ruspornusha.cc Open in urlscan Pro
2a06:98c1:3121::3 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://ruspornusha.cc/video/12126/
Submission: On March 19 via api (March 19th 2024, 2:03:12 pm UTC) from US — Scanned from NL

Summary HTTP 94 Redirects Links 2 Behaviour Indicators

Summary

This website contacted 28 IPs in 6 countries across 39 domains to perform 94 HTTP transactions. The main IP is 2a06:98c1:3121::3, located in United States and belongs to CLOUDFLARENET, US. The main domain is ruspornusha.cc.
TLS certificate: Issued by E1 on February 21st 2024. Valid for: 3 months.

This is the only time ruspornusha.cc was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 29	2a06:98c1:312... 2a06:98c1:3121::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:827::200a	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:806::2003	15169 (GOOGLE) (GOOGLE)
5	88.208.22.1 88.208.22.1	39572 (ADVANCEDH...) (ADVANCEDHOSTERS-AS)
9	45.133.44.52 45.133.44.52	39572 (ADVANCEDH...) (ADVANCEDHOSTERS-AS)
8	2a05:93c4:27::1 2a05:93c4:27::1	7979 (SERVERS-COM) (SERVERS-COM)
2	2606:4700:20:... 2606:4700:20::ac43:492d	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 2	88.212.201.198 88.212.201.198	39134 (UNITEDNET) (UNITEDNET)
1	193.200.64.162 193.200.64.162	6681 (GIVEME-CLOUD) (GIVEME-CLOUD)
2	2a00:1450:400... 2a00:1450:4001:812::2002	15169 (GOOGLE) (GOOGLE)
1	2a03:2880:f17... 2a03:2880:f176:181:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
4	45.133.44.24 45.133.44.24	39572 (ADVANCEDH...) (ADVANCEDHOSTERS-AS)
2	88.198.204.166 88.198.204.166	24940 (HETZNER-AS) (HETZNER-AS)
1	2606:4700:303... 2606:4700:3032::ac43:ae33	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a01:4f8:e0:1... 2a01:4f8:e0:19cb::1	24940 (HETZNER-AS) (HETZNER-AS)
2	157.90.84.242 157.90.84.242	24940 (HETZNER-AS) (HETZNER-AS)
2 3	2a00:1450:400... 2a00:1450:400c:c0a::54	15169 (GOOGLE) (GOOGLE)
1	167.235.163.216 167.235.163.216	24940 (HETZNER-AS) (HETZNER-AS)
4	2a01:4f8:1060... 2a01:4f8:1060:13eb::2	24940 (HETZNER-AS) (HETZNER-AS)
5	2a02:128:7:49... 2a02:128:7:4966::2	50245 (SERVEREL-AS) (SERVEREL-AS)
2	2a02:b48:8301... 2a02:b48:8301::24	39572 (ADVANCEDH...) (ADVANCEDHOSTERS-AS)
1 1	2a02:b4a:1:6::3 2a02:b4a:1:6::3	39572 (ADVANCEDH...) (ADVANCEDHOSTERS-AS)
1	45.133.44.33 45.133.44.33	39572 (ADVANCEDH...) (ADVANCEDHOSTERS-AS)
1	109.206.176.116 109.206.176.116	50245 (SERVEREL-AS) (SERVEREL-AS)
2	2a02:128:7:52... 2a02:128:7:5241::2	50245 (SERVEREL-AS) (SERVEREL-AS)
2	62.122.173.152 62.122.173.152	50245 (SERVEREL-AS) (SERVEREL-AS)
1	2a02:128:7:54... 2a02:128:7:5417::2	50245 (SERVEREL-AS) (SERVEREL-AS)
1	2a02:128:7:48... 2a02:128:7:4860::2	50245 (SERVEREL-AS) (SERVEREL-AS)
94	28

29 2a06:98c1:3121::3 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

ruspornusha.cc	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
vidosikov.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:827::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:806::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 88.208.22.1 (Netherlands)

ASN39572 (ADVANCEDHOSTERS-AS, NL)
PTR: mail.armadaboard.com

31825.novemberadventures.name	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 45.133.44.52 (Philadelphia, United States)

ASN39572 (ADVANCEDHOSTERS-AS, NL)

js.wpadmngr.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
js.capndr.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
b8cd6b2b28.fd4115aecd.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
js.wpushsdk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
js.canstrm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a05:93c4:27::1 (Netherlands)

ASN7979 (SERVERS-COM, US)

rdrctgoweb.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
mikellli.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
riamiavid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
mybmrtrg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:20::ac43:492d (United States)

ASN13335 (CLOUDFLARENET, US)

trandgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 88.212.201.198 (Russian Federation) 1 redirects

ASN39134 (UNITEDNET, RU)
PTR: host198.rax.ru

counter.yadro.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 193.200.64.162 (Amsterdam, Netherlands)

ASN6681 (GIVEME-CLOUD, PL)
PTR: unallocated.giveme.network

jkha742.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f176:181:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 45.133.44.24 (Philadelphia, United States)

ASN39572 (ADVANCEDHOSTERS-AS, NL)

na.nawpush.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
imdn.pics	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 88.198.204.166 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.88-198-204-166.clients.your-server.de

notification.tubecup.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3032::ac43:ae33 (United States)

ASN13335 (CLOUDFLARENET, US)

storage.multstorage.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a01:4f8:e0:19cb::1 (Ehingen, Germany)

ASN24940 (HETZNER-AS, DE)

ntvpforever.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 157.90.84.242 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.242.84.90.157.clients.your-server.de

fp.metricswpsh.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:400c:c0a::54 (Brussels, Belgium) 2 redirects

ASN15169 (GOOGLE, US)

accounts.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 167.235.163.216 (Bühl, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.216.163.235.167.clients.your-server.de

nereserv.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a01:4f8:1060:13eb::2 (Germany)

ASN24940 (HETZNER-AS, DE)

1173fc98f8.871981043f.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a02:128:7:4966::2 (Czech Republic)

ASN50245 (SERVEREL-AS, US)

vast.yomeno.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:b48:8301::24 (Netherlands)

ASN39572 (ADVANCEDHOSTERS-AS, NL)

static.bookmsg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:b4a:1:6::3 (Netherlands) 1 redirects

ASN39572 (ADVANCEDHOSTERS-AS, NL)

txukfs.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 45.133.44.33 (Philadelphia, United States)

ASN39572 (ADVANCEDHOSTERS-AS, NL)

i.wmgtr.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 109.206.176.116 (Amsterdam, Netherlands)

ASN50245 (SERVEREL-AS, US)
PTR: 116.176.serverel.net

3txxx.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:128:7:5241::2 (Czech Republic)

ASN50245 (SERVEREL-AS, US)

kts.sensitiveclick.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 62.122.173.152 (Amsterdam, Netherlands)

ASN50245 (SERVEREL-AS, US)
PTR: 62.122.173.152.serverel.net

r.visitstats.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:128:7:5417::2 (Czech Republic)

ASN50245 (SERVEREL-AS, US)

kts.cvastico.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:128:7:4860::2 (Czech Republic)

ASN50245 (SERVEREL-AS, US)

whoisezh.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
21	ruspornusha.cc 1 redirects ruspornusha.cc	532 KB
8	vidosikov.com vidosikov.com	154 KB
5	yomeno.xyz vast.yomeno.xyz — Cisco Umbrella Rank: 40725	22 KB
5	novemberadventures.name 31825.novemberadventures.name — Cisco Umbrella Rank: 920866	15 KB
4	871981043f.com 1173fc98f8.871981043f.com	7 KB
3	imdn.pics imdn.pics — Cisco Umbrella Rank: 19813	28 KB
3	google.com 2 redirects accounts.google.com — Cisco Umbrella Rank: 62	2 KB
3	canstrm.com js.canstrm.com — Cisco Umbrella Rank: 85579	187 KB
3	rdrctgoweb.com rdrctgoweb.com — Cisco Umbrella Rank: 252013	31 KB
2	visitstats.com r.visitstats.com — Cisco Umbrella Rank: 169877	2 KB
2	sensitiveclick.com kts.sensitiveclick.com — Cisco Umbrella Rank: 140074	2 KB
2	bookmsg.com static.bookmsg.com — Cisco Umbrella Rank: 26943	2 KB
2	metricswpsh.com fp.metricswpsh.com — Cisco Umbrella Rank: 26585	433 B
2	wpushsdk.com js.wpushsdk.com — Cisco Umbrella Rank: 53153	153 KB
2	ntvpforever.com ntvpforever.com — Cisco Umbrella Rank: 45035	245 B
2	tubecup.net notification.tubecup.net — Cisco Umbrella Rank: 10426	2 KB
2	riamiavid.com riamiavid.com — Cisco Umbrella Rank: 110342	23 KB
2	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 143
2	yadro.ru 1 redirects counter.yadro.ru — Cisco Umbrella Rank: 8467	2 KB
2	trandgid.com trandgid.com — Cisco Umbrella Rank: 146426	24 KB
2	mikellli.com mikellli.com — Cisco Umbrella Rank: 502191	21 KB
2	wpadmngr.com js.wpadmngr.com — Cisco Umbrella Rank: 11585	36 KB
2	gstatic.com fonts.gstatic.com	59 KB
1	whoisezh.com whoisezh.com — Cisco Umbrella Rank: 223480	113 B
1	cvastico.com kts.cvastico.com — Cisco Umbrella Rank: 56056
1	3txxx.com 3txxx.com — Cisco Umbrella Rank: 165169	1 KB
1	wmgtr.com i.wmgtr.com — Cisco Umbrella Rank: 12501	14 KB
1	txukfs.xyz 1 redirects txukfs.xyz — Cisco Umbrella Rank: 63966	137 B
1	nereserv.com nereserv.com — Cisco Umbrella Rank: 26516	201 B
1	fd4115aecd.com b8cd6b2b28.fd4115aecd.com	207 B
1	multstorage.com storage.multstorage.com — Cisco Umbrella Rank: 22485	902 B
1	mybmrtrg.com mybmrtrg.com — Cisco Umbrella Rank: 479485	366 B
1	capndr.com js.capndr.com — Cisco Umbrella Rank: 28844	238 B
1	nawpush.com na.nawpush.com — Cisco Umbrella Rank: 39934	4 KB
1	facebook.com www.facebook.com — Cisco Umbrella Rank: 98
1	jkha742.xyz jkha742.xyz — Cisco Umbrella Rank: 118633	193 B
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 110	1 KB
0	denebalgiedi.top Failed neq.denebalgiedi.top Failed
0	reallifeforyouandme_block.com Failed reallifeforyouandme_block.com Failed
94	39

	Domain	Requested by
21	ruspornusha.cc	1 redirects ruspornusha.cc
8	vidosikov.com	ruspornusha.cc vidosikov.com
5	vast.yomeno.xyz	js.canstrm.com
5	31825.novemberadventures.name	ruspornusha.cc 31825.novemberadventures.name
4	1173fc98f8.871981043f.com	js.wpushsdk.com
3	imdn.pics
3	accounts.google.com	2 redirects
3	js.canstrm.com	js.wpadmngr.com js.canstrm.com 3txxx.com
3	rdrctgoweb.com	ruspornusha.cc rdrctgoweb.com
2	r.visitstats.com	js.canstrm.com
2	kts.sensitiveclick.com	js.canstrm.com
2	static.bookmsg.com
2	fp.metricswpsh.com	js.wpadmngr.com
2	js.wpushsdk.com	js.wpadmngr.com js.wpushsdk.com
2	ntvpforever.com	js.wpadmngr.com
2	notification.tubecup.net	js.wpadmngr.com
2	riamiavid.com	mikellli.com rdrctgoweb.com
2	pagead2.googlesyndication.com	31825.novemberadventures.name
2	counter.yadro.ru	1 redirects
2	trandgid.com	ruspornusha.cc trandgid.com
2	mikellli.com	ruspornusha.cc mikellli.com
2	js.wpadmngr.com	ruspornusha.cc js.wpadmngr.com
2	fonts.gstatic.com	fonts.googleapis.com
1	whoisezh.com
1	kts.cvastico.com	js.canstrm.com
1	3txxx.com	js.canstrm.com
1	i.wmgtr.com
1	txukfs.xyz	1 redirects
1	nereserv.com	js.wpushsdk.com
1	b8cd6b2b28.fd4115aecd.com	js.wpadmngr.com
1	storage.multstorage.com	js.wpadmngr.com
1	mybmrtrg.com	mikellli.com
1	js.capndr.com	js.wpadmngr.com
1	na.nawpush.com	js.wpadmngr.com
1	www.facebook.com
1	jkha742.xyz	ruspornusha.cc
1	fonts.googleapis.com	ruspornusha.cc
0	neq.denebalgiedi.top Failed
0	reallifeforyouandme_block.com Failed	ruspornusha.cc
94	39

This site contains links to these domains. Also see Links.

Domain
ruspornusha.com
www.liveinternet.ru

Subject Issuer	Validity	Valid
ruspornusha.cc E1	`2024-02-21` - `2024-05-21`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2024-02-19` - `2024-05-13`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2024-02-19` - `2024-05-13`	3 months	crt.sh
*.novemberadventures.name R3	`2024-01-30` - `2024-04-29`	3 months	crt.sh
js.wpadmngr.com R3	`2024-03-11` - `2024-06-09`	3 months	crt.sh
rdrctgoweb.com R3	`2024-02-10` - `2024-05-10`	3 months	crt.sh
mikellli.com R3	`2024-02-15` - `2024-05-15`	3 months	crt.sh
vidosikov.com GTS CA 1P5	`2024-02-08` - `2024-05-08`	3 months	crt.sh
trandgid.com GTS CA 1P5	`2024-02-23` - `2024-05-23`	3 months	crt.sh
jkha742.xyz R3	`2024-02-06` - `2024-05-06`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2024-02-19` - `2024-05-13`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2023-12-27` - `2024-03-26`	3 months	crt.sh
na.nawpush.com R3	`2024-01-28` - `2024-04-27`	3 months	crt.sh
js.capndr.com R3	`2024-02-21` - `2024-05-21`	3 months	crt.sh
riamiavid.com R3	`2024-03-16` - `2024-06-14`	3 months	crt.sh
mybmrtrg.com R3	`2024-02-06` - `2024-05-06`	3 months	crt.sh
notification.tubecup.net R3	`2024-02-09` - `2024-05-09`	3 months	crt.sh
multstorage.com GTS CA 1P5	`2024-03-17` - `2024-06-15`	3 months	crt.sh
b8cd6b2b28.fd4115aecd.com R3	`2024-03-16` - `2024-06-14`	3 months	crt.sh
js.wpushsdk.com R3	`2024-03-12` - `2024-06-10`	3 months	crt.sh
js.canstrm.com R3	`2024-03-19` - `2024-06-17`	3 months	crt.sh
871981043f.com R3	`2024-03-15` - `2024-06-13`	3 months	crt.sh
vast.yomeno.xyz R3	`2024-01-23` - `2024-04-22`	3 months	crt.sh
static.bookmsg.com R3	`2024-02-05` - `2024-05-05`	3 months	crt.sh
3txxx.com R3	`2024-03-13` - `2024-06-11`	3 months	crt.sh
sensitiveclick.com R3	`2024-02-29` - `2024-05-29`	3 months	crt.sh
r.visitstats.com R3	`2024-02-26` - `2024-05-26`	3 months	crt.sh
kts.cvastico.com R3	`2024-02-04` - `2024-05-04`	3 months	crt.sh
imdn.pics R3	`2024-03-12` - `2024-06-10`	3 months	crt.sh
whoisezh.com R3	`2024-02-12` - `2024-05-12`	3 months	crt.sh

This page contains 11 frames:

Primary Page: https://ruspornusha.cc/video/12126/
Frame ID: 5D396B3DEB3C2AD63B8CB19C9B099643
Requests: 56 HTTP requests in this frame

Frame: https://ruspornusha.cc/embed/33830
Frame ID: CD5B23446C01628F13C41D02709873B9
Requests: 15 HTTP requests in this frame

Frame: https://vidosikov.com/player/player_ads.html?advertising_id=0.019532493127785155&adzone=0.8126917758936971
Frame ID: 72158EFA6FB747159E47D52CCA3EEBF4
Requests: 1 HTTP requests in this frame

Frame: https://ruspornusha.cc/cdn-cgi/challenge-platform/h/g/scripts/jsd/956dacbeead0/main.js
Frame ID: 44FFDCC3FBC94A81CB75AF01290F4BE5
Requests: 2 HTTP requests in this frame

Frame: https://riamiavid.com/sweetie/check.min.js
Frame ID: CD8C9EAD670490BDDD8ECA73D6E02872
Requests: 1 HTTP requests in this frame

Frame: https://mybmrtrg.com/cc
Frame ID: 2A1E4D94CB8DE08219A7C5125E6C0B47
Requests: 1 HTTP requests in this frame

Frame: https://riamiavid.com/sweetie/check.min.js
Frame ID: CB9A027F27038EFBD47A5223E13830DA
Requests: 1 HTTP requests in this frame

Frame: https://vidosikov.com/player/player_ads.html?advertising_id=0.019532493127785155&adzone=0.8126917758936971
Frame ID: C8E52C53F8D05B2B97BB2D42E76705AF
Requests: 1 HTTP requests in this frame

Frame: https://storage.multstorage.com/log/count.html
Frame ID: 4F61B702E79F10EDC1AF8CC29D3C732C
Requests: 1 HTTP requests in this frame

Frame: data://truncated
Frame ID: C52C6CEC72CCF350CD91E3B4F9948EB5
Requests: 2 HTTP requests in this frame

Frame: https://3txxx.com/v.html?player_url=https%3A%2F%2Fjs.canstrm.com%2Fvast-vpaid-player%2Fmain.js
Frame ID: A7E759B5AC2B5FC24B44F3CF430218ED
Requests: 14 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Сын по принуждению трахнул мать в сексуальном белье и залил ее лицо спермой ⌚ 19:20 Русское Порно № 12126

Detected technologies

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

94
Requests

94 %
HTTPS

61 %
IPv6

39
Domains

39
Subdomains

28
IPs

6
Countries

1322 kB
Transfer

3561 kB
Size

4
Cookies

2 Outgoing links

These are links going to different origins than the main page.

