URL: https://xosoketqua.com/
Submission: On May 03 via manual from US — Scanned from GE

Summary

This website contacted 33 IPs in 9 countries across 36 domains to perform 103 HTTP transactions. The main IP is 172.67.73.4, located in United States and belongs to CLOUDFLARENET, US. The main domain is xosoketqua.com.
TLS certificate: Issued by GTS CA 1P5 on March 27th 2023. Valid for: 3 months.
This is the only time xosoketqua.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
31 172.67.73.4 13335 (CLOUDFLAR...)
2 171.244.57.133 38731 (VTDC-AS-V...)
1 104.18.21.76 13335 (CLOUDFLAR...)
1 104.16.57.101 13335 (CLOUDFLAR...)
1 151.139.128.10 20446 (STACKPATH...)
16 104.19.136.78 13335 (CLOUDFLAR...)
8 172.217.16.194 15169 (GOOGLE)
4 104.18.215.59 13335 (CLOUDFLAR...)
1 172.217.16.200 15169 (GOOGLE)
2 142.250.185.78 15169 (GOOGLE)
3 104.19.134.78 13335 (CLOUDFLAR...)
1 104.18.12.45 13335 (CLOUDFLAR...)
1 142.250.185.162 15169 (GOOGLE)
1 172.217.18.2 15169 (GOOGLE)
1 172.67.38.106 13335 (CLOUDFLAR...)
1 23.35.236.201 16625 (AKAMAI-AS)
3 172.217.18.1 15169 (GOOGLE)
1 1 23.201.255.110 16625 (AKAMAI-AS)
2 23.56.202.187 16625 (AKAMAI-AS)
1 2 34.111.113.62 396982 (GOOGLE-CL...)
3 3 52.223.40.198 16509 (AMAZON-02)
4 5 3.123.210.213 16509 (AMAZON-02)
1 63.34.98.194 16509 (AMAZON-02)
1 104.17.107.41 13335 (CLOUDFLAR...)
2 2 185.184.8.90 204995 (RTB-HOUSE...)
1 188.114.97.3 13335 (CLOUDFLAR...)
1 1 147.75.84.158 54825 (PACKET)
1 216.52.2.86 32475 (SINGLEHOP...)
2 2 109.206.161.21 50245 (SERVEREL-AS)
1 1 185.86.138.153 201081 (SMARTADSE...)
7 12 69.173.144.138 26667 (RUBICONPR...)
4 6 142.250.184.226 15169 (GOOGLE)
2 2 37.157.4.39 198622 (ADFORM)
2 2 54.155.103.238 16509 (AMAZON-02)
3 3 198.47.127.18 3257 (GTT-BACKB...)
1 1 185.64.189.110 62713 (AS-PUBMATIC)
1 1 185.64.190.81 62713 (AS-PUBMATIC)
1 141.95.33.111 16276 (OVH)
1 142.250.181.228 15169 (GOOGLE)
1 141.95.98.65 16276 (OVH)
1 1 8.39.36.141 26667 (RUBICONPR...)
1 13.107.42.14 8068 (MICROSOFT...)
1 1 54.228.39.54 16509 (AMAZON-02)
2 3 52.95.115.196 16509 (AMAZON-02)
2 3 52.46.128.147 16509 (AMAZON-02)
103 33
Apex Domain
Subdomains
Transfer
31 xosoketqua.com
xosoketqua.com
1 MB
19 mgid.com
jsc.mgid.com — Cisco Umbrella Rank: 7204
c.mgid.com — Cisco Umbrella Rank: 5726
cdn.mgid.com — Cisco Umbrella Rank: 9974
servicer.mgid.com — Cisco Umbrella Rank: 7199
s-img.mgid.com — Cisco Umbrella Rank: 5805
cm.mgid.com — Cisco Umbrella Rank: 2073
118 KB
16 rubiconproject.com
secure-assets.rubiconproject.com — Cisco Umbrella Rank: 1452
eus.rubiconproject.com — Cisco Umbrella Rank: 798
pixel.rubiconproject.com — Cisco Umbrella Rank: 447
token.rubiconproject.com — Cisco Umbrella Rank: 795
pixel-us-west.rubiconproject.com — Cisco Umbrella Rank: 8906
19 KB
9 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 129
tpc.googlesyndication.com — Cisco Umbrella Rank: 177
203 KB
7 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 67 Failed
cm.g.doubleclick.net — Cisco Umbrella Rank: 313
2 KB
6 amazon-adsystem.com
aax-eu.amazon-adsystem.com — Cisco Umbrella Rank: 994
s.amazon-adsystem.com — Cisco Umbrella Rank: 376
4 KB
6 pubmatic.com
ads.pubmatic.com — Cisco Umbrella Rank: 725
image8.pubmatic.com — Cisco Umbrella Rank: 1002
image2.pubmatic.com — Cisco Umbrella Rank: 1377
image4.pubmatic.com — Cisco Umbrella Rank: 1704
65 KB
5 bidswitch.net
x.bidswitch.net — Cisco Umbrella Rank: 427
2 KB
4 onesignal.com
cdn.onesignal.com — Cisco Umbrella Rank: 3572
onesignal.com — Cisco Umbrella Rank: 1047
82 KB
3 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 451
1 KB
2 360yield.com
ad.360yield.com — Cisco Umbrella Rank: 812
634 B
2 adform.net
c1.adform.net — Cisco Umbrella Rank: 908
1 KB
2 e-volution.ai
sync.e-volution.ai — Cisco Umbrella Rank: 5550
918 B
2 creativecdn.com
creativecdn.com — Cisco Umbrella Rank: 682
688 B
2 tapad.com
pixel.tapad.com — Cisco Umbrella Rank: 695
1 KB
2 id5-sync.com
cdn.id5-sync.com — Cisco Umbrella Rank: 1319
id5-sync.com — Cisco Umbrella Rank: 612
18 KB
2 google.com
adservice.google.com — Cisco Umbrella Rank: 130
www.google.com — Cisco Umbrella Rank: 16
2 KB
2 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 91
21 KB
1 yahoo.com
pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 689
619 B
1 linkedin.com
px.ads.linkedin.com — Cisco Umbrella Rank: 733
515 B
1 eu-1-id5-sync.com
lb.eu-1-id5-sync.com — Cisco Umbrella Rank: 1293
401 B
1 smartadserver.com
ssbsync.smartadserver.com — Cisco Umbrella Rank: 1052
347 B
1 lijit.com
ap.lijit.com — Cisco Umbrella Rank: 883
277 B
1 a-mo.net
prebid.a-mo.net — Cisco Umbrella Rank: 1379
665 B
1 rtbsystem.com
cm.rtbsystem.com — Cisco Umbrella Rank: 5605
669 B
1 idealmedia.io
cm.idealmedia.io — Cisco Umbrella Rank: 20311
143 B
1 yieldmo.com
ads.yieldmo.com — Cisco Umbrella Rank: 942
600 B
1 google.ge
adservice.google.ge — Cisco Umbrella Rank: 48171
531 B
1 googleadservices.com
partner.googleadservices.com — Cisco Umbrella Rank: 1132
608 B
1 imghosts.com
cl.imghosts.com — Cisco Umbrella Rank: 9496
409 KB
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 114
45 KB
1 dmca.com
images.dmca.com — Cisco Umbrella Rank: 11532
671 B
1 cloudflareinsights.com
static.cloudflareinsights.com — Cisco Umbrella Rank: 1274
7 KB
1 xosodaiphat.com
cdn.xosodaiphat.com — Cisco Umbrella Rank: 62499
1 docdac.vn
docdac.vn
5 KB
1 vsmb.vn
vsmb.vn
49 KB
103 36
Domain Requested by
31 xosoketqua.com xosoketqua.com
static.cloudflareinsights.com
8 cm.mgid.com jsc.mgid.com
eus.rubiconproject.com
7 pixel.rubiconproject.com 3 redirects eus.rubiconproject.com
6 cm.g.doubleclick.net 4 redirects eus.rubiconproject.com
6 pagead2.googlesyndication.com xosoketqua.com
pagead2.googlesyndication.com
tpc.googlesyndication.com
5 token.rubiconproject.com 4 redirects eus.rubiconproject.com
5 x.bidswitch.net 4 redirects
4 cdn.mgid.com jsc.mgid.com
3 s.amazon-adsystem.com 2 redirects eus.rubiconproject.com
3 aax-eu.amazon-adsystem.com 2 redirects eus.rubiconproject.com
3 image8.pubmatic.com 3 redirects
3 match.adsrvr.org 3 redirects
3 tpc.googlesyndication.com pagead2.googlesyndication.com
tpc.googlesyndication.com
3 s-img.mgid.com
2 ad.360yield.com 2 redirects
2 c1.adform.net 2 redirects
2 sync.e-volution.ai 2 redirects
2 creativecdn.com 2 redirects
2 pixel.tapad.com 1 redirects
2 eus.rubiconproject.com cm.mgid.com
eus.rubiconproject.com
2 onesignal.com cdn.onesignal.com
2 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
2 cdn.onesignal.com xosoketqua.com
cdn.onesignal.com
2 jsc.mgid.com xosoketqua.com
jsc.mgid.com
1 pr-bh.ybp.yahoo.com 1 redirects
1 px.ads.linkedin.com eus.rubiconproject.com
1 pixel-us-west.rubiconproject.com 1 redirects
1 id5-sync.com cdn.id5-sync.com
1 www.google.com tpc.googlesyndication.com
1 lb.eu-1-id5-sync.com cdn.id5-sync.com
1 image4.pubmatic.com 1 redirects
1 image2.pubmatic.com 1 redirects
1 ssbsync.smartadserver.com 1 redirects
1 ap.lijit.com
1 prebid.a-mo.net 1 redirects
1 cm.rtbsystem.com
1 cm.idealmedia.io
1 ads.yieldmo.com
1 secure-assets.rubiconproject.com 1 redirects
1 ads.pubmatic.com jsc.mgid.com
1 cdn.id5-sync.com jsc.mgid.com
1 adservice.google.com pagead2.googlesyndication.com
1 adservice.google.ge pagead2.googlesyndication.com
1 partner.googleadservices.com pagead2.googlesyndication.com
1 cl.imghosts.com
1 servicer.mgid.com jsc.mgid.com
1 c.mgid.com jsc.mgid.com
1 googleads.g.doubleclick.net pagead2.googlesyndication.com
1 www.googletagmanager.com xosoketqua.com
1 images.dmca.com xosoketqua.com
1 static.cloudflareinsights.com xosoketqua.com
1 cdn.xosodaiphat.com xosoketqua.com
1 docdac.vn xosoketqua.com
1 vsmb.vn xosoketqua.com
103 54

This site contains links to these domains. Also see Links.

Domain
docdac.vn
atrungroi.vn
vsmb.vn
www.facebook.com
news.google.com
www.youtube.com
www.dmca.com
Subject Issuer Validity Valid
*.xosoketqua.com
GTS CA 1P5
2023-03-27 -
2023-06-25
3 months crt.sh
vsmb.vn
R3
2023-03-29 -
2023-06-27
3 months crt.sh
docdac.vn
R3
2023-03-29 -
2023-06-27
3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3
2022-06-25 -
2023-06-25
a year crt.sh
images.dmca.com
R3
2023-03-14 -
2023-06-12
3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3
2023-04-17 -
2023-07-10
3 months crt.sh
*.google-analytics.com
GTS CA 1C3
2023-04-17 -
2023-07-10
3 months crt.sh
*.googleadservices.com
GTS CA 1C3
2023-04-17 -
2023-07-10
3 months crt.sh
*.google.com.ge
GTS CA 1C3
2023-04-17 -
2023-07-10
3 months crt.sh
*.google.com
GTS CA 1C3
2023-04-17 -
2023-07-10
3 months crt.sh
*.pubmatic.com
DigiCert TLS RSA SHA256 2020 CA1
2023-01-25 -
2024-01-24
a year crt.sh
tpc.googlesyndication.com
GTS CA 1C3
2023-04-17 -
2023-07-10
3 months crt.sh
*.rubiconproject.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1
2023-03-07 -
2024-04-03
a year crt.sh
rtbsystem.com
GTS CA 1P5
2023-04-29 -
2023-07-28
3 months crt.sh
*.eu-1-id5-sync.com
R3
2023-04-18 -
2023-07-17
3 months crt.sh
www.google.com
GTS CA 1C3
2023-04-17 -
2023-07-10
3 months crt.sh
*.id5-sync.com
R3
2023-04-18 -
2023-07-17
3 months crt.sh

This page contains 7 frames:

Primary Page: https://xosoketqua.com/
Frame ID: 094F97F2A4F824FD44D0EC9CFDAB3B5D
Requests: 83 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230501/r20190131/zrt_lookup.html
Frame ID: AE91908D7DA223DAB38BBD582B0A9B62
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5071155005901453&output=html&h=100&slotname=1553820594&adk=1542220757&adf=1426257581&pi=t.ma~as.1553820594&w=848&fwrn=4&fwrnh=100&lmt=1683091005&rafmt=12&format=848x100&url=https%3A%2F%2Fxosoketqua.com%2F&fwr=0&fwrattr=true&rh=100&rw=848&sfro=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1683091013012&bpp=2&bdt=7064&idt=886&shv=r20230501&mjsv=m202304270101&ptt=9&saldr=aa&abxe=1&correlator=438006875520&frm=20&pv=2&ga_vid=1391619715.1683091013&ga_sid=1683091014&ga_hid=1503431896&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=523&ady=10&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44773809%2C44759842%2C44759926%2C44759875%2C31071755%2C44788441%2C44789762%2C44790154&oid=2&pvsid=734595545216999&tmod=1449229601&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CloEe%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=NwPabsUW7M&p=https%3A//xosoketqua.com&dtd=900
Frame ID: 7966907E1CB31A0E68AB8AD1B83F20ED
Requests: 1 HTTP requests in this frame

Frame: https://cm.mgid.com/i-noref.js?cbuster=1683091013939141015305
Frame ID: 2D2443AAD3A80117E03703E8BC225E7A
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=mgid&endpoint=us-west&gdpr=0&gdpr_consent=&us_privacy=
Frame ID: 30A713749244CC48520593D6BE8A4273
Requests: 12 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 52E655F9A829CC30E3704AE904D839C6
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 6D6F955D98502E20ED1E86E721BC18D4
Requests: 2 HTTP requests in this frame

Screenshot

Page Title

Xổ Số Kết Quả - ketqua, kqxs, ket qua xo so hom nay, ketquaxoso

Detected technologies

Overall confidence: 100%
Detected patterns
  • /_nuxt/

Overall confidence: 100%
Detected patterns
  • static\.cloudflareinsights\.com/beacon(?:\.min)?\.js

Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/

Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js

Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js

Overall confidence: 100%
Detected patterns
  • moment(?:\.min)?\.js

Overall confidence: 100%
Detected patterns
  • cdn\.onesignal\.com

Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com

Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com

Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

103
Requests

78 %
HTTPS

0 %
IPv6

36
Domains

54
Subdomains

33
IPs

9
Countries

2277 kB
Transfer

4172 kB
Size

46
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 70
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=mgid&endpoint=us-west&gdpr=0&gdpr_consent=&us_privacy= HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=mgid&endpoint=us-west&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 71
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=3411&partner_device_id=n42RTW_JGMgm HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3411&partner_device_id=n42RTW_JGMgm
Request Chain 72
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=omn67hl&ttd_tpi=1 HTTP 302
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=omn67hl&ttd_tpi=1 HTTP 302
  • https://cm.mgid.com/m?cdsp=371158&c=a85accb3-e1a2-493a-a5f2-dbad59202ab0&ttl=1685683014
Request Chain 73
  • https://x.bidswitch.net/sync?dsp_id=303&user_id=n42RTW_JGMgm&gdpr=0&gdpr_consent=&us_privacy= HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?dsp_id=303&user_id=n42RTW_JGMgm&gdpr=0&gdpr_consent=&us_privacy= HTTP 302
  • https://ads.yieldmo.com/sync?userid=c764e903-fb09-41d8-b8dd-6c2e69647e82&pn_id=bsw&extinit=1&gdpr=0&gdpr_consent=
Request Chain 75
  • https://creativecdn.com/cm-notify?pi=mgid HTTP 302
  • https://creativecdn.com/cm-notify?pi=mgid&tc=1 HTTP 302
  • https://cm.mgid.com/m?cdsp=501037&c=BSEULZShS3rJjXJF94VN&pi=mgid&tc=1
Request Chain 77
  • https://prebid.a-mo.net/cchain/0?gdpr=0&gdpr_consent=&us_privacy=&cb=https%3A//cm.mgid.com/m%3Fcdsp%3D779131%26c%3D HTTP 302
  • https://ap.lijit.com/pixel?gdpr=1&gdpr_consent=&us_privacy=&redir=https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F0%2F169%3Fgdpr%3D0%26gdpr_consent%3D%26us_privacy%3D%26A%3Dbb16dd31-9caf-42cf-8a08-7e079c3b130b%26bidder%3Dsovrn%26cbx%3DaHR0cHM6Ly9jbS5tZ2lkLmNvbS9tP2Nkc3A9Nzc5MTMxJmM9%26uid%3D%24UID
Request Chain 78
  • https://sync.e-volution.ai/34b9aae5baa016b251b9fc488f4a97cd.gif?puid=n42RTW_JGMgm&gdpr=0&gdpr_consent=&ccpa_consent= HTTP 302
  • https://ssbsync.smartadserver.com/api/sync?callerId=24&gdpr=0&gdpr_consent=&us_privacy= HTTP 302
  • https://sync.e-volution.ai/a02d62607dea0c97e41ff36ebd422945.gif?puid=5587068788240841869&gdpr=0&gdpr_consent= HTTP 302
  • https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-pashadv&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 79
  • https://cm.g.doubleclick.net/pixel?google_nid=marketgid&google_cm=&google_ula={guid}&google_hm=bjQyUlRXX0pHTWdt&muidn=n42RTW_JGMgm HTTP 302
  • https://cm.mgid.com/google?muidn=n42RTW_JGMgm&google_ula={guid},5&google_gid=CAESEN_ZrhPZkYYghl06T2LEESA&google_cver=1
Request Chain 80
  • https://x.bidswitch.net/sync?ssp=mgid HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=mgid HTTP 302
  • https://c1.adform.net/serving/cookie/match/?party=24&bidswitch_ssp_id=mgid HTTP 302
  • https://c1.adform.net/serving/cookie/match/?CC=1&party=24&bidswitch_ssp_id=mgid HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=70&user_id=2457221643577167288&ssp=mgid
Request Chain 81
  • https://ad.360yield.com/server_match?partner_id=1944&r=https%3A%2F%2Fcm.mgid.com%2Fm%3Fcdsp%3D665953%26c%3D%7BPUB_USER_ID%7D HTTP 302
  • https://ad.360yield.com/ul_cb/server_match?partner_id=1944&r=https%3A%2F%2Fcm.mgid.com%2Fm%3Fcdsp%3D665953%26c%3D%7BPUB_USER_ID%7D HTTP 302
  • https://cm.mgid.com/m?cdsp=665953&c=1d0d4a17-86e2-4f6e-b0ba-cc7ffc372280
Request Chain 82
  • https://image8.pubmatic.com/AdServer/ImgSync?p=161673&gdpr=0&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D161673%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fcm.mgid.com%252Fm%253Fcdsp%253D712807%2526c%253D%2523PMUID HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?p=161673&gdpr=0&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D161673%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fcm.mgid.com%252Fm%253Fcdsp%253D712807%2526c%253D%2523PMUID&rdf=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=NUJCODA3MTYtNjdGQy00OTFELTlDOTEtMDYyRUM4NDIzOTcx&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent= HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent= HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?gdpr=0&partnerID=161673&pmc=1&pr=https%3A%2F%2Fcm.mgid.com%2Fm%3Fcdsp%3D712807%26c%3D5BB80716-67FC-491D-9C91-062EC8423971 HTTP 302
  • https://cm.mgid.com/m?cdsp=712807&c=5BB80716-67FC-491D-9C91-062EC8423971
Request Chain 93
  • https://pixel-us-west.rubiconproject.com/exchange/sync.php?p=mgid&gdpr=0&gdpr_consent=&us_privacy=&gdpr=0&khaos=LH78XN8L-2-EKPK HTTP 302
  • https://cm.mgid.com/m?cdsp=43070&c=LH78XN8L-2-EKPK&gdpr=0
Request Chain 94
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc&gdpr=0 HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&gdpr=0&put=CAESEBYsW_OJo209arx9I1TxttY&google_cver=1
Request Chain 95
  • https://token.rubiconproject.com/token?pid=36584&gdpr=0 HTTP 302
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LH78XN8L-2-EKPK&gdpr=0
Request Chain 96
  • https://token.rubiconproject.com/token?pid=25470&gdpr=0 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_cm&google_hm=TEg3OFhOOEwtMi1FS1BL&gdpr=0 HTTP 302
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&gdpr=0&google_gid=CAESENxpKnylLQAMxTjicu3D1B0&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEg3OFhOS08tVS04M0cx&google_push=&gdpr=0
Request Chain 97
  • https://match.adsrvr.org/track/cmf/rubicon?gdpr=0 HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=a85accb3-e1a2-493a-a5f2-dbad59202ab0&gdpr=0&gdpr_consent=&expires=30
Request Chain 98
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1&gdpr=0 HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/YAZrDPDnaUlyRePHq_sU4w?csrc=&gdpr=0 HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-9c4Z3JpE2oI2v3_frIt.De1pf8qsIUV2FnyE7A--~A
Request Chain 99
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&gdpr=0 HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&gdpr=0&dcc=t HTTP 302
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=p0y_GHObSISYJgNM160SuA&rk=usync-other&gdpr=0 HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=p0y_GHObSISYJgNM160SuA&gdpr=0
Request Chain 100
  • https://token.rubiconproject.com/token?pid=2249&pt=n&gdpr=0 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=MjkxNTk4OGZjMDFiNjBkMjMzMjRjNmJjY2M5ZWQ2MWM2M2QyZTczYw&gdpr=0
Request Chain 101
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&gdpr=0 HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&gdpr=0&dcc=t HTTP 302
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=hcZFUrFjTRO2bZutq6Lanw&rk=usync-na&gdpr=0 HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=hcZFUrFjTRO2bZutq6Lanw&gdpr=0

103 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
xosoketqua.com/
265 KB
61 KB
Document
General
Full URL
https://xosoketqua.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.73.4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cdb4769b3e0b839ef4e16e0c1d11c81d9e334a72b781b5bfd0da105d3d025d55

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
ka-GE,ka;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
max-age=0
cf-cache-status
DYNAMIC
cf-ray
7c16089fdfcd90da-FRA
content-encoding
br
content-type
text/html; charset=utf-8
date
Wed, 03 May 2023 05:16:45 GMT
last-modified
Wed, 03 May 2023 05:16:45 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=irN1onxLjjs5GaUTu4QY8KRTPUMFyF77W8zUWerWt3vSVzkO8%2BbtP9JWjhX6OdRmiqba7UrOJXGPi%2Feky8X9LWy22H1UfjdMqYYLfuuzfBz7M56YYRgFO3DRP6Jtf1Y4"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
newstyle.css
xosoketqua.com/xskt/assets/
66 KB
15 KB
Stylesheet
General
Full URL
https://xosoketqua.com/xskt/assets/newstyle.css?v=4
Requested by
Host: xosoketqua.com
URL: https://xosoketqua.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.73.4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b823354b963ed99d133f9394910528fb3ede32d2e6a2f0dd259c4a2542448d4f

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://xosoketqua.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 03 May 2023 05:16:46 GMT
content-encoding
br
cf-cache-status
HIT
cf-bgj
minify
last-modified
Mon, 01 May 2023 09:39:24 GMT
server
cloudflare
age
77471
cf-polished
origSize=67433
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2tpte%2FWVBRUr1p2c0lVa%2FRynAgq5HdketUnoXw2b%2F0vNLwkKYDHM13I%2FvsTnXgFR0Dd0L9TTCRH3T2j8AV%2BKKv5jXistCdRM4vJYObcOZ0PpwOlHbtqISlNIb26opayy"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
cache-control
max-age=90000
cf-ray
7c1608a3aa0d90da-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
_logo_ketqua.jpg
xosoketqua.com/xskt/img/
3 KB
4 KB
Image
General
Full URL
https://xosoketqua.com/xskt/img/_logo_ketqua.jpg
Requested by
Host: xosoketqua.com
URL: https://xosoketqua.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.73.4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
613b3fddc9e515dbc5fe3b0926cdf3b4123a3ea43ce004764bcf30cc8c948398

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://xosoketqua.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 03 May 2023 05:16:46 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
75010
cf-polished
origSize=3651, status=webp_bigger
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
3201
cf-bgj
imgq:85,h2pri
last-modified
Mon, 01 May 2023 09:39:24 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=348X9B0x0u76U0sewOCpoiBDDaRemjX122yi%2Bpq0xnk17na9gOhCPiKvqVyfA2Ec715Jm7YIE45EF57NoowU67iAMXKaro5%2FaM%2BsiPHzIkYBCoIByBKHYf3cfAudEPXY"}],"group":"cf-nel","max_age":604800}
content-type
image/jpg
cache-control
max-age=90000
accept-ranges
bytes
cf-ray
7c1608a7ea353638-FRA
home.png
xosoketqua.com/images/
190 B
717 B
Image
General
Full URL
https://xosoketqua.com/images/home.png
Requested by
Host: xosoketqua.com
URL: https://xosoketqua.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.73.4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9260f1a6f656ed661a4ddcc4c5e3fec14fee4367511a6259d1291035d9d3692a

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://xosoketqua.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 03 May 2023 05:16:46 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
74553
cf-polished
origFmt=png, origSize=350
content-disposition
inline; filename="home.webp"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
190
cf-bgj
imgq:85,h2pri
last-modified
Mon, 01 May 2023 18:33:27 GMT
server
cloudflare
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qmSM8TuhyZ%2F8fbY6AQUDzm9bvAY1W3JVPlFhBn%2FsFwrKi58YpijXXUlnknA%2Fv1Jh1BOd61t8KvliEhqs%2FiwDVCC3MjiNE%2FlhKClKB1r142Pb3UiUwc0TfpHyDAGJEKJi"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
max-age=90000
accept-ranges
bytes
cf-ray
7c1608a7ea3d3638-FRA
account.png
xosoketqua.com/images/
142 B
664 B
Image
General
Full URL
https://xosoketqua.com/images/account.png
Requested by
Host: xosoketqua.com
URL: https://xosoketqua.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.73.4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d6d1bae8089a362fc446bf9ec7d8390078397a48d4ed2c39f2c17a552adae0fc

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://xosoketqua.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 03 May 2023 05:16:46 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
74553
cf-polished
origFmt=png, origSize=256
content-disposition
inline; filename="account.webp"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
142
cf-bgj
imgq:85,h2pri
last-modified
Mon, 01 May 2023 09:39:23 GMT
server
cloudflare
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pDzJvvrklihEd1XCys5AV00TdUxrqnv8hsAxdzKbzsftqgYf0ACRVj7%2FsrKOR3edxyf7mbrGIDoHvPyKb7ieUHuZY5J7YTsVQzYtTfDvg2gehFlMM1fHqOhniEFdVd7z"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
max-age=90000
accept-ranges
bytes
cf-ray
7c1608a7fa453638-FRA
menu-min.png
xosoketqua.com/images/
150 B
674 B
Image
General
Full URL
https://xosoketqua.com/images/menu-min.png
Requested by
Host: xosoketqua.com
URL: https://xosoketqua.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.73.4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
31fd8f47eda51f040e9b86f052b19c2abc888719bca65129d37b407fc13ff1d9

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://xosoketqua.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 03 May 2023 05:16:46 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
74552
cf-polished
origFmt=png, origSize=201
content-disposition
inline; filename="menu-min.webp"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
150
cf-bgj
imgq:85,h2pri
last-modified
Mon, 01 May 2023 17:10:46 GMT
server
cloudflare
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oe93dhBRbaSV0K8yT6%2FBxcKYoymEoVuJ7kOEazJyDj68ebThIngFfyIMkcxJ76J0K4HretAEfzKekO55b0UGFMqVZHVa6YoFwF8UxkTwoWNetqvKx2G3rAchoa8566Xj"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
max-age=90000
accept-ranges
bytes
cf-ray
7c1608a7fa473638-FRA
close-min.png
xosoketqua.com/images/
208 B
738 B
Image
General
Full URL
https://xosoketqua.com/images/close-min.png
Requested by
Host: xosoketqua.com
URL: https://xosoketqua.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.73.4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
306843cbe2fefd30393d5f0e1928043a6032b9d318b84540983cb622ed2a0f46

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://xosoketqua.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 03 May 2023 05:16:46 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
74553
cf-polished
origFmt=png, origSize=255
content-disposition
inline; filename="close-min.webp"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
208
cf-bgj
imgq:85,h2pri
last-modified
Mon, 01 May 2023 17:35:19 GMT
server
cloudflare
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MH5Ug%2BkeVf5w0LUh8wp6YCK%2FwZphrugjf13ImuvHLF27d9GRacDDenibezjv7Z%2Fk7%2FON5XH8o%2FqiofunZuWAapop37sorGwYqEqPVl6jLrkPqN1TtOl7diCuHwOUQhV5"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
max-age=90000
accept-ranges
bytes
cf-ray
7c1608a7fa483638-FRA
keno.png
vsmb.vn/images/logo/
49 KB
49 KB
Image
General
Full URL
https://vsmb.vn/images/logo/keno.png
Requested by
Host: xosoketqua.com
URL: https://xosoketqua.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
171.244.57.133 Hanoi, Viet Nam, ASN38731 (VTDC-AS-VN Vietel - CHT Compamy Ltd, VN),
Reverse DNS
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
5dfed40ccba55fc860da7bbb9e118c57cb2c9c1c6064869a42c25c413676f686

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://xosoketqua.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 03 May 2023 05:16:47 GMT
Last-Modified
Sun, 14 Aug 2022 18:59:29 GMT
Server
nginx/1.10.3 (Ubuntu)
ETag
W/"c20d-1829db9b268"
Content-Type
image/png
Cache-Control
public, max-age=0
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
49677
loto.68a6347.png
docdac.vn/_nuxt/img/
4 KB
5 KB
Image
General
Full URL
https://docdac.vn/_nuxt/img/loto.68a6347.png
Requested by
Host: xosoketqua.com
URL: https://xosoketqua.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
171.244.57.133 Hanoi, Viet Nam, ASN38731 (VTDC-AS-VN Vietel - CHT Compamy Ltd, VN),
Reverse DNS
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
195e566041810359c6701d720739056a0117895f96d363ba31083a36293fa657

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://xosoketqua.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 03 May 2023 05:16:49 GMT
Last-Modified
Wed, 25 Jan 2023 16:39:22 GMT
Server
nginx/1.10.3 (Ubuntu)
ETag
"63d15b3a-116f"
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
4463
tinhwaiting.gif
xosoketqua.com/xskt/img/
4 KB
5 KB
Image
General
Full URL
https://xosoketqua.com/xskt/img/tinhwaiting.gif
Requested by
Host: xosoketqua.com
URL: https://xosoketqua.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.73.4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c62e745470fae8a17a2241b5305f55ec2876b67b66de977faf03c9d65b6e54c6

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://xosoketqua.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 03 May 2023 05:16:46 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
10108
cf-polished
origFmt=gif, origSize=4559
content-disposition
inline; filename="tinhwaiting.webp"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
4138
cf-bgj
imgq:85,h2pri
last-modified
Tue, 02 May 2023 10:40:24 GMT
server
cloudflare
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hbJZFJ4MI%2BA3Ser84%2BkzKrRvN%2F4eQtS8d3O8Y94a7yaMBm%2F40DSXWl8T7BKikqCTwAbm7KYe35QMAlE9Or5fPRkNeQOLKdbsJJXJz2aKdthBvjOJ7ze1clOH0ywSpxdd"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
max-age=90000
accept-ranges
bytes
cf-ray
7c1608a81a723638-FRA
loading_icon_version2.gif
cdn.xosodaiphat.com//images/
0
0
Image
General
Full URL
https://cdn.xosodaiphat.com//images/loading_icon_version2.gif
Requested by
Host: xosoketqua.com
URL: https://xosoketqua.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.21.76 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://xosoketqua.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

dudoan_xsmb_7.jpg
xosoketqua.com/images/article/dudoan/
110 KB
111 KB
Image
General
Full URL
https://xosoketqua.com/images/article/dudoan/dudoan_xsmb_7.jpg
Requested by
Host: xosoketqua.com
URL: https://xosoketqua.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.73.4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ca878c3a2a355fe4386a5cadbeceb57401ef715efb5b2b54245ed73f7b004bfc

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://xosoketqua.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 03 May 2023 05:16:47 GMT
cf-cache-status
HIT
cf-bgj
imgq:85,h2pri
last-modified
Wed, 03 May 2023 05:12:59 GMT
server
cloudflare
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished
origFmt=png, origSize=175845
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2B17Ww6nqkesaPr3EbbvF5bK0cYZo2WU0QmmdJOIr6Wd37Bb6FLUVr%2FyQ1OTxlNVQT%2FlUC%2Br5iSwsC9y%2B4bGRVsBmQCCyOmznINBZsErG8sIv5a%2BGk2XMp%2FiC9c2qfgz%2B"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
content-disposition
inline; filename="dudoan_xsmb_7.webp"
accept-ranges
bytes
cf-ray
7c1608a90b363638-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
113046
dudoan_xsmb_3.jpg
xosoketqua.com/images/article/dudoan/
200 KB
201 KB
Image
General
Full URL
https://xosoketqua.com/images/article/dudoan/dudoan_xsmb_3.jpg
Requested by
Host: xosoketqua.com
URL: https://xosoketqua.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.73.4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a628011e52347170fde9fc32f9b4769fc57fe51c6943be94488725cda8e75b6b

