xosoketqua.com Open in urlscan Pro
104.26.3.210  Public Scan

10 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 63

• https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=mgid&endpoint=us-west&gdpr=0&gdpr_consent=&us_privacy= HTTP 301
• https://eus.rubiconproject.com/usync.html?p=mgid&endpoint=us-west&gdpr=0&gdpr_consent=&us_privacy=

Request Chain 64

• https://image8.pubmatic.com/AdServer/ImgSync?p=161673&gdpr=0&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D161673%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fcm.mgid.com%252Fm%253Fcdsp%253D712807%2526c%253D%2523PMUID HTTP 302
• https://image8.pubmatic.com/AdServer/ImgSync?p=161673&gdpr=0&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D161673%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fcm.mgid.com%252Fm%253Fcdsp%253D712807%2526c%253D%2523PMUID&rdf=1 HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=OEEyRUM5RDctNzkyRC00NTFCLUE0QzktOTE1QTYxRkUwQTZC&gdpr=0&gdpr_consent= HTTP 302
• https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent= HTTP 302
• https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent= HTTP 302
• https://image4.pubmatic.com/AdServer/SPug?gdpr=0&partnerID=161673&pmc=1&pr=https%3A%2F%2Fcm.mgid.com%2Fm%3Fcdsp%3D712807%26c%3D8A2EC9D7-792D-451B-A4C9-915A61FE0A6B HTTP 302
• https://cm.mgid.com/m?cdsp=712807&c=8A2EC9D7-792D-451B-A4C9-915A61FE0A6B

Request Chain 65

• https://pixel.tapad.com/idsync/ex/receive?partner_id=3411&partner_device_id=n42wZNd_GwEj HTTP 302
• https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3411&partner_device_id=n42wZNd_GwEj

Request Chain 67

• https://match.adsrvr.org/track/cmf/generic?ttd_pid=omn67hl&ttd_tpi=1 HTTP 302
• https://match.adsrvr.org/track/cmb/generic?ttd_pid=omn67hl&ttd_tpi=1 HTTP 302
• https://cm.mgid.com/m?cdsp=371158&c=b18a4556-6f30-4db9-9e17-a4131a2c02c8&ttl=1685673633

Request Chain 68

• https://cm.g.doubleclick.net/pixel?google_nid=marketgid&google_cm=&google_ula={guid}&google_hm=bjQyd1pOZF9Hd0Vq&muidn=n42wZNd_GwEj HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=marketgid&google_cm=&google_ula={guid}&google_hm=bjQyd1pOZF9Hd0Vq&muidn=n42wZNd_GwEj&google_tc= HTTP 302
• https://cm.mgid.com/google?muidn=n42wZNd_GwEj&google_ula={guid},5&google_gid=CAESECUWP4Qk6GFT32zG60r4cy4&google_cver=1

Request Chain 69

• https://ad.360yield.com/server_match?partner_id=1944&r=https%3A%2F%2Fcm.mgid.com%2Fm%3Fcdsp%3D665953%26c%3D%7BPUB_USER_ID%7D HTTP 302
• https://ad.360yield.com/ul_cb/server_match?partner_id=1944&r=https%3A%2F%2Fcm.mgid.com%2Fm%3Fcdsp%3D665953%26c%3D%7BPUB_USER_ID%7D HTTP 302
• https://cm.mgid.com/m?cdsp=665953&c=04ae4514-1461-466a-830e-a85f61b0ab72

Request Chain 70

• https://x.bidswitch.net/sync?dsp_id=303&user_id=n42wZNd_GwEj&gdpr=0&gdpr_consent=&us_privacy= HTTP 302
• https://x.bidswitch.net/ul_cb/sync?dsp_id=303&user_id=n42wZNd_GwEj&gdpr=0&gdpr_consent=&us_privacy= HTTP 302
• https://s.pubmine.com/match?bidder_id=1&external_user_id=ccda0fcd-ed37-4d5b-b377-abcc0f5afb37&ssp_data=&gdpr=0&gdpr_consent= HTTP 302
• https://s.pubmine.com/ul_cb/match?bidder_id=1&external_user_id=ccda0fcd-ed37-4d5b-b377-abcc0f5afb37&ssp_data=&gdpr=0&gdpr_consent=

Request Chain 72

• https://creativecdn.com/cm-notify?pi=mgid HTTP 302
• https://creativecdn.com/cm-notify?pi=mgid&tc=1 HTTP 302
• https://cm.mgid.com/m?cdsp=501037&c=RniooogkXwJ6kCQZs9E2&pi=mgid&tc=1

Request Chain 73

• https://x.bidswitch.net/sync?ssp=mgid HTTP 302
• https://x.bidswitch.net/ul_cb/sync?ssp=mgid HTTP 302
• https://cms.quantserve.com/pixel/p-zLwwakwy-hZw3.gif?idmatch=0&ssp=mgid&gdpr=&gdpr_consent=

Request Chain 74

• https://prebid.a-mo.net/cchain/0?gdpr=0&gdpr_consent=&us_privacy=&cb=https%3A//cm.mgid.com/m%3Fcdsp%3D779131%26c%3D HTTP 302
• https://ssum.casalemedia.com/usermatchredir?s=191503&gdpr=1&gdpr_consent=&us_privacy=&cb=https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F1%2F541%3Fgdpr%3D0%26gdpr_consent%3D%26us_privacy%3D%26A%3De31c0eed-debd-4bd5-9413-2c1674356d05%26bidder%3Dindex_rtb%26cbx%3DaHR0cHM6Ly9jbS5tZ2lkLmNvbS9tP2Nkc3A9Nzc5MTMxJmM9%26uid%3D HTTP 302
• https://ssum.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F1%2F541%3Fgdpr%3D0%26gdpr_consent%3D%26us_privacy%3D%26A%3De31c0eed-debd-4bd5-9413-2c1674356d05%26bidder%3Dindex_rtb%26cbx%3DaHR0cHM6Ly9jbS5tZ2lkLmNvbS9tP2Nkc3A9Nzc5MTMxJmM9%26uid%3D&gdpr=1&gdpr_consent=&s=191503&us_privacy=&C=1 HTTP 302
• https://prebid.a-mo.net/cchain/1/541?gdpr=0&gdpr_consent=&us_privacy=&A=e31c0eed-debd-4bd5-9413-2c1674356d05&bidder=index_rtb&cbx=aHR0cHM6Ly9jbS5tZ2lkLmNvbS9tP2Nkc3A9Nzc5MTMxJmM9&uid=ZFHJotEelKBIdJMlNEM-MQAA%261175 HTTP 302
• https://image8.pubmatic.com/AdServer/ImgSync?p=158355&gdpr=1&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D158355%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fprebid.a-mo.net%252Fcchain%252F2%252F541%253Fgdpr%253D0%2526gdpr_consent%253D%2526us_privacy%253D%2526A%253De31c0eed-debd-4bd5-9413-2c1674356d05%2526bidder%253Dpubmatic%2526cbx%253DaHR0cHM6Ly9jbS5tZ2lkLmNvbS9tP2Nkc3A9Nzc5MTMxJmM9%2526uid%253D%2523PMUID

Request Chain 75

• https://sync.e-volution.ai/34b9aae5baa016b251b9fc488f4a97cd.gif?puid=n42wZNd_GwEj&gdpr=0&gdpr_consent=&ccpa_consent= HTTP 302
• https://ssbsync.smartadserver.com/api/sync?callerId=24&gdpr=0&gdpr_consent=&us_privacy= HTTP 302
• https://sync.e-volution.ai/a02d62607dea0c97e41ff36ebd422945.gif?puid=8029469247543697508&gdpr=0&gdpr_consent= HTTP 302
• https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-pashadv&gdpr=0&gdpr_consent=&us_privacy=

Request Chain 94

• https://pixel-us-west.rubiconproject.com/exchange/sync.php?p=mgid&gdpr=0&gdpr_consent=&us_privacy=&gdpr=0&khaos=LH73CKMM-J-GBWS HTTP 302
• https://cm.mgid.com/m?cdsp=43070&c=LH73CKMM-J-GBWS&gdpr=0

Request Chain 95

• https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc&gdpr=0 HTTP 302
• https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&gdpr=0&put=CAESEOmti67TFTSqRfz4TxND0GE&google_cver=1

Request Chain 96

• https://token.rubiconproject.com/token?pid=36584&gdpr=0 HTTP 302
• https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LH73CKMM-J-GBWS&gdpr=0

Request Chain 97

• https://token.rubiconproject.com/token?pid=2974&pt=n&a=1&gdpr=0 HTTP 302
• https://pr-bh.ybp.yahoo.com/sync/rubicon/qxY8TMaMkbdwE6ZgCsxk6w?csrc=&gdpr=0 HTTP 302
• https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-zfF2HGNE2oKCxqAhXVO5yiPnSlcOPupkKmCyYg--~A

Request Chain 98

• https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&gdpr=0 HTTP 302
• https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&gdpr=0&dcc=t HTTP 302
• https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=ij_eGjVNR3O8rhxmjpO9Zg&rk=usync-na&gdpr=0 HTTP 302
• https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=ij_eGjVNR3O8rhxmjpO9Zg&gdpr=0

Request Chain 99

• https://token.rubiconproject.com/token?pid=2249&pt=n&gdpr=0 HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=MmI3ZjJlODc1NzZhYWRjNmU1MTQ2NzE2YTQ3OTc5MTFjMDNjM2M4OA&gdpr=0

Request Chain 100

• https://match.adsrvr.org/track/cmf/rubicon?gdpr=0 HTTP 302
• https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=b18a4556-6f30-4db9-9e17-a4131a2c02c8&gdpr=0&gdpr_consent=&expires=30

Request Chain 101

• https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&gdpr=0 HTTP 302
• https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&gdpr=0&dcc=t HTTP 302
• https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=GfsVK1vZTrO4n5oGsog0qg&rk=usync-other&gdpr=0 HTTP 302
• https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=GfsVK1vZTrO4n5oGsog0qg&gdpr=0

Request Chain 102

• https://token.rubiconproject.com/token?pid=25470&gdpr=0 HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=rp&google_cm&google_hm=TEg3M0NLTU0tSi1HQldT&gdpr=0 HTTP 302
• https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&gdpr=0&google_gid=CAESEA9tUH-ReNouJIMGh7xNIPk&google_cver=1 HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEg3M0NLTU0tSi1HQldT&google_push=&gdpr=0

