urlscan.io logo urlscan.io
SecurityTrails logo

goo.su Open in urlscan Pro
172.67.139.105  Public Scan

Go To Rescan Add Verdict Report
URL: https://goo.su/zCDdX0
Submission: On December 29 via manual from US — Scanned from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 16 IPs in 4 countries across 14 domains to perform 38 HTTP transactions. The main IP is 172.67.139.105, located in United States and belongs to CLOUDFLARENET, US. The main domain is goo.su. The Cisco Umbrella rank of the primary domain is 568797.
TLS certificate: Issued by WE1 on November 23rd 2024. Valid for: 3 months.
This is the only time goo.su was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 172.67.139.105 13335 (CLOUDFLAR...)
2 142.251.41.10 15169 (GOOGLE)
1 109.200.209.143 49544 (i3Dnet i3...)
1 23.109.170.99 7979 (SERVERS-COM)
1 213.180.193.90 13238 (YANDEX YA...)
2 142.251.32.99 15169 (GOOGLE)
3 95.163.52.67 47764 (VK-AS LLC VK)
1 2 88.212.202.52 39134 (UNITEDNET...)
1 151.236.71.248 204720 (CDNetwork...)
2 142.250.64.99 15169 (GOOGLE)
2 109.200.209.144 49544 (i3Dnet i3...)
7 178.154.131.215 13238 (YANDEX YA...)
2 5.255.255.77 13238 (YANDEX YA...)
4 81.19.89.16 24638 (RAMBLER-T...)
1 77.88.21.119 13238 (YANDEX YA...)
38 16
2    172.67.139.105 (United States)

ASN13335 (CLOUDFLARENET, US)
goo.su
2    142.251.41.10 (Queens, United States)

ASN15169 (GOOGLE, US)
PTR: lga34s40-in-f10.1e100.net
fonts.googleapis.com
1    109.200.209.143 (Newark, United States)

ASN49544 (i3Dnet i3D.net B.V, NL)
richinfo.co
1    23.109.170.99 (Netherlands)

ASN7979 (SERVERS-COM, US)
enduresopens.com
1    213.180.193.90 (Russian Federation)

ASN13238 (YANDEX YANDEX LLC, RU)
PTR: bs.yandex.ru
an.yandex.ru
2    142.251.32.99 (Queens, United States)

ASN15169 (GOOGLE, US)
PTR: lga25s77-in-f3.1e100.net
fonts.gstatic.com
3    95.163.52.67 (Russian Federation)

ASN47764 (VK-AS LLC VK, RU)
PTR: top-fwz1.mail.ru
top-fwz1.mail.ru
2    88.212.202.52 (Russian Federation)

ASN39134 (UNITEDNET EDINAYA SET LIMITED LIABILITY COMPANY, RU)
PTR: host152.rax.ru
counter.yadro.ru
1    151.236.71.248 (Moscow, Russian Federation)

ASN204720 (CDNetworks GLOBAL CLOUD NETWORK LLC, RU)
st.top100.ru
2    142.250.64.99 (Plainview, United States)

ASN15169 (GOOGLE, US)
PTR: lga34s31-in-f3.1e100.net
www.gstatic.com
2    109.200.209.144 (Newark, United States)

ASN49544 (i3Dnet i3D.net B.V, NL)
rtb.pushdom.co
7    178.154.131.215 (Russian Federation)

ASN13238 (YANDEX YANDEX LLC, RU)
PTR: static.yandex.net
yastatic.net
2    5.255.255.77 (Russian Federation)

ASN13238 (YANDEX YANDEX LLC, RU)
PTR: yandex.ru
yandex.ru
4    81.19.89.16 (Russian Federation)

ASN24638 (RAMBLER-TELECOM-AS Rambler Internet Holding LLC, RU)
PTR: kraken.rambler.ru
kraken.rambler.ru
1    77.88.21.119 (Russian Federation)

ASN13238 (YANDEX YANDEX LLC, RU)
PTR: mc.yandex.ru
mc.yandex.ru
Apex Domain
Subdomains		 Transfer
7 yastatic.net
yastatic.net — Cisco Umbrella Rank: 7444
200 KB
4 rambler.ru
kraken.rambler.ru — Cisco Umbrella Rank: 50537
3 KB
4 gstatic.com
fonts.gstatic.com
www.gstatic.com
68 KB
4 yandex.ru
an.yandex.ru — Cisco Umbrella Rank: 2611
yandex.ru — Cisco Umbrella Rank: 1488
mc.yandex.ru — Cisco Umbrella Rank: 4577
165 KB
3 mail.ru
top-fwz1.mail.ru — Cisco Umbrella Rank: 12299
privacy-cs.mail.ru Failed
23 KB
2 pushdom.co
rtb.pushdom.co — Cisco Umbrella Rank: 366479
143 B
2 yadro.ru
counter.yadro.ru — Cisco Umbrella Rank: 15372
1 KB
2 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 29
3 KB
2 goo.su
goo.su — Cisco Umbrella Rank: 568797
44 KB
1 top100.ru
st.top100.ru — Cisco Umbrella Rank: 63217
40 KB
1 enduresopens.com
enduresopens.com
45 KB
1 richinfo.co
richinfo.co — Cisco Umbrella Rank: 249617
35 KB
0 yandex.com Failed
mc.yandex.com Failed
0 girlsromancehaven.com Failed
nm52mrg.girlsromancehaven.com Failed
38 14
Domain Requested by
7 yastatic.net an.yandex.ru
4 kraken.rambler.ru goo.su
st.top100.ru
3 top-fwz1.mail.ru goo.su
top-fwz1.mail.ru
2 yandex.ru an.yandex.ru
2 rtb.pushdom.co goo.su
2 www.gstatic.com goo.su
2 counter.yadro.ru 1 redirects goo.su
2 fonts.gstatic.com fonts.googleapis.com
2 fonts.googleapis.com goo.su
2 goo.su goo.su
1 mc.yandex.ru an.yandex.ru
1 st.top100.ru goo.su
1 an.yandex.ru goo.su
1 enduresopens.com goo.su
1 richinfo.co goo.su
0 mc.yandex.com Failed mc.yandex.ru
0 nm52mrg.girlsromancehaven.com Failed goo.su
0 privacy-cs.mail.ru Failed top-fwz1.mail.ru
38 18

This site contains links to these domains. Also see Links.

Domain
www.liveinternet.ru
top100.rambler.ru
Subject Issuer Validity Valid
goo.su
WE1		 2024-11-23 -
2025-02-21		 3 months crt.sh
upload.video.google.com
WR2		 2024-12-02 -
2025-02-24		 3 months crt.sh
richinfo.co
R10		 2024-12-10 -
2025-03-10		 3 months crt.sh
enduresopens.com
R10		 2024-12-20 -
2025-03-20		 3 months crt.sh
bs.yandex.ru
GlobalSign ECC OV SSL CA 2018		 2024-08-27 -
2025-02-25		 6 months crt.sh
*.gstatic.com
WR2		 2024-12-02 -
2025-02-24		 3 months crt.sh
*.mail.ru
GlobalSign ECC OV SSL CA 2018		 2024-10-21 -
2025-11-22		 a year crt.sh
*.top100.ru
GlobalSign GCC R3 DV TLS CA 2020		 2024-02-14 -
2025-03-17		 a year crt.sh
rtb.pushdom.co
R11		 2024-11-29 -
2025-02-27		 3 months crt.sh
*.yastatic-net.ru
GlobalSign ECC OV SSL CA 2018		 2024-10-25 -
2025-04-24		 6 months crt.sh
*.xn--d1acpjx3f.xn--p1ai
GlobalSign ECC OV SSL CA 2018		 2024-12-04 -
2025-06-03		 6 months crt.sh
*.rambler.ru
GlobalSign GCC R3 DV TLS CA 2020		 2024-05-02 -
2025-06-03		 a year crt.sh
mc.yandex.ru
GlobalSign ECC OV SSL CA 2018		 2024-10-20 -
2025-04-01		 5 months crt.sh

This page contains 2 frames:

Frame: https://nm52mrg.girlsromancehaven.com/talp9t8?cid=36hcs1j163d0b
Frame ID: BBAD0555D43CD393947EC18DCABD4CF2
Requests: 39 HTTP requests in this frame

Frame: https://mc.yandex.com/metrika/metrika_match.html
Frame ID: BB4248D085507471D910D08D73D72ACC
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Redirecting

Detected technologies

Overall confidence: 100%
Detected patterns
  • /firebasejs/([\d.]+)/firebase
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • https?://an\.yandex\.ru/
Overall confidence: 100%
Detected patterns
  • mc\.yandex\.ru/metrika/(?:tag|watch)\.js

Page Statistics

38
Requests

82 %
HTTPS

0 %
IPv6

14
Domains

18
Subdomains

16
IPs

4
Countries

627 kB
Transfer

2069 kB
Size

23
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 11
  • https://counter.yadro.ru/hit?t44.11;r;s1600*1200*24;uhttps%3A//goo.su/zCDdX0;hRedirecting;0.8234043147132439 HTTP 302
  • https://counter.yadro.ru/hit?q;t44.11;r;s1600*1200*24;uhttps%3A//goo.su/zCDdX0;hRedirecting;0.8234043147132439
Request Chain 32
  • https://emily-stream.com/4RB9dF HTTP 302
  • https://nm52mrg.girlsromancehaven.com/talp9t8?cid=36hcs1j163d0b
Request Chain 38
  • https://mc.yandex.com/watch/1677322?wmode=7&page-url=https%3A%2F%2Fgoo.su%2FzCDdX0&nohit=1&charset=utf-8&cnt-class=1&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3Afqngs4ku2psd4e9m0lq0o0a6g7v%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1551%3Acn%3A1%3Adp%3A0%3Als%3A684898766088%3Ahid%3A380362291%3Az%3A-600%3Ai%3A20241228154015%3Aet%3A1735436416%3Ac%3A1%3Arn%3A797244225%3Au%3A1735436416861321056%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Aco%3A0%3Acpf%3A1%3Ans%3A1735436407135%3Arqnl%3A1%3Ast%3A1735436418%3At%3ARedirecting&t=clc(0-0-0)aw(1)rcm(1)cdl(na)eco(565312)ti(2) HTTP 302
  • https://mc.yandex.com/watch/1677322/1?wmode=7&page-url=https%3A%2F%2Fgoo.su%2FzCDdX0&nohit=1&charset=utf-8&cnt-class=1&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3Afqngs4ku2psd4e9m0lq0o0a6g7v%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1551%3Acn%3A1%3Adp%3A0%3Als%3A684898766088%3Ahid%3A380362291%3Az%3A-600%3Ai%3A20241228154015%3Aet%3A1735436416%3Ac%3A1%3Arn%3A797244225%3Au%3A1735436416861321056%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Aco%3A0%3Acpf%3A1%3Ans%3A1735436407135%3Arqnl%3A1%3Ast%3A1735436418%3At%3ARedirecting&t=clc%280-0-0%29aw%281%29rcm%281%29cdl%28na%29eco%28565312%29ti%282%29&redirnss=1

38 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request zCDdX0
goo.su/ 		21 KB
11 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://goo.su/zCDdX0
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
172.67.139.105 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/8.2.13
Resource Hash
c33bb9ce0f578adc764b0fa7ba4590c1f9c109318ad1f335dd3f301eeca3eb72

