urlscan.io logo urlscan.io
SecurityTrails logo

rucotvorny.blogspot.com Open in urlscan Pro
142.250.185.65  Public Scan

Go To Rescan Add Verdict Report
URL: https://rucotvorny.blogspot.com/
Submission: On October 09 via api from DE — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 16 IPs in 3 countries across 16 domains to perform 39 HTTP transactions. The main IP is 142.250.185.65, located in United States and belongs to GOOGLE, US. The main domain is rucotvorny.blogspot.com.
TLS certificate: Issued by WE2 on September 22nd 2025. Valid for: 3 months.
This is the only time rucotvorny.blogspot.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
3 142.250.185.65 15169 (GOOGLE)
1 142.250.186.35 15169 (GOOGLE)
2 142.250.185.130 15169 (GOOGLE)
5 79.137.227.162 12695 (DINET-AS ...)
4 188.114.97.3 13335 (CLOUDFLAR...)
1 172.67.162.200 13335 (CLOUDFLAR...)
1 142.250.185.129 15169 (GOOGLE)
2 142.250.185.195 15169 (GOOGLE)
3 142.250.185.97 15169 (GOOGLE)
1 142.250.185.105 15169 (GOOGLE)
1 142.250.186.169 15169 (GOOGLE)
1 151.101.1.229 54113 (FASTLY)
4 142.250.186.46 15169 (GOOGLE)
2 188.114.96.3 13335 (CLOUDFLAR...)
5 5 104.25.233.53 13335 (CLOUDFLAR...)
5 198.134.116.18 27257 (WEBAIR-IN...)
39 16
3    142.250.185.65 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f1.1e100.net
rucotvorny.blogspot.com
1    142.250.186.35 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f3.1e100.net
www.gstatic.com
2    142.250.185.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f2.1e100.net
pagead2.googlesyndication.com
5    79.137.227.162 (Russian Federation)

ASN12695 (DINET-AS LLC Digital Network, RU)
linkslot.ru
4    188.114.97.3 (Ascension Island)

ASN13335 (CLOUDFLARENET, US)
admediatex.net
1    172.67.162.200 (Ascension Island)

ASN13335 (CLOUDFLARENET, US)
adz2you.xyz
1    142.250.185.129 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f1.1e100.net
themes.googleusercontent.com
2    142.250.185.195 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s52-in-f3.1e100.net
fonts.gstatic.com
3    142.250.185.97 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f1.1e100.net
lh3.googleusercontent.com
1    142.250.185.105 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f9.1e100.net
resources.blogblog.com
1    142.250.186.169 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f9.1e100.net
www.blogger.com
1    151.101.1.229 (United States)

ASN54113 (FASTLY, US)
cdn.jsdelivr.net
4    142.250.186.46 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f14.1e100.net
fundingchoicesmessages.google.com
2    188.114.96.3 (Ascension Island)

ASN13335 (CLOUDFLARENET, US)
cdn.admediatex.net
5    104.25.233.53 (Ascension Island)

ASN13335 (CLOUDFLARENET, US)
is.gd
5    198.134.116.18 (Garden City, United States)

ASN27257 (WEBAIR-INTERNET, US)
xml.qualiclicks.com
Apex Domain
Subdomains		 Transfer
6 admediatex.net
admediatex.net — Cisco Umbrella Rank: 968812
cdn.admediatex.net
23 KB
5 qualiclicks.com
xml.qualiclicks.com — Cisco Umbrella Rank: 86980
695 B
5 is.gd
is.gd — Cisco Umbrella Rank: 133186
1 KB
5 linkslot.ru
linkslot.ru
24 KB
4 google.com
fundingchoicesmessages.google.com — Cisco Umbrella Rank: 781
69 KB
4 googleusercontent.com
themes.googleusercontent.com — Cisco Umbrella Rank: 13948
lh3.googleusercontent.com — Cisco Umbrella Rank: 46
416 KB
3 gstatic.com
www.gstatic.com
fonts.gstatic.com
65 KB
3 blogspot.com
rucotvorny.blogspot.com
30 KB
2 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 134
221 KB
1 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 296
31 KB
1 blogger.com
www.blogger.com — Cisco Umbrella Rank: 14223
51 KB
1 blogblog.com
resources.blogblog.com — Cisco Umbrella Rank: 30267
48 KB
1 adz2you.xyz
adz2you.xyz
33 KB
0 adslinks.ru Failed
adslinks.ru Failed
0 webtrafic.ru Failed
webtrafic.ru Failed
0 super-traf.ru Failed
super-traf.ru Failed
39 16
Domain Requested by
5 xml.qualiclicks.com cdn.jsdelivr.net
5 is.gd 5 redirects
5 linkslot.ru rucotvorny.blogspot.com
linkslot.ru
4 fundingchoicesmessages.google.com pagead2.googlesyndication.com
4 admediatex.net rucotvorny.blogspot.com
admediatex.net
3 lh3.googleusercontent.com rucotvorny.blogspot.com
3 rucotvorny.blogspot.com rucotvorny.blogspot.com
2 cdn.admediatex.net cdn.jsdelivr.net
cdn.admediatex.net
2 fonts.gstatic.com rucotvorny.blogspot.com
2 pagead2.googlesyndication.com rucotvorny.blogspot.com
pagead2.googlesyndication.com
1 cdn.jsdelivr.net admediatex.net
1 www.blogger.com rucotvorny.blogspot.com
1 resources.blogblog.com rucotvorny.blogspot.com
1 themes.googleusercontent.com rucotvorny.blogspot.com
1 adz2you.xyz rucotvorny.blogspot.com
1 www.gstatic.com rucotvorny.blogspot.com
0 adslinks.ru Failed rucotvorny.blogspot.com
0 webtrafic.ru Failed rucotvorny.blogspot.com
0 super-traf.ru Failed rucotvorny.blogspot.com
39 19

This site contains links to these domains. Also see Links.

Domain
linkslot.ru
Subject Issuer Validity Valid
misc-sni.blogspot.com
WE2		 2025-09-22 -
2025-12-15		 3 months crt.sh
*.gstatic.com
WE2		 2025-09-22 -
2025-12-15		 3 months crt.sh
*.g.doubleclick.net
WE2		 2025-09-22 -
2025-12-15		 3 months crt.sh
linkslot.ru
R12		 2025-09-10 -
2025-12-09		 3 months crt.sh
admediatex.net
WE1		 2025-08-26 -
2025-11-24		 3 months crt.sh
adz2you.xyz
WE1		 2025-09-13 -
2025-12-12		 3 months crt.sh
*.googleusercontent.com
WE2		 2025-09-22 -
2025-12-15		 3 months crt.sh
*.blogger.com
WE2		 2025-09-22 -
2025-12-15		 3 months crt.sh
jsdelivr.net
GlobalSign Atlas R3 DV TLS CA 2025 Q2		 2025-06-02 -
2026-07-04		 a year crt.sh
*.google.com
WE2		 2025-09-22 -
2025-12-15		 3 months crt.sh
qualiclicks.com
R10		 2025-08-12 -
2025-11-10		 3 months crt.sh

This page contains 7 frames:

Primary Page: https://rucotvorny.blogspot.com/
Frame ID: AE65945DABE28E0B8B21C5565BBE1745
Requests: 32 HTTP requests in this frame

Frame: https://cdn.admediatex.net/468x60/
Frame ID: DD49C2244D1DC8B2BA703EDBD6492405
Requests: 2 HTTP requests in this frame

