urlscan.io logo urlscan.io
SecurityTrails logo

bareeqal5alij.hewaaya.com Open in urlscan Pro
188.114.96.3  Public Scan

Go To Rescan Add Verdict Report
URL: https://bareeqal5alij.hewaaya.com/user/ringinkoipageinfo121
Submission: On April 18 via manual from IN — Scanned from GE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 21 IPs in 6 countries across 19 domains to perform 50 HTTP transactions. The main IP is 188.114.96.3, located in Amsterdam, Netherlands and belongs to CLOUDFLARENET, US. The main domain is bareeqal5alij.hewaaya.com.
TLS certificate: Issued by GTS CA 1P5 on March 25th 2023. Valid for: 3 months.
This is the only time bareeqal5alij.hewaaya.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 17 188.114.96.3 13335 (CLOUDFLAR...)
1 142.250.181.234 15169 (GOOGLE)
7 142.250.186.98 15169 (GOOGLE)
1 46.105.201.240 16276 (OVH)
2 142.250.184.195 15169 (GOOGLE)
2 142.250.181.226 15169 (GOOGLE)
1 149.56.240.27 16276 (OVH)
1 172.217.18.2 15169 (GOOGLE)
1 142.250.185.194 15169 (GOOGLE)
1 142.250.186.66 15169 (GOOGLE)
3 141.101.120.11 13335 (CLOUDFLAR...)
2 65.9.66.74 16509 (AMAZON-02)
1 18.66.112.48 16509 (AMAZON-02)
1 172.67.74.186 13335 (CLOUDFLAR...)
1 2 54.194.98.250 16509 (AMAZON-02)
3 3 141.94.170.77 16276 (OVH)
2 2 52.223.40.198 16509 (AMAZON-02)
1 1 34.247.20.4 16509 (AMAZON-02)
1 2 172.67.13.182 ()
1 1 142.250.184.194 ()
3 216.58.212.129 15169 (GOOGLE)
1 13.32.27.118 16509 (AMAZON-02)
1 142.250.186.164 15169 (GOOGLE)
1 2 216.52.2.30 32475 (SINGLEHOP...)
50 21
17    188.114.96.3 (Amsterdam, Netherlands)

ASN13335 (CLOUDFLARENET, US)
bareeqal5alij.hewaaya.com
1    142.250.181.234 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f10.1e100.net
fonts.googleapis.com
7    142.250.186.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f2.1e100.net
pagead2.googlesyndication.com
1    46.105.201.240 (France)

ASN16276 (OVH, FR)
s10.histats.com
2    142.250.184.195 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f3.1e100.net
fonts.gstatic.com
2    142.250.181.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f2.1e100.net
googleads.g.doubleclick.net
1    149.56.240.27 (Montreal, Canada)

ASN16276 (OVH, FR)
PTR: ns534106.ip-149-56-240.net
s4.histats.com
1    172.217.18.2 (United States)

ASN15169 (GOOGLE, US)
PTR: fra15s28-in-f2.1e100.net
partner.googleadservices.com
1    142.250.185.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s52-in-f2.1e100.net
adservice.google.ge
1    142.250.186.66 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f2.1e100.net
adservice.google.com
3    141.101.120.11 (None, )

ASN13335 (CLOUDFLARENET, US)
e.dtscout.com
t.dtscout.com
2    65.9.66.74 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-66-74.fra56.r.cloudfront.net
get.s-onetag.com
1    18.66.112.48 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-112-48.fra56.r.cloudfront.net
onetag-geo.s-onetag.com
1    172.67.74.186 (United States)

ASN13335 (CLOUDFLARENET, US)
t.dtscdn.com
2    54.194.98.250 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-194-98-250.eu-west-1.compute.amazonaws.com
bcp.crwdcntrl.net
3    141.94.170.77 (France)

ASN16276 (OVH, FR)
PTR: pikafka-eu-6.cloudy.ovh
pixel.onaudience.com
2    52.223.40.198 (United States)

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com
match.adsrvr.org
1    34.247.20.4 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-247-20-4.eu-west-1.compute.amazonaws.com
sync.crwdcntrl.net
2    172.67.13.182 (None, )

ASN- ()
spl.zeotap.com
mwzeom.zeotap.com
1    142.250.184.194 (None, )

ASN- ()
cm.g.doubleclick.net
3    216.58.212.129 (United States)

ASN15169 (GOOGLE, US)
PTR: ams15s21-in-f1.1e100.net
tpc.googlesyndication.com
1    13.32.27.118 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-27-118.fra56.r.cloudfront.net
data-beacons.s-onetag.com
1    142.250.186.164 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f4.1e100.net
www.google.com
2    216.52.2.30 (United States)

ASN32475 (SINGLEHOP-LLC, US)
ap.lijit.com
Apex Domain
Subdomains		 Transfer
17 hewaaya.com
bareeqal5alij.hewaaya.com
107 KB
10 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 129
tpc.googlesyndication.com — Cisco Umbrella Rank: 177
247 KB
4 s-onetag.com
get.s-onetag.com — Cisco Umbrella Rank: 4666
onetag-geo.s-onetag.com — Cisco Umbrella Rank: 5724
data-beacons.s-onetag.com — Cisco Umbrella Rank: 12057
14 KB
3 onaudience.com
pixel.onaudience.com — Cisco Umbrella Rank: 3590
1 KB
3 crwdcntrl.net
bcp.crwdcntrl.net — Cisco Umbrella Rank: 1323
sync.crwdcntrl.net — Cisco Umbrella Rank: 1149
1 KB
3 dtscout.com
e.dtscout.com — Cisco Umbrella Rank: 12823
t.dtscout.com — Cisco Umbrella Rank: 9778
4 KB
3 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 67
cm.g.doubleclick.net
11 KB
2 lijit.com
ap.lijit.com — Cisco Umbrella Rank: 883
996 B
2 zeotap.com
spl.zeotap.com
mwzeom.zeotap.com
852 B
2 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 451
933 B
2 google.com
adservice.google.com — Cisco Umbrella Rank: 130
www.google.com — Cisco Umbrella Rank: 16
1 KB
2 gstatic.com
fonts.gstatic.com
43 KB
2 histats.com
s10.histats.com — Cisco Umbrella Rank: 12435
s4.histats.com — Cisco Umbrella Rank: 9637
5 KB
1 dtscdn.com
t.dtscdn.com — Cisco Umbrella Rank: 11405
582 B
1 google.ge
adservice.google.ge — Cisco Umbrella Rank: 48171
531 B
1 googleadservices.com
partner.googleadservices.com — Cisco Umbrella Rank: 1132
603 B
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 119
946 B
0 liadm.com Failed
i.liadm.com Failed
0 simpli.fi Failed
um.simpli.fi Failed
50 19
Domain Requested by
17 bareeqal5alij.hewaaya.com 2 redirects bareeqal5alij.hewaaya.com
7 pagead2.googlesyndication.com bareeqal5alij.hewaaya.com
pagead2.googlesyndication.com
tpc.googlesyndication.com
3 tpc.googlesyndication.com pagead2.googlesyndication.com
tpc.googlesyndication.com
3 pixel.onaudience.com 3 redirects
2 ap.lijit.com 1 redirects
2 match.adsrvr.org 2 redirects
2 bcp.crwdcntrl.net 1 redirects
2 get.s-onetag.com e.dtscout.com
get.s-onetag.com
2 t.dtscout.com e.dtscout.com
2 googleads.g.doubleclick.net pagead2.googlesyndication.com
2 fonts.gstatic.com fonts.googleapis.com
1 www.google.com tpc.googlesyndication.com
1 data-beacons.s-onetag.com get.s-onetag.com
1 mwzeom.zeotap.com
1 cm.g.doubleclick.net 1 redirects
1 spl.zeotap.com 1 redirects
1 sync.crwdcntrl.net 1 redirects
1 t.dtscdn.com e.dtscout.com
1 onetag-geo.s-onetag.com get.s-onetag.com
1 e.dtscout.com s4.histats.com
1 adservice.google.com pagead2.googlesyndication.com
1 adservice.google.ge pagead2.googlesyndication.com
1 partner.googleadservices.com pagead2.googlesyndication.com
1 s4.histats.com s10.histats.com
1 s10.histats.com bareeqal5alij.hewaaya.com
1 fonts.googleapis.com bareeqal5alij.hewaaya.com
0 i.liadm.com Failed
0 um.simpli.fi Failed
50 28

This site contains links to these domains. Also see Links.

