ketquaxosomb.cfd Open in urlscan Pro
172.67.200.96 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://ketquaxosomb.cfd/
Submission: On May 09 via api (May 9th 2024, 10:10:35 am UTC) from US — Scanned from DE

Summary HTTP 52 Redirects Links 21 Behaviour Indicators

Summary

This website contacted 9 IPs in 2 countries across 6 domains to perform 52 HTTP transactions. The main IP is 172.67.200.96, located in United States and belongs to CLOUDFLARENET, US. The main domain is ketquaxosomb.cfd.
TLS certificate: Issued by GTS CA 1P5 on April 30th 2024. Valid for: 3 months.

This is the only time ketquaxosomb.cfd was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
28	172.67.200.96 172.67.200.96	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:81c::200a	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:82f::2008	15169 (GOOGLE) (GOOGLE)
2	172.67.13.227 172.67.13.227	13335 (CLOUDFLAR...) (CLOUDFLARENET)
11	2a00:1450:400... 2a00:1450:4001:800::2003	15169 (GOOGLE) (GOOGLE)
2	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:81c::200e	15169 (GOOGLE) (GOOGLE)
1	142.250.185.206 142.250.185.206	15169 (GOOGLE) (GOOGLE)
52	9

28 172.67.200.96 (United States)

ASN13335 (CLOUDFLARENET, US)

ketquaxosomb.cfd	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81c::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:82f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.67.13.227 (United States)

ASN13335 (CLOUDFLARENET, US)

call.chatra.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
chat.chatra.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2a00:1450:4001:800::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:81c::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.206 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s52-in-f14.1e100.net

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
28	ketquaxosomb.cfd ketquaxosomb.cfd	2 MB
11	gstatic.com fonts.gstatic.com	200 KB
5	google-analytics.com region1.google-analytics.com — Cisco Umbrella Rank: 2533 www.google-analytics.com — Cisco Umbrella Rank: 32	21 KB
3	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 39	262 KB
2	chatra.io call.chatra.io — Cisco Umbrella Rank: 48596 chat.chatra.io — Cisco Umbrella Rank: 40501	12 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 33	2 KB
52	6

	Domain	Requested by
28	ketquaxosomb.cfd	ketquaxosomb.cfd
11	fonts.gstatic.com	fonts.googleapis.com
3	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
3	www.googletagmanager.com	ketquaxosomb.cfd www.googletagmanager.com
2	region1.google-analytics.com	www.googletagmanager.com
1	chat.chatra.io	call.chatra.io
1	call.chatra.io	ketquaxosomb.cfd
1	fonts.googleapis.com	ketquaxosomb.cfd
52	8

This site contains links to these domains. Also see Links.

Domain
soicauxosochuan88.com
xosochinhxac68.com
soicauxosochuan100.com
soicauxsmn86.com
soicauchuan100.com
soicauchuan99.com
soicauchuan52.com
soicauchuan366.com
vuabachthu.mobi
soicauxoso100.com
soicaubachthuxoso.com
soicaubachthuxs.com
dudoanbachthuxoso.com
dudoanbachthuxs.com
dudoanbachthu888.com
dudoan3cangxoso.com
dudoanxoso3cang.com
xosobachthu888.com
xosobachthuvip.com
xosobachthulo88.com
themesdna.com

Subject Issuer	Validity	Valid
ketquaxosomb.cfd GTS CA 1P5	`2024-04-30` - `2024-07-29`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2024-04-16` - `2024-07-09`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2024-04-16` - `2024-07-09`	3 months	crt.sh
chatra.io GTS CA 1P5	`2024-03-16` - `2024-06-14`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2024-04-16` - `2024-07-09`	3 months	crt.sh

This page contains 2 frames:

Primary Page: https://ketquaxosomb.cfd/
Frame ID: BF4163073CF594DD08C8E42EF4C3C5F8
Requests: 51 HTTP requests in this frame

Frame: https://chat.chatra.io/?isModern=true
Frame ID: D1968770ED4CAF119DEEB5F0364FADEB
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

cau 2 nhay dep hom nay - cau hai nhay mien bac - cau 2 nhay dep hom nay - cau hai nhay mien bac

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/

Yoast SEO (SEO) Expand

Overall confidence: 100%
Detected patterns

<!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

52
Requests

96 %
HTTPS

63 %
IPv6

6
Domains

8
Subdomains

9
IPs

2
Countries

2081 kB
Transfer

3014 kB
Size

5
Cookies

21 Outgoing links

These are links going to different origins than the main page.

URL: https://soicauxosochuan88.com/
Title: soicauxosochuan88.com

Search URL Search Domain Scan URL

URL: https://xosochinhxac68.com/
Title: xosochinhxac68.com

Search URL Search Domain Scan URL

URL: https://soicauxosochuan100.com/
Title: soicauxosochuan100.com

Search URL Search Domain Scan URL

URL: https://soicauxsmn86.com/
Title: soicauxsmn86.com

Search URL Search Domain Scan URL

URL: https://soicauchuan100.com/
Title: soicauchuan100.com

Search URL Search Domain Scan URL

URL: https://soicauchuan99.com/
Title: soicauchuan99.com

Search URL Search Domain Scan URL

URL: https://soicauchuan52.com/
Title: soicauchuan52.com

Search URL Search Domain Scan URL

URL: https://soicauchuan366.com/
Title: soicauchuan366.com

Search URL Search Domain Scan URL

URL: https://vuabachthu.mobi/
Title: vuabachthu.mobi

Search URL Search Domain Scan URL

URL: https://soicauxoso100.com/
Title: soicauxoso100.com

Search URL Search Domain Scan URL

URL: https://soicaubachthuxoso.com/
Title: soicaubachthuxoso.com

Search URL Search Domain Scan URL

URL: https://soicaubachthuxs.com/
Title: soicaubachthuxs.com

Search URL Search Domain Scan URL

URL: https://dudoanbachthuxoso.com/
Title: dudoanbachthuxoso.com

Search URL Search Domain Scan URL

URL: https://dudoanbachthuxs.com/
Title: dudoanbachthuxs.com

Search URL Search Domain Scan URL

URL: https://dudoanbachthu888.com/
Title: dudoanbachthu888.com

Search URL Search Domain Scan URL

URL: https://dudoan3cangxoso.com/
Title: dudoan3cangxoso.com

Search URL Search Domain Scan URL

URL: https://dudoanxoso3cang.com/
Title: dudoanxoso3cang.com

Search URL Search Domain Scan URL

URL: https://xosobachthu888.com/
Title: xosobachthu888.com

Search URL Search Domain Scan URL

URL: https://xosobachthuvip.com/
Title: xosobachthuvip.com

Search URL Search Domain Scan URL

URL: https://xosobachthulo88.com/
Title: xosobachthulo88.com

Search URL Search Domain Scan URL

URL: https://themesdna.com/
Title: Design by ThemesDNA.com

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

52 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H3 200 Primary Request / Show response
ketquaxosomb.cfd/ 99 KB
14 KB 963ms
857ms Document
text/html 172.67.200.96
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ketquaxosomb.cfd/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.200.96 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

46db9b840b9126598ccbc1ba3ac95ddbe7c0d571eb644fa3c716ba584e35083a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 8810e6564d592c46-FRA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Thu, 09 May 2024 10:10:27 GMT
link: <https://ketquaxosomb.cfd/wp-json/>; rel="https://api.w.org/"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=RTU1RQxVJ9Ts0JhxjhwuKA6tA%2BhrY1vc05m3kIealMQTm2AbZ86O4Go14dZrOl7tCQ3YSnk8gQcWd0Y9TnXg50tAFhaxtx9YXRuu39v7gFvYNMU7fUiC3ud8oU4LynW%2B10Xz"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block

GET
H3 200 style.min.css
ketquaxosomb.cfd/wp-includes/css/dist/block-library/ 108 KB
15 KB 703ms
703ms Stylesheet
text/css 172.67.200.96
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ketquaxosomb.cfd/wp-includes/css/dist/block-library/style.min.css?ver=6.4.4
Requested by: Host: ketquaxosomb.cfd
URL: https://ketquaxosomb.cfd/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.200.96 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0085adfd2d08a45f62a06d8f3f969ddc4a94ebe8d226511db90aa038f11ed180

