xosodaiphat.com Open in urlscan Pro
2606:4700::6812:144c Public Scan

Go To Rescan
Add Verdict Report

URL:
https://xosodaiphat.com/xsdna-xo-so-da-nang.html
Submission: On February 07 via api (February 7th 2024, 10:17:39 am UTC) from US — Scanned from DE

Summary HTTP 102 Redirects Links 4 Behaviour Indicators

Summary

This website contacted 34 IPs in 4 countries across 18 domains to perform 102 HTTP transactions. The main IP is 2606:4700::6812:144c, located in United States and belongs to CLOUDFLARENET, US. The main domain is xosodaiphat.com. The Cisco Umbrella rank of the primary domain is 54816.
TLS certificate: Issued by E1 on February 1st 2024. Valid for: 3 months.

This is the only time xosodaiphat.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
13	2606:4700::68... 2606:4700::6812:144c	13335 (CLOUDFLAR...) (CLOUDFLARENET)
13	2a00:1450:400... 2a00:1450:4001:831::2002	15169 (GOOGLE) (GOOGLE)
1	103.229.42.224 103.229.42.224	45903 (CMCTELECO...) (CMCTELECOM-AS-VN CMC Telecom Infrastructure Company)
6	151.101.66.132 151.101.66.132	54113 (FASTLY) (FASTLY)
3	2a00:1450:400... 2a00:1450:4001:808::2002	15169 (GOOGLE) (GOOGLE)
1	2400:52e0:1e0... 2400:52e0:1e00::1081:1	200325 (BUNNYCDN) (BUNNYCDN)
2	2a00:1450:400... 2a00:1450:4001:812::2003	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:806::2008	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:828::200e	15169 (GOOGLE) (GOOGLE)
6	44.195.166.86 44.195.166.86	14618 (AMAZON-AES) (AMAZON-AES)
5	2606:4700::68... 2606:4700::6812:d0d	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:829::2002	15169 (GOOGLE) (GOOGLE)
8	2a02:26f0:480... 2a02:26f0:480:24::1726:6267	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	2a00:1450:400... 2a00:1450:4001:831::200e	15169 (GOOGLE) (GOOGLE)
3	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:400c:c00::9c	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82f::2003	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:80e::2001	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:827::200e	15169 (GOOGLE) (GOOGLE)
2	23.53.42.130 23.53.42.130	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	2a00:1450:400... 2a00:1450:4001:802::200a	15169 (GOOGLE) (GOOGLE)
1	151.101.2.137 151.101.2.137	54113 (FASTLY) (FASTLY)
2	2a00:1450:400... 2a00:1450:4001:82a::2003	15169 (GOOGLE) (GOOGLE)
1	151.101.2.132 151.101.2.132	54113 (FASTLY) (FASTLY)
2	142.250.185.102 142.250.185.102	15169 (GOOGLE) (GOOGLE)
7	2a00:1450:400... 2a00:1450:4001:828::2001	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:800::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:808::2006	15169 (GOOGLE) (GOOGLE)
3 4	142.250.185.98 142.250.185.98	15169 (GOOGLE) (GOOGLE)
2 4	172.64.151.101 172.64.151.101	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3 4	185.89.210.82 185.89.210.82	29990 (ASN-APPNEX) (ASN-APPNEX)
1	2a00:1450:400... 2a00:1450:4001:830::2004	15169 (GOOGLE) (GOOGLE)
1	3.233.110.153 3.233.110.153	14618 (AMAZON-AES) (AMAZON-AES)
102	34

13 2606:4700::6812:144c (United States)

ASN13335 (CLOUDFLARENET, US)

xosodaiphat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn.xosodaiphat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2a00:1450:4001:831::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 103.229.42.224 (Viet Nam)

ASN45903 (CMCTELECOM-AS-VN CMC Telecom Infrastructure Company, VN)
PTR: static.cmcti.vn

cdn.adop.asia	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 151.101.66.132 (United States)

ASN54113 (FASTLY, US)

smart-placements-sdk.ex.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
experience.ex.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
embed.ex.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pixel.ex.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:808::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2400:52e0:1e00::1081:1 (Germany)

ASN200325 (BUNNYCDN, SI)

images.dmca.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:812::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:806::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:828::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

apis.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 44.195.166.86 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-195-166-86.compute-1.amazonaws.com

prd-collector-platform.ex.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2606:4700::6812:d0d (United States)

ASN13335 (CLOUDFLARENET, US)

msdigital.vn	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn.msdigital.vn	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a02:26f0:480:24::1726:6267 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

static.ex.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:831::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400c:c00::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80e::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

09160a512015889a23a9b23d102dbad6.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:827::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fundingchoicesmessages.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.53.42.130 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-53-42-130.deploy.static.akamaitechnologies.com

img.ex.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:802::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.2.137 (United States)

ASN54113 (FASTLY, US)

mcd-sdk.playbuzz.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82a::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.2.132 (United States)

ASN54113 (FASTLY, US)

ads.playbuzz.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.185.102 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f6.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:828::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:800::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:808::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.185.98 (United States) 3 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 172.64.151.101 (United States) 2 redirects

ASN13335 (CLOUDFLARENET, US)

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 185.89.210.82 (Frankfurt am Main, Germany) 3 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 952.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:830::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.233.110.153 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-233-110-153.compute-1.amazonaws.com

prd-collector-anon.playbuzz.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
22	ex.co smart-placements-sdk.ex.co — Cisco Umbrella Rank: 398066 prd-collector-platform.ex.co — Cisco Umbrella Rank: 145824 static.ex.co — Cisco Umbrella Rank: 106403 experience.ex.co — Cisco Umbrella Rank: 287088 img.ex.co — Cisco Umbrella Rank: 219359 embed.ex.co — Cisco Umbrella Rank: 199009 pixel.ex.co — Cisco Umbrella Rank: 180431	402 KB
22	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 110 09160a512015889a23a9b23d102dbad6.safeframe.googlesyndication.com tpc.googlesyndication.com — Cisco Umbrella Rank: 157	351 KB
13	doubleclick.net 3 redirects securepubads.g.doubleclick.net — Cisco Umbrella Rank: 209 googleads.g.doubleclick.net — Cisco Umbrella Rank: 38 stats.g.doubleclick.net — Cisco Umbrella Rank: 79 ad.doubleclick.net — Cisco Umbrella Rank: 163 cm.g.doubleclick.net — Cisco Umbrella Rank: 260	212 KB
13	xosodaiphat.com xosodaiphat.com — Cisco Umbrella Rank: 54816 cdn.xosodaiphat.com — Cisco Umbrella Rank: 117594	162 KB
9	google.com apis.google.com — Cisco Umbrella Rank: 106 region1.analytics.google.com — Cisco Umbrella Rank: 2616 fundingchoicesmessages.google.com — Cisco Umbrella Rank: 1143 www.google.com — Cisco Umbrella Rank: 2	198 KB
5	msdigital.vn msdigital.vn cdn.msdigital.vn	53 KB
4	adnxs.com 3 redirects ib.adnxs.com — Cisco Umbrella Rank: 253	4 KB
4	casalemedia.com 2 redirects dsum-sec.casalemedia.com — Cisco Umbrella Rank: 622	2 KB
4	gstatic.com www.gstatic.com fonts.gstatic.com	204 KB
3	playbuzz.com mcd-sdk.playbuzz.com — Cisco Umbrella Rank: 137278 ads.playbuzz.com — Cisco Umbrella Rank: 308207 prd-collector-anon.playbuzz.com — Cisco Umbrella Rank: 240406	604 B
2	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 28	10 KB
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 27	21 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 37	170 KB
1	2mdn.net s0.2mdn.net — Cisco Umbrella Rank: 336	3 MB
1	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 230	65 KB
1	google.de www.google.de — Cisco Umbrella Rank: 6518	408 B
1	dmca.com images.dmca.com — Cisco Umbrella Rank: 15449	845 B
1	adop.asia cdn.adop.asia — Cisco Umbrella Rank: 126615	12 KB
102	18

