on.ge Open in urlscan Pro
2606:4700:10::6816:425 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://on.ge/
Effective URL:
https://on.ge/
Submission Tags: tranco_l324
Submission: On November 26 via api (November 26th 2021, 11:41:40 am UTC) from DE — Scanned from DE

Summary HTTP 125 Redirects Links 17 Behaviour Indicators

Summary

This website contacted 24 IPs in 8 countries across 16 domains to perform 125 HTTP transactions. The main IP is 2606:4700:10::6816:425, located in United States and belongs to CLOUDFLARENET, US. The main domain is on.ge.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on May 6th 2021. Valid for: a year.

This is the only time on.ge was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 64	2606:4700:10:... 2606:4700:10::6816:425	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2606:4700::68... 2606:4700::6812:e134	13335 (CLOUDFLAR...) (CLOUDFLARENET)
9	2a03:90c0:41:... 2a03:90c0:41:2801::254	199524 (GCORE) (GCORE)
1	2a00:1450:400... 2a00:1450:4001:808::2002	15169 (GOOGLE) (GOOGLE)
4	2a03:2880:f02... 2a03:2880:f02d:12:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
2	188.93.95.16 188.93.95.16	57814 (CLOUD9) (CLOUD9)
7	142.250.186.98 142.250.186.98	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82a::2008	15169 (GOOGLE) (GOOGLE)
2 11	146.0.227.110 146.0.227.110	29066 (VELIANET-...) (VELIANET-AS velia.net Internetdienste GmbH)
1 5	2a03:2880:f12... 2a03:2880:f12d:83:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	2a00:1450:400... 2a00:1450:4001:829::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:811::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:831::2001	15169 (GOOGLE) (GOOGLE)
2	51.75.86.98 51.75.86.98	16276 (OVH) (OVH)
4 4	142.250.181.226 142.250.181.226	15169 (GOOGLE) (GOOGLE)
2	193.200.65.6 193.200.65.6	6681 (GIVEME-CLOUD) (GIVEME-CLOUD)
1 2	185.184.8.65 185.184.8.65	204995 (RTB-HOUSE...) (RTB-HOUSE-AMS)
2	2a00:1450:400... 2a00:1450:4001:831::200e	15169 (GOOGLE) (GOOGLE)
4	31.28.167.114 31.28.167.114	15497 (COLOCALL ...) (COLOCALL Internet Data Center ColoCALL)
1	2a00:1450:400... 2a00:1450:400c:c06::9c	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6812:e234	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:813::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:828::2003	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:829::2001	15169 (GOOGLE) (GOOGLE)
125	24

64 2606:4700:10::6816:425 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

on.ge	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
static.on.ge	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
account.on.ge	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
phoebe.on.ge	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
chandler.on.ge	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
rachel.on.ge	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
monica.on.ge	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ross.on.ge	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
joey.on.ge	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
services.on.ge	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700::6812:e134 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.onesignal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
onesignal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a03:90c0:41:2801::254 (Frankfurt am Main, Germany)

ASN199524 (GCORE, LU)

cdn.admixer.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:808::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a03:2880:f02d:12:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 188.93.95.16 (Tbilisi, Georgia)

ASN57814 (CLOUD9, GE)
PTR: counter.top.ge

counter.top.ge	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 142.250.186.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82a::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 146.0.227.110 (Ascension Island) 2 redirects

ASN29066 (VELIANET-AS velia.net Internetdienste GmbH, DE)

inv-nets.admixer.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a03:2880:f12d:83:face:b00c:0:25de (Frankfurt am Main, Germany) 1 redirects

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:811::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:831::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

b5b81767a289b1a0fba988d6f5c9eff3.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 51.75.86.98 (France)

ASN16276 (OVH, FR)
PTR: ip98.ip-51-75-86.eu

onetag-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.181.226 (United States) 4 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 193.200.65.6 (Amsterdam, Netherlands)

ASN6681 (GIVEME-CLOUD, PL)
PTR: adforce.team

m.trafmag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.184.8.65 (Amsterdam, Netherlands) 1 redirects

ASN204995 (RTB-HOUSE-AMS, PL)
PTR: ip-185-184-8-65.rtbhouse.net

creativecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:831::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 31.28.167.114 (Ukraine)

ASN15497 (COLOCALL Internet Data Center ColoCALL, UA)
PTR: 167-114.admixercdn-s2.cc.colocall.com

content.admixer.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c06::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:e234 (United States)

ASN13335 (CLOUDFLARENET, US)

onesignal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:813::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:828::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:829::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
64	on.ge 1 redirects on.ge static.on.ge account.on.ge phoebe.on.ge chandler.on.ge rachel.on.ge monica.on.ge ross.on.ge joey.on.ge services.on.ge	3 MB
24	admixer.net 2 redirects cdn.admixer.net inv-nets.admixer.net content.admixer.net	558 KB
8	doubleclick.net 4 redirects securepubads.g.doubleclick.net cm.g.doubleclick.net stats.g.doubleclick.net	118 KB
7	googlesyndication.com b5b81767a289b1a0fba988d6f5c9eff3.safeframe.googlesyndication.com pagead2.googlesyndication.com tpc.googlesyndication.com	38 KB
5	facebook.com 1 redirects www.facebook.com	539 B
5	onesignal.com cdn.onesignal.com onesignal.com	82 KB
4	facebook.net connect.facebook.net	196 KB
3	google.com adservice.google.com www.google.com	2 KB
2	google-analytics.com www.google-analytics.com	20 KB
2	creativecdn.com 1 redirects creativecdn.com	678 B
2	trafmag.com m.trafmag.com	702 B
2	onetag-sys.com onetag-sys.com	814 B
2	google.de adservice.google.de www.google.de	1 KB
2	top.ge counter.top.ge	1 KB
1	googletagmanager.com www.googletagmanager.com	42 KB
1	googletagservices.com www.googletagservices.com	27 KB
125	16

	Domain	Requested by
14	static.on.ge	on.ge static.on.ge
11	inv-nets.admixer.net	2 redirects cdn.admixer.net on.ge
9	monica.on.ge	on.ge
9	cdn.admixer.net	on.ge cdn.admixer.net
8	joey.on.ge	on.ge
8	rachel.on.ge	on.ge
7	ross.on.ge	on.ge
6	phoebe.on.ge	on.ge
5	www.facebook.com	1 redirects on.ge connect.facebook.net
5	chandler.on.ge	on.ge
4	pagead2.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com
4	content.admixer.net	on.ge
4	cm.g.doubleclick.net	4 redirects
4	connect.facebook.net	on.ge connect.facebook.net
3	onesignal.com	cdn.onesignal.com
3	securepubads.g.doubleclick.net	www.googletagservices.com securepubads.g.doubleclick.net
3	on.ge	1 redirects on.ge
2	tpc.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com
2	www.google.com	on.ge tpc.googlesyndication.com
2	www.google-analytics.com	www.googletagmanager.com on.ge
2	creativecdn.com	1 redirects on.ge
2	m.trafmag.com	on.ge
2	onetag-sys.com	inv-nets.admixer.net on.ge
2	services.on.ge	static.on.ge
2	counter.top.ge	on.ge
2	cdn.onesignal.com	on.ge cdn.onesignal.com
2	account.on.ge	on.ge
1	www.google.de	on.ge
1	stats.g.doubleclick.net	www.google-analytics.com
1	b5b81767a289b1a0fba988d6f5c9eff3.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	adservice.google.com	securepubads.g.doubleclick.net
1	adservice.google.de	securepubads.g.doubleclick.net
1	www.googletagmanager.com	on.ge
1	www.googletagservices.com	on.ge
125	34

This site contains links to these domains. Also see Links.

Domain
jobs.on.ge
teoria.on.ge
spell.on.ge
search.on.ge
account.on.ge
facebook.com
instagram.com
twitter.com
omedia.ge
www.top.ge

Subject Issuer	Validity	Valid
on.ge Cloudflare Inc ECC CA-3	`2021-05-06` - `2022-05-05`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-07-04` - `2022-07-03`	a year	crt.sh
*.admixer.net Sectigo RSA Domain Validation Secure Server CA	`2021-06-08` - `2022-06-21`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2021-09-04` - `2021-12-03`	3 months	crt.sh
counter.top.ge R3	`2021-10-17` - `2022-01-15`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
*.google.de GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
*.google.com GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
onetag-sys.com R3	`2021-11-02` - `2022-01-31`	3 months	crt.sh
www.google.com GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
www.google.de GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh

This page contains 10 frames:

Primary Page: https://on.ge/
Frame ID: 4868BFA4F7921179861B73B5DD46EABC
Requests: 113 HTTP requests in this frame

Frame: https://cdn.admixer.net/scripts3/c.html?b=f7d12841-41d7-403e-aee3-a88934f6d7f1
Frame ID: 67C2331B3CDB740408460C46D19C8A4C
Requests: 1 HTTP requests in this frame

Frame: https://b5b81767a289b1a0fba988d6f5c9eff3.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 2DDABAD48963B876A276E4AB92E32185
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=59d216e971852f2
Frame ID: C3422EA02895E28A6D77B4296D033CDC
Requests: 1 HTTP requests in this frame

Frame: https://content.admixer.net/test1/7a161148-1036-4f6d-b074-842e9977df54/9e254ffc-19c3-4296-886c-3dcfbb520a3a.png
Frame ID: BA3229EEC4A68549B35F1EFB7C49B387
Requests: 3 HTTP requests in this frame

Frame: https://content.admixer.net/test1/95caac12-cd01-459f-9b60-d39d927e74ab/75418322-de84-4102-b5df-63138cca34c3.jpg
Frame ID: C5FA901263A5A65884A56C38299D4B6B
Requests: 2 HTTP requests in this frame

Frame: https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Fpage.php%3Fadapt_container_width%3Dtrue%26app_id%3D1740035346240245%26channel%3Dhttps%253A%252F%252Fstaticxx.facebook.com%252Fx%252Fconnect%252Fxd_arbiter%252F%253Fversion%253D46%2523cb%253Df1cb6c4c4627ccc%2526domain%253Don.ge%2526is_canvas%253Dfalse%2526origin%253Dhttps%25253A%25252F%25252Fon.ge%25252Ff39bfb30e6588dc%2526relation%253Dparent.parent%26container_width%3D230%26hide_cover%3Dfalse%26href%3Dhttps%253A%252F%252Fwww.facebook.com%252Fnext.on.ge%252F%26locale%3Dka_GE%26sdk%3Djoey%26show_facepile%3Dtrue%26small_header%3Dfalse
Frame ID: 41C60D1D5747550CB816C35F93452184
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: 6E9EF030DDCD5879163387E221934EB5
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Frame ID: 996ED8F5AA1402163F233D663D8A52C3
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 2DB0ED1512E0C470805252901D0C2970
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

On.ge / გაიგე მეტი

Page URL History Show full URLs

http://on.ge/ HTTP 301
https://on.ge/ Page URL

Page Statistics

125
Requests

98 %
HTTPS

67 %
IPv6

16
Domains

34
Subdomains

24
IPs

8
Countries

3893 kB
Transfer

6192 kB
Size

21
Cookies

17 Outgoing links

These are links going to different origins than the main page.

URL: https://jobs.on.ge/
Title: ვაკანსიები

Search URL Search Domain Scan URL

URL: http://teoria.on.ge/
Title: მართვის მოწმობა

Search URL Search Domain Scan URL

URL: http://spell.on.ge/
Title: მართლწერა

Search URL Search Domain Scan URL

URL: https://search.on.ge/
Title: ძებნა

Search URL Search Domain Scan URL

URL: https://account.on.ge/signin?origin=https%3A%2F%2Fon.ge%2F
Title: შესვლა

Search URL Search Domain Scan URL

URL: https://account.on.ge/new?origin=https%3A%2F%2Fon.ge%2F
Title: გაწევრიანება

Search URL Search Domain Scan URL

URL: https://account.on.ge/profile?origin=https%3A%2F%2Fon.ge%2F
Title: ანგარიშის პარამეტრები

Search URL Search Domain Scan URL

URL: https://account.on.ge/signout?origin=https%3A%2F%2Fon.ge%2F
Title: გასვლა →

Search URL Search Domain Scan URL

URL: https://facebook.com/news.on.ge
Title: ახალი ამბები

Search URL Search Domain Scan URL

URL: https://facebook.com/hey.on.ge
Title: ჟურნალი

Search URL Search Domain Scan URL

URL: https://facebook.com/next.on.ge
Title: NEXT

Search URL Search Domain Scan URL

URL: https://facebook.com/edu.on.ge
Title: EDU

Search URL Search Domain Scan URL

URL: https://facebook.com/sport.on.ge
Title: სპორტი

Search URL Search Domain Scan URL

URL: https://instagram.com/on.ge
Title: ფოტო-ამბები

Search URL Search Domain Scan URL

URL: https://twitter.com/OnGeLive
Title: ყველაზე მნიშვნელოვანი

Search URL Search Domain Scan URL

URL: http://omedia.ge/
Title: ომედია

Search URL Search Domain Scan URL

URL: http://www.top.ge/index.php?h=97558#97558

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://on.ge/ HTTP 301
https://on.ge/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 89

https://cm.g.doubleclick.net/pixel?google_nid=admixer_technologies&google_hm=ZjA0MTFkMjYyNjhlNGJlMmIyNDI5MWQxMGUzODY0Y2Y=&google_cm HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=admixer_technologies&google_hm=ZjA0MTFkMjYyNjhlNGJlMmIyNDI5MWQxMGUzODY0Y2Y=&google_cm=&google_tc= HTTP 302
https://inv-nets.admixer.net/gadx/cm.aspx?google_nid=admixer_technologies&google_gid=CAESEFRZ5_Nj8Nz1MOmq5bMdE4o&google_cver=1 HTTP 302
https://m.trafmag.com/images/1px-matching-go2net.gif?id=f0411d26268e4be2b24291d10e3864cf

Request Chain 90

https://cm.g.doubleclick.net/pixel?google_nid=admixer_dmp&google_cm HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=admixer_dmp&google_cm=&google_tc= HTTP 302
https://inv-nets.admixer.net/gadx/cm.aspx?google_gid=CAESEACHXsnLlXrihJ_dxB8ttPc&google_cver=1 HTTP 302
https://m.trafmag.com/images/1px-matching-go2net.gif?id=f0411d26268e4be2b24291d10e3864cf

Request Chain 91

https://creativecdn.com/cm-notify?pi=admixer HTTP 302
https://creativecdn.com/cm-notify?pi=admixer&tc=1

Request Chain 109

https://www.facebook.com/v2.8/plugins/page.php?adapt_container_width=true&app_id=1740035346240245&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df1cb6c4c4627ccc%26domain%3Don.ge%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fon.ge%252Ff39bfb30e6588dc%26relation%3Dparent.parent&container_width=230&hide_cover=false&href=https%3A%2F%2Fwww.facebook.com%2Fnext.on.ge%2F&locale=ka_GE&sdk=joey&show_facepile=true&small_header=false HTTP 302
https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Fpage.php%3Fadapt_container_width%3Dtrue%26app_id%3D1740035346240245%26channel%3Dhttps%253A%252F%252Fstaticxx.facebook.com%252Fx%252Fconnect%252Fxd_arbiter%252F%253Fversion%253D46%2523cb%253Df1cb6c4c4627ccc%2526domain%253Don.ge%2526is_canvas%253Dfalse%2526origin%253Dhttps%25253A%25252F%25252Fon.ge%25252Ff39bfb30e6588dc%2526relation%253Dparent.parent%26container_width%3D230%26hide_cover%3Dfalse%26href%3Dhttps%253A%252F%252Fwww.facebook.com%252Fnext.on.ge%252F%26locale%3Dka_GE%26sdk%3Djoey%26show_facepile%3Dtrue%26small_header%3Dfalse

125 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
on.ge/
Redirect Chain

http://on.ge/
https://on.ge/

149 KB
20 KB

1715ms
1672ms

Document
text/html

2606:4700:10::6816:425
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://on.ge/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:425 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f0142855df82695c7759c275c11b46ec60f0eb0c2c50512de4dd7c3f1caa584f

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

date: Fri, 26 Nov 2021 11:41:35 GMT
content-type: text/html; charset=UTF-8
cache-control: max-age=60, public, s-maxage=60
access-control-allow-credentials: true
access-control-allow-origin: *
access-control-allow-headers: X-Requested-With, Content-Type, Accept, Origin, Authorization
access-control-allow-methods: GET
x-cache-debug: 1
vary: Accept-Encoding
x-varnish: 1264055938
age: 0
via: 1.1 varnish
x-varnish-cache: MISS
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 6b42d92b7d905a3d-MXP
content-encoding: gzip

Redirect headers

Date: Fri, 26 Nov 2021 11:41:33 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Fri, 26 Nov 2021 12:41:33 GMT
Location: https://on.ge/
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 6b42d92aaff40f6a-MXP

GET
H2 200 main.min.css
static.on.ge/on/assets/static/css/ 266 KB
41 KB 47ms
37ms Stylesheet
text/css 2606:4700:10::6816:425
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.on.ge/on/assets/static/css/main.min.css?v=1624897448
Requested by: Host: on.ge
URL: https://on.ge/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:425 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 13599949dfee5fc97b87ebb3306bb157a96b01bec31003e446a918b5767fb727

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://on.ge/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-varnish-cache: MISS
date: Fri, 26 Nov 2021 11:41:35 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 5864
content-type: text/css
content-length: 41446
last-modified: Fri, 19 Feb 2021 13:59:50 GMT
server: cloudflare
etag: "428a2-5bbb0dda86c50-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-varnish: 406842503
via: 1.1 varnish
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 6b42d9361b835a3d-MXP

GET
H2 200 onbar-2.css
account.on.ge/css/ 11 KB
2 KB 42ms
32ms Stylesheet
text/css 2606:4700:10::6816:425
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://account.on.ge/css/onbar-2.css?v=20170827
Requested by: Host: on.ge
URL: https://on.ge/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:425 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 062e99c00079cb0781d4ae90ed767450b903f8d4b97960f02e29364617330e77

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://on.ge/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-varnish-cache: HIT
date: Fri, 26 Nov 2021 11:41:35 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 5864
content-type: text/css
content-length: 2266
last-modified: Thu, 21 Jun 2018 14:07:24 GMT
server: cloudflare
etag: "2ca2-56f276f42bc79-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-varnish: 2130443380 2130400157
via: 1.1 varnish
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 6b42d9361b875a3d-MXP

GET
H2 200 OneSignalSDK.js Show response
cdn.onesignal.com/sdks/ 9 KB
3 KB 81ms
34ms Script
application/javascript 2606:4700::6812:e134
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.onesignal.com/sdks/OneSignalSDK.js
Requested by: Host: on.ge
URL: https://on.ge/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:e134 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 55b4a8ebd4ce4144242d6bb9d0ebb65a01b2759e67243ed5badc3ac96c6fd396

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://on.ge/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 26 Nov 2021 11:41:35 GMT
content-encoding: br
cf-cache-status: HIT
server: cloudflare
age: 221
etag: W/"2d763adca2b6a93c45e5b76bff1f8c5d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=259200
cf-ray: 6b42d9369bb65a37-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires: Mon, 29 Nov 2021 11:41:35 GMT

