goo.su
185.43.4.171  Public Scan Open in urlscan Pro

4 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 8

• https://counter.yadro.ru/hit?t44.11;r;s1600*1200*24;uhttps%3A//goo.su/3oxh2eW;hNot%20Found;0.7007246767079114 HTTP 302
• https://counter.yadro.ru/hit?q;t44.11;r;s1600*1200*24;uhttps%3A//goo.su/3oxh2eW;hNot%20Found;0.7007246767079114

Request Chain 21

• https://mc.yandex.com/sync_cookie_image_check?scid=35ed6910-c609-1138-99c7-6eeb52ba84a7&cid=99705705 HTTP 302
• https://mc.yandex.ru/sync_cookie_image_start?cid=99705705&redirect_domain=mc.yandex.com&scid=35ed6910-c609-1138-99c7-6eeb52ba84a7&token=11014.-M3j01iE_CR9xvWY5IRvLj_gJj5K_sH-RCV8eOaCqDhggserhTI9gtztq_QQaLYz.7qSaDwWlmdM8WqN370BpW_FGykM%2C HTTP 302
• https://mc.yandex.com/sync_cookie_image_decide?cid=99705705&scid=35ed6910-c609-1138-99c7-6eeb52ba84a7&token=11014.qEOuWTV-yT1qn55AADXiCLkH2XWvtmCwaSQGEQHnkQDifYiTetmHx2xAudnww4HiExwicjCk0vWnE3nJOMBsPGkDkXFACtwlDhYd-GA1AD4%2C.5NMue_jjeozqT1kOXLy_bpbENjM%2C

Request Chain 36

• https://kimberlite.io/rtb/ujs?ymss=digitalcaramel HTTP 307
• https://kimberlite.io/rtb/ujs?ymss=digitalcaramel&rc=1

Request Chain 38

• https://mc.yandex.com/watch/99705705?wmode=7&page-url=https%3A%2F%2Fgoo.su%2F3oxh2eW&charset=utf-8&uah=chu%0A%22Chromium%22%3Bv%3D%22147%22%2C%22Google%20Chrome%22%3Bv%3D%22147%22%2C%22Not-A.Brand%22%3Bv%3D%2224%22%0Acha%0Ax86%0Achb%0A64%0Achf%0A147.0.7727.116%0Achl%0A%22Chromium%22%3Bv%3D%22147.0.0.0%22%2C%22Google%20Chrome%22%3Bv%3D%22147.0.0.0%22%2C%22Not-A.Brand%22%3Bv%3D%2224.0.0.0%22%0Achm%0A%3F0%0Achp%0ALinux&browser-info=pv%3A1%3Avf%3A6glgxny3ywmlt088t0nklbpybmq57%3Afu%3A0%3Aen%3Autf-8%3Ala%3Ade-DE%3Av%3A2482%3Acn%3A1%3Adp%3A0%3Als%3A101383496476%3Ahid%3A270962768%3Az%3A120%3Ai%3A20260428060642%3Aet%3A1777349203%3Ac%3A1%3Arn%3A662385350%3Arqn%3A1%3Au%3A1777349203720037607%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Afp%3A580%3Awv%3A2%3Ads%3A6%2C153%2C213%2C2%2C0%2C0%2C%2C199%2C1%2C%2C%2C%2C600%3Aco%3A0%3Acpf%3A1%3Ans%3A1777349201480%3Agi%3AR0ExLjEuMTMxMjc1NTU2MS4xNzc3MzQ5MjAy%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1777349203%3At%3ANot%20Found&t=clt(457)gdpr(14)clc(0-0-0)rqnt(1)aw(1)rcm(1)cdl(na)eco(42009092)ti(1) HTTP 302
• https://mc.yandex.com/watch/99705705/1?wmode=7&page-url=https%3A%2F%2Fgoo.su%2F3oxh2eW&charset=utf-8&uah=chu%0A%22Chromium%22%3Bv%3D%22147%22%2C%22Google%20Chrome%22%3Bv%3D%22147%22%2C%22Not-A.Brand%22%3Bv%3D%2224%22%0Acha%0Ax86%0Achb%0A64%0Achf%0A147.0.7727.116%0Achl%0A%22Chromium%22%3Bv%3D%22147.0.0.0%22%2C%22Google%20Chrome%22%3Bv%3D%22147.0.0.0%22%2C%22Not-A.Brand%22%3Bv%3D%2224.0.0.0%22%0Achm%0A%3F0%0Achp%0ALinux&browser-info=pv%3A1%3Avf%3A6glgxny3ywmlt088t0nklbpybmq57%3Afu%3A0%3Aen%3Autf-8%3Ala%3Ade-DE%3Av%3A2482%3Acn%3A1%3Adp%3A0%3Als%3A101383496476%3Ahid%3A270962768%3Az%3A120%3Ai%3A20260428060642%3Aet%3A1777349203%3Ac%3A1%3Arn%3A662385350%3Arqn%3A1%3Au%3A1777349203720037607%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Afp%3A580%3Awv%3A2%3Ads%3A6%2C153%2C213%2C2%2C0%2C0%2C%2C199%2C1%2C%2C%2C%2C600%3Aco%3A0%3Acpf%3A1%3Ans%3A1777349201480%3Agi%3AR0ExLjEuMTMxMjc1NTU2MS4xNzc3MzQ5MjAy%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1777349203%3At%3ANot%20Found&t=clt%28457%29gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29rcm%281%29cdl%28na%29eco%2842009092%29ti%281%29&redirnss=1

Request Chain 39

• https://mc.yandex.com/sync_cookie_image_check_secondary?scid=07b381d7-15ed-eae5-233c-94232940c39f&cid=99705705 HTTP 302
• https://mc.yandex.ru/sync_cookie_image_start_secondary?cid=99705705&redirect_domain=mc.yandex.com&scid=07b381d7-15ed-eae5-233c-94232940c39f&token=11014.PrJCJHfHFhvjZqNEdgxi0xYVHHrEyn836SRl3nVCvMztElULk1w2C6jPjWa29rKr.KURjfdn5NPBopj0tIDamMw9BN3w%2C HTTP 302
• https://mc.yandex.com/sync_cookie_image_decide_secondary?cid=99705705&scid=07b381d7-15ed-eae5-233c-94232940c39f&token=11014.rL19HIaEpdFmYDKd3ruk-owSTzA4L0EylXQtbg25az7k3bU5hxQyGOIc9KXOqFoOJwlnz9Ql6C9zOqx2EcQ7P6-mKmvHgsk2HH-_wwQjBH8%2C.RkV9TgetbKZIsUNidZabegoolpE%2C HTTP 302
• https://mc.yandex.ru/sync_cookie_image_finish_secondary?cid=99705705&redirect_domain=mc.yandex.com&scid=07b381d7-15ed-eae5-233c-94232940c39f&token=11014.1A3FVLMapN0Asc08tFhmKwSSz46x22vuuIqHE9pHhnn8hlgxnu9ALeq7eJG4mtUT93jC_XU3td3e8d5M1_II3aJ1YqUCjeSySdO8ILmu63ZQwJ-ryGouKgyQa14cwNKJGpjPN4nwEiSenNzHUfaJzmCTNScZoONdD3JMe0-u--mv32iOZzIuqPk-LaoGg5WINTMulGhemVu-8J6KHwfCSA%2C%2C.eegfpS8CHmq99szXK6z6wIUWYik%2C

Request Chain 55

• https://exchange.buzzoola.com/ssp/adfox HTTP 307
• https://exchange.buzzoola.com/ssp/adfox?set_buzzoola_cookie=t

Request Chain 71

• https://ads.betweendigital.com/sspmatch?p=42917&r=1777349202719 HTTP 302
• https://ads.betweendigital.com/sspmatch?p=42917&r=1777349202719&crf=1&rts=8213676748396356911 HTTP 302
• https://x.bidswitch.net/sync?ssp=between&uid=5a3216cd-26c9-5276-9baa-5032f25a6261&gdpr=0&gdpr_consent=&us_privacy=${GPP_STRING_123}&redir=https%3A%2F%2Fads.betweendigital.com%2Fmatch%3Fbidder_id%3D22%26external_user_id%3D%24%7BUUID%7D HTTP 302
• https://x.bidswitch.net/ul_cb/sync?ssp=between&uid=5a3216cd-26c9-5276-9baa-5032f25a6261&gdpr=0&gdpr_consent=&us_privacy=${GPP_STRING_123}&redir=https%3A%2F%2Fads.betweendigital.com%2Fmatch%3Fbidder_id%3D22%26external_user_id%3D%24%7BUUID%7D HTTP 302
• https://ads.betweendigital.com/match?bidder_id=43092&gdpr=0&consent=&callback_url=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D429%26user_id%3D%24%7BUSER_ID%7D%26ssp%3Dbetween%26expires%3D30%26user_group%3D%24%7BUSER_GROUP%7D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
• https://x.bidswitch.net/sync?dsp_id=429&user_id=d0e149d4-0bd7-5276-89d6-e4e3e026d6b0&ssp=between&expires=30&user_group=1&gdpr=0&gdpr_consent= HTTP 302
• https://ads.betweendigital.com/match?bidder_id=22&external_user_id=bdc2581e-af8e-4444-9c0f-2a02cf8477f8&gdpr=0&gdpr_consent= HTTP 302
• https://x.bidswitch.net/sync?ssp=between&uid=d0e149d4-0bd7-5276-89d6-e4e3e026d6b0&gdpr=0&gdpr_consent=&us_privacy=${GPP_STRING_123}&redir=https%3A%2F%2Fads.betweendigital.com%2Fmatch%3Fbidder_id%3D22%26external_user_id%3D%24%7BUUID%7D HTTP 302
• https://pool.liftdsp.com/sync?ssp=bidswitch&bidswitch_ssp_id=between&bsw_custom_parameter=bdc2581e-af8e-4444-9c0f-2a02cf8477f8&gdpr=0&gdpr_consent= HTTP 302
• https://pool.liftdsp.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=between&bsw_custom_parameter=bdc2581e-af8e-4444-9c0f-2a02cf8477f8&gdpr=0&gdpr_consent= HTTP 302
• https://x.bidswitch.net/sync?dsp_id=23&expires=14&user_id=4bba4d37-9750-480a-abb7-0b78c0cc81c5&user_group=1&ssp=between&bsw_param=bdc2581e-af8e-4444-9c0f-2a02cf8477f8&gdpr=0&gdpr_consent= HTTP 302
• https://ads.betweendigital.com/match?bidder_id=22&external_user_id=bdc2581e-af8e-4444-9c0f-2a02cf8477f8&gdpr=0&gdpr_consent= HTTP 302
• https://visitor-betweenx.omnitagjs.com/visitor/bsync?uid=cd6403e2c067b584fecdd6a3847819bf&name=gen01&url=https%3A%2F%2Fads.betweendigital.com%2Fmatch%3Fbidder_id%3D416%26external_user_id%3DPARTNER_USER_ID&visitor=d0e149d4-0bd7-5276-89d6-e4e3e026d6b0&gdpr=0&gdpr_consent=&us_privacy=${GPP_STRING_123}

Request Chain 72

• https://ads.betweendigital.com/sspmatch?p=41985&r=1777349202719 HTTP 302
• https://ads.betweendigital.com/sspmatch?p=41985&r=1777349202719&crf=1&rts=-3903490473210923445 HTTP 302
• https://x.bidswitch.net/sync?ssp=between&uid=6692c09f-f925-5276-968c-b6b6ff7c84e5&gdpr=0&gdpr_consent=&us_privacy=${GPP_STRING_123}&redir=https%3A%2F%2Fads.betweendigital.com%2Fmatch%3Fbidder_id%3D22%26external_user_id%3D%24%7BUUID%7D HTTP 302
• https://x.bidswitch.net/ul_cb/sync?ssp=between&uid=6692c09f-f925-5276-968c-b6b6ff7c84e5&gdpr=0&gdpr_consent=&us_privacy=${GPP_STRING_123}&redir=https%3A%2F%2Fads.betweendigital.com%2Fmatch%3Fbidder_id%3D22%26external_user_id%3D%24%7BUUID%7D HTTP 302
• https://a.sportradarserving.com/sync?ssp=bidswitch&bidswitch_ssp_id=between&gdpr=0&gdpr_consent=

Request Chain 74

• https://kimberlite.io/rtb/syncd HTTP 307
• https://exchange.buzzoola.com/cookiesync/redirect?redirect_url=https%3A%2F%2Fkimberlite.io%2Frtb%2Fsync%2Fbuzzoola%3Fu%3D%24%7BUUID%7D%26f%3D%26n%3D1 HTTP 302
• https://kimberlite.io/rtb/sync/buzzoola?u=0fb6fd09-752f-4bde-4603-551f03801ef1&f=&n=1 HTTP 307
• https://dm.hybrid.ai/match?id=414

Request Chain 76

• https://sync.digitalcaramel.com/match/sp HTTP 302
• https://sync.digitalcaramel.com/match/sp?chk=1 HTTP 302
• https://mc.acint.net/rmatch?dp=230&euid=NjRiMDQwNTViZmM4N2I4MA&r=https%3A%2F%2Fsync.digitalcaramel.com%2Fmatch%2Fsapedsp%3Fid%3D%24%7BUSER_ID%7D%26fp%3D3026217885 HTTP 302
• https://ssp-rtb.sape.ru/rmatch?r=https%3A%2F%2Facint.net%2Frmatch%3Fdp%3D14%26euid%3D$%7BUSER_ID%7D%26r%3Dhttps%253A%252F%252Fsync.digitalcaramel.com%252Fmatch%252Fsapedsp%253Fid%253D%2524%257BUSER_ID%257D%2526fp%253D3026217885&dp=14 HTTP 302
• https://acint.net/rmatch?dp=14&euid=4F03420A5332F069A30216BC02513059&r=https%3A%2F%2Fsync.digitalcaramel.com%2Fmatch%2Fsapedsp%3Fid%3D%24%7BUSER_ID%7D%26fp%3D3026217885 HTTP 302
• https://sync.digitalcaramel.com/match/sapedsp?id=0900007F5332F069C639D91302ABA61C&fp=3026217885 HTTP 302
• https://exchange.buzzoola.com/cookiesync/redirect?redirect_url=https%3A%2F%2Fsync.digitalcaramel.com%2Fmatch%2Fbuzoola%3Fid%3D%24%7BUUID%7D%26fp%3D3026217885 HTTP 302
• https://sync.digitalcaramel.com/match/buzoola?id=0fb6fd09-752f-4bde-4603-551f03801ef1&fp=3026217885 HTTP 302
• https://sp.kombinat.digital/cm?ssp=caramel&redirect_url=https%3A%2F%2Fsync.digitalcaramel.com%2Fmatch%2Fkombinat%3Fid%3D%7Buid%7D%26fp%3D3026217885 HTTP 302
• https://sync.digitalcaramel.com/match/kombinat?id=63269e80-1a56-4453-ac44-72e3a74c68ca&fp=3026217885 HTTP 302
• https://a.giraff.io/rtb/sync?ssp=digitalcaramel-ssp&redirect=https%3A%2F%2Fsync.digitalcaramel.com%2Fmatch%2Fgiraff%3Fid%3D%24%7BUID%7D%26fp%3D3026217885 HTTP 302
• https://sync.digitalcaramel.com/match/giraff?id=8830e7ad650b4ea6&fp=3026217885 HTTP 302
• https://ads.betweendigital.com/match?bidder_id=46894&callback_url=https%3A%2F%2Fsync.digitalcaramel.com%2Fmatch%2Fbetween%3Fid%3D%24%7BUSER_ID%7D%26fp%3D3026217885 HTTP 302
• https://sync.digitalcaramel.com/match/between?id=d0e149d4-0bd7-5276-89d6-e4e3e026d6b0&fp=3026217885 HTTP 302
• https://ssp.bidster.net/sync/a1afdc4a-c7de-43aa-b099-0782ed08abd6?id=NjRiMDQwNTViZmM4N2I4MA&redirect=https%3A%2F%2Fsync.digitalcaramel.com%2Fmatch%2Fbidster%3Fid%3D%7Bid%7D%26fp%3D3026217885 HTTP 303
• https://sync.digitalcaramel.com/match/bidster?id=fb89238a5c1c4fcd033eb&fp=3026217885 HTTP 302
• https://cm.pxltag.com/rsync?platform_id=25b0079266944803ad725f6417301f6a&sync_url=https%3A%2F%2Fsync.digitalcaramel.com%2Fmatch%2Fadwile%3Fid%3D%7Binner_id%7D%26fp%3D3026217885 HTTP 302
• https://sync.digitalcaramel.com/match/adwile?id=2MfQaeYCI&fp=3026217885 HTTP 302
• https://csync.smilewanted.com/getuid?source=&gdpr=&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fsync.digitalcaramel.com%2Fmatch%2Fsmilewanted%3Fid%3D%24UID HTTP 302
• https://sync.digitalcaramel.com/match/smilewanted?id=e3bf53326fbe36a6789694dedb6660bf HTTP 302
• https://ssp.al-adtech.com/api/sync/digital_caramel_ortb

Request Chain 108

• https://cm.a.mts.ru/cm/tech?flowId=0ad8d3f8-90df-189f-8191-0983a062000a HTTP 302
• https://4441113851777349203842.cm.a.mts.ru/cm/match?flowId=0ad8d3f8-90df-189f-8191-0983a062000a

Request Chain 110

• https://cm.a.mts.ru/cm/tech?flowId=0ad8d3f8-90df-189f-8191-0983a062000a HTTP 302
• https://6962438361777349203841.cm.a.mts.ru/cm/match?flowId=0ad8d3f8-90df-189f-8191-0983a062000a

Request Chain 132

• https://sync.upravel.com/pbd/sync HTTP 302
• https://sync.upravel.com/pbd/sync?session_tpt=eyJoZWFkZXJzIjp7InJlZmVyZXIiOlsiaHR0cHM6Ly9nb28uc3UvIl19fQ== HTTP 302
• https://1026--81a236a2-b049-4c33-a372-f3b340509a28.stbid.ru/?r=https%3A%2F%2Fsync.upravel.com%2Fimage%3Fsource%3Dpbd HTTP 307
• https://sync.upravel.com/image?source=pbd HTTP 302
• https://sync.upravel.com/gpmdata/sync HTTP 302
• https://tms.gpmdata.ru/?dmpkit_cid=81460eb5-647b-4d9b-a3e3-7863f294c3da&dmpkit_evid=4a608d62-b43e-464c-ba40-a2d2ff300693&dsp_id=81a236a2-b049-4c33-a372-f3b340509a28&ru=https%3A%2F%2Fsync.upravel.com%2Fimage%3Fsource%3Dgpmdata HTTP 302
• https://sync.upravel.com/image?source=gpmdata HTTP 302
• https://sync.upravel.com/aidata/sync HTTP 302
• https://x01.aidata.io/0.gif?pid=MGCOM&id=81a236a2-b049-4c33-a372-f3b340509a28&back= HTTP 302
• https://x01.aidata.io/0.gif?pid=MGCOM&id=81a236a2-b049-4c33-a372-f3b340509a28&back=&bounce=1 HTTP 302
• https://px.adhigh.net/p/cm/aidata?u=dudC7EVEhND33X%2BEI2Jfmw&back=SYNC HTTP 302
• https://px.adhigh.net/p/cm/aidata?u=dudC7EVEhND33X%2BEI2Jfmw&back=SYNC&bounced=1 HTTP 302
• https://x01.aidata.io/0.gif?pid=GETINTENT&id=M6dAaV3EslW.AikABlGd0kSgZg&back=SYNC HTTP 302
• https://counter.yadro.ru/id-redir/aidata.gif?back=SYNC HTTP 302
• https://x01.aidata.io/0.gif?pid=LIVE&id=7CEBAAF2CEBE40E27482&back=SYNC HTTP 302
• https://sync.dmp.otm-r.com/match/aidata?back=SYNC&rp=https%3A%2F%2Fx01.aidata.io%2F0.gif%3Fpid%3DOTM%26id%3D%7Bpid%7D HTTP 302
• https://x01.aidata.io/0.gif?pid=OTM&id=NjlmMDMyNTMyNDNmYjUwYQ%3D%3D&back=SYNC HTTP 302
• https://sync.upravel.com/aidata/sync?back=SYNC