URL: https://ruspornusha.com/
Title: русская порнуха руками

Search URL Search Domain Scan URL

URL: https://www.liveinternet.ru/click

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 25

https://counter.yadro.ru/hit?t40.6;r;s1600*1200*24;uhttps%3A//ruspornusha.cc/video/12126/;h%u0421%u044B%u043D%20%u043F%u043E%20%u043F%u0440%u0438%u043D%u0443%u0436%u0434%u0435%u043D%u0438%u044E%20%u0442%u0440%u0430%u0445%u043D%u0443%u043B%20%u043C%u0430%u0442%u044C%20%u0432%20%u0441%u0435%u043A%u0441%u0443%u0430%u043B%u044C%u043D%u043E%u043C%20%u0431%u0435%u043B%u044C%u0435%20%u0438%20%u0437%u0430%u043B%u0438%u043B%20%u0435%u0435%20%u043B%u0438%u0446%u043E%20%u0441%u043F%u0435%u0440%u043C%u043E%u0439%20%u231A%2019%3A20%20%u0420%u0443%u0441%u0441%u043A%u043E%u0435%20%u041F%u043E%u0440%u043D%u043E%20%u2116%2012126;0.15667377442196595 HTTP 302
https://counter.yadro.ru/hit?q;t40.6;r;s1600*1200*24;uhttps%3A//ruspornusha.cc/video/12126/;h%u0421%u044B%u043D%20%u043F%u043E%20%u043F%u0440%u0438%u043D%u0443%u0436%u0434%u0435%u043D%u0438%u044E%20%u0442%u0440%u0430%u0445%u043D%u0443%u043B%20%u043C%u0430%u0442%u044C%20%u0432%20%u0441%u0435%u043A%u0441%u0443%u0430%u043B%u044C%u043D%u043E%u043C%20%u0431%u0435%u043B%u044C%u0435%20%u0438%20%u0437%u0430%u043B%u0438%u043B%20%u0435%u0435%20%u043B%u0438%u0446%u043E%20%u0441%u043F%u0435%u0440%u043C%u043E%u0439%20%u231A%2019%3A20%20%u0420%u0443%u0441%u0441%u043A%u043E%u0435%20%u041F%u043E%u0440%u043D%u043E%20%u2116%2012126;0.15667377442196595

Request Chain 40

https://ruspornusha.cc/cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP 302
https://ruspornusha.cc/cdn-cgi/challenge-platform/h/g/scripts/jsd/956dacbeead0/main.js

Request Chain 66

https://accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fm.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube HTTP 302
https://accounts.google.com/InteractiveLogin?continue=https://m.youtube.com/favicon.ico&hl=en&passive=true&service=youtube&uilel=3&ifkv=ARZ0qKKccKeYI1oie3pWdLaJMCWQRS_73WwtPduPrPwmHnnRtKfIcIDxorQK_qJsUMKLzLabYryF HTTP 302
https://accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fm.youtube.com%2Ffavicon.ico&hl=en&ifkv=ARZ0qKIhfJ-Ht7RSNRbCB_uSgPEZqQVXx0VtpHJC-bvupIsltN1N3QG0Ui0uTg2kL8g4uK1cuMXo&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S-1828571268%3A1710856988157381&theme=glif&ddm=0

Request Chain 81

https://txukfs.xyz/dsp/ph/icm?aid=15893706871933256804&mid=0&sid=1826&t=1710856988&subid=14682170&pattern1=0&pattern2=0&pattern3=0&pattern4=0&pattern5=0&format=gamblingBlueMessage-view-b_r-body&st=0.02&cpa=9b51f88a-01e7-4acc-8ca0-3a9637aec0bc&prev_step_diff=433 HTTP 302
https://i.wmgtr.com/cic/Uh3JMYdTQ03Q0HLCtBrQPeIx2vO0v7dY.png

94 HTTP transactions
5 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
ruspornusha.cc/video/12126/ 44 KB
11 KB 83ms
31ms Document
text/html 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ruspornusha.cc/video/12126/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.2.34
Resource Hash: 6dc83628c6224d6c654f52d1b217b2cbcfe0e06fb8b56c0da0b16bbc0236c5c2

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

age: 5
alt-svc: h3=":443"; ma=86400
cache-control: max-age=86400
cf-cache-status: HIT
cf-ray: 866e01084a965c3c-AMS
content-encoding: br
content-type: text/html; charset=UTF-8
date: Tue, 19 Mar 2024 14:03:06 GMT
expires: Tue, 19 Mar 2024 14:03:01 GMT
last-modified: Tue, 19 Mar 2024 14:03:01 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=zPEK9D5OEWdApniYmKIuBRVqbQLCBqWMIh%2Fs1JCqH2lmU8YYv9hypW2dO8KRuzl7MX4V9efwPBpJGHuzFBAo05Kvch%2FDZwudntVGgWUczpUXvr4mb53CpqXzNcg1UmOyVBiLRDIrFDyb%2B7tDcw%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-powered-by: PHP/7.2.34

GET
H2 200 index.php
ruspornusha.cc/engine/classes/min/ 144 KB
32 KB 29ms
28ms Stylesheet
text/css 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ruspornusha.cc/engine/classes/min/index.php?f=/templates/ruspornusha/css/common.css,/templates/ruspornusha/css/styles.css,/templates/ruspornusha/css/engine.css,/templates/ruspornusha/css/fontawesome.css&v=1
Requested by: Host: ruspornusha.cc
URL: https://ruspornusha.cc/video/12126/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.2.34
Resource Hash: 0812738c0cced86916ebe1917ba11c5f97aa19e47d7a8da718ca87d83e1f582a

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ruspornusha.cc/video/12126/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Tue, 19 Mar 2024 14:03:06 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 504082
cf-polished: origSize=155963
x-powered-by: PHP/7.2.34
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Fri, 02 Sep 2022 03:54:16 GMT
server: cloudflare
etag: W/"pub1662090856;gz"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=47lIyMudjsoqA%2BqXjJqpj0GENz5DD8nJ4KgoGYJiOsdHKmLU3BKJ2x6vkX51CvTvLqL7KdxCCIcARZpUgMrPCJ%2B9zKuAbv8zIX%2BDQ6GpbDCTRTos9O0dxFaDodRz%2Bg6t1xAXrYEvJ30FZvcO8A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
cache-control: max-age=31536000
cf-ray: 866e01088ad35c3c-AMS
expires: Thu, 13 Mar 2025 18:01:44 GMT

GET
H2 200 css2
fonts.googleapis.com/ 5 KB
1 KB 91ms
40ms Stylesheet
text/css 2a00:1450:4001:827::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Nunito:wght@400;600;900&display=swap

Requested by

Host: ruspornusha.cc
URL: https://ruspornusha.cc/video/12126/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

ad9da72dbc8ecf5843a484f7767824d3bd4cd20cc0a41487ec7d7837f53ae7dd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ruspornusha.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 19 Mar 2024 14:03:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 19 Mar 2024 14:03:07 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 19 Mar 2024 14:03:07 GMT

GET
H2 200 rocket-loader.min.js Show response
ruspornusha.cc/cdn-cgi/scripts/7d0fa10a/cloudflare-static/ 12 KB
4 KB 17ms
16ms Script
application/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ruspornusha.cc/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Requested by

Host: ruspornusha.cc
URL: https://ruspornusha.cc/video/12126/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ruspornusha.cc/video/12126/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Tue, 19 Mar 2024 14:03:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 12 Mar 2024 18:07:56 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"65f099fc-302c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=pAFQ%2B3tjCQM4BjeVInNMfYMgYsI4UZK48M9Tpgq6HzQjEW9cXynmebMSZ1NwtwyUbxbIhe%2BWglzYtHjhNq8foy6nvfbinej1Wq2D0JUQKujPnr%2BadYpn76aYoCTvl%2Fxsml3TXZFDiUUSvN%2F%2B3w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
x-frame-options: DENY
cache-control: max-age=172800, public
cf-ray: 866e01088ad85c3c-AMS
expires: Thu, 21 Mar 2024 14:03:06 GMT

GET
DATA 200
OK truncated
/ 42 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Content-Type: image/gif

GET
DATA 200
OK truncated
/ 42 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Content-Type: image/gif

GET
H3 200 33830 Show response
ruspornusha.cc/embed/ Frame CD5B 6 KB
3 KB 64ms
63ms Document
text/html 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ruspornusha.cc/embed/33830
Requested by: Host: ruspornusha.cc
URL: https://ruspornusha.cc/video/12126/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.2.34
Resource Hash: 8e46d4f3243d2883713a032c126dfd1070734e90c1f8066f289eda0682050c77

Request headers

Referer: https://ruspornusha.cc/video/12126/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

age: 5
alt-svc: h3=":443"; ma=86400
cache-control: max-age=86400, must-revalidate
cf-cache-status: HIT
cf-ray: 866e01094dec1cbe-AMS
content-encoding: br
content-type: text/html; charset=UTF-8
date: Tue, 19 Mar 2024 14:03:07 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
last-modified: Tue, 19 Mar 2024 14:03:02 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2B4GlLXWmnRT3w2Dymb%2BWj3Gxnv%2FOrja4TZEXMZ6qJkGEF%2BAnf1jLUgGCAfhTzdB6pgGjB6GMs3lYXyLm3YnMpbvc5z9HpYtijtNaJym2Y8aoAtlcO9IftMnhUXLcL%2Bmf"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-powered-by: PHP/7.2.34

GET
H3 200 bg.png
ruspornusha.cc/templates/ruspornusha/images/ 25 KB
26 KB 24ms
24ms Image
image/png 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ruspornusha.cc/templates/ruspornusha/images/bg.png
Requested by: Host: ruspornusha.cc
URL: https://ruspornusha.cc/engine/classes/min/index.php?f=/templates/ruspornusha/css/common.css,/templates/ruspornusha/css/styles.css,/templates/ruspornusha/css/engine.css,/templates/ruspornusha/css/fontawesome.css&v=1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2c8301c16398817ab61aca0b5712d1c74ddffa11d07011efc5d38be0db1ddc8c

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ruspornusha.cc/engine/classes/min/index.php?f=/templates/ruspornusha/css/common.css,/templates/ruspornusha/css/styles.css,/templates/ruspornusha/css/engine.css,/templates/ruspornusha/css/fontawesome.css&v=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Tue, 19 Mar 2024 14:03:07 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 499195
alt-svc: h3=":443"; ma=86400
content-length: 25608
last-modified: Mon, 15 Feb 2021 08:58:16 GMT
server: cloudflare
etag: "602a37a8-6408"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=SKyyONrDgzAH7UlfBpx3Rz%2BxxqNWsbh0uO58fYrC8xGm5QrL4p973fcZIHeQ7yF4s7SIG77vwqkhPM%2BA1uypHTRekA%2BHuaB1NNWc%2FPipab75FfMIyZyUOW9nnofvL568VGe2owO3SlrIuTMHjA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 866e01091db51cbe-AMS
expires: Fri, 12 Apr 2024 19:23:12 GMT

GET
H3 200 logo.svg
ruspornusha.cc/templates/ruspornusha/images/ 5 KB
2 KB 40ms
40ms Image
image/svg+xml 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ruspornusha.cc/templates/ruspornusha/images/logo.svg
Requested by: Host: ruspornusha.cc
URL: https://ruspornusha.cc/engine/classes/min/index.php?f=/templates/ruspornusha/css/common.css,/templates/ruspornusha/css/styles.css,/templates/ruspornusha/css/engine.css,/templates/ruspornusha/css/fontawesome.css&v=1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c2c09105f66aae3b315d3ad89255f3d5783e8e9bd19a3a3429361654fd3e4683

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ruspornusha.cc/engine/classes/min/index.php?f=/templates/ruspornusha/css/common.css,/templates/ruspornusha/css/styles.css,/templates/ruspornusha/css/engine.css,/templates/ruspornusha/css/fontawesome.css&v=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Tue, 19 Mar 2024 14:03:07 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 15 Feb 2021 08:58:16 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 512689
etag: W/"602a37a8-12b5"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5PAFpKejZRIU2JSSrH4l2cVNozUGC6luQHnVj%2F%2BcrB4Knfa0TwFlWah0WhpjeSFWG8YKkcMwLQ9JMl19kU30%2BAQzI1lGN7cCU353HApgNVzlc7TuCfTRIAb7llv3w6KowdK0VzgAsXs%2BC4HBmg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=2592000
cf-ray: 866e01091db81cbe-AMS
alt-svc: h3=":443"; ma=86400
expires: Fri, 12 Apr 2024 15:38:18 GMT

GET
H2 200 XRXV3I6Li01BKofINeaB.woff2
fonts.gstatic.com/s/nunito/v26/ 38 KB
39 KB 274ms
20ms Font
font/woff2 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/nunito/v26/XRXV3I6Li01BKofINeaB.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Nunito:wght@400;600;900&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1a48b70f97555c13f84b8f088a417f9179d99b5101250819350acaf6e91bb92f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://ruspornusha.cc
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Tue, 19 Mar 2024 01:16:08 GMT
x-content-type-options: nosniff
age: 46019
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 39124
x-xss-protection: 0
last-modified: Thu, 14 Sep 2023 00:02:20 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 19 Mar 2025 01:16:08 GMT

GET
H2 200 XRXV3I6Li01BKofIMeaBXso.woff2
fonts.gstatic.com/s/nunito/v26/ 20 KB
20 KB 296ms
43ms Font
font/woff2 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/nunito/v26/XRXV3I6Li01BKofIMeaBXso.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Nunito:wght@400;600;900&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

76baf7ddc2473c482726d7265054924ed50794d89cf2a16496f5b950286b8958

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://ruspornusha.cc
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Tue, 19 Mar 2024 02:19:14 GMT
x-content-type-options: nosniff
age: 42233
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20708
x-xss-protection: 0
last-modified: Thu, 14 Sep 2023 01:23:32 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 19 Mar 2025 02:19:14 GMT

GET
H3 200 fa-regular-400.woff2
ruspornusha.cc/templates/ruspornusha/webfonts/ 166 KB
166 KB 40ms
39ms Font
font/woff2 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ruspornusha.cc/templates/ruspornusha/webfonts/fa-regular-400.woff2
Requested by: Host: ruspornusha.cc
URL: https://ruspornusha.cc/engine/classes/min/index.php?f=/templates/ruspornusha/css/common.css,/templates/ruspornusha/css/styles.css,/templates/ruspornusha/css/engine.css,/templates/ruspornusha/css/fontawesome.css&v=1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ec686d1012de783a5024affc9215692642a7b25af322ecc177062632902e6cd5

Request headers

Referer: https://ruspornusha.cc/engine/classes/min/index.php?f=/templates/ruspornusha/css/common.css,/templates/ruspornusha/css/styles.css,/templates/ruspornusha/css/engine.css,/templates/ruspornusha/css/fontawesome.css&v=1
Origin: https://ruspornusha.cc
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Tue, 19 Mar 2024 14:03:07 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 508711
alt-svc: h3=":443"; ma=86400
content-length: 169732
last-modified: Mon, 15 Feb 2021 08:58:18 GMT
server: cloudflare
etag: "602a37aa-29704"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=PJPh1uSnzCFGCxe6Yf9JRsHdcC1sr48LqQIpRf4S5Swmcxg0ACDn%2BwAXqYadFr169DiBmc8SCzLeD7sMOLQX9I%2FvgmwVfzklqFb4YQkiD3m0%2B65uqVd9j22v%2BwBNqSF5QvUforr68DfRb2TexQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 866e01091dbc1cbe-AMS
expires: Fri, 12 Apr 2024 16:44:36 GMT

GET
H3 200 icomoon.woff
ruspornusha.cc/templates/ruspornusha/webfonts/ 6 KB
6 KB 79ms
79ms Font
font/woff 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ruspornusha.cc/templates/ruspornusha/webfonts/icomoon.woff?7regcy
Requested by: Host: ruspornusha.cc
URL: https://ruspornusha.cc/engine/classes/min/index.php?f=/templates/ruspornusha/css/common.css,/templates/ruspornusha/css/styles.css,/templates/ruspornusha/css/engine.css,/templates/ruspornusha/css/fontawesome.css&v=1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e11b2065bcce6124267f2445835daa7d8fa46b7b6f8c68137b6e1f484874bd37

Request headers

Referer: https://ruspornusha.cc/engine/classes/min/index.php?f=/templates/ruspornusha/css/common.css,/templates/ruspornusha/css/styles.css,/templates/ruspornusha/css/engine.css,/templates/ruspornusha/css/fontawesome.css&v=1
Origin: https://ruspornusha.cc
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Tue, 19 Mar 2024 14:03:07 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 508711
alt-svc: h3=":443"; ma=86400
content-length: 5924
last-modified: Mon, 15 Feb 2021 08:58:18 GMT
server: cloudflare
etag: "602a37aa-1724"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=zemwaJqB%2Fp%2FgNXNk0V98auLZVIqGPhBNu8L58L8%2FaLXWMXWAwE9M0P26xJr2UyOA2%2Ba8992K35GH9ONki6Af%2BaVnOjxIMAH1qhEMBkJDo9bGbHKkSjhf2adFKwjxtAI8I7DrZJM2levoUaZFYA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: font/woff
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 866e01091dbd1cbe-AMS
expires: Fri, 12 Apr 2024 16:44:36 GMT

GET
H3 200 fa-solid-900.woff2
ruspornusha.cc/templates/ruspornusha/webfonts/ 134 KB
135 KB 80ms
80ms Font
font/woff2 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ruspornusha.cc/templates/ruspornusha/webfonts/fa-solid-900.woff2
Requested by: Host: ruspornusha.cc
URL: https://ruspornusha.cc/engine/classes/min/index.php?f=/templates/ruspornusha/css/common.css,/templates/ruspornusha/css/styles.css,/templates/ruspornusha/css/engine.css,/templates/ruspornusha/css/fontawesome.css&v=1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 68eb827a2fa6f035eab41392f863522ae5dc0d4c0c31d5245362a7f1a5aed46a

Request headers

Referer: https://ruspornusha.cc/engine/classes/min/index.php?f=/templates/ruspornusha/css/common.css,/templates/ruspornusha/css/styles.css,/templates/ruspornusha/css/engine.css,/templates/ruspornusha/css/fontawesome.css&v=1
Origin: https://ruspornusha.cc
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Tue, 19 Mar 2024 14:03:07 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 499195
alt-svc: h3=":443"; ma=86400
content-length: 137704
last-modified: Mon, 15 Feb 2021 08:58:18 GMT
server: cloudflare
etag: "602a37aa-219e8"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=nOB4YN59lgEHn1%2FHrhQzNUISU%2B1ue9jt5aVnWZkXlTthzNR2FoQzQT5i99jf%2BRvAup8h6FSOwW8lZUOjS14eIWgeAfwtoslhxSvoNR35K%2BCq%2FJGBWmLWwrqWhUZG5cionN9xrKydC4u5vSm%2BEg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 866e01091dc01cbe-AMS
expires: Fri, 12 Apr 2024 19:23:12 GMT

GET
H2 200 224959 Show response
31825.novemberadventures.name/v3/a/ipn/js/ 18 KB
6 KB 244ms
15ms Script
application/javascript 88.208.22.1
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://31825.novemberadventures.name/v3/a/ipn/js/224959
Requested by: Host: ruspornusha.cc
URL: https://ruspornusha.cc/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 88.208.22.1 , Netherlands, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS: mail.armadaboard.com
Software: nginx /
Resource Hash: 6ca1a5546b80841e76c2e3259f218e6cca0f591cdd1ac6f79bf2b4acf38008d2

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ruspornusha.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Tue, 19 Mar 2024 14:03:07 GMT
content-encoding: gzip
referrer-policy: unsafe-url
server: nginx
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Device-Memory
vary: Accept-Encoding
access-control-max-age: 86400
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
accept-ch-lifetime: 31536000
access-control-allow-credentials: true

GET
H2 200 224870 Show response
31825.novemberadventures.name/v3/a/pop/js/ 15 KB
6 KB 245ms
16ms Script
application/javascript 88.208.22.1
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://31825.novemberadventures.name/v3/a/pop/js/224870
Requested by: Host: ruspornusha.cc
URL: https://ruspornusha.cc/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 88.208.22.1 , Netherlands, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS: mail.armadaboard.com
Software: nginx /
Resource Hash: a9711f76fc5b6303479e691ab8261d6b6f5162bd15f7b20cda5c353b355f0450

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ruspornusha.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Tue, 19 Mar 2024 14:03:07 GMT
content-encoding: gzip
referrer-policy: unsafe-url
server: nginx
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Device-Memory
access-control-max-age: 86400
accept-ch-lifetime: 31536000
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
content-length: 6145

GET
H2 200 adManager.js Show response
js.wpadmngr.com/static/ 2 KB
1 KB 241ms
13ms Script
application/javascript 45.133.44.52
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://js.wpadmngr.com/static/adManager.js
Requested by: Host: ruspornusha.cc
URL: https://ruspornusha.cc/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.133.44.52 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx/1.18.0 /
Resource Hash: 8cda164a8346788a16932ad07549430d0ddf6768aef3c148273b48070f2d4e4b

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ruspornusha.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

expires: Tue, 19 Mar 2024 14:08:07 GMT
date: Tue, 19 Mar 2024 14:03:07 GMT
content-encoding: gzip
last-modified: Mon, 18 Mar 2024 10:34:25 GMT
server: nginx/1.18.0
etag: W/"65f818b1-6a9"
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=300
x-proxy-cache: HIT

GET
H3 200 libs.js Show response
ruspornusha.cc/templates/ruspornusha/js/ 4 KB
2 KB 63ms
63ms Script
application/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ruspornusha.cc/templates/ruspornusha/js/libs.js
Requested by: Host: ruspornusha.cc
URL: https://ruspornusha.cc/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3f1f0f532eaf57ba5f1f6ed40a1dac376db629d52d8ef2d7b6a15d13856df4f1

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ruspornusha.cc/video/12126/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Tue, 19 Mar 2024 14:03:07 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 499215
cf-polished: origSize=4657
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Mon, 15 Feb 2021 08:58:17 GMT
server: cloudflare
etag: W/"602a37a9-1231"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=jH%2FtGEY3AFINdEmxm17ydUImM48tsDOU9w3X6QcJiDgiUnF3Z7b%2FdycfjHwmXQW5ZpCA2XO7JOV8w5NRSiIzMoLR20hhy%2BfqZTAsN%2FzEd3SVxG48I%2Bhyp0YKLG0LGCP%2B7rfmiyRK%2BkrMW42byA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=2592000
cf-ray: 866e01094dee1cbe-AMS
expires: Fri, 12 Apr 2024 19:22:52 GMT

GET
H3 200 index.php Show response
ruspornusha.cc/engine/classes/min/ 154 KB
44 KB 64ms
64ms Script
application/x-javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ruspornusha.cc/engine/classes/min/index.php?f=engine/classes/js/jqueryui.js,engine/classes/js/dle_js.js,engine/classes/js/lazyload.js,engine/classes/masha/masha.js&v=dbfdb
Requested by: Host: ruspornusha.cc
URL: https://ruspornusha.cc/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.2.34
Resource Hash: 6c851ea255346c316a2c6f39dd45f373bd1f51c0c364b557a414ccaf4befd5e3