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://xosoketqua.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 03 May 2023 05:16:47 GMT
cf-cache-status
HIT
cf-bgj
imgq:85,h2pri
last-modified
Wed, 03 May 2023 04:19:36 GMT
server
cloudflare
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished
origFmt=png, origSize=299526
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XK%2BCufGHWenXCRYVrqe0RE8HjqfY0BEtReC3%2BOB%2FpeP7j2hs6L0ZVu5wh3R02viaSEAkrl5uYj6HLjVaSCx5yA%2BiAPfNTD5r5x4wTX4cr7rjelIHX%2FL%2BHF5YbfbCGN7f"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
content-disposition
inline; filename="dudoan_xsmb_3.webp"
accept-ranges
bytes
cf-ray
7c1608a90b3a3638-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
205076
dudoan_xsmb_5.jpg
xosoketqua.com/images/article/dudoan/
96 KB
97 KB
Image
General
Full URL
https://xosoketqua.com/images/article/dudoan/dudoan_xsmb_5.jpg
Requested by
Host: xosoketqua.com
URL: https://xosoketqua.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.73.4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
26ed2baef21b7224d56d1aed9a2caa46dfdaa39eb775e84023c1fb63a3438af8

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://xosoketqua.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 03 May 2023 05:16:47 GMT
cf-cache-status
HIT
cf-bgj
imgq:85,h2pri
last-modified
Wed, 03 May 2023 03:18:43 GMT
server
cloudflare
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished
origFmt=png, origSize=291939
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OHrH4srUrJ9j9NBwGcBXnZWsM4TnqMeRSdv2HXxRKskT5DXZAfqpemNQfZd3BP1gpeXymguOAXEDCZ2OJ2SnOuDJLaKUcM8RUls%2Fmbr9woyuN5w6x%2FlCeqJf2DkuaIC2"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
content-disposition
inline; filename="dudoan_xsmb_5.webp"
accept-ranges
bytes
cf-ray
7c1608a91b3d3638-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
98700
dudoan_xsmn_4.jpg
xosoketqua.com/images/article/dudoan/
144 KB
145 KB
Image
General
Full URL
https://xosoketqua.com/images/article/dudoan/dudoan_xsmn_4.jpg
Requested by
Host: xosoketqua.com
URL: https://xosoketqua.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.73.4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
03750b714b9002b987a8dfc6551a7f7db04268263fe8315ac72286a98c213a75

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://xosoketqua.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 03 May 2023 05:16:47 GMT
cf-cache-status
HIT
cf-bgj
imgq:85,h2pri
last-modified
Wed, 03 May 2023 04:05:33 GMT
server
cloudflare
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished
origFmt=png, origSize=203802
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NeIOsoUp8FvHclIoMct3g7KKW768nEvAm3Z%2B89gQEASsqPf2barizdoVDvUXSqAVzhBDwX1ZhUfzAIkj8HkNWOOtPf0jDnkw25bPJFoF2KFrLashRp2J7QubURdtyPFr"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
content-disposition
inline; filename="dudoan_xsmn_4.webp"
accept-ranges
bytes
cf-ray
7c1608a92b533638-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
147836
dudoan_xsmt_5.jpg
xosoketqua.com/images/article/dudoan/
33 KB
34 KB
Image
General
Full URL
https://xosoketqua.com/images/article/dudoan/dudoan_xsmt_5.jpg
Requested by
Host: xosoketqua.com
URL: https://xosoketqua.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.73.4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1b2d4cff44e2295393d5691cd1c3370a5550da835e8bce1b4e0373552b123459

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://xosoketqua.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 03 May 2023 05:16:47 GMT
cf-cache-status
HIT
cf-bgj
imgq:85,h2pri
last-modified
Wed, 03 May 2023 03:42:57 GMT
server
cloudflare
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished
qual=85, origFmt=jpeg, origSize=53857
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bhDnGF%2FKZDZwHbXPPhqWQFUCz2P4u8klW9HeLhg0suCEsE%2B1vXETI3Jei02pmczXp36z1b013o1EA%2FlMYd4hcxSbi9dkE3Cydic%2FPlCvvj5rs3C4zRuahEo8ghTGUdPl"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
content-disposition
inline; filename="dudoan_xsmt_5.webp"
accept-ranges
bytes
cf-ray
7c1608a93b573638-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
34204
vsmb_doitac-min.jpg
xosoketqua.com/images/
50 KB
51 KB
Image
General
Full URL
https://xosoketqua.com/images/vsmb_doitac-min.jpg
Requested by
Host: xosoketqua.com
URL: https://xosoketqua.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.73.4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ebf1fe08248c5d0bd28a5aa80a6651a2ad57d09a07bcf75da81a7eacf652859c

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://xosoketqua.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 03 May 2023 05:16:46 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
74551
cf-polished
qual=85, origFmt=jpeg, origSize=83673
content-disposition
inline; filename="vsmb_doitac-min.webp"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
51650
cf-bgj
imgq:85,h2pri
last-modified
Mon, 01 May 2023 17:09:48 GMT
server
cloudflare
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EQo2liZ2feo1VUrjDEnOhLAoV%2BGqx1Efeqd%2FmiU6sCbBWVxlRAy8eQ3Z2gwmY85rIg2bEAqg4oxzeEl0X9h2xVcPpqd2NZMUiMdBEWhTenIuLC%2FwSr%2FGA%2Fo7wwVTRcg9"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
max-age=90000
accept-ranges
bytes
cf-ray
7c1608a94b693638-FRA
docdac_doitac-min.jpg
xosoketqua.com/images/
85 KB
86 KB
Image
General
Full URL
https://xosoketqua.com/images/docdac_doitac-min.jpg
Requested by
Host: xosoketqua.com
URL: https://xosoketqua.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.73.4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
10bec72c384e207f3f3f32f19885cba31030779aac072ca40e834526af64cc5a

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://xosoketqua.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 03 May 2023 05:16:46 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
74550
cf-polished
qual=85, origFmt=jpeg, origSize=149322
content-disposition
inline; filename="docdac_doitac-min.webp"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
87346
cf-bgj
imgq:85,h2pri
last-modified
Mon, 01 May 2023 18:14:25 GMT
server
cloudflare
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MMNAvM2mHCyrPBQVvVY%2Bpf8K7S7ZJkEDrGkS0Tb9m1dhptsZMt57I16DFLG8P6bZac5uEKxpOQ6PRbnNwKA8ohXoO0ovqXbnwDAlgVlbvIJIKxHusUxmr00G8iQZbtRI"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
max-age=90000
accept-ranges
bytes
cf-ray
7c1608a94b6b3638-FRA
keno_doitac-min.png
xosoketqua.com/images/
36 KB
37 KB
Image
General
Full URL
https://xosoketqua.com/images/keno_doitac-min.png
Requested by
Host: xosoketqua.com
URL: https://xosoketqua.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.73.4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
de76b1d19e0d198b58f2abc056a9600cf7232d4fa75a120416c4beb387b31d19

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://xosoketqua.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 03 May 2023 05:16:46 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
74550
cf-polished
origFmt=png, origSize=44990
content-disposition
inline; filename="keno_doitac-min.webp"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
37022
cf-bgj
imgq:85,h2pri
last-modified
Mon, 01 May 2023 19:05:50 GMT
server
cloudflare
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FGeq%2B%2FEu2IomMVz2KJfRn8oMhW2g0H0rPwWwoiVbkFgLpxCrItIavlzYsESXDDvU%2FykMQfk8ALJGmJKZxfbaw6QUKyKvi4A3WYvfz9orjF8fh911Scs7w7V9%2FXPzD22f"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
max-age=90000
accept-ranges
bytes
cf-ray
7c1608a94b6c3638-FRA
logo_atrungroi-min.jpg
xosoketqua.com/images/
156 KB
157 KB
Image
General
Full URL
https://xosoketqua.com/images/logo_atrungroi-min.jpg
Requested by
Host: xosoketqua.com
URL: https://xosoketqua.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.73.4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8aa44049c92f58ace479269500caf1526cfaf804f02076428f550b5d59a6a289

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://xosoketqua.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 03 May 2023 05:16:46 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
74550
cf-polished
status=not_needed
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
159856
cf-bgj
imgq:85,h2pri
last-modified
Mon, 01 May 2023 09:39:24 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rgB0Q5tPMjusnXOrts%2F5UMhz5Mbb0S6FwnqL9kDocObL9s4cMfAXccRaeU3N4Xq6irSQDTGyVPSOjYQD0o41Hs6SE6KvEY8kPVl1V4ROuGCh0xBkTcKqKmXuRwD1q81f"}],"group":"cf-nel","max_age":604800}
content-type
image/jpg
cache-control
max-age=90000
accept-ranges
bytes
cf-ray
7c1608a94b733638-FRA
Google_News_icon.png
xosoketqua.com/images/
24 KB
25 KB
Image
General
Full URL
https://xosoketqua.com/images/Google_News_icon.png
Requested by
Host: xosoketqua.com
URL: https://xosoketqua.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.73.4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4296d14d27998137ed687216f71d64a06e694ba56ae9e99b5666b95118320d3b

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://xosoketqua.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 03 May 2023 05:16:46 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
74550
cf-polished
origFmt=png, origSize=38896
content-disposition
inline; filename="Google_News_icon.webp"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
24886
cf-bgj
imgq:85,h2pri
last-modified
Mon, 01 May 2023 17:48:41 GMT
server
cloudflare
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SDV8QgSvASZ3uNHNtQbUVtyaW75hs4q3e%2Bt9uvBptFXCSrAhsISA94MZY%2Focz1WswC2VSvGGw%2B%2BLSjxnEaQEsXgW%2F%2FY6fDr61NSkzbn1cGim6QIzhCqv9pLZTdRzkZCR"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
max-age=90000
accept-ranges
bytes
cf-ray
7c1608a95b7b3638-FRA
rocket-loader.min.js
xosoketqua.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/
12 KB
4 KB
Script
General
Full URL
https://xosoketqua.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Requested by
Host: xosoketqua.com
URL: https://xosoketqua.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.73.4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://xosoketqua.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 03 May 2023 05:16:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 28 Apr 2023 14:11:40 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"644bd41c-302c"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LXFRa742c8NAEXP2hRA%2FeBVN4soFmpsTIId2H51Q1akrBf4LJJbGV0agZrglAnfOC%2B81%2F5o1z8ktNvokGxenggBrCJblCU7We74MvdY5lpFCTtEPy3MOg5Tk3y%2BUPb61"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
x-frame-options
DENY
cache-control
max-age=172800, public
cf-ray
7c1608a95b7d3638-FRA
expires
Fri, 05 May 2023 05:16:46 GMT
v52afc6f149f6479b8c77fa569edb01181681764108816
static.cloudflareinsights.com/beacon.min.js/
19 KB
7 KB
Script
General
Full URL
https://static.cloudflareinsights.com/beacon.min.js/v52afc6f149f6479b8c77fa569edb01181681764108816
Requested by
Host: xosoketqua.com
URL: https://xosoketqua.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.57.101 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
13a548e040a1ec08f77911fed1d559b95e5daae0ee227e632140e003c7268e7b

Request headers

Referer
https://xosoketqua.com/
Origin
https://xosoketqua.com
accept-language
ka-GE,ka;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 03 May 2023 05:16:47 GMT
content-encoding
gzip
last-modified
Mon, 17 Apr 2023 20:41:48 GMT
server
cloudflare
etag
W/2023.4.2
vary
Accept-Encoding
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
cf-ray
7c1608ab0cce9bbc-FRA
myapi_home.js
xosoketqua.com/xskt/assets/
11 KB
4 KB
Script
General
Full URL
https://xosoketqua.com/xskt/assets/myapi_home.js?v=18_02_1
Requested by
Host: xosoketqua.com
URL: https://xosoketqua.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.73.4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
22336a040f055dc76c4ea40bd871cad0c16acb1c4a7a8094fbb4ffbda13911cd

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://xosoketqua.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 03 May 2023 05:16:52 GMT
content-encoding
br
cf-cache-status
HIT
cf-bgj
minify
last-modified
Tue, 02 May 2023 10:39:45 GMT
server
cloudflare
age
10113
cf-polished
origSize=17072
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tnw3UQgw1XwKmo7s3%2BX9OeYxQ%2FAO64bcfglJCX6t6jp8ORzycFKWNGbua0Aqx7Eq%2BDG80bAzhTm1YpeBVOcxRYmrFJh8OMHGEOM2UTBGT0fO0hS4E7seyKy6Z0E6Rqts"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=90000
cf-ray
7c1608cc1aa93638-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
moment.min.js
xosoketqua.com/xskt/assets/
50 KB
18 KB
Script
General
Full URL
https://xosoketqua.com/xskt/assets/moment.min.js?v=34_07_25
Requested by
Host: xosoketqua.com
URL: https://xosoketqua.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.73.4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2f74b7103124df51dc2c0e42e93da8bc7bce703f34f9f82a6820edd81022f76a

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://xosoketqua.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 03 May 2023 05:16:52 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 02 May 2023 10:39:30 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
54894
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lERJAWpw33F96R1rTnyxAwnvUf57sNdVjX8sfOc5rvUfBlyPxa9DZvnqw3Er3o7lCaNWoaXnv3UbS3sZ%2FH%2BhEhO%2B0%2BC4GSzlHkqcLsLucnuEsNE68Wlqg85%2BflP3IFvW"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=90000
cf-ray
7c1608cc2aac3638-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
html2canvas.min.js
xosoketqua.com/xskt/assets/
194 KB
45 KB
Script
General
Full URL
https://xosoketqua.com/xskt/assets/html2canvas.min.js
Requested by
Host: xosoketqua.com
URL: https://xosoketqua.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.73.4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4917b15ac829f7546ab1c053b06499786b45a053169f31f436c16c8eb821414e

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://xosoketqua.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 03 May 2023 05:16:52 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 02 May 2023 20:46:52 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
10114
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YShWFxq9vULg588XTNES%2FZne58jy3gmWtAViKiNzFHJPNmyLIKwB%2Bqz5bJKL1ZnRkm0iZlrdIr3OBW0Q%2BQGaWVQMSPuCgZtsnA%2BZUaom9AcigfNaDJsJLPJ1%2BePrNg00"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=90000
cf-ray
7c1608cc2aae3638-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
main_index.js
xosoketqua.com/xskt/assets/
5 KB
2 KB
Script
General
Full URL
https://xosoketqua.com/xskt/assets/main_index.js
Requested by
Host: xosoketqua.com
URL: https://xosoketqua.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.73.4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
198913752556a4f2f624d36003da83fd4ef164a10505a692b8fec18fbd6569a9

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://xosoketqua.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 03 May 2023 05:16:52 GMT
content-encoding
br
cf-cache-status
HIT
cf-bgj
minify
last-modified
Tue, 02 May 2023 20:46:52 GMT
server
cloudflare
age
10113
cf-polished
origSize=6366
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cOpe3IVVjqy93HF3p0Bz%2B51yW6V90%2FTqkATXhAjmR%2B9MuxIyTtLFQEtnro51Q7iLKadPL4dOrAct2xPY%2F4mlff6jTmT%2BFySKAUI2fkmu9RZASXMDgajudNAusZBR7Jpp"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=90000
cf-ray
7c1608cc2aaf3638-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
jqueryval.js
xosoketqua.com/xskt/assets/
27 KB
9 KB
Script
General
Full URL
https://xosoketqua.com/xskt/assets/jqueryval.js
Requested by
Host: xosoketqua.com
URL: https://xosoketqua.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.73.4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6afdbd54a64983a71441817c8a89faaef68c26aeb47c03e6dfbba9346fee1460

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://xosoketqua.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 03 May 2023 05:16:52 GMT
content-encoding
br
cf-cache-status
HIT
cf-bgj
minify
last-modified
Tue, 02 May 2023 20:46:52 GMT
server
cloudflare
age
10113
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7RnBIsdxrAGE4ePfSl9ol06CDol2DnOD8u%2FxXNX4yBrAqEsxfEoqqbADS93DB4aQhQRaGtt3oaFJWQseVARckXi%2BHypWsjkBpWXqoYBZ%2FyE0FcvP1UI2TOHHnF8uYnFv"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=90000
cf-ray
7c1608cc2ab13638-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
xsdp.min.js
xosoketqua.com/xskt/assets/
19 KB
5 KB
Script
General
Full URL
https://xosoketqua.com/xskt/assets/xsdp.min.js?v=24_09
Requested by
Host: xosoketqua.com
URL: https://xosoketqua.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.73.4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7322d236b28fc8d784909a4ff1e8e082ba2f207b3a64d2aa43e52fe0e45441ac