206 HTTP transactions Everything HTML Script Fetch XHR CSS Image Font Expand all
1 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	404 Not Found	Primary Request 3oxh2eW Show response goo.su/	14 KB 4 KB	373ms 214ms	Document text/html	185.43.4.171 RU-JSCIOT JSC IOT
General Check archive.org Show headers Download Go to Full URL https://goo.su/3oxh2eW Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 185.43.4.171 , Russian Federation, ASN29182 (RU-JSCIOT JSC IOT, RU), Reverse DNS deneiz2.fvds.ru Software nginx/1.18.0 (Ubuntu) / PHP/8.2.13 Resource Hash 46c5818fd89069bc51cc2d7a0c67aa14b1692d21771e418f3f2a733656a2e342 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36 sec-ch-ua "Chromium";v="147", "Google Chrome";v="147", "Not-A.Brand";v="24" sec-ch-ua-mobile ?0 sec-ch-ua-platform "Linux" Response headers Cache-Control no-cache, private Connection keep-alive Content-Encoding gzip Content-Type text/html; charset=UTF-8 Date Tue, 28 Apr 2026 04:06:41 GMT Server nginx/1.18.0 (Ubuntu) Transfer-Encoding chunked Vary Accept-Encoding X-Powered-By PHP/8.2.13 expires -1 pragma no-cache
GET H2	200	css fonts.googleapis.com/	6 KB 2 KB	137ms 61ms	Stylesheet text/css	192.178.183.95 Google LLC
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Open%20Sans:400&display=swap Requested by Host: goo.su URL: https://goo.su/3oxh2eW Protocol H2 Security TLS 1.3, , AES_256_GCM Server 192.178.183.95 , United States, ASN15169 (GOOGLE - Google LLC, US), Reverse DNS lcfraw-in-f95.1e100.net Software ESF / Resource Hash 64c18f81af81ab6b2ebc8598ed900f7023e0e8788bedd348ab41a92d76f80655 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers sec-ch-ua-platform "Linux" Referer https://goo.su/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36 sec-ch-ua "Chromium";v="147", "Google Chrome";v="147", "Not-A.Brand";v="24" sec-ch-ua-mobile ?0 Response headers content-encoding gzip x-content-type-options nosniff expires Tue, 28 Apr 2026 04:06:41 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 date Tue, 28 Apr 2026 04:06:41 GMT content-type text/css; charset=utf-8 vary Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site last-modified Tue, 28 Apr 2026 04:04:08 GMT x-frame-options SAMEORIGIN strict-transport-security max-age=31536000 link <https://fonts.gstatic.com>; rel=preconnect; crossorigin cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * cross-origin-opener-policy same-origin-allow-popups cross-origin-resource-policy cross-origin access-control-allow-origin * x-xss-protection 0 server ESF
GET H2	200	css fonts.googleapis.com/	6 KB 2 KB	136ms 61ms	Stylesheet text/css	192.178.183.95 Google LLC
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Roboto:400&display=swap Requested by Host: goo.su URL: https://goo.su/3oxh2eW Protocol H2 Security TLS 1.3, , AES_256_GCM Server 192.178.183.95 , United States, ASN15169 (GOOGLE - Google LLC, US), Reverse DNS lcfraw-in-f95.1e100.net Software ESF / Resource Hash 55765d8b683a0ce25e43363f56ebd29632716d24c60cecf5dea499f86e124b68 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers sec-ch-ua-platform "Linux" Referer https://goo.su/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36 sec-ch-ua "Chromium";v="147", "Google Chrome";v="147", "Not-A.Brand";v="24" sec-ch-ua-mobile ?0 Response headers content-encoding gzip x-content-type-options nosniff expires Tue, 28 Apr 2026 04:06:41 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 date Tue, 28 Apr 2026 04:06:41 GMT content-type text/css; charset=utf-8 vary Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site last-modified Tue, 28 Apr 2026 03:31:57 GMT x-frame-options SAMEORIGIN strict-transport-security max-age=31536000 link <https://fonts.gstatic.com>; rel=preconnect; crossorigin cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * cross-origin-opener-policy same-origin-allow-popups cross-origin-resource-policy cross-origin access-control-allow-origin * x-xss-protection 0 server ESF
GET H2	200	bootstrap.min.css cdn.jsdelivr.net/npm/bootstrap@5.3.3/dist/css/	227 KB 33 KB	99ms 28ms	Stylesheet text/css	104.16.174.226 Cloudflare
General Check archive.org Show headers Download Go to Full URL https://cdn.jsdelivr.net/npm/bootstrap@5.3.3/dist/css/bootstrap.min.css Requested by Host: goo.su URL: https://goo.su/3oxh2eW Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.16.174.226 , Ascension Island, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US), Reverse DNS Software cloudflare / Resource Hash 3c8f27e6009ccfd710a905e6dcf12d0ee3c6f2ac7da05b0572d3e0d12e736fc8 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Origin https://goo.su sec-ch-ua-platform "Linux" Referer https://goo.su/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36 sec-ch-ua "Chromium";v="147", "Google Chrome";v="147", "Not-A.Brand";v="24" sec-ch-ua-mobile ?0 Response headers access-control-expose-headers * content-encoding br cf-cache-status HIT etag W/"38d63-xawd7pYctZoEUlbsID9p4xeHL3w" age 3113480 report-to {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=L5w0Yhc5DzyRABTz3j2iSg3NLRyXk7UDkJMAQGGeTDlDG3SKqnde548DhaxoXh7EUhX2TtvVo7O5ExxNfmu%2BwXrrVRJmgHkyA8OCBTeiDDHbkler2MIHvwOqmmnxW3u3tYE%3D"}]} x-content-type-options nosniff x-jsd-version-type version alt-svc h3=":443"; ma=86400 x-cache HIT date Tue, 28 Apr 2026 04:06:41 GMT content-type text/css; charset=utf-8 x-served-by cache-fra-etou8220057-FRA vary Accept-Encoding strict-transport-security max-age=31536000; includeSubDomains; preload cache-control public, max-age=31536000, s-maxage=31536000, immutable timing-allow-origin * nel {"report_to":"cf-nel","success_fraction":0.01,"max_age":604800} cross-origin-resource-policy cross-origin cf-ray 9f3332203fd2469d-TXL accept-ranges bytes access-control-allow-origin * content-length 33206 server cloudflare x-jsd-version 5.3.3
GET H3	200	alpine.min.js Show response cdn.jsdelivr.net/npm/alpinejs@2.x.x/dist/	26 KB 9 KB	52ms 27ms	Script application/javascript	104.16.174.226 Cloudflare
General Check archive.org Show headers Download Go to Full URL https://cdn.jsdelivr.net/npm/alpinejs@2.x.x/dist/alpine.min.js Requested by Host: goo.su URL: https://goo.su/3oxh2eW Protocol H3 Security QUIC, , AES_128_GCM Server 104.16.174.226 , Ascension Island, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US), Reverse DNS Software cloudflare / Resource Hash 34fcd52c1ee65efca34f7e1a606df429aaa70b56d9fb8343499bf86ba38a9a1a Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers sec-ch-ua-platform "Linux" Referer https://goo.su/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36 sec-ch-ua "Chromium";v="147", "Google Chrome";v="147", "Not-A.Brand";v="24" sec-ch-ua-mobile ?0 Response headers access-control-expose-headers * content-encoding br cf-cache-status HIT etag W/"695b-oge728K/sTfxjGlCsvC2aPr2DgA" age 41778 report-to {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=cE1NjEi85NnfVnwn%2FGyOuLybcy5H5uKhs3YcfcJ3Y%2BVlt%2BZhD3tH45%2FQTDuH0WVWbVg71Tyt8tlI%2FiGTj4gR2bEuwjWHaGOdbooW7TvWvRbcibYisMjBiBq40KRCvN7nzms%3D"}]} x-content-type-options nosniff x-jsd-version-type version alt-svc h3=":443"; ma=86400 x-cache HIT server-timing cfExtPri date Tue, 28 Apr 2026 04:06:42 GMT content-type application/javascript; charset=utf-8 x-served-by cache-fra-eddf8230028-FRA vary Accept-Encoding priority u=3,i=?0 strict-transport-security max-age=31536000; includeSubDomains; preload cache-control public, max-age=604800, s-maxage=43200 timing-allow-origin * nel {"report_to":"cf-nel","success_fraction":0.01,"max_age":604800} cross-origin-resource-policy cross-origin cf-ray 9f333220e98a8a82-TXL accept-ranges bytes access-control-allow-origin * content-length 8824 server cloudflare x-jsd-version 2.8.2
GET H2	200	v0 Show response openfpcdn.io/botd/	17 KB 7 KB	177ms 63ms	Script text/javascript	13.32.99.97 Amazon.com
General Check archive.org Show headers Download Go to Full URL https://openfpcdn.io/botd/v0 Requested by Host: goo.su URL: https://goo.su/3oxh2eW Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.32.99.97 New York, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US), Reverse DNS server-13-32-99-97.fra60.r.cloudfront.net Software CloudFront / Resource Hash d661db00e3bbb388796ff77a4020d8dca3ec169fda5bcd35025b6a63e6d26347 Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers sec-ch-ua-platform "Linux" Referer https://goo.su/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36 sec-ch-ua "Chromium";v="147", "Google Chrome";v="147", "Not-A.Brand";v="24" sec-ch-ua-mobile ?0 Response headers content-encoding gzip etag W/"5KqoidcxiD9rCNQJsghpkCGPfjg" age 10404 x-content-type-options nosniff alt-svc h3=":443"; ma=86400 x-cache Hit from cloudfront x-amz-cf-id 3VRwLAJy0mSVQmdRoQ6Q1KGoMxyTO2OjL4KCOmkmyIQ7NtcSrrt4HQ== date Tue, 28 Apr 2026 01:46:20 GMT content-type text/javascript; charset=utf-8 vary Accept-Encoding strict-transport-security max-age=63072000; includeSubDomains; preload cache-control public, max-age=621659, s-maxage=11162 cross-origin-resource-policy cross-origin via 1.1 968007545c497b68cc41825f11e930ba.cloudfront.net (CloudFront) access-control-allow-origin * x-amz-cf-pop FRA60-P3 server CloudFront
GET H3	200	adsbygoogle.js Show response pagead2.googlesyndication.com/pagead/js/	158 KB 54 KB	97ms 54ms	Script text/javascript	192.178.183.155 Google LLC
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-2221698569877911 Requested by Host: goo.su URL: https://goo.su/3oxh2eW Protocol H3 Security QUIC, , AES_128_GCM Server 192.178.183.155 , United States, ASN15169 (GOOGLE - Google LLC, US), Reverse DNS lcfraw-in-f155.1e100.net Software cafe / Resource Hash a16a3d5c170dad6a132bc14943e325064f1bd2802baa6679a31a31c0f7a06bad Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Origin https://goo.su sec-ch-ua-platform "Linux" Referer https://goo.su/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36 sec-ch-ua "Chromium";v="147", "Google Chrome";v="147", "Not-A.Brand";v="24" sec-ch-ua-mobile ?0 Response headers content-encoding br etag 1792198836008870951 x-content-type-options nosniff expires Tue, 28 Apr 2026 04:06:42 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" date Tue, 28 Apr 2026 04:06:42 GMT content-type text/javascript; charset=UTF-8 vary Accept-Encoding content-disposition attachment; filename="f.txt" link <https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin cache-control private, max-age=3600, stale-while-revalidate=3600 timing-allow-origin * cross-origin-resource-policy cross-origin access-control-allow-origin * content-length 55564 x-xss-protection 0 server cafe
GET H2	200	caramel.js Show response ads.digitalcaramel.com/	166 KB 167 KB	209ms 84ms	Script application/javascript	65.109.72.77 HETZNER-AS Hetzne...
General Check archive.org Show headers Download Go to Full URL https://ads.digitalcaramel.com/caramel.js?ts=1777349202025 Requested by Host: goo.su URL: https://goo.su/3oxh2eW Protocol H2 Security TLS 1.3, , AES_256_GCM Server 65.109.72.77 Helsinki, Finland, ASN24940 (HETZNER-AS Hetzner Online GmbH, DE), Reverse DNS static.77.72.109.65.clients.your-server.de Software nginx / Resource Hash 6d6daafbadb85f82506484f6bd2c8d01488ab62553257ce3b8e598647472b225 Security Headers Name Value Content-Security-Policy default-src 'self' http: https: ws: wss: data: blob: 'unsafe-inline'; frame-ancestors 'self'; Strict-Transport-Security max-age=31536000; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 1; mode=block Request headers sec-ch-ua-platform "Linux" Referer https://goo.su/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36 sec-ch-ua "Chromium";v="147", "Google Chrome";v="147", "Not-A.Brand";v="24" sec-ch-ua-mobile ?0 Response headers strict-transport-security max-age=31536000; includeSubDomains content-security-policy default-src 'self' http: https: ws: wss: data: blob: 'unsafe-inline'; frame-ancestors 'self'; etag "69e0989f-298dd" x-content-type-options nosniff referrer-policy no-referrer-when-downgrade permissions-policy interest-cohort=() accept-ranges bytes content-length 170205 date Tue, 28 Apr 2026 04:06:42 GMT x-xss-protection 1; mode=block content-type application/javascript last-modified Thu, 16 Apr 2026 08:06:55 GMT server nginx x-frame-options DENY
GET H2	200	gtm.js Show response www.googletagmanager.com/	330 KB 117 KB	155ms 58ms	Script application/javascript	142.250.154.97 Google LLC
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtm.js?id=GTM-TRGNQBDL Requested by Host: goo.su URL: https://goo.su/3oxh2eW Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.154.97 , United States, ASN15169 (GOOGLE - Google LLC, US), Reverse DNS bt-in-f97.1e100.net Software Google Tag Manager / Resource Hash 307619a70e84129b05d442edb81ac4624675c66c7287d1703a880c8486d40caf Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers sec-ch-ua-platform "Linux" Referer https://goo.su/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36 sec-ch-ua "Chromium";v="147", "Google Chrome";v="147", "Not-A.Brand";v="24" sec-ch-ua-mobile ?0 Response headers content-encoding zstd expires Tue, 28 Apr 2026 04:06:42 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 date Tue, 28 Apr 2026 04:06:42 GMT content-type application/javascript; charset=UTF-8 vary Accept-Encoding last-modified Tue, 28 Apr 2026 03:00:00 GMT access-control-allow-headers Cache-Control strict-transport-security max-age=31536000; includeSubDomains cache-control private, max-age=900 cross-origin-resource-policy cross-origin access-control-allow-credentials true access-control-allow-origin * content-length 119013 x-xss-protection 0 server Google Tag Manager
GET H/1.1	200 OK	hit counter.yadro.ru/ Redirect Chain https://counter.yadro.ru/hit?t44.11;r;s1600*1200*24;uhttps%3A//goo.su/3oxh2eW;hNot%20Found;0.7007246767079114 https://counter.yadro.ru/hit?q;t44.11;r;s1600*1200*24;uhttps%3A//goo.su/3oxh2eW;hNot%20Found;0.7007246767079114	132 B 676 B	97ms 97ms	Image image/gif	88.212.201.204 UNITEDNET EDINAYA...
General Check archive.org Show headers Download Go to Show image Full URL https://counter.yadro.ru/hit?q;t44.11;r;s1600*1200*24;uhttps%3A//goo.su/3oxh2eW;hNot%20Found;0.7007246767079114 Requested by Host: goo.su URL: https://goo.su/3oxh2eW Protocol HTTP/1.1 Server 88.212.201.204 Moscow, Russian Federation, ASN39134 (UNITEDNET EDINAYA SET LIMITED LIABILITY COMPANY, RU), Reverse DNS host204.rax.ru Software nginx/1.17.9 / Resource Hash e10cd8d343f9c37e3500c69d92f7ac7e78b6c7df29a2ace8cffe71bfa494e8c9 Security Headers Name Value Strict-Transport-Security max-age=86400 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36 Referer https://goo.su/ Response headers Strict-Transport-Security max-age=86400 Cache-control no-cache Pragma no-cache Accept-ch Sec-Ch-Ua-Platform,Sec-Ch-Ua-Platform-Version Connection keep-alive Expires Sun, 27 Apr 2025 21:00:00 GMT Access-Control-Allow-Origin * Content-Length 132 P3P policyref="/w3c/p3p.xml", CP="UNI" Date Tue, 28 Apr 2026 04:06:42 GMT Content-Type image/gif Server nginx/1.17.9 Redirect headers Strict-Transport-Security max-age=86400 Cache-control no-cache Location https://counter.yadro.ru/hit?q;t44.11;r;s1600*1200*24;uhttps%3A//goo.su/3oxh2eW;hNot%20Found;0.7007246767079114 Pragma no-cache Accept-ch Sec-Ch-Ua-Platform,Sec-Ch-Ua-Platform-Version Connection keep-alive Expires Sun, 27 Apr 2025 21:00:00 GMT Content-Length 32 P3P policyref="/w3c/p3p.xml", CP="UNI" Date Tue, 28 Apr 2026 04:06:42 GMT Content-Type text/html Server nginx/1.17.9
GET H2	200	top100.js Show response st.top100.ru/top100/	133 KB 37 KB	448ms 144ms	Script application/javascript	185.31.113.248 CDNvideo-AS CDNvi...
General Check archive.org Show headers Download Go to Full URL https://st.top100.ru/top100/top100.js Requested by Host: goo.su URL: https://goo.su/3oxh2eW Protocol H2 Security TLS 1.3, , AES_256_GCM Server 185.31.113.248 , Germany, ASN57363 (CDNvideo-AS CDNvideo LLC, RU), Reverse DNS Software nginx / Resource Hash 8732982fda10b40e9ff6a10e8b90f75d39ba310d76a5365391783c271e964148 Request headers sec-ch-ua-platform "Linux" Referer https://goo.su/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36 sec-ch-ua "Chromium";v="147", "Google Chrome";v="147", "Not-A.Brand";v="24" sec-ch-ua-mobile ?0 Response headers x-cdn-edge-id 2021 x-cdn-edge-cache HIT content-encoding br etag W/"f6f29e47508981214926ab7989c333ab" x-reserved-indicator 372 date Tue, 28 Apr 2026 04:06:42 GMT content-type application/javascript last-modified Wed, 15 Apr 2026 11:22:14 GMT server nginx x-cdn-request-id 4b0355633fe84a178ba0ee99af95478d
GET H2	200	tag.js Show response mc.yandex.ru/metrika/	257 KB 86 KB	332ms 168ms	Script application/javascript	87.250.251.119 YANDEX YANDEX LLC
General Check archive.org Show headers Download Go to Full URL https://mc.yandex.ru/metrika/tag.js Requested by Host: goo.su URL: https://goo.su/3oxh2eW Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 87.250.251.119 , Russian Federation, ASN13238 (YANDEX YANDEX LLC, RU), Reverse DNS mc.yandex.ru Software / Resource Hash 1c024d7ecf6f12e545ee3ffe30b085cd0d62ad36de8d4b708354792978167a89 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers sec-ch-ua-platform "Linux" Referer https://goo.su/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36 sec-ch-ua "Chromium";v="147", "Google Chrome";v="147", "Not-A.Brand";v="24" sec-ch-ua-mobile ?0 Response headers strict-transport-security max-age=31536000 cache-control max-age=3600 timing-allow-origin * content-encoding br accept-ch Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA etag "69eb5235-1538b" expires Tue, 28 Apr 2026 05:06:42 GMT access-control-allow-origin * content-length 86923 date Tue, 28 Apr 2026 04:06:42 GMT last-modified Fri, 24 Apr 2026 11:21:25 GMT content-type application/javascript
GET H2	200	code.js Show response top-fwz1.mail.ru/js/	48 KB 20 KB	386ms 168ms	Script application/javascript	95.163.52.67 VK-AS LLC VK
General Check archive.org Show headers Download Go to Full URL https://top-fwz1.mail.ru/js/code.js Requested by Host: goo.su URL: https://goo.su/3oxh2eW Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 95.163.52.67 , Russian Federation, ASN47764 (VK-AS LLC VK, RU), Reverse DNS top-fwz1.mail.ru Software nginx / Resource Hash 717f5632eac507594e29676bcdab5de9521ec216dae0ec961e661573587764a6 Security Headers Name Value X-Content-Type-Options nosniff Request headers sec-ch-ua-platform "Linux" Referer https://goo.su/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36 sec-ch-ua "Chromium";v="147", "Google Chrome";v="147", "Not-A.Brand";v="24" sec-ch-ua-mobile ?0 Response headers access-control-expose-headers AMP-Access-Control-Allow-Source-Origin content-encoding gzip etag W/"69de5948-bf65" access-control-allow-methods GET, POST, HEAD, PUT, OPTIONS x-content-type-options nosniff accept-ch-lifetime 86400 expires Tue, 28 Apr 2026 05:06:42 GMT p3p CP="NOI DSP COR NID CUR PSA OUR NOR" date Tue, 28 Apr 2026 04:06:42 GMT content-type application/javascript last-modified Tue, 14 Apr 2026 15:12:08 GMT access-control-allow-headers * cache-control max-age=3600, private timing-allow-origin * accept-ch DPR, Width, Viewport-Width, Downlink, Device-Memory, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version access-control-allow-credentials true amp-access-control-allow-source-origin * access-control-allow-origin * server nginx
GET H3	200	memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4gaVI.woff2 fonts.gstatic.com/s/opensans/v44/	18 KB 18 KB	78ms 35ms	Font font/woff2	192.178.183.94 Google LLC
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/opensans/v44/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4gaVI.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Open%20Sans:400&display=swap Protocol H3 Security QUIC, , AES_128_GCM Server 192.178.183.94 , United States, ASN15169 (GOOGLE - Google LLC, US), Reverse DNS lcfraw-in-f94.1e100.net Software sffe / Resource Hash 0e44026ad31376af1b56593cd4acb4f353f8e8789c51759e18f64578e4ef296a Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Origin https://goo.su sec-ch-ua-platform "Linux" Referer https://fonts.googleapis.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36 sec-ch-ua "Chromium";v="147", "Google Chrome";v="147", "Not-A.Brand";v="24" sec-ch-ua-mobile ?0 Response headers age 581490 report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} x-content-type-options nosniff expires Wed, 21 Apr 2027 10:35:12 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 date Tue, 21 Apr 2026 10:35:12 GMT last-modified Mon, 15 Sep 2025 16:29:38 GMT content-type font/woff2 cache-control public, max-age=31536000 timing-allow-origin * cross-origin-opener-policy same-origin; report-to="apps-themes" cross-origin-resource-policy cross-origin content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes accept-ranges bytes access-control-allow-origin * content-length 18640 x-xss-protection 0 server sffe
GET H3	200	v1 Show response openfpcdn.io/botd/	15 KB 5 KB	67ms 33ms	Script text/javascript	13.32.99.97 Amazon.com
General Check archive.org Show headers Download Go to Full URL https://openfpcdn.io/botd/v1 Requested by Host: goo.su URL: https://goo.su/3oxh2eW Protocol H3 Security QUIC, , AES_128_GCM Server 13.32.99.97 New York, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US), Reverse DNS server-13-32-99-97.fra60.r.cloudfront.net Software CloudFront / Resource Hash 29cb26e06f2a4a877f1134a46480d9b78f8b6e0e6f9b0fe67e34307c312b5a89 Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Origin https://goo.su sec-ch-ua-platform "Linux" Referer User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36 sec-ch-ua "Chromium";v="147", "Google Chrome";v="147", "Not-A.Brand";v="24" sec-ch-ua-mobile ?0 Response headers content-encoding gzip etag W/"5co2cnhGrt59+8B+iLKwJesMrpA" age 8366 x-content-type-options nosniff alt-svc h3=":443"; ma=86400 x-cache Hit from cloudfront x-amz-cf-id b6gROizde8hk7N1p1fmdj03Ow985MtWzi11_cATxALyhvf4cwjgMCw== date Tue, 28 Apr 2026 01:50:35 GMT content-type text/javascript; charset=utf-8 vary Accept-Encoding strict-transport-security max-age=63072000; includeSubDomains; preload cache-control public, max-age=624197, s-maxage=10347 cross-origin-resource-policy cross-origin via 1.1 968007545c497b68cc41825f11e930ba.cloudfront.net (CloudFront) access-control-allow-origin * x-amz-cf-pop FRA60-P3 server CloudFront
GET H3	200	show_ads_impl_fy2021.js Show response pagead2.googlesyndication.com/pagead/managed/js/adsense/m202604210101/	548 KB 177 KB	44ms 44ms	Script text/javascript	192.178.183.155 Google LLC
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202604210101/show_ads_impl_fy2021.js Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-2221698569877911 Protocol H3 Security QUIC, , AES_128_GCM Server 192.178.183.155 , United States, ASN15169 (GOOGLE - Google LLC, US), Reverse DNS lcfraw-in-f155.1e100.net Software cafe / Resource Hash 8760e3e5825b59ec7798dbd530b045c8ec4d14d2942c2047b349f1087b134386 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers sec-ch-ua-platform "Linux" Referer https://goo.su/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36 sec-ch-ua "Chromium";v="147", "Google Chrome";v="147", "Not-A.Brand";v="24" sec-ch-ua-mobile ?0 Response headers content-encoding br etag 9391854002773960457 age 43649 x-content-type-options nosniff expires Mon, 11 May 2026 15:59:13 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" date Mon, 27 Apr 2026 15:59:13 GMT content-disposition attachment; filename="f.txt" content-type text/javascript; charset=UTF-8 vary Accept-Encoding cache-control public, immutable, max-age=1209600 timing-allow-origin * cross-origin-resource-policy cross-origin content-length 181360 x-xss-protection 0 server cafe
GET H2	200	js Show response www.googletagmanager.com/gtag/	461 KB 156 KB	46ms 45ms	Script application/javascript	142.250.154.97 Google LLC
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=G-64YFP720ET&cx=c&gtm=4e64o1 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-TRGNQBDL Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.154.97 , United States, ASN15169 (GOOGLE - Google LLC, US), Reverse DNS bt-in-f97.1e100.net Software Google Tag Manager / Resource Hash 00942db86a7817b5101d8997dddeb9f96cb215793b06eba53dd88bbb04569139 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers sec-ch-ua-platform "Linux" Referer https://goo.su/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36 sec-ch-ua "Chromium";v="147", "Google Chrome";v="147", "Not-A.Brand";v="24" sec-ch-ua-mobile ?0 Response headers strict-transport-security max-age=31536000; includeSubDomains cache-control private, max-age=900 content-encoding zstd cross-origin-resource-policy cross-origin access-control-allow-credentials true expires Tue, 28 Apr 2026 04:06:42 GMT access-control-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 159868 date Tue, 28 Apr 2026 04:06:42 GMT x-xss-protection 0 content-type application/javascript; charset=UTF-8 vary Accept-Encoding server Google Tag Manager access-control-allow-headers Cache-Control
GET H3	200	zrt_lookup_fy2021.html Show response pagead2.googlesyndication.com/pagead/html/r20260424/r20190131/ Frame 2316	8 KB 4 KB	77ms 35ms	Document text/html	192.178.183.156 Google LLC
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/html/r20260424/r20190131/zrt_lookup_fy2021.html Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202604210101/show_ads_impl_fy2021.js Protocol H3 Security QUIC, , AES_128_GCM Server 192.178.183.156 , United States, ASN15169 (GOOGLE - Google LLC, US), Reverse DNS lcfraw-in-f156.1e100.net Software cafe / Resource Hash 36127f528a765e887579c62228b555318bbacad3d36f99b3985a1a30a0ade2ea Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://goo.su/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36 sec-ch-ua "Chromium";v="147", "Google Chrome";v="147", "Not-A.Brand";v="24" sec-ch-ua-mobile ?0 sec-ch-ua-platform "Linux" Response headers age 29475 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control public, max-age=1209600 content-encoding br content-length 3877 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Mon, 27 Apr 2026 19:55:27 GMT etag 15664404097259849350 expires Mon, 11 May 2026 19:55:27 GMT p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" server cafe timing-allow-origin * vary Accept-Encoding x-content-type-options nosniff x-xss-protection 0
GET H3	200	ads Show response pagead2.googlesyndication.com/pagead/ Frame D0EE	0 16 B	106ms 72ms	Document text/html	192.178.183.156 Google LLC
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/ads?client=ca-pub-2221698569877911&output=html&adk=1812271804&adf=3025194257&lmt=1777349202&plaf=1%3A2%2C2%3A2%2C7%3A2&plat=1%3A128%2C2%3A128%2C3%3A128%2C4%3A128%2C8%3A128%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32%2C43%3A32&format=0x0&url=https%3A%2F%2Fgoo.su%2F3oxh2eW&pra=5&asro=0&itsi=-1&aiapmid=0.0001&aiactd=0&aicctd=0&ailctd=0&aimartd=4&aieuf=1&aicrs=1&uach=WyJMaW51eCIsIiIsIng4NiIsIiIsIjE0Ny4wLjc3MjcuMTE2IixudWxsLDAsbnVsbCwiNjQiLFtbIkNocm9taXVtIiwiMTQ3LjAuMC4wIl0sWyJHb29nbGUgQ2hyb21lIiwiMTQ3LjAuMC4wIl0sWyJOb3QtQS5CcmFuZCIsIjI0LjAuMC4wIl1dLDBd&abgtt=6&dt=1777349202198&bpp=2&bdt=333&idt=144&shv=r20260424&mjsv=m202604210101&ptt=9&saldr=aa&abxe=1&eoidce=1&nras=1&correlator=7635319313714&frm=20&pv=2&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=32&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31098107%2C42532524%2C95386813%2C95389146%2C95386338%2C95387777&oid=2&pvsid=4193465744641746&tmod=351168794&uas=0&nvt=1&fsapi=1&fc=1920&brdim=1570%2C1170%2C1570%2C1170%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&ifi=1&uci=a!1&fsb=1&dtd=156 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202604210101/show_ads_impl_fy2021.js Protocol H3 Security QUIC, , AES_128_GCM Server 192.178.183.156 , United States, ASN15169 (GOOGLE - Google LLC, US), Reverse DNS lcfraw-in-f156.1e100.net Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://goo.su/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36 sec-ch-ua "Chromium";v="147", "Google Chrome";v="147", "Not-A.Brand";v="24" sec-ch-ua-mobile ?0 sec-ch-ua-platform "Linux" Response headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Tue, 28 Apr 2026 04:06:42 GMT p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" server cafe timing-allow-origin * x-content-type-options nosniff x-xss-protection 0
GET H3	200	ads Show response pagead2.googlesyndication.com/pagead/ Frame E541	105 KB 39 KB	741ms 725ms	Document text/html	192.178.183.156 Google LLC
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/ads?client=ca-pub-2221698569877911&output=html&h=300&slotname=2783776122&adk=3407623964&adf=4065594387&pi=t.ma~as.2783776122&w=500&lmt=1777349202&format=500x300&url=https%3A%2F%2Fgoo.su%2F3oxh2eW&asro=0&aiapmid=0.0001&aiactd=0&aicctd=0&ailctd=0&aimartd=4&aieuf=1&aicrs=1&uach=WyJMaW51eCIsIiIsIng4NiIsIiIsIjE0Ny4wLjc3MjcuMTE2IixudWxsLDAsbnVsbCwiNjQiLFtbIkNocm9taXVtIiwiMTQ3LjAuMC4wIl0sWyJHb29nbGUgQ2hyb21lIiwiMTQ3LjAuMC4wIl0sWyJOb3QtQS5CcmFuZCIsIjI0LjAuMC4wIl1dLDBd&abgtt=6&dt=1777349202200&bpp=1&bdt=335&idt=166&shv=r20260424&mjsv=m202604210101&ptt=9&saldr=aa&abxe=1&eoidce=1&prev_fmts=0x0&nras=1&correlator=7635319313714&frm=20&pv=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=32&adx=550&ady=0&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31098107%2C42532524%2C95386813%2C95389146%2C95386338%2C95387777&oid=2&pvsid=4193465744641746&tmod=351168794&uas=0&nvt=1&fc=1920&brdim=1570%2C1170%2C1570%2C1170%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7CeoE%7C&abl=CS&pfx=0&fu=0&bc=31&bz=1&ifi=2&uci=a!2&fsb=1&dtd=172 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202604210101/show_ads_impl_fy2021.js Protocol H3 Security QUIC, , AES_128_GCM Server 192.178.183.156 , United States, ASN15169 (GOOGLE - Google LLC, US), Reverse DNS lcfraw-in-f156.1e100.net Software cafe / Resource Hash 8c785fcb9fe5f0daf6b754ae1ff4e4ef8ffe57fe2687327566e3afedb0e22c24 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://goo.su/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36 sec-ch-ua "Chromium";v="147", "Google Chrome";v="147", "Not-A.Brand";v="24" sec-ch-ua-mobile ?0 sec-ch-ua-platform "Linux" Response headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-encoding br content-length 40252 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Tue, 28 Apr 2026 04:06:43 GMT p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" server cafe timing-allow-origin * x-content-type-options nosniff x-xss-protection 0
GET H2	200	goo.su.json Show response cdn.digitalcaramel.com/configs/	38 KB 6 KB	317ms 115ms	Fetch application/json	95.181.182.182 EdgeCenterLLC Edg...
General Check archive.org Show headers Download Go to Full URL https://cdn.digitalcaramel.com/configs/goo.su.json Requested by Host: ads.digitalcaramel.com URL: https://ads.digitalcaramel.com/caramel.js?ts=1777349202025 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 95.181.182.182 Perm, Russian Federation, ASN210756 (EdgeCenterLLC EdgeCenter LLC, RU), Reverse DNS Software nginx / Resource Hash 623899d01dd0cb7cd40669b9ec5a2af47ac6c41314591f6aa8c9116d45ca92fa Request headers sec-ch-ua-platform "Linux" Referer https://goo.su/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36 sec-ch-ua "Chromium";v="147", "Google Chrome";v="147", "Not-A.Brand";v="24" sec-ch-ua-mobile ?0 Response headers cache HIT content-encoding gzip etag W/"6960e749-963a" access-control-allow-methods GET expires Mon, 26 Jul 1997 05:00:00 GMT date Tue, 28 Apr 2026 04:06:42 GMT content-type application/json is-cdn yes vary Accept-Encoding last-modified Fri, 09 Jan 2026 11:32:25 GMT access-control-allow-headers Origin, Content-Type, Accept, Authorization x-node k12-up-gc17 cache-control no-cache access-control-allow-credentials true from-edge true access-control-allow-origin * x-cached-since 2026-04-27T11:35:28+00:00 server nginx
POST H2	204	collect region1.google-analytics.com/g/	0 0	211ms 114ms	Fetch text/plain	216.239.32.36 Google LLC
General Check archive.org Show headers Download Go to Full URL https://region1.google-analytics.com/g/collect?v=2&tid=G-64YFP720ET&gtm=45je64o1v9206643729z89205004943za20gzb9205004943zd9205004943&_p=1777349202047&gcd=13l3l3l2l1l1&npa=1&dma_cps=a&dma=1&are=1&cid=1312755561.1777349202&frm=0&pscdl=noapi&rcb=9&sr=1600x1200&uaa=x86&uab=64&uafvl=Chromium%3B147.0.0.0%7CGoogle%2520Chrome%3B147.0.0.0%7CNot-A.Brand%3B24.0.0.0&uam=&uamb=0&uap=Linux&uapv=&uaw=0&ul=de-de&_s=1&tag_exp=0~115616986~115938465~115938469~116363097~117266400~117512543&sid=1777349202&sct=1&seg=0&dl=https%3A%2F%2Fgoo.su%2F3oxh2eW&dt=Not%20Found&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=942 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=G-64YFP720ET&cx=c&gtm=4e64o1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 216.239.32.36 , United States, ASN15169 (GOOGLE - Google LLC, US), Reverse DNS Software Golfe2 / Resource Hash Request headers sec-ch-ua-platform "Linux" Referer https://goo.su/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36 sec-ch-ua "Chromium";v="147", "Google Chrome";v="147", "Not-A.Brand";v="24" sec-ch-ua-mobile ?0 Response headers cache-control no-cache, no-store, must-revalidate pragma no-cache cross-origin-resource-policy cross-origin access-control-allow-credentials true content-security-policy-report-only script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:138:0 report-to {"group":"ascnsrsggc:138:0","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:138:0"}],} expires Fri, 01 Jan 1990 00:00:00 GMT access-control-allow-origin https://goo.su cross-origin-opener-policy-report-only same-origin; report-to=ascnsrsggc:138:0 content-length 0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 date Tue, 28 Apr 2026 04:06:42 GMT content-type text/plain server Golfe2
GET H2	200	sync_cookie_image_decide mc.yandex.com/ Redirect Chain https://mc.yandex.com/sync_cookie_image_check?scid=35ed6910-c609-1138-99c7-6eeb52ba84a7&cid=99705705 https://mc.yandex.ru/sync_cookie_image_start?cid=99705705&redirect_domain=mc.yandex.com&scid=35ed6910-c609-1138-99c7-6eeb52ba84a7&token=11014.-M3j01iE_CR9xvWY5IRvLj_gJj5K_sH-RCV8eOaCqDhggserhTI9gtz... https://mc.yandex.com/sync_cookie_image_decide?cid=99705705&scid=35ed6910-c609-1138-99c7-6eeb52ba84a7&token=11014.qEOuWTV-yT1qn55AADXiCLkH2XWvtmCwaSQGEQHnkQDifYiTetmHx2xAudnww4HiExwicjCk0vWnE3nJOMB...	43 B 66 B	73ms 72ms	Image image/gif	87.250.251.119 YANDEX YANDEX LLC
General Check archive.org Show headers Download Go to Show image Full URL https://mc.yandex.com/sync_cookie_image_decide?cid=99705705&scid=35ed6910-c609-1138-99c7-6eeb52ba84a7&token=11014.qEOuWTV-yT1qn55AADXiCLkH2XWvtmCwaSQGEQHnkQDifYiTetmHx2xAudnww4HiExwicjCk0vWnE3nJOMBsPGkDkXFACtwlDhYd-GA1AD4%2C.5NMue_jjeozqT1kOXLy_bpbENjM%2C Requested by Host: goo.su URL: https://goo.su/3oxh2eW Protocol H2 Server 87.250.251.119 , Russian Federation, ASN13238 (YANDEX YANDEX LLC, RU), Reverse DNS mc.yandex.ru Software / Resource Hash 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Xss-Protection 1; mode=block Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36 Referer https://goo.su/ Response headers strict-transport-security max-age=31536000 content-length 43 x-xss-protection 1; mode=block content-type image/gif Redirect headers x-xss-protection 1; mode=block strict-transport-security max-age=31536000 location https://mc.yandex.com/sync_cookie_image_decide?cid=99705705&scid=35ed6910-c609-1138-99c7-6eeb52ba84a7&token=11014.qEOuWTV-yT1qn55AADXiCLkH2XWvtmCwaSQGEQHnkQDifYiTetmHx2xAudnww4HiExwicjCk0vWnE3nJOMBsPGkDkXFACtwlDhYd-GA1AD4%2C.5NMue_jjeozqT1kOXLy_bpbENjM%2C
GET H2	200	advert.gif mc.yandex.com/metrika/	43 B 139 B	123ms 122ms	Image image/gif	87.250.251.119 YANDEX YANDEX LLC
General Check archive.org Show headers Download Go to Show image Full URL https://mc.yandex.com/metrika/advert.gif?t=gdpr(14)ti(4) Requested by Host: goo.su URL: https://goo.su/3oxh2eW Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 87.250.251.119 , Russian Federation, ASN13238 (YANDEX YANDEX LLC, RU), Reverse DNS mc.yandex.ru Software / Resource Hash 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers sec-ch-ua-platform "Linux" Referer https://goo.su/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36 sec-ch-ua "Chromium";v="147", "Google Chrome";v="147", "Not-A.Brand";v="24" sec-ch-ua-mobile ?0 Response headers strict-transport-security max-age=31536000 cache-control max-age=3600 timing-allow-origin * etag "69ee6841-2b" accept-ch Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA expires Tue, 28 Apr 2026 05:06:42 GMT accept-ranges bytes access-control-allow-origin * content-length 43 date Tue, 28 Apr 2026 04:06:42 GMT last-modified Sun, 26 Apr 2026 19:32:17 GMT content-type image/gif
GET H/1.1	200 OK	sync-loader.js Show response privacy-cs.mail.ru/static/	83 KB 22 KB	1407ms 176ms	Script application/javascript	90.156.232.15 VK-AS LLC VK
General Check archive.org Show headers Download Go to Full URL https://privacy-cs.mail.ru/static/sync-loader.js Requested by Host: top-fwz1.mail.ru URL: https://top-fwz1.mail.ru/js/code.js Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 90.156.232.15 , Russian Federation, ASN47764 (VK-AS LLC VK, RU), Reverse DNS Software envoy-lb7-prod / Resource Hash ce24fe54ce3a08c6fffddbbd0efeda3cf530ea519bef2226d98139a1cb7d10d8 Request headers sec-ch-ua-platform "Linux" Referer https://goo.su/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36 sec-ch-ua "Chromium";v="147", "Google Chrome";v="147", "Not-A.Brand";v="24" sec-ch-ua-mobile ?0 Response headers transfer-encoding chunked cache-control max-age=600 timing-allow-origin * content-encoding gzip x-envoy-upstream-service-time 3 expires Tue, 28 Apr 2026 04:16:43 GMT access-control-allow-origin * date Tue, 28 Apr 2026 04:06:43 GMT content-type application/javascript;charset=UTF-8 server envoy-lb7-prod
GET H2	200	dyn-goal-config.js Show response top-fwz1.mail.ru/js/	3 KB 2 KB	95ms 95ms	Script application/javascript	95.163.52.67 VK-AS LLC VK
General Check archive.org Show headers Download Go to Full URL https://top-fwz1.mail.ru/js/dyn-goal-config.js?ids=3128781 Requested by Host: top-fwz1.mail.ru URL: https://top-fwz1.mail.ru/js/code.js Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 95.163.52.67 , Russian Federation, ASN47764 (VK-AS LLC VK, RU), Reverse DNS top-fwz1.mail.ru Software nginx / Resource Hash 0e7e3045519beaff2095d4a64b8dfb1b581013eb5b8f4b3549983c69abe7139b Security Headers Name Value X-Content-Type-Options nosniff Request headers sec-ch-ua-platform "Linux" Referer https://goo.su/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36 sec-ch-ua "Chromium";v="147", "Google Chrome";v="147", "Not-A.Brand";v="24" sec-ch-ua-mobile ?0 Response headers access-control-expose-headers AMP-Access-Control-Allow-Source-Origin content-encoding gzip access-control-allow-methods GET, POST, HEAD, PUT, OPTIONS x-content-type-options nosniff accept-ch-lifetime 86400 expires Tue, 28 Apr 2026 04:16:42 GMT p3p CP="NOI DSP COR NID CUR PSA OUR NOR" date Tue, 28 Apr 2026 04:06:42 GMT content-type application/javascript; charset=utf-8 access-control-allow-headers * cache-control max-age=600, private timing-allow-origin * accept-ch DPR, Width, Viewport-Width, Downlink, Device-Memory, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version access-control-allow-credentials true amp-access-control-allow-source-origin * access-control-allow-origin * server nginx
GET H2	200	counter top-fwz1.mail.ru/	43 B 1 KB	166ms 166ms	Image image/gif	95.163.52.67 VK-AS LLC VK
General Check archive.org Show headers Download Go to Show image Full URL https://top-fwz1.mail.ru/counter?_=0.49431915907586965;id=3128781;u=https%3A%2F%2Fgoo.su%2F3oxh2eW;title=Not%20Found;s=1600*1200;vp=1600*1200;touch=0;hds=1;sid=26c452e4843932a2;ver=60.6.0;tz=-120%2FEurope%2FBerlin;st=1777349202054;ct=1039/1043/1043//569;rt=568/466/0/0/0/568/569/580/580/787/601/787/954/1034;gl=u;ni=10//4g/50/0/;lvid=1777349202522%3A1777349202529%3A1%3A211b9afc6e55f3e8bdc3b530a23e8b34;opts=dl%2Cjst-gtag%2Ccnhp%3Dh2%2Ccs%3D19684-48997-19984;visible=true;js=13 Requested by Host: goo.su URL: https://goo.su/3oxh2eW Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 95.163.52.67 , Russian Federation, ASN47764 (VK-AS LLC VK, RU), Reverse DNS top-fwz1.mail.ru Software nginx / Resource Hash 24e480e4659fbae818853a38f8a3036f529f539024dc3e772c0b594ce02ea9db Security Headers Name Value X-Content-Type-Options nosniff Request headers sec-ch-ua-platform "Linux" Referer https://goo.su/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36 sec-ch-ua "Chromium";v="147", "Google Chrome";v="147", "Not-A.Brand";v="24" sec-ch-ua-mobile ?0 Response headers access-control-expose-headers AMP-Access-Control-Allow-Source-Origin access-control-allow-methods GET, POST, HEAD, PUT, OPTIONS x-content-type-options nosniff accept-ch-lifetime 86400 p3p CP="NOI DSP COR NID CUR PSA OUR NOR" date Tue, 28 Apr 2026 04:06:42 GMT content-type image/gif access-control-allow-headers * cache-control private, no-cache, no-store, max-age=0 timing-allow-origin * pragma no-cache accept-ch DPR, Width, Viewport-Width, Downlink, Device-Memory, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version access-control-allow-credentials true amp-access-control-allow-source-origin * access-control-allow-origin * content-length 43 server nginx
GET H2	200	mgc.js Show response st.top100.ru/top100/3.18.16/	5 KB 1 KB	83ms 83ms	Script application/javascript	185.31.113.248 CDNvideo-AS CDNvi...
General Check archive.org Show headers Download Go to Full URL https://st.top100.ru/top100/3.18.16/mgc.js Requested by Host: st.top100.ru URL: https://st.top100.ru/top100/top100.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 185.31.113.248 , Germany, ASN57363 (CDNvideo-AS CDNvideo LLC, RU), Reverse DNS Software nginx / Resource Hash 0fd4ae939ed9cce349dc7d756cd399d0ca2e69502ba03b2d4c8eb36c69a0deba Request headers sec-ch-ua-platform "Linux" Referer https://goo.su/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36 sec-ch-ua "Chromium";v="147", "Google Chrome";v="147", "Not-A.Brand";v="24" sec-ch-ua-mobile ?0 Response headers x-cdn-edge-id 2021 x-cdn-edge-cache HIT content-encoding br etag W/"1947e0ff2f28575012a101a9b7760a0a" x-reserved-indicator 372 date Tue, 28 Apr 2026 04:06:42 GMT content-type application/javascript last-modified Wed, 15 Apr 2026 11:22:14 GMT server nginx x-cdn-request-id 9e3ca4761c3fad27442098ede0daf096
POST H2	200	/ Show response kraken.rambler.ru/cnt/v2/	43 B 683 B	326ms 132ms	XHR image/gif	94.139.255.28 CLOUDRU-AS "Cloud...
General Check archive.org Show headers Download Go to Full URL https://kraken.rambler.ru/cnt/v2/ Requested by Host: st.top100.ru URL: https://st.top100.ru/top100/top100.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 94.139.255.28 Asbest, Russian Federation, ASN208677 (CLOUDRU-AS "Cloud Technologies" LLC trading as Cloud.ru, RU), Reverse DNS Software / Resource Hash 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers sec-ch-ua-platform "Linux" Referer https://goo.su/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36 sec-ch-ua "Chromium";v="147", "Google Chrome";v="147", "Not-A.Brand";v="24" Content-Type application/x-www-form-urlencoded sec-ch-ua-mobile ?0 Response headers strict-transport-security max-age=31536000; includeSubDomains cache-control no-cache accept-ch Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version pragma no-cache access-control-allow-credentials true access-control-allow-methods GET, POST, OPTIONS expires Thu, 01 Jan 1970 00:00:01 GMT access-control-allow-origin https://goo.su x-sca-elb dmz-top100-ext content-length 43 date Tue, 28 Apr 2026 04:06:42 GMT content-type image/gif access-control-allow-headers content-type
POST H2	200	/ Show response kraken.rambler.ru/cnt/v2/	43 B 685 B	271ms 78ms	XHR image/gif	94.139.255.28 CLOUDRU-AS "Cloud...
General Check archive.org Show headers Download Go to Full URL https://kraken.rambler.ru/cnt/v2/ Requested by Host: st.top100.ru URL: https://st.top100.ru/top100/top100.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 94.139.255.28 Asbest, Russian Federation, ASN208677 (CLOUDRU-AS "Cloud Technologies" LLC trading as Cloud.ru, RU), Reverse DNS Software / Resource Hash 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers sec-ch-ua-platform "Linux" Referer https://goo.su/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36 sec-ch-ua "Chromium";v="147", "Google Chrome";v="147", "Not-A.Brand";v="24" Content-Type application/x-www-form-urlencoded sec-ch-ua-mobile ?0 Response headers strict-transport-security max-age=31536000; includeSubDomains cache-control no-cache accept-ch Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version pragma no-cache access-control-allow-credentials true access-control-allow-methods GET, POST, OPTIONS expires Thu, 01 Jan 1970 00:00:01 GMT access-control-allow-origin https://goo.su x-sca-elb dmz-top100-ext content-length 43 date Tue, 28 Apr 2026 04:06:42 GMT content-type image/gif access-control-allow-headers content-type
GET H2	200	top100_0062b1.gif kraken.rambler.ru/counter-static/images/	595 B 1 KB	269ms 79ms	Image image/gif	94.139.255.28 CLOUDRU-AS "Cloud...
General Check archive.org Show headers Download Go to Show image Full URL https://kraken.rambler.ru/counter-static/images/top100_0062b1.gif Requested by Host: goo.su URL: https://goo.su/3oxh2eW Protocol H2 Security TLS 1.3, , AES_256_GCM Server 94.139.255.28 Asbest, Russian Federation, ASN208677 (CLOUDRU-AS "Cloud Technologies" LLC trading as Cloud.ru, RU), Reverse DNS Software / Resource Hash fda0897f4cdbbab911245c9ebaa4885f54a7e572b8c9b071dc976d1d27cab1a6 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers sec-ch-ua-platform "Linux" Referer https://goo.su/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36 sec-ch-ua "Chromium";v="147", "Google Chrome";v="147", "Not-A.Brand";v="24" sec-ch-ua-mobile ?0 Response headers x-obs-id-2 36AAAQAAEAABAAAQAAEAABAAAQAAEAABAAAaM=AAAAAAAAAAAAAAAAAAAAAAAAAA x-obs-meta-s3cmd-attrs atime:1775726050/ctime:1775726050/gid:0/gname:root/md5:10d95efe74b84de86398a30e7b958b79/mode:33206/mtime:1775726050/uid:0/uname:root access-control-allow-methods OPTIONS,GET x-sca-elb dmz-top100-ext date Tue, 28 Apr 2026 04:06:42 GMT content-type image/gif x-obs-request-id 2b44ba3982add13e52274a0a9c7622cf access-control-allow-headers DNT x-cache-status HIT strict-transport-security max-age=31536000; includeSubDomains cache-control max-age=86400 access-control-allow-credentials true x-obs-tagging-count 0 access-control-allow-origin * content-length 595 x-obs-content-sha256 fda0897f4cdbbab911245c9ebaa4885f54a7e572b8c9b071dc976d1d27cab1a6
GET H2	200	header-bidding.js Show response yandex.ru/ads/system/	133 KB 37 KB	300ms 131ms	Script text/javascript	77.88.44.55 YANDEX YANDEX LLC
General Check archive.org Show headers Download Go to Full URL https://yandex.ru/ads/system/header-bidding.js Requested by Host: ads.digitalcaramel.com URL: https://ads.digitalcaramel.com/caramel.js?ts=1777349202025 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 77.88.44.55 , Russian Federation, ASN13238 (YANDEX YANDEX LLC, RU), Reverse DNS yandex.ru Software / Resource Hash cb5ae10baa73778c64712e4006d1c4278fd69e63f55ebed2d91eabc4041cb901 Security Headers Name Value X-Content-Type-Options nosniff Request headers sec-ch-ua-platform "Linux" Referer https://goo.su/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36 sec-ch-ua "Chromium";v="147", "Google Chrome";v="147", "Not-A.Brand";v="24" sec-ch-ua-mobile ?0 Response headers x-robots-tag noindex, noarchive, nofollow x-yandex-req-id 1777349202970031-7525551749546253381-balancer-l7leveler-kubr-yp-klg-45-BAL cache-control private, max-age=3600 timing-allow-origin * content-encoding br nel {"report_to": "network-errors", "max_age": 100, "success_fraction": 0.001, "failure_fraction": 0.1} accept-ch Sec-CH-UA-Platform-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Platform, Sec-CH-UA-Full-Version, Sec-CH-Viewport-Width, Viewport-Width, DPR, Device-Memory, RTT, Downlink, ECT, Width, Sec-Ch-Viewport-Height etag "60438cf2d7c62e9da7d0fc533169dfdf-1304672" report-to { "group": "network-errors", "max_age": 100, "endpoints": [{"url": "https://dr.yandex.net/nel", "priority": 1}, {"url": "https://dr2.yandex.net/nel", "priority": 2}]} x-content-type-options nosniff expires Tue, 28 Apr 2026 05:06:42 GMT access-control-allow-origin * content-type text/javascript; charset=utf-8
GET H2	200	adsdk.js Show response yandex.ru/ads/system/	81 KB 29 KB	299ms 130ms	Script text/javascript	77.88.44.55 YANDEX YANDEX LLC
General Check archive.org Show headers Download Go to Full URL https://yandex.ru/ads/system/adsdk.js Requested by Host: ads.digitalcaramel.com URL: https://ads.digitalcaramel.com/caramel.js?ts=1777349202025 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 77.88.44.55 , Russian Federation, ASN13238 (YANDEX YANDEX LLC, RU), Reverse DNS yandex.ru Software / Resource Hash 07c7e40a53b4001aa67a98c28fa36a6be79c6cc06edc03938a03f36f80b7e605 Security Headers Name Value X-Content-Type-Options nosniff Request headers sec-ch-ua-platform "Linux" Referer https://goo.su/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36 sec-ch-ua "Chromium";v="147", "Google Chrome";v="147", "Not-A.Brand";v="24" sec-ch-ua-mobile ?0 Response headers x-robots-tag noindex, noarchive, nofollow x-yandex-req-id 1777349202969573-8966742850816811970-balancer-l7leveler-kubr-yp-klg-45-BAL cache-control private, max-age=3600 nel {"report_to": "network-errors", "max_age": 100, "success_fraction": 0.001, "failure_fraction": 0.1} content-encoding br accept-ch Sec-CH-UA-Platform-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Platform, Sec-CH-UA-Full-Version, Sec-CH-Viewport-Width, Viewport-Width, DPR, Device-Memory, RTT, Downlink, ECT, Width, Sec-Ch-Viewport-Height etag "2e7c1ad9680676bbda0b2a8f4c6647bf-1304788" timing-allow-origin * report-to { "group": "network-errors", "max_age": 100, "endpoints": [{"url": "https://dr.yandex.net/nel", "priority": 1}, {"url": "https://dr2.yandex.net/nel", "priority": 2}]} x-content-type-options nosniff expires Tue, 28 Apr 2026 05:06:42 GMT access-control-allow-origin * content-type text/javascript; charset=utf-8
GET H2	200	roxot-manager.js Show response cdn.skcrtxr.com/roxot-wrapper/js/	61 KB 9 KB	449ms 155ms	Script text/javascript	188.72.103.3 YACLOUDCDN Yandex...
General Check archive.org Show headers Download Go to Full URL https://cdn.skcrtxr.com/roxot-wrapper/js/roxot-manager.js?pid=19e08d82-9ec3-4dda-b15f-01ab2c95e167 Requested by Host: ads.digitalcaramel.com URL: https://ads.digitalcaramel.com/caramel.js?ts=1777349202025 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 188.72.103.3 Dubai, United Arab Emirates, ASN215013 (YACLOUDCDN Yandex.Cloud LLC, RU), Reverse DNS Software nginx / Resource Hash 0d461f6ade27f1e70db1337a16b03d15840cd11d44300f0adccf906c0c77cf08 Request headers sec-ch-ua-platform "Linux" Referer https://goo.su/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36 sec-ch-ua "Chromium";v="147", "Google Chrome";v="147", "Not-A.Brand";v="24" sec-ch-ua-mobile ?0 Response headers x-request-id 298e181c31826fd0 access-control-allow-private-network true cache-control max-age=600 content-encoding gzip access-control-allow-credentials true accept-ranges bytes content-length 8417 date Tue, 28 Apr 2026 04:06:43 GMT cache-status HIT content-type text/javascript; charset=utf-8 vary Accept-Encoding, Accept-Encoding server nginx x-service-id worker cache-host yccdn-ruvoz02kvant-1.yccdn.cloud.yandex.net
GET H2	200	aci.js Show response www.acint.net/	31 KB 9 KB	263ms 106ms	Script application/x-javascript	193.3.184.76 QWARTA QWARTA LLC
General Check archive.org Show headers Download Go to Full URL https://www.acint.net/aci.js Requested by Host: goo.su URL: https://goo.su/3oxh2eW Protocol H2 Security TLS 1.3, , AES_256_GCM Server 193.3.184.76 , Russian Federation, ASN50214 (QWARTA QWARTA LLC, RU), Reverse DNS Software openresty / Resource Hash aea695f22dc94b7d78ece57753cdd605584357e788b9a18bde7a8e9dc1c7442a Request headers sec-ch-ua-platform "Linux" Referer https://goo.su/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36 sec-ch-ua "Chromium";v="147", "Google Chrome";v="147", "Not-A.Brand";v="24" sec-ch-ua-mobile ?0 Response headers cache-control max-age=43200 content-encoding gzip etag "699db657-228f" expires Tue, 28 Apr 2026 16:06:42 GMT content-length 8847 date Tue, 28 Apr 2026 04:06:42 GMT content-type application/x-javascript last-modified Tue, 24 Feb 2026 14:31:51 GMT server openresty
GET H2	200	uids.js Show response cdn-rtb.sape.ru/js/	19 KB 7 KB	282ms 126ms	Script text/javascript	193.3.184.43 QWARTA QWARTA LLC
General Check archive.org Show headers Download Go to Full URL https://cdn-rtb.sape.ru/js/uids.js Requested by Host: ads.digitalcaramel.com URL: https://ads.digitalcaramel.com/caramel.js?ts=1777349202025 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 193.3.184.43 , Russian Federation, ASN50214 (QWARTA QWARTA LLC, RU), Reverse DNS Software openresty / Resource Hash 7514565a3223815ae99520f7946aa9768d7c80ff4761b685ece395a660c5814a Security Headers Name Value Content-Security-Policy block-all-mixed-content Strict-Transport-Security max-age=31536000; includeSubDomains X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers sec-ch-ua-platform "Linux" Referer https://goo.su/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36 sec-ch-ua "Chromium";v="147", "Google Chrome";v="147", "Not-A.Brand";v="24" sec-ch-ua-mobile ?0 Response headers content-encoding gzip etag W/"3bb14359d2ea582b8aeb4c3f24e5b7a2" x-content-type-options nosniff access-control-allow-methods GET, POST, OPTIONS expires Wed, 29 Apr 2026 04:06:42 GMT date Tue, 28 Apr 2026 04:06:42 GMT content-type text/javascript last-modified Thu, 09 Apr 2026 17:00:59 GMT vary Origin, Accept-Encoding x-cache-status HIT strict-transport-security max-age=31536000; includeSubDomains content-security-policy block-all-mixed-content cache-control max-age=86400 access-control-allow-credentials true x-amz-request-id 18A4BF536C7496C5 access-control-allow-origin * x-xss-protection 1; mode=block server openresty
GET H2	200	buzzoola_ext.js Show response tube.buzzoola.com/js/lib/	959 B 773 B	496ms 148ms	Script application/javascript	151.236.127.225 CDNvideo-AS CDNvi...