110 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response xosoketqua.com/	265 KB 62 KB	940ms 534ms	Document text/html	104.26.3.210 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://xosoketqua.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.26.3.210 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 91bce5213612c7f00df737a014c6a99d5f203e21a741e3093225581a3eb01650 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 accept-language ka-GE,ka;q=0.9 Response headers alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 cache-control max-age=0 cf-cache-status DYNAMIC cf-ray 7c1523822df8994e-FRA content-encoding br content-type text/html; charset=utf-8 date Wed, 03 May 2023 02:40:21 GMT last-modified Wed, 03 May 2023 02:40:21 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mveQHaHGQTuKbSwUfjSo%2BqUZwxOtn8SMnT1Su6gkh%2F6yVM4VuU4qwPPpUK%2FeLLkTAkjvHMRs86XPEiy7BDOVOzS3kx5V%2BQ46YbTjazZcX6NWM8b6ThQFNeaIHeHmCxeo"}],"group":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding
GET H2	200	newstyle.css xosoketqua.com/xskt/assets/	66 KB 15 KB	141ms 140ms	Stylesheet text/css	104.26.3.210 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://xosoketqua.com/xskt/assets/newstyle.css?v=4 Requested by Host: xosoketqua.com URL: https://xosoketqua.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.26.3.210 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash b823354b963ed99d133f9394910528fb3ede32d2e6a2f0dd259c4a2542448d4f Request headers accept-language ka-GE,ka;q=0.9 Referer https://xosoketqua.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Wed, 03 May 2023 02:40:21 GMT content-encoding br cf-cache-status HIT cf-bgj minify last-modified Tue, 02 May 2023 10:39:25 GMT server cloudflare age 38775 cf-polished origSize=67433 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VWQwEa297GbElcPgAb%2Fw4TF2yPsrZQaEeSJCuUoZmsqzxveBEtE7mmqeIyVfQLvL1vaYq6v2gZzOJBFGQoe%2FJFFEjWgmkkm8h9YTwG7S%2BSxtkmq%2BnkYxhaGeRwXY%2Bg68"}],"group":"cf-nel","max_age":604800} content-type text/css; charset=utf-8 cache-control max-age=90000 cf-ray 7c152385a805994e-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET H3	200	_logo_ketqua.jpg xosoketqua.com/xskt/img/	3 KB 4 KB	139ms 138ms	Image image/jpg	104.26.3.210 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://xosoketqua.com/xskt/img/_logo_ketqua.jpg Requested by Host: xosoketqua.com URL: https://xosoketqua.com/ Protocol H3 Security QUIC, , AES_128_GCM Server 104.26.3.210 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 613b3fddc9e515dbc5fe3b0926cdf3b4123a3ea43ce004764bcf30cc8c948398 Request headers accept-language ka-GE,ka;q=0.9 Referer https://xosoketqua.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Wed, 03 May 2023 02:40:22 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 2575 cf-polished origSize=3651, status=webp_bigger alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 3201 cf-bgj imgq:85,h2pri last-modified Tue, 02 May 2023 10:39:25 GMT server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8LsNYkDVK3iCCl90dDrlZ%2FpFRA7iadhNFnra%2BA6W2hNRsciMSU7LVQ6IDcVJXKcapvaOkhmyZ%2BYqhuqoJ4ZXtKNVYAWFyDOmq2srLo3g2dmqdytUyEJiQYedPGbcrr1g"}],"group":"cf-nel","max_age":604800} content-type image/jpg cache-control max-age=90000 accept-ranges bytes cf-ray 7c1523898b74383e-FRA
GET H3	200	home.png xosoketqua.com/images/	190 B 714 B	142ms 141ms	Image image/webp	104.26.3.210 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://xosoketqua.com/images/home.png Requested by Host: xosoketqua.com URL: https://xosoketqua.com/ Protocol H3 Security QUIC, , AES_128_GCM Server 104.26.3.210 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 9260f1a6f656ed661a4ddcc4c5e3fec14fee4367511a6259d1291035d9d3692a Request headers accept-language ka-GE,ka;q=0.9 Referer https://xosoketqua.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Wed, 03 May 2023 02:40:22 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 2576 cf-polished origFmt=png, origSize=350 content-disposition inline; filename="home.webp" alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 190 cf-bgj imgq:85,h2pri last-modified Tue, 02 May 2023 19:34:17 GMT server cloudflare vary Accept report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5oos0D3bcHj9bJf4HjfzsOf9dBnlaGquj5phRCEzsV4vWRJPh3NcbqKr8X86K6vBYvfrcLMvwpi6z5mMMuwSCod%2BmqN%2FeEjR%2FgWmhldQm52BF6dMb%2FIeSeVOG8ch2CtG"}],"group":"cf-nel","max_age":604800} content-type image/webp cache-control max-age=90000 accept-ranges bytes cf-ray 7c1523898b78383e-FRA
GET H3	200	account.png xosoketqua.com/images/	142 B 670 B	137ms 135ms	Image image/webp	104.26.3.210 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://xosoketqua.com/images/account.png Requested by Host: xosoketqua.com URL: https://xosoketqua.com/ Protocol H3 Security QUIC, , AES_128_GCM Server 104.26.3.210 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash d6d1bae8089a362fc446bf9ec7d8390078397a48d4ed2c39f2c17a552adae0fc Request headers accept-language ka-GE,ka;q=0.9 Referer https://xosoketqua.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Wed, 03 May 2023 02:40:22 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 2576 cf-polished origFmt=png, origSize=256 content-disposition inline; filename="account.webp" alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 142 cf-bgj imgq:85,h2pri last-modified Tue, 02 May 2023 10:39:24 GMT server cloudflare vary Accept report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1KyR7NJ7vV2nUFFIYiS1aF%2F%2FitU%2BSVh8yGeepA15bdnwYv4MwGIHm1iIRsfTfUSyaSopJjKqaEkO2j%2FsCfKGj0y1EShPESjUIx3AbnW6hDgldRwv5j7wWT2YxoFTw%2FUb"}],"group":"cf-nel","max_age":604800} content-type image/webp cache-control max-age=90000 accept-ranges bytes cf-ray 7c1523898b7b383e-FRA
GET H3	200	menu-min.png xosoketqua.com/images/	150 B 675 B	137ms 136ms	Image image/webp	104.26.3.210 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://xosoketqua.com/images/menu-min.png Requested by Host: xosoketqua.com URL: https://xosoketqua.com/ Protocol H3 Security QUIC, , AES_128_GCM Server 104.26.3.210 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 31fd8f47eda51f040e9b86f052b19c2abc888719bca65129d37b407fc13ff1d9 Request headers accept-language ka-GE,ka;q=0.9 Referer https://xosoketqua.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Wed, 03 May 2023 02:40:22 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 2575 cf-polished origFmt=png, origSize=201 content-disposition inline; filename="menu-min.webp" alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 150 cf-bgj imgq:85,h2pri last-modified Tue, 02 May 2023 18:10:58 GMT server cloudflare vary Accept report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VZqaixBo9ssn7cQ2tVg3PrG5zsXkHS6sW0H9Bwi2yUf2iYuItMYaQoMa2WYw3d%2F7Gxtd1MMXvaj2VVA%2FIqsyTELEPW14%2FcJsRp1b7NvTs7PcFeSwkzCdFQwhRy6u30NQ"}],"group":"cf-nel","max_age":604800} content-type image/webp cache-control max-age=90000 accept-ranges bytes cf-ray 7c1523898b7d383e-FRA
GET H3	200	close-min.png xosoketqua.com/images/	208 B 738 B	139ms 138ms	Image image/webp	104.26.3.210 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://xosoketqua.com/images/close-min.png Requested by Host: xosoketqua.com URL: https://xosoketqua.com/ Protocol H3 Security QUIC, , AES_128_GCM Server 104.26.3.210 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 306843cbe2fefd30393d5f0e1928043a6032b9d318b84540983cb622ed2a0f46 Request headers accept-language ka-GE,ka;q=0.9 Referer https://xosoketqua.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Wed, 03 May 2023 02:40:22 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 2575 cf-polished origFmt=png, origSize=255 content-disposition inline; filename="close-min.webp" alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 208 cf-bgj imgq:85,h2pri last-modified Tue, 02 May 2023 18:37:35 GMT server cloudflare vary Accept report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=C0JZwXgpZM%2F5atHXc2vQIdp3jMMARUybGUQmB4Ipuy7T4Qq2IZd8p1sV68QttGXOuAEcM8ZwvyO7Kle7BZ3zpLi1E6%2B2fhXIXrakLeXSJoa39B8rkwLL4%2F%2FveG%2FZ043K"}],"group":"cf-nel","max_age":604800} content-type image/webp cache-control max-age=90000 accept-ranges bytes cf-ray 7c1523898b7e383e-FRA
GET H/1.1	200 OK	keno.png vsmb.vn/images/logo/	49 KB 49 KB	2295ms 1562ms	Image image/png	171.244.57.133 CHT Compamy Ltd
General Check archive.org Show headers Download Go to Show image Full URL https://vsmb.vn/images/logo/keno.png Requested by Host: xosoketqua.com URL: https://xosoketqua.com/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 171.244.57.133 Hanoi, Viet Nam, ASN38731 (VTDC-AS-VN Vietel - CHT Compamy Ltd, VN), Reverse DNS Software nginx/1.10.3 (Ubuntu) / Resource Hash 5dfed40ccba55fc860da7bbb9e118c57cb2c9c1c6064869a42c25c413676f686 Request headers accept-language ka-GE,ka;q=0.9 Referer https://xosoketqua.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Wed, 03 May 2023 02:40:23 GMT Last-Modified Sun, 14 Aug 2022 18:59:29 GMT Server nginx/1.10.3 (Ubuntu) ETag W/"c20d-1829db9b268" Content-Type image/png Cache-Control public, max-age=0 Connection keep-alive Accept-Ranges bytes Content-Length 49677
GET H/1.1	200 OK	loto.68a6347.png docdac.vn/_nuxt/img/	4 KB 5 KB	1497ms 355ms	Image image/png	171.244.57.133 CHT Compamy Ltd
General Check archive.org Show headers Download Go to Show image Full URL https://docdac.vn/_nuxt/img/loto.68a6347.png Requested by Host: xosoketqua.com URL: https://xosoketqua.com/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 171.244.57.133 Hanoi, Viet Nam, ASN38731 (VTDC-AS-VN Vietel - CHT Compamy Ltd, VN), Reverse DNS Software nginx/1.10.3 (Ubuntu) / Resource Hash 195e566041810359c6701d720739056a0117895f96d363ba31083a36293fa657 Request headers accept-language ka-GE,ka;q=0.9 Referer https://xosoketqua.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Wed, 03 May 2023 02:40:23 GMT Last-Modified Wed, 25 Jan 2023 16:39:22 GMT Server nginx/1.10.3 (Ubuntu) ETag "63d15b3a-116f" Content-Type image/png Connection keep-alive Accept-Ranges bytes Content-Length 4463
GET H2	403	loading_icon_version2.gif cdn.xosodaiphat.com//images/	0 0	1423ms 138ms	Image text/html	104.18.20.76 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://cdn.xosodaiphat.com//images/loading_icon_version2.gif Requested by Host: xosoketqua.com URL: https://xosoketqua.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.18.20.76 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language ka-GE,ka;q=0.9 Referer https://xosoketqua.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers
GET H3	200	tinhwaiting.gif xosoketqua.com/xskt/img/	4 KB 5 KB	135ms 135ms	Image image/webp	104.26.3.210 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://xosoketqua.com/xskt/img/tinhwaiting.gif Requested by Host: xosoketqua.com URL: https://xosoketqua.com/ Protocol H3 Security QUIC, , AES_128_GCM Server 104.26.3.210 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash c62e745470fae8a17a2241b5305f55ec2876b67b66de977faf03c9d65b6e54c6 Request headers accept-language ka-GE,ka;q=0.9 Referer https://xosoketqua.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Wed, 03 May 2023 02:40:22 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 2575 cf-polished origFmt=gif, origSize=4559 content-disposition inline; filename="tinhwaiting.webp" alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 4138 cf-bgj imgq:85,h2pri last-modified Tue, 02 May 2023 10:40:24 GMT server cloudflare vary Accept report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=v%2FCA4m3eNDT7n38VKkD59T%2F7HnCM6OM1xxZfWMR09LMQRNHDcb3RJCefmr9A%2FntVz9ZV7P1fYc0XL8Imui%2FjANRmyEYCN8M91iGnWT5OtuOKSZSIm6FF2LwZyGYdqKVy"}],"group":"cf-nel","max_age":604800} content-type image/webp cache-control max-age=90000 accept-ranges bytes cf-ray 7c152389dbb4383e-FRA
GET H3	200	dudoan_xsmb_7.jpg xosoketqua.com/images/article/dudoan/	110 KB 111 KB	3645ms 3645ms	Image image/webp	104.26.3.210 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://xosoketqua.com/images/article/dudoan/dudoan_xsmb_7.jpg Requested by Host: xosoketqua.com URL: https://xosoketqua.com/ Protocol H3 Security QUIC, , AES_128_GCM Server 104.26.3.210 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash ca878c3a2a355fe4386a5cadbeceb57401ef715efb5b2b54245ed73f7b004bfc Request headers accept-language ka-GE,ka;q=0.9 Referer https://xosoketqua.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Wed, 03 May 2023 02:40:22 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 3507 cf-polished origFmt=png, origSize=175845 content-disposition inline; filename="dudoan_xsmb_7.webp" alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 113046 cf-bgj imgq:85,h2pri last-modified Wed, 03 May 2023 01:12:53 GMT server cloudflare vary Accept report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FicMqoVfMaEoZ2A3aUXXRkHV1wfDQGO0flG7Rj1e4znIzIxaPV0TT5cjEz6yda%2FrU52fS%2FmKsU%2BhQMT2E2AOC41CxaPac7tuvIJD4XS2GEsd%2B%2BdzIBh1QrFwmYYr4VKZ"}],"group":"cf-nel","max_age":604800} content-type image/webp accept-ranges bytes cf-ray 7c15238a5bfc383e-FRA
GET H3	200	dudoan_xsmb_3.jpg xosoketqua.com/images/article/dudoan/	200 KB 201 KB	262ms 262ms	Image image/webp	104.26.3.210 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://xosoketqua.com/images/article/dudoan/dudoan_xsmb_3.jpg Requested by Host: xosoketqua.com URL: https://xosoketqua.com/ Protocol H3 Security QUIC, , AES_128_GCM Server 104.26.3.210 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash a628011e52347170fde9fc32f9b4769fc57fe51c6943be94488725cda8e75b6b Request headers accept-language ka-GE,ka;q=0.9 Referer https://xosoketqua.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Wed, 03 May 2023 02:40:22 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 3507 cf-polished origFmt=png, origSize=299526 content-disposition inline; filename="dudoan_xsmb_3.webp" alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 205076 cf-bgj imgq:85,h2pri last-modified Wed, 03 May 2023 00:18:38 GMT server cloudflare vary Accept report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TigxpSdXHtNi%2FuX836gmcPwT6Dstg4lSBbiF4g2erknA4FDQWogHnrUtCjy%2BlMOf0BDcID%2BQGUn3IgzKZ7rLqPLLL9ZEmMJW1OIrU5v4XVyoNIfmbSwJ1nEj7smbyso6"}],"group":"cf-nel","max_age":604800} content-type image/webp accept-ranges bytes cf-ray 7c15238a5bfe383e-FRA
GET H3	200	dudoan_xsmb_5.jpg xosoketqua.com/images/article/dudoan/	96 KB 97 KB	136ms 136ms	Image image/webp	104.26.3.210 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://xosoketqua.com/images/article/dudoan/dudoan_xsmb_5.jpg Requested by Host: xosoketqua.com URL: https://xosoketqua.com/ Protocol H3 Security QUIC, , AES_128_GCM Server 104.26.3.210 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 26ed2baef21b7224d56d1aed9a2caa46dfdaa39eb775e84023c1fb63a3438af8 Request headers accept-language ka-GE,ka;q=0.9 Referer https://xosoketqua.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Wed, 03 May 2023 02:40:22 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 3507 cf-polished origFmt=png, origSize=291939 content-disposition inline; filename="dudoan_xsmb_5.webp" alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 98700 cf-bgj imgq:85,h2pri last-modified Wed, 03 May 2023 01:18:42 GMT server cloudflare vary Accept report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6OpBMRuGbnbW%2FyQD67YSsOHmy78lGH9F%2FzWCliGYceYDob07tVnnEWwLc9LqkMev0JoqKs918XVMB5ON9QIqNu%2FSl0FhSVBm2FRgz6QMsJUwtTrP2YEPQZWWoGOd2y2R"}],"group":"cf-nel","max_age":604800} content-type image/webp accept-ranges bytes cf-ray 7c15238a5c03383e-FRA
GET H3	200	dudoan_xsmn_4.jpg xosoketqua.com/images/article/dudoan/	144 KB 145 KB	4471ms 4471ms	Image image/webp	104.26.3.210 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://xosoketqua.com/images/article/dudoan/dudoan_xsmn_4.jpg Requested by Host: xosoketqua.com URL: https://xosoketqua.com/ Protocol H3 Security QUIC, , AES_128_GCM Server 104.26.3.210 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 03750b714b9002b987a8dfc6551a7f7db04268263fe8315ac72286a98c213a75 Request headers accept-language ka-GE,ka;q=0.9 Referer https://xosoketqua.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Wed, 03 May 2023 02:40:22 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 2574 cf-polished origFmt=png, origSize=203802 content-disposition inline; filename="dudoan_xsmn_4.webp" alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 147836 cf-bgj imgq:85,h2pri last-modified Wed, 03 May 2023 00:05:05 GMT server cloudflare vary Accept report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4ccehH%2FhWReKDsD3LwGcjsOL%2FiJdSkSuO6s3u59j9ALm1a4tNR6hrhjaRqvR07ajozyZN%2FZouhrtKwoCLFrB8T2vKNihy8UnmwpseSFWSgPCvU%2BS0vJTYNPwo1uY%2BF6I"}],"group":"cf-nel","max_age":604800} content-type image/webp accept-ranges bytes cf-ray 7c15238a7c1a383e-FRA
GET H3	200	dudoan_xsmt_5.jpg xosoketqua.com/images/article/dudoan/	33 KB 34 KB	3495ms 3495ms	Image image/webp	104.26.3.210 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://xosoketqua.com/images/article/dudoan/dudoan_xsmt_5.jpg Requested by Host: xosoketqua.com URL: https://xosoketqua.com/ Protocol H3 Security QUIC, , AES_128_GCM Server 104.26.3.210 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 1b2d4cff44e2295393d5691cd1c3370a5550da835e8bce1b4e0373552b123459 Request headers accept-language ka-GE,ka;q=0.9 Referer https://xosoketqua.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Wed, 03 May 2023 02:40:22 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 2574 cf-polished qual=85, origFmt=jpeg, origSize=53857 content-disposition inline; filename="dudoan_xsmt_5.webp" alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 34204 cf-bgj imgq:85,h2pri last-modified Wed, 03 May 2023 01:42:53 GMT server cloudflare vary Accept report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yctrzRts3XfHmD2pOfNCs3rpXOGWyoLotgpqQPh%2BRJ1sK0VdzsViMjQkG9IN9j%2BkYKobxCBrPjLmTEyhjuKM4Icc0Iv2hYxUJ0J7JaSTiQeXSIwZG%2BZrdLhI%2FNrtN6Jh"}],"group":"cf-nel","max_age":604800} content-type image/webp accept-ranges bytes cf-ray 7c15238a7c1c383e-FRA
GET H3	200	vsmb_doitac-min.jpg xosoketqua.com/images/	50 KB 51 KB	433ms 432ms	Image image/webp	104.26.3.210 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://xosoketqua.com/images/vsmb_doitac-min.jpg Requested by Host: xosoketqua.com URL: https://xosoketqua.com/ Protocol H3 Security QUIC, , AES_128_GCM Server 104.26.3.210 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash ebf1fe08248c5d0bd28a5aa80a6651a2ad57d09a07bcf75da81a7eacf652859c Request headers accept-language ka-GE,ka;q=0.9 Referer https://xosoketqua.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Wed, 03 May 2023 02:40:22 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 2575 cf-polished qual=85, origFmt=jpeg, origSize=83673 content-disposition inline; filename="vsmb_doitac-min.webp" alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 51650 cf-bgj imgq:85,h2pri last-modified Tue, 02 May 2023 18:10:20 GMT server cloudflare vary Accept report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=R8loiuWF3AuGh8IZrf4hhlIyaBzOgK%2FPqD%2Boo1LHSvnPVebtO%2FdNHYREhE4UpkR1NvgBQInX777q6bXlttYS1EA%2FByLEYXE7%2BQKb09cxbGanpv%2FdrckomumgBn8Ze4bK"}],"group":"cf-nel","max_age":604800} content-type image/webp cache-control max-age=90000 accept-ranges bytes cf-ray 7c15238aec68383e-FRA
