urlscan.io logo urlscan.io
SecurityTrails logo

rucotvorny.blogspot.com Open in urlscan Pro
142.250.186.65  Public Scan

Go To Rescan Add Verdict Report
URL: https://rucotvorny.blogspot.com/
Submission: On October 07 via api from DE — Scanned from SE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 12 IPs in 2 countries across 16 domains to perform 37 HTTP transactions. The main IP is 142.250.186.65, located in United States and belongs to GOOGLE, US. The main domain is rucotvorny.blogspot.com.
TLS certificate: Issued by WE2 on September 22nd 2025. Valid for: 3 months.
This is the only time rucotvorny.blogspot.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
3 142.250.186.65 15169 (GOOGLE)
1 216.58.212.131 15169 (GOOGLE)
2 142.250.186.66 15169 (GOOGLE)
6 188.114.96.3 13335 (CLOUDFLAR...)
1 104.21.15.144 13335 (CLOUDFLAR...)
5 142.250.186.161 15169 (GOOGLE)
2 142.250.181.227 15169 (GOOGLE)
2 142.250.184.201 15169 (GOOGLE)
1 151.101.193.229 54113 (FASTLY)
5 5 104.25.233.53 13335 (CLOUDFLAR...)
5 198.134.116.18 27257 (WEBAIR-IN...)
4 142.250.186.78 15169 (GOOGLE)
37 12
3    142.250.186.65 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f1.1e100.net
rucotvorny.blogspot.com
1    216.58.212.131 (United States)

ASN15169 (GOOGLE, US)
PTR: ams15s21-in-f3.1e100.net
www.gstatic.com
2    142.250.186.66 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f2.1e100.net
pagead2.googlesyndication.com
6    188.114.96.3 (Ascension Island)

ASN13335 (CLOUDFLARENET, US)
admediatex.net
cdn.admediatex.net
1    104.21.15.144 (Ascension Island)

ASN13335 (CLOUDFLARENET, US)
adz2you.xyz
5    142.250.186.161 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f1.1e100.net
themes.googleusercontent.com
lh3.googleusercontent.com
2    142.250.181.227 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f3.1e100.net
fonts.gstatic.com
2    142.250.184.201 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f9.1e100.net
resources.blogblog.com
www.blogger.com
1    151.101.193.229 (United States)

ASN54113 (FASTLY, US)
cdn.jsdelivr.net
5    104.25.233.53 (Ascension Island)

ASN13335 (CLOUDFLARENET, US)
is.gd
5    198.134.116.18 (Garden City, United States)

ASN27257 (WEBAIR-INTERNET, US)
xml.qualiclicks.com
4    142.250.186.78 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f14.1e100.net
fundingchoicesmessages.google.com
Apex Domain
Subdomains		 Transfer
6 admediatex.net
admediatex.net
cdn.admediatex.net
23 KB
5 qualiclicks.com
xml.qualiclicks.com — Cisco Umbrella Rank: 116023
695 B
5 is.gd
is.gd — Cisco Umbrella Rank: 166967
1 KB
5 googleusercontent.com
themes.googleusercontent.com — Cisco Umbrella Rank: 13341
lh3.googleusercontent.com — Cisco Umbrella Rank: 44
1 MB
4 google.com
fundingchoicesmessages.google.com — Cisco Umbrella Rank: 759
69 KB
3 gstatic.com
www.gstatic.com
fonts.gstatic.com
65 KB
3 blogspot.com
rucotvorny.blogspot.com
31 KB
2 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 132
220 KB
1 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 302
31 KB
1 blogger.com
www.blogger.com — Cisco Umbrella Rank: 14254
51 KB
1 blogblog.com
resources.blogblog.com — Cisco Umbrella Rank: 29914
48 KB
1 adz2you.xyz
adz2you.xyz
33 KB
0 adslinks.ru Failed
adslinks.ru Failed
0 webtrafic.ru Failed
webtrafic.ru Failed
0 super-traf.ru Failed
super-traf.ru Failed
0 linkslot.ru Failed
linkslot.ru Failed
37 16
Domain Requested by
5 xml.qualiclicks.com cdn.jsdelivr.net
5 is.gd 5 redirects
4 fundingchoicesmessages.google.com pagead2.googlesyndication.com
4 lh3.googleusercontent.com rucotvorny.blogspot.com
4 admediatex.net rucotvorny.blogspot.com
admediatex.net
3 rucotvorny.blogspot.com rucotvorny.blogspot.com
2 cdn.admediatex.net cdn.jsdelivr.net
cdn.admediatex.net
2 fonts.gstatic.com rucotvorny.blogspot.com
2 pagead2.googlesyndication.com rucotvorny.blogspot.com
pagead2.googlesyndication.com
1 cdn.jsdelivr.net admediatex.net
1 www.blogger.com rucotvorny.blogspot.com
1 resources.blogblog.com rucotvorny.blogspot.com
1 themes.googleusercontent.com rucotvorny.blogspot.com
1 adz2you.xyz rucotvorny.blogspot.com
1 www.gstatic.com rucotvorny.blogspot.com
0 adslinks.ru Failed rucotvorny.blogspot.com
0 webtrafic.ru Failed rucotvorny.blogspot.com
0 super-traf.ru Failed rucotvorny.blogspot.com
0 linkslot.ru Failed rucotvorny.blogspot.com
37 19

This site contains no links.

Subject Issuer Validity Valid
misc-sni.blogspot.com
WE2		 2025-09-22 -
2025-12-15		 3 months crt.sh
*.gstatic.com
WE2		 2025-09-22 -
2025-12-15		 3 months crt.sh
*.g.doubleclick.net
WE2		 2025-09-22 -
2025-12-15		 3 months crt.sh
admediatex.net
WE1		 2025-08-26 -
2025-11-24		 3 months crt.sh
adz2you.xyz
WE1		 2025-09-13 -
2025-12-12		 3 months crt.sh
*.googleusercontent.com
WE2		 2025-09-22 -
2025-12-15		 3 months crt.sh
*.blogger.com
WE2		 2025-09-22 -
2025-12-15		 3 months crt.sh
jsdelivr.net
GlobalSign Atlas R3 DV TLS CA 2025 Q2		 2025-06-02 -
2026-07-04		 a year crt.sh
qualiclicks.com
R10		 2025-08-12 -
2025-11-10		 3 months crt.sh
*.google.com
WE2		 2025-09-22 -
2025-12-15		 3 months crt.sh

This page contains 7 frames:

Primary Page: https://rucotvorny.blogspot.com/
Frame ID: 7719E44875AACB6AF7F1734F09B0107C
Requests: 30 HTTP requests in this frame

Frame: https://cdn.admediatex.net/468x60/
Frame ID: 32139890D57FD214A0595A53A131BC2D
Requests: 2 HTTP requests in this frame

Frame: https://xml.qualiclicks.com/redirect?feed=883493&auth=vrbG
Frame ID: 3524EB96677D3CA2DAA4E60C9EFD6486
Requests: 1 HTTP requests in this frame