Domain
www.q2amarket.com
www.question2answer.org
Subject Issuer Validity Valid
*.hewaaya.com
GTS CA 1P5		 2023-03-25 -
2023-06-23		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2023-04-03 -
2023-06-26		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2023-04-03 -
2023-06-26		 3 months crt.sh
histats.com
R3		 2023-03-15 -
2023-06-13		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2023-04-03 -
2023-06-26		 3 months crt.sh
*.googleadservices.com
GTS CA 1C3		 2023-04-03 -
2023-06-26		 3 months crt.sh
*.google.com.ge
GTS CA 1C3		 2023-04-03 -
2023-06-26		 3 months crt.sh
*.google.com
GTS CA 1C3		 2023-04-03 -
2023-06-26		 3 months crt.sh
*.dtscout.com
GTS CA 1P5		 2023-03-29 -
2023-06-27		 3 months crt.sh
*.s-onetag.com
Amazon RSA 2048 M01		 2023-02-23 -
2024-01-02		 10 months crt.sh
*.dtscdn.com
GTS CA 1P5		 2023-03-24 -
2023-06-22		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2023-04-03 -
2023-06-26		 3 months crt.sh
www.google.com
GTS CA 1C3		 2023-04-03 -
2023-06-26		 3 months crt.sh

This page contains 8 frames:

Primary Page: https://bareeqal5alij.hewaaya.com/user/ringinkoipageinfo121
Frame ID: 131DA039A1A1FED61B88357A39A5BF3E
Requests: 34 HTTP requests in this frame

Frame: https://bareeqal5alij.hewaaya.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/74cb9f3f/invisible.js
Frame ID: 61D33C09EB17A4791503D83AED0A3AF8
Requests: 6 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230413/r20190131/zrt_lookup.html
Frame ID: 823AE068117C6A9ACD3960BBCDD8C06D
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8343227950611411&output=html&adk=1812271804&adf=3025194257&lmt=1681853358&plat=3%3A16%2C4%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fbareeqal5alij.hewaaya.com%2Fuser%2Fringinkoipageinfo121&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1681853358292&bpp=3&bdt=1135&idt=509&shv=r20230413&mjsv=m202304060101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=4445764310480&frm=20&pv=2&ga_vid=449571258.1681853359&ga_sid=1681853359&ga_hid=1068136391&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44788217%2C44759876%2C44759927%2C42531705&oid=2&pvsid=1330071943405554&tmod=957975605&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=528
Frame ID: 2D852B3E84BB2E58136840B3C0FDCDF6
Requests: 1 HTTP requests in this frame

Frame: https://t.dtscout.com/idg/?su=10401681853360FC29796B579B3A6620
Frame ID: B6A5D940E8160111FD1E18EFEDB50CF9
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 7D1A2C9C53893DB314EE89A5721730BA
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: DFCB462538E25DE82A7C346CE63F7FCF
Requests: 2 HTTP requests in this frame

Frame: https://get.s-onetag.com/underground-sync-portal/Portal.html
Frame ID: 30005F8FEA147DBA26159A0BDB4C6653
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

بريق الخليج

Detected technologies

Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

50
Requests

84 %
HTTPS

0 %
IPv6

19
Domains

28
Subdomains

21
IPs

6
Countries

436 kB
Transfer

1114 kB
Size

28
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 14
  • https://bareeqal5alij.hewaaya.com/cdn-cgi/challenge-platform/scripts/invisible.js HTTP 302
  • https://bareeqal5alij.hewaaya.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/74cb9f3f/invisible.js
Request Chain 29
  • https://bareeqal5alij.hewaaya.com/cdn-cgi/challenge-platform/scripts/invisible.js HTTP 302
  • https://bareeqal5alij.hewaaya.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/74cb9f3f/invisible.js
Request Chain 32
  • https://bcp.crwdcntrl.net/5/c=3825/tp=DTSC/tpid=10401681853360FC29796B579B3A6620 HTTP 302
  • https://bcp.crwdcntrl.net/5/ct=y/c=3825/tp=DTSC/tpid=10401681853360FC29796B579B3A6620
Request Chain 33
  • https://pixel.onaudience.com/?partner=137085098&mapped=10401681853360FC29796B579B3A6620 HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1&gdpr=0 HTTP 302
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=xksw9la&ttd_tpi=1&gdpr=0 HTTP 302
  • https://pixel.onaudience.com/?partner=147&mapped=30f2a399-959b-4c21-b26c-e6ed3e6baf58&icm&gdpr=0&gdpr_consent=&cver HTTP 302
  • https://sync.crwdcntrl.net/map/c=8587/tp=CLOD/tpid=46bcc29f55b02d56/gdpr=0/gdpr_consent=?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdpr%3D%24%7Bgdpr%7D HTTP 302
  • https://pixel.onaudience.com/?partner=104&icm&cver&mapped=e5b7cf062dad48f75e4012f638e7be6b&gdpr=0 HTTP 302
  • https://spl.zeotap.com/?zdid=1332&zcluid=46bcc29f55b02d56 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=zeotap_ddp&google_cm&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=73c95803-d805-4329-7b32-9e2584ab69ff&reqId=ab43785c-86d8-447f-4957-85bee2d3960c&zcluid=46bcc29f55b02d56&zdid=1332 HTTP 302
  • https://mwzeom.zeotap.com/mw?google_gid=CAESEMZ_bzC9_lTJQHfk25YO3cw&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=73c95803-d805-4329-7b32-9e2584ab69ff&reqId=ab43785c-86d8-447f-4957-85bee2d3960c&zcluid=46bcc29f55b02d56&zdid=1332
Request Chain 43
  • https://ap.lijit.com/readerinfo/v2 HTTP 307
  • https://ap.lijit.com/readerinfo/v2?sovrn_retry=true

50 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request ringinkoipageinfo121
bareeqal5alij.hewaaya.com/user/ 		9 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://bareeqal5alij.hewaaya.com/user/ringinkoipageinfo121
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
af6f44df0efe01d849acbb05b7e0a4469331bb1df28cb1da41a4e58971a9ecc8

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
ka-GE,ka;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-store, no-cache, must-revalidate
cf-cache-status
DYNAMIC
cf-ray
7ba00099abf83a68-FRA
content-encoding
br
content-type
text/html; charset=utf-8
date
Tue, 18 Apr 2023 21:29:17 GMT
expires
Thu, 19 Nov 1981 08:52:00 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PBmC3V7sihYPNIA0836YdI2lnv9B9Hq1CtDdH5ySueqdMm1rh2eH7ugVni73gUh%2Fq%2Bq2pAh954sMo8wGBevArTiVUsE11DVE4S8aTkObOJ7lDpN562QnytLgDtVoVm7gUL0d0Bfk64Bub8hn"}],"group":"cf-nel","max_age":604800}
server
cloudflare
qa-styles.css
bareeqal5alij.hewaaya.com/qa-theme/SnowFlat/ 		71 KB
13 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://bareeqal5alij.hewaaya.com/qa-theme/SnowFlat/qa-styles.css?1.8.3
Requested by
Host: bareeqal5alij.hewaaya.com
URL: https://bareeqal5alij.hewaaya.com/user/ringinkoipageinfo121
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f5802a6a61b055db582426e1a8d9f9d0a9808480baaffb710e57a8f1fa941830

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://bareeqal5alij.hewaaya.com/user/ringinkoipageinfo121
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 18 Apr 2023 21:29:17 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Sat, 12 Jan 2019 22:22:42 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"5c3a68b2-11af1"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZIbyMt8CHVO9RKjpFc8JUUpyXKkJOfP%2BkmUsVPlySG4tGnZeQmRqX%2BNP2Zl8kfJjRR4E%2FZrNmH1Mmp7Z2JIGyRNUdVhTH53Y4vzNqF8lXNLSqfjVM57YaLr2QkalFIDPn0KgTYWOSX9zStsc"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=2678400
cf-ray
7ba0009aad423a68-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Thu, 18 May 2023 21:29:17 GMT
qa-styles-rtl.css
bareeqal5alij.hewaaya.com/qa-theme/SnowFlat/ 		7 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://bareeqal5alij.hewaaya.com/qa-theme/SnowFlat/qa-styles-rtl.css?1.8.3
Requested by
Host: bareeqal5alij.hewaaya.com
URL: https://bareeqal5alij.hewaaya.com/user/ringinkoipageinfo121
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
67d60e82e0290b540551880e0317d1950a2b317c4858d2214a11342f9b036785

