urlscan.io logo urlscan.io
SecurityTrails logo

goo.su Open in urlscan Pro
104.21.38.221  Public Scan

Go To Rescan Add Verdict Report
URL: https://goo.su/wbZfxfi
Submission: On May 04 via manual from IS — Scanned from IS
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 26 IPs in 10 countries across 40 domains to perform 102 HTTP transactions. The main IP is 104.21.38.221, located in and belongs to CLOUDFLARENET, US. The main domain is goo.su. The Cisco Umbrella rank of the primary domain is 575351.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on July 15th 2021. Valid for: a year.
This is the only time goo.su was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
4 104.21.38.221 13335 (CLOUDFLAR...)
2 142.250.185.138 15169 (GOOGLE)
12 48 213.180.193.90 13238 (YANDEX)
4 217.69.133.145 47764 (MAILRU-AS...)
2 3 88.212.201.216 39134 (UNITEDNET)
1 81.19.89.18 24638 (RAMBLER-T...)
3 142.250.186.35 15169 (GOOGLE)
3 81.19.89.16 24638 (RAMBLER-T...)
6 178.154.131.216 13238 (YANDEX)
1 9 93.158.134.119 13238 (YANDEX)
7 87.250.247.184 13238 (YANDEX)
1 87.250.250.114 13238 (YANDEX)
3 4 95.217.109.66 24940 (HETZNER-AS)
2 81.222.128.215 20597 (ELTEL-AS)
2 2 185.15.175.131 43226 (SAFEDATA ...)
1 1 188.72.107.194 208677 (SBERCLOUD-AS)
1 1 188.72.107.228 208677 (SBERCLOUD-AS)
2 2 89.108.120.76 197695 (AS-REG)
2 2 95.216.101.186 24940 (HETZNER-AS)
2 2 35.190.24.218 15169 (GOOGLE)
1 1 91.192.149.14 42481 (BEGUN-AS)
1 2 52.31.67.18 16509 (AMAZON-02)
2 2 37.18.16.22 205675 (HYBRID-AS)
1 1 194.226.130.229 52016 (TNSMSK-)
2 2 136.243.48.22 24940 (HETZNER-AS)
1 1 148.251.237.106 24940 (HETZNER-AS)
6 6 142.250.185.194 15169 (GOOGLE)
1 82.145.213.8 39832 (NO-OPERA)
3 4 188.42.191.196 7979 (SERVERS-COM)
1 1 81.163.17.245 49505 (SELECTEL)
2 2 217.66.147.165 29209 (SPBMTS-AS...)
1 1 213.87.44.187 13174 (MTSNET Mo...)
1 31.172.81.160 44066 (DE-FIRSTC...)
1 1 31.220.27.134 39572 (ADVANCEDH...)
2 2 194.190.76.44 48061 (UMA-TECH-AS)
1 1 148.251.156.238 24940 (HETZNER-AS)
1 1 217.65.2.150 3175 (CITYTELEC...)
1 195.201.152.110 24940 (HETZNER-AS)
1 5.255.255.60 13238 (YANDEX)
2 2 130.185.144.4 ()
1 172.64.144.99 ()
2 3 142.250.186.130 15169 (GOOGLE)
2 6 142.250.185.162 15169 (GOOGLE)
2 6 142.250.185.228 15169 (GOOGLE)
6 142.250.184.227 ()
102 26
4    104.21.38.221 (None, )

ASN13335 (CLOUDFLARENET, US)
goo.su
2    142.250.185.138 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f10.1e100.net
fonts.googleapis.com
48    213.180.193.90 (Russian Federation)

ASN13238 (YANDEX, RU)
PTR: bs.yandex.ru
an.yandex.ru
4    217.69.133.145 (Russian Federation)

ASN47764 (MAILRU-AS Mail.Ru, RU)
PTR: top-fwz1.mail.ru
top-fwz1.mail.ru
3    88.212.201.216 (Russian Federation)

ASN39134 (UNITEDNET, RU)
PTR: host216.rax.ru
counter.yadro.ru
1    81.19.89.18 (Moscow, Russian Federation)

ASN24638 (RAMBLER-TELECOM-AS, RU)
PTR: kraken.rambler.ru
st.top100.ru
3    142.250.186.35 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f3.1e100.net
fonts.gstatic.com
3    81.19.89.16 (Moscow, Russian Federation)

ASN24638 (RAMBLER-TELECOM-AS, RU)
PTR: kraken.rambler.ru
kraken.rambler.ru
6    178.154.131.216 (Russian Federation)

ASN13238 (YANDEX, RU)
PTR: static.yandex.net
yastatic.net
9    93.158.134.119 (Russian Federation)

ASN13238 (YANDEX, RU)
PTR: mc.yandex.ru
mc.yandex.ru
7    87.250.247.184 (Russian Federation)

ASN13238 (YANDEX, RU)
PTR: avatars.mds.yandex.net
avatars.mds.yandex.net
1    87.250.250.114 (Russian Federation)

ASN13238 (YANDEX, RU)
PTR: ysa-static.passport.yandex.net
ysa-static.passport.yandex.ru
4    95.217.109.66 (Helsinki, Finland)

ASN24940 (HETZNER-AS, DE)
PTR: static.66.109.217.95.clients.your-server.de
sonar.semantiqo.com
cdn3.caltat.com
sync.magnitent.com
2    81.222.128.215 (Russian Federation)

ASN20597 (ELTEL-AS, RU)
PTR: ad15.adriver.ru
ssp.adriver.ru
2    185.15.175.131 (Russian Federation)

ASN43226 (SAFEDATA Uplinks, RU)
dmg.digitaltarget.ru
1    188.72.107.194 (Paris, France)

ASN208677 (SBERCLOUD-AS, RU)
yandex-dmp-sync.rutarget.ru
1    188.72.107.228 (Paris, France)

ASN208677 (SBERCLOUD-AS, RU)
yandex-sync.rutarget.ru
2    89.108.120.76 (Russian Federation)

ASN197695 (AS-REG, RU)
PTR: d51804.reg.regrucolo.ru
x01.aidata.io
2    95.216.101.186 (Helsinki, Finland)

ASN24940 (HETZNER-AS, DE)
PTR: static.186.101.216.95.clients.your-server.de
sync.1dmp.io
2    35.190.24.218 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 218.24.190.35.bc.googleusercontent.com
redirect.frontend.weborama.fr
1    91.192.149.14 (Russian Federation)

ASN42481 (BEGUN-AS, RU)
PTR: zvezda.ssp.rambler.ru
profile.ssp.rambler.ru
2    52.31.67.18 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-31-67-18.eu-west-1.compute.amazonaws.com
dpm.demdex.net
2    37.18.16.22 (Russian Federation)

ASN205675 (HYBRID-AS, DE)
dm.hybrid.ai
1    194.226.130.229 (Russian Federation)

ASN52016 (TNSMSK-, RU)
cm.tns-counter.ru
2    136.243.48.22 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: prod-hzeu-bidder-22.community.moscow
sync.upravel.com
1    148.251.237.106 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: prod-hzeu-bidder-1.community.moscow
003c8bda-9ab2-4607-adff-33b61d6edbd0.sync.upravel.com
6    142.250.185.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s52-in-f2.1e100.net
cm.g.doubleclick.net
1    82.145.213.8 (Norway)

ASN39832 (NO-OPERA, NO)
PTR: n-sysadmin-jumpbox-03.feednews.opera.technology
t.adx.opera.com
4    188.42.191.196 (Luxembourg)

ASN7979 (SERVERS-COM, US)
ads.betweendigital.com
1    81.163.17.245 (Russian Federation)

ASN49505 (SELECTEL, RU)
mitdmp.whiteboxdigital.ru
2    217.66.147.165 (St Petersburg, Russian Federation)

ASN29209 (SPBMTS-AS Malaya Monetnaya Street 2-A, RU)
PTR: host-165-147-66-217.spbmts.ru
sm.rtb.mts.ru
1    213.87.44.187 (Russian Federation)

ASN13174 (MTSNET Moscow, Russia, RU)
PTR: infrastructure-187-44.mts.ru
tech.rtb.mts.ru
1    31.172.81.160 (Germany)

ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE)
sync.bumlam.com
1    31.220.27.134 (Amsterdam, Netherlands)

ASN39572 (ADVANCEDHOSTERS-AS, NL)
s.uuidksinc.net
2    194.190.76.44 (Russian Federation)

ASN48061 (UMA-TECH-AS, RU)
PTR: hosting.adhigh.net
px.adhigh.net
1    148.251.156.238 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.238.156.251.148.clients.your-server.de
exchange.buzzoola.com
1    217.65.2.150 (Moscow, Russian Federation)

ASN3175 (CITYTELECOM-MSK, RU)
match.new-programmatic.com
1    195.201.152.110 (Gunzenhausen, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.110.152.201.195.clients.your-server.de
sync.dmp.otm-r.com
1    5.255.255.60 (Russian Federation)

ASN13238 (YANDEX, RU)
PTR: yandex.ru
yandex.ru
2    130.185.144.4 (None, )

ASN- ()
istlnkcl.com
clicks.istripper.com
1    172.64.144.99 (None, )

ASN- ()
www.istripper.com
3    142.250.186.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f2.1e100.net
www.googleadservices.com
6    142.250.185.162 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s51-in-f2.1e100.net
googleads.g.doubleclick.net
6    142.250.185.228 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f4.1e100.net
www.google.com
6    142.250.184.227 (None, )

ASN- ()
www.google.is
Apex Domain
Subdomains		 Transfer
59 yandex.ru
an.yandex.ru — Cisco Umbrella Rank: 3120
mc.yandex.ru — Cisco Umbrella Rank: 2327
ysa-static.passport.yandex.ru — Cisco Umbrella Rank: 18731
yandex.ru — Cisco Umbrella Rank: 1168
266 KB
12 doubleclick.net
cm.g.doubleclick.net — Cisco Umbrella Rank: 289
googleads.g.doubleclick.net — Cisco Umbrella Rank: 65
7 KB
7 yandex.net
avatars.mds.yandex.net — Cisco Umbrella Rank: 5041
132 KB
6 google.is
www.google.is
1 KB
6 google.com
www.google.com — Cisco Umbrella Rank: 20
1 KB
6 yastatic.net
yastatic.net — Cisco Umbrella Rank: 4093
180 KB
4 betweendigital.com
ads.betweendigital.com — Cisco Umbrella Rank: 2385
3 KB
4 rambler.ru
kraken.rambler.ru — Cisco Umbrella Rank: 20940
profile.ssp.rambler.ru — Cisco Umbrella Rank: 29349
2 KB
4 mail.ru
top-fwz1.mail.ru — Cisco Umbrella Rank: 6946
14 KB
4 goo.su
goo.su — Cisco Umbrella Rank: 575351
125 KB
3 googleadservices.com
www.googleadservices.com — Cisco Umbrella Rank: 126
16 KB
3 mts.ru
sm.rtb.mts.ru — Cisco Umbrella Rank: 23965
tech.rtb.mts.ru — Cisco Umbrella Rank: 24275
2 KB
3 upravel.com
sync.upravel.com — Cisco Umbrella Rank: 25606
003c8bda-9ab2-4607-adff-33b61d6edbd0.sync.upravel.com
2 KB
3 gstatic.com
fonts.gstatic.com
42 KB
3 yadro.ru
counter.yadro.ru — Cisco Umbrella Rank: 5873
2 KB
2 istripper.com
clicks.istripper.com
www.istripper.com
996 B
2 adhigh.net
px.adhigh.net — Cisco Umbrella Rank: 9014
813 B
2 hybrid.ai
dm.hybrid.ai — Cisco Umbrella Rank: 23860
793 B
2 demdex.net
dpm.demdex.net — Cisco Umbrella Rank: 283
2 KB
2 weborama.fr
redirect.frontend.weborama.fr — Cisco Umbrella Rank: 9741
585 B
2 1dmp.io
sync.1dmp.io — Cisco Umbrella Rank: 12199
1022 B
2 aidata.io
x01.aidata.io — Cisco Umbrella Rank: 11546
1 KB
2 rutarget.ru
yandex-dmp-sync.rutarget.ru — Cisco Umbrella Rank: 51234
yandex-sync.rutarget.ru — Cisco Umbrella Rank: 51112
837 B
2 digitaltarget.ru
dmg.digitaltarget.ru — Cisco Umbrella Rank: 17732
1 KB
2 adriver.ru
ssp.adriver.ru — Cisco Umbrella Rank: 11951
402 B
2 semantiqo.com
sonar.semantiqo.com — Cisco Umbrella Rank: 47894
1 KB
2 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 111
2 KB
1 istlnkcl.com
istlnkcl.com
1020 B
1 otm-r.com
sync.dmp.otm-r.com — Cisco Umbrella Rank: 13663
69 B
1 new-programmatic.com
match.new-programmatic.com — Cisco Umbrella Rank: 24909
278 B
1 buzzoola.com
exchange.buzzoola.com — Cisco Umbrella Rank: 15423
178 B
1 uuidksinc.net
s.uuidksinc.net — Cisco Umbrella Rank: 3992
204 B
1 bumlam.com
sync.bumlam.com — Cisco Umbrella Rank: 4233
390 B
1 whiteboxdigital.ru
mitdmp.whiteboxdigital.ru — Cisco Umbrella Rank: 17086
785 B
1 opera.com
t.adx.opera.com — Cisco Umbrella Rank: 3181
410 B
1 tns-counter.ru
cm.tns-counter.ru — Cisco Umbrella Rank: 52669
388 B
1 magnitent.com
sync.magnitent.com — Cisco Umbrella Rank: 162228
677 B
1 caltat.com
cdn3.caltat.com — Cisco Umbrella Rank: 141461
336 B
1 top100.ru
st.top100.ru — Cisco Umbrella Rank: 24425
62 KB
0 acint.net Failed
acint.net Failed
102 40
Domain Requested by
48 an.yandex.ru 12 redirects goo.su
an.yandex.ru
9 mc.yandex.ru 1 redirects an.yandex.ru
mc.yandex.ru
yastatic.net
7 avatars.mds.yandex.net goo.su
6 www.google.is
6 www.google.com 2 redirects
6 googleads.g.doubleclick.net 2 redirects www.googleadservices.com
6 cm.g.doubleclick.net 6 redirects
6 yastatic.net an.yandex.ru
yastatic.net
goo.su
4 ads.betweendigital.com 3 redirects
4 top-fwz1.mail.ru goo.su
top-fwz1.mail.ru
4 goo.su goo.su
3 www.googleadservices.com 2 redirects yastatic.net
3 kraken.rambler.ru st.top100.ru
goo.su
3 fonts.gstatic.com fonts.googleapis.com
3 counter.yadro.ru 2 redirects goo.su
2 px.adhigh.net 2 redirects
2 sm.rtb.mts.ru 2 redirects
2 sync.upravel.com 2 redirects
2 dm.hybrid.ai 2 redirects
2 dpm.demdex.net 1 redirects
2 redirect.frontend.weborama.fr 2 redirects
2 sync.1dmp.io 2 redirects
2 x01.aidata.io 2 redirects
2 dmg.digitaltarget.ru 2 redirects
2 ssp.adriver.ru goo.su
2 sonar.semantiqo.com 2 redirects
2 fonts.googleapis.com goo.su
1 www.istripper.com goo.su
1 clicks.istripper.com 1 redirects
1 istlnkcl.com 1 redirects
1 yandex.ru yastatic.net
1 sync.dmp.otm-r.com goo.su
1 match.new-programmatic.com 1 redirects
1 exchange.buzzoola.com 1 redirects
1 s.uuidksinc.net 1 redirects
1 sync.bumlam.com goo.su
1 tech.rtb.mts.ru 1 redirects
1 mitdmp.whiteboxdigital.ru 1 redirects
1 t.adx.opera.com goo.su
1 003c8bda-9ab2-4607-adff-33b61d6edbd0.sync.upravel.com 1 redirects
1 cm.tns-counter.ru 1 redirects
1 profile.ssp.rambler.ru 1 redirects
1 yandex-sync.rutarget.ru 1 redirects
1 yandex-dmp-sync.rutarget.ru 1 redirects
1 sync.magnitent.com
1 cdn3.caltat.com 1 redirects
1 ysa-static.passport.yandex.ru goo.su
1 st.top100.ru goo.su
0 acint.net Failed goo.su
102 49

This site contains no links.

Subject Issuer Validity Valid
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2021-07-15 -
2022-07-14		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2022-04-11 -
2022-07-04		 3 months crt.sh
bs.yandex.ru
Yandex CA		 2021-11-17 -
2022-05-18		 6 months crt.sh
*.mail.ru
GeoTrust ECC CA 2018		 2021-10-15 -
2022-11-15		 a year crt.sh
*.top100.ru
RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1		 2022-02-03 -
2023-02-14		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2022-04-18 -
2022-07-11		 3 months crt.sh
*.rambler.ru
RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1		 2021-05-20 -
2022-05-19		 a year crt.sh
*.yastatic-net.ru
GlobalSign ECC OV SSL CA 2018		 2022-04-01 -
2022-09-29		 6 months crt.sh
mc.yandex.ru
Yandex CA		 2021-12-22 -
2022-06-03		 5 months crt.sh
*.avatars.yandex.net
GlobalSign RSA OV SSL CA 2018		 2022-03-04 -
2023-04-05		 a year crt.sh
ysa-static.passport.yandex.net
GlobalSign ECC OV SSL CA 2018		 2022-03-04 -
2023-04-05		 a year crt.sh
*.adriver.ru
GlobalSign GCC R3 DV TLS CA 2020		 2022-04-05 -
2023-04-05		 a year crt.sh
*.bumlam.com
R3		 2022-03-04 -
2022-06-02		 3 months crt.sh
sync.dmp.otm-r.com
Sectigo RSA Domain Validation Secure Server CA		 2021-05-18 -
2022-06-18		 a year crt.sh
yandex.ru
Yandex CA		 2022-02-17 -
2022-08-16		 6 months crt.sh
www.googleadservices.com
GTS CA 1C3		 2022-04-11 -
2022-07-04		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2022-04-11 -
2022-07-04		 3 months crt.sh
www.google.com
GTS CA 1C3		 2022-04-11 -
2022-07-04		 3 months crt.sh
*.google.is
GTS CA 1C3		 2022-04-18 -
2022-07-11		 3 months crt.sh

This page contains 2 frames:

Frame: https://www.istripper.com/
Frame ID: D2DC84E1E23B7FBB5E79AD396D35893D
Requests: 45 HTTP requests in this frame

Frame: https://yastatic.net/safeframe-bundles/0.83/1-1-0/render.html
Frame ID: C70F54097FD2D12D0FEE379A2E847AF2
Requests: 53 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Detected technologies

Overall confidence: 100%
Detected patterns
  • https?://an\.yandex\.ru/
Overall confidence: 100%
Detected patterns
  • mc\.yandex\.ru/metrika/(?:tag|watch)\.js