GET
H2 200 loader2.js Show response
cdn.admixer.net/scripts3/ 157 KB
48 KB 99ms
28ms Script
application/javascript 2a03:90c0:41:2801::254
GCORE

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.admixer.net/scripts3/loader2.js
Requested by: Host: on.ge
URL: https://on.ge/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: 52f265650f7013eff67bc683576ba96329a0bd223c962aef397c47047cc0e9ee

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://on.ge/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-id: fr5-up-gc33
date: Fri, 26 Nov 2021 11:41:35 GMT
content-encoding: gzip
last-modified: Thu, 25 Nov 2021 15:33:48 GMT
server: nginx
etag: W/"619facdc-27217"
x-cached-since: 2021-11-26T11:37:55+00:00
content-type: application/javascript
cache-control: max-age=600
cache: HIT
expires: Thu, 25 Nov 2021 15:44:37 GMT

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ 77 KB
27 KB 41ms
16ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: on.ge
URL: https://on.ge/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c3ab98a11303695462aaa63309ffa207915c6ec8c6f514c6193cfa57c6796d8d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://on.ge/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 26 Nov 2021 11:41:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1055 / 752 of 1000 / last-modified: 1637708722"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 26861
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Fri, 26 Nov 2021 11:41:35 GMT

GET
H2 200 ads.js Show response
static.on.ge/global/assets/js/ 21 B
177 B 34ms
25ms Script
application/javascript 2606:4700:10::6816:425
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.on.ge/global/assets/js/ads.js
Requested by: Host: on.ge
URL: https://on.ge/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:425 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: abd9155ac0fe0e62fdb9e2c1c333357cd33107972a57eff5224b0f3d0d2df316

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://on.ge/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-varnish-cache: MISS
date: Fri, 26 Nov 2021 11:41:35 GMT
via: 1.1 varnish
cf-cache-status: HIT
age: 5864
content-type: application/javascript
content-length: 21
last-modified: Sun, 24 Jan 2016 11:43:20 GMT
server: cloudflare
etag: "15-52a12f58cbb04"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-varnish: 1510238329
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 6b42d9361b855a3d-MXP

GET
H2 200 logo-onge-color.svg
static.on.ge/global/assets/images/ 2 KB
912 B 31ms
27ms Image
image/svg+xml 2606:4700:10::6816:425
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.on.ge/global/assets/images/logo-onge-color.svg
Requested by: Host: on.ge
URL: https://on.ge/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:425 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e96896a208db0b87febe1bc17fe6e9de8cdf3b1a36abce5a58cc803ed293d990

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://on.ge/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-varnish-cache: MISS
date: Fri, 26 Nov 2021 11:41:35 GMT
via: 1.1 varnish
cf-cache-status: HIT
age: 3928
content-encoding: gzip
x-varnish: 2109190040
last-modified: Sat, 28 Feb 2015 17:36:48 GMT
server: cloudflare
etag: W/"630-510296df48c00"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31536000
cf-ray: 6b42d9367c815a3d-MXP

GET
H2 200 icon-user-light.svg
static.on.ge/global/assets/images/ 784 B
613 B 31ms
28ms Image
image/svg+xml 2606:4700:10::6816:425
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.on.ge/global/assets/images/icon-user-light.svg
Requested by: Host: on.ge
URL: https://on.ge/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:425 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9845707907e58cb90187d70343678ab92cbc23ce449393afdc3bac51182d3710

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://on.ge/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-varnish-cache: MISS
date: Fri, 26 Nov 2021 11:41:35 GMT
via: 1.1 varnish
cf-cache-status: HIT
age: 3926
content-encoding: gzip
x-varnish: 502520240
last-modified: Sat, 28 Feb 2015 18:28:42 GMT
server: cloudflare
etag: W/"310-5102a27906a80"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31536000
cf-ray: 6b42d9367c845a3d-MXP

GET
H2 200 edu-icon.svg
static.on.ge/on/assets/static/images/ 1 KB
641 B 37ms
34ms Image
image/svg+xml 2606:4700:10::6816:425
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.on.ge/on/assets/static/images/edu-icon.svg
Requested by: Host: on.ge
URL: https://on.ge/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:425 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 41f3ab6783d84dc1c959173ec2037985fdc3471721f3f4d086b0dcbf21fdfd55

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://on.ge/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-varnish-cache: MISS
date: Fri, 26 Nov 2021 11:41:35 GMT
via: 1.1 varnish
cf-cache-status: HIT
age: 6532
content-encoding: gzip
x-varnish: 405880767
last-modified: Sun, 19 Jul 2020 14:30:57 GMT
server: cloudflare
etag: W/"4c9-5aacc3d08bf38"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31536000
cf-ray: 6b42d9367c895a3d-MXP

GET
H2 200 nino.jpg
phoebe.on.ge/2021/11/26/ 41 KB
41 KB 275ms
264ms Image
image/jpeg 2606:4700:10::6816:425
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://phoebe.on.ge/2021/11/26/nino.jpg
Requested by: Host: on.ge
URL: https://on.ge/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:425 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5b2b5a5a05298e069e32d2d59e24b91a4ce53f93de02f43efda0063b38015928

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://on.ge/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-varnish-cache: MISS
date: Fri, 26 Nov 2021 11:41:35 GMT
via: 1.1 varnish
cf-cache-status: MISS
content-type: image/jpeg
content-length: 41674
last-modified: Fri, 26 Nov 2021 11:38:59 GMT
server: cloudflare
etag: "a2ca-5d1af89796ed5"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-varnish: 1264055980
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 6b42d9368caa5a3d-MXP

GET
H2 200 189163635_316913113137626_2306595170610728030_n.jpg
chandler.on.ge/2021/11/10/ 23 KB
23 KB 279ms
267ms Image
image/jpeg 2606:4700:10::6816:425
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://chandler.on.ge/2021/11/10/189163635_316913113137626_2306595170610728030_n.jpg
Requested by: Host: on.ge
URL: https://on.ge/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:425 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c4f79449eb89b7cb34513e7bf05bcf2c30b5121d3323f45dce960457b8e2f6ee

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://on.ge/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-varnish-cache: MISS
date: Fri, 26 Nov 2021 11:41:35 GMT
via: 1.1 varnish
cf-cache-status: MISS
content-type: image/jpeg
content-length: 23774
last-modified: Wed, 10 Nov 2021 13:15:30 GMT
server: cloudflare
etag: "5cde-5d06f0533663b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-varnish: 1264055978
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 6b42d9368cb85a3d-MXP

GET
H2 200 shota.jpg
rachel.on.ge/2021/11/26/ 66 KB
66 KB 341ms
330ms Image
image/jpeg 2606:4700:10::6816:425
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rachel.on.ge/2021/11/26/shota.jpg
Requested by: Host: on.ge
URL: https://on.ge/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:425 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2b772c464fa0b56de5b56912ceb15c6b5a4de2817f4c7d4a190f09f0ba8e9e1a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://on.ge/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-varnish-cache: HIT
date: Fri, 26 Nov 2021 11:41:35 GMT
via: 1.1 varnish
cf-cache-status: MISS
content-type: image/jpeg
content-length: 67570
last-modified: Fri, 26 Nov 2021 11:18:34 GMT
server: cloudflare
etag: "107f2-5d1af407a798a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-varnish: 1264055981 1264024945
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 6b42d9368ca95a3d-MXP

GET
H2 200 1637923748.jpg
rachel.on.ge/2021/11/26/ 33 KB
34 KB 273ms
262ms Image
image/jpeg 2606:4700:10::6816:425
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rachel.on.ge/2021/11/26/1637923748.jpg
Requested by: Host: on.ge
URL: https://on.ge/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:425 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: addf96a0c7d6c51c22bbd1b88975b2cbb132a632ecc95cc75dd4ec56ef194d84

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://on.ge/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-varnish-cache: HIT
date: Fri, 26 Nov 2021 11:41:35 GMT
via: 1.1 varnish
cf-cache-status: MISS
content-type: image/jpeg
content-length: 34294
last-modified: Fri, 26 Nov 2021 11:11:45 GMT
server: cloudflare
etag: "85f6-5d1af2815d295"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-varnish: 1264055979 1264017860
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 6b42d9368ca75a3d-MXP

GET
H2 200 Capture_61a0b918052b1_61a0bf8c1270b.jpg
rachel.on.ge/2021/11/26/ 59 KB
59 KB 309ms
308ms Image
image/jpeg 2606:4700:10::6816:425
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rachel.on.ge/2021/11/26/Capture_61a0b918052b1_61a0bf8c1270b.jpg
Requested by: Host: on.ge
URL: https://on.ge/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:425 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a4794cfedac4eaef2afe0f2b3b9f4049965a4247196382e61cb2d380104d70cf

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://on.ge/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-varnish-cache: HIT
date: Fri, 26 Nov 2021 11:41:35 GMT
via: 1.1 varnish
cf-cache-status: MISS
content-type: image/jpeg
content-length: 60623
last-modified: Fri, 26 Nov 2021 11:05:48 GMT
server: cloudflare
etag: "eccf-5d1af12c70d72"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-varnish: 1264055983 1264016071
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 6b42d9370e105a3d-MXP

GET
H2 200 bripingis_poto.jpeg
phoebe.on.ge/2021/11/26/ 18 KB
18 KB 248ms
248ms Image
image/jpeg 2606:4700:10::6816:425
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://phoebe.on.ge/2021/11/26/bripingis_poto.jpeg
Requested by: Host: on.ge
URL: https://on.ge/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:425 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 580aebdb7202f45129c1adb841a0ea3a08867b333c93da946f90ca2c5eb0e8c5

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://on.ge/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-varnish-cache: MISS
date: Fri, 26 Nov 2021 11:41:35 GMT
via: 1.1 varnish
cf-cache-status: MISS
content-type: image/jpeg
content-length: 18221
last-modified: Fri, 26 Nov 2021 10:28:27 GMT
server: cloudflare
etag: "472d-5d1ae8d35f731"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-varnish: 1264055986
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 6b42d9371e1a5a3d-MXP

GET
H2 200 protest_draft3.jpg
monica.on.ge/2021/11/26/ 94 KB
95 KB 333ms
322ms Image
image/jpeg 2606:4700:10::6816:425
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://monica.on.ge/2021/11/26/protest_draft3.jpg
Requested by: Host: on.ge
URL: https://on.ge/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:425 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3b001c91bf7d6ae3fb5f29deb81fc672ddd96e3810fd2ce69e583ac02d5262e3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://on.ge/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-varnish-cache: MISS
date: Fri, 26 Nov 2021 11:41:35 GMT
via: 1.1 varnish
cf-cache-status: MISS
content-type: image/jpeg
content-length: 96550
last-modified: Fri, 26 Nov 2021 10:23:04 GMT
server: cloudflare
etag: "17926-5d1ae79fdd1f9"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-varnish: 1264055990
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 6b42d9371e455a3d-MXP

GET
H2 200 2.jpg
ross.on.ge/2021/11/26/ 37 KB
37 KB 237ms
236ms Image
image/jpeg 2606:4700:10::6816:425
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ross.on.ge/2021/11/26/2.jpg
Requested by: Host: on.ge
URL: https://on.ge/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:425 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ca3296d548223a35255c768bdedcfac9952034c7282dbfddc330bc249b6a1b67

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://on.ge/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-varnish-cache: MISS
date: Fri, 26 Nov 2021 11:41:35 GMT
via: 1.1 varnish
cf-cache-status: MISS
content-type: image/jpeg
content-length: 38224
last-modified: Fri, 26 Nov 2021 10:15:19 GMT
server: cloudflare
etag: "9550-5d1ae5e4a0888"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-varnish: 1264055987
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 6b42d9372e595a3d-MXP

GET
H2 200 tsotseria_1_61a0af6435c10.jpeg
chandler.on.ge/2021/11/26/ 42 KB
42 KB 243ms
242ms Image
image/jpeg 2606:4700:10::6816:425
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://chandler.on.ge/2021/11/26/tsotseria_1_61a0af6435c10.jpeg
Requested by: Host: on.ge
URL: https://on.ge/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:425 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 430d0ae2afb0756f4e1381c7d0288004425071216fb1f7f3f96d15c1eadd6a83

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://on.ge/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-varnish-cache: HIT
date: Fri, 26 Nov 2021 11:41:35 GMT
via: 1.1 varnish
cf-cache-status: MISS
content-type: image/jpeg
content-length: 42840
last-modified: Fri, 26 Nov 2021 09:56:52 GMT
server: cloudflare
etag: "a758-5d1ae1c42e2c8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-varnish: 1264055989 1264025149
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 6b42d9372e5e5a3d-MXP

GET
H2 200 Capture_61a0950278c31.jpg
phoebe.on.ge/2021/11/26/ 71 KB
71 KB 317ms
316ms Image
image/jpeg 2606:4700:10::6816:425
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://phoebe.on.ge/2021/11/26/Capture_61a0950278c31.jpg
Requested by: Host: on.ge
URL: https://on.ge/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:425 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1f167fdb186ea566906925836eaf1edaccad2ab4bcfe97fc39ebc0cf5be37ad7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://on.ge/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-varnish-cache: MISS
date: Fri, 26 Nov 2021 11:41:35 GMT
via: 1.1 varnish
cf-cache-status: MISS
content-type: image/jpeg
content-length: 72219
last-modified: Fri, 26 Nov 2021 08:05:19 GMT
server: cloudflare
etag: "11a1b-5d1ac8d50e6c4"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-varnish: 1264055991
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 6b42d9373e895a3d-MXP

GET
H2 200 khaz_61a0ac0653c02.jpg
joey.on.ge/2021/11/26/ 53 KB
53 KB 316ms
315ms Image
image/jpeg 2606:4700:10::6816:425
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://joey.on.ge/2021/11/26/khaz_61a0ac0653c02.jpg
Requested by: Host: on.ge
URL: https://on.ge/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:425 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1411f2363842eacb2fb2095bacfef4863f52ffd2f4465daa30e3d2dec7bdf3ad

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://on.ge/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-varnish-cache: HIT
date: Fri, 26 Nov 2021 11:41:35 GMT
via: 1.1 varnish
cf-cache-status: MISS
content-type: image/jpeg
content-length: 54387
last-modified: Fri, 26 Nov 2021 09:42:30 GMT
server: cloudflare
etag: "d473-5d1ade8e3c134"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-varnish: 1264055993 1263988066
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 6b42d93829775a3d-MXP

GET
H2 200 1_4.jpg
chandler.on.ge/2021/11/26/ 106 KB
106 KB 373ms
372ms Image
image/jpeg 2606:4700:10::6816:425
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://chandler.on.ge/2021/11/26/1_4.jpg
Requested by: Host: on.ge
URL: https://on.ge/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:425 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1ba1c8c4d38dde46bc9aecef823dcff354b3825598ffd2b893d91aa26f96689f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://on.ge/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-varnish-cache: HIT
date: Fri, 26 Nov 2021 11:41:35 GMT
via: 1.1 varnish
cf-cache-status: MISS
content-type: image/jpeg
content-length: 108451
last-modified: Fri, 26 Nov 2021 09:40:09 GMT
server: cloudflare
etag: "1a7a3-5d1ade07f9cc1"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-varnish: 1264055994 1263988067
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 6b42d938399e5a3d-MXP

GET
H2 200 1637914859_61a0b911dd8d8.jpg
chandler.on.ge/2021/11/26/ 12 KB
12 KB 42ms
41ms Image
image/jpeg 2606:4700:10::6816:425
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://chandler.on.ge/2021/11/26/1637914859_61a0b911dd8d8.jpg
Requested by: Host: on.ge
URL: https://on.ge/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:425 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c62a3c8756fd27abb56a250f74fc1037c3992c159e7533e2f41994bf57822858

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://on.ge/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-varnish-cache: MISS
date: Fri, 26 Nov 2021 11:41:35 GMT
via: 1.1 varnish
cf-cache-status: HIT
age: 3437
cf-ray: 6b42d9370e055a3d-MXP
content-length: 11805
last-modified: Fri, 26 Nov 2021 10:38:09 GMT
server: cloudflare
etag: "2e1d-5d1aeaff16f03"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-varnish: 1263973643
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
content-type: image/jpeg
cf-bgj: h2pri

GET
H2 200 1637860811_619fca8f57dbb.jpg
joey.on.ge/2021/11/25/ 8 KB
8 KB 43ms
30ms Image
image/jpeg 2606:4700:10::6816:425
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://joey.on.ge/2021/11/25/1637860811_619fca8f57dbb.jpg
Requested by: Host: on.ge
URL: https://on.ge/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:425 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0ca8f5fcd03defaa59b26b983dbcd36641fdd3b8538cb3f5054d9c422b165c00

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://on.ge/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-varnish-cache: MISS
date: Fri, 26 Nov 2021 11:41:35 GMT
via: 1.1 varnish
cf-cache-status: HIT
age: 6532
cf-ray: 6b42d9371e255a3d-MXP
content-length: 7831
last-modified: Thu, 25 Nov 2021 17:40:31 GMT
server: cloudflare
etag: "1e97-5d1a07891e5f9"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-varnish: 34618639
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
content-type: image/jpeg
cf-bgj: h2pri

GET
H2 200 BeFunky-collage_5.jpg
ross.on.ge/2021/11/25/ 67 KB
68 KB 177ms
176ms Image
image/jpeg 2606:4700:10::6816:425
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ross.on.ge/2021/11/25/BeFunky-collage_5.jpg
Requested by: Host: on.ge
URL: https://on.ge/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:425 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 550e2e3649199407ea59be71ec68eb766360ebedf63b156fc1fa1d22ffb4cb2e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://on.ge/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-varnish-cache: HIT
date: Fri, 26 Nov 2021 11:41:35 GMT
via: 1.1 varnish
cf-cache-status: REVALIDATED
cf-ray: 6b42d9370e005a3d-MXP
content-length: 68983
last-modified: Thu, 25 Nov 2021 17:02:06 GMT
server: cloudflare
etag: "10d77-5d19fef2b36a6"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-varnish: 1573614519 1573612825
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
content-type: image/jpeg
cf-bgj: h2pri

GET
H2 200 logo-next-on-ge.svg
static.on.ge/on/assets/static/images/ 3 KB
2 KB 198ms
197ms Image
image/svg+xml 2606:4700:10::6816:425
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.on.ge/on/assets/static/images/logo-next-on-ge.svg
Requested by: Host: on.ge
URL: https://on.ge/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:425 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ec5dc232cf8678d7f398781e2959419d15c95eb1e69c654a17235f95a9301be8

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://on.ge/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-varnish-cache: HIT
date: Fri, 26 Nov 2021 11:41:35 GMT
via: 1.1 varnish
cf-cache-status: REVALIDATED
last-modified: Mon, 23 Dec 2019 11:13:45 GMT
server: cloudflare
etag: W/"cdf-59a5d1ef44028"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-varnish: 633399955 633353311
access-control-allow-origin: *
cache-control: max-age=31536000
cf-ray: 6b42d9370e165a3d-MXP
content-encoding: gzip
content-type: image/svg+xml