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
private, must-revalidate
cf-cache-status
DYNAMIC
cf-ray
8f96148e29d043af-EWR
content-encoding
zstd
content-type
text/html; charset=UTF-8
date
Sun, 29 Dec 2024 01:40:08 GMT
expires
-1
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=F77qQSdom%2Fwa9sI4lB7gtmNrIN%2FBTVSsRuwc0VOOxnAmjc2Q3IMy9%2F3t9390%2FO39%2BG5XMTId2yoMBtsKak4U7VRvsZ459GnQQdQhwrOpoF2D8ETJyWVbVME%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
server-timing
cfL4;desc="?proto=TCP&rtt=11880&min_rtt=8944&rtt_var=7652&sent=9&recv=10&lost=0&retrans=0&sent_bytes=3385&recv_bytes=2359&delivery_rate=489713&cwnd=251&unsent_bytes=0&cid=4c884770c71d5099&ts=701&x=0"
vary
Accept-Encoding
x-powered-by
PHP/8.2.13
css
fonts.googleapis.com/ 		6 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Open%20Sans:400&display=swap
Requested by
Host: goo.su
URL: https://goo.su/zCDdX0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.41.10 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s40-in-f10.1e100.net
Software
ESF /
Resource Hash
719d2fc548145fa8d8361205f6fcb49eefc54c71fbb18e6320a60a263f40637a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://goo.su/

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Sun, 29 Dec 2024 01:40:10 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sun, 29 Dec 2024 01:40:10 GMT
content-type
text/css; charset=utf-8
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified
Sun, 29 Dec 2024 00:54:18 GMT
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
x-xss-protection
0
server
ESF
css
fonts.googleapis.com/ 		2 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto:400&display=swap
Requested by
Host: goo.su
URL: https://goo.su/zCDdX0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.41.10 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s40-in-f10.1e100.net
Software
ESF /
Resource Hash
23428c6301061ebb006b127c5841235122a23672f0041d08a9518520795a1bde
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://goo.su/

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Sun, 29 Dec 2024 01:40:10 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sun, 29 Dec 2024 01:40:10 GMT
content-type
text/css; charset=utf-8
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified
Sun, 29 Dec 2024 01:19:52 GMT
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
x-xss-protection
0
server
ESF
rp-cl-ob.js
richinfo.co/richpartners/push/js/ 		93 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://richinfo.co/richpartners/push/js/rp-cl-ob.js?pubid=883146&siteid=330256&niche=33
Requested by
Host: goo.su
URL: https://goo.su/zCDdX0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.200.209.143 Newark, United States, ASN49544 (i3Dnet i3D.net B.V, NL),
Reverse DNS
Software
openresty/1.21.4.1 /
Resource Hash
1083e15f17276402d259f207d321498179dac9996221d7945ac21055bb7bf2f4

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://goo.su
Referer
https://goo.su/

Response headers

x-amz-id-2
XWTOpFLku/hQ/SXE/ZchMY2yBOPqt245JOj5xW6kDQ5fUaH13vH2QaDcRTHBxxeC24+uq+Hmg+E=
content-encoding
gzip
etag
W/"4eb2c767f3bc7992a918be3558d2a0a4"
access-control-allow-credentials
true
x-amz-request-id
VRYJXRG4WT6M31K1
access-control-allow-origin
https://goo.su
date
Sun, 29 Dec 2024 01:40:10 GMT
content-type
application/x-javascript
last-modified
Thu, 26 Dec 2024 12:13:06 GMT
server
openresty/1.21.4.1
x-amz-server-side-encryption
AES256
69489
enduresopens.com/ttkXIvunodY/ 		127 KB
45 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://enduresopens.com/ttkXIvunodY/69489
Requested by
Host: goo.su
URL: https://goo.su/zCDdX0
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_CBC
Server
23.109.170.99 , Netherlands, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
nginx /
Resource Hash
41951c9f6c3a65f22c9ed9b8fc8959b2e605a3264c01ef71f4c275f94ec23308
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://goo.su/

Response headers

Access-Control-Max-Age
600
Content-Encoding
gzip
Access-Control-Allow-Methods
GET, POST, OPTIONS
X-Content-Type-Options
nosniff
Keep-Alive
timeout=20
Date
Sun, 29 Dec 2024 01:40:11 GMT
Content-Type
application/javascript; charset=utf-8
Vary
Accept-Encoding
X-Frame-Options
SAMEORIGIN
Transfer-Encoding
chunked
Strict-Transport-Security
max-age=1
Access-Control-Allow-Headers
content-type, megageocheckolololo, x-forwarded-for, x-requested-with, cache-control, pragma, expires
Accept-ch
sec-ch-ua-platform-version,sec-ch-ua-model,sec-ch-ua-full-version,sec-ch-ua-full-version-list
Connection
keep-alive
Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
https://goo.su
Server
nginx
redirect.js
goo.su/frontend/js/ 		86 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://goo.su/frontend/js/redirect.js?id=399eaf833ac5f607b305c4ace0c25eb5
Requested by
Host: goo.su
URL: https://goo.su/zCDdX0
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
172.67.139.105 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9ac92dd22b771410a6944726d1ed1fd7a7faaf239c2d80eab0bc1233e6ce95d2

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://goo.su/zCDdX0

Response headers

content-encoding
zstd
cf-cache-status
HIT
etag
W/"65896ec2-156eb"
age
412772
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=QeS0v3HIq43kLM8c1gplwKGwFqe3E3HsqLiXlb74ATYZMLAx7Vf0g0k20nPdcY9FbQTb96bpaN2%2Fl8BvimglqFKKQwTWS9N%2BEZpul2rA5hVvLDMEgtMSIt4%3D"}],"group":"cf-nel","max_age":604800}
expires
Tue, 31 Dec 2024 07:00:38 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=TCP&rtt=11319&min_rtt=8881&rtt_var=5313&sent=19&recv=13&lost=0&retrans=0&sent_bytes=15197&recv_bytes=3090&delivery_rate=1301763&cwnd=251&unsent_bytes=0&cid=4c884770c71d5099&ts=2315&x=0"
date
Sun, 29 Dec 2024 01:40:10 GMT
content-type
application/javascript
last-modified
Mon, 25 Dec 2023 12:00:02 GMT
vary
Accept-Encoding
cache-control
max-age=604800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8f96149b5d8e43af-EWR
server
cloudflare
truncated
/ 		5 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
52a8d3417ef880bed0286137f27374248962272a0872cbedae0e61dd38b1a5bd

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/png
truncated
/ 		2 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
c7a987be3cbd97bc18f5c4dac63af0993a04e647ee2504812471192f423e591d

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/svg+xml
context.js
an.yandex.ru/system/ 		376 KB
108 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://an.yandex.ru/system/context.js
Requested by
Host: goo.su
URL: https://goo.su/zCDdX0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.180.193.90 , Russian Federation, ASN13238 (YANDEX YANDEX LLC, RU),
Reverse DNS
bs.yandex.ru
Software
/
Resource Hash
e66c25bee26a07d36337bf49b9b20a8232133c353730f83a9f05c8bf718426d3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://goo.su/

Response headers

strict-transport-security
max-age=31536000
x-robots-tag
noindex, noarchive, nofollow
x-yandex-req-id
1735436411151458-1525380831408427628000204-production-app-host-vla-pcode-397
cache-control
private, max-age=3600
timing-allow-origin
*
content-encoding
br
etag
"899b5fa6a4922e6b6b038b1819f5613d-1183758"
expires
Sun, 29 Dec 2024 02:40:11 GMT
access-control-allow-origin
*
content-type
text/javascript; charset=utf-8
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v32/ 		18 KB
19 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v32/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.32.99 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s77-in-f3.1e100.net
Software
sffe /
Resource Hash
89978e658e840b927dddb5cb3a835c7d8526ece79933bd9f3096b301fe1a8571
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://goo.su
Referer
https://fonts.googleapis.com/

Response headers

age
146596
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Sat, 27 Dec 2025 08:56:54 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 27 Dec 2024 08:56:54 GMT
last-modified
Thu, 01 Aug 2024 20:41:24 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
18536
x-xss-protection
0
server
sffe
memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4gaVI.woff2
fonts.gstatic.com/s/opensans/v40/ 		18 KB
18 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v40/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4gaVI.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open%20Sans:400&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.32.99 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s77-in-f3.1e100.net
Software
sffe /
Resource Hash
e7af9d60d875eb1c1b1037bbbfdec41fcb096d0ebcf98a48717ad8b07906ced6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://goo.su
Referer
https://fonts.googleapis.com/

Response headers

age
133458
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Sat, 27 Dec 2025 12:35:52 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 27 Dec 2024 12:35:52 GMT
last-modified
Thu, 14 Dec 2023 02:00:39 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
18668
x-xss-protection
0
server
sffe
code.js
top-fwz1.mail.ru/js/ 		46 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://top-fwz1.mail.ru/js/code.js
Requested by
Host: goo.su
URL: https://goo.su/zCDdX0
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
95.163.52.67 , Russian Federation, ASN47764 (VK-AS LLC VK, RU),
Reverse DNS
top-fwz1.mail.ru
Software
nginx /
Resource Hash
557f3d629cbf8c40716f4c9d7c0147dc3f904ab7bc90b75b43bdf46ff79aad51
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://goo.su/

Response headers

access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
content-encoding
gzip
etag
W/"66f68af3-b7eb"
access-control-allow-methods
GET, POST, HEAD, PUT, OPTIONS
x-content-type-options
nosniff
accept-ch-lifetime
86400
expires
Sun, 29 Dec 2024 02:40:12 GMT
p3p
CP="NOI DSP COR NID CUR PSA OUR NOR"
date
Sun, 29 Dec 2024 01:40:12 GMT
content-type
application/javascript
last-modified
Fri, 27 Sep 2024 10:37:39 GMT
access-control-allow-headers
*
cache-control
max-age=3600, private
timing-allow-origin
*
accept-ch
DPR, Width, Viewport-Width, Downlink, Device-Memory, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version
access-control-allow-credentials
true
amp-access-control-allow-source-origin
*
access-control-allow-origin
*
server
nginx
hit
counter.yadro.ru/
Redirect Chain
  • https://counter.yadro.ru/hit?t44.11;r;s1600*1200*24;uhttps%3A//goo.su/zCDdX0;hRedirecting;0.8234043147132439
  • https://counter.yadro.ru/hit?q;t44.11;r;s1600*1200*24;uhttps%3A//goo.su/zCDdX0;hRedirecting;0.8234043147132439
132 B
618 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://counter.yadro.ru/hit?q;t44.11;r;s1600*1200*24;uhttps%3A//goo.su/zCDdX0;hRedirecting;0.8234043147132439
Requested by
Host: goo.su
URL: https://goo.su/zCDdX0
Protocol
HTTP/1.1
Server
88.212.202.52 , Russian Federation, ASN39134 (UNITEDNET EDINAYA SET LIMITED LIABILITY COMPANY, RU),
Reverse DNS
host152.rax.ru
Software
nginx/1.17.9 /
Resource Hash
e10cd8d343f9c37e3500c69d92f7ac7e78b6c7df29a2ace8cffe71bfa494e8c9
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://goo.su/