Page Statistics

102
Requests

71 %
HTTPS

0 %
IPv6

40
Domains

49
Subdomains

26
IPs

10
Countries

847 kB
Transfer

2233 kB
Size

59
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 7
  • https://counter.yadro.ru/hit?t44.11;r;s1600*1200*24;uhttps%3A//goo.su/wbZfxfi;hRedirecting...;0.561437088208834 HTTP 302
  • https://counter.yadro.ru/hit?q;t44.11;r;s1600*1200*24;uhttps%3A//goo.su/wbZfxfi;hRedirecting...;0.561437088208834
Request Chain 39
  • https://sonar.semantiqo.com/dmp/scr.php HTTP 302
  • https://counter.yadro.ru/id127/reff-id.gif?sid=2a035a65230a40bd96f7d043664e6483 HTTP 302
  • https://sonar.semantiqo.com/fbfli/data_sess_sync.php?spid=1632359CEC9984A0&sid=2a035a65230a40bd96f7d043664e6483 HTTP 302
  • https://cdn3.caltat.com/fbfc504c-89b0-4a80-bef4-c8e39daeee6f/sess.php?sid=2a035a65230a40bd96f7d043664e6483&spid=1632359CEC9984A0&v= HTTP 302
  • https://sync.magnitent.com/fbfli/ct_sync.php?ct=f5169240b838469b8c58ce988aafd775&sonar=2a035a65230a40bd96f7d043664e6483&spid=1632359CEC9984A0&v=
Request Chain 41
  • https://dmg.digitaltarget.ru/1/119/i/i?i=1651691835 HTTP 307
  • https://dmg.digitaltarget.ru/awg/custom/119/i/i?call_source=awg&i=1651691835 HTTP 307
  • https://an.yandex.ru/mapuid/dmpamberdata/iPiyH3BAQRbNtL577pjw
Request Chain 42
  • https://yandex-dmp-sync.rutarget.ru/sync HTTP 302
  • https://an.yandex.ru/mapuid/dmpsegmento/rGpOkCt9yxn6?sign=1942686744
Request Chain 43
  • https://yandex-sync.rutarget.ru/sync HTTP 302
  • https://an.yandex.ru/mapuid/rutargetis/Zqq9RdQFehSq
Request Chain 44
  • https://x01.aidata.io/0.gif?pid=YANDEX HTTP 302
  • https://x01.aidata.io/0.gif?pid=YANDEX&bounce=1 HTTP 302
  • https://an.yandex.ru/mapuid/dmpaidatame/004P4TpLd%2FZlF5qro3CDMQ?sign=252846578
Request Chain 45
  • https://sync.1dmp.io/pixel.gif?cid=3cbc2ec8-1421-4677-89fe-2ac6fc52a09a&pid=w&o=au HTTP 302
  • https://sync.1dmp.io/pixel.gif?cid=3cbc2ec8-1421-4677-89fe-2ac6fc52a09a&pid=w&o=au&cs=1 HTTP 302
  • https://an.yandex.ru/mapuid/dmpcleverdata/d035ae81-cbde-11ec-ad67-f832e4719dd9?sign=687837124
Request Chain 46
  • https://redirect.frontend.weborama.fr/redirect/standard?url=https://an.yandex.ru/mapuid/dmpweborama/{WEBO_CID} HTTP 302
  • https://redirect.frontend.weborama.fr/redirect/standard?url=https%3A%2F%2Fan.yandex.ru%2Fmapuid%2Fdmpweborama%2F%7BWEBO_CID%7D&bounce=1&random=3806164329 HTTP 302
  • https://an.yandex.ru/mapuid/dmpweborama/DemDa76/EY7oxvwy.8wuzO
Request Chain 47
  • https://profile.ssp.rambler.ru/sync3.302?pid=188 HTTP 302
  • https://an.yandex.ru/mapuid/ramblerssp/000022d4-6272-d13c-2187-858a04c7757f
Request Chain 48
  • https://an.yandex.ru/mapuid/adobedmp/ HTTP 302
  • https://an.yandex.ru/mapuid/adobedmp/?redir-setuniq=1 HTTP 302
  • https://dpm.demdex.net/ibs:dpid=423652&dpuuid=3E9ECA22E257F42D HTTP 302
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=423652&dpuuid=3E9ECA22E257F42D
Request Chain 49
  • https://dm.hybrid.ai/yandexdmp-match HTTP 302
  • https://an.yandex.ru/mapuid/dmphybridai/ea9eae45112178b84948?sign=1479755435
Request Chain 50
  • https://cm.tns-counter.ru/yacm HTTP 302
  • https://an.yandex.ru/mapuid/mediascope/5f3e04b7869816b834ca11325916d456b58c15522e116d74e658876b966e7116
Request Chain 51
  • https://sync.upravel.com/yandex/sync HTTP 302
  • https://sync.upravel.com/yandex/sync?session_tpt=eyJoZWFkZXJzIjp7InJlZmVyZXIiOlsiaHR0cHM6Ly95YXN0YXRpYy5uZXQvIl19fQ HTTP 302
  • https://003c8bda-9ab2-4607-adff-33b61d6edbd0.sync.upravel.com/yandex/sync?ud_tpt=eyJoZWFkZXJzIjp7InJlZmVyZXIiOlsiaHR0cHM6Ly95YXN0YXRpYy5uZXQvIiwiaHR0cHM6Ly95YXN0YXRpYy5uZXQvIl19fQ HTTP 302
  • https://an.yandex.ru/mapuid/upravelis/003c8bda-9ab2-4607-adff-33b61d6edbd0
Request Chain 52
  • https://an.yandex.ru/mapuid/google/?partner-tag=yandex_llc HTTP 302
  • https://an.yandex.ru/mapuid/google/?redir-setuniq=1&partner-tag=yandex_llc HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=yandex_llc&google_hm=96BFFFC04EEFD666&google_redir=https%3A%2F%2Fan.yandex.ru%2Fresource%2Fspacer.gif HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=yandex_llc&google_hm=96BFFFC04EEFD666&google_redir=https%3A%2F%2Fan.yandex.ru%2Fresource%2Fspacer.gif&google_tc= HTTP 302
  • https://an.yandex.ru/resource/spacer.gif
Request Chain 53
  • https://an.yandex.ru/mapuid/google/?partner-tag=yandexcom HTTP 302
  • https://an.yandex.ru/mapuid/google/?redir-setuniq=1&partner-tag=yandexcom HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=yandexcom&google_hm=36CEF03F82831F47&google_redir=https%3A%2F%2Fan.yandex.ru%2Fresource%2Fspacer.gif HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=yandexcom&google_hm=36CEF03F82831F47&google_redir=https%3A%2F%2Fan.yandex.ru%2Fresource%2Fspacer.gif&google_tc= HTTP 302
  • https://an.yandex.ru/resource/spacer.gif
Request Chain 54
  • https://an.yandex.ru/mapuid/google/?partner-tag=yandexru HTTP 302
  • https://an.yandex.ru/mapuid/google/?redir-setuniq=1&partner-tag=yandexru HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=yandexru&google_hm=36CEF03F82831F47&google_redir=https%3A%2F%2Fan.yandex.ru%2Fresource%2Fspacer.gif HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=yandexru&google_hm=36CEF03F82831F47&google_redir=https%3A%2F%2Fan.yandex.ru%2Fresource%2Fspacer.gif&google_tc= HTTP 302
  • https://an.yandex.ru/resource/spacer.gif
Request Chain 55
  • https://an.yandex.ru/mapuid/operacom/ HTTP 302
  • https://an.yandex.ru/mapuid/operacom/?redir-setuniq=1 HTTP 302
  • https://t.adx.opera.com/sync?vendor=60143&uid=A10551C9395381B
Request Chain 56
  • https://an.yandex.ru/mapuid/betweenx/ HTTP 302
  • https://an.yandex.ru/mapuid/betweenx/?redir-setuniq=1 HTTP 302
  • https://ads.betweendigital.com/match?bidder_id=161&external_user_id=C26CE2FC3B121E62 HTTP 302
  • https://ads.betweendigital.com/match?bidder_id=161&external_user_id=C26CE2FC3B121E62&crf=1
Request Chain 58
  • https://mitdmp.whiteboxdigital.ru/pixel?id=a&source=yandex&redirect=false&href=https%3A%2F%2Fan.yandex.ru%2Fmapuid%2Fqbitis%2F%7Bmiid%7D HTTP 302
  • https://an.yandex.ru/mapuid/qbitis/4a92a8f5-deb9-40f8-95bf-10234c52093f
Request Chain 59
  • https://ads.betweendigital.com/match?bidder_id=43554&callback_url=https%3A%2F%2Fan.yandex.ru%2Fmapuid%2Fbetweendigitalis%2F%24%7BUSER_ID%7D HTTP 302
  • https://ads.betweendigital.com/match?bidder_id=43554&callback_url=https%3A%2F%2Fan.yandex.ru%2Fmapuid%2Fbetweendigitalis%2F%24%7BUSER_ID%7D&crf=1 HTTP 302
  • https://an.yandex.ru/mapuid/betweendigitalis/e2725037-9719-527c-b577-c199d70510a7
Request Chain 60
  • https://sm.rtb.mts.ru/p?ssp=yandex&id=map HTTP 301
  • https://sm.rtb.mts.ru/match/second?ssp=55&exu=map HTTP 301
  • https://tech.rtb.mts.ru/?dsp_uid=220d7536-b9e5-4513-8344-765f07ddae75&return_url=https%3A%2F%2Fan.yandex.ru%2Fmapuid%2Fmtsdspis%2F220d7536-b9e5-4513-8344-765f07ddae75 HTTP 302
  • https://an.yandex.ru/mapuid/mtsdspis/220d7536-b9e5-4513-8344-765f07ddae75
Request Chain 62
  • https://dm.hybrid.ai/match?id=182 HTTP 302
  • https://an.yandex.ru/mapuid/targetixis/15a04e712779b3a7944f
Request Chain 64
  • https://s.uuidksinc.net/match/501 HTTP 302
  • https://an.yandex.ru/mapuid/kadamis/TQi0y75NwdPmgQcv9NcQ
Request Chain 65
  • https://px.adhigh.net/p/cm/yandexssp HTTP 302
  • https://px.adhigh.net/p/cm/yandexssp?bounced=1 HTTP 302
  • https://an.yandex.ru/mapuid/getintentis/MX6j02BPBZm.AikABlGAkIFeLA
Request Chain 66
  • https://exchange.buzzoola.com/cookiesync/redirect/yandex?redirect_url=https%3A%2F%2Fan.yandex.ru%2Fmapuid%2Fbuzzooladspis%2F%24%7BUUID%7D HTTP 301
  • https://an.yandex.ru/mapuid/buzzooladspis/822c55a4-c518-4dec-5e6f-7e4e28c0fd9b
Request Chain 67
  • https://match.new-programmatic.com/userbind?src=yandex&pbf=1&gi=1 HTTP 302
  • https://an.yandex.ru/mapuid/targetrtbis/?sign=1379914575
Request Chain 69
  • https://mc.yandex.ru/watch/413980?wmode=7&page-url=https%3A%2F%2Fgoo.su%2FwbZfxfi&nohit=1&charset=utf-8&cnt-class=1&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A3epd2s48awifpnz15xts%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A790%3Acn%3A1%3Adp%3A0%3Als%3A1633965900647%3Ahid%3A832065778%3Az%3A0%3Ai%3A20220504191717%3Aet%3A1651691838%3Ac%3A1%3Arn%3A555825248%3Au%3A16516918381009744473%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1651691833132%3Aco%3A0%3Arqnl%3A1%3Ast%3A1651691838%3At%3ARedirecting...&t=gdpr(14)aw(1)ti(2) HTTP 302
  • https://mc.yandex.ru/watch/413980/1?wmode=7&page-url=https%3A%2F%2Fgoo.su%2FwbZfxfi&nohit=1&charset=utf-8&cnt-class=1&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A3epd2s48awifpnz15xts%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A790%3Acn%3A1%3Adp%3A0%3Als%3A1633965900647%3Ahid%3A832065778%3Az%3A0%3Ai%3A20220504191717%3Aet%3A1651691838%3Ac%3A1%3Arn%3A555825248%3Au%3A16516918381009744473%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1651691833132%3Aco%3A0%3Arqnl%3A1%3Ast%3A1651691838%3At%3ARedirecting...&t=gdpr%2814%29aw%281%29ti%282%29
Request Chain 80
  • https://istlnkcl.com/?p=28&s=72013&pp=91&v=0&g=1 HTTP 301
  • https://clicks.istripper.com/ref.php?s=72013&referer=https%3A%2F%2Fgoo.su%2F HTTP 301
  • https://www.istripper.com/
Request Chain 84
  • https://www.googleadservices.com/pagead/conversion/1014923426/?label=uXlUCLqxpmMQooH64wM&value=0&script=0 HTTP 302
  • https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1014923426/?label=uXlUCLqxpmMQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=QNFyYoh37oj1-A-TvL64AQ&random=1034059583&sscte=1&crd= HTTP 302
  • https://www.google.com/pagead/1p-user-list/1014923426/?label=uXlUCLqxpmMQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&random=1034059583&crd=&is_vtc=1&random=2253484068 HTTP 302
  • https://www.google.is/pagead/1p-user-list/1014923426/?label=uXlUCLqxpmMQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&random=1034059583&crd=&is_vtc=1&random=2253484068&ipr=y
Request Chain 85
  • https://www.googleadservices.com/pagead/conversion/1014923426/?label=ZLOgCM6elGEQooH64wM&value=0&script=0 HTTP 302
  • https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1014923426/?label=ZLOgCM6elGEQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=QNFyYoJ4w4Rvvc2yqAI&random=1112595741&sscte=1&crd= HTTP 302
  • https://www.google.com/pagead/1p-user-list/1014923426/?label=ZLOgCM6elGEQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&random=1112595741&crd=&is_vtc=1&random=1069169364 HTTP 302
  • https://www.google.is/pagead/1p-user-list/1014923426/?label=ZLOgCM6elGEQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&random=1112595741&crd=&is_vtc=1&random=1069169364&ipr=y

102 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request wbZfxfi
goo.su/ 		10 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://goo.su/wbZfxfi
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.21.38.221 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/8.0.15
Resource Hash
a26ea2b4c0d0aa2e49a78830ca555f893a498f132f337384a3be373fc5aa93df

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language
is-IS,is;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
private, must-revalidate
cf-cache-status
DYNAMIC
cf-ray
70639346dc8aaf4b-KEF
content-encoding
br
content-type
text/html; charset=UTF-8
date
Wed, 04 May 2022 19:17:13 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
expires
-1
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rzA%2BYvWdLMk38sR3MCkpvt8%2FzzLL52XaV0bUyDqnL5VyvqvUaqAE2CcXCngRGXRiUdGpahAHfrb%2FK23ccfnky7S8He7vspj3iyyTP1fBtYuuHoEZclqZSo0%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
x-powered-by
PHP/8.0.15
css
fonts.googleapis.com/ 		3 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Open%20Sans:400&display=swap
Requested by
Host: goo.su
URL: https://goo.su/wbZfxfi
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.138 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f10.1e100.net
Software
ESF /
Resource Hash
ce820ddde3b57db396b814b8bbd40e27edef6f5eab951b2053e934dd47e9e1c2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
is-IS,is;q=0.9
Referer
https://goo.su/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Wed, 04 May 2022 19:02:06 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Wed, 04 May 2022 19:17:14 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 04 May 2022 19:17:14 GMT
css
fonts.googleapis.com/ 		2 KB
622 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto:400&display=swap
Requested by
Host: goo.su
URL: https://goo.su/wbZfxfi
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.138 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f10.1e100.net
Software
ESF /
Resource Hash
8c4967c13572e41e718dfbb3d84dddeacc748aa14cb2d65ad91ecdde60f50664
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
is-IS,is;q=0.9
Referer
https://goo.su/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Wed, 04 May 2022 19:07:55 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Wed, 04 May 2022 19:17:14 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 04 May 2022 19:17:14 GMT
logo_blue_white.png
goo.su/logos/ 		88 KB
88 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://goo.su/logos/logo_blue_white.png
Requested by
Host: goo.su
URL: https://goo.su/wbZfxfi
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.21.38.221 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
14780fc1a64fa4a12547d1ee5d6629779d6a99b35146dd51302a02f36f9af223

Request headers

accept-language
is-IS,is;q=0.9
Referer
https://goo.su/wbZfxfi
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Wed, 04 May 2022 19:17:13 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
428701
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
90183
last-modified
Sun, 13 Feb 2022 17:51:43 GMT
server
cloudflare
etag
"6209452f-16047"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=V8R%2BEAJTFVVNF6xMn3nHkRdRFK84HgyO3yIDBq9o7mi68dXBZdhvLi4ArKsvBWaqNJ2%2FUcONmdiayLwD7l555gnCzN29m7WRCvM6acLhhSG1AAX8OW70yVI%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=604800
accept-ranges
bytes
cf-ray
70639349eef1af4b-KEF
expires
Fri, 06 May 2022 20:12:12 GMT
spinner.svg
goo.su/img/ 		2 KB
953 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://goo.su/img/spinner.svg
Requested by
Host: goo.su
URL: https://goo.su/wbZfxfi
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.21.38.221 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c7a987be3cbd97bc18f5c4dac63af0993a04e647ee2504812471192f423e591d

Request headers

accept-language
is-IS,is;q=0.9
Referer
https://goo.su/wbZfxfi
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Wed, 04 May 2022 19:17:13 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
428701
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Sun, 13 Feb 2022 17:51:43 GMT
server
cloudflare
etag
W/"6209452f-63e"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zZkXRx0nills6ozxawE0nnc4gvnXDwSWCpAylefBDP%2FClsJqGcQ29FiP7jWt%2Frxcgpf6dkRAp2qwkZClvaznC%2F5AerIiBd%2F1n3tyBFRpVc8ey9eYJacKk%2B8%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cache-control
max-age=604800
cf-ray
70639349eef3af4b-KEF
expires
Fri, 06 May 2022 20:12:12 GMT
redirect.js
goo.su/frontend/js/ 		88 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://goo.su/frontend/js/redirect.js?id=0206716eb65eec68ba6002305730d2eb
Requested by
Host: goo.su
URL: https://goo.su/wbZfxfi
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.21.38.221 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2c84d9ab5b2dd5c770675c7c9e9219710fdd23745fbaf02a07e8c90ef078d38e

Request headers

accept-language
is-IS,is;q=0.9
Referer
https://goo.su/wbZfxfi
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Wed, 04 May 2022 19:17:13 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
428701
cf-polished
origSize=90593
cf-bgj
minify
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Tue, 15 Feb 2022 18:24:23 GMT
server
cloudflare
etag
W/"620befd7-161e1"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mlvlAMDcaoMzOjPO8%2FHJ2W%2Fvnx7v%2Ff75FTvAwxl095WIZs4cJaefH37u6oSvpAwvFlkJ1Q48M1VYBnYY6fslfW2bU%2BHmdMAVAhW6aJfzzoSEqvy%2Fy1gDVB4%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=604800
cf-ray
70639349eef5af4b-KEF
expires
Fri, 06 May 2022 20:12:12 GMT
context.js
an.yandex.ru/system/ 		285 KB
78 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://an.yandex.ru/system/context.js
Requested by
Host: goo.su
URL: https://goo.su/wbZfxfi
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.180.193.90 , Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
bs.yandex.ru
Software
/
Resource Hash
a0970d9d7a3f80d9d80887d6675cc0fab1040153affb8defd6c785b6b46112b4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
is-IS,is;q=0.9
Referer
https://goo.su/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

timing-allow-origin
*
strict-transport-security
max-age=31536000
content-encoding
br
x-yandex-req-id
1651691835226889-132045572657447787000180-production-app-host-sas-pcode-249
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=3600
x-robots-tag
noindex, noarchive, nofollow
expires
Wed, 04 May 2022 20:17:15 GMT
code.js
top-fwz1.mail.ru/js/ 		27 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://top-fwz1.mail.ru/js/code.js
Requested by
Host: goo.su
URL: https://goo.su/wbZfxfi
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
217.69.133.145 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU),
Reverse DNS
top-fwz1.mail.ru
Software
nginx /
Resource Hash
f1153a7d9e7f877b55f4e32fe45448a1229fdc0ab67ae1bfa09fd77b9c72679a
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
is-IS,is;q=0.9
Referer
https://goo.su/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Wed, 04 May 2022 19:17:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
CP="NOI DSP COR NID CUR PSA OUR NOR"
amp-access-control-allow-source-origin
*
last-modified
Wed, 22 Dec 2021 12:22:53 GMT
server
nginx
etag
W/"61c3189d-6a23"
access-control-allow-methods
GET, POST, HEAD, PUT, OPTIONS
content-type
application/javascript
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
max-age=3600, private
access-control-allow-credentials
true
accept-ch-lifetime
86400
accept-ch
DPR, Width, Viewport-Width, Downlink, Device-Memory, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version
timing-allow-origin
*
access-control-allow-headers
*
expires
Wed, 04 May 2022 20:17:14 GMT
hit
counter.yadro.ru/
Redirect Chain
  • https://counter.yadro.ru/hit?t44.11;r;s1600*1200*24;uhttps%3A//goo.su/wbZfxfi;hRedirecting...;0.561437088208834
  • https://counter.yadro.ru/hit?q;t44.11;r;s1600*1200*24;uhttps%3A//goo.su/wbZfxfi;hRedirecting...;0.561437088208834
132 B
618 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://counter.yadro.ru/hit?q;t44.11;r;s1600*1200*24;uhttps%3A//goo.su/wbZfxfi;hRedirecting...;0.561437088208834
Requested by
Host: goo.su
URL: https://goo.su/wbZfxfi
Protocol
HTTP/1.1
Server
88.212.201.216 , Russian Federation, ASN39134 (UNITEDNET, RU),
Reverse DNS
host216.rax.ru
Software
nginx/1.17.9 /
Resource Hash
e10cd8d343f9c37e3500c69d92f7ac7e78b6c7df29a2ace8cffe71bfa494e8c9
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
is-IS,is;q=0.9
Referer
https://goo.su/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 04 May 2022 19:17:14 GMT
Server
nginx/1.17.9
Strict-Transport-Security
max-age=86400
P3P
policyref="/w3c/p3p.xml", CP="UNI"
Access-Control-Allow-Origin
*
Cache-control
no-cache
Connection
keep-alive
Content-Type
image/gif
Content-Length
132
Expires
Tue, 04 May 2021 03:00:40 GMT

Redirect headers

Pragma
no-cache
Date
Wed, 04 May 2022 19:17:14 GMT
Server
nginx/1.17.9
Strict-Transport-Security
max-age=86400
P3P
policyref="/w3c/p3p.xml", CP="UNI"
Location
https://counter.yadro.ru/hit?q;t44.11;r;s1600*1200*24;uhttps%3A//goo.su/wbZfxfi;hRedirecting...;0.561437088208834
Cache-control
no-cache
Connection
keep-alive
Content-Type
text/html
Content-Length
32
Expires
Tue, 04 May 2021 03:00:40 GMT
top100.js
st.top100.ru/top100/ 		189 KB
62 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://st.top100.ru/top100/top100.js
Requested by
Host: goo.su
URL: https://goo.su/wbZfxfi
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
81.19.89.18 Moscow, Russian Federation, ASN24638 (RAMBLER-TELECOM-AS, RU),
Reverse DNS
kraken.rambler.ru
Software
nginx/1.19.4 /
Resource Hash
2b26da065c00f1b310dc12256dc3e00abc1c42c8328f6f5c5a2de51e44e58afa

Request headers

accept-language
is-IS,is;q=0.9
Referer
https://goo.su/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Wed, 04 May 2022 19:17:14 GMT
content-encoding
gzip
last-modified
Tue, 26 Apr 2022 11:44:00 GMT
server
nginx/1.19.4
x-amz-request-id
tx00000000000017df1fb03-006272d0ea-f85be6-default
etag
W/"8b7627ce7e2aeda2e2236be90742883b"
vary
Accept-Encoding
p3p
CP="NON DSP NID ADMa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
cache-control
max-age=3600
x-rgw-object-type
Normal
content-type
application/javascript
expires
Wed, 04 May 2022 20:17:14 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v29/ 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v29/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.35 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f3.1e100.net
Software
sffe /
Resource Hash
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://goo.su
accept-language
is-IS,is;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Fri, 29 Apr 2022 01:46:21 GMT
x-content-type-options
nosniff
age
495054
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15688
x-xss-protection
0
last-modified
Wed, 22 Sep 2021 16:13:19 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 29 Apr 2023 01:46:21 GMT
memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4gaVI.woff2
fonts.gstatic.com/s/opensans/v28/ 		16 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v28/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4gaVI.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open%20Sans:400&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.35 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f3.1e100.net
Software
sffe /
Resource Hash
cce577471c2586f3e0c2518fff84a970d33f61491fb8c629341b86f238cf07c0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://goo.su
accept-language
is-IS,is;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Tue, 03 May 2022 22:46:04 GMT
x-content-type-options
nosniff
age
73871
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16692
x-xss-protection
0
last-modified
Tue, 01 Mar 2022 22:06:45 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 03 May 2023 22:46:04 GMT
counter
top-fwz1.mail.ru/ 		43 B
987 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://top-fwz1.mail.ru/counter?js=13;id=3128781;u=https%3A//goo.su/wbZfxfi;st=1651691834523;title=Redirecting...;s=1600*1200;vp=1600*1200;touch=0;hds=1;frame=0;flash=;sid=d777ca2983291f40;ver=60.3.0;tz=0%2FEtc%2FUnknown;ni=10//4g/0/0/;lvid=1651691835141%3A1651691835152%3A1%3A068d689bc2698c295132769ce841b43c;visible=true;_=0.16831693724231944
Requested by
Host: top-fwz1.mail.ru
URL: https://top-fwz1.mail.ru/js/code.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
217.69.133.145 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU),
Reverse DNS
top-fwz1.mail.ru
Software
nginx /
Resource Hash
24e480e4659fbae818853a38f8a3036f529f539024dc3e772c0b594ce02ea9db
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://goo.su/
accept-language
is-IS,is;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Wed, 04 May 2022 19:17:15 GMT
x-content-type-options
nosniff
p3p
CP="NOI DSP COR NID CUR PSA OUR NOR"
content-length
43
pragma
no-cache
amp-access-control-allow-source-origin
https://goo.su
server
nginx
access-control-allow-methods
GET, POST, HEAD, PUT, OPTIONS
content-type
image/gif
access-control-allow-origin
https://goo.su
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
private, no-cache, no-store, max-age=0
access-control-allow-credentials
true
accept-ch-lifetime
86400
accept-ch
DPR, Width, Viewport-Width, Downlink, Device-Memory, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version
timing-allow-origin
https://goo.su
access-control-allow-headers
*
userip
kraken.rambler.ru/ 		13 B
410 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://kraken.rambler.ru/userip
Requested by
Host: st.top100.ru
URL: https://st.top100.ru/top100/top100.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
81.19.89.16 Moscow, Russian Federation, ASN24638 (RAMBLER-TELECOM-AS, RU),
Reverse DNS
kraken.rambler.ru
Software
nginx/1.19.4 /
Resource Hash
9e9c1dcb1ef435767cb47c13707b5377898a9c2f152a8710de9293e8c9c0139c

Request headers

accept-language
is-IS,is;q=0.9
Referer
https://goo.su/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

access-control-allow-origin
https://goo.su
date
Wed, 04 May 2022 19:17:15 GMT
x-srv
2node0042.top100.rambler.tech
content-type
application/octet-stream, text/plain
content-length
13
server
nginx/1.19.4
p3p
CP="NON DSP NID ADMa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
953eadf0b1ddecfeb5be.js
yastatic.net/partner-code-bundles/575931/ 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://yastatic.net/partner-code-bundles/575931/953eadf0b1ddecfeb5be.js
Requested by
Host: an.yandex.ru
URL: https://an.yandex.ru/system/context.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
178.154.131.216 , Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
static.yandex.net
Software
nginx/1.17.9 /
Resource Hash
cff9e3917907425d21401b73197b19c96b4ed0bb81aac2e2355886a049b9faa0
Security Headers
Name Value
Strict-Transport-Security max-age=43200000; includeSubDomains;

Request headers

Referer
https://goo.su/
Origin
https://goo.su
accept-language
is-IS,is;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Wed, 04 May 2022 19:17:16 GMT
content-encoding
br
vary
Accept-Encoding
nel
{"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length
4468
last-modified
Fri, 29 Apr 2022 09:04:06 GMT
server
nginx/1.17.9
etag
"8bfe6375420f5ddd290872d10aaad942"
x-robots-tag
noindex, noarchive, nofollow
strict-transport-security
max-age=43200000; includeSubDomains;
report-to
{ "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=946708560
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 04 May 2052 01:50:14 GMT
9c6a709e779e825bf49f.js
yastatic.net/partner-code-bundles/575931/ 		89 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://yastatic.net/partner-code-bundles/575931/9c6a709e779e825bf49f.js
Requested by
Host: an.yandex.ru
URL: https://an.yandex.ru/system/context.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
178.154.131.216 , Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
static.yandex.net
Software
nginx/1.17.9 /
Resource Hash
5f72c4cc3151182f99faa30bf33dc963672fc5c1729b228a2a35b6e8333a051d
Security Headers
Name Value
Strict-Transport-Security max-age=43200000; includeSubDomains;

Request headers

Referer
https://goo.su/
Origin
https://goo.su
accept-language
is-IS,is;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Wed, 04 May 2022 19:17:16 GMT
content-encoding
br
vary
Accept-Encoding
nel
{"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length
18885
last-modified
Fri, 29 Apr 2022 09:04:06 GMT
server
nginx/1.17.9
etag
"2af5080ab83da0cc0a0a8104e2076047"
x-robots-tag
noindex, noarchive, nofollow
strict-transport-security
max-age=43200000; includeSubDomains;
report-to
{ "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=946708560
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 04 May 2052 01:50:14 GMT
host.js
yastatic.net/safeframe-bundles/0.83/ 		33 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://yastatic.net/safeframe-bundles/0.83/host.js
Requested by
Host: an.yandex.ru
URL: https://an.yandex.ru/system/context.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
178.154.131.216 , Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
static.yandex.net
Software
nginx/1.17.9 /
Resource Hash
34806ef573086241dd1a596a860b0295b51c24f1c37eab36eb9d0665683abb55
Security Headers
Name Value
Strict-Transport-Security max-age=43200000; includeSubDomains;