GET
H2 200 Kepler-444_hero_61a0b16d08450.jpg
joey.on.ge/2021/11/26/ 5 KB
5 KB 54ms
42ms Image
image/jpeg 2606:4700:10::6816:425
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://joey.on.ge/2021/11/26/Kepler-444_hero_61a0b16d08450.jpg
Requested by: Host: on.ge
URL: https://on.ge/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:425 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 51ab1419c56a6121ce139797173240cd84178adb4986f20d890f968f51f59882

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://on.ge/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-varnish-cache: MISS
date: Fri, 26 Nov 2021 11:41:35 GMT
via: 1.1 varnish
cf-cache-status: HIT
age: 2767
cf-ray: 6b42d9371e1e5a3d-MXP
content-length: 4798
last-modified: Fri, 26 Nov 2021 10:05:33 GMT
server: cloudflare
etag: "12be-5d1ae3b4ded28"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-varnish: 1263989681
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
content-type: image/jpeg
cf-bgj: h2pri

GET
H2 200 im-441467.jpg
rachel.on.ge/2021/11/26/ 17 KB
17 KB 43ms
42ms Image
image/jpeg 2606:4700:10::6816:425
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rachel.on.ge/2021/11/26/im-441467.jpg
Requested by: Host: on.ge
URL: https://on.ge/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:425 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1521f1dff554f0caadb51dc124e12ba1241c0f0fee588e63d5671d9c758cb9f1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://on.ge/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-varnish-cache: MISS
date: Fri, 26 Nov 2021 11:41:35 GMT
via: 1.1 varnish
cf-cache-status: HIT
age: 2535
cf-ray: 6b42d9370e135a3d-MXP
content-length: 17286
last-modified: Fri, 26 Nov 2021 09:23:35 GMT
server: cloudflare
etag: "4386-5d1ada547133d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-varnish: 1263995080
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
content-type: image/jpeg
cf-bgj: h2pri

GET
H2 200 covid-19-variants.jpg
phoebe.on.ge/2021/11/26/ 11 KB
11 KB 192ms
191ms Image
image/jpeg 2606:4700:10::6816:425
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://phoebe.on.ge/2021/11/26/covid-19-variants.jpg
Requested by: Host: on.ge
URL: https://on.ge/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:425 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a521729dc53682fc83dfa5522c42fb47557b54dc3d4e568edfe43b0389519f48

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://on.ge/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-varnish-cache: MISS
date: Fri, 26 Nov 2021 11:41:35 GMT
via: 1.1 varnish
cf-cache-status: REVALIDATED
cf-ray: 6b42d9370e045a3d-MXP
content-length: 10928
last-modified: Fri, 26 Nov 2021 09:09:07 GMT
server: cloudflare
etag: "2ab0-5d1ad71874298"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-varnish: 1263848931
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
content-type: image/jpeg
cf-bgj: h2pri

GET
H2 200 image_619faf3c4553c.jpg
monica.on.ge/2021/11/25/ 10 KB
10 KB 28ms
28ms Image
image/jpeg 2606:4700:10::6816:425
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://monica.on.ge/2021/11/25/image_619faf3c4553c.jpg
Requested by: Host: on.ge
URL: https://on.ge/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:425 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7319607cdf30011a9bbfe872f8a366e52e76fda6929ad4a83f69b39c9a807023

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://on.ge/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-varnish-cache: MISS
date: Fri, 26 Nov 2021 11:41:35 GMT
via: 1.1 varnish
cf-cache-status: HIT
age: 2535
cf-ray: 6b42d9389a8c5a3d-MXP
content-length: 9770
last-modified: Thu, 25 Nov 2021 15:43:56 GMT
server: cloudflare
etag: "262a-5d19ed7a18572"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-varnish: 34682991
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
content-type: image/jpeg
cf-bgj: h2pri

GET
H2 200 nasa_619faae067b82.jpg
ross.on.ge/2021/11/25/ 7 KB
7 KB 36ms
36ms Image
image/jpeg 2606:4700:10::6816:425
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ross.on.ge/2021/11/25/nasa_619faae067b82.jpg
Requested by: Host: on.ge
URL: https://on.ge/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:425 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: add4f324b163178ccc848f9f607fbccc6110f6f8985e3ddb41fcd5837a3997bf

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://on.ge/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-varnish-cache: HIT
date: Fri, 26 Nov 2021 11:41:35 GMT
via: 1.1 varnish
cf-cache-status: HIT
age: 2535
cf-ray: 6b42d9389aaa5a3d-MXP
content-length: 7224
last-modified: Thu, 25 Nov 2021 15:25:20 GMT
server: cloudflare
etag: "1c38-5d19e951ee501"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-varnish: 633470575 633457334
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
content-type: image/jpeg
cf-bgj: h2pri

GET
H2 200 japan-is-investing-over-5-billion-to-solve-the-worlds-chip-shortage_resize_md_619f8e48e61a8.jpg
monica.on.ge/2021/11/25/ 33 KB
33 KB 27ms
27ms Image
image/jpeg 2606:4700:10::6816:425
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://monica.on.ge/2021/11/25/japan-is-investing-over-5-billion-to-solve-the-worlds-chip-shortage_resize_md_619f8e48e61a8.jpg
Requested by: Host: on.ge
URL: https://on.ge/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:425 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d7d08d242d7a431e21e435ab5d3b15f15293aec1dbc157ac258a455173698752

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://on.ge/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-varnish-cache: MISS
date: Fri, 26 Nov 2021 11:41:35 GMT
via: 1.1 varnish
cf-cache-status: HIT
age: 2535
cf-ray: 6b42d938aab55a3d-MXP
content-length: 33638
last-modified: Thu, 25 Nov 2021 13:23:20 GMT
server: cloudflare
etag: "8366-5d19ce0d87481"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-varnish: 633338839
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
content-type: image/jpeg
cf-bgj: h2pri

GET
H2 200 logo-edu-on-ge.svg
static.on.ge/on/assets/static/images/ 4 KB
2 KB 184ms
183ms Image
image/svg+xml 2606:4700:10::6816:425
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.on.ge/on/assets/static/images/logo-edu-on-ge.svg
Requested by: Host: on.ge
URL: https://on.ge/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:425 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9f9fb3b57b331d7d30d2198e6b4d60d85941b161482a272b2ca15ea31d8a298f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://on.ge/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-varnish-cache: HIT
date: Fri, 26 Nov 2021 11:41:35 GMT
via: 1.1 varnish
cf-cache-status: REVALIDATED
last-modified: Sun, 19 Jul 2020 13:59:21 GMT
server: cloudflare
etag: W/"ebf-5aacbcc00ae68"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-varnish: 633399961 633367765
access-control-allow-origin: *
cache-control: max-age=31536000
cf-ray: 6b42d938aaba5a3d-MXP
content-encoding: gzip
content-type: image/svg+xml

GET
H2 200 mask-in-the-classroom.jpg
chandler.on.ge/2021/09/07/ 11 KB
11 KB 174ms
174ms Image
image/jpeg 2606:4700:10::6816:425
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://chandler.on.ge/2021/09/07/mask-in-the-classroom.jpg
Requested by: Host: on.ge
URL: https://on.ge/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:425 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7a4ba5a0284eb29987dd57858bff0a0f9909af6080147abac4ebe8419788f203

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://on.ge/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-varnish-cache: MISS
date: Fri, 26 Nov 2021 11:41:35 GMT
via: 1.1 varnish
cf-cache-status: REVALIDATED
cf-ray: 6b42d938aac75a3d-MXP
content-length: 11101
last-modified: Tue, 07 Sep 2021 14:43:18 GMT
server: cloudflare
etag: "2b5d-5cb68c953ca5a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-varnish: 960628486
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
content-type: image/jpeg
cf-bgj: h2pri

GET
H2 200 MAK00488.jpg
ross.on.ge/2021/10/06/ 170 KB
170 KB 190ms
190ms Image
image/jpeg 2606:4700:10::6816:425
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ross.on.ge/2021/10/06/MAK00488.jpg
Requested by: Host: on.ge
URL: https://on.ge/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:425 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 65b0c0df7c7862dd2afc277b749ae30fc44ff3fe6b243c39869d162bd060e2d1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://on.ge/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-varnish-cache: HIT
date: Fri, 26 Nov 2021 11:41:35 GMT
via: 1.1 varnish
cf-cache-status: REVALIDATED
cf-ray: 6b42d938cb1d5a3d-MXP
content-length: 173686
last-modified: Tue, 05 Oct 2021 20:51:03 GMT
server: cloudflare
etag: "2a676-5cda130106e58"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-varnish: 633399964 633339480
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
content-type: image/jpeg
cf-bgj: h2pri

GET
H2 200 kalami.jpg
rachel.on.ge/2020/06/09/ 9 KB
9 KB 165ms
164ms Image
image/jpeg 2606:4700:10::6816:425
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rachel.on.ge/2020/06/09/kalami.jpg
Requested by: Host: on.ge
URL: https://on.ge/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:425 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ce299aade856e4f7318a3219094c3176b280ab8c95b4496d95f417ea23a81784

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://on.ge/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-varnish-cache: MISS
date: Fri, 26 Nov 2021 11:41:35 GMT
via: 1.1 varnish
cf-cache-status: REVALIDATED
cf-ray: 6b42d938db495a3d-MXP
content-length: 9516
last-modified: Tue, 09 Jun 2020 11:09:55 GMT
server: cloudflare
etag: "252c-5a7a4c4742801"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-varnish: 2103992385
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
content-type: image/jpeg
cf-bgj: h2pri

GET
H2 200 IMG_3546_60363be56cab4.jpg
monica.on.ge/2021/02/24/ 69 KB
69 KB 189ms
189ms Image
image/jpeg 2606:4700:10::6816:425
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://monica.on.ge/2021/02/24/IMG_3546_60363be56cab4.jpg
Requested by: Host: on.ge
URL: https://on.ge/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:425 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 13497c7672922cddb2efd57191df8e33859e469105f7a39381271f6976bc87d1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://on.ge/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-varnish-cache: HIT
date: Fri, 26 Nov 2021 11:41:35 GMT
via: 1.1 varnish
cf-cache-status: REVALIDATED
cf-ray: 6b42d938db615a3d-MXP
content-length: 70792
last-modified: Wed, 24 Feb 2021 11:43:33 GMT
server: cloudflare
etag: "11488-5bc138b71c482"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-varnish: 633399966 633367781
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
content-type: image/jpeg
cf-bgj: h2pri

GET
H2 200 1624257560.jpg
ross.on.ge/2021/06/21/ 11 KB
11 KB 167ms
167ms Image
image/jpeg 2606:4700:10::6816:425
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ross.on.ge/2021/06/21/1624257560.jpg
Requested by: Host: on.ge
URL: https://on.ge/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:425 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 428f8d1c5ddc7dd30950ed446f884a23fbe117be1b852f262711e1f634df39d1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://on.ge/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-varnish-cache: HIT
date: Fri, 26 Nov 2021 11:41:35 GMT
via: 1.1 varnish
cf-cache-status: REVALIDATED
cf-ray: 6b42d938fba75a3d-MXP
content-length: 11052
last-modified: Mon, 21 Jun 2021 07:00:58 GMT
server: cloudflare
etag: "2b2c-5c5413c4a22c7"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-varnish: 633399967 633339488
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
content-type: image/jpeg
cf-bgj: h2pri

GET
H2 200 BeFunky-collage_6.jpg
phoebe.on.ge/2021/11/26/ 38 KB
38 KB 36ms
35ms Image
image/jpeg 2606:4700:10::6816:425
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://phoebe.on.ge/2021/11/26/BeFunky-collage_6.jpg
Requested by: Host: on.ge
URL: https://on.ge/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:425 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5c5b7e46439a3660f3fa0b6aace975203eac59793aafa872f5ca895e23fb29ea

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://on.ge/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-varnish-cache: HIT
date: Fri, 26 Nov 2021 11:41:35 GMT
via: 1.1 varnish
cf-cache-status: HIT
age: 2573
cf-ray: 6b42d9392c4e5a3d-MXP
content-length: 38937
last-modified: Fri, 26 Nov 2021 10:53:02 GMT
server: cloudflare
etag: "9819-5d1aee52a84a6"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-varnish: 1263994212 1263987092
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
content-type: image/jpeg
cf-bgj: h2pri

GET
H2 200 sdk.js Show response
connect.facebook.net/ka_GE/ 3 KB
2 KB 25ms
8ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/ka_GE/sdk.js

Requested by

Host: on.ge
URL: https://on.ge/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

16bc2f38ed5138f76357cbe7eac53bc2fffcdef81a6ecf94956e7095e343ea8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://on.ge/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: QRn6rLXHAuvFqrsEhuqs6g==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
expires: Fri, 26 Nov 2021 12:00:33 GMT
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length: 1685
x-fb-rlafr: 0
x-fb-debug: IBgsdDNRdHZGR55oS4zohN0hl7UQavcEVqEkk++xs8XfAVCNdszfV/rP/jCbZwU9w7rSsMm8/AbKZ8sXB0DAcQ==
x-fb-trip-id: 917726464
x-fb-content-md5: bbd9795bae540626a094f9fe05e53fd2
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
date: Fri, 26 Nov 2021 11:41:35 GMT
x-frame-options: DENY
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public,max-age=1200,stale-while-revalidate=3600
etag: "85fd55c606a0b62593ba59886792e0dd"
timing-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5

GET
H2 200 bpg_rioni_vera-webfont.woff
static.on.ge/global/assets/fonts/ 34 KB
34 KB 104ms
50ms Font
font/opentype 2606:4700:10::6816:425
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.on.ge/global/assets/fonts/bpg_rioni_vera-webfont.woff
Requested by: Host: static.on.ge
URL: https://static.on.ge/on/assets/static/css/main.min.css?v=1624897448
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:425 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 25da41945119a3c852ad72354b4a96dc3a699e07d810b81fb3d61b66a44ff045

Request headers

Referer: https://static.on.ge/on/assets/static/css/main.min.css?v=1624897448
Origin: https://on.ge
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-varnish-cache: HIT
date: Fri, 26 Nov 2021 11:41:35 GMT
via: 1.1 varnish
cf-cache-status: HIT
age: 3834
content-type: font/opentype
content-length: 35160
last-modified: Wed, 11 Feb 2015 11:51:50 GMT
server: cloudflare
etag: "8958-50ecea0f4c180"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-varnish: 406022216 405998021
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 6b42d936dcd00e1e-MXP

GET
H2 200 BeFunky-collage_619e0dcd2041f.jpg
ross.on.ge/2021/11/24/ 305 KB
305 KB 341ms
329ms Image
image/jpeg 2606:4700:10::6816:425
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ross.on.ge/2021/11/24/BeFunky-collage_619e0dcd2041f.jpg
Requested by: Host: on.ge
URL: https://on.ge/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:425 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9146e735f91bbef09ce7056abb70f15a869632f7732498cb34091a88960aed3c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://on.ge/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-varnish-cache: HIT
date: Fri, 26 Nov 2021 11:41:35 GMT
via: 1.1 varnish
cf-cache-status: MISS
content-type: image/jpeg
content-length: 312205
last-modified: Wed, 24 Nov 2021 10:02:53 GMT
server: cloudflare
etag: "4c38d-5d185f6173da7"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-varnish: 1264055982 1264039623
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 6b42d936ad075a3d-MXP

GET
H2 200 257725861_5243603312323512_3903951282542342562_n_619ce410f1d4e.jpg
phoebe.on.ge/2021/11/23/ 62 KB
63 KB 294ms
293ms Image
image/jpeg 2606:4700:10::6816:425
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://phoebe.on.ge/2021/11/23/257725861_5243603312323512_3903951282542342562_n_619ce410f1d4e.jpg
Requested by: Host: on.ge
URL: https://on.ge/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:425 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 05f62f5d3f16508b64d4e6a1773d8f8b7dc5f0c86cca600397d87959f8a7c714

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://on.ge/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-varnish-cache: HIT
date: Fri, 26 Nov 2021 11:41:35 GMT
via: 1.1 varnish
cf-cache-status: MISS
content-type: image/jpeg
content-length: 63929
last-modified: Tue, 23 Nov 2021 12:52:32 GMT
server: cloudflare
etag: "f9b9-5d17437042d13"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-varnish: 1264056006 1264018278
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 6b42d9395ce95a3d-MXP

GET
H2 200 tsitlidze.jpg
ross.on.ge/2021/11/26/ 16 KB
16 KB 44ms
44ms Image
image/jpeg 2606:4700:10::6816:425
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ross.on.ge/2021/11/26/tsitlidze.jpg
Requested by: Host: on.ge
URL: https://on.ge/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:425 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3f1cc7e015771efdbc1ff7d32f4420efa3b22ba539e707235f2af08e883b8c42

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://on.ge/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-varnish-cache: MISS
date: Fri, 26 Nov 2021 11:41:35 GMT
via: 1.1 varnish
cf-cache-status: HIT
age: 2767
cf-ray: 6b42d9396d025a3d-MXP
content-length: 16491
last-modified: Fri, 26 Nov 2021 08:45:25 GMT
server: cloudflare
etag: "406b-5d1ad1cba29b9"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-varnish: 1263806446
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
content-type: image/jpeg
cf-bgj: h2pri

GET
H2 200 Capture_61a09bf7dd3a6.jpg
monica.on.ge/2021/11/26/ 26 KB
26 KB 56ms
55ms Image
image/jpeg 2606:4700:10::6816:425
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://monica.on.ge/2021/11/26/Capture_61a09bf7dd3a6.jpg
Requested by: Host: on.ge
URL: https://on.ge/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:425 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5ec162f5b91e84f6e142cc05a7ed68110cde27d5f3fe7aa41a804355c92a39d6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://on.ge/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-varnish-cache: MISS
date: Fri, 26 Nov 2021 11:41:35 GMT
via: 1.1 varnish
cf-cache-status: HIT
age: 2767
cf-ray: 6b42d939bde05a3d-MXP
content-length: 26820
last-modified: Fri, 26 Nov 2021 08:39:19 GMT
server: cloudflare
etag: "68c4-5d1ad06e8c584"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-varnish: 1263799056
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
content-type: image/jpeg
cf-bgj: h2pri

GET
H2 200 on.jpg
monica.on.ge/2021/11/26/ 13 KB
13 KB 25ms
25ms Image
image/jpeg 2606:4700:10::6816:425
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://monica.on.ge/2021/11/26/on.jpg
Requested by: Host: on.ge
URL: https://on.ge/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:425 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6259e182db3f69810e0db369be7d15c03f99ea3b91cc3b6cd6ac1139ab46b3e6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://on.ge/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-varnish-cache: MISS
date: Fri, 26 Nov 2021 11:41:35 GMT
via: 1.1 varnish
cf-cache-status: HIT
age: 2767
cf-ray: 6b42d939bde55a3d-MXP
content-length: 12993
last-modified: Fri, 26 Nov 2021 08:42:08 GMT
server: cloudflare
etag: "32c1-5d1ad10fba76c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-varnish: 1263799092
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
content-type: image/jpeg
cf-bgj: h2pri