Frame: https://xml.qualiclicks.com/redirect?feed=883493&auth=vrbG
Frame ID: 12E04F84FAD31F56F82B6576EA718B0E
Requests: 1 HTTP requests in this frame

Frame: https://xml.qualiclicks.com/redirect?feed=883637&auth=wF2R
Frame ID: F525592324204C174CE7B04F5DA1398E
Requests: 1 HTTP requests in this frame

Frame: https://xml.qualiclicks.com/redirect?feed=883638&auth=rlEI
Frame ID: 4FE0586507F9CED3EC766035F489AB9C
Requests: 1 HTTP requests in this frame

Frame: https://xml.qualiclicks.com/redirect?feed=883639&auth=FZ9D
Frame ID: FFBD357E7240C85DEF67CA04C5F25156
Requests: 1 HTTP requests in this frame

Frame: https://xml.qualiclicks.com/redirect?feed=883486&auth=8zAm
Frame ID: F514D8B50B46E38D233F1126D99ED464
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Рукотворный

Detected technologies

Overall confidence: 100%
Detected patterns
  • ^https?://[^/]+\.(?:blogspot|blogger)\.com
Overall confidence: 100%
Detected patterns
  • clipboard(?:-([\d.]+))?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/

Page Statistics

39
Requests

92 %
HTTPS

0 %
IPv6

16
Domains

19
Subdomains

16
IPs

3
Countries

1012 kB
Transfer

1956 kB
Size

1
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 27
  • https://is.gd/rTOC3b HTTP 301
  • https://xml.qualiclicks.com/redirect?feed=883493&auth=vrbG
Request Chain 28
  • https://is.gd/OAKmHr HTTP 301
  • https://xml.qualiclicks.com/redirect?feed=883637&auth=wF2R
Request Chain 29
  • https://is.gd/wdfbfz HTTP 301
  • https://xml.qualiclicks.com/redirect?feed=883638&auth=rlEI
Request Chain 30
  • https://is.gd/2ex9wL HTTP 301
  • https://xml.qualiclicks.com/redirect?feed=883639&auth=FZ9D
Request Chain 31
  • https://is.gd/z7SywZ HTTP 301
  • https://xml.qualiclicks.com/redirect?feed=883486&auth=8zAm

39 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
rucotvorny.blogspot.com/ 		126 KB
25 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://rucotvorny.blogspot.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.65 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f1.1e100.net
Software
GSE /
Resource Hash
aee581734f87a71367b050aa1324b1d851b2c4178459572742160d43175b7be6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=0
content-encoding
gzip
content-length
25383
content-type
text/html; charset=UTF-8
date
Thu, 09 Oct 2025 21:50:10 GMT
etag
W/"c85d2d560fb59beb456861fac86ed5c04c7c64b166ef705fee878b5c2ea3f0af"
expires
Thu, 09 Oct 2025 21:50:10 GMT
last-modified
Wed, 08 Oct 2025 09:56:01 GMT
server
GSE
x-content-type-options
nosniff
x-robots-tag
all
x-xss-protection
1; mode=block
clipboard.min.js
www.gstatic.com/external_hosted/clipboardjs/ 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/external_hosted/clipboardjs/clipboard.min.js
Requested by
Host: rucotvorny.blogspot.com
URL: https://rucotvorny.blogspot.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.35 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f3.1e100.net
Software
sffe /
Resource Hash
92e40dc4bbb485a182b796c58e6da7974cb8a6a84fdb4548ace3b85c991f0f94
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36
Referer
https://rucotvorny.blogspot.com/

Response headers

content-encoding
br
age
0
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
x-content-type-options
nosniff
expires
Thu, 09 Oct 2025 21:50:10 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Thu, 09 Oct 2025 21:50:10 GMT
last-modified
Thu, 20 Jul 2023 22:48:00 GMT
content-type
text/javascript
vary
Accept-Encoding
cache-control
public, max-age=0
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
content-length
3475
x-xss-protection
0
server
sffe
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		157 KB
53 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-4244779720844823&host=ca-host-pub-1556223355139109
Requested by
Host: rucotvorny.blogspot.com
URL: https://rucotvorny.blogspot.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
cafe /
Resource Hash
a9d5dc274f2ed85eeb5bae6e1219f8ceb5b1e3cd078a20d7d4b78e2e960f3e12
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36
Origin
https://rucotvorny.blogspot.com
Referer
https://rucotvorny.blogspot.com/

Response headers

content-encoding
br
etag
11505915278640493919
x-content-type-options
nosniff
expires
Thu, 09 Oct 2025 21:50:10 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date
Thu, 09 Oct 2025 21:50:10 GMT
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
content-disposition
attachment; filename="f.txt"
link
<https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
content-length
54344
x-xss-protection
0
server
cafe
sprite_v1_6.css.svg
rucotvorny.blogspot.com/responsive/ 		7 KB
3 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://rucotvorny.blogspot.com/responsive/sprite_v1_6.css.svg
Requested by
Host: rucotvorny.blogspot.com
URL: https://rucotvorny.blogspot.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.65 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f1.1e100.net
Software
sffe /
Resource Hash
73d16aca9b019e42dd2de3a10e5049b5606268ce0d8e3a167b05b37acb9b0e9c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36
Referer
https://rucotvorny.blogspot.com/

Response headers

content-encoding
gzip
age
222802
report-to
{"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
x-content-type-options
nosniff
expires
Tue, 14 Oct 2025 07:56:48 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 07 Oct 2025 07:56:48 GMT
last-modified
Mon, 06 Oct 2025 19:54:17 GMT
content-type
image/svg+xml
vary
Accept-Encoding
cache-control
public, max-age=604800
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="blogger-tech"
content-length
2244
x-xss-protection
0
server
sffe
bancode_new.php
linkslot.ru/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://linkslot.ru/bancode_new.php?id=365870
Requested by
Host: rucotvorny.blogspot.com
URL: https://rucotvorny.blogspot.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
79.137.227.162 , Russian Federation, ASN12695 (DINET-AS LLC Digital Network, RU),
Reverse DNS
Software
nginx/1.26.2 /
Resource Hash
e4ab3717950d92e3d60d003c0970c0917e1fd73e718db8a61f20ab390c22cd86

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36
Referer
https://rucotvorny.blogspot.com/

Response headers

content-encoding
gzip
date
Thu, 09 Oct 2025 21:54:45 GMT
content-type
text/html;charset=utf-8
server
nginx/1.26.2
ads.js
admediatex.net/serve/ 		1 KB
1012 B 		Script
General
Check archive.org
Download Go to
Full URL
https://admediatex.net/serve/ads.js
Requested by
Host: rucotvorny.blogspot.com
URL: https://rucotvorny.blogspot.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 , Ascension Island, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d012cfa1d2f449adb90718ea5189ff71ba01da8e271e2d14af1969d6aa8d9423

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36
Referer
https://rucotvorny.blogspot.com/