Frame: https://xml.qualiclicks.com/redirect?feed=883637&auth=wF2R
Frame ID: B642997B176E12945206FADD6B3E6DA2
Requests: 1 HTTP requests in this frame

Frame: https://xml.qualiclicks.com/redirect?feed=883638&auth=rlEI
Frame ID: E82D09F5656EE410E9EE8BAD49321FCD
Requests: 1 HTTP requests in this frame

Frame: https://xml.qualiclicks.com/redirect?feed=883639&auth=FZ9D
Frame ID: EA635B9ECBCCE4BF4EB4E11D3A3A6DB6
Requests: 1 HTTP requests in this frame

Frame: https://xml.qualiclicks.com/redirect?feed=883486&auth=8zAm
Frame ID: 0A01415708DCBC1EE7F4A4B22B1CAD10
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Рукотворный

Detected technologies

Overall confidence: 100%
Detected patterns
  • ^https?://[^/]+\.(?:blogspot|blogger)\.com
Overall confidence: 100%
Detected patterns
  • clipboard(?:-([\d.]+))?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/

Page Statistics

37
Requests

86 %
HTTPS

0 %
IPv6

16
Domains

19
Subdomains

12
IPs

2
Countries

1735 kB
Transfer

2681 kB
Size

1
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 25
  • https://is.gd/rTOC3b HTTP 301
  • https://xml.qualiclicks.com/redirect?feed=883493&auth=vrbG
Request Chain 26
  • https://is.gd/OAKmHr HTTP 301
  • https://xml.qualiclicks.com/redirect?feed=883637&auth=wF2R
Request Chain 27
  • https://is.gd/wdfbfz HTTP 301
  • https://xml.qualiclicks.com/redirect?feed=883638&auth=rlEI
Request Chain 28
  • https://is.gd/2ex9wL HTTP 301
  • https://xml.qualiclicks.com/redirect?feed=883639&auth=FZ9D
Request Chain 29
  • https://is.gd/z7SywZ HTTP 301
  • https://xml.qualiclicks.com/redirect?feed=883486&auth=8zAm

37 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
rucotvorny.blogspot.com/ 		137 KB
26 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://rucotvorny.blogspot.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.65 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f1.1e100.net
Software
GSE /
Resource Hash
658854d478c4bee77b4d668102b633610981492e00caa83632a6060e609ed735
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=0
content-encoding
gzip
content-length
26766
content-type
text/html; charset=UTF-8
date
Tue, 07 Oct 2025 14:58:11 GMT
etag
W/"b75a43faaf9fbff6a24c0f9ddd6b822e54e0ae58b6a39df94ab03c1093eb38b6"
expires
Tue, 07 Oct 2025 14:58:11 GMT
last-modified
Mon, 06 Oct 2025 11:56:29 GMT
server
GSE
x-content-type-options
nosniff
x-robots-tag
all
x-xss-protection
1; mode=block
clipboard.min.js
www.gstatic.com/external_hosted/clipboardjs/ 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/external_hosted/clipboardjs/clipboard.min.js
Requested by
Host: rucotvorny.blogspot.com
URL: https://rucotvorny.blogspot.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.212.131 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s21-in-f3.1e100.net
Software
sffe /
Resource Hash
92e40dc4bbb485a182b796c58e6da7974cb8a6a84fdb4548ace3b85c991f0f94
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36
Referer
https://rucotvorny.blogspot.com/

Response headers

content-encoding
br
age
0
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
x-content-type-options
nosniff
expires
Tue, 07 Oct 2025 14:58:11 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 07 Oct 2025 14:58:11 GMT
last-modified
Thu, 20 Jul 2023 22:48:00 GMT
content-type
text/javascript
vary
Accept-Encoding
cache-control
public, max-age=0
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
content-length
3475
x-xss-protection
0
server
sffe
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		156 KB
53 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-4244779720844823&host=ca-host-pub-1556223355139109
Requested by
Host: rucotvorny.blogspot.com
URL: https://rucotvorny.blogspot.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
9828a5f7481c083b44e4d83900c1ad8387f694ff2268e66c810a882a4de6aff5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36
Origin
https://rucotvorny.blogspot.com
Referer
https://rucotvorny.blogspot.com/

Response headers

content-encoding
br
etag
5629676503160532727
x-content-type-options
nosniff
expires
Tue, 07 Oct 2025 14:58:11 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date
Tue, 07 Oct 2025 14:58:11 GMT
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
content-disposition
attachment; filename="f.txt"
link
<https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
content-length
54169
x-xss-protection
0
server
cafe
sprite_v1_6.css.svg
rucotvorny.blogspot.com/responsive/ 		7 KB
3 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://rucotvorny.blogspot.com/responsive/sprite_v1_6.css.svg
Requested by
Host: rucotvorny.blogspot.com
URL: https://rucotvorny.blogspot.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.65 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f1.1e100.net
Software
sffe /
Resource Hash
73d16aca9b019e42dd2de3a10e5049b5606268ce0d8e3a167b05b37acb9b0e9c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36
Referer
https://rucotvorny.blogspot.com/

Response headers

content-encoding
gzip
age
23641
report-to
{"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
x-content-type-options
nosniff
expires
Tue, 14 Oct 2025 08:24:10 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 07 Oct 2025 08:24:10 GMT
last-modified
Mon, 06 Oct 2025 10:53:30 GMT
content-type
image/svg+xml
vary
Accept-Encoding
cache-control
public, max-age=604800
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="blogger-tech"
content-length
2244
x-xss-protection
0
server
sffe
bancode_new.php
linkslot.ru/ 		0
0
ads.js
admediatex.net/serve/ 		1 KB
1020 B 		Script
General
Check archive.org
Download Go to
Full URL
https://admediatex.net/serve/ads.js
Requested by
Host: rucotvorny.blogspot.com
URL: https://rucotvorny.blogspot.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.3 , Ascension Island, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d012cfa1d2f449adb90718ea5189ff71ba01da8e271e2d14af1969d6aa8d9423

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36
Referer
https://rucotvorny.blogspot.com/

Response headers

content-encoding
gzip
cf-cache-status
HIT
etag
"65918afb-449"
age
299692
report-to
{"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=xFt6f05Zg1NM6LAUaIQUQlUByxlrgR%2FI46QnM7XTnPjY%2Ft4G%2FO8UJDF5qOCP4e6BmKam85LJvVgb1OtFvxxmOMVUJIxiozbg7K%2FN7w%3D%3D"}]}
expires
Thu, 31 Dec 2037 23:55:55 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
date
Tue, 07 Oct 2025 14:58:11 GMT
content-type
application/javascript
last-modified
Sun, 31 Dec 2023 15:38:35 GMT
vary
Accept-Encoding
priority
u=1,i=?0
cache-control
max-age=315360000
nel
{"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
cf-ray
98ae4157ae0def59-LHR
server
cloudflare
get
super-traf.ru/earn/partner/ 		0
0
bancode_new.php
linkslot.ru/ 		0
0
ads.php
webtrafic.ru/ 		0
0
bancode.php
adslinks.ru/ 		0
0
X.png
adz2you.xyz/imges/ 		33 KB
33 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://adz2you.xyz/imges/X.png
Requested by
Host: rucotvorny.blogspot.com
URL: https://rucotvorny.blogspot.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.15.144 , Ascension Island, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
516eac1339d03b352f41f338f59a145b7d0336732844761bbba3b5aa451d72b2

