URL: https://goo.su/KUrs34
Submission Tags: @phish_report
Submission: On January 06 via api from FI — Scanned from FI

Summary

This website contacted 21 IPs in 4 countries across 17 domains to perform 50 HTTP transactions. The main IP is 172.67.139.105, located in United States and belongs to CLOUDFLARENET, US. The main domain is goo.su. The Cisco Umbrella rank of the primary domain is 568797.
TLS certificate: Issued by WE1 on November 23rd 2024. Valid for: 3 months.
This is the only time goo.su was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
3 172.67.139.105 13335 (CLOUDFLAR...)
2 216.58.206.42 15169 (GOOGLE)
1 5.200.15.240 49544 (i3Dnet i3...)
3 172.255.103.105 7979 (SERVERS-COM)
2 142.250.185.131 15169 (GOOGLE)
1 213.180.204.90 13238 (YANDEX YA...)
2 142.250.185.163 15169 (GOOGLE)
4 95.163.52.67 47764 (VK-AS LLC VK)
1 2 88.212.202.52 39134 (UNITEDNET...)
1 151.236.71.248 204720 (CDNetwork...)
2 23.109.170.167 7979 (SERVERS-COM)
2 23.109.170.101 7979 (SERVERS-COM)
2 31.204.132.207 49544 (i3Dnet i3...)
7 178.154.131.215 13238 (YANDEX YA...)
3 77.88.44.55 13238 (YANDEX YA...)
2 2 172.255.103.103 7979 (SERVERS-COM)
2 162.19.19.15 16276 (OVH OVH SAS)
4 95.163.52.89 47764 (VK-AS LLC VK)
3 8 77.88.21.119 13238 (YANDEX YA...)
2 81.19.89.17 24638 (RAMBLER-T...)
1 87.250.251.119 13238 (YANDEX YA...)
50 21
Apex Domain
Subdomains
Transfer
8 mail.ru
top-fwz1.mail.ru — Cisco Umbrella Rank: 12299
privacy-cs.mail.ru — Cisco Umbrella Rank: 19161
65 KB
7 yandex.com
mc.yandex.com — Cisco Umbrella Rank: 9443
3 KB
7 yastatic.net
yastatic.net — Cisco Umbrella Rank: 7444
200 KB
6 yandex.ru
an.yandex.ru — Cisco Umbrella Rank: 2611
yandex.ru — Cisco Umbrella Rank: 1488
mc.yandex.ru — Cisco Umbrella Rank: 4577
166 KB
4 gstatic.com
www.gstatic.com
fonts.gstatic.com
68 KB
3 enduresopens.com
enduresopens.com
47 KB
3 goo.su
goo.su — Cisco Umbrella Rank: 568797
46 KB
2 rambler.ru
kraken.rambler.ru — Cisco Umbrella Rank: 50537
2 KB
2 reshowsvole.shop
reshowsvole.shop
282 KB
2 beckieintrate.top
yc.beckieintrate.top
3 KB
2 pushdom.co
rtb.pushdom.co — Cisco Umbrella Rank: 366479
143 B
2 hellerraucous.top
hellerraucous.top
2 KB
2 captorbaryton.com
captorbaryton.com — Cisco Umbrella Rank: 35176
665 B
2 yadro.ru
counter.yadro.ru — Cisco Umbrella Rank: 15372
1 KB
2 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 29
3 KB
1 top100.ru
st.top100.ru — Cisco Umbrella Rank: 63217
40 KB
1 richinfo.co
richinfo.co — Cisco Umbrella Rank: 249617
35 KB
50 17
Domain Requested by
7 mc.yandex.com 2 redirects goo.su
mc.yandex.ru
7 yastatic.net an.yandex.ru
4 privacy-cs.mail.ru top-fwz1.mail.ru
privacy-cs.mail.ru
4 top-fwz1.mail.ru goo.su
top-fwz1.mail.ru
3 yandex.ru an.yandex.ru
privacy-cs.mail.ru
3 enduresopens.com goo.su
enduresopens.com
3 goo.su goo.su
2 kraken.rambler.ru goo.su
2 mc.yandex.ru 1 redirects an.yandex.ru
2 reshowsvole.shop goo.su
2 yc.beckieintrate.top 2 redirects
2 rtb.pushdom.co goo.su
2 hellerraucous.top enduresopens.com
2 captorbaryton.com enduresopens.com
2 counter.yadro.ru 1 redirects goo.su
2 fonts.gstatic.com fonts.googleapis.com
2 www.gstatic.com goo.su
2 fonts.googleapis.com goo.su
1 st.top100.ru goo.su
1 an.yandex.ru goo.su
1 richinfo.co goo.su
50 21

This site contains links to these domains. Also see Links.

Domain
www.liveinternet.ru
top100.rambler.ru
Subject Issuer Validity Valid
goo.su
WE1
2024-11-23 -
2025-02-21
3 months crt.sh
upload.video.google.com
WR2
2024-12-02 -
2025-02-24
3 months crt.sh
richinfo.co
R10
2024-12-10 -
2025-03-10
3 months crt.sh
enduresopens.com
R10
2024-12-20 -
2025-03-20
3 months crt.sh
*.gstatic.com
WR2
2024-12-02 -
2025-02-24
3 months crt.sh
bs.yandex.ru
GlobalSign ECC OV SSL CA 2018
2024-08-27 -
2025-02-25
6 months crt.sh
*.mail.ru
GlobalSign ECC OV SSL CA 2018
2024-10-21 -
2025-11-22
a year crt.sh
*.top100.ru
GlobalSign GCC R3 DV TLS CA 2020
2024-02-14 -
2025-03-17
a year crt.sh
captorbaryton.com
R11
2024-12-27 -
2025-03-27
3 months crt.sh
hellerraucous.top
ZeroSSL RSA Domain Secure Site CA
2024-12-27 -
2025-03-27
3 months crt.sh
rtb.pushdom.co
R11
2024-11-29 -
2025-02-27
3 months crt.sh
*.yastatic-net.ru
GlobalSign ECC OV SSL CA 2018
2024-10-25 -
2025-04-24
6 months crt.sh
*.xn--d1acpjx3f.xn--p1ai
GlobalSign ECC OV SSL CA 2018
2024-12-04 -
2025-06-03
6 months crt.sh
mc.yandex.ru
GlobalSign ECC OV SSL CA 2018
2024-10-20 -
2025-04-01
5 months crt.sh
*.rambler.ru
GlobalSign GCC R3 DV TLS CA 2020
2024-05-02 -
2025-06-03
a year crt.sh

This page contains 3 frames:

Primary Page: https://goo.su/KUrs34
Frame ID: AB44DF24F65C49064BEDFDA43B6D9D9B
Requests: 45 HTTP requests in this frame

Frame: https://reshowsvole.shop/g/33/2c/332cb477b2c0128d2396c436377d8cd631ef8eda.jpeg
Frame ID: B31E3F76789EC60AB5538E069561CA9A
Requests: 2 HTTP requests in this frame

Frame: https://mc.yandex.com/metrika/metrika_match.html
Frame ID: AF86DA08269CC1AA05A7BDD012FB810C
Requests: 1 HTTP requests in this frame

Screenshot

Page Title

Redirecting

Detected technologies

Overall confidence: 100%
Detected patterns
  • /firebasejs/([\d.]+)/firebase

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Overall confidence: 100%
Detected patterns
  • https?://an\.yandex\.ru/

Overall confidence: 100%
Detected patterns
  • mc\.yandex\.ru/metrika/(?:tag|watch)\.js

Page Statistics

50
Requests

90 %
HTTPS

0 %
IPv6

17
Domains

21
Subdomains

21
IPs

4
Countries

958 kB
Transfer

2510 kB
Size

39
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 13
  • https://counter.yadro.ru/hit?t44.11;r;s1600*1200*24;uhttps%3A//goo.su/KUrs34;hRedirecting;0.22013524541094243 HTTP 302
  • https://counter.yadro.ru/hit?q;t44.11;r;s1600*1200*24;uhttps%3A//goo.su/KUrs34;hRedirecting;0.22013524541094243
Request Chain 31
  • https://yc.beckieintrate.top/tsk/HQxu7sG9wHbtJALJKxw*af3LWNZYa1MxnXkldAzErUp3wh_9wcvDpVzOy0aHptv5bUBA6b9*Zy47QQC0hA1lpsF7qooiXj93ZaPxWYVynJ8 HTTP 302
  • https://reshowsvole.shop/g/33/2c/332cb477b2c0128d2396c436377d8cd631ef8eda.jpeg
Request Chain 32
  • https://yc.beckieintrate.top/tsk/HQxu7sG9wHbtJALJKxw*aejzlb1u2hNGTPlpMhogrPVJCPoKsBhnzyE5E2CTCMwINuvxG3ZliWF5EhKGDh7DAkIyFXc3He6xmrww8wlVRs4 HTTP 302
  • https://reshowsvole.shop/g/99/7b/997bc0c7d7a9e576cb1fe0c6243fda1743a563aa.jpeg
Request Chain 40
  • https://mc.yandex.com/sync_cookie_image_check HTTP 302
  • https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=10611.Aq5_MgYnD_bysgCMRwCg_5yIep_mModDDn1UXy5GxPwlgn27enS4qjLX0k4lEWq0.0lF89jGpo7rDyw98pgUBbksN9sw%2C HTTP 302
  • https://mc.yandex.com/sync_cookie_image_decide?token=10611.fl2eJ7udiyGcvXzHzMm2Xxeu6Gt_uYfSsTfSzHAYQ3hmbS9rpdUsmnxQohxvQD7RgXDfbd8MVcrnBqmfDz0SKfelCgE1YayRwwSaZeA0v8g0Gv0_8NH8os51PlFmdmR1UvNT8q5gOI6kVJdNhuHb_iJXH2CK8RrcKJsXxhrDGvawvOW76hHNrEOcQc-a9rlDBSbWEis7QNF9wZbfJDbfAw3t9dt6VV1gCm_2avrujVU%2C.ly9Lq2OB-m9dNWn1GsJO9V0FZjY%2C
Request Chain 45
  • https://mc.yandex.com/watch/1677322?wmode=7&page-url=https%3A%2F%2Fgoo.su%2FKUrs34&nohit=1&charset=utf-8&cnt-class=1&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3Afqngs4ku2psd4e9m0lq0o0a6g7v%3Afu%3A0%3Aen%3Autf-8%3Ala%3Afi-FI%3Av%3A1551%3Acn%3A1%3Adp%3A0%3Als%3A450782897419%3Ahid%3A198549627%3Az%3A120%3Ai%3A20250107013932%3Aet%3A1736206772%3Ac%3A1%3Arn%3A241062570%3Au%3A1736206772647305997%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Aco%3A0%3Acpf%3A1%3Ans%3A1736206766963%3Arqnl%3A1%3Ast%3A1736206774%3At%3ARedirecting&t=clc(0-0-0)aw(1)rcm(1)cdl(na)eco(565312)ti(1) HTTP 302
  • https://mc.yandex.com/watch/1677322/1?wmode=7&page-url=https%3A%2F%2Fgoo.su%2FKUrs34&nohit=1&charset=utf-8&cnt-class=1&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3Afqngs4ku2psd4e9m0lq0o0a6g7v%3Afu%3A0%3Aen%3Autf-8%3Ala%3Afi-FI%3Av%3A1551%3Acn%3A1%3Adp%3A0%3Als%3A450782897419%3Ahid%3A198549627%3Az%3A120%3Ai%3A20250107013932%3Aet%3A1736206772%3Ac%3A1%3Arn%3A241062570%3Au%3A1736206772647305997%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Aco%3A0%3Acpf%3A1%3Ans%3A1736206766963%3Arqnl%3A1%3Ast%3A1736206774%3At%3ARedirecting&t=clc%280-0-0%29aw%281%29rcm%281%29cdl%28na%29eco%28565312%29ti%281%29

50 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request KUrs34
goo.su/
21 KB
11 KB
Document
General
Full URL
https://goo.su/KUrs34
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
172.67.139.105 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/8.2.13
Resource Hash
8b02c4db7b51bd658027ebf5e05cfc9e5c9dfe9bc4a9bd0c5840488f8a2015aa

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
private, must-revalidate
cf-cache-status
DYNAMIC
cf-ray
8fdf8c2929957122-TLL
content-encoding
zstd
content-type
text/html; charset=UTF-8
date
Mon, 06 Jan 2025 23:39:27 GMT
expires
-1
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=pmk%2Bvcd8vzEqOYABtj3AU10KEdi%2BZxFf%2F%2Bm64okq4Z%2Fn6MRyFH95ALghZq%2B5%2B4SIuFCGiHUNn7ugxMx4aqiyllz9%2FjOoWYCWaZEHWlrkoDuDHPUn4MsvUKQ%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
server-timing
cfL4;desc="?proto=TCP&rtt=25557&min_rtt=20665&rtt_var=13086&sent=9&recv=9&lost=0&retrans=0&sent_bytes=3384&recv_bytes=2423&delivery_rate=150489&cwnd=255&unsent_bytes=0&cid=fbaac1c16eb8f5fb&ts=260&x=0"
vary
Accept-Encoding
x-powered-by
PHP/8.2.13
css
fonts.googleapis.com/
6 KB
2 KB
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Open%20Sans:400&display=swap
Requested by
Host: goo.su
URL: https://goo.su/KUrs34
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.206.42 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lhr35s10-in-f10.1e100.net
Software
ESF /
Resource Hash
719d2fc548145fa8d8361205f6fcb49eefc54c71fbb18e6320a60a263f40637a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://goo.su/

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Mon, 06 Jan 2025 23:39:28 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 06 Jan 2025 23:39:28 GMT
content-type
text/css; charset=utf-8
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified
Mon, 06 Jan 2025 23:02:42 GMT
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
x-xss-protection
0
server
ESF
css
fonts.googleapis.com/
2 KB
706 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Roboto:400&display=swap
Requested by
Host: goo.su
URL: https://goo.su/KUrs34
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.206.42 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lhr35s10-in-f10.1e100.net
Software
ESF /
Resource Hash
23428c6301061ebb006b127c5841235122a23672f0041d08a9518520795a1bde
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://goo.su/

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Mon, 06 Jan 2025 23:39:28 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 06 Jan 2025 23:39:28 GMT
content-type
text/css; charset=utf-8
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified
Mon, 06 Jan 2025 23:00:45 GMT
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
x-xss-protection
0
server
ESF
rp-cl-ob.js
richinfo.co/richpartners/push/js/
93 KB
35 KB
Script
General
Full URL
https://richinfo.co/richpartners/push/js/rp-cl-ob.js?pubid=883146&siteid=330256&niche=33
Requested by
Host: goo.su
URL: https://goo.su/KUrs34
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
5.200.15.240 Rotterdam, Netherlands, ASN49544 (i3Dnet i3D.net B.V, NL),
Reverse DNS
Software
openresty/1.21.4.1 /
Resource Hash
1083e15f17276402d259f207d321498179dac9996221d7945ac21055bb7bf2f4

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://goo.su
Referer
https://goo.su/

Response headers

x-amz-id-2
IhqDaeFl3tucLeKnfg5VS2UoVMmWgU/EsIJYWwmOu0PVYpzA5TyLp7E9a1xVSbXslrW3ptCOG5w=
content-encoding
gzip
etag
W/"4eb2c767f3bc7992a918be3558d2a0a4"
access-control-allow-credentials
true
x-amz-request-id
WK34472ZY6BGKYE2
access-control-allow-origin
https://goo.su
date
Mon, 06 Jan 2025 23:39:28 GMT
content-type
application/x-javascript
last-modified
Thu, 26 Dec 2024 12:13:06 GMT
server
openresty/1.21.4.1
x-amz-server-side-encryption
AES256
69489
enduresopens.com/ttkXIvunodY/
127 KB
45 KB
Script
General
Full URL
https://enduresopens.com/ttkXIvunodY/69489
Requested by
Host: goo.su
URL: https://goo.su/KUrs34
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_CBC
Server
172.255.103.105 , Netherlands, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
nginx /
Resource Hash
1acf00991a891d83b575af94893541cf2fbcb1653e9aecef35df6bc118433e7c
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://goo.su/