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ruspornusha.cc/video/12126/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Tue, 19 Mar 2024 14:03:07 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 499215
cf-polished: origSize=158881
x-powered-by: PHP/7.2.34
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Mon, 05 Oct 2020 15:37:13 GMT
server: cloudflare
etag: W/"pub1601912233;gz"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=T9mqor88PBHJASSxwJYRsW9E%2F7Kj%2F7OtUKemqqr8SRUMpHkUz1I75rrENQNEPqLvpfbXjVPf2KM7AT9nOc5Sz2nHK0h%2B%2B%2B%2F9lWymeaZmP8uSl2mNjG%2B%2BOieOXHn5RSN6VNH1fBK20YD5LH2AVQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript; charset=utf-8
cache-control: max-age=31536000
cf-ray: 866e01094df01cbe-AMS
expires: Thu, 13 Mar 2025 19:22:52 GMT

GET
H3 200 index.php Show response
ruspornusha.cc/engine/classes/min/ 84 KB
31 KB 68ms
68ms Script
application/x-javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ruspornusha.cc/engine/classes/min/index.php?g=general&v=dbfdb
Requested by: Host: ruspornusha.cc
URL: https://ruspornusha.cc/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.2.34
Resource Hash: e409106a09c4676b55611bc757f5fb2d3e5bd92be5eefbfd53038d0283ef5137

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ruspornusha.cc/video/12126/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Tue, 19 Mar 2024 14:03:07 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 507995
cf-polished: origSize=85578
x-powered-by: PHP/7.2.34
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Mon, 05 Oct 2020 15:37:13 GMT
server: cloudflare
etag: W/"pub1601912233;gz"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=lMwT58nvavftRnRbDtfnTDn1f6GKtnQiU8cshZc0H6o%2Bh8Y59hrwUWquGwFsCfCHGppnyjPETMEgZYABdfKkgy29sd%2F8GQSxiTG49rE8AN9Jap%2FQ9gKrBiKRH5YPDbuC5xGW5E%2FJUlP52Ckh0g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript; charset=utf-8
cache-control: max-age=31536000
cf-ray: 866e01094df11cbe-AMS
expires: Thu, 13 Mar 2025 16:56:32 GMT

GET /
reallifeforyouandme_block.com/services/ 0
0

GET
H3 200 rocket-loader.min.js Show response
ruspornusha.cc/cdn-cgi/scripts/7d0fa10a/cloudflare-static/ Frame CD5B 12 KB
4 KB 21ms
21ms Script
application/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ruspornusha.cc/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Requested by

Host: ruspornusha.cc
URL: https://ruspornusha.cc/embed/33830

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ruspornusha.cc/embed/33830
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Tue, 19 Mar 2024 14:03:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 12 Mar 2024 18:07:56 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"65f099fc-302c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=egKkbEgHuTO%2Bm9Rd7yMAm%2BGUwPLa6cETt2uHf7Y9Oh8CezXX5IT74KWi%2BdmzLSHgZSJLPvzqjgOV20FG0s%2B9sKKQ8L7haiL8z5W0%2B2%2FB9vEmfbkLOOcjkBiZB6cQs4oumgPWvRhkvbxNLgAhfA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
x-frame-options: DENY
cache-control: max-age=172800, public
cf-ray: 866e010aaf731cbe-AMS
expires: Thu, 21 Mar 2024 14:03:07 GMT

GET
H2 200 hello.min.js Show response
rdrctgoweb.com/sweetie/ Frame CD5B 91 KB
31 KB 66ms
18ms Script
application/javascript 2a05:93c4:27::1
SERVERS-COM

General

Check archive.org

Show headers Download Go to

Full URL

https://rdrctgoweb.com/sweetie/hello.min.js?id=1699421342

Requested by

Host: ruspornusha.cc
URL: https://ruspornusha.cc/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a05:93c4:27::1 , Netherlands, ASN7979 (SERVERS-COM, US),

Reverse DNS

Software

nginx/1.21.6 /

Resource Hash

b1e7885b7e52914720b2b7c57eec1b536ab410bb7122e06bbc4bdd3cdd9d87d1

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ruspornusha.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Tue, 19 Mar 2024 14:03:07 GMT
content-encoding: gzip
last-modified: Tue, 23 Jan 2024 08:57:59 GMT
server: nginx/1.21.6
etag: W/"65af7f97-16d59"
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: max-age=864000
expires: Fri, 29 Mar 2024 14:03:07 GMT

GET
H2 200 article.min.js Show response
mikellli.com/who/ Frame CD5B 48 KB
20 KB 60ms
15ms Script
application/javascript 2a05:93c4:27::1
SERVERS-COM

General

Check archive.org

Show headers Download Go to

Full URL

https://mikellli.com/who/article.min.js?id=1674651160

Requested by

Host: ruspornusha.cc
URL: https://ruspornusha.cc/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a05:93c4:27::1 , Netherlands, ASN7979 (SERVERS-COM, US),

Reverse DNS

Software

nginx/1.21.6 /

Resource Hash

a0ac529020d1dfb6df5c0a7232ab0696474fe93b4f230063e31bac0465eb47b3

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ruspornusha.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Tue, 19 Mar 2024 14:03:07 GMT
content-encoding: gzip
last-modified: Thu, 07 Jul 2022 04:51:33 GMT
server: nginx/1.21.6
etag: W/"62c66655-bea3"
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: max-age=864000
expires: Fri, 29 Mar 2024 14:03:07 GMT

GET
H2 200 kt_player.js Show response
vidosikov.com/player/ Frame CD5B 159 KB
58 KB 77ms
32ms Script
application/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://vidosikov.com/player/kt_player.js?v=5.3.0
Requested by: Host: ruspornusha.cc
URL: https://ruspornusha.cc/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa8193b7e4f8b45ff8f3764bc4f2bc035bb34da7ef9bb56d1fa85a5515b4663e

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ruspornusha.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Tue, 19 Mar 2024 14:03:07 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 12 Jan 2021 14:36:18 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 504186
etag: W/"5ffdb3e2-27caf"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=EpH2Hx0Ngv95CpnbMMq8OSGLReX2yOJ53UuPj4K9pXoYodN3t4p6CityY8JukkEiTwI%2Fn6HmEXi1InSH7HS9M%2FGu1DBRnt%2FN4WTQaT%2BKpi6ghS7Dyzg35Kr38TTuVkyrKOnIazA7Qft6tIFW"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=691200
cf-ray: 866e010b1cab0ae3-AMS
alt-svc: h3=":443"; ma=86400
expires: Thu, 21 Mar 2024 18:00:01 GMT

GET
H2 200 5424 Show response
trandgid.com/lhzbsrfkjf/js/ 73 KB
23 KB 91ms
35ms Script
application/javascript 2606:4700:20::ac43:492d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://trandgid.com/lhzbsrfkjf/js/5424?r=&11882
Requested by: Host: ruspornusha.cc
URL: https://ruspornusha.cc/video/12126/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:492d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 17c0a1a102053b3f11374d1603d4b3d27b7a53fc06b9b8d6569824e808ca04af

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ruspornusha.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Tue, 19 Mar 2024 14:03:07 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 25 Dec 2023 11:34:10 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 4659
etag: W/"658968b2-12381"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=puKX5TaUceIL7I4RNuFjySTkiZaJD6iOcIn%2B90e86rDLQ%2Fg9b13BydCS042PSXehu3Ui2bWLfNbLIPowCc%2BweOZQqGSQBjQyLZZgfQfg9bFvR3HiNPvh%2FxblUkOs3Hxyufk6sTBIbOWnOQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 866e010b6d4c0e2f-AMS

GET
H/1.1

200
OK

hit
counter.yadro.ru/
Redirect Chain

https://counter.yadro.ru/hit?t40.6;r;s1600*1200*24;uhttps%3A//ruspornusha.cc/video/12126/;h%u0421%u044B%u043D%20%u043F%u043E%20%u043F%u0440%u0438%u043D%u0443%u0436%u0434%u0435%u043D%u0438%u044E%20%...
https://counter.yadro.ru/hit?q;t40.6;r;s1600*1200*24;uhttps%3A//ruspornusha.cc/video/12126/;h%u0421%u044B%u043D%20%u043F%u043E%20%u043F%u0440%u0438%u043D%u0443%u0436%u0434%u0435%u043D%u0438%u044E%2...

133 B
619 B

53ms
53ms

Image
image/gif

88.212.201.198
UNITEDNET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://counter.yadro.ru/hit?q;t40.6;r;s1600*1200*24;uhttps%3A//ruspornusha.cc/video/12126/;h%u0421%u044B%u043D%20%u043F%u043E%20%u043F%u0440%u0438%u043D%u0443%u0436%u0434%u0435%u043D%u0438%u044E%20%u0442%u0440%u0430%u0445%u043D%u0443%u043B%20%u043C%u0430%u0442%u044C%20%u0432%20%u0441%u0435%u043A%u0441%u0443%u0430%u043B%u044C%u043D%u043E%u043C%20%u0431%u0435%u043B%u044C%u0435%20%u0438%20%u0437%u0430%u043B%u0438%u043B%20%u0435%u0435%20%u043B%u0438%u0446%u043E%20%u0441%u043F%u0435%u0440%u043C%u043E%u0439%20%u231A%2019%3A20%20%u0420%u0443%u0441%u0441%u043A%u043E%u0435%20%u041F%u043E%u0440%u043D%u043E%20%u2116%2012126;0.15667377442196595

Protocol

HTTP/1.1

Server

88.212.201.198 , Russian Federation, ASN39134 (UNITEDNET, RU),

Reverse DNS

host198.rax.ru

Software

nginx/1.17.9 /

Resource Hash

85f2f9268707586e0b9fcd1212157603de031cca53e1be63bfa2f62a8010ff1e

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ruspornusha.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 19 Mar 2024 14:03:07 GMT
Strict-Transport-Security: max-age=86400
Server: nginx/1.17.9
Content-Type: image/gif
P3P: policyref="/w3c/p3p.xml", CP="UNI"
Access-Control-Allow-Origin: *
Cache-control: no-cache
Connection: keep-alive
Content-Length: 133
Expires: Sun, 19 Mar 2023 21:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Tue, 19 Mar 2024 14:03:07 GMT
Strict-Transport-Security: max-age=86400
Server: nginx/1.17.9
Content-Type: text/html
Location: https://counter.yadro.ru/hit?q;t40.6;r;s1600*1200*24;uhttps%3A//ruspornusha.cc/video/12126/;h%u0421%u044B%u043D%20%u043F%u043E%20%u043F%u0440%u0438%u043D%u0443%u0436%u0434%u0435%u043D%u0438%u044E%20%u0442%u0440%u0430%u0445%u043D%u0443%u043B%20%u043C%u0430%u0442%u044C%20%u0432%20%u0441%u0435%u043A%u0441%u0443%u0430%u043B%u044C%u043D%u043E%u043C%20%u0431%u0435%u043B%u044C%u0435%20%u0438%20%u0437%u0430%u043B%u0438%u043B%20%u0435%u0435%20%u043B%u0438%u0446%u043E%20%u0441%u043F%u0435%u0440%u043C%u043E%u0439%20%u231A%2019%3A20%20%u0420%u0443%u0441%u0441%u043A%u043E%u0435%20%u041F%u043E%u0440%u043D%u043E%20%u2116%2012126;0.15667377442196595
P3P: policyref="/w3c/p3p.xml", CP="UNI"
Cache-control: no-cache
Connection: keep-alive
Content-Length: 32
Expires: Sun, 19 Mar 2023 21:00:00 GMT

GET
H2 200 / Show response
jkha742.xyz/wcm/ 0
193 B 56ms
13ms Script
text/plain 193.200.64.162
GIVEME-CLOUD

General

Check archive.org

Show headers Download Go to

Full URL: https://jkha742.xyz/wcm/?sh=ruspornusha.cc&sth=7ab3624698f0bee984b8077f8dcf8922&d=e3b000ffe39c980c475b4478201afaac&m=02bd1f51ae5382fc49fdfe0471886ae4&sid=793_277298_430947052&stime=497.90&curpage=https%3A%2F%2Fruspornusha.cc%2Fvideo%2F12126%2F&rand=0.48196879951476057
Requested by: Host: ruspornusha.cc
URL: https://ruspornusha.cc/video/12126/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 193.200.64.162 Amsterdam, Netherlands, ASN6681 (GIVEME-CLOUD, PL),
Reverse DNS: unallocated.giveme.network
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ruspornusha.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 19 Mar 2024 14:03:07 GMT
vary: Accept-Encoding
p3p: CP="NON DSP COR CURa TIA"
content-type: text/plain;charset=UTF-8
cache-control: no-cache, no-store, must-revalidate
x-msr: TRUE
timing-allow-origin: *
content-length: 0
expires: 0

GET
H2 200 adManager.m.js Show response
js.wpadmngr.com/static/ 105 KB
35 KB 17ms
17ms Script
application/javascript 45.133.44.52
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://js.wpadmngr.com/static/adManager.m.js
Requested by: Host: js.wpadmngr.com
URL: https://js.wpadmngr.com/static/adManager.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.133.44.52 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx/1.18.0 /
Resource Hash: f4ffdb109b0a6827d19995efcaa1548926db779fc2bb4b3fbe57b00731285c0c

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ruspornusha.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

expires: Tue, 19 Mar 2024 14:08:07 GMT
date: Tue, 19 Mar 2024 14:03:07 GMT
content-encoding: gzip
last-modified: Mon, 18 Mar 2024 10:34:30 GMT
server: nginx/1.18.0
etag: W/"65f818b6-1a2d3"
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=300
x-proxy-cache: HIT

HEAD
H2 200 adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 0
0 114ms
62ms Fetch
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: 31825.novemberadventures.name
URL: https://31825.novemberadventures.name/v3/a/pop/js/224870

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ruspornusha.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Tue, 19 Mar 2024 14:03:07 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 50999
x-xss-protection: 0
server: cafe
etag: 11900817641947293314
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
link: <https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
expires: Tue, 19 Mar 2024 14:03:07 GMT

GET
H2 200 login.php
www.facebook.com/ 0
0 273ms
232ms Image
text/html 2a03:2880:f176:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.facebook.com/login.php?next=https%3A%2F%2Fwww.facebook.com%2Ffavicon.ico%3F_rdr%3Dp
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ruspornusha.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

HEAD
H2 200 adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 0
0 85ms
60ms Fetch
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: 31825.novemberadventures.name
URL: https://31825.novemberadventures.name/v3/a/ipn/js/224959

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ruspornusha.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Tue, 19 Mar 2024 14:03:07 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 50758
x-xss-protection: 0
server: cafe
etag: 207273197505779914
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
link: <https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
expires: Tue, 19 Mar 2024 14:03:07 GMT

GET
H3 200 marker.png
ruspornusha.cc/templates/ruspornusha/dleimages/ 2 KB
2 KB 21ms
21ms Image
image/png 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ruspornusha.cc/templates/ruspornusha/dleimages/marker.png
Requested by: Host: ruspornusha.cc
URL: https://ruspornusha.cc/engine/classes/min/index.php?f=/templates/ruspornusha/css/common.css,/templates/ruspornusha/css/styles.css,/templates/ruspornusha/css/engine.css,/templates/ruspornusha/css/fontawesome.css&v=1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e393ab33da5f5e3cb8a5fd7beece758d61ae71f7646f9dd100dc562aa667b723

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ruspornusha.cc/engine/classes/min/index.php?f=/templates/ruspornusha/css/common.css,/templates/ruspornusha/css/styles.css,/templates/ruspornusha/css/engine.css,/templates/ruspornusha/css/fontawesome.css&v=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Tue, 19 Mar 2024 14:03:07 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 507994
alt-svc: h3=":443"; ma=86400
content-length: 1883
last-modified: Mon, 15 Feb 2021 08:58:15 GMT
server: cloudflare
etag: "602a37a7-75b"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Ff3vz0HFK8OAEG3Cp7Scran%2FUecqz1CIZ5meL3dSZRN3aFusQlKOv8zBWRo1PiciypMNG0rUrOolFd4Yms7iRwqmCeOT5pGPzCfnXpwuVf%2FM6mfNOjEmjD8eim0%2FZ49bhTi4DjtDKNNA0r%2Br5g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 866e010b68301cbe-AMS
expires: Fri, 12 Apr 2024 16:56:33 GMT

GET
H3 200 V-rot-i-kisku-otporol-molodoi-paren-zreluiu-liubovnitsu-v-chulkakh.webp
ruspornusha.cc/pictures/ 11 KB
12 KB 22ms
21ms Image
image/webp 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ruspornusha.cc/pictures/V-rot-i-kisku-otporol-molodoi-paren-zreluiu-liubovnitsu-v-chulkakh.webp
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 997a822e0ac349b624ca2d0cdb65b9532fd29ea12bdf699559b9a422551bcff0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ruspornusha.cc/video/12126/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Tue, 19 Mar 2024 14:03:07 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 103073
alt-svc: h3=":443"; ma=86400
content-length: 11544
last-modified: Tue, 13 Jun 2023 11:10:27 GMT
server: cloudflare
etag: "64884ea3-2d18"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=MXEsEYHJlDhUHRK32bUy23d8qZ4k3M0%2FPda94Pq1lId7ruObHxFGgsbf94dp9enVTK9nyej5%2FRH7T%2F%2FOZRddxuyEf3UQR2dv5kct5szYaRTCC2tZBU0V9RUA%2F7RSLajClmPlLcwEeuqCjIOXNw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 866e010b78351cbe-AMS
expires: Wed, 17 Apr 2024 09:25:14 GMT

GET
H3 200 Molodye-parni-pustili-po-krugu-zreluiu-uchitelnitsu-muzyki-v-chulkakh.webp
ruspornusha.cc/pictures/ 18 KB
18 KB 28ms
27ms Image
image/webp 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ruspornusha.cc/pictures/Molodye-parni-pustili-po-krugu-zreluiu-uchitelnitsu-muzyki-v-chulkakh.webp
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6175a654aaa3415e6d1d87d092f340cdfbbcd9b1132ff0fde8cf1d38ebdb3eaa

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ruspornusha.cc/video/12126/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Tue, 19 Mar 2024 14:03:07 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 412981
alt-svc: h3=":443"; ma=86400
content-length: 17960
last-modified: Tue, 13 Jun 2023 11:06:21 GMT
server: cloudflare
etag: "64884dad-4628"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=HTtAJb3rvmCeI7eZ9SmQf8SgMpuTseYPQgRBwhYncrpmP2xlvsB45nLYtM086EVu6i4PmXwIFbw7UuJlKkl1HMh2eNMzlmcR7Z1Yo0IUXX1QNmK9jZWoqLMDnFhKP%2BfjLA3BacTvm6WtPnuuqg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 866e010b78371cbe-AMS
expires: Sat, 13 Apr 2024 19:20:06 GMT

GET
H3 200 Posle-striptiza-ryzhenkaia-telka-v-trusikakh-podrochila-kisku-vibratorom.webp
ruspornusha.cc/pictures/ 12 KB
12 KB 29ms
28ms Image
image/webp 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ruspornusha.cc/pictures/Posle-striptiza-ryzhenkaia-telka-v-trusikakh-podrochila-kisku-vibratorom.webp
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d458117e4865c7bc787974a63cfec927231c118550324e3aaa68d0aa188cd2ba

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ruspornusha.cc/video/12126/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Tue, 19 Mar 2024 14:03:07 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 0
alt-svc: h3=":443"; ma=86400
content-length: 12170
last-modified: Tue, 13 Jun 2023 11:08:09 GMT
server: cloudflare
etag: "64884e19-2f8a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=yfJZYck4Ll6KKDlGScw%2BR7twuBO4sOXDpYPLY0veZYBiP0EI22eTvs33PrP0KU45qex9eWT1I0Yvr2EaILrUodTwUVL60HvdjtFD6KrYGave5oRhcXCSMYb6XQGpJxVOMWOYSO1bagC3j5zZ6g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 866e010b78381cbe-AMS
expires: Thu, 18 Apr 2024 14:03:07 GMT

GET
H3 200 Veb-shliukha-s-rozovymi-volosami-vstaet-rakom-i-daet-v-popku-kavaleru.webp
ruspornusha.cc/pictures/ 17 KB
17 KB 27ms
26ms Image
image/webp 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ruspornusha.cc/pictures/Veb-shliukha-s-rozovymi-volosami-vstaet-rakom-i-daet-v-popku-kavaleru.webp
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 11b598229856d89721a9f2bdc6b69ee727acb2b3df00dad45c2fffd1515b6547

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ruspornusha.cc/video/12126/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Tue, 19 Mar 2024 14:03:07 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 28858
alt-svc: h3=":443"; ma=86400
content-length: 16932
last-modified: Tue, 13 Jun 2023 11:10:31 GMT
server: cloudflare
etag: "64884ea7-4224"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=dq1jNSyOHD6xIFucc7YgBFXouL4BZdGlooDQ%2F3BgZjrKsn%2FBXGHSNwTcN7Dt0QlUkVSuyV0e9AUPxuu4gAPgad2Vz00olcoaI0UIuDcNaQBhVC%2BewnIWvt%2BN79RwssBvIomwZ92jRPs5OwFPvw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 866e010b78391cbe-AMS
expires: Thu, 18 Apr 2024 06:02:09 GMT

