urlscan.io logo urlscan.io
SecurityTrails logo

goo.su Open in urlscan Pro
172.67.139.105  Public Scan

Go To Rescan Add Verdict Report
URL: https://goo.su/DBuFfbH
Submission Tags: @phish_report
Submission: On August 25 via api from FI — Scanned from FI
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 22 IPs in 5 countries across 18 domains to perform 58 HTTP transactions. The main IP is 172.67.139.105, located in United States and belongs to CLOUDFLARENET, US. The main domain is goo.su. The Cisco Umbrella rank of the primary domain is 304912.
TLS certificate: Issued by WE1 on July 28th 2024. Valid for: 3 months.
This is the only time goo.su was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 172.67.139.105 13335 (CLOUDFLAR...)
1 142.250.186.138 15169 (GOOGLE)
3 23.109.170.99 7979 (SERVERS-COM)
2 142.250.185.168 15169 (GOOGLE)
2 212.117.187.132 7979 (SERVERS-COM)
2 23.109.170.254 7979 (SERVERS-COM)
1 172.217.18.3 15169 (GOOGLE)
5 213.180.193.90 13238 (YANDEX)
1 2 88.212.201.204 39134 (UNITEDNET)
1 151.236.71.248 204720 (CDNETWORKS)
4 12 87.250.251.119 13238 (YANDEX)
4 95.163.52.67 47764 (VK-AS)
2 142.250.185.78 15169 (GOOGLE)
4 95.163.52.89 47764 (VK-AS)
1 216.239.34.36 15169 (GOOGLE)
3 81.19.89.16 24638 (RAMBLER-T...)
2 2 23.109.170.151 7979 (SERVERS-COM)
2 162.19.19.15 16276 (OVH)
7 178.154.131.215 13238 (YANDEX)
4 77.88.44.55 13238 (YANDEX)
1 77.88.21.119 13238 (YANDEX)
1 87.250.247.183 13238 (YANDEX)
1 213.180.204.36 13238 (YANDEX)
58 22
2    172.67.139.105 (United States)

ASN13335 (CLOUDFLARENET, US)
goo.su
1    142.250.186.138 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f10.1e100.net
fonts.googleapis.com
3    23.109.170.99 (Netherlands)

ASN7979 (SERVERS-COM, US)
enduresopens.com
2    142.250.185.168 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s51-in-f8.1e100.net
www.googletagmanager.com
2    212.117.187.132 (Luxembourg, Luxembourg)

ASN7979 (SERVERS-COM, US)
costivecohorts.top
2    23.109.170.254 (Netherlands)

ASN7979 (SERVERS-COM, US)
naggersanimism.shop
1    172.217.18.3 (United States)

ASN15169 (GOOGLE, US)
PTR: fra02s19-in-f3.1e100.net
fonts.gstatic.com
5    213.180.193.90 (Russian Federation)

ASN13238 (YANDEX, RU)
PTR: bs.yandex.ru
an.yandex.ru
2    88.212.201.204 (Russian Federation)

ASN39134 (UNITEDNET, RU)
PTR: host204.rax.ru
counter.yadro.ru
1    151.236.71.248 (Moscow, Russian Federation)

ASN204720 (CDNETWORKS, RU)
st.top100.ru
12    87.250.251.119 (Russian Federation)

ASN13238 (YANDEX, RU)
PTR: mc.yandex.ru
mc.yandex.ru
mc.yandex.com
4    95.163.52.67 (Russian Federation)

ASN47764 (VK-AS, RU)
PTR: top-fwz1.mail.ru
top-fwz1.mail.ru
2    142.250.185.78 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f14.1e100.net
www.google-analytics.com
4    95.163.52.89 (Russian Federation)

ASN47764 (VK-AS, RU)
PTR: r3.mail.ru
privacy-cs.mail.ru
1    216.239.34.36 (United States)

ASN15169 (GOOGLE, US)
region1.google-analytics.com
3    81.19.89.16 (Russian Federation)

ASN24638 (RAMBLER-TELECOM-AS, RU)
PTR: kraken.rambler.ru
kraken.rambler.ru
2    23.109.170.151 (Netherlands)

ASN7979 (SERVERS-COM, US)
abtfliping.top
2    162.19.19.15 (France)

ASN16276 (OVH, FR)
PTR: ns3220790.ip-162-19-19.eu
pequotpatrick.click
7    178.154.131.215 (Russian Federation)

ASN13238 (YANDEX, RU)
PTR: static.yandex.net
yastatic.net
4    77.88.44.55 (Russian Federation)

ASN13238 (YANDEX, RU)
PTR: yandex.ru
yandex.ru
1    77.88.21.119 (Russian Federation)

ASN13238 (YANDEX, RU)
PTR: mc.yandex.ru
mc.yandex.com
1    87.250.247.183 (Russian Federation)

ASN13238 (YANDEX, RU)
PTR: avatars.mds.yandex.net
avatars.mds.yandex.net
1    213.180.204.36 (Russian Federation)

ASN13238 (YANDEX, RU)
PTR: favicon.yandex.net
favicon.yandex.net
Apex Domain
Subdomains		 Transfer
12 yandex.ru
an.yandex.ru — Cisco Umbrella Rank: 5379
mc.yandex.ru — Cisco Umbrella Rank: 2503
yandex.ru — Cisco Umbrella Rank: 1074
198 KB
10 yandex.com
mc.yandex.com — Cisco Umbrella Rank: 6787
4 KB
8 mail.ru
top-fwz1.mail.ru — Cisco Umbrella Rank: 7686
privacy-cs.mail.ru — Cisco Umbrella Rank: 13550
62 KB
7 yastatic.net
yastatic.net — Cisco Umbrella Rank: 4613
192 KB
3 rambler.ru
kraken.rambler.ru — Cisco Umbrella Rank: 37813
3 KB
3 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 104
region1.google-analytics.com — Cisco Umbrella Rank: 3123
21 KB
3 enduresopens.com
enduresopens.com
45 KB
2 yandex.net
avatars.mds.yandex.net — Cisco Umbrella Rank: 5396
favicon.yandex.net — Cisco Umbrella Rank: 6790
4 KB
2 pequotpatrick.click
pequotpatrick.click
273 KB
2 abtfliping.top
abtfliping.top — Cisco Umbrella Rank: 17522
3 KB
2 yadro.ru
counter.yadro.ru — Cisco Umbrella Rank: 9685
1 KB
2 naggersanimism.shop
naggersanimism.shop
2 KB
2 costivecohorts.top
costivecohorts.top
666 B
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 112
166 KB
2 goo.su
goo.su — Cisco Umbrella Rank: 304912
10 KB
1 top100.ru
st.top100.ru — Cisco Umbrella Rank: 48651
39 KB
1 gstatic.com
fonts.gstatic.com
16 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 110
959 B
58 18
Domain Requested by
10 mc.yandex.com 3 redirects goo.su
mc.yandex.ru
7 yastatic.net an.yandex.ru
yastatic.net
5 an.yandex.ru goo.su
an.yandex.ru
4 yandex.ru an.yandex.ru
privacy-cs.mail.ru
yastatic.net
4 privacy-cs.mail.ru top-fwz1.mail.ru
privacy-cs.mail.ru
4 top-fwz1.mail.ru goo.su
top-fwz1.mail.ru
3 kraken.rambler.ru st.top100.ru
goo.su
3 mc.yandex.ru 1 redirects goo.su
3 enduresopens.com goo.su
enduresopens.com
2 pequotpatrick.click goo.su
2 abtfliping.top 2 redirects
2 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
2 counter.yadro.ru 1 redirects goo.su
2 naggersanimism.shop enduresopens.com
2 costivecohorts.top enduresopens.com
2 www.googletagmanager.com goo.su
www.googletagmanager.com
2 goo.su
1 favicon.yandex.net goo.su
1 avatars.mds.yandex.net goo.su
1 region1.google-analytics.com www.googletagmanager.com
1 st.top100.ru goo.su
1 fonts.gstatic.com fonts.googleapis.com
1 fonts.googleapis.com goo.su
58 23

This site contains links to these domains. Also see Links.

Domain
www.liveinternet.ru
top100.rambler.ru
Subject Issuer Validity Valid
goo.su
WE1		 2024-07-28 -
2024-10-26		 3 months crt.sh
upload.video.google.com
WR2		 2024-07-30 -
2024-10-22		 3 months crt.sh
enduresopens.com
R11		 2024-08-10 -
2024-11-08		 3 months crt.sh
*.google-analytics.com
WR2		 2024-07-30 -
2024-10-22		 3 months crt.sh
costivecohorts.top
ZeroSSL RSA Domain Secure Site CA		 2024-08-17 -
2024-11-15		 3 months crt.sh
naggersanimism.shop
R11		 2024-08-10 -
2024-11-08		 3 months crt.sh
*.gstatic.com
WR2		 2024-07-30 -
2024-10-22		 3 months crt.sh
bs.yandex.ru
GlobalSign ECC OV SSL CA 2018		 2024-03-11 -
2024-09-09		 6 months crt.sh
*.top100.ru
GlobalSign GCC R3 DV TLS CA 2020		 2024-02-14 -
2025-03-17		 a year crt.sh
mc.yandex.ru
GlobalSign ECC OV SSL CA 2018		 2024-05-23 -
2024-11-02		 5 months crt.sh
*.mail.ru
GlobalSign ECC OV SSL CA 2018		 2023-10-06 -
2024-11-06		 a year crt.sh
*.rambler.ru
GlobalSign GCC R3 DV TLS CA 2020		 2024-05-02 -
2025-06-03		 a year crt.sh
*.yastatic-net.ru
GlobalSign ECC OV SSL CA 2018		 2024-05-20 -
2024-11-17		 6 months crt.sh
*.xn--d1acpjx3f.xn--p1ai
GlobalSign ECC OV SSL CA 2018		 2024-07-12 -
2025-01-09		 6 months crt.sh
*.avatars.mds.yandex.net
GlobalSign RSA OV SSL CA 2018		 2024-03-20 -
2024-10-20		 7 months crt.sh
favicon.yandex.net
GlobalSign ECC OV SSL CA 2018		 2024-07-23 -
2024-12-22		 5 months crt.sh

This page contains 4 frames:

Primary Page: https://goo.su/DBuFfbH
Frame ID: CAEF02EC729400A7DC3340BEE350538C
Requests: 48 HTTP requests in this frame

Frame: https://pequotpatrick.click/g/99/7b/997bc0c7d7a9e576cb1fe0c6243fda1743a563aa.jpeg
Frame ID: 42927B63CFCDF9A8621E5D1DE174FC8E
Requests: 2 HTTP requests in this frame

Frame: https://mc.yandex.com/metrika/metrika_match.html
Frame ID: 5279078C97D64D43C33FDF4BA330E345
Requests: 1 HTTP requests in this frame

Frame: https://yastatic.net/safeframe-bundles/0.83/1-1-0/render.html
Frame ID: 31EE9F6D270DDB58CF7BA3976C89B3C3
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Not Found

Detected technologies

Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • https?://an\.yandex\.ru/
Overall confidence: 100%
Detected patterns
  • mc\.yandex\.ru/metrika/(?:tag|watch)\.js

Page Statistics

58
Requests

91 %
HTTPS

0 %
IPv6

18
Domains

23
Subdomains

22
IPs

5
Countries

1034 kB
Transfer

2772 kB
Size

87
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 9
  • https://counter.yadro.ru/hit?t44.11;r;s1600*1200*24;uhttps%3A//goo.su/DBuFfbH;hNot%20Found;0.82587578795639 HTTP 302
  • https://counter.yadro.ru/hit?q;t44.11;r;s1600*1200*24;uhttps%3A//goo.su/DBuFfbH;hNot%20Found;0.82587578795639
Request Chain 23
  • https://abtfliping.top/tsk/BWK4j_T0GNkIeSACsYnOk2LOX3Tq4wk3MFQjEit87LNlu*ksh5iT3NRhWctydMkUBfiBZs4_I7Qts4*iXvCYoWTomZaJL*TgbCxCh*Fj*o5a1U6gGnzg0hSa0br6WH9K HTTP 302
  • https://pequotpatrick.click/g/99/7b/997bc0c7d7a9e576cb1fe0c6243fda1743a563aa.jpeg
Request Chain 24
  • https://abtfliping.top/tsk/BWK4j_T0GNkIeSACsYnOkzk879ibISrQ6C1JoAKqVJY1uMKB4dVObYoiq9xAI72uLqaR5*Rkzy*IkPKV3loH76BDuJpVModroeFNDepy1HHQ1NLrGAqHoP_QUu8JGnbw HTTP 302
  • https://pequotpatrick.click/g/6f/2d/6f2d70d3977e71bcd0cc3ef6aed379c2d5b53fbb.jpeg
Request Chain 25
  • https://mc.yandex.com/sync_cookie_image_check HTTP 302
  • https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=10472.BgkHcXEJmVJZkjrEau-rQvloWqq7EE2c6i8zoXGlE9TunMwb-HFQomMlFXSquENp.dprAZaRRJSrC3vuto0T5gSbck3U%2C HTTP 302
  • https://mc.yandex.com/sync_cookie_image_decide?token=10472.KbWMAI-furKt-7mjNN39k4gUcYnPCj-Z6SJlDZGB3UMPFqMv_eKUF4_VaNQ1MjUl1QRpTD3t6mnABd-LlArZiOwgbs5BGgGPUlf0rYEO-dRu-0QQdOD1iUU6thgi2O6JooZAgRQdq0dPuCTlA_5IJO4aeNsvlwUlAp0hKho3BpDFkCiOQA4Y37_eNJfCfsQy2yMghcj4RZwG9qKX6Hlazr7o0D5VQ4X7K_mnkN6yFb0%2C.KWjPu3yRm1k7G5VvJ8pBJdPhdMA%2C HTTP 302
  • https://mc.yandex.ru/sync_cookie_image_finish?redirect_domain=mc.yandex.com&token=10472.NgY5BNU2EMJPV1DOgYc4Rmw_camoA-yyrxYb6fLtXLMvw_jf6CU0SAn6t1MQFJPVH_YyQKxwz5UMK0aACQBNbsUJEQwJcUVgrJs_rTKcLme28uUIQeay6D8a_c8tD4diKqZYKy4pkgKBAYs_XimqW2l_VF5iC9IYSj5rsSXchszL2KvD8AXsAn8GRfLNyy52ju3vgDCpa-SKySTyZuGdaA%2C%2C.x9WlmBgM2Cnyl6kW6bDdcr9Kye0%2C
Request Chain 38
  • https://mc.yandex.com/watch/54140170?wmode=7&page-url=https%3A%2F%2Fgoo.su%2FDBuFfbH&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3Acstsejpcztnbm4xas7mgj8ug9n%3Afu%3A0%3Aen%3Autf-8%3Ala%3Afi-FI%3Av%3A1410%3Acn%3A1%3Adp%3A0%3Als%3A1033007984533%3Ahid%3A748349861%3Az%3A180%3Ai%3A20240825174724%3Aet%3A1724597244%3Ac%3A1%3Arn%3A125021724%3Arqn%3A1%3Au%3A1724597244832576909%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Afp%3A1362%3Awv%3A2%3Ads%3A7%2C495%2C150%2C4%2C0%2C0%2C%2C693%2C0%2C%2C%2C%2C1355%3Aco%3A0%3Acpf%3A1%3Ans%3A1724597242272%3Agi%3AR0ExLjEuMTA1MjYyNTc0NS4xNzI0NTk3MjQ0%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1724597245%3At%3ANot%20Found&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)rcm(1)cdl(na)eco(21037572)ti(1) HTTP 302
  • https://mc.yandex.com/watch/54140170/1?wmode=7&page-url=https%3A%2F%2Fgoo.su%2FDBuFfbH&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3Acstsejpcztnbm4xas7mgj8ug9n%3Afu%3A0%3Aen%3Autf-8%3Ala%3Afi-FI%3Av%3A1410%3Acn%3A1%3Adp%3A0%3Als%3A1033007984533%3Ahid%3A748349861%3Az%3A180%3Ai%3A20240825174724%3Aet%3A1724597244%3Ac%3A1%3Arn%3A125021724%3Arqn%3A1%3Au%3A1724597244832576909%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Afp%3A1362%3Awv%3A2%3Ads%3A7%2C495%2C150%2C4%2C0%2C0%2C%2C693%2C0%2C%2C%2C%2C1355%3Aco%3A0%3Acpf%3A1%3Ans%3A1724597242272%3Agi%3AR0ExLjEuMTA1MjYyNTc0NS4xNzI0NTk3MjQ0%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1724597245%3At%3ANot%20Found&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29rcm%281%29cdl%28na%29eco%2821037572%29ti%281%29

58 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request DBuFfbH
goo.su/ 		7 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://goo.su/DBuFfbH
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
172.67.139.105 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/8.2.13
Resource Hash
aebbb27fb7d3840af040744c4f7e8993aea81b7a09f779adafbb50d3b4256abc