Request headers

Referer
https://goo.su/
Origin
https://goo.su
accept-language
is-IS,is;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Wed, 04 May 2022 19:17:16 GMT
content-encoding
br
vary
Accept-Encoding
nel
{"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length
8878
last-modified
Wed, 03 Nov 2021 13:42:58 GMT
server
nginx/1.17.9
etag
"f80882bf67cf261aa08d636da095149a"
x-robots-tag
noindex, noarchive, nofollow
strict-transport-security
max-age=43200000; includeSubDomains;
report-to
{ "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=946708560
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 04 May 2052 01:51:25 GMT
413980
an.yandex.ru/meta/ 		122 KB
34 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://an.yandex.ru/meta/413980?target-ref=https%3A%2F%2Fgoo.su%2FwbZfxfi&charset=utf-8&pcode-test-ids=568461%2C0%2C74%3B406668%2C0%2C99%3B574104%2C0%2C-1%3B203896%2C0%2C8&pcode-flags-map=eJyVV02P2zYQ%2FSuFz0ZBUZQo5UZJtE2EIhWSstcJAmLbuqdFUaRJUCDIf%2B9Qkj9ke%2BntHuw1oPc4fDPzZvRjwRWrJPe1bnht%2FW4jHJfCusW7Tz8W359fvh0W7xbO9HyxXHw9%2FPNV%2FAG%2FCS5RVi5%2Bfl4uGmEHfMNXrJfOuw1vuedt5%2Fa%2B6Q1zQquHXDQduFreCOZXAugq4QDLfWeENgK4Vqx22syY0K8o%2FCU3bGRg22rZQyhV75xWninR3gYzXv6GgA4EvRIrbQD1FsioRr1hag1iSlG%2FBymM7tcbL%2FVa1DMOuAtEcgzteMcZZ4opxgPnlKBtV05JistJEloml8CzqpBe4Ta%2BtTz8dNz4XjXwyarGayX3D4gzgidlmYVLqbXnT51fSQb%2FXB%2Fl3b67yZ4HOaFQrDC8OWY4fiZN8yR95cwHh82Ik2tWnJ9Yp9g3WvF9px0o4W3LpPQdNzVX8U7IEMHpKLfhH3pund%2B2DCI0uvV7BvI%2BedPHKTBN8XhJu9E7L1nF5TmKsUjiDClKUHm6kO3Nlu%2BhWNSWG%2BhI7RXfedbUhkMHbPn0wIxyKxqu55xJXiQnzhu0B2573U7f8zIp%2F4TLxIhCUMJC2Qm10l4K9T5%2BOai6NLvO1hSElg0w%2BlNsQkFVKyZ9q5texosryzKU0hNx0KgOgoNeU386%2FvQg%2B0BRkMtm65Xtu04bBxUuNQvdZWsjOuetqf2OGSXU%2BgEnzQj93zUPnbWRc2tIgjvOqPOUkuJE3erxlkxIQNc6fHZMcge%2Bq1g7V0%2BK9cb5aj3joymi59RYNxrVncLIKHRcOcdC1R8bp4P0jX1zbCK2ckOFGC1lXC5KSTI2M2tW%2Bsm3oPNWWFEJGYSBCw5uPCM5%2FPv33MBpmqKj509pC4qytrvEff3y7TCDFWk5wcBSrQ0BX2NuzzqB7sZbQcg7xWf29Qk6KMd0iTMYuxl8FUWRLNOMJEWxxGmZpeErQzRf4pwQki4xwpD94yMpKvMc4BSVKAE4JaT4PDPEMkHJFJO3nCuvK%2BjQ7TyMxeGv599eDvMxleNyLNaVgLvA%2FTd8qBTl4jKQLJ3G1EeuMOQ9zIW18jjxH1IoJd75NEqQYVyOrtlB99fOG1eB%2FuAnPIqjuMzGiGvdq8EenzYmCiloMU2%2Bk6P7RrdMqBgM8oHTacwEdw3FUeu20n7VSwmuADpH8QmMBXTStjL6PSQGdPVrI5o4kmZFfjdgD%2FuaM6KKwqF28vG%2BO9GsuQuRd2H3iKJSkiT0nNFwSdg3Glg4YPNax7EkIQU6Y49LZaVNaEXDGtHbX97IsGfhtuM1PZM7trdxZHpcmJpVMCDbaQXt7ETLdT%2F3f3xtqISgdFRq0CfMXHu9MtyclwHNhQEYHhzneF7w%2BjicUIpv4WIVBuEu2PCjunqF4RjAlsl%2Blq0U3Uef3hxCTQvVQZI9M2387DyZuvbhInANzRAi47CRHOYojC8Dw4YZwa4Ex9ewKb1XXWg4jOMG5vQb2zGsC1OumbFh2XXsXC7cGBgYsOpfcmQzfIEImgxrmtpg9lvBd2FfiB6d03yaGVZ8hEnDlYXDzlMjCqYoz9AkAOw4CqZ%2BDa8Col3HYRgOvagS9ISgwlgX9qx4isuyKK6Aw4I2h%2F3%2Bcnj%2BMhc4ySdntraDXaze8CDovT08m5UkzZKSTJaurGiGkhrKkUt4G1XOhqw74QZLafavKXe7W8BkHTWAXRxW6VZbJupAZjesgV0dTDUuIkzl8vZlbGSzcRM%2FY8Nka3Q%2FNNvwZvnII87Qi%2FeBHRMOls9hsVkJE5YsZXeg1d3XdCgTqDM3L8MC2vfV1SW2KaE8z8eaWBtW4XjwJEHk%2FKwPJT%2FLfYJR7Pk7xp1kdxE%2F%2FwPU2OX7&price-disabled-formats=adaptive0418%0Aadaptive%0AmodernAdaptive%0Ahorizontal%0Ahorizontal0318%0Agrid%0A160x600%0A240x400%0A200x300%0A300x300%0A300x250%0A250x250%0A728x90%0A1000x120%0A320x50%0A320x100%0A400x240%0A320x480%0A480x320%0A336x280%0A300x600%0A300x500%0A970x250%0A970x90%0AposterVertical%0AposterHorizontal%0AadaptiveConstructor%0AhorizontalSD%0Afullscreen%0Afullscreen_grid%0Asmart_tile%0Asmart_mosaic%0Anative&pcode-icookie=gpHm8rNAyg7yh1jyOm8cbcX5odpKkCQbWwwU0udHczBlV5mmCQEtGcaI%2BvTgisuyd6rPZq0C7Tjbd3HWKfWD3O2gJ1U%3D&imp-id=14&enable-flat-highlight=1&comboblock-unencoded-vast=1&test-tag=243593365159938&ad-session-id=1748511651691835612&target-id=12321280&tga-with-creatives=1&top-ancestor=https%3A%2F%2Fgoo.su&top-ancestor-undetermined=0&pcode-version=575931&pcodever=575931&flash-ver=0&available-width=145&layout-config=%7B%22win_width%22%3A1600%2C%22win_height%22%3A1200%2C%22pixel_ratio%22%3A1%2C%22bandwidth%22%3A10%2C%22w%22%3A1600%2C%22h%22%3A1200%2C%22width%22%3A145%2C%22height%22%3A0%2C%22visible%22%3A1%2C%22left%22%3A728%2C%22top%22%3A326%2C%22fontFamily%22%3A%22roboto%22%2C%22ad_no%22%3A0%2C%22req_no%22%3A0%7D&grab-orig-len=388&grab=eyJncmFiX3ZlcnNpb24iOjIsImlzX2FzeW5jIjoxLCJvbGRfZ3JhYl9zaXplIjo2M30Kgq6-sTvP80MY6qkQlq_0SG_UqDvwLSsipVu2aodoGghb5Glaf0e7DYcTZo4H-ri1F2c9XpKkLj6sc5LBfReeIH2YcMncQ6adR3hDvr0wQ4dcmEtcLrMTLhNYS1VXqWrMOw4iF26xH0MyBk6mG99o7ucw0_iQIlSDR3xGfFmTEnNJuRgqedTEnMVuvOYTfXLuKlQvlRzr8kQWa9aq-4nVbDhMi-fn7FPO7KzzzR77LC6ExtzimZGJ7NHpjQf-EVS0zVf-tXhBs1Hr_Vn91gU8tDKlMpPWhNwBRov2K6BoA4FAREaSemQGsI3CREUDKfg%3D&uniformat=true&callback=Ya%5B8715886171480%5D
Requested by
Host: an.yandex.ru
URL: https://an.yandex.ru/system/context.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.180.193.90 , Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
bs.yandex.ru
Software
/
Resource Hash
0548a06128725c0dd63b24dfd94c163cd546c46c309d0d078bd8ea9bd6b6f5d6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Referer
https://goo.su/
accept-language
is-IS,is;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Wed, 04 May 2022 19:17:15 GMT
content-encoding
gzip
ssr
true
x-yandex-req-id
1651691835706294-707043529747273844500178-production-app-host-vla-pcode-307
p3p
CP="NOI DEVa TAIa OUR BUS UNI STA"
uniformat-product-type
Direct
x-xss-protection
1; mode=block
pragma
no-cache
last-modified
Wed, 04 May 2022 19:17:15 GMT
strict-transport-security
max-age=31536000
content-type
application/json
access-control-allow-origin
https://goo.su
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*
uniformat
true
expires
Wed, 04 May 2022 19:17:15 GMT
d764300e195c28c18d93.js
yastatic.net/partner-code-bundles/575931/ 		502 KB
104 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://yastatic.net/partner-code-bundles/575931/d764300e195c28c18d93.js
Requested by
Host: an.yandex.ru
URL: https://an.yandex.ru/system/context.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
178.154.131.216 , Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
static.yandex.net
Software
nginx/1.17.9 /
Resource Hash
cac303967c47154ec22b0586117dd335d8c4f985a94bc69377d1e25c176cd973
Security Headers
Name Value
Strict-Transport-Security max-age=43200000; includeSubDomains;

Request headers

Referer
https://goo.su/
Origin
https://goo.su
accept-language
is-IS,is;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Wed, 04 May 2022 19:17:16 GMT
content-encoding
br
vary
Accept-Encoding
nel
{"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length
105415
last-modified
Fri, 29 Apr 2022 09:04:06 GMT
server
nginx/1.17.9
etag
"78a41bd4749038af54167b0920f5fef2"
x-robots-tag
noindex, noarchive, nofollow
strict-transport-security
max-age=43200000; includeSubDomains;
report-to
{ "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=946708560
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 04 May 2052 01:51:25 GMT
/
kraken.rambler.ru/cnt/ 		595 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://kraken.rambler.ru/cnt/?et=pv&pid=6673155&rid=1651691835.281-88262010&tid=t1.6673155.1142143426.1651691835282&v=2.1.14&exp=exp_bot%2Csplit_a%2Cexp_ping%2Cyes&ct=web&aduid=d91e53c7-b4aa-43e1-9f17-b688f94ccf44&aduidsc=goo.su&rn=1152414991&bs=1600x1200&ce=1&rf&en=1&pt=Redirecting...&sr=1600x1200&cd=24-bit&la=en-US&ja=0&acn=Mozilla&an=Netscape&pl=Linux%20x86_64&tz=0&sv&lv&le=0&url=https%3A%2F%2Fgoo.su%2FwbZfxfi&eid=1039918352879167&meta=%7Bis_first%3A%201%7D&stid=499640728_1651691835282&sn=1&sen=1&fid=pA8AAENKs1faD6gPAcBUKQA%3D&fip=pA8AAENKs1eYchmgAZGN%2FAA%3D
Requested by
Host: goo.su
URL: https://goo.su/wbZfxfi
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
81.19.89.16 Moscow, Russian Federation, ASN24638 (RAMBLER-TELECOM-AS, RU),
Reverse DNS
kraken.rambler.ru
Software
nginx/1.19.4 /
Resource Hash
86d9d7d32ba3d9eb9fbea6508c725c17c44f80d6a7d16ca1fa79a85c4b632e91

Request headers

accept-language
is-IS,is;q=0.9
Referer
https://goo.su/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Wed, 04 May 2022 19:17:16 GMT
last-modified
Tue, 12 Nov 2019 12:50:59 GMT
x-srv
1node0043.top100.rambler.tech
etag
"5dcaaab3-253"
access-control-allow-methods
GET, POST, OPTIONS
p3p
CP="NON DSP NID ADMa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
access-control-allow-credentials
true
accept-ranges
bytes
content-type
image/gif
access-control-allow-headers
content-type
content-length
595
server
nginx/1.19.4
event_confirmation
an.yandex.ru/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://an.yandex.ru/event_confirmation
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.180.193.90 , Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
bs.yandex.ru
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://goo.su
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://goo.su
access-control-max-age
1728000
content-encoding
gzip
date
Wed, 04 May 2022 19:17:17 GMT
p3p
CP="NOI DEVa TAIa OUR BUS UNI STA"
strict-transport-security
max-age=31536000
timing-allow-origin
*
x-xss-protection
1; mode=block
event_confirmation
an.yandex.ru/ 		0
51 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://an.yandex.ru/event_confirmation
Requested by
Host: an.yandex.ru
URL: https://an.yandex.ru/system/context.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.180.193.90 , Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
bs.yandex.ru
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Referer
https://goo.su/
accept-language
is-IS,is;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type
application/json

Response headers

pragma
no-cache
date
Wed, 04 May 2022 19:17:17 GMT
content-encoding
gzip
last-modified
Wed, 04 May 2022 19:17:17 GMT
strict-transport-security
max-age=31536000
p3p
CP="NOI DEVa TAIa OUR BUS UNI STA"
access-control-allow-origin
https://goo.su
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*
x-xss-protection
1; mode=block
expires
Wed, 04 May 2022 19:17:17 GMT
watch.js
mc.yandex.ru/metrika/ 		139 KB
50 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.ru/metrika/watch.js
Requested by
Host: an.yandex.ru
URL: https://an.yandex.ru/system/context.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
93.158.134.119 , Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
mc.yandex.ru
Software
/
Resource Hash
32212fbe1d9e9032b73c42b3da4c24ec8c8453de0d323222c881d03c7fabffce
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://goo.su/
Origin
https://goo.su
accept-language
is-IS,is;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Wed, 04 May 2022 19:17:17 GMT
content-encoding
br
last-modified
Mon, 18 Apr 2022 12:16:58 GMT
etag
"625d2c8a-c556"
strict-transport-security
max-age=31536000
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600
content-length
50518
expires
Wed, 04 May 2022 20:17:17 GMT
413980
an.yandex.ru/meta/ 		152 KB
47 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://an.yandex.ru/meta/413980?target-ref=https%3A%2F%2Fgoo.su%2FwbZfxfi&charset=utf-8&pcode-test-ids=568461%2C0%2C74%3B406668%2C0%2C99%3B574104%2C0%2C-1%3B203896%2C0%2C8&pcode-flags-map=eJyVV02P2zYQ%2FSuFz0ZBUZQo5UZJtE2EIhWSstcJAmLbuqdFUaRJUCDIf%2B9Qkj9ke%2BntHuw1oPc4fDPzZvRjwRWrJPe1bnht%2FW4jHJfCusW7Tz8W359fvh0W7xbO9HyxXHw9%2FPNV%2FAG%2FCS5RVi5%2Bfl4uGmEHfMNXrJfOuw1vuedt5%2Fa%2B6Q1zQquHXDQduFreCOZXAugq4QDLfWeENgK4Vqx22syY0K8o%2FCU3bGRg22rZQyhV75xWninR3gYzXv6GgA4EvRIrbQD1FsioRr1hag1iSlG%2FBymM7tcbL%2FVa1DMOuAtEcgzteMcZZ4opxgPnlKBtV05JistJEloml8CzqpBe4Ta%2BtTz8dNz4XjXwyarGayX3D4gzgidlmYVLqbXnT51fSQb%2FXB%2Fl3b67yZ4HOaFQrDC8OWY4fiZN8yR95cwHh82Ik2tWnJ9Yp9g3WvF9px0o4W3LpPQdNzVX8U7IEMHpKLfhH3pund%2B2DCI0uvV7BvI%2BedPHKTBN8XhJu9E7L1nF5TmKsUjiDClKUHm6kO3Nlu%2BhWNSWG%2BhI7RXfedbUhkMHbPn0wIxyKxqu55xJXiQnzhu0B2573U7f8zIp%2F4TLxIhCUMJC2Qm10l4K9T5%2BOai6NLvO1hSElg0w%2BlNsQkFVKyZ9q5texosryzKU0hNx0KgOgoNeU386%2FvQg%2B0BRkMtm65Xtu04bBxUuNQvdZWsjOuetqf2OGSXU%2BgEnzQj93zUPnbWRc2tIgjvOqPOUkuJE3erxlkxIQNc6fHZMcge%2Bq1g7V0%2BK9cb5aj3joymi59RYNxrVncLIKHRcOcdC1R8bp4P0jX1zbCK2ckOFGC1lXC5KSTI2M2tW%2Bsm3oPNWWFEJGYSBCw5uPCM5%2FPv33MBpmqKj509pC4qytrvEff3y7TCDFWk5wcBSrQ0BX2NuzzqB7sZbQcg7xWf29Qk6KMd0iTMYuxl8FUWRLNOMJEWxxGmZpeErQzRf4pwQki4xwpD94yMpKvMc4BSVKAE4JaT4PDPEMkHJFJO3nCuvK%2BjQ7TyMxeGv599eDvMxleNyLNaVgLvA%2FTd8qBTl4jKQLJ3G1EeuMOQ9zIW18jjxH1IoJd75NEqQYVyOrtlB99fOG1eB%2FuAnPIqjuMzGiGvdq8EenzYmCiloMU2%2Bk6P7RrdMqBgM8oHTacwEdw3FUeu20n7VSwmuADpH8QmMBXTStjL6PSQGdPVrI5o4kmZFfjdgD%2FuaM6KKwqF28vG%2BO9GsuQuRd2H3iKJSkiT0nNFwSdg3Glg4YPNax7EkIQU6Y49LZaVNaEXDGtHbX97IsGfhtuM1PZM7trdxZHpcmJpVMCDbaQXt7ETLdT%2F3f3xtqISgdFRq0CfMXHu9MtyclwHNhQEYHhzneF7w%2BjicUIpv4WIVBuEu2PCjunqF4RjAlsl%2Blq0U3Uef3hxCTQvVQZI9M2387DyZuvbhInANzRAi47CRHOYojC8Dw4YZwa4Ex9ewKb1XXWg4jOMG5vQb2zGsC1OumbFh2XXsXC7cGBgYsOpfcmQzfIEImgxrmtpg9lvBd2FfiB6d03yaGVZ8hEnDlYXDzlMjCqYoz9AkAOw4CqZ%2BDa8Col3HYRgOvagS9ISgwlgX9qx4isuyKK6Aw4I2h%2F3%2Bcnj%2BMhc4ySdntraDXaze8CDovT08m5UkzZKSTJaurGiGkhrKkUt4G1XOhqw74QZLafavKXe7W8BkHTWAXRxW6VZbJupAZjesgV0dTDUuIkzl8vZlbGSzcRM%2FY8Nka3Q%2FNNvwZvnII87Qi%2FeBHRMOls9hsVkJE5YsZXeg1d3XdCgTqDM3L8MC2vfV1SW2KaE8z8eaWBtW4XjwJEHk%2FKwPJT%2FLfYJR7Pk7xp1kdxE%2F%2FwPU2OX7&price-disabled-formats=adaptive0418%0Aadaptive%0AmodernAdaptive%0Ahorizontal%0Ahorizontal0318%0Agrid%0A160x600%0A240x400%0A200x300%0A300x300%0A300x250%0A250x250%0A728x90%0A1000x120%0A320x50%0A320x100%0A400x240%0A320x480%0A480x320%0A336x280%0A300x600%0A300x500%0A970x250%0A970x90%0AposterVertical%0AposterHorizontal%0AadaptiveConstructor%0AhorizontalSD%0Afullscreen%0Afullscreen_grid%0Asmart_tile%0Asmart_mosaic%0Anative&pcode-icookie=gpHm8rNAyg7yh1jyOm8cbcX5odpKkCQbWwwU0udHczBlV5mmCQEtGcaI%2BvTgisuyd6rPZq0C7Tjbd3HWKfWD3O2gJ1U%3D&imp-id=15&enable-flat-highlight=1&comboblock-unencoded-vast=1&test-tag=243593365159938&ad-session-id=1748511651691835612&target-id=86787117&tga-with-creatives=1&top-ancestor=https%3A%2F%2Fgoo.su&top-ancestor-undetermined=0&pcode-version=575931&pcodever=575931&flash-ver=0&available-width=145&skip-token=yabs.NzIwNTc2MDU5MzYxMTEzNzkKNzIwNTc2MDYwMzYxMjU2NzIKNzIwNTc2MDYwMzU2MTYxNDMKNzIwNTc2MDU3MzAzMDk2ODI%3D&layout-config=%7B%22win_width%22%3A1600%2C%22win_height%22%3A1200%2C%22pixel_ratio%22%3A1%2C%22bandwidth%22%3A10%2C%22w%22%3A1600%2C%22h%22%3A1200%2C%22width%22%3A145%2C%22height%22%3A0%2C%22visible%22%3A1%2C%22left%22%3A728%2C%22top%22%3A326%2C%22fontFamily%22%3A%22roboto%22%2C%22ad_no%22%3A4%2C%22req_no%22%3A1%7D&grab-orig-len=388&grab=eyJncmFiX3ZlcnNpb24iOjIsImlzX2FzeW5jIjoxLCJvbGRfZ3JhYl9zaXplIjo2M30Kgq6-sTvP80MY6qkQlq_0SG_UqDvwLSsipVu2aodoGghb5Glaf0e7DYcTZo4H-ri1F2c9XpKkLj6sc5LBfReeIH2YcMncQ6adR3hDvr0wQ4dcmEtcLrMTLhNYS1VXqWrMOw4iF26xH0MyBk6mG99o7ucw0_iQIlSDR3xGfFmTEnNJuRgqedTEnMVuvOYTfXLuKlQvlRzr8kQWa9aq-4nVbDhMi-fn7FPO7KzzzR77LC6ExtzimZGJ7NHpjQf-EVS0zVf-tXhBs1Hr_Vn91gU8tDKlMpPWhNwBRov2K6BoA4FAREaSemQGsI3CREUDKfg%3D&uniformat=true&callback=Ya%5B2379515003245%5D
Requested by
Host: an.yandex.ru
URL: https://an.yandex.ru/system/context.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.180.193.90 , Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
bs.yandex.ru
Software
/
Resource Hash
914589bd94899b3290639361c715d564515e87bce364dc3234b82b17b62f3062
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Referer
https://goo.su/
accept-language
is-IS,is;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Wed, 04 May 2022 19:17:16 GMT
content-encoding
gzip
ssr
true
x-yandex-req-id
1651691836767080-1297663286497693806300184-production-app-host-vla-pcode-48
p3p
CP="NOI DEVa TAIa OUR BUS UNI STA"
uniformat-product-type
Direct
x-xss-protection
1; mode=block
pragma
no-cache
last-modified
Wed, 04 May 2022 19:17:16 GMT
strict-transport-security
max-age=31536000
content-type
application/json
access-control-allow-origin
https://goo.su
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*
uniformat
true
expires
Wed, 04 May 2022 19:17:16 GMT
KFOmCnqEu92Fr1Mu5mxKOzY.woff2
fonts.gstatic.com/s/roboto/v29/ 		9 KB
10 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v29/KFOmCnqEu92Fr1Mu5mxKOzY.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.35 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f3.1e100.net
Software
sffe /
Resource Hash
8dd3b91ca60e6a0486326c5c275590dd1d753240c2efa9f94730815813997fee
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://goo.su
accept-language
is-IS,is;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Fri, 29 Apr 2022 07:29:47 GMT
x-content-type-options
nosniff
age
474449
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9688
x-xss-protection
0
last-modified
Wed, 22 Sep 2021 16:13:21 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Sat, 29 Apr 2023 07:29:47 GMT
x300
avatars.mds.yandex.net/get-direct/4507634/bfBoJJ-Y_itiy1XLAvjTkA/ 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://avatars.mds.yandex.net/get-direct/4507634/bfBoJJ-Y_itiy1XLAvjTkA/x300
Requested by
Host: goo.su
URL: https://goo.su/wbZfxfi
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
87.250.247.184 , Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
avatars.mds.yandex.net
Software
nginx /
Resource Hash
b0c84a02fcbbf94b045e9304f22023336c7dd101978f0612483b7ae79ed00dd6

Request headers

accept-language
is-IS,is;q=0.9
Referer
https://goo.su/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Wed, 04 May 2022 19:17:17 GMT
last-modified
Thu, 21 Oct 2021 13:58:30 GMT
server
nginx
nel
{"report_to": "network-errors", "max_age": 600, "success_fraction": 0.001, "failure_fraction": 0.01}
report-to
{"group": "network-errors", "max_age": 600, "endpoints": [ { "url": "https://dr.yandex.net/s3_nel"}]}
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=31536000,immutable
access-control-allow-credentials
true
timing-allow-origin
*
content-length
14432
x-request-id
ee2006f3eeffc7a5
wy300
avatars.mds.yandex.net/get-direct/5285657/vAixIMJhHq6jW66DTa-omQ/ 		19 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://avatars.mds.yandex.net/get-direct/5285657/vAixIMJhHq6jW66DTa-omQ/wy300
Requested by
Host: goo.su
URL: https://goo.su/wbZfxfi
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
87.250.247.184 , Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
avatars.mds.yandex.net
Software
nginx /
Resource Hash
8dce942aed6b0f06544ff62330985f597c209d708a97c4fa282e5ae9b69dcf73