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://xosoketqua.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 03 May 2023 05:16:52 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 02 May 2023 10:39:27 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
10113
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=u2Yn%2BLBH3mLWh6w98SpX%2BU%2B%2F1LBwqDo3p2%2B6WnRhK5SL1biD7ZyNf%2BRBb77R8ynxdP7pqI37OnMvQLY8N5%2BTk2aoNo3WQddbk4EKOG6tAK5Za7qfW9hw7RkXnvv5COPS"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=90000
cf-ray
7c1608cc2ab23638-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
jquerylib.js
xosoketqua.com/xskt/assets/
368 KB
109 KB
Script
General
Full URL
https://xosoketqua.com/xskt/assets/jquerylib.js
Requested by
Host: xosoketqua.com
URL: https://xosoketqua.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.73.4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b0ea3d9ba83e515d8ae6a36eea23403c8928b81a8f84ac93d10c4e6a22d6b93a

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://xosoketqua.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 03 May 2023 05:16:52 GMT
content-encoding
br
cf-cache-status
HIT
cf-bgj
minify
last-modified
Tue, 02 May 2023 20:44:42 GMT
server
cloudflare
age
10113
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7pjoqA7WeVcst4LGdAf0fyY2zxFXySVcHvv7EJMRsHoeodoWUFO7RewqZqtXhJjI5hOv796yJacDQ96KBjOvyE2Ru8zAXGm%2BvQZGZkDddtpefoRryy36u029syGHr1qd"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=90000
cf-ray
7c1608cc2ab33638-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
DMCABadgeHelper.min.js
images.dmca.com/Badges/
465 B
671 B
Script
General
Full URL
https://images.dmca.com/Badges/DMCABadgeHelper.min.js
Requested by
Host: xosoketqua.com
URL: https://xosoketqua.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map3.hwcdn.net
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
e8021f1a9dad409f7e699457ac334653bf800464df69900237c4de1c29e275d0

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://xosoketqua.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 03 May 2023 05:16:52 GMT
content-encoding
gzip
last-modified
Fri, 21 Jun 2019 20:14:34 GMT
server
Microsoft-IIS/10.0
etag
"26b181f16d28d51:0"
x-powered-by
ASP.NET
x-hw
1683091012.cds137.fr8.hn,1683091012.cds057.fr8.c
content-type
application/javascript
access-control-allow-origin
*
cache-control
public,max-age=31536000
accept-ranges
bytes
link
<https://www.dmca.com/Badges/DMCABadgeHelper.min.js>; rel="canonical"
content-length
395
xosoketqua.com.1343895.js
jsc.mgid.com/x/o/
3 KB
2 KB
Script
General
Full URL
https://jsc.mgid.com/x/o/xosoketqua.com.1343895.js
Requested by
Host: xosoketqua.com
URL: https://xosoketqua.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.136.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0600b393260e2df05723f6018dfb42e99560f2be0b9de0fffad1584d1f5d2637

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://xosoketqua.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 03 May 2023 05:16:52 GMT
x-amz-version-id
PrUCfMP0JRecHfj6D529PdWqP6aNauFX
content-encoding
br
cf-cache-status
HIT
x-amz-request-id
DWPH2151582SF41N
cf-polished
origSize=2690
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2
VfvbYGQTfAAXJtsqM8mB8oV2mRgUTV++nMMTPdMqhpgDTcZpm5mY92r3I0nCLsdX4+9tIQIzVUA=
cf-bgj
minify
last-modified
Thu, 27 Apr 2023 07:27:21 GMT
server
cloudflare
etag
W/"04588863e1a4daf3b76b6396282333c0"
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=10800
cf-ray
7c1608cdcdfb3625-FRA
expires
Wed, 03 May 2023 08:16:52 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/
138 KB
47 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-5071155005901453
Requested by
Host: xosoketqua.com
URL: https://xosoketqua.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s08-in-f194.1e100.net
Software
cafe /
Resource Hash
dab423879955ca9b75d591100a5ce7285e3a754db9c1e34dfd14388f7ed22ca0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://xosoketqua.com/
Origin
https://xosoketqua.com
accept-language
ka-GE,ka;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 03 May 2023 05:16:52 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
47336
x-xss-protection
0
server
cafe
etag
4504977242276566020
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Wed, 03 May 2023 05:16:52 GMT
OneSignalSDK.js
cdn.onesignal.com/sdks/
9 KB
3 KB
Script
General
Full URL
https://cdn.onesignal.com/sdks/OneSignalSDK.js?v=3
Requested by
Host: xosoketqua.com
URL: https://xosoketqua.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.215.59 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
194addf8fd862999286b33cf83116babe8c700ba3a28111777f49ca72c429970
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://xosoketqua.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 03 May 2023 05:16:52 GMT
via
1.1 google
content-encoding
br
cf-cache-status
EXPIRED
server
cloudflare
strict-transport-security
max-age=15552000; includeSubDomains
etag
W/"06f50014011c1fcd9e21b6b0481979de"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=259200
cf-ray
7c1608cde8a91999-FRA
access-control-allow-headers
OneSignal-Subscription-Id
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Sat, 06 May 2023 05:16:52 GMT
js
www.googletagmanager.com/gtag/
115 KB
45 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-146204891-4
Requested by
Host: xosoketqua.com
URL: https://xosoketqua.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.200 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s08-in-f200.1e100.net
Software
Google Tag Manager /
Resource Hash
54b7066c3789b89dbe92287752e8e5371005a5523fb37a78667c16bc272f8b8d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://xosoketqua.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 03 May 2023 05:16:52 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
45732
x-xss-protection
0
last-modified
Wed, 03 May 2023 03:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Wed, 03 May 2023 05:16:52 GMT
OneSignalPageSDKES6.js
cdn.onesignal.com/sdks/
284 KB
68 KB
Script
General
Full URL
https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151601
Requested by
Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalSDK.js?v=3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.215.59 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c868ebeb22a6d2945834c14da4641969a62e35a6cfa434a974339df068324b6e
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://xosoketqua.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 03 May 2023 05:16:52 GMT
via
1.1 google
content-encoding
br
cf-cache-status
HIT
server
cloudflare
strict-transport-security
max-age=15552000; includeSubDomains
age
1934
etag
W/"2cf94922e2d551e8dc7c38c022a9a3ca"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=259200
cf-ray
7c1608cee98a1999-FRA
access-control-allow-headers
OneSignal-Subscription-Id
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Sat, 06 May 2023 05:16:52 GMT
analytics.js
www.google-analytics.com/
51 KB
21 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-146204891-4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.78 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
e7b90d32907f89c49e9e2a2ccca95133277f756f13a14187936d9b948ff67b44
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://xosoketqua.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Wed, 03 May 2023 04:35:44 GMT
last-modified
Mon, 17 Apr 2023 22:36:01 GMT
server
Golfe2
age
2469
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20737
expires
Wed, 03 May 2023 06:35:44 GMT
show_ads_impl_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202304270101/
354 KB
119 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202304270101/show_ads_impl_fy2021.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-5071155005901453
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s08-in-f194.1e100.net
Software
cafe /
Resource Hash
d3407ac5ec38d4ad83074fef55bdc38fd69679156cf59ca1f81e94fe158f1f33
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://xosoketqua.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 03 May 2023 05:16:53 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
122067
x-xss-protection
0
server
cafe
etag
14710619440280964921
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Wed, 03 May 2023 05:16:53 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20230501/r20190131/ Frame AE91
0
0

xosoketqua.com.1343895.es6.js
jsc.mgid.com/x/o/
254 KB
72 KB
Script
General
Full URL
https://jsc.mgid.com/x/o/xosoketqua.com.1343895.es6.js
Requested by
Host: jsc.mgid.com
URL: https://jsc.mgid.com/x/o/xosoketqua.com.1343895.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.136.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
86563b0e8f32503912407673436d84bc1cb119362489c79b5a193afd81c7bce4

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://xosoketqua.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 03 May 2023 05:16:53 GMT
x-amz-version-id
EqxlZb7iBnXJGPj.nSiSJjdUTmAvUEN1
content-encoding
br
cf-cache-status
HIT
x-amz-request-id
86CDHMFXV6TGNV7G
cf-polished
origSize=260140
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2
kdsxxapAbKR3zj0Jjw9dTGytwwSJy3Wf1DDM3hJV+WTFaVS1+Dftw9yAR8PlTpY8JOKR6awXRU4=
cf-bgj
minify
last-modified
Thu, 27 Apr 2023 07:27:21 GMT
server
cloudflare
etag
W/"48815c907b63354050da39dccc792596"
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=10800
cf-ray
7c1608cfdfc73625-FRA
expires
Wed, 03 May 2023 08:16:53 GMT
ic_keno.png
xosoketqua.com/xskt/img/
970 B
1 KB
Image
General
Full URL
https://xosoketqua.com/xskt/img/ic_keno.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.73.4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
461b7a027b306b8f8f7feebe6f009d08942f52101d3525fe297a9ffe12e6c921

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://xosoketqua.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 03 May 2023 05:16:53 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
10102
cf-polished
origFmt=png, origSize=3454
content-disposition
inline; filename="ic_keno.webp"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
970
cf-bgj
imgq:85,h2pri
last-modified
Tue, 02 May 2023 10:41:16 GMT
server
cloudflare
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KjtYvJ4SgqbvKPS0QORVCS3ZZd0bF0shL3M5mPGgHii3BAfI2pQgJobMfBf4InkSsxNVq6vezQmiS1%2BVoJb3yIFMEvAou5XpJdxy2PcLQtKGzj%2FJ1zz5Bcirly2%2FYBRY"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
max-age=90000
accept-ranges
bytes
cf-ray
7c1608d08f223638-FRA
photo-camera.png
xosoketqua.com/images/
250 B
751 B
Image
General
Full URL
https://xosoketqua.com/images/photo-camera.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.73.4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bdcdc6490a46826a73d7b3d9c74d3e59b9b21c6f7cc037a3f95682a706efcad0

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://xosoketqua.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 03 May 2023 05:16:53 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
54893
cf-polished
status=format_not_supported
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
250
cf-bgj
imgq:85,h2pri
last-modified
Tue, 02 May 2023 10:39:36 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aswU4fkJciXOkA%2Biu%2BHf7c%2BQcep9tnyJsnTvSzfJll4FRvvwwNlaUq8n6ZkUlKB%2BbHUykANIkH4Pmwi%2Fdl7yvNShpXxXQ3RDvh1tVaZqtEKVU0RP9mT8asz3xZhRi4r5"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=90000
accept-ranges
bytes
cf-ray
7c1608d0af383638-FRA
hot.gif
xosoketqua.com/images/
181 B
684 B
Image
General
Full URL
https://xosoketqua.com/images/hot.gif
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.73.4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ede1a14f2800eeb40e5370aef684dce98eff7eee4e6c75fb9b3c4c773351a8b2

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://xosoketqua.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 03 May 2023 05:16:53 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
54893
cf-polished
origSize=197, status=webp_bigger
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
181
cf-bgj
imgq:85,h2pri
last-modified
Tue, 02 May 2023 10:39:32 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dvprljyp63O6c%2BZf514Zh%2BhYP8pkQvlrl9FJVBBJ9JlHwSGqGbo1SbYrbpg6FX0cG%2F91PchEAmDOjuuB4Sj2t5hb95TPmWquQZR8pqrNpdCZ%2BW0RcVyMLWhCPK9samQH"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cache-control
max-age=90000
accept-ranges
bytes
cf-ray
7c1608d0af393638-FRA
tinhwaiting.gif
xosoketqua.com/xskt/img/
4 KB
5 KB
Image
General
Full URL
https://xosoketqua.com/xskt/img/tinhwaiting.gif
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.73.4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c62e745470fae8a17a2241b5305f55ec2876b67b66de977faf03c9d65b6e54c6

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://xosoketqua.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 03 May 2023 05:16:53 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
10115
cf-polished
origFmt=gif, origSize=4559
content-disposition
inline; filename="tinhwaiting.webp"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
4138
cf-bgj
imgq:85,h2pri
last-modified
Tue, 02 May 2023 10:40:24 GMT
server
cloudflare
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FXCa8i%2BMHi2BA7lqGtN%2B1kMaFOO34lU%2F6XYUZYV4w77daExFEy6yJTwohwo5TJ19SOJKIUwIdJ0zeks5B4RQn6T0qGsPKuZoMh53zftIt2eNxP2KIVDgpUXttso70KVb"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
max-age=90000
accept-ranges
bytes
cf-ray
7c1608d0bf403638-FRA
rum
xosoketqua.com/cdn-cgi/
0
140 B
XHR
General
Full URL
https://xosoketqua.com/cdn-cgi/rum?
Requested by
Host: static.cloudflareinsights.com
URL: https://static.cloudflareinsights.com/beacon.min.js/v52afc6f149f6479b8c77fa569edb01181681764108816
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.73.4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://xosoketqua.com/
accept-language
ka-GE,ka;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type
application/json

Response headers

date
Wed, 03 May 2023 05:16:53 GMT
x-content-type-options
nosniff
server
cloudflare
vary
Origin
access-control-max-age
86400
access-control-allow-methods
POST,OPTIONS
access-control-allow-origin
https://xosoketqua.com
x-frame-options
DENY
access-control-allow-credentials
true
cf-ray
7c1608d0bf423638-FRA
web
onesignal.com/api/v1/sync/e38d6cec-9743-465f-aee2-edda7ae252e9/
4 KB
2 KB
Script
General
Full URL
https://onesignal.com/api/v1/sync/e38d6cec-9743-465f-aee2-edda7ae252e9/web?callback=__jp0
Requested by
Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151601
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.215.59 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7155ae5b6cc7967831b11b7f8c2c5c0921895b18c331d24409d8614911f273ab
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://xosoketqua.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 03 May 2023 05:16:53 GMT
via
1.1 google
x-content-type-options
nosniff
cf-cache-status
EXPIRED
content-encoding
br
x-permitted-cross-domain-policies
none
strict-transport-security
max-age=15552000; includeSubDomains
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
x-request-id
914afe71-a92f-4fdd-a7ae-16993d499b39
x-runtime
0.026467
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
etag
W/"7155ae5b6cc7967831b11b7f8c2c5c09"
x-download-options
noopen
vary
Origin, Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=3600
cf-ray
7c1608d0eb801999-FRA
access-control-allow-headers
SDK-Version
expires
Wed, 03 May 2023 06:16:53 GMT
OneSignalSDKStyles.css
onesignal.com/sdks/
82 KB
9 KB
Stylesheet
General
Full URL
https://onesignal.com/sdks/OneSignalSDKStyles.css?v=2
Requested by
Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151601
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.215.59 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
db7e0b393e175f19922fefbdcaa2866fca209c521d01cc834ae06cbf8d0f91b7
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://xosoketqua.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 03 May 2023 05:16:53 GMT
via
1.1 google
content-encoding
br
cf-cache-status
HIT
server
cloudflare
strict-transport-security
max-age=15552000; includeSubDomains
age
2718
etag
W/"4e9aaefffd5f8ae7dc83361aa2294190"
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=2592000
cf-ray
7c1608d22db75c85-FRA
access-control-allow-headers
OneSignal-Subscription-Id
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Fri, 02 Jun 2023 05:16:53 GMT
collect
www.google-analytics.com/j/
1 B
205 B
XHR
General
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j100&a=1503431896&t=pageview&_s=1&dl=https%3A%2F%2Fxosoketqua.com%2F&ul=en-us&de=UTF-8&dt=X%E1%BB%95%20S%E1%BB%91%20K%E1%BA%BFt%20Qu%E1%BA%A3%20-%20ketqua%2C%20kqxs%2C%20ket%20qua%20xo%20so%20hom%20nay%2C%20ketquaxoso&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAACAAI~&jid=570336550&gjid=1923269653&cid=1391619715.1683091013&tid=UA-146204891-4&_gid=1728927787.1683091013&_r=1&gtm=457e3510&jsscut=1&z=326220693
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.78 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://xosoketqua.com/
accept-language
ka-GE,ka;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 03 May 2023 05:16:53 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://xosoketqua.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
aad0db59-1bd8-4bfa-a7ed-f5e1b4d711d0
https://xosoketqua.com/
0
0
Other
General
Full URL
blob:https://xosoketqua.com/aad0db59-1bd8-4bfa-a7ed-f5e1b4d711d0
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Length
0
Content-Type
text/javascript
e0e9d451-2ee0-495f-be38-bee7dc62d3ea
https://xosoketqua.com/
250 B
0
Other
General
Full URL
blob:https://xosoketqua.com/e0e9d451-2ee0-495f-be38-bee7dc62d3ea
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e37071398d21f18dff2370ee0885f38811bb69bb465b398100ab3101fc521d6b