Response headers

Access-Control-Max-Age
600
Content-Encoding
gzip
Access-Control-Allow-Methods
GET, POST, OPTIONS
X-Content-Type-Options
nosniff
Keep-Alive
timeout=20
Date
Mon, 06 Jan 2025 23:39:28 GMT
Content-Type
application/javascript; charset=utf-8
Vary
Accept-Encoding
X-Frame-Options
SAMEORIGIN
Transfer-Encoding
chunked
Strict-Transport-Security
max-age=1
Access-Control-Allow-Headers
content-type, megageocheckolololo, x-forwarded-for, x-requested-with, cache-control, pragma, expires
Accept-ch
sec-ch-ua-platform-version,sec-ch-ua-model,sec-ch-ua-full-version,sec-ch-ua-full-version-list
Connection
keep-alive
Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
https://goo.su
Server
nginx
redirect.js
goo.su/frontend/js/
86 KB
32 KB
Script
General
Full URL
https://goo.su/frontend/js/redirect.js?id=399eaf833ac5f607b305c4ace0c25eb5
Requested by
Host: goo.su
URL: https://goo.su/KUrs34
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
172.67.139.105 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9ac92dd22b771410a6944726d1ed1fd7a7faaf239c2d80eab0bc1233e6ce95d2

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://goo.su/KUrs34

Response headers

content-encoding
zstd
cf-cache-status
HIT
etag
W/"65896ec2-156eb"
age
331605
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=aqLuV%2FRJpJZVWJwOiaf8rSAFEyea1ZQOVYqLmRZfdmJzlpBaKAP%2F0yx4tZ5l16Y9KF%2BZEVu3loN7TFWty6FSKdtkWgJjgabx4EU26WZaaUcLv0ykRiyoJTw%3D"}],"group":"cf-nel","max_age":604800}
expires
Fri, 10 Jan 2025 03:32:43 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=TCP&rtt=25604&min_rtt=19880&rtt_var=9738&sent=20&recv=12&lost=0&retrans=0&sent_bytes=15196&recv_bytes=3152&delivery_rate=451612&cwnd=255&unsent_bytes=0&cid=fbaac1c16eb8f5fb&ts=879&x=0"
date
Mon, 06 Jan 2025 23:39:28 GMT
content-type
application/javascript
last-modified
Mon, 25 Dec 2023 12:00:02 GMT
vary
Accept-Encoding
cache-control
max-age=604800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8fdf8c2dada77122-TLL
server
cloudflare
truncated
/
5 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
52a8d3417ef880bed0286137f27374248962272a0872cbedae0e61dd38b1a5bd

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/png
truncated
/
2 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
c7a987be3cbd97bc18f5c4dac63af0993a04e647ee2504812471192f423e591d

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/svg+xml
firebase-app.js
www.gstatic.com/firebasejs/10.12.2/
99 KB
22 KB
Script
General
Full URL
https://www.gstatic.com/firebasejs/10.12.2/firebase-app.js
Requested by
Host: goo.su
URL: https://goo.su/KUrs34
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.131 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f3.1e100.net
Software
sffe /
Resource Hash
08b83f02859328aabb9acea9370d600ffe739d9e2c251b6668b6f6ff56a2e1d1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://goo.su
Referer
https://richinfo.co/

Response headers

content-encoding
gzip
age
461874
report-to
{"group":"firebase-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/firebase-js"}]}
x-content-type-options
nosniff
expires
Thu, 01 Jan 2026 15:21:34 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 01 Jan 2025 15:21:34 GMT
last-modified
Mon, 27 May 2024 17:13:52 GMT
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
cache-control
public, max-age=31536000
cross-origin-opener-policy
same-origin-allow-popups; report-to="firebase-js"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js
accept-ranges
bytes
access-control-allow-origin
*
content-length
22535
x-xss-protection
0
server
sffe
firebase-messaging.js
www.gstatic.com/firebasejs/10.12.2/
28 KB
9 KB
Script
General
Full URL
https://www.gstatic.com/firebasejs/10.12.2/firebase-messaging.js
Requested by
Host: goo.su
URL: https://goo.su/KUrs34
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.131 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f3.1e100.net
Software
sffe /
Resource Hash
c28064598de8d36d4f19bffbf443141ede3879ae7f59a3df2aafad3f92afe93c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://goo.su
Referer
https://richinfo.co/

Response headers

content-encoding
gzip
age
570625
report-to
{"group":"firebase-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/firebase-js"}]}
x-content-type-options
nosniff
expires
Wed, 31 Dec 2025 09:09:03 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 31 Dec 2024 09:09:03 GMT
last-modified
Mon, 27 May 2024 17:13:30 GMT
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
cache-control
public, max-age=31536000
cross-origin-opener-policy
same-origin-allow-popups; report-to="firebase-js"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js
accept-ranges
bytes
access-control-allow-origin
*
content-length
8646
x-xss-protection
0
server
sffe
context.js
an.yandex.ru/system/
375 KB
108 KB
Script
General
Full URL
https://an.yandex.ru/system/context.js
Requested by
Host: goo.su
URL: https://goo.su/KUrs34
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.180.204.90 , Russian Federation, ASN13238 (YANDEX YANDEX LLC, RU),
Reverse DNS
bs.yandex.ru
Software
/
Resource Hash
3bf1884744ea048b3d883b6d32a427b6f0f638abdb8dc203bfb24b75610e2cef
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://goo.su/

Response headers

strict-transport-security
max-age=31536000
x-robots-tag
noindex, noarchive, nofollow
x-yandex-req-id
1736206769317063-695790528728563217158867-production-app-host-vla-pcode-154
cache-control
private, max-age=3600
timing-allow-origin
*
content-encoding
br
etag
"e83545c5cf688bb50e11288e256b3c74-1183758"
expires
Tue, 07 Jan 2025 00:39:29 GMT
access-control-allow-origin
*
content-type
text/javascript; charset=utf-8
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v32/
18 KB
19 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v32/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.163 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f3.1e100.net
Software
sffe /
Resource Hash
89978e658e840b927dddb5cb3a835c7d8526ece79933bd9f3096b301fe1a8571
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://goo.su
Referer
https://fonts.googleapis.com/

Response headers

age
215961
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Sun, 04 Jan 2026 11:40:08 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sat, 04 Jan 2025 11:40:08 GMT
last-modified
Thu, 01 Aug 2024 20:41:24 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
18536
x-xss-protection
0
server
sffe
memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4gaVI.woff2
fonts.gstatic.com/s/opensans/v40/
18 KB
18 KB
Font
General
Full URL
https://fonts.gstatic.com/s/opensans/v40/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4gaVI.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open%20Sans:400&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.163 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f3.1e100.net
Software
sffe /
Resource Hash
e7af9d60d875eb1c1b1037bbbfdec41fcb096d0ebcf98a48717ad8b07906ced6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://goo.su
Referer
https://fonts.googleapis.com/

Response headers

age
570825
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Wed, 31 Dec 2025 09:05:44 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 31 Dec 2024 09:05:44 GMT
last-modified
Thu, 14 Dec 2023 02:00:39 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
18668
x-xss-protection
0
server
sffe
code.js
top-fwz1.mail.ru/js/
46 KB
20 KB
Script
General
Full URL
https://top-fwz1.mail.ru/js/code.js
Requested by
Host: goo.su
URL: https://goo.su/KUrs34
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
95.163.52.67 , Russian Federation, ASN47764 (VK-AS LLC VK, RU),
Reverse DNS
top-fwz1.mail.ru
Software
nginx /
Resource Hash
557f3d629cbf8c40716f4c9d7c0147dc3f904ab7bc90b75b43bdf46ff79aad51
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://goo.su/

Response headers

access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
content-encoding
gzip
etag
W/"66f68af3-b7eb"
access-control-allow-methods
GET, POST, HEAD, PUT, OPTIONS
x-content-type-options
nosniff
accept-ch-lifetime
86400
expires
Tue, 07 Jan 2025 00:39:30 GMT
p3p
CP="NOI DSP COR NID CUR PSA OUR NOR"
date
Mon, 06 Jan 2025 23:39:30 GMT
content-type
application/javascript
last-modified
Fri, 27 Sep 2024 10:37:39 GMT
access-control-allow-headers
*
cache-control
max-age=3600, private
timing-allow-origin
*
accept-ch
DPR, Width, Viewport-Width, Downlink, Device-Memory, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version
access-control-allow-credentials
true
amp-access-control-allow-source-origin
*
access-control-allow-origin
*
server
nginx
hit
counter.yadro.ru/
Redirect Chain
  • https://counter.yadro.ru/hit?t44.11;r;s1600*1200*24;uhttps%3A//goo.su/KUrs34;hRedirecting;0.22013524541094243
  • https://counter.yadro.ru/hit?q;t44.11;r;s1600*1200*24;uhttps%3A//goo.su/KUrs34;hRedirecting;0.22013524541094243
132 B
618 B
Image
General
Full URL
https://counter.yadro.ru/hit?q;t44.11;r;s1600*1200*24;uhttps%3A//goo.su/KUrs34;hRedirecting;0.22013524541094243
Requested by
Host: goo.su
URL: https://goo.su/KUrs34
Protocol
HTTP/1.1
Server
88.212.202.52 , Russian Federation, ASN39134 (UNITEDNET EDINAYA SET LIMITED LIABILITY COMPANY, RU),
Reverse DNS
host152.rax.ru
Software
nginx/1.17.9 /
Resource Hash
e10cd8d343f9c37e3500c69d92f7ac7e78b6c7df29a2ace8cffe71bfa494e8c9
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://goo.su/

Response headers

Strict-Transport-Security
max-age=86400
Cache-control
no-cache
Pragma
no-cache
Connection
keep-alive
Expires
Sun, 07 Jan 2024 21:00:00 GMT
Access-Control-Allow-Origin
*
Content-Length
132
P3P
policyref="/w3c/p3p.xml", CP="UNI"
Date
Mon, 06 Jan 2025 23:39:30 GMT
Content-Type
image/gif
Server
nginx/1.17.9

Redirect headers

Strict-Transport-Security
max-age=86400
Cache-control
no-cache
Location
https://counter.yadro.ru/hit?q;t44.11;r;s1600*1200*24;uhttps%3A//goo.su/KUrs34;hRedirecting;0.22013524541094243
Pragma
no-cache
Connection
keep-alive
Expires
Sun, 07 Jan 2024 21:00:00 GMT
Content-Length
32
P3P
policyref="/w3c/p3p.xml", CP="UNI"
Date
Mon, 06 Jan 2025 23:39:30 GMT
Content-Type
text/html
Server
nginx/1.17.9
top100.js
st.top100.ru/top100/
133 KB
40 KB
Script
General
Full URL
https://st.top100.ru/top100/top100.js
Requested by
Host: goo.su
URL: https://goo.su/KUrs34
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
151.236.71.248 Moscow, Russian Federation, ASN204720 (CDNetworks GLOBAL CLOUD NETWORK LLC, RU),
Reverse DNS
Software
nginx /
Resource Hash
cdc9f17e47e9bbe67f5eace6a2980bc26dda093b18798cf16f56636af8b14398

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://goo.su/

Response headers

x-amz-content-sha256
cdc9f17e47e9bbe67f5eace6a2980bc26dda093b18798cf16f56636af8b14398
x-amz-tagging-count
0
x-cdn-edge-id
2315
x-cdn-edge-cache
HIT
x-cdn-request-id
94e4251867ab2808344b61f1517348be
content-encoding
gzip
x-amz-meta-s3cmd-attrs
atime:1734617865/ctime:1734619546/gid:0/gname:root/md5:3078b8dd6174af394c940cc90f007709/mode:33188/mtime:1734617865/uid:0/uname:root
etag
W/"3078b8dd6174af394c940cc90f007709"
x-amz-request-id
000001943DAB7821A8C586F5CD2B966B
date
Mon, 06 Jan 2025 23:39:30 GMT
content-type
application/javascript
last-modified
Thu, 19 Dec 2024 14:45:48 GMT
server
nginx
x-reserved
amazon, aws and amazon web services are trademarks or registered trademarks of Amazon Technologies, Inc
x-amz-id-2
32AAAQAAEAABAAAQAAEAABAAAQAAEAABCSAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
/
captorbaryton.com/cuid/ Frame
0
0
Preflight
General
Full URL
https://captorbaryton.com/cuid/?f=https%3A%2F%2Fgoo.su
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_CBC
Server
23.109.170.167 , Netherlands, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://goo.su
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
content-type, megageocheckolololo, x-forwarded-for
Access-Control-Allow-Methods
GET, POST, OPTIONS
Access-Control-Allow-Origin
https://goo.su
Access-Control-Max-Age
600
Connection
keep-alive
Content-Length
0
Date
Mon, 06 Jan 2025 23:39:29 GMT
Keep-Alive
timeout=20
Server
nginx
Strict-Transport-Security
max-age=1
X-Content-Type-Options
nosniff
/
captorbaryton.com/cuid/
32 B
665 B
Fetch
General
Full URL
https://captorbaryton.com/cuid/?f=https%3A%2F%2Fgoo.su
Requested by
Host: enduresopens.com
URL: https://enduresopens.com/ttkXIvunodY/69489
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_CBC
Server
23.109.170.167 , Netherlands, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
nginx /
Resource Hash
fbdab044f47d62e0cd433e48dc314587a188268361fde3fa8aa1a93d04114944
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

Referer
https://goo.su/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Accept
application/json
Content-Type
application/json

Response headers

Strict-Transport-Security
max-age=1
Access-Control-Max-Age
600
Connection
keep-alive
Access-Control-Allow-Credentials
true
Access-Control-Allow-Methods
GET, POST, OPTIONS
X-Content-Type-Options
nosniff
Access-Control-Allow-Origin
https://goo.su
Content-Length
32
Keep-Alive
timeout=20
Date
Mon, 06 Jan 2025 23:39:30 GMT
Content-Type
application/json
Server
nginx
Access-Control-Allow-Headers
content-type, megageocheckolololo, x-forwarded-for
e*HriSvAEiRus11WNQBgVXRun4_Ijfj4*mvcmIl054NJ5HmQHOMdrqbjhQ15n1cR0jOO0y0JjacgqWeL4tOIZde5HKpkvvPiLmqdegbPsmkppgOIX0dxRifw6MWGuJ9ivbbwccxdd
hellerraucous.top/ Frame
0
0
Preflight
General
Full URL
https://hellerraucous.top/e*HriSvAEiRus11WNQBgVXRun4_Ijfj4*mvcmIl054NJ5HmQHOMdrqbjhQ15n1cR0jOO0y0JjacgqWeL4tOIZde5HKpkvvPiLmqdegbPsmkppgOIX0dxRifw6MWGuJ9ivbbwccxdd?ck9=eyJhIjo0MTM4LCJzIjoiMTYwMHgxMjAwIiwiYiI6IjE2MDB4MTIwMCIsInIiOiIiLCJxIjoiaHR0cHM6Ly9nb28uc3UvS1VyczM0IiwiaCI6MjgxOCwibCI6ImZpLUZJIiwidCI6LTEyMCwieiI6NDcyMiwiayI6MCwidSI6IiIsImYiOmZhbHNlLCJ3aCI6Im5vdCBpbiBpZnJhbWUiLCJpaCI6IjE2MDB4MTI4NSIsImUiOiJicDZsdTd3cTVzdGRjaWciLCJvIjp0cnVlLCJtIjoxNzM2MjA2NzY4OTE2LCJ3IjoiJTdCJTIydGl0bGUlMjIlM0ElMjJSZWRpcmVjdGluZyUyMiUyQyUyMmtleXdvcmRzJTIyJTNBJTVCJTVEJTJDJTIydG9wd29yZHMlMjIlM0ElNUIlMjJnb29zdSUzQTElMjIlMkMlMjJyZWRpcmVjdGluZyUzQTElMjIlMkMlMjJwbGVhc2UlM0ExJTIyJTJDJTIyd2FpdCUzQTElMjIlMkMlMjJhZHZlcnRpc2VyJTNBMSUyMiU1RCU3RCIsInRzIjowLCJwciI6MSwiZG0iOjgsImhjIjozMiwiYmwiOi0xLCJiYyI6MywidnYiOiJJbnRlbCBJbmMuIiwidnIiOiJJbnRlbCBJcmlzIE9wZW5HTCBFbmdpbmUiLCJhYyI6MCwiY3QiOiJ1bmtub3duIiwiY2V0IjoiM2ciLCJjZGxtIjotMSwiY2RsIjoxLjQ1LCJjcnR0IjozMDAsInRtcyI6MSwiY2UiOnRydWUsImNkIjoyNCwib3IiOiJsYW5kc2NhcGUtcHJpbWFyeSIsImZzIjpudWxsLCJmc28iOm51bGx9
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_CBC
Server
23.109.170.101 , Netherlands, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://goo.su
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