Request headers

accept-language
is-IS,is;q=0.9
Referer
https://goo.su/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Wed, 04 May 2022 19:17:17 GMT
last-modified
Fri, 15 Apr 2022 09:28:06 GMT
server
nginx
nel
{"report_to": "network-errors", "max_age": 600, "success_fraction": 0.001, "failure_fraction": 0.01}
report-to
{"group": "network-errors", "max_age": 600, "endpoints": [ { "url": "https://dr.yandex.net/s3_nel"}]}
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=31536000,immutable
access-control-allow-credentials
true
timing-allow-origin
*
content-length
18944
x-request-id
2d7afc17fea01640
x300
avatars.mds.yandex.net/get-direct/3602877/zWw-kAOw4dwfQ3N2kXuGDQ/ 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://avatars.mds.yandex.net/get-direct/3602877/zWw-kAOw4dwfQ3N2kXuGDQ/x300
Requested by
Host: goo.su
URL: https://goo.su/wbZfxfi
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
87.250.247.184 , Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
avatars.mds.yandex.net
Software
nginx /
Resource Hash
245fc66706a491bda261ca725bd2667395300fce2836fd21c68d3fd9bbb516e4

Request headers

accept-language
is-IS,is;q=0.9
Referer
https://goo.su/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Wed, 04 May 2022 19:17:17 GMT
last-modified
Fri, 15 Apr 2022 07:16:44 GMT
server
nginx
nel
{"report_to": "network-errors", "max_age": 600, "success_fraction": 0.001, "failure_fraction": 0.01}
report-to
{"group": "network-errors", "max_age": 600, "endpoints": [ { "url": "https://dr.yandex.net/s3_nel"}]}
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=31536000,immutable
access-control-allow-credentials
true
timing-allow-origin
*
content-length
9858
x-request-id
be95efefd3c66197
x300
avatars.mds.yandex.net/get-direct/3602877/w4dhNaqT-WEJhVbDwUsbeA/ 		24 KB
25 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://avatars.mds.yandex.net/get-direct/3602877/w4dhNaqT-WEJhVbDwUsbeA/x300
Requested by
Host: goo.su
URL: https://goo.su/wbZfxfi
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
87.250.247.184 , Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
avatars.mds.yandex.net
Software
nginx /
Resource Hash
99ce12c620cad2a285992997f19b060be8b537a8505b90a8dc91fa0e6e87345a

Request headers

accept-language
is-IS,is;q=0.9
Referer
https://goo.su/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Wed, 04 May 2022 19:17:17 GMT
last-modified
Fri, 04 Feb 2022 08:45:45 GMT
server
nginx
nel
{"report_to": "network-errors", "max_age": 600, "success_fraction": 0.001, "failure_fraction": 0.01}
report-to
{"group": "network-errors", "max_age": 600, "endpoints": [ { "url": "https://dr.yandex.net/s3_nel"}]}
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=31536000,immutable
access-control-allow-credentials
true
timing-allow-origin
*
content-length
24902
x-request-id
39a351a7af18c52b
render.html
yastatic.net/safeframe-bundles/0.83/1-1-0/ Frame C70F 		24 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://yastatic.net/safeframe-bundles/0.83/1-1-0/render.html
Requested by
Host: yastatic.net
URL: https://yastatic.net/safeframe-bundles/0.83/host.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
178.154.131.216 , Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
static.yandex.net
Software
nginx/1.17.9 /
Resource Hash
9c911ab93cf6099aeeddb19cb1903d0ef838329443c3a0549c754da47f90a70a
Security Headers
Name Value
Strict-Transport-Security max-age=43200000; includeSubDomains;

Request headers

Referer
https://goo.su/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language
is-IS,is;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
cache-control
public, max-age=946708560
content-encoding
br
content-length
6262
content-type
text/html
date
Wed, 04 May 2022 19:17:17 GMT
etag
"eb77de48712912aadc9aa8171ac75ede"
expires
Sat, 04 May 2052 01:51:39 GMT
last-modified
Wed, 03 Nov 2021 13:42:58 GMT
nel
{"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
report-to
{ "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
server
nginx/1.17.9
strict-transport-security
max-age=43200000; includeSubDomains;
timing-allow-origin
*
vary
Accept-Encoding
x-robots-tag
noindex, noarchive, nofollow
event_confirmation
an.yandex.ru/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://an.yandex.ru/event_confirmation
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.180.193.90 , Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
bs.yandex.ru
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://goo.su
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://goo.su
access-control-max-age
1728000
content-encoding
gzip
date
Wed, 04 May 2022 19:17:17 GMT
p3p
CP="NOI DEVa TAIa OUR BUS UNI STA"
strict-transport-security
max-age=31536000
timing-allow-origin
*
x-xss-protection
1; mode=block
event_confirmation
an.yandex.ru/ 		0
287 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://an.yandex.ru/event_confirmation
Requested by
Host: an.yandex.ru
URL: https://an.yandex.ru/system/context.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.180.193.90 , Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
bs.yandex.ru
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Referer
https://goo.su/
accept-language
is-IS,is;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type
application/json

Response headers

pragma
no-cache
date
Wed, 04 May 2022 19:17:17 GMT
content-encoding
gzip
last-modified
Wed, 04 May 2022 19:17:17 GMT
strict-transport-security
max-age=31536000
p3p
CP="NOI DEVa TAIa OUR BUS UNI STA"
access-control-allow-origin
https://goo.su
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*
x-xss-protection
1; mode=block
expires
Wed, 04 May 2022 19:17:17 GMT
event_confirmation
an.yandex.ru/ 		0
51 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://an.yandex.ru/event_confirmation
Requested by
Host: an.yandex.ru
URL: https://an.yandex.ru/system/context.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.180.193.90 , Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
bs.yandex.ru
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Referer
https://goo.su/
accept-language
is-IS,is;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type
application/json

Response headers

pragma
no-cache
date
Wed, 04 May 2022 19:17:17 GMT
content-encoding
gzip
last-modified
Wed, 04 May 2022 19:17:17 GMT
strict-transport-security
max-age=31536000
p3p
CP="NOI DEVa TAIa OUR BUS UNI STA"
access-control-allow-origin
https://goo.su
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*
x-xss-protection
1; mode=block
expires
Wed, 04 May 2022 19:17:17 GMT
y300
avatars.mds.yandex.net/get-direct/5260562/8XL_G3Hv71HVHDyX2GPZGg/ 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://avatars.mds.yandex.net/get-direct/5260562/8XL_G3Hv71HVHDyX2GPZGg/y300
Requested by
Host: goo.su
URL: https://goo.su/wbZfxfi
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
87.250.247.184 , Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
avatars.mds.yandex.net
Software
nginx /
Resource Hash
46eeadf1c1710ab1088fcde1b36f7a004a9942759bc6e2bcb936204c2c777c2c

Request headers

accept-language
is-IS,is;q=0.9
Referer
https://goo.su/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Wed, 04 May 2022 19:17:17 GMT
last-modified
Thu, 17 Mar 2022 08:12:56 GMT
server
nginx
nel
{"report_to": "network-errors", "max_age": 600, "success_fraction": 0.001, "failure_fraction": 0.01}
report-to
{"group": "network-errors", "max_age": 600, "endpoints": [ { "url": "https://dr.yandex.net/s3_nel"}]}
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=31536000,immutable
access-control-allow-credentials
true
timing-allow-origin
*
content-length
10224
x-request-id
cfedd6cf7c71b16
x450
avatars.mds.yandex.net/get-direct/4422678/Oq65Sb22xJS3azHAMYGrLw/ 		23 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://avatars.mds.yandex.net/get-direct/4422678/Oq65Sb22xJS3azHAMYGrLw/x450
Requested by
Host: goo.su
URL: https://goo.su/wbZfxfi
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
87.250.247.184 , Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
avatars.mds.yandex.net
Software
nginx /
Resource Hash
6986582e0e0f88648015fc0565448b0fd25733ea701a59af7303c9322bf175d0

Request headers

accept-language
is-IS,is;q=0.9
Referer
https://goo.su/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Wed, 04 May 2022 19:17:17 GMT
last-modified
Thu, 24 Feb 2022 20:10:06 GMT
server
nginx
nel
{"report_to": "network-errors", "max_age": 600, "success_fraction": 0.001, "failure_fraction": 0.01}
report-to
{"group": "network-errors", "max_age": 600, "endpoints": [ { "url": "https://dr.yandex.net/s3_nel"}]}
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=31536000,immutable
access-control-allow-credentials
true
timing-allow-origin
*
content-length
23168
x-request-id
d686c1ddbf15e02e
wy300
avatars.mds.yandex.net/get-direct/4486906/sWFBJHSSlc-0R1g1I1_JUQ/ 		30 KB
31 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://avatars.mds.yandex.net/get-direct/4486906/sWFBJHSSlc-0R1g1I1_JUQ/wy300
Requested by
Host: goo.su
URL: https://goo.su/wbZfxfi
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
87.250.247.184 , Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
avatars.mds.yandex.net
Software
nginx /
Resource Hash
1310f5b8e0fa4910a333cd4c065ff152be6b73fde5a7b53a7fa5578175481f3b

Request headers

accept-language
is-IS,is;q=0.9
Referer
https://goo.su/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Wed, 04 May 2022 19:17:17 GMT
last-modified
Sat, 19 Jun 2021 08:00:21 GMT
server
nginx
nel
{"report_to": "network-errors", "max_age": 600, "success_fraction": 0.001, "failure_fraction": 0.01}
report-to
{"group": "network-errors", "max_age": 600, "endpoints": [ { "url": "https://dr.yandex.net/s3_nel"}]}
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=31536000,immutable
access-control-allow-credentials
true
timing-allow-origin
*
content-length
31034
x-request-id
5a767cd3c618b491
event_confirmation
an.yandex.ru/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://an.yandex.ru/event_confirmation
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.180.193.90 , Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
bs.yandex.ru
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://goo.su
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://goo.su
access-control-max-age
1728000
content-encoding
gzip
date
Wed, 04 May 2022 19:17:17 GMT
p3p
CP="NOI DEVa TAIa OUR BUS UNI STA"
strict-transport-security
max-age=31536000
timing-allow-origin
*
x-xss-protection
1; mode=block
event_confirmation
an.yandex.ru/ 		0
51 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://an.yandex.ru/event_confirmation
Requested by
Host: an.yandex.ru
URL: https://an.yandex.ru/system/context.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.180.193.90 , Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
bs.yandex.ru
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Referer
https://goo.su/
accept-language
is-IS,is;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type
application/json

Response headers

pragma
no-cache
date
Wed, 04 May 2022 19:17:17 GMT
content-encoding
gzip
last-modified
Wed, 04 May 2022 19:17:17 GMT
strict-transport-security
max-age=31536000
p3p
CP="NOI DEVa TAIa OUR BUS UNI STA"
access-control-allow-origin
https://goo.su
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*
x-xss-protection
1; mode=block
expires
Wed, 04 May 2022 19:17:17 GMT
event_confirmation
an.yandex.ru/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://an.yandex.ru/event_confirmation
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.180.193.90 , Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
bs.yandex.ru
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://goo.su
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://goo.su
access-control-max-age
1728000
content-encoding
gzip
date
Wed, 04 May 2022 19:17:17 GMT
p3p
CP="NOI DEVa TAIa OUR BUS UNI STA"
strict-transport-security
max-age=31536000
timing-allow-origin
*
x-xss-protection
1; mode=block
d.png
ysa-static.passport.yandex.ru/static/1/d959d7e39d5067fad30d9c06204866e9/ Frame C70F 		95 B
400 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ysa-static.passport.yandex.ru/static/1/d959d7e39d5067fad30d9c06204866e9/d.png?ex=yes
Requested by
Host: goo.su
URL: https://goo.su/wbZfxfi
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
87.250.250.114 , Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
ysa-static.passport.yandex.net
Software
nginx/1.14.2 /
Resource Hash
18c327afa903633f86c3efcf12b77f098077eacaa8be101bb007846fd74f8b93
Security Headers
Name Value
Strict-Transport-Security max-age=315360000; includeSubDomains

Request headers

accept-language
is-IS,is;q=0.9
Referer
https://yastatic.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Date
Wed, 04 May 2022 19:17:18 GMT
Server
nginx/1.14.2
Strict-Transport-Security
max-age=315360000; includeSubDomains
X-RT-IH
0.0002
Content-Type
image/png
Cache-Control
private
Connection
close
X-RT-IQ
0.0002
Content-Length
95
Expires
Thu, 05 May 2022 19:17:18 GMT
ct_sync.php
sync.magnitent.com/fbfli/ Frame C70F
Redirect Chain
  • https://sonar.semantiqo.com/dmp/scr.php
  • https://counter.yadro.ru/id127/reff-id.gif?sid=2a035a65230a40bd96f7d043664e6483
  • https://sonar.semantiqo.com/fbfli/data_sess_sync.php?spid=1632359CEC9984A0&sid=2a035a65230a40bd96f7d043664e6483
  • https://cdn3.caltat.com/fbfc504c-89b0-4a80-bef4-c8e39daeee6f/sess.php?sid=2a035a65230a40bd96f7d043664e6483&spid=1632359CEC9984A0&v=
  • https://sync.magnitent.com/fbfli/ct_sync.php?ct=f5169240b838469b8c58ce988aafd775&sonar=2a035a65230a40bd96f7d043664e6483&spid=1632359CEC9984A0&v=
0
677 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.magnitent.com/fbfli/ct_sync.php?ct=f5169240b838469b8c58ce988aafd775&sonar=2a035a65230a40bd96f7d043664e6483&spid=1632359CEC9984A0&v=
Protocol
H2
Server
95.217.109.66 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.66.109.217.95.clients.your-server.de
Software
nginx/1.20.1 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
is-IS,is;q=0.9
Referer
https://yastatic.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

access-control-allow-origin
*, *
date
Wed, 04 May 2022 19:17:18 GMT
mode
no-cors, no-cors
server
nginx/1.20.1
cache-control
no-cache, no-cache
content-encoding
gzip
content-type
text/html; charset=UTF-8

Redirect headers

location
https://sync.magnitent.com/fbfli/ct_sync.php?ct=f5169240b838469b8c58ce988aafd775&sonar=2a035a65230a40bd96f7d043664e6483&spid=1632359CEC9984A0&v=
date
Wed, 04 May 2022 19:17:18 GMT
mode
no-cors
server
nginx/1.20.1
access-control-allow-origin
*
content-type
text/html; charset=UTF-8
sync.cgi
ssp.adriver.ru/cgi-bin/ Frame C70F 		42 B
201 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssp.adriver.ru/cgi-bin/sync.cgi?dsp_id=109
Requested by
Host: goo.su
URL: https://goo.su/wbZfxfi
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
81.222.128.215 , Russian Federation, ASN20597 (ELTEL-AS, RU),
Reverse DNS
ad15.adriver.ru
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
is-IS,is;q=0.9
Referer
https://yastatic.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Date
Wed, 04 May 2022 19:17:17 GMT
Server
nginx
Connection
keep-alive
Transfer-Encoding
chunked
Content-Type
image/gif
iPiyH3BAQRbNtL577pjw
an.yandex.ru/mapuid/dmpamberdata/ Frame C70F
Redirect Chain
  • https://dmg.digitaltarget.ru/1/119/i/i?i=1651691835
  • https://dmg.digitaltarget.ru/awg/custom/119/i/i?call_source=awg&i=1651691835
  • https://an.yandex.ru/mapuid/dmpamberdata/iPiyH3BAQRbNtL577pjw
43 B
80 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://an.yandex.ru/mapuid/dmpamberdata/iPiyH3BAQRbNtL577pjw
Protocol
H2
Server
213.180.193.90 , Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
bs.yandex.ru
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

accept-language
is-IS,is;q=0.9
Referer
https://yastatic.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 04 May 2022 19:17:18 GMT
content-encoding
gzip
last-modified
Wed, 04 May 2022 19:17:18 GMT
p3p
CP="NOI DEVa TAIa OUR BUS UNI STA"
strict-transport-security
max-age=31536000
content-type
image/gif; charset=utf-8
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin
*
x-xss-protection
1; mode=block
expires
Wed, 04 May 2022 19:17:18 GMT

Redirect headers

Date
Wed, 04 May 2022 19:17:18 GMT
Referrer-Policy
origin-when-cross-origin, strict-origin-when-cross-origin
Server
nginx
X-Frame-Options
DENY
Access-Control-Allow-Methods
GET, POST, OPTIONS
Location
https://an.yandex.ru/mapuid/dmpamberdata/iPiyH3BAQRbNtL577pjw
X-XSS-Protection
1; mode=block
X-Permitted-Cross-Domain-Policies
master-only
Access-Control-Allow-Credentials
true
Access-Control-Max-Age
86400
Connection
keep-alive
Request-Time
34
Content-Length
0
X-Content-Type-Options
nosniff
rGpOkCt9yxn6
an.yandex.ru/mapuid/dmpsegmento/ Frame C70F
Redirect Chain
  • https://yandex-dmp-sync.rutarget.ru/sync
  • https://an.yandex.ru/mapuid/dmpsegmento/rGpOkCt9yxn6?sign=1942686744
43 B
80 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://an.yandex.ru/mapuid/dmpsegmento/rGpOkCt9yxn6?sign=1942686744
Requested by
Host: goo.su
URL: https://goo.su/wbZfxfi
Protocol
H2
Server
213.180.193.90 , Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
bs.yandex.ru
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

accept-language
is-IS,is;q=0.9
Referer
https://yastatic.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 04 May 2022 19:17:17 GMT
content-encoding
gzip
last-modified
Wed, 04 May 2022 19:17:17 GMT
p3p
CP="NOI DEVa TAIa OUR BUS UNI STA"
strict-transport-security
max-age=31536000
content-type
image/gif; charset=utf-8
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin
*
x-xss-protection
1; mode=block
expires
Wed, 04 May 2022 19:17:17 GMT

Redirect headers

Location
https://an.yandex.ru/mapuid/dmpsegmento/rGpOkCt9yxn6?sign=1942686744
Date
Wed, 04 May 2022 19:17:17 GMT
Server
nginx
Connection
close
Content-Length
0
P3P
CP="This is not a P3P policy. Please visit http://rutarget.ru/p3p/ to get more information."
Zqq9RdQFehSq
an.yandex.ru/mapuid/rutargetis/ Frame C70F
Redirect Chain
  • https://yandex-sync.rutarget.ru/sync
  • https://an.yandex.ru/mapuid/rutargetis/Zqq9RdQFehSq
43 B
80 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://an.yandex.ru/mapuid/rutargetis/Zqq9RdQFehSq
Protocol
H2
Server
213.180.193.90 , Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
bs.yandex.ru
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

accept-language
is-IS,is;q=0.9
Referer
https://yastatic.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 04 May 2022 19:17:17 GMT
content-encoding
gzip
last-modified
Wed, 04 May 2022 19:17:17 GMT
p3p
CP="NOI DEVa TAIa OUR BUS UNI STA"
strict-transport-security
max-age=31536000
content-type
image/gif; charset=utf-8
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin
*
x-xss-protection
1; mode=block
expires
Wed, 04 May 2022 19:17:17 GMT

Redirect headers

Location
https://an.yandex.ru/mapuid/rutargetis/Zqq9RdQFehSq
Date
Wed, 04 May 2022 19:17:17 GMT
Server
nginx
Connection
close
Content-Length
0
P3P
CP="This is not a P3P policy. Please visit http://rutarget.ru/p3p/ to get more information."
004P4TpLd%2FZlF5qro3CDMQ
an.yandex.ru/mapuid/dmpaidatame/ Frame C70F
Redirect Chain
  • https://x01.aidata.io/0.gif?pid=YANDEX
  • https://x01.aidata.io/0.gif?pid=YANDEX&bounce=1
  • https://an.yandex.ru/mapuid/dmpaidatame/004P4TpLd%2FZlF5qro3CDMQ?sign=252846578
43 B
152 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://an.yandex.ru/mapuid/dmpaidatame/004P4TpLd%2FZlF5qro3CDMQ?sign=252846578
Protocol
H2
Server
213.180.193.90 , Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
bs.yandex.ru
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

accept-language
is-IS,is;q=0.9
Referer
https://yastatic.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 04 May 2022 19:17:18 GMT
content-encoding
gzip
last-modified
Wed, 04 May 2022 19:17:18 GMT
p3p
CP="NOI DEVa TAIa OUR BUS UNI STA"
strict-transport-security
max-age=31536000
content-type
image/gif; charset=utf-8
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin
*
x-xss-protection
1; mode=block
expires
Wed, 04 May 2022 19:17:18 GMT

Redirect headers

pragma
no-cache
date
Wed, 04 May 2022 19:17:17 GMT
last-modified
Wed, 04 May 2022 19:17:16 GMT
server
nginx
access-control-allow-methods
GET, POST
p3p
CP='NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA'
location
https://an.yandex.ru/mapuid/dmpaidatame/004P4TpLd%2FZlF5qro3CDMQ?sign=252846578
cache-control
no-cache, no-store, must-revalidate, post-check=0, pre-check=0
content-length
0
expires
Wed, 04 May 2022 19:17:16 GMT
d035ae81-cbde-11ec-ad67-f832e4719dd9
an.yandex.ru/mapuid/dmpcleverdata/ Frame C70F
Redirect Chain
  • https://sync.1dmp.io/pixel.gif?cid=3cbc2ec8-1421-4677-89fe-2ac6fc52a09a&pid=w&o=au
  • https://sync.1dmp.io/pixel.gif?cid=3cbc2ec8-1421-4677-89fe-2ac6fc52a09a&pid=w&o=au&cs=1
  • https://an.yandex.ru/mapuid/dmpcleverdata/d035ae81-cbde-11ec-ad67-f832e4719dd9?sign=687837124
43 B
80 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://an.yandex.ru/mapuid/dmpcleverdata/d035ae81-cbde-11ec-ad67-f832e4719dd9?sign=687837124
Protocol
H2
Server
213.180.193.90 , Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
bs.yandex.ru
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

accept-language
is-IS,is;q=0.9
Referer
https://yastatic.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 04 May 2022 19:17:18 GMT
content-encoding
gzip
last-modified
Wed, 04 May 2022 19:17:18 GMT
p3p
CP="NOI DEVa TAIa OUR BUS UNI STA"
strict-transport-security
max-age=31536000
content-type
image/gif; charset=utf-8
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin
*
x-xss-protection
1; mode=block
expires
Wed, 04 May 2022 19:17:18 GMT

Redirect headers

location
https://an.yandex.ru/mapuid/dmpcleverdata/d035ae81-cbde-11ec-ad67-f832e4719dd9?sign=687837124
date
Wed, 04 May 2022 19:17:17 GMT
cache-control
private, no-cache, no-store, no-cache=Set-Cookie, proxy-revalidate, private, no-cache, no-store, no-cache=Set-Cookie, proxy-revalidate
server
nginx
content-length
0
expires
0, 0
EY7oxvwy.8wuzO
an.yandex.ru/mapuid/dmpweborama/DemDa76/ Frame C70F
Redirect Chain
  • https://redirect.frontend.weborama.fr/redirect/standard?url=https://an.yandex.ru/mapuid/dmpweborama/{WEBO_CID}
  • https://redirect.frontend.weborama.fr/redirect/standard?url=https%3A%2F%2Fan.yandex.ru%2Fmapuid%2Fdmpweborama%2F%7BWEBO_CID%7D&bounce=1&random=3806164329
  • https://an.yandex.ru/mapuid/dmpweborama/DemDa76/EY7oxvwy.8wuzO
43 B
108 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://an.yandex.ru/mapuid/dmpweborama/DemDa76/EY7oxvwy.8wuzO
Requested by
Host: goo.su
URL: https://goo.su/wbZfxfi
Protocol
H2
Server
213.180.193.90 , Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
bs.yandex.ru
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

accept-language
is-IS,is;q=0.9
Referer
https://yastatic.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 04 May 2022 19:17:17 GMT
content-encoding
gzip
last-modified
Wed, 04 May 2022 19:17:17 GMT
p3p
CP="NOI DEVa TAIa OUR BUS UNI STA"
strict-transport-security
max-age=31536000
content-type
image/gif; charset=utf-8
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin
*
x-xss-protection
1; mode=block
expires
Wed, 04 May 2022 19:17:17 GMT

