instructionss.yonote.ru Open in urlscan Pro
84.201.174.160 Public Scan

URL: https://goo.su/U5LZ4Kv
Title: https://goo.su/U5LZ4Kv

URL: https://t.me/GamersGalaxyManager
Title: https://t.me/GamersGalaxyManager

URL: https://t.me/GamersGalaxyBot
Title: https://t.me/GamersGalaxyBot

URL: https://create.roblox.com/dashboard/creations
Title: https://create.roblox.com/dashboard/creations

server-3-161-213-7.yul62.r.cloudfront.net

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://goo.su/wRsqq Page URL
https://instructionss.yonote.ru/share/5d6a1486-64ee-479b-91a7-3c9e2a3536b9 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 12

https://counter.yadro.ru/hit?t44.11;r;s1600*1200*24;uhttps%3A//goo.su/wRsqq;hRedirecting;0.3428345168689938 HTTP 302
https://counter.yadro.ru/hit?q;t44.11;r;s1600*1200*24;uhttps%3A//goo.su/wRsqq;hRedirecting;0.3428345168689938

Request Chain 30

https://mc.yandex.com/sync_cookie_image_check?scid=c078f6cb-b0e2-1c09-7715-308fff4d7fc3&cid=99705705 HTTP 302
https://mc.yandex.ru/sync_cookie_image_start?cid=99705705&redirect_domain=mc.yandex.com&scid=c078f6cb-b0e2-1c09-7715-308fff4d7fc3&token=10680.gzzP5Vcp766Eg5rVxtsMKmq4yQ4mq0IGONYGPCVNMBx-65D8uJ9Pe55C5t-OICpp.e6uqeAZGlUXBCMKWhpgFEBjuvZ4%2C HTTP 302
https://mc.yandex.com/sync_cookie_image_decide?cid=99705705&scid=c078f6cb-b0e2-1c09-7715-308fff4d7fc3&token=10680.FlWlomsHbT5g0rp95VK8nfn4xiWCI3bXMTc4T_hAiS42uLNoXpA0y1Bf7ul0EEkGRhrwYWVVj3kAoqaiWDtFHpMFIv34xlB2KepTA9O4S2WENeCRx-wUhhICF3B5jg9sRWE2JJQ_o0oeqRB1RxWKBrLlUh-q9t4tEX9DCDt4R-kG6cUSdx-DJQeS0sd651NAmGgYPlL_mDBloKhei7b2er5Uy11Sk5lbqzyhRqYS4mE%2C.KfQeOlL7GwZH7aoGEFBGwatnICo%2C

Request Chain 43

https://mc.yandex.com/watch/99705705?wmode=7&page-url=https%3A%2F%2Fgoo.su%2FwRsqq&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A91r6djxnfa7uwydy6j81axfzfqaj%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-CA%3Av%3A2050%3Acn%3A1%3Adp%3A0%3Als%3A432893264637%3Ahid%3A129762957%3Az%3A-420%3Ai%3A20250527203347%3Aet%3A1748403227%3Ac%3A1%3Arn%3A1051744109%3Arqn%3A1%3Au%3A174840322737980438%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Afp%3A2412%3Awv%3A2%3Ads%3A0%2C167%2C733%2C26%2C1%2C0%2C%2C1391%2C0%2C%2C%2C%2C2637%3Aco%3A0%3Acpf%3A1%3Ans%3A1748403222428%3Agi%3AR0ExLjEuMTA3NjQxNzA2My4xNzQ4NDAzMjI2%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1748403228%3At%3ARedirecting&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)rcm(1)cdl(na)eco(42009092)ti(1) HTTP 302
https://mc.yandex.com/watch/99705705/1?wmode=7&page-url=https%3A%2F%2Fgoo.su%2FwRsqq&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A91r6djxnfa7uwydy6j81axfzfqaj%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-CA%3Av%3A2050%3Acn%3A1%3Adp%3A0%3Als%3A432893264637%3Ahid%3A129762957%3Az%3A-420%3Ai%3A20250527203347%3Aet%3A1748403227%3Ac%3A1%3Arn%3A1051744109%3Arqn%3A1%3Au%3A174840322737980438%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Afp%3A2412%3Awv%3A2%3Ads%3A0%2C167%2C733%2C26%2C1%2C0%2C%2C1391%2C0%2C%2C%2C%2C2637%3Aco%3A0%3Acpf%3A1%3Ans%3A1748403222428%3Agi%3AR0ExLjEuMTA3NjQxNzA2My4xNzQ4NDAzMjI2%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1748403228%3At%3ARedirecting&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29rcm%281%29cdl%28na%29eco%2842009092%29ti%281%29

Request Chain 44

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENRuuhgUSagszJVccE7Zq0k&google_cver=1

Request Chain 45

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=aDaEHdHM7T8AOcPLAOrfqQAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDvhb1d5I1FayYAstW3w8Qw&google_cver=1

Request Chain 46

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEC77H3ZnIOBzP3fPvPhv7fM&google_cver=1

Request Chain 47

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzYxMjE2NDA5NDczMzQ4MjMwMw%3D%3D

Request Chain 56

https://sync.dmp.otm-r.com/match/aotm.js HTTP 302
https://sync.dmp.otm-r.com/match/aotm.js?otcm_check=1748403230

Request Chain 69

https://www.acint.net/mc/?dp=14&pi=1753819 HTTP 302
https://www.acint.net/mc/?dp=14&tc=1&pi=1753819

Request Chain 97

https://acint.net/cmatch/?dp=14&pi=1753819 HTTP 302
https://ssp-rtb.sape.ru/rmatch/?r=https%3A%2F%2Facint.net%2Frmatch%3Fdp%3D14%26euid%3D%24%7BUSER_ID%7D%26r%3Dhttps%253A%252F%252Fmc.acint.net%252Fcmatch%253Fdp%253D14

Request Chain 126

https://www.acint.net/rmatch?dp=68&euid=NjgzNjg0MWUwZDQ3Y2Y3OA%3D%3D&r=https%3A%2F%2Fsync.dmp.otm-r.com%2Fmatch%2Fsape_stable%3Fid%3D%24%7BUSER_ID%7D HTTP 302
https://ssp-rtb.sape.ru/rmatch?r=https%3A%2F%2Facint.net%2Frmatch%3Fdp%3D14%26euid%3D$%7BUSER_ID%7D%26r%3Dhttps%253A%252F%252Fsync.dmp.otm-r.com%252Fmatch%252Fsape_stable%253Fid%253D%2524%257BUSER_ID%257D&dp=14

Request Chain 194

https://instructionss.yonote.ru/api/attachments.redirect?id=d95c0127-bce3-4144-b325-de03d1059e61&shareId=5d6a1486-64ee-479b-91a7-3c9e2a3536b9&documentId=820101f3-6231-4149-a3a2-b507439b7ffb HTTP 302
https://storage.yandexcloud.net/yonote/uploads/104c0a82-df62-4d07-a190-8a0404554543/93778d3b-d806-4600-bc23-e7305c375b0d/Gamers%20Galaxy.mp4

209 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H3 200 wRsqq Show response
goo.su/ 13 KB
5 KB 900ms
733ms Document
text/html 104.26.2.56
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL: https://goo.su/wRsqq
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.26.2.56 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/8.2.13
Resource Hash: 449181e516a4ff99a8a8d9fa93b8e78bfa2739fdd1f134478640a7a38a731e13

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: private, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 946ab12d9e16841a-YVR
content-encoding: zstd
content-type: text/html; charset=UTF-8
date: Wed, 28 May 2025 03:33:43 GMT
expires: -1
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma: no-cache
priority: u=0,i
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=NCsyZl74vKPUsQCnGKDS59h5KXMzW0Ar0CMBAPcHL5BP90Ey%2B8fqpQWLYSprMPor0ITbVyQbfKZEnzY5ibhvsB%2FqPMZS2dWt9fwZ8Gw1bjKG5jG%2F01lwiV4%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
server-timing: cfL4;desc="?proto=QUIC&rtt=91752&min_rtt=73755&rtt_var=34763&sent=12&recv=11&lost=0&retrans=0&sent_bytes=4260&recv_bytes=4533&delivery_rate=220&cwnd=12000&unsent_bytes=0&cid=5638f0f5de518241&ts=830&x=1" cfExtPri cfHdrFlush;dur=0
vary: Accept-Encoding
x-powered-by: PHP/8.2.13

GET
H2 200 css
fonts.googleapis.com/ 6 KB
2 KB 1159ms
243ms Stylesheet
text/css 172.253.63.95
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open%20Sans:400&display=swap

Requested by

Host: goo.su
URL: https://goo.su/wRsqq

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.253.63.95 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bi-in-f95.1e100.net

Software

ESF /

Resource Hash

719d2fc548145fa8d8361205f6fcb49eefc54c71fbb18e6320a60a263f40637a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://goo.su/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Wed, 28 May 2025 03:33:44 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 28 May 2025 03:33:44 GMT
content-type: text/css; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified: Wed, 28 May 2025 03:33:44 GMT
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-xss-protection: 0
server: ESF

GET
H2 200 css
fonts.googleapis.com/ 6 KB
2 KB 1150ms
243ms Stylesheet
text/css 172.253.63.95
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:400&display=swap

Requested by

Host: goo.su
URL: https://goo.su/wRsqq

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.253.63.95 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bi-in-f95.1e100.net

Software

ESF /

Resource Hash

1ede014f47795c3d04812b724ef687909970f776d37854e7312a5ad859c84e41

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://goo.su/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Wed, 28 May 2025 03:33:44 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 28 May 2025 03:33:44 GMT
content-type: text/css; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified: Wed, 28 May 2025 01:36:02 GMT
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-xss-protection: 0
server: ESF

GET
H2 200 bootstrap.min.css
cdn.jsdelivr.net/npm/bootstrap@5.3.3/dist/css/ 227 KB
28 KB 878ms
83ms Stylesheet
text/css 104.16.174.226
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL

https://cdn.jsdelivr.net/npm/bootstrap@5.3.3/dist/css/bootstrap.min.css

Requested by

Host: goo.su
URL: https://goo.su/wRsqq

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.174.226 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3c8f27e6009ccfd710a905e6dcf12d0ee3c6f2ac7da05b0572d3e0d12e736fc8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Origin: https://goo.su
Referer: https://goo.su/

Response headers

access-control-expose-headers: *
content-encoding: br
cf-cache-status: HIT
etag: W/"38d63-xawd7pYctZoEUlbsID9p4xeHL3w"
age: 1520887
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=uISexEOONXX9ZWeC6uDG4qeikd%2BfkbPcmL3Rr0qZgF4xFLFjkl928aqi1imMjDe9dx3AiospX59wlc0HuEiLI07V9flnZWMWStcON08GQfOyZNf9HqiFs48kJ7gTnVxIWh8%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
x-jsd-version-type: version
alt-svc: h3=":443"; ma=86400
x-cache: HIT, HIT
date: Wed, 28 May 2025 03:33:44 GMT
content-type: text/css; charset=utf-8
x-served-by: cache-fra-eddf8230118-FRA, cache-lga21925-LGA
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
cross-origin-resource-policy: cross-origin
cf-ray: 946ab137ee3a9396-YVR
accept-ranges: bytes
access-control-allow-origin: *
content-length: 27432
server: cloudflare
x-jsd-version: 5.3.3

GET
H3 200 alpine.min.js Show response
cdn.jsdelivr.net/npm/alpinejs@2.x.x/dist/ 26 KB
9 KB 292ms
107ms Script
application/javascript 104.16.174.226
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL

https://cdn.jsdelivr.net/npm/alpinejs@2.x.x/dist/alpine.min.js

Requested by

Host: goo.su
URL: https://goo.su/wRsqq

Protocol

Security

QUIC, , AES_128_GCM

Server

104.16.174.226 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6d5c310eb7610d84cb1b06b865e507d4037e6d3c6c33d52d41a24aa1708abf14

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://goo.su/

Response headers

access-control-expose-headers: *
content-encoding: br
cf-cache-status: HIT
etag: W/"6965-ytDMsi7o5Jy/SCokY1+PFUOZmNk"
age: 36189
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=6UhdqZ64uJlj7mZZW97bkOQmxp0H1ZnggmUu%2FIlGjw2RT6NFX%2FtKQAJ79B8pl%2FIP0BTSkNPzNAOwfrO9pjDUK1qioBuBDcrkMEE8b1yBZ54EaxtCtXoVXsj6T0Pi96aYRW0%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
x-jsd-version-type: version
alt-svc: h3=":443"; ma=86400
x-cache: HIT, HIT
server-timing: cfExtPri
date: Wed, 28 May 2025 03:33:44 GMT
content-type: application/javascript; charset=utf-8
x-served-by: cache-fra-eddf8230072-FRA, cache-lga21960-LGA
vary: Accept-Encoding
priority: u=3,i=?0
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=604800, s-maxage=43200
timing-allow-origin: *
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
cross-origin-resource-policy: cross-origin
cf-ray: 946ab13bece38435-YVR
accept-ranges: bytes
access-control-allow-origin: *
content-length: 8836
server: cloudflare
x-jsd-version: 2.8.2

GET
H2 200 v0 Show response
openfpcdn.io/botd/ 17 KB
7 KB 1150ms
230ms Script
text/javascript 3.161.213.7
AMAZON-02

General

Check archive.org

Download Go to

Full URL

https://openfpcdn.io/botd/v0

Requested by

Host: goo.su
URL: https://goo.su/wRsqq

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

3.161.213.7 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

CloudFront /

Resource Hash

d661db00e3bbb388796ff77a4020d8dca3ec169fda5bcd35025b6a63e6d26347

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://goo.su/

Response headers

content-encoding: gzip
etag: W/"5KqoidcxiD9rCNQJsghpkCGPfjg"
age: 9341
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
x-cache: Hit from cloudfront
x-amz-cf-id: TH3OTVLlMDAXzbV88_DE8Dpy-atlTkYUc_0SEVdZCNMspj3KGwM2OA==
date: Wed, 28 May 2025 00:58:03 GMT
content-type: text/javascript; charset=utf-8
vary: Accept-Encoding
strict-transport-security: max-age=63072000; includeSubDomains; preload
cache-control: public, max-age=625968, s-maxage=10838
cross-origin-resource-policy: cross-origin
via: 1.1 f4979fa9d388cee1327b2a7fad0fcbfa.cloudfront.net (CloudFront)
access-control-allow-origin: *
x-amz-cf-pop: YUL62-P1
server: CloudFront

GET
H3 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 156 KB
52 KB 499ms
166ms Script
text/javascript 142.251.111.154
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-2221698569877911

Requested by

Host: goo.su
URL: https://goo.su/wRsqq

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.111.154 Farmingdale, United States, ASN15169 (GOOGLE, US),

Reverse DNS

bk-in-f154.1e100.net

Software

cafe /

Resource Hash

704b0ac2f02490c65abe6de967de24667614ddba229563f59054653fdc678107

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Origin: https://goo.su
Referer: https://goo.su/

Response headers

content-encoding: br
etag: 4117161325806671606
x-content-type-options: nosniff
expires: Wed, 28 May 2025 03:33:45 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date: Wed, 28 May 2025 03:33:45 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
content-disposition: attachment; filename="f.txt"
link: <https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
content-length: 53342
x-xss-protection: 0
server: cafe

GET
H3 200 redirect.js Show response
goo.su/frontend/js/ 86 KB
33 KB 141ms
126ms Script
application/javascript 104.26.2.56
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL: https://goo.su/frontend/js/redirect.js?id=399eaf833ac5f607b305c4ace0c25eb5
Requested by: Host: goo.su
URL: https://goo.su/wRsqq
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.26.2.56 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9ac92dd22b771410a6944726d1ed1fd7a7faaf239c2d80eab0bc1233e6ce95d2

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://goo.su/wRsqq

Response headers

content-encoding: zstd
cf-cache-status: HIT
etag: W/"65896ec2-156eb"
age: 591051
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=bazsZx8KiTxHYG005%2F8g5OITldt7vF0%2FBsgURWEma1PhiJ5OdYVlL1qw4GFFWha77DX5ptL4sTKDMsK1t39dc14NUrrvGRbd2uHAjw7XJBn3Ih%2F8LxiSGo4%3D"}],"group":"cf-nel","max_age":604800}
expires: Wed, 28 May 2025 07:22:53 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=87361&min_rtt=73755&rtt_var=21263&sent=19&recv=15&lost=0&retrans=0&sent_bytes=9345&recv_bytes=5049&delivery_rate=64529&cwnd=12000&unsent_bytes=0&cid=5638f0f5de518241&ts=2342&x=1", cfExtPri, cfHdrFlush;dur=0
date: Wed, 28 May 2025 03:33:44 GMT
content-type: application/javascript
last-modified: Mon, 25 Dec 2023 12:00:02 GMT
vary: Accept-Encoding
priority: u=3,i=?0
cache-control: max-age=604800
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 946ab13aea30841a-YVR
server: cloudflare

GET
H2 200 caramel.js Show response
ads.digitalcaramel.com/ 103 KB
21 KB 1419ms
414ms Script
application/javascript 65.109.72.77
HETZNER-AS Hetzne...

General

Check archive.org

Download Go to

Full URL

https://ads.digitalcaramel.com/caramel.js?ts=1748403224718

Requested by

Host: goo.su
URL: https://goo.su/wRsqq

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

65.109.72.77 Helsinki, Finland, ASN24940 (HETZNER-AS Hetzner Online GmbH, DE),

Reverse DNS

static.77.72.109.65.clients.your-server.de

Software

nginx /

Resource Hash

8ef404102f3f416c052a2917e5334135483a31db1f0346cc7b8acca3c11faa5b

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' http: https: ws: wss: data: blob: 'unsafe-inline'; frame-ancestors 'self';
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://goo.su/

Response headers

content-encoding: gzip
etag: W/"6819b877-19a53"
x-content-type-options: nosniff
expires: Wed, 04 Jun 2025 03:33:46 GMT
date: Wed, 28 May 2025 03:33:46 GMT
content-type: application/javascript
last-modified: Tue, 06 May 2025 07:21:27 GMT
vary: Accept-Encoding
x-frame-options: DENY
strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: default-src 'self' http: https: ws: wss: data: blob: 'unsafe-inline'; frame-ancestors 'self';
cache-control: max-age=604800
referrer-policy: no-referrer-when-downgrade
permissions-policy: interest-cohort=()
x-xss-protection: 1; mode=block
server: nginx

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 256 KB
90 KB 639ms
235ms Script
application/javascript 142.251.111.97
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-TRGNQBDL

Requested by

Host: goo.su
URL: https://goo.su/wRsqq

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.111.97 Farmingdale, United States, ASN15169 (GOOGLE, US),

Reverse DNS

bk-in-f97.1e100.net

Software

Google Tag Manager /

Resource Hash

04be51c32b0e821f3a57af67ee19b3b223d2600e318177e97864191530a84c7d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://goo.su/

Response headers

content-encoding: br
report-to: {"group":"ascgcycc:1319:0","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:1319:0"}],}
expires: Wed, 28 May 2025 03:33:45 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 28 May 2025 03:33:45 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
last-modified: Wed, 28 May 2025 03:00:00 GMT
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:1319:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=ascgcycc:1319:0
content-length: 91274
x-xss-protection: 0
server: Google Tag Manager

GET
H2 200 tag.js Show response
mc.yandex.ru/metrika/ 234 KB
79 KB 1609ms
730ms Script
application/javascript 87.250.250.119
YANDEX YANDEX LLC

General

Check archive.org

Download Go to

Full URL

https://mc.yandex.ru/metrika/tag.js

Requested by

Host: goo.su
URL: https://goo.su/wRsqq

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

87.250.250.119 , Russian Federation, ASN13238 (YANDEX YANDEX LLC, RU),

Reverse DNS

server-3-161-213-7.yul62.r.cloudfront.net

Software

Resource Hash

c012d64866fd00046bee684ef67badc5ea0574ad9b24630d00710d91ef6e8dac

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://goo.su/

Response headers

strict-transport-security: max-age=31536000
cache-control: max-age=3600
timing-allow-origin: *
content-encoding: br
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
etag: "682ddc70-13933"
expires: Wed, 28 May 2025 04:33:45 GMT
access-control-allow-origin: *
content-length: 80179
date: Wed, 28 May 2025 03:33:45 GMT
content-type: application/javascript
last-modified: Wed, 21 May 2025 14:00:16 GMT

GET
H2 200 code.js Show response
top-fwz1.mail.ru/js/ 46 KB
20 KB 1161ms
399ms Script
application/javascript 95.163.52.67
VK-AS LLC VK

General

Check archive.org

Download Go to

Full URL

https://top-fwz1.mail.ru/js/code.js

Requested by

Host: goo.su
URL: https://goo.su/wRsqq

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

95.163.52.67 , Russian Federation, ASN47764 (VK-AS LLC VK, RU),

Reverse DNS

top-fwz1.mail.ru

Software

nginx /

Resource Hash

952de987eda356dc43015412de55c0826fcf291375a36e8ac56a9114f3b5a19a

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://goo.su/

Response headers

access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
content-encoding: gzip
etag: W/"678773c1-b956"
access-control-allow-methods: GET, POST, HEAD, PUT, OPTIONS
x-content-type-options: nosniff
accept-ch-lifetime: 86400
expires: Wed, 28 May 2025 04:33:45 GMT
p3p: CP="NOI DSP COR NID CUR PSA OUR NOR"
date: Wed, 28 May 2025 03:33:45 GMT
content-type: application/javascript
last-modified: Wed, 15 Jan 2025 08:37:21 GMT
access-control-allow-headers: *
cache-control: max-age=3600, private
timing-allow-origin: *
accept-ch: DPR, Width, Viewport-Width, Downlink, Device-Memory, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version
access-control-allow-credentials: true
amp-access-control-allow-source-origin: *
access-control-allow-origin: *
server: nginx

GET
H/1.1

200
OK

hit
counter.yadro.ru/
Redirect Chain

https://counter.yadro.ru/hit?t44.11;r;s1600*1200*24;uhttps%3A//goo.su/wRsqq;hRedirecting;0.3428345168689938
https://counter.yadro.ru/hit?q;t44.11;r;s1600*1200*24;uhttps%3A//goo.su/wRsqq;hRedirecting;0.3428345168689938

132 B
618 B

255ms
253ms

Image
image/gif

88.212.202.52
UNITEDNET EDINAYA...

General

Check archive.org

Download Go to Show image

Full URL

https://counter.yadro.ru/hit?q;t44.11;r;s1600*1200*24;uhttps%3A//goo.su/wRsqq;hRedirecting;0.3428345168689938

Requested by

Host: goo.su
URL: https://goo.su/wRsqq

Protocol

HTTP/1.1

Server

88.212.202.52 , Russian Federation, ASN39134 (UNITEDNET EDINAYA SET LIMITED LIABILITY COMPANY, RU),

Reverse DNS

host152.rax.ru

Software

nginx/1.17.9 /

Resource Hash

e10cd8d343f9c37e3500c69d92f7ac7e78b6c7df29a2ace8cffe71bfa494e8c9

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://goo.su/

Response headers

Strict-Transport-Security: max-age=86400
Cache-control: no-cache
Pragma: no-cache
Connection: keep-alive
Expires: Mon, 27 May 2024 21:00:00 GMT
Access-Control-Allow-Origin: *
Content-Length: 132
P3P: policyref="/w3c/p3p.xml", CP="UNI"
Date: Wed, 28 May 2025 03:33:46 GMT
Content-Type: image/gif
Server: nginx/1.17.9

Redirect headers

Strict-Transport-Security: max-age=86400
Cache-control: no-cache
Location: https://counter.yadro.ru/hit?q;t44.11;r;s1600*1200*24;uhttps%3A//goo.su/wRsqq;hRedirecting;0.3428345168689938
Pragma: no-cache
Connection: keep-alive
Expires: Mon, 27 May 2024 21:00:00 GMT
Content-Length: 32
P3P: policyref="/w3c/p3p.xml", CP="UNI"
Date: Wed, 28 May 2025 03:33:46 GMT
Content-Type: text/html
Server: nginx/1.17.9

GET
H2 200 top100.js Show response
st.top100.ru/top100/ 129 KB
38 KB 1607ms
411ms Script
application/javascript 151.236.71.248
CDNetworks GLOBAL...