	Domain	Requested by
13	pagead2.googlesyndication.com	xosodaiphat.com pagead2.googlesyndication.com 09160a512015889a23a9b23d102dbad6.safeframe.googlesyndication.com tpc.googlesyndication.com securepubads.g.doubleclick.net www.googletagservices.com
11	cdn.xosodaiphat.com	xosodaiphat.com cdn.xosodaiphat.com
8	static.ex.co	smart-placements-sdk.ex.co static.ex.co
7	tpc.googlesyndication.com	xosodaiphat.com 09160a512015889a23a9b23d102dbad6.safeframe.googlesyndication.com tpc.googlesyndication.com securepubads.g.doubleclick.net
6	prd-collector-platform.ex.co	smart-placements-sdk.ex.co static.ex.co xosodaiphat.com
4	ib.adnxs.com	3 redirects googleads.g.doubleclick.net
4	dsum-sec.casalemedia.com	2 redirects googleads.g.doubleclick.net
4	cm.g.doubleclick.net	3 redirects googleads.g.doubleclick.net
4	cdn.msdigital.vn	msdigital.vn
3	fundingchoicesmessages.google.com	pagead2.googlesyndication.com
3	region1.analytics.google.com	www.googletagmanager.com
3	securepubads.g.doubleclick.net	xosodaiphat.com securepubads.g.doubleclick.net
2	ad.doubleclick.net	xosodaiphat.com
2	fonts.gstatic.com	xosodaiphat.com
2	pixel.ex.co	static.ex.co
2	fonts.googleapis.com	static.ex.co
2	img.ex.co	xosodaiphat.com
2	09160a512015889a23a9b23d102dbad6.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
2	stats.g.doubleclick.net	www.googletagmanager.com www.google-analytics.com
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	googleads.g.doubleclick.net	pagead2.googlesyndication.com 09160a512015889a23a9b23d102dbad6.safeframe.googlesyndication.com
2	apis.google.com	xosodaiphat.com apis.google.com
2	www.googletagmanager.com	xosodaiphat.com www.googletagmanager.com
2	www.gstatic.com	xosodaiphat.com
2	smart-placements-sdk.ex.co	xosodaiphat.com smart-placements-sdk.ex.co
2	xosodaiphat.com	xosodaiphat.com
1	prd-collector-anon.playbuzz.com	static.ex.co
1	www.google.com	tpc.googlesyndication.com
1	s0.2mdn.net	09160a512015889a23a9b23d102dbad6.safeframe.googlesyndication.com
1	www.googletagservices.com	09160a512015889a23a9b23d102dbad6.safeframe.googlesyndication.com
1	ads.playbuzz.com	static.ex.co
1	mcd-sdk.playbuzz.com	static.ex.co
1	embed.ex.co	static.ex.co
1	experience.ex.co	static.ex.co
1	www.google.de	xosodaiphat.com
1	msdigital.vn	xosodaiphat.com
1	images.dmca.com	xosodaiphat.com
1	cdn.adop.asia	xosodaiphat.com
102	38

This site contains links to these domains. Also see Links.

Domain
www.youtube.com
www.dmca.com
content.ex.co
shope.ee

Subject Issuer	Validity	Valid
xosodaiphat.com E1	`2024-02-01` - `2024-05-01`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-05-26` - `2024-05-24`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2024-01-09` - `2024-04-02`	3 months	crt.sh
cdn.adop.asia R3	`2024-01-26` - `2024-04-25`	3 months	crt.sh
*.ex.co Go Daddy Secure Certificate Authority - G2	`2023-06-08` - `2024-07-09`	a year	crt.sh
images.dmca.com R3	`2024-01-22` - `2024-04-21`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2024-01-09` - `2024-04-02`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2024-01-09` - `2024-04-02`	3 months	crt.sh
*.apis.google.com GTS CA 1C3	`2024-01-09` - `2024-04-02`	3 months	crt.sh
msdigital.vn GTS CA 1P5	`2023-12-29` - `2024-03-28`	3 months	crt.sh
cdn.ex.co R3	`2024-01-04` - `2024-04-03`	3 months	crt.sh
www.google.de GTS CA 1C3	`2024-01-09` - `2024-04-02`	3 months	crt.sh
*.google.com GTS CA 1C3	`2024-01-09` - `2024-04-02`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2024-01-09` - `2024-04-02`	3 months	crt.sh
*.playbuzz.com Go Daddy Secure Certificate Authority - G2	`2023-06-08` - `2024-07-09`	a year	crt.sh
*.doubleclick.net GTS CA 1C3	`2024-01-09` - `2024-04-02`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2024-01-09` - `2024-04-02`	3 months	crt.sh
www.google.com GTS CA 1C3	`2024-01-09` - `2024-04-02`	3 months	crt.sh

This page contains 11 frames:

Primary Page: https://xosodaiphat.com/xsdna-xo-so-da-nang.html
Frame ID: D6684792D6B40090332FEC36350CAA51
Requests: 56 HTTP requests in this frame

Frame: https://msdigital.vn/ads/NjM4Mzk4Nzk5NzIx
Frame ID: 5C1BD78952606F4E1979F36BF77CD1CB
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20240201/r20190131/zrt_lookup_fy2021.html
Frame ID: 6AB019BB0F7003922B342CEE1E0C36DF
Requests: 1 HTTP requests in this frame

Frame: https://09160a512015889a23a9b23d102dbad6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 07531710310CB205324EB0D9B8480EE4
Requests: 1 HTTP requests in this frame

Frame: https://static.ex.co/cdn/fonts/google/roboto-poppins-fonts.css
Frame ID: 6ACC3AF19BAC878F0EA61F88D621F8E1
Requests: 14 HTTP requests in this frame

Frame: https://embed.ex.co/xdomain_cookie.html
Frame ID: EDE85A6C923943108B4F5C5D1821FA20
Requests: 1 HTTP requests in this frame