GET
H2 200 23626 Show response
na.nawpush.com/tags/ 4 KB
4 KB 62ms
14ms XHR
application/json 45.133.44.24
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://na.nawpush.com/tags/23626?version_name=b
Requested by: Host: js.wpadmngr.com
URL: https://js.wpadmngr.com/static/adManager.m.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.133.44.24 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx/1.18.0 /
Resource Hash: bcea92384333b42bda1420464675f89de3ef5b7a006bc8295b337cab5c555bbc

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ruspornusha.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

access-control-allow-origin: *
date: Tue, 19 Mar 2024 14:03:07 GMT
cache-control: max-age=300, public
content-type: application/json
server: nginx/1.18.0
x-proxy-cache: HIT

GET
H2 200 advertising.js Show response
js.capndr.com/ 0
238 B 49ms
13ms Script
application/javascript 45.133.44.52
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://js.capndr.com/advertising.js
Requested by: Host: js.wpadmngr.com
URL: https://js.wpadmngr.com/static/adManager.m.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.133.44.52 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx/1.18.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ruspornusha.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

expires: Tue, 19 Mar 2024 14:08:07 GMT
date: Tue, 19 Mar 2024 14:03:07 GMT
last-modified: Fri, 14 Jul 2023 08:23:25 GMT
server: nginx/1.18.0
etag: "64b105fd-0"
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=300
accept-ranges: bytes
content-length: 0
x-proxy-cache: HIT

GET
H2 200 youtube.css
vidosikov.com/player/skin/ Frame CD5B 28 KB
5 KB 24ms
23ms Stylesheet
text/css 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://vidosikov.com/player/skin/youtube.css
Requested by: Host: vidosikov.com
URL: https://vidosikov.com/player/kt_player.js?v=5.3.0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6855b84c0f4f9e12c04fe22ff563fa465862d44e423db6e916d94ca3da927d42

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ruspornusha.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Tue, 19 Mar 2024 14:03:07 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 12 Jan 2021 14:36:19 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 499299
etag: W/"5ffdb3e3-70cf"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=RbdR89nzLvaJiioRWV0CbF1aap7wEwZfyaLRpVgJTRwb1cbuUEOi9%2BIYCbI4zQw521akGyBHG1NF27Qu0E3u5JRlmzD%2F8bntvnCS73CKcsQNPzH13BdUUxm5zaNzZf8d5wuXerx2fFYscSHp"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=691200
cf-ray: 866e010b9d190ae3-AMS
alt-svc: h3=":443"; ma=86400
expires: Thu, 21 Mar 2024 19:21:28 GMT

GET
H2 404 player_ads.html
vidosikov.com/player/ Frame 7215 47 B
0 42ms
35ms Document
text/html 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://vidosikov.com/player/player_ads.html?advertising_id=0.019532493127785155&adzone=0.8126917758936971
Requested by: Host: vidosikov.com
URL: https://vidosikov.com/player/kt_player.js?v=5.3.0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.2.34
Resource Hash

Request headers

Referer: https://ruspornusha.cc/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 866e010bad260ae3-AMS
content-encoding: br
content-type: text/html; charset=UTF-8
date: Tue, 19 Mar 2024 14:03:07 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2BOyGKAqBG3ajJP%2B0bQPLQ5D5OYQNCwyGDOxXPWSMe8j%2BueoofoVbcxLnZ8DCoAxCxRV6HnribiM1BF0ZHuydYUIfGbsbm3%2B%2FCAh8m5BJGqzbU%2Fr6jtzm%2FBlIZ5AhTYXwZbMtFpUX8ZANyXGL"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-powered-by: PHP/7.2.34

GET
H3

200

main.js Show response
ruspornusha.cc/cdn-cgi/challenge-platform/h/g/scripts/jsd/956dacbeead0/ Frame 44FF
Redirect Chain

https://ruspornusha.cc/cdn-cgi/challenge-platform/scripts/jsd/main.js
https://ruspornusha.cc/cdn-cgi/challenge-platform/h/g/scripts/jsd/956dacbeead0/main.js

8 KB
4 KB

19ms
19ms

Script
application/javascript

2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ruspornusha.cc/cdn-cgi/challenge-platform/h/g/scripts/jsd/956dacbeead0/main.js

Protocol

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2a8affffaa12b2ba5fc11270bb843ff8e40e2f7d14a7b0663c02040f3fa8e356

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Tue, 19 Mar 2024 14:03:07 GMT
content-encoding: br
x-content-type-options: nosniff
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: accept-encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2BhGZQoiSoSTloHRfz07VEtyGZ6PwYSTRaEDPGMqmTIZlFAiysspL3QH79YwGJXMI%2FUgCf8XtRfxI6VragB%2FvaEaLYfIDvX9L9BoJfpichycoc3Rc2HWmsBkhyKww9O8XSVH44L0khe5VzjoJLA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: max-age=14400, public
cf-ray: 866e010bd8aa1cbe-AMS
alt-svc: h3=":443"; ma=86400

Redirect headers

date: Tue, 19 Mar 2024 14:03:07 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=7aGSas4qLbBc46lGZxfMdllQOQoUlUdquOHmeHSgBGzxhQoYff0y1DwmkDAqECJXrFzRGNRgw7svdXuoOz2V1PSxCktC67s1B7SFkjOeRaJNmUR9yF2unC4UU73UG6bmZhkrnwLscLqLMmGjRA%3D%3D"}],"group":"cf-nel","max_age":604800}
location: /cdn-cgi/challenge-platform/h/g/scripts/jsd/956dacbeead0/main.js
access-control-allow-origin: *
cache-control: max-age=300, public
cf-ray: 866e010ba8711cbe-AMS
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 check.min.js Show response
riamiavid.com/sweetie/ Frame CD8C 35 KB
12 KB 77ms
25ms Script
application/javascript 2a05:93c4:27::1
SERVERS-COM

General

Check archive.org

Show headers Download Go to

Full URL

https://riamiavid.com/sweetie/check.min.js

Requested by

Host: mikellli.com
URL: https://mikellli.com/who/article.min.js?id=1674651160

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a05:93c4:27::1 , Netherlands, ASN7979 (SERVERS-COM, US),

Reverse DNS

Software

nginx/1.21.6 /

Resource Hash

c85183390b23326532649a0091ba89aa4d9d1422e85535d6c00b36ec1db5ed4f

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Tue, 19 Mar 2024 14:03:07 GMT
content-encoding: gzip
last-modified: Thu, 14 Sep 2023 14:24:27 GMT
server: nginx/1.21.6
etag: W/"6503179b-8d3c"
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: max-age=864000
expires: Fri, 29 Mar 2024 14:03:07 GMT

GET
H2 200 cc Show response
mybmrtrg.com/ Frame 2A1E 185 B
366 B 78ms
38ms Document
text/html 2a05:93c4:27::1
SERVERS-COM

General

Check archive.org

Show headers Download Go to

Full URL

https://mybmrtrg.com/cc

Requested by

Host: mikellli.com
URL: https://mikellli.com/who/article.min.js?id=1674651160

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a05:93c4:27::1 , Netherlands, ASN7979 (SERVERS-COM, US),

Reverse DNS

Software

nginx/1.21.6 /

Resource Hash

79822b8e31412ac5276ecf6477a5f6607e82111f1c99756868b00a96fe25d38e

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://ruspornusha.cc/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-origin
content-encoding: gzip
content-security-policy: frame-ancestors 'self' *
content-type: text/html; charset=utf-8
date: Tue, 19 Mar 2024 14:03:07 GMT
server: nginx/1.21.6
x-frame-options: SAMEORIGIN

GET
H2 200 check.min.js Show response
riamiavid.com/sweetie/ Frame CB9A 35 KB
12 KB 51ms
12ms Script
application/javascript 2a05:93c4:27::1
SERVERS-COM

General

Check archive.org

Show headers Download Go to

Full URL

https://riamiavid.com/sweetie/check.min.js

Requested by

Host: rdrctgoweb.com
URL: https://rdrctgoweb.com/sweetie/hello.min.js?id=1699421342

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a05:93c4:27::1 , Netherlands, ASN7979 (SERVERS-COM, US),

Reverse DNS

Software

nginx/1.21.6 /

Resource Hash

c85183390b23326532649a0091ba89aa4d9d1422e85535d6c00b36ec1db5ed4f

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Tue, 19 Mar 2024 14:03:07 GMT
content-encoding: gzip
last-modified: Thu, 14 Sep 2023 14:24:27 GMT
server: nginx/1.21.6
etag: W/"6503179b-8d3c"
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: max-age=864000
expires: Fri, 29 Mar 2024 14:03:07 GMT

GET
H2 204 224959 Show response
31825.novemberadventures.name/v3/a/ipn/xch/ 0
331 B 42ms
15ms XHR
text/plain 88.208.22.1
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://31825.novemberadventures.name/v3/a/ipn/xch/224959?subID=&pageUri=https%3A%2F%2Fruspornusha.cc%2Fvideo%2F12126%2F&referer=&abl=0&bdd=%5B%22Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F122.0.6261.128%20Safari%2F537.36%22%2C%22false%22%2C%22Win32%22%2C%22WebKit%20WebGL%22%2C%22WebKit%22%2C%22Intel%20Iris%20OpenGL%20Engine%22%2C%22Intel%20Inc.%22%2C%22false%22%2C%22true%22%2C%221600%22%2C%221200%22%2C%221600%22%2C%221200%22%2C%221600%22%2C%221200%22%2C%221600%22%2C%221200%22%2C%221600%22%2C%221200%22%2C%22false%22%2C%221%22%2C%2217%22%2C%220%22%2C%22aaaaaaaacceccceffhillllmmprrsssstttellllpss%22%2C%22Tue%20Mar%2019%202024%2015%3A03%3A07%20GMT%2B0100%20(Central%20European%20Standard%20Time)%22%2C%22-60%22%2C%22en-US%22%2C%22en-US%2Cen%22%2C%22true%22%2C%22true%22%2C%224044038915%22%2C%222697903995%22%2C%222%22%2C%22false%22%2C%22%5B%5D%22%5D
Requested by: Host: 31825.novemberadventures.name
URL: https://31825.novemberadventures.name/v3/a/ipn/js/224959
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 88.208.22.1 , Netherlands, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS: mail.armadaboard.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ruspornusha.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Tue, 19 Mar 2024 14:03:07 GMT
referrer-policy: unsafe-url
server: nginx
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Device-Memory
access-control-max-age: 86400
accept-ch-lifetime: 31536000
access-control-allow-origin: https://ruspornusha.cc
access-control-allow-credentials: true

GET
H2 200 tags Show response
notification.tubecup.net/ 4 KB
2 KB 108ms
41ms XHR
application/json 88.198.204.166
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://notification.tubecup.net/tags?tag_id=23626&timezone_olson=Europe/Amsterdam&version_name=b&med_script_id=98&page=https%3A//ruspornusha.cc/video/12126/
Requested by: Host: js.wpadmngr.com
URL: https://js.wpadmngr.com/static/adManager.m.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 88.198.204.166 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.88-198-204-166.clients.your-server.de
Software: nginx/1.18.0 /
Resource Hash: 702883c266324ab39bd99b71098c399b0946998c8011bc12b676e37f497b4825

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ruspornusha.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 19 Mar 2024 14:03:07 GMT
content-encoding: br
server: nginx/1.18.0
vary: Origin
access-control-allow-methods: *
content-type: application/json
access-control-allow-origin: *
cache-control: no-transform, no-cache, no-store, must-revalidate
access-control-allow-headers: Content-Type
content-length: 1321

GET
DATA 200
OK truncated
/ Frame CD5B 175 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 ktplayeryt.ttf
vidosikov.com/player/skin/fonts/ Frame CD5B 2 KB
2 KB 57ms
24ms Font
application/font-sfnt 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://vidosikov.com/player/skin/fonts/ktplayeryt.ttf?wqseia
Requested by: Host: vidosikov.com
URL: https://vidosikov.com/player/skin/youtube.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bf86d8eb9277b69e2c6202ca711c3b19c64a2a9a8cf4ba7bc33bdecacfb8a0b2

Request headers

Referer: https://vidosikov.com/player/skin/youtube.css
Origin: https://ruspornusha.cc
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Tue, 19 Mar 2024 14:03:07 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 12 Jan 2021 14:36:19 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 1461
etag: W/"8d8-5b8b4f21a7ec0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=WpwRNkGyiI1KjGXnquHqB3VuEdW20K39ayaDnZhc2tCd9zTb0V4vzFw%2FFyUSd%2FO%2FYRVNwEO5%2BEMZjlnpxdRWhQm2H7TAmaU%2FFgZFcNBsXh%2F1cDqNMeHvC2f1oOuw0fouagsAbEXX7v%2FwEvPb"}],"group":"cf-nel","max_age":604800}
content-type: application/font-sfnt
access-control-allow-origin: *
cache-control: max-age=14400
cf-ray: 866e010c4b382868-AMS
alt-svc: h3=":443"; ma=86400

GET
H3 200 preview.mp4.jpg
vidosikov.com/contents/videos_screenshots/33000/33830/ Frame CD5B 83 KB
84 KB 25ms
25ms Image
image/jpeg 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vidosikov.com/contents/videos_screenshots/33000/33830/preview.mp4.jpg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 92e34604822588130e1d951be66008b69a4975459c3ca8557c84e8b8f53cbd63

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ruspornusha.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Tue, 19 Mar 2024 14:03:07 GMT
cf-cache-status: HIT
last-modified: Fri, 22 Apr 2022 23:24:01 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 449523
etag: W/"62633911-14dbd"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Jh9JmKXJLUiO1yE4OZNQEUFREanZMoPMopK3LSbo3hvs6%2BG94LmVPzRwHofYCYucFXmMdKhZtm%2F8WPa8DVMflyKpVHYjMhS9VwNBasV%2FM2tGvKaBQiuv1Q9D9U%2Fni9hjoN0ZBCiBWzbEpSkI"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=691200
cf-ray: 866e010c1b8e0ba6-AMS
alt-svc: h3=":443"; ma=86400
expires: Fri, 22 Mar 2024 09:11:04 GMT

GET
H3 404 player_ads.html Show response
vidosikov.com/player/ Frame C8E5 47 B
633 B 65ms
65ms Document
text/html 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://vidosikov.com/player/player_ads.html?advertising_id=0.019532493127785155&adzone=0.8126917758936971
Requested by: Host: vidosikov.com
URL: https://vidosikov.com/player/kt_player.js?v=5.3.0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.2.34
Resource Hash: cd8b79123a843eee64985a23257e2fab80ef2c4c08427b688ea979671fc1c457

Request headers

Referer: https://ruspornusha.cc/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 866e010c2b970ba6-AMS
content-encoding: br
content-type: text/html; charset=UTF-8
date: Tue, 19 Mar 2024 14:03:07 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=HwWbuZfbeoKg%2BqA5B5%2FtOY%2F8XlszXM2x9KKeeRYBHZdlY%2B%2FV10QQvf7MS6Gsh26770QWAtZcium8ewZ6w4kQskqnOKLqKxYyo5RHFZsleu0XQCxLBtbAIxGEqdilPki1bRvwDTP00OjzgMPM"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-powered-by: PHP/7.2.34

GET
H3 200 play_white.png
vidosikov.com/player/skin/img/ Frame CD5B 4 KB
4 KB 66ms
66ms Image
image/png 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vidosikov.com/player/skin/img/play_white.png
Requested by: Host: vidosikov.com
URL: https://vidosikov.com/player/skin/youtube.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e13296a19c623cff752620a9f03aa2b920a13ea08a1d2292ebd423a2e0feeb2c

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://vidosikov.com/player/skin/youtube.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Tue, 19 Mar 2024 14:03:07 GMT
cf-cache-status: HIT
last-modified: Tue, 12 Jan 2021 14:36:19 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 504173
etag: W/"5ffdb3e3-e5f"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=06KifXlhmGK1%2BExli9VAgD%2FGkb32OFVSh5HcGcoHtXLaEAZtXwkNeNtiTMqOM7BApqmBeAcAQ9J45TF4XgBL4mcUAPe2iV5FPBVmfze3kFMz%2FHRjyv7OjDxo9nVsYuIEJy1NTHEuMXyN0802"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=691200
cf-ray: 866e010c2b990ba6-AMS
alt-svc: h3=":443"; ma=86400
expires: Thu, 21 Mar 2024 18:00:14 GMT

GET
DATA 200
OK truncated
/ Frame CD5B 66 B
0 Image
image/webp

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b71c20271d9c80d1a71aa0ab9935281c4fa8ac404533f1a0747d7fb03fc68e79

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Content-Type: image/webp

GET
H3 200 stats.php
vidosikov.com/player/ Frame CD5B 43 B
456 B 62ms
61ms Image
image/gif 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vidosikov.com/player/stats.php?embed=1&device_type=2&event=PlayerLoad,
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.2.34
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ruspornusha.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Tue, 19 Mar 2024 14:03:07 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: PHP/7.2.34
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=OPEz%2FDmdtNsoDbvTMELmLDFL2L0FVsS0OevrVwjn7oErFtG%2BCwUcwHh8unw%2FGK0zlD9jlPTgqh6uw0tkEtHkQHtATT5bsr%2BLEF%2BG7qD9PNJzQPR545EhxYQrsumv2FfSCjmSFHT6gQ98a5HK"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cf-ray: 866e010c2ba40ba6-AMS
alt-svc: h3=":443"; ma=86400
content-length: 43

POST
H3 200 866e00ec5de60bcb Show response
ruspornusha.cc/cdn-cgi/challenge-platform/h/g/jsd/r/ Frame 44FF 0
607 B 41ms
38ms XHR
text/plain 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ruspornusha.cc/cdn-cgi/challenge-platform/h/g/jsd/r/866e00ec5de60bcb
Requested by: Host: ruspornusha.cc
URL: https://ruspornusha.cc/cdn-cgi/challenge-platform/scripts/jsd/main.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
Content-Type: application/json

Response headers

date: Tue, 19 Mar 2024 14:03:07 GMT
content-encoding: br
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=0Mnk98F08Lpt6%2B7RHoZWQXquHKSOFrWRs0pfAfHPcrueoSvPtLc7x%2ButAwSV2UYXbSE%2FVW%2FHcVPWVgrGXB86jO2%2BPF7DArqLNdHh9m8QhEXHjf7L6YJqF6g%2FySxIa9M6fiI1YP%2Bc0jvB1WcL9A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/plain; charset=UTF-8
cf-ray: 866e010c99641cbe-AMS
alt-svc: h3=":443"; ma=86400

GET
H2 204 224959 Show response
31825.novemberadventures.name/v3/a/ipn/xch/ 0
330 B 17ms
16ms XHR
text/plain 88.208.22.1
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://31825.novemberadventures.name/v3/a/ipn/xch/224959?subID=&pageUri=https%3A%2F%2Fruspornusha.cc%2Fvideo%2F12126%2F&referer=&abl=0&remnant=1&bdd=%5B%22Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F122.0.6261.128%20Safari%2F537.36%22%2C%22false%22%2C%22Win32%22%2C%22WebKit%20WebGL%22%2C%22WebKit%22%2C%22Intel%20Iris%20OpenGL%20Engine%22%2C%22Intel%20Inc.%22%2C%22false%22%2C%22true%22%2C%221600%22%2C%221200%22%2C%221600%22%2C%221200%22%2C%221600%22%2C%221200%22%2C%221600%22%2C%221200%22%2C%221600%22%2C%221200%22%2C%22false%22%2C%221%22%2C%2217%22%2C%220%22%2C%22aaaaaaaacceccceffhillllmmprrsssstttellllpss%22%2C%22Tue%20Mar%2019%202024%2015%3A03%3A07%20GMT%2B0100%20(Central%20European%20Standard%20Time)%22%2C%22-60%22%2C%22en-US%22%2C%22en-US%2Cen%22%2C%22true%22%2C%22true%22%2C%224044038915%22%2C%222697903995%22%2C%222%22%2C%22false%22%2C%22%5B%5D%22%5D
Requested by: Host: 31825.novemberadventures.name
URL: https://31825.novemberadventures.name/v3/a/ipn/js/224959
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 88.208.22.1 , Netherlands, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS: mail.armadaboard.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ruspornusha.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Tue, 19 Mar 2024 14:03:07 GMT
referrer-policy: unsafe-url
server: nginx
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Device-Memory
access-control-max-age: 86400
accept-ch-lifetime: 31536000
access-control-allow-origin: https://ruspornusha.cc
access-control-allow-credentials: true

GET
H2 200 count.html Show response
storage.multstorage.com/log/ Frame 4F61 882 B
902 B 69ms
26ms Document
text/html 2606:4700:3032::ac43:ae33
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://storage.multstorage.com/log/count.html
Requested by: Host: js.wpadmngr.com
URL: https://js.wpadmngr.com/static/adManager.m.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:ae33 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8a7b1ca4bbf273b32ea865d4785a1944d1b2b133678d9b5fe7ee0406f6fd64b2