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache, private
cf-cache-status
DYNAMIC
cf-ray
8b8c607fb83e56c4-OSL
content-encoding
br
content-type
text/html; charset=UTF-8
date
Sun, 25 Aug 2024 14:47:22 GMT
expires
-1
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=t2CwqWCMbaBXqfucc%2FrcrlX8LuiwSzTNqeSdoQ8CaoZB%2FaZazzzU3prR9vLkjT8iVYBM6D%2F12WNIZNhWk5e5H4h2qBxmAaYxNQDVyh2RGqz8sY1i08LUby4%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
x-powered-by
PHP/8.2.13
css
fonts.googleapis.com/ 		2 KB
959 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Nunito
Requested by
Host: goo.su
URL: https://goo.su/DBuFfbH
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.138 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f10.1e100.net
Software
ESF /
Resource Hash
ab535a911215b95d5c4be7dc2858f6f2cdbfaa716f0395759092bd4d768485cb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://goo.su/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Sun, 25 Aug 2024 14:47:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Sun, 25 Aug 2024 14:22:32 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sun, 25 Aug 2024 14:47:23 GMT
69489
enduresopens.com/ttkXIvunodY/ 		119 KB
43 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://enduresopens.com/ttkXIvunodY/69489
Requested by
Host: goo.su
URL: https://goo.su/DBuFfbH
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_CBC
Server
23.109.170.99 , Netherlands, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
nginx /
Resource Hash
87b4a535375c32f2e333b36e67a33bf31f899c30c2368d1bd3d12087373c60ba
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://goo.su/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Date
Sun, 25 Aug 2024 14:47:23 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Strict-Transport-Security
max-age=1
Transfer-Encoding
chunked
Connection
keep-alive
Server
nginx
Accept-ch
sec-ch-ua-platform-version,sec-ch-ua-model,sec-ch-ua-full-version,sec-ch-ua-full-version-list
Access-Control-Max-Age
600
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
https://goo.su
X-Frame-Options
SAMEORIGIN
Access-Control-Allow-Credentials
true
Vary
Accept-Encoding
Keep-Alive
timeout=20
Access-Control-Allow-Headers
content-type, megageocheckolololo, x-forwarded-for, x-requested-with, cache-control, pragma, expires
js
www.googletagmanager.com/gtag/ 		210 KB
76 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-144661405-1
Requested by
Host: goo.su
URL: https://goo.su/DBuFfbH
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.168 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
dc1015691051956e4164d1057b8d89e8b5b8b254dd479bb2d49f02eeb1311afa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://goo.su/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Sun, 25 Aug 2024 14:47:23 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
77014
x-xss-protection
0
last-modified
Sun, 25 Aug 2024 12:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sun, 25 Aug 2024 14:47:23 GMT
/
costivecohorts.top/cuid/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://costivecohorts.top/cuid/?f=https%3A%2F%2Fgoo.su
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_CBC
Server
212.117.187.132 Luxembourg, Luxembourg, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://goo.su
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
content-type, megageocheckolololo, x-forwarded-for
Access-Control-Allow-Methods
GET, POST, OPTIONS
Access-Control-Allow-Origin
https://goo.su
Access-Control-Max-Age
600
Connection
keep-alive
Content-Length
0
Date
Sun, 25 Aug 2024 14:47:23 GMT
Keep-Alive
timeout=20
Server
nginx
Strict-Transport-Security
max-age=1
X-Content-Type-Options
nosniff
/
costivecohorts.top/cuid/ 		32 B
666 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://costivecohorts.top/cuid/?f=https%3A%2F%2Fgoo.su
Requested by
Host: enduresopens.com
URL: https://enduresopens.com/ttkXIvunodY/69489
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_CBC
Server
212.117.187.132 Luxembourg, Luxembourg, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
nginx /
Resource Hash
7b94a4c3d30806e5769578710ee5d4aa7a144461db0b2fb70af4ea07d6af727b
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

Accept
application/json
Referer
https://goo.su/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
Content-Type
application/json

Response headers

Date
Sun, 25 Aug 2024 14:47:24 GMT
Strict-Transport-Security
max-age=1
X-Content-Type-Options
nosniff
Server
nginx
Access-Control-Max-Age
600
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
application/json
Access-Control-Allow-Origin
https://goo.su
Access-Control-Allow-Credentials
true
Connection
keep-alive
Keep-Alive
timeout=20
Content-Length
32
Access-Control-Allow-Headers
content-type, megageocheckolololo, x-forwarded-for
g8XjW8rZ9gmg4cGvH_9kktGqeojfDmwrufGdLsPT8*r3pQ5uo3hdFHCKZ2BlwKJqd2W82TqzjvyQ1FA975t6U0sFGYdDTeH5NAaFNCAuel8OVBPWCQXD
naggersanimism.shop/ 		914 B
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://naggersanimism.shop/g8XjW8rZ9gmg4cGvH_9kktGqeojfDmwrufGdLsPT8*r3pQ5uo3hdFHCKZ2BlwKJqd2W82TqzjvyQ1FA975t6U0sFGYdDTeH5NAaFNCAuel8OVBPWCQXD?ck9=eyJhIjoyMjMzLCJzIjoiMTYwMHgxMjAwIiwiYiI6IjE2MDB4MTIwMCIsInIiOiIiLCJxIjoiaHR0cHM6Ly9nb28uc3UvREJ1RmZiSCIsImgiOjE4NzMsImwiOiJmaS1GSSIsInQiOi0xODAsInoiOjc1NTYsImsiOjAsInUiOiIiLCJmIjpmYWxzZSwid2giOiJub3QgaW4gaWZyYW1lIiwiaWgiOiJub3QgaW4gaWZyYW1lIiwiZSI6IjR3ZW9qMGgzcTluZnJreSIsIm8iOnRydWUsIm0iOjE3MjQ1OTcyNDM1NjksInciOiIlN0IlMjJ0aXRsZSUyMiUzQSUyMk5vdCUyMEZvdW5kJTIyJTJDJTIya2V5d29yZHMlMjIlM0ElNUIlNUQlMkMlMjJ0b3B3b3JkcyUyMiUzQSU1QiU1RCU3RCIsInRzIjowLCJwciI6MSwiZG0iOjgsImhjIjoxMiwiYmwiOi0xLCJiYyI6MywidnYiOiJJbnRlbCBJbmMuIiwidnIiOiJJbnRlbCBJcmlzIE9wZW5HTCBFbmdpbmUiLCJhYyI6MCwiY3QiOiJ1bmtub3duIiwiY2V0IjoiNGciLCJjZGxtIjotMSwiY2RsIjo5LjYsImNydHQiOjI1MCwidG1zIjoxLCJjZSI6dHJ1ZSwiY2QiOjI0LCJvciI6ImxhbmRzY2FwZS1wcmltYXJ5IiwiZnMiOm51bGwsImZzbyI6bnVsbH0
Requested by
Host: enduresopens.com
URL: https://enduresopens.com/ttkXIvunodY/69489
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_CBC
Server
23.109.170.254 , Netherlands, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
nginx /
Resource Hash
c96c188f2d93cf02b4010089eef7f2b1047ffdaaa9bc63fdd4ceb3eb2f01beb8
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

Accept
application/json
Referer
https://goo.su/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
Content-Type
application/json

Response headers

Date
Sun, 25 Aug 2024 14:47:24 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Strict-Transport-Security
max-age=1
Transfer-Encoding
chunked
Connection
keep-alive
Server
nginx
Accept-ch
sec-ch-ua-platform-version,sec-ch-ua-model,sec-ch-ua-full-version,sec-ch-ua-full-version-list
Access-Control-Max-Age
600
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
application/json
Access-Control-Allow-Origin
https://goo.su
Vary
Accept-Encoding
Access-Control-Allow-Credentials
true
Keep-Alive
timeout=20
Access-Control-Allow-Headers
content-type, megageocheckolololo, x-forwarded-for, x-requested-with, cache-control, pragma, expires
g8XjW8rZ9gmg4cGvH_9kktGqeojfDmwrufGdLsPT8*r3pQ5uo3hdFHCKZ2BlwKJqd2W82TqzjvyQ1FA975t6U0sFGYdDTeH5NAaFNCAuel8OVBPWCQXD
naggersanimism.shop/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://naggersanimism.shop/g8XjW8rZ9gmg4cGvH_9kktGqeojfDmwrufGdLsPT8*r3pQ5uo3hdFHCKZ2BlwKJqd2W82TqzjvyQ1FA975t6U0sFGYdDTeH5NAaFNCAuel8OVBPWCQXD?ck9=eyJhIjoyMjMzLCJzIjoiMTYwMHgxMjAwIiwiYiI6IjE2MDB4MTIwMCIsInIiOiIiLCJxIjoiaHR0cHM6Ly9nb28uc3UvREJ1RmZiSCIsImgiOjE4NzMsImwiOiJmaS1GSSIsInQiOi0xODAsInoiOjc1NTYsImsiOjAsInUiOiIiLCJmIjpmYWxzZSwid2giOiJub3QgaW4gaWZyYW1lIiwiaWgiOiJub3QgaW4gaWZyYW1lIiwiZSI6IjR3ZW9qMGgzcTluZnJreSIsIm8iOnRydWUsIm0iOjE3MjQ1OTcyNDM1NjksInciOiIlN0IlMjJ0aXRsZSUyMiUzQSUyMk5vdCUyMEZvdW5kJTIyJTJDJTIya2V5d29yZHMlMjIlM0ElNUIlNUQlMkMlMjJ0b3B3b3JkcyUyMiUzQSU1QiU1RCU3RCIsInRzIjowLCJwciI6MSwiZG0iOjgsImhjIjoxMiwiYmwiOi0xLCJiYyI6MywidnYiOiJJbnRlbCBJbmMuIiwidnIiOiJJbnRlbCBJcmlzIE9wZW5HTCBFbmdpbmUiLCJhYyI6MCwiY3QiOiJ1bmtub3duIiwiY2V0IjoiNGciLCJjZGxtIjotMSwiY2RsIjo5LjYsImNydHQiOjI1MCwidG1zIjoxLCJjZSI6dHJ1ZSwiY2QiOjI0LCJvciI6ImxhbmRzY2FwZS1wcmltYXJ5IiwiZnMiOm51bGwsImZzbyI6bnVsbH0
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_CBC
Server
23.109.170.254 , Netherlands, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://goo.su
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Accept-ch
sec-ch-ua-platform-version,sec-ch-ua-model,sec-ch-ua-full-version,sec-ch-ua-full-version-list
Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
content-type, megageocheckolololo, x-forwarded-for, x-requested-with, cache-control, pragma, expires
Access-Control-Allow-Methods
GET, POST, OPTIONS
Access-Control-Allow-Origin
https://goo.su
Access-Control-Max-Age
600
Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html; charset=UTF-8
Date
Sun, 25 Aug 2024 14:47:23 GMT
Keep-Alive
timeout=20
Server
nginx
Strict-Transport-Security
max-age=1
Transfer-Encoding
chunked
Vary
Accept-Encoding
X-Content-Type-Options
nosniff
XRXI3I6Li01BKofiOc5wtlZ2di8HDLshdTQ3jw.woff2
fonts.gstatic.com/s/nunito/v26/ 		16 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/nunito/v26/XRXI3I6Li01BKofiOc5wtlZ2di8HDLshdTQ3jw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Nunito
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.3 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra02s19-in-f3.1e100.net
Software
sffe /
Resource Hash
923963e0a56b84c4438f2359121e855e147a01a78a2591c471179cfc9bf0e784
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://goo.su
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Tue, 20 Aug 2024 12:09:46 GMT
x-content-type-options
nosniff
age
441458
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
16292
x-xss-protection
0
last-modified
Thu, 14 Sep 2023 00:41:55 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 20 Aug 2025 12:09:46 GMT
context.js
an.yandex.ru/system/ 		369 KB
105 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://an.yandex.ru/system/context.js
Requested by
Host: goo.su
URL: https://goo.su/DBuFfbH
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.180.193.90 , Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
bs.yandex.ru
Software
/
Resource Hash
f0b3ce39e493cb8781af5fc0c441cdb8d11f33fcad41cf86943e4d0c8df18b51
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://goo.su/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
br
etag
"f26249780512646923ee05fbe0144894-1093893"
x-yandex-req-id
1724597244269467-1727526055264295077200315-production-app-host-sas-pcode-182
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=3600
x-robots-tag
noindex, noarchive, nofollow
timing-allow-origin
*
expires
Sun, 25 Aug 2024 15:47:24 GMT
hit
counter.yadro.ru/
Redirect Chain
  • https://counter.yadro.ru/hit?t44.11;r;s1600*1200*24;uhttps%3A//goo.su/DBuFfbH;hNot%20Found;0.82587578795639
  • https://counter.yadro.ru/hit?q;t44.11;r;s1600*1200*24;uhttps%3A//goo.su/DBuFfbH;hNot%20Found;0.82587578795639
132 B
618 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://counter.yadro.ru/hit?q;t44.11;r;s1600*1200*24;uhttps%3A//goo.su/DBuFfbH;hNot%20Found;0.82587578795639
Requested by
Host: goo.su
URL: https://goo.su/DBuFfbH
Protocol
HTTP/1.1
Server
88.212.201.204 , Russian Federation, ASN39134 (UNITEDNET, RU),
Reverse DNS
host204.rax.ru
Software
nginx/1.17.9 /
Resource Hash
e10cd8d343f9c37e3500c69d92f7ac7e78b6c7df29a2ace8cffe71bfa494e8c9
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

Referer
https://goo.su/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 25 Aug 2024 14:47:23 GMT
Strict-Transport-Security
max-age=86400
Server
nginx/1.17.9
Content-Type
image/gif
P3P
policyref="/w3c/p3p.xml", CP="UNI"
Access-Control-Allow-Origin
*
Cache-control
no-cache
Connection
keep-alive
Content-Length
132
Expires
Fri, 25 Aug 2023 21:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Sun, 25 Aug 2024 14:47:23 GMT
Strict-Transport-Security
max-age=86400
Server
nginx/1.17.9
Content-Type
text/html
Location
https://counter.yadro.ru/hit?q;t44.11;r;s1600*1200*24;uhttps%3A//goo.su/DBuFfbH;hNot%20Found;0.82587578795639
P3P
policyref="/w3c/p3p.xml", CP="UNI"
Cache-control
no-cache
Connection
keep-alive
Content-Length
32
Expires
Fri, 25 Aug 2023 21:00:00 GMT
top100.js
st.top100.ru/top100/ 		126 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://st.top100.ru/top100/top100.js
Requested by
Host: goo.su
URL: https://goo.su/DBuFfbH
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
151.236.71.248 Moscow, Russian Federation, ASN204720 (CDNETWORKS, RU),
Reverse DNS
Software
nginx /
Resource Hash
be7503945128c584384ef7213b187c5e3eb1d46b3022a6d0ac891ad9d7b49d54