Frame: https://09160a512015889a23a9b23d102dbad6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: BF128DDF4BB4F506CD4832411E0F6A06
Requests: 13 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CKv65gIQm-jrAhidisT_ATAB&v=APEucNVwqAEUn9IHhVzmxfz6cd3f3CgX_Kxv2jeUgwqw-JLbSwQtFglPo03EyMmvxDgH4wHuqF9gD4k6z3A13J9UD7hSICgjKqUDiTHwd_CnO5ZX-wvr3nazrS-gfkPWahjLBN4bgHNN-QH6RSvMYR5C_WwRuRq2FZfoSrSDOMW4m-FWrHhNRiw
Frame ID: 29658D110C7C747FED879659740CA128
Requests: 5 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: A143ABCEC0D7E8064E7B12F6C5392C4F
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 7F77708880BAC6CEE35CC616CC36B633
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: D15F2FA64CA3A0811AF5746D9542B665
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

XSDNA - SXDNA - Xo So Da Nang - Kết Quả Xổ Số Đà Nẵng

Detected technologies

Firebase (Databases) Expand

Overall confidence: 100%
Detected patterns

/firebasejs/([\d.]+)/firebase

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Plus (Widgets) Expand

Overall confidence: 100%
Detected patterns

apis\.google\.com/js/[a-z]*\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

102
Requests

96 %
HTTPS

67 %
IPv6

18
Domains

38
Subdomains

34
IPs

4
Countries

4526 kB
Transfer

8185 kB
Size

19
Cookies

4 Outgoing links

These are links going to different origins than the main page.

URL: https://www.youtube.com/@xosodaiphatcom

Search URL Search Domain Scan URL

URL: https://www.dmca.com/Protection/Status.aspx?ID=2fe00d0c-59bc-4930-bde8-11153f7264ff&refurl=https://xosodaiphat.com/

Search URL Search Domain Scan URL

URL: https://content.ex.co/interactive-experiences

Search URL Search Domain Scan URL

URL: https://shope.ee/3ffCTeclbe

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 82

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEGo-eqMaMcjXMvZ6c3Th9a0&google_cver=1

Request Chain 83

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZcNYvE2NLwiu294gHQG4egAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENjbnVz_a1sFiO2VpmK7_lc&google_cver=1

Request Chain 84

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESELLd_d08-Ky2ueMpPEVsVOM&google_cver=1 HTTP 307
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESELLd_d08-Ky2ueMpPEVsVOM%26google_cver%3D1

Request Chain 85

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=OTE4MzIzMTMxNjY3MDc3NjE2OA%3D%3D

102 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request xsdna-xo-so-da-nang.html Show response
xosodaiphat.com/ 71 KB
19 KB 814ms
776ms Document
text/html 2606:4700::6812:144c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://xosodaiphat.com/xsdna-xo-so-da-nang.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:144c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 75d5eaf3029fcc3aeb279e2c6b88a7f7bbd958cc5e6bc784135373094a7c008c

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
cache-control: public, max-age=60
cf-cache-status: HIT
cf-ray: 851ae22e7c6b5d92-FRA
content-encoding: gzip
content-length: 19277
content-type: text/html; charset=utf-8
date: Wed, 07 Feb 2024 10:17:31 GMT
expires: Wed, 07 Feb 2024 10:18:31 GMT
last-modified: Wed, 07 Feb 2024 10:16:38 GMT
server: cloudflare
vary: *, Accept-Encoding
x-aspnet-version: 4.0.30319
x-aspnetmvc-version: 4.0
x-powered-by: ASP.NET

GET
H2 200 styleggfont.min.css
cdn.xosodaiphat.com/assets/css/ 225 KB
59 KB 78ms
38ms Stylesheet
text/css 2606:4700::6812:144c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.xosodaiphat.com/assets/css/styleggfont.min.css?v=20240118
Requested by: Host: xosodaiphat.com
URL: https://xosodaiphat.com/xsdna-xo-so-da-nang.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:144c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 3d774f58b960045a13d077ee62582d4ade0eac48358cd30c03e9f3de5f86b425

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://xosodaiphat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 10:17:31 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 513584
x-powered-by: ASP.NET
alt-svc: h3=":443"; ma=86400
content-length: 60622
last-modified: Thu, 18 Jan 2024 07:13:43 GMT
server: cloudflare
etag: "65fd0dedd49da1:0"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=691200
accept-ranges: bytes
cf-ray: 851ae23399289296-FRA
expires: Thu, 15 Feb 2024 10:17:31 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 145 KB
51 KB 73ms
53ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: xosodaiphat.com
URL: https://xosodaiphat.com/xsdna-xo-so-da-nang.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1d07ee57409ba29ae16fe77a8c7f0ca9f6c2df90a6422dc7869eb32d2e4d531c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://xosodaiphat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 10:17:31 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51249
x-xss-protection: 0
server: cafe
etag: 12359166697231300501
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
link: <https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
expires: Wed, 07 Feb 2024 10:17:31 GMT

GET
H3 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 149 KB
50 KB 67ms
53ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-2201058077065954

Requested by

Host: xosodaiphat.com
URL: https://xosodaiphat.com/xsdna-xo-so-da-nang.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

794f20c2790a4d3f27b8241288c24569d57ddc48f10dacb8fe6a0187db69dd6c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://xosodaiphat.com/
Origin: https://xosodaiphat.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 10:17:31 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51557
x-xss-protection: 0
server: cafe
etag: 15566916988914881844
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
link: <https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
expires: Wed, 07 Feb 2024 10:17:31 GMT

GET
H2 200 logo.svg
cdn.xosodaiphat.com/assets/images/ 15 KB
5 KB 67ms
28ms Image
image/svg+xml 2606:4700::6812:144c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.xosodaiphat.com/assets/images/logo.svg
Requested by: Host: xosodaiphat.com
URL: https://xosodaiphat.com/xsdna-xo-so-da-nang.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:144c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: dd382a0b771572febe55bbd91bca06284a52d4ac9bc73128f114914a4b3c7e97

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://xosodaiphat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 10:17:31 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Fri, 21 Apr 2023 03:14:12 GMT
server: cloudflare
age: 528202
etag: W/"f9bfcb58ff73d91:0"
x-powered-by: ASP.NET
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=2678400
cf-ray: 851ae233992b9296-FRA
alt-svc: h3=":443"; ma=86400
expires: Sat, 09 Mar 2024 10:17:31 GMT

GET
H/1.1 200
OK 285e19f20beded7d215102b49d5c09a0.js Show response
cdn.adop.asia/scripts/a/ 11 KB
12 KB 1069ms
427ms Script
application/javascript 103.229.42.224
CMCTELECOM-AS-VN ...