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Length
250
Content-Type
text/javascript
/
c.mgid.com/pv/
0
43 B
Script
General
Full URL
https://c.mgid.com/pv/?scum=%3F0&scuw=%3F0&pv=5&cbuster=1683091013588810644840&uniqId=05bb4&lct=1682553600&niet=4g&nisd=false&jsv=es6&ref=&cxurl=http%3A%2F%2Fxosoketqua.com%2F&lu=https%3A%2F%2Fxosoketqua.com%2F&sessionId=6451ee46-00f8d&pageView=1&pvid=187e00abfd4bafbeef9&site=798325&implVersion=11&dpr=1&tfre=6690
Requested by
Host: jsc.mgid.com
URL: https://jsc.mgid.com/x/o/xosoketqua.com.1343895.es6.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.136.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://xosoketqua.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 03 May 2023 05:16:53 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
7c1608d35b153625-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
68e8494b-ce3a-4d76-adca-75475d3d09e6
https://xosoketqua.com/
1 KB
0
Media
General
Full URL
blob:https://xosoketqua.com/68e8494b-ce3a-4d76-adca-75475d3d09e6
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
60ddc774c7b5fd0c01d169321a444da403d60c0042f6bee01b0c96f6e1535fda

Request headers

Referer
Accept-Encoding
identity;q=1, *;q=0
accept-language
ka-GE,ka;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Range
bytes=0-

Response headers

Content-Range
bytes 0-1492/1493
Content-Length
1493
Content-Type
video/mp4
mgid_ua.svg
cdn.mgid.com/images/mgid/
2 KB
1 KB
Image
General
Full URL
https://cdn.mgid.com/images/mgid/mgid_ua.svg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.136.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
70d5c4de881e718d0b7638959680ba86722d44eecbe4058d20dd77b8d0d97155

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://xosoketqua.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 03 May 2023 05:16:53 GMT
x-amz-version-id
null
content-encoding
br
cf-cache-status
HIT
x-amz-request-id
4ZA9P7VPAM79SEE5
age
721
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2
Ogo/ex200L7ps4FnQp+/tzaMP2Es62GIpyM//oh5VixopnKeKU/OLkVNxoGwINDIcf8PtYkWji0=
last-modified
Tue, 08 Mar 2022 17:05:01 GMT
server
cloudflare
x-amz-meta-s3cmd-attrs
atime:1646759091/ctime:1646759091/gid:0/gname:root/md5:617c205137825561208ef7c1a2d8f319/mode:33206/mtime:1646759091/uid:0/uname:root
etag
W/"617c205137825561208ef7c1a2d8f319"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public, max-age=86400
cf-ray
7c1608d36b2b3625-FRA
expires
Thu, 04 May 2023 05:16:53 GMT
Adchoices.svg
cdn.mgid.com/images/logos/
836 B
812 B
Image
General
Full URL
https://cdn.mgid.com/images/logos/Adchoices.svg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.136.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7992a4430843ef8b4bbae534358be3193aa1ae9c78f273e8e8a70b6af1244ac5

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://xosoketqua.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 03 May 2023 05:16:53 GMT
x-amz-version-id
null
content-encoding
br
cf-cache-status
HIT
x-amz-request-id
YRQRQGQP9DZNZ14S
age
2908
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2
prDGrfP9Q2yJocLMVMs086d4Xf20e00Uihgi74TWkWggHy5UZf6VnePTEnJDA4LpjohSwbs6H6U=
last-modified
Wed, 17 Feb 2021 18:15:53 GMT
server
cloudflare
x-amz-meta-s3cmd-attrs
atime:1613585745/ctime:1613585745/gid:0/gname:root/md5:7d59364b7ed2df3f02507c9f92560df9/mode:33206/mtime:1613585745/uid:0/uname:root
etag
W/"7d59364b7ed2df3f02507c9f92560df9"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public, max-age=86400
cf-ray
7c1608d36b2a3625-FRA
expires
Thu, 04 May 2023 05:16:53 GMT
1
servicer.mgid.com/1343895/
5 KB
2 KB
Script
General
Full URL
https://servicer.mgid.com/1343895/1?scum=%3F0&scuw=%3F0&pv=5&cbuster=1683091013655394509855&uniqId=05bb4&lct=1682553600&niet=4g&nisd=false&jsv=es6&mp4=1&ap=1&w=553&h=559&maxw_3=271&maxh_3=250&sz=271x250&szp=1,2,3,4&szl=1,2;3,4&cols=2&ref=&cxurl=http%3A%2F%2Fxosoketqua.com%2F&lu=https%3A%2F%2Fxosoketqua.com%2F&sessionId=6451ee46-00f8d&pageView=1&pvid=187e00abfd4bafbeef9&implVersion=11&dpr=1&tfre=6757
Requested by
Host: jsc.mgid.com
URL: https://jsc.mgid.com/x/o/xosoketqua.com.1343895.es6.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.136.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
52d43dc9024efb41ce28c80de9bf1ea9b4f3577939924a2c0ee80da554f6b634

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://xosoketqua.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 03 May 2023 05:16:53 GMT
content-encoding
br
cf-cache-status
DYNAMIC
server
cloudflare
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-allow-credentials
true
cf-ray
7c1608d3cb633625-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
mgid_ua.svg
cdn.mgid.com/images/mgid/
2 KB
1 KB
Image
General
Full URL
https://cdn.mgid.com/images/mgid/mgid_ua.svg
Requested by
Host: jsc.mgid.com
URL: https://jsc.mgid.com/x/o/xosoketqua.com.1343895.es6.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.19.136.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
70d5c4de881e718d0b7638959680ba86722d44eecbe4058d20dd77b8d0d97155

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://xosoketqua.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 03 May 2023 05:16:53 GMT
x-amz-version-id
null
content-encoding
br
cf-cache-status
HIT
x-amz-request-id
BQQZ016TJQM3CQAQ
age
4247
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2
H0ihdhm/EJhbcC+homFO+mab68DYYvx/mk6E6cpnOvsu3WasxL/t0xcMLjTuGMaSc4h2RuXW7vE=
last-modified
Tue, 08 Mar 2022 17:05:01 GMT
server
cloudflare
x-amz-meta-s3cmd-attrs
atime:1646759091/ctime:1646759091/gid:0/gname:root/md5:617c205137825561208ef7c1a2d8f319/mode:33206/mtime:1646759091/uid:0/uname:root
etag
W/"617c205137825561208ef7c1a2d8f319"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public, max-age=86400
cf-ray
7c1608d4ca22911f-FRA
expires
Thu, 04 May 2023 05:16:53 GMT
Adchoices.svg
cdn.mgid.com/images/logos/
836 B
1010 B
Image
General
Full URL
https://cdn.mgid.com/images/logos/Adchoices.svg
Requested by
Host: jsc.mgid.com
URL: https://jsc.mgid.com/x/o/xosoketqua.com.1343895.es6.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.19.136.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7992a4430843ef8b4bbae534358be3193aa1ae9c78f273e8e8a70b6af1244ac5

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://xosoketqua.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 03 May 2023 05:16:53 GMT
x-amz-version-id
null
content-encoding
br
cf-cache-status
HIT
x-amz-request-id
BQQP2P0ZGAY0CMXJ
age
3660
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2
Cxr/h9GEH2cm2grnKHiXrIw5MioqY/kDhHlX9SIKfHkMPhFjrTu42FaOoPgYIABs4KQfQTtjm/c=
last-modified
Wed, 17 Feb 2021 18:15:53 GMT
server
cloudflare
x-amz-meta-s3cmd-attrs
atime:1613585745/ctime:1613585745/gid:0/gname:root/md5:7d59364b7ed2df3f02507c9f92560df9/mode:33206/mtime:1613585745/uid:0/uname:root
etag
W/"7d59364b7ed2df3f02507c9f92560df9"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public, max-age=86400
cf-ray
7c1608d4ca26911f-FRA
expires
Thu, 04 May 2023 05:16:53 GMT
aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ194eV9jZW50ZXIscV9hdXRvOmdvb2Qsd18xMDIwLHhfNTgwLHlfMjUwL2h0dHA6Ly9pbWdob3N0cy5jb20vdC8yMDIzLTA0L...
s-img.mgid.com/g/16030272/492x277/-/
14 KB
14 KB
Image
General
Full URL
https://s-img.mgid.com/g/16030272/492x277/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ194eV9jZW50ZXIscV9hdXRvOmdvb2Qsd18xMDIwLHhfNTgwLHlfMjUwL2h0dHA6Ly9pbWdob3N0cy5jb20vdC8yMDIzLTA0LzYyNTY3Ni9jZjY5ZThkZGEwMjZmMjAwZjJiNjJjYjNmYmM0OTNhMC5qcGVn.webp?v=1683091013-AmsNJ3Kwh2enMQFQsOb5thvGL1gaRtxMAI4tWyz6a3M
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.134.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3780758bd257fe72793a9662c0905aea524d46c8933e666fa860dfc9c56103e0

Request headers

Referer
https://xosoketqua.com/
Origin
https://xosoketqua.com
accept-language
ka-GE,ka;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 03 May 2023 05:16:54 GMT
cf-cache-status
HIT
last-modified
Thu, 27 Apr 2023 05:48:48 GMT
x-mg-request-uuid
574ad5e2-57df-4f4e-bc7f-20748d770cab
server
cloudflare
age
514825
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
x-robots-tag
noindex
cf-ray
7c1608d6b9562c4d-FRA
content-length
13966
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHFfYXV0bzpnb29kLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMy0wMy83ODU1ODYvZTY4Y...
s-img.mgid.com/g/15643640/492x277/-/
10 KB
10 KB
Image
General
Full URL
https://s-img.mgid.com/g/15643640/492x277/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHFfYXV0bzpnb29kLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMy0wMy83ODU1ODYvZTY4YTQwM2Y1OTY0MTgzM2U4NDRlNmJkZWQxYjYxOTUuanBn.webp?v=1683091013-pqln9rq3bVmMLsn2_zxxhq8AjRBrEu9zx-IPFr1DmeU
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.134.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
05246e75582763e580ad96be2cbfe21ad8deed6e478e9694c48a619dca0296f3

Request headers

Referer
https://xosoketqua.com/
Origin
https://xosoketqua.com
accept-language
ka-GE,ka;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 03 May 2023 05:16:54 GMT
cf-cache-status
HIT
last-modified
Sun, 19 Mar 2023 21:20:25 GMT
x-mg-request-uuid
cd1123c2-e8c7-431c-8875-df15402f0b66
server
cloudflare
age
3829414
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
x-robots-tag
noindex
cf-ray
7c1608d6b9582c4d-FRA
content-length
10076
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ194eV9jZW50ZXIscV9hdXRvOmdvb2Qsd18xMDIwLHhfMjM1LHlfNjAvaHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjItMTIvN...
s-img.mgid.com/g/15031533/492x277/-/
10 KB
10 KB
Image
General
Full URL
https://s-img.mgid.com/g/15031533/492x277/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ194eV9jZW50ZXIscV9hdXRvOmdvb2Qsd18xMDIwLHhfMjM1LHlfNjAvaHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjItMTIvNjI1Njc2L2FkZTNiMjkyNmE3Y2RhYmI5ODAzYjk0YTk5OGE4M2QxLmpwZw.webp?v=1683091013-BGW3XIUBhbcYzyFKLmg3k6mR5ZwJ0BTEoHIskH5kfBI
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.134.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
51661c9cf72b9b4261b683b0e7b9d2a63972a5f2dd4d552ee1fd03d6a28d1c19

Request headers

Referer
https://xosoketqua.com/
Origin
https://xosoketqua.com
accept-language
ka-GE,ka;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 03 May 2023 05:16:54 GMT
cf-cache-status
HIT
last-modified
Fri, 30 Dec 2022 10:07:50 GMT
x-mg-request-uuid
eef50800-0853-4f73-aa0f-b77c4b1ab448
server
cloudflare
age
10288171
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
x-robots-tag
noindex
cf-ray
7c1608d6b9592c4d-FRA
content-length
10132
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
5ff552a8684ccba1b400bdfed00a5464.mp4
cl.imghosts.com/imgh/video/upload/ar_16:9,c_fill,w_680/videos/t/2023-05/581854/
408 KB
409 KB
Media
General
Full URL
https://cl.imghosts.com/imgh/video/upload/ar_16:9,c_fill,w_680/videos/t/2023-05/581854/5ff552a8684ccba1b400bdfed00a5464.mp4?v=1683091013-vW-FOIihtd2L0EIVTCw6zVMC5vbvD8TLrs8wsV64vv8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.12.45 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c8b017a1516c3d7fe834aa77530a333dda8fefbdad5f2c29a6d73deb32c1fec4
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://xosoketqua.com/
Accept-Encoding
identity;q=1, *;q=0
accept-language
ka-GE,ka;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Range
bytes=0-

Response headers

date
Wed, 03 May 2023 05:16:54 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
age
57670
Content-Range
bytes 0-418166/418167
server-timing
cld-fastly;mitm=cpo;dur=38;cpu=1;start=2023-05-02T12:47:43.078Z;desc=miss,rtt;dur=0,cloudinary;dur=36;start=2023-05-02T12:47:43.078Z
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
Content-Length
418167
last-modified
Tue, 02 May 2023 12:47:41 GMT
server
cloudflare
etag
"1b6753d0880e65951d546d3e4a417d59"
vary
Accept-Encoding
content-type
video/mp4;codecs=avc1
access-control-allow-origin
*
access-control-expose-headers
Content-Length,ETag,Server-Timing,X-Content-Type-Options
cache-control
public, max-age=31536000, no-transform, immutable
timing-allow-origin
*
x-robots-tag
noindex
cf-ray
7c1608d6be3a1c40-FRA
cookie.js
partner.googleadservices.com/gampad/
395 B
608 B
Script
General
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=xosoketqua.com&callback=_gfp_s_&client=ca-pub-5071155005901453
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202304270101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s08-in-f194.1e100.net
Software
cafe /
Resource Hash
d3c1b12c5f9be380a8bdcc6ee92459029dbef7fa32cd80e3a87fb7fb0ffa1455
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://xosoketqua.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 03 May 2023 05:16:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
256
x-xss-protection
0
integrator.js
adservice.google.ge/adsid/
107 B
531 B
Script
General
Full URL
https://adservice.google.ge/adsid/integrator.js?domain=xosoketqua.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202304270101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://xosoketqua.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 03 May 2023 05:16:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/
107 B
456 B
Script
General
Full URL
https://adservice.google.com/adsid/integrator.js?domain=xosoketqua.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202304270101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s22-in-f2.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://xosoketqua.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 03 May 2023 05:16:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 7966
436 B
701 B
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5071155005901453&output=html&h=100&slotname=1553820594&adk=1542220757&adf=1426257581&pi=t.ma~as.1553820594&w=848&fwrn=4&fwrnh=100&lmt=1683091005&rafmt=12&format=848x100&url=https%3A%2F%2Fxosoketqua.com%2F&fwr=0&fwrattr=true&rh=100&rw=848&sfro=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1683091013012&bpp=2&bdt=7064&idt=886&shv=r20230501&mjsv=m202304270101&ptt=9&saldr=aa&abxe=1&correlator=438006875520&frm=20&pv=2&ga_vid=1391619715.1683091013&ga_sid=1683091014&ga_hid=1503431896&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=523&ady=10&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44773809%2C44759842%2C44759926%2C44759875%2C31071755%2C44788441%2C44789762%2C44790154&oid=2&pvsid=734595545216999&tmod=1449229601&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CloEe%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=NwPabsUW7M&p=https%3A//xosoketqua.com&dtd=900
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202304270101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s08-in-f194.1e100.net
Software
cafe /
Resource Hash
f56b51e67e404e3cb7809fa66d2919735c4d0a9bbb365c833a56b2786c3919da
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://xosoketqua.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
ka-GE,ka;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
213
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 03 May 2023 05:16:54 GMT
expires
Wed, 03 May 2023 05:16:54 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
sodar
pagead2.googlesyndication.com/getconfig/
14 KB
11 KB
XHR
General
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230501&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202304270101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s08-in-f194.1e100.net
Software
cafe /
Resource Hash
15eb9cc02c8c12df726b2fbefe8fdc377f36902f1b63139c850be480ec3bd630
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://xosoketqua.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 03 May 2023 05:16:54 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11102
x-xss-protection
0
i.js
cm.mgid.com/
2 KB
1 KB
Script
General
Full URL
https://cm.mgid.com/i.js?&cbuster=1683091013926886994908
Requested by
Host: jsc.mgid.com
URL: https://jsc.mgid.com/x/o/xosoketqua.com.1343895.es6.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.136.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
352111176e03a5be432f786a3637eb7fceab17af7da2ca01e56b99f744ecfa67