Accept-ch
sec-ch-ua-platform-version,sec-ch-ua-model,sec-ch-ua-full-version,sec-ch-ua-full-version-list
Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
content-type, megageocheckolololo, x-forwarded-for, x-requested-with, cache-control, pragma, expires
Access-Control-Allow-Methods
GET, POST, OPTIONS
Access-Control-Allow-Origin
https://goo.su
Access-Control-Max-Age
600
Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html; charset=UTF-8
Date
Mon, 06 Jan 2025 23:39:29 GMT
Keep-Alive
timeout=20
Server
nginx
Strict-Transport-Security
max-age=1
Transfer-Encoding
chunked
Vary
Accept-Encoding
X-Content-Type-Options
nosniff
e*HriSvAEiRus11WNQBgVXRun4_Ijfj4*mvcmIl054NJ5HmQHOMdrqbjhQ15n1cR0jOO0y0JjacgqWeL4tOIZde5HKpkvvPiLmqdegbPsmkppgOIX0dxRifw6MWGuJ9ivbbwccxdd
hellerraucous.top/
954 B
2 KB
Fetch
General
Full URL
https://hellerraucous.top/e*HriSvAEiRus11WNQBgVXRun4_Ijfj4*mvcmIl054NJ5HmQHOMdrqbjhQ15n1cR0jOO0y0JjacgqWeL4tOIZde5HKpkvvPiLmqdegbPsmkppgOIX0dxRifw6MWGuJ9ivbbwccxdd?ck9=eyJhIjo0MTM4LCJzIjoiMTYwMHgxMjAwIiwiYiI6IjE2MDB4MTIwMCIsInIiOiIiLCJxIjoiaHR0cHM6Ly9nb28uc3UvS1VyczM0IiwiaCI6MjgxOCwibCI6ImZpLUZJIiwidCI6LTEyMCwieiI6NDcyMiwiayI6MCwidSI6IiIsImYiOmZhbHNlLCJ3aCI6Im5vdCBpbiBpZnJhbWUiLCJpaCI6IjE2MDB4MTI4NSIsImUiOiJicDZsdTd3cTVzdGRjaWciLCJvIjp0cnVlLCJtIjoxNzM2MjA2NzY4OTE2LCJ3IjoiJTdCJTIydGl0bGUlMjIlM0ElMjJSZWRpcmVjdGluZyUyMiUyQyUyMmtleXdvcmRzJTIyJTNBJTVCJTVEJTJDJTIydG9wd29yZHMlMjIlM0ElNUIlMjJnb29zdSUzQTElMjIlMkMlMjJyZWRpcmVjdGluZyUzQTElMjIlMkMlMjJwbGVhc2UlM0ExJTIyJTJDJTIyd2FpdCUzQTElMjIlMkMlMjJhZHZlcnRpc2VyJTNBMSUyMiU1RCU3RCIsInRzIjowLCJwciI6MSwiZG0iOjgsImhjIjozMiwiYmwiOi0xLCJiYyI6MywidnYiOiJJbnRlbCBJbmMuIiwidnIiOiJJbnRlbCBJcmlzIE9wZW5HTCBFbmdpbmUiLCJhYyI6MCwiY3QiOiJ1bmtub3duIiwiY2V0IjoiM2ciLCJjZGxtIjotMSwiY2RsIjoxLjQ1LCJjcnR0IjozMDAsInRtcyI6MSwiY2UiOnRydWUsImNkIjoyNCwib3IiOiJsYW5kc2NhcGUtcHJpbWFyeSIsImZzIjpudWxsLCJmc28iOm51bGx9
Requested by
Host: enduresopens.com
URL: https://enduresopens.com/ttkXIvunodY/69489
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_CBC
Server
23.109.170.101 , Netherlands, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
nginx /
Resource Hash
ef998bdd10867e538748dc0e21ff46fb06756d6414a78c3273b5a4d4d958255e
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

Referer
https://goo.su/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Accept
application/json
Content-Type
application/json

Response headers

Access-Control-Max-Age
600
Content-Encoding
gzip
Access-Control-Allow-Methods
GET, POST, OPTIONS
X-Content-Type-Options
nosniff
Keep-Alive
timeout=20
Date
Mon, 06 Jan 2025 23:39:30 GMT
Content-Type
application/json
Vary
Accept-Encoding
Access-Control-Allow-Headers
content-type, megageocheckolololo, x-forwarded-for, x-requested-with, cache-control, pragma, expires
Transfer-Encoding
chunked
Strict-Transport-Security
max-age=1
Accept-ch
sec-ch-ua-platform-version,sec-ch-ua-model,sec-ch-ua-full-version,sec-ch-ua-full-version-list
Connection
keep-alive
Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
https://goo.su
Server
nginx
69489
enduresopens.com/tsf/ Frame
0
0
Preflight
General
Full URL
https://enduresopens.com/tsf/69489?md=eyJ6Ijo1MjQyLCJhIjozODA5LCJzIjoiMTYwMHgxMjAwIiwiYiI6IjE2MDB4MTIwMCIsInIiOiIiLCJxIjoiaHR0cHM6Ly9nb28uc3UvS1VyczM0IiwiaCI6NTQ1MSwibCI6ImZpLUZJIiwidCI6LTEyMCwiayI6MCwidSI6IiIsImYiOmZhbHNlLCJ3aCI6Im5vdCBpbiBpZnJhbWUiLCJpaCI6IjE2MDB4MTI4NSIsImUiOiJpNjlkYTRrdGJxZmcxMHAiLCJvIjp0cnVlLCJtIjoxNzM2MjA2NzY4OTQwLCJ3IjoiJTdCJTIydGl0bGUlMjIlM0ElMjJSZWRpcmVjdGluZyUyMiUyQyUyMmtleXdvcmRzJTIyJTNBJTVCJTVEJTJDJTIydG9wd29yZHMlMjIlM0ElNUIlMjJnb29zdSUzQTElMjIlMkMlMjJyZWRpcmVjdGluZyUzQTElMjIlMkMlMjJwbGVhc2UlM0ExJTIyJTJDJTIyd2FpdCUzQTElMjIlNUQlN0QiLCJ0cyI6MCwicHIiOjEsImRtIjo4LCJoYyI6MzIsImJsIjoxLCJiYyI6MiwidnYiOiJJbnRlbCBJbmMuIiwidnIiOiJJbnRlbCBJcmlzIE9wZW5HTCBFbmdpbmUiLCJhYyI6MCwiY3QiOiJ1bmtub3duIiwiY2V0IjoiM2ciLCJjZGxtIjotMSwiY2RsIjoxLjQ1LCJjcnR0IjozMDAsInRtcyI6MSwiY2UiOnRydWUsImNkIjoyNCwib3IiOiJsYW5kc2NhcGUtcHJpbWFyeSIsImZzIjpudWxsLCJmc28iOm51bGx9
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_CBC
Server
172.255.103.105 , Netherlands, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://goo.su
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

Accept-ch
sec-ch-ua-platform-version,sec-ch-ua-model,sec-ch-ua-full-version,sec-ch-ua-full-version-list
Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
content-type, megageocheckolololo, x-forwarded-for, x-requested-with, cache-control, pragma, expires
Access-Control-Allow-Methods
GET, POST, OPTIONS
Access-Control-Allow-Origin
https://goo.su
Access-Control-Max-Age
600
Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html; charset=UTF-8
Date
Mon, 06 Jan 2025 23:39:29 GMT
Keep-Alive
timeout=20
Server
nginx
Strict-Transport-Security
max-age=1
Transfer-Encoding
chunked
Vary
Accept-Encoding
X-Content-Type-Options
nosniff
69489
enduresopens.com/tsf/
2 KB
2 KB
Fetch
General
Full URL
https://enduresopens.com/tsf/69489?md=eyJ6Ijo1MjQyLCJhIjozODA5LCJzIjoiMTYwMHgxMjAwIiwiYiI6IjE2MDB4MTIwMCIsInIiOiIiLCJxIjoiaHR0cHM6Ly9nb28uc3UvS1VyczM0IiwiaCI6NTQ1MSwibCI6ImZpLUZJIiwidCI6LTEyMCwiayI6MCwidSI6IiIsImYiOmZhbHNlLCJ3aCI6Im5vdCBpbiBpZnJhbWUiLCJpaCI6IjE2MDB4MTI4NSIsImUiOiJpNjlkYTRrdGJxZmcxMHAiLCJvIjp0cnVlLCJtIjoxNzM2MjA2NzY4OTQwLCJ3IjoiJTdCJTIydGl0bGUlMjIlM0ElMjJSZWRpcmVjdGluZyUyMiUyQyUyMmtleXdvcmRzJTIyJTNBJTVCJTVEJTJDJTIydG9wd29yZHMlMjIlM0ElNUIlMjJnb29zdSUzQTElMjIlMkMlMjJyZWRpcmVjdGluZyUzQTElMjIlMkMlMjJwbGVhc2UlM0ExJTIyJTJDJTIyd2FpdCUzQTElMjIlNUQlN0QiLCJ0cyI6MCwicHIiOjEsImRtIjo4LCJoYyI6MzIsImJsIjoxLCJiYyI6MiwidnYiOiJJbnRlbCBJbmMuIiwidnIiOiJJbnRlbCBJcmlzIE9wZW5HTCBFbmdpbmUiLCJhYyI6MCwiY3QiOiJ1bmtub3duIiwiY2V0IjoiM2ciLCJjZGxtIjotMSwiY2RsIjoxLjQ1LCJjcnR0IjozMDAsInRtcyI6MSwiY2UiOnRydWUsImNkIjoyNCwib3IiOiJsYW5kc2NhcGUtcHJpbWFyeSIsImZzIjpudWxsLCJmc28iOm51bGx9
Requested by
Host: enduresopens.com
URL: https://enduresopens.com/ttkXIvunodY/69489
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_CBC
Server
172.255.103.105 , Netherlands, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
nginx /
Resource Hash
9c9f8b92b3df03f1d2e8a9a5f1538ec70feaf60db86eb57b7e223ce1be93dbff
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

Referer
https://goo.su/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Accept
application/json
Content-Type
application/json

Response headers

Access-Control-Max-Age
600
Content-Encoding
gzip
Access-Control-Allow-Methods
GET, POST, OPTIONS
X-Content-Type-Options
nosniff
Keep-Alive
timeout=20
Date
Mon, 06 Jan 2025 23:39:29 GMT
Content-Type
application/javascript; charset=utf-8
Vary
Accept-Encoding
Access-Control-Allow-Headers
content-type, megageocheckolololo, x-forwarded-for, x-requested-with, cache-control, pragma, expires
Transfer-Encoding
chunked
Strict-Transport-Security
max-age=1
Accept-ch
sec-ch-ua-platform-version,sec-ch-ua-model,sec-ch-ua-full-version,sec-ch-ua-full-version-list
Connection
keep-alive
Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
https://goo.su
Server
nginx
st
rtb.pushdom.co/pb/
0
72 B
Image
General
Full URL
https://rtb.pushdom.co/pb/st?sctp=content-locker&m=ht&pid=883146&sid=330256&dm=goo.su&c1=https&c2=1&c3=https://rtb.pushdom.co/pb/st
Requested by
Host: goo.su
URL: https://goo.su/KUrs34
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
31.204.132.207 Atlanta, United States, ASN49544 (i3Dnet i3D.net B.V, NL),
Reverse DNS
Software
openresty/1.21.4.1 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://goo.su/

Response headers

content-length
0
date
Mon, 06 Jan 2025 23:39:30 GMT
content-type
text/html;charset=UTF-8
server
openresty/1.21.4.1
st
rtb.pushdom.co/pb/
0
71 B
Image
General
Full URL
https://rtb.pushdom.co/pb/st?sctp=content-locker&m=si&pid=883146&sid=330256&dm=goo.su&c1=https&c2=1&c3=https://rtb.pushdom.co/pb/st
Requested by
Host: goo.su
URL: https://goo.su/KUrs34
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
31.204.132.207 Atlanta, United States, ASN49544 (i3Dnet i3D.net B.V, NL),
Reverse DNS
Software
openresty/1.21.4.1 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://goo.su/

Response headers

content-length
0
date
Mon, 06 Jan 2025 23:39:30 GMT
content-type
text/html;charset=UTF-8
server
openresty/1.21.4.1
text-variable-full.woff2
yastatic.net/s3/home/fonts/ys/3/
25 KB
26 KB
Font
General
Full URL
https://yastatic.net/s3/home/fonts/ys/3/text-variable-full.woff2
Requested by
Host: an.yandex.ru
URL: https://an.yandex.ru/system/context.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
178.154.131.215 , Russian Federation, ASN13238 (YANDEX YANDEX LLC, RU),
Reverse DNS
static.yandex.net
Software
nginx/1.17.9 /
Resource Hash
033696b7f1ac04d1dcc102be84550e146236ceffc25a6cabc12aa51a6ee410b9
Security Headers
Name Value
Strict-Transport-Security max-age=43200000; includeSubDomains;

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://goo.su
Referer
https://goo.su/

Response headers

etag
"7f0cdaf91230f9789ca4162aedff612e"
report-to
{ "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
expires
Wed, 07 Jan 2026 05:28:41 GMT
date
Mon, 06 Jan 2025 23:39:30 GMT
content-type
font/woff2
last-modified
Mon, 25 Apr 2022 14:02:39 GMT
vary
Accept-Encoding
strict-transport-security
max-age=43200000; includeSubDomains;
cache-control
public, max-age=31556952
nel
{"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
timing-allow-origin
*
x-amz-meta-owner
{"role":"admin","login":"4eb0da"}
x-nginx-request-id
218d0fe86a6f7db7
accept-ranges
bytes
access-control-allow-origin
*
content-length
26004
server
nginx/1.17.9
cc3eb7227602aea2a356.js
yastatic.net/partner-code-bundles/1183758/
20 KB
7 KB
Script
General
Full URL
https://yastatic.net/partner-code-bundles/1183758/cc3eb7227602aea2a356.js
Requested by
Host: an.yandex.ru
URL: https://an.yandex.ru/system/context.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
178.154.131.215 , Russian Federation, ASN13238 (YANDEX YANDEX LLC, RU),
Reverse DNS
static.yandex.net
Software
nginx/1.17.9 /
Resource Hash
0043f89180ccb535cc29be0ebcb83346e380b2e9f94078e1c5fdf598567831b2
Security Headers
Name Value
Strict-Transport-Security max-age=43200000; includeSubDomains;

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://goo.su
Referer
https://goo.su/

Response headers

x-robots-tag
noindex, noarchive, nofollow
content-encoding
br
etag
"1ea1abdc6b2ca5332bd9171ae9ac75d4"
report-to
{ "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
expires
Thu, 07 Jan 2055 06:14:02 GMT
date
Mon, 06 Jan 2025 23:39:30 GMT
content-type
text/javascript; charset=utf-8
last-modified
Wed, 25 Dec 2024 15:06:32 GMT
vary
Accept-Encoding
strict-transport-security
max-age=43200000; includeSubDomains;
cache-control
public, max-age=946708560
nel
{"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
timing-allow-origin
*
accept-ranges
bytes
access-control-allow-origin
*
content-length
6391
server
nginx/1.17.9
5956674fd0fdd7c45be0.js
yastatic.net/partner-code-bundles/1183758/
17 KB
6 KB
Script
General
Full URL
https://yastatic.net/partner-code-bundles/1183758/5956674fd0fdd7c45be0.js
Requested by
Host: an.yandex.ru
URL: https://an.yandex.ru/system/context.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
178.154.131.215 , Russian Federation, ASN13238 (YANDEX YANDEX LLC, RU),
Reverse DNS
static.yandex.net
Software
nginx/1.17.9 /
Resource Hash
fa8ce0f9f5d78718935551066be8ab1e59b330c14c95c5e0a876ccc3ab6e5391
Security Headers
Name Value
Strict-Transport-Security max-age=43200000; includeSubDomains;

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://goo.su
Referer
https://goo.su/