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.adop.asia/scripts/a/285e19f20beded7d215102b49d5c09a0.js
Requested by: Host: xosodaiphat.com
URL: https://xosodaiphat.com/xsdna-xo-so-da-nang.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 103.229.42.224 , Viet Nam, ASN45903 (CMCTELECOM-AS-VN CMC Telecom Infrastructure Company, VN),
Reverse DNS: static.cmcti.vn
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 6fe1405bd9125051de2258e4ba8b8d5635b223856c3d5ec647734f49b795507a

Request headers

Referer: https://xosodaiphat.com/
Origin: https://xosodaiphat.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Wed, 07 Feb 2024 10:17:32 GMT
Last-Modified: Tue, 06 Feb 2024 03:02:33 GMT
Server: nginx/1.18.0 (Ubuntu)
ETag: "65c1a149-2dc2"
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 11714

GET
H2 200 sdk.js Show response
smart-placements-sdk.ex.co/v1/eafcd55a-d645-411b-95a0-f373a8da694a/ 113 KB
42 KB 43ms
8ms Script
application/javascript 151.101.66.132
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://smart-placements-sdk.ex.co/v1/eafcd55a-d645-411b-95a0-f373a8da694a/sdk.js

Requested by

Host: xosodaiphat.com
URL: https://xosodaiphat.com/xsdna-xo-so-da-nang.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.66.132 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

2956ae945c27514e2430022b0aeac654523718005036136bb2c9bc72b63dbaf7

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://xosodaiphat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

strict-transport-security: max-age=15552000; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 07 Feb 2024 10:17:31 GMT
via: 1.1 varnish
age: 2313
x-cache: HIT
content-length: 42089
x-served-by: cache-fra-eddf8230042-FRA
server: nginx
x-timer: S1707301051.452684,VS0,VE2
etag: W/"1c3cf-XzetwPilvlrwMth9HQJFNw"
access-control-max-age: 600
access-control-allow-methods: GET, POST, PUT, DELETE
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding, x-pb-country,X-PB-Os,X-PB-Platform,X-PB-Browser
accept-ranges: bytes
access-control-allow-headers: Accept, Authorization, Content-Type
x-cache-hits: 1

GET
H2 200 home.svg
cdn.xosodaiphat.com/assets/images/ 958 B
748 B 16ms
16ms Image
image/svg+xml 2606:4700::6812:144c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.xosodaiphat.com/assets/images/home.svg
Requested by: Host: xosodaiphat.com
URL: https://xosodaiphat.com/xsdna-xo-so-da-nang.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:144c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: f1cfe4f7d3b09de9e3537f0a2303e3e1f23825a794f744340ababa5807de75e1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://xosodaiphat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 10:17:31 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Mon, 22 Nov 2021 04:03:56 GMT
server: cloudflare
age: 610444
etag: W/"34586ff855dfd71:0"
x-powered-by: ASP.NET
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=2678400
cf-ray: 851ae233a93c9296-FRA
alt-svc: h3=":443"; ma=86400
expires: Sat, 09 Mar 2024 10:17:31 GMT

GET
H2 200 hot.gif
xosodaiphat.com/assets/images/ 181 B
349 B 18ms
18ms Image
image/gif 2606:4700::6812:144c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://xosodaiphat.com/assets/images/hot.gif
Requested by: Host: xosodaiphat.com
URL: https://xosodaiphat.com/xsdna-xo-so-da-nang.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:144c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: ede1a14f2800eeb40e5370aef684dce98eff7eee4e6c75fb9b3c4c773351a8b2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://xosodaiphat.com/xsdna-xo-so-da-nang.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 10:17:31 GMT
cf-cache-status: HIT
last-modified: Fri, 26 May 2023 07:16:54 GMT
server: cloudflare
age: 2341154
etag: "bbdb7eca28fd91:0"
x-powered-by: ASP.NET
vary: Accept-Encoding
content-type: image/gif
cache-control: public, max-age=2678400
accept-ranges: bytes
cf-ray: 851ae233cb505d92-FRA
alt-svc: h3=":443"; ma=86400
content-length: 181
expires: Sat, 09 Mar 2024 10:17:31 GMT

GET
H2 200 menu.svg
cdn.xosodaiphat.com/assets/images/ 1 KB
654 B 17ms
17ms Image
image/svg+xml 2606:4700::6812:144c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.xosodaiphat.com/assets/images/menu.svg
Requested by: Host: xosodaiphat.com
URL: https://xosodaiphat.com/xsdna-xo-so-da-nang.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:144c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: c86bfeabd06ba640332347ce71c397f83fc766be7ba5cd8204d99b940e0fbcb6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://xosodaiphat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 10:17:31 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Mon, 22 Nov 2021 04:03:56 GMT
server: cloudflare
age: 2510533
etag: W/"b81b7bf855dfd71:0"
x-powered-by: ASP.NET
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=2678400
cf-ray: 851ae233c9599296-FRA
alt-svc: h3=":443"; ma=86400
expires: Sat, 09 Mar 2024 10:17:31 GMT

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 98 KB
30 KB 72ms
48ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: xosodaiphat.com
URL: https://xosodaiphat.com/xsdna-xo-so-da-nang.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9d1159a08f439c5bd45dc5704422ace4528e489c1a8b796661e463676a4ab2f1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://xosodaiphat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 10:17:31 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29728
x-xss-protection: 0
server: cafe
etag: 852 / 19760 / m202402010101 / config-hash: 1448747406949387063
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Wed, 07 Feb 2024 10:17:31 GMT

GET
H3 200 Loading_icon.gif
cdn.xosodaiphat.com/assets/images/ 664 B
902 B 58ms
57ms Image
image/gif 2606:4700::6812:144c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.xosodaiphat.com/assets/images/Loading_icon.gif
Requested by: Host: xosodaiphat.com
URL: https://xosodaiphat.com/xsdna-xo-so-da-nang.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6812:144c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 2a72e4899e019bb6fc9cdcd7c5edf076a9f2f6ccd80ba31e83736fac06272d34

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://xosodaiphat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 10:17:31 GMT
cf-cache-status: HIT
age: 1913832
x-powered-by: ASP.NET
alt-svc: h3=":443"; ma=86400
content-length: 664
last-modified: Mon, 22 Nov 2021 04:03:56 GMT
server: cloudflare
etag: "82175f855dfd71:0"
vary: Accept-Encoding
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=2678400
accept-ranges: bytes
cf-ray: 851ae233ec1c9150-FRA
expires: Sat, 09 Mar 2024 10:17:31 GMT

GET
H3 200 dmca.png
cdn.xosodaiphat.com/assets/images/ 2 KB
3 KB 54ms
53ms Image
image/png 2606:4700::6812:144c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.xosodaiphat.com/assets/images/dmca.png?ID=2fe00d0c-59bc-4930-bde8-11153f7264ff
Requested by: Host: xosodaiphat.com
URL: https://xosodaiphat.com/xsdna-xo-so-da-nang.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6812:144c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: c139d813498e013df39eea698dab24025cee5520480588f73cac443e222a58d1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://xosodaiphat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 10:17:31 GMT
cf-cache-status: HIT
age: 611179
x-powered-by: ASP.NET
alt-svc: h3=":443"; ma=86400
content-length: 2525
last-modified: Mon, 22 Nov 2021 04:03:56 GMT
server: cloudflare
etag: "ea6465f855dfd71:0"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=2678400
accept-ranges: bytes
cf-ray: 851ae233ec259150-FRA
expires: Sat, 09 Mar 2024 10:17:31 GMT