General

Check archive.org

Download Go to

Full URL: https://st.top100.ru/top100/top100.js
Requested by: Host: goo.su
URL: https://goo.su/wRsqq
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 151.236.71.248 Moscow, Russian Federation, ASN204720 (CDNetworks GLOBAL CLOUD NETWORK LLC, RU),
Reverse DNS
Software: nginx /
Resource Hash: 44ad04fe06c0306722382f8a28d49876eaa87605d6b5a2ad8f24784358b6bdc5

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://goo.su/

Response headers

x-cdn-edge-id: 2315
x-obs-id-2: 32AAAQAAEAABAAAQAAEAABAAAQAAEAABCTAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
x-cdn-edge-cache: HIT
content-encoding: gzip
x-obs-meta-s3cmd-attrs: atime:1744718263/ctime:1744718263/gid:0/gname:root/md5:a2e714378321ae704b68d53a14b89c1f/mode:33188/mtime:1744717654/uid:0/uname:root
etag: W/"a2e714378321ae704b68d53a14b89c1f"
x-obs-tagging-count: 0
date: Wed, 28 May 2025 03:33:46 GMT
x-obs-content-sha256: 44ad04fe06c0306722382f8a28d49876eaa87605d6b5a2ad8f24784358b6bdc5
content-type: application/javascript
x-obs-request-id: 0000019714CF5CB1A0E889428D0ACD92
server: nginx
last-modified: Tue, 15 Apr 2025 11:57:44 GMT
x-cdn-request-id: 9e67f1f2932b003cee143c3e12db1c60

GET
H3 200 v1 Show response
openfpcdn.io/botd/ 15 KB
5 KB 302ms
144ms Script
text/javascript 3.161.213.7
AMAZON-02

General

Check archive.org

Download Go to

Full URL

https://openfpcdn.io/botd/v1

Requested by

Host: goo.su
URL: https://goo.su/wRsqq

Protocol

Security

QUIC, , AES_128_GCM

Server

3.161.213.7 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

CloudFront /

Resource Hash

29cb26e06f2a4a877f1134a46480d9b78f8b6e0e6f9b0fe67e34307c312b5a89

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Origin: https://goo.su
Referer

Response headers

content-encoding: gzip
etag: W/"5co2cnhGrt59+8B+iLKwJesMrpA"
age: 4102
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
x-cache: Hit from cloudfront
x-amz-cf-id: rsNnLf6SC3OknvGo2C6e1Y0cPKVupBiEbQwmc9eM5BzXi_RV_q3gcQ==
date: Wed, 28 May 2025 02:25:27 GMT
content-type: text/javascript; charset=utf-8
vary: Accept-Encoding
strict-transport-security: max-age=63072000; includeSubDomains; preload
cache-control: public, max-age=626819, s-maxage=10818
cross-origin-resource-policy: cross-origin
via: 1.1 7211dc525b86f4a3fdf1dbeb59791392.cloudfront.net (CloudFront)
access-control-allow-origin: *
x-amz-cf-pop: YUL62-P1
server: CloudFront

GET
H3 200 slotcar_library_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202505220101/ 96 KB
33 KB 152ms
150ms Script
text/javascript 142.251.111.154
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202505220101/slotcar_library_fy2021.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-2221698569877911

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.111.154 Farmingdale, United States, ASN15169 (GOOGLE, US),

Reverse DNS

bk-in-f154.1e100.net

Software

cafe /

Resource Hash

ccc33ac0a59d68a39aecfe70e7f75f2c256b4d59806a19d659004d8f6efa564d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://goo.su/

Response headers

content-encoding: br
etag: 1831353443927784672
age: 13444
x-content-type-options: nosniff
expires: Tue, 10 Jun 2025 23:49:41 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date: Tue, 27 May 2025 23:49:41 GMT
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
cache-control: public, immutable, max-age=1209600
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-length: 34151
x-xss-protection: 0
server: cafe

GET
H3 200 show_ads_impl_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202505220101/ 461 KB
155 KB 163ms
163ms Script
text/javascript 142.251.111.154
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202505220101/show_ads_impl_fy2021.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-2221698569877911

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.111.154 Farmingdale, United States, ASN15169 (GOOGLE, US),

Reverse DNS

bk-in-f154.1e100.net

Software

cafe /

Resource Hash

6c7076df710ad6002e2fa42c506e76851208311ff9996c661381d00a7ef80089

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://goo.su/

Response headers

content-encoding: br
etag: 14312988678645441185
age: 84093
x-content-type-options: nosniff
expires: Tue, 10 Jun 2025 04:12:12 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date: Tue, 27 May 2025 04:12:12 GMT
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
cache-control: public, immutable, max-age=1209600
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-length: 158483
x-xss-protection: 0
server: cafe

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 377 KB
127 KB 181ms
176ms Script
application/javascript 142.251.111.97
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-64YFP720ET&cx=c&gtm=45He55q0v9205004943za200&tag_exp=101509157~103116026~103130498~103130500~103200004~103233427~103252644~103252646~103290358~104481633~104481635

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TRGNQBDL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.111.97 Farmingdale, United States, ASN15169 (GOOGLE, US),

Reverse DNS

bk-in-f97.1e100.net

Software

Google Tag Manager /

Resource Hash

aa3990306aec94c6f1aa17e570159d6ca772e4edee2947ff35ca9e6c7e5d8c77

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://goo.su/

Response headers

content-encoding: br
report-to: {"group":"ascgcycc:1077:0","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:1077:0"}],}
expires: Wed, 28 May 2025 03:33:45 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 28 May 2025 03:33:45 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:1077:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=ascgcycc:1077:0
content-length: 129167
x-xss-protection: 0
server: Google Tag Manager

POST
H3 204 ping
pagead2.googlesyndication.com/pagead/ 0
0 240ms
193ms Fetch
text/html 142.251.111.154
GOOGLE

General

Check archive.org

Download Go to

Full URL: https://pagead2.googlesyndication.com/pagead/ping?e=1
Requested by: Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-2221698569877911
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.251.111.154 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS: bk-in-f154.1e100.net
Software: /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Referer: https://goo.su/

Response headers

GET
H/1.1 200
OK sync-loader.js Show response
privacy-cs.mail.ru/static/ 83 KB
22 KB 2663ms
619ms Script
application/javascript 95.163.52.89
VK-AS LLC VK

General

Check archive.org

Download Go to

Full URL: https://privacy-cs.mail.ru/static/sync-loader.js
Requested by: Host: top-fwz1.mail.ru
URL: https://top-fwz1.mail.ru/js/code.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 95.163.52.89 , Russian Federation, ASN47764 (VK-AS LLC VK, RU),
Reverse DNS: r3.mail.ru
Software: nginx /
Resource Hash: dafaebb1489c165856c019839c1128327f1af3f709ace70da1a757e3a62cb015

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://goo.su/

Response headers

Transfer-Encoding: chunked
Cache-Control: max-age=600
Timing-Allow-Origin: *
Content-Encoding: gzip
Connection: keep-alive
Expires: Wed, 28 May 2025 03:43:48 GMT
Access-Control-Allow-Origin: *
Date: Wed, 28 May 2025 03:33:48 GMT
Content-Type: application/javascript;charset=UTF-8
Server: nginx

GET
H2 200 dyn-goal-config.js Show response
top-fwz1.mail.ru/js/ 3 KB
2 KB 262ms
251ms Script
application/javascript 95.163.52.67
VK-AS LLC VK

General

Check archive.org

Download Go to

Full URL

https://top-fwz1.mail.ru/js/dyn-goal-config.js?ids=3128781

Requested by

Host: top-fwz1.mail.ru
URL: https://top-fwz1.mail.ru/js/code.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

95.163.52.67 , Russian Federation, ASN47764 (VK-AS LLC VK, RU),

Reverse DNS

top-fwz1.mail.ru

Software

nginx /

Resource Hash

0e7e3045519beaff2095d4a64b8dfb1b581013eb5b8f4b3549983c69abe7139b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://goo.su/

Response headers

access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
content-encoding: gzip
access-control-allow-methods: GET, POST, HEAD, PUT, OPTIONS
x-content-type-options: nosniff
accept-ch-lifetime: 86400
expires: Wed, 28 May 2025 03:43:46 GMT
p3p: CP="NOI DSP COR NID CUR PSA OUR NOR"
date: Wed, 28 May 2025 03:33:46 GMT
content-type: application/javascript; charset=utf-8
access-control-allow-headers: *
cache-control: max-age=600, private
timing-allow-origin: *
accept-ch: DPR, Width, Viewport-Width, Downlink, Device-Memory, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version
access-control-allow-credentials: true
amp-access-control-allow-source-origin: *
access-control-allow-origin: *
server: nginx

GET
H2 200 counter
top-fwz1.mail.ru/ 43 B
1 KB 423ms
412ms Image
image/gif 95.163.52.67
VK-AS LLC VK

General

Check archive.org

Download Go to Show image

Full URL

https://top-fwz1.mail.ru/counter?_=0.11337435450093347;id=3128781;u=https%3A%2F%2Fgoo.su%2FwRsqq;title=Redirecting;s=1600*1200;vp=1600*1200;touch=0;hds=1;sid=9acb855ec1dba950;ver=60.6.0;tz=420%2FAmerica%2FVancouver;st=1748403224752;ct=3668/3694/3694//2295;rt=2295/1370/0/0/0/2295/2304/2330/2330/3051/2410/3065/3465/3665;gl=u;ni=10//4g/250/0/;lvid=1748403226120%3A1748403226160%3A1%3A73f15100e28798418ec7c98b1131cc01;opts=dl%2Cjst-gtag%2Ccnhp%3Dh2%2Ccs%3D19238-47446-19538;visible=true;js=13

Requested by

Host: goo.su
URL: https://goo.su/wRsqq

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

95.163.52.67 , Russian Federation, ASN47764 (VK-AS LLC VK, RU),

Reverse DNS

top-fwz1.mail.ru

Software

nginx /

Resource Hash

24e480e4659fbae818853a38f8a3036f529f539024dc3e772c0b594ce02ea9db

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://goo.su/

Response headers

access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
access-control-allow-methods: GET, POST, HEAD, PUT, OPTIONS
x-content-type-options: nosniff
accept-ch-lifetime: 86400
p3p: CP="NOI DSP COR NID CUR PSA OUR NOR"
date: Wed, 28 May 2025 03:33:46 GMT
content-type: image/gif
access-control-allow-headers: *
cache-control: private, no-cache, no-store, max-age=0
timing-allow-origin: *
pragma: no-cache
accept-ch: DPR, Width, Viewport-Width, Downlink, Device-Memory, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version
access-control-allow-credentials: true
amp-access-control-allow-source-origin: *
access-control-allow-origin: *
content-length: 43
server: nginx

POST
H2 204 collect
www.google-analytics.com/g/ 0
0 995ms
314ms Fetch
text/plain 172.253.62.101
GOOGLE

General

Check archive.org

Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-64YFP720ET&gtm=45je55q0v9206643729z89205004943za200zb9205004943&_p=1748403224720&gcd=13l3l3l3l1l1&npa=0&dma=0&tag_exp=101509157~103116026~103130498~103130500~103200004~103233427~103252644~103252646~104481633~104481635&ptag_exp=101509157~103116026~103130498~103130500~103200004~103233427~103252644~103252646~103290358~104481633~104481635&cid=1076417063.1748403226&ul=en-ca&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1748403226&sct=1&seg=0&dl=https%3A%2F%2Fgoo.su%2FwRsqq&dt=Redirecting&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=3872
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-64YFP720ET&cx=c&gtm=45He55q0v9205004943za200&tag_exp=101509157~103116026~103130498~103130500~103200004~103233427~103252644~103252646~103290358~104481633~104481635
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.253.62.101 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: bc-in-f101.1e100.net
Software: Golfe2 /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://goo.su/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:100:0
report-to: {"group":"ascnsrsggc:100:0","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:100:0"}],}
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: https://goo.su
cross-origin-opener-policy-report-only: same-origin; report-to=ascnsrsggc:100:0
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 28 May 2025 03:33:47 GMT
content-type: text/plain
server: Golfe2

GET
H3 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20250522/r20190131/ Frame 849F 8 KB
4 KB 578ms
150ms Document
text/html 172.253.115.156
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20250522/r20190131/zrt_lookup_fy2021.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202505220101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.253.115.156 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

adb20dfcb3586b802e692ef1365bac860fd8670b85a67f0286677ac4268b6bd4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://goo.su/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36

Response headers

age: 9760
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 3856
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 28 May 2025 00:51:07 GMT
etag: 7658452531946828944
expires: Wed, 11 Jun 2025 00:51:07 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame B994 76 B
89 B 670ms
286ms Document
text/html 172.253.115.156
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2221698569877911&output=html&adk=1812271804&adf=3025194257&abgtt=6&lmt=1748403226&plaf=1%3A2%2C2%3A2%2C7%3A2&plat=1%3A128%2C2%3A128%2C3%3A128%2C4%3A128%2C8%3A128%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fgoo.su%2FwRsqq&pra=5&wgl=1&aihb=0&asro=0&aifxl=29_18~30_19&aiapm=0.1513394357225098&aiapmi=0.16&aiact=0.5298819750931447&aicct=0.7&ailct=0.6697513670900843&aimart=5&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1748403225626&bpp=11&bdt=2271&idt=967&shv=r20250522&mjsv=m202505220101&ptt=9&saldr=aa&abxe=1&cookie_enabled=1&eoidce=1&nras=1&correlator=794281149213&frm=20&pv=2&u_tz=-420&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31092114%2C31092423%2C31092619%2C95331833%2C95353386%2C95360390%2C95360812%2C95361621%2C95360955&oid=2&pvsid=6149889687303888&tmod=255256577&uas=0&nvt=1&fsapi=1&fc=1920&brdim=1570%2C1170%2C1570%2C1170%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&td=1&tdf=2&psd=W251bGwsbnVsbCxudWxsLDNd&nt=1&ifi=1&uci=a!1&fsb=1&dtd=1064

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202505220101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.253.115.156 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a6f3c4eb8378e0bd2852618eacf0a02ff8147155da4d5fb765d89989327cd1cc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://goo.su/
Sec-Browsing-Topics: ();p=P0000000000000000000000000000000
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 66
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 28 May 2025 03:33:47 GMT
expires: Wed, 28 May 2025 03:33:47 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 goo.su.json Show response
cdn.digitalcaramel.com/configs/ 23 KB
4 KB 2217ms
469ms Fetch
application/json 95.181.182.182
EdgeCenterLLC Edg...

General

Check archive.org

Download Go to

Full URL: https://cdn.digitalcaramel.com/configs/goo.su.json
Requested by: Host: ads.digitalcaramel.com
URL: https://ads.digitalcaramel.com/caramel.js?ts=1748403224718
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 95.181.182.182 Perm, Russian Federation, ASN210756 (EdgeCenterLLC EdgeCenter LLC, RU),
Reverse DNS
Software: nginx /
Resource Hash: e908b243a8d7f36576a6a3cb07d339b840067014b6427b2855dc78e67c9e7350

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://goo.su/

Response headers

x-cached-since: 2025-05-25T15:42:42+00:00
is-cdn: yes
cache: HIT
x-node: blkl-up-gc41
content-encoding: gzip
etag: W/"67dbf211-5bad"
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-origin: *
date: Wed, 28 May 2025 03:33:48 GMT
content-type: application/json
vary: Accept-Encoding, Accept-Encoding
server: nginx
last-modified: Thu, 20 Mar 2025 10:46:41 GMT
access-control-allow-headers: Origin, Content-Type, Accept, Authorization

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame F317 105 KB
44 KB 1014ms
751ms Document
text/html 172.253.115.156
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2221698569877911&output=html&h=300&slotname=2783776122&adk=3754210245&adf=1177461276&pi=t.ma~as.2783776122&w=500&abgtt=6&lmt=1748403226&format=500x300&url=https%3A%2F%2Fgoo.su%2FwRsqq&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1748403225697&bpp=7&bdt=2342&idt=1242&shv=r20250522&mjsv=m202505220101&ptt=9&saldr=aa&abxe=1&cookie_enabled=1&eoidce=1&prev_fmts=0x0&nras=1&correlator=794281149213&frm=20&pv=1&u_tz=-420&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=550&ady=0&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31092114%2C31092423%2C31092619%2C95331833%2C95353386%2C95360390%2C95360812%2C95361621%2C95360955&oid=2&pvsid=6149889687303888&tmod=255256577&uas=0&nvt=1&fc=1920&brdim=1570%2C1170%2C1570%2C1170%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7CeoE%7C&abl=CS&pfx=0&fu=0&bc=31&bz=1&td=1&tdf=2&psd=W251bGwsbnVsbCxudWxsLDNd&nt=1&ifi=2&uci=a!2&fsb=1&dtd=1259

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202505220101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.253.115.156 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

af6b75e98a7fecadb9bbb0f547c54c4f1ca4c0b2e26823de987452ec97f13418

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://goo.su/
Sec-Browsing-Topics: ();p=P0000000000000000000000000000000
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 45362
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 28 May 2025 03:33:48 GMT
expires: Wed, 28 May 2025 03:33:48 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 mgc.js Show response
st.top100.ru/top100/3.17.4/ 5 KB
2 KB 240ms
227ms Script
application/javascript 151.236.71.248
CDNetworks GLOBAL...

General

Check archive.org

Download Go to

Full URL: https://st.top100.ru/top100/3.17.4/mgc.js
Requested by: Host: st.top100.ru
URL: https://st.top100.ru/top100/top100.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 151.236.71.248 Moscow, Russian Federation, ASN204720 (CDNetworks GLOBAL CLOUD NETWORK LLC, RU),
Reverse DNS
Software: nginx /
Resource Hash: ce301b9b7c156672c16d417f5d9ff9c7813187b468cc4a7f7526a1bac2e21c25

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://goo.su/

Response headers

x-cdn-edge-id: 2315
x-obs-id-2: 32AAAQAAEAABAAAQAAEAABAAAQAAEAABCTAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
x-cdn-edge-cache: HIT
content-encoding: gzip
x-obs-meta-s3cmd-attrs: atime:1744718263/ctime:1744718263/gid:0/gname:root/md5:c7c8dabc5b4122bc1da080ceddc861ee/mode:33188/mtime:1744717656/uid:0/uname:root
etag: W/"c7c8dabc5b4122bc1da080ceddc861ee"
x-obs-tagging-count: 0
date: Wed, 28 May 2025 03:33:47 GMT
x-obs-content-sha256: ce301b9b7c156672c16d417f5d9ff9c7813187b468cc4a7f7526a1bac2e21c25
content-type: application/javascript
x-obs-request-id: 0000019714C73EBDA8051B8694DDB22F
server: nginx
last-modified: Tue, 15 Apr 2025 11:57:44 GMT
x-cdn-request-id: 27dca268eaac21813cf5351999f8dffb

POST
H2 200 / Show response
kraken.rambler.ru/cnt/v2/ 43 B
681 B 2252ms
1154ms XHR
image/gif 94.139.255.28
CLOUDRU-AS "Cloud...

General

Check archive.org

Download Go to

Full URL

https://kraken.rambler.ru/cnt/v2/

Requested by

Host: st.top100.ru
URL: https://st.top100.ru/top100/top100.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

94.139.255.28 Asbest, Russian Federation, ASN208677 (CLOUDRU-AS "Cloud Technologies" LLC trading as Cloud.ru, RU),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Content-Type: application/x-www-form-urlencoded
Referer: https://goo.su/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
cache-control: no-cache
accept-ch: Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
pragma: no-cache
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
expires: Thu, 01 Jan 1970 00:00:01 GMT
access-control-allow-origin: https://goo.su
x-sca-elb: t100-exd
content-length: 43
date: Wed, 28 May 2025 03:33:49 GMT
content-type: image/gif
access-control-allow-headers: content-type

GET
H2 200 top100_0062b1.gif
kraken.rambler.ru/counter-static/images/ 595 B
1 KB 1422ms
379ms Image
image/gif 94.139.255.28
CLOUDRU-AS "Cloud...

General

Check archive.org

Download Go to Show image

Full URL

https://kraken.rambler.ru/counter-static/images/top100_0062b1.gif

Requested by

Host: goo.su
URL: https://goo.su/wRsqq

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

94.139.255.28 Asbest, Russian Federation, ASN208677 (CLOUDRU-AS "Cloud Technologies" LLC trading as Cloud.ru, RU),

Reverse DNS

Software

Resource Hash

fda0897f4cdbbab911245c9ebaa4885f54a7e572b8c9b071dc976d1d27cab1a6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://goo.su/

Response headers

x-obs-id-2: 32AAAQAAEAABAAAQAAEAABAAAQAAEAABCTAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
x-obs-meta-s3cmd-attrs: atime:1718733846/ctime:1718733846/gid:0/gname:root/md5:10d95efe74b84de86398a30e7b958b79/mode:33206/mtime:1718733846/uid:0/uname:root
access-control-allow-methods: OPTIONS,GET
x-sca-elb: t100-exd
date: Wed, 28 May 2025 03:33:48 GMT
content-type: image/gif
x-obs-request-id: 2029fdf32b078ddb868a7b84771f1ce9
access-control-allow-headers: DNT
x-cache-status: HIT
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: max-age=86400
access-control-allow-credentials: true
x-obs-tagging-count: 0
access-control-allow-origin: *
content-length: 595
x-obs-content-sha256: fda0897f4cdbbab911245c9ebaa4885f54a7e572b8c9b071dc976d1d27cab1a6

GET
H2

200

sync_cookie_image_decide
mc.yandex.com/
Redirect Chain

https://mc.yandex.com/sync_cookie_image_check?scid=c078f6cb-b0e2-1c09-7715-308fff4d7fc3&cid=99705705
https://mc.yandex.ru/sync_cookie_image_start?cid=99705705&redirect_domain=mc.yandex.com&scid=c078f6cb-b0e2-1c09-7715-308fff4d7fc3&token=10680.gzzP5Vcp766Eg5rVxtsMKmq4yQ4mq0IGONYGPCVNMBx-65D8uJ9Pe55...
https://mc.yandex.com/sync_cookie_image_decide?cid=99705705&scid=c078f6cb-b0e2-1c09-7715-308fff4d7fc3&token=10680.FlWlomsHbT5g0rp95VK8nfn4xiWCI3bXMTc4T_hAiS42uLNoXpA0y1Bf7ul0EEkGRhrwYWVVj3kAoqaiWDt...