Request headers

Referer
https://goo.su/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Sun, 25 Aug 2024 14:47:24 GMT
content-encoding
gzip
last-modified
Tue, 20 Aug 2024 14:35:21 GMT
server
nginx
x-amz-meta-s3cmd-attrs
atime:1724164457/ctime:1724164518/gid:0/gname:root/md5:14f20419fb7c48c876a04b5c9003d097/mode:33188/mtime:1724164457/uid:0/uname:root
x-amz-request-id
0000019189DF724BB00613C811AD0AD9
etag
W/"14f20419fb7c48c876a04b5c9003d097"
x-cdn-edge-id
2315
content-type
application/javascript
x-cdn-edge-cache
HIT
x-amz-tagging-count
0
x-reserved
amazon, aws and amazon web services are trademarks or registered trademarks of Amazon Technologies, Inc
x-cdn-request-id
5d20cc949954a299006ccd772c6673b2
x-amz-id-2
32AAAQAAEAABAAAQAAEAABAAAQAAEAABCTC5Ckb11qGWl0sN1zjP1V0lV/ZEMPwT
tag.js
mc.yandex.ru/metrika/ 		202 KB
71 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.ru/metrika/tag.js
Requested by
Host: goo.su
URL: https://goo.su/DBuFfbH
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
87.250.251.119 , Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
mc.yandex.ru
Software
/
Resource Hash
dca271e5c10ab729dbf7e10ccb7c82ba4b87625a821dd4bd640279b6807f2033
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://goo.su/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Sun, 25 Aug 2024 14:47:24 GMT
content-encoding
br
last-modified
Tue, 20 Aug 2024 13:57:42 GMT
accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
etag
"66c4a0d6-11660"
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600
timing-allow-origin
*
content-length
71264
expires
Sun, 25 Aug 2024 15:47:24 GMT
code.js
top-fwz1.mail.ru/js/ 		46 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://top-fwz1.mail.ru/js/code.js
Requested by
Host: goo.su
URL: https://goo.su/DBuFfbH
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
95.163.52.67 , Russian Federation, ASN47764 (VK-AS, RU),
Reverse DNS
top-fwz1.mail.ru
Software
nginx /
Resource Hash
dfbf000d76574d9707b2aa750760dad91d275dbc61e2d2c1df2ae4c8d8a6ec16
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://goo.su/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Sun, 25 Aug 2024 14:47:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
CP="NOI DSP COR NID CUR PSA OUR NOR"
amp-access-control-allow-source-origin
*
last-modified
Tue, 16 Jul 2024 20:47:12 GMT
server
nginx
accept-ch
DPR, Width, Viewport-Width, Downlink, Device-Memory, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version
etag
W/"6696dc50-b755"
access-control-allow-methods
GET, POST, HEAD, PUT, OPTIONS
content-type
application/javascript
access-control-allow-origin
*
accept-ch-lifetime
86400
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
max-age=3600, private
access-control-allow-credentials
true
timing-allow-origin
*
access-control-allow-headers
*
expires
Sun, 25 Aug 2024 15:47:23 GMT
69489
enduresopens.com/tsf/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://enduresopens.com/tsf/69489?md=eyJ6IjoyMiwiYSI6OTY1LCJzIjoiMTYwMHgxMjAwIiwiYiI6IjE2MDB4MTIwMCIsInIiOiIiLCJxIjoiaHR0cHM6Ly9nb28uc3UvREJ1RmZiSCIsImgiOjI0NDMsImwiOiJmaS1GSSIsInQiOi0xODAsImsiOjAsInUiOiIiLCJmIjpmYWxzZSwid2giOiJub3QgaW4gaWZyYW1lIiwiaWgiOiJub3QgaW4gaWZyYW1lIiwiZSI6Inlpc3ZlY2wyNm5meGdyYSIsIm8iOnRydWUsIm0iOjE3MjQ1OTcyNDM2NjQsInciOiIlN0IlMjJ0aXRsZSUyMiUzQSUyMk5vdCUyMEZvdW5kJTIyJTJDJTIya2V5d29yZHMlMjIlM0ElNUIlNUQlMkMlMjJ0b3B3b3JkcyUyMiUzQSU1QiUyMnNvcnJ5JTNBMSUyMiUyQyUyMnBhZ2UlM0ExJTIyJTJDJTIybG9va2luZyUzQTElMjIlMkMlMjJjb3VsZCUzQTElMjIlMkMlMjJmb3VuZCUzQTElMjIlNUQlN0QiLCJ0cyI6MCwicHIiOjEsImRtIjo4LCJoYyI6MTIsImJsIjoxLCJiYyI6MiwidnYiOiJJbnRlbCBJbmMuIiwidnIiOiJJbnRlbCBJcmlzIE9wZW5HTCBFbmdpbmUiLCJhYyI6MCwiY3QiOiJ1bmtub3duIiwiY2V0IjoiNGciLCJjZGxtIjotMSwiY2RsIjo5LjYsImNydHQiOjI1MCwidG1zIjoxLCJjZSI6dHJ1ZSwiY2QiOjI0LCJvciI6ImxhbmRzY2FwZS1wcmltYXJ5IiwiZnMiOm51bGwsImZzbyI6bnVsbH0
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_CBC
Server
23.109.170.99 , Netherlands, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://goo.su
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Accept-ch
sec-ch-ua-platform-version,sec-ch-ua-model,sec-ch-ua-full-version,sec-ch-ua-full-version-list
Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
content-type, megageocheckolololo, x-forwarded-for, x-requested-with, cache-control, pragma, expires
Access-Control-Allow-Methods
GET, POST, OPTIONS
Access-Control-Allow-Origin
https://goo.su
Access-Control-Max-Age
600
Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html; charset=UTF-8
Date
Sun, 25 Aug 2024 14:47:24 GMT
Keep-Alive
timeout=20
Server
nginx
Strict-Transport-Security
max-age=1
Transfer-Encoding
chunked
Vary
Accept-Encoding
X-Content-Type-Options
nosniff
69489
enduresopens.com/tsf/ 		2 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://enduresopens.com/tsf/69489?md=eyJ6IjoyMiwiYSI6OTY1LCJzIjoiMTYwMHgxMjAwIiwiYiI6IjE2MDB4MTIwMCIsInIiOiIiLCJxIjoiaHR0cHM6Ly9nb28uc3UvREJ1RmZiSCIsImgiOjI0NDMsImwiOiJmaS1GSSIsInQiOi0xODAsImsiOjAsInUiOiIiLCJmIjpmYWxzZSwid2giOiJub3QgaW4gaWZyYW1lIiwiaWgiOiJub3QgaW4gaWZyYW1lIiwiZSI6Inlpc3ZlY2wyNm5meGdyYSIsIm8iOnRydWUsIm0iOjE3MjQ1OTcyNDM2NjQsInciOiIlN0IlMjJ0aXRsZSUyMiUzQSUyMk5vdCUyMEZvdW5kJTIyJTJDJTIya2V5d29yZHMlMjIlM0ElNUIlNUQlMkMlMjJ0b3B3b3JkcyUyMiUzQSU1QiUyMnNvcnJ5JTNBMSUyMiUyQyUyMnBhZ2UlM0ExJTIyJTJDJTIybG9va2luZyUzQTElMjIlMkMlMjJjb3VsZCUzQTElMjIlMkMlMjJmb3VuZCUzQTElMjIlNUQlN0QiLCJ0cyI6MCwicHIiOjEsImRtIjo4LCJoYyI6MTIsImJsIjoxLCJiYyI6MiwidnYiOiJJbnRlbCBJbmMuIiwidnIiOiJJbnRlbCBJcmlzIE9wZW5HTCBFbmdpbmUiLCJhYyI6MCwiY3QiOiJ1bmtub3duIiwiY2V0IjoiNGciLCJjZGxtIjotMSwiY2RsIjo5LjYsImNydHQiOjI1MCwidG1zIjoxLCJjZSI6dHJ1ZSwiY2QiOjI0LCJvciI6ImxhbmRzY2FwZS1wcmltYXJ5IiwiZnMiOm51bGwsImZzbyI6bnVsbH0
Requested by
Host: enduresopens.com
URL: https://enduresopens.com/ttkXIvunodY/69489
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_CBC
Server
23.109.170.99 , Netherlands, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
nginx /
Resource Hash
545f5176eb0e13e348acf71b877ea3885184dceb6af69d82df9fb11e38ca2867
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

Accept
application/json
Referer
https://goo.su/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
Content-Type
application/json

Response headers

Date
Sun, 25 Aug 2024 14:47:24 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Strict-Transport-Security
max-age=1
Transfer-Encoding
chunked
Connection
keep-alive
Server
nginx
Accept-ch
sec-ch-ua-platform-version,sec-ch-ua-model,sec-ch-ua-full-version,sec-ch-ua-full-version-list
Access-Control-Max-Age
600
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
https://goo.su
Vary
Accept-Encoding
Access-Control-Allow-Credentials
true
Keep-Alive
timeout=20
Access-Control-Allow-Headers
content-type, megageocheckolololo, x-forwarded-for, x-requested-with, cache-control, pragma, expires
js
www.googletagmanager.com/gtag/ 		258 KB
91 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-CFRSCHBSP6&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-144661405-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.168 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
906ba575d49e69247302ffde55cba2cc9d2faf4256af49f1de095ef919af1b72
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://goo.su/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Sun, 25 Aug 2024 14:47:23 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
92623
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Sun, 25 Aug 2024 14:47:23 GMT
analytics.js
www.google-analytics.com/ 		52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-144661405-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.78 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://goo.su/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Sun, 25 Aug 2024 13:15:05 GMT
last-modified
Tue, 12 Dec 2023 18:09:08 GMT
server
Golfe2
age
5539
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Sun, 25 Aug 2024 15:15:05 GMT
sync-loader.js
privacy-cs.mail.ru/static/ 		145 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://privacy-cs.mail.ru/static/sync-loader.js
Requested by
Host: top-fwz1.mail.ru
URL: https://top-fwz1.mail.ru/js/code.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
95.163.52.89 , Russian Federation, ASN47764 (VK-AS, RU),
Reverse DNS
r3.mail.ru
Software
nginx /
Resource Hash
7b18c4fa25aa0a3d266d70e170abda60935e9ac6bb075b348d0d2e59b41e42b0

Request headers

Referer
https://goo.su/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Date
Sun, 25 Aug 2024 14:47:24 GMT
Content-Encoding
gzip
Server
nginx
Transfer-Encoding
chunked
Content-Type
application/javascript;charset=UTF-8
Access-Control-Allow-Origin
*
Cache-Control
max-age=600
Connection
keep-alive
Timing-Allow-Origin
*
Expires
Sun, 25 Aug 2024 14:57:24 GMT
dyn-goal-config.js
top-fwz1.mail.ru/js/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://top-fwz1.mail.ru/js/dyn-goal-config.js?ids=3128781
Requested by
Host: top-fwz1.mail.ru
URL: https://top-fwz1.mail.ru/js/code.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
95.163.52.67 , Russian Federation, ASN47764 (VK-AS, RU),
Reverse DNS
top-fwz1.mail.ru
Software
nginx /
Resource Hash
0e7e3045519beaff2095d4a64b8dfb1b581013eb5b8f4b3549983c69abe7139b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://goo.su/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Sun, 25 Aug 2024 14:47:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
CP="NOI DSP COR NID CUR PSA OUR NOR"
amp-access-control-allow-source-origin
*
server
nginx
accept-ch
DPR, Width, Viewport-Width, Downlink, Device-Memory, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version
access-control-allow-methods
GET, POST, HEAD, PUT, OPTIONS
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
accept-ch-lifetime
86400
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
max-age=600, private
access-control-allow-credentials
true
timing-allow-origin
*
access-control-allow-headers
*
expires
Sun, 25 Aug 2024 14:57:24 GMT
counter
top-fwz1.mail.ru/ 		43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://top-fwz1.mail.ru/counter?_=0.6166222247089079;id=3128781;u=https%3A//goo.su/DBuFfbH;title=Not%20Found;s=1600*1200;vp=1600*1200;touch=0;hds=1;sid=b942e761268fce4f;ver=60.6.0;tz=-180%2FEurope%2FHelsinki;st=1724597243622;ct=1704/1708/1708//1350;rt=1350/353/0/0/0/1350/1350/1356/1356/1529/1364/1529/1630/1703;gl=u;ni=9.6//4g/250/0/;lvid=1724597243979%3A1724597243993%3A1%3A97c85e3f6cd81fda6a6975cb93a106ee;opts=dl%2Cjst-gtag-ga%2Ccnhp%3Dh2%2Ccs%3D19122-46933-19422;visible=true;js=13
Requested by
Host: goo.su
URL: https://goo.su/DBuFfbH
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
95.163.52.67 , Russian Federation, ASN47764 (VK-AS, RU),
Reverse DNS
top-fwz1.mail.ru
Software
nginx /
Resource Hash
24e480e4659fbae818853a38f8a3036f529f539024dc3e772c0b594ce02ea9db
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://goo.su/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Sun, 25 Aug 2024 14:47:24 GMT
x-content-type-options
nosniff
p3p
CP="NOI DSP COR NID CUR PSA OUR NOR"
content-length
43
pragma
no-cache
amp-access-control-allow-source-origin
*
server
nginx
accept-ch
DPR, Width, Viewport-Width, Downlink, Device-Memory, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version
access-control-allow-methods
GET, POST, HEAD, PUT, OPTIONS
content-type
image/gif
access-control-allow-origin
*
accept-ch-lifetime
86400
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
private, no-cache, no-store, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*
access-control-allow-headers
*
collect
region1.google-analytics.com/g/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-CFRSCHBSP6&gtm=45je48l0v9124383557za200&_p=1724597243620&gcd=13l3l3l2l1l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=0&cid=1052625745.1724597244&ul=fi-fi&sr=1600x1200&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_eu=EAAI&_s=1&sid=1724597244&sct=1&seg=0&dl=https%3A%2F%2Fgoo.su%2FDBuFfbH&dt=Not%20Found&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=1758
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-CFRSCHBSP6&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.239.34.36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

Referer
https://goo.su/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 25 Aug 2024 14:47:24 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://goo.su
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
kraken.rambler.ru/cnt/v2/ 		43 B
860 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://kraken.rambler.ru/cnt/v2/
Requested by
Host: st.top100.ru
URL: https://st.top100.ru/top100/top100.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
81.19.89.16 , Russian Federation, ASN24638 (RAMBLER-TELECOM-AS, RU),
Reverse DNS
kraken.rambler.ru
Software
nginx /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://goo.su/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Sun, 25 Aug 2024 14:47:24 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-srv
0kraken-prod0002.ad.rambler.tech
x-sca-elb
nginx-top100-ext
p3p
CP="NON DSP NID ADMa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
content-length
43
pragma
no-cache
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
https://goo.su
cache-control
no-cache
access-control-allow-credentials
true
access-control-allow-headers
content-type
expires
Thu, 01 Jan 1970 00:00:01 GMT
top100_0062b1.gif
kraken.rambler.ru/counter-static/images/ 		595 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://kraken.rambler.ru/counter-static/images/top100_0062b1.gif
Requested by
Host: goo.su
URL: https://goo.su/DBuFfbH
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
81.19.89.16 , Russian Federation, ASN24638 (RAMBLER-TELECOM-AS, RU),
Reverse DNS
kraken.rambler.ru
Software
nginx /
Resource Hash
fda0897f4cdbbab911245c9ebaa4885f54a7e572b8c9b071dc976d1d27cab1a6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://goo.su/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Sun, 25 Aug 2024 14:47:24 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-cache-status
HIT
p3p
CP="NON DSP NID ADMa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
x-obs-request-id
a83587b49338f107499a46b5aacb6aa7
x-obs-meta-s3cmd-attrs
atime:1718733846/ctime:1718733846/gid:0/gname:root/md5:10d95efe74b84de86398a30e7b958b79/mode:33206/mtime:1718733846/uid:0/uname:root
content-length
595
x-obs-id-2
32AAAQAAEAABAAAQAAEAABAAAQAAEAABCS7efXhqFi8TZRNRyjkgb+tdyLxiELKg
server
nginx
access-control-allow-methods
OPTIONS,GET
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=86400
access-control-allow-credentials
true
x-obs-tagging-count
0
access-control-allow-headers
DNT
997bc0c7d7a9e576cb1fe0c6243fda1743a563aa.jpeg
pequotpatrick.click/g/99/7b/ Frame 4292
Redirect Chain
  • https://abtfliping.top/tsk/BWK4j_T0GNkIeSACsYnOk2LOX3Tq4wk3MFQjEit87LNlu*ksh5iT3NRhWctydMkUBfiBZs4_I7Qts4*iXvCYoWTomZaJL*TgbCxCh*Fj*o5a1U6gGnzg0hSa0br6WH9K
  • https://pequotpatrick.click/g/99/7b/997bc0c7d7a9e576cb1fe0c6243fda1743a563aa.jpeg
117 KB
117 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pequotpatrick.click/g/99/7b/997bc0c7d7a9e576cb1fe0c6243fda1743a563aa.jpeg
Requested by
Host: goo.su
URL: https://goo.su/DBuFfbH
Protocol
HTTP/1.1
Server
162.19.19.15 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3220790.ip-162-19-19.eu
Software
nginx /
Resource Hash
7f4a0f4b45b8c93a7662873d02abba721a6652e35e2c9514df49011fb689076c

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Date
Sun, 25 Aug 2024 14:47:24 GMT
Last-Modified
Fri, 26 Jul 2024 13:07:16 GMT
Server
nginx
ETag
"66a39f84-1d445"
Content-Type
image/jpeg
Cache-Control
max-age=864000
Connection
keep-alive
Accept-Ranges
bytes
Keep-Alive
timeout=20
Content-Length
119877
Expires
Wed, 04 Sep 2024 14:47:24 GMT

Redirect headers

Date
Sun, 25 Aug 2024 14:47:24 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Strict-Transport-Security
max-age=1
Transfer-Encoding
chunked
Connection
keep-alive
Referrer-Policy
no-referrer
Server
nginx
Accept-ch
sec-ch-ua-platform-version,sec-ch-ua-model,sec-ch-ua-full-version,sec-ch-ua-full-version-list
Access-Control-Max-Age
600
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
text/html; charset=UTF-8
Access-Control-Allow-Origin
*
Location
https://pequotpatrick.click/g/99/7b/997bc0c7d7a9e576cb1fe0c6243fda1743a563aa.jpeg
Vary
Accept-Encoding
Keep-Alive
timeout=20
Access-Control-Allow-Headers
content-type, megageocheckolololo, x-forwarded-for, x-requested-with, cache-control, pragma, expires
6f2d70d3977e71bcd0cc3ef6aed379c2d5b53fbb.jpeg
pequotpatrick.click/g/6f/2d/ Frame 4292
Redirect Chain
  • https://abtfliping.top/tsk/BWK4j_T0GNkIeSACsYnOkzk879ibISrQ6C1JoAKqVJY1uMKB4dVObYoiq9xAI72uLqaR5*Rkzy*IkPKV3loH76BDuJpVModroeFNDepy1HHQ1NLrGAqHoP_QUu8JGnbw
  • https://pequotpatrick.click/g/6f/2d/6f2d70d3977e71bcd0cc3ef6aed379c2d5b53fbb.jpeg
155 KB
155 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pequotpatrick.click/g/6f/2d/6f2d70d3977e71bcd0cc3ef6aed379c2d5b53fbb.jpeg
Requested by
Host: goo.su
URL: https://goo.su/DBuFfbH
Protocol
HTTP/1.1
Server
162.19.19.15 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3220790.ip-162-19-19.eu
Software
nginx /
Resource Hash
0205dea54323389460083423266b1b1194f916ad4e43101edace6a1090c94088