GET
H2 200 DMCABadgeHelper.min.js Show response
images.dmca.com/Badges/ 465 B
845 B 40ms
7ms Script
application/javascript 2400:52e0:1e00::1081:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL: https://images.dmca.com/Badges/DMCABadgeHelper.min.js
Requested by: Host: xosodaiphat.com
URL: https://xosodaiphat.com/xsdna-xo-so-da-nang.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1e00::1081:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software: BunnyCDN-DE1-1081 / ASP.NET
Resource Hash: e8021f1a9dad409f7e699457ac334653bf800464df69900237c4de1c29e275d0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://xosodaiphat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 10:17:31 GMT
content-encoding: br
cdn-edgestorageid: 1080
x-powered-by: ASP.NET
cdn-cachedat: 12/05/2023 19:29:27
cdn-pullzone: 1574055
last-modified: Fri, 21 Jun 2019 20:14:34 GMT
server: BunnyCDN-DE1-1081
cdn-proxyver: 1.04
cdn-requestpullcode: 200
etag: W/"26b181f16d28d51:0"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
cdn-cache: HIT
cdn-uid: c136c664-112d-4533-8247-f90f6849ab39
cache-control: public, max-age=31536000
cdn-requestid: 7b65d9b9527fb76e2f7d024b26cff4b5
cdn-requestcountrycode: DE
link: <https://dmca-images.azurewebsites.net/Badges/DMCABadgeHelper.min.js>; rel="canonical"
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 jquerylib.js Show response
cdn.xosodaiphat.com/assets/js/ 105 KB
43 KB 30ms
28ms Script
application/javascript 2606:4700::6812:144c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.xosodaiphat.com/assets/js/jquerylib.js?v=20230711
Requested by: Host: xosodaiphat.com
URL: https://xosodaiphat.com/xsdna-xo-so-da-nang.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:144c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: c01eb076809b16051ebbb8ace592465ef2d059908c608a4e07a7c1b6c624249b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://xosodaiphat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 10:17:31 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 534440
x-powered-by: ASP.NET
alt-svc: h3=":443"; ma=86400
content-length: 43717
last-modified: Tue, 11 Jul 2023 05:04:02 GMT
server: cloudflare
etag: "b7dc51bb5b3d91:0"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=2678400
accept-ranges: bytes
cf-ray: 851ae233e9769296-FRA
expires: Sat, 09 Mar 2024 10:17:31 GMT

GET
H2 200 lazyload.min.js Show response
cdn.xosodaiphat.com/assets/js/ 3 KB
2 KB 20ms
18ms Script
application/javascript 2606:4700::6812:144c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.xosodaiphat.com/assets/js/lazyload.min.js?v=20230112
Requested by: Host: xosodaiphat.com
URL: https://xosodaiphat.com/xsdna-xo-so-da-nang.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:144c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 9ccd0b8dcedf64da15cc9c91034d10ead865813506f63c82b9b02ba7cc4df78a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://xosodaiphat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 10:17:31 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 431911
x-powered-by: ASP.NET
alt-svc: h3=":443"; ma=86400
content-length: 1428
last-modified: Wed, 11 Jan 2023 07:27:37 GMT
server: cloudflare
etag: "5f34c2e8e25d91:0"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=691200
accept-ranges: bytes
cf-ray: 851ae233e9799296-FRA
expires: Thu, 15 Feb 2024 10:17:31 GMT

GET
H2 200 firebase-app.js Show response
www.gstatic.com/firebasejs/8.3.0/ 19 KB
20 KB 32ms
7ms Script
text/javascript 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/firebasejs/8.3.0/firebase-app.js

Requested by

Host: xosodaiphat.com
URL: https://xosodaiphat.com/xsdna-xo-so-da-nang.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b33c75d66b6115b2b04d07e509b8b5def62e5ff9a5feb52c7b4dfedb748fa8ba

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://xosodaiphat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 18:57:52 GMT
x-content-type-options: nosniff
age: 55179
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19867
x-xss-protection: 0
last-modified: Thu, 11 Mar 2021 00:35:57 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="firebase-js"
vary: Accept-Encoding
report-to: {"group":"firebase-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/firebase-js"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 05 Feb 2025 18:57:52 GMT

GET
H2 200 firebase-messaging.js Show response
www.gstatic.com/firebasejs/8.3.0/ 40 KB
11 KB 35ms
10ms Script
text/javascript 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/firebasejs/8.3.0/firebase-messaging.js

Requested by

Host: xosodaiphat.com
URL: https://xosodaiphat.com/xsdna-xo-so-da-nang.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e8001772f5fd68cdf6f4d82118d7d0b67cc65eb418f3994a4105837e5624894a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://xosodaiphat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Sat, 03 Feb 2024 01:57:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 375595
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10873
x-xss-protection: 0
last-modified: Thu, 11 Mar 2021 00:36:01 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="firebase-js"
vary: Accept-Encoding
report-to: {"group":"firebase-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/firebase-js"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 02 Feb 2025 01:57:36 GMT

GET
H2 200 xsdp.min.js Show response
cdn.xosodaiphat.com/assets/js/ 59 KB
12 KB 23ms
22ms Script
application/javascript 2606:4700::6812:144c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.xosodaiphat.com/assets/js/xsdp.min.js?v=20230110
Requested by: Host: xosodaiphat.com
URL: https://xosodaiphat.com/xsdna-xo-so-da-nang.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:144c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 17bd94a28d6447ce95fcb2b8e6b84f4cc8174fd264df5fff305f2c55dbb40c4a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://xosodaiphat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 10:17:31 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 435442
x-powered-by: ASP.NET
alt-svc: h3=":443"; ma=86400
content-length: 11861
last-modified: Fri, 26 May 2023 06:52:58 GMT
server: cloudflare
etag: "f7aaebb49e8fd91:0"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=691200
accept-ranges: bytes
cf-ray: 851ae233e97b9296-FRA
expires: Thu, 15 Feb 2024 10:17:31 GMT

GET
H2 200 lotterylivewk.min.js Show response
cdn.xosodaiphat.com/Content/js/ 52 KB
16 KB 21ms
20ms Script
application/javascript 2606:4700::6812:144c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.xosodaiphat.com/Content/js/lotterylivewk.min.js?v=20230504
Requested by: Host: xosodaiphat.com
URL: https://xosodaiphat.com/xsdna-xo-so-da-nang.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:144c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: aabb2779ac0a3851f52c262fa7d26ca98a35546f1ae6b63701c434a0ded86dad

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://xosodaiphat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 10:17:31 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 528202
x-powered-by: ASP.NET
alt-svc: h3=":443"; ma=86400
content-length: 16445
last-modified: Fri, 08 Dec 2023 02:44:25 GMT
server: cloudflare
etag: "aee0c4748029da1:0"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=691200
accept-ranges: bytes
cf-ray: 851ae233e97c9296-FRA
expires: Thu, 15 Feb 2024 10:17:31 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 210 KB
75 KB 47ms
23ms Script
application/javascript 2a00:1450:4001:806::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-KGDCKMX

Requested by

Host: xosodaiphat.com
URL: https://xosodaiphat.com/xsdna-xo-so-da-nang.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

52c19eaf43e9a3bd45519b5999699a6ce0ec5a959327450522fd4b9ebfbe7d76

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://xosodaiphat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 10:17:31 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 76869
x-xss-protection: 0
last-modified: Wed, 07 Feb 2024 09:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 07 Feb 2024 10:17:31 GMT

GET
H2 200 plusone.js Show response
apis.google.com/js/ 56 KB
22 KB 51ms
27ms Script
text/javascript 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/js/plusone.js