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://xosoketqua.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 03 May 2023 05:16:54 GMT
content-encoding
br
cf-cache-status
DYNAMIC
server
cloudflare
vary
Accept-Encoding
content-type
application/javascript
cache-control
no-store, no-cache, must-revalidate, max-age=0
cf-ray
7c1608d57cad3625-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
i-noref.js
cm.mgid.com/ Frame 2D24
0
35 B
Script
General
Full URL
https://cm.mgid.com/i-noref.js?cbuster=1683091013939141015305
Requested by
Host: jsc.mgid.com
URL: https://jsc.mgid.com/x/o/xosoketqua.com.1343895.es6.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.136.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 03 May 2023 05:16:54 GMT
cache-control
no-store, no-cache, must-revalidate, max-age=0
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
7c1608d57cb33625-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
id5-api.js
cdn.id5-sync.com/api/1.0/
58 KB
17 KB
Script
General
Full URL
https://cdn.id5-sync.com/api/1.0/id5-api.js
Requested by
Host: jsc.mgid.com
URL: https://jsc.mgid.com/x/o/xosoketqua.com.1343895.es6.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.38.106 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0325b6c9e68ae3f6ec25f6817b4daef364bd99c2ff5f04588fd6f956bf983b97
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://xosoketqua.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 03 May 2023 05:16:54 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-encoding
gzip
cf-cache-status
HIT
last-modified
Thu, 06 Apr 2023 12:00:04 GMT
server
cloudflare
x-amz-request-id
B9574BVRG1ZSG4HV
age
939
etag
W/"b58faeda0c1d193bc50dd25a7640d8ba"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
text/javascript;charset=utf-8
cache-control
public, max-age=3600
cf-ray
7c1608d72b7f35f3-FRA
x-amz-id-2
j5ARhHB85BlZgMnEqsC8+kh6KnF793iwhqx1Mde47N7jFrubuoTEiNak6sNAckEq+EEOR+ly0AgnSz14OHqLxg==
pwt.js
ads.pubmatic.com/AdServer/js/pwt/161673/7165/
207 KB
63 KB
Script
General
Full URL
https://ads.pubmatic.com/AdServer/js/pwt/161673/7165/pwt.js
Requested by
Host: jsc.mgid.com
URL: https://jsc.mgid.com/x/o/xosoketqua.com.1343895.es6.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-201.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
a9f959272120a8fe9fc940b8df6a07a9e6c79d9b72773d62878e82fcd1c51951

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://xosoketqua.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 03 May 2023 05:16:54 GMT
content-encoding
gzip
last-modified
Sat, 29 Apr 2023 00:55:21 GMT
server
Apache
vary
Accept-Encoding
content-type
application/javascript
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
max-age=122693
accept-ranges
bytes
content-length
63913
expires
Thu, 04 May 2023 15:21:47 GMT
sodar2.js
tpc.googlesyndication.com/sodar/
17 KB
7 KB
Script
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202304270101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.1 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s28-in-f1.1e100.net
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://xosoketqua.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 03 May 2023 05:16:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Wed, 03 May 2023 05:16:54 GMT
usync.html
eus.rubiconproject.com/ Frame 30A7
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=mgid&endpoint=us-west&gdpr=0&gdpr_consent=&us_privacy=
  • https://eus.rubiconproject.com/usync.html?p=mgid&endpoint=us-west&gdpr=0&gdpr_consent=&us_privacy=
281 B
554 B
Document
General
Full URL
https://eus.rubiconproject.com/usync.html?p=mgid&endpoint=us-west&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: cm.mgid.com
URL: https://cm.mgid.com/i.js?&cbuster=1683091013926886994908
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.56.202.187 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-56-202-187.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://xosoketqua.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
ka-GE,ka;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Wed, 03 May 2023 05:16:54 GMT
ETag
"40010-119-5ec73a0a33d00"
Last-Modified
Wed, 02 Nov 2022 02:30:44 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Wed, 03 May 2023 05:16:54 GMT
location
https://eus.rubiconproject.com/usync.html?p=mgid&endpoint=us-west&gdpr=0&gdpr_consent=&us_privacy=
server
AkamaiGHost
check
pixel.tapad.com/idsync/ex/receive/
Redirect Chain
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=3411&partner_device_id=n42RTW_JGMgm
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3411&partner_device_id=n42RTW_JGMgm
95 B
437 B
Image
General
Full URL
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3411&partner_device_id=n42RTW_JGMgm
Protocol
H2
Server
34.111.113.62 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
62.113.111.34.bc.googleusercontent.com
Software
/
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://xosoketqua.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 03 May 2023 05:16:54 GMT
strict-transport-security
max-age=31536000
via
1.1 google
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
content-type
image/png
access-control-allow-origin
*
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
95

Redirect headers

date
Wed, 03 May 2023 05:16:54 GMT
strict-transport-security
max-age=31536000
via
1.1 google
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
access-control-allow-origin
*
location
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3411&partner_device_id=n42RTW_JGMgm
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
m
cm.mgid.com/
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=omn67hl&ttd_tpi=1
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=omn67hl&ttd_tpi=1
  • https://cm.mgid.com/m?cdsp=371158&c=a85accb3-e1a2-493a-a5f2-dbad59202ab0&ttl=1685683014
43 B
380 B
Image
General
Full URL
https://cm.mgid.com/m?cdsp=371158&c=a85accb3-e1a2-493a-a5f2-dbad59202ab0&ttl=1685683014
Protocol
H3
Server
104.19.136.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://xosoketqua.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 03 May 2023 05:16:55 GMT
cf-cache-status
DYNAMIC
server
cloudflare
content-type
image/gif
cache-control
no-store, no-cache, must-revalidate, max-age=0
cf-ray
7c1608dbbfe4911f-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43

Redirect headers

pragma
no-cache
date
Wed, 03 May 2023 05:16:54 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://cm.mgid.com/m?cdsp=371158&c=a85accb3-e1a2-493a-a5f2-dbad59202ab0&ttl=1685683014
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
205
sync
ads.yieldmo.com/
Redirect Chain
  • https://x.bidswitch.net/sync?dsp_id=303&user_id=n42RTW_JGMgm&gdpr=0&gdpr_consent=&us_privacy=
  • https://x.bidswitch.net/ul_cb/sync?dsp_id=303&user_id=n42RTW_JGMgm&gdpr=0&gdpr_consent=&us_privacy=
  • https://ads.yieldmo.com/sync?userid=c764e903-fb09-41d8-b8dd-6c2e69647e82&pn_id=bsw&extinit=1&gdpr=0&gdpr_consent=
43 B
600 B
Image
General
Full URL
https://ads.yieldmo.com/sync?userid=c764e903-fb09-41d8-b8dd-6c2e69647e82&pn_id=bsw&extinit=1&gdpr=0&gdpr_consent=
Protocol
H2
Server
63.34.98.194 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-63-34-98-194.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://xosoketqua.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 03 May 2023 05:16:55 GMT
accept-ch
Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Model,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile
access-control-allow-methods
POST, GET, OPTIONS
content-type
image/gif;charset=utf-8
access-control-allow-origin
*
access-control-allow-headers
Cache-Control, Pragma, *
content-length
43

Redirect headers

location
//ads.yieldmo.com/sync?userid=c764e903-fb09-41d8-b8dd-6c2e69647e82&pn_id=bsw&extinit=1&gdpr=0&gdpr_consent=
date
Wed, 03 May 2023 05:16:54 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
/
cm.idealmedia.io/setmuidn/
0
143 B
Image
General
Full URL
https://cm.idealmedia.io/setmuidn/?muidf=n42RTW_JGMgm
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.107.41 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://xosoketqua.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 03 May 2023 05:16:54 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
7c1608d98b779be0-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
content-type
image/gif
m
cm.mgid.com/
Redirect Chain
  • https://creativecdn.com/cm-notify?pi=mgid
  • https://creativecdn.com/cm-notify?pi=mgid&tc=1
  • https://cm.mgid.com/m?cdsp=501037&c=BSEULZShS3rJjXJF94VN&pi=mgid&tc=1
43 B
380 B
Image
General
Full URL
https://cm.mgid.com/m?cdsp=501037&c=BSEULZShS3rJjXJF94VN&pi=mgid&tc=1
Protocol
H3
Server
104.19.136.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://xosoketqua.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 03 May 2023 05:16:55 GMT
cf-cache-status
DYNAMIC
server
cloudflare
content-type
image/gif
cache-control
no-store, no-cache, must-revalidate, max-age=0
cf-ray
7c1608db9fc9911f-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43

Redirect headers

location
https://cm.mgid.com/m?cdsp=501037&c=BSEULZShS3rJjXJF94VN&pi=mgid&tc=1
pragma
no-cache
date
Wed, 03 May 2023 05:16:54 GMT, Wed, 03 May 2023 05:16:54 GMT
cache-control
no-cache, no-store, must-revalidate, private, max-age=0
content-length
0
expires
Thu, 01 Jan 1970 00:00:00 GMT
mgid
cm.rtbsystem.com/
0
669 B
Image
General
Full URL
https://cm.rtbsystem.com/mgid?c=n42RTW_JGMgm&gdpr=0&gdpr_consent=&us_privacy=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://xosoketqua.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 03 May 2023 05:16:54 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FGhe%2BWsOwWH8SFwkcJg3pf6BU6K1eaKqC8yq%2FmnIoYSUQ%2BPjKg6w6iaum%2FoM4fo8wVBKsKfdDdk%2BM092mJAl%2FXq3trNRZwjqJiZEd%2FeulscfiKxkYK575EHKK1Ui1iewKfAm"}],"group":"cf-nel","max_age":604800}
content-type
text/plain
cf-ray
7c1608d9eed8bb8b-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
pixel
ap.lijit.com/
Redirect Chain
  • https://prebid.a-mo.net/cchain/0?gdpr=0&gdpr_consent=&us_privacy=&cb=https%3A//cm.mgid.com/m%3Fcdsp%3D779131%26c%3D
  • https://ap.lijit.com/pixel?gdpr=1&gdpr_consent=&us_privacy=&redir=https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F0%2F169%3Fgdpr%3D0%26gdpr_consent%3D%26us_privacy%3D%26A%3Dbb16dd31-9caf-42cf-8a08-7e079c3...
0
277 B
Image
General
Full URL
https://ap.lijit.com/pixel?gdpr=1&gdpr_consent=&us_privacy=&redir=https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F0%2F169%3Fgdpr%3D0%26gdpr_consent%3D%26us_privacy%3D%26A%3Dbb16dd31-9caf-42cf-8a08-7e079c3b130b%26bidder%3Dsovrn%26cbx%3DaHR0cHM6Ly9jbS5tZ2lkLmNvbS9tP2Nkc3A9Nzc5MTMxJmM9%26uid%3D%24UID
Protocol
HTTP/1.1
Server
216.52.2.86 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://xosoketqua.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Wed, 03 May 2023 05:16:55 GMT
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap4ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Access-Control-Allow-Methods
GET, POST, DELETE, PUT

Redirect headers

location
https://ap.lijit.com/pixel?gdpr=1&gdpr_consent=&us_privacy=&redir=https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F0%2F169%3Fgdpr%3D0%26gdpr_consent%3D%26us_privacy%3D%26A%3Dbb16dd31-9caf-42cf-8a08-7e079c3b130b%26bidder%3Dsovrn%26cbx%3DaHR0cHM6Ly9jbS5tZ2lkLmNvbS9tP2Nkc3A9Nzc5MTMxJmM9%26uid%3D%24UID
date
Wed, 03 May 2023 05:16:53 GMT
cache-control
max-age=0, private, must-revalidate
x-envoy-upstream-service-time
1
server
envoy
content-length
0
sync.php
pixel.rubiconproject.com/exchange/
Redirect Chain
  • https://sync.e-volution.ai/34b9aae5baa016b251b9fc488f4a97cd.gif?puid=n42RTW_JGMgm&gdpr=0&gdpr_consent=&ccpa_consent=
  • https://ssbsync.smartadserver.com/api/sync?callerId=24&gdpr=0&gdpr_consent=&us_privacy=
  • https://sync.e-volution.ai/a02d62607dea0c97e41ff36ebd422945.gif?puid=5587068788240841869&gdpr=0&gdpr_consent=
  • https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-pashadv&gdpr=0&gdpr_consent=&us_privacy=
42 B
772 B
Image
General
Full URL
https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-pashadv&gdpr=0&gdpr_consent=&us_privacy=
Protocol
HTTP/1.1
Server
69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://xosoketqua.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
e06182bf224d96e6550f4595601cdb0b
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

Pragma
no-cache
Date
Wed, 03 May 2023 05:16:55 GMT
Server
nginx
Transfer-Encoding
chunked
Location
https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-pashadv&gdpr=0&gdpr_consent=&us_privacy=
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Expires
0
google
cm.mgid.com/
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=marketgid&google_cm=&google_ula={guid}&google_hm=bjQyUlRXX0pHTWdt&muidn=n42RTW_JGMgm
  • https://cm.mgid.com/google?muidn=n42RTW_JGMgm&google_ula={guid},5&google_gid=CAESEN_ZrhPZkYYghl06T2LEESA&google_cver=1
0
121 B
Image
General
Full URL
https://cm.mgid.com/google?muidn=n42RTW_JGMgm&google_ula={guid},5&google_gid=CAESEN_ZrhPZkYYghl06T2LEESA&google_cver=1
Protocol
H3
Server
104.19.136.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://xosoketqua.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 03 May 2023 05:16:55 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
7c1608dbf829911f-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
content-type
text/plain

Redirect headers

pragma
no-cache
date
Wed, 03 May 2023 05:16:54 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://cm.mgid.com/google?muidn=n42RTW_JGMgm&google_ula={guid},5&google_gid=CAESEN_ZrhPZkYYghl06T2LEESA&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
327
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sync
x.bidswitch.net/
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=mgid
  • https://x.bidswitch.net/ul_cb/sync?ssp=mgid
  • https://c1.adform.net/serving/cookie/match/?party=24&bidswitch_ssp_id=mgid
  • https://c1.adform.net/serving/cookie/match/?CC=1&party=24&bidswitch_ssp_id=mgid
  • https://x.bidswitch.net/sync?dsp_id=70&user_id=2457221643577167288&ssp=mgid
0
71 B
Image
General
Full URL
https://x.bidswitch.net/sync?dsp_id=70&user_id=2457221643577167288&ssp=mgid
Protocol
H2
Server
3.123.210.213 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-123-210-213.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://xosoketqua.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 03 May 2023 05:16:55 GMT
cache-control
no-cache, no-store, must-revalidate

Redirect headers

pragma
no-cache
date
Wed, 03 May 2023 05:16:55 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET
location
https://x.bidswitch.net/sync?dsp_id=70&user_id=2457221643577167288&ssp=mgid
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
m
cm.mgid.com/
Redirect Chain
  • https://ad.360yield.com/server_match?partner_id=1944&r=https%3A%2F%2Fcm.mgid.com%2Fm%3Fcdsp%3D665953%26c%3D%7BPUB_USER_ID%7D
  • https://ad.360yield.com/ul_cb/server_match?partner_id=1944&r=https%3A%2F%2Fcm.mgid.com%2Fm%3Fcdsp%3D665953%26c%3D%7BPUB_USER_ID%7D
  • https://cm.mgid.com/m?cdsp=665953&c=1d0d4a17-86e2-4f6e-b0ba-cc7ffc372280
43 B
396 B
Image
General
Full URL
https://cm.mgid.com/m?cdsp=665953&c=1d0d4a17-86e2-4f6e-b0ba-cc7ffc372280
Protocol
H3
Server
104.19.136.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://xosoketqua.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 03 May 2023 05:16:55 GMT
cf-cache-status
DYNAMIC
server
cloudflare
content-type
image/gif
cache-control
no-store, no-cache, must-revalidate, max-age=0
cf-ray
7c1608ddc9b8911f-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43

Redirect headers

location
https://cm.mgid.com/m?cdsp=665953&c=1d0d4a17-86e2-4f6e-b0ba-cc7ffc372280
access-control-allow-origin
*
date
Wed, 03 May 2023 05:16:55 GMT
content-type
text/plain
content-length
0
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
m
cm.mgid.com/
Redirect Chain
  • https://image8.pubmatic.com/AdServer/ImgSync?p=161673&gdpr=0&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D161673%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fcm.m...
  • https://image8.pubmatic.com/AdServer/ImgSync?p=161673&gdpr=0&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D161673%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fcm.m...
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=NUJCODA3MTYtNjdGQy00OTFELTlDOTEtMDYyRUM4NDIzOTcx&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
  • https://image4.pubmatic.com/AdServer/SPug?gdpr=0&partnerID=161673&pmc=1&pr=https%3A%2F%2Fcm.mgid.com%2Fm%3Fcdsp%3D712807%26c%3D5BB80716-67FC-491D-9C91-062EC8423971
  • https://cm.mgid.com/m?cdsp=712807&c=5BB80716-67FC-491D-9C91-062EC8423971
43 B
411 B
Image
General
Full URL
https://cm.mgid.com/m?cdsp=712807&c=5BB80716-67FC-491D-9C91-062EC8423971
Protocol
H3
Server
104.19.136.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://xosoketqua.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 03 May 2023 05:16:56 GMT
cf-cache-status
DYNAMIC
server
cloudflare
content-type
image/gif
cache-control
no-store, no-cache, must-revalidate, max-age=0
cf-ray
7c1608e53826911f-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43

Redirect headers

location
https://cm.mgid.com/m?cdsp=712807&c=5BB80716-67FC-491D-9C91-062EC8423971
date
Wed, 03 May 2023 05:16:56 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
v1
lb.eu-1-id5-sync.com/lb/
33 B
401 B
XHR
General
Full URL
https://lb.eu-1-id5-sync.com/lb/v1
Requested by
Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
141.95.33.111 , Germany, ASN16276 (OVH, FR),
Reverse DNS
ns3203177.ip-141-95-33.eu
Software
/
Resource Hash
1ad498b4b20663ee8ec610e48bbe4c4ee82bb0dc4695e2a7b49a81fbb8a8022a
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://xosoketqua.com/
accept-language
ka-GE,ka;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://xosoketqua.com
date
Wed, 03 May 2023 05:16:54 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding
chunked
content-type
application/json;charset=UTF-8
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 52E6
13 KB
5 KB
Document
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.1 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s28-in-f1.1e100.net
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://xosoketqua.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
ka-GE,ka;q=0.9

Response headers

accept-ranges
bytes
age
917
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 03 May 2023 05:01:37 GMT
expires
Thu, 02 May 2024 05:01:37 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 6D6F
783 B
1 KB
Document
General
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.181.228 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f4.1e100.net
Software
GSE /
Resource Hash
25bd3f497fe1f590ec95af25af1b39362716c1e6987d6c39362ca7984c838b6f
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-mg5nxHQPXNTnnT2MeRsLpQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://xosoketqua.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
ka-GE,ka;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-length
512
content-security-policy
script-src 'report-sample' 'nonce-mg5nxHQPXNTnnT2MeRsLpQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Wed, 03 May 2023 05:16:54 GMT
expires
Wed, 03 May 2023 05:16:54 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
iqN7G0kUPx8PWUajTIMtWnwdoeK-Ko9ikyLGaxPxkck.js
pagead2.googlesyndication.com/bg/ Frame 52E6
37 KB
14 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/iqN7G0kUPx8PWUajTIMtWnwdoeK-Ko9ikyLGaxPxkck.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s08-in-f194.1e100.net
Software
sffe /
Resource Hash
8aa37b1b49143f1f0f5946a34c832d5a7c1da1e2be2a8f629322c66b13f191c9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 27 Apr 2023 12:51:40 GMT
content-encoding
br
x-content-type-options
nosniff
age
491114
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14636
x-xss-protection
0
last-modified
Tue, 25 Apr 2023 16:38:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 26 Apr 2024 12:51:40 GMT
231.json
id5-sync.com/g/v2/
573 B
1 KB
XHR
General
Full URL
https://id5-sync.com/g/v2/231.json
Requested by
Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
141.95.98.65 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3216659.ip-141-95-98.eu
Software
/
Resource Hash
03b4f675819543250adbf99c7d490ecdc71de986c67e96e9b50f3385ecbb915f
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://xosoketqua.com/
accept-language
ka-GE,ka;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 03 May 2023 05:16:54 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding
chunked
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://xosoketqua.com
p3p
CP="CAO PSA OUR"
access-control-allow-credentials
true
generate_204
tpc.googlesyndication.com/ Frame 52E6
0
10 B
Image
General
Full URL
https://tpc.googlesyndication.com/generate_204?OHQ0vg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.18.1 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s28-in-f1.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 03 May 2023 05:16:54 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
sodar
pagead2.googlesyndication.com/pagead/ Frame 6D6F
0
0
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20230501&jk=734595545216999&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s08-in-f194.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

usync.js
eus.rubiconproject.com/ Frame 30A7
34 KB
10 KB
Script
General
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=mgid&endpoint=us-west&gdpr=0&gdpr_consent=&us_privacy=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.56.202.187 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-56-202-187.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
62af8ad971cb7d59cde886031e7c5526f814537f33a3c1b3e5bb72ae5940e66e

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=mgid&endpoint=us-west&gdpr=0&gdpr_consent=&us_privacy=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 03 May 2023 05:16:55 GMT
Content-Encoding
gzip
Last-Modified
Wed, 03 May 2023 03:01:35 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=78228
Connection
keep-alive
Content-Length
10017
Expires
Thu, 04 May 2023 03:00:43 GMT
khaos.jpg
token.rubiconproject.com/ Frame 30A7
284 B
931 B
Image
General
Full URL
https://token.rubiconproject.com/khaos.jpg?gdpr=0
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=mgid&endpoint=us-west&gdpr=0&gdpr_consent=&us_privacy=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/jpg
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
284
X-RPHost
de8527bfa1ccfd6c1590da0d3b6cff52
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
sodar
pagead2.googlesyndication.com/pagead/
0
0
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20230501&jk=734595545216999&bg=!x8SlxJDNAAYcDqajPA47ADkAdvg8WpV_zFEug2_ERMnVPYJZY4koquWd4nCH0j8ufiq17QwkWPT7mrLxU74VEiRgnPqV6LIEBzQCAAAAP1IAAAAJaAEHmQKYBXGP5jBdGeJC9nxWmH9CNRsoVgIi9YR0dESezStUCIwYf9_J-IjVTVNg_BxdsvXa90uqDHRP13DRQ1xiymCiYenlzAMtxYc9b1nZl0OB9fMAQu8VIenDUKK-NgMT01vVXXs5vg-5gG0u4wjVLdJR7gI0bRj9Xoz-uTBnXjMXWWWPEQXMUzjHZ44TW7RW_60Ayojbsc9H3wZiAjTq7--BsC_pBNn0vrYL-K6VDVvy55AybrIvpkUMqKCVzm83YXaNM_VNuLDoHdHXIj6p9SqNDb5COMygOBBy1asML1ofz7mqKmLbQtW19CS4m705lB_tTyiWpAdgeOitRyaHaus6nuaigWRORrq7n963oMFtM-Zisgh2i1vrE_epWpa_ZS5aX2KKEB31Iw_iEuZj0Y3pfohrXn2t9JAHQ4IU_MVHSINJGZQmnJrBiHEv2ni7vI0icg2ObkxYQh3AJ6CciKWWSgR6GuOpNMhfBM78_1WWMNzty6vxXuR-crA4t6baTAqGvDFDiODL-hyYTtWX9elBXipfIBgcXquSNIPBmDUe3s0oERMQ0RVH2gsRqMnSRqJ4KR-wXjSdVVOkWHkgR_JSiaDPRW12pHDmwcOdrF7XtV6H6303I-PHD9j7ad5-jwgmk26VDdOXnLkb8ZiFKrydCrk4FO1v69z_acxXFMzAB7GEgnk-qszXlZ267UbRMtwK88sDKsBoQS6RItuPi5Id6hxc6baDIVjf_yNid_8FR57Lq-8A4DneQRF-BXCau-pFUcQYOJh5z1a_SVrXUTVE-8f4gz1a1BI7TTBPNc_xmZfa15LYJ0gsFSmS1YKtOJpqDODd454Pk9bgVsSvmcrCn2ty2voZoHY6YCsDpUiD-2cVWa9MA_S6sQ
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s08-in-f194.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://xosoketqua.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

m
cm.mgid.com/ Frame 30A7
Redirect Chain
  • https://pixel-us-west.rubiconproject.com/exchange/sync.php?p=mgid&gdpr=0&gdpr_consent=&us_privacy=&gdpr=0&khaos=LH78XN8L-2-EKPK
  • https://cm.mgid.com/m?cdsp=43070&c=LH78XN8L-2-EKPK&gdpr=0
43 B
426 B
Image
General
Full URL
https://cm.mgid.com/m?cdsp=43070&c=LH78XN8L-2-EKPK&gdpr=0
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=mgid&endpoint=us-west&gdpr=0&gdpr_consent=&us_privacy=
Protocol
H3
Server
104.19.136.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 03 May 2023 05:16:57 GMT
cf-cache-status
DYNAMIC
server
cloudflare
content-type
image/gif
cache-control
no-store, no-cache, must-revalidate, max-age=0
cf-ray
7c1608e7ba35911f-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://cm.mgid.com/m?cdsp=43070&c=LH78XN8L-2-EKPK&gdpr=0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
dbbc2dbf689859fb5870b364473d5441
Expires
0
tap.php
pixel.rubiconproject.com/ Frame 30A7
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc&gdpr=0
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&gdpr=0&put=CAESEBYsW_OJo209arx9I1TxttY&google_cver=1
42 B
688 B
Image
General
Full URL
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&gdpr=0&put=CAESEBYsW_OJo209arx9I1TxttY&google_cver=1
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=mgid&endpoint=us-west&gdpr=0&gdpr_consent=&us_privacy=
Protocol
HTTP/1.1
Server
69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
e06182bf224d96e6550f4595601cdb0b
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma
no-cache
date
Wed, 03 May 2023 05:16:55 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&gdpr=0&put=CAESEBYsW_OJo209arx9I1TxttY&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
337
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
setuid
px.ads.linkedin.com/ Frame 30A7
Redirect Chain
  • https://token.rubiconproject.com/token?pid=36584&gdpr=0
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LH78XN8L-2-EKPK&gdpr=0
0
515 B
Image
General
Full URL
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LH78XN8L-2-EKPK&gdpr=0
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=mgid&endpoint=us-west&gdpr=0&gdpr_consent=&us_privacy=
Protocol
H2
Server
13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 03 May 2023 05:16:55 GMT
x-li-pop
afd-prod-lva1-x
x-msedge-ref
Ref A: 978644873BB244D5BD0511BECF5B0B84 Ref B: VIEEDGE4018 Ref C: 2023-05-03T05:16:56Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-lva1
x-li-proto
http/2
content-length
0
x-li-uuid
AAX6wyonGA3cPGfpxmKrCA==

Redirect headers

Location
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LH78XN8L-2-EKPK&gdpr=0
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
de8527bfa1ccfd6c1590da0d3b6cff52
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
pixel
cm.g.doubleclick.net/ Frame 30A7
Redirect Chain
  • https://token.rubiconproject.com/token?pid=25470&gdpr=0
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_cm&google_hm=TEg3OFhOOEwtMi1FS1BL&gdpr=0
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&gdpr=0&google_gid=CAESENxpKnylLQAMxTjicu3D1B0&google_cver=1
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEg3OFhOS08tVS04M0cx&google_push=&gdpr=0
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEg3OFhOS08tVS04M0cx&google_push=&gdpr=0
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=mgid&endpoint=us-west&gdpr=0&gdpr_consent=&us_privacy=
Protocol
H3
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 03 May 2023 05:16:56 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEg3OFhOS08tVS04M0cx&google_push=&gdpr=0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
de8527bfa1ccfd6c1590da0d3b6cff52
Expires
0
tap.php
pixel.rubiconproject.com/ Frame 30A7
Redirect Chain
  • https://match.adsrvr.org/track/cmf/rubicon?gdpr=0
  • https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=a85accb3-e1a2-493a-a5f2-dbad59202ab0&gdpr=0&gdpr_consent=&expires=30
42 B
688 B
Image
General
Full URL
https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=a85accb3-e1a2-493a-a5f2-dbad59202ab0&gdpr=0&gdpr_consent=&expires=30
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=mgid&endpoint=us-west&gdpr=0&gdpr_consent=&us_privacy=
Protocol
HTTP/1.1
Server
69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
e06182bf224d96e6550f4595601cdb0b
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma
no-cache
date
Wed, 03 May 2023 05:16:55 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=a85accb3-e1a2-493a-a5f2-dbad59202ab0&gdpr=0&gdpr_consent=&expires=30
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
289
tap.php
pixel.rubiconproject.com/ Frame 30A7
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1&gdpr=0
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/YAZrDPDnaUlyRePHq_sU4w?csrc=&gdpr=0
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-9c4Z3JpE2oI2v3_frIt.De1pf8qsIUV2FnyE7A--~A
42 B
688 B
Image
General
Full URL
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-9c4Z3JpE2oI2v3_frIt.De1pf8qsIUV2FnyE7A--~A
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=mgid&endpoint=us-west&gdpr=0&gdpr_consent=&us_privacy=
Protocol
HTTP/1.1
Server
69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
de8527bfa1ccfd6c1590da0d3b6cff52
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

date
Wed, 03 May 2023 05:16:56 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-9c4Z3JpE2oI2v3_frIt.De1pf8qsIUV2FnyE7A--~A
content-length
0
ecm3
aax-eu.amazon-adsystem.com/s/ Frame 30A7
Redirect Chain
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&gdpr=0
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&gdpr=0&dcc=t
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=p0y_GHObSISYJgNM160SuA&rk=usync-other&gdpr=0
  • https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=p0y_GHObSISYJgNM160SuA&gdpr=0
43 B
479 B
Image
General
Full URL
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=p0y_GHObSISYJgNM160SuA&gdpr=0
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=mgid&endpoint=us-west&gdpr=0&gdpr_consent=&us_privacy=
Protocol
HTTP/1.1
Server
52.95.115.196 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 03 May 2023 05:16:57 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
48TH7K0FQHM3R47C7618
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=p0y_GHObSISYJgNM160SuA&gdpr=0
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
e06182bf224d96e6550f4595601cdb0b
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
pixel
cm.g.doubleclick.net/ Frame 30A7
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2249&pt=n&gdpr=0
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=MjkxNTk4OGZjMDFiNjBkMjMzMjRjNmJjY2M5ZWQ2MWM2M2QyZTczYw&gdpr=0
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=MjkxNTk4OGZjMDFiNjBkMjMzMjRjNmJjY2M5ZWQ2MWM2M2QyZTczYw&gdpr=0
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=mgid&endpoint=us-west&gdpr=0&gdpr_consent=&us_privacy=
Protocol
H3
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 03 May 2023 05:16:56 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=MjkxNTk4OGZjMDFiNjBkMjMzMjRjNmJjY2M5ZWQ2MWM2M2QyZTczYw&gdpr=0
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
704c1e4d3fcc922a3031d436b584678b
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
ecm3
s.amazon-adsystem.com/ Frame 30A7
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&gdpr=0
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&gdpr=0&dcc=t
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=hcZFUrFjTRO2bZutq6Lanw&rk=usync-na&gdpr=0
  • https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=hcZFUrFjTRO2bZutq6Lanw&gdpr=0
43 B
479 B
Image
General
Full URL
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=hcZFUrFjTRO2bZutq6Lanw&gdpr=0
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=mgid&endpoint=us-west&gdpr=0&gdpr_consent=&us_privacy=
Protocol
HTTP/1.1
Server
52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 03 May 2023 05:16:57 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
J06Z6WXF3500E0CS33WM
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=hcZFUrFjTRO2bZutq6Lanw&gdpr=0
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
e06182bf224d96e6550f4595601cdb0b
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
googleads.g.doubleclick.net
URL
https://googleads.g.doubleclick.net/pagead/html/r20230501/r20190131/zrt_lookup.html