General Check archive.org Show headers Download Go to Full URL https://tube.buzzoola.com/js/lib/buzzoola_ext.js Requested by Host: ads.digitalcaramel.com URL: https://ads.digitalcaramel.com/caramel.js?ts=1777349202025 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 151.236.127.225 , Germany, ASN57363 (CDNvideo-AS CDNvideo LLC, RU), Reverse DNS Software nginx / Resource Hash fbdb44f2d09689e158a936ddf847eada264db3fa11a8f3e2e63e0dbc8620d722 Request headers sec-ch-ua-platform "Linux" Referer https://goo.su/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36 sec-ch-ua "Chromium";v="147", "Google Chrome";v="147", "Not-A.Brand";v="24" sec-ch-ua-mobile ?0 Response headers x-cdn-edge-id 313 x-cdn-edge-cache HIT content-encoding gzip expires Tue, 28 Apr 2026 05:00:00 GMT date Tue, 28 Apr 2026 04:06:43 GMT content-type application/javascript; charset=utf-8 last-modified Wed, 01 Apr 2026 11:49:57 GMT server nginx x-cdn-request-id ee879f74c09267d721019cc60ad09fb1
GET H/1.1	200 OK	ujs Show response kimberlite.io/rtb/ Redirect Chain https://kimberlite.io/rtb/ujs?ymss=digitalcaramel https://kimberlite.io/rtb/ujs?ymss=digitalcaramel&rc=1	4 KB 2 KB	108ms 108ms	Script application/javascript	37.0.127.91 NETRACK-AS Start2...
General Check archive.org Show headers Download Go to Full URL https://kimberlite.io/rtb/ujs?ymss=digitalcaramel&rc=1 Requested by Host: goo.su URL: https://goo.su/3oxh2eW Protocol HTTP/1.1 Server 37.0.127.91 Moscow, Russian Federation, ASN61400 (NETRACK-AS Start2 LLC, RU), Reverse DNS Software nginx / Resource Hash 81a7a30e74dedf6aa07f2c917d2c3f2807dce15153236ad00152c2903dbdb097 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36 Referer https://goo.su/ Response headers cache-control no-cache content-encoding gzip Connection keep-alive access-control-allow-credentials true access-control-allow-origin * server-timing app;srv=s25;dur=0.0004 Content-Length 1687 Date Tue, 28 Apr 2026 04:06:43 GMT Content-Type application/javascript Server nginx Redirect headers cache-control no-cache location /rtb/ujs?ymss=digitalcaramel&rc=1 Connection keep-alive access-control-allow-credentials true access-control-allow-origin * server-timing app;srv=s23a;dur=0.0002 Content-Length 0 Date Tue, 28 Apr 2026 04:06:42 GMT Content-Type application/javascript Server nginx
GET H2	200	context.js Show response yandex.ru/ads/system/	380 KB 101 KB	242ms 131ms	Script text/javascript	77.88.44.55 YANDEX YANDEX LLC
General Check archive.org Show headers Download Go to Full URL https://yandex.ru/ads/system/context.js Requested by Host: ads.digitalcaramel.com URL: https://ads.digitalcaramel.com/caramel.js?ts=1777349202025 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 77.88.44.55 , Russian Federation, ASN13238 (YANDEX YANDEX LLC, RU), Reverse DNS yandex.ru Software / Resource Hash d9f43de0edd7013544bb83eba89afba74dcaa693276c5ef299bec8472306a5ed Security Headers Name Value X-Content-Type-Options nosniff Request headers sec-ch-ua-platform "Linux" Referer https://goo.su/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36 sec-ch-ua "Chromium";v="147", "Google Chrome";v="147", "Not-A.Brand";v="24" sec-ch-ua-mobile ?0 Response headers x-robots-tag noindex, noarchive, nofollow x-yandex-req-id 1777349202970228-10031664750149020600-balancer-l7leveler-kubr-yp-klg-45-BAL nel {"report_to": "network-errors", "max_age": 100, "success_fraction": 0.001, "failure_fraction": 0.1} timing-allow-origin * content-encoding br cache-control private, max-age=3600 accept-ch Sec-CH-UA-Platform-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Platform, Sec-CH-UA-Full-Version, Sec-CH-Viewport-Width, Viewport-Width, DPR, Device-Memory, RTT, Downlink, ECT, Width, Sec-Ch-Viewport-Height etag "149a671eb71ca81ae7c48b4dc0fb5599-1304673" report-to { "group": "network-errors", "max_age": 100, "endpoints": [{"url": "https://dr.yandex.net/nel", "priority": 1}, {"url": "https://dr2.yandex.net/nel", "priority": 2}]} x-content-type-options nosniff expires Tue, 28 Apr 2026 05:06:42 GMT access-control-allow-origin * content-type text/javascript; charset=utf-8
GET H2	200	1 Show response mc.yandex.com/watch/99705705/ Redirect Chain https://mc.yandex.com/watch/99705705?wmode=7&page-url=https%3A%2F%2Fgoo.su%2F3oxh2eW&charset=utf-8&uah=chu%0A%22Chromium%22%3Bv%3D%22147%22%2C%22Google%20Chrome%22%3Bv%3D%22147%22%2C%22Not-A.Brand%... https://mc.yandex.com/watch/99705705/1?wmode=7&page-url=https%3A%2F%2Fgoo.su%2F3oxh2eW&charset=utf-8&uah=chu%0A%22Chromium%22%3Bv%3D%22147%22%2C%22Google%20Chrome%22%3Bv%3D%22147%22%2C%22Not-A.Bran...	694 B 1 KB	79ms 79ms	Fetch application/json	87.250.251.119 YANDEX YANDEX LLC
General Check archive.org Show headers Download Go to Full URL https://mc.yandex.com/watch/99705705/1?wmode=7&page-url=https%3A%2F%2Fgoo.su%2F3oxh2eW&charset=utf-8&uah=chu%0A%22Chromium%22%3Bv%3D%22147%22%2C%22Google%20Chrome%22%3Bv%3D%22147%22%2C%22Not-A.Brand%22%3Bv%3D%2224%22%0Acha%0Ax86%0Achb%0A64%0Achf%0A147.0.7727.116%0Achl%0A%22Chromium%22%3Bv%3D%22147.0.0.0%22%2C%22Google%20Chrome%22%3Bv%3D%22147.0.0.0%22%2C%22Not-A.Brand%22%3Bv%3D%2224.0.0.0%22%0Achm%0A%3F0%0Achp%0ALinux&browser-info=pv%3A1%3Avf%3A6glgxny3ywmlt088t0nklbpybmq57%3Afu%3A0%3Aen%3Autf-8%3Ala%3Ade-DE%3Av%3A2482%3Acn%3A1%3Adp%3A0%3Als%3A101383496476%3Ahid%3A270962768%3Az%3A120%3Ai%3A20260428060642%3Aet%3A1777349203%3Ac%3A1%3Arn%3A662385350%3Arqn%3A1%3Au%3A1777349203720037607%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Afp%3A580%3Awv%3A2%3Ads%3A6%2C153%2C213%2C2%2C0%2C0%2C%2C199%2C1%2C%2C%2C%2C600%3Aco%3A0%3Acpf%3A1%3Ans%3A1777349201480%3Agi%3AR0ExLjEuMTMxMjc1NTU2MS4xNzc3MzQ5MjAy%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1777349203%3At%3ANot%20Found&t=clt%28457%29gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29rcm%281%29cdl%28na%29eco%2842009092%29ti%281%29&redirnss=1 Requested by Host: goo.su URL: https://goo.su/3oxh2eW Protocol H2 Server 87.250.251.119 , Russian Federation, ASN13238 (YANDEX YANDEX LLC, RU), Reverse DNS mc.yandex.ru Software / Resource Hash 00620a326a7eae731247d71b302b64c544aa32410b1e440ccb6758cc8722a995 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36 Referer https://goo.su/ Response headers strict-transport-security max-age=31536000 cache-control private, no-cache, no-store, must-revalidate, max-age=0 accept-ch Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA pragma no-cache access-control-allow-credentials true x-content-type-options nosniff expires Tue, 28-Apr-2026 04:06:42 GMT access-control-allow-origin https://goo.su content-length 694 x-xss-protection 1; mode=block content-type application/json; charset=utf-8 last-modified Tue, 28-Apr-2026 04:06:42 GMT Redirect headers strict-transport-security max-age=31536000 cache-control private, no-cache, no-store, must-revalidate, max-age=0 location /watch/99705705/1?wmode=7&page-url=https%3A%2F%2Fgoo.su%2F3oxh2eW&charset=utf-8&uah=chu%0A%22Chromium%22%3Bv%3D%22147%22%2C%22Google%20Chrome%22%3Bv%3D%22147%22%2C%22Not-A.Brand%22%3Bv%3D%2224%22%0Acha%0Ax86%0Achb%0A64%0Achf%0A147.0.7727.116%0Achl%0A%22Chromium%22%3Bv%3D%22147.0.0.0%22%2C%22Google%20Chrome%22%3Bv%3D%22147.0.0.0%22%2C%22Not-A.Brand%22%3Bv%3D%2224.0.0.0%22%0Achm%0A%3F0%0Achp%0ALinux&browser-info=pv%3A1%3Avf%3A6glgxny3ywmlt088t0nklbpybmq57%3Afu%3A0%3Aen%3Autf-8%3Ala%3Ade-DE%3Av%3A2482%3Acn%3A1%3Adp%3A0%3Als%3A101383496476%3Ahid%3A270962768%3Az%3A120%3Ai%3A20260428060642%3Aet%3A1777349203%3Ac%3A1%3Arn%3A662385350%3Arqn%3A1%3Au%3A1777349203720037607%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Afp%3A580%3Awv%3A2%3Ads%3A6%2C153%2C213%2C2%2C0%2C0%2C%2C199%2C1%2C%2C%2C%2C600%3Aco%3A0%3Acpf%3A1%3Ans%3A1777349201480%3Agi%3AR0ExLjEuMTMxMjc1NTU2MS4xNzc3MzQ5MjAy%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1777349203%3At%3ANot%20Found&t=clt%28457%29gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29rcm%281%29cdl%28na%29eco%2842009092%29ti%281%29&redirnss=1 accept-ch Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA pragma no-cache access-control-allow-credentials true expires Tue, 28-Apr-2026 04:06:42 GMT access-control-allow-origin https://goo.su x-xss-protection 1; mode=block last-modified Tue, 28-Apr-2026 04:06:42 GMT
GET H2	200	sync_cookie_image_finish_secondary mc.yandex.ru/ Redirect Chain https://mc.yandex.com/sync_cookie_image_check_secondary?scid=07b381d7-15ed-eae5-233c-94232940c39f&cid=99705705 https://mc.yandex.ru/sync_cookie_image_start_secondary?cid=99705705&redirect_domain=mc.yandex.com&scid=07b381d7-15ed-eae5-233c-94232940c39f&token=11014.PrJCJHfHFhvjZqNEdgxi0xYVHHrEyn836SRl3nVCvMztE... https://mc.yandex.com/sync_cookie_image_decide_secondary?cid=99705705&scid=07b381d7-15ed-eae5-233c-94232940c39f&token=11014.rL19HIaEpdFmYDKd3ruk-owSTzA4L0EylXQtbg25az7k3bU5hxQyGOIc9KXOqFoOJwlnz9Ql6... https://mc.yandex.ru/sync_cookie_image_finish_secondary?cid=99705705&redirect_domain=mc.yandex.com&scid=07b381d7-15ed-eae5-233c-94232940c39f&token=11014.1A3FVLMapN0Asc08tFhmKwSSz46x22vuuIqHE9pHhnn8...	43 B 595 B	74ms 73ms	Image image/gif	87.250.251.119 YANDEX YANDEX LLC
General Check archive.org Show headers Download Go to Show image Full URL https://mc.yandex.ru/sync_cookie_image_finish_secondary?cid=99705705&redirect_domain=mc.yandex.com&scid=07b381d7-15ed-eae5-233c-94232940c39f&token=11014.1A3FVLMapN0Asc08tFhmKwSSz46x22vuuIqHE9pHhnn8hlgxnu9ALeq7eJG4mtUT93jC_XU3td3e8d5M1_II3aJ1YqUCjeSySdO8ILmu63ZQwJ-ryGouKgyQa14cwNKJGpjPN4nwEiSenNzHUfaJzmCTNScZoONdD3JMe0-u--mv32iOZzIuqPk-LaoGg5WINTMulGhemVu-8J6KHwfCSA%2C%2C.eegfpS8CHmq99szXK6z6wIUWYik%2C Requested by Host: goo.su URL: https://goo.su/3oxh2eW Protocol H2 Server 87.250.251.119 , Russian Federation, ASN13238 (YANDEX YANDEX LLC, RU), Reverse DNS mc.yandex.ru Software / Resource Hash 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Xss-Protection 1; mode=block Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36 Referer https://goo.su/ Response headers strict-transport-security max-age=31536000 content-length 43 x-xss-protection 1; mode=block content-type image/gif Redirect headers strict-transport-security max-age=31536000 x-xss-protection 1; mode=block location https://mc.yandex.ru/sync_cookie_image_finish_secondary?cid=99705705&redirect_domain=mc.yandex.com&scid=07b381d7-15ed-eae5-233c-94232940c39f&token=11014.1A3FVLMapN0Asc08tFhmKwSSz46x22vuuIqHE9pHhnn8hlgxnu9ALeq7eJG4mtUT93jC_XU3td3e8d5M1_II3aJ1YqUCjeSySdO8ILmu63ZQwJ-ryGouKgyQa14cwNKJGpjPN4nwEiSenNzHUfaJzmCTNScZoONdD3JMe0-u--mv32iOZzIuqPk-LaoGg5WINTMulGhemVu-8J6KHwfCSA%2C%2C.eegfpS8CHmq99szXK6z6wIUWYik%2C
GET H2	200	aci.js Show response acint.net/ Frame EAF9	31 KB 9 KB	120ms 114ms	Script application/x-javascript	193.3.184.76 QWARTA QWARTA LLC
General Check archive.org Show headers Download Go to Full URL https://acint.net/aci.js Requested by Host: cdn-rtb.sape.ru URL: https://cdn-rtb.sape.ru/js/uids.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 193.3.184.76 , Russian Federation, ASN50214 (QWARTA QWARTA LLC, RU), Reverse DNS Software openresty / Resource Hash aea695f22dc94b7d78ece57753cdd605584357e788b9a18bde7a8e9dc1c7442a Request headers sec-ch-ua-platform "Linux" Referer User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36 sec-ch-ua "Chromium";v="147", "Google Chrome";v="147", "Not-A.Brand";v="24" sec-ch-ua-mobile ?0 Response headers cache-control max-age=43200 content-encoding gzip etag "699db657-228f" expires Tue, 28 Apr 2026 16:06:43 GMT content-length 8847 date Tue, 28 Apr 2026 04:06:43 GMT content-type application/x-javascript last-modified Tue, 24 Feb 2026 14:31:51 GMT server openresty
GET H2	200	AdRiverFPS.js Show response content.adriver.ru/ Frame EAF9	45 KB 16 KB	263ms 103ms	Script application/x-javascript	83.222.5.42 MASTERHOST-AS LLC...
General Check archive.org Show headers Download Go to Full URL https://content.adriver.ru/AdRiverFPS.js Requested by Host: cdn-rtb.sape.ru URL: https://cdn-rtb.sape.ru/js/uids.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 83.222.5.42 , Russian Federation, ASN25532 (MASTERHOST-AS LLC "MASTERHOST", RU), Reverse DNS Software nginx / Resource Hash ad7df26b03dec882987c2509e846756395d3a1fa540ce38ab8e899d366d80575 Request headers sec-ch-ua-platform "Linux" Referer User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36 sec-ch-ua "Chromium";v="147", "Google Chrome";v="147", "Not-A.Brand";v="24" sec-ch-ua-mobile ?0 Response headers cache-control max-age=3600 content-encoding gzip etag W/"69e779c0-b5b5" expires Tue, 28 Apr 2026 05:06:43 GMT access-control-allow-origin https://cs1.ottgoods.ru date Tue, 28 Apr 2026 04:06:43 GMT content-type application/x-javascript last-modified Tue, 21 Apr 2026 13:21:04 GMT server nginx vary Accept-Encoding
GET H2	200	buzzoola_ufp.js Show response tube.buzzoola.com/js/lib/ Frame EAF9	13 KB 5 KB	151ms 151ms	Script application/javascript	151.236.127.225 CDNvideo-AS CDNvi...
General Check archive.org Show headers Download Go to Full URL https://tube.buzzoola.com/js/lib/buzzoola_ufp.js Requested by Host: cdn-rtb.sape.ru URL: https://cdn-rtb.sape.ru/js/uids.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 151.236.127.225 , Germany, ASN57363 (CDNvideo-AS CDNvideo LLC, RU), Reverse DNS Software nginx / Resource Hash c5b7be7ff5a92d4d03ae4b96a3931d1349f726affed96d8b64ecbd1ef7de598f Request headers sec-ch-ua-platform "Linux" Referer User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36 sec-ch-ua "Chromium";v="147", "Google Chrome";v="147", "Not-A.Brand";v="24" sec-ch-ua-mobile ?0 Response headers x-cdn-edge-id 313 x-cdn-edge-cache HIT content-encoding gzip expires Tue, 28 Apr 2026 05:00:00 GMT date Tue, 28 Apr 2026 04:06:43 GMT content-type application/javascript; charset=utf-8 last-modified Wed, 01 Apr 2026 11:49:57 GMT server nginx x-cdn-request-id 1e75650cb9aee85137265722141e4166
GET H2	200	loader.bundle.js Show response yastatic.net/partner-code-bundles/1304788/vas-bundles/bundles-es2017/	907 KB 207 KB	262ms 106ms	Script text/javascript	37.9.64.225 YANDEX YANDEX LLC
General Check archive.org Show headers Download Go to Full URL https://yastatic.net/partner-code-bundles/1304788/vas-bundles/bundles-es2017/loader.bundle.js Requested by Host: yandex.ru URL: https://yandex.ru/ads/system/adsdk.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 37.9.64.225 , Russian Federation, ASN13238 (YANDEX YANDEX LLC, RU), Reverse DNS cloud.cdn.yandex.net Software nginx / Resource Hash 8e9a106097eae254e28dd13a89ab23f68b89ecfd3ec2bb208c0b0405a3977baa Security Headers Name Value Strict-Transport-Security max-age=43200000; includeSubDomains; Request headers Origin https://goo.su sec-ch-ua-platform "Linux" Referer https://goo.su/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36 sec-ch-ua "Chromium";v="147", "Google Chrome";v="147", "Not-A.Brand";v="24" sec-ch-ua-mobile ?0 Response headers x-robots-tag noindex, noarchive, nofollow x-request-id b2dfe817295f4469 content-encoding br etag "0670f152758fe5be84338094ce696ddd" report-to { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]} expires Thu, 27 Apr 2056 09:57:41 GMT date Tue, 28 Apr 2026 04:06:43 GMT content-type text/javascript; charset=utf-8 vary Accept-Encoding last-modified Thu, 23 Apr 2026 13:51:50 GMT cache-host cloudcdn-m9-14.cdn.yandex.net strict-transport-security max-age=43200000; includeSubDomains; nel {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01} timing-allow-origin * cache-control public, max-age=946708560 accept-ranges bytes access-control-allow-origin * content-length 210956 x-strm-log-split 9 cache-status HIT server nginx
POST H2	200	log log.strm.yandex.ru/	0 226 B	314ms 134ms	Ping text/plain	87.250.251.15 YANDEX YANDEX LLC
General Check archive.org Show headers Download Go to Full URL https://log.strm.yandex.ru/log?VAS=1304788&event=CreateLoader Requested by Host: yandex.ru URL: https://yandex.ru/ads/system/adsdk.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 87.250.251.15 , Russian Federation, ASN13238 (YANDEX YANDEX LLC, RU), Reverse DNS log.strm.yandex.ru Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers sec-ch-ua-platform "Linux" Referer https://goo.su/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36 sec-ch-ua "Chromium";v="147", "Google Chrome";v="147", "Not-A.Brand";v="24" Content-Type text/plain;charset=UTF-8 sec-ch-ua-mobile ?0 Response headers x-request-id 1777349203305917-7312718815700713475 access-control-expose-headers Date timing-allow-origin https://goo.su access-control-allow-credentials true x-trace-id 00000000000000000000000000000000 access-control-allow-origin https://goo.su content-length 0 date Tue, 28 Apr 2026 04:06:43 GMT
GET H3	200	adview pagead2.googlesyndication.com/pagead/ Frame E541	0 0	49ms 48ms	Fetch text/html	192.178.183.156 Google LLC
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/adview?ai=CroBZUjLwaZrEGbC5rNcP5p-FsAmpjoachgHPx4Gl7xUKEAEgl8rCZGCV-vCBjAegAZyv-6gCyAEDqAMByAPJBKoE4gFP0AL6bGt5075uLXD8Leb_hAjeTIoYDo9D784FR5J48nUR5gIPoEhyF_qjsBzlFKlu05RgGJ8Z4i7pRN_WIXFZl1DKAdeg-TlRdeDQ1IrtmSWAVFYcaZGMnwRgmz-_0lOrsq-i9DtiK79C6MJBFRspfWTVb-oXHqCm1SpIkwp5-G9DtFaR-t7HlKHRgPaHu0sOraiqI9nzXJYx446vO3medM2yVA1TuIPMm4d7bzbWtC8sikl3q18WeSIVcPzXMHwgVs9ewwuSA3dBZ4ngGbDiz-w-C9itBew0TeHvn5Vc5vBXwAS4xNno1wWIBZ2r_qdYkgUECAQYAZIFBAgFGASgBgOAB8zQhNcBqAenzLECqAfi2LECqAemvhuoB8zOsQKoB_PRG6gHltgbqAeqm7ECqAeOzhuoB5PYG6gH8OAbqAfulrECqAf-nrECqAevvrECqAea4bECqAfVyRuoB9m2sQKoB_fCsQLYBwHyBwUQr4-SAdIIMgiR4YBQEAEYnwMyCKuLgICggIAKOg4AgICAgICUqIgCqIOAEEi9_cE6WMWV6N7Vj5QDgAoByAsBogwDkAEBqg0CREXqDRMIsbvo3tWPlAMVsBzrBB3mTwGWiA4J2BMN0BUBmBYByhYCCgD4FgGAFwGyFywKGggAEhRwdWItMjIyMTY5ODU2OTg3NzkxMRgAGAEqCjI3ODM3NzYxMjJQBroXAjgBqhgXCQAAAIDXQ0JBEgoyNzgzNzc2MTIyGAGyGAkSArBTGAMiAQDQGAHoGAHCGQIIAQ&sigh=3bqvKglWeEY&uach_m=%5BUACH%5D&ebtr=1&vis=1 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/ads?client=ca-pub-2221698569877911&output=html&h=300&slotname=2783776122&adk=3407623964&adf=4065594387&pi=t.ma~as.2783776122&w=500&lmt=1777349202&format=500x300&url=https%3A%2F%2Fgoo.su%2F3oxh2eW&asro=0&aiapmid=0.0001&aiactd=0&aicctd=0&ailctd=0&aimartd=4&aieuf=1&aicrs=1&uach=WyJMaW51eCIsIiIsIng4NiIsIiIsIjE0Ny4wLjc3MjcuMTE2IixudWxsLDAsbnVsbCwiNjQiLFtbIkNocm9taXVtIiwiMTQ3LjAuMC4wIl0sWyJHb29nbGUgQ2hyb21lIiwiMTQ3LjAuMC4wIl0sWyJOb3QtQS5CcmFuZCIsIjI0LjAuMC4wIl1dLDBd&abgtt=6&dt=1777349202200&bpp=1&bdt=335&idt=166&shv=r20260424&mjsv=m202604210101&ptt=9&saldr=aa&abxe=1&eoidce=1&prev_fmts=0x0&nras=1&correlator=7635319313714&frm=20&pv=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=32&adx=550&ady=0&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31098107%2C42532524%2C95386813%2C95389146%2C95386338%2C95387777&oid=2&pvsid=4193465744641746&tmod=351168794&uas=0&nvt=1&fc=1920&brdim=1570%2C1170%2C1570%2C1170%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7CeoE%7C&abl=CS&pfx=0&fu=0&bc=31&bz=1&ifi=2&uci=a!2&fsb=1&dtd=172 Protocol H3 Security QUIC, , AES_128_GCM Server 192.178.183.156 , United States, ASN15169 (GOOGLE - Google LLC, US), Reverse DNS lcfraw-in-f156.1e100.net Software cafe / Resource Hash Security Headers Name Value Content-Security-Policy script-src 'none'; object-src 'none' X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers sec-ch-ua-platform "Linux" Referer https://pagead2.googlesyndication.com/pagead/ads?client=ca-pub-2221698569877911&output=html&h=300&slotname=2783776122&adk=3407623964&adf=4065594387&pi=t.ma~as.2783776122&w=500&lmt=1777349202&format=500x300&url=https%3A%2F%2Fgoo.su%2F3oxh2eW&asro=0&aiapmid=0.0001&aiactd=0&aicctd=0&ailctd=0&aimartd=4&aieuf=1&aicrs=1&uach=WyJMaW51eCIsIiIsIng4NiIsIiIsIjE0Ny4wLjc3MjcuMTE2IixudWxsLDAsbnVsbCwiNjQiLFtbIkNocm9taXVtIiwiMTQ3LjAuMC4wIl0sWyJHb29nbGUgQ2hyb21lIiwiMTQ3LjAuMC4wIl0sWyJOb3QtQS5CcmFuZCIsIjI0LjAuMC4wIl1dLDBd&abgtt=6&dt=1777349202200&bpp=1&bdt=335&idt=166&shv=r20260424&mjsv=m202604210101&ptt=9&saldr=aa&abxe=1&eoidce=1&prev_fmts=0x0&nras=1&correlator=7635319313714&frm=20&pv=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=32&adx=550&ady=0&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31098107%2C42532524%2C95386813%2C95389146%2C95386338%2C95387777&oid=2&pvsid=4193465744641746&tmod=351168794&uas=0&nvt=1&fc=1920&brdim=1570%2C1170%2C1570%2C1170%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7CeoE%7C&abl=CS&pfx=0&fu=0&bc=31&bz=1&ifi=2&uci=a!2&fsb=1&dtd=172 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36 sec-ch-ua "Chromium";v="147", "Google Chrome";v="147", "Not-A.Brand";v="24" sec-ch-ua-mobile ?0 Response headers content-security-policy script-src 'none'; object-src 'none' timing-allow-origin * cross-origin-resource-policy cross-origin access-control-allow-credentials true x-content-type-options nosniff access-control-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" content-length 0 date Tue, 28 Apr 2026 04:06:43 GMT x-xss-protection 0 content-type text/html; charset=UTF-8 server cafe
GET H2	200	13334732762450490876 tpc.googlesyndication.com/simgad/ Frame E541	138 KB 139 KB	131ms 37ms	Image image/gif	142.251.13.132 Google LLC
General Check archive.org Show headers Download Go to Show image Full URL https://tpc.googlesyndication.com/simgad/13334732762450490876 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/ads?client=ca-pub-2221698569877911&output=html&h=300&slotname=2783776122&adk=3407623964&adf=4065594387&pi=t.ma~as.2783776122&w=500&lmt=1777349202&format=500x300&url=https%3A%2F%2Fgoo.su%2F3oxh2eW&asro=0&aiapmid=0.0001&aiactd=0&aicctd=0&ailctd=0&aimartd=4&aieuf=1&aicrs=1&uach=WyJMaW51eCIsIiIsIng4NiIsIiIsIjE0Ny4wLjc3MjcuMTE2IixudWxsLDAsbnVsbCwiNjQiLFtbIkNocm9taXVtIiwiMTQ3LjAuMC4wIl0sWyJHb29nbGUgQ2hyb21lIiwiMTQ3LjAuMC4wIl0sWyJOb3QtQS5CcmFuZCIsIjI0LjAuMC4wIl1dLDBd&abgtt=6&dt=1777349202200&bpp=1&bdt=335&idt=166&shv=r20260424&mjsv=m202604210101&ptt=9&saldr=aa&abxe=1&eoidce=1&prev_fmts=0x0&nras=1&correlator=7635319313714&frm=20&pv=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=32&adx=550&ady=0&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31098107%2C42532524%2C95386813%2C95389146%2C95386338%2C95387777&oid=2&pvsid=4193465744641746&tmod=351168794&uas=0&nvt=1&fc=1920&brdim=1570%2C1170%2C1570%2C1170%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7CeoE%7C&abl=CS&pfx=0&fu=0&bc=31&bz=1&ifi=2&uci=a!2&fsb=1&dtd=172 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.251.13.132 , United States, ASN15169 (GOOGLE - Google LLC, US), Reverse DNS wt-in-f132.1e100.net Software sffe / Resource Hash b0be2bf292f9e400ff3737467f98a720500885b5d7ebed7c6e86ed1126c94be5 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers sec-ch-ua-platform "Linux" Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36 sec-ch-ua "Chromium";v="147", "Google Chrome";v="147", "Not-A.Brand";v="24" sec-ch-ua-mobile ?0 Response headers age 295836 report-to {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]} x-content-type-options nosniff expires Sat, 24 Apr 2027 17:56:07 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 allow-fenced-frame-automatic-beacons true date Fri, 24 Apr 2026 17:56:07 GMT last-modified Thu, 16 Apr 2026 14:01:37 GMT content-type image/gif cache-control public, max-age=31536000 timing-allow-origin * x-dns-prefetch-control off cross-origin-resource-policy cross-origin accept-ranges bytes access-control-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="content-ads-owners" content-length 141417 x-xss-protection 0 server sffe
GET H3	200	abg_lite_fy2021.js Show response pagead2.googlesyndication.com/pagead/js/r20260424/r20110914/ Frame E541	21 KB 8 KB	35ms 34ms	Script text/javascript	192.178.183.156 Google LLC
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/js/r20260424/r20110914/abg_lite_fy2021.js Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/ads?client=ca-pub-2221698569877911&output=html&h=300&slotname=2783776122&adk=3407623964&adf=4065594387&pi=t.ma~as.2783776122&w=500&lmt=1777349202&format=500x300&url=https%3A%2F%2Fgoo.su%2F3oxh2eW&asro=0&aiapmid=0.0001&aiactd=0&aicctd=0&ailctd=0&aimartd=4&aieuf=1&aicrs=1&uach=WyJMaW51eCIsIiIsIng4NiIsIiIsIjE0Ny4wLjc3MjcuMTE2IixudWxsLDAsbnVsbCwiNjQiLFtbIkNocm9taXVtIiwiMTQ3LjAuMC4wIl0sWyJHb29nbGUgQ2hyb21lIiwiMTQ3LjAuMC4wIl0sWyJOb3QtQS5CcmFuZCIsIjI0LjAuMC4wIl1dLDBd&abgtt=6&dt=1777349202200&bpp=1&bdt=335&idt=166&shv=r20260424&mjsv=m202604210101&ptt=9&saldr=aa&abxe=1&eoidce=1&prev_fmts=0x0&nras=1&correlator=7635319313714&frm=20&pv=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=32&adx=550&ady=0&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31098107%2C42532524%2C95386813%2C95389146%2C95386338%2C95387777&oid=2&pvsid=4193465744641746&tmod=351168794&uas=0&nvt=1&fc=1920&brdim=1570%2C1170%2C1570%2C1170%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7CeoE%7C&abl=CS&pfx=0&fu=0&bc=31&bz=1&ifi=2&uci=a!2&fsb=1&dtd=172 Protocol H3 Security QUIC, , AES_128_GCM Server 192.178.183.156 , United States, ASN15169 (GOOGLE - Google LLC, US), Reverse DNS lcfraw-in-f156.1e100.net Software cafe / Resource Hash 432c9dd128ae0c2311a1c69a81f3a0cbde638af3b4460e4924b1c7ef2ccd53fb Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers sec-ch-ua-platform "Linux" Referer https://pagead2.googlesyndication.com/pagead/ads?client=ca-pub-2221698569877911&output=html&h=300&slotname=2783776122&adk=3407623964&adf=4065594387&pi=t.ma~as.2783776122&w=500&lmt=1777349202&format=500x300&url=https%3A%2F%2Fgoo.su%2F3oxh2eW&asro=0&aiapmid=0.0001&aiactd=0&aicctd=0&ailctd=0&aimartd=4&aieuf=1&aicrs=1&uach=WyJMaW51eCIsIiIsIng4NiIsIiIsIjE0Ny4wLjc3MjcuMTE2IixudWxsLDAsbnVsbCwiNjQiLFtbIkNocm9taXVtIiwiMTQ3LjAuMC4wIl0sWyJHb29nbGUgQ2hyb21lIiwiMTQ3LjAuMC4wIl0sWyJOb3QtQS5CcmFuZCIsIjI0LjAuMC4wIl1dLDBd&abgtt=6&dt=1777349202200&bpp=1&bdt=335&idt=166&shv=r20260424&mjsv=m202604210101&ptt=9&saldr=aa&abxe=1&eoidce=1&prev_fmts=0x0&nras=1&correlator=7635319313714&frm=20&pv=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=32&adx=550&ady=0&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31098107%2C42532524%2C95386813%2C95389146%2C95386338%2C95387777&oid=2&pvsid=4193465744641746&tmod=351168794&uas=0&nvt=1&fc=1920&brdim=1570%2C1170%2C1570%2C1170%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7CeoE%7C&abl=CS&pfx=0&fu=0&bc=31&bz=1&ifi=2&uci=a!2&fsb=1&dtd=172 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36 sec-ch-ua "Chromium";v="147", "Google Chrome";v="147", "Not-A.Brand";v="24" sec-ch-ua-mobile ?0 Response headers content-encoding br etag 8766130680055081578 age 53145 x-content-type-options nosniff expires Mon, 11 May 2026 13:20:58 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" date Mon, 27 Apr 2026 13:20:58 GMT content-disposition attachment; filename="f.txt" content-type text/javascript; charset=UTF-8 vary Accept-Encoding cache-control public, max-age=1209600 timing-allow-origin * cross-origin-resource-policy cross-origin access-control-allow-origin * content-length 8528 x-xss-protection 0 server cafe
GET H3	200	window_focus_fy2021.js Show response pagead2.googlesyndication.com/pagead/js/r20260424/r20110914/client/ Frame E541	3 KB 1 KB	78ms 77ms	Script text/javascript	192.178.183.156 Google LLC
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/js/r20260424/r20110914/client/window_focus_fy2021.js Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/ads?client=ca-pub-2221698569877911&output=html&h=300&slotname=2783776122&adk=3407623964&adf=4065594387&pi=t.ma~as.2783776122&w=500&lmt=1777349202&format=500x300&url=https%3A%2F%2Fgoo.su%2F3oxh2eW&asro=0&aiapmid=0.0001&aiactd=0&aicctd=0&ailctd=0&aimartd=4&aieuf=1&aicrs=1&uach=WyJMaW51eCIsIiIsIng4NiIsIiIsIjE0Ny4wLjc3MjcuMTE2IixudWxsLDAsbnVsbCwiNjQiLFtbIkNocm9taXVtIiwiMTQ3LjAuMC4wIl0sWyJHb29nbGUgQ2hyb21lIiwiMTQ3LjAuMC4wIl0sWyJOb3QtQS5CcmFuZCIsIjI0LjAuMC4wIl1dLDBd&abgtt=6&dt=1777349202200&bpp=1&bdt=335&idt=166&shv=r20260424&mjsv=m202604210101&ptt=9&saldr=aa&abxe=1&eoidce=1&prev_fmts=0x0&nras=1&correlator=7635319313714&frm=20&pv=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=32&adx=550&ady=0&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31098107%2C42532524%2C95386813%2C95389146%2C95386338%2C95387777&oid=2&pvsid=4193465744641746&tmod=351168794&uas=0&nvt=1&fc=1920&brdim=1570%2C1170%2C1570%2C1170%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7CeoE%7C&abl=CS&pfx=0&fu=0&bc=31&bz=1&ifi=2&uci=a!2&fsb=1&dtd=172 Protocol H3 Security QUIC, , AES_128_GCM Server 192.178.183.156 , United States, ASN15169 (GOOGLE - Google LLC, US), Reverse DNS lcfraw-in-f156.1e100.net Software cafe / Resource Hash 73ef34ed57b69c5a35720bfc3ac6ebf6da3cf1289824112841d403c0fd169f97 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers sec-ch-ua-platform "Linux" Referer https://pagead2.googlesyndication.com/pagead/ads?client=ca-pub-2221698569877911&output=html&h=300&slotname=2783776122&adk=3407623964&adf=4065594387&pi=t.ma~as.2783776122&w=500&lmt=1777349202&format=500x300&url=https%3A%2F%2Fgoo.su%2F3oxh2eW&asro=0&aiapmid=0.0001&aiactd=0&aicctd=0&ailctd=0&aimartd=4&aieuf=1&aicrs=1&uach=WyJMaW51eCIsIiIsIng4NiIsIiIsIjE0Ny4wLjc3MjcuMTE2IixudWxsLDAsbnVsbCwiNjQiLFtbIkNocm9taXVtIiwiMTQ3LjAuMC4wIl0sWyJHb29nbGUgQ2hyb21lIiwiMTQ3LjAuMC4wIl0sWyJOb3QtQS5CcmFuZCIsIjI0LjAuMC4wIl1dLDBd&abgtt=6&dt=1777349202200&bpp=1&bdt=335&idt=166&shv=r20260424&mjsv=m202604210101&ptt=9&saldr=aa&abxe=1&eoidce=1&prev_fmts=0x0&nras=1&correlator=7635319313714&frm=20&pv=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=32&adx=550&ady=0&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31098107%2C42532524%2C95386813%2C95389146%2C95386338%2C95387777&oid=2&pvsid=4193465744641746&tmod=351168794&uas=0&nvt=1&fc=1920&brdim=1570%2C1170%2C1570%2C1170%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7CeoE%7C&abl=CS&pfx=0&fu=0&bc=31&bz=1&ifi=2&uci=a!2&fsb=1&dtd=172 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36 sec-ch-ua "Chromium";v="147", "Google Chrome";v="147", "Not-A.Brand";v="24" sec-ch-ua-mobile ?0 Response headers content-encoding br etag 772434001065076922 age 52002 x-content-type-options nosniff expires Mon, 11 May 2026 13:40:01 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" date Mon, 27 Apr 2026 13:40:01 GMT content-disposition attachment; filename="f.txt" content-type text/javascript; charset=UTF-8 vary Accept-Encoding cache-control public, max-age=1209600 timing-allow-origin * cross-origin-resource-policy cross-origin access-control-allow-origin * content-length 1235 x-xss-protection 0 server cafe
GET H3	200	qs_click_protection_fy2021.js Show response pagead2.googlesyndication.com/pagead/js/r20260424/r20110914/client/ Frame E541	21 KB 9 KB	37ms 36ms	Script text/javascript	192.178.183.156 Google LLC
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/js/r20260424/r20110914/client/qs_click_protection_fy2021.js Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/ads?client=ca-pub-2221698569877911&output=html&h=300&slotname=2783776122&adk=3407623964&adf=4065594387&pi=t.ma~as.2783776122&w=500&lmt=1777349202&format=500x300&url=https%3A%2F%2Fgoo.su%2F3oxh2eW&asro=0&aiapmid=0.0001&aiactd=0&aicctd=0&ailctd=0&aimartd=4&aieuf=1&aicrs=1&uach=WyJMaW51eCIsIiIsIng4NiIsIiIsIjE0Ny4wLjc3MjcuMTE2IixudWxsLDAsbnVsbCwiNjQiLFtbIkNocm9taXVtIiwiMTQ3LjAuMC4wIl0sWyJHb29nbGUgQ2hyb21lIiwiMTQ3LjAuMC4wIl0sWyJOb3QtQS5CcmFuZCIsIjI0LjAuMC4wIl1dLDBd&abgtt=6&dt=1777349202200&bpp=1&bdt=335&idt=166&shv=r20260424&mjsv=m202604210101&ptt=9&saldr=aa&abxe=1&eoidce=1&prev_fmts=0x0&nras=1&correlator=7635319313714&frm=20&pv=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=32&adx=550&ady=0&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31098107%2C42532524%2C95386813%2C95389146%2C95386338%2C95387777&oid=2&pvsid=4193465744641746&tmod=351168794&uas=0&nvt=1&fc=1920&brdim=1570%2C1170%2C1570%2C1170%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7CeoE%7C&abl=CS&pfx=0&fu=0&bc=31&bz=1&ifi=2&uci=a!2&fsb=1&dtd=172 Protocol H3 Security QUIC, , AES_128_GCM Server 192.178.183.156 , United States, ASN15169 (GOOGLE - Google LLC, US), Reverse DNS lcfraw-in-f156.1e100.net Software cafe / Resource Hash e62f6d1bbf666e1e1fdd789ef87c63b8b0f09a734962a303fbafc57856eb3eb2 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers sec-ch-ua-platform "Linux" Referer https://pagead2.googlesyndication.com/pagead/ads?client=ca-pub-2221698569877911&output=html&h=300&slotname=2783776122&adk=3407623964&adf=4065594387&pi=t.ma~as.2783776122&w=500&lmt=1777349202&format=500x300&url=https%3A%2F%2Fgoo.su%2F3oxh2eW&asro=0&aiapmid=0.0001&aiactd=0&aicctd=0&ailctd=0&aimartd=4&aieuf=1&aicrs=1&uach=WyJMaW51eCIsIiIsIng4NiIsIiIsIjE0Ny4wLjc3MjcuMTE2IixudWxsLDAsbnVsbCwiNjQiLFtbIkNocm9taXVtIiwiMTQ3LjAuMC4wIl0sWyJHb29nbGUgQ2hyb21lIiwiMTQ3LjAuMC4wIl0sWyJOb3QtQS5CcmFuZCIsIjI0LjAuMC4wIl1dLDBd&abgtt=6&dt=1777349202200&bpp=1&bdt=335&idt=166&shv=r20260424&mjsv=m202604210101&ptt=9&saldr=aa&abxe=1&eoidce=1&prev_fmts=0x0&nras=1&correlator=7635319313714&frm=20&pv=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=32&adx=550&ady=0&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31098107%2C42532524%2C95386813%2C95389146%2C95386338%2C95387777&oid=2&pvsid=4193465744641746&tmod=351168794&uas=0&nvt=1&fc=1920&brdim=1570%2C1170%2C1570%2C1170%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7CeoE%7C&abl=CS&pfx=0&fu=0&bc=31&bz=1&ifi=2&uci=a!2&fsb=1&dtd=172 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36 sec-ch-ua "Chromium";v="147", "Google Chrome";v="147", "Not-A.Brand";v="24" sec-ch-ua-mobile ?0 Response headers content-encoding br etag 11082569455730939277 age 51546 x-content-type-options nosniff expires Mon, 11 May 2026 13:47:37 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" date Mon, 27 Apr 2026 13:47:37 GMT content-disposition attachment; filename="f.txt" content-type text/javascript; charset=UTF-8 vary Accept-Encoding cache-control public, max-age=1209600 timing-allow-origin * cross-origin-resource-policy cross-origin access-control-allow-origin * content-length 8705 x-xss-protection 0 server cafe
GET H3	200	ufs_web_display.js Show response pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame E541	238 KB 73 KB	40ms 39ms	Script text/javascript	192.178.183.156 Google LLC
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/ads?client=ca-pub-2221698569877911&output=html&h=300&slotname=2783776122&adk=3407623964&adf=4065594387&pi=t.ma~as.2783776122&w=500&lmt=1777349202&format=500x300&url=https%3A%2F%2Fgoo.su%2F3oxh2eW&asro=0&aiapmid=0.0001&aiactd=0&aicctd=0&ailctd=0&aimartd=4&aieuf=1&aicrs=1&uach=WyJMaW51eCIsIiIsIng4NiIsIiIsIjE0Ny4wLjc3MjcuMTE2IixudWxsLDAsbnVsbCwiNjQiLFtbIkNocm9taXVtIiwiMTQ3LjAuMC4wIl0sWyJHb29nbGUgQ2hyb21lIiwiMTQ3LjAuMC4wIl0sWyJOb3QtQS5CcmFuZCIsIjI0LjAuMC4wIl1dLDBd&abgtt=6&dt=1777349202200&bpp=1&bdt=335&idt=166&shv=r20260424&mjsv=m202604210101&ptt=9&saldr=aa&abxe=1&eoidce=1&prev_fmts=0x0&nras=1&correlator=7635319313714&frm=20&pv=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=32&adx=550&ady=0&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31098107%2C42532524%2C95386813%2C95389146%2C95386338%2C95387777&oid=2&pvsid=4193465744641746&tmod=351168794&uas=0&nvt=1&fc=1920&brdim=1570%2C1170%2C1570%2C1170%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7CeoE%7C&abl=CS&pfx=0&fu=0&bc=31&bz=1&ifi=2&uci=a!2&fsb=1&dtd=172 Protocol H3 Security QUIC, , AES_128_GCM Server 192.178.183.156 , United States, ASN15169 (GOOGLE - Google LLC, US), Reverse DNS lcfraw-in-f156.1e100.net Software cafe / Resource Hash 2dca63cbc67e18585f4e7b0a697ef63f56ae867b9e3cb8abf4666116c3822d96 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers sec-ch-ua-platform "Linux" Referer https://pagead2.googlesyndication.com/pagead/ads?client=ca-pub-2221698569877911&output=html&h=300&slotname=2783776122&adk=3407623964&adf=4065594387&pi=t.ma~as.2783776122&w=500&lmt=1777349202&format=500x300&url=https%3A%2F%2Fgoo.su%2F3oxh2eW&asro=0&aiapmid=0.0001&aiactd=0&aicctd=0&ailctd=0&aimartd=4&aieuf=1&aicrs=1&uach=WyJMaW51eCIsIiIsIng4NiIsIiIsIjE0Ny4wLjc3MjcuMTE2IixudWxsLDAsbnVsbCwiNjQiLFtbIkNocm9taXVtIiwiMTQ3LjAuMC4wIl0sWyJHb29nbGUgQ2hyb21lIiwiMTQ3LjAuMC4wIl0sWyJOb3QtQS5CcmFuZCIsIjI0LjAuMC4wIl1dLDBd&abgtt=6&dt=1777349202200&bpp=1&bdt=335&idt=166&shv=r20260424&mjsv=m202604210101&ptt=9&saldr=aa&abxe=1&eoidce=1&prev_fmts=0x0&nras=1&correlator=7635319313714&frm=20&pv=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=32&adx=550&ady=0&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31098107%2C42532524%2C95386813%2C95389146%2C95386338%2C95387777&oid=2&pvsid=4193465744641746&tmod=351168794&uas=0&nvt=1&fc=1920&brdim=1570%2C1170%2C1570%2C1170%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7CeoE%7C&abl=CS&pfx=0&fu=0&bc=31&bz=1&ifi=2&uci=a!2&fsb=1&dtd=172 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36 sec-ch-ua "Chromium";v="147", "Google Chrome";v="147", "Not-A.Brand";v="24" sec-ch-ua-mobile ?0 Response headers content-encoding br etag 1145941030271314213 age 42 x-content-type-options nosniff expires Tue, 28 Apr 2026 05:06:01 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" date Tue, 28 Apr 2026 04:06:01 GMT content-disposition attachment; filename="f.txt" content-type text/javascript; charset=ISO-8859-1 vary Accept-Encoding cache-control public, max-age=3600, stale-while-revalidate=3600 timing-allow-origin * cross-origin-resource-policy cross-origin content-length 74844 x-xss-protection 0 server cafe
GET H3	200	one_click_handler_one_afma_fy2021.js Show response pagead2.googlesyndication.com/pagead/js/r20260424/r20110914/client/ Frame E541	39 KB 16 KB	79ms 79ms	Script text/javascript	192.178.183.156 Google LLC
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/js/r20260424/r20110914/client/one_click_handler_one_afma_fy2021.js Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/ads?client=ca-pub-2221698569877911&output=html&h=300&slotname=2783776122&adk=3407623964&adf=4065594387&pi=t.ma~as.2783776122&w=500&lmt=1777349202&format=500x300&url=https%3A%2F%2Fgoo.su%2F3oxh2eW&asro=0&aiapmid=0.0001&aiactd=0&aicctd=0&ailctd=0&aimartd=4&aieuf=1&aicrs=1&uach=WyJMaW51eCIsIiIsIng4NiIsIiIsIjE0Ny4wLjc3MjcuMTE2IixudWxsLDAsbnVsbCwiNjQiLFtbIkNocm9taXVtIiwiMTQ3LjAuMC4wIl0sWyJHb29nbGUgQ2hyb21lIiwiMTQ3LjAuMC4wIl0sWyJOb3QtQS5CcmFuZCIsIjI0LjAuMC4wIl1dLDBd&abgtt=6&dt=1777349202200&bpp=1&bdt=335&idt=166&shv=r20260424&mjsv=m202604210101&ptt=9&saldr=aa&abxe=1&eoidce=1&prev_fmts=0x0&nras=1&correlator=7635319313714&frm=20&pv=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=32&adx=550&ady=0&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31098107%2C42532524%2C95386813%2C95389146%2C95386338%2C95387777&oid=2&pvsid=4193465744641746&tmod=351168794&uas=0&nvt=1&fc=1920&brdim=1570%2C1170%2C1570%2C1170%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7CeoE%7C&abl=CS&pfx=0&fu=0&bc=31&bz=1&ifi=2&uci=a!2&fsb=1&dtd=172 Protocol H3 Security QUIC, , AES_128_GCM Server 192.178.183.156 , United States, ASN15169 (GOOGLE - Google LLC, US), Reverse DNS lcfraw-in-f156.1e100.net Software cafe / Resource Hash 1e6a44c058149167276062373332601869bfd405a586fede243f2639674be15e Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers sec-ch-ua-platform "Linux" Referer https://pagead2.googlesyndication.com/pagead/ads?client=ca-pub-2221698569877911&output=html&h=300&slotname=2783776122&adk=3407623964&adf=4065594387&pi=t.ma~as.2783776122&w=500&lmt=1777349202&format=500x300&url=https%3A%2F%2Fgoo.su%2F3oxh2eW&asro=0&aiapmid=0.0001&aiactd=0&aicctd=0&ailctd=0&aimartd=4&aieuf=1&aicrs=1&uach=WyJMaW51eCIsIiIsIng4NiIsIiIsIjE0Ny4wLjc3MjcuMTE2IixudWxsLDAsbnVsbCwiNjQiLFtbIkNocm9taXVtIiwiMTQ3LjAuMC4wIl0sWyJHb29nbGUgQ2hyb21lIiwiMTQ3LjAuMC4wIl0sWyJOb3QtQS5CcmFuZCIsIjI0LjAuMC4wIl1dLDBd&abgtt=6&dt=1777349202200&bpp=1&bdt=335&idt=166&shv=r20260424&mjsv=m202604210101&ptt=9&saldr=aa&abxe=1&eoidce=1&prev_fmts=0x0&nras=1&correlator=7635319313714&frm=20&pv=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=32&adx=550&ady=0&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31098107%2C42532524%2C95386813%2C95389146%2C95386338%2C95387777&oid=2&pvsid=4193465744641746&tmod=351168794&uas=0&nvt=1&fc=1920&brdim=1570%2C1170%2C1570%2C1170%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7CeoE%7C&abl=CS&pfx=0&fu=0&bc=31&bz=1&ifi=2&uci=a!2&fsb=1&dtd=172 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36 sec-ch-ua "Chromium";v="147", "Google Chrome";v="147", "Not-A.Brand";v="24" sec-ch-ua-mobile ?0 Response headers content-encoding br etag 4663899193528698616 age 39987 x-content-type-options nosniff expires Mon, 11 May 2026 17:00:16 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" date Mon, 27 Apr 2026 17:00:16 GMT content-disposition attachment; filename="f.txt" content-type text/javascript; charset=UTF-8 vary Accept-Encoding cache-control public, max-age=1209600 timing-allow-origin * cross-origin-resource-policy cross-origin access-control-allow-origin * content-length 15927 x-xss-protection 0 server cafe
GET H2	200	getcookie Show response matchid.adfox.yandex.ru/	88 B 268 B	427ms 169ms	XHR application/json	93.158.134.118 YANDEX YANDEX LLC
General Check archive.org Show headers Download Go to Full URL https://matchid.adfox.yandex.ru/getcookie Requested by Host: yandex.ru URL: https://yandex.ru/ads/system/header-bidding.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 93.158.134.118 , Russian Federation, ASN13238 (YANDEX YANDEX LLC, RU), Reverse DNS matchid-production.adfox.yandex.ru Software / Resource Hash 0b8108692335eeadea1d3fc7880bf6b09eae200f9ba9548d39fcfc905bc97411 Security Headers Name Value X-Content-Type-Options nosniff Request headers sec-ch-ua-platform "Linux" Referer https://goo.su/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36 sec-ch-ua "Chromium";v="147", "Google Chrome";v="147", "Not-A.Brand";v="24" Content-Type application/x-www-form-urlencoded sec-ch-ua-mobile ?0 Response headers access-control-allow-origin https://goo.su timing-allow-origin * content-length 88 date Tue, 28 Apr 2026 04:06:43 GMT content-type application/json access-control-allow-credentials true x-content-type-options nosniff
GET H2	200	098db61fc1e3e192.js Show response yastatic.net/partner-code-bundles/1304672/	39 KB 12 KB	315ms 222ms	Script text/javascript	37.9.64.225 YANDEX YANDEX LLC
General Check archive.org Show headers Download Go to Full URL https://yastatic.net/partner-code-bundles/1304672/098db61fc1e3e192.js Requested by Host: yandex.ru URL: https://yandex.ru/ads/system/header-bidding.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 37.9.64.225 , Russian Federation, ASN13238 (YANDEX YANDEX LLC, RU), Reverse DNS cloud.cdn.yandex.net Software nginx / Resource Hash ea9b51f849b251916d8d9108ec0ebb6a092aa1a8722076279d9d5859a14030b2 Security Headers Name Value Strict-Transport-Security max-age=43200000; includeSubDomains; Request headers Origin https://goo.su sec-ch-ua-platform "Linux" Referer https://goo.su/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36 sec-ch-ua "Chromium";v="147", "Google Chrome";v="147", "Not-A.Brand";v="24" sec-ch-ua-mobile ?0 Response headers x-robots-tag noindex, noarchive, nofollow x-request-id 7bee0daed1f724ab content-encoding br etag "eb1c1221dfaec4b84d851ec2ee298735" report-to { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]} expires Thu, 27 Apr 2056 09:58:00 GMT date Tue, 28 Apr 2026 04:06:43 GMT content-type text/javascript; charset=utf-8 last-modified Mon, 20 Apr 2026 15:12:36 GMT vary Accept-Encoding cache-host cloudcdn-m9-14.cdn.yandex.net strict-transport-security max-age=43200000; includeSubDomains; cache-control public, max-age=946708560 nel {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01} timing-allow-origin * accept-ranges bytes access-control-allow-origin * content-length 11509 x-strm-log-split 4 cache-status HIT server nginx
POST H3	204	auction Show response pbs.alfasense.com/yandex/	0 600 B	312ms 276ms	XHR text/plain	188.114.97.3 Cloudflare
General Check archive.org Show headers Download Go to Full URL https://pbs.alfasense.com/yandex/auction Requested by Host: yandex.ru URL: https://yandex.ru/ads/system/header-bidding.js Protocol H3 Security QUIC, , AES_128_GCM Server 188.114.97.3 , Ascension Island, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US), Reverse DNS Software cloudflare / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers sec-ch-ua-platform "Linux" Referer https://goo.su/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36 sec-ch-ua "Chromium";v="147", "Google Chrome";v="147", "Not-A.Brand";v="24" Content-Type text/plain sec-ch-ua-mobile ?0 Response headers x-bid d7o34kvgdotgqp6stksg nel {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800} cf-cache-status DYNAMIC access-control-allow-credentials true access-control-allow-methods GET, HEAD, POST, OPTIONS, PUT, DELETE x-error empty candidates cf-ray 9f3332280d5738d9-TXL report-to {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=yHdtp7oggsJetZOe1l8QGFv8S5UBNvdzYLuCIMdXMLsVq7MVOBA4WD9x2hlzveN2V06h01iHwm0CYv%2FBUC2yGe74lLWuIwhNN5aAhbeQPptw7A%2FAJ0pCpTeRIGl2yoGnrZBptA%3D%3D"}]} access-control-allow-origin https://goo.su alt-svc h3=":443"; ma=86400 server-timing cfExtPri date Tue, 28 Apr 2026 04:06:43 GMT server cloudflare priority u=1,i access-control-allow-headers Content-Type, Authorization, Origin, X-Requested-With, Accept, Key, Accept-Encoding, DNT
POST H2	200	adfox Show response exchange.buzzoola.com/ssp/ Redirect Chain https://exchange.buzzoola.com/ssp/adfox https://exchange.buzzoola.com/ssp/adfox?set_buzzoola_cookie=t	11 B 323 B	113ms 112ms	XHR text/plain	45.138.161.85 SELECTEL-MSK JSC ...
General Check archive.org Show headers Download Go to Full URL https://exchange.buzzoola.com/ssp/adfox?set_buzzoola_cookie=t Requested by Host: goo.su URL: https://goo.su/3oxh2eW Protocol H2 Server 45.138.161.85 Moscow, Russian Federation, ASN50340 (SELECTEL-MSK JSC Selectel, RU), Reverse DNS Software nginx / Resource Hash 846949c5a40e3ffbb702473e54dfac0646541aa624a844369b6e24e51ddaf96b Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36 Referer https://goo.su/ Response headers serverid TODO access-control-expose-headers Set-Cookie, Etag access-control-allow-credentials true access-control-allow-origin https://goo.su content-length 11 date Tue, 28 Apr 2026 04:06:43 GMT content-type text/plain; charset=utf-8 server nginx access-control-allow-headers Set-Cookie, X-Alt-Referer, X-First-Party-Cookie, X-Aidata-FP, If-None-Match Redirect headers serverid TODO access-control-expose-headers Set-Cookie, Etag location /ssp/adfox?set_buzzoola_cookie=t access-control-allow-credentials true access-control-allow-origin https://goo.su content-length 0 date Tue, 28 Apr 2026 04:06:43 GMT server nginx access-control-allow-headers Set-Cookie, X-Alt-Referer, X-First-Party-Cookie, X-Aidata-FP, If-None-Match
POST H2	204	yandex_hb Show response px.adhigh.net/rtb/	0 138 B	353ms 123ms	XHR text/plain	193.232.148.137 UMA-TECH-AS Limit...
General Check archive.org Show headers Download Go to Full URL https://px.adhigh.net/rtb/yandex_hb Requested by Host: yandex.ru URL: https://yandex.ru/ads/system/header-bidding.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 193.232.148.137 , Russian Federation, ASN48061 (UMA-TECH-AS Limited Liability Company GPM Digital Technologies, RU), Reverse DNS hosting.adhigh.net Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers sec-ch-ua-platform "Linux" Referer https://goo.su/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36 sec-ch-ua "Chromium";v="147", "Google Chrome";v="147", "Not-A.Brand";v="24" Content-Type text/plain sec-ch-ua-mobile ?0 Response headers x-kick-from-dns true access-control-allow-origin https://goo.su date Tue, 28 Apr 2026 04:06:43 GMT content-type text/plain server nginx access-control-allow-credentials true
POST H2	200	pl999 Show response ssp.bidvol.com/rtb/	11 B 474 B	319ms 129ms	XHR application/json	194.85.16.29 MSK-IX_Services J...
General Check archive.org Show headers Download Go to Full URL https://ssp.bidvol.com/rtb/pl999 Requested by Host: yandex.ru URL: https://yandex.ru/ads/system/header-bidding.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 194.85.16.29 , Russian Federation, ASN8985 (MSK-IX_Services Join-stock company "Internet Exchange"MSK-IX", RU), Reverse DNS Software nginx / Resource Hash 846949c5a40e3ffbb702473e54dfac0646541aa624a844369b6e24e51ddaf96b Request headers sec-ch-ua-platform "Linux" Referer https://goo.su/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36 sec-ch-ua "Chromium";v="147", "Google Chrome";v="147", "Not-A.Brand";v="24" Content-Type text/plain sec-ch-ua-mobile ?0 Response headers surrogate-control no-store x-request-id 8b558625-f00a-4e01-a97c-66f09320dbda cache-control no-store, no-cache, must-revalidate, proxy-revalidate pragma no-cache access-control-allow-credentials true expires 0 access-control-allow-origin https://goo.su content-length 11 date Tue, 28 Apr 2026 04:06:43 GMT content-type application/json; charset=utf-8 server nginx
POST H2	200	yhb Show response yhb.p.otm-r.com/	11 B 267 B	374ms 164ms	XHR text/plain	94.139.250.245 YACLOUDBMS Yandex...
General Check archive.org Show headers Download Go to Full URL https://yhb.p.otm-r.com/yhb Requested by Host: yandex.ru URL: https://yandex.ru/ads/system/header-bidding.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 94.139.250.245 Asbest, Russian Federation, ASN210656 (YACLOUDBMS Yandex.Cloud LLC, RU), Reverse DNS Software / Resource Hash 846949c5a40e3ffbb702473e54dfac0646541aa624a844369b6e24e51ddaf96b Request headers sec-ch-ua-platform "Linux" Referer https://goo.su/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36 sec-ch-ua "Chromium";v="147", "Google Chrome";v="147", "Not-A.Brand";v="24" Content-Type text/plain sec-ch-ua-mobile ?0 Response headers access-control-allow-origin https://goo.su content-length 11 date Tue, 28 Apr 2026 04:06:42 GMT content-type text/plain; charset=utf-8 vary Origin access-control-allow-credentials true
POST H2	200	adjson Show response ads.betweendigital.com/	11 B 887 B	198ms 82ms	XHR application/json	188.42.189.197 Servers.com
General Check archive.org Show headers Download Go to Full URL https://ads.betweendigital.com/adjson?t=adfox Requested by Host: yandex.ru URL: https://yandex.ru/ads/system/header-bidding.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 188.42.189.197 , Luxembourg, ASN7979 (SERVERS-COM - Servers.com, Inc., US), Reverse DNS Software / Resource Hash 846949c5a40e3ffbb702473e54dfac0646541aa624a844369b6e24e51ddaf96b Request headers sec-ch-ua-platform "Linux" Referer https://goo.su/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36 sec-ch-ua "Chromium";v="147", "Google Chrome";v="147", "Not-A.Brand";v="24" Content-Type text/plain sec-ch-ua-mobile ?0 Response headers cache-control no-cache, no-store, max-age=0, must-revalidate access-control-allow-origin https://goo.su content-encoding gzip content-type application/json vary Accept-Encoding access-control-allow-credentials true
POST H/1.1	200 OK	bids Show response ssp.al-adtech.com/api/adfox/	11 B 264 B	321ms 124ms	XHR application/json	45.139.25.124 PROCLOUD KVIKTEL LLC
General Check archive.org Show headers Download Go to Full URL https://ssp.al-adtech.com/api/adfox/bids Requested by Host: yandex.ru URL: https://yandex.ru/ads/system/header-bidding.js Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 45.139.25.124 Moscow, Russian Federation, ASN34959 (PROCLOUD KVIKTEL LLC, RU), Reverse DNS Software nginx/1.20.1 / Resource Hash 846949c5a40e3ffbb702473e54dfac0646541aa624a844369b6e24e51ddaf96b Request headers sec-ch-ua-platform "Linux" Referer https://goo.su/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36 sec-ch-ua "Chromium";v="147", "Google Chrome";v="147", "Not-A.Brand";v="24" Content-Type text/plain sec-ch-ua-mobile ?0 Response headers Connection keep-alive Access-Control-Allow-Credentials true Access-Control-Allow-Origin https://goo.su Content-Length 11 Date Tue, 28 Apr 2026 04:06:43 GMT Content-Type application/json Vary Origin Server nginx/1.20.1
POST H2	200	bidder Show response hb-bidder.skcrtxr.com/	11 B 218 B	171ms 161ms	XHR application/json	188.72.103.3 YACLOUDCDN Yandex...
General Check archive.org Show headers Download Go to Full URL https://hb-bidder.skcrtxr.com/bidder Requested by Host: yandex.ru URL: https://yandex.ru/ads/system/header-bidding.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 188.72.103.3 Dubai, United Arab Emirates, ASN215013 (YACLOUDCDN Yandex.Cloud LLC, RU), Reverse DNS Software nginx / Resource Hash 846949c5a40e3ffbb702473e54dfac0646541aa624a844369b6e24e51ddaf96b Request headers sec-ch-ua-platform "Linux" Referer https://goo.su/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36 sec-ch-ua "Chromium";v="147", "Google Chrome";v="147", "Not-A.Brand";v="24" Content-Type text/plain sec-ch-ua-mobile ?0 Response headers x-request-id 8146503aeae2f4a5 access-control-allow-credentials true accept-ranges bytes access-control-allow-origin https://goo.su content-length 11 date Tue, 28 Apr 2026 04:06:43 GMT content-type application/json server nginx cache-host yccdn-ruvoz02kvant-1.yccdn.cloud.yandex.net
POST H/1.1	200 OK	bid Show response otclick-adv.ru/core/rtb/hb/	11 B 739 B	278ms 123ms	XHR application/json	139.45.228.134 RETNRU-AS JSC "Re...
General Check archive.org Show headers Download Go to Full URL https://otclick-adv.ru/core/rtb/hb/bid Requested by Host: yandex.ru URL: https://yandex.ru/ads/system/header-bidding.js Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 139.45.228.134 , Russian Federation, ASN57304 (RETNRU-AS JSC "RetnNet", RU), Reverse DNS serv5.otclick.ru Software nginx / Resource Hash 846949c5a40e3ffbb702473e54dfac0646541aa624a844369b6e24e51ddaf96b Request headers sec-ch-ua-platform "Linux" Referer https://goo.su/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36 sec-ch-ua "Chromium";v="147", "Google Chrome";v="147", "Not-A.Brand";v="24" Content-Type text/plain sec-ch-ua-mobile ?0 Response headers Cache-Control no-cache, max-age=0, must-revalidate, no-store Pragma no-cache Connection keep-alive Access-Control-Allow-Credentials true Expires Thursday, 01-Jan-1970 00:00:00 GMT Access-Control-Allow-Origin https://goo.su Content-Length 11 Keep-Alive timeout=60 Date Tue, 28 Apr 2026 04:06:43 GMT P3P policyref=/w3c/p3p.xml, CP=NON CUR ADM DEV PSA PSD OUR IND UNI NAV INT STA Content-Type application/json Server nginx
POST H2	200	adfoxhb Show response ssp-rtb.sape.ru/	11 B 321 B	295ms 142ms	XHR application/json	193.3.184.92 QWARTA QWARTA LLC
General Check archive.org Show headers Download Go to Full URL https://ssp-rtb.sape.ru/adfoxhb Requested by Host: yandex.ru URL: https://yandex.ru/ads/system/header-bidding.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 193.3.184.92 , Russian Federation, ASN50214 (QWARTA QWARTA LLC, RU), Reverse DNS Software openresty / Resource Hash 846949c5a40e3ffbb702473e54dfac0646541aa624a844369b6e24e51ddaf96b Request headers sec-ch-ua-platform "Linux" Referer https://goo.su/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36 sec-ch-ua "Chromium";v="147", "Google Chrome";v="147", "Not-A.Brand";v="24" Content-Type text/plain sec-ch-ua-mobile ?0 Response headers access-control-allow-credentials true access-control-allow-methods POST access-control-allow-origin https://goo.su content-length 11 accept-encoding gzip, zstd, identity date Tue, 28 Apr 2026 04:06:43 GMT content-type application/json server openresty
POST H/1.1	200 OK	adfox Show response kimberlite.io/rtb/bid/hb/	11 B 250 B	112ms 110ms	XHR text/plain	37.0.127.91 NETRACK-AS Start2...