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Date
Sun, 25 Aug 2024 14:47:24 GMT
Last-Modified
Fri, 26 Jul 2024 13:05:17 GMT
Server
nginx
ETag
"66a39f0d-26b4a"
Content-Type
image/jpeg
Cache-Control
max-age=864000
Connection
keep-alive
Accept-Ranges
bytes
Keep-Alive
timeout=20
Content-Length
158538
Expires
Wed, 04 Sep 2024 14:47:24 GMT

Redirect headers

Date
Sun, 25 Aug 2024 14:47:24 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Strict-Transport-Security
max-age=1
Transfer-Encoding
chunked
Connection
keep-alive
Referrer-Policy
no-referrer
Server
nginx
Accept-ch
sec-ch-ua-platform-version,sec-ch-ua-model,sec-ch-ua-full-version,sec-ch-ua-full-version-list
Access-Control-Max-Age
600
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
text/html; charset=UTF-8
Access-Control-Allow-Origin
*
Location
https://pequotpatrick.click/g/6f/2d/6f2d70d3977e71bcd0cc3ef6aed379c2d5b53fbb.jpeg
Vary
Accept-Encoding
Keep-Alive
timeout=20
Access-Control-Allow-Headers
content-type, megageocheckolololo, x-forwarded-for, x-requested-with, cache-control, pragma, expires
sync_cookie_image_finish
mc.yandex.ru/
Redirect Chain
  • https://mc.yandex.com/sync_cookie_image_check
  • https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=10472.BgkHcXEJmVJZkjrEau-rQvloWqq7EE2c6i8zoXGlE9TunMwb-HFQomMlFXSquENp.dprAZaRRJSrC3vuto0T5gSbck3U%2C
  • https://mc.yandex.com/sync_cookie_image_decide?token=10472.KbWMAI-furKt-7mjNN39k4gUcYnPCj-Z6SJlDZGB3UMPFqMv_eKUF4_VaNQ1MjUl1QRpTD3t6mnABd-LlArZiOwgbs5BGgGPUlf0rYEO-dRu-0QQdOD1iUU6thgi2O6JooZAgRQdq0...
  • https://mc.yandex.ru/sync_cookie_image_finish?redirect_domain=mc.yandex.com&token=10472.NgY5BNU2EMJPV1DOgYc4Rmw_camoA-yyrxYb6fLtXLMvw_jf6CU0SAn6t1MQFJPVH_YyQKxwz5UMK0aACQBNbsUJEQwJcUVgrJs_rTKcLme28...
43 B
585 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mc.yandex.ru/sync_cookie_image_finish?redirect_domain=mc.yandex.com&token=10472.NgY5BNU2EMJPV1DOgYc4Rmw_camoA-yyrxYb6fLtXLMvw_jf6CU0SAn6t1MQFJPVH_YyQKxwz5UMK0aACQBNbsUJEQwJcUVgrJs_rTKcLme28uUIQeay6D8a_c8tD4diKqZYKy4pkgKBAYs_XimqW2l_VF5iC9IYSj5rsSXchszL2KvD8AXsAn8GRfLNyy52ju3vgDCpa-SKySTyZuGdaA%2C%2C.x9WlmBgM2Cnyl6kW6bDdcr9Kye0%2C
Requested by
Host: goo.su
URL: https://goo.su/DBuFfbH
Protocol
H2
Server
87.250.251.119 , Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
mc.yandex.ru
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Referer
https://goo.su/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Sun, 25 Aug 2024 14:47:24 GMT
strict-transport-security
max-age=31536000
content-length
43
x-xss-protection
1; mode=block
content-type
image/gif

Redirect headers

location
https://mc.yandex.ru/sync_cookie_image_finish?redirect_domain=mc.yandex.com&token=10472.NgY5BNU2EMJPV1DOgYc4Rmw_camoA-yyrxYb6fLtXLMvw_jf6CU0SAn6t1MQFJPVH_YyQKxwz5UMK0aACQBNbsUJEQwJcUVgrJs_rTKcLme28uUIQeay6D8a_c8tD4diKqZYKy4pkgKBAYs_XimqW2l_VF5iC9IYSj5rsSXchszL2KvD8AXsAn8GRfLNyy52ju3vgDCpa-SKySTyZuGdaA%2C%2C.x9WlmBgM2Cnyl6kW6bDdcr9Kye0%2C
strict-transport-security
max-age=31536000
date
Sun, 25 Aug 2024 14:47:24 GMT
x-xss-protection
1; mode=block
advert.gif
mc.yandex.com/metrika/ 		43 B
569 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mc.yandex.com/metrika/advert.gif
Requested by
Host: goo.su
URL: https://goo.su/DBuFfbH
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
87.250.251.119 , Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
mc.yandex.ru
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://goo.su/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Sun, 25 Aug 2024 14:47:24 GMT
strict-transport-security
max-age=31536000
last-modified
Tue, 20 Aug 2024 13:57:42 GMT
accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
etag
"66c4a0d6-2b"
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=3600
accept-ranges
bytes
timing-allow-origin
*
content-length
43
expires
Sun, 25 Aug 2024 15:47:24 GMT
collect
www.google-analytics.com/j/ 		1 B
199 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=2103714653&t=pageview&_s=1&dl=https%3A%2F%2Fgoo.su%2FDBuFfbH&ul=fi-fi&de=UTF-8&dt=Not%20Found&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAUABAAAAACAAI~&jid=1709166205&gjid=467284743&cid=1052625745.1724597244&tid=UA-144661405-1&_gid=652915578.1724597245&_r=1&gtm=457e48l0za200&gcd=13l3l3l2l1l1&dma_cps=syphamo&dma=1&tag_exp=0&jsscut=1&npa=1&z=1932910785
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.78 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://goo.su/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 25 Aug 2024 14:47:24 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://goo.su
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
text-variable-full.woff2
yastatic.net/s3/home/fonts/ys/3/ 		25 KB
26 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://yastatic.net/s3/home/fonts/ys/3/text-variable-full.woff2
Requested by
Host: an.yandex.ru
URL: https://an.yandex.ru/system/context.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
178.154.131.215 , Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
static.yandex.net
Software
nginx/1.17.9 /
Resource Hash
033696b7f1ac04d1dcc102be84550e146236ceffc25a6cabc12aa51a6ee410b9
Security Headers
Name Value
Strict-Transport-Security max-age=43200000; includeSubDomains;

Request headers

Referer
https://goo.su/
Origin
https://goo.su
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Sun, 25 Aug 2024 14:47:25 GMT
strict-transport-security
max-age=43200000; includeSubDomains;
nel
{"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length
26004
x-amz-meta-owner
{"role":"admin","login":"4eb0da"}
last-modified
Mon, 25 Apr 2022 14:02:39 GMT
server
nginx/1.17.9
etag
"7f0cdaf91230f9789ca4162aedff612e"
vary
Accept-Encoding
report-to
{ "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31556952
x-nginx-request-id
2feaedceab2f5c4d
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 25 Aug 2025 20:34:36 GMT
399f3bb64df44675587a.js
yastatic.net/partner-code-bundles/1093893/ 		44 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://yastatic.net/partner-code-bundles/1093893/399f3bb64df44675587a.js
Requested by
Host: an.yandex.ru
URL: https://an.yandex.ru/system/context.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
178.154.131.215 , Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
static.yandex.net
Software
nginx/1.17.9 /
Resource Hash
ec698b3dadb2c6873c3bb301bc7a1be59edb0375bd1bacb1e86f61f7fb68d52d
Security Headers
Name Value
Strict-Transport-Security max-age=43200000; includeSubDomains;

Request headers

Referer
https://goo.su/
Origin
https://goo.su
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Sun, 25 Aug 2024 14:47:25 GMT
content-encoding
br
strict-transport-security
max-age=43200000; includeSubDomains;
nel
{"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length
12690
last-modified
Wed, 21 Aug 2024 15:02:22 GMT
server
nginx/1.17.9
etag
"62d9ad4619ddd7690d5823a5717656a0"
vary
Accept-Encoding
report-to
{ "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=946708560
accept-ranges
bytes
timing-allow-origin
*
x-robots-tag
noindex, noarchive, nofollow
expires
Tue, 25 Aug 2054 21:22:23 GMT
914df6aca10909ca10c9.js
yastatic.net/partner-code-bundles/1093893/ 		24 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://yastatic.net/partner-code-bundles/1093893/914df6aca10909ca10c9.js
Requested by
Host: an.yandex.ru
URL: https://an.yandex.ru/system/context.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
178.154.131.215 , Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
static.yandex.net
Software
nginx/1.17.9 /
Resource Hash
b10271d9a46b40593d3e6e877321a789cbec48cf079d4a6a9531ad6d6fc61f5b
Security Headers
Name Value
Strict-Transport-Security max-age=43200000; includeSubDomains;

Request headers

Referer
https://goo.su/
Origin
https://goo.su
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Sun, 25 Aug 2024 14:47:25 GMT
content-encoding
br
strict-transport-security
max-age=43200000; includeSubDomains;
nel
{"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length
7948
last-modified
Wed, 21 Aug 2024 15:02:22 GMT
server
nginx/1.17.9
etag
"1baf614d64e198022840b7550e786c41"
vary
Accept-Encoding
report-to
{ "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=946708560
accept-ranges
bytes
timing-allow-origin
*
x-robots-tag
noindex, noarchive, nofollow
expires
Tue, 25 Aug 2054 21:22:25 GMT
5ea1161555f9fba1d63a.js
yastatic.net/partner-code-bundles/1093893/ 		608 KB
111 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://yastatic.net/partner-code-bundles/1093893/5ea1161555f9fba1d63a.js
Requested by
Host: an.yandex.ru
URL: https://an.yandex.ru/system/context.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
178.154.131.215 , Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
static.yandex.net
Software
nginx/1.17.9 /
Resource Hash
68f1023de7d44cb55dd7f588e018744c13f6c36b547bc3fca299a8edf5182d38
Security Headers
Name Value
Strict-Transport-Security max-age=43200000; includeSubDomains;

Request headers

Referer
https://goo.su/
Origin
https://goo.su
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Sun, 25 Aug 2024 14:47:25 GMT
content-encoding
br
strict-transport-security
max-age=43200000; includeSubDomains;
nel
{"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length
113376
last-modified
Wed, 21 Aug 2024 15:02:22 GMT
server
nginx/1.17.9
etag
"9e651253aa2854acaf50269f40900e71"
vary
Accept-Encoding
report-to
{ "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=946708560
accept-ranges
bytes
timing-allow-origin
*
x-robots-tag
noindex, noarchive, nofollow
expires
Tue, 25 Aug 2054 21:22:12 GMT
host.js
yastatic.net/safeframe-bundles/0.83/ 		33 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://yastatic.net/safeframe-bundles/0.83/host.js
Requested by
Host: an.yandex.ru
URL: https://an.yandex.ru/system/context.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
178.154.131.215 , Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
static.yandex.net
Software
nginx/1.17.9 /
Resource Hash
34806ef573086241dd1a596a860b0295b51c24f1c37eab36eb9d0665683abb55
Security Headers
Name Value
Strict-Transport-Security max-age=43200000; includeSubDomains;

Request headers

Referer
https://goo.su/
Origin
https://goo.su
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Sun, 25 Aug 2024 14:47:25 GMT
content-encoding
br
strict-transport-security
max-age=43200000; includeSubDomains;
nel
{"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length
8878
last-modified
Wed, 03 Nov 2021 13:42:58 GMT
server
nginx/1.17.9
etag
"f80882bf67cf261aa08d636da095149a"
vary
Accept-Encoding
report-to
{ "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=946708560
accept-ranges
bytes
timing-allow-origin
*
x-robots-tag
noindex, noarchive, nofollow
expires
Tue, 25 Aug 2054 21:21:25 GMT
2a7e10cda1ae60fdca4b.js
yastatic.net/partner-code-bundles/1093893/ 		122 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://yastatic.net/partner-code-bundles/1093893/2a7e10cda1ae60fdca4b.js
Requested by
Host: an.yandex.ru
URL: https://an.yandex.ru/system/context.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
178.154.131.215 , Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
static.yandex.net
Software
nginx/1.17.9 /
Resource Hash
77f1727c4c5c9878aed1f587f19ffab7937f1c608a45da5209e742b1a8ecf450
Security Headers
Name Value
Strict-Transport-Security max-age=43200000; includeSubDomains;

