ketquaxosomienbac.cfd Open in urlscan Pro
2a06:98c1:3121::3  Public Scan

23 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

25 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response ketquaxosomienbac.cfd/	424 KB 39 KB	707ms 616ms	Document text/html	2a06:98c1:3121::3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://ketquaxosomienbac.cfd/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 7621f63ef0532a7f959eb6ccdeaea692573e76ae86ee65fd05b05394f7b15b80 Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Accept-Language nl-NL,nl;q=0.9;q=0.9 Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" sec-ch-ua-mobile ?0 sec-ch-ua-platform "Win32" Response headers alt-svc h3=":443"; ma=86400 cache-provider CLOUDWAYS-CACHE-DE cf-cache-status DYNAMIC cf-ray 88429e391c9e0bde-AMS content-encoding br content-type text/html; charset=utf-8 date Wed, 15 May 2024 10:59:21 GMT last-modified Tue, 30 Apr 2024 01:39:30 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} referrer-policy no-referrer-when-downgrade report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=GSaC3fYVRF07PlZLOqyz05hYdpZctELvDaDTfXhD6h7A1Rbk%2BpQy3OFmZvuQr3c%2BU7ToPboEmygbFiLa%2BmP5%2BDaZEiFVYJPzgZNzv%2BkcArc6%2BWpmNdtbhVMAnBJtFJ%2Fa77gtaC7s7AhD8H2cgCcPAoce%2FhU%3D"}],"group":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding x-content-type-options nosniff x-frame-options SAMEORIGIN x-xss-protection 1; mode=block
GET H2	200	breeze_6dccf7ca4d4d291c0fef0ff21bb9149e.css ketquaxosomienbac.cfd/wp-content/cache/breeze-minification/css/	189 KB 39 KB	614ms 611ms	Stylesheet text/css	2a06:98c1:3121::3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://ketquaxosomienbac.cfd/wp-content/cache/breeze-minification/css/breeze_6dccf7ca4d4d291c0fef0ff21bb9149e.css Requested by Host: ketquaxosomienbac.cfd URL: https://ketquaxosomienbac.cfd/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash f846ebaecb2588122ec6570fa925a4b696f3c6565645de93742f67131ce32fae Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://ketquaxosomienbac.cfd/ Accept-Language nl-NL,nl;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers pragma public date Wed, 15 May 2024 10:59:22 GMT content-encoding gzip cf-cache-status MISS last-modified Tue, 30 Apr 2024 01:34:52 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"66304abc-2f38a" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=EU0fVqcFAv4Vs94QkpyEaFxmNQSpwKk%2FbwMGV98WZgbD%2BIFgdbRtN1Z2UuGfGHFL0KuNUhUGdS4hs6fQ1%2B1pR58a0UwfYelRQYkmrQa9darhx2SpfWPwolpdHyvQ%2FQ7qs4MufFmsIjFLFuIdcuUkg%2B4%2BCy0%3D"}],"group":"cf-nel","max_age":604800} content-type text/css cache-control public, max-age=2592000, must-revalidate, proxy-revalidate cf-ray 88429e3e3a580bde-AMS alt-svc h3=":443"; ma=86400 expires Fri, 14 Jun 2024 10:59:21 GMT
GET H2	200	js Show response www.googletagmanager.com/gtag/	268 KB 93 KB	369ms 56ms	Script application/javascript	2a00:1450:4001:810::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=G-88NH947HKP Requested by Host: ketquaxosomienbac.cfd URL: https://ketquaxosomienbac.cfd/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash fc53f10c624d520aae8df3298bf9ac43c3d107ec48db378c52e53d72dc6c977e Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://ketquaxosomienbac.cfd/ Accept-Language nl-NL,nl;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Wed, 15 May 2024 10:59:22 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains server Google Tag Manager vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true cross-origin-resource-policy cross-origin access-control-allow-headers Cache-Control content-length 95227 x-xss-protection 0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 expires Wed, 15 May 2024 10:59:22 GMT
GET H3	200	breeze_263ad2cf949735c268abb90717d8e75b.js Show response ketquaxosomienbac.cfd/wp-content/cache/breeze-minification/js/	114 KB 40 KB	634ms 634ms	Script application/javascript	188.114.96.3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://ketquaxosomienbac.cfd/wp-content/cache/breeze-minification/js/breeze_263ad2cf949735c268abb90717d8e75b.js Requested by Host: ketquaxosomienbac.cfd URL: https://ketquaxosomienbac.cfd/ Protocol H3 Security QUIC, , AES_128_GCM Server 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 80dde630d93404940d4d3f699382e233dc5d3277e69555b6f17b2833f0cb98d2 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://ketquaxosomienbac.cfd/ Accept-Language nl-NL,nl;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers pragma public date Wed, 15 May 2024 10:59:23 GMT content-encoding gzip cf-cache-status MISS last-modified Tue, 30 Apr 2024 01:39:30 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"66304bd2-1c68a" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ZAFfq%2BDy2%2BNgpelzgyEyF68VR6Q7QGWuBstLOy4WZHBJBZrp1JIle%2FDtEcJTv%2BKkPBgnUWW4oEDWwp3fmlacTquf1loxf6OE3tgAedHrkppCPQDvRvDMKic%2Bw1YyZYazmQuDK74jz4E%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript cache-control public, max-age=2592000, must-revalidate, proxy-revalidate cf-ray 88429e410a4ca009-AMS alt-svc h3=":443"; ma=86400 expires Fri, 14 Jun 2024 10:59:21 GMT
GET H2	200	js Show response www.googletagmanager.com/gtag/	285 KB 97 KB	79ms 47ms	Script application/javascript	2a00:1450:4001:810::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=G-L85EFQFMX7&l=dataLayer&cx=c Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=G-88NH947HKP Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash 52071e63c81b4f9e629a419bb38d07df75fd25111000182e6dddf652cbed36a9 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://ketquaxosomienbac.cfd/ Accept-Language nl-NL,nl;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Wed, 15 May 2024 10:59:22 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains server Google Tag Manager vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true cross-origin-resource-policy cross-origin access-control-allow-headers Cache-Control content-length 98761 x-xss-protection 0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 expires Wed, 15 May 2024 10:59:22 GMT
GET H3	200	js Show response www.googletagmanager.com/gtag/	204 KB 73 KB	64ms 55ms	Script application/javascript	172.217.18.8 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=UA-157512640-21&l=dataLayer&cx=c Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=G-88NH947HKP Protocol H3 Security QUIC, , AES_128_GCM Server 172.217.18.8 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra15s28-in-f8.1e100.net Software Google Tag Manager / Resource Hash 8fb74d5792529d1fb932a5f03984816c82cb739a38bf3da8815f67d89f62a865 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://ketquaxosomienbac.cfd/ Accept-Language nl-NL,nl;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Wed, 15 May 2024 10:59:22 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains server Google Tag Manager vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true cross-origin-resource-policy cross-origin access-control-allow-headers Cache-Control content-length 74988 x-xss-protection 0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 expires Wed, 15 May 2024 10:59:22 GMT
POST H2	204	collect region1.google-analytics.com/g/	0 258 B	88ms 25ms	Ping text/plain	2001:4860:4802:34::36 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://region1.google-analytics.com/g/collect?v=2&tid=G-88NH947HKP&gtm=45je45d0v888246795za200&_p=1715770762578&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&cid=2140140525.1715770763&ul=nl-nl&sr=1600x1200&uaa=x86&uab=64&uafvl=Chromium%3B124.0.6367.201%7CGoogle%2520Chrome%3B124.0.6367.201%7CNot-A.Brand%3B99.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&frm=0&pscdl=noapi&_s=1&sid=1715770762&sct=1&seg=0&dl=https%3A%2F%2Fketquaxosomienbac.cfd%2F&dt=soi%20c%E1%BA%A7u%20l%C3%B4%20xi%C3%AAn%20-%20b%E1%BA%A1ch%20th%E1%BB%A7%20l%C3%B4%20k%C3%A9p%20-%20b%E1%BA%A1ch%20th%E1%BB%A7%20l%C3%B4%202%20nh%C3%A1y%20-%20soi%20c%E1%BA%A7u%20l%C3%B4%20xi%C3%AAn%20-%20b%E1%BA%A1ch%20th%E1%BB%A7%20l%C3%B4%20k%C3%A9p%20-%20b%E1%BA%A1ch%20th%E1%BB%A7%20l%C3%B4%202%20nh%C3%A1y&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=1593 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=G-88NH947HKP Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://ketquaxosomienbac.cfd/ Accept-Language nl-NL,nl;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers pragma no-cache date Wed, 15 May 2024 10:59:22 GMT server Golfe2 content-type text/plain access-control-allow-origin https://ketquaxosomienbac.cfd cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	muli-v11-latin-ext_latin-regular.woff2 ketquaxosomienbac.cfd/wp-content/themes/leeway/fonts/	26 KB 26 KB	651ms 650ms	Font font/woff2	188.114.96.3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://ketquaxosomienbac.cfd/wp-content/themes/leeway/fonts/muli-v11-latin-ext_latin-regular.woff2 Requested by Host: ketquaxosomienbac.cfd URL: https://ketquaxosomienbac.cfd/wp-content/cache/breeze-minification/css/breeze_6dccf7ca4d4d291c0fef0ff21bb9149e.css Protocol H3 Security QUIC, , AES_128_GCM Server 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 8134ff59621748f148d53912fb7bb3ae6882e222ec8815e5c0cb438188bcbc8d Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://ketquaxosomienbac.cfd/wp-content/cache/breeze-minification/css/breeze_6dccf7ca4d4d291c0fef0ff21bb9149e.css Origin https://ketquaxosomienbac.cfd Accept-Language nl-NL,nl;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Wed, 15 May 2024 10:59:23 GMT x-content-type-options nosniff cf-cache-status MISS nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} alt-svc h3=":443"; ma=86400 content-length 26300 x-xss-protection 1; mode=block last-modified Mon, 22 Apr 2024 01:57:15 GMT server cloudflare etag "6625c3fb-66bc" x-frame-options SAMEORIGIN report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=RtFUevMHgWMHhgt5zdKzAHClTWbew2frd2f18Bor%2B%2FStYb%2F%2FCgdk7hlwVQJjzhsBEhmThXLqoP0nfhTJ3q4exK%2BJXq55VfBHPfro7hFqIMdDmzzihGa9tNGkXOnIK5ovVMj7qvBtTYI%3D"}],"group":"cf-nel","max_age":604800} content-type font/woff2 vary Accept-Encoding cache-control max-age=14400 accept-ranges bytes cf-ray 88429e43bd8ba009-AMS
GET H3	200	oswald-v16-latin-ext_latin-regular.woff2 ketquaxosomienbac.cfd/wp-content/themes/leeway/fonts/	22 KB 22 KB	685ms 684ms	Font font/woff2	188.114.96.3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://ketquaxosomienbac.cfd/wp-content/themes/leeway/fonts/oswald-v16-latin-ext_latin-regular.woff2 Requested by Host: ketquaxosomienbac.cfd URL: https://ketquaxosomienbac.cfd/wp-content/cache/breeze-minification/css/breeze_6dccf7ca4d4d291c0fef0ff21bb9149e.css Protocol H3 Security QUIC, , AES_128_GCM Server 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 601e73774ff1f1abadf4377842963c119df9a0d82c4027d9375778c585faecd9 Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://ketquaxosomienbac.cfd/wp-content/cache/breeze-minification/css/breeze_6dccf7ca4d4d291c0fef0ff21bb9149e.css Origin https://ketquaxosomienbac.cfd Accept-Language nl-NL,nl;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Wed, 15 May 2024 10:59:23 GMT x-content-type-options nosniff cf-cache-status MISS nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} alt-svc h3=":443"; ma=86400 content-length 22252 x-xss-protection 1; mode=block last-modified Mon, 22 Apr 2024 01:57:15 GMT server cloudflare etag "6625c3fb-56ec" x-frame-options SAMEORIGIN report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=6LM0uUUkc71%2F3ROk%2F08gy65YcK7yz%2F1hx0Qe5GYeBqm%2F0eXS81bHBsv%2FrXSdpVidt1p8ZNcjFfgdHQGdXof5j1j%2B%2FT1MGnd5hi9eaZs3x0PrzzxD1X5PRqsLzbdzFuBQGR1Qz7JD3Jk%3D"}],"group":"cf-nel","max_age":604800} content-type font/woff2 vary Accept-Encoding cache-control max-age=14400 accept-ranges bytes cf-ray 88429e43bd8fa009-AMS
GET H3	200	muli-v11-latin-ext_latin-700.woff2 ketquaxosomienbac.cfd/wp-content/themes/leeway/fonts/	26 KB 26 KB	651ms 650ms	Font font/woff2	188.114.96.3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://ketquaxosomienbac.cfd/wp-content/themes/leeway/fonts/muli-v11-latin-ext_latin-700.woff2 Requested by Host: ketquaxosomienbac.cfd URL: https://ketquaxosomienbac.cfd/wp-content/cache/breeze-minification/css/breeze_6dccf7ca4d4d291c0fef0ff21bb9149e.css Protocol H3 Security QUIC, , AES_128_GCM Server 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 77b5200d1c9f7c0f29edca5bac751af9f64e4047acf210de90e8c79ab86be571 Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://ketquaxosomienbac.cfd/wp-content/cache/breeze-minification/css/breeze_6dccf7ca4d4d291c0fef0ff21bb9149e.css Origin https://ketquaxosomienbac.cfd Accept-Language nl-NL,nl;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Wed, 15 May 2024 10:59:23 GMT x-content-type-options nosniff cf-cache-status MISS nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} alt-svc h3=":443"; ma=86400 content-length 26204 x-xss-protection 1; mode=block last-modified Mon, 22 Apr 2024 01:57:15 GMT server cloudflare etag "6625c3fb-665c" x-frame-options SAMEORIGIN report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=z7sKWSPp5Jk7KoYuDESGLsDiBgN5kz%2BzvCJCtbMNaoX5lr9Z04aPrLmuDdaMabm0E9Cnm4HFU6cs0bPVkXnIDKBd2oh7OAK7epUne1WdY9WK%2BRCmkc6bQofm8Pi1SOc3z8EpXJd3tAI%3D"}],"group":"cf-nel","max_age":604800} content-type font/woff2 vary Accept-Encoding cache-control max-age=14400 accept-ranges bytes cf-ray 88429e43bd93a009-AMS
GET H3	200	b%E1%BA%A1ch-th%E1%BB%A7-l%C3%B4-%C4%91%E1%BB%81-400x280.jpg ketquaxosomienbac.cfd/wp-content/uploads/2024/02/	33 KB 33 KB	676ms 674ms	Image image/jpeg	188.114.96.3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://ketquaxosomienbac.cfd/wp-content/uploads/2024/02/b%E1%BA%A1ch-th%E1%BB%A7-l%C3%B4-%C4%91%E1%BB%81-400x280.jpg Requested by Host: ketquaxosomienbac.cfd URL: https://ketquaxosomienbac.cfd/ Protocol H3 Security QUIC, , AES_128_GCM Server 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 1cb679bd2c866094a5c01a3fcb05bff96889ec1dcee95b83a94a5880235f37df Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://ketquaxosomienbac.cfd/ Accept-Language nl-NL,nl;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Wed, 15 May 2024 10:59:23 GMT cf-cache-status MISS nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} alt-svc h3=":443"; ma=86400 content-length 33354 pragma public last-modified Sat, 08 Feb 2020 14:20:16 GMT server cloudflare etag "5e3ec3a0-824a" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=LvirCBUxMFeGyeslfJ8caNuYxTP4EVYvn7hZ0QjeU8Twmc3%2BHnZV7e7vbQqIzKwLfU2NnFPsfm8FKmWgZi9Tk9pWbVtqWLjjDRhJOOFhNIO%2BVq%2FMBBHeT0bmKNuNUIe5yyhq8gJ7CKU%3D"}],"group":"cf-nel","max_age":604800} content-type image/jpeg cache-control public, max-age=2592000, must-revalidate, proxy-revalidate accept-ranges bytes cf-ray 88429e438d6ea009-AMS expires Fri, 14 Jun 2024 10:59:22 GMT
GET H3	200	d%C3%A0n-%C4%91%E1%BB%81-ch%E1%BA%B5n-l%E1%BA%BB-400x280.png ketquaxosomienbac.cfd/wp-content/uploads/2024/02/	111 KB 111 KB	845ms 843ms	Image image/png	188.114.96.3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://ketquaxosomienbac.cfd/wp-content/uploads/2024/02/d%C3%A0n-%C4%91%E1%BB%81-ch%E1%BA%B5n-l%E1%BA%BB-400x280.png Requested by Host: ketquaxosomienbac.cfd URL: https://ketquaxosomienbac.cfd/ Protocol H3 Security QUIC, , AES_128_GCM Server 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 0d1eaf1e711cd41180efddbca4380e414daae492a4f40ec57551f2178719d142 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://ketquaxosomienbac.cfd/ Accept-Language nl-NL,nl;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Wed, 15 May 2024 10:59:23 GMT cf-cache-status MISS nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} alt-svc h3=":443"; ma=86400 content-length 113351 pragma public last-modified Sat, 08 Feb 2020 14:21:10 GMT server cloudflare etag "5e3ec3d6-1bac7" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=vv6vFimxdkmGx5HLq0yKBesLGtm55lWyPe84cP0h8AhWP%2BIcUngLKQTTMDAycz0dURop4UcGWW54LeE1ikuzrWHZ7M1gEymy9ief1xg6tlF57fPGHPkheC6jWcKkJ1ad4O5mTxj6xuI%3D"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control public, max-age=2592000, must-revalidate, proxy-revalidate accept-ranges bytes cf-ray 88429e438d6fa009-AMS expires Fri, 14 Jun 2024 10:59:22 GMT
GET H3	200	xem-xsmb-400x240.jpg ketquaxosomienbac.cfd/wp-content/uploads/2024/02/	18 KB 18 KB	676ms 674ms	Image image/jpeg	188.114.96.3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://ketquaxosomienbac.cfd/wp-content/uploads/2024/02/xem-xsmb-400x240.jpg Requested by Host: ketquaxosomienbac.cfd URL: https://ketquaxosomienbac.cfd/ Protocol H3 Security QUIC, , AES_128_GCM Server 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 7bad04e96d61269893ce57b66c989cf0f66b8b1f323a54ad2e40eb00cb008c01 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://ketquaxosomienbac.cfd/ Accept-Language nl-NL,nl;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Wed, 15 May 2024 10:59:23 GMT cf-cache-status MISS nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} alt-svc h3=":443"; ma=86400 content-length 18382 pragma public last-modified Sat, 08 Feb 2020 14:23:18 GMT server cloudflare etag "5e3ec456-47ce" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=miQ3BqrpVJzXh%2B3KUvR6SUjNp8SNlc4Wic4enGkhsORCeK0SmZtL45%2FAqDd03j9Rv%2B0rftXSTA5HsT5buZyQE2i25jrXnQQzizVFxc6Nm7QP00f5jHsxm25zBsCs37%2BgJvArAkqizp8%3D"}],"group":"cf-nel","max_age":604800} content-type image/jpeg cache-control public, max-age=2592000, must-revalidate, proxy-revalidate accept-ranges bytes cf-ray 88429e438d70a009-AMS expires Fri, 14 Jun 2024 10:59:22 GMT
GET H3	200	anh-don.gif ketquaxosomienbac.cfd/wp-content/uploads/2024/08/	5 KB 5 KB	520ms 508ms	Image image/gif	188.114.96.3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://ketquaxosomienbac.cfd/wp-content/uploads/2024/08/anh-don.gif Requested by Host: ketquaxosomienbac.cfd URL: https://ketquaxosomienbac.cfd/ Protocol H3 Security QUIC, , AES_128_GCM Server 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash ef3ce56d4c05447c255e03c29ea19920abaf4a36ec0675d7a830274f2bf07052 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://ketquaxosomienbac.cfd/ Accept-Language nl-NL,nl;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Wed, 15 May 2024 10:59:23 GMT cf-cache-status MISS nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} alt-svc h3=":443"; ma=86400 content-length 4921 pragma public last-modified Mon, 24 Aug 2020 01:16:08 GMT server cloudflare etag "5f4314d8-1339" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=22dxwpOIRUO%2B43C8R9Lnq1Bj3emUlopWI3W%2BRa7ojRwYq30W%2FtUn45IWb5%2BMh88YbvtW8oKKO1t%2FkEqEX6vKZahI37R4uzPPWesdo%2FJim9ac5kB8bbf3yreSR7fErqEQwsCQTO88XtY%3D"}],"group":"cf-nel","max_age":604800} content-type image/gif cache-control public, max-age=2592000, must-revalidate, proxy-revalidate accept-ranges bytes cf-ray 88429e444e56a009-AMS expires Fri, 14 Jun 2024 10:59:22 GMT
GET H3	200	songthulo-mb.png ketquaxosomienbac.cfd/wp-content/uploads/2024/10/	480 KB 481 KB	878ms 866ms	Image image/png	188.114.96.3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://ketquaxosomienbac.cfd/wp-content/uploads/2024/10/songthulo-mb.png Requested by Host: ketquaxosomienbac.cfd URL: https://ketquaxosomienbac.cfd/ Protocol H3 Security QUIC, , AES_128_GCM Server 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 3e49de1032ebd36f4321f224941055976fd515484fddaa3340f734af0515c174 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://ketquaxosomienbac.cfd/ Accept-Language nl-NL,nl;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Wed, 15 May 2024 10:59:23 GMT cf-cache-status MISS nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} alt-svc h3=":443"; ma=86400 content-length 491520 pragma public last-modified Thu, 26 Oct 2017 03:30:32 GMT server cloudflare etag "59f156d8-78000" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=214KbOCYcNfY2NrlJ2vP2tdj53%2FIx%2Buju4YAGY9UblaZ8dTZI6H9scDSmhu7j9H2G1sA%2BH1nFX80tGMmsI3nHnyI%2Bbi9VnXwyo4tMcXDhKNpvtOshcy3MX%2BDVxG1pTEyoDIvFUUO%2FfQ%3D"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control public, max-age=2592000, must-revalidate, proxy-revalidate accept-ranges bytes cf-ray 88429e444e59a009-AMS expires Fri, 14 Jun 2024 10:59:22 GMT
POST H2	204	collect region1.google-analytics.com/g/	0 45 B	19ms 17ms	Ping text/plain	2001:4860:4802:34::36 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://region1.google-analytics.com/g/collect?v=2&tid=G-L85EFQFMX7&gtm=45je45d0v877997086z8888246795za200&_p=1715770762578&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&cid=2140140525.1715770763&ul=nl-nl&sr=1600x1200&uaa=x86&uab=64&uafvl=Chromium%3B124.0.6367.201%7CGoogle%2520Chrome%3B124.0.6367.201%7CNot-A.Brand%3B99.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&frm=0&pscdl=noapi&_eu=AAAI&_s=1&sid=1715770762&sct=1&seg=0&dl=https%3A%2F%2Fketquaxosomienbac.cfd%2F&dt=soi%20c%E1%BA%A7u%20l%C3%B4%20xi%C3%AAn%20-%20b%E1%BA%A1ch%20th%E1%BB%A7%20l%C3%B4%20k%C3%A9p%20-%20b%E1%BA%A1ch%20th%E1%BB%A7%20l%C3%B4%202%20nh%C3%A1y%20-%20soi%20c%E1%BA%A7u%20l%C3%B4%20xi%C3%AAn%20-%20b%E1%BA%A1ch%20th%E1%BB%A7%20l%C3%B4%20k%C3%A9p%20-%20b%E1%BA%A1ch%20th%E1%BB%A7%20l%C3%B4%202%20nh%C3%A1y&en=page_view&_fv=1&_ss=1&tfd=1954 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=G-L85EFQFMX7&l=dataLayer&cx=c Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://ketquaxosomienbac.cfd/ Accept-Language nl-NL,nl;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers pragma no-cache date Wed, 15 May 2024 10:59:23 GMT server Golfe2 content-type text/plain access-control-allow-origin https://ketquaxosomienbac.cfd cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET		js www.googletagmanager.com/gtag/	0 0
GET H2	200	analytics.js Show response www.google-analytics.com/	52 KB 21 KB	476ms 0ms	Script text/javascript	2a00:1450:4001:809::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/analytics.js Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=UA-157512640-21&l=dataLayer&cx=c Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd Security Headers Name Value Strict-Transport-Security max-age=10886400; includeSubDomains; preload X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://ketquaxosomienbac.cfd/ Accept-Language nl-NL,nl;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers strict-transport-security max-age=10886400; includeSubDomains; preload content-encoding gzip x-content-type-options nosniff date Wed, 15 May 2024 09:41:03 GMT last-modified Tue, 12 Dec 2023 18:09:08 GMT server Golfe2 age 4700 vary Accept-Encoding content-type text/javascript cache-control public, max-age=7200 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 20994 expires Wed, 15 May 2024 11:41:03 GMT
GET H3	200	chatra.js Show response call.chatra.io/	46 KB 12 KB	150ms 110ms	Script text/javascript	172.67.13.227 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://call.chatra.io/chatra.js Requested by Host: ketquaxosomienbac.cfd URL: https://ketquaxosomienbac.cfd/wp-content/cache/breeze-minification/js/breeze_263ad2cf949735c268abb90717d8e75b.js Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.13.227 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 097f2f574fb8173d52a7f1b74c18a33c125a4a5efe061ba390b30eb17549985e Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://ketquaxosomienbac.cfd/ Accept-Language nl-NL,nl;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Wed, 15 May 2024 10:59:23 GMT content-encoding br cf-cache-status HIT last-modified Thu, 24 Aug 2023 12:45:59 GMT server cloudflare age 911 etag W/"b872-18a27948358" vary Accept-Encoding content-type text/javascript; charset=utf-8 cache-control public, max-age=1800, s-maxage=1800, stale-while-revalidate=300, stale-if-error=1800 cf-ray 88429e457db2b8b2-AMS alt-svc h3=":443"; ma=86400
GET BLOB	200 OK	89b99af7-a33a-42da-8af7-210d629b198e https://ketquaxosomienbac.cfd/	1 KB 0		Other text/javascript
General Check archive.org Show headers Download Go to Full URL blob:https://ketquaxosomienbac.cfd/89b99af7-a33a-42da-8af7-210d629b198e Requested by Host: ketquaxosomienbac.cfd URL: https://ketquaxosomienbac.cfd/ Protocol BLOB Server -, , ASN (), Reverse DNS Software / Resource Hash 453cb806084fdabec32e286af2e88899f79022125c2527afffbec507975d2c22 Request headers Accept-Language nl-NL,nl;q=0.9;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 Response headers Content-Length 1245 Content-Type text/javascript
GET H3	200	wp-emoji-release.min.js Show response ketquaxosomienbac.cfd/wp-includes/js/	18 KB 5 KB	621ms 542ms	Script application/javascript	188.114.96.3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://ketquaxosomienbac.cfd/wp-includes/js/wp-emoji-release.min.js?ver=6.4.4 Requested by Host: ketquaxosomienbac.cfd URL: https://ketquaxosomienbac.cfd/wp-content/cache/breeze-minification/js/breeze_263ad2cf949735c268abb90717d8e75b.js Protocol H3 Security QUIC, , AES_128_GCM Server 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://ketquaxosomienbac.cfd/ Accept-Language nl-NL,nl;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers pragma public date Wed, 15 May 2024 10:59:23 GMT content-encoding gzip cf-cache-status MISS last-modified Sat, 17 Feb 2024 10:07:01 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"65d08545-4904" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=WokiposX0pbKNxAFP8b71810GKIpR5XzG%2FFirKd8YEW14sRUEtQzmMpfAvMiwsDgAekBRzoJFx%2BGoHn1Nca%2B8b4avK%2BiXyLBVBCj4U37wZLCGxoKQu4tgOLYdEr8ixNdTK3a0pLjFiM%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript cache-control public, max-age=2592000, must-revalidate, proxy-revalidate cf-ray 88429e46684ba009-AMS alt-svc h3=":443"; ma=86400 expires Fri, 14 Jun 2024 10:59:22 GMT
GET H3	200	/ chat.chatra.io/ Frame EE1C	0 0	247ms 59ms	Document text/html	172.67.13.227 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://chat.chatra.io/?isModern=true Requested by Host: call.chatra.io URL: https://call.chatra.io/chatra.js Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.13.227 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Security Headers Name Value Content-Security-Policy default-src 'self'; script-src 'self' https://static.chatra.io; child-src 'none'; img-src https://static.chatra.io 'self' ucarecdn.com data: blob: https://uc.chatra.io https://uc.chatra-usercontent.com; connect-src 'self' data: https://upload.uc.chatra.io ws://chat.chatra.io/ wss://chat.chatra.io/; style-src 'self' 'unsafe-inline' https://static.chatra.io; media-src data:; form-action 'none'; block-all-mixed-content; frame-src 'none' Strict-Transport-Security max-age=31536000 Request headers Accept-Language nl-NL,nl;q=0.9;q=0.9 Referer https://ketquaxosomienbac.cfd/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" sec-ch-ua-mobile ?0 sec-ch-ua-platform "Win32" Response headers age 29 alt-svc h3=":443"; ma=86400 cache-control public, max-age=300, s-maxage=300, stale-while-revalidate=300, stale-if-error=1800 cf-cache-status HIT cf-ray 88429e488c1b7742-AMS content-encoding br content-security-policy default-src 'self'; script-src 'self' https://static.chatra.io; child-src 'none'; img-src https://static.chatra.io 'self' ucarecdn.com data: blob: https://uc.chatra.io https://uc.chatra-usercontent.com; connect-src 'self' data: https://upload.uc.chatra.io ws://chat.chatra.io/ wss://chat.chatra.io/; style-src 'self' 'unsafe-inline' https://static.chatra.io; media-src data:; form-action 'none'; block-all-mixed-content; frame-src 'none' content-type text/html; charset=utf-8 date Wed, 15 May 2024 10:59:23 GMT etag W/"appV0.0.1692881183" server cloudflare strict-transport-security max-age=31536000 vary Accept-Encoding
POST H2	200	collect Show response www.google-analytics.com/j/	1 B 210 B	92ms 26ms	XHR text/plain	2a00:1450:4001:809::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/j/collect?v=1&_v=j101&a=651949287&t=pageview&_s=1&dl=https%3A%2F%2Fketquaxosomienbac.cfd%2F&ul=nl-nl&de=UTF-8&dt=soi%20c%E1%BA%A7u%20l%C3%B4%20xi%C3%AAn%20-%20b%E1%BA%A1ch%20th%E1%BB%A7%20l%C3%B4%20k%C3%A9p%20-%20b%E1%BA%A1ch%20th%E1%BB%A7%20l%C3%B4%202%20nh%C3%A1y%20-%20soi%20c%E1%BA%A7u%20l%C3%B4%20xi%C3%AAn%20-%20b%E1%BA%A1ch%20th%E1%BB%A7%20l%C3%B4%20k%C3%A9p%20-%20b%E1%BA%A1ch%20th%E1%BB%A7%20l%C3%B4%202%20nh%C3%A1y&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAUABAAAAACAAI~&jid=5205868&gjid=1636517517&cid=2140140525.1715770763&tid=UA-157512640-21&_gid=272783365.1715770764&_r=1&gtm=457e45d0z8888246795za200&gcd=13l3l3l2l1&dma=0&jsscut=1&npa=1&z=638879221 Requested by Host: www.google-analytics.com URL: https://www.google-analytics.com/analytics.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash 6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b Security Headers Name Value X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" sec-ch-ua-platform "Win32" Referer https://ketquaxosomienbac.cfd/ Accept-Language nl-NL,nl;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 Content-Type text/plain Response headers pragma no-cache date Wed, 15 May 2024 10:59:23 GMT x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 content-type text/plain access-control-allow-origin https://ketquaxosomienbac.cfd cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 1 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	1985321999_1520493056-150x150.png ketquaxosomienbac.cfd/wp-content/uploads/2024/07/	20 KB 20 KB	649ms 648ms	Other image/png	188.114.96.3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://ketquaxosomienbac.cfd/wp-content/uploads/2024/07/1985321999_1520493056-150x150.png Protocol H3 Security QUIC, , AES_128_GCM Server 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 1293a6298af3210418cb87f61386cc4fcad65af272657fbbec11622b1138e31a Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://ketquaxosomienbac.cfd/ Accept-Language nl-NL,nl;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Wed, 15 May 2024 10:59:24 GMT cf-cache-status MISS nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} alt-svc h3=":443"; ma=86400 content-length 20123 pragma public last-modified Sat, 21 Jul 2018 10:22:12 GMT server cloudflare etag "5b530954-4e9b" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=OUPi62d1dzO8D%2FwI931V788%2BR6N9ps3W6aHcJ0IorngcFtkbhmqwZHnoPnMj22C154WchhlLuUo7aXeAIoC3RgmrChs4wq%2BzhDvCK8EghTgFIeR6vxkNoOklVwGIOVWGMuI6673RhjM%3D"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control public, max-age=2592000, must-revalidate, proxy-revalidate accept-ranges bytes cf-ray 88429e4cf888a009-AMS expires Fri, 14 Jun 2024 10:59:23 GMT
POST H3	204	collect region1.google-analytics.com/g/	0 17 B	20ms 20ms	Ping text/plain	216.239.32.36
General Check archive.org Show headers Download Go to Full URL https://region1.google-analytics.com/g/collect?v=2&tid=G-88NH947HKP&gtm=45je45d0v888246795za200&_p=1715770762578&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&cid=2140140525.1715770763&ul=nl-nl&sr=1600x1200&uaa=x86&uab=64&uafvl=Chromium%3B124.0.6367.201%7CGoogle%2520Chrome%3B124.0.6367.201%7CNot-A.Brand%3B99.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&frm=0&pscdl=noapi&_eu=AEA&_s=2&sid=1715770762&sct=1&seg=0&dl=https%3A%2F%2Fketquaxosomienbac.cfd%2F&dt=soi%20c%E1%BA%A7u%20l%C3%B4%20xi%C3%AAn%20-%20b%E1%BA%A1ch%20th%E1%BB%A7%20l%C3%B4%20k%C3%A9p%20-%20b%E1%BA%A1ch%20th%E1%BB%A7%20l%C3%B4%202%20nh%C3%A1y%20-%20soi%20c%E1%BA%A7u%20l%C3%B4%20xi%C3%AAn%20-%20b%E1%BA%A1ch%20th%E1%BB%A7%20l%C3%B4%20k%C3%A9p%20-%20b%E1%BA%A1ch%20th%E1%BB%A7%20l%C3%B4%202%20nh%C3%A1y&en=scroll&epn.percent_scrolled=90&_et=21&tfd=6636 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=G-88NH947HKP Protocol H3 Security QUIC, , AES_128_GCM Server 216.239.32.36 -, , ASN (), Reverse DNS Software Golfe2 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://ketquaxosomienbac.cfd/ Accept-Language nl-NL,nl;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers pragma no-cache date Wed, 15 May 2024 10:59:27 GMT server Golfe2 content-type text/plain access-control-allow-origin https://ketquaxosomienbac.cfd cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 expires Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain

www.googletagmanager.com

URL

https://www.googletagmanager.com/gtag/js?id=G-XYQ5GYKHXF&l=dataLayer&cx=c

23 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| google_tag_manager object| google_tag_data object| dataLayer function| gtag function| onYouTubeIframeAPIReady object| gaGlobal string| GoogleAnalyticsObject function| ga object| breeze_prefetch undefined| timer function| ready function| search_for_banned_links function| breeze_ignore_special_links object| _wpemojiSettings undefined| $ function| jQuery string| ChatraID function| Chatra object| lazySizes object| gaplugins object| gaData object| twemoji object| wp

5 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.ketquaxosomienbac.cfd/	1970-01-21 06:12:10	Name: _ga_88NH947HKP Value: GS1.1.1715770762.1.0.1715770762.0.0.0
			.ketquaxosomienbac.cfd/	1970-01-21 06:12:10	Name: _ga_L85EFQFMX7 Value: GS1.1.1715770762.1.0.1715770762.0.0.0
			.ketquaxosomienbac.cfd/	1970-01-21 06:12:10	Name: _ga Value: GA1.2.2140140525.1715770763
			.ketquaxosomienbac.cfd/	1970-01-20 20:37:37	Name: _gid Value: GA1.2.272783365.1715770764
			.ketquaxosomienbac.cfd/	1970-01-20 20:36:10	Name: _gat_gtag_UA_157512640_21 Value: 1

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

call.chatra.io
chat.chatra.io
ketquaxosomienbac.cfd
region1.google-analytics.com
www.google-analytics.com
www.googletagmanager.com
www.googletagmanager.com
172.217.18.8
172.67.13.227
188.114.96.3
2001:4860:4802:34::36
216.239.32.36
2a00:1450:4001:809::200e
2a00:1450:4001:810::2008
2a06:98c1:3121::3
097f2f574fb8173d52a7f1b74c18a33c125a4a5efe061ba390b30eb17549985e
0d1eaf1e711cd41180efddbca4380e414daae492a4f40ec57551f2178719d142
1293a6298af3210418cb87f61386cc4fcad65af272657fbbec11622b1138e31a
1cb679bd2c866094a5c01a3fcb05bff96889ec1dcee95b83a94a5880235f37df
3e49de1032ebd36f4321f224941055976fd515484fddaa3340f734af0515c174
453cb806084fdabec32e286af2e88899f79022125c2527afffbec507975d2c22
4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230
52071e63c81b4f9e629a419bb38d07df75fd25111000182e6dddf652cbed36a9
601e73774ff1f1abadf4377842963c119df9a0d82c4027d9375778c585faecd9
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
7621f63ef0532a7f959eb6ccdeaea692573e76ae86ee65fd05b05394f7b15b80
77b5200d1c9f7c0f29edca5bac751af9f64e4047acf210de90e8c79ab86be571
7bad04e96d61269893ce57b66c989cf0f66b8b1f323a54ad2e40eb00cb008c01
80dde630d93404940d4d3f699382e233dc5d3277e69555b6f17b2833f0cb98d2
8134ff59621748f148d53912fb7bb3ae6882e222ec8815e5c0cb438188bcbc8d
8fb74d5792529d1fb932a5f03984816c82cb739a38bf3da8815f67d89f62a865
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ef3ce56d4c05447c255e03c29ea19920abaf4a36ec0675d7a830274f2bf07052
f846ebaecb2588122ec6570fa925a4b696f3c6565645de93742f67131ce32fae
fc53f10c624d520aae8df3298bf9ac43c3d107ec48db378c52e53d72dc6c977e