General Check archive.org Show headers Download Go to Full URL https://kimberlite.io/rtb/bid/hb/adfox Requested by Host: yandex.ru URL: https://yandex.ru/ads/system/header-bidding.js Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 37.0.127.91 Moscow, Russian Federation, ASN61400 (NETRACK-AS Start2 LLC, RU), Reverse DNS Software nginx / Resource Hash 846949c5a40e3ffbb702473e54dfac0646541aa624a844369b6e24e51ddaf96b Request headers sec-ch-ua-platform "Linux" Referer https://goo.su/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36 sec-ch-ua "Chromium";v="147", "Google Chrome";v="147", "Not-A.Brand";v="24" Content-Type text/plain sec-ch-ua-mobile ?0 Response headers access-control-allow-origin https://goo.su server-timing app;srv=s7a;dur=0.0005 Content-Length 11 Date Tue, 28 Apr 2026 04:06:43 GMT Server nginx Connection keep-alive access-control-allow-credentials true
POST H2	200	yandex Show response r.utraff.com/	12 B 774 B	410ms 277ms	XHR application/json	213.171.19.134 SmartApe LLC Smar...
General Check archive.org Show headers Download Go to Full URL https://r.utraff.com/yandex Requested by Host: yandex.ru URL: https://yandex.ru/ads/system/header-bidding.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 213.171.19.134 Moscow, Russian Federation, ASN56694 (SmartApe LLC Smart Ape, RU), Reverse DNS Software nginx/1.24.0 / Resource Hash 7b5f5ee7f72d94f9694569fd0b2c064e317c41949575486100562d8ea0610787 Request headers sec-ch-ua-platform "Linux" Referer https://goo.su/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36 sec-ch-ua "Chromium";v="147", "Google Chrome";v="147", "Not-A.Brand";v="24" Content-Type text/plain sec-ch-ua-mobile ?0 Response headers x-served-by prod-adserver11 access-control-expose-headers Content-Length,Content-Range content-encoding gzip access-control-allow-credentials true access-control-allow-methods GET, POST, OPTIONS access-control-allow-origin https://goo.su content-length 32 date Tue, 28 Apr 2026 04:06:43 GMT content-type application/json vary Origin server nginx/1.24.0 access-control-allow-headers DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization
POST H2	200	/ Show response ad.mail.ru/hbid_yandex/	11 B 184 B	409ms 222ms	XHR application/json	95.163.41.56 VK-AS LLC VK
General Check archive.org Show headers Download Go to Full URL https://ad.mail.ru/hbid_yandex/ Requested by Host: yandex.ru URL: https://yandex.ru/ads/system/header-bidding.js Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_256_GCM Server 95.163.41.56 , Russian Federation, ASN47764 (VK-AS LLC VK, RU), Reverse DNS r.myadx.net Software nginx / Resource Hash 846949c5a40e3ffbb702473e54dfac0646541aa624a844369b6e24e51ddaf96b Request headers sec-ch-ua-platform "Linux" Referer https://goo.su/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36 sec-ch-ua "Chromium";v="147", "Google Chrome";v="147", "Not-A.Brand";v="24" Content-Type text/plain sec-ch-ua-mobile ?0 Response headers cache-control private, no-cache, no-store timing-allow-origin * access-control-allow-origin https://goo.su date Tue, 28 Apr 2026 04:06:43 GMT content-type application/json server nginx access-control-allow-credentials true
POST H/1.1	200 OK	/ Show response hb.bumlam.com/yandex/	11 B 258 B	241ms 127ms	XHR application/json	31.172.81.8 DE-FIRSTCOLO firs...
General Check archive.org Show headers Download Go to Full URL https://hb.bumlam.com/yandex/ Requested by Host: yandex.ru URL: https://yandex.ru/ads/system/header-bidding.js Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 31.172.81.8 , Germany, ASN44066 (DE-FIRSTCOLO firstcolo GmbH, DE), Reverse DNS Software nginx / Resource Hash 846949c5a40e3ffbb702473e54dfac0646541aa624a844369b6e24e51ddaf96b Request headers sec-ch-ua-platform "Linux" Referer https://goo.su/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36 sec-ch-ua "Chromium";v="147", "Google Chrome";v="147", "Not-A.Brand";v="24" Content-Type text/plain sec-ch-ua-mobile ?0 Response headers Access-Control-Allow-Origin https://goo.su Content-Length 11 Date Tue, 28 Apr 2026 04:06:43 GMT Content-Type application/json; charset=utf-8 Server nginx Connection keep-alive Access-Control-Allow-Credentials true
POST H/1.1	204 No Content	bid.cgi Show response pb.adriver.ru/cgi-bin/	0 313 B	276ms 120ms	XHR text/plain	195.209.109.142 ADRIVER LLC AdRiver
General Check archive.org Show headers Download Go to Full URL https://pb.adriver.ru/cgi-bin/bid.cgi Requested by Host: yandex.ru URL: https://yandex.ru/ads/system/header-bidding.js Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 195.209.109.142 , Russian Federation, ASN52007 (ADRIVER LLC AdRiver, RU), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers sec-ch-ua-platform "Linux" Referer https://goo.su/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36 sec-ch-ua "Chromium";v="147", "Google Chrome";v="147", "Not-A.Brand";v="24" Content-Type text/plain sec-ch-ua-mobile ?0 Response headers Cache-control no-cache, max-age=0, must-revalidate, no-store Pragma no-cache Connection keep-alive Access-Control-Allow-Credentials true Expires Thu, 01 Jan 1970 00:00:00 GMT Access-Control-Allow-Origin https://goo.su Content-Length 0 Date Tue, 28 Apr 2026 04:06:43 GMT
POST H2	200	adfoxhb Show response ssp.hybrid.ai/	11 B 731 B	234ms 119ms	XHR application/json	37.230.131.76 HYBRID-Poland HYB...
General Check archive.org Show headers Download Go to Full URL https://ssp.hybrid.ai/adfoxhb Requested by Host: yandex.ru URL: https://yandex.ru/ads/system/header-bidding.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 37.230.131.76 Amsterdam, Netherlands, ASN200197 (HYBRID-Poland HYBRID ADTECH SP.Z.O.O., PL), Reverse DNS Software Hybrid Web Server / Resource Hash 846949c5a40e3ffbb702473e54dfac0646541aa624a844369b6e24e51ddaf96b Security Headers Name Value Content-Security-Policy default-src 'none'; connect-src 'self' blob: yastatic.net *.yandex.net *.adfox.ru *.yandex.ru yandex.ru yandex.com; frame-src yandexadexchange.net *.yandexadexchange.net yastatic.net *.yandex.ru *.adfox.ru; img-src 'self' *.yandex.net *.adfox.ru *.yandex.ru yandex.ru yandex.com data:; media-src yastatic.net *.yandex.net *.yandex.ru *.adfox.ru yandex.ru yandex.com blob: data:; script-src 'unsafe-inline' 'unsafe-eval' yastatic.net *.yandex.ru *.adfox.ru yandex.ru yandex.com verify.yandex.ru; style-src 'unsafe-inline' 'unsafe-eval' yastatic.net *.adfox.ru; font-src 'self' yastatic.net data:; Request headers sec-ch-ua-platform "Linux" Referer https://goo.su/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36 sec-ch-ua "Chromium";v="147", "Google Chrome";v="147", "Not-A.Brand";v="24" Content-Type text/plain sec-ch-ua-mobile ?0 Response headers content-security-policy default-src 'none'; connect-src 'self' blob: yastatic.net *.yandex.net *.adfox.ru *.yandex.ru yandex.ru yandex.com; frame-src yandexadexchange.net *.yandexadexchange.net yastatic.net *.yandex.ru *.adfox.ru; img-src 'self' *.yandex.net *.adfox.ru *.yandex.ru yandex.ru yandex.com data:; media-src yastatic.net *.yandex.net *.yandex.ru *.adfox.ru yandex.ru yandex.com blob: data:; script-src 'unsafe-inline' 'unsafe-eval' yastatic.net *.yandex.ru *.adfox.ru yandex.ru yandex.com verify.yandex.ru; style-src 'unsafe-inline' 'unsafe-eval' yastatic.net *.adfox.ru; font-src 'self' yastatic.net data:; content-encoding br access-control-allow-credentials true access-control-allow-origin https://goo.su p3p CP='NOI DSP COR CUR ADMa DEVo TAIo PSAo PSDo IVAo IVDo OUR IND COM NAV INT STA OTC' date Tue, 28 Apr 2026 04:06:43 GMT content-type application/json; charset=utf-8 vary Origin server Hybrid Web Server
POST H2	200	yhb Show response ssp-asr.digitalcaramel.com/	11 B 334 B	285ms 137ms	XHR application/json	178.72.133.225 SELECTEL JSC Sele...
General Check archive.org Show headers Download Go to Full URL https://ssp-asr.digitalcaramel.com/yhb Requested by Host: yandex.ru URL: https://yandex.ru/ads/system/header-bidding.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 178.72.133.225 , Russian Federation, ASN49505 (SELECTEL JSC Selectel, RU), Reverse DNS Software nginx / Resource Hash 846949c5a40e3ffbb702473e54dfac0646541aa624a844369b6e24e51ddaf96b Request headers sec-ch-ua-platform "Linux" Referer https://goo.su/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36 sec-ch-ua "Chromium";v="147", "Google Chrome";v="147", "Not-A.Brand";v="24" Content-Type text/plain sec-ch-ua-mobile ?0 Response headers access-control-allow-origin https://goo.su content-length 11 date Tue, 28 Apr 2026 04:06:43 GMT content-type application/json server nginx access-control-allow-credentials true
GET		bsync visitor-betweenx.omnitagjs.com/visitor/ Redirect Chain https://ads.betweendigital.com/sspmatch?p=42917&r=1777349202719 https://ads.betweendigital.com/sspmatch?p=42917&r=1777349202719&crf=1&rts=8213676748396356911 https://x.bidswitch.net/sync?ssp=between&uid=5a3216cd-26c9-5276-9baa-5032f25a6261&gdpr=0&gdpr_consent=&us_privacy=${GPP_STRING_123}&redir=https%3A%2F%2Fads.betweendigital.com%2Fmatch%3Fbidder_id%3D... https://x.bidswitch.net/ul_cb/sync?ssp=between&uid=5a3216cd-26c9-5276-9baa-5032f25a6261&gdpr=0&gdpr_consent=&us_privacy=${GPP_STRING_123}&redir=https%3A%2F%2Fads.betweendigital.com%2Fmatch%3Fbidder... https://ads.betweendigital.com/match?bidder_id=43092&gdpr=0&consent=&callback_url=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D429%26user_id%3D%24%7BUSER_ID%7D%26ssp%3Dbetween%26expires%3D30%26u... https://x.bidswitch.net/sync?dsp_id=429&user_id=d0e149d4-0bd7-5276-89d6-e4e3e026d6b0&ssp=between&expires=30&user_group=1&gdpr=0&gdpr_consent= https://ads.betweendigital.com/match?bidder_id=22&external_user_id=bdc2581e-af8e-4444-9c0f-2a02cf8477f8&gdpr=0&gdpr_consent= https://x.bidswitch.net/sync?ssp=between&uid=d0e149d4-0bd7-5276-89d6-e4e3e026d6b0&gdpr=0&gdpr_consent=&us_privacy=${GPP_STRING_123}&redir=https%3A%2F%2Fads.betweendigital.com%2Fmatch%3Fbidder_id%3D... https://pool.liftdsp.com/sync?ssp=bidswitch&bidswitch_ssp_id=between&bsw_custom_parameter=bdc2581e-af8e-4444-9c0f-2a02cf8477f8&gdpr=0&gdpr_consent= https://pool.liftdsp.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=between&bsw_custom_parameter=bdc2581e-af8e-4444-9c0f-2a02cf8477f8&gdpr=0&gdpr_consent= https://x.bidswitch.net/sync?dsp_id=23&expires=14&user_id=4bba4d37-9750-480a-abb7-0b78c0cc81c5&user_group=1&ssp=between&bsw_param=bdc2581e-af8e-4444-9c0f-2a02cf8477f8&gdpr=0&gdpr_consent= https://ads.betweendigital.com/match?bidder_id=22&external_user_id=bdc2581e-af8e-4444-9c0f-2a02cf8477f8&gdpr=0&gdpr_consent= https://visitor-betweenx.omnitagjs.com/visitor/bsync?uid=cd6403e2c067b584fecdd6a3847819bf&name=gen01&url=https%3A%2F%2Fads.betweendigital.com%2Fmatch%3Fbidder_id%3D416%26external_user_id%3DPARTNER_...	0 0
GET H2	200	sync a.sportradarserving.com/ Redirect Chain https://ads.betweendigital.com/sspmatch?p=41985&r=1777349202719 https://ads.betweendigital.com/sspmatch?p=41985&r=1777349202719&crf=1&rts=-3903490473210923445 https://x.bidswitch.net/sync?ssp=between&uid=6692c09f-f925-5276-968c-b6b6ff7c84e5&gdpr=0&gdpr_consent=&us_privacy=${GPP_STRING_123}&redir=https%3A%2F%2Fads.betweendigital.com%2Fmatch%3Fbidder_id%3D... https://x.bidswitch.net/ul_cb/sync?ssp=between&uid=6692c09f-f925-5276-968c-b6b6ff7c84e5&gdpr=0&gdpr_consent=&us_privacy=${GPP_STRING_123}&redir=https%3A%2F%2Fads.betweendigital.com%2Fmatch%3Fbidder... https://a.sportradarserving.com/sync?ssp=bidswitch&bidswitch_ssp_id=between&gdpr=0&gdpr_consent=	43 B 183 B	289ms 121ms	Image image/gif	35.214.183.184 Google LLC
General Check archive.org Show headers Download Go to Show image Full URL https://a.sportradarserving.com/sync?ssp=bidswitch&bidswitch_ssp_id=between&gdpr=0&gdpr_consent= Requested by Host: goo.su URL: https://goo.su/3oxh2eW Protocol H2 Server 35.214.183.184 Groningen, Netherlands, ASN19527 (GOOGLE-2 - Google LLC, US), Reverse DNS 184.183.214.35.bc.googleusercontent.com Software / Resource Hash 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36 Referer https://goo.su/ Response headers via 1.1 google cache-control no-cache, no-store, must-revalidate alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 43 date Tue, 28 Apr 2026 04:06:43 GMT content-type image/gif Redirect headers via 1.1 google cache-control no-cache, no-store, must-revalidate location //a.sportradarserving.com/sync?ssp=bidswitch&bidswitch_ssp_id=between&gdpr=0&gdpr_consent= content-length 0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 date Tue, 28 Apr 2026 04:06:43 GMT
GET H2	200	/ acint.net/cmatch/	43 B 340 B	64ms 64ms	Image image/gif	193.3.184.76 QWARTA QWARTA LLC
General Check archive.org Show headers Download Go to Show image Full URL https://acint.net/cmatch/?dp=14&pi=1753819 Requested by Host: goo.su URL: https://goo.su/3oxh2eW Protocol H2 Security TLS 1.3, , AES_256_GCM Server 193.3.184.76 , Russian Federation, ASN50214 (QWARTA QWARTA LLC, RU), Reverse DNS Software openresty / Resource Hash cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda Request headers sec-ch-ua-platform "Linux" Referer https://goo.su/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36 sec-ch-ua "Chromium";v="147", "Google Chrome";v="147", "Not-A.Brand";v="24" sec-ch-ua-mobile ?0 Response headers expires Wed, 19 Apr 2000 11:43:00 GMT cache-control private, no-cache, no-store, must-revalidate, max-age=0 content-length 43 date Tue, 28 Apr 2026 04:06:43 GMT content-type image/gif last-modified Mon, 28 Sep 1970 06:00:00 GMT server openresty
GET H2	204	match dm.hybrid.ai/ Redirect Chain https://kimberlite.io/rtb/syncd https://exchange.buzzoola.com/cookiesync/redirect?redirect_url=https%3A%2F%2Fkimberlite.io%2Frtb%2Fsync%2Fbuzzoola%3Fu%3D%24%7BUUID%7D%26f%3D%26n%3D1 https://kimberlite.io/rtb/sync/buzzoola?u=0fb6fd09-752f-4bde-4603-551f03801ef1&f=&n=1 https://dm.hybrid.ai/match?id=414	0 239 B	205ms 99ms	Image text/plain	37.230.131.16 HYBRID-Poland HYB...
General Check archive.org Show headers Download Go to Show image Full URL https://dm.hybrid.ai/match?id=414 Requested by Host: goo.su URL: https://goo.su/3oxh2eW Protocol H2 Server 37.230.131.16 Amsterdam, Netherlands, ASN200197 (HYBRID-Poland HYBRID ADTECH SP.Z.O.O., PL), Reverse DNS Software Hybrid Web Server / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Xss-Protection 1; mode=block Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36 Referer Response headers cache-control no-cache, no-store pragma no-cache expires -1 access-control-allow-origin * p3p CP="NOI DSP COR CUR ADMa DEVo TAIo PSAo PSDo IVAo IVDo OUR IND COM NAV INT STA OTC" x-mode 5015 date Tue, 28 Apr 2026 04:03:23 GMT x-xss-protection 1; mode=block server Hybrid Web Server Redirect headers cache-control no-store location https://dm.hybrid.ai/match?id=414 Connection keep-alive access-control-allow-credentials true referrer-policy no-referrer access-control-allow-origin * server-timing app;srv=s26a;dur=0.0010 Content-Length 0 Date Tue, 28 Apr 2026 04:06:43 GMT Server nginx
GET H/1.1	204 No Content	sync a.ussp.io/	0 671 B	286ms 149ms	Image text/plain	213.171.19.201 SmartApe LLC Smar...
General Check archive.org Show headers Download Go to Show image Full URL https://a.ussp.io/sync?ssp=2529 Requested by Host: goo.su URL: https://goo.su/3oxh2eW Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 213.171.19.201 Moscow, Russian Federation, ASN56694 (SmartApe LLC Smart Ape, RU), Reverse DNS Software nginx/1.24.0 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers sec-ch-ua-platform "Linux" Referer https://goo.su/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36 sec-ch-ua "Chromium";v="147", "Google Chrome";v="147", "Not-A.Brand";v="24" sec-ch-ua-mobile ?0 Response headers Access-Control-Expose-Headers Content-Length,Content-Range Connection keep-alive Access-Control-Allow-Credentials true Access-Control-Allow-Methods GET, POST, OPTIONS Content-Length 0 Date Tue, 28 Apr 2026 04:06:43 GMT Content-Type text/plain Vary Origin Server nginx/1.24.0 Access-Control-Allow-Headers DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization
GET		digital_caramel_ortb ssp.al-adtech.com/api/sync/ Redirect Chain https://sync.digitalcaramel.com/match/sp https://sync.digitalcaramel.com/match/sp?chk=1 https://mc.acint.net/rmatch?dp=230&euid=NjRiMDQwNTViZmM4N2I4MA&r=https%3A%2F%2Fsync.digitalcaramel.com%2Fmatch%2Fsapedsp%3Fid%3D%24%7BUSER_ID%7D%26fp%3D3026217885 https://ssp-rtb.sape.ru/rmatch?r=https%3A%2F%2Facint.net%2Frmatch%3Fdp%3D14%26euid%3D$%7BUSER_ID%7D%26r%3Dhttps%253A%252F%252Fsync.digitalcaramel.com%252Fmatch%252Fsapedsp%253Fid%253D%2524%257BUSER... https://acint.net/rmatch?dp=14&euid=4F03420A5332F069A30216BC02513059&r=https%3A%2F%2Fsync.digitalcaramel.com%2Fmatch%2Fsapedsp%3Fid%3D%24%7BUSER_ID%7D%26fp%3D3026217885 https://sync.digitalcaramel.com/match/sapedsp?id=0900007F5332F069C639D91302ABA61C&fp=3026217885 https://exchange.buzzoola.com/cookiesync/redirect?redirect_url=https%3A%2F%2Fsync.digitalcaramel.com%2Fmatch%2Fbuzoola%3Fid%3D%24%7BUUID%7D%26fp%3D3026217885 https://sync.digitalcaramel.com/match/buzoola?id=0fb6fd09-752f-4bde-4603-551f03801ef1&fp=3026217885 https://sp.kombinat.digital/cm?ssp=caramel&redirect_url=https%3A%2F%2Fsync.digitalcaramel.com%2Fmatch%2Fkombinat%3Fid%3D%7Buid%7D%26fp%3D3026217885 https://sync.digitalcaramel.com/match/kombinat?id=63269e80-1a56-4453-ac44-72e3a74c68ca&fp=3026217885 https://a.giraff.io/rtb/sync?ssp=digitalcaramel-ssp&redirect=https%3A%2F%2Fsync.digitalcaramel.com%2Fmatch%2Fgiraff%3Fid%3D%24%7BUID%7D%26fp%3D3026217885 https://sync.digitalcaramel.com/match/giraff?id=8830e7ad650b4ea6&fp=3026217885 https://ads.betweendigital.com/match?bidder_id=46894&callback_url=https%3A%2F%2Fsync.digitalcaramel.com%2Fmatch%2Fbetween%3Fid%3D%24%7BUSER_ID%7D%26fp%3D3026217885 https://sync.digitalcaramel.com/match/between?id=d0e149d4-0bd7-5276-89d6-e4e3e026d6b0&fp=3026217885 https://ssp.bidster.net/sync/a1afdc4a-c7de-43aa-b099-0782ed08abd6?id=NjRiMDQwNTViZmM4N2I4MA&redirect=https%3A%2F%2Fsync.digitalcaramel.com%2Fmatch%2Fbidster%3Fid%3D%7Bid%7D%26fp%3D3026217885 https://sync.digitalcaramel.com/match/bidster?id=fb89238a5c1c4fcd033eb&fp=3026217885 https://cm.pxltag.com/rsync?platform_id=25b0079266944803ad725f6417301f6a&sync_url=https%3A%2F%2Fsync.digitalcaramel.com%2Fmatch%2Fadwile%3Fid%3D%7Binner_id%7D%26fp%3D3026217885 https://sync.digitalcaramel.com/match/adwile?id=2MfQaeYCI&fp=3026217885 https://csync.smilewanted.com/getuid?source=&gdpr=&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fsync.digitalcaramel.com%2Fmatch%2Fsmilewanted%3Fid%3D%24UID https://sync.digitalcaramel.com/match/smilewanted?id=e3bf53326fbe36a6789694dedb6660bf https://ssp.al-adtech.com/api/sync/digital_caramel_ortb	0 0
GET H2	200	thumbmark.umd.js Show response static.kimberlite.io/js/	30 KB 13 KB	274ms 114ms	Script application/javascript	212.8.232.117 NETRACK-AS Start2...
General Check archive.org Show headers Download Go to Full URL https://static.kimberlite.io/js/thumbmark.umd.js Requested by Host: kimberlite.io URL: https://kimberlite.io/rtb/ujs?ymss=digitalcaramel Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 212.8.232.117 Moscow, Russian Federation, ASN61400 (NETRACK-AS Start2 LLC, RU), Reverse DNS Software nginx / Resource Hash 54a39580526bca72122afde8131057b589c7b56ba96217438c4a41016ed759c8 Request headers Origin https://goo.su sec-ch-ua-platform "Linux" Referer User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36 sec-ch-ua "Chromium";v="147", "Google Chrome";v="147", "Not-A.Brand";v="24" sec-ch-ua-mobile ?0 Response headers content-encoding gzip etag W/"6995f66d-7737" access-control-allow-credentials true access-control-allow-methods GET, POST, OPTIONS, PUT, DELETE, PATCH access-control-allow-origin https://goo.su date Tue, 28 Apr 2026 04:06:43 GMT content-type application/javascript last-modified Wed, 18 Feb 2026 17:27:09 GMT server nginx access-control-allow-headers Authorization,DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
GET H2	200	botd.js Show response static.kimberlite.io/js/	27 KB 8 KB	270ms 111ms	Script application/javascript	212.8.232.117 NETRACK-AS Start2...
General Check archive.org Show headers Download Go to Full URL https://static.kimberlite.io/js/botd.js Requested by Host: kimberlite.io URL: https://kimberlite.io/rtb/ujs?ymss=digitalcaramel Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 212.8.232.117 Moscow, Russian Federation, ASN61400 (NETRACK-AS Start2 LLC, RU), Reverse DNS Software nginx / Resource Hash bdb8b3b0ffef3a4c89ce8a6fa2bd1049813b5559cbc1906363c95f85bd9b8f56 Request headers Origin https://goo.su sec-ch-ua-platform "Linux" Referer User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36 sec-ch-ua "Chromium";v="147", "Google Chrome";v="147", "Not-A.Brand";v="24" sec-ch-ua-mobile ?0 Response headers content-encoding gzip etag W/"6995f66d-6b7f" access-control-allow-credentials true access-control-allow-methods GET, POST, OPTIONS, PUT, DELETE, PATCH access-control-allow-origin https://goo.su date Tue, 28 Apr 2026 04:06:43 GMT content-type application/javascript last-modified Wed, 18 Feb 2026 17:27:09 GMT server nginx access-control-allow-headers Authorization,DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
GET H2	200	rp-core-engine.js Show response cdn-c.skcrtxr.com/wrapper/js/	8 KB 4 KB	211ms 161ms	Script text/javascript	188.72.103.3 YACLOUDCDN Yandex...
General Check archive.org Show headers Download Go to Full URL https://cdn-c.skcrtxr.com/wrapper/js/rp-core-engine.js?v=s-2562a02c-845e-41cf-a305-4881e0c442fb Requested by Host: cdn.skcrtxr.com URL: https://cdn.skcrtxr.com/roxot-wrapper/js/roxot-manager.js?pid=19e08d82-9ec3-4dda-b15f-01ab2c95e167 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 188.72.103.3 Dubai, United Arab Emirates, ASN215013 (YACLOUDCDN Yandex.Cloud LLC, RU), Reverse DNS Software nginx / Resource Hash caf22418eb1c900e27b0f87ad7eedfea394c245a2f1c8429139f9758d45155a9 Request headers sec-ch-ua-platform "Linux" Referer https://goo.su/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36 sec-ch-ua "Chromium";v="147", "Google Chrome";v="147", "Not-A.Brand";v="24" sec-ch-ua-mobile ?0 Response headers x-request-id 7af361adc14bb7dc cache-control max-age=345600 content-encoding gzip etag W/"c8bcfa56815533dd5b8285b33910e48f" date Tue, 28 Apr 2026 04:06:43 GMT cache-status HIT content-type text/javascript vary Accept-Encoding server nginx last-modified Tue, 17 Feb 2026 11:00:13 GMT cache-host yccdn-ruvoz02kvant-1.yccdn.cloud.yandex.net
GET H2	200	common-engine.js Show response cdn-c.skcrtxr.com/wrapper/js/	509 KB 142 KB	158ms 158ms	Script text/javascript	188.72.103.3 YACLOUDCDN Yandex...
General Check archive.org Show headers Download Go to Full URL https://cdn-c.skcrtxr.com/wrapper/js/common-engine.js?v=s-2562a02c-845e-41cf-a305-4881e0c442fb Requested by Host: cdn.skcrtxr.com URL: https://cdn.skcrtxr.com/roxot-wrapper/js/roxot-manager.js?pid=19e08d82-9ec3-4dda-b15f-01ab2c95e167 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 188.72.103.3 Dubai, United Arab Emirates, ASN215013 (YACLOUDCDN Yandex.Cloud LLC, RU), Reverse DNS Software nginx / Resource Hash 6f5ea765b142fb5114e7fb9f6e05d550581784620db5bd2822e700e513c5f242 Request headers sec-ch-ua-platform "Linux" Referer https://goo.su/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36 sec-ch-ua "Chromium";v="147", "Google Chrome";v="147", "Not-A.Brand";v="24" sec-ch-ua-mobile ?0 Response headers x-request-id 5f011ae7284c741e cache-control max-age=345600 content-encoding gzip etag W/"9e22976073efb9389b976969ebf29655" date Tue, 28 Apr 2026 04:06:43 GMT cache-status HIT content-type text/javascript vary Accept-Encoding server nginx last-modified Thu, 23 Apr 2026 09:04:07 GMT cache-host yccdn-ruvoz02kvant-1.yccdn.cloud.yandex.net
GET DATA	200 OK	truncated / Frame E541	216 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash adf2784762373749154783d10df8dd0dd92f39830a830e988a7c90d8c519b9d9 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36 Referer Response headers Content-Type image/png
GET H3	204	gen_204 pagead2.googlesyndication.com/pagead/ Frame E541	0 0	47ms 47ms	Fetch image/gif	192.178.183.156 Google LLC
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/gen_204?id=av-js&type=fle-fetch-start2 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js Protocol H3 Security QUIC, , AES_128_GCM Server 192.178.183.156 , United States, ASN15169 (GOOGLE - Google LLC, US), Reverse DNS lcfraw-in-f156.1e100.net Software cafe / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers sec-ch-ua-platform "Linux" Referer https://pagead2.googlesyndication.com/pagead/ads?client=ca-pub-2221698569877911&output=html&h=300&slotname=2783776122&adk=3407623964&adf=4065594387&pi=t.ma~as.2783776122&w=500&lmt=1777349202&format=500x300&url=https%3A%2F%2Fgoo.su%2F3oxh2eW&asro=0&aiapmid=0.0001&aiactd=0&aicctd=0&ailctd=0&aimartd=4&aieuf=1&aicrs=1&uach=WyJMaW51eCIsIiIsIng4NiIsIiIsIjE0Ny4wLjc3MjcuMTE2IixudWxsLDAsbnVsbCwiNjQiLFtbIkNocm9taXVtIiwiMTQ3LjAuMC4wIl0sWyJHb29nbGUgQ2hyb21lIiwiMTQ3LjAuMC4wIl0sWyJOb3QtQS5CcmFuZCIsIjI0LjAuMC4wIl1dLDBd&abgtt=6&dt=1777349202200&bpp=1&bdt=335&idt=166&shv=r20260424&mjsv=m202604210101&ptt=9&saldr=aa&abxe=1&eoidce=1&prev_fmts=0x0&nras=1&correlator=7635319313714&frm=20&pv=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=32&adx=550&ady=0&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31098107%2C42532524%2C95386813%2C95389146%2C95386338%2C95387777&oid=2&pvsid=4193465744641746&tmod=351168794&uas=0&nvt=1&fc=1920&brdim=1570%2C1170%2C1570%2C1170%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7CeoE%7C&abl=CS&pfx=0&fu=0&bc=31&bz=1&ifi=2&uci=a!2&fsb=1&dtd=172 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36 sec-ch-ua "Chromium";v="147", "Google Chrome";v="147", "Not-A.Brand";v="24" sec-ch-ua-mobile ?0 Response headers cache-control no-cache, must-revalidate timing-allow-origin * pragma no-cache cross-origin-resource-policy cross-origin x-content-type-options nosniff expires Fri, 01 Jan 1990 00:00:00 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" content-length 0 date Tue, 28 Apr 2026 04:06:43 GMT x-xss-protection 0 content-type image/gif server cafe
GET H3	204	gen_204 pagead2.googlesyndication.com/pagead/ Frame E541	0 0	51ms 50ms	Fetch image/gif	192.178.183.156 Google LLC
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/gen_204?id=av-js&type=colleague-executed&name=4 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js Protocol H3 Security QUIC, , AES_128_GCM Server 192.178.183.156 , United States, ASN15169 (GOOGLE - Google LLC, US), Reverse DNS lcfraw-in-f156.1e100.net Software cafe / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers sec-ch-ua-platform "Linux" Referer https://pagead2.googlesyndication.com/pagead/ads?client=ca-pub-2221698569877911&output=html&h=300&slotname=2783776122&adk=3407623964&adf=4065594387&pi=t.ma~as.2783776122&w=500&lmt=1777349202&format=500x300&url=https%3A%2F%2Fgoo.su%2F3oxh2eW&asro=0&aiapmid=0.0001&aiactd=0&aicctd=0&ailctd=0&aimartd=4&aieuf=1&aicrs=1&uach=WyJMaW51eCIsIiIsIng4NiIsIiIsIjE0Ny4wLjc3MjcuMTE2IixudWxsLDAsbnVsbCwiNjQiLFtbIkNocm9taXVtIiwiMTQ3LjAuMC4wIl0sWyJHb29nbGUgQ2hyb21lIiwiMTQ3LjAuMC4wIl0sWyJOb3QtQS5CcmFuZCIsIjI0LjAuMC4wIl1dLDBd&abgtt=6&dt=1777349202200&bpp=1&bdt=335&idt=166&shv=r20260424&mjsv=m202604210101&ptt=9&saldr=aa&abxe=1&eoidce=1&prev_fmts=0x0&nras=1&correlator=7635319313714&frm=20&pv=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=32&adx=550&ady=0&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31098107%2C42532524%2C95386813%2C95389146%2C95386338%2C95387777&oid=2&pvsid=4193465744641746&tmod=351168794&uas=0&nvt=1&fc=1920&brdim=1570%2C1170%2C1570%2C1170%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7CeoE%7C&abl=CS&pfx=0&fu=0&bc=31&bz=1&ifi=2&uci=a!2&fsb=1&dtd=172 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36 sec-ch-ua "Chromium";v="147", "Google Chrome";v="147", "Not-A.Brand";v="24" sec-ch-ua-mobile ?0 Response headers cache-control no-cache, must-revalidate timing-allow-origin * pragma no-cache cross-origin-resource-policy cross-origin x-content-type-options nosniff expires Fri, 01 Jan 1990 00:00:00 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" content-length 0 date Tue, 28 Apr 2026 04:06:43 GMT x-xss-protection 0 content-type image/gif server cafe
GET H3	204	gen_204 pagead2.googlesyndication.com/pagead/ Frame E541	0 0	51ms 50ms	Fetch image/gif	192.178.183.156 Google LLC
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/gen_204?id=av-js&type=reach&proto=CAlgAWgD Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js Protocol H3 Security QUIC, , AES_128_GCM Server 192.178.183.156 , United States, ASN15169 (GOOGLE - Google LLC, US), Reverse DNS lcfraw-in-f156.1e100.net Software cafe / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers sec-ch-ua-platform "Linux" Referer https://pagead2.googlesyndication.com/pagead/ads?client=ca-pub-2221698569877911&output=html&h=300&slotname=2783776122&adk=3407623964&adf=4065594387&pi=t.ma~as.2783776122&w=500&lmt=1777349202&format=500x300&url=https%3A%2F%2Fgoo.su%2F3oxh2eW&asro=0&aiapmid=0.0001&aiactd=0&aicctd=0&ailctd=0&aimartd=4&aieuf=1&aicrs=1&uach=WyJMaW51eCIsIiIsIng4NiIsIiIsIjE0Ny4wLjc3MjcuMTE2IixudWxsLDAsbnVsbCwiNjQiLFtbIkNocm9taXVtIiwiMTQ3LjAuMC4wIl0sWyJHb29nbGUgQ2hyb21lIiwiMTQ3LjAuMC4wIl0sWyJOb3QtQS5CcmFuZCIsIjI0LjAuMC4wIl1dLDBd&abgtt=6&dt=1777349202200&bpp=1&bdt=335&idt=166&shv=r20260424&mjsv=m202604210101&ptt=9&saldr=aa&abxe=1&eoidce=1&prev_fmts=0x0&nras=1&correlator=7635319313714&frm=20&pv=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=32&adx=550&ady=0&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31098107%2C42532524%2C95386813%2C95389146%2C95386338%2C95387777&oid=2&pvsid=4193465744641746&tmod=351168794&uas=0&nvt=1&fc=1920&brdim=1570%2C1170%2C1570%2C1170%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7CeoE%7C&abl=CS&pfx=0&fu=0&bc=31&bz=1&ifi=2&uci=a!2&fsb=1&dtd=172 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36 sec-ch-ua "Chromium";v="147", "Google Chrome";v="147", "Not-A.Brand";v="24" sec-ch-ua-mobile ?0 Response headers cache-control no-cache, must-revalidate timing-allow-origin * pragma no-cache cross-origin-resource-policy cross-origin x-content-type-options nosniff expires Fri, 01 Jan 1990 00:00:00 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" content-length 0 date Tue, 28 Apr 2026 04:06:43 GMT x-xss-protection 0 content-type image/gif server cafe
GET H3	200	view pagead2.googlesyndication.com/btr/ Frame E541	0 0	47ms 46ms	Fetch text/html	192.178.183.156 Google LLC
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/btr/view?ai=CroBZUjLwaZrEGbC5rNcP5p-FsAmpjoachgHPx4Gl7xUKEAEgl8rCZGCV-vCBjAegAZyv-6gCyAEDqAMByAPJBKoE4gFP0AL6bGt5075uLXD8Leb_hAjeTIoYDo9D784FR5J48nUR5gIPoEhyF_qjsBzlFKlu05RgGJ8Z4i7pRN_WIXFZl1DKAdeg-TlRdeDQ1IrtmSWAVFYcaZGMnwRgmz-_0lOrsq-i9DtiK79C6MJBFRspfWTVb-oXHqCm1SpIkwp5-G9DtFaR-t7HlKHRgPaHu0sOraiqI9nzXJYx446vO3medM2yVA1TuIPMm4d7bzbWtC8sikl3q18WeSIVcPzXMHwgVs9ewwuSA3dBZ4ngGbDiz-w-C9itBew0TeHvn5Vc5vBXwAS4xNno1wWIBZ2r_qdYkgUECAQYAZIFBAgFGASgBgOAB8zQhNcBqAenzLECqAfi2LECqAemvhuoB8zOsQKoB_PRG6gHltgbqAeqm7ECqAeOzhuoB5PYG6gH8OAbqAfulrECqAf-nrECqAevvrECqAea4bECqAfVyRuoB9m2sQKoB_fCsQLYBwHyBwUQr4-SAdIIMgiR4YBQEAEYnwMyCKuLgICggIAKOg4AgICAgICUqIgCqIOAEEi9_cE6WMWV6N7Vj5QDgAoByAsBogwDkAEBqg0CREXqDRMIsbvo3tWPlAMVsBzrBB3mTwGWiA4J2BMN0BUBmBYByhYCCgD4FgGAFwGyFywKGggAEhRwdWItMjIyMTY5ODU2OTg3NzkxMRgAGAEqCjI3ODM3NzYxMjJQBroXAjgBqhgXCQAAAIDXQ0JBEgoyNzgzNzc2MTIyGAGyGAkSArBTGAMiAQDQGAHoGAHCGQIIAQ&sigh=3bqvKglWeEY&uach_m=%5BUACH%5D&ibtr=1 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/ads?client=ca-pub-2221698569877911&output=html&h=300&slotname=2783776122&adk=3407623964&adf=4065594387&pi=t.ma~as.2783776122&w=500&lmt=1777349202&format=500x300&url=https%3A%2F%2Fgoo.su%2F3oxh2eW&asro=0&aiapmid=0.0001&aiactd=0&aicctd=0&ailctd=0&aimartd=4&aieuf=1&aicrs=1&uach=WyJMaW51eCIsIiIsIng4NiIsIiIsIjE0Ny4wLjc3MjcuMTE2IixudWxsLDAsbnVsbCwiNjQiLFtbIkNocm9taXVtIiwiMTQ3LjAuMC4wIl0sWyJHb29nbGUgQ2hyb21lIiwiMTQ3LjAuMC4wIl0sWyJOb3QtQS5CcmFuZCIsIjI0LjAuMC4wIl1dLDBd&abgtt=6&dt=1777349202200&bpp=1&bdt=335&idt=166&shv=r20260424&mjsv=m202604210101&ptt=9&saldr=aa&abxe=1&eoidce=1&prev_fmts=0x0&nras=1&correlator=7635319313714&frm=20&pv=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=32&adx=550&ady=0&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31098107%2C42532524%2C95386813%2C95389146%2C95386338%2C95387777&oid=2&pvsid=4193465744641746&tmod=351168794&uas=0&nvt=1&fc=1920&brdim=1570%2C1170%2C1570%2C1170%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7CeoE%7C&abl=CS&pfx=0&fu=0&bc=31&bz=1&ifi=2&uci=a!2&fsb=1&dtd=172 Protocol H3 Security QUIC, , AES_128_GCM Server 192.178.183.156 , United States, ASN15169 (GOOGLE - Google LLC, US), Reverse DNS lcfraw-in-f156.1e100.net Software cafe / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers sec-ch-ua-platform "Linux" Referer https://pagead2.googlesyndication.com/pagead/ads?client=ca-pub-2221698569877911&output=html&h=300&slotname=2783776122&adk=3407623964&adf=4065594387&pi=t.ma~as.2783776122&w=500&lmt=1777349202&format=500x300&url=https%3A%2F%2Fgoo.su%2F3oxh2eW&asro=0&aiapmid=0.0001&aiactd=0&aicctd=0&ailctd=0&aimartd=4&aieuf=1&aicrs=1&uach=WyJMaW51eCIsIiIsIng4NiIsIiIsIjE0Ny4wLjc3MjcuMTE2IixudWxsLDAsbnVsbCwiNjQiLFtbIkNocm9taXVtIiwiMTQ3LjAuMC4wIl0sWyJHb29nbGUgQ2hyb21lIiwiMTQ3LjAuMC4wIl0sWyJOb3QtQS5CcmFuZCIsIjI0LjAuMC4wIl1dLDBd&abgtt=6&dt=1777349202200&bpp=1&bdt=335&idt=166&shv=r20260424&mjsv=m202604210101&ptt=9&saldr=aa&abxe=1&eoidce=1&prev_fmts=0x0&nras=1&correlator=7635319313714&frm=20&pv=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=32&adx=550&ady=0&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31098107%2C42532524%2C95386813%2C95389146%2C95386338%2C95387777&oid=2&pvsid=4193465744641746&tmod=351168794&uas=0&nvt=1&fc=1920&brdim=1570%2C1170%2C1570%2C1170%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7CeoE%7C&abl=CS&pfx=0&fu=0&bc=31&bz=1&ifi=2&uci=a!2&fsb=1&dtd=172 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36 sec-ch-ua "Chromium";v="147", "Google Chrome";v="147", "Not-A.Brand";v="24" sec-ch-ua-mobile ?0 Response headers timing-allow-origin * cross-origin-resource-policy cross-origin access-control-allow-credentials true x-content-type-options nosniff access-control-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" content-length 0 date Tue, 28 Apr 2026 04:06:43 GMT x-xss-protection 0 content-type text/html; charset=UTF-8 server cafe
GET H2	200	libs-b3f8aa7d.js Show response yastatic.net/partner-code-bundles/libs/	9 KB 4 KB	170ms 169ms	Script text/javascript	37.9.64.225 YANDEX YANDEX LLC
General Check archive.org Show headers Download Go to Full URL https://yastatic.net/partner-code-bundles/libs/libs-b3f8aa7d.js Requested by Host: yandex.ru URL: https://yandex.ru/ads/system/context.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 37.9.64.225 , Russian Federation, ASN13238 (YANDEX YANDEX LLC, RU), Reverse DNS cloud.cdn.yandex.net Software nginx / Resource Hash b370e738d148cee40305e9bb53a2a8ab7337f7c2fea0b33388dfb8ec32997df8 Security Headers Name Value Strict-Transport-Security max-age=43200000; includeSubDomains; Request headers Origin https://goo.su sec-ch-ua-platform "Linux" Referer https://goo.su/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36 sec-ch-ua "Chromium";v="147", "Google Chrome";v="147", "Not-A.Brand";v="24" sec-ch-ua-mobile ?0 Response headers x-robots-tag noindex, noarchive, nofollow x-request-id 665237b234ca4e77 content-encoding br etag "28da4b584da2cf67755881ebbcf6d298" report-to { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]} expires Thu, 27 Apr 2056 09:53:28 GMT date Tue, 28 Apr 2026 04:06:43 GMT content-type text/javascript; charset=utf-8 vary Accept-Encoding last-modified Mon, 20 Apr 2026 15:11:46 GMT cache-host cloudcdn-m9-14.cdn.yandex.net strict-transport-security max-age=43200000; includeSubDomains; nel {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01} timing-allow-origin * cache-control public, max-age=946708560 accept-ranges bytes access-control-allow-origin * content-length 3884 x-strm-log-split 9 cache-status HIT server nginx
GET H2	200	63aa138c5ac6c86f.js Show response yastatic.net/partner-code-bundles/1304673/	4 KB 2 KB	170ms 170ms	Script text/javascript	37.9.64.225 YANDEX YANDEX LLC
General Check archive.org Show headers Download Go to Full URL https://yastatic.net/partner-code-bundles/1304673/63aa138c5ac6c86f.js Requested by Host: yandex.ru URL: https://yandex.ru/ads/system/context.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 37.9.64.225 , Russian Federation, ASN13238 (YANDEX YANDEX LLC, RU), Reverse DNS cloud.cdn.yandex.net Software nginx / Resource Hash 0b91886f4774a986b27d33272bccc823e0a45f5f94e4cc20e2c25df2b003c096 Security Headers Name Value Strict-Transport-Security max-age=43200000; includeSubDomains; Request headers Origin https://goo.su sec-ch-ua-platform "Linux" Referer https://goo.su/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36 sec-ch-ua "Chromium";v="147", "Google Chrome";v="147", "Not-A.Brand";v="24" sec-ch-ua-mobile ?0 Response headers x-robots-tag noindex, noarchive, nofollow x-request-id ea6518aba65dcbb5 content-encoding br etag "2b0e74d66b6b47996ad626f2d49c8e43" report-to { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]} expires Thu, 27 Apr 2056 10:23:29 GMT date Tue, 28 Apr 2026 04:06:43 GMT content-type text/javascript; charset=utf-8 vary Accept-Encoding last-modified Mon, 20 Apr 2026 15:15:04 GMT cache-host cloudcdn-m9-14.cdn.yandex.net strict-transport-security max-age=43200000; includeSubDomains; cache-control public, max-age=946708560 timing-allow-origin * nel {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01} accept-ranges bytes access-control-allow-origin * content-length 1780 x-strm-log-split 5 cache-status HIT server nginx
GET H2	200	text-variable-full.woff2 yastatic.net/s3/home/fonts/ys/3/	25 KB 26 KB	172ms 172ms	Font font/woff2	37.9.64.225 YANDEX YANDEX LLC
General Check archive.org Show headers Download Go to Full URL https://yastatic.net/s3/home/fonts/ys/3/text-variable-full.woff2 Requested by Host: yandex.ru URL: https://yandex.ru/ads/system/context.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 37.9.64.225 , Russian Federation, ASN13238 (YANDEX YANDEX LLC, RU), Reverse DNS cloud.cdn.yandex.net Software nginx / Resource Hash 033696b7f1ac04d1dcc102be84550e146236ceffc25a6cabc12aa51a6ee410b9 Security Headers Name Value Strict-Transport-Security max-age=43200000; includeSubDomains; Request headers Origin https://goo.su sec-ch-ua-platform "Linux" Referer https://goo.su/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36 sec-ch-ua "Chromium";v="147", "Google Chrome";v="147", "Not-A.Brand";v="24" sec-ch-ua-mobile ?0 Response headers x-request-id 5ae5039ff9db09f2 etag "7f0cdaf91230f9789ca4162aedff612e" report-to { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]} expires Wed, 28 Apr 2027 09:11:08 GMT date Tue, 28 Apr 2026 04:06:43 GMT content-type font/woff2 vary Accept-Encoding last-modified Mon, 25 Apr 2022 14:02:39 GMT cache-host cloudcdn-m9-14.cdn.yandex.net strict-transport-security max-age=43200000; includeSubDomains; nel {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01} cache-control public, max-age=31556952 timing-allow-origin * x-nginx-request-id 5873e78dd2faba9c x-amz-meta-owner {"role":"admin","login":"4eb0da"} accept-ranges bytes access-control-allow-origin * content-length 26004 x-strm-log-split 8 cache-status HIT server nginx
GET H2	200	bb38a6ad709567a6.js Show response yastatic.net/partner-code-bundles/1304673/	664 KB 130 KB	169ms 168ms	Script text/javascript	37.9.64.225 YANDEX YANDEX LLC
General Check archive.org Show headers Download Go to Full URL https://yastatic.net/partner-code-bundles/1304673/bb38a6ad709567a6.js Requested by Host: yandex.ru URL: https://yandex.ru/ads/system/context.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 37.9.64.225 , Russian Federation, ASN13238 (YANDEX YANDEX LLC, RU), Reverse DNS cloud.cdn.yandex.net Software nginx / Resource Hash 418b555b2d1617ec0e6d01c85dcec19435e766bf2815b977215b6a588c9055eb Security Headers Name Value Strict-Transport-Security max-age=43200000; includeSubDomains; Request headers Origin https://goo.su sec-ch-ua-platform "Linux" Referer https://goo.su/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36 sec-ch-ua "Chromium";v="147", "Google Chrome";v="147", "Not-A.Brand";v="24" sec-ch-ua-mobile ?0 Response headers x-robots-tag noindex, noarchive, nofollow x-request-id 94fb1f3ac953dafb content-encoding br etag "68a238cb4bdbc5a5265d9a4006939d17" report-to { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]} expires Thu, 27 Apr 2056 10:23:31 GMT date Tue, 28 Apr 2026 04:06:43 GMT content-type text/javascript; charset=utf-8 vary Accept-Encoding last-modified Mon, 20 Apr 2026 15:15:04 GMT cache-host cloudcdn-m9-14.cdn.yandex.net strict-transport-security max-age=43200000; includeSubDomains; nel {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01} timing-allow-origin * cache-control public, max-age=946708560 accept-ranges bytes access-control-allow-origin * content-length 132630 x-strm-log-split 0 cache-status HIT server nginx
GET H2	200	host.js Show response yastatic.net/safeframe-bundles/0.83/	33 KB 9 KB	168ms 167ms	Script text/javascript	37.9.64.225 YANDEX YANDEX LLC
General Check archive.org Show headers Download Go to Full URL https://yastatic.net/safeframe-bundles/0.83/host.js Requested by Host: yandex.ru URL: https://yandex.ru/ads/system/context.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 37.9.64.225 , Russian Federation, ASN13238 (YANDEX YANDEX LLC, RU), Reverse DNS cloud.cdn.yandex.net Software nginx / Resource Hash 34806ef573086241dd1a596a860b0295b51c24f1c37eab36eb9d0665683abb55 Security Headers Name Value Strict-Transport-Security max-age=43200000; includeSubDomains; Request headers Origin https://goo.su sec-ch-ua-platform "Linux" Referer https://goo.su/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36 sec-ch-ua "Chromium";v="147", "Google Chrome";v="147", "Not-A.Brand";v="24" sec-ch-ua-mobile ?0 Response headers x-robots-tag noindex, noarchive, nofollow x-request-id e5af1d9b7e3a9f33 content-encoding br etag "f80882bf67cf261aa08d636da095149a" report-to { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]} expires Thu, 27 Apr 2056 10:27:57 GMT date Tue, 28 Apr 2026 04:06:43 GMT content-type text/javascript; charset=utf-8 vary Accept-Encoding last-modified Wed, 03 Nov 2021 13:42:58 GMT cache-host cloudcdn-m9-14.cdn.yandex.net strict-transport-security max-age=43200000; includeSubDomains; cache-control public, max-age=946708560 nel {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01} timing-allow-origin * accept-ranges bytes access-control-allow-origin * content-length 8878 x-strm-log-split 9 cache-status HIT server nginx
GET H2	200	1a48d3297bc46cf7.js Show response yastatic.net/partner-code-bundles/1304673/	157 KB 32 KB	168ms 168ms	Script text/javascript	37.9.64.225 YANDEX YANDEX LLC
General Check archive.org Show headers Download Go to Full URL https://yastatic.net/partner-code-bundles/1304673/1a48d3297bc46cf7.js Requested by Host: yandex.ru URL: https://yandex.ru/ads/system/context.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 37.9.64.225 , Russian Federation, ASN13238 (YANDEX YANDEX LLC, RU), Reverse DNS cloud.cdn.yandex.net Software nginx / Resource Hash 94859cbca1dc3d3ebd6fc9708445841753a100b0b21ba05d32771a802d867567 Security Headers Name Value Strict-Transport-Security max-age=43200000; includeSubDomains; Request headers Origin https://goo.su sec-ch-ua-platform "Linux" Referer https://goo.su/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36 sec-ch-ua "Chromium";v="147", "Google Chrome";v="147", "Not-A.Brand";v="24" sec-ch-ua-mobile ?0 Response headers x-robots-tag noindex, noarchive, nofollow x-request-id 3c70006922f0f7d6 content-encoding br etag "7e34c2d6c1b988e74c8d829720baf579" report-to { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]} expires Thu, 27 Apr 2056 10:23:33 GMT date Tue, 28 Apr 2026 04:06:43 GMT content-type text/javascript; charset=utf-8 last-modified Mon, 20 Apr 2026 15:15:03 GMT vary Accept-Encoding cache-host cloudcdn-m9-14.cdn.yandex.net strict-transport-security max-age=43200000; includeSubDomains; cache-control public, max-age=946708560 timing-allow-origin * nel {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01} accept-ranges bytes access-control-allow-origin * content-length 32473 x-strm-log-split 9 cache-status HIT server nginx
GET H2	200	buzzoola_ufp.js Show response tube.buzzoola.com//js/lib/	13 KB 5 KB	106ms 106ms	Script application/javascript	151.236.127.225 CDNvideo-AS CDNvi...
General Check archive.org Show headers Download Go to Full URL https://tube.buzzoola.com//js/lib/buzzoola_ufp.js Requested by Host: tube.buzzoola.com URL: https://tube.buzzoola.com/js/lib/buzzoola_ext.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 151.236.127.225 , Germany, ASN57363 (CDNvideo-AS CDNvideo LLC, RU), Reverse DNS Software nginx / Resource Hash c5b7be7ff5a92d4d03ae4b96a3931d1349f726affed96d8b64ecbd1ef7de598f Request headers sec-ch-ua-platform "Linux" Referer https://goo.su/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36 sec-ch-ua "Chromium";v="147", "Google Chrome";v="147", "Not-A.Brand";v="24" sec-ch-ua-mobile ?0 Response headers x-cdn-edge-id 313 x-cdn-edge-cache HIT content-encoding gzip expires Tue, 28 Apr 2026 05:00:00 GMT date Tue, 28 Apr 2026 04:06:43 GMT content-type application/javascript; charset=utf-8 last-modified Wed, 01 Apr 2026 11:49:57 GMT server nginx x-cdn-request-id 01108cf5a52205a9337a9d0b9ada144f
GET H2	200	aidata.fp.latest.js Show response x01.aidata.io/lib/ Frame EAF9	175 KB 60 KB	278ms 113ms	Script application/javascript	89.108.120.76 AS-REGRU "Domain ...
General Check archive.org Show headers Download Go to Full URL https://x01.aidata.io/lib/aidata.fp.latest.js?pixel=0892394 Requested by Host: tube.buzzoola.com URL: https://tube.buzzoola.com/js/lib/buzzoola_ufp.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 89.108.120.76 , Russian Federation, ASN197695 (AS-REGRU "Domain names registrar REG.RU", Ltd, RU), Reverse DNS d51804.reg.regrucolo.ru Software nginx / Resource Hash 4f76dcce5bd3fc82198339c0f85846dbdb654780f2f1926e0c1c67fde4964a3c Request headers sec-ch-ua-platform "Linux" Referer User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36 sec-ch-ua "Chromium";v="147", "Google Chrome";v="147", "Not-A.Brand";v="24" sec-ch-ua-mobile ?0 Response headers content-encoding gzip date Tue, 28 Apr 2026 04:06:43 GMT etag W/"68cc085d-2bdae" content-type application/javascript last-modified Thu, 18 Sep 2025 13:25:49 GMT server nginx
GET H2	200	pixel.js Show response static.a.mts.ru/id/ Frame EAF9	191 KB 60 KB	260ms 157ms	Script application/javascript	185.65.149.228 HLL-AS HLL LLC
General Check archive.org Show headers Download Go to Full URL https://static.a.mts.ru/id/pixel.js Requested by Host: tube.buzzoola.com URL: https://tube.buzzoola.com/js/lib/buzzoola_ufp.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 185.65.149.228 , Russian Federation, ASN51115 (HLL-AS HLL LLC, RU), Reverse DNS Software QRATOR / Resource Hash 44fe23dc86e2b2b8d0af15fa01c984a4d7792db24a41ca7f0cd0e9eb5fc4918b Request headers sec-ch-ua-platform "Linux" Referer User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36 sec-ch-ua "Chromium";v="147", "Google Chrome";v="147", "Not-A.Brand";v="24" sec-ch-ua-mobile ?0 Response headers cache-control max-age=1800 content-encoding gzip etag W/"69e7542d-2fcaa" expires Tue, 28 Apr 2026 04:36:43 GMT access-control-allow-origin * date Tue, 28 Apr 2026 04:06:43 GMT content-type application/javascript; charset=utf-8 vary Accept-Encoding, Origin server QRATOR
GET H3	200	N3h5oe4EMuHKcVlUYfe5pESm5o5JPuIHURm14gpHJKU.js Show response pagead2.googlesyndication.com/bg/ Frame B726	61 KB 23 KB	34ms 34ms	Script text/javascript	192.178.183.156 Google LLC
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/bg/N3h5oe4EMuHKcVlUYfe5pESm5o5JPuIHURm14gpHJKU.js Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/ads?client=ca-pub-2221698569877911&output=html&h=300&slotname=2783776122&adk=3407623964&adf=4065594387&pi=t.ma~as.2783776122&w=500&lmt=1777349202&format=500x300&url=https%3A%2F%2Fgoo.su%2F3oxh2eW&asro=0&aiapmid=0.0001&aiactd=0&aicctd=0&ailctd=0&aimartd=4&aieuf=1&aicrs=1&uach=WyJMaW51eCIsIiIsIng4NiIsIiIsIjE0Ny4wLjc3MjcuMTE2IixudWxsLDAsbnVsbCwiNjQiLFtbIkNocm9taXVtIiwiMTQ3LjAuMC4wIl0sWyJHb29nbGUgQ2hyb21lIiwiMTQ3LjAuMC4wIl0sWyJOb3QtQS5CcmFuZCIsIjI0LjAuMC4wIl1dLDBd&abgtt=6&dt=1777349202200&bpp=1&bdt=335&idt=166&shv=r20260424&mjsv=m202604210101&ptt=9&saldr=aa&abxe=1&eoidce=1&prev_fmts=0x0&nras=1&correlator=7635319313714&frm=20&pv=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=32&adx=550&ady=0&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31098107%2C42532524%2C95386813%2C95389146%2C95386338%2C95387777&oid=2&pvsid=4193465744641746&tmod=351168794&uas=0&nvt=1&fc=1920&brdim=1570%2C1170%2C1570%2C1170%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7CeoE%7C&abl=CS&pfx=0&fu=0&bc=31&bz=1&ifi=2&uci=a!2&fsb=1&dtd=172 Protocol H3 Security QUIC, , AES_128_GCM Server 192.178.183.156 , United States, ASN15169 (GOOGLE - Google LLC, US), Reverse DNS lcfraw-in-f156.1e100.net Software sffe / Resource Hash 377879a1ee0432e1ca71595461f7b9a444a6e68e493ee2075119b5e20a4724a5 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers sec-ch-ua-platform "Linux" Referer https://pagead2.googlesyndication.com/pagead/ads?client=ca-pub-2221698569877911&output=html&h=300&slotname=2783776122&adk=3407623964&adf=4065594387&pi=t.ma~as.2783776122&w=500&lmt=1777349202&format=500x300&url=https%3A%2F%2Fgoo.su%2F3oxh2eW&asro=0&aiapmid=0.0001&aiactd=0&aicctd=0&ailctd=0&aimartd=4&aieuf=1&aicrs=1&uach=WyJMaW51eCIsIiIsIng4NiIsIiIsIjE0Ny4wLjc3MjcuMTE2IixudWxsLDAsbnVsbCwiNjQiLFtbIkNocm9taXVtIiwiMTQ3LjAuMC4wIl0sWyJHb29nbGUgQ2hyb21lIiwiMTQ3LjAuMC4wIl0sWyJOb3QtQS5CcmFuZCIsIjI0LjAuMC4wIl1dLDBd&abgtt=6&dt=1777349202200&bpp=1&bdt=335&idt=166&shv=r20260424&mjsv=m202604210101&ptt=9&saldr=aa&abxe=1&eoidce=1&prev_fmts=0x0&nras=1&correlator=7635319313714&frm=20&pv=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=32&adx=550&ady=0&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31098107%2C42532524%2C95386813%2C95389146%2C95386338%2C95387777&oid=2&pvsid=4193465744641746&tmod=351168794&uas=0&nvt=1&fc=1920&brdim=1570%2C1170%2C1570%2C1170%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7CeoE%7C&abl=CS&pfx=0&fu=0&bc=31&bz=1&ifi=2&uci=a!2&fsb=1&dtd=172 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36 sec-ch-ua "Chromium";v="147", "Google Chrome";v="147", "Not-A.Brand";v="24" sec-ch-ua-mobile ?0 Response headers content-encoding br age 568059 report-to {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]} x-content-type-options nosniff expires Wed, 21 Apr 2027 14:19:04 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 date Tue, 21 Apr 2026 14:19:04 GMT last-modified Mon, 20 Apr 2026 09:48:00 GMT content-type text/javascript vary Accept-Encoding cache-control public, max-age=31536000 cross-origin-opener-policy same-origin; report-to="botguard-scs" cross-origin-resource-policy cross-origin content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs accept-ranges bytes content-length 23750 x-xss-protection 0 server sffe
GET H/1.1	200 OK	rle.cgi Show response ad.adriver.ru/cgi-bin/ Frame F594	383 B 1 KB	216ms 79ms	Document text/html	195.209.109.113 ADRIVER LLC AdRiver
General Check archive.org Show headers Download Go to Full URL https://ad.adriver.ru/cgi-bin/rle.cgi?sid=1&ad=780801&bt=21&pid=3915086&bid=10043329&bn=10043329&rnd=527366301&tuid=1&cfa=1 Requested by Host: content.adriver.ru URL: https://content.adriver.ru/AdRiverFPS.js Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 195.209.109.113 , Russian Federation, ASN52007 (ADRIVER LLC AdRiver, RU), Reverse DNS Software / Resource Hash df5dfe796b14c5a5c46c2eddfc0bf74a48bfc73110cc61afe77706b86a8723b6 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36 sec-ch-ua "Chromium";v="147", "Google Chrome";v="147", "Not-A.Brand";v="24" sec-ch-ua-mobile ?0 sec-ch-ua-platform "Linux" Response headers Cache-control max-age=157680000, Connection keep-alive Content-Length 383 Content-Type text/html ; charset=windows-1251 Date Tue, 28 Apr 2026 04:06:43 GMT ETag "A3hjRX4Zl79uTPSZPKaz2aA" Expires Thu, 01 Jan 1970 00:00:00 GMT P3P policyref="//adriver.ru/w3c/p3p.xml", CP="NON DSP COR CURa ADMa DEVa OUR BUS UNI COM NAV INT STA" Pragma no-cache Referrer-Policy no-referrer-when-downgrade
GET H/1.1	200 OK	json.cgi Show response ad.adriver.ru/cgi-bin/ Frame EAF9	503 B 1 KB	269ms 120ms	Fetch application/json	195.209.109.116 ADRIVER LLC AdRiver
General Check archive.org Show headers Download Go to Full URL https://ad.adriver.ru/cgi-bin/json.cgi?sid=1&ad=719473&bt=55&pid=4425169&bid=12604289&bn=12604289&tuid=1&cfa=1&rnd=959801&loc=https%3A%2F%2Fgoo.su%2F3oxh2eW&custom=127%3D1%3B129%3D2.11.4%3B308%3D1777349203720037607%3B309%3D1312755561.1777349202%3B310%3D0 Requested by Host: content.adriver.ru URL: https://content.adriver.ru/AdRiverFPS.js Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 195.209.109.116 , Russian Federation, ASN52007 (ADRIVER LLC AdRiver, RU), Reverse DNS Software / Resource Hash 4d77ddfc5a6fb63fe3ae07009f311699b7b470b04bc96ede1da3732a9b133505 Request headers sec-ch-ua-platform "Linux" Referer User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36 sec-ch-ua "Chromium";v="147", "Google Chrome";v="147", "Not-A.Brand";v="24" sec-ch-ua-mobile ?0 Response headers Transfer-Encoding chunked Cache-control no-cache, no-cache=Set-Cookie, max-age=0, must-revalidate, proxy-revalidate, no-store Pragma no-cache Connection keep-alive Access-Control-Allow-Credentials true Expires Thu, 01 Jan 1970 00:00:00 GMT Access-Control-Allow-Origin https://goo.su P3P policyref="//adriver.ru/w3c/p3p.xml", CP="NON DSP COR CURa ADMa DEVa OUR BUS UNI COM NAV INT STA" Date Tue, 28 Apr 2026 04:06:43 GMT Content-Type application/json
GET H2	200	aidata.fp.latest.js Show response x01.aidata.io/lib/	175 KB 0	203ms 203ms	Script application/javascript	89.108.120.76 AS-REGRU "Domain ...
General Check archive.org Show headers Download Go to Full URL https://x01.aidata.io/lib/aidata.fp.latest.js?pixel=0892394 Requested by Host: tube.buzzoola.com URL: https://tube.buzzoola.com//js/lib/buzzoola_ufp.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 89.108.120.76 , Russian Federation, ASN197695 (AS-REGRU "Domain names registrar REG.RU", Ltd, RU), Reverse DNS d51804.reg.regrucolo.ru Software nginx / Resource Hash 4f76dcce5bd3fc82198339c0f85846dbdb654780f2f1926e0c1c67fde4964a3c Request headers sec-ch-ua-platform "Linux" Referer https://goo.su/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36 sec-ch-ua "Chromium";v="147", "Google Chrome";v="147", "Not-A.Brand";v="24" sec-ch-ua-mobile ?0 Response headers content-encoding gzip date Tue, 28 Apr 2026 04:06:43 GMT etag W/"68cc085d-2bdae" content-type application/javascript last-modified Thu, 18 Sep 2025 13:25:49 GMT server nginx