Requested by

Host: xosodaiphat.com
URL: https://xosodaiphat.com/xsdna-xo-so-da-nang.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c8aa2a3f11c98a965938267f743e26504d3127d68cc425821c8a8a1f523a670

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://xosodaiphat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

content-security-policy: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 07 Feb 2024 10:17:31 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 21932
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="gapi-team"
etag: "da0cdea429f205a7"
vary: Accept-Encoding
report-to: {"group":"gapi-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gapi-team"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: private, max-age=1800, stale-while-revalidate=1800
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 07 Feb 2024 10:17:31 GMT

GET
H2 200 placements Show response
smart-placements-sdk.ex.co/v1/tag/eafcd55a-d645-411b-95a0-f373a8da694a/ 5 KB
2 KB 22ms
8ms Fetch
application/json 151.101.66.132
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://smart-placements-sdk.ex.co/v1/tag/eafcd55a-d645-411b-95a0-f373a8da694a/placements?placements=7f87472a-d90d-40e5-9392-b28501e3b870

Requested by

Host: smart-placements-sdk.ex.co
URL: https://smart-placements-sdk.ex.co/v1/eafcd55a-d645-411b-95a0-f373a8da694a/sdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.66.132 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

6b1855c3e93981dd579aedb73e6841185a1ce1d3abe0b2dbe3bb1249bedcd82c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://xosodaiphat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

strict-transport-security: max-age=15552000; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 07 Feb 2024 10:17:31 GMT
via: 1.1 varnish
age: 2313
x-cache: HIT
content-length: 1659
x-served-by: cache-fra-eddf8230037-FRA
server: nginx
x-timer: S1707301052.523504,VS0,VE1
etag: W/"1258-MclKEX1J4c66jGLTQ4T/yg"
access-control-max-age: 600
access-control-allow-methods: GET, POST, PUT, DELETE
content-type: application/json; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
accept-ranges: bytes
access-control-allow-headers: Accept, Authorization, Content-Type
x-cache-hits: 1

POST
H2 200 events Show response
prd-collector-platform.ex.co/main/ 17 B
155 B 301ms
94ms Fetch
application/json 44.195.166.86
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://prd-collector-platform.ex.co/main/events
Requested by: Host: smart-placements-sdk.ex.co
URL: https://smart-placements-sdk.ex.co/v1/eafcd55a-d645-411b-95a0-f373a8da694a/sdk.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 44.195.166.86 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-44-195-166-86.compute-1.amazonaws.com
Software: /
Resource Hash: cebe87559cf861d01e9c6b1cefd38ab1db9e13c8fe316b85a296b6cf220f883e

Request headers

Referer: https://xosodaiphat.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
content-type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Wed, 07 Feb 2024 10:17:31 GMT
etag: W/"11-MaL8I3MaqLPWbOrdrabTmSWS9PM"
content-length: 17
content-type: application/json; charset=utf-8

GET
DATA 200
OK truncated
/ 35 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 04c1bc744720c6e7542613e933c9a0f4bbd8f6ed45a5b1924223c256430dfd7b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Content-Type: image/gif

GET
H2 200 NjM4Mzk4Nzk5NzIx Show response
msdigital.vn/ads/ Frame 5C1B 13 KB
3 KB 386ms
324ms Document
text/html 2606:4700::6812:d0d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://msdigital.vn/ads/NjM4Mzk4Nzk5NzIx

Requested by

Host: xosodaiphat.com
URL: https://xosodaiphat.com/xsdna-xo-so-da-nang.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:d0d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7a0b8b2346decace206280825ba10ad98156b636d342224c18723ee7d3c94b0c

Security Headers

Name	Value
X-Frame-Options	allow-from *

Request headers

Referer: https://xosodaiphat.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: public, max-age=300
cf-cache-status: EXPIRED
cf-ray: 851ae2345e344d67-FRA
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Wed, 07 Feb 2024 10:17:31 GMT
expires: Wed, 07 Feb 2024 10:22:31 GMT
last-modified: Wed, 07 Feb 2024 10:07:46 GMT
server: cloudflare
vary: Accept-Encoding
x-frame-options: allow-from *

GET
H3 200 arow.svg
cdn.xosodaiphat.com/assets/images/ 737 B
774 B 55ms
55ms Image
image/svg+xml 2606:4700::6812:144c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.xosodaiphat.com/assets/images/arow.svg
Requested by: Host: cdn.xosodaiphat.com
URL: https://cdn.xosodaiphat.com/assets/css/styleggfont.min.css?v=20240118
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6812:144c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 99984969b73a9759568e48a6e5e02f4fdc286cc3bd57f8e0fe94369b8dc920e4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.xosodaiphat.com/assets/css/styleggfont.min.css?v=20240118
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 10:17:31 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Mon, 22 Nov 2021 04:03:56 GMT
server: cloudflare
age: 1990396
etag: W/"188d5df855dfd71:0"
x-powered-by: ASP.NET
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=2678400
cf-ray: 851ae233fc3f9150-FRA
alt-svc: h3=":443"; ma=86400
expires: Sat, 09 Mar 2024 10:17:31 GMT

GET
H2 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401300101/ 406 KB
138 KB 68ms
67ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401300101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-2201058077065954&plah=xosodaiphat.com&aplac=true

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

09a423ac9e66a43b1e3f5e2ede68b694d047effe0b39b927327f4fe25d5cbd37

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://xosodaiphat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 10:17:31 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 140967
x-xss-protection: 0
server: cafe
etag: 5253878037583239569
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Wed, 07 Feb 2024 10:17:31 GMT

GET
H2 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20240201/r20190131/ Frame 6AB0 9 KB
5 KB 28ms
7ms Document
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20240201/r20190131/zrt_lookup_fy2021.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ba2c2b2479cc7044e4af1a0123ec24531e8ad57aa91d4d5655405a148271589

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://xosodaiphat.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 24473
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4209
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 07 Feb 2024 03:29:38 GMT
etag: 3890843268177463596
expires: Wed, 21 Feb 2024 03:29:38 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 app.js Show response
static.ex.co/cdn/exco-sdk/production/c86772d4fc7bddcfae56e2d4d5ac7d4ecaf9a0b5-2022-08-15-12-54-31/ 324 KB
87 KB 104ms
14ms Script
application/javascript 2a02:26f0:480:24::1726:6267
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://static.ex.co/cdn/exco-sdk/production/c86772d4fc7bddcfae56e2d4d5ac7d4ecaf9a0b5-2022-08-15-12-54-31/app.js
Requested by: Host: smart-placements-sdk.ex.co
URL: https://smart-placements-sdk.ex.co/v1/eafcd55a-d645-411b-95a0-f373a8da694a/sdk.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:480:24::1726:6267 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 9cb719560eaea3498d844292ddbc78102de9efd6d703a0085288d513b035066f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://xosodaiphat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 10:17:31 GMT
content-encoding: gzip
content-length: 88645
last-modified: Mon, 15 Aug 2022 12:54:33 GMT
server: AmazonS3
etag: "90f0b14c140e4e4ff9e502eee5193856"
vary: Accept-Encoding
access-control-max-age: 86400
access-control-allow-methods: GET,POST
access-control-allow-origin: *
content-type: application/javascript
cache-control: max-age=604800
access-control-allow-credentials: false
accept-ranges: bytes
access-control-allow-headers: *
expires: Wed, 14 Feb 2024 10:17:31 GMT

