Name: tmr_lvid Value: ff8e9f745d8710c90314d2b2703b587a
.goo.su/	1970-01-21 07:51:38	Name: tmr_lvidTS Value: 1727527268039
.yadro.ru/	1970-01-21 08:36:46	Name: VID Value: 2RoUGv1bZMet1cz_ba001V9I
.goo.su/	1970-01-21 08:37:43	Name: adtech_uid Value: b11e2fb7-427f-44d5-aacf-63c869e4bfde%3Agoo.su
.goo.su/	1970-01-21 08:37:43	Name: top100_id Value: t1.6673155.816405761.1727527268396
goo.su/	1970-01-21 00:02:12	Name: domain_sid Value: EqD34UkuL_t8LawrMwPiH%3A1727527269629
.yandex.ru/	1970-01-21 00:02:12	Name: yabs-vdrf Value: A0
.yandex.ru/	1970-01-21 08:37:43	Name: receive-cookie-deprecation Value: 1
goo.su/	1970-01-20 23:53:33	Name: tmr_detect Value: 0%7C1727527270361
.weborama.fr/	1970-01-21 09:18:02	Name: AFFICHE_W Value: GfZpsgZpHvgZ17
.mts.ru/	1970-01-21 09:28:07	Name: ma_last_sync Value: 1727527271537
.mts.ru/	1970-01-21 09:28:07	Name: ma_id Value: 4617833961727527271537
.goo.su/	1970-01-21 08:37:43	Name: t3_sid_6673155 Value: s1.1876517772.1727527268397.1727527271839.1.4
top-fwz1.mail.ru/	1970-01-21 08:39:09	Name: PVID Value: 0C88Sh1UD1oR00002N0l9KoR:::0-0-0-c125224-0-c125228:CAASEHKJ9SrtT796-izGQ2SVMgwaYPXWrd9NYjG2zU-OI_IO163naDFaZv46JpxfRl6ujCXiTtpy0k8BIM9h42VS_oM2wZAZhpj9ajlBkCj4sethk2zi_Y9fNkZgu8lQeaRS4H_gQc9kkOtfU8vkEQMtZkT4Sw
.mail.ru/	1970-01-21 08:39:09	Name: VID Value: 0C88Sh1UD1oR00002N0l9KoR:::0-0-0-c125224-0-c125228:CAASEHKJ9SrtT796-izGQ2SVMgwaYPXWrd9NYjG2zU-OI_IO163naDFaZv46JpxfRl6ujCXiTtpy0k8BIM9h42VS_oM2wZAZhpj9ajlBkCj4sethk2zi_Y9fNkZgu8lQeaRS4H_gQc9kkOtfU8vkEQMtZkT4Sw

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	info	URL: https://privacy-cs.mail.ru/static/sync-loader.js(Line 4) Message: WebGPU is experimental on this platform. See https://github.com/gpuweb/gpuweb/wiki/Implementation-Status#implementation-status
rendering	warning	URL: https://privacy-cs.mail.ru/static/sync-loader.js(Line 4) Message: Failed to create WebGPU Context Provider
other	warning	URL: https://privacy-cs.mail.ru/static/sync-loader.js(Line 4) Message: Failed to parse video contentType: video/ogg; codecs=theora