Request headers

Referer: https://ruspornusha.cc/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 866e010daa4365f3-AMS
content-encoding: br
content-type: text/html
date: Tue, 19 Mar 2024 14:03:07 GMT
last-modified: Mon, 18 Sep 2023 14:39:06 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=hBb5CGh%2B%2FpWs4aSWQ1aG50zafnWF9Rx2qjSuTICFTBc8XEgplRpehhffD%2FSqkocfRl06PcsWpxUtYpRG6zM2DKwn2Rar70huMeGIYz1UTPYb2HsR8j%2BDQHbWI17ZQsGY2c6omOMrs7Rx50d03q2pjg4E5dZoUg%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-request-id: 2994685712062f8c00f2629198cde4e9

OPTIONS
H2 204 keywords
ntvpforever.com/ Frame 0
0 87ms
24ms Preflight 2a01:4f8:e0:19cb::1
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ntvpforever.com/keywords
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a01:4f8:e0:19cb::1 Ehingen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: nginx/1.18.0 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://ruspornusha.cc
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

access-control-allow-headers: Content-Type
access-control-allow-methods: *
access-control-allow-origin: *
cache-control: no-transform, no-cache, no-store, must-revalidate
date: Tue, 19 Mar 2024 14:03:07 GMT
pragma: no-cache
server: nginx/1.18.0
vary: Origin

POST
H2 200 keywords Show response
ntvpforever.com/ 22 B
245 B 30ms
29ms XHR
application/json 2a01:4f8:e0:19cb::1
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ntvpforever.com/keywords
Requested by: Host: js.wpadmngr.com
URL: https://js.wpadmngr.com/static/adManager.m.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a01:4f8:e0:19cb::1 Ehingen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: nginx/1.18.0 /
Resource Hash: 4c7d996ddffabca7f5a8fba7c3fa72a41f041ba7f96dfdbbd1818ec884aec396

Request headers

Referer: https://ruspornusha.cc/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
Content-Type: application/json;charset=UTF-8

Response headers

pragma: no-cache
date: Tue, 19 Mar 2024 14:03:07 GMT
server: nginx/1.18.0
vary: Origin
access-control-allow-methods: *
content-type: application/json
access-control-allow-origin: *
cache-control: no-transform, no-cache, no-store, must-revalidate
access-control-allow-headers: Content-Type
content-length: 22

GET
H2 200 track Show response
b8cd6b2b28.fd4115aecd.com/in/ 0
207 B 113ms
55ms XHR
text/plain 45.133.44.52
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://b8cd6b2b28.fd4115aecd.com/in/track?data=eyJ3bCI6MSwic3ViaWQiOjAsInVzZXJfaWQiOiIxMzIxOTk2Njk3NzkxMDgxNzAwMCIsInRpbWV6b25lIjoxLCJ2ZXIiOiIzLjExMS4wIiwidGFnX2lkIjoyMzYyNiwic2NyZWVuX3Jlc29sdXRpb24iOiIxNjAweDEyMDAiLCJhZGJsb2NrIjowLCJ0aW1lem9uZV9vbHNvbiI6IkV1cm9wZS9BbXN0ZXJkYW0iLCJ1dG1fc291cmNlIjoiIiwidXRtX21lZGl1bSI6IiIsInV0bV9jYW1wYWlnbiI6IiIsInV0bV9jb250ZW50IjoiIiwibW0iOjAsImluaXRfc3RhcnRfbGF0ZW5jeSI6MC4zLCJpc192MiI6MSwiaXNfdjJfZW1wdHkiOm51bGwsInVzZXJfa2V5d29yZHMiOiIlRDAlQTElRDElOEIlRDAlQkQlMkMlRDAlQkYlRDAlQkUlMkMlRDAlQkYlRDElODAlRDAlQjglRDAlQkQlRDElODMlRDAlQjYlRDAlQjQlRDAlQjUlRDAlQkQlRDAlQjglRDElOEUlMkMlRDElODIlRDElODAlRDAlQjAlRDElODUlRDAlQkQlRDElODMlRDAlQkIlMkMlRDAlQkMlRDAlQjAlRDElODIlRDElOEMlMkMlRDAlQjIlMkMlRDElODElRDAlQjUlRDAlQkElRDElODElRDElODMlRDAlQjAlRDAlQkIlRDElOEMlRDAlQkQlRDAlQkUlRDAlQkMlMkMlRDAlQjElRDAlQjUlRDAlQkIlRDElOEMlRDAlQjUlMkMlRDAlQjglMkMlRDAlQjclRDAlQjAlRDAlQkIlRDAlQjglRDAlQkIlMkMlRDAlQjUlRDAlQjUlMkMlRDAlQkIlRDAlQjglRDElODYlRDAlQkUlMkMlRDElODElRDAlQkYlRDAlQjUlRDElODAlRDAlQkMlRDAlQkUlRDAlQjklMkMlRTIlOEMlOUElMkMxOSUzQTIwJTJDJUQwJUEwJUQxJTgzJUQxJTgxJUQxJTgxJUQwJUJBJUQwJUJFJUQwJUI1JTJDJUQwJTlGJUQwJUJFJUQxJTgwJUQwJUJEJUQwJUJFJTJDJUUyJTg0JTk2JTJDMTIxMjYlMkMlRDAlOUMlRDAlQjAlRDAlQkMlRDAlQjAlMkMlRDAlQjIlRDAlQkUlRDElODElRDAlQkYlRDAlQjglRDElODIlRDElOEIlRDAlQjIlRDAlQjAlRDAlQjUlRDElODIlMkMlRDElODElRDElOEIlRDAlQkQlRDAlQjAlMkMlRDAlQkQlRDAlQjAlMkMlRDAlQkElRDElODMlRDElODUlRDAlQkQlRDAlQjUlMkMlRDAlQkQlRDAlQkUlMkMlRDAlQkUlRDElODIlRDAlQkMlRDAlQkUlRDElODAlRDAlQkUlRDAlQjclRDAlQkUlRDAlQkElMkMlRDAlQjIlRDAlQkMlRDAlQjUlRDElODElRDElODIlRDAlQkUlMkMlRDElODIlRDAlQkUlRDAlQjMlRDAlQkUlMkMlRDElODclRDElODIlRDAlQkUlMkMlRDAlQjElMkMlRDAlQkYlRDAlQkUlRDElODElRDAlQkIlRDElODMlRDElODglRDAlQjAlRDElODIlRDElOEMlRDElODElRDElOEYlMkMlRDAlQkMlRDAlQjAlRDElODIlRDElOEMlMkMlRDElODElRDAlQkQlRDElOEYlRDAlQkIlMkMlRDElODElMkMlRDAlQkQlRDAlQjUlRDAlQjUlMkMlRDAlQkUlRDAlQjQlRDAlQjUlRDAlQjYlRDAlQjQlRDElODMlMkMlRDAlQjglMkMlRDAlQjclRDAlQjAlRDElODElRDElODIlRDAlQjAlRDAlQjIlRDAlQjglRDAlQkIlMkMlRDAlQkMlRDAlQjAlRDAlQkMlRDElODMlMkMlRDElODElRDAlQkUlRDElODElRDAlQjAlRDElODIlRDElOEMlMkMlRDElODElRDAlQjIlRDAlQkUlRDAlQjklMkMlRDElODclRDAlQkIlRDAlQjUlRDAlQkQlMkMlRDAlOTYlRDAlQjUlRDAlQkQlRDElODklRDAlQjglRDAlQkQlRDAlQjAlMkMlRDElODElRDAlQkQlRDAlQjAlRDElODclRDAlQjAlRDAlQkIlRDAlQjAlMkMlRDElODElRDAlQkUlRDAlQkYlRDElODAlRDAlQkUlRDElODIlRDAlQjglRDAlQjIlRDAlQkIlRDElOEYlRDAlQkIlRDAlQjAlRDElODElRDElOEMlMkMlRDAlQkQlRDAlQkUlMkMlRDAlQkYlRDAlQkUlRDElODIlRDAlQkUlRDAlQkMlMkMlRDAlQjUlRDAlQjUlMkMlRDAlQjQlRDAlQjIlRDAlQjglRDAlQjYlRDAlQjUlRDAlQkQlRDAlQjglRDElOEYlMkMlRDElODElRDElODIlRDAlQjAlRDAlQkQlRDAlQkUlRDAlQjIlRDAlQjglRDAlQkIlRDAlQjglRDElODElRDElOEMlMkMlRDAlQjIlRDElODElRDAlQjUlMkMlRDAlQkIlRDAlQjAlRDElODElRDAlQkElRDAlQkUlRDAlQjIlRDAlQjUlRDAlQjUlMkMlRDAlQjglMkMlRDAlQkIlRDAlQjAlRDElODElRDAlQkElRDAlQkUlRDAlQjIlRDAlQjUlRDAlQjUlMkMlRDAlOUYlRDAlQjAlRDElODAlRDAlQjUlRDAlQkQlRDElOEMlMkMlRDAlQkQlRDAlQjUlMkMlRDAlQkUlRDElODIlRDAlQkYlRDElODMlRDElODElRDAlQkElRDAlQjAlRDAlQkIlMkMlRDAlQjYlRDAlQjUlRDAlQkQlRDElODklRDAlQjglRDAlQkQlRDElODMlMkMlRDAlQjIlMkMlRDElODElRDAlQjUlRDAlQkElRDElODElRDElODMlRDAlQjAlRDAlQkIlRDElOEMlRDAlQkQlRDAlQkUlRDAlQkMlMkMlRDAlQjElRDAlQjUlRDAlQkIlRDElOEMlRDAlQjUlMkMlRDAlQkYlRDAlQkUlRDAlQkElRDAlQjAlMkMlRDAlQkQlRDAlQjUlMkMlRDAlQkYlRDAlQkUlRDAlQkIlRDElODMlRDElODclRDAlQjglRDAlQkIlMkMlRDAlQjYlRDAlQjUlRDAlQkIlRDAlQjAlRDAlQjUlRDAlQkMlRDAlQkUlRDAlQjUlMkMlRDAlQjAifQ==
Requested by: Host: js.wpadmngr.com
URL: https://js.wpadmngr.com/static/adManager.m.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.133.44.52 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx/1.18.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ruspornusha.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 19 Mar 2024 14:03:07 GMT
server: nginx/1.18.0
vary: Origin
access-control-allow-methods: *
access-control-allow-origin: *
cache-control: no-transform, no-cache, no-store, must-revalidate
access-control-allow-headers: Content-Type
content-length: 0

GET
H2 204 info
notification.tubecup.net/med/ 0
198 B 65ms
21ms Image
text/plain 88.198.204.166
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://notification.tubecup.net/med/info?tag_id=23626
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 88.198.204.166 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.88-198-204-166.clients.your-server.de
Software: nginx/1.18.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ruspornusha.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 19 Mar 2024 14:03:07 GMT
server: nginx/1.18.0
vary: Origin
access-control-allow-methods: *
access-control-allow-origin: *
cache-control: no-transform, no-cache, no-store, must-revalidate
access-control-allow-headers: Content-Type

GET
H2 200 ipnpush.m.js Show response
js.wpushsdk.com/npc/sdk/wpu/ 162 KB
45 KB 61ms
26ms Script
application/javascript 45.133.44.52
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://js.wpushsdk.com/npc/sdk/wpu/ipnpush.m.js
Requested by: Host: js.wpadmngr.com
URL: https://js.wpadmngr.com/static/adManager.m.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.133.44.52 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx/1.18.0 /
Resource Hash: d6e81ab2e5a3106260249f0353c842804b9cfc9851805a22d74566f4f76e729e

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ruspornusha.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

expires: Tue, 19 Mar 2024 14:08:07 GMT
date: Tue, 19 Mar 2024 14:03:07 GMT
content-encoding: gzip
last-modified: Tue, 19 Mar 2024 09:31:48 GMT
server: nginx/1.18.0
etag: W/"65f95b84-28827"
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=300
x-proxy-cache: HIT

GET
H2 200 build.js Show response
js.canstrm.com/in-stream-ad-admanager/ 13 KB
5 KB 236ms
13ms Script
application/javascript 45.133.44.52
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://js.canstrm.com/in-stream-ad-admanager/build.js
Requested by: Host: js.wpadmngr.com
URL: https://js.wpadmngr.com/static/adManager.m.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.133.44.52 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx/1.18.0 /
Resource Hash: 1cb860e08e91259237708f250a94a56fa406b9b2abcaa62ec1b84673c09d0866

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ruspornusha.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

expires: Tue, 19 Mar 2024 14:08:08 GMT
date: Tue, 19 Mar 2024 14:03:08 GMT
content-encoding: gzip
last-modified: Mon, 18 Mar 2024 09:57:21 GMT
server: nginx/1.18.0
etag: W/"65f81001-3217"
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=300
x-proxy-cache: HIT

POST
H/1.1 200
OK fp Show response
fp.metricswpsh.com/ 60 B
433 B 74ms
25ms XHR
application/json 157.90.84.242
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://fp.metricswpsh.com/fp?tag_id=23626
Requested by: Host: js.wpadmngr.com
URL: https://js.wpadmngr.com/static/adManager.m.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 157.90.84.242 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.242.84.90.157.clients.your-server.de
Software: nginx/1.20.1 /
Resource Hash: c93f291c790abdd3646053bcc74357a4695f37df7b3f9bb5b9a183b1ec1c7464

Request headers

Referer: https://ruspornusha.cc/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
Content-Type: application/json;charset=UTF-8

Response headers

Date: Tue, 19 Mar 2024 14:03:07 GMT
Server: nginx/1.20.1
Vary: Origin
Content-Type: application/json; charset=UTF-8
Access-Control-Allow-Origin: https://ruspornusha.cc
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 60

OPTIONS
H/1.1 204
No Content fp
fp.metricswpsh.com/ Frame 0
0 76ms
23ms Preflight 157.90.84.242
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://fp.metricswpsh.com/fp?tag_id=23626
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 157.90.84.242 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.242.84.90.157.clients.your-server.de
Software: nginx/1.20.1 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://ruspornusha.cc
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: content-type
Access-Control-Allow-Methods: GET,HEAD,PUT,PATCH,POST,DELETE
Access-Control-Allow-Origin: https://ruspornusha.cc
Connection: keep-alive
Date: Tue, 19 Mar 2024 14:03:07 GMT
Server: nginx/1.20.1
Vary: Origin Access-Control-Request-Method Access-Control-Request-Headers

GET
H2 200 6322 Show response
rdrctgoweb.com/osvald/ Frame CD5B 42 B
383 B 28ms
28ms Script
text/html 2a05:93c4:27::1
SERVERS-COM

General

Check archive.org

Show headers Download Go to

Full URL

https://rdrctgoweb.com/osvald/6322?n=bm446Dh&ab=0&ts=1710856988013&fg=33998b370a3dfdb534da32766b4ecb49&&rt=0&id=1710856988013&tz=-60&ps=1710856987073&meta%5Bwidth%5D=1600&meta%5Bheight%5D=1200&meta%5Bratio%5D=1&meta%5Bram%5D=8&meta%5Bgpu%5D=Intel%20Iris%20OpenGL%20Engine&meta%5BcolorDepth%5D=24&meta%5Bgamut%5D=srgb&meta%5Bcores%5D=17&meta%5BhashG%5D=7363124689&meta%5BhashC%5D=13.667&&&meta%5Bhints%5D%5Bmobile%5D=0&meta%5Bhints%5D%5Bwow64%5D=0&action=init

Requested by

Host: rdrctgoweb.com
URL: https://rdrctgoweb.com/sweetie/hello.min.js?id=1699421342

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a05:93c4:27::1 , Netherlands, ASN7979 (SERVERS-COM, US),

Reverse DNS

Software

nginx/1.21.6 /

Resource Hash

7a0fc6b703bd226001feaabff20cb18d6f807e3a5290d0d460ceee7407d202a4

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ruspornusha.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Tue, 19 Mar 2024 14:03:08 GMT
content-encoding: gzip
server: nginx/1.21.6
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64, Sec-CH-UA-Model
x-frame-options: SAMEORIGIN
content-type: text/html; charset=utf-8
access-control-allow-origin
access-control-allow-credentials: true

GET
H2 200 clickadilla-vast.min.js Show response
js.canstrm.com/pb/downloads/latest/ 138 KB
139 KB 20ms
20ms Script
application/javascript 45.133.44.52
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://js.canstrm.com/pb/downloads/latest/clickadilla-vast.min.js
Requested by: Host: js.canstrm.com
URL: https://js.canstrm.com/in-stream-ad-admanager/build.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.133.44.52 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx/1.18.0 /
Resource Hash: 32553ef551109c5b688456fe950b5a13d5cc022bbb4264ff38ab042be4493fe1

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ruspornusha.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

expires: Tue, 19 Mar 2024 14:08:08 GMT
date: Tue, 19 Mar 2024 14:03:08 GMT
last-modified: Mon, 18 Mar 2024 09:57:21 GMT
server: nginx/1.18.0
etag: "65f81001-22899"
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=300
accept-ranges: bytes
content-length: 141465
x-proxy-cache: HIT

GET
H3

403

identifier
accounts.google.com/v3/signin/
Redirect Chain

https://accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fm.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube
https://accounts.google.com/InteractiveLogin?continue=https://m.youtube.com/favicon.ico&hl=en&passive=true&service=youtube&uilel=3&ifkv=ARZ0qKKccKeYI1oie3pWdLaJMCWQRS_73WwtPduPrPwmHnnRtKfIcIDxorQK_...
https://accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fm.youtube.com%2Ffavicon.ico&hl=en&ifkv=ARZ0qKIhfJ-Ht7RSNRbCB_uSgPEZqQVXx0VtpHJC-bvupIsltN1N3QG0Ui0uTg2kL8g4uK1cuMXo&passive=t...

0
0

41ms
41ms

Image
text/html

2a00:1450:400c:c0a::54
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fm.youtube.com%2Ffavicon.ico&hl=en&ifkv=ARZ0qKIhfJ-Ht7RSNRbCB_uSgPEZqQVXx0VtpHJC-bvupIsltN1N3QG0Ui0uTg2kL8g4uK1cuMXo&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S-1828571268%3A1710856988157381&theme=glif&ddm=0
Protocol: H3
Server: 2a00:1450:400c:c0a::54 Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Redirect headers

date: Tue, 19 Mar 2024 14:03:08 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-dZ5LvSOhKEJ6RuXXW84aoQ' 'unsafe-inline' 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport, require-trusted-types-for 'script';report-uri /cspreport
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 429
x-xss-protection: 1; mode=block
pragma: no-cache
server: GSE
x-frame-options: DENY
report-to: {"group":"coop_gse_qebhlk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gse_qebhlk"}]}
content-type: text/html; charset=UTF-8
location: https://accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fm.youtube.com%2Ffavicon.ico&hl=en&ifkv=ARZ0qKIhfJ-Ht7RSNRbCB_uSgPEZqQVXx0VtpHJC-bvupIsltN1N3QG0Ui0uTg2kL8g4uK1cuMXo&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S-1828571268%3A1710856988157381&theme=glif&ddm=0
cache-control: no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy-report-only: same-origin; report-to="coop_gse_qebhlk"
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ipmain.m.js Show response
js.wpushsdk.com/skins/ 459 KB
108 KB 17ms
17ms Script
application/javascript 45.133.44.52
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://js.wpushsdk.com/skins/ipmain.m.js
Requested by: Host: js.wpushsdk.com
URL: https://js.wpushsdk.com/npc/sdk/wpu/ipnpush.m.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.133.44.52 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx/1.18.0 /
Resource Hash: f76863be1d9a0858e0783b00048d67fbd3e9d372301a6a7b53fd831b4f0455ea

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ruspornusha.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

expires: Tue, 19 Mar 2024 14:08:08 GMT
date: Tue, 19 Mar 2024 14:03:08 GMT
content-encoding: gzip
last-modified: Thu, 14 Mar 2024 12:50:55 GMT
server: nginx/1.18.0
etag: W/"65f2f2af-72d5b"
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=300
x-proxy-cache: HIT

GET
H2 200 dip Show response
nereserv.com/in/ 0
201 B 76ms
24ms XHR
text/plain 167.235.163.216
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://nereserv.com/in/dip?site=native-push&wl=1&event_id=bb278dd3-cd8e-4cf3-b4f5-6e9cce8b6706&subid=1246705633&sid=2994149309&spot_id=17117&created_at=2024-03-19&timezone=1&ver=7.271.0-b&is_native=1
Requested by: Host: js.wpushsdk.com
URL: https://js.wpushsdk.com/npc/sdk/wpu/ipnpush.m.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 167.235.163.216 Bühl, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.216.163.235.167.clients.your-server.de
Software: nginx/1.20.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ruspornusha.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 19 Mar 2024 14:03:08 GMT
server: nginx/1.20.1
vary: Origin
access-control-allow-methods: *
access-control-allow-origin: *
cache-control: no-transform, no-cache, no-store, must-revalidate
access-control-allow-headers: Content-Type
content-length: 0