GET
H2 200 zug_61a09bd7ebf4d.jpg
joey.on.ge/2021/11/26/ 20 KB
21 KB 32ms
32ms Image
image/jpeg 2606:4700:10::6816:425
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://joey.on.ge/2021/11/26/zug_61a09bd7ebf4d.jpg
Requested by: Host: on.ge
URL: https://on.ge/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:425 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 39cb189fe46252c93a9a9551f41dff8575d004c13b1b97ec4efefd902dd7facc

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://on.ge/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-varnish-cache: MISS
date: Fri, 26 Nov 2021 11:41:35 GMT
via: 1.1 varnish
cf-cache-status: HIT
age: 742
cf-ray: 6b42d939ce095a3d-MXP
content-length: 20984
last-modified: Fri, 26 Nov 2021 08:33:27 GMT
server: cloudflare
etag: "51f8-5d1acf1fc161f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-varnish: 1263820948
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
content-type: image/jpeg
cf-bgj: h2pri

GET
H2 200 Capture_61a0950278c31_61a0953e8ab1b.jpg
joey.on.ge/2021/11/26/ 29 KB
30 KB 32ms
32ms Image
image/jpeg 2606:4700:10::6816:425
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://joey.on.ge/2021/11/26/Capture_61a0950278c31_61a0953e8ab1b.jpg
Requested by: Host: on.ge
URL: https://on.ge/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:425 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 24b7928a6d1a8547143ee4834eaf2dc2b5e5618e7dbb9a92a6c952d24ed38a11

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://on.ge/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-varnish-cache: MISS
date: Fri, 26 Nov 2021 11:41:35 GMT
via: 1.1 varnish
cf-cache-status: HIT
age: 4809
cf-ray: 6b42d939de7b5a3d-MXP
content-length: 30161
last-modified: Fri, 26 Nov 2021 08:05:18 GMT
server: cloudflare
etag: "75d1-5d1ac8d49e1d5"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-varnish: 1263749462
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
content-type: image/jpeg
cf-bgj: h2pri

GET
H2 200 mosiashvili.jpg
joey.on.ge/2021/11/26/ 44 KB
44 KB 33ms
33ms Image
image/jpeg 2606:4700:10::6816:425
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://joey.on.ge/2021/11/26/mosiashvili.jpg
Requested by: Host: on.ge
URL: https://on.ge/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:425 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d51f91249d87c8fe7104d5434f1f9479ae44c2e32c8bdecc75165cb6fb89dacd

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://on.ge/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-varnish-cache: MISS
date: Fri, 26 Nov 2021 11:41:35 GMT
via: 1.1 varnish
cf-cache-status: HIT
age: 4807
cf-ray: 6b42d939de7e5a3d-MXP
content-length: 45353
last-modified: Fri, 26 Nov 2021 07:54:41 GMT
server: cloudflare
etag: "b129-5d1ac674ca4c9"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-varnish: 1263749460
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
content-type: image/jpeg
cf-bgj: h2pri

GET
H2 200 Capture_61a08bf28c3be.jpg
rachel.on.ge/2021/11/26/ 18 KB
18 KB 32ms
32ms Image
image/jpeg 2606:4700:10::6816:425
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rachel.on.ge/2021/11/26/Capture_61a08bf28c3be.jpg
Requested by: Host: on.ge
URL: https://on.ge/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:425 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8dd127d8c49bb504453c746463b3aacfdd7d3dffe98a2bea9d860207096d04f4

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://on.ge/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-varnish-cache: MISS
date: Fri, 26 Nov 2021 11:41:35 GMT
via: 1.1 varnish
cf-cache-status: HIT
age: 7082
cf-ray: 6b42d939feef5a3d-MXP
content-length: 18501
last-modified: Fri, 26 Nov 2021 07:25:38 GMT
server: cloudflare
etag: "4845-5d1abff6e1964"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-varnish: 1263709340
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
content-type: image/jpeg
cf-bgj: h2pri

GET
H2 200 k.jpg
joey.on.ge/2021/11/26/ 24 KB
24 KB 30ms
28ms Image
image/jpeg 2606:4700:10::6816:425
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://joey.on.ge/2021/11/26/k.jpg
Requested by: Host: on.ge
URL: https://on.ge/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:425 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d5ce460e2d9e895fb95672506ad2a16f241fd9cb2c56610eaf930869d9a5162b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://on.ge/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-varnish-cache: MISS
date: Fri, 26 Nov 2021 11:41:35 GMT
via: 1.1 varnish
cf-cache-status: HIT
age: 7082
cf-ray: 6b42d93a0f0f5a3d-MXP
content-length: 24653
last-modified: Fri, 26 Nov 2021 07:17:31 GMT
server: cloudflare
etag: "604d-5d1abe2683a25"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-varnish: 1263709344
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
content-type: image/jpeg
cf-bgj: h2pri

GET
H2 200 9U0A5743_copy_608bae9c1c5f3.jpg
monica.on.ge/2021/04/30/ 59 KB
59 KB 191ms
190ms Image
image/jpeg 2606:4700:10::6816:425
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://monica.on.ge/2021/04/30/9U0A5743_copy_608bae9c1c5f3.jpg
Requested by: Host: on.ge
URL: https://on.ge/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:425 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e732989758e6dcde3443f352c633422402e09c11c84f2f38b447e7e08b46316d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://on.ge/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-varnish-cache: HIT
date: Fri, 26 Nov 2021 11:41:35 GMT
via: 1.1 varnish
cf-cache-status: REVALIDATED
cf-ray: 6b42d93a0f105a3d-MXP
content-length: 60098
last-modified: Fri, 30 Apr 2021 07:15:40 GMT
server: cloudflare
etag: "eac2-5c12b61159a59"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-varnish: 1263662083 1263621446
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
content-type: image/jpeg
cf-bgj: h2pri

GET
H2 200 246712762_3162169910684485_4976505558864162367_n.jpg
monica.on.ge/2021/10/30/ 12 KB
12 KB 26ms
26ms Image
image/jpeg 2606:4700:10::6816:425
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://monica.on.ge/2021/10/30/246712762_3162169910684485_4976505558864162367_n.jpg
Requested by: Host: on.ge
URL: https://on.ge/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:425 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3c07fe23f59d46e63f37970ed22871c747a25c455108f8e77721268ff0d496fb

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://on.ge/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-varnish-cache: MISS
date: Fri, 26 Nov 2021 11:41:35 GMT
via: 1.1 varnish
cf-cache-status: HIT
age: 6531
cf-ray: 6b42d93a0f155a3d-MXP
content-length: 12174
last-modified: Sat, 30 Oct 2021 16:29:57 GMT
server: cloudflare
etag: "2f8e-5cf947454989c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-varnish: 34966765
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
content-type: image/jpeg
cf-bgj: h2pri

GET
H2 200 bad.jpg
monica.on.ge/2020/11/20/ 19 KB
19 KB 26ms
25ms Image
image/jpeg 2606:4700:10::6816:425
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://monica.on.ge/2020/11/20/bad.jpg
Requested by: Host: on.ge
URL: https://on.ge/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:425 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bb18c579bac62e2c65696db27124c04e3398eac321d6c8c0618a8c564e0c5b22

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://on.ge/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-varnish-cache: MISS
date: Fri, 26 Nov 2021 11:41:35 GMT
via: 1.1 varnish
cf-cache-status: HIT
age: 6531
cf-ray: 6b42d93a1f1e5a3d-MXP
content-length: 19031
last-modified: Fri, 20 Nov 2020 13:27:47 GMT
server: cloudflare
etag: "4a57-5b489cf7016a4"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-varnish: 34966766
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
content-type: image/jpeg
cf-bgj: h2pri

GET
H2 200 1637874400_619ffae822896.jpg
rachel.on.ge/2021/11/26/ 17 KB
17 KB 30ms
28ms Image
image/jpeg 2606:4700:10::6816:425
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rachel.on.ge/2021/11/26/1637874400_619ffae822896.jpg
Requested by: Host: on.ge
URL: https://on.ge/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:425 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 43d06024c58aeddc267957b11075b23a83df142704ebd7010995c0f8b1403432

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://on.ge/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-varnish-cache: MISS
date: Fri, 26 Nov 2021 11:41:35 GMT
via: 1.1 varnish
cf-cache-status: HIT
age: 7082
cf-ray: 6b42d93a1f285a3d-MXP
content-length: 17698
last-modified: Thu, 25 Nov 2021 21:06:48 GMT
server: cloudflare
etag: "4522-5d1a35a48ad79"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-varnish: 34933006
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
content-type: image/jpeg
cf-bgj: h2pri

GET
H2 200 logo-onge-bluish.svg
static.on.ge/global/assets/images/ 2 KB
1 KB 31ms
29ms Image
image/svg+xml 2606:4700:10::6816:425
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.on.ge/global/assets/images/logo-onge-bluish.svg
Requested by: Host: on.ge
URL: https://on.ge/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:425 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 827a4a7d6344f1692df996dee3beec9e9b1a616a4a5f7fe6e89062774ace0bf1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://on.ge/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-varnish-cache: MISS
date: Fri, 26 Nov 2021 11:41:35 GMT
via: 1.1 varnish
cf-cache-status: HIT
age: 3926
content-encoding: gzip
x-varnish: 524438489
last-modified: Fri, 18 Mar 2016 12:08:56 GMT
server: cloudflare
etag: W/"75e-52e519c869bf1"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31536000
cf-ray: 6b42d93a1f2b5a3d-MXP

GET
H2 200 cod Show response
counter.top.ge/cgi-bin/ 433 B
560 B 256ms
80ms Script
application/x-javascript 188.93.95.16
CLOUD9

General

Check archive.org

Show headers Download Go to

Full URL: https://counter.top.ge/cgi-bin/cod?100+97558
Requested by: Host: on.ge
URL: https://on.ge/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 188.93.95.16 Tbilisi, Georgia, ASN57814 (CLOUD9, GE),
Reverse DNS: counter.top.ge
Software: nginx/1.10.2 / PHP/5.4.41-0+deb7u1
Resource Hash: 672ae458a7aeb022a4e1294618263a4590e20750faf20a2bdc28c49200c4ce1d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://on.ge/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 26 Nov 2021 11:41:35 GMT
cache-control: max-age=864000
server: nginx/1.10.2
x-powered-by: PHP/5.4.41-0+deb7u1
content-length: 433
content-type: application/x-javascript

GET
H2 200 jquery.2.2.0.min.js Show response
static.on.ge/global/assets/js/ 84 KB
29 KB 36ms
35ms Script
application/javascript 2606:4700:10::6816:425
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.on.ge/global/assets/js/jquery.2.2.0.min.js
Requested by: Host: on.ge
URL: https://on.ge/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:425 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 601c06474a16936670a0477da2a777ccfca3301e3857204ec9b55dfa2c45287e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://on.ge/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-varnish-cache: MISS
date: Fri, 26 Nov 2021 11:41:35 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 3928
content-type: application/javascript
content-length: 29883
last-modified: Wed, 04 May 2016 13:24:45 GMT
server: cloudflare
etag: "14e54-53204262c1817-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-varnish: 523647729
via: 1.1 varnish
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 6b42d936bd245a3d-MXP

GET
H2 200 onbar.js Show response
account.on.ge/js/ 3 KB
1 KB 43ms
42ms Script
application/javascript 2606:4700:10::6816:425
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://account.on.ge/js/onbar.js?v=20160511
Requested by: Host: on.ge
URL: https://on.ge/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:425 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 70e1907d700df645dc16e1c4f0b85cb0255e9a5127da35e8851d85f6676c3de2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://on.ge/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-varnish-cache: HIT
date: Fri, 26 Nov 2021 11:41:35 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 5864
content-type: application/javascript
content-length: 1231
last-modified: Thu, 21 Jun 2018 14:07:24 GMT
server: cloudflare
etag: "bd1-56f276f42eb59-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-varnish: 960524774 960450753
via: 1.1 varnish
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 6b42d936cd3e5a3d-MXP

GET
H2 200 main.min.js Show response
static.on.ge/on/assets/static/js/ 381 KB
114 KB 31ms
30ms Script
application/javascript 2606:4700:10::6816:425
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.on.ge/on/assets/static/js/main.min.js?v=1624897448
Requested by: Host: on.ge
URL: https://on.ge/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:425 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 969a63e49dc6038f9d190a169930e96c26caaf62a0ac9e3d92ccd067e7d3d4a6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://on.ge/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-varnish-cache: MISS
date: Fri, 26 Nov 2021 11:41:35 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 4810
content-type: application/javascript
content-length: 116044
last-modified: Mon, 28 Jun 2021 16:13:36 GMT
server: cloudflare
etag: "5f55c-5c5d5c589c298-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-varnish: 2144933140
via: 1.1 varnish
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 6b42d936dd795a3d-MXP

GET
H2 200 _defs.svg
on.ge/assets/static/images/icons/ 22 KB
7 KB 30ms
30ms Other
image/svg+xml 2606:4700:10::6816:425
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://on.ge/assets/static/images/icons/_defs.svg?v=1624897448
Requested by: Host: on.ge
URL: https://on.ge/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:425 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dd14c46ec666d1ee4cbbc421dae525812048f01ce4cf5082e0a2ad50c005abf1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://on.ge/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-varnish-cache: HIT
date: Fri, 26 Nov 2021 11:41:35 GMT
via: 1.1 varnish
cf-cache-status: HIT
last-modified: Fri, 03 Jun 2016 22:55:49 GMT
server: cloudflare
age: 3454
etag: W/"5944-534679fb41d05"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-varnish: 1510094441 1510087620
content-type: image/svg+xml
cache-control: max-age=31536000
cf-ray: 6b42d9369ced5a3d-MXP
content-encoding: gzip

GET
H2 200 1631515100.gif
joey.on.ge/2021/09/13/ 639 KB
639 KB 385ms
384ms Image
image/gif 2606:4700:10::6816:425
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://joey.on.ge/2021/09/13/1631515100.gif
Requested by: Host: on.ge
URL: https://on.ge/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:425 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 62f44e764c8529846aadec48630e42a1f907355233f30b254838ad655745b7fa

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://on.ge/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-varnish-cache: HIT
date: Fri, 26 Nov 2021 11:41:36 GMT
via: 1.1 varnish
cf-cache-status: MISS
content-type: image/gif
content-length: 653840
last-modified: Mon, 13 Sep 2021 06:38:20 GMT
server: cloudflare
etag: "9fa10-5cbdab5fd0f32"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-varnish: 1264056008 1263998352
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 6b42d93a1f385a3d-MXP

GET
H2 200 DejaVuSansM.woff
static.on.ge/global/assets/fonts/ 25 KB
26 KB 68ms
43ms Font
font/opentype 2606:4700:10::6816:425
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.on.ge/global/assets/fonts/DejaVuSansM.woff
Requested by: Host: static.on.ge
URL: https://static.on.ge/on/assets/static/css/main.min.css?v=1624897448
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:425 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aefebda2cf8bbba336a120aa6c0c91bfee60e8f3cc4531c3c870403b376256d4

Request headers

Referer: https://static.on.ge/on/assets/static/css/main.min.css?v=1624897448
Origin: https://on.ge
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-varnish-cache: HIT
date: Fri, 26 Nov 2021 11:41:35 GMT
via: 1.1 varnish
cf-cache-status: HIT
age: 3832
content-type: font/opentype
content-length: 25876
last-modified: Wed, 11 Feb 2015 11:51:50 GMT
server: cloudflare
etag: "6514-50ecea0f4c180"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-varnish: 1055882651 1055869276
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 6b42d936dcdd0e1e-MXP

GET
H2 200 DejaVuSansM-Bold.woff
static.on.ge/global/assets/fonts/ 26 KB
26 KB 79ms
56ms Font
font/opentype 2606:4700:10::6816:425
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.on.ge/global/assets/fonts/DejaVuSansM-Bold.woff
Requested by: Host: static.on.ge
URL: https://static.on.ge/on/assets/static/css/main.min.css?v=1624897448
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:425 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d52e9bb73ba9811882bea73b980c1e7a895ce0b4cbeed0ec5f330bddb6a87d56

Request headers

Referer: https://static.on.ge/on/assets/static/css/main.min.css?v=1624897448
Origin: https://on.ge
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-varnish-cache: HIT
date: Fri, 26 Nov 2021 11:41:35 GMT
via: 1.1 varnish
cf-cache-status: HIT
age: 3833
content-type: font/opentype
content-length: 26184
last-modified: Wed, 11 Feb 2015 11:51:50 GMT
server: cloudflare
etag: "6648-50ecea0f4c180"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-varnish: 1592093242 1592025927
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 6b42d936dcd40e1e-MXP

GET
H2 200 OneSignalPageSDKES6.js Show response
cdn.onesignal.com/sdks/ 283 KB
68 KB 41ms
40ms Script
application/javascript 2606:4700::6812:e134
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151510
Requested by: Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalSDK.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:e134 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ba83c227cde7d4c34fb514ccd483305e8dfef365e6b2b70a126f2d73adaa1691

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://on.ge/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 26 Nov 2021 11:41:35 GMT
content-encoding: br
cf-cache-status: HIT
server: cloudflare
age: 189
etag: W/"bac537a7eba0b66473f70a7a4bf837c4"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=259200
cf-ray: 6b42d9373e0d5a37-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires: Mon, 29 Nov 2021 11:41:35 GMT

GET
H3 200 pubads_impl_2021111601.js Show response
securepubads.g.doubleclick.net/gpt/ 344 KB
116 KB 33ms
17ms Script
text/javascript 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111601.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

sffe /

Resource Hash

3eee78aaf4f9dc8d0d36d3dddbaad9094ace5d91611f9aee6fe0b44b0ed46ccc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://on.ge/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 26 Nov 2021 11:41:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 118471
x-xss-protection: 0
last-modified: Tue, 16 Nov 2021 09:34:07 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Fri, 26 Nov 2021 11:41:35 GMT

GET
H2 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 24 B
676 B 41ms
17ms XHR
application/json 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=on.ge

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

824f4e786c42783de79ec7c924e0e707f79e282e0ef35bd06598d87a817c67c2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://on.ge/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 26 Nov 2021 11:41:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 40
x-xss-protection: 0
expires: Fri, 26 Nov 2021 11:41:35 GMT

GET
H2 200 c.html Show response
cdn.admixer.net/scripts3/ Frame 67C2 738 B
485 B 27ms
26ms Document
text/html 2a03:90c0:41:2801::254
GCORE

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.admixer.net/scripts3/c.html?b=f7d12841-41d7-403e-aee3-a88934f6d7f1
Requested by: Host: cdn.admixer.net
URL: https://cdn.admixer.net/scripts3/loader2.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: 6226df8c5bdf6ffda14992098c849dc8033db63fffd71d912056908385b3ba99

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://on.ge/

Response headers

server: nginx
date: Fri, 26 Nov 2021 11:41:35 GMT
content-type: text/html
last-modified: Thu, 25 Nov 2021 15:33:43 GMT
vary: Accept-Encoding
etag: W/"619facd7-2e2"
expires: Sun, 27 Nov 2022 10:08:11 GMT
cache-control: max-age=31622400
cache: HIT
x-cached-since: 2021-11-26T10:08:11+00:00
x-id: fr5-up-gc33
content-encoding: gzip