Request headers

Referer
https://goo.su/
Origin
https://goo.su
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Sun, 25 Aug 2024 14:47:25 GMT
content-encoding
br
strict-transport-security
max-age=43200000; includeSubDomains;
nel
{"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length
24526
last-modified
Wed, 21 Aug 2024 15:02:22 GMT
server
nginx/1.17.9
etag
"8b521256b4ce4a5f95a6db7d8e579740"
vary
Accept-Encoding
report-to
{ "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=946708560
accept-ranges
bytes
timing-allow-origin
*
x-robots-tag
noindex, noarchive, nofollow
expires
Tue, 25 Aug 2054 21:22:16 GMT
1677322
yandex.ru/ads/meta/ 		68 KB
20 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://yandex.ru/ads/meta/1677322?target-ref=https%3A%2F%2Fgoo.su%2FDBuFfbH&pcode-version=1093893&pcodever=1093893&comboblock-unencoded-vast=1&ad-session-id=9179241724597244650&target-id=13549235&pcode-test-ids=1095470%2C0%2C37%3B1034858%2C0%2C36%3B1076847%2C0%2C11%3B1076432%2C0%2C36%3B1094830%2C0%2C65%3B1065396%2C0%2C12%3B1035460%2C0%2C27%3B1083172%2C0%2C61%3B1087334%2C0%2C77%3B1082178%2C0%2C19%3B1059498%2C0%2C23%3B1037227%2C0%2C17%3B1093707%2C0%2C78%3B1051945%2C0%2C68%3B1085919%2C0%2C57%3B1081859%2C0%2C76%3B1082191%2C0%2C73%3B1081862%2C0%2C16%3B1090257%2C0%2C7%3B1088265%2C0%2C57&pcode-flags-map=eJy1WNly27gS%2FRc9Rx7uS94gEpJQ4jYAKFszlUIpYyXxXMdOxU4mk1T%2B%2FR6A1ELKJpO5c%2F0ic%2BnDRqP79Gl8m6RMkFlGVVLWhVScpozTRCpWkKqavPz92%2BTz9vbTbvJyInlNJy8mj7uHR3aN69CxPM%2BZfH%2F1YrImQtWCqrzOJONllgGtkPofytUlkcmSpkqynKpyPhdUDuO6jhWGB1xOJd%2BoslAFlZclXynKecmHEfzAC2ODoD9a1lJVnBq%2Fjh6uWUpL1T7vwNkW%2Fjp4sRuH1gjerJ7PsVqaV3KjMpazPuhPI64rwtJ%2F38N5jf%2F%2FKWqBjfi3PX0G83%2Fan6cx%2F38R%2BKe7rzN8wclMZbRYyGXHCPUVnZpFVmSF3tGMSpXUQpa5Wuek2i9IrUmGcjgFCnqrigLfDY6VK5ZlnaX651KRRDIscFZLiR%2BGpZJkhSfd5ey%2BfDjFsy3Xi%2FyjZzSBT4kksE84JSCGFk%2Bw37qe3b7t4vh%2BGB0do4VhpqxEaOjViAuBFwSBMdVMtCGK1yotc4I1zEuuSAom%2BbWmQopB7gBQFFhRh9ZSIpYq1%2FQlNxXtufHH7afrndpev7n%2F0sUJPcc50ljrSllkGx1WRGd4OWFkR411GwUuZ2pGigJZlpFiUZNF35MeQuRFsXdCo3m5xkawBeK5wJL09kiaixGQwImPmVoRIXTyI9WNTwiq3lIlS5OCI1BR5ATHpJMGYU25QML1iiW2wyDuWsdeGDbWpujaSNQFmzP0FlZIyuckGQyJH0dO21j0rs5Wxnlh0qNhG70xZT4rh1CCMPasBoVzNKVL3aFqXigyhw8qyViyUnLJy3qxHO5Stm15TZcSOeFSITtrquhVpWYZqg40Ijo5%2F%2Fvk%2Ffbm9uLjJ6D8vb273n3B%2F7%2FcvN%2B%2B3T10br3dvjd3rr%2Fu7prXt59vHu%2Bbf99fnFxc3920dzXyAQE3Pm6%2F3t5%2Ffdc%2B%2Fvqx%2Bf30cXtxt%2Fvr4eyFP7f372%2BM6avOEv2orQF0fZXSOcHmIY0WVBV1PqN8KNKhb7stTW4I8kWyRM0pdnuWlQgPOs7lEin8RJz4lE0dL7bBoFMbkKfXTu%2Fa7V175ppMHR%2FdIHRaezL1o8gL7KltH24EWF6oP%2FCqQ9JxYDeJOhcotbJSc3Y1tMzId13bNRYF1ogiBQnXJNN5mROppY9WUyBAldOiHobyYqeJmE7MRSWVSDirBqkzguBqiQIep1SsJJzey0JEWBnmqkYIJ4pR4vEehtNLwlOt%2Bs4Zs2MWO451Qrf4UFvaQnBdC8O2ruc3tgcVa8oP8ZozHbw%2BtZwB%2BG7kHhhhD7LvpJoY0jKpEXYEUnIi6QJSdCYoXw%2Bnbux4fruqZ6hmjtTQXWnEPdtuQtrlJ6NgsLOUFqZBoTi4SZQ1E2zGMiYPbg7iu5YfNbma%2FraHWtGMyrGw2ZHT%2BLUvaYQLAaIkNyAkAxW2yXzi0iGE9CrJ6hTzAoduHPYw8Gy%2F04yXpEi1KGDFqt3tpr3LuhhZbOi0ySJIrhVCkdKrti8PGoaW7kanWVZWtND9GK2wQlGilc7qbDUIEvte23vw%2BkItKUmHUwjsE%2FmBbUyI2BRJ0x9OTb5NHnaPmu9OnhudYLp7ViK7XnSfUazZZF33fvugd1fr0ucAnv0EK0AYzQ2Szsur3mMEi7MVaabNsy8mZblieElPjKxYPPNWxcucCXr2YdNW9PJbL03N9N7q1ZHRuNDqiPG7%2B4fHBx3M7e3t5NX3zk5AisVtpxYVBLbQVJwyoi6ZXGqmOIzNRt%2FpF4a31gmh5RuulAfawcCdlWv4xkqtfdMEDDoCA7Y%2FVscBR6DZnnKNFuGmFvGbLI3T%2BuUkIyC6kSR0MKscl45Wpq4YQfyfVtPng4Hjh%2F7BvB1XtABlc9Lt2Z6%2F225f28E03m3fTL1w605fh8H1dPvmdeDhnn%2FtO51Oq6eOOIqeAq8oT8DZpx%2BwLizL%2FzHrZL7oVhnkqG2HsTN5ab%2BYuJYFHelZNq6%2BPwOo62IvbZtiGI6SB4JpopSg6yGufKMWLM9HFD6afTvyHM2a3jQV2PhhY99yWp2il6%2FlghHWiuUjOt63A8%2FqFoNRZc%2BJscCNsUDX722e73pOs%2BZLjuk11xIejJMpUojLsaz0Y992TiUTy3XxjygtzHZuGPbnVAKpLmiG7gQyR1PFOD8CErhOs8%2B6Vs2HUf9UsAUaMOGMdDNv8tfN47vp55vr3f3ZoOn6T%2BOMOHBuWGnKVNlIngXRvpMdeFAuyKmaaOVfB%2BbDF4a54O7xoQcW72d%2BnQe8vPxB70MnbNuatmschzBIVqiXbua4lu0gw31%2FossOaYeM6acRptw2jXXJHbUGCnmBHvAEE9g9%2B33R8hyijCzGBuI47M7lFWcJNcIVQ9yKjhA%2FqKQ94BAVTZrhFUPsr7qBpYaydSVWmP9o3vP7CTA%2FaEtInwWtV9i9vGyno9lGQWd01dW3ie37aBgvJw8PH37RQE1aTj%2F%2FZ7q7vrm73zXXF38%2B3N9NuuQWB5b9xAkPSdP90YbIRjlHHxMdtT62SJ8mlDPS7pkhoCpjveq3LuxeBgWRdzxZETUYb9PEjZcLToXADDFCIGHguU6bNiJd9eW8Pm%2BIXKsXbnPrCTVuTs4ww2cZGuLeHzwlKakMO%2BUlVtiNDUbzXjn5bhycoHcVNadzLGw5xouu7wXWkyAHgMN005xXtAqhzCvI%2Fo6Ljj4M%2FWn0nFwdpEGj356vvSPegT95XpluMlKErh02u5cY%2BsBsrOeNTKW6k%2BuhQKi1M4IRuq7XUfVszvVgMMc%2Bzkg7V%2Fz4uRAQHRT3YearyMbMjWZ05j2d9Mfjbb%2BhgYfafGxO0jkKWc84sjSCtxy2x3DTHrQc7X%2FWci%2FwQCTogiMqAOOUdfyg%2BU5Spq34NIsuhckvZ2ThduwdJexJJ2rnvAS%2F6G8lZwjm%2BUB%2Fhhf5cTsyG2qiGeoPsmhG0oU5p9zX5AiKDZyG5bGeIjEHlZIlSLHmeGI0E2J7wInmvE%2F2OeEcx47ac%2Fp9jqY1%2BBFJj7YxFw3Vj2RWbEGCnzYsM3TrE9PSVJsufVIYoZqOBCVyAr1V3%2F8L8ZYyMg%3D%3D&pcode-icookie=tWkulU6FwN4wk2wZVHy2cL8DZexoAqZJPW6ptpEmWn6x%2FT6c5HXsh%2FnDLsD3LRO2wbDy7UE43CE%2BYNd9UGpXjcHDMF0%3D&duid=MTcyNDU5NzI0NDgzMjU3NjkwOQ%3D%3D&imp-id=6&charset=utf-8&test-tag=143486267424770&tga-with-creatives=1&top-ancestor=https%3A%2F%2Fgoo.su&top-ancestor-undetermined=0&layout-config=%7B%22win_width%22%3A1600%2C%22win_height%22%3A1200%2C%22pixel_ratio%22%3A1%2C%22bandwidth%22%3A9.6%2C%22isInIframe%22%3Afalse%2C%22w%22%3A1600%2C%22h%22%3A0%2C%22width%22%3A1600%2C%22height%22%3A0%2C%22visible%22%3A1%2C%22fullscreenHeaderHeight%22%3A80%2C%22left%22%3A0%2C%22top%22%3A768%2C%22ad_no%22%3A0%2C%22safeArea%22%3A%7B%22top%22%3A0%2C%22bottom%22%3A0%2C%22left%22%3A0%2C%22right%22%3A0%7D%2C%22req_no%22%3A0%7D&grab-orig-len=256&grab=eyJncmFiX3ZlcnNpb24iOjJ9CpqvzvE9z_MjhnpqZq15cd7c3PTQt-RYdreca0dXAsJe-rs6jU0RixhMWhze1xav5NomjL-K3nnMci43hdqbQjXSZqa2HOB6pk__i74Yg-3JH6uK5-bsI9aECetUe-kT570aLwhxOjkubr5eiTJOfgBH_owpArRArbUM4SfeI_T8zHJf7L3fRQYnfFr74nI-v9NCpNO7VoEHm4FsyBww2Tl2IDp6JWcVCiGFBi_s&uniformat=true&callback=Ya%5B8913093545214%5D
Requested by
Host: an.yandex.ru
URL: https://an.yandex.ru/system/context.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
77.88.44.55 , Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
yandex.ru
Software
/
Resource Hash
92a5109fd67db734df2a9885732953ca107f85490bc4cdb6ff440111cf80318b
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests; default-src 'none'; base-uri 'none'; script-src 'report-sample' 'unsafe-inline' 'self' yandex.ru an.yandex.ru api-maps.yandex.ru mc.yandex.ru yastatic.net pcode.yads.tech *.maps.yandex.net; style-src 'unsafe-inline' yastatic.net; img-src 'self' data: avatars.mds.yandex.net favicon.yandex.net *.captcha.yandex.net yastatic.net *.maps.yandex.net *.yandex.ru avatars.yads.tech; media-src blob: strm.yandex.ru *.strm.yandex.net; font-src yastatic.net; connect-src 'self' blob: abs.yandex.ru an.yandex.ru yandex.ru mc.yandex.ru yastatic.net log.strm.yandex.ru display.yads.tech display-logs.yads.tech; frame-src yandexadexchange.net yandex.ru an.yandex.ru; report-uri https://csp.yandex.net/csp?from=yabs&project=yabs&yandex_login=&platform=
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://goo.su/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Sun, 25 Aug 2024 14:47:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
upgrade-insecure-requests; default-src 'none'; base-uri 'none'; script-src 'report-sample' 'unsafe-inline' 'self' yandex.ru an.yandex.ru api-maps.yandex.ru mc.yandex.ru yastatic.net pcode.yads.tech *.maps.yandex.net; style-src 'unsafe-inline' yastatic.net; img-src 'self' data: avatars.mds.yandex.net favicon.yandex.net *.captcha.yandex.net yastatic.net *.maps.yandex.net *.yandex.ru avatars.yads.tech; media-src blob: strm.yandex.ru *.strm.yandex.net; font-src yastatic.net; connect-src 'self' blob: abs.yandex.ru an.yandex.ru yandex.ru mc.yandex.ru yastatic.net log.strm.yandex.ru display.yads.tech display-logs.yads.tech; frame-src yandexadexchange.net yandex.ru an.yandex.ru; report-uri https://csp.yandex.net/csp?from=yabs&project=yabs&yandex_login=&platform=
nel
{"report_to": "network-errors", "max_age": 100, "success_fraction": 0.001, "failure_fraction": 0.1}
x-yandex-req-id
1724597245326928-7167334664777577003-balancer-l7leveler-kubr-yp-klg-12-BAL
uniformat-product-type
Direct
x-xss-protection
1; mode=block
pragma
no-cache
last-modified
Sun, 25 Aug 2024 14:47:25 GMT
accept-ch
Sec-CH-UA-Platform-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Platform, Sec-CH-UA-Full-Version, Viewport-Width, DPR, Device-Memory, RTT, Downlink, ECT
uniformat
true
report-to
{ "group": "network-errors", "max_age": 100, "endpoints": [{"url": "https://dr.yandex.net/nel", "priority": 1}, {"url": "https://dr2.yandex.net/nel", "priority": 2}]}
content-type
application/json
access-control-allow-origin
https://goo.su
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*
expires
Sun, 25 Aug 2024 14:47:25 GMT
/
privacy-cs.mail.ru/fp/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://privacy-cs.mail.ru/fp/?id=oEXTxrCLyyzSMKq0rf_mW
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
95.163.52.89 , Russian Federation, ASN47764 (VK-AS, RU),
Reverse DNS
r3.mail.ru
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://goo.su
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
content-type
Access-Control-Allow-Method
POST
Access-Control-Allow-Origin
https://goo.su
Access-Control-Max-Age
1728000
Cache-Control
max-age=7200
Connection
keep-alive
Content-Length
0
Content-Type
application/octet-stream
Date
Sun, 25 Aug 2024 14:47:25 GMT
Expires
Sun, 25 Aug 2024 16:47:25 GMT
Server
nginx
/
privacy-cs.mail.ru/fp/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://privacy-cs.mail.ru/fp/?id=oEXTxrCLyyzSMKq0rf_mW
Requested by
Host: privacy-cs.mail.ru
URL: https://privacy-cs.mail.ru/static/sync-loader.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
95.163.52.89 , Russian Federation, ASN47764 (VK-AS, RU),
Reverse DNS
r3.mail.ru
Software
nginx /
Resource Hash

Request headers

Referer
https://goo.su/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
Content-Type
application/json

Response headers

Date
Sun, 25 Aug 2024 14:47:25 GMT
Server
nginx
Transfer-Encoding
chunked
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSAo PSDo OUR BUS UNI NAV STA INT"
Content-Type
application/octet-stream
Access-Control-Allow-Origin
https://goo.su
Cache-Control
max-age=7200
Access-Control-Allow-Credentials
true
Connection
keep-alive
Timing-Allow-Origin
*
Expires
Sun, 25 Aug 2024 16:47:25 GMT
metrika_match.html
mc.yandex.com/metrika/ Frame 5279 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.com/metrika/metrika_match.html
Requested by
Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
77.88.21.119 , Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
mc.yandex.ru
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://goo.su/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
access-control-allow-origin
*
cache-control
max-age=3600
content-encoding
br
content-length
1046
content-type
text/html
date
Sun, 25 Aug 2024 14:47:25 GMT
etag
"66c4a0d6-416"
expires
Sun, 25 Aug 2024 15:47:25 GMT
last-modified
Tue, 20 Aug 2024 13:57:42 GMT
strict-transport-security
max-age=31536000
timing-allow-origin
*
1
mc.yandex.com/watch/54140170/
Redirect Chain
  • https://mc.yandex.com/watch/54140170?wmode=7&page-url=https%3A%2F%2Fgoo.su%2FDBuFfbH&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3Acstsejpcztnbm4xas7mgj8ug9n%3Afu%3A0%3Aen%3Autf-8%3Ala%3A...
  • https://mc.yandex.com/watch/54140170/1?wmode=7&page-url=https%3A%2F%2Fgoo.su%2FDBuFfbH&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3Acstsejpcztnbm4xas7mgj8ug9n%3Afu%3A0%3Aen%3Autf-8%3Ala%...
605 B
783 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.com/watch/54140170/1?wmode=7&page-url=https%3A%2F%2Fgoo.su%2FDBuFfbH&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3Acstsejpcztnbm4xas7mgj8ug9n%3Afu%3A0%3Aen%3Autf-8%3Ala%3Afi-FI%3Av%3A1410%3Acn%3A1%3Adp%3A0%3Als%3A1033007984533%3Ahid%3A748349861%3Az%3A180%3Ai%3A20240825174724%3Aet%3A1724597244%3Ac%3A1%3Arn%3A125021724%3Arqn%3A1%3Au%3A1724597244832576909%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Afp%3A1362%3Awv%3A2%3Ads%3A7%2C495%2C150%2C4%2C0%2C0%2C%2C693%2C0%2C%2C%2C%2C1355%3Aco%3A0%3Acpf%3A1%3Ans%3A1724597242272%3Agi%3AR0ExLjEuMTA1MjYyNTc0NS4xNzI0NTk3MjQ0%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1724597245%3At%3ANot%20Found&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29rcm%281%29cdl%28na%29eco%2821037572%29ti%281%29
Requested by
Host: goo.su
URL: https://goo.su/DBuFfbH
Protocol
H2
Server
87.250.251.119 , Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
mc.yandex.ru
Software
/
Resource Hash
87132c2f44de32c789fbc4fc5db1b54a9aabaa77850d1868ba8278549a42f10f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://goo.su/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 25 Aug 2024 14:47:25 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
last-modified
Sun, 25-Aug-2024 14:47:25 GMT
accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
content-type
application/json; charset=utf-8
access-control-allow-origin
https://goo.su
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-length
605
x-xss-protection
1; mode=block
expires
Sun, 25-Aug-2024 14:47:25 GMT