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://bareeqal5alij.hewaaya.com/user/ringinkoipageinfo121
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 18 Apr 2023 21:29:17 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Sat, 12 Jan 2019 22:22:42 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"5c3a68b2-1d5a"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4oR%2BLhgT%2F8hBz9eRgDjR84QtvgWJlgxo5cYXpYmij1X%2F1btirO5d31Spr3kA6KO3f7QQRnirGuO4%2B9pxBQ4jtSC7vTBWBYrsAWniF7RQQTpUJVKjPzgHjaFOCadnQzVzKzVZ0LDbLG8PzE7P"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=2678400
cf-ray
7ba0009aad403a68-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Thu, 18 May 2023 21:29:17 GMT
css2
fonts.googleapis.com/ 		5 KB
946 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=El+Messiri:wght@400;500;600;700&display=swap
Requested by
Host: bareeqal5alij.hewaaya.com
URL: https://bareeqal5alij.hewaaya.com/user/ringinkoipageinfo121
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.181.234 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f10.1e100.net
Software
ESF /
Resource Hash
8e689b8228bc3b05baf7bf826d201da199d1d76e2bf850c57e41afc6704b7408
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://bareeqal5alij.hewaaya.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Tue, 18 Apr 2023 21:29:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Tue, 18 Apr 2023 21:29:17 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 18 Apr 2023 21:29:17 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		137 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-8343227950611411
Requested by
Host: bareeqal5alij.hewaaya.com
URL: https://bareeqal5alij.hewaaya.com/user/ringinkoipageinfo121
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
cafe /
Resource Hash
0f71fb174eb8deadb5267975fab9d43cb8e95d97dae866685cd78e8dc6741f48
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://bareeqal5alij.hewaaya.com/
Origin
https://bareeqal5alij.hewaaya.com
accept-language
ka-GE,ka;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 18 Apr 2023 21:29:18 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
47949
x-xss-protection
0
server
cafe
etag
14987958187331011385
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Tue, 18 Apr 2023 21:29:18 GMT
jquery-3.3.1.min.js
bareeqal5alij.hewaaya.com/qa-content/ 		85 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bareeqal5alij.hewaaya.com/qa-content/jquery-3.3.1.min.js
Requested by
Host: bareeqal5alij.hewaaya.com
URL: https://bareeqal5alij.hewaaya.com/user/ringinkoipageinfo121
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d30b6114fb9496ae46b2a8cdf59379c8ffdb957534bd1dd73e626c7c61c7e67d

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://bareeqal5alij.hewaaya.com/user/ringinkoipageinfo121
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 18 Apr 2023 21:29:17 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Tue, 07 Sep 2021 18:26:12 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"6137aec4-1538f"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TOUc3Vxq85ltHqYRp5MPRbaiTAii9ApVi8MOrWjswfbdkHJ4F5jSoXHQHMIBPxU0YD%2B0buVptXyBORCHmJIhmwZLUN1H3OP8JZ4h7aQjHIPLMWj%2FQx4PmZvTWWOoBPodwJqnsFSMahdlNEEr"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=2678400
cf-ray
7ba0009aad443a68-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Thu, 18 May 2023 21:29:17 GMT
qa-global.js
bareeqal5alij.hewaaya.com/qa-content/ 		20 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bareeqal5alij.hewaaya.com/qa-content/qa-global.js?1.8.3
Requested by
Host: bareeqal5alij.hewaaya.com
URL: https://bareeqal5alij.hewaaya.com/user/ringinkoipageinfo121
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b79950172d0e6c3091a44a69d615ee5711f57bb59e202b2a383d48e4ca2a4ce3

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://bareeqal5alij.hewaaya.com/user/ringinkoipageinfo121
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 18 Apr 2023 21:29:17 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Sat, 12 Jan 2019 22:22:42 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"5c3a68b2-5046"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FlRjpqVInuTATPQr3KGikiNo7HzVOiA1vbtUlmn9mUwqEnrvIWnsZY%2FbDbkFKUKcbJ2h%2Fmvu7IjSqwnueAtdf369%2Bt5XR4JqWVcS%2FP%2F6YTlTQe3pUnsc6ApXI%2FWTWPoCQuyt%2BSUKk9fZmIiJ"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=2678400
cf-ray
7ba0009aad453a68-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Thu, 18 May 2023 21:29:17 GMT
snow-core.js
bareeqal5alij.hewaaya.com/qa-theme/SnowFlat/js/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bareeqal5alij.hewaaya.com/qa-theme/SnowFlat/js/snow-core.js?1.8.3
Requested by
Host: bareeqal5alij.hewaaya.com
URL: https://bareeqal5alij.hewaaya.com/user/ringinkoipageinfo121
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5eecfa645aee35cb0c6820e187451ab14a9df51283635a2117d7ba866a6a74aa

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://bareeqal5alij.hewaaya.com/user/ringinkoipageinfo121
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 18 Apr 2023 21:29:17 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Sat, 12 Jan 2019 22:22:42 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"5c3a68b2-94f"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=M3qcY5rDBRUtCbGEUGbZJ3G5lfR1QKEHQrg2HC95tXCkHFqmEcKWpoqZLqOkKT8DgIqEWAIhpwAlE7aHox4xa3OcxfRDRTHZBx%2FQVWivt4LBwtoJukbPuqQqClkQ0wDWchAiCuEyNfMl6Gyh"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=2678400
cf-ray
7ba0009aad463a68-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Thu, 18 May 2023 21:29:17 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		136 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: bareeqal5alij.hewaaya.com
URL: https://bareeqal5alij.hewaaya.com/user/ringinkoipageinfo121
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
cafe /
Resource Hash
bf32ee4508ad80399b6bd61925477275a8825a41d4c3b8a77e95ca8582f97f97
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://bareeqal5alij.hewaaya.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 18 Apr 2023 21:29:18 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
47733
x-xss-protection
0
server
cafe
etag
13100610296193339284
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Tue, 18 Apr 2023 21:29:18 GMT
rocket-loader.min.js
bareeqal5alij.hewaaya.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/ 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bareeqal5alij.hewaaya.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Requested by
Host: bareeqal5alij.hewaaya.com
URL: https://bareeqal5alij.hewaaya.com/user/ringinkoipageinfo121
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://bareeqal5alij.hewaaya.com/user/ringinkoipageinfo121
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 18 Apr 2023 21:29:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 06 Apr 2023 15:48:48 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"642ee9e0-302c"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Rg%2FjA2AVy94kX5chaOvcWGsLkqeg32k%2BjPRiLajNpBD%2Bp%2F3iDOM2QOwFRQ%2Bouh%2FTU9Lvcb492X5RAMBmtSFn2LXVMb4D%2FuoWGoeTjHoI9JUfFDuwy1kJlJIZoiMUplu5BcvAu63f8OuFuAnB"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
x-frame-options
DENY
cache-control
max-age=172800, public
cf-ray
7ba0009de8bf3a68-FRA
expires
Thu, 20 Apr 2023 21:29:17 GMT
js15_as.js
s10.histats.com/ 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s10.histats.com/js15_as.js
Requested by
Host: bareeqal5alij.hewaaya.com
URL: https://bareeqal5alij.hewaaya.com/user/ringinkoipageinfo121
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
46.105.201.240 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
/
Resource Hash
2defe59e357a7d0683c8283ac42841db404a0884cae2eaecebf4b676e559dede

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://bareeqal5alij.hewaaya.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 18 Apr 2023 21:22:16 GMT
content-encoding
br
last-modified
Thu, 16 Apr 2020 10:44:16 GMT
x-cacheable
Matched cache
x-cdn-pop-ip
137.74.120.0/27
etag
"-375139978"
content-type
text/javascript
x-cdn-pop
sbg
accept-ranges
bytes
content-length
4364
x-request-id
39322000
spinner-icon-14x14.gif
bareeqal5alij.hewaaya.com/qa-theme/SnowFlat/images/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bareeqal5alij.hewaaya.com/qa-theme/SnowFlat/images/spinner-icon-14x14.gif?1410117644
Requested by
Host: bareeqal5alij.hewaaya.com
URL: https://bareeqal5alij.hewaaya.com/qa-theme/SnowFlat/qa-styles.css?1.8.3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
07a75636966b34dd8bbafee0ebced659b03bab0e57641e1fa035ca7da0bd39ce

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://bareeqal5alij.hewaaya.com/qa-theme/SnowFlat/qa-styles.css?1.8.3
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 18 Apr 2023 21:29:17 GMT
cf-cache-status
MISS
last-modified
Sat, 12 Jan 2019 22:15:16 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"5c3a66f4-1e65"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eHk8I%2FWkm%2FbuqTf1aYOmMaTDW4UVTSkObj8e1lnC4mRQkAWA8RO54MwvXKSLLoCemPR5zyuG6XkRnp%2B%2BlS3wYeqtecy9LLJAizdaueKwlQK%2Bub%2ByGZjacBqQ0ChPgTUs7arGFlLlUaOHUUyy"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cache-control
max-age=2678400
accept-ranges
bytes
cf-ray
7ba0009df8d63a68-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
7781
expires
Thu, 18 May 2023 21:29:17 GMT
fontello.woff
bareeqal5alij.hewaaya.com/qa-theme/SnowFlat/fonts/ 		7 KB
7 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://bareeqal5alij.hewaaya.com/qa-theme/SnowFlat/fonts/fontello.woff?70015067
Requested by
Host: bareeqal5alij.hewaaya.com
URL: https://bareeqal5alij.hewaaya.com/qa-theme/SnowFlat/qa-styles.css?1.8.3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c7aca9ebef12465aad206aae5351ba575eebe4b5e3f0fb1d99f4f92f1c4f396d