43 B
704 B

298ms
290ms

Image
image/gif

87.250.250.119
YANDEX YANDEX LLC

General

Check archive.org

Download Go to Show image

Full URL

https://mc.yandex.com/sync_cookie_image_decide?cid=99705705&scid=c078f6cb-b0e2-1c09-7715-308fff4d7fc3&token=10680.FlWlomsHbT5g0rp95VK8nfn4xiWCI3bXMTc4T_hAiS42uLNoXpA0y1Bf7ul0EEkGRhrwYWVVj3kAoqaiWDtFHpMFIv34xlB2KepTA9O4S2WENeCRx-wUhhICF3B5jg9sRWE2JJQ_o0oeqRB1RxWKBrLlUh-q9t4tEX9DCDt4R-kG6cUSdx-DJQeS0sd651NAmGgYPlL_mDBloKhei7b2er5Uy11Sk5lbqzyhRqYS4mE%2C.KfQeOlL7GwZH7aoGEFBGwatnICo%2C

Requested by

Host: goo.su
URL: https://goo.su/wRsqq

Protocol

Server

87.250.250.119 , Russian Federation, ASN13238 (YANDEX YANDEX LLC, RU),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://goo.su/

Response headers

strict-transport-security: max-age=31536000
content-length: 43
x-xss-protection: 1; mode=block
content-type: image/gif

Redirect headers

x-xss-protection: 1; mode=block
strict-transport-security: max-age=31536000
location: https://mc.yandex.com/sync_cookie_image_decide?cid=99705705&scid=c078f6cb-b0e2-1c09-7715-308fff4d7fc3&token=10680.FlWlomsHbT5g0rp95VK8nfn4xiWCI3bXMTc4T_hAiS42uLNoXpA0y1Bf7ul0EEkGRhrwYWVVj3kAoqaiWDtFHpMFIv34xlB2KepTA9O4S2WENeCRx-wUhhICF3B5jg9sRWE2JJQ_o0oeqRB1RxWKBrLlUh-q9t4tEX9DCDt4R-kG6cUSdx-DJQeS0sd651NAmGgYPlL_mDBloKhei7b2er5Uy11Sk5lbqzyhRqYS4mE%2C.KfQeOlL7GwZH7aoGEFBGwatnICo%2C

GET
H2 200 advert.gif
mc.yandex.com/metrika/ 43 B
624 B 546ms
482ms Image
image/gif 87.250.250.119
YANDEX YANDEX LLC

General

Check archive.org

Download Go to Show image

Full URL

https://mc.yandex.com/metrika/advert.gif

Requested by

Host: goo.su
URL: https://goo.su/wRsqq

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

87.250.250.119 , Russian Federation, ASN13238 (YANDEX YANDEX LLC, RU),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://goo.su/

Response headers

strict-transport-security: max-age=31536000
cache-control: max-age=3600
timing-allow-origin: *
etag: "682ddc70-2b"
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
expires: Wed, 28 May 2025 04:33:47 GMT
accept-ranges: bytes
access-control-allow-origin: *
content-length: 43
date: Wed, 28 May 2025 03:33:47 GMT
content-type: image/gif
last-modified: Wed, 21 May 2025 14:00:16 GMT

GET metrika_match.html
mc.yandex.com/metrika/ Frame C125 0
0

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 9C24 624 B
246 B 156ms
153ms Document
text/html 172.253.115.156
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CPzgERCSv5rFGhjJ4N25AjAB&v=APEucNWSJVk3QjXIheYNMFgEFAj2p8rph4e5hex4aJWjsMRu-YGRIEo9s4ppVH4Fpx0nfjQ0utGQOioToyKVGzB2GnWYRmsoxg

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2221698569877911&output=html&h=300&slotname=2783776122&adk=3754210245&adf=1177461276&pi=t.ma~as.2783776122&w=500&abgtt=6&lmt=1748403226&format=500x300&url=https%3A%2F%2Fgoo.su%2FwRsqq&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1748403225697&bpp=7&bdt=2342&idt=1242&shv=r20250522&mjsv=m202505220101&ptt=9&saldr=aa&abxe=1&cookie_enabled=1&eoidce=1&prev_fmts=0x0&nras=1&correlator=794281149213&frm=20&pv=1&u_tz=-420&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=550&ady=0&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31092114%2C31092423%2C31092619%2C95331833%2C95353386%2C95360390%2C95360812%2C95361621%2C95360955&oid=2&pvsid=6149889687303888&tmod=255256577&uas=0&nvt=1&fc=1920&brdim=1570%2C1170%2C1570%2C1170%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7CeoE%7C&abl=CS&pfx=0&fu=0&bc=31&bz=1&td=1&tdf=2&psd=W251bGwsbnVsbCxudWxsLDNd&nt=1&ifi=2&uci=a!2&fsb=1&dtd=1259

Protocol

Security

QUIC, , AES_128_GCM

Server

172.253.115.156 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2221698569877911&output=html&h=300&slotname=2783776122&adk=3754210245&adf=1177461276&pi=t.ma~as.2783776122&w=500&abgtt=6&lmt=1748403226&format=500x300&url=https%3A%2F%2Fgoo.su%2FwRsqq&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1748403225697&bpp=7&bdt=2342&idt=1242&shv=r20250522&mjsv=m202505220101&ptt=9&saldr=aa&abxe=1&cookie_enabled=1&eoidce=1&prev_fmts=0x0&nras=1&correlator=794281149213&frm=20&pv=1&u_tz=-420&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=550&ady=0&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31092114%2C31092423%2C31092619%2C95331833%2C95353386%2C95360390%2C95360812%2C95361621%2C95360955&oid=2&pvsid=6149889687303888&tmod=255256577&uas=0&nvt=1&fc=1920&brdim=1570%2C1170%2C1570%2C1170%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7CeoE%7C&abl=CS&pfx=0&fu=0&bc=31&bz=1&td=1&tdf=2&psd=W251bGwsbnVsbCxudWxsLDNd&nt=1&ifi=2&uci=a!2&fsb=1&dtd=1259
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 222
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 28 May 2025 03:33:48 GMT
expires: Wed, 28 May 2025 03:33:48 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 abg_lite_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20250522/r20110914/ Frame 4C58 21 KB
8 KB 690ms
364ms Script
text/javascript 142.251.111.155
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20250522/r20110914/abg_lite_fy2021.js

Requested by

Host: goo.su
URL: https://goo.su/wRsqq

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.111.155 Farmingdale, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

be507b359cc4919d2c1154e11c9d17b94ba03bc583f0d31fffc3525583bec00d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://googleads.g.doubleclick.net/

Response headers

content-encoding: br
etag: 5251608839672234903
age: 14053
x-content-type-options: nosniff
expires: Tue, 10 Jun 2025 23:39:35 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date: Tue, 27 May 2025 23:39:35 GMT
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
cache-control: public, max-age=1209600
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
content-length: 8642
x-xss-protection: 0
server: cafe

GET
H3 200 omrhp_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20250522/r20110914/elements/html/ Frame 4C58 8 KB
3 KB 673ms
355ms Script
text/javascript 142.251.111.155
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20250522/r20110914/elements/html/omrhp_fy2021.js

Requested by

Host: goo.su
URL: https://goo.su/wRsqq

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.111.155 Farmingdale, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1657584221779c9f6943c52bb7fba23376c18be3e021da4168fab39d8bb7863a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://googleads.g.doubleclick.net/

Response headers

content-encoding: br
etag: 567199331036499589
age: 1771
x-content-type-options: nosniff
expires: Wed, 11 Jun 2025 03:04:17 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date: Wed, 28 May 2025 03:04:17 GMT
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
cache-control: public, max-age=1209600
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
content-length: 3211
x-xss-protection: 0
server: cafe

GET
H3 200 view
ad.doubleclick.net/pcs/ Frame 4C58 0
0 513ms
257ms Fetch
image/png 142.250.31.148
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://ad.doubleclick.net/pcs/view?xai=AKAOjstU58kAj9vxFWe5eZfTIWDmsItZwDv4DGH3hRX_N-vZ_ALI3qwG-jh8bPWGzcURJdhO9pL__4HDmhoM9DsSoNh17ULdUM5aH4-S1WHWjFv6dkMIco-I7m0ZaKWD2vl1D9FAhTT8fJqYwZsW6Tg_lm2qp4x6J5wetEQUIOak6cqZHdJT-qNg_mK7pHIDthlmSLaWawrlShQdoJDA31GpbpvPaHJIh-AdyzDPl6Eyfdjr9ov641-UEtM2VW23MUIqwKsZMDidv84yJWzc_2O6sCIITHVzqx7v7UWDt7k-orQVZehAsFZqjG72agyxlonlxRqaC84Yg6Zwkg6TvE2IGQK3T3KFXil6sF4tpSjr78mt7g-cbBcV4c6mtk9MJsj8QOC8l_8750uUyF2rvL2QXOazV9HdOy9UlDjYcz8-s1ISGS9g5YZmYETtpDxBQb_ysv64IllFM1Ovf3RF8vK6WIA0EL28_IobOllrNlVGlTONfaMYQIiImW8lwbWGsTUbXqqkyJy-_1NsC_5JrqZQPPPQ0F58c-Ul-ml6LZ2mr6QqYu0IrfL_JXdnZhCAEjqT40VVfHawii13KnEdMDoTAMde1AphEQ5GB8XzPV8L_pEAvyfaI36DpCWLrrV9LzJazJTbwlzxXR_F4Ysp2tjiGNdmO0zSCAfhg659tCl8NzFEE5z0U_cOHdb6fqAlZC6YhB7bi2CZTBJq7znPvsUC19YSO-HyP2bWferLuwW4kcXdHzyBmLh-T6mb-exRUbQlSYEUNKnBPrE-Hx33yZXZWOft6MZfHIl7PAh8_4SRzeYeTUql7PfOB01So7N8E4DXcOO1kH4ozkRUeozG9sTk_GVKy4vKkGSC7N5Viw3EdAQZL-7uXw5PhF4ofWtTOpLgJccyU9jmvAt436v1Suf5ZkdsG74R7m_wLqMEpDlexz9XCTUJ8ZZMDYIij9PYM5peC7Nhja0981JISZMQ9QMZARLTkdVzkCteHisJ_P4D_qg9ro_BK243szy6BvlS_-PNOB9Jx-_B_Py8cTQcf2jV2Um9nv56R4MD_KvXe4ZCjXyf9J_MkvPRjfQkSutI6aoKoQwM6BeJ1S0PDCLVJurgH9c_J8sHesTlpmkSo5zw4AejSWWV1sfN-hcu_WkGI24e6MTtixSKDHFxmWKEIDXVSAlFMivqXDscaSZ3Wa2TwHiNHLb42qD7ai6jt6e9QRUCs8RbDCWDVuVIjVaA8Ls5-fqVvH6jAFjXFPjW5zzCpVUjXkXQldOeT74VumbQbqx1sZ_iuJKEmVgy7dqcAzF6fgUweNvV1RwZ-bod9g9trkV8WnEZ_IW8aAR6aIc8HB0AGGp3WygwMDLCpefZmM_VGKvyKcj1A4iWg2N3wrznOP-VX4WZSrYEQRAyly5cnw89DtVemLydeCncv0AJyMqpBCVXv93naAHRiw&sai=AMfl-YRwyXDgk2ZoM7ElNUtYQvSJrvG_-u1sWvr35bvA6PURVc89UCsszbhlEw5l8wu9MSi9B4sZsawkX0zri63FPCblOlXnewh0Zpyti6vRs7px0rmGK-fQjFR4CK2kOy8WD_pG8IOGZicdmtNhcDV0MJIOV_FmyydW3TADZcPq1rW3qc-TnAFh1-b-ithwZ7DcvGsPxWePxXtzNroq3GgmDopqBckrSLoI2qom4BQVpmUdN4U9CghUNB4hztJuvMq9jZdBPVVj4C3Emreie5j5pWHYZaa6ls7kUDV55YizaJlgVv8jJonM0DpmzWW7WsfTuyjPzCzjEz7ucnCJP9Wlpkb60T56Nvk4n02_mKbfZS3VSX5yZvDDenvnS1nmJMx_6Btj-O9xHYgTH2XYu4wwTHDXEeSOrbSIf_90Ntt8Sm4CBXbYS3hRrdD9hSEIDtX4ncEWOLi6PTAUNcRTDYRWg9eEUr67HTbeS4eGo-hdxtRhMMGtcYJLGHK2UfoS_rA8vtK5DAqWd8Q&sig=Cg0ArKJSzLyNM8g09eGVEAE&uach_m=%5BUACH%5D&crd=aHR0cHM6Ly9nYXJkZW53b3Jrcy5jYQ&pr=missingexchangepricemacro&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=3&cbvp=1&cstd=0&cisv=r20250522.62514&arae=1&ftch=1&adurl=

Requested by

Host: goo.su
URL: https://goo.su/wRsqq

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.31.148 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bj-in-f148.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://googleads.g.doubleclick.net/

Response headers

x-content-type-options: nosniff
expires: Wed, 28 May 2025 03:33:48 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date: Wed, 28 May 2025 03:33:48 GMT
content-type: image/png
content-security-policy: script-src 'none'; object-src 'none'
cache-control: private
timing-allow-origin: *
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
access-control-allow-origin: *
content-length: 0
x-xss-protection: 0
attribution-reporting-register-source: {"aggregation_keys":{"12":"0x4d5281001767a7590000000000000000","13":"0x4c2c93f9481e483b0000000000000000","14":"0xae9ac28d200c79930000000000000000","15":"0x8387a74367af00220000000000000000"},"debug_key":"9372674062400959190","debug_reporting":true,"destination":["https://gardenworks.ca"],"event_report_windows":{"end_times":[86400,345600]},"expiry":"2592000","filter_data":{"14":["145948366","145952068"],"21":[],"23":[],"24":[],"25":[],"26":[],"27":[],"28":[],"29":[],"8":["15480979"]},"max_event_level_reports":2,"priority":"0","source_event_id":"11515320628153038177"}
server: cafe

GET
H2 200 Q12zgMmT.js Show response
tpc.googlesyndication.com/sodar/ Frame 4C58 41 KB
14 KB 627ms
132ms Script
text/javascript 64.233.180.132
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Requested by

Host: goo.su
URL: https://goo.su/wRsqq

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

64.233.180.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://googleads.g.doubleclick.net/

Response headers

content-encoding: br
age: 1029
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
x-content-type-options: nosniff
expires: Wed, 28 May 2025 04:06:39 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 28 May 2025 03:16:39 GMT
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
content-type: text/javascript
vary: Accept-Encoding
cache-control: public, max-age=3000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
content-length: 13937
x-xss-protection: 0
server: sffe

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20250522/r20110914/client/ Frame 4C58 3 KB
1 KB 624ms
130ms Script
text/javascript 64.233.180.132
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20250522/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

64.233.180.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fec5a361dec923efe92848ca27b02b158b164380a9eaf6cc1625e08e0d9c101e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://googleads.g.doubleclick.net/

Response headers

content-encoding: br
etag: 6020003950853699975
age: 9449
x-content-type-options: nosniff
expires: Wed, 11 Jun 2025 00:56:19 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date: Wed, 28 May 2025 00:56:19 GMT
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
cache-control: public, max-age=1209600
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
content-length: 1241
x-xss-protection: 0
server: cafe

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20250522/r20110914/client/ Frame 4C58 19 KB
8 KB 616ms
122ms Script
text/javascript 64.233.180.132
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20250522/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

64.233.180.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

760e5d0b97d6707a3d5c2c949bd70e7668484a144f383f3a4dfa878bad15e8ca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://googleads.g.doubleclick.net/

Response headers

content-encoding: br
etag: 3000748235154339481
age: 82034
x-content-type-options: nosniff
expires: Tue, 10 Jun 2025 04:46:34 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date: Tue, 27 May 2025 04:46:34 GMT
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
cache-control: public, max-age=1209600
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
content-length: 8100
x-xss-protection: 0
server: cafe

GET
H3 200 ufs_web_display.js Show response
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame 4C58 221 KB
68 KB 508ms
233ms Script
text/javascript 142.251.111.155
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.111.155 Farmingdale, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9fc89654aff6bca6c890b30bd0833eb2f18d63a61c0a9ece5246537ad6f73c5e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://googleads.g.doubleclick.net/

Response headers

content-encoding: br
etag: 81102085050987160
age: 1767
x-content-type-options: nosniff
expires: Wed, 28 May 2025 04:04:21 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date: Wed, 28 May 2025 03:04:21 GMT
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
cache-control: public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-length: 69707
x-xss-protection: 0
server: cafe

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 4C58 42 B
63 B 634ms
364ms Image
image/gif 142.251.111.155
GOOGLE

General

Check archive.org

Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-DQrorRWsIN6CDxcAXHsIeWtFE3F6kVsVb8icb6LtM2t1L-arMS55bxqBkkpj4yZEAt1E3SzheuKrO-gHkdU8ybTdXN8UBWwWqtIvJd0CiYT6HvN-U

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.111.155 Farmingdale, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://googleads.g.doubleclick.net/

Response headers

cache-control: no-cache, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 42
date: Wed, 28 May 2025 03:33:48 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET
H2 200 6113177086834487589
s0.2mdn.net/simgad/ Frame 4C58 129 KB
130 KB 1276ms
250ms Image
image/png 172.253.122.148
GOOGLE

General

Check archive.org

Download Go to Show image

Full URL

https://s0.2mdn.net/simgad/6113177086834487589

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.253.122.148 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bh-in-f148.1e100.net

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://googleads.g.doubleclick.net/

Response headers

report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
x-content-type-options: nosniff
expires: Thu, 28 May 2026 03:33:49 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
allow-fenced-frame-automatic-beacons: true
date: Wed, 28 May 2025 03:33:49 GMT
content-type: image/png
last-modified: Tue, 13 May 2025 16:02:31 GMT
cache-control: public, max-age=31536000
timing-allow-origin: *
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
content-length: 132572
x-xss-protection: 0
server: sffe

GET
H2

200

1 Show response
mc.yandex.com/watch/99705705/
Redirect Chain

https://mc.yandex.com/watch/99705705?wmode=7&page-url=https%3A%2F%2Fgoo.su%2FwRsqq&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A91r6djxnfa7uwydy6j81axfzfqaj%3Afu%3A0%3Aen%3Autf-8%3Ala%3A...
https://mc.yandex.com/watch/99705705/1?wmode=7&page-url=https%3A%2F%2Fgoo.su%2FwRsqq&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A91r6djxnfa7uwydy6j81axfzfqaj%3Afu%3A0%3Aen%3Autf-8%3Ala%...

600 B
764 B

347ms
236ms

Fetch
application/json

87.250.250.119
YANDEX YANDEX LLC

General

Check archive.org

Download Go to

Full URL

https://mc.yandex.com/watch/99705705/1?wmode=7&page-url=https%3A%2F%2Fgoo.su%2FwRsqq&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A91r6djxnfa7uwydy6j81axfzfqaj%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-CA%3Av%3A2050%3Acn%3A1%3Adp%3A0%3Als%3A432893264637%3Ahid%3A129762957%3Az%3A-420%3Ai%3A20250527203347%3Aet%3A1748403227%3Ac%3A1%3Arn%3A1051744109%3Arqn%3A1%3Au%3A174840322737980438%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Afp%3A2412%3Awv%3A2%3Ads%3A0%2C167%2C733%2C26%2C1%2C0%2C%2C1391%2C0%2C%2C%2C%2C2637%3Aco%3A0%3Acpf%3A1%3Ans%3A1748403222428%3Agi%3AR0ExLjEuMTA3NjQxNzA2My4xNzQ4NDAzMjI2%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1748403228%3At%3ARedirecting&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29rcm%281%29cdl%28na%29eco%2842009092%29ti%281%29

Requested by

Host: goo.su
URL: https://goo.su/wRsqq

Protocol

Server

87.250.250.119 , Russian Federation, ASN13238 (YANDEX YANDEX LLC, RU),

Reverse DNS

1043.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net

Software

Resource Hash

c44743887c6b4256fcd882207cfe9c72aa077fe9fd1999ae211488d7c6cd1659

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://goo.su/

Response headers

strict-transport-security: max-age=31536000
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
pragma: no-cache
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
access-control-allow-credentials: true
x-content-type-options: nosniff
expires: Wed, 28-May-2025 03:33:49 GMT
access-control-allow-origin: https://goo.su
content-length: 600
x-xss-protection: 1; mode=block
last-modified: Wed, 28-May-2025 03:33:49 GMT
content-type: application/json; charset=utf-8

Redirect headers

strict-transport-security: max-age=31536000
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
location: /watch/99705705/1?wmode=7&page-url=https%3A%2F%2Fgoo.su%2FwRsqq&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A91r6djxnfa7uwydy6j81axfzfqaj%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-CA%3Av%3A2050%3Acn%3A1%3Adp%3A0%3Als%3A432893264637%3Ahid%3A129762957%3Az%3A-420%3Ai%3A20250527203347%3Aet%3A1748403227%3Ac%3A1%3Arn%3A1051744109%3Arqn%3A1%3Au%3A174840322737980438%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Afp%3A2412%3Awv%3A2%3Ads%3A0%2C167%2C733%2C26%2C1%2C0%2C%2C1391%2C0%2C%2C%2C%2C2637%3Aco%3A0%3Acpf%3A1%3Ans%3A1748403222428%3Agi%3AR0ExLjEuMTA3NjQxNzA2My4xNzQ4NDAzMjI2%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1748403228%3At%3ARedirecting&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29rcm%281%29cdl%28na%29eco%2842009092%29ti%281%29
pragma: no-cache
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
access-control-allow-credentials: true
expires: Wed, 28-May-2025 03:33:48 GMT
access-control-allow-origin: https://goo.su
x-xss-protection: 1; mode=block
last-modified: Wed, 28-May-2025 03:33:48 GMT

GET
H2

200

rum
dsum-sec.casalemedia.com/ Frame 9C24
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENRuuhgUSagszJVccE7Zq0k&google_cver=1

43 B
336 B

115ms
114ms

Image
image/gif

104.18.27.193
CLOUDFLARENET

General

Check archive.org

Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENRuuhgUSagszJVccE7Zq0k&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPzgERCSv5rFGhjJ4N25AjAB&v=APEucNWSJVk3QjXIheYNMFgEFAj2p8rph4e5hex4aJWjsMRu-YGRIEo9s4ppVH4Fpx0nfjQ0utGQOioToyKVGzB2GnWYRmsoxg
Protocol: H2
Server: 104.18.27.193 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://googleads.g.doubleclick.net/

Response headers

cache-control: no-cache
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
cf-cache-status: DYNAMIC
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=HhPQ0JduMOgZQPciZezRjfUZcnVfBTjsJ6zEDldid2mqf6vc2p7DLV14jLq%2BArDkI2F2Hs16MTVmS%2F3PHcc01I5jI3riqaM9HUi4y2GuQtXSs6EQpmXJzmwDdlZoEq9jV5qK%2F4Mqb3Sueg%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 946ab1598feb45a5-YVR
expires: 0
alt-svc: h3=":443"; ma=86400
content-length: 43
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
date: Wed, 28 May 2025 03:33:49 GMT
content-type: image/gif
vary: Accept-Encoding
server: cloudflare

Redirect headers

cache-control: no-cache, must-revalidate
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENRuuhgUSagszJVccE7Zq0k&google_cver=1
pragma: no-cache
cross-origin-resource-policy: cross-origin
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length: 313
date: Wed, 28 May 2025 03:33:49 GMT
x-xss-protection: 0
content-type: text/html; charset=UTF-8
server: HTTP server (unknown)

GET
H2

200

rum
dsum-sec.casalemedia.com/ Frame 9C24
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=aDaEHdHM7T8AOcPLAOrfqQAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDvhb1d5I1FayYAstW3w8Qw&google_cver=1

43 B
323 B

129ms
129ms

Image
image/gif

104.18.27.193
CLOUDFLARENET

General

Check archive.org

Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDvhb1d5I1FayYAstW3w8Qw&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPzgERCSv5rFGhjJ4N25AjAB&v=APEucNWSJVk3QjXIheYNMFgEFAj2p8rph4e5hex4aJWjsMRu-YGRIEo9s4ppVH4Fpx0nfjQ0utGQOioToyKVGzB2GnWYRmsoxg
Protocol: H2
Server: 104.18.27.193 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://googleads.g.doubleclick.net/

Response headers

cache-control: no-cache
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
cf-cache-status: DYNAMIC
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ypzP708pUuGFLJMhnygFEVKI924fsm%2F7v1kvDhUP8thPUs9uDRVccazs7CsFqScX0TsCWwtKRuB5AXYegGg9jD8zJ9GbzDba7tSJx3NtwuTfyp1VnmgLMVUPt2jNjS2ZLv7F32VUC5QRTA%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 946ab159f98c45a5-YVR
expires: 0
alt-svc: h3=":443"; ma=86400
content-length: 43
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
date: Wed, 28 May 2025 03:33:49 GMT
content-type: image/gif
vary: Accept-Encoding
server: cloudflare

Redirect headers

cache-control: no-cache, must-revalidate
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDvhb1d5I1FayYAstW3w8Qw&google_cver=1
pragma: no-cache
cross-origin-resource-policy: cross-origin
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length: 313
date: Wed, 28 May 2025 03:33:49 GMT
x-xss-protection: 0
content-type: text/html; charset=UTF-8
server: HTTP server (unknown)

GET
H2

200

setuid
ib.adnxs.com/ Frame 9C24
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEC77H3ZnIOBzP3fPvPhv7fM&google_cver=1

43 B
1 KB

286ms
285ms

Image
image/gif

68.67.181.248
ASN-APPNEX

General

Check archive.org

Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEC77H3ZnIOBzP3fPvPhv7fM&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPzgERCSv5rFGhjJ4N25AjAB&v=APEucNWSJVk3QjXIheYNMFgEFAj2p8rph4e5hex4aJWjsMRu-YGRIEo9s4ppVH4Fpx0nfjQ0utGQOioToyKVGzB2GnWYRmsoxg

Protocol

Server

68.67.181.248 North Bergen, United States, ASN29990 (ASN-APPNEX, US),

Reverse DNS

Software

nginx/1.23.4 /

Resource Hash

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://googleads.g.doubleclick.net/

Response headers

cache-control: no-store, no-cache, private
pragma: no-cache
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
x-proxy-origin: 79.127.254.86; 79.127.254.86; 1043.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; *.adnxs.com
expires: Sat, 15 Nov 2008 16:00:00 GMT
an-x-request-uuid: 3771b393-f7ef-4427-ba05-faff462de649
content-length: 43
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
date: Wed, 28 May 2025 03:33:49 GMT
x-xss-protection: 0
content-type: image/gif
server: nginx/1.23.4

Redirect headers

cache-control: no-cache, must-revalidate
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEC77H3ZnIOBzP3fPvPhv7fM&google_cver=1
pragma: no-cache
cross-origin-resource-policy: cross-origin
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length: 290
date: Wed, 28 May 2025 03:33:49 GMT
x-xss-protection: 0
content-type: text/html; charset=UTF-8
server: HTTP server (unknown)

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 9C24
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzYxMjE2NDA5NDczMzQ4MjMwMw%3D%3D

170 B
244 B

155ms
154ms

Image
image/png

142.251.163.154
GOOGLE

General

Check archive.org

Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzYxMjE2NDA5NDczMzQ4MjMwMw%3D%3D

Requested by

Protocol

Server

142.251.163.154 Farmingdale, United States, ASN15169 (GOOGLE, US),

Reverse DNS

wv-in-f154.1e100.net

Software

HTTP server (unknown) /

Resource Hash

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://googleads.g.doubleclick.net/

Response headers

cache-control: no-cache, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
date: Wed, 28 May 2025 03:33:49 GMT
x-xss-protection: 0
content-type: image/png
server: HTTP server (unknown)

Redirect headers

cache-control: no-store, no-cache, private
location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzYxMjE2NDA5NDczMzQ4MjMwMw%3D%3D
pragma: no-cache
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
access-control-allow-credentials: true
x-proxy-origin: 79.127.254.86; 79.127.254.86; 1043.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; *.adnxs.com
expires: Sat, 15 Nov 2008 16:00:00 GMT
access-control-allow-origin: *
an-x-request-uuid: a1d7caae-e8c5-452e-a733-775258472843
content-length: 0
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
date: Wed, 28 May 2025 03:33:49 GMT
x-xss-protection: 0
content-type: text/html; charset=utf-8
server: nginx/1.23.4

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 4C58 0
0 291ms
289ms Fetch
image/gif 142.251.111.155
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=av-js&type=fle-fetch-start2

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.111.155 Farmingdale, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://googleads.g.doubleclick.net/

Response headers

cache-control: no-cache, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 0
date: Wed, 28 May 2025 03:33:49 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 4C58 0
0 147ms
146ms Fetch
image/gif 142.251.111.155
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=av-js&type=colleague-executed&name=4

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.111.155 Farmingdale, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://googleads.g.doubleclick.net/

Response headers

cache-control: no-cache, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 0
date: Wed, 28 May 2025 03:33:49 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 4C58 0
0 149ms
149ms Fetch
image/gif 142.251.111.155
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=av-js&type=reach&proto=CAlgAWACaAM%3D

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.111.155 Farmingdale, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://googleads.g.doubleclick.net/

Response headers

cache-control: no-cache, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 0
date: Wed, 28 May 2025 03:33:49 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET
DATA 200
OK truncated
/ Frame 4C58 217 B
0 Image
image/png

General

Check archive.org

Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 918f2cae4d5ecc2e6781a43827b1d7155b06672b9541393e2c76532137604bba

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: image/png

GET
H2 200 62bHydCX.html Show response
tpc.googlesyndication.com/sodar/ Frame 961C 38 KB
13 KB 144ms
139ms Document
text/html 64.233.180.132
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/62bHydCX.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

64.233.180.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
age: 1024
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3000
content-encoding: br
content-length: 13045
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 28 May 2025 03:16:45 GMT
expires: Wed, 28 May 2025 04:06:45 GMT
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 header-bidding.js
yandex.ru/ads/system/ 120 KB
34 KB 1465ms
497ms Script
text/javascript 77.88.55.88
YANDEX YANDEX LLC

General

Check archive.org

Download Go to

Full URL

https://yandex.ru/ads/system/header-bidding.js

Requested by

Host: ads.digitalcaramel.com
URL: https://ads.digitalcaramel.com/caramel.js?ts=1748403224718

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

77.88.55.88 , Russian Federation, ASN13238 (YANDEX YANDEX LLC, RU),

Reverse DNS

yandex.ru

Software

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://goo.su/

Response headers

x-robots-tag: noindex, noarchive, nofollow
x-yandex-req-id: 1748403230650864-1388652847679823217-balancer-l7leveler-kubr-yp-sas-244-BAL
cache-control: private, max-age=3600
nel: {"report_to": "network-errors", "max_age": 100, "success_fraction": 0.001, "failure_fraction": 0.1}
timing-allow-origin: *
content-encoding: br
accept-ch: Sec-CH-UA-Platform-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Platform, Sec-CH-UA-Full-Version, Sec-CH-Viewport-Width, Viewport-Width, DPR, Device-Memory, RTT, Downlink, ECT, Width
etag: "706eda89ab1983d4ca1992881f88b634-1280181"
report-to: { "group": "network-errors", "max_age": 100, "endpoints": [{"url": "https://dr.yandex.net/nel", "priority": 1}, {"url": "https://dr2.yandex.net/nel", "priority": 2}]}
x-content-type-options: nosniff
expires: Wed, 28 May 2025 04:33:50 GMT
access-control-allow-origin: *
content-type: text/javascript; charset=utf-8

GET
H2 200 roxot-manager.js
cdn.skcrtxr.com/roxot-wrapper/js/ 9 KB
3 KB 1634ms
516ms Script
text/javascript 95.181.182.182
EdgeCenterLLC Edg...