Redirect headers

pragma
no-cache
date
Sun, 25 Aug 2024 14:47:25 GMT
strict-transport-security
max-age=31536000
last-modified
Sun, 25-Aug-2024 14:47:25 GMT
accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
location
/watch/54140170/1?wmode=7&page-url=https%3A%2F%2Fgoo.su%2FDBuFfbH&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3Acstsejpcztnbm4xas7mgj8ug9n%3Afu%3A0%3Aen%3Autf-8%3Ala%3Afi-FI%3Av%3A1410%3Acn%3A1%3Adp%3A0%3Als%3A1033007984533%3Ahid%3A748349861%3Az%3A180%3Ai%3A20240825174724%3Aet%3A1724597244%3Ac%3A1%3Arn%3A125021724%3Arqn%3A1%3Au%3A1724597244832576909%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Afp%3A1362%3Awv%3A2%3Ads%3A7%2C495%2C150%2C4%2C0%2C0%2C%2C693%2C0%2C%2C%2C%2C1355%3Aco%3A0%3Acpf%3A1%3Ans%3A1724597242272%3Agi%3AR0ExLjEuMTA1MjYyNTc0NS4xNzI0NTk3MjQ0%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1724597245%3At%3ANot%20Found&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29rcm%281%29cdl%28na%29eco%2821037572%29ti%281%29
access-control-allow-origin
https://goo.su
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
x-xss-protection
1; mode=block
expires
Sun, 25-Aug-2024 14:47:25 GMT
1
mc.yandex.com/watch/54140170/ 		43 B
86 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.com/watch/54140170/1?page-url=https%3A%2F%2Fgoo.su%2FDBuFfbH&charset=utf-8&uah=chm%0A%3F0&hittoken=1724597245_581ffd57ac27291dfecb83987ffb3b4a33646fa0b778483d19ea46fa36e393eb&browser-info=pa%3A1%3Aar%3A1%3Avf%3Acstsejpcztnbm4xas7mgj8ug9n%3Afu%3A0%3Aen%3Autf-8%3Ala%3Afi-FI%3Av%3A1410%3Acn%3A1%3Adp%3A1%3Als%3A1033007984533%3Ahid%3A748349861%3Az%3A180%3Ai%3A20240825174725%3Aet%3A1724597245%3Ac%3A1%3Arn%3A480355388%3Arqn%3A2%3Au%3A1724597244832576909%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Aco%3A0%3Acpf%3A1%3Ans%3A1724597242272%3Agi%3AR0ExLjEuMTA1MjYyNTc0NS4xNzI0NTk3MjQ0%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1724597245&t=gdpr(14)mc(p-1)clc(0-0-0)rqnt(2)lt(22800)aw(1)rcm(1)cdl(na)eco(21037572)ti(0)&force-urlencoded=1&site-info=%7B%22__ym%22%3A%7B%22adSessionID%22%3A%229179241724597244650%22%7D%7D
Requested by
Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
87.250.251.119 , Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
mc.yandex.ru
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Referer
https://goo.su/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
date
Sun, 25 Aug 2024 14:47:25 GMT
last-modified
Sun, 25-Aug-2024 14:47:25 GMT
accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
content-type
image/gif
access-control-allow-origin
https://goo.su
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-length
43
x-xss-protection
1; mode=block
expires
Sun, 25-Aug-2024 14:47:25 GMT
event_confirmation
an.yandex.ru/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://an.yandex.ru/event_confirmation
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.180.193.90 , Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
bs.yandex.ru
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://goo.su
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://goo.su
access-control-max-age
1728000
content-encoding
gzip
date
Sun, 25 Aug 2024 14:47:26 GMT
strict-transport-security
max-age=31536000
timing-allow-origin
*
x-xss-protection
1; mode=block
event_confirmation
an.yandex.ru/ 		0
257 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://an.yandex.ru/event_confirmation
Requested by
Host: an.yandex.ru
URL: https://an.yandex.ru/system/context.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.180.193.90 , Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
bs.yandex.ru
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Referer
https://goo.su/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
Content-Type
application/json

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
content-encoding
gzip
date
Sun, 25 Aug 2024 14:47:26 GMT
last-modified
Sun, 25 Aug 2024 14:47:26 GMT
access-control-allow-origin
https://goo.su
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*
x-xss-protection
1; mode=block
expires
Sun, 25 Aug 2024 14:47:26 GMT
wy150
avatars.mds.yandex.net/get-direct/5252363/DIq4-6ehB7Ngn1uk5hwuxA/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://avatars.mds.yandex.net/get-direct/5252363/DIq4-6ehB7Ngn1uk5hwuxA/wy150
Requested by
Host: goo.su
URL: https://goo.su/DBuFfbH
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
87.250.247.183 , Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
avatars.mds.yandex.net
Software
nginx /
Resource Hash
0f3d990cfe6ec119d1217b7f3222e92f6af26f13f99ccbcb911d3ac816e86b03

Request headers

Referer
https://goo.su/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Sun, 25 Aug 2024 14:47:26 GMT
last-modified
Fri, 13 Oct 2023 15:04:31 GMT
server
nginx
nel
{"report_to": "network-errors", "max_age": 600, "success_fraction": 0.001, "failure_fraction": 0.01}
report-to
{"group": "network-errors", "max_age": 600, "endpoints": [ { "url": "https://dr.yandex.net/s3_nel?datacenter=KLG"}]}
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=31536000,immutable
access-control-allow-credentials
true
content-length
2668
x-request-id
bd90f35ae37f4f5d
promo.pixelsee.app
favicon.yandex.net/favicon/ 		780 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://favicon.yandex.net/favicon/promo.pixelsee.app?size=32&stub=2
Requested by
Host: goo.su
URL: https://goo.su/DBuFfbH
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
213.180.204.36 , Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
favicon.yandex.net
Software
/
Resource Hash
be4e7ce02d257caf1ff10dbae4173fa4a6a065d97181c23b9681339aee1ae280
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://goo.su/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

access-control-allow-origin
*
Cache-Control
max-age=691200
X-Content-Type-Options
nosniff
X-Yandex-Req-Id
1724597246247330-1799087351782131244300268-production-app-host-sas-favicon-24
Transfer-Encoding
chunked
X-XSS-Protection
1; mode=block
Content-Type
image/png
render.html
yastatic.net/safeframe-bundles/0.83/1-1-0/ Frame 31EE 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://yastatic.net/safeframe-bundles/0.83/1-1-0/render.html
Requested by
Host: yastatic.net
URL: https://yastatic.net/safeframe-bundles/0.83/host.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
178.154.131.215 , Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
static.yandex.net
Software
nginx/1.17.9 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=43200000; includeSubDomains;

Request headers

Referer
https://goo.su/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
access-control-allow-origin
*
cache-control
public, max-age=946708560
content-encoding
br
content-length
6262
content-type
text/html
date
Sun, 25 Aug 2024 14:47:26 GMT
etag
"eb77de48712912aadc9aa8171ac75ede"
expires
Tue, 25 Aug 2054 21:23:02 GMT
last-modified
Wed, 03 Nov 2021 13:42:58 GMT
nel
{"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
report-to
{ "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
server
nginx/1.17.9
strict-transport-security
max-age=43200000; includeSubDomains;
timing-allow-origin
*
vary
Accept-Encoding
x-robots-tag
noindex, noarchive, nofollow
1677322
mc.yandex.com/watch/ 		422 B
458 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.com/watch/1677322?wmode=7&page-url=https%3A%2F%2Fgoo.su%2FDBuFfbH&nohit=1&charset=utf-8&cnt-class=1&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3Acstsejpcztnbm4xas7mgj8ug9n%3Afu%3A0%3Aen%3Autf-8%3Ala%3Afi-FI%3Av%3A1410%3Acn%3A2%3Adp%3A1%3Als%3A82088712013%3Ahid%3A748349861%3Az%3A180%3Ai%3A20240825174725%3Aet%3A1724597246%3Ac%3A1%3Arn%3A438737564%3Au%3A1724597244832576909%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Aco%3A0%3Acpf%3A1%3Aeu%3A1%3Ans%3A1724597242272%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1724597246%3At%3ANot%20Found&t=mc(p-1)clc(0-0-0)lt(22800)aw(1)rcm(1)cdl(na)eco(2179136)dss(2)ti(1)
Requested by
Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
87.250.251.119 , Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
mc.yandex.ru
Software
/
Resource Hash
63a28bdaf25a41f47a8735d7162a7a963d66c09c6dc12746418755d26ae45714
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://goo.su/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 25 Aug 2024 14:47:25 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
last-modified
Sun, 25-Aug-2024 14:47:25 GMT
accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
content-type
application/json; charset=utf-8
access-control-allow-origin
https://goo.su
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-length
422
x-xss-protection
1; mode=block
expires
Sun, 25-Aug-2024 14:47:25 GMT
context.js
yandex.ru/ads/system/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://yandex.ru/ads/system/context.js
Requested by
Host: privacy-cs.mail.ru
URL: https://privacy-cs.mail.ru/static/sync-loader.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
77.88.44.55 , Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
yandex.ru
Software
/
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://goo.su/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

content-encoding
br
x-content-type-options
nosniff
nel
{"report_to": "network-errors", "max_age": 100, "success_fraction": 0.001, "failure_fraction": 0.1}
accept-ch
Sec-CH-UA-Platform-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Platform, Sec-CH-UA-Full-Version, Viewport-Width, DPR, Device-Memory, RTT, Downlink, ECT
etag
"f7660224d0f957f1753923ae993f5994-1094840"
x-yandex-req-id
1724597246415884-15803195005952944379-balancer-l7leveler-kubr-yp-klg-237-BAL
report-to
{ "group": "network-errors", "max_age": 100, "endpoints": [{"url": "https://dr.yandex.net/nel", "priority": 1}, {"url": "https://dr2.yandex.net/nel", "priority": 2}]}
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=3600
x-robots-tag
noindex, noarchive, nofollow
timing-allow-origin
*
expires
Sun, 25 Aug 2024 15:47:26 GMT
event_confirmation
an.yandex.ru/ 		0
50 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://an.yandex.ru/event_confirmation
Requested by
Host: an.yandex.ru
URL: https://an.yandex.ru/system/context.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.180.193.90 , Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
bs.yandex.ru
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Referer
https://goo.su/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
Content-Type
application/json

Response headers

pragma
no-cache
date
Sun, 25 Aug 2024 14:47:26 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000
last-modified
Sun, 25 Aug 2024 14:47:26 GMT
access-control-allow-origin
https://goo.su
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*
x-xss-protection
1; mode=block
expires
Sun, 25 Aug 2024 14:47:26 GMT
1KSfdHaX0e8200000000U9nJ_7j_TjJXoQnQXfTD0urzRBQxMFvrFft600IUC95GXmzBnMEvPaWof382nJClctPgWCHBsO2yshyQ30ojZDL0vap6nWgG0WQ6XOpBJ26ibOp1kM06mrx6BOTL6Ow2-MSPcO4YLnb1QkuoCiWmCFnbdCN4m32N2IIob6a1AmF3MgOe8...
yandex.ru/an/rtbcount/ 		43 B
1 KB 		Ping
General
Check archive.org
Download Go to
Full URL
https://yandex.ru/an/rtbcount/1KSfdHaX0e8200000000U9nJ_7j_TjJXoQnQXfTD0urzRBQxMFvrFft600IUC95GXmzBnMEvPaWof382nJClctPgWCHBsO2yshyQ30ojZDL0vap6nWgG0WQ6XOpBJ26ibOp1kM06mrx6BOTL6Ow2-MSPcO4YLnb1QkuoCiWmCFnbdCN4m32N2IIob6a1AmF3MgOe8FiiqtyWUCKauBpXqTJBG4C3F0t4cXNO6FuoiG2bMvc1AXbwcVc1v5HcaEQvp4mWQu7cAu1iPTd8_4f8uDysy-Jwayn_FkzmD1OJDxmALdaNJFvaTd3YXpYQvV6hCs3M2fQrl3jO_iC0um4azWMMtjUVlxreFF1T_2OBn6SVx1-oAEPpy9VFk6R_bWNalmyiV_U_lxBrnvCchGMiN2TPAnOAW5LUO6reQ6XnkCaASybNLf2X7MmDB1FOu5fci5qv7Bo0xV6amq-_VhywSpRZIZQOyGVOF4wmCJzYuyqnyB0opijsCmlBB35_oGPpo4yuQoBx6UuhjZSwtjdFOcStDB0qjh0qNi7Ek86TSGSxumbsyGViovTU-FTj_uuTzJ_OUJeuWXTmD7vaNS6nx3NB1exBjnXtS33Uui08zQSS30mDzhsS84zEvGJvVm5d0_CApdLC6pZ5Jd0oNk1a_C39-8EJiOFhuu85TvaNS04D_SWr-st4f7KXjnqQkK6EIuZwxD09PWbqV7S00ETytUS0?
Requested by
Host: yastatic.net
URL: https://yastatic.net/partner-code-bundles/1093893/5ea1161555f9fba1d63a.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
77.88.44.55 , Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
yandex.ru
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests; default-src 'none'; base-uri 'none'; script-src 'report-sample' 'unsafe-inline' 'self' yandex.ru an.yandex.ru api-maps.yandex.ru mc.yandex.ru yastatic.net pcode.yads.tech *.maps.yandex.net; style-src 'unsafe-inline' yastatic.net; img-src 'self' data: avatars.mds.yandex.net favicon.yandex.net *.captcha.yandex.net yastatic.net *.maps.yandex.net *.yandex.ru avatars.yads.tech; media-src blob: strm.yandex.ru *.strm.yandex.net; font-src yastatic.net; connect-src 'self' blob: abs.yandex.ru an.yandex.ru yandex.ru mc.yandex.ru yastatic.net log.strm.yandex.ru display.yads.tech display-logs.yads.tech; frame-src yandexadexchange.net yandex.ru an.yandex.ru; report-uri https://csp.yandex.net/csp?from=yabs&project=yabs&yandex_login=&platform=
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://goo.su/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Sun, 25 Aug 2024 14:47:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
upgrade-insecure-requests; default-src 'none'; base-uri 'none'; script-src 'report-sample' 'unsafe-inline' 'self' yandex.ru an.yandex.ru api-maps.yandex.ru mc.yandex.ru yastatic.net pcode.yads.tech *.maps.yandex.net; style-src 'unsafe-inline' yastatic.net; img-src 'self' data: avatars.mds.yandex.net favicon.yandex.net *.captcha.yandex.net yastatic.net *.maps.yandex.net *.yandex.ru avatars.yads.tech; media-src blob: strm.yandex.ru *.strm.yandex.net; font-src yastatic.net; connect-src 'self' blob: abs.yandex.ru an.yandex.ru yandex.ru mc.yandex.ru yastatic.net log.strm.yandex.ru display.yads.tech display-logs.yads.tech; frame-src yandexadexchange.net yandex.ru an.yandex.ru; report-uri https://csp.yandex.net/csp?from=yabs&project=yabs&yandex_login=&platform=
nel
{"report_to": "network-errors", "max_age": 100, "success_fraction": 0.001, "failure_fraction": 0.1}
x-yandex-req-id
1724597245785847-7723185700157466908-balancer-l7leveler-kubr-yp-klg-12-BAL
x-xss-protection
1; mode=block
pragma
no-cache
last-modified
Sun, 25 Aug 2024 14:47:25 GMT
accept-ch
Sec-CH-UA-Platform-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Platform, Sec-CH-UA-Full-Version, Viewport-Width, DPR, Device-Memory, RTT, Downlink, ECT
report-to
{ "group": "network-errors", "max_age": 100, "endpoints": [{"url": "https://dr.yandex.net/nel", "priority": 1}, {"url": "https://dr2.yandex.net/nel", "priority": 2}]}
content-type
image/gif
access-control-allow-origin
https://goo.su
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*
expires
Sun, 25 Aug 2024 14:47:25 GMT
event_confirmation
an.yandex.ru/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://an.yandex.ru/event_confirmation
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.180.193.90 , Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
bs.yandex.ru
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://goo.su
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://goo.su
access-control-max-age
1728000
content-encoding
gzip
date
Sun, 25 Aug 2024 14:47:26 GMT
strict-transport-security
max-age=31536000
timing-allow-origin
*
x-xss-protection
1; mode=block
1
mc.yandex.com/watch/1677322/ 		43 B
74 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.com/watch/1677322/1?page-url=https%3A%2F%2Fgoo.su%2FDBuFfbH&charset=utf-8&cnt-class=1&uah=chm%0A%3F0&hittoken=1724597245_c9ba157e4f5f84753aeb3e0161433102c4b4d4c5d2e8a15dfee15cb608b629a7&browser-info=pa%3A1%3Aar%3A1%3Avf%3Acstsejpcztnbm4xas7mgj8ug9n%3Afu%3A0%3Aen%3Autf-8%3Ala%3Afi-FI%3Av%3A1410%3Acn%3A2%3Adp%3A1%3Als%3A82088712013%3Ahid%3A748349861%3Az%3A180%3Ai%3A20240825174725%3Aet%3A1724597246%3Ac%3A1%3Arn%3A826573833%3Arqn%3A1%3Au%3A1724597244832576909%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Afp%3A1362%3Awv%3A2%3Ads%3A7%2C495%2C150%2C4%2C0%2C0%2C%2C693%2C0%2C%2C%2C%2C1355%3Aco%3A0%3Acpf%3A1%3Aeu%3A1%3Ans%3A1724597242272%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1724597246&t=mc(p-2-h-1)clc(0-0-0)rqnt(1)lt(22800)aw(1)rcm(1)cdl(na)eco(2179136)dss(2)ti(0)&force-urlencoded=1&site-info=%7B%22__ym%22%3A%7B%22adSessionID%22%3A%229179241724597244650%22%7D%7D
Requested by
Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
87.250.251.119 , Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
mc.yandex.ru
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Referer
https://goo.su/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
date
Sun, 25 Aug 2024 14:47:25 GMT
last-modified
Sun, 25-Aug-2024 14:47:25 GMT
accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
content-type
image/gif
access-control-allow-origin
https://goo.su
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-length
43
x-xss-protection
1; mode=block
expires
Sun, 25-Aug-2024 14:47:25 GMT
1677322
mc.yandex.com/watch/ 		43 B
75 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.com/watch/1677322?page-url=https%3A%2F%2Fgoo.su%2FDBuFfbH&charset=utf-8&cnt-class=1&uah=chm%0A%3F0&hittoken=1724597245_c9ba157e4f5f84753aeb3e0161433102c4b4d4c5d2e8a15dfee15cb608b629a7&browser-info=pv%3A1%3Aar%3A1%3Avf%3Acstsejpcztnbm4xas7mgj8ug9n%3Afu%3A0%3Aen%3Autf-8%3Ala%3Afi-FI%3Av%3A1410%3Acn%3A2%3Adp%3A1%3Als%3A82088712013%3Ahid%3A748349861%3Az%3A180%3Ai%3A20240825174725%3Aet%3A1724597246%3Ac%3A1%3Arn%3A91912600%3Arqn%3A2%3Au%3A1724597244832576909%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Aco%3A0%3Acpf%3A1%3Aeu%3A1%3Ans%3A1724597242272%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1724597246%3At%3ANot%20Found&t=mc(p-2-h-1)clc(0-0-0)rqnt(2)lt(22800)aw(1)rcm(1)cdl(na)eco(2179136)dss(2)ti(0)&force-urlencoded=1
Requested by
Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
87.250.251.119 , Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
mc.yandex.ru
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Referer
https://goo.su/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 25 Aug 2024 14:47:25 GMT
strict-transport-security
max-age=31536000
last-modified
Sun, 25-Aug-2024 14:47:25 GMT
accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
content-type
image/gif
access-control-allow-origin
https://goo.su
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-length
43
x-xss-protection
1; mode=block
expires
Sun, 25-Aug-2024 14:47:25 GMT
tracker
top-fwz1.mail.ru/ 		43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://top-fwz1.mail.ru/tracker?_=0.9059183865114768;id=3128781;u=https%3A//goo.su/DBuFfbH;title=Not%20Found;s=1600*1200;vp=1600*1200;touch=0;hds=1;sid=b942e761268fce4f;ver=60.6.0;tz=-180%2FEurope%2FHelsinki;st=1724597243622;nt=0/0/1724597242272/////0/1/8/9/502/316/503/653/657/659/1350/1355/1355/4129/4130/4130;ct=1704/1708/1708/1723/1350;rt=1350/353/0/0/0/1350/1350/1356/1356/1529/1364/1529/1630/1703;gl=u;ni=9.6//4g/250/0/;detect=0;lvid=1724597243979%3A1724597246403%3A2%3A97c85e3f6cd81fda6a6975cb93a106ee;opts=dl%2Cjst-gtag-ga-ym%2Ccnhp%3Dh2%2Ccs%3D19122-46933-19422;fpid=oEXTxrCLyyzSMKq0rf_mW;visible=true;js=13;e=RT/load;et=1724597246402
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
95.163.52.67 , Russian Federation, ASN47764 (VK-AS, RU),
Reverse DNS
top-fwz1.mail.ru
Software
nginx /
Resource Hash
24e480e4659fbae818853a38f8a3036f529f539024dc3e772c0b594ce02ea9db
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://goo.su/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Sun, 25 Aug 2024 14:47:26 GMT
x-content-type-options
nosniff
p3p
CP="NOI DSP COR NID CUR PSA OUR NOR"
content-length
43
pragma
no-cache
amp-access-control-allow-source-origin
*
server
nginx
accept-ch
DPR, Width, Viewport-Width, Downlink, Device-Memory, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version
access-control-allow-methods
GET, POST, HEAD, PUT, OPTIONS
content-type
image/gif
access-control-allow-origin
*
accept-ch-lifetime
86400
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
private, no-cache, no-store, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*
access-control-allow-headers
*
/
privacy-cs.mail.ru/fp/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://privacy-cs.mail.ru/fp/?id=oEXTxrCLyyzSMKq0rf_mW
Requested by
Host: privacy-cs.mail.ru
URL: https://privacy-cs.mail.ru/static/sync-loader.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
95.163.52.89 , Russian Federation, ASN47764 (VK-AS, RU),
Reverse DNS
r3.mail.ru
Software
nginx /
Resource Hash