GET H2	200	pixel.js Show response static.a.mts.ru/id/	191 KB 0	218ms 218ms	Script application/javascript	185.65.149.228 HLL-AS HLL LLC
General Check archive.org Show headers Download Go to Full URL https://static.a.mts.ru/id/pixel.js Requested by Host: tube.buzzoola.com URL: https://tube.buzzoola.com//js/lib/buzzoola_ufp.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 185.65.149.228 , Russian Federation, ASN51115 (HLL-AS HLL LLC, RU), Reverse DNS Software QRATOR / Resource Hash 44fe23dc86e2b2b8d0af15fa01c984a4d7792db24a41ca7f0cd0e9eb5fc4918b Request headers sec-ch-ua-platform "Linux" Referer https://goo.su/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36 sec-ch-ua "Chromium";v="147", "Google Chrome";v="147", "Not-A.Brand";v="24" sec-ch-ua-mobile ?0 Response headers cache-control max-age=1800 content-encoding gzip etag W/"69e7542d-2fcaa" expires Tue, 28 Apr 2026 04:36:43 GMT access-control-allow-origin * date Tue, 28 Apr 2026 04:06:43 GMT content-type application/javascript; charset=utf-8 vary Accept-Encoding, Origin server QRATOR
GET H2	200	v2 Show response yandex.ru/ads/adfox/332443/getBulk/	4 KB 2 KB	238ms 238ms	XHR application/json	77.88.44.55 YANDEX YANDEX LLC
General Check archive.org Show headers Download Go to Full URL https://yandex.ru/ads/adfox/332443/getBulk/v2?pr=756439938&pr1=3006206133&dl=https%3A%2F%2Fgoo.su%2F3oxh2eW&prr=&extid_loader=MTc3NzM0OTIwMzcyMDAzNzYwNw%3D%3D&extid_tag_loader=goo.su&fa=&date=2026-04-28T06%3A06%3A43.629%2B02%3A00&pd=28&pw=2&pv=6&pdw=1600&pdh=1200&ylv=0.1304673&ybv=0.1304673&ytt=53326313947141&is-turbo=0&skip-token=&ad-session-id=1518711777349203634&layout-config=%7B%22win_width%22%3A1600%2C%22win_height%22%3A1200%2C%22pixel_ratio%22%3A1%2C%22bandwidth%22%3A10%2C%22isInIframe%22%3Afalse%2C%22w%22%3A300%2C%22h%22%3A0%2C%22width%22%3A0%2C%22height%22%3A0%2C%22visible%22%3A1%2C%22fullscreenHeaderHeight%22%3A80%2C%22left%22%3A12%2C%22top%22%3A0%2C%22req_no%22%3A0%2C%22ad_no%22%3A0%7D&pcode-version=1304673&yaru=true&p1=dgtqn&p2=hjxt&slotNumber=1&bids=W3siYmlkZGVyTmFtZSI6ImFsZmFzZW5zZSIsImNhbXBhaWduX2lkIjoxMzY2MDc1LCJyZXNwb25zZV90aW1lIjozMTUsImVycm9yIjp7ImNvZGUiOjR9LCJwbGFjZW1lbnRfaWQiOiI2NjE3NCJ9LHsiYmlkZGVyTmFtZSI6ImJ1enpvb2xhIiwiY2FtcGFpZ25faWQiOjEzOTQxMTksInJlc3BvbnNlX3RpbWUiOjQ2OCwiZXJyb3IiOnsiY29kZSI6MX0sInBsYWNlbWVudF9pZCI6IjEyODk5NTkifSx7ImJpZGRlck5hbWUiOiJnZXRpbnRlbnQiLCJjYW1wYWlnbl9pZCI6MTM2NjA3OCwicmVzcG9uc2VfdGltZSI6NDY4LCJlcnJvciI6eyJjb2RlIjo0fSwicGxhY2VtZW50X2lkIjoiNjZfMzAweDMwMF9hbGZhZGFydCJ9LHsiYmlkZGVyTmFtZSI6ImJpZHZvbCIsImNhbXBhaWduX2lkIjoxNDQ1NzI3LCJyZXNwb25zZV90aW1lIjozMzMsImVycm9yIjp7ImNvZGUiOjF9LCJwbGFjZW1lbnRfaWQiOiI1MTY4OSJ9LHsiYmlkZGVyTmFtZSI6Im90bSIsImNhbXBhaWduX2lkIjoxNTM2MTQzLCJyZXNwb25zZV90aW1lIjo0NzAsImVycm9yIjp7ImNvZGUiOjF9LCJwbGFjZW1lbnRfaWQiOiI5ODMyOCJ9LHsiYmlkZGVyTmFtZSI6ImJldHdlZW5kaWdpdGFsIiwiY2FtcGFpZ25faWQiOjEzNjYwNzQsInJlc3BvbnNlX3RpbWUiOjIwMiwiZXJyb3IiOnsiY29kZSI6MX0sInBsYWNlbWVudF9pZCI6IjQ4MzU1MjIifSx7ImJpZGRlck5hbWUiOiJhc3RyYWxhYiIsImNhbXBhaWduX2lkIjoyMzQyOTYzLCJyZXNwb25zZV90aW1lIjozMzMsImVycm9yIjp7ImNvZGUiOjF9LCJwbGFjZW1lbnRfaWQiOiI2N2RhZDkyNTRlNjk2NWZhN2IzMTM5MWUifSx7ImJpZGRlck5hbWUiOiJyb3hvdCIsImNhbXBhaWduX2lkIjozMDA2MDQ4LCJyZXNwb25zZV90aW1lIjoxODEsImVycm9yIjp7ImNvZGUiOjF9LCJwbGFjZW1lbnRfaWQiOiI1NTM5MjYwMC1kNDFmLTQ3M2ItOWEwOC0xYmEzMGUzNTY3MTgifSx7ImJpZGRlck5hbWUiOiJvdGNsaWNrIiwiY2FtcGFpZ25faWQiOjMxNDcyMTcsInJlc3BvbnNlX3RpbWUiOjI4MywiZXJyb3IiOnsiY29kZSI6MX0sInBsYWNlbWVudF9pZCI6IjEwNjI0In0seyJiaWRkZXJOYW1lIjoic2FwZSIsImNhbXBhaWduX2lkIjoxNjcyNjk5LCJyZXNwb25zZV90aW1lIjoyOTksImVycm9yIjp7ImNvZGUiOjF9LCJwbGFjZW1lbnRfaWQiOiI5MzUyODMifSx7ImJpZGRlck5hbWUiOiJzb2x0YSIsImNhbXBhaWduX2lkIjoyNDY4MjYxLCJyZXNwb25zZV90aW1lIjoxMjIsImVycm9yIjp7ImNvZGUiOjF9LCJwbGFjZW1lbnRfaWQiOiI0OS1OdDFUcyJ9LHsiYmlkZGVyTmFtZSI6InVtZyIsImNhbXBhaWduX2lkIjozMTM2NjgwLCJyZXNwb25zZV90aW1lIjo0NzUsImVycm9yIjp7ImNvZGUiOjF9LCJwbGFjZW1lbnRfaWQiOiIxMzE1OCJ9LHsiYmlkZGVyTmFtZSI6Im15dGFyZ2V0IiwiY2FtcGFpZ25faWQiOjEzNjYwNzIsInJlc3BvbnNlX3RpbWUiOjQ3NSwiZXJyb3IiOnsiY29kZSI6MX0sInBsYWNlbWVudF9pZCI6IjE3OTc0NTcifSx7ImJpZGRlck5hbWUiOiJtZWRpYXNuaXBlciIsImNhbXBhaWduX2lkIjoyMzAyNzg3LCJyZXNwb25zZV90aW1lIjoyNTEsImVycm9yIjp7ImNvZGUiOjF9LCJwbGFjZW1lbnRfaWQiOiIyNzcyMCJ9LHsiYmlkZGVyTmFtZSI6ImFkcml2ZXIiLCJjYW1wYWlnbl9pZCI6MTM2NjA3NiwicmVzcG9uc2VfdGltZSI6MjgxLCJlcnJvciI6eyJjb2RlIjo0fSwicGxhY2VtZW50X2lkIjoiNTc6Z29vLnN1XzMwMHgzMDBfZGVzayJ9LHsiYmlkZGVyTmFtZSI6Imh5YnJpZCIsImNhbXBhaWduX2lkIjoxODc5NzYzLCJyZXNwb25zZV90aW1lIjoyNTEsImVycm9yIjp7ImNvZGUiOjF9LCJwbGFjZW1lbnRfaWQiOiI2N2RiZDI4ZTdiYzcyZmViZDhhOGQ5YjUifSx7ImJpZGRlck5hbWUiOiJkaWdpdGFsY2FyYW1lbCIsImNhbXBhaWduX2lkIjozNDMzMjU2LCJyZXNwb25zZV90aW1lIjoyOTEsImVycm9yIjp7ImNvZGUiOjF9LCJwbGFjZW1lbnRfaWQiOiJkNWdjb2IzZGkwZnM3M2NmYzVwMCNkNWdlZHByZGkwZnM3M2NmYzVxZyJ9XQ%3D%3D&utf8=%E2%9C%93&duid=MTc3NzM0OTIwMzcyMDAzNzYwNw%3D%3D&pcode-test-ids=1387854%2C0%2C47%3B1522421%2C0%2C46%3B1520060%2C0%2C76%3B1519496%2C0%2C45%3B1543685%2C0%2C4%3B1471934%2C0%2C10%3B1534006%2C0%2C32%3B1538640%2C0%2C70%3B1549206%2C0%2C23%3B1513559%2C0%2C29%3B1543959%2C0%2C7%3B1545953%2C0%2C64%3B1524838%2C0%2C42%3B1485711%2C0%2C7%3B1534167%2C0%2C30%3B1536912%2C0%2C19%3B1513550%2C0%2C71%3B1546248%2C0%2C22&csrf-token=c00f0b1c4e2637719e10ff57989427bf766577af%3A1777349202&pcode-uid=9156421321777349202&pcode-flags-map=eJyFllGP4yYUhf9LnkcrwGAbvxFznaAh4AXsmbSqrrLbTNU2nV3NpFVXq%2FnvleM0rT1S8mTJgo%2FLOede%2B%2Ftiq2Ibk1pa6CEsqh%2B%2FL%2F7aHf7cL6oF%2FVCy8gPNZJkt7hbH%2FevR%2FDy8FoLKnC7efrpb9CriuBl7CNF4NyVkhOZlPtmd8YKL8rLb%2BhXW3iVwCXUXVDLeYQuhBpemrCmFFSRnJ4o28VSAhpiC3yI8JghOWawDqGR6QKWxixCwtj4CQj9H7%2F%2F%2BOoFzLlkhFm93N5awyy0C1MrWnVUJMMDHDmLCDaS119j4gA9BtS0E7IK9frAggosT9WPApVX1PVoTE9bWDAIZHaeaEMmyUnJRlWVRMEZJlRFJckZyUVEiOM%2BlKKuMylwWuciqjHBKWEaySkrKCRFFRSkhlLKCVBktKSd5MSyjjJCS0YoSTjgXklUZoxnj5SwLvKCEjVlQWqPZqBXgSlkLYYvGoYMu%2BMEas3LXr15SSfi%2FIONWODyGNCiLrQpqAwlCPMmpTUzBLLs0z9t7aC5led3IYcl4LrhTjtoAS6NRd0ZfhQtSSjma1UXAONjuklEWrVd6CN1Qa7w3LSZ%2FD9crFTTLSnLJUzPcF4fQOI290eAxWp8wedR%2Bc52UcZqVl7KSCitIGKAZpbPY1l7DbURxBdGreBuQnwArcBCUxZiCSrDa4oNJa%2FStqk3aTiBPu8Ph0%2B7z7%2Fjl%2BfBtiuOUUnnCNeYRH4zT%2FgGd9%2B0Av14JF8V5TlhQuvFhE7FX1uihVdu1dzek4KLg49En3W5MO14SPpuVjHDy%2F3jFFEBtzqY%2BwNJHRmiJfTZhfT4e5ooSkl8scefBlpKq1xjXSvuHG%2FvL%2FFxHjC1ulLEYunMVjbHppo6Snc%2FXsR1T3fpo3rXgYf90xOPL7vn16%2B5l%2F3ycp1yIs5oqRBiziMY1Ho1L%2Fjwuau8as8KeT8jH3csv%2BxmPZ3LCi%2Btg3D0OKYnmB8Dou1DfcvjC8D0Eq7aoWoTHdhrO13kspMhGOVOAVK9xA9qo6x4wXp47c63a1jiIEWMXetiiqeej7I8vv%2F06m1SioOOobTprYx0AHMYYcA1KQ8CVvhUhmo9dDTGCqwE3fmksYHOrm3NJ2dR73zQRpl%2FRp08oyHu7yX%2FN8%2B4HIyM8L2Y%2FFzxnfBDp7R9m63TL&pcode-icookie=kJekFapqa9%2Fc6iorqqcr7LX12DRYNRYQC7xhUmTg%2BuYN%2BcR91pw7ZCXjrQaiTLRk9JpILoRWwr56%2BENgv0jJMpSG9GI%3D&disable-base64=1&top-ancestor=https%3A%2F%2Fgoo.su&top-ancestor-undetermined=0&tga-with-creatives=1&banner-lang=en&grab-orig-len=392&grab=eyJncmFiX3ZlcnNpb24iOjJ9CjKrPpE83_MC6tQYTkutcNM44ogm6O-P7cl92M-iDAjcMqV2WqxakmqJ_guTITww6Y0fLsqNv5rlNmniybA7D7c25KbQf1Noj7SZlVtOhC-xOgevlg1TUzjfxWhT_myIwz9D97LRcuH5TiKTVR2pXwgV9HLs1c5ql1SDmaFPzaL6yl3sGHsFZ06htPafw08vFwY7Ra0FAQ2yIUjtNTHTGQoG20loosVGU2MSQk9znAOWqro8mQ5o6yaJbGfkZNbAhlC1ls2nyk8kE59SzJ1zVWAcMOs9i_jD30Oa-9m1X_193IVKQXhx_Ze1MX8w3Ced-Q3rITxKQQM1brSyB1gcBri1yGMaTKO-rampG9CgtYIDe8H_ Requested by Host: yandex.ru URL: https://yandex.ru/ads/system/context.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 77.88.44.55 , Russian Federation, ASN13238 (YANDEX YANDEX LLC, RU), Reverse DNS yandex.ru Software / Resource Hash 3d79b791b497fe389ad45cacbe53cbdddb49b76681b302162e6990fbaf6208c5 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers sec-ch-ua-platform "Linux" Referer https://goo.su/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36 sec-ch-ua "Chromium";v="147", "Google Chrome";v="147", "Not-A.Brand";v="24" Content-Type application/x-www-form-urlencoded sec-ch-ua-mobile ?0 Response headers x-yandex-req-id 1777349203721932-1075462870177151213-balancer-l7leveler-kubr-yp-klg-45-BAL content-encoding gzip report-to { "group": "network-errors", "max_age": 100, "endpoints": [{"url": "https://dr.yandex.net/nel", "priority": 1}, {"url": "https://dr2.yandex.net/nel", "priority": 2}]} x-content-type-options nosniff x-ads-queuetime 0.170000 expires Mon, 04 Dec 1999 21:29:02 GMT p3p policyref=/w3c/w3c.p3p, CP=NON CUR ADM DEV PSA PSD OUR IND UNI NAV INT STA x-ads-loadaverageonarrival 0.285714 content-type application/json nel {"report_to": "network-errors", "max_age": 100, "success_fraction": 0.001, "failure_fraction": 0.1} cache-control no-store, no-cache, must-revalidate, max-age=0 timing-allow-origin * accept-ch Sec-CH-UA-Platform-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Platform, Sec-CH-UA-Full-Version, Sec-CH-Viewport-Width, Viewport-Width, DPR, Device-Memory, RTT, Downlink, ECT, Width, Sec-Ch-Viewport-Height pragma no-cache access-control-allow-credentials true x-yt-request-id 77080af8-ff824208-b9bbd01a-7c769ec3 x-ads-degradation 0.000000 x-adfox-request-id 17908364134831861585 x-ads-loadaverage 0.428571 access-control-allow-origin https://goo.su x-yt-trace-id 0-1-0-0 x-xss-protection 1; mode=block
POST H2	200	1 mc.yandex.com/watch/99705705/	43 B 212 B	80ms 80ms	Ping image/gif	87.250.251.119 YANDEX YANDEX LLC
General Check archive.org Show headers Download Go to Full URL https://mc.yandex.com/watch/99705705/1?page-url=https%3A%2F%2Fgoo.su%2F3oxh2eW&charset=utf-8&uah=chu%0A%22Chromium%22%3Bv%3D%22147%22%2C%22Google%20Chrome%22%3Bv%3D%22147%22%2C%22Not-A.Brand%22%3Bv%3D%2224%22%0Acha%0Ax86%0Achb%0A64%0Achf%0A147.0.7727.116%0Achl%0A%22Chromium%22%3Bv%3D%22147.0.0.0%22%2C%22Google%20Chrome%22%3Bv%3D%22147.0.0.0%22%2C%22Not-A.Brand%22%3Bv%3D%2224.0.0.0%22%0Achm%0A%3F0%0Achp%0ALinux&hidv2=2223506167110041810&hittoken=1777349202_b861df2d8a0fb238364322612c5fb4ef53b89af26f019ff95bf0b9cb4e425bae&browser-info=pa%3A1%3Aar%3A1%3Avf%3A6glgxny3ywmlt088t0nklbpybmq57%3Afu%3A0%3Aen%3Autf-8%3Ala%3Ade-DE%3Av%3A2482%3Acn%3A1%3Adp%3A1%3Als%3A101383496476%3Ahid%3A270962768%3Az%3A120%3Ai%3A20260428060643%3Aet%3A1777349204%3Ac%3A1%3Arn%3A507100669%3Arqn%3A2%3Au%3A1777349203720037607%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Aco%3A0%3Acpf%3A1%3Aeu%3A1%3Ans%3A1777349201480%3Agi%3AR0ExLjEuMTMxMjc1NTU2MS4xNzc3MzQ5MjAy%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1777349204&t=gdpr(14)mc(ci-1)clc(0-0-0)rqnt(2)aw(1)rcm(1)cdl(na)eco(42009092)prs(2)wss(1)w2s(6)evs(OTk3MDU3MDU6MDo3LDk5NzA1NzA1OjA6OCw5OTcwNTcwNTowOjk%3D)evt(759)ti(0)&force-urlencoded=1&site-info=%7B%22__ym%22%3A%7B%22adSessionID%22%3A%221518711777349203634%22%7D%7D Requested by Host: mc.yandex.ru URL: https://mc.yandex.ru/metrika/tag.js Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 87.250.251.119 , Russian Federation, ASN13238 (YANDEX YANDEX LLC, RU), Reverse DNS mc.yandex.ru Software / Resource Hash 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Xss-Protection 1; mode=block Request headers sec-ch-ua-platform "Linux" Referer https://goo.su/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36 sec-ch-ua "Chromium";v="147", "Google Chrome";v="147", "Not-A.Brand";v="24" sec-ch-ua-mobile ?0 Response headers strict-transport-security max-age=31536000 cache-control private, no-cache, no-store, must-revalidate, max-age=0 pragma no-cache accept-ch Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA access-control-allow-credentials true expires Tue, 28-Apr-2026 04:06:43 GMT access-control-allow-origin https://goo.su content-length 43 x-xss-protection 1; mode=block last-modified Tue, 28-Apr-2026 04:06:43 GMT content-type image/gif
GET H2	200	88477929 Show response mc.yandex.com/watch/	686 B 1 KB	112ms 112ms	Fetch application/json	87.250.251.119 YANDEX YANDEX LLC
General Check archive.org Show headers Download Go to Full URL https://mc.yandex.com/watch/88477929?wmode=7&page-url=https%3A%2F%2Fgoo.su%2F3oxh2eW&charset=utf-8&uah=chu%0A%22Chromium%22%3Bv%3D%22147%22%2C%22Google%20Chrome%22%3Bv%3D%22147%22%2C%22Not-A.Brand%22%3Bv%3D%2224%22%0Acha%0Ax86%0Achb%0A64%0Achf%0A147.0.7727.116%0Achl%0A%22Chromium%22%3Bv%3D%22147.0.0.0%22%2C%22Google%20Chrome%22%3Bv%3D%22147.0.0.0%22%2C%22Not-A.Brand%22%3Bv%3D%2224.0.0.0%22%0Achm%0A%3F0%0Achp%0ALinux&browser-info=pv%3A1%3Avf%3A6glgxny3ywmlt088t0nklbpybmq57%3Afu%3A0%3Aen%3Autf-8%3Ala%3Ade-DE%3Av%3A2482%3Acn%3A2%3Adp%3A1%3Als%3A51968028059%3Ahid%3A270962768%3Az%3A120%3Ai%3A20260428060643%3Aet%3A1777349204%3Ac%3A1%3Arn%3A564991161%3Arqn%3A1%3Au%3A1777349203720037607%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Afp%3A580%3Awv%3A2%3Ads%3A6%2C153%2C213%2C2%2C0%2C0%2C%2C199%2C1%2C%2C%2C%2C600%3Aco%3A0%3Acpf%3A1%3Aeu%3A1%3Ans%3A1777349201480%3Agi%3AR0ExLjEuMTMxMjc1NTU2MS4xNzc3MzQ5MjAy%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1777349204%3At%3ANot%20Found&t=clt(498)gdpr(14)mc(ci-1-p-1)clc(0-0-0)rqnt(1)aw(1)rcm(1)cdl(na)eco(42009088)prs(2)wss(2)w2s(6)evs(OTk3MDU3MDU6MDo3LDk5NzA1NzA1OjA6OCw5OTcwNTcwNTowOjk%3D)ti(1) Requested by Host: mc.yandex.ru URL: https://mc.yandex.ru/metrika/tag.js Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 87.250.251.119 , Russian Federation, ASN13238 (YANDEX YANDEX LLC, RU), Reverse DNS mc.yandex.ru Software / Resource Hash 86c1cbe1ba78c771b98aa1e5dd082211b00e5ca42b40a417258b319abbf98eab Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers sec-ch-ua-platform "Linux" Referer https://goo.su/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36 sec-ch-ua "Chromium";v="147", "Google Chrome";v="147", "Not-A.Brand";v="24" sec-ch-ua-mobile ?0 Response headers strict-transport-security max-age=31536000 cache-control private, no-cache, no-store, must-revalidate, max-age=0 accept-ch Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA pragma no-cache access-control-allow-credentials true x-content-type-options nosniff expires Tue, 28-Apr-2026 04:06:43 GMT access-control-allow-origin https://goo.su content-length 686 x-xss-protection 1; mode=block last-modified Tue, 28-Apr-2026 04:06:43 GMT content-type application/json; charset=utf-8
GET H/1.1	204 No Content	rle.cgi ev.adriver.ru/cgi-bin/ Frame EAF9	0 210 B	259ms 117ms	Image text/plain	195.209.109.133 ADRIVER LLC AdRiver
General Check archive.org Show headers Download Go to Show image Full URL https://ev.adriver.ru/cgi-bin/rle.cgi?sid=1&ad=774375&bt=21&cid=Ay89xMYgZRFL7L07q5paeGg&custom=180=1&pass=Ay89xMYgZRFL7L07q5paeGg Requested by Host: goo.su URL: https://goo.su/3oxh2eW Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 195.209.109.133 , Russian Federation, ASN52007 (ADRIVER LLC AdRiver, RU), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers sec-ch-ua-platform "Linux" Referer User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36 sec-ch-ua "Chromium";v="147", "Google Chrome";v="147", "Not-A.Brand";v="24" sec-ch-ua-mobile ?0 Response headers Expires Thu, 01 Jan 1970 00:00:00 GMT Cache-control no-cache, max-age=0, must-revalidate, no-store Date Tue, 28 Apr 2026 04:06:43 GMT Pragma no-cache; Connection keep-alive
GET H/1.1	204 No Content	rle.cgi ev.adriver.ru/cgi-bin/ Frame EAF9	0 210 B	249ms 117ms	Image text/plain	195.209.109.133 ADRIVER LLC AdRiver
General Check archive.org Show headers Download Go to Show image Full URL https://ev.adriver.ru/cgi-bin/rle.cgi?sid=1&ad=790715&bt=21&cid=Ay89xMYgZRFL7L07q5paeGg&custom=180=1&pass=if4tqolyjvmwowssizgdotbqg5ytk4dbmvdwo--- Requested by Host: goo.su URL: https://goo.su/3oxh2eW Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 195.209.109.133 , Russian Federation, ASN52007 (ADRIVER LLC AdRiver, RU), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers sec-ch-ua-platform "Linux" Referer User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36 sec-ch-ua "Chromium";v="147", "Google Chrome";v="147", "Not-A.Brand";v="24" sec-ch-ua-mobile ?0 Response headers Expires Thu, 01 Jan 1970 00:00:00 GMT Cache-control no-cache, max-age=0, must-revalidate, no-store Date Tue, 28 Apr 2026 04:06:43 GMT Pragma no-cache; Connection keep-alive
GET H/1.1	204 No Content	ut Show response kimberlite.io/rtb/	0 365 B	66ms 66ms	XHR text/plain	37.0.127.91 NETRACK-AS Start2...
General Check archive.org Show headers Download Go to Full URL https://kimberlite.io/rtb/ut?v=1&u=GA1.1.1312755561.1777349202%2C%2C1777349203720037607%2C%2C%2C%2C6cc3b1f88e6a05decde61b9856471275%2C Requested by Host: kimberlite.io URL: https://kimberlite.io/rtb/ujs?ymss=digitalcaramel Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 37.0.127.91 Moscow, Russian Federation, ASN61400 (NETRACK-AS Start2 LLC, RU), Reverse DNS Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers sec-ch-ua-platform "Linux" Referer https://goo.su/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36 sec-ch-ua "Chromium";v="147", "Google Chrome";v="147", "Not-A.Brand";v="24" sec-ch-ua-mobile ?0 Response headers cache-control no-cache access-control-allow-origin https://goo.su server-timing app;srv=s26;dur=0.0002 Date Tue, 28 Apr 2026 04:06:43 GMT Server nginx Connection keep-alive access-control-allow-credentials true
GET H2	200	108234959 Show response mc.yandex.com/watch/	699 B 987 B	123ms 123ms	Fetch application/json	87.250.251.119 YANDEX YANDEX LLC
General Check archive.org Show headers Download Go to Full URL https://mc.yandex.com/watch/108234959?wmode=7&page-url=https%3A%2F%2Fgoo.su%2F3oxh2eW&charset=utf-8&site-info=%7B%22ip%22%3A%22205.147.28.36%22%2C%22p1%22%3A%2249%22%2C%22sessionId%22%3A%22afAyUit7ycM%22%7D&uah=chu%0A%22Chromium%22%3Bv%3D%22147%22%2C%22Google%20Chrome%22%3Bv%3D%22147%22%2C%22Not-A.Brand%22%3Bv%3D%2224%22%0Acha%0Ax86%0Achb%0A64%0Achf%0A147.0.7727.116%0Achl%0A%22Chromium%22%3Bv%3D%22147.0.0.0%22%2C%22Google%20Chrome%22%3Bv%3D%22147.0.0.0%22%2C%22Not-A.Brand%22%3Bv%3D%2224.0.0.0%22%0Achm%0A%3F0%0Achp%0ALinux&browser-info=pv%3A1%3Avf%3A6glgxny3ywmlt088t0nklbpybmq57%3Afu%3A0%3Aen%3Autf-8%3Ala%3Ade-DE%3Av%3A2482%3Acn%3A3%3Adp%3A1%3Als%3A262922528688%3Ahid%3A270962768%3Az%3A120%3Ai%3A20260428060643%3Aet%3A1777349204%3Ac%3A1%3Arn%3A470565330%3Arqn%3A1%3Au%3A1777349203720037607%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Afp%3A580%3Awv%3A2%3Ads%3A6%2C153%2C213%2C2%2C0%2C0%2C%2C199%2C1%2C%2C%2C%2C600%3Aco%3A0%3Acpf%3A1%3Aeu%3A1%3Ans%3A1777349201480%3Agi%3AR0ExLjEuMTMxMjc1NTU2MS4xNzc3MzQ5MjAy%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1777349204%3At%3ANot%20Found&t=clt(543)gdpr(14)mc(ci-1-p-2)clc(0-0-0)rqnt(1)aw(1)rcm(1)cdl(na)eco(42017284)prs(2)wss(2)w2s(0)evs(OTk3MDU3MDU6MDo3LDk5NzA1NzA1OjA6OCw5OTcwNTcwNTowOjk%3D)ti(1) Requested by Host: kimberlite.io URL: https://kimberlite.io/rtb/ujs?ymss=digitalcaramel Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 87.250.251.119 , Russian Federation, ASN13238 (YANDEX YANDEX LLC, RU), Reverse DNS mc.yandex.ru Software / Resource Hash a2620a98cd3d2ececd367eb6b7303291beb31a6cb35f240f40182d88e756e00a Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers sec-ch-ua-platform "Linux" Referer https://goo.su/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36 sec-ch-ua "Chromium";v="147", "Google Chrome";v="147", "Not-A.Brand";v="24" sec-ch-ua-mobile ?0 Response headers strict-transport-security max-age=31536000 cache-control private, no-cache, no-store, must-revalidate, max-age=0 accept-ch Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA pragma no-cache access-control-allow-credentials true x-content-type-options nosniff expires Tue, 28-Apr-2026 04:06:43 GMT access-control-allow-origin https://goo.su content-length 699 x-xss-protection 1; mode=block last-modified Tue, 28-Apr-2026 04:06:43 GMT content-type application/json; charset=utf-8
GET H2	404	dynamic.js cdn.skcrtxr.com/wrapper-builder/19e08d82-9ec3-4dda-b15f-01ab2c95e167/	0 0	115ms 115ms	Script text/plain	188.72.103.3 YACLOUDCDN Yandex...
General Check archive.org Show headers Download Go to Full URL https://cdn.skcrtxr.com/wrapper-builder/19e08d82-9ec3-4dda-b15f-01ab2c95e167/dynamic.js?host=goo.su&v=d-1777288171__s-2562a02c-845e-41cf-a305-4881e0c442fb Requested by Host: cdn-c.skcrtxr.com URL: https://cdn-c.skcrtxr.com/wrapper/js/common-engine.js?v=s-2562a02c-845e-41cf-a305-4881e0c442fb Protocol H2 Security TLS 1.3, , AES_256_GCM Server 188.72.103.3 Dubai, United Arab Emirates, ASN215013 (YACLOUDCDN Yandex.Cloud LLC, RU), Reverse DNS Software nginx / Resource Hash Request headers sec-ch-ua-platform "Linux" Referer https://goo.su/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36 sec-ch-ua "Chromium";v="147", "Google Chrome";v="147", "Not-A.Brand";v="24" sec-ch-ua-mobile ?0 Response headers x-request-id 052bed355d0062a3 access-control-allow-private-network true cache-control max-age=600 access-control-allow-credentials true content-length 0 date Tue, 28 Apr 2026 04:06:43 GMT cache-status MISS x-service-id worker server nginx cache-host yccdn-ruvoz02kvant-1.yccdn.cloud.yandex.net
GET H2	200	match Show response 4441113851777349203842.cm.a.mts.ru/cm/ Frame EAF9 Redirect Chain https://cm.a.mts.ru/cm/tech?flowId=0ad8d3f8-90df-189f-8191-0983a062000a https://4441113851777349203842.cm.a.mts.ru/cm/match?flowId=0ad8d3f8-90df-189f-8191-0983a062000a	33 B 601 B	251ms 94ms	Fetch application/json	185.65.149.228 HLL-AS HLL LLC
General Check archive.org Show headers Download Go to Full URL https://4441113851777349203842.cm.a.mts.ru/cm/match?flowId=0ad8d3f8-90df-189f-8191-0983a062000a Requested by Host: goo.su URL: https://goo.su/3oxh2eW Protocol H2 Server 185.65.149.228 , Russian Federation, ASN51115 (HLL-AS HLL LLC, RU), Reverse DNS Software QRATOR / Resource Hash 740e17fbeda8d1ad5a8f36255d747ade8317715bc84ba447f4c89aac1ec9230e Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36 Referer Response headers strict-transport-security max-age=31536000; includeSubDomains access-control-max-age 3600 content-encoding gzip access-control-allow-credentials true access-control-allow-methods GET,POST,OPTIONS expires Thu, 01 Jan 1970 00:00:00 GMT access-control-allow-origin null date Tue, 28 Apr 2026 04:06:44 GMT content-type application/json vary Accept-Encoding, Origin, Access-Control-Request-Method, Access-Control-Request-Headers server QRATOR access-control-allow-headers Origin, X-Requested-With, Content-Type, Accept, X-Forwarded-For Redirect headers strict-transport-security max-age=31536000; includeSubDomains access-control-max-age 3600 location https://4441113851777349203842.cm.a.mts.ru/cm/match?flowId=0ad8d3f8-90df-189f-8191-0983a062000a access-control-allow-credentials true access-control-allow-methods GET,POST,OPTIONS expires Thu, 01 Jan 1970 00:00:00 GMT access-control-allow-origin https://goo.su content-length 0 date Tue, 28 Apr 2026 04:06:43 GMT vary Origin, Access-Control-Request-Method, Access-Control-Request-Headers server QRATOR access-control-allow-headers Origin, X-Requested-With, Content-Type, Accept, X-Forwarded-For
POST H2	200	1 mc.yandex.com/watch/88477929/	43 B 503 B	105ms 105ms	Ping image/gif	87.250.251.119 YANDEX YANDEX LLC
General Check archive.org Show headers Download Go to Full URL https://mc.yandex.com/watch/88477929/1?page-url=https%3A%2F%2Fgoo.su%2F3oxh2eW&charset=utf-8&uah=chu%0A%22Chromium%22%3Bv%3D%22147%22%2C%22Google%20Chrome%22%3Bv%3D%22147%22%2C%22Not-A.Brand%22%3Bv%3D%2224%22%0Acha%0Ax86%0Achb%0A64%0Achf%0A147.0.7727.116%0Achl%0A%22Chromium%22%3Bv%3D%22147.0.0.0%22%2C%22Google%20Chrome%22%3Bv%3D%22147.0.0.0%22%2C%22Not-A.Brand%22%3Bv%3D%2224.0.0.0%22%0Achm%0A%3F0%0Achp%0ALinux&hidv2=2223506387328827576&hittoken=1777349203_72eb1f020989bcb9eec93cbdba2782ca71cf23b7fe6dbb3e3f25e017b4f441e7&browser-info=pa%3A1%3Aar%3A1%3Avf%3A6glgxny3ywmlt088t0nklbpybmq57%3Afu%3A0%3Aen%3Autf-8%3Ala%3Ade-DE%3Av%3A2482%3Acn%3A2%3Adp%3A1%3Als%3A51968028059%3Ahid%3A270962768%3Az%3A120%3Ai%3A20260428060643%3Aet%3A1777349204%3Ac%3A1%3Arn%3A465499092%3Arqn%3A2%3Au%3A1777349203720037607%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Aco%3A0%3Acpf%3A1%3Aeu%3A1%3Ans%3A1777349201480%3Agi%3AR0ExLjEuMTMxMjc1NTU2MS4xNzc3MzQ5MjAy%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1777349204&t=gdpr(14)mc(ci-1-p-3)clc(0-0-0)rqnt(2)aw(1)rcm(1)cdl(na)eco(42009088)prs(2)wss(2)w2s(0)evs(OTk3MDU3MDU6MDo3LDk5NzA1NzA1OjA6OCw5OTcwNTcwNTowOjk%3D)ti(0)&force-urlencoded=1&site-info=%7B%22__ym%22%3A%7B%22adSessionID%22%3A%221518711777349203634%22%7D%7D Requested by Host: mc.yandex.ru URL: https://mc.yandex.ru/metrika/tag.js Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 87.250.251.119 , Russian Federation, ASN13238 (YANDEX YANDEX LLC, RU), Reverse DNS mc.yandex.ru Software / Resource Hash 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Xss-Protection 1; mode=block Request headers sec-ch-ua-platform "Linux" Referer https://goo.su/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36 sec-ch-ua "Chromium";v="147", "Google Chrome";v="147", "Not-A.Brand";v="24" sec-ch-ua-mobile ?0 Response headers strict-transport-security max-age=31536000 cache-control private, no-cache, no-store, must-revalidate, max-age=0 accept-ch Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA pragma no-cache access-control-allow-credentials true expires Tue, 28-Apr-2026 04:06:43 GMT access-control-allow-origin https://goo.su content-length 43 x-xss-protection 1; mode=block content-type image/gif last-modified Tue, 28-Apr-2026 04:06:43 GMT
GET H2	200	match Show response 6962438361777349203841.cm.a.mts.ru/cm/ Redirect Chain https://cm.a.mts.ru/cm/tech?flowId=0ad8d3f8-90df-189f-8191-0983a062000a https://6962438361777349203841.cm.a.mts.ru/cm/match?flowId=0ad8d3f8-90df-189f-8191-0983a062000a	33 B 601 B	303ms 94ms	Fetch application/json	185.65.149.228 HLL-AS HLL LLC
General Check archive.org Show headers Download Go to Full URL https://6962438361777349203841.cm.a.mts.ru/cm/match?flowId=0ad8d3f8-90df-189f-8191-0983a062000a Requested by Host: goo.su URL: https://goo.su/3oxh2eW Protocol H2 Server 185.65.149.228 , Russian Federation, ASN51115 (HLL-AS HLL LLC, RU), Reverse DNS Software QRATOR / Resource Hash cddda7c7669395176d85e566fbf15845598fd57510fb1f88620f1d73e93d1ffd Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36 Referer https://goo.su/ Response headers strict-transport-security max-age=31536000; includeSubDomains access-control-max-age 3600 content-encoding gzip access-control-allow-credentials true access-control-allow-methods GET,POST,OPTIONS expires Thu, 01 Jan 1970 00:00:00 GMT access-control-allow-origin null date Tue, 28 Apr 2026 04:06:44 GMT content-type application/json vary Accept-Encoding, Origin, Access-Control-Request-Method, Access-Control-Request-Headers server QRATOR access-control-allow-headers Origin, X-Requested-With, Content-Type, Accept, X-Forwarded-For Redirect headers strict-transport-security max-age=31536000; includeSubDomains access-control-max-age 3600 location https://6962438361777349203841.cm.a.mts.ru/cm/match?flowId=0ad8d3f8-90df-189f-8191-0983a062000a access-control-allow-credentials true access-control-allow-methods GET,POST,OPTIONS expires Thu, 01 Jan 1970 00:00:00 GMT access-control-allow-origin https://goo.su content-length 0 date Tue, 28 Apr 2026 04:06:43 GMT vary Origin, Access-Control-Request-Method, Access-Control-Request-Headers server QRATOR access-control-allow-headers Origin, X-Requested-With, Content-Type, Accept, X-Forwarded-For
GET		be5ff447-f74a-466f-b303-042576aa7aee https://goo.su/	0 0
GET H2	200	3d69e6bd19cd79da.js Show response yastatic.net/partner-code-bundles/1304673/	13 KB 4 KB	64ms 64ms	Script text/javascript	37.9.64.225 YANDEX YANDEX LLC
General Check archive.org Show headers Download Go to Full URL https://yastatic.net/partner-code-bundles/1304673/3d69e6bd19cd79da.js Requested by Host: yandex.ru URL: https://yandex.ru/ads/system/context.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 37.9.64.225 , Russian Federation, ASN13238 (YANDEX YANDEX LLC, RU), Reverse DNS cloud.cdn.yandex.net Software nginx / Resource Hash 0433f06488e3ddf20f22974c3e1006f8e3aaf03fd39c95bcc401a4f52fab5dd4 Security Headers Name Value Strict-Transport-Security max-age=43200000; includeSubDomains; Request headers Origin https://goo.su sec-ch-ua-platform "Linux" Referer https://goo.su/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36 sec-ch-ua "Chromium";v="147", "Google Chrome";v="147", "Not-A.Brand";v="24" sec-ch-ua-mobile ?0 Response headers x-robots-tag noindex, noarchive, nofollow x-request-id 9ca1b985f113753f content-encoding br etag "4a1fae9183a9455bfaa7005f83f495d4" report-to { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]} expires Thu, 27 Apr 2056 09:55:57 GMT date Tue, 28 Apr 2026 04:06:43 GMT content-type text/javascript; charset=utf-8 vary Accept-Encoding last-modified Mon, 20 Apr 2026 15:15:03 GMT cache-host cloudcdn-m9-14.cdn.yandex.net strict-transport-security max-age=43200000; includeSubDomains; nel {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01} timing-allow-origin * cache-control public, max-age=946708560 accept-ranges bytes access-control-allow-origin * content-length 3444 x-strm-log-split 4 cache-status HIT server nginx
GET H2	200	v2 Show response yandex.ru/ads/adfox/332443/getBulk/ Frame 4195	4 KB 2 KB	213ms 212ms	XHR application/json	77.88.44.55 YANDEX YANDEX LLC
General Check archive.org Show headers Download Go to Full URL https://yandex.ru/ads/adfox/332443/getBulk/v2?pr=756439938&pr1=3373124&dl=https%3A%2F%2Fgoo.su%2F3oxh2eW&prr=&extid_loader=MTc3NzM0OTIwMzcyMDAzNzYwNw%3D%3D&extid_tag_loader=goo.su&fa=&date=2026-04-28T06%3A06%3A43.885%2B02%3A00&pd=28&pw=2&pv=6&pdw=1600&pdh=1200&ylv=0.1304673&ybv=0.1304673&ytt=53326313947141&is-turbo=0&skip-token=&ad-session-id=1518711777349203634&layout-config=%7B%22win_width%22%3A1600%2C%22win_height%22%3A1200%2C%22pixel_ratio%22%3A1%2C%22bandwidth%22%3A10%2C%22isInIframe%22%3Afalse%2C%22w%22%3A300%2C%22h%22%3A0%2C%22width%22%3A0%2C%22height%22%3A0%2C%22visible%22%3A0%2C%22fullscreenHeaderHeight%22%3A80%2C%22left%22%3A3688%2C%22top%22%3A0%2C%22req_no%22%3A1%2C%22ad_no%22%3A1%7D&pcode-version=1304673&yaru=true&p1=dgtqp&p2=hjxt&slotNumber=2&bids=W3siYmlkZGVyTmFtZSI6ImFsZmFzZW5zZSIsImNhbXBhaWduX2lkIjoxMzY2MDc1LCJyZXNwb25zZV90aW1lIjozMTUsImVycm9yIjp7ImNvZGUiOjR9LCJwbGFjZW1lbnRfaWQiOiI2NjE3NiJ9LHsiYmlkZGVyTmFtZSI6ImJ1enpvb2xhIiwiY2FtcGFpZ25faWQiOjEzOTQxMTksInJlc3BvbnNlX3RpbWUiOjQ2OCwiZXJyb3IiOnsiY29kZSI6MX0sInBsYWNlbWVudF9pZCI6IjEyODk5NjAifSx7ImJpZGRlck5hbWUiOiJnZXRpbnRlbnQiLCJjYW1wYWlnbl9pZCI6MTM2NjA3OCwicmVzcG9uc2VfdGltZSI6NDY4LCJlcnJvciI6eyJjb2RlIjo0fSwicGxhY2VtZW50X2lkIjoiNjZfMzAweDMwMF9hbGZhZGFydCJ9LHsiYmlkZGVyTmFtZSI6ImJpZHZvbCIsImNhbXBhaWduX2lkIjoxNDQ1NzI3LCJyZXNwb25zZV90aW1lIjozMzMsImVycm9yIjp7ImNvZGUiOjF9LCJwbGFjZW1lbnRfaWQiOiI1MTY5MCJ9LHsiYmlkZGVyTmFtZSI6Im90bSIsImNhbXBhaWduX2lkIjoxNTM2MTQzLCJyZXNwb25zZV90aW1lIjo0NzAsImVycm9yIjp7ImNvZGUiOjF9LCJwbGFjZW1lbnRfaWQiOiI5ODMyOSJ9LHsiYmlkZGVyTmFtZSI6ImJldHdlZW5kaWdpdGFsIiwiY2FtcGFpZ25faWQiOjEzNjYwNzQsInJlc3BvbnNlX3RpbWUiOjIwMiwiZXJyb3IiOnsiY29kZSI6MX0sInBsYWNlbWVudF9pZCI6IjQ4MzU1MjMifSx7ImJpZGRlck5hbWUiOiJhc3RyYWxhYiIsImNhbXBhaWduX2lkIjoyMzQyOTYzLCJyZXNwb25zZV90aW1lIjozMzMsImVycm9yIjp7ImNvZGUiOjF9LCJwbGFjZW1lbnRfaWQiOiI2N2RhZDkyNjRlNjk2NWZhN2IzMTM5MzcifSx7ImJpZGRlck5hbWUiOiJyb3hvdCIsImNhbXBhaWduX2lkIjozMDA2MDQ4LCJyZXNwb25zZV90aW1lIjoxODEsImVycm9yIjp7ImNvZGUiOjF9LCJwbGFjZW1lbnRfaWQiOiJmNWYyZmI4NS1jZjdjLTRkNzUtOGM1Ny1kMTE0YjFhYThjNzMifSx7ImJpZGRlck5hbWUiOiJvdGNsaWNrIiwiY2FtcGFpZ25faWQiOjMxNDcyMTcsInJlc3BvbnNlX3RpbWUiOjI4MywiZXJyb3IiOnsiY29kZSI6MX0sInBsYWNlbWVudF9pZCI6IjEwNjI1In0seyJiaWRkZXJOYW1lIjoic2FwZSIsImNhbXBhaWduX2lkIjoxNjcyNjk5LCJyZXNwb25zZV90aW1lIjoyOTksImVycm9yIjp7ImNvZGUiOjF9LCJwbGFjZW1lbnRfaWQiOiI5MzUyODQifSx7ImJpZGRlck5hbWUiOiJzb2x0YSIsImNhbXBhaWduX2lkIjoyNDY4MjYxLCJyZXNwb25zZV90aW1lIjoxMjIsImVycm9yIjp7ImNvZGUiOjF9LCJwbGFjZW1lbnRfaWQiOiI0OS1LejlPYiJ9LHsiYmlkZGVyTmFtZSI6InVtZyIsImNhbXBhaWduX2lkIjozMTM2NjgwLCJyZXNwb25zZV90aW1lIjo0NzUsImVycm9yIjp7ImNvZGUiOjF9LCJwbGFjZW1lbnRfaWQiOiIxMzE1OSJ9LHsiYmlkZGVyTmFtZSI6Im15dGFyZ2V0IiwiY2FtcGFpZ25faWQiOjEzNjYwNzIsInJlc3BvbnNlX3RpbWUiOjQ3NSwiZXJyb3IiOnsiY29kZSI6MX0sInBsYWNlbWVudF9pZCI6IjE3OTc0NTkifSx7ImJpZGRlck5hbWUiOiJtZWRpYXNuaXBlciIsImNhbXBhaWduX2lkIjoyMzAyNzg3LCJyZXNwb25zZV90aW1lIjoyNTEsImVycm9yIjp7ImNvZGUiOjF9LCJwbGFjZW1lbnRfaWQiOiIyNzcyMSJ9LHsiYmlkZGVyTmFtZSI6ImFkcml2ZXIiLCJjYW1wYWlnbl9pZCI6MTM2NjA3NiwicmVzcG9uc2VfdGltZSI6MjgxLCJlcnJvciI6eyJjb2RlIjo0fSwicGxhY2VtZW50X2lkIjoiNTc6Z29vLnN1XzMwMHgzMDBfZGVza18yIn0seyJiaWRkZXJOYW1lIjoiaHlicmlkIiwiY2FtcGFpZ25faWQiOjE4Nzk3NjMsInJlc3BvbnNlX3RpbWUiOjI1MSwiZXJyb3IiOnsiY29kZSI6MX0sInBsYWNlbWVudF9pZCI6IjY3ZGJkMzI0N2JjNzJmZWJkOGE4ZDliYiJ9LHsiYmlkZGVyTmFtZSI6ImRpZ2l0YWxjYXJhbWVsIiwiY2FtcGFpZ25faWQiOjM0MzMyNTYsInJlc3BvbnNlX3RpbWUiOjI5MSwiZXJyb3IiOnsiY29kZSI6MX0sInBsYWNlbWVudF9pZCI6ImQ1Z2NvYjNkaTBmczczY2ZjNXAwI2Q1Z2VlNHJkaTBmczczY2ZjNXIwIn1d&utf8=%E2%9C%93&duid=MTc3NzM0OTIwMzcyMDAzNzYwNw%3D%3D&pcode-test-ids=1387854%2C0%2C47%3B1522421%2C0%2C46%3B1520060%2C0%2C76%3B1519496%2C0%2C45%3B1543685%2C0%2C4%3B1471934%2C0%2C10%3B1534006%2C0%2C32%3B1538640%2C0%2C70%3B1549206%2C0%2C23%3B1513559%2C0%2C29%3B1543959%2C0%2C7%3B1545953%2C0%2C64%3B1524838%2C0%2C42%3B1485711%2C0%2C7%3B1534167%2C0%2C30%3B1536912%2C0%2C19%3B1513550%2C0%2C71%3B1546248%2C0%2C22&csrf-token=c00f0b1c4e2637719e10ff57989427bf766577af%3A1777349202&pcode-uid=9156421321777349202&pcode-flags-map=eJyFllGP4yYUhf9LnkcrwGAbvxFznaAh4AXsmbSqrrLbTNU2nV3NpFVXq%2FnvleM0rT1S8mTJgo%2FLOede%2B%2Ftiq2Ibk1pa6CEsqh%2B%2FL%2F7aHf7cL6oF%2FVCy8gPNZJkt7hbH%2FevR%2FDy8FoLKnC7efrpb9CriuBl7CNF4NyVkhOZlPtmd8YKL8rLb%2BhXW3iVwCXUXVDLeYQuhBpemrCmFFSRnJ4o28VSAhpiC3yI8JghOWawDqGR6QKWxixCwtj4CQj9H7%2F%2F%2BOoFzLlkhFm93N5awyy0C1MrWnVUJMMDHDmLCDaS119j4gA9BtS0E7IK9frAggosT9WPApVX1PVoTE9bWDAIZHaeaEMmyUnJRlWVRMEZJlRFJckZyUVEiOM%2BlKKuMylwWuciqjHBKWEaySkrKCRFFRSkhlLKCVBktKSd5MSyjjJCS0YoSTjgXklUZoxnj5SwLvKCEjVlQWqPZqBXgSlkLYYvGoYMu%2BMEas3LXr15SSfi%2FIONWODyGNCiLrQpqAwlCPMmpTUzBLLs0z9t7aC5led3IYcl4LrhTjtoAS6NRd0ZfhQtSSjma1UXAONjuklEWrVd6CN1Qa7w3LSZ%2FD9crFTTLSnLJUzPcF4fQOI290eAxWp8wedR%2Bc52UcZqVl7KSCitIGKAZpbPY1l7DbURxBdGreBuQnwArcBCUxZiCSrDa4oNJa%2FStqk3aTiBPu8Ph0%2B7z7%2Fjl%2BfBtiuOUUnnCNeYRH4zT%2FgGd9%2B0Av14JF8V5TlhQuvFhE7FX1uihVdu1dzek4KLg49En3W5MO14SPpuVjHDy%2F3jFFEBtzqY%2BwNJHRmiJfTZhfT4e5ooSkl8scefBlpKq1xjXSvuHG%2FvL%2FFxHjC1ulLEYunMVjbHppo6Snc%2FXsR1T3fpo3rXgYf90xOPL7vn16%2B5l%2F3ycp1yIs5oqRBiziMY1Ho1L%2Fjwuau8as8KeT8jH3csv%2BxmPZ3LCi%2Btg3D0OKYnmB8Dou1DfcvjC8D0Eq7aoWoTHdhrO13kspMhGOVOAVK9xA9qo6x4wXp47c63a1jiIEWMXetiiqeej7I8vv%2F06m1SioOOobTprYx0AHMYYcA1KQ8CVvhUhmo9dDTGCqwE3fmksYHOrm3NJ2dR73zQRpl%2FRp08oyHu7yX%2FN8%2B4HIyM8L2Y%2FFzxnfBDp7R9m63TL&pcode-icookie=kJekFapqa9%2Fc6iorqqcr7LX12DRYNRYQC7xhUmTg%2BuYN%2BcR91pw7ZCXjrQaiTLRk9JpILoRWwr56%2BENgv0jJMpSG9GI%3D&disable-base64=1&top-ancestor=https%3A%2F%2Fgoo.su&top-ancestor-undetermined=0&tga-with-creatives=1&banner-lang=en&grab-orig-len=392&grab=eyJncmFiX3ZlcnNpb24iOjJ9CjKrPpE83_MC6tQYTkutcNM44ogm6O-P7cl92M-iDAjcMqV2WqxakmqJ_guTITww6Y0fLsqNv5rlNmniybA7D7c25KbQf1Noj7SZlVtOhC-xOgevlg1TUzjfxWhT_myIwz9D97LRcuH5TiKTVR2pXwgV9HLs1c5ql1SDmaFPzaL6yl3sGHsFZ06htPafw08vFwY7Ra0FAQ2yIUjtNTHTGQoG20loosVGU2MSQk9znAOWqro8mQ5o6yaJbGfkZNbAhlC1ls2nyk8kE59SzJ1zVWAcMOs9i_jD30Oa-9m1X_193IVKQXhx_Ze1MX8w3Ced-Q3rITxKQQM1brSyB1gcBri1yGMaTKO-rampG9CgtYIDe8H_ Requested by Host: yandex.ru URL: https://yandex.ru/ads/system/context.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 77.88.44.55 , Russian Federation, ASN13238 (YANDEX YANDEX LLC, RU), Reverse DNS yandex.ru Software / Resource Hash a37f1c7760681fe2f7d55e3aa9c4b51107afb207aa388ae318e259417e99ab2e Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers sec-ch-ua-platform "Linux" Referer https://goo.su/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36 sec-ch-ua "Chromium";v="147", "Google Chrome";v="147", "Not-A.Brand";v="24" Content-Type application/x-www-form-urlencoded sec-ch-ua-mobile ?0 Response headers x-yandex-req-id 1777349203977076-3763142599638714161-balancer-l7leveler-kubr-yp-klg-45-BAL content-encoding gzip report-to { "group": "network-errors", "max_age": 100, "endpoints": [{"url": "https://dr.yandex.net/nel", "priority": 1}, {"url": "https://dr2.yandex.net/nel", "priority": 2}]} x-ads-queuetime 0.203000 x-content-type-options nosniff expires Mon, 04 Dec 1999 21:29:02 GMT p3p policyref=/w3c/w3c.p3p, CP=NON CUR ADM DEV PSA PSD OUR IND UNI NAV INT STA x-ads-loadaverageonarrival 0.714286 content-type application/json nel {"report_to": "network-errors", "max_age": 100, "success_fraction": 0.001, "failure_fraction": 0.1} cache-control no-store, no-cache, must-revalidate, max-age=0 timing-allow-origin * pragma no-cache accept-ch Sec-CH-UA-Platform-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Platform, Sec-CH-UA-Full-Version, Sec-CH-Viewport-Width, Viewport-Width, DPR, Device-Memory, RTT, Downlink, ECT, Width, Sec-Ch-Viewport-Height access-control-allow-credentials true x-yt-request-id 93731aa3-2003033a-31dff29c-c10cf8a7 x-ads-degradation 0.000000 x-adfox-request-id 3712992187946161626 x-ads-loadaverage 0.357143 access-control-allow-origin https://goo.su x-yt-trace-id 0-1-0-0 x-xss-protection 1; mode=block
GET		d9c76a91-7e48-42aa-9a24-8c68c8114556 https://goo.su/ Frame EAF9	0 0
GET H2	200	108234959 Show response mc.yandex.com/ytm-config/	183 B 255 B	77ms 76ms	Fetch application/json	87.250.251.119 YANDEX YANDEX LLC
General Check archive.org Show headers Download Go to Full URL https://mc.yandex.com/ytm-config/108234959?wmode=7 Requested by Host: kimberlite.io URL: https://kimberlite.io/rtb/ujs?ymss=digitalcaramel Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 87.250.251.119 , Russian Federation, ASN13238 (YANDEX YANDEX LLC, RU), Reverse DNS mc.yandex.ru Software / Resource Hash 16f0e8760f94da4117d7f6558c05f9c681ee66a4b007468d53e2924f869f0108 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers sec-ch-ua-platform "Linux" Referer https://goo.su/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36 sec-ch-ua "Chromium";v="147", "Google Chrome";v="147", "Not-A.Brand";v="24" sec-ch-ua-mobile ?0 Response headers strict-transport-security max-age=31536000 access-control-allow-origin https://goo.su cache-control private, max-age=3600 content-length 183 content-type application/json vary Origin access-control-allow-credentials true
POST H2	200	1 mc.yandex.com/watch/108234959/	43 B 145 B	138ms 138ms	Ping image/gif	87.250.251.119 YANDEX YANDEX LLC
General Check archive.org Show headers Download Go to Full URL https://mc.yandex.com/watch/108234959/1?page-url=https%3A%2F%2Fgoo.su%2F3oxh2eW&charset=utf-8&uah=chu%0A%22Chromium%22%3Bv%3D%22147%22%2C%22Google%20Chrome%22%3Bv%3D%22147%22%2C%22Not-A.Brand%22%3Bv%3D%2224%22%0Acha%0Ax86%0Achb%0A64%0Achf%0A147.0.7727.116%0Achl%0A%22Chromium%22%3Bv%3D%22147.0.0.0%22%2C%22Google%20Chrome%22%3Bv%3D%22147.0.0.0%22%2C%22Not-A.Brand%22%3Bv%3D%2224.0.0.0%22%0Achm%0A%3F0%0Achp%0ALinux&hidv2=2223506401766670546&hittoken=1777349203_058ec7ba0063340f7958a334a0550b2afe68aebe57c8dcfba7d2ba930aba3abc&browser-info=pa%3A1%3Aar%3A1%3Avf%3A6glgxny3ywmlt088t0nklbpybmq57%3Afu%3A0%3Aen%3Autf-8%3Ala%3Ade-DE%3Av%3A2482%3Acn%3A3%3Adp%3A1%3Als%3A262922528688%3Ahid%3A270962768%3Az%3A120%3Ai%3A20260428060643%3Aet%3A1777349204%3Ac%3A1%3Arn%3A732316978%3Arqn%3A2%3Au%3A1777349203720037607%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Aco%3A0%3Acpf%3A1%3Aeu%3A1%3Ans%3A1777349201480%3Agi%3AR0ExLjEuMTMxMjc1NTU2MS4xNzc3MzQ5MjAy%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1777349204&t=gdpr(14)mc(ci-1-p-3)clc(0-0-0)rqnt(2)aw(1)rcm(1)cdl(na)eco(42017284)prs(2)wss(2)w2s(0)evs(OTk3MDU3MDU6MDo3LDk5NzA1NzA1OjA6OCw5OTcwNTcwNTowOjksODg0Nzc5Mjk6MDo3)ti(0)&force-urlencoded=1&site-info=%7B%22__ym%22%3A%7B%22adSessionID%22%3A%221518711777349203634%22%7D%7D Requested by Host: mc.yandex.ru URL: https://mc.yandex.ru/metrika/tag.js Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 87.250.251.119 , Russian Federation, ASN13238 (YANDEX YANDEX LLC, RU), Reverse DNS mc.yandex.ru Software / Resource Hash 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Xss-Protection 1; mode=block Request headers sec-ch-ua-platform "Linux" Referer https://goo.su/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36 sec-ch-ua "Chromium";v="147", "Google Chrome";v="147", "Not-A.Brand";v="24" sec-ch-ua-mobile ?0 Response headers strict-transport-security max-age=31536000 cache-control private, no-cache, no-store, must-revalidate, max-age=0 pragma no-cache accept-ch Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA access-control-allow-credentials true expires Tue, 28-Apr-2026 04:06:44 GMT access-control-allow-origin https://goo.su content-length 43 x-xss-protection 1; mode=block content-type image/gif last-modified Tue, 28-Apr-2026 04:06:44 GMT
POST H2	201	vis-id Show response api.a.mts.ru/api/ia/v1/ids/	44 B 2 KB	93ms 92ms	Fetch application/json	185.65.149.228 HLL-AS HLL LLC
General Check archive.org Show headers Download Go to Full URL https://api.a.mts.ru/api/ia/v1/ids/vis-id?flowId=0ad8d3f8-90df-189f-8191-0983a062000a Requested by Host: kimberlite.io URL: https://kimberlite.io/rtb/ujs?ymss=digitalcaramel Protocol H2 Security TLS 1.3, , AES_128_GCM Server 185.65.149.228 , Russian Federation, ASN51115 (HLL-AS HLL LLC, RU), Reverse DNS Software QRATOR / Resource Hash 82a95426e2bb29867748062a010407c4c0afe511c099e61e7166cbf12279be32 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers sec-ch-ua-platform "Linux" Referer https://goo.su/ Idempotency-Key 992b7af2-fe98-4a82-b6a3-2b405517f6e4 sec-ch-ua "Chromium";v="147", "Google Chrome";v="147", "Not-A.Brand";v="24" sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36 Accept application/json Content-Type application/json Response headers strict-transport-security max-age=31536000; includeSubDomains x-ma-id-api 0uDQ2ewbsy9L7QtbTiZSvF3F/Xn/YURRs5jmD1jIQEGssywvr3ZC7NInygq2KrnuiBjAAz6t4j3IHII4cNeA3DXVRFIqwOTINopq9RxS6rcNsQgrY2++LDPqZ/L/5C+jL/VxoOzm51FURi2Od8sMK0Nv1RwbLGoXGP3uCEdPT8nka44Bnttj7T1YsXa6p1os5VHhQe8UD2+QzlUu5kIzytA9PSWg5Zf6Xvueb+hRdfEbg8PQAFBpQPuDDYubn5tcp0xG81miwH/UKvrg9dlEqSn49kKbDFkIq+vw7CE4wdcZi8jBtI+kJM7/HRuF4HU2M2CZFmdtGeKuc8dtd1tYJA== access-control-max-age 3600 access-control-expose-headers X-MA-ID-API accept-ch Sec-CH-UA, Sec-CH-UA-Platform, Sec-CH-UA-Mobile, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-WoW64, Sec-CH-UA-Model, Sec-CH-UA-Form-Factors, Sec-CH-Lang, Sec-CH-Save-Data, Sec-CH-Width, Sec-CH-Viewport-Width, Viewport-Width, Sec-CH-Viewport-Height, Sec-CH-DPR, DPR, Sec-CH-Device-Memory, Device-Memory, RTT, Downlink, ECT, Sec-CH-Prefers-Color-Scheme, Sec-CH-Prefers-Reduced-Motion, Sec-CH-Prefers-Reduced-Transparency, Sec-CH-Prefers-Contrast, Sec-CH-Forced-Colors access-control-allow-credentials true access-control-allow-methods GET,POST,OPTIONS accept-ch-lifetime 8035200 access-control-allow-origin https://goo.su content-length 44 date Tue, 28 Apr 2026 04:06:44 GMT content-type application/json vary Origin server QRATOR access-control-allow-headers Origin, X-Requested-With, Content-Type, Accept, X-Forwarded-For, Idempotency-Key
OPTIONS H2	200	vis-id api.a.mts.ru/api/ia/v1/ids/ Frame	0 0	189ms 92ms	Preflight	185.65.149.228 HLL-AS HLL LLC
General Check archive.org Show headers Download Go to Full URL https://api.a.mts.ru/api/ia/v1/ids/vis-id?flowId=0ad8d3f8-90df-189f-8191-0983a062000a Protocol H2 Security TLS 1.3, , AES_128_GCM Server 185.65.149.228 , Russian Federation, ASN51115 (HLL-AS HLL LLC, RU), Reverse DNS Software QRATOR / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers Accept */* Access-Control-Request-Headers content-type,idempotency-key Access-Control-Request-Method POST Origin https://goo.su Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36 Response headers accept-ch Sec-CH-UA, Sec-CH-UA-Platform, Sec-CH-UA-Mobile, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-WoW64, Sec-CH-UA-Model, Sec-CH-UA-Form-Factors, Sec-CH-Lang, Sec-CH-Save-Data, Sec-CH-Width, Sec-CH-Viewport-Width, Viewport-Width, Sec-CH-Viewport-Height, Sec-CH-DPR, DPR, Sec-CH-Device-Memory, Device-Memory, RTT, Downlink, ECT, Sec-CH-Prefers-Color-Scheme, Sec-CH-Prefers-Reduced-Motion, Sec-CH-Prefers-Reduced-Transparency, Sec-CH-Prefers-Contrast, Sec-CH-Forced-Colors accept-ch-lifetime 8035200 access-control-allow-credentials true access-control-allow-headers Origin, X-Requested-With, Content-Type, Accept, X-Forwarded-For, Idempotency-Key access-control-allow-methods GET,POST,OPTIONS access-control-allow-origin https://goo.su access-control-expose-headers X-MA-ID-API access-control-max-age 3600 allow GET, HEAD, POST, PUT, DELETE, TRACE, OPTIONS, PATCH content-length 0 date Tue, 28 Apr 2026 04:06:44 GMT server QRATOR strict-transport-security max-age=31536000; includeSubDomains vary Origin Access-Control-Request-Method Access-Control-Request-Headers
GET H2	200	cr.js Show response cdn1.moe.video/p/	397 KB 112 KB	221ms 46ms	Script application/x-javascript	5.101.37.37 EdgeAmLLC "EDGEAM...
General Check archive.org Show headers Download Go to Full URL https://cdn1.moe.video/p/cr.js Requested by Host: goo.su URL: https://goo.su/3oxh2eW Protocol H2 Security TLS 1.3, , AES_256_GCM Server 5.101.37.37 Yerevan, Armenia, ASN201589 (EdgeAmLLC "EDGEAM" LLC, AM), Reverse DNS Software nginx / Resource Hash 033fd31e01d7a7a9ade2681250bef443a4af97aae815b4c7568b554b2f87c22d Request headers sec-ch-ua-platform "Linux" Referer https://goo.su/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36 sec-ch-ua "Chromium";v="147", "Google Chrome";v="147", "Not-A.Brand";v="24" sec-ch-ua-mobile ?0 Response headers x-cached-since 2026-04-28T03:54:38+00:00 cache HIT cache-control max-age=1800 content-encoding gzip expires Tue, 28 Apr 2026 04:36:44 GMT date Tue, 28 Apr 2026 04:06:44 GMT content-type application/x-javascript vary Accept-Encoding, Accept-Encoding server nginx last-modified Tuesday, 28-Apr-2026 03:54:38 GMT x-node am4-up-gc95
OPTIONS H2	200	vis-id api.a.mts.ru/api/ia/v1/ids/ Frame	0 0	258ms 183ms	Preflight	185.65.149.228 HLL-AS HLL LLC
General Check archive.org Show headers Download Go to Full URL https://api.a.mts.ru/api/ia/v1/ids/vis-id?flowId=0ad8d3f8-90df-189f-8191-0983a062000a Protocol H2 Security TLS 1.3, , AES_128_GCM Server 185.65.149.228 , Russian Federation, ASN51115 (HLL-AS HLL LLC, RU), Reverse DNS Software QRATOR / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers Accept */* Access-Control-Request-Headers content-type,idempotency-key Access-Control-Request-Method POST Origin https://goo.su Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36 Response headers accept-ch Sec-CH-UA, Sec-CH-UA-Platform, Sec-CH-UA-Mobile, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-WoW64, Sec-CH-UA-Model, Sec-CH-UA-Form-Factors, Sec-CH-Lang, Sec-CH-Save-Data, Sec-CH-Width, Sec-CH-Viewport-Width, Viewport-Width, Sec-CH-Viewport-Height, Sec-CH-DPR, DPR, Sec-CH-Device-Memory, Device-Memory, RTT, Downlink, ECT, Sec-CH-Prefers-Color-Scheme, Sec-CH-Prefers-Reduced-Motion, Sec-CH-Prefers-Reduced-Transparency, Sec-CH-Prefers-Contrast, Sec-CH-Forced-Colors accept-ch-lifetime 8035200 access-control-allow-credentials true access-control-allow-headers Origin, X-Requested-With, Content-Type, Accept, X-Forwarded-For, Idempotency-Key access-control-allow-methods GET,POST,OPTIONS access-control-allow-origin https://goo.su access-control-expose-headers X-MA-ID-API access-control-max-age 3600 allow GET, HEAD, POST, PUT, DELETE, TRACE, OPTIONS, PATCH content-length 0 date Tue, 28 Apr 2026 04:06:44 GMT server QRATOR strict-transport-security max-age=31536000; includeSubDomains vary Origin Access-Control-Request-Method Access-Control-Request-Headers
POST H2	201	vis-id Show response api.a.mts.ru/api/ia/v1/ids/ Frame EAF9	44 B 2 KB	94ms 93ms	Fetch application/json	185.65.149.228 HLL-AS HLL LLC
General Check archive.org Show headers Download Go to Full URL https://api.a.mts.ru/api/ia/v1/ids/vis-id?flowId=0ad8d3f8-90df-189f-8191-0983a062000a Requested by Host: static.a.mts.ru URL: https://static.a.mts.ru/id/pixel.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 185.65.149.228 , Russian Federation, ASN51115 (HLL-AS HLL LLC, RU), Reverse DNS Software QRATOR / Resource Hash e7113ef566ba9caf3915bcd701f65f581922e4742ce37c1ce026a5a8825dd563 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers sec-ch-ua-platform "Linux" Referer Idempotency-Key d5ce8b3e-97ac-44ec-b2c9-6ad0d95f6020 sec-ch-ua "Chromium";v="147", "Google Chrome";v="147", "Not-A.Brand";v="24" sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36 Accept application/json Content-Type application/json Response headers strict-transport-security max-age=31536000; includeSubDomains x-ma-id-api BK8zDZXjFAbcAjtPq8LqdYyFZy76dMOHBHCPXlVAr1rgcdMGw79K8nvJh2zdoseVrsnCOkXNXfR+w/3KGMJuSBMt62MEWjJyNC4Zv+LbQYbEo3z+/jE9KsX3GS7G2nyhC40RHjW9Rg1gJc2ZPeECIltaJMe+15VZkMpcy7e2CIR+w5CWJoqSoIw5Mcu0nWYCvtwOfql9kzaMD1/RxDl2ogJdN1/kAwuB9nyvlsupMD4s35d4au0HkoarT0eGD1RWsBsZDA+Z6OIVhAnBB8UiQBMukHnM4AazJj9Q/9Hq1bULBhCRzgN9GSE69fsjPSBkmv9gEfsTVyeANi/mU3rKdA== access-control-max-age 3600 access-control-expose-headers X-MA-ID-API accept-ch Sec-CH-UA, Sec-CH-UA-Platform, Sec-CH-UA-Mobile, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-WoW64, Sec-CH-UA-Model, Sec-CH-UA-Form-Factors, Sec-CH-Lang, Sec-CH-Save-Data, Sec-CH-Width, Sec-CH-Viewport-Width, Viewport-Width, Sec-CH-Viewport-Height, Sec-CH-DPR, DPR, Sec-CH-Device-Memory, Device-Memory, RTT, Downlink, ECT, Sec-CH-Prefers-Color-Scheme, Sec-CH-Prefers-Reduced-Motion, Sec-CH-Prefers-Reduced-Transparency, Sec-CH-Prefers-Contrast, Sec-CH-Forced-Colors access-control-allow-credentials true access-control-allow-methods GET,POST,OPTIONS accept-ch-lifetime 8035200 access-control-allow-origin https://goo.su content-length 44 date Tue, 28 Apr 2026 04:06:44 GMT content-type application/json vary Origin server QRATOR access-control-allow-headers Origin, X-Requested-With, Content-Type, Accept, X-Forwarded-For, Idempotency-Key
POST H/1.1	200 OK	/ privacy-cs.mail.ru/fp/	0 0	158ms 156ms	Fetch application/octet-stream	90.156.232.15 VK-AS LLC VK
General Check archive.org Show headers Download Go to Full URL https://privacy-cs.mail.ru/fp/?id=hkK1Zz1KlJSlNUrlagPIT Requested by Host: kimberlite.io URL: https://kimberlite.io/rtb/ujs?ymss=digitalcaramel Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 90.156.232.15 , Russian Federation, ASN47764 (VK-AS LLC VK, RU), Reverse DNS Software envoy-lb7-prod / Resource Hash Request headers sec-ch-ua-platform "Linux" Referer https://goo.su/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36 sec-ch-ua "Chromium";v="147", "Google Chrome";v="147", "Not-A.Brand";v="24" Content-Type application/json sec-ch-ua-mobile ?0 Response headers transfer-encoding chunked cache-control max-age=7200 timing-allow-origin * x-envoy-upstream-service-time 6 access-control-allow-credentials true expires Tue, 28 Apr 2026 06:06:45 GMT access-control-allow-origin https://goo.su p3p policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSAo PSDo OUR BUS UNI NAV STA INT" date Tue, 28 Apr 2026 04:06:45 GMT content-type application/octet-stream server envoy-lb7-prod
OPTIONS H/1.1	200 OK	/ privacy-cs.mail.ru/fp/ Frame	0 0	1282ms 147ms	Preflight application/octet-stream	90.156.232.15 VK-AS LLC VK
General Check archive.org Show headers Download Go to Full URL https://privacy-cs.mail.ru/fp/?id=hkK1Zz1KlJSlNUrlagPIT Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 90.156.232.15 , Russian Federation, ASN47764 (VK-AS LLC VK, RU), Reverse DNS Software envoy-lb7-prod / Resource Hash Request headers Accept */* Access-Control-Request-Headers content-type Access-Control-Request-Method POST Origin https://goo.su Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36 Response headers access-control-allow-credentials true access-control-allow-headers content-type access-control-allow-method POST access-control-allow-origin https://goo.su access-control-max-age 1728000 cache-control max-age=7200 content-length 0 content-type application/octet-stream date Tue, 28 Apr 2026 04:06:45 GMT expires Tue, 28 Apr 2026 06:06:45 GMT server envoy-lb7-prod x-envoy-upstream-service-time 1
GET H2	200	platform.js Show response x01.aidata.io/ Frame EAF9	37 B 562 B	270ms 116ms	Fetch application/javascript	89.108.120.76 AS-REGRU "Domain ...
General Check archive.org Show headers Download Go to Full URL https://x01.aidata.io/platform.js?pixel=0892394&v=1777349204041&url=about%3Ablank&is_js_referrer=1&origin_referrer=https%3A%2F%2Fgoo.su%2F3oxh2eW&add_headers=1&data=%7B%22v%22%3A%222.1.2%22%2C%22ios%22%3A%22000%22%2C%22dur%22%3A113%2C%22data%22%3A%5B%22YB%2F9%2Bpz%2FkEAAAAAAAKpiQAAAAAAAqmJAAAAAAACqYkAAAAAAgABiQAAAAAAAlGBAAAAAAACwIkAAAAAAAMhiQABAhUzIAl9A%22%2C%22AQAAAAEAAAABAAAAAAAAAAEAAAAAAAAAAAAAACAAAAAYAAAAIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAQAYAALAEAAAAAAAAAAAAAAAAAAAAAAAA%22%2C%22C5%2Fj8WVD1QDashxuw95wXAAAAADBwbNjFKkxieJR2ydbJi3FAoq8JQ%3D%3D%22%2C%22AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA%3D%22%5D%2C%22m%22%3A%22eHk3aDhlIDFhYmVqOHogMCAxcGJ1ODJzIHNrOGRjaSAxIDFsamdkMG8gazZ2MGxiIHNrOGRjaSAxbndtYzBoIDEgMW1wandjbg%3D%3D%22%2C%22payload%22%3A%221511aa257f36d651%3A1%22%7D Requested by Host: x01.aidata.io URL: https://x01.aidata.io/lib/aidata.fp.latest.js?pixel=0892394 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 89.108.120.76 , Russian Federation, ASN197695 (AS-REGRU "Domain names registrar REG.RU", Ltd, RU), Reverse DNS d51804.reg.regrucolo.ru Software nginx / Resource Hash 995075ef2ef09d1a53f48532fe9b8aba0dcd6bc73275233e18d66382523b7cb1 Request headers sec-ch-ua-platform "Linux" Referer User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36 sec-ch-ua "Chromium";v="147", "Google Chrome";v="147", "Not-A.Brand";v="24" sec-ch-ua-mobile ?0 Response headers cache-control no-cache, no-store, must-revalidate, post-check=0, pre-check=0 pragma no-cache access-control-allow-credentials true access-control-allow-methods GET, POST expires Tue, 28 Apr 2026 04:06:43 GMT access-control-allow-origin https://goo.su content-length 37 p3p CP='NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA' date Tue, 28 Apr 2026 04:06:44 GMT content-type application/javascript last-modified Tue, 28 Apr 2026 04:06:43 GMT server nginx
GET H2	200	platform.js Show response x01.aidata.io/	37 B 560 B	260ms 127ms	Fetch application/javascript	89.108.120.76 AS-REGRU "Domain ...