Redirect headers

pragma
no-cache
date
Wed, 04 May 2022 19:17:17 GMT
via
1.1 google
last-modified
Wed, 04 May 2022 19:17:17 GMT
server
Weborama Collect Frontend
location
https://an.yandex.ru/mapuid/dmpweborama/DemDa76/EY7oxvwy.8wuzO
p3p
CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Tue, 03 Jul 2001 06:00:00 GMT
000022d4-6272-d13c-2187-858a04c7757f
an.yandex.ru/mapuid/ramblerssp/ Frame C70F
Redirect Chain
  • https://profile.ssp.rambler.ru/sync3.302?pid=188
  • https://an.yandex.ru/mapuid/ramblerssp/000022d4-6272-d13c-2187-858a04c7757f
43 B
80 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://an.yandex.ru/mapuid/ramblerssp/000022d4-6272-d13c-2187-858a04c7757f
Requested by
Host: goo.su
URL: https://goo.su/wbZfxfi
Protocol
H2
Server
213.180.193.90 , Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
bs.yandex.ru
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

accept-language
is-IS,is;q=0.9
Referer
https://yastatic.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 04 May 2022 19:17:17 GMT
content-encoding
gzip
last-modified
Wed, 04 May 2022 19:17:17 GMT
p3p
CP="NOI DEVa TAIa OUR BUS UNI STA"
strict-transport-security
max-age=31536000
content-type
image/gif; charset=utf-8
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin
*
x-xss-protection
1; mode=block
expires
Wed, 04 May 2022 19:17:17 GMT

Redirect headers

date
Wed, 04 May 2022 19:17:17 GMT
server
nginx
strict-transport-security
max-age=0
p3p
policyref="/w3c/p3p.xml", CP="NON DSP COR CUR ADM DEV PSA PSD OUR UNR BUS UNI COM NAV INT DEM STA"
location
//an.yandex.ru/mapuid/ramblerssp/000022d4-6272-d13c-2187-858a04c7757f
x-passed
1bal1
content-type
application/x-javascript; charset=Windows-1251
content-length
0
demconf.jpg
dpm.demdex.net/ Frame C70F
Redirect Chain
  • https://an.yandex.ru/mapuid/adobedmp/
  • https://an.yandex.ru/mapuid/adobedmp/?redir-setuniq=1
  • https://dpm.demdex.net/ibs:dpid=423652&dpuuid=3E9ECA22E257F42D
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=423652&dpuuid=3E9ECA22E257F42D
42 B
945 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=423652&dpuuid=3E9ECA22E257F42D
Protocol
HTTP/1.1
Server
52.31.67.18 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-31-67-18.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
is-IS,is;q=0.9
Referer
https://yastatic.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

DCS
dcs-prod-irl1-2-v031-0d1e39784.edge-irl1.demdex.com UNKNOWN
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
NgNj8ZQmTKA=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Type
image/gif
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

DCS
dcs-prod-irl1-1-v031-0770276c3.edge-irl1.demdex.com UNKNOWN
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-TID
9eHC9xQfTpQ=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=423652&dpuuid=3E9ECA22E257F42D
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 UTC
ea9eae45112178b84948
an.yandex.ru/mapuid/dmphybridai/ Frame C70F
Redirect Chain
  • https://dm.hybrid.ai/yandexdmp-match
  • https://an.yandex.ru/mapuid/dmphybridai/ea9eae45112178b84948?sign=1479755435
43 B
80 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://an.yandex.ru/mapuid/dmphybridai/ea9eae45112178b84948?sign=1479755435
Protocol
H2
Server
213.180.193.90 , Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
bs.yandex.ru
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

accept-language
is-IS,is;q=0.9
Referer
https://yastatic.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 04 May 2022 19:17:18 GMT
content-encoding
gzip
last-modified
Wed, 04 May 2022 19:17:18 GMT
p3p
CP="NOI DEVa TAIa OUR BUS UNI STA"
strict-transport-security
max-age=31536000
content-type
image/gif; charset=utf-8
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin
*
x-xss-protection
1; mode=block
expires
Wed, 04 May 2022 19:17:18 GMT

Redirect headers

pragma
no-cache
date
Wed, 04 May 2022 19:17:18 GMT
server
Hybrid Web Server
location
https://an.yandex.ru/mapuid/dmphybridai/ea9eae45112178b84948?sign=1479755435
p3p
CP="NOI DSP COR CUR ADMa DEVo TAIo PSAo PSDo IVAo IVDo OUR IND COM NAV INT STA OTC"
access-control-allow-origin
*
cache-control
no-cache, no-store
x-mode
120
content-length
0
x-xss-protection
1; mode=block
expires
-1
5f3e04b7869816b834ca11325916d456b58c15522e116d74e658876b966e7116
an.yandex.ru/mapuid/mediascope/ Frame C70F
Redirect Chain
  • https://cm.tns-counter.ru/yacm
  • https://an.yandex.ru/mapuid/mediascope/5f3e04b7869816b834ca11325916d456b58c15522e116d74e658876b966e7116
43 B
80 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://an.yandex.ru/mapuid/mediascope/5f3e04b7869816b834ca11325916d456b58c15522e116d74e658876b966e7116
Protocol
H2
Server
213.180.193.90 , Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
bs.yandex.ru
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

accept-language
is-IS,is;q=0.9
Referer
https://yastatic.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 04 May 2022 19:17:18 GMT
content-encoding
gzip
last-modified
Wed, 04 May 2022 19:17:18 GMT
p3p
CP="NOI DEVa TAIa OUR BUS UNI STA"
strict-transport-security
max-age=31536000
content-type
image/gif; charset=utf-8
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin
*
x-xss-protection
1; mode=block
expires
Wed, 04 May 2022 19:17:18 GMT

Redirect headers

pragma
no-cache
date
Wed, 04 May 2022 19:17:18 GMT
server
ms-counter-3.3.5/1.20.2
content-type
text/html
location
https://an.yandex.ru/mapuid/mediascope/5f3e04b7869816b834ca11325916d456b58c15522e116d74e658876b966e7116
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0, no-cache=Set-Cookie, max-age=0, proxy-revalidate
timing-allow-origin
*
content-length
0
expires
Thu, 01 Jan 1970 00:00:01 GMT
003c8bda-9ab2-4607-adff-33b61d6edbd0
an.yandex.ru/mapuid/upravelis/ Frame C70F
Redirect Chain
  • https://sync.upravel.com/yandex/sync
  • https://sync.upravel.com/yandex/sync?session_tpt=eyJoZWFkZXJzIjp7InJlZmVyZXIiOlsiaHR0cHM6Ly95YXN0YXRpYy5uZXQvIl19fQ
  • https://003c8bda-9ab2-4607-adff-33b61d6edbd0.sync.upravel.com/yandex/sync?ud_tpt=eyJoZWFkZXJzIjp7InJlZmVyZXIiOlsiaHR0cHM6Ly95YXN0YXRpYy5uZXQvIiwiaHR0cHM6Ly95YXN0YXRpYy5uZXQvIl19fQ
  • https://an.yandex.ru/mapuid/upravelis/003c8bda-9ab2-4607-adff-33b61d6edbd0
43 B
80 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://an.yandex.ru/mapuid/upravelis/003c8bda-9ab2-4607-adff-33b61d6edbd0
Protocol
H2
Server
213.180.193.90 , Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
bs.yandex.ru
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

accept-language
is-IS,is;q=0.9
Referer
https://yastatic.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 04 May 2022 19:17:19 GMT
content-encoding
gzip
last-modified
Wed, 04 May 2022 19:17:19 GMT
p3p
CP="NOI DEVa TAIa OUR BUS UNI STA"
strict-transport-security
max-age=31536000
content-type
image/gif; charset=utf-8
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin
*
x-xss-protection
1; mode=block
expires
Wed, 04 May 2022 19:17:19 GMT

Redirect headers

date
Wed, 04 May 2022 19:17:18 GMT
server
nginx
location
https://an.yandex.ru/mapuid/upravelis/003c8bda-9ab2-4607-adff-33b61d6edbd0
access-control-allow-methods
GET, POST, OPTIONS
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
access-control-allow-origin
*
access-control-expose-headers
Content-Length,Content-Range
access-control-allow-credentials
false
content-type
image/png
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
content-length
0
spacer.gif
an.yandex.ru/resource/ Frame C70F
Redirect Chain
  • https://an.yandex.ru/mapuid/google/?partner-tag=yandex_llc
  • https://an.yandex.ru/mapuid/google/?redir-setuniq=1&partner-tag=yandex_llc
  • https://cm.g.doubleclick.net/pixel?google_nid=yandex_llc&google_hm=96BFFFC04EEFD666&google_redir=https%3A%2F%2Fan.yandex.ru%2Fresource%2Fspacer.gif
  • https://cm.g.doubleclick.net/pixel?google_nid=yandex_llc&google_hm=96BFFFC04EEFD666&google_redir=https%3A%2F%2Fan.yandex.ru%2Fresource%2Fspacer.gif&google_tc=
  • https://an.yandex.ru/resource/spacer.gif
43 B
78 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://an.yandex.ru/resource/spacer.gif
Protocol
H2
Server
213.180.193.90 , Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
bs.yandex.ru
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

accept-language
is-IS,is;q=0.9
Referer
https://yastatic.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 04 May 2022 19:17:18 GMT
content-encoding
gzip
last-modified
Wed, 18 Apr 2001 10:28:03 GMT
strict-transport-security
max-age=31536000
p3p
CP="NOI DEVa TAIa OUR BUS UNI STA"
content-type
image/gif
x-xss-protection
1; mode=block
expires
Wed, 19 Apr 2023 19:17:18 GMT

Redirect headers

pragma
no-cache
date
Wed, 04 May 2022 19:17:18 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://an.yandex.ru/resource/spacer.gif
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
237
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
spacer.gif
an.yandex.ru/resource/ Frame C70F
Redirect Chain
  • https://an.yandex.ru/mapuid/google/?partner-tag=yandexcom
  • https://an.yandex.ru/mapuid/google/?redir-setuniq=1&partner-tag=yandexcom
  • https://cm.g.doubleclick.net/pixel?google_nid=yandexcom&google_hm=36CEF03F82831F47&google_redir=https%3A%2F%2Fan.yandex.ru%2Fresource%2Fspacer.gif
  • https://cm.g.doubleclick.net/pixel?google_nid=yandexcom&google_hm=36CEF03F82831F47&google_redir=https%3A%2F%2Fan.yandex.ru%2Fresource%2Fspacer.gif&google_tc=
  • https://an.yandex.ru/resource/spacer.gif
43 B
78 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://an.yandex.ru/resource/spacer.gif
Protocol
H2
Server
213.180.193.90 , Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
bs.yandex.ru
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

accept-language
is-IS,is;q=0.9
Referer
https://yastatic.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 04 May 2022 19:17:18 GMT
content-encoding
gzip
last-modified
Wed, 18 Apr 2001 10:28:03 GMT
strict-transport-security
max-age=31536000
p3p
CP="NOI DEVa TAIa OUR BUS UNI STA"
content-type
image/gif
x-xss-protection
1; mode=block
expires
Wed, 19 Apr 2023 19:17:18 GMT

Redirect headers

pragma
no-cache
date
Wed, 04 May 2022 19:17:18 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://an.yandex.ru/resource/spacer.gif
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
237
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
spacer.gif
an.yandex.ru/resource/ Frame C70F
Redirect Chain
  • https://an.yandex.ru/mapuid/google/?partner-tag=yandexru
  • https://an.yandex.ru/mapuid/google/?redir-setuniq=1&partner-tag=yandexru
  • https://cm.g.doubleclick.net/pixel?google_nid=yandexru&google_hm=36CEF03F82831F47&google_redir=https%3A%2F%2Fan.yandex.ru%2Fresource%2Fspacer.gif
  • https://cm.g.doubleclick.net/pixel?google_nid=yandexru&google_hm=36CEF03F82831F47&google_redir=https%3A%2F%2Fan.yandex.ru%2Fresource%2Fspacer.gif&google_tc=
  • https://an.yandex.ru/resource/spacer.gif
43 B
135 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://an.yandex.ru/resource/spacer.gif
Protocol
H2
Server
213.180.193.90 , Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
bs.yandex.ru
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

accept-language
is-IS,is;q=0.9
Referer
https://yastatic.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 04 May 2022 19:17:18 GMT
content-encoding
gzip
last-modified
Wed, 18 Apr 2001 10:28:03 GMT
strict-transport-security
max-age=31536000
p3p
CP="NOI DEVa TAIa OUR BUS UNI STA"
content-type
image/gif
x-xss-protection
1; mode=block
expires
Wed, 19 Apr 2023 19:17:18 GMT

Redirect headers

pragma
no-cache
date
Wed, 04 May 2022 19:17:18 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://an.yandex.ru/resource/spacer.gif
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
237
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sync
t.adx.opera.com/ Frame C70F
Redirect Chain
  • https://an.yandex.ru/mapuid/operacom/
  • https://an.yandex.ru/mapuid/operacom/?redir-setuniq=1
  • https://t.adx.opera.com/sync?vendor=60143&uid=A10551C9395381B
0
410 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.adx.opera.com/sync?vendor=60143&uid=A10551C9395381B
Requested by
Host: goo.su
URL: https://goo.su/wbZfxfi
Protocol
H2
Server
82.145.213.8 , Norway, ASN39832 (NO-OPERA, NO),
Reverse DNS
n-sysadmin-jumpbox-03.feednews.opera.technology
Software
Tengine /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
is-IS,is;q=0.9
Referer
https://yastatic.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 04 May 2022 19:17:18 GMT
server
Tengine
access-control-allow-methods
POST, GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, accept, origin, Cache-Control, X-Requested-With
content-length
0
expires
Mon, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 04 May 2022 19:17:17 GMT
content-encoding
gzip
last-modified
Wed, 04 May 2022 19:17:17 GMT
strict-transport-security
max-age=31536000
p3p
CP="NOI DEVa TAIa OUR BUS UNI STA"
location
https://t.adx.opera.com/sync?vendor=60143&uid=A10551C9395381B
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin
*
x-xss-protection
1; mode=block
expires
Wed, 04 May 2022 19:17:17 GMT
match
ads.betweendigital.com/ Frame C70F
Redirect Chain
  • https://an.yandex.ru/mapuid/betweenx/
  • https://an.yandex.ru/mapuid/betweenx/?redir-setuniq=1
  • https://ads.betweendigital.com/match?bidder_id=161&external_user_id=C26CE2FC3B121E62
  • https://ads.betweendigital.com/match?bidder_id=161&external_user_id=C26CE2FC3B121E62&crf=1
68 B
607 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.betweendigital.com/match?bidder_id=161&external_user_id=C26CE2FC3B121E62&crf=1
Protocol
H2
Server
188.42.191.196 , Luxembourg, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
/
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
is-IS,is;q=0.9
Referer
https://yastatic.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
68
content-type
image/png

Redirect headers

location
/match?bidder_id=161&external_user_id=C26CE2FC3B121E62&crf=1
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
0
/
acint.net/rmatch/ Frame C70F 		0
0
4a92a8f5-deb9-40f8-95bf-10234c52093f
an.yandex.ru/mapuid/qbitis/ Frame C70F
Redirect Chain
  • https://mitdmp.whiteboxdigital.ru/pixel?id=a&source=yandex&redirect=false&href=https%3A%2F%2Fan.yandex.ru%2Fmapuid%2Fqbitis%2F%7Bmiid%7D
  • https://an.yandex.ru/mapuid/qbitis/4a92a8f5-deb9-40f8-95bf-10234c52093f
43 B
80 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://an.yandex.ru/mapuid/qbitis/4a92a8f5-deb9-40f8-95bf-10234c52093f
Protocol
H2
Server
213.180.193.90 , Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
bs.yandex.ru
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

accept-language
is-IS,is;q=0.9
Referer
https://yastatic.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 04 May 2022 19:17:18 GMT
content-encoding
gzip
last-modified
Wed, 04 May 2022 19:17:18 GMT
p3p
CP="NOI DEVa TAIa OUR BUS UNI STA"
strict-transport-security
max-age=31536000
content-type
image/gif; charset=utf-8
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin
*
x-xss-protection
1; mode=block
expires
Wed, 04 May 2022 19:17:18 GMT

Redirect headers

Date
Wed, 04 May 2022 19:17:18 GMT
Server
nginx/1.21.0
Location
https://an.yandex.ru/mapuid/qbitis/4a92a8f5-deb9-40f8-95bf-10234c52093f
Access-Control-Max-Age
3628800
Access-Control-Allow-Methods
GET, DELETE, OPTIONS, POST, PUT
Access-Control-Allow-Origin
Access-Control-Expose-Headers
Content-Length,Content-Range
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
Access-Control-Allow-Headers
Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
Content-Length
0
e2725037-9719-527c-b577-c199d70510a7
an.yandex.ru/mapuid/betweendigitalis/ Frame C70F
Redirect Chain
  • https://ads.betweendigital.com/match?bidder_id=43554&callback_url=https%3A%2F%2Fan.yandex.ru%2Fmapuid%2Fbetweendigitalis%2F%24%7BUSER_ID%7D
  • https://ads.betweendigital.com/match?bidder_id=43554&callback_url=https%3A%2F%2Fan.yandex.ru%2Fmapuid%2Fbetweendigitalis%2F%24%7BUSER_ID%7D&crf=1
  • https://an.yandex.ru/mapuid/betweendigitalis/e2725037-9719-527c-b577-c199d70510a7
43 B
80 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://an.yandex.ru/mapuid/betweendigitalis/e2725037-9719-527c-b577-c199d70510a7
Protocol
H2
Server
213.180.193.90 , Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
bs.yandex.ru
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

accept-language
is-IS,is;q=0.9
Referer
https://yastatic.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 04 May 2022 19:17:18 GMT
content-encoding
gzip
last-modified
Wed, 04 May 2022 19:17:18 GMT
p3p
CP="NOI DEVa TAIa OUR BUS UNI STA"
strict-transport-security
max-age=31536000
content-type
image/gif; charset=utf-8
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin
*
x-xss-protection
1; mode=block
expires
Wed, 04 May 2022 19:17:18 GMT

Redirect headers

location
https://an.yandex.ru/mapuid/betweendigitalis/e2725037-9719-527c-b577-c199d70510a7
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
0
220d7536-b9e5-4513-8344-765f07ddae75
an.yandex.ru/mapuid/mtsdspis/ Frame C70F
Redirect Chain
  • https://sm.rtb.mts.ru/p?ssp=yandex&id=map
  • https://sm.rtb.mts.ru/match/second?ssp=55&exu=map
  • https://tech.rtb.mts.ru/?dsp_uid=220d7536-b9e5-4513-8344-765f07ddae75&return_url=https%3A%2F%2Fan.yandex.ru%2Fmapuid%2Fmtsdspis%2F220d7536-b9e5-4513-8344-765f07ddae75
  • https://an.yandex.ru/mapuid/mtsdspis/220d7536-b9e5-4513-8344-765f07ddae75
43 B
80 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://an.yandex.ru/mapuid/mtsdspis/220d7536-b9e5-4513-8344-765f07ddae75
Protocol
H2
Server
213.180.193.90 , Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
bs.yandex.ru
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

accept-language
is-IS,is;q=0.9
Referer
https://yastatic.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 04 May 2022 19:17:19 GMT
content-encoding
gzip
last-modified
Wed, 04 May 2022 19:17:19 GMT
p3p
CP="NOI DEVa TAIa OUR BUS UNI STA"
strict-transport-security
max-age=31536000
content-type
image/gif; charset=utf-8
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin
*
x-xss-protection
1; mode=block
expires
Wed, 04 May 2022 19:17:19 GMT

Redirect headers

Date
Wed, 04 May 2022 19:17:19 GMT
Server
nginx/1.20.2
Transfer-Encoding
chunked
Access-Control-Allow-Methods
GET, POST, PUT, DELETE, OPTIONS
Content-Type
text/html; charset=utf-8
Location
https://an.yandex.ru/mapuid/mtsdspis/220d7536-b9e5-4513-8344-765f07ddae75
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
/
sync.bumlam.com/ Frame C70F 		43 B
390 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.bumlam.com/?src=yandex
Requested by
Host: goo.su
URL: https://goo.su/wbZfxfi
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_CBC
Server
31.172.81.160 , Germany, ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE),
Reverse DNS
Software
nginx /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
is-IS,is;q=0.9
Referer
https://yastatic.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Date
Wed, 04 May 2022 19:17:18 GMT
Cache-Control
no-cache, must-revalidate, post-check=0, pre-check=0, no-cache=Set-Cookie, max-age=0, proxy-revalidate, s-maxage=0
Server
nginx
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
P3P
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
15a04e712779b3a7944f
an.yandex.ru/mapuid/targetixis/ Frame C70F
Redirect Chain
  • https://dm.hybrid.ai/match?id=182
  • https://an.yandex.ru/mapuid/targetixis/15a04e712779b3a7944f
43 B
80 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://an.yandex.ru/mapuid/targetixis/15a04e712779b3a7944f
Protocol
H2
Server
213.180.193.90 , Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
bs.yandex.ru
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

accept-language
is-IS,is;q=0.9
Referer
https://yastatic.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 04 May 2022 19:17:18 GMT
content-encoding
gzip
last-modified
Wed, 04 May 2022 19:17:18 GMT
p3p
CP="NOI DEVa TAIa OUR BUS UNI STA"
strict-transport-security
max-age=31536000
content-type
image/gif; charset=utf-8
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin
*
x-xss-protection
1; mode=block
expires
Wed, 04 May 2022 19:17:18 GMT

Redirect headers

pragma
no-cache
date
Wed, 04 May 2022 19:17:18 GMT
server
Hybrid Web Server
location
https://an.yandex.ru/mapuid/targetixis/15a04e712779b3a7944f
p3p
CP="NOI DSP COR CUR ADMa DEVo TAIo PSAo PSDo IVAo IVDo OUR IND COM NAV INT STA OTC"
access-control-allow-origin
*
cache-control
no-cache, no-store
x-mode
121
content-length
0
x-xss-protection
1; mode=block
expires
-1
sync.cgi
ssp.adriver.ru/cgi-bin/ Frame C70F 		42 B
201 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssp.adriver.ru/cgi-bin/sync.cgi?ssp_id=19
Requested by
Host: goo.su
URL: https://goo.su/wbZfxfi
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
81.222.128.215 , Russian Federation, ASN20597 (ELTEL-AS, RU),
Reverse DNS
ad15.adriver.ru
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
is-IS,is;q=0.9
Referer
https://yastatic.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Date
Wed, 04 May 2022 19:17:18 GMT
Server
nginx
Connection
keep-alive
Transfer-Encoding
chunked
Content-Type
image/gif
TQi0y75NwdPmgQcv9NcQ
an.yandex.ru/mapuid/kadamis/ Frame C70F
Redirect Chain
  • https://s.uuidksinc.net/match/501
  • https://an.yandex.ru/mapuid/kadamis/TQi0y75NwdPmgQcv9NcQ
43 B
80 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://an.yandex.ru/mapuid/kadamis/TQi0y75NwdPmgQcv9NcQ
Protocol
H2
Server
213.180.193.90 , Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
bs.yandex.ru
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

accept-language
is-IS,is;q=0.9
Referer
https://yastatic.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 04 May 2022 19:17:18 GMT
content-encoding
gzip
last-modified
Wed, 04 May 2022 19:17:18 GMT
p3p
CP="NOI DEVa TAIa OUR BUS UNI STA"
strict-transport-security
max-age=31536000
content-type
image/gif; charset=utf-8
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin
*
x-xss-protection
1; mode=block
expires
Wed, 04 May 2022 19:17:18 GMT

Redirect headers

location
https://an.yandex.ru/mapuid/kadamis/TQi0y75NwdPmgQcv9NcQ
date
Wed, 04 May 2022 19:17:18 GMT
server
nginx/1.19.0
content-length
0
MX6j02BPBZm.AikABlGAkIFeLA
an.yandex.ru/mapuid/getintentis/ Frame C70F
Redirect Chain
  • https://px.adhigh.net/p/cm/yandexssp
  • https://px.adhigh.net/p/cm/yandexssp?bounced=1
  • https://an.yandex.ru/mapuid/getintentis/MX6j02BPBZm.AikABlGAkIFeLA
43 B
80 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://an.yandex.ru/mapuid/getintentis/MX6j02BPBZm.AikABlGAkIFeLA
Protocol
H2
Server
213.180.193.90 , Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
bs.yandex.ru
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

accept-language
is-IS,is;q=0.9
Referer
https://yastatic.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 04 May 2022 19:17:19 GMT
content-encoding
gzip
last-modified
Wed, 04 May 2022 19:17:19 GMT
p3p
CP="NOI DEVa TAIa OUR BUS UNI STA"
strict-transport-security
max-age=31536000
content-type
image/gif; charset=utf-8
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin
*
x-xss-protection
1; mode=block
expires
Wed, 04 May 2022 19:17:19 GMT