Response headers

x-robots-tag
noindex, noarchive, nofollow
content-encoding
br
etag
"456399b9c1ec47d1dbc61770ec223f7c"
report-to
{ "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
expires
Thu, 07 Jan 2055 06:14:02 GMT
date
Mon, 06 Jan 2025 23:39:30 GMT
content-type
text/javascript; charset=utf-8
last-modified
Wed, 25 Dec 2024 15:06:27 GMT
vary
Accept-Encoding
strict-transport-security
max-age=43200000; includeSubDomains;
cache-control
public, max-age=946708560
nel
{"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
timing-allow-origin
*
accept-ranges
bytes
access-control-allow-origin
*
content-length
5312
server
nginx/1.17.9
57bcfd9e2482bf6eab12.js
yastatic.net/partner-code-bundles/1183758/
24 KB
8 KB
Script
General
Full URL
https://yastatic.net/partner-code-bundles/1183758/57bcfd9e2482bf6eab12.js
Requested by
Host: an.yandex.ru
URL: https://an.yandex.ru/system/context.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
178.154.131.215 , Russian Federation, ASN13238 (YANDEX YANDEX LLC, RU),
Reverse DNS
static.yandex.net
Software
nginx/1.17.9 /
Resource Hash
80fc30ac502073424612abfe45f0db2859aa92ce62a411b63367a7a380fe95c0
Security Headers
Name Value
Strict-Transport-Security max-age=43200000; includeSubDomains;

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://goo.su
Referer
https://goo.su/

Response headers

x-robots-tag
noindex, noarchive, nofollow
content-encoding
br
etag
"f2e736a01ad7eff0b8295ee7196506bb"
report-to
{ "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
expires
Thu, 07 Jan 2055 06:14:02 GMT
date
Mon, 06 Jan 2025 23:39:30 GMT
content-type
text/javascript; charset=utf-8
last-modified
Wed, 25 Dec 2024 15:06:27 GMT
vary
Accept-Encoding
strict-transport-security
max-age=43200000; includeSubDomains;
cache-control
public, max-age=946708560
nel
{"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
timing-allow-origin
*
accept-ranges
bytes
access-control-allow-origin
*
content-length
7953
server
nginx/1.17.9
28c60da322306eea85f3.js
yastatic.net/partner-code-bundles/1183758/
616 KB
120 KB
Script
General
Full URL
https://yastatic.net/partner-code-bundles/1183758/28c60da322306eea85f3.js
Requested by
Host: an.yandex.ru
URL: https://an.yandex.ru/system/context.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
178.154.131.215 , Russian Federation, ASN13238 (YANDEX YANDEX LLC, RU),
Reverse DNS
static.yandex.net
Software
nginx/1.17.9 /
Resource Hash
950d3ea33a52e3b63868c32fe075b221b10ca5aa31a98b180d7182213c7b8ea1
Security Headers
Name Value
Strict-Transport-Security max-age=43200000; includeSubDomains;

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://goo.su
Referer
https://goo.su/

Response headers

x-robots-tag
noindex, noarchive, nofollow
content-encoding
br
etag
"ce8d6aaf666b3d56031852fe861f259c"
report-to
{ "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
expires
Thu, 07 Jan 2055 06:14:02 GMT
date
Mon, 06 Jan 2025 23:39:30 GMT
content-type
text/javascript; charset=utf-8
last-modified
Wed, 25 Dec 2024 15:06:26 GMT
vary
Accept-Encoding
strict-transport-security
max-age=43200000; includeSubDomains;
cache-control
public, max-age=946708560
nel
{"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
timing-allow-origin
*
accept-ranges
bytes
access-control-allow-origin
*
content-length
121976
server
nginx/1.17.9
host.js
yastatic.net/safeframe-bundles/0.83/
33 KB
9 KB
Script
General
Full URL
https://yastatic.net/safeframe-bundles/0.83/host.js
Requested by
Host: an.yandex.ru
URL: https://an.yandex.ru/system/context.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
178.154.131.215 , Russian Federation, ASN13238 (YANDEX YANDEX LLC, RU),
Reverse DNS
static.yandex.net
Software
nginx/1.17.9 /
Resource Hash
34806ef573086241dd1a596a860b0295b51c24f1c37eab36eb9d0665683abb55
Security Headers
Name Value
Strict-Transport-Security max-age=43200000; includeSubDomains;

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://goo.su
Referer
https://goo.su/

Response headers

x-robots-tag
noindex, noarchive, nofollow
content-encoding
br
etag
"f80882bf67cf261aa08d636da095149a"
report-to
{ "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
expires
Thu, 07 Jan 2055 06:15:29 GMT
date
Mon, 06 Jan 2025 23:39:30 GMT
content-type
text/javascript; charset=utf-8
last-modified
Wed, 03 Nov 2021 13:42:58 GMT
vary
Accept-Encoding
strict-transport-security
max-age=43200000; includeSubDomains;
cache-control
public, max-age=946708560
nel
{"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
timing-allow-origin
*
accept-ranges
bytes
access-control-allow-origin
*
content-length
8878
server
nginx/1.17.9
454b3fa45c64f15c3946.js
yastatic.net/partner-code-bundles/1183758/
114 KB
24 KB
Script
General
Full URL
https://yastatic.net/partner-code-bundles/1183758/454b3fa45c64f15c3946.js
Requested by
Host: an.yandex.ru
URL: https://an.yandex.ru/system/context.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
178.154.131.215 , Russian Federation, ASN13238 (YANDEX YANDEX LLC, RU),
Reverse DNS
static.yandex.net
Software
nginx/1.17.9 /
Resource Hash
f44fd5d3e4ef91db81aa29db7216c4ab17feada8c779fc168e3d13364136610a
Security Headers
Name Value
Strict-Transport-Security max-age=43200000; includeSubDomains;

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://goo.su
Referer
https://goo.su/

Response headers

x-robots-tag
noindex, noarchive, nofollow
content-encoding
br
etag
"9c35ad150317f2afb3591b412dfad6a4"
report-to
{ "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
expires
Thu, 07 Jan 2055 06:14:10 GMT
date
Mon, 06 Jan 2025 23:39:30 GMT
content-type
text/javascript; charset=utf-8
last-modified
Wed, 25 Dec 2024 15:06:27 GMT
vary
Accept-Encoding
strict-transport-security
max-age=43200000; includeSubDomains;
cache-control
public, max-age=946708560
nel
{"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
timing-allow-origin
*
accept-ranges
bytes
access-control-allow-origin
*
content-length
24474
server
nginx/1.17.9
1677322
yandex.ru/ads/meta/
441 B
2 KB
XHR
General
Full URL
https://yandex.ru/ads/meta/1677322?target-ref=https%3A%2F%2Fgoo.su%2FKUrs34&pcode-version=1183758&pcodever=1183758&comboblock-unencoded-vast=1&ad-session-id=7859181736206769787&target-id=30779041&pcode-test-ids=1173006%2C0%2C7%3B1135988%2C0%2C38%3B1184114%2C0%2C27%3B1183715%2C0%2C48%3B1139808%2C0%2C55%3B1164347%2C0%2C59%3B1175803%2C0%2C75%3B1178049%2C0%2C18%3B1182106%2C0%2C32%3B1175870%2C0%2C48%3B1181868%2C0%2C50%3B1178012%2C0%2C36%3B1160681%2C0%2C80%3B1183758%2C0%2C32%3B912287%2C0%2C7&pcode-flags-map=eJylWGFzmzgT%2Fi98DjlJIBD9JsOCNQaJSsJJetPRkNi9y12T3CRp7952%2Bt%2FfERA3OI3dm%2FtkI7GPVqvdZx%2FxNVhz4yrNF64GWdll8ObXr8Hn%2FuOnbfAmIChmwUnwuH14FJvgTcAQQ2kcfHt%2FMpidad66WhgLErRbXDglc5gBWN3BcwCMozihZIdgOr2GCyeksRp44xpVgJauACMqOUN6uOo%2Fbt3t9u85HCUEsx1cZ8CthdVCcmfX7m0H%2BsK1XPNmhrX95689lIRkdEQRBSgnpLMVd6YYEEffhKxcA4XgrhQ1mBngh7t713%2F8uAeasRQPoLZSbgKupNLgjHgHhz1iMcJoMNbagRaFs8qtubHHzHCUfo%2Bu5Ysa3Bq0EWoeToxZxFC0bx2T0eOmq61YcOnPtZOiFFA4IS3okucHPacZI%2BnogQ%2FdYjXs1bhSabeLba6ahTqEkqRZjNKn7Us4cxpsp6XjpQXt8lrkK2eXWnXV8mC%2BpRijOBuATMO19SnRgYPz1i1qnq%2BG7H2O8Gtw019%2FPL3%2FFJwE%2F%2BtvN9t%2FTu8%2F%2FXJ90%2F%2B2fZgN%2FdbfDCObL9vb8fX%2B8%2FXj3fj35vTZw%2Bb2ehr1yDuE4CS47798vPvy%2BzT95X78%2FXTfn95u%2F3548cIf%2Fd3N9WR696f%2FfT%2FbKmVkjJkB6wooeVdb1%2FIKnOyaBehDEU8pjtIx4S64sdyK3JUAhVvUKl85UbizpbDwg3jpUIQkzjBBcYiDk9kz2XuO9p7j4ZmHhGKEUjLZ85AyFic4xHg3kKSYpn6B9zM6yhKcDE6XxtVKta4U54e2yWgU4Wiw8FlVtdaZXIv2YFmxNCLZyHqFMENJjRmYK1kK3XC7X117ABmhERtXLd6BHEllBTXYY3aYkWzGbksui9ofg1xNTvjK4oXt5MG6zKKU0JEoDW%2FAXXBZwLkrVMPFYR9SlCbZbPOqBantwrUaWteA5W7R1auDIBmNJ1YAyyu3BF4czkeMEKPJSEbcXMh8rNznJl%2BDh%2B2jz8Bn8877VXDLXa14EZzM50AW4IO1Nz5N7I36nvgawKtLCCmsGwd4UarzvekGrBYr7nLVeTLdm82VWglwDbf50nebH7%2FVatUIAy8WHgrdb3%2FycmDbvbfmDOyUHBz2NfX73cPjgw%2Bmb2Pvv81OArM0mzjUtEMTmhrhmbBL1VmnoRAacuuUrC%2BOdylEUsRGrimte8oq3ra1WgvphDIOZJFzXRyByQiiu%2BrY4RgD9nnDyTVwK9b%2B%2BHi%2BHJz2L%2Bc1F82xJCRZ9GzrpTh354KrRjgNbzsw1hw2jwhN6c4874xVjatV5UTJ5ywa023fX%2BIkzLb9hzBO%2Byi8TJNN2H%2B4TOJs29MN9WSa0p4lSUTDq02ShXHGPoTZJmMhRlc97je4v9x6ysyBkCiJcUgWNA5jFNFwQRdZSEhGKQYooCiDkyCjWxZtWB%2FSeBuH8SYiYZ%2FiOMSXfX%2FJ0itMs41fFKI4jggL4ySNwphiHi6SJA4XUQIlKfO4RNmMlzGK4oyxH228BZ2DnOUHOkWI%2Fpx1XlZzBshwinGakeANPgkihDJGYoSDN%2FjbK4C%2BZp8E0Vioh08wTpNJGeZGT4KyEk1zWL6hOCNJsmdmQK9Bh0YUR4wpIlNX29Xb0Ipf68BJlKE4jejeGdAoJqPrg05vvH6rNK8dl%2BbsWOLTjGKy86H1lOSs5vkKtJmvHiFMSJJQGvgTwEkcE7rvCovZtCPduLLm1ZG6YVnKJinTQj7Kz06Kt57oiqG0ffdua55Ds5dNL8EymkxxqMC69coV0KhJ1ywunOWVKOZZhSlF1N85Hv76xQOFn68327vw85%2FhdnN9e7cdn0%2F%2FeLi7DeaJliUIf78f8aIYbx%2FGq%2FehXXe6fkZNtjoog7EHnFSZaq1oxDtw%2BRLylSu6thY5t%2FAT4cQY4ei7VyAHnrRLaMBB09oLx3MvYVzLJdT%2FUqpjTLC%2FSMx89KKgMO0Ru4ROsdrZVYNwbdQUtSP2aZaM68K5BS157QrT%2BiyVplXauqPVjWMUT6IIztshkH5lM1717FLNG9AN2bMmGfse1rKra5NrAPkk0vIllxU4pQVIe1QkYpzEjCY7vLXIXQ6iHlKH17lbgqiWR%2B5%2FSRIR8iz%2FSnXu%2FG2gEfLn7NMsTl%2B01LxW%2Fi7XWaukK48cS0oxwjsI1dnpal%2F71b128hR8hH5wGiGUzOoo11CAtILXY2%2F%2FYQO%2Bety7g0f0ifg9jlTuDBaN1z1WeCHODluzGE8ZOuqdUUBoKDWYpTOiaetj1%2FgoxfRVhPFS60P8X1B8ru%2FlFjrN%2FgVAw89HrTnz4vr2w894MUZhh2VFA6qbIcUUIfRT7jxF4xAaIfS%2FoLlOWlFPs89xMXrdS587umkdcG1crmo1z96rTw%2BPdzdu09%2F%2FuZd9GUNsn3cXmstivDpWx%2FggmorRF4Bpa2E9GfCCt4OeXZNjlfhEzL52%2FBe1QUfMT9l%2F2dgzY7tPJp5OK%2BW0OhvL90i5EDwVLRgDMoenLZulFnJ12DilbOp0frOQq8YteFGB37EV%2FitWfGR1zBL2creu4u0RkkgZmrTO5G%2BjuRi%2Bdynf%2F1ouB7F4%2BDaCE5SwkffaXBWw3qO4IZ8oe1FSQ%2F%2F59n%2BjSTMI&pcode-icookie=TVoeC%2FIG4VV6hkZeyEG34WldAeeOkX1W9I%2FdQGg6h88opADBG40K9mJDaY5V2YG9MstUnmHYKkuR2Bidpl0cQsV8I9E%3D&disable-base64=1&imp-id=3&ecma-version=es2017&charset=utf-8&test-tag=7696581394434&tga-with-creatives=1&top-ancestor=https%3A%2F%2Fgoo.su&top-ancestor-undetermined=0&layout-config=%7B%22win_width%22%3A1600%2C%22win_height%22%3A1200%2C%22pixel_ratio%22%3A1%2C%22bandwidth%22%3A1.45%2C%22isInIframe%22%3Afalse%2C%22w%22%3A1600%2C%22h%22%3A1200%2C%22width%22%3A300%2C%22height%22%3A0%2C%22visible%22%3A1%2C%22fullscreenHeaderHeight%22%3A80%2C%22left%22%3A650%2C%22top%22%3A452%2C%22ad_no%22%3A0%2C%22safeArea%22%3A%7B%22top%22%3A0%2C%22bottom%22%3A0%2C%22left%22%3A0%2C%22right%22%3A0%7D%2C%22req_no%22%3A0%7D&grab-orig-len=360&grab=eyJncmFiX3ZlcnNpb24iOjJ9CpJuspE73_N6UJ1O2KusijhPEkkV8vfH7JT3ux8GRII2b4nZksi3Z5hAEObCDetz4S6FXGbHXwa7sObirMOXKrWFvUnvEnuEHk5Hs8ysdf2jdXNuCL1Xchd3SLQ1QQOtVxks2IDMJSzmo09aEzrbhMaGn0NNE3yKuAYJ_Rzxu9ok5pJy0UxyIBV9BrPxGp3a80NYK2rsl0qXVXiig5VoVfnkaN4fqkX1fOYZq5d238zxz2O9b9wtnptOFqceSDoSEkHfl_4V9AK_MevcGaWtC_C0NCWfaWtQ-WEJIYrig_tL-h6ddpRJ1ad4A8JgluGsHv5AdSQlKgI4QP8%3D&uniformat=true&callback=Ya%5B3763055577040%5D
Requested by
Host: an.yandex.ru
URL: https://an.yandex.ru/system/context.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
77.88.44.55 , Russian Federation, ASN13238 (YANDEX YANDEX LLC, RU),
Reverse DNS
yandex.ru
Software
/
Resource Hash
06567e87d178c726953d001e9cf551e9d7e67880f9f4ef35cba7a0b24d901728
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests; default-src 'none'; base-uri 'none'; script-src 'report-sample' 'unsafe-inline' 'self' yandex.ru an.yandex.ru api-maps.yandex.ru mc.yandex.ru yastatic.net pcode.yads.tech *.maps.yandex.net; style-src 'unsafe-inline' yastatic.net; img-src 'self' data: avatars.mds.yandex.net favicon.yandex.net *.captcha.yandex.net yastatic.net *.maps.yandex.net *.yandex.ru avatars.yads.tech; media-src blob: strm.yandex.ru *.strm.yandex.net; font-src yastatic.net; connect-src 'self' blob: abs.yandex.ru an.yandex.ru yandex.ru mc.yandex.ru yastatic.net log.strm.yandex.ru display.yads.tech display-logs.yads.tech; frame-src yandexadexchange.net yandex.ru an.yandex.ru; report-uri https://csp.yandex.net/csp?from=yabs&project=yabs&yandex_login=&platform=
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
application/x-www-form-urlencoded
Referer
https://goo.su/