General Check archive.org Show headers Download Go to Full URL https://x01.aidata.io/platform.js?pixel=0892394&v=1777349204062&url=https%3A%2F%2Fgoo.su%2F3oxh2eW&is_js_referrer=1&origin_referrer=&add_headers=1&data=%7B%22v%22%3A%222.1.2%22%2C%22ios%22%3A%22000%22%2C%22dur%22%3A82%2C%22data%22%3A%5B%22YB%2F9%2Bpz%2FkEAAAAAAAKpiQAAAAAAAqmJAAAAAAACqYkAAAAAAgABiQAAAAAAAlGBAAAAAAACwIkAAAAAAAMhiQABAhUzIAl9A%22%2C%22AQAAAAEAAAABAAAAAAAAAAEAAAAAAAAAAAAAACAAAAAYAAAAIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAQAYAALAEAAAAAAAAAAAAAAAAAAAAAAAA%22%2C%22C5%2Fj8WVD1QDashxuw95wXAAAAADBwbNjFKkxieJR2ydbJi3FAoq8JQ%3D%3D%22%2C%22AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA%3D%22%5D%2C%22m%22%3A%22eHk3aDhlIDFhYmVqOHogMCAxcGJ1ODJzIHNrOGRjaSAxIDFsamdkMG8gazZ2MGxiIHNrOGRjaSAxbndtYzBoIDEgMW1wandjbg%3D%3D%22%2C%22payload%22%3A%221511aa257f36d651%3A2%22%7D Requested by Host: kimberlite.io URL: https://kimberlite.io/rtb/ujs?ymss=digitalcaramel Protocol H2 Security TLS 1.3, , AES_256_GCM Server 89.108.120.76 , Russian Federation, ASN197695 (AS-REGRU "Domain names registrar REG.RU", Ltd, RU), Reverse DNS d51804.reg.regrucolo.ru Software nginx / Resource Hash 995075ef2ef09d1a53f48532fe9b8aba0dcd6bc73275233e18d66382523b7cb1 Request headers sec-ch-ua-platform "Linux" Referer https://goo.su/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36 sec-ch-ua "Chromium";v="147", "Google Chrome";v="147", "Not-A.Brand";v="24" sec-ch-ua-mobile ?0 Response headers cache-control no-cache, no-store, must-revalidate, post-check=0, pre-check=0 pragma no-cache access-control-allow-credentials true access-control-allow-methods GET, POST expires Tue, 28 Apr 2026 04:06:43 GMT access-control-allow-origin https://goo.su content-length 37 p3p CP='NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA' date Tue, 28 Apr 2026 04:06:44 GMT content-type application/javascript last-modified Tue, 28 Apr 2026 04:06:43 GMT server nginx
GET H2	200	v2 Show response yandex.ru/ads/adfox/332443/getBulk/ Frame 4195	4 KB 2 KB	202ms 201ms	XHR application/json	77.88.44.55 YANDEX YANDEX LLC
General Check archive.org Show headers Download Go to Full URL https://yandex.ru/ads/adfox/332443/getBulk/v2?pr=756439938&pr1=418625320&dl=https%3A%2F%2Fgoo.su%2F3oxh2eW&prr=&extid_loader=MTc3NzM0OTIwMzcyMDAzNzYwNw%3D%3D&extid_tag_loader=goo.su&fa=&date=2026-04-28T06%3A06%3A44.107%2B02%3A00&pd=28&pw=2&pv=6&pdw=1600&pdh=1200&ylv=0.1304673&ybv=0.1304673&ytt=53326313947141&is-turbo=0&skip-token=&ad-session-id=1518711777349203634&layout-config=%7B%22win_width%22%3A1600%2C%22win_height%22%3A1200%2C%22pixel_ratio%22%3A1%2C%22bandwidth%22%3A10%2C%22isInIframe%22%3Afalse%2C%22w%22%3A300%2C%22h%22%3A0%2C%22width%22%3A0%2C%22height%22%3A0%2C%22visible%22%3A1%2C%22fullscreenHeaderHeight%22%3A80%2C%22left%22%3A12%2C%22top%22%3A900%2C%22req_no%22%3A2%2C%22ad_no%22%3A3%7D&pcode-version=1304673&yaru=true&p1=dgtqq&p2=hjxt&slotNumber=3&bids=W3siYmlkZGVyTmFtZSI6ImFsZmFzZW5zZSIsImNhbXBhaWduX2lkIjoxMzY2MDc1LCJyZXNwb25zZV90aW1lIjozMTUsImVycm9yIjp7ImNvZGUiOjR9LCJwbGFjZW1lbnRfaWQiOiI2NjE3OCJ9LHsiYmlkZGVyTmFtZSI6ImJ1enpvb2xhIiwiY2FtcGFpZ25faWQiOjEzOTQxMTksInJlc3BvbnNlX3RpbWUiOjQ2OCwiZXJyb3IiOnsiY29kZSI6MX0sInBsYWNlbWVudF9pZCI6IjEyODk5NjEifSx7ImJpZGRlck5hbWUiOiJnZXRpbnRlbnQiLCJjYW1wYWlnbl9pZCI6MTM2NjA3OCwicmVzcG9uc2VfdGltZSI6NDY4LCJlcnJvciI6eyJjb2RlIjo0fSwicGxhY2VtZW50X2lkIjoiNjZfMzAweDMwMF9hbGZhZGFydCJ9LHsiYmlkZGVyTmFtZSI6ImJpZHZvbCIsImNhbXBhaWduX2lkIjoxNDQ1NzI3LCJyZXNwb25zZV90aW1lIjozMzMsImVycm9yIjp7ImNvZGUiOjF9LCJwbGFjZW1lbnRfaWQiOiI1MTY5MSJ9LHsiYmlkZGVyTmFtZSI6Im90bSIsImNhbXBhaWduX2lkIjoxNTM2MTQzLCJyZXNwb25zZV90aW1lIjo0NzAsImVycm9yIjp7ImNvZGUiOjF9LCJwbGFjZW1lbnRfaWQiOiI5ODMzMCJ9LHsiYmlkZGVyTmFtZSI6ImJldHdlZW5kaWdpdGFsIiwiY2FtcGFpZ25faWQiOjEzNjYwNzQsInJlc3BvbnNlX3RpbWUiOjIwMiwiZXJyb3IiOnsiY29kZSI6MX0sInBsYWNlbWVudF9pZCI6IjQ4MzU1MjQifSx7ImJpZGRlck5hbWUiOiJhc3RyYWxhYiIsImNhbXBhaWduX2lkIjoyMzQyOTYzLCJyZXNwb25zZV90aW1lIjozMzMsImVycm9yIjp7ImNvZGUiOjF9LCJwbGFjZW1lbnRfaWQiOiI2N2RhZDkyODRlNjk2NWZhN2IzMTM5NTAifSx7ImJpZGRlck5hbWUiOiJyb3hvdCIsImNhbXBhaWduX2lkIjozMDA2MDQ4LCJyZXNwb25zZV90aW1lIjoxODEsImVycm9yIjp7ImNvZGUiOjF9LCJwbGFjZW1lbnRfaWQiOiI5NGY4YWFlNi1mYjI0LTQzZDctYWYzMC04NmQ3YWI0NzhiZjQifSx7ImJpZGRlck5hbWUiOiJvdGNsaWNrIiwiY2FtcGFpZ25faWQiOjMxNDcyMTcsInJlc3BvbnNlX3RpbWUiOjI4MywiZXJyb3IiOnsiY29kZSI6MX0sInBsYWNlbWVudF9pZCI6IjEwNjI2In0seyJiaWRkZXJOYW1lIjoic2FwZSIsImNhbXBhaWduX2lkIjoxNjcyNjk5LCJyZXNwb25zZV90aW1lIjozMDAsImVycm9yIjp7ImNvZGUiOjF9LCJwbGFjZW1lbnRfaWQiOiI5MzUyODUifSx7ImJpZGRlck5hbWUiOiJzb2x0YSIsImNhbXBhaWduX2lkIjoyNDY4MjYxLCJyZXNwb25zZV90aW1lIjoxMjIsImVycm9yIjp7ImNvZGUiOjF9LCJwbGFjZW1lbnRfaWQiOiI0OS1VZjNDbiJ9LHsiYmlkZGVyTmFtZSI6InVtZyIsImNhbXBhaWduX2lkIjozMTM2NjgwLCJyZXNwb25zZV90aW1lIjo0NzUsImVycm9yIjp7ImNvZGUiOjF9LCJwbGFjZW1lbnRfaWQiOiIxMzE2MCJ9LHsiYmlkZGVyTmFtZSI6Im15dGFyZ2V0IiwiY2FtcGFpZ25faWQiOjEzNjYwNzIsInJlc3BvbnNlX3RpbWUiOjQ3NSwiZXJyb3IiOnsiY29kZSI6MX0sInBsYWNlbWVudF9pZCI6IjE3OTc0NjEifSx7ImJpZGRlck5hbWUiOiJtZWRpYXNuaXBlciIsImNhbXBhaWduX2lkIjoyMzAyNzg3LCJyZXNwb25zZV90aW1lIjoyNTEsImVycm9yIjp7ImNvZGUiOjF9LCJwbGFjZW1lbnRfaWQiOiIyNzcyMiJ9LHsiYmlkZGVyTmFtZSI6ImFkcml2ZXIiLCJjYW1wYWlnbl9pZCI6MTM2NjA3NiwicmVzcG9uc2VfdGltZSI6MjgxLCJlcnJvciI6eyJjb2RlIjo0fSwicGxhY2VtZW50X2lkIjoiNTc6Z29vLnN1XzMwMHgzMDBfZGVza18zIn0seyJiaWRkZXJOYW1lIjoiaHlicmlkIiwiY2FtcGFpZ25faWQiOjE4Nzk3NjMsInJlc3BvbnNlX3RpbWUiOjI1MSwiZXJyb3IiOnsiY29kZSI6MX0sInBsYWNlbWVudF9pZCI6IjY3ZGJlMWNkNGQ1MDZlYjJlODUzZGJjOCJ9XQ%3D%3D&utf8=%E2%9C%93&duid=MTc3NzM0OTIwMzcyMDAzNzYwNw%3D%3D&pcode-test-ids=1387854%2C0%2C47%3B1522421%2C0%2C46%3B1520060%2C0%2C76%3B1519496%2C0%2C45%3B1543685%2C0%2C4%3B1471934%2C0%2C10%3B1534006%2C0%2C32%3B1538640%2C0%2C70%3B1549206%2C0%2C23%3B1513559%2C0%2C29%3B1543959%2C0%2C7%3B1545953%2C0%2C64%3B1524838%2C0%2C42%3B1485711%2C0%2C7%3B1534167%2C0%2C30%3B1536912%2C0%2C19%3B1513550%2C0%2C71%3B1546248%2C0%2C22&csrf-token=c00f0b1c4e2637719e10ff57989427bf766577af%3A1777349202&pcode-uid=9156421321777349202&pcode-flags-map=eJyFllGP4yYUhf9LnkcrwGAbvxFznaAh4AXsmbSqrrLbTNU2nV3NpFVXq%2FnvleM0rT1S8mTJgo%2FLOede%2B%2Ftiq2Ibk1pa6CEsqh%2B%2FL%2F7aHf7cL6oF%2FVCy8gPNZJkt7hbH%2FevR%2FDy8FoLKnC7efrpb9CriuBl7CNF4NyVkhOZlPtmd8YKL8rLb%2BhXW3iVwCXUXVDLeYQuhBpemrCmFFSRnJ4o28VSAhpiC3yI8JghOWawDqGR6QKWxixCwtj4CQj9H7%2F%2F%2BOoFzLlkhFm93N5awyy0C1MrWnVUJMMDHDmLCDaS119j4gA9BtS0E7IK9frAggosT9WPApVX1PVoTE9bWDAIZHaeaEMmyUnJRlWVRMEZJlRFJckZyUVEiOM%2BlKKuMylwWuciqjHBKWEaySkrKCRFFRSkhlLKCVBktKSd5MSyjjJCS0YoSTjgXklUZoxnj5SwLvKCEjVlQWqPZqBXgSlkLYYvGoYMu%2BMEas3LXr15SSfi%2FIONWODyGNCiLrQpqAwlCPMmpTUzBLLs0z9t7aC5led3IYcl4LrhTjtoAS6NRd0ZfhQtSSjma1UXAONjuklEWrVd6CN1Qa7w3LSZ%2FD9crFTTLSnLJUzPcF4fQOI290eAxWp8wedR%2Bc52UcZqVl7KSCitIGKAZpbPY1l7DbURxBdGreBuQnwArcBCUxZiCSrDa4oNJa%2FStqk3aTiBPu8Ph0%2B7z7%2Fjl%2BfBtiuOUUnnCNeYRH4zT%2FgGd9%2B0Av14JF8V5TlhQuvFhE7FX1uihVdu1dzek4KLg49En3W5MO14SPpuVjHDy%2F3jFFEBtzqY%2BwNJHRmiJfTZhfT4e5ooSkl8scefBlpKq1xjXSvuHG%2FvL%2FFxHjC1ulLEYunMVjbHppo6Snc%2FXsR1T3fpo3rXgYf90xOPL7vn16%2B5l%2F3ycp1yIs5oqRBiziMY1Ho1L%2Fjwuau8as8KeT8jH3csv%2BxmPZ3LCi%2Btg3D0OKYnmB8Dou1DfcvjC8D0Eq7aoWoTHdhrO13kspMhGOVOAVK9xA9qo6x4wXp47c63a1jiIEWMXetiiqeej7I8vv%2F06m1SioOOobTprYx0AHMYYcA1KQ8CVvhUhmo9dDTGCqwE3fmksYHOrm3NJ2dR73zQRpl%2FRp08oyHu7yX%2FN8%2B4HIyM8L2Y%2FFzxnfBDp7R9m63TL&pcode-icookie=kJekFapqa9%2Fc6iorqqcr7LX12DRYNRYQC7xhUmTg%2BuYN%2BcR91pw7ZCXjrQaiTLRk9JpILoRWwr56%2BENgv0jJMpSG9GI%3D&disable-base64=1&top-ancestor=https%3A%2F%2Fgoo.su&top-ancestor-undetermined=0&tga-with-creatives=1&banner-lang=en&grab-orig-len=392&grab=eyJncmFiX3ZlcnNpb24iOjJ9CjKrPpE83_MC6tQYTkutcNM44ogm6O-P7cl92M-iDAjcMqV2WqxakmqJ_guTITww6Y0fLsqNv5rlNmniybA7D7c25KbQf1Noj7SZlVtOhC-xOgevlg1TUzjfxWhT_myIwz9D97LRcuH5TiKTVR2pXwgV9HLs1c5ql1SDmaFPzaL6yl3sGHsFZ06htPafw08vFwY7Ra0FAQ2yIUjtNTHTGQoG20loosVGU2MSQk9znAOWqro8mQ5o6yaJbGfkZNbAhlC1ls2nyk8kE59SzJ1zVWAcMOs9i_jD30Oa-9m1X_193IVKQXhx_Ze1MX8w3Ced-Q3rITxKQQM1brSyB1gcBri1yGMaTKO-rampG9CgtYIDe8H_ Requested by Host: yandex.ru URL: https://yandex.ru/ads/system/context.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 77.88.44.55 , Russian Federation, ASN13238 (YANDEX YANDEX LLC, RU), Reverse DNS yandex.ru Software / Resource Hash 6f708849bff805afa268f4cb80aeb01862691152002d2343d50650fe02d53064 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers sec-ch-ua-platform "Linux" Referer https://goo.su/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36 sec-ch-ua "Chromium";v="147", "Google Chrome";v="147", "Not-A.Brand";v="24" Content-Type application/x-www-form-urlencoded sec-ch-ua-mobile ?0 Response headers x-yandex-req-id 1777349204192750-15304674029466596517-balancer-l7leveler-kubr-yp-klg-45-BAL content-encoding gzip report-to { "group": "network-errors", "max_age": 100, "endpoints": [{"url": "https://dr.yandex.net/nel", "priority": 1}, {"url": "https://dr2.yandex.net/nel", "priority": 2}]} x-content-type-options nosniff x-ads-queuetime 0.117000 expires Mon, 04 Dec 1999 21:29:02 GMT p3p policyref=/w3c/w3c.p3p, CP=NON CUR ADM DEV PSA PSD OUR IND UNI NAV INT STA x-ads-loadaverageonarrival 0.333333 content-type application/json cache-control no-store, no-cache, must-revalidate, max-age=0 timing-allow-origin * nel {"report_to": "network-errors", "max_age": 100, "success_fraction": 0.001, "failure_fraction": 0.1} pragma no-cache accept-ch Sec-CH-UA-Platform-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Platform, Sec-CH-UA-Full-Version, Sec-CH-Viewport-Width, Viewport-Width, DPR, Device-Memory, RTT, Downlink, ECT, Width, Sec-Ch-Viewport-Height access-control-allow-credentials true x-yt-request-id b5a07235-94861d5b-29c2bdec-4738fb6 x-ads-degradation 0.000000 x-adfox-request-id 17157716365531696872 x-ads-loadaverage 0.111111 access-control-allow-origin https://goo.su x-yt-trace-id 0-1-0-0 x-xss-protection 1; mode=block
GET H2	200	4441113851777349203842 an.yandex.ru/mapuid/yamts/ Frame EAF9	43 B 0	323ms 140ms	Fetch image/gif	87.250.250.90 YANDEX YANDEX LLC
General Check archive.org Show headers Download Go to Full URL https://an.yandex.ru/mapuid/yamts/4441113851777349203842 Requested by Host: static.a.mts.ru URL: https://static.a.mts.ru/id/pixel.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 87.250.250.90 , Russian Federation, ASN13238 (YANDEX YANDEX LLC, RU), Reverse DNS bs.yandex.ru Software / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Xss-Protection 1; mode=block Request headers sec-ch-ua-platform "Linux" Referer User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36 sec-ch-ua "Chromium";v="147", "Google Chrome";v="147", "Not-A.Brand";v="24" sec-ch-ua-mobile ?0 Response headers content-encoding gzip x-ads-service-name yabs-server.partner.meta x-ads-queuetime 0.034000 expires Tue, 28 Apr 2026 04:06:44 GMT date Tue, 28 Apr 2026 04:06:44 GMT x-ads-loadaverageonarrival 0.242424 content-type image/gif; charset=utf-8 last-modified Tue, 28 Apr 2026 04:06:44 GMT strict-transport-security max-age=31536000 cache-control private, no-cache, no-store, must-revalidate, max-age=0 timing-allow-origin * pragma no-cache access-control-allow-credentials true x-ads-degradation 0.000000 x-ads-loadaverage 0.212121 access-control-allow-origin https://goo.su x-xss-protection 1; mode=block
GET H2	200	6962438361777349203841 an.yandex.ru/mapuid/yamts/	43 B 0	292ms 160ms	Fetch image/gif	87.250.250.90 YANDEX YANDEX LLC
General Check archive.org Show headers Download Go to Full URL https://an.yandex.ru/mapuid/yamts/6962438361777349203841 Requested by Host: kimberlite.io URL: https://kimberlite.io/rtb/ujs?ymss=digitalcaramel Protocol H2 Security TLS 1.3, , AES_256_GCM Server 87.250.250.90 , Russian Federation, ASN13238 (YANDEX YANDEX LLC, RU), Reverse DNS bs.yandex.ru Software / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Xss-Protection 1; mode=block Request headers sec-ch-ua-platform "Linux" Referer https://goo.su/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36 sec-ch-ua "Chromium";v="147", "Google Chrome";v="147", "Not-A.Brand";v="24" sec-ch-ua-mobile ?0 Response headers content-encoding gzip x-ads-service-name yabs-server.partner.meta x-ads-queuetime 0.110000 expires Tue, 28 Apr 2026 04:06:44 GMT x-ads-loadaverageonarrival 0.363636 date Tue, 28 Apr 2026 04:06:44 GMT last-modified Tue, 28 Apr 2026 04:06:44 GMT content-type image/gif; charset=utf-8 strict-transport-security max-age=31536000 cache-control private, no-cache, no-store, must-revalidate, max-age=0 timing-allow-origin * pragma no-cache access-control-allow-credentials true x-ads-degradation 0.000000 x-ads-loadaverage 0.575758 access-control-allow-origin https://goo.su x-xss-protection 1; mode=block
POST H2	200	tech Show response cm.a.mts.ru/cm/	33 B 462 B	90ms 89ms	Fetch application/json	185.65.149.228 HLL-AS HLL LLC
General Check archive.org Show headers Download Go to Full URL https://cm.a.mts.ru/cm/tech?flowId=0ad8d3f8-90df-189f-8191-0983a062000a&visId=fee003c5e5acc164edf40468d30a3673 Requested by Host: kimberlite.io URL: https://kimberlite.io/rtb/ujs?ymss=digitalcaramel Protocol H2 Security TLS 1.3, , AES_128_GCM Server 185.65.149.228 , Russian Federation, ASN51115 (HLL-AS HLL LLC, RU), Reverse DNS Software QRATOR / Resource Hash 740e17fbeda8d1ad5a8f36255d747ade8317715bc84ba447f4c89aac1ec9230e Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers sec-ch-ua-platform "Linux" Referer https://goo.su/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36 sec-ch-ua "Chromium";v="147", "Google Chrome";v="147", "Not-A.Brand";v="24" Content-Type text/plain;charset=UTF-8 sec-ch-ua-mobile ?0 Response headers strict-transport-security max-age=31536000; includeSubDomains access-control-max-age 3600 content-encoding gzip access-control-allow-credentials true access-control-allow-methods GET,POST,OPTIONS access-control-allow-origin https://goo.su date Tue, 28 Apr 2026 04:06:44 GMT content-type application/json vary Accept-Encoding, Origin, Access-Control-Request-Method, Access-Control-Request-Headers server QRATOR access-control-allow-headers Origin, X-Requested-With, Content-Type, Accept, X-Forwarded-For
GET H2	200	AdRiverFPS.js Show response content.adriver.ru/	45 KB 0	263ms 103ms	Script application/x-javascript	83.222.5.42 MASTERHOST-AS LLC...
General Check archive.org Show headers Download Go to Full URL https://content.adriver.ru/AdRiverFPS.js Requested by Host: cdn1.moe.video URL: https://cdn1.moe.video/p/cr.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 83.222.5.42 , Russian Federation, ASN25532 (MASTERHOST-AS LLC "MASTERHOST", RU), Reverse DNS Software nginx / Resource Hash ad7df26b03dec882987c2509e846756395d3a1fa540ce38ab8e899d366d80575 Request headers sec-ch-ua-platform "Linux" Referer https://goo.su/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36 sec-ch-ua "Chromium";v="147", "Google Chrome";v="147", "Not-A.Brand";v="24" sec-ch-ua-mobile ?0 Response headers cache-control max-age=3600 content-encoding gzip etag W/"69e779c0-b5b5" expires Tue, 28 Apr 2026 05:06:43 GMT access-control-allow-origin https://cs1.ottgoods.ru date Tue, 28 Apr 2026 04:06:43 GMT content-type application/x-javascript last-modified Tue, 21 Apr 2026 13:21:04 GMT server nginx vary Accept-Encoding
GET H2	200	sync-loader.js Show response ad.mail.ru/static/	83 KB 22 KB	137ms 137ms	Script application/javascript	95.163.41.56 VK-AS LLC VK
General Check archive.org Show headers Download Go to Full URL https://ad.mail.ru/static/sync-loader.js Requested by Host: cdn1.moe.video URL: https://cdn1.moe.video/p/cr.js Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_256_GCM Server 95.163.41.56 , Russian Federation, ASN47764 (VK-AS LLC VK, RU), Reverse DNS r.myadx.net Software nginx / Resource Hash ce24fe54ce3a08c6fffddbbd0efeda3cf530ea519bef2226d98139a1cb7d10d8 Request headers sec-ch-ua-platform "Linux" Referer https://goo.su/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36 sec-ch-ua "Chromium";v="147", "Google Chrome";v="147", "Not-A.Brand";v="24" sec-ch-ua-mobile ?0 Response headers cache-control max-age=600 timing-allow-origin * content-encoding gzip expires Tue, 28 Apr 2026 04:16:44 GMT access-control-allow-origin * date Tue, 28 Apr 2026 04:06:44 GMT content-type application/javascript;charset=UTF-8 server nginx
GET H/1.1	204 No Content	sync sync.upravel.com/aidata/ Redirect Chain https://sync.upravel.com/pbd/sync https://sync.upravel.com/pbd/sync?session_tpt=eyJoZWFkZXJzIjp7InJlZmVyZXIiOlsiaHR0cHM6Ly9nb28uc3UvIl19fQ== https://1026--81a236a2-b049-4c33-a372-f3b340509a28.stbid.ru/?r=https%3A%2F%2Fsync.upravel.com%2Fimage%3Fsource%3Dpbd https://sync.upravel.com/image?source=pbd https://sync.upravel.com/gpmdata/sync https://tms.gpmdata.ru/?dmpkit_cid=81460eb5-647b-4d9b-a3e3-7863f294c3da&dmpkit_evid=4a608d62-b43e-464c-ba40-a2d2ff300693&dsp_id=81a236a2-b049-4c33-a372-f3b340509a28&ru=https%3A%2F%2Fsync.upravel.co... https://sync.upravel.com/image?source=gpmdata https://sync.upravel.com/aidata/sync https://x01.aidata.io/0.gif?pid=MGCOM&id=81a236a2-b049-4c33-a372-f3b340509a28&back= https://x01.aidata.io/0.gif?pid=MGCOM&id=81a236a2-b049-4c33-a372-f3b340509a28&back=&bounce=1 https://px.adhigh.net/p/cm/aidata?u=dudC7EVEhND33X%2BEI2Jfmw&back=SYNC https://px.adhigh.net/p/cm/aidata?u=dudC7EVEhND33X%2BEI2Jfmw&back=SYNC&bounced=1 https://x01.aidata.io/0.gif?pid=GETINTENT&id=M6dAaV3EslW.AikABlGd0kSgZg&back=SYNC https://counter.yadro.ru/id-redir/aidata.gif?back=SYNC https://x01.aidata.io/0.gif?pid=LIVE&id=7CEBAAF2CEBE40E27482&back=SYNC https://sync.dmp.otm-r.com/match/aidata?back=SYNC&rp=https%3A%2F%2Fx01.aidata.io%2F0.gif%3Fpid%3DOTM%26id%3D%7Bpid%7D https://x01.aidata.io/0.gif?pid=OTM&id=NjlmMDMyNTMyNDNmYjUwYQ%3D%3D&back=SYNC https://sync.upravel.com/aidata/sync?back=SYNC	0 401 B	97ms 97ms	Image text/plain	178.72.162.59 SELECTEL JSC Sele...
General Check archive.org Show headers Download Go to Show image Full URL https://sync.upravel.com/aidata/sync?back=SYNC Requested by Host: goo.su URL: https://goo.su/3oxh2eW Protocol HTTP/1.1 Server 178.72.162.59 St Petersburg, Russian Federation, ASN49505 (SELECTEL JSC Selectel, RU), Reverse DNS prod-stru-lb-4.community.moscow Software Angie / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36 Referer https://goo.su/ Response headers Access-Control-Expose-Headers Content-Length,Content-Range Connection keep-alive Access-Control-Allow-Credentials false Access-Control-Allow-Methods GET, POST, OPTIONS Access-Control-Allow-Origin * Date Tue, 28 Apr 2026 04:06:47 GMT Server Angie Access-Control-Allow-Headers DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range Redirect headers cache-control no-cache, no-store, must-revalidate, post-check=0, pre-check=0 location https://sync.upravel.com/aidata/sync?back=SYNC pragma no-cache access-control-allow-credentials true access-control-allow-methods GET, POST expires Tue, 28 Apr 2026 04:06:45 GMT content-length 0 p3p CP='NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA' date Tue, 28 Apr 2026 04:06:46 GMT last-modified Tue, 28 Apr 2026 04:06:45 GMT server nginx
GET H2	200	v2 Show response yandex.ru/ads/adfox/332443/getBulk/ Frame 4195	4 KB 2 KB	217ms 217ms	XHR application/json	77.88.44.55 YANDEX YANDEX LLC
General Check archive.org Show headers Download Go to Full URL https://yandex.ru/ads/adfox/332443/getBulk/v2?pr=756439938&pr1=1683080452&dl=https%3A%2F%2Fgoo.su%2F3oxh2eW&prr=&extid_loader=MTc3NzM0OTIwMzcyMDAzNzYwNw%3D%3D&extid_tag_loader=goo.su&fa=&date=2026-04-28T06%3A06%3A44.323%2B02%3A00&pd=28&pw=2&pv=6&pdw=1600&pdh=1200&ylv=0.1304673&ybv=0.1304673&ytt=53326313947141&is-turbo=0&skip-token=&ad-session-id=1518711777349203634&layout-config=%7B%22win_width%22%3A1600%2C%22win_height%22%3A1200%2C%22pixel_ratio%22%3A1%2C%22bandwidth%22%3A10%2C%22isInIframe%22%3Afalse%2C%22w%22%3A300%2C%22h%22%3A0%2C%22width%22%3A0%2C%22height%22%3A0%2C%22visible%22%3A0%2C%22fullscreenHeaderHeight%22%3A80%2C%22left%22%3A3688%2C%22top%22%3A900%2C%22req_no%22%3A3%2C%22ad_no%22%3A5%7D&pcode-version=1304673&yaru=true&p1=dgtqr&p2=hjxt&slotNumber=4&bids=W3siYmlkZGVyTmFtZSI6ImFsZmFzZW5zZSIsImNhbXBhaWduX2lkIjoxMzY2MDc1LCJyZXNwb25zZV90aW1lIjozMTUsImVycm9yIjp7ImNvZGUiOjR9LCJwbGFjZW1lbnRfaWQiOiI2NjE4MCJ9LHsiYmlkZGVyTmFtZSI6ImJ1enpvb2xhIiwiY2FtcGFpZ25faWQiOjEzOTQxMTksInJlc3BvbnNlX3RpbWUiOjQ2OCwiZXJyb3IiOnsiY29kZSI6MX0sInBsYWNlbWVudF9pZCI6IjEyODk5NjIifSx7ImJpZGRlck5hbWUiOiJnZXRpbnRlbnQiLCJjYW1wYWlnbl9pZCI6MTM2NjA3OCwicmVzcG9uc2VfdGltZSI6NDY4LCJlcnJvciI6eyJjb2RlIjo0fSwicGxhY2VtZW50X2lkIjoiNjZfMzAweDMwMF9hbGZhZGFydCJ9LHsiYmlkZGVyTmFtZSI6ImJpZHZvbCIsImNhbXBhaWduX2lkIjoxNDQ1NzI3LCJyZXNwb25zZV90aW1lIjozMzMsImVycm9yIjp7ImNvZGUiOjF9LCJwbGFjZW1lbnRfaWQiOiI1MTY5MiJ9LHsiYmlkZGVyTmFtZSI6Im90bSIsImNhbXBhaWduX2lkIjoxNTM2MTQzLCJyZXNwb25zZV90aW1lIjo0NzAsImVycm9yIjp7ImNvZGUiOjF9LCJwbGFjZW1lbnRfaWQiOiI5ODMzMSJ9LHsiYmlkZGVyTmFtZSI6ImJldHdlZW5kaWdpdGFsIiwiY2FtcGFpZ25faWQiOjEzNjYwNzQsInJlc3BvbnNlX3RpbWUiOjIwMiwiZXJyb3IiOnsiY29kZSI6MX0sInBsYWNlbWVudF9pZCI6IjQ4MzU1MjUifSx7ImJpZGRlck5hbWUiOiJhc3RyYWxhYiIsImNhbXBhaWduX2lkIjoyMzQyOTYzLCJyZXNwb25zZV90aW1lIjozMzMsImVycm9yIjp7ImNvZGUiOjF9LCJwbGFjZW1lbnRfaWQiOiI2N2RhZDkyYTRlNjk2NWZhN2IzMTM5NjkifSx7ImJpZGRlck5hbWUiOiJyb3hvdCIsImNhbXBhaWduX2lkIjozMDA2MDQ4LCJyZXNwb25zZV90aW1lIjoxODEsImVycm9yIjp7ImNvZGUiOjF9LCJwbGFjZW1lbnRfaWQiOiI3MDA3NzI0ZS0wMzViLTQ0ZGMtOWE5ZS1mM2M5MGRlYTZiODcifSx7ImJpZGRlck5hbWUiOiJvdGNsaWNrIiwiY2FtcGFpZ25faWQiOjMxNDcyMTcsInJlc3BvbnNlX3RpbWUiOjI4MywiZXJyb3IiOnsiY29kZSI6MX0sInBsYWNlbWVudF9pZCI6IjEwNjI3In0seyJiaWRkZXJOYW1lIjoic2FwZSIsImNhbXBhaWduX2lkIjoxNjcyNjk5LCJyZXNwb25zZV90aW1lIjozMDAsImVycm9yIjp7ImNvZGUiOjF9LCJwbGFjZW1lbnRfaWQiOiI5MzUyODYifSx7ImJpZGRlck5hbWUiOiJzb2x0YSIsImNhbXBhaWduX2lkIjoyNDY4MjYxLCJyZXNwb25zZV90aW1lIjoxMjIsImVycm9yIjp7ImNvZGUiOjF9LCJwbGFjZW1lbnRfaWQiOiI0OS1TczRSaiJ9LHsiYmlkZGVyTmFtZSI6InVtZyIsImNhbXBhaWduX2lkIjozMTM2NjgwLCJyZXNwb25zZV90aW1lIjo0NzUsImVycm9yIjp7ImNvZGUiOjF9LCJwbGFjZW1lbnRfaWQiOiIxMzE2MSJ9LHsiYmlkZGVyTmFtZSI6Im15dGFyZ2V0IiwiY2FtcGFpZ25faWQiOjEzNjYwNzIsInJlc3BvbnNlX3RpbWUiOjQ3NSwiZXJyb3IiOnsiY29kZSI6MX0sInBsYWNlbWVudF9pZCI6IjE3OTc0NjMifSx7ImJpZGRlck5hbWUiOiJtZWRpYXNuaXBlciIsImNhbXBhaWduX2lkIjoyMzAyNzg3LCJyZXNwb25zZV90aW1lIjoyNTEsImVycm9yIjp7ImNvZGUiOjF9LCJwbGFjZW1lbnRfaWQiOiIyNzcyMyJ9LHsiYmlkZGVyTmFtZSI6ImFkcml2ZXIiLCJjYW1wYWlnbl9pZCI6MTM2NjA3NiwicmVzcG9uc2VfdGltZSI6MjgxLCJlcnJvciI6eyJjb2RlIjo0fSwicGxhY2VtZW50X2lkIjoiNTc6Z29vLnN1XzMwMHgzMDBfZGVza180In0seyJiaWRkZXJOYW1lIjoiaHlicmlkIiwiY2FtcGFpZ25faWQiOjE4Nzk3NjMsInJlc3BvbnNlX3RpbWUiOjI1MSwiZXJyb3IiOnsiY29kZSI6MX0sInBsYWNlbWVudF9pZCI6IjY3ZGJlMjgyN2JjNzJmZWJkOGE4ZDlkOSJ9XQ%3D%3D&utf8=%E2%9C%93&duid=MTc3NzM0OTIwMzcyMDAzNzYwNw%3D%3D&pcode-test-ids=1387854%2C0%2C47%3B1522421%2C0%2C46%3B1520060%2C0%2C76%3B1519496%2C0%2C45%3B1543685%2C0%2C4%3B1471934%2C0%2C10%3B1534006%2C0%2C32%3B1538640%2C0%2C70%3B1549206%2C0%2C23%3B1513559%2C0%2C29%3B1543959%2C0%2C7%3B1545953%2C0%2C64%3B1524838%2C0%2C42%3B1485711%2C0%2C7%3B1534167%2C0%2C30%3B1536912%2C0%2C19%3B1513550%2C0%2C71%3B1546248%2C0%2C22&csrf-token=c00f0b1c4e2637719e10ff57989427bf766577af%3A1777349202&pcode-uid=9156421321777349202&pcode-flags-map=eJyFllGP4yYUhf9LnkcrwGAbvxFznaAh4AXsmbSqrrLbTNU2nV3NpFVXq%2FnvleM0rT1S8mTJgo%2FLOede%2B%2Ftiq2Ibk1pa6CEsqh%2B%2FL%2F7aHf7cL6oF%2FVCy8gPNZJkt7hbH%2FevR%2FDy8FoLKnC7efrpb9CriuBl7CNF4NyVkhOZlPtmd8YKL8rLb%2BhXW3iVwCXUXVDLeYQuhBpemrCmFFSRnJ4o28VSAhpiC3yI8JghOWawDqGR6QKWxixCwtj4CQj9H7%2F%2F%2BOoFzLlkhFm93N5awyy0C1MrWnVUJMMDHDmLCDaS119j4gA9BtS0E7IK9frAggosT9WPApVX1PVoTE9bWDAIZHaeaEMmyUnJRlWVRMEZJlRFJckZyUVEiOM%2BlKKuMylwWuciqjHBKWEaySkrKCRFFRSkhlLKCVBktKSd5MSyjjJCS0YoSTjgXklUZoxnj5SwLvKCEjVlQWqPZqBXgSlkLYYvGoYMu%2BMEas3LXr15SSfi%2FIONWODyGNCiLrQpqAwlCPMmpTUzBLLs0z9t7aC5led3IYcl4LrhTjtoAS6NRd0ZfhQtSSjma1UXAONjuklEWrVd6CN1Qa7w3LSZ%2FD9crFTTLSnLJUzPcF4fQOI290eAxWp8wedR%2Bc52UcZqVl7KSCitIGKAZpbPY1l7DbURxBdGreBuQnwArcBCUxZiCSrDa4oNJa%2FStqk3aTiBPu8Ph0%2B7z7%2Fjl%2BfBtiuOUUnnCNeYRH4zT%2FgGd9%2B0Av14JF8V5TlhQuvFhE7FX1uihVdu1dzek4KLg49En3W5MO14SPpuVjHDy%2F3jFFEBtzqY%2BwNJHRmiJfTZhfT4e5ooSkl8scefBlpKq1xjXSvuHG%2FvL%2FFxHjC1ulLEYunMVjbHppo6Snc%2FXsR1T3fpo3rXgYf90xOPL7vn16%2B5l%2F3ycp1yIs5oqRBiziMY1Ho1L%2Fjwuau8as8KeT8jH3csv%2BxmPZ3LCi%2Btg3D0OKYnmB8Dou1DfcvjC8D0Eq7aoWoTHdhrO13kspMhGOVOAVK9xA9qo6x4wXp47c63a1jiIEWMXetiiqeej7I8vv%2F06m1SioOOobTprYx0AHMYYcA1KQ8CVvhUhmo9dDTGCqwE3fmksYHOrm3NJ2dR73zQRpl%2FRp08oyHu7yX%2FN8%2B4HIyM8L2Y%2FFzxnfBDp7R9m63TL&pcode-icookie=kJekFapqa9%2Fc6iorqqcr7LX12DRYNRYQC7xhUmTg%2BuYN%2BcR91pw7ZCXjrQaiTLRk9JpILoRWwr56%2BENgv0jJMpSG9GI%3D&disable-base64=1&top-ancestor=https%3A%2F%2Fgoo.su&top-ancestor-undetermined=0&tga-with-creatives=1&banner-lang=en&grab-orig-len=392&grab=eyJncmFiX3ZlcnNpb24iOjJ9CjKrPpE83_MC6tQYTkutcNM44ogm6O-P7cl92M-iDAjcMqV2WqxakmqJ_guTITww6Y0fLsqNv5rlNmniybA7D7c25KbQf1Noj7SZlVtOhC-xOgevlg1TUzjfxWhT_myIwz9D97LRcuH5TiKTVR2pXwgV9HLs1c5ql1SDmaFPzaL6yl3sGHsFZ06htPafw08vFwY7Ra0FAQ2yIUjtNTHTGQoG20loosVGU2MSQk9znAOWqro8mQ5o6yaJbGfkZNbAhlC1ls2nyk8kE59SzJ1zVWAcMOs9i_jD30Oa-9m1X_193IVKQXhx_Ze1MX8w3Ced-Q3rITxKQQM1brSyB1gcBri1yGMaTKO-rampG9CgtYIDe8H_ Requested by Host: yandex.ru URL: https://yandex.ru/ads/system/context.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 77.88.44.55 , Russian Federation, ASN13238 (YANDEX YANDEX LLC, RU), Reverse DNS yandex.ru Software / Resource Hash 3835a6f7cb5e0a733ae01a92d3976bf362e7596ffe0e8314c4aebd1b976606ba Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers sec-ch-ua-platform "Linux" Referer https://goo.su/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36 sec-ch-ua "Chromium";v="147", "Google Chrome";v="147", "Not-A.Brand";v="24" Content-Type application/x-www-form-urlencoded sec-ch-ua-mobile ?0 Response headers x-yandex-req-id 1777349204409752-12430971295413017565-balancer-l7leveler-kubr-yp-klg-45-BAL content-encoding gzip report-to { "group": "network-errors", "max_age": 100, "endpoints": [{"url": "https://dr.yandex.net/nel", "priority": 1}, {"url": "https://dr2.yandex.net/nel", "priority": 2}]} x-content-type-options nosniff x-ads-queuetime 0.164000 expires Mon, 04 Dec 1999 21:29:02 GMT p3p policyref=/w3c/w3c.p3p, CP=NON CUR ADM DEV PSA PSD OUR IND UNI NAV INT STA x-ads-loadaverageonarrival 0.166667 content-type application/json nel {"report_to": "network-errors", "max_age": 100, "success_fraction": 0.001, "failure_fraction": 0.1} timing-allow-origin * cache-control no-store, no-cache, must-revalidate, max-age=0 accept-ch Sec-CH-UA-Platform-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Platform, Sec-CH-UA-Full-Version, Sec-CH-Viewport-Width, Viewport-Width, DPR, Device-Memory, RTT, Downlink, ECT, Width, Sec-Ch-Viewport-Height pragma no-cache x-yt-request-id de71fa56-11e2a9d2-fffa098e-a8c1905f access-control-allow-credentials true x-ads-degradation 0.000000 x-adfox-request-id 16876141065011391593 x-ads-loadaverage 0.166667 access-control-allow-origin https://goo.su x-yt-trace-id 0-1-0-0 x-xss-protection 1; mode=block
POST H2	202	diagnostics api.a.mts.ru/api/ia/v1/client/	0 0	91ms 90ms	Fetch	185.65.149.228 HLL-AS HLL LLC
General Check archive.org Show headers Download Go to Full URL https://api.a.mts.ru/api/ia/v1/client/diagnostics?flowId=0ad8d3f8-90df-189f-8191-0983a062000a Requested by Host: kimberlite.io URL: https://kimberlite.io/rtb/ujs?ymss=digitalcaramel Protocol H2 Security TLS 1.3, , AES_128_GCM Server 185.65.149.228 , Russian Federation, ASN51115 (HLL-AS HLL LLC, RU), Reverse DNS Software QRATOR / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers sec-ch-ua-platform "Linux" Referer https://goo.su/ Idempotency-Key 992b7af2-fe98-4a82-b6a3-2b405517f6e4 sec-ch-ua "Chromium";v="147", "Google Chrome";v="147", "Not-A.Brand";v="24" sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36 Accept application/json Content-Type application/json Response headers strict-transport-security max-age=31536000; includeSubDomains access-control-max-age 3600 access-control-expose-headers X-MA-ID-API accept-ch Sec-CH-UA, Sec-CH-UA-Platform, Sec-CH-UA-Mobile, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-WoW64, Sec-CH-UA-Model, Sec-CH-UA-Form-Factors, Sec-CH-Lang, Sec-CH-Save-Data, Sec-CH-Width, Sec-CH-Viewport-Width, Viewport-Width, Sec-CH-Viewport-Height, Sec-CH-DPR, DPR, Sec-CH-Device-Memory, Device-Memory, RTT, Downlink, ECT, Sec-CH-Prefers-Color-Scheme, Sec-CH-Prefers-Reduced-Motion, Sec-CH-Prefers-Reduced-Transparency, Sec-CH-Prefers-Contrast, Sec-CH-Forced-Colors access-control-allow-credentials true access-control-allow-methods GET,POST,OPTIONS accept-ch-lifetime 8035200 access-control-allow-origin https://goo.su content-length 0 date Tue, 28 Apr 2026 04:06:44 GMT vary Origin server QRATOR access-control-allow-headers Origin, X-Requested-With, Content-Type, Accept, X-Forwarded-For, Idempotency-Key
OPTIONS H2	200	diagnostics api.a.mts.ru/api/ia/v1/client/ Frame	0 0	77ms 77ms	Preflight	185.65.149.228 HLL-AS HLL LLC
General Check archive.org Show headers Download Go to Full URL https://api.a.mts.ru/api/ia/v1/client/diagnostics?flowId=0ad8d3f8-90df-189f-8191-0983a062000a Protocol H2 Security TLS 1.3, , AES_128_GCM Server 185.65.149.228 , Russian Federation, ASN51115 (HLL-AS HLL LLC, RU), Reverse DNS Software QRATOR / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers Accept */* Access-Control-Request-Headers content-type,idempotency-key Access-Control-Request-Method POST Origin https://goo.su Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36 Response headers accept-ch Sec-CH-UA, Sec-CH-UA-Platform, Sec-CH-UA-Mobile, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-WoW64, Sec-CH-UA-Model, Sec-CH-UA-Form-Factors, Sec-CH-Lang, Sec-CH-Save-Data, Sec-CH-Width, Sec-CH-Viewport-Width, Viewport-Width, Sec-CH-Viewport-Height, Sec-CH-DPR, DPR, Sec-CH-Device-Memory, Device-Memory, RTT, Downlink, ECT, Sec-CH-Prefers-Color-Scheme, Sec-CH-Prefers-Reduced-Motion, Sec-CH-Prefers-Reduced-Transparency, Sec-CH-Prefers-Contrast, Sec-CH-Forced-Colors accept-ch-lifetime 8035200 access-control-allow-credentials true access-control-allow-headers Origin, X-Requested-With, Content-Type, Accept, X-Forwarded-For, Idempotency-Key access-control-allow-methods GET,POST,OPTIONS access-control-allow-origin https://goo.su access-control-expose-headers X-MA-ID-API access-control-max-age 3600 allow GET, HEAD, POST, PUT, DELETE, TRACE, OPTIONS, PATCH content-length 0 date Tue, 28 Apr 2026 04:06:44 GMT server QRATOR strict-transport-security max-age=31536000; includeSubDomains vary Origin Access-Control-Request-Method Access-Control-Request-Headers
POST H2	200	tech Show response cm.a.mts.ru/cm/ Frame EAF9	33 B 462 B	93ms 92ms	Fetch application/json	185.65.149.228 HLL-AS HLL LLC
General Check archive.org Show headers Download Go to Full URL https://cm.a.mts.ru/cm/tech?flowId=0ad8d3f8-90df-189f-8191-0983a062000a&visId=7dcb4ddee0b663d163385770c038f0f6 Requested by Host: static.a.mts.ru URL: https://static.a.mts.ru/id/pixel.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 185.65.149.228 , Russian Federation, ASN51115 (HLL-AS HLL LLC, RU), Reverse DNS Software QRATOR / Resource Hash 740e17fbeda8d1ad5a8f36255d747ade8317715bc84ba447f4c89aac1ec9230e Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers sec-ch-ua-platform "Linux" Referer User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36 sec-ch-ua "Chromium";v="147", "Google Chrome";v="147", "Not-A.Brand";v="24" Content-Type text/plain;charset=UTF-8 sec-ch-ua-mobile ?0 Response headers strict-transport-security max-age=31536000; includeSubDomains access-control-max-age 3600 content-encoding gzip access-control-allow-credentials true access-control-allow-methods GET,POST,OPTIONS access-control-allow-origin https://goo.su date Tue, 28 Apr 2026 04:06:44 GMT content-type application/json vary Accept-Encoding, Origin, Access-Control-Request-Method, Access-Control-Request-Headers server QRATOR access-control-allow-headers Origin, X-Requested-With, Content-Type, Accept, X-Forwarded-For
GET H2	200	v2 Show response yandex.ru/ads/adfox/332443/getBulk/ Frame 4195	168 B 454 B	183ms 183ms	XHR application/json	77.88.44.55 YANDEX YANDEX LLC
General Check archive.org Show headers Download Go to Full URL https://yandex.ru/ads/adfox/332443/getBulk/v2?pr=756439938&pr1=75306277&dl=https%3A%2F%2Fgoo.su%2F3oxh2eW&prr=&extid_loader=MTc3NzM0OTIwMzcyMDAzNzYwNw%3D%3D&extid_tag_loader=goo.su&fa=&date=2026-04-28T06%3A06%3A44.543%2B02%3A00&pd=28&pw=2&pv=6&pdw=1600&pdh=1200&ylv=0.1304673&ybv=0.1304673&ytt=53326313947141&is-turbo=0&skip-token=&ad-session-id=1518711777349203634&layout-config=%7B%22win_width%22%3A1600%2C%22win_height%22%3A1200%2C%22pixel_ratio%22%3A1%2C%22bandwidth%22%3A10%2C%22isInIframe%22%3Afalse%2C%22w%22%3A3328%2C%22h%22%3A0%2C%22width%22%3A0%2C%22height%22%3A0%2C%22visible%22%3A0%2C%22fullscreenHeaderHeight%22%3A80%2C%22left%22%3A2000%2C%22top%22%3A900%2C%22req_no%22%3A4%2C%22ad_no%22%3A7%7D&pcode-version=1304673&yaru=true&p1=dgtqt&p2=gxxp&slotNumber=5&bids=W3siYmlkZGVyTmFtZSI6ImFsZmFzZW5zZSIsImNhbXBhaWduX2lkIjoxMzY2MDc1LCJyZXNwb25zZV90aW1lIjozMTUsImVycm9yIjp7ImNvZGUiOjR9LCJwbGFjZW1lbnRfaWQiOiI2NjE4NiJ9LHsiYmlkZGVyTmFtZSI6ImJ1enpvb2xhIiwiY2FtcGFpZ25faWQiOjEzOTQxMTksInJlc3BvbnNlX3RpbWUiOjQ2OCwiZXJyb3IiOnsiY29kZSI6MX0sInBsYWNlbWVudF9pZCI6IjEyODk5NjAifSx7ImJpZGRlck5hbWUiOiJnZXRpbnRlbnQiLCJjYW1wYWlnbl9pZCI6MTM2NjA3OCwicmVzcG9uc2VfdGltZSI6NDY4LCJlcnJvciI6eyJjb2RlIjo0fSwicGxhY2VtZW50X2lkIjoiNjZfMzM2eDI4MF9hbGZhZGFydCJ9LHsiYmlkZGVyTmFtZSI6ImJpZHZvbCIsImNhbXBhaWduX2lkIjoxNDQ1NzI3LCJyZXNwb25zZV90aW1lIjozMzMsImVycm9yIjp7ImNvZGUiOjF9LCJwbGFjZW1lbnRfaWQiOiI1MTY5NiJ9LHsiYmlkZGVyTmFtZSI6Im90bSIsImNhbXBhaWduX2lkIjoxNTM2MTQzLCJyZXNwb25zZV90aW1lIjo0NzAsImVycm9yIjp7ImNvZGUiOjF9LCJwbGFjZW1lbnRfaWQiOiI5ODMzNCJ9LHsiYmlkZGVyTmFtZSI6ImJldHdlZW5kaWdpdGFsIiwiY2FtcGFpZ25faWQiOjEzNjYwNzQsInJlc3BvbnNlX3RpbWUiOjIwMiwiZXJyb3IiOnsiY29kZSI6MX0sInBsYWNlbWVudF9pZCI6IjQ4MzU1NzEifSx7ImJpZGRlck5hbWUiOiJhc3RyYWxhYiIsImNhbXBhaWduX2lkIjoyMzQyOTYzLCJyZXNwb25zZV90aW1lIjozMzMsImVycm9yIjp7ImNvZGUiOjF9LCJwbGFjZW1lbnRfaWQiOiI2N2RhZDkyZjRlNjk2NWZhN2IzMTM5YjQifSx7ImJpZGRlck5hbWUiOiJyb3hvdCIsImNhbXBhaWduX2lkIjozMDA2MDQ4LCJyZXNwb25zZV90aW1lIjoxODEsImVycm9yIjp7ImNvZGUiOjF9LCJwbGFjZW1lbnRfaWQiOiIwMzkwMjU1NS1hMDI4LTRhMzQtODcwNC1hYmFiMDk2MDg3M2IifSx7ImJpZGRlck5hbWUiOiJvdGNsaWNrIiwiY2FtcGFpZ25faWQiOjMxNDcyMTcsInJlc3BvbnNlX3RpbWUiOjI4MywiZXJyb3IiOnsiY29kZSI6MX0sInBsYWNlbWVudF9pZCI6IjEwNjMwIn0seyJiaWRkZXJOYW1lIjoic2FwZSIsImNhbXBhaWduX2lkIjoxNjcyNjk5LCJyZXNwb25zZV90aW1lIjozMDAsImVycm9yIjp7ImNvZGUiOjF9LCJwbGFjZW1lbnRfaWQiOiI5MzUyOTgifSx7ImJpZGRlck5hbWUiOiJzb2x0YSIsImNhbXBhaWduX2lkIjoyNDY4MjYxLCJyZXNwb25zZV90aW1lIjoxMjIsImVycm9yIjp7ImNvZGUiOjF9LCJwbGFjZW1lbnRfaWQiOiI0OS1EZDZFaSJ9LHsiYmlkZGVyTmFtZSI6InVtZyIsImNhbXBhaWduX2lkIjozMTM2NjgwLCJyZXNwb25zZV90aW1lIjo0NzUsImVycm9yIjp7ImNvZGUiOjF9LCJwbGFjZW1lbnRfaWQiOiIxMzE2NCJ9LHsiYmlkZGVyTmFtZSI6Im15dGFyZ2V0IiwiY2FtcGFpZ25faWQiOjEzNjYwNzIsInJlc3BvbnNlX3RpbWUiOjQ3NSwiZXJyb3IiOnsiY29kZSI6MX0sInBsYWNlbWVudF9pZCI6IjE3OTc1MTIifSx7ImJpZGRlck5hbWUiOiJtZWRpYXNuaXBlciIsImNhbXBhaWduX2lkIjoyMzAyNzg3LCJyZXNwb25zZV90aW1lIjoyNTEsImVycm9yIjp7ImNvZGUiOjF9LCJwbGFjZW1lbnRfaWQiOiIyNzcyOSJ9LHsiYmlkZGVyTmFtZSI6ImFkcml2ZXIiLCJjYW1wYWlnbl9pZCI6MTM2NjA3NiwicmVzcG9uc2VfdGltZSI6MjgxLCJlcnJvciI6eyJjb2RlIjo0fSwicGxhY2VtZW50X2lkIjoiNTc6Z29vLnN1XzMzNngyODBfZGVza18yIn0seyJiaWRkZXJOYW1lIjoiaHlicmlkIiwiY2FtcGFpZ25faWQiOjE4Nzk3NjMsInJlc3BvbnNlX3RpbWUiOjI1MSwiZXJyb3IiOnsiY29kZSI6MX0sInBsYWNlbWVudF9pZCI6IjY3ZGJlNTFiNGQ1MDZlYjJlODUzZGJmMiJ9XQ%3D%3D&utf8=%E2%9C%93&duid=MTc3NzM0OTIwMzcyMDAzNzYwNw%3D%3D&pcode-test-ids=1387854%2C0%2C47%3B1522421%2C0%2C46%3B1520060%2C0%2C76%3B1519496%2C0%2C45%3B1543685%2C0%2C4%3B1471934%2C0%2C10%3B1534006%2C0%2C32%3B1538640%2C0%2C70%3B1549206%2C0%2C23%3B1513559%2C0%2C29%3B1543959%2C0%2C7%3B1545953%2C0%2C64%3B1524838%2C0%2C42%3B1485711%2C0%2C7%3B1534167%2C0%2C30%3B1536912%2C0%2C19%3B1513550%2C0%2C71%3B1546248%2C0%2C22&csrf-token=c00f0b1c4e2637719e10ff57989427bf766577af%3A1777349202&pcode-uid=9156421321777349202&pcode-flags-map=eJyFllGP4yYUhf9LnkcrwGAbvxFznaAh4AXsmbSqrrLbTNU2nV3NpFVXq%2FnvleM0rT1S8mTJgo%2FLOede%2B%2Ftiq2Ibk1pa6CEsqh%2B%2FL%2F7aHf7cL6oF%2FVCy8gPNZJkt7hbH%2FevR%2FDy8FoLKnC7efrpb9CriuBl7CNF4NyVkhOZlPtmd8YKL8rLb%2BhXW3iVwCXUXVDLeYQuhBpemrCmFFSRnJ4o28VSAhpiC3yI8JghOWawDqGR6QKWxixCwtj4CQj9H7%2F%2F%2BOoFzLlkhFm93N5awyy0C1MrWnVUJMMDHDmLCDaS119j4gA9BtS0E7IK9frAggosT9WPApVX1PVoTE9bWDAIZHaeaEMmyUnJRlWVRMEZJlRFJckZyUVEiOM%2BlKKuMylwWuciqjHBKWEaySkrKCRFFRSkhlLKCVBktKSd5MSyjjJCS0YoSTjgXklUZoxnj5SwLvKCEjVlQWqPZqBXgSlkLYYvGoYMu%2BMEas3LXr15SSfi%2FIONWODyGNCiLrQpqAwlCPMmpTUzBLLs0z9t7aC5led3IYcl4LrhTjtoAS6NRd0ZfhQtSSjma1UXAONjuklEWrVd6CN1Qa7w3LSZ%2FD9crFTTLSnLJUzPcF4fQOI290eAxWp8wedR%2Bc52UcZqVl7KSCitIGKAZpbPY1l7DbURxBdGreBuQnwArcBCUxZiCSrDa4oNJa%2FStqk3aTiBPu8Ph0%2B7z7%2Fjl%2BfBtiuOUUnnCNeYRH4zT%2FgGd9%2B0Av14JF8V5TlhQuvFhE7FX1uihVdu1dzek4KLg49En3W5MO14SPpuVjHDy%2F3jFFEBtzqY%2BwNJHRmiJfTZhfT4e5ooSkl8scefBlpKq1xjXSvuHG%2FvL%2FFxHjC1ulLEYunMVjbHppo6Snc%2FXsR1T3fpo3rXgYf90xOPL7vn16%2B5l%2F3ycp1yIs5oqRBiziMY1Ho1L%2Fjwuau8as8KeT8jH3csv%2BxmPZ3LCi%2Btg3D0OKYnmB8Dou1DfcvjC8D0Eq7aoWoTHdhrO13kspMhGOVOAVK9xA9qo6x4wXp47c63a1jiIEWMXetiiqeej7I8vv%2F06m1SioOOobTprYx0AHMYYcA1KQ8CVvhUhmo9dDTGCqwE3fmksYHOrm3NJ2dR73zQRpl%2FRp08oyHu7yX%2FN8%2B4HIyM8L2Y%2FFzxnfBDp7R9m63TL&pcode-icookie=kJekFapqa9%2Fc6iorqqcr7LX12DRYNRYQC7xhUmTg%2BuYN%2BcR91pw7ZCXjrQaiTLRk9JpILoRWwr56%2BENgv0jJMpSG9GI%3D&disable-base64=1&top-ancestor=https%3A%2F%2Fgoo.su&top-ancestor-undetermined=0&tga-with-creatives=1&banner-lang=en&grab-orig-len=392&grab=eyJncmFiX3ZlcnNpb24iOjJ9CjKrPpE83_MC6tQYTkutcNM44ogm6O-P7cl92M-iDAjcMqV2WqxakmqJ_guTITww6Y0fLsqNv5rlNmniybA7D7c25KbQf1Noj7SZlVtOhC-xOgevlg1TUzjfxWhT_myIwz9D97LRcuH5TiKTVR2pXwgV9HLs1c5ql1SDmaFPzaL6yl3sGHsFZ06htPafw08vFwY7Ra0FAQ2yIUjtNTHTGQoG20loosVGU2MSQk9znAOWqro8mQ5o6yaJbGfkZNbAhlC1ls2nyk8kE59SzJ1zVWAcMOs9i_jD30Oa-9m1X_193IVKQXhx_Ze1MX8w3Ced-Q3rITxKQQM1brSyB1gcBri1yGMaTKO-rampG9CgtYIDe8H_ Requested by Host: yandex.ru URL: https://yandex.ru/ads/system/context.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 77.88.44.55 , Russian Federation, ASN13238 (YANDEX YANDEX LLC, RU), Reverse DNS yandex.ru Software / Resource Hash 3d5e73ababf255adc9d54acedd54b64308cd2eaecf78d2215f1a5ff8a7050cf5 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers sec-ch-ua-platform "Linux" Referer https://goo.su/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36 sec-ch-ua "Chromium";v="147", "Google Chrome";v="147", "Not-A.Brand";v="24" Content-Type application/x-www-form-urlencoded sec-ch-ua-mobile ?0 Response headers x-yandex-req-id 1777349204629615-171019523979867174-balancer-l7leveler-kubr-yp-klg-45-BAL content-encoding gzip report-to { "group": "network-errors", "max_age": 100, "endpoints": [{"url": "https://dr.yandex.net/nel", "priority": 1}, {"url": "https://dr2.yandex.net/nel", "priority": 2}]} x-content-type-options nosniff x-ads-queuetime 0.149000 expires Mon, 04 Dec 1999 21:29:02 GMT p3p policyref=/w3c/w3c.p3p, CP=NON CUR ADM DEV PSA PSD OUR IND UNI NAV INT STA x-ads-loadaverageonarrival 0.214286 content-type application/json cache-control no-store, no-cache, must-revalidate, max-age=0 timing-allow-origin * nel {"report_to": "network-errors", "max_age": 100, "success_fraction": 0.001, "failure_fraction": 0.1} accept-ch Sec-CH-UA-Platform-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Platform, Sec-CH-UA-Full-Version, Sec-CH-Viewport-Width, Viewport-Width, DPR, Device-Memory, RTT, Downlink, ECT, Width, Sec-Ch-Viewport-Height pragma no-cache access-control-allow-credentials true x-yt-request-id 5a036b50-ac28d8da-91a4bb41-562702ff x-ads-degradation 0.000000 x-adfox-request-id 1298453873459785176 x-ads-loadaverage 0.071429 access-control-allow-origin https://goo.su x-yt-trace-id 0-1-0-0 x-xss-protection 1; mode=block
GET H2	200	1061630 Show response ad.mail.ru/vast/	60 B 256 B	155ms 155ms	Fetch text/xml	95.163.41.56 VK-AS LLC VK
General Check archive.org Show headers Download Go to Full URL https://ad.mail.ru/vast/1061630?pr=919705&sc=1701212&dl=goo.su&content_id=129923941701212 Requested by Host: kimberlite.io URL: https://kimberlite.io/rtb/ujs?ymss=digitalcaramel Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_256_GCM Server 95.163.41.56 , Russian Federation, ASN47764 (VK-AS LLC VK, RU), Reverse DNS r.myadx.net Software nginx / Resource Hash 7d09bb222b67e1a06a418fbfdca6eac1170f990e50ac0582398dc9b1901f793f Request headers sec-ch-ua-platform "Linux" Referer https://goo.su/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36 sec-ch-ua "Chromium";v="147", "Google Chrome";v="147", "Not-A.Brand";v="24" sec-ch-ua-mobile ?0 Response headers cache-control private, no-cache, no-store timing-allow-origin * content-encoding gzip access-control-allow-credentials true access-control-allow-origin https://goo.su date Tue, 28 Apr 2026 04:06:44 GMT content-type text/xml server nginx
GET H2	200	mail.adman.vpaid.js Show response cdn1.moe.video/integration/ Frame E535	5 KB 2 KB	34ms 34ms	Script application/x-javascript	5.101.37.37 EdgeAmLLC "EDGEAM...
General Check archive.org Show headers Download Go to Full URL https://cdn1.moe.video/integration/mail.adman.vpaid.js Requested by Host: cdn1.moe.video URL: https://cdn1.moe.video/p/cr.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 5.101.37.37 Yerevan, Armenia, ASN201589 (EdgeAmLLC "EDGEAM" LLC, AM), Reverse DNS Software nginx / Resource Hash 13c813be696332f93078f35079be539dfd0ff054221035cac0fc6e0c79fe0bab Request headers sec-ch-ua-platform "Linux" Referer User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36 sec-ch-ua "Chromium";v="147", "Google Chrome";v="147", "Not-A.Brand";v="24" sec-ch-ua-mobile ?0 Response headers x-cached-since 2026-04-28T03:50:29+00:00 cache HIT cache-control max-age=1800 content-encoding gzip expires Tue, 28 Apr 2026 04:36:44 GMT date Tue, 28 Apr 2026 04:06:44 GMT content-type application/x-javascript vary Accept-Encoding, Accept-Encoding server nginx last-modified Tuesday, 28-Apr-2026 03:50:29 GMT x-node am4-up-gc95
GET H2	200	1078843 Show response ad.mail.ru/vast/	59 B 255 B	172ms 171ms	Fetch text/xml	95.163.41.56 VK-AS LLC VK
General Check archive.org Show headers Download Go to Full URL https://ad.mail.ru/vast/1078843?pr=7013774&sc=1701212&dl=goo.su&content_id=134183081701212 Requested by Host: kimberlite.io URL: https://kimberlite.io/rtb/ujs?ymss=digitalcaramel Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_256_GCM Server 95.163.41.56 , Russian Federation, ASN47764 (VK-AS LLC VK, RU), Reverse DNS r.myadx.net Software nginx / Resource Hash a99977ca42fa57db38a752fcbc2186b778e03f5edd65711797ff98b5a830a7a9 Request headers sec-ch-ua-platform "Linux" Referer https://goo.su/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36 sec-ch-ua "Chromium";v="147", "Google Chrome";v="147", "Not-A.Brand";v="24" sec-ch-ua-mobile ?0 Response headers cache-control private, no-cache, no-store timing-allow-origin * content-encoding gzip access-control-allow-credentials true access-control-allow-origin https://goo.su date Tue, 28 Apr 2026 04:06:44 GMT content-type text/xml server nginx
GET H2	200	1434682 Show response ad.mail.ru/vast/	59 B 255 B	189ms 189ms	Fetch text/xml	95.163.41.56 VK-AS LLC VK
General Check archive.org Show headers Download Go to Full URL https://ad.mail.ru/vast/1434682?dl=goo.su&content_id=188396651701212 Requested by Host: kimberlite.io URL: https://kimberlite.io/rtb/ujs?ymss=digitalcaramel Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_256_GCM Server 95.163.41.56 , Russian Federation, ASN47764 (VK-AS LLC VK, RU), Reverse DNS r.myadx.net Software nginx / Resource Hash a99977ca42fa57db38a752fcbc2186b778e03f5edd65711797ff98b5a830a7a9 Request headers sec-ch-ua-platform "Linux" Referer https://goo.su/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36 sec-ch-ua "Chromium";v="147", "Google Chrome";v="147", "Not-A.Brand";v="24" sec-ch-ua-mobile ?0 Response headers cache-control private, no-cache, no-store timing-allow-origin * content-encoding gzip access-control-allow-credentials true access-control-allow-origin https://goo.su date Tue, 28 Apr 2026 04:06:44 GMT content-type text/xml server nginx
GET H2	204	moevideo-lowprice-bid Show response bid.adx.com.ru/	0 106 B	361ms 130ms	Fetch	83.222.105.238 MNOGOBYTE-AS Mnog...
General Check archive.org Show headers Download Go to Full URL https://bid.adx.com.ru/moevideo-lowprice-bid?vpaid=true&referer=goo.su Requested by Host: kimberlite.io URL: https://kimberlite.io/rtb/ujs?ymss=digitalcaramel Protocol H2 Security TLS 1.3, , AES_128_GCM Server 83.222.105.238 , Russian Federation, ASN42632 (MNOGOBYTE-AS MnogoByte LLC, RU), Reverse DNS vs18.videonow.ru Software nginx/1.28.2 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers sec-ch-ua-platform "Linux" Referer https://goo.su/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36 sec-ch-ua "Chromium";v="147", "Google Chrome";v="147", "Not-A.Brand";v="24" sec-ch-ua-mobile ?0 Response headers access-control-allow-origin https://goo.su date Tue, 28 Apr 2026 04:06:44 GMT server nginx/1.28.2 access-control-allow-credentials true
GET H2	204	moevideo-vast-midprice-bid Show response bid.adx.com.ru/	0 105 B	219ms 129ms	Fetch	83.222.105.238 MNOGOBYTE-AS Mnog...
General Check archive.org Show headers Download Go to Full URL https://bid.adx.com.ru/moevideo-vast-midprice-bid?vpaid=true&referer=goo.su Requested by Host: kimberlite.io URL: https://kimberlite.io/rtb/ujs?ymss=digitalcaramel Protocol H2 Security TLS 1.3, , AES_128_GCM Server 83.222.105.238 , Russian Federation, ASN42632 (MNOGOBYTE-AS MnogoByte LLC, RU), Reverse DNS vs18.videonow.ru Software nginx/1.28.2 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers sec-ch-ua-platform "Linux" Referer https://goo.su/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36 sec-ch-ua "Chromium";v="147", "Google Chrome";v="147", "Not-A.Brand";v="24" sec-ch-ua-mobile ?0 Response headers access-control-allow-origin https://goo.su date Tue, 28 Apr 2026 04:06:44 GMT server nginx/1.28.2 access-control-allow-credentials true
GET H2	200	1059170 Show response ad.mail.ru/vast/	59 B 255 B	82ms 82ms	Fetch text/xml	95.163.41.56 VK-AS LLC VK
General Check archive.org Show headers Download Go to Full URL https://ad.mail.ru/vast/1059170?pr=3831138&sc=1701212&dl=goo.su&dd=1 Requested by Host: kimberlite.io URL: https://kimberlite.io/rtb/ujs?ymss=digitalcaramel Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_256_GCM Server 95.163.41.56 , Russian Federation, ASN47764 (VK-AS LLC VK, RU), Reverse DNS r.myadx.net Software nginx / Resource Hash a99977ca42fa57db38a752fcbc2186b778e03f5edd65711797ff98b5a830a7a9 Request headers sec-ch-ua-platform "Linux" Referer https://goo.su/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36 sec-ch-ua "Chromium";v="147", "Google Chrome";v="147", "Not-A.Brand";v="24" sec-ch-ua-mobile ?0 Response headers cache-control private, no-cache, no-store timing-allow-origin * content-encoding gzip access-control-allow-credentials true access-control-allow-origin https://goo.su date Tue, 28 Apr 2026 04:06:44 GMT content-type text/xml server nginx
GET H2	200	1434682 Show response ad.mail.ru/vast/	59 B 255 B	122ms 122ms	Fetch text/xml	95.163.41.56 VK-AS LLC VK
General Check archive.org Show headers Download Go to Full URL https://ad.mail.ru/vast/1434682?dl=goo.su&content_id=188396651701212 Requested by Host: kimberlite.io URL: https://kimberlite.io/rtb/ujs?ymss=digitalcaramel Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_256_GCM Server 95.163.41.56 , Russian Federation, ASN47764 (VK-AS LLC VK, RU), Reverse DNS r.myadx.net Software nginx / Resource Hash a99977ca42fa57db38a752fcbc2186b778e03f5edd65711797ff98b5a830a7a9 Request headers sec-ch-ua-platform "Linux" Referer https://goo.su/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36 sec-ch-ua "Chromium";v="147", "Google Chrome";v="147", "Not-A.Brand";v="24" sec-ch-ua-mobile ?0 Response headers cache-control private, no-cache, no-store timing-allow-origin * content-encoding gzip access-control-allow-credentials true access-control-allow-origin https://goo.su date Tue, 28 Apr 2026 04:06:44 GMT content-type text/xml server nginx
GET H2	200	1329661 Show response ad.mail.ru/vast/	60 B 256 B	134ms 134ms	Fetch text/xml	95.163.41.56 VK-AS LLC VK
General Check archive.org Show headers Download Go to Full URL https://ad.mail.ru/vast/1329661?dl=goo.su&content_id=188396651701212 Requested by Host: kimberlite.io URL: https://kimberlite.io/rtb/ujs?ymss=digitalcaramel Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_256_GCM Server 95.163.41.56 , Russian Federation, ASN47764 (VK-AS LLC VK, RU), Reverse DNS r.myadx.net Software nginx / Resource Hash 7d09bb222b67e1a06a418fbfdca6eac1170f990e50ac0582398dc9b1901f793f Request headers sec-ch-ua-platform "Linux" Referer https://goo.su/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36 sec-ch-ua "Chromium";v="147", "Google Chrome";v="147", "Not-A.Brand";v="24" sec-ch-ua-mobile ?0 Response headers cache-control private, no-cache, no-store timing-allow-origin * content-encoding gzip access-control-allow-credentials true access-control-allow-origin https://goo.su date Tue, 28 Apr 2026 04:06:45 GMT content-type text/xml server nginx
GET H3	200	code.xml Show response catsnetwork.ru/core/	12 B 722 B	160ms 70ms	Fetch application/xml	194.186.91.199 SOVAM-AS PJSC "Vi...
General Check archive.org Show headers Download Go to Full URL https://catsnetwork.ru/core/code.xml?pid=9956&vr=1&rid=7114625&dl=goo.su Requested by Host: kimberlite.io URL: https://kimberlite.io/rtb/ujs?ymss=digitalcaramel Protocol H3 Security QUIC, , AES_256_GCM Server 194.186.91.199 , Russian Federation, ASN3216 (SOVAM-AS PJSC "Vimpelcom", RU), Reverse DNS serv44.mt.viaprog.eu Software nginx / Resource Hash 21b398232e73bcfb7e782233055a6fbc1dbb3faf8736e512c216329555da2529 Request headers sec-ch-ua-platform "Linux" Referer https://goo.su/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36 sec-ch-ua "Chromium";v="147", "Google Chrome";v="147", "Not-A.Brand";v="24" sec-ch-ua-mobile ?0 Response headers cache-control no-cache, max-age=0, must-revalidate, no-store pragma no-cache access-control-allow-credentials true referrer-policy origin-when-cross-origin expires Tue, 11 Sep 2001 12:46:00 GMT alt-svc h3=":443"; ma=86400,h3-29=":443"; ma=86400 access-control-allow-origin https://goo.su content-length 12 date Tue, 28 Apr 2026 04:06:45 GMT content-type application/xml vary Origin, Access-Control-Request-Method, Access-Control-Request-Headers server nginx
POST H/1.1	200 OK	/ privacy-cs.mail.ru/fp/	0 0	253ms 159ms	Fetch application/octet-stream	90.156.232.15 VK-AS LLC VK
General Check archive.org Show headers Download Go to Full URL https://privacy-cs.mail.ru/fp/?id=hkK1Zz1KlJSlNUrlagPIT Requested by Host: kimberlite.io URL: https://kimberlite.io/rtb/ujs?ymss=digitalcaramel Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 90.156.232.15 , Russian Federation, ASN47764 (VK-AS LLC VK, RU), Reverse DNS Software envoy-lb7-prod / Resource Hash Request headers sec-ch-ua-platform "Linux" Referer https://goo.su/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36 sec-ch-ua "Chromium";v="147", "Google Chrome";v="147", "Not-A.Brand";v="24" Content-Type application/json sec-ch-ua-mobile ?0 Response headers transfer-encoding chunked cache-control max-age=7200 timing-allow-origin * x-envoy-upstream-service-time 9 access-control-allow-credentials true expires Tue, 28 Apr 2026 06:06:45 GMT access-control-allow-origin https://goo.su p3p policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSAo PSDo OUR BUS UNI NAV STA INT" date Tue, 28 Apr 2026 04:06:45 GMT content-type application/octet-stream server envoy-lb7-prod
OPTIONS H/1.1	200 OK	/ privacy-cs.mail.ru/fp/ Frame	0 0	323ms 64ms	Preflight application/octet-stream	90.156.232.15 VK-AS LLC VK
General Check archive.org Show headers Download Go to Full URL https://privacy-cs.mail.ru/fp/?id=hkK1Zz1KlJSlNUrlagPIT Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 90.156.232.15 , Russian Federation, ASN47764 (VK-AS LLC VK, RU), Reverse DNS Software envoy-lb7-prod / Resource Hash Request headers Accept */* Access-Control-Request-Headers content-type Access-Control-Request-Method POST Origin https://goo.su Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36 Response headers access-control-allow-credentials true access-control-allow-headers content-type access-control-allow-method POST access-control-allow-origin https://goo.su access-control-max-age 1728000 cache-control max-age=7200 content-length 0 content-type application/octet-stream date Tue, 28 Apr 2026 04:06:45 GMT expires Tue, 28 Apr 2026 06:06:45 GMT server envoy-lb7-prod x-envoy-upstream-service-time 1
GET H2	200	1055655 Show response ad.mail.ru/vast/	59 B 255 B	83ms 82ms	Fetch text/xml	95.163.41.56 VK-AS LLC VK
General Check archive.org Show headers Download Go to Full URL https://ad.mail.ru/vast/1055655?pr=1980282&sc=1701212&dl=goo.su&dd=1 Requested by Host: kimberlite.io URL: https://kimberlite.io/rtb/ujs?ymss=digitalcaramel Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_256_GCM Server 95.163.41.56 , Russian Federation, ASN47764 (VK-AS LLC VK, RU), Reverse DNS r.myadx.net Software nginx / Resource Hash a99977ca42fa57db38a752fcbc2186b778e03f5edd65711797ff98b5a830a7a9 Request headers sec-ch-ua-platform "Linux" Referer https://goo.su/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36 sec-ch-ua "Chromium";v="147", "Google Chrome";v="147", "Not-A.Brand";v="24" sec-ch-ua-mobile ?0 Response headers cache-control private, no-cache, no-store timing-allow-origin * content-encoding gzip access-control-allow-credentials true access-control-allow-origin https://goo.su date Tue, 28 Apr 2026 04:06:45 GMT content-type text/xml server nginx
GET H/1.1	200 OK	erle.cgi Show response ad.adriver.ru/cgi-bin/	142 B 857 B	63ms 63ms	Fetch text/xml	195.209.109.116 ADRIVER LLC AdRiver
General Check archive.org Show headers Download Go to Full URL https://ad.adriver.ru/cgi-bin/erle.cgi?sid=234048&bt=61&pz=0&target=top&rnd=4927803&tail256=goo.su Requested by Host: kimberlite.io URL: https://kimberlite.io/rtb/ujs?ymss=digitalcaramel Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 195.209.109.116 , Russian Federation, ASN52007 (ADRIVER LLC AdRiver, RU), Reverse DNS Software / Resource Hash c552f6e085fb5cf5196d9ef32b915c9591a4459ab5b92178a1f49b8ccb96a375 Request headers sec-ch-ua-platform "Linux" Referer https://goo.su/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36 sec-ch-ua "Chromium";v="147", "Google Chrome";v="147", "Not-A.Brand";v="24" sec-ch-ua-mobile ?0 Response headers Transfer-Encoding chunked Cache-control no-cache, no-cache=Set-Cookie, max-age=0, must-revalidate, proxy-revalidate, no-store Pragma no-cache Connection keep-alive Access-Control-Allow-Credentials true Expires Thu, 01 Jan 1970 00:00:00 GMT Access-Control-Allow-Origin https://goo.su P3P policyref="https://adriver.ru/w3c/p3p.xml", CP="NON DSP COR CURa ADMa DEVa OUR BUS UNI COM NAV INT STA" Date Tue, 28 Apr 2026 04:06:45 GMT Content-Type text/xml
GET H/1.1	200 OK	moevideo_vast_new Show response kimberlite.io/rtb/bid/vast/	123 B 501 B	97ms 96ms	Fetch text/xml	37.0.127.91 NETRACK-AS Start2...