GET H3	200	docdac_doitac-min.jpg xosoketqua.com/images/	85 KB 86 KB	6259ms 6258ms	Image image/webp	104.26.3.210 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://xosoketqua.com/images/docdac_doitac-min.jpg Requested by Host: xosoketqua.com URL: https://xosoketqua.com/ Protocol H3 Security QUIC, , AES_128_GCM Server 104.26.3.210 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 10bec72c384e207f3f3f32f19885cba31030779aac072ca40e834526af64cc5a Request headers accept-language ka-GE,ka;q=0.9 Referer https://xosoketqua.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Wed, 03 May 2023 02:40:22 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 2574 cf-polished qual=85, origFmt=jpeg, origSize=149322 content-disposition inline; filename="docdac_doitac-min.webp" alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 87346 cf-bgj imgq:85,h2pri last-modified Tue, 02 May 2023 19:14:51 GMT server cloudflare vary Accept report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ePKjZmKFFxC0qump8Ym5H742HlVbFTvoZQ2%2Bu0xhlYsSoavlbumh%2FurhUd%2FfgfvHF2N2MLfexJzolQCWZ3K68ZWho%2BiEdTHVaVQPxqkZkwM1sjP8%2BA6bot8JNmfo3L%2Fd"}],"group":"cf-nel","max_age":604800} content-type image/webp cache-control max-age=90000 accept-ranges bytes cf-ray 7c15238aec6b383e-FRA
GET H3	200	keno_doitac-min.png xosoketqua.com/images/	36 KB 37 KB	7418ms 7417ms	Image image/webp	104.26.3.210 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://xosoketqua.com/images/keno_doitac-min.png Requested by Host: xosoketqua.com URL: https://xosoketqua.com/ Protocol H3 Security QUIC, , AES_128_GCM Server 104.26.3.210 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash de76b1d19e0d198b58f2abc056a9600cf7232d4fa75a120416c4beb387b31d19 Request headers accept-language ka-GE,ka;q=0.9 Referer https://xosoketqua.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Wed, 03 May 2023 02:40:22 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 2574 cf-polished origFmt=png, origSize=44990 content-disposition inline; filename="keno_doitac-min.webp" alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 37022 cf-bgj imgq:85,h2pri last-modified Tue, 02 May 2023 20:08:12 GMT server cloudflare vary Accept report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kSoYdz8o7Ph6Z%2FQEKMOywHbtFtNvwAsmaiQElck5Z6lIxA1USFAdZ0XfvLquq5q4BAsdL%2B7msV2o%2Bw16%2F9dhpqRK07TL6cpP2qj7jiZT3MOHC0qjyGQW6WYcM2rsfzPr"}],"group":"cf-nel","max_age":604800} content-type image/webp cache-control max-age=90000 accept-ranges bytes cf-ray 7c15238aec6c383e-FRA
GET H3	200	logo_atrungroi-min.jpg xosoketqua.com/images/	156 KB 157 KB	3423ms 3422ms	Image image/jpg	104.26.3.210 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://xosoketqua.com/images/logo_atrungroi-min.jpg Requested by Host: xosoketqua.com URL: https://xosoketqua.com/ Protocol H3 Security QUIC, , AES_128_GCM Server 104.26.3.210 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 8aa44049c92f58ace479269500caf1526cfaf804f02076428f550b5d59a6a289 Request headers accept-language ka-GE,ka;q=0.9 Referer https://xosoketqua.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Wed, 03 May 2023 02:40:22 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 2574 cf-polished status=not_needed alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 159856 cf-bgj imgq:85,h2pri last-modified Tue, 02 May 2023 10:39:26 GMT server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rNXBdaSQRBTYlK2BBaU2a3nu37bH6wJ6bLIhJsStbJQc%2BrzaL89DqGgAaMbkNPkxnctFjsz90NiVM024Cfpw0HkwOFvvstdcF0B81Mt2PJ1n%2B56L3n8febLZdmupY6xc"}],"group":"cf-nel","max_age":604800} content-type image/jpg cache-control max-age=90000 accept-ranges bytes cf-ray 7c15238aec6f383e-FRA
GET H3	200	Google_News_icon.png xosoketqua.com/images/	24 KB 25 KB	427ms 426ms	Image image/webp	104.26.3.210 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://xosoketqua.com/images/Google_News_icon.png Requested by Host: xosoketqua.com URL: https://xosoketqua.com/ Protocol H3 Security QUIC, , AES_128_GCM Server 104.26.3.210 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 4296d14d27998137ed687216f71d64a06e694ba56ae9e99b5666b95118320d3b Request headers accept-language ka-GE,ka;q=0.9 Referer https://xosoketqua.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Wed, 03 May 2023 02:40:22 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 2574 cf-polished origFmt=png, origSize=38896 content-disposition inline; filename="Google_News_icon.webp" alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 24886 cf-bgj imgq:85,h2pri last-modified Tue, 02 May 2023 18:49:31 GMT server cloudflare vary Accept report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zQF1W8oTFLWZpHykFweiSnnznxFXSTGx%2F3vodGS1uB53n8ykugJp1FC4AQzX3%2FDTxLALD5v%2F90ZuAd%2BaXnxlBWyOMkb8agDJEj4WS%2BfO5XaUKHDDo8A%2FQUqkVqSC3ESX"}],"group":"cf-nel","max_age":604800} content-type image/webp cache-control max-age=90000 accept-ranges bytes cf-ray 7c15238aec71383e-FRA
GET H3	200	rocket-loader.min.js Show response xosoketqua.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/	12 KB 4 KB	9637ms 9636ms	Script application/javascript	104.26.3.210 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://xosoketqua.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js Requested by Host: xosoketqua.com URL: https://xosoketqua.com/ Protocol H3 Security QUIC, , AES_128_GCM Server 104.26.3.210 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142 Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options DENY Request headers accept-language ka-GE,ka;q=0.9 Referer https://xosoketqua.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Wed, 03 May 2023 02:40:22 GMT content-encoding gzip x-content-type-options nosniff last-modified Tue, 25 Apr 2023 11:29:10 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"6447b986-302c" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OO7yb5RStoDWiEvMZ3vkUSpRJDabGtV8lThaELo4mM6O9Lku5XRJDeslRvqb%2FXsk7j2tvMq28vTdBogsjwjQ97aOOUoaQYph7x5zSeAJzk7A5hcNbGzmwIy5%2BicVLPav"}],"group":"cf-nel","max_age":604800} content-type application/javascript x-frame-options DENY cache-control max-age=172800, public cf-ray 7c15238aec73383e-FRA expires Fri, 05 May 2023 02:40:22 GMT
GET H2	200	v52afc6f149f6479b8c77fa569edb01181681764108816 Show response static.cloudflareinsights.com/beacon.min.js/	19 KB 7 KB	434ms 163ms	Script text/javascript	104.16.57.101 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://static.cloudflareinsights.com/beacon.min.js/v52afc6f149f6479b8c77fa569edb01181681764108816 Requested by Host: xosoketqua.com URL: https://xosoketqua.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.16.57.101 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 13a548e040a1ec08f77911fed1d559b95e5daae0ee227e632140e003c7268e7b Request headers Referer https://xosoketqua.com/ Origin https://xosoketqua.com accept-language ka-GE,ka;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Wed, 03 May 2023 02:40:22 GMT content-encoding gzip last-modified Mon, 17 Apr 2023 20:41:48 GMT server cloudflare etag W/2023.4.2 vary Accept-Encoding content-type text/javascript;charset=UTF-8 access-control-allow-origin * cache-control public, max-age=86400 cross-origin-resource-policy cross-origin cf-ray 7c15238cab002c72-FRA
GET H3	200	myapi_home.js Show response xosoketqua.com/xskt/assets/	11 KB 4 KB	1326ms 1326ms	Script application/javascript	104.26.3.210 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://xosoketqua.com/xskt/assets/myapi_home.js?v=18_02_1 Requested by Host: xosoketqua.com URL: https://xosoketqua.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js Protocol H3 Security QUIC, , AES_128_GCM Server 104.26.3.210 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 22336a040f055dc76c4ea40bd871cad0c16acb1c4a7a8094fbb4ffbda13911cd Request headers accept-language ka-GE,ka;q=0.9 Referer https://xosoketqua.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Wed, 03 May 2023 02:40:32 GMT content-encoding br cf-cache-status HIT cf-bgj minify last-modified Tue, 02 May 2023 10:39:45 GMT server cloudflare age 2583 cf-polished origSize=17072 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LgFFV7mTtSs24T%2FRE2jwVrsPpdfnGp%2F%2B8xO9EbCas8PqeLRTZk4F8RK5GsBizS09K41lfu8Q0TE1Yrz0B%2FvKyjSrWbkOPquwCs1ARZZRRsO4poLZE37DKTj6OBIYn9Z3"}],"group":"cf-nel","max_age":604800} content-type application/javascript cache-control max-age=90000 cf-ray 7c1523c7fc68383e-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET H3	200	moment.min.js Show response xosoketqua.com/xskt/assets/	50 KB 18 KB	139ms 138ms	Script application/javascript	104.26.3.210 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://xosoketqua.com/xskt/assets/moment.min.js?v=34_07_25 Requested by Host: xosoketqua.com URL: https://xosoketqua.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js Protocol H3 Security QUIC, , AES_128_GCM Server 104.26.3.210 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 2f74b7103124df51dc2c0e42e93da8bc7bce703f34f9f82a6820edd81022f76a Request headers accept-language ka-GE,ka;q=0.9 Referer https://xosoketqua.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Wed, 03 May 2023 02:40:32 GMT content-encoding br cf-cache-status HIT last-modified Tue, 02 May 2023 10:39:30 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare age 2583 vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Eu9OyNXlhAM6PN0Z9xtYYBsHfw7f51pRkCeZwemdnZ94%2FX6mcNPCfZ%2FFtEECQkN%2FygWW4I4Mdb4LmzKpeUv3eEsLFlQgctJqdu2JKgstXib0w83zEZoAPfS0%2BSAIu2G9"}],"group":"cf-nel","max_age":604800} content-type application/javascript cache-control max-age=90000 cf-ray 7c1523c7fc6b383e-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET H3	200	html2canvas.min.js Show response xosoketqua.com/xskt/assets/	194 KB 46 KB	786ms 785ms	Script application/javascript	104.26.3.210 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://xosoketqua.com/xskt/assets/html2canvas.min.js Requested by Host: xosoketqua.com URL: https://xosoketqua.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js Protocol H3 Security QUIC, , AES_128_GCM Server 104.26.3.210 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 4917b15ac829f7546ab1c053b06499786b45a053169f31f436c16c8eb821414e Request headers accept-language ka-GE,ka;q=0.9 Referer https://xosoketqua.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Wed, 03 May 2023 02:40:32 GMT content-encoding br cf-cache-status HIT last-modified Tue, 02 May 2023 20:46:52 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare age 2584 vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yDw3SeMAaUTujYINTstob1fTsrZTfjP2XsBMqyId24bbIQoo%2Bqb7Q%2BdWD9sdxsg%2FRH6xg7aTjUAtjpY9OT3RqowpWb7RxaDBaCbJ2R6sdGrV6AuL%2B8mxCJkD1nBnywtN"}],"group":"cf-nel","max_age":604800} content-type application/javascript cache-control max-age=90000 cf-ray 7c1523c7fc6f383e-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET H3	200	main_index.js Show response xosoketqua.com/xskt/assets/	5 KB 2 KB	1327ms 1326ms	Script application/javascript	104.26.3.210 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://xosoketqua.com/xskt/assets/main_index.js Requested by Host: xosoketqua.com URL: https://xosoketqua.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js Protocol H3 Security QUIC, , AES_128_GCM Server 104.26.3.210 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 198913752556a4f2f624d36003da83fd4ef164a10505a692b8fec18fbd6569a9 Request headers accept-language ka-GE,ka;q=0.9 Referer https://xosoketqua.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Wed, 03 May 2023 02:40:32 GMT content-encoding br cf-cache-status HIT cf-bgj minify last-modified Tue, 02 May 2023 20:46:52 GMT server cloudflare age 2583 cf-polished origSize=6366 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wf8o9hmVEXjeIdS284t9rMsSAeGX8ioBVAVtktQWSXnYN1NGjlWckIy1GcUaJV8q1jeLnXI2ezfXOPFteOHg8Mn%2Fnfep5VI8i9BY4A5v4Lu%2BLSQp3ou4nDKYVjQQ2F1c"}],"group":"cf-nel","max_age":604800} content-type application/javascript cache-control max-age=90000 cf-ray 7c1523c7fc70383e-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET H3	200	jqueryval.js Show response xosoketqua.com/xskt/assets/	27 KB 9 KB	1299ms 1298ms	Script application/javascript	104.26.3.210 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://xosoketqua.com/xskt/assets/jqueryval.js Requested by Host: xosoketqua.com URL: https://xosoketqua.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js Protocol H3 Security QUIC, , AES_128_GCM Server 104.26.3.210 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 6afdbd54a64983a71441817c8a89faaef68c26aeb47c03e6dfbba9346fee1460 Request headers accept-language ka-GE,ka;q=0.9 Referer https://xosoketqua.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Wed, 03 May 2023 02:40:32 GMT content-encoding br cf-cache-status HIT cf-bgj minify last-modified Tue, 02 May 2023 20:46:52 GMT server cloudflare age 2583 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Z0xrNEecmRnD2SGRrtjMr3VYRKrk64KeU8td7YEbfhPTbMgmaq1fwuEOB4OW38roHTueVvEL5zpXRGwgm%2FR%2F%2FbzNW8grWl%2Fnthzcbs0GYPIQwBYi7PaCc4e7lPmEopjJ"}],"group":"cf-nel","max_age":604800} content-type application/javascript cache-control max-age=90000 cf-ray 7c1523c7fc71383e-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET H3	200	xsdp.min.js Show response xosoketqua.com/xskt/assets/	19 KB 5 KB	1453ms 1452ms	Script application/javascript	104.26.3.210 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://xosoketqua.com/xskt/assets/xsdp.min.js?v=24_09 Requested by Host: xosoketqua.com URL: https://xosoketqua.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js Protocol H3 Security QUIC, , AES_128_GCM Server 104.26.3.210 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 7322d236b28fc8d784909a4ff1e8e082ba2f207b3a64d2aa43e52fe0e45441ac Request headers accept-language ka-GE,ka;q=0.9 Referer https://xosoketqua.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Wed, 03 May 2023 02:40:32 GMT content-encoding br cf-cache-status HIT last-modified Tue, 02 May 2023 10:39:27 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare age 2583 vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XPBc3UEmJYZRGPhORaN%2Fx8REUm8X7CS1vZw1BY%2F6S03lkL6u%2BxXHc7lu6E6aeaX7StkfpAb%2BDHyFShF3dXwqo6z0THT4znmXWn1m2g2akXrPDXmtTioiJCkZUDTtPTd0"}],"group":"cf-nel","max_age":604800} content-type application/javascript cache-control max-age=90000 cf-ray 7c1523c7fc75383e-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET H3	200	jquerylib.js Show response xosoketqua.com/xskt/assets/	368 KB 109 KB	267ms 266ms	Script application/javascript	104.26.3.210 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://xosoketqua.com/xskt/assets/jquerylib.js Requested by Host: xosoketqua.com URL: https://xosoketqua.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js Protocol H3 Security QUIC, , AES_128_GCM Server 104.26.3.210 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash b0ea3d9ba83e515d8ae6a36eea23403c8928b81a8f84ac93d10c4e6a22d6b93a Request headers accept-language ka-GE,ka;q=0.9 Referer https://xosoketqua.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Wed, 03 May 2023 02:40:32 GMT content-encoding br cf-cache-status HIT cf-bgj minify last-modified Tue, 02 May 2023 20:44:42 GMT server cloudflare age 2584 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Eabb8%2B5Ssa%2B7cynVUWRpyCP%2BiIMNZfcWs0lVPJbHv6qEaBpO%2FyNZjZKbkPn98eotEreu3iXMclIh9ndP3zI3vdMK6Mx4MWWIJk6hVDzmW5VDROnhggb%2BIB5XpNGsiUOR"}],"group":"cf-nel","max_age":604800} content-type application/javascript cache-control max-age=90000 cf-ray 7c1523c7fc76383e-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET H2	200	DMCABadgeHelper.min.js Show response images.dmca.com/Badges/	465 B 672 B	415ms 138ms	Script application/javascript	151.139.128.10 STACKPATH-CDN
General Check archive.org Show headers Download Go to Full URL https://images.dmca.com/Badges/DMCABadgeHelper.min.js Requested by Host: xosoketqua.com URL: https://xosoketqua.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US), Reverse DNS map3.hwcdn.net Software Microsoft-IIS/10.0 / ASP.NET Resource Hash e8021f1a9dad409f7e699457ac334653bf800464df69900237c4de1c29e275d0 Request headers accept-language ka-GE,ka;q=0.9 Referer https://xosoketqua.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Wed, 03 May 2023 02:40:32 GMT content-encoding gzip last-modified Fri, 21 Jun 2019 20:14:34 GMT server Microsoft-IIS/10.0 etag "26b181f16d28d51:0" x-powered-by ASP.NET x-hw 1683081632.cds135.fr8.hn,1683081632.cds057.fr8.c content-type application/javascript access-control-allow-origin * cache-control public,max-age=31536000 accept-ranges bytes link <https://www.dmca.com/Badges/DMCABadgeHelper.min.js>; rel="canonical" content-length 395
GET H2	200	xosoketqua.com.1343895.js Show response jsc.mgid.com/x/o/	3 KB 2 KB	423ms 144ms	Script text/javascript	104.19.134.78 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://jsc.mgid.com/x/o/xosoketqua.com.1343895.js Requested by Host: xosoketqua.com URL: https://xosoketqua.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.19.134.78 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 0600b393260e2df05723f6018dfb42e99560f2be0b9de0fffad1584d1f5d2637 Request headers accept-language ka-GE,ka;q=0.9 Referer https://xosoketqua.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Wed, 03 May 2023 02:40:32 GMT x-amz-version-id PrUCfMP0JRecHfj6D529PdWqP6aNauFX content-encoding br cf-cache-status HIT x-amz-request-id DWPH2151582SF41N age 3978 cf-polished origSize=2690 x-amz-server-side-encryption AES256 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 x-amz-id-2 VfvbYGQTfAAXJtsqM8mB8oV2mRgUTV++nMMTPdMqhpgDTcZpm5mY92r3I0nCLsdX4+9tIQIzVUA= cf-bgj minify last-modified Thu, 27 Apr 2023 07:27:21 GMT server cloudflare etag W/"04588863e1a4daf3b76b6396282333c0" vary Accept-Encoding content-type text/javascript cache-control public, max-age=10800 cf-ray 7c1523c9cee52bae-FRA expires Wed, 03 May 2023 05:40:32 GMT