Response headers

content-encoding
gzip
cf-cache-status
HIT
etag
W/"65918afb-449"
age
2071842
report-to
{"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=M2lOpe%2Fxf1kVnpGtqESDfJz0L1O21uqHYuOSmx%2F0J40PF2F4EwmiGPGeBbBhp2aEz6D4HaTUB2QmECRsQ14nx9GYmqAH19fum72H2mIh"}]}
expires
Thu, 31 Dec 2037 23:55:55 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
date
Thu, 09 Oct 2025 21:50:10 GMT
content-type
application/javascript
last-modified
Sun, 31 Dec 2023 15:38:35 GMT
vary
Accept-Encoding
priority
u=1,i=?0
cache-control
max-age=315360000
nel
{"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
cf-ray
98c117938f41d2a8-FRA
server
cloudflare
get
super-traf.ru/earn/partner/ 		0
0
bancode_new.php
linkslot.ru/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://linkslot.ru/bancode_new.php?id=360973
Requested by
Host: rucotvorny.blogspot.com
URL: https://rucotvorny.blogspot.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
79.137.227.162 , Russian Federation, ASN12695 (DINET-AS LLC Digital Network, RU),
Reverse DNS
Software
nginx/1.26.2 /
Resource Hash
9266f62ba2457ec4f6047108acda9e5d0d17e33e8085dcbfe08e918293c1e27c

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36
Referer
https://rucotvorny.blogspot.com/

Response headers

content-encoding
gzip
date
Thu, 09 Oct 2025 21:54:45 GMT
content-type
text/html;charset=utf-8
server
nginx/1.26.2
ads.php
webtrafic.ru/ 		0
0
bancode.php
adslinks.ru/ 		0
0
X.png
adz2you.xyz/imges/ 		33 KB
33 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://adz2you.xyz/imges/X.png
Requested by
Host: rucotvorny.blogspot.com
URL: https://rucotvorny.blogspot.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.162.200 , Ascension Island, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
516eac1339d03b352f41f338f59a145b7d0336732844761bbba3b5aa451d72b2

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36
Referer
https://rucotvorny.blogspot.com/

Response headers

cf-cache-status
HIT
etag
"689104e6-8414"
age
72
report-to
{"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=dMlVeH9%2FtLKfvdsuhHX8f0G438zudL0iV9k88baDlk2rgcpDkQtaSYLfI8Cwztv%2FKDnMxzollCxbvC97BEs%2FulySyIiardJuNQcb"}]}
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
date
Thu, 09 Oct 2025 21:50:10 GMT
content-type
image/png
last-modified
Mon, 04 Aug 2025 19:07:18 GMT
vary
accept-encoding
priority
u=3,i
cache-control
max-age=14400
nel
{"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
cf-ray
98c117937a2fd384-FRA
accept-ranges
bytes
content-length
33812
server
cloudflare
image
themes.googleusercontent.com/ 		223 KB
224 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://themes.googleusercontent.com/image?id=L1lcAxxz0CLgsDzixEprHJ2F38TyEjCyE3RSAjynQDks0lT1BDc1OxXKaTEdLc89HPvdB11X9FDw&options=w1600
Requested by
Host: rucotvorny.blogspot.com
URL: https://rucotvorny.blogspot.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.129 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f1.1e100.net
Software
fife /
Resource Hash
6a5482e0dc4e77a6be20281b13d7ef4d8b67521e73b66bc633ea4e4242934be9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36
Referer
https://rucotvorny.blogspot.com/

Response headers

access-control-expose-headers
Content-Length
timing-allow-origin
*
cache-control
public, max-age=86400, no-transform
etag
"v1"
x-content-type-options
nosniff
expires
Fri, 10 Oct 2025 21:50:10 GMT
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
228521
date
Thu, 09 Oct 2025 21:50:10 GMT
x-xss-protection
0
content-type
image/jpeg
vary
Origin
server
fife
content-disposition
inline;filename="unnamed.jpg"
KFO7CnqEu92Fr1ME7kSn66aGLdTylUAMa3yUBA.woff2
fonts.gstatic.com/s/roboto/v49/ 		39 KB
39 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v49/KFO7CnqEu92Fr1ME7kSn66aGLdTylUAMa3yUBA.woff2
Requested by
Host: rucotvorny.blogspot.com
URL: https://rucotvorny.blogspot.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.195 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f3.1e100.net
Software
sffe /
Resource Hash
20b535fa80c8189e3b87d1803038389960203a886d502bc2ef1857affc2f38d2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36
Origin
https://rucotvorny.blogspot.com
Referer
https://rucotvorny.blogspot.com/

Response headers

age
222741
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Wed, 07 Oct 2026 07:57:49 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 07 Oct 2025 07:57:49 GMT
last-modified
Mon, 08 Sep 2025 18:08:05 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
40128
x-xss-protection
0
server
sffe
KFO7CnqEu92Fr1ME7kSn66aGLdTylUAMa3iUBGEe.woff2
fonts.gstatic.com/s/roboto/v49/ 		22 KB
22 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v49/KFO7CnqEu92Fr1ME7kSn66aGLdTylUAMa3iUBGEe.woff2
Requested by
Host: rucotvorny.blogspot.com
URL: https://rucotvorny.blogspot.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.195 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f3.1e100.net
Software
sffe /
Resource Hash
c06ca3fcbc5f7c37ebb7c86a69502009911ecd8183811bae02f9b1fbb0541ddb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36
Origin
https://rucotvorny.blogspot.com
Referer
https://rucotvorny.blogspot.com/

Response headers

age
222202
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Wed, 07 Oct 2026 08:06:48 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 07 Oct 2025 08:06:48 GMT
last-modified
Mon, 08 Sep 2025 18:08:07 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
22796
x-xss-protection
0
server
sffe
AEn0k_u1I-cfkVn55eG5Xc1BvPxtrQ1v2Ajvk4nog9pEi7F5Yr5is30iGQSfDSmRhyDakf8qaGfcrKTkhHXxBlhVccI-Tc459LnzV1zLpswZBprl7oPPyxKTR66aNwFttYnOhJcyzIhXFetsieHH2ggXcFY1KOWjHXgwjYN_YbodS7fw9h2OZUQ_zV7wAb1ilni87...
lh3.googleusercontent.com/blogger_img_proxy/ 		136 KB
136 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lh3.googleusercontent.com/blogger_img_proxy/AEn0k_u1I-cfkVn55eG5Xc1BvPxtrQ1v2Ajvk4nog9pEi7F5Yr5is30iGQSfDSmRhyDakf8qaGfcrKTkhHXxBlhVccI-Tc459LnzV1zLpswZBprl7oPPyxKTR66aNwFttYnOhJcyzIhXFetsieHH2ggXcFY1KOWjHXgwjYN_YbodS7fw9h2OZUQ_zV7wAb1ilni87cPTWw=w945-h600-p-k-no-nu
Requested by
Host: rucotvorny.blogspot.com
URL: https://rucotvorny.blogspot.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f1.1e100.net
Software
fife /
Resource Hash
e9e3de15938e6ba26ca80af5480961a636260e376f729ab08199b1cb71bcfaa3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36
Referer
https://rucotvorny.blogspot.com/