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://ketquaxosomb.cfd/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: public
date: Thu, 09 May 2024 10:10:28 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Sat, 17 Feb 2024 10:15:47 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"65d08753-1ae43"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2Bci%2B4XQbOT52frB4gwQoCa4zcksGFKIR%2FCarXaz1PkfgDsX89imRqLzvM0IITUtfCH3S5%2Fms%2Fwa%2FVBEu1wPME%2F6UXf%2FnG8Y4Z5qLMhqFoIeT5DljIYYwqC3JBMmEi0QQgIaS"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=2592000, must-revalidate, proxy-revalidate
cf-ray: 8810e65bbbd92c46-FRA
alt-svc: h3=":443"; ma=86400
expires: Sat, 08 Jun 2024 10:10:27 GMT

GET
H3 200 style.css
ketquaxosomb.cfd/wp-content/themes/elitewp/ 87 KB
14 KB 482ms
481ms Stylesheet
text/css 172.67.200.96
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ketquaxosomb.cfd/wp-content/themes/elitewp/style.css
Requested by: Host: ketquaxosomb.cfd
URL: https://ketquaxosomb.cfd/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.200.96 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 78a45b1928ee3c7704eb75048a508545d7e9345e2b4cd2b80b06ad35049dcd83

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://ketquaxosomb.cfd/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: public
date: Thu, 09 May 2024 10:10:28 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Tue, 23 Apr 2024 04:43:03 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"66273c57-15acb"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=U%2BVxGDvTQhbcLCu57iAgrg7ra7BvGg64eGoAb%2B3TmkjCnd%2FT5cHjdeplN8x1ewGI4CoPbd8mqsJYBh0fhZy%2BtVNbGMr%2F4CSMFp0fOapeu8a%2FUAsy3ZTaoIvSrq8OlG8FNRZv"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=2592000, must-revalidate, proxy-revalidate
cf-ray: 8810e65bbbdb2c46-FRA
alt-svc: h3=":443"; ma=86400
expires: Sat, 08 Jun 2024 10:10:27 GMT

GET
H3 200 font-awesome.min.css
ketquaxosomb.cfd/wp-content/themes/elitewp/assets/css/ 30 KB
7 KB 479ms
478ms Stylesheet
text/css 172.67.200.96
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ketquaxosomb.cfd/wp-content/themes/elitewp/assets/css/font-awesome.min.css
Requested by: Host: ketquaxosomb.cfd
URL: https://ketquaxosomb.cfd/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.200.96 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://ketquaxosomb.cfd/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: public
date: Thu, 09 May 2024 10:10:28 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Tue, 23 Apr 2024 04:43:03 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"66273c57-7918"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=v92Vux4n23HqG0a6lbYVkbbdSsxelsW5DiJUvJT94JZ%2BPwZCB3LQGlo6G5mzVlJFF%2FlmDQrTfa8wFca447mhWppsr45D%2BXUsHdirZZEVERQXqSzGBTxIEY5QA7%2BvJoUkmYYb"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=2592000, must-revalidate, proxy-revalidate
cf-ray: 8810e65bbbdc2c46-FRA
alt-svc: h3=":443"; ma=86400
expires: Sat, 08 Jun 2024 10:10:27 GMT

GET
H2 200 css
fonts.googleapis.com/ 19 KB
2 KB 168ms
57ms Stylesheet
text/css 2a00:1450:4001:81c::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Playfair+Display:400,400i,700,700i|Domine:400,700|Oswald:400,700|Merriweather:400,400i,700,700i&display=swap

Requested by

Host: ketquaxosomb.cfd
URL: https://ketquaxosomb.cfd/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

42d4d56d4379c7ccbc7a57a95e03c1b219340c6b0d270ed9e09a0bad3af35e73

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://ketquaxosomb.cfd/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000
date: Thu, 09 May 2024 10:10:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 09 May 2024 10:10:27 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 09 May 2024 10:10:27 GMT

GET
H3 200 breeze-prefetch-links.min.js Show response
ketquaxosomb.cfd/wp-content/plugins/breeze/assets/js/js-front-end/ 1 KB
1 KB 588ms
587ms Script
application/javascript 172.67.200.96
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ketquaxosomb.cfd/wp-content/plugins/breeze/assets/js/js-front-end/breeze-prefetch-links.min.js?ver=2.1.6
Requested by: Host: ketquaxosomb.cfd
URL: https://ketquaxosomb.cfd/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.200.96 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ba455d37c7be6e906f933c4abeab7feaabfcb5b267d6d062c287fe077f0c19ca

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://ketquaxosomb.cfd/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: public
date: Thu, 09 May 2024 10:10:28 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Thu, 18 Apr 2024 02:40:00 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"66208800-475"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=zGsXwIainwQrRcRLyiQqzdbKOoo%2B00TmfP2fm%2BubnEG%2B7wAeyZM9yzVusTLWO9toPG02t2G7YckbYWhV%2FB4%2B8rAFd%2BwKITjogxovm%2FMzuH08ioahUqSsovAoGSgT%2FK3GSZ4S"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=2592000, must-revalidate, proxy-revalidate
cf-ray: 8810e65bbbdd2c46-FRA
alt-svc: h3=":443"; ma=86400
expires: Sat, 08 Jun 2024 10:10:27 GMT

GET
H3 200 jquery.min.js Show response
ketquaxosomb.cfd/wp-includes/js/jquery/ 86 KB
31 KB 705ms
705ms Script
application/javascript 172.67.200.96
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ketquaxosomb.cfd/wp-includes/js/jquery/jquery.min.js?ver=3.7.1
Requested by: Host: ketquaxosomb.cfd
URL: https://ketquaxosomb.cfd/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.200.96 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://ketquaxosomb.cfd/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: public
date: Thu, 09 May 2024 10:10:28 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Sat, 17 Feb 2024 10:15:47 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"65d08753-15601"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=PfzqOmjB4eT%2Bg8P31k8w%2FwZyZyUl%2FvP5s%2BFoUwk32UvVGe6wgTLbIekC9OMH7WjOcEKuRGZhw2eCOIpj5tdrf9xxdd0CapnjZpJz7G1Ta2k%2FLoEhGwU8wpSl5INaiDXLsvIq"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=2592000, must-revalidate, proxy-revalidate
cf-ray: 8810e65bbbe12c46-FRA
alt-svc: h3=":443"; ma=86400
expires: Sat, 08 Jun 2024 10:10:27 GMT

GET
H3 200 jquery-migrate.min.js Show response
ketquaxosomb.cfd/wp-includes/js/jquery/ 13 KB
5 KB 531ms
530ms Script
application/javascript 172.67.200.96
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ketquaxosomb.cfd/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1
Requested by: Host: ketquaxosomb.cfd
URL: https://ketquaxosomb.cfd/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.200.96 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://ketquaxosomb.cfd/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: public
date: Thu, 09 May 2024 10:10:28 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Sat, 17 Feb 2024 10:15:47 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"65d08753-3509"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=lJhuJSAqDSC1Vhsr1leiRpzC9caT87dL87LauUb5nB5EfKE5gnxvI1O6k4ksTLHmqE9UZH0PiahJIH1AdBfHNbus8GbjWURDWq0FzlUzHWlWqCWiHYE4PfckIA7g2KOfHyZB"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=2592000, must-revalidate, proxy-revalidate
cf-ray: 8810e65bbbe42c46-FRA
alt-svc: h3=":443"; ma=86400
expires: Sat, 08 Jun 2024 10:10:27 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 268 KB
93 KB 149ms
59ms Script
application/javascript 2a00:1450:4001:82f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-88NH947HKP

Requested by

Host: ketquaxosomb.cfd
URL: https://ketquaxosomb.cfd/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

9daba04e6dc3a082550d2f49f91059d3112a53ca57eee5861434abf42f3f31df

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://ketquaxosomb.cfd/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 09 May 2024 10:10:28 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 94884
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Thu, 09 May 2024 10:10:28 GMT

GET
H3 200 soi-cau-mien-nam.png
ketquaxosomb.cfd/wp-content/uploads/2024/02/ 141 KB
142 KB 843ms
842ms Image
image/png 172.67.200.96
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ketquaxosomb.cfd/wp-content/uploads/2024/02/soi-cau-mien-nam.png
Requested by: Host: ketquaxosomb.cfd
URL: https://ketquaxosomb.cfd/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.200.96 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3e22c149177cfec3dec269175733c9be5c8687c22aeedb4e91a6e62521c08860

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://ketquaxosomb.cfd/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 09 May 2024 10:10:28 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 144660
pragma: public
last-modified: Sat, 08 Feb 2020 14:53:54 GMT
server: cloudflare
etag: "5e3ecb82-23514"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=55k%2FZvIfxjaDlp7fdQBLPWltUfySnFrVFtCv16l57sT6G3xOscK%2FdXOhA5JdxFIXGAq1jnsAV1JfInKUKUnOW%2FDQfDynmk83%2BIwR5i8dm0b5JTaNghAqUkovrQG%2BDNlHJJP9"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=2592000, must-revalidate, proxy-revalidate
accept-ranges: bytes
cf-ray: 8810e65bbbe82c46-FRA
expires: Sat, 08 Jun 2024 10:10:27 GMT

GET
H3 200 soi-cau-xsmb-1.jpg
ketquaxosomb.cfd/wp-content/uploads/2024/02/ 33 KB
33 KB 660ms
659ms Image
image/jpeg 172.67.200.96
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ketquaxosomb.cfd/wp-content/uploads/2024/02/soi-cau-xsmb-1.jpg
Requested by: Host: ketquaxosomb.cfd
URL: https://ketquaxosomb.cfd/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.200.96 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b82d7b3358b689cd6b080b7e2a6b9eb00530922afda2f0389b2b171f2c94b5a4

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://ketquaxosomb.cfd/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 09 May 2024 10:10:28 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 33703
pragma: public
last-modified: Sat, 08 Feb 2020 14:54:44 GMT
server: cloudflare
etag: "5e3ecbb4-83a7"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=KijNIIYFlufb3GNV88K%2BzBPAd%2FNJGx9LZJeFhkh98LvS04smCOhKN2GuM7YDHaNJ%2BqvyGSCj%2B%2F5wyp2I83VdMLmP%2B8grSX3UDfVuHnmHQZEiJsFkKkg3mFseFIbV%2F06JNLI4"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=2592000, must-revalidate, proxy-revalidate
accept-ranges: bytes
cf-ray: 8810e65bbbea2c46-FRA
expires: Sat, 08 Jun 2024 10:10:27 GMT

GET
H3 200 images.jpg
ketquaxosomb.cfd/wp-content/uploads/2024/02/ 12 KB
13 KB 479ms
479ms Image
image/jpeg 172.67.200.96
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ketquaxosomb.cfd/wp-content/uploads/2024/02/images.jpg
Requested by: Host: ketquaxosomb.cfd
URL: https://ketquaxosomb.cfd/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.200.96 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a7194feead101a7174031f11d5ed0fc2283f006614d6c06cecaec25c92b27d58

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://ketquaxosomb.cfd/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 09 May 2024 10:10:28 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 12651
pragma: public
last-modified: Sat, 08 Feb 2020 14:52:38 GMT
server: cloudflare
etag: "5e3ecb36-316b"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=gH242Wa85AKMN%2Bu1xJ5nh5zJ50%2Fm6w9XVMexkM6afRiHl6HYr1iDza%2F4NMQggrZii3XEKTmG1pEToJxsye7Z%2FcMFE9SEuqmeEgJCauxEoGe5wc6oJbon0i4i1jfHamD0M%2BEm"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=2592000, must-revalidate, proxy-revalidate
accept-ranges: bytes
cf-ray: 8810e65bbbec2c46-FRA
expires: Sat, 08 Jun 2024 10:10:27 GMT

GET
BLOB 200
OK d6ded30d-7f6f-4b43-87af-bfcc77f30994
https://ketquaxosomb.cfd/ 1 KB
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://ketquaxosomb.cfd/d6ded30d-7f6f-4b43-87af-bfcc77f30994
Requested by: Host: ketquaxosomb.cfd
URL: https://ketquaxosomb.cfd/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 453cb806084fdabec32e286af2e88899f79022125c2527afffbec507975d2c22

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Content-Length: 1245
Content-Type: text/javascript

GET
H3 200 jquery.fitvids.min.js Show response
ketquaxosomb.cfd/wp-content/themes/elitewp/assets/js/ 2 KB
1 KB 673ms
673ms Script
application/javascript 172.67.200.96
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ketquaxosomb.cfd/wp-content/themes/elitewp/assets/js/jquery.fitvids.min.js
Requested by: Host: ketquaxosomb.cfd
URL: https://ketquaxosomb.cfd/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.200.96 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8570b14bb3216bcfb445442d65095db7428892ea6ed93a1ce3c04e28dbd238ee

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://ketquaxosomb.cfd/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: public
date: Thu, 09 May 2024 10:10:28 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Tue, 23 Apr 2024 04:43:03 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"66273c57-6f5"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=YJMJmiSRBBDoPprsqqIWDX4rFZYHsHFQmFdpnVeZwtfnjpUzQLjirPK4KJ2uWjiidzwKln8MsDDHqIN4PgiMpJRE3i%2Fda%2FZu6drSHqNxYcHiLSKGSR1OEwSNpcO8DGCVMSPO"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=2592000, must-revalidate, proxy-revalidate
cf-ray: 8810e65ebf912c46-FRA
alt-svc: h3=":443"; ma=86400
expires: Sat, 08 Jun 2024 10:10:27 GMT

GET
H3 200 ResizeSensor.min.js Show response
ketquaxosomb.cfd/wp-content/themes/elitewp/assets/js/ 3 KB
2 KB 383ms
381ms Script
application/javascript 172.67.200.96
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ketquaxosomb.cfd/wp-content/themes/elitewp/assets/js/ResizeSensor.min.js
Requested by: Host: ketquaxosomb.cfd
URL: https://ketquaxosomb.cfd/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.200.96 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 07bc3a2bf40fa4e58d61173cfdb07805e087abe5251d6c3b7370e0f9433a28d1

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://ketquaxosomb.cfd/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: public
date: Thu, 09 May 2024 10:10:28 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Tue, 23 Apr 2024 04:43:03 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"66273c57-c29"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=25%2FOV7FYU3HFphN2BuQEVhKClhFqdZHwwhPXVkvEewiPluWs8L3e4oOKPWgALiDLipN69wiS%2B0QG60ONJ7%2F67wl6bfzdqXjoOLzGAXFN3i9%2F6sKFZd4DkFXKJNr1RDbL856Z"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=2592000, must-revalidate, proxy-revalidate
cf-ray: 8810e66089ae2c46-FRA
alt-svc: h3=":443"; ma=86400
expires: Sat, 08 Jun 2024 10:10:27 GMT

GET
H3 200 theia-sticky-sidebar.min.js Show response
ketquaxosomb.cfd/wp-content/themes/elitewp/assets/js/ 5 KB
2 KB 445ms
442ms Script
application/javascript 172.67.200.96
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ketquaxosomb.cfd/wp-content/themes/elitewp/assets/js/theia-sticky-sidebar.min.js
Requested by: Host: ketquaxosomb.cfd
URL: https://ketquaxosomb.cfd/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.200.96 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3b7d090bfef903e07622e5fbdc7680187a4bd1c624b594d863d74e2c4dea7550

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://ketquaxosomb.cfd/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: public
date: Thu, 09 May 2024 10:10:28 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Tue, 23 Apr 2024 04:43:03 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"66273c57-14f4"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=raEr1cvpoJPjNY03zPHQXoCza2siAOqGkEiz1%2BclejSjN6EDN2gcx4%2B3Qlmmaqs54fABeAhJtJWJjVlU9Q23FXTine4Tn1dvuePkH9a1epeOy%2B7YYllayRuTW6lJCStYZV7e"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=2592000, must-revalidate, proxy-revalidate
cf-ray: 8810e66089af2c46-FRA
alt-svc: h3=":443"; ma=86400
expires: Sat, 08 Jun 2024 10:10:27 GMT

GET
H3 200 navigation.js Show response
ketquaxosomb.cfd/wp-content/themes/elitewp/assets/js/ 9 KB
2 KB 455ms
453ms Script
application/javascript 172.67.200.96
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ketquaxosomb.cfd/wp-content/themes/elitewp/assets/js/navigation.js
Requested by: Host: ketquaxosomb.cfd
URL: https://ketquaxosomb.cfd/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.200.96 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 226c8bcdf67d991a8f593e5a89e6abec542182ed44cb84a1345c3944422dae58

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://ketquaxosomb.cfd/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: public
date: Thu, 09 May 2024 10:10:28 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Tue, 23 Apr 2024 04:43:03 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"66273c57-2379"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Oy5ONaHSg9W8lUXAEopoMR0oWFozVEKCaydHd9iuBFp7Cn8jv02PriUIiz9zEDFq1xVnB9Y9T0AsCqJnE9nZx%2FE0wBSwjrBkZLho2jNkSa5hohookvi2%2Bct467q1QUTLdumx"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=2592000, must-revalidate, proxy-revalidate
cf-ray: 8810e66089b02c46-FRA
alt-svc: h3=":443"; ma=86400
expires: Sat, 08 Jun 2024 10:10:27 GMT

GET
H3 200 skip-link-focus-fix.js Show response
ketquaxosomb.cfd/wp-content/themes/elitewp/assets/js/ 835 B
897 B 446ms
443ms Script
application/javascript 172.67.200.96
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ketquaxosomb.cfd/wp-content/themes/elitewp/assets/js/skip-link-focus-fix.js
Requested by: Host: ketquaxosomb.cfd
URL: https://ketquaxosomb.cfd/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.200.96 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 27dd7acaa6d0d44f6c5c3cc1614370ac5da290452b3e6984b7e61b207569890b

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://ketquaxosomb.cfd/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: public
date: Thu, 09 May 2024 10:10:28 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Tue, 23 Apr 2024 04:43:03 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"66273c57-343"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=SmhKpPkJhAASQGnhUZ%2BjUOTYd6OHFZ5uk242N7VegLVwVWmpwcgJK1lA9vZN%2Bc90rgDFaIeVBwaeC3NkLv%2FTdQUNUQPi9GTAgYNT7%2Fc1J8IoM2jv5%2FPi0xHJOq6H91nN0IzI"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=2592000, must-revalidate, proxy-revalidate
cf-ray: 8810e66089b12c46-FRA
alt-svc: h3=":443"; ma=86400
expires: Sat, 08 Jun 2024 10:10:27 GMT

GET
H3 200 custom.js Show response
ketquaxosomb.cfd/wp-content/themes/elitewp/assets/js/ 7 KB
2 KB 442ms
440ms Script
application/javascript 172.67.200.96
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ketquaxosomb.cfd/wp-content/themes/elitewp/assets/js/custom.js
Requested by: Host: ketquaxosomb.cfd
URL: https://ketquaxosomb.cfd/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.200.96 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5d761f5af186616e781be446bed45ff0be3f10c728dcdc276280bb1ccfceb31d

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://ketquaxosomb.cfd/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: public
date: Thu, 09 May 2024 10:10:28 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Tue, 23 Apr 2024 04:43:03 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"66273c57-1c6a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Ri3NG1LLLIgYOEu2NQogWrK9sUDo6Bx%2BE5RfPGDJzRrif4B3aAZGFIOaJFlyibnypTsYKUUQdcrFVw7Bp%2BiwSrwFknYZ8c3kqx4G7K98PPGgyu%2BJqHS8YtVrevEofqdJNI3C"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=2592000, must-revalidate, proxy-revalidate
cf-ray: 8810e66089b32c46-FRA
alt-svc: h3=":443"; ma=86400
expires: Sat, 08 Jun 2024 10:10:27 GMT

GET
H3 200 breeze-lazy-load.min.js Show response
ketquaxosomb.cfd/wp-content/plugins/breeze/assets/js/js-front-end/ 7 KB
4 KB 458ms
456ms Script
application/javascript 172.67.200.96
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ketquaxosomb.cfd/wp-content/plugins/breeze/assets/js/js-front-end/breeze-lazy-load.min.js?ver=2.1.6
Requested by: Host: ketquaxosomb.cfd
URL: https://ketquaxosomb.cfd/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.200.96 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 421ba8749f7eb6dc1f87bfd85f43f4060ab55a38c676dd89f92f7626b8854024

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://ketquaxosomb.cfd/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: public
date: Thu, 09 May 2024 10:10:28 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Thu, 18 Apr 2024 02:40:00 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"66208800-1c89"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=yhmaE9HHViPIMQmFvl9PAktQS1PBpgxLQpZ0vxRnfNSPiNut4rGyr9hGoyi4RoVope0B8zs3%2B4jZd6PtVLxjyXYTYykI%2F%2Fcq%2FAO93g8J%2BkYxyYXu7Ct2HWDWKVt7wGO2Erft"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=2592000, must-revalidate, proxy-revalidate
cf-ray: 8810e66089b52c46-FRA
alt-svc: h3=":443"; ma=86400
expires: Sat, 08 Jun 2024 10:10:27 GMT

GET
H3 200 chatra.js Show response
call.chatra.io/ 46 KB
12 KB 119ms
59ms Script
text/javascript 172.67.13.227
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://call.chatra.io/chatra.js
Requested by: Host: ketquaxosomb.cfd
URL: https://ketquaxosomb.cfd/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.13.227 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 097f2f574fb8173d52a7f1b74c18a33c125a4a5efe061ba390b30eb17549985e

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://ketquaxosomb.cfd/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 09 May 2024 10:10:28 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 24 Aug 2023 12:45:59 GMT
server: cloudflare
age: 1472
etag: W/"b872-18a27948358"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
cache-control: public, max-age=1800, s-maxage=1800, stale-while-revalidate=300, stale-if-error=1800
cf-ray: 8810e660e95f65a5-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 background.png
ketquaxosomb.cfd/wp-content/themes/elitewp/assets/images/ 3 KB
3 KB 489ms
488ms Image
image/png 172.67.200.96
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ketquaxosomb.cfd/wp-content/themes/elitewp/assets/images/background.png
Requested by: Host: ketquaxosomb.cfd
URL: https://ketquaxosomb.cfd/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.200.96 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4ceab23af1ef06b19ea4f0b703fe4cd99b513c0552d46aa28dcc8e67dca7f5be

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://ketquaxosomb.cfd/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 09 May 2024 10:10:29 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 3022
pragma: public
last-modified: Tue, 23 Apr 2024 04:43:03 GMT
server: cloudflare
etag: "66273c57-bce"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=0QxdVykmHjF0NS58%2B2aBPQnaaQI%2F94JxoTtTFXpfwApwSbvcTlDg7aBQGxcou9%2FFEGal8ShQ%2FeNhM89QQN%2FznkUdB1QcZvfCSc5eAjnNdR1o%2B3fIOszQ0xuSL2a0QjHRvqYg"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=2592000, must-revalidate, proxy-revalidate
accept-ranges: bytes
cf-ray: 8810e66089b62c46-FRA
expires: Sat, 08 Jun 2024 10:10:27 GMT

GET
H2 200 L0x8DFMnlVwD4h3hu_qn.woff2
fonts.gstatic.com/s/domine/v23/ 28 KB
28 KB 272ms
168ms Font
font/woff2 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/domine/v23/L0x8DFMnlVwD4h3hu_qn.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Playfair+Display:400,400i,700,700i|Domine:400,700|Oswald:400,700|Merriweather:400,400i,700,700i&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

41b4ddea1cc70923bc5e2233d5bb0b404533079c4e973d4f719c5d0cd05c3482

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://fonts.googleapis.com/
Origin: https://ketquaxosomb.cfd
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 03 May 2024 00:51:12 GMT
x-content-type-options: nosniff
age: 551956
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 28244
x-xss-protection: 0
last-modified: Thu, 11 Apr 2024 18:31:35 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 03 May 2025 00:51:12 GMT

GET
H2 200 TK3IWkUHHAIjg75cFRf3bXL8LICs1_Fv40pKlN4NNSeSASz7FmlWHYg.woff2
fonts.gstatic.com/s/oswald/v53/ 21 KB
21 KB 204ms
100ms Font
font/woff2 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/oswald/v53/TK3IWkUHHAIjg75cFRf3bXL8LICs1_Fv40pKlN4NNSeSASz7FmlWHYg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Playfair+Display:400,400i,700,700i|Domine:400,700|Oswald:400,700|Merriweather:400,400i,700,700i&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

99027d866818f716d208569108a962ac72200197cae503efe5b6bf002bf4915b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://fonts.googleapis.com/
Origin: https://ketquaxosomb.cfd
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 04 May 2024 19:07:33 GMT
x-content-type-options: nosniff
age: 399775
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 21444
x-xss-protection: 0
last-modified: Tue, 15 Aug 2023 18:38:40 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 04 May 2025 19:07:33 GMT

GET
H3 200 fontawesome-webfont.woff2
ketquaxosomb.cfd/wp-content/themes/elitewp/assets/fonts/ 75 KB
76 KB 2696ms
2693ms Font
font/woff2 172.67.200.96
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ketquaxosomb.cfd/wp-content/themes/elitewp/assets/fonts/fontawesome-webfont.woff2?v=4.7.0

Requested by

Host: ketquaxosomb.cfd
URL: https://ketquaxosomb.cfd/wp-content/themes/elitewp/assets/css/font-awesome.min.css

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.200.96 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://ketquaxosomb.cfd/wp-content/themes/elitewp/assets/css/font-awesome.min.css
Origin: https://ketquaxosomb.cfd
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 09 May 2024 10:10:29 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 77160
x-xss-protection: 1; mode=block
last-modified: Tue, 23 Apr 2024 04:43:03 GMT
server: cloudflare
etag: "66273c57-12d68"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=MbsOtNtjxmViNxcfe7mHlWf03wIzGRXpwi%2FmIF4VqhDr2TyUMYcpHzQQgv%2Bfvh9BlPsSjxT89FFOIF5bSZmtOVr%2BpbGX3n6hPyGfopFMTthRrEOttO2qhll7uo%2ByBbW10Lkl"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
vary: Accept-Encoding
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 8810e660ca172c46-FRA

GET
H2 200 nuFiD-vYSZviVYUb_rj3ij__anPXDTzYgA.woff2
fonts.gstatic.com/s/playfairdisplay/v37/ 37 KB
38 KB 250ms
147ms Font
font/woff2 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/playfairdisplay/v37/nuFiD-vYSZviVYUb_rj3ij__anPXDTzYgA.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Playfair+Display:400,400i,700,700i|Domine:400,700|Oswald:400,700|Merriweather:400,400i,700,700i&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cb8cac32d5cef83e7674916378c2f47bdbba7e6e6bd936f8026a58ac4e71fa53

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://fonts.googleapis.com/
Origin: https://ketquaxosomb.cfd
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 07 May 2024 09:09:55 GMT
x-content-type-options: nosniff
age: 176433
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 38372
x-xss-protection: 0
last-modified: Wed, 31 Jan 2024 23:15:02 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 07 May 2025 09:09:55 GMT

GET
H2 200 u-4n0qyriQwlOrhSvowK_l52xwNZWMf6.woff2
fonts.gstatic.com/s/merriweather/v30/ 19 KB
19 KB 264ms
160ms Font
font/woff2 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/merriweather/v30/u-4n0qyriQwlOrhSvowK_l52xwNZWMf6.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Playfair+Display:400,400i,700,700i|Domine:400,700|Oswald:400,700|Merriweather:400,400i,700,700i&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

273c8613cdd2852dd5318f224d804ae6d2fc717c48d3f1dab587b6d396fb4fc8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://fonts.googleapis.com/
Origin: https://ketquaxosomb.cfd
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 07 May 2024 07:46:56 GMT
x-content-type-options: nosniff
age: 181412
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19740
x-xss-protection: 0
last-modified: Tue, 26 Apr 2022 15:48:38 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 07 May 2025 07:46:56 GMT

GET
H2 200 TK3IWkUHHAIjg75cFRf3bXL8LICs1_Fv40pKlN4NNSeSASz7FmlYHYjedg.woff2
fonts.gstatic.com/s/oswald/v53/ 18 KB
18 KB 226ms
122ms Font
font/woff2 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/oswald/v53/TK3IWkUHHAIjg75cFRf3bXL8LICs1_Fv40pKlN4NNSeSASz7FmlYHYjedg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Playfair+Display:400,400i,700,700i|Domine:400,700|Oswald:400,700|Merriweather:400,400i,700,700i&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a2af879c9d863ff503ebd89ef251c9d8caa2c8063f097c29e31856e27aca2630

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://fonts.googleapis.com/
Origin: https://ketquaxosomb.cfd
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 07 May 2024 02:54:35 GMT
x-content-type-options: nosniff
age: 198953
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 18716
x-xss-protection: 0
last-modified: Tue, 15 Aug 2023 18:23:36 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 07 May 2025 02:54:35 GMT

GET
H2 200 TK3IWkUHHAIjg75cFRf3bXL8LICs1_Fv40pKlN4NNSeSASz7FmlZHYjedg.woff2
fonts.gstatic.com/s/oswald/v53/ 6 KB
7 KB 145ms
42ms Font
font/woff2 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/oswald/v53/TK3IWkUHHAIjg75cFRf3bXL8LICs1_Fv40pKlN4NNSeSASz7FmlZHYjedg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Playfair+Display:400,400i,700,700i|Domine:400,700|Oswald:400,700|Merriweather:400,400i,700,700i&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

31d66284204ab36bfd0b97ed55fcf8e4bbceafa0a8bd46b71f64db8d0ef9d500

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://fonts.googleapis.com/
Origin: https://ketquaxosomb.cfd
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 06 May 2024 20:23:14 GMT
x-content-type-options: nosniff
age: 222434
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6224
x-xss-protection: 0
last-modified: Tue, 15 Aug 2023 18:25:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 06 May 2025 20:23:14 GMT

GET
H2 200 u-4n0qyriQwlOrhSvowK_l52xwNZVsf6lvg.woff2
fonts.gstatic.com/s/merriweather/v30/ 18 KB
18 KB 151ms
48ms Font
font/woff2 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/merriweather/v30/u-4n0qyriQwlOrhSvowK_l52xwNZVsf6lvg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Playfair+Display:400,400i,700,700i|Domine:400,700|Oswald:400,700|Merriweather:400,400i,700,700i&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c885b71cffb1153ba213e090165c17fdda244b4807b622c1cee91025b536dd53

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://fonts.googleapis.com/
Origin: https://ketquaxosomb.cfd
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 07 May 2024 00:58:49 GMT
x-content-type-options: nosniff
age: 205899
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 18416
x-xss-protection: 0
last-modified: Tue, 26 Apr 2022 15:45:21 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 07 May 2025 00:58:49 GMT

GET
H2 200 u-4n0qyriQwlOrhSvowK_l52xwNZV8f6lvg.woff2
fonts.gstatic.com/s/merriweather/v30/ 8 KB
8 KB 244ms
141ms Font
font/woff2 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/merriweather/v30/u-4n0qyriQwlOrhSvowK_l52xwNZV8f6lvg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Playfair+Display:400,400i,700,700i|Domine:400,700|Oswald:400,700|Merriweather:400,400i,700,700i&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a619ae1c332145518f3ed463be52e3c71f63ecd71b0fdeae601b1878170005a9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://fonts.googleapis.com/
Origin: https://ketquaxosomb.cfd
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 09 May 2024 06:15:30 GMT
x-content-type-options: nosniff
age: 14098
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7852
x-xss-protection: 0
last-modified: Tue, 26 Apr 2022 15:45:21 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 09 May 2025 06:15:30 GMT

GET
H2 200 L0x8DFMnlVwD4h3htfqndSk.woff2
fonts.gstatic.com/s/domine/v23/ 15 KB
15 KB 238ms
136ms Font
font/woff2 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/domine/v23/L0x8DFMnlVwD4h3htfqndSk.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Playfair+Display:400,400i,700,700i|Domine:400,700|Oswald:400,700|Merriweather:400,400i,700,700i&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4e5ea0bab281ca10ec35832f16f6a8e1ab0cb165a49640e26392f706dc09733d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://fonts.googleapis.com/
Origin: https://ketquaxosomb.cfd
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 07 May 2024 07:49:10 GMT
x-content-type-options: nosniff
age: 181278
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14864
x-xss-protection: 0
last-modified: Thu, 11 Apr 2024 18:31:40 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 07 May 2025 07:49:10 GMT

GET
H2 200 nuFiD-vYSZviVYUb_rj3ij__anPXDTLYgFE_.woff2
fonts.gstatic.com/s/playfairdisplay/v37/ 20 KB
20 KB 185ms
83ms Font
font/woff2 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/playfairdisplay/v37/nuFiD-vYSZviVYUb_rj3ij__anPXDTLYgFE_.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Playfair+Display:400,400i,700,700i|Domine:400,700|Oswald:400,700|Merriweather:400,400i,700,700i&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

849b78a43f2bcd65db0f10b8475ae8cbe44e63100f09e5a6d764edc56551dc90

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://fonts.googleapis.com/
Origin: https://ketquaxosomb.cfd
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 03 May 2024 19:24:12 GMT
x-content-type-options: nosniff
age: 485176
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20316
x-xss-protection: 0
last-modified: Wed, 31 Jan 2024 23:12:10 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 03 May 2025 19:24:12 GMT

GET
H2 200 nuFiD-vYSZviVYUb_rj3ij__anPXDTPYgFE_.woff2
fonts.gstatic.com/s/playfairdisplay/v37/ 9 KB
9 KB 237ms
135ms Font
font/woff2 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/playfairdisplay/v37/nuFiD-vYSZviVYUb_rj3ij__anPXDTPYgFE_.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Playfair+Display:400,400i,700,700i|Domine:400,700|Oswald:400,700|Merriweather:400,400i,700,700i&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

42bab5302bddcdea0c935a02d94f18ff4b84595d42995d3d1f472c6cb69ae5d1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://fonts.googleapis.com/
Origin: https://ketquaxosomb.cfd
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 02 May 2024 20:39:02 GMT
x-content-type-options: nosniff
age: 567086
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8844
x-xss-protection: 0
last-modified: Wed, 31 Jan 2024 23:16:53 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 02 May 2025 20:39:02 GMT

GET
H3 200 soi-cau-vip-nhat-mb.png
ketquaxosomb.cfd/wp-content/uploads/2024/02/ 612 KB
613 KB 821ms
820ms Image
image/png 172.67.200.96
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ketquaxosomb.cfd/wp-content/uploads/2024/02/soi-cau-vip-nhat-mb.png
Requested by: Host: ketquaxosomb.cfd
URL: https://ketquaxosomb.cfd/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.200.96 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0172fc474907514de399d0663310f89c6f4a8f84ed162bc14698237ecab328e4

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://ketquaxosomb.cfd/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 09 May 2024 10:10:29 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 627136
pragma: public
last-modified: Sat, 08 Feb 2020 14:54:06 GMT
server: cloudflare
etag: "5e3ecb8e-991c0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=0Mw4gN7KaTRpiAO%2FmBQw7yrQwP3EDls5FhtKhHXOy3OD6t6V3jqqQ%2BkAbvwXsuW1jAvJ%2BIAPSdz8ko2XRLvblDuZYz%2Fj9%2BhYkkJpma500wiQysjJW9hnxFQ3ne4%2BbHfEqhCb"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=2592000, must-revalidate, proxy-revalidate
accept-ranges: bytes
cf-ray: 8810e660ba002c46-FRA
expires: Sat, 08 Jun 2024 10:10:27 GMT

GET
H3 200 soi-cau-du-doan-xo-so.jpg
ketquaxosomb.cfd/wp-content/uploads/2024/02/ 35 KB
36 KB 654ms
652ms Image
image/jpeg 172.67.200.96
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ketquaxosomb.cfd/wp-content/uploads/2024/02/soi-cau-du-doan-xo-so.jpg
Requested by: Host: ketquaxosomb.cfd
URL: https://ketquaxosomb.cfd/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.200.96 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 76b41a52dea4bc53b1b5b6fb8ada0e69cc91bef8a7e63dd1175be0240d83f7ce

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://ketquaxosomb.cfd/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 09 May 2024 10:10:29 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 36105
pragma: public
last-modified: Sat, 08 Feb 2020 14:53:28 GMT
server: cloudflare
etag: "5e3ecb68-8d09"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=PfzESbx%2BLXx%2FYbM%2F4X4XgHo2QVIAWu19vWRzvVDqmNpvUEZjMyNRQ8bjRVEEiyk25YhzEgBsw%2BKbE%2FjMex%2BY7UgNtcpgv2XmmOP5Dj3hvrcO0hsar1fhxr48lgd7Z9jw6gCP"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=2592000, must-revalidate, proxy-revalidate
accept-ranges: bytes
cf-ray: 8810e660ba012c46-FRA
expires: Sat, 08 Jun 2024 10:10:27 GMT

GET
H3 200 soi-cau-lo-de-vip.png
ketquaxosomb.cfd/wp-content/uploads/2024/02/ 221 KB
221 KB 908ms
905ms Image
image/png 172.67.200.96
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ketquaxosomb.cfd/wp-content/uploads/2024/02/soi-cau-lo-de-vip.png
Requested by: Host: ketquaxosomb.cfd
URL: https://ketquaxosomb.cfd/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.200.96 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c95d6110d417b41af43ff3e62c12bada1417fc197411b0633ebbba4c2246c4f6

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://ketquaxosomb.cfd/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 09 May 2024 10:10:29 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 225844
pragma: public
last-modified: Sat, 08 Feb 2020 14:53:36 GMT
server: cloudflare
etag: "5e3ecb70-37234"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=MdqQ8X5NRvCHCMjh%2Bn%2FT3U%2BgyG6PqRqNVnPq2uMQFg6Whk%2F5nk%2FUl8fOll3ba9USJ%2FTDNyH7QVdTMh7rteCmCG%2BJLoIdGkOasevMX5EOrMugjM4kvTdgbJB5iyZy0axJxzzo"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=2592000, must-revalidate, proxy-revalidate
accept-ranges: bytes
cf-ray: 8810e660ca082c46-FRA
expires: Sat, 08 Jun 2024 10:10:27 GMT

GET
H3 200 tuong-thuat-ket-qua-3-mien-nhanh-nhat.png
ketquaxosomb.cfd/wp-content/uploads/2024/02/ 138 KB
139 KB 949ms
946ms Image
image/png 172.67.200.96
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ketquaxosomb.cfd/wp-content/uploads/2024/02/tuong-thuat-ket-qua-3-mien-nhanh-nhat.png
Requested by: Host: ketquaxosomb.cfd
URL: https://ketquaxosomb.cfd/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.200.96 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5f5cc86c3e55a9d333469fdc205d74238034536411b6fc03999c9a4514b0e6c4

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://ketquaxosomb.cfd/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 09 May 2024 10:10:29 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 141647
pragma: public
last-modified: Sat, 08 Feb 2020 14:54:52 GMT
server: cloudflare
etag: "5e3ecbbc-2294f"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=bFQLTlfhJ4B3i4%2Bpy0rhFqDTapZz0tXotoCLH6IMAQL6IMkKKHbxw9EX8Yanbsr%2BTe2W0e8lAIJxwZ46i%2BJHCSudI5K3G7pmC1GviwlsxG6M1E%2BvHVC1s6UjtacIA7ZkxQ3e"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=2592000, must-revalidate, proxy-revalidate
accept-ranges: bytes
cf-ray: 8810e660ca0a2c46-FRA
expires: Sat, 08 Jun 2024 10:10:27 GMT

GET
H3 200 soi-ca%CC%82%CC%80u-3-ca%CC%80ng.png
ketquaxosomb.cfd/wp-content/uploads/2024/02/ 91 KB
91 KB 991ms
987ms Image
image/png 172.67.200.96
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ketquaxosomb.cfd/wp-content/uploads/2024/02/soi-ca%CC%82%CC%80u-3-ca%CC%80ng.png
Requested by: Host: ketquaxosomb.cfd
URL: https://ketquaxosomb.cfd/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.200.96 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 718b3fb7bf95d2bd45e6bdc7602ae44aca23630d8bd5cb4052b7cb13301672f9

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://ketquaxosomb.cfd/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 09 May 2024 10:10:29 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 92712
pragma: public
last-modified: Sat, 08 Feb 2020 14:54:10 GMT
server: cloudflare
etag: "5e3ecb92-16a28"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=h0cuoCU8NgfWPxNask7ryTg2qt6vXGW7Guu1M275P5NxhooxV3zGmkuHijqoAMjL6unkguMXxgrWLlBz%2BS0OT4OcTQ8Lm6jWwIOvXXkaSWcJcJQ5MwxeMhctmanE5WpoFYjS"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=2592000, must-revalidate, proxy-revalidate
accept-ranges: bytes
cf-ray: 8810e660ca0c2c46-FRA
expires: Sat, 08 Jun 2024 10:10:27 GMT

GET
H3 200 soi-cau-3-mien-1-768x480.jpg
ketquaxosomb.cfd/wp-content/uploads/2024/02/ 53 KB
54 KB 2541ms
2537ms Image
image/jpeg 172.67.200.96
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ketquaxosomb.cfd/wp-content/uploads/2024/02/soi-cau-3-mien-1-768x480.jpg
Requested by: Host: ketquaxosomb.cfd
URL: https://ketquaxosomb.cfd/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.200.96 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4751089b3ef3387ae2fecf37cd831a87d8776b9a5dd3d2144ed3a6d903125ec6

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://ketquaxosomb.cfd/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 09 May 2024 10:10:29 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 54644
pragma: public
last-modified: Sat, 08 Feb 2020 14:54:16 GMT
server: cloudflare
etag: "5e3ecb98-d574"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=i6rTUboDt5hzA7FJp5Y%2Buf0YFosRV0ZtdeRk8P6hAvkinVzm6QbBrJCy0HHlJdaPEHzx5YUt1Wguc8IOH8mlWz5aPHkV%2F2cVsdWhyM4ZZ3ZlDIrJKMs953Wkh4iREH8Tt%2BfA"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=2592000, must-revalidate, proxy-revalidate
accept-ranges: bytes
cf-ray: 8810e660ca0e2c46-FRA
expires: Sat, 08 Jun 2024 10:10:27 GMT

GET
H3 200 soi-cau-xo-so-mb.jpg
ketquaxosomb.cfd/wp-content/uploads/2024/02/ 44 KB
45 KB 2620ms
2616ms Image
image/jpeg 172.67.200.96
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ketquaxosomb.cfd/wp-content/uploads/2024/02/soi-cau-xo-so-mb.jpg
Requested by: Host: ketquaxosomb.cfd
URL: https://ketquaxosomb.cfd/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.200.96 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 22ad54fdb065c7756dd11139744e708f54a131ea21e5d2ce02a97f97ce368459

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://ketquaxosomb.cfd/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 09 May 2024 10:10:29 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 45249
pragma: public
last-modified: Sat, 08 Feb 2020 14:54:08 GMT
server: cloudflare
etag: "5e3ecb90-b0c1"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=i5htCbcUeszUv4q81nRvJxzkVmdozeGrTLcPzIaHraeTdViqtRGPNqR53cEarbjykIU3E5aSM8By9Dqupyw2uyAU4SVOP7fvsvF%2FD2lmsfmaU6FoXEh08%2BdJ%2FSyXf%2FghhV4a"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=2592000, must-revalidate, proxy-revalidate
accept-ranges: bytes
cf-ray: 8810e660ca152c46-FRA
expires: Sat, 08 Jun 2024 10:10:27 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 282 KB
96 KB 71ms
70ms Script
application/javascript 2a00:1450:4001:82f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-L85EFQFMX7&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-88NH947HKP

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

6160dabe80ddf73fa5099c20dcf561725edbe89cc297cd68b5866b98092f23aa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://ketquaxosomb.cfd/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 09 May 2024 10:10:28 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 98032
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Thu, 09 May 2024 10:10:28 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 203 KB
73 KB 56ms
55ms Script
application/javascript 2a00:1450:4001:82f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-157512640-21&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-88NH947HKP

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

bab3c36780076bd0edc292bc855d98c48f3b2ef08bc26973c33b82a28c185c9f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://ketquaxosomb.cfd/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 09 May 2024 10:10:28 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 74784
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Thu, 09 May 2024 10:10:28 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
255 B 145ms
48ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-88NH947HKP&gtm=45je4510v888246795za200&_p=1715249428539&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&cid=1000139863.1715249429&ul=de-de&sr=1600x1200&uaa=x86&uab=64&uafvl=Chromium%3B124.0.6367.118%7CGoogle%2520Chrome%3B124.0.6367.118%7CNot-A.Brand%3B99.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&frm=0&pscdl=noapi&_s=1&sid=1715249428&sct=1&seg=0&dl=https%3A%2F%2Fketquaxosomb.cfd%2F&dt=cau%202%20nhay%20dep%20hom%20nay%20-%20cau%20hai%20nhay%20mien%20bac%20-%20cau%202%20nhay%20dep%20hom%20nay%20-%20cau%20hai%20nhay%20mien%20bac&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=2065
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-88NH947HKP
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://ketquaxosomb.cfd/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Thu, 09 May 2024 10:10:28 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://ketquaxosomb.cfd
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
54 B 48ms
48ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-L85EFQFMX7&gtm=45je4510v877997086z8888246795za200&_p=1715249428539&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&cid=1000139863.1715249429&ul=de-de&sr=1600x1200&uaa=x86&uab=64&uafvl=Chromium%3B124.0.6367.118%7CGoogle%2520Chrome%3B124.0.6367.118%7CNot-A.Brand%3B99.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&frm=0&pscdl=noapi&_eu=AAAI&_s=1&sid=1715249428&sct=1&seg=0&dl=https%3A%2F%2Fketquaxosomb.cfd%2F&dt=cau%202%20nhay%20dep%20hom%20nay%20-%20cau%20hai%20nhay%20mien%20bac%20-%20cau%202%20nhay%20dep%20hom%20nay%20-%20cau%20hai%20nhay%20mien%20bac&en=page_view&_fv=1&_ss=1&tfd=2189
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-L85EFQFMX7&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://ketquaxosomb.cfd/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Thu, 09 May 2024 10:10:29 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://ketquaxosomb.cfd
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET js
www.googletagmanager.com/gtag/ 0
0

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 134ms
42ms Script
text/javascript 2a00:1450:4001:81c::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-157512640-21&l=dataLayer&cx=c

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://ketquaxosomb.cfd/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 09 May 2024 09:41:03 GMT
last-modified: Tue, 12 Dec 2023 18:09:08 GMT
server: Golfe2
age: 1766
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Thu, 09 May 2024 11:41:03 GMT

GET
H3 200 wp-emoji-release.min.js Show response
ketquaxosomb.cfd/wp-includes/js/ 18 KB
5 KB 292ms
292ms Script
application/javascript 172.67.200.96
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ketquaxosomb.cfd/wp-includes/js/wp-emoji-release.min.js?ver=6.4.4
Requested by: Host: ketquaxosomb.cfd
URL: https://ketquaxosomb.cfd/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.200.96 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://ketquaxosomb.cfd/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: public
date: Thu, 09 May 2024 10:10:29 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Sat, 17 Feb 2024 10:15:47 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"65d08753-4904"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=qayYNlX0bgKhBWFfdZFEdHlbI06U%2FepssGoyD5Cu9nx%2F466AFB0D7B2QqRiTKJTT%2BlAqLI%2FGpEcy5PWLXC5FW71imd8n2DAbQu%2F6V4rW68SaeYKL%2Fx6HOToeeKJzPpdmTRXM"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=2592000, must-revalidate, proxy-revalidate
cf-ray: 8810e6637dcf2c46-FRA
alt-svc: h3=":443"; ma=86400
expires: Sat, 08 Jun 2024 10:10:28 GMT

GET
H3 200 /
chat.chatra.io/ Frame D196 0
0 122ms
60ms Document
text/html 172.67.13.227
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://chat.chatra.io/?isModern=true

Requested by

Host: call.chatra.io
URL: https://call.chatra.io/chatra.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.13.227 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name

Value

Content-Security-Policy

default-src 'self'; script-src 'self' https://static.chatra.io; child-src 'none'; img-src https://static.chatra.io 'self' ucarecdn.com data: blob: https://uc.chatra.io https://uc.chatra-usercontent.com; connect-src 'self' data: https://upload.uc.chatra.io ws://chat.chatra.io/ wss://chat.chatra.io/; style-src 'self' 'unsafe-inline' https://static.chatra.io; media-src data:; form-action 'none'; block-all-mixed-content; frame-src 'none'

Strict-Transport-Security

max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://ketquaxosomb.cfd/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

age: 215
alt-svc: h3=":443"; ma=86400
cache-control: public, max-age=300, s-maxage=300, stale-while-revalidate=300, stale-if-error=1800
cf-cache-status: HIT
cf-ray: 8810e663e8759be0-FRA
content-encoding: br
content-security-policy: default-src 'self'; script-src 'self' https://static.chatra.io; child-src 'none'; img-src https://static.chatra.io 'self' ucarecdn.com data: blob: https://uc.chatra.io https://uc.chatra-usercontent.com; connect-src 'self' data: https://upload.uc.chatra.io ws://chat.chatra.io/ wss://chat.chatra.io/; style-src 'self' 'unsafe-inline' https://static.chatra.io; media-src data:; form-action 'none'; block-all-mixed-content; frame-src 'none'
content-type: text/html; charset=utf-8
date: Thu, 09 May 2024 10:10:29 GMT
etag: W/"appV0.0.1692881183"
server: cloudflare
strict-transport-security: max-age=31536000
vary: Accept-Encoding

POST
H2 200 collect Show response
www.google-analytics.com/j/ 1 B
207 B 78ms
77ms XHR
text/plain 2a00:1450:4001:81c::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1047166312&t=pageview&_s=1&dl=https%3A%2F%2Fketquaxosomb.cfd%2F&ul=de-de&de=UTF-8&dt=cau%202%20nhay%20dep%20hom%20nay%20-%20cau%20hai%20nhay%20mien%20bac%20-%20cau%202%20nhay%20dep%20hom%20nay%20-%20cau%20hai%20nhay%20mien%20bac&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAUABAAAAACAAI~&jid=233648942&gjid=1772089267&cid=1000139863.1715249429&tid=UA-157512640-21&_gid=652752623.1715249429&_r=1&gtm=457e4510z8888246795za200&gcd=13l3l3l2l1&dma_cps=sypham&dma=1&jsscut=1&npa=1&z=1670491870