Response headers

Strict-Transport-Security
max-age=86400
Cache-control
no-cache
Pragma
no-cache
Connection
keep-alive
Expires
Fri, 29 Dec 2023 21:00:00 GMT
Access-Control-Allow-Origin
*
Content-Length
132
P3P
policyref="/w3c/p3p.xml", CP="UNI"
Date
Sun, 29 Dec 2024 01:40:12 GMT
Content-Type
image/gif
Server
nginx/1.17.9

Redirect headers

Strict-Transport-Security
max-age=86400
Cache-control
no-cache
Location
https://counter.yadro.ru/hit?q;t44.11;r;s1600*1200*24;uhttps%3A//goo.su/zCDdX0;hRedirecting;0.8234043147132439
Pragma
no-cache
Connection
keep-alive
Expires
Fri, 29 Dec 2023 21:00:00 GMT
Content-Length
32
P3P
policyref="/w3c/p3p.xml", CP="UNI"
Date
Sun, 29 Dec 2024 01:40:11 GMT
Content-Type
text/html
Server
nginx/1.17.9
top100.js
st.top100.ru/top100/ 		133 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://st.top100.ru/top100/top100.js
Requested by
Host: goo.su
URL: https://goo.su/zCDdX0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
151.236.71.248 Moscow, Russian Federation, ASN204720 (CDNetworks GLOBAL CLOUD NETWORK LLC, RU),
Reverse DNS
Software
nginx /
Resource Hash
cdc9f17e47e9bbe67f5eace6a2980bc26dda093b18798cf16f56636af8b14398

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://goo.su/

Response headers

x-amz-content-sha256
cdc9f17e47e9bbe67f5eace6a2980bc26dda093b18798cf16f56636af8b14398
x-amz-tagging-count
0
x-cdn-edge-id
2315
x-cdn-edge-cache
HIT
x-cdn-request-id
cb3e476fb65409b095a3347bd0b0978a
content-encoding
gzip
x-amz-meta-s3cmd-attrs
atime:1734617865/ctime:1734619546/gid:0/gname:root/md5:3078b8dd6174af394c940cc90f007709/mode:33188/mtime:1734617865/uid:0/uname:root
etag
W/"3078b8dd6174af394c940cc90f007709"
x-amz-request-id
000001940FBCA9C8A8C8D4CC587509CA
date
Sun, 29 Dec 2024 01:40:12 GMT
content-type
application/javascript
last-modified
Thu, 19 Dec 2024 14:45:48 GMT
server
nginx
x-reserved
amazon, aws and amazon web services are trademarks or registered trademarks of Amazon Technologies, Inc
x-amz-id-2
32AAAQAAEAABAAAQAAEAABAAAQAAEAABCSAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
firebase-app.js
www.gstatic.com/firebasejs/10.12.2/ 		99 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/firebasejs/10.12.2/firebase-app.js
Requested by
Host: goo.su
URL: https://goo.su/zCDdX0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.64.99 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s31-in-f3.1e100.net
Software
sffe /
Resource Hash
08b83f02859328aabb9acea9370d600ffe739d9e2c251b6668b6f6ff56a2e1d1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://goo.su
Referer
https://richinfo.co/

Response headers

content-encoding
gzip
age
160302
report-to
{"group":"firebase-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/firebase-js"}]}
x-content-type-options
nosniff
expires
Sat, 27 Dec 2025 05:08:28 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 27 Dec 2024 05:08:28 GMT
last-modified
Mon, 27 May 2024 17:13:52 GMT
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
cache-control
public, max-age=31536000
cross-origin-opener-policy
same-origin-allow-popups; report-to="firebase-js"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js
accept-ranges
bytes
access-control-allow-origin
*
content-length
22535
x-xss-protection
0
server
sffe
firebase-messaging.js
www.gstatic.com/firebasejs/10.12.2/ 		28 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/firebasejs/10.12.2/firebase-messaging.js
Requested by
Host: goo.su
URL: https://goo.su/zCDdX0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.64.99 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s31-in-f3.1e100.net
Software
sffe /
Resource Hash
c28064598de8d36d4f19bffbf443141ede3879ae7f59a3df2aafad3f92afe93c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://goo.su
Referer
https://richinfo.co/

Response headers

content-encoding
gzip
age
174954
report-to
{"group":"firebase-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/firebase-js"}]}
x-content-type-options
nosniff
expires
Sat, 27 Dec 2025 01:04:17 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 27 Dec 2024 01:04:17 GMT
last-modified
Mon, 27 May 2024 17:13:30 GMT
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
cache-control
public, max-age=31536000
cross-origin-opener-policy
same-origin-allow-popups; report-to="firebase-js"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js
accept-ranges
bytes
access-control-allow-origin
*
content-length
8646
x-xss-protection
0
server
sffe
st
rtb.pushdom.co/pb/ 		0
71 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.pushdom.co/pb/st?sctp=content-locker&m=ht&pid=883146&sid=330256&dm=goo.su&c1=https&c2=1&c3=https://rtb.pushdom.co/pb/st
Requested by
Host: goo.su
URL: https://goo.su/zCDdX0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.200.209.144 Newark, United States, ASN49544 (i3Dnet i3D.net B.V, NL),
Reverse DNS
Software
openresty/1.21.4.1 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://goo.su/

Response headers

content-length
0
date
Sun, 29 Dec 2024 01:40:11 GMT
content-type
text/html;charset=UTF-8
server
openresty/1.21.4.1
st
rtb.pushdom.co/pb/ 		0
72 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.pushdom.co/pb/st?sctp=content-locker&m=si&pid=883146&sid=330256&dm=goo.su&c1=https&c2=1&c3=https://rtb.pushdom.co/pb/st
Requested by
Host: goo.su
URL: https://goo.su/zCDdX0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.200.209.144 Newark, United States, ASN49544 (i3Dnet i3D.net B.V, NL),
Reverse DNS
Software
openresty/1.21.4.1 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://goo.su/

Response headers

content-length
0
date
Sun, 29 Dec 2024 01:40:11 GMT
content-type
text/html;charset=UTF-8
server
openresty/1.21.4.1
text-variable-full.woff2
yastatic.net/s3/home/fonts/ys/3/ 		25 KB
26 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://yastatic.net/s3/home/fonts/ys/3/text-variable-full.woff2
Requested by
Host: an.yandex.ru
URL: https://an.yandex.ru/system/context.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
178.154.131.215 , Russian Federation, ASN13238 (YANDEX YANDEX LLC, RU),
Reverse DNS
static.yandex.net
Software
nginx/1.17.9 /
Resource Hash
033696b7f1ac04d1dcc102be84550e146236ceffc25a6cabc12aa51a6ee410b9
Security Headers
Name Value
Strict-Transport-Security max-age=43200000; includeSubDomains;

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://goo.su
Referer
https://goo.su/

Response headers

etag
"7f0cdaf91230f9789ca4162aedff612e"
report-to
{ "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
expires
Mon, 29 Dec 2025 07:29:17 GMT
date
Sun, 29 Dec 2024 01:40:13 GMT
content-type
font/woff2
last-modified
Mon, 25 Apr 2022 14:02:39 GMT
vary
Accept-Encoding
strict-transport-security
max-age=43200000; includeSubDomains;
cache-control
public, max-age=31556952
nel
{"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
timing-allow-origin
*
x-amz-meta-owner
{"role":"admin","login":"4eb0da"}
x-nginx-request-id
ff002147c743f530
accept-ranges
bytes
access-control-allow-origin
*
content-length
26004
server
nginx/1.17.9
cc3eb7227602aea2a356.js
yastatic.net/partner-code-bundles/1183758/ 		20 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://yastatic.net/partner-code-bundles/1183758/cc3eb7227602aea2a356.js
Requested by
Host: an.yandex.ru
URL: https://an.yandex.ru/system/context.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
178.154.131.215 , Russian Federation, ASN13238 (YANDEX YANDEX LLC, RU),
Reverse DNS
static.yandex.net
Software
nginx/1.17.9 /
Resource Hash
0043f89180ccb535cc29be0ebcb83346e380b2e9f94078e1c5fdf598567831b2
Security Headers
Name Value
Strict-Transport-Security max-age=43200000; includeSubDomains;

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://goo.su
Referer
https://goo.su/

Response headers

x-robots-tag
noindex, noarchive, nofollow
content-encoding
br
etag
"1ea1abdc6b2ca5332bd9171ae9ac75d4"
report-to
{ "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
expires
Tue, 29 Dec 2054 08:11:25 GMT
date
Sun, 29 Dec 2024 01:40:13 GMT
content-type
text/javascript; charset=utf-8
last-modified
Wed, 25 Dec 2024 15:06:32 GMT
vary
Accept-Encoding
strict-transport-security
max-age=43200000; includeSubDomains;
cache-control
public, max-age=946708560
nel
{"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
timing-allow-origin
*
accept-ranges
bytes
access-control-allow-origin
*
content-length
6391
server
nginx/1.17.9
5956674fd0fdd7c45be0.js
yastatic.net/partner-code-bundles/1183758/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://yastatic.net/partner-code-bundles/1183758/5956674fd0fdd7c45be0.js
Requested by
Host: an.yandex.ru
URL: https://an.yandex.ru/system/context.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
178.154.131.215 , Russian Federation, ASN13238 (YANDEX YANDEX LLC, RU),
Reverse DNS
static.yandex.net
Software
nginx/1.17.9 /
Resource Hash
fa8ce0f9f5d78718935551066be8ab1e59b330c14c95c5e0a876ccc3ab6e5391
Security Headers
Name Value
Strict-Transport-Security max-age=43200000; includeSubDomains;

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://goo.su
Referer
https://goo.su/

Response headers

x-robots-tag
noindex, noarchive, nofollow
content-encoding
br
etag
"456399b9c1ec47d1dbc61770ec223f7c"
report-to
{ "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
expires
Tue, 29 Dec 2054 08:11:25 GMT
date
Sun, 29 Dec 2024 01:40:13 GMT
content-type
text/javascript; charset=utf-8
last-modified
Wed, 25 Dec 2024 15:06:27 GMT
vary
Accept-Encoding
strict-transport-security
max-age=43200000; includeSubDomains;
cache-control
public, max-age=946708560
nel
{"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
timing-allow-origin
*
accept-ranges
bytes
access-control-allow-origin
*
content-length
5312
server
nginx/1.17.9
57bcfd9e2482bf6eab12.js
yastatic.net/partner-code-bundles/1183758/ 		24 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://yastatic.net/partner-code-bundles/1183758/57bcfd9e2482bf6eab12.js
Requested by
Host: an.yandex.ru
URL: https://an.yandex.ru/system/context.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
178.154.131.215 , Russian Federation, ASN13238 (YANDEX YANDEX LLC, RU),
Reverse DNS
static.yandex.net
Software
nginx/1.17.9 /
Resource Hash
80fc30ac502073424612abfe45f0db2859aa92ce62a411b63367a7a380fe95c0
Security Headers
Name Value
Strict-Transport-Security max-age=43200000; includeSubDomains;

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://goo.su
Referer
https://goo.su/