GET H2	200	adsbygoogle.js Show response pagead2.googlesyndication.com/pagead/js/	138 KB 47 KB	418ms 149ms	Script text/javascript	172.217.18.2 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-5071155005901453 Requested by Host: xosoketqua.com URL: https://xosoketqua.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.217.18.2 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra02s19-in-f2.1e100.net Software cafe / Resource Hash 81a28fb2dacebf052c311e9b370343a2a5d2019f3e9e781827214969ebf97fad Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://xosoketqua.com/ Origin https://xosoketqua.com accept-language ka-GE,ka;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Wed, 03 May 2023 02:40:32 GMT content-encoding br x-content-type-options nosniff p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 47340 x-xss-protection 0 server cafe etag 2840799098763887778 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=3600 timing-allow-origin * expires Wed, 03 May 2023 02:40:32 GMT
GET H2	200	OneSignalSDK.js Show response cdn.onesignal.com/sdks/	9 KB 3 KB	446ms 167ms	Script application/javascript	104.18.214.59 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.onesignal.com/sdks/OneSignalSDK.js?v=3 Requested by Host: xosoketqua.com URL: https://xosoketqua.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.18.214.59 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 194addf8fd862999286b33cf83116babe8c700ba3a28111777f49ca72c429970 Security Headers Name Value Strict-Transport-Security max-age=15552000; includeSubDomains Request headers accept-language ka-GE,ka;q=0.9 Referer https://xosoketqua.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Wed, 03 May 2023 02:40:32 GMT via 1.1 google content-encoding br cf-cache-status EXPIRED server cloudflare strict-transport-security max-age=15552000; includeSubDomains etag W/"06f50014011c1fcd9e21b6b0481979de" vary Accept-Encoding content-type application/javascript cache-control public, max-age=259200 cf-ray 7c1523c9cb8c2c36-FRA access-control-allow-headers OneSignal-Subscription-Id alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 expires Sat, 06 May 2023 02:40:32 GMT
GET H2	200	js Show response www.googletagmanager.com/gtag/	115 KB 45 KB	413ms 145ms	Script application/javascript	216.58.212.136 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=UA-146204891-4 Requested by Host: xosoketqua.com URL: https://xosoketqua.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 216.58.212.136 , United States, ASN15169 (GOOGLE, US), Reverse DNS ams15s21-in-f136.1e100.net Software Google Tag Manager / Resource Hash 00e2fe8f41d5b9acfacf2f3dad9d02d3e7a6c79b04c9be8889c2a2bc8f27fd85 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers accept-language ka-GE,ka;q=0.9 Referer https://xosoketqua.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Wed, 03 May 2023 02:40:32 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 45735 x-xss-protection 0 last-modified Wed, 03 May 2023 00:00:00 GMT server Google Tag Manager vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true access-control-allow-headers Cache-Control expires Wed, 03 May 2023 02:40:32 GMT
GET H2	200	xosoketqua.com.1343895.es6.js Show response jsc.mgid.com/x/o/	254 KB 72 KB	149ms 148ms	Script text/javascript	104.19.134.78 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://jsc.mgid.com/x/o/xosoketqua.com.1343895.es6.js Requested by Host: jsc.mgid.com URL: https://jsc.mgid.com/x/o/xosoketqua.com.1343895.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.19.134.78 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 86563b0e8f32503912407673436d84bc1cb119362489c79b5a193afd81c7bce4 Request headers accept-language ka-GE,ka;q=0.9 Referer https://xosoketqua.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Wed, 03 May 2023 02:40:32 GMT x-amz-version-id EqxlZb7iBnXJGPj.nSiSJjdUTmAvUEN1 content-encoding br cf-cache-status HIT x-amz-request-id 86CDHMFXV6TGNV7G age 3977 cf-polished origSize=260140 x-amz-server-side-encryption AES256 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 x-amz-id-2 kdsxxapAbKR3zj0Jjw9dTGytwwSJy3Wf1DDM3hJV+WTFaVS1+Dftw9yAR8PlTpY8JOKR6awXRU4= cf-bgj minify last-modified Thu, 27 Apr 2023 07:27:21 GMT server cloudflare etag W/"48815c907b63354050da39dccc792596" vary Accept-Encoding content-type text/javascript cache-control public, max-age=10800 cf-ray 7c1523caaf8e2bae-FRA expires Wed, 03 May 2023 05:40:32 GMT
GET H2	200	OneSignalPageSDKES6.js Show response cdn.onesignal.com/sdks/	284 KB 68 KB	149ms 148ms	Script application/javascript	104.18.214.59 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151601 Requested by Host: cdn.onesignal.com URL: https://cdn.onesignal.com/sdks/OneSignalSDK.js?v=3 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.18.214.59 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash c868ebeb22a6d2945834c14da4641969a62e35a6cfa434a974339df068324b6e Security Headers Name Value Strict-Transport-Security max-age=15552000; includeSubDomains Request headers accept-language ka-GE,ka;q=0.9 Referer https://xosoketqua.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Wed, 03 May 2023 02:40:32 GMT via 1.1 google content-encoding br cf-cache-status HIT server cloudflare strict-transport-security max-age=15552000; includeSubDomains age 540 etag W/"2cf94922e2d551e8dc7c38c022a9a3ca" vary Accept-Encoding content-type application/javascript cache-control public, max-age=259200 cf-ray 7c1523cadc2f2c36-FRA access-control-allow-headers OneSignal-Subscription-Id alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 expires Sat, 06 May 2023 02:40:32 GMT
GET H2	200	analytics.js Show response www.google-analytics.com/	51 KB 21 KB	410ms 134ms	Script text/javascript	142.250.181.238 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/analytics.js Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=UA-146204891-4 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.181.238 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s56-in-f14.1e100.net Software Golfe2 / Resource Hash e7b90d32907f89c49e9e2a2ccca95133277f756f13a14187936d9b948ff67b44 Security Headers Name Value Strict-Transport-Security max-age=10886400; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language ka-GE,ka;q=0.9 Referer https://xosoketqua.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers strict-transport-security max-age=10886400; includeSubDomains; preload content-encoding gzip x-content-type-options nosniff date Wed, 03 May 2023 02:35:44 GMT last-modified Mon, 17 Apr 2023 22:36:01 GMT server Golfe2 age 288 vary Accept-Encoding content-type text/javascript cache-control public, max-age=7200 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 20737 expires Wed, 03 May 2023 04:35:44 GMT
GET H3	200	show_ads_impl_fy2021.js Show response pagead2.googlesyndication.com/pagead/managed/js/adsense/m202304270101/	354 KB 119 KB	423ms 166ms	Script text/javascript	172.217.18.2 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202304270101/show_ads_impl_fy2021.js Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-5071155005901453 Protocol H3 Security QUIC, , AES_128_GCM Server 172.217.18.2 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra02s19-in-f2.1e100.net Software cafe / Resource Hash 5effd19a07533c33d2109ca53fbc6f6cdcbb05d927df8bca6cb76ce82557a6bb Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language ka-GE,ka;q=0.9 Referer https://xosoketqua.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Wed, 03 May 2023 02:40:32 GMT content-encoding br x-content-type-options nosniff p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 122070 x-xss-protection 0 server cafe etag 13602012276013312036 vary Accept-Encoding content-type text/javascript; charset=UTF-8 cache-control private, max-age=1209600 timing-allow-origin * expires Wed, 03 May 2023 02:40:32 GMT
GET H2	200	zrt_lookup.html Show response googleads.g.doubleclick.net/pagead/html/r20230501/r20190131/ Frame 4A67	10 KB 5 KB	404ms 132ms	Document text/html	142.250.186.162 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/html/r20230501/r20190131/zrt_lookup.html Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-5071155005901453 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.186.162 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s08-in-f2.1e100.net Software cafe / Resource Hash eb7a209e3af2f5e7045a326f81414b39f02551eb158e859c190a7a84db7c4d5d Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://xosoketqua.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 accept-language ka-GE,ka;q=0.9 Response headers age 30639 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control public, max-age=1209600 content-encoding br content-length 4540 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Tue, 02 May 2023 18:09:53 GMT etag 15057649708203361565 expires Tue, 16 May 2023 18:09:53 GMT p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" server cafe timing-allow-origin * vary Accept-Encoding x-content-type-options nosniff x-xss-protection 0
GET BLOB	200 OK	6302240a-fc49-48d9-995f-8b208ad18f6f https://xosoketqua.com/	0 0		Other text/javascript
General Check archive.org Show headers Download Go to Full URL blob:https://xosoketqua.com/6302240a-fc49-48d9-995f-8b208ad18f6f Protocol BLOB Server -, , ASN (), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language ka-GE,ka;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Content-Length 0 Content-Type text/javascript
GET BLOB	200 OK	6304b2bc-3e49-4c5f-bb13-48b51dab1338 https://xosoketqua.com/	250 B 0		Other text/javascript
General Check archive.org Show headers Download Go to Full URL blob:https://xosoketqua.com/6304b2bc-3e49-4c5f-bb13-48b51dab1338 Protocol BLOB Server -, , ASN (), Reverse DNS Software / Resource Hash e37071398d21f18dff2370ee0885f38811bb69bb465b398100ab3101fc521d6b Request headers accept-language ka-GE,ka;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Content-Length 250 Content-Type text/javascript
GET H2	200	web Show response onesignal.com/api/v1/sync/e38d6cec-9743-465f-aee2-edda7ae252e9/	4 KB 2 KB	195ms 187ms	Script text/javascript	104.18.214.59 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://onesignal.com/api/v1/sync/e38d6cec-9743-465f-aee2-edda7ae252e9/web?callback=__jp0 Requested by Host: cdn.onesignal.com URL: https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151601 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.18.214.59 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash a9b2cf22ab3c95a002cc02c068a5117e4326a6d2ffe0c78ab02cbf55b2c1f80f Security Headers Name Value Strict-Transport-Security max-age=15552000; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language ka-GE,ka;q=0.9 Referer https://xosoketqua.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Wed, 03 May 2023 02:40:32 GMT via 1.1 google x-content-type-options nosniff cf-cache-status EXPIRED content-encoding br x-permitted-cross-domain-policies none strict-transport-security max-age=15552000; includeSubDomains alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 x-xss-protection 1; mode=block x-request-id af4e142b-d584-4b9a-8293-59d7181d4bb4 x-runtime 0.029040 referrer-policy strict-origin-when-cross-origin server cloudflare etag W/"a9b2cf22ab3c95a002cc02c068a5117e" x-download-options noopen vary Origin, Accept-Encoding x-frame-options SAMEORIGIN content-type text/javascript; charset=utf-8 access-control-allow-origin * cache-control public, max-age=3600 cf-ray 7c1523cccd362c36-FRA access-control-allow-headers SDK-Version expires Wed, 03 May 2023 03:40:32 GMT
GET H2	200	/ Show response c.mgid.com/pv/	0 43 B	158ms 150ms	Script text/plain	104.19.134.78 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://c.mgid.com/pv/?scum=%3F0&scuw=%3F0&pv=5&cbuster=1683081632727121534547&uniqId=04061&lct=1682553600&niet=4g&nisd=false&jsv=es6&ref=&cxurl=http%3A%2F%2Fxosoketqua.com%2F&lu=https%3A%2F%2Fxosoketqua.com%2F&sessionId=6451c9a1-023b7&pageView=1&pvid=187df7b9bd8ad9d33c3&site=798325&implVersion=11&dpr=1&tfre=10560 Requested by Host: jsc.mgid.com URL: https://jsc.mgid.com/x/o/xosoketqua.com.1343895.es6.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.19.134.78 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language ka-GE,ka;q=0.9 Referer https://xosoketqua.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Wed, 03 May 2023 02:40:32 GMT cf-cache-status DYNAMIC server cloudflare cf-ray 7c1523cd09262bae-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 0
GET BLOB	206 Partial Content	04bd0322-4368-4d49-a57b-0db173eb8c75 https://xosoketqua.com/	1 KB 0		Media video/mp4
General Check archive.org Show headers Download Go to Full URL blob:https://xosoketqua.com/04bd0322-4368-4d49-a57b-0db173eb8c75 Protocol BLOB Server -, , ASN (), Reverse DNS Software / Resource Hash 60ddc774c7b5fd0c01d169321a444da403d60c0042f6bee01b0c96f6e1535fda Request headers Referer Accept-Encoding identity;q=1, *;q=0 accept-language ka-GE,ka;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Range bytes=0- Response headers Content-Range bytes 0-1492/1493 Content-Length 1493 Content-Type video/mp4
GET H2	200	mgid_ua.svg cdn.mgid.com/images/mgid/	2 KB 1 KB	155ms 147ms	Image image/svg+xml	104.19.134.78 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://cdn.mgid.com/images/mgid/mgid_ua.svg Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.19.134.78 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 70d5c4de881e718d0b7638959680ba86722d44eecbe4058d20dd77b8d0d97155 Request headers accept-language ka-GE,ka;q=0.9 Referer https://xosoketqua.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Wed, 03 May 2023 02:40:32 GMT x-amz-version-id null content-encoding br cf-cache-status HIT x-amz-request-id 1SAKNE8T99VM7FFV age 4804 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 x-amz-id-2 ygWvmfZuUKec2ix2rXp9wGADIzJEt4+BbxwpugjObCowudhzU+Mv6OMB7bKnKqvKe27gjoifOFM= last-modified Tue, 08 Mar 2022 17:05:01 GMT server cloudflare x-amz-meta-s3cmd-attrs atime:1646759091/ctime:1646759091/gid:0/gname:root/md5:617c205137825561208ef7c1a2d8f319/mode:33206/mtime:1646759091/uid:0/uname:root etag W/"617c205137825561208ef7c1a2d8f319" vary Accept-Encoding content-type image/svg+xml cache-control public, max-age=86400 cf-ray 7c1523cd19362bae-FRA expires Thu, 04 May 2023 02:40:32 GMT
GET H2	200	Adchoices.svg cdn.mgid.com/images/logos/	836 B 886 B	149ms 141ms	Image image/svg+xml	104.19.134.78 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://cdn.mgid.com/images/logos/Adchoices.svg Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.19.134.78 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 7992a4430843ef8b4bbae534358be3193aa1ae9c78f273e8e8a70b6af1244ac5 Request headers accept-language ka-GE,ka;q=0.9 Referer https://xosoketqua.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Wed, 03 May 2023 02:40:32 GMT x-amz-version-id null content-encoding br cf-cache-status HIT x-amz-request-id YX26RVNEGW9X6AWK age 211 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 x-amz-id-2 n34KGzJQ98MT9xBDtbJv2oufYNYTE1MJ4vzxC7KZ0Bli4Tknnuz5/OulQ9m/FQMVXjfciLfclSI= last-modified Wed, 17 Feb 2021 18:15:53 GMT server cloudflare x-amz-meta-s3cmd-attrs atime:1613585745/ctime:1613585745/gid:0/gname:root/md5:7d59364b7ed2df3f02507c9f92560df9/mode:33206/mtime:1613585745/uid:0/uname:root etag W/"7d59364b7ed2df3f02507c9f92560df9" vary Accept-Encoding content-type image/svg+xml cache-control public, max-age=86400 cf-ray 7c1523cd19332bae-FRA expires Thu, 04 May 2023 02:40:32 GMT
GET H2	200	1 Show response servicer.mgid.com/1343895/	4 KB 2 KB	175ms 163ms	Script application/x-javascript	104.19.134.78 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://servicer.mgid.com/1343895/1?scum=%3F0&scuw=%3F0&pv=5&cbuster=1683081632798757369644&uniqId=04061&lct=1682553600&niet=4g&nisd=false&jsv=es6&mp4=1&ap=1&w=553&h=559&maxw_3=271&maxh_3=250&sz=271x250&szp=1,2,3,4&szl=1,2;3,4&cols=2&ref=&cxurl=http%3A%2F%2Fxosoketqua.com%2F&lu=https%3A%2F%2Fxosoketqua.com%2F&sessionId=6451c9a1-023b7&pageView=1&pvid=187df7b9bd8ad9d33c3&implVersion=11&dpr=1&tfre=10631 Requested by Host: jsc.mgid.com URL: https://jsc.mgid.com/x/o/xosoketqua.com.1343895.es6.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.19.134.78 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash ceacbd6adb16ac2b44e8d9536d1a4c56ea2b2035fefd7626544425f1a56b7cc0 Request headers accept-language ka-GE,ka;q=0.9 Referer https://xosoketqua.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Wed, 03 May 2023 02:40:32 GMT content-encoding br cf-cache-status DYNAMIC server cloudflare vary Accept-Encoding content-type application/x-javascript; charset=utf-8 access-control-allow-origin * access-control-allow-credentials true cf-ray 7c1523cd79752bae-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
POST H2	200	collect Show response www.google-analytics.com/j/	1 B 205 B	142ms 142ms	XHR text/plain	142.250.181.238 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/j/collect?v=1&_v=j100&a=1131522255&t=pageview&_s=1&dl=https%3A%2F%2Fxosoketqua.com%2F&ul=en-us&de=UTF-8&dt=X%E1%BB%95%20S%E1%BB%91%20K%E1%BA%BFt%20Qu%E1%BA%A3%20-%20ketqua%2C%20kqxs%2C%20ket%20qua%20xo%20so%20hom%20nay%2C%20ketquaxoso&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAACAAI~&jid=231912182&gjid=804278978&cid=485804504.1683081633&tid=UA-146204891-4&_gid=940138353.1683081633&_r=1&gtm=457e3510&jsscut=1&z=2130281348 Requested by Host: www.google-analytics.com URL: https://www.google-analytics.com/analytics.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.181.238 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s56-in-f14.1e100.net Software Golfe2 / Resource Hash 6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer https://xosoketqua.com/ accept-language ka-GE,ka;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Content-Type text/plain Response headers pragma no-cache date Wed, 03 May 2023 02:40:33 GMT x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 content-type text/plain access-control-allow-origin https://xosoketqua.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 1 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	mgid_ua.svg cdn.mgid.com/images/mgid/	2 KB 1 KB	143ms 143ms	Image image/svg+xml	104.19.134.78 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://cdn.mgid.com/images/mgid/mgid_ua.svg Requested by Host: jsc.mgid.com URL: https://jsc.mgid.com/x/o/xosoketqua.com.1343895.es6.js Protocol H3 Security QUIC, , AES_128_GCM Server 104.19.134.78 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 70d5c4de881e718d0b7638959680ba86722d44eecbe4058d20dd77b8d0d97155 Request headers accept-language ka-GE,ka;q=0.9 Referer https://xosoketqua.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Wed, 03 May 2023 02:40:33 GMT x-amz-version-id null content-encoding br cf-cache-status HIT x-amz-request-id BQQZ016TJQM3CQAQ age 2068 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 x-amz-id-2 H0ihdhm/EJhbcC+homFO+mab68DYYvx/mk6E6cpnOvsu3WasxL/t0xcMLjTuGMaSc4h2RuXW7vE= last-modified Tue, 08 Mar 2022 17:05:01 GMT server cloudflare x-amz-meta-s3cmd-attrs atime:1646759091/ctime:1646759091/gid:0/gname:root/md5:617c205137825561208ef7c1a2d8f319/mode:33206/mtime:1646759091/uid:0/uname:root etag W/"617c205137825561208ef7c1a2d8f319" vary Accept-Encoding content-type image/svg+xml cache-control public, max-age=86400 cf-ray 7c1523ce7a99913c-FRA expires Thu, 04 May 2023 02:40:33 GMT