Response headers

x-yandex-req-id
1736206770418917-4319166597121914376-balancer-l7leveler-kubr-yp-klg-195-BAL
content-encoding
gzip
report-to
{ "group": "network-errors", "max_age": 100, "endpoints": [{"url": "https://dr.yandex.net/nel", "priority": 1}, {"url": "https://dr2.yandex.net/nel", "priority": 2}]}
x-content-type-options
nosniff
expires
Mon, 06 Jan 2025 23:39:30 GMT
date
Mon, 06 Jan 2025 23:39:30 GMT
last-modified
Mon, 06 Jan 2025 23:39:30 GMT
content-type
application/json; charset=utf-8
content-security-policy
upgrade-insecure-requests; default-src 'none'; base-uri 'none'; script-src 'report-sample' 'unsafe-inline' 'self' yandex.ru an.yandex.ru api-maps.yandex.ru mc.yandex.ru yastatic.net pcode.yads.tech *.maps.yandex.net; style-src 'unsafe-inline' yastatic.net; img-src 'self' data: avatars.mds.yandex.net favicon.yandex.net *.captcha.yandex.net yastatic.net *.maps.yandex.net *.yandex.ru avatars.yads.tech; media-src blob: strm.yandex.ru *.strm.yandex.net; font-src yastatic.net; connect-src 'self' blob: abs.yandex.ru an.yandex.ru yandex.ru mc.yandex.ru yastatic.net log.strm.yandex.ru display.yads.tech display-logs.yads.tech; frame-src yandexadexchange.net yandex.ru an.yandex.ru; report-uri https://csp.yandex.net/csp?from=yabs&project=yabs&yandex_login=&platform=
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin
*
nel
{"report_to": "network-errors", "max_age": 100, "success_fraction": 0.001, "failure_fraction": 0.1}
accept-ch
Sec-CH-UA-Platform-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Platform, Sec-CH-UA-Full-Version, Viewport-Width, DPR, Device-Memory, RTT, Downlink, ECT, Width
pragma
no-cache
access-control-allow-credentials
true
access-control-allow-origin
https://goo.su
x-xss-protection
1; mode=block
332cb477b2c0128d2396c436377d8cd631ef8eda.jpeg
reshowsvole.shop/g/33/2c/ Frame B31E
Redirect Chain
  • https://yc.beckieintrate.top/tsk/HQxu7sG9wHbtJALJKxw*af3LWNZYa1MxnXkldAzErUp3wh_9wcvDpVzOy0aHptv5bUBA6b9*Zy47QQC0hA1lpsF7qooiXj93ZaPxWYVynJ8
  • https://reshowsvole.shop/g/33/2c/332cb477b2c0128d2396c436377d8cd631ef8eda.jpeg
164 KB
164 KB
Image
General
Full URL
https://reshowsvole.shop/g/33/2c/332cb477b2c0128d2396c436377d8cd631ef8eda.jpeg
Requested by
Host: goo.su
URL: https://goo.su/KUrs34
Protocol
HTTP/1.1
Server
162.19.19.15 , France, ASN16276 (OVH OVH SAS, FR),
Reverse DNS
ns3220790.ip-162-19-19.eu
Software
nginx /
Resource Hash
7ad6ba8d8a6cf114a9b423418072f1c23b2aad56f192797208d8ead349f49577

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

Cache-Control
max-age=864000
ETag
"66a3a072-28fba"
Connection
keep-alive
Expires
Thu, 16 Jan 2025 23:39:31 GMT
Accept-Ranges
bytes
Content-Length
167866
Keep-Alive
timeout=20
Date
Mon, 06 Jan 2025 23:39:31 GMT
Content-Type
image/jpeg
Last-Modified
Fri, 26 Jul 2024 13:11:14 GMT
Server
nginx

Redirect headers

Access-Control-Max-Age
600
Content-Encoding
gzip
Access-Control-Allow-Methods
GET, POST, OPTIONS
X-Content-Type-Options
nosniff
Keep-Alive
timeout=20
Date
Mon, 06 Jan 2025 23:39:31 GMT
Content-Type
text/html; charset=UTF-8
Vary
Accept-Encoding
Access-Control-Allow-Headers
content-type, megageocheckolololo, x-forwarded-for, x-requested-with, cache-control, pragma, expires
Transfer-Encoding
chunked
Strict-Transport-Security
max-age=1
Location
https://reshowsvole.shop/g/33/2c/332cb477b2c0128d2396c436377d8cd631ef8eda.jpeg
Accept-ch
sec-ch-ua-platform-version,sec-ch-ua-model,sec-ch-ua-full-version,sec-ch-ua-full-version-list
Connection
keep-alive
Referrer-Policy
no-referrer
Access-Control-Allow-Origin
*
Server
nginx
997bc0c7d7a9e576cb1fe0c6243fda1743a563aa.jpeg
reshowsvole.shop/g/99/7b/ Frame B31E
Redirect Chain
  • https://yc.beckieintrate.top/tsk/HQxu7sG9wHbtJALJKxw*aejzlb1u2hNGTPlpMhogrPVJCPoKsBhnzyE5E2CTCMwINuvxG3ZliWF5EhKGDh7DAkIyFXc3He6xmrww8wlVRs4
  • https://reshowsvole.shop/g/99/7b/997bc0c7d7a9e576cb1fe0c6243fda1743a563aa.jpeg
117 KB
117 KB
Image
General
Full URL
https://reshowsvole.shop/g/99/7b/997bc0c7d7a9e576cb1fe0c6243fda1743a563aa.jpeg
Requested by
Host: goo.su
URL: https://goo.su/KUrs34
Protocol
HTTP/1.1
Server
162.19.19.15 , France, ASN16276 (OVH OVH SAS, FR),
Reverse DNS
ns3220790.ip-162-19-19.eu
Software
nginx /
Resource Hash
7f4a0f4b45b8c93a7662873d02abba721a6652e35e2c9514df49011fb689076c

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

Cache-Control
max-age=864000
ETag
"66a39f84-1d445"
Connection
keep-alive
Expires
Thu, 16 Jan 2025 23:39:31 GMT
Accept-Ranges
bytes
Content-Length
119877
Keep-Alive
timeout=20
Date
Mon, 06 Jan 2025 23:39:31 GMT
Content-Type
image/jpeg
Last-Modified
Fri, 26 Jul 2024 13:07:16 GMT
Server
nginx

Redirect headers

Access-Control-Max-Age
600
Content-Encoding
gzip
Access-Control-Allow-Methods
GET, POST, OPTIONS
X-Content-Type-Options
nosniff
Keep-Alive
timeout=20
Date
Mon, 06 Jan 2025 23:39:31 GMT
Content-Type
text/html; charset=UTF-8
Vary
Accept-Encoding
Access-Control-Allow-Headers
content-type, megageocheckolololo, x-forwarded-for, x-requested-with, cache-control, pragma, expires
Transfer-Encoding
chunked
Strict-Transport-Security
max-age=1
Location
https://reshowsvole.shop/g/99/7b/997bc0c7d7a9e576cb1fe0c6243fda1743a563aa.jpeg
Accept-ch
sec-ch-ua-platform-version,sec-ch-ua-model,sec-ch-ua-full-version,sec-ch-ua-full-version-list
Connection
keep-alive
Referrer-Policy
no-referrer
Access-Control-Allow-Origin
*
Server
nginx
sync-loader.js
privacy-cs.mail.ru/static/
155 KB
41 KB
Script
General
Full URL
https://privacy-cs.mail.ru/static/sync-loader.js
Requested by
Host: top-fwz1.mail.ru
URL: https://top-fwz1.mail.ru/js/code.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
95.163.52.89 , Russian Federation, ASN47764 (VK-AS LLC VK, RU),
Reverse DNS
r3.mail.ru
Software
nginx /
Resource Hash
5e5ebd5298cb9dab18bda0c5076bb0c3422876cd52d442f2ff93564c071d786c

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://goo.su/

Response headers

Transfer-Encoding
chunked
Cache-Control
max-age=600
Timing-Allow-Origin
*
Content-Encoding
gzip
Connection
keep-alive
Expires
Mon, 06 Jan 2025 23:49:32 GMT
Access-Control-Allow-Origin
*
Date
Mon, 06 Jan 2025 23:39:32 GMT
Content-Type
application/javascript;charset=UTF-8
Server
nginx
dyn-goal-config.js
top-fwz1.mail.ru/js/
3 KB
2 KB
Script
General
Full URL
https://top-fwz1.mail.ru/js/dyn-goal-config.js?ids=3128781
Requested by
Host: top-fwz1.mail.ru
URL: https://top-fwz1.mail.ru/js/code.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
95.163.52.67 , Russian Federation, ASN47764 (VK-AS LLC VK, RU),
Reverse DNS
top-fwz1.mail.ru
Software
nginx /
Resource Hash
0e7e3045519beaff2095d4a64b8dfb1b581013eb5b8f4b3549983c69abe7139b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://goo.su/

Response headers

access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
content-encoding
gzip
access-control-allow-methods
GET, POST, HEAD, PUT, OPTIONS
x-content-type-options
nosniff
accept-ch-lifetime
86400
expires
Mon, 06 Jan 2025 23:49:30 GMT
p3p
CP="NOI DSP COR NID CUR PSA OUR NOR"
date
Mon, 06 Jan 2025 23:39:30 GMT
content-type
application/javascript; charset=utf-8
access-control-allow-headers
*
cache-control
max-age=600, private
timing-allow-origin
*
accept-ch
DPR, Width, Viewport-Width, Downlink, Device-Memory, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version
access-control-allow-credentials
true
amp-access-control-allow-source-origin
*
access-control-allow-origin
*
server
nginx
counter
top-fwz1.mail.ru/
43 B
1 KB
Image
General
Full URL
https://top-fwz1.mail.ru/counter?_=0.15656021135682097;id=3128781;u=https%3A//goo.su/KUrs34;title=Redirecting;s=1600*1200;vp=1600*1200;touch=0;hds=1;sid=98af18c1430543ab;ver=60.6.0;tz=-120%2FEurope%2FHelsinki;st=1736206768583;ct=3286/3287/3287//1620;rt=1619/1665/0/0/0/1619/2814/2819/2819/3062/2825/3062/3210/3284;gl=u;ni=1.45//3g/300/0/;lvid=1736206770250%3A1736206770256%3A1%3A4ff26271c6ea561d022d07cfd21aed10;opts=cnhp%3Dh2%2Ccs%3D19192-47083-19492;visible=true;js=13
Requested by
Host: goo.su
URL: https://goo.su/KUrs34
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
95.163.52.67 , Russian Federation, ASN47764 (VK-AS LLC VK, RU),
Reverse DNS
top-fwz1.mail.ru
Software
nginx /
Resource Hash
24e480e4659fbae818853a38f8a3036f529f539024dc3e772c0b594ce02ea9db
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://goo.su/