OPTIONS
H2 204 multy
1173fc98f8.871981043f.com/in/ Frame 0
0 86ms
25ms Preflight 2a01:4f8:1060:13eb::2
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://1173fc98f8.871981043f.com/in/multy
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a01:4f8:1060:13eb::2 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: nginx/1.20.1 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://ruspornusha.cc
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

access-control-allow-headers: Content-Type
access-control-allow-methods: *
access-control-allow-origin: *
cache-control: no-transform, no-cache, no-store, must-revalidate
date: Tue, 19 Mar 2024 14:03:08 GMT
pragma: no-cache
server: nginx/1.20.1
vary: Origin

POST
H2 200 multy Show response
1173fc98f8.871981043f.com/in/ 37 KB
6 KB 343ms
342ms XHR
application/json 2a01:4f8:1060:13eb::2
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://1173fc98f8.871981043f.com/in/multy
Requested by: Host: js.wpushsdk.com
URL: https://js.wpushsdk.com/npc/sdk/wpu/ipnpush.m.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a01:4f8:1060:13eb::2 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: nginx/1.20.1 /
Resource Hash: ec90bd8ce35ce063cd62660b4eb153d3a967375031965c02d7e79b44fb84eb64

Request headers

Referer: https://ruspornusha.cc/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
Content-Type: application/json;charset=UTF-8

Response headers

pragma: no-cache
date: Tue, 19 Mar 2024 14:03:08 GMT
content-encoding: gzip
server: nginx/1.20.1
vary: Origin
access-control-allow-methods: *
content-type: application/json
access-control-allow-origin: *
cache-control: no-transform, no-cache, no-store, must-revalidate
access-control-allow-headers: Content-Type
content-length: 6019

GET
H2 200 5424 Show response
trandgid.com/get-pro/ 1 KB
2 KB 210ms
171ms XHR
application/javascript 2606:4700:20::ac43:492d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://trandgid.com/get-pro/5424?source=&page=https%3A%2F%2Fruspornusha.cc%2Fvideo%2F12126%2F&res_type=desktop&fingerprint=ba950bb0b002349a10ef30f51a98864f&792465
Requested by: Host: trandgid.com
URL: https://trandgid.com/lhzbsrfkjf/js/5424?r=&11882
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:492d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5a592ecd8c964c82e544d55a1ec1f00b33d574a119164c8c4c06dc83cb3c5db1

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ruspornusha.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Tue, 19 Mar 2024 14:03:08 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: https://ruspornusha.cc
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=XaM49rHO72Ca2Twk9f1moQhGBb%2Fc%2FgDKYIC6d6v5gl%2FJHTlG16YL1LaPsDyJ6JGLQfBIFdrCOyx0Wg7fz2hZfN6Lm6oelwhx41OfrjNhosSq5ycXB1dpz1NPWjjdGgNfZRc7hq4xPZPFww%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-expose-headers: Content-Length,Content-Range
access-control-allow-credentials: true
cf-ray: 866e010f8f1265f7-AMS
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range

OPTIONS
H2 204 vast
vast.yomeno.xyz/ Frame 0
0 82ms
20ms Preflight
text/plain 2a02:128:7:4966::2
SERVEREL-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://vast.yomeno.xyz/vast
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a02:128:7:4966::2 , Czech Republic, ASN50245 (SERVEREL-AS, US),
Reverse DNS
Software: nginx/1.20.1 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://ruspornusha.cc
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://ruspornusha.cc
content-length: 0
content-type: text/plain; charset=utf-8
date: Tue, 19 Mar 2024 14:03:08 GMT
server: nginx/1.20.1

POST
H2 200 vast Show response
vast.yomeno.xyz/ 2 KB
2 KB 325ms
325ms XHR
application/json 2a02:128:7:4966::2
SERVEREL-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://vast.yomeno.xyz/vast
Requested by: Host: js.canstrm.com
URL: https://js.canstrm.com/in-stream-ad-admanager/build.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a02:128:7:4966::2 , Czech Republic, ASN50245 (SERVEREL-AS, US),
Reverse DNS
Software: nginx/1.20.1 /
Resource Hash: f60f9918c81be6d31e8795a80800631c0628be84398143dc4335dee120003065

Request headers

Referer: https://ruspornusha.cc/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
Content-Type: application/json;charset=UTF-8

Response headers

pragma: no-cache
date: Tue, 19 Mar 2024 14:03:08 GMT
content-encoding: gzip
server: nginx/1.20.1
vary: Accept-Encoding, *
content-type: application/json; charset=utf-8
access-control-allow-origin: https://ruspornusha.cc
access-control-expose-headers: Content-Length,Content-Range
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true

GET
H2 200 6322 Show response
rdrctgoweb.com/osvald/ Frame CD5B 32 B
376 B 208ms
208ms Script
text/html 2a05:93c4:27::1
SERVERS-COM

General

Check archive.org

Show headers Download Go to

Full URL

https://rdrctgoweb.com/osvald/6322?n=bmLbY49&ab=0&ts=1710856988193&fg=33998b370a3dfdb534da32766b4ecb49&&rt=0&id=1710856988013&tz=-60&ps=1710856987073&meta%5Bwidth%5D=1600&meta%5Bheight%5D=1200&meta%5Bratio%5D=1&meta%5Bram%5D=8&meta%5Bgpu%5D=Intel%20Iris%20OpenGL%20Engine&meta%5BcolorDepth%5D=24&meta%5Bgamut%5D=srgb&meta%5Bcores%5D=17&meta%5BhashG%5D=7363124689&meta%5BhashC%5D=13.667&&&meta%5Bhints%5D%5Bmobile%5D=0&meta%5Bhints%5D%5Bwow64%5D=0&action=link&userAgent=Mozilla%2F5.0%20%28Windows%20NT%2010.0%3B%20Win64%3B%20x64%29%20AppleWebKit%2F537.36%20%28KHTML%2C%20like%20Gecko%29%20Chrome%2F122.0.6261.128%20Safari%2F537.36&r=https%3A%2F%2Fruspornusha.cc%2Fvideo%2F12126%2F&location=https%3A%2F%2Fruspornusha.cc%2Fembed%2F33830&title=33830&hardwareLogical=17&orientation=landscape&orientationAngle=0&resolution=1600x1200&screenWidth=1600&screenHeight=1200&devicePixelRatio=1&&

Requested by

Host: rdrctgoweb.com
URL: https://rdrctgoweb.com/sweetie/hello.min.js?id=1699421342

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a05:93c4:27::1 , Netherlands, ASN7979 (SERVERS-COM, US),

Reverse DNS

Software

nginx/1.21.6 /

Resource Hash

582af4084c4ead17a27b3b40c5e18049d0f3e0da6a5dad0f5c7429f15d9d4aa8

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ruspornusha.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Tue, 19 Mar 2024 14:03:08 GMT
content-encoding: gzip
server: nginx/1.21.6
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64, Sec-CH-UA-Model
x-frame-options: SAMEORIGIN
content-type: text/html; charset=utf-8
access-control-allow-origin
access-control-allow-credentials: true

GET
H2 200 sigma Show response
mikellli.com/ Frame CD5B 236 B
514 B 348ms
348ms Script
text/html 2a05:93c4:27::1
SERVERS-COM

General

Check archive.org

Show headers Download Go to

Full URL

https://mikellli.com/sigma?n=bmvn5VS&site=6320&userAgent=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F122.0.6261.128%20Safari%2F537.36&r=https%3A%2F%2Fruspornusha.cc%2Fvideo%2F12126%2F&location=https%3A%2F%2Fruspornusha.cc%2Fembed%2F33830&ab=false&fg=33998b370a3dfdb534da32766b4ecb49&rt=false&ts=1710856988226&title=33830&hardwareLogical=17&orientation=landscape&orientationAngle=0&resolution=1600x1200&screenWidth=1600&screenHeight=1200&devicePixelRatio=1&description=null&keywords=null

Requested by

Host: mikellli.com
URL: https://mikellli.com/who/article.min.js?id=1674651160

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a05:93c4:27::1 , Netherlands, ASN7979 (SERVERS-COM, US),

Reverse DNS

Software

nginx/1.21.6 /

Resource Hash

ce6467c8a2c55e394b1c28c05b84ae82adce262a63ce4ead05617a309e8d150c

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ruspornusha.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Tue, 19 Mar 2024 14:03:08 GMT
content-encoding: gzip
server: nginx/1.21.6
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64, Sec-CH-UA-Model
x-frame-options: SAMEORIGIN
content-type: text/html; charset=utf-8
access-control-allow-origin
access-control-allow-credentials: true

GET
H2 200 SG_083be47dfc3e28c9a68305b76181a5033bc45790_icon.webp
static.bookmsg.com/creatives/SG/ 486 B
698 B 56ms
14ms Image
image/webp 2a02:b48:8301::24
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.bookmsg.com/creatives/SG/SG_083be47dfc3e28c9a68305b76181a5033bc45790_icon.webp?pattern1=0&pattern2=0&pattern3=0&pattern4=0&pattern5=0&format=gamblingBlueMessage-view-b_r-body&mlf=1&mlc=1&st=0.02&cpa=62aecae8-f6d3-4ed6-bdf1-5a33a12862e3&prev_step_diff=433
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:b48:8301::24 , Netherlands, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx/1.24.0 /
Resource Hash: 50cb77ae9715629235f102dd53a68559df1b64416f71179dbb4aa942725790b3

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ruspornusha.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

expires: Wed, 19 Mar 2025 14:03:08 GMT
date: Tue, 19 Mar 2024 14:03:08 GMT
last-modified: Fri, 08 Dec 2023 10:18:03 GMT
server: nginx/1.24.0
etag: "6572ed5b-1e6"
content-type: image/webp
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 486
x-proxy-cache: HIT

GET
H2 200 SG_083be47dfc3e28c9a68305b76181a5033bc45790.webp
static.bookmsg.com/creatives/SG/ 1 KB
1 KB 55ms
13ms Image
image/webp 2a02:b48:8301::24
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.bookmsg.com/creatives/SG/SG_083be47dfc3e28c9a68305b76181a5033bc45790.webp
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:b48:8301::24 , Netherlands, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx/1.24.0 /
Resource Hash: 1d0d6b5176d6a48b3042a107f929bbfcefd4a057273ac488bbb7f7affd909b56

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ruspornusha.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

expires: Wed, 19 Mar 2025 14:03:08 GMT
date: Tue, 19 Mar 2024 14:03:08 GMT
last-modified: Fri, 08 Dec 2023 10:18:03 GMT
server: nginx/1.24.0
etag: "6572ed5b-42a"
content-type: image/webp
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 1066
x-proxy-cache: HIT

GET
H2 200 /
1173fc98f8.871981043f.com/in/show/ 0
201 B 72ms
27ms Image
text/plain 2a01:4f8:1060:13eb::2
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://1173fc98f8.871981043f.com/in/show/?tag_ab=b&site_id=3117117&adblock=0&testab=2&auction_host=&mm=0&yc=0&render_type=hq&pr=&banner_width=300&banner_height=100&user_keywords=&device_theme=light&v2_track=0&v2=1&conditions=dch_ip&ssp=3964&page=https%3A%2F%2Fruspornusha.cc%2Fvideo%2F12126%2F&refdom=ruspornusha.cc&auction_time=1710856988&subid=1246705633&sid=2994149309&tcid=0&ver=7.271.0-b&ver_c=&spot_id=17117&utm_source=&utm_medium=&utm_campaign=&utm_content=&created_at=2024-03-19&iabcat=IAB25-3&keywords=adult&user_fp=4987626530529057372&score=100&durl=https%3A%2F%2Fkts.dasdaily.com%2Fin%2F1546%2F%3Fad_sub%3D1246705633%26spot_id%3D17117%26is_adult%3D1%26p%3Dhttps%253A%252F%252Fruspornusha.cc%252Fvideo%252F12126%252F%26idzone%3D0%26sid%3D1886&is_cpm=0&resp_type=&crid=&crtid=b0681ff5c1739e7f8bdbb8527f77d810&url=https%3A%2F%2Fr-eu.tsyndicate.com%2Fdo2%2Fdirect%3Fc%3DAPeIQFMmDJkycuaI0HGDhYgwY-gsjOGQDpyFIuC8uVjxDEYxM2rUEHOjBo4WZsqYudGCxowZLMPMMDOjxY0cOMnUkBHjBhkaYkQ4nCMmDRmFOraIiCGDho0bMGrYeCmii8MxbpDicOkwTJ0xGGXAuBEDB9kaMWLAgIkDBwwbMmoIFVGUDMY0dMq0-RJjrkE7C2XMcIrDIZw6QXXUCCmjK5yLOnjWyEFjKByJOmbgmGHDxliHZfDQ-TLnMsaeaW_MHdMGMo0cNtRSfEjGzMKGdN24WTgjBg0clGE4bOPGow4aNGDgaJyRuPGeMN46rNNXx0A6FufoePHizBsXxMOUbuNizJs2L-a0CSPH4sYXZcaMtJHDjI0xY2PIHGOGjOAwNJjhWxg3zFCGW_cB5VQY_eVQRoFhvGWQGDSUIUNnNIhEBhk3kGWGGT_UMQdCSZDRA1Q5MDiGZmUslpIYNRS4HGxmuNSWGWOUdANJMc6YIRk2hFGDSrWVcaAYB4o0Bg42-EcGDDFwUUd0F7ahF5JylNgDEVIIucQVMDCRRRJX6MEEFWfQ4QYabeThxBl1EPEGDjH0V5JmnHl2U280lBTFG1BcccUYapRRxBuIRYFHGU3QYcMRYrRgXg5PGjHGEHVQAYccZlRhhRFOyMDGE3bosUQYYH7hBhJWHCEDGkbgkYYTRCwRAxxlHDGEGWcMIcUXVWjxRR1VLFHGG1i0QMUVTugRBxNTGNHEFGrMgAYadpCRw65KZHHDGS20IEMUdMiRhg151MBEFWzA8cUZVSTBZRVpSEmlDXMgKscYZWiJZ2dj2QvDhXDI0ANwbcEmMMEx9OAEEwvbAMcMPcxFxnkYySGiRnK4ISIaYZQH1lVhYLZFb1ZltO9CMLgQ3VgzOCSGbTq0TINvTDI3Bhx7bQpWzS7AFZVDctgBWQw1gLZzGyy7UOB0daSB0WtmwWXDYlHJkENUBd4gw1xpQCYCTzI47QJPLfdkw1x1hIFRE2_okQYbbITxQg0ug4DCFWm4cfEdc4DgBBUgqOXyDiDw7YYNNCCOB-MpgBDEY2yUcUUZYiyB190wucCZ3ksgQUUTTLAAAhtprFEGCEfEt8YbkQ-BhhznlfECU2W3bHUMLjCFAwhTMMheGpzf4PnaV_0swsNzvSHHF2Moz7xDbEjPhMVl2PGFHGWwMVGMaJmUnHAiyHHGbpHFONtB2oshx0KFicD-F228YVdkdFYmP-0TOfQGUvrb1BvwkIeF6I97NLtOdrbzAo2VxnkemwPIRPYCOxjlWLcjmw1eMJc5FC1jb6BDyZzXgjq4AS_iMh4ZctQ8DwImM3DJ0HLawpwVYuQgX1ihairCNB2gRjlSyUFbePg1H5IFiPSh4QzIZ5DtlaE0XyjZRI6IgyAOUQTZi2Ll2oOUk9UgZWEQA2bkpxKvsEEihqkey65iHBj0QQEBAQ%253D%253D%26s%3Ddc09bd331288af60d6799662bf705b50f3709cce9125bbf414244e4d863a052d1710856988&icons=9RryykLHYLTclGFntaAVkb1UK-kMWaW8W2piOWyHpqcPAX0SHG8H1ySpbPFJq8tJUalUBYXAnTop_Nn4PoWAk6ilPzxHsp47Xhro7rJnZt9IfqOPWl8CKdlCrn4cBDk8VC4iGf4Pz_6vjfBciP02uqzJzGebSOgvOzNVCrt08ddlNWqmhA&ext_cid=496101&pop_price=0.0006205&pop_ecpm=0.02579037682566512&px_id=17117&min_cpm=0.020013077513430545&out_id=1&campaign_type=lq-pop-ext&aid=2010&cid=10882&uniq=&mid=2071871511037880625&skin_id=71&vertical_id=0&skin_test=0&from_cache=0&ecpm=0.5346227886974808&cpm=0&verify_hash=2f19c32374f66c405c6c231bb18c7614&is_native=3&real_bid=0.5346227886974808&pop_real_cpm=0.6205&pop_real_bid=0.0005346227886974808&original_bid_usd=0.6205&original_bid=0.6205&exp=0&placement_type_id=0&ua_mismatch=Mozilla%2F5.0%20%28Windows%20NT%2010.0%3B%20Win64%3B%20x64%29%20AppleWebKit%2F537.36%20%28KHTML%2C%20like%20Gecko%29%20Chrome%2F122.0.6261.128%20Safari%2F537.36&ip_mismatch=2001:1af8:5000:a026:5::8&geo=NL&carrier=-&label_ids=27,108,0,4,20&need_redirect_show=0&applied_features=main-skins-settings,prod&show_count=1&expiration_timestamp=0&image_url=https%3A%2F%2Fstatic.bookmsg.com%2Fcreatives%2FSG%2FSG_083be47dfc3e28c9a68305b76181a5033bc45790.webp&site=native-push-adult&price=0.6205&hostname=auc-inpage-hz-3-b&auc_type=1&pop_type=1&is_pop_cpc=0&site_id64=&interest_vertical_ids=&mo=&ve=&timezone_olson=Europe/Amsterdam&topics=&historical_keywords=adult&pop_cpc=0.0006205&ext_campaign_id_str=496101&pattern1=0&pattern2=0&pattern3=0&pattern4=0&pattern5=0&format=gamblingBlueMessage-view-b_r-body&mlf=1&mlc=1&st=0.02&cpa=4023c853-13c6-4a4f-b5e0-98da43756e98&prev_step_diff=433
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a01:4f8:1060:13eb::2 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: nginx/1.20.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ruspornusha.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 19 Mar 2024 14:03:08 GMT
server: nginx/1.20.1
vary: Origin
access-control-allow-methods: *
access-control-allow-origin: *
cache-control: no-transform, no-cache, no-store, must-revalidate
access-control-allow-headers: Content-Type
content-length: 0

GET
DATA 200
OK truncated
/ Frame C52C 483 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 444a68f8495f8630e1a536a36db8f87ae01cc45e59a3ebf341e1568cc0904cf0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 /
1173fc98f8.871981043f.com/in/show/ 0
200 B 64ms
28ms Image
text/plain 2a01:4f8:1060:13eb::2
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://1173fc98f8.871981043f.com/in/show/?tag_ab=b&site_id=3117117&adblock=0&testab=2&auction_host=&mm=0&yc=0&render_type=hq&pr=&banner_width=300&banner_height=100&user_keywords=&device_theme=light&v2_track=0&v2=1&conditions=dch_ip&ssp=3964&page=https%3A%2F%2Fruspornusha.cc%2Fvideo%2F12126%2F&refdom=ruspornusha.cc&auction_time=1710856988&subid=1246705633&sid=2994149309&tcid=0&ver=7.271.0-b&ver_c=&spot_id=17117&utm_source=&utm_medium=&utm_campaign=&utm_content=&created_at=2024-03-19&iabcat=IAB25-3&keywords=adult&user_fp=4987626530529057372&score=100&durl=https%3A%2F%2Fkts.dasdaily.com%2Fin%2F1546%2F%3Fad_sub%3D1246705633%26spot_id%3D17117%26is_adult%3D1%26p%3Dhttps%253A%252F%252Fruspornusha.cc%252Fvideo%252F12126%252F%26idzone%3D0%26sid%3D1886&is_cpm=0&resp_type=&crid=2462481638&crtid=da6a3385cbcbca67a7600b4e216450cb&url=https%3A%2F%2Ftxukfs.xyz%2Fdsp%2Fph%2Fclcm%3Faid%3D15893706871933256804%26mid%3D0%26t%3D1710856988%26s%3D1095317%26sid%3D1826&icons=4wnqzvv6eu-8WlmPj06AiKResuZdw6NoE5HCKUx0reYgozONDlvXTAmLlNDYk0zTgW9tzhjmzQe2Tq7qMWPoIhzuNaaXi0pDtgeUV4rxBt5fMo2hbpCphNWgpAH0-YlBhe-7GkElG7OjIsM4qa8Mid76uC49rm8qP8dN814FzNLa5rK7WO2V4YE&ext_cid=0&px_id=14682170&min_cpm=0.0007317836575133486&out_id=0&campaign_type=hq&aid=2085&cid=16408&uniq=&mid=2071871511037880625&skin_id=71&vertical_id=5&skin_test=0&from_cache=0&ecpm=0.010393867599063975&cpm=0&verify_hash=ff40a5128b84f13810921304c78212da&is_native=1&real_bid=0.005892480182647728&original_bid_usd=0.0072&original_bid=0.0072&exp=0&placement_type_id=0&ua_mismatch=Mozilla%2F5.0%20%28Windows%20NT%2010.0%3B%20Win64%3B%20x64%29%20AppleWebKit%2F537.36%20%28KHTML%2C%20like%20Gecko%29%20Chrome%2F122.0.6261.128%20Safari%2F537.36&ip_mismatch=2001:1af8:5000:a026:5::8&geo=NL&carrier=-&label_ids=98,4,90,5&need_redirect_show=0&applied_features=prod,main-skins-settings&show_count=1&expiration_timestamp=0&image_url=&site=native-push-adult&price=0.0072&hostname=auc-inpage-hz-3-b&auc_type=1&pop_type=1&site_id64=&interest_vertical_ids=&mo=&ve=&timezone_olson=Europe/Amsterdam&topics=&historical_keywords=adult&pop_cpc=0.0000072&ext_campaign_id_str=&pattern1=0&pattern2=0&pattern3=0&pattern4=0&pattern5=0&format=gamblingBlueMessage-view-b_r-body&st=0.02&cpa=158f99c9-f995-40d4-8822-515a1d333af9&prev_step_diff=433
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a01:4f8:1060:13eb::2 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: nginx/1.20.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ruspornusha.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 19 Mar 2024 14:03:08 GMT
server: nginx/1.20.1
vary: Origin
access-control-allow-methods: *
access-control-allow-origin: *
cache-control: no-transform, no-cache, no-store, must-revalidate
access-control-allow-headers: Content-Type
content-length: 0