Request headers

Referer
https://bareeqal5alij.hewaaya.com/qa-theme/SnowFlat/qa-styles.css?1.8.3
Origin
https://bareeqal5alij.hewaaya.com
accept-language
ka-GE,ka;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 18 Apr 2023 21:29:17 GMT
cf-cache-status
MISS
last-modified
Mon, 25 Jul 2016 22:01:58 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"57968c56-1c20"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Xq9wyGJ6GLFG7fF0YBq309oSFAdtIzZKFklleVfF0Z8Q%2FSs%2Fzrg2ZCkXUkt3%2FdFiSh%2B6JuA2mFEAtJf%2F5HSs%2F%2FUm7eGlyxjyqtARaqLdlmmr%2FQy0RpxBGobGZhMhYUCe%2FgdjKjguS%2BJwPkDB"}],"group":"cf-nel","max_age":604800}
content-type
font/woff
cache-control
max-age=2678400
accept-ranges
bytes
cf-ray
7ba0009df8d93a68-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
7200
K2F0fZBRmr9vQ1pHEey6MoiAAhLz.woff2
fonts.gstatic.com/s/elmessiri/v22/ 		20 KB
20 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/elmessiri/v22/K2F0fZBRmr9vQ1pHEey6MoiAAhLz.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=El+Messiri:wght@400;500;600;700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.195 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f3.1e100.net
Software
sffe /
Resource Hash
8a4af194e6621eb59bfffa9ed641b5713738b453bfa154e2da57ff6c25f42a1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://bareeqal5alij.hewaaya.com
accept-language
ka-GE,ka;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 12 Apr 2023 02:58:06 GMT
x-content-type-options
nosniff
age
585072
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20140
x-xss-protection
0
last-modified
Mon, 20 Mar 2023 22:53:52 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 11 Apr 2024 02:58:06 GMT
K2F0fZBRmr9vQ1pHEey6Mo2AAg.woff2
fonts.gstatic.com/s/elmessiri/v22/ 		23 KB
23 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/elmessiri/v22/K2F0fZBRmr9vQ1pHEey6Mo2AAg.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=El+Messiri:wght@400;500;600;700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.195 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f3.1e100.net
Software
sffe /
Resource Hash
1e74aff7c1462215c29331919f14a3634c14ce05f0068d53ddc3092f4b249c09
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://bareeqal5alij.hewaaya.com
accept-language
ka-GE,ka;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 18 Apr 2023 11:16:04 GMT
x-content-type-options
nosniff
age
36794
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
23540
x-xss-protection
0
last-modified
Mon, 20 Mar 2023 22:52:39 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 17 Apr 2024 11:16:04 GMT
invisible.js
bareeqal5alij.hewaaya.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/74cb9f3f/ Frame 61D3
Redirect Chain
  • https://bareeqal5alij.hewaaya.com/cdn-cgi/challenge-platform/scripts/invisible.js
  • https://bareeqal5alij.hewaaya.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/74cb9f3f/invisible.js
27 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bareeqal5alij.hewaaya.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/74cb9f3f/invisible.js
Requested by
Host: bareeqal5alij.hewaaya.com
URL: https://bareeqal5alij.hewaaya.com/user/ringinkoipageinfo121
Protocol
H2
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f15f7d431618d49bf9f5cf21844859b901fb8d1f2b4dc410e3042db797362591
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 18 Apr 2023 21:29:18 GMT
content-encoding
br
x-content-type-options
nosniff
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
accept-encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RCoVfWRSdW9%2Flo6fb8g9EfzNwwzTPtSrBbhAGPhR0MD1S2yjtUa5ZDRYNqoN3HDQxfPAs%2FkDvdbcrPzA9lISwHqE%2FnegcRxqWG5%2FfNqYqCmp1jsY0HLokgM%2BrJXilPTWUpCzCQu7EfkAxN1T"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
cache-control
max-age=14400, public
cf-ray
7ba0009faac33a68-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400

Redirect headers

date
Tue, 18 Apr 2023 21:29:17 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
accept-encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Z%2BA2ME%2Fr%2FwCEpudhGhRHzOcGB0Ff3POmSvFcQCM3GorJI9Au%2B1kErwm%2Bb83dP3I8d9RDqvaVqE9ILx%2FZQzUD5dujNTyALS0hnhH7B6Q2eRf118uJ1XGp4lPzrl34f3ArVDpKao%2FGK7iMw1wZ"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
*
location
/cdn-cgi/challenge-platform/h/b/scripts/jsd/74cb9f3f/invisible.js
cache-control
max-age=300, public
cf-ray
7ba0009ec9c53a68-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
pica.js
bareeqal5alij.hewaaya.com/cdn-cgi/challenge-platform/h/b/scripts/ Frame 61D3 		6 KB
3 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://bareeqal5alij.hewaaya.com/cdn-cgi/challenge-platform/h/b/scripts/pica.js
Requested by
Host: bareeqal5alij.hewaaya.com
URL: https://bareeqal5alij.hewaaya.com/user/ringinkoipageinfo121
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cb52841cab886f2b531c9206f4fd50716bb919e5ab656533bcdbf3311bfd9622
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 18 Apr 2023 21:29:18 GMT
content-encoding
br
x-content-type-options
nosniff
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
accept-encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Pl%2BaohuRhcAx64KVL5dgc0dLRYsvdfP4HxCoLRLp01x52gaJ8iUkLcu4WMsSPkisDNCtdBoIPiFyAknsZzRr5Hq%2BsrSerP%2FspbhAp55kw9MXIRs%2FocyPIWT%2F8IXzR8%2Fg43Am93qYbjPwFRCz"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
cache-control
max-age=14400, public
cf-ray
7ba000a13c863a68-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
show_ads_impl_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202304060101/ 		347 KB
116 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202304060101/show_ads_impl_fy2021.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
cafe /
Resource Hash
1f3f49de2b191434de465c9cfe7aed7596ecaef88f40610a75a927cc6d75eb46
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://bareeqal5alij.hewaaya.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 18 Apr 2023 21:29:18 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
118926
x-xss-protection
0
server
cafe
etag
4814381643121653561
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Tue, 18 Apr 2023 21:29:18 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20230413/r20190131/ Frame 823A 		10 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20230413/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
cafe /
Resource Hash
ca070dfc7785775cbf5cce16064029ee534259de42c6d9de10e476e710000e93
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://bareeqal5alij.hewaaya.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
ka-GE,ka;q=0.9

Response headers

age
20492
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4549
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 18 Apr 2023 15:47:46 GMT
etag
2378337311435320485
expires
Tue, 02 May 2023 15:47:46 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
7ba00099abf83a68
bareeqal5alij.hewaaya.com/cdn-cgi/challenge-platform/h/b/cv/result/ Frame 61D3 		2 B
517 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bareeqal5alij.hewaaya.com/cdn-cgi/challenge-platform/h/b/cv/result/7ba00099abf83a68
Requested by
Host: bareeqal5alij.hewaaya.com
URL: https://bareeqal5alij.hewaaya.com/cdn-cgi/challenge-platform/scripts/invisible.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer
accept-language
ka-GE,ka;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json

Response headers

date
Tue, 18 Apr 2023 21:29:18 GMT
content-encoding
br
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KQjbjcWuwWMQedMXvd0qsI4OMeeoobNSYsiymvDcBUbvs6GFTYExz%2BJaGID5M8%2BKMrsj74oipHEDgAcWhB6gcSx6%2FAcrW8TBTNsDmv%2FujhIB6zb60QKSUIcQmgTMQaSdhy%2BPC4F1%2BqGhylOa"}],"group":"cf-nel","max_age":604800}
content-type
text/plain; charset=UTF-8
cf-ray
7ba000a33ed93a68-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
0.php
s4.histats.com/stats/ 		378 B
513 B 		Script
General
Check archive.org
Download Go to
Full URL
https://s4.histats.com/stats/0.php?4631733&@f16&@g1&@h1&@i1&@j1681853358530&@k0&@l1&@m%D8%A8%D8%B1%D9%8A%D9%82%20%D8%A7%D9%84%D8%AE%D9%84%D9%8A%D8%AC&@n0&@o1000&@q0&@r0&@s0&@ten-US&@u1600&@b1:-142850038&@b3:1681853359&@b4:js15_as.js&@b5:0&@a-_0.2.1&@vhttps%3A%2F%2Fbareeqal5alij.hewaaya.com%2Fuser%2Fringinkoipageinfo121&@w
Requested by
Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
149.56.240.27 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS
ns534106.ip-149-56-240.net
Software
/
Resource Hash
f8361d9d72daad374744cb742e09812bb74e0bbd591d98851cc928ec5ff976c4