General

Check archive.org

Download Go to

Full URL: https://cdn.skcrtxr.com/roxot-wrapper/js/roxot-manager.js?pid=19e08d82-9ec3-4dda-b15f-01ab2c95e167
Requested by: Host: ads.digitalcaramel.com
URL: https://ads.digitalcaramel.com/caramel.js?ts=1748403224718
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 95.181.182.182 Perm, Russian Federation, ASN210756 (EdgeCenterLLC EdgeCenter LLC, RU),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://goo.su/

Response headers

cache: HIT
cache-control: max-age=600, public, s-maxage=600
content-encoding: gzip
access-control-allow-origin: *
date: Wed, 28 May 2025 03:33:50 GMT
content-type: text/javascript; charset=UTF-8
x-cached-since: 2025-05-28T03:28:41+00:00
server: nginx
x-node: m9p-up-gc53

GET
H2 200 aci.js
www.acint.net/ 31 KB
9 KB 1252ms
384ms Script
application/x-javascript 142.132.138.215
HETZNER-AS Hetzne...

General

Check archive.org

Download Go to

Full URL: https://www.acint.net/aci.js
Requested by: Host: goo.su
URL: https://goo.su/wRsqq
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 142.132.138.215 Falkenstein, Germany, ASN24940 (HETZNER-AS Hetzner Online GmbH, DE),
Reverse DNS: static.215.138.132.142.clients.your-server.de
Software: openresty /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://goo.su/

Response headers

cache-control: max-age=43200
content-encoding: gzip
etag: "6710dc14-225f"
expires: Wed, 28 May 2025 15:33:50 GMT
content-length: 8799
date: Wed, 28 May 2025 03:33:50 GMT
content-type: application/x-javascript
last-modified: Thu, 17 Oct 2024 09:42:44 GMT
server: openresty

GET
H2

200

aotm.js
sync.dmp.otm-r.com/match/
Redirect Chain

https://sync.dmp.otm-r.com/match/aotm.js
https://sync.dmp.otm-r.com/match/aotm.js?otcm_check=1748403230

5 KB
5 KB

269ms
269ms

Script
application/javascript

194.55.244.188
PROCLOUD KVIKTEL LLC

General

Check archive.org

Download Go to

Full URL: https://sync.dmp.otm-r.com/match/aotm.js?otcm_check=1748403230
Protocol: H2
Server: 194.55.244.188 Moscow, Russian Federation, ASN34959 (PROCLOUD KVIKTEL LLC, RU),
Reverse DNS
Software: nginx/1.23.4 /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://goo.su/

Response headers

access-control-allow-origin: *
date: Wed, 28 May 2025 03:33:51 GMT
content-type: application/javascript
server: nginx/1.23.4

Redirect headers

access-control-allow-origin: *
location: /match/aotm.js?otcm_check=1748403230
content-length: 59
date: Wed, 28 May 2025 03:33:50 GMT
content-type: text/html; charset=utf-8
server: nginx/1.23.4

GET
H2 200 buzzoola_ext.js
tube.buzzoola.com/js/lib/ 959 B
772 B 1602ms
327ms Script
application/javascript 151.236.118.162
CDNetworks GLOBAL...

General

Check archive.org

Download Go to

Full URL: https://tube.buzzoola.com/js/lib/buzzoola_ext.js
Requested by: Host: ads.digitalcaramel.com
URL: https://ads.digitalcaramel.com/caramel.js?ts=1748403224718
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 151.236.118.162 Moscow, Russian Federation, ASN204720 (CDNetworks GLOBAL CLOUD NETWORK LLC, RU),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://goo.su/

Response headers

x-cdn-edge-id: 310
x-cdn-edge-cache: HIT
content-encoding: gzip
expires: Wed, 28 May 2025 04:00:00 GMT
date: Wed, 28 May 2025 03:33:50 GMT
content-type: application/javascript; charset=utf-8
last-modified: Tue, 27 May 2025 08:24:07 GMT
server: nginx
x-cdn-request-id: 3cc093c065dde7fd7f0de5bc51770668

GET
H2 200 context.js
yandex.ru/ads/system/ 389 KB
108 KB 1752ms
788ms Script
text/javascript 77.88.55.88
YANDEX YANDEX LLC

General

Check archive.org

Download Go to

Full URL

https://yandex.ru/ads/system/context.js

Requested by

Host: ads.digitalcaramel.com
URL: https://ads.digitalcaramel.com/caramel.js?ts=1748403224718

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

77.88.55.88 , Russian Federation, ASN13238 (YANDEX YANDEX LLC, RU),

Reverse DNS

yandex.ru

Software

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://goo.su/

Response headers

x-robots-tag: noindex, noarchive, nofollow
x-yandex-req-id: 1748403230651342-1094345440549886145-balancer-l7leveler-kubr-yp-sas-244-BAL
nel: {"report_to": "network-errors", "max_age": 100, "success_fraction": 0.001, "failure_fraction": 0.1}
timing-allow-origin: *
content-encoding: br
cache-control: private, max-age=3600
accept-ch: Sec-CH-UA-Platform-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Platform, Sec-CH-UA-Full-Version, Sec-CH-Viewport-Width, Viewport-Width, DPR, Device-Memory, RTT, Downlink, ECT, Width
etag: "b88a745cbcb8541d6503eb51f79cb0a9-1280181"
report-to: { "group": "network-errors", "max_age": 100, "endpoints": [{"url": "https://dr.yandex.net/nel", "priority": 1}, {"url": "https://dr2.yandex.net/nel", "priority": 2}]}
x-content-type-options: nosniff
expires: Wed, 28 May 2025 04:33:50 GMT
access-control-allow-origin: *
content-type: text/javascript; charset=utf-8

POST /
privacy-cs.mail.ru/fp/ 0
0

POST
H2 200 /
kraken.rambler.ru/cnt/v2/ 43 B
479 B 440ms
438ms XHR
image/gif 94.139.255.28
CLOUDRU-AS "Cloud...

General

Check archive.org

Download Go to

Full URL

https://kraken.rambler.ru/cnt/v2/

Requested by

Host: st.top100.ru
URL: https://st.top100.ru/top100/top100.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

94.139.255.28 Asbest, Russian Federation, ASN208677 (CLOUDRU-AS "Cloud Technologies" LLC trading as Cloud.ru, RU),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Content-Type: application/x-www-form-urlencoded
Referer: https://goo.su/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
cache-control: no-cache
accept-ch: Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
pragma: no-cache
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
expires: Thu, 01 Jan 1970 00:00:01 GMT
access-control-allow-origin: https://goo.su
x-sca-elb: t100-exd
content-length: 43
date: Wed, 28 May 2025 03:33:49 GMT
content-type: image/gif
access-control-allow-headers: content-type

GET
H3 200 Wb8bPZigRvc_GFKs9artHwCAEk0Ifr6vx8-xXlqx1qs.js
pagead2.googlesyndication.com/bg/ Frame 961C 54 KB
21 KB 143ms
142ms Script
text/javascript 142.251.111.155
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Wb8bPZigRvc_GFKs9artHwCAEk0Ifr6vx8-xXlqx1qs.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.111.155 Farmingdale, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://tpc.googlesyndication.com/

Response headers

content-encoding: br
age: 187894
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
x-content-type-options: nosniff
expires: Mon, 25 May 2026 23:22:15 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sun, 25 May 2025 23:22:15 GMT
last-modified: Mon, 19 May 2025 09:28:00 GMT
content-type: text/javascript
vary: Accept-Encoding
cache-control: public, max-age=31536000
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
accept-ranges: bytes
content-length: 21184
x-xss-protection: 0
server: sffe

OPTIONS
H/1.1 200
OK /
privacy-cs.mail.ru/fp/ Frame 0
0 3042ms
411ms Preflight
application/octet-stream 95.163.52.89
VK-AS LLC VK

General

Check archive.org

Download Go to

Full URL: https://privacy-cs.mail.ru/fp/?id=ee15WjQVDeGcU94Aod8LY
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 95.163.52.89 , Russian Federation, ASN47764 (VK-AS LLC VK, RU),
Reverse DNS: r3.mail.ru
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://goo.su
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36

Response headers

Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: content-type
Access-Control-Allow-Method: POST
Access-Control-Allow-Origin: https://goo.su
Access-Control-Max-Age: 1728000
Cache-Control: max-age=7200
Connection: keep-alive
Content-Length: 0
Content-Type: application/octet-stream
Date: Wed, 28 May 2025 03:33:52 GMT
Expires: Wed, 28 May 2025 05:33:52 GMT
Server: nginx

GET
H3 200 view
ad.doubleclick.net/pcs/ Frame 4C58 0
0 153ms
152ms Fetch
image/png 142.250.31.148
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://ad.doubleclick.net/pcs/view?xai=AKAOjstU58kAj9vxFWe5eZfTIWDmsItZwDv4DGH3hRX_N-vZ_ALI3qwG-jh8bPWGzcURJdhO9pL__4HDmhoM9DsSoNh17ULdUM5aH4-S1WHWjFv6dkMIco-I7m0ZaKWD2vl1D9FAhTT8fJqYwZsW6Tg_lm2qp4x6J5wetEQUIOak6cqZHdJT-qNg_mK7pHIDthlmSLaWawrlShQdoJDA31GpbpvPaHJIh-AdyzDPl6Eyfdjr9ov641-UEtM2VW23MUIqwKsZMDidv84yJWzc_2O6sCIITHVzqx7v7UWDt7k-orQVZehAsFZqjG72agyxlonlxRqaC84Yg6Zwkg6TvE2IGQK3T3KFXil6sF4tpSjr78mt7g-cbBcV4c6mtk9MJsj8QOC8l_8750uUyF2rvL2QXOazV9HdOy9UlDjYcz8-s1ISGS9g5YZmYETtpDxBQb_ysv64IllFM1Ovf3RF8vK6WIA0EL28_IobOllrNlVGlTONfaMYQIiImW8lwbWGsTUbXqqkyJy-_1NsC_5JrqZQPPPQ0F58c-Ul-ml6LZ2mr6QqYu0IrfL_JXdnZhCAEjqT40VVfHawii13KnEdMDoTAMde1AphEQ5GB8XzPV8L_pEAvyfaI36DpCWLrrV9LzJazJTbwlzxXR_F4Ysp2tjiGNdmO0zSCAfhg659tCl8NzFEE5z0U_cOHdb6fqAlZC6YhB7bi2CZTBJq7znPvsUC19YSO-HyP2bWferLuwW4kcXdHzyBmLh-T6mb-exRUbQlSYEUNKnBPrE-Hx33yZXZWOft6MZfHIl7PAh8_4SRzeYeTUql7PfOB01So7N8E4DXcOO1kH4ozkRUeozG9sTk_GVKy4vKkGSC7N5Viw3EdAQZL-7uXw5PhF4ofWtTOpLgJccyU9jmvAt436v1Suf5ZkdsG74R7m_wLqMEpDlexz9XCTUJ8ZZMDYIij9PYM5peC7Nhja0981JISZMQ9QMZARLTkdVzkCteHisJ_P4D_qg9ro_BK243szy6BvlS_-PNOB9Jx-_B_Py8cTQcf2jV2Um9nv56R4MD_KvXe4ZCjXyf9J_MkvPRjfQkSutI6aoKoQwM6BeJ1S0PDCLVJurgH9c_J8sHesTlpmkSo5zw4AejSWWV1sfN-hcu_WkGI24e6MTtixSKDHFxmWKEIDXVSAlFMivqXDscaSZ3Wa2TwHiNHLb42qD7ai6jt6e9QRUCs8RbDCWDVuVIjVaA8Ls5-fqVvH6jAFjXFPjW5zzCpVUjXkXQldOeT74VumbQbqx1sZ_iuJKEmVgy7dqcAzF6fgUweNvV1RwZ-bod9g9trkV8WnEZ_IW8aAR6aIc8HB0AGGp3WygwMDLCpefZmM_VGKvyKcj1A4iWg2N3wrznOP-VX4WZSrYEQRAyly5cnw89DtVemLydeCncv0AJyMqpBCVXv93naAHRiw&sai=AMfl-YRwyXDgk2ZoM7ElNUtYQvSJrvG_-u1sWvr35bvA6PURVc89UCsszbhlEw5l8wu9MSi9B4sZsawkX0zri63FPCblOlXnewh0Zpyti6vRs7px0rmGK-fQjFR4CK2kOy8WD_pG8IOGZicdmtNhcDV0MJIOV_FmyydW3TADZcPq1rW3qc-TnAFh1-b-ithwZ7DcvGsPxWePxXtzNroq3GgmDopqBckrSLoI2qom4BQVpmUdN4U9CghUNB4hztJuvMq9jZdBPVVj4C3Emreie5j5pWHYZaa6ls7kUDV55YizaJlgVv8jJonM0DpmzWW7WsfTuyjPzCzjEz7ucnCJP9Wlpkb60T56Nvk4n02_mKbfZS3VSX5yZvDDenvnS1nmJMx_6Btj-O9xHYgTH2XYu4wwTHDXEeSOrbSIf_90Ntt8Sm4CBXbYS3hRrdD9hSEIDtX4ncEWOLi6PTAUNcRTDYRWg9eEUr67HTbeS4eGo-hdxtRhMMGtcYJLGHK2UfoS_rA8vtK5DAqWd8Q&sig=Cg0ArKJSzLyNM8g09eGVEAE&uach_m=%5BUACH%5D&crd=aHR0cHM6Ly9nYXJkZW53b3Jrcy5jYQ&pr=missingexchangepricemacro&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=1556&vt=11&dtpt=1553&dett=2&cstd=0&cisv=r20250522.62514&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=1&ftch=1&adurl=

Requested by

Host: goo.su
URL: https://goo.su/wRsqq

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.31.148 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bj-in-f148.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://googleads.g.doubleclick.net/

Response headers

cache-control: private
timing-allow-origin: *
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Wed, 28 May 2025 03:33:49 GMT
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length: 0
date: Wed, 28 May 2025 03:33:49 GMT
x-xss-protection: 0
content-type: image/png
attribution-reporting-register-source: {"aggregation_keys":{"12":"0x4d5281001767a7590000000000000000","13":"0x4c2c93f9481e483b0000000000000000","14":"0xae9ac28d200c79930000000000000000","15":"0x8387a74367af00220000000000000000"},"debug_key":"11476308920437173847","debug_reporting":true,"destination":["https://gardenworks.ca"],"event_report_windows":{"end_times":[86400,345600]},"expiry":"2592000","filter_data":{"14":["145948366","145952068"],"21":[],"23":[],"24":[],"25":[],"26":[],"27":[],"28":[],"29":[],"8":["15480979"]},"max_event_level_reports":2,"priority":"0","source_event_id":"514018985743074927"}
server: cafe

GET
H2 200 Primary Request 5d6a1486-64ee-479b-91a7-3c9e2a3536b9 Show response
instructionss.yonote.ru/share/ 3 KB
4 KB 1716ms
535ms Document
text/html 84.201.174.160
YandexCloud Yande...

General

Check archive.org

Download Go to

Full URL

https://instructionss.yonote.ru/share/5d6a1486-64ee-479b-91a7-3c9e2a3536b9

Requested by

Host: goo.su
URL: https://goo.su/frontend/js/redirect.js?id=399eaf833ac5f607b305c4ace0c25eb5

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

84.201.174.160 , Russian Federation, ASN200350 (YandexCloud Yandex.Cloud LLC, RU),

Reverse DNS

Software

Resource Hash

9bd359a03588461ed6c9613fddd3773fd45fc72be549549ff2836c64e4a4f24b

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://cdn.s.yonote.ru; style-src 'self' 'unsafe-inline' github.githubassets.com .wilix.dev https://cdn.s.yonote.ru; script-src 'self' 'unsafe-inline' 'unsafe-eval' gist.github.com .wilix.dev mc.yandex.ru https://cdn.s.yonote.ru 'nonce-9527ae3f447a9f5555386efb5d37f711'; img-src * data: blob:; media-src ; font-src data: ; frame-src * data:; connect-src * data:
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://goo.su/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36

Response headers

content-length: 3542
content-security-policy: default-src 'self' https://cdn.s.yonote.ru; style-src 'self' 'unsafe-inline' github.githubassets.com *.wilix.dev https://cdn.s.yonote.ru; script-src 'self' 'unsafe-inline' 'unsafe-eval' gist.github.com *.wilix.dev mc.yandex.ru https://cdn.s.yonote.ru 'nonce-9527ae3f447a9f5555386efb5d37f711'; img-src * data: blob:; media-src *; font-src data: *; frame-src * data:; connect-src * data:
content-type: text/html; charset=utf-8
date: Wed, 28 May 2025 03:33:51 GMT
host: instructionss.yonote.ru
referrer-policy: no-referrer
strict-transport-security: max-age=15724800; includeSubDomains
timing-allow-origin: https://app.yonote.ru, https://sentry.wilix.dev
x-app-hash: fcdb5d8b212620d35845536c566c0ffd0c4234e0
x-app-version: 1.25.4
x-content-type-options: nosniff
x-dns-prefetch-control: on
x-download-options: noopen
x-forwarded-for: 79.127.254.86
x-forwarded-proto: https
x-real-ip: 79.127.254.86
x-request-id: 9fe449171ff9a5646db381db1b700ed2
x-xss-protection: 1; mode=block

POST
H2 200 /
kraken.rambler.ru/cnt/v2/ 43 B
478 B 346ms
343ms Ping
image/gif 94.139.255.28
CLOUDRU-AS "Cloud...

General

Check archive.org

Download Go to

Full URL

https://kraken.rambler.ru/cnt/v2/

Requested by

Host: st.top100.ru
URL: https://st.top100.ru/top100/top100.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

94.139.255.28 Asbest, Russian Federation, ASN208677 (CLOUDRU-AS "Cloud Technologies" LLC trading as Cloud.ru, RU),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Referer: https://goo.su/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
cache-control: no-cache
accept-ch: Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
pragma: no-cache
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
expires: Thu, 01 Jan 1970 00:00:01 GMT
access-control-allow-origin: https://goo.su
x-sca-elb: t100-exd
content-length: 43
date: Wed, 28 May 2025 03:33:50 GMT
content-type: image/gif
access-control-allow-headers: content-type

POST
H2 200 /
kraken.rambler.ru/cnt/v2/ 43 B
478 B 395ms
394ms Ping
image/gif 94.139.255.28
CLOUDRU-AS "Cloud...