Response headers

access-control-expose-headers
Content-Length
timing-allow-origin
*
cache-control
public, max-age=86400, no-transform
age
2763
x-content-type-options
nosniff
expires
Fri, 10 Oct 2025 21:04:07 GMT
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
138824
x-xss-protection
0
date
Thu, 09 Oct 2025 21:04:07 GMT
content-disposition
inline;filename="unnamed.jpg"
content-type
image/jpeg
server
fife
vary
Origin
AEn0k_uE1QjBbsm7p7cAOJsI3m-VlxK2HArXcPZ4x7CoDs1Rp596BkkhwP_ViFs9d5yPalzbK6ZTFJmNPtUBa87u9PApbrvw5Jalz5ejIutRKnzka1nAyodJBYCb-ZloEygXxoW_KoIcYf8jzeAryoWIrt9v8WFZKtcVBtvPWVRoQUq38ATFo9VtQ-A_WxPnThGHi...
lh3.googleusercontent.com/blogger_img_proxy/ 		25 KB
25 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lh3.googleusercontent.com/blogger_img_proxy/AEn0k_uE1QjBbsm7p7cAOJsI3m-VlxK2HArXcPZ4x7CoDs1Rp596BkkhwP_ViFs9d5yPalzbK6ZTFJmNPtUBa87u9PApbrvw5Jalz5ejIutRKnzka1nAyodJBYCb-ZloEygXxoW_KoIcYf8jzeAryoWIrt9v8WFZKtcVBtvPWVRoQUq38ATFo9VtQ-A_WxPnThGHiLW0SQo=w128-h128-p-k-no-nu
Requested by
Host: rucotvorny.blogspot.com
URL: https://rucotvorny.blogspot.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f1.1e100.net
Software
fife /
Resource Hash
982aae7dfd526a0df831e08ef4efef3916e0a3d9301347951746962f4a462cb8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36
Referer
https://rucotvorny.blogspot.com/

Response headers

access-control-expose-headers
Content-Length
timing-allow-origin
*
cache-control
public, max-age=86400, no-transform
age
2763
x-content-type-options
nosniff
expires
Fri, 10 Oct 2025 21:04:07 GMT
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
25292
x-xss-protection
0
date
Thu, 09 Oct 2025 21:04:07 GMT
content-disposition
inline;filename="unnamed.png"
content-type
image/png
server
fife
vary
Origin
AEn0k_tpMIBDDB4vjdoW3v1fcAnmI8a9RXdymnxW4wjeAcW8s35Hvo8GFa4_ryzdcrNp8YTHpq7LiVZkdjpKva7JRj823dCGTx4_T6qjREOjJQmr242c10KvoMmcllzOak1v2hRIjS2kRVU4X1olYqGmxfVXTIV0mgFQ3S8BpNjHIIgcJqnKOF8HdgMySZcZwBn7S...
lh3.googleusercontent.com/blogger_img_proxy/ 		32 KB
32 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lh3.googleusercontent.com/blogger_img_proxy/AEn0k_tpMIBDDB4vjdoW3v1fcAnmI8a9RXdymnxW4wjeAcW8s35Hvo8GFa4_ryzdcrNp8YTHpq7LiVZkdjpKva7JRj823dCGTx4_T6qjREOjJQmr242c10KvoMmcllzOak1v2hRIjS2kRVU4X1olYqGmxfVXTIV0mgFQ3S8BpNjHIIgcJqnKOF8HdgMySZcZwBn7SXRmLQ=w128-h128-p-k-no-nu
Requested by
Host: rucotvorny.blogspot.com
URL: https://rucotvorny.blogspot.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f1.1e100.net
Software
fife /
Resource Hash
7a847f9dbc5e84f035bc66c93b654b8132f1c9e173af9cb20e84d046cb2e85c7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36
Referer
https://rucotvorny.blogspot.com/

Response headers

access-control-expose-headers
Content-Length
timing-allow-origin
*
cache-control
public, max-age=86400, no-transform
age
2763
x-content-type-options
nosniff
expires
Fri, 10 Oct 2025 21:04:07 GMT
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
32855
x-xss-protection
0
date
Thu, 09 Oct 2025 21:04:07 GMT
content-disposition
inline;filename="unnamed.png"
content-type
image/png
server
fife
vary
Origin
2395151956-indie_compiled.js
resources.blogblog.com/blogblog/data/res/ 		140 KB
48 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://resources.blogblog.com/blogblog/data/res/2395151956-indie_compiled.js
Requested by
Host: rucotvorny.blogspot.com
URL: https://rucotvorny.blogspot.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.105 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f9.1e100.net
Software
sffe /
Resource Hash
998162905168e8b9aa33e00840bda808421955195021cf76e73e06a8825dc037
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36
Referer
https://rucotvorny.blogspot.com/

Response headers

content-encoding
gzip
age
222022
report-to
{"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
x-content-type-options
nosniff
expires
Tue, 14 Oct 2025 08:09:48 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 07 Oct 2025 08:09:48 GMT
last-modified
Tue, 07 Oct 2025 01:52:32 GMT
content-type
text/javascript
vary
Accept-Encoding
cache-control
public, max-age=604800
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="blogger-tech"
content-length
48809
x-xss-protection
0
server
sffe
cookienotice.js
rucotvorny.blogspot.com/js/ 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://rucotvorny.blogspot.com/js/cookienotice.js
Requested by
Host: rucotvorny.blogspot.com
URL: https://rucotvorny.blogspot.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.65 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f1.1e100.net
Software
sffe /
Resource Hash
068ffe90977f2b5b2dc2ef18572166e85281bd0ecb31c4902464b23db54d2568
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36
Referer
https://rucotvorny.blogspot.com/

Response headers

content-encoding
gzip
age
222802
report-to
{"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
x-content-type-options
nosniff
expires
Tue, 14 Oct 2025 07:56:48 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 07 Oct 2025 07:56:48 GMT
last-modified
Tue, 07 Oct 2025 06:55:48 GMT
content-type
text/javascript
vary
Accept-Encoding
cache-control
public, max-age=604800
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="blogger-tech"
content-length
2026
x-xss-protection
0
server
sffe
3878540743-widgets.js
www.blogger.com/static/v1/widgets/ 		144 KB
51 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.blogger.com/static/v1/widgets/3878540743-widgets.js
Requested by
Host: rucotvorny.blogspot.com
URL: https://rucotvorny.blogspot.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.169 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f9.1e100.net
Software
sffe /
Resource Hash
7511fc1573d0fd386edba6b764b3d97a7e47eb91ea5beb2f99d0b2ddecec8106
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36
Referer
https://rucotvorny.blogspot.com/

Response headers

content-encoding
gzip
age
222401
report-to
{"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
x-content-type-options
nosniff
expires
Wed, 07 Oct 2026 08:03:29 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 07 Oct 2025 08:03:29 GMT
last-modified
Tue, 07 Oct 2025 01:52:32 GMT
content-type
text/javascript
vary
Accept-Encoding
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="blogger-tech"
content-length
52140
x-xss-protection
0
server
sffe
show_ads_impl_with_ama_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202510080101/ 		507 KB
167 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202510080101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4244779720844823&plah=rucotvorny.blogspot.com&bust=31095177
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-4244779720844823&host=ca-host-pub-1556223355139109
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
cafe /
Resource Hash
8202913da4eee6ef1ec7f679149b96a2c4565ce1ad055016af5af32ab7b7afe1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36
Referer
https://rucotvorny.blogspot.com/

Response headers

content-encoding
br
etag
14297831987311863567
x-content-type-options
nosniff
expires
Thu, 09 Oct 2025 21:50:10 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date
Thu, 09 Oct 2025 21:50:10 GMT
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
content-disposition
attachment; filename="f.txt"
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-length
171404
x-xss-protection
0
server
cafe
jquery.min.js
cdn.jsdelivr.net/jquery/3.0.0-rc1/ 		84 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/jquery/3.0.0-rc1/jquery.min.js
Requested by
Host: admediatex.net
URL: https://admediatex.net/serve/ads.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.229 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
df68e90250b9a60fc184ef194d1769d3af8aa67396cc064281cb77e2ef6bf876
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"
Referer
https://rucotvorny.blogspot.com/