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://bareeqal5alij.hewaaya.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 18 Apr 2023 21:29:19 GMT
Connection
close
Content-Length
378
Content-Type
text/html;charset=UTF-8
cookie.js
partner.googleadservices.com/gampad/ 		389 B
603 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=bareeqal5alij.hewaaya.com&callback=_gfp_s_&client=ca-pub-8343227950611411
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202304060101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s28-in-f2.1e100.net
Software
cafe /
Resource Hash
6a1d78632f6bf75f6b0b92f735cf8b48cc24e78516e65911a4ccb4701117ac54
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://bareeqal5alij.hewaaya.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 18 Apr 2023 21:29:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
252
x-xss-protection
0
integrator.js
adservice.google.ge/adsid/ 		107 B
531 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.ge/adsid/integrator.js?domain=bareeqal5alij.hewaaya.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202304060101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://bareeqal5alij.hewaaya.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 18 Apr 2023 21:29:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
456 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=bareeqal5alij.hewaaya.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202304060101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://bareeqal5alij.hewaaya.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 18 Apr 2023 21:29:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 2D85 		14 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8343227950611411&output=html&adk=1812271804&adf=3025194257&lmt=1681853358&plat=3%3A16%2C4%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fbareeqal5alij.hewaaya.com%2Fuser%2Fringinkoipageinfo121&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1681853358292&bpp=3&bdt=1135&idt=509&shv=r20230413&mjsv=m202304060101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=4445764310480&frm=20&pv=2&ga_vid=449571258.1681853359&ga_sid=1681853359&ga_hid=1068136391&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44788217%2C44759876%2C44759927%2C42531705&oid=2&pvsid=1330071943405554&tmod=957975605&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=528
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202304060101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
cafe /
Resource Hash
3bf914070ac7871eca35a20bdb2054968b58facf19a48184067725b811d16ab6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://bareeqal5alij.hewaaya.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
ka-GE,ka;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
5223
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 18 Apr 2023 21:29:19 GMT
expires
Tue, 18 Apr 2023 21:29:19 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
/
e.dtscout.com/e/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fbareeqal5alij.hewaaya.com%2Fuser%2Fringinkoipageinfo121&j=
Requested by
Host: s4.histats.com
URL: https://s4.histats.com/stats/0.php?4631733&@f16&@g1&@h1&@i1&@j1681853358530&@k0&@l1&@m%D8%A8%D8%B1%D9%8A%D9%82%20%D8%A7%D9%84%D8%AE%D9%84%D9%8A%D8%AC&@n0&@o1000&@q0&@r0&@s0&@ten-US&@u1600&@b1:-142850038&@b3:1681853359&@b4:js15_as.js&@b5:0&@a-_0.2.1&@vhttps%3A%2F%2Fbareeqal5alij.hewaaya.com%2Fuser%2Fringinkoipageinfo121&@w
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.101.120.11 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
42016f526ed20e213828d483253aae0c4b961c287bd09ca8a08d11492217b0ee

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://bareeqal5alij.hewaaya.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 18 Apr 2023 21:29:20 GMT
x-t
0.828
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IlKzhMc0RxihMUoNK6SenMHxXHKW8L8gh3k5XfelhZcsiDiUaqSuP0qIVwk1WoZWOdNj5I7Jj5CKmYdPUdBuhOBTC5sf91A5IrhnnQfmGXU9%2FqNVW8FUQNFULSKm3GY%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
no-cache
x-s
mtl2
cf-ray
7ba000abdc6635e2-FRA
expires
Tue, 18 Apr 2023 21:29:19 GMT
/
t.dtscout.com/idg/ Frame B6A5 		1 KB
720 B 		Document
General
Check archive.org
Download Go to
Full URL
https://t.dtscout.com/idg/?su=10401681853360FC29796B579B3A6620
Requested by
Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fbareeqal5alij.hewaaya.com%2Fuser%2Fringinkoipageinfo121&j=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.101.120.11 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
74fd8be2ddcad280054a8e0edf5a4c503396b806aaeb9afad7218cf4329b4556

Request headers

Referer
https://bareeqal5alij.hewaaya.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
ka-GE,ka;q=0.9

Response headers

cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
7ba000addede35e2-FRA
content-encoding
br
content-type
text/html; charset=UTF-8
date
Tue, 18 Apr 2023 21:29:20 GMT
expires
Tue, 18 Apr 2023 21:29:19 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dVGDFMCsr7%2FMHb4uR8l7Ruich%2Bghvo3PBVfr6t6r3jlMh7WAx5QUOsgBWvgf8rp3S8ansdh8Uglt2oOSwGCaGqIFBhW5lPJ5cY6QdLFSCstxCFmv1t%2F30wuDzkAs4nY%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
tag.min.js
get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/ 		33 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Requested by
Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fbareeqal5alij.hewaaya.com%2Fuser%2Fringinkoipageinfo121&j=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.66.74 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-66-74.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
58bb8299d12e5da9f688e2e5b299a4eeaa790c58a47f68275c0d119b98e7c837

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://bareeqal5alij.hewaaya.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
Cbjpq7uzlYJGW75uYJ0hJ2.4T0hYLuBY
content-encoding
gzip
via
1.1 afb3db4ac63e94a7684b97827417941c.cloudfront.net (CloudFront)
date
Tue, 18 Apr 2023 02:53:35 GMT
last-modified
Tue, 28 Feb 2023 11:00:34 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-C1
age
66946
x-amz-server-side-encryption
AES256
etag
W/"da6f9d421ee18b85a6159832b88d2387"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
max-age=86400
x-amz-cf-id
GFWDYoC9kL8f8o3H36126ioT8XiGPPTDjEZdH3BND6EfYiZzIObSUQ==
/
t.dtscout.com/pv/ 		50 B
331 B 		Script
General
Check archive.org
Download Go to
Full URL
https://t.dtscout.com/pv/?_a=v&_h=bareeqal5alij.hewaaya.com&_ss=w7afh58ady&_pv=1&_ls=0&_u1=1&_u3=1&_cc=ge&_pl=d&_cbid=zdq3&_cb=_dtspv.c
Requested by
Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fbareeqal5alij.hewaaya.com%2Fuser%2Fringinkoipageinfo121&j=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.101.120.11 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e52508a92974be741352ac225ea35e3231265220176348e2af4aa10797a23049

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://bareeqal5alij.hewaaya.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 18 Apr 2023 21:29:20 GMT
x-t
0.131
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Lt%2FyA2WjIUK5aqmODh21wGQBa2GkpqI45%2Bx9LfbHxq65wQvAoQL8aOwMeUC8WR%2FMlnq969nRW0TNC9QS%2BBjhIwhya09%2Fgdt21uBG9CGwkZOn7zbrPIpeN53IPlP27nM%3D"}],"group":"cf-nel","max_age":604800}
x-c
0
content-type
application/javascript
cache-control
no-cache
cf-ray
7ba000addedf35e2-FRA
expires
Tue, 18 Apr 2023 21:29:19 GMT
/
onetag-geo.s-onetag.com/ 		535 B
943 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://onetag-geo.s-onetag.com/
Requested by
Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.112.48 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-112-48.fra56.r.cloudfront.net
Software
/
Resource Hash
a5bf7103a913c517d20c996abfca950b0364ea4731145082ba5d5c2cf86e1b42

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://bareeqal5alij.hewaaya.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 18 Apr 2023 21:29:21 GMT
via
1.1 ab68583a58d574d6a9e5fca1fb1e6316.cloudfront.net (CloudFront), 1.1 98652de9f742fc1df9de714d921e14c2.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P6, FRA56-P5
x-amzn-requestid
7fd36ca2-a60d-409d-9b2e-de5470f9fdd4
x-cache
Miss from cloudfront
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=86400
x-amz-apigw-id
Dl7DwGtiiYcFwqA=
content-length
535
x-amz-cf-id
HXC2RAhzgflmk5cTpcpvxVsQP6Xkyg-RV95MQ8U8LVsEbzgLK2UlNw==
invisible.js
bareeqal5alij.hewaaya.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/74cb9f3f/ Frame 61D3
Redirect Chain
  • https://bareeqal5alij.hewaaya.com/cdn-cgi/challenge-platform/scripts/invisible.js
  • https://bareeqal5alij.hewaaya.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/74cb9f3f/invisible.js
23 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bareeqal5alij.hewaaya.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/74cb9f3f/invisible.js
Protocol
H3
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6bec6d2d59cf6e5dd548ed6582497417a1e1ab7b370ef3111d612fb5d96b5110
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 18 Apr 2023 21:29:21 GMT
content-encoding
br
x-content-type-options
nosniff
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
accept-encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GoNvePKuMB6LHyxvOnyrwfESzsGbV%2FV0VW4lngFtMFSS%2FV%2FYgbEB5hIF64JMVWVIu8UoXs7GSRPzwnHroneWg0zHi25UrDtLIt9LrxWLqDMPzo%2B89QFJv05mdeNOzGqk0o3rlCXJKIuXJ97a"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
cache-control
max-age=14400, public
cf-ray
7ba000b2f9992c7a-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400