GET
H2

200

Uh3JMYdTQ03Q0HLCtBrQPeIx2vO0v7dY.png
i.wmgtr.com/cic/ Frame C52C
Redirect Chain

https://txukfs.xyz/dsp/ph/icm?aid=15893706871933256804&mid=0&sid=1826&t=1710856988&subid=14682170&pattern1=0&pattern2=0&pattern3=0&pattern4=0&pattern5=0&format=gamblingBlueMessage-view-b_r-body&st=...
https://i.wmgtr.com/cic/Uh3JMYdTQ03Q0HLCtBrQPeIx2vO0v7dY.png

13 KB
14 KB

57ms
13ms

Image
image/jpeg

45.133.44.33
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.wmgtr.com/cic/Uh3JMYdTQ03Q0HLCtBrQPeIx2vO0v7dY.png

Protocol

Server

45.133.44.33 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),

Reverse DNS

Software

nginx/1.19.0 /

Resource Hash

cda70d95191aaeb2780fe34173b7ea5b006ff31662c1ba3897613c9225913418

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

expires: Wed, 20 Mar 2024 13:03:08 GMT
date: Tue, 19 Mar 2024 14:03:08 GMT
server: nginx/1.19.0
x-frame-options: SAMEORIGIN
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=82800
x-content-type-option: nosniff
x-xss-protection: 1; mode=block
x-proxy-cache: HIT

Redirect headers

location: https://i.wmgtr.com/cic/Uh3JMYdTQ03Q0HLCtBrQPeIx2vO0v7dY.png
date: Tue, 19 Mar 2024 14:03:08 GMT
accept-ch: Sec-CH-UA-Platform-Version
server: nginx/1.18.0
content-length: 0

GET
H2 200 v.html Show response
3txxx.com/ Frame A7E7 3 KB
1 KB 70ms
21ms Document
text/html 109.206.176.116
SERVEREL-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://3txxx.com/v.html?player_url=https%3A%2F%2Fjs.canstrm.com%2Fvast-vpaid-player%2Fmain.js
Requested by: Host: js.canstrm.com
URL: https://js.canstrm.com/pb/downloads/latest/clickadilla-vast.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 109.206.176.116 Amsterdam, Netherlands, ASN50245 (SERVEREL-AS, US),
Reverse DNS: 116.176.serverel.net
Software: nginx/1.23.1 /
Resource Hash: 4e77ca044adf811188edf610d7d88ed89cb21a6199c3977fa04ef85256832a0c

Request headers

Referer: https://ruspornusha.cc/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

access-control-allow-origin: *
cache-control: max-age=300
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Tue, 19 Mar 2024 14:03:08 GMT
etag: W/"65f81001-b60"
expires: Tue, 19 Mar 2024 14:07:48 GMT
last-modified: Mon, 18 Mar 2024 09:57:21 GMT
server: nginx/1.23.1
x-nginx-cache-status: HIT
x-proxy-cache: HIT

GET
H2 200 main.js Show response
js.canstrm.com/vast-vpaid-player/ Frame A7E7 123 KB
43 KB 14ms
14ms Script
application/javascript 45.133.44.52
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://js.canstrm.com/vast-vpaid-player/main.js
Requested by: Host: 3txxx.com
URL: https://3txxx.com/v.html?player_url=https%3A%2F%2Fjs.canstrm.com%2Fvast-vpaid-player%2Fmain.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.133.44.52 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx/1.18.0 /
Resource Hash: 5195a77a186452153e10688440384853a07c4269ed1e623087e1b666e0e16e0b

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://3txxx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

expires: Tue, 19 Mar 2024 14:08:08 GMT
date: Tue, 19 Mar 2024 14:03:08 GMT
content-encoding: gzip
last-modified: Mon, 18 Mar 2024 09:57:21 GMT
server: nginx/1.18.0
etag: W/"65f81001-1edf3"
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=300
x-proxy-cache: HIT

GET
H2 200 m Show response
vast.yomeno.xyz/wrapper/ Frame A7E7 26 KB
11 KB 25ms
25ms Fetch
text/xml 2a02:128:7:4966::2
SERVEREL-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://vast.yomeno.xyz/wrapper/m?katds_ep=3k9Y1mtup90_ltKEMtMCZYmNReQy6I5IwEzuMMg2hhleR50V_Y1j9uOLJOSdOqJe5czhKdkMDpXMbyLJ
Requested by: Host: js.canstrm.com
URL: https://js.canstrm.com/vast-vpaid-player/main.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a02:128:7:4966::2 , Czech Republic, ASN50245 (SERVEREL-AS, US),
Reverse DNS
Software: nginx/1.20.1 /
Resource Hash: 1c534592b987dcf44794b8302c9049b89e6f4b6122dbcda78727ba0361f76bb2

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://3txxx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Tue, 19 Mar 2024 14:03:08 GMT
content-encoding: gzip
server: nginx/1.20.1
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/xml;charset=UTF-8
access-control-allow-origin: https://3txxx.com
access-control-expose-headers: Content-Length,Content-Range
access-control-allow-credentials: true
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,

GET
H2 200 / Show response
kts.sensitiveclick.com/in/959/ Frame A7E7 2 KB
981 B 80ms
23ms Fetch
text/xml 2a02:128:7:5241::2
SERVEREL-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://kts.sensitiveclick.com/in/959/?katds_ep=x4DwWhvjp0ojqbENUAwwjc1yr1tglv_pqzJVuoz5AkkjA7CtPKqxgY6gEFV8dT4Mtc97hQHEw9ZXfy5h-qfbOcspiSyvtdu-Bs3AwPOvQPZKor1Gw7LEj-X1QRl8x88Wva1801gHJr4B0iRvghLBq2vVTJokxgJ79n2wqJp2eqq1zutiA4vF275he_m3xtfZsC7_Ej6FDG7L_C1Do_WR5kA_2i7YXbTw9tTobn_OIpSCaPr5xXvPNI_U6xzmTeN3vT72MvIN6ENB6NSI6vqNY8iVDSlEHIBs8Kxjzp5JzhaUIlRySMmNsVSGuUTYo3zFpmFVIcVESclpTC-JOgzs2JwVqDonKqaLT_GCaLjV9cZup1OfUNNuQn7WS8tAzHMHK1eu7gGaEqcmBvR1xKVQa7DRRvJoSXvWBWYBYo-9PMXolihLIjTIBAumYTK6XvZe01wzLuvslNeSr1v9LumieLl632mhwewE5vjAIBxKy05eskVhYKIhCKgZgBsURcrb22YSNPvHNwEjJgkUJs3Frw9EFL-QQJ9iP8Jiwsh3l8xWn3-gzUYK8wsgD4oLlgbCOqasIM4TWblVthcwJHsdHjuMc6NY-H0qk4L9Oz3sXbHPPmueGA3vG8pQEWIMz1mx5lONYb01Xv3o139GUq8EcLrcRmM-swcZezhmOKVRkT_xsgSrnWSWFTrvIOY19kQ2vUdmj09NgqfDH83B-9PVDaoWq02b_HKMKyHdUYFm0dxZh07thBT_a5cYd7na_P4GvygZlzlDBz7veNhFGR6VRuna3m8NHJlxOviOeiO3_8jUdK2u7Mz-ZseuTCIqxd72TtcVtTKZtiH_Sy6fxmHBEwI50FiEayppXu6x-4pu2H2QDX9LOd76-8SzQuaSQrDPH8kkFrfU_85bJ9J_fkvtBI9QVQJ61j7rBLZyYKdrJJCOmi_b9hGhhhyWUkMisEnpd92EqxJ2nnMO57PE4VBXQErurAThDD3JuqssLb7T7FtgswusuBrMSoGJ2NssPx7CXZk_iSt1SWokpBrb9IHV4zt7Vq1ItpV4B7OT5bN2RGRCoULJPOntkVvk-5b4f1ODRiq_nCxRxK5B0HGpcV3wJXb4L_HFVgvXnpX5sJSJm0L_deLftYbHj2xYESGrfYo7VtwYLtU1vJJjYMnWrq1YmkKx6rDo-QHtnic&bid=0.23533400000000002
Requested by: Host: js.canstrm.com
URL: https://js.canstrm.com/vast-vpaid-player/main.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a02:128:7:5241::2 , Czech Republic, ASN50245 (SERVEREL-AS, US),
Reverse DNS
Software: nginx/1.20.1 /
Resource Hash: ccbe2d4a234f567a00224ec46b7ac35804b1e55f80ab9a3bf678765123ad267d

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://3txxx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

access-control-allow-origin: https://3txxx.com
date: Tue, 19 Mar 2024 14:03:08 GMT
content-encoding: gzip
access-control-allow-credentials: true
server: nginx/1.20.1
vary: Accept-Encoding
content-type: text/xml

GET
H2 200 vast Show response
r.visitstats.com/rotate/ Frame A7E7 4 KB
1 KB 77ms
19ms Fetch
text/xml 62.122.173.152
SERVEREL-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://r.visitstats.com/rotate/vast?&click_id=d05f8494-276e-406a-b9c9-4b5a4baa5d33&CAMPAIGN_ID=133876&r=VVQ8Wb&COUNTRY_ISO_CODE=NL&OS_TYPE=Windows&aus=%7B%7Bunique_set%7D%7D&DOMAIN=3txxx.com&cisaci=%5BURL_ID%5D&AD_ID=135246&pricing_model=cpm&cisai=32089&out_name=133876%7C2086%7Ccpm%7C0.4505%7C%24+0.5300&pricebox_price=0.0500&BROWSER_FAMILY=Chrome&OS_FAMILY=%5BOS_FAMILY%5D&IN_STREAM_AD_CREATIVE_ID=%5BURL_ID%5D&MOBILE_BRAND=&spot_id=39772&bidding_price=0.23533400000000002&price=0.530000&sub=1178786266&ad_sub=1178786266&utm1=tcb&utm2=1137795790-100&utm3=352-97802-8346&utm4=-11218966-0&is_cpa=
Requested by: Host: js.canstrm.com
URL: https://js.canstrm.com/vast-vpaid-player/main.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 62.122.173.152 Amsterdam, Netherlands, ASN50245 (SERVEREL-AS, US),
Reverse DNS: 62.122.173.152.serverel.net
Software: nginx/1.20.1 /
Resource Hash: 20d9e4be1872b029a3a167c6b1d0d6c1c3c1a26fec211536253d468648646cc7

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://3txxx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

access-control-allow-origin: https://3txxx.com
date: Tue, 19 Mar 2024 14:03:08 GMT
content-encoding: gzip
access-control-allow-credentials: true
server: nginx/1.20.1
vary: Accept-Encoding
content-type: text/xml

GET
H2 200 m Show response
vast.yomeno.xyz/wrapper/ Frame A7E7 26 KB
9 KB 24ms
24ms Fetch
text/xml 2a02:128:7:4966::2
SERVEREL-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://vast.yomeno.xyz/wrapper/m?katds_ep=PDsUNXyDfk45BV274JFtDkySOGUoLT5kEvF-6fk1BRmy0j7rQHWp9ezJuVKdv9YS47mGEgJj1WwXYpbq
Requested by: Host: js.canstrm.com
URL: https://js.canstrm.com/vast-vpaid-player/main.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a02:128:7:4966::2 , Czech Republic, ASN50245 (SERVEREL-AS, US),
Reverse DNS
Software: nginx/1.20.1 /
Resource Hash: f44520a8558c0e70d15aeb1e58580c5aae616dce6b569632c89f5198ee2bc58b

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://3txxx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Tue, 19 Mar 2024 14:03:08 GMT
content-encoding: gzip
server: nginx/1.20.1
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/xml;charset=UTF-8
access-control-allow-origin: https://3txxx.com
access-control-expose-headers: Content-Length,Content-Range
access-control-allow-credentials: true
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,

GET
H2 204 /
kts.cvastico.com/in/vmon/ 0
0 81ms
25ms Fetch 2a02:128:7:5417::2
SERVEREL-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://kts.cvastico.com/in/vmon/?title=In-stream%20Ad&system=SSP%20LINK%20Wrapper%2CClickadilla%2CClickadilla&type=vast&mediafile=https%3A%2F%2Fimdn.pics%2Fm%2Fp%2F0%2F696%2F696533%2FQQSkNrIh.mp4&click=https%3A%2F%2Fneq.denebalgiedi.top%2F%3Fpl%3DkT4A6zYfe0u28gwjXLADiw%26sub_id%3D3txxx.com&katds_ep=O8M7dhoQOzRd63cedIrcAkOjQxszZSDdCiOnGIfrAVYsYVBu1G3Grdxo5JQGSLQ5-CjmI91jyo-0mGf3LPpMZadfqhGXVeckeFz3BQAJUynlZ8I4FHRjnXaLrXzCWN_JMvJZYic
Requested by: Host: js.canstrm.com
URL: https://js.canstrm.com/pb/downloads/latest/clickadilla-vast.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a02:128:7:5417::2 , Czech Republic, ASN50245 (SERVEREL-AS, US),
Reverse DNS
Software: nginx/1.20.1 /
Resource Hash

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ruspornusha.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

access-control-allow-origin: https://ruspornusha.cc
pragma: no-cache
date: Tue, 19 Mar 2024 14:03:08 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server: nginx/1.20.1
vary: *

GET
H2 206 QQSkNrIh.mp4
imdn.pics/m/p/0/696/696533/ Frame A7E7 32 KB
0 52ms
13ms Media
video/mp4 45.133.44.24
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://imdn.pics/m/p/0/696/696533/QQSkNrIh.mp4
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.133.44.24 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Referer: https://3txxx.com/
Accept-Encoding: identity;q=1, *;q=0
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
Range: bytes=0-

Response headers

expires: 0
pragma: no-cache
date: Tue, 19 Mar 2024 14:03:08 GMT
last-modified: Sun, 07 Jan 2024 22:35:16 GMT
server: nginx
etag: "659b2724-146f00"
content-type: video/mp4
Content-Range: bytes 0-1339135/1339136
cache-control: no-cache, no-store, must-revalidate
Content-Length: 1339136
x-request-id: 2204863ff2b307354540094d59a80eb1
x-proxy-cache: HIT

GET
H2 200 / Show response
kts.sensitiveclick.com/in/959/ Frame A7E7 2 KB
968 B 20ms
20ms Fetch
text/xml 2a02:128:7:5241::2
SERVEREL-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://kts.sensitiveclick.com/in/959/?katds_ep=LET1g2eXqJmKkhYzhVQQFRC9mSQQKUWPqB981M2rscZJrpZXZ8wlaLcACLbTETbVri_95lv6pUL7wCmpeWbkzBHgXHknRt8dg1wbxQnou6iv3NCUe_x0roBdBSUwTBiPqrf7wFZ_D3_wj3aAfUK3R4yaHAFl8VI228B1g3atTMeCDLy4eHyiN0S_bnnUIXn588EXVMAKU4xpDUIAxAS25L7HxipDS_Kz1_-40oaTv5-WQUsNPev_6dcHUSAzPf0VyaUBA8W50sb8AJIsb7UV6yAnUHNI4vXGnCw83TMWIPiPc_YuGxTDOgCj5qfIWQfiC3-ynGY2E27cfaptqeXd1bdDzVWmGRuh4g7gMLJiacPzg4ySzhyvFI9GdoJJlx9NtLmRIXeKUr7NGL-EqWEtrT8n5n2vcRybx0oH54TS8nJrIC2wD4o3UHlSokyaC-GBLLpDDEzADXdYWFkXQbp2JS2t6xIFvSIbNR5E8proXp998sXLjLv2zSlK7wL4IBBjdK2J_7HJpJkqINebo04lhPqinRHvNxLusLF7XHcjVLnroVNt0oyiD0rYPm0UADUfM5tnpSgHADEK7veLrzlm_12y8M0Y_VvzMD4yZCpxWiFEQe_g7MJUXAalf83XgSSzdcYFCYXcfztJy5ALnE_Zq3x7rUNMYKTDGXTcb_ZEVW3TVMBzWaEq3GIx51JIJGinTHdyojwgTj92p3e-CpdToUyYYA0WHqeJDws1DbzJtkb0NApvPo3rXlHC-3JOF8YMFp8nUlYR6l-lSk19ATsAKycH4gcHcjpjtJM1cnXKCHVv0of9ihHxzdwzMueQD7JqQT9zHuBLfK6f16YNczMnOvuafPZoKYbHXPX8-ZerkTPHZkWD38Gd6VAAe2BHgGAq0e_wDsv6UPpRARqL7ti3WEzwwPluNj94hgOR1Qf_jEdeYVpObcnIp70GsdpPExICrTNypXctXxawYQyivTny5pEFjEzXx8B1jRMm6JS1xhFfYdV6smrIWAkKYQ0CV0nYrmyVbHwcuLbgH34vcN06bQKyIoep27-5b0YjSipyUmYfLVihiA_1kDXvhsWUADuOvwtzFxXlnfsZFg5ZKoPImcfF2yZPDb6eibTN1WYEZpunMkkjOml50euvWEOfo8qfKk9jQFR_3EFyMMwNpa6ujTJ1FhEAdQ&bid=0.051
Requested by: Host: js.canstrm.com
URL: https://js.canstrm.com/vast-vpaid-player/main.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a02:128:7:5241::2 , Czech Republic, ASN50245 (SERVEREL-AS, US),
Reverse DNS
Software: nginx/1.20.1 /
Resource Hash: 018474d53a53aa82f7997a1c6b3a315f856fd52fd6130810eb7d06953480ce38

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://3txxx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

access-control-allow-origin: https://3txxx.com
date: Tue, 19 Mar 2024 14:03:08 GMT
content-encoding: gzip
access-control-allow-credentials: true
server: nginx/1.20.1
vary: Accept-Encoding
content-type: text/xml

GET
H2 200 vast Show response
r.visitstats.com/rotate/ Frame A7E7 4 KB
1 KB 21ms
21ms Fetch
text/xml 62.122.173.152
SERVEREL-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://r.visitstats.com/rotate/vast?&MOBILE_BRAND=&BROWSER_FAMILY=Chrome&DOMAIN=3txxx.com&click_id=d05f8494-276e-406a-b9c9-4b5a4baa5d33&r=JzRUmF&IN_STREAM_AD_CREATIVE_ID=%5BURL_ID%5D&aus=%7B%7Bunique_set%7D%7D&out_name=147472%7C2086%7Ccpm%7C0.0510%7C%24+0.0600&pricing_model=cpm&CAMPAIGN_ID=147472&COUNTRY_ISO_CODE=NL&OS_FAMILY=%5BOS_FAMILY%5D&AD_ID=140140&cisai=32197&cisaci=%5BURL_ID%5D&pricebox_price=0.0500&OS_TYPE=Windows&spot_id=39772&bidding_price=0.051&price=0.060000&sub=685789893&ad_sub=685789893&utm1=tcb&utm2=1137795790-100&utm3=352-120806-9226&utm4=-11218966-0&is_cpa=
Requested by: Host: js.canstrm.com
URL: https://js.canstrm.com/vast-vpaid-player/main.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 62.122.173.152 Amsterdam, Netherlands, ASN50245 (SERVEREL-AS, US),
Reverse DNS: 62.122.173.152.serverel.net
Software: nginx/1.20.1 /
Resource Hash: e89f1da4602f81db67596af29d9847581df06da5aae5093b4880b7184fc5b5d1