GET H3	200	Adchoices.svg cdn.mgid.com/images/logos/	836 B 1 KB	141ms 141ms	Image image/svg+xml	104.19.134.78 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://cdn.mgid.com/images/logos/Adchoices.svg Requested by Host: jsc.mgid.com URL: https://jsc.mgid.com/x/o/xosoketqua.com.1343895.es6.js Protocol H3 Security QUIC, , AES_128_GCM Server 104.19.134.78 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 7992a4430843ef8b4bbae534358be3193aa1ae9c78f273e8e8a70b6af1244ac5 Request headers accept-language ka-GE,ka;q=0.9 Referer https://xosoketqua.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Wed, 03 May 2023 02:40:33 GMT x-amz-version-id null content-encoding br cf-cache-status HIT x-amz-request-id BQQP2P0ZGAY0CMXJ age 1481 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 x-amz-id-2 Cxr/h9GEH2cm2grnKHiXrIw5MioqY/kDhHlX9SIKfHkMPhFjrTu42FaOoPgYIABs4KQfQTtjm/c= last-modified Wed, 17 Feb 2021 18:15:53 GMT server cloudflare x-amz-meta-s3cmd-attrs atime:1613585745/ctime:1613585745/gid:0/gname:root/md5:7d59364b7ed2df3f02507c9f92560df9/mode:33206/mtime:1613585745/uid:0/uname:root etag W/"7d59364b7ed2df3f02507c9f92560df9" vary Accept-Encoding content-type image/svg+xml cache-control public, max-age=86400 cf-ray 7c1523ce7a9a913c-FRA expires Thu, 04 May 2023 02:40:33 GMT
GET H2	200	aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHFfYXV0bzpnb29kLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMi0xMC8zMTAxNDEvMWNjN... s-img.mgid.com/g/14493034/492x277/-/	16 KB 16 KB	493ms 218ms	Image image/webp	104.19.132.78 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://s-img.mgid.com/g/14493034/492x277/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHFfYXV0bzpnb29kLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMi0xMC8zMTAxNDEvMWNjNjRjNGNhMjAzMTQxYWFhZGM3MDJlNTkzNDBiNGIuanBn.webp?v=1683081632-MVWScGZwVld5XnH5JBr9eKMDpzxwDf8zL52e4Sv-qdQ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.19.132.78 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 822b4df53bd3e161b37f484e527fa255f2f40bd72b66e79efc66408be9530728 Request headers Referer https://xosoketqua.com/ Origin https://xosoketqua.com accept-language ka-GE,ka;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Wed, 03 May 2023 02:40:33 GMT cf-cache-status HIT last-modified Mon, 31 Oct 2022 21:56:26 GMT x-mg-request-uuid 7e09be15-4c69-44f7-9972-b9a3ca3d32dd server cloudflare age 1076006 vary Accept-Encoding content-type image/webp access-control-allow-origin * cache-control immutable, max-age=31536000 accept-ranges bytes x-robots-tag noindex cf-ray 7c1523d038413810-FRA content-length 16424 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET H2	200	aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHFfYXV0bzpnb29kLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMy0wMy83ODU1ODYvZTY4Y... s-img.mgid.com/g/15643640/492x277/-/	10 KB 10 KB	472ms 198ms	Image image/webp	104.19.132.78 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://s-img.mgid.com/g/15643640/492x277/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHFfYXV0bzpnb29kLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMy0wMy83ODU1ODYvZTY4YTQwM2Y1OTY0MTgzM2U4NDRlNmJkZWQxYjYxOTUuanBn.webp?v=1683081632-p1d8WAzQ0gLAqopwbe8hnHg7HhDNWUi2FzxWXj3rCpI Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.19.132.78 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 05246e75582763e580ad96be2cbfe21ad8deed6e478e9694c48a619dca0296f3 Request headers Referer https://xosoketqua.com/ Origin https://xosoketqua.com accept-language ka-GE,ka;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Wed, 03 May 2023 02:40:33 GMT cf-cache-status HIT last-modified Sun, 19 Mar 2023 21:20:25 GMT x-mg-request-uuid 9bd978e0-5e62-407c-969d-8d1d3a05227e server cloudflare age 479977 vary Accept-Encoding content-type image/webp access-control-allow-origin * cache-control immutable, max-age=31536000 accept-ranges bytes x-robots-tag noindex cf-ray 7c1523d038433810-FRA content-length 10076 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET H2	200	aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ194eV9jZW50ZXIscV9hdXRvOmdvb2Qsd18xMDIwLHhfMjM1LHlfNjAvaHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjItMTIvN... s-img.mgid.com/g/15031533/492x277/-/	10 KB 10 KB	414ms 140ms	Image image/webp	104.19.132.78 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://s-img.mgid.com/g/15031533/492x277/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ194eV9jZW50ZXIscV9hdXRvOmdvb2Qsd18xMDIwLHhfMjM1LHlfNjAvaHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjItMTIvNjI1Njc2L2FkZTNiMjkyNmE3Y2RhYmI5ODAzYjk0YTk5OGE4M2QxLmpwZw.webp?v=1683081632-ih9VYSWk-ZRoQCi4FKF7ND6vOZPFJxItvfYk1iYmNR0 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.19.132.78 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 51661c9cf72b9b4261b683b0e7b9d2a63972a5f2dd4d552ee1fd03d6a28d1c19 Request headers Referer https://xosoketqua.com/ Origin https://xosoketqua.com accept-language ka-GE,ka;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Wed, 03 May 2023 02:40:33 GMT cf-cache-status HIT last-modified Fri, 30 Dec 2022 10:07:50 GMT x-mg-request-uuid c4f9e368-2efe-45d2-8f9f-938cbd1b4c98 server cloudflare age 477981 vary Accept-Encoding content-type image/webp access-control-allow-origin * cache-control immutable, max-age=31536000 accept-ranges bytes x-robots-tag noindex cf-ray 7c1523d038443810-FRA content-length 10132 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET H2	206	5ff552a8684ccba1b400bdfed00a5464.mp4 cl.imghosts.com/imgh/video/upload/ar_16:9,c_fill,w_680/videos/t/2023-05/581854/	408 KB 409 KB	412ms 139ms	Media video/mp4	104.18.13.45 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cl.imghosts.com/imgh/video/upload/ar_16:9,c_fill,w_680/videos/t/2023-05/581854/5ff552a8684ccba1b400bdfed00a5464.mp4?v=1683081632-IJI2D9-E4fL0EH0vHwiTtcnClB6XWad1PyfhCFT9XBk Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.18.13.45 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash c8b017a1516c3d7fe834aa77530a333dda8fefbdad5f2c29a6d73deb32c1fec4 Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer https://xosoketqua.com/ Accept-Encoding identity;q=1, *;q=0 accept-language ka-GE,ka;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Range bytes=0- Response headers date Wed, 03 May 2023 02:40:33 GMT x-content-type-options nosniff cf-cache-status HIT age 48260 Content-Range bytes 0-418166/418167 server-timing cld-fastly;mitm=cpo;dur=38;cpu=1;start=2023-05-02T12:47:43.078Z;desc=miss,rtt;dur=0,cloudinary;dur=36;start=2023-05-02T12:47:43.078Z alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 Content-Length 418167 last-modified Tue, 02 May 2023 12:47:41 GMT server cloudflare etag "1b6753d0880e65951d546d3e4a417d59" vary Accept-Encoding content-type video/mp4;codecs=avc1 access-control-allow-origin * access-control-expose-headers Content-Length,ETag,Server-Timing,X-Content-Type-Options cache-control public, max-age=31536000, no-transform, immutable timing-allow-origin * x-robots-tag noindex cf-ray 7c1523d03f3f9b1c-FRA
GET H2	200	i.js Show response cm.mgid.com/	2 KB 1 KB	237ms 228ms	Script application/javascript	104.19.134.78 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cm.mgid.com/i.js?&cbuster=1683081632994427210690 Requested by Host: jsc.mgid.com URL: https://jsc.mgid.com/x/o/xosoketqua.com.1343895.es6.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.19.134.78 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 8b5125ba276e8172afa13cd62bf1914b31ad208494897d7f33e14229979e4e2e Request headers accept-language ka-GE,ka;q=0.9 Referer https://xosoketqua.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Wed, 03 May 2023 02:40:33 GMT content-encoding br cf-cache-status DYNAMIC server cloudflare vary Accept-Encoding content-type application/javascript cache-control no-store, no-cache, must-revalidate, max-age=0 cf-ray 7c1523ceaa362bae-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET H2	204	i-noref.js Show response cm.mgid.com/ Frame 6F4B	0 34 B	230ms 229ms	Script text/plain	104.19.134.78 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cm.mgid.com/i-noref.js?cbuster=1683081633001308536794 Requested by Host: jsc.mgid.com URL: https://jsc.mgid.com/x/o/xosoketqua.com.1343895.es6.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.19.134.78 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language ka-GE,ka;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Wed, 03 May 2023 02:40:33 GMT cache-control no-store, no-cache, must-revalidate, max-age=0 cf-cache-status DYNAMIC server cloudflare cf-ray 7c1523ceaa382bae-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET H2	200	id5-api.js Show response cdn.id5-sync.com/api/1.0/	58 KB 17 KB	417ms 143ms	Script text/javascript	104.22.52.86 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.id5-sync.com/api/1.0/id5-api.js Requested by Host: jsc.mgid.com URL: https://jsc.mgid.com/x/o/xosoketqua.com.1343895.es6.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.22.52.86 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 0325b6c9e68ae3f6ec25f6817b4daef364bd99c2ff5f04588fd6f956bf983b97 Security Headers Name Value Strict-Transport-Security max-age=15552000; includeSubDomains; preload Request headers accept-language ka-GE,ka;q=0.9 Referer https://xosoketqua.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Wed, 03 May 2023 02:40:33 GMT strict-transport-security max-age=15552000; includeSubDomains; preload content-encoding gzip cf-cache-status HIT last-modified Thu, 06 Apr 2023 12:00:04 GMT server cloudflare x-amz-request-id B9574BVRG1ZSG4HV age 2361 etag W/"b58faeda0c1d193bc50dd25a7640d8ba" x-amz-server-side-encryption AES256 vary Accept-Encoding content-type text/javascript;charset=utf-8 cache-control public, max-age=3600 cf-ray 7c1523d05fb218b9-FRA x-amz-id-2 j5ARhHB85BlZgMnEqsC8+kh6KnF793iwhqx1Mde47N7jFrubuoTEiNak6sNAckEq+EEOR+ly0AgnSz14OHqLxg==
GET H2	200	pwt.js Show response ads.pubmatic.com/AdServer/js/pwt/161673/7165/	207 KB 63 KB	442ms 141ms	Script application/javascript	23.35.236.201 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://ads.pubmatic.com/AdServer/js/pwt/161673/7165/pwt.js Requested by Host: jsc.mgid.com URL: https://jsc.mgid.com/x/o/xosoketqua.com.1343895.es6.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a23-35-236-201.deploy.static.akamaitechnologies.com Software Apache / Resource Hash a9f959272120a8fe9fc940b8df6a07a9e6c79d9b72773d62878e82fcd1c51951 Request headers accept-language ka-GE,ka;q=0.9 Referer https://xosoketqua.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Wed, 03 May 2023 02:40:33 GMT content-encoding gzip last-modified Sat, 29 Apr 2023 00:55:21 GMT server Apache vary Accept-Encoding content-type application/javascript p3p CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC" cache-control max-age=132074 accept-ranges bytes content-length 63913 expires Thu, 04 May 2023 15:21:47 GMT
GET H2	200	cookie.js Show response partner.googleadservices.com/gampad/	395 B 601 B	420ms 138ms	Script text/javascript	142.250.185.226 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://partner.googleadservices.com/gampad/cookie.js?domain=xosoketqua.com&callback=_gfp_s_&client=ca-pub-5071155005901453 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202304270101/show_ads_impl_fy2021.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.185.226 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s53-in-f2.1e100.net Software cafe / Resource Hash 0e1fc625b4bfdfdd0cedb479e53093861d653c6dc7517f7d91761b48ef0a5b68 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language ka-GE,ka;q=0.9 Referer https://xosoketqua.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Wed, 03 May 2023 02:40:33 GMT content-encoding gzip x-content-type-options nosniff server cafe p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" content-type text/javascript; charset=UTF-8 cache-control private cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 250 x-xss-protection 0
GET H2	200	integrator.js Show response adservice.google.ge/adsid/	107 B 531 B	420ms 144ms	Script application/javascript	142.250.186.162 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://adservice.google.ge/adsid/integrator.js?domain=xosoketqua.com Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202304270101/show_ads_impl_fy2021.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.186.162 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s08-in-f2.1e100.net Software cafe / Resource Hash a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language ka-GE,ka;q=0.9 Referer https://xosoketqua.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Wed, 03 May 2023 02:40:33 GMT content-encoding gzip x-content-type-options nosniff server cafe content-type application/javascript; charset=UTF-8 p3p CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info." cache-control private, no-cache, no-store cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" timing-allow-origin * alt-svc h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 100 x-xss-protection 0
GET H2	200	integrator.js Show response adservice.google.com/adsid/	107 B 456 B	407ms 139ms	Script application/javascript	142.250.185.194 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://adservice.google.com/adsid/integrator.js?domain=xosoketqua.com Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202304270101/show_ads_impl_fy2021.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.185.194 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s52-in-f2.1e100.net Software cafe / Resource Hash a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language ka-GE,ka;q=0.9 Referer https://xosoketqua.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Wed, 03 May 2023 02:40:33 GMT content-encoding gzip x-content-type-options nosniff server cafe content-type application/javascript; charset=UTF-8 p3p CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info." cache-control private, no-cache, no-store cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 100 x-xss-protection 0
GET H2	200	ads Show response googleads.g.doubleclick.net/pagead/ Frame C2E9	157 KB 38 KB	362ms 362ms	Document text/html	142.250.186.162 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5071155005901453&output=html&adk=1812271804&adf=3025194257&lmt=1683081621&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=212x945_l%7C212x945_r&format=0x0&url=https%3A%2F%2Fxosoketqua.com%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1683081632489&bpp=4&bdt=11186&idt=703&shv=r20230501&mjsv=m202304270101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=5431072917210&frm=20&pv=2&ga_vid=485804504.1683081633&ga_sid=1683081633&ga_hid=1131522255&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759875%2C44759926%2C44773809%2C31071756%2C31074176%2C44785293%2C44788441%2C44789761%2C44789925%2C21065724&oid=2&pvsid=4325101065922985&tmod=202224203&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=730 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202304270101/show_ads_impl_fy2021.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.186.162 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s08-in-f2.1e100.net Software cafe / Resource Hash 7712c2f1ee966d5213a42b4ef543f5b2b34f78fb850736d32d30e4981e6e2e13 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://xosoketqua.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 accept-language ka-GE,ka;q=0.9 Response headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control private content-encoding br content-length 39134 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Wed, 03 May 2023 02:40:33 GMT expires Wed, 03 May 2023 02:40:33 GMT p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" server cafe timing-allow-origin * x-content-type-options nosniff x-xss-protection 0
GET H2	200	ads Show response googleads.g.doubleclick.net/pagead/ Frame 0E0E	436 B 412 B	284ms 284ms	Document text/html	142.250.186.162 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5071155005901453&output=html&h=100&slotname=1553820594&adk=1542220757&adf=1426257581&pi=t.ma~as.1553820594&w=848&fwrn=4&fwrnh=100&lmt=1683081621&rafmt=12&format=848x100&url=https%3A%2F%2Fxosoketqua.com%2F&fwr=0&fwrattr=true&rh=100&rw=848&sfro=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1683081632493&bpp=2&bdt=11189&idt=731&shv=r20230501&mjsv=m202304270101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=5431072917210&frm=20&pv=1&ga_vid=485804504.1683081633&ga_sid=1683081633&ga_hid=1131522255&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=523&ady=10&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759875%2C44759926%2C44773809%2C31071756%2C31074176%2C44785293%2C44788441%2C44789761%2C44789925%2C21065724&oid=2&pvsid=4325101065922985&tmod=202224203&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CloEe%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=43H1p6Vyqd&p=https%3A//xosoketqua.com&dtd=735 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202304270101/show_ads_impl_fy2021.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.186.162 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s08-in-f2.1e100.net Software cafe / Resource Hash 777e233d50e9f51618c87aa40b54f98d8205fc160490c1a0befae5788e79157e Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://xosoketqua.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 accept-language ka-GE,ka;q=0.9 Response headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control private content-encoding br content-length 213 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Wed, 03 May 2023 02:40:33 GMT expires Wed, 03 May 2023 02:40:33 GMT p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" server cafe timing-allow-origin * x-content-type-options nosniff x-xss-protection 0