Redirect headers

pragma
no-cache
date
Wed, 04 May 2022 19:17:19 GMT
server
nginx
access-control-allow-origin
*
x-backend-id
f22-ru
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://an.yandex.ru/mapuid/getintentis/MX6j02BPBZm.AikABlGAkIFeLA
cache-control
no-cache, no-store
access-control-allow-credentials
true
content-length
0
expires
Thu, 01 Jan 1970 00:00:00 GMT
822c55a4-c518-4dec-5e6f-7e4e28c0fd9b
an.yandex.ru/mapuid/buzzooladspis/ Frame C70F
Redirect Chain
  • https://exchange.buzzoola.com/cookiesync/redirect/yandex?redirect_url=https%3A%2F%2Fan.yandex.ru%2Fmapuid%2Fbuzzooladspis%2F%24%7BUUID%7D
  • https://an.yandex.ru/mapuid/buzzooladspis/822c55a4-c518-4dec-5e6f-7e4e28c0fd9b
43 B
152 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://an.yandex.ru/mapuid/buzzooladspis/822c55a4-c518-4dec-5e6f-7e4e28c0fd9b
Protocol
H2
Server
213.180.193.90 , Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
bs.yandex.ru
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

accept-language
is-IS,is;q=0.9
Referer
https://yastatic.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 04 May 2022 19:17:19 GMT
content-encoding
gzip
last-modified
Wed, 04 May 2022 19:17:19 GMT
p3p
CP="NOI DEVa TAIa OUR BUS UNI STA"
strict-transport-security
max-age=31536000
content-type
image/gif; charset=utf-8
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin
*
x-xss-protection
1; mode=block
expires
Wed, 04 May 2022 19:17:19 GMT

Redirect headers

location
https://an.yandex.ru/mapuid/buzzooladspis/822c55a4-c518-4dec-5e6f-7e4e28c0fd9b
date
Wed, 04 May 2022 19:17:18 GMT
server
nginx
content-length
113
serverid
TODO
content-type
text/html; charset=utf-8
/
an.yandex.ru/mapuid/targetrtbis/ Frame C70F
Redirect Chain
  • https://match.new-programmatic.com/userbind?src=yandex&pbf=1&gi=1
  • https://an.yandex.ru/mapuid/targetrtbis/?sign=1379914575
43 B
80 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://an.yandex.ru/mapuid/targetrtbis/?sign=1379914575
Protocol
H2
Server
213.180.193.90 , Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
bs.yandex.ru
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

accept-language
is-IS,is;q=0.9
Referer
https://yastatic.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 04 May 2022 19:17:19 GMT
content-encoding
gzip
last-modified
Wed, 04 May 2022 19:17:19 GMT
p3p
CP="NOI DEVa TAIa OUR BUS UNI STA"
strict-transport-security
max-age=31536000
content-type
image/gif; charset=utf-8
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin
*
x-xss-protection
1; mode=block
expires
Wed, 04 May 2022 19:17:19 GMT

Redirect headers

Date
Wed, 04 May 2022 19:16:31 GMT
Server
nginx/1.18.0
Access-Control-Allow-Origin
*
Vary
Origin
Location
https://an.yandex.ru/mapuid/targetrtbis/?sign=1379914575
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
yandexortb
sync.dmp.otm-r.com/match/ Frame C70F 		0
69 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.dmp.otm-r.com/match/yandexortb
Requested by
Host: goo.su
URL: https://goo.su/wbZfxfi
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
195.201.152.110 Gunzenhausen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.110.152.201.195.clients.your-server.de
Software
nginx/1.17.6 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
is-IS,is;q=0.9
Referer
https://yastatic.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

access-control-allow-origin
*
date
Wed, 04 May 2022 19:17:19 GMT
server
nginx/1.17.6
1
mc.yandex.ru/watch/413980/
Redirect Chain
  • https://mc.yandex.ru/watch/413980?wmode=7&page-url=https%3A%2F%2Fgoo.su%2FwbZfxfi&nohit=1&charset=utf-8&cnt-class=1&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A3epd2s48awifpnz15xts%3Afu%3A0%3Aen%3Autf-8...
  • https://mc.yandex.ru/watch/413980/1?wmode=7&page-url=https%3A%2F%2Fgoo.su%2FwbZfxfi&nohit=1&charset=utf-8&cnt-class=1&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A3epd2s48awifpnz15xts%3Afu%3A0%3Aen%3Autf...
319 B
702 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.ru/watch/413980/1?wmode=7&page-url=https%3A%2F%2Fgoo.su%2FwbZfxfi&nohit=1&charset=utf-8&cnt-class=1&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A3epd2s48awifpnz15xts%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A790%3Acn%3A1%3Adp%3A0%3Als%3A1633965900647%3Ahid%3A832065778%3Az%3A0%3Ai%3A20220504191717%3Aet%3A1651691838%3Ac%3A1%3Arn%3A555825248%3Au%3A16516918381009744473%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1651691833132%3Aco%3A0%3Arqnl%3A1%3Ast%3A1651691838%3At%3ARedirecting...&t=gdpr%2814%29aw%281%29ti%282%29
Protocol
H2
Server
93.158.134.119 , Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
mc.yandex.ru
Software
/
Resource Hash
5f5207d85d6ae8e4f326dcc93358be35cb3a06ecafa3090114266127b9f527c9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
is-IS,is;q=0.9
Referer
https://goo.su/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 04 May 2022 19:17:18 GMT
x-content-type-options
nosniff
last-modified
Wed, 04-May-2022 19:17:18 GMT
strict-transport-security
max-age=31536000
content-type
application/json; charset=utf-8
access-control-allow-origin
https://goo.su
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-length
319
x-xss-protection
1; mode=block
expires
Wed, 04-May-2022 19:17:18 GMT

Redirect headers

pragma
no-cache
date
Wed, 04 May 2022 19:17:18 GMT
last-modified
Wed, 04-May-2022 19:17:18 GMT
location
/watch/413980/1?wmode=7&page-url=https%3A%2F%2Fgoo.su%2FwbZfxfi&nohit=1&charset=utf-8&cnt-class=1&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A3epd2s48awifpnz15xts%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A790%3Acn%3A1%3Adp%3A0%3Als%3A1633965900647%3Ahid%3A832065778%3Az%3A0%3Ai%3A20220504191717%3Aet%3A1651691838%3Ac%3A1%3Arn%3A555825248%3Au%3A16516918381009744473%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1651691833132%3Aco%3A0%3Arqnl%3A1%3Ast%3A1651691838%3At%3ARedirecting...&t=gdpr%2814%29aw%281%29ti%282%29
strict-transport-security
max-age=31536000
access-control-allow-origin
https://goo.su
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
x-xss-protection
1; mode=block
expires
Wed, 04-May-2022 19:17:18 GMT
tracker
top-fwz1.mail.ru/ 		43 B
900 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://top-fwz1.mail.ru/tracker?js=13;id=3128781;u=https%3A//goo.su/wbZfxfi;st=1651691834523;s=1600*1200;vp=1600*1200;touch=0;hds=1;frame=0;flash=;sid=d777ca2983291f40;ver=60.3.0;tz=0%2FEtc%2FUnknown;nt=0/0/1651691833132/////0/1/12/12/249/182/249/721/722/724/1391/1400/1400/4762/4762/;ni=10//4g/0/0/;detect=0;lvid=1651691835141%3A1651691837895%3A2%3A068d689bc2698c295132769ce841b43c;visible=true;_=0.02680443999129456;e=RT/load;et=1651691837894
Requested by
Host: top-fwz1.mail.ru
URL: https://top-fwz1.mail.ru/js/code.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
217.69.133.145 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU),
Reverse DNS
top-fwz1.mail.ru
Software
nginx /
Resource Hash
24e480e4659fbae818853a38f8a3036f529f539024dc3e772c0b594ce02ea9db
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://goo.su/
accept-language
is-IS,is;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Wed, 04 May 2022 19:17:17 GMT
x-content-type-options
nosniff
p3p
CP="NOI DSP COR NID CUR PSA OUR NOR"
content-length
43
pragma
no-cache
amp-access-control-allow-source-origin
https://goo.su
server
nginx
access-control-allow-methods
GET, POST, HEAD, PUT, OPTIONS
content-type
image/gif
access-control-allow-origin
https://goo.su
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
private, no-cache, no-store, max-age=0
access-control-allow-credentials
true
accept-ch-lifetime
86400
accept-ch
DPR, Width, Viewport-Width, Downlink, Device-Memory, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version
timing-allow-origin
https://goo.su
access-control-allow-headers
*
1
mc.yandex.ru/watch/413980/ 		43 B
85 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.ru/watch/413980/1?page-url=https%3A%2F%2Fgoo.su%2FwbZfxfi&charset=utf-8&cnt-class=1&browser-info=pa%3A1%3Aar%3A1%3Agdpr%3A14%3Avf%3A3epd2s48awifpnz15xts%3Afp%3A1435%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A790%3Acn%3A1%3Adp%3A1%3Als%3A1633965900647%3Ahid%3A832065778%3Az%3A0%3Ai%3A20220504191718%3Aet%3A1651691839%3Ac%3A1%3Arn%3A210458430%3Arqn%3A1%3Au%3A16516918381009744473%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Aeu%3A1%3Ans%3A1651691833132%3Ads%3A10%2C237%2C472%2C2%2C0%2C0%2C%2C668%2C0%2C4762%2C4762%2C1%2C1399%3Aco%3A0%3Arqnl%3A1%3Ast%3A1651691839&t=gdpr(14)mc(p-1-h-1)lt(6800)aw(1)ti(2)
Requested by
Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/watch.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
93.158.134.119 , Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
mc.yandex.ru
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Referer
https://goo.su/
accept-language
is-IS,is;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

pragma
no-cache
date
Wed, 04 May 2022 19:17:18 GMT
last-modified
Wed, 04-May-2022 19:17:18 GMT
strict-transport-security
max-age=31536000
content-type
image/gif
access-control-allow-origin
https://goo.su
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-length
43
x-xss-protection
1; mode=block
expires
Wed, 04-May-2022 19:17:18 GMT
413980
mc.yandex.ru/watch/ 		43 B
73 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.ru/watch/413980?page-url=https%3A%2F%2Fgoo.su%2FwbZfxfi&charset=utf-8&cnt-class=1&browser-info=pv%3A1%3Aar%3A1%3Agdpr%3A14%3Avf%3A3epd2s48awifpnz15xts%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A790%3Acn%3A1%3Adp%3A1%3Als%3A1633965900647%3Ahid%3A832065778%3Az%3A0%3Ai%3A20220504191718%3Aet%3A1651691839%3Ac%3A1%3Arn%3A146554037%3Arqn%3A2%3Au%3A16516918381009744473%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Aeu%3A1%3Ans%3A1651691833132%3Aco%3A0%3Arqnl%3A1%3Ast%3A1651691839%3At%3ARedirecting...&t=gdpr(14)mc(p-1-h-1)lt(6800)aw(1)ti(2)
Requested by
Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/watch.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
93.158.134.119 , Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
mc.yandex.ru
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

accept-language
is-IS,is;q=0.9
Referer
https://goo.su/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 04 May 2022 19:17:18 GMT
last-modified
Wed, 04-May-2022 19:17:18 GMT
strict-transport-security
max-age=31536000
content-type
image/gif
access-control-allow-origin
https://goo.su
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-length
43
x-xss-protection
1; mode=block
expires
Wed, 04-May-2022 19:17:18 GMT
bundle.js
yastatic.net/q/set/s/rsya-tag-users/ Frame C70F 		105 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://yastatic.net/q/set/s/rsya-tag-users/bundle.js
Requested by
Host: goo.su
URL: https://goo.su/wbZfxfi
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
178.154.131.216 , Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
static.yandex.net
Software
nginx/1.17.9 /
Resource Hash
e1cff21864c46e1da263fa83c14ed6d190bc5afbdd35188de15f10eb8bedd264
Security Headers
Name Value
Strict-Transport-Security max-age=43200000; includeSubDomains;

Request headers

accept-language
is-IS,is;q=0.9
Referer
https://yastatic.net/safeframe-bundles/0.83/1-1-0/render.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Wed, 04 May 2022 19:17:18 GMT
content-encoding
br
last-modified
Fri, 29 Oct 2021 11:19:01 GMT
server
nginx/1.17.9
etag
W/"82bdc8db563d3e71c35534315f8a9fd5"
vary
Accept-Encoding
report-to
{ "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type
application/javascript
access-control-allow-origin
*
expires
Sat, 07 May 2022 07:15:42 GMT
cache-control
public, max-age=31556952
nel
{"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
strict-transport-security
max-age=43200000; includeSubDomains;
timing-allow-origin
*
x-nginx-request-id
14ce077cd8d4f22f
watch.js
mc.yandex.ru/metrika/ Frame C70F 		139 KB
50 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.ru/metrika/watch.js
Requested by
Host: yastatic.net
URL: https://yastatic.net/q/set/s/rsya-tag-users/bundle.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
93.158.134.119 , Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
mc.yandex.ru
Software
/
Resource Hash
32212fbe1d9e9032b73c42b3da4c24ec8c8453de0d323222c881d03c7fabffce
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
is-IS,is;q=0.9
Referer
https://yastatic.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Wed, 04 May 2022 19:17:19 GMT
content-encoding
br
last-modified
Mon, 18 Apr 2022 12:16:58 GMT
etag
"625d2c8a-c556"
strict-transport-security
max-age=31536000
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600
content-length
50518
expires
Wed, 04 May 2022 20:17:19 GMT
data
yandex.ru/set/s/rsya-tag-users/ Frame C70F 		403 B
947 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://yandex.ru/set/s/rsya-tag-users/data?referrer=https%3A%2F%2Fgoo.su%2F
Requested by
Host: yastatic.net
URL: https://yastatic.net/q/set/s/rsya-tag-users/bundle.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
5.255.255.60 , Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
yandex.ru
Software
/
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
is-IS,is;q=0.9
Referer
https://yastatic.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Wed, 04 May 2022 19:17:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
nel
{"report_to": "network-errors", "max_age": 86400, "success_fraction": 0.001, "failure_fraction": 0.1}
report-to
{ "group": "network-errors", "max_age": 86400, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type
application/json; charset=utf-8
access-control-allow-origin
https://yastatic.net
cache-control
public,max-age=300
access-control-allow-credentials
true
x-xss-protection
1; mode=block
1MdRtaUB0T0100000000U9nJj9vfogkiALvjA7B68c6_naS5I-kBHKaCGE094mdT9SAY62iJoCQGoWWKpnGvyoCI95xA1-JLvWE9LaOGsGcI1G8cXfcCVJeGzaB6UGeGrah6Q5a8QozZnYjkXgDW_bb6aAQhOF8k8uCC0zDVnbbC30npcK0YQvb-0ScpJF-1u1MJm...
an.yandex.ru/rtbcount/ 		43 B
140 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://an.yandex.ru/rtbcount/1MdRtaUB0T0100000000U9nJj9vfogkiALvjA7B68c6_naS5I-kBHKaCGE094mdT9SAY62iJoCQGoWWKpnGvyoCI95xA1-JLvWE9LaOGsGcI1G8cXfcCVJeGzaB6UGeGrah6Q5a8QozZnYjkXgDW_bb6aAQhOF8k8uCC0zDVnbbC30npcK0YQvb-0ScpJF-1u1MJm9Bv0ZaYPnWO9eUgLfhSOsNuoyG9ifoP5KZsCYi2oQdC86rpcPb05W99iDqi6vdl6Epq4VtcB76IsVhWeI_I_JFyhe9LtWMJFvaTdFWXpcMPo6q8PgrWwOlSmS9yW8Nf9Wl4sH_i7xASFGC2R-pVie0Slu2LzoIhSJO7MFe2QqD30yjDLkj0pIFTpo95lhA2NDt1ri0oW-tAuU05R4-UTtRl-BBsGTvADfWn1zWyJh0nFsBZJJLmj38BoZ5Bh328Cd_91hFm9vmraRtd--DlfvU_iP_5pcPgRcffRBY1lK5W1plB2NQH1-pz6tjU7_ntzdG80EK9Yfu0?confirmTime=2110000&confirmRatio=1000000&test-tag=243593365159938&format-type=124&actual-format=10&rnd=2277651452670&pcode-active-testids=574104%2C0%2C-1&banner-sizes=eyI3MjA1NzYwNTkzNjExMTM3OSI6IjM5NngyMTAiLCI3MjA1NzYwNjAzNjEyNTY3MiI6IjM5NngyMTAiLCI3MjA1NzYwNjAzNTYxNjE0MyI6IjM5NngyMTAiLCI3MjA1NzYwNTczMDMwOTY4MiI6IjM5NngyMTAifQ%3D%3D&width=1600&height=210
Requested by
Host: an.yandex.ru
URL: https://an.yandex.ru/system/context.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.180.193.90 , Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
bs.yandex.ru
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Referer
https://goo.su/
accept-language
is-IS,is;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

pragma
no-cache
date
Wed, 04 May 2022 19:17:19 GMT
content-encoding
gzip
last-modified
Wed, 04 May 2022 19:17:19 GMT
p3p
CP="NOI DEVa TAIa OUR BUS UNI STA"
strict-transport-security
max-age=31536000
content-type
image/gif
access-control-allow-origin
https://goo.su
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*
x-xss-protection
1; mode=block
expires
Wed, 04 May 2022 19:17:19 GMT
WMSejI_zODi0xGe0518X11Iwfswt-WK0sm4GW8200J4xqN9Y000003Yun3A80Wwv0YrPTu_haHFmy0BEhhQ01y2nD_050Q06tW791ZkPDGqZAHTxgGSKpFXPloZn8D08We20W08SgWiGf9yGR1JC002JLILvDDxm2mRW3OA0W860W8281AWFb9ZZWVQNolWWa13Mz...
an.yandex.ru/count/ 		43 B
82 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://an.yandex.ru/count/WMSejI_zODi0xGe0518X11Iwfswt-WK0sm4GW8200J4xqN9Y000003Yun3A80Wwv0YrPTu_haHFmy0BEhhQ01y2nD_050Q06tW791ZkPDGqZAHTxgGSKpFXPloZn8D08We20W08SgWiGf9yGR1JC002JLILvDDxm2mRW3OA0W860W8281AWFb9ZZWVQNolWWa13Mz-_PsiExZS41mgk1jWy4u1G1s1N1YlRieu-y_6Fme1RmWOIJ1iaMs1Q15wWN3PaOq1WX-1ZZsiUxtTgAiiK1W1c96JDhk1d___y1m1cxegMXlD7vh1JI6H9vOM9pNtDbSdPbSYzoDZKvBJJe6P41y1c0mWEO6jJ3Kx0RIBWR0u8S3MKmGJesKcmsONWmMZVf780T_t-0880GY2044W1RP5G2Xfm0OZGALYFdS5amYSuXkF0s9YB8uR9Lm0clvgVSex9GFoe_h7PEK1BLP0j96iN98GO81G00~1=WF0ejI_zO0m0DGS0D0pQQyf1306G__gaYflBrh81W06kZWoG0QRy_jBOW8200g01pFkeMBW1ploscoJO0TwajAG1u06GdA04w0760g02s8p21R030kW4yWw81TUO2P05b9uBi0NHxGAu1T7j0i05WjKDo0NLl0FG1Vn_g0RU0U07XiA0W0RW2Ao6uGBu2e2r6A4HD3CpCpCpuu0KW8201EWKZ0AW5l21X9C6oHQu5m705xNM0PaOe1dU0RWP____0O4Q__zh_DnTrose7W6m7m4A089hb1g2sbCIvON3ObykmruCyouTQamCcj35kM2mA080~1=WFiejI_zO1e0ZGS0j0mUcF8Z6W7EqzJyw_6-ove1W06J-ux1oUNWwrsG0T3VhxBPW8200g01dCUeMRW1qAkqhoJO0SBKhAG1u07KqF2Z0UW1Ag02hlsY5g031B030hy9Y0MmhWwG1TU13x05oEW3k0N8w0F01UBAByW5m8mCq0N_gW6e1ju1u0U6me201k08rxwH2_WAWBKOeH4qCpCpCpFZw1IC0g0My864amR95hWN0S0NjTO1cHYW6Tu1k1d___y1-1cx-eyZWHh__nCyLF-v7AWU0R0V0Wi0YckK6eBuK_BpXID0O2w3FOPPMmGEsXYFJWoQe8jxmM1H1000~1=WEaejI_zO180_GO0f0iXfbsL4W7mxRAIoFxI-U41W06OZmgG0Px6yR7PW8200g01dAXPk06Mh9gD9DW1-E3wem7W0QYcafa1w04W-06YaDw-0Q02feIQ5g031h030jeFY0NJmmUG1Qgq2B05Wky2k0M2xmB01RgK1-DVg0RU0U07f0_2W806u0YJWeqBW1I08EWKZ0AW5l21X9C6oHQu5m705xNM0PaOe1dU0RWP____0VWPrj2G7e4Q__y7p4GO-Pge7W6m7mCB089hb9e4LOhiUU40yCiUbPq7UX0vyY14u6XmHIx41Tj44G00~1=WE8ejI_zO1G0nGO0v0f1n40i506Gpv6HX-_RxVq1W07RtUxudjVVxyu1a07asDoEru20W0AW0SIeLxW1-kF-x2FO0V3DXQC1u07WyF-Y0UW1Vg02fiMQ6Q032B03w0g81SkY2905WxqAi0Nur0Au1VZK0gftg0RU0U07XiA0W0RW2DEYpGpu2e2r6EWKZ0AW5l21X9C6oHQu5m705xNM0PaOe1dU0RWP____0O4Q___3uhb0OTYe7W6m7mGC08fhb9e4COhyVE4G49XzxJ7CfFARSG4hfVEiFKCd1atGvRrWi2W2~1?stat-id=14&test-tag=1369493272064577&banner-sizes=eyI3MjA1NzYwNTkzNjExMTM3OSI6IjM5NngyMTAiLCI3MjA1NzYwNjAzNjEyNTY3MiI6IjM5NngyMTAiLCI3MjA1NzYwNjAzNTYxNjE0MyI6IjM5NngyMTAiLCI3MjA1NzYwNTczMDMwOTY4MiI6IjM5NngyMTAifQ%3D%3D&format-type=124&actual-format=10&pcodever=575931&banner-test-tags=eyI3MjA1NzYwNTkzNjExMTM3OSI6IjU3MzYxIiwiNzIwNTc2MDYwMzYxMjU2NzIiOiI0MjUxNjY2IiwiNzIwNTc2MDYwMzU2MTYxNDMiOiI1NzM2MyIsIjcyMDU3NjA1NzMwMzA5NjgyIjoiNTczNjQifQ%3D%3D&pcode-active-testids=574104%2C0%2C-1&width=1600&height=210&confirmTime=2100000&confirmRatio=1000000&wmode=0
Requested by
Host: an.yandex.ru
URL: https://an.yandex.ru/system/context.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.180.193.90 , Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
bs.yandex.ru
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Referer
https://goo.su/
accept-language
is-IS,is;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

pragma
no-cache
date
Wed, 04 May 2022 19:17:19 GMT
content-encoding
gzip
last-modified
Wed, 04 May 2022 19:17:19 GMT
p3p
CP="NOI DEVa TAIa OUR BUS UNI STA"
strict-transport-security
max-age=31536000
content-type
image/gif
access-control-allow-origin
https://goo.su
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*
x-xss-protection
1; mode=block
expires
Wed, 04 May 2022 19:17:19 GMT
1MBiuAQC0T4100000000U9nJj16Kw8tndCjZA7BcW0g3vaS5IvkBHKaCGE094mcjtRID9rOca8qXbH4edYboPeqCIBoK7yYhpGSIhOmWiXCa2mHC33CPjqL2s0iPPwb0M2iPFof0M7iPeo8468w2-MSPGPgkWicxZ0mo34n_6MSnCJ3CPGA9h6Nw1IJFClq7WbTC0...
an.yandex.ru/rtbcount/ 		43 B
82 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://an.yandex.ru/rtbcount/1MBiuAQC0T4100000000U9nJj16Kw8tndCjZA7BcW0g3vaS5IvkBHKaCGE094mcjtRID9rOca8qXbH4edYboPeqCIBoK7yYhpGSIhOmWiXCa2mHC33CPjqL2s0iPPwb0M2iPFof0M7iPeo8468w2-MSPGPgkWicxZ0mo34n_6MSnCJ3CPGA9h6Nw1IJFClq7WbTC0XE_UIg9d65WkDvgMcboZvNXBnCdo79cLY3Powm89ASoWxJDPMO2MGWamJQoR6I-Ox3JH_IRiyH9Pkk3Xxv8zy_mkmfMUHTC_cHsSEA7E9U5NT8Gp5h1icqpumuMvWCiJ3TP8Ex-OF-GvUmP47XZ_vO5vFe5hBmdMOspES3I5rWR6XfORh9Q1seUwNuMAVAL5UJi3hO6bXbiLmu7Bs1xyhopUyUNjG_oLhB1Z3d0vd62ZVaH6s-gWQDLSh2BKsA5GPJvIpQOXJ_Xh8diFTyVVpkz_8tzB7OsKtDJIsF33UmD0ZlOMKwmYpnWxz_Oy_hWlxEdGm0zUumK?confirmTime=2100000&confirmRatio=1000000&test-tag=243593365159938&format-type=124&actual-format=10&rnd=3482331974319&pcode-active-testids=574104%2C0%2C-1&banner-sizes=eyI3MjA1NzYwNTg3NTcyMDUzMCI6IjQzM3gyMTAiLCI3MjA1NzYwNTkyOTQ0NTQxNCI6IjQzM3gyMTAiLCI3MjA1NzYwNjA5MzY5OTYwMyI6IjI4N3gyMTAiLCI3MjA1NzYwNDg2OTY1NDI5NSI6IjQzM3gyMTAifQ%3D%3D&width=1600&height=210
Requested by
Host: an.yandex.ru
URL: https://an.yandex.ru/system/context.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.180.193.90 , Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
bs.yandex.ru
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Referer
https://goo.su/
accept-language
is-IS,is;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