Response headers

access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
access-control-allow-methods
GET, POST, HEAD, PUT, OPTIONS
x-content-type-options
nosniff
accept-ch-lifetime
86400
p3p
CP="NOI DSP COR NID CUR PSA OUR NOR"
date
Mon, 06 Jan 2025 23:39:30 GMT
content-type
image/gif
access-control-allow-headers
*
cache-control
private, no-cache, no-store, max-age=0
timing-allow-origin
*
pragma
no-cache
accept-ch
DPR, Width, Viewport-Width, Downlink, Device-Memory, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version
access-control-allow-credentials
true
amp-access-control-allow-source-origin
*
access-control-allow-origin
*
content-length
43
server
nginx
1677322
yandex.ru/ads/meta/
441 B
445 B
XHR
General
Full URL
https://yandex.ru/ads/meta/1677322?target-ref=https%3A%2F%2Fgoo.su%2FKUrs34&pcode-version=1183758&pcodever=1183758&comboblock-unencoded-vast=1&ad-session-id=7859181736206769787&target-id=56697551&pcode-test-ids=1173006%2C0%2C7%3B1135988%2C0%2C38%3B1184114%2C0%2C27%3B1183715%2C0%2C48%3B1139808%2C0%2C55%3B1164347%2C0%2C59%3B1175803%2C0%2C75%3B1178049%2C0%2C18%3B1182106%2C0%2C32%3B1175870%2C0%2C48%3B1181868%2C0%2C50%3B1178012%2C0%2C36%3B1160681%2C0%2C80%3B1183758%2C0%2C32%3B912287%2C0%2C7&pcode-flags-map=eJylWGFzmzgT%2Fi98DjlJIBD9JsOCNQaJSsJJetPRkNi9y12T3CRp7952%2Bt%2FfERA3OI3dm%2FtkI7GPVqvdZx%2FxNVhz4yrNF64GWdll8ObXr8Hn%2FuOnbfAmIChmwUnwuH14FJvgTcAQQ2kcfHt%2FMpidad66WhgLErRbXDglc5gBWN3BcwCMozihZIdgOr2GCyeksRp44xpVgJauACMqOUN6uOo%2Fbt3t9u85HCUEsx1cZ8CthdVCcmfX7m0H%2BsK1XPNmhrX95689lIRkdEQRBSgnpLMVd6YYEEffhKxcA4XgrhQ1mBngh7t713%2F8uAeasRQPoLZSbgKupNLgjHgHhz1iMcJoMNbagRaFs8qtubHHzHCUfo%2Bu5Ysa3Bq0EWoeToxZxFC0bx2T0eOmq61YcOnPtZOiFFA4IS3okucHPacZI%2BnogQ%2FdYjXs1bhSabeLba6ahTqEkqRZjNKn7Us4cxpsp6XjpQXt8lrkK2eXWnXV8mC%2BpRijOBuATMO19SnRgYPz1i1qnq%2BG7H2O8Gtw019%2FPL3%2FFJwE%2F%2BtvN9t%2FTu8%2F%2FXJ90%2F%2B2fZgN%2FdbfDCObL9vb8fX%2B8%2FXj3fj35vTZw%2Bb2ehr1yDuE4CS47798vPvy%2BzT95X78%2FXTfn95u%2F3548cIf%2Fd3N9WR696f%2FfT%2FbKmVkjJkB6wooeVdb1%2FIKnOyaBehDEU8pjtIx4S64sdyK3JUAhVvUKl85UbizpbDwg3jpUIQkzjBBcYiDk9kz2XuO9p7j4ZmHhGKEUjLZ85AyFic4xHg3kKSYpn6B9zM6yhKcDE6XxtVKta4U54e2yWgU4Wiw8FlVtdaZXIv2YFmxNCLZyHqFMENJjRmYK1kK3XC7X117ABmhERtXLd6BHEllBTXYY3aYkWzGbksui9ofg1xNTvjK4oXt5MG6zKKU0JEoDW%2FAXXBZwLkrVMPFYR9SlCbZbPOqBantwrUaWteA5W7R1auDIBmNJ1YAyyu3BF4czkeMEKPJSEbcXMh8rNznJl%2BDh%2B2jz8Bn8877VXDLXa14EZzM50AW4IO1Nz5N7I36nvgawKtLCCmsGwd4UarzvekGrBYr7nLVeTLdm82VWglwDbf50nebH7%2FVatUIAy8WHgrdb3%2FycmDbvbfmDOyUHBz2NfX73cPjgw%2Bmb2Pvv81OArM0mzjUtEMTmhrhmbBL1VmnoRAacuuUrC%2BOdylEUsRGrimte8oq3ra1WgvphDIOZJFzXRyByQiiu%2BrY4RgD9nnDyTVwK9b%2B%2BHi%2BHJz2L%2Bc1F82xJCRZ9GzrpTh354KrRjgNbzsw1hw2jwhN6c4874xVjatV5UTJ5ywa023fX%2BIkzLb9hzBO%2Byi8TJNN2H%2B4TOJs29MN9WSa0p4lSUTDq02ShXHGPoTZJmMhRlc97je4v9x6ysyBkCiJcUgWNA5jFNFwQRdZSEhGKQYooCiDkyCjWxZtWB%2FSeBuH8SYiYZ%2FiOMSXfX%2FJ0itMs41fFKI4jggL4ySNwphiHi6SJA4XUQIlKfO4RNmMlzGK4oyxH228BZ2DnOUHOkWI%2Fpx1XlZzBshwinGakeANPgkihDJGYoSDN%2FjbK4C%2BZp8E0Vioh08wTpNJGeZGT4KyEk1zWL6hOCNJsmdmQK9Bh0YUR4wpIlNX29Xb0Ipf68BJlKE4jejeGdAoJqPrg05vvH6rNK8dl%2BbsWOLTjGKy86H1lOSs5vkKtJmvHiFMSJJQGvgTwEkcE7rvCovZtCPduLLm1ZG6YVnKJinTQj7Kz06Kt57oiqG0ffdua55Ds5dNL8EymkxxqMC69coV0KhJ1ywunOWVKOZZhSlF1N85Hv76xQOFn68327vw85%2FhdnN9e7cdn0%2F%2FeLi7DeaJliUIf78f8aIYbx%2FGq%2FehXXe6fkZNtjoog7EHnFSZaq1oxDtw%2BRLylSu6thY5t%2FAT4cQY4ei7VyAHnrRLaMBB09oLx3MvYVzLJdT%2FUqpjTLC%2FSMx89KKgMO0Ru4ROsdrZVYNwbdQUtSP2aZaM68K5BS157QrT%2BiyVplXauqPVjWMUT6IIztshkH5lM1717FLNG9AN2bMmGfse1rKra5NrAPkk0vIllxU4pQVIe1QkYpzEjCY7vLXIXQ6iHlKH17lbgqiWR%2B5%2FSRIR8iz%2FSnXu%2FG2gEfLn7NMsTl%2B01LxW%2Fi7XWaukK48cS0oxwjsI1dnpal%2F71b128hR8hH5wGiGUzOoo11CAtILXY2%2F%2FYQO%2Bety7g0f0ifg9jlTuDBaN1z1WeCHODluzGE8ZOuqdUUBoKDWYpTOiaetj1%2FgoxfRVhPFS60P8X1B8ru%2FlFjrN%2FgVAw89HrTnz4vr2w894MUZhh2VFA6qbIcUUIfRT7jxF4xAaIfS%2FoLlOWlFPs89xMXrdS587umkdcG1crmo1z96rTw%2BPdzdu09%2F%2FuZd9GUNsn3cXmstivDpWx%2FggmorRF4Bpa2E9GfCCt4OeXZNjlfhEzL52%2FBe1QUfMT9l%2F2dgzY7tPJp5OK%2BW0OhvL90i5EDwVLRgDMoenLZulFnJ12DilbOp0frOQq8YteFGB37EV%2FitWfGR1zBL2creu4u0RkkgZmrTO5G%2BjuRi%2Bdynf%2F1ouB7F4%2BDaCE5SwkffaXBWw3qO4IZ8oe1FSQ%2F%2F59n%2BjSTMI&pcode-icookie=TVoeC%2FIG4VV6hkZeyEG34WldAeeOkX1W9I%2FdQGg6h88opADBG40K9mJDaY5V2YG9MstUnmHYKkuR2Bidpl0cQsV8I9E%3D&disable-base64=1&imp-id=4&ecma-version=es2017&charset=utf-8&test-tag=7696581394434&tga-with-creatives=1&top-ancestor=https%3A%2F%2Fgoo.su&top-ancestor-undetermined=0&layout-config=%7B%22win_width%22%3A1600%2C%22win_height%22%3A1200%2C%22pixel_ratio%22%3A1%2C%22bandwidth%22%3A4.5%2C%22isInIframe%22%3Afalse%2C%22w%22%3A1600%2C%22h%22%3A1200%2C%22width%22%3A300%2C%22height%22%3A0%2C%22visible%22%3A1%2C%22fullscreenHeaderHeight%22%3A80%2C%22left%22%3A650%2C%22top%22%3A452%2C%22ad_no%22%3A0%2C%22safeArea%22%3A%7B%22top%22%3A0%2C%22bottom%22%3A0%2C%22left%22%3A0%2C%22right%22%3A0%7D%2C%22req_no%22%3A1%7D&grab-orig-len=360&grab=eyJncmFiX3ZlcnNpb24iOjJ9CpJuspE73_N6UJ1O2KusijhPEkkV8vfH7JT3ux8GRII2b4nZksi3Z5hAEObCDetz4S6FXGbHXwa7sObirMOXKrWFvUnvEnuEHk5Hs8ysdf2jdXNuCL1Xchd3SLQ1QQOtVxks2IDMJSzmo09aEzrbhMaGn0NNE3yKuAYJ_Rzxu9ok5pJy0UxyIBV9BrPxGp3a80NYK2rsl0qXVXiig5VoVfnkaN4fqkX1fOYZq5d238zxz2O9b9wtnptOFqceSDoSEkHfl_4V9AK_MevcGaWtC_C0NCWfaWtQ-WEJIYrig_tL-h6ddpRJ1ad4A8JgluGsHv5AdSQlKgI4QP8%3D&uniformat=true&callback=Ya%5B2825056599883%5D
Requested by
Host: an.yandex.ru
URL: https://an.yandex.ru/system/context.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
77.88.44.55 , Russian Federation, ASN13238 (YANDEX YANDEX LLC, RU),
Reverse DNS
yandex.ru
Software
/
Resource Hash
562313c47256e8e245a6f9580444977088dd4b1489e116822ca842c54949a3d9
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests; default-src 'none'; base-uri 'none'; script-src 'report-sample' 'unsafe-inline' 'self' yandex.ru an.yandex.ru api-maps.yandex.ru mc.yandex.ru yastatic.net pcode.yads.tech *.maps.yandex.net; style-src 'unsafe-inline' yastatic.net; img-src 'self' data: avatars.mds.yandex.net favicon.yandex.net *.captcha.yandex.net yastatic.net *.maps.yandex.net *.yandex.ru avatars.yads.tech; media-src blob: strm.yandex.ru *.strm.yandex.net; font-src yastatic.net; connect-src 'self' blob: abs.yandex.ru an.yandex.ru yandex.ru mc.yandex.ru yastatic.net log.strm.yandex.ru display.yads.tech display-logs.yads.tech; frame-src yandexadexchange.net yandex.ru an.yandex.ru; report-uri https://csp.yandex.net/csp?from=yabs&project=yabs&yandex_login=&platform=
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
application/x-www-form-urlencoded
Referer
https://goo.su/

Response headers

x-yandex-req-id
1736206771101006-12770773031149410958-balancer-l7leveler-kubr-yp-klg-195-BAL
content-encoding
gzip
report-to
{ "group": "network-errors", "max_age": 100, "endpoints": [{"url": "https://dr.yandex.net/nel", "priority": 1}, {"url": "https://dr2.yandex.net/nel", "priority": 2}]}
x-content-type-options
nosniff
expires
Mon, 06 Jan 2025 23:39:31 GMT
date
Mon, 06 Jan 2025 23:39:31 GMT
last-modified
Mon, 06 Jan 2025 23:39:31 GMT
content-type
application/json; charset=utf-8
content-security-policy
upgrade-insecure-requests; default-src 'none'; base-uri 'none'; script-src 'report-sample' 'unsafe-inline' 'self' yandex.ru an.yandex.ru api-maps.yandex.ru mc.yandex.ru yastatic.net pcode.yads.tech *.maps.yandex.net; style-src 'unsafe-inline' yastatic.net; img-src 'self' data: avatars.mds.yandex.net favicon.yandex.net *.captcha.yandex.net yastatic.net *.maps.yandex.net *.yandex.ru avatars.yads.tech; media-src blob: strm.yandex.ru *.strm.yandex.net; font-src yastatic.net; connect-src 'self' blob: abs.yandex.ru an.yandex.ru yandex.ru mc.yandex.ru yastatic.net log.strm.yandex.ru display.yads.tech display-logs.yads.tech; frame-src yandexadexchange.net yandex.ru an.yandex.ru; report-uri https://csp.yandex.net/csp?from=yabs&project=yabs&yandex_login=&platform=
nel
{"report_to": "network-errors", "max_age": 100, "success_fraction": 0.001, "failure_fraction": 0.1}
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin
*
accept-ch
Sec-CH-UA-Platform-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Platform, Sec-CH-UA-Full-Version, Viewport-Width, DPR, Device-Memory, RTT, Downlink, ECT, Width
pragma
no-cache
access-control-allow-credentials
true
access-control-allow-origin
https://goo.su
x-xss-protection
1; mode=block
watch.js
mc.yandex.ru/metrika/
154 KB
55 KB
Script
General
Full URL
https://mc.yandex.ru/metrika/watch.js
Requested by
Host: an.yandex.ru
URL: https://an.yandex.ru/system/context.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
77.88.21.119 , Russian Federation, ASN13238 (YANDEX YANDEX LLC, RU),
Reverse DNS
mc.yandex.ru
Software
/
Resource Hash
dcc1643bbb30485235761e58faad3153ca92327592f070b727a86dab61fa256e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://goo.su
Referer
https://goo.su/

Response headers

strict-transport-security
max-age=31536000
cache-control
max-age=3600
timing-allow-origin
*
content-encoding
br
etag
"67655eba-d910"
accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
expires
Tue, 07 Jan 2025 00:39:31 GMT
access-control-allow-origin
*
content-length
55568
date
Mon, 06 Jan 2025 23:39:31 GMT
content-type
application/javascript
last-modified
Fri, 20 Dec 2024 12:10:34 GMT
/
kraken.rambler.ru/cnt/v2/
43 B
640 B
Image
General
Full URL
https://kraken.rambler.ru/cnt/v2/?event_type=base&event_name=page_view&project_id=6673155&session_id=395080231_1736206771211&session_number=1&session_event_number=1&version=3.16.50&counter_type=web&experiment=%5B%5B%22exp_ws%22%2C%22no%22%5D%5D&top100_id=t1.6673155.403958671.1736206771210&adtech_uid=e73dd41a-13cc-4c90-b1d1-33c14027f353&adtech_uid_scope=goo.su&fingerprint_ip=pA8AAENKs1exOo2bAX1YPQA%3D&url=https%3A%2F%2Fgoo.su%2FKUrs34&request_id=1736206771.21-2088325530&event_id=249267712124743&meta=%7B%22title%22%3A%22Redirecting%22%2C%22referer%22%3A%22%22%2C%22screen_size%22%3A%221600x1200%22%2C%22browser_size%22%3A%221600x1200%22%2C%22color_depth%22%3A%2224-bit%22%2C%22language%22%3A%22fi-FI%22%2C%22browser%22%3A%22Netscape%22%2C%22platform%22%3A%22Linux%20x86_64%22%2C%22timezone%22%3A%22-120%22%7D&rn=1252811733
Requested by
Host: goo.su
URL: https://goo.su/KUrs34
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
81.19.89.17 , Russian Federation, ASN24638 (RAMBLER-TELECOM-AS Rambler Internet Holding LLC, RU),
Reverse DNS
kraken.rambler.ru
Software
nginx /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://goo.su/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
cache-control
no-cache
accept-ch
Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
pragma
no-cache
access-control-allow-credentials
true
access-control-allow-methods
GET, POST, OPTIONS
expires
Thu, 01 Jan 1970 00:00:01 GMT
x-sca-elb
t100-exd
content-length
43
date
Mon, 06 Jan 2025 23:39:31 GMT
content-type
image/gif
server
nginx
access-control-allow-headers
content-type
top100_0062b1.gif
kraken.rambler.ru/counter-static/images/
595 B
1 KB
Image
General
Full URL
https://kraken.rambler.ru/counter-static/images/top100_0062b1.gif
Requested by
Host: goo.su
URL: https://goo.su/KUrs34
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
81.19.89.17 , Russian Federation, ASN24638 (RAMBLER-TELECOM-AS Rambler Internet Holding LLC, RU),
Reverse DNS
kraken.rambler.ru
Software
nginx /
Resource Hash
fda0897f4cdbbab911245c9ebaa4885f54a7e572b8c9b071dc976d1d27cab1a6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://goo.su/

Response headers

x-obs-id-2
32AAAQAAEAABAAAQAAEAABAAAQAAEAABCSAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
x-obs-meta-s3cmd-attrs
atime:1718733846/ctime:1718733846/gid:0/gname:root/md5:10d95efe74b84de86398a30e7b958b79/mode:33206/mtime:1718733846/uid:0/uname:root
access-control-allow-methods
OPTIONS,GET
x-sca-elb
t100-exd
date
Mon, 06 Jan 2025 23:39:31 GMT
content-type
image/gif
x-obs-request-id
bb3f2f8fb2fb88b1a6b21298ed5987ee
access-control-allow-headers
DNT
x-cache-status
HIT
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
max-age=86400
access-control-allow-credentials
true
x-obs-tagging-count
0
access-control-allow-origin
*
content-length
595
x-obs-content-sha256
fda0897f4cdbbab911245c9ebaa4885f54a7e572b8c9b071dc976d1d27cab1a6
server
nginx
sync_cookie_image_decide
mc.yandex.com/
Redirect Chain
  • https://mc.yandex.com/sync_cookie_image_check
  • https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=10611.Aq5_MgYnD_bysgCMRwCg_5yIep_mModDDn1UXy5GxPwlgn27enS4qjLX0k4lEWq0.0lF89jGpo7rDyw98pgUBbksN9sw%2C
  • https://mc.yandex.com/sync_cookie_image_decide?token=10611.fl2eJ7udiyGcvXzHzMm2Xxeu6Gt_uYfSsTfSzHAYQ3hmbS9rpdUsmnxQohxvQD7RgXDfbd8MVcrnBqmfDz0SKfelCgE1YayRwwSaZeA0v8g0Gv0_8NH8os51PlFmdmR1UvNT8q5gOI...
43 B
698 B
Image
General
Full URL
https://mc.yandex.com/sync_cookie_image_decide?token=10611.fl2eJ7udiyGcvXzHzMm2Xxeu6Gt_uYfSsTfSzHAYQ3hmbS9rpdUsmnxQohxvQD7RgXDfbd8MVcrnBqmfDz0SKfelCgE1YayRwwSaZeA0v8g0Gv0_8NH8os51PlFmdmR1UvNT8q5gOI6kVJdNhuHb_iJXH2CK8RrcKJsXxhrDGvawvOW76hHNrEOcQc-a9rlDBSbWEis7QNF9wZbfJDbfAw3t9dt6VV1gCm_2avrujVU%2C.ly9Lq2OB-m9dNWn1GsJO9V0FZjY%2C
Requested by
Host: goo.su
URL: https://goo.su/KUrs34
Protocol
H2
Server
77.88.21.119 , Russian Federation, ASN13238 (YANDEX YANDEX LLC, RU),
Reverse DNS
mc.yandex.ru
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://goo.su/

Response headers

strict-transport-security
max-age=31536000
content-length
43
x-xss-protection
1; mode=block
date
Mon, 06 Jan 2025 23:39:33 GMT
content-type
image/gif

Redirect headers

strict-transport-security
max-age=31536000
location
https://mc.yandex.com/sync_cookie_image_decide?token=10611.fl2eJ7udiyGcvXzHzMm2Xxeu6Gt_uYfSsTfSzHAYQ3hmbS9rpdUsmnxQohxvQD7RgXDfbd8MVcrnBqmfDz0SKfelCgE1YayRwwSaZeA0v8g0Gv0_8NH8os51PlFmdmR1UvNT8q5gOI6kVJdNhuHb_iJXH2CK8RrcKJsXxhrDGvawvOW76hHNrEOcQc-a9rlDBSbWEis7QNF9wZbfJDbfAw3t9dt6VV1gCm_2avrujVU%2C.ly9Lq2OB-m9dNWn1GsJO9V0FZjY%2C
x-xss-protection
1; mode=block
date
Mon, 06 Jan 2025 23:39:33 GMT
metrika_match.html
mc.yandex.com/metrika/ Frame AF86
0
0
Document
General
Full URL
https://mc.yandex.com/metrika/metrika_match.html
Requested by
Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/watch.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
87.250.251.119 , Russian Federation, ASN13238 (YANDEX YANDEX LLC, RU),
Reverse DNS
mc.yandex.ru
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://goo.su/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
access-control-allow-origin
*
cache-control
max-age=3600
content-encoding
br
content-length
2080
content-type
text/html
date
Mon, 06 Jan 2025 23:39:33 GMT
etag
"67655eba-820"
expires
Tue, 07 Jan 2025 00:39:33 GMT
last-modified
Fri, 20 Dec 2024 12:10:34 GMT
strict-transport-security
max-age=31536000
timing-allow-origin
*
/
privacy-cs.mail.ru/fp/ Frame
0
0
Preflight
General
Full URL
https://privacy-cs.mail.ru/fp/?id=6uwSGeRY3ZnrezJHqhBKN
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
95.163.52.89 , Russian Federation, ASN47764 (VK-AS LLC VK, RU),
Reverse DNS
r3.mail.ru
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://goo.su
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
content-type
Access-Control-Allow-Method
POST
Access-Control-Allow-Origin
https://goo.su
Access-Control-Max-Age
1728000
Cache-Control
max-age=7200
Connection
keep-alive
Content-Length
0
Content-Type
application/octet-stream
Date
Mon, 06 Jan 2025 23:39:34 GMT
Expires
Tue, 07 Jan 2025 01:39:34 GMT
Server
nginx
/
privacy-cs.mail.ru/fp/
0
0
Fetch
General
Full URL
https://privacy-cs.mail.ru/fp/?id=6uwSGeRY3ZnrezJHqhBKN
Requested by
Host: privacy-cs.mail.ru
URL: https://privacy-cs.mail.ru/static/sync-loader.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
95.163.52.89 , Russian Federation, ASN47764 (VK-AS LLC VK, RU),
Reverse DNS
r3.mail.ru
Software
nginx /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
application/json
Referer
https://goo.su/