GET H2	200	usync.html Show response eus.rubiconproject.com/ Frame F12D Redirect Chain https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=mgid&endpoint=us-west&gdpr=0&gdpr_consent=&us_privacy= https://eus.rubiconproject.com/usync.html?p=mgid&endpoint=us-west&gdpr=0&gdpr_consent=&us_privacy=	281 B 410 B	141ms 133ms	Document text/html	23.56.202.187 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://eus.rubiconproject.com/usync.html?p=mgid&endpoint=us-west&gdpr=0&gdpr_consent=&us_privacy= Requested by Host: cm.mgid.com URL: https://cm.mgid.com/i.js?&cbuster=1683081632994427210690 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 23.56.202.187 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a23-56-202-187.deploy.static.akamaitechnologies.com Software Apache/2.2.15 (CentOS) / Resource Hash 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390 Request headers Referer https://xosoketqua.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 accept-language ka-GE,ka;q=0.9 Response headers accept-ranges bytes content-encoding gzip content-length 233 content-type text/html; charset=UTF-8 date Wed, 03 May 2023 02:40:33 GMT etag "40010-119-5ec73a0a33d00" last-modified Wed, 02 Nov 2022 02:30:44 GMT server Apache/2.2.15 (CentOS) vary Accept-Encoding Redirect headers access-control-allow-credentials true access-control-allow-origin * content-length 0 date Wed, 03 May 2023 02:40:33 GMT location https://eus.rubiconproject.com/usync.html?p=mgid&endpoint=us-west&gdpr=0&gdpr_consent=&us_privacy= server AkamaiGHost
GET H3	200	m cm.mgid.com/ Redirect Chain https://image8.pubmatic.com/AdServer/ImgSync?p=161673&gdpr=0&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D161673%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fcm.m... https://image8.pubmatic.com/AdServer/ImgSync?p=161673&gdpr=0&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D161673%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fcm.m... https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=OEEyRUM5RDctNzkyRC00NTFCLUE0QzktOTE1QTYxRkUwQTZC&gdpr=0&gdpr_consent= https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent= https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent= https://image4.pubmatic.com/AdServer/SPug?gdpr=0&partnerID=161673&pmc=1&pr=https%3A%2F%2Fcm.mgid.com%2Fm%3Fcdsp%3D712807%26c%3D8A2EC9D7-792D-451B-A4C9-915A61FE0A6B https://cm.mgid.com/m?cdsp=712807&c=8A2EC9D7-792D-451B-A4C9-915A61FE0A6B	43 B 413 B	225ms 224ms	Image image/gif	104.19.134.78 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://cm.mgid.com/m?cdsp=712807&c=8A2EC9D7-792D-451B-A4C9-915A61FE0A6B Protocol H3 Server 104.19.134.78 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22 Request headers accept-language ka-GE,ka;q=0.9 Referer https://xosoketqua.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Wed, 03 May 2023 02:40:35 GMT cf-cache-status DYNAMIC server cloudflare content-type image/gif cache-control no-store, no-cache, must-revalidate, max-age=0 cf-ray 7c1523daeb66913c-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 43 Redirect headers location https://cm.mgid.com/m?cdsp=712807&c=8A2EC9D7-792D-451B-A4C9-915A61FE0A6B date Wed, 03 May 2023 02:40:33 GMT cache-control no-store, no-cache, private server nginx p3p CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
GET H2	200	check pixel.tapad.com/idsync/ex/receive/ Redirect Chain https://pixel.tapad.com/idsync/ex/receive?partner_id=3411&partner_device_id=n42wZNd_GwEj https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3411&partner_device_id=n42wZNd_GwEj	95 B 436 B	147ms 146ms	Image image/png	34.111.113.62 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Show image Full URL https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3411&partner_device_id=n42wZNd_GwEj Protocol H2 Server 34.111.113.62 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 62.113.111.34.bc.googleusercontent.com Software / Resource Hash 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers accept-language ka-GE,ka;q=0.9 Referer https://xosoketqua.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Wed, 03 May 2023 02:40:33 GMT strict-transport-security max-age=31536000 via 1.1 google accept-ch Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64 content-type image/png access-control-allow-origin * p3p policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 95 Redirect headers date Wed, 03 May 2023 02:40:33 GMT strict-transport-security max-age=31536000 via 1.1 google accept-ch Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64 p3p policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" access-control-allow-origin * location https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3411&partner_device_id=n42wZNd_GwEj alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0
GET H2	200	mgid cm.rtbsystem.com/	0 666 B	421ms 147ms	Image text/plain	188.114.97.3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://cm.rtbsystem.com/mgid?c=n42wZNd_GwEj&gdpr=0&gdpr_consent=&us_privacy= Protocol H2 Security TLS 1.3, , AES_128_GCM Server 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language ka-GE,ka;q=0.9 Referer https://xosoketqua.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Wed, 03 May 2023 02:40:33 GMT content-encoding br cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GVx08%2BKEdHhZTHN1sf3wPxIeB0WlXJykboUV8SsqgTUkAiiU01wzMXlFYPs51OvSpmo3sn9yM%2BqK%2BrjID4%2BigagBZLsStpJiDePw1o8vF3BxDsCf0w17D6%2B14gOCJVfwzV1x"}],"group":"cf-nel","max_age":604800} content-type text/plain cf-ray 7c1523d1c868690d-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET H3	200	m cm.mgid.com/ Redirect Chain https://match.adsrvr.org/track/cmf/generic?ttd_pid=omn67hl&ttd_tpi=1 https://match.adsrvr.org/track/cmb/generic?ttd_pid=omn67hl&ttd_tpi=1 https://cm.mgid.com/m?cdsp=371158&c=b18a4556-6f30-4db9-9e17-a4131a2c02c8&ttl=1685673633	43 B 382 B	226ms 226ms	Image image/gif	104.19.134.78 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://cm.mgid.com/m?cdsp=371158&c=b18a4556-6f30-4db9-9e17-a4131a2c02c8&ttl=1685673633 Protocol H3 Server 104.19.134.78 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22 Request headers accept-language ka-GE,ka;q=0.9 Referer https://xosoketqua.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Wed, 03 May 2023 02:40:34 GMT cf-cache-status DYNAMIC server cloudflare content-type image/gif cache-control no-store, no-cache, must-revalidate, max-age=0 cf-ray 7c1523d47ea6913c-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 43 Redirect headers pragma no-cache date Wed, 03 May 2023 02:40:33 GMT x-aspnet-version 4.0.30319 p3p CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV" location https://cm.mgid.com/m?cdsp=371158&c=b18a4556-6f30-4db9-9e17-a4131a2c02c8&ttl=1685673633 content-type text/html cache-control private,no-cache, must-revalidate content-length 205
GET H3	200	google cm.mgid.com/ Redirect Chain https://cm.g.doubleclick.net/pixel?google_nid=marketgid&google_cm=&google_ula={guid}&google_hm=bjQyd1pOZF9Hd0Vq&muidn=n42wZNd_GwEj https://cm.g.doubleclick.net/pixel?google_nid=marketgid&google_cm=&google_ula={guid}&google_hm=bjQyd1pOZF9Hd0Vq&muidn=n42wZNd_GwEj&google_tc= https://cm.mgid.com/google?muidn=n42wZNd_GwEj&google_ula={guid},5&google_gid=CAESECUWP4Qk6GFT32zG60r4cy4&google_cver=1	0 121 B	224ms 223ms	Image text/plain	104.19.134.78 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://cm.mgid.com/google?muidn=n42wZNd_GwEj&google_ula={guid},5&google_gid=CAESECUWP4Qk6GFT32zG60r4cy4&google_cver=1 Protocol H3 Server 104.19.134.78 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language ka-GE,ka;q=0.9 Referer https://xosoketqua.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Wed, 03 May 2023 02:40:34 GMT cf-cache-status DYNAMIC server cloudflare cf-ray 7c1523d48eb8913c-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 0 content-type text/plain Redirect headers pragma no-cache date Wed, 03 May 2023 02:40:33 GMT server HTTP server (unknown) content-type text/html; charset=UTF-8 location https://cm.mgid.com/google?muidn=n42wZNd_GwEj&google_ula={guid},5&google_gid=CAESECUWP4Qk6GFT32zG60r4cy4&google_cver=1 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 327 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	m cm.mgid.com/ Redirect Chain https://ad.360yield.com/server_match?partner_id=1944&r=https%3A%2F%2Fcm.mgid.com%2Fm%3Fcdsp%3D665953%26c%3D%7BPUB_USER_ID%7D https://ad.360yield.com/ul_cb/server_match?partner_id=1944&r=https%3A%2F%2Fcm.mgid.com%2Fm%3Fcdsp%3D665953%26c%3D%7BPUB_USER_ID%7D https://cm.mgid.com/m?cdsp=665953&c=04ae4514-1461-466a-830e-a85f61b0ab72	43 B 382 B	223ms 223ms	Image image/gif	104.19.134.78 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://cm.mgid.com/m?cdsp=665953&c=04ae4514-1461-466a-830e-a85f61b0ab72 Protocol H3 Server 104.19.134.78 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22 Request headers accept-language ka-GE,ka;q=0.9 Referer https://xosoketqua.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Wed, 03 May 2023 02:40:34 GMT cf-cache-status DYNAMIC server cloudflare content-type image/gif cache-control no-store, no-cache, must-revalidate, max-age=0 cf-ray 7c1523d58fd8913c-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 43 Redirect headers location https://cm.mgid.com/m?cdsp=665953&c=04ae4514-1461-466a-830e-a85f61b0ab72 access-control-allow-origin * date Wed, 03 May 2023 02:40:34 GMT content-type text/plain content-length 0 p3p CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
GET H/1.1	200 OK	match s.pubmine.com/ul_cb/ Redirect Chain https://x.bidswitch.net/sync?dsp_id=303&user_id=n42wZNd_GwEj&gdpr=0&gdpr_consent=&us_privacy= https://x.bidswitch.net/ul_cb/sync?dsp_id=303&user_id=n42wZNd_GwEj&gdpr=0&gdpr_consent=&us_privacy= https://s.pubmine.com/match?bidder_id=1&external_user_id=ccda0fcd-ed37-4d5b-b377-abcc0f5afb37&ssp_data=&gdpr=0&gdpr_consent= https://s.pubmine.com/ul_cb/match?bidder_id=1&external_user_id=ccda0fcd-ed37-4d5b-b377-abcc0f5afb37&ssp_data=&gdpr=0&gdpr_consent=	43 B 652 B	155ms 154ms	Image image/gif	34.249.45.164 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://s.pubmine.com/ul_cb/match?bidder_id=1&external_user_id=ccda0fcd-ed37-4d5b-b377-abcc0f5afb37&ssp_data=&gdpr=0&gdpr_consent= Protocol HTTP/1.1 Server 34.249.45.164 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-34-249-45-164.eu-west-1.compute.amazonaws.com Software nginx / Resource Hash 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87 Request headers accept-language ka-GE,ka;q=0.9 Referer https://xosoketqua.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Wed, 03 May 2023 02:40:35 GMT Cache-Control no-cache, no-store, must-revalidate Content-Encoding gzip Server nginx Connection keep-alive Transfer-Encoding chunked Content-Type image/gif Redirect headers Location https://s.pubmine.com/ul_cb/match?bidder_id=1&external_user_id=ccda0fcd-ed37-4d5b-b377-abcc0f5afb37&ssp_data=&gdpr=0&gdpr_consent= Date Wed, 03 May 2023 02:40:35 GMT Cache-Control no-cache, no-store, must-revalidate Server nginx Connection keep-alive Content-Length 0
GET H2	200	/ cm.idealmedia.io/setmuidn/	0 143 B	720ms 150ms	Image image/gif	104.17.107.41 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://cm.idealmedia.io/setmuidn/?muidf=n42wZNd_GwEj Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.17.107.41 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language ka-GE,ka;q=0.9 Referer https://xosoketqua.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Wed, 03 May 2023 02:40:34 GMT cf-cache-status DYNAMIC server cloudflare cf-ray 7c1523d5fe8630f6-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 0 content-type image/gif
GET H3	200	m cm.mgid.com/ Redirect Chain https://creativecdn.com/cm-notify?pi=mgid https://creativecdn.com/cm-notify?pi=mgid&tc=1 https://cm.mgid.com/m?cdsp=501037&c=RniooogkXwJ6kCQZs9E2&pi=mgid&tc=1	43 B 398 B	221ms 221ms	Image image/gif	104.19.134.78 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://cm.mgid.com/m?cdsp=501037&c=RniooogkXwJ6kCQZs9E2&pi=mgid&tc=1 Protocol H3 Server 104.19.134.78 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22 Request headers accept-language ka-GE,ka;q=0.9 Referer https://xosoketqua.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Wed, 03 May 2023 02:40:34 GMT cf-cache-status DYNAMIC server cloudflare content-type image/gif cache-control no-store, no-cache, must-revalidate, max-age=0 cf-ray 7c1523d7b92a913c-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 43 Redirect headers location https://cm.mgid.com/m?cdsp=501037&c=RniooogkXwJ6kCQZs9E2&pi=mgid&tc=1 pragma no-cache date Wed, 03 May 2023 02:40:34 GMT, Wed, 03 May 2023 02:40:34 GMT cache-control no-cache, no-store, must-revalidate, private, max-age=0 content-length 0 expires Thu, 01 Jan 1970 00:00:00 GMT
GET H2	200	p-zLwwakwy-hZw3.gif cms.quantserve.com/pixel/ Redirect Chain https://x.bidswitch.net/sync?ssp=mgid https://x.bidswitch.net/ul_cb/sync?ssp=mgid https://cms.quantserve.com/pixel/p-zLwwakwy-hZw3.gif?idmatch=0&ssp=mgid&gdpr=&gdpr_consent=	35 B 372 B	418ms 133ms	Image image/gif	91.228.74.244 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://cms.quantserve.com/pixel/p-zLwwakwy-hZw3.gif?idmatch=0&ssp=mgid&gdpr=&gdpr_consent= Protocol H2 Server 91.228.74.244 , United Kingdom, ASN16509 (AMAZON-02, US), Reverse DNS Software / Resource Hash a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8 Security Headers Name Value Strict-Transport-Security max-age=86400 Request headers accept-language ka-GE,ka;q=0.9 Referer https://xosoketqua.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Wed, 03 May 2023 02:40:34 GMT strict-transport-security max-age=86400 p3p CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV" content-type image/gif cache-control private, no-cache, no-store, proxy-revalidate content-length 35 expires Fri, 04 Aug 1978 12:00:00 GMT Redirect headers location //cms.quantserve.com/pixel/p-zLwwakwy-hZw3.gif?idmatch=0&ssp=mgid&gdpr=&gdpr_consent= date Wed, 03 May 2023 02:40:34 GMT cache-control no-cache, no-store, must-revalidate content-length 0
GET H2	200	ImgSync image8.pubmatic.com/AdServer/ Redirect Chain https://prebid.a-mo.net/cchain/0?gdpr=0&gdpr_consent=&us_privacy=&cb=https%3A//cm.mgid.com/m%3Fcdsp%3D779131%26c%3D https://ssum.casalemedia.com/usermatchredir?s=191503&gdpr=1&gdpr_consent=&us_privacy=&cb=https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F1%2F541%3Fgdpr%3D0%26gdpr_consent%3D%26us_privacy%3D%26A%3De31c0eed... https://ssum.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F1%2F541%3Fgdpr%3D0%26gdpr_consent%3D%26us_privacy%3D%26A%3De31c0eed-debd-4bd5-9413-2c1674356d05%26bidder%3Din... https://prebid.a-mo.net/cchain/1/541?gdpr=0&gdpr_consent=&us_privacy=&A=e31c0eed-debd-4bd5-9413-2c1674356d05&bidder=index_rtb&cbx=aHR0cHM6Ly9jbS5tZ2lkLmNvbS9tP2Nkc3A9Nzc5MTMxJmM9&uid=ZFHJotEelKBIdJ... https://image8.pubmatic.com/AdServer/ImgSync?p=158355&gdpr=1&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D158355%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fprebid.a-mo....	0 39 B	142ms 141ms	Image text/plain	185.64.190.79 AS-PUBMATIC
General Check archive.org Show headers Download Go to Show image Full URL https://image8.pubmatic.com/AdServer/ImgSync?p=158355&gdpr=1&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D158355%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fprebid.a-mo.net%252Fcchain%252F2%252F541%253Fgdpr%253D0%2526gdpr_consent%253D%2526us_privacy%253D%2526A%253De31c0eed-debd-4bd5-9413-2c1674356d05%2526bidder%253Dpubmatic%2526cbx%253DaHR0cHM6Ly9jbS5tZ2lkLmNvbS9tP2Nkc3A9Nzc5MTMxJmM9%2526uid%253D%2523PMUID Protocol H2 Server 185.64.190.79 , United Kingdom, ASN62713 (AS-PUBMATIC, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language ka-GE,ka;q=0.9 Referer https://xosoketqua.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Wed, 03 May 2023 02:40:34 GMT content-length 0 Redirect headers location https://image8.pubmatic.com/AdServer/ImgSync?p=158355&gdpr=1&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D158355%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fprebid.a-mo.net%252Fcchain%252F2%252F541%253Fgdpr%253D0%2526gdpr_consent%253D%2526us_privacy%253D%2526A%253De31c0eed-debd-4bd5-9413-2c1674356d05%2526bidder%253Dpubmatic%2526cbx%253DaHR0cHM6Ly9jbS5tZ2lkLmNvbS9tP2Nkc3A9Nzc5MTMxJmM9%2526uid%253D%2523PMUID date Wed, 03 May 2023 02:40:34 GMT cache-control max-age=0, private, must-revalidate x-envoy-upstream-service-time 1 server envoy content-length 0
GET H/1.1	200 OK	sync.php pixel.rubiconproject.com/exchange/ Redirect Chain https://sync.e-volution.ai/34b9aae5baa016b251b9fc488f4a97cd.gif?puid=n42wZNd_GwEj&gdpr=0&gdpr_consent=&ccpa_consent= https://ssbsync.smartadserver.com/api/sync?callerId=24&gdpr=0&gdpr_consent=&us_privacy= https://sync.e-volution.ai/a02d62607dea0c97e41ff36ebd422945.gif?puid=8029469247543697508&gdpr=0&gdpr_consent= https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-pashadv&gdpr=0&gdpr_consent=&us_privacy=	42 B 688 B	498ms 131ms	Image image/gif	69.173.144.139 RUBICONPROJECT
General Check archive.org Show headers Download Go to Show image Full URL https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-pashadv&gdpr=0&gdpr_consent=&us_privacy= Protocol HTTP/1.1 Server 69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US), Reverse DNS Software / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Request headers accept-language ka-GE,ka;q=0.9 Referer https://xosoketqua.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Content-Type image/gif Pragma no-cache Expires 0 Cache-Control no-cache,no-store,must-revalidate content-length 42 X-RPHost 3bafef7aa4e37890defcd73f0a080481 P3P CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT" Redirect headers Pragma no-cache Date Wed, 03 May 2023 02:40:34 GMT Server nginx Transfer-Encoding chunked Location https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-pashadv&gdpr=0&gdpr_consent=&us_privacy= Cache-Control no-cache, no-store, must-revalidate Connection keep-alive Expires 0
GET H/1.1	200	v1 Show response lb.eu-1-id5-sync.com/lb/	33 B 401 B	420ms 137ms	XHR application/json	162.19.138.117 OVH
General Check archive.org Show headers Download Go to Full URL https://lb.eu-1-id5-sync.com/lb/v1 Requested by Host: cdn.id5-sync.com URL: https://cdn.id5-sync.com/api/1.0/id5-api.js Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 162.19.138.117 , France, ASN16276 (OVH, FR), Reverse DNS ns31533568.ip-162-19-138.eu Software / Resource Hash d376d7968c4fdd2e13039e62fe585a36b92cd269b9010b0102c4fc51f22f588d Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubDomains; preload Request headers Referer https://xosoketqua.com/ accept-language ka-GE,ka;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Content-Type text/plain Response headers access-control-allow-origin https://xosoketqua.com date Wed, 03 May 2023 02:40:32 GMT strict-transport-security max-age=63072000; includeSubDomains; preload vary Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin transfer-encoding chunked content-type application/json;charset=UTF-8