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36
Referer
https://rucotvorny.blogspot.com/

Response headers

nel
{"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
cache-control
max-age=14400
cf-cache-status
HIT
etag
"689104e6-8414"
age
5835
report-to
{"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=oRz7MoC6s%2FAfkVYrd%2BInzqPZPK3Zz3rhyVOKnbCDLtkRWr%2BEmMKbdo6Up1f4dF8meSswV9LB5tGhSteiG3NM018xo6R6KtyxlMUv"}]}
cf-ray
98ae4157ba0694d8-LHR
accept-ranges
bytes
alt-svc
h3=":443"; ma=86400
content-length
33812
date
Tue, 07 Oct 2025 14:58:11 GMT
content-type
image/png
last-modified
Mon, 04 Aug 2025 19:07:18 GMT
server
cloudflare
vary
accept-encoding
image
themes.googleusercontent.com/ 		223 KB
224 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://themes.googleusercontent.com/image?id=L1lcAxxz0CLgsDzixEprHJ2F38TyEjCyE3RSAjynQDks0lT1BDc1OxXKaTEdLc89HPvdB11X9FDw&options=w1600
Requested by
Host: rucotvorny.blogspot.com
URL: https://rucotvorny.blogspot.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.161 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f1.1e100.net
Software
fife /
Resource Hash
6a5482e0dc4e77a6be20281b13d7ef4d8b67521e73b66bc633ea4e4242934be9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36
Referer
https://rucotvorny.blogspot.com/

Response headers

access-control-expose-headers
Content-Length
timing-allow-origin
*
cache-control
public, max-age=86400, no-transform
etag
"v1"
x-content-type-options
nosniff
expires
Wed, 08 Oct 2025 14:58:11 GMT
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
228521
date
Tue, 07 Oct 2025 14:58:11 GMT
x-xss-protection
0
content-type
image/jpeg
vary
Origin
server
fife
content-disposition
inline;filename="unnamed.jpg"
KFO7CnqEu92Fr1ME7kSn66aGLdTylUAMa3yUBA.woff2
fonts.gstatic.com/s/roboto/v49/ 		39 KB
39 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v49/KFO7CnqEu92Fr1ME7kSn66aGLdTylUAMa3yUBA.woff2
Requested by
Host: rucotvorny.blogspot.com
URL: https://rucotvorny.blogspot.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.227 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f3.1e100.net
Software
sffe /
Resource Hash
20b535fa80c8189e3b87d1803038389960203a886d502bc2ef1857affc2f38d2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36
Origin
https://rucotvorny.blogspot.com
Referer
https://rucotvorny.blogspot.com/

Response headers

age
25222
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Wed, 07 Oct 2026 07:57:49 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 07 Oct 2025 07:57:49 GMT
last-modified
Mon, 08 Sep 2025 18:08:05 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
40128
x-xss-protection
0
server
sffe
KFO7CnqEu92Fr1ME7kSn66aGLdTylUAMa3iUBGEe.woff2
fonts.gstatic.com/s/roboto/v49/ 		22 KB
22 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v49/KFO7CnqEu92Fr1ME7kSn66aGLdTylUAMa3iUBGEe.woff2
Requested by
Host: rucotvorny.blogspot.com
URL: https://rucotvorny.blogspot.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.227 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f3.1e100.net
Software
sffe /
Resource Hash
c06ca3fcbc5f7c37ebb7c86a69502009911ecd8183811bae02f9b1fbb0541ddb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36
Origin
https://rucotvorny.blogspot.com
Referer
https://rucotvorny.blogspot.com/

Response headers

age
24683
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Wed, 07 Oct 2026 08:06:48 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 07 Oct 2025 08:06:48 GMT
last-modified
Mon, 08 Sep 2025 18:08:07 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
22796
x-xss-protection
0
server
sffe
AEn0k_skjuEIm61nZHLrWVnt-a85Nv5cHuNp_NGfGuZ62T-KYRCeQU4T4bbO4er1vsXhFmJSokT6-yZk25Aa18IfanGyfvkttWS4mp9gryfXIRuA6eQyA8QA3Yumo4gVqV5a8hrmnOh41YdThIYuwWX1yqtiSw3FGl6p09AfNuo4GqsnE9Ofpik_hd2BWxfp58xdJ...
lh3.googleusercontent.com/blogger_img_proxy/ 		899 KB
900 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lh3.googleusercontent.com/blogger_img_proxy/AEn0k_skjuEIm61nZHLrWVnt-a85Nv5cHuNp_NGfGuZ62T-KYRCeQU4T4bbO4er1vsXhFmJSokT6-yZk25Aa18IfanGyfvkttWS4mp9gryfXIRuA6eQyA8QA3Yumo4gVqV5a8hrmnOh41YdThIYuwWX1yqtiSw3FGl6p09AfNuo4GqsnE9Ofpik_hd2BWxfp58xdJEPDLnQ=w945-h600-p-k-no-nu
Requested by
Host: rucotvorny.blogspot.com
URL: https://rucotvorny.blogspot.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.161 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f1.1e100.net
Software
fife /
Resource Hash
474a01f8a0009e9a6e6069bcf0604853a5605ec0baccde8a6a39ec37e60753b9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36
Referer
https://rucotvorny.blogspot.com/

Response headers

access-control-expose-headers
Content-Length
timing-allow-origin
*
cache-control
public, max-age=86400, no-transform
age
5079
x-content-type-options
nosniff
expires
Wed, 08 Oct 2025 13:33:32 GMT
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
921055
x-xss-protection
0
date
Tue, 07 Oct 2025 13:33:32 GMT
content-disposition
inline;filename="unnamed.png"
content-type
image/png
server
fife
vary
Origin
AEn0k_vI3x2wDqeh4lAi12uq7Dh67HQH0STdnOnwBKVepFqS1w3kj2mPgZhuu82n9bsWtgCpaP3LF8VTUlm_PBleV9NJi3PQvoG1DjXQy9aoD1oJ_zJdANagkKX3rVaFy1WAQztHAQ5tpC1oY2RNBEX20ms_5T6IpX0iENFfv_a4K2l9_IPGuWOL1wfOZ60j3Mw2z...
lh3.googleusercontent.com/blogger_img_proxy/ 		26 KB
26 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lh3.googleusercontent.com/blogger_img_proxy/AEn0k_vI3x2wDqeh4lAi12uq7Dh67HQH0STdnOnwBKVepFqS1w3kj2mPgZhuu82n9bsWtgCpaP3LF8VTUlm_PBleV9NJi3PQvoG1DjXQy9aoD1oJ_zJdANagkKX3rVaFy1WAQztHAQ5tpC1oY2RNBEX20ms_5T6IpX0iENFfv_a4K2l9_IPGuWOL1wfOZ60j3Mw2z2f3tQ=w128-h128-p-k-no-nu
Requested by
Host: rucotvorny.blogspot.com
URL: https://rucotvorny.blogspot.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.161 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f1.1e100.net
Software
fife /
Resource Hash
c82b06bf63aac66ec40979c807be0192d892c427cb6f839bb59b257c5aa3028f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36
Referer
https://rucotvorny.blogspot.com/