GET
H2 200 cb=gapi.loaded_0 Show response
apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.de.Vfl3xXWFLmk.O/m=plusone/rt=j/sv=1/d=1/ed=1/rs=AHpOoo86I-Lz9xExGf4hsd4WDA5L6jMrIA/ 158 KB
55 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.de.Vfl3xXWFLmk.O/m=plusone/rt=j/sv=1/d=1/ed=1/rs=AHpOoo86I-Lz9xExGf4hsd4WDA5L6jMrIA/cb=gapi.loaded_0?le=scs

Requested by

Host: apis.google.com
URL: https://apis.google.com/js/plusone.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

266d386b294c2a628ca6c650a288b58c6ee6e652a1ee32de8bfcb38020f6439a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://xosodaiphat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 18:33:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 56628
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 55902
x-xss-protection: 0
last-modified: Wed, 06 Dec 2023 19:05:16 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="social-frontend-mpm-access"
vary: Accept-Encoding
report-to: {"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 05 Feb 2025 18:33:43 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 284 KB
95 KB 25ms
25ms Script
application/javascript 2a00:1450:4001:806::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-KPB8BPT4XL&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KGDCKMX

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

47d62b21d83d5e6def99116eaca8fc8c6a2e977ad45cb460e12af182974d2a1d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://xosodaiphat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 10:17:31 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 96981
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Wed, 07 Feb 2024 10:17:31 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 27ms
7ms Script
text/javascript 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KGDCKMX

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://xosodaiphat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 07 Feb 2024 09:48:09 GMT
last-modified: Tue, 12 Dec 2023 18:09:08 GMT
server: Golfe2
age: 1762
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Wed, 07 Feb 2024 11:48:09 GMT

GET
H2 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202402010101/ 436 KB
137 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202402010101/pubads_impl.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b00ed7ac792010cdeddcb5d6c719ff7e719e5046dedac2053b3caf64fceb579a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://xosodaiphat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 01:05:59 GMT
content-encoding: br
x-content-type-options: nosniff
age: 33092
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 139580
x-xss-protection: 0
server: cafe
etag: 9278201123426970819
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Thu, 06 Feb 2025 01:05:59 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 4 B
208 B 14ms
13ms XHR
text/plain 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=571257690&t=pageview&_s=1&dl=https%3A%2F%2Fxosodaiphat.com%2Fxsdna-xo-so-da-nang.html&ul=en-us&de=UTF-8&dt=XSDNA%20-%20SXDNA%20-%20Xo%20So%20Da%20Nang%20-%20K%E1%BA%BFt%20Qu%E1%BA%A3%20X%E1%BB%95%20S%E1%BB%91%20%C4%90%C3%A0%20N%E1%BA%B5ng&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEABAAAAACAAI~&jid=265384500&gjid=846756415&cid=929259871.1707301052&tid=UA-72080428-1&_gid=965215509.1707301052&_r=1&_slc=1&gtm=45He4250n81KGDCKMXv867852407za200&gcd=13l3l3l3l1&dma_cps=sypham&dma=1&z=722185628

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://xosodaiphat.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 07 Feb 2024 10:17:31 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://xosodaiphat.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
region1.analytics.google.com/g/ 0
253 B 35ms
14ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-KPB8BPT4XL&gtm=45je4250v867871146z8867852407za200&_p=1707301051501&_gaz=1&gcd=13l3l3l3l1&npa=0&dma_cps=sypham&dma=1&cid=929259871.1707301052&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&pscdl=noapi&_s=1&sid=1707301051&sct=1&seg=0&dl=https%3A%2F%2Fxosodaiphat.com%2Fxsdna-xo-so-da-nang.html&dt=XSDNA%20-%20SXDNA%20-%20Xo%20So%20Da%20Nang%20-%20K%E1%BA%BFt%20Qu%E1%BA%A3%20X%E1%BB%95%20S%E1%BB%91%20%C4%90%C3%A0%20N%E1%BA%B5ng&en=page_view&_fv=1&_ss=1&tfd=1058
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-KPB8BPT4XL&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://xosodaiphat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 07 Feb 2024 10:17:31 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://xosodaiphat.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
56 B 58ms
20ms Ping
text/plain 2a00:1450:400c:c00::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-KPB8BPT4XL&cid=929259871.1707301052&gtm=45je4250v867871146z8867852407za200&aip=1&dma=1&dma_cps=sypham&gcd=13l3l3l3l1&npa=0
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-KPB8BPT4XL&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c00::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://xosodaiphat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 07 Feb 2024 10:17:31 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://xosodaiphat.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
408 B 50ms
30ms Image
image/gif 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-KPB8BPT4XL&cid=929259871.1707301052&gtm=45je4250v867871146z8867852407za200&aip=1&dma=1&dma_cps=sypham&gcd=13l3l3l3l1&npa=0&z=89055612

Requested by

Host: xosodaiphat.com
URL: https://xosodaiphat.com/xsdna-xo-so-da-nang.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://xosodaiphat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 07 Feb 2024 10:17:31 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
345 B 57ms
19ms XHR
text/plain 2a00:1450:400c:c00::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-72080428-1&cid=929259871.1707301052&jid=265384500&gjid=846756415&_gid=965215509.1707301052&_u=YEBAAEAAAAAAACAAI~&z=283677530

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c00::9c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://xosodaiphat.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Wed, 07 Feb 2024 10:17:31 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://xosodaiphat.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 87 KB
39 KB 355ms
354ms Fetch
text/plain 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=654494967786740&correlator=524270192225734&eid=31079957%2C31079958%2C95323523&output=ldjh&gdfp_req=1&vrg=202402010101&ptt=17&impl=fif&iu_parts=22529613777%2CXSDP-Caulong&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250%7C300x600%7C160x600%7C336x280&ifi=3&didk=607409652&sfv=1-0-40&sc=1&cookie_enabled=1&abxe=1&dt=1707301051680&lmt=1707300998&adxs=231&adys=870&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fxosodaiphat.com%2Fxsdna-xo-so-da-nang.html&vis=1&psz=553x25&msz=553x0&fws=0&ohw=0&ga_vid=929259871.1707301052&ga_sid=1707301052&ga_hid=571257690&ga_fc=true&dlt=1707301051416&idt=245&adks=959143892&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202402010101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9541b7e6084bcd4fa7a6f48b87db5cf08d21ba985810492e7964e5291bd69f69

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://xosodaiphat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 10:17:32 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 40377
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://xosodaiphat.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
09160a512015889a23a9b23d102dbad6.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 0753 6 KB
3 KB 71ms
38ms Document
text/html 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://09160a512015889a23a9b23d102dbad6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202402010101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://xosodaiphat.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 07 Feb 2024 10:17:31 GMT
expires: Thu, 06 Feb 2025 10:17:31 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ca-pub-2201058077065954 Show response
fundingchoicesmessages.google.com/i/ 183 KB
61 KB 60ms
40ms Script
application/javascript 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/i/ca-pub-2201058077065954?ers=2