General

Check archive.org

Download Go to

Full URL

https://kraken.rambler.ru/cnt/v2/

Requested by

Host: st.top100.ru
URL: https://st.top100.ru/top100/top100.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

94.139.255.28 Asbest, Russian Federation, ASN208677 (CLOUDRU-AS "Cloud Technologies" LLC trading as Cloud.ru, RU),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Referer: https://goo.su/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
cache-control: no-cache
accept-ch: Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
pragma: no-cache
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
expires: Thu, 01 Jan 1970 00:00:01 GMT
access-control-allow-origin: https://goo.su
x-sca-elb: t100-exd
content-length: 43
date: Wed, 28 May 2025 03:33:50 GMT
content-type: image/gif
access-control-allow-headers: content-type

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 961C 0
20 B 152ms
152ms Image
image/gif 142.251.111.155
GOOGLE

General

Check archive.org

Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=BlQuuG4Q2aKSuIaHTmLAP7obHgAQAAAAAOAHgBAI&bg=!urmlufbNAAYA59AtIOc7ADQBe5WfOJgKiE46RhYdErnnPNVkpcfZYN57S17nKAjbNVtuJ0sbi_N6rSJ1cbaL7OWAmnI3AgAAARpSAAAALWgBB34ANVvDIl1s4G3D2yezEvNKG_zT0GOJyXwl4EMQGPzD-qE5ZI9nwtDtJXDA3sm3MTkIShZkXLGiCgB31JzTDDTggvE92gmcoviXcdZPXJIBHPAadCmpHJjZTaua1MN30fzamasTBMIUq68scApruYG2i2Bxqn14X70S-gOdgZ3g9PFSZFnfh65-U1i8Ub1QQ5gU7RCCdfAvjYj-anLpTALOtCF5EBykDnEcrLi_rCAUN9iZAo7QmjJnV5hqzN-o43pXhgKVexBwvfEyjyDewXxEWSeuZss3QeKgQ3hplLF8q_zbqbNZa0QDBzw6r6ZiyPwV4jib3VBHPuyUn03jJwbkQbSBO0EIvCOWrMkuhP8amglwdEyBe2jgpydJr-bpL4d1H5MW7nCfM003k2dn0SC2GY2w_HY1HHXoBMLCEtJ6wlEM1l0wld1JZm4K46wSIn0UP-kof-_4ny1NKAyBDGIqE0SGK-U3EfRw7sdeegQWv-zw6Ccbguaz3mtglJ1MO-HKd0YTkke_RPPMm0j7JSrjzahkPvNW4Qm4Yh95YeYgussYz1llEbwLFkIHkI1v9R9JQXb6-v8WfxL33sPGWH9TK4wotMT9K8WT6MNNQW1Pq5HlbnbFB0EXNm5lVjlMiBeVNGsE-9teUgrIyYp7CxRzFoymSXoCd0q_-Xlvxks5UqgxPsLCI8JJkMjJPFYmuAnaRFQtGuEnALGUjcegQZUcotPWfTVbdsjwhvWz6Ubw2v_kF-KYySgw4eYiJ2o0xAPtomalFxaGC3jYjm5vaewjc0TEg441x3EyGm6-H1Mx_RafDrqvj6GrqGMl5bfQmqPagN1RcoLY8w0yyIs4tMFT7DrBOwmtpd7E9fCtkbWOLK1qMrIL4X0mFX2f0sTaJa7K4PSj_6R2yOxJxHbu-eV_y2HsCqEYR2_L06ppBemqK5CuxW2rPpjeHk4IZwfNy2cllLdxjlaNdzyyH0FxMQjtrdr7BSJGMAaLYHQ-HZbyzSFmrGQZE2sctOlhfDSgMWE951PVziN-wcnKbxeqrx2safJLfXtJdj08oCCeysZdpPTYOb4rI19Z2ZnbDB6RSOPIGGLjQ6EMY7UB4gtj8sfeFEs

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.111.155 Farmingdale, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://tpc.googlesyndication.com/

Response headers

cache-control: no-cache, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 0
date: Wed, 28 May 2025 03:33:50 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

POST /
privacy-cs.mail.ru/fp/ 0
0

OPTIONS
H/1.1 200
OK /
privacy-cs.mail.ru/fp/ Frame 0
0 2226ms
239ms Preflight
application/octet-stream 95.163.52.89
VK-AS LLC VK

General

Check archive.org

Download Go to

Full URL: https://privacy-cs.mail.ru/fp/?id=ee15WjQVDeGcU94Aod8LY
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 95.163.52.89 , Russian Federation, ASN47764 (VK-AS LLC VK, RU),
Reverse DNS: r3.mail.ru
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://goo.su
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36

Response headers

Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: content-type
Access-Control-Allow-Method: POST
Access-Control-Allow-Origin: https://goo.su
Access-Control-Max-Age: 1728000
Cache-Control: max-age=7200
Connection: keep-alive
Content-Length: 0
Content-Type: application/octet-stream
Date: Wed, 28 May 2025 03:33:52 GMT
Expires: Wed, 28 May 2025 05:33:52 GMT
Server: nginx

GET
H2

200

/
www.acint.net/mc/ Frame 0E50
Redirect Chain

https://www.acint.net/mc/?dp=14&pi=1753819
https://www.acint.net/mc/?dp=14&tc=1&pi=1753819

0
0

348ms
347ms

Document
text/html

193.3.184.137
QWARTA QWARTA LLC

General

Check archive.org

Download Go to

Full URL: https://www.acint.net/mc/?dp=14&tc=1&pi=1753819
Requested by: Host: www.acint.net
URL: https://www.acint.net/aci.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 193.3.184.137 , Russian Federation, ASN50214 (QWARTA QWARTA LLC, RU),
Reverse DNS: asrv321.qwarta.ru
Software: openresty /
Resource Hash

Request headers

Referer: https://goo.su/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36

Response headers

content-encoding: gzip
content-type: text/html
date: Wed, 28 May 2025 03:33:51 GMT
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
server: openresty

Redirect headers

content-length: 154
content-type: text/html
date: Wed, 28 May 2025 03:33:51 GMT
location: /mc/?dp=14&tc=1&pi=1753819
server: openresty

GET
H2 200 oci.js
www.acint.net/ 31 KB
14 KB 243ms
228ms Script
application/x-javascript 142.132.138.215
HETZNER-AS Hetzne...

General

Check archive.org

Download Go to

Full URL: https://www.acint.net/oci.js?t=1748403230695
Requested by: Host: www.acint.net
URL: https://www.acint.net/aci.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 142.132.138.215 Falkenstein, Germany, ASN24940 (HETZNER-AS Hetzner Online GmbH, DE),
Reverse DNS: static.215.138.132.142.clients.your-server.de
Software: openresty /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://goo.su/

Response headers

content-encoding: gzip
date: Wed, 28 May 2025 03:33:50 GMT
etag: W/"641e08d5-7dac"
content-type: application/x-javascript
last-modified: Fri, 24 Mar 2023 20:32:21 GMT
server: openresty

GET
H2 200 /
www.acint.net/hit/ 43 B
339 B 386ms
372ms Image
image/gif 142.132.138.215
HETZNER-AS Hetzne...

General

Check archive.org

Download Go to Show image

Full URL: https://www.acint.net/hit/?v=0.7.1&uid=6fa8c88b-2ddd-452b-957c-225448574810&dp=14&tz=-07%3A00&nc=654542&u=https%3A%2F%2Fgoo.su%2FwRsqq&r=&rs=1600x1200&t=Redirecting&oE=1&oP=1&dT=2025-05-27T20%3A33%3A50.677&fu=36f80040-81a7-4c56-ba56-22f01457657f
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 142.132.138.215 Falkenstein, Germany, ASN24940 (HETZNER-AS Hetzner Online GmbH, DE),
Reverse DNS: static.215.138.132.142.clients.your-server.de
Software: openresty /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://goo.su/

Response headers

expires: Wed, 19 Apr 2000 11:43:00 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-length: 43
date: Wed, 28 May 2025 03:33:50 GMT
content-type: image/gif
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: openresty

GET
H2 200 buzzoola_ufp.js
tube.buzzoola.com//js/lib/ 13 KB
5 KB 351ms
350ms Script
application/javascript 151.236.118.162
CDNetworks GLOBAL...

General

Check archive.org

Download Go to

Full URL: https://tube.buzzoola.com//js/lib/buzzoola_ufp.js
Requested by: Host: tube.buzzoola.com
URL: https://tube.buzzoola.com/js/lib/buzzoola_ext.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 151.236.118.162 Moscow, Russian Federation, ASN204720 (CDNetworks GLOBAL CLOUD NETWORK LLC, RU),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://goo.su/

Response headers

x-cdn-edge-id: 310
x-cdn-edge-cache: HIT
content-encoding: gzip
expires: Wed, 28 May 2025 04:00:00 GMT
date: Wed, 28 May 2025 03:33:51 GMT
content-type: application/javascript; charset=utf-8
last-modified: Tue, 27 May 2025 08:24:07 GMT
server: nginx
x-cdn-request-id: af133b79eab578dfd6c2bdf6c5b92a8d

GET
H2 200 common-engine.js
cdn.skcrtxr.com/wrapper/js/ 548 KB
133 KB 279ms
278ms Script
text/javascript 95.181.182.182
EdgeCenterLLC Edg...

General

Check archive.org

Download Go to

Full URL: https://cdn.skcrtxr.com/wrapper/js/common-engine.js?v=s-c6a4ba65-74ce-4bf1-99c1-8f2d0ee53b2b
Requested by: Host: cdn.skcrtxr.com
URL: https://cdn.skcrtxr.com/roxot-wrapper/js/roxot-manager.js?pid=19e08d82-9ec3-4dda-b15f-01ab2c95e167
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 95.181.182.182 Perm, Russian Federation, ASN210756 (EdgeCenterLLC EdgeCenter LLC, RU),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://goo.su/

Response headers

cache: HIT
cache-control: max-age=31536000, public, s-maxage=31536000
content-encoding: gzip
access-control-allow-origin: *
date: Wed, 28 May 2025 03:33:51 GMT
content-type: text/javascript; charset=UTF-8
x-cached-since: 2025-05-14T13:06:56+00:00
server: nginx
x-node: m9p-up-gc53

OPTIONS getcookie
matchid.adfox.yandex.ru/ Frame 0
0

POST getcookie
matchid.adfox.yandex.ru/ 0
0

GET bde3f56866b2d68292d7.js
yastatic.net/partner-code-bundles/1280181/ 0
0

GET 6fbc6f52e19aabdf3559.js
yastatic.net/partner-code-bundles/1280181/ 0
0

POST yandex_hb
px.adhigh.net/rtb/ 0
0

POST
H3 204 auction
pbs.alfasense.com/yandex/ 0
745 B 631ms
422ms XHR
text/plain 172.67.185.233
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL: https://pbs.alfasense.com/yandex/auction
Requested by: Host: yandex.ru
URL: https://yandex.ru/ads/system/header-bidding.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.185.233 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Content-Type: text/plain
Referer: https://goo.su/

Response headers

x-bid: d0r887vviq8v5r1d15kg
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status: DYNAMIC
access-control-allow-credentials: true
access-control-allow-methods: GET, HEAD, POST, OPTIONS, PUT, DELETE
x-error: empty candidates
cf-ray: 946ab164a8d9c39b-SEA
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=FmQhxOa6VGMBzv%2BslFptEdyypIpjXYCIo7lljeOT1zOnnR3lTVR1Rl4osZdzR7RI4zz5a2I1Ja5zPjSvrUsVNst4C6LdSb5mGOguUDFwE0zyKG4bY1A4gg9JtqHPC8Ptyswbmg%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: https://goo.su
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=100530&min_rtt=86674&rtt_var=23971&sent=12&recv=14&lost=0&retrans=0&sent_bytes=3764&recv_bytes=5959&delivery_rate=252575&cwnd=15690&unsent_bytes=0&cid=3d628536159afa11&ts=516&x=92"
date: Wed, 28 May 2025 03:33:51 GMT
server: cloudflare
access-control-allow-headers: Content-Type, Authorization, Origin, X-Requested-With, Accept, Key, Accept-Encoding, DNT

POST adfox
exchange.buzzoola.com/ssp/ 0
0

POST pl999
ssp.bidvol.com/rtb/ 0
0

POST yhb
yhb.p.otm-r.com/ 0
0

POST adjson
ads.betweendigital.com/ 0
0

POST adfox
kimberlite.io/rtb/bid/hb/ 0
0

POST bids
ssp.al-adtech.com/api/adfox/ 0
0

POST adfoxhb
ssp-rtb.sape.ru/ 0
0

POST bidder
hb-bidder.skcrtxr.com/ 0
0

POST bid
otclick-adv.ru/core/rtb/hb/ 0
0

POST
H2 200 yandex
a.utraff.com/ 12 B
0 899ms
481ms XHR
application/json 104.26.7.189
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL: https://a.utraff.com/yandex
Requested by: Host: yandex.ru
URL: https://yandex.ru/ads/system/header-bidding.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 104.26.7.189 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Content-Type: text/plain
Referer: https://goo.su/

Response headers

access-control-expose-headers: Content-Length,Content-Range
content-encoding: gzip
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=p3s9uYMNGl9LW%2FVRmHi9n2BScY%2BblS7IJGmcX5kk4Vo2o1iLGUvcUTfVMnAeYiSBtrdnNvjPf9HhnEIhl4eHCgaLIjTf9jKikzJyd1I0Buv%2BfpVTPvhXbiD5Kq40DQ%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods: GET, POST, OPTIONS
server-timing: cfL4;desc="?proto=TCP&rtt=4702&min_rtt=4591&rtt_var=548&sent=10&recv=15&lost=0&retrans=0&sent_bytes=3396&recv_bytes=3747&delivery_rate=878107&cwnd=256&unsent_bytes=0&cid=2cad44e312748bd4&ts=685&x=0"
date: Wed, 28 May 2025 03:33:52 GMT
content-type: application/json
vary: Origin, accept-encoding
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
access-control-allow-credentials: true
cf-ray: 946ab1661c83cdf7-SEA
access-control-allow-origin: https://goo.su
content-length: 32
server: cloudflare

POST /
hb.bumlam.com/yandex/ 0
0

POST /
ad.mail.ru/hbid_yandex/ 0
0

POST adfoxhb
ssp.hybrid.ai/ 0
0

POST bid.cgi
pb.adriver.ru/cgi-bin/ 0
0

GET sspmatch
ads.betweendigital.com/ 0
0

GET syncd
kimberlite.io/rtb/ 0
0

GET

/
ssp-rtb.sape.ru/rmatch/
Redirect Chain

https://acint.net/cmatch/?dp=14&pi=1753819
https://ssp-rtb.sape.ru/rmatch/?r=https%3A%2F%2Facint.net%2Frmatch%3Fdp%3D14%26euid%3D%24%7BUSER_ID%7D%26r%3Dhttps%253A%252F%252Fmc.acint.net%252Fcmatch%253Fdp%253D14

0
0

GET
H2 200 /
www.acint.net/oci/ 43 B
224 B 282ms
225ms Image
image/gif 142.132.138.215
HETZNER-AS Hetzne...

General

Check archive.org

Download Go to Show image

Full URL: https://www.acint.net/oci/?v=0.7.1&uid=6fa8c88b-2ddd-452b-957c-225448574810&dp=14&tz=-07%3A00&nc=418584&oid=4007db2f5b1f01dc820b25821e095d45
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 142.132.138.215 Falkenstein, Germany, ASN24940 (HETZNER-AS Hetzner Online GmbH, DE),
Reverse DNS: static.215.138.132.142.clients.your-server.de
Software: openresty /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://goo.su/

Response headers

expires: Wed, 19 Apr 2000 11:43:00 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-length: 43
date: Wed, 28 May 2025 03:33:51 GMT
content-type: image/gif
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: openresty

GET p
cs.agency2.ru/ 0
0

GET otm_wl
sync.opendsp.ru/match/ 0
0

GET /
rtb.dynotech.io/otm/sync/ 0
0

GET NjgzNjg0MWUwZDQ3Y2Y3OA%3D%3D
an.yandex.ru/mapuid/otmrtbis/ 0
0

GET videotarget
exchange.buzzoola.com/cookiesync/redirect/ 0
0

GET cm
match.ohmy.bid/ 0
0

GET sync
videotarget-sync.rutarget.ru/ 0
0

GET p
cs.agency2.ru/ 0
0

GET otm
ssp.al-adtech.com/api/sync/ 0
0

GET cm
sp.ohmy.bid/ 0
0

GET 0.gif
x01.aidata.io/ 0
0

GET OTM
sync.gonet-ads.com/match/ 0
0

GET otm_video
px.adhigh.net/p/cm/ 0
0

GET p
7509334693293576056-otm.ops.beeline.ru/ 0
0

GET cr
cr-frontend.weborama-tech.ru/ 0
0

GET p
s.suprion.ru/ 0
0

GET sync
a.adspector.io/ 0
0

GET match
ads.betweendigital.com/ 0
0

GET stable
sync.otm-r.com/match/ 0
0

GET OTM_bannner
sync.opendsp.ru/match/ 0
0

GET otm_ex
sync.opendsp.ru/match/ 0
0

GET sync
a.lotus-dsp.ru/ 0
0

GET sync
a.utraff.com/ 0
0

GET otm
kimberlite.io/rtb/sync/ 0
0

GET csync
ads.adlook.me/ 0
0

GET userbind
match.new-programmatic.com/ 0
0

GET OTM_direct_piratka_ssp
sync.dsp.solta.io/match/ 0
0

GET

rmatch
ssp-rtb.sape.ru/
Redirect Chain

https://www.acint.net/rmatch?dp=68&euid=NjgzNjg0MWUwZDQ3Y2Y3OA%3D%3D&r=https%3A%2F%2Fsync.dmp.otm-r.com%2Fmatch%2Fsape_stable%3Fid%3D%24%7BUSER_ID%7D
https://ssp-rtb.sape.ru/rmatch?r=https%3A%2F%2Facint.net%2Frmatch%3Fdp%3D14%26euid%3D$%7BUSER_ID%7D%26r%3Dhttps%253A%252F%252Fsync.dmp.otm-r.com%252Fmatch%252Fsape_stable%253Fid%253D%2524%257BUSER_...

0
0

GET sync
a.utraff.com/ 0
0

GET p
cs.alfasense.com/ 0
0

GET /
an.yandex.ru/mapuid/videonowssp/ 0
0

GET sync
a.adspector.io/ 0
0

GET /
sync.bumlam.com/ 0
0

GET OTM
sync.programmatica.com/match/ 0
0

GET otmrtb-sync
rtb.com.ru/ 0
0

GET match
dm-eu.hybrid.ai/ 0
0

GET rd
redirect.frontend.weborama.fr/ 0
0

GET sync
a.atraffic.ru/ 0
0

GET p
sm.rtb.mts.ru/ 0
0

GET image
sync.upravel.com/ 0
0

GET i
dmg.digitaltarget.ru/1/7493/i/ 0
0

GET cs
rtb.moe.video/ 0
0

GET cm
cmr.bidderstack.com/otm/ 0
0

GET sync
a.utraff.com/ 0
0

GET set
sync.rambler.ru/ 0
0

GET OTM_video
sync.opendsp.ru/match/ 0
0

GET cm
match.ohmy.bid/ 0
0

GET aidata.fp.latest.js
x01.aidata.io/lib/ 0
0

GET pixel.js
static.a.mts.ru/id/ 0
0

POST collect
www.google-analytics.com/g/ 0
0

GET text-variable-full.woff2
yastatic.net/s3/home/fonts/ys/3/ 0
0

GET ddfba45019cda42c0146.js
yastatic.net/partner-code-bundles/1280181/ 0
0

GET 872d86d9e47537540e4a.js
yastatic.net/partner-code-bundles/1280181/ 0
0

GET dcd4bb16057d678d15cb.js
yastatic.net/partner-code-bundles/1280181/ 0
0

GET host.js
yastatic.net/safeframe-bundles/0.83/ 0
0

GET 6173cb46d413c855afa4.js
yastatic.net/partner-code-bundles/1280181/ 0
0

GET dynamic.js
cdn.skcrtxr.com/wrapper-builder/19e08d82-9ec3-4dda-b15f-01ab2c95e167/ 0
0

GET sync
skcrtxr.com/user-sync-api/ 0
0

GET gen_204
pagead2.googlesyndication.com/pagead/ Frame F317 0
0

GET tracker
top-fwz1.mail.ru/ 0
0

POST collect
www.google-analytics.com/g/ 0
0

POST /
kraken.rambler.ru/cnt/v2/ 0
0

GET gen_204
pagead2.googlesyndication.com/pagead/ Frame 4C58 0
0

GET activeview
pagead2.googlesyndication.com/pcs/ Frame 4C58 0
0

GET
H2 200 index-C6KeYgs2.js Show response
cdn.s.yonote.ru/static/assets/ 13 MB
3 MB 2557ms
441ms Script
application/javascript 95.181.182.182
EdgeCenterLLC Edg...

General

Check archive.org

Download Go to

Full URL

https://cdn.s.yonote.ru/static/assets/index-C6KeYgs2.js

Requested by

Host: instructionss.yonote.ru
URL: https://instructionss.yonote.ru/share/5d6a1486-64ee-479b-91a7-3c9e2a3536b9

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

95.181.182.182 Perm, Russian Federation, ASN210756 (EdgeCenterLLC EdgeCenter LLC, RU),

Reverse DNS

Software

nginx /

Resource Hash

e5aa394e158350d2a1632f974e2f9272925f7b5fcd347bc7eb9d1438c306daf9

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://cdn.s.yonote.ru; style-src 'self' 'unsafe-inline' github.githubassets.com .wilix.dev https://cdn.s.yonote.ru; script-src 'self' 'unsafe-inline' 'unsafe-eval' gist.github.com .wilix.dev mc.yandex.ru https://cdn.s.yonote.ru 'nonce-b7a18248bfe529eba4579a74ae2a10c7'; img-src * data: blob:; media-src ; font-src data: ; frame-src * data:; connect-src * data:
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Security-Policy	default-src 'self' https://cdn.s.yonote.ru; style-src 'self' 'unsafe-inline' github.githubassets.com .wilix.dev https://cdn.s.yonote.ru; script-src 'self' 'unsafe-inline' 'unsafe-eval' gist.github.com .wilix.dev mc.yandex.ru https://cdn.s.yonote.ru 'nonce-b7a18248bfe529eba4579a74ae2a10c7'; img-src * data: blob:; media-src ; font-src data: ; frame-src * data:; connect-src * data:
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Origin: https://instructionss.yonote.ru
Referer

Response headers

x-request-id: 0ac33fc48ff9b743c0cd308b8a21f38a
cache: HIT
content-encoding: gzip
service-worker-allowed: /
x-forwarded-for: 2a02:2168:945b:9100:9db:e786:d78f:ace1, 5.188.121.196
x-content-type-options: nosniff
expires: Thu, 29 May 2025 03:33:54 GMT
date: Wed, 28 May 2025 03:33:54 GMT
content-type: application/javascript; charset=utf-8
vary: Accept-Encoding
host: app.yonote.ru
last-modified: Mon, 19 May 2025 11:16:04 GMT
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=15724800; includeSubDomains
x-node: m9p-up-gc71
content-security-policy: default-src 'self' https://cdn.s.yonote.ru; style-src 'self' 'unsafe-inline' github.githubassets.com *.wilix.dev https://cdn.s.yonote.ru; script-src 'self' 'unsafe-inline' 'unsafe-eval' gist.github.com *.wilix.dev mc.yandex.ru https://cdn.s.yonote.ru 'nonce-b7a18248bfe529eba4579a74ae2a10c7'; img-src * data: blob:; media-src *; font-src data: *; frame-src * data:; connect-src * data:
x-real-ip: 5.188.121.196
x-dns-prefetch-control: on
timing-allow-origin: https://app.yonote.ru, https://sentry.wilix.dev
cache-control: max-age=86400
x-forwarded-proto: https
x-content-security-policy: default-src 'self' https://cdn.s.yonote.ru; style-src 'self' 'unsafe-inline' github.githubassets.com *.wilix.dev https://cdn.s.yonote.ru; script-src 'self' 'unsafe-inline' 'unsafe-eval' gist.github.com *.wilix.dev mc.yandex.ru https://cdn.s.yonote.ru 'nonce-b7a18248bfe529eba4579a74ae2a10c7'; img-src * data: blob:; media-src *; font-src data: *; frame-src * data:; connect-src * data:
x-webkit-csp: default-src 'self' https://cdn.s.yonote.ru; style-src 'self' 'unsafe-inline' github.githubassets.com *.wilix.dev https://cdn.s.yonote.ru; script-src 'self' 'unsafe-inline' 'unsafe-eval' gist.github.com *.wilix.dev mc.yandex.ru https://cdn.s.yonote.ru 'nonce-b7a18248bfe529eba4579a74ae2a10c7'; img-src * data: blob:; media-src *; font-src data: *; frame-src * data:; connect-src * data:
referrer-policy: no-referrer
x-download-options: noopen
access-control-allow-origin: *
x-app-version: 1.25.4
x-xss-protection: 1; mode=block
x-cached-since: 2025-05-26T16:11:55+00:00
server: nginx
x-app-hash: fcdb5d8b212620d35845536c566c0ffd0c4234e0

OPTIONS sync
skcrtxr.com/user-sync-api/ Frame 0
0

GET
H2 200 Icons.json Show response
instructionss.yonote.ru/static/public/ 1 MB
1 MB 263ms
261ms Fetch
application/json 84.201.174.160
YandexCloud Yande...

General

Check archive.org

Download Go to

Full URL

https://instructionss.yonote.ru/static/public/Icons.json

Requested by

Host: cdn.s.yonote.ru
URL: https://cdn.s.yonote.ru/static/assets/index-C6KeYgs2.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

84.201.174.160 , Russian Federation, ASN200350 (YandexCloud Yandex.Cloud LLC, RU),

Reverse DNS

Software

Resource Hash

34ebb39621f401c79a1e89ad58c34a2c9d4fae6c55851abf0e44f7a13c9d4e57

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://cdn.s.yonote.ru; style-src 'self' 'unsafe-inline' github.githubassets.com .wilix.dev https://cdn.s.yonote.ru; script-src 'self' 'unsafe-inline' 'unsafe-eval' gist.github.com .wilix.dev mc.yandex.ru https://cdn.s.yonote.ru 'nonce-1145bab75ccce8f94960492229d97ecf'; img-src * data: blob:; media-src ; font-src data: ; frame-src * data:; connect-src * data:
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer

Response headers

x-request-id: 68f2d8c3e0df159b37abff7f338e57c9
service-worker-allowed: /
x-forwarded-for: 79.127.254.86
x-content-type-options: nosniff
date: Wed, 28 May 2025 03:33:57 GMT
content-type: application/json; charset=utf-8
last-modified: Mon, 19 May 2025 11:16:04 GMT
host: instructionss.yonote.ru
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=15724800; includeSubDomains
content-security-policy: default-src 'self' https://cdn.s.yonote.ru; style-src 'self' 'unsafe-inline' github.githubassets.com *.wilix.dev https://cdn.s.yonote.ru; script-src 'self' 'unsafe-inline' 'unsafe-eval' gist.github.com *.wilix.dev mc.yandex.ru https://cdn.s.yonote.ru 'nonce-1145bab75ccce8f94960492229d97ecf'; img-src * data: blob:; media-src *; font-src data: *; frame-src * data:; connect-src * data:
cache-control: max-age=0
x-dns-prefetch-control: on
timing-allow-origin: https://app.yonote.ru, https://sentry.wilix.dev
x-real-ip: 79.127.254.86
x-forwarded-proto: https
referrer-policy: no-referrer
x-download-options: noopen
access-control-allow-origin: *
content-length: 1278375
x-app-version: 1.25.4
x-xss-protection: 1; mode=block
x-app-hash: fcdb5d8b212620d35845536c566c0ffd0c4234e0

GET
H2 200 tag.js Show response
mc.yandex.ru/metrika/ 234 KB
79 KB 1313ms
655ms Script
application/javascript 87.250.251.119
YANDEX YANDEX LLC

General

Check archive.org

Download Go to

Full URL

https://mc.yandex.ru/metrika/tag.js

Requested by

Host: cdn.s.yonote.ru
URL: https://cdn.s.yonote.ru/static/assets/index-C6KeYgs2.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

87.250.251.119 , Russian Federation, ASN13238 (YANDEX YANDEX LLC, RU),

Reverse DNS

Software

Resource Hash

c012d64866fd00046bee684ef67badc5ea0574ad9b24630d00710d91ef6e8dac

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer

Response headers

strict-transport-security: max-age=31536000
cache-control: max-age=3600
timing-allow-origin: *
content-encoding: br
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
etag: "682ddc70-13933"
expires: Wed, 28 May 2025 04:33:59 GMT
access-control-allow-origin: *
content-length: 80179
date: Wed, 28 May 2025 03:33:59 GMT
content-type: application/javascript
last-modified: Wed, 21 May 2025 14:00:16 GMT

GET
H2 200 sdk-pnn5w9aHa2HRKiE Show response
features-proxy.stands.wilix.dev/api/features/ 894 B
1 KB 1661ms
464ms Fetch
application/json 95.143.178.250
SELECTEL JSC Sele...