Redirect headers

date
Tue, 18 Apr 2023 21:29:20 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
accept-encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8jkE9u3dToNgjxmzNbDgUP9heEF5IEPrbTCZPIygWaSZB27ERphx5yJ73rMhNsyxyI%2BA4oZMMbY6HDDcBAp%2Bd2wR98kq%2Ffuxr%2B54YjWFYVHwSoG1Lozq1hAId0QtYSF85AC2lPAq2oT8Heie"}],"group":"cf-nel","max_age":604800}
location
/cdn-cgi/challenge-platform/h/b/scripts/jsd/74cb9f3f/invisible.js
access-control-allow-origin
*
cache-control
max-age=300, public
cf-ray
7ba000b2187e2c7a-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
sodar
pagead2.googlesyndication.com/getconfig/ 		15 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230413&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202304060101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
cafe /
Resource Hash
6b38386219bb3b5762483124b2ba76b971819c7fc0b02d8e1785dcfb9c613fcc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://bareeqal5alij.hewaaya.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 18 Apr 2023 21:29:21 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11368
x-xss-protection
0
/
t.dtscdn.com/widget/ 		0
582 B 		Script
General
Check archive.org
Download Go to
Full URL
https://t.dtscdn.com/widget/?d=10401681853360FC29796B579B3A6620&nid=300&p=836148727&t=0&s=1600x1200x24&u=https%3A%2F%2Fbareeqal5alij.hewaaya.com%2Fuser%2Fringinkoipageinfo121&r=
Requested by
Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fbareeqal5alij.hewaaya.com%2Fuser%2Fringinkoipageinfo121&j=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.74.186 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://bareeqal5alij.hewaaya.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 18 Apr 2023 21:29:21 GMT
x-t
0.94
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JxPIUrr29n2I4DYGix7TtSTvA022vzB54nN5uhNamRiIsCiaUGz707WKkmTAjRDu4k5szWSHwNnQgPCIOJ1WU3SIE0RDRReavPJN%2F8J7dVt78H862f6fQHQ0MgKU4Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
cache-control
no-cache
x-server
web14.ny1.dtscdn.com
cf-ray
7ba000b3e8f8925f-FRA
expires
Tue, 18 Apr 2023 19:23:30 GMT
tpid=10401681853360FC29796B579B3A6620
bcp.crwdcntrl.net/5/ct=y/c=3825/tp=DTSC/
Redirect Chain
  • https://bcp.crwdcntrl.net/5/c=3825/tp=DTSC/tpid=10401681853360FC29796B579B3A6620
  • https://bcp.crwdcntrl.net/5/ct=y/c=3825/tp=DTSC/tpid=10401681853360FC29796B579B3A6620
49 B
543 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bcp.crwdcntrl.net/5/ct=y/c=3825/tp=DTSC/tpid=10401681853360FC29796B579B3A6620
Protocol
H2
Server
54.194.98.250 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-194-98-250.eu-west-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://bareeqal5alij.hewaaya.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 18 Apr 2023 21:29:21 GMT
server
Jetty(9.4.38.v20210224)
content-type
image/gif
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.45.27.64
content-length
49
expires
0

Redirect headers

pragma
no-cache
date
Tue, 18 Apr 2023 21:29:21 GMT
server
Jetty(9.4.38.v20210224)
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
location
https://bcp.crwdcntrl.net/5/ct=y/c=3825/tp=DTSC/tpid=10401681853360FC29796B579B3A6620
cache-control
no-cache
x-server
10.45.26.248
content-length
0
expires
0
mw
mwzeom.zeotap.com/
Redirect Chain
  • https://pixel.onaudience.com/?partner=137085098&mapped=10401681853360FC29796B579B3A6620
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1&gdpr=0
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=xksw9la&ttd_tpi=1&gdpr=0
  • https://pixel.onaudience.com/?partner=147&mapped=30f2a399-959b-4c21-b26c-e6ed3e6baf58&icm&gdpr=0&gdpr_consent=&cver
  • https://sync.crwdcntrl.net/map/c=8587/tp=CLOD/tpid=46bcc29f55b02d56/gdpr=0/gdpr_consent=?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdpr%3D%...
  • https://pixel.onaudience.com/?partner=104&icm&cver&mapped=e5b7cf062dad48f75e4012f638e7be6b&gdpr=0
  • https://spl.zeotap.com/?zdid=1332&zcluid=46bcc29f55b02d56
  • https://cm.g.doubleclick.net/pixel?google_nid=zeotap_ddp&google_cm&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=73c95803-d805-4329-7b32-9e2584ab69ff&reqId=ab43785c-86d8-447f-4957-85bee2d3960c&zclui...
  • https://mwzeom.zeotap.com/mw?google_gid=CAESEMZ_bzC9_lTJQHfk25YO3cw&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=73c95803-d805-4329-7b32-9e2584ab69ff&reqId=ab43785c-86d8-447f-4957-85b...
95 B
186 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?google_gid=CAESEMZ_bzC9_lTJQHfk25YO3cw&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=73c95803-d805-4329-7b32-9e2584ab69ff&reqId=ab43785c-86d8-447f-4957-85bee2d3960c&zcluid=46bcc29f55b02d56&zdid=1332
Protocol
H2
Server
172.67.13.182 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://bareeqal5alij.hewaaya.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 18 Apr 2023 21:29:24 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
vary
Origin
content-type
image/png
access-control-allow-origin
https://bareeqal5alij.hewaaya.com
access-control-allow-credentials
true
cf-ray
7ba000c66eea37e4-FRA
access-control-allow-headers
*
content-length
95

Redirect headers

pragma
no-cache
date
Tue, 18 Apr 2023 21:29:23 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://mwzeom.zeotap.com/mw?google_gid=CAESEMZ_bzC9_lTJQHfk25YO3cw&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=73c95803-d805-4329-7b32-9e2584ab69ff&reqId=ab43785c-86d8-447f-4957-85bee2d3960c&zcluid=46bcc29f55b02d56&zdid=1332
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
469
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pica.js
bareeqal5alij.hewaaya.com/cdn-cgi/challenge-platform/h/b/scripts/ Frame 61D3 		6 KB
3 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://bareeqal5alij.hewaaya.com/cdn-cgi/challenge-platform/h/b/scripts/pica.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
56f96a86608f909def112b04769e0cc0fe665c3a308c7fa7eec0d23ac1eddab2
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 18 Apr 2023 21:29:21 GMT
content-encoding
br
x-content-type-options
nosniff
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
accept-encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kavMxhsVJpXO25NKcTjbBeCDKbWzRIRx3mkmlINRgVnlnsdkGeT2FQ02dElyVtak7dsvY8eZuIu7w6OssFPaKwUzDoYE%2BN%2BjJCQmIcwFNDWFRIWSZb9cMnaLvxLTY9fgHxqjMlm65D6EmPqx"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
cache-control
max-age=14400, public
cf-ray
7ba000b3eab22c7a-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202304060101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.212.129 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s21-in-f1.1e100.net
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://bareeqal5alij.hewaaya.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 18 Apr 2023 21:29:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Tue, 18 Apr 2023 21:29:21 GMT
dataBeacons.min.js
data-beacons.s-onetag.com/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://data-beacons.s-onetag.com/dataBeacons.min.js
Requested by
Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.27.118 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-27-118.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
07dbb740764ddcc657e44a4f2767a85c877c6c92262615acefe839c0ca07c9e9

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://bareeqal5alij.hewaaya.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
AynV9CxPKzE_gbaRfuvHkmlMpRA2Kx_l
content-encoding
gzip
via
1.1 3acba66e95e31977aee0842f44a6f08e.cloudfront.net (CloudFront)
date
Tue, 18 Apr 2023 21:25:02 GMT
last-modified
Mon, 30 Jan 2023 17:09:16 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-C2
age
261
etag
W/"b33b67ced6b706568683ecea83e198c4"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
max-age=3600
x-amz-cf-id
POHahNrUHbPChgVJo-ou9FcYhvVjm2_IOoGjlJZzWrrTJ3FweDXx9A==
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 7D1A 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.212.129 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s21-in-f1.1e100.net
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://bareeqal5alij.hewaaya.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
ka-GE,ka;q=0.9

Response headers

accept-ranges
bytes
age
7358
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 18 Apr 2023 19:26:44 GMT
expires
Wed, 17 Apr 2024 19:26:44 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame DFCB 		783 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.164 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f4.1e100.net
Software
GSE /
Resource Hash
5b4bfd6070787f7a48c4bca40666b384d308b856e06926a0c0ca49e1b4cfc609
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-CbF0LhPkPnceq3QGhqbYag' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://bareeqal5alij.hewaaya.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
ka-GE,ka;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-length
511
content-security-policy
script-src 'report-sample' 'nonce-CbF0LhPkPnceq3QGhqbYag' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Tue, 18 Apr 2023 21:29:22 GMT
expires
Tue, 18 Apr 2023 21:29:22 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
7ba00099abf83a68
bareeqal5alij.hewaaya.com/cdn-cgi/challenge-platform/h/b/cv/result/ Frame 61D3 		2 B
628 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bareeqal5alij.hewaaya.com/cdn-cgi/challenge-platform/h/b/cv/result/7ba00099abf83a68
Requested by
Host: bareeqal5alij.hewaaya.com
URL: https://bareeqal5alij.hewaaya.com/cdn-cgi/challenge-platform/scripts/invisible.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer
accept-language
ka-GE,ka;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json