Response headers

access-control-expose-headers
*
content-encoding
br
etag
W/"1511e-iX3qQTkE9uH1SwOLGxDGVnnk1pk"
age
96591
x-content-type-options
nosniff
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
x-cache
HIT
date
Thu, 09 Oct 2025 21:50:10 GMT
content-type
application/javascript; charset=utf-8
x-served-by
cache-fra-eddf8230117-FRA
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
access-control-allow-origin
*
content-length
31149
ads.php
admediatex.net/serve/ 		251 B
646 B 		Script
General
Check archive.org
Download Go to
Full URL
https://admediatex.net/serve/ads.php?a=5303&b=468x60&random=90184827&referr=
Requested by
Host: rucotvorny.blogspot.com
URL: https://rucotvorny.blogspot.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 , Ascension Island, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/5.6.40
Resource Hash
746151fda02f1348c71ad3e21c5d26a11f62b301d52202e3a1d298c0941b7a04

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"
Referer
https://rucotvorny.blogspot.com/

Response headers

nel
{"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
content-encoding
zstd
cf-cache-status
DYNAMIC
report-to
{"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=RTk1qhs%2FtD2LZ99KjHwqip0HSZNxC83IekUHo2tl1ehkH3pZ3o1dCvrJrut9%2FMccINupT5JF5Upl%2B%2FBYPDffs0O9Xl8o42Lyanhsu%2B01"}]}
cf-ray
98c1179468bcd2a8-FRA
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
date
Thu, 09 Oct 2025 21:50:10 GMT
content-type
text/html; charset=UTF-8
vary
Accept-Encoding
server
cloudflare
priority
u=1,i=?0
x-powered-by
PHP/5.6.40
ca-pub-4244779720844823
fundingchoicesmessages.google.com/i/ 		209 KB
67 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/i/ca-pub-4244779720844823?href=https%3A%2F%2Frucotvorny.blogspot.com&ers=2
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202510080101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4244779720844823&plah=rucotvorny.blogspot.com&bust=31095177
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.46 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f14.1e100.net
Software
ESF /
Resource Hash
a3c83aea7f17ad041dcd28c45bdfd68acc703988f589e7c4090726740648a773
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-rOZb3begh9rRBLn3N9G4eg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36
Referer
https://rucotvorny.blogspot.com/

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Mon, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Thu, 09 Oct 2025 21:50:10 GMT
content-type
application/javascript; charset=utf-8
x-frame-options
SAMEORIGIN
reporting-endpoints
default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjitDikmII1JBiaL15jnUqEBsqXGJ1BOIP9ZdZfwBxkcQV1iYg_lR1g1Wo-gZrEvtN1iIgNj14i9UViM38brPaAXG1uxdbMxDv--_LdgyIhXg4Jt1ZcJxNYMeNp3eYlDSS8gvjk_PzSooyk0pL8ovSktNSi1OLylKL4o0MjEwNDQws9AxM4gsMAAl7N2g"
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-rOZb3begh9rRBLn3N9G4eg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
cache-control
no-cache, no-store, max-age=0, must-revalidate
timing-allow-origin
*
cross-origin-opener-policy
same-origin
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-resource-policy
cross-origin
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-xss-protection
0
server
ESF
gate.php
linkslot.ru/ 		2 B
156 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://linkslot.ru/gate.php?d1=d5e0c8d9e6ddd8eccfeb96c9d4d2d2d8dae1db97ddd0df8b9a9e98a39c9a95989faa9195999998938ed2d9ecd0d5e6c2a19d95988393dd9ba3a289e6cae0dddf88dba39bc9a89b929ac2e2d8d3cddad0c7d5dbdb98af94a9969a9e8393d0d2e6d4d5a681ded1d2cd83d2cacdddd6929ac4dadad6d5c89a969ea39599a891a09887dbc4d1c6dcdb969ead98a09b9d8b989fd2e2ebc9d4b198d9d39798939b959aa29799aa91a2989798939b959aa2978caa8495999e9e939b99a0a89899b095aa
Requested by
Host: linkslot.ru
URL: https://linkslot.ru/bancode_new.php?id=365870
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
79.137.227.162 , Russian Federation, ASN12695 (DINET-AS LLC Digital Network, RU),
Reverse DNS
Software
nginx/1.26.2 / PHP/7.4.33
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36
Referer
https://rucotvorny.blogspot.com/

Response headers

access-control-allow-origin
*
content-encoding
gzip
date
Thu, 09 Oct 2025 21:54:46 GMT
content-type
text/html;charset=utf-8
x-powered-by
PHP/7.4.33
server
nginx/1.26.2
1000x90.jpg
linkslot.ru/promo/dummy/ 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://linkslot.ru/promo/dummy/1000x90.jpg
Requested by
Host: rucotvorny.blogspot.com
URL: https://rucotvorny.blogspot.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
79.137.227.162 , Russian Federation, ASN12695 (DINET-AS LLC Digital Network, RU),
Reverse DNS
Software
nginx/1.26.2 /
Resource Hash
5dca922a1f7dee3cd69326b0a575c634c4d969d0cabb4773f95f3f508639f6c0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36
Referer
https://rucotvorny.blogspot.com/

Response headers

accept-ranges
bytes
content-length
17031
date
Thu, 09 Oct 2025 21:54:46 GMT
etag
"66fe9ddd-4287"
content-type
image/jpeg
last-modified
Thu, 03 Oct 2024 13:36:29 GMT
server
nginx/1.26.2
valid.php
admediatex.net/serve/ 		1 KB
966 B 		Script
General
Check archive.org
Download Go to
Full URL
https://admediatex.net/serve/valid.php?a=5303&b=468x60&referr=&t=1760046610&c=savah1&doma=0&dcat=40&h=ceabfaefdb
Requested by
Host: admediatex.net
URL: https://admediatex.net/serve/ads.php?a=5303&b=468x60&random=90184827&referr=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 , Ascension Island, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/5.6.40
Resource Hash
d8c7edeb33ef15c59445690192a22ceb364b459a4bbf5819605af6708f9923ec

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36
Referer
https://rucotvorny.blogspot.com/

Response headers

nel
{"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
content-encoding
zstd
cf-cache-status
DYNAMIC
report-to
{"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=W1TyjpqGKoqIHhmWAt0T3pGAHmp2S1X7Nk31S8ZjAyzklXKc961ByMpnKVkAJyCuIQln1Y%2FmtxkJCLoLDOoKbqUX1mHHaNurEaTmA9u6"}]}
cf-ray
98c11794a916d2a8-FRA
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
date
Thu, 09 Oct 2025 21:50:10 GMT
content-type
text/html; charset=UTF-8
vary
Accept-Encoding
server
cloudflare
priority
u=3,i=?0
x-powered-by
PHP/5.6.40
/
cdn.admediatex.net/468x60/ Frame DD49 		278 B
759 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.admediatex.net/468x60/
Requested by
Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/jquery/3.0.0-rc1/jquery.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.3 , Ascension Island, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
91bec22f9a8ab34fc02e13cd82f4272080fe54abf7b6061b7faa2514c7183125