Response headers

access-control-expose-headers
Content-Length
timing-allow-origin
*
cache-control
public, max-age=86400, no-transform
age
13386
x-content-type-options
nosniff
expires
Wed, 08 Oct 2025 11:15:05 GMT
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
26341
x-xss-protection
0
date
Tue, 07 Oct 2025 11:15:05 GMT
content-disposition
inline;filename="unnamed.png"
content-type
image/png
server
fife
vary
Origin
AEn0k_sNi3Gm3_zbAqwr9Q56SEZjLDE3_H27cXJFfQma7PU9XqKAM2XXGw0dQ_2xaSd4jPJ8dWXg-nVbiX7mhetsC5SXAEBv5lu0Bd9WJRdAyMawNo3-T0ZacQAsckNeFVKxTO0EKT0JkPZW_lXuARuEkHCA52fKZyiPOjZV64h43rJnKx6ErunjNrkzxUhPFsrX_...
lh3.googleusercontent.com/blogger_img_proxy/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lh3.googleusercontent.com/blogger_img_proxy/AEn0k_sNi3Gm3_zbAqwr9Q56SEZjLDE3_H27cXJFfQma7PU9XqKAM2XXGw0dQ_2xaSd4jPJ8dWXg-nVbiX7mhetsC5SXAEBv5lu0Bd9WJRdAyMawNo3-T0ZacQAsckNeFVKxTO0EKT0JkPZW_lXuARuEkHCA52fKZyiPOjZV64h43rJnKx6ErunjNrkzxUhPFsrX_DWwpw=w128-h128-p-k-no-nu
Requested by
Host: rucotvorny.blogspot.com
URL: https://rucotvorny.blogspot.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.161 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f1.1e100.net
Software
fife /
Resource Hash
ea1bc010b5bb8514a3a9f6d4643c21ad8f78061a715df310f5b316fb8f004b55
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36
Referer
https://rucotvorny.blogspot.com/

Response headers

access-control-expose-headers
Content-Length
timing-allow-origin
*
cache-control
public, max-age=86400, no-transform
age
13386
x-content-type-options
nosniff
expires
Wed, 08 Oct 2025 11:15:05 GMT
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7969
x-xss-protection
0
date
Tue, 07 Oct 2025 11:15:05 GMT
content-disposition
inline;filename="unnamed.jpg"
content-type
image/jpeg
server
fife
vary
Origin
AEn0k_uQHO57eHWkEZnugTLOz5-tANIIXu0lGfC25g5zVV31Rh3xbxuc9yzVWFD0QBzE5WFftd95ccsGogPDsIW75kzIQx2v13cBYzH5sGFdtq05nrU1DpRscI23IZYcpP1R3RHLZf5SAoAmdUaR7Sx6XLaMC7I0vtLpn8EksYv8btOHD-0m4S091m9JFYp2c8oIP...
lh3.googleusercontent.com/blogger_img_proxy/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lh3.googleusercontent.com/blogger_img_proxy/AEn0k_uQHO57eHWkEZnugTLOz5-tANIIXu0lGfC25g5zVV31Rh3xbxuc9yzVWFD0QBzE5WFftd95ccsGogPDsIW75kzIQx2v13cBYzH5sGFdtq05nrU1DpRscI23IZYcpP1R3RHLZf5SAoAmdUaR7Sx6XLaMC7I0vtLpn8EksYv8btOHD-0m4S091m9JFYp2c8oIP6N-krM=w128-h128-p-k-no-nu
Requested by
Host: rucotvorny.blogspot.com
URL: https://rucotvorny.blogspot.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.161 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f1.1e100.net
Software
fife /
Resource Hash
3adbf339d814cb566d6573b6d2e2422498d382660dd8496822864571e7ddf32e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36
Referer
https://rucotvorny.blogspot.com/

Response headers

access-control-expose-headers
Content-Length
timing-allow-origin
*
cache-control
public, max-age=86400, no-transform
age
13385
x-content-type-options
nosniff
expires
Wed, 08 Oct 2025 11:15:06 GMT
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4954
x-xss-protection
0
date
Tue, 07 Oct 2025 11:15:06 GMT
content-disposition
inline;filename="unnamed.jpg"
content-type
image/jpeg
server
fife
vary
Origin
2395151956-indie_compiled.js
resources.blogblog.com/blogblog/data/res/ 		140 KB
48 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://resources.blogblog.com/blogblog/data/res/2395151956-indie_compiled.js
Requested by
Host: rucotvorny.blogspot.com
URL: https://rucotvorny.blogspot.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.201 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f9.1e100.net
Software
sffe /
Resource Hash
998162905168e8b9aa33e00840bda808421955195021cf76e73e06a8825dc037
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36
Referer
https://rucotvorny.blogspot.com/

Response headers

content-encoding
gzip
age
25834
report-to
{"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
x-content-type-options
nosniff
expires
Tue, 14 Oct 2025 07:47:37 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 07 Oct 2025 07:47:37 GMT
last-modified
Mon, 06 Oct 2025 16:55:51 GMT
content-type
text/javascript
vary
Accept-Encoding
cache-control
public, max-age=604800
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="blogger-tech"
content-length
48809
x-xss-protection
0
server
sffe
cookienotice.js
rucotvorny.blogspot.com/js/ 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://rucotvorny.blogspot.com/js/cookienotice.js
Requested by
Host: rucotvorny.blogspot.com
URL: https://rucotvorny.blogspot.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.65 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f1.1e100.net
Software
sffe /
Resource Hash
068ffe90977f2b5b2dc2ef18572166e85281bd0ecb31c4902464b23db54d2568
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36
Referer
https://rucotvorny.blogspot.com/

Response headers

content-encoding
gzip
age
23641
report-to
{"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
x-content-type-options
nosniff
expires
Tue, 14 Oct 2025 08:24:10 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 07 Oct 2025 08:24:10 GMT
last-modified
Mon, 06 Oct 2025 19:54:17 GMT
content-type
text/javascript
vary
Accept-Encoding
cache-control
public, max-age=604800
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="blogger-tech"
content-length
2026
x-xss-protection
0
server
sffe
3878540743-widgets.js
www.blogger.com/static/v1/widgets/ 		144 KB
51 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.blogger.com/static/v1/widgets/3878540743-widgets.js
Requested by
Host: rucotvorny.blogspot.com
URL: https://rucotvorny.blogspot.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.201 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f9.1e100.net
Software
sffe /
Resource Hash
7511fc1573d0fd386edba6b764b3d97a7e47eb91ea5beb2f99d0b2ddecec8106
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36
Referer
https://rucotvorny.blogspot.com/