General

Check archive.org

Download Go to

Full URL: https://features-proxy.stands.wilix.dev/api/features/sdk-pnn5w9aHa2HRKiE
Requested by: Host: cdn.s.yonote.ru
URL: https://cdn.s.yonote.ru/static/assets/index-C6KeYgs2.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 95.143.178.250 Moscow, Russian Federation, ASN49505 (SELECTEL JSC Selectel, RU),
Reverse DNS
Software: / Express
Resource Hash: fa5d8b8d601bbfb55b033a232a3cdfaad3498a60b125bea6ad986551fc90d1e4

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer

Response headers

access-control-expose-headers: x-sse-support
etag: W/"37e-GAH8IqrFXIqw+x48f39zmeAjPb0"
access-control-allow-origin: *
x-sse-support: enabled
content-length: 894
date: Wed, 28 May 2025 03:33:59 GMT
content-type: application/json; charset=utf-8
x-powered-by: Express

GET
H2 200 Shared-DsvD9gjc.js Show response
instructionss.yonote.ru/static/assets/ 16 KB
17 KB 308ms
299ms Script
application/javascript 84.201.174.160
YandexCloud Yande...

General

Check archive.org

Download Go to

Full URL

https://instructionss.yonote.ru/static/assets/Shared-DsvD9gjc.js

Requested by

Host: cdn.s.yonote.ru
URL: https://cdn.s.yonote.ru/static/assets/index-C6KeYgs2.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

84.201.174.160 , Russian Federation, ASN200350 (YandexCloud Yandex.Cloud LLC, RU),

Reverse DNS

Software

Resource Hash

91ff02e21409617736ea9f45418545e88d266ebee7b03ae3e5e969edd744f285

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://cdn.s.yonote.ru; style-src 'self' 'unsafe-inline' github.githubassets.com .wilix.dev https://cdn.s.yonote.ru; script-src 'self' 'unsafe-inline' 'unsafe-eval' gist.github.com .wilix.dev mc.yandex.ru https://cdn.s.yonote.ru 'nonce-280518948cac559b9a56b3b8a219ab9f'; img-src * data: blob:; media-src ; font-src data: ; frame-src * data:; connect-src * data:
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Origin: https://instructionss.yonote.ru
Referer

Response headers

x-request-id: b6317c97342d4c72a53cb44e42542da6
service-worker-allowed: /
x-forwarded-for: 79.127.254.86
x-content-type-options: nosniff
date: Wed, 28 May 2025 03:33:59 GMT
content-type: application/javascript; charset=utf-8
last-modified: Mon, 19 May 2025 11:16:04 GMT
host: instructionss.yonote.ru
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=15724800; includeSubDomains
content-security-policy: default-src 'self' https://cdn.s.yonote.ru; style-src 'self' 'unsafe-inline' github.githubassets.com *.wilix.dev https://cdn.s.yonote.ru; script-src 'self' 'unsafe-inline' 'unsafe-eval' gist.github.com *.wilix.dev mc.yandex.ru https://cdn.s.yonote.ru 'nonce-280518948cac559b9a56b3b8a219ab9f'; img-src * data: blob:; media-src *; font-src data: *; frame-src * data:; connect-src * data:
cache-control: max-age=0
x-dns-prefetch-control: on
timing-allow-origin: https://app.yonote.ru, https://sentry.wilix.dev
x-real-ip: 79.127.254.86
x-forwarded-proto: https
referrer-policy: no-referrer
x-download-options: noopen
access-control-allow-origin: *
content-length: 16465
x-app-version: 1.25.4
x-xss-protection: 1; mode=block
x-app-hash: fcdb5d8b212620d35845536c566c0ffd0c4234e0

GET
H2 200 Error404-ChOQkoZF.js Show response
instructionss.yonote.ru/static/assets/ 537 B
1 KB 306ms
297ms Script
application/javascript 84.201.174.160
YandexCloud Yande...

General

Check archive.org

Download Go to

Full URL

https://instructionss.yonote.ru/static/assets/Error404-ChOQkoZF.js

Requested by

Host: cdn.s.yonote.ru
URL: https://cdn.s.yonote.ru/static/assets/index-C6KeYgs2.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

84.201.174.160 , Russian Federation, ASN200350 (YandexCloud Yandex.Cloud LLC, RU),

Reverse DNS

Software

Resource Hash

f0c348505084e470348117451874f918149b3d39ae8669dbf8aaacdb013e31ec

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://cdn.s.yonote.ru; style-src 'self' 'unsafe-inline' github.githubassets.com .wilix.dev https://cdn.s.yonote.ru; script-src 'self' 'unsafe-inline' 'unsafe-eval' gist.github.com .wilix.dev mc.yandex.ru https://cdn.s.yonote.ru 'nonce-8e93693bad655bc62b82b6f89dbb29dc'; img-src * data: blob:; media-src ; font-src data: ; frame-src * data:; connect-src * data:
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Origin: https://instructionss.yonote.ru
Referer

Response headers

x-request-id: 554d553953cc81b1ce1d9991d9b86288
service-worker-allowed: /
x-forwarded-for: 79.127.254.86
x-content-type-options: nosniff
date: Wed, 28 May 2025 03:33:59 GMT
content-type: application/javascript; charset=utf-8
last-modified: Mon, 19 May 2025 11:16:04 GMT
host: instructionss.yonote.ru
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=15724800; includeSubDomains
content-security-policy: default-src 'self' https://cdn.s.yonote.ru; style-src 'self' 'unsafe-inline' github.githubassets.com *.wilix.dev https://cdn.s.yonote.ru; script-src 'self' 'unsafe-inline' 'unsafe-eval' gist.github.com *.wilix.dev mc.yandex.ru https://cdn.s.yonote.ru 'nonce-8e93693bad655bc62b82b6f89dbb29dc'; img-src * data: blob:; media-src *; font-src data: *; frame-src * data:; connect-src * data:
cache-control: max-age=0
x-dns-prefetch-control: on
timing-allow-origin: https://app.yonote.ru, https://sentry.wilix.dev
x-real-ip: 79.127.254.86
x-forwarded-proto: https
referrer-policy: no-referrer
x-download-options: noopen
access-control-allow-origin: *
content-length: 537
x-app-version: 1.25.4
x-xss-protection: 1; mode=block
x-app-hash: fcdb5d8b212620d35845536c566c0ffd0c4234e0

GET
H2 200 ErrorOffline-CCiPC3Wo.js Show response
instructionss.yonote.ru/static/assets/ 465 B
1 KB 437ms
431ms Script
application/javascript 84.201.174.160
YandexCloud Yande...

General

Check archive.org

Download Go to

Full URL

https://instructionss.yonote.ru/static/assets/ErrorOffline-CCiPC3Wo.js

Requested by

Host: cdn.s.yonote.ru
URL: https://cdn.s.yonote.ru/static/assets/index-C6KeYgs2.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

84.201.174.160 , Russian Federation, ASN200350 (YandexCloud Yandex.Cloud LLC, RU),

Reverse DNS

Software

Resource Hash

16cb03d8609e30c384504d0e8616b02c0e29c13f6ba39377a7f9640b79762331

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://cdn.s.yonote.ru; style-src 'self' 'unsafe-inline' github.githubassets.com .wilix.dev https://cdn.s.yonote.ru; script-src 'self' 'unsafe-inline' 'unsafe-eval' gist.github.com .wilix.dev mc.yandex.ru https://cdn.s.yonote.ru 'nonce-f32c164c75f26e08e68adba18fcecf9d'; img-src * data: blob:; media-src ; font-src data: ; frame-src * data:; connect-src * data:
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Origin: https://instructionss.yonote.ru
Referer

Response headers

x-request-id: 8fd625d8e057872e712f583d9ea0321f
service-worker-allowed: /
x-forwarded-for: 79.127.254.86
x-content-type-options: nosniff
date: Wed, 28 May 2025 03:33:59 GMT
content-type: application/javascript; charset=utf-8
last-modified: Mon, 19 May 2025 11:16:04 GMT
host: instructionss.yonote.ru
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=15724800; includeSubDomains
content-security-policy: default-src 'self' https://cdn.s.yonote.ru; style-src 'self' 'unsafe-inline' github.githubassets.com *.wilix.dev https://cdn.s.yonote.ru; script-src 'self' 'unsafe-inline' 'unsafe-eval' gist.github.com *.wilix.dev mc.yandex.ru https://cdn.s.yonote.ru 'nonce-f32c164c75f26e08e68adba18fcecf9d'; img-src * data: blob:; media-src *; font-src data: *; frame-src * data:; connect-src * data:
cache-control: max-age=0
x-dns-prefetch-control: on
timing-allow-origin: https://app.yonote.ru, https://sentry.wilix.dev
x-real-ip: 79.127.254.86
x-forwarded-proto: https
referrer-policy: no-referrer
x-download-options: noopen
access-control-allow-origin: *
content-length: 465
x-app-version: 1.25.4
x-xss-protection: 1; mode=block
x-app-hash: fcdb5d8b212620d35845536c566c0ffd0c4234e0

GET
H2 200 Shared-DsvD9gjc.js Show response
cdn.s.yonote.ru/static/assets/ 16 KB
6 KB 303ms
297ms Script
application/javascript 95.181.182.182
EdgeCenterLLC Edg...

General

Check archive.org

Download Go to

Full URL

https://cdn.s.yonote.ru/static/assets/Shared-DsvD9gjc.js

Requested by

Host: cdn.s.yonote.ru
URL: https://cdn.s.yonote.ru/static/assets/index-C6KeYgs2.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

95.181.182.182 Perm, Russian Federation, ASN210756 (EdgeCenterLLC EdgeCenter LLC, RU),

Reverse DNS

Software

nginx /

Resource Hash

91ff02e21409617736ea9f45418545e88d266ebee7b03ae3e5e969edd744f285

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://cdn.s.yonote.ru; style-src 'self' 'unsafe-inline' github.githubassets.com .wilix.dev https://cdn.s.yonote.ru; script-src 'self' 'unsafe-inline' 'unsafe-eval' gist.github.com .wilix.dev mc.yandex.ru https://cdn.s.yonote.ru 'nonce-a0a7f7f9a85e2d33cedb10863ad2c6ea'; img-src * data: blob:; media-src ; font-src data: ; frame-src * data:; connect-src * data:
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Origin: https://instructionss.yonote.ru
Referer

Response headers

x-request-id: 74e39d775a37c3d89b0db16be47e064a
cache: HIT
content-encoding: gzip
service-worker-allowed: /
x-forwarded-for: 104.28.197.15, 5.188.121.145
x-content-type-options: nosniff
expires: Thu, 29 May 2025 03:33:59 GMT
date: Wed, 28 May 2025 03:33:59 GMT
content-type: application/javascript; charset=utf-8
vary: Accept-Encoding
host: app.yonote.ru
last-modified: Mon, 19 May 2025 11:16:04 GMT
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=15724800; includeSubDomains
x-node: m9p-up-gc88
content-security-policy: default-src 'self' https://cdn.s.yonote.ru; style-src 'self' 'unsafe-inline' github.githubassets.com *.wilix.dev https://cdn.s.yonote.ru; script-src 'self' 'unsafe-inline' 'unsafe-eval' gist.github.com *.wilix.dev mc.yandex.ru https://cdn.s.yonote.ru 'nonce-a0a7f7f9a85e2d33cedb10863ad2c6ea'; img-src * data: blob:; media-src *; font-src data: *; frame-src * data:; connect-src * data:
x-real-ip: 5.188.121.145
x-dns-prefetch-control: on
timing-allow-origin: https://app.yonote.ru, https://sentry.wilix.dev
cache-control: max-age=86400
x-forwarded-proto: https
referrer-policy: no-referrer
x-download-options: noopen
access-control-allow-origin: *
x-app-version: 1.25.4
x-xss-protection: 1; mode=block
x-cached-since: 2025-05-26T16:14:15+00:00
server: nginx
x-app-hash: fcdb5d8b212620d35845536c566c0ffd0c4234e0

GET
H2 200 motion-DQi8SOmc.js Show response
cdn.s.yonote.ru/static/assets/ 354 B
1 KB 453ms
448ms Script
application/javascript 95.181.182.182
EdgeCenterLLC Edg...

General

Check archive.org

Download Go to

Full URL

https://cdn.s.yonote.ru/static/assets/motion-DQi8SOmc.js

Requested by

Host: cdn.s.yonote.ru
URL: https://cdn.s.yonote.ru/static/assets/index-C6KeYgs2.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

95.181.182.182 Perm, Russian Federation, ASN210756 (EdgeCenterLLC EdgeCenter LLC, RU),

Reverse DNS

Software

nginx /

Resource Hash

9b986126cdc19660de243f9a97043fd559fb082e7350456c02a1145c76516207

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://cdn.s.yonote.ru; style-src 'self' 'unsafe-inline' github.githubassets.com .wilix.dev https://cdn.s.yonote.ru; script-src 'self' 'unsafe-inline' 'unsafe-eval' gist.github.com .wilix.dev mc.yandex.ru https://cdn.s.yonote.ru 'nonce-02b14c0ec8cc8bc222be8c1ea82a16d4'; img-src * data: blob:; media-src ; font-src data: ; frame-src * data:; connect-src * data:
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Security-Policy	default-src 'self' https://cdn.s.yonote.ru; style-src 'self' 'unsafe-inline' github.githubassets.com .wilix.dev https://cdn.s.yonote.ru; script-src 'self' 'unsafe-inline' 'unsafe-eval' gist.github.com .wilix.dev mc.yandex.ru https://cdn.s.yonote.ru 'nonce-02b14c0ec8cc8bc222be8c1ea82a16d4'; img-src * data: blob:; media-src ; font-src data: ; frame-src * data:; connect-src * data:
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Origin: https://instructionss.yonote.ru
Referer

Response headers

x-request-id: 00ea5c2286ed232543d1ff8b7f262574
cache: HIT
content-encoding: gzip
service-worker-allowed: /
x-forwarded-for: 87.116.163.53, 5.188.121.196
x-content-type-options: nosniff
expires: Thu, 29 May 2025 03:33:59 GMT
date: Wed, 28 May 2025 03:33:59 GMT
content-type: application/javascript; charset=utf-8
vary: Accept-Encoding
host: app.yonote.ru
last-modified: Mon, 19 May 2025 11:16:04 GMT
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=15724800; includeSubDomains
x-node: m9p-up-gc71
content-security-policy: default-src 'self' https://cdn.s.yonote.ru; style-src 'self' 'unsafe-inline' github.githubassets.com *.wilix.dev https://cdn.s.yonote.ru; script-src 'self' 'unsafe-inline' 'unsafe-eval' gist.github.com *.wilix.dev mc.yandex.ru https://cdn.s.yonote.ru 'nonce-02b14c0ec8cc8bc222be8c1ea82a16d4'; img-src * data: blob:; media-src *; font-src data: *; frame-src * data:; connect-src * data:
x-real-ip: 5.188.121.196
x-dns-prefetch-control: on
timing-allow-origin: https://app.yonote.ru, https://sentry.wilix.dev
cache-control: max-age=86400
x-forwarded-proto: https
x-content-security-policy: default-src 'self' https://cdn.s.yonote.ru; style-src 'self' 'unsafe-inline' github.githubassets.com *.wilix.dev https://cdn.s.yonote.ru; script-src 'self' 'unsafe-inline' 'unsafe-eval' gist.github.com *.wilix.dev mc.yandex.ru https://cdn.s.yonote.ru 'nonce-02b14c0ec8cc8bc222be8c1ea82a16d4'; img-src * data: blob:; media-src *; font-src data: *; frame-src * data:; connect-src * data:
x-webkit-csp: default-src 'self' https://cdn.s.yonote.ru; style-src 'self' 'unsafe-inline' github.githubassets.com *.wilix.dev https://cdn.s.yonote.ru; script-src 'self' 'unsafe-inline' 'unsafe-eval' gist.github.com *.wilix.dev mc.yandex.ru https://cdn.s.yonote.ru 'nonce-02b14c0ec8cc8bc222be8c1ea82a16d4'; img-src * data: blob:; media-src *; font-src data: *; frame-src * data:; connect-src * data:
referrer-policy: no-referrer
x-download-options: noopen
access-control-allow-origin: *
x-app-version: 1.25.4
x-xss-protection: 1; mode=block
x-cached-since: 2025-05-26T16:12:44+00:00
server: nginx
x-app-hash: fcdb5d8b212620d35845536c566c0ffd0c4234e0

POST
H2 200 / Show response
sentry.wilix.dev/api/2/envelope/ 41 B
210 B 1469ms
426ms Fetch
application/json 95.143.178.251
SELECTEL JSC Sele...

General

Check archive.org

Download Go to

Full URL: https://sentry.wilix.dev/api/2/envelope/?sentry_key=22ce3c3b117b4ba5aff1f9952fde48c6&sentry_version=7&sentry_client=sentry.javascript.react%2F7.111.0
Requested by: Host: cdn.s.yonote.ru
URL: https://cdn.s.yonote.ru/static/assets/index-C6KeYgs2.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 95.143.178.251 Moscow, Russian Federation, ASN49505 (SELECTEL JSC Selectel, RU),
Reverse DNS
Software: sentry-relay/23.3.1 /
Resource Hash: 345dd30ef19ae726893775820512615da2429e6babf0afcc9f63464041c80f61

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Referer: https://instructionss.yonote.ru/

Response headers

access-control-allow-origin: https://instructionss.yonote.ru
access-control-expose-headers: x-sentry-rate-limits, retry-after, x-sentry-error
content-length: 41
date: Wed, 28 May 2025 03:34:00 GMT
content-type: application/json
vary: Origin
server: sentry-relay/23.3.1

GET
H2 200 Error404-ChOQkoZF.js Show response
cdn.s.yonote.ru/static/assets/ 537 B
788 B 309ms
308ms Script
application/javascript 95.181.182.182
EdgeCenterLLC Edg...

General

Check archive.org

Download Go to

Full URL

https://cdn.s.yonote.ru/static/assets/Error404-ChOQkoZF.js

Requested by

Host: goo.su
URL: https://goo.su/wRsqq

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

95.181.182.182 Perm, Russian Federation, ASN210756 (EdgeCenterLLC EdgeCenter LLC, RU),

Reverse DNS

Software

nginx /

Resource Hash

f0c348505084e470348117451874f918149b3d39ae8669dbf8aaacdb013e31ec

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://cdn.s.yonote.ru; style-src 'self' 'unsafe-inline' github.githubassets.com .wilix.dev https://cdn.s.yonote.ru; script-src 'self' 'unsafe-inline' 'unsafe-eval' gist.github.com .wilix.dev mc.yandex.ru https://cdn.s.yonote.ru 'nonce-83f5909cf3baf87aee0f03c5c923f191'; img-src * data: blob:; media-src ; font-src data: ; frame-src * data:; connect-src * data:
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Origin: https://instructionss.yonote.ru
Referer

Response headers

x-request-id: 3e424215d406b7c3e20086107d94a097
cache: HIT
content-encoding: gzip
service-worker-allowed: /
x-forwarded-for: 104.28.197.15, 5.188.121.194
x-content-type-options: nosniff
expires: Thu, 29 May 2025 03:33:59 GMT
date: Wed, 28 May 2025 03:33:59 GMT
content-type: application/javascript; charset=utf-8
vary: Accept-Encoding
host: app.yonote.ru
last-modified: Mon, 19 May 2025 11:16:04 GMT
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=15724800; includeSubDomains
x-node: m9p-up-gc59
content-security-policy: default-src 'self' https://cdn.s.yonote.ru; style-src 'self' 'unsafe-inline' github.githubassets.com *.wilix.dev https://cdn.s.yonote.ru; script-src 'self' 'unsafe-inline' 'unsafe-eval' gist.github.com *.wilix.dev mc.yandex.ru https://cdn.s.yonote.ru 'nonce-83f5909cf3baf87aee0f03c5c923f191'; img-src * data: blob:; media-src *; font-src data: *; frame-src * data:; connect-src * data:
x-real-ip: 5.188.121.194
x-dns-prefetch-control: on
timing-allow-origin: https://app.yonote.ru, https://sentry.wilix.dev
cache-control: max-age=86400
x-forwarded-proto: https
referrer-policy: no-referrer
x-download-options: noopen
access-control-allow-origin: *
x-app-version: 1.25.4
x-xss-protection: 1; mode=block
x-cached-since: 2025-05-26T16:14:15+00:00
server: nginx
x-app-hash: fcdb5d8b212620d35845536c566c0ffd0c4234e0

GET
H2 200 ErrorOffline-CCiPC3Wo.js Show response
cdn.s.yonote.ru/static/assets/ 465 B
735 B 324ms
323ms Script
application/javascript 95.181.182.182
EdgeCenterLLC Edg...

General

Check archive.org

Download Go to

Full URL

https://cdn.s.yonote.ru/static/assets/ErrorOffline-CCiPC3Wo.js

Requested by

Host: goo.su
URL: https://goo.su/wRsqq

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

95.181.182.182 Perm, Russian Federation, ASN210756 (EdgeCenterLLC EdgeCenter LLC, RU),

Reverse DNS

Software

nginx /

Resource Hash

16cb03d8609e30c384504d0e8616b02c0e29c13f6ba39377a7f9640b79762331

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://cdn.s.yonote.ru; style-src 'self' 'unsafe-inline' github.githubassets.com .wilix.dev https://cdn.s.yonote.ru; script-src 'self' 'unsafe-inline' 'unsafe-eval' gist.github.com .wilix.dev mc.yandex.ru https://cdn.s.yonote.ru 'nonce-25d5dffd1007b04ce68842c32cfc4eb9'; img-src * data: blob:; media-src ; font-src data: ; frame-src * data:; connect-src * data:
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Origin: https://instructionss.yonote.ru
Referer

Response headers

x-request-id: ee90f5fbe7b02057abd4bb45c518c912
cache: HIT
content-encoding: gzip
service-worker-allowed: /
x-forwarded-for: 104.28.197.15, 5.188.121.195
x-content-type-options: nosniff
expires: Thu, 29 May 2025 03:33:59 GMT
date: Wed, 28 May 2025 03:33:59 GMT
content-type: application/javascript; charset=utf-8
vary: Accept-Encoding
host: app.yonote.ru
last-modified: Mon, 19 May 2025 11:16:04 GMT
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=15724800; includeSubDomains
x-node: m9p-up-gc70
content-security-policy: default-src 'self' https://cdn.s.yonote.ru; style-src 'self' 'unsafe-inline' github.githubassets.com *.wilix.dev https://cdn.s.yonote.ru; script-src 'self' 'unsafe-inline' 'unsafe-eval' gist.github.com *.wilix.dev mc.yandex.ru https://cdn.s.yonote.ru 'nonce-25d5dffd1007b04ce68842c32cfc4eb9'; img-src * data: blob:; media-src *; font-src data: *; frame-src * data:; connect-src * data:
x-real-ip: 5.188.121.195
x-dns-prefetch-control: on
timing-allow-origin: https://app.yonote.ru, https://sentry.wilix.dev
cache-control: max-age=86400
x-forwarded-proto: https
referrer-policy: no-referrer
x-download-options: noopen
access-control-allow-origin: *
x-app-version: 1.25.4
x-xss-protection: 1; mode=block
x-cached-since: 2025-05-26T16:14:15+00:00
server: nginx
x-app-hash: fcdb5d8b212620d35845536c566c0ffd0c4234e0

POST
H2 200 shares.public_info Show response
instructionss.yonote.ru/api/ 213 B
635 B 1006ms
436ms Fetch
application/json 84.201.174.160
YandexCloud Yande...