pragma
no-cache
date
Wed, 04 May 2022 19:17:19 GMT
content-encoding
gzip
last-modified
Wed, 04 May 2022 19:17:19 GMT
p3p
CP="NOI DEVa TAIa OUR BUS UNI STA"
strict-transport-security
max-age=31536000
content-type
image/gif
access-control-allow-origin
https://goo.su
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*
x-xss-protection
1; mode=block
expires
Wed, 04 May 2022 19:17:19 GMT
tracker
top-fwz1.mail.ru/ 		43 B
902 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://top-fwz1.mail.ru/tracker?js=13;id=3128781;u=https%3A//goo.su/wbZfxfi;st=1651691834523;s=1600*1200;vp=1600*1200;touch=0;hds=1;frame=0;flash=;sid=d777ca2983291f40;ver=60.3.0;tz=0%2FEtc%2FUnknown;ni=10//4g/0/0/;detect=0;lvid=1651691835141%3A1651691839534%3A3%3A068d689bc2698c295132769ce841b43c;visible=true;_=0.5860084243045964;e=RT/unload;et=1651691839533;pvt=5010;vtauto=4393
Requested by
Host: top-fwz1.mail.ru
URL: https://top-fwz1.mail.ru/js/code.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
217.69.133.145 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU),
Reverse DNS
top-fwz1.mail.ru
Software
nginx /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://goo.su/
accept-language
is-IS,is;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Wed, 04 May 2022 19:17:19 GMT
x-content-type-options
nosniff
p3p
CP="NOI DSP COR NID CUR PSA OUR NOR"
content-length
43
pragma
no-cache
amp-access-control-allow-source-origin
https://goo.su
server
nginx
access-control-allow-methods
GET, POST, HEAD, PUT, OPTIONS
content-type
image/gif
access-control-allow-origin
https://goo.su
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
private, no-cache, no-store, max-age=0
access-control-allow-credentials
true
accept-ch-lifetime
86400
accept-ch
DPR, Width, Viewport-Width, Downlink, Device-Memory, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version
timing-allow-origin
https://goo.su
access-control-allow-headers
*
/
www.istripper.com/
Redirect Chain
  • https://istlnkcl.com/?p=28&s=72013&pp=91&v=0&g=1
  • https://clicks.istripper.com/ref.php?s=72013&referer=https%3A%2F%2Fgoo.su%2F
  • https://www.istripper.com/?
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.istripper.com/?
Requested by
Host: goo.su
URL: https://goo.su/frontend/js/redirect.js?id=0206716eb65eec68ba6002305730d2eb
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.144.99 -, , ASN (),
Reverse DNS
Software
cloudflare / PHP/7.3.25
Resource Hash

Request headers

Referer
https://goo.su/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language
is-IS,is;q=0.9

Response headers

access-control-allow-headers
X-Requested-With
access-control-allow-methods
GET, POST
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate
cf-cache-status
DYNAMIC
cf-ray
7063937eb95faf4b-KEF
content-encoding
br
content-type
text/html; charset=UTF-8
date
Wed, 04 May 2022 19:17:22 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
expires
Thu, 19 Nov 1981 08:52:00 GMT
locale
en
pragma
no-cache
server
cloudflare
vary
Accept-Encoding
x-powered-by
PHP/7.3.25

Redirect headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
*
Cache-control
private
Content-Type
text/html; charset=iso-8859-1
Date
Wed, 04 May 2022 19:17:21 GMT
Location
https://www.istripper.com/?
Server
nginx/1.18.0
Transfer-Encoding
chunked
X-Powered-By
PHP/7.3.25
/
kraken.rambler.ru/cnt/ 		3 B
456 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://kraken.rambler.ru/cnt/
Requested by
Host: st.top100.ru
URL: https://st.top100.ru/top100/top100.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
81.19.89.16 Moscow, Russian Federation, ASN24638 (RAMBLER-TELECOM-AS, RU),
Reverse DNS
kraken.rambler.ru
Software
nginx/1.19.4 /
Resource Hash

Request headers

Referer
https://goo.su/
accept-language
is-IS,is;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Wed, 04 May 2022 19:17:19 GMT
server
nginx/1.19.4
access-control-allow-methods
GET, POST, OPTIONS
p3p
CP="NON DSP NID ADMa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
access-control-allow-origin
https://goo.su
cache-control
no-cache
x-srv
1node0043.top100.rambler.tech
access-control-allow-credentials
true
content-type
application/octet-stream, image/gif
access-control-allow-headers
content-type
expires
Thu, 01 Jan 1970 00:00:01 GMT
WNGejI_zOEO0LGi0v18Cjh9z66DIv0K0vW4GW8200J4yqN9Y000003Yun3A80W-v0YrPTu_haHFmy0A_-8hC1C2nD_050Q06tW791ZmH68rSIPqCgGSKpAmS02dn8D08We20W08UgWiGaVP98XJC003NXJLvDDxm2mRW3OA0W860W82819WEkuABfh_ZeynEg0-Kc...
an.yandex.ru/count/ 		43 B
82 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://an.yandex.ru/count/WNGejI_zOEO0LGi0v18Cjh9z66DIv0K0vW4GW8200J4yqN9Y000003Yun3A80W-v0YrPTu_haHFmy0A_-8hC1C2nD_050Q06tW791ZmH68rSIPqCgGSKpAmS02dn8D08We20W08UgWiGaVP98XJC003NXJLvDDxm2mRW3OA0W860W82819WEkuABfh_ZeynEg0-Kc8EcWg3A-22G4DRtxzdQmxkDmG72gu6s3mJW507O5S6AzkoZZxpyO_2W5l21X9C6oHRmFzWMWHUe5msP6D0O8VWOuzh7kztQYhB50O0PYHapQxWP____0S0PkwAbeRpH-QmKqXaIUM5YSrzpPN9sPN8lSZOrEIqqw1cH0V0PWC83c1hKmrEm6qYu6mE270rbC44wOrD4Gc5uC5etwHo07Vz_W22048WW1180MsHK0eOS1cAq3rOZvt1PC8dE8RZmDf4cnk6oLS09kkQdvwEo08bKXbZjdA0agiaMaZIAaqCC40e0~1=Wl4ejI_zO8y2FHS0j2VmanMPZmE8wvlJuP27huy1W07nkW680RE9ckM90P01f8MpcTY0W802c06aXREPMA01dgW1dhW1yFNUZIJO0Tgy_QC1u06wYDSMw06E0Q02h9tm5u03zCk0rGI80yRNeUyCi0FL8eW5rxO3a0Mlimcm1U6k0xW5uQu3m0M0wGQAQ-05FgW6tW6u1u05yGS008I1me201k08rexu2-W9003mFyaA5LjykCYfzp_P2nJCh1m0AV4Ww0lNjWEf391FLRpYhjy_w0oR1fWDx9Gpe0x0X3tP3-CqNsa1JFK_W12jdASYu167iiG1w17xyDEol_g7lZM0RTP0mSRD-jkQiZ-O4mJW4-6k0u0KW82018WKnuUadApmhCaae1JXhWEe5A-p2P-Jfv46w1IC0j0LdvEdaGRO5S6AzkoZZxpyOw0My864amQm5f06oHRG5kB6thu1s1RMz-_PsiExZS41WHUO5uMGpncu5m705xMM0TWNm8Gzw1SHcHYW60Qm68ZwofC6k1Xb-1ZZsiUxtTgAiiK1W1c96JDh20000000e1dU0RWP____0U0P4UWPaG7m6O320u4Q__zdAS-W-no86i24FP0QW820W820Y42O6jJ3Kw0Q_AgRuShGi8lF0RWQ0_KQ0G0009WRcESti1j8k1i3eHm00020nVstlwaS0008mB4SUnIkH-5wXB-vGDWSrxO3u1olimdfy3_n700003soWCs_W1t_VvaTu1tazly2aHwe7W7G7lM_YFhcXekP4TWU-zeUY1____y1e1-jdASYi1y1o1-jtlvHqXy6DJSrEJCnW22048WW1B0WX84Ws23__m7W807e8C6QFo80YYgNMOsB58b2ITOnMO6StAIgWH0bbB7EGnaCHN2Wv49Z2BrGFrC36rxUIx6rDNl03D4N6R7f-qKF2Nz69h0hJc0CDNhEU8uO-4uoCfadZK5C-6Hz9tBaOLXAPm7ygOc1TQn9TB1Dm040~1=Wo0ejI_zOAK2jHW052j2fVnnfGEasDhzeVoap801W041Y077s-3XYW6G0SoWqSpOW8200fW1pA3Hp5YW0TIVg07Kdz7CMBW1hFsccYJO0QInhwG1u07IjkO2w05Sc0A8MQ02mfJY0y022w031B030kW4lns81VIG0f05yDi3i0N-UBW5_dZ01TlN1CW5l9W1q0MiAk05bAW6tW6u1u05q0SMs0SGu0U62l470032We06u0YXYl41w0a7cMcOOHbQwJ_9-0g0jHZP2nJCh1m0AV4Ww0lqa0AR1fWDx9Gpi3wW3i24FO0GqfR08i2ma881eH4qCpCpCpFZu167iiG1w17xyDEol_g7lZM0RTP0wv_GJ2PHeZ-O4mJW4_vuY1J7XwIShF2ioIIW5Fvug1JmsmEm5AlKe16u583geGK7q1JtgPLAs1IWYUoH1kWKZ0BG5Q29x946s1N1YlRieu-y_6EW5l21X9C6i1QG1iaMq1RYnjw-0TWMrlVlsTh3kut10O4Nc1VBkV01k1S1m1UrbW7G5z260zWNs-0ww1SMcHYW606m68ZwofC6k1Yf0VWOuzh7kztQYhB50O0PYHapQw0PtW6u6V___m7W6HRe6P41y1c0mWE16l__0pzK3hXLY1h0X3sG6e28W820W8X0c1hKmrEu6WBr6W40002O6vZdDx0RIBWR0zWR0UaR0000G5sCAK7m6xNzo07u6ykbCzWSz902u1pmsmFf7000y3_n700003soWCs_W1t_VvaTw1sUyVpcvSV_eHlm7R72uRJjn_-X6_WTsQdJXw-L_yKBaHwe7W7G7eQzgvBMz9xEATWU-jeUe1_Ibi0Yi1y2o1_Is9TIqXy6DJSrEJCnsHy0003W7KqmGU0Vlxo00kWV_E8cW22048WW1AaWi224W23O8F___m7W807e8Ct0Fny05pCiyIJ4R0X2baQoWCarWJKDnO0ShKRcnyM557614XP2G-17dtKfkGQIszAnl9eBXKB8qdSLWYm2QY0mV46CuCyKbh7A4KanyZNF1LCZnZedZK6KiI3GzbEpMyrSWcq23W00~1=Wn8ejI_zO8u2HHW0X2edKoINZWEIzxBLZwBAsBq1W041Y06vdRVNZ06G0QRee-dPW8200fW1fkYZwLcu0OIYhgeas060YVga0U01pfFSf07e0T82e0AMxwCPm08Be0C6i0C2aWM81UIi2v05YjaCi0MKdGEu1PIT0y05qlyvo0MltmxG1SsG0U05b06O1gREovu1g0RU0RW7W0NG1nRO1n3W1uOAyGS008081j08ceg0WSA2W0RW2CltqGpe2GUH6rnSYUFAFydu2e2r6DaB5Coi700fyI3e2-Ii2uWCy8lUlW7e39i6c0tib3DmFQ0Em8GzW130mkKYmA0GeH4qCpCpCpFZu167iiG1w17xyDEol_g7lZM0RTP02PlsNjeWiZ-O4mJW4vIT0uWKnuUadApmhCaae1IKdGEe58hP30VG50tO5CQ-o9C6w1IC0j0Lnhx8amRO5S6AzkoZZxpyOw0My864amQm5f06oHRG5l2Bthu1s1RMz-_PsiExZS41WHUO5utSpIwu5m705xMM0T0Nq8O3s1UFXZte5m6P6A0O2B0OYFhAamQu60Nu6EFQnxlTsegonG606OaPCskW6Tu1k1d___y1u1a1w1cH0V0PWC83WHh__sENSI8KueWQm8Gzc1hKmrEW6iUDg-FEaRlTIxWQ0lKQ0G0009WRcESti1j8k1i3s1i1wHi0001WTLSWGV0RzSQ00VWRyRPzs1pah0lW78hP3EaSyHm0000zie3Dlu0T_t-P7U0TeS85w1sYcxJfYDhInpVm7Vl6x9MAsjB7Dv4Ug1u1q1xIie2QW_kxclq1s1xwsXw87____m6W7y32vIAm7mF87y24lLBI7mOrDpKvCp7P7m000A2DdYH1u1-acg81w1-I_801W22048WW1AaWs23__m7W807e8BlBFnq0JCXuBGc1dZ1QNH4db121vJnPXXXvOi20LYFlup92YkH0oRNC45sEno2arK1oLJhMgBb8f6HPyAv2y4H03GHc086y1reEXnGZ0nWn07MJnjWb0ai5AeZ478DjeWW0~1=WoyejI_zOCG2BHa052jUPAD8n0E4mTQJouJFruW1W06ey9IolghYl5M80Qwehx5_a06kdFZPq820W0AO0QwS-DbGe06gg06gk06KuSMa8jW1gkwlcm7W0VYQmH_e0Um1-07kazw-0Q02qlgb69W3m8Gze0C8i0F42uW5aOm5a0NIhWMm1Sck0RW5oQu1m0MJrW781Rasq0MCFU05TvW6oDEBLwW6tW6u1xG6yGS00CA0W0RW2AdzaWpe2G00y3_9243u2e2r6DaB5Coi700fyI3e2v6CgGpmH32nRFpqF-WCcmQO3UoKCp0ye0x0X3q8G80GbRM07g0eeH4qCpCpCpFZu167iiG1w17xyDEol_g7lZM0RTP0w8Gk06ckk3-O4mJW4yck0OWKnuUadApmhCaae1J9hW6e5DAk1G7xojMI1kWKZ0B85QRvmy3F1j0L-yhLaWRO5S6AzkoZZxpyOw0My864amQm5f06oHRmFz0MzABVlW7O5jRtxzdQmxkDmG615vWNyElOABWN0S0NjPO1q1VGXWFO5yhqFkWN8PaOe1WLi1Y8-igJ1hWOamBu6EFQnxlTsegonG606OaPCskW6Tu1k1d___y1u1aXw1cH0V0PWC83-1dngASdWHh__rz80sH3muWQm8Gzc1hKmrEW6gdRqUgPa8xnW07r6W40002O6vZdDx0RIBWR0-aR0000G2Tn347m6-FtD_WRizqseHm000304-38lwaS2C2n77iKhaVXUeI_kK3O796C1U0Sqgu5wV0_yHm0000zie3Dlu0T_t-P7U0TgwW7aHwe7W7G7eAGkiIJmEd6XW7O7lhQ7eWV____0Q0VbRM07h0V1CWVbVVNJT8V1ZKtDJapCTaV0000G9JR2q7W7zhaDkWVhAWsW22048WW1B0WX80Ws23__m7W807e8EQaFoGWiGIB6gOecy22RLuWGxdHZeWHJ0XLMN5EpicVBO_JqGEoD3uoVuiBJLmWf87m0qIoVeBpYB7tvSE55wyjF8wGhF3qGfgWRe43G4XuaKd9_K2-hCK9z4YZj-0vCJ1R33S1U18QyC9IptBMHONiO9i31m00~1?stat-id=15&test-tag=1369493272064577&banner-sizes=eyI3MjA1NzYwNTg3NTcyMDUzMCI6IjQzM3gyMTAiLCI3MjA1NzYwNTkyOTQ0NTQxNCI6IjQzM3gyMTAiLCI3MjA1NzYwNjA5MzY5OTYwMyI6IjI4N3gyMTAiLCI3MjA1NzYwNDg2OTY1NDI5NSI6IjQzM3gyMTAifQ%3D%3D&format-type=124&actual-format=10&pcodever=575931&banner-test-tags=eyI3MjA1NzYwNTg3NTcyMDUzMCI6IjU3MzYxIiwiNzIwNTc2MDU5Mjk0NDU0MTQiOiI1NzM2MiIsIjcyMDU3NjA2MDkzNjk5NjAzIjoiMjQ1OTUiLCI3MjA1NzYwNDg2OTY1NDI5NSI6IjU3MzY0In0%3D&pcode-active-testids=574104%2C0%2C-1&width=1600&height=210&confirmTime=2100000&confirmRatio=1000000&wmode=0
Requested by
Host: an.yandex.ru
URL: https://an.yandex.ru/system/context.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.180.193.90 , Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
bs.yandex.ru
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Referer
https://goo.su/
accept-language
is-IS,is;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