GET
H2 200 ae85f19996d2e523ddd7.b.js Show response
cdn.admixer.net/scripts3/ 23 KB
9 KB 24ms
22ms Script
application/javascript 2a03:90c0:41:2801::254
GCORE

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.admixer.net/scripts3/ae85f19996d2e523ddd7.b.js
Requested by: Host: cdn.admixer.net
URL: https://cdn.admixer.net/scripts3/loader2.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: e97e4e1a626109cc68dd6c4d590bb9af6f32522664224e559e4f2e48d9c4da53

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://on.ge/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-id: fr5-up-gc33
date: Fri, 26 Nov 2021 11:41:35 GMT
content-encoding: gzip
last-modified: Thu, 25 Nov 2021 15:33:41 GMT
server: nginx
etag: W/"619facd5-5d41"
vary: Accept-Encoding
x-cached-since: 2021-11-25T15:34:40+00:00
content-type: application/javascript
cache-control: max-age=31622400
cache: HIT
expires: Sat, 26 Nov 2022 15:34:40 GMT

GET
H2 200 d3466cbc35de4d0d79a7.b.js Show response
cdn.admixer.net/scripts3/ 93 KB
26 KB 26ms
24ms Script
application/javascript 2a03:90c0:41:2801::254
GCORE

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.admixer.net/scripts3/d3466cbc35de4d0d79a7.b.js
Requested by: Host: cdn.admixer.net
URL: https://cdn.admixer.net/scripts3/loader2.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: b8c24e0eb4936acd96980e25529e8c274e87555e6a7b2571fe26bcb0122e7d32

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://on.ge/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-id: fr5-up-gc33
date: Fri, 26 Nov 2021 11:41:35 GMT
content-encoding: gzip
last-modified: Thu, 25 Nov 2021 15:33:44 GMT
server: nginx
etag: W/"619facd8-175f0"
vary: Accept-Encoding
x-cached-since: 2021-11-25T15:34:38+00:00
content-type: application/javascript
cache-control: max-age=31622400
cache: HIT
expires: Sat, 26 Nov 2022 15:34:38 GMT

GET
H2 200 web Show response
onesignal.com/api/v1/sync/ecf9e160-8d86-41ff-83dd-c88538b3a327/ 3 KB
2 KB 29ms
28ms Script
text/javascript 2606:4700::6812:e134
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://onesignal.com/api/v1/sync/ecf9e160-8d86-41ff-83dd-c88538b3a327/web?callback=__jp0

Requested by

Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151510

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:e134 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5a7a6f32f76c0d90b5253e66a40ed080c74c035abb2cf400dcaaa9c6abeaf8f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://on.ge/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 26 Nov 2021 11:41:35 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 3203
cf-polished: origSize=3091
status: 200 OK
x-envoy-upstream-service-time: 67
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-xss-protection: 1; mode=block
x-request-id: 1c21c2c9-3030-4efc-b414-e162a53c2f9a
x-runtime: 0.063998
referrer-policy: strict-origin-when-cross-origin
cf-bgj: minify
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"fdf363977db1167ee34b157142e09bf6"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=3600
cf-ray: 6b42d93a2ee75a37-MXP
access-control-allow-headers: SDK-Version
expires: Fri, 26 Nov 2021 12:41:35 GMT

GET
H2 200 count
counter.top.ge/cgi-bin/ 347 B
860 B 95ms
94ms Image
img/html 188.93.95.16
CLOUD9

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://counter.top.ge/cgi-bin/count?ID:97558+JS:11+REFERER:+RESOLUTION:1600X1200+DEPT:24+RAND:6086.497030878309+ISFRM:0
Requested by: Host: on.ge
URL: https://on.ge/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 188.93.95.16 Tbilisi, Georgia, ASN57814 (CLOUD9, GE),
Reverse DNS: counter.top.ge
Software: nginx/1.10.2 /
Resource Hash: dcae1621a206a6ae7a93d75cfdb625e2f3e8975ef2f531ff7a822ce19fe98e4f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://on.ge/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 26 Nov 2021 11:41:35 GMT
server: nginx/1.10.2
p3p: CP='NOI PSA OUR BUS UNI', policyref='http://counter.top.ge/w3c/p3p.xml'
content-type: img/html

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 112 KB
42 KB 47ms
22ms Script
application/javascript 2a00:1450:4001:82a::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-WFSNJQ

Requested by

Host: on.ge
URL: https://on.ge/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

58ef11ef59544ffcd3d4d423847401bff935b1ae3a06caf9f5a696c7e019c78c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://on.ge/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 26 Nov 2021 11:41:35 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42967
x-xss-protection: 0
last-modified: Fri, 26 Nov 2021 09:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 26 Nov 2021 11:41:35 GMT

GET
DATA 200
OK truncated
/ 27 KB
27 KB Font
font/opentype

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a619a2957f2027aa6b7ae4a6248bd84773c071273fe2d00daa602b090370d314

Request headers

Referer
Origin: https://on.ge
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Type: font/opentype

GET
H/1.1 200
OK dsp.aspx Show response
inv-nets.admixer.net/ 12 KB
4 KB 31ms
10ms Script
application/javascript 146.0.227.110
VELIANET-AS velia...

General

Check archive.org

Show headers Download Go to

Full URL

https://inv-nets.admixer.net/dsp.aspx?sender=admixer&rct=4&v=2.0&rnd=4136144277711693&cpv=44561a9e-6610-8c97-434c-42c2d567c9e0&responseType=default&uids=%7B%7D&fpd=%7B%7D&kvTargeting=%7B%7D&data=%7B%22id%22%3A%220de96029-927a-80f2-5bf7-a7880de3df88%22%2C%22site%22%3A%7B%22page%22%3A%22https%253A%252F%252Fon.ge%252F%22%2C%22ref%22%3A%22%22%2C%22sf%22%3A0%7D%2C%22device%22%3A%7B%22ua%22%3A%22Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F96.0.4664.45%20Safari%2F537.36%22%2C%22sr%22%3A%221600x1200%22%7D%2C%22labels%22%3A%7B%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%224cb9be35-ddf5-c739-0320-052485d802b6%22%2C%22tagid%22%3A%2278ca8a12-b352-4c62-b28c-eda6c3d249be%22%2C%22ext%22%3A%7B%22ph%22%3A%22admixer_78ca8a12b3524c62b28ceda6c3d249be_zone_59299_sect_17556_site_12547%22%2C%22pos%22%3A1%2C%22inView%22%3A1%7D%2C%22i%22%3A%22inv-nets%22%2C%22sender%22%3A%22admixer%22%7D%2C%7B%22id%22%3A%2284a5ac04-f910-17f0-1d5a-52c12e951795%22%2C%22tagid%22%3A%22ad6c6bdd-5e61-4684-a697-a03a14484d9d%22%2C%22ext%22%3A%7B%22ph%22%3A%22admixer_ad6c6bdd5e614684a697a03a14484d9d_zone_56946_sect_16844_site_12547%22%2C%22pos%22%3A1%2C%22inView%22%3A1%7D%2C%22i%22%3A%22inv-nets%22%2C%22sender%22%3A%22admixer%22%7D%2C%7B%22id%22%3A%22b0182707-9b12-9e0b-5a69-4ee2866d0a8e%22%2C%22tagid%22%3A%22c967266f-2e79-4705-a8a7-902c6440a64e%22%2C%22ext%22%3A%7B%22ph%22%3A%22admixer_c967266f2e794705a8a7902c6440a64e_zone_59319_sect_17567_site_12547%22%2C%22pos%22%3A1%2C%22inView%22%3A1%7D%2C%22i%22%3A%22inv-nets%22%2C%22sender%22%3A%22admixer%22%7D%2C%7B%22id%22%3A%22ff678046-6bd7-ca25-381e-a759008fd9f8%22%2C%22tagid%22%3A%2272becbfa-e6ce-4d6e-aa61-16ec4740ce05%22%2C%22ext%22%3A%7B%22ph%22%3A%22admixer_72becbfae6ce4d6eaa6116ec4740ce05_zone_59321_sect_17567_site_12547%22%2C%22pos%22%3A1%2C%22inView%22%3A1%7D%2C%22i%22%3A%22inv-nets%22%2C%22sender%22%3A%22admixer%22%7D%2C%7B%22id%22%3A%226e7322be-059e-5ed6-379b-dcb8801f7f64%22%2C%22tagid%22%3A%221ea1813c-986e-430b-9942-ffe49703c495%22%2C%22ext%22%3A%7B%22ph%22%3A%22admixer_1ea1813c986e430b9942ffe49703c495_zone_59323_sect_17569_site_12547%22%2C%22pos%22%3A0%2C%22inView%22%3A0%7D%2C%22i%22%3A%22inv-nets%22%2C%22sender%22%3A%22admixer%22%7D%2C%7B%22id%22%3A%221b87e958-9373-ee11-473e-df9f62eb476d%22%2C%22tagid%22%3A%220688eb7c-6ce8-40c7-8300-d2e1f920928b%22%2C%22ext%22%3A%7B%22ph%22%3A%22admixer_0688eb7c6ce840c78300d2e1f920928b_zone_59064_sect_17513_site_12547%22%2C%22pos%22%3A0%2C%22inView%22%3A0%7D%2C%22i%22%3A%22inv-nets%22%2C%22sender%22%3A%22admixer%22%7D%5D%2C%22allimps%22%3A6%7D&am-uid=null&3rdEnabled=true&3rd=true

Requested by

Host: cdn.admixer.net
URL: https://cdn.admixer.net/scripts3/d3466cbc35de4d0d79a7.b.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

146.0.227.110 , Ascension Island, ASN29066 (VELIANET-AS velia.net Internetdienste GmbH, DE),

Reverse DNS

Software

nginx /

Resource Hash

09dbc93462edd6df359dbcb55d2f18360b75316c04b827675f942fa361644525

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://on.ge/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Fri, 26 Nov 2021 11:41:35 GMT
Content-Encoding: gzip
Server: nginx
P3p: CP="NID DSP ALL COR"
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/javascript
Keep-Alive: timeout=25
Content-Length: 3202
X-Xss-Protection: 0

GET
H2 200 dejavuserif.woff2
static.on.ge/global/assets/fonts/dejavu-2.35/ 36 KB
36 KB 39ms
39ms Font
font/opentype 2606:4700:10::6816:425
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.on.ge/global/assets/fonts/dejavu-2.35/dejavuserif.woff2
Requested by: Host: static.on.ge
URL: https://static.on.ge/on/assets/static/css/main.min.css?v=1624897448
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:425 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4f907b51ac57fa6a3584fa078eb61ca83f01d2aeb273eb93ab018be93bed9a05

Request headers

Referer: https://static.on.ge/on/assets/static/css/main.min.css?v=1624897448
Origin: https://on.ge
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-varnish-cache: HIT
date: Fri, 26 Nov 2021 11:41:35 GMT
via: 1.1 varnish
cf-cache-status: HIT
age: 3832
content-type: font/opentype
content-length: 36544
last-modified: Fri, 22 Jan 2016 13:22:16 GMT
server: cloudflare
etag: "8ec0-529ec1b9f5b59"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-varnish: 1592093274 1592025279
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 6b42d938d9550e1e-MXP

GET
H2 200 / Show response
services.on.ge/time/ 13 B
109 B 200ms
190ms XHR
text/html 2606:4700:10::6816:425
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://services.on.ge/time/
Requested by: Host: static.on.ge
URL: https://static.on.ge/global/assets/js/jquery.2.2.0.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:425 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 69322c6d739e267ff75dcaadd7316224262f295de12b6d9055a8b1408d54deae

Request headers

Accept: */*
Referer: https://on.ge/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-varnish-cache: MISS
date: Fri, 26 Nov 2021 11:41:35 GMT
via: 1.1 varnish
cf-cache-status: DYNAMIC
age: 0
content-encoding: gzip
pragma: no-cache
x-varnish: 1264056003
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://on.ge
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-ray: 6b42d938f98e0e1e-MXP
expires: Sun, 01 Jan 2014 00:00:00 GMT

GET
H2 200 / Show response
services.on.ge/time/ 13 B
241 B 194ms
186ms XHR
text/html 2606:4700:10::6816:425
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://services.on.ge/time/
Requested by: Host: static.on.ge
URL: https://static.on.ge/global/assets/js/jquery.2.2.0.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:425 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 69322c6d739e267ff75dcaadd7316224262f295de12b6d9055a8b1408d54deae

Request headers

Accept: */*
Referer: https://on.ge/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-varnish-cache: MISS
date: Fri, 26 Nov 2021 11:41:35 GMT
via: 1.1 varnish
cf-cache-status: DYNAMIC
age: 0
content-encoding: gzip
pragma: no-cache
x-varnish: 1264056002
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://on.ge
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-ray: 6b42d938f9900e1e-MXP
expires: Sun, 01 Jan 2014 00:00:00 GMT

GET
H3 200 sdk.js Show response
connect.facebook.net/ka_GE/ 285 KB
81 KB 20ms
10ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/ka_GE/sdk.js?hash=b20ee1a3af7ade26422a57c1e38d13bc

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/ka_GE/sdk.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

4cb99750ff6345978eaed2c4947bfd4dcbebc07725cb000285df6310f308e553

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://on.ge/
Origin: https://on.ge
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: pEHMscqb4UV/7cHAd5hjtQ==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
expires: Sat, 26 Nov 2022 11:40:37 GMT
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length: 82955
x-fb-rlafr: 0
x-fb-debug: sOGkXUml+609SyUvjM8Mq6GqBumZJs0wN03PwcrHkvai2uuYVXWsES1ny2yzX2mzqqyk9FfPKE/ex4cxB3rjIA==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-content-md5: 1218d76e5945ed2deb9027b1bf9b6547
cross-origin-opener-policy: same-origin-allow-popups
date: Fri, 26 Nov 2021 11:41:35 GMT
x-frame-options: DENY
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
etag: "b05ffd94a45eb8ccdfcab2f1e8b93d8a"
timing-allow-origin: *
priority: u=3,i
access-control-expose-headers: X-FB-Content-MD5

GET
H2 200 /
www.facebook.com/tr/ 44 B
408 B 25ms
7ms Image
image/gif 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1740035346240245&ev=fb_page_view&dl=https%3A%2F%2Fon.ge%2F&rl=&if=false&ts=1637926895625&sw=1600&sh=1200&at=

Requested by

Host: on.ge
URL: https://on.ge/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://on.ge/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 26 Nov 2021 11:41:35 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600
content-length: 44
expires: Fri, 26 Nov 2021 11:41:35 GMT

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
792 B 44ms
16ms Script
application/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=on.ge

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111601.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://on.ge/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 26 Nov 2021 11:41:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 44ms
17ms Script
application/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=on.ge

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111601.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://on.ge/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 26 Nov 2021 11:41:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 886 B
279 B 60ms
59ms XHR
text/plain 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=636992358702881&correlator=923225656104952&output=ldjh&impl=fifs&eid=31063812&vrg=2021111601&ptt=17&sc=1&sfv=1-0-38&ecs=20211126&iu_parts=139991106%2Conge__bg_home%2Conge__dm_07_home&enc_prev_ius=%2F0%2F1%2C%2F0%2F2&prev_iu_szs=1594x900%2C970x90&eri=1&cookie_enabled=1&bc=31&abxe=1&lmt=1637926895&dt=1637926895773&dlt=1637926895021&idt=729&frm=20&biw=1600&bih=1200&oid=2&adxs=3%2C304&adys=40%2C3569&adks=3855367674%2C2247226459&ucis=1%7C2&ifi=1&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fon.ge%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1600x4233%7C992x3548&msz=1600x-1%7C992x40&ga_vid=1445716364.1637926896&ga_sid=1637926896&ga_hid=938194665&ga_fc=false&fws=516%2C0&ohw=1600%2C0&btvi=0%7C1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111601.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

401deda3e474391f29669b2d37c9840a850d5ee861b333caed9da0abe9fbad66

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://on.ge/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 26 Nov 2021 11:41:35 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2,-2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 249
x-xss-protection: 0
google-lineitem-id: -2,-2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2,-2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://on.ge
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
b5b81767a289b1a0fba988d6f5c9eff3.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 2DDA 6 KB
4 KB 73ms
17ms Document
text/html 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://b5b81767a289b1a0fba988d6f5c9eff3.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111601.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://on.ge/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
date: Fri, 26 Nov 2021 11:41:35 GMT
expires: Sat, 26 Nov 2022 11:41:35 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 366ee700b9c746906336.b.js Show response
cdn.admixer.net/scripts3/ 28 KB
11 KB 37ms
35ms Script
application/javascript 2a03:90c0:41:2801::254
GCORE

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.admixer.net/scripts3/366ee700b9c746906336.b.js
Requested by: Host: cdn.admixer.net
URL: https://cdn.admixer.net/scripts3/loader2.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: a941be2318d79441ad1a966e6720e8129624611ee13198f78f7c2e59dbb2668b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://on.ge/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-id: fr5-up-gc33
date: Fri, 26 Nov 2021 11:41:35 GMT
content-encoding: gzip
last-modified: Thu, 25 Nov 2021 15:33:34 GMT
server: nginx
etag: W/"619facce-702f"
vary: Accept-Encoding
x-cached-since: 2021-11-25T15:34:43+00:00
content-type: application/javascript
cache-control: max-age=31622400
cache: HIT
expires: Sat, 26 Nov 2022 15:34:43 GMT

GET
H2 200 96e75df30cb0c2960782.b.js Show response
cdn.admixer.net/scripts3/ 42 KB
18 KB 38ms
37ms Script
application/javascript 2a03:90c0:41:2801::254
GCORE

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.admixer.net/scripts3/96e75df30cb0c2960782.b.js
Requested by: Host: cdn.admixer.net
URL: https://cdn.admixer.net/scripts3/loader2.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: ea3b3fccc80ec2367900c7b7fff7162a7ba2bff793b31df137ac8bfe1826a7e0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://on.ge/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-id: fr5-up-gc33
date: Fri, 26 Nov 2021 11:41:35 GMT
content-encoding: gzip
last-modified: Thu, 25 Nov 2021 15:33:40 GMT
server: nginx
etag: W/"619facd4-a793"
vary: Accept-Encoding
x-cached-since: 2021-11-25T15:34:43+00:00
content-type: application/javascript
cache-control: max-age=31622400
cache: HIT
expires: Sat, 26 Nov 2022 15:34:43 GMT

GET
H2 200 d7a232625e8b46740f32.b.js Show response
cdn.admixer.net/scripts3/ 13 KB
5 KB 37ms
36ms Script
application/javascript 2a03:90c0:41:2801::254
GCORE

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.admixer.net/scripts3/d7a232625e8b46740f32.b.js
Requested by: Host: cdn.admixer.net
URL: https://cdn.admixer.net/scripts3/loader2.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: f71a2212eabcd2e75afe61c0fb04dd593b8ffdf48989c40877c30d7fdd54f25a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://on.ge/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-id: fr5-up-gc33
date: Fri, 26 Nov 2021 11:41:35 GMT
content-encoding: gzip
last-modified: Thu, 25 Nov 2021 15:33:44 GMT
server: nginx
etag: W/"619facd8-326c"
vary: Accept-Encoding
x-cached-since: 2021-11-25T15:34:43+00:00
content-type: application/javascript
cache-control: max-age=31622400
cache: HIT
expires: Sat, 26 Nov 2022 15:34:43 GMT