Response headers

date
Tue, 18 Apr 2023 21:29:22 GMT
content-encoding
br
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UeClesWnzTBRKA%2Bb3qKVpLc1z1X4FHd%2BVIOyvjr3TXt6zgiMXIg53V9G6Qbi5HlJ32OjvCCsV1oRlmltxKr8hqCZcmsURJlzBokpcYmT7t5fBjx3ztde7wn7nMn3Qlwvziax3qC2kAdc1%2BSl"}],"group":"cf-nel","max_age":604800}
content-type
text/plain; charset=UTF-8
cf-ray
7ba000b9e9d92c7a-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
sT94e_Y9T67XXT_Bc0Lekmp70Liu2pVFNITCmIvtqgQ.js
pagead2.googlesyndication.com/bg/ Frame 7D1A 		36 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/sT94e_Y9T67XXT_Bc0Lekmp70Liu2pVFNITCmIvtqgQ.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
sffe /
Resource Hash
b13f787bf63d4faed75d3fc17342de926a7bd0b8aeda95453484c2988bedaa04
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 17 Apr 2023 06:50:35 GMT
content-encoding
br
x-content-type-options
nosniff
age
139127
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14077
x-xss-protection
0
last-modified
Tue, 11 Apr 2023 10:38:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 16 Apr 2024 06:50:35 GMT
generate_204
tpc.googlesyndication.com/ Frame 7D1A 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?kKiGZg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.212.129 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s21-in-f1.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 18 Apr 2023 21:29:22 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
sodar
pagead2.googlesyndication.com/pagead/ Frame DFCB 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20230413&jk=1330071943405554&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
v2
ap.lijit.com/readerinfo/
Redirect Chain
  • https://ap.lijit.com/readerinfo/v2
  • https://ap.lijit.com/readerinfo/v2?sovrn_retry=true
41 B
473 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/readerinfo/v2?sovrn_retry=true
Protocol
HTTP/1.1
Server
216.52.2.30 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
6138bd98d5a3d80da4c52ad19d05ba3da540fda4b37bc33a9f5e7d8bf1743b80

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://bareeqal5alij.hewaaya.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 18 Apr 2023 21:29:23 GMT
Content-Encoding
gzip
Vary
Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/json
Access-Control-Allow-Origin
https://bareeqal5alij.hewaaya.com
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap6ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
61

Redirect headers

Date
Tue, 18 Apr 2023 21:29:22 GMT
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Location
https://ap.lijit.com/readerinfo/v2?sovrn_retry=true
Access-Control-Allow-Origin
https://bareeqal5alij.hewaaya.com
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap6ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
0
sodar
pagead2.googlesyndication.com/pagead/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20230413&jk=1330071943405554&bg=!7-yl7LjNAAZA7GLoYOw7ADkAdvg8WoLut0jKNzM9SdwgMZRVTzrEBoUfyttMPn4Z3mqWGXrJHJ-ZV4iXbVrJdj777CoDd_CqHLsCAAAAP1IAAAADaAEHmQKpZH3azcsfJNXXAEIk-Kbr83jbu5KxdVe2ahHas-6h-4ODddZwNysXElmiFl9WHTlTzM3PbmPWOBqTT2TFY-XcAR2dqFQpKbDbda5WgZycbckUm6HUjxDVIskY0wntbsVkHNVePxVtohI8gHaXXeoQ-pJYL98ExTo2QDjYDDuE8vqcXIcI-dQVIAtNSuWiHZxnv7TDgS2iUuuvB31wRncuqOn40rgMUTRKTO14X3-ZdZ0wj4iem9WLQ7oCIFBzn-feca0b8i1ioWYO6-D25AbQLuMUafsJ6G3oIjs_EzeIF_cXQeo1rmfYnjEYUTpXamB-blWGIPaZNgUUddbO8YnX7hGOyi5izTPoUIb912ZJYsOQG9rRwabswGx3QXs36PZ5lmaZ2qHwe8I1VYsGCZSV1O-2l2KTqSBYdJFG2rh9iN7--ueMKwSlK-h51hjM9n0wVoWCqBsg0ks0tfiXzeroOm_3lRnUEVwAhxABKjmEgm8btXDlV2dym9bSYDZcjg3k16w-gfYB7H6G6Jwghf9b0SZmoA4Rek6H_szZGg85QE_LsDuIJDapp1GYeXu6o4zdXV5OFkAdU8J2n98izJ2ZJUfitAWGPUX2tnLs1mBzD1S-wsfYOGvhVAqbJB-arErYsJ8TE3OCmBfKAgOvPevRyJMAzdTyTrgcNIVYjnqwuEJwBpsFGIwEuHCIKCTa4Ew4KRKunXK8uNrmrrAR9TPFjoeTQLpfiRz3AqeVog0Awaa83R8n7WkyCqzgO5569I64vG1Ad617G_keSdawADmWNT1zt_dgM3M3xQL7UP4NTHQB5uQydyPtar9LPDgedAaqjpKEmGPLmWEzrpu3GV8DlhW53X-dmXjKW1a_RFEJDAmB6GfpEVjODe8or6v1NotDj9kXcFUYbJYv
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
ka-GE,ka;q=0.9
Referer
https://bareeqal5alij.hewaaya.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
lj_match
um.simpli.fi/ 		0
0
57333
i.liadm.com/s/ 		0
0
Portal.html
get.s-onetag.com/underground-sync-portal/ Frame 3000 		85 B
481 B 		Document
General
Check archive.org
Download Go to
Full URL
https://get.s-onetag.com/underground-sync-portal/Portal.html
Requested by
Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.66.74 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-66-74.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
c5a9c1da2841785221f3cbd5d59fb206a46a9f7b87acd9defbaaad16da7bc10f

Request headers

Referer
https://bareeqal5alij.hewaaya.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
ka-GE,ka;q=0.9

Response headers

accept-ranges
bytes
age
593396
cache-control
max-age=864000
content-length
85
content-type
text/html
date
Wed, 12 Apr 2023 00:39:28 GMT
etag
"131a68f1a3ad405d816af56e04b93481"
last-modified
Mon, 24 Aug 2020 10:07:31 GMT
server
AmazonS3
vary
Accept-Encoding
via
1.1 afb3db4ac63e94a7684b97827417941c.cloudfront.net (CloudFront)
x-amz-cf-id
t6dPHdHZym2C7ODc3Tig-QCseFk7jNh32d0WPAbo37VxtlrFvTKC-g==
x-amz-cf-pop
FRA56-C1
x-amz-version-id
DQOg1_kyPY_kvsj6PY1Vb4lkt_z.UEMu
x-cache
Hit from cloudfront
Portal.js
get.s-onetag.com/underground-sync-portal/ Frame 3000 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
um.simpli.fi
URL
https://um.simpli.fi/lj_match?r=39501
Domain
i.liadm.com
URL
https://i.liadm.com/s/57333?bidder_id=204553&bidder_uuid=GgNpuSZHMjuaMUr3Sg-GVjU6&rnd=52119
Domain
get.s-onetag.com
URL
https://get.s-onetag.com/underground-sync-portal/Portal.js

Verdicts & Comments Add Verdict or Comment

89 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 boolean| credentialless object| _Hasync string| qa_root string| qa_request function| $ function| jQuery function| qa_reveal function| qa_conceal function| qa_set_inner_html function| qa_set_outer_html function| qa_show_waiting_after function| qa_hide_waiting function| qa_vote_click function| qa_notice_click function| qa_favorite_click function| qa_ajax_post function| qa_ajax_error function| qa_display_rule_show object| qa_element_revealed function| qa_toggle_element function| qa_submit_answer function| qa_submit_comment function| qa_answer_click function| qa_comment_click function| qa_show_comments function| qa_form_params function| qa_scroll_page_to function| qa_title_change function| qa_html_unescape function| qa_html_escape function| qa_tag_click function| qa_tag_hints function| qa_tags_to_html function| qa_caret_from_end function| qa_tag_typed_parts function| qa_category_select function| set_category_description function| qa_submit_wall_post function| qa_wall_post_click function| qa_pm_click object| b object| adsbygoogle object| __cfQR object| google_js_reporting_queue number| google_srt object| google_logging_queue number| tmod object| google_ad_modifications object| ggeac object| google_persistent_state_async boolean| google_measure_js_timing object| google_tag_data object| google_reactive_ads_global_state object| google_sa_queue function| google_process_slots function| google_spfd number| google_unique_id object| google_sv_map number| google_rum_task_id_counter string| google_user_agent_client_hint function| chfh function| chfh2 string| _HST_cntval object| Histats function| google_sa_impl object| googleToken object| googleIMState boolean| _gfp_p_ function| processGoogleToken number| google_global_correlator object| google_prev_clients object| gaGlobal object| ampInaboxIframes object| ampInaboxPendingMessages object| _HistatsCounterGraphics_0_setValues object| a object| cv object| _dtspv object| __connect boolean| __cfRLUnblockHandlers number| char object| GoogleGcLKhOms object| __underground object| google_image_requests