Response headers

content-encoding
gzip
age
24882
report-to
{"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
x-content-type-options
nosniff
expires
Wed, 07 Oct 2026 08:03:29 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 07 Oct 2025 08:03:29 GMT
last-modified
Tue, 07 Oct 2025 01:52:32 GMT
content-type
text/javascript
vary
Accept-Encoding
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="blogger-tech"
content-length
52140
x-xss-protection
0
server
sffe
jquery.min.js
cdn.jsdelivr.net/jquery/3.0.0-rc1/ 		84 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/jquery/3.0.0-rc1/jquery.min.js
Requested by
Host: admediatex.net
URL: https://admediatex.net/serve/ads.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.229 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
df68e90250b9a60fc184ef194d1769d3af8aa67396cc064281cb77e2ef6bf876
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"
Referer
https://rucotvorny.blogspot.com/

Response headers

access-control-expose-headers
*
content-encoding
br
etag
W/"1511e-iX3qQTkE9uH1SwOLGxDGVnnk1pk"
age
2427096
x-content-type-options
nosniff
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
x-cache
HIT, HIT
date
Tue, 07 Oct 2025 14:58:11 GMT
content-type
application/javascript; charset=utf-8
x-served-by
cache-fra-eddf8230126-FRA, cache-man4142-MAN
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
access-control-allow-origin
*
content-length
31149
ads.php
admediatex.net/serve/ 		254 B
648 B 		Script
General
Check archive.org
Download Go to
Full URL
https://admediatex.net/serve/ads.php?a=5303&b=468x60&random=51058999&referr=
Requested by
Host: rucotvorny.blogspot.com
URL: https://rucotvorny.blogspot.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.3 , Ascension Island, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/5.6.40
Resource Hash
948c795bdeeed8f2f72c5f3bc7a9e6e29e36d3eaeea3777b16e7845c1f373034

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"
Referer
https://rucotvorny.blogspot.com/

Response headers

nel
{"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
content-encoding
zstd
cf-cache-status
DYNAMIC
report-to
{"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=ivc4ARyysd700lLLIgkYvmUajYwPvcKnDuSWNGNkUa3McxLW%2Fq8TO1wDHqcTNUGO4sEuQIHbW1A0rQLv8CV7pJzbs4mQtSWFl0teOA%3D%3D"}]}
cf-ray
98ae41586fd8ef59-LHR
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
date
Tue, 07 Oct 2025 14:58:11 GMT
content-type
text/html; charset=UTF-8
vary
Accept-Encoding
server
cloudflare
priority
u=1,i=?0
x-powered-by
PHP/5.6.40
show_ads_impl_with_ama_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202510020101/ 		506 KB
167 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202510020101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4244779720844823&plah=rucotvorny.blogspot.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-4244779720844823&host=ca-host-pub-1556223355139109
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
9d803314df9017164773ffddd2572b8e888295fac4de2b33ca9552763e845a32
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36
Referer
https://rucotvorny.blogspot.com/

Response headers

content-encoding
br
etag
17014707576032039993
x-content-type-options
nosniff
expires
Tue, 07 Oct 2025 14:58:11 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date
Tue, 07 Oct 2025 14:58:11 GMT
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
content-disposition
attachment; filename="f.txt"
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-length
170947
x-xss-protection
0
server
cafe
valid.php
admediatex.net/serve/ 		1 KB
971 B 		Script
General
Check archive.org
Download Go to
Full URL
https://admediatex.net/serve/valid.php?a=5303&b=468x60&referr=&t=1759849091&c=savah1&doma=0&dcat=40&h=fbefbfeaacaeb
Requested by
Host: admediatex.net
URL: https://admediatex.net/serve/ads.php?a=5303&b=468x60&random=51058999&referr=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.3 , Ascension Island, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/5.6.40
Resource Hash
cb4ffb6b320c3c26ff60ecdb2ad85131a81b94bc70cc7a58e480f6eb5f23c36b

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36
Referer
https://rucotvorny.blogspot.com/

Response headers

nel
{"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
content-encoding
zstd
cf-cache-status
DYNAMIC
report-to
{"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=VwSw25Se4GRKZcTSPb95GMBxMF0eY4mVNWcr28YAucUX7rABAK0n71tS%2BcCwGNAcNLQNXZWLKz2LShhpDPfCedTN%2FXkfUxuXpK8tfA%3D%3D"}]}
cf-ray
98ae4158d89def59-LHR
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
date
Tue, 07 Oct 2025 14:58:12 GMT
content-type
text/html; charset=UTF-8
vary
Accept-Encoding
server
cloudflare
priority
u=3,i=?0
x-powered-by
PHP/5.6.40
/
cdn.admediatex.net/468x60/ Frame 3213 		278 B
754 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.admediatex.net/468x60/
Requested by
Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/jquery/3.0.0-rc1/jquery.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.3 , Ascension Island, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ed62969d472a95434149e7fd6205b29e740811452c1cd320103f4d0060f9f674

Request headers

Referer
https://rucotvorny.blogspot.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
98ae41596d8f63e5-LHR
content-encoding
zstd
content-type
text/html; charset=UTF-8
date
Tue, 07 Oct 2025 14:58:12 GMT
nel
{"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
priority
u=0,i
report-to
{"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=N%2BMETpzEOYg3dUnCEEr2sBAuNfjVbK8WVAR0HMtpFRgGaEPJ8Fb3PF%2FHR3vIbG0QpVCFtpqExlDF9mZmqGN6WczJaOkq9gLhgx3fFS%2B%2FgvKIoQ%3D%3D"}]}
server
cloudflare
server-timing
cfExtPri
vary
Accept-Encoding,User-Agent
x-turbo-charged-by
LiteSpeed
redirect
xml.qualiclicks.com/ Frame 3524
Redirect Chain
  • https://is.gd/rTOC3b
  • https://xml.qualiclicks.com/redirect?feed=883493&auth=vrbG
0
139 B 		Document
General
Check archive.org
Download Go to
Full URL
https://xml.qualiclicks.com/redirect?feed=883493&auth=vrbG
Requested by
Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/jquery/3.0.0-rc1/jquery.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
198.134.116.18 Garden City, United States, ASN27257 (WEBAIR-INTERNET, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://rucotvorny.blogspot.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36

Response headers

Cache-Control
no-store
Connection
keep-alive
Content-Length
0
Date
Tue, 07 Oct 2025 14:58:12 GMT
Server
nginx

Redirect headers

cf-cache-status
DYNAMIC
cf-ray
98ae41597e919953-LHR
content-type
text/html; charset=UTF-8
date
Tue, 07 Oct 2025 14:58:12 GMT
location
https://xml.qualiclicks.com/redirect?feed=883493&auth=vrbG
server
cloudflare
redirect
xml.qualiclicks.com/ Frame B642
Redirect Chain
  • https://is.gd/OAKmHr
  • https://xml.qualiclicks.com/redirect?feed=883637&auth=wF2R
0
139 B 		Document
General
Check archive.org
Download Go to
Full URL
https://xml.qualiclicks.com/redirect?feed=883637&auth=wF2R
Requested by
Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/jquery/3.0.0-rc1/jquery.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
198.134.116.18 Garden City, United States, ASN27257 (WEBAIR-INTERNET, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://rucotvorny.blogspot.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36