GET
H2 200 c5269cdd87d00faac127.b.js Show response
cdn.admixer.net/scripts3/ 11 KB
4 KB 40ms
40ms Script
application/javascript 2a03:90c0:41:2801::254
GCORE

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.admixer.net/scripts3/c5269cdd87d00faac127.b.js
Requested by: Host: cdn.admixer.net
URL: https://cdn.admixer.net/scripts3/loader2.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: 28333d75fe86f4d034f512efaea2e39f21f33e4cd8385ed715f931e16236821b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://on.ge/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-id: fr5-up-gc33
date: Fri, 26 Nov 2021 11:41:35 GMT
content-encoding: gzip
last-modified: Thu, 25 Nov 2021 15:33:44 GMT
server: nginx
etag: W/"619facd8-2a79"
vary: Accept-Encoding
x-cached-since: 2021-11-25T15:34:43+00:00
content-type: application/javascript
cache-control: max-age=31622400
cache: HIT
expires: Sat, 26 Nov 2022 15:34:43 GMT

GET
H2 200 627e715da16b80df4315.b.js Show response
cdn.admixer.net/scripts3/ 214 KB
74 KB 41ms
41ms Script
application/javascript 2a03:90c0:41:2801::254
GCORE

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.admixer.net/scripts3/627e715da16b80df4315.b.js
Requested by: Host: cdn.admixer.net
URL: https://cdn.admixer.net/scripts3/loader2.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: 267af5a9d0c450f643fa97ce518f770ddf80663c589eca901b707391fa6ba9d0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://on.ge/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-id: fr5-up-gc33
date: Fri, 26 Nov 2021 11:41:35 GMT
content-encoding: gzip
last-modified: Thu, 25 Nov 2021 15:33:36 GMT
server: nginx
etag: W/"619facd0-3574f"
vary: Accept-Encoding
x-cached-since: 2021-11-25T15:34:42+00:00
content-type: application/javascript
cache-control: max-age=31622400
cache: HIT
expires: Sat, 26 Nov 2022 15:34:42 GMT

GET
H2 200 / Show response
onetag-sys.com/usync/ Frame C342 2 KB
814 B 34ms
9ms Document
text/html 51.75.86.98
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/usync/?pubId=59d216e971852f2

Requested by

Host: inv-nets.admixer.net
URL: https://inv-nets.admixer.net/dsp.aspx?sender=admixer&rct=4&v=2.0&rnd=4136144277711693&cpv=44561a9e-6610-8c97-434c-42c2d567c9e0&responseType=default&uids=%7B%7D&fpd=%7B%7D&kvTargeting=%7B%7D&data=%7B%22id%22%3A%220de96029-927a-80f2-5bf7-a7880de3df88%22%2C%22site%22%3A%7B%22page%22%3A%22https%253A%252F%252Fon.ge%252F%22%2C%22ref%22%3A%22%22%2C%22sf%22%3A0%7D%2C%22device%22%3A%7B%22ua%22%3A%22Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F96.0.4664.45%20Safari%2F537.36%22%2C%22sr%22%3A%221600x1200%22%7D%2C%22labels%22%3A%7B%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%224cb9be35-ddf5-c739-0320-052485d802b6%22%2C%22tagid%22%3A%2278ca8a12-b352-4c62-b28c-eda6c3d249be%22%2C%22ext%22%3A%7B%22ph%22%3A%22admixer_78ca8a12b3524c62b28ceda6c3d249be_zone_59299_sect_17556_site_12547%22%2C%22pos%22%3A1%2C%22inView%22%3A1%7D%2C%22i%22%3A%22inv-nets%22%2C%22sender%22%3A%22admixer%22%7D%2C%7B%22id%22%3A%2284a5ac04-f910-17f0-1d5a-52c12e951795%22%2C%22tagid%22%3A%22ad6c6bdd-5e61-4684-a697-a03a14484d9d%22%2C%22ext%22%3A%7B%22ph%22%3A%22admixer_ad6c6bdd5e614684a697a03a14484d9d_zone_56946_sect_16844_site_12547%22%2C%22pos%22%3A1%2C%22inView%22%3A1%7D%2C%22i%22%3A%22inv-nets%22%2C%22sender%22%3A%22admixer%22%7D%2C%7B%22id%22%3A%22b0182707-9b12-9e0b-5a69-4ee2866d0a8e%22%2C%22tagid%22%3A%22c967266f-2e79-4705-a8a7-902c6440a64e%22%2C%22ext%22%3A%7B%22ph%22%3A%22admixer_c967266f2e794705a8a7902c6440a64e_zone_59319_sect_17567_site_12547%22%2C%22pos%22%3A1%2C%22inView%22%3A1%7D%2C%22i%22%3A%22inv-nets%22%2C%22sender%22%3A%22admixer%22%7D%2C%7B%22id%22%3A%22ff678046-6bd7-ca25-381e-a759008fd9f8%22%2C%22tagid%22%3A%2272becbfa-e6ce-4d6e-aa61-16ec4740ce05%22%2C%22ext%22%3A%7B%22ph%22%3A%22admixer_72becbfae6ce4d6eaa6116ec4740ce05_zone_59321_sect_17567_site_12547%22%2C%22pos%22%3A1%2C%22inView%22%3A1%7D%2C%22i%22%3A%22inv-nets%22%2C%22sender%22%3A%22admixer%22%7D%2C%7B%22id%22%3A%226e7322be-059e-5ed6-379b-dcb8801f7f64%22%2C%22tagid%22%3A%221ea1813c-986e-430b-9942-ffe49703c495%22%2C%22ext%22%3A%7B%22ph%22%3A%22admixer_1ea1813c986e430b9942ffe49703c495_zone_59323_sect_17569_site_12547%22%2C%22pos%22%3A0%2C%22inView%22%3A0%7D%2C%22i%22%3A%22inv-nets%22%2C%22sender%22%3A%22admixer%22%7D%2C%7B%22id%22%3A%221b87e958-9373-ee11-473e-df9f62eb476d%22%2C%22tagid%22%3A%220688eb7c-6ce8-40c7-8300-d2e1f920928b%22%2C%22ext%22%3A%7B%22ph%22%3A%22admixer_0688eb7c6ce840c78300d2e1f920928b_zone_59064_sect_17513_site_12547%22%2C%22pos%22%3A0%2C%22inView%22%3A0%7D%2C%22i%22%3A%22inv-nets%22%2C%22sender%22%3A%22admixer%22%7D%5D%2C%22allimps%22%3A6%7D&am-uid=null&3rdEnabled=true&3rd=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.75.86.98 , France, ASN16276 (OVH, FR),

Reverse DNS

ip98.ip-51-75-86.eu

Software

Resource Hash

37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://on.ge/

Response headers

content-type: text/html
cache-control: no-transform, no-cache
content-encoding: gzip
content-length: 731
strict-transport-security: max-age=15552000

GET
H/1.1

200
OK

1px-matching-go2net.gif
m.trafmag.com/images/
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=admixer_technologies&google_hm=ZjA0MTFkMjYyNjhlNGJlMmIyNDI5MWQxMGUzODY0Y2Y=&google_cm
https://cm.g.doubleclick.net/pixel?google_nid=admixer_technologies&google_hm=ZjA0MTFkMjYyNjhlNGJlMmIyNDI5MWQxMGUzODY0Y2Y=&google_cm=&google_tc=
https://inv-nets.admixer.net/gadx/cm.aspx?google_nid=admixer_technologies&google_gid=CAESEFRZ5_Nj8Nz1MOmq5bMdE4o&google_cver=1
https://m.trafmag.com/images/1px-matching-go2net.gif?id=f0411d26268e4be2b24291d10e3864cf

35 B
351 B

60ms
19ms

Image
image/gif

193.200.65.6
GIVEME-CLOUD

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://m.trafmag.com/images/1px-matching-go2net.gif?id=f0411d26268e4be2b24291d10e3864cf
Requested by: Host: on.ge
URL: https://on.ge/
Protocol: HTTP/1.1
Server: 193.200.65.6 Amsterdam, Netherlands, ASN6681 (GIVEME-CLOUD, PL),
Reverse DNS: adforce.team
Software: nginx /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://on.ge/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Fri, 26 Nov 2021 11:41:36 GMT
Server: nginx
Connection: keep-alive
Content-Type: image/gif
Content-Length: 35
P3P: CP="NON DSP COR CURa TIA"

Redirect headers

Date: Fri, 26 Nov 2021 11:41:36 GMT
Server: nginx
Access-Control-Allow-Origin: *
P3p: CP="NID DSP ALL COR"
Location: https://m.trafmag.com/images/1px-matching-go2net.gif?id=f0411d26268e4be2b24291d10e3864cf
Access-Control-Allow-Credentials: true
Connection: keep-alive
Keep-Alive: timeout=25
Content-Length: 0
X-Xss-Protection: 0

GET
H/1.1

200
OK

1px-matching-go2net.gif
m.trafmag.com/images/
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=admixer_dmp&google_cm
https://cm.g.doubleclick.net/pixel?google_nid=admixer_dmp&google_cm=&google_tc=
https://inv-nets.admixer.net/gadx/cm.aspx?google_gid=CAESEACHXsnLlXrihJ_dxB8ttPc&google_cver=1
https://m.trafmag.com/images/1px-matching-go2net.gif?id=f0411d26268e4be2b24291d10e3864cf

35 B
351 B

61ms
19ms

Image
image/gif

193.200.65.6
GIVEME-CLOUD

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://m.trafmag.com/images/1px-matching-go2net.gif?id=f0411d26268e4be2b24291d10e3864cf
Requested by: Host: on.ge
URL: https://on.ge/
Protocol: HTTP/1.1
Server: 193.200.65.6 Amsterdam, Netherlands, ASN6681 (GIVEME-CLOUD, PL),
Reverse DNS: adforce.team
Software: nginx /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://on.ge/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Fri, 26 Nov 2021 11:41:36 GMT
Server: nginx
Connection: keep-alive
Content-Type: image/gif
Content-Length: 35
P3P: CP="NON DSP COR CURa TIA"

Redirect headers

Date: Fri, 26 Nov 2021 11:41:36 GMT
Server: nginx
Access-Control-Allow-Origin: *
P3p: CP="NID DSP ALL COR"
Location: https://m.trafmag.com/images/1px-matching-go2net.gif?id=f0411d26268e4be2b24291d10e3864cf
Access-Control-Allow-Credentials: true
Connection: keep-alive
Keep-Alive: timeout=25
Content-Length: 0
X-Xss-Protection: 0

GET
H2

200

cm-notify
creativecdn.com/
Redirect Chain

https://creativecdn.com/cm-notify?pi=admixer
https://creativecdn.com/cm-notify?pi=admixer&tc=1

42 B
243 B

14ms
14ms

Image
image/gif

185.184.8.65
RTB-HOUSE-AMS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://creativecdn.com/cm-notify?pi=admixer&tc=1
Requested by: Host: on.ge
URL: https://on.ge/
Protocol: H2
Server: 185.184.8.65 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS: ip-185-184-8-65.rtbhouse.net
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://on.ge/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 26 Nov 2021 11:41:35 GMT, Fri, 26 Nov 2021 11:41:35 GMT
cache-control: no-cache, no-store, must-revalidate, private, max-age=0
content-type: image/gif
content-length: 42
expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location: https://creativecdn.com/cm-notify?pi=admixer&tc=1
date: Fri, 26 Nov 2021 11:41:35 GMT
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-length: 0
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3 200 fbevents.js Show response
connect.facebook.net/en_US/ 98 KB
25 KB 18ms
7ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: on.ge
URL: https://on.ge/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

b23807a4c5d90afca0dc47d688c0a05302779429dab75f5e6182562dcc2970f6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://on.ge/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length: 25965
x-xss-protection: 0
pragma: private
x-fb-debug: +YtpsWyupjR7ANHV7HTigc6sRFgTBFj9Q/F0inkKxNqyqqKA26jlUzPTHFMlutVS1EIrJ2l+t561j00pt9urnw==
x-frame-options: DENY
date: Fri, 26 Nov 2021 11:41:35 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
cache-control: private
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 36ms
7ms Script
text/javascript 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WFSNJQ

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://on.ge/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 02 Nov 2021 17:39:06 GMT
server: Golfe2
age: 2428
date: Fri, 26 Nov 2021 11:01:07 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Fri, 26 Nov 2021 13:01:07 GMT

GET
H3 200 OneSignalSDKStyles.css
onesignal.com/sdks/ 82 KB
9 KB 35ms
35ms Stylesheet
text/css 2606:4700::6812:e134
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://onesignal.com/sdks/OneSignalSDKStyles.css?v=2
Requested by: Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151510
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6812:e134 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: db7e0b393e175f19922fefbdcaa2866fca209c521d01cc834ae06cbf8d0f91b7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://on.ge/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 26 Nov 2021 11:41:35 GMT
content-encoding: br
cf-cache-status: HIT
server: cloudflare
age: 920
etag: W/"4e9aaefffd5f8ae7dc83361aa2294190"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=259200
cf-ray: 6b42d93aee140e1e-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires: Mon, 29 Nov 2021 11:41:35 GMT

GET
H3 200 1695966557313871 Show response
connect.facebook.net/signals/config/ 305 KB
87 KB 10ms
10ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1695966557313871?v=2.9.48&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

3f53161ee1a916f9cd9878d0a95595bc7c1a679c425cad94700327c1c1cf30f1

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://on.ge/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length: 88891
x-xss-protection: 0
pragma: public
x-fb-debug: +HM5+U0+7bSIN947t4mdoQSk4lGD29awBU04Nz/DE27RDpd5ilVY7HmCNOuFpcAY27Wuk0uyjnp2BQofNu4Myw==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Fri, 26 Nov 2021 11:41:35 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H/1.1 200
OK 9e254ffc-19c3-4296-886c-3dcfbb520a3a.png
content.admixer.net/test1/7a161148-1036-4f6d-b074-842e9977df54/ Frame BA32 145 KB
145 KB 189ms
63ms Image
image/png 31.28.167.114
COLOCALL Internet...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://content.admixer.net/test1/7a161148-1036-4f6d-b074-842e9977df54/9e254ffc-19c3-4296-886c-3dcfbb520a3a.png
Requested by: Host: on.ge
URL: https://on.ge/
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_CBC
Server: 31.28.167.114 , Ukraine, ASN15497 (COLOCALL Internet Data Center ColoCALL, UA),
Reverse DNS: 167-114.admixercdn-s2.cc.colocall.com
Software: nginx /
Resource Hash: 3b56c11690af0cb6c770f2f8087c18a86770ceb569d1363957184790f843a808

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://on.ge/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Fri, 26 Nov 2021 11:46:05 GMT
Referrer-Policy: no-referrer-when-downgrade
Last-Modified: Wed, 24 Nov 2021 10:42:09 GMT
Server: nginx
ETag: "619e1701-243d6"
Content-Type: image/png
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: content-range
Cache-Control: max-age=31622400
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 148438
Expires: Sun, 27 Nov 2022 11:46:05 GMT

GET
H/1.1 200
OK ev_view.aspx
inv-nets.admixer.net/ 43 B
300 B 9ms
8ms Image
image/gif 146.0.227.110
VELIANET-AS velia...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://inv-nets.admixer.net/ev_view.aspx?cc=DE%2FHE%2F2925533&am-uid=f0411d26268e4be2b24291d10e3864cf&zone=0688EB7C-6CE8-40C7-8300-D2E1F920928B&device=28&rule=9B14E40B-88D0-46F1-A459-7F016705D684&requestId=7c345978-9205-4ba8-969a-99d2b0798834&hp=722389662&page=on.ge%2F&ts=637735236957317647&ap=MQ%3D%3D&asign=-1370626040&markups=ZG1wZj0wJmRtcHA9dHJ1ZSZjcnRmPTAmY3J0cD10cnVlJmNydGF0cz0wJmFkbWY9MCZhZG1wPWZhbHNlJnRkZj0wJnRkcD10cnVlJnRvdGY9MCZ0b3RwPXRydWU%3D&bt=3&carr=M247+Ltd&connt=1&devt=2&isapp=0&make=Google&mod=Google+Chrome+-+Windows&os=Windows+10&osv=NT+10.0&adtype=2&extpubid=9CB6924D-6709-4E57-ACE4-4BA03B4F829B&inst=ADS-EU-3&pxl=0&pvid=8dec2e68-5ba2-4a6c-8d10-8ec4302e28b0&ip=185.232.23.182&item=25BB35F9-9011-49FF-83C8-9C196AC6389A&crid=25BB35F9-9011-49FF-83C8-9C196AC6389A&profile=C0406A6E-7136-4BA6-A8C6-511CF74BD81B&adv=N%2FA&dsp=ADMIXER+Georgia&dmp_pr=MA%3D%3D&dstUrl=https%3A%2F%2Fwww.mymarket.ge%2Fka%2F&cet=4&sw=[e=screen.width]&sh=[e=screen.height]&sf=0

Requested by

Host: on.ge
URL: https://on.ge/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

146.0.227.110 , Ascension Island, ASN29066 (VELIANET-AS velia.net Internetdienste GmbH, DE),

Reverse DNS

Software

nginx /

Resource Hash

281c5ae8bf152f644e12a943ec5d59681e1950c54fb6c0b3cc77539bf5e69340

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://on.ge/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Fri, 26 Nov 2021 11:41:35 GMT
Server: nginx
Content-Type: image/gif
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Connection: keep-alive
Keep-Alive: timeout=25
Content-Length: 43
X-Xss-Protection: 0

GET
H/1.1 200
OK 75418322-de84-4102-b5df-63138cca34c3.jpg
content.admixer.net/test1/95caac12-cd01-459f-9b60-d39d927e74ab/ Frame C5FA 32 KB
33 KB 189ms
63ms Image
image/jpeg 31.28.167.114
COLOCALL Internet...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://content.admixer.net/test1/95caac12-cd01-459f-9b60-d39d927e74ab/75418322-de84-4102-b5df-63138cca34c3.jpg
Requested by: Host: on.ge
URL: https://on.ge/
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_CBC
Server: 31.28.167.114 , Ukraine, ASN15497 (COLOCALL Internet Data Center ColoCALL, UA),
Reverse DNS: 167-114.admixercdn-s2.cc.colocall.com
Software: nginx /
Resource Hash: 4b7a297c4d34f507aee461237fd8b0571f1d483d70d96e537dac4d51355d4942

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://on.ge/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Fri, 26 Nov 2021 11:46:05 GMT
Referrer-Policy: no-referrer-when-downgrade
Last-Modified: Wed, 24 Nov 2021 13:05:24 GMT
Server: nginx
ETag: "619e3894-80f5"
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: content-range
Cache-Control: max-age=31622400
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 33013
Expires: Sun, 27 Nov 2022 11:46:05 GMT