pragma
no-cache
date
Wed, 04 May 2022 19:17:19 GMT
content-encoding
gzip
last-modified
Wed, 04 May 2022 19:17:19 GMT
p3p
CP="NOI DEVa TAIa OUR BUS UNI STA"
strict-transport-security
max-age=31536000
content-type
image/gif
access-control-allow-origin
https://goo.su
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*
x-xss-protection
1; mode=block
expires
Wed, 04 May 2022 19:17:19 GMT
conversion_async.js
www.googleadservices.com/pagead/ Frame C70F 		39 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/conversion_async.js
Requested by
Host: yastatic.net
URL: https://yastatic.net/q/set/s/rsya-tag-users/bundle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
is-IS,is;q=0.9
Referer
https://yastatic.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Wed, 04 May 2022 19:17:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14892
x-xss-protection
0
server
cafe
etag
4605403730725282575
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Wed, 04 May 2022 19:17:20 GMT
/
www.google.is/pagead/1p-user-list/1014923426/ Frame C70F
Redirect Chain
  • https://www.googleadservices.com/pagead/conversion/1014923426/?label=uXlUCLqxpmMQooH64wM&value=0&script=0
  • https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1014923426/?label=uXlUCLqxpmMQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=QNFyYoh37oj1-A-TvL64AQ...
  • https://www.google.com/pagead/1p-user-list/1014923426/?label=uXlUCLqxpmMQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&random=1034059583&crd=&is_vtc=1&random=2253484068
  • https://www.google.is/pagead/1p-user-list/1014923426/?label=uXlUCLqxpmMQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&random=1034059583&crd=&is_vtc=1&random=2253484068&ipr=y
42 B
108 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.is/pagead/1p-user-list/1014923426/?label=uXlUCLqxpmMQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&random=1034059583&crd=&is_vtc=1&random=2253484068&ipr=y
Protocol
H2
Server
142.250.184.227 -, , ASN (),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
is-IS,is;q=0.9
Referer
https://yastatic.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 04 May 2022 19:17:21 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 04 May 2022 19:17:21 GMT
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/gif
location
https://www.google.is/pagead/1p-user-list/1014923426/?label=uXlUCLqxpmMQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&random=1034059583&crd=&is_vtc=1&random=2253484068&ipr=y
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.is/pagead/1p-user-list/1014923426/ Frame C70F
Redirect Chain
  • https://www.googleadservices.com/pagead/conversion/1014923426/?label=ZLOgCM6elGEQooH64wM&value=0&script=0
  • https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1014923426/?label=ZLOgCM6elGEQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=QNFyYoJ4w4Rvvc2yqAI&ra...
  • https://www.google.com/pagead/1p-user-list/1014923426/?label=ZLOgCM6elGEQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&random=1112595741&crd=&is_vtc=1&random=1069169364
  • https://www.google.is/pagead/1p-user-list/1014923426/?label=ZLOgCM6elGEQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&random=1112595741&crd=&is_vtc=1&random=1069169364&ipr=y
42 B
108 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.is/pagead/1p-user-list/1014923426/?label=ZLOgCM6elGEQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&random=1112595741&crd=&is_vtc=1&random=1069169364&ipr=y
Protocol
H2
Server
142.250.184.227 -, , ASN (),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
is-IS,is;q=0.9
Referer
https://yastatic.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 04 May 2022 19:17:21 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 04 May 2022 19:17:21 GMT
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/gif
location
https://www.google.is/pagead/1p-user-list/1014923426/?label=ZLOgCM6elGEQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&random=1112595741&crd=&is_vtc=1&random=1069169364&ipr=y
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
3
mc.yandex.ru/watch/ Frame C70F 		174 B
273 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.ru/watch/3?wmode=7&page-url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.83%2F1-1-0%2Frender.html&page-ref=https%3A%2F%2Fgoo.su%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A%3Avf%3A3epd2s48awifpnz15xts%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A790%3Acn%3A1%3Adp%3A0%3Als%3A1485996204949%3Ahid%3A133012767%3Az%3A0%3Ai%3A20220504191719%3Aet%3A1651691840%3Ac%3A1%3Arn%3A750492965%3Arqn%3A1%3Au%3A1651691840166563142%3Aw%3A1x1%3As%3A1600x1200x24%3Ask%3A1%3Aifr%3A1%3Acpf%3A1%3Ans%3A1651691836750%3Ads%3A0%2C540%2C119%2C9%2C0%2C0%2C%2C14%2C0%2C683%2C683%2C0%2C683%3Aco%3A0%3Ast%3A1651691840&t=gdpr()aw(1)ti(2)
Requested by
Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/watch.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
93.158.134.119 , Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
mc.yandex.ru
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
is-IS,is;q=0.9
Referer
https://yastatic.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 04 May 2022 19:17:19 GMT
x-content-type-options
nosniff
last-modified
Wed, 04-May-2022 19:17:19 GMT
strict-transport-security
max-age=31536000
content-type
application/json; charset=utf-8
access-control-allow-origin
https://yastatic.net
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-length
174
x-xss-protection
1; mode=block
expires
Wed, 04-May-2022 19:17:19 GMT
advert.gif
mc.yandex.ru/metrika/ Frame C70F 		43 B
100 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mc.yandex.ru/metrika/advert.gif
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
93.158.134.119 , Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
mc.yandex.ru
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
is-IS,is;q=0.9
Referer
https://yastatic.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Wed, 04 May 2022 19:17:19 GMT
last-modified
Mon, 18 Apr 2022 12:16:58 GMT
etag
"625d2c8a-2b"
strict-transport-security
max-age=31536000
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=3600
accept-ranges
bytes
content-length
43
expires
Wed, 04 May 2022 20:17:19 GMT
37412095
mc.yandex.ru/watch/ Frame C70F 		357 B
392 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.ru/watch/37412095?wmode=7&page-url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.83%2F1-1-0%2Frender.html&page-ref=https%3A%2F%2Fgoo.su%2F&charset=utf-8&site-info=%7B%22extensions%22%3A%22%22%2C%22fromGoogle%22%3A%22false%22%2C%22fromCancel%22%3A%22false%22%2C%22loyal%22%3A%220%22%2C%22sbscrb%22%3A%22%22%2C%22p%22%3A%22%22%2C%22b%22%3A%22%22%2C%22fresh%22%3A%220%22%2C%22infected%22%3A%22%22%2C%22slow%22%3A%22%22%2C%22os%22%3A%22windows%22%2C%22browser%22%3A%22chrome%22%2C%22winxp%22%3A%22false%22%2C%22old%22%3A%22actual%22%2C%22yabroAge%22%3Anull%7D&browser-info=pv%3A1%3Agdpr%3A6%3Avf%3A3epd2s48awifpnz15xts%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A790%3Acn%3A2%3Adp%3A1%3Als%3A1195186750233%3Ahid%3A133012767%3Az%3A0%3Ai%3A20220504191719%3Aet%3A1651691840%3Ac%3A1%3Arn%3A227905334%3Arqn%3A1%3Au%3A1651691840166563142%3Aw%3A1x1%3As%3A1600x1200x24%3Ask%3A1%3Aifr%3A1%3Acpf%3A1%3Ans%3A1651691836750%3Ads%3A0%2C540%2C119%2C9%2C0%2C0%2C%2C14%2C0%2C683%2C683%2C0%2C683%3Aco%3A0%3Arqnl%3A1%3Ast%3A1651691840%3At%3A&t=gdpr(6)aw(1)ti(2)
Requested by
Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/watch.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
93.158.134.119 , Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
mc.yandex.ru
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
is-IS,is;q=0.9
Referer
https://yastatic.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 04 May 2022 19:17:19 GMT
x-content-type-options
nosniff
last-modified
Wed, 04-May-2022 19:17:19 GMT
strict-transport-security
max-age=31536000
content-type
application/json; charset=utf-8
access-control-allow-origin
https://yastatic.net
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-length
357
x-xss-protection
1; mode=block
expires
Wed, 04-May-2022 19:17:19 GMT
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/947884341/ Frame C70F 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/947884341/?random=1651691840108&cv=9&fst=1651691840108&num=1&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&ig=1&data=extensions%3D%3BfromGoogle%3Dfalse%3BfromCancel%3Dfalse%3Bloyal%3D0%3Bsbscrb%3D%3Bp%3D%3Bb%3D%3Bfresh%3D0%3Binfected%3D%3Bslow%3D%3Bos%3Dwindows%3Bbrowser%3Dchrome%3Bwinxp%3Dfalse%3Bold%3Dactual&frm=2&url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.83%2F1-1-0%2Frender.html&ref=https%3A%2F%2Fgoo.su%2F&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4
Requested by
Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
is-IS,is;q=0.9
Referer
https://yastatic.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 04 May 2022 19:17:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1112
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/693627671/ Frame C70F 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/693627671/?random=1651691840112&cv=9&fst=1651691840112&num=1&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&ig=1&data=extensions%3D%3BfromGoogle%3Dfalse%3BfromCancel%3Dfalse%3Bloyal%3D0%3Bsbscrb%3D%3Bp%3D%3Bb%3D%3Bfresh%3D0%3Binfected%3D%3Bslow%3D%3Bos%3Dwindows%3Bbrowser%3Dchrome%3Bwinxp%3Dfalse%3Bold%3Dactual&frm=2&url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.83%2F1-1-0%2Frender.html&ref=https%3A%2F%2Fgoo.su%2F&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4
Requested by
Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
is-IS,is;q=0.9
Referer
https://yastatic.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 04 May 2022 19:17:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1111
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/947884341/ Frame C70F 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/947884341/?random=1651691840114&cv=9&fst=1651691840114&num=1&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&ig=1&data=extensions%3D%3BfromGoogle%3Dfalse%3BfromCancel%3Dfalse%3Bloyal%3D0%3Bsbscrb%3D%3Bp%3D%3Bb%3D%3Bfresh%3D0%3Binfected%3D%3Bslow%3D%3Bos%3Dwindows%3Bbrowser%3Dchrome%3Bwinxp%3Dfalse%3Bold%3Dactual&frm=2&url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.83%2F1-1-0%2Frender.html&ref=https%3A%2F%2Fgoo.su%2F&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4
Requested by
Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
is-IS,is;q=0.9
Referer
https://yastatic.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 04 May 2022 19:17:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1113
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/693627671/ Frame C70F 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/693627671/?random=1651691840115&cv=9&fst=1651691840115&num=1&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&ig=1&data=extensions%3D%3BfromGoogle%3Dfalse%3BfromCancel%3Dfalse%3Bloyal%3D0%3Bsbscrb%3D%3Bp%3D%3Bb%3D%3Bfresh%3D0%3Binfected%3D%3Bslow%3D%3Bos%3Dwindows%3Bbrowser%3Dchrome%3Bwinxp%3Dfalse%3Bold%3Dactual&frm=2&url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.83%2F1-1-0%2Frender.html&ref=https%3A%2F%2Fgoo.su%2F&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4
Requested by
Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
is-IS,is;q=0.9
Referer
https://yastatic.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 04 May 2022 19:17:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1113
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.com/pagead/1p-user-list/947884341/ Frame C70F 		42 B
108 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/947884341/?random=1651691840114&cv=9&fst=1651690800000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&data=extensions%3D%3BfromGoogle%3Dfalse%3BfromCancel%3Dfalse%3Bloyal%3D0%3Bsbscrb%3D%3Bp%3D%3Bb%3D%3Bfresh%3D0%3Binfected%3D%3Bslow%3D%3Bos%3Dwindows%3Bbrowser%3Dchrome%3Bwinxp%3Dfalse%3Bold%3Dactual&frm=2&url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.83%2F1-1-0%2Frender.html&ref=https%3A%2F%2Fgoo.su%2F&async=1&fmt=3&is_vtc=1&random=1199096385&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.228 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f4.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
is-IS,is;q=0.9
Referer
https://yastatic.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 04 May 2022 19:17:21 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.is/pagead/1p-user-list/947884341/ Frame C70F 		42 B
108 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.is/pagead/1p-user-list/947884341/?random=1651691840114&cv=9&fst=1651690800000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&data=extensions%3D%3BfromGoogle%3Dfalse%3BfromCancel%3Dfalse%3Bloyal%3D0%3Bsbscrb%3D%3Bp%3D%3Bb%3D%3Bfresh%3D0%3Binfected%3D%3Bslow%3D%3Bos%3Dwindows%3Bbrowser%3Dchrome%3Bwinxp%3Dfalse%3Bold%3Dactual&frm=2&url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.83%2F1-1-0%2Frender.html&ref=https%3A%2F%2Fgoo.su%2F&async=1&fmt=3&is_vtc=1&random=1199096385&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.227 -, , ASN (),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
is-IS,is;q=0.9
Referer
https://yastatic.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 04 May 2022 19:17:21 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.com/pagead/1p-user-list/693627671/ Frame C70F 		42 B
108 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/693627671/?random=1651691840112&cv=9&fst=1651690800000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&data=extensions%3D%3BfromGoogle%3Dfalse%3BfromCancel%3Dfalse%3Bloyal%3D0%3Bsbscrb%3D%3Bp%3D%3Bb%3D%3Bfresh%3D0%3Binfected%3D%3Bslow%3D%3Bos%3Dwindows%3Bbrowser%3Dchrome%3Bwinxp%3Dfalse%3Bold%3Dactual&frm=2&url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.83%2F1-1-0%2Frender.html&ref=https%3A%2F%2Fgoo.su%2F&async=1&fmt=3&is_vtc=1&random=2651622419&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.228 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f4.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
is-IS,is;q=0.9
Referer
https://yastatic.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 04 May 2022 19:17:21 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.is/pagead/1p-user-list/693627671/ Frame C70F 		42 B
108 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.is/pagead/1p-user-list/693627671/?random=1651691840112&cv=9&fst=1651690800000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&data=extensions%3D%3BfromGoogle%3Dfalse%3BfromCancel%3Dfalse%3Bloyal%3D0%3Bsbscrb%3D%3Bp%3D%3Bb%3D%3Bfresh%3D0%3Binfected%3D%3Bslow%3D%3Bos%3Dwindows%3Bbrowser%3Dchrome%3Bwinxp%3Dfalse%3Bold%3Dactual&frm=2&url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.83%2F1-1-0%2Frender.html&ref=https%3A%2F%2Fgoo.su%2F&async=1&fmt=3&is_vtc=1&random=2651622419&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.227 -, , ASN (),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
is-IS,is;q=0.9
Referer
https://yastatic.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 04 May 2022 19:17:21 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.com/pagead/1p-user-list/947884341/ Frame C70F 		42 B
108 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/947884341/?random=1651691840108&cv=9&fst=1651690800000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&data=extensions%3D%3BfromGoogle%3Dfalse%3BfromCancel%3Dfalse%3Bloyal%3D0%3Bsbscrb%3D%3Bp%3D%3Bb%3D%3Bfresh%3D0%3Binfected%3D%3Bslow%3D%3Bos%3Dwindows%3Bbrowser%3Dchrome%3Bwinxp%3Dfalse%3Bold%3Dactual&frm=2&url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.83%2F1-1-0%2Frender.html&ref=https%3A%2F%2Fgoo.su%2F&async=1&fmt=3&is_vtc=1&random=1443782248&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.228 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f4.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
is-IS,is;q=0.9
Referer
https://yastatic.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 04 May 2022 19:17:21 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.is/pagead/1p-user-list/947884341/ Frame C70F 		42 B
548 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.is/pagead/1p-user-list/947884341/?random=1651691840108&cv=9&fst=1651690800000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&data=extensions%3D%3BfromGoogle%3Dfalse%3BfromCancel%3Dfalse%3Bloyal%3D0%3Bsbscrb%3D%3Bp%3D%3Bb%3D%3Bfresh%3D0%3Binfected%3D%3Bslow%3D%3Bos%3Dwindows%3Bbrowser%3Dchrome%3Bwinxp%3Dfalse%3Bold%3Dactual&frm=2&url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.83%2F1-1-0%2Frender.html&ref=https%3A%2F%2Fgoo.su%2F&async=1&fmt=3&is_vtc=1&random=1443782248&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.227 -, , ASN (),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
is-IS,is;q=0.9
Referer
https://yastatic.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 04 May 2022 19:17:21 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.com/pagead/1p-user-list/693627671/ Frame C70F 		42 B
548 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/693627671/?random=1651691840115&cv=9&fst=1651690800000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&data=extensions%3D%3BfromGoogle%3Dfalse%3BfromCancel%3Dfalse%3Bloyal%3D0%3Bsbscrb%3D%3Bp%3D%3Bb%3D%3Bfresh%3D0%3Binfected%3D%3Bslow%3D%3Bos%3Dwindows%3Bbrowser%3Dchrome%3Bwinxp%3Dfalse%3Bold%3Dactual&frm=2&url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.83%2F1-1-0%2Frender.html&ref=https%3A%2F%2Fgoo.su%2F&async=1&fmt=3&is_vtc=1&random=1789869139&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.228 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f4.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
is-IS,is;q=0.9
Referer
https://yastatic.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 04 May 2022 19:17:21 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.is/pagead/1p-user-list/693627671/ Frame C70F 		42 B
108 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.is/pagead/1p-user-list/693627671/?random=1651691840115&cv=9&fst=1651690800000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&data=extensions%3D%3BfromGoogle%3Dfalse%3BfromCancel%3Dfalse%3Bloyal%3D0%3Bsbscrb%3D%3Bp%3D%3Bb%3D%3Bfresh%3D0%3Binfected%3D%3Bslow%3D%3Bos%3Dwindows%3Bbrowser%3Dchrome%3Bwinxp%3Dfalse%3Bold%3Dactual&frm=2&url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.83%2F1-1-0%2Frender.html&ref=https%3A%2F%2Fgoo.su%2F&async=1&fmt=3&is_vtc=1&random=1789869139&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.227 -, , ASN (),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
is-IS,is;q=0.9
Referer
https://yastatic.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 04 May 2022 19:17:21 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
acint.net
URL
https://acint.net/rmatch/?dp=151&r=https%3A%2F%2Fan.yandex.ru%2Fmapuid%2FSAPEis%2F%24%7BUSER_ID%7D

Verdicts & Comments Add Verdict or Comment

4 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| oncontextlost object| oncontextrestored function| structuredClone function| getScreenDetails

59 Cookies

Domain/Path Name / Value
yastatic.net/safeframe-bundles/0.83/1-1-0 Name: afpix
Value: 1
yastatic.net/safeframe-bundles/0.83/1-1-0 Name: pcssspb
Value: 1
yastatic.net/safeframe-bundles/0.83/1-1-0 Name: pcs3
Value: 1
goo.su/ Name: XSRF-TOKEN
Value: eyJpdiI6IkhHK2NZN1ovZU5ldzlVWllBSnpKRGc9PSIsInZhbHVlIjoiUkpwZnVQNi9hdXpkeWRxdVJKQUZvamRNclBlUVpGaW9TQmRoMk1uaUxxUHhJUkVkeUxqdDViUHUxdHJQWDNLRCtQSzZvNTlMWU5aL0VhaGhhZGxtZVVWa2tzbjNFQUY3RUtBZHc4aVdxTkZSbWJzMitqNWxCUlJ6RS82UGNieWEiLCJtYWMiOiI3YmI2MTlkMTU4M2Q0NTc4OTIxMGFmYzg5MmUzMWEwN2FlYWE2NmM2NmE0NzZjYjYxM2QxOThhZTQxZjI0MTVkIiwidGFnIjoiIn0%3D
goo.su/ Name: goosu_session
Value: eyJpdiI6IkFZdzY1WmlWWTViTkRCZUxObUV5L2c9PSIsInZhbHVlIjoiREVnaHNJM0VVV0RNYzNJRnpGdVdrWXlUNHhsWHVCaW4rc0pLejNQWUQ0bTY1VUJ5K3h5Vll4WFp3NGVJOXhmL2ZlcHVVdE5BK3lFNFNpZi9XRTVvWm5BUUhsVUhxSnFEcXRQODRIUUUyZjdzVlBSTGlmNDI1Wk82c1M3SHZ2UmoiLCJtYWMiOiI4ODIzMzQ1NjhmNjYwOTVkODAwMjc2NzY2YWYxZmQ0ODUwZmNhMThjNGIxOThmNTcwOWVkOWJmY2FmZTg0ZWU3IiwidGFnIjoiIn0%3D
.yadro.ru/ Name: FTID
Value: 1YSj4w1WWmOJ1YSj4w000VSe
.yadro.ru/ Name: VID
Value: 2LmNxV2XwF8J1YSj4w000VUj
.goo.su/ Name: tmr_lvid
Value: 068d689bc2698c295132769ce841b43c
.goo.su/ Name: tmr_lvidTS
Value: 1651691835141
.goo.su/ Name: top100_id
Value: t1.6673155.1142143426.1651691835282
.goo.su/ Name: adtech_uid
Value: d91e53c7-b4aa-43e1-9f17-b688f94ccf44%3Agoo.su
.goo.su/ Name: user-id_1.0.5_lr_lruid
Value: pQ8AADvRcmIWLrwdAfB16gA%3D
.an.yandex.ru/ Name: yabs-vdrf
Value: A0
.rambler.ru/ Name: ruid
Value: 1CIAADzRcmKKhYchAXXHBAB=
goo.su/ Name: tmr_detect
Value: 0%7C1651691837406
.yandex.ru/ Name: yuidss
Value: 9239115391651691837
.yandex.ru/ Name: yandexuid
Value: 9239115391651691837
.weborama.fr/ Name: AFFICHE_W
Value: UjGnfIjVVX9S45
.sonar.semantiqo.com/ Name: semantiqo_a
Value: 2a035a65230a40bd96f7d043664e6483
.sonar.semantiqo.com/ Name: check
Value: 68465e7ebaa34b75ae6ce06f5c68c5f8
.aidata.io/ Name: __upin
Value: 004P4TpLd/ZlF5qro3CDMQ
.aidata.io/ Name: __upints
Value: 1651691837
.1dmp.io/ Name: uid
Value: d035ae81-cbde-11ec-ad67-f832e4719dd9
.dmg.digitaltarget.ru/ Name: viuserid
Value: iPiyH3BAQRbNtL577pjw
.rutarget.ru/ Name: userId
Value: Zqq9RdQFehSq
x01.aidata.io/ Name: yaya
Value: 1
.1dmp.io/ Name: ru-seq
Value: null
.adx.opera.com/ Name: UID
Value: bf7e7a41a06f456798e173ecc82ef283
.betweendigital.com/ Name: dc
Value: lux1
.betweendigital.com/ Name: ss
Value: 1
.demdex.net/ Name: demdex
Value: 68313315625993017151757224929554665029
.dpm.demdex.net/ Name: dpm
Value: 68313315625993017151757224929554665029
.betweendigital.com/ Name: tuuid
Value: e2725037-9719-527c-b577-c199d70510a7
.betweendigital.com/ Name: ut
Value: YnLRPgAECyjzN7EH6mwC-uqxJccPqELhiZGF_A==
.hybrid.ai/ Name: vid
Value: 15a04e712779b3a7944f
.doubleclick.net/ Name: IDE
Value: AHWqTUklea4W4Y4cNv9UlU1dJOEPQQskwz64nHdeiKIRBvRU-2r9HsKtpcbgrTm3rkQ
.upravel.com/ Name: session_tptc
Value: 1651691838397
mc.yandex.ru/ Name: yabs-sid
Value: 836351221651691838
.yandex.ru/ Name: i
Value: MeVnCibY0HxhYkPt3dUY0/m533zlHuCIZnIX0JG9aqraRncbWze/xPuR7QuHeDra+VmnOpBDhM0bEt9bamGZ6CS5n+o=
.mts.ru/ Name: dspid
Value: 220d7536-b9e5-4513-8344-765f07ddae75
.caltat.com/ Name: caltat
Value: f5169240b838469b8c58ce988aafd775
.whiteboxdigital.ru/ Name: MiId
Value: 4a92a8f5-deb9-40f8-95bf-10234c52093f
.yandex.ru/ Name: ymex
Value: 1683227838.yrts.1651691838#1683227838.yrtsi.1651691838
.upravel.com/ Name: user_id
Value: 003c8bda-9ab2-4607-adff-33b61d6edbd0
.uuidksinc.net/ Name: jcsuuid
Value: TQi0y75NwdPmgQcv9NcQ
.tns-counter.ru/ Name: guid
Value: 0CF76B076272D13EX1651691838
.magnitent.com/ Name: sonar
Value: 2a035a65230a40bd96f7d043664e6483
.magnitent.com/ Name: ct
Value: f5169240b838469b8c58ce988aafd775
.magnitent.com/ Name: spid
Value: 1632359CEC9984A0
.magnitent.com/ Name: 3db
Value: 1632359CEC9984A0
.adhigh.net/ Name: gi_u
Value: MX6j02BPBZm.AikABlGAkIFeLA
.mts.ru/ Name: mts_id
Value: b7a0edad-e40b-4408-9975-e8f5d34888aa
.mts.ru/ Name: mts_id_last_sync
Value: 1651691839
.adhigh.net/ Name: yandexssp_sync
Value: jlU
.goo.su/ Name: tmr_reqNum
Value: 3
.goo.su/ Name: t2_sid_6673155
Value: s1.499640728.1651691835282.1651691839536.1.2.2.1
.mail.ru/ Name: VID
Value: 0VwJM2068Po900000d1EH4o9:::0-0-0-78d29fb:CAASEPIIAkxtaS0cRcYUeUXPey0aYK6PKp7GlVaoGhZMXtZMLTTCiE9XWFsevwoaZmwDg1ArCD1AURHtwVtGzARlwKmPZaXLKLU7hjEQQBxE6KdYyWbJ-VDhYs2SX0clT93jtoz-qxJW7Wf9yKgNu_fJdL62fg
.yandex.ru/ Name: is_gdpr
Value: 1
.yandex.ru/ Name: is_gdpr_b
Value: CK2NTBCGcRgB

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

003c8bda-9ab2-4607-adff-33b61d6edbd0.sync.upravel.com
acint.net
ads.betweendigital.com
an.yandex.ru
avatars.mds.yandex.net
cdn3.caltat.com
clicks.istripper.com
cm.g.doubleclick.net
cm.tns-counter.ru
counter.yadro.ru
dm.hybrid.ai
dmg.digitaltarget.ru
dpm.demdex.net
exchange.buzzoola.com
fonts.googleapis.com
fonts.gstatic.com
goo.su
googleads.g.doubleclick.net
istlnkcl.com
kraken.rambler.ru
match.new-programmatic.com
mc.yandex.ru
mitdmp.whiteboxdigital.ru
profile.ssp.rambler.ru
px.adhigh.net
redirect.frontend.weborama.fr
s.uuidksinc.net
sm.rtb.mts.ru
sonar.semantiqo.com
ssp.adriver.ru
st.top100.ru
sync.1dmp.io
sync.bumlam.com
sync.dmp.otm-r.com
sync.magnitent.com
sync.upravel.com
t.adx.opera.com
tech.rtb.mts.ru
top-fwz1.mail.ru
www.google.com
www.google.is
www.googleadservices.com
www.istripper.com
x01.aidata.io
yandex-dmp-sync.rutarget.ru
yandex-sync.rutarget.ru
yandex.ru
yastatic.net
ysa-static.passport.yandex.ru
acint.net
104.21.38.221
130.185.144.4
136.243.48.22
142.250.184.227
142.250.185.138
142.250.185.162
142.250.185.194
142.250.185.228
142.250.186.130
142.250.186.35
148.251.156.238
148.251.237.106
172.64.144.99
178.154.131.216
185.15.175.131
188.42.191.196
188.72.107.194
188.72.107.228
194.190.76.44
194.226.130.229
195.201.152.110
213.180.193.90
213.87.44.187
217.65.2.150
217.66.147.165
217.69.133.145
31.172.81.160
31.220.27.134
35.190.24.218
37.18.16.22
5.255.255.60
52.31.67.18
81.163.17.245
81.19.89.16
81.19.89.18
81.222.128.215
82.145.213.8
87.250.247.184
87.250.250.114
88.212.201.216
89.108.120.76
91.192.149.14
93.158.134.119
95.216.101.186
95.217.109.66
0548a06128725c0dd63b24dfd94c163cd546c46c309d0d078bd8ea9bd6b6f5d6
1310f5b8e0fa4910a333cd4c065ff152be6b73fde5a7b53a7fa5578175481f3b
14780fc1a64fa4a12547d1ee5d6629779d6a99b35146dd51302a02f36f9af223
18c327afa903633f86c3efcf12b77f098077eacaa8be101bb007846fd74f8b93
245fc66706a491bda261ca725bd2667395300fce2836fd21c68d3fd9bbb516e4
24e480e4659fbae818853a38f8a3036f529f539024dc3e772c0b594ce02ea9db
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11
2b26da065c00f1b310dc12256dc3e00abc1c42c8328f6f5c5a2de51e44e58afa
2c84d9ab5b2dd5c770675c7c9e9219710fdd23745fbaf02a07e8c90ef078d38e
32212fbe1d9e9032b73c42b3da4c24ec8c8453de0d323222c881d03c7fabffce
34806ef573086241dd1a596a860b0295b51c24f1c37eab36eb9d0665683abb55
46eeadf1c1710ab1088fcde1b36f7a004a9942759bc6e2bcb936204c2c777c2c
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
5f5207d85d6ae8e4f326dcc93358be35cb3a06ecafa3090114266127b9f527c9
5f72c4cc3151182f99faa30bf33dc963672fc5c1729b228a2a35b6e8333a051d
6986582e0e0f88648015fc0565448b0fd25733ea701a59af7303c9322bf175d0
86d9d7d32ba3d9eb9fbea6508c725c17c44f80d6a7d16ca1fa79a85c4b632e91
8c4967c13572e41e718dfbb3d84dddeacc748aa14cb2d65ad91ecdde60f50664
8dce942aed6b0f06544ff62330985f597c209d708a97c4fa282e5ae9b69dcf73
8dd3b91ca60e6a0486326c5c275590dd1d753240c2efa9f94730815813997fee
914589bd94899b3290639361c715d564515e87bce364dc3234b82b17b62f3062
99ce12c620cad2a285992997f19b060be8b537a8505b90a8dc91fa0e6e87345a
9c911ab93cf6099aeeddb19cb1903d0ef838329443c3a0549c754da47f90a70a
9e9c1dcb1ef435767cb47c13707b5377898a9c2f152a8710de9293e8c9c0139c
a0970d9d7a3f80d9d80887d6675cc0fab1040153affb8defd6c785b6b46112b4
a26ea2b4c0d0aa2e49a78830ca555f893a498f132f337384a3be373fc5aa93df
b0c84a02fcbbf94b045e9304f22023336c7dd101978f0612483b7ae79ed00dd6
c7a987be3cbd97bc18f5c4dac63af0993a04e647ee2504812471192f423e591d
cac303967c47154ec22b0586117dd335d8c4f985a94bc69377d1e25c176cd973
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
cce577471c2586f3e0c2518fff84a970d33f61491fb8c629341b86f238cf07c0
ce820ddde3b57db396b814b8bbd40e27edef6f5eab951b2053e934dd47e9e1c2
cff9e3917907425d21401b73197b19c96b4ed0bb81aac2e2355886a049b9faa0
e10cd8d343f9c37e3500c69d92f7ac7e78b6c7df29a2ace8cffe71bfa494e8c9
e1cff21864c46e1da263fa83c14ed6d190bc5afbdd35188de15f10eb8bedd264
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f1153a7d9e7f877b55f4e32fe45448a1229fdc0ab67ae1bfa09fd77b9c72679a