28 Cookies

Domain/Path Name / Value
bareeqal5alij.hewaaya.com/ Name: PHPSESSID
Value: earotiu3nk9nl1ef67nuh7jsd7
bareeqal5alij.hewaaya.com/ Name: qa_key
Value: u2o3168zr8j7jwkq76olhufqd3vnbmqu
bareeqal5alij.hewaaya.com/ Name: HstCfa4631733
Value: 1681853358530
bareeqal5alij.hewaaya.com/ Name: HstCla4631733
Value: 1681853358530
bareeqal5alij.hewaaya.com/ Name: HstCmu4631733
Value: 1681853358530
bareeqal5alij.hewaaya.com/ Name: HstPn4631733
Value: 1
bareeqal5alij.hewaaya.com/ Name: HstPt4631733
Value: 1
bareeqal5alij.hewaaya.com/ Name: HstCnv4631733
Value: 1
bareeqal5alij.hewaaya.com/ Name: HstCns4631733
Value: 1
.doubleclick.net/ Name: test_cookie
Value: CheckForPermission
.hewaaya.com/ Name: __gads
Value: ID=1ff8168fa43286f5-22d710c59ddd00a5:T=1681853359:RT=1681853359:S=ALNI_Ma4ZWq-7JKMVWJNjKRhAlzP-JdQVA
.hewaaya.com/ Name: __gpi
Value: UID=00000bd817ef6430:T=1681853359:RT=1681853359:S=ALNI_MbdFyl8wafrrgRH6yZ84jdmqx_gQQ
.dtscout.com/ Name: m
Value: 1
.dtscout.com/ Name: oa
Value: 1
.dtscout.com/ Name: df
Value: 1681853360
.dtscout.com/ Name: l
Value: 10401681853360FC29796B579B3A6620
.hewaaya.com/ Name: __dtsu
Value: 10401681853360FC29796B579B3A6620
.onaudience.com/ Name: cookie
Value: 46bcc29f55b02d56
.onaudience.com/ Name: done_redirects147
Value: 1
.dtscdn.com/ Name: uid
Value: 10401681853360FC29796B579B3A6620
.crwdcntrl.net/ Name: _cc_dc
Value: 1
.crwdcntrl.net/ Name: _cc_id
Value: e5b7cf062dad48f75e4012f638e7be6b
.adsrvr.org/ Name: TDID
Value: 30f2a399-959b-4c21-b26c-e6ed3e6baf58
.adsrvr.org/ Name: TDCPM
Value: CAEYBSABKAIyCwjs1eTL1pfgOxAFOAE.
.onaudience.com/ Name: done_redirects104
Value: 1
.hewaaya.com/ Name: __cf_bm
Value: 3RcdIMQMc_hXX6bf6Kd4q.uQywxMfBTnIOd1fmRewSE-1681853362-0-AcawErKhbjiI0KWAJE93xyRGQevx2Rmij7Mxd1rnrRhTpujW8UJNlKEUr+kEswkSTLdpKugb5tvXcv7iRoGaVEPcXt4lPhtr8Mi/36HHlItI
.lijit.com/ Name: ljt_reader
Value: GgNpuSZHMjuaMUr3Sg-GVjU6
.onaudience.com/ Name: done_redirects219
Value: 1

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
adservice.google.ge
ap.lijit.com
bareeqal5alij.hewaaya.com
bcp.crwdcntrl.net
cm.g.doubleclick.net
data-beacons.s-onetag.com
e.dtscout.com
fonts.googleapis.com
fonts.gstatic.com
get.s-onetag.com
googleads.g.doubleclick.net
i.liadm.com
match.adsrvr.org
mwzeom.zeotap.com
onetag-geo.s-onetag.com
pagead2.googlesyndication.com
partner.googleadservices.com
pixel.onaudience.com
s10.histats.com
s4.histats.com
spl.zeotap.com
sync.crwdcntrl.net
t.dtscdn.com
t.dtscout.com
tpc.googlesyndication.com
um.simpli.fi
www.google.com
get.s-onetag.com
i.liadm.com
um.simpli.fi
13.32.27.118
141.101.120.11
141.94.170.77
142.250.181.226
142.250.181.234
142.250.184.194
142.250.184.195
142.250.185.194
142.250.186.164
142.250.186.66
142.250.186.98
149.56.240.27
172.217.18.2
172.67.13.182
172.67.74.186
18.66.112.48
188.114.96.3
216.52.2.30
216.58.212.129
34.247.20.4
46.105.201.240
52.223.40.198
54.194.98.250
65.9.66.74
07a75636966b34dd8bbafee0ebced659b03bab0e57641e1fa035ca7da0bd39ce
07dbb740764ddcc657e44a4f2767a85c877c6c92262615acefe839c0ca07c9e9
0f71fb174eb8deadb5267975fab9d43cb8e95d97dae866685cd78e8dc6741f48
1e74aff7c1462215c29331919f14a3634c14ce05f0068d53ddc3092f4b249c09
1f3f49de2b191434de465c9cfe7aed7596ecaef88f40610a75a927cc6d75eb46
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
2defe59e357a7d0683c8283ac42841db404a0884cae2eaecebf4b676e559dede
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
3bf914070ac7871eca35a20bdb2054968b58facf19a48184067725b811d16ab6
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
42016f526ed20e213828d483253aae0c4b961c287bd09ca8a08d11492217b0ee
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
56f96a86608f909def112b04769e0cc0fe665c3a308c7fa7eec0d23ac1eddab2
58bb8299d12e5da9f688e2e5b299a4eeaa790c58a47f68275c0d119b98e7c837
5b4bfd6070787f7a48c4bca40666b384d308b856e06926a0c0ca49e1b4cfc609
5eecfa645aee35cb0c6820e187451ab14a9df51283635a2117d7ba866a6a74aa
6138bd98d5a3d80da4c52ad19d05ba3da540fda4b37bc33a9f5e7d8bf1743b80
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
67d60e82e0290b540551880e0317d1950a2b317c4858d2214a11342f9b036785
6a1d78632f6bf75f6b0b92f735cf8b48cc24e78516e65911a4ccb4701117ac54
6b38386219bb3b5762483124b2ba76b971819c7fc0b02d8e1785dcfb9c613fcc
6bec6d2d59cf6e5dd548ed6582497417a1e1ab7b370ef3111d612fb5d96b5110
74fd8be2ddcad280054a8e0edf5a4c503396b806aaeb9afad7218cf4329b4556
8a4af194e6621eb59bfffa9ed641b5713738b453bfa154e2da57ff6c25f42a1b
8e689b8228bc3b05baf7bf826d201da199d1d76e2bf850c57e41afc6704b7408
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5bf7103a913c517d20c996abfca950b0364ea4731145082ba5d5c2cf86e1b42
af6f44df0efe01d849acbb05b7e0a4469331bb1df28cb1da41a4e58971a9ecc8
b13f787bf63d4faed75d3fc17342de926a7bd0b8aeda95453484c2988bedaa04
b79950172d0e6c3091a44a69d615ee5711f57bb59e202b2a383d48e4ca2a4ce3
bf32ee4508ad80399b6bd61925477275a8825a41d4c3b8a77e95ca8582f97f97
c5a9c1da2841785221f3cbd5d59fb206a46a9f7b87acd9defbaaad16da7bc10f
c7aca9ebef12465aad206aae5351ba575eebe4b5e3f0fb1d99f4f92f1c4f396d
ca070dfc7785775cbf5cce16064029ee534259de42c6d9de10e476e710000e93
cb52841cab886f2b531c9206f4fd50716bb919e5ab656533bcdbf3311bfd9622
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
d30b6114fb9496ae46b2a8cdf59379c8ffdb957534bd1dd73e626c7c61c7e67d
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e52508a92974be741352ac225ea35e3231265220176348e2af4aa10797a23049
f15f7d431618d49bf9f5cf21844859b901fb8d1f2b4dc410e3042db797362591
f5802a6a61b055db582426e1a8d9f9d0a9808480baaffb710e57a8f1fa941830
f8361d9d72daad374744cb742e09812bb74e0bbd591d98851cc928ec5ff976c4