GET
H2 200 /
onetag-sys.com/usync/ 0
0 10ms
10ms Image
text/html 51.75.86.98
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://onetag-sys.com/usync/?pubId=59d216e971852f2
Requested by: Host: on.ge
URL: https://on.ge/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 51.75.86.98 , France, ASN16276 (OVH, FR),
Reverse DNS: ip98.ip-51-75-86.eu
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://on.ge/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

GET
H/1.1 200
OK ev_view.aspx
inv-nets.admixer.net/ 43 B
300 B 21ms
13ms Image
image/gif 146.0.227.110
VELIANET-AS velia...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://inv-nets.admixer.net/ev_view.aspx?cc=DE%2FHE%2F2925533&am-uid=f0411d26268e4be2b24291d10e3864cf&zone=C967266F-2E79-4705-A8A7-902C6440A64E&device=28&rule=AF72D89D-A988-45CF-8230-495B9D3FDF1D&requestId=4506d2e7-4641-44b3-9c0a-1802456886e2&hp=722389662&page=on.ge%2F&ts=637735236957317647&ap=MA%3D%3D&asign=609259616&bt=3&carr=M247+Ltd&connt=1&devt=2&isapp=0&make=Google&mod=Google+Chrome+-+Windows&os=Windows+10&osv=NT+10.0&adtype=0&extpubid=9CB6924D-6709-4E57-ACE4-4BA03B4F829B&inst=ADS-EU-3&pxl=0&pvid=8dec2e68-5ba2-4a6c-8d10-8ec4302e28b0&ip=185.232.23.182&item=95CAAC12-CD01-459F-9B60-D39D927E74AB&crid=95CAAC12-CD01-459F-9B60-D39D927E74AB&size=250x250&profile=AF72D89D-A988-45CF-8230-495B9D3FDF1D&adv=%E1%83%A1%E1%83%90%E1%83%A5%E1%83%90%E1%83%A0%E1%83%97%E1%83%95%E1%83%94%E1%83%9A%E1%83%9D%E1%83%A1+%E1%83%A3%E1%83%9C%E1%83%98%E1%83%95%E1%83%94%E1%83%A0%E1%83%A1%E1%83%98%E1%83%A2%E1%83%94%E1%83%A2%E1%83%98&dsp=Local&dmp_pr=MA%3D%3D&dstUrl=https%3A%2F%2Ffreeconsultation.ugw.ge%2F&cet=4&sw=[e=screen.width]&sh=[e=screen.height]&sf=0

Requested by

Host: on.ge
URL: https://on.ge/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

146.0.227.110 , Ascension Island, ASN29066 (VELIANET-AS velia.net Internetdienste GmbH, DE),

Reverse DNS

Software

nginx /

Resource Hash

281c5ae8bf152f644e12a943ec5d59681e1950c54fb6c0b3cc77539bf5e69340

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://on.ge/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Fri, 26 Nov 2021 11:41:35 GMT
Server: nginx
Content-Type: image/gif
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Connection: keep-alive
Keep-Alive: timeout=25
Content-Length: 43
X-Xss-Protection: 0

GET
DATA 200
OK truncated
/ Frame BA32 589 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bf9bd542074c807245624ae2ee63906fdfc582c42c286dc2380402d758c0cb96

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Type: image/svg+xml

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
435 B 60ms
19ms XHR
text/plain 2a00:1450:400c:c06::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-54063776-1&cid=1445716364.1637926896&jid=2001364483&gjid=1155823760&_gid=1963777539.1637926896&_u=YChAgAABAAAAAE~&z=2015283606

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c06::9c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://on.ge/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Fri, 26 Nov 2021 11:41:36 GMT
content-type: text/plain
access-control-allow-origin: https://on.ge
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 22ms
7ms Image
image/gif 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&a=938194665&t=pageview&_s=1&dl=https%3A%2F%2Fon.ge%2F&ul=en-us&de=UTF-8&dt=On.ge%20%2F%20%E1%83%92%E1%83%90%E1%83%98%E1%83%92%E1%83%94%20%E1%83%9B%E1%83%94%E1%83%A2%E1%83%98&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YChAgAAB~&jid=2001364483&gjid=1155823760&cid=1445716364.1637926896&tid=UA-54063776-1&_gid=1963777539.1637926896&gtm=2wgba1WFSNJQ&cd2=disabled&z=896267623

Requested by

Host: on.ge
URL: https://on.ge/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://on.ge/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 26 Nov 2021 07:26:13 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 15323
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.facebook.com/tr/ 44 B
91 B 18ms
7ms Image
image/gif 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1695966557313871&ev=PageView&dl=https%3A%2F%2Fon.ge%2F&rl=&if=false&ts=1637926896016&sw=1600&sh=1200&v=2.9.48&r=stable&ec=0&o=30&fbp=fb.1.1637926896015.464268892&it=1637926895844&coo=false&exp=p1&rqm=GET

Requested by

Host: on.ge
URL: https://on.ge/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://on.ge/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 26 Nov 2021 11:41:36 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600
priority: u=3,i
expires: Fri, 26 Nov 2021 11:41:36 GMT

GET
H3 200 icon Show response
onesignal.com/api/v1/apps/ecf9e160-8d86-41ff-83dd-c88538b3a327/ 126 B
597 B 356ms
333ms Fetch
application/json 2606:4700::6812:e234
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://onesignal.com/api/v1/apps/ecf9e160-8d86-41ff-83dd-c88538b3a327/icon

Requested by

Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151510

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:e234 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1fb456d9790b74395abf9f7eb1a3d69dee39ab8f79b260919fe346dedf42da78

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://on.ge/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 26 Nov 2021 11:41:36 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
status: 200 OK
x-envoy-upstream-service-time: 12
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-xss-protection: 1; mode=block
x-request-id: 95077de4-bbdd-4552-ab07-182af6018280
x-runtime: 0.009322
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"1fb456d9790b74395abf9f7eb1a3d69d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=0, private, must-revalidate
cf-ray: 6b42d93c59853763-MXP
access-control-allow-headers: SDK-Version

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
501 B 57ms
30ms Image
image/gif 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-54063776-1&cid=1445716364.1637926896&jid=2001364483&_u=YChAgAABAAAAAE~&z=1398092511

Requested by

Host: on.ge
URL: https://on.ge/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://on.ge/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 26 Nov 2021 11:41:36 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
501 B 58ms
31ms Image
image/gif 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-54063776-1&cid=1445716364.1637926896&jid=2001364483&_u=YChAgAABAAAAAE~&z=1398092511

Requested by

Host: on.ge
URL: https://on.ge/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://on.ge/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 26 Nov 2021 11:41:36 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK 75418322-de84-4102-b5df-63138cca34c3.jpg
content.admixer.net/test1/95caac12-cd01-459f-9b60-d39d927e74ab/ Frame C5FA 32 KB
33 KB 41ms
40ms Image
image/jpeg 31.28.167.114
COLOCALL Internet...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://content.admixer.net/test1/95caac12-cd01-459f-9b60-d39d927e74ab/75418322-de84-4102-b5df-63138cca34c3.jpg
Requested by: Host: on.ge
URL: https://on.ge/
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_CBC
Server: 31.28.167.114 , Ukraine, ASN15497 (COLOCALL Internet Data Center ColoCALL, UA),
Reverse DNS: 167-114.admixercdn-s2.cc.colocall.com
Software: nginx /
Resource Hash: 4b7a297c4d34f507aee461237fd8b0571f1d483d70d96e537dac4d51355d4942

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://on.ge/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Fri, 26 Nov 2021 11:46:05 GMT
Referrer-Policy: no-referrer-when-downgrade
Last-Modified: Wed, 24 Nov 2021 13:05:24 GMT
Server: nginx
ETag: "619e3894-80f5"
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: content-range
Cache-Control: max-age=31622400
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 33013
Expires: Sun, 27 Nov 2022 11:46:05 GMT

GET
H3

200

/
www.facebook.com/login/ Frame 41C6
Redirect Chain

https://www.facebook.com/v2.8/plugins/page.php?adapt_container_width=true&app_id=1740035346240245&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df1c...
https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Fpage.php%3Fadapt_container_width%3Dtrue%26app_id%3D1740035346240245%26channel%3Dhttps%253A%252F%252Fstaticxx.facebook...

0
0

95ms
95ms

Document
text/html

2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Fpage.php%3Fadapt_container_width%3Dtrue%26app_id%3D1740035346240245%26channel%3Dhttps%253A%252F%252Fstaticxx.facebook.com%252Fx%252Fconnect%252Fxd_arbiter%252F%253Fversion%253D46%2523cb%253Df1cb6c4c4627ccc%2526domain%253Don.ge%2526is_canvas%253Dfalse%2526origin%253Dhttps%25253A%25252F%25252Fon.ge%25252Ff39bfb30e6588dc%2526relation%253Dparent.parent%26container_width%3D230%26hide_cover%3Dfalse%26href%3Dhttps%253A%252F%252Fwww.facebook.com%252Fnext.on.ge%252F%26locale%3Dka_GE%26sdk%3Djoey%26show_facepile%3Dtrue%26small_header%3Dfalse

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/ka_GE/sdk.js?hash=b20ee1a3af7ade26422a57c1e38d13bc

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com 'unsafe-eval' .fbcdn.net;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: attachment.fbsbx.com ws://localhost:* blob: .cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com;font-src data: .gstatic.com .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com .tenor.co media.tenor.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net .giphy.com connect.facebook.net .carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net cx.atdmt.com www.googleadservices.com .whatsapp.net .fb.com .oculuscdn.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com https://.giphy.com data:;frame-src .doubleclick.net .google.com .facebook.com www.googleadservices.com .fbsbx.com fbsbx.com ad.atdmt.com data: www.instagram.com .fbcdn.net https://paywithmybank.com;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: about:blank

Response headers

vary: Accept-Encoding
content-encoding: br
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-opener-policy: unsafe-none
pragma: no-cache
cache-control: private, no-cache, no-store, must-revalidate
expires: Sat, 01 Jan 2000 00:00:00 GMT
x-content-type-options: nosniff
x-xss-protection: 0
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net cx.atdmt.com www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com ad.atdmt.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net cx.atdmt.com www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com ad.atdmt.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
x-frame-options: DENY
strict-transport-security: max-age=15552000; preload
content-type: text/html; charset="utf-8"
x-fb-debug: sAsHnKifs89pSdhAKXuLypndX4tEQ7YOmb6MXoLJq/WW3OS/0rgcJM0SDdIB1OsiT+UoKITh1fVIKFqTR9IFFA==
date: Fri, 26 Nov 2021 11:41:36 GMT
priority: u=3,i
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600

Redirect headers

location: https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Fpage.php%3Fadapt_container_width%3Dtrue%26app_id%3D1740035346240245%26channel%3Dhttps%253A%252F%252Fstaticxx.facebook.com%252Fx%252Fconnect%252Fxd_arbiter%252F%253Fversion%253D46%2523cb%253Df1cb6c4c4627ccc%2526domain%253Don.ge%2526is_canvas%253Dfalse%2526origin%253Dhttps%25253A%25252F%25252Fon.ge%25252Ff39bfb30e6588dc%2526relation%253Dparent.parent%26container_width%3D230%26hide_cover%3Dfalse%26href%3Dhttps%253A%252F%252Fwww.facebook.com%252Fnext.on.ge%252F%26locale%3Dka_GE%26sdk%3Djoey%26show_facepile%3Dtrue%26small_header%3Dfalse
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-opener-policy: unsafe-none
pragma: no-cache
cache-control: private, no-cache, no-store, must-revalidate
expires: Sat, 01 Jan 2000 00:00:00 GMT
x-content-type-options: nosniff
x-xss-protection: 0
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net cx.atdmt.com www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com ad.atdmt.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net cx.atdmt.com www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com ad.atdmt.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
facebook-api-version: v5.0
strict-transport-security: max-age=15552000; preload
content-type: text/html; charset="utf-8"
x-fb-debug: kWhp5WvWbUyrCDnFYztnNqIUpEoO5F64I3kjJt50R/OUH3sAvFBiOgSIbA4ne8bxGCcdAuV69EjWoF44ZOfG2w==
content-length: 0
date: Fri, 26 Nov 2021 11:41:36 GMT
priority: u=3,i
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 12 KB
9 KB 23ms
22ms XHR
application/json 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021111601&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111601.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

c0d0118d81a4084fe801822e37e22855d6906a274bc0a4d748398d3d604e04db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://on.ge/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 26 Nov 2021 11:41:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9311
x-xss-protection: 0

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 2097ms
2074ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111601.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://on.ge/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 26 Nov 2021 11:41:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1624308425655142"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6467
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
expires: Fri, 26 Nov 2021 11:41:38 GMT

GET
H/1.1 200
OK 9e254ffc-19c3-4296-886c-3dcfbb520a3a.png
content.admixer.net/test1/7a161148-1036-4f6d-b074-842e9977df54/ Frame BA32 145 KB
145 KB 37ms
37ms Image
image/png 31.28.167.114
COLOCALL Internet...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://content.admixer.net/test1/7a161148-1036-4f6d-b074-842e9977df54/9e254ffc-19c3-4296-886c-3dcfbb520a3a.png
Requested by: Host: on.ge
URL: https://on.ge/
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_CBC
Server: 31.28.167.114 , Ukraine, ASN15497 (COLOCALL Internet Data Center ColoCALL, UA),
Reverse DNS: 167-114.admixercdn-s2.cc.colocall.com
Software: nginx /
Resource Hash: 3b56c11690af0cb6c770f2f8087c18a86770ceb569d1363957184790f843a808

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://on.ge/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Fri, 26 Nov 2021 11:46:05 GMT
Referrer-Policy: no-referrer-when-downgrade
Last-Modified: Wed, 24 Nov 2021 10:42:09 GMT
Server: nginx
ETag: "619e1701-243d6"
Content-Type: image/png
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: content-range
Cache-Control: max-age=31622400
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 148438
Expires: Sun, 27 Nov 2022 11:46:05 GMT

GET
H2 200 on-push.png
rachel.on.ge/2017/05/29/ 5 KB
6 KB 173ms
173ms Image
image/png 2606:4700:10::6816:425
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rachel.on.ge/2017/05/29/on-push.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:425 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e05026ee5689923808f56e145a0a302a505762a124c95573817395c4f394bd64

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://on.ge/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-varnish-cache: MISS
date: Fri, 26 Nov 2021 11:41:36 GMT
via: 1.1 varnish
cf-cache-status: REVALIDATED
content-type: image/png
content-length: 5610
last-modified: Mon, 29 May 2017 12:47:48 GMT
server: cloudflare
etag: "15ea-550a9182b3e99"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-varnish: 2109394309
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 6b42d93e7bc05a3d-MXP

POST
H3 200 / Show response
www.facebook.com/tr/ Frame 6E9E 0
15 B 7ms
7ms Document
text/plain 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Upgrade-Insecure-Requests: 1
Origin: https://on.ge
Content-Type: application/x-www-form-urlencoded
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://on.ge/

Response headers

content-type: text/plain
access-control-allow-origin: https://on.ge
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-length: 0
server: proxygen-bolt
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600
priority: u=3,i
date: Fri, 26 Nov 2021 11:41:36 GMT

GET
H/1.1 200
OK ev_view.aspx
inv-nets.admixer.net/ 43 B
300 B 9ms
9ms Image
image/gif 146.0.227.110
VELIANET-AS velia...

General

Check archive.org

Show headers Download Go to Show image

Full URL

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

146.0.227.110 , Ascension Island, ASN29066 (VELIANET-AS velia.net Internetdienste GmbH, DE),

Reverse DNS

Software

nginx /

Resource Hash

281c5ae8bf152f644e12a943ec5d59681e1950c54fb6c0b3cc77539bf5e69340

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://on.ge/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Fri, 26 Nov 2021 11:41:36 GMT
Server: nginx
Content-Type: image/gif
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Connection: keep-alive
Keep-Alive: timeout=25
Content-Length: 43
X-Xss-Protection: 0

GET
H/1.1 200
OK ev_view.aspx
inv-nets.admixer.net/ 43 B
300 B 8ms
8ms Image
image/gif 146.0.227.110
VELIANET-AS velia...

General

Check archive.org

Show headers Download Go to Show image

Full URL

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

146.0.227.110 , Ascension Island, ASN29066 (VELIANET-AS velia.net Internetdienste GmbH, DE),

Reverse DNS

Software

nginx /

Resource Hash

281c5ae8bf152f644e12a943ec5d59681e1950c54fb6c0b3cc77539bf5e69340

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://on.ge/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Fri, 26 Nov 2021 11:41:36 GMT
Server: nginx
Content-Type: image/gif
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Connection: keep-alive
Keep-Alive: timeout=25
Content-Length: 43
X-Xss-Protection: 0

GET
H/1.1 204
No Content logcz.aspx
inv-nets.admixer.net/ 0
220 B 8ms
7ms Image
text/plain 146.0.227.110
VELIANET-AS velia...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://inv-nets.admixer.net/logcz.aspx?zone=72becbfa-e6ce-4d6e-aa61-16ec4740ce05

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

146.0.227.110 , Ascension Island, ASN29066 (VELIANET-AS velia.net Internetdienste GmbH, DE),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://on.ge/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Fri, 26 Nov 2021 11:41:37 GMT
Access-Control-Allow-Credentials: true
Server: nginx
Connection: keep-alive
Keep-Alive: timeout=25
X-Xss-Protection: 0

GET
H/1.1 204
No Content logcz.aspx
inv-nets.admixer.net/ 0
220 B 8ms
7ms Image
text/plain 146.0.227.110
VELIANET-AS velia...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://inv-nets.admixer.net/logcz.aspx?zone=c967266f-2e79-4705-a8a7-902c6440a64e

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

146.0.227.110 , Ascension Island, ASN29066 (VELIANET-AS velia.net Internetdienste GmbH, DE),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://on.ge/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Fri, 26 Nov 2021 11:41:37 GMT
Access-Control-Allow-Credentials: true
Server: nginx
Connection: keep-alive
Keep-Alive: timeout=25
X-Xss-Protection: 0

GET
H/1.1 204
No Content logcz.aspx
inv-nets.admixer.net/ 0
220 B 7ms
7ms Image
text/plain 146.0.227.110
VELIANET-AS velia...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://inv-nets.admixer.net/logcz.aspx?zone=ad6c6bdd-5e61-4684-a697-a03a14484d9d

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

146.0.227.110 , Ascension Island, ASN29066 (VELIANET-AS velia.net Internetdienste GmbH, DE),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://on.ge/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Fri, 26 Nov 2021 11:41:37 GMT
Access-Control-Allow-Credentials: true
Server: nginx
Connection: keep-alive
Keep-Alive: timeout=25
X-Xss-Protection: 0

GET
H/1.1 204
No Content logcz.aspx
inv-nets.admixer.net/ 0
220 B 7ms
7ms Image
text/plain 146.0.227.110
VELIANET-AS velia...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://inv-nets.admixer.net/logcz.aspx?zone=78ca8a12-b352-4c62-b28c-eda6c3d249be

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

146.0.227.110 , Ascension Island, ASN29066 (VELIANET-AS velia.net Internetdienste GmbH, DE),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://on.ge/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Fri, 26 Nov 2021 11:41:37 GMT
Access-Control-Allow-Credentials: true
Server: nginx
Connection: keep-alive
Keep-Alive: timeout=25
X-Xss-Protection: 0