Request headers

Referer
https://rucotvorny.blogspot.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
98c117951b453665-FRA
content-encoding
zstd
content-type
text/html; charset=UTF-8
date
Thu, 09 Oct 2025 21:50:10 GMT
nel
{"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
priority
u=0,i
report-to
{"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=VXJo0jgjhJMPfLNZq8Vxr%2B7FDzRlLTs%2B%2F%2BD2HrzUmNOZ3WICbbZ%2FFg7gMv1SXxH7y7nUvZ22VX0l8HaJPGmAbqV6D%2FBwJH5o2u4V9tO2EIUxAw%3D%3D"}]}
server
cloudflare
server-timing
cfExtPri
vary
Accept-Encoding,User-Agent
x-turbo-charged-by
LiteSpeed
redirect
xml.qualiclicks.com/ Frame 12E0
Redirect Chain
  • https://is.gd/rTOC3b
  • https://xml.qualiclicks.com/redirect?feed=883493&auth=vrbG
0
139 B 		Document
General
Check archive.org
Download Go to
Full URL
https://xml.qualiclicks.com/redirect?feed=883493&auth=vrbG
Requested by
Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/jquery/3.0.0-rc1/jquery.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
198.134.116.18 Garden City, United States, ASN27257 (WEBAIR-INTERNET, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://rucotvorny.blogspot.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36

Response headers

Cache-Control
no-store
Connection
keep-alive
Content-Length
0
Date
Thu, 09 Oct 2025 21:50:11 GMT
Server
nginx

Redirect headers

cf-cache-status
DYNAMIC
cf-ray
98c11794fed0d25e-FRA
content-type
text/html; charset=UTF-8
date
Thu, 09 Oct 2025 21:50:10 GMT
location
https://xml.qualiclicks.com/redirect?feed=883493&auth=vrbG
server
cloudflare
redirect
xml.qualiclicks.com/ Frame F525
Redirect Chain
  • https://is.gd/OAKmHr
  • https://xml.qualiclicks.com/redirect?feed=883637&auth=wF2R
0
139 B 		Document
General
Check archive.org
Download Go to
Full URL
https://xml.qualiclicks.com/redirect?feed=883637&auth=wF2R
Requested by
Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/jquery/3.0.0-rc1/jquery.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
198.134.116.18 Garden City, United States, ASN27257 (WEBAIR-INTERNET, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://rucotvorny.blogspot.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36

Response headers

Cache-Control
no-store
Connection
keep-alive
Content-Length
0
Date
Thu, 09 Oct 2025 21:50:11 GMT
Server
nginx

Redirect headers

cf-cache-status
DYNAMIC
cf-ray
98c11794feced25e-FRA
content-type
text/html; charset=UTF-8
date
Thu, 09 Oct 2025 21:50:10 GMT
location
https://xml.qualiclicks.com/redirect?feed=883637&auth=wF2R
server
cloudflare
redirect
xml.qualiclicks.com/ Frame 4FE0
Redirect Chain
  • https://is.gd/wdfbfz
  • https://xml.qualiclicks.com/redirect?feed=883638&auth=rlEI
0
139 B 		Document
General
Check archive.org
Download Go to
Full URL
https://xml.qualiclicks.com/redirect?feed=883638&auth=rlEI
Requested by
Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/jquery/3.0.0-rc1/jquery.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
198.134.116.18 Garden City, United States, ASN27257 (WEBAIR-INTERNET, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://rucotvorny.blogspot.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36

Response headers

Cache-Control
no-store
Connection
keep-alive
Content-Length
0
Date
Thu, 09 Oct 2025 21:50:11 GMT
Server
nginx

Redirect headers

cf-cache-status
DYNAMIC
cf-ray
98c11794fecbd25e-FRA
content-type
text/html; charset=UTF-8
date
Thu, 09 Oct 2025 21:50:10 GMT
location
https://xml.qualiclicks.com/redirect?feed=883638&auth=rlEI
server
cloudflare
redirect
xml.qualiclicks.com/ Frame FFBD
Redirect Chain
  • https://is.gd/2ex9wL
  • https://xml.qualiclicks.com/redirect?feed=883639&auth=FZ9D
0
139 B 		Document
General
Check archive.org
Download Go to
Full URL
https://xml.qualiclicks.com/redirect?feed=883639&auth=FZ9D
Requested by
Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/jquery/3.0.0-rc1/jquery.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
198.134.116.18 Garden City, United States, ASN27257 (WEBAIR-INTERNET, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://rucotvorny.blogspot.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36

Response headers

Cache-Control
no-store
Connection
keep-alive
Content-Length
0
Date
Thu, 09 Oct 2025 21:50:11 GMT
Server
nginx

Redirect headers

cf-cache-status
DYNAMIC
cf-ray
98c11794feccd25e-FRA
content-type
text/html; charset=UTF-8
date
Thu, 09 Oct 2025 21:50:10 GMT
location
https://xml.qualiclicks.com/redirect?feed=883639&auth=FZ9D
server
cloudflare
redirect
xml.qualiclicks.com/ Frame F514
Redirect Chain
  • https://is.gd/z7SywZ
  • https://xml.qualiclicks.com/redirect?feed=883486&auth=8zAm
0
139 B 		Document
General
Check archive.org
Download Go to
Full URL
https://xml.qualiclicks.com/redirect?feed=883486&auth=8zAm
Requested by
Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/jquery/3.0.0-rc1/jquery.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
198.134.116.18 Garden City, United States, ASN27257 (WEBAIR-INTERNET, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://rucotvorny.blogspot.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36

Response headers

Cache-Control
no-store
Connection
keep-alive
Content-Length
0
Date
Thu, 09 Oct 2025 21:50:11 GMT
Server
nginx

Redirect headers

cf-cache-status
DYNAMIC
cf-ray
98c11794fec7d25e-FRA
content-type
text/html; charset=UTF-8
date
Thu, 09 Oct 2025 21:50:10 GMT
location
https://xml.qualiclicks.com/redirect?feed=883486&auth=8zAm
server
cloudflare
AGSKWxU9O7toJ8yNK_GN_qRuEi9LwzdXaQSXq9VTJ67GF-2C41FYRr_-w8WZ7_EUaniFSsY0G3xuGcTOzvV45lU0dGNpsHiaehrcGRmYc-eoLBQtE4N4Q8pDHSghnrtGSTZMru2PE_kMIQ==
fundingchoicesmessages.google.com/el/ 		0
28 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxU9O7toJ8yNK_GN_qRuEi9LwzdXaQSXq9VTJ67GF-2C41FYRr_-w8WZ7_EUaniFSsY0G3xuGcTOzvV45lU0dGNpsHiaehrcGRmYc-eoLBQtE4N4Q8pDHSghnrtGSTZMru2PE_kMIQ==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.de.2LS2qpu-Q0o.es5.O/d=1/rs=AJlcJMzhK-LxljVta9U6aOcqbjasdq_WzA/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.46 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f14.1e100.net
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-8-S14EsQxJwdSTrGtWu00A' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36
Content-Type
text/plain
Referer
https://rucotvorny.blogspot.com/

