goo.su Open in urlscan Pro
104.26.2.56 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://goo.su/A9GpEB
Submission Tags: @phish_report
Submission: On April 29 via api (April 29th 2025, 5:53:37 pm UTC) from FI — Scanned from FI

Summary HTTP 201 Redirects Behaviour Indicators

Summary

This website contacted 54 IPs in 8 countries across 67 domains to perform 201 HTTP transactions. The main IP is 104.26.2.56, located in and belongs to CLOUDFLARENET, US. The main domain is goo.su. The Cisco Umbrella rank of the primary domain is 159870.
TLS certificate: Issued by WE1 on March 22nd 2025. Valid for: 3 months.

This is the only time goo.su was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2	104.26.2.56 104.26.2.56	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	216.58.206.42 216.58.206.42	15169 (GOOGLE) (GOOGLE)
2	151.101.193.229 151.101.193.229	54113 (FASTLY) (FASTLY)
2	13.32.99.118 13.32.99.118	16509 (AMAZON-02) (AMAZON-02)
7	142.250.185.130 142.250.185.130	15169 (GOOGLE) (GOOGLE)
1	65.109.72.77 65.109.72.77	24940 (HETZNER-A...) (HETZNER-AS Hetzner Online GmbH)
2	172.217.18.8 172.217.18.8	15169 (GOOGLE) (GOOGLE)
2 10	77.88.21.119 77.88.21.119	13238 (YANDEX YA...) (YANDEX YANDEX LLC)
3	95.163.52.67 95.163.52.67	47764 (VK-AS LLC VK) (VK-AS LLC VK)
1	88.212.201.204 88.212.201.204	39134 (UNITEDNET...) (UNITEDNET EDINAYA SET LIMITED LIABILITY COMPANY)
2	151.236.71.248 151.236.71.248	204720 (CDNetwork...) (CDNetworks GLOBAL CLOUD NETWORK LLC)
4	95.181.182.182 95.181.182.182	210756 (EdgeCente...) (EdgeCenterLLC EdgeCenter LLC)
5	95.163.52.89 95.163.52.89	47764 (VK-AS LLC VK) (VK-AS LLC VK)
3	94.139.255.28 94.139.255.28	208677 (CLOUDRU-A...) (CLOUDRU-AS "Cloud Technologies" LLC trading as Cloud.ru)
1	216.239.34.36 216.239.34.36	15169 (GOOGLE) (GOOGLE)
3	77.88.55.88 77.88.55.88	13238 (YANDEX YA...) (YANDEX YANDEX LLC)
2 7	142.132.138.214 142.132.138.214	24940 (HETZNER-A...) (HETZNER-AS Hetzner Online GmbH)
2 11	194.55.244.177 194.55.244.177	34959 (PROCLOUD ...) (PROCLOUD KVIKTEL LLC)
2	151.236.118.162 151.236.118.162	204720 (CDNetwork...) (CDNetworks GLOBAL CLOUD NETWORK LLC)
2 6	142.132.138.215 142.132.138.215	24940 (HETZNER-A...) (HETZNER-AS Hetzner Online GmbH)
2 4	89.108.120.76 89.108.120.76	197695 (AS-REGRU ...) (AS-REGRU "Domain names registrar REG.RU")
1 5	185.65.149.228 185.65.149.228	51115 (HLL-AS HL...) (HLL-AS HLL LLC)
2 2	31.172.81.147 31.172.81.147	44066 (DE-FIRSTC...) (DE-FIRSTCOLO firstcolo GmbH)
1	46.148.230.54 46.148.230.54	49505 (SELECTEL ...) (SELECTEL JSC Selectel)
1 2	185.15.175.158 185.15.175.158	43226 (SAFEDATA ...) (SAFEDATA Data Storage Center JSC)
1	188.114.96.3 188.114.96.3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	37.230.131.21 37.230.131.21	200197 (HYBRID-Po...) (HYBRID-Poland HYBRID ADTECH SP.Z.O.O.)
2 2	35.190.24.218 35.190.24.218	15169 (GOOGLE) (GOOGLE)
2 2	195.209.109.27 195.209.109.27	52007 (ADRIVER L...) (ADRIVER LLC AdRiver)
2 2	85.198.116.123 85.198.116.123	29182 (RU-JSCIOT...) (RU-JSCIOT JSC IOT)
2 4	37.0.127.205 37.0.127.205	61400 (NETRACK-A...) (NETRACK-AS Start LLC)
1 1	46.243.142.48 46.243.142.48	208677 (CLOUDRU-A...) (CLOUDRU-AS "Cloud Technologies" LLC trading as Cloud.ru)
2 3	45.138.161.80 45.138.161.80	50340 (SELECTEL-...) (SELECTEL-MSK JSC Selectel)
1	46.243.201.48 46.243.201.48	208677 (CLOUDRU-A...) (CLOUDRU-AS "Cloud Technologies" LLC trading as Cloud.ru)
1 5	172.67.74.180 172.67.74.180	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	213.180.193.90 213.180.193.90	13238 (YANDEX YA...) (YANDEX YANDEX LLC)
1	185.149.242.236 185.149.242.236	49505 (SELECTEL ...) (SELECTEL JSC Selectel)
3 5	193.232.150.71 193.232.150.71	48061 (UMA-TECH-...) (UMA-TECH-AS Limited Liability Company GPM Digital Technologies)
1 2	193.3.184.216 193.3.184.216	50214 (QWARTA QW...) (QWARTA QWARTA LLC)
1	217.199.220.72 217.199.220.72	61400 (NETRACK-A...) (NETRACK-AS Start LLC)
1	176.114.85.200 176.114.85.200	50340 (SELECTEL-...) (SELECTEL-MSK JSC Selectel)
2	93.158.134.118 93.158.134.118	13238 (YANDEX YA...) (YANDEX YANDEX LLC)
1	65.109.65.188 65.109.65.188	24940 (HETZNER-A...) (HETZNER-AS Hetzner Online GmbH)
1	194.55.244.189 194.55.244.189	34959 (PROCLOUD ...) (PROCLOUD KVIKTEL LLC)
1	172.240.127.128 172.240.127.128	7979 (SERVERS-COM) (SERVERS-COM)
1	37.0.127.91 37.0.127.91	61400 (NETRACK-A...) (NETRACK-AS Start LLC)
1	45.139.25.121 45.139.25.121	34959 (PROCLOUD ...) (PROCLOUD KVIKTEL LLC)
1	158.160.40.8 158.160.40.8	200350 (YandexClo...) (YandexCloud Yandex.Cloud LLC)
1	139.45.228.135 139.45.228.135	57304 (RETNRU-AS...) (RETNRU-AS JSC "RetnNet")
1	31.172.81.172 31.172.81.172	44066 (DE-FIRSTC...) (DE-FIRSTCOLO firstcolo GmbH)
1	195.209.109.25 195.209.109.25	52007 (ADRIVER L...) (ADRIVER LLC AdRiver)
1	37.9.64.225 37.9.64.225	13238 (YANDEX YA...) (YANDEX YANDEX LLC)
1	51.250.75.211 51.250.75.211	200350 (YandexClo...) (YandexCloud Yandex.Cloud LLC)
1 2	193.232.148.144 193.232.148.144	48061 (UMA-TECH-...) (UMA-TECH-AS Limited Liability Company GPM Digital Technologies)
2 2	195.209.109.30 195.209.109.30	52007 (ADRIVER L...) (ADRIVER LLC AdRiver)
2	195.209.109.18 195.209.109.18	52007 (ADRIVER L...) (ADRIVER LLC AdRiver)
1	37.230.131.16 37.230.131.16	200197 (HYBRID-Po...) (HYBRID-Poland HYBRID ADTECH SP.Z.O.O.)
1	185.15.175.134 185.15.175.134	43226 (SAFEDATA ...) (SAFEDATA Data Storage Center JSC)
1 1	194.55.244.181 194.55.244.181	34959 (PROCLOUD ...) (PROCLOUD KVIKTEL LLC)
1 1	46.243.142.239 46.243.142.239	208677 (CLOUDRU-A...) (CLOUDRU-AS "Cloud Technologies" LLC trading as Cloud.ru)
1 1	65.109.65.187 65.109.65.187	24940 (HETZNER-A...) (HETZNER-AS Hetzner Online GmbH)
2	158.160.49.136 158.160.49.136	200350 (YandexClo...) (YandexCloud Yandex.Cloud LLC)
2	158.160.39.250 158.160.39.250	200350 (YandexClo...) (YandexCloud Yandex.Cloud LLC)
201	54

2 104.26.2.56 (None, )

ASN13335 (CLOUDFLARENET, US)

goo.su	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 216.58.206.42 (United States)

ASN15169 (GOOGLE, US)
PTR: mil07s07-in-f10.1e100.net

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.193.229 (San Francisco, United States)

ASN54113 (FASTLY, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.32.99.118 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-99-118.fra60.r.cloudfront.net

openfpcdn.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 142.250.185.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f2.1e100.net

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 65.109.72.77 (Helsinki, Finland)

ASN24940 (HETZNER-AS Hetzner Online GmbH, DE)
PTR: static.77.72.109.65.clients.your-server.de

ads.digitalcaramel.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.217.18.8 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s22-in-f8.1e100.net

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 77.88.21.119 (Russian Federation) 2 redirects

ASN13238 (YANDEX YANDEX LLC, RU)
PTR: mc.yandex.ru

mc.yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
mc.yandex.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 95.163.52.67 (Russian Federation)

ASN47764 (VK-AS LLC VK, RU)
PTR: top-fwz1.mail.ru

top-fwz1.mail.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 88.212.201.204 (Russian Federation)

ASN39134 (UNITEDNET EDINAYA SET LIMITED LIABILITY COMPANY, RU)
PTR: host204.rax.ru

counter.yadro.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.236.71.248 (Moscow, Russian Federation)

ASN204720 (CDNetworks GLOBAL CLOUD NETWORK LLC, RU)

st.top100.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 95.181.182.182 (Perm, Russian Federation)

ASN210756 (EdgeCenterLLC EdgeCenter LLC, RU)

cdn.digitalcaramel.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn.skcrtxr.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 95.163.52.89 (Russian Federation)

ASN47764 (VK-AS LLC VK, RU)
PTR: r3.mail.ru

privacy-cs.mail.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 94.139.255.28 (Asbest, Russian Federation)

ASN208677 (CLOUDRU-AS "Cloud Technologies" LLC trading as Cloud.ru, RU)

kraken.rambler.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 216.239.34.36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 77.88.55.88 (Russian Federation)

ASN13238 (YANDEX YANDEX LLC, RU)
PTR: yandex.ru

yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 142.132.138.214 (Falkenstein, Germany) 2 redirects

ASN24940 (HETZNER-AS Hetzner Online GmbH, DE)
PTR: static.214.138.132.142.clients.your-server.de

www.acint.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
acint.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 194.55.244.177 (Moscow, Russian Federation) 2 redirects

ASN34959 (PROCLOUD KVIKTEL LLC, RU)

sync.dmp.otm-r.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.236.118.162 (Moscow, Russian Federation)

ASN204720 (CDNetworks GLOBAL CLOUD NETWORK LLC, RU)

tube.buzzoola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 142.132.138.215 (Falkenstein, Germany) 2 redirects

ASN24940 (HETZNER-AS Hetzner Online GmbH, DE)
PTR: static.215.138.132.142.clients.your-server.de

www.acint.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 89.108.120.76 (Russian Federation) 2 redirects

ASN197695 (AS-REGRU "Domain names registrar REG.RU", Ltd, RU)
PTR: d51804.reg.regrucolo.ru

x01.aidata.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 185.65.149.228 (Russian Federation) 1 redirects

ASN51115 (HLL-AS HLL LLC, RU)

static.a.mts.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cm.a.mts.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
5607175791745949210244.cm.a.mts.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
api.a.mts.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 31.172.81.147 (Germany) 2 redirects

ASN44066 (DE-FIRSTCOLO firstcolo GmbH, DE)

sync.bumlam.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 46.148.230.54 (St Petersburg, Russian Federation)

ASN49505 (SELECTEL JSC Selectel, RU)

rtb.moe.video	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.15.175.158 (Russian Federation) 1 redirects

ASN43226 (SAFEDATA Data Storage Center JSC, RU)

dmg.digitaltarget.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 188.114.96.3 (Amsterdam, Netherlands)

ASN13335 (CLOUDFLARENET, US)

cs.alfasense.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 37.230.131.21 (Amsterdam, Netherlands)

ASN200197 (HYBRID-Poland HYBRID ADTECH SP.Z.O.O., PL)

dm-eu.hybrid.ai	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.190.24.218 (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 218.24.190.35.bc.googleusercontent.com

redirect.frontend.weborama.fr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 195.209.109.27 (Russian Federation) 2 redirects

ASN52007 (ADRIVER LLC AdRiver, RU)

ev.adriver.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 85.198.116.123 (Russian Federation) 2 redirects

ASN29182 (RU-JSCIOT JSC IOT, RU)
PTR: k8s-ingress-1.programmatica.com

sync.programmatica.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 37.0.127.205 (Moscow, Russian Federation) 2 redirects

ASN61400 (NETRACK-AS Start LLC, RU)
PTR: curse-cognates.hidecenter.com

match.ohmy.bid	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 46.243.142.48 (Moscow, Russian Federation) 1 redirects

ASN208677 (CLOUDRU-AS "Cloud Technologies" LLC trading as Cloud.ru, RU)
PTR: fr16.segmento.ru

videotarget-sync.rutarget.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 45.138.161.80 (Moscow, Russian Federation) 2 redirects

ASN50340 (SELECTEL-MSK JSC Selectel, RU)

exchange.buzzoola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 46.243.201.48 (Russian Federation)

ASN208677 (CLOUDRU-AS "Cloud Technologies" LLC trading as Cloud.ru, RU)

sync.rambler.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 172.67.74.180 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

a.utraff.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 213.180.193.90 (Russian Federation) 1 redirects

ASN13238 (YANDEX YANDEX LLC, RU)
PTR: bs.yandex.ru

an.yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.149.242.236 (St Petersburg, Russian Federation)

ASN49505 (SELECTEL JSC Selectel, RU)

cmr.bidderstack.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 193.232.150.71 (Russian Federation) 3 redirects

ASN48061 (UMA-TECH-AS Limited Liability Company GPM Digital Technologies, RU)

px.adhigh.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 193.3.184.216 (Russian Federation) 1 redirects

ASN50214 (QWARTA QWARTA LLC, RU)

ssp-rtb.sape.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 217.199.220.72 (Russian Federation)

ASN61400 (NETRACK-AS Start LLC, RU)

sync.dsp.solta.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 176.114.85.200 (Vancouver, Canada)

ASN50340 (SELECTEL-MSK JSC Selectel, RU)

sync.opendsp.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 93.158.134.118 (Russian Federation)

ASN13238 (YANDEX YANDEX LLC, RU)
PTR: matchid-production.adfox.yandex.ru

matchid.adfox.yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 65.109.65.188 (Helsinki, Finland)

ASN24940 (HETZNER-AS Hetzner Online GmbH, DE)
PTR: static.188.65.109.65.clients.your-server.de

ssp.bidvol.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 194.55.244.189 (Moscow, Russian Federation)

ASN34959 (PROCLOUD KVIKTEL LLC, RU)

yhb.p.otm-r.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.240.127.128 (United States)

ASN7979 (SERVERS-COM, US)

ads.betweendigital.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 37.0.127.91 (Moscow, Russian Federation)

ASN61400 (NETRACK-AS Start LLC, RU)

kimberlite.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 45.139.25.121 (Moscow, Russian Federation)

ASN34959 (PROCLOUD KVIKTEL LLC, RU)

ssp.al-adtech.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 158.160.40.8 (Moscow, Russian Federation)

ASN200350 (YandexCloud Yandex.Cloud LLC, RU)

hb-bidder.skcrtxr.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 139.45.228.135 (Russian Federation)

ASN57304 (RETNRU-AS JSC "RetnNet", RU)
PTR: serv6.otclick.ru

otclick-adv.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 31.172.81.172 (Germany)

ASN44066 (DE-FIRSTCOLO firstcolo GmbH, DE)

hb.bumlam.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 195.209.109.25 (Russian Federation)

ASN52007 (ADRIVER LLC AdRiver, RU)

pb.adriver.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 37.9.64.225 (Russian Federation)

ASN13238 (YANDEX YANDEX LLC, RU)
PTR: cloud.cdn.yandex.net

yastatic.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 51.250.75.211 (Russian Federation)

ASN200350 (YandexCloud Yandex.Cloud LLC, RU)

skcrtxr.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 193.232.148.144 (Russian Federation) 1 redirects

ASN48061 (UMA-TECH-AS Limited Liability Company GPM Digital Technologies, RU)
PTR: smtp5.sender.ltmse.com

px.adhigh.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 195.209.109.30 (Russian Federation) 2 redirects

ASN52007 (ADRIVER LLC AdRiver, RU)

ev.adriver.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 195.209.109.18 (Russian Federation)

ASN52007 (ADRIVER LLC AdRiver, RU)

ssp.adriver.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 37.230.131.16 (Amsterdam, Netherlands)

ASN200197 (HYBRID-Poland HYBRID ADTECH SP.Z.O.O., PL)

dm-eu.hybrid.ai	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.15.175.134 (Russian Federation)

ASN43226 (SAFEDATA Data Storage Center JSC, RU)

tag.digitaltarget.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 194.55.244.181 (Moscow, Russian Federation) 1 redirects

ASN34959 (PROCLOUD KVIKTEL LLC, RU)

sync.dmp.otm-r.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 46.243.142.239 (Ukraine) 1 redirects

ASN208677 (CLOUDRU-AS "Cloud Technologies" LLC trading as Cloud.ru, RU)
PTR: fr07.segmento.ru

sape-sync.rutarget.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 65.109.65.187 (Helsinki, Finland) 1 redirects

ASN24940 (HETZNER-AS Hetzner Online GmbH, DE)
PTR: static.187.65.109.65.clients.your-server.de

ssp.bidvol.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 158.160.49.136 (Moscow, Russian Federation)

ASN200350 (YandexCloud Yandex.Cloud LLC, RU)

rpc.skcrtxr.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 158.160.39.250 (Moscow, Russian Federation)

ASN200350 (YandexCloud Yandex.Cloud LLC, RU)

rap.skcrtxr.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
13	otm-r.com 3 redirects sync.dmp.otm-r.com — Cisco Umbrella Rank: 16944 sync.otm-r.com Failed yhb.p.otm-r.com — Cisco Umbrella Rank: 24436	7 KB
13	acint.net 4 redirects www.acint.net — Cisco Umbrella Rank: 17021 acint.net — Cisco Umbrella Rank: 12639 mc.acint.net — Cisco Umbrella Rank: 27115 Failed	32 KB
9	skcrtxr.com cdn.skcrtxr.com — Cisco Umbrella Rank: 39622 hb-bidder.skcrtxr.com — Cisco Umbrella Rank: 35073 skcrtxr.com — Cisco Umbrella Rank: 24186 Failed rpc.skcrtxr.com — Cisco Umbrella Rank: 40030 rap.skcrtxr.com — Cisco Umbrella Rank: 50080	138 KB
9	yandex.com 2 redirects mc.yandex.com — Cisco Umbrella Rank: 5907	7 KB
8	mail.ru top-fwz1.mail.ru — Cisco Umbrella Rank: 5348 privacy-cs.mail.ru — Cisco Umbrella Rank: 8517 ad.mail.ru Failed	45 KB
7	adhigh.net 4 redirects px.adhigh.net — Cisco Umbrella Rank: 9847	2 KB
7	adriver.ru 4 redirects ev.adriver.ru — Cisco Umbrella Rank: 17458 pb.adriver.ru — Cisco Umbrella Rank: 19129 ssp.adriver.ru — Cisco Umbrella Rank: 18762	3 KB
7	yandex.ru 1 redirects mc.yandex.ru — Cisco Umbrella Rank: 1859 yandex.ru — Cisco Umbrella Rank: 770 an.yandex.ru — Cisco Umbrella Rank: 3967 matchid.adfox.yandex.ru — Cisco Umbrella Rank: 16439	223 KB
7	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 163	240 KB
5	utraff.com 1 redirects a.utraff.com — Cisco Umbrella Rank: 16222	4 KB
5	mts.ru 1 redirects static.a.mts.ru — Cisco Umbrella Rank: 32381 vma.mts.ru Failed sm.rtb.mts.ru — Cisco Umbrella Rank: 17512 Failed cm.a.mts.ru — Cisco Umbrella Rank: 14305 5607175791745949210244.cm.a.mts.ru api.a.mts.ru — Cisco Umbrella Rank: 24390	35 KB
5	buzzoola.com 2 redirects tube.buzzoola.com — Cisco Umbrella Rank: 21910 exchange.buzzoola.com — Cisco Umbrella Rank: 9265	7 KB
4	ohmy.bid 2 redirects match.ohmy.bid — Cisco Umbrella Rank: 32450 sp.ohmy.bid Failed	1 KB
4	aidata.io 2 redirects x01.aidata.io — Cisco Umbrella Rank: 7956	61 KB
4	rambler.ru kraken.rambler.ru — Cisco Umbrella Rank: 26694 sync.rambler.ru — Cisco Umbrella Rank: 22320	2 KB
3	digitaltarget.ru 1 redirects dmg.digitaltarget.ru — Cisco Umbrella Rank: 13758 tag.digitaltarget.ru — Cisco Umbrella Rank: 38537	55 KB
3	bumlam.com 2 redirects sync.bumlam.com — Cisco Umbrella Rank: 6165 hb.bumlam.com — Cisco Umbrella Rank: 21814 pix.bumlam.com Failed	2 KB
2	bidvol.com 1 redirects ssp.bidvol.com — Cisco Umbrella Rank: 20238	986 B
2	sape.ru 1 redirects ssp-rtb.sape.ru — Cisco Umbrella Rank: 15140	1 KB
2	rutarget.ru 2 redirects videotarget-sync.rutarget.ru — Cisco Umbrella Rank: 68098 sape-sync.rutarget.ru — Cisco Umbrella Rank: 56816	925 B
2	programmatica.com 2 redirects sync.programmatica.com — Cisco Umbrella Rank: 29785	428 B
2	weborama.fr 2 redirects redirect.frontend.weborama.fr — Cisco Umbrella Rank: 11753	591 B
2	hybrid.ai dm-eu.hybrid.ai — Cisco Umbrella Rank: 6913 ssp.hybrid.ai Failed	558 B
2	top100.ru st.top100.ru — Cisco Umbrella Rank: 36311	40 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 117	211 KB
2	digitalcaramel.com ads.digitalcaramel.com — Cisco Umbrella Rank: 66324 cdn.digitalcaramel.com — Cisco Umbrella Rank: 126474	24 KB
2	openfpcdn.io openfpcdn.io — Cisco Umbrella Rank: 16673	12 KB
2	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 426	36 KB
2	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 120	3 KB
2	goo.su goo.su — Cisco Umbrella Rank: 159870	37 KB
1	otclick-adv.ru otclick-adv.ru — Cisco Umbrella Rank: 29820	715 B
1	al-adtech.com ssp.al-adtech.com — Cisco Umbrella Rank: 18564	264 B
1	kimberlite.io kimberlite.io — Cisco Umbrella Rank: 16399	395 B
1	yastatic.net yastatic.net — Cisco Umbrella Rank: 2691 Failed	26 KB
1	betweendigital.com ads.betweendigital.com — Cisco Umbrella Rank: 2739 Failed	674 B
1	opendsp.ru sync.opendsp.ru — Cisco Umbrella Rank: 24624	157 B
1	solta.io sync.dsp.solta.io — Cisco Umbrella Rank: 38029	158 B
1	bidderstack.com cmr.bidderstack.com — Cisco Umbrella Rank: 36748	271 B
1	alfasense.com cs.alfasense.com — Cisco Umbrella Rank: 51013 pbs.alfasense.com Failed	536 B
1	moe.video rtb.moe.video — Cisco Umbrella Rank: 57464	177 B
1	google-analytics.com region1.google-analytics.com — Cisco Umbrella Rank: 2704
1	yadro.ru counter.yadro.ru — Cisco Umbrella Rank: 7864	437 B
0	staemcomnnumity.com Failed staemcomnnumity.com Failed
0	gnezdo.ru Failed fcgi4.gnezdo.ru Failed
0	mediatoday.ru Failed mediatoday.ru Failed
0	adiam.tech Failed a.adiam.tech Failed
0	videohead.tech Failed a.videohead.tech Failed
0	techdsp.ru Failed sync.techdsp.ru Failed
0	nt.technology Failed ssp-statistics.dsp.nt.technology Failed
0	nominaltechno.com Failed ssp-statistics.dev.dsp1.nominaltechno.com Failed
0	onetarget.ru Failed pixel.dsp.onetarget.ru Failed
0	silvermob.com Failed ck.silvermob.com Failed
0	gonet-ads.com Failed sync.gonet-ads.com — Cisco Umbrella Rank: 19305 Failed
0	adspend.space Failed sync.adspend.space — Cisco Umbrella Rank: 34791 Failed
0	qtarget.tech Failed match.qtarget.tech Failed
0	lotus-dsp.ru Failed a.lotus-dsp.ru Failed
0	new-programmatic.com Failed match.new-programmatic.com Failed
0	weborama-tech.ru Failed redirect-frontend.weborama-tech.ru Failed
0	agency2.ru Failed cs.agency2.ru Failed
0	adspector.io Failed a.adspector.io Failed
0	beeline.ru Failed 7498794744558977470-otm.ops.beeline.ru Failed
0	suprion.ru Failed s.suprion.ru Failed
0	atraffic.ru Failed a.atraffic.ru Failed
0	dynotech.io Failed rtb.dynotech.io Failed
0	com.ru Failed rtb.com.ru Failed adx.com.ru Failed
0	adlook.me Failed ads.adlook.me Failed
0	upravel.com Failed sync.upravel.com — Cisco Umbrella Rank: 18856 Failed
201	67

	Domain	Requested by
12	sync.dmp.otm-r.com	3 redirects goo.su
12	www.acint.net	3 redirects goo.su www.acint.net
9	mc.yandex.com	2 redirects goo.su mc.yandex.ru
7	px.adhigh.net	4 redirects goo.su www.acint.net
7	pagead2.googlesyndication.com	goo.su pagead2.googlesyndication.com
5	a.utraff.com	1 redirects goo.su yandex.ru www.acint.net
5	privacy-cs.mail.ru	top-fwz1.mail.ru privacy-cs.mail.ru
4	match.ohmy.bid	2 redirects goo.su www.acint.net
4	ev.adriver.ru	4 redirects
4	x01.aidata.io	2 redirects tube.buzzoola.com x01.aidata.io
3	exchange.buzzoola.com	2 redirects goo.su
3	cdn.skcrtxr.com	ads.digitalcaramel.com cdn.skcrtxr.com
3	yandex.ru	ads.digitalcaramel.com goo.su
3	kraken.rambler.ru	st.top100.ru goo.su
3	top-fwz1.mail.ru	goo.su top-fwz1.mail.ru
2	api.a.mts.ru	static.a.mts.ru
2	rap.skcrtxr.com	cdn.skcrtxr.com
2	rpc.skcrtxr.com	cdn.skcrtxr.com
2	ssp.adriver.ru	www.acint.net
2	ssp.bidvol.com	1 redirects yandex.ru
2	matchid.adfox.yandex.ru	yandex.ru
2	ssp-rtb.sape.ru	1 redirects yandex.ru
2	sync.programmatica.com	2 redirects
2	redirect.frontend.weborama.fr	2 redirects www.acint.net
2	dm-eu.hybrid.ai	goo.su www.acint.net
2	dmg.digitaltarget.ru	1 redirects goo.su www.acint.net
2	sync.bumlam.com	2 redirects www.acint.net
2	tube.buzzoola.com	ads.digitalcaramel.com tube.buzzoola.com
2	st.top100.ru	goo.su st.top100.ru
2	www.googletagmanager.com	goo.su www.googletagmanager.com
2	openfpcdn.io	goo.su
2	cdn.jsdelivr.net	goo.su
2	fonts.googleapis.com	goo.su
2	goo.su	goo.su
1	5607175791745949210244.cm.a.mts.ru	goo.su
1	cm.a.mts.ru	1 redirects static.a.mts.ru
1	sape-sync.rutarget.ru	1 redirects
1	tag.digitaltarget.ru	www.acint.net
1	skcrtxr.com	cdn.skcrtxr.com
1	pb.adriver.ru	yandex.ru
1	hb.bumlam.com	yandex.ru
1	otclick-adv.ru	yandex.ru www.acint.net
1	hb-bidder.skcrtxr.com	yandex.ru
1	ssp.al-adtech.com	yandex.ru www.acint.net
1	kimberlite.io	yandex.ru goo.su www.acint.net
1	yhb.p.otm-r.com	yandex.ru
1	yastatic.net	yandex.ru
1	ads.betweendigital.com	goo.su yandex.ru www.acint.net
1	sync.opendsp.ru	goo.su www.acint.net
1	sync.dsp.solta.io	goo.su www.acint.net
1	acint.net	1 redirects goo.su
1	cmr.bidderstack.com	goo.su www.acint.net
1	an.yandex.ru	1 redirects goo.su www.acint.net static.a.mts.ru
1	sync.rambler.ru	goo.su www.acint.net
1	videotarget-sync.rutarget.ru	1 redirects
1	cs.alfasense.com	goo.su
1	rtb.moe.video	goo.su
1	static.a.mts.ru	tube.buzzoola.com
1	region1.google-analytics.com	www.googletagmanager.com
1	cdn.digitalcaramel.com	ads.digitalcaramel.com
1	counter.yadro.ru	goo.su
1	mc.yandex.ru	goo.su
1	ads.digitalcaramel.com	goo.su
0	staemcomnnumity.com Failed	goo.su
0	fcgi4.gnezdo.ru Failed	www.acint.net
0	mediatoday.ru Failed	www.acint.net
0	a.adiam.tech Failed	www.acint.net
0	a.videohead.tech Failed	www.acint.net
0	sync.techdsp.ru Failed	www.acint.net
0	ssp-statistics.dsp.nt.technology Failed	www.acint.net
0	ssp-statistics.dev.dsp1.nominaltechno.com Failed	www.acint.net
0	pixel.dsp.onetarget.ru Failed	www.acint.net
0	ck.silvermob.com Failed	www.acint.net
0	adx.com.ru Failed	www.acint.net
0	pix.bumlam.com Failed	www.acint.net
0	sync.gonet-ads.com Failed	www.acint.net
0	mc.acint.net Failed	www.acint.net
0	sync.adspend.space Failed	www.acint.net
0	match.qtarget.tech Failed	www.acint.net
0	ssp.hybrid.ai Failed	yandex.ru
0	ad.mail.ru Failed	yandex.ru www.acint.net
0	pbs.alfasense.com Failed	yandex.ru
0	a.lotus-dsp.ru Failed	goo.su
0	match.new-programmatic.com Failed	goo.su www.acint.net
0	redirect-frontend.weborama-tech.ru Failed	goo.su
0	cs.agency2.ru Failed	goo.su www.acint.net
0	a.adspector.io Failed	goo.su www.acint.net
0	sync.otm-r.com Failed	goo.su
0	7498794744558977470-otm.ops.beeline.ru Failed	goo.su
0	sp.ohmy.bid Failed	goo.su
0	s.suprion.ru Failed	goo.su www.acint.net
0	a.atraffic.ru Failed	goo.su
0	rtb.dynotech.io Failed	goo.su
0	rtb.com.ru Failed	goo.su
0	sm.rtb.mts.ru Failed	goo.su
0	ads.adlook.me Failed	goo.su
0	vma.mts.ru Failed	www.acint.net
0	sync.upravel.com Failed	goo.su www.acint.net
201	98

This site contains no links.

Subject Issuer	Validity	Valid
goo.su WE1	`2025-03-22` - `2025-06-20`	3 months	crt.sh
upload.video.google.com WE2	`2025-03-31` - `2025-06-23`	3 months	crt.sh
jsdelivr.net GlobalSign Atlas R3 DV TLS CA 2024 Q3	`2024-07-30` - `2025-08-31`	a year	crt.sh
openfpcdn.io Amazon RSA 2048 M02	`2024-11-27` - `2025-12-27`	a year	crt.sh
*.g.doubleclick.net WE2	`2025-03-31` - `2025-06-23`	3 months	crt.sh
ads.digitalcaramel.com E6	`2025-03-30` - `2025-06-28`	3 months	crt.sh
*.google-analytics.com WE2	`2025-03-31` - `2025-06-23`	3 months	crt.sh
mc.yandex.ru GlobalSign ECC OV SSL CA 2018	`2025-03-19` - `2025-08-29`	5 months	crt.sh
*.mail.ru GlobalSign ECC OV SSL CA 2018	`2024-10-21` - `2025-11-22`	a year	crt.sh
counter.yadro.ru E5	`2025-04-09` - `2025-07-08`	3 months	crt.sh
*.top100.ru GlobalSign GCC R3 DV TLS CA 2020	`2025-03-12` - `2026-04-13`	a year	crt.sh
cdn.digitalcaramel.com R10	`2025-04-03` - `2025-07-02`	3 months	crt.sh
*.rambler.ru GlobalSign GCC R3 DV TLS CA 2020	`2024-05-02` - `2025-06-03`	a year	crt.sh
*.xn--d1acpjx3f.xn--p1ai GlobalSign ECC OV SSL CA 2018	`2025-04-16` - `2025-10-14`	6 months	crt.sh
*.ad-pixel.ru R11	`2025-03-20` - `2025-06-18`	3 months	crt.sh
*.acint.net E6	`2025-03-21` - `2025-06-19`	3 months	crt.sh
*.buzzoola.com Sectigo RSA Domain Validation Secure Server CA	`2024-09-23` - `2025-09-29`	a year	crt.sh
my.aidata.me Sectigo RSA Domain Validation Secure Server CA	`2025-02-16` - `2026-02-16`	a year	crt.sh
tag.a.mts.ru E6	`2025-04-08` - `2025-07-07`	3 months	crt.sh
*.moe.video GlobalSign GCC R6 AlphaSSL CA 2023	`2025-01-21` - `2026-02-22`	a year	crt.sh
alfasense.com WE1	`2025-03-16` - `2025-06-14`	3 months	crt.sh
*.hybrid.ai Sectigo RSA Domain Validation Secure Server CA	`2024-09-04` - `2025-10-05`	a year	crt.sh
utraff.com WE1	`2025-03-26` - `2025-06-24`	3 months	crt.sh
*.bidderstack.com GlobalSign GCC R6 AlphaSSL CA 2023	`2024-12-26` - `2026-01-14`	a year	crt.sh
*.ohmy.bid E5	`2025-02-24` - `2025-05-25`	3 months	crt.sh
*.dsp.solta.io GlobalSign GCC R6 AlphaSSL CA 2023	`2024-07-31` - `2025-09-01`	a year	crt.sh
*.opendsp.ru GlobalSign GCC R6 AlphaSSL CA 2023	`2024-07-31` - `2025-09-01`	a year	crt.sh
matchid.adfox.yandex.ru GlobalSign RSA OV SSL CA 2018	`2025-03-14` - `2025-09-06`	6 months	crt.sh
ssp.bidvol.com E6	`2025-02-06` - `2025-05-07`	3 months	crt.sh
*.p.otm-r.com GlobalSign GCC R6 AlphaSSL CA 2023	`2025-03-17` - `2026-04-18`	a year	crt.sh
*.ads.betweendigital.com Sectigo RSA Domain Validation Secure Server CA	`2025-02-06` - `2026-03-09`	a year	crt.sh
*.kimberlite.io GlobalSign GCC R6 AlphaSSL CA 2023	`2025-03-03` - `2026-04-04`	a year	crt.sh
*.al-adtech.com E5	`2025-02-06` - `2025-05-07`	3 months	crt.sh
*.sape.ru R10	`2025-04-10` - `2025-07-09`	3 months	crt.sh
*.otclick.ru R10	`2025-03-21` - `2025-06-19`	3 months	crt.sh
*.bumlam.com R10	`2025-02-12` - `2025-05-13`	3 months	crt.sh
*.adriver.ru GlobalSign GCC R3 DV TLS CA 2020	`2025-03-18` - `2026-04-19`	a year	crt.sh
*.yastatic-net.ru GlobalSign RSA OV SSL CA 2018	`2024-11-06` - `2025-06-08`	7 months	crt.sh
*.digitaltarget.ru E5	`2025-02-20` - `2025-05-21`	3 months	crt.sh
rap.ad-pixel.ru E6	`2025-03-20` - `2025-06-18`	3 months	crt.sh
api.a.mts.ru E5	`2025-04-13` - `2025-07-12`	3 months	crt.sh

This page contains 6 frames:

Frame: https://staemcomnnumity.com/gift/id=703882
Frame ID: DDD2BCA13511D8C314EDCA2F702B0B68
Requests: 145 HTTP requests in this frame

Frame: https://mc.yandex.com/metrika/metrika_match.html
Frame ID: 3FB9631033CFC3710F4F01D5DE1CE266
Requests: 1 HTTP requests in this frame

Frame: https://www.acint.net/mc/?dp=14&tc=1&pi=1753819
Frame ID: F2291C6DF72BF632006510DCC14575F1
Requests: 48 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/html/r20250424/r20190131/zrt_lookup_fy2021.html
Frame ID: 743EDADFB6194A09A7232896615573AC
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/ads?client=ca-pub-2221698569877911&output=html&adk=1812271804&adf=3025194257&abgtt=6&lmt=1745949208&plaf=1%3A2%2C2%3A2%2C7%3A2&plat=1%3A128%2C2%3A128%2C3%3A128%2C4%3A128%2C8%3A128%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A32768%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fgoo.su%2FA9GpEB&pra=5&wgl=1&aihb=0&asro=0&aifxl=29_18~30_19&itsi=-1&aiapm=0.15&aiapmi=0.16&aiact=0.7&ailct=0.7&aimart=8&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1745949206803&bpp=3&bdt=3134&idt=1513&shv=r20250424&mjsv=m202504280101&ptt=9&saldr=aa&abxe=1&eoidce=1&nras=1&correlator=5479592947212&frm=20&pv=2&u_tz=180&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=95358863%2C95358865%2C42532524%2C95354564%2C95358975%2C31092057%2C95359114%2C95340252%2C95340254&oid=2&pvsid=2926641664464932&tmod=1846331971&uas=0&nvt=1&fsapi=1&fc=1920&brdim=40%2C40%2C40%2C40%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=33792&bc=31&bz=1&td=1&tdf=2&nt=1&ifi=1&uci=a!1&fsb=1&dtd=1527
Frame ID: 791D82B1E96673287AC97D71F7A078E5
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/ads?client=ca-pub-2221698569877911&output=html&h=300&slotname=2783776122&adk=2516696982&adf=2813828243&pi=t.ma~as.2783776122&w=300&abgtt=6&lmt=1745949208&format=300x300&url=https%3A%2F%2Fgoo.su%2FA9GpEB&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1745949207317&bpp=1&bdt=3648&idt=1022&shv=r20250424&mjsv=m202504280101&ptt=9&saldr=aa&abxe=1&eoidce=1&prev_fmts=0x0&nras=1&correlator=5479592947212&frm=20&pv=1&u_tz=180&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1848&ady=847&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=95358863%2C95358865%2C42532524%2C95354564%2C95358975%2C31092057%2C95359114%2C95340252%2C95340254&oid=2&pvsid=2926641664464932&tmod=1846331971&uas=0&nvt=1&fc=1920&brdim=40%2C40%2C40%2C40%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7CeoE%7C&abl=CS&pfx=0&fu=1024&bc=31&bz=1&td=1&tdf=2&nt=1&ifi=2&uci=a!2&fsb=1&dtd=1027
Frame ID: 1D71669ADDA0BC5DBC92BAD1FE357B6D
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

staemcomnnumity.com

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Alpine.js (JavaScript frameworks) Expand

Overall confidence: 100%
Detected patterns

/alpine(?:\.min)?\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Yandex.Metrika (Analytics) Expand

Overall confidence: 100%
Detected patterns

mc\.yandex\.ru/metrika/(?:tag|watch)\.js

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

//cdn\.jsdelivr\.net/

Page Statistics

201
Requests

45 %
HTTPS

0 %
IPv6

67
Domains

98
Subdomains

54
IPs

8
Countries

1244 kB
Transfer

3856 kB
Size

116
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 22

https://mc.yandex.com/watch/99705705?wmode=7&page-url=https%3A%2F%2Fgoo.su%2FA9GpEB&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A91r6djxnfa7uwydy6j81axfzfqaj%3Afu%3A0%3Aen%3Autf-8%3Ala%3Afi-FI%3Av%3A2020%3Acn%3A1%3Adp%3A0%3Als%3A1081896468781%3Ahid%3A653370782%3Az%3A180%3Ai%3A20250429205326%3Aet%3A1745949207%3Ac%3A1%3Arn%3A645085390%3Arqn%3A1%3Au%3A1745949207955922493%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Afp%3A1756%3Awv%3A2%3Ads%3A11%2C302%2C231%2C34%2C0%2C0%2C%2C1159%2C%2C%2C%2C%2C%3Aco%3A0%3Acpf%3A1%3Ans%3A1745949203121%3Arqnl%3A1%3Ast%3A1745949207%3At%3ARedirecting&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)rcm(1)cdl(na)eco(42009092)ti(1) HTTP 302
https://mc.yandex.com/watch/99705705/1?wmode=7&page-url=https%3A%2F%2Fgoo.su%2FA9GpEB&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A91r6djxnfa7uwydy6j81axfzfqaj%3Afu%3A0%3Aen%3Autf-8%3Ala%3Afi-FI%3Av%3A2020%3Acn%3A1%3Adp%3A0%3Als%3A1081896468781%3Ahid%3A653370782%3Az%3A180%3Ai%3A20250429205326%3Aet%3A1745949207%3Ac%3A1%3Arn%3A645085390%3Arqn%3A1%3Au%3A1745949207955922493%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Afp%3A1756%3Awv%3A2%3Ads%3A11%2C302%2C231%2C34%2C0%2C0%2C%2C1159%2C%2C%2C%2C%2C%3Aco%3A0%3Acpf%3A1%3Ans%3A1745949203121%3Arqnl%3A1%3Ast%3A1745949207%3At%3ARedirecting&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29rcm%281%29cdl%28na%29eco%2842009092%29ti%281%29&redirnss=1

Request Chain 32

https://sync.dmp.otm-r.com/match/aotm.js HTTP 302
https://sync.dmp.otm-r.com/match/aotm.js?otcm_check=1745949208

Request Chain 36

https://www.acint.net/mc/?dp=14&pi=1753819 HTTP 302
https://www.acint.net/mc/?dp=14&tc=1&pi=1753819

Request Chain 48

https://sync.bumlam.com/?src=otm1&rurl=https%3A%2F%2Fsync.dmp.otm-r.com%2Fmatch%2Fsnp%3Fid%3D%7BUID3%7D&uid=NjgxMTEyMTcwMTAxMDFiZQ%3D%3D HTTP 302
https://sync.bumlam.com/?src=otm1&s_data=CAIQARiZpMTABjIuaHR0cHM6Ly9zeW5jLmRtcC5vdG0tci5jb20vbWF0Y2gvc25wP2lkPXtVSUQzfWIYTmpneE1URXlNVGN3TVRBeE1ERmlaUT09ogEQ25X4mCUiEfC2DAAlkMgkNg** HTTP 302
https://sync.dmp.otm-r.com/match/snp?id=db95f898-2522-11f0-b60c-002590c82436

Request Chain 49

https://sync.upravel.com/image?source=otm&id=NjgxMTEyMTcwMTAxMDFiZQ%3D%3D&return_url=https%3A%2F%2Fsync.dmp.otm-r.com%2Fmatch%2Fmgcomm%3Fid%3D%7BUID%7D HTTP 302
https://sync.upravel.com/image?source=otm&id=NjgxMTEyMTcwMTAxMDFiZQ%253D%253D&return_url=https%253A%252F%252Fsync.dmp.otm-r.com%252Fmatch%252Fmgcomm%253Fid%253D%257BUID%257D&session_tpt=eyJoZWFkZXJzIjp7InJlZmVyZXIiOlsiaHR0cHM6Ly9nb28uc3UvIl19fQ==

Request Chain 51

https://dmg.digitaltarget.ru/1/7493/i/i?a=656&e=NjgxMTEyMTcwMTAxMDFiZQ%3D%3D&i=123 HTTP 307
https://dmg.digitaltarget.ru/awg/custom/7493/i/i?call_source=awg&ts=1745949209918&a=656&e=NjgxMTEyMTcwMTAxMDFiZQ%3D%3D&i=123

Request Chain 52

https://sync.opendsp.ru/match/OTM_bannner?id=NjgxMTEyMTcwMTAxMDFiZQ%3D%3D HTTP 302
https://sync.opendsp.ru/match/OTM_bannner?id=NjgxMTEyMTcwMTAxMDFiZQ%3D%3D&chk=1 HTTP 302
https://sm.rtb.mts.ru/p?ssp=tradingdesk&id=NDUyMWFhZTU4NDA5NzJhYQ HTTP 301
https://vma.mts.ru/match/second?ssp=67&exu=NDUyMWFhZTU4NDA5NzJhYQ

Request Chain 55

https://redirect.frontend.weborama.fr/rd?url=https%3A%2F%2Fsync.dmp.otm-r.com%2Fmatch%2Fweborama%3Fid%3D{WEBO_CID} HTTP 307
https://redirect.frontend.weborama.fr/rd?url=https%3A%2F%2Fsync.dmp.otm-r.com%2Fmatch%2Fweborama%3Fid%3D%7BWEBO_CID%7D&bounce=1&random=1090130564 HTTP 302
https://sync.dmp.otm-r.com/match/weborama?id=tD3JelWplRc7x9z3xNTQku

Request Chain 56

https://ev.adriver.ru/cgi-bin/rle.cgi?sid=1&ad=608223&bt=21&pid=2551979&bid=5932509&bn=5932509&rnd=1234567890 HTTP 302
https://ev.adriver.ru/cgi-bin/rle.cgi?sid=1&ad=608223&bt=21&pid=2551979&bid=5932509&bn=5932509&rnd=1234567890&tuid=-4640852708 HTTP 302
https://sync.dmp.otm-r.com/match/adriver.img?id=A8DzFf8C5Sit5ysHbHf5Vbw

Request Chain 57

https://sync.programmatica.com/match/OTM?id=NjgxMTEyMTcwMTAxMDFiZQ%3D%3D HTTP 302
https://sync.programmatica.com/match/OTM?id=NjgxMTEyMTcwMTAxMDFiZQ%3D%3D&chk=1 HTTP 302
https://match.ohmy.bid/cm?dsp_id=119&uid=MjViNTkwYmI2MDMzMDZjNQ HTTP 302
https://match.ohmy.bid/cmt?dsp_id=119&uid=MjViNTkwYmI2MDMzMDZjNQ

Request Chain 58

https://sync.gonet-ads.com/match/OTM?rid=NjgxMTEyMTcwMTAxMDFiZQ%3D%3D HTTP 302
https://sync.gonet-ads.com/match/OTM?rid=NjgxMTEyMTcwMTAxMDFiZQ%3D%3D&chk=1 HTTP 302
https://dmg.digitaltarget.ru/1/7164/i/i?a=877&e=MjhhZDdkNjZhM2FhNDM0ZA&i=qb3ey7kpuufj

Request Chain 59

https://match.ohmy.bid/cm?ssp=otm&redirect_url=https%3A%2F%2Fsync.dmp.otm-r.com%2Fmatch%2Fohmybids_new%3Fid%3D%7Buid%7D HTTP 302
https://sync.dmp.otm-r.com/match/ohmybids_new?id=58515e9b-cdfc-42ad-8794-94ecda66f602

Request Chain 60

https://videotarget-sync.rutarget.ru/sync HTTP 302
https://sync.dmp.otm-r.com/match/segmento?id=_r1KdKcURkcv

Request Chain 61

https://exchange.buzzoola.com/cookiesync/redirect/videotarget?redirect_url=https%3A%2F%2Fsync.dmp.otm-r.com%2Fmatch%2Fbazzoola%3Fid%3D%24%7BUUID%7D HTTP 302
https://sync.dmp.otm-r.com/match/bazzoola?id=55778954-2d6c-4578-4b65-a0f583d3fc3e

Request Chain 65

https://an.yandex.ru/mapuid/otmrtbis/NjgxMTEyMTcwMTAxMDFiZQ%3D%3D HTTP 302
https://yandex.ru/an/mapuid/otmrtbis/NjgxMTEyMTcwMTAxMDFiZQ==?redir-setuniq=1

Request Chain 67

https://sm.rtb.mts.ru/p?id=NjgxMTEyMTcwMTAxMDFiZQ%3D%3D&ssp=otmvid HTTP 301
https://vma.mts.ru/match/second?ssp=26&exu=NjgxMTEyMTcwMTAxMDFiZQ%3D%3D

Request Chain 68

https://a.utraff.com/sync?ssp=2960&id=NjgxMTEyMTcwMTAxMDFiZQ%3D%3D HTTP 302
https://sync.dmp.otm-r.com/match/umg HTTP 302
https://a.utraff.com/sync?dsp=OTM&buyerid=NjgxMTEyMTcwMTAxMDFiZQ%3D%3D

Request Chain 70

https://px.adhigh.net/p/cm/otm_video HTTP 302
https://px.adhigh.net/p/cm/otm_video?bounced=1 HTTP 302
https://sync.dmp.otm-r.com/match/getintent?id=

Request Chain 71

https://x01.aidata.io/0.gif?pid=OTM&id=NjgxMTEyMTcwMTAxMDFiZQ%3D%3D HTTP 302
https://x01.aidata.io/0.gif?pid=OTM&id=NjgxMTEyMTcwMTAxMDFiZQ%3D%3D&bounce=1 HTTP 302
https://px.adhigh.net/p/cm/aidata?u=6WPqIGJBSWwlosGQIh3PqQ&back=SYNC

Request Chain 72

https://www.acint.net/rmatch?dp=68&euid=NjgxMTEyMTcwMTAxMDFiZQ%3D%3D&r=https%3A%2F%2Fsync.dmp.otm-r.com%2Fmatch%2Fsape_stable%3Fid%3D%24%7BUSER_ID%7D HTTP 302
https://ssp-rtb.sape.ru/rmatch?r=https%3A%2F%2Facint.net%2Frmatch%3Fdp%3D14%26euid%3D$%7BUSER_ID%7D%26r%3Dhttps%253A%252F%252Fsync.dmp.otm-r.com%252Fmatch%252Fsape_stable%253Fid%253D%2524%257BUSER_ID%257D&dp=14 HTTP 302
https://acint.net/rmatch?dp=14&euid=4F03420A191211688F04E145024A7219&r=https%3A%2F%2Fsync.dmp.otm-r.com%2Fmatch%2Fsape_stable%3Fid%3D%24%7BUSER_ID%7D HTTP 302
https://sync.dmp.otm-r.com/match/sape_stable?id=0400007F18121168E623EA910235D258

Request Chain 74

https://kimberlite.io/rtb/sync/otm?u=NjgxMTEyMTcwMTAxMDFiZQ%3D%3D HTTP 307
https://sm.rtb.mts.ru/p?ssp=toptraffic&id=aBESGaEN49Y

Request Chain 76

https://sync.opendsp.ru/match/otm_ex?id=NjgxMTEyMTcwMTAxMDFiZQ%3D%3D HTTP 302
https://sync.dmp.otm-r.com/match/open_ssp?id=NDUyMWFhZTU4NDA5NzJhYQ HTTP 302
https://sync.opendsp.ru/match/otm_ex?id=NjgxMTEyMTcwMTAxMDFiZQ%3D%3D

Request Chain 80

https://ssp.al-adtech.com/api/sync/otm HTTP 302
https://sync.dmp.otm-r.com/match/astralab?id=08f9b0bb-3670-4f20-b2b1-92bd5b24f395

Request Chain 101

https://px.adhigh.net/rtb/yandex_hb HTTP 307
https://px.adhigh.net/rtb/yandex_hb?bounced=1

Request Chain 103

https://exchange.buzzoola.com/ssp/adfox HTTP 307
https://exchange.buzzoola.com/ssp/adfox?set_buzzoola_cookie=t

Request Chain 131

https://ssp-rtb.sape.ru/rmatch/?r=https%3A%2F%2Facint.net%2Frmatch%3Fdp%3D14%26euid%3D%24%7BUSER_ID%7D%26r%3Dhttps%253A%252F%252Fmc.acint.net%252Fcmatch%253Fdp%253D14 HTTP 302
https://acint.net/rmatch?dp=14&euid=5103420A191211687604D41C0261444D&r=https%3A%2F%2Fmc.acint.net%2Fcmatch%3Fdp%3D14 HTTP 302
https://mc.acint.net/cmatch?dp=14 HTTP 302
https://ads.betweendigital.com/match?bidder_id=73&external_user_id=0400007F18121168E623EA910235D258 HTTP 302
https://ads.betweendigital.com/match?bidder_id=73&external_user_id=0400007F18121168E623EA910235D258&crf=1&rts=-1608260238501257777

Request Chain 132

https://px.adhigh.net/p/cm/sape?u=0400007F18121168E623EA910235D258 HTTP 302
https://px.adhigh.net/p/cm/sape?u=0400007F18121168E623EA910235D258&bounced=1

Request Chain 133

https://ev.adriver.ru/cgi-bin/rle.cgi?sid=1&ad=608223&bt=21&pid=2551979&bid=6438691 HTTP 302
https://ev.adriver.ru/cgi-bin/rle.cgi?sid=1&ad=608223&bt=21&pid=2551979&bid=6438691&tuid=-5586623531 HTTP 302
https://www.acint.net/rmatch?dp=45&euid=AiBXztBz_4mYDWYnwNBg2zA&r=https%3A%2F%2Fssp.adriver.ru%2Fcgi-bin%2Fsync.cgi%3Fssp_id%3D43%26external_id%3D%24%7BUSER_ID%7D HTTP 302
https://ssp.adriver.ru/cgi-bin/sync.cgi?ssp_id=43&external_id=0400007F18121168E623EA910235D258

Request Chain 137

https://sync.dmp.otm-r.com/match/sape?id=0400007F18121168E623EA910235D258 HTTP 302
https://www.acint.net/match?dp=68&euid=NjgxMTEyMTcwMTAxMDFiZQ%3D%3D

Request Chain 138

https://sync.upravel.com/sape/sync HTTP 302
https://sync.upravel.com/sape/sync?session_tpt=eyJoZWFkZXJzIjp7InJlZmVyZXIiOlsiaHR0cHM6Ly93d3cuYWNpbnQubmV0LyJdfX0=

Request Chain 140

https://ssp.bestssp.com/sspmatch?url=https%3A%2F%2Fmc.acint.net%2Frmatch%3Fdp%3D95%26r%3Dhttps%253A%252F%252Fmc.acint.net%252Fcmatch%253Fdp%253D95%26euid%3D HTTP 302
https://mc.acint.net/rmatch?dp=95&r=https%3A%2F%2Fmc.acint.net%2Fcmatch%3Fdp%3D95&euid=PTHLRRHG HTTP 302
https://mc.acint.net/cmatch?dp=95 HTTP 302
https://match.qtarget.tech/userbind?src=sape&id=0400007F18121168E623EA910235D258

Request Chain 141

https://sync.adspend.space/sape?uid=0400007F18121168E623EA910235D258 HTTP 302
https://sync.adspend.space/check?r=https%3A%2F%2Fwww.acint.net%2Fmatch%3Fdp%3D98%26euid%3D7304967b-ce9f-4d4e-9c18-2c13c69093cc

Request Chain 142

https://sape-sync.rutarget.ru/sync HTTP 302
https://www.acint.net/match?dp=104&euid=nCuSjTUpmhA8

Request Chain 143

https://ads.betweendigital.com/match?bidder_id=35313&external_user_id=0400007F18121168E623EA910235D258&callback_url=https%3A%2F%2Fmc.acint.net%2Frmatch%3Fdp%3D107%26euid%3D%24%7BUSER_ID%7D%26r%3Dhttps%253A%252F%252Fmc.acint.net%252Fcmatch%253Fdp%253D107 HTTP 302
https://ads.betweendigital.com/match?bidder_id=35313&external_user_id=0400007F18121168E623EA910235D258&callback_url=https%3A%2F%2Fmc.acint.net%2Frmatch%3Fdp%3D107%26euid%3D%24%7BUSER_ID%7D%26r%3Dhttps%253A%252F%252Fmc.acint.net%252Fcmatch%253Fdp%253D107&crf=1&rts=-6116021237114301172

Request Chain 144

https://sm.rtb.mts.ru/p?ssp=sape&id=0400007F18121168E623EA910235D258 HTTP 301
https://vma.mts.ru/match/second?ssp=30&exu=0400007F18121168E623EA910235D258

Request Chain 145

https://exchange.buzzoola.com/cookiesync/dsp/sape-banner?uid=0400007F18121168E623EA910235D258&url=https%3A%2F%2Fmc.acint.net%2Frmatch%3Fdp%3D126%26euid%3D%24%7BUUID%7D%26r%3Dhttps%253A%252F%252Fmc.acint.net%252Fcmatch%253Fdp%253D126 HTTP 302
https://mc.acint.net/rmatch?dp=126&euid=55778954-2d6c-4578-4b65-a0f583d3fc3e&r=https%3A%2F%2Fmc.acint.net%2Fcmatch%3Fdp%3D126

Request Chain 146

https://ssp.bidvol.com/usersync?dspcsid=8&redirect=1 HTTP 302
https://www.acint.net/match?dp=129&euid=pns0rv3xa1

Request Chain 186

https://cm.a.mts.ru/cm/tech?flowId=0ad8d3f8-90df-189f-8191-0983a062000a HTTP 302
https://5607175791745949210244.cm.a.mts.ru/cm/match?flowId=0ad8d3f8-90df-189f-8191-0983a062000a

Request Chain 189

https://mc.yandex.com/watch/88477929?wmode=7&page-url=https%3A%2F%2Fgoo.su%2FA9GpEB&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A91r6djxnfa7uwydy6j81axfzfqaj%3Afu%3A0%3Aen%3Autf-8%3Ala%3Afi-FI%3Av%3A2020%3Acn%3A2%3Adp%3A1%3Als%3A98418462157%3Ahid%3A653370782%3Az%3A180%3Ai%3A20250429205329%3Aet%3A1745949210%3Ac%3A1%3Arn%3A169060880%3Arqn%3A1%3Au%3A1745949207955922493%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Afp%3A1756%3Awv%3A2%3Ads%3A11%2C302%2C231%2C34%2C0%2C0%2C%2C1159%2C0%2C%2C%2C%2C3564%3Aco%3A0%3Acpf%3A1%3Aeu%3A1%3Ans%3A1745949203121%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1745949210%3At%3ARedirecting&t=gdpr(14)mc(p-1)clc(0-0-0)rqnt(1)aw(1)rcm(1)cdl(na)eco(42009088)dss(2)oms(0)ti(1) HTTP 302
https://mc.yandex.com/watch/88477929/1?wmode=7&page-url=https%3A%2F%2Fgoo.su%2FA9GpEB&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A91r6djxnfa7uwydy6j81axfzfqaj%3Afu%3A0%3Aen%3Autf-8%3Ala%3Afi-FI%3Av%3A2020%3Acn%3A2%3Adp%3A1%3Als%3A98418462157%3Ahid%3A653370782%3Az%3A180%3Ai%3A20250429205329%3Aet%3A1745949210%3Ac%3A1%3Arn%3A169060880%3Arqn%3A1%3Au%3A1745949207955922493%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Afp%3A1756%3Awv%3A2%3Ads%3A11%2C302%2C231%2C34%2C0%2C0%2C%2C1159%2C0%2C%2C%2C%2C3564%3Aco%3A0%3Acpf%3A1%3Aeu%3A1%3Ans%3A1745949203121%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1745949210%3At%3ARedirecting&t=gdpr%2814%29mc%28p-1%29clc%280-0-0%29rqnt%281%29aw%281%29rcm%281%29cdl%28na%29eco%2842009088%29dss%282%29oms%280%29ti%281%29&redirnss=1

201 HTTP transactions
3 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H3 200 Primary Request A9GpEB Show response
goo.su/ 11 KB
5 KB 545ms
232ms Document
text/html 104.26.2.56
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL: https://goo.su/A9GpEB
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.26.2.56 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/8.2.13
Resource Hash: 4eb439ea0ef5cbb8d0807f23fe045bc4168ba598615f9d2ab7fb4be978c26ce5

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: private, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 9380a899dd9c9986-CPH
content-encoding: zstd
content-type: text/html; charset=UTF-8
date: Tue, 29 Apr 2025 17:53:23 GMT
expires: -1
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma: no-cache
priority: u=0,i
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=LESNRk9IAZsSV9%2BGJv4J6sDt3SLG9UTcWLtKAVwLE3VHW0sM0jA2xGF9BErl6mU4HhzDBYgbxzDit1N5tKHJS9CPntpD1dUv4Jg13%2FCmzKStkuKmlrzI%2FAY%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
server-timing: cfL4;desc="?proto=QUIC&rtt=167315&min_rtt=160642&rtt_var=45553&sent=9&recv=9&lost=0&retrans=0&sent_bytes=4122&recv_bytes=5628&delivery_rate=21456&cwnd=12000&unsent_bytes=0&cid=55f54d897047a331&ts=294&x=1" cfExtPri cfHdrFlush;dur=0
vary: Accept-Encoding
x-powered-by: PHP/8.2.13

GET
H2 200 css
fonts.googleapis.com/ 6 KB
2 KB 1141ms
282ms Stylesheet
text/css 216.58.206.42
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open%20Sans:400&display=swap

Requested by

Host: goo.su
URL: https://goo.su/A9GpEB

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.206.42 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil07s07-in-f10.1e100.net

Software

ESF /

Resource Hash

43a597f9294363921fcc8f10f904f3843ea9c4c5f931fb5a133428bfd5d544e9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
Referer: https://goo.su/

Response headers

strict-transport-security: max-age=31536000
cache-control: private, max-age=86400
timing-allow-origin: *
content-encoding: gzip
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Tue, 29 Apr 2025 17:53:24 GMT
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 29 Apr 2025 17:53:24 GMT
x-xss-protection: 0
content-type: text/css; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
server: ESF
x-frame-options: SAMEORIGIN

GET
H2 200 css
fonts.googleapis.com/ 6 KB
2 KB 1141ms
283ms Stylesheet
text/css 216.58.206.42
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:400&display=swap

Requested by

Host: goo.su
URL: https://goo.su/A9GpEB

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.206.42 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil07s07-in-f10.1e100.net

Software

ESF /

Resource Hash

44da6a793e23af4584da27ec4c3b62ff576074f9dd124583d4613b0ce80cecb6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
Referer: https://goo.su/

Response headers

strict-transport-security: max-age=31536000
cache-control: private, max-age=86400
timing-allow-origin: *
content-encoding: gzip
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Tue, 29 Apr 2025 17:53:24 GMT
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 29 Apr 2025 17:53:24 GMT
x-xss-protection: 0
content-type: text/css; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
server: ESF
x-frame-options: SAMEORIGIN

GET
H2 200 bootstrap.min.css
cdn.jsdelivr.net/npm/bootstrap@5.3.3/dist/css/ 227 KB
27 KB 1027ms
259ms Stylesheet
text/css 151.101.193.229
FASTLY

General

Check archive.org

Download Go to

Full URL

https://cdn.jsdelivr.net/npm/bootstrap@5.3.3/dist/css/bootstrap.min.css

Requested by

Host: goo.su
URL: https://goo.su/A9GpEB

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.193.229 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

3c8f27e6009ccfd710a905e6dcf12d0ee3c6f2ac7da05b0572d3e0d12e736fc8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
Origin: https://goo.su
Referer: https://goo.su/

Response headers

access-control-expose-headers: *
content-encoding: br
etag: W/"38d63-xawd7pYctZoEUlbsID9p4xeHL3w"
age: 5394738
x-content-type-options: nosniff
x-jsd-version-type: version
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
x-cache: HIT, HIT
date: Tue, 29 Apr 2025 17:53:24 GMT
content-type: text/css; charset=utf-8
x-served-by: cache-fra-eddf8230118-FRA, cache-hel1410032-HEL
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
access-control-allow-origin: *
content-length: 27432
x-jsd-version: 5.3.3

GET
H2 200 alpine.min.js Show response
cdn.jsdelivr.net/npm/alpinejs@2.x.x/dist/ 26 KB
9 KB 1809ms
199ms Script
application/javascript 151.101.193.229
FASTLY

General

Check archive.org

Download Go to

Full URL

https://cdn.jsdelivr.net/npm/alpinejs@2.x.x/dist/alpine.min.js

Requested by

Host: goo.su
URL: https://goo.su/A9GpEB

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.193.229 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

6d5c310eb7610d84cb1b06b865e507d4037e6d3c6c33d52d41a24aa1708abf14

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
Referer: https://goo.su/

Response headers

access-control-expose-headers: *
content-encoding: br
etag: W/"6965-ytDMsi7o5Jy/SCokY1+PFUOZmNk"
age: 30517
x-content-type-options: nosniff
x-jsd-version-type: version
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
x-cache: HIT, HIT
date: Tue, 29 Apr 2025 17:53:26 GMT
content-type: application/javascript; charset=utf-8
x-served-by: cache-fra-eddf8230072-FRA, cache-hel1410030-HEL
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=604800, s-maxage=43200
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
access-control-allow-origin: *
content-length: 8836
x-jsd-version: 2.8.2

GET
H2 200 v0 Show response
openfpcdn.io/botd/ 17 KB
7 KB 851ms
417ms Script
text/javascript 13.32.99.118
AMAZON-02

General

Check archive.org

Download Go to

Full URL

https://openfpcdn.io/botd/v0

Requested by

Host: goo.su
URL: https://goo.su/A9GpEB

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.99.118 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-99-118.fra60.r.cloudfront.net

Software

CloudFront /

Resource Hash

d661db00e3bbb388796ff77a4020d8dca3ec169fda5bcd35025b6a63e6d26347

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
Referer: https://goo.su/

Response headers

content-encoding: gzip
etag: W/"5KqoidcxiD9rCNQJsghpkCGPfjg"
age: 685
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
x-cache: Hit from cloudfront
x-amz-cf-id: 6x-ywMhwsMm26W1Ms2Mqct0uAIPQnmI5Yt_UcIZsXbHdIBGFLbslTw==
date: Tue, 29 Apr 2025 17:42:09 GMT
content-type: text/javascript; charset=utf-8
vary: Accept-Encoding
strict-transport-security: max-age=63072000; includeSubDomains; preload
cache-control: public, max-age=624556, s-maxage=10332
cross-origin-resource-policy: cross-origin
via: 1.1 c80ae6bd97b709ed6e4747f0d5ea4efc.cloudfront.net (CloudFront)
access-control-allow-origin: *
x-amz-cf-pop: FRA60-P3
server: CloudFront

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 152 KB
52 KB 1841ms
231ms Script
text/javascript 142.250.185.130
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-2221698569877911

Requested by

Host: goo.su
URL: https://goo.su/A9GpEB

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

57d0186a70b90b8e31052c16631e54ee6aaa30e7ebaf8c25671cc9b350a54de1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
Origin: https://goo.su
Referer: https://goo.su/

Response headers

content-encoding: br
etag: 8693284238258755724
x-content-type-options: nosniff
expires: Tue, 29 Apr 2025 17:53:26 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date: Tue, 29 Apr 2025 17:53:26 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
content-disposition: attachment; filename="f.txt"
link: <https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
content-length: 52616
x-xss-protection: 0
server: cafe

GET
H3 200 redirect.js Show response
goo.su/frontend/js/ 86 KB
33 KB 195ms
194ms Script
application/javascript 104.26.2.56
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL: https://goo.su/frontend/js/redirect.js?id=399eaf833ac5f607b305c4ace0c25eb5
Requested by: Host: goo.su
URL: https://goo.su/A9GpEB
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.26.2.56 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9ac92dd22b771410a6944726d1ed1fd7a7faaf239c2d80eab0bc1233e6ce95d2

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
Referer: https://goo.su/A9GpEB

Response headers

content-encoding: zstd
cf-cache-status: HIT
etag: W/"65896ec2-156eb"
age: 600582
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=RcCw4KRTCHKpBBlqxbwhAnsIAhScdz680lwP8H%2BYpC%2BWjFJCB%2F98xtOc5kzHiv2m1aROdzgOrTUZOxg6ppCk7T7Lhx6kA8tjaukHzLQ23EN0JKvRfCAbaO0%3D"}],"group":"cf-nel","max_age":604800}
expires: Tue, 29 Apr 2025 19:03:42 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=198953&min_rtt=160642&rtt_var=48955&sent=17&recv=16&lost=0&retrans=0&sent_bytes=9080&recv_bytes=6304&delivery_rate=25097&cwnd=12000&unsent_bytes=0&cid=55f54d897047a331&ts=1646&x=1", cfExtPri, cfHdrFlush;dur=0
date: Tue, 29 Apr 2025 17:53:24 GMT
content-type: application/javascript
last-modified: Mon, 25 Dec 2023 12:00:02 GMT
vary: Accept-Encoding
priority: u=3,i=?0
cache-control: max-age=604800
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 9380a8a2cfe99986-CPH
server: cloudflare

GET
H2 200 caramel.js Show response
ads.digitalcaramel.com/ 100 KB
21 KB 460ms
160ms Script
application/javascript 65.109.72.77
HETZNER-AS Hetzne...

General

Check archive.org

Download Go to

Full URL

https://ads.digitalcaramel.com/caramel.js?ts=1745949204848

Requested by

Host: goo.su
URL: https://goo.su/A9GpEB

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

65.109.72.77 Helsinki, Finland, ASN24940 (HETZNER-AS Hetzner Online GmbH, DE),

Reverse DNS

static.77.72.109.65.clients.your-server.de

Software

nginx /

Resource Hash

d4af93a316edb4764245b4bb7394a2a96d296451a8fa5743482ae2715a3feec4

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' http: https: ws: wss: data: blob: 'unsafe-inline'; frame-ancestors 'self';
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
Referer: https://goo.su/

Response headers

content-encoding: gzip
etag: W/"6810652a-190cd"
x-content-type-options: nosniff
expires: Tue, 06 May 2025 17:53:25 GMT
date: Tue, 29 Apr 2025 17:53:25 GMT
content-type: application/javascript
last-modified: Tue, 29 Apr 2025 05:35:38 GMT
vary: Accept-Encoding
x-frame-options: DENY
strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: default-src 'self' http: https: ws: wss: data: blob: 'unsafe-inline'; frame-ancestors 'self';
cache-control: max-age=604800
referrer-policy: no-referrer-when-downgrade
permissions-policy: interest-cohort=()
x-xss-protection: 1; mode=block
server: nginx

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 247 KB
86 KB 1607ms
888ms Script
application/javascript 172.217.18.8
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-TRGNQBDL

Requested by

Host: goo.su
URL: https://goo.su/A9GpEB

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.8 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s22-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

f1ddcfca102f9f64df0644bf72630ebb907cd5bbb8a43e3ef5b6d2c55b7c4213

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
Referer: https://goo.su/

Response headers

content-encoding: br
report-to: {"group":"ascgcycc:1314:0","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:1314:0"}],}
expires: Tue, 29 Apr 2025 17:53:25 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 29 Apr 2025 17:53:25 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
last-modified: Tue, 29 Apr 2025 16:31:52 GMT
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:1314:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=ascgcycc:1314:0
content-length: 87638
x-xss-protection: 0
server: Google Tag Manager

GET
H2 200 tag.js Show response
mc.yandex.ru/metrika/ 226 KB
77 KB 1612ms
818ms Script
application/javascript 77.88.21.119
YANDEX YANDEX LLC

General

Check archive.org

Download Go to

Full URL

https://mc.yandex.ru/metrika/tag.js

Requested by

Host: goo.su
URL: https://goo.su/A9GpEB

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

77.88.21.119 , Russian Federation, ASN13238 (YANDEX YANDEX LLC, RU),

Reverse DNS

mc.yandex.ru

Software

Resource Hash

ad7fa1c6b844b3b8d25788b65ffca08d45ebb1ba2742c587f97b18d9ec21bbfa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
Referer: https://goo.su/

Response headers

strict-transport-security: max-age=31536000
cache-control: max-age=3600
timing-allow-origin: *
content-encoding: br
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
etag: "680f5119-12e6a"
expires: Tue, 29 Apr 2025 18:53:25 GMT
access-control-allow-origin: *
content-length: 77418
date: Tue, 29 Apr 2025 17:53:25 GMT
content-type: application/javascript
last-modified: Mon, 28 Apr 2025 09:57:45 GMT

GET
H2 200 code.js Show response
top-fwz1.mail.ru/js/ 46 KB
20 KB 517ms
163ms Script
application/javascript 95.163.52.67
VK-AS LLC VK

General

Check archive.org

Download Go to

Full URL

https://top-fwz1.mail.ru/js/code.js

Requested by

Host: goo.su
URL: https://goo.su/A9GpEB

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

95.163.52.67 , Russian Federation, ASN47764 (VK-AS LLC VK, RU),

Reverse DNS

top-fwz1.mail.ru

Software

nginx /

Resource Hash

952de987eda356dc43015412de55c0826fcf291375a36e8ac56a9114f3b5a19a

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
Referer: https://goo.su/

Response headers

access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
content-encoding: gzip
etag: W/"678773c1-b956"
access-control-allow-methods: GET, POST, HEAD, PUT, OPTIONS
x-content-type-options: nosniff
accept-ch-lifetime: 86400
expires: Tue, 29 Apr 2025 18:53:25 GMT
p3p: CP="NOI DSP COR NID CUR PSA OUR NOR"
date: Tue, 29 Apr 2025 17:53:25 GMT
content-type: application/javascript
last-modified: Wed, 15 Jan 2025 08:37:21 GMT
access-control-allow-headers: *
cache-control: max-age=3600, private
timing-allow-origin: *
accept-ch: DPR, Width, Viewport-Width, Downlink, Device-Memory, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version
access-control-allow-credentials: true
amp-access-control-allow-source-origin: *
access-control-allow-origin: *
server: nginx

GET
H/1.1 200
OK hit
counter.yadro.ru/ 132 B
437 B 642ms
263ms Image
image/gif 88.212.201.204
UNITEDNET EDINAYA...

General

Check archive.org

Download Go to Show image

Full URL

https://counter.yadro.ru/hit?t44.11;r;s1600*1200*24;uhttps%3A//goo.su/A9GpEB;hRedirecting;0.9089184069885908

Requested by

Host: goo.su
URL: https://goo.su/A9GpEB

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

88.212.201.204 , Russian Federation, ASN39134 (UNITEDNET EDINAYA SET LIMITED LIABILITY COMPANY, RU),

Reverse DNS

host204.rax.ru

Software

nginx/1.17.9 /

Resource Hash

e10cd8d343f9c37e3500c69d92f7ac7e78b6c7df29a2ace8cffe71bfa494e8c9

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
Referer: https://goo.su/

Response headers

Strict-Transport-Security: max-age=86400
Cache-control: no-cache
Pragma: no-cache
Connection: keep-alive
Expires: Sun, 28 Apr 2024 21:00:00 GMT
Access-Control-Allow-Origin: *
Content-Length: 132
Date: Tue, 29 Apr 2025 17:53:25 GMT
Content-Type: image/gif
Server: nginx/1.17.9

GET
H2 200 top100.js Show response
st.top100.ru/top100/ 129 KB
38 KB 1606ms
931ms Script
application/javascript 151.236.71.248
CDNetworks GLOBAL...

General

Check archive.org

Download Go to

Full URL: https://st.top100.ru/top100/top100.js
Requested by: Host: goo.su
URL: https://goo.su/A9GpEB
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 151.236.71.248 Moscow, Russian Federation, ASN204720 (CDNetworks GLOBAL CLOUD NETWORK LLC, RU),
Reverse DNS
Software: nginx /
Resource Hash: 44ad04fe06c0306722382f8a28d49876eaa87605d6b5a2ad8f24784358b6bdc5

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
Referer: https://goo.su/

Response headers

x-cdn-edge-id: 2315
x-obs-id-2: 32AAAQAAEAABAAAQAAEAABAAAQAAEAABCSAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
x-cdn-edge-cache: HIT
content-encoding: gzip
x-obs-meta-s3cmd-attrs: atime:1744718263/ctime:1744718263/gid:0/gname:root/md5:a2e714378321ae704b68d53a14b89c1f/mode:33188/mtime:1744717654/uid:0/uname:root
etag: W/"a2e714378321ae704b68d53a14b89c1f"
x-obs-tagging-count: 0
date: Tue, 29 Apr 2025 17:53:25 GMT
x-obs-content-sha256: 44ad04fe06c0306722382f8a28d49876eaa87605d6b5a2ad8f24784358b6bdc5
content-type: application/javascript
x-obs-request-id: 00000196825D3E38A00477AA4E58F81E
server: nginx
last-modified: Tue, 15 Apr 2025 11:57:44 GMT
x-cdn-request-id: 7eb8d8ae35ab3b1ba618d9e3a178eb12

GET
H2 200 goo.su.json Show response
cdn.digitalcaramel.com/configs/ 23 KB
4 KB 1916ms
425ms Fetch
application/json 95.181.182.182
EdgeCenterLLC Edg...

General

Check archive.org

Download Go to

Full URL: https://cdn.digitalcaramel.com/configs/goo.su.json
Requested by: Host: ads.digitalcaramel.com
URL: https://ads.digitalcaramel.com/caramel.js?ts=1745949204848
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 95.181.182.182 Perm, Russian Federation, ASN210756 (EdgeCenterLLC EdgeCenter LLC, RU),
Reverse DNS
Software: nginx /
Resource Hash: e908b243a8d7f36576a6a3cb07d339b840067014b6427b2855dc78e67c9e7350

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
Referer: https://goo.su/

Response headers

x-cached-since: 2025-04-27T06:39:30+00:00
is-cdn: yes
cache: HIT
x-node: k12-up-gc17
content-encoding: gzip
etag: W/"67dbf211-5bad"
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-origin: *
date: Tue, 29 Apr 2025 17:53:27 GMT
content-type: application/json
vary: Accept-Encoding, Accept-Encoding
server: nginx
last-modified: Thu, 20 Mar 2025 10:46:41 GMT
access-control-allow-headers: Origin, Content-Type, Accept, Authorization

GET
H/1.1 200
OK sync-loader.js Show response
privacy-cs.mail.ru/static/ 83 KB
22 KB 2770ms
289ms Script
application/javascript 95.163.52.89
VK-AS LLC VK

General

Check archive.org

Download Go to

Full URL: https://privacy-cs.mail.ru/static/sync-loader.js
Requested by: Host: top-fwz1.mail.ru
URL: https://top-fwz1.mail.ru/js/code.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 95.163.52.89 , Russian Federation, ASN47764 (VK-AS LLC VK, RU),
Reverse DNS: r3.mail.ru
Software: nginx /
Resource Hash: dafaebb1489c165856c019839c1128327f1af3f709ace70da1a757e3a62cb015

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
Referer: https://goo.su/

Response headers

Transfer-Encoding: chunked
Cache-Control: max-age=600
Timing-Allow-Origin: *
Content-Encoding: gzip
Connection: keep-alive
Expires: Tue, 29 Apr 2025 18:03:28 GMT
Access-Control-Allow-Origin: *
Date: Tue, 29 Apr 2025 17:53:28 GMT
Content-Type: application/javascript;charset=UTF-8
Server: nginx

GET
H2 200 dyn-goal-config.js Show response
top-fwz1.mail.ru/js/ 3 KB
2 KB 1018ms
1018ms Script
application/javascript 95.163.52.67
VK-AS LLC VK

General

Check archive.org

Download Go to

Full URL

https://top-fwz1.mail.ru/js/dyn-goal-config.js?ids=3128781

Requested by

Host: top-fwz1.mail.ru
URL: https://top-fwz1.mail.ru/js/code.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

95.163.52.67 , Russian Federation, ASN47764 (VK-AS LLC VK, RU),

Reverse DNS

top-fwz1.mail.ru

Software

nginx /

Resource Hash

0e7e3045519beaff2095d4a64b8dfb1b581013eb5b8f4b3549983c69abe7139b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
Referer: https://goo.su/

Response headers

access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
content-encoding: gzip
access-control-allow-methods: GET, POST, HEAD, PUT, OPTIONS
x-content-type-options: nosniff
accept-ch-lifetime: 86400
expires: Tue, 29 Apr 2025 18:03:25 GMT
p3p: CP="NOI DSP COR NID CUR PSA OUR NOR"
date: Tue, 29 Apr 2025 17:53:25 GMT
content-type: application/javascript; charset=utf-8
access-control-allow-headers: *
cache-control: max-age=600, private
timing-allow-origin: *
accept-ch: DPR, Width, Viewport-Width, Downlink, Device-Memory, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version
access-control-allow-credentials: true
amp-access-control-allow-source-origin: *
access-control-allow-origin: *
server: nginx

GET
H2 200 counter
top-fwz1.mail.ru/ 43 B
1 KB 237ms
237ms Image
image/gif 95.163.52.67
VK-AS LLC VK

General

Check archive.org

Download Go to Show image

Full URL

https://top-fwz1.mail.ru/counter?_=0.9602851635960471;id=3128781;u=https%3A%2F%2Fgoo.su%2FA9GpEB;title=Redirecting;s=1600*1200;vp=1600*1200;touch=0;hds=1;sid=1d5bf6dbb6b790ba;ver=60.6.0;tz=-180%2FEurope%2FHelsinki;st=1745949204858;ct=2300/2305/2305//1729;rt=1730/569/0/0/0/1730/1730/1738/1738/2084/1744/2084/2247/2299;gl=u;ni=10//4g/250/0/;lvid=1745949205426%3A1745949205436%3A1%3A6b7792e5ae77dea8eac9f7df7f43273e;opts=dl%2Ccnhp%3Dh2%2Ccs%3D19238-47446-19538;visible=true;js=13

Requested by

Host: goo.su
URL: https://goo.su/A9GpEB

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

95.163.52.67 , Russian Federation, ASN47764 (VK-AS LLC VK, RU),

Reverse DNS

top-fwz1.mail.ru

Software

nginx /

Resource Hash

24e480e4659fbae818853a38f8a3036f529f539024dc3e772c0b594ce02ea9db

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
Referer: https://goo.su/

Response headers

access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
access-control-allow-methods: GET, POST, HEAD, PUT, OPTIONS
x-content-type-options: nosniff
accept-ch-lifetime: 86400
p3p: CP="NOI DSP COR NID CUR PSA OUR NOR"
date: Tue, 29 Apr 2025 17:53:25 GMT
content-type: image/gif
access-control-allow-headers: *
cache-control: private, no-cache, no-store, max-age=0
timing-allow-origin: *
pragma: no-cache
accept-ch: DPR, Width, Viewport-Width, Downlink, Device-Memory, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version
access-control-allow-credentials: true
amp-access-control-allow-source-origin: *
access-control-allow-origin: *
content-length: 43
server: nginx

GET
H2 200 mgc.js Show response
st.top100.ru/top100/3.17.4/ 5 KB
2 KB 238ms
238ms Script
application/javascript 151.236.71.248
CDNetworks GLOBAL...

General

Check archive.org

Download Go to

Full URL: https://st.top100.ru/top100/3.17.4/mgc.js
Requested by: Host: st.top100.ru
URL: https://st.top100.ru/top100/top100.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 151.236.71.248 Moscow, Russian Federation, ASN204720 (CDNetworks GLOBAL CLOUD NETWORK LLC, RU),
Reverse DNS
Software: nginx /
Resource Hash: ce301b9b7c156672c16d417f5d9ff9c7813187b468cc4a7f7526a1bac2e21c25

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
Referer: https://goo.su/

Response headers

x-cdn-edge-id: 2315
x-obs-id-2: 32AAAQAAEAABAAAQAAEAABAAAQAAEAABCSAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
x-cdn-edge-cache: HIT
content-encoding: gzip
x-obs-meta-s3cmd-attrs: atime:1744718263/ctime:1744718263/gid:0/gname:root/md5:c7c8dabc5b4122bc1da080ceddc861ee/mode:33188/mtime:1744717656/uid:0/uname:root
etag: W/"c7c8dabc5b4122bc1da080ceddc861ee"
x-obs-tagging-count: 0
date: Tue, 29 Apr 2025 17:53:26 GMT
x-obs-content-sha256: ce301b9b7c156672c16d417f5d9ff9c7813187b468cc4a7f7526a1bac2e21c25
content-type: application/javascript
x-obs-request-id: 00000196829336F0B026B8576D9A2040
server: nginx
last-modified: Tue, 15 Apr 2025 11:57:44 GMT
x-cdn-request-id: 5c251bea7eb15bcc8e3accb955ed56d1

POST
H2 200 / Show response
kraken.rambler.ru/cnt/v2/ 43 B
681 B 778ms
345ms XHR
image/gif 94.139.255.28
CLOUDRU-AS "Cloud...

General

Check archive.org

Download Go to

Full URL

https://kraken.rambler.ru/cnt/v2/

Requested by

Host: st.top100.ru
URL: https://st.top100.ru/top100/top100.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

94.139.255.28 Asbest, Russian Federation, ASN208677 (CLOUDRU-AS "Cloud Technologies" LLC trading as Cloud.ru, RU),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
Content-Type: application/x-www-form-urlencoded
Referer: https://goo.su/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
cache-control: no-cache
accept-ch: Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
pragma: no-cache
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
expires: Thu, 01 Jan 1970 00:00:01 GMT
access-control-allow-origin: https://goo.su
x-sca-elb: t100-exd
content-length: 43
date: Tue, 29 Apr 2025 17:53:27 GMT
content-type: image/gif
access-control-allow-headers: content-type

GET
H2 200 top100_0062b1.gif
kraken.rambler.ru/counter-static/images/ 595 B
1 KB 773ms
346ms Image
image/gif 94.139.255.28
CLOUDRU-AS "Cloud...

General

Check archive.org

Download Go to Show image

Full URL

https://kraken.rambler.ru/counter-static/images/top100_0062b1.gif

Requested by

Host: goo.su
URL: https://goo.su/A9GpEB

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

94.139.255.28 Asbest, Russian Federation, ASN208677 (CLOUDRU-AS "Cloud Technologies" LLC trading as Cloud.ru, RU),

Reverse DNS

Software

Resource Hash

fda0897f4cdbbab911245c9ebaa4885f54a7e572b8c9b071dc976d1d27cab1a6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
Referer: https://goo.su/

Response headers

x-obs-id-2: 32AAAQAAEAABAAAQAAEAABAAAQAAEAABCSAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
x-obs-meta-s3cmd-attrs: atime:1718733846/ctime:1718733846/gid:0/gname:root/md5:10d95efe74b84de86398a30e7b958b79/mode:33206/mtime:1718733846/uid:0/uname:root
access-control-allow-methods: OPTIONS,GET
x-sca-elb: t100-exd
date: Tue, 29 Apr 2025 17:53:27 GMT
content-type: image/gif
x-obs-request-id: bb3f2f8fb2fb88b1a6b21298ed5987ee
access-control-allow-headers: DNT
x-cache-status: HIT
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: max-age=86400
access-control-allow-credentials: true
x-obs-tagging-count: 0
access-control-allow-origin: *
content-length: 595
x-obs-content-sha256: fda0897f4cdbbab911245c9ebaa4885f54a7e572b8c9b071dc976d1d27cab1a6

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 373 KB
124 KB 202ms
201ms Script
application/javascript 172.217.18.8
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-64YFP720ET&l=dataLayer&cx=c&gtm=45He54s0v9205004943za200&tag_exp=102887800~103051953~103077950~103106314~103106316~103116025~103173737~103173739~103200001

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TRGNQBDL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.8 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s22-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

9bf6e6efa2bdf5dabcff00855f99379feaf4aec7320e325e5cf90a2bbcf01152

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
Referer: https://goo.su/

Response headers

content-encoding: br
report-to: {"group":"ascgcycc:1072:0","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:1072:0"}],}
expires: Tue, 29 Apr 2025 17:53:26 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 29 Apr 2025 17:53:26 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:1072:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=ascgcycc:1072:0
content-length: 127010
x-xss-protection: 0
server: Google Tag Manager

GET
H2 200 advert.gif
mc.yandex.com/metrika/ 43 B
509 B 289ms
288ms Image
image/gif 77.88.21.119
YANDEX YANDEX LLC

General

Check archive.org

Download Go to Show image

Full URL

https://mc.yandex.com/metrika/advert.gif

Requested by

Host: goo.su
URL: https://goo.su/A9GpEB

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

77.88.21.119 , Russian Federation, ASN13238 (YANDEX YANDEX LLC, RU),

Reverse DNS

mc.yandex.ru

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
Referer: https://goo.su/

Response headers

strict-transport-security: max-age=31536000
cache-control: max-age=3600
timing-allow-origin: *
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
etag: "680f5119-2b"
expires: Tue, 29 Apr 2025 18:53:26 GMT
accept-ranges: bytes
access-control-allow-origin: *
content-length: 43
date: Tue, 29 Apr 2025 17:53:26 GMT
content-type: image/gif
last-modified: Mon, 28 Apr 2025 09:57:45 GMT

GET
H2

200

1 Show response
mc.yandex.com/watch/99705705/
Redirect Chain

https://mc.yandex.com/watch/99705705?wmode=7&page-url=https%3A%2F%2Fgoo.su%2FA9GpEB&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A91r6djxnfa7uwydy6j81axfzfqaj%3Afu%3A0%3Aen%3Autf-8%3Ala%3...
https://mc.yandex.com/watch/99705705/1?wmode=7&page-url=https%3A%2F%2Fgoo.su%2FA9GpEB&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A91r6djxnfa7uwydy6j81axfzfqaj%3Afu%3A0%3Aen%3Autf-8%3Ala...

581 B
664 B

177ms
177ms

Fetch
application/json

77.88.21.119
YANDEX YANDEX LLC

General

Check archive.org

Download Go to

Full URL

https://mc.yandex.com/watch/99705705/1?wmode=7&page-url=https%3A%2F%2Fgoo.su%2FA9GpEB&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A91r6djxnfa7uwydy6j81axfzfqaj%3Afu%3A0%3Aen%3Autf-8%3Ala%3Afi-FI%3Av%3A2020%3Acn%3A1%3Adp%3A0%3Als%3A1081896468781%3Ahid%3A653370782%3Az%3A180%3Ai%3A20250429205326%3Aet%3A1745949207%3Ac%3A1%3Arn%3A645085390%3Arqn%3A1%3Au%3A1745949207955922493%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Afp%3A1756%3Awv%3A2%3Ads%3A11%2C302%2C231%2C34%2C0%2C0%2C%2C1159%2C%2C%2C%2C%2C%3Aco%3A0%3Acpf%3A1%3Ans%3A1745949203121%3Arqnl%3A1%3Ast%3A1745949207%3At%3ARedirecting&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29rcm%281%29cdl%28na%29eco%2842009092%29ti%281%29&redirnss=1

Requested by

Host: goo.su
URL: https://goo.su/A9GpEB

Protocol

Server

77.88.21.119 , Russian Federation, ASN13238 (YANDEX YANDEX LLC, RU),

Reverse DNS

mc.yandex.ru

Software

Resource Hash

af6a7a0e9a51a5269e9104962f53a2d8c6efff8802fa73b598b727665d2547ef

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
Referer: https://goo.su/

Response headers

strict-transport-security: max-age=31536000
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
pragma: no-cache
access-control-allow-credentials: true
x-content-type-options: nosniff
expires: Tue, 29-Apr-2025 17:53:26 GMT
access-control-allow-origin: https://goo.su
content-length: 581
x-xss-protection: 1; mode=block
last-modified: Tue, 29-Apr-2025 17:53:26 GMT
content-type: application/json; charset=utf-8

Redirect headers

strict-transport-security: max-age=31536000
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
location: /watch/99705705/1?wmode=7&page-url=https%3A%2F%2Fgoo.su%2FA9GpEB&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A91r6djxnfa7uwydy6j81axfzfqaj%3Afu%3A0%3Aen%3Autf-8%3Ala%3Afi-FI%3Av%3A2020%3Acn%3A1%3Adp%3A0%3Als%3A1081896468781%3Ahid%3A653370782%3Az%3A180%3Ai%3A20250429205326%3Aet%3A1745949207%3Ac%3A1%3Arn%3A645085390%3Arqn%3A1%3Au%3A1745949207955922493%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Afp%3A1756%3Awv%3A2%3Ads%3A11%2C302%2C231%2C34%2C0%2C0%2C%2C1159%2C%2C%2C%2C%2C%3Aco%3A0%3Acpf%3A1%3Ans%3A1745949203121%3Arqnl%3A1%3Ast%3A1745949207%3At%3ARedirecting&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29rcm%281%29cdl%28na%29eco%2842009092%29ti%281%29&redirnss=1
pragma: no-cache
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
access-control-allow-credentials: true
expires: Tue, 29-Apr-2025 17:53:26 GMT
access-control-allow-origin: https://goo.su
x-xss-protection: 1; mode=block
last-modified: Tue, 29-Apr-2025 17:53:26 GMT

GET
H3 200 v1 Show response
openfpcdn.io/botd/ 15 KB
5 KB 630ms
309ms Script
text/javascript 13.32.99.118
AMAZON-02

General

Check archive.org

Download Go to

Full URL

https://openfpcdn.io/botd/v1

Requested by

Host: goo.su
URL: https://goo.su/A9GpEB

Protocol

Security

QUIC, , AES_128_GCM

Server

13.32.99.118 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-99-118.fra60.r.cloudfront.net

Software

CloudFront /

Resource Hash

29cb26e06f2a4a877f1134a46480d9b78f8b6e0e6f9b0fe67e34307c312b5a89

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
Origin: https://goo.su
Referer

Response headers

content-encoding: gzip
etag: W/"5co2cnhGrt59+8B+iLKwJesMrpA"
age: 4375
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
x-cache: Hit from cloudfront
x-amz-cf-id: FzYptW7Y6XzHz_TPxUvfHyAfYqYBvTeHYY_xpLxF96C6RUcAkAA9fw==
date: Tue, 29 Apr 2025 16:40:32 GMT
content-type: text/javascript; charset=utf-8
vary: Accept-Encoding
strict-transport-security: max-age=63072000; includeSubDomains; preload
cache-control: public, max-age=598047, s-maxage=10408
cross-origin-resource-policy: cross-origin
via: 1.1 544814e402956ba93c0a2d2b923e94c2.cloudfront.net (CloudFront)
access-control-allow-origin: *
x-amz-cf-pop: FRA60-P3
server: CloudFront

GET
H2 200 slotcar_library_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202504280101/ 92 KB
33 KB 1346ms
315ms Script
text/javascript 142.250.185.130
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202504280101/slotcar_library_fy2021.js?bust=31092057

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-2221698569877911

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

177ee7a15aacfde6214548defd97871d3eff0799efed1a7486991a2cbbda24af

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
Referer: https://goo.su/

Response headers

content-encoding: br
etag: 4077185094328435374
age: 81155
x-content-type-options: nosniff
expires: Mon, 12 May 2025 19:20:52 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date: Mon, 28 Apr 2025 19:20:52 GMT
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
cache-control: public, immutable, max-age=1209600
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-length: 33021
x-xss-protection: 0
server: cafe

GET
H2 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202504280101/ 451 KB
151 KB 1353ms
323ms Script
text/javascript 142.250.185.130
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202504280101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-2221698569877911&plah=goo.su&bust=31092057

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-2221698569877911

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

48ce785a09c4914f4a46d4f25c4256cc294615c0aa3b73f5747dc43caffdfdf9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
Referer: https://goo.su/

Response headers

content-encoding: br
etag: 8437852151248063807
x-content-type-options: nosniff
expires: Tue, 29 Apr 2025 17:53:27 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date: Tue, 29 Apr 2025 17:53:27 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
content-disposition: attachment; filename="f.txt"
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-length: 154594
x-xss-protection: 0
server: cafe

GET
H2 200 metrika_match.html Show response
mc.yandex.com/metrika/ Frame 3FB9 5 KB
3 KB 1336ms
410ms Document
text/html 77.88.21.119
YANDEX YANDEX LLC

General

Check archive.org

Download Go to

Full URL

https://mc.yandex.com/metrika/metrika_match.html

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

77.88.21.119 , Russian Federation, ASN13238 (YANDEX YANDEX LLC, RU),

Reverse DNS

mc.yandex.ru

Software

Resource Hash

04c153fcfa1e456179e4680a25db46533a0140a59137adb4f3fe9d43b7afee9f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://goo.su/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
access-control-allow-origin: *
cache-control: max-age=3600
content-encoding: br
content-length: 2067
content-type: text/html
date: Tue, 29 Apr 2025 17:53:27 GMT
etag: "680f5119-813"
expires: Tue, 29 Apr 2025 18:53:27 GMT
last-modified: Mon, 28 Apr 2025 09:57:45 GMT
strict-transport-security: max-age=31536000
timing-allow-origin: *

POST
H2 204 collect
region1.google-analytics.com/g/ 0
0 881ms
187ms Fetch
text/plain 216.239.34.36
GOOGLE

General

Check archive.org

Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-64YFP720ET&gtm=45je54s0v9206643729z89205004943za200zb9205004943&_p=1745949204849&gcd=13l3l3l2l1l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=102887800~103051953~103077950~103106314~103106316~103116025~103173737~103173739~103200001&ptag_exp=102887800~103051953~103077950~103106314~103106316~103116025~103173737~103173739~103200001&cid=1478691121.1745949207&ul=fi-fi&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1745949206&sct=1&seg=0&dl=https%3A%2F%2Fgoo.su%2FA9GpEB&dt=Redirecting&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=3811
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-64YFP720ET&l=dataLayer&cx=c&gtm=45He54s0v9205004943za200&tag_exp=102887800~103051953~103077950~103106314~103106316~103116025~103173737~103173739~103200001
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 216.239.34.36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
Referer: https://goo.su/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:97:0
report-to: {"group":"ascnsrsggc:97:0","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:97:0"}],}
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: https://goo.su
cross-origin-opener-policy-report-only: same-origin; report-to=ascnsrsggc:97:0
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 29 Apr 2025 17:53:27 GMT
content-type: text/plain
server: Golfe2

POST
H2 200 / Show response
kraken.rambler.ru/cnt/v2/ 43 B
478 B 345ms
344ms XHR
image/gif 94.139.255.28
CLOUDRU-AS "Cloud...

General

Check archive.org

Download Go to

Full URL

https://kraken.rambler.ru/cnt/v2/

Requested by

Host: st.top100.ru
URL: https://st.top100.ru/top100/top100.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

94.139.255.28 Asbest, Russian Federation, ASN208677 (CLOUDRU-AS "Cloud Technologies" LLC trading as Cloud.ru, RU),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
Content-Type: application/x-www-form-urlencoded
Referer: https://goo.su/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
cache-control: no-cache
accept-ch: Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
pragma: no-cache
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
expires: Thu, 01 Jan 1970 00:00:01 GMT
access-control-allow-origin: https://goo.su
x-sca-elb: t100-exd
content-length: 43
date: Tue, 29 Apr 2025 17:53:27 GMT
content-type: image/gif
access-control-allow-headers: content-type

GET
H2 200 header-bidding.js Show response
yandex.ru/ads/system/ 118 KB
35 KB 1154ms
302ms Script
text/javascript 77.88.55.88
YANDEX YANDEX LLC

General

Check archive.org

Download Go to

Full URL

https://yandex.ru/ads/system/header-bidding.js

Requested by

Host: ads.digitalcaramel.com
URL: https://ads.digitalcaramel.com/caramel.js?ts=1745949204848

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

77.88.55.88 , Russian Federation, ASN13238 (YANDEX YANDEX LLC, RU),

Reverse DNS

yandex.ru

Software

Resource Hash

d445e80ee14bd07457277f264ad5c5120fda2777ae308c77c613acc963ffca03

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
Referer: https://goo.su/

Response headers

x-robots-tag: noindex, noarchive, nofollow
x-yandex-req-id: 1745949208337085-16478362964375047487-balancer-l7leveler-kubr-yp-sas-191-BAL
cache-control: private, max-age=3600
timing-allow-origin: *
content-encoding: br
nel: {"report_to": "network-errors", "max_age": 100, "success_fraction": 0.001, "failure_fraction": 0.1}
accept-ch: Sec-CH-UA-Platform-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Platform, Sec-CH-UA-Full-Version, Viewport-Width, DPR, Device-Memory, RTT, Downlink, ECT, Width
etag: "57e5b398cf6f020c7fec599def3e4194-1261120"
report-to: { "group": "network-errors", "max_age": 100, "endpoints": [{"url": "https://dr.yandex.net/nel", "priority": 1}, {"url": "https://dr2.yandex.net/nel", "priority": 2}]}
x-content-type-options: nosniff
expires: Tue, 29 Apr 2025 18:53:28 GMT
access-control-allow-origin: *
content-type: text/javascript; charset=utf-8

GET
H2 200 roxot-manager.js Show response
cdn.skcrtxr.com/roxot-wrapper/js/ 11 KB
4 KB 1075ms
224ms Script
text/javascript 95.181.182.182
EdgeCenterLLC Edg...

General

Check archive.org

Download Go to

Full URL: https://cdn.skcrtxr.com/roxot-wrapper/js/roxot-manager.js?pid=19e08d82-9ec3-4dda-b15f-01ab2c95e167
Requested by: Host: ads.digitalcaramel.com
URL: https://ads.digitalcaramel.com/caramel.js?ts=1745949204848
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 95.181.182.182 Perm, Russian Federation, ASN210756 (EdgeCenterLLC EdgeCenter LLC, RU),
Reverse DNS
Software: nginx /
Resource Hash: 4cdeb02fd6f90275e3410e58333ab2cbfa27a96be8deb43f2286397ca6fef4fa

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
Referer: https://goo.su/

Response headers

cache: HIT
cache-control: max-age=600, public, s-maxage=600
content-encoding: gzip
access-control-allow-origin: *
date: Tue, 29 Apr 2025 17:53:28 GMT
content-type: text/javascript; charset=UTF-8
x-cached-since: 2025-04-29T17:49:47+00:00
server: nginx
x-node: k12-up-gc17

GET
H2 200 aci.js Show response
www.acint.net/ 31 KB
9 KB 848ms
452ms Script
application/x-javascript 142.132.138.214
HETZNER-AS Hetzne...