General

Check archive.org

Download Go to

Full URL

https://instructionss.yonote.ru/api/shares.public_info

Requested by

Host: cdn.s.yonote.ru
URL: https://cdn.s.yonote.ru/static/assets/index-C6KeYgs2.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

84.201.174.160 , Russian Federation, ASN200350 (YandexCloud Yandex.Cloud LLC, RU),

Reverse DNS

Software

Resource Hash

fac541d52eeded991c5cd8f45d60773a1d1c3a26a2fe6a3b70b82117dbe30f8b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

cache-control: no-cache
x-editor-version: 12.0.0
Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
accept: application/json
pragma: no-cache
content-type: application/json

Response headers

x-request-id: ddaf4228a02aa899d93683497b4a8e04
x-forwarded-for: 79.127.254.86
x-content-type-options: nosniff
date: Wed, 28 May 2025 03:34:00 GMT
content-type: application/json; charset=utf-8
host: instructionss.yonote.ru
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=15724800; includeSubDomains
x-real-ip: 79.127.254.86
x-dns-prefetch-control: off
x-forwarded-proto: https
x-download-options: noopen
content-length: 213
x-app-version: 1.25.4
x-xss-protection: 1; mode=block
x-app-hash: fcdb5d8b212620d35845536c566c0ffd0c4234e0

POST
H2 200 documents.info Show response
instructionss.yonote.ru/api/ 6 KB
6 KB 1061ms
492ms Fetch
application/json 84.201.174.160
YandexCloud Yande...

General

Check archive.org

Download Go to

Full URL

https://instructionss.yonote.ru/api/documents.info

Requested by

Host: cdn.s.yonote.ru
URL: https://cdn.s.yonote.ru/static/assets/index-C6KeYgs2.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

84.201.174.160 , Russian Federation, ASN200350 (YandexCloud Yandex.Cloud LLC, RU),

Reverse DNS

Software

Resource Hash

e0bc633b8d7a23fc7a583b38020f9023beaa9d9a7ecdb0ab1d76f0f3774476fd

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

cache-control: no-cache
x-editor-version: 12.0.0
Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
accept: application/json
pragma: no-cache
content-type: application/json

Response headers

x-request-id: 6bf7333a2161f5303a1a58e1f27085d2
x-forwarded-for: 79.127.254.86
x-content-type-options: nosniff
date: Wed, 28 May 2025 03:34:00 GMT
content-type: application/json; charset=utf-8
host: instructionss.yonote.ru
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=15724800; includeSubDomains
x-real-ip: 79.127.254.86
x-dns-prefetch-control: off
x-forwarded-proto: https
x-download-options: noopen
content-length: 5867
x-app-version: 1.25.4
x-xss-protection: 1; mode=block
x-app-hash: fcdb5d8b212620d35845536c566c0ffd0c4234e0

GET
H2 200 sdk-pnn5w9aHa2HRKiE
features-proxy.stands.wilix.dev/sub/ 14 B
0 240ms
237ms EventSource
text/event-stream 95.143.178.250
SELECTEL JSC Sele...

General

Check archive.org

Download Go to

Full URL: https://features-proxy.stands.wilix.dev/sub/sdk-pnn5w9aHa2HRKiE
Requested by: Host: instructionss.yonote.ru
URL: https://instructionss.yonote.ru/share/5d6a1486-64ee-479b-91a7-3c9e2a3536b9
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 95.143.178.250 Moscow, Russian Federation, ASN49505 (SELECTEL JSC Selectel, RU),
Reverse DNS
Software: / Express
Resource Hash

Request headers

Cache-Control: no-cache
Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Accept: text/event-stream

Response headers

access-control-allow-origin: *
cache-control: no-cache
date: Wed, 28 May 2025 03:34:00 GMT
content-type: text/event-stream
x-powered-by: Express

GET
H2 200 sync_cookie_image_check
mc.yandex.com/ 43 B
90 B 516ms
511ms Image
image/gif 87.250.251.119
YANDEX YANDEX LLC

General

Check archive.org

Download Go to Show image

Full URL

https://mc.yandex.com/sync_cookie_image_check?scid=6d3f3e8f-8c9a-7a17-8c2a-36124ad4c646&cid=88038839

Requested by

Host: instructionss.yonote.ru
URL: https://instructionss.yonote.ru/share/5d6a1486-64ee-479b-91a7-3c9e2a3536b9

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

87.250.251.119 , Russian Federation, ASN13238 (YANDEX YANDEX LLC, RU),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer

Response headers

strict-transport-security: max-age=31536000
content-length: 43
x-xss-protection: 1; mode=block
content-type: image/gif

GET
H2 200 advert.gif
mc.yandex.com/metrika/ 43 B
280 B 292ms
290ms Image
image/gif 87.250.251.119
YANDEX YANDEX LLC

General

Check archive.org

Download Go to Show image

Full URL

https://mc.yandex.com/metrika/advert.gif

Requested by

Host: instructionss.yonote.ru
URL: https://instructionss.yonote.ru/share/5d6a1486-64ee-479b-91a7-3c9e2a3536b9

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

87.250.251.119 , Russian Federation, ASN13238 (YANDEX YANDEX LLC, RU),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer

Response headers

strict-transport-security: max-age=31536000
cache-control: max-age=3600
timing-allow-origin: *
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
etag: "682ddc70-2b"
expires: Wed, 28 May 2025 04:34:00 GMT
accept-ranges: bytes
access-control-allow-origin: *
content-length: 43
date: Wed, 28 May 2025 03:34:00 GMT
last-modified: Wed, 21 May 2025 14:00:16 GMT
content-type: image/gif

GET
H2 200 metrika_match.html Show response
mc.yandex.com/metrika/ Frame E67B 5 KB
3 KB 1169ms
588ms Document
text/html 87.250.251.119
YANDEX YANDEX LLC

General

Check archive.org

Download Go to

Full URL

https://mc.yandex.com/metrika/metrika_match.html

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

87.250.251.119 , Russian Federation, ASN13238 (YANDEX YANDEX LLC, RU),

Reverse DNS

Software

Resource Hash

3f655fa0828f4af81035cf5c6400dc595859cc6c70a5a7bcf43213e7bda50799

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36

Response headers

accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
access-control-allow-origin: *
cache-control: max-age=3600
content-encoding: br
content-length: 2071
content-type: text/html
date: Wed, 28 May 2025 03:34:01 GMT
etag: "682ddc70-817"
expires: Wed, 28 May 2025 04:34:01 GMT
last-modified: Wed, 21 May 2025 14:00:16 GMT
strict-transport-security: max-age=31536000
timing-allow-origin: *

GET
H2 200 88038839 Show response
mc.yandex.com/watch/ 549 B
892 B 295ms
294ms Fetch
application/json 87.250.251.119
YANDEX YANDEX LLC

General

Check archive.org

Download Go to

Full URL

https://mc.yandex.com/watch/88038839?wmode=7&page-url=https%3A%2F%2Finstructionss.yonote.ru%2Fshare%2F5d6a1486-64ee-479b-91a7-3c9e2a3536b9&page-ref=https%3A%2F%2Fgoo.su%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A91r6djxnfa7uwydy6j81axfzfqaj%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-CA%3Av%3A2050%3Acn%3A1%3Adp%3A0%3Als%3A939723587335%3Ahid%3A188192765%3Az%3A-420%3Ai%3A20250527203400%3Aet%3A1748403240%3Ac%3A1%3Arn%3A174345671%3Arqn%3A1%3Au%3A1748403240126658868%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Afp%3A9708%3Awv%3A2%3Ads%3A503%2C676%2C535%2C2%2C124%2C0%2C%2C398%2C1%2C%2C%2C%2C8155%3Aco%3A0%3Acpf%3A1%3Ans%3A1748403230139%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1748403241%3At%3AGamersGalaxy%20%D0%98%D0%BD%D1%81%D1%82%D1%80%D1%83%D0%BA%D1%86%D0%B8%D1%8F%20%D0%BF%D0%BE%20%D0%BF%D0%BE%D0%BF%D0%BE%D0%BB%D0%BD%D0%B5%D0%BD%D0%B8%D1%8E%20Robux&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)rcm(1)cdl(na)eco(65540)ti(1)

Requested by

Host: cdn.s.yonote.ru
URL: https://cdn.s.yonote.ru/static/assets/index-C6KeYgs2.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

87.250.251.119 , Russian Federation, ASN13238 (YANDEX YANDEX LLC, RU),

Reverse DNS

Software

Resource Hash

fee6b85b59bd3f3858c6599cfa6391511b2ec58030a1ea5a5f125b2eb5c31a86

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer

Response headers

strict-transport-security: max-age=31536000
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
pragma: no-cache
access-control-allow-credentials: true
x-content-type-options: nosniff
expires: Wed, 28-May-2025 03:34:00 GMT
access-control-allow-origin: https://instructionss.yonote.ru
content-length: 549
x-xss-protection: 1; mode=block
last-modified: Wed, 28-May-2025 03:34:00 GMT
content-type: application/json; charset=utf-8

GET
H2 200 Editor-D6F3TnvH.js Show response
instructionss.yonote.ru/static/assets/ 19 KB
20 KB 268ms
236ms Script
application/javascript 84.201.174.160
YandexCloud Yande...

General

Check archive.org

Download Go to

Full URL

https://instructionss.yonote.ru/static/assets/Editor-D6F3TnvH.js

Requested by

Host: cdn.s.yonote.ru
URL: https://cdn.s.yonote.ru/static/assets/index-C6KeYgs2.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

84.201.174.160 , Russian Federation, ASN200350 (YandexCloud Yandex.Cloud LLC, RU),

Reverse DNS

Software

Resource Hash

fbf1049c300870159f48e93b437241fa446e3ca8bc6194ca2bc226bba53a6d91

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://cdn.s.yonote.ru; style-src 'self' 'unsafe-inline' github.githubassets.com .wilix.dev https://cdn.s.yonote.ru; script-src 'self' 'unsafe-inline' 'unsafe-eval' gist.github.com .wilix.dev mc.yandex.ru https://cdn.s.yonote.ru 'nonce-866c9e025496f52b196b96bde5be928c'; img-src * data: blob:; media-src ; font-src data: ; frame-src * data:; connect-src * data:
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Origin: https://instructionss.yonote.ru
Referer

Response headers

x-request-id: 6db8b3a07bbff35b788bdedd94736f2e
service-worker-allowed: /
x-forwarded-for: 79.127.254.86
x-content-type-options: nosniff
date: Wed, 28 May 2025 03:34:01 GMT
content-type: application/javascript; charset=utf-8
last-modified: Mon, 19 May 2025 11:16:04 GMT
host: instructionss.yonote.ru
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=15724800; includeSubDomains
content-security-policy: default-src 'self' https://cdn.s.yonote.ru; style-src 'self' 'unsafe-inline' github.githubassets.com *.wilix.dev https://cdn.s.yonote.ru; script-src 'self' 'unsafe-inline' 'unsafe-eval' gist.github.com *.wilix.dev mc.yandex.ru https://cdn.s.yonote.ru 'nonce-866c9e025496f52b196b96bde5be928c'; img-src * data: blob:; media-src *; font-src data: *; frame-src * data:; connect-src * data:
cache-control: max-age=0
x-dns-prefetch-control: on
timing-allow-origin: https://app.yonote.ru, https://sentry.wilix.dev
x-real-ip: 79.127.254.86
x-forwarded-proto: https
referrer-policy: no-referrer
x-download-options: noopen
access-control-allow-origin: *
content-length: 19387
x-app-version: 1.25.4
x-xss-protection: 1; mode=block
x-app-hash: fcdb5d8b212620d35845536c566c0ffd0c4234e0

GET
H2 200 ContentsStore-hDr_AejD.js Show response
instructionss.yonote.ru/static/assets/ 803 B
2 KB 454ms
422ms Script
application/javascript 84.201.174.160
YandexCloud Yande...

General

Check archive.org

Download Go to

Full URL

https://instructionss.yonote.ru/static/assets/ContentsStore-hDr_AejD.js

Requested by

Host: cdn.s.yonote.ru
URL: https://cdn.s.yonote.ru/static/assets/index-C6KeYgs2.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

84.201.174.160 , Russian Federation, ASN200350 (YandexCloud Yandex.Cloud LLC, RU),

Reverse DNS

Software

Resource Hash

299f9cafdfe9a0a3367baa345c932612f71254735a714bde4b9b60b1e6c14f99

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://cdn.s.yonote.ru; style-src 'self' 'unsafe-inline' github.githubassets.com .wilix.dev https://cdn.s.yonote.ru; script-src 'self' 'unsafe-inline' 'unsafe-eval' gist.github.com .wilix.dev mc.yandex.ru https://cdn.s.yonote.ru 'nonce-ef4e949e6eb518093d5bd83a526e5b1d'; img-src * data: blob:; media-src ; font-src data: ; frame-src * data:; connect-src * data:
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Origin: https://instructionss.yonote.ru
Referer

Response headers

x-request-id: 090ae1390d666f8a2a41ec5cb6c2b923
service-worker-allowed: /
x-forwarded-for: 79.127.254.86
x-content-type-options: nosniff
date: Wed, 28 May 2025 03:34:01 GMT
content-type: application/javascript; charset=utf-8
last-modified: Mon, 19 May 2025 11:16:04 GMT
host: instructionss.yonote.ru
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=15724800; includeSubDomains
content-security-policy: default-src 'self' https://cdn.s.yonote.ru; style-src 'self' 'unsafe-inline' github.githubassets.com *.wilix.dev https://cdn.s.yonote.ru; script-src 'self' 'unsafe-inline' 'unsafe-eval' gist.github.com *.wilix.dev mc.yandex.ru https://cdn.s.yonote.ru 'nonce-ef4e949e6eb518093d5bd83a526e5b1d'; img-src * data: blob:; media-src *; font-src data: *; frame-src * data:; connect-src * data:
cache-control: max-age=0
x-dns-prefetch-control: on
timing-allow-origin: https://app.yonote.ru, https://sentry.wilix.dev
x-real-ip: 79.127.254.86
x-forwarded-proto: https
referrer-policy: no-referrer
x-download-options: noopen
access-control-allow-origin: *
content-length: 803
x-app-version: 1.25.4
x-xss-protection: 1; mode=block
x-app-hash: fcdb5d8b212620d35845536c566c0ffd0c4234e0

GET
H2 200 Editor-D6F3TnvH.js Show response
cdn.s.yonote.ru/static/assets/ 19 KB
7 KB 256ms
253ms Script
application/javascript 95.181.182.182
EdgeCenterLLC Edg...

General

Check archive.org

Download Go to

Full URL

https://cdn.s.yonote.ru/static/assets/Editor-D6F3TnvH.js

Requested by

Host: cdn.s.yonote.ru
URL: https://cdn.s.yonote.ru/static/assets/index-C6KeYgs2.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

95.181.182.182 Perm, Russian Federation, ASN210756 (EdgeCenterLLC EdgeCenter LLC, RU),

Reverse DNS

Software

nginx /

Resource Hash

fbf1049c300870159f48e93b437241fa446e3ca8bc6194ca2bc226bba53a6d91

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://cdn.s.yonote.ru; style-src 'self' 'unsafe-inline' github.githubassets.com .wilix.dev https://cdn.s.yonote.ru; script-src 'self' 'unsafe-inline' 'unsafe-eval' gist.github.com .wilix.dev mc.yandex.ru https://cdn.s.yonote.ru 'nonce-b6ef0f3c2003549aa95402e62992bf51'; img-src * data: blob:; media-src ; font-src data: ; frame-src * data:; connect-src * data:
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Origin: https://instructionss.yonote.ru
Referer

Response headers

x-request-id: 8b6d88622390adcad47280f9f921641d
cache: HIT
content-encoding: gzip
service-worker-allowed: /
x-forwarded-for: 46.138.41.39, 5.188.121.194
x-content-type-options: nosniff
expires: Thu, 29 May 2025 03:34:01 GMT
date: Wed, 28 May 2025 03:34:01 GMT
content-type: application/javascript; charset=utf-8
vary: Accept-Encoding
host: app.yonote.ru
last-modified: Mon, 19 May 2025 11:16:04 GMT
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=15724800; includeSubDomains
x-node: m9p-up-gc59
content-security-policy: default-src 'self' https://cdn.s.yonote.ru; style-src 'self' 'unsafe-inline' github.githubassets.com *.wilix.dev https://cdn.s.yonote.ru; script-src 'self' 'unsafe-inline' 'unsafe-eval' gist.github.com *.wilix.dev mc.yandex.ru https://cdn.s.yonote.ru 'nonce-b6ef0f3c2003549aa95402e62992bf51'; img-src * data: blob:; media-src *; font-src data: *; frame-src * data:; connect-src * data:
x-real-ip: 5.188.121.194
x-dns-prefetch-control: on
timing-allow-origin: https://app.yonote.ru, https://sentry.wilix.dev
cache-control: max-age=86400
x-forwarded-proto: https
referrer-policy: no-referrer
x-download-options: noopen
access-control-allow-origin: *
x-app-version: 1.25.4
x-xss-protection: 1; mode=block
x-cached-since: 2025-05-26T16:13:55+00:00
server: nginx
x-app-hash: fcdb5d8b212620d35845536c566c0ffd0c4234e0

GET
H2 200 ContentsStore-hDr_AejD.js Show response
cdn.s.yonote.ru/static/assets/ 803 B
874 B 269ms
260ms Script
application/javascript 95.181.182.182
EdgeCenterLLC Edg...

General

Check archive.org

Download Go to

Full URL

https://cdn.s.yonote.ru/static/assets/ContentsStore-hDr_AejD.js

Requested by

Host: goo.su
URL: https://goo.su/wRsqq

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

95.181.182.182 Perm, Russian Federation, ASN210756 (EdgeCenterLLC EdgeCenter LLC, RU),

Reverse DNS

Software

nginx /

Resource Hash

299f9cafdfe9a0a3367baa345c932612f71254735a714bde4b9b60b1e6c14f99

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://cdn.s.yonote.ru; style-src 'self' 'unsafe-inline' github.githubassets.com .wilix.dev https://cdn.s.yonote.ru; script-src 'self' 'unsafe-inline' 'unsafe-eval' gist.github.com .wilix.dev mc.yandex.ru https://cdn.s.yonote.ru 'nonce-596a2b2999625db46c57dcadbb23bc78'; img-src * data: blob:; media-src ; font-src data: ; frame-src * data:; connect-src * data:
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Origin: https://instructionss.yonote.ru
Referer

Response headers

x-request-id: 4f5539677834d7db60198eae5c8a6889
cache: HIT
content-encoding: gzip
service-worker-allowed: /
x-forwarded-for: 46.138.41.39, 5.188.121.164
x-content-type-options: nosniff
expires: Thu, 29 May 2025 03:34:01 GMT
date: Wed, 28 May 2025 03:34:01 GMT
content-type: application/javascript; charset=utf-8
vary: Accept-Encoding
host: app.yonote.ru
last-modified: Mon, 19 May 2025 11:16:04 GMT
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=15724800; includeSubDomains
x-node: m9p-up-gc50
content-security-policy: default-src 'self' https://cdn.s.yonote.ru; style-src 'self' 'unsafe-inline' github.githubassets.com *.wilix.dev https://cdn.s.yonote.ru; script-src 'self' 'unsafe-inline' 'unsafe-eval' gist.github.com *.wilix.dev mc.yandex.ru https://cdn.s.yonote.ru 'nonce-596a2b2999625db46c57dcadbb23bc78'; img-src * data: blob:; media-src *; font-src data: *; frame-src * data:; connect-src * data:
x-real-ip: 5.188.121.164
x-dns-prefetch-control: on
timing-allow-origin: https://app.yonote.ru, https://sentry.wilix.dev
cache-control: max-age=86400
x-forwarded-proto: https
referrer-policy: no-referrer
x-download-options: noopen
access-control-allow-origin: *
x-app-version: 1.25.4
x-xss-protection: 1; mode=block
x-cached-since: 2025-05-26T16:13:55+00:00
server: nginx
x-app-hash: fcdb5d8b212620d35845536c566c0ffd0c4234e0

POST
H2 200 documents.state Show response
instructionss.yonote.ru/api/ 0
11 KB 494ms
492ms Fetch
application/json 84.201.174.160
YandexCloud Yande...

General

Check archive.org

Download Go to

Full URL

https://instructionss.yonote.ru/api/documents.state

Requested by

Host: cdn.s.yonote.ru
URL: https://cdn.s.yonote.ru/static/assets/index-C6KeYgs2.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

84.201.174.160 , Russian Federation, ASN200350 (YandexCloud Yandex.Cloud LLC, RU),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

cache-control: no-cache
x-editor-version: 12.0.0
Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
accept: application/json
pragma: no-cache
content-type: application/json

Response headers

x-request-id: 5920fdc50229e58c704cfc56671eda2a
x-forwarded-for: 79.127.254.86
x-content-type-options: nosniff
date: Wed, 28 May 2025 03:34:02 GMT
content-type: application/json; charset=utf-8
host: instructionss.yonote.ru
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=15724800; includeSubDomains
x-real-ip: 79.127.254.86
x-dns-prefetch-control: off
x-forwarded-proto: https
x-download-options: noopen
content-length: 10566
x-app-version: 1.25.4
x-xss-protection: 1; mode=block
x-app-hash: fcdb5d8b212620d35845536c566c0ffd0c4234e0

POST
H2 200 documents.state Show response
instructionss.yonote.ru/api/ 0
11 KB 660ms
658ms Fetch
application/json 84.201.174.160
YandexCloud Yande...

General

Check archive.org

Download Go to

Full URL

https://instructionss.yonote.ru/api/documents.state

Requested by

Host: cdn.s.yonote.ru
URL: https://cdn.s.yonote.ru/static/assets/index-C6KeYgs2.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

84.201.174.160 , Russian Federation, ASN200350 (YandexCloud Yandex.Cloud LLC, RU),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

cache-control: no-cache
x-editor-version: 12.0.0
Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
accept: application/json
pragma: no-cache
content-type: application/json

Response headers

x-request-id: 84b14fc679908b5696e0cad77e8d4723
x-forwarded-for: 79.127.254.86
x-content-type-options: nosniff
date: Wed, 28 May 2025 03:34:02 GMT
content-type: application/json; charset=utf-8
host: instructionss.yonote.ru
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=15724800; includeSubDomains
x-real-ip: 79.127.254.86
x-dns-prefetch-control: off
x-forwarded-proto: https
x-download-options: noopen
content-length: 10566
x-app-version: 1.25.4
x-xss-protection: 1; mode=block
x-app-hash: fcdb5d8b212620d35845536c566c0ffd0c4234e0

POST
H2 200 88038839
mc.yandex.com/webvisor/ 43 B
0 1777ms
406ms Fetch
image/gif 87.250.251.119
YANDEX YANDEX LLC

General

Check archive.org

Download Go to

Full URL

https://mc.yandex.com/webvisor/88038839?wv-part=2&wv-type=7&wmode=0&wv-hit=188192765&page-url=https%3A%2F%2Finstructionss.yonote.ru%2Fshare%2F5d6a1486-64ee-479b-91a7-3c9e2a3536b9&rn=299933896&browser-info=bt%3A1%3Awe%3A1%3Aet%3A1748403242%3Aw%3A1600x1200%3Av%3A2050%3Az%3A-420%3Ai%3A20250527203402%3Au%3A1748403240126658868%3Avf%3A91r6djxnfa7uwydy6j81axfzfqaj%3Ast%3A1748403242&t=gdpr(14)ti(1)

Requested by

Host: cdn.s.yonote.ru
URL: https://cdn.s.yonote.ru/static/assets/index-C6KeYgs2.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

87.250.251.119 , Russian Federation, ASN13238 (YANDEX YANDEX LLC, RU),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Content-Type: text/plain
Referer

Response headers

strict-transport-security: max-age=31536000
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
pragma: no-cache
access-control-allow-credentials: true
expires: Wed, 28-May-2025 03:34:03 GMT
access-control-allow-origin: https://instructionss.yonote.ru
content-length: 43
x-xss-protection: 1; mode=block
content-type: image/gif
last-modified: Wed, 28-May-2025 03:34:03 GMT

POST
H2 200 88038839
mc.yandex.com/webvisor/ 43 B
0 847ms
787ms Fetch
image/gif 87.250.251.119
YANDEX YANDEX LLC

General

Check archive.org

Download Go to

Full URL

https://mc.yandex.com/webvisor/88038839?wv-part=1&wv-type=7&wmode=0&wv-hit=188192765&page-url=https%3A%2F%2Finstructionss.yonote.ru%2Fshare%2F5d6a1486-64ee-479b-91a7-3c9e2a3536b9&rn=1052086634&browser-info=bt%3A1%3Awe%3A1%3Aet%3A1748403242%3Aw%3A1600x1200%3Av%3A2050%3Az%3A-420%3Ai%3A20250527203402%3Au%3A1748403240126658868%3Avf%3A91r6djxnfa7uwydy6j81axfzfqaj%3Ast%3A1748403242&t=gdpr(14)ti(1)

Requested by

Host: cdn.s.yonote.ru
URL: https://cdn.s.yonote.ru/static/assets/index-C6KeYgs2.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

87.250.251.119 , Russian Federation, ASN13238 (YANDEX YANDEX LLC, RU),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Content-Type: text/plain
Referer

Response headers

strict-transport-security: max-age=31536000
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
pragma: no-cache
access-control-allow-credentials: true
expires: Wed, 28-May-2025 03:34:02 GMT
access-control-allow-origin: https://instructionss.yonote.ru
content-length: 43
x-xss-protection: 1; mode=block
content-type: image/gif
last-modified: Wed, 28-May-2025 03:34:02 GMT

GET
H2 200 VideoNode-DrYCcJ-L.js Show response
cdn.s.yonote.ru/static/assets/ 904 KB
263 KB 271ms
266ms Script
application/javascript 95.181.182.182
EdgeCenterLLC Edg...