Response headers

Cache-Control
no-store
Connection
keep-alive
Content-Length
0
Date
Tue, 07 Oct 2025 14:58:12 GMT
Server
nginx

Redirect headers

cf-cache-status
DYNAMIC
cf-ray
98ae41597e879953-LHR
content-type
text/html; charset=UTF-8
date
Tue, 07 Oct 2025 14:58:12 GMT
location
https://xml.qualiclicks.com/redirect?feed=883637&auth=wF2R
server
cloudflare
redirect
xml.qualiclicks.com/ Frame E82D
Redirect Chain
  • https://is.gd/wdfbfz
  • https://xml.qualiclicks.com/redirect?feed=883638&auth=rlEI
0
139 B 		Document
General
Check archive.org
Download Go to
Full URL
https://xml.qualiclicks.com/redirect?feed=883638&auth=rlEI
Requested by
Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/jquery/3.0.0-rc1/jquery.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
198.134.116.18 Garden City, United States, ASN27257 (WEBAIR-INTERNET, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://rucotvorny.blogspot.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36

Response headers

Cache-Control
no-store
Connection
keep-alive
Content-Length
0
Date
Tue, 07 Oct 2025 14:58:12 GMT
Server
nginx

Redirect headers

cf-cache-status
DYNAMIC
cf-ray
98ae41597e8e9953-LHR
content-type
text/html; charset=UTF-8
date
Tue, 07 Oct 2025 14:58:12 GMT
location
https://xml.qualiclicks.com/redirect?feed=883638&auth=rlEI
server
cloudflare
redirect
xml.qualiclicks.com/ Frame EA63
Redirect Chain
  • https://is.gd/2ex9wL
  • https://xml.qualiclicks.com/redirect?feed=883639&auth=FZ9D
0
139 B 		Document
General
Check archive.org
Download Go to
Full URL
https://xml.qualiclicks.com/redirect?feed=883639&auth=FZ9D
Requested by
Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/jquery/3.0.0-rc1/jquery.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
198.134.116.18 Garden City, United States, ASN27257 (WEBAIR-INTERNET, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://rucotvorny.blogspot.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36

Response headers

Cache-Control
no-store
Connection
keep-alive
Content-Length
0
Date
Tue, 07 Oct 2025 14:58:12 GMT
Server
nginx

Redirect headers

cf-cache-status
DYNAMIC
cf-ray
98ae41597e8c9953-LHR
content-type
text/html; charset=UTF-8
date
Tue, 07 Oct 2025 14:58:12 GMT
location
https://xml.qualiclicks.com/redirect?feed=883639&auth=FZ9D
server
cloudflare
redirect
xml.qualiclicks.com/ Frame 0A01
Redirect Chain
  • https://is.gd/z7SywZ
  • https://xml.qualiclicks.com/redirect?feed=883486&auth=8zAm
0
139 B 		Document
General
Check archive.org
Download Go to
Full URL
https://xml.qualiclicks.com/redirect?feed=883486&auth=8zAm
Requested by
Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/jquery/3.0.0-rc1/jquery.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
198.134.116.18 Garden City, United States, ASN27257 (WEBAIR-INTERNET, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://rucotvorny.blogspot.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36

Response headers

Cache-Control
no-store
Connection
keep-alive
Content-Length
0
Date
Tue, 07 Oct 2025 14:58:12 GMT
Server
nginx

Redirect headers

cf-cache-status
DYNAMIC
cf-ray
98ae41597e8f9953-LHR
content-type
text/html; charset=UTF-8
date
Tue, 07 Oct 2025 14:58:12 GMT
location
https://xml.qualiclicks.com/redirect?feed=883486&auth=8zAm
server
cloudflare
ca-pub-4244779720844823
fundingchoicesmessages.google.com/i/ 		208 KB
67 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/i/ca-pub-4244779720844823?href=https%3A%2F%2Frucotvorny.blogspot.com&ers=2
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202510020101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4244779720844823&plah=rucotvorny.blogspot.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.78 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f14.1e100.net
Software
ESF /
Resource Hash
adf3f5251dddec50265483ea85a75e649422c14e771dc75cf0f55f4cf2de3c13
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-QYT_R2ZruUXvTG_i9FTvxw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36
Referer
https://rucotvorny.blogspot.com/

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Mon, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 07 Oct 2025 14:58:12 GMT
content-type
application/javascript; charset=utf-8
x-frame-options
SAMEORIGIN
reporting-endpoints
default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjitDikmJw1JBiaL15jnU6EBsqXGJ1BuIP9ZdZfwBxkcQV1hYg_lR1g1Wk-gZrEvtN1hIgNj14i9UdiM38brPaAXG1uxdbMxDv--_LdgyIhbg5Wq5OOc4mMKOlqVpJIym_MD45P6-kKDOptCS_KC05LbU4tagstSjeyMDI1NDAwFTPwDy-wAAAn6A2CA"
content-security-policy
script-src 'report-sample' 'nonce-QYT_R2ZruUXvTG_i9FTvxw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
cache-control
no-cache, no-store, max-age=0, must-revalidate
timing-allow-origin
*
cross-origin-opener-policy
same-origin
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-resource-policy
cross-origin
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-xss-protection
0
server
ESF
3f2B4x52120_r_1.gif
cdn.admediatex.net/468x60/ Frame 3213 		18 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.admediatex.net/468x60/3f2B4x52120_r_1.gif
Requested by
Host: cdn.admediatex.net
URL: https://cdn.admediatex.net/468x60/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.3 , Ascension Island, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
604f5838638f8c61be1d4bdbe64bde77716b6019ce012dff4f25bdcb38050888

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36
Referer
https://cdn.admediatex.net/468x60/

Response headers

cf-cache-status
HIT
etag
"49b4-63ca1f14-8c27fb6202e8a605;;;"
age
56298
report-to
{"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=POllHGFb179SfX3Qr0S9CBCpWamphjYRpMiZFsaQ08Bw8eEyOdPWff05CVvH0CapI4OwdPZY6%2BDDtHPTTZF%2FDhL7%2BvsjNvQaTGrCuBBmRCF5iA%3D%3D"}]}
expires
Mon, 13 Oct 2025 23:19:53 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
date
Tue, 07 Oct 2025 14:58:12 GMT
content-type
image/gif
last-modified
Fri, 20 Jan 2023 04:56:52 GMT
vary
User-Agent, accept-encoding
priority
u=2,i
cache-control
public, max-age=604800
nel
{"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
cf-ray
98ae415aeed863e5-LHR
accept-ranges
bytes
content-length
18868
x-turbo-charged-by
LiteSpeed
server
cloudflare
AGSKWxWZIQTRcD6ToOgFephq3Czyq1UXG_a1NDlo9j5WwpEEFuYA6qcZQxqPGorxt7YaExvuy32ln9ioFahhnlYfUNdBCFIgj6kk-1VGOPHxraF5v82UpfMY0ubRicHOLJ0vkRfEym3GRg==
fundingchoicesmessages.google.com/el/ 		0
28 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxWZIQTRcD6ToOgFephq3Czyq1UXG_a1NDlo9j5WwpEEFuYA6qcZQxqPGorxt7YaExvuy32ln9ioFahhnlYfUNdBCFIgj6kk-1VGOPHxraF5v82UpfMY0ubRicHOLJ0vkRfEym3GRg==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.BwCVx5kksk8.es5.O/d=1/rs=AJlcJMzWNlk1Dyes6sVxvpgrR5nPPriNrQ/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.78 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f14.1e100.net
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-9-ncmvNIZXP434Nz4RGfGw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36
Content-Type
text/plain
Referer
https://rucotvorny.blogspot.com/