Response headers

Transfer-Encoding
chunked
Cache-Control
max-age=7200
Timing-Allow-Origin
*
Connection
keep-alive
Access-Control-Allow-Credentials
true
Expires
Tue, 07 Jan 2025 01:39:34 GMT
Access-Control-Allow-Origin
https://goo.su
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSAo PSDo OUR BUS UNI NAV STA INT"
Date
Mon, 06 Jan 2025 23:39:34 GMT
Content-Type
application/octet-stream
Server
nginx
tracker
top-fwz1.mail.ru/
43 B
1 KB
Image
General
Full URL
https://top-fwz1.mail.ru/tracker?_=0.5384395344025494;id=3128781;u=https%3A//goo.su/KUrs34;title=Redirecting;s=1600*1200;vp=1600*1200;touch=0;hds=1;sid=98af18c1430543ab;ver=60.6.0;tz=-120%2FEurope%2FHelsinki;st=1736206768583;nt=0/0/1736206766963/////1/1/8/9/520/316/520/747/758/750/1620/1625/1625/6540/6540/6540;ct=3286/3287/3287/3293/1620;rt=1619/1665/0/0/0/1619/2814/2819/2819/3062/2825/3062/3210/3284;gl=u;ni=4.5//4g/250/0/;detect=0;lvid=1736206770250%3A1736206773504%3A2%3A4ff26271c6ea561d022d07cfd21aed10;opts=jst-ym%2Ccnhp%3Dh2%2Ccs%3D19192-47083-19492;fpid=6uwSGeRY3ZnrezJHqhBKN;visible=true;js=13;e=RT/load;et=1736206773503
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
95.163.52.67 , Russian Federation, ASN47764 (VK-AS LLC VK, RU),
Reverse DNS
top-fwz1.mail.ru
Software
nginx /
Resource Hash
24e480e4659fbae818853a38f8a3036f529f539024dc3e772c0b594ce02ea9db
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://goo.su/

Response headers

access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
access-control-allow-methods
GET, POST, HEAD, PUT, OPTIONS
x-content-type-options
nosniff
accept-ch-lifetime
86400
p3p
CP="NOI DSP COR NID CUR PSA OUR NOR"
date
Mon, 06 Jan 2025 23:39:33 GMT
content-type
image/gif
access-control-allow-headers
*
cache-control
private, no-cache, no-store, max-age=0
timing-allow-origin
*
pragma
no-cache
accept-ch
DPR, Width, Viewport-Width, Downlink, Device-Memory, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version
access-control-allow-credentials
true
amp-access-control-allow-source-origin
*
access-control-allow-origin
*
content-length
43
server
nginx
1
mc.yandex.com/watch/1677322/
Redirect Chain
  • https://mc.yandex.com/watch/1677322?wmode=7&page-url=https%3A%2F%2Fgoo.su%2FKUrs34&nohit=1&charset=utf-8&cnt-class=1&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3Afqngs4ku2psd4e9m0lq0o0a6g7v%3Afu%3A0%3...
  • https://mc.yandex.com/watch/1677322/1?wmode=7&page-url=https%3A%2F%2Fgoo.su%2FKUrs34&nohit=1&charset=utf-8&cnt-class=1&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3Afqngs4ku2psd4e9m0lq0o0a6g7v%3Afu%3A0...
422 B
672 B
Fetch
General
Full URL
https://mc.yandex.com/watch/1677322/1?wmode=7&page-url=https%3A%2F%2Fgoo.su%2FKUrs34&nohit=1&charset=utf-8&cnt-class=1&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3Afqngs4ku2psd4e9m0lq0o0a6g7v%3Afu%3A0%3Aen%3Autf-8%3Ala%3Afi-FI%3Av%3A1551%3Acn%3A1%3Adp%3A0%3Als%3A450782897419%3Ahid%3A198549627%3Az%3A120%3Ai%3A20250107013932%3Aet%3A1736206772%3Ac%3A1%3Arn%3A241062570%3Au%3A1736206772647305997%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Aco%3A0%3Acpf%3A1%3Ans%3A1736206766963%3Arqnl%3A1%3Ast%3A1736206774%3At%3ARedirecting&t=clc%280-0-0%29aw%281%29rcm%281%29cdl%28na%29eco%28565312%29ti%281%29
Protocol
H2
Server
77.88.21.119 , Russian Federation, ASN13238 (YANDEX YANDEX LLC, RU),
Reverse DNS
mc.yandex.ru
Software
/
Resource Hash
b4fd545d2315a183d47fa0272d2a9be49f7de28c7b71a2197cbec69909a1b30f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://goo.su/

Response headers

strict-transport-security
max-age=31536000
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
pragma
no-cache
accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
access-control-allow-credentials
true
x-content-type-options
nosniff
expires
Mon, 06-Jan-2025 23:39:33 GMT
access-control-allow-origin
https://goo.su
content-length
422
x-xss-protection
1; mode=block
date
Mon, 06 Jan 2025 23:39:33 GMT
content-type
application/json; charset=utf-8
last-modified
Mon, 06-Jan-2025 23:39:33 GMT

Redirect headers

strict-transport-security
max-age=31536000
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
location
/watch/1677322/1?wmode=7&page-url=https%3A%2F%2Fgoo.su%2FKUrs34&nohit=1&charset=utf-8&cnt-class=1&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3Afqngs4ku2psd4e9m0lq0o0a6g7v%3Afu%3A0%3Aen%3Autf-8%3Ala%3Afi-FI%3Av%3A1551%3Acn%3A1%3Adp%3A0%3Als%3A450782897419%3Ahid%3A198549627%3Az%3A120%3Ai%3A20250107013932%3Aet%3A1736206772%3Ac%3A1%3Arn%3A241062570%3Au%3A1736206772647305997%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Aco%3A0%3Acpf%3A1%3Ans%3A1736206766963%3Arqnl%3A1%3Ast%3A1736206774%3At%3ARedirecting&t=clc%280-0-0%29aw%281%29rcm%281%29cdl%28na%29eco%28565312%29ti%281%29
accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
pragma
no-cache
access-control-allow-credentials
true
expires
Mon, 06-Jan-2025 23:39:33 GMT
access-control-allow-origin
https://goo.su
x-xss-protection
1; mode=block
date
Mon, 06 Jan 2025 23:39:33 GMT
last-modified
Mon, 06-Jan-2025 23:39:33 GMT
favicon-32x32.png
goo.su/img/favicons/
2 KB
3 KB
Other
General
Full URL
https://goo.su/img/favicons/favicon-32x32.png
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
172.67.139.105 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d6534b8e4fd6c8408559b3fcac1ce461c2edbbe9f3b81b72fd00acf00e025ef6

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://goo.su/KUrs34

Response headers

cf-cache-status
HIT
etag
"65885ced-989"
age
463729
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=dj9ZhYsw9U9%2B3QDCFNe3tqPd9YrWMazdiIgoyhkm8SzzGnPoDyu9po4jZ4CklzdBPt7evtq%2FLq8bEzMiQmrfxm6g%2BanxLSstHtkFh5YS4kSwBkzhLHJuWYU%3D"}],"group":"cf-nel","max_age":604800}
expires
Wed, 08 Jan 2025 14:50:44 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=TCP&rtt=44317&min_rtt=19880&rtt_var=17335&sent=45&recv=22&lost=0&retrans=0&sent_bytes=49057&recv_bytes=3527&delivery_rate=692969&cwnd=255&unsent_bytes=0&cid=fbaac1c16eb8f5fb&ts=6184&x=0"
date
Mon, 06 Jan 2025 23:39:33 GMT
content-type
image/png
last-modified
Sun, 24 Dec 2023 16:31:41 GMT
vary
Accept-Encoding
cache-control
max-age=604800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8fdf8c4edd8f7122-TLL
accept-ranges
bytes
content-length
2441
server
cloudflare
context.js
yandex.ru/ads/system/
0
0
Fetch
General
Full URL
https://yandex.ru/ads/system/context.js
Requested by
Host: privacy-cs.mail.ru
URL: https://privacy-cs.mail.ru/static/sync-loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
77.88.44.55 , Russian Federation, ASN13238 (YANDEX YANDEX LLC, RU),
Reverse DNS
yandex.ru
Software
/
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://goo.su/

Response headers

x-robots-tag
noindex, noarchive, nofollow
x-yandex-req-id
1736206774221719-13597682889018842529-balancer-l7leveler-kubr-yp-klg-252-BAL
cache-control
private, max-age=3600
timing-allow-origin
*
content-encoding
br
nel
{"report_to": "network-errors", "max_age": 100, "success_fraction": 0.001, "failure_fraction": 0.1}
accept-ch
Sec-CH-UA-Platform-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Platform, Sec-CH-UA-Full-Version, Viewport-Width, DPR, Device-Memory, RTT, Downlink, ECT, Width
etag
"191535807729285289c7874a72eb46c3-1183758"
report-to
{ "group": "network-errors", "max_age": 100, "endpoints": [{"url": "https://dr.yandex.net/nel", "priority": 1}, {"url": "https://dr2.yandex.net/nel", "priority": 2}]}
x-content-type-options
nosniff
expires
Tue, 07 Jan 2025 00:39:34 GMT
access-control-allow-origin
*
content-type
text/javascript; charset=utf-8
1
mc.yandex.com/watch/1677322/
43 B
74 B
Ping
General
Full URL
https://mc.yandex.com/watch/1677322/1?page-url=https%3A%2F%2Fgoo.su%2FKUrs34&charset=utf-8&cnt-class=1&uah=chm%0A%3F0&hittoken=1736206773_9037109adeeef9d1bed3cf078bf5bc71ba2dd0894f1af330525881d35d035f55&browser-info=pa%3A1%3Aar%3A1%3Avf%3Afqngs4ku2psd4e9m0lq0o0a6g7v%3Afu%3A0%3Aen%3Autf-8%3Ala%3Afi-FI%3Av%3A1551%3Acn%3A1%3Adp%3A1%3Als%3A450782897419%3Ahid%3A198549627%3Az%3A120%3Ai%3A20250107013933%3Aet%3A1736206774%3Ac%3A1%3Arn%3A681612069%3Arqn%3A1%3Au%3A1736206772647305997%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Afp%3A1627%3Ads%3A7%2C512%2C226%2C12%2C0%2C0%2C%2C862%2C0%2C6539%2C6540%2C0%2C1624%3Aco%3A0%3Acpf%3A1%3Ans%3A1736206766963%3Arqnl%3A1%3Ast%3A1736206774&t=mc(p-1-h-1)clc(0-0-0)rqnt(1)aw(1)rcm(1)cdl(na)eco(565312)ti(0)&force-urlencoded=1&site-info=%7B%22__ym%22%3A%7B%22adSessionID%22%3A%227859181736206769787%22%7D%7D
Requested by
Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/watch.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
77.88.21.119 , Russian Federation, ASN13238 (YANDEX YANDEX LLC, RU),
Reverse DNS
mc.yandex.ru
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://goo.su/

Response headers

strict-transport-security
max-age=31536000
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
pragma
no-cache
access-control-allow-credentials
true
expires
Mon, 06-Jan-2025 23:39:33 GMT
access-control-allow-origin
https://goo.su
content-length
43
x-xss-protection
1; mode=block
date
Mon, 06 Jan 2025 23:39:33 GMT
last-modified
Mon, 06-Jan-2025 23:39:33 GMT
content-type
image/gif
1677322
mc.yandex.com/watch/
43 B
75 B
Ping
General
Full URL
https://mc.yandex.com/watch/1677322?page-url=https%3A%2F%2Fgoo.su%2FKUrs34&charset=utf-8&cnt-class=1&uah=chm%0A%3F0&hittoken=1736206773_9037109adeeef9d1bed3cf078bf5bc71ba2dd0894f1af330525881d35d035f55&browser-info=pv%3A1%3Aar%3A1%3Avf%3Afqngs4ku2psd4e9m0lq0o0a6g7v%3Afu%3A0%3Aen%3Autf-8%3Ala%3Afi-FI%3Av%3A1551%3Acn%3A1%3Adp%3A1%3Als%3A450782897419%3Ahid%3A198549627%3Az%3A120%3Ai%3A20250107013933%3Aet%3A1736206774%3Ac%3A1%3Arn%3A967195021%3Arqn%3A2%3Au%3A1736206772647305997%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Aco%3A0%3Acpf%3A1%3Ans%3A1736206766963%3Arqnl%3A1%3Ast%3A1736206774%3At%3ARedirecting&t=mc(p-1-h-1)clc(0-0-0)rqnt(2)aw(1)rcm(1)cdl(na)eco(565312)ti(0)&force-urlencoded=1
Requested by
Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/watch.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
77.88.21.119 , Russian Federation, ASN13238 (YANDEX YANDEX LLC, RU),
Reverse DNS
mc.yandex.ru
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://goo.su/

Response headers

strict-transport-security
max-age=31536000
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
pragma
no-cache
accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
access-control-allow-credentials
true
expires
Mon, 06-Jan-2025 23:39:33 GMT
access-control-allow-origin
https://goo.su
content-length
43
x-xss-protection
1; mode=block
date
Mon, 06 Jan 2025 23:39:33 GMT
last-modified
Mon, 06-Jan-2025 23:39:33 GMT
content-type
image/gif
/
privacy-cs.mail.ru/fp/
0
0
Fetch
General
Full URL
https://privacy-cs.mail.ru/fp/?id=6uwSGeRY3ZnrezJHqhBKN
Requested by
Host: privacy-cs.mail.ru
URL: https://privacy-cs.mail.ru/static/sync-loader.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
95.163.52.89 , Russian Federation, ASN47764 (VK-AS LLC VK, RU),
Reverse DNS
r3.mail.ru
Software
nginx /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
application/json
Referer
https://goo.su/

Response headers

Transfer-Encoding
chunked
Cache-Control
max-age=7200
Timing-Allow-Origin
*
Connection
keep-alive
Access-Control-Allow-Credentials
true
Expires
Tue, 07 Jan 2025 01:39:35 GMT
Access-Control-Allow-Origin
https://goo.su
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSAo PSDo OUR BUS UNI NAV STA INT"
Date
Mon, 06 Jan 2025 23:39:35 GMT
Content-Type
application/octet-stream
Server
nginx

Verdicts & Comments Add Verdict or Comment

37 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| yandexContextAsyncCallbacks object| _tmr object| _top100q function| jQuery function| $ object| $insertQueued35531e73629$ boolean| //enduresopens.com/ttkXIvunodY/69489-8ba9-57fd object| 1bgbb027-3b87-ae67-26ar-hz150f600z16 object| strscrlobs number| process_1181279 number| process_1183523 function| $insertd35531e73629$ function| cnc object| pcode_1183758_default_5FxCQYEIlk object| Ya object| __activeTestIds object| __pcodeAllActiveTestIds number| pr function| AdFox_getCodeScript object| ya object| yaads object| yaSafeFrameCallbacksStorage boolean| isLoadingSafeframeStarted object| adfoxAsyncParams object| adfoxAsyncParamsScroll object| adfoxAsyncParamsAdaptive object| layoutConfig object| $sf object| yaSafeFrameAsyncCallbacks function| Kraken function| top100 object| top100Counter object| _top100 object| yaCounter1677322 number| rb_sync_refresh_time object| rb_sync