General Check archive.org Show headers Download Go to Full URL https://kimberlite.io/rtb/bid/vast/moevideo_vast_new?fp=6cc3b1f88e6a05decde61b9856471275%7E0 Requested by Host: kimberlite.io URL: https://kimberlite.io/rtb/ujs?ymss=digitalcaramel Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 37.0.127.91 Moscow, Russian Federation, ASN61400 (NETRACK-AS Start2 LLC, RU), Reverse DNS Software nginx / Resource Hash 7be888fe96032d9c836dc482383d6fe897ebbbec7b19a5c67671d74cdf13281f Request headers sec-ch-ua-platform "Linux" Referer https://goo.su/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36 sec-ch-ua "Chromium";v="147", "Google Chrome";v="147", "Not-A.Brand";v="24" sec-ch-ua-mobile ?0 Response headers Connection keep-alive access-control-allow-credentials true access-control-allow-origin https://goo.su server-timing app;srv=s25a;dur=0.0007 Content-Length 123 Date Tue, 28 Apr 2026 04:06:45 GMT Content-Type text/xml Server nginx
GET H2	200	pl53844 Show response ssp.bidvol.com/vast/	27 B 484 B	129ms 128ms	Fetch text/xml	194.85.16.29 MSK-IX_Services J...
General Check archive.org Show headers Download Go to Full URL https://ssp.bidvol.com/vast/pl53844?domain=goo.su&page=https%3A%2F%2Fgoo.su%2F3oxh2eW&w=100&h=57 Requested by Host: kimberlite.io URL: https://kimberlite.io/rtb/ujs?ymss=digitalcaramel Protocol H2 Security TLS 1.3, , AES_256_GCM Server 194.85.16.29 , Russian Federation, ASN8985 (MSK-IX_Services Join-stock company "Internet Exchange"MSK-IX", RU), Reverse DNS Software nginx / Resource Hash fd8b5f56a42ba9c68188da914e3e00e6f1b1328baf2fec87206dbda14340f737 Request headers sec-ch-ua-platform "Linux" Referer https://goo.su/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36 sec-ch-ua "Chromium";v="147", "Google Chrome";v="147", "Not-A.Brand";v="24" sec-ch-ua-mobile ?0 Response headers surrogate-control no-store x-request-id 97bb2bfa-d593-4a7c-bb31-a821038256d9 cache-control no-store, no-cache, must-revalidate, proxy-revalidate pragma no-cache access-control-allow-credentials true expires 0 access-control-allow-origin https://goo.su content-length 27 date Tue, 28 Apr 2026 04:06:45 GMT content-type text/xml; charset=utf-8 server nginx
GET H2	200	vpaid.xml Show response cdn-v.skcrtxr.com/wrapper/	3 KB 1 KB	159ms 102ms	Fetch text/xml	188.72.103.3 YACLOUDCDN Yandex...
General Check archive.org Show headers Download Go to Full URL https://cdn-v.skcrtxr.com/wrapper/vpaid.xml?id=3b87ab75-56ea-4bab-89d4-978e4800d3b1&rxt-host=goo.su Requested by Host: kimberlite.io URL: https://kimberlite.io/rtb/ujs?ymss=digitalcaramel Protocol H2 Security TLS 1.3, , AES_256_GCM Server 188.72.103.3 Dubai, United Arab Emirates, ASN215013 (YACLOUDCDN Yandex.Cloud LLC, RU), Reverse DNS Software nginx / Resource Hash 4f0ca6e7e9f551499486afa965bcd4fc49b7d9586126693eb8eda7c9e42a2cff Request headers sec-ch-ua-platform "Linux" Referer https://goo.su/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36 sec-ch-ua "Chromium";v="147", "Google Chrome";v="147", "Not-A.Brand";v="24" sec-ch-ua-mobile ?0 Response headers x-request-id 6b335f5a4bd3c1a1 access-control-allow-private-network true cache-control max-age=600 content-encoding gzip access-control-allow-credentials true accept-ranges bytes access-control-allow-origin https://goo.su content-length 965 date Tue, 28 Apr 2026 04:06:45 GMT cache-status EXPIRED content-type text/xml; charset=utf-8 vary Accept-Encoding, Accept-Encoding server nginx x-service-id worker cache-host yccdn-ruvoz02kvant-1.yccdn.cloud.yandex.net
GET H2	200	pl53845 Show response ssp.bidvol.com/vast/	27 B 484 B	352ms 352ms	Fetch text/xml	194.85.16.29 MSK-IX_Services J...
General Check archive.org Show headers Download Go to Full URL https://ssp.bidvol.com/vast/pl53845?domain=goo.su&page=https%3A%2F%2Fgoo.su%2F3oxh2eW&w=100&h=57 Requested by Host: kimberlite.io URL: https://kimberlite.io/rtb/ujs?ymss=digitalcaramel Protocol H2 Security TLS 1.3, , AES_256_GCM Server 194.85.16.29 , Russian Federation, ASN8985 (MSK-IX_Services Join-stock company "Internet Exchange"MSK-IX", RU), Reverse DNS Software nginx / Resource Hash fd8b5f56a42ba9c68188da914e3e00e6f1b1328baf2fec87206dbda14340f737 Request headers sec-ch-ua-platform "Linux" Referer https://goo.su/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36 sec-ch-ua "Chromium";v="147", "Google Chrome";v="147", "Not-A.Brand";v="24" sec-ch-ua-mobile ?0 Response headers surrogate-control no-store x-request-id 39585f55-667e-4206-8fe8-f704eea1eb7f cache-control no-store, no-cache, must-revalidate, proxy-revalidate pragma no-cache access-control-allow-credentials true expires 0 access-control-allow-origin https://goo.su content-length 27 date Tue, 28 Apr 2026 04:06:45 GMT content-type text/xml; charset=utf-8 server nginx
GET H2	200	vk-adman.js Show response ad.mail.ru/static/ Frame E535	268 KB 70 KB	92ms 92ms	Script application/javascript	95.163.41.56 VK-AS LLC VK
General Check archive.org Show headers Download Go to Full URL https://ad.mail.ru/static/vk-adman.js Requested by Host: cdn1.moe.video URL: https://cdn1.moe.video/integration/mail.adman.vpaid.js Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_256_GCM Server 95.163.41.56 , Russian Federation, ASN47764 (VK-AS LLC VK, RU), Reverse DNS r.myadx.net Software nginx / Resource Hash 48789704aa98b535b0e376e00d59dc62117bc4004faec7bd36da575ffd99c549 Request headers sec-ch-ua-platform "Linux" Referer User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36 sec-ch-ua "Chromium";v="147", "Google Chrome";v="147", "Not-A.Brand";v="24" sec-ch-ua-mobile ?0 Response headers cache-control max-age=600 timing-allow-origin * content-encoding gzip expires Tue, 28 Apr 2026 04:16:45 GMT access-control-allow-origin * date Tue, 28 Apr 2026 04:06:45 GMT content-type application/javascript;charset=UTF-8 server nginx
GET H2	200	adserver-vpaid-eng-v4.js Show response cdn-c.skcrtxr.com/wrapper/js/ Frame 1702	165 KB 57 KB	95ms 95ms	Script text/javascript	188.72.103.3 YACLOUDCDN Yandex...
General Check archive.org Show headers Download Go to Full URL https://cdn-c.skcrtxr.com/wrapper/js/adserver-vpaid-eng-v4.js?v=s-2562a02c-845e-41cf-a305-4881e0c442fb Requested by Host: cdn1.moe.video URL: https://cdn1.moe.video/p/cr.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 188.72.103.3 Dubai, United Arab Emirates, ASN215013 (YACLOUDCDN Yandex.Cloud LLC, RU), Reverse DNS Software nginx / Resource Hash bd33728664823b7c592170cbf0921313d270e69a4a71230bc5221e43dbd13d82 Request headers sec-ch-ua-platform "Linux" Referer User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36 sec-ch-ua "Chromium";v="147", "Google Chrome";v="147", "Not-A.Brand";v="24" sec-ch-ua-mobile ?0 Response headers x-request-id efd63e78f116235b cache-control max-age=345600 content-encoding gzip etag W/"9382d6ded23c16c1d49a1bc389e7d1a5" date Tue, 28 Apr 2026 04:06:45 GMT cache-status HIT content-type text/javascript vary Accept-Encoding server nginx last-modified Fri, 24 Apr 2026 08:48:23 GMT cache-host yccdn-ruvoz02kvant-1.yccdn.cloud.yandex.net
GET H/1.1	200 OK	code.xml Show response otclick-adv.ru/core/	0 512 B	63ms 63ms	Fetch text/xml	139.45.228.134 RETNRU-AS JSC "Re...
General Check archive.org Show headers Download Go to Full URL https://otclick-adv.ru/core/code.xml?pid=8623&vr=1&rid=7938521&ll=goo.su Requested by Host: kimberlite.io URL: https://kimberlite.io/rtb/ujs?ymss=digitalcaramel Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 139.45.228.134 , Russian Federation, ASN57304 (RETNRU-AS JSC "RetnNet", RU), Reverse DNS serv5.otclick.ru Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers sec-ch-ua-platform "Linux" Referer https://goo.su/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36 sec-ch-ua "Chromium";v="147", "Google Chrome";v="147", "Not-A.Brand";v="24" sec-ch-ua-mobile ?0 Response headers Cache-Control no-cache, max-age=0, must-revalidate, no-store Pragma no-cache Connection keep-alive Access-Control-Allow-Credentials true Referrer-Policy origin-when-cross-origin Expires Thursday, 01-Jan-1970 00:00:00 GMT Access-Control-Allow-Origin https://goo.su Content-Length 0 Keep-Alive timeout=60 Date Tue, 28 Apr 2026 04:06:45 GMT P3P policyref=/w3c/p3p.xml, CP=NON CUR ADM DEV PSA PSD OUR IND UNI NAV INT STA Content-Type text/xml; charset=utf-8 Server nginx
GET H2	200	1061630 Show response ad.mail.ru/vast/	59 B 255 B	90ms 90ms	Fetch text/xml	95.163.41.56 VK-AS LLC VK
General Check archive.org Show headers Download Go to Full URL https://ad.mail.ru/vast/1061630?pr=944903&sc=1701212&dl=goo.su&content_id=129923941701212 Requested by Host: kimberlite.io URL: https://kimberlite.io/rtb/ujs?ymss=digitalcaramel Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_256_GCM Server 95.163.41.56 , Russian Federation, ASN47764 (VK-AS LLC VK, RU), Reverse DNS r.myadx.net Software nginx / Resource Hash a99977ca42fa57db38a752fcbc2186b778e03f5edd65711797ff98b5a830a7a9 Request headers sec-ch-ua-platform "Linux" Referer https://goo.su/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36 sec-ch-ua "Chromium";v="147", "Google Chrome";v="147", "Not-A.Brand";v="24" sec-ch-ua-mobile ?0 Response headers cache-control private, no-cache, no-store timing-allow-origin * content-encoding gzip access-control-allow-credentials true access-control-allow-origin https://goo.su date Tue, 28 Apr 2026 04:06:45 GMT content-type text/xml server nginx
GET H2	200	mail.adman.vpaid.js Show response cdn1.moe.video/integration/ Frame 4545	5 KB 0	34ms 34ms	Script application/x-javascript	5.101.37.37 EdgeAmLLC "EDGEAM...
General Check archive.org Show headers Download Go to Full URL https://cdn1.moe.video/integration/mail.adman.vpaid.js Requested by Host: cdn1.moe.video URL: https://cdn1.moe.video/p/cr.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 5.101.37.37 Yerevan, Armenia, ASN201589 (EdgeAmLLC "EDGEAM" LLC, AM), Reverse DNS Software nginx / Resource Hash 13c813be696332f93078f35079be539dfd0ff054221035cac0fc6e0c79fe0bab Request headers sec-ch-ua-platform "Linux" Referer User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36 sec-ch-ua "Chromium";v="147", "Google Chrome";v="147", "Not-A.Brand";v="24" sec-ch-ua-mobile ?0 Response headers x-cached-since 2026-04-28T03:50:29+00:00 cache HIT cache-control max-age=1800 content-encoding gzip expires Tue, 28 Apr 2026 04:36:44 GMT date Tue, 28 Apr 2026 04:06:44 GMT content-type application/x-javascript vary Accept-Encoding, Accept-Encoding server nginx last-modified Tuesday, 28-Apr-2026 03:50:29 GMT x-node am4-up-gc95
GET H2	200	1078843 Show response ad.mail.ru/vast/	59 B 255 B	200ms 200ms	Fetch text/xml	95.163.41.56 VK-AS LLC VK
General Check archive.org Show headers Download Go to Full URL https://ad.mail.ru/vast/1078843?pr=87174&sc=1701212&dl=goo.su&content_id=134183081701212 Requested by Host: kimberlite.io URL: https://kimberlite.io/rtb/ujs?ymss=digitalcaramel Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_256_GCM Server 95.163.41.56 , Russian Federation, ASN47764 (VK-AS LLC VK, RU), Reverse DNS r.myadx.net Software nginx / Resource Hash a99977ca42fa57db38a752fcbc2186b778e03f5edd65711797ff98b5a830a7a9 Request headers sec-ch-ua-platform "Linux" Referer https://goo.su/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36 sec-ch-ua "Chromium";v="147", "Google Chrome";v="147", "Not-A.Brand";v="24" sec-ch-ua-mobile ?0 Response headers cache-control private, no-cache, no-store timing-allow-origin * content-encoding gzip access-control-allow-credentials true access-control-allow-origin https://goo.su date Tue, 28 Apr 2026 04:06:45 GMT content-type text/xml server nginx
GET H2	200	1434682 Show response ad.mail.ru/vast/	59 B 255 B	137ms 136ms	Fetch text/xml	95.163.41.56 VK-AS LLC VK
General Check archive.org Show headers Download Go to Full URL https://ad.mail.ru/vast/1434682?dl=goo.su&content_id=188396651701212 Requested by Host: kimberlite.io URL: https://kimberlite.io/rtb/ujs?ymss=digitalcaramel Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_256_GCM Server 95.163.41.56 , Russian Federation, ASN47764 (VK-AS LLC VK, RU), Reverse DNS r.myadx.net Software nginx / Resource Hash a99977ca42fa57db38a752fcbc2186b778e03f5edd65711797ff98b5a830a7a9 Request headers sec-ch-ua-platform "Linux" Referer https://goo.su/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36 sec-ch-ua "Chromium";v="147", "Google Chrome";v="147", "Not-A.Brand";v="24" sec-ch-ua-mobile ?0 Response headers cache-control private, no-cache, no-store timing-allow-origin * content-encoding gzip access-control-allow-credentials true access-control-allow-origin https://goo.su date Tue, 28 Apr 2026 04:06:45 GMT content-type text/xml server nginx
GET H/1.1	200 OK	code.xml Show response otclick-adv.ru/core/	0 512 B	67ms 64ms	Fetch text/xml	139.45.228.134 RETNRU-AS JSC "Re...
General Check archive.org Show headers Download Go to Full URL https://otclick-adv.ru/core/code.xml?pid=8623&vr=1&rid=7706589&ll=goo.su Requested by Host: kimberlite.io URL: https://kimberlite.io/rtb/ujs?ymss=digitalcaramel Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 139.45.228.134 , Russian Federation, ASN57304 (RETNRU-AS JSC "RetnNet", RU), Reverse DNS serv5.otclick.ru Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers sec-ch-ua-platform "Linux" Referer https://goo.su/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36 sec-ch-ua "Chromium";v="147", "Google Chrome";v="147", "Not-A.Brand";v="24" sec-ch-ua-mobile ?0 Response headers Cache-Control no-cache, max-age=0, must-revalidate, no-store Pragma no-cache Connection keep-alive Access-Control-Allow-Credentials true Referrer-Policy origin-when-cross-origin Expires Thursday, 01-Jan-1970 00:00:00 GMT Access-Control-Allow-Origin https://goo.su Content-Length 0 Keep-Alive timeout=60 Date Tue, 28 Apr 2026 04:06:45 GMT P3P policyref=/w3c/p3p.xml, CP=NON CUR ADM DEV PSA PSD OUR IND UNI NAV INT STA Content-Type text/xml; charset=utf-8 Server nginx
GET H2	200	4ab34668-74ba-416a-b94a-af3045b3df73 Show response cdn.skcrtxr.com/wrapper-builder/placement/ Frame 1702	2 KB 2 KB	353ms 156ms	Fetch application/json	188.72.103.3 YACLOUDCDN Yandex...
General Check archive.org Show headers Download Go to Full URL https://cdn.skcrtxr.com/wrapper-builder/placement/4ab34668-74ba-416a-b94a-af3045b3df73?v=d-1776955532 Requested by Host: cdn-c.skcrtxr.com URL: https://cdn-c.skcrtxr.com/wrapper/js/adserver-vpaid-eng-v4.js?v=s-2562a02c-845e-41cf-a305-4881e0c442fb Protocol H2 Security TLS 1.3, , AES_256_GCM Server 188.72.103.3 Dubai, United Arab Emirates, ASN215013 (YACLOUDCDN Yandex.Cloud LLC, RU), Reverse DNS Software nginx / Resource Hash 4618844876d9a87538bc957cf5b902332d736d03226626343a34b9a9750f9d92 Request headers sec-ch-ua-platform "Linux" Referer User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36 sec-ch-ua "Chromium";v="147", "Google Chrome";v="147", "Not-A.Brand";v="24" sec-ch-ua-mobile ?0 Response headers x-request-id 25bcabb504b99297 access-control-allow-private-network true cache-control max-age=600 access-control-allow-credentials true accept-ranges bytes access-control-allow-origin https://goo.su content-length 2032 date Tue, 28 Apr 2026 04:06:45 GMT cache-status HIT content-type application/json; charset=utf-8 x-service-id worker server nginx cache-host yccdn-ruvoz02kvant-1.yccdn.cloud.yandex.net
GET H2	204	moevideo-lowprice-bid Show response bid.adx.com.ru/	0 105 B	69ms 68ms	Fetch	83.222.105.238 MNOGOBYTE-AS Mnog...
General Check archive.org Show headers Download Go to Full URL https://bid.adx.com.ru/moevideo-lowprice-bid?vpaid=true&referer=goo.su Requested by Host: kimberlite.io URL: https://kimberlite.io/rtb/ujs?ymss=digitalcaramel Protocol H2 Security TLS 1.3, , AES_128_GCM Server 83.222.105.238 , Russian Federation, ASN42632 (MNOGOBYTE-AS MnogoByte LLC, RU), Reverse DNS vs18.videonow.ru Software nginx/1.28.2 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers sec-ch-ua-platform "Linux" Referer https://goo.su/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36 sec-ch-ua "Chromium";v="147", "Google Chrome";v="147", "Not-A.Brand";v="24" sec-ch-ua-mobile ?0 Response headers access-control-allow-origin https://goo.su date Tue, 28 Apr 2026 04:06:45 GMT server nginx/1.28.2 access-control-allow-credentials true
GET H2	200	1055655 Show response ad.mail.ru/vast/	59 B 255 B	134ms 134ms	Fetch text/xml	95.163.41.56 VK-AS LLC VK
General Check archive.org Show headers Download Go to Full URL https://ad.mail.ru/vast/1055655?pr=6785164&sc=1701212&dl=goo.su&dd=1 Requested by Host: kimberlite.io URL: https://kimberlite.io/rtb/ujs?ymss=digitalcaramel Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_256_GCM Server 95.163.41.56 , Russian Federation, ASN47764 (VK-AS LLC VK, RU), Reverse DNS r.myadx.net Software nginx / Resource Hash a99977ca42fa57db38a752fcbc2186b778e03f5edd65711797ff98b5a830a7a9 Request headers sec-ch-ua-platform "Linux" Referer https://goo.su/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36 sec-ch-ua "Chromium";v="147", "Google Chrome";v="147", "Not-A.Brand";v="24" sec-ch-ua-mobile ?0 Response headers cache-control private, no-cache, no-store timing-allow-origin * content-encoding gzip access-control-allow-credentials true access-control-allow-origin https://goo.su date Tue, 28 Apr 2026 04:06:45 GMT content-type text/xml server nginx
POST		tech ad.mail.ru/adman3/stats/ Frame E535	0 0
HEAD		render-runner.js ad.mail.ru/static/ Frame E535	0 0
POST		tech ad.mail.ru/adman3/stats/ Frame E535	0 0
GET H2	200	1506907 Show response ad.mail.ru/vp/ Frame E535	0 293 B	179ms 179ms	Fetch application/json	95.163.41.56 VK-AS LLC VK
General Check archive.org Show headers Download Go to Full URL https://ad.mail.ru/vp/1506907?version=3.2.26&app_name=adman3&plu=https%3A%2F%2Fgoo.su%2F3oxh2eW&fpid=hkK1Zz1KlJSlNUrlagPIT&targetRef=https%3A%2F%2Fgoo.su%2F3oxh2eW&containerHeight=240&dl=https%3A%2F%2Fgoo.su Requested by Host: ad.mail.ru URL: https://ad.mail.ru/static/vk-adman.js Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_256_GCM Server 95.163.41.56 , Russian Federation, ASN47764 (VK-AS LLC VK, RU), Reverse DNS r.myadx.net Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers sec-ch-ua-platform "Linux" Referer User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36 sec-ch-ua "Chromium";v="147", "Google Chrome";v="147", "Not-A.Brand";v="24" Content-Type text/plain sec-ch-ua-mobile ?0 Response headers cache-control private, no-cache, no-store timing-allow-origin * content-encoding gzip access-control-allow-credentials true access-control-allow-origin https://goo.su p3p policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSAo PSDo OUR BUS UNI NAV STA INT" date Tue, 28 Apr 2026 04:06:45 GMT content-type application/json; charset=utf-8 server nginx
GET H3	200	code.xml Show response catsnetwork.ru/core/	12 B 524 B	70ms 70ms	Fetch application/xml	194.186.91.199 SOVAM-AS PJSC "Vi...
General Check archive.org Show headers Download Go to Full URL https://catsnetwork.ru/core/code.xml?pid=9956&vr=1&rid=7687161&dl=goo.su Requested by Host: kimberlite.io URL: https://kimberlite.io/rtb/ujs?ymss=digitalcaramel Protocol H3 Security QUIC, , AES_256_GCM Server 194.186.91.199 , Russian Federation, ASN3216 (SOVAM-AS PJSC "Vimpelcom", RU), Reverse DNS serv44.mt.viaprog.eu Software nginx / Resource Hash 21b398232e73bcfb7e782233055a6fbc1dbb3faf8736e512c216329555da2529 Request headers sec-ch-ua-platform "Linux" Referer https://goo.su/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36 sec-ch-ua "Chromium";v="147", "Google Chrome";v="147", "Not-A.Brand";v="24" sec-ch-ua-mobile ?0 Response headers cache-control no-cache, max-age=0, must-revalidate, no-store pragma no-cache access-control-allow-credentials true referrer-policy origin-when-cross-origin expires Tue, 11 Sep 2001 12:46:00 GMT alt-svc h3=":443"; ma=86400,h3-29=":443"; ma=86400 access-control-allow-origin https://goo.su content-length 12 date Tue, 28 Apr 2026 04:06:45 GMT content-type application/xml vary Origin, Access-Control-Request-Method, Access-Control-Request-Headers server nginx
GET H2	200	1059170 Show response ad.mail.ru/vast/	59 B 255 B	99ms 99ms	Fetch text/xml	95.163.41.56 VK-AS LLC VK
General Check archive.org Show headers Download Go to Full URL https://ad.mail.ru/vast/1059170?pr=6910061&sc=1701212&dl=goo.su&dd=1 Requested by Host: kimberlite.io URL: https://kimberlite.io/rtb/ujs?ymss=digitalcaramel Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_256_GCM Server 95.163.41.56 , Russian Federation, ASN47764 (VK-AS LLC VK, RU), Reverse DNS r.myadx.net Software nginx / Resource Hash a99977ca42fa57db38a752fcbc2186b778e03f5edd65711797ff98b5a830a7a9 Request headers sec-ch-ua-platform "Linux" Referer https://goo.su/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36 sec-ch-ua "Chromium";v="147", "Google Chrome";v="147", "Not-A.Brand";v="24" sec-ch-ua-mobile ?0 Response headers cache-control private, no-cache, no-store timing-allow-origin * content-encoding gzip access-control-allow-credentials true access-control-allow-origin https://goo.su date Tue, 28 Apr 2026 04:06:45 GMT content-type text/xml server nginx
GET H2	200	1434682 Show response ad.mail.ru/vast/	59 B 255 B	133ms 133ms	Fetch text/xml	95.163.41.56 VK-AS LLC VK
General Check archive.org Show headers Download Go to Full URL https://ad.mail.ru/vast/1434682?dl=goo.su&content_id=188396651701212 Requested by Host: kimberlite.io URL: https://kimberlite.io/rtb/ujs?ymss=digitalcaramel Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_256_GCM Server 95.163.41.56 , Russian Federation, ASN47764 (VK-AS LLC VK, RU), Reverse DNS r.myadx.net Software nginx / Resource Hash a99977ca42fa57db38a752fcbc2186b778e03f5edd65711797ff98b5a830a7a9 Request headers sec-ch-ua-platform "Linux" Referer https://goo.su/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36 sec-ch-ua "Chromium";v="147", "Google Chrome";v="147", "Not-A.Brand";v="24" sec-ch-ua-mobile ?0 Response headers cache-control private, no-cache, no-store timing-allow-origin * content-encoding gzip access-control-allow-credentials true access-control-allow-origin https://goo.su date Tue, 28 Apr 2026 04:06:45 GMT content-type text/xml server nginx
GET H2	200	pl53844 Show response ssp.bidvol.com/vast/	27 B 484 B	231ms 230ms	Fetch text/xml	194.85.16.29 MSK-IX_Services J...
General Check archive.org Show headers Download Go to Full URL https://ssp.bidvol.com/vast/pl53844?domain=goo.su&page=https%3A%2F%2Fgoo.su%2F3oxh2eW&w=100&h=57 Requested by Host: kimberlite.io URL: https://kimberlite.io/rtb/ujs?ymss=digitalcaramel Protocol H2 Security TLS 1.3, , AES_256_GCM Server 194.85.16.29 , Russian Federation, ASN8985 (MSK-IX_Services Join-stock company "Internet Exchange"MSK-IX", RU), Reverse DNS Software nginx / Resource Hash fd8b5f56a42ba9c68188da914e3e00e6f1b1328baf2fec87206dbda14340f737 Request headers sec-ch-ua-platform "Linux" Referer https://goo.su/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36 sec-ch-ua "Chromium";v="147", "Google Chrome";v="147", "Not-A.Brand";v="24" sec-ch-ua-mobile ?0 Response headers surrogate-control no-store x-request-id d2bfe9b1-5bf3-4cf3-8061-adb9794cf1f7 cache-control no-store, no-cache, must-revalidate, proxy-revalidate pragma no-cache access-control-allow-credentials true expires 0 access-control-allow-origin https://goo.su content-length 27 date Tue, 28 Apr 2026 04:06:45 GMT content-type text/xml; charset=utf-8 server nginx
POST		tech ad.mail.ru/adman3/stats/ Frame E535	0 0
GET H2	200	1329661 Show response ad.mail.ru/vast/	59 B 255 B	110ms 110ms	Fetch text/xml	95.163.41.56 VK-AS LLC VK
General Check archive.org Show headers Download Go to Full URL https://ad.mail.ru/vast/1329661?dl=goo.su&content_id=188396651701212 Requested by Host: kimberlite.io URL: https://kimberlite.io/rtb/ujs?ymss=digitalcaramel Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_256_GCM Server 95.163.41.56 , Russian Federation, ASN47764 (VK-AS LLC VK, RU), Reverse DNS r.myadx.net Software nginx / Resource Hash a99977ca42fa57db38a752fcbc2186b778e03f5edd65711797ff98b5a830a7a9 Request headers sec-ch-ua-platform "Linux" Referer https://goo.su/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36 sec-ch-ua "Chromium";v="147", "Google Chrome";v="147", "Not-A.Brand";v="24" sec-ch-ua-mobile ?0 Response headers cache-control private, no-cache, no-store timing-allow-origin * content-encoding gzip access-control-allow-credentials true access-control-allow-origin https://goo.su date Tue, 28 Apr 2026 04:06:45 GMT content-type text/xml server nginx
GET H2	200	vpaid.xml Show response cdn-v.skcrtxr.com/wrapper/	3 KB 0	0ms 0ms	Fetch text/xml	188.72.103.3 YACLOUDCDN Yandex...
General Check archive.org Show headers Download Go to Full URL https://cdn-v.skcrtxr.com/wrapper/vpaid.xml?id=3b87ab75-56ea-4bab-89d4-978e4800d3b1&rxt-host=goo.su Requested by Host: kimberlite.io URL: https://kimberlite.io/rtb/ujs?ymss=digitalcaramel Protocol H2 Security TLS 1.3, , AES_256_GCM Server 188.72.103.3 Dubai, United Arab Emirates, ASN215013 (YACLOUDCDN Yandex.Cloud LLC, RU), Reverse DNS Software nginx / Resource Hash 4f0ca6e7e9f551499486afa965bcd4fc49b7d9586126693eb8eda7c9e42a2cff Request headers sec-ch-ua-platform "Linux" Referer https://goo.su/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36 sec-ch-ua "Chromium";v="147", "Google Chrome";v="147", "Not-A.Brand";v="24" sec-ch-ua-mobile ?0 Response headers x-request-id 6b335f5a4bd3c1a1 access-control-allow-private-network true cache-control max-age=600 content-encoding gzip access-control-allow-credentials true accept-ranges bytes access-control-allow-origin https://goo.su content-length 965 date Tue, 28 Apr 2026 04:06:45 GMT cache-status EXPIRED content-type text/xml; charset=utf-8 vary Accept-Encoding, Accept-Encoding server nginx x-service-id worker cache-host yccdn-ruvoz02kvant-1.yccdn.cloud.yandex.net
GET H2	200	adserver-vpaid-eng-v4.js Show response cdn-c.skcrtxr.com/wrapper/js/ Frame 825C	165 KB 0	95ms 95ms	Script text/javascript	188.72.103.3 YACLOUDCDN Yandex...
General Check archive.org Show headers Download Go to Full URL https://cdn-c.skcrtxr.com/wrapper/js/adserver-vpaid-eng-v4.js?v=s-2562a02c-845e-41cf-a305-4881e0c442fb Requested by Host: cdn1.moe.video URL: https://cdn1.moe.video/p/cr.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 188.72.103.3 Dubai, United Arab Emirates, ASN215013 (YACLOUDCDN Yandex.Cloud LLC, RU), Reverse DNS Software nginx / Resource Hash bd33728664823b7c592170cbf0921313d270e69a4a71230bc5221e43dbd13d82 Request headers sec-ch-ua-platform "Linux" Referer User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36 sec-ch-ua "Chromium";v="147", "Google Chrome";v="147", "Not-A.Brand";v="24" sec-ch-ua-mobile ?0 Response headers x-request-id efd63e78f116235b cache-control max-age=345600 content-encoding gzip etag W/"9382d6ded23c16c1d49a1bc389e7d1a5" date Tue, 28 Apr 2026 04:06:45 GMT cache-status HIT content-type text/javascript vary Accept-Encoding server nginx last-modified Fri, 24 Apr 2026 08:48:23 GMT cache-host yccdn-ruvoz02kvant-1.yccdn.cloud.yandex.net
GET H/1.1	200 OK	erle.cgi Show response ad.adriver.ru/cgi-bin/	142 B 857 B	63ms 63ms	Fetch text/xml	195.209.109.116 ADRIVER LLC AdRiver
General Check archive.org Show headers Download Go to Full URL https://ad.adriver.ru/cgi-bin/erle.cgi?sid=234048&bt=61&pz=0&target=top&rnd=250844&tail256=goo.su Requested by Host: kimberlite.io URL: https://kimberlite.io/rtb/ujs?ymss=digitalcaramel Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 195.209.109.116 , Russian Federation, ASN52007 (ADRIVER LLC AdRiver, RU), Reverse DNS Software / Resource Hash c552f6e085fb5cf5196d9ef32b915c9591a4459ab5b92178a1f49b8ccb96a375 Request headers sec-ch-ua-platform "Linux" Referer https://goo.su/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36 sec-ch-ua "Chromium";v="147", "Google Chrome";v="147", "Not-A.Brand";v="24" sec-ch-ua-mobile ?0 Response headers Transfer-Encoding chunked Cache-control no-cache, no-cache=Set-Cookie, max-age=0, must-revalidate, proxy-revalidate, no-store Pragma no-cache Connection keep-alive Access-Control-Allow-Credentials true Expires Thu, 01 Jan 1970 00:00:00 GMT Access-Control-Allow-Origin https://goo.su P3P policyref="https://adriver.ru/w3c/p3p.xml", CP="NON DSP COR CURa ADMa DEVa OUR BUS UNI COM NAV INT STA" Date Tue, 28 Apr 2026 04:06:45 GMT Content-Type text/xml
GET H2	200	4ab34668-74ba-416a-b94a-af3045b3df73 Show response cdn.skcrtxr.com/wrapper-builder/placement/ Frame 825C	2 KB 0	71ms 71ms	Fetch application/json	188.72.103.3 YACLOUDCDN Yandex...
General Check archive.org Show headers Download Go to Full URL https://cdn.skcrtxr.com/wrapper-builder/placement/4ab34668-74ba-416a-b94a-af3045b3df73?v=d-1776955532 Requested by Host: cdn-c.skcrtxr.com URL: https://cdn-c.skcrtxr.com/wrapper/js/adserver-vpaid-eng-v4.js?v=s-2562a02c-845e-41cf-a305-4881e0c442fb Protocol H2 Security TLS 1.3, , AES_256_GCM Server 188.72.103.3 Dubai, United Arab Emirates, ASN215013 (YACLOUDCDN Yandex.Cloud LLC, RU), Reverse DNS Software nginx / Resource Hash 4618844876d9a87538bc957cf5b902332d736d03226626343a34b9a9750f9d92 Request headers sec-ch-ua-platform "Linux" Referer User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36 sec-ch-ua "Chromium";v="147", "Google Chrome";v="147", "Not-A.Brand";v="24" sec-ch-ua-mobile ?0 Response headers x-request-id 25bcabb504b99297 access-control-allow-private-network true cache-control max-age=600 access-control-allow-credentials true accept-ranges bytes access-control-allow-origin https://goo.su content-length 2032 date Tue, 28 Apr 2026 04:06:45 GMT cache-status HIT content-type application/json; charset=utf-8 x-service-id worker server nginx cache-host yccdn-ruvoz02kvant-1.yccdn.cloud.yandex.net
GET H/1.1	200 OK	moevideo_vast_new Show response kimberlite.io/rtb/bid/vast/	123 B 501 B	109ms 108ms	Fetch text/xml	37.0.127.91 NETRACK-AS Start2...
General Check archive.org Show headers Download Go to Full URL https://kimberlite.io/rtb/bid/vast/moevideo_vast_new?fp=6cc3b1f88e6a05decde61b9856471275%7E0 Requested by Host: kimberlite.io URL: https://kimberlite.io/rtb/ujs?ymss=digitalcaramel Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 37.0.127.91 Moscow, Russian Federation, ASN61400 (NETRACK-AS Start2 LLC, RU), Reverse DNS Software nginx / Resource Hash 7be888fe96032d9c836dc482383d6fe897ebbbec7b19a5c67671d74cdf13281f Request headers sec-ch-ua-platform "Linux" Referer https://goo.su/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36 sec-ch-ua "Chromium";v="147", "Google Chrome";v="147", "Not-A.Brand";v="24" sec-ch-ua-mobile ?0 Response headers Connection keep-alive access-control-allow-credentials true access-control-allow-origin https://goo.su server-timing app;srv=s23a;dur=0.0007 Content-Length 123 Date Tue, 28 Apr 2026 04:06:45 GMT Content-Type text/xml Server nginx
GET H2	200	vk-adman.js Show response ad.mail.ru/static/ Frame 4545	268 KB 0	92ms 92ms	Script application/javascript	95.163.41.56 VK-AS LLC VK
General Check archive.org Show headers Download Go to Full URL https://ad.mail.ru/static/vk-adman.js Requested by Host: cdn1.moe.video URL: https://cdn1.moe.video/integration/mail.adman.vpaid.js Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_256_GCM Server 95.163.41.56 , Russian Federation, ASN47764 (VK-AS LLC VK, RU), Reverse DNS r.myadx.net Software nginx / Resource Hash 48789704aa98b535b0e376e00d59dc62117bc4004faec7bd36da575ffd99c549 Request headers sec-ch-ua-platform "Linux" Referer User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36 sec-ch-ua "Chromium";v="147", "Google Chrome";v="147", "Not-A.Brand";v="24" sec-ch-ua-mobile ?0 Response headers cache-control max-age=600 timing-allow-origin * content-encoding gzip expires Tue, 28 Apr 2026 04:16:45 GMT access-control-allow-origin * date Tue, 28 Apr 2026 04:06:45 GMT content-type application/javascript;charset=UTF-8 server nginx
POST		tech ad.mail.ru/adman3/stats/ Frame 4545	0 0
HEAD		render-runner.js ad.mail.ru/static/ Frame 4545	0 0
POST		tech ad.mail.ru/adman3/stats/ Frame 4545	0 0
GET H2	200	1506907 Show response ad.mail.ru/vp/ Frame 4545	0 293 B	134ms 134ms	Fetch application/json	95.163.41.56 VK-AS LLC VK
General Check archive.org Show headers Download Go to Full URL https://ad.mail.ru/vp/1506907?version=3.2.26&app_name=adman3&plu=https%3A%2F%2Fgoo.su%2F3oxh2eW&fpid=hkK1Zz1KlJSlNUrlagPIT&targetRef=https%3A%2F%2Fgoo.su%2F3oxh2eW&containerHeight=240&dl=https%3A%2F%2Fgoo.su Requested by Host: ad.mail.ru URL: https://ad.mail.ru/static/vk-adman.js Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_256_GCM Server 95.163.41.56 , Russian Federation, ASN47764 (VK-AS LLC VK, RU), Reverse DNS r.myadx.net Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers sec-ch-ua-platform "Linux" Referer User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36 sec-ch-ua "Chromium";v="147", "Google Chrome";v="147", "Not-A.Brand";v="24" Content-Type text/plain sec-ch-ua-mobile ?0 Response headers cache-control private, no-cache, no-store timing-allow-origin * content-encoding gzip access-control-allow-credentials true access-control-allow-origin https://goo.su p3p policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSAo PSDo OUR BUS UNI NAV STA INT" date Tue, 28 Apr 2026 04:06:45 GMT content-type application/json; charset=utf-8 server nginx
POST		format worker.sttsmntz.ru/stats/ Frame 1702	0 0
POST H2	204	request-ad openrtb.skcrtxr.com/ Frame 1702	0 0	247ms 106ms	Fetch	188.72.103.3 YACLOUDCDN Yandex...
General Check archive.org Show headers Download Go to Full URL https://openrtb.skcrtxr.com/request-ad Requested by Host: cdn-c.skcrtxr.com URL: https://cdn-c.skcrtxr.com/wrapper/js/adserver-vpaid-eng-v4.js?v=s-2562a02c-845e-41cf-a305-4881e0c442fb Protocol H2 Security TLS 1.3, , AES_256_GCM Server 188.72.103.3 Dubai, United Arab Emirates, ASN215013 (YACLOUDCDN Yandex.Cloud LLC, RU), Reverse DNS Software nginx / Resource Hash Request headers sec-ch-ua-platform "Linux" Referer User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36 sec-ch-ua "Chromium";v="147", "Google Chrome";v="147", "Not-A.Brand";v="24" Content-Type text/plain; charset=utf-8 sec-ch-ua-mobile ?0 Response headers x-gateway REJECTED x-request-id 2b5dfcf0592f45c3 access-control-expose-headers X-Rxt-Uid, X-Update-Ls access-control-allow-credentials true access-control-allow-origin https://goo.su date Tue, 28 Apr 2026 04:06:46 GMT server nginx cache-host yccdn-ruvoz02kvant-1.yccdn.cloud.yandex.net
POST		format worker.sttsmntz.ru/stats/ Frame 825C	0 0
POST H2	204	request-ad openrtb.skcrtxr.com/ Frame 825C	0 0	305ms 165ms	Fetch	188.72.103.3 YACLOUDCDN Yandex...
General Check archive.org Show headers Download Go to Full URL https://openrtb.skcrtxr.com/request-ad Requested by Host: cdn-c.skcrtxr.com URL: https://cdn-c.skcrtxr.com/wrapper/js/adserver-vpaid-eng-v4.js?v=s-2562a02c-845e-41cf-a305-4881e0c442fb Protocol H2 Security TLS 1.3, , AES_256_GCM Server 188.72.103.3 Dubai, United Arab Emirates, ASN215013 (YACLOUDCDN Yandex.Cloud LLC, RU), Reverse DNS Software nginx / Resource Hash Request headers sec-ch-ua-platform "Linux" Referer User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36 sec-ch-ua "Chromium";v="147", "Google Chrome";v="147", "Not-A.Brand";v="24" Content-Type text/plain; charset=utf-8 sec-ch-ua-mobile ?0 Response headers x-gateway REJECTED x-request-id 5fce972703e7ce26 access-control-expose-headers X-Rxt-Uid, X-Update-Ls access-control-allow-credentials true access-control-allow-origin https://goo.su date Tue, 28 Apr 2026 04:06:46 GMT server nginx cache-host yccdn-ruvoz02kvant-1.yccdn.cloud.yandex.net
GET H2	200	pl53845 Show response ssp.bidvol.com/vast/	27 B 484 B	137ms 137ms	Fetch text/xml	194.85.16.29 MSK-IX_Services J...
General Check archive.org Show headers Download Go to Full URL https://ssp.bidvol.com/vast/pl53845?domain=goo.su&page=https%3A%2F%2Fgoo.su%2F3oxh2eW&w=100&h=57 Requested by Host: kimberlite.io URL: https://kimberlite.io/rtb/ujs?ymss=digitalcaramel Protocol H2 Security TLS 1.3, , AES_256_GCM Server 194.85.16.29 , Russian Federation, ASN8985 (MSK-IX_Services Join-stock company "Internet Exchange"MSK-IX", RU), Reverse DNS Software nginx / Resource Hash fd8b5f56a42ba9c68188da914e3e00e6f1b1328baf2fec87206dbda14340f737 Request headers sec-ch-ua-platform "Linux" Referer https://goo.su/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36 sec-ch-ua "Chromium";v="147", "Google Chrome";v="147", "Not-A.Brand";v="24" sec-ch-ua-mobile ?0 Response headers surrogate-control no-store x-request-id 1271adc4-5dd8-4c52-940f-bc54a5fc1155 cache-control no-store, no-cache, must-revalidate, proxy-revalidate pragma no-cache access-control-allow-credentials true expires 0 access-control-allow-origin https://goo.su content-length 27 date Tue, 28 Apr 2026 04:06:45 GMT content-type text/xml; charset=utf-8 server nginx
POST		tech ad.mail.ru/adman3/stats/ Frame 4545	0 0
GET H2	200	moevideo-vast-midprice-bid Show response bid.adx.com.ru/	60 B 344 B	92ms 92ms	Fetch text/xml	83.222.105.238 MNOGOBYTE-AS Mnog...
General Check archive.org Show headers Download Go to Full URL https://bid.adx.com.ru/moevideo-vast-midprice-bid?vpaid=true&referer=goo.su Requested by Host: kimberlite.io URL: https://kimberlite.io/rtb/ujs?ymss=digitalcaramel Protocol H2 Security TLS 1.3, , AES_128_GCM Server 83.222.105.238 , Russian Federation, ASN42632 (MNOGOBYTE-AS MnogoByte LLC, RU), Reverse DNS vs18.videonow.ru Software nginx/1.28.2 / Resource Hash 7d09bb222b67e1a06a418fbfdca6eac1170f990e50ac0582398dc9b1901f793f Request headers sec-ch-ua-platform "Linux" Referer https://goo.su/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36 sec-ch-ua "Chromium";v="147", "Google Chrome";v="147", "Not-A.Brand";v="24" sec-ch-ua-mobile ?0 Response headers x-request-id XdeTqFGGI8BIP1wYXcUEki746u5OxfKTe9H392vxX0s cache-control no-store content-encoding gzip access-control-allow-credentials true traceparent 00-a4926e912fa6dc60329a4aceba613f21-cf74af6d1876d3c2-00 access-control-allow-origin https://goo.su date Tue, 28 Apr 2026 04:06:46 GMT content-type text/xml; charset=utf-8 vary * server nginx/1.28.2
GET H2	200	error cdn.skcrtxr.com/vpaid/	0 236 B	125ms 125ms	Image text/plain	188.72.103.3 YACLOUDCDN Yandex...
General Check archive.org Show headers Download Go to Show image Full URL https://cdn.skcrtxr.com/vpaid/error Requested by Host: goo.su URL: https://goo.su/3oxh2eW Protocol H2 Security TLS 1.3, , AES_256_GCM Server 188.72.103.3 Dubai, United Arab Emirates, ASN215013 (YACLOUDCDN Yandex.Cloud LLC, RU), Reverse DNS Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers sec-ch-ua-platform "Linux" Referer https://goo.su/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36 sec-ch-ua "Chromium";v="147", "Google Chrome";v="147", "Not-A.Brand";v="24" sec-ch-ua-mobile ?0 Response headers x-request-id 90e89e66719db242 access-control-allow-private-network true cache-control max-age=600 access-control-allow-credentials true accept-ranges bytes content-length 0 date Tue, 28 Apr 2026 04:06:46 GMT cache-status HIT x-service-id worker server nginx cache-host yccdn-ruvoz02kvant-1.yccdn.cloud.yandex.net
GET H2	200	error cdn.skcrtxr.com/vpaid/	0 0	67ms 67ms	Image text/plain	188.72.103.3 YACLOUDCDN Yandex...
General Check archive.org Show headers Download Go to Show image Full URL https://cdn.skcrtxr.com/vpaid/error Requested by Host: goo.su URL: https://goo.su/3oxh2eW Protocol H2 Security TLS 1.3, , AES_256_GCM Server 188.72.103.3 Dubai, United Arab Emirates, ASN215013 (YACLOUDCDN Yandex.Cloud LLC, RU), Reverse DNS Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers sec-ch-ua-platform "Linux" Referer https://goo.su/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36 sec-ch-ua "Chromium";v="147", "Google Chrome";v="147", "Not-A.Brand";v="24" sec-ch-ua-mobile ?0 Response headers x-request-id 90e89e66719db242 access-control-allow-private-network true cache-control max-age=600 access-control-allow-credentials true accept-ranges bytes content-length 0 date Tue, 28 Apr 2026 04:06:46 GMT cache-status HIT x-service-id worker server nginx cache-host yccdn-ruvoz02kvant-1.yccdn.cloud.yandex.net
GET H3	200	sodar Show response ep1.adtrafficquality.google/getconfig/	18 KB 13 KB	83ms 45ms	XHR application/json	142.251.13.157 Google LLC
General Check archive.org Show headers Download Go to Full URL https://ep1.adtrafficquality.google/getconfig/sodar?sv=200&tid=gda&tv=r20260424&st=env&sjk=4193465744641746 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202604210101/show_ads_impl_fy2021.js Protocol H3 Security QUIC, , AES_128_GCM Server 142.251.13.157 , United States, ASN15169 (GOOGLE - Google LLC, US), Reverse DNS wt-in-f157.1e100.net Software cafe / Resource Hash 6c3d362459fed1b013c0adf01bfcfae7dab7121a6c0d5190b563d7e7ca031407 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers sec-ch-ua-platform "Linux" Referer https://goo.su/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36 sec-ch-ua "Chromium";v="147", "Google Chrome";v="147", "Not-A.Brand";v="24" sec-ch-ua-mobile ?0 Response headers timing-allow-origin * content-encoding br cross-origin-resource-policy cross-origin x-content-type-options nosniff access-control-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" content-length 13724 date Tue, 28 Apr 2026 04:06:47 GMT x-xss-protection 0 content-type application/json; charset=UTF-8 content-disposition attachment; filename="f.txt" server cafe
GET H2	200	tracker top-fwz1.mail.ru/	43 B 1 KB	95ms 94ms	Image image/gif	95.163.52.67 VK-AS LLC VK
General Check archive.org Show headers Download Go to Show image Full URL https://top-fwz1.mail.ru/tracker?_=0.715579944518296;id=3128781;u=https%3A%2F%2Fgoo.su%2F3oxh2eW;title=Not%20Found;s=1600*1200;vp=1600*1200;touch=0;hds=1;sid=26c452e4843932a2;ver=60.6.0;tz=-120%2FEurope%2FBerlin;st=1777349202054;nt=0/0/1777349201480/////1/1/7/7/161/27/161/373/375/385/574/601/601/5590/5590/5591;ct=1039/1043/1043/1049/569;rt=568/466/0/0/0/568/569/580/580/787/601/787/954/1034;gl=u;ni=10//4g/50/0/;detect=0;lvid=1777349202522%3A1777349207072%3A2%3A211b9afc6e55f3e8bdc3b530a23e8b34;opts=dl%2Cjst-gtag-ym%2Ccnhp%3Dh2%2Ccs%3D19684-48997-19984;fpid=hkK1Zz1KlJSlNUrlagPIT;visible=true;js=13;e=RT%2Fload;et=1777349207071 Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 95.163.52.67 , Russian Federation, ASN47764 (VK-AS LLC VK, RU), Reverse DNS top-fwz1.mail.ru Software nginx / Resource Hash 24e480e4659fbae818853a38f8a3036f529f539024dc3e772c0b594ce02ea9db Security Headers Name Value X-Content-Type-Options nosniff Request headers sec-ch-ua-platform "Linux" Referer https://goo.su/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36 sec-ch-ua "Chromium";v="147", "Google Chrome";v="147", "Not-A.Brand";v="24" sec-ch-ua-mobile ?0 Response headers access-control-expose-headers AMP-Access-Control-Allow-Source-Origin access-control-allow-methods GET, POST, HEAD, PUT, OPTIONS x-content-type-options nosniff accept-ch-lifetime 86400 p3p CP="NOI DSP COR NID CUR PSA OUR NOR" date Tue, 28 Apr 2026 04:06:47 GMT content-type image/gif access-control-allow-headers * cache-control private, no-cache, no-store, max-age=0 timing-allow-origin * pragma no-cache accept-ch DPR, Width, Viewport-Width, Downlink, Device-Memory, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version access-control-allow-credentials true amp-access-control-allow-source-origin * access-control-allow-origin * content-length 43 server nginx
GET H/1.1	200 OK	favicon-32x32.png goo.su/img/favicons/	2 KB 3 KB	143ms 143ms	Other image/png	185.43.4.171 RU-JSCIOT JSC IOT
General Check archive.org Show headers Download Go to Full URL https://goo.su/img/favicons/favicon-32x32.png Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 185.43.4.171 , Russian Federation, ASN29182 (RU-JSCIOT JSC IOT, RU), Reverse DNS deneiz2.fvds.ru Software nginx/1.18.0 (Ubuntu) / Resource Hash d6534b8e4fd6c8408559b3fcac1ce461c2edbbe9f3b81b72fd00acf00e025ef6 Request headers sec-ch-ua-platform "Linux" Referer https://goo.su/3oxh2eW User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36 sec-ch-ua "Chromium";v="147", "Google Chrome";v="147", "Not-A.Brand";v="24" sec-ch-ua-mobile ?0 Response headers Cache-Control max-age=604800 ETag "65885ced-989" Connection keep-alive Expires Tue, 05 May 2026 04:06:47 GMT Accept-Ranges bytes Content-Length 2441 Date Tue, 28 Apr 2026 04:06:47 GMT Content-Type image/png Last-Modified Sun, 24 Dec 2023 16:31:41 GMT Server nginx/1.18.0 (Ubuntu)
GET H2	200	sodar2.js Show response ep2.adtrafficquality.google/sodar/	21 KB 8 KB	163ms 60ms	Script text/javascript	142.251.110.132 Google LLC
General Check archive.org Show headers Download Go to Full URL https://ep2.adtrafficquality.google/sodar/sodar2.js Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202604210101/show_ads_impl_fy2021.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.251.110.132 , United States, ASN15169 (GOOGLE - Google LLC, US), Reverse DNS bz-in-f132.1e100.net Software sffe / Resource Hash cb8d603426932f2666666f4bd32b3dde726161c7f7413e385d2e124e6e03039c Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers sec-ch-ua-platform "Linux" Referer https://goo.su/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36 sec-ch-ua "Chromium";v="147", "Google Chrome";v="147", "Not-A.Brand";v="24" sec-ch-ua-mobile ?0 Response headers content-encoding gzip etag "1775059593017171" report-to {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]} x-content-type-options nosniff expires Tue, 28 Apr 2026 04:06:47 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 date Tue, 28 Apr 2026 04:06:47 GMT content-type text/javascript vary Accept-Encoding cache-control private, max-age=3000 cross-origin-opener-policy same-origin; report-to="adspam-signals-scs" cross-origin-resource-policy cross-origin accept-ranges bytes content-length 7628 x-xss-protection 0 server sffe
GET H2	200	runner.html Show response ep2.adtrafficquality.google/sodar/sodar2/254/ Frame 03AE	14 KB 6 KB	119ms 36ms	Document text/html	142.251.13.132 Google LLC
General Check archive.org Show headers Download Go to Full URL https://ep2.adtrafficquality.google/sodar/sodar2/254/runner.html Requested by Host: ep2.adtrafficquality.google URL: https://ep2.adtrafficquality.google/sodar/sodar2.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.251.13.132 , United States, ASN15169 (GOOGLE - Google LLC, US), Reverse DNS wt-in-f132.1e100.net Software sffe / Resource Hash fe2eddeaa8adad53d570fdeeb04412a07ec65ad99b25fe5beb092dfe4fb78cc9 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://goo.su/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36 sec-ch-ua "Chromium";v="147", "Google Chrome";v="147", "Not-A.Brand";v="24" sec-ch-ua-mobile ?0 sec-ch-ua-platform "Linux" Response headers accept-ranges bytes age 1703 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control public, max-age=3000 content-encoding gzip content-length 5457 content-type text/html cross-origin-opener-policy same-origin; report-to="adspam-signals-scs" cross-origin-resource-policy cross-origin date Tue, 28 Apr 2026 03:38:24 GMT expires Tue, 28 Apr 2026 04:28:24 GMT last-modified Wed, 01 Apr 2026 16:06:33 GMT report-to {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]} server sffe vary Accept-Encoding x-content-type-options nosniff x-xss-protection 0
POST H2	204	collect region1.google-analytics.com/g/	0 0	44ms 43ms	Fetch text/plain	216.239.32.36 Google LLC
General Check archive.org Show headers Download Go to Full URL https://region1.google-analytics.com/g/collect?v=2&tid=G-64YFP720ET&gtm=45je64o1v9206643729za20gzb9205004943zd9205004943&_p=1777349202047&gcd=13l3l3l2l1l1&npa=1&dma_cps=a&dma=1&_eu=AEAAAAQ&ae=a&are=1&cid=1312755561.1777349202&frm=0&pscdl=noapi&rcb=9&sr=1600x1200&uaa=x86&uab=64&uafvl=Chromium%3B147.0.0.0%7CGoogle%2520Chrome%3B147.0.0.0%7CNot-A.Brand%3B24.0.0.0&uam=&uamb=0&uap=Linux&uapv=&uaw=0&ul=de-de&_s=2&tag_exp=0~115616986~115938465~115938469~116363097~117266400~117512543&sid=1777349202&sct=1&seg=0&dl=https%3A%2F%2Fgoo.su%2F3oxh2eW&dt=Not%20Found&en=scroll&epn.percent_scrolled=90&_et=16&tfd=5960 Requested by Host: kimberlite.io URL: https://kimberlite.io/rtb/ujs?ymss=digitalcaramel Protocol H2 Security TLS 1.3, , AES_128_GCM Server 216.239.32.36 , United States, ASN15169 (GOOGLE - Google LLC, US), Reverse DNS Software Golfe2 / Resource Hash Request headers sec-ch-ua-platform "Linux" Referer https://goo.su/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36 sec-ch-ua "Chromium";v="147", "Google Chrome";v="147", "Not-A.Brand";v="24" sec-ch-ua-mobile ?0 Response headers cache-control no-cache, no-store, must-revalidate pragma no-cache cross-origin-resource-policy cross-origin access-control-allow-credentials true content-security-policy-report-only script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:138:0 report-to {"group":"ascnsrsggc:138:0","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:138:0"}],} expires Fri, 01 Jan 1990 00:00:00 GMT access-control-allow-origin https://goo.su cross-origin-opener-policy-report-only same-origin; report-to=ascnsrsggc:138:0 content-length 0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 date Tue, 28 Apr 2026 04:06:47 GMT content-type text/plain server Golfe2
GET H3	200	RiK6ZWktSJHFoyfG9cjH9nLRaZ1B3RgkbmOlM6XvCcc.js Show response pagead2.googlesyndication.com/bg/ Frame 03AE	57 KB 22 KB	34ms 34ms	Script text/javascript	192.178.183.156 Google LLC
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/bg/RiK6ZWktSJHFoyfG9cjH9nLRaZ1B3RgkbmOlM6XvCcc.js Requested by Host: ep2.adtrafficquality.google URL: https://ep2.adtrafficquality.google/sodar/sodar2/254/runner.html Protocol H3 Security QUIC, , AES_128_GCM Server 192.178.183.156 , United States, ASN15169 (GOOGLE - Google LLC, US), Reverse DNS lcfraw-in-f156.1e100.net Software sffe / Resource Hash 4622ba65692d4891c5a327c6f5c8c7f672d1699d41dd18246e63a533a5ef09c7 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers sec-ch-ua-platform "Linux" Referer https://ep2.adtrafficquality.google/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36 sec-ch-ua "Chromium";v="147", "Google Chrome";v="147", "Not-A.Brand";v="24" sec-ch-ua-mobile ?0 Response headers content-encoding br age 109431 report-to {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]} x-content-type-options nosniff expires Mon, 26 Apr 2027 21:42:56 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 date Sun, 26 Apr 2026 21:42:56 GMT last-modified Mon, 20 Apr 2026 09:48:00 GMT content-type text/javascript vary Accept-Encoding cache-control public, max-age=31536000 cross-origin-opener-policy same-origin; report-to="botguard-scs" cross-origin-resource-policy cross-origin content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs accept-ranges bytes content-length 22258 x-xss-protection 0 server sffe
GET H2	204	generate_204 ep2.adtrafficquality.google/ Frame 03AE	0 40 B	29ms 28ms	Image text/plain	142.251.13.132 Google LLC
General Check archive.org Show headers Download Go to Show image Full URL https://ep2.adtrafficquality.google/generate_204?kfCJEg Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.251.13.132 , United States, ASN15169 (GOOGLE - Google LLC, US), Reverse DNS wt-in-f132.1e100.net Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers sec-ch-ua-platform "Linux" Referer https://ep2.adtrafficquality.google/sodar/sodar2/254/runner.html User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36 sec-ch-ua "Chromium";v="147", "Google Chrome";v="147", "Not-A.Brand";v="24" sec-ch-ua-mobile ?0 Response headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 date Tue, 28 Apr 2026 04:06:47 GMT cross-origin-resource-policy cross-origin
POST H2	200	/ Show response kraken.rambler.ru/cnt/v2/	43 B 482 B	135ms 134ms	XHR image/gif	94.139.255.28 CLOUDRU-AS "Cloud...
General Check archive.org Show headers Download Go to Full URL https://kraken.rambler.ru/cnt/v2/ Requested by Host: st.top100.ru URL: https://st.top100.ru/top100/top100.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 94.139.255.28 Asbest, Russian Federation, ASN208677 (CLOUDRU-AS "Cloud Technologies" LLC trading as Cloud.ru, RU), Reverse DNS Software / Resource Hash 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers sec-ch-ua-platform "Linux" Referer https://goo.su/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36 sec-ch-ua "Chromium";v="147", "Google Chrome";v="147", "Not-A.Brand";v="24" Content-Type application/x-www-form-urlencoded sec-ch-ua-mobile ?0 Response headers strict-transport-security max-age=31536000; includeSubDomains cache-control no-cache accept-ch Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version pragma no-cache access-control-allow-credentials true access-control-allow-methods GET, POST, OPTIONS expires Thu, 01 Jan 1970 00:00:01 GMT access-control-allow-origin https://goo.su x-sca-elb dmz-top100-ext content-length 43 date Tue, 28 Apr 2026 04:06:47 GMT content-type image/gif access-control-allow-headers content-type
GET H3	204	sodar ep1.adtrafficquality.google/pagead/	0 17 B	66ms 65ms	Image image/	142.251.13.157 Google LLC
General Check archive.org Show headers Download Go to Show image Full URL https://ep1.adtrafficquality.google/pagead/sodar?id=sodar2&v=254&t=2&li=gda_r20260424&jk=4193465744641746&bg=!6eql6ojNAAa1ilLUlYo7AEcBe5WfOEMsIjW3S6XVxAiHYRlh80Fns-Z4ogazSxtYu1XJ-ljroKxUufc_BUd750mbwgICytScicXN-VdT2utHccqsQs7tSwIAAAAuUgAAAAFoAQd-ADeX1grBCltSID_qGbzshLr9Yur0SrzP21ApPbrDl8gGSuTOX7TCAJsC4hvJy1Q4YPX-z6fSkAIXCgDSNJvOjbWd19Kz5t8SDcvgXgAUtMUUrcKRGkXjIoWd166YDJ5iDZiLGuh2N3Vuj1NFLSL7kbzeEfb0ufZqtT9o24xnv1JCmf5HGkM9OfhluVVHLM13L76iYuhDk_srltS1MobtG-jJ7GaKIlQcwL6fTBIWS4zbGZoAry9-v2dvx5O-9R--lc2RG4m9CE_v93GDpehcD9vL4taoz8xu3q7F2_ReInSwW_dtzHBwq_urdg_AqCzaLMSs7KzRcT8g13ih_qbgFcYt4oY2fHjxtPFUtVdmmQJP1-KNPL4PuoHPjyvdKm-z0xyCsDbdCFtm9PWEaQQ5TtD3csKltZ5ofkr7yX-JigTxzoKBn-LswFDcRlvP_TRR1kQ4hwjgPvu80GIU3Hy_DPE-mZAcJFcBTHI2qoOAbSA9BzqMiwS-HNoHmeAmfxbl3fYh3hLUYQxeUH3fME1ZwEOgCFbj0iEt-WDrI0J3JF_-HmNF1KLt5IGThPd4GiHt64q0pG0aVVKT2e1x6KeDy352LOD2zAqvpYU7H7raxQ0_b_jw_tIpFk-FqVRiCprQBMLglnf75PqdXWyiiA6N0rwRQEh1QPQsU5O1EvjWkPIa0hNNkcigBEk7neyf3cWicGMJpdKz4_6vCF5tuJYhwhZ57u4bWbQQefcusUfvnmNCFDReuKJa0BO9iukfEaz-dhroHuQZr_gIg7h1fhnPmICBs4UOffEXVUcuS3xcCt5Qp77ArTRtpHylAX27-IqfTwXjbLpO_PjjBCsX1bc5a-Hqdp7B1nzDKuf9IaPLR-aZcocWj3d-wFf727L0sX8xQ4cP0t09ZYS9_jvakUC5nRB3LQ1jbSu_ntxHn0AURhj1LnAxwnrKIXLH1kHNl7iRI7bjdvDZURDctMO0SYDOcOnCnkZvRab-_RB3zDtBjFX0CjQFWWShArOrrXa0vVhyttzjLfV02EfAsljYghl2WVhl98FQQv-keh5xtlzLBljidv9lTACCHlMymeHx5K83NHmHBDrKQ03cCZTBNhRSh9S3T0oheHhT-54nru5bBrlE2jdGWtgPdxx9aQwiCCDV Protocol H3 Security QUIC, , AES_128_GCM Server 142.251.13.157 , United States, ASN15169 (GOOGLE - Google LLC, US), Reverse DNS wt-in-f157.1e100.net Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers sec-ch-ua-platform "Linux" Referer https://goo.su/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36 sec-ch-ua "Chromium";v="147", "Google Chrome";v="147", "Not-A.Brand";v="24" sec-ch-ua-mobile ?0 Response headers timing-allow-origin * cross-origin-resource-policy cross-origin x-content-type-options nosniff alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" content-length 0 date Tue, 28 Apr 2026 04:06:48 GMT x-xss-protection 0 content-type image/ server cafe