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

0xq3zog9vuwhxct.xyz
an.yandex.ru
avatars.mds.yandex.net
counter.yadro.ru
favicon.yandex.net
fonts.googleapis.com
fonts.gstatic.com
goo.su
kraken.rambler.ru
mc.yandex.ru
privacy-cs.mail.ru
st.top100.ru
top-fwz1.mail.ru
yandex.ru
yastatic.net
0xq3zog9vuwhxct.xyz
an.yandex.ru
avatars.mds.yandex.net
kraken.rambler.ru
mc.yandex.ru
172.217.161.67
172.67.139.105
2404:6800:4008:c04::5f
2606:4700:3036::ac43:8b69
2a00:1148:1000:101:8:3:0:17
2a02:6b8:20::215
2a02:6b8::184
2a02:6b8::36
2a02:6b8::90
2a02:6b8:a::a
81.19.89.17
88.212.201.198
91.240.171.29
95.163.52.67
033696b7f1ac04d1dcc102be84550e146236ceffc25a6cabc12aa51a6ee410b9
03a5101a2f209f02c7524d6d6d2564a1a1c07b7196548a32a17d2dd5faa2fe59
04d05978fdb111358073ab0524e5c1fafc0826615c206987618416b8bd8a4747
0e7e3045519beaff2095d4a64b8dfb1b581013eb5b8f4b3549983c69abe7139b
11a2142988720cd49ff000e5d488493947b3d34821301c5a706b3495b8381f7d
12eebba255ce6f856459cab6b183b507be0417a322f46faf7dd71b3c4b0eec27
1317b15498da5bb35c35c04ecc60f9d3a59bde97e9fb99138a31645cec0b6f70
21e75944d3f77408d1f5f2fab67c89c7fc43f4a80a3b8e4dcf38185f9d9f46e6
237a9a5d407ec860020474b01d73aaf1ca71ba2519c8ca92dba2ec81cf479d0b
24e480e4659fbae818853a38f8a3036f529f539024dc3e772c0b594ce02ea9db
34806ef573086241dd1a596a860b0295b51c24f1c37eab36eb9d0665683abb55
34dcd1e9bc213560b5dc69ca3ad9086e894129df080f021932b68062fa589a7a
388b37d634c70c67b3c1297339e1a2f37d3bbd560161e2b5c2a023e0ed267155
50a0e67fda5042b08e0473f15a1b01be5618e8a10ee417e6c4eb33430157c8db
52a8d3417ef880bed0286137f27374248962272a0872cbedae0e61dd38b1a5bd
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
557f3d629cbf8c40716f4c9d7c0147dc3f904ab7bc90b75b43bdf46ff79aad51
6625faec8fdcd9ce20a566cf73323d07a747271c7bf73fa57f1da608b2f33b33
6d569cba488e90ad9f5e7458c4dadd05515109fdf1a3f860af1094fb0a845dd2
7808605ddd1f0eaa454aa444293d2f0260943e51e53838fca46506e6a69fe521
7a332cb691c614f8db35315c35265b7a7e5280f346c70ecbb208293173bccf1c
8465c026bde37f2f0f2471b5f117797f891e654dabd41285d3629398f7739d1e
89978e658e840b927dddb5cb3a835c7d8526ece79933bd9f3096b301fe1a8571
9519ead81b27930f2599740121be7c46d232a0056d8693737dcbf5531af55118
96eea218543d77b2eefa97aac4255a9433480915553fb6eed3fe8806506fb006
9f15cd512a7931c3e02ceea28f2186516a60527aaad7c745284aa09adeaddc85
b6207095fd289e57bfa7fd35ac04ff8f19c7771afbf9397a6ff64032b249f2d7
c319c41d692da45b3d0cd5e1c47645c6f69b889e3ce8ed81fb9a02e2b58ec12b
c7a987be3cbd97bc18f5c4dac63af0993a04e647ee2504812471192f423e591d
e10cd8d343f9c37e3500c69d92f7ac7e78b6c7df29a2ace8cffe71bfa494e8c9
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4222715b556e7d99622c83e620d2f8e090047e56adb07923047f95828d561f2
e42f344a1cf21abe7fb9c31ccc4714faa616c7aba785ddba0b9620be92da560f
e7af9d60d875eb1c1b1037bbbfdec41fcb096d0ebcf98a48717ad8b07906ced6
e9e2cdd0b14593792b034dd03f667abbe33e54d6ac792fca694424f779edef2f
ec34b6213ac38d00a879e30fe141b37c9ba2ea49c7c9efbd7a35e8fddfcee2ee
fda0897f4cdbbab911245c9ebaa4885f54a7e572b8c9b071dc976d1d27cab1a6

goo.su Open in urlscan Pro 2606:4700:3036::ac43:8b69 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

56 Requests

80 %HTTPS

57 %IPv6

11 Domains

15 Subdomains

15 IPs

3 Countries

594 kBTransfer

2157 kBSize

23 Cookies

0 Outgoing links

Redirected requests

56 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 5 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

goo.su Open in urlscan Pro
2606:4700:3036::ac43:8b69 Public Scan

Screenshot
Live screenshot

Full Image

56
Requests

80 %
HTTPS

57 %
IPv6

11
Domains

15
Subdomains

15
IPs

3
Countries

594 kB
Transfer

2157 kB
Size

23
Cookies

56 HTTP transactions
5 data transactions