Response headers

access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
x-content-type-options
nosniff
expires
Mon, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 07 Oct 2025 14:58:12 GMT
content-type
text/html; charset=utf-8
x-frame-options
SAMEORIGIN
reporting-endpoints
default="/_/ContributorLoggingHttp/web-reports?context=eJzjUtDikmJw0pBi-FB_mfUHEJv53Wa1A-Jqdy-2ZiAW4uFouTrlOJtAw6kNxxiVXJLyC-OT8_NKUvNKdBNTinVB7KLMpNKS_CIUdmoZSEVOfnp6Zl56vJGBkamhgYGRnoF5fIEBAIfnKVk"
content-security-policy
script-src 'report-sample' 'nonce-9-ncmvNIZXP434Nz4RGfGw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
cache-control
no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy
same-origin
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
access-control-allow-origin
https://rucotvorny.blogspot.com
content-length
0
x-xss-protection
0
server
ESF
AGSKWxXdYYcJOsyUlXpgQASEIUuSOnpR-10gKcxUM1zRdK96ksArRtca0Dr1By5-0_6Hs0QPLvQ4ni2WfO3ZHPf5YBYU5FEVGesHtrNuMybok-OOM0yTEpHuNDQ_P6TZnSUAyxZqatAkXA==
fundingchoicesmessages.google.com/f/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxXdYYcJOsyUlXpgQASEIUuSOnpR-10gKcxUM1zRdK96ksArRtca0Dr1By5-0_6Hs0QPLvQ4ni2WfO3ZHPf5YBYU5FEVGesHtrNuMybok-OOM0yTEpHuNDQ_P6TZnSUAyxZqatAkXA==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzU5ODQ5MDkyLDM2MzAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzddXSwiaHR0cHM6Ly9ydWNvdHZvcm55LmJsb2dzcG90LmNvbS8iLG51bGwsW1s4LCJCd0NWeDVra3NrOCJdLFs5LCJlbi1VUyJdLFsyNiwiMCJdLFsxOSwiMSJdLFsxNywiWzBdIl0sWzI0LCIiXSxbMjUsIltbMzEwODIyNTNdXSJdLFsyOSwidHJ1ZSJdXV0
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.BwCVx5kksk8.es5.O/d=1/rs=AJlcJMzWNlk1Dyes6sVxvpgrR5nPPriNrQ/m=kernel_loader,loader_js_executable
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.78 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f14.1e100.net
Software
ESF /
Resource Hash
3d45ffee452196f35bbf5ce35167c35669d85aef28d1206ee346efdfbc02cecb
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-ZRWi4Wi1CqmTH3sPl28lJA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36
Referer
https://rucotvorny.blogspot.com/

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Mon, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 07 Oct 2025 14:58:12 GMT
content-type
application/javascript; charset=utf-8
x-frame-options
SAMEORIGIN
reporting-endpoints
default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjStDikmLw15BiOHHrNtMFIG69eY51OhAbKlxidQbiD_WXWX8AcZHEFdYWIP5UdYNVpPoGaxL7TdYSIDY9eIvVHYjN_G6z2gFxtbsXWzMQ7_vvy3YMiIV4OFquTjnOJnBgef8BRiWNpPzC-OT8vJKizKTSkvyitOS01OLUorLUongjAyNTQwMDUz0D8_gCAwC-QzvD"
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-ZRWi4Wi1CqmTH3sPl28lJA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
cache-control
no-cache, no-store, max-age=0, must-revalidate
timing-allow-origin
*
cross-origin-opener-policy
same-origin
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-resource-policy
cross-origin
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-xss-protection
0
server
ESF
AGSKWxWZIQTRcD6ToOgFephq3Czyq1UXG_a1NDlo9j5WwpEEFuYA6qcZQxqPGorxt7YaExvuy32ln9ioFahhnlYfUNdBCFIgj6kk-1VGOPHxraF5v82UpfMY0ubRicHOLJ0vkRfEym3GRg==
fundingchoicesmessages.google.com/el/ 		0
28 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxWZIQTRcD6ToOgFephq3Czyq1UXG_a1NDlo9j5WwpEEFuYA6qcZQxqPGorxt7YaExvuy32ln9ioFahhnlYfUNdBCFIgj6kk-1VGOPHxraF5v82UpfMY0ubRicHOLJ0vkRfEym3GRg==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.BwCVx5kksk8.es5.O/d=1/rs=AJlcJMzWNlk1Dyes6sVxvpgrR5nPPriNrQ/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.78 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f14.1e100.net
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-P3swiN2i-7zBgLQ8sSd-oQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36
Content-Type
text/plain
Referer
https://rucotvorny.blogspot.com/

Response headers

access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
x-content-type-options
nosniff
expires
Mon, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 07 Oct 2025 14:58:12 GMT
content-type
text/html; charset=utf-8
x-frame-options
SAMEORIGIN
reporting-endpoints
default="/_/ContributorLoggingHttp/web-reports?context=eJzjUtDikmJw0ZBi-FB_mfUHEJv53Wa1A-Jqdy-2ZiAW4uFouTrlOJvAjX_nbjAquSTlF8Yn5-eVpOaV6CamFOuC2EWZSaUl-UUo7NQykIqc_PT0zLz0eCMDI1NDAwMjPQPz-AIDAL81Khc"
content-security-policy
script-src 'report-sample' 'nonce-P3swiN2i-7zBgLQ8sSd-oQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
cache-control
no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy
same-origin
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
access-control-allow-origin
https://rucotvorny.blogspot.com
content-length
0
x-xss-protection
0
server
ESF
valid2.php
admediatex.net/serve/ 		0
453 B 		Script
General
Check archive.org
Download Go to
Full URL
https://admediatex.net/serve/valid2.php?b=468x60&c=savah1&take=828&tier=2&referr=&t=1759849091&h=bfdbdccbfccfe
Requested by
Host: admediatex.net
URL: https://admediatex.net/serve/valid.php?a=5303&b=468x60&referr=&t=1759849091&c=savah1&doma=0&dcat=40&h=fbefbfeaacaeb
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.3 , Ascension Island, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/5.6.40
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36
Referer
https://rucotvorny.blogspot.com/