GET H3	200	reactive_library_fy2021.js Show response pagead2.googlesyndication.com/pagead/managed/js/adsense/m202304270101/	151 KB 51 KB	165ms 164ms	Script text/javascript	172.217.18.2 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202304270101/reactive_library_fy2021.js Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202304270101/show_ads_impl_fy2021.js Protocol H3 Security QUIC, , AES_128_GCM Server 172.217.18.2 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra02s19-in-f2.1e100.net Software cafe / Resource Hash 74fea0d84408b8939039e1b2e766c53a962bbd67fbf881fff29babe3c72a16b1 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language ka-GE,ka;q=0.9 Referer https://xosoketqua.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Wed, 03 May 2023 02:40:33 GMT content-encoding br x-content-type-options nosniff p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 52290 x-xss-protection 0 server cafe etag 17924897606442865023 vary Accept-Encoding content-type text/javascript; charset=UTF-8 cache-control private, max-age=1209600 timing-allow-origin * expires Wed, 03 May 2023 02:40:33 GMT
GET H2	200	usync.js Show response eus.rubiconproject.com/ Frame F12D	34 KB 10 KB	132ms 132ms	Script text/html	23.56.202.187 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://eus.rubiconproject.com/usync.js Requested by Host: eus.rubiconproject.com URL: https://eus.rubiconproject.com/usync.html?p=mgid&endpoint=us-west&gdpr=0&gdpr_consent=&us_privacy= Protocol H2 Security TLS 1.3, , AES_256_GCM Server 23.56.202.187 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a23-56-202-187.deploy.static.akamaitechnologies.com Software Apache/2.2.15 (CentOS) / PHP/5.3.3 Resource Hash 0e2d482993dd399983889ab51ce7738600995549dd5bdad5694d9f289feee4d1 Request headers accept-language ka-GE,ka;q=0.9 Referer https://eus.rubiconproject.com/usync.html?p=mgid&endpoint=us-west&gdpr=0&gdpr_consent=&us_privacy= User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Wed, 03 May 2023 02:40:33 GMT content-encoding gzip last-modified Tue, 02 May 2023 05:20:10 GMT server Apache/2.2.15 (CentOS) x-powered-by PHP/5.3.3 vary Accept-Encoding content-type text/html; charset=UTF-8 p3p CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT" cache-control max-age=9534 content-length 10017 expires Wed, 03 May 2023 05:19:27 GMT
POST H/1.1	200	231.json Show response id5-sync.com/g/v2/	573 B 1 KB	407ms 136ms	XHR application/json	162.19.138.119 OVH
General Check archive.org Show headers Download Go to Full URL https://id5-sync.com/g/v2/231.json Requested by Host: cdn.id5-sync.com URL: https://cdn.id5-sync.com/api/1.0/id5-api.js Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 162.19.138.119 , France, ASN16276 (OVH, FR), Reverse DNS ns31533570.ip-162-19-138.eu Software / Resource Hash d9ae68163ffe9efe5ad23b7e2d3bdb0dc7c727a5db98a7508027bb23935465f8 Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubDomains; preload Request headers Referer https://xosoketqua.com/ accept-language ka-GE,ka;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Content-Type text/plain Response headers date Wed, 03 May 2023 02:40:34 GMT strict-transport-security max-age=63072000; includeSubDomains; preload vary Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin transfer-encoding chunked content-type application/json;charset=UTF-8 access-control-allow-origin https://xosoketqua.com p3p CP="CAO PSA OUR" access-control-allow-credentials true
GET H/1.1	200 OK	khaos.jpg token.rubiconproject.com/ Frame F12D	284 B 931 B	541ms 130ms	Image image/jpg	69.173.144.165 RUBICONPROJECT
General Check archive.org Show headers Download Go to Show image Full URL https://token.rubiconproject.com/khaos.jpg?gdpr=0 Requested by Host: eus.rubiconproject.com URL: https://eus.rubiconproject.com/usync.html?p=mgid&endpoint=us-west&gdpr=0&gdpr_consent=&us_privacy= Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_CBC Server 69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US), Reverse DNS Software / Resource Hash 492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032 Request headers accept-language ka-GE,ka;q=0.9 Referer https://eus.rubiconproject.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Content-Type image/jpg Pragma no-cache Expires 0 Cache-Control no-cache,no-store,must-revalidate content-length 284 X-RPHost a66cbf3142c6ef39e3614b84a34262cf P3P CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
GET H3	200	ic_keno.png xosoketqua.com/xskt/img/	970 B 1 KB	138ms 138ms	Image image/webp	104.26.3.210 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://xosoketqua.com/xskt/img/ic_keno.png Protocol H3 Security QUIC, , AES_128_GCM Server 104.26.3.210 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 461b7a027b306b8f8f7feebe6f009d08942f52101d3525fe297a9ffe12e6c921 Request headers accept-language ka-GE,ka;q=0.9 Referer https://xosoketqua.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Wed, 03 May 2023 02:40:34 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 2582 cf-polished origFmt=png, origSize=3454 content-disposition inline; filename="ic_keno.webp" alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 970 cf-bgj imgq:85,h2pri last-modified Tue, 02 May 2023 10:41:16 GMT server cloudflare vary Accept report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=I9osYPKQOer%2B9DFEx0RzHiSYjno2XinFcy4kWUPbxP8nOLHxl8SD87htiYO0z47GCIauKAidAJqZl%2BpsZlp0%2BqtD%2BVOoY5IqGpSii7TQnxopbiv3F00msetkMQXxxyIg"}],"group":"cf-nel","max_age":604800} content-type image/webp cache-control max-age=90000 accept-ranges bytes cf-ray 7c1523d4dc44383e-FRA
GET H3	200	c c.mgid.com/	43 B 213 B	148ms 148ms	Image image/gif	104.19.134.78 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://c.mgid.com/c?f=1&pv=3&v=271|228|8|MJDKij14La__NiDrHiMbgOw00-W2hD43pENeNQ1CSBTUEE-X1XdRNjlVClPFu6muPvQ8M9Uvqx4yJVrzMpCGRA**&fw=1&extjs=66044&cid=1343895&h2=yytmDzVZgHM2-m_12ag04mnQVZL_OmD27MYKAHbixEA*&rid=e011b6f2-e95b-11ed-bd9f-e43d1a2a53a2&tt=Direct&iv=11&pageImp=1&pvid=187df7b9bd8ad9d33c3&muid=n42wZNd_GwEj&cbuster=1683081634013211577244 Protocol H3 Security QUIC, , AES_128_GCM Server 104.19.134.78 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22 Request headers accept-language ka-GE,ka;q=0.9 Referer https://xosoketqua.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Wed, 03 May 2023 02:40:34 GMT cf-cache-status DYNAMIC x-mg-request-uuid 6b2b2015-d211-4928-af93-34a439fc31f0 server cloudflare content-type image/gif cf-ray 7c1523d4ff2a913c-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 43
GET H2	200	sodar Show response pagead2.googlesyndication.com/getconfig/	15 KB 11 KB	165ms 164ms	XHR application/json	172.217.18.2 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230501&st=env Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202304270101/show_ads_impl_fy2021.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.217.18.2 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra02s19-in-f2.1e100.net Software cafe / Resource Hash 32487e5e67db1cbdcc21669e23a07e826c980e65613b64b2b0e5126f75f17d21 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language ka-GE,ka;q=0.9 Referer https://xosoketqua.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Wed, 03 May 2023 02:40:34 GMT content-encoding br x-content-type-options nosniff server cafe content-type application/json; charset=UTF-8 access-control-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 11208 x-xss-protection 0
GET H3	200	photo-camera.png xosoketqua.com/images/	250 B 748 B	138ms 138ms	Image image/png	104.26.3.210 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://xosoketqua.com/images/photo-camera.png Protocol H3 Security QUIC, , AES_128_GCM Server 104.26.3.210 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash bdcdc6490a46826a73d7b3d9c74d3e59b9b21c6f7cc037a3f95682a706efcad0 Request headers accept-language ka-GE,ka;q=0.9 Referer https://xosoketqua.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Wed, 03 May 2023 02:40:34 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 2580 cf-polished status=format_not_supported alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 250 cf-bgj imgq:85,h2pri last-modified Tue, 02 May 2023 10:39:36 GMT server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kNbBfVZCPMQ2FRLMN6LJ6olnU7XC5NIvHncKNmKMkDDDOPzKgWunm6aS9zYSNZD8AyoHxLC5VJzZdLzxaoCG%2BTaRAQ2SCtIHvj8iViZMJZ9CH%2BGmo6OlhoW9DQFHJox4"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control max-age=90000 accept-ranges bytes cf-ray 7c1523d51c60383e-FRA
GET H3	200	hot.gif xosoketqua.com/images/	181 B 680 B	136ms 136ms	Image image/gif	104.26.3.210 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://xosoketqua.com/images/hot.gif Protocol H3 Security QUIC, , AES_128_GCM Server 104.26.3.210 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash ede1a14f2800eeb40e5370aef684dce98eff7eee4e6c75fb9b3c4c773351a8b2 Request headers accept-language ka-GE,ka;q=0.9 Referer https://xosoketqua.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Wed, 03 May 2023 02:40:34 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 2580 cf-polished origSize=197, status=webp_bigger alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 181 cf-bgj imgq:85,h2pri last-modified Tue, 02 May 2023 10:39:32 GMT server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BD1dt3WcJec6hX1cLAGjKNbZUfuMQS1HI4TX5zdNyPB9eWoeVUCNgWAyKD2uOb5le2kOtJmmWKmikn%2FZd24wohAXdNAVzJOeWXrUf66RmnI4pSVseP%2F6LJtodHYjHEjZ"}],"group":"cf-nel","max_age":604800} content-type image/gif cache-control max-age=90000 accept-ranges bytes cf-ray 7c1523d51c61383e-FRA
GET H2	200	integrator.js Show response adservice.google.ge/adsid/	107 B 165 B	144ms 143ms	Script application/javascript	142.250.186.162 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://adservice.google.ge/adsid/integrator.js?domain=xosoketqua.com Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202304270101/show_ads_impl_fy2021.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.186.162 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s08-in-f2.1e100.net Software cafe / Resource Hash a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language ka-GE,ka;q=0.9 Referer https://xosoketqua.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Wed, 03 May 2023 02:40:34 GMT content-encoding gzip x-content-type-options nosniff server cafe content-type application/javascript; charset=UTF-8 p3p CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info." cache-control private, no-cache, no-store cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" timing-allow-origin * alt-svc h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 100 x-xss-protection 0
GET H2	200	integrator.js Show response adservice.google.com/adsid/	107 B 165 B	139ms 138ms	Script application/javascript	142.250.185.194 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://adservice.google.com/adsid/integrator.js?domain=xosoketqua.com Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202304270101/show_ads_impl_fy2021.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.185.194 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s52-in-f2.1e100.net Software cafe / Resource Hash a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language ka-GE,ka;q=0.9 Referer https://xosoketqua.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Wed, 03 May 2023 02:40:34 GMT content-encoding gzip x-content-type-options nosniff server cafe content-type application/javascript; charset=UTF-8 p3p CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info." cache-control private, no-cache, no-store cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 100 x-xss-protection 0
GET H3	200	zrt_lookup.html Show response googleads.g.doubleclick.net/pagead/html/r20230501/r20110914/ Frame 828E	10 KB 4 KB	134ms 134ms	Document text/html	142.250.186.162 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/html/r20230501/r20110914/zrt_lookup.html?fsb=1 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202304270101/show_ads_impl_fy2021.js Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.186.162 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s08-in-f2.1e100.net Software cafe / Resource Hash eb7a209e3af2f5e7045a326f81414b39f02551eb158e859c190a7a84db7c4d5d Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://xosoketqua.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 accept-language ka-GE,ka;q=0.9 Response headers age 29804 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control public, max-age=1209600 content-encoding br content-length 4540 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Tue, 02 May 2023 18:23:50 GMT etag 15057649708203361565 expires Tue, 16 May 2023 18:23:50 GMT p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" server cafe timing-allow-origin * vary Accept-Encoding x-content-type-options nosniff x-xss-protection 0
GET H3	200	tinhwaiting.gif xosoketqua.com/xskt/img/	4 KB 5 KB	139ms 139ms	Image image/webp	104.26.3.210 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://xosoketqua.com/xskt/img/tinhwaiting.gif Protocol H3 Security QUIC, , AES_128_GCM Server 104.26.3.210 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash c62e745470fae8a17a2241b5305f55ec2876b67b66de977faf03c9d65b6e54c6 Request headers accept-language ka-GE,ka;q=0.9 Referer https://xosoketqua.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Wed, 03 May 2023 02:40:34 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 2587 cf-polished origFmt=gif, origSize=4559 content-disposition inline; filename="tinhwaiting.webp" alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 4138 cf-bgj imgq:85,h2pri last-modified Tue, 02 May 2023 10:40:24 GMT server cloudflare vary Accept report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LDZFH8wg%2BazL0Btw1H3ZNx9Y8HQblhIoOGDQxAk5uQxx%2BYYMEYcg4vnuBZbGRCyVTaeMRAGzf1DjO4yOI1KUJvYdsNqkb7pNn0OrXYq0entVEmWLw%2BYI7%2BLLGLjF%2B2BV"}],"group":"cf-nel","max_age":604800} content-type image/webp cache-control max-age=90000 accept-ranges bytes cf-ray 7c1523d52c70383e-FRA
POST H3	204	rum Show response xosoketqua.com/cdn-cgi/	0 140 B	170ms 130ms	XHR text/plain	104.26.3.210 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://xosoketqua.com/cdn-cgi/rum? Requested by Host: static.cloudflareinsights.com URL: https://static.cloudflareinsights.com/beacon.min.js/v52afc6f149f6479b8c77fa569edb01181681764108816 Protocol H3 Security QUIC, , AES_128_GCM Server 104.26.3.210 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options DENY Request headers Referer https://xosoketqua.com/ accept-language ka-GE,ka;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 content-type application/json Response headers date Wed, 03 May 2023 02:40:34 GMT x-content-type-options nosniff server cloudflare vary Origin access-control-max-age 86400 access-control-allow-methods POST,OPTIONS access-control-allow-origin https://xosoketqua.com x-frame-options DENY access-control-allow-credentials true cf-ray 7c1523d53c74383e-FRA
POST H3	200	vz c.mgid.com/	0 120 B	145ms 144ms	Ping text/plain	104.19.134.78 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://c.mgid.com/vz Requested by Host: jsc.mgid.com URL: https://jsc.mgid.com/x/o/xosoketqua.com.1343895.es6.js Protocol H3 Security QUIC, , AES_128_GCM Server 104.19.134.78 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://xosoketqua.com/ accept-language ka-GE,ka;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Content-Type text/plain Response headers date Wed, 03 May 2023 02:40:34 GMT cf-cache-status DYNAMIC server cloudflare cf-ray 7c1523d53f9d913c-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 0
GET H3	200	OneSignalSDKStyles.css onesignal.com/sdks/	82 KB 9 KB	139ms 138ms	Stylesheet text/css	104.18.214.59 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://onesignal.com/sdks/OneSignalSDKStyles.css?v=2 Requested by Host: cdn.onesignal.com URL: https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151601 Protocol H3 Security QUIC, , AES_128_GCM Server 104.18.214.59 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash db7e0b393e175f19922fefbdcaa2866fca209c521d01cc834ae06cbf8d0f91b7 Security Headers Name Value Strict-Transport-Security max-age=15552000; includeSubDomains Request headers accept-language ka-GE,ka;q=0.9 Referer https://xosoketqua.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Wed, 03 May 2023 02:40:34 GMT via 1.1 google content-encoding br cf-cache-status HIT server cloudflare strict-transport-security max-age=15552000; includeSubDomains age 1925 etag W/"4e9aaefffd5f8ae7dc83361aa2294190" vary Accept-Encoding content-type text/css cache-control public, max-age=2592000 cf-ray 7c1523d54bb418d4-FRA access-control-allow-headers OneSignal-Subscription-Id alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 expires Fri, 02 Jun 2023 02:40:34 GMT
GET H2	200	sodar2.js Show response tpc.googlesyndication.com/sodar/	17 KB 7 KB	418ms 142ms	Script text/javascript	142.250.186.65 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/sodar2.js Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202304270101/show_ads_impl_fy2021.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.186.65 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s05-in-f1.1e100.net Software sffe / Resource Hash 61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language ka-GE,ka;q=0.9 Referer https://xosoketqua.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Wed, 03 May 2023 02:40:34 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 6386 x-xss-protection 0 server sffe cross-origin-opener-policy same-origin; report-to="adspam-signals-scs" etag "1637097310169751" vary Accept-Encoding report-to {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]} content-type text/javascript cache-control private, max-age=3000 accept-ranges bytes expires Wed, 03 May 2023 02:40:34 GMT
GET H3	200	m cm.mgid.com/ Frame F12D Redirect Chain https://pixel-us-west.rubiconproject.com/exchange/sync.php?p=mgid&gdpr=0&gdpr_consent=&us_privacy=&gdpr=0&khaos=LH73CKMM-J-GBWS https://cm.mgid.com/m?cdsp=43070&c=LH73CKMM-J-GBWS&gdpr=0	43 B 428 B	221ms 221ms	Image image/gif	104.19.134.78 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://cm.mgid.com/m?cdsp=43070&c=LH73CKMM-J-GBWS&gdpr=0 Requested by Host: eus.rubiconproject.com URL: https://eus.rubiconproject.com/usync.html?p=mgid&endpoint=us-west&gdpr=0&gdpr_consent=&us_privacy= Protocol H3 Server 104.19.134.78 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22 Request headers accept-language ka-GE,ka;q=0.9 Referer https://eus.rubiconproject.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Wed, 03 May 2023 02:40:35 GMT cf-cache-status DYNAMIC server cloudflare content-type image/gif cache-control no-store, no-cache, must-revalidate, max-age=0 cf-ray 7c1523df0e01913c-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 43 Redirect headers Pragma no-cache P3P CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT" Content-Type text/html Location https://cm.mgid.com/m?cdsp=43070&c=LH73CKMM-J-GBWS&gdpr=0 Cache-Control no-cache,no-store,must-revalidate content-length 0 X-RPHost dbbc2dbf689859fb5870b364473d5441 Expires 0