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://3txxx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

access-control-allow-origin: https://3txxx.com
date: Tue, 19 Mar 2024 14:03:09 GMT
content-encoding: gzip
access-control-allow-credentials: true
server: nginx/1.20.1
vary: Accept-Encoding
content-type: text/xml

GET
H2 206 QQSkNrIh.mp4
imdn.pics/m/p/0/696/696533/ Frame A7E7 28 KB
28 KB 39ms
38ms Media
video/mp4 45.133.44.24
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://imdn.pics/m/p/0/696/696533/QQSkNrIh.mp4
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.133.44.24 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx /
Resource Hash: cffddf2cd29485c4ecb9028665905fcecc1f9004ccd28ee967e1a19702ff2d83

Request headers

Referer: https://3txxx.com/
Accept-Encoding: identity;q=1, *;q=0
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
Range: bytes=1310720-

Response headers

expires: 0
pragma: no-cache
date: Tue, 19 Mar 2024 14:03:08 GMT
last-modified: Sun, 07 Jan 2024 22:35:16 GMT
server: nginx
etag: "659b2724-146f00"
content-type: video/mp4
Content-Range: bytes 1310720-1339135/1339136
cache-control: no-cache, no-store, must-revalidate
Content-Length: 28416
x-request-id: 2204863ff2b307354540094d59a80eb1
x-proxy-cache: HIT

GET
H2 206 QQSkNrIh.mp4
imdn.pics/m/p/0/696/696533/ Frame A7E7 848 KB
0 16ms
16ms Media
video/mp4 45.133.44.24
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://imdn.pics/m/p/0/696/696533/QQSkNrIh.mp4
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.133.44.24 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Referer: https://3txxx.com/
Accept-Encoding: identity;q=1, *;q=0
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
Range: bytes=32768-

Response headers

expires: 0
pragma: no-cache
date: Tue, 19 Mar 2024 14:03:08 GMT
last-modified: Sun, 07 Jan 2024 22:35:16 GMT
server: nginx
etag: "659b2724-146f00"
content-type: video/mp4
Content-Range: bytes 32768-1339135/1339136
cache-control: no-cache, no-store, must-revalidate
Content-Length: 1306368
x-request-id: 2204863ff2b307354540094d59a80eb1
x-proxy-cache: HIT

GET
H2 204 report
vast.yomeno.xyz/ Frame A7E7 0
336 B 21ms
20ms Image
text/plain 2a02:128:7:4966::2
SERVEREL-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vast.yomeno.xyz/report?katds_ep=X3UMaZH6rlJEhu5JfhSL47d-bIDngJ9H9b9KiioAMyV0Tug-HLg5zfop5zCg3qf6qXLi9WVLIbOx9iLkajvvmyBQIaYxTBSH2ol5lgNddfLLVTLb1g77uBrgtuTrkQsmVqDclwNORqwZ7DEex-j474luNn_6IW_nI2gaMy8LpABDTfdINWmUfLhCGphoKZD2BjTDUGn89jqQecS6t4nSMxcOOdnIYYJybcOEVbAtl8-pQBnGraurFhA-8npmPvhBqoUYl3ALddYtFX17AwUMl3PlpvH5j3rNDxWhf3f2as5v-lT8FftXSphhRgoSp2FiSWGsNNKaxXkHO198N7rATNiKyjezK9aR2Aj81GIW41F2EnDl-kxHUitkYoo9m3lQRk1inXmU2ZX7Fkl56W_s5eQS1Je2rXSjWznHDAIQD_gjhrlwUOEfxZsJfM8lF1G28JGakLpb6cU7RxT7bkgUzB6JRVA9DPEgznPmUZzblkb0PvYQwq78swfE8pYODL0CFb6mkxcQSpY
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a02:128:7:4966::2 , Czech Republic, ASN50245 (SERVEREL-AS, US),
Reverse DNS
Software: nginx/1.20.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://3txxx.com/
Origin: https://3txxx.com
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 19 Mar 2024 14:03:09 GMT
server: nginx/1.20.1
vary: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://3txxx.com
access-control-expose-headers: Content-Length,Content-Range
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,

GET
H2 200 /
whoisezh.com/in/isv_starting/ Frame A7E7 0
113 B 79ms
21ms Image
application/json 2a02:128:7:4860::2
SERVEREL-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://whoisezh.com/in/isv_starting/?katds_ep=xU0fxGA-bNteZOKvJIbycwJYCv0hUd_LoKQmjHgnCC0pPhAp-mFUIpyNRhtbWWWsDBUFjHoo_7JozHvIU3Ws2vqwWevjSqhBO_t5uWJ8RT6Tym7RIf_UpBDulD0l3TcU1Sw2aFJ198rodjIb6-cz-NvM-Hr-tVKUzhCy6gunu2Z75-Kfsf4Oc9RZDdTRZG-iJ1iqIY6MQUlSyOZzF00R6jCEsSKF2VdVpd6M0rGWOJyi4RUypQPuHqdWIvbNsY7JcDEj5NnB8d2_QvRdK5QmWbPSmvMr_FGjh-pa7n96IP_VKm4O5cW8ekLg7qAnFUG6A-04GVrkRE4uHmQXo8bC27t9bAFgZWL00sZiOx78HqjsyN5RQ97McdEnsApLz8DBJlQlY4vaW7Ion46GATxUJolGBjZ8T1L8vYZh-jAxazXCnyPN8_hHTguMLYO9MXPCAwqcCJVMORjmHlc9sy8Wp4DHrwnk2uDywe5n08scRQOwjya2U8A
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a02:128:7:4860::2 , Czech Republic, ASN50245 (SERVEREL-AS, US),
Reverse DNS
Software: nginx/1.20.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://3txxx.com/
Origin: https://3txxx.com
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

access-control-allow-origin: *
date: Tue, 19 Mar 2024 14:03:08 GMT
access-control-allow-credentials: true
server: nginx/1.20.1
content-length: 0
content-type: application/json

GET /
neq.denebalgiedi.top/ Frame A7E7 0
0

GET
H2 200 jCRFBoUwPgflZtdxoEWUMWYX08lW-dyNfPlYfo_FTpccNJ2S8d8A9c6LBNZjKNafkYQAdaYl1f65QOy3SOO9Mi6VmqTFpLmDbQAcLrwgJHpmv85NrkNe6sl1Z5JI-aG97Lpg00g Show response
31825.novemberadventures.name/ 2 KB
2 KB 16ms
16ms XHR
text/plain 88.208.22.1
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://31825.novemberadventures.name/jCRFBoUwPgflZtdxoEWUMWYX08lW-dyNfPlYfo_FTpccNJ2S8d8A9c6LBNZjKNafkYQAdaYl1f65QOy3SOO9Mi6VmqTFpLmDbQAcLrwgJHpmv85NrkNe6sl1Z5JI-aG97Lpg00g?kws=&abl=0&fsb=0&pageUri=https%3A%2F%2Fruspornusha.cc%2Fvideo%2F12126%2F&referer=&bdd=%5B%22Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F122.0.6261.128%20Safari%2F537.36%22%2C%22false%22%2C%22Win32%22%2C%22WebKit%20WebGL%22%2C%22WebKit%22%2C%22Intel%20Iris%20OpenGL%20Engine%22%2C%22Intel%20Inc.%22%2C%22false%22%2C%22true%22%2C%221600%22%2C%221200%22%2C%221600%22%2C%221200%22%2C%221600%22%2C%221200%22%2C%221600%22%2C%221200%22%2C%221600%22%2C%221200%22%2C%22false%22%2C%221%22%2C%2217%22%2C%220%22%2C%22aaaaaaaacceccceffhillllmmprrsssstttellllpss%22%2C%22Tue%20Mar%2019%202024%2015%3A03%3A07%20GMT%2B0100%20(Central%20European%20Standard%20Time)%22%2C%22-60%22%2C%22en-US%22%2C%22en-US%2Cen%22%2C%22true%22%2C%22true%22%2C%224044038915%22%2C%222697903995%22%2C%222%22%2C%22false%22%2C%22%5B%5D%22%5D&prsl=1
Requested by: Host: 31825.novemberadventures.name
URL: https://31825.novemberadventures.name/v3/a/pop/js/224870
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 88.208.22.1 , Netherlands, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS: mail.armadaboard.com
Software: nginx /
Resource Hash: 828095170318427ff5314bb8092571ecf7216db051d19be99690f04ae5d05eaf

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ruspornusha.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Tue, 19 Mar 2024 14:03:10 GMT
content-encoding: gzip
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
pragma: no-cache
referrer-policy: unsafe-url
last-modified: Tue, 19 Mar 2024 14:03:10 UTC
server: nginx
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Device-Memory
vary: Accept-Encoding
access-control-max-age: 86400
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://ruspornusha.cc
accept-ch-lifetime: 31536000
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
expires: Tue, 19 Mar 2024 14:03:10 UTC

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: reallifeforyouandme_block.com
URL: https://reallifeforyouandme_block.com/services/?id=159907

Domain: neq.denebalgiedi.top
URL: https://neq.denebalgiedi.top/?pl=kT4A6zYfe0u28gwjXLADiw&sub_id=3txxx.com

Verdicts & Comments Add Verdict or Comment

136 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

4 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.yadro.ru/	1970-01-21 03:58:51	Name: FTID Value: 1b-PiR0c9lel1b-PiR001MOo
.yadro.ru/	1970-01-21 03:58:51	Name: VID Value: 0mLAtn3mm9ul1b-PiR001BdJ
.ruspornusha.cc/	1970-01-21 03:59:52	Name: cf_clearance Value: i3TT8p10F.8TAwXjiER_HE.rgDE6gNpxeu1HgEi.qCo-1710856987-1.0.1.1-xjEbp6bJlpRHBaEsVc6fwKVbZq63GWBhcE5M38Jav3g2TOS1SOCXP_UA6cApFcvg9zZTtCyo.hbP2O8fPpGxiQ
fp.metricswpsh.com/	1970-01-21 03:59:52	Name: id Value: 454239627533955139

10 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://reallifeforyouandme_block.com/services/?id=159907 Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network	error	URL: https://vidosikov.com/player/player_ads.html?advertising_id=0.019532493127785155&adzone=0.8126917758936971 Message: Failed to load resource: the server responded with a status of 404 ()
other	warning	URL: https://ruspornusha.cc/video/12126/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ruspornusha.cc/video/12126/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://ruspornusha.cc/video/12126/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
network	error	URL: https://vidosikov.com/player/player_ads.html?advertising_id=0.019532493127785155&adzone=0.8126917758936971 Message: Failed to load resource: the server responded with a status of 404 ()
other	warning	URL: https://ruspornusha.cc/video/12126/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
network	error	URL: https://accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fm.youtube.com%2Ffavicon.ico&hl=en&ifkv=ARZ0qKIhfJ-Ht7RSNRbCB_uSgPEZqQVXx0VtpHJC-bvupIsltN1N3QG0Ui0uTg2kL8g4uK1cuMXo&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S-1828571268%3A1710856988157381&theme=glif&ddm=0 Message: Failed to load resource: the server responded with a status of 403 ()
javascript	error	URL: https://3txxx.com/v.html?player_url=https%3A%2F%2Fjs.canstrm.com%2Fvast-vpaid-player%2Fmain.js Message: Access to image at 'https://neq.denebalgiedi.top/?pl=kT4A6zYfe0u28gwjXLADiw&sub_id=3txxx.com' from origin 'https://3txxx.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://neq.denebalgiedi.top/?pl=kT4A6zYfe0u28gwjXLADiw&sub_id=3txxx.com Message: Failed to load resource: net::ERR_FAILED

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

1173fc98f8.871981043f.com
31825.novemberadventures.name
3txxx.com
accounts.google.com
b8cd6b2b28.fd4115aecd.com
counter.yadro.ru
fonts.googleapis.com
fonts.gstatic.com
fp.metricswpsh.com
i.wmgtr.com
imdn.pics
jkha742.xyz
js.canstrm.com
js.capndr.com
js.wpadmngr.com
js.wpushsdk.com
kts.cvastico.com
kts.sensitiveclick.com
mikellli.com
mybmrtrg.com
na.nawpush.com
neq.denebalgiedi.top
nereserv.com
notification.tubecup.net
ntvpforever.com
pagead2.googlesyndication.com
r.visitstats.com
rdrctgoweb.com
reallifeforyouandme_block.com
riamiavid.com
ruspornusha.cc
static.bookmsg.com
storage.multstorage.com
trandgid.com
txukfs.xyz
vast.yomeno.xyz
vidosikov.com
whoisezh.com
www.facebook.com
neq.denebalgiedi.top
reallifeforyouandme_block.com
109.206.176.116
157.90.84.242
167.235.163.216
193.200.64.162
2606:4700:20::ac43:492d
2606:4700:3032::ac43:ae33
2a00:1450:4001:806::2003
2a00:1450:4001:812::2002
2a00:1450:4001:827::200a
2a00:1450:400c:c0a::54
2a01:4f8:1060:13eb::2
2a01:4f8:e0:19cb::1
2a02:128:7:4860::2
2a02:128:7:4966::2
2a02:128:7:5241::2
2a02:128:7:5417::2
2a02:b48:8301::24
2a02:b4a:1:6::3
2a03:2880:f176:181:face:b00c:0:25de
2a05:93c4:27::1
2a06:98c1:3121::3
45.133.44.24
45.133.44.33
45.133.44.52
62.122.173.152
88.198.204.166
88.208.22.1
88.212.201.198
018474d53a53aa82f7997a1c6b3a315f856fd52fd6130810eb7d06953480ce38
0812738c0cced86916ebe1917ba11c5f97aa19e47d7a8da718ca87d83e1f582a
11b598229856d89721a9f2bdc6b69ee727acb2b3df00dad45c2fffd1515b6547
17c0a1a102053b3f11374d1603d4b3d27b7a53fc06b9b8d6569824e808ca04af
1a48b70f97555c13f84b8f088a417f9179d99b5101250819350acaf6e91bb92f
1c534592b987dcf44794b8302c9049b89e6f4b6122dbcda78727ba0361f76bb2
1cb860e08e91259237708f250a94a56fa406b9b2abcaa62ec1b84673c09d0866
1d0d6b5176d6a48b3042a107f929bbfcefd4a057273ac488bbb7f7affd909b56
20d9e4be1872b029a3a167c6b1d0d6c1c3c1a26fec211536253d468648646cc7
2a8affffaa12b2ba5fc11270bb843ff8e40e2f7d14a7b0663c02040f3fa8e356
2c8301c16398817ab61aca0b5712d1c74ddffa11d07011efc5d38be0db1ddc8c
32553ef551109c5b688456fe950b5a13d5cc022bbb4264ff38ab042be4493fe1
3f1f0f532eaf57ba5f1f6ed40a1dac376db629d52d8ef2d7b6a15d13856df4f1
444a68f8495f8630e1a536a36db8f87ae01cc45e59a3ebf341e1568cc0904cf0
4c7d996ddffabca7f5a8fba7c3fa72a41f041ba7f96dfdbbd1818ec884aec396
4e77ca044adf811188edf610d7d88ed89cb21a6199c3977fa04ef85256832a0c
50cb77ae9715629235f102dd53a68559df1b64416f71179dbb4aa942725790b3
5195a77a186452153e10688440384853a07c4269ed1e623087e1b666e0e16e0b
582af4084c4ead17a27b3b40c5e18049d0f3e0da6a5dad0f5c7429f15d9d4aa8
5a592ecd8c964c82e544d55a1ec1f00b33d574a119164c8c4c06dc83cb3c5db1
6175a654aaa3415e6d1d87d092f340cdfbbcd9b1132ff0fde8cf1d38ebdb3eaa
67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2
6855b84c0f4f9e12c04fe22ff563fa465862d44e423db6e916d94ca3da927d42
68eb827a2fa6f035eab41392f863522ae5dc0d4c0c31d5245362a7f1a5aed46a
6c851ea255346c316a2c6f39dd45f373bd1f51c0c364b557a414ccaf4befd5e3
6ca1a5546b80841e76c2e3259f218e6cca0f591cdd1ac6f79bf2b4acf38008d2
6dc83628c6224d6c654f52d1b217b2cbcfe0e06fb8b56c0da0b16bbc0236c5c2
702883c266324ab39bd99b71098c399b0946998c8011bc12b676e37f497b4825
76baf7ddc2473c482726d7265054924ed50794d89cf2a16496f5b950286b8958
79822b8e31412ac5276ecf6477a5f6607e82111f1c99756868b00a96fe25d38e
7a0fc6b703bd226001feaabff20cb18d6f807e3a5290d0d460ceee7407d202a4
828095170318427ff5314bb8092571ecf7216db051d19be99690f04ae5d05eaf
85f2f9268707586e0b9fcd1212157603de031cca53e1be63bfa2f62a8010ff1e
8a7b1ca4bbf273b32ea865d4785a1944d1b2b133678d9b5fe7ee0406f6fd64b2
8cda164a8346788a16932ad07549430d0ddf6768aef3c148273b48070f2d4e4b
8e46d4f3243d2883713a032c126dfd1070734e90c1f8066f289eda0682050c77
92e34604822588130e1d951be66008b69a4975459c3ca8557c84e8b8f53cbd63
997a822e0ac349b624ca2d0cdb65b9532fd29ea12bdf699559b9a422551bcff0
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
a0ac529020d1dfb6df5c0a7232ab0696474fe93b4f230063e31bac0465eb47b3
a9711f76fc5b6303479e691ab8261d6b6f5162bd15f7b20cda5c353b355f0450
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
aa8193b7e4f8b45ff8f3764bc4f2bc035bb34da7ef9bb56d1fa85a5515b4663e
ad9da72dbc8ecf5843a484f7767824d3bd4cd20cc0a41487ec7d7837f53ae7dd
b1e7885b7e52914720b2b7c57eec1b536ab410bb7122e06bbc4bdd3cdd9d87d1
b71c20271d9c80d1a71aa0ab9935281c4fa8ac404533f1a0747d7fb03fc68e79
bcea92384333b42bda1420464675f89de3ef5b7a006bc8295b337cab5c555bbc
bf86d8eb9277b69e2c6202ca711c3b19c64a2a9a8cf4ba7bc33bdecacfb8a0b2
c2c09105f66aae3b315d3ad89255f3d5783e8e9bd19a3a3429361654fd3e4683
c85183390b23326532649a0091ba89aa4d9d1422e85535d6c00b36ec1db5ed4f
c93f291c790abdd3646053bcc74357a4695f37df7b3f9bb5b9a183b1ec1c7464
ccbe2d4a234f567a00224ec46b7ac35804b1e55f80ab9a3bf678765123ad267d
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
cd8b79123a843eee64985a23257e2fab80ef2c4c08427b688ea979671fc1c457
cda70d95191aaeb2780fe34173b7ea5b006ff31662c1ba3897613c9225913418
ce6467c8a2c55e394b1c28c05b84ae82adce262a63ce4ead05617a309e8d150c
cffddf2cd29485c4ecb9028665905fcecc1f9004ccd28ee967e1a19702ff2d83
d458117e4865c7bc787974a63cfec927231c118550324e3aaa68d0aa188cd2ba
d6e81ab2e5a3106260249f0353c842804b9cfc9851805a22d74566f4f76e729e
e11b2065bcce6124267f2445835daa7d8fa46b7b6f8c68137b6e1f484874bd37
e13296a19c623cff752620a9f03aa2b920a13ea08a1d2292ebd423a2e0feeb2c
e393ab33da5f5e3cb8a5fd7beece758d61ae71f7646f9dd100dc562aa667b723
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e409106a09c4676b55611bc757f5fb2d3e5bd92be5eefbfd53038d0283ef5137
e89f1da4602f81db67596af29d9847581df06da5aae5093b4880b7184fc5b5d1
ec686d1012de783a5024affc9215692642a7b25af322ecc177062632902e6cd5
ec90bd8ce35ce063cd62660b4eb153d3a967375031965c02d7e79b44fb84eb64
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f44520a8558c0e70d15aeb1e58580c5aae616dce6b569632c89f5198ee2bc58b
f4ffdb109b0a6827d19995efcaa1548926db779fc2bb4b3fbe57b00731285c0c
f60f9918c81be6d31e8795a80800631c0628be84398143dc4335dee120003065
f76863be1d9a0858e0783b00048d67fbd3e9d372301a6a7b53fd831b4f0455ea

ruspornusha.cc Open in urlscan Pro 2a06:98c1:3121::3 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

94 Requests

94 %HTTPS

61 %IPv6

39 Domains

39 Subdomains

28 IPs

6 Countries

1322 kBTransfer

3561 kBSize

4 Cookies

2 Outgoing links

Redirected requests

94 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 5 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

ruspornusha.cc Open in urlscan Pro
2a06:98c1:3121::3 Public Scan

Screenshot
Live screenshot

Full Image

94
Requests

94 %
HTTPS

61 %
IPv6

39
Domains

39
Subdomains

28
IPs

6
Countries

1322 kB
Transfer

3561 kB
Size

4
Cookies

94 HTTP transactions
5 data transactions