Response headers

nel
{"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
content-encoding
zstd
cf-cache-status
DYNAMIC
report-to
{"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=phgYGwFiJ6KqzBn4%2BOG6hHQPovEJ4R5fvPAiKqPbhfc8Y4m0NIMJDJ%2B6YP%2Bkzj7aA0OYPff1kSsyBlFhaIKMBp04CNThUX4zxIAZQQ%3D%3D"}]}
cf-ray
98ae41d62eadef59-LHR
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
date
Tue, 07 Oct 2025 14:58:32 GMT
content-type
text/html; charset=UTF-8
vary
Accept-Encoding
server
cloudflare
priority
u=3,i=?0
x-powered-by
PHP/5.6.40

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
linkslot.ru
URL
https://linkslot.ru/bancode_new.php?id=365870
Domain
super-traf.ru
URL
https://super-traf.ru/earn/partner/get?id=28879&type=1&code=1756324560
Domain
linkslot.ru
URL
https://linkslot.ru/bancode_new.php?id=360973
Domain
webtrafic.ru
URL
https://webtrafic.ru/ads.php?uid=11507
Domain
adslinks.ru
URL
https://adslinks.ru/bancode.php?id=2930

Verdicts & Comments Add Verdict or Comment

50 JavaScript Window variables

These are the non-standard variables defined on the window object. These include var declarations and global functions and can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| adsbygoogle string| a string| b string| network function| ClipboardJS function| $ function| jQuery number| random object| google_js_reporting_queue number| google_srt boolean| BGtEY object| google_logging_queue object| google_ad_modifications object| ggeac object| google_persistent_state_async object| google_tag_data object| google_reactive_ads_global_state object| google_sa_queue function| google_process_slots number| google_unique_id number| google_rum_task_id_counter string| google_user_agent_client_hint object| node function| google_sa_impl object| googlefc boolean| adsbygoogle_ama_fc_has_run boolean| googFloatingToolbarManagerAsyncPositionUpdate object| default_ContributorServingResponseClientJs object| _F_toggles_default_ContributorServingResponseClientJs object| __googlefc string| __fcInvoked string| __fcexpdef string| OTJkNTUwNTg1ZGIzYjgwY2xvYWRlcl9qcw== string| OTJkNTUwNTg1ZGIzYjgwY2NhY2hlZF9qcw== object| __fcInternalApiManager boolean| __fcInternalApiPostMessageReady object| __tcfapiEventListeners function| __tcfapi object| __tcfapiManager boolean| __tcfapiPostMessageReady

1 Cookies

Domain/Path Name / Value
.is.gd/ Name: __cf_bm
Value: 2bZsSaIJk9ri8rug.OMykRsF8..PORHu2HmdqSy6btQ-1759849092-1.0.1.1-q0mE7Hf9gk60iWcIt6wgVbWQNUaUl5KSOzqXkSTTlfpjtXTAsHLdbtRYStcXd_q8VC_3qHm_NhJ.G05wLvZrG8Udd_WlpsqvpFtWHad4uPw

4 Console Messages

Source Level URL
Text
javascript warning URL: https://admediatex.net/serve/ads.js
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://cdn.jsdelivr.net/jquery/3.0.0-rc1/jquery.min.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: https://admediatex.net/serve/ads.js
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://cdn.jsdelivr.net/jquery/3.0.0-rc1/jquery.min.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: https://rucotvorny.blogspot.com/(Line 2544)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://admediatex.net/serve/ads.php?a=5303&b=468x60&random=51058999&referr=, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: https://rucotvorny.blogspot.com/(Line 2544)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://admediatex.net/serve/ads.php?a=5303&b=468x60&random=51058999&referr=, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

admediatex.net
adslinks.ru
adz2you.xyz
cdn.admediatex.net
cdn.jsdelivr.net
fonts.gstatic.com
fundingchoicesmessages.google.com
is.gd
lh3.googleusercontent.com
linkslot.ru
pagead2.googlesyndication.com
resources.blogblog.com
rucotvorny.blogspot.com
super-traf.ru
themes.googleusercontent.com
webtrafic.ru
www.blogger.com
www.gstatic.com
xml.qualiclicks.com
adslinks.ru
linkslot.ru
super-traf.ru
webtrafic.ru
104.21.15.144
104.25.233.53
142.250.181.227
142.250.184.201
142.250.186.161
142.250.186.65
142.250.186.66
142.250.186.78
151.101.193.229
188.114.96.3
198.134.116.18
216.58.212.131
068ffe90977f2b5b2dc2ef18572166e85281bd0ecb31c4902464b23db54d2568
20b535fa80c8189e3b87d1803038389960203a886d502bc2ef1857affc2f38d2
3adbf339d814cb566d6573b6d2e2422498d382660dd8496822864571e7ddf32e
3d45ffee452196f35bbf5ce35167c35669d85aef28d1206ee346efdfbc02cecb
474a01f8a0009e9a6e6069bcf0604853a5605ec0baccde8a6a39ec37e60753b9
516eac1339d03b352f41f338f59a145b7d0336732844761bbba3b5aa451d72b2
604f5838638f8c61be1d4bdbe64bde77716b6019ce012dff4f25bdcb38050888
658854d478c4bee77b4d668102b633610981492e00caa83632a6060e609ed735
6a5482e0dc4e77a6be20281b13d7ef4d8b67521e73b66bc633ea4e4242934be9
73d16aca9b019e42dd2de3a10e5049b5606268ce0d8e3a167b05b37acb9b0e9c
7511fc1573d0fd386edba6b764b3d97a7e47eb91ea5beb2f99d0b2ddecec8106
92e40dc4bbb485a182b796c58e6da7974cb8a6a84fdb4548ace3b85c991f0f94
948c795bdeeed8f2f72c5f3bc7a9e6e29e36d3eaeea3777b16e7845c1f373034
9828a5f7481c083b44e4d83900c1ad8387f694ff2268e66c810a882a4de6aff5
998162905168e8b9aa33e00840bda808421955195021cf76e73e06a8825dc037
9d803314df9017164773ffddd2572b8e888295fac4de2b33ca9552763e845a32
adf3f5251dddec50265483ea85a75e649422c14e771dc75cf0f55f4cf2de3c13
c06ca3fcbc5f7c37ebb7c86a69502009911ecd8183811bae02f9b1fbb0541ddb
c82b06bf63aac66ec40979c807be0192d892c427cb6f839bb59b257c5aa3028f
cb4ffb6b320c3c26ff60ecdb2ad85131a81b94bc70cc7a58e480f6eb5f23c36b
d012cfa1d2f449adb90718ea5189ff71ba01da8e271e2d14af1969d6aa8d9423
df68e90250b9a60fc184ef194d1769d3af8aa67396cc064281cb77e2ef6bf876
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ea1bc010b5bb8514a3a9f6d4643c21ad8f78061a715df310f5b316fb8f004b55
ed62969d472a95434149e7fd6205b29e740811452c1cd320103f4d0060f9f674