GET H/1.1	200 OK	tap.php pixel.rubiconproject.com/ Frame F12D Redirect Chain https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc&gdpr=0 https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&gdpr=0&put=CAESEOmti67TFTSqRfz4TxND0GE&google_cver=1	42 B 688 B	527ms 131ms	Image image/gif	69.173.144.139 RUBICONPROJECT
General Check archive.org Show headers Download Go to Show image Full URL https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&gdpr=0&put=CAESEOmti67TFTSqRfz4TxND0GE&google_cver=1 Requested by Host: eus.rubiconproject.com URL: https://eus.rubiconproject.com/usync.html?p=mgid&endpoint=us-west&gdpr=0&gdpr_consent=&us_privacy= Protocol HTTP/1.1 Server 69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US), Reverse DNS Software / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Request headers accept-language ka-GE,ka;q=0.9 Referer https://eus.rubiconproject.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Content-Type image/gif Pragma no-cache Expires 0 Cache-Control no-cache,no-store,must-revalidate content-length 42 X-RPHost 3bafef7aa4e37890defcd73f0a080481 P3P CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT" Redirect headers pragma no-cache date Wed, 03 May 2023 02:40:34 GMT server HTTP server (unknown) content-type text/html; charset=UTF-8 location https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&gdpr=0&put=CAESEOmti67TFTSqRfz4TxND0GE&google_cver=1 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 337 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	setuid px.ads.linkedin.com/ Frame F12D Redirect Chain https://token.rubiconproject.com/token?pid=36584&gdpr=0 https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LH73CKMM-J-GBWS&gdpr=0	0 514 B	545ms 304ms	Image text/plain	13.107.42.14 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Show image Full URL https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LH73CKMM-J-GBWS&gdpr=0 Requested by Host: eus.rubiconproject.com URL: https://eus.rubiconproject.com/usync.html?p=mgid&endpoint=us-west&gdpr=0&gdpr_consent=&us_privacy= Protocol H2 Server 13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language ka-GE,ka;q=0.9 Referer https://eus.rubiconproject.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Wed, 03 May 2023 02:40:34 GMT x-li-pop afd-prod-lor1-x x-msedge-ref Ref A: 7EDCAF2E0C3D4813B4ABEA14025D7138 Ref B: VIEEDGE3814 Ref C: 2023-05-03T02:40:35Z linkedin-action 1 x-cache CONFIG_NOCACHE x-li-fabric prod-lor1 x-li-proto http/2 content-length 0 x-li-uuid AAX6wPr89mRiIiZsa/6xSg== Redirect headers Location https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LH73CKMM-J-GBWS&gdpr=0 Pragma no-cache Expires 0 Cache-Control no-cache,no-store,must-revalidate content-length 0 X-RPHost a66cbf3142c6ef39e3614b84a34262cf P3P CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
GET H/1.1	200 OK	tap.php pixel.rubiconproject.com/ Frame F12D Redirect Chain https://token.rubiconproject.com/token?pid=2974&pt=n&a=1&gdpr=0 https://pr-bh.ybp.yahoo.com/sync/rubicon/qxY8TMaMkbdwE6ZgCsxk6w?csrc=&gdpr=0 https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-zfF2HGNE2oKCxqAhXVO5yiPnSlcOPupkKmCyYg--~A	42 B 688 B	132ms 132ms	Image image/gif	69.173.144.139 RUBICONPROJECT
General Check archive.org Show headers Download Go to Show image Full URL https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-zfF2HGNE2oKCxqAhXVO5yiPnSlcOPupkKmCyYg--~A Requested by Host: eus.rubiconproject.com URL: https://eus.rubiconproject.com/usync.html?p=mgid&endpoint=us-west&gdpr=0&gdpr_consent=&us_privacy= Protocol HTTP/1.1 Server 69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US), Reverse DNS Software / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Request headers accept-language ka-GE,ka;q=0.9 Referer https://eus.rubiconproject.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Content-Type image/gif Pragma no-cache Expires 0 Cache-Control no-cache,no-store,must-revalidate content-length 42 X-RPHost 3bafef7aa4e37890defcd73f0a080481 P3P CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT" Redirect headers date Wed, 03 May 2023 02:40:35 GMT strict-transport-security max-age=31536000 x-content-type-options nosniff referrer-policy strict-origin-when-cross-origin server ATS content-security-policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic age 0 expect-ct max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only" x-frame-options DENY location https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-zfF2HGNE2oKCxqAhXVO5yiPnSlcOPupkKmCyYg--~A content-length 0
GET H/1.1	200 OK	ecm3 s.amazon-adsystem.com/ Frame F12D Redirect Chain https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&gdpr=0 https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&gdpr=0&dcc=t https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=ij_eGjVNR3O8rhxmjpO9Zg&rk=usync-na&gdpr=0 https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=ij_eGjVNR3O8rhxmjpO9Zg&gdpr=0	43 B 479 B	231ms 231ms	Image image/gif	52.46.143.56 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=ij_eGjVNR3O8rhxmjpO9Zg&gdpr=0 Requested by Host: eus.rubiconproject.com URL: https://eus.rubiconproject.com/usync.html?p=mgid&endpoint=us-west&gdpr=0&gdpr_consent=&us_privacy= Protocol HTTP/1.1 Server 52.46.143.56 Ashburn, United States, ASN16509 (AMAZON-02, US), Reverse DNS Software Server / Resource Hash c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e Security Headers Name Value Strict-Transport-Security max-age=47474747; includeSubDomains; preload Request headers accept-language ka-GE,ka;q=0.9 Referer https://eus.rubiconproject.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Pragma no-cache Date Wed, 03 May 2023 02:40:35 GMT Strict-Transport-Security max-age=47474747; includeSubDomains; preload Server Server x-amz-rid 10YR9HX362VVRGC7X126 Vary Content-Type,Accept-Encoding,User-Agent Content-Type image/gif Cache-Control max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0 Connection keep-alive Content-Length 43 Expires Thu, 01 Jan 1970 00:00:00 GMT Redirect headers Location https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=ij_eGjVNR3O8rhxmjpO9Zg&gdpr=0 Pragma no-cache Expires 0 Cache-Control no-cache,no-store,must-revalidate content-length 0 X-RPHost 3bafef7aa4e37890defcd73f0a080481 P3P CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
GET H3	200	pixel cm.g.doubleclick.net/ Frame F12D Redirect Chain https://token.rubiconproject.com/token?pid=2249&pt=n&gdpr=0 https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=MmI3ZjJlODc1NzZhYWRjNmU1MTQ2NzE2YTQ3OTc5MTFjMDNjM2M4OA&gdpr=0	170 B 188 B	144ms 144ms	Image image/png	142.250.184.226 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=MmI3ZjJlODc1NzZhYWRjNmU1MTQ2NzE2YTQ3OTc5MTFjMDNjM2M4OA&gdpr=0 Requested by Host: eus.rubiconproject.com URL: https://eus.rubiconproject.com/usync.html?p=mgid&endpoint=us-west&gdpr=0&gdpr_consent=&us_privacy= Protocol H3 Server 142.250.184.226 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s12-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers accept-language ka-GE,ka;q=0.9 Referer https://eus.rubiconproject.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Wed, 03 May 2023 02:40:35 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers Location https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=MmI3ZjJlODc1NzZhYWRjNmU1MTQ2NzE2YTQ3OTc5MTFjMDNjM2M4OA&gdpr=0 Pragma no-cache Expires 0 Cache-Control no-cache,no-store,must-revalidate content-length 0 X-RPHost a66cbf3142c6ef39e3614b84a34262cf P3P CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
GET H/1.1	200 OK	tap.php pixel.rubiconproject.com/ Frame F12D Redirect Chain https://match.adsrvr.org/track/cmf/rubicon?gdpr=0 https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=b18a4556-6f30-4db9-9e17-a4131a2c02c8&gdpr=0&gdpr_consent=&expires=30	42 B 688 B	522ms 130ms	Image image/gif	69.173.144.139 RUBICONPROJECT
General Check archive.org Show headers Download Go to Show image Full URL https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=b18a4556-6f30-4db9-9e17-a4131a2c02c8&gdpr=0&gdpr_consent=&expires=30 Requested by Host: eus.rubiconproject.com URL: https://eus.rubiconproject.com/usync.html?p=mgid&endpoint=us-west&gdpr=0&gdpr_consent=&us_privacy= Protocol HTTP/1.1 Server 69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US), Reverse DNS Software / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Request headers accept-language ka-GE,ka;q=0.9 Referer https://eus.rubiconproject.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Content-Type image/gif Pragma no-cache Expires 0 Cache-Control no-cache,no-store,must-revalidate content-length 42 X-RPHost 3bafef7aa4e37890defcd73f0a080481 P3P CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT" Redirect headers pragma no-cache date Wed, 03 May 2023 02:40:34 GMT x-aspnet-version 4.0.30319 p3p CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV" location https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=b18a4556-6f30-4db9-9e17-a4131a2c02c8&gdpr=0&gdpr_consent=&expires=30 content-type text/html cache-control private,no-cache, must-revalidate content-length 289
GET H/1.1	200 OK	ecm3 aax-eu.amazon-adsystem.com/s/ Frame F12D Redirect Chain https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&gdpr=0 https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&gdpr=0&dcc=t https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=GfsVK1vZTrO4n5oGsog0qg&rk=usync-other&gdpr=0 https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=GfsVK1vZTrO4n5oGsog0qg&gdpr=0	43 B 479 B	162ms 162ms	Image image/gif	67.220.224.150 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=GfsVK1vZTrO4n5oGsog0qg&gdpr=0 Requested by Host: eus.rubiconproject.com URL: https://eus.rubiconproject.com/usync.html?p=mgid&endpoint=us-west&gdpr=0&gdpr_consent=&us_privacy= Protocol HTTP/1.1 Server 67.220.224.150 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS Software Server / Resource Hash c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e Security Headers Name Value Strict-Transport-Security max-age=47474747; includeSubDomains; preload Request headers accept-language ka-GE,ka;q=0.9 Referer https://eus.rubiconproject.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Pragma no-cache Date Wed, 03 May 2023 02:40:35 GMT Strict-Transport-Security max-age=47474747; includeSubDomains; preload Server Server x-amz-rid 6YW211MZHH2P23PGAEJ3 Vary Content-Type,Accept-Encoding,User-Agent Content-Type image/gif Cache-Control max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0 Connection keep-alive Content-Length 43 Expires Thu, 01 Jan 1970 00:00:00 GMT Redirect headers Location https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=GfsVK1vZTrO4n5oGsog0qg&gdpr=0 Pragma no-cache Expires 0 Cache-Control no-cache,no-store,must-revalidate content-length 0 X-RPHost 3bafef7aa4e37890defcd73f0a080481 P3P CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
GET H3	200	pixel cm.g.doubleclick.net/ Frame F12D Redirect Chain https://token.rubiconproject.com/token?pid=25470&gdpr=0 https://cm.g.doubleclick.net/pixel?google_nid=rp&google_cm&google_hm=TEg3M0NLTU0tSi1HQldT&gdpr=0 https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&gdpr=0&google_gid=CAESEA9tUH-ReNouJIMGh7xNIPk&google_cver=1 https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEg3M0NLTU0tSi1HQldT&google_push=&gdpr=0	170 B 188 B	145ms 144ms	Image image/png	142.250.184.226 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEg3M0NLTU0tSi1HQldT&google_push=&gdpr=0 Requested by Host: eus.rubiconproject.com URL: https://eus.rubiconproject.com/usync.html?p=mgid&endpoint=us-west&gdpr=0&gdpr_consent=&us_privacy= Protocol H3 Server 142.250.184.226 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s12-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers accept-language ka-GE,ka;q=0.9 Referer https://eus.rubiconproject.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Wed, 03 May 2023 02:40:35 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers Pragma no-cache P3P CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT" Content-Type text/html Location https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEg3M0NLTU0tSi1HQldT&google_push=&gdpr=0 Cache-Control no-cache,no-store,must-revalidate content-length 0 X-RPHost 28e1e7d28d06b07ec669bc9e43057b8e Expires 0
GET H2	200	runner.html Show response tpc.googlesyndication.com/sodar/sodar2/225/ Frame 50EA	13 KB 5 KB	135ms 134ms	Document text/html	142.250.186.65 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/sodar2.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.186.65 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s05-in-f1.1e100.net Software sffe / Resource Hash 55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://xosoketqua.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 accept-language ka-GE,ka;q=0.9 Response headers accept-ranges bytes age 14607 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control public, max-age=31536000 content-encoding gzip content-length 5046 content-type text/html cross-origin-opener-policy same-origin; report-to="adspam-signals-scs" cross-origin-resource-policy cross-origin date Tue, 02 May 2023 22:37:07 GMT expires Wed, 01 May 2024 22:37:07 GMT last-modified Mon, 21 Jun 2021 20:47:05 GMT report-to {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]} server sffe vary Accept-Encoding x-content-type-options nosniff x-xss-protection 0
GET H2	200	aframe Show response www.google.com/recaptcha/api2/ Frame 6444	783 B 1 KB	410ms 140ms	Document text/html	172.217.16.196 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google.com/recaptcha/api2/aframe Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/sodar2.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.217.16.196 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s65-in-f4.1e100.net Software GSE / Resource Hash 4f7b8ec5128fb3c28ebcd8318895135015863a5930055c722db68bbb23aa4deb Security Headers Name Value Content-Security-Policy script-src 'report-sample' 'nonce-w8eoBI6emlyIzP9N4mdrkg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1 X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Referer https://xosoketqua.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 accept-language ka-GE,ka;q=0.9 Response headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control private, max-age=300 content-encoding gzip content-length 511 content-security-policy script-src 'report-sample' 'nonce-w8eoBI6emlyIzP9N4mdrkg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1 content-type text/html; charset=utf-8 cross-origin-embedder-policy require-corp cross-origin-resource-policy cross-origin date Wed, 03 May 2023 02:40:34 GMT expires Wed, 03 May 2023 02:40:34 GMT report-to {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} server GSE x-content-type-options nosniff x-xss-protection 1; mode=block
GET H3	200	iqN7G0kUPx8PWUajTIMtWnwdoeK-Ko9ikyLGaxPxkck.js Show response pagead2.googlesyndication.com/bg/ Frame 50EA	37 KB 14 KB	128ms 128ms	Script text/javascript	172.217.18.2 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/bg/iqN7G0kUPx8PWUajTIMtWnwdoeK-Ko9ikyLGaxPxkck.js Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html Protocol H3 Security QUIC, , AES_128_GCM Server 172.217.18.2 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra02s19-in-f2.1e100.net Software sffe / Resource Hash 8aa37b1b49143f1f0f5946a34c832d5a7c1da1e2be2a8f629322c66b13f191c9 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language ka-GE,ka;q=0.9 Referer https://tpc.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Thu, 27 Apr 2023 12:53:22 GMT content-encoding br x-content-type-options nosniff age 481632 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 14636 x-xss-protection 0 last-modified Tue, 25 Apr 2023 16:38:00 GMT server sffe cross-origin-opener-policy same-origin; report-to="botguard-scs" vary Accept-Encoding report-to {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes expires Fri, 26 Apr 2024 12:53:22 GMT
GET H3	204	generate_204 tpc.googlesyndication.com/ Frame 50EA	0 10 B	131ms 131ms	Image text/plain	142.250.186.65 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://tpc.googlesyndication.com/generate_204?K1Wp6w Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.186.65 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s05-in-f1.1e100.net Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language ka-GE,ka;q=0.9 Referer https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Wed, 03 May 2023 02:40:35 GMT cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0
GET H3	204	sodar pagead2.googlesyndication.com/pagead/ Frame 6444	0 0	162ms 162ms	Image text/html	172.217.18.2 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20230501&jk=4325101065922985&rc= Protocol H3 Security QUIC, , AES_128_GCM Server 172.217.18.2 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra02s19-in-f2.1e100.net Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language ka-GE,ka;q=0.9 Referer https://www.google.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers
GET H3	204	sodar pagead2.googlesyndication.com/pagead/	0 0	165ms 164ms	Image text/html	172.217.18.2 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20230501&jk=4325101065922985&bg=!-_il-KzNAAYcDqajPA47ADkAdvg8Wl9C-47OnIxJPl2yFHiZVMEFPfeI1IUyLtieQ8j0QfVFj6dpZ-fhR7NoTPPWLbmBLoQ7SlcCAAAARVIAAAAGaAEHmQKnRdmMSQWYeBOdgjUY1HT92DN6K1iMR3PcPWLWZF8lFNSHhXblvtjhYKaDDcyYq23guvChRYjg2Fzl3tqDpU3jDlJPGcSG1J_N3M6zc-bvkzPMLvVbpqHOJ1oWEep2R1h5Ns6Mem-Jp1zFjdePubHZQAGVbAVndf6FSz2iy8ifcV8RqXt0e9ZhPBmeS3AePibNFBgZDxfFZm7SCO9pvn1fVGJyFvY7qoYdEL7LbCp-Abj4wfy-g9GYDSqoeEJ_dXi2zKyKz_qJtopNgJmY7MfbJITMuFilEA-meAq8MEFmZ4A1r7Vd4UHz-fLWcoSCWt1YD5-Y_s3Ktp39gyFjUMbTQpTFB0jG1-GXYSkx2elevwLdg6o4H6C6Mz96CO3WtBKIq6yPQcNEs0mLyaKu1O34Y7dJOitnBd464HIRw466k6wbm4rigoT6xrcUQWBcW5Mf-s7FGJlBEtVXnCrFjocRUU1h9Wr3odpxDzwcuBC7EtGyxlIu4SmVHSi3MSVbLIsAGs5mQ6KEomlAPrYJK638iWc1o4SXAr9JwGyKXxjo6k3j4e2op1VFzxVRozlnV1W5Oa9YPYgkYrf4WNReLvweR27cAv7Up795OvThQ67krrB_CVFW6yr9eoBkarIv-SwWtykrNuyo6KI5Gk27NajDPwn_V_rnHVRRjsTWu3eHzuZ6hjBCLflOefkYeX3TvCP6zmLZkKe4112Cs9YUSLAwfA0RkmQdf22Z3PqouiYmV5_QPm9V2zIMkos7tSliKDDHIvIccoi93FokFT6qvSMyZACbiF9e-VHUcq9qbuUH68T9Ou_BTz0dhAJd-BG2Fu--7h1XCgcGlYxkWtgLpoJxy4F8ob2cztNzCTPPA87xNqc8Eym8savsGD3jGD6cwUb_RKPmmKi3-A Protocol H3 Security QUIC, , AES_128_GCM Server 172.217.18.2 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra02s19-in-f2.1e100.net Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language ka-GE,ka;q=0.9 Referer https://xosoketqua.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers