xosoketqua.com Open in urlscan Pro
172.67.73.4  Public Scan

10 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 64

• https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=mgid&endpoint=us-west&gdpr=0&gdpr_consent=&us_privacy= HTTP 301
• https://eus.rubiconproject.com/usync.html?p=mgid&endpoint=us-west&gdpr=0&gdpr_consent=&us_privacy=

Request Chain 65

• https://x.bidswitch.net/sync?dsp_id=303&user_id=n42RJjT55xMi&gdpr=0&gdpr_consent=&us_privacy= HTTP 302
• https://x.bidswitch.net/ul_cb/sync?dsp_id=303&user_id=n42RJjT55xMi&gdpr=0&gdpr_consent=&us_privacy= HTTP 302
• https://s.seedtag.com/cs/cookiesync/Bidswitch?channeluid=5d57efbe-f3af-4bad-9923-5fb021a9a7c9

Request Chain 66

• https://pixel.tapad.com/idsync/ex/receive?partner_id=3411&partner_device_id=n42RJjT55xMi HTTP 302
• https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3411&partner_device_id=n42RJjT55xMi

Request Chain 67

• https://x.bidswitch.net/sync?ssp=mgid HTTP 302
• https://x.bidswitch.net/ul_cb/sync?ssp=mgid HTTP 302
• https://sonata-notifications.taptapnetworks.com/web/cookie/bidswitch/sync?bidswitch_ssp_id=mgid&bsw_custom_parameter=a38838f6-68bc-4f2f-84d5-cda9b7155651&gdpr=&gdpr_consent=&gdpr_pd= HTTP 302
• https://x.bidswitch.net/sync?dsp_id=413&ssp=mgid&user_id=csonata_a0d69bac-e023-4af4-a0fc-5becf2c5179d&bsw_param=a38838f6-68bc-4f2f-84d5-cda9b7155651&expires=10&gdpr=&gdpr_consent=&gdpr_pd= HTTP 302
• https://cm.mgid.com/m?cdsp=433145&c=5d57efbe-f3af-4bad-9923-5fb021a9a7c9&gdpr=&consentData=&uspString=

Request Chain 68

• https://ad.360yield.com/server_match?partner_id=1944&r=https%3A%2F%2Fcm.mgid.com%2Fm%3Fcdsp%3D665953%26c%3D%7BPUB_USER_ID%7D HTTP 302
• https://ad.360yield.com/ul_cb/server_match?partner_id=1944&r=https%3A%2F%2Fcm.mgid.com%2Fm%3Fcdsp%3D665953%26c%3D%7BPUB_USER_ID%7D HTTP 302
• https://cm.mgid.com/m?cdsp=665953&c=66fc6a8f-11f1-4150-86ce-70ab1e12358c

Request Chain 69

• https://match.adsrvr.org/track/cmf/generic?ttd_pid=omn67hl&ttd_tpi=1 HTTP 302
• https://match.adsrvr.org/track/cmb/generic?ttd_pid=omn67hl&ttd_tpi=1 HTTP 302
• https://cm.mgid.com/m?cdsp=371158&c=e4923591-235a-48bd-ab9c-4d402d6574e8&ttl=1685670534

Request Chain 70

• https://cm.g.doubleclick.net/pixel?google_nid=marketgid&google_cm=&google_ula={guid}&google_hm=bjQyUkpqVDU1eE1p&muidn=n42RJjT55xMi HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=marketgid&google_cm=&google_ula={guid}&google_hm=bjQyUkpqVDU1eE1p&muidn=n42RJjT55xMi&google_tc= HTTP 302
• https://cm.mgid.com/google?muidn=n42RJjT55xMi&google_ula={guid},5&google_gid=CAESELepJwUgFuD5TCRLbVyEGo0&google_cver=1

Request Chain 71

• https://creativecdn.com/cm-notify?pi=mgid HTTP 302
• https://creativecdn.com/cm-notify?pi=mgid&tc=1 HTTP 302
• https://cm.mgid.com/m?cdsp=501037&c=5SUeTNYBCsafkxaFH3Yq&pi=mgid&tc=1

Request Chain 74

• https://image8.pubmatic.com/AdServer/ImgSync?p=161673&gdpr=0&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D161673%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fcm.mgid.com%252Fm%253Fcdsp%253D712807%2526c%253D%2523PMUID HTTP 302
• https://image8.pubmatic.com/AdServer/ImgSync?p=161673&gdpr=0&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D161673%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fcm.mgid.com%252Fm%253Fcdsp%253D712807%2526c%253D%2523PMUID&rdf=1 HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=OENFRTAyNkEtRUE2OS00REVGLTg3OUUtM0JGMTA4QTVCNTE3&gdpr=0&gdpr_consent= HTTP 302
• https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent= HTTP 302
• https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent= HTTP 302
• https://image4.pubmatic.com/AdServer/SPug?gdpr=0&partnerID=161673&pmc=1&pr=https%3A%2F%2Fcm.mgid.com%2Fm%3Fcdsp%3D712807%26c%3D8CEE026A-EA69-4DEF-879E-3BF108A5B517 HTTP 302
• https://cm.mgid.com/m?cdsp=712807&c=8CEE026A-EA69-4DEF-879E-3BF108A5B517

Request Chain 75

• https://sync.e-volution.ai/34b9aae5baa016b251b9fc488f4a97cd.gif?puid=n42RJjT55xMi&gdpr=0&gdpr_consent=&ccpa_consent= HTTP 302
• https://ssbsync.smartadserver.com/api/sync?callerId=24&gdpr=0&gdpr_consent=&us_privacy= HTTP 302
• https://sync.e-volution.ai/a02d62607dea0c97e41ff36ebd422945.gif?puid=6131526193033489599&gdpr=0&gdpr_consent= HTTP 302
• https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-pashadv&gdpr=0&gdpr_consent=&us_privacy=

Request Chain 76

• https://prebid.a-mo.net/cchain/0?gdpr=0&gdpr_consent=&us_privacy=&cb=https%3A//cm.mgid.com/m%3Fcdsp%3D779131%26c%3D HTTP 302
• https://image8.pubmatic.com/AdServer/ImgSync?p=158355&gdpr=1&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D158355%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fprebid.a-mo.net%252Fcchain%252F0%252F393%253Fgdpr%253D0%2526gdpr_consent%253D%2526us_privacy%253D%2526A%253Da4c7febd-4218-45ab-be7b-5ee90b65c318%2526bidder%253Dpubmatic%2526cbx%253DaHR0cHM6Ly9jbS5tZ2lkLmNvbS9tP2Nkc3A9Nzc5MTMxJmM9%2526uid%253D%2523PMUID

Request Chain 89

• https://pixel-us-west.rubiconproject.com/exchange/sync.php?p=mgid&gdpr=0&gdpr_consent=&us_privacy=&gdpr=0&khaos=LH71I5DE-J-4C4M HTTP 302
• https://cm.mgid.com/m?cdsp=43070&c=LH71I5DE-J-4C4M&gdpr=0

Request Chain 91

• https://token.rubiconproject.com/token?pid=36584&gdpr=0 HTTP 302
• https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LH71I5DE-J-4C4M&gdpr=0

Request Chain 92

• https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&gdpr=0 HTTP 302
• https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&gdpr=0&dcc=t HTTP 302
• https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=UDAj3zeETo2mh4cEfaHAHw&rk=usync-na&gdpr=0 HTTP 302
• https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=UDAj3zeETo2mh4cEfaHAHw&gdpr=0

Request Chain 93

• https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&gdpr=0 HTTP 302
• https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&gdpr=0&dcc=t HTTP 302
• https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=OxEm-9vhTgK3-_ACTTrESQ&rk=usync-other&gdpr=0 HTTP 302
• https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=OxEm-9vhTgK3-_ACTTrESQ&gdpr=0

Request Chain 94

• https://match.adsrvr.org/track/cmf/rubicon?gdpr=0 HTTP 302
• https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=e4923591-235a-48bd-ab9c-4d402d6574e8&gdpr=0&gdpr_consent=&expires=30

Request Chain 95

• https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc&gdpr=0 HTTP 302
• https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&gdpr=0&put=CAESEFqgwIALvq34YtKnIcuyXek&google_cver=1

Request Chain 96

• https://token.rubiconproject.com/token?pid=25470&gdpr=0 HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=rp&google_cm&google_hm=TEg3MUk1REUtSi00QzRN&gdpr=0 HTTP 302
• https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&gdpr=0&google_gid=CAESEIheW7HHRP2pYJ_7Ya1g1LQ&google_cver=1 HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEg3MUk1REUtSi00QzRN&google_push=&gdpr=0

Request Chain 97

• https://token.rubiconproject.com/token?pid=2974&pt=n&a=1&gdpr=0 HTTP 302
• https://pr-bh.ybp.yahoo.com/sync/rubicon/qW8lZd2IbWua1F6flNpY8Q?csrc=&gdpr=0 HTTP 302
• https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-1bCy0p1E2oIWLyWSCbNpeyGMn9VjwOYmLHu7ow--~A

Request Chain 98

• https://token.rubiconproject.com/token?pid=2249&pt=n&gdpr=0 HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=ZTk3MTNlZmRjMjM1MzE4NTc2ZGFhYjRjNjM0ZDU1N2I0ZjFjYjc0Yg&gdpr=0

103 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response xosoketqua.com/	265 KB 55 KB	850ms 563ms	Document text/html	172.67.73.4 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://xosoketqua.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.67.73.4 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash a17d3ec4deef111b915fac8390ce3f3e4a59e1c814c272ba85fd9778abb7caec Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 accept-language ka-GE,ka;q=0.9 Response headers alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 cache-control max-age=0 cf-cache-status DYNAMIC cf-ray 7c14d8013de29191-FRA content-encoding br content-type text/html; charset=utf-8 date Wed, 03 May 2023 01:48:48 GMT last-modified Wed, 03 May 2023 01:48:48 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dnpPLEu3Vqwmkhrn5UXbqQGA0X9aD0mGSZbcLW2LxPaKCh2p3zkYOfiyXllz5%2BWLADcRiQyrb4ELeCIt7MUTeO12dQGkC6a2G2QnnBpmcR8wYVJitbVCPYfMQDGFQ0Mg"}],"group":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding
GET H2	200	newstyle.css xosoketqua.com/xskt/assets/	66 KB 15 KB	139ms 138ms	Stylesheet text/css	172.67.73.4 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://xosoketqua.com/xskt/assets/newstyle.css?v=4 Requested by Host: xosoketqua.com URL: https://xosoketqua.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.67.73.4 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash b823354b963ed99d133f9394910528fb3ede32d2e6a2f0dd259c4a2542448d4f Request headers accept-language ka-GE,ka;q=0.9 Referer https://xosoketqua.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Wed, 03 May 2023 01:48:49 GMT content-encoding br cf-cache-status HIT cf-bgj minify last-modified Mon, 01 May 2023 09:39:24 GMT server cloudflare age 64994 cf-polished origSize=67433 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QCl%2BgZyky9rwe0zgZPC5rtz19s9E511JxWKGW2TGUmMuIDD1yF1YIXOjMDzF6YZZg7mIcRt784xTKi7Db6Wal%2FN85E6dziFIfRbgR%2F6DmT6mG1etPTag37vLLAW7ejdR"}],"group":"cf-nel","max_age":604800} content-type text/css; charset=utf-8 cache-control max-age=90000 cf-ray 7c14d806e8d79191-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET H2	200	_logo_ketqua.jpg xosoketqua.com/xskt/img/	3 KB 3 KB	136ms 136ms	Image image/jpg	172.67.73.4 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://xosoketqua.com/xskt/img/_logo_ketqua.jpg Requested by Host: xosoketqua.com URL: https://xosoketqua.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.67.73.4 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 613b3fddc9e515dbc5fe3b0926cdf3b4123a3ea43ce004764bcf30cc8c948398 Request headers accept-language ka-GE,ka;q=0.9 Referer https://xosoketqua.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Wed, 03 May 2023 01:48:49 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 64994 cf-polished origSize=3651, status=webp_bigger alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 3201 cf-bgj imgq:85,h2pri last-modified Mon, 01 May 2023 09:39:24 GMT server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nBpiySw0wvAQGQtb9K4A7IGzYEigyj4TCDm%2F9i8NtKvdDuJKVanYA%2BOC7qkFYDi2qtG1XnckIrU2Vr5D0vcCgdTCzECA838yeHhlAnTOQhEexuHgY5t48dt2t7V9ggw5"}],"group":"cf-nel","max_age":604800} content-type image/jpg cache-control max-age=90000 accept-ranges bytes cf-ray 7c14d808b9cf9191-FRA
GET H2	200	home.png xosoketqua.com/images/	190 B 632 B	140ms 140ms	Image image/webp	172.67.73.4 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://xosoketqua.com/images/home.png Requested by Host: xosoketqua.com URL: https://xosoketqua.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.67.73.4 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 9260f1a6f656ed661a4ddcc4c5e3fec14fee4367511a6259d1291035d9d3692a Request headers accept-language ka-GE,ka;q=0.9 Referer https://xosoketqua.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Wed, 03 May 2023 01:48:49 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 64994 cf-polished origFmt=png, origSize=350 content-disposition inline; filename="home.webp" alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 190 cf-bgj imgq:85,h2pri last-modified Mon, 01 May 2023 18:33:27 GMT server cloudflare vary Accept report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fMxooVdKWmSN61Gsgc7aT3KwqtmdWEVJii3r55QZPqC9XA8GZCPXCYDIBX7VWlB%2FOfiopYHYw7KskhKJWCNtKS8EnoyLKe5ql4qyu4gz77y%2FEwXSr2MJiEgYmPCCMDr6"}],"group":"cf-nel","max_age":604800} content-type image/webp cache-control max-age=90000 accept-ranges bytes cf-ray 7c14d808b9d09191-FRA
GET H2	200	account.png xosoketqua.com/images/	142 B 495 B	139ms 138ms	Image image/webp	172.67.73.4 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://xosoketqua.com/images/account.png Requested by Host: xosoketqua.com URL: https://xosoketqua.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.67.73.4 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash d6d1bae8089a362fc446bf9ec7d8390078397a48d4ed2c39f2c17a552adae0fc Request headers accept-language ka-GE,ka;q=0.9 Referer https://xosoketqua.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Wed, 03 May 2023 01:48:49 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 64994 cf-polished origFmt=png, origSize=256 content-disposition inline; filename="account.webp" alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 142 cf-bgj imgq:85,h2pri last-modified Mon, 01 May 2023 09:39:23 GMT server cloudflare vary Accept report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Bn4XLfVm0IMdx0LpXg3YA4DbjwceAVvUainrSBFp319VUR0KHoteWnKXdf6L9A2%2FPLdrhVfBHV0%2FdmjTKYzQhTbriUrULr161VhQKvTsoFfES%2F%2FmQmsM01n6Y1CMgWnm"}],"group":"cf-nel","max_age":604800} content-type image/webp cache-control max-age=90000 accept-ranges bytes cf-ray 7c14d808b9d39191-FRA
GET H2	200	menu-min.png xosoketqua.com/images/	150 B 489 B	140ms 139ms	Image image/webp	172.67.73.4 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://xosoketqua.com/images/menu-min.png Requested by Host: xosoketqua.com URL: https://xosoketqua.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.67.73.4 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 31fd8f47eda51f040e9b86f052b19c2abc888719bca65129d37b407fc13ff1d9 Request headers accept-language ka-GE,ka;q=0.9 Referer https://xosoketqua.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Wed, 03 May 2023 01:48:49 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 64994 cf-polished origFmt=png, origSize=201 content-disposition inline; filename="menu-min.webp" alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 150 cf-bgj imgq:85,h2pri last-modified Mon, 01 May 2023 17:10:46 GMT server cloudflare vary Accept report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Xpbu7g34dphYp831KYm9mnLoRL70bosoPpXwNSxhRzhsXioSKGMFYUuIXgipfbuCZ7BC2LEarZAJBNIET979xf8wkOqgJLBo77eX48Plt%2FfbOmpvBg%2BSWhx9OwTeFy6W"}],"group":"cf-nel","max_age":604800} content-type image/webp cache-control max-age=90000 accept-ranges bytes cf-ray 7c14d808b9d49191-FRA
GET H2	200	close-min.png xosoketqua.com/images/	208 B 551 B	139ms 139ms	Image image/webp	172.67.73.4 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://xosoketqua.com/images/close-min.png Requested by Host: xosoketqua.com URL: https://xosoketqua.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.67.73.4 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 306843cbe2fefd30393d5f0e1928043a6032b9d318b84540983cb622ed2a0f46 Request headers accept-language ka-GE,ka;q=0.9 Referer https://xosoketqua.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Wed, 03 May 2023 01:48:49 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 64994 cf-polished origFmt=png, origSize=255 content-disposition inline; filename="close-min.webp" alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 208 cf-bgj imgq:85,h2pri last-modified Mon, 01 May 2023 17:35:19 GMT server cloudflare vary Accept report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9pJzNjNzo1Svu0h3lEGKlOT%2FQeiyLSb3NexV9neWdCJEh2XcnxMDX%2BOnpn8jj%2FntJInkXG43v4%2BUpefPWx6kQAIPqvQsJuKlqEy1hex3wlvNgQcnkrPSlMZkExwhssF7"}],"group":"cf-nel","max_age":604800} content-type image/webp cache-control max-age=90000 accept-ranges bytes cf-ray 7c14d808b9d59191-FRA
GET H/1.1	200 OK	keno.png vsmb.vn/images/logo/	49 KB 49 KB	1430ms 680ms	Image image/png	171.244.57.133 CHT Compamy Ltd
General Check archive.org Show headers Download Go to Show image Full URL https://vsmb.vn/images/logo/keno.png Requested by Host: xosoketqua.com URL: https://xosoketqua.com/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 171.244.57.133 Hanoi, Viet Nam, ASN38731 (VTDC-AS-VN Vietel - CHT Compamy Ltd, VN), Reverse DNS Software nginx/1.10.3 (Ubuntu) / Resource Hash 5dfed40ccba55fc860da7bbb9e118c57cb2c9c1c6064869a42c25c413676f686 Request headers accept-language ka-GE,ka;q=0.9 Referer https://xosoketqua.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Wed, 03 May 2023 01:48:50 GMT Last-Modified Sun, 14 Aug 2022 18:59:29 GMT Server nginx/1.10.3 (Ubuntu) ETag W/"c20d-1829db9b268" Content-Type image/png Cache-Control public, max-age=0 Connection keep-alive Accept-Ranges bytes Content-Length 49677
GET H/1.1	200 OK	loto.68a6347.png docdac.vn/_nuxt/img/	4 KB 5 KB	1990ms 339ms	Image image/png	171.244.57.133 CHT Compamy Ltd
General Check archive.org Show headers Download Go to Show image Full URL https://docdac.vn/_nuxt/img/loto.68a6347.png Requested by Host: xosoketqua.com URL: https://xosoketqua.com/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 171.244.57.133 Hanoi, Viet Nam, ASN38731 (VTDC-AS-VN Vietel - CHT Compamy Ltd, VN), Reverse DNS Software nginx/1.10.3 (Ubuntu) / Resource Hash 195e566041810359c6701d720739056a0117895f96d363ba31083a36293fa657 Request headers accept-language ka-GE,ka;q=0.9 Referer https://xosoketqua.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Wed, 03 May 2023 01:48:51 GMT Last-Modified Wed, 25 Jan 2023 16:39:22 GMT Server nginx/1.10.3 (Ubuntu) ETag "63d15b3a-116f" Content-Type image/png Connection keep-alive Accept-Ranges bytes Content-Length 4463
GET H2	403	loading_icon_version2.gif cdn.xosodaiphat.com//images/	0 0	419ms 135ms	Image text/html	104.18.20.76 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://cdn.xosodaiphat.com//images/loading_icon_version2.gif Requested by Host: xosoketqua.com URL: https://xosoketqua.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.18.20.76 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language ka-GE,ka;q=0.9 Referer https://xosoketqua.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers
GET H2	200	tinhwaiting.gif xosoketqua.com/xskt/img/	4 KB 4 KB	137ms 137ms	Image image/webp	172.67.73.4 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://xosoketqua.com/xskt/img/tinhwaiting.gif Requested by Host: xosoketqua.com URL: https://xosoketqua.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.67.73.4 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash c62e745470fae8a17a2241b5305f55ec2876b67b66de977faf03c9d65b6e54c6 Request headers accept-language ka-GE,ka;q=0.9 Referer https://xosoketqua.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Wed, 03 May 2023 01:48:49 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 64993 cf-polished origFmt=gif, origSize=4559 content-disposition inline; filename="tinhwaiting.webp" alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 4138 cf-bgj imgq:85,h2pri last-modified Mon, 01 May 2023 09:40:11 GMT server cloudflare vary Accept report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FuicuIG5n%2BK6ZPJVnRn%2BBg3HzDdFXIz%2F0WCT4HlI%2Bo%2B0iVNC7UnJAdnO%2B9D8khT%2FC4gM2QYP2qZywYoJ4ftyozsAz9iv3yIkm5gNLgeKiCu0GdffIzoDnVpFEnL1jYjb"}],"group":"cf-nel","max_age":604800} content-type image/webp cache-control max-age=90000 accept-ranges bytes cf-ray 7c14d8090a069191-FRA
GET H3	200	dudoan_xsmb_7.jpg xosoketqua.com/images/article/dudoan/	110 KB 111 KB	650ms 650ms	Image image/webp	172.67.73.4 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://xosoketqua.com/images/article/dudoan/dudoan_xsmb_7.jpg Requested by Host: xosoketqua.com URL: https://xosoketqua.com/ Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.73.4 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash ca878c3a2a355fe4386a5cadbeceb57401ef715efb5b2b54245ed73f7b004bfc Request headers accept-language ka-GE,ka;q=0.9 Referer https://xosoketqua.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Wed, 03 May 2023 01:48:49 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 874 cf-polished origFmt=png, origSize=175845 content-disposition inline; filename="dudoan_xsmb_7.webp" alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 113046 cf-bgj imgq:85,h2pri last-modified Wed, 03 May 2023 01:12:53 GMT server cloudflare vary Accept report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RksZq1TBmTv0RWf5XNOfMnLbVx%2Fe2iiBoSN%2BAXyjOO2uKzsVsL7tWSQGEUshkJ1A5lcj6tfxgSJdZ5oLZDBZqT7a3oVqa0d4zadpZZewwTzu7am%2FFDbTFKHwCOScdXbr"}],"group":"cf-nel","max_age":604800} content-type image/webp accept-ranges bytes cf-ray 7c14d809fb05bb73-FRA
GET H3	200	dudoan_xsmb_3.jpg xosoketqua.com/images/article/dudoan/	200 KB 201 KB	136ms 135ms	Image image/webp	172.67.73.4 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://xosoketqua.com/images/article/dudoan/dudoan_xsmb_3.jpg Requested by Host: xosoketqua.com URL: https://xosoketqua.com/ Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.73.4 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash a628011e52347170fde9fc32f9b4769fc57fe51c6943be94488725cda8e75b6b Request headers accept-language ka-GE,ka;q=0.9 Referer https://xosoketqua.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Wed, 03 May 2023 01:48:49 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 874 cf-polished origFmt=png, origSize=299526 content-disposition inline; filename="dudoan_xsmb_3.webp" alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 205076 cf-bgj imgq:85,h2pri last-modified Wed, 03 May 2023 00:18:38 GMT server cloudflare vary Accept report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mzXgHtj3OF1yIwVj53Qio028qD%2FvHBxfY1Z%2FT%2Bg%2Bus6jJ19RBzCRyl5JZ6qhD29pH425ba1q737%2FHp1%2B1snCc2uUPCFuPx%2BrurGA5PnvzmZp5DZpkscmxiLWX8qnnPFk"}],"group":"cf-nel","max_age":604800} content-type image/webp accept-ranges bytes cf-ray 7c14d809fb06bb73-FRA
GET H3	200	dudoan_xsmb_5.jpg xosoketqua.com/images/article/dudoan/	96 KB 97 KB	1441ms 1441ms	Image image/webp	172.67.73.4 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://xosoketqua.com/images/article/dudoan/dudoan_xsmb_5.jpg Requested by Host: xosoketqua.com URL: https://xosoketqua.com/ Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.73.4 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 26ed2baef21b7224d56d1aed9a2caa46dfdaa39eb775e84023c1fb63a3438af8 Request headers accept-language ka-GE,ka;q=0.9 Referer https://xosoketqua.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Wed, 03 May 2023 01:48:49 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 874 cf-polished origFmt=png, origSize=291939 content-disposition inline; filename="dudoan_xsmb_5.webp" alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 98700 cf-bgj imgq:85,h2pri last-modified Wed, 03 May 2023 01:18:42 GMT server cloudflare vary Accept report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=f9KZ%2FGU%2Fbgbo4kvlVqL8zbjdmPP5rhuQ2d60zbsylmUtJfWbZ7pNbf3STudPmQCxXmRUweC7uPkjZeRcRn2UVOHiNab3SCijvVtPC%2FXcvWyKg1Y%2B5gZVHDf%2B7Mt%2FTTj5"}],"group":"cf-nel","max_age":604800} content-type image/webp accept-ranges bytes cf-ray 7c14d809fb07bb73-FRA
GET H3	200	dudoan_xsmn_4.jpg xosoketqua.com/images/article/dudoan/	144 KB 145 KB	391ms 391ms	Image image/webp	172.67.73.4 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://xosoketqua.com/images/article/dudoan/dudoan_xsmn_4.jpg Requested by Host: xosoketqua.com URL: https://xosoketqua.com/ Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.73.4 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 03750b714b9002b987a8dfc6551a7f7db04268263fe8315ac72286a98c213a75 Request headers accept-language ka-GE,ka;q=0.9 Referer https://xosoketqua.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Wed, 03 May 2023 01:48:49 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 877 cf-polished origFmt=png, origSize=203802 content-disposition inline; filename="dudoan_xsmn_4.webp" alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 147836 cf-bgj imgq:85,h2pri last-modified Wed, 03 May 2023 00:05:05 GMT server cloudflare vary Accept report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bt0Jo6ob8Wjo2dQCeyg8ZdyXYRmTFa7uS1wdbd2KfnNaaO6n%2BvmW5dsnUzsl9R6go7uUHpUVmY2PmMrorXdzIRCKL4DFFGrPLKvzVy%2Fxn94Pz%2Fh8NqvVkUTL9LmKluLv"}],"group":"cf-nel","max_age":604800} content-type image/webp accept-ranges bytes cf-ray 7c14d809fb08bb73-FRA
GET H3	200	dudoan_xsmt_5.jpg xosoketqua.com/images/article/dudoan/	33 KB 34 KB	1976ms 1976ms	Image image/webp	172.67.73.4 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://xosoketqua.com/images/article/dudoan/dudoan_xsmt_5.jpg Requested by Host: xosoketqua.com URL: https://xosoketqua.com/ Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.73.4 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 1b2d4cff44e2295393d5691cd1c3370a5550da835e8bce1b4e0373552b123459 Request headers accept-language ka-GE,ka;q=0.9 Referer https://xosoketqua.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Wed, 03 May 2023 01:48:49 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 877 cf-polished qual=85, origFmt=jpeg, origSize=53857 content-disposition inline; filename="dudoan_xsmt_5.webp" alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 34204 cf-bgj imgq:85,h2pri last-modified Tue, 02 May 2023 23:42:37 GMT server cloudflare vary Accept report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Hu4iXinyrDvwjfxEPNRzCQDJw3YKkvmgxfXAZtPbgtG3xjfIy%2BfUXElChr%2B0FU5JgeYbNIWUKeXoDw2kAgq8HoKutOt4aOxL%2BUFzmyWQFL4GQypF6ITsf%2FD3OU17dDTj"}],"group":"cf-nel","max_age":604800} content-type image/webp accept-ranges bytes cf-ray 7c14d809fb0abb73-FRA
GET H3	200	vsmb_doitac-min.jpg xosoketqua.com/images/	50 KB 51 KB	2078ms 2077ms	Image image/webp	172.67.73.4 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://xosoketqua.com/images/vsmb_doitac-min.jpg Requested by Host: xosoketqua.com URL: https://xosoketqua.com/ Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.73.4 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash ebf1fe08248c5d0bd28a5aa80a6651a2ad57d09a07bcf75da81a7eacf652859c Request headers accept-language ka-GE,ka;q=0.9 Referer https://xosoketqua.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Wed, 03 May 2023 01:48:49 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 65072 cf-polished qual=85, origFmt=jpeg, origSize=83673 content-disposition inline; filename="vsmb_doitac-min.webp" alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 51650 cf-bgj imgq:85,h2pri last-modified Mon, 01 May 2023 17:09:48 GMT server cloudflare vary Accept report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pRphZ%2BrZCzWSDXhBrRWFaQ6KzzOiVU4fvZTb9sGcfLZjBatPI2i5wdVHIwbCHWF9EBVDlDS2VJgm0Rr7zeNlqwVO0oBZyc9ZChScF889T2H7xNt04fuunfXV8u9RLJxY"}],"group":"cf-nel","max_age":604800} content-type image/webp cache-control max-age=90000 accept-ranges bytes cf-ray 7c14d809fb0cbb73-FRA
GET H3	200	docdac_doitac-min.jpg xosoketqua.com/images/	85 KB 86 KB	262ms 262ms	Image image/webp	172.67.73.4 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://xosoketqua.com/images/docdac_doitac-min.jpg Requested by Host: xosoketqua.com URL: https://xosoketqua.com/ Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.73.4 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 10bec72c384e207f3f3f32f19885cba31030779aac072ca40e834526af64cc5a Request headers accept-language ka-GE,ka;q=0.9 Referer https://xosoketqua.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Wed, 03 May 2023 01:48:49 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 65072 cf-polished qual=85, origFmt=jpeg, origSize=149322 content-disposition inline; filename="docdac_doitac-min.webp" alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 87346 cf-bgj imgq:85,h2pri last-modified Mon, 01 May 2023 18:14:25 GMT server cloudflare vary Accept report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2F4J%2FetDIpcaBI6k6iaNSjojpVOtSjpBaKBqsuV51te8Hfe6xQtOETSKOywwifUwP6BnmOXZ2cGHHsuB5kNPbKpxSKwtrlsjO7%2Ft9gxUBDfXMUyHsxpqNW2Ej3onpXIlm"}],"group":"cf-nel","max_age":604800} content-type image/webp cache-control max-age=90000 accept-ranges bytes cf-ray 7c14d809fb0ebb73-FRA
GET H3	200	keno_doitac-min.png xosoketqua.com/images/	36 KB 37 KB	261ms 261ms	Image image/webp	172.67.73.4 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://xosoketqua.com/images/keno_doitac-min.png Requested by Host: xosoketqua.com URL: https://xosoketqua.com/ Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.73.4 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash de76b1d19e0d198b58f2abc056a9600cf7232d4fa75a120416c4beb387b31d19 Request headers accept-language ka-GE,ka;q=0.9 Referer https://xosoketqua.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Wed, 03 May 2023 01:48:49 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 65072 cf-polished origFmt=png, origSize=44990 content-disposition inline; filename="keno_doitac-min.webp" alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 37022 cf-bgj imgq:85,h2pri last-modified Mon, 01 May 2023 19:05:50 GMT server cloudflare vary Accept report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uarmBu71ovVAeh77jQloKP2JdOb7h37ASMwwqRFlg9tlAu%2BS4po2zPG8LqWdflJrlXtAbGJ%2FTqit3A3luc8bFTOQXy5P1qVI80TLSTfVlefEvDqYDnSy2zeJ9M%2BHxRFL"}],"group":"cf-nel","max_age":604800} content-type image/webp cache-control max-age=90000 accept-ranges bytes cf-ray 7c14d809fb0fbb73-FRA
GET H3	200	logo_atrungroi-min.jpg xosoketqua.com/images/	156 KB 157 KB	2591ms 2591ms	Image image/jpg	172.67.73.4 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://xosoketqua.com/images/logo_atrungroi-min.jpg Requested by Host: xosoketqua.com URL: https://xosoketqua.com/ Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.73.4 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 8aa44049c92f58ace479269500caf1526cfaf804f02076428f550b5d59a6a289 Request headers accept-language ka-GE,ka;q=0.9 Referer https://xosoketqua.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Wed, 03 May 2023 01:48:49 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 65072 cf-polished status=not_needed alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 159856 cf-bgj imgq:85,h2pri last-modified Mon, 01 May 2023 09:39:24 GMT server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TwBADTkrvTO7YT%2BBLGiJiaLm1aX%2Ff%2Bd89QlHEmYQUs3GSBojpmJJN5yIK%2BhMuOH%2F6rieN%2Bvi8q73aF8g8Gim2lLpZkST2dAY%2FsyHfyUv3i7NjTXCDygnJvR%2Bq%2BuYs90x"}],"group":"cf-nel","max_age":604800} content-type image/jpg cache-control max-age=90000 accept-ranges bytes cf-ray 7c14d809fb10bb73-FRA
GET H3	200	Google_News_icon.png xosoketqua.com/images/	24 KB 25 KB	3096ms 3096ms	Image image/webp	172.67.73.4 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://xosoketqua.com/images/Google_News_icon.png Requested by Host: xosoketqua.com URL: https://xosoketqua.com/ Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.73.4 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 4296d14d27998137ed687216f71d64a06e694ba56ae9e99b5666b95118320d3b Request headers accept-language ka-GE,ka;q=0.9 Referer https://xosoketqua.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Wed, 03 May 2023 01:48:49 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 65072 cf-polished origFmt=png, origSize=38896 content-disposition inline; filename="Google_News_icon.webp" alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 24886 cf-bgj imgq:85,h2pri last-modified Mon, 01 May 2023 17:48:41 GMT server cloudflare vary Accept report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8R3e0k8R9A6W7t%2BwF%2B59JYPOjl4Xad8eaWFcMHcNIRe%2B7d4x00%2FPFNPtBkNKpQ2K%2FzWyxFuRNf9bRdA3M0NcovJ60V1AUTP2Gvxg4%2FBTwCF1%2Bh4Myk5R8imvNHiGV6Ao"}],"group":"cf-nel","max_age":604800} content-type image/webp cache-control max-age=90000 accept-ranges bytes cf-ray 7c14d80a0b15bb73-FRA
GET H3	200	rocket-loader.min.js Show response xosoketqua.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/	12 KB 4 KB	3218ms 3218ms	Script application/javascript	172.67.73.4 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://xosoketqua.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js Requested by Host: xosoketqua.com URL: https://xosoketqua.com/ Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.73.4 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142 Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options DENY Request headers accept-language ka-GE,ka;q=0.9 Referer https://xosoketqua.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Wed, 03 May 2023 01:48:49 GMT content-encoding gzip x-content-type-options nosniff last-modified Tue, 25 Apr 2023 11:29:10 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"6447b986-302c" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yCabD3p6%2BekMBGkFy9g2BwPyKZmWKrOiuqnBFd2BGDqmZ%2FEPzRHlwH7lYy7tn59NgrDukun%2F4gpM0ovCUL9i4ICmQzNRAdyF4hgHXyvfZIK8MUQwvzvb4VnNVQ7Ko1Sx"}],"group":"cf-nel","max_age":604800} content-type application/javascript x-frame-options DENY cache-control max-age=172800, public cf-ray 7c14d80a0b18bb73-FRA expires Fri, 05 May 2023 01:48:49 GMT
GET H2	200	v52afc6f149f6479b8c77fa569edb01181681764108816 Show response static.cloudflareinsights.com/beacon.min.js/	19 KB 7 KB	451ms 172ms	Script text/javascript	104.16.57.101 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://static.cloudflareinsights.com/beacon.min.js/v52afc6f149f6479b8c77fa569edb01181681764108816 Requested by Host: xosoketqua.com URL: https://xosoketqua.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.16.57.101 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 13a548e040a1ec08f77911fed1d559b95e5daae0ee227e632140e003c7268e7b Request headers Referer https://xosoketqua.com/ Origin https://xosoketqua.com accept-language ka-GE,ka;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Wed, 03 May 2023 01:48:49 GMT content-encoding gzip last-modified Mon, 17 Apr 2023 20:41:48 GMT server cloudflare etag W/2023.4.2 vary Accept-Encoding content-type text/javascript;charset=UTF-8 access-control-allow-origin * cache-control public, max-age=86400 cross-origin-resource-policy cross-origin cf-ray 7c14d80bcedb994b-FRA
GET H3	200	myapi_home.js Show response xosoketqua.com/xskt/assets/	11 KB 4 KB	136ms 135ms	Script application/javascript	172.67.73.4 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://xosoketqua.com/xskt/assets/myapi_home.js?v=18_02_1 Requested by Host: xosoketqua.com URL: https://xosoketqua.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.73.4 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 22336a040f055dc76c4ea40bd871cad0c16acb1c4a7a8094fbb4ffbda13911cd Request headers accept-language ka-GE,ka;q=0.9 Referer https://xosoketqua.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Wed, 03 May 2023 01:48:52 GMT content-encoding br cf-cache-status HIT cf-bgj minify last-modified Tue, 02 May 2023 10:39:45 GMT server cloudflare age 878 cf-polished origSize=17072 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gmCNHXh928jgeHYaS98v1iw0vLwqzQg%2FWX4oTDmKygzmuEYTTmjnfvyqj93EcQC6ltrz4GhUhJpYzyMmZRj0p33tjes4CBHNIiJZ6LP33V%2F44Ud9yHomd%2BVlx%2FWcG%2Faz"}],"group":"cf-nel","max_age":604800} content-type application/javascript cache-control max-age=90000 cf-ray 7c14d81e3ea7bb73-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET H3	200	moment.min.js Show response xosoketqua.com/xskt/assets/	50 KB 18 KB	142ms 138ms	Script application/javascript	172.67.73.4 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://xosoketqua.com/xskt/assets/moment.min.js?v=34_07_25 Requested by Host: xosoketqua.com URL: https://xosoketqua.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.73.4 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 2f74b7103124df51dc2c0e42e93da8bc7bce703f34f9f82a6820edd81022f76a Request headers accept-language ka-GE,ka;q=0.9 Referer https://xosoketqua.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Wed, 03 May 2023 01:48:52 GMT content-encoding br cf-cache-status HIT last-modified Tue, 02 May 2023 10:39:30 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare age 878 vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Mj5Q4E80tZ89vGFypKIHOD534Qm47hQhNUOFSWJpqMGWl7BfMOCkw%2FWONMv4GkEKfMdzrWtGN25st3jhKguO7eXjzfzzic1u8dMoncbRk%2FY6FgNh6gz%2Bi0CNIhGwstD6"}],"group":"cf-nel","max_age":604800} content-type application/javascript cache-control max-age=90000 cf-ray 7c14d81e3eabbb73-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET H3	200	html2canvas.min.js Show response xosoketqua.com/xskt/assets/	194 KB 46 KB	142ms 139ms	Script application/javascript	172.67.73.4 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://xosoketqua.com/xskt/assets/html2canvas.min.js Requested by Host: xosoketqua.com URL: https://xosoketqua.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.73.4 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 4917b15ac829f7546ab1c053b06499786b45a053169f31f436c16c8eb821414e Request headers accept-language ka-GE,ka;q=0.9 Referer https://xosoketqua.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Wed, 03 May 2023 01:48:52 GMT content-encoding br cf-cache-status HIT last-modified Tue, 02 May 2023 20:46:52 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare age 877 vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FMcX8y9WJ%2BwmkoDzyZ7EJ4LwthFfNH79cuaSHQhOKISeIPYMwcyTdAwSkiuIloBAS2N76xqeXrHe5iLYe3IA37IN0od0TWoZDZfnC%2F3Ncl3xiVuodMJt0wcCNxj%2FrKc1"}],"group":"cf-nel","max_age":604800} content-type application/javascript cache-control max-age=90000 cf-ray 7c14d81e3eafbb73-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET H3	200	main_index.js Show response xosoketqua.com/xskt/assets/	5 KB 2 KB	138ms 134ms	Script application/javascript	172.67.73.4 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://xosoketqua.com/xskt/assets/main_index.js Requested by Host: xosoketqua.com URL: https://xosoketqua.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.73.4 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 198913752556a4f2f624d36003da83fd4ef164a10505a692b8fec18fbd6569a9 Request headers accept-language ka-GE,ka;q=0.9 Referer https://xosoketqua.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Wed, 03 May 2023 01:48:52 GMT content-encoding br cf-cache-status HIT cf-bgj minify last-modified Tue, 02 May 2023 20:46:52 GMT server cloudflare age 878 cf-polished origSize=6366 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tKeFcwV1xeDy4RryCjJQ4DRpXM97F%2Fv4UKfTXPWxrTDZYGdrhuHctdUPnYNU0yFSgL5i%2BwSWMzpyK6mbsaAYPM5qrvbMNjQ4GTWwJVnpek7%2FZOGnttmymIyZ4sGx4tJ3"}],"group":"cf-nel","max_age":604800} content-type application/javascript cache-control max-age=90000 cf-ray 7c14d81e3eb0bb73-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET H3	200	jqueryval.js Show response xosoketqua.com/xskt/assets/	27 KB 9 KB	139ms 136ms	Script application/javascript	172.67.73.4 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://xosoketqua.com/xskt/assets/jqueryval.js Requested by Host: xosoketqua.com URL: https://xosoketqua.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.73.4 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 6afdbd54a64983a71441817c8a89faaef68c26aeb47c03e6dfbba9346fee1460 Request headers accept-language ka-GE,ka;q=0.9 Referer https://xosoketqua.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Wed, 03 May 2023 01:48:52 GMT content-encoding br cf-cache-status HIT cf-bgj minify last-modified Tue, 02 May 2023 20:46:52 GMT server cloudflare age 877 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cI%2F3xgh669AEIaMKpeIptS6iGr39Y4R7Z%2BQ8k0f%2Bm20A4mU3bHyCnn%2FuAWvwWoGLKd0NeqeIHJ4n9%2BuU362AxnILaJsGIS4FY1LsyRMpi0GqJNFLy5Vd1BTozezAV9Su"}],"group":"cf-nel","max_age":604800} content-type application/javascript cache-control max-age=90000 cf-ray 7c14d81e3eb1bb73-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET H3	200	xsdp.min.js Show response xosoketqua.com/xskt/assets/	19 KB 5 KB	139ms 135ms	Script application/javascript	172.67.73.4 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://xosoketqua.com/xskt/assets/xsdp.min.js?v=24_09 Requested by Host: xosoketqua.com URL: https://xosoketqua.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.73.4 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 7322d236b28fc8d784909a4ff1e8e082ba2f207b3a64d2aa43e52fe0e45441ac Request headers accept-language ka-GE,ka;q=0.9 Referer https://xosoketqua.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Wed, 03 May 2023 01:48:52 GMT content-encoding br cf-cache-status HIT last-modified Tue, 02 May 2023 10:39:27 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare age 878 vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tPC22WaG3sogO2vq9MNtt1Ao8CvHlMgA1uHoX9VehG9j27dPZY%2B7PcXBBwSWaEkinRUhsZQ%2FSTH9xJRIc8%2FRhS7mU%2FFdnpJsygtHm1Iq3tl1tTvg5PN6JSSgTBtuhENX"}],"group":"cf-nel","max_age":604800} content-type application/javascript cache-control max-age=90000 cf-ray 7c14d81e3eb2bb73-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET H3	200	jquerylib.js Show response xosoketqua.com/xskt/assets/	368 KB 109 KB	270ms 267ms	Script application/javascript	172.67.73.4 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://xosoketqua.com/xskt/assets/jquerylib.js Requested by Host: xosoketqua.com URL: https://xosoketqua.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.73.4 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash b0ea3d9ba83e515d8ae6a36eea23403c8928b81a8f84ac93d10c4e6a22d6b93a Request headers accept-language ka-GE,ka;q=0.9 Referer https://xosoketqua.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Wed, 03 May 2023 01:48:52 GMT content-encoding br cf-cache-status HIT cf-bgj minify last-modified Tue, 02 May 2023 20:44:42 GMT server cloudflare age 879 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pDxX5PIG7S1mKVZ3EVjmxtSdq%2BspVsETEITp50drKG2c4P6jnbD3mp0vJh5qNzkqj8J1lV4V21%2BjmONknw12ifkwYS5qfYkzX%2BgWp4EPTsWZVOVU3N9ukZHOyx7eO04A"}],"group":"cf-nel","max_age":604800} content-type application/javascript cache-control max-age=90000 cf-ray 7c14d81e3eb3bb73-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET H2	200	DMCABadgeHelper.min.js Show response images.dmca.com/Badges/	465 B 672 B	698ms 138ms	Script application/javascript	151.139.128.10 STACKPATH-CDN
General Check archive.org Show headers Download Go to Full URL https://images.dmca.com/Badges/DMCABadgeHelper.min.js Requested by Host: xosoketqua.com URL: https://xosoketqua.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US), Reverse DNS map3.hwcdn.net Software Microsoft-IIS/10.0 / ASP.NET Resource Hash e8021f1a9dad409f7e699457ac334653bf800464df69900237c4de1c29e275d0 Request headers accept-language ka-GE,ka;q=0.9 Referer https://xosoketqua.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Wed, 03 May 2023 01:48:53 GMT content-encoding gzip last-modified Fri, 21 Jun 2019 20:14:34 GMT server Microsoft-IIS/10.0 etag "26b181f16d28d51:0" x-powered-by ASP.NET x-hw 1683078533.cds289.fr8.hn,1683078533.cds057.fr8.c content-type application/javascript access-control-allow-origin * cache-control public,max-age=31536000 accept-ranges bytes link <https://www.dmca.com/Badges/DMCABadgeHelper.min.js>; rel="canonical" content-length 395
GET H2	200	xosoketqua.com.1343895.js Show response jsc.mgid.com/x/o/	3 KB 2 KB	415ms 141ms	Script text/javascript	104.19.135.78 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://jsc.mgid.com/x/o/xosoketqua.com.1343895.js Requested by Host: xosoketqua.com URL: https://xosoketqua.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.19.135.78 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 0600b393260e2df05723f6018dfb42e99560f2be0b9de0fffad1584d1f5d2637 Request headers accept-language ka-GE,ka;q=0.9 Referer https://xosoketqua.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Wed, 03 May 2023 01:48:53 GMT x-amz-version-id PrUCfMP0JRecHfj6D529PdWqP6aNauFX content-encoding br cf-cache-status HIT x-amz-request-id DWPH2151582SF41N age 762 cf-polished origSize=2690 x-amz-server-side-encryption AES256 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 x-amz-id-2 VfvbYGQTfAAXJtsqM8mB8oV2mRgUTV++nMMTPdMqhpgDTcZpm5mY92r3I0nCLsdX4+9tIQIzVUA= cf-bgj minify last-modified Thu, 27 Apr 2023 07:27:21 GMT server cloudflare etag W/"04588863e1a4daf3b76b6396282333c0" vary Accept-Encoding content-type text/javascript cache-control public, max-age=10800 cf-ray 7c14d81ff93e30ca-FRA expires Wed, 03 May 2023 04:48:53 GMT
GET H2	200	adsbygoogle.js Show response pagead2.googlesyndication.com/pagead/js/	138 KB 47 KB	504ms 153ms	Script text/javascript	142.250.184.194 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-5071155005901453 Requested by Host: xosoketqua.com URL: https://xosoketqua.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.184.194 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s11-in-f2.1e100.net Software cafe / Resource Hash e2995a245d428146ad46b7bf336037be6593a0d7b6331c5ee6a5e9550414ac24 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://xosoketqua.com/ Origin https://xosoketqua.com accept-language ka-GE,ka;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Wed, 03 May 2023 01:48:53 GMT content-encoding br x-content-type-options nosniff p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 47340 x-xss-protection 0 server cafe etag 5809589998673960131 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=3600 timing-allow-origin * expires Wed, 03 May 2023 01:48:53 GMT
GET H2	200	OneSignalSDK.js Show response cdn.onesignal.com/sdks/	9 KB 3 KB	425ms 157ms	Script application/javascript	104.18.214.59 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.onesignal.com/sdks/OneSignalSDK.js?v=3 Requested by Host: xosoketqua.com URL: https://xosoketqua.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.18.214.59 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 194addf8fd862999286b33cf83116babe8c700ba3a28111777f49ca72c429970 Security Headers Name Value Strict-Transport-Security max-age=15552000; includeSubDomains Request headers accept-language ka-GE,ka;q=0.9 Referer https://xosoketqua.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Wed, 03 May 2023 01:48:53 GMT via 1.1 google content-encoding br cf-cache-status EXPIRED server cloudflare strict-transport-security max-age=15552000; includeSubDomains etag W/"06f50014011c1fcd9e21b6b0481979de" vary Accept-Encoding content-type application/javascript cache-control public, max-age=259200 cf-ray 7c14d81fe83b3680-FRA access-control-allow-headers OneSignal-Subscription-Id alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 expires Sat, 06 May 2023 01:48:53 GMT
GET H2	200	js Show response www.googletagmanager.com/gtag/	115 KB 45 KB	409ms 142ms	Script application/javascript	142.250.186.72 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=UA-146204891-4 Requested by Host: xosoketqua.com URL: https://xosoketqua.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.186.72 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s05-in-f8.1e100.net Software Google Tag Manager / Resource Hash 99b63616379674f42fa0ee4b8ce712ec52d6084e7b89da123e596b522b83d768 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers accept-language ka-GE,ka;q=0.9 Referer https://xosoketqua.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Wed, 03 May 2023 01:48:53 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 45732 x-xss-protection 0 last-modified Wed, 03 May 2023 00:00:00 GMT server Google Tag Manager vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true access-control-allow-headers Cache-Control expires Wed, 03 May 2023 01:48:53 GMT
GET H2	200	xosoketqua.com.1343895.es6.js Show response jsc.mgid.com/x/o/	254 KB 72 KB	146ms 145ms	Script text/javascript	104.19.135.78 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://jsc.mgid.com/x/o/xosoketqua.com.1343895.es6.js Requested by Host: jsc.mgid.com URL: https://jsc.mgid.com/x/o/xosoketqua.com.1343895.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.19.135.78 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 86563b0e8f32503912407673436d84bc1cb119362489c79b5a193afd81c7bce4 Request headers accept-language ka-GE,ka;q=0.9 Referer https://xosoketqua.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Wed, 03 May 2023 01:48:53 GMT x-amz-version-id EqxlZb7iBnXJGPj.nSiSJjdUTmAvUEN1 content-encoding br cf-cache-status HIT x-amz-request-id 86CDHMFXV6TGNV7G age 760 cf-polished origSize=260140 x-amz-server-side-encryption AES256 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 x-amz-id-2 kdsxxapAbKR3zj0Jjw9dTGytwwSJy3Wf1DDM3hJV+WTFaVS1+Dftw9yAR8PlTpY8JOKR6awXRU4= cf-bgj minify last-modified Thu, 27 Apr 2023 07:27:21 GMT server cloudflare etag W/"48815c907b63354050da39dccc792596" vary Accept-Encoding content-type text/javascript cache-control public, max-age=10800 cf-ray 7c14d820d9d430ca-FRA expires Wed, 03 May 2023 04:48:53 GMT
GET H2	200	OneSignalPageSDKES6.js Show response cdn.onesignal.com/sdks/	284 KB 68 KB	141ms 141ms	Script application/javascript	104.18.214.59 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151601 Requested by Host: cdn.onesignal.com URL: https://cdn.onesignal.com/sdks/OneSignalSDK.js?v=3 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.18.214.59 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash c868ebeb22a6d2945834c14da4641969a62e35a6cfa434a974339df068324b6e Security Headers Name Value Strict-Transport-Security max-age=15552000; includeSubDomains Request headers accept-language ka-GE,ka;q=0.9 Referer https://xosoketqua.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Wed, 03 May 2023 01:48:53 GMT via 1.1 google content-encoding br cf-cache-status HIT server cloudflare strict-transport-security max-age=15552000; includeSubDomains age 1049 etag W/"2cf94922e2d551e8dc7c38c022a9a3ca" vary Accept-Encoding content-type application/javascript cache-control public, max-age=259200 cf-ray 7c14d820e8c93680-FRA access-control-allow-headers OneSignal-Subscription-Id alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 expires Sat, 06 May 2023 01:48:53 GMT
GET H2	200	analytics.js Show response www.google-analytics.com/	51 KB 21 KB	411ms 135ms	Script text/javascript	142.250.186.174 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/analytics.js Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=UA-146204891-4 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.186.174 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s08-in-f14.1e100.net Software Golfe2 / Resource Hash e7b90d32907f89c49e9e2a2ccca95133277f756f13a14187936d9b948ff67b44 Security Headers Name Value Strict-Transport-Security max-age=10886400; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language ka-GE,ka;q=0.9 Referer https://xosoketqua.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers strict-transport-security max-age=10886400; includeSubDomains; preload content-encoding gzip x-content-type-options nosniff date Wed, 03 May 2023 01:05:04 GMT last-modified Mon, 17 Apr 2023 22:36:01 GMT server Golfe2 age 2629 vary Accept-Encoding content-type text/javascript cache-control public, max-age=7200 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 20737 expires Wed, 03 May 2023 03:05:04 GMT
GET H3	200	show_ads_impl_fy2021.js Show response pagead2.googlesyndication.com/pagead/managed/js/adsense/m202304270101/	354 KB 119 KB	417ms 154ms	Script text/javascript	142.250.184.194 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202304270101/show_ads_impl_fy2021.js Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-5071155005901453 Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.184.194 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s11-in-f2.1e100.net Software cafe / Resource Hash cff1cde029d7f20239b873ade5e92349e7e1abc32b33bd698eaef5edde2ff4ca Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language ka-GE,ka;q=0.9 Referer https://xosoketqua.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Wed, 03 May 2023 01:48:53 GMT content-encoding br x-content-type-options nosniff p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 122066 x-xss-protection 0 server cafe etag 15568573717201646961 vary Accept-Encoding content-type text/javascript; charset=UTF-8 cache-control private, max-age=1209600 timing-allow-origin * expires Wed, 03 May 2023 01:48:53 GMT
GET		zrt_lookup.html googleads.g.doubleclick.net/pagead/html/r20230501/r20190131/ Frame 49CF	0 0
GET H2	200	web Show response onesignal.com/api/v1/sync/e38d6cec-9743-465f-aee2-edda7ae252e9/	4 KB 2 KB	184ms 175ms	Script text/javascript	104.18.214.59 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://onesignal.com/api/v1/sync/e38d6cec-9743-465f-aee2-edda7ae252e9/web?callback=__jp0 Requested by Host: cdn.onesignal.com URL: https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151601 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.18.214.59 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 3bd806bf46b2b17d2369375ae600c43adce2f79e652a844a83244c4e2152fe9e Security Headers Name Value Strict-Transport-Security max-age=15552000; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language ka-GE,ka;q=0.9 Referer https://xosoketqua.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Wed, 03 May 2023 01:48:53 GMT via 1.1 google x-content-type-options nosniff cf-cache-status EXPIRED content-encoding br x-permitted-cross-domain-policies none strict-transport-security max-age=15552000; includeSubDomains alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 x-xss-protection 1; mode=block x-request-id d8166357-1d59-4dff-9056-2a0ce7efe426 x-runtime 0.024206 referrer-policy strict-origin-when-cross-origin server cloudflare etag W/"3bd806bf46b2b17d2369375ae600c43a" x-download-options noopen vary Origin, Accept-Encoding x-frame-options SAMEORIGIN content-type text/javascript; charset=utf-8 access-control-allow-origin * cache-control public, max-age=3600 cf-ray 7c14d822e9f83680-FRA access-control-allow-headers SDK-Version expires Wed, 03 May 2023 02:48:53 GMT
GET H3	200	ic_keno.png xosoketqua.com/xskt/img/	970 B 1 KB	136ms 135ms	Image image/webp	172.67.73.4 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://xosoketqua.com/xskt/img/ic_keno.png Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.73.4 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 461b7a027b306b8f8f7feebe6f009d08942f52101d3525fe297a9ffe12e6c921 Request headers accept-language ka-GE,ka;q=0.9 Referer https://xosoketqua.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Wed, 03 May 2023 01:48:53 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 65073 cf-polished origFmt=png, origSize=3454 content-disposition inline; filename="ic_keno.webp" alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 970 cf-bgj imgq:85,h2pri last-modified Mon, 01 May 2023 09:41:14 GMT server cloudflare vary Accept report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=faT%2FThRRpLWyakW7RjNNLmyKquYB5rU6uZkhGkUnARn1%2F8bJAsl4d8fsPf5EJ%2BVLd1WWZCFt%2BA39IvpCwVBexAoo68l4bxGtvnuKtBaCtPRwsTdFTrs6H9xR4oVpVKJe"}],"group":"cf-nel","max_age":604800} content-type image/webp cache-control max-age=90000 accept-ranges bytes cf-ray 7c14d822d92bbb73-FRA
GET BLOB	200 OK	40504e6d-c608-4d6c-b933-63f625420417 https://xosoketqua.com/	0 0		Other text/javascript
General Check archive.org Show headers Download Go to Full URL blob:https://xosoketqua.com/40504e6d-c608-4d6c-b933-63f625420417 Protocol BLOB Server -, , ASN (), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language ka-GE,ka;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Content-Length 0 Content-Type text/javascript
GET BLOB	200 OK	ac5dc3dc-ceea-42fd-84d4-f87f889bbdce https://xosoketqua.com/	250 B 0		Other text/javascript
General Check archive.org Show headers Download Go to Full URL blob:https://xosoketqua.com/ac5dc3dc-ceea-42fd-84d4-f87f889bbdce Protocol BLOB Server -, , ASN (), Reverse DNS Software / Resource Hash e37071398d21f18dff2370ee0885f38811bb69bb465b398100ab3101fc521d6b Request headers accept-language ka-GE,ka;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Content-Length 250 Content-Type text/javascript
GET H3	200	photo-camera.png xosoketqua.com/images/	250 B 753 B	134ms 134ms	Image image/png	172.67.73.4 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://xosoketqua.com/images/photo-camera.png Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.73.4 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash bdcdc6490a46826a73d7b3d9c74d3e59b9b21c6f7cc037a3f95682a706efcad0 Request headers accept-language ka-GE,ka;q=0.9 Referer https://xosoketqua.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Wed, 03 May 2023 01:48:53 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 65072 cf-polished status=format_not_supported alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 250 cf-bgj imgq:85,h2pri last-modified Mon, 01 May 2023 09:39:26 GMT server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CXy6yb4n3YR6L%2BYRsqHVwIE2N%2BH95hIEYXJ6xRqNm9WrqlPhEbF6gmmxpmw9FzbzLihAIN%2BPX8haNPA6zMiRP9lQQVNrXkXnb%2FwZL6tGxxNSRoasj7Yn9oPVXE%2BHGUFT"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control max-age=90000 accept-ranges bytes cf-ray 7c14d8230938bb73-FRA
GET H3	200	hot.gif xosoketqua.com/images/	181 B 684 B	136ms 136ms	Image image/gif	172.67.73.4 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://xosoketqua.com/images/hot.gif Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.73.4 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash ede1a14f2800eeb40e5370aef684dce98eff7eee4e6c75fb9b3c4c773351a8b2 Request headers accept-language ka-GE,ka;q=0.9 Referer https://xosoketqua.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Wed, 03 May 2023 01:48:53 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 65072 cf-polished origSize=197, status=webp_bigger alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 181 cf-bgj imgq:85,h2pri last-modified Mon, 01 May 2023 09:39:26 GMT server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DbozLFJWqEwCcy%2B7LFwiFzCoBmyNUpWhbu8ZYc3aalex3XgdlHw3jy0%2ByTZMOKSYG%2FIlxkvwAXh%2FBsF7jZbNLV6y1fzi1GbqtuHpa5UgdF1LCHFcRoiNagmT8YHg6ets"}],"group":"cf-nel","max_age":604800} content-type image/gif cache-control max-age=90000 accept-ranges bytes cf-ray 7c14d8230939bb73-FRA
GET H3	200	tinhwaiting.gif xosoketqua.com/xskt/img/	4 KB 5 KB	139ms 139ms	Image image/webp	172.67.73.4 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://xosoketqua.com/xskt/img/tinhwaiting.gif Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.73.4 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash c62e745470fae8a17a2241b5305f55ec2876b67b66de977faf03c9d65b6e54c6 Request headers accept-language ka-GE,ka;q=0.9 Referer https://xosoketqua.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Wed, 03 May 2023 01:48:53 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 65076 cf-polished origFmt=gif, origSize=4559 content-disposition inline; filename="tinhwaiting.webp" alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 4138 cf-bgj imgq:85,h2pri last-modified Mon, 01 May 2023 09:40:11 GMT server cloudflare vary Accept report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=r%2Bw5%2BxY2PWG6kTMLSFnDffDwT9IB%2BQG0SaKk%2F6flExHxzeS9VM28B04vYHITeP2seHdcJCSJ%2BCf9vmCuVjU1E50B4fu%2FnTNrluJeYVxQ%2BZFV4z6g%2FPox%2FZ9SRMP35BJU"}],"group":"cf-nel","max_age":604800} content-type image/webp cache-control max-age=90000 accept-ranges bytes cf-ray 7c14d8231946bb73-FRA
POST H3	204	rum Show response xosoketqua.com/cdn-cgi/	0 140 B	134ms 130ms	XHR text/plain	172.67.73.4 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://xosoketqua.com/cdn-cgi/rum? Requested by Host: static.cloudflareinsights.com URL: https://static.cloudflareinsights.com/beacon.min.js/v52afc6f149f6479b8c77fa569edb01181681764108816 Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.73.4 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options DENY Request headers Referer https://xosoketqua.com/ accept-language ka-GE,ka;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 content-type application/json Response headers date Wed, 03 May 2023 01:48:53 GMT x-content-type-options nosniff server cloudflare vary Origin access-control-max-age 86400 access-control-allow-methods POST,OPTIONS access-control-allow-origin https://xosoketqua.com x-frame-options DENY access-control-allow-credentials true cf-ray 7c14d823194bbb73-FRA
GET H2	200	/ Show response c.mgid.com/pv/	0 43 B	155ms 147ms	Script text/plain	104.19.135.78 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://c.mgid.com/pv/?scum=%3F0&scuw=%3F0&pv=5&cbuster=1683078533596712476856&uniqId=17d8b&lct=1682553600&niet=4g&nisd=false&jsv=es6&ref=&cxurl=http%3A%2F%2Fxosoketqua.com%2F&lu=https%3A%2F%2Fxosoketqua.com%2F&sessionId=6451bd86-12e1b&pageView=1&pvid=187df4c51dc94a5c63a&site=798325&implVersion=11&dpr=1&tfre=4049 Requested by Host: jsc.mgid.com URL: https://jsc.mgid.com/x/o/xosoketqua.com.1343895.es6.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.19.135.78 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language ka-GE,ka;q=0.9 Referer https://xosoketqua.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Wed, 03 May 2023 01:48:53 GMT cf-cache-status DYNAMIC server cloudflare cf-ray 7c14d8236b7c30ca-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 0
GET BLOB	206 Partial Content	bd1a3ef5-4c5c-4250-88f9-44cf83ec034b https://xosoketqua.com/	1 KB 0		Media video/mp4
General Check archive.org Show headers Download Go to Full URL blob:https://xosoketqua.com/bd1a3ef5-4c5c-4250-88f9-44cf83ec034b Protocol BLOB Server -, , ASN (), Reverse DNS Software / Resource Hash 60ddc774c7b5fd0c01d169321a444da403d60c0042f6bee01b0c96f6e1535fda Request headers Referer Accept-Encoding identity;q=1, *;q=0 accept-language ka-GE,ka;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Range bytes=0- Response headers Content-Range bytes 0-1492/1493 Content-Length 1493 Content-Type video/mp4
GET H2	200	mgid_ua.svg cdn.mgid.com/images/mgid/	2 KB 1 KB	147ms 138ms	Image image/svg+xml	104.19.135.78 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://cdn.mgid.com/images/mgid/mgid_ua.svg Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.19.135.78 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 70d5c4de881e718d0b7638959680ba86722d44eecbe4058d20dd77b8d0d97155 Request headers accept-language ka-GE,ka;q=0.9 Referer https://xosoketqua.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Wed, 03 May 2023 01:48:53 GMT x-amz-version-id null content-encoding br cf-cache-status HIT x-amz-request-id 5HW7HCDCYE0NXDBD age 6874 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 x-amz-id-2 G94v7pzjyjLnSAZZVXI0e58Eui5rHZR9441Vhr3UnW4mLFb/hI7xqd1r2K+ySizuFdjETUkIV4U= last-modified Tue, 08 Mar 2022 17:05:01 GMT server cloudflare x-amz-meta-s3cmd-attrs atime:1646759091/ctime:1646759091/gid:0/gname:root/md5:617c205137825561208ef7c1a2d8f319/mode:33206/mtime:1646759091/uid:0/uname:root etag W/"617c205137825561208ef7c1a2d8f319" vary Accept-Encoding content-type image/svg+xml cache-control public, max-age=86400 cf-ray 7c14d8237b8730ca-FRA expires Thu, 04 May 2023 01:48:53 GMT
GET H2	200	Adchoices.svg cdn.mgid.com/images/logos/	836 B 888 B	145ms 137ms	Image image/svg+xml	104.19.135.78 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://cdn.mgid.com/images/logos/Adchoices.svg Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.19.135.78 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 7992a4430843ef8b4bbae534358be3193aa1ae9c78f273e8e8a70b6af1244ac5 Request headers accept-language ka-GE,ka;q=0.9 Referer https://xosoketqua.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Wed, 03 May 2023 01:48:53 GMT x-amz-version-id null content-encoding br cf-cache-status HIT x-amz-request-id YX26RVNEGW9X6AWK age 465 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 x-amz-id-2 n34KGzJQ98MT9xBDtbJv2oufYNYTE1MJ4vzxC7KZ0Bli4Tknnuz5/OulQ9m/FQMVXjfciLfclSI= last-modified Wed, 17 Feb 2021 18:15:53 GMT server cloudflare x-amz-meta-s3cmd-attrs atime:1613585745/ctime:1613585745/gid:0/gname:root/md5:7d59364b7ed2df3f02507c9f92560df9/mode:33206/mtime:1613585745/uid:0/uname:root etag W/"7d59364b7ed2df3f02507c9f92560df9" vary Accept-Encoding content-type image/svg+xml cache-control public, max-age=86400 cf-ray 7c14d8237b8630ca-FRA expires Thu, 04 May 2023 01:48:53 GMT
GET H2	200	1 Show response servicer.mgid.com/1343895/	4 KB 2 KB	173ms 162ms	Script application/x-javascript	104.19.135.78 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://servicer.mgid.com/1343895/1?scum=%3F0&scuw=%3F0&pv=5&cbuster=1683078533666778414164&uniqId=17d8b&lct=1682553600&niet=4g&nisd=false&jsv=es6&mp4=1&ap=1&w=553&h=559&maxw_3=271&maxh_3=250&sz=271x250&szp=1,2,3,4&szl=1,2;3,4&cols=2&ref=&cxurl=http%3A%2F%2Fxosoketqua.com%2F&lu=https%3A%2F%2Fxosoketqua.com%2F&sessionId=6451bd86-12e1b&pageView=1&pvid=187df4c51dc94a5c63a&implVersion=11&dpr=1&tfre=4120 Requested by Host: jsc.mgid.com URL: https://jsc.mgid.com/x/o/xosoketqua.com.1343895.es6.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.19.135.78 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 4152ba124405ee11dad3b57da874064924ce80b6b63394b8d0ad8eb1b48e9750 Request headers accept-language ka-GE,ka;q=0.9 Referer https://xosoketqua.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Wed, 03 May 2023 01:48:53 GMT content-encoding br cf-cache-status DYNAMIC server cloudflare vary Accept-Encoding content-type application/x-javascript; charset=utf-8 access-control-allow-origin * access-control-allow-credentials true cf-ray 7c14d823dbb030ca-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET H3	200	OneSignalSDKStyles.css onesignal.com/sdks/	82 KB 9 KB	145ms 144ms	Stylesheet text/css	104.18.214.59 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://onesignal.com/sdks/OneSignalSDKStyles.css?v=2 Requested by Host: cdn.onesignal.com URL: https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151601 Protocol H3 Security QUIC, , AES_128_GCM Server 104.18.214.59 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash db7e0b393e175f19922fefbdcaa2866fca209c521d01cc834ae06cbf8d0f91b7 Security Headers Name Value Strict-Transport-Security max-age=15552000; includeSubDomains Request headers accept-language ka-GE,ka;q=0.9 Referer https://xosoketqua.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Wed, 03 May 2023 01:48:53 GMT via 1.1 google content-encoding br cf-cache-status HIT server cloudflare strict-transport-security max-age=15552000; includeSubDomains age 3557 etag W/"4e9aaefffd5f8ae7dc83361aa2294190" vary Accept-Encoding content-type text/css cache-control public, max-age=2592000 cf-ray 7c14d824180e927f-FRA access-control-allow-headers OneSignal-Subscription-Id alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 expires Fri, 02 Jun 2023 01:48:53 GMT
POST H2	200	collect Show response www.google-analytics.com/j/	1 B 205 B	143ms 142ms	XHR text/plain	142.250.186.174 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/j/collect?v=1&_v=j100&a=967616629&t=pageview&_s=1&dl=https%3A%2F%2Fxosoketqua.com%2F&ul=en-us&de=UTF-8&dt=X%E1%BB%95%20S%E1%BB%91%20K%E1%BA%BFt%20Qu%E1%BA%A3%20-%20ketqua%2C%20kqxs%2C%20ket%20qua%20xo%20so%20hom%20nay%2C%20ketquaxoso&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAACAAI~&jid=2029318881&gjid=1094680064&cid=1056347546.1683078534&tid=UA-146204891-4&_gid=1037242430.1683078534&_r=1&gtm=457e3510&jsscut=1&z=130905888 Requested by Host: www.google-analytics.com URL: https://www.google-analytics.com/analytics.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.186.174 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s08-in-f14.1e100.net Software Golfe2 / Resource Hash 6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer https://xosoketqua.com/ accept-language ka-GE,ka;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Content-Type text/plain Response headers pragma no-cache date Wed, 03 May 2023 01:48:53 GMT x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 content-type text/plain access-control-allow-origin https://xosoketqua.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 1 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	mgid_ua.svg cdn.mgid.com/images/mgid/	2 KB 1 KB	146ms 146ms	Image image/svg+xml	104.19.135.78 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://cdn.mgid.com/images/mgid/mgid_ua.svg Requested by Host: jsc.mgid.com URL: https://jsc.mgid.com/x/o/xosoketqua.com.1343895.es6.js Protocol H3 Security QUIC, , AES_128_GCM Server 104.19.135.78 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 70d5c4de881e718d0b7638959680ba86722d44eecbe4058d20dd77b8d0d97155 Request headers accept-language ka-GE,ka;q=0.9 Referer https://xosoketqua.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Wed, 03 May 2023 01:48:53 GMT x-amz-version-id null content-encoding br cf-cache-status HIT x-amz-request-id BQQZ016TJQM3CQAQ age 6169 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 x-amz-id-2 H0ihdhm/EJhbcC+homFO+mab68DYYvx/mk6E6cpnOvsu3WasxL/t0xcMLjTuGMaSc4h2RuXW7vE= last-modified Tue, 08 Mar 2022 17:05:01 GMT server cloudflare x-amz-meta-s3cmd-attrs atime:1646759091/ctime:1646759091/gid:0/gname:root/md5:617c205137825561208ef7c1a2d8f319/mode:33206/mtime:1646759091/uid:0/uname:root etag W/"617c205137825561208ef7c1a2d8f319" vary Accept-Encoding content-type image/svg+xml cache-control public, max-age=86400 cf-ray 7c14d8252aea03b8-FRA expires Thu, 04 May 2023 01:48:53 GMT
GET H3	200	Adchoices.svg cdn.mgid.com/images/logos/	836 B 1010 B	147ms 147ms	Image image/svg+xml	104.19.135.78 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://cdn.mgid.com/images/logos/Adchoices.svg Requested by Host: jsc.mgid.com URL: https://jsc.mgid.com/x/o/xosoketqua.com.1343895.es6.js Protocol H3 Security QUIC, , AES_128_GCM Server 104.19.135.78 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 7992a4430843ef8b4bbae534358be3193aa1ae9c78f273e8e8a70b6af1244ac5 Request headers accept-language ka-GE,ka;q=0.9 Referer https://xosoketqua.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Wed, 03 May 2023 01:48:53 GMT x-amz-version-id null content-encoding br cf-cache-status HIT x-amz-request-id BQQP2P0ZGAY0CMXJ age 5582 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 x-amz-id-2 Cxr/h9GEH2cm2grnKHiXrIw5MioqY/kDhHlX9SIKfHkMPhFjrTu42FaOoPgYIABs4KQfQTtjm/c= last-modified Wed, 17 Feb 2021 18:15:53 GMT server cloudflare x-amz-meta-s3cmd-attrs atime:1613585745/ctime:1613585745/gid:0/gname:root/md5:7d59364b7ed2df3f02507c9f92560df9/mode:33206/mtime:1613585745/uid:0/uname:root etag W/"7d59364b7ed2df3f02507c9f92560df9" vary Accept-Encoding content-type image/svg+xml cache-control public, max-age=86400 cf-ray 7c14d8252aee03b8-FRA expires Thu, 04 May 2023 01:48:53 GMT
GET H2	200	aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHFfYXV0bzpnb29kLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMi0xMC8zMTAxNDEvMWNjN... s-img.mgid.com/g/14493034/492x277/-/	16 KB 16 KB	468ms 196ms	Image image/webp	104.19.133.78 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://s-img.mgid.com/g/14493034/492x277/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHFfYXV0bzpnb29kLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMi0xMC8zMTAxNDEvMWNjNjRjNGNhMjAzMTQxYWFhZGM3MDJlNTkzNDBiNGIuanBn.webp?v=1683078533-Sk0iWe5Jl5p4ukSIR9DjqHWxK1_GNmw0RLtXR_mLB6E Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.19.133.78 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 822b4df53bd3e161b37f484e527fa255f2f40bd72b66e79efc66408be9530728 Request headers Referer https://xosoketqua.com/ Origin https://xosoketqua.com accept-language ka-GE,ka;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Wed, 03 May 2023 01:48:54 GMT cf-cache-status HIT last-modified Mon, 31 Oct 2022 21:56:26 GMT x-mg-request-uuid 7e09be15-4c69-44f7-9972-b9a3ca3d32dd server cloudflare age 418160 vary Accept-Encoding content-type image/webp access-control-allow-origin * cache-control immutable, max-age=31536000 accept-ranges bytes x-robots-tag noindex cf-ray 7c14d826ef661c1c-FRA content-length 16424 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET H2	200	aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHFfYXV0bzpnb29kLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMy0wMy83ODU1ODYvZTY4Y... s-img.mgid.com/g/15643640/492x277/-/	10 KB 10 KB	410ms 137ms	Image image/webp	104.19.133.78 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://s-img.mgid.com/g/15643640/492x277/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHFfYXV0bzpnb29kLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMy0wMy83ODU1ODYvZTY4YTQwM2Y1OTY0MTgzM2U4NDRlNmJkZWQxYjYxOTUuanBn.webp?v=1683078533-Iax33DzHgxsk8WaRw8ou0BIJPUndTknlfOCUylS1cuY Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.19.133.78 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 05246e75582763e580ad96be2cbfe21ad8deed6e478e9694c48a619dca0296f3 Request headers Referer https://xosoketqua.com/ Origin https://xosoketqua.com accept-language ka-GE,ka;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Wed, 03 May 2023 01:48:54 GMT cf-cache-status HIT last-modified Sun, 19 Mar 2023 21:20:25 GMT x-mg-request-uuid cd1123c2-e8c7-431c-8875-df15402f0b66 server cloudflare age 3817518 vary Accept-Encoding content-type image/webp access-control-allow-origin * cache-control immutable, max-age=31536000 accept-ranges bytes x-robots-tag noindex cf-ray 7c14d826ef681c1c-FRA content-length 10076 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET H2	200	aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ194eV9jZW50ZXIscV9hdXRvOmdvb2Qsd18xMDIwLHhfMjM1LHlfNjAvaHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjItMTIvN... s-img.mgid.com/g/15031533/492x277/-/	10 KB 10 KB	498ms 226ms	Image image/webp	104.19.133.78 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://s-img.mgid.com/g/15031533/492x277/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ194eV9jZW50ZXIscV9hdXRvOmdvb2Qsd18xMDIwLHhfMjM1LHlfNjAvaHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjItMTIvNjI1Njc2L2FkZTNiMjkyNmE3Y2RhYmI5ODAzYjk0YTk5OGE4M2QxLmpwZw.webp?v=1683078533-wATbbi6-14ws1r9CtmuF5QnWKs6E8BbVLQmoOLyYNnM Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.19.133.78 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 51661c9cf72b9b4261b683b0e7b9d2a63972a5f2dd4d552ee1fd03d6a28d1c19 Request headers Referer https://xosoketqua.com/ Origin https://xosoketqua.com accept-language ka-GE,ka;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Wed, 03 May 2023 01:48:54 GMT cf-cache-status HIT last-modified Fri, 30 Dec 2022 10:07:50 GMT x-mg-request-uuid ea8ff9d2-bdeb-4e19-a45b-b7a9632f6225 server cloudflare age 10683402 vary Accept-Encoding content-type image/webp access-control-allow-origin * cache-control immutable, max-age=31536000 accept-ranges bytes x-robots-tag noindex cf-ray 7c14d826ef691c1c-FRA content-length 10132 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET H2	206	5ff552a8684ccba1b400bdfed00a5464.mp4 cl.imghosts.com/imgh/video/upload/ar_16:9,c_fill,w_680/videos/t/2023-05/581854/	408 KB 409 KB	423ms 142ms	Media video/mp4	104.18.12.45 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cl.imghosts.com/imgh/video/upload/ar_16:9,c_fill,w_680/videos/t/2023-05/581854/5ff552a8684ccba1b400bdfed00a5464.mp4?v=1683078533-KDvLT3NoJAlBZLrXY2aNUqUWUsp3v2LfcNCm7Md-IH4 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.18.12.45 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash c8b017a1516c3d7fe834aa77530a333dda8fefbdad5f2c29a6d73deb32c1fec4 Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer https://xosoketqua.com/ Accept-Encoding identity;q=1, *;q=0 accept-language ka-GE,ka;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Range bytes=0- Response headers date Wed, 03 May 2023 01:48:54 GMT x-content-type-options nosniff cf-cache-status HIT age 45157 Content-Range bytes 0-418166/418167 server-timing cld-fastly;mitm=cpo;dur=38;cpu=1;start=2023-05-02T12:47:43.078Z;desc=miss,rtt;dur=0,cloudinary;dur=36;start=2023-05-02T12:47:43.078Z alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 Content-Length 418167 last-modified Tue, 02 May 2023 12:47:41 GMT server cloudflare etag "1b6753d0880e65951d546d3e4a417d59" vary Accept-Encoding content-type video/mp4;codecs=avc1 access-control-allow-origin * access-control-expose-headers Content-Length,ETag,Server-Timing,X-Content-Type-Options cache-control public, max-age=31536000, no-transform, immutable timing-allow-origin * x-robots-tag noindex cf-ray 7c14d826fc289bf5-FRA
GET H2	200	i.js Show response cm.mgid.com/	2 KB 1 KB	237ms 228ms	Script application/javascript	104.19.135.78 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cm.mgid.com/i.js?&cbuster=1683078533910895418959 Requested by Host: jsc.mgid.com URL: https://jsc.mgid.com/x/o/xosoketqua.com.1343895.es6.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.19.135.78 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash fb37a73aeb581ebf4397997137624c6cabc9aede8fd86fa925f2196e7a7d6a92 Request headers accept-language ka-GE,ka;q=0.9 Referer https://xosoketqua.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Wed, 03 May 2023 01:48:54 GMT content-encoding br cf-cache-status DYNAMIC server cloudflare vary Accept-Encoding content-type application/javascript cache-control no-store, no-cache, must-revalidate, max-age=0 cf-ray 7c14d8255c7530ca-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET H2	204	i-noref.js Show response cm.mgid.com/ Frame AAAA	0 35 B	228ms 228ms	Script text/plain	104.19.135.78 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cm.mgid.com/i-noref.js?cbuster=1683078533922476423556 Requested by Host: jsc.mgid.com URL: https://jsc.mgid.com/x/o/xosoketqua.com.1343895.es6.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.19.135.78 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language ka-GE,ka;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Wed, 03 May 2023 01:48:54 GMT cache-control no-store, no-cache, must-revalidate, max-age=0 cf-cache-status DYNAMIC server cloudflare cf-ray 7c14d8256c7730ca-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET H2	200	id5-api.js Show response cdn.id5-sync.com/api/1.0/	58 KB 17 KB	413ms 140ms	Script text/javascript	104.22.53.86 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.id5-sync.com/api/1.0/id5-api.js Requested by Host: jsc.mgid.com URL: https://jsc.mgid.com/x/o/xosoketqua.com.1343895.es6.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.22.53.86 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 0325b6c9e68ae3f6ec25f6817b4daef364bd99c2ff5f04588fd6f956bf983b97 Security Headers Name Value Strict-Transport-Security max-age=15552000; includeSubDomains; preload Request headers accept-language ka-GE,ka;q=0.9 Referer https://xosoketqua.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Wed, 03 May 2023 01:48:54 GMT strict-transport-security max-age=15552000; includeSubDomains; preload content-encoding gzip cf-cache-status HIT last-modified Thu, 06 Apr 2023 12:00:04 GMT server cloudflare x-amz-request-id 8HGAAJ5SPG01V3HV age 1448 etag W/"b58faeda0c1d193bc50dd25a7640d8ba" x-amz-server-side-encryption AES256 vary Accept-Encoding content-type text/javascript;charset=utf-8 cache-control public, max-age=3600 cf-ray 7c14d8271a31bba9-FRA x-amz-id-2 f161amAWddzOEKqFyIw1z52Y5MNS/KtI81MQGyxgUMhTiDS4PahByU0RD15HxgWIBN24MAWKZrTTCx8w+NnXNA==
GET H2	200	pwt.js Show response ads.pubmatic.com/AdServer/js/pwt/161673/7165/	207 KB 63 KB	424ms 132ms	Script application/javascript	23.35.236.201 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://ads.pubmatic.com/AdServer/js/pwt/161673/7165/pwt.js Requested by Host: jsc.mgid.com URL: https://jsc.mgid.com/x/o/xosoketqua.com.1343895.es6.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a23-35-236-201.deploy.static.akamaitechnologies.com Software Apache / Resource Hash a9f959272120a8fe9fc940b8df6a07a9e6c79d9b72773d62878e82fcd1c51951 Request headers accept-language ka-GE,ka;q=0.9 Referer https://xosoketqua.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Wed, 03 May 2023 01:48:54 GMT content-encoding gzip last-modified Sat, 29 Apr 2023 00:55:21 GMT server Apache vary Accept-Encoding content-type application/javascript p3p CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC" cache-control max-age=135173 accept-ranges bytes content-length 63913 expires Thu, 04 May 2023 15:21:47 GMT
GET H2	200	usync.html Show response eus.rubiconproject.com/ Frame 9153 Redirect Chain https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=mgid&endpoint=us-west&gdpr=0&gdpr_consent=&us_privacy= https://eus.rubiconproject.com/usync.html?p=mgid&endpoint=us-west&gdpr=0&gdpr_consent=&us_privacy=	281 B 410 B	156ms 130ms	Document text/html	23.56.202.187 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://eus.rubiconproject.com/usync.html?p=mgid&endpoint=us-west&gdpr=0&gdpr_consent=&us_privacy= Requested by Host: cm.mgid.com URL: https://cm.mgid.com/i.js?&cbuster=1683078533910895418959 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 23.56.202.187 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a23-56-202-187.deploy.static.akamaitechnologies.com Software Apache/2.2.15 (CentOS) / Resource Hash 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390 Request headers Referer https://xosoketqua.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 accept-language ka-GE,ka;q=0.9 Response headers accept-ranges bytes content-encoding gzip content-length 233 content-type text/html; charset=UTF-8 date Wed, 03 May 2023 01:48:54 GMT etag "40010-119-5ec73a0a33d00" last-modified Wed, 02 Nov 2022 02:30:44 GMT server Apache/2.2.15 (CentOS) vary Accept-Encoding Redirect headers access-control-allow-credentials true access-control-allow-origin * content-length 0 date Wed, 03 May 2023 01:48:54 GMT location https://eus.rubiconproject.com/usync.html?p=mgid&endpoint=us-west&gdpr=0&gdpr_consent=&us_privacy= server AkamaiGHost
GET H2	204	Bidswitch s.seedtag.com/cs/cookiesync/ Redirect Chain https://x.bidswitch.net/sync?dsp_id=303&user_id=n42RJjT55xMi&gdpr=0&gdpr_consent=&us_privacy= https://x.bidswitch.net/ul_cb/sync?dsp_id=303&user_id=n42RJjT55xMi&gdpr=0&gdpr_consent=&us_privacy= https://s.seedtag.com/cs/cookiesync/Bidswitch?channeluid=5d57efbe-f3af-4bad-9923-5fb021a9a7c9	0 554 B	413ms 140ms	Image text/plain	34.149.50.64 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://s.seedtag.com/cs/cookiesync/Bidswitch?channeluid=5d57efbe-f3af-4bad-9923-5fb021a9a7c9 Protocol H2 Server 34.149.50.64 Kansas City, United States, ASN15169 (GOOGLE, US), Reverse DNS 64.50.149.34.bc.googleusercontent.com Software openresty / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language ka-GE,ka;q=0.9 Referer https://xosoketqua.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Wed, 03 May 2023 01:48:55 GMT via 1.1 google access-control-allow-credentials true server openresty access-control-allow-headers DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 access-control-allow-methods GET, POST, OPTIONS, DELETE, PUT, HEAD Redirect headers location //s.seedtag.com/cs/cookiesync/Bidswitch?channeluid=5d57efbe-f3af-4bad-9923-5fb021a9a7c9 date Wed, 03 May 2023 01:48:54 GMT cache-control no-cache, no-store, must-revalidate content-length 0
GET H2	200	check pixel.tapad.com/idsync/ex/receive/ Redirect Chain https://pixel.tapad.com/idsync/ex/receive?partner_id=3411&partner_device_id=n42RJjT55xMi https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3411&partner_device_id=n42RJjT55xMi	95 B 438 B	142ms 141ms	Image image/png	34.111.113.62 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Show image Full URL https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3411&partner_device_id=n42RJjT55xMi Protocol H2 Server 34.111.113.62 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 62.113.111.34.bc.googleusercontent.com Software / Resource Hash 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers accept-language ka-GE,ka;q=0.9 Referer https://xosoketqua.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Wed, 03 May 2023 01:48:54 GMT strict-transport-security max-age=31536000 via 1.1 google accept-ch Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64 content-type image/png access-control-allow-origin * p3p policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 95 Redirect headers date Wed, 03 May 2023 01:48:54 GMT strict-transport-security max-age=31536000 via 1.1 google accept-ch Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64 p3p policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" access-control-allow-origin * location https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3411&partner_device_id=n42RJjT55xMi alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0
GET H3	200	m cm.mgid.com/ Redirect Chain https://x.bidswitch.net/sync?ssp=mgid https://x.bidswitch.net/ul_cb/sync?ssp=mgid https://sonata-notifications.taptapnetworks.com/web/cookie/bidswitch/sync?bidswitch_ssp_id=mgid&bsw_custom_parameter=a38838f6-68bc-4f2f-84d5-cda9b7155651&gdpr=&gdpr_consent=&gdpr_pd= https://x.bidswitch.net/sync?dsp_id=413&ssp=mgid&user_id=csonata_a0d69bac-e023-4af4-a0fc-5becf2c5179d&bsw_param=a38838f6-68bc-4f2f-84d5-cda9b7155651&expires=10&gdpr=&gdpr_consent=&gdpr_pd= https://cm.mgid.com/m?cdsp=433145&c=5d57efbe-f3af-4bad-9923-5fb021a9a7c9&gdpr=&consentData=&uspString=	43 B 399 B	227ms 227ms	Image image/gif	104.19.135.78 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://cm.mgid.com/m?cdsp=433145&c=5d57efbe-f3af-4bad-9923-5fb021a9a7c9&gdpr=&consentData=&uspString= Protocol H3 Server 104.19.135.78 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22 Request headers accept-language ka-GE,ka;q=0.9 Referer https://xosoketqua.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Wed, 03 May 2023 01:48:55 GMT cf-cache-status DYNAMIC server cloudflare content-type image/gif cache-control no-store, no-cache, must-revalidate, max-age=0 cf-ray 7c14d82d7ee003b8-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 43 Redirect headers location //cm.mgid.com/m?cdsp=433145&c=5d57efbe-f3af-4bad-9923-5fb021a9a7c9&gdpr=&consentData=&uspString= date Wed, 03 May 2023 01:48:55 GMT cache-control no-cache, no-store, must-revalidate content-length 0
GET H3	200	m cm.mgid.com/ Redirect Chain https://ad.360yield.com/server_match?partner_id=1944&r=https%3A%2F%2Fcm.mgid.com%2Fm%3Fcdsp%3D665953%26c%3D%7BPUB_USER_ID%7D https://ad.360yield.com/ul_cb/server_match?partner_id=1944&r=https%3A%2F%2Fcm.mgid.com%2Fm%3Fcdsp%3D665953%26c%3D%7BPUB_USER_ID%7D https://cm.mgid.com/m?cdsp=665953&c=66fc6a8f-11f1-4150-86ce-70ab1e12358c	43 B 383 B	228ms 228ms	Image image/gif	104.19.135.78 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://cm.mgid.com/m?cdsp=665953&c=66fc6a8f-11f1-4150-86ce-70ab1e12358c Protocol H3 Server 104.19.135.78 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22 Request headers accept-language ka-GE,ka;q=0.9 Referer https://xosoketqua.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Wed, 03 May 2023 01:48:54 GMT cf-cache-status DYNAMIC server cloudflare content-type image/gif cache-control no-store, no-cache, must-revalidate, max-age=0 cf-ray 7c14d82aed8d03b8-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 43 Redirect headers location https://cm.mgid.com/m?cdsp=665953&c=66fc6a8f-11f1-4150-86ce-70ab1e12358c access-control-allow-origin * date Wed, 03 May 2023 01:48:54 GMT content-type text/plain content-length 0 p3p CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
GET H3	200	m cm.mgid.com/ Redirect Chain https://match.adsrvr.org/track/cmf/generic?ttd_pid=omn67hl&ttd_tpi=1 https://match.adsrvr.org/track/cmb/generic?ttd_pid=omn67hl&ttd_tpi=1 https://cm.mgid.com/m?cdsp=371158&c=e4923591-235a-48bd-ab9c-4d402d6574e8&ttl=1685670534	43 B 399 B	232ms 231ms	Image image/gif	104.19.135.78 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://cm.mgid.com/m?cdsp=371158&c=e4923591-235a-48bd-ab9c-4d402d6574e8&ttl=1685670534 Protocol H3 Server 104.19.135.78 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22 Request headers accept-language ka-GE,ka;q=0.9 Referer https://xosoketqua.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Wed, 03 May 2023 01:48:55 GMT cf-cache-status DYNAMIC server cloudflare content-type image/gif cache-control no-store, no-cache, must-revalidate, max-age=0 cf-ray 7c14d82c7e5c03b8-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 43 Redirect headers pragma no-cache date Wed, 03 May 2023 01:48:54 GMT x-aspnet-version 4.0.30319 p3p CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV" location https://cm.mgid.com/m?cdsp=371158&c=e4923591-235a-48bd-ab9c-4d402d6574e8&ttl=1685670534 content-type text/html cache-control private,no-cache, must-revalidate content-length 205
GET H3	200	google cm.mgid.com/ Redirect Chain https://cm.g.doubleclick.net/pixel?google_nid=marketgid&google_cm=&google_ula={guid}&google_hm=bjQyUkpqVDU1eE1p&muidn=n42RJjT55xMi https://cm.g.doubleclick.net/pixel?google_nid=marketgid&google_cm=&google_ula={guid}&google_hm=bjQyUkpqVDU1eE1p&muidn=n42RJjT55xMi&google_tc= https://cm.mgid.com/google?muidn=n42RJjT55xMi&google_ula={guid},5&google_gid=CAESELepJwUgFuD5TCRLbVyEGo0&google_cver=1	0 121 B	229ms 228ms	Image text/plain	104.19.135.78 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://cm.mgid.com/google?muidn=n42RJjT55xMi&google_ula={guid},5&google_gid=CAESELepJwUgFuD5TCRLbVyEGo0&google_cver=1 Protocol H3 Server 104.19.135.78 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language ka-GE,ka;q=0.9 Referer https://xosoketqua.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Wed, 03 May 2023 01:48:54 GMT cf-cache-status DYNAMIC server cloudflare cf-ray 7c14d82a0d2c03b8-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 0 content-type text/plain Redirect headers pragma no-cache date Wed, 03 May 2023 01:48:54 GMT server HTTP server (unknown) content-type text/html; charset=UTF-8 location https://cm.mgid.com/google?muidn=n42RJjT55xMi&google_ula={guid},5&google_gid=CAESELepJwUgFuD5TCRLbVyEGo0&google_cver=1 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 327 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	m cm.mgid.com/ Redirect Chain https://creativecdn.com/cm-notify?pi=mgid https://creativecdn.com/cm-notify?pi=mgid&tc=1 https://cm.mgid.com/m?cdsp=501037&c=5SUeTNYBCsafkxaFH3Yq&pi=mgid&tc=1	43 B 383 B	227ms 227ms	Image image/gif	104.19.135.78 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://cm.mgid.com/m?cdsp=501037&c=5SUeTNYBCsafkxaFH3Yq&pi=mgid&tc=1 Protocol H3 Server 104.19.135.78 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22 Request headers accept-language ka-GE,ka;q=0.9 Referer https://xosoketqua.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Wed, 03 May 2023 01:48:55 GMT cf-cache-status DYNAMIC server cloudflare content-type image/gif cache-control no-store, no-cache, must-revalidate, max-age=0 cf-ray 7c14d82bee0b03b8-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 43 Redirect headers location https://cm.mgid.com/m?cdsp=501037&c=5SUeTNYBCsafkxaFH3Yq&pi=mgid&tc=1 pragma no-cache date Wed, 03 May 2023 01:48:54 GMT, Wed, 03 May 2023 01:48:54 GMT cache-control no-cache, no-store, must-revalidate, private, max-age=0 content-length 0 expires Thu, 01 Jan 1970 00:00:00 GMT
GET H2	200	/ cm.idealmedia.io/setmuidn/	0 143 B	417ms 145ms	Image image/gif	104.17.107.41 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://cm.idealmedia.io/setmuidn/?muidf=n42RJjT55xMi Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.17.107.41 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language ka-GE,ka;q=0.9 Referer https://xosoketqua.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Wed, 03 May 2023 01:48:54 GMT cf-cache-status DYNAMIC server cloudflare cf-ray 7c14d82a2e6b19b1-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 0 content-type image/gif
GET H2	200	mgid cm.rtbsystem.com/	0 664 B	428ms 151ms	Image text/plain	188.114.96.3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://cm.rtbsystem.com/mgid?c=n42RJjT55xMi&gdpr=0&gdpr_consent=&us_privacy= Protocol H2 Security TLS 1.3, , AES_128_GCM Server 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language ka-GE,ka;q=0.9 Referer https://xosoketqua.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Wed, 03 May 2023 01:48:54 GMT content-encoding br cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0gAah0xK08zVQoUMrYlUY0SEDMJ79Z1QBhd6WgKnMQUJIXnzyV6kxgf95zAwlvSL22EzUdWb0gv5xg%2Buk%2FlGANZFmTKfoFf7n7Eyk3mYzvHNL3LTVaSqu%2BOzlWQ0PCkPOlhK"}],"group":"cf-nel","max_age":604800} content-type text/plain cf-ray 7c14d82aca401d9c-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET H3	200	m cm.mgid.com/ Redirect Chain https://image8.pubmatic.com/AdServer/ImgSync?p=161673&gdpr=0&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D161673%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fcm.m... https://image8.pubmatic.com/AdServer/ImgSync?p=161673&gdpr=0&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D161673%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fcm.m... https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=OENFRTAyNkEtRUE2OS00REVGLTg3OUUtM0JGMTA4QTVCNTE3&gdpr=0&gdpr_consent= https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent= https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent= https://image4.pubmatic.com/AdServer/SPug?gdpr=0&partnerID=161673&pmc=1&pr=https%3A%2F%2Fcm.mgid.com%2Fm%3Fcdsp%3D712807%26c%3D8CEE026A-EA69-4DEF-879E-3BF108A5B517 https://cm.mgid.com/m?cdsp=712807&c=8CEE026A-EA69-4DEF-879E-3BF108A5B517	43 B 415 B	315ms 314ms	Image image/gif	104.19.135.78 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://cm.mgid.com/m?cdsp=712807&c=8CEE026A-EA69-4DEF-879E-3BF108A5B517 Protocol H3 Server 104.19.135.78 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22 Request headers accept-language ka-GE,ka;q=0.9 Referer https://xosoketqua.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Wed, 03 May 2023 01:48:56 GMT cf-cache-status DYNAMIC server cloudflare content-type image/gif cache-control no-store, no-cache, must-revalidate, max-age=0 cf-ray 7c14d834eb1d03b8-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 43 Redirect headers location https://cm.mgid.com/m?cdsp=712807&c=8CEE026A-EA69-4DEF-879E-3BF108A5B517 date Wed, 03 May 2023 01:48:56 GMT cache-control no-store, no-cache, private server nginx p3p CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
GET H/1.1	200 OK	sync.php pixel.rubiconproject.com/exchange/ Redirect Chain https://sync.e-volution.ai/34b9aae5baa016b251b9fc488f4a97cd.gif?puid=n42RJjT55xMi&gdpr=0&gdpr_consent=&ccpa_consent= https://ssbsync.smartadserver.com/api/sync?callerId=24&gdpr=0&gdpr_consent=&us_privacy= https://sync.e-volution.ai/a02d62607dea0c97e41ff36ebd422945.gif?puid=6131526193033489599&gdpr=0&gdpr_consent= https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-pashadv&gdpr=0&gdpr_consent=&us_privacy=	42 B 688 B	513ms 128ms	Image image/gif	69.173.144.165 RUBICONPROJECT
General Check archive.org Show headers Download Go to Show image Full URL https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-pashadv&gdpr=0&gdpr_consent=&us_privacy= Protocol HTTP/1.1 Server 69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US), Reverse DNS Software / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Request headers accept-language ka-GE,ka;q=0.9 Referer https://xosoketqua.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Content-Type image/gif Pragma no-cache Expires 0 Cache-Control no-cache,no-store,must-revalidate content-length 42 X-RPHost 37b22a0c36bd84993dd2cda4a5e04b1d P3P CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT" Redirect headers Pragma no-cache Date Wed, 03 May 2023 01:48:55 GMT Server nginx Transfer-Encoding chunked Location https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-pashadv&gdpr=0&gdpr_consent=&us_privacy= Cache-Control no-cache, no-store, must-revalidate Connection keep-alive Expires 0
GET H2	200	ImgSync image8.pubmatic.com/AdServer/ Redirect Chain https://prebid.a-mo.net/cchain/0?gdpr=0&gdpr_consent=&us_privacy=&cb=https%3A//cm.mgid.com/m%3Fcdsp%3D779131%26c%3D https://image8.pubmatic.com/AdServer/ImgSync?p=158355&gdpr=1&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D158355%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fprebid.a-mo....	0 39 B	136ms 135ms	Image text/plain	198.47.127.18 AS-PUBMATIC
General Check archive.org Show headers Download Go to Show image Full URL https://image8.pubmatic.com/AdServer/ImgSync?p=158355&gdpr=1&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D158355%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fprebid.a-mo.net%252Fcchain%252F0%252F393%253Fgdpr%253D0%2526gdpr_consent%253D%2526us_privacy%253D%2526A%253Da4c7febd-4218-45ab-be7b-5ee90b65c318%2526bidder%253Dpubmatic%2526cbx%253DaHR0cHM6Ly9jbS5tZ2lkLmNvbS9tP2Nkc3A9Nzc5MTMxJmM9%2526uid%253D%2523PMUID Protocol H2 Server 198.47.127.18 , United States, ASN62713 (AS-PUBMATIC, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language ka-GE,ka;q=0.9 Referer https://xosoketqua.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Wed, 03 May 2023 01:48:53 GMT content-length 0 Redirect headers location https://image8.pubmatic.com/AdServer/ImgSync?p=158355&gdpr=1&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D158355%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fprebid.a-mo.net%252Fcchain%252F0%252F393%253Fgdpr%253D0%2526gdpr_consent%253D%2526us_privacy%253D%2526A%253Da4c7febd-4218-45ab-be7b-5ee90b65c318%2526bidder%253Dpubmatic%2526cbx%253DaHR0cHM6Ly9jbS5tZ2lkLmNvbS9tP2Nkc3A9Nzc5MTMxJmM9%2526uid%253D%2523PMUID date Wed, 03 May 2023 01:48:54 GMT cache-control max-age=0, private, must-revalidate x-envoy-upstream-service-time 1 server envoy content-length 0
GET H2	200	cookie.js Show response partner.googleadservices.com/gampad/	395 B 605 B	409ms 139ms	Script text/javascript	142.250.185.226 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://partner.googleadservices.com/gampad/cookie.js?domain=xosoketqua.com&callback=_gfp_s_&client=ca-pub-5071155005901453 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202304270101/show_ads_impl_fy2021.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.185.226 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s53-in-f2.1e100.net Software cafe / Resource Hash 9aefcf03ea1104ad31af645b34afd0a4104b3e2273b88946bf71cb4268bf15aa Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language ka-GE,ka;q=0.9 Referer https://xosoketqua.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Wed, 03 May 2023 01:48:55 GMT content-encoding gzip x-content-type-options nosniff server cafe p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" content-type text/javascript; charset=UTF-8 cache-control private cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 253 x-xss-protection 0
GET H2	200	integrator.js Show response adservice.google.ge/adsid/	107 B 531 B	415ms 136ms	Script application/javascript	142.250.186.34 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://adservice.google.ge/adsid/integrator.js?domain=xosoketqua.com Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202304270101/show_ads_impl_fy2021.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.186.34 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s04-in-f2.1e100.net Software cafe / Resource Hash a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language ka-GE,ka;q=0.9 Referer https://xosoketqua.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Wed, 03 May 2023 01:48:54 GMT content-encoding gzip x-content-type-options nosniff server cafe content-type application/javascript; charset=UTF-8 p3p CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info." cache-control private, no-cache, no-store cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" timing-allow-origin * alt-svc h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 100 x-xss-protection 0
GET H2	200	integrator.js Show response adservice.google.com/adsid/	107 B 456 B	424ms 142ms	Script application/javascript	142.250.186.130 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://adservice.google.com/adsid/integrator.js?domain=xosoketqua.com Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202304270101/show_ads_impl_fy2021.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.186.130 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s07-in-f2.1e100.net Software cafe / Resource Hash a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language ka-GE,ka;q=0.9 Referer https://xosoketqua.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Wed, 03 May 2023 01:48:54 GMT content-encoding gzip x-content-type-options nosniff server cafe content-type application/javascript; charset=UTF-8 p3p CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info." cache-control private, no-cache, no-store cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 100 x-xss-protection 0
GET H2	200	ads Show response googleads.g.doubleclick.net/pagead/ Frame EE8D	436 B 700 B	285ms 285ms	Document text/html	142.250.185.66 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5071155005901453&output=html&h=100&slotname=1553820594&adk=1542220757&adf=1426257581&pi=t.ma~as.1553820594&w=848&fwrn=4&fwrnh=100&lmt=1683078528&rafmt=12&format=848x100&url=https%3A%2F%2Fxosoketqua.com%2F&fwr=0&fwrattr=true&rh=100&rw=848&sfro=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1683078533448&bpp=2&bdt=4421&idt=724&shv=r20230501&mjsv=m202304270101&ptt=9&saldr=aa&abxe=1&correlator=1334425838418&frm=20&pv=2&ga_vid=1056347546.1683078534&ga_sid=1683078534&ga_hid=967616629&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=523&ady=10&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44773810%2C44759875%2C44759926%2C44759837%2C31073763%2C44788442%2C44789761%2C44789924&oid=2&pvsid=2023244841896367&tmod=904004520&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CloEe%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=3vc4UmlXoV&p=https%3A//xosoketqua.com&dtd=738 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202304270101/show_ads_impl_fy2021.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.185.66 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s48-in-f2.1e100.net Software cafe / Resource Hash ec6f7b0fa1378887d22e84580eb8b13b7bc577c833529a43296cedc0ec47190d Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://xosoketqua.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 accept-language ka-GE,ka;q=0.9 Response headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control private content-encoding br content-length 212 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Wed, 03 May 2023 01:48:54 GMT expires Wed, 03 May 2023 01:48:54 GMT p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" server cafe timing-allow-origin * x-content-type-options nosniff x-xss-protection 0
GET H2	200	sodar Show response pagead2.googlesyndication.com/getconfig/	14 KB 11 KB	151ms 150ms	XHR application/json	142.250.184.194 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230501&st=env Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202304270101/show_ads_impl_fy2021.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.184.194 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s11-in-f2.1e100.net Software cafe / Resource Hash b372f4a7e9332710cf7892c7561460b267617242e304b98ed22ca3bcf2c707cc Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language ka-GE,ka;q=0.9 Referer https://xosoketqua.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Wed, 03 May 2023 01:48:54 GMT content-encoding br x-content-type-options nosniff server cafe content-type application/json; charset=UTF-8 access-control-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 11135 x-xss-protection 0
GET H2	200	sodar2.js Show response tpc.googlesyndication.com/sodar/	17 KB 7 KB	412ms 140ms	Script text/javascript	142.250.181.225 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/sodar2.js Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202304270101/show_ads_impl_fy2021.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.181.225 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s56-in-f1.1e100.net Software sffe / Resource Hash 61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language ka-GE,ka;q=0.9 Referer https://xosoketqua.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Wed, 03 May 2023 01:48:55 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 6386 x-xss-protection 0 server sffe cross-origin-opener-policy same-origin; report-to="adspam-signals-scs" etag "1637097310169751" vary Accept-Encoding report-to {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]} content-type text/javascript cache-control private, max-age=3000 accept-ranges bytes expires Wed, 03 May 2023 01:48:55 GMT
GET H/1.1	200	v1 Show response lb.eu-1-id5-sync.com/lb/	33 B 401 B	414ms 135ms	XHR application/json	141.95.33.111 OVH
General Check archive.org Show headers Download Go to Full URL https://lb.eu-1-id5-sync.com/lb/v1 Requested by Host: cdn.id5-sync.com URL: https://cdn.id5-sync.com/api/1.0/id5-api.js Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 141.95.33.111 , Germany, ASN16276 (OVH, FR), Reverse DNS ns3203177.ip-141-95-33.eu Software / Resource Hash 821992619c021201e8b3662c42cf48a7d5a55b2bdea8aeb38e585c3525bece6f Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubDomains; preload Request headers Referer https://xosoketqua.com/ accept-language ka-GE,ka;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Content-Type text/plain Response headers access-control-allow-origin https://xosoketqua.com date Wed, 03 May 2023 01:48:54 GMT strict-transport-security max-age=63072000; includeSubDomains; preload vary Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin transfer-encoding chunked content-type application/json;charset=UTF-8
GET H2	200	usync.js Show response eus.rubiconproject.com/ Frame 9153	34 KB 10 KB	130ms 130ms	Script text/html	23.56.202.187 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://eus.rubiconproject.com/usync.js Requested by Host: eus.rubiconproject.com URL: https://eus.rubiconproject.com/usync.html?p=mgid&endpoint=us-west&gdpr=0&gdpr_consent=&us_privacy= Protocol H2 Security TLS 1.3, , AES_256_GCM Server 23.56.202.187 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a23-56-202-187.deploy.static.akamaitechnologies.com Software Apache/2.2.15 (CentOS) / PHP/5.3.3 Resource Hash 0e2d482993dd399983889ab51ce7738600995549dd5bdad5694d9f289feee4d1 Request headers accept-language ka-GE,ka;q=0.9 Referer https://eus.rubiconproject.com/usync.html?p=mgid&endpoint=us-west&gdpr=0&gdpr_consent=&us_privacy= User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Wed, 03 May 2023 01:48:54 GMT content-encoding gzip last-modified Tue, 02 May 2023 05:20:10 GMT server Apache/2.2.15 (CentOS) x-powered-by PHP/5.3.3 vary Accept-Encoding content-type text/html; charset=UTF-8 p3p CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT" cache-control max-age=12633 content-length 10017 expires Wed, 03 May 2023 05:19:27 GMT
POST H/1.1	200	231.json Show response id5-sync.com/g/v2/	572 B 1 KB	419ms 137ms	XHR application/json	162.19.138.118 OVH
General Check archive.org Show headers Download Go to Full URL https://id5-sync.com/g/v2/231.json Requested by Host: cdn.id5-sync.com URL: https://cdn.id5-sync.com/api/1.0/id5-api.js Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 162.19.138.118 , France, ASN16276 (OVH, FR), Reverse DNS ns31533569.ip-162-19-138.eu Software / Resource Hash 8ab4e369e577d47899aabccef0a35433ad82720c0b7d8ded9cb50ec78a8fbbcd Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubDomains; preload Request headers Referer https://xosoketqua.com/ accept-language ka-GE,ka;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Content-Type text/plain Response headers date Wed, 03 May 2023 01:48:54 GMT strict-transport-security max-age=63072000; includeSubDomains; preload vary Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin transfer-encoding chunked content-type application/json;charset=UTF-8 access-control-allow-origin https://xosoketqua.com p3p CP="CAO PSA OUR" access-control-allow-credentials true
GET H/1.1	200 OK	khaos.jpg token.rubiconproject.com/ Frame 9153	284 B 931 B	539ms 130ms	Image image/jpg	69.173.144.138 RUBICONPROJECT
General Check archive.org Show headers Download Go to Show image Full URL https://token.rubiconproject.com/khaos.jpg?gdpr=0 Requested by Host: eus.rubiconproject.com URL: https://eus.rubiconproject.com/usync.html?p=mgid&endpoint=us-west&gdpr=0&gdpr_consent=&us_privacy= Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_CBC Server 69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US), Reverse DNS Software / Resource Hash 492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032 Request headers accept-language ka-GE,ka;q=0.9 Referer https://eus.rubiconproject.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Content-Type image/jpg Pragma no-cache Expires 0 Cache-Control no-cache,no-store,must-revalidate content-length 284 X-RPHost 66ef90d06496cfd000aab8206f2b6221 P3P CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
GET H2	200	runner.html Show response tpc.googlesyndication.com/sodar/sodar2/225/ Frame AEC6	13 KB 5 KB	133ms 132ms	Document text/html	142.250.181.225 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/sodar2.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.181.225 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s56-in-f1.1e100.net Software sffe / Resource Hash 55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://xosoketqua.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 accept-language ka-GE,ka;q=0.9 Response headers accept-ranges bytes age 18191 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control public, max-age=31536000 content-encoding gzip content-length 5046 content-type text/html cross-origin-opener-policy same-origin; report-to="adspam-signals-scs" cross-origin-resource-policy cross-origin date Tue, 02 May 2023 20:45:44 GMT expires Wed, 01 May 2024 20:45:44 GMT last-modified Mon, 21 Jun 2021 20:47:05 GMT report-to {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]} server sffe vary Accept-Encoding x-content-type-options nosniff x-xss-protection 0
GET H2	200	aframe Show response www.google.com/recaptcha/api2/ Frame CD91	783 B 1 KB	403ms 139ms	Document text/html	142.250.186.132 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google.com/recaptcha/api2/aframe Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/sodar2.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.186.132 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s07-in-f4.1e100.net Software GSE / Resource Hash 18ba2d814f763144fae94b104622f982620e36745ee03b4fc2bc84a9e6b18342 Security Headers Name Value Content-Security-Policy script-src 'report-sample' 'nonce-cYe2g9ha41wjRrFBurMjQw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1 X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Referer https://xosoketqua.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 accept-language ka-GE,ka;q=0.9 Response headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control private, max-age=300 content-encoding gzip content-length 512 content-security-policy script-src 'report-sample' 'nonce-cYe2g9ha41wjRrFBurMjQw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1 content-type text/html; charset=utf-8 cross-origin-embedder-policy require-corp cross-origin-resource-policy cross-origin date Wed, 03 May 2023 01:48:55 GMT expires Wed, 03 May 2023 01:48:55 GMT report-to {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} server GSE x-content-type-options nosniff x-xss-protection 1; mode=block
GET H3	200	m cm.mgid.com/ Frame 9153 Redirect Chain https://pixel-us-west.rubiconproject.com/exchange/sync.php?p=mgid&gdpr=0&gdpr_consent=&us_privacy=&gdpr=0&khaos=LH71I5DE-J-4C4M https://cm.mgid.com/m?cdsp=43070&c=LH71I5DE-J-4C4M&gdpr=0	43 B 414 B	232ms 231ms	Image image/gif	104.19.135.78 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://cm.mgid.com/m?cdsp=43070&c=LH71I5DE-J-4C4M&gdpr=0 Requested by Host: eus.rubiconproject.com URL: https://eus.rubiconproject.com/usync.html?p=mgid&endpoint=us-west&gdpr=0&gdpr_consent=&us_privacy= Protocol H3 Server 104.19.135.78 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22 Request headers accept-language ka-GE,ka;q=0.9 Referer https://eus.rubiconproject.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Wed, 03 May 2023 01:48:56 GMT cf-cache-status DYNAMIC server cloudflare content-type image/gif cache-control no-store, no-cache, must-revalidate, max-age=0 cf-ray 7c14d835cb9303b8-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 43 Redirect headers Pragma no-cache P3P CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT" Content-Type text/html Location https://cm.mgid.com/m?cdsp=43070&c=LH71I5DE-J-4C4M&gdpr=0 Cache-Control no-cache,no-store,must-revalidate content-length 0 X-RPHost aba11f721e895214779358f14e5b2a27 Expires 0
GET H3	200	iqN7G0kUPx8PWUajTIMtWnwdoeK-Ko9ikyLGaxPxkck.js Show response pagead2.googlesyndication.com/bg/ Frame AEC6	37 KB 14 KB	131ms 131ms	Script text/javascript	142.250.184.194 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/bg/iqN7G0kUPx8PWUajTIMtWnwdoeK-Ko9ikyLGaxPxkck.js Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.184.194 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s11-in-f2.1e100.net Software sffe / Resource Hash 8aa37b1b49143f1f0f5946a34c832d5a7c1da1e2be2a8f629322c66b13f191c9 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language ka-GE,ka;q=0.9 Referer https://tpc.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Thu, 27 Apr 2023 12:53:22 GMT content-encoding br x-content-type-options nosniff age 478533 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 14636 x-xss-protection 0 last-modified Tue, 25 Apr 2023 16:38:00 GMT server sffe cross-origin-opener-policy same-origin; report-to="botguard-scs" vary Accept-Encoding report-to {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes expires Fri, 26 Apr 2024 12:53:22 GMT
GET H2	200	setuid px.ads.linkedin.com/ Frame 9153 Redirect Chain https://token.rubiconproject.com/token?pid=36584&gdpr=0 https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LH71I5DE-J-4C4M&gdpr=0	0 515 B	548ms 278ms	Image text/plain	13.107.42.14 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Show image Full URL https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LH71I5DE-J-4C4M&gdpr=0 Requested by Host: eus.rubiconproject.com URL: https://eus.rubiconproject.com/usync.html?p=mgid&endpoint=us-west&gdpr=0&gdpr_consent=&us_privacy= Protocol H2 Server 13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language ka-GE,ka;q=0.9 Referer https://eus.rubiconproject.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Wed, 03 May 2023 01:48:55 GMT x-li-pop afd-prod-ltx1-x x-msedge-ref Ref A: 7D4D8C564D5E42C3A1D6A017F99585D9 Ref B: VIEEDGE3409 Ref C: 2023-05-03T01:48:55Z linkedin-action 1 x-cache CONFIG_NOCACHE x-li-fabric prod-ltx1 x-li-proto http/2 content-length 0 x-li-uuid AAX6wEJFchYOnNKeQklQsQ== Redirect headers Location https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LH71I5DE-J-4C4M&gdpr=0 Pragma no-cache Expires 0 Cache-Control no-cache,no-store,must-revalidate content-length 0 X-RPHost 66ef90d06496cfd000aab8206f2b6221 P3P CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
GET H/1.1	200 OK	ecm3 s.amazon-adsystem.com/ Frame 9153 Redirect Chain https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&gdpr=0 https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&gdpr=0&dcc=t https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=UDAj3zeETo2mh4cEfaHAHw&rk=usync-na&gdpr=0 https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=UDAj3zeETo2mh4cEfaHAHw&gdpr=0	43 B 479 B	224ms 224ms	Image image/gif	52.46.128.147 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=UDAj3zeETo2mh4cEfaHAHw&gdpr=0 Requested by Host: eus.rubiconproject.com URL: https://eus.rubiconproject.com/usync.html?p=mgid&endpoint=us-west&gdpr=0&gdpr_consent=&us_privacy= Protocol HTTP/1.1 Server 52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US), Reverse DNS Software Server / Resource Hash c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e Security Headers Name Value Strict-Transport-Security max-age=47474747; includeSubDomains; preload Request headers accept-language ka-GE,ka;q=0.9 Referer https://eus.rubiconproject.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Pragma no-cache Date Wed, 03 May 2023 01:48:56 GMT Strict-Transport-Security max-age=47474747; includeSubDomains; preload Server Server x-amz-rid WETEBD2ZCVF9NPZVV6GQ Vary Content-Type,Accept-Encoding,User-Agent Content-Type image/gif Cache-Control max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0 Connection keep-alive Content-Length 43 Expires Thu, 01 Jan 1970 00:00:00 GMT Redirect headers Location https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=UDAj3zeETo2mh4cEfaHAHw&gdpr=0 Pragma no-cache Expires 0 Cache-Control no-cache,no-store,must-revalidate content-length 0 X-RPHost 37b22a0c36bd84993dd2cda4a5e04b1d P3P CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
GET H/1.1	200 OK	ecm3 aax-eu.amazon-adsystem.com/s/ Frame 9153 Redirect Chain https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&gdpr=0 https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&gdpr=0&dcc=t https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=OxEm-9vhTgK3-_ACTTrESQ&rk=usync-other&gdpr=0 https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=OxEm-9vhTgK3-_ACTTrESQ&gdpr=0	43 B 479 B	235ms 235ms	Image image/gif	52.94.222.140 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=OxEm-9vhTgK3-_ACTTrESQ&gdpr=0 Requested by Host: eus.rubiconproject.com URL: https://eus.rubiconproject.com/usync.html?p=mgid&endpoint=us-west&gdpr=0&gdpr_consent=&us_privacy= Protocol HTTP/1.1 Server 52.94.222.140 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS Software Server / Resource Hash c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e Security Headers Name Value Strict-Transport-Security max-age=47474747; includeSubDomains; preload Request headers accept-language ka-GE,ka;q=0.9 Referer https://eus.rubiconproject.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Pragma no-cache Date Wed, 03 May 2023 01:48:56 GMT Strict-Transport-Security max-age=47474747; includeSubDomains; preload Server Server x-amz-rid G4WWDVNPC2CVPYYPPW84 Vary Content-Type,Accept-Encoding,User-Agent Content-Type image/gif Cache-Control max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0 Connection keep-alive Content-Length 43 Expires Thu, 01 Jan 1970 00:00:00 GMT Redirect headers Location https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=OxEm-9vhTgK3-_ACTTrESQ&gdpr=0 Pragma no-cache Expires 0 Cache-Control no-cache,no-store,must-revalidate content-length 0 X-RPHost de8527bfa1ccfd6c1590da0d3b6cff52 P3P CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
GET H/1.1	200 OK	tap.php pixel.rubiconproject.com/ Frame 9153 Redirect Chain https://match.adsrvr.org/track/cmf/rubicon?gdpr=0 https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=e4923591-235a-48bd-ab9c-4d402d6574e8&gdpr=0&gdpr_consent=&expires=30	42 B 688 B	515ms 129ms	Image image/gif	69.173.144.165 RUBICONPROJECT
General Check archive.org Show headers Download Go to Show image Full URL https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=e4923591-235a-48bd-ab9c-4d402d6574e8&gdpr=0&gdpr_consent=&expires=30 Requested by Host: eus.rubiconproject.com URL: https://eus.rubiconproject.com/usync.html?p=mgid&endpoint=us-west&gdpr=0&gdpr_consent=&us_privacy= Protocol HTTP/1.1 Server 69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US), Reverse DNS Software / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Request headers accept-language ka-GE,ka;q=0.9 Referer https://eus.rubiconproject.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Content-Type image/gif Pragma no-cache Expires 0 Cache-Control no-cache,no-store,must-revalidate content-length 42 X-RPHost 3bafef7aa4e37890defcd73f0a080481 P3P CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT" Redirect headers pragma no-cache date Wed, 03 May 2023 01:48:55 GMT x-aspnet-version 4.0.30319 p3p CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV" location https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=e4923591-235a-48bd-ab9c-4d402d6574e8&gdpr=0&gdpr_consent=&expires=30 content-type text/html cache-control private,no-cache, must-revalidate content-length 289
GET H/1.1	200 OK	tap.php pixel.rubiconproject.com/ Frame 9153 Redirect Chain https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc&gdpr=0 https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&gdpr=0&put=CAESEFqgwIALvq34YtKnIcuyXek&google_cver=1	42 B 688 B	540ms 129ms	Image image/gif	69.173.144.165 RUBICONPROJECT
General Check archive.org Show headers Download Go to Show image Full URL https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&gdpr=0&put=CAESEFqgwIALvq34YtKnIcuyXek&google_cver=1 Requested by Host: eus.rubiconproject.com URL: https://eus.rubiconproject.com/usync.html?p=mgid&endpoint=us-west&gdpr=0&gdpr_consent=&us_privacy= Protocol HTTP/1.1 Server 69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US), Reverse DNS Software / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Request headers accept-language ka-GE,ka;q=0.9 Referer https://eus.rubiconproject.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Content-Type image/gif Pragma no-cache Expires 0 Cache-Control no-cache,no-store,must-revalidate content-length 42 X-RPHost de8527bfa1ccfd6c1590da0d3b6cff52 P3P CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT" Redirect headers pragma no-cache date Wed, 03 May 2023 01:48:55 GMT server HTTP server (unknown) content-type text/html; charset=UTF-8 location https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&gdpr=0&put=CAESEFqgwIALvq34YtKnIcuyXek&google_cver=1 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 337 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	pixel cm.g.doubleclick.net/ Frame 9153 Redirect Chain https://token.rubiconproject.com/token?pid=25470&gdpr=0 https://cm.g.doubleclick.net/pixel?google_nid=rp&google_cm&google_hm=TEg3MUk1REUtSi00QzRN&gdpr=0 https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&gdpr=0&google_gid=CAESEIheW7HHRP2pYJ_7Ya1g1LQ&google_cver=1 https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEg3MUk1REUtSi00QzRN&google_push=&gdpr=0	170 B 188 B	138ms 138ms	Image image/png	142.250.185.66 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEg3MUk1REUtSi00QzRN&google_push=&gdpr=0 Requested by Host: eus.rubiconproject.com URL: https://eus.rubiconproject.com/usync.html?p=mgid&endpoint=us-west&gdpr=0&gdpr_consent=&us_privacy= Protocol H3 Server 142.250.185.66 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s48-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers accept-language ka-GE,ka;q=0.9 Referer https://eus.rubiconproject.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Wed, 03 May 2023 01:48:56 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers Pragma no-cache P3P CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT" Content-Type text/html Location https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEg3MUk1REUtSi00QzRN&google_push=&gdpr=0 Cache-Control no-cache,no-store,must-revalidate content-length 0 X-RPHost de8527bfa1ccfd6c1590da0d3b6cff52 Expires 0
GET H/1.1	200 OK	tap.php pixel.rubiconproject.com/ Frame 9153 Redirect Chain https://token.rubiconproject.com/token?pid=2974&pt=n&a=1&gdpr=0 https://pr-bh.ybp.yahoo.com/sync/rubicon/qW8lZd2IbWua1F6flNpY8Q?csrc=&gdpr=0 https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-1bCy0p1E2oIWLyWSCbNpeyGMn9VjwOYmLHu7ow--~A	42 B 688 B	130ms 130ms	Image image/gif	69.173.144.165 RUBICONPROJECT
General Check archive.org Show headers Download Go to Show image Full URL https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-1bCy0p1E2oIWLyWSCbNpeyGMn9VjwOYmLHu7ow--~A Requested by Host: eus.rubiconproject.com URL: https://eus.rubiconproject.com/usync.html?p=mgid&endpoint=us-west&gdpr=0&gdpr_consent=&us_privacy= Protocol HTTP/1.1 Server 69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US), Reverse DNS Software / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Request headers accept-language ka-GE,ka;q=0.9 Referer https://eus.rubiconproject.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Content-Type image/gif Pragma no-cache Expires 0 Cache-Control no-cache,no-store,must-revalidate content-length 42 X-RPHost de8527bfa1ccfd6c1590da0d3b6cff52 P3P CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT" Redirect headers date Wed, 03 May 2023 01:48:56 GMT strict-transport-security max-age=31536000 x-content-type-options nosniff referrer-policy strict-origin-when-cross-origin server ATS content-security-policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic age 0 expect-ct max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only" x-frame-options DENY location https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-1bCy0p1E2oIWLyWSCbNpeyGMn9VjwOYmLHu7ow--~A content-length 0
GET H3	200	pixel cm.g.doubleclick.net/ Frame 9153 Redirect Chain https://token.rubiconproject.com/token?pid=2249&pt=n&gdpr=0 https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=ZTk3MTNlZmRjMjM1MzE4NTc2ZGFhYjRjNjM0ZDU1N2I0ZjFjYjc0Yg&gdpr=0	170 B 188 B	138ms 138ms	Image image/png	142.250.185.66 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=ZTk3MTNlZmRjMjM1MzE4NTc2ZGFhYjRjNjM0ZDU1N2I0ZjFjYjc0Yg&gdpr=0 Requested by Host: eus.rubiconproject.com URL: https://eus.rubiconproject.com/usync.html?p=mgid&endpoint=us-west&gdpr=0&gdpr_consent=&us_privacy= Protocol H3 Server 142.250.185.66 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s48-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers accept-language ka-GE,ka;q=0.9 Referer https://eus.rubiconproject.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Wed, 03 May 2023 01:48:56 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers Location https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=ZTk3MTNlZmRjMjM1MzE4NTc2ZGFhYjRjNjM0ZDU1N2I0ZjFjYjc0Yg&gdpr=0 Pragma no-cache Expires 0 Cache-Control no-cache,no-store,must-revalidate content-length 0 X-RPHost f5982f4f9cc79eb2b489dda8b92e3144 P3P CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
GET H3	204	generate_204 tpc.googlesyndication.com/ Frame AEC6	0 10 B	129ms 129ms	Image text/plain	142.250.181.225 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://tpc.googlesyndication.com/generate_204?ABBKIA Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.181.225 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s56-in-f1.1e100.net Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language ka-GE,ka;q=0.9 Referer https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Wed, 03 May 2023 01:48:55 GMT cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0
GET H3	204	sodar pagead2.googlesyndication.com/pagead/ Frame CD91	0 0	168ms 168ms	Image text/html	142.250.184.194 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20230501&jk=2023244841896367&rc= Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.184.194 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s11-in-f2.1e100.net Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language ka-GE,ka;q=0.9 Referer https://www.google.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers
GET H3	204	sodar pagead2.googlesyndication.com/pagead/	0 0	168ms 168ms	Image text/html	142.250.184.194 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20230501&jk=2023244841896367&bg=!wMOlw5fNAAYcDqajPA47ADkAdvg8WghTMkioBHM_IojSEKIzfRT4PcjLo9wcKApiGmNBdCRsSqQN_xQfkzsR8WZUZVZgz1f-icECAAAATlIAAAADaAEHCgB_BrYe40dJ7THWth1nY2pcLDWThxwefjUVs-vPsIk_OZR3lW8DpwixZIX4PWMr7AurP1FjrOyGoX1eHjbpNgxZwhphocPnBWTKR4Ts3MdfW4HttF-NMRaIp60lCiluHm2te3Pse3gVd7fr6qwrnMcd_FGe_Fh6H57aVRqsrnAM-5kCn9bCrHE4E0hf8VXjkZEYvhcVCIKnjy4K4WIuwfw_Pbti-HuBTLt0say5VIYITFk81bFI1c6xjURa3LMIPJ2ECnrW-Dlh_VyKmC60I40GxjjEuORlqWLr4QltEWRUnlqq-P05TX9BU20Dxv0af63Y3vtCVMm-q6auGYPGXMoAyRbcatHKw_BDILUeZF4InS-3SvrdhzHEfuSprhlYznrUvTrnL1Eamjun4QMpkVGB2cJQh88uvVXOy7VUgtnXsnu2ijvAJpeR4uTJYNSkxTJBZ5IAJ1OwDyh4kfbgdK8fUQZjcnqgUBKdhnk-tenpQmT8peCU87Wfw1KsrM6R_gmxNII_nOk1tryV0r4jC1FCpfIPGsYMveldkXLCeeJSWWdFINdkvPS_v4JN-W354h3rrTcluCW1OgXaBcw412lMj0s-aBqkyJ_FMxUtWQnh8r_XudY4I0Bl9eZpG_drDLnONBFAH5h1K67A9Wd6kTvX_7H1GYN0Jb6vBvU2uvRJd9VVgoy2XFcc46wlE9zFtIKAgh4ofR-nBY41XAdzVM3NfmtMrdJWcwrteEku4SidBSYGcwBpQSUlpfYeeOhjhiKJbfZxDHfeQqodFAZeLS-SIPz-aV11uZIk3CF6y_3znJpo2Uzd9QERUYJQNPDcctNr4PXNcY4ufvJK7vtBZeugc4dizePeSr_0sGnIi5Y-NfTb88gTAwj_oh0KTdTNK1Tdh1OPhTM9zA4CQriUxvGuE-N0R2dUdFIqK-rhnGsAPD1W0VqcuKYQq_NAAi_QU4C2bQuCKap9teuOezrUfw_Qu1oLmJ31qr8XRSQJyPXOWrgFcANfaNONvCPsno0cXM0-ddnWO_9J1Op917oOE_s9xBFrEywnmEzf6LQ_Jjh5g0EJ Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.184.194 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s11-in-f2.1e100.net Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language ka-GE,ka;q=0.9 Referer https://xosoketqua.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain

googleads.g.doubleclick.net

URL

https://googleads.g.doubleclick.net/pagead/html/r20230501/r20190131/zrt_lookup.html