General

Check archive.org

Download Go to

Full URL

https://cdn.s.yonote.ru/static/assets/VideoNode-DrYCcJ-L.js

Requested by

Host: cdn.s.yonote.ru
URL: https://cdn.s.yonote.ru/static/assets/index-C6KeYgs2.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

95.181.182.182 Perm, Russian Federation, ASN210756 (EdgeCenterLLC EdgeCenter LLC, RU),

Reverse DNS

Software

nginx /

Resource Hash

c773e532a37a4d17b2e90cf465a211a6d9b8939054db1130b90b195e2a825338

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://cdn.s.yonote.ru; style-src 'self' 'unsafe-inline' github.githubassets.com .wilix.dev https://cdn.s.yonote.ru; script-src 'self' 'unsafe-inline' 'unsafe-eval' gist.github.com .wilix.dev mc.yandex.ru https://cdn.s.yonote.ru 'nonce-71b2f671926155d1efc4c416c4ab05dd'; img-src * data: blob:; media-src ; font-src data: ; frame-src * data:; connect-src * data:
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Origin: https://instructionss.yonote.ru
Referer

Response headers

x-request-id: 4beff2a044dad4b96d5ea4c4f677d3bf
cache: HIT
content-encoding: gzip
service-worker-allowed: /
x-forwarded-for: 77.45.233.2, 5.188.121.193
x-content-type-options: nosniff
expires: Thu, 29 May 2025 03:34:03 GMT
date: Wed, 28 May 2025 03:34:03 GMT
content-type: application/javascript; charset=utf-8
vary: Accept-Encoding
host: app.yonote.ru
last-modified: Mon, 19 May 2025 11:16:04 GMT
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=15724800; includeSubDomains
x-node: m9p-up-gc58
content-security-policy: default-src 'self' https://cdn.s.yonote.ru; style-src 'self' 'unsafe-inline' github.githubassets.com *.wilix.dev https://cdn.s.yonote.ru; script-src 'self' 'unsafe-inline' 'unsafe-eval' gist.github.com *.wilix.dev mc.yandex.ru https://cdn.s.yonote.ru 'nonce-71b2f671926155d1efc4c416c4ab05dd'; img-src * data: blob:; media-src *; font-src data: *; frame-src * data:; connect-src * data:
x-real-ip: 5.188.121.193
x-dns-prefetch-control: on
timing-allow-origin: https://app.yonote.ru, https://sentry.wilix.dev
cache-control: max-age=86400
x-forwarded-proto: https
referrer-policy: no-referrer
x-download-options: noopen
access-control-allow-origin: *
x-app-version: 1.25.4
x-xss-protection: 1; mode=block
x-cached-since: 2025-05-26T16:48:45+00:00
server: nginx
x-app-hash: fcdb5d8b212620d35845536c566c0ffd0c4234e0

GET
DATA 200
OK truncated
/ 4 KB
4 KB Font
application/font-woff

General

Check archive.org

Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4735c4e647a5fbf02419108212b4a35c4462430a862cc3d30577eb2e6eb7d9d9

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Origin: https://instructionss.yonote.ru
Referer

Response headers

Content-Type: application/font-woff;charset=utf-8

GET attachments.redirect
instructionss.yonote.ru/api/ 0
0

GET
H2

206

Gamers%20Galaxy.mp4
storage.yandexcloud.net/yonote/uploads/104c0a82-df62-4d07-a190-8a0404554543/93778d3b-d806-4600-bc23-e7305c375b0d/
Redirect Chain

https://instructionss.yonote.ru/api/attachments.redirect?id=d95c0127-bce3-4144-b325-de03d1059e61&shareId=5d6a1486-64ee-479b-91a7-3c9e2a3536b9&documentId=820101f3-6231-4149-a3a2-b507439b7ffb
https://storage.yandexcloud.net/yonote/uploads/104c0a82-df62-4d07-a190-8a0404554543/93778d3b-d806-4600-bc23-e7305c375b0d/Gamers%20Galaxy.mp4

48 KB
0

1899ms
785ms

Media
video/mp4

213.180.193.243
YANDEX YANDEX LLC

General

Check archive.org

Download Go to

Full URL: https://storage.yandexcloud.net/yonote/uploads/104c0a82-df62-4d07-a190-8a0404554543/93778d3b-d806-4600-bc23-e7305c375b0d/Gamers%20Galaxy.mp4
Protocol: H2
Server: 213.180.193.243 , Russian Federation, ASN13238 (YANDEX YANDEX LLC, RU),
Reverse DNS: storage.yandexcloud.net
Software: nginx /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer

Response headers

cache-control: max-age=31557600
etag: "9a9e3561838a9e480c61c57f285fcaf6"
Content-Range: bytes 0-57413230/57413231
x-amz-request-id: 6458fe7218b5b12b
accept-ranges: bytes
Content-Length: 57413231
date: Wed, 28 May 2025 03:34:06 GMT
content-type: video/mp4
last-modified: Sat, 26 Apr 2025 17:29:28 GMT
server: nginx
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method

Redirect headers

x-request-id: 8bc29cc311328d87e9d8b8e6998e92c2
x-forwarded-for: 79.127.254.86
x-content-type-options: nosniff
date: Wed, 28 May 2025 03:34:04 GMT
content-type: text/html; charset=utf-8
host: instructionss.yonote.ru
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=15724800; includeSubDomains
x-real-ip: 79.127.254.86
location: https://storage.yandexcloud.net/yonote/uploads/104c0a82-df62-4d07-a190-8a0404554543/93778d3b-d806-4600-bc23-e7305c375b0d/Gamers%20Galaxy.mp4
x-dns-prefetch-control: off
x-forwarded-proto: https
x-download-options: noopen
content-length: 307
x-app-version: 1.25.4
x-xss-protection: 1; mode=block
x-app-hash: fcdb5d8b212620d35845536c566c0ffd0c4234e0

POST
H2 200 88038839
mc.yandex.com/webvisor/ 43 B
0 582ms
570ms Fetch
image/gif 87.250.251.119
YANDEX YANDEX LLC

General

Check archive.org

Download Go to

Full URL

https://mc.yandex.com/webvisor/88038839?wv-part=3&wv-type=7&wmode=0&wv-hit=188192765&page-url=https%3A%2F%2Finstructionss.yonote.ru%2Fshare%2F5d6a1486-64ee-479b-91a7-3c9e2a3536b9&rn=912895898&browser-info=bt%3A1%3Awe%3A1%3Aet%3A1748403244%3Aw%3A1600x1200%3Av%3A2050%3Az%3A-420%3Ai%3A20250527203404%3Au%3A1748403240126658868%3Avf%3A91r6djxnfa7uwydy6j81axfzfqaj%3Ast%3A1748403244&t=gdpr(14)ti(1)

Requested by

Host: cdn.s.yonote.ru
URL: https://cdn.s.yonote.ru/static/assets/index-C6KeYgs2.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

87.250.251.119 , Russian Federation, ASN13238 (YANDEX YANDEX LLC, RU),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Content-Type: text/plain
Referer

Response headers

strict-transport-security: max-age=31536000
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
pragma: no-cache
access-control-allow-credentials: true
expires: Wed, 28-May-2025 03:34:04 GMT
access-control-allow-origin: https://instructionss.yonote.ru
content-length: 43
x-xss-protection: 1; mode=block
last-modified: Wed, 28-May-2025 03:34:04 GMT
content-type: image/gif

POST
H2 200 88038839
mc.yandex.com/webvisor/ 43 B
0 381ms
380ms Fetch
image/gif 87.250.251.119
YANDEX YANDEX LLC

General

Check archive.org

Download Go to

Full URL

https://mc.yandex.com/webvisor/88038839?wv-part=1&wv-type=7&wmode=0&wv-hit=188192765&page-url=https%3A%2F%2Finstructionss.yonote.ru%2Fshare%2F5d6a1486-64ee-479b-91a7-3c9e2a3536b9&rn=436363295&browser-info=we%3A1%3Aet%3A1748403244%3Aw%3A1600x1200%3Av%3A2050%3Az%3A-420%3Ai%3A20250527203404%3Au%3A1748403240126658868%3Avf%3A91r6djxnfa7uwydy6j81axfzfqaj%3Ast%3A1748403244&t=gdpr(14)ti(1)

Requested by

Host: cdn.s.yonote.ru
URL: https://cdn.s.yonote.ru/static/assets/index-C6KeYgs2.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

87.250.251.119 , Russian Federation, ASN13238 (YANDEX YANDEX LLC, RU),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Content-Type: text/plain
Referer

Response headers

strict-transport-security: max-age=31536000
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
pragma: no-cache
access-control-allow-credentials: true
expires: Wed, 28-May-2025 03:34:04 GMT
access-control-allow-origin: https://instructionss.yonote.ru
content-length: 43
x-xss-protection: 1; mode=block
last-modified: Wed, 28-May-2025 03:34:04 GMT
content-type: image/gif

POST
H2 200 88038839
mc.yandex.com/webvisor/ 43 B
0 810ms
771ms Fetch
image/gif 87.250.251.119
YANDEX YANDEX LLC

General

Check archive.org

Download Go to

Full URL

https://mc.yandex.com/webvisor/88038839?wv-part=4&wv-type=7&wmode=0&wv-hit=188192765&page-url=https%3A%2F%2Finstructionss.yonote.ru%2Fshare%2F5d6a1486-64ee-479b-91a7-3c9e2a3536b9&rn=910691651&browser-info=bt%3A1%3Awe%3A1%3Aet%3A1748403246%3Aw%3A1600x1200%3Av%3A2050%3Az%3A-420%3Ai%3A20250527203406%3Au%3A1748403240126658868%3Avf%3A91r6djxnfa7uwydy6j81axfzfqaj%3Ast%3A1748403246&t=gdpr(14)ti(1)

Requested by

Host: cdn.s.yonote.ru
URL: https://cdn.s.yonote.ru/static/assets/index-C6KeYgs2.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

87.250.251.119 , Russian Federation, ASN13238 (YANDEX YANDEX LLC, RU),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Content-Type: text/plain
Referer

Response headers

strict-transport-security: max-age=31536000
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
pragma: no-cache
access-control-allow-credentials: true
expires: Wed, 28-May-2025 03:34:06 GMT
access-control-allow-origin: https://instructionss.yonote.ru
content-length: 43
x-xss-protection: 1; mode=block
content-type: image/gif
last-modified: Wed, 28-May-2025 03:34:06 GMT

GET
H2 206 Gamers%20Galaxy.mp4
storage.yandexcloud.net/yonote/uploads/104c0a82-df62-4d07-a190-8a0404554543/93778d3b-d806-4600-bc23-e7305c375b0d/ 132 KB
132 KB 627ms
625ms Media
video/mp4 213.180.193.243
YANDEX YANDEX LLC

General

Check archive.org

Download Go to

Full URL: https://storage.yandexcloud.net/yonote/uploads/104c0a82-df62-4d07-a190-8a0404554543/93778d3b-d806-4600-bc23-e7305c375b0d/Gamers%20Galaxy.mp4
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 213.180.193.243 , Russian Federation, ASN13238 (YANDEX YANDEX LLC, RU),
Reverse DNS: storage.yandexcloud.net
Software: nginx /
Resource Hash: ba9bc734cd8e0e1658305009ac96144e250295ecdcbeeb06e753f567d99a8717

Request headers

Referer
Accept-Encoding: identity;q=1, *;q=0
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Range: bytes=57278464-

Response headers

cache-control: max-age=31557600
etag: "9a9e3561838a9e480c61c57f285fcaf6"
Content-Range: bytes 57278464-57413230/57413231
x-amz-request-id: f06ac4c4c25a31c8
accept-ranges: bytes
Content-Length: 134767
date: Wed, 28 May 2025 03:34:06 GMT
last-modified: Sat, 26 Apr 2025 17:29:28 GMT
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method
server: nginx
content-type: video/mp4

GET
H2 206 Gamers%20Galaxy.mp4
storage.yandexcloud.net/yonote/uploads/104c0a82-df62-4d07-a190-8a0404554543/93778d3b-d806-4600-bc23-e7305c375b0d/ 768 KB
0 29ms
29ms Media
video/mp4 213.180.193.243
YANDEX YANDEX LLC

General

Check archive.org

Download Go to

Full URL: https://storage.yandexcloud.net/yonote/uploads/104c0a82-df62-4d07-a190-8a0404554543/93778d3b-d806-4600-bc23-e7305c375b0d/Gamers%20Galaxy.mp4
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 213.180.193.243 , Russian Federation, ASN13238 (YANDEX YANDEX LLC, RU),
Reverse DNS: storage.yandexcloud.net
Software: nginx /
Resource Hash

Request headers

Referer
Accept-Encoding: identity;q=1, *;q=0
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Range: bytes=32768-

Response headers

cache-control: max-age=31557600
etag: "9a9e3561838a9e480c61c57f285fcaf6"
Content-Range: bytes 32768-57413230/57413231
x-amz-request-id: f06ac4c4c25a31c8
accept-ranges: bytes
Content-Length: 57380463
date: Wed, 28 May 2025 03:34:06 GMT
last-modified: Sat, 26 Apr 2025 17:29:28 GMT
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method
server: nginx
content-type: video/mp4

GET
H2 206 Gamers%20Galaxy.mp4
storage.yandexcloud.net/yonote/uploads/104c0a82-df62-4d07-a190-8a0404554543/93778d3b-d806-4600-bc23-e7305c375b0d/ 599 KB
0 1ms
0ms Media
video/mp4 213.180.193.243
YANDEX YANDEX LLC

General

Check archive.org

Download Go to

Full URL: https://storage.yandexcloud.net/yonote/uploads/104c0a82-df62-4d07-a190-8a0404554543/93778d3b-d806-4600-bc23-e7305c375b0d/Gamers%20Galaxy.mp4
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 213.180.193.243 , Russian Federation, ASN13238 (YANDEX YANDEX LLC, RU),
Reverse DNS: storage.yandexcloud.net
Software: nginx /
Resource Hash

Request headers

Referer
Accept-Encoding: identity;q=1, *;q=0
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Range: bytes=819200-

Response headers

cache-control: max-age=31557600
etag: "9a9e3561838a9e480c61c57f285fcaf6"
Content-Range: bytes 819200-57413230/57413231
x-amz-request-id: f06ac4c4c25a31c8
accept-ranges: bytes
Content-Length: 56594031
date: Wed, 28 May 2025 03:34:06 GMT
last-modified: Sat, 26 Apr 2025 17:29:28 GMT
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method
server: nginx
content-type: video/mp4

POST
H2 200 88038839
mc.yandex.com/webvisor/ 43 B
0 590ms
588ms Fetch
image/gif 87.250.251.119
YANDEX YANDEX LLC

General

Check archive.org

Download Go to

Full URL

https://mc.yandex.com/webvisor/88038839?wv-part=5&wv-type=7&wmode=0&wv-hit=188192765&page-url=https%3A%2F%2Finstructionss.yonote.ru%2Fshare%2F5d6a1486-64ee-479b-91a7-3c9e2a3536b9&rn=569719822&browser-info=bt%3A1%3Awe%3A1%3Aet%3A1748403249%3Aw%3A1600x1200%3Av%3A2050%3Az%3A-420%3Ai%3A20250527203409%3Au%3A1748403240126658868%3Avf%3A91r6djxnfa7uwydy6j81axfzfqaj%3Ast%3A1748403249&t=gdpr(14)ti(1)

Requested by

Host: cdn.s.yonote.ru
URL: https://cdn.s.yonote.ru/static/assets/index-C6KeYgs2.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

87.250.251.119 , Russian Federation, ASN13238 (YANDEX YANDEX LLC, RU),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Content-Type: text/plain
Referer

Response headers

strict-transport-security: max-age=31536000
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
pragma: no-cache
access-control-allow-credentials: true
expires: Wed, 28-May-2025 03:34:09 GMT
access-control-allow-origin: https://instructionss.yonote.ru
content-length: 43
x-xss-protection: 1; mode=block
content-type: image/gif
last-modified: Wed, 28-May-2025 03:34:09 GMT

GET
H2 206 Gamers%20Galaxy.mp4
storage.yandexcloud.net/yonote/uploads/104c0a82-df62-4d07-a190-8a0404554543/93778d3b-d806-4600-bc23-e7305c375b0d/ 523 KB
0 43ms
43ms Media
video/mp4 213.180.193.243
YANDEX YANDEX LLC

General

Check archive.org

Download Go to

Full URL: https://storage.yandexcloud.net/yonote/uploads/104c0a82-df62-4d07-a190-8a0404554543/93778d3b-d806-4600-bc23-e7305c375b0d/Gamers%20Galaxy.mp4
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 213.180.193.243 , Russian Federation, ASN13238 (YANDEX YANDEX LLC, RU),
Reverse DNS: storage.yandexcloud.net
Software: nginx /
Resource Hash

Request headers

Referer
Accept-Encoding: identity;q=1, *;q=0
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Range: bytes=1409024-

Response headers

cache-control: max-age=31557600
etag: "9a9e3561838a9e480c61c57f285fcaf6"
Content-Range: bytes 1409024-57413230/57413231
x-amz-request-id: f06ac4c4c25a31c8
accept-ranges: bytes
Content-Length: 56004207
date: Wed, 28 May 2025 03:34:06 GMT
last-modified: Sat, 26 Apr 2025 17:29:28 GMT
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method
server: nginx
content-type: video/mp4

GET
H2 206 Gamers%20Galaxy.mp4
storage.yandexcloud.net/yonote/uploads/104c0a82-df62-4d07-a190-8a0404554543/93778d3b-d806-4600-bc23-e7305c375b0d/ 160 KB
0 0ms
0ms Media
video/mp4 213.180.193.243
YANDEX YANDEX LLC

General

Check archive.org

Download Go to

Full URL: https://storage.yandexcloud.net/yonote/uploads/104c0a82-df62-4d07-a190-8a0404554543/93778d3b-d806-4600-bc23-e7305c375b0d/Gamers%20Galaxy.mp4
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 213.180.193.243 , Russian Federation, ASN13238 (YANDEX YANDEX LLC, RU),
Reverse DNS: storage.yandexcloud.net
Software: nginx /
Resource Hash

Request headers

Referer
Accept-Encoding: identity;q=1, *;q=0
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Range: bytes=1933312-

Response headers

cache-control: max-age=31557600
etag: "9a9e3561838a9e480c61c57f285fcaf6"
Content-Range: bytes 1933312-57413230/57413231
x-amz-request-id: f06ac4c4c25a31c8
accept-ranges: bytes
Content-Length: 55479919
date: Wed, 28 May 2025 03:34:06 GMT
last-modified: Sat, 26 Apr 2025 17:29:28 GMT
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method
server: nginx
content-type: video/mp4

GET
H2 206 Gamers%20Galaxy.mp4
storage.yandexcloud.net/yonote/uploads/104c0a82-df62-4d07-a190-8a0404554543/93778d3b-d806-4600-bc23-e7305c375b0d/ 151 KB
0 0ms
0ms Media
video/mp4 213.180.193.243
YANDEX YANDEX LLC

General

Check archive.org

Download Go to

Full URL: https://storage.yandexcloud.net/yonote/uploads/104c0a82-df62-4d07-a190-8a0404554543/93778d3b-d806-4600-bc23-e7305c375b0d/Gamers%20Galaxy.mp4
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 213.180.193.243 , Russian Federation, ASN13238 (YANDEX YANDEX LLC, RU),
Reverse DNS: storage.yandexcloud.net
Software: nginx /
Resource Hash

Request headers

Referer
Accept-Encoding: identity;q=1, *;q=0
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Range: bytes=2097152-

Response headers

cache-control: max-age=31557600
etag: "9a9e3561838a9e480c61c57f285fcaf6"
Content-Range: bytes 2097152-57413230/57413231
x-amz-request-id: f06ac4c4c25a31c8
accept-ranges: bytes
Content-Length: 55316079
date: Wed, 28 May 2025 03:34:06 GMT
last-modified: Sat, 26 Apr 2025 17:29:28 GMT
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method
server: nginx
content-type: video/mp4

POST
H2 200 88038839
mc.yandex.com/webvisor/ 43 B
0 672ms
671ms Fetch
image/gif 87.250.251.119
YANDEX YANDEX LLC

General

Check archive.org

Download Go to

Full URL

https://mc.yandex.com/webvisor/88038839?wv-part=6&wv-type=7&wmode=0&wv-hit=188192765&page-url=https%3A%2F%2Finstructionss.yonote.ru%2Fshare%2F5d6a1486-64ee-479b-91a7-3c9e2a3536b9&rn=383154974&browser-info=bt%3A1%3Awe%3A1%3Aet%3A1748403251%3Aw%3A1600x1200%3Av%3A2050%3Az%3A-420%3Ai%3A20250527203411%3Au%3A1748403240126658868%3Avf%3A91r6djxnfa7uwydy6j81axfzfqaj%3Ast%3A1748403251&t=gdpr(14)ti(1)

Requested by

Host: cdn.s.yonote.ru
URL: https://cdn.s.yonote.ru/static/assets/index-C6KeYgs2.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

87.250.251.119 , Russian Federation, ASN13238 (YANDEX YANDEX LLC, RU),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Content-Type: text/plain
Referer

Response headers

strict-transport-security: max-age=31536000
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
pragma: no-cache
access-control-allow-credentials: true
expires: Wed, 28-May-2025 03:34:11 GMT
access-control-allow-origin: https://instructionss.yonote.ru
content-length: 43
x-xss-protection: 1; mode=block
last-modified: Wed, 28-May-2025 03:34:11 GMT
content-type: image/gif

GET
H2 206 Gamers%20Galaxy.mp4
storage.yandexcloud.net/yonote/uploads/104c0a82-df62-4d07-a190-8a0404554543/93778d3b-d806-4600-bc23-e7305c375b0d/ 133 KB
0 0ms
0ms Media
video/mp4 213.180.193.243
YANDEX YANDEX LLC

General

Check archive.org

Download Go to

Full URL: https://storage.yandexcloud.net/yonote/uploads/104c0a82-df62-4d07-a190-8a0404554543/93778d3b-d806-4600-bc23-e7305c375b0d/Gamers%20Galaxy.mp4
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 213.180.193.243 , Russian Federation, ASN13238 (YANDEX YANDEX LLC, RU),
Reverse DNS: storage.yandexcloud.net
Software: nginx /
Resource Hash

Request headers

Referer
Accept-Encoding: identity;q=1, *;q=0
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Range: bytes=2228224-

Response headers

cache-control: max-age=31557600
etag: "9a9e3561838a9e480c61c57f285fcaf6"
Content-Range: bytes 2228224-57413230/57413231
x-amz-request-id: f06ac4c4c25a31c8
accept-ranges: bytes
Content-Length: 55185007
date: Wed, 28 May 2025 03:34:06 GMT
last-modified: Sat, 26 Apr 2025 17:29:28 GMT
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method
server: nginx
content-type: video/mp4

POST 88038839
mc.yandex.com/webvisor/ 0
0

POST
H2 200 88038839 Show response
mc.yandex.com/webvisor/ 43 B
119 B 619ms
617ms XHR
image/gif 87.250.251.119
YANDEX YANDEX LLC

General

Check archive.org

Download Go to

Full URL

https://mc.yandex.com/webvisor/88038839?wv-part=7&wv-type=7&wmode=0&wv-hit=188192765&page-url=https%3A%2F%2Finstructionss.yonote.ru%2Fshare%2F5d6a1486-64ee-479b-91a7-3c9e2a3536b9&rn=243108452&browser-info=bt%3A1%3Awe%3A1%3Aet%3A1748403253%3Aw%3A1600x1200%3Av%3A2050%3Az%3A-420%3Ai%3A20250527203413%3Au%3A1748403240126658868%3Avf%3A91r6djxnfa7uwydy6j81axfzfqaj%3Ast%3A1748403254&t=gdpr(14)ti(2)

Requested by

Host: cdn.s.yonote.ru
URL: https://cdn.s.yonote.ru/static/assets/index-C6KeYgs2.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

87.250.251.119 , Russian Federation, ASN13238 (YANDEX YANDEX LLC, RU),

Reverse DNS