Response headers

x-robots-tag
noindex, noarchive, nofollow
content-encoding
br
etag
"f2e736a01ad7eff0b8295ee7196506bb"
report-to
{ "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
expires
Tue, 29 Dec 2054 08:11:25 GMT
date
Sun, 29 Dec 2024 01:40:13 GMT
content-type
text/javascript; charset=utf-8
last-modified
Wed, 25 Dec 2024 15:06:27 GMT
vary
Accept-Encoding
strict-transport-security
max-age=43200000; includeSubDomains;
cache-control
public, max-age=946708560
nel
{"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
timing-allow-origin
*
accept-ranges
bytes
access-control-allow-origin
*
content-length
7953
server
nginx/1.17.9
28c60da322306eea85f3.js
yastatic.net/partner-code-bundles/1183758/ 		616 KB
120 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://yastatic.net/partner-code-bundles/1183758/28c60da322306eea85f3.js
Requested by
Host: an.yandex.ru
URL: https://an.yandex.ru/system/context.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
178.154.131.215 , Russian Federation, ASN13238 (YANDEX YANDEX LLC, RU),
Reverse DNS
static.yandex.net
Software
nginx/1.17.9 /
Resource Hash
950d3ea33a52e3b63868c32fe075b221b10ca5aa31a98b180d7182213c7b8ea1
Security Headers
Name Value
Strict-Transport-Security max-age=43200000; includeSubDomains;

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://goo.su
Referer
https://goo.su/

Response headers

x-robots-tag
noindex, noarchive, nofollow
content-encoding
br
etag
"ce8d6aaf666b3d56031852fe861f259c"
report-to
{ "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
expires
Tue, 29 Dec 2054 08:11:25 GMT
date
Sun, 29 Dec 2024 01:40:13 GMT
content-type
text/javascript; charset=utf-8
last-modified
Wed, 25 Dec 2024 15:06:26 GMT
vary
Accept-Encoding
strict-transport-security
max-age=43200000; includeSubDomains;
cache-control
public, max-age=946708560
nel
{"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
timing-allow-origin
*
accept-ranges
bytes
access-control-allow-origin
*
content-length
121976
server
nginx/1.17.9
host.js
yastatic.net/safeframe-bundles/0.83/ 		33 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://yastatic.net/safeframe-bundles/0.83/host.js
Requested by
Host: an.yandex.ru
URL: https://an.yandex.ru/system/context.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
178.154.131.215 , Russian Federation, ASN13238 (YANDEX YANDEX LLC, RU),
Reverse DNS
static.yandex.net
Software
nginx/1.17.9 /
Resource Hash
34806ef573086241dd1a596a860b0295b51c24f1c37eab36eb9d0665683abb55
Security Headers
Name Value
Strict-Transport-Security max-age=43200000; includeSubDomains;

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://goo.su
Referer
https://goo.su/

Response headers

x-robots-tag
noindex, noarchive, nofollow
content-encoding
br
etag
"f80882bf67cf261aa08d636da095149a"
report-to
{ "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
expires
Tue, 29 Dec 2054 08:16:02 GMT
date
Sun, 29 Dec 2024 01:40:13 GMT
content-type
text/javascript; charset=utf-8
last-modified
Wed, 03 Nov 2021 13:42:58 GMT
vary
Accept-Encoding
strict-transport-security
max-age=43200000; includeSubDomains;
cache-control
public, max-age=946708560
nel
{"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
timing-allow-origin
*
accept-ranges
bytes
access-control-allow-origin
*
content-length
8878
server
nginx/1.17.9
454b3fa45c64f15c3946.js
yastatic.net/partner-code-bundles/1183758/ 		114 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://yastatic.net/partner-code-bundles/1183758/454b3fa45c64f15c3946.js
Requested by
Host: an.yandex.ru
URL: https://an.yandex.ru/system/context.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
178.154.131.215 , Russian Federation, ASN13238 (YANDEX YANDEX LLC, RU),
Reverse DNS
static.yandex.net
Software
nginx/1.17.9 /
Resource Hash
f44fd5d3e4ef91db81aa29db7216c4ab17feada8c779fc168e3d13364136610a
Security Headers
Name Value
Strict-Transport-Security max-age=43200000; includeSubDomains;

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://goo.su
Referer
https://goo.su/

Response headers

x-robots-tag
noindex, noarchive, nofollow
content-encoding
br
etag
"9c35ad150317f2afb3591b412dfad6a4"
report-to
{ "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
expires
Tue, 29 Dec 2054 08:11:25 GMT
date
Sun, 29 Dec 2024 01:40:13 GMT
content-type
text/javascript; charset=utf-8
last-modified
Wed, 25 Dec 2024 15:06:27 GMT
vary
Accept-Encoding
strict-transport-security
max-age=43200000; includeSubDomains;
cache-control
public, max-age=946708560
nel
{"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
timing-allow-origin
*
accept-ranges
bytes
access-control-allow-origin
*
content-length
24474
server
nginx/1.17.9
1677322
yandex.ru/ads/meta/ 		438 B
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://yandex.ru/ads/meta/1677322?target-ref=https%3A%2F%2Fgoo.su%2FzCDdX0&pcode-version=1183758&pcodever=1183758&comboblock-unencoded-vast=1&ad-session-id=3493061735436412573&target-id=74022514&pcode-test-ids=1173005%2C0%2C82%3B1135988%2C0%2C34%3B1177116%2C0%2C56%3B1184115%2C0%2C9%3B1182168%2C0%2C94%3B1183717%2C0%2C18%3B1139802%2C0%2C78%3B1177689%2C0%2C71%3B1175803%2C0%2C63%3B1178054%2C0%2C94%3B1175949%2C0%2C89%3B1184151%2C0%2C49%3B1181855%2C0%2C57%3B1175871%2C0%2C40%3B1178013%2C0%2C85%3B1183609%2C0%2C45%3B1183758%2C0%2C52%3B912285%2C0%2C4&pcode-flags-map=eJylWN1ynDgTfReujRcBApE7IRpGNSARSYztbKVUODPZ9cY%2FW3aS3S%2BpvPtXAjw2OJlJaq9mEPRRd6t%2FTuurt6HaVormtgZRmZX36vev3uf%2B%2BtPOe%2BWFQUy8E%2B%2Fj7uEj33qvPBKQII29b29PBrEzRVtbc21AgLL5hZWCwQzAqA6eAyAUxQkO9wi6Uxu4sFxoo4A2tpEFKGEL0LwSM6SHd%2F31zt7u%2FpnD4TBEZA%2FXabAbbhQX1JqNfd2BurAtVbSZYe3%2B%2FXuBkoQZHlF4AdJyYU1FrS4GxFE3LirbQMGpLXkNegb4%2Fu7e9tfXC9CMpGgANZW0E3AlpAKr%2BRs4rBGJAxQMwkpZULywRtoN1eaYGIrSJ%2B8amtdgN6A0l3N3IkQiEkRL6TgcNW662vCcCneuneAlh8JyYUCVlB3UHGckTEcNnOvy9WCrtqVUdu9bJptcHkJJ0iwO0kfzBZxZBaZTwtLSgLKs5mxtzUrJrlodjLcUoSDOBiDdUGVcSHRg4by1eU3Zeoje5wi%2Fezf91fXp%2FSfvxPtff7vd%2FXt6%2F%2Bm3q5v%2Bj93DbOmP%2FmZY2X7Z3Y6f95%2BvPt6Nf29Onz1sb6%2BmVYe8R%2FBOvPv%2By%2FXdlz%2Bn11%2Fux99P9%2F3p7e6fhxcf%2FNXf3VxNoncf3O%2FbmamYhKPPNBhbQEm72tiWVmBF1%2BSgDnk8xShKx4C7oNpQw5ktAQqb15KtLS%2Fs2Yob%2BI6%2FlM%2F9MM5QGMQ%2B8k5mz%2BHiOVo8x8Mz9UOMgiANJ3nqY0LiBPkI7ReSFOHUbfB2Vo6yBCWD0qW2tZStLfn5ITMJjiIUDRIuqqrWWM0Ubw%2BmFUmjMBurXsH1kFJjBDIpSq4aapbZtQDIQhyRcdfiDYixqKyhBnNMDpEwm1W3FRVF7Y5BrCclXGbRwnTiYF5mURrisVBq2oC9oKKAc1vIhvLDOqRBmmQz42ULQpnctgpa24ChNu%2Fq9UGQDMdTVQBDK7sCWhyORxQEBCdjMaL6QrAxc5%2BLfPUedh9dBD57b51eBTXU1pIW3sn8HYgCnLMW69OLxarriT8C%2BOEWXHBjxwValPJ88boBo%2FiaWiY7V0wXb5mUaw62oYatXLf5%2Fletkg3X8GLjIdGd%2BZOWQ7VdfDWvwFaKQWGXU3%2FePXx8cM50beztt9lJIJJmUw3V7dCEpkZ4xs1KdsYqKLgCZqwU9cXxLhWEaUDGWlMa%2BxhVtG1rueHCcqktiIJRVRyBycIA77Njj6M1mOcNhymghm%2Fc8VG2GpR2H7Oa8uZYEIZZ9Mz0kp%2Fbc05lw62C1x1oow%2BLRyFO8V6cddrIxtaysryk8yoa413fX6LEz3b9ez9O%2B8i%2FTJOt37%2B%2FTOJs1%2BMtdsU0xT1Jkgj777ZJ5scZee9n24z4KHjXo36L%2BsudK5kMwjBKYuSHOY79OIiwn%2BM888MwwxgBFFCU3omX4R2JtqT3cbyL%2FXgbhX6fothHl31%2FSdJ3CGdbtylEcRyFxI%2BTNPJjjKifJ0ns51ECZViyuAyyWV1GQRRnhHzP8BYUAzGLj%2BA0CPDPSbOymleADKUIpVnovUInXhQEGQnjAHmv0LcfALqcfSREY6IePsE4TSZmyLSaCGXFm%2BYwfQviLEyShZgGtQHla14cEcZBOHW1fb4NrfhHHTiJsiBOI7w4AxzF4aj6wNMbx98qRWtLhT47Fvg4wyjc69C6kmSNomwNSs93jwIUhkmCsedOACVxHOKlKiQmk0WqsWVNqyN5Q7KUTFSmBTbSz07w167QFUNqu%2B7d1pRBs4iml2AZTiY%2FVGDsZm0LaOTEa%2FILa2jFi3lUIYwD7GaOh79%2Fc0D%2B56vt7s7%2F%2FMHfba9u73bj8%2BlfD3e33jzQsiRAT%2FMRLYpx%2BtCOvQ%2FtulP1s9JkqoM0GDnAiZXJ1vCGvwHLVsDWtujamjNq4CfciVCAoietQAx10qygAQtNay4sZY7C2JYKqH%2BRqiMUIjdIzHR0pKDQ7RG5BE%2B%2B2stVA3Ft5OS1I%2FJploz7wrkBJWhtC926KBW6lcrYo9mN4iCeSBGct4Mj3c56HPXMSs4b0E24kA4z8uTWsqtrzRSAeCRpbEVFBVYqDsIcJYkIJTHByR5vw5llwOshdGjN7Ap4tToy%2FyVJFIbP4q%2BU59ZNAw0XPyefZvGYeM%2FMmexgtK5zytZ6%2BGelOkbhUEIIQS8aNKulmww7Y6Sw5ZFDTjEKniBkZ6aLgtrZ4piYK%2BgLPd59XEziaRQ8IwouK5mCAoThtB6Zwnfb%2BQucCD%2B2EYezv7T4NV1ShJ4OWUh7BnnjmJjhbjQgR%2Bd79GSJXsmuHu8oWMts6w5nJc1YIF1%2F68zjxcNI0GbgJa314nKGhCgZDRwJ3siYFJQK9Mpq3rT1sXuLKEXpDxHGKd5FwX9Bccm9SKbglPwCQEPPR3I90%2BLq9v3PaDF6YY9leAOymyFFQRAEP6XOozcOoSH8n9BsJwyvp7cz3ANauuBSTWuBKm2ZrOU8qLf9%2FYdFZmQkGOsOaA2CgW1kzms4nt9pQkaC7dJStzU3ruDRgrYDZ9%2BEx%2BrDY%2FNxGe1uDQeuND9Yd3uzECMBjl%2BK2bzL8%2BXl3ss998KPxk4tldLcNlSvuaiOaZ1Nt1IKGrmB582jVLJxc7mrCUOpPFxPSIww2jsQmGxsTosK5l6Mj5wfQQTj75mkV4qLg7P9cAbTRefcmRVtj3tyuo15HK9KRbviiMVREozOa5ksYLOouEMcY%2FIilYdG%2F%2B3%2F0RKayQ%3D%3D&pcode-icookie=02y5YaRCo46nluOahSqT0R0P2GLbaP5kyWiGCxUoFyPqCF752SKsHOwanQh%2FVPj6oqd6gCLJXX1qCkX%2Bp25qpJ3fxfg%3D&disable-base64=1&imp-id=3&ecma-version=es2017&charset=utf-8&test-tag=7696581394434&tga-with-creatives=1&top-ancestor=https%3A%2F%2Fgoo.su&top-ancestor-undetermined=0&layout-config=%7B%22win_width%22%3A1600%2C%22win_height%22%3A1200%2C%22pixel_ratio%22%3A1%2C%22bandwidth%22%3A1.25%2C%22isInIframe%22%3Afalse%2C%22w%22%3A1600%2C%22h%22%3A1200%2C%22width%22%3A145%2C%22height%22%3A0%2C%22visible%22%3A1%2C%22fullscreenHeaderHeight%22%3A80%2C%22left%22%3A727%2C%22top%22%3A326%2C%22ad_no%22%3A0%2C%22safeArea%22%3A%7B%22top%22%3A0%2C%22bottom%22%3A0%2C%22left%22%3A0%2C%22right%22%3A0%7D%2C%22req_no%22%3A0%7D&grab-orig-len=360&grab=eyJncmFiX3ZlcnNpb24iOjJ9CpJuspE73_N6UJ1O2KusijhPEkkV8vfH7JT3ux8GRII2b4nZksi3Z5hAEObCDetz4S6FXGbHXwa7sObirMOXKrWFvUnvEnuEHk5Hs8ysdf2jdXNuCL1Xchd3SLQ1QQOtVxks2IDMJSzmo09aEzrbhMaGn0NNE3yKuAYJ_Rzxu9ok5pJy0UxyIBV9BrPxGp3a80NYK2rsl0qXVXiig5VoVfnkaN4fqkX1fOYZq5d238zxz2O9b9wtnptOFqceSDoSEkHfl_4V9AK_MevcGaWtC_C0NCWfaWtQ-WEJIYrig_tL-h6ddpRJ1ad4A8JgluGsHv5AdSQlKgI4QP8%3D&uniformat=true&callback=Ya%5B2150631799168%5D
Requested by
Host: an.yandex.ru
URL: https://an.yandex.ru/system/context.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
5.255.255.77 , Russian Federation, ASN13238 (YANDEX YANDEX LLC, RU),
Reverse DNS
yandex.ru
Software
/
Resource Hash
66ec1a5962d02e61a542e5b0a55b167b4714a365aaa967c0047d1088b53849bf
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests; default-src 'none'; base-uri 'none'; script-src 'report-sample' 'unsafe-inline' 'self' yandex.ru an.yandex.ru api-maps.yandex.ru mc.yandex.ru yastatic.net pcode.yads.tech *.maps.yandex.net; style-src 'unsafe-inline' yastatic.net; img-src 'self' data: avatars.mds.yandex.net favicon.yandex.net *.captcha.yandex.net yastatic.net *.maps.yandex.net *.yandex.ru avatars.yads.tech; media-src blob: strm.yandex.ru *.strm.yandex.net; font-src yastatic.net; connect-src 'self' blob: abs.yandex.ru an.yandex.ru yandex.ru mc.yandex.ru yastatic.net log.strm.yandex.ru display.yads.tech display-logs.yads.tech; frame-src yandexadexchange.net yandex.ru an.yandex.ru; report-uri https://csp.yandex.net/csp?from=yabs&project=yabs&yandex_login=&platform=
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
application/x-www-form-urlencoded
Referer
https://goo.su/