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/224/ Frame 996E 12 KB
5 KB 28ms
7ms Document
text/html 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://on.ge/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length: 5029
date: Fri, 26 Nov 2021 11:33:57 GMT
expires: Sat, 26 Nov 2022 11:33:57 GMT
last-modified: Wed, 02 Jun 2021 17:09:45 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 461
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 2DB0 783 B
537 B 36ms
17ms Document
text/html 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

bd389ba7803e079902a9fb4cd74c3e54f39c8bd99adba7d2d2f12274ae1c5f8d

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-8C6RUFQc+CEbH+3k1xqMWA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://on.ge/

Response headers

cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires: Fri, 26 Nov 2021 11:41:38 GMT
date: Fri, 26 Nov 2021 11:41:38 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-8C6RUFQc+CEbH+3k1xqMWA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 515
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 lK7Pd7B-H_9yBaI_NSshU4OXimYezFu1HmFuNXULOe8.js Show response
pagead2.googlesyndication.com/bg/ Frame 996E 35 KB
13 KB 8ms
8ms Script
text/javascript 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/lK7Pd7B-H_9yBaI_NSshU4OXimYezFu1HmFuNXULOe8.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

sffe /

Resource Hash

94aecf77b07e1fff7205a23f352b215383978a661ecc5bb51e616e35750b39ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 26 Nov 2021 10:50:57 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3041
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13508
x-xss-protection: 0
last-modified: Mon, 08 Nov 2021 11:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 26 Nov 2022 10:50:57 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 2DB0 0
0 55ms
55ms Image
text/html 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=224&li=gpt_2021111601&jk=636992358702881&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s06-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 43ms
42ms Image
image/gif 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=224&t=2&li=gpt_2021111601&jk=636992358702881&bg=!8fKl8rbNAAZQLpa_UC47ACkAdvg8WtzTx79djILpE4SiRRl7ugViPvDGSDDYNlZEC1_DzixFIq4nTAIAAABZUgAAAAloAQeZAoMgAvgoriBQ27xrMdlLpdhxVMP75nJt09BFmEgZuGkqZJu9PiHxBVtRtJ3epEn0surHSdxDpwVwNoXvgMFOwbWhg7xXKgMYtVIpvkullfbopXPUuK8UEk6Jd061ezxuo-aK3zmjOEgxEAx5dX-1ZdmxhwKLZ3xBsSG8FrC6cATUOiA3kCWuaXshXhJFPepfMufe4Vvs7j5OlbxICCbNt8Du7gFwWUqgDmYZ-V2RM0KYa6HHUyUBsyT-nSS2nK81hHKCoT_rWGjQlre3tIt7fHBtxWXhLzA6vLWHJA95aZ_jTcQGuEUdomHCAlwkyiSH96n7R3Wfl0MtUnEphWcsVD2miUoE34_hIMxdDq85f0TyWY4LZzuuWZGDiWM4nazj3muzxOI_39jIP6gPOrUo1U_l_jelNrgEYl4MwYBAULgnlqMrqiKnJwy-qFb8zHiADkvz3YfXBINJ_-hQ-LGapHzxFSSBiWHaxrVWo4D6ISuyFb_5ghRrgpQHfhcGsefEboBps3Jh9Raieq3w4M9emJ2-ihBt1GZJ7Mnf4mgAsbEmNpF-nFHH-1C41ZIgO1keFyhlERxP35m7GT1fhrt4v8NhPWZfPmbJt0N44JGya5bgAvG0ZKeHNCKaIw1u7infJMSgC5NOamhMupdxn2xdZic6ZPvhuconUMKfh1Ci7CpUxLuSmGFFnaNvT87FcNYdhtgG3Ut-AogOOKTfsf9tt0BkzG7IDBHgyWrsVy0Y4qz9RIO1bKZUs6vNGxp6VhtEeV9r-sbhMSN6-QUTkozo4-f7HnNUEpmQq_9HgTuD3AlpkmUnY2w56EsCY4j1KmvwoyLFuKsMKODZO3_NAL750DZys3vA

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://on.ge/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 26 Nov 2021 11:41:38 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

159 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

21 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.admixer.net/gadx	1970-01-20 16:29:58	Name: am-uid Value: f0411d26268e4be2b24291d10e3864cf
on.ge/	1969-12-31 23:59:59	Name: PHPSESSID Value: l3jutfjs9hkhuk8ojs83psiqk0
on.ge/	1969-12-31 23:59:59	Name: Value: store.test
.top.ge/	1970-01-20 07:35:02	Name: datetime Value: 1637926895
.top.ge/	1970-01-20 07:35:02	Name: id Value: 97558
.top.ge/	1969-12-31 23:59:59	Name: url Value: 97558
.top.ge/	1969-12-31 23:59:59	Name: __tgb Value: 97558
.top.ge/	1970-01-20 07:35:02	Name: cust Value: 3591637122
on.ge/	1970-01-19 22:59:30	Name: onge-date-diff Value: 708
.admixer.net/	1970-01-20 16:29:58	Name: am-uid Value: f0411d26268e4be2b24291d10e3864cf
on.ge/	1970-01-19 23:08:51	Name: am-uid Value: f0411d26268e4be2b24291d10e3864cf
.creativecdn.com/	1970-01-20 07:44:22	Name: u Value: h3GreoGUMTYnlpxDjeSO
.creativecdn.com/	1970-01-20 07:44:22	Name: ts Value: 1637926895
.on.ge/	1970-01-20 08:20:22	Name: __gads Value: ID=3e5092669c667bce-2290404f06cc005e:T=1637926895:S=ALNI_MbEmlmd8o-F2Ny_bldSHl70KnGMBg
.on.ge/	1970-01-20 16:29:58	Name: _ga Value: GA1.2.1445716364.1637926896
.on.ge/	1970-01-19 23:00:13	Name: _gid Value: GA1.2.1963777539.1637926896
.on.ge/	1970-01-19 22:58:46	Name: _dc_gtm_UA-54063776-1 Value: 1
.on.ge/	1970-01-20 01:08:22	Name: _fbp Value: fb.1.1637926896015.464268892
.doubleclick.net/	1970-01-20 08:20:22	Name: IDE Value: AHWqTUmuefknPGs2X2JMQ37xbeQg2pPqpt7tjKwXZYINKlyF12T4DOrzCNXOvNT5veU
.facebook.com/	1970-01-20 16:29:58	Name: sb Value: 8MegYaQx_IY4IWT5ZKxr-ru0
.facebook.com/	1970-01-20 01:08:22	Name: fr Value: 07usBLGQfGgDfejTN..BhoMfv.hp.AAA.0.0.BhoMfw.AWVqCU4LVpA

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	error	URL: chrome-error://chromewebdata/ Message: Refused to display 'https://www.facebook.com/' in a frame because it set 'X-Frame-Options' to 'deny'.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

account.on.ge
adservice.google.com
adservice.google.de
b5b81767a289b1a0fba988d6f5c9eff3.safeframe.googlesyndication.com
cdn.admixer.net
cdn.onesignal.com
chandler.on.ge
cm.g.doubleclick.net
connect.facebook.net
content.admixer.net
counter.top.ge
creativecdn.com
inv-nets.admixer.net
joey.on.ge
m.trafmag.com
monica.on.ge
on.ge
onesignal.com
onetag-sys.com
pagead2.googlesyndication.com
phoebe.on.ge
rachel.on.ge
ross.on.ge
securepubads.g.doubleclick.net
services.on.ge
static.on.ge
stats.g.doubleclick.net
tpc.googlesyndication.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.googletagservices.com
142.250.181.226
142.250.186.98
146.0.227.110
185.184.8.65
188.93.95.16
193.200.65.6
2606:4700:10::6816:425
2606:4700::6812:e134
2606:4700::6812:e234
2a00:1450:4001:808::2002
2a00:1450:4001:811::2002
2a00:1450:4001:813::2004
2a00:1450:4001:828::2003
2a00:1450:4001:829::2001
2a00:1450:4001:829::2002
2a00:1450:4001:82a::2008
2a00:1450:4001:831::2001
2a00:1450:4001:831::200e
2a00:1450:400c:c06::9c
2a03:2880:f02d:12:face:b00c:0:3
2a03:2880:f12d:83:face:b00c:0:25de
2a03:90c0:41:2801::254
31.28.167.114
51.75.86.98
05f62f5d3f16508b64d4e6a1773d8f8b7dc5f0c86cca600397d87959f8a7c714
062e99c00079cb0781d4ae90ed767450b903f8d4b97960f02e29364617330e77
09dbc93462edd6df359dbcb55d2f18360b75316c04b827675f942fa361644525
0ca8f5fcd03defaa59b26b983dbcd36641fdd3b8538cb3f5054d9c422b165c00
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
13497c7672922cddb2efd57191df8e33859e469105f7a39381271f6976bc87d1
13599949dfee5fc97b87ebb3306bb157a96b01bec31003e446a918b5767fb727
1411f2363842eacb2fb2095bacfef4863f52ffd2f4465daa30e3d2dec7bdf3ad
1521f1dff554f0caadb51dc124e12ba1241c0f0fee588e63d5671d9c758cb9f1
16bc2f38ed5138f76357cbe7eac53bc2fffcdef81a6ecf94956e7095e343ea8a
1ba1c8c4d38dde46bc9aecef823dcff354b3825598ffd2b893d91aa26f96689f
1f167fdb186ea566906925836eaf1edaccad2ab4bcfe97fc39ebc0cf5be37ad7
1fb456d9790b74395abf9f7eb1a3d69dee39ab8f79b260919fe346dedf42da78
24b7928a6d1a8547143ee4834eaf2dc2b5e5618e7dbb9a92a6c952d24ed38a11
25da41945119a3c852ad72354b4a96dc3a699e07d810b81fb3d61b66a44ff045
267af5a9d0c450f643fa97ce518f770ddf80663c589eca901b707391fa6ba9d0
281c5ae8bf152f644e12a943ec5d59681e1950c54fb6c0b3cc77539bf5e69340
28333d75fe86f4d034f512efaea2e39f21f33e4cd8385ed715f931e16236821b
2b772c464fa0b56de5b56912ceb15c6b5a4de2817f4c7d4a190f09f0ba8e9e1a
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
39cb189fe46252c93a9a9551f41dff8575d004c13b1b97ec4efefd902dd7facc
3b001c91bf7d6ae3fb5f29deb81fc672ddd96e3810fd2ce69e583ac02d5262e3
3b56c11690af0cb6c770f2f8087c18a86770ceb569d1363957184790f843a808
3c07fe23f59d46e63f37970ed22871c747a25c455108f8e77721268ff0d496fb
3eee78aaf4f9dc8d0d36d3dddbaad9094ace5d91611f9aee6fe0b44b0ed46ccc
3f1cc7e015771efdbc1ff7d32f4420efa3b22ba539e707235f2af08e883b8c42
3f53161ee1a916f9cd9878d0a95595bc7c1a679c425cad94700327c1c1cf30f1
401deda3e474391f29669b2d37c9840a850d5ee861b333caed9da0abe9fbad66
41f3ab6783d84dc1c959173ec2037985fdc3471721f3f4d086b0dcbf21fdfd55
428f8d1c5ddc7dd30950ed446f884a23fbe117be1b852f262711e1f634df39d1
430d0ae2afb0756f4e1381c7d0288004425071216fb1f7f3f96d15c1eadd6a83
43d06024c58aeddc267957b11075b23a83df142704ebd7010995c0f8b1403432
4b7a297c4d34f507aee461237fd8b0571f1d483d70d96e537dac4d51355d4942
4cb99750ff6345978eaed2c4947bfd4dcbebc07725cb000285df6310f308e553
4f907b51ac57fa6a3584fa078eb61ca83f01d2aeb273eb93ab018be93bed9a05
4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3
51ab1419c56a6121ce139797173240cd84178adb4986f20d890f968f51f59882
52f265650f7013eff67bc683576ba96329a0bd223c962aef397c47047cc0e9ee
550e2e3649199407ea59be71ec68eb766360ebedf63b156fc1fa1d22ffb4cb2e
55b4a8ebd4ce4144242d6bb9d0ebb65a01b2759e67243ed5badc3ac96c6fd396
580aebdb7202f45129c1adb841a0ea3a08867b333c93da946f90ca2c5eb0e8c5
58ef11ef59544ffcd3d4d423847401bff935b1ae3a06caf9f5a696c7e019c78c
5a7a6f32f76c0d90b5253e66a40ed080c74c035abb2cf400dcaaa9c6abeaf8f2
5b2b5a5a05298e069e32d2d59e24b91a4ce53f93de02f43efda0063b38015928
5c5b7e46439a3660f3fa0b6aace975203eac59793aafa872f5ca895e23fb29ea
5ec162f5b91e84f6e142cc05a7ed68110cde27d5f3fe7aa41a804355c92a39d6
601c06474a16936670a0477da2a777ccfca3301e3857204ec9b55dfa2c45287e
6226df8c5bdf6ffda14992098c849dc8033db63fffd71d912056908385b3ba99
6259e182db3f69810e0db369be7d15c03f99ea3b91cc3b6cd6ac1139ab46b3e6
62f44e764c8529846aadec48630e42a1f907355233f30b254838ad655745b7fa
65b0c0df7c7862dd2afc277b749ae30fc44ff3fe6b243c39869d162bd060e2d1
672ae458a7aeb022a4e1294618263a4590e20750faf20a2bdc28c49200c4ce1d
69322c6d739e267ff75dcaadd7316224262f295de12b6d9055a8b1408d54deae
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
70e1907d700df645dc16e1c4f0b85cb0255e9a5127da35e8851d85f6676c3de2
7319607cdf30011a9bbfe872f8a366e52e76fda6929ad4a83f69b39c9a807023
7a4ba5a0284eb29987dd57858bff0a0f9909af6080147abac4ebe8419788f203
824f4e786c42783de79ec7c924e0e707f79e282e0ef35bd06598d87a817c67c2
827a4a7d6344f1692df996dee3beec9e9b1a616a4a5f7fe6e89062774ace0bf1
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
8dd127d8c49bb504453c746463b3aacfdd7d3dffe98a2bea9d860207096d04f4
9146e735f91bbef09ce7056abb70f15a869632f7732498cb34091a88960aed3c
94aecf77b07e1fff7205a23f352b215383978a661ecc5bb51e616e35750b39ef
969a63e49dc6038f9d190a169930e96c26caaf62a0ac9e3d92ccd067e7d3d4a6
9845707907e58cb90187d70343678ab92cbc23ce449393afdc3bac51182d3710
9f9fb3b57b331d7d30d2198e6b4d60d85941b161482a272b2ca15ea31d8a298f
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a4794cfedac4eaef2afe0f2b3b9f4049965a4247196382e61cb2d380104d70cf
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a521729dc53682fc83dfa5522c42fb47557b54dc3d4e568edfe43b0389519f48
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
a619a2957f2027aa6b7ae4a6248bd84773c071273fe2d00daa602b090370d314
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a941be2318d79441ad1a966e6720e8129624611ee13198f78f7c2e59dbb2668b
abd9155ac0fe0e62fdb9e2c1c333357cd33107972a57eff5224b0f3d0d2df316
add4f324b163178ccc848f9f607fbccc6110f6f8985e3ddb41fcd5837a3997bf
addf96a0c7d6c51c22bbd1b88975b2cbb132a632ecc95cc75dd4ec56ef194d84
aefebda2cf8bbba336a120aa6c0c91bfee60e8f3cc4531c3c870403b376256d4
b23807a4c5d90afca0dc47d688c0a05302779429dab75f5e6182562dcc2970f6
b8c24e0eb4936acd96980e25529e8c274e87555e6a7b2571fe26bcb0122e7d32
ba83c227cde7d4c34fb514ccd483305e8dfef365e6b2b70a126f2d73adaa1691
bb18c579bac62e2c65696db27124c04e3398eac321d6c8c0618a8c564e0c5b22
bd389ba7803e079902a9fb4cd74c3e54f39c8bd99adba7d2d2f12274ae1c5f8d
bf9bd542074c807245624ae2ee63906fdfc582c42c286dc2380402d758c0cb96
c0d0118d81a4084fe801822e37e22855d6906a274bc0a4d748398d3d604e04db
c3ab98a11303695462aaa63309ffa207915c6ec8c6f514c6193cfa57c6796d8d
c4f79449eb89b7cb34513e7bf05bcf2c30b5121d3323f45dce960457b8e2f6ee
c62a3c8756fd27abb56a250f74fc1037c3992c159e7533e2f41994bf57822858
ca3296d548223a35255c768bdedcfac9952034c7282dbfddc330bc249b6a1b67
ce299aade856e4f7318a3219094c3176b280ab8c95b4496d95f417ea23a81784
d51f91249d87c8fe7104d5434f1f9479ae44c2e32c8bdecc75165cb6fb89dacd
d52e9bb73ba9811882bea73b980c1e7a895ce0b4cbeed0ec5f330bddb6a87d56
d5ce460e2d9e895fb95672506ad2a16f241fd9cb2c56610eaf930869d9a5162b
d7d08d242d7a431e21e435ab5d3b15f15293aec1dbc157ac258a455173698752
db7e0b393e175f19922fefbdcaa2866fca209c521d01cc834ae06cbf8d0f91b7
dcae1621a206a6ae7a93d75cfdb625e2f3e8975ef2f531ff7a822ce19fe98e4f
dd14c46ec666d1ee4cbbc421dae525812048f01ce4cf5082e0a2ad50c005abf1
e05026ee5689923808f56e145a0a302a505762a124c95573817395c4f394bd64
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e732989758e6dcde3443f352c633422402e09c11c84f2f38b447e7e08b46316d
e96896a208db0b87febe1bc17fe6e9de8cdf3b1a36abce5a58cc803ed293d990
e97e4e1a626109cc68dd6c4d590bb9af6f32522664224e559e4f2e48d9c4da53
ea3b3fccc80ec2367900c7b7fff7162a7ba2bff793b31df137ac8bfe1826a7e0
ec5dc232cf8678d7f398781e2959419d15c95eb1e69c654a17235f95a9301be8
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f0142855df82695c7759c275c11b46ec60f0eb0c2c50512de4dd7c3f1caa584f
f71a2212eabcd2e75afe61c0fb04dd593b8ffdf48989c40877c30d7fdd54f25a

on.ge Open in urlscan Pro 2606:4700:10::6816:425 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Page Statistics

125 Requests

98 %HTTPS

67 %IPv6

16 Domains

34 Subdomains

24 IPs

8 Countries

3893 kBTransfer

6192 kBSize

21 Cookies

17 Outgoing links

Page URL History

Redirected requests

125 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

on.ge Open in urlscan Pro
2606:4700:10::6816:425 Public Scan

Screenshot
Live screenshot

Full Image

125
Requests

98 %
HTTPS

67 %
IPv6

16
Domains

34
Subdomains

24
IPs

8
Countries

3893 kB
Transfer

6192 kB
Size

21
Cookies

125 HTTP transactions
2 data transactions