39 Cookies

Domain/Path Name / Value
goo.su/ Name: XSRF-TOKEN
Value: eyJpdiI6IkV0a2tmM0xlNlZUZ0lzZklkRzN3U3c9PSIsInZhbHVlIjoiQ0Zhb082YUxzSmNLSkJTeFZiVldMK21VK1FUa2ROOWROaXlxQ0owOUdIYlZDZytIQk1qWDd1OFVWNGN0bHo2VmVGc2VUYlgvUzBiMDN6L3ZoMXBpRU5wd0hpTTJMU3pXUHNyVEZlMnBhNkdVY0FpYnA2SkgycUE3V2d3VVI4b24iLCJtYWMiOiJiOTZkMDVmOGEyMjVlZTU3ZmRlYTkxNWViMTUxMmY3YmNlMjgxZTMyM2I4YTYzNWFjOGUzOWU3MmYxMTE1NTA5IiwidGFnIjoiIn0%3D
goo.su/ Name: goosu_session
Value: eyJpdiI6IkQvaDl6aHNmVE5nMjVZL0ptVzA2YVE9PSIsInZhbHVlIjoiRkRlTXBQOFRnbm1IZXVqQ1VmbUZWdGRZZExxa05VS2k3bjFOUmtPa0Fxc1pTdVZLOHd2RUpZTEpJaFFMNUppUnBTaENHRFl3UUU2bWIxRTJiaVRYb05KakI0MXZqc3lLWGt2VlVmSHlHTHNJaXdJbCtwa2xvVDZmNHcraEtZQVoiLCJtYWMiOiI5ODczMWYwZDNlMWUwYTQyNTE1OTE5NDU3NGI3NjA5MDYzM2JjZTkxODg5NmU0Zjg1NmIyNjY3YmZkMjc0MWY4IiwidGFnIjoiIn0%3D
enduresopens.com/ Name: GL_UI4
Value: eJw9jd1Og0AQhaGwtNWCTsID%2BAhQQrWXxlvfgQzMQNfCTrNsqb69q4lenZ98OScIglX%2BAOGSbCG6Yg1PWJZ9TfhcVYeu5z3vezrWBVZ0PLz01Baw1XPjsB3ZxbCZJ7SucUsMu4ENW901nRCn8Oipv%2BZs5GZiUK1FQymoyRNjCuvWym1mm0cQG5wYkreTFa9qwg%2BxEJVV6b023ocFrGTOo%2BwO1Ls2189slwRZlgRwfxnR9WKnRpOParBIDOErbDp0PIj9gjXxfHZyAZCRmn%2F%2B91ONP2uQEC%2B681Hcie03KUxO%2BA%3D%3D
enduresopens.com/ Name: GL_GI10
Value: eJw1y0EKwjAQBdBkFikFu%2FjYA3iCaCqCWSsFwYVgLzC2QYLpGFLx%2FK58%2B6eUonYFihmN83vb7bw9dNYfoZ%2Bg%2FgIaBVUfJbFM0AXkHKgI6lssL5aZGXpENfCcQwnQEc0QUuTN%2F5AsqE%2F8SGF7vl%2Bhs1Ggz9sQaJlaBf016x%2BQjR4P
.yandex.ru/ Name: i
Value: BPu3JJJKvzLdbXi9KAoAMJG2/W/c0rBJ4r6Cb9y+cMHIyk9kiv4EkZbJNA3GH1MIMzl+pjSBo7EdskrwRLdvHVXtX/s=
.yandex.ru/ Name: yandexuid
Value: 5241451051736206769
.yandex.ru/ Name: yashr
Value: 6080299621736206769
.yandex.ru/ Name: bh
Value: YLHT8bsGahncyumIDvKst6UL+/rw5w3r//32D6SYzYcI
enduresopens.com/ Name: GL_CA_69489
Value: eJxjYGBgEmHiYhDatUiESZAxmY1RkLGEK70mcyNIbIkIEx8DGyMfI1gEAJqmCGs%3D
hellerraucous.top/ Name: GL_UI4
Value: eJw9jd1Og0AQhaGwtNWCTsID%2BAhQQrWXxlvfgQzMQNfCTrNsqb69q4lenZ98OScIglX%2BAOGSbCG6Yg1PWJZ9TfhcVYeu5z3vezrWBVZ0PLz01Baw1XPjsB3ZxbCZJ7SucUsMu4ENW901nRCn8Oipv%2BZs5GZiUK1FQymoyRNjCuvWym1mm0cQG5wYkreTFa9qwg%2BxEJVV6b023ocFrGTOo%2BwO1Ls2189slwRZlgRwfxnR9WKnRpOParBIDOErbDp0PIj9gjXxfHZyAZCRmn%2F%2B91ONP2uQEC%2B681Hcie03KUxO%2BA%3D%3D
hellerraucous.top/ Name: GL_GI10
Value: eJw1y0EKwjAQBdBkFikFu%2FjYA3iCaCqCWSsFwYVgLzC2QYLpGFLx%2FK58%2B6eUonYFihmN83vb7bw9dNYfoZ%2Bg%2FgIaBVUfJbFM0AXkHKgI6lssL5aZGXpENfCcQwnQEc0QUuTN%2F5AsqE%2F8SGF7vl%2Bhs1Ggz9sQaJlaBf016x%2BQjR4P
.captorbaryton.com/ Name: a97fa794a0f9
Value: 672fd301e523b14fd96a62
.yadro.ru/ Name: FTID
Value: 1dV6co1w5Hux1dV6co003IQx
.goo.su/ Name: tmr_lvid
Value: 4ff26271c6ea561d022d07cfd21aed10
.goo.su/ Name: tmr_lvidTS
Value: 1736206770250
.yadro.ru/ Name: VID
Value: 1sk7HN2mPk8x1dV6co003CF2
.yandex.ru/ Name: yuidss
Value: 5241451051736206769
.yandex.ru/ Name: receive-cookie-deprecation
Value: 1
.goo.su/ Name: adtech_uid
Value: e73dd41a-13cc-4c90-b1d1-33c14027f353%3Agoo.su
yc.beckieintrate.top/ Name: GL_UI4
Value: eJw9jd1Og0AQhaGwtNWCTsID%2BAhQQrWXxlvfgQzMQNfCTrNsqb69q4lenZ98OScIglX%2BAOGSbCG6Yg1PWJZ9TfhcVYeu5z3vezrWBVZ0PLz01Baw1XPjsB3ZxbCZJ7SucUsMu4ENW901nRCn8Oipv%2BZs5GZiUK1FQymoyRNjCuvWym1mm0cQG5wYkreTFa9qwg%2BxEJVV6b023ocFrGTOo%2BwO1Ls2189slwRZlgRwfxnR9WKnRpOParBIDOErbDp0PIj9gjXxfHZyAZCRmn%2F%2B91ONP2uQEC%2B681Hcie03KUxO%2BA%3D%3D
yc.beckieintrate.top/ Name: GL_GI10
Value: eJw1y0EKwjAQBdBkFikFu%2FjYA3iCaCqCWSsFwYVgLzC2QYLpGFLx%2FK58%2B6eUonYFihmN83vb7bw9dNYfoZ%2Bg%2FgIaBVUfJbFM0AXkHKgI6lssL5aZGXpENfCcQwnQEc0QUuTN%2F5AsqE%2F8SGF7vl%2Bhs1Ggz9sQaJlaBf016x%2BQjR4P
.goo.su/ Name: top100_id
Value: t1.6673155.403958671.1736206771210
.goo.su/ Name: t3_sid_6673155
Value: s1.395080231.1736206771211.1736206771212.1.1
goo.su/ Name: tmr_detect
Value: 0%7C1736206772509
goo.su/ Name: domain_sid
Value: 6uwSGeRY3ZnrezJHqhBKN%3A1736206772788
.yandex.com/ Name: yashr
Value: 5859877791736206773
.mc.yandex.com/ Name: sync_cookie_csrf
Value: 3575527325fake
.mc.yandex.ru/ Name: sync_cookie_csrf
Value: 3927103377fake
.yandex.com/ Name: yandexuid
Value: 5241451051736206769
.yandex.com/ Name: yuidss
Value: 5241451051736206769
.yandex.com/ Name: i
Value: BPu3JJJKvzLdbXi9KAoAMJG2/W/c0rBJ4r6Cb9y+cMHIyk9kiv4EkZbJNA3GH1MIMzl+pjSBo7EdskrwRLdvHVXtX/s=
.yandex.com/ Name: yp
Value: 1736293173.yu.7180253251736206773
.mc.yandex.com/ Name: sync_cookie_ok
Value: synced
top-fwz1.mail.ru/ Name: PVID
Value: 3bK50609B_IT00002U0zDKoT:::0-0-0-c96c272-0-c96c275:CAASEAMbF6WvWa6ADxdzdt2gFN4aYF2WHS5hL3bblpf7y9eUkeM1Aruo08gwDXSm1zfXrmzUjxxjb8VxCo0z9aMVx23j3gThC_YBo4zF29OWmpGEJ3kjCBMQX1zmuvCYfYGQkOBmPEfhZ5asYEUVsnrtrgQdKg
.mail.ru/ Name: VID
Value: 3bK50609B_IT00002U0zDKoT:::0-0-0-c96c272-0-c96c275:CAASEAMbF6WvWa6ADxdzdt2gFN4aYF2WHS5hL3bblpf7y9eUkeM1Aruo08gwDXSm1zfXrmzUjxxjb8VxCo0z9aMVx23j3gThC_YBo4zF29OWmpGEJ3kjCBMQX1zmuvCYfYGQkOBmPEfhZ5asYEUVsnrtrgQdKg
mc.yandex.com/ Name: yabs-sid
Value: 1195309721736206773
.yandex.com/ Name: ymex
Value: 1738798773.oyu.7180253251736206773#1767742773.yrts.1736206773
.yandex.com/ Name: receive-cookie-deprecation
Value: 1
.yandex.com/ Name: bh
Value: KgI/MGC10/G7Bg==

8 Console Messages

Source Level URL
Text
rendering warning URL: https://goo.su/KUrs34
Message:
[GroupMarkerNotSet(crbug.com/242999)!:A0307802DC1A0000]Automatic fallback to software WebGL has been deprecated. Please use the --enable-unsafe-swiftshader flag to opt in to lower security guarantees for trusted content.
rendering warning URL: https://goo.su/KUrs34
Message:
[GroupMarkerNotSet(crbug.com/242999)!:A0007802DC1A0000]Automatic fallback to software WebGL has been deprecated. Please use the --enable-unsafe-swiftshader flag to opt in to lower security guarantees for trusted content.
rendering warning URL: https://goo.su/KUrs34
Message:
[GroupMarkerNotSet(crbug.com/242999)!:A000D403DC1A0000]Automatic fallback to software WebGL has been deprecated. Please use the --enable-unsafe-swiftshader flag to opt in to lower security guarantees for trusted content.
javascript info URL: https://privacy-cs.mail.ru/static/sync-loader.js(Line 4)
Message:
WebGPU is experimental on this platform. See https://github.com/gpuweb/gpuweb/wiki/Implementation-Status#implementation-status
rendering warning URL: https://privacy-cs.mail.ru/static/sync-loader.js(Line 4)
Message:
Failed to create WebGPU Context Provider
other warning URL: https://privacy-cs.mail.ru/static/sync-loader.js(Line 4)
Message:
Failed to parse video contentType: video/ogg; codecs=theora
rendering warning URL: https://goo.su/KUrs34
Message:
[GroupMarkerNotSet(crbug.com/242999)!:A0601D00DC1A0000]Automatic fallback to software WebGL has been deprecated. Please use the --enable-unsafe-swiftshader flag to opt in to lower security guarantees for trusted content.
rendering warning URL: https://goo.su/KUrs34
Message:
[GroupMarkerNotSet(crbug.com/242999)!:A060B61BDC1A0000]Automatic fallback to software WebGL has been deprecated. Please use the --enable-unsafe-swiftshader flag to opt in to lower security guarantees for trusted content.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

an.yandex.ru
captorbaryton.com
counter.yadro.ru
enduresopens.com
fonts.googleapis.com
fonts.gstatic.com
goo.su
hellerraucous.top
kraken.rambler.ru
mc.yandex.com
mc.yandex.ru
privacy-cs.mail.ru
reshowsvole.shop
richinfo.co
rtb.pushdom.co
st.top100.ru
top-fwz1.mail.ru
www.gstatic.com
yandex.ru
yastatic.net
yc.beckieintrate.top
142.250.185.131
142.250.185.163
151.236.71.248
162.19.19.15
172.255.103.103
172.255.103.105
172.67.139.105
178.154.131.215
213.180.204.90
216.58.206.42
23.109.170.101
23.109.170.167
31.204.132.207
5.200.15.240
77.88.21.119
77.88.44.55
81.19.89.17
87.250.251.119
88.212.202.52
95.163.52.67
95.163.52.89
0043f89180ccb535cc29be0ebcb83346e380b2e9f94078e1c5fdf598567831b2
033696b7f1ac04d1dcc102be84550e146236ceffc25a6cabc12aa51a6ee410b9
06567e87d178c726953d001e9cf551e9d7e67880f9f4ef35cba7a0b24d901728
08b83f02859328aabb9acea9370d600ffe739d9e2c251b6668b6f6ff56a2e1d1
0e7e3045519beaff2095d4a64b8dfb1b581013eb5b8f4b3549983c69abe7139b
1083e15f17276402d259f207d321498179dac9996221d7945ac21055bb7bf2f4
1acf00991a891d83b575af94893541cf2fbcb1653e9aecef35df6bc118433e7c
23428c6301061ebb006b127c5841235122a23672f0041d08a9518520795a1bde
24e480e4659fbae818853a38f8a3036f529f539024dc3e772c0b594ce02ea9db
34806ef573086241dd1a596a860b0295b51c24f1c37eab36eb9d0665683abb55
3bf1884744ea048b3d883b6d32a427b6f0f638abdb8dc203bfb24b75610e2cef
52a8d3417ef880bed0286137f27374248962272a0872cbedae0e61dd38b1a5bd
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
557f3d629cbf8c40716f4c9d7c0147dc3f904ab7bc90b75b43bdf46ff79aad51
562313c47256e8e245a6f9580444977088dd4b1489e116822ca842c54949a3d9
5e5ebd5298cb9dab18bda0c5076bb0c3422876cd52d442f2ff93564c071d786c
719d2fc548145fa8d8361205f6fcb49eefc54c71fbb18e6320a60a263f40637a
7ad6ba8d8a6cf114a9b423418072f1c23b2aad56f192797208d8ead349f49577
7f4a0f4b45b8c93a7662873d02abba721a6652e35e2c9514df49011fb689076c
80fc30ac502073424612abfe45f0db2859aa92ce62a411b63367a7a380fe95c0
89978e658e840b927dddb5cb3a835c7d8526ece79933bd9f3096b301fe1a8571
8b02c4db7b51bd658027ebf5e05cfc9e5c9dfe9bc4a9bd0c5840488f8a2015aa
950d3ea33a52e3b63868c32fe075b221b10ca5aa31a98b180d7182213c7b8ea1
9ac92dd22b771410a6944726d1ed1fd7a7faaf239c2d80eab0bc1233e6ce95d2
9c9f8b92b3df03f1d2e8a9a5f1538ec70feaf60db86eb57b7e223ce1be93dbff
b4fd545d2315a183d47fa0272d2a9be49f7de28c7b71a2197cbec69909a1b30f
c28064598de8d36d4f19bffbf443141ede3879ae7f59a3df2aafad3f92afe93c
c7a987be3cbd97bc18f5c4dac63af0993a04e647ee2504812471192f423e591d
cdc9f17e47e9bbe67f5eace6a2980bc26dda093b18798cf16f56636af8b14398
d6534b8e4fd6c8408559b3fcac1ce461c2edbbe9f3b81b72fd00acf00e025ef6
dcc1643bbb30485235761e58faad3153ca92327592f070b727a86dab61fa256e
e10cd8d343f9c37e3500c69d92f7ac7e78b6c7df29a2ace8cffe71bfa494e8c9
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e7af9d60d875eb1c1b1037bbbfdec41fcb096d0ebcf98a48717ad8b07906ced6
ef998bdd10867e538748dc0e21ff46fb06756d6414a78c3273b5a4d4d958255e
f44fd5d3e4ef91db81aa29db7216c4ab17feada8c779fc168e3d13364136610a
fa8ce0f9f5d78718935551066be8ab1e59b330c14c95c5e0a876ccc3ab6e5391
fbdab044f47d62e0cd433e48dc314587a188268361fde3fa8aa1a93d04114944
fda0897f4cdbbab911245c9ebaa4885f54a7e572b8c9b071dc976d1d27cab1a6