General

Check archive.org

Download Go to

Full URL: https://www.acint.net/aci.js
Requested by: Host: goo.su
URL: https://goo.su/A9GpEB
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 142.132.138.214 Falkenstein, Germany, ASN24940 (HETZNER-AS Hetzner Online GmbH, DE),
Reverse DNS: static.214.138.132.142.clients.your-server.de
Software: openresty /
Resource Hash: 7b2d18d3dc9861604cbbde63dd9218e12a6cac1a06f52b877eddf61f9f7c3b37

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
Referer: https://goo.su/

Response headers

cache-control: max-age=43200
content-encoding: gzip
etag: "6710dc1a-225f"
expires: Wed, 30 Apr 2025 05:53:27 GMT
content-length: 8799
date: Tue, 29 Apr 2025 17:53:27 GMT
content-type: application/x-javascript
last-modified: Thu, 17 Oct 2024 09:42:50 GMT
server: openresty

GET
H2

200

aotm.js Show response
sync.dmp.otm-r.com/match/
Redirect Chain

https://sync.dmp.otm-r.com/match/aotm.js
https://sync.dmp.otm-r.com/match/aotm.js?otcm_check=1745949208

5 KB
5 KB

265ms
265ms

Script
application/javascript

194.55.244.177
PROCLOUD KVIKTEL LLC

General

Check archive.org

Download Go to

Full URL: https://sync.dmp.otm-r.com/match/aotm.js?otcm_check=1745949208
Requested by: Host: goo.su
URL: https://goo.su/A9GpEB
Protocol: H2
Server: 194.55.244.177 Moscow, Russian Federation, ASN34959 (PROCLOUD KVIKTEL LLC, RU),
Reverse DNS
Software: nginx/1.23.2 /
Resource Hash: c8c1535e64de7426799586119ad56a7f1925a2a4d00a74aeff1dd3c965e49baf

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
Referer: https://goo.su/

Response headers

access-control-allow-origin: *
date: Tue, 29 Apr 2025 17:53:28 GMT
content-type: application/javascript
server: nginx/1.23.2

Redirect headers

access-control-allow-origin: *
location: /match/aotm.js?otcm_check=1745949208
content-length: 59
date: Tue, 29 Apr 2025 17:53:28 GMT
content-type: text/html; charset=utf-8
server: nginx/1.23.2

GET
H2 200 buzzoola_ext.js Show response
tube.buzzoola.com/js/lib/ 959 B
771 B 847ms
313ms Script
application/javascript 151.236.118.162
CDNetworks GLOBAL...

General

Check archive.org

Download Go to

Full URL: https://tube.buzzoola.com/js/lib/buzzoola_ext.js
Requested by: Host: ads.digitalcaramel.com
URL: https://ads.digitalcaramel.com/caramel.js?ts=1745949204848
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 151.236.118.162 Moscow, Russian Federation, ASN204720 (CDNetworks GLOBAL CLOUD NETWORK LLC, RU),
Reverse DNS
Software: nginx /
Resource Hash: fbdb44f2d09689e158a936ddf847eada264db3fa11a8f3e2e63e0dbc8620d722

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
Referer: https://goo.su/

Response headers

x-cdn-edge-id: 310
x-cdn-edge-cache: HIT
content-encoding: gzip
expires: Tue, 29 Apr 2025 18:00:00 GMT
date: Tue, 29 Apr 2025 17:53:27 GMT
content-type: application/javascript; charset=utf-8
last-modified: Wed, 16 Apr 2025 12:11:37 GMT
server: nginx
x-cdn-request-id: fae5eb34e3c2f5e8a9ce92dddbf0102e

GET
H2 200 context.js Show response
yandex.ru/ads/system/ 390 KB
109 KB 1304ms
455ms Script
text/javascript 77.88.55.88
YANDEX YANDEX LLC

General

Check archive.org

Download Go to

Full URL

https://yandex.ru/ads/system/context.js

Requested by

Host: ads.digitalcaramel.com
URL: https://ads.digitalcaramel.com/caramel.js?ts=1745949204848

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

77.88.55.88 , Russian Federation, ASN13238 (YANDEX YANDEX LLC, RU),

Reverse DNS

yandex.ru

Software

Resource Hash

6dfe4d6ce9f7de66147285ccb0ce652245bb108dfedde7a174d89c2914710930

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
Referer: https://goo.su/

Response headers

x-robots-tag: noindex, noarchive, nofollow
x-yandex-req-id: 1745949208337506-13749521919512218187-balancer-l7leveler-kubr-yp-sas-191-BAL
nel: {"report_to": "network-errors", "max_age": 100, "success_fraction": 0.001, "failure_fraction": 0.1}
cache-control: private, max-age=3600
content-encoding: br
etag: "89ac380e3bb28bd0f7ae9bf6f9547c77-1261120"
accept-ch: Sec-CH-UA-Platform-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Platform, Sec-CH-UA-Full-Version, Viewport-Width, DPR, Device-Memory, RTT, Downlink, ECT, Width
timing-allow-origin: *
report-to: { "group": "network-errors", "max_age": 100, "endpoints": [{"url": "https://dr.yandex.net/nel", "priority": 1}, {"url": "https://dr2.yandex.net/nel", "priority": 2}]}
x-content-type-options: nosniff
expires: Tue, 29 Apr 2025 18:53:28 GMT
access-control-allow-origin: *
content-type: text/javascript; charset=utf-8

GET
H2 200 buzzoola_ufp.js Show response
tube.buzzoola.com//js/lib/ 13 KB
5 KB 249ms
247ms Script
application/javascript 151.236.118.162
CDNetworks GLOBAL...

General

Check archive.org

Download Go to

Full URL: https://tube.buzzoola.com//js/lib/buzzoola_ufp.js
Requested by: Host: tube.buzzoola.com
URL: https://tube.buzzoola.com/js/lib/buzzoola_ext.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 151.236.118.162 Moscow, Russian Federation, ASN204720 (CDNetworks GLOBAL CLOUD NETWORK LLC, RU),
Reverse DNS
Software: nginx /
Resource Hash: c5b7be7ff5a92d4d03ae4b96a3931d1349f726affed96d8b64ecbd1ef7de598f

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
Referer: https://goo.su/

Response headers

x-cdn-edge-id: 310
x-cdn-edge-cache: HIT
content-encoding: gzip
expires: Tue, 29 Apr 2025 18:00:00 GMT
date: Tue, 29 Apr 2025 17:53:28 GMT
content-type: application/javascript; charset=utf-8
last-modified: Wed, 16 Apr 2025 12:11:37 GMT
server: nginx
x-cdn-request-id: 1e96a5552993c7d941add61e418b53d2

GET
H2

200

/ Show response
www.acint.net/mc/ Frame F229
Redirect Chain

https://www.acint.net/mc/?dp=14&pi=1753819
https://www.acint.net/mc/?dp=14&tc=1&pi=1753819

8 KB
6 KB

256ms
256ms

Document
text/html

142.132.138.215
HETZNER-AS Hetzne...

General

Check archive.org

Download Go to

Full URL: https://www.acint.net/mc/?dp=14&tc=1&pi=1753819
Requested by: Host: www.acint.net
URL: https://www.acint.net/aci.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 142.132.138.215 Falkenstein, Germany, ASN24940 (HETZNER-AS Hetzner Online GmbH, DE),
Reverse DNS: static.215.138.132.142.clients.your-server.de
Software: openresty /
Resource Hash: d08f22e06aa1a1b8001d2816d6a013661b0600e83024fc1c33321a0f8c69a8e0

Request headers

Referer: https://goo.su/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

content-encoding: gzip
content-type: text/html
date: Tue, 29 Apr 2025 17:53:29 GMT
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
server: openresty

Redirect headers

content-length: 154
content-type: text/html
date: Tue, 29 Apr 2025 17:53:28 GMT
location: /mc/?dp=14&tc=1&pi=1753819
server: openresty

GET
H2 200 oci.js Show response
www.acint.net/ 31 KB
14 KB 234ms
234ms Script
application/x-javascript 142.132.138.214
HETZNER-AS Hetzne...

General

Check archive.org

Download Go to

Full URL: https://www.acint.net/oci.js?t=1745949208165
Requested by: Host: www.acint.net
URL: https://www.acint.net/aci.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 142.132.138.214 Falkenstein, Germany, ASN24940 (HETZNER-AS Hetzner Online GmbH, DE),
Reverse DNS: static.214.138.132.142.clients.your-server.de
Software: openresty /
Resource Hash: ed71a649c7afe37dc8843a1f80e2ac0bdf364e0d66e81002f0c54765aee37b7a

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
Referer: https://goo.su/

Response headers

content-encoding: gzip
date: Tue, 29 Apr 2025 17:53:28 GMT
etag: W/"641e08cc-7dac"
content-type: application/x-javascript
last-modified: Fri, 24 Mar 2023 20:32:12 GMT
server: openresty

GET
H2 200 /
www.acint.net/hit/ 43 B
340 B 223ms
223ms Image
image/gif 142.132.138.214
HETZNER-AS Hetzne...

General

Check archive.org

Download Go to Show image

Full URL: https://www.acint.net/hit/?v=0.7.1&uid=f36de6ed-edc7-4e77-af44-89cf42071c28&dp=14&tz=%2B03%3A00&nc=823917&u=https%3A%2F%2Fgoo.su%2FA9GpEB&r=&rs=1600x1200&t=Redirecting&oE=1&oP=1&dT=2025-04-29T20%3A53%3A28.160&fu=a1857ac8-48e4-43ff-891e-7b40e51858d3
Requested by: Host: goo.su
URL: https://goo.su/A9GpEB
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 142.132.138.214 Falkenstein, Germany, ASN24940 (HETZNER-AS Hetzner Online GmbH, DE),
Reverse DNS: static.214.138.132.142.clients.your-server.de
Software: openresty /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
Referer: https://goo.su/

Response headers

expires: Wed, 19 Apr 2000 11:43:00 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-length: 43
date: Tue, 29 Apr 2025 17:53:28 GMT
content-type: image/gif
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: openresty

OPTIONS
H/1.1 200
OK /
privacy-cs.mail.ru/fp/ Frame 0
0 1192ms
320ms Preflight
application/octet-stream 95.163.52.89
VK-AS LLC VK

General

Check archive.org

Download Go to

Full URL: https://privacy-cs.mail.ru/fp/?id=OEdtP-3m0on32FLC4oahn
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 95.163.52.89 , Russian Federation, ASN47764 (VK-AS LLC VK, RU),
Reverse DNS: r3.mail.ru
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://goo.su
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: content-type
Access-Control-Allow-Method: POST
Access-Control-Allow-Origin: https://goo.su
Access-Control-Max-Age: 1728000
Cache-Control: max-age=7200
Connection: keep-alive
Content-Length: 0
Content-Type: application/octet-stream
Date: Tue, 29 Apr 2025 17:53:29 GMT
Expires: Tue, 29 Apr 2025 19:53:29 GMT
Server: nginx

POST
H/1.1 200
OK /
privacy-cs.mail.ru/fp/ 0
0 276ms
275ms Fetch
application/octet-stream 95.163.52.89
VK-AS LLC VK

General

Check archive.org

Download Go to

Full URL: https://privacy-cs.mail.ru/fp/?id=OEdtP-3m0on32FLC4oahn
Requested by: Host: privacy-cs.mail.ru
URL: https://privacy-cs.mail.ru/static/sync-loader.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 95.163.52.89 , Russian Federation, ASN47764 (VK-AS LLC VK, RU),
Reverse DNS: r3.mail.ru
Software: nginx /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
Content-Type: application/json
Referer: https://goo.su/

Response headers

Transfer-Encoding: chunked
Cache-Control: max-age=7200
Timing-Allow-Origin: *
Connection: keep-alive
Access-Control-Allow-Credentials: true
Expires: Tue, 29 Apr 2025 19:53:29 GMT
Access-Control-Allow-Origin: https://goo.su
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSAo PSDo OUR BUS UNI NAV STA INT"
Date: Tue, 29 Apr 2025 17:53:29 GMT
Content-Type: application/octet-stream
Server: nginx

POST
H2 204 ping
pagead2.googlesyndication.com/pagead/ 0
0 342ms
340ms Fetch
text/html 142.250.185.130
GOOGLE

General

Check archive.org

Download Go to

Full URL: https://pagead2.googlesyndication.com/pagead/ping?e=1
Requested by: Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-2221698569877911
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s50-in-f2.1e100.net
Software: /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
Content-Type: text/plain;charset=UTF-8
Referer: https://goo.su/

Response headers

GET
H2 200 zrt_lookup_fy2021.html Show response
pagead2.googlesyndication.com/pagead/html/r20250424/r20190131/ Frame 743E 8 KB
4 KB 1199ms
189ms Document
text/html 142.250.185.130
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/html/r20250424/r20190131/zrt_lookup_fy2021.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202504280101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-2221698569877911&plah=goo.su&bust=31092057

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

4b0ccc890c49cc9c37cde61cb7625ea72b9e8ece196f9db3f92209d43889b3e2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://goo.su/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

age: 60436
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 3852
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 29 Apr 2025 01:06:13 GMT
etag: 13185441664741061369
expires: Tue, 13 May 2025 01:06:13 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
pagead2.googlesyndication.com/pagead/ Frame 791D 76 B
132 B 1460ms
456ms Document
text/html 142.250.185.130
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/ads?client=ca-pub-2221698569877911&output=html&adk=1812271804&adf=3025194257&abgtt=6&lmt=1745949208&plaf=1%3A2%2C2%3A2%2C7%3A2&plat=1%3A128%2C2%3A128%2C3%3A128%2C4%3A128%2C8%3A128%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A32768%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fgoo.su%2FA9GpEB&pra=5&wgl=1&aihb=0&asro=0&aifxl=29_18~30_19&itsi=-1&aiapm=0.15&aiapmi=0.16&aiact=0.7&ailct=0.7&aimart=8&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1745949206803&bpp=3&bdt=3134&idt=1513&shv=r20250424&mjsv=m202504280101&ptt=9&saldr=aa&abxe=1&eoidce=1&nras=1&correlator=5479592947212&frm=20&pv=2&u_tz=180&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=95358863%2C95358865%2C42532524%2C95354564%2C95358975%2C31092057%2C95359114%2C95340252%2C95340254&oid=2&pvsid=2926641664464932&tmod=1846331971&uas=0&nvt=1&fsapi=1&fc=1920&brdim=40%2C40%2C40%2C40%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=33792&bc=31&bz=1&td=1&tdf=2&nt=1&ifi=1&uci=a!1&fsb=1&dtd=1527

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

a6f3c4eb8378e0bd2852618eacf0a02ff8147155da4d5fb765d89989327cd1cc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://goo.su/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 66
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 29 Apr 2025 17:53:29 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
pagead2.googlesyndication.com/pagead/ Frame 1D71 570 B
367 B 1326ms
337ms Document
text/html 142.250.185.130
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/ads?client=ca-pub-2221698569877911&output=html&h=300&slotname=2783776122&adk=2516696982&adf=2813828243&pi=t.ma~as.2783776122&w=300&abgtt=6&lmt=1745949208&format=300x300&url=https%3A%2F%2Fgoo.su%2FA9GpEB&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1745949207317&bpp=1&bdt=3648&idt=1022&shv=r20250424&mjsv=m202504280101&ptt=9&saldr=aa&abxe=1&eoidce=1&prev_fmts=0x0&nras=1&correlator=5479592947212&frm=20&pv=1&u_tz=180&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1848&ady=847&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=95358863%2C95358865%2C42532524%2C95354564%2C95358975%2C31092057%2C95359114%2C95340252%2C95340254&oid=2&pvsid=2926641664464932&tmod=1846331971&uas=0&nvt=1&fc=1920&brdim=40%2C40%2C40%2C40%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7CeoE%7C&abl=CS&pfx=0&fu=1024&bc=31&bz=1&td=1&tdf=2&nt=1&ifi=2&uci=a!2&fsb=1&dtd=1027

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

f1b2f8b0b9812dc474617da6e32292ea1faf96c8603cfb77be61e38b55702bb8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://goo.su/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 301
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 29 Apr 2025 17:53:29 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 common-engine.js Show response
cdn.skcrtxr.com/wrapper/js/ 548 KB
133 KB 168ms
168ms Script
text/javascript 95.181.182.182
EdgeCenterLLC Edg...

General

Check archive.org

Download Go to

Full URL: https://cdn.skcrtxr.com/wrapper/js/common-engine.js?v=s-6e40dd33-55e7-4e29-b521-499daf8aa8e3
Requested by: Host: cdn.skcrtxr.com
URL: https://cdn.skcrtxr.com/roxot-wrapper/js/roxot-manager.js?pid=19e08d82-9ec3-4dda-b15f-01ab2c95e167
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 95.181.182.182 Perm, Russian Federation, ASN210756 (EdgeCenterLLC EdgeCenter LLC, RU),
Reverse DNS
Software: nginx /
Resource Hash: 7921debb14e1af776443c9694c74b96929be5b4a2293810777876829fcf26475

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
Referer: https://goo.su/

Response headers

cache: HIT
cache-control: max-age=31536000, public, s-maxage=31536000
content-encoding: gzip
access-control-allow-origin: *
date: Tue, 29 Apr 2025 17:53:28 GMT
content-type: text/javascript; charset=UTF-8
x-cached-since: 2025-04-28T10:26:23+00:00
server: nginx
x-node: k12-up-gc19

GET
H2 200 aidata.fp.latest.js Show response
x01.aidata.io/lib/ 175 KB
59 KB 829ms
256ms Script
application/javascript 89.108.120.76
AS-REGRU "Domain ...

General

Check archive.org

Download Go to

Full URL: https://x01.aidata.io/lib/aidata.fp.latest.js?pixel=0892394
Requested by: Host: tube.buzzoola.com
URL: https://tube.buzzoola.com//js/lib/buzzoola_ufp.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 89.108.120.76 , Russian Federation, ASN197695 (AS-REGRU "Domain names registrar REG.RU", Ltd, RU),
Reverse DNS: d51804.reg.regrucolo.ru
Software: nginx /
Resource Hash: 986cbbf447b30f65af52c0d22e9e21c758ed6c1f90f01be25695f0462de06db7

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
Referer: https://goo.su/

Response headers

content-encoding: gzip
date: Tue, 29 Apr 2025 17:53:29 GMT
etag: W/"67f3c4d9-2bce2"
content-type: application/javascript
last-modified: Mon, 07 Apr 2025 12:28:09 GMT
server: nginx

GET
H2 200 pixel.js Show response
static.a.mts.ru/id/ 97 KB
33 KB 1050ms
474ms Script
application/javascript 185.65.149.228
HLL-AS HLL LLC

General

Check archive.org

Download Go to

Full URL: https://static.a.mts.ru/id/pixel.js
Requested by: Host: tube.buzzoola.com
URL: https://tube.buzzoola.com//js/lib/buzzoola_ufp.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.65.149.228 , Russian Federation, ASN51115 (HLL-AS HLL LLC, RU),
Reverse DNS
Software: QRATOR /
Resource Hash: d1bd66114d89991f1bde12195de2931aee9c4c9269b385bd31c76cfcbca483f9

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
Referer: https://goo.su/

Response headers

cache-control: max-age=1800
content-encoding: gzip
etag: W/"6810bfaf-1844e"
expires: Tue, 29 Apr 2025 18:23:29 GMT
date: Tue, 29 Apr 2025 17:53:29 GMT
content-type: application/javascript; charset=utf-8
vary: Accept-Encoding
server: QRATOR

GET
H2

204

snp
sync.dmp.otm-r.com/match/
Redirect Chain

https://sync.bumlam.com/?src=otm1&rurl=https%3A%2F%2Fsync.dmp.otm-r.com%2Fmatch%2Fsnp%3Fid%3D%7BUID3%7D&uid=NjgxMTEyMTcwMTAxMDFiZQ%3D%3D
https://sync.bumlam.com/?src=otm1&s_data=CAIQARiZpMTABjIuaHR0cHM6Ly9zeW5jLmRtcC5vdG0tci5jb20vbWF0Y2gvc25wP2lkPXtVSUQzfWIYTmpneE1URXlNVGN3TVRBeE1ERmlaUT09ogEQ25X4mCUiEfC2DAAlkMgkNg**
https://sync.dmp.otm-r.com/match/snp?id=db95f898-2522-11f0-b60c-002590c82436

0
152 B

235ms
235ms

Image
text/plain

194.55.244.177
PROCLOUD KVIKTEL LLC

General

Check archive.org

Download Go to Show image

Full URL: https://sync.dmp.otm-r.com/match/snp?id=db95f898-2522-11f0-b60c-002590c82436
Requested by: Host: goo.su
URL: https://goo.su/A9GpEB
Protocol: H2
Server: 194.55.244.177 Moscow, Russian Federation, ASN34959 (PROCLOUD KVIKTEL LLC, RU),
Reverse DNS
Software: nginx/1.23.2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
Referer: https://goo.su/

Response headers

date: Tue, 29 Apr 2025 17:53:29 GMT
server: nginx/1.23.2
access-control-allow-origin: *

Redirect headers

Cache-Control: no-cache, must-revalidate, post-check=0, pre-check=0, no-cache=Set-Cookie, max-age=0, proxy-revalidate, s-maxage=0
Location: https://sync.dmp.otm-r.com/match/snp?id=db95f898-2522-11f0-b60c-002590c82436
Connection: keep-alive
Content-Length: 0
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Date: Tue, 29 Apr 2025 17:53:29 GMT
Content-Type: text/html; charset=utf-8
Server: nginx

GET

image
sync.upravel.com/
Redirect Chain

https://sync.upravel.com/image?source=otm&id=NjgxMTEyMTcwMTAxMDFiZQ%3D%3D&return_url=https%3A%2F%2Fsync.dmp.otm-r.com%2Fmatch%2Fmgcomm%3Fid%3D%7BUID%7D
https://sync.upravel.com/image?source=otm&id=NjgxMTEyMTcwMTAxMDFiZQ%253D%253D&return_url=https%253A%252F%252Fsync.dmp.otm-r.com%252Fmatch%252Fmgcomm%253Fid%253D%257BUID%257D&session_tpt=eyJoZWFkZXJ...

0
0

GET
H2 200 cs
rtb.moe.video/ 0
177 B 802ms
252ms Image
text/plain 46.148.230.54
SELECTEL JSC Sele...

General

Check archive.org

Download Go to Show image

Full URL

https://rtb.moe.video/cs?d=12&b=NjgxMTEyMTcwMTAxMDFiZQ%3D%3D

Requested by

Host: goo.su
URL: https://goo.su/A9GpEB

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

46.148.230.54 St Petersburg, Russian Federation, ASN49505 (SELECTEL JSC Selectel, RU),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
Referer: https://goo.su/

Response headers

date: Tue, 29 Apr 2025 17:53:29 GMT
strict-transport-security: max-age=15724800; includeSubDomains
content-length: 0

GET
H/1.1

200
OK

i
dmg.digitaltarget.ru/awg/custom/7493/i/
Redirect Chain

https://dmg.digitaltarget.ru/1/7493/i/i?a=656&e=NjgxMTEyMTcwMTAxMDFiZQ%3D%3D&i=123
https://dmg.digitaltarget.ru/awg/custom/7493/i/i?call_source=awg&ts=1745949209918&a=656&e=NjgxMTEyMTcwMTAxMDFiZQ%3D%3D&i=123

49 B
555 B

1457ms
1456ms

Image
image/gif

185.15.175.158
SAFEDATA Data Sto...

General

Check archive.org

Download Go to Show image

Full URL

https://dmg.digitaltarget.ru/awg/custom/7493/i/i?call_source=awg&ts=1745949209918&a=656&e=NjgxMTEyMTcwMTAxMDFiZQ%3D%3D&i=123

Requested by

Host: goo.su
URL: https://goo.su/A9GpEB

Protocol

HTTP/1.1

Server

185.15.175.158 , Russian Federation, ASN43226 (SAFEDATA Data Storage Center JSC, RU),

Reverse DNS

Software

nginx /

Resource Hash

8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
Referer: https://goo.su/

Response headers

Access-Control-Max-Age: 86400
Connection: keep-alive
X-Permitted-Cross-Domain-Policies: master-only
Referrer-Policy: origin-when-cross-origin, strict-origin-when-cross-origin
X-Content-Type-Options: nosniff
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Origin: *
Content-Length: 49
Date: Tue, 29 Apr 2025 17:53:30 GMT
X-XSS-Protection: 1; mode=block
Content-Type: image/gif
Server: nginx
X-Frame-Options: DENY

Redirect headers

Access-Control-Max-Age: 86400
Location: https://dmg.digitaltarget.ru/awg/custom/7493/i/i?call_source=awg&ts=1745949209918&a=656&e=NjgxMTEyMTcwMTAxMDFiZQ%3D%3D&i=123
Connection: keep-alive
X-Permitted-Cross-Domain-Policies: master-only
X-Content-Type-Options: nosniff
Referrer-Policy: origin-when-cross-origin, strict-origin-when-cross-origin
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Origin: *
Content-Length: 0
Date: Tue, 29 Apr 2025 17:53:29 GMT
X-XSS-Protection: 1; mode=block
Server: nginx
X-Frame-Options: DENY

GET

second
vma.mts.ru/match/
Redirect Chain

https://sync.opendsp.ru/match/OTM_bannner?id=NjgxMTEyMTcwMTAxMDFiZQ%3D%3D
https://sync.opendsp.ru/match/OTM_bannner?id=NjgxMTEyMTcwMTAxMDFiZQ%3D%3D&chk=1
https://sm.rtb.mts.ru/p?ssp=tradingdesk&id=NDUyMWFhZTU4NDA5NzJhYQ
https://vma.mts.ru/match/second?ssp=67&exu=NDUyMWFhZTU4NDA5NzJhYQ

0
0

GET
H2 200 p
cs.alfasense.com/ 35 B
536 B 1250ms
270ms Image
image/gif 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Download Go to Show image

Full URL: https://cs.alfasense.com/p?ssp=ot&id=NjgxMTEyMTcwMTAxMDFiZQ%3D%3D
Requested by: Host: goo.su
URL: https://goo.su/A9GpEB
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
Referer: https://goo.su/

Response headers

cache-control: no-store, no-cache, must-revalidate
x-host: 23.111.115.84
cf-cache-status: DYNAMIC
access-control-allow-credentials: true
access-control-allow-methods: GET, HEAD, POST, OPTIONS, PUT, DELETE
cf-ray: 9380a8bfcdafca68-HAM
expires: Thu, 01 Jan 1970 00:00:00 GMT
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 35
date: Tue, 29 Apr 2025 17:53:29 GMT
content-type: image/gif
server: cloudflare
access-control-allow-headers: authorization, Content-Type, Authorization, Origin, X-Requested-With, Accept, Key, Accept-Encoding, DNT

GET
H2 204 match
dm-eu.hybrid.ai/ 0
276 B 651ms
272ms Image
text/plain 37.230.131.21
HYBRID-Poland HYB...

General

Check archive.org

Download Go to Show image

Full URL

https://dm-eu.hybrid.ai/match?id=137&burl=https%3A%2F%2Fsync.dmp.otm-r.com%2Fmatch%2Fhybrid%3Fid%3D%24%7BVID%7D

Requested by

Host: goo.su
URL: https://goo.su/A9GpEB

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

37.230.131.21 Amsterdam, Netherlands, ASN200197 (HYBRID-Poland HYBRID ADTECH SP.Z.O.O., PL),

Reverse DNS

Software

Hybrid Web Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
Referer: https://goo.su/

Response headers

cache-control: no-cache, no-store
pragma: no-cache
access-control-allow-credentials: true
expires: -1
access-control-allow-origin: https://goo.su
p3p: CP="NOI DSP COR CUR ADMa DEVo TAIo PSAo PSDo IVAo IVDo OUR IND COM NAV INT STA OTC"
x-mode: 0559
date: Tue, 29 Apr 2025 17:53:29 GMT
x-xss-protection: 1; mode=block
server: Hybrid Web Server

GET
H2

204

weborama
sync.dmp.otm-r.com/match/
Redirect Chain

https://redirect.frontend.weborama.fr/rd?url=https%3A%2F%2Fsync.dmp.otm-r.com%2Fmatch%2Fweborama%3Fid%3D{WEBO_CID}
https://redirect.frontend.weborama.fr/rd?url=https%3A%2F%2Fsync.dmp.otm-r.com%2Fmatch%2Fweborama%3Fid%3D%7BWEBO_CID%7D&bounce=1&random=1090130564
https://sync.dmp.otm-r.com/match/weborama?id=tD3JelWplRc7x9z3xNTQku

0
152 B

154ms
154ms

Image
text/plain

194.55.244.177
PROCLOUD KVIKTEL LLC

General

Check archive.org

Download Go to Show image

Full URL: https://sync.dmp.otm-r.com/match/weborama?id=tD3JelWplRc7x9z3xNTQku
Requested by: Host: goo.su
URL: https://goo.su/A9GpEB
Protocol: H2
Server: 194.55.244.177 Moscow, Russian Federation, ASN34959 (PROCLOUD KVIKTEL LLC, RU),
Reverse DNS
Software: nginx/1.23.2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
Referer: https://goo.su/

Response headers

date: Tue, 29 Apr 2025 17:53:29 GMT
server: nginx/1.23.2
access-control-allow-origin: *

Redirect headers

cache-control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
location: https://sync.dmp.otm-r.com/match/weborama?id=tD3JelWplRc7x9z3xNTQku
pragma: no-cache
via: 1.1 google
expires: Tue, 03 Jul 2001 06:00:00 GMT
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
p3p: CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
date: Tue, 29 Apr 2025 17:53:28 GMT
last-modified: Tue, 29 Apr 2025 17:53:29 GMT
vary: Origin
server: Weborama Collect Frontend

GET
H2

204

adriver.img
sync.dmp.otm-r.com/match/
Redirect Chain

https://ev.adriver.ru/cgi-bin/rle.cgi?sid=1&ad=608223&bt=21&pid=2551979&bid=5932509&bn=5932509&rnd=1234567890
https://ev.adriver.ru/cgi-bin/rle.cgi?sid=1&ad=608223&bt=21&pid=2551979&bid=5932509&bn=5932509&rnd=1234567890&tuid=-4640852708
https://sync.dmp.otm-r.com/match/adriver.img?id=A8DzFf8C5Sit5ysHbHf5Vbw

0
152 B

162ms
161ms

Image
text/plain

194.55.244.177
PROCLOUD KVIKTEL LLC

General

Check archive.org

Download Go to Show image

Full URL: https://sync.dmp.otm-r.com/match/adriver.img?id=A8DzFf8C5Sit5ysHbHf5Vbw
Requested by: Host: goo.su
URL: https://goo.su/A9GpEB
Protocol: H2
Server: 194.55.244.177 Moscow, Russian Federation, ASN34959 (PROCLOUD KVIKTEL LLC, RU),
Reverse DNS
Software: nginx/1.23.2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
Referer: https://goo.su/

Response headers

date: Tue, 29 Apr 2025 17:53:30 GMT
server: nginx/1.23.2
access-control-allow-origin: *

Redirect headers

Transfer-Encoding: chunked
Cache-control: no-cache, no-cache=Set-Cookie, max-age=0, must-revalidate, proxy-revalidate, no-store
Location: https://sync.dmp.otm-r.com/match/adriver.img?id=A8DzFf8C5Sit5ysHbHf5Vbw
Pragma: no-cache
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:00 GMT
P3P: policyref="//adriver.ru/w3c/p3p.xml", CP="NON DSP COR CURa ADMa DEVa OUR BUS UNI COM NAV INT STA"
Date: Tue, 29 Apr 2025 17:53:29 GMT
Content-Type: text/html

GET
H/1.1

200
OK

cmt
match.ohmy.bid/
Redirect Chain

https://sync.programmatica.com/match/OTM?id=NjgxMTEyMTcwMTAxMDFiZQ%3D%3D
https://sync.programmatica.com/match/OTM?id=NjgxMTEyMTcwMTAxMDFiZQ%3D%3D&chk=1
https://match.ohmy.bid/cm?dsp_id=119&uid=MjViNTkwYmI2MDMzMDZjNQ
https://match.ohmy.bid/cmt?dsp_id=119&uid=MjViNTkwYmI2MDMzMDZjNQ

44 B
294 B

1009ms
1005ms

Image
image/gif

37.0.127.205
NETRACK-AS Start LLC

General

Check archive.org

Download Go to Show image

Full URL: https://match.ohmy.bid/cmt?dsp_id=119&uid=MjViNTkwYmI2MDMzMDZjNQ
Requested by: Host: goo.su
URL: https://goo.su/A9GpEB
Protocol: HTTP/1.1
Server: 37.0.127.205 Moscow, Russian Federation, ASN61400 (NETRACK-AS Start LLC, RU),
Reverse DNS: curse-cognates.hidecenter.com
Software: nginx /
Resource Hash: 82cb517a8f80c91dfcec543c6d140deb3baaf463ea9e77655475096eba7bc7d9

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
Referer: https://goo.su/

Response headers

Content-Encoding: gzip
Connection: keep-alive
Access-Control-Allow-Credentials: true
Content-Length: 58
Bidder: bid-03 1.1890.17e38c5e
Date: Tue, 29 Apr 2025 17:53:30 GMT
Content-Type: image/gif
Server: nginx

Redirect headers

Location: /cmt?dsp_id=119&uid=MjViNTkwYmI2MDMzMDZjNQ
Content-Length: 0
Bidder: bid-09 1.1890.17e38c5e
Date: Tue, 29 Apr 2025 17:53:30 GMT
Server: nginx
Connection: keep-alive
Access-Control-Allow-Credentials: true

GET

i
dmg.digitaltarget.ru/1/7164/i/
Redirect Chain

https://sync.gonet-ads.com/match/OTM?rid=NjgxMTEyMTcwMTAxMDFiZQ%3D%3D
https://sync.gonet-ads.com/match/OTM?rid=NjgxMTEyMTcwMTAxMDFiZQ%3D%3D&chk=1
https://dmg.digitaltarget.ru/1/7164/i/i?a=877&e=MjhhZDdkNjZhM2FhNDM0ZA&i=qb3ey7kpuufj

0
0

GET
H2

204

ohmybids_new
sync.dmp.otm-r.com/match/
Redirect Chain

https://match.ohmy.bid/cm?ssp=otm&redirect_url=https%3A%2F%2Fsync.dmp.otm-r.com%2Fmatch%2Fohmybids_new%3Fid%3D%7Buid%7D
https://sync.dmp.otm-r.com/match/ohmybids_new?id=58515e9b-cdfc-42ad-8794-94ecda66f602

0
152 B

159ms
159ms

Image
text/plain

194.55.244.177
PROCLOUD KVIKTEL LLC

General

Check archive.org

Download Go to Show image

Full URL: https://sync.dmp.otm-r.com/match/ohmybids_new?id=58515e9b-cdfc-42ad-8794-94ecda66f602
Requested by: Host: goo.su
URL: https://goo.su/A9GpEB
Protocol: H2
Server: 194.55.244.177 Moscow, Russian Federation, ASN34959 (PROCLOUD KVIKTEL LLC, RU),
Reverse DNS
Software: nginx/1.23.2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
Referer: https://goo.su/

Response headers

date: Tue, 29 Apr 2025 17:53:30 GMT
server: nginx/1.23.2
access-control-allow-origin: *

Redirect headers

Location: https://sync.dmp.otm-r.com/match/ohmybids_new?id=58515e9b-cdfc-42ad-8794-94ecda66f602
Content-Length: 0
Bidder: bid-12 1.1890.17e38c5e
Date: Tue, 29 Apr 2025 17:53:30 GMT
Server: nginx
Connection: keep-alive
Access-Control-Allow-Credentials: true

GET
H2

204

segmento
sync.dmp.otm-r.com/match/
Redirect Chain

https://videotarget-sync.rutarget.ru/sync
https://sync.dmp.otm-r.com/match/segmento?id=_r1KdKcURkcv

0
152 B

158ms
158ms

Image
text/plain

194.55.244.177
PROCLOUD KVIKTEL LLC

General

Check archive.org

Download Go to Show image

Full URL: https://sync.dmp.otm-r.com/match/segmento?id=_r1KdKcURkcv
Requested by: Host: goo.su
URL: https://goo.su/A9GpEB
Protocol: H2
Server: 194.55.244.177 Moscow, Russian Federation, ASN34959 (PROCLOUD KVIKTEL LLC, RU),
Reverse DNS
Software: nginx/1.23.2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
Referer: https://goo.su/

Response headers

date: Tue, 29 Apr 2025 17:53:30 GMT
server: nginx/1.23.2
access-control-allow-origin: *

Redirect headers

Strict-Transport-Security: max-age=31536000; includeSubDomains
Location: https://sync.dmp.otm-r.com/match/segmento?id=_r1KdKcURkcv
Content-Length: 0
P3P: CP="This is not a P3P policy. Please visit http://rutarget.ru/p3p/ to get more information."
Date: Tue, 29 Apr 2025 17:53:30 GMT
Server: nginx
Connection: close

GET
H2

204

bazzoola
sync.dmp.otm-r.com/match/
Redirect Chain

https://exchange.buzzoola.com/cookiesync/redirect/videotarget?redirect_url=https%3A%2F%2Fsync.dmp.otm-r.com%2Fmatch%2Fbazzoola%3Fid%3D%24%7BUUID%7D
https://sync.dmp.otm-r.com/match/bazzoola?id=55778954-2d6c-4578-4b65-a0f583d3fc3e

0
152 B

168ms
168ms

Image
text/plain

194.55.244.177
PROCLOUD KVIKTEL LLC

General

Check archive.org

Download Go to Show image

Full URL: https://sync.dmp.otm-r.com/match/bazzoola?id=55778954-2d6c-4578-4b65-a0f583d3fc3e
Requested by: Host: goo.su
URL: https://goo.su/A9GpEB
Protocol: H2
Server: 194.55.244.177 Moscow, Russian Federation, ASN34959 (PROCLOUD KVIKTEL LLC, RU),
Reverse DNS
Software: nginx/1.23.2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
Referer: https://goo.su/

Response headers

date: Tue, 29 Apr 2025 17:53:29 GMT
server: nginx/1.23.2
access-control-allow-origin: *

Redirect headers

location: https://sync.dmp.otm-r.com/match/bazzoola?id=55778954-2d6c-4578-4b65-a0f583d3fc3e
content-length: 104
date: Tue, 29 Apr 2025 17:53:29 GMT
content-type: text/html; charset=utf-8
server: nginx
serverid: TODO

GET
H2 200 set
sync.rambler.ru/ 43 B
164 B 679ms
267ms Image
image/gif 46.243.201.48
CLOUDRU-AS "Cloud...

General

Check archive.org

Download Go to Show image

Full URL

https://sync.rambler.ru/set?partner_id=ac24647d-6dd5-45f2-9616-a0eba04cfd13&id=NjgxMTEyMTcwMTAxMDFiZQ%3D%3D

Requested by

Host: goo.su
URL: https://goo.su/A9GpEB

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

46.243.201.48 , Russian Federation, ASN208677 (CLOUDRU-AS "Cloud Technologies" LLC trading as Cloud.ru, RU),

Reverse DNS

Software

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
Referer: https://goo.su/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
x-sca-elb: ext-ingress
content-length: 43
date: Tue, 29 Apr 2025 17:53:30 GMT

GET csync
ads.adlook.me/ 0
0

GET
H2 201 sync
a.utraff.com/ 0
413 B 187ms
187ms Image
text/plain 172.67.74.180
CLOUDFLARENET

General

Check archive.org

Download Go to Show image

Full URL: https://a.utraff.com/sync?dsp=OTM&buyerid=NjgxMTEyMTcwMTAxMDFiZQ%3D%3D
Requested by: Host: goo.su
URL: https://goo.su/A9GpEB
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 172.67.74.180 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
Referer: https://goo.su/

Response headers

access-control-expose-headers: Content-Length,Content-Range
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status: DYNAMIC
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=27HTo3MHtWFRX7zhk5sDCCasXUfuMH%2BR4dGMf67HYJPsrymGUS0p7PX8HbyMRlRlmYIlKL7EQhVIWLcsHpqLGjFAjmJ7asfSVLlWZcPYzMBXrBweTYaYUkinbwQGyw%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 9380a8c15b7feb49-CPH
server-timing: cfL4;desc="?proto=TCP&rtt=62608&min_rtt=42969&rtt_var=40698&sent=12&recv=12&lost=0&retrans=0&sent_bytes=4568&recv_bytes=3956&delivery_rate=90417&cwnd=257&unsent_bytes=0&cid=9ac91a18d3c641a5&ts=620&x=0"
content-length: 0
date: Tue, 29 Apr 2025 17:53:29 GMT
content-type: text/plain
vary: Origin
server: cloudflare
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization

GET
H2

200

NjgxMTEyMTcwMTAxMDFiZQ==
yandex.ru/an/mapuid/otmrtbis/
Redirect Chain

https://an.yandex.ru/mapuid/otmrtbis/NjgxMTEyMTcwMTAxMDFiZQ%3D%3D
https://yandex.ru/an/mapuid/otmrtbis/NjgxMTEyMTcwMTAxMDFiZQ==?redir-setuniq=1

43 B
833 B

213ms
212ms

Image
image/gif

77.88.55.88
YANDEX YANDEX LLC

General

Check archive.org

Download Go to Show image

Full URL

https://yandex.ru/an/mapuid/otmrtbis/NjgxMTEyMTcwMTAxMDFiZQ==?redir-setuniq=1

Requested by

Host: goo.su
URL: https://goo.su/A9GpEB

Protocol

Server

77.88.55.88 , Russian Federation, ASN13238 (YANDEX YANDEX LLC, RU),

Reverse DNS

yandex.ru

Software

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
Referer: https://goo.su/

Response headers

x-yandex-req-id: 1745949211555285-10311715745439858912-balancer-l7leveler-kubr-yp-sas-191-BAL
content-encoding: gzip
report-to: { "group": "network-errors", "max_age": 100, "endpoints": [{"url": "https://dr.yandex.net/nel", "priority": 1}, {"url": "https://dr2.yandex.net/nel", "priority": 2}]}
x-ads-queuetime: 0.069000
x-content-type-options: nosniff
expires: Tue, 29 Apr 2025 17:53:31 GMT
x-ads-loadaverageonarrival: 0.529412
date: Tue, 29 Apr 2025 17:53:31 GMT
content-type: image/gif; charset=utf-8
last-modified: Tue, 29 Apr 2025 17:53:31 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin: *
nel: {"report_to": "network-errors", "max_age": 100, "success_fraction": 0.001, "failure_fraction": 0.1}
accept-ch: Sec-CH-UA-Platform-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Platform, Sec-CH-UA-Full-Version, Viewport-Width, DPR, Device-Memory, RTT, Downlink, ECT, Width
pragma: no-cache
x-ads-degradation: 0.000000
x-ads-loadaverage: 0.470588
x-xss-protection: 1; mode=block

Redirect headers

strict-transport-security: max-age=31536000
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
location: https://yandex.ru/an/mapuid/otmrtbis/NjgxMTEyMTcwMTAxMDFiZQ==?redir-setuniq=1
content-encoding: gzip
timing-allow-origin: *
pragma: no-cache
x-ads-queuetime: 0.046000
x-ads-degradation: 0.000000
expires: Tue, 29 Apr 2025 17:53:30 GMT
x-ads-loadaverage: 0.339286
date: Tue, 29 Apr 2025 17:53:30 GMT
x-ads-loadaverageonarrival: 0.357143
last-modified: Tue, 29 Apr 2025 17:53:30 GMT
x-xss-protection: 1; mode=block

GET
H/1.1 200
OK cm
cmr.bidderstack.com/otm/ 44 B
271 B 526ms
196ms Image
image/gif 185.149.242.236
SELECTEL JSC Sele...

General

Check archive.org

Download Go to Show image

Full URL: https://cmr.bidderstack.com/otm/cm?user_id=NjgxMTEyMTcwMTAxMDFiZQ%3D%3D
Requested by: Host: goo.su
URL: https://goo.su/A9GpEB
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.149.242.236 St Petersburg, Russian Federation, ASN49505 (SELECTEL JSC Selectel, RU),
Reverse DNS
Software: Angie /
Resource Hash: 82cb517a8f80c91dfcec543c6d140deb3baaf463ea9e77655475096eba7bc7d9

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
Referer: https://goo.su/

Response headers

x-from: nrr-1
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
Content-Length: 44
Date: Tue, 29 Apr 2025 17:53:30 GMT
Content-Type: image/gif
Server: Angie

GET

second
vma.mts.ru/match/
Redirect Chain

https://sm.rtb.mts.ru/p?id=NjgxMTEyMTcwMTAxMDFiZQ%3D%3D&ssp=otmvid
https://vma.mts.ru/match/second?ssp=26&exu=NjgxMTEyMTcwMTAxMDFiZQ%3D%3D

0
0

GET
H2

201

sync
a.utraff.com/
Redirect Chain

https://a.utraff.com/sync?ssp=2960&id=NjgxMTEyMTcwMTAxMDFiZQ%3D%3D
https://sync.dmp.otm-r.com/match/umg
https://a.utraff.com/sync?dsp=OTM&buyerid=NjgxMTEyMTcwMTAxMDFiZQ%3D%3D

0
427 B

216ms
212ms

Image
text/plain

172.67.74.180
CLOUDFLARENET

General

Check archive.org

Download Go to Show image

Full URL: https://a.utraff.com/sync?dsp=OTM&buyerid=NjgxMTEyMTcwMTAxMDFiZQ%3D%3D
Requested by: Host: goo.su
URL: https://goo.su/A9GpEB
Protocol: H2
Server: 172.67.74.180 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
Referer: https://goo.su/

Response headers

access-control-expose-headers: Content-Length,Content-Range
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status: DYNAMIC
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ZSqFcRErDOib3jC6GSpQLlALmJcpxzuTyzVyev6HGXr2Uk8IclxzCAPeZlgsAzc0NKwH6kTxL5VFUbxGTMqB1Jw%2F3%2FK9Ca%2F0VT7a9zcxxJvVRwsZHvZulWcPbhWFbg%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 9380a8cc2907eb49-CPH
server-timing: cfL4;desc="?proto=TCP&rtt=96281&min_rtt=42969&rtt_var=78812&sent=16&recv=16&lost=0&retrans=0&sent_bytes=5894&recv_bytes=4236&delivery_rate=90417&cwnd=257&unsent_bytes=0&cid=9ac91a18d3c641a5&ts=2369&x=0"
content-length: 0
date: Tue, 29 Apr 2025 17:53:31 GMT
content-type: text/plain
vary: Origin
server: cloudflare
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization

Redirect headers

access-control-allow-origin: *
location: https://a.utraff.com/sync?dsp=OTM&buyerid=NjgxMTEyMTcwMTAxMDFiZQ%3D%3D
content-length: 97
date: Tue, 29 Apr 2025 17:53:30 GMT
content-type: text/html; charset=utf-8
server: nginx/1.23.2

GET
H/1.1 200
OK cm
match.ohmy.bid/ 44 B
294 B 197ms
172ms Image
image/gif 37.0.127.205
NETRACK-AS Start LLC

General

Check archive.org

Download Go to Show image

Full URL: https://match.ohmy.bid/cm?dsp_id=95&uid=NjgxMTEyMTcwMTAxMDFiZQ%3D%3D
Requested by: Host: goo.su
URL: https://goo.su/A9GpEB
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 37.0.127.205 Moscow, Russian Federation, ASN61400 (NETRACK-AS Start LLC, RU),
Reverse DNS: curse-cognates.hidecenter.com
Software: nginx /
Resource Hash: 82cb517a8f80c91dfcec543c6d140deb3baaf463ea9e77655475096eba7bc7d9

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
Referer: https://goo.su/

Response headers

Content-Encoding: gzip
Connection: keep-alive
Access-Control-Allow-Credentials: true
Content-Length: 58
Bidder: bid-19 1.1890.17e38c5e
Date: Tue, 29 Apr 2025 17:53:30 GMT
Content-Type: image/gif
Server: nginx

GET
H2

204

getintent
sync.dmp.otm-r.com/match/
Redirect Chain

https://px.adhigh.net/p/cm/otm_video
https://px.adhigh.net/p/cm/otm_video?bounced=1
https://sync.dmp.otm-r.com/match/getintent?id=

0
152 B

158ms
155ms

Image
text/plain

194.55.244.177
PROCLOUD KVIKTEL LLC

General

Check archive.org

Download Go to Show image

Full URL: https://sync.dmp.otm-r.com/match/getintent?id=
Requested by: Host: goo.su
URL: https://goo.su/A9GpEB
Protocol: H2
Server: 194.55.244.177 Moscow, Russian Federation, ASN34959 (PROCLOUD KVIKTEL LLC, RU),
Reverse DNS
Software: nginx/1.23.2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
Referer: https://goo.su/

Response headers

date: Tue, 29 Apr 2025 17:53:31 GMT
server: nginx/1.23.2
access-control-allow-origin: *

Redirect headers

x-backend-id: f30-ru
cache-control: no-cache, no-store
location: https://sync.dmp.otm-r.com/match/getintent?id=
pragma: no-cache
access-control-allow-credentials: true
expires: Thu, 01 Jan 1970 00:00:00 GMT
access-control-allow-origin: *
content-length: 0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
date: Tue, 29 Apr 2025 17:53:30 GMT
server: nginx

GET
H2

204

aidata
px.adhigh.net/p/cm/
Redirect Chain

https://x01.aidata.io/0.gif?pid=OTM&id=NjgxMTEyMTcwMTAxMDFiZQ%3D%3D
https://x01.aidata.io/0.gif?pid=OTM&id=NjgxMTEyMTcwMTAxMDFiZQ%3D%3D&bounce=1
https://px.adhigh.net/p/cm/aidata?u=6WPqIGJBSWwlosGQIh3PqQ&back=SYNC

0
77 B

239ms
236ms

Image
text/plain

193.232.150.71
UMA-TECH-AS Limit...

General

Check archive.org

Download Go to Show image

Full URL: https://px.adhigh.net/p/cm/aidata?u=6WPqIGJBSWwlosGQIh3PqQ&back=SYNC
Requested by: Host: goo.su
URL: https://goo.su/A9GpEB
Protocol: H2
Server: 193.232.150.71 , Russian Federation, ASN48061 (UMA-TECH-AS Limited Liability Company GPM Digital Technologies, RU),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
Referer: https://goo.su/

Response headers

x-kick-from-dns: true
date: Tue, 29 Apr 2025 17:53:31 GMT
content-type: text/plain
server: nginx

Redirect headers

cache-control: no-cache, no-store, must-revalidate, post-check=0, pre-check=0
location: https://px.adhigh.net/p/cm/aidata?u=6WPqIGJBSWwlosGQIh3PqQ&back=SYNC
pragma: no-cache
access-control-allow-credentials: true
access-control-allow-methods: GET, POST
expires: Tue, 29 Apr 2025 17:53:29 GMT
content-length: 0
p3p: CP='NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA'
date: Tue, 29 Apr 2025 17:53:30 GMT
last-modified: Tue, 29 Apr 2025 17:53:29 GMT
server: nginx

GET
H2

204

sape_stable
sync.dmp.otm-r.com/match/
Redirect Chain

https://www.acint.net/rmatch?dp=68&euid=NjgxMTEyMTcwMTAxMDFiZQ%3D%3D&r=https%3A%2F%2Fsync.dmp.otm-r.com%2Fmatch%2Fsape_stable%3Fid%3D%24%7BUSER_ID%7D
https://ssp-rtb.sape.ru/rmatch?r=https%3A%2F%2Facint.net%2Frmatch%3Fdp%3D14%26euid%3D$%7BUSER_ID%7D%26r%3Dhttps%253A%252F%252Fsync.dmp.otm-r.com%252Fmatch%252Fsape_stable%253Fid%253D%2524%257BUSER_...
https://acint.net/rmatch?dp=14&euid=4F03420A191211688F04E145024A7219&r=https%3A%2F%2Fsync.dmp.otm-r.com%2Fmatch%2Fsape_stable%3Fid%3D%24%7BUSER_ID%7D
https://sync.dmp.otm-r.com/match/sape_stable?id=0400007F18121168E623EA910235D258

0
152 B

194ms
193ms

Image
text/plain

194.55.244.177
PROCLOUD KVIKTEL LLC

General

Check archive.org

Download Go to Show image

Full URL: https://sync.dmp.otm-r.com/match/sape_stable?id=0400007F18121168E623EA910235D258
Requested by: Host: goo.su
URL: https://goo.su/A9GpEB
Protocol: H2
Server: 194.55.244.177 Moscow, Russian Federation, ASN34959 (PROCLOUD KVIKTEL LLC, RU),
Reverse DNS
Software: nginx/1.23.2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
Referer: https://goo.su/

Response headers

date: Tue, 29 Apr 2025 17:53:29 GMT
server: nginx/1.23.2
access-control-allow-origin: *

Redirect headers

cache-control: private, no-cache, no-store, must-revalidate, max-age=0
location: https://sync.dmp.otm-r.com/match/sape_stable?id=0400007F18121168E623EA910235D258
expires: Wed, 19 Apr 2000 11:43:00 GMT
content-length: 154
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
date: Tue, 29 Apr 2025 17:53:29 GMT
content-type: text/html
server: openresty

GET
H2 200 OTM_direct_piratka_ssp
sync.dsp.solta.io/match/ 43 B
158 B 1257ms
215ms Image
image/gif 217.199.220.72
NETRACK-AS Start LLC

General

Check archive.org

Download Go to Show image

Full URL

https://sync.dsp.solta.io/match/OTM_direct_piratka_ssp?id=NjgxMTEyMTcwMTAxMDFiZQ%3D%3D

Requested by

Host: goo.su
URL: https://goo.su/A9GpEB

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

217.199.220.72 , Russian Federation, ASN61400 (NETRACK-AS Start LLC, RU),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
Referer: https://goo.su/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 43
date: Tue, 29 Apr 2025 17:53:31 GMT
content-type: image/gif
server: nginx

GET

p
sm.rtb.mts.ru/
Redirect Chain

https://kimberlite.io/rtb/sync/otm?u=NjgxMTEyMTcwMTAxMDFiZQ%3D%3D
https://sm.rtb.mts.ru/p?ssp=toptraffic&id=aBESGaEN49Y

0
0

GET
H2 200 OTM_video
sync.opendsp.ru/match/ 43 B
157 B 835ms
835ms Image
image/gif 176.114.85.200
SELECTEL-MSK JSC ...

General

Check archive.org

Download Go to Show image

Full URL

https://sync.opendsp.ru/match/OTM_video?id=NjgxMTEyMTcwMTAxMDFiZQ%3D%3D

Requested by

Host: goo.su
URL: https://goo.su/A9GpEB

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

176.114.85.200 Vancouver, Canada, ASN50340 (SELECTEL-MSK JSC Selectel, RU),

Reverse DNS

Software

nginx /

Resource Hash

a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
Referer: https://goo.su/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 43
date: Tue, 29 Apr 2025 17:53:30 GMT
content-type: image/gif
server: nginx

GET

otm_ex
sync.opendsp.ru/match/
Redirect Chain

https://sync.opendsp.ru/match/otm_ex?id=NjgxMTEyMTcwMTAxMDFiZQ%3D%3D
https://sync.dmp.otm-r.com/match/open_ssp?id=NDUyMWFhZTU4NDA5NzJhYQ
https://sync.opendsp.ru/match/otm_ex?id=NjgxMTEyMTcwMTAxMDFiZQ%3D%3D

0
0

GET otmrtb-sync
rtb.com.ru/ 0
0

GET /
rtb.dynotech.io/otm/sync/ 0
0

GET sync
a.atraffic.ru/ 0
0

GET

astralab
sync.dmp.otm-r.com/match/
Redirect Chain

https://ssp.al-adtech.com/api/sync/otm
https://sync.dmp.otm-r.com/match/astralab?id=08f9b0bb-3670-4f20-b2b1-92bd5b24f395

0
0

GET p
s.suprion.ru/ 0
0

GET cm
sp.ohmy.bid/ 0
0

GET p
7498794744558977470-otm.ops.beeline.ru/ 0
0

GET stable
sync.otm-r.com/match/ 0
0

GET sync
a.adspector.io/ 0
0

GET otm_wl
sync.opendsp.ru/match/ 0
0

GET /
an.yandex.ru/mapuid/videonowssp/ 0
0

GET sync
a.adspector.io/ 0
0

GET sync
a.utraff.com/ 0
0

GET p
cs.agency2.ru/ 0
0

GET match
ads.betweendigital.com/ 0
0

GET rd
redirect-frontend.weborama-tech.ru/ 0
0

GET userbind
match.new-programmatic.com/ 0
0

GET p
cs.agency2.ru/ 0
0

GET sync
a.lotus-dsp.ru/ 0
0

GET
H2 200 /
www.acint.net/oci/ 43 B
224 B 186ms
186ms Image
image/gif 142.132.138.214
HETZNER-AS Hetzne...

General

Check archive.org

Download Go to Show image

Full URL: https://www.acint.net/oci/?v=0.7.1&uid=f36de6ed-edc7-4e77-af44-89cf42071c28&dp=14&tz=%2B03%3A00&nc=061834&oid=7530b1c8e208329f7fca104a98a93a40
Requested by: Host: goo.su
URL: https://goo.su/A9GpEB
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 142.132.138.214 Falkenstein, Germany, ASN24940 (HETZNER-AS Hetzner Online GmbH, DE),
Reverse DNS: static.214.138.132.142.clients.your-server.de
Software: openresty /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
Referer: https://goo.su/

Response headers

expires: Wed, 19 Apr 2000 11:43:00 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-length: 43
date: Tue, 29 Apr 2025 17:53:28 GMT
content-type: image/gif
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: openresty

OPTIONS
H2 200 getcookie
matchid.adfox.yandex.ru/ Frame 0
0 1118ms
269ms Preflight 93.158.134.118
YANDEX YANDEX LLC

General

Check archive.org

Download Go to

Full URL

https://matchid.adfox.yandex.ru/getcookie

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

93.158.134.118 , Russian Federation, ASN13238 (YANDEX YANDEX LLC, RU),

Reverse DNS

matchid-production.adfox.yandex.ru

Software

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://goo.su
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

access-control-allow-credentials: true
access-control-allow-headers: accept, accept-encoding, accept-language, cache-control, content-type, dnt, origin, x-requested-with
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://goo.su
content-length: 0
date: Tue, 29 Apr 2025 17:53:29 GMT
timing-allow-origin: *
x-content-type-options: nosniff

POST
H2 200 getcookie Show response
matchid.adfox.yandex.ru/ 68 B
248 B 867ms
194ms XHR
application/json 93.158.134.118
YANDEX YANDEX LLC

General

Check archive.org

Download Go to

Full URL

https://matchid.adfox.yandex.ru/getcookie

Requested by

Host: yandex.ru
URL: https://yandex.ru/ads/system/header-bidding.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

93.158.134.118 , Russian Federation, ASN13238 (YANDEX YANDEX LLC, RU),

Reverse DNS

matchid-production.adfox.yandex.ru

Software

Resource Hash

dcc6ad64155f63a925962d32333776b8428a5891ecedcc37d9b1ae2b33fa439c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
Content-Type: application/json
Referer: https://goo.su/

Response headers

access-control-allow-origin: https://goo.su
timing-allow-origin: *
content-length: 68
date: Tue, 29 Apr 2025 17:53:30 GMT
content-type: application/json
access-control-allow-credentials: true
x-content-type-options: nosniff

GET fb859f5e781ebbbb4ca9.js
yastatic.net/partner-code-bundles/1261120/ 0
0

GET 3de91f503cce2d1a0b03.js
yastatic.net/partner-code-bundles/1261120/ 0
0

POST
H2

200

yandex_hb Show response
px.adhigh.net/rtb/
Redirect Chain

https://px.adhigh.net/rtb/yandex_hb
https://px.adhigh.net/rtb/yandex_hb?bounced=1

11 B
311 B

198ms
197ms

XHR
application/json

193.232.150.71
UMA-TECH-AS Limit...

General

Check archive.org

Download Go to

Full URL: https://px.adhigh.net/rtb/yandex_hb?bounced=1
Requested by: Host: goo.su
URL: https://goo.su/A9GpEB
Protocol: H2
Server: 193.232.150.71 , Russian Federation, ASN48061 (UMA-TECH-AS Limited Liability Company GPM Digital Technologies, RU),
Reverse DNS
Software: nginx /
Resource Hash: 846949c5a40e3ffbb702473e54dfac0646541aa624a844369b6e24e51ddaf96b

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
Referer: https://goo.su/

Response headers

x-backend-id: f30-ru
cache-control: no-cache, no-store
pragma: no-cache
access-control-allow-credentials: true
expires: Thu, 01 Jan 1970 00:00:00 GMT
access-control-allow-origin: https://goo.su
content-length: 11
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
date: Tue, 29 Apr 2025 17:53:29 GMT
content-type: application/json;charset=utf-8
server: nginx

Redirect headers

x-backend-id: f30-ru
cache-control: no-cache, no-store
location: https://px.adhigh.net/rtb/yandex_hb?bounced=1
pragma: no-cache
access-control-allow-credentials: true
expires: Thu, 01 Jan 1970 00:00:00 GMT
access-control-allow-origin: https://goo.su
content-length: 0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
date: Tue, 29 Apr 2025 17:53:29 GMT
server: nginx

POST auction
pbs.alfasense.com/yandex/ 0
0

POST
H2

200

adfox Show response
exchange.buzzoola.com/ssp/
Redirect Chain

https://exchange.buzzoola.com/ssp/adfox
https://exchange.buzzoola.com/ssp/adfox?set_buzzoola_cookie=t

11 B
500 B

263ms
262ms

XHR
text/plain

45.138.161.80
SELECTEL-MSK JSC ...

General

Check archive.org

Download Go to

Full URL: https://exchange.buzzoola.com/ssp/adfox?set_buzzoola_cookie=t
Requested by: Host: goo.su
URL: https://goo.su/A9GpEB
Protocol: H2
Server: 45.138.161.80 Moscow, Russian Federation, ASN50340 (SELECTEL-MSK JSC Selectel, RU),
Reverse DNS
Software: nginx /
Resource Hash: 846949c5a40e3ffbb702473e54dfac0646541aa624a844369b6e24e51ddaf96b

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
Referer: https://goo.su/

Response headers

serverid: TODO
access-control-expose-headers: Set-Cookie, Etag
access-control-allow-credentials: true
access-control-allow-origin: https://goo.su
content-length: 11
date: Tue, 29 Apr 2025 17:53:29 GMT
content-type: text/plain; charset=utf-8
server: nginx
access-control-allow-headers: Set-Cookie, X-Alt-Referer, X-First-Party-Cookie, X-Aidata-FP, If-None-Match

Redirect headers

serverid: TODO
access-control-expose-headers: Set-Cookie, Etag
location: /ssp/adfox?set_buzzoola_cookie=t
access-control-allow-credentials: true
access-control-allow-origin: https://goo.su
content-length: 0
date: Tue, 29 Apr 2025 17:53:29 GMT
server: nginx
access-control-allow-headers: Set-Cookie, X-Alt-Referer, X-First-Party-Cookie, X-Aidata-FP, If-None-Match

POST
H2 200 pl999 Show response
ssp.bidvol.com/rtb/ 11 B
486 B 693ms
326ms XHR
application/json 65.109.65.188
HETZNER-AS Hetzne...

General

Check archive.org

Download Go to

Full URL: https://ssp.bidvol.com/rtb/pl999
Requested by: Host: yandex.ru
URL: https://yandex.ru/ads/system/header-bidding.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.109.65.188 Helsinki, Finland, ASN24940 (HETZNER-AS Hetzner Online GmbH, DE),
Reverse DNS: static.188.65.109.65.clients.your-server.de
Software: nginx/1.24.0 (Ubuntu) /
Resource Hash: 846949c5a40e3ffbb702473e54dfac0646541aa624a844369b6e24e51ddaf96b

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
Content-Type: text/plain
Referer: https://goo.su/

Response headers

surrogate-control: no-store
x-request-id: cc9c476a-19b5-4b15-8e2d-f7e733bf60cb
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
pragma: no-cache
access-control-allow-credentials: true
expires: 0
access-control-allow-origin: https://goo.su
content-length: 11
date: Tue, 29 Apr 2025 17:53:29 GMT
content-type: application/json; charset=utf-8
server: nginx/1.24.0 (Ubuntu)

POST
H2 200 yhb Show response
yhb.p.otm-r.com/ 11 B
246 B 1205ms
490ms XHR
text/plain 194.55.244.189
PROCLOUD KVIKTEL LLC

General

Check archive.org

Download Go to

Full URL: https://yhb.p.otm-r.com/yhb
Requested by: Host: yandex.ru
URL: https://yandex.ru/ads/system/header-bidding.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 194.55.244.189 Moscow, Russian Federation, ASN34959 (PROCLOUD KVIKTEL LLC, RU),
Reverse DNS
Software: nginx/1.23.4 /
Resource Hash: 846949c5a40e3ffbb702473e54dfac0646541aa624a844369b6e24e51ddaf96b

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
Content-Type: text/plain
Referer: https://goo.su/

Response headers

access-control-allow-origin: https://goo.su
content-length: 11
date: Tue, 29 Apr 2025 17:53:29 GMT
content-type: text/plain; charset=utf-8
vary: Origin
server: nginx/1.23.4
access-control-allow-credentials: true

POST
H2 200 adjson Show response
ads.betweendigital.com/ 11 B
674 B 841ms
287ms XHR
application/json 172.240.127.128
SERVERS-COM

General

Check archive.org

Download Go to

Full URL: https://ads.betweendigital.com/adjson?t=adfox
Requested by: Host: yandex.ru
URL: https://yandex.ru/ads/system/header-bidding.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 172.240.127.128 , United States, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: /
Resource Hash: 846949c5a40e3ffbb702473e54dfac0646541aa624a844369b6e24e51ddaf96b

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
Content-Type: text/plain
Referer: https://goo.su/

Response headers

cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-origin: https://goo.su
content-encoding: gzip
content-type: application/json
vary: Accept-Encoding
access-control-allow-credentials: true

POST
H/1.1 200
OK adfox Show response
kimberlite.io/rtb/bid/hb/ 11 B
395 B 934ms
315ms XHR
application/json 37.0.127.91
NETRACK-AS Start LLC

General

Check archive.org

Download Go to

Full URL: https://kimberlite.io/rtb/bid/hb/adfox
Requested by: Host: yandex.ru
URL: https://yandex.ru/ads/system/header-bidding.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 37.0.127.91 Moscow, Russian Federation, ASN61400 (NETRACK-AS Start LLC, RU),
Reverse DNS
Software: nginx /
Resource Hash: 846949c5a40e3ffbb702473e54dfac0646541aa624a844369b6e24e51ddaf96b

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
Content-Type: text/plain
Referer: https://goo.su/

Response headers

Connection: keep-alive
access-control-allow-credentials: true
access-control-allow-origin: https://goo.su
server-timing: app;srv=s11;dur=0.0076
Content-Length: 11
Date: Tue, 29 Apr 2025 17:53:29 GMT
Content-Type: application/json
Server: nginx

POST
H/1.1 200
OK bids Show response
ssp.al-adtech.com/api/adfox/ 11 B
264 B 790ms
304ms XHR
application/json 45.139.25.121
PROCLOUD KVIKTEL LLC

General

Check archive.org

Download Go to

Full URL: https://ssp.al-adtech.com/api/adfox/bids
Requested by: Host: yandex.ru
URL: https://yandex.ru/ads/system/header-bidding.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 45.139.25.121 Moscow, Russian Federation, ASN34959 (PROCLOUD KVIKTEL LLC, RU),
Reverse DNS
Software: nginx/1.20.1 /
Resource Hash: 846949c5a40e3ffbb702473e54dfac0646541aa624a844369b6e24e51ddaf96b

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
Content-Type: text/plain
Referer: https://goo.su/

Response headers

Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://goo.su
Content-Length: 11
Date: Tue, 29 Apr 2025 17:53:29 GMT
Content-Type: application/json
Vary: Origin
Server: nginx/1.20.1

POST
H2 200 adfoxhb Show response
ssp-rtb.sape.ru/ 11 B
409 B 611ms
237ms XHR
application/json 193.3.184.216
QWARTA QWARTA LLC

General

Check archive.org

Download Go to

Full URL: https://ssp-rtb.sape.ru/adfoxhb
Requested by: Host: yandex.ru
URL: https://yandex.ru/ads/system/header-bidding.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 193.3.184.216 , Russian Federation, ASN50214 (QWARTA QWARTA LLC, RU),
Reverse DNS
Software: openresty /
Resource Hash: 846949c5a40e3ffbb702473e54dfac0646541aa624a844369b6e24e51ddaf96b

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
Content-Type: text/plain
Referer: https://goo.su/

Response headers

x-yarequestid: 06411de46d9d4a42aa050c9a09b384d4
x-yaspanid: 78eba8ff5bc64d6d
access-control-allow-credentials: true
access-control-allow-methods: POST
access-control-allow-origin: https://goo.su
content-length: 11
accept-encoding: gzip, identity
date: Tue, 29 Apr 2025 17:53:29 GMT
x-yatraceid: 38db4912e74641629c7ceac1ed9e7768
content-type: application/json
server: openresty

POST
H2 200 bidder Show response
hb-bidder.skcrtxr.com/ 11 B
154 B 693ms
271ms XHR
application/json 158.160.40.8
YandexCloud Yande...

General

Check archive.org

Download Go to

Full URL: https://hb-bidder.skcrtxr.com/bidder
Requested by: Host: yandex.ru
URL: https://yandex.ru/ads/system/header-bidding.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 158.160.40.8 Moscow, Russian Federation, ASN200350 (YandexCloud Yandex.Cloud LLC, RU),
Reverse DNS
Software: ycalb /
Resource Hash: 846949c5a40e3ffbb702473e54dfac0646541aa624a844369b6e24e51ddaf96b

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
Content-Type: text/plain
Referer: https://goo.su/

Response headers

access-control-allow-origin: https://goo.su
content-length: 11
date: Tue, 29 Apr 2025 17:53:29 GMT
content-type: application/json
server: ycalb
access-control-allow-credentials: true
access-control-allow-headers: *

POST
H/1.1 200
OK bid Show response
otclick-adv.ru/core/rtb/hb/ 11 B
715 B 901ms
206ms XHR
application/json 139.45.228.135
RETNRU-AS JSC "Re...

General

Check archive.org

Download Go to

Full URL: https://otclick-adv.ru/core/rtb/hb/bid
Requested by: Host: yandex.ru
URL: https://yandex.ru/ads/system/header-bidding.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 139.45.228.135 , Russian Federation, ASN57304 (RETNRU-AS JSC "RetnNet", RU),
Reverse DNS: serv6.otclick.ru
Software: nginx /
Resource Hash: 846949c5a40e3ffbb702473e54dfac0646541aa624a844369b6e24e51ddaf96b

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
Content-Type: text/plain
Referer: https://goo.su/

Response headers

Cache-Control: no-cache, max-age=0, must-revalidate, no-store
Pragma: no-cache
Connection: keep-alive
Access-Control-Allow-Credentials: true
Expires: Thursday, 01-Jan-1970 00:00:00 GMT
Access-Control-Allow-Origin: https://goo.su
Content-Length: 11
P3P: policyref=/w3c/p3p.xml, CP=NON CUR ADM DEV PSA PSD OUR IND UNI NAV INT STA
Date: Tue, 29 Apr 2025 17:53:29 GMT
Content-Type: application/json
Server: nginx

POST
H2 200 yandex Show response
a.utraff.com/ 12 B
1 KB 978ms
283ms XHR
application/json 172.67.74.180
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL: https://a.utraff.com/yandex
Requested by: Host: yandex.ru
URL: https://yandex.ru/ads/system/header-bidding.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 172.67.74.180 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7b5f5ee7f72d94f9694569fd0b2c064e317c41949575486100562d8ea0610787

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
Content-Type: text/plain
Referer: https://goo.su/

Response headers

access-control-expose-headers: Content-Length,Content-Range
content-encoding: gzip
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=qM2pZcXrgYMtoYWjMiyXnduWqQTRBtjJMNPMcdgpF8FeycIJ6H3nZuWSQ%2BlGW%2F3K2cI4An16uNiLsyrLDCnsnUtjEFAkQCVQwYaa6Z8bayM07GTXnncas30sA4h%2Bzw%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods: GET, POST, OPTIONS
server-timing: cfL4;desc="?proto=TCP&rtt=44471&min_rtt=42969&rtt_var=14872&sent=7&recv=7&lost=0&retrans=0&sent_bytes=3365&recv_bytes=3679&delivery_rate=90417&cwnd=254&unsent_bytes=0&cid=9ac91a18d3c641a5&ts=306&x=0"
date: Tue, 29 Apr 2025 17:53:29 GMT
content-type: application/json
vary: Origin, accept-encoding
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
access-control-allow-credentials: true
cf-ray: 9380a8beba43eb49-CPH
access-control-allow-origin: https://goo.su
content-length: 32
server: cloudflare

POST
H/1.1 200
OK / Show response
hb.bumlam.com/yandex/ 11 B
268 B 762ms
297ms XHR
application/json 31.172.81.172
DE-FIRSTCOLO firs...

General

Check archive.org

Download Go to

Full URL: https://hb.bumlam.com/yandex/
Requested by: Host: yandex.ru
URL: https://yandex.ru/ads/system/header-bidding.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 31.172.81.172 , Germany, ASN44066 (DE-FIRSTCOLO firstcolo GmbH, DE),
Reverse DNS
Software: nginx /
Resource Hash: 846949c5a40e3ffbb702473e54dfac0646541aa624a844369b6e24e51ddaf96b

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
Content-Type: text/plain
Referer: https://goo.su/

Response headers

Connection: keep-alive
Access-Control-Allow-Credentials: true
X-SSP: 1
Access-Control-Allow-Origin: https://goo.su
Content-Length: 11
Date: Tue, 29 Apr 2025 17:53:29 GMT
Content-Type: application/json; charset=utf-8
Server: nginx

POST /
ad.mail.ru/hbid_yandex/ 0
0

POST adfoxhb
ssp.hybrid.ai/ 0
0

POST
H/1.1 204
No Content bid.cgi Show response
pb.adriver.ru/cgi-bin/ 0
294 B 547ms
177ms XHR
text/plain 195.209.109.25
ADRIVER LLC AdRiver

General

Check archive.org

Download Go to

Full URL: https://pb.adriver.ru/cgi-bin/bid.cgi
Requested by: Host: yandex.ru
URL: https://yandex.ru/ads/system/header-bidding.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 195.209.109.25 , Russian Federation, ASN52007 (ADRIVER LLC AdRiver, RU),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
Content-Type: text/plain
Referer: https://goo.su/

Response headers

Expires: Thu, 01 Jan 1970 00:00:00 GMT
Cache-control: no-cache, max-age=0, must-revalidate, no-store
Access-Control-Allow-Origin: https://goo.su
Date: Tue, 29 Apr 2025 17:53:29 GMT
Pragma: no-cache
Connection: keep-alive
Access-Control-Allow-Credentials: true

GET sspmatch
ads.betweendigital.com/ 0
0

GET syncd
kimberlite.io/rtb/ 0
0

GET /
acint.net/cmatch/ 0
0

GET
H2 200 dynamic.js Show response
cdn.skcrtxr.com/wrapper-builder/19e08d82-9ec3-4dda-b15f-01ab2c95e167/ 0
88 B 155ms
154ms Script
text/javascript 95.181.182.182
EdgeCenterLLC Edg...

General

Check archive.org

Download Go to

Full URL: https://cdn.skcrtxr.com/wrapper-builder/19e08d82-9ec3-4dda-b15f-01ab2c95e167/dynamic.js?host=goo.su&v=d-1745932738__s-6e40dd33-55e7-4e29-b521-499daf8aa8e3
Requested by: Host: cdn.skcrtxr.com
URL: https://cdn.skcrtxr.com/wrapper/js/common-engine.js?v=s-6e40dd33-55e7-4e29-b521-499daf8aa8e3
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 95.181.182.182 Perm, Russian Federation, ASN210756 (EdgeCenterLLC EdgeCenter LLC, RU),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
Referer: https://goo.su/

Response headers

cache: HIT
cache-control: max-age=31536000, public, s-maxage=31536000
content-encoding: gzip
access-control-allow-origin: *
date: Tue, 29 Apr 2025 17:53:28 GMT
content-type: text/javascript; charset=UTF-8
x-cached-since: 2025-04-29T13:29:22+00:00
server: nginx
x-node: k12-up-gc4

GET sync
skcrtxr.com/user-sync-api/ 0
0

GET
H2 200 text-variable-full.woff2
yastatic.net/s3/home/fonts/ys/3/ 25 KB
26 KB 913ms
235ms Font
font/woff2 37.9.64.225
YANDEX YANDEX LLC

General

Check archive.org

Download Go to

Full URL

https://yastatic.net/s3/home/fonts/ys/3/text-variable-full.woff2

Requested by

Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

37.9.64.225 , Russian Federation, ASN13238 (YANDEX YANDEX LLC, RU),

Reverse DNS

cloud.cdn.yandex.net

Software

nginx /

Resource Hash

033696b7f1ac04d1dcc102be84550e146236ceffc25a6cabc12aa51a6ee410b9

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
Origin: https://goo.su
Referer: https://goo.su/

Response headers

x-request-id: 652e13d5baa732b2
etag: "7f0cdaf91230f9789ca4162aedff612e"
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
expires: Wed, 29 Apr 2026 23:41:01 GMT
date: Tue, 29 Apr 2025 17:53:29 GMT
content-type: font/woff2
last-modified: Mon, 25 Apr 2022 14:02:39 GMT
vary: Accept-Encoding
cache-host: cloudcdn-kiv-01.cdn.yandex.net
strict-transport-security: max-age=43200000; includeSubDomains;
cache-control: public, max-age=31556952
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
timing-allow-origin: *
x-amz-meta-owner: {"role":"admin","login":"4eb0da"}
x-nginx-request-id: 1f4b28e323fe29be
accept-ranges: bytes
access-control-allow-origin: *
content-length: 26004
x-strm-log-split: 7
cache-status: HIT
server: nginx

GET 983709258e465c90629c.js
yastatic.net/partner-code-bundles/1261120/ 0
0

GET 07f457e853e80deff7a2.js
yastatic.net/partner-code-bundles/1261120/ 0
0

GET 00c1d131784cd19b6eab.js
yastatic.net/partner-code-bundles/1261120/ 0
0

GET host.js
yastatic.net/safeframe-bundles/0.83/ 0
0

GET ef2ee03643aa17407d60.js
yastatic.net/partner-code-bundles/1261120/ 0
0

POST 1
mc.yandex.com/watch/99705705/ 0
0

OPTIONS
H2 200 sync
skcrtxr.com/user-sync-api/ Frame 0
0 696ms
323ms Preflight
application/json 51.250.75.211
YandexCloud Yande...

General

Check archive.org

Download Go to

Full URL: https://skcrtxr.com/user-sync-api/sync
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 51.250.75.211 , Russian Federation, ASN200350 (YandexCloud Yandex.Cloud LLC, RU),
Reverse DNS
Software: ycalb /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: x-xsrf-token
Access-Control-Request-Method: GET
Origin: https://goo.su
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

access-control-allow-credentials: true
access-control-allow-headers: *
access-control-allow-methods: GET, OPTIONS
access-control-allow-origin: https://goo.su
cache-control: max-age=600, public, s-maxage=600
content-encoding: gzip
content-type: application/json
date: Tue, 29 Apr 2025 17:53:29 GMT
server: ycalb

GET

match
ads.betweendigital.com/ Frame F229
Redirect Chain

https://ssp-rtb.sape.ru/rmatch/?r=https%3A%2F%2Facint.net%2Frmatch%3Fdp%3D14%26euid%3D%24%7BUSER_ID%7D%26r%3Dhttps%253A%252F%252Fmc.acint.net%252Fcmatch%253Fdp%253D14
https://acint.net/rmatch?dp=14&euid=5103420A191211687604D41C0261444D&r=https%3A%2F%2Fmc.acint.net%2Fcmatch%3Fdp%3D14
https://mc.acint.net/cmatch?dp=14
https://ads.betweendigital.com/match?bidder_id=73&external_user_id=0400007F18121168E623EA910235D258
https://ads.betweendigital.com/match?bidder_id=73&external_user_id=0400007F18121168E623EA910235D258&crf=1&rts=-1608260238501257777

0
0

GET
H2

200

sape
px.adhigh.net/p/cm/ Frame F229
Redirect Chain

https://px.adhigh.net/p/cm/sape?u=0400007F18121168E623EA910235D258
https://px.adhigh.net/p/cm/sape?u=0400007F18121168E623EA910235D258&bounced=1

49 B
325 B

320ms
320ms

Image
image/gif

193.232.148.144
UMA-TECH-AS Limit...

General

Check archive.org

Download Go to Show image

Full URL: https://px.adhigh.net/p/cm/sape?u=0400007F18121168E623EA910235D258&bounced=1
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=14&tc=1&pi=1753819
Protocol: H2
Server: 193.232.148.144 , Russian Federation, ASN48061 (UMA-TECH-AS Limited Liability Company GPM Digital Technologies, RU),
Reverse DNS: smtp5.sender.ltmse.com
Software: nginx /
Resource Hash: d0409a1b73dab4e29dc40f92fb431fa9133baa23b4a1ffae4897f39068110e32

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
Referer: https://www.acint.net/

Response headers

x-backend-id: f5-ru
cache-control: no-cache, no-store
pragma: no-cache
access-control-allow-credentials: true
expires: Thu, 01 Jan 1970 00:00:00 GMT
access-control-allow-origin: *
content-length: 49
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
date: Tue, 29 Apr 2025 17:53:30 GMT
content-type: image/gif
server: nginx

Redirect headers

x-backend-id: f5-ru
cache-control: no-cache, no-store
location: https://px.adhigh.net/p/cm/sape?u=0400007F18121168E623EA910235D258&bounced=1
pragma: no-cache
access-control-allow-credentials: true
expires: Thu, 01 Jan 1970 00:00:00 GMT
access-control-allow-origin: *
content-length: 0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
date: Tue, 29 Apr 2025 17:53:29 GMT
server: nginx

GET
H/1.1

200
OK

sync.cgi
ssp.adriver.ru/cgi-bin/ Frame F229
Redirect Chain

https://ev.adriver.ru/cgi-bin/rle.cgi?sid=1&ad=608223&bt=21&pid=2551979&bid=6438691
https://ev.adriver.ru/cgi-bin/rle.cgi?sid=1&ad=608223&bt=21&pid=2551979&bid=6438691&tuid=-5586623531
https://www.acint.net/rmatch?dp=45&euid=AiBXztBz_4mYDWYnwNBg2zA&r=https%3A%2F%2Fssp.adriver.ru%2Fcgi-bin%2Fsync.cgi%3Fssp_id%3D43%26external_id%3D%24%7BUSER_ID%7D
https://ssp.adriver.ru/cgi-bin/sync.cgi?ssp_id=43&external_id=0400007F18121168E623EA910235D258

42 B
201 B

162ms
162ms

Image
image/gif

195.209.109.18
ADRIVER LLC AdRiver

General

Check archive.org

Download Go to Show image

Full URL: https://ssp.adriver.ru/cgi-bin/sync.cgi?ssp_id=43&external_id=0400007F18121168E623EA910235D258
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=14&tc=1&pi=1753819
Protocol: HTTP/1.1
Server: 195.209.109.18 , Russian Federation, ASN52007 (ADRIVER LLC AdRiver, RU),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
Referer: https://www.acint.net/

Response headers

Transfer-Encoding: chunked
Date: Tue, 29 Apr 2025 17:53:30 GMT
Content-Type: image/gif
Server: nginx
Connection: keep-alive

Redirect headers

cache-control: private, no-cache, no-store, must-revalidate, max-age=0
location: https://ssp.adriver.ru/cgi-bin/sync.cgi?ssp_id=43&external_id=0400007F18121168E623EA910235D258
expires: Wed, 19 Apr 2000 11:43:00 GMT
content-length: 154
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
date: Tue, 29 Apr 2025 17:53:30 GMT
content-type: text/html
server: openresty

GET
H2 204 sync
a.utraff.com/ Frame F229 0
899 B 924ms
278ms Image
text/plain 172.67.74.180
CLOUDFLARENET

General

Check archive.org

Download Go to Show image

Full URL: https://a.utraff.com/sync?ssp=8&id=0400007F18121168E623EA910235D258
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=14&tc=1&pi=1753819
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 172.67.74.180 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
Referer: https://www.acint.net/

Response headers

access-control-expose-headers: Content-Length,Content-Range
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status: DYNAMIC
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=YKNQPsSml%2Bcl353ZuajAzhT3jLT3EU3C43bN%2BJDUEzfRALS3lg09jl0Cg%2B7%2Br26BHsoraqwZcHNsUZoLfxhWFReAe4ANtqujNJJiudAbY97vEUpczEfQSJc8r1z4ag%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 9380a8c2af2babc6-CPH
server-timing: cfL4;desc="?proto=TCP&rtt=47300&min_rtt=45823&rtt_var=15163&sent=7&recv=7&lost=0&retrans=0&sent_bytes=3394&recv_bytes=2371&delivery_rate=74087&cwnd=254&unsent_bytes=0&cid=58b4eeb9b7864851&ts=292&x=0"
content-length: 0
date: Tue, 29 Apr 2025 17:53:30 GMT
content-type: text/plain
vary: Origin
server: cloudflare
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization

GET
H2 204 match
dm-eu.hybrid.ai/ Frame F229 0
282 B 622ms
235ms Image
text/plain 37.230.131.16
HYBRID-Poland HYB...

General

Check archive.org

Download Go to Show image

Full URL

https://dm-eu.hybrid.ai/match?id=106&vid=0400007F18121168E623EA910235D258

Requested by

Host: www.acint.net
URL: https://www.acint.net/mc/?dp=14&tc=1&pi=1753819

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

37.230.131.16 Amsterdam, Netherlands, ASN200197 (HYBRID-Poland HYBRID ADTECH SP.Z.O.O., PL),

Reverse DNS

Software

Hybrid Web Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
Referer: https://www.acint.net/

Response headers

cache-control: no-cache, no-store
pragma: no-cache
access-control-allow-credentials: true
expires: -1
access-control-allow-origin: https://www.acint.net
p3p: CP="NOI DSP COR CUR ADMa DEVo TAIo PSAo PSDo IVAo IVDo OUR IND COM NAV INT STA OTC"
x-mode: 0562
date: Tue, 29 Apr 2025 17:53:13 GMT
x-xss-protection: 1; mode=block
server: Hybrid Web Server

GET
H/1.1 200
OK adcm.js Show response
tag.digitaltarget.ru/ Frame F229 53 KB
53 KB 741ms
339ms Script
application/javascript 185.15.175.134
SAFEDATA Data Sto...

General

Check archive.org

Download Go to

Full URL: https://tag.digitaltarget.ru/adcm.js
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=14&tc=1&pi=1753819
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.15.175.134 , Russian Federation, ASN43226 (SAFEDATA Data Storage Center JSC, RU),
Reverse DNS
Software: nginx /
Resource Hash: 157c63e138ba230414b7e3e400fedf93ca23ef1f1dec7dd35b9a21f9129a5aa9

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
Referer: https://www.acint.net/

Response headers

ETag: "68110da0-d3a7"
Connection: keep-alive
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Content-Length: 54183
Date: Tue, 29 Apr 2025 17:53:29 GMT
Content-Type: application/javascript
Last-Modified: Tue, 29 Apr 2025 17:34:24 GMT
Server: nginx

GET
H2

200

match
www.acint.net/ Frame F229
Redirect Chain

https://sync.dmp.otm-r.com/match/sape?id=0400007F18121168E623EA910235D258
https://www.acint.net/match?dp=68&euid=NjgxMTEyMTcwMTAxMDFiZQ%3D%3D

43 B
269 B

215ms
215ms

Image
image/gif

142.132.138.215
HETZNER-AS Hetzne...

General

Check archive.org

Download Go to Show image

Full URL: https://www.acint.net/match?dp=68&euid=NjgxMTEyMTcwMTAxMDFiZQ%3D%3D
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=14&tc=1&pi=1753819
Protocol: H2
Server: 142.132.138.215 Falkenstein, Germany, ASN24940 (HETZNER-AS Hetzner Online GmbH, DE),
Reverse DNS: static.215.138.132.142.clients.your-server.de
Software: openresty /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
Referer: https://www.acint.net/

Response headers

cache-control: private, no-cache, no-store, must-revalidate, max-age=0
expires: Wed, 19 Apr 2000 11:43:00 GMT
content-length: 43
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
date: Tue, 29 Apr 2025 17:53:29 GMT
content-type: image/gif
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: openresty

Redirect headers

access-control-allow-origin: *
location: https://www.acint.net/match?dp=68&euid=NjgxMTEyMTcwMTAxMDFiZQ%3D%3D
content-length: 94
date: Tue, 29 Apr 2025 17:53:29 GMT
content-type: text/html; charset=utf-8
server: nginx/1.23.2

GET

sync
sync.upravel.com/sape/ Frame F229
Redirect Chain

https://sync.upravel.com/sape/sync
https://sync.upravel.com/sape/sync?session_tpt=eyJoZWFkZXJzIjp7InJlZmVyZXIiOlsiaHR0cHM6Ly93d3cuYWNpbnQubmV0LyJdfX0=

0
0

GET
H/1.1 200
OK sync.cgi
ssp.adriver.ru/cgi-bin/ Frame F229 42 B
201 B 620ms
154ms Image
image/gif 195.209.109.18
ADRIVER LLC AdRiver

General

Check archive.org

Download Go to Show image

Full URL: https://ssp.adriver.ru/cgi-bin/sync.cgi?dsp_id=153&external_id=0400007F18121168E623EA910235D258&redirect_url=https%3A%2F%2Fmc.acint.net%2Fcmatch%3Fdp%3D85
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=14&tc=1&pi=1753819
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 195.209.109.18 , Russian Federation, ASN52007 (ADRIVER LLC AdRiver, RU),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
Referer: https://www.acint.net/

Response headers

Transfer-Encoding: chunked
Date: Tue, 29 Apr 2025 17:53:29 GMT
Content-Type: image/gif
Server: nginx
Connection: keep-alive

GET

userbind
match.qtarget.tech/ Frame F229
Redirect Chain

https://ssp.bestssp.com/sspmatch?url=https%3A%2F%2Fmc.acint.net%2Frmatch%3Fdp%3D95%26r%3Dhttps%253A%252F%252Fmc.acint.net%252Fcmatch%253Fdp%253D95%26euid%3D
https://mc.acint.net/rmatch?dp=95&r=https%3A%2F%2Fmc.acint.net%2Fcmatch%3Fdp%3D95&euid=PTHLRRHG
https://mc.acint.net/cmatch?dp=95
https://match.qtarget.tech/userbind?src=sape&id=0400007F18121168E623EA910235D258

0
0

GET

check
sync.adspend.space/ Frame F229
Redirect Chain

https://sync.adspend.space/sape?uid=0400007F18121168E623EA910235D258
https://sync.adspend.space/check?r=https%3A%2F%2Fwww.acint.net%2Fmatch%3Fdp%3D98%26euid%3D7304967b-ce9f-4d4e-9c18-2c13c69093cc

0
0

GET
H2

200

match
www.acint.net/ Frame F229
Redirect Chain

https://sape-sync.rutarget.ru/sync
https://www.acint.net/match?dp=104&euid=nCuSjTUpmhA8

43 B
269 B

973ms
973ms

Image
image/gif

142.132.138.215
HETZNER-AS Hetzne...

General

Check archive.org

Download Go to Show image

Full URL: https://www.acint.net/match?dp=104&euid=nCuSjTUpmhA8
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=14&tc=1&pi=1753819
Protocol: H2
Server: 142.132.138.215 Falkenstein, Germany, ASN24940 (HETZNER-AS Hetzner Online GmbH, DE),
Reverse DNS: static.215.138.132.142.clients.your-server.de
Software: openresty /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
Referer: https://www.acint.net/

Response headers

cache-control: private, no-cache, no-store, must-revalidate, max-age=0
expires: Wed, 19 Apr 2000 11:43:00 GMT
content-length: 43
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
date: Tue, 29 Apr 2025 17:53:30 GMT
content-type: image/gif
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: openresty

Redirect headers

Strict-Transport-Security: max-age=31536000; includeSubDomains
Location: https://www.acint.net/match?dp=104&euid=nCuSjTUpmhA8
Content-Length: 0
P3P: CP="This is not a P3P policy. Please visit http://rutarget.ru/p3p/ to get more information."
Date: Tue, 29 Apr 2025 17:53:30 GMT
Server: nginx
Connection: close

GET

match
ads.betweendigital.com/ Frame F229
Redirect Chain

https://ads.betweendigital.com/match?bidder_id=35313&external_user_id=0400007F18121168E623EA910235D258&callback_url=https%3A%2F%2Fmc.acint.net%2Frmatch%3Fdp%3D107%26euid%3D%24%7BUSER_ID%7D%26r%3Dht...
https://ads.betweendigital.com/match?bidder_id=35313&external_user_id=0400007F18121168E623EA910235D258&callback_url=https%3A%2F%2Fmc.acint.net%2Frmatch%3Fdp%3D107%26euid%3D%24%7BUSER_ID%7D%26r%3Dht...

0
0

GET

second
vma.mts.ru/match/ Frame F229
Redirect Chain

https://sm.rtb.mts.ru/p?ssp=sape&id=0400007F18121168E623EA910235D258
https://vma.mts.ru/match/second?ssp=30&exu=0400007F18121168E623EA910235D258

0
0

GET

rmatch
mc.acint.net/ Frame F229
Redirect Chain

https://exchange.buzzoola.com/cookiesync/dsp/sape-banner?uid=0400007F18121168E623EA910235D258&url=https%3A%2F%2Fmc.acint.net%2Frmatch%3Fdp%3D126%26euid%3D%24%7BUUID%7D%26r%3Dhttps%253A%252F%252Fmc....
https://mc.acint.net/rmatch?dp=126&euid=55778954-2d6c-4578-4b65-a0f583d3fc3e&r=https%3A%2F%2Fmc.acint.net%2Fcmatch%3Fdp%3D126

0
0

GET
H2

200

match
www.acint.net/ Frame F229
Redirect Chain

https://ssp.bidvol.com/usersync?dspcsid=8&redirect=1
https://www.acint.net/match?dp=129&euid=pns0rv3xa1

43 B
269 B

211ms
209ms

Image
image/gif

142.132.138.215
HETZNER-AS Hetzne...

General

Check archive.org

Download Go to Show image

Full URL: https://www.acint.net/match?dp=129&euid=pns0rv3xa1
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=14&tc=1&pi=1753819
Protocol: H2
Server: 142.132.138.215 Falkenstein, Germany, ASN24940 (HETZNER-AS Hetzner Online GmbH, DE),
Reverse DNS: static.215.138.132.142.clients.your-server.de
Software: openresty /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
Referer: https://www.acint.net/

Response headers

cache-control: private, no-cache, no-store, must-revalidate, max-age=0
expires: Wed, 19 Apr 2000 11:43:00 GMT
content-length: 43
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
date: Tue, 29 Apr 2025 17:53:31 GMT
content-type: image/gif
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: openresty

Redirect headers

surrogate-control: no-store
x-request-id: 0ab59cf6-9fd4-401a-8d41-f8b4a740babe
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
location: https://www.acint.net/match?dp=129&euid=pns0rv3xa1
pragma: no-cache
access-control-allow-credentials: true
expires: 0
access-control-allow-origin: *
date: Tue, 29 Apr 2025 17:53:30 GMT
vary: Origin
server: nginx/1.24.0 (Ubuntu)

GET userbind
match.new-programmatic.com/ Frame F229 0
0

GET sape.js
sync.gonet-ads.com/match/ Frame F229 0
0

GET /
sync.bumlam.com/ Frame F229 0
0

GET check
pix.bumlam.com/sync/sape/ Frame F229 0
0

GET 0400007F18121168E623EA910235D258
an.yandex.ru/mapuid/sapeis/ Frame F229 0
0

GET cm
cmr.bidderstack.com/sape/ Frame F229 0
0

GET p
cs.agency2.ru/ Frame F229 0
0

GET cm
match.ohmy.bid/ Frame F229 0
0

GET sape
sync.opendsp.ru/match/ Frame F229 0
0

GET sapePlazkart
adx.com.ru/sync/init/ Frame F229 0
0

GET sape2
kimberlite.io/rtb/sync/ Frame F229 0
0

GET sape
sync.dsp.solta.io/match/ Frame F229 0
0

GET cm.gif
ad.mail.ru/ Frame F229 0
0

GET set
sync.rambler.ru/ Frame F229 0
0

GET sape
ssp.al-adtech.com/api/sync/ Frame F229 0
0

GET p
s.suprion.ru/ Frame F229 0
0

GET sync
ck.silvermob.com/ Frame F229 0
0

GET pixel
pixel.dsp.onetarget.ru/sape/ Frame F229 0
0

GET rd
redirect.frontend.weborama.fr/ Frame F229 0
0

GET sape_ex
sync.opendsp.ru/match/ Frame F229 0
0

GET sync
ssp-statistics.dev.dsp1.nominaltechno.com/api/cookie-sync/eyJhbGciOiJIUzUxMiJ9.eyJzdWIiOiJSVEIgU2FwZSJ9.VXKxLxZBDKVR7akKD1ukrUZZiwKSy3v1zAZqgO5I0sDyck5wQtI73MuLZMkcYTNASS9UpZ9mSHr5k-r2pAOYRQ/ Frame F229 0
0

GET sync
ssp-statistics.dsp.nt.technology/api/cookie-sync/eyJhbGciOiJIUzUxMiJ9.eyJzdWIiOiJSVEIgU2FwZV8xNzM4MDUyODgwODQ3In0.rWWFhvjxIbuujG1GTFwQklSMJiKgptBwYzz4p8BSesmEm5CqjbMhkVs5mVteVVlfMbT4wiTf22YGI6HFl8S... Frame F229 0
0

GET sync
a.adspector.io/ Frame F229 0
0

GET sync
sync.techdsp.ru/ Frame F229 0
0

GET match.gif
otclick-adv.ru/core/ Frame F229 0
0

GET sync
a.videohead.tech/ Frame F229 0
0

GET sync
a.adiam.tech/ Frame F229 0
0

GET m.gif
mediatoday.ru/c/ Frame F229 0
0

GET /
fcgi4.gnezdo.ru/cookie_matching/sape_ssp/ Frame F229 0
0

POST
H/1.1 200
OK /
privacy-cs.mail.ru/fp/ 0
0 290ms
289ms Fetch
application/octet-stream 95.163.52.89
VK-AS LLC VK

General

Check archive.org

Download Go to

Full URL: https://privacy-cs.mail.ru/fp/?id=OEdtP-3m0on32FLC4oahn
Requested by: Host: privacy-cs.mail.ru
URL: https://privacy-cs.mail.ru/static/sync-loader.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 95.163.52.89 , Russian Federation, ASN47764 (VK-AS LLC VK, RU),
Reverse DNS: r3.mail.ru
Software: nginx /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
Content-Type: application/json
Referer: https://goo.su/

Response headers

Transfer-Encoding: chunked
Cache-Control: max-age=7200
Timing-Allow-Origin: *
Connection: keep-alive
Access-Control-Allow-Credentials: true
Expires: Tue, 29 Apr 2025 19:53:29 GMT
Access-Control-Allow-Origin: https://goo.su
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSAo PSDo OUR BUS UNI NAV STA INT"
Date: Tue, 29 Apr 2025 17:53:29 GMT
Content-Type: application/octet-stream
Server: nginx

OPTIONS
H/1.1 200
OK /
privacy-cs.mail.ru/fp/ Frame 0
0 324ms
168ms Preflight
application/octet-stream 95.163.52.89
VK-AS LLC VK

General

Check archive.org

Download Go to

Full URL: https://privacy-cs.mail.ru/fp/?id=OEdtP-3m0on32FLC4oahn
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 95.163.52.89 , Russian Federation, ASN47764 (VK-AS LLC VK, RU),
Reverse DNS: r3.mail.ru
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://goo.su
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: content-type
Access-Control-Allow-Method: POST
Access-Control-Allow-Origin: https://goo.su
Access-Control-Max-Age: 1728000
Cache-Control: max-age=7200
Connection: keep-alive
Content-Length: 0
Content-Type: application/octet-stream
Date: Tue, 29 Apr 2025 17:53:29 GMT
Expires: Tue, 29 Apr 2025 19:53:29 GMT
Server: nginx

POST
H2 200 99705705
mc.yandex.com/webvisor/ 43 B
0 352ms
343ms Fetch
image/gif 77.88.21.119
YANDEX YANDEX LLC

General

Check archive.org

Download Go to

Full URL

https://mc.yandex.com/webvisor/99705705?wv-part=1&wv-type=7&wmode=0&wv-hit=653370782&page-url=https%3A%2F%2Fgoo.su%2FA9GpEB&rn=595343927&browser-info=bt%3A1%3Awe%3A1%3Aet%3A1745949209%3Aw%3A1600x1200%3Av%3A2020%3Az%3A180%3Ai%3A20250429205329%3Au%3A1745949207955922493%3Avf%3A91r6djxnfa7uwydy6j81axfzfqaj%3Ast%3A1745949209&t=gdpr(14)ti(1)

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

77.88.21.119 , Russian Federation, ASN13238 (YANDEX YANDEX LLC, RU),

Reverse DNS

mc.yandex.ru

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
Content-Type: text/plain
Referer: https://goo.su/

Response headers

strict-transport-security: max-age=31536000
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
pragma: no-cache
access-control-allow-credentials: true
expires: Tue, 29-Apr-2025 17:53:29 GMT
access-control-allow-origin: https://goo.su
content-length: 43
x-xss-protection: 1; mode=block
last-modified: Tue, 29-Apr-2025 17:53:29 GMT
content-type: image/gif

OPTIONS
H2 200 cf
rpc.skcrtxr.com/ Frame 0
0 730ms
304ms Preflight
text/plain 158.160.49.136
YandexCloud Yande...

General

Check archive.org

Download Go to

Full URL: https://rpc.skcrtxr.com/cf
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 158.160.49.136 Moscow, Russian Federation, ASN200350 (YandexCloud Yandex.Cloud LLC, RU),
Reverse DNS
Software: ycalb /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://goo.su
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

access-control-allow-credentials: true
access-control-allow-headers: *
access-control-allow-origin: https://goo.su
content-length: 16
content-type: text/plain; charset=utf-8
date: Tue, 29 Apr 2025 17:53:29 GMT
server: ycalb

OPTIONS
H/1.1 200
OK bb9058eb-13a5-432a-aee0-01d06ea5b756
rap.skcrtxr.com/pub/pix/ Frame 0
0 614ms
245ms Preflight 158.160.39.250
YandexCloud Yande...

General

Check archive.org

Download Go to

Full URL: https://rap.skcrtxr.com/pub/pix/bb9058eb-13a5-432a-aee0-01d06ea5b756
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 158.160.39.250 Moscow, Russian Federation, ASN200350 (YandexCloud Yandex.Cloud LLC, RU),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: x-xsrf-token
Access-Control-Request-Method: GET
Origin: https://goo.su
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: x-xsrf-token
Access-Control-Allow-Origin: https://goo.su
Access-Control-Allow-Private-Network: true
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 0
Date: Tue, 29 Apr 2025 17:53:29 GMT
Etag: "1745949209940547998"
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Last-Modified: Thu, 01 Jan 1970 00:00:00 GMT
Pragma: no-cache
Server: nginx
X-Service-Id: worker

POST
H2 200 cf Show response
rpc.skcrtxr.com/ 15 B
54 B 248ms
247ms Fetch
text/plain 158.160.49.136
YandexCloud Yande...

General

Check archive.org

Download Go to

Full URL: https://rpc.skcrtxr.com/cf
Requested by: Host: cdn.skcrtxr.com
URL: https://cdn.skcrtxr.com/wrapper/js/common-engine.js?v=s-6e40dd33-55e7-4e29-b521-499daf8aa8e3
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 158.160.49.136 Moscow, Russian Federation, ASN200350 (YandexCloud Yandex.Cloud LLC, RU),
Reverse DNS
Software: ycalb /
Resource Hash: a29ee2b15c494311c52521766e44af56a3ad2248e7a8ab465e5206463c13d288

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
Content-Type: application/json
Referer: https://goo.su/

Response headers

access-control-allow-origin: https://goo.su
content-length: 15
date: Tue, 29 Apr 2025 17:53:29 GMT
content-type: text/plain; charset=utf-8
server: ycalb
access-control-allow-credentials: true
access-control-allow-headers: *

GET
H/1.1 200
OK bb9058eb-13a5-432a-aee0-01d06ea5b756 Show response
rap.skcrtxr.com/pub/pix/ 43 B
884 B 558ms
228ms XHR
image/gif 158.160.39.250
YandexCloud Yande...

General

Check archive.org

Download Go to

Full URL: https://rap.skcrtxr.com/pub/pix/bb9058eb-13a5-432a-aee0-01d06ea5b756
Requested by: Host: cdn.skcrtxr.com
URL: https://cdn.skcrtxr.com/wrapper/js/common-engine.js?v=s-6e40dd33-55e7-4e29-b521-499daf8aa8e3
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 158.160.39.250 Moscow, Russian Federation, ASN200350 (YandexCloud Yandex.Cloud LLC, RU),
Reverse DNS
Software: nginx /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

X-XSRF-TOKEN: NnQwr4ZZNdVsLCtLMnTzN2ooBnD2E5rkkiQNxsYn
Referer: https://goo.su/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
Accept: application/json, text/plain, */*

Response headers

Access-Control-Allow-Private-Network: true
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
Etag: "1745949210507703698"
Connection: keep-alive
Access-Control-Allow-Credentials: true
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Access-Control-Allow-Origin: https://goo.su
Content-Length: 43
Date: Tue, 29 Apr 2025 17:53:30 GMT
Content-Type: image/gif
Last-Modified: Thu, 01 Jan 1970 00:00:00 GMT
Server: nginx
X-Service-Id: worker
Access-Control-Allow-Headers: *

GET
H2 200 platform.js Show response
x01.aidata.io/ 37 B
562 B 567ms
223ms Fetch
application/javascript 89.108.120.76
AS-REGRU "Domain ...

General

Check archive.org

Download Go to

Full URL: https://x01.aidata.io/platform.js?pixel=0892394&v=1745949209488&url=https%3A%2F%2Fgoo.su%2FA9GpEB&is_js_referrer=1&origin_referrer=&add_headers=1&data=%7B%22v%22%3A%222.1.0%22%2C%22ios%22%3A%22010%22%2C%22dur%22%3A41%2C%22data%22%3A%5B%22YB%2F9%2Bpz%2FkEAAAAAAAKpiQAAAAAAAqmJAAAAAAACqYkAAAAAAgABiQAAAAAAAlGBAAAAAAACwIkAAAAAAgPtiQABAhUzIAl9A%22%2C%22AQAAAAEAAAABAAAAAAAAAAEAAAAAAAAAAAAAAAgAAAAYAAAAIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAQAYAALAEAAAAAAAAAAAAAAAAAAAAAAAA%22%2C%22UgrvnmVD1QDashxuw95wXAAAAAAOQ18y9Vwz5OJR2ydbJi3FyftXjQ%3D%3D%22%2C%22AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA%3D%22%5D%2C%22m%22%3A%22eHk3aDhlIDFhYmVqOHogMCAxcGJ1ODJzIHNrOGRjaSAxIDFsamdkMG8gdzN2bHdvIHNrOGRjaSAxMnFpMzA0IDEgMWV0NWMyNw%3D%3D%22%2C%22payload%22%3A%2240555484528067ca%3A1%22%7D
Requested by: Host: x01.aidata.io
URL: https://x01.aidata.io/lib/aidata.fp.latest.js?pixel=0892394
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 89.108.120.76 , Russian Federation, ASN197695 (AS-REGRU "Domain names registrar REG.RU", Ltd, RU),
Reverse DNS: d51804.reg.regrucolo.ru
Software: nginx /
Resource Hash: 8f25713e3e38248e655e68988a8dba7181b8d3c233b2e4368d53a98c8250532c

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
Referer: https://goo.su/

Response headers

cache-control: no-cache, no-store, must-revalidate, post-check=0, pre-check=0
pragma: no-cache
access-control-allow-credentials: true
access-control-allow-methods: GET, POST
expires: Tue, 29 Apr 2025 17:53:28 GMT
access-control-allow-origin: https://goo.su
content-length: 37
p3p: CP='NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA'
date: Tue, 29 Apr 2025 17:53:29 GMT
content-type: application/javascript
last-modified: Tue, 29 Apr 2025 17:53:28 GMT
server: nginx

GET 1c6cfa61-54eb-44ba-9612-5384172c2088
https://goo.su/ 0
0

GET
H2

200

match Show response
5607175791745949210244.cm.a.mts.ru/cm/
Redirect Chain

https://cm.a.mts.ru/cm/tech?flowId=0ad8d3f8-90df-189f-8191-0983a062000a
https://5607175791745949210244.cm.a.mts.ru/cm/match?flowId=0ad8d3f8-90df-189f-8191-0983a062000a

33 B
455 B

1129ms
1024ms

Fetch
application/json

185.65.149.228
HLL-AS HLL LLC

General

Check archive.org

Download Go to

Full URL

https://5607175791745949210244.cm.a.mts.ru/cm/match?flowId=0ad8d3f8-90df-189f-8191-0983a062000a

Requested by

Host: goo.su
URL: https://goo.su/A9GpEB

Protocol

Server

185.65.149.228 , Russian Federation, ASN51115 (HLL-AS HLL LLC, RU),

Reverse DNS

Software

QRATOR /

Resource Hash

5298bc5e9044dca77d5457493e3e1ffd023b48d580f969bb481c11ca3eff2a59

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
Referer: https://goo.su/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
access-control-max-age: 3600
content-encoding: gzip
access-control-allow-credentials: true
access-control-allow-methods: GET,POST,OPTIONS
access-control-allow-origin: null
date: Tue, 29 Apr 2025 17:53:30 GMT
content-type: application/json
vary: Accept-Encoding, Origin, Access-Control-Request-Method, Access-Control-Request-Headers
server: QRATOR
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, X-Forwarded-For

Redirect headers

strict-transport-security: max-age=31536000; includeSubDomains
access-control-max-age: 3600
location: https://5607175791745949210244.cm.a.mts.ru/cm/match?flowId=0ad8d3f8-90df-189f-8191-0983a062000a
access-control-allow-credentials: true
access-control-allow-methods: GET,POST,OPTIONS
expires: Thu, 01 Jan 1970 00:00:00 GMT
access-control-allow-origin: https://goo.su
content-length: 0
date: Tue, 29 Apr 2025 17:53:30 GMT
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
server: QRATOR
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, X-Forwarded-For

POST
H2 201 vis-id
api.a.mts.ru/api/ia/v1/ids/ 44 B
1 KB 1355ms
214ms Fetch
application/json 185.65.149.228
HLL-AS HLL LLC

General

Check archive.org

Download Go to

Full URL

https://api.a.mts.ru/api/ia/v1/ids/vis-id?flowId=0ad8d3f8-90df-189f-8191-0983a062000a

Requested by

Host: static.a.mts.ru
URL: https://static.a.mts.ru/id/pixel.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

185.65.149.228 , Russian Federation, ASN51115 (HLL-AS HLL LLC, RU),

Reverse DNS

Software

QRATOR /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://goo.su/
Idempotency-Key: 3e101a5a-099e-4491-8379-e8a157f42cf1
Accept: application/json
Content-Type: application/json
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

access-control-max-age: 3600
access-control-allow-methods: GET,POST,OPTIONS
accept-ch-lifetime: 8035200
expires: 0
date: Tue, 29 Apr 2025 17:53:31 GMT
content-type: application/json
vary: Origin
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, X-Forwarded-For, Idempotency-Key
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: no-cache, no-store, must-revalidate
accept-ch: Sec-CH-UA, Sec-CH-UA-Platform, Sec-CH-UA-Mobile, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-WoW64, Sec-CH-UA-Model, Sec-CH-UA-Form-Factors, Sec-CH-Lang, Sec-CH-Save-Data, Sec-CH-Width, Sec-CH-Viewport-Width, Viewport-Width, Sec-CH-Viewport-Height, Sec-CH-DPR, DPR, Sec-CH-Device-Memory, Device-Memory, RTT, Downlink, ECT, Sec-CH-Prefers-Color-Scheme, Sec-CH-Prefers-Reduced-Motion, Sec-CH-Prefers-Reduced-Transparency, Sec-CH-Prefers-Contrast, Sec-CH-Forced-Colors
pragma: no-cache
access-control-allow-credentials: true
access-control-allow-origin: https://goo.su
content-length: 44
server: QRATOR

OPTIONS
H2 200 vis-id
api.a.mts.ru/api/ia/v1/ids/ Frame 0
0 701ms
317ms Preflight 185.65.149.228
HLL-AS HLL LLC

General

Check archive.org

Download Go to

Full URL

https://api.a.mts.ru/api/ia/v1/ids/vis-id?flowId=0ad8d3f8-90df-189f-8191-0983a062000a

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

185.65.149.228 , Russian Federation, ASN51115 (HLL-AS HLL LLC, RU),

Reverse DNS

Software

QRATOR /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,idempotency-key
Access-Control-Request-Method: POST
Origin: https://goo.su
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

accept-ch: Sec-CH-UA, Sec-CH-UA-Platform, Sec-CH-UA-Mobile, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-WoW64, Sec-CH-UA-Model, Sec-CH-UA-Form-Factors, Sec-CH-Lang, Sec-CH-Save-Data, Sec-CH-Width, Sec-CH-Viewport-Width, Viewport-Width, Sec-CH-Viewport-Height, Sec-CH-DPR, DPR, Sec-CH-Device-Memory, Device-Memory, RTT, Downlink, ECT, Sec-CH-Prefers-Color-Scheme, Sec-CH-Prefers-Reduced-Motion, Sec-CH-Prefers-Reduced-Transparency, Sec-CH-Prefers-Contrast, Sec-CH-Forced-Colors
accept-ch-lifetime: 8035200
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, X-Forwarded-For, Idempotency-Key
access-control-allow-methods: GET,POST,OPTIONS
access-control-allow-origin: https://goo.su
access-control-max-age: 3600
allow: GET, HEAD, POST, PUT, DELETE, OPTIONS, TRACE, PATCH
content-length: 0
date: Tue, 29 Apr 2025 17:53:30 GMT
server: QRATOR
strict-transport-security: max-age=31536000; includeSubDomains
vary: Origin Access-Control-Request-Method Access-Control-Request-Headers

GET
H2

200

1 Show response
mc.yandex.com/watch/88477929/
Redirect Chain

https://mc.yandex.com/watch/88477929?wmode=7&page-url=https%3A%2F%2Fgoo.su%2FA9GpEB&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A91r6djxnfa7uwydy6j81axfzfqaj%3Afu%3A0%3Aen%3Autf-8%3Ala%3...
https://mc.yandex.com/watch/88477929/1?wmode=7&page-url=https%3A%2F%2Fgoo.su%2FA9GpEB&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A91r6djxnfa7uwydy6j81axfzfqaj%3Afu%3A0%3Aen%3Autf-8%3Ala...

581 B
613 B

257ms
257ms

Fetch
application/json

77.88.21.119
YANDEX YANDEX LLC

General

Check archive.org

Download Go to

Full URL

https://mc.yandex.com/watch/88477929/1?wmode=7&page-url=https%3A%2F%2Fgoo.su%2FA9GpEB&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A91r6djxnfa7uwydy6j81axfzfqaj%3Afu%3A0%3Aen%3Autf-8%3Ala%3Afi-FI%3Av%3A2020%3Acn%3A2%3Adp%3A1%3Als%3A98418462157%3Ahid%3A653370782%3Az%3A180%3Ai%3A20250429205329%3Aet%3A1745949210%3Ac%3A1%3Arn%3A169060880%3Arqn%3A1%3Au%3A1745949207955922493%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Afp%3A1756%3Awv%3A2%3Ads%3A11%2C302%2C231%2C34%2C0%2C0%2C%2C1159%2C0%2C%2C%2C%2C3564%3Aco%3A0%3Acpf%3A1%3Aeu%3A1%3Ans%3A1745949203121%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1745949210%3At%3ARedirecting&t=gdpr%2814%29mc%28p-1%29clc%280-0-0%29rqnt%281%29aw%281%29rcm%281%29cdl%28na%29eco%2842009088%29dss%282%29oms%280%29ti%281%29&redirnss=1

Requested by

Host: goo.su
URL: https://goo.su/A9GpEB

Protocol

Server

77.88.21.119 , Russian Federation, ASN13238 (YANDEX YANDEX LLC, RU),

Reverse DNS

mc.yandex.ru

Software

Resource Hash

31c24d721a9593bfdbfeed9b9177a9d2a5c2bbca20c06de4167224847dc7782b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
Referer: https://goo.su/

Response headers

strict-transport-security: max-age=31536000
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
pragma: no-cache
access-control-allow-credentials: true
x-content-type-options: nosniff
expires: Tue, 29-Apr-2025 17:53:29 GMT
access-control-allow-origin: https://goo.su
content-length: 581
x-xss-protection: 1; mode=block
content-type: application/json; charset=utf-8
last-modified: Tue, 29-Apr-2025 17:53:29 GMT

Redirect headers

strict-transport-security: max-age=31536000
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
location: /watch/88477929/1?wmode=7&page-url=https%3A%2F%2Fgoo.su%2FA9GpEB&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A91r6djxnfa7uwydy6j81axfzfqaj%3Afu%3A0%3Aen%3Autf-8%3Ala%3Afi-FI%3Av%3A2020%3Acn%3A2%3Adp%3A1%3Als%3A98418462157%3Ahid%3A653370782%3Az%3A180%3Ai%3A20250429205329%3Aet%3A1745949210%3Ac%3A1%3Arn%3A169060880%3Arqn%3A1%3Au%3A1745949207955922493%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Afp%3A1756%3Awv%3A2%3Ads%3A11%2C302%2C231%2C34%2C0%2C0%2C%2C1159%2C0%2C%2C%2C%2C3564%3Aco%3A0%3Acpf%3A1%3Aeu%3A1%3Ans%3A1745949203121%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1745949210%3At%3ARedirecting&t=gdpr%2814%29mc%28p-1%29clc%280-0-0%29rqnt%281%29aw%281%29rcm%281%29cdl%28na%29eco%2842009088%29dss%282%29oms%280%29ti%281%29&redirnss=1
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
pragma: no-cache
access-control-allow-credentials: true
expires: Tue, 29-Apr-2025 17:53:29 GMT
access-control-allow-origin: https://goo.su
x-xss-protection: 1; mode=block
last-modified: Tue, 29-Apr-2025 17:53:29 GMT

POST
H2 200 99705705
mc.yandex.com/webvisor/ 43 B
0 328ms
326ms Fetch
image/gif 77.88.21.119
YANDEX YANDEX LLC

General

Check archive.org

Download Go to

Full URL

https://mc.yandex.com/webvisor/99705705?wv-part=1&wv-type=7&wmode=0&wv-hit=653370782&page-url=https%3A%2F%2Fgoo.su%2FA9GpEB&rn=940866290&browser-info=we%3A1%3Aet%3A1745949210%3Aw%3A1600x1200%3Av%3A2020%3Az%3A180%3Ai%3A20250429205329%3Au%3A1745949207955922493%3Avf%3A91r6djxnfa7uwydy6j81axfzfqaj%3Ast%3A1745949210&t=gdpr(14)ti(1)

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

77.88.21.119 , Russian Federation, ASN13238 (YANDEX YANDEX LLC, RU),

Reverse DNS

mc.yandex.ru

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
Content-Type: text/plain
Referer: https://goo.su/

Response headers

strict-transport-security: max-age=31536000
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
pragma: no-cache
access-control-allow-credentials: true
expires: Tue, 29-Apr-2025 17:53:29 GMT
access-control-allow-origin: https://goo.su
content-length: 43
x-xss-protection: 1; mode=block
content-type: image/gif
last-modified: Tue, 29-Apr-2025 17:53:29 GMT

POST 1
mc.yandex.com/watch/88477929/ 0
0

GET i
dmg.digitaltarget.ru/1/1093/i/ Frame F229 0
0

GET
H2 200 /
www.acint.net/ping/ 43 B
224 B 495ms
494ms Image
image/gif 142.132.138.214
HETZNER-AS Hetzne...

General

Check archive.org

Download Go to Show image

Full URL: https://www.acint.net/ping/?v=0.7.1&uid=f36de6ed-edc7-4e77-af44-89cf42071c28&dp=14&tz=%2B03%3A00&nc=970851&dT=2025-04-29T20%3A53%3A31.164
Requested by: Host: goo.su
URL: https://goo.su/A9GpEB
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 142.132.138.214 Falkenstein, Germany, ASN24940 (HETZNER-AS Hetzner Online GmbH, DE),
Reverse DNS: static.214.138.132.142.clients.your-server.de
Software: openresty /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
Referer: https://goo.su/

Response headers

expires: Wed, 19 Apr 2000 11:43:00 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-length: 43
date: Tue, 29 Apr 2025 17:53:31 GMT
content-type: image/gif
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: openresty

POST
H2 200 99705705
mc.yandex.com/webvisor/ 43 B
0 474ms
470ms Fetch
image/gif 77.88.21.119
YANDEX YANDEX LLC

General

Check archive.org

Download Go to

Full URL

https://mc.yandex.com/webvisor/99705705?wv-part=2&wv-type=7&wmode=0&wv-hit=653370782&page-url=https%3A%2F%2Fgoo.su%2FA9GpEB&rn=313176128&browser-info=bt%3A1%3Awe%3A1%3Aet%3A1745949211%3Aw%3A1600x1200%3Av%3A2020%3Az%3A180%3Ai%3A20250429205331%3Au%3A1745949207955922493%3Avf%3A91r6djxnfa7uwydy6j81axfzfqaj%3Ast%3A1745949211&t=gdpr(14)ti(1)

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

77.88.21.119 , Russian Federation, ASN13238 (YANDEX YANDEX LLC, RU),

Reverse DNS

mc.yandex.ru

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
Content-Type: text/plain
Referer: https://goo.su/

Response headers

strict-transport-security: max-age=31536000
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
pragma: no-cache
access-control-allow-credentials: true
expires: Tue, 29-Apr-2025 17:53:31 GMT
access-control-allow-origin: https://goo.su
content-length: 43
x-xss-protection: 1; mode=block
last-modified: Tue, 29-Apr-2025 17:53:31 GMT
content-type: image/gif

GET 5607175791745949210244
an.yandex.ru/mapuid/yamts/ 0
0

POST /
kraken.rambler.ru/cnt/v2/ 0
0

GET id=703882
staemcomnnumity.com/gift/ 0
0

POST tech
cm.a.mts.ru/cm/ 0
0

GET
DATA 200
OK truncated
/ 3 KB
0 Image
image/png

General

Check archive.org

Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 04d05978fdb111358073ab0524e5c1fafc0826615c206987618416b8bd8a4747

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
Referer

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 5 KB
0 Image
image/png

General

Check archive.org

Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e4222715b556e7d99622c83e620d2f8e090047e56adb07923047f95828d561f2

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
Referer

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 155 B
0 Image
image/png

General

Check archive.org

Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7808605ddd1f0eaa454aa444293d2f0260943e51e53838fca46506e6a69fe521

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
Referer

Response headers

Content-Type: image/png

GET id=703882
staemcomnnumity.com/gift/ 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: sync.upravel.com
URL: https://sync.upravel.com/image?source=otm&id=NjgxMTEyMTcwMTAxMDFiZQ%253D%253D&return_url=https%253A%252F%252Fsync.dmp.otm-r.com%252Fmatch%252Fmgcomm%253Fid%253D%257BUID%257D&session_tpt=eyJoZWFkZXJzIjp7InJlZmVyZXIiOlsiaHR0cHM6Ly9nb28uc3UvIl19fQ==

Domain: vma.mts.ru
URL: https://vma.mts.ru/match/second?ssp=67&exu=NDUyMWFhZTU4NDA5NzJhYQ

Domain: dmg.digitaltarget.ru
URL: https://dmg.digitaltarget.ru/1/7164/i/i?a=877&e=MjhhZDdkNjZhM2FhNDM0ZA&i=qb3ey7kpuufj

Domain: ads.adlook.me
URL: https://ads.adlook.me/csync?pid=otm&uid=NjgxMTEyMTcwMTAxMDFiZQ%3D%3D

Domain: vma.mts.ru
URL: https://vma.mts.ru/match/second?ssp=26&exu=NjgxMTEyMTcwMTAxMDFiZQ%3D%3D

Domain: sm.rtb.mts.ru
URL: https://sm.rtb.mts.ru/p?ssp=toptraffic&id=aBESGaEN49Y

Domain: sync.opendsp.ru
URL: https://sync.opendsp.ru/match/otm_ex?id=NjgxMTEyMTcwMTAxMDFiZQ%3D%3D

Domain: rtb.com.ru
URL: https://rtb.com.ru/otmrtb-sync?uid=NjgxMTEyMTcwMTAxMDFiZQ%3D%3D

Domain: rtb.dynotech.io
URL: https://rtb.dynotech.io/otm/sync/

Domain: a.atraffic.ru
URL: https://a.atraffic.ru/sync?ssp=3&id=NjgxMTEyMTcwMTAxMDFiZQ%3D%3D

Domain: sync.dmp.otm-r.com
URL: https://sync.dmp.otm-r.com/match/astralab?id=08f9b0bb-3670-4f20-b2b1-92bd5b24f395

Domain: s.suprion.ru
URL: https://s.suprion.ru/p?source=otm&id=NjgxMTEyMTcwMTAxMDFiZQ%3D%3D

Domain: sp.ohmy.bid
URL: https://sp.ohmy.bid/cm?dsp_id=48&uid=NjgxMTEyMTcwMTAxMDFiZQ%3D%3D

Domain: 7498794744558977470-otm.ops.beeline.ru
URL: https://7498794744558977470-otm.ops.beeline.ru/p?ssp=otm&id=7498794744558977470

Domain: sync.otm-r.com
URL: https://sync.otm-r.com/match/stable?mpid=NjgxMTEyMTcwMTAxMDFiZQ%3D%3D

Domain: a.adspector.io
URL: https://a.adspector.io/sync?ssp=24&id=NjgxMTEyMTcwMTAxMDFiZQ%3D%3D

Domain: sync.opendsp.ru
URL: https://sync.opendsp.ru/match/otm_wl?id=NjgxMTEyMTcwMTAxMDFiZQ%3D%3D

Domain: an.yandex.ru
URL: https://an.yandex.ru/mapuid/videonowssp/

Domain: a.adspector.io
URL: https://a.adspector.io/sync?ssp=27&id=NjgxMTEyMTcwMTAxMDFiZQ%3D%3D

Domain: a.utraff.com
URL: https://a.utraff.com/sync?ssp=3031&id=NjgxMTEyMTcwMTAxMDFiZQ%3D%3D

Domain: cs.agency2.ru
URL: https://cs.agency2.ru/p?ssp=ai

Domain: ads.betweendigital.com
URL: https://ads.betweendigital.com/match?bidder_id=42919&callback_url=https%3A%2F%2Fsync.dmp.otm-r.com%2Fmatch%2Fvihub1%3Fid%3D%24%7BUSER_ID%7D

Domain: redirect-frontend.weborama-tech.ru
URL: https://redirect-frontend.weborama-tech.ru/rd?url=https%3A%2F%2Fsync.dmp.otm-r.com%2Fmatch%2Fweborama_newUrl%3Fid%3D{WEBO_CID}

Domain: match.new-programmatic.com
URL: https://match.new-programmatic.com/userbind?id=NjgxMTEyMTcwMTAxMDFiZQ%3D%3D&src=otm

Domain: cs.agency2.ru
URL: https://cs.agency2.ru/p?ssp=ot&uid=NjgxMTEyMTcwMTAxMDFiZQ%3D%3D

Domain: a.lotus-dsp.ru
URL: https://a.lotus-dsp.ru/sync?id=NjgxMTEyMTcwMTAxMDFiZQ%3D%3D&ssp=BeelineADX

Domain: yastatic.net
URL: https://yastatic.net/partner-code-bundles/1261120/fb859f5e781ebbbb4ca9.js

Domain: yastatic.net
URL: https://yastatic.net/partner-code-bundles/1261120/3de91f503cce2d1a0b03.js

Domain: pbs.alfasense.com
URL: https://pbs.alfasense.com/yandex/auction

Domain: ad.mail.ru
URL: https://ad.mail.ru/hbid_yandex/

Domain: ssp.hybrid.ai
URL: https://ssp.hybrid.ai/adfoxhb

Domain: ads.betweendigital.com
URL: https://ads.betweendigital.com/sspmatch?p=42917&r=1745949207303

Domain: ads.betweendigital.com
URL: https://ads.betweendigital.com/sspmatch?p=41985&r=1745949207303

Domain: kimberlite.io
URL: https://kimberlite.io/rtb/syncd

Domain: acint.net
URL: https://acint.net/cmatch/?dp=14&pi=1753819

Domain: skcrtxr.com
URL: https://skcrtxr.com/user-sync-api/sync

Domain: yastatic.net
URL: https://yastatic.net/partner-code-bundles/1261120/983709258e465c90629c.js

Domain: yastatic.net
URL: https://yastatic.net/partner-code-bundles/1261120/07f457e853e80deff7a2.js

Domain: yastatic.net
URL: https://yastatic.net/partner-code-bundles/1261120/00c1d131784cd19b6eab.js

Domain: yastatic.net
URL: https://yastatic.net/safeframe-bundles/0.83/host.js

Domain: yastatic.net
URL: https://yastatic.net/partner-code-bundles/1261120/ef2ee03643aa17407d60.js

Domain: mc.yandex.com
URL: https://mc.yandex.com/watch/99705705/1?page-url=https%3A%2F%2Fgoo.su%2FA9GpEB&charset=utf-8&uah=chm%0A%3F0&hittoken=1745949206_715b36ff18b6e531405a7e889b1f145815127a44a99322435d4edfe92bc9a77d&browser-info=pa%3A1%3Aar%3A1%3Avf%3A91r6djxnfa7uwydy6j81axfzfqaj%3Afu%3A0%3Aen%3Autf-8%3Ala%3Afi-FI%3Av%3A2020%3Acn%3A1%3Adp%3A1%3Als%3A1081896468781%3Ahid%3A653370782%3Az%3A180%3Ai%3A20250429205328%3Aet%3A1745949209%3Ac%3A1%3Arn%3A675650005%3Arqn%3A2%3Au%3A1745949207955922493%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A%2C%2C%2C%2C%2C%2C%2C%2C0%2C%2C%2C%2C3564%3Aco%3A0%3Acpf%3A1%3Aeu%3A1%3Ans%3A1745949203121%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1745949209&t=gdpr(14)clc(0-0-0)rqnt(2)aw(1)rcm(1)cdl(na)eco(42009092)dss(2)oms(0)ti(0)&force-urlencoded=1&site-info=%7B%22__ym%22%3A%7B%22adSessionID%22%3A%223665001745949208805%22%7D%7D

Domain: ads.betweendigital.com
URL: https://ads.betweendigital.com/match?bidder_id=73&external_user_id=0400007F18121168E623EA910235D258&crf=1&rts=-1608260238501257777

Domain: sync.upravel.com
URL: https://sync.upravel.com/sape/sync?session_tpt=eyJoZWFkZXJzIjp7InJlZmVyZXIiOlsiaHR0cHM6Ly93d3cuYWNpbnQubmV0LyJdfX0=

Domain: match.qtarget.tech
URL: https://match.qtarget.tech/userbind?src=sape&id=0400007F18121168E623EA910235D258

Domain: sync.adspend.space
URL: https://sync.adspend.space/check?r=https%3A%2F%2Fwww.acint.net%2Fmatch%3Fdp%3D98%26euid%3D7304967b-ce9f-4d4e-9c18-2c13c69093cc

Domain: ads.betweendigital.com
URL: https://ads.betweendigital.com/match?bidder_id=35313&external_user_id=0400007F18121168E623EA910235D258&callback_url=https%3A%2F%2Fmc.acint.net%2Frmatch%3Fdp%3D107%26euid%3D%24%7BUSER_ID%7D%26r%3Dhttps%253A%252F%252Fmc.acint.net%252Fcmatch%253Fdp%253D107&crf=1&rts=-6116021237114301172

Domain: vma.mts.ru
URL: https://vma.mts.ru/match/second?ssp=30&exu=0400007F18121168E623EA910235D258

Domain: mc.acint.net
URL: https://mc.acint.net/rmatch?dp=126&euid=55778954-2d6c-4578-4b65-a0f583d3fc3e&r=https%3A%2F%2Fmc.acint.net%2Fcmatch%3Fdp%3D126

Domain: match.new-programmatic.com
URL: https://match.new-programmatic.com/userbind?src=sape&id=0400007F18121168E623EA910235D258

Domain: sync.gonet-ads.com
URL: https://sync.gonet-ads.com/match/sape.js?id=0400007F18121168E623EA910235D258

Domain: sync.bumlam.com
URL: https://sync.bumlam.com/?src=sap1&uid=0400007F18121168E623EA910235D258

Domain: pix.bumlam.com
URL: https://pix.bumlam.com/sync/sape/check?sspuid=0400007F18121168E623EA910235D258

Domain: an.yandex.ru
URL: https://an.yandex.ru/mapuid/sapeis/0400007F18121168E623EA910235D258

Domain: cmr.bidderstack.com
URL: https://cmr.bidderstack.com/sape/cm?user_id=0400007F18121168E623EA910235D258

Domain: cs.agency2.ru
URL: https://cs.agency2.ru/p?ssp=sp&uid=0400007F18121168E623EA910235D258

Domain: match.ohmy.bid
URL: https://match.ohmy.bid/cm?ssp=sape&redirect_url=https%3A%2F%2Fmc.acint.net%2Fmatch%3Fdp%3D217%26euid%3D%7Buid%7D

Domain: sync.opendsp.ru
URL: https://sync.opendsp.ru/match/sape?id=0400007F18121168E623EA910235D258

Domain: adx.com.ru
URL: https://adx.com.ru/sync/init/sapePlazkart?uid=0400007F18121168E623EA910235D258

Domain: kimberlite.io
URL: https://kimberlite.io/rtb/sync/sape2?u=0400007F18121168E623EA910235D258

Domain: sync.dsp.solta.io
URL: https://sync.dsp.solta.io/match/sape?id=0400007F18121168E623EA910235D258

Domain: ad.mail.ru
URL: https://ad.mail.ru/cm.gif?p=48&id=0400007F18121168E623EA910235D258

Domain: sync.rambler.ru
URL: https://sync.rambler.ru/set?partner_id=1b87f89d-4fb1-4046-b5d4-1814eb9a34db&id=0400007F18121168E623EA910235D258

Domain: ssp.al-adtech.com
URL: https://ssp.al-adtech.com/api/sync/sape

Domain: s.suprion.ru
URL: https://s.suprion.ru/p?s=sape&r=https%3A%2F%2Fmc.acint.net%2Fmatch%3Fdp%3D264%26euid%3D%7BUID%7D

Domain: ck.silvermob.com
URL: https://ck.silvermob.com/sync?pid=533&uid=0400007F18121168E623EA910235D258&rd=1&r=https%3A%2F%2Fmc.acint.net%2Fmatch%3Fdp%3D274%26euid%3D%5BUSER_ID%5D

Domain: pixel.dsp.onetarget.ru
URL: https://pixel.dsp.onetarget.ru/sape/pixel?id=0400007F18121168E623EA910235D258

Domain: redirect.frontend.weborama.fr
URL: https://redirect.frontend.weborama.fr/rd?url=https%3A%2F%2Fmc.acint.net%2Frmatch%3Fdp%3D296%26euid%3D%7BWEBO_CID%7D%26r%3Dhttps%253A%252F%252Fmc.acint.net%252Fcmatch%253Fdp%253D296

Domain: sync.opendsp.ru
URL: https://sync.opendsp.ru/match/sape_ex?id=0400007F18121168E623EA910235D258

Domain: ssp-statistics.dev.dsp1.nominaltechno.com
URL: https://ssp-statistics.dev.dsp1.nominaltechno.com/api/cookie-sync/eyJhbGciOiJIUzUxMiJ9.eyJzdWIiOiJSVEIgU2FwZSJ9.VXKxLxZBDKVR7akKD1ukrUZZiwKSy3v1zAZqgO5I0sDyck5wQtI73MuLZMkcYTNASS9UpZ9mSHr5k-r2pAOYRQ/sync?sspUserId=0400007F18121168E623EA910235D258&r=https%3A%2F%2Facint.net%2Frmatch%3Fdp%3D313%26euid%3D%24%7BUSER_ID%7D%26r%3Dhttps%253A%252F%252Fmc.acint.net%252Fcmatch%253Fdp%253D313

Domain: ssp-statistics.dsp.nt.technology
URL: https://ssp-statistics.dsp.nt.technology/api/cookie-sync/eyJhbGciOiJIUzUxMiJ9.eyJzdWIiOiJSVEIgU2FwZV8xNzM4MDUyODgwODQ3In0.rWWFhvjxIbuujG1GTFwQklSMJiKgptBwYzz4p8BSesmEm5CqjbMhkVs5mVteVVlfMbT4wiTf22YGI6HFl8Snrw/sync?sspUserId=0400007F18121168E623EA910235D258&r=https%3A%2F%2Facint.net%2Frmatch%3Fdp%3D368%26euid%3D%24%7BUSER_ID%7D%26r%3Dhttps%253A%252F%252Fmc.acint.net%252Fcmatch%253Fdp%253D368

Domain: a.adspector.io
URL: https://a.adspector.io/sync?ssp=6

Domain: sync.techdsp.ru
URL: https://sync.techdsp.ru/sync?src=sape&uid=0400007F18121168E623EA910235D258

Domain: sync.techdsp.ru
URL: https://sync.techdsp.ru/sync?src=sape&dmp=2&uid=0400007F18121168E623EA910235D258

Domain: otclick-adv.ru
URL: https://otclick-adv.ru/core/match.gif?s=56&reference=https%3A%2F%2Fmc.acint.net%2Fmatch%2F%3Fdp%3D361%26euid%3D%23%7BUID%7D

Domain: a.videohead.tech
URL: https://a.videohead.tech/sync?ssp=68

Domain: a.adiam.tech
URL: https://a.adiam.tech/sync?ssp=29

Domain: mediatoday.ru
URL: https://mediatoday.ru/c/m.gif?s=32&id=366&reference=https%3A%2F%2Fmc.acint.net%2Fmatch%3Fdp%3D366%26euid%3D%7Bvisitor_id%7D

Domain: fcgi4.gnezdo.ru
URL: https://fcgi4.gnezdo.ru/cookie_matching/sape_ssp/

Domain: goo.su
URL: blob:https://goo.su/1c6cfa61-54eb-44ba-9612-5384172c2088

Domain: mc.yandex.com
URL: https://mc.yandex.com/watch/88477929/1?page-url=https%3A%2F%2Fgoo.su%2FA9GpEB&charset=utf-8&uah=chm%0A%3F0&hittoken=1745949209_69d79ded7caf3f2706e25b9b6965dbeb848932dc6ed57f5256f11acb6765d6dd&browser-info=pa%3A1%3Aar%3A1%3Avf%3A91r6djxnfa7uwydy6j81axfzfqaj%3Afu%3A0%3Aen%3Autf-8%3Ala%3Afi-FI%3Av%3A2020%3Acn%3A2%3Adp%3A1%3Als%3A98418462157%3Ahid%3A653370782%3Az%3A180%3Ai%3A20250429205330%3Aet%3A1745949210%3Ac%3A1%3Arn%3A552213670%3Arqn%3A2%3Au%3A1745949207955922493%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Aco%3A0%3Acpf%3A1%3Aeu%3A1%3Ans%3A1745949203121%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1745949210&t=gdpr(14)mc(p-2)clc(0-0-0)rqnt(2)aw(1)rcm(1)cdl(na)eco(42009088)dss(2)oms(0)ti(0)&force-urlencoded=1&site-info=%7B%22__ym%22%3A%7B%22adSessionID%22%3A%223665001745949208805%22%7D%7D

Domain: dmg.digitaltarget.ru
URL: https://dmg.digitaltarget.ru/1/1093/i/i?i=736708841755978.923136841950421&a=77&e=0400007F18121168E623EA910235D258&pref=https%3A%2F%2Fgoo.su%2F&c=ss:77.up:0400007F18121168E623EA910235D258.sync:up.xdua:duvqOoAhFCzT_WOQEkmFLALd.xps:xpsSbUG2hlgn5QdY044Hg1wIP.dn:acint__net.adcm:hit.tg:adcmjs_noorient%20adcmjs_init

Domain: an.yandex.ru
URL: https://an.yandex.ru/mapuid/yamts/5607175791745949210244

Domain: kraken.rambler.ru
URL: https://kraken.rambler.ru/cnt/v2/

Domain: staemcomnnumity.com
URL: https://staemcomnnumity.com/gift/id=703882

Domain: cm.a.mts.ru
URL: https://cm.a.mts.ru/cm/tech?flowId=0ad8d3f8-90df-189f-8191-0983a062000a&visId=8a7f80be40b9f02b8a7b4141ad869fec

Domain: staemcomnnumity.com
URL: https://staemcomnnumity.com/gift/id=703882

Verdicts & Comments Add Verdict or Comment

47 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

116 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
kimberlite.io/rtb/sync	1970-01-21 04:59:09	Name: f Value: https%3A%2F%2Fsync.dmp.otm-r.com%2Fmatch%2Fsolta_banner_video%3Fid%3DaBESGaEN49Y
kimberlite.io/rtb/sync	1970-01-21 04:59:09	Name: n Value: 1
.otclick-adv.ru/core/	1970-01-21 14:35:09	Name: idntfy Value: VU239hxdPDcHLuJ
kimberlite.io/rtb	1970-01-21 05:09:14	Name: da Value: KLqvcgAAAAE
.otclick-adv.ru/c/	1970-01-21 14:35:09	Name: idntfy Value: VU239hxdPDcHLuJ
goo.su/	1970-01-21 04:59:09	Name: block_ads Value: 1
goo.su/	1970-01-21 05:00:16	Name: XSRF-TOKEN Value: NnQwr4ZZNdVsLCtLMnTzN2ooBnD2E5rkkiQNxsYn
goo.su/	1970-01-21 05:00:16	Name: goosu_session Value: lNKAh1c1OuvuSOQSAfMX2kHcvRfsx9Tn5E9p4IVo
.goo.su/	1970-01-21 12:58:40	Name: tmr_lvid Value: 6b7792e5ae77dea8eac9f7df7f43273e
.goo.su/	1970-01-21 12:58:40	Name: tmr_lvidTS Value: 1745949205426
.goo.su/	1970-01-21 13:44:45	Name: adtech_uid Value: 20e3ed55-c3d0-40cb-9449-524d0e84611d%3Agoo.su
.goo.su/	1970-01-21 13:44:45	Name: top100_id Value: t1.6673155.1222265519.1745949206515
.goo.su/	1970-01-21 13:44:45	Name: _ym_uid Value: 1745949207955922493
.goo.su/	1970-01-21 13:44:45	Name: _ym_d Value: 1745949207
.goo.su/	1970-01-21 05:00:21	Name: _ym_isad Value: 2
.goo.su/	1970-01-21 14:35:09	Name: _ga Value: GA1.1.1478691121.1745949207
.goo.su/	1970-01-21 04:59:11	Name: _ym_visorc Value: w
.rambler.ru/	1970-01-21 14:35:09	Name: ruid Value: 1CIAABcSEWgBACz+A7DLywB=
.rambler.ru/	1970-01-21 14:35:09	Name: proto_uid Value: 1CIAABcSEWgBACz+A7DLywB=
goo.su/	1970-01-21 05:00:35	Name: tmr_detect Value: 0%7C1745949207733
.otm-r.com/	1970-01-21 13:44:45	Name: mpid Value: NjgxMTEyMTcwMTAxMDFiZQ==
goo.su/	1970-01-21 14:35:09	Name: fid Value: a1857ac8-48e4-43ff-891e-7b40e51858d3
goo.su/	1970-01-21 05:09:14	Name: domain_sid Value: OEdtP-3m0on32FLC4oahn%3A1745949208216
.otm-r.com/	1970-01-21 05:02:02	Name: otcm_all Value: svhr14
.yandex.ru/	1970-01-21 13:44:45	Name: receive-cookie-deprecation Value: 1
goo.su/	1970-01-21 14:35:09	Name: _ac_oid Value: 7530b1c8e208329f7fca104a98a93a40%3A1745952808534
.acint.net/	1970-01-21 05:42:21	Name: cSyncDp14v4 Value: 1745949208
.acint.net/	1970-01-21 04:59:09	Name: test_cookie Value: CheckForPermission
.acint.net/	1970-01-21 14:35:09	Name: aid Value: fwAABGgREhiR6iPmWNI1Ajq3N/tV5fnitiMrfO/4yVjZN3zz
.ssp-rtb.sape.ru/	1970-01-21 14:35:09	Name: sspuid Value: CkIDUWgREhkc1AR2TURhAnDERHEoedjqfB+IxvguCTV3XCbO
.acint.net/	1970-01-21 05:42:21	Name: cSyncDp14v6 Value: 1745949209
.acint.net/	1970-01-21 05:42:21	Name: cSyncDp17v2 Value: 1745949209
.acint.net/	1970-01-21 05:00:35	Name: cSyncDp45v5 Value: 1745949209
.acint.net/	1970-01-21 05:42:21	Name: cSyncDp53v5 Value: 1745949209
.acint.net/	1970-01-21 05:42:21	Name: cSyncDp62v2 Value: 1745949209
.acint.net/	1970-01-21 05:42:21	Name: cSyncDp67v3 Value: 1745949209
.acint.net/	1970-01-21 05:42:21	Name: cSyncDp68v3 Value: 1745949209
.acint.net/	1970-01-21 05:42:21	Name: cSyncDp71v2 Value: 1745949209
.acint.net/	1970-01-21 05:42:21	Name: cSyncDp85v2 Value: 1745949209
.acint.net/	1970-01-21 05:42:21	Name: cSyncDp95v4 Value: 1745949209
.acint.net/	1970-01-21 05:42:21	Name: cSyncDp98v3 Value: 1745949209
.acint.net/	1970-01-21 05:19:18	Name: cSyncDp104v2 Value: 1745949209
.acint.net/	1970-01-21 05:42:21	Name: cSyncDp107v2 Value: 1745949209
.acint.net/	1970-01-21 05:20:45	Name: cSyncDp125v4 Value: 1745949209
.acint.net/	1970-01-21 05:42:21	Name: cSyncDp126v3 Value: 1745949209
.acint.net/	1970-01-21 05:42:21	Name: cSyncDp129v2 Value: 1745949209
.acint.net/	1970-01-21 05:42:21	Name: cSyncDp136v3 Value: 1745949209
.acint.net/	1970-01-21 05:42:21	Name: cSyncDp148v2 Value: 1745949209
.acint.net/	1970-01-21 05:42:21	Name: cSyncDp149v3 Value: 1745949209
.acint.net/	1970-01-21 05:42:21	Name: cSyncDp151v2 Value: 1745949209
.acint.net/	1970-01-21 05:42:21	Name: cSyncDp251v3 Value: 1745949209
.acint.net/	1970-01-21 05:42:21	Name: cSyncDp186v2 Value: 1745949209
.acint.net/	1970-01-21 05:42:21	Name: cSyncDp217v2 Value: 1745949209
.acint.net/	1970-01-21 05:42:21	Name: cSyncDp226v1 Value: 1745949209
.acint.net/	1970-01-21 05:42:21	Name: cSyncDp239v3 Value: 1745949209
.acint.net/	1970-01-21 05:42:21	Name: cSyncDp243v2 Value: 1745949209
.acint.net/	1970-01-21 05:42:21	Name: cSyncDp260v2 Value: 1745949209
.acint.net/	1970-01-21 05:42:21	Name: cSyncDp244v2 Value: 1745949209
.acint.net/	1970-01-21 05:42:21	Name: cSyncDp248v3 Value: 1745949209
.acint.net/	1970-01-21 05:42:21	Name: cSyncDp261v1 Value: 1745949209
.acint.net/	1970-01-21 05:42:21	Name: cSyncDp264 Value: 1745949209
.acint.net/	1970-01-21 05:42:21	Name: cSyncDp274 Value: 1745949209
.acint.net/	1970-01-21 05:42:21	Name: cSyncDp289v2 Value: 1745949209
.acint.net/	1970-01-21 05:42:21	Name: cSyncDp296v2 Value: 1745949209
.acint.net/	1970-01-21 05:42:21	Name: cSyncDp312v1 Value: 1745949209
.acint.net/	1970-01-21 05:42:21	Name: cSyncDp313v1 Value: 1745949209
.acint.net/	1970-01-21 05:42:21	Name: cSyncDp368v1 Value: 1745949209
.acint.net/	1970-01-21 05:42:21	Name: cSyncDp331v1 Value: 1745949209
.acint.net/	1970-01-21 05:42:21	Name: cSyncDp351v1 Value: 1745949209
.acint.net/	1970-01-21 05:42:21	Name: cSyncDp361v1 Value: 1745949209
.acint.net/	1970-01-21 05:42:21	Name: cSyncDp353v1 Value: 1745949209
.acint.net/	1970-01-21 05:42:21	Name: cSyncDp362v1 Value: 1745949209
.acint.net/	1970-01-21 05:42:21	Name: cSyncDp366v1 Value: 1745949209
.acint.net/	1970-01-21 05:42:21	Name: cSyncDp390v1 Value: 1745949209
.moe.video/	1970-01-21 14:35:09	Name: uid Value: af830820392ea1669669
sync.opendsp.ru/	1969-12-31 23:59:59	Name: chk Value: 1
.bumlam.com/	1970-01-21 14:35:09	Name: suuid3 Value: IiRkYjk1Zjg5OC0yNTIyLTExZjAtYjYwYy0wMDI1OTBjODI0MzY*
.bidvol.com/	1970-01-21 14:35:09	Name: bvuid Value: pns0rv3xa1
.weborama.fr/	1970-01-21 14:25:04	Name: AFFICHE_W Value: yieBRGakNJnK82
.goo.su/	1970-01-21 13:44:45	Name: __ai_fp_uuid Value: 40555484528067ca%3A1
.buzzoola.com/	1970-01-21 05:42:21	Name: uuid Value: 55778954-2d6c-4578-4b65-a0f583d3fc3e
kimberlite.io/	1970-01-21 07:08:45	Name: u Value: aBESGaEN49Y~fiKYfgkGUicKD9ZgsSMo7m8CoME
.goo.su/	1970-01-21 09:18:21	Name: __eoi Value: ID=b31d229f27195f40:T=1745949209:RT=1745949209:S=AA-AfjZYQ1hnnTIv6xO5SxCpw07t
.alfasense.com/	1970-01-21 13:31:47	Name: uuid Value: a6aba6e3-fd95-456c-95be-2e4baf2f7eab
.adriver.ru/	1970-01-21 14:35:09	Name: cid Value: -5586623531
.buzzoola.com/	1970-01-21 04:59:52	Name: cookiesyncs Value: 000000000000000000000000d93dab9edf0912baf9008f35866978f1
sync.programmatica.com/	1969-12-31 23:59:59	Name: chk Value: 1
.dmg.digitaltarget.ru/	1970-01-21 14:35:09	Name: viuserid Value: oRud7pPGuQQcVReFnoc2
.goo.su/	1970-01-21 14:35:09	Name: __upin Value: o32IjbhOuNkwguyQDjk0dQ
.programmatica.com/	1970-01-21 14:35:09	Name: pid Value: MjViNTkwYmI2MDMzMDZjNQ
.acint.net/	1970-01-21 05:42:21	Name: cSyncDp7v3 Value: 1745949210
sync.gonet-ads.com/	1969-12-31 23:59:59	Name: chk Value: 1
.mts.ru/	1970-01-21 14:35:09	Name: ma_last_sync Value: 1745949210244
.mts.ru/	1970-01-21 14:35:09	Name: ma_id Value: 5607175791745949210244
.opendsp.ru/	1970-01-21 14:35:09	Name: pid Value: NDUyMWFhZTU4NDA5NzJhYQ
.ohmy.bid/	1970-01-21 05:42:21	Name: uid Value: 61797b91-8597-4753-9558-2d32eb9bf903.6811121a.254255daf5d51338
.gonet-ads.com/	1970-01-21 13:44:45	Name: pid Value: MjhhZDdkNjZhM2FhNDM0ZA
.acint.net/	1970-01-21 05:42:21	Name: cSyncDp241v2 Value: 1745949210
.skcrtxr.com/	1970-01-21 13:44:45	Name: rap_uid Value: b66e1bbd-0de8-46fb-953d-53137602f03f
.skcrtxr.com/	1970-01-21 13:44:45	Name: rxt_pxids_0 Value: eyJiYjkwNThlYi0xM2E1LTQzMmEtYWVlMC0wMWQwNmVhNWI3NTYiOjE3NDU5NDkyMTB9
.utraff.com/	1970-01-21 14:35:09	Name: utid Value: mEEuSukFHAwu-CZWvI-i3XUTvQanFrdSbykbVFG48HpLwpVfVOp2mWbvXLEUgt4r1SVfg_aAOOPBkQGwDIsNEQ
.aidata.io/	1970-01-21 14:35:09	Name: __upin Value: 6WPqIGJBSWwlosGQIh3PqQ
.aidata.io/	1970-01-21 14:35:09	Name: __upints Value: 1745949210
x01.aidata.io/	1970-01-21 05:03:28	Name: gi Value: 1
.upravel.com/	1970-01-21 04:59:09	Name: session_tptc Value: 1745949211116
sync.adspend.space/	1970-01-21 13:44:45	Name: as-user Value: 7304967b-ce9f-4d4e-9c18-2c13c69093cc
.goo.su/	1970-01-21 13:44:45	Name: ma_id Value: 5607175791745949210244
.mts.ru/	1970-01-21 13:31:47	Name: dspid Value: 20c05033-57cb-457e-bea7-dafecb77c5b5
.mts.ru/	1970-01-21 14:35:09	Name: ma_id_api Value: FMsF7FX47UhqGTF72CYkc5MMCS8WI5MNz6kJnYTfYtczbgggLSn+49tPOFUo533jDrgfLmESGssgNCrX5+owerkkigNhuHrnPRKNGkvl8P1rZj4P96+FMCCyfZgW3baj2MoJNotOvUvHljDpvyfmY2W7BI4hVcQ7wHRF0U5qavRxVd7RLOUoeaOdDAmnR8RjtVJNBBaNNeIUN5arSgJeQ7IOto6rRZx8muwIpRtwbBX1Fr91V9KyoPIv6uAGJPMlan6zdsydxHKdPNU9CDkL9EFvCaIQ9+WqcPPSDxVvWInogHICVPxmSsHcdu9/0nyW3RCVhvGEGUGqI5NGlE/psQ==
.a.mts.ru/	1970-01-21 04:59:11	Name: qrator_ssid Value: 1745949211.568.GYOpCWfwVWMpUsY4-t49p7nadb1cvgdhq1hp9vnn6knvr47cr
.goo.su/	1970-01-21 05:09:14	Name: _buzz_aidata Value: JTdCJTIydWZwJTIyJTNBJTIybzMySWpiaE91Tmt3Z3V5UURqazBkUSUyMiUyQyUyMmJyb3dzZXJWZXJzaW9uJTIyJTNBJTIyMTYuNSUyMiUyQyUyMnRzQ3JlYXRlZCUyMiUzQTE3NDU5NDkyMTAwNTclN0Q=
.goo.su/	1970-01-21 05:09:14	Name: _buzz_mtsa Value: JTdCJTIydWZwJTIyJTNBJTIyOGE3ZjgwYmU0MGI5ZjAyYjhhN2I0MTQxYWQ4NjlmZWMlMjIlMkMlMjJicm93c2VyVmVyc2lvbiUyMiUzQSUyMjE2LjUlMjIlMkMlMjJ0c0NyZWF0ZWQlMjIlM0ExNzQ1OTQ5MjExNjk3JTdE
.goo.su/	1970-01-21 14:35:09	Name: _ga_64YFP720ET Value: GS1.1.1745949206.1.0.1745949211.0.0.0
.goo.su/	1970-01-21 13:44:45	Name: t3_sid_6673155 Value: s1.947086519.1745949206516.1745949211768.1.6.1.0
top-fwz1.mail.ru/	1970-01-21 13:46:11	Name: PVID Value: 2poAkT0nuzYW00002c1DHKoW:::0-0-0-d2b6ad5-0-d2b6adb:CAASEKSX_RyPlFig5I6I1Tso4L4aYJeuvYmmK844pilBntkq5nOHy_ZhJ0zwn0H02BgpwjaJKAUpMMUhqTWJiSA9i9LDEaOwZqoRD8gcTx5MSP2Tm6WTG8HWiyqRwE_ulc5aweaYbQJNo3qpXd2ZmvU71w-TSw
.mail.ru/	1970-01-21 13:46:11	Name: VID Value: 2poAkT0nuzYW00002c1DHKoW:::0-0-0-d2b6ad5-0-d2b6adb:CAASEKSX_RyPlFig5I6I1Tso4L4aYJeuvYmmK844pilBntkq5nOHy_ZhJ0zwn0H02BgpwjaJKAUpMMUhqTWJiSA9i9LDEaOwZqoRD8gcTx5MSP2Tm6WTG8HWiyqRwE_ulc5aweaYbQJNo3qpXd2ZmvU71w-TSw

12 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
rendering	warning	URL: https://goo.su/A9GpEB Message: [GroupMarkerNotSet(crbug.com/242999)!:A080C1020C180000]Automatic fallback to software WebGL has been deprecated. Please use the --enable-unsafe-swiftshader flag to opt in to lower security guarantees for trusted content.
rendering	warning	URL: https://goo.su/A9GpEB Message: [GroupMarkerNotSet(crbug.com/242999)!:A0E0C1020C180000]Automatic fallback to software WebGL has been deprecated. Please use the --enable-unsafe-swiftshader flag to opt in to lower security guarantees for trusted content.
rendering	warning	URL: https://goo.su/A9GpEB Message: [GroupMarkerNotSet(crbug.com/242999)!:A04062090C180000]Automatic fallback to software WebGL has been deprecated. Please use the --enable-unsafe-swiftshader flag to opt in to lower security guarantees for trusted content.
rendering	warning	URL: https://goo.su/A9GpEB Message: [GroupMarkerNotSet(crbug.com/242999)!:A0D062090C180000]Automatic fallback to software WebGL has been deprecated. Please use the --enable-unsafe-swiftshader flag to opt in to lower security guarantees for trusted content.
javascript	error	URL: https://goo.su/A9GpEB Message: Access to XMLHttpRequest at 'https://skcrtxr.com/user-sync-api/sync' from origin 'https://goo.su' has been blocked by CORS policy: Request header field x-xsrf-token is not allowed by Access-Control-Allow-Headers in preflight response.
network	error	URL: https://skcrtxr.com/user-sync-api/sync Message: Failed to load resource: net::ERR_FAILED
rendering	warning	URL: https://goo.su/A9GpEB Message: [GroupMarkerNotSet(crbug.com/242999)!:A0D062090C180000]Automatic fallback to software WebGL has been deprecated. Please use the --enable-unsafe-swiftshader flag to opt in to lower security guarantees for trusted content.
rendering	warning	URL: https://goo.su/A9GpEB Message: [GroupMarkerNotSet(crbug.com/242999)!:A04062090C180000]Automatic fallback to software WebGL has been deprecated. Please use the --enable-unsafe-swiftshader flag to opt in to lower security guarantees for trusted content.
worker	warning	URL: https://goo.su/A9GpEB Message: [GroupMarkerNotSet(crbug.com/242999)!:A0B0C1020C180000]Automatic fallback to software WebGL has been deprecated. Please use the --enable-unsafe-swiftshader flag to opt in to lower security guarantees for trusted content.
worker	warning	URL: https://goo.su/A9GpEB Message: [GroupMarkerNotSet(crbug.com/242999)!:A0E0C1020C180000]Automatic fallback to software WebGL has been deprecated. Please use the --enable-unsafe-swiftshader flag to opt in to lower security guarantees for trusted content.
network	error	URL: https://ads.adlook.me/csync?pid=otm&uid=NjgxMTEyMTcwMTAxMDFiZQ%3D%3D Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network	error	URL: https://rtb.com.ru/otmrtb-sync?uid=NjgxMTEyMTcwMTAxMDFiZQ%3D%3D Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

5607175791745949210244.cm.a.mts.ru
7498794744558977470-otm.ops.beeline.ru
a.adiam.tech
a.adspector.io
a.atraffic.ru
a.lotus-dsp.ru
a.utraff.com
a.videohead.tech
acint.net
ad.mail.ru
ads.adlook.me
ads.betweendigital.com
ads.digitalcaramel.com
adx.com.ru
an.yandex.ru
api.a.mts.ru
cdn.digitalcaramel.com
cdn.jsdelivr.net
cdn.skcrtxr.com
ck.silvermob.com
cm.a.mts.ru
cmr.bidderstack.com
counter.yadro.ru
cs.agency2.ru
cs.alfasense.com
dm-eu.hybrid.ai
dmg.digitaltarget.ru
ev.adriver.ru
exchange.buzzoola.com
fcgi4.gnezdo.ru
fonts.googleapis.com
goo.su
hb-bidder.skcrtxr.com
hb.bumlam.com
kimberlite.io
kraken.rambler.ru
match.new-programmatic.com
match.ohmy.bid
match.qtarget.tech
matchid.adfox.yandex.ru
mc.acint.net
mc.yandex.com
mc.yandex.ru
mediatoday.ru
openfpcdn.io
otclick-adv.ru
pagead2.googlesyndication.com
pb.adriver.ru
pbs.alfasense.com
pix.bumlam.com
pixel.dsp.onetarget.ru
privacy-cs.mail.ru
px.adhigh.net
rap.skcrtxr.com
redirect-frontend.weborama-tech.ru
redirect.frontend.weborama.fr
region1.google-analytics.com
rpc.skcrtxr.com
rtb.com.ru
rtb.dynotech.io
rtb.moe.video
s.suprion.ru
sape-sync.rutarget.ru
skcrtxr.com
sm.rtb.mts.ru
sp.ohmy.bid
ssp-rtb.sape.ru
ssp-statistics.dev.dsp1.nominaltechno.com
ssp-statistics.dsp.nt.technology
ssp.adriver.ru
ssp.al-adtech.com
ssp.bidvol.com
ssp.hybrid.ai
st.top100.ru
staemcomnnumity.com
static.a.mts.ru
sync.adspend.space
sync.bumlam.com
sync.dmp.otm-r.com
sync.dsp.solta.io
sync.gonet-ads.com
sync.opendsp.ru
sync.otm-r.com
sync.programmatica.com
sync.rambler.ru
sync.techdsp.ru
sync.upravel.com
tag.digitaltarget.ru
top-fwz1.mail.ru
tube.buzzoola.com
videotarget-sync.rutarget.ru
vma.mts.ru
www.acint.net
www.googletagmanager.com
x01.aidata.io
yandex.ru
yastatic.net
yhb.p.otm-r.com
7498794744558977470-otm.ops.beeline.ru
a.adiam.tech
a.adspector.io
a.atraffic.ru
a.lotus-dsp.ru
a.utraff.com
a.videohead.tech
acint.net
ad.mail.ru
ads.adlook.me
ads.betweendigital.com
adx.com.ru
an.yandex.ru
ck.silvermob.com
cm.a.mts.ru
cmr.bidderstack.com
cs.agency2.ru
dmg.digitaltarget.ru
fcgi4.gnezdo.ru
goo.su
kimberlite.io
kraken.rambler.ru
match.new-programmatic.com
match.ohmy.bid
match.qtarget.tech
mc.acint.net
mc.yandex.com
mediatoday.ru
otclick-adv.ru
pbs.alfasense.com
pix.bumlam.com
pixel.dsp.onetarget.ru
redirect-frontend.weborama-tech.ru
redirect.frontend.weborama.fr
rtb.com.ru
rtb.dynotech.io
s.suprion.ru
skcrtxr.com
sm.rtb.mts.ru
sp.ohmy.bid
ssp-statistics.dev.dsp1.nominaltechno.com
ssp-statistics.dsp.nt.technology
ssp.al-adtech.com
ssp.hybrid.ai
staemcomnnumity.com
sync.adspend.space
sync.bumlam.com
sync.dmp.otm-r.com
sync.dsp.solta.io
sync.gonet-ads.com
sync.opendsp.ru
sync.otm-r.com
sync.rambler.ru
sync.techdsp.ru
sync.upravel.com
vma.mts.ru
yastatic.net
104.26.2.56
13.32.99.118
139.45.228.135
142.132.138.214
142.132.138.215
142.250.185.130
151.101.193.229
151.236.118.162
151.236.71.248
158.160.39.250
158.160.40.8
158.160.49.136
172.217.18.8
172.240.127.128
172.67.74.180
176.114.85.200
185.149.242.236
185.15.175.134
185.15.175.158
185.65.149.228
188.114.96.3
193.232.148.144
193.232.150.71
193.3.184.216
194.55.244.177
194.55.244.181
194.55.244.189
195.209.109.18
195.209.109.25
195.209.109.27
195.209.109.30
213.180.193.90
216.239.34.36
216.58.206.42
217.199.220.72
31.172.81.147
31.172.81.172
35.190.24.218
37.0.127.205
37.0.127.91
37.230.131.16
37.230.131.21
37.9.64.225
45.138.161.80
45.139.25.121
46.148.230.54
46.243.142.239
46.243.142.48
46.243.201.48
51.250.75.211
65.109.65.187
65.109.65.188
65.109.72.77
77.88.21.119
77.88.55.88
85.198.116.123
88.212.201.204
89.108.120.76
93.158.134.118
94.139.255.28
95.163.52.67
95.163.52.89
95.181.182.182
033696b7f1ac04d1dcc102be84550e146236ceffc25a6cabc12aa51a6ee410b9
04c153fcfa1e456179e4680a25db46533a0140a59137adb4f3fe9d43b7afee9f
04d05978fdb111358073ab0524e5c1fafc0826615c206987618416b8bd8a4747
0e7e3045519beaff2095d4a64b8dfb1b581013eb5b8f4b3549983c69abe7139b
157c63e138ba230414b7e3e400fedf93ca23ef1f1dec7dd35b9a21f9129a5aa9
177ee7a15aacfde6214548defd97871d3eff0799efed1a7486991a2cbbda24af
24e480e4659fbae818853a38f8a3036f529f539024dc3e772c0b594ce02ea9db
29cb26e06f2a4a877f1134a46480d9b78f8b6e0e6f9b0fe67e34307c312b5a89
31c24d721a9593bfdbfeed9b9177a9d2a5c2bbca20c06de4167224847dc7782b
3c8f27e6009ccfd710a905e6dcf12d0ee3c6f2ac7da05b0572d3e0d12e736fc8
43a597f9294363921fcc8f10f904f3843ea9c4c5f931fb5a133428bfd5d544e9
44ad04fe06c0306722382f8a28d49876eaa87605d6b5a2ad8f24784358b6bdc5
44da6a793e23af4584da27ec4c3b62ff576074f9dd124583d4613b0ce80cecb6
48ce785a09c4914f4a46d4f25c4256cc294615c0aa3b73f5747dc43caffdfdf9
4b0ccc890c49cc9c37cde61cb7625ea72b9e8ece196f9db3f92209d43889b3e2
4cdeb02fd6f90275e3410e58333ab2cbfa27a96be8deb43f2286397ca6fef4fa
4eb439ea0ef5cbb8d0807f23fe045bc4168ba598615f9d2ab7fb4be978c26ce5
5298bc5e9044dca77d5457493e3e1ffd023b48d580f969bb481c11ca3eff2a59
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
57d0186a70b90b8e31052c16631e54ee6aaa30e7ebaf8c25671cc9b350a54de1
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6d5c310eb7610d84cb1b06b865e507d4037e6d3c6c33d52d41a24aa1708abf14
6dfe4d6ce9f7de66147285ccb0ce652245bb108dfedde7a174d89c2914710930
7808605ddd1f0eaa454aa444293d2f0260943e51e53838fca46506e6a69fe521
7921debb14e1af776443c9694c74b96929be5b4a2293810777876829fcf26475
7b2d18d3dc9861604cbbde63dd9218e12a6cac1a06f52b877eddf61f9f7c3b37
7b5f5ee7f72d94f9694569fd0b2c064e317c41949575486100562d8ea0610787
82cb517a8f80c91dfcec543c6d140deb3baaf463ea9e77655475096eba7bc7d9
846949c5a40e3ffbb702473e54dfac0646541aa624a844369b6e24e51ddaf96b
8f25713e3e38248e655e68988a8dba7181b8d3c233b2e4368d53a98c8250532c
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5
952de987eda356dc43015412de55c0826fcf291375a36e8ac56a9114f3b5a19a
986cbbf447b30f65af52c0d22e9e21c758ed6c1f90f01be25695f0462de06db7
9ac92dd22b771410a6944726d1ed1fd7a7faaf239c2d80eab0bc1233e6ce95d2
9bf6e6efa2bdf5dabcff00855f99379feaf4aec7320e325e5cf90a2bbcf01152
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a29ee2b15c494311c52521766e44af56a3ad2248e7a8ab465e5206463c13d288
a6f3c4eb8378e0bd2852618eacf0a02ff8147155da4d5fb765d89989327cd1cc
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
ad7fa1c6b844b3b8d25788b65ffca08d45ebb1ba2742c587f97b18d9ec21bbfa
af6a7a0e9a51a5269e9104962f53a2d8c6efff8802fa73b598b727665d2547ef
c5b7be7ff5a92d4d03ae4b96a3931d1349f726affed96d8b64ecbd1ef7de598f
c8c1535e64de7426799586119ad56a7f1925a2a4d00a74aeff1dd3c965e49baf
ce301b9b7c156672c16d417f5d9ff9c7813187b468cc4a7f7526a1bac2e21c25
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d0409a1b73dab4e29dc40f92fb431fa9133baa23b4a1ffae4897f39068110e32
d08f22e06aa1a1b8001d2816d6a013661b0600e83024fc1c33321a0f8c69a8e0
d1bd66114d89991f1bde12195de2931aee9c4c9269b385bd31c76cfcbca483f9
d445e80ee14bd07457277f264ad5c5120fda2777ae308c77c613acc963ffca03
d4af93a316edb4764245b4bb7394a2a96d296451a8fa5743482ae2715a3feec4
d661db00e3bbb388796ff77a4020d8dca3ec169fda5bcd35025b6a63e6d26347
dafaebb1489c165856c019839c1128327f1af3f709ace70da1a757e3a62cb015
dcc6ad64155f63a925962d32333776b8428a5891ecedcc37d9b1ae2b33fa439c
e10cd8d343f9c37e3500c69d92f7ac7e78b6c7df29a2ace8cffe71bfa494e8c9
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4222715b556e7d99622c83e620d2f8e090047e56adb07923047f95828d561f2
e908b243a8d7f36576a6a3cb07d339b840067014b6427b2855dc78e67c9e7350
ed71a649c7afe37dc8843a1f80e2ac0bdf364e0d66e81002f0c54765aee37b7a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f1b2f8b0b9812dc474617da6e32292ea1faf96c8603cfb77be61e38b55702bb8
f1ddcfca102f9f64df0644bf72630ebb907cd5bbb8a43e3ef5b6d2c55b7c4213
fbdb44f2d09689e158a936ddf847eada264db3fa11a8f3e2e63e0dbc8620d722
fda0897f4cdbbab911245c9ebaa4885f54a7e572b8c9b071dc976d1d27cab1a6

goo.su Open in urlscan Pro 104.26.2.56 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

201 Requests

45 %HTTPS

0 %IPv6

67 Domains

98 Subdomains

54 IPs

8 Countries

1244 kBTransfer

3856 kBSize

116 Cookies

0 Outgoing links

Redirected requests

201 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 3 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

goo.su Open in urlscan Pro
104.26.2.56 Public Scan

Screenshot
Live screenshot

Full Image

201
Requests

45 %
HTTPS

0 %
IPv6

67
Domains

98
Subdomains

54
IPs

8
Countries

1244 kB
Transfer

3856 kB
Size

116
Cookies

201 HTTP transactions
3 data transactions