Request headers

Referer
https://goo.su/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
Content-Type
application/json

Response headers

Date
Sun, 25 Aug 2024 14:47:26 GMT
Server
nginx
Transfer-Encoding
chunked
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSAo PSDo OUR BUS UNI NAV STA INT"
Content-Type
application/octet-stream
Access-Control-Allow-Origin
https://goo.su
Cache-Control
max-age=7200
Access-Control-Allow-Credentials
true
Connection
keep-alive
Timing-Allow-Origin
*
Expires
Sun, 25 Aug 2024 16:47:26 GMT
favicon.ico
goo.su/ 		15 KB
7 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://goo.su/favicon.ico
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
172.67.139.105 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4286c3fed7075e00cbd2b574690e9878d945e42ba92bac2b3464c1a943c2d3c2

Request headers

Referer
https://goo.su/DBuFfbH
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Sun, 25 Aug 2024 14:47:26 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Sun, 24 Dec 2023 16:31:41 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
166909
etag
W/"65885ced-3aee"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=MhQzwS%2BI2b5kR5KLYgduLla6sZXBGOM0gHiVN8CPGuXE4DW089BmAV5zLgoeTn9iO%2F1RVYhYRXNOiqoeR50K%2BQ2cClH8DSptEg1BK6CaoS1%2FkWt28gOYQRE%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/x-icon
cache-control
max-age=604800
cf-ray
8b8c60972c7956c4-OSL
alt-svc
h3=":443"; ma=86400
expires
Fri, 30 Aug 2024 16:25:37 GMT
WQiejI_zOoVX2Lai0UqC08DMLnv4emTH1i7aTxpUS8VhTx8wZbvdzpbPdwFx3-OI1j1ngaYLX614LT0ekdaWS0xDu62N7RuGTF2wC09uirtUwJQD5S0sPMVjl9qs4WcXe1yaQmqaQz9F4X3r1eaaQnBLEcH58f4aWwgqO_Dd0qu0YsXs0yHYzyN6grGgbKeCNoFOx...
yandex.ru/an/count/ 		43 B
382 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://yandex.ru/an/count/WQiejI_zOoVX2Lai0UqC08DMLnv4emTH1i7aTxpUS8VhTx8wZbvdzpbPdwFx3-OI1j1ngaYLX614LT0ekdaWS0xDu62N7RuGTF2wC09uirtUwJQD5S0sPMVjl9qs4WcXe1yaQmqaQz9F4X3r1eaaQnBLEcH58f4aWwgqO_Dd0qu0YsXs0yHYzyN6grGgbKeCNoFOxB3HALHjAOdJKaR5WuFv0WSnXGrS3MCtFYnQ3NlJ3GcVLiFMrv2VD5eOcgnDXiO6wgPuj0KGzW5aQGBGRJ2OVH4USaO4ds3X4eX1YmBAaXr6jl2iCBd0jQMEvBNna495qiAMgUkwpgJh-WovATEeREOqQN16O87IGvduEFIUm21JLa4cwobaFGMTrdKT6oEcOSGCQ7KTnek220Ci3jW1PGBJJU1V6Tc0g_1BKyz3Dhy-BBAv-z-OywVaoautmeJRT7W9zBb1mpNfhESZOrsJdFWYGlaFQ5Pv76WKiY4J_1sRtFWssZxmYC33-ltIZGrPEH6RzSPG6nc4KnSjixmmwlKVglHjY8fVAN8mq3UnQVIbfQSm2Lvqm3cE~2=WVaejI_zOoVX2LbS0LqF0ECSRyqtD1rV4F2QeF8Jj8uusW5THBIv_J3WIuC02m3Y-ycUWF3IiDM1u89Wyat8ZNXoKfv0OTjfrB1JfjDso4jzPmnrsaxxx-pPqgdDtBcZeClELzdCQTBWZC02fOSoyN7eFO51nz5hoNzAn7_ToHqwMniybZKtKG5negCruIIj1eVX0sa-Jf45Q7sSkXIWzN4o5w3jcIGNeEsP92n0spCPfG1jp-HW0TeIrfH0Oca42r4i85j2RoldQq8n2fIv334ESxf3a5Lh9WuFqDze6tk0Bo59caXcDEVp3PCFYpn0p8eaZpOtFYnQ3NlJ3GcVLiEMdgefUnzUN5qrOWUST5slqJTm0JEL8RLOuK73zJJRdad20BOUg_KMWNRjcDdILnNAD8Mj1IeYWp7afexrCVgC5eQi0KRyTPWl2Y8Ci3XW1vG9JDU7HJQv3VJuOb_boWytzy8VxC4z_jU3UtplRzk_zWUvyhCUIunPzcVcbrvwPMWmJXUMBxtZT669exU-Zf17cpVxhIz_8ADYysHVvqI8e1yR4FYbeyr_aPx6Fn3zbjPrtV5f_0FHQ_sGG25Dmf28KSY0kEbOT0Vw15aK0WtytffZ_024NpBIQEpMfcsl3HCkd5aWgi-OR_qc0a74AtpzBFGPbLC2oNGH~2?test-tag=143486267424785&banner-sizes=eyI3MjA1NzYwOTM0NDcxNDIyNiI6IjE2MDB4MTUwIn0%3D&ctime=1724597248019&actual-format=10&pcodever=1093893&banner-test-tags=eyI3MjA1NzYwOTM0NDcxNDIyNiI6IjI4MTQ3OTI3MTczNTM0NSJ9&constructor-rendered-assets=eyI3MjA1NzYwOTM0NDcxNDIyNiI6NjQ5fQ&rendered-direct-assets=eyI3MjA1NzYwOTM0NDcxNDIyNiI6MTA0ODYzM30&width=4000&height=150&stat-id=6&subDesignId=1000870001&confirmTime=2100000&confirmRatio=400000&wmode=0
Requested by
Host: yastatic.net
URL: https://yastatic.net/partner-code-bundles/1093893/5ea1161555f9fba1d63a.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
77.88.44.55 , Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
yandex.ru
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests; default-src 'none'; base-uri 'none'; script-src 'report-sample' 'unsafe-inline' 'self' yandex.ru an.yandex.ru api-maps.yandex.ru mc.yandex.ru yastatic.net pcode.yads.tech *.maps.yandex.net; style-src 'unsafe-inline' yastatic.net; img-src 'self' data: avatars.mds.yandex.net favicon.yandex.net *.captcha.yandex.net yastatic.net *.maps.yandex.net *.yandex.ru avatars.yads.tech; media-src blob: strm.yandex.ru *.strm.yandex.net; font-src yastatic.net; connect-src 'self' blob: abs.yandex.ru an.yandex.ru yandex.ru mc.yandex.ru yastatic.net log.strm.yandex.ru display.yads.tech display-logs.yads.tech; frame-src yandexadexchange.net yandex.ru an.yandex.ru; report-uri https://csp.yandex.net/csp?from=yabs&project=yabs&yandex_login=&platform=
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://goo.su/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Sun, 25 Aug 2024 14:47:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
upgrade-insecure-requests; default-src 'none'; base-uri 'none'; script-src 'report-sample' 'unsafe-inline' 'self' yandex.ru an.yandex.ru api-maps.yandex.ru mc.yandex.ru yastatic.net pcode.yads.tech *.maps.yandex.net; style-src 'unsafe-inline' yastatic.net; img-src 'self' data: avatars.mds.yandex.net favicon.yandex.net *.captcha.yandex.net yastatic.net *.maps.yandex.net *.yandex.ru avatars.yads.tech; media-src blob: strm.yandex.ru *.strm.yandex.net; font-src yastatic.net; connect-src 'self' blob: abs.yandex.ru an.yandex.ru yandex.ru mc.yandex.ru yastatic.net log.strm.yandex.ru display.yads.tech display-logs.yads.tech; frame-src yandexadexchange.net yandex.ru an.yandex.ru; report-uri https://csp.yandex.net/csp?from=yabs&project=yabs&yandex_login=&platform=
nel
{"report_to": "network-errors", "max_age": 100, "success_fraction": 0.001, "failure_fraction": 0.1}
x-yandex-req-id
1724597248085354-5295858320199347839-balancer-l7leveler-kubr-yp-klg-12-BAL
x-xss-protection
1; mode=block
pragma
no-cache
last-modified
Sun, 25 Aug 2024 14:47:28 GMT
accept-ch
Sec-CH-UA-Platform-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Platform, Sec-CH-UA-Full-Version, Viewport-Width, DPR, Device-Memory, RTT, Downlink, ECT
report-to
{ "group": "network-errors", "max_age": 100, "endpoints": [{"url": "https://dr.yandex.net/nel", "priority": 1}, {"url": "https://dr2.yandex.net/nel", "priority": 2}]}
content-type
image/gif
access-control-allow-origin
https://goo.su
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*
expires
Sun, 25 Aug 2024 14:47:28 GMT
/
kraken.rambler.ru/cnt/v2/ 		43 B
860 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://kraken.rambler.ru/cnt/v2/
Requested by
Host: st.top100.ru
URL: https://st.top100.ru/top100/top100.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
81.19.89.16 , Russian Federation, ASN24638 (RAMBLER-TELECOM-AS, RU),
Reverse DNS
kraken.rambler.ru
Software
nginx /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://goo.su/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Sun, 25 Aug 2024 14:47:29 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-srv
0kraken-prod0002.ad.rambler.tech
x-sca-elb
nginx-top100-ext
p3p
CP="NON DSP NID ADMa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
content-length
43
pragma
no-cache
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
https://goo.su
cache-control
no-cache
access-control-allow-credentials
true
access-control-allow-headers
content-type
expires
Thu, 01 Jan 1970 00:00:01 GMT

Verdicts & Comments Add Verdict or Comment

48 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| $insertQueueab8f08b331a6$ boolean| //enduresopens.com/ttkXIvunodY/69489-8ba9-57fd object| 1bgbb027-3b87-ae67-26ar-hz150f600z16 object| strscrlobs number| process_1183523 object| yandexContextAsyncCallbacks function| gtag object| dataLayer object| _top100q function| ym object| _tmr number| process_1181279 function| $insertab8f08b331a6$ object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga object| gaGlobal function| Kraken function| top100 object| top100Counter object| _top100 object| Ya object| yaCounter54140170 object| gaplugins object| gaData function| cnc object| pcode_1093893_default_xWQd42pFpk object| __activeTestIds object| __vasActiveTestIds object| __pcodeAllActiveTestIds number| pr function| AdFox_getCodeScript object| ya object| yaads object| yaSafeFrameCallbacksStorage boolean| isLoadingSafeframeStarted object| adfoxAsyncParams object| adfoxAsyncParamsScroll object| adfoxAsyncParamsAdaptive object| layoutConfig number| rb_sync_refresh_time object| rb_sync object| $sf object| yaSafeFrameAsyncCallbacks object| yaCounter1677322