Verdicts & Comments Add Verdict or Comment

137 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 boolean| credentialless object| __cfQR object| __cfBeacon function| gtag object| dataLayer function| OneSignal object| adsbygoogle object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga object| google_js_reporting_queue number| google_srt object| google_logging_queue number| tmod object| google_ad_modifications object| ggeac object| google_persistent_state_async boolean| google_measure_js_timing object| google_reactive_ads_global_state object| google_sa_queue function| google_process_slots object| google_ama_state function| google_spfd number| google_unique_id object| google_sv_map number| google_lpabyc number| google_rum_task_id_counter string| google_user_agent_client_hint function| $ function| jQuery object| jQuery112408897823213027447 string| my_domain string| domain_daiphat object| xsdpconfig object| xsdp function| loadRongBach function| doso function| createChoose function| choose object| elem function| openFullscreen function| closeFullscreen object| today string| date function| main function| setPercent function| changeOriental function| close_ad boolean| checkedAsd function| moment string| delay string| delaynumber string| lasttime number| intervalCountDown number| interval number| runtructiep function| countDownKeno object| tableMB function| renderDuoi number| timerLiveNotify function| showLiveNotify function| randomNumber number| timerRand number| timerRand2 number| timerMN function| renderSXMN number| timerMT function| renderSXMT function| makeid function| LiveMB function| LiveMBBegin function| LiveMBSuccess function| LiveMBError function| updateMBResult function| getTemplateMB function| createTableLoto function| convertJsonToArray function| getRandomString function| getRandomTextMB function| locdau object| RandomNumber string| f_loto number| intervalVariable boolean| __cfRLUnblockHandlers function| html2canvas number| __oneSignalSdkLoadCount function| __jp0 string| mn_mt object| gaplugins object| gaGlobal object| gaData object| _mgIntExchangeNews object| MarketGidInfC1343895 boolean| mg_loaded_798325_1343895 object| _mgUserPages object| onClickExcludes object| _mgPageViewEndPoint798325 string| _mgCanonicalUri object| _mgPageView798325 string| _mgPvid function| mgReject1343895 function| mgLoadAds1343895_05bb4 function| MarketGidCReject1343895 function| MarketGidLoadGoods1343895_05bb4 object| _mgq function| _mgqp number| _mgqt number| _mgqi function| google_sa_impl object| googleToken object| googleIMState boolean| _gfp_p_ function| processGoogleToken number| google_global_correlator object| google_prev_clients object| ampInaboxIframes object| ampInaboxPendingMessages string| _mgUniqueHash1343895_05bb4 boolean| i.js.loaded boolean| i-noref.js.loaded object| PWT object| pbjs object| GoogleGcLKhOms function| setImmediate function| clearImmediate object| ID5 object| owpbjsChunk object| owpbjs object| _pbjsGlobals boolean| _mgPubmaticExists boolean| _mgID5Exists object| google_image_requests

46 Cookies

Domain/Path Name / Value
.onesignal.com/ Name: __cf_bm
Value: Nge_4LO5vkKGGzZxg7p9E2pKNO5MER4hoszeX0Q6Q5c-1683091012-0-AWzs8gawVRz+dEMvip9V5ehnkkraZhoZ8fXYXiNMiXfBBso9n9bHIDvK1kB6h34gQNYxC3d71yCBOjX4+toi9C0=
.mgid.com/ Name: __cf_bm
Value: 84XAKlLiB_u0iOvX30tuKXV0yD2yHTCUcncjoUfBaSE-1683091012-0-AUiceKRdiW0+6IaDNG3i0zYEaQ8RmsEzDlZahZE3bFSzaFiZJeg/bUN+GGNp41xQr8l9MaVXX+5w0Lrgotqyp5w=
.xosoketqua.com/ Name: _ga
Value: GA1.2.1391619715.1683091013
.xosoketqua.com/ Name: _gid
Value: GA1.2.1728927787.1683091013
.xosoketqua.com/ Name: _gat_gtag_UA_146204891_4
Value: 1
.mgid.com/ Name: muidn
Value: n42RTW_JGMgm
xosoketqua.com/ Name: MgidStorage
Value: %7B%220%22%3A%7B%22svspr%22%3A%22%22%2C%22svsds%22%3A1%7D%2C%22C1343895%22%3A%7B%22page%22%3A1%2C%22time%22%3A1683091013846%7D%7D
.xosoketqua.com/ Name: __gads
Value: ID=a3ba813cd9a588c1-226f39abb6dd00e1:T=1683091014:RT=1683091014:S=ALNI_Ma5TyMaehIFIzPVrZFRLrPSPlFBVg
.xosoketqua.com/ Name: __gpi
Value: UID=00000bf4fba5dc91:T=1683091014:RT=1683091014:S=ALNI_MZuDtcYqbV5r18mx4X00BFU82nIKQ
xosoketqua.com/ Name: _pbjs_userid_consent_data
Value: 3524755945110770
.tapad.com/ Name: TapAd_TS
Value: 1683091014499
.tapad.com/ Name: TapAd_DID
Value: 7f81b077-a9eb-4d3c-bfa2-62b97ab4bed3
.bidswitch.net/ Name: c
Value: 1683091014
.bidswitch.net/ Name: tuuid_lu
Value: 1683091014
.tapad.com/ Name: TapAd_3WAY_SYNCS
Value:
.adsrvr.org/ Name: TDID
Value: a85accb3-e1a2-493a-a5f2-dbad59202ab0
.creativecdn.com/ Name: u
Value: BSEULZShS3rJjXJF94VN
.creativecdn.com/ Name: ts
Value: 1683091014
.prebid.a-mo.net/ Name: _sv3_3
Value: 1
.a-mo.net/ Name: amuid2
Value: bb16dd31-9caf-42cf-8a08-7e079c3b130b
.prebid.a-mo.net/ Name: sd_amuid2
Value: bb16dd31-9caf-42cf-8a08-7e079c3b130b
.bidswitch.net/ Name: tuuid
Value: 1c99c05d-2635-4510-a231-dc151f424ed5
.doubleclick.net/ Name: IDE
Value: AHWqTUmjSaojm9us7ok4dsccxQG2Lz1u850Bs8r2aSuArZXLK-BJ5ornSF3glp9jwcE
.e-volution.ai/ Name: v_usr
Value: c529a9b2-95df-42b0-9242-2a3d51949d34
.360yield.com/ Name: tuuid
Value: 1d0d4a17-86e2-4f6e-b0ba-cc7ffc372280
.360yield.com/ Name: tuuid_lu
Value: 1683091015
.pubmatic.com/ Name: KTPCACOOKIE
Value: YES
.pubmatic.com/ Name: SyncRTB3
Value: 1684281600%3A220
.pubmatic.com/ Name: KADUSERCOOKIE
Value: 5BB80716-67FC-491D-9C91-062EC8423971
.id5-sync.com/ Name: id5
Value: 063e3228-2743-7a55-b54d-6b4ed99a4239#1683091015212#1
.adform.net/ Name: C
Value: 1
.yieldmo.com/ Name: yieldmo_id
Value: g79293d7c9f9f12f1364%7C1683091015290%7C0%7C
.ads.yieldmo.com/ Name: ptrbsw
Value: c764e903-fb09-41d8-b8dd-6c2e69647e82
.adform.net/ Name: uid
Value: 2457221643577167288
.smartadserver.com/ Name: pid
Value: 5587068788240841869
.pubmatic.com/ Name: pi
Value: 161673:3
.pubmatic.com/ Name: chkChromeAb67Sec
Value: 2
.adsrvr.org/ Name: TDCPM
Value: CAEYBSACKAIyCwjG7ov1iujlOxAFOAE.
.rubiconproject.com/ Name: khaos
Value: LH78XN8L-2-EKPK
.linkedin.com/ Name: bcookie
Value: "v=2&98d1df91-041f-47e2-870c-572943661d35"
.linkedin.com/ Name: lidc
Value: "b=VGST01:s=V:r=V:a=V:p=V:g=2912:u=1:x=1:i=1683091016:t=1683177416:v=2:sig=AQGYwW3wNjhKIIGzgNqdflOJdggsgMBr"
.yahoo.com/ Name: A3
Value: d=AQABBEjuUWQCEO1v7cvI3xDFAsyrK5omADgFEgEBAQE_U2RbZAAAAAAA_eMAAA&S=AQAAAgDTjXJHdm1DvfXgqXF3T_w
.amazon-adsystem.com/ Name: ad-privacy
Value: 0
.amazon-adsystem.com/ Name: ad-id
Value: Aw5PIX3rOU1CnHMjLcvvQKc
cm.mgid.com/ Name: mg_sync
Value: {"265689":1683091014,"363887":1683091014,"371158":1683091015,"43070":1683091016,"433146":1683091014,"516418":1683091014,"556372":1683091014,"665953":1683091015,"712807":1683091016,"737578":1683091014}
.rubiconproject.com/ Name: audit
Value: 1|xGGpWsgaGQnFgnQI/GrEtewLuFAJ1EApI56y/ON+P7+GGao+ISL+O6XenQAmvG0ymyYDWdbZBfUiZ07GJqnMnot63tN3ThSPmw99prDpy4E=

1 Console Messages

Source Level URL
Text
network error URL: https://cdn.xosodaiphat.com//images/loading_icon_version2.gif
Message:
Failed to load resource: the server responded with a status of 403 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

aax-eu.amazon-adsystem.com
ad.360yield.com
ads.pubmatic.com
ads.yieldmo.com
adservice.google.com
adservice.google.ge
ap.lijit.com
c.mgid.com
c1.adform.net
cdn.id5-sync.com
cdn.mgid.com
cdn.onesignal.com
cdn.xosodaiphat.com
cl.imghosts.com
cm.g.doubleclick.net
cm.idealmedia.io
cm.mgid.com
cm.rtbsystem.com
creativecdn.com
docdac.vn
eus.rubiconproject.com
googleads.g.doubleclick.net
id5-sync.com
image2.pubmatic.com
image4.pubmatic.com
image8.pubmatic.com
images.dmca.com
jsc.mgid.com
lb.eu-1-id5-sync.com
match.adsrvr.org
onesignal.com
pagead2.googlesyndication.com
partner.googleadservices.com
pixel-us-west.rubiconproject.com
pixel.rubiconproject.com
pixel.tapad.com
pr-bh.ybp.yahoo.com
prebid.a-mo.net
px.ads.linkedin.com
s-img.mgid.com
s.amazon-adsystem.com
secure-assets.rubiconproject.com
servicer.mgid.com
ssbsync.smartadserver.com
static.cloudflareinsights.com
sync.e-volution.ai
token.rubiconproject.com
tpc.googlesyndication.com
vsmb.vn
www.google-analytics.com
www.google.com
www.googletagmanager.com
x.bidswitch.net
xosoketqua.com
googleads.g.doubleclick.net
104.16.57.101
104.17.107.41
104.18.12.45
104.18.21.76
104.18.215.59
104.19.134.78
104.19.136.78
109.206.161.21
13.107.42.14
141.95.33.111
141.95.98.65
142.250.181.228
142.250.184.226
142.250.185.162
142.250.185.78
147.75.84.158
151.139.128.10
171.244.57.133
172.217.16.194
172.217.16.200
172.217.18.1
172.217.18.2
172.67.38.106
172.67.73.4
185.184.8.90
185.64.189.110
185.64.190.81
185.86.138.153
188.114.97.3
198.47.127.18
216.52.2.86
23.201.255.110
23.35.236.201
23.56.202.187
3.123.210.213
34.111.113.62
37.157.4.39
52.223.40.198
52.46.128.147
52.95.115.196
54.155.103.238
54.228.39.54
63.34.98.194
69.173.144.138
8.39.36.141
0325b6c9e68ae3f6ec25f6817b4daef364bd99c2ff5f04588fd6f956bf983b97
03750b714b9002b987a8dfc6551a7f7db04268263fe8315ac72286a98c213a75
03b4f675819543250adbf99c7d490ecdc71de986c67e96e9b50f3385ecbb915f
05246e75582763e580ad96be2cbfe21ad8deed6e478e9694c48a619dca0296f3
0600b393260e2df05723f6018dfb42e99560f2be0b9de0fffad1584d1f5d2637
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
10bec72c384e207f3f3f32f19885cba31030779aac072ca40e834526af64cc5a
13a548e040a1ec08f77911fed1d559b95e5daae0ee227e632140e003c7268e7b
15eb9cc02c8c12df726b2fbefe8fdc377f36902f1b63139c850be480ec3bd630
194addf8fd862999286b33cf83116babe8c700ba3a28111777f49ca72c429970
195e566041810359c6701d720739056a0117895f96d363ba31083a36293fa657
198913752556a4f2f624d36003da83fd4ef164a10505a692b8fec18fbd6569a9
1ad498b4b20663ee8ec610e48bbe4c4ee82bb0dc4695e2a7b49a81fbb8a8022a
1b2d4cff44e2295393d5691cd1c3370a5550da835e8bce1b4e0373552b123459
22336a040f055dc76c4ea40bd871cad0c16acb1c4a7a8094fbb4ffbda13911cd
25bd3f497fe1f590ec95af25af1b39362716c1e6987d6c39362ca7984c838b6f
26ed2baef21b7224d56d1aed9a2caa46dfdaa39eb775e84023c1fb63a3438af8
2f74b7103124df51dc2c0e42e93da8bc7bce703f34f9f82a6820edd81022f76a
306843cbe2fefd30393d5f0e1928043a6032b9d318b84540983cb622ed2a0f46
31fd8f47eda51f040e9b86f052b19c2abc888719bca65129d37b407fc13ff1d9
352111176e03a5be432f786a3637eb7fceab17af7da2ca01e56b99f744ecfa67
3780758bd257fe72793a9662c0905aea524d46c8933e666fa860dfc9c56103e0
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
4296d14d27998137ed687216f71d64a06e694ba56ae9e99b5666b95118320d3b
461b7a027b306b8f8f7feebe6f009d08942f52101d3525fe297a9ffe12e6c921
4917b15ac829f7546ab1c053b06499786b45a053169f31f436c16c8eb821414e
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032
51661c9cf72b9b4261b683b0e7b9d2a63972a5f2dd4d552ee1fd03d6a28d1c19
52d43dc9024efb41ce28c80de9bf1ea9b4f3577939924a2c0ee80da554f6b634
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
54b7066c3789b89dbe92287752e8e5371005a5523fb37a78667c16bc272f8b8d
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5dfed40ccba55fc860da7bbb9e118c57cb2c9c1c6064869a42c25c413676f686
60ddc774c7b5fd0c01d169321a444da403d60c0042f6bee01b0c96f6e1535fda
613b3fddc9e515dbc5fe3b0926cdf3b4123a3ea43ce004764bcf30cc8c948398
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
62af8ad971cb7d59cde886031e7c5526f814537f33a3c1b3e5bb72ae5940e66e
6afdbd54a64983a71441817c8a89faaef68c26aeb47c03e6dfbba9346fee1460
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
70d5c4de881e718d0b7638959680ba86722d44eecbe4058d20dd77b8d0d97155
7155ae5b6cc7967831b11b7f8c2c5c0921895b18c331d24409d8614911f273ab
7322d236b28fc8d784909a4ff1e8e082ba2f207b3a64d2aa43e52fe0e45441ac
7992a4430843ef8b4bbae534358be3193aa1ae9c78f273e8e8a70b6af1244ac5
86563b0e8f32503912407673436d84bc1cb119362489c79b5a193afd81c7bce4
8aa37b1b49143f1f0f5946a34c832d5a7c1da1e2be2a8f629322c66b13f191c9
8aa44049c92f58ace479269500caf1526cfaf804f02076428f550b5d59a6a289
9260f1a6f656ed661a4ddcc4c5e3fec14fee4367511a6259d1291035d9d3692a
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a628011e52347170fde9fc32f9b4769fc57fe51c6943be94488725cda8e75b6b
a9f959272120a8fe9fc940b8df6a07a9e6c79d9b72773d62878e82fcd1c51951
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
b0ea3d9ba83e515d8ae6a36eea23403c8928b81a8f84ac93d10c4e6a22d6b93a
b823354b963ed99d133f9394910528fb3ede32d2e6a2f0dd259c4a2542448d4f
bdcdc6490a46826a73d7b3d9c74d3e59b9b21c6f7cc037a3f95682a706efcad0
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c62e745470fae8a17a2241b5305f55ec2876b67b66de977faf03c9d65b6e54c6
c868ebeb22a6d2945834c14da4641969a62e35a6cfa434a974339df068324b6e
c8b017a1516c3d7fe834aa77530a333dda8fefbdad5f2c29a6d73deb32c1fec4
ca878c3a2a355fe4386a5cadbeceb57401ef715efb5b2b54245ed73f7b004bfc
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
cdb4769b3e0b839ef4e16e0c1d11c81d9e334a72b781b5bfd0da105d3d025d55
d3407ac5ec38d4ad83074fef55bdc38fd69679156cf59ca1f81e94fe158f1f33
d3c1b12c5f9be380a8bdcc6ee92459029dbef7fa32cd80e3a87fb7fb0ffa1455
d6d1bae8089a362fc446bf9ec7d8390078397a48d4ed2c39f2c17a552adae0fc
dab423879955ca9b75d591100a5ce7285e3a754db9c1e34dfd14388f7ed22ca0
db7e0b393e175f19922fefbdcaa2866fca209c521d01cc834ae06cbf8d0f91b7
de76b1d19e0d198b58f2abc056a9600cf7232d4fa75a120416c4beb387b31d19
e37071398d21f18dff2370ee0885f38811bb69bb465b398100ab3101fc521d6b
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e7b90d32907f89c49e9e2a2ccca95133277f756f13a14187936d9b948ff67b44
e8021f1a9dad409f7e699457ac334653bf800464df69900237c4de1c29e275d0
ebf1fe08248c5d0bd28a5aa80a6651a2ad57d09a07bcf75da81a7eacf652859c
ede1a14f2800eeb40e5370aef684dce98eff7eee4e6c75fb9b3c4c773351a8b2
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f56b51e67e404e3cb7809fa66d2919735c4d0a9bbb365c833a56b2786c3919da