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform: "Win32"
Referer: https://ketquaxosomb.cfd/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 09 May 2024 10:10:29 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://ketquaxosomb.cfd
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 45ms
43ms Image
image/gif 142.250.185.206
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j101&a=1047166312&t=timing&_s=2&dl=https%3A%2F%2Fketquaxosomb.cfd%2F&ul=de-de&de=UTF-8&dt=cau%202%20nhay%20dep%20hom%20nay%20-%20cau%20hai%20nhay%20mien%20bac%20-%20cau%202%20nhay%20dep%20hom%20nay%20-%20cau%20hai%20nhay%20mien%20bac&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&plt=4600&pdt=181&dns=34&rrt=0&srt=858&tcp=71&dit=2215&clt=2215&_gst=2205&_gbt=2361&_u=YADAAUABAAAAACAAI~&jid=&gjid=&cid=1000139863.1715249429&tid=UA-157512640-21&_gid=652752623.1715249429&gtm=457e4510z8888246795za200&gcd=13l3l3l2l1&dma_cps=sypham&dma=1&npa=1&z=832463191

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.206 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://ketquaxosomb.cfd/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Wed, 08 May 2024 22:10:16 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 43215
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 soi-cau-lo-to-7-150x150.gif
ketquaxosomb.cfd/wp-content/uploads/2024/11/ 10 KB
11 KB 522ms
520ms Other
image/gif 172.67.200.96
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ketquaxosomb.cfd/wp-content/uploads/2024/11/soi-cau-lo-to-7-150x150.gif
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.200.96 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4f6e98eb990dc9d18a3116684cb7b0cca1e16ce1651ac3abffc6b1fa34b05444

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://ketquaxosomb.cfd/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 09 May 2024 10:10:31 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 10552
pragma: public
last-modified: Sat, 11 Mar 2017 04:14:16 GMT
server: cloudflare
etag: "58c37998-2938"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ZpXYn9huXcJ3DJ87PAFQ51z51vkrJaoLJhhEG86lFdwzF1BsZc%2Fxh46OU8cOlFwvEscTZMJTCYdly9VJ9vqScpdo62Rps4FJVk60rHD3SV1XFYVRtwjuA0aXe6G94O3phFtL"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: public, max-age=2592000, must-revalidate, proxy-revalidate
accept-ranges: bytes
cf-ray: 8810e6728f982c46-FRA
expires: Sat, 08 Jun 2024 10:10:30 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-XYQ5GYKHXF&l=dataLayer&cx=c

Verdicts & Comments Add Verdict or Comment

25 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

5 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.ketquaxosomb.cfd/	1970-01-21 06:03:29	Name: _ga_88NH947HKP Value: GS1.1.1715249428.1.0.1715249428.0.0.0
.ketquaxosomb.cfd/	1970-01-21 06:03:29	Name: _ga_L85EFQFMX7 Value: GS1.1.1715249428.1.0.1715249428.0.0.0
.ketquaxosomb.cfd/	1970-01-21 06:03:29	Name: _ga Value: GA1.2.1000139863.1715249429
.ketquaxosomb.cfd/	1970-01-20 20:28:55	Name: _gid Value: GA1.2.652752623.1715249429
.ketquaxosomb.cfd/	1970-01-20 20:27:29	Name: _gat_gtag_UA_157512640_21 Value: 1

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

call.chatra.io
chat.chatra.io
fonts.googleapis.com
fonts.gstatic.com
ketquaxosomb.cfd
region1.google-analytics.com
www.google-analytics.com
www.googletagmanager.com
www.googletagmanager.com
142.250.185.206
172.67.13.227
172.67.200.96
2001:4860:4802:34::36
2a00:1450:4001:800::2003
2a00:1450:4001:81c::200a
2a00:1450:4001:81c::200e
2a00:1450:4001:82f::2008
0085adfd2d08a45f62a06d8f3f969ddc4a94ebe8d226511db90aa038f11ed180
0172fc474907514de399d0663310f89c6f4a8f84ed162bc14698237ecab328e4
07bc3a2bf40fa4e58d61173cfdb07805e087abe5251d6c3b7370e0f9433a28d1
097f2f574fb8173d52a7f1b74c18a33c125a4a5efe061ba390b30eb17549985e
226c8bcdf67d991a8f593e5a89e6abec542182ed44cb84a1345c3944422dae58
22ad54fdb065c7756dd11139744e708f54a131ea21e5d2ce02a97f97ce368459
273c8613cdd2852dd5318f224d804ae6d2fc717c48d3f1dab587b6d396fb4fc8
27dd7acaa6d0d44f6c5c3cc1614370ac5da290452b3e6984b7e61b207569890b
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
31d66284204ab36bfd0b97ed55fcf8e4bbceafa0a8bd46b71f64db8d0ef9d500
3b7d090bfef903e07622e5fbdc7680187a4bd1c624b594d863d74e2c4dea7550
3e22c149177cfec3dec269175733c9be5c8687c22aeedb4e91a6e62521c08860
41b4ddea1cc70923bc5e2233d5bb0b404533079c4e973d4f719c5d0cd05c3482
421ba8749f7eb6dc1f87bfd85f43f4060ab55a38c676dd89f92f7626b8854024
42bab5302bddcdea0c935a02d94f18ff4b84595d42995d3d1f472c6cb69ae5d1
42d4d56d4379c7ccbc7a57a95e03c1b219340c6b0d270ed9e09a0bad3af35e73
453cb806084fdabec32e286af2e88899f79022125c2527afffbec507975d2c22
46db9b840b9126598ccbc1ba3ac95ddbe7c0d571eb644fa3c716ba584e35083a
4751089b3ef3387ae2fecf37cd831a87d8776b9a5dd3d2144ed3a6d903125ec6
4ceab23af1ef06b19ea4f0b703fe4cd99b513c0552d46aa28dcc8e67dca7f5be
4e5ea0bab281ca10ec35832f16f6a8e1ab0cb165a49640e26392f706dc09733d
4f6e98eb990dc9d18a3116684cb7b0cca1e16ce1651ac3abffc6b1fa34b05444
4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230
5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89
5d761f5af186616e781be446bed45ff0be3f10c728dcdc276280bb1ccfceb31d
5f5cc86c3e55a9d333469fdc205d74238034536411b6fc03999c9a4514b0e6c4
6160dabe80ddf73fa5099c20dcf561725edbe89cc297cd68b5866b98092f23aa
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
718b3fb7bf95d2bd45e6bdc7602ae44aca23630d8bd5cb4052b7cb13301672f9
76b41a52dea4bc53b1b5b6fb8ada0e69cc91bef8a7e63dd1175be0240d83f7ce
78a45b1928ee3c7704eb75048a508545d7e9345e2b4cd2b80b06ad35049dcd83
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
849b78a43f2bcd65db0f10b8475ae8cbe44e63100f09e5a6d764edc56551dc90
8570b14bb3216bcfb445442d65095db7428892ea6ed93a1ce3c04e28dbd238ee
99027d866818f716d208569108a962ac72200197cae503efe5b6bf002bf4915b
9daba04e6dc3a082550d2f49f91059d3112a53ca57eee5861434abf42f3f31df
a2af879c9d863ff503ebd89ef251c9d8caa2c8063f097c29e31856e27aca2630
a619ae1c332145518f3ed463be52e3c71f63ecd71b0fdeae601b1878170005a9
a7194feead101a7174031f11d5ed0fc2283f006614d6c06cecaec25c92b27d58
b82d7b3358b689cd6b080b7e2a6b9eb00530922afda2f0389b2b171f2c94b5a4
ba455d37c7be6e906f933c4abeab7feaabfcb5b267d6d062c287fe077f0c19ca
bab3c36780076bd0edc292bc855d98c48f3b2ef08bc26973c33b82a28c185c9f
c885b71cffb1153ba213e090165c17fdda244b4807b622c1cee91025b536dd53
c95d6110d417b41af43ff3e62c12bada1417fc197411b0633ebbba4c2246c4f6
cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf
cb8cac32d5cef83e7674916378c2f47bdbba7e6e6bd936f8026a58ac4e71fa53
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

ketquaxosomb.cfd Open in urlscan Pro 172.67.200.96 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

52 Requests

96 %HTTPS

63 %IPv6

6 Domains

8 Subdomains

9 IPs

2 Countries

2081 kBTransfer

3014 kBSize

5 Cookies

21 Outgoing links

Redirected requests

52 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

ketquaxosomb.cfd Open in urlscan Pro
172.67.200.96 Public Scan

Screenshot
Live screenshot

Full Image

52
Requests

96 %
HTTPS

63 %
IPv6

6
Domains

8
Subdomains

9
IPs

2
Countries

2081 kB
Transfer

3014 kB
Size

5
Cookies

52 HTTP transactions
0 data transactions