Response headers

x-yandex-req-id
1735436413559547-11819839719696818871-balancer-l7leveler-kubr-yp-vla-128-BAL
content-encoding
gzip
report-to
{ "group": "network-errors", "max_age": 100, "endpoints": [{"url": "https://dr.yandex.net/nel", "priority": 1}, {"url": "https://dr2.yandex.net/nel", "priority": 2}]}
x-content-type-options
nosniff
expires
Sun, 29 Dec 2024 01:40:13 GMT
date
Sun, 29 Dec 2024 01:40:13 GMT
content-type
application/json; charset=utf-8
last-modified
Sun, 29 Dec 2024 01:40:13 GMT
content-security-policy
upgrade-insecure-requests; default-src 'none'; base-uri 'none'; script-src 'report-sample' 'unsafe-inline' 'self' yandex.ru an.yandex.ru api-maps.yandex.ru mc.yandex.ru yastatic.net pcode.yads.tech *.maps.yandex.net; style-src 'unsafe-inline' yastatic.net; img-src 'self' data: avatars.mds.yandex.net favicon.yandex.net *.captcha.yandex.net yastatic.net *.maps.yandex.net *.yandex.ru avatars.yads.tech; media-src blob: strm.yandex.ru *.strm.yandex.net; font-src yastatic.net; connect-src 'self' blob: abs.yandex.ru an.yandex.ru yandex.ru mc.yandex.ru yastatic.net log.strm.yandex.ru display.yads.tech display-logs.yads.tech; frame-src yandexadexchange.net yandex.ru an.yandex.ru; report-uri https://csp.yandex.net/csp?from=yabs&project=yabs&yandex_login=&platform=
nel
{"report_to": "network-errors", "max_age": 100, "success_fraction": 0.001, "failure_fraction": 0.1}
timing-allow-origin
*
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
accept-ch
Sec-CH-UA-Platform-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Platform, Sec-CH-UA-Full-Version, Viewport-Width, DPR, Device-Memory, RTT, Downlink, ECT, Width
pragma
no-cache
access-control-allow-credentials
true
access-control-allow-origin
https://goo.su
x-xss-protection
1; mode=block
/
kraken.rambler.ru/cnt/v2/ 		43 B
637 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://kraken.rambler.ru/cnt/v2/?event_type=base&event_name=page_view&project_id=6673155&session_id=1738512018_1735436412898&session_number=1&session_event_number=1&version=3.16.50&counter_type=web&experiment=%5B%5B%22exp_ws%22%2C%22no%22%5D%5D&top100_id=t1.6673155.1676980364.1735436412896&adtech_uid=3eeeb35f-6328-4082-90be-05c204ee8673&adtech_uid_scope=goo.su&fingerprint_ip=pA8AAENKs1f6AYnFAX%2FBYQA%3D&url=https%3A%2F%2Fgoo.su%2FzCDdX0&request_id=1735436412.896-1792796532&event_id=760164129024815&meta=%7B%22title%22%3A%22Redirecting%22%2C%22referer%22%3A%22%22%2C%22screen_size%22%3A%221600x1200%22%2C%22browser_size%22%3A%221600x1200%22%2C%22color_depth%22%3A%2224-bit%22%2C%22language%22%3A%22en-US%22%2C%22browser%22%3A%22Netscape%22%2C%22platform%22%3A%22Linux%20x86_64%22%2C%22timezone%22%3A%22600%22%7D&rn=1915327984
Requested by
Host: goo.su
URL: https://goo.su/zCDdX0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
81.19.89.16 , Russian Federation, ASN24638 (RAMBLER-TELECOM-AS Rambler Internet Holding LLC, RU),
Reverse DNS
kraken.rambler.ru
Software
nginx /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://goo.su/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
cache-control
no-cache
accept-ch
Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
pragma
no-cache
access-control-allow-credentials
true
access-control-allow-methods
GET, POST, OPTIONS
expires
Thu, 01 Jan 1970 00:00:01 GMT
x-sca-elb
t100-exd
content-length
43
date
Sun, 29 Dec 2024 01:40:14 GMT
content-type
image/gif
server
nginx
access-control-allow-headers
content-type
top100_0062b1.gif
kraken.rambler.ru/counter-static/images/ 		595 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://kraken.rambler.ru/counter-static/images/top100_0062b1.gif
Requested by
Host: goo.su
URL: https://goo.su/zCDdX0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
81.19.89.16 , Russian Federation, ASN24638 (RAMBLER-TELECOM-AS Rambler Internet Holding LLC, RU),
Reverse DNS
kraken.rambler.ru
Software
nginx /
Resource Hash
fda0897f4cdbbab911245c9ebaa4885f54a7e572b8c9b071dc976d1d27cab1a6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://goo.su/

Response headers

x-obs-id-2
32AAAQAAEAABAAAQAAEAABAAAQAAEAABCTAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
x-obs-meta-s3cmd-attrs
atime:1718733846/ctime:1718733846/gid:0/gname:root/md5:10d95efe74b84de86398a30e7b958b79/mode:33206/mtime:1718733846/uid:0/uname:root
access-control-allow-methods
OPTIONS,GET
x-sca-elb
t100-exd
date
Sun, 29 Dec 2024 01:40:14 GMT
content-type
image/gif
x-obs-request-id
2029fdf32b078ddb868a7b84771f1ce9
access-control-allow-headers
DNT
x-cache-status
HIT
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
max-age=86400
access-control-allow-credentials
true
x-obs-tagging-count
0
access-control-allow-origin
*
content-length
595
x-obs-content-sha256
fda0897f4cdbbab911245c9ebaa4885f54a7e572b8c9b071dc976d1d27cab1a6
server
nginx
sync-loader.js
privacy-cs.mail.ru/static/ 		0
0
dyn-goal-config.js
top-fwz1.mail.ru/js/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://top-fwz1.mail.ru/js/dyn-goal-config.js?ids=3128781
Requested by
Host: top-fwz1.mail.ru
URL: https://top-fwz1.mail.ru/js/code.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
95.163.52.67 , Russian Federation, ASN47764 (VK-AS LLC VK, RU),
Reverse DNS
top-fwz1.mail.ru
Software
nginx /
Resource Hash
0e7e3045519beaff2095d4a64b8dfb1b581013eb5b8f4b3549983c69abe7139b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://goo.su/