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain

visitor-betweenx.omnitagjs.com

URL

https://visitor-betweenx.omnitagjs.com/visitor/bsync?uid=cd6403e2c067b584fecdd6a3847819bf&name=gen01&url=https%3A%2F%2Fads.betweendigital.com%2Fmatch%3Fbidder_id%3D416%26external_user_id%3DPARTNER_USER_ID&visitor=d0e149d4-0bd7-5276-89d6-e4e3e026d6b0&gdpr=0&gdpr_consent=&us_privacy=${GPP_STRING_123}

Domain

ssp.al-adtech.com

URL

https://ssp.al-adtech.com/api/sync/digital_caramel_ortb

Domain

goo.su

URL

blob:https://goo.su/be5ff447-f74a-466f-b303-042576aa7aee

Domain

goo.su

URL

blob:https://goo.su/d9c76a91-7e48-42aa-9a24-8c68c8114556

Domain

ad.mail.ru

URL

https://ad.mail.ru/adman3/stats/tech

Domain

ad.mail.ru

URL

https://ad.mail.ru/static/render-runner.js

Domain

ad.mail.ru

URL

https://ad.mail.ru/adman3/stats/tech

Domain

ad.mail.ru

URL

https://ad.mail.ru/adman3/stats/tech

Domain

ad.mail.ru

URL

https://ad.mail.ru/adman3/stats/tech

Domain

ad.mail.ru

URL

https://ad.mail.ru/static/render-runner.js

Domain

ad.mail.ru

URL

https://ad.mail.ru/adman3/stats/tech

Domain

worker.sttsmntz.ru

URL

https://worker.sttsmntz.ru/stats/format

Domain

worker.sttsmntz.ru

URL

https://worker.sttsmntz.ru/stats/format

Domain

ad.mail.ru

URL

https://ad.mail.ru/adman3/stats/tech