87 Cookies

Domain/Path Name / Value
yastatic.net/safeframe-bundles/0.83/1-1-0 Name: pcssspb
Value: 1
yastatic.net/safeframe-bundles/0.83/1-1-0 Name: pcs3
Value: 1
shopnetic.com/api/rtb/dmp Name: test_cookie
Value: 1
kimberlite.io/rtb Name: da
Value: kFeECwAAAAE
kimberlite.io/rtb Name: as
Value: OFrH4WbLRACE8n8IZstEAA
goo.su/ Name: XSRF-TOKEN
Value: eyJpdiI6IjJYNDdHZ0lpYlAvdmFra2hUOUZxVnc9PSIsInZhbHVlIjoibDY3ek1BWmZQU1VuMldMR2RvOVNDbTJSaGh3TDF3VzFVSFhtRDZmOTlLV3h1T1BieDQ3RnlvZVNFY2Qvb3hsUHVUeEV3TU5yRWFjZFZFUWYrNzVzMXBDTEI5RWoreTlwTVdrNVdVVC9HcWdaR1BXRFZBbEFLNzNCSkx3OWpGQmsiLCJtYWMiOiI4MmQxNTUyOWYzZDgzMzkyYmM0NDJkZWRlZTJiNDhhN2Y1OGE5MjE0NzBjMTQ3MmY2Y2FkODg2MjE1MzNhZjM4IiwidGFnIjoiIn0%3D
goo.su/ Name: goosu_session
Value: eyJpdiI6IklyY3dybWJ5R0txTGE3UG9ZMFMyY2c9PSIsInZhbHVlIjoidGh6ZzRUNUtUSWF3UU51UENZQzdxNjR6T3FOUU9YUWo3L0xVbXNxdFE2MmhaeGMzRHpQc0xNdVRyb3hCY21FL3pIOUZkeWkram1Jc0Flei9BUVFHS3N3VXgvSG1nK3V3ZnFOMVMwOTJocGd5TEFSN1BsbzNtZWVzN09IN21zamYiLCJtYWMiOiIyMGM2MTQ3YzE0MDAwZjAzNWU2ZDcyYmYxMGU3ZmE5OTE1ZGMwNzg5MWJhMzA4NjJkZWI2OWE4NmZlYzI2MTU4IiwidGFnIjoiIn0%3D
enduresopens.com/ Name: GL_UI4
Value: eJw9jd1Og0AQhaGwtNWCTsID%2BAgFpMVL01vfgSy7U7ot7DTDlurbu5ro1fnJl3OCIFjkTxDOyRqim6zh5U0XetdgrQqtKlUWVbXf4xEb1amy3r1KWJupdbIb0MWwmkbJrnVzDJseLbJRrSKNKTx76q%2B5WLrbGETH0uoUxOiJIYVlx3SfkPMIYitHhORwYvIqRnkmhqgoG%2B%2BN9T7cwoKmPMoeQHwYe%2FvMNkmQZUkAj9dBuiPx2Brto%2BhZaoTwHVZKOuyJv2Cpcbo4ugLQoNt%2F%2FvdTDD9rkGicjfKR3An5GwIuTtI%3D
enduresopens.com/ Name: GL_GI10
Value: eJw1y0EKwjAQBdDMCFFBhY89gCeItio0a6UouKseILZBBmMsjXp%2B3bh98JRSnE3A0mFWbkyxXZlibU1uLegGro7gJmJYSQwutqAenJfg%2FmeXd5KHc6AGo4MPSeJdQILp2Qdxi3%2FhmDDeuWvwy319AnVagV9PPQCnNlOgj55%2FAYbdHfU%3D
.yadro.ru/ Name: FTID
Value: 1coqFx3gVc8s1coqFx002UJR
.goo.su/ Name: tmr_lvid
Value: 97c85e3f6cd81fda6a6975cb93a106ee
.goo.su/ Name: tmr_lvidTS
Value: 1724597243979
.goo.su/ Name: _ga_CFRSCHBSP6
Value: GS1.1.1724597244.1.0.1724597244.0.0.0
.yadro.ru/ Name: VID
Value: 01bhmG0oSAes1coqFx002UKT
.goo.su/ Name: adtech_uid
Value: 66536030-d2d8-41de-9a17-e85fd541aef2%3Agoo.su
.goo.su/ Name: top100_id
Value: t1.6673155.735473974.1724597244212
enduresopens.com/ Name: GL_CA_69489
Value: eJxjYGBgEmHiYhDatUSESZAxmY1RkLGEK%2B208x%2BQ2EIRJj4GNkY%2BRrAIAKSmCVA%3D
.yandex.ru/ Name: yashr
Value: 6610145151724597244
.goo.su/ Name: _ym_uid
Value: 1724597244832576909
.goo.su/ Name: _ym_d
Value: 1724597244
.goo.su/ Name: _ga
Value: GA1.2.1052625745.1724597244
.goo.su/ Name: _gid
Value: GA1.2.652915578.1724597245
.goo.su/ Name: _gat_gtag_UA_144661405_1
Value: 1
naggersanimism.shop/ Name: GL_UI4
Value: eJw9jd1Og0AQhaGwtNWCTsID%2BAgFpMVL01vfgSy7U7ot7DTDlurbu5ro1fnJl3OCIFjkTxDOyRqim6zh5U0XetdgrQqtKlUWVbXf4xEb1amy3r1KWJupdbIb0MWwmkbJrnVzDJseLbJRrSKNKTx76q%2B5WLrbGETH0uoUxOiJIYVlx3SfkPMIYitHhORwYvIqRnkmhqgoG%2B%2BN9T7cwoKmPMoeQHwYe%2FvMNkmQZUkAj9dBuiPx2Brto%2BhZaoTwHVZKOuyJv2Cpcbo4ugLQoNt%2F%2FvdTDD9rkGicjfKR3An5GwIuTtI%3D
naggersanimism.shop/ Name: GL_GI10
Value: eJw1y0EKwjAQBdDMCFFBhY89gCeItio0a6UouKseILZBBmMsjXp%2B3bh98JRSnE3A0mFWbkyxXZlibU1uLegGro7gJmJYSQwutqAenJfg%2FmeXd5KHc6AGo4MPSeJdQILp2Qdxi3%2FhmDDeuWvwy319AnVagV9PPQCnNlOgj55%2FAYbdHfU%3D
.costivecohorts.top/ Name: a97fa794a0f9
Value: 675798434f232bac726065
.mc.yandex.com/ Name: sync_cookie_csrf
Value: 2366678818fake
.yandex.com/ Name: i
Value: lUDzjesGK034Q9iuYDA+BNPELJ+5hZf8u79Cmwwg2h2ovLkZyOwBLFF+3jyhvnNRBdqqPI904Eddiwvf2GTbufJ0cxc=
.yandex.com/ Name: yandexuid
Value: 655360411724597244
.yandex.com/ Name: yashr
Value: 9766858481724597244
.goo.su/ Name: _ym_isad
Value: 2
.mc.yandex.ru/ Name: sync_cookie_csrf
Value: 3713058702fake
abtfliping.top/ Name: GL_UI4
Value: eJw9jd1Og0AQhaGwtNWCTsID%2BAgFpMVL01vfgSy7U7ot7DTDlurbu5ro1fnJl3OCIFjkTxDOyRqim6zh5U0XetdgrQqtKlUWVbXf4xEb1amy3r1KWJupdbIb0MWwmkbJrnVzDJseLbJRrSKNKTx76q%2B5WLrbGETH0uoUxOiJIYVlx3SfkPMIYitHhORwYvIqRnkmhqgoG%2B%2BN9T7cwoKmPMoeQHwYe%2FvMNkmQZUkAj9dBuiPx2Brto%2BhZaoTwHVZKOuyJv2Cpcbo4ugLQoNt%2F%2FvdTDD9rkGicjfKR3An5GwIuTtI%3D
abtfliping.top/ Name: GL_GI10
Value: eJw1y0EKwjAQBdDMCFFBhY89gCeItio0a6UouKseILZBBmMsjXp%2B3bh98JRSnE3A0mFWbkyxXZlibU1uLegGro7gJmJYSQwutqAenJfg%2FmeXd5KHc6AGo4MPSeJdQILp2Qdxi3%2FhmDDeuWvwy319AnVagV9PPQCnNlOgj55%2FAYbdHfU%3D
goo.su/ Name: domain_sid
Value: oEXTxrCLyyzSMKq0rf_mW%3A1724597244766
.mc.yandex.com/ Name: sync_cookie_ok
Value: synced
.yandex.ru/ Name: yandexuid
Value: 655360411724597244
.yandex.ru/ Name: yuidss
Value: 655360411724597244
.yandex.ru/ Name: i
Value: lUDzjesGK034Q9iuYDA+BNPELJ+5hZf8u79Cmwwg2h2ovLkZyOwBLFF+3jyhvnNRBdqqPI904Eddiwvf2GTbufJ0cxc=
.yandex.ru/ Name: yp
Value: 1724683644.yu.3537320441724597244
.yandex.ru/ Name: ymex
Value: 1727189244.oyu.3537320441724597244
mc.yandex.com/ Name: yabs-sid
Value: 2308370211724597245
.yandex.com/ Name: yuidss
Value: 655360411724597244
.yandex.com/ Name: ymex
Value: 1756133245.yrts.1724597245
.yandex.com/ Name: receive-cookie-deprecation
Value: 1
.yandex.com/ Name: bh
Value: KgI/MGD9h622Bg==
.goo.su/ Name: _ym_visorc
Value: b
.yandex.ru/ Name: yabs-vdrf
Value: A0
.yandex.ru/ Name: receive-cookie-deprecation
Value: 1
goo.su/ Name: tmr_detect
Value: 0%7C1724597246327
top-fwz1.mail.ru/ Name: PVID
Value: 1NJgq-1sWcoR0000290J5K2R:::0-0-0-be59cbc-0-be59cbe:CAASECA6ZlNs0rgvAfr502zIO4YaYJGE87BC0otehtTAZ2drvzxSbeKuYuspvTKrtwr7edvrsh1AdevoqerB1R9PEJX2ChypdPVyEDYPof-wKw3wBzib_tgcRMxIXyK6TBW3m-Hs20WgAgkvdHHjqJLNEld4DQ
.mail.ru/ Name: VID
Value: 1NJgq-1sWcoR0000290J5K2R:::0-0-0-be59cbc-0-be59cbe:CAASECA6ZlNs0rgvAfr502zIO4YaYJGE87BC0otehtTAZ2drvzxSbeKuYuspvTKrtwr7edvrsh1AdevoqerB1R9PEJX2ChypdPVyEDYPof-wKw3wBzib_tgcRMxIXyK6TBW3m-Hs20WgAgkvdHHjqJLNEld4DQ
.weborama.fr/ Name: AFFICHE_W
Value: vZ4DeCBrS6a938
.dmg.digitaltarget.ru/ Name: viuserid
Value: Wp03FXyzzeuKyDp7I5Nh
.acint.net/ Name: test_cookie
Value: CheckForPermission
.acint.net/ Name: aid
Value: fwAABmbLQ/45CBahnS8ZApYrBFENisZnHDEEifMRsqsJURzD
.mts.ru/ Name: ma_last_sync
Value: 1724597246679
.mts.ru/ Name: ma_id
Value: 3393590851724597246679
.acint.net/ Name: cSyncDp14v4
Value: 1724597246
.dsp.mpartner.digital/ Name: dmp
Value: GVqRojQQDwAcwEaHYoMXtWNfZhGeddqy
.tns-counter.ru/ Name: guid
Value: F837651366CB43FEX1724597246
.targetads.io/ Name: _TADUID
Value: 2139603669834405385
kimberlite.io/ Name: u
Value: ZstD_ge-QyQ~Wei6Rq1TQouVTlensA3XFRw_Ow8
.ssp-rtb.sape.ru/ Name: sspuid
Value: CkIDK2bLQ/8ZOAa8VVpUAhLletZ9Dv+0x2OUo14os1mQBPFX
.yandex.ru/ Name: bh
Value: EkEiQ2hyb21pdW0iO3Y9IjEyOCIsICJOb3Q7QT1CcmFuZCI7dj0iMjQiLCAiR29vZ2xlIENocm9tZSI7dj0iMTI4IioCPzA6ByJMaW51eCJg/4ettgY=
.mts.ru/ Name: dspid
Value: e24fb522-c832-4d20-a2b8-a62428cf5f6d
.mts.ru/ Name: reset_cookie
Value: 1
.bumlam.com/ Name: suuid3
Value: IiRmMmJlZDYzOC02MmYwLTExZWYtOWI3Yi0wMDI1OTBjODI0MzY*
.adhigh.net/ Name: gi_u
Value: ueEk9hyzr32q.AikABlGRigGegg
.uuidksinc.net/ Name: jcsuuid
Value: gtbJpc1Dd2UxZblGBFnB
.yandex.ru/ Name: yabs-dsp
Value: mts_banner.Ri1QTzJVUjRSRS1ickZuakR1d21sQQ==
shopnetic.com/ Name: shuniq
Value: OiLDSGyYgbesplhCJqeJ4LFxrCY
.otm-r.com/ Name: mpid
Value: NjZjYjQzZmYwNzM0MWFhNA==
.adhigh.net/ Name: yandexssp_sync
Value: L7tQ
.upravel.com/ Name: session_tptc
Value: 1724597247938
.rutarget.ru/ Name: userId
Value: iBZ0GZ5B-Fhy
sync.gonet-ads.com/ Name: chk
Value: 1
.upravel.com/ Name: user_id
Value: fba2703c-6031-44a1-ab90-2a50d389ce92
.gonet-ads.com/ Name: pid
Value: ZGYwNDE3YjM1NTNkNTJk
sync.dsp.solta.io/ Name: chk
Value: 1
.dsp.solta.io/ Name: pid
Value: MjIwMWZjNjE1NGE1YzUxYw
.adx.opera.com/ Name: UID
Value: OPUec0dd71ea29748e1a392ce2f0221a9ad
.rtbwave.com/ Name: UID
Value: OPU3f91505391f64a2e8fddd88a5fd7e6af
.demdex.net/ Name: demdex
Value: 31875872939724814460655363976845821499
.dpm.demdex.net/ Name: dpm
Value: 31875872939724814460655363976845821499
.ymmobi.com/ Name: ym_user_cookie
Value: ym_user_a13053c0-9147-461a-9367-02c61fac7e3f
.goo.su/ Name: t3_sid_6673155
Value: s1.148776142.1724597244214.1724597249216.1.3

4 Console Messages

Source Level URL
Text
network error URL: https://goo.su/DBuFfbH
Message:
Failed to load resource: the server responded with a status of 404 ()
javascript info URL: https://privacy-cs.mail.ru/static/sync-loader.js(Line 4)
Message:
WebGPU is experimental on this platform. See https://github.com/gpuweb/gpuweb/wiki/Implementation-Status#implementation-status
rendering warning URL: https://privacy-cs.mail.ru/static/sync-loader.js(Line 4)
Message:
Failed to create WebGPU Context Provider
other warning URL: https://privacy-cs.mail.ru/static/sync-loader.js(Line 4)
Message:
Failed to parse video contentType: video/ogg; codecs=theora

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

abtfliping.top
an.yandex.ru
avatars.mds.yandex.net
costivecohorts.top
counter.yadro.ru
enduresopens.com
favicon.yandex.net
fonts.googleapis.com
fonts.gstatic.com
goo.su
kraken.rambler.ru
mc.yandex.com
mc.yandex.ru
naggersanimism.shop
pequotpatrick.click
privacy-cs.mail.ru
region1.google-analytics.com
st.top100.ru
top-fwz1.mail.ru
www.google-analytics.com
www.googletagmanager.com
yandex.ru
yastatic.net
142.250.185.168
142.250.185.78
142.250.186.138
151.236.71.248
162.19.19.15
172.217.18.3
172.67.139.105
178.154.131.215
212.117.187.132
213.180.193.90
213.180.204.36
216.239.34.36
23.109.170.151
23.109.170.254
23.109.170.99
77.88.21.119
77.88.44.55
81.19.89.16
87.250.247.183
87.250.251.119
88.212.201.204
95.163.52.67
95.163.52.89
0205dea54323389460083423266b1b1194f916ad4e43101edace6a1090c94088
033696b7f1ac04d1dcc102be84550e146236ceffc25a6cabc12aa51a6ee410b9
0e7e3045519beaff2095d4a64b8dfb1b581013eb5b8f4b3549983c69abe7139b
0f3d990cfe6ec119d1217b7f3222e92f6af26f13f99ccbcb911d3ac816e86b03
24e480e4659fbae818853a38f8a3036f529f539024dc3e772c0b594ce02ea9db
34806ef573086241dd1a596a860b0295b51c24f1c37eab36eb9d0665683abb55
4286c3fed7075e00cbd2b574690e9878d945e42ba92bac2b3464c1a943c2d3c2
545f5176eb0e13e348acf71b877ea3885184dceb6af69d82df9fb11e38ca2867
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
63a28bdaf25a41f47a8735d7162a7a963d66c09c6dc12746418755d26ae45714
68f1023de7d44cb55dd7f588e018744c13f6c36b547bc3fca299a8edf5182d38
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
77f1727c4c5c9878aed1f587f19ffab7937f1c608a45da5209e742b1a8ecf450
7b18c4fa25aa0a3d266d70e170abda60935e9ac6bb075b348d0d2e59b41e42b0
7b94a4c3d30806e5769578710ee5d4aa7a144461db0b2fb70af4ea07d6af727b
7f4a0f4b45b8c93a7662873d02abba721a6652e35e2c9514df49011fb689076c
87132c2f44de32c789fbc4fc5db1b54a9aabaa77850d1868ba8278549a42f10f
87b4a535375c32f2e333b36e67a33bf31f899c30c2368d1bd3d12087373c60ba
906ba575d49e69247302ffde55cba2cc9d2faf4256af49f1de095ef919af1b72
923963e0a56b84c4438f2359121e855e147a01a78a2591c471179cfc9bf0e784
92a5109fd67db734df2a9885732953ca107f85490bc4cdb6ff440111cf80318b
ab535a911215b95d5c4be7dc2858f6f2cdbfaa716f0395759092bd4d768485cb
aebbb27fb7d3840af040744c4f7e8993aea81b7a09f779adafbb50d3b4256abc
b10271d9a46b40593d3e6e877321a789cbec48cf079d4a6a9531ad6d6fc61f5b
be4e7ce02d257caf1ff10dbae4173fa4a6a065d97181c23b9681339aee1ae280
be7503945128c584384ef7213b187c5e3eb1d46b3022a6d0ac891ad9d7b49d54
c96c188f2d93cf02b4010089eef7f2b1047ffdaaa9bc63fdd4ceb3eb2f01beb8
dc1015691051956e4164d1057b8d89e8b5b8b254dd479bb2d49f02eeb1311afa
dca271e5c10ab729dbf7e10ccb7c82ba4b87625a821dd4bd640279b6807f2033
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
dfbf000d76574d9707b2aa750760dad91d275dbc61e2d2c1df2ae4c8d8a6ec16
e10cd8d343f9c37e3500c69d92f7ac7e78b6c7df29a2ace8cffe71bfa494e8c9
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ec698b3dadb2c6873c3bb301bc7a1be59edb0375bd1bacb1e86f61f7fb68d52d
f0b3ce39e493cb8781af5fc0c441cdb8d11f33fcad41cf86943e4d0c8df18b51
fda0897f4cdbbab911245c9ebaa4885f54a7e572b8c9b071dc976d1d27cab1a6