Response headers

access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
content-encoding
gzip
access-control-allow-methods
GET, POST, HEAD, PUT, OPTIONS
x-content-type-options
nosniff
accept-ch-lifetime
86400
expires
Sun, 29 Dec 2024 01:50:13 GMT
p3p
CP="NOI DSP COR NID CUR PSA OUR NOR"
date
Sun, 29 Dec 2024 01:40:13 GMT
content-type
application/javascript; charset=utf-8
access-control-allow-headers
*
cache-control
max-age=600, private
timing-allow-origin
*
accept-ch
DPR, Width, Viewport-Width, Downlink, Device-Memory, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version
access-control-allow-credentials
true
amp-access-control-allow-source-origin
*
access-control-allow-origin
*
server
nginx
counter
top-fwz1.mail.ru/ 		43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://top-fwz1.mail.ru/counter?_=0.3625791073250302;id=3128781;u=https%3A//goo.su/zCDdX0;title=Redirecting;s=1600*1200;vp=1600*1200;touch=0;hds=1;sid=a78c29a52da82a95;ver=60.6.0;tz=600%2FPacific%2FHonolulu;st=1735436410146;ct=5777/5782/5782//3009;rt=3009/2669/0/0/0/3009/3989/4354/4354/5307/4755/5307/5558/5679;gl=u;ni=1.25//3g/350/0/;lvid=1735436412916%3A1735436412942%3A1%3Aa36adfab0bca7988911eaf2feff3c1f3;opts=cnhp%3Dh2%2Ccs%3D19192-47083-19492;visible=true;js=13
Requested by
Host: goo.su
URL: https://goo.su/zCDdX0
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
95.163.52.67 , Russian Federation, ASN47764 (VK-AS LLC VK, RU),
Reverse DNS
top-fwz1.mail.ru
Software
nginx /
Resource Hash
24e480e4659fbae818853a38f8a3036f529f539024dc3e772c0b594ce02ea9db
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://goo.su/

Response headers

access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
access-control-allow-methods
GET, POST, HEAD, PUT, OPTIONS
x-content-type-options
nosniff
accept-ch-lifetime
86400
p3p
CP="NOI DSP COR NID CUR PSA OUR NOR"
date
Sun, 29 Dec 2024 01:40:13 GMT
content-type
image/gif
access-control-allow-headers
*
cache-control
private, no-cache, no-store, max-age=0
timing-allow-origin
*
pragma
no-cache
accept-ch
DPR, Width, Viewport-Width, Downlink, Device-Memory, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version
access-control-allow-credentials
true
amp-access-control-allow-source-origin
*
access-control-allow-origin
*
content-length
43
server
nginx
1677322
yandex.ru/ads/meta/ 		438 B
446 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://yandex.ru/ads/meta/1677322?target-ref=https%3A%2F%2Fgoo.su%2FzCDdX0&pcode-version=1183758&pcodever=1183758&comboblock-unencoded-vast=1&ad-session-id=3493061735436412573&target-id=87227393&pcode-test-ids=1173005%2C0%2C82%3B1135988%2C0%2C34%3B1177116%2C0%2C56%3B1184115%2C0%2C9%3B1182168%2C0%2C94%3B1183717%2C0%2C18%3B1139802%2C0%2C78%3B1177689%2C0%2C71%3B1175803%2C0%2C63%3B1178054%2C0%2C94%3B1175949%2C0%2C89%3B1184151%2C0%2C49%3B1181855%2C0%2C57%3B1175871%2C0%2C40%3B1178013%2C0%2C85%3B1183609%2C0%2C45%3B1183758%2C0%2C52%3B912285%2C0%2C4&pcode-flags-map=eJylWN1ynDgTfReujRcBApE7IRpGNSARSYztbKVUODPZ9cY%2FW3aS3S%2BpvPtXAjw2OJlJaq9mEPRRd6t%2FTuurt6HaVormtgZRmZX36vev3uf%2B%2BtPOe%2BWFQUy8E%2B%2Fj7uEj33qvPBKQII29b29PBrEzRVtbc21AgLL5hZWCwQzAqA6eAyAUxQkO9wi6Uxu4sFxoo4A2tpEFKGEL0LwSM6SHd%2F31zt7u%2FpnD4TBEZA%2FXabAbbhQX1JqNfd2BurAtVbSZYe3%2B%2FXuBkoQZHlF4AdJyYU1FrS4GxFE3LirbQMGpLXkNegb4%2Fu7e9tfXC9CMpGgANZW0E3AlpAKr%2BRs4rBGJAxQMwkpZULywRtoN1eaYGIrSJ%2B8amtdgN6A0l3N3IkQiEkRL6TgcNW662vCcCneuneAlh8JyYUCVlB3UHGckTEcNnOvy9WCrtqVUdu9bJptcHkJJ0iwO0kfzBZxZBaZTwtLSgLKs5mxtzUrJrlodjLcUoSDOBiDdUGVcSHRg4by1eU3Zeoje5wi%2Fezf91fXp%2FSfvxPtff7vd%2FXt6%2F%2Bm3q5v%2Bj93DbOmP%2FmZY2X7Z3Y6f95%2BvPt6Nf29Onz1sb6%2BmVYe8R%2FBOvPv%2By%2FXdlz%2Bn11%2Fux99P9%2F3p7e6fhxcf%2FNXf3VxNoncf3O%2FbmamYhKPPNBhbQEm72tiWVmBF1%2BSgDnk8xShKx4C7oNpQw5ktAQqb15KtLS%2Fs2Yob%2BI6%2FlM%2F9MM5QGMQ%2B8k5mz%2BHiOVo8x8Mz9UOMgiANJ3nqY0LiBPkI7ReSFOHUbfB2Vo6yBCWD0qW2tZStLfn5ITMJjiIUDRIuqqrWWM0Ubw%2BmFUmjMBurXsH1kFJjBDIpSq4aapbZtQDIQhyRcdfiDYixqKyhBnNMDpEwm1W3FRVF7Y5BrCclXGbRwnTiYF5mURrisVBq2oC9oKKAc1vIhvLDOqRBmmQz42ULQpnctgpa24ChNu%2Fq9UGQDMdTVQBDK7sCWhyORxQEBCdjMaL6QrAxc5%2BLfPUedh9dBD57b51eBTXU1pIW3sn8HYgCnLMW69OLxarriT8C%2BOEWXHBjxwValPJ88boBo%2FiaWiY7V0wXb5mUaw62oYatXLf5%2Fletkg3X8GLjIdGd%2BZOWQ7VdfDWvwFaKQWGXU3%2FePXx8cM50beztt9lJIJJmUw3V7dCEpkZ4xs1KdsYqKLgCZqwU9cXxLhWEaUDGWlMa%2BxhVtG1rueHCcqktiIJRVRyBycIA77Njj6M1mOcNhymghm%2Fc8VG2GpR2H7Oa8uZYEIZZ9Mz0kp%2Fbc05lw62C1x1oow%2BLRyFO8V6cddrIxtaysryk8yoa413fX6LEz3b9ez9O%2B8i%2FTJOt37%2B%2FTOJs1%2BMtdsU0xT1Jkgj777ZJ5scZee9n24z4KHjXo36L%2BsudK5kMwjBKYuSHOY79OIiwn%2BM888MwwxgBFFCU3omX4R2JtqT3cbyL%2FXgbhX6fothHl31%2FSdJ3CGdbtylEcRyFxI%2BTNPJjjKifJ0ns51ECZViyuAyyWV1GQRRnhHzP8BYUAzGLj%2BA0CPDPSbOymleADKUIpVnovUInXhQEGQnjAHmv0LcfALqcfSREY6IePsE4TSZmyLSaCGXFm%2BYwfQviLEyShZgGtQHla14cEcZBOHW1fb4NrfhHHTiJsiBOI7w4AxzF4aj6wNMbx98qRWtLhT47Fvg4wyjc69C6kmSNomwNSs93jwIUhkmCsedOACVxHOKlKiQmk0WqsWVNqyN5Q7KUTFSmBTbSz07w167QFUNqu%2B7d1pRBs4iml2AZTiY%2FVGDsZm0LaOTEa%2FILa2jFi3lUIYwD7GaOh79%2Fc0D%2B56vt7s7%2F%2FMHfba9u73bj8%2BlfD3e33jzQsiRAT%2FMRLYpx%2BtCOvQ%2FtulP1s9JkqoM0GDnAiZXJ1vCGvwHLVsDWtujamjNq4CfciVCAoietQAx10qygAQtNay4sZY7C2JYKqH%2BRqiMUIjdIzHR0pKDQ7RG5BE%2B%2B2stVA3Ft5OS1I%2FJploz7wrkBJWhtC926KBW6lcrYo9mN4iCeSBGct4Mj3c56HPXMSs4b0E24kA4z8uTWsqtrzRSAeCRpbEVFBVYqDsIcJYkIJTHByR5vw5llwOshdGjN7Ap4tToy%2FyVJFIbP4q%2BU59ZNAw0XPyefZvGYeM%2FMmexgtK5zytZ6%2BGelOkbhUEIIQS8aNKulmww7Y6Sw5ZFDTjEKniBkZ6aLgtrZ4piYK%2BgLPd59XEziaRQ8IwouK5mCAoThtB6Zwnfb%2BQucCD%2B2EYezv7T4NV1ShJ4OWUh7BnnjmJjhbjQgR%2Bd79GSJXsmuHu8oWMts6w5nJc1YIF1%2F68zjxcNI0GbgJa314nKGhCgZDRwJ3siYFJQK9Mpq3rT1sXuLKEXpDxHGKd5FwX9Bccm9SKbglPwCQEPPR3I90%2BLq9v3PaDF6YY9leAOymyFFQRAEP6XOozcOoSH8n9BsJwyvp7cz3ANauuBSTWuBKm2ZrOU8qLf9%2FYdFZmQkGOsOaA2CgW1kzms4nt9pQkaC7dJStzU3ruDRgrYDZ9%2BEx%2BrDY%2FNxGe1uDQeuND9Yd3uzECMBjl%2BK2bzL8%2BXl3ss998KPxk4tldLcNlSvuaiOaZ1Nt1IKGrmB582jVLJxc7mrCUOpPFxPSIww2jsQmGxsTosK5l6Mj5wfQQTj75mkV4qLg7P9cAbTRefcmRVtj3tyuo15HK9KRbviiMVREozOa5ksYLOouEMcY%2FIilYdG%2F%2B3%2F0RKayQ%3D%3D&pcode-icookie=02y5YaRCo46nluOahSqT0R0P2GLbaP5kyWiGCxUoFyPqCF752SKsHOwanQh%2FVPj6oqd6gCLJXX1qCkX%2Bp25qpJ3fxfg%3D&disable-base64=1&imp-id=4&ecma-version=es2017&charset=utf-8&test-tag=7696581394434&tga-with-creatives=1&top-ancestor=https%3A%2F%2Fgoo.su&top-ancestor-undetermined=0&layout-config=%7B%22win_width%22%3A1600%2C%22win_height%22%3A1200%2C%22pixel_ratio%22%3A1%2C%22bandwidth%22%3A1.25%2C%22isInIframe%22%3Afalse%2C%22w%22%3A1600%2C%22h%22%3A1200%2C%22width%22%3A145%2C%22height%22%3A0%2C%22visible%22%3A1%2C%22fullscreenHeaderHeight%22%3A80%2C%22left%22%3A727%2C%22top%22%3A326%2C%22ad_no%22%3A0%2C%22safeArea%22%3A%7B%22top%22%3A0%2C%22bottom%22%3A0%2C%22left%22%3A0%2C%22right%22%3A0%7D%2C%22req_no%22%3A1%7D&grab-orig-len=360&grab=eyJncmFiX3ZlcnNpb24iOjJ9CpJuspE73_N6UJ1O2KusijhPEkkV8vfH7JT3ux8GRII2b4nZksi3Z5hAEObCDetz4S6FXGbHXwa7sObirMOXKrWFvUnvEnuEHk5Hs8ysdf2jdXNuCL1Xchd3SLQ1QQOtVxks2IDMJSzmo09aEzrbhMaGn0NNE3yKuAYJ_Rzxu9ok5pJy0UxyIBV9BrPxGp3a80NYK2rsl0qXVXiig5VoVfnkaN4fqkX1fOYZq5d238zxz2O9b9wtnptOFqceSDoSEkHfl_4V9AK_MevcGaWtC_C0NCWfaWtQ-WEJIYrig_tL-h6ddpRJ1ad4A8JgluGsHv5AdSQlKgI4QP8%3D&uniformat=true&callback=Ya%5B7767223369285%5D
Requested by
Host: an.yandex.ru
URL: https://an.yandex.ru/system/context.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
5.255.255.77 , Russian Federation, ASN13238 (YANDEX YANDEX LLC, RU),
Reverse DNS
yandex.ru
Software
/
Resource Hash
a8250a8c41f18762b1911b27285bf6caaecba9ed03836da62369c6d47dd8eba1
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests; default-src 'none'; base-uri 'none'; script-src 'report-sample' 'unsafe-inline' 'self' yandex.ru an.yandex.ru api-maps.yandex.ru mc.yandex.ru yastatic.net pcode.yads.tech *.maps.yandex.net; style-src 'unsafe-inline' yastatic.net; img-src 'self' data: avatars.mds.yandex.net favicon.yandex.net *.captcha.yandex.net yastatic.net *.maps.yandex.net *.yandex.ru avatars.yads.tech; media-src blob: strm.yandex.ru *.strm.yandex.net; font-src yastatic.net; connect-src 'self' blob: abs.yandex.ru an.yandex.ru yandex.ru mc.yandex.ru yastatic.net log.strm.yandex.ru display.yads.tech display-logs.yads.tech; frame-src yandexadexchange.net yandex.ru an.yandex.ru; report-uri https://csp.yandex.net/csp?from=yabs&project=yabs&yandex_login=&platform=
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
application/x-www-form-urlencoded
Referer
https://goo.su/

Response headers

x-yandex-req-id
1735436414064416-16986739193666509151-balancer-l7leveler-kubr-yp-vla-128-BAL
content-encoding
gzip
report-to
{ "group": "network-errors", "max_age": 100, "endpoints": [{"url": "https://dr.yandex.net/nel", "priority": 1}, {"url": "https://dr2.yandex.net/nel", "priority": 2}]}
x-content-type-options
nosniff
expires
Sun, 29 Dec 2024 01:40:14 GMT
date
Sun, 29 Dec 2024 01:40:14 GMT
content-type
application/json; charset=utf-8
last-modified
Sun, 29 Dec 2024 01:40:14 GMT
content-security-policy
upgrade-insecure-requests; default-src 'none'; base-uri 'none'; script-src 'report-sample' 'unsafe-inline' 'self' yandex.ru an.yandex.ru api-maps.yandex.ru mc.yandex.ru yastatic.net pcode.yads.tech *.maps.yandex.net; style-src 'unsafe-inline' yastatic.net; img-src 'self' data: avatars.mds.yandex.net favicon.yandex.net *.captcha.yandex.net yastatic.net *.maps.yandex.net *.yandex.ru avatars.yads.tech; media-src blob: strm.yandex.ru *.strm.yandex.net; font-src yastatic.net; connect-src 'self' blob: abs.yandex.ru an.yandex.ru yandex.ru mc.yandex.ru yastatic.net log.strm.yandex.ru display.yads.tech display-logs.yads.tech; frame-src yandexadexchange.net yandex.ru an.yandex.ru; report-uri https://csp.yandex.net/csp?from=yabs&project=yabs&yandex_login=&platform=
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin
*
nel
{"report_to": "network-errors", "max_age": 100, "success_fraction": 0.001, "failure_fraction": 0.1}
accept-ch
Sec-CH-UA-Platform-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Platform, Sec-CH-UA-Full-Version, Viewport-Width, DPR, Device-Memory, RTT, Downlink, ECT, Width
pragma
no-cache
access-control-allow-credentials
true
access-control-allow-origin
https://goo.su
x-xss-protection
1; mode=block
watch.js
mc.yandex.ru/metrika/ 		154 KB
55 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.ru/metrika/watch.js
Requested by
Host: an.yandex.ru
URL: https://an.yandex.ru/system/context.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
77.88.21.119 , Russian Federation, ASN13238 (YANDEX YANDEX LLC, RU),
Reverse DNS
mc.yandex.ru
Software
/
Resource Hash
dcc1643bbb30485235761e58faad3153ca92327592f070b727a86dab61fa256e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://goo.su
Referer
https://goo.su/

Response headers

strict-transport-security
max-age=31536000
cache-control
max-age=3600
timing-allow-origin
*
content-encoding
br
etag
"67655eba-d910"
accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
expires
Sun, 29 Dec 2024 02:40:15 GMT
access-control-allow-origin
*
content-length
55568
date
Sun, 29 Dec 2024 01:40:15 GMT
last-modified
Fri, 20 Dec 2024 12:10:34 GMT
content-type
application/javascript
talp9t8
nm52mrg.girlsromancehaven.com/
Redirect Chain
  • https://emily-stream.com/4RB9dF
  • https://nm52mrg.girlsromancehaven.com/talp9t8?cid=36hcs1j163d0b
0
0
/
kraken.rambler.ru/cnt/v2/ 		43 B
672 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://kraken.rambler.ru/cnt/v2/
Requested by
Host: st.top100.ru
URL: https://st.top100.ru/top100/top100.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
81.19.89.16 , Russian Federation, ASN24638 (RAMBLER-TELECOM-AS Rambler Internet Holding LLC, RU),
Reverse DNS
kraken.rambler.ru
Software
nginx /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8
Referer
https://goo.su/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
cache-control
no-cache
accept-ch
Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
pragma
no-cache
access-control-allow-credentials
true
access-control-allow-methods
GET, POST, OPTIONS
expires
Thu, 01 Jan 1970 00:00:01 GMT
access-control-allow-origin
https://goo.su
x-sca-elb
t100-exd
content-length
43
date
Sun, 29 Dec 2024 01:40:15 GMT
content-type
image/gif
server
nginx
access-control-allow-headers
content-type
/
kraken.rambler.ru/cnt/v2/ 		43 B
672 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://kraken.rambler.ru/cnt/v2/
Requested by
Host: st.top100.ru
URL: https://st.top100.ru/top100/top100.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
81.19.89.16 , Russian Federation, ASN24638 (RAMBLER-TELECOM-AS Rambler Internet Holding LLC, RU),
Reverse DNS
kraken.rambler.ru
Software
nginx /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8
Referer
https://goo.su/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
cache-control
no-cache
accept-ch
Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
pragma
no-cache
access-control-allow-credentials
true
access-control-allow-methods
GET, POST, OPTIONS
expires
Thu, 01 Jan 1970 00:00:01 GMT
access-control-allow-origin
https://goo.su
x-sca-elb
t100-exd
content-length
43
date
Sun, 29 Dec 2024 01:40:15 GMT
content-type
image/gif
server
nginx
access-control-allow-headers
content-type
sync_cookie_image_check
mc.yandex.com/ 		0
0
metrika_match.html
mc.yandex.com/metrika/ Frame BB42 		0
0
1677322
mc.yandex.com/watch/ 		0
0
1
mc.yandex.com/watch/1677322/
Redirect Chain
  • https://mc.yandex.com/watch/1677322?wmode=7&page-url=https%3A%2F%2Fgoo.su%2FzCDdX0&nohit=1&charset=utf-8&cnt-class=1&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3Afqngs4ku2psd4e9m0lq0o0a6g7v%3Afu%3A0%3...
  • https://mc.yandex.com/watch/1677322/1?wmode=7&page-url=https%3A%2F%2Fgoo.su%2FzCDdX0&nohit=1&charset=utf-8&cnt-class=1&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3Afqngs4ku2psd4e9m0lq0o0a6g7v%3Afu%3A0...
0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
privacy-cs.mail.ru
URL
https://privacy-cs.mail.ru/static/sync-loader.js
Domain
nm52mrg.girlsromancehaven.com
URL
https://nm52mrg.girlsromancehaven.com/talp9t8?cid=36hcs1j163d0b
Domain
mc.yandex.com
URL
https://mc.yandex.com/sync_cookie_image_check
Domain
mc.yandex.com
URL
https://mc.yandex.com/metrika/metrika_match.html
Domain
mc.yandex.com
URL
https://mc.yandex.com/watch/1677322?wmode=7&page-url=https%3A%2F%2Fgoo.su%2FzCDdX0&nohit=1&charset=utf-8&cnt-class=1&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3Afqngs4ku2psd4e9m0lq0o0a6g7v%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1551%3Acn%3A1%3Adp%3A0%3Als%3A684898766088%3Ahid%3A380362291%3Az%3A-600%3Ai%3A20241228154015%3Aet%3A1735436416%3Ac%3A1%3Arn%3A797244225%3Au%3A1735436416861321056%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Aco%3A0%3Acpf%3A1%3Ans%3A1735436407135%3Arqnl%3A1%3Ast%3A1735436417%3At%3ARedirecting&t=clc(0-0-0)aw(1)rcm(1)cdl(na)eco(565312)ti(1)
Domain
mc.yandex.com
URL
https://mc.yandex.com/watch/1677322/1?wmode=7&page-url=https%3A%2F%2Fgoo.su%2FzCDdX0&nohit=1&charset=utf-8&cnt-class=1&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3Afqngs4ku2psd4e9m0lq0o0a6g7v%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1551%3Acn%3A1%3Adp%3A0%3Als%3A684898766088%3Ahid%3A380362291%3Az%3A-600%3Ai%3A20241228154015%3Aet%3A1735436416%3Ac%3A1%3Arn%3A797244225%3Au%3A1735436416861321056%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Aco%3A0%3Acpf%3A1%3Ans%3A1735436407135%3Arqnl%3A1%3Ast%3A1735436418%3At%3ARedirecting&t=clc%280-0-0%29aw%281%29rcm%281%29cdl%28na%29eco%28565312%29ti%282%29&redirnss=1

Verdicts & Comments Add Verdict or Comment

28 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| yandexContextAsyncCallbacks object| _tmr object| _top100q function| jQuery function| $ object| $insertQueue9740478b5143$ function| cnc object| pcode_1183758_default_5FxCQYEIlk object| Ya object| __activeTestIds object| __pcodeAllActiveTestIds number| pr function| AdFox_getCodeScript object| ya object| yaads object| yaSafeFrameCallbacksStorage boolean| isLoadingSafeframeStarted object| adfoxAsyncParams object| adfoxAsyncParamsScroll object| adfoxAsyncParamsAdaptive object| layoutConfig function| Kraken function| top100 object| top100Counter object| _top100 object| $sf object| yaSafeFrameAsyncCallbacks object| yaCounter1677322

23 Cookies

Domain/Path Name / Value
goo.su/ Name: XSRF-TOKEN
Value: eyJpdiI6InpiejBOY3VPNHkzbkpYR2M5SjZENEE9PSIsInZhbHVlIjoiK2t5eUtLZmFVVmM0dXQ2YSs3bW1zbXhPMjNsN2Qxb3JVdm5MdlU1RjRNb3l4aUliVGR3dGoxOVVzWEVlQlJDUWp2NWFzRkdpVHcranJaTW5ZSEIzVTZJSXNZM0k2SHhsQXBiNm43L2IzdmtHVzRRa1R2dUQxeCt1ajZMeDZqV1UiLCJtYWMiOiI0YmM5ZjBhNDcxZTA0NWY2NzMxYzY0NGU4MGM2YjY5YjUxMjI4YzIxYTEwMTZkOGRkNzNiNjQxNjIwNjYyNmM0IiwidGFnIjoiIn0%3D
goo.su/ Name: goosu_session
Value: eyJpdiI6ImdXeXlwMjNLQmcyZXdPOGxSUmxCYXc9PSIsInZhbHVlIjoicmsrdlByZVF5RVBXWnhaWHdzUnJ5RlFRVUp1QVh6bzV1RmlHcEV2bkd1aDBhZnRLUTkwaTBWS2thTlpyeDdFZFJDUjdjRXBCY3VLVWJlWWc5bkIzWG9pVW05UHpFWHFPbTJQYmdkdWlwT1U5NHppMGN2SkVkK3puZEZPNXF4c0IiLCJtYWMiOiI4MmI2MmYyNTRkZmFmZGUxMTQzOGZlNGUzZjA0OTU1NjI1MDFmZjgxYTgwNmMyZWM1ZDAzODgyOWY3ZjY2ZDdhIiwidGFnIjoiIn0%3D
enduresopens.com/ Name: GL_UI4
Value: eJw9jd1Og0AQhaGwtNWCTsID%2BAhQQrWXxlvfgQzMQNfCTrNsqb69q4lenZ98OScIglX%2BAOGSbCG6Yg1PWJZ9TfhcVYeu5z3vezrWBVZ0PLz01Baw1XPjsB3ZxbCZJ7SucUsMu4ENW901nRCn8Oipv%2BZs5GZiUK1FQymoyRNjCuvWym1mm0cQG5wYkreTFa9qwg%2BxEJVV6b023ocFrGTOo%2BwO1Ls2189slwRZlgRwfxnR9WKnRpOParBIDOErbDp0PIj9gjXxfHZyAZCRmn%2F%2B91ONP2uQEC%2B681Hcie03KUxO%2BA%3D%3D
enduresopens.com/ Name: GL_GI10
Value: eJwNy8EKgkAUBdCZB1lCBpfctJsvMLEC97UJws1g4NL0EUPxlHEw6Ovr7I9SitI1yI1IirzMilORlXl2PEA%2FQbUFdYKkFhe4Nza0gSdoD6oakBesKv6YZvAv6G4TQzvs7uzddxBzlcBeOBjLfnbd%2F5FMiM%2Ft4837i71Bj5EChWG5AE19qqDnaPsDPz0iMA%3D%3D
.yandex.ru/ Name: i
Value: CdKKOlmdanbMOnBclHQXA1HF5SReJyWTiY3jU4fMuvuGmqn7+27QaGtAP0El6KSXE9shTKtynTjBlW2s9iWe9CL6v2g=
.yandex.ru/ Name: yandexuid
Value: 1907553361735436411
.yandex.ru/ Name: yashr
Value: 5429669921735436411
.yandex.ru/ Name: bh
Value: YPvQwrsGahncyumIDvKst6UL+/rw5w3r//32D6SYzYcI
.yadro.ru/ Name: FTID
Value: 1dSAXx3baeOx1dSAXx003LKV
.yadro.ru/ Name: VID
Value: 1FA-p-3g_iOx1dSAXy0030uR
.goo.su/ Name: adtech_uid
Value: 3eeeb35f-6328-4082-90be-05c204ee8673%3Agoo.su
.goo.su/ Name: top100_id
Value: t1.6673155.1676980364.1735436412896
.goo.su/ Name: tmr_lvid
Value: a36adfab0bca7988911eaf2feff3c1f3
.goo.su/ Name: tmr_lvidTS
Value: 1735436412916
.yandex.ru/ Name: yuidss
Value: 1907553361735436411
.yandex.ru/ Name: receive-cookie-deprecation
Value: 1
top-fwz1.mail.ru/ Name: PVID
Value: 1YfTwl1IvdYT00002U0zDKoT:::0-0-0-c8b013d-0-c8b013d:CAASEPjoh5eyemP3yTEIV45Wva8aYMpDE4sixlQQQtVZj5w3-CkB_8HdjqkI3iCvBvcwefVLvts-S4pU5GW5pJw3c9hDi_3mWAJf1zTIf7Oc-ZLjPtwLLG-s943TbaFZoe_kkXpyr0G0ylrA3URgz3Pa6YXQZA
.mail.ru/ Name: VID
Value: 1YfTwl1IvdYT00002U0zDKoT:::0-0-0-c8b013d-0-c8b013d:CAASEPjoh5eyemP3yTEIV45Wva8aYMpDE4sixlQQQtVZj5w3-CkB_8HdjqkI3iCvBvcwefVLvts-S4pU5GW5pJw3c9hDi_3mWAJf1zTIf7Oc-ZLjPtwLLG-s943TbaFZoe_kkXpyr0G0ylrA3URgz3Pa6YXQZA
goo.su/ Name: tmr_detect
Value: 0%7C1735436415199
.goo.su/ Name: t3_sid_6673155
Value: s1.1738512018.1735436412898.1735436415228.1.3
emily-stream.com/ Name: _subid
Value: 36hcs1j163d0b
emily-stream.com/ Name: 7b7b8
Value: eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjE0XCI6MTczNTQzNjQxNX0sXCJjYW1wYWlnbnNcIjp7XCI1XCI6MTczNTQzNjQxNX0sXCJ0aW1lXCI6MTczNTQzNjQxNX0ifQ.EsAueOcHCsQOZnZHUgkNsiMEmvc5juXczY8KmvJeo5M
emily-stream.com/ Name: _token
Value: uuid_36hcs1j163d0b_36hcs1j163d0b6770a87fe26819.69826562

3 Console Messages

Source Level URL
Text
rendering warning URL: https://goo.su/zCDdX0
Message:
[GroupMarkerNotSet(crbug.com/242999)!:A0904E0694240000]Automatic fallback to software WebGL has been deprecated. Please use the --enable-unsafe-swiftshader flag to opt in to lower security guarantees for trusted content.
rendering warning URL: https://goo.su/zCDdX0
Message:
[GroupMarkerNotSet(crbug.com/242999)!:A0305D0094240000]Automatic fallback to software WebGL has been deprecated. Please use the --enable-unsafe-swiftshader flag to opt in to lower security guarantees for trusted content.
rendering warning URL: https://goo.su/zCDdX0
Message:
[GroupMarkerNotSet(crbug.com/242999)!:A050270E94240000]Automatic fallback to software WebGL has been deprecated. Please use the --enable-unsafe-swiftshader flag to opt in to lower security guarantees for trusted content.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

an.yandex.ru
counter.yadro.ru
enduresopens.com
fonts.googleapis.com
fonts.gstatic.com
goo.su
kraken.rambler.ru
mc.yandex.com
mc.yandex.ru
nm52mrg.girlsromancehaven.com
privacy-cs.mail.ru
richinfo.co
rtb.pushdom.co
st.top100.ru
top-fwz1.mail.ru
www.gstatic.com
yandex.ru
yastatic.net
mc.yandex.com
nm52mrg.girlsromancehaven.com
privacy-cs.mail.ru
109.200.209.143
109.200.209.144
142.250.64.99
142.251.32.99
142.251.41.10
151.236.71.248
172.67.139.105
178.154.131.215
213.180.193.90
23.109.170.99
5.255.255.77
77.88.21.119
81.19.89.16
88.212.202.52
95.163.52.67
0043f89180ccb535cc29be0ebcb83346e380b2e9f94078e1c5fdf598567831b2
033696b7f1ac04d1dcc102be84550e146236ceffc25a6cabc12aa51a6ee410b9
08b83f02859328aabb9acea9370d600ffe739d9e2c251b6668b6f6ff56a2e1d1
0e7e3045519beaff2095d4a64b8dfb1b581013eb5b8f4b3549983c69abe7139b
1083e15f17276402d259f207d321498179dac9996221d7945ac21055bb7bf2f4
23428c6301061ebb006b127c5841235122a23672f0041d08a9518520795a1bde
24e480e4659fbae818853a38f8a3036f529f539024dc3e772c0b594ce02ea9db
34806ef573086241dd1a596a860b0295b51c24f1c37eab36eb9d0665683abb55
41951c9f6c3a65f22c9ed9b8fc8959b2e605a3264c01ef71f4c275f94ec23308
52a8d3417ef880bed0286137f27374248962272a0872cbedae0e61dd38b1a5bd
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
557f3d629cbf8c40716f4c9d7c0147dc3f904ab7bc90b75b43bdf46ff79aad51
66ec1a5962d02e61a542e5b0a55b167b4714a365aaa967c0047d1088b53849bf
719d2fc548145fa8d8361205f6fcb49eefc54c71fbb18e6320a60a263f40637a
80fc30ac502073424612abfe45f0db2859aa92ce62a411b63367a7a380fe95c0
89978e658e840b927dddb5cb3a835c7d8526ece79933bd9f3096b301fe1a8571
950d3ea33a52e3b63868c32fe075b221b10ca5aa31a98b180d7182213c7b8ea1
9ac92dd22b771410a6944726d1ed1fd7a7faaf239c2d80eab0bc1233e6ce95d2
a8250a8c41f18762b1911b27285bf6caaecba9ed03836da62369c6d47dd8eba1
c28064598de8d36d4f19bffbf443141ede3879ae7f59a3df2aafad3f92afe93c
c33bb9ce0f578adc764b0fa7ba4590c1f9c109318ad1f335dd3f301eeca3eb72
c7a987be3cbd97bc18f5c4dac63af0993a04e647ee2504812471192f423e591d
cdc9f17e47e9bbe67f5eace6a2980bc26dda093b18798cf16f56636af8b14398
dcc1643bbb30485235761e58faad3153ca92327592f070b727a86dab61fa256e
e10cd8d343f9c37e3500c69d92f7ac7e78b6c7df29a2ace8cffe71bfa494e8c9
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e66c25bee26a07d36337bf49b9b20a8232133c353730f83a9f05c8bf718426d3
e7af9d60d875eb1c1b1037bbbfdec41fcb096d0ebcf98a48717ad8b07906ced6
f44fd5d3e4ef91db81aa29db7216c4ab17feada8c779fc168e3d13364136610a
fa8ce0f9f5d78718935551066be8ab1e59b330c14c95c5e0a876ccc3ab6e5391
fda0897f4cdbbab911245c9ebaa4885f54a7e572b8c9b071dc976d1d27cab1a6