Response headers

access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
x-content-type-options
nosniff
expires
Mon, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Thu, 09 Oct 2025 21:50:10 GMT
content-type
text/html; charset=utf-8
x-frame-options
SAMEORIGIN
reporting-endpoints
default="/_/ContributorLoggingHttp/web-reports?context=eJzjUtDikmLw15Bi-FB_mfUHEJv53Wa1A-Jqdy-2ZiAW4uGYdGfBcTaBE9cP_2NScknKL4xPzs8rSc0r0U1MKdYFsYsyk0pL8otQ2KllIBU5-enpmXnp8UYGRqaGBgYWegbm8QUGAMZfKi4"
content-security-policy
script-src 'report-sample' 'nonce-8-S14EsQxJwdSTrGtWu00A' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
cache-control
no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy
same-origin
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
access-control-allow-origin
https://rucotvorny.blogspot.com
content-length
0
x-xss-protection
0
server
ESF
AGSKWxWA9HGBI3f2Y_E9H11CjeqmoA3LoP9F7v9V4XPwTxQbioARPseXwr0Cqf26vn7QoBGqCKGOFsedj9UpHKaaHJsG_4fekOwcHTKGL7HQXD6yz7k4WXkCQ-2q8AlyjFmnyL5pFvocSg==
fundingchoicesmessages.google.com/f/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxWA9HGBI3f2Y_E9H11CjeqmoA3LoP9F7v9V4XPwTxQbioARPseXwr0Cqf26vn7QoBGqCKGOFsedj9UpHKaaHJsG_4fekOwcHTKGL7HQXD6yz7k4WXkCQ-2q8AlyjFmnyL5pFvocSg==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzYwMDQ2NjEwLDc4NzAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzddXSwiaHR0cHM6Ly9ydWNvdHZvcm55LmJsb2dzcG90LmNvbS8iLG51bGwsW1s4LCIyTFMycXB1LVEwbyJdLFs5LCJkZSJdLFsxOSwiMSJdLFsxNywiWzBdIl0sWzI0LCIiXSxbMjksInRydWUiXV1d
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.de.2LS2qpu-Q0o.es5.O/d=1/rs=AJlcJMzhK-LxljVta9U6aOcqbjasdq_WzA/m=kernel_loader,loader_js_executable
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.46 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f14.1e100.net
Software
ESF /
Resource Hash
beef1ddf7424b4bb8fcd79d912197b49bf417dee0e2b30359771ae4b5e8194e9
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-H77ok_JfNqFQyNBou1wfwA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36
Referer
https://rucotvorny.blogspot.com/

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Mon, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Thu, 09 Oct 2025 21:50:10 GMT
content-type
application/javascript; charset=utf-8
x-frame-options
SAMEORIGIN
reporting-endpoints
default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjStDikmLw0JBiOHnrNtNFIG69eY51KhAbKlxidQTiD_WXWX8AcZHEFdYmIP5UdYNVqPoGaxL7TdYiIDY9eIvVFYjN_G6z2gFxtbsXWzMQ7_vvy3YMiIV4OCbdWXCcTWDFkwMdzEoaSfmF8cn5eSVFmUmlJflFaclpqcWpRWWpRfFGBkamhgYGFnoGJvEFBgDC8zvz"
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-H77ok_JfNqFQyNBou1wfwA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
cache-control
no-cache, no-store, max-age=0, must-revalidate
timing-allow-origin
*
cross-origin-opener-policy
same-origin
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-resource-policy
cross-origin
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-xss-protection
0
server
ESF
AGSKWxU9O7toJ8yNK_GN_qRuEi9LwzdXaQSXq9VTJ67GF-2C41FYRr_-w8WZ7_EUaniFSsY0G3xuGcTOzvV45lU0dGNpsHiaehrcGRmYc-eoLBQtE4N4Q8pDHSghnrtGSTZMru2PE_kMIQ==
fundingchoicesmessages.google.com/el/ 		0
28 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxU9O7toJ8yNK_GN_qRuEi9LwzdXaQSXq9VTJ67GF-2C41FYRr_-w8WZ7_EUaniFSsY0G3xuGcTOzvV45lU0dGNpsHiaehrcGRmYc-eoLBQtE4N4Q8pDHSghnrtGSTZMru2PE_kMIQ==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.de.2LS2qpu-Q0o.es5.O/d=1/rs=AJlcJMzhK-LxljVta9U6aOcqbjasdq_WzA/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.46 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f14.1e100.net
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-R5uxv-vYEM_I8sHFQ6Sp0w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36
Content-Type
text/plain
Referer
https://rucotvorny.blogspot.com/

Response headers

access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
x-content-type-options
nosniff
expires
Mon, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Thu, 09 Oct 2025 21:50:10 GMT
content-type
text/html; charset=utf-8
x-frame-options
SAMEORIGIN
reporting-endpoints
default="/_/ContributorLoggingHttp/web-reports?context=eJzjUtDikmII1pBi-FB_mfUHEJv53Wa1A-Jqdy-2ZiAW4uGYdGfBcTaBFSfOTGVWcknKL4xPzs8rSc0r0U1MKdYFsYsyk0pL8otQ2KllIBU5-enpmXnp8UYGRqaGBgYWegbm8QUGAJ-5KaQ"
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-R5uxv-vYEM_I8sHFQ6Sp0w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
cache-control
no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy
same-origin
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
access-control-allow-origin
https://rucotvorny.blogspot.com
content-length
0
x-xss-protection
0
server
ESF
3f2B4x52120_r_1.gif
cdn.admediatex.net/468x60/ Frame DD49 		18 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.admediatex.net/468x60/3f2B4x52120_r_1.gif
Requested by
Host: cdn.admediatex.net
URL: https://cdn.admediatex.net/468x60/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.3 , Ascension Island, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
604f5838638f8c61be1d4bdbe64bde77716b6019ce012dff4f25bdcb38050888

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36
Referer
https://cdn.admediatex.net/468x60/

Response headers

cf-cache-status
HIT
etag
"49b4-63ca1f14-8c27fb6202e8a605;;;"
age
255405
report-to
{"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=Tn9gW1warJk0Ypy1wATsTYj0SL7U5ec4W%2FkomPbhjuhm4qun0z%2FZ03bVod7vmS9sV0%2FgmvQvl4z1eeoU8CHqpsK%2F3Vc6rA14QUv%2FIn35uLgFJg%3D%3D"}]}
expires
Mon, 13 Oct 2025 22:53:25 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
date
Thu, 09 Oct 2025 21:50:10 GMT
content-type
image/gif
last-modified
Fri, 20 Jan 2023 04:56:52 GMT
vary
User-Agent, accept-encoding
priority
u=2,i
cache-control
public, max-age=604800
nel
{"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
cf-ray
98c117967bfb3665-FRA
accept-ranges
bytes
content-length
18868
x-turbo-charged-by
LiteSpeed
server
cloudflare
gate.php
linkslot.ru/ 		2 B
155 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://linkslot.ru/gate.php?d2=d5e0c8d9e6ddd8eccfeb96c9d4d2d2d8dae1db97ddd0df8b9a9e98a39c9a95978caa84a28b989f999b959ea89d9aaa97a6a0
Requested by
Host: linkslot.ru
URL: https://linkslot.ru/bancode_new.php?id=365870
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
79.137.227.162 , Russian Federation, ASN12695 (DINET-AS LLC Digital Network, RU),
Reverse DNS
Software
nginx/1.26.2 / PHP/7.4.33
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36
Referer
https://rucotvorny.blogspot.com/

Response headers

access-control-allow-origin
*
content-encoding
gzip
date
Thu, 09 Oct 2025 21:54:50 GMT
content-type
text/html;charset=utf-8
x-powered-by
PHP/7.4.33
server
nginx/1.26.2
valid2.php
admediatex.net/serve/ 		0
449 B 		Script
General
Check archive.org
Download Go to
Full URL
https://admediatex.net/serve/valid2.php?b=468x60&c=savah1&take=828&tier=2&referr=&t=1760046610&h=bdbdcbfbafbb
Requested by
Host: admediatex.net
URL: https://admediatex.net/serve/valid.php?a=5303&b=468x60&referr=&t=1760046610&c=savah1&doma=0&dcat=40&h=ceabfaefdb
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 , Ascension Island, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/5.6.40
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36
Referer
https://rucotvorny.blogspot.com/

Response headers

nel
{"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
content-encoding
zstd
cf-cache-status
DYNAMIC
report-to
{"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=DpVDpo0S1rMDCXZq9WzSKEbJSYh%2FFwEDzRaGz9xF5gxDpaanOydz%2BvJbf8QY2ydCGU2SSVA3Mt0yu6cHru2lkSPTOHHbYFwPbt2T%2FGoE"}]}
cf-ray
98c11811e812d2a8-FRA
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
date
Thu, 09 Oct 2025 21:50:30 GMT
content-type
text/html; charset=UTF-8
vary
Accept-Encoding
server
cloudflare
priority
u=3,i=?0
x-powered-by
PHP/5.6.40

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
super-traf.ru
URL
https://super-traf.ru/earn/partner/get?id=28879&type=1&code=1756324560
Domain
webtrafic.ru
URL
https://webtrafic.ru/ads.php?uid=11507
Domain
adslinks.ru
URL
https://adslinks.ru/bancode.php?id=2930

Verdicts & Comments Add Verdict or Comment

71 JavaScript Window variables

These are the non-standard variables defined on the window object. These include var declarations and global functions and can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| adsbygoogle string| a string| b string| network function| ClipboardJS object| google_js_reporting_queue number| google_srt boolean| BGtEY object| google_logging_queue object| ggeac object| google_persistent_state_async object| google_tag_data object| google_reactive_ads_global_state object| google_ad_modifications object| google_sa_queue function| google_process_slots number| google_unique_id number| google_rum_task_id_counter string| google_user_agent_client_hint function| $ function| jQuery number| random function| google_sa_impl object| googlefc boolean| adsbygoogle_ama_fc_has_run boolean| googFloatingToolbarManagerAsyncPositionUpdate object| ls_code function| lsOrder function| lsStHex function| LiNKsloT string| welcome string| lsGT string| lsPR function| lsRT object| lsHT object| lsDS object| lsDv string| lsLN string| lsID string| lsPD string| x string| lsRX number| lsT0 string| hash string| lsNA function| lsSF function| lsMF object| node object| default_ContributorServingResponseClientJs object| _F_toggles_default_ContributorServingResponseClientJs object| __googlefc string| __fcInvoked string| __fcexpdef string| OTJkNTUwNTg1ZGIzYjgwY2xvYWRlcl9qcw== string| OTJkNTUwNTg1ZGIzYjgwY2NhY2hlZF9qcw== object| __fcInternalApiManager boolean| __fcInternalApiPostMessageReady object| __tcfapiEventListeners function| __tcfapi object| __tcfapiManager boolean| __tcfapiPostMessageReady

1 Cookies

Domain/Path Name / Value
.is.gd/ Name: __cf_bm
Value: BhbjUDl9O4bebIF2R6svGesJA4.fDdhkze72Vn5LVro-1760046610-1.0.1.1-ClFFzfG0kYRdtSHV2oMb2fL3z4fpXeCq_XscizZ30y060bZwgw3LkD_C8HSnz1KC_BGT6fH93zsT72jYCxLBCMtKcLcKIMeAPTe3UHukd9g

4 Console Messages

Source Level URL
Text
javascript warning URL: https://admediatex.net/serve/ads.js
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://cdn.jsdelivr.net/jquery/3.0.0-rc1/jquery.min.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: https://admediatex.net/serve/ads.js
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://cdn.jsdelivr.net/jquery/3.0.0-rc1/jquery.min.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: https://rucotvorny.blogspot.com/(Line 2543)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://admediatex.net/serve/ads.php?a=5303&b=468x60&random=90184827&referr=, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: https://rucotvorny.blogspot.com/(Line 2543)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://admediatex.net/serve/ads.php?a=5303&b=468x60&random=90184827&referr=, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

admediatex.net
adslinks.ru
adz2you.xyz
cdn.admediatex.net
cdn.jsdelivr.net
fonts.gstatic.com
fundingchoicesmessages.google.com
is.gd
lh3.googleusercontent.com
linkslot.ru
pagead2.googlesyndication.com
resources.blogblog.com
rucotvorny.blogspot.com
super-traf.ru
themes.googleusercontent.com
webtrafic.ru
www.blogger.com
www.gstatic.com
xml.qualiclicks.com
adslinks.ru
super-traf.ru
webtrafic.ru
104.25.233.53
142.250.185.105
142.250.185.129
142.250.185.130
142.250.185.195
142.250.185.65
142.250.185.97
142.250.186.169
142.250.186.35
142.250.186.46
151.101.1.229
172.67.162.200
188.114.96.3
188.114.97.3
198.134.116.18
79.137.227.162
068ffe90977f2b5b2dc2ef18572166e85281bd0ecb31c4902464b23db54d2568
20b535fa80c8189e3b87d1803038389960203a886d502bc2ef1857affc2f38d2
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
516eac1339d03b352f41f338f59a145b7d0336732844761bbba3b5aa451d72b2
5dca922a1f7dee3cd69326b0a575c634c4d969d0cabb4773f95f3f508639f6c0
604f5838638f8c61be1d4bdbe64bde77716b6019ce012dff4f25bdcb38050888
6a5482e0dc4e77a6be20281b13d7ef4d8b67521e73b66bc633ea4e4242934be9
73d16aca9b019e42dd2de3a10e5049b5606268ce0d8e3a167b05b37acb9b0e9c
746151fda02f1348c71ad3e21c5d26a11f62b301d52202e3a1d298c0941b7a04
7511fc1573d0fd386edba6b764b3d97a7e47eb91ea5beb2f99d0b2ddecec8106
7a847f9dbc5e84f035bc66c93b654b8132f1c9e173af9cb20e84d046cb2e85c7
8202913da4eee6ef1ec7f679149b96a2c4565ce1ad055016af5af32ab7b7afe1
91bec22f9a8ab34fc02e13cd82f4272080fe54abf7b6061b7faa2514c7183125
9266f62ba2457ec4f6047108acda9e5d0d17e33e8085dcbfe08e918293c1e27c
92e40dc4bbb485a182b796c58e6da7974cb8a6a84fdb4548ace3b85c991f0f94
982aae7dfd526a0df831e08ef4efef3916e0a3d9301347951746962f4a462cb8
998162905168e8b9aa33e00840bda808421955195021cf76e73e06a8825dc037
a3c83aea7f17ad041dcd28c45bdfd68acc703988f589e7c4090726740648a773
a9d5dc274f2ed85eeb5bae6e1219f8ceb5b1e3cd078a20d7d4b78e2e960f3e12
aee581734f87a71367b050aa1324b1d851b2c4178459572742160d43175b7be6
beef1ddf7424b4bb8fcd79d912197b49bf417dee0e2b30359771ae4b5e8194e9
c06ca3fcbc5f7c37ebb7c86a69502009911ecd8183811bae02f9b1fbb0541ddb
d012cfa1d2f449adb90718ea5189ff71ba01da8e271e2d14af1969d6aa8d9423
d8c7edeb33ef15c59445690192a22ceb364b459a4bbf5819605af6708f9923ec
df68e90250b9a60fc184ef194d1769d3af8aa67396cc064281cb77e2ef6bf876
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4ab3717950d92e3d60d003c0970c0917e1fd73e718db8a61f20ab390c22cd86
e9e3de15938e6ba26ca80af5480961a636260e376f729ab08199b1cb71bcfaa3