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401300101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-2201058077065954&plah=xosodaiphat.com&aplac=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

16df7b4184ea95b13df62d05dddebc06f0e788dd2aeed77df742133c66730a7c

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-RxwrTy9qNG_gNvpaYZ5QdQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://xosodaiphat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 10:17:31 GMT
content-security-policy: script-src 'report-sample' 'nonce-RxwrTy9qNG_gNvpaYZ5QdQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzj2sKoxSXF4KwhxXDe6Q7TdSC-qPKU6SYQ1zI8Y2oF4gfhz5heALGBxnMmCyBm_POCiROI3315ycTx9SWTBBCrAfE7yVdM34B4h48Hy5vw6axsEdNZ4-qms-YAMd-66aya66ezbjkznXUPEMc8n86aAsSLWWewrgbiKYEzWOcAsVP6DNYAIP6cOYP1NxD71M9gjQListvnWOuAWFjuPKs0EAvxcOze2LuOTeDF5LlvmAAMbVCm"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H2 200 events Show response
prd-collector-platform.ex.co/main/ 17 B
154 B 96ms
96ms Fetch
application/json 44.195.166.86
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://prd-collector-platform.ex.co/main/events
Requested by: Host: static.ex.co
URL: https://static.ex.co/cdn/exco-sdk/production/c86772d4fc7bddcfae56e2d4d5ac7d4ecaf9a0b5-2022-08-15-12-54-31/app.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 44.195.166.86 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-44-195-166-86.compute-1.amazonaws.com
Software: /
Resource Hash: cebe87559cf861d01e9c6b1cefd38ab1db9e13c8fe316b85a296b6cf220f883e

Request headers

Referer: https://xosodaiphat.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
content-type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Wed, 07 Feb 2024 10:17:31 GMT
etag: W/"11-MaL8I3MaqLPWbOrdrabTmSWS9PM"
content-length: 17
content-type: application/json; charset=utf-8

GET
H2 200 app.css
static.ex.co/cdn/exco-sdk/production/c86772d4fc7bddcfae56e2d4d5ac7d4ecaf9a0b5-2022-08-15-12-54-31/ 63 KB
7 KB 14ms
14ms Stylesheet
text/css 2a02:26f0:480:24::1726:6267
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://static.ex.co/cdn/exco-sdk/production/c86772d4fc7bddcfae56e2d4d5ac7d4ecaf9a0b5-2022-08-15-12-54-31/app.css
Requested by: Host: static.ex.co
URL: https://static.ex.co/cdn/exco-sdk/production/c86772d4fc7bddcfae56e2d4d5ac7d4ecaf9a0b5-2022-08-15-12-54-31/app.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:480:24::1726:6267 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 4491a962c7caf00e40391db93cd9c1c32a4e437be868b1ed8f91aa0c4d1a85ed

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://xosodaiphat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 10:17:31 GMT
content-encoding: gzip
content-length: 6562
last-modified: Mon, 15 Aug 2022 12:54:34 GMT
server: AmazonS3
etag: "b70dc5e92bc4f94280a3d9c7ef982a2e"
vary: Accept-Encoding
access-control-max-age: 86400
access-control-allow-methods: GET,POST
access-control-allow-origin: *
content-type: text/css
cache-control: max-age=604800
access-control-allow-credentials: false
accept-ranges: bytes
access-control-allow-headers: *
expires: Wed, 14 Feb 2024 10:17:31 GMT

POST
H2 200 events Show response
prd-collector-platform.ex.co/main/ 17 B
154 B 95ms
95ms Fetch
application/json 44.195.166.86
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://prd-collector-platform.ex.co/main/events
Requested by: Host: static.ex.co
URL: https://static.ex.co/cdn/exco-sdk/production/c86772d4fc7bddcfae56e2d4d5ac7d4ecaf9a0b5-2022-08-15-12-54-31/app.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 44.195.166.86 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-44-195-166-86.compute-1.amazonaws.com
Software: /
Resource Hash: cebe87559cf861d01e9c6b1cefd38ab1db9e13c8fe316b85a296b6cf220f883e

Request headers

Referer: https://xosodaiphat.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
content-type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Wed, 07 Feb 2024 10:17:31 GMT
etag: W/"11-MaL8I3MaqLPWbOrdrabTmSWS9PM"
content-length: 17
content-type: application/json; charset=utf-8

GET
H2 200 html Show response
experience.ex.co/ 143 KB
27 KB 21ms
8ms Fetch
text/html 151.101.66.132
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://experience.ex.co/html?id=37da7910-e981-4a39-aec9-2f3847d4ba87&placementId=7f87472a-d90d-40e5-9392-b28501e3b870&autoplayTimeout=3500

Requested by

Host: static.ex.co
URL: https://static.ex.co/cdn/exco-sdk/production/c86772d4fc7bddcfae56e2d4d5ac7d4ecaf9a0b5-2022-08-15-12-54-31/app.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.66.132 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

678fd82a47859b36c9e236184ce19ac3a58a32c1362ac72b170830f114353b2e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://xosodaiphat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

strict-transport-security: max-age=15552000; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 07 Feb 2024 10:17:31 GMT
via: 1.1 varnish, 1.1 varnish
age: 10600
x-cache: HIT, HIT
x-pb-os: windows
x-pb-platform: desktop
x-surrogate-key: 37da7910-e981-4a39-aec9-2f3847d4ba87 story ca27b313-5c9f-411d-9ca6-9cfbe95ad28e playbuzz3 xosodaiphat.com
content-length: 27099
x-served-by: cache-iad-kjyo7100063-IAD, cache-fra-eddf8230037-FRA
server: nginx
x-timer: S1707301052.754463,VS0,VE1
x-pb-browser: chrome
etag: W/"23cd9-LF81TUpyqGweSq4eWMVXO9JBZoA"
access-control-max-age: 600
access-control-allow-methods: GET, POST, PUT, DELETE, PATCH
content-type: text/html; charset=utf-8
access-control-allow-origin: *
vary: X-PB-Campaign,X-PB-Os,X-PB-Platform,X-PB-Browser, Accept-Encoding
accept-ranges: bytes
access-control-allow-headers: Accept, Authorization, Content-Type, X-PB-Referer
x-cache-hits: 18, 1

POST
H2 200 events Show response
prd-collector-platform.ex.co/main/ 17 B
154 B 102ms
102ms Fetch
application/json 44.195.166.86
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://prd-collector-platform.ex.co/main/events
Requested by: Host: static.ex.co
URL: https://static.ex.co/cdn/exco-sdk/production/c86772d4fc7bddcfae56e2d4d5ac7d4ecaf9a0b5-2022-08-15-12-54-31/app.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 44.195.166.86 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-44-195-166-86.compute-1.amazonaws.com
Software: /
Resource Hash: cebe87559cf861d01e9c6b1cefd38ab1db9e13c8fe316b85a296b6cf220f883e

Request headers

Referer: https://xosodaiphat.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
content-type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Wed, 07 Feb 2024 10:17:31 GMT
etag: W/"11-MaL8I3MaqLPWbOrdrabTmSWS9PM"
content-length: 17
content-type: application/json; charset=utf-8

GET
H2 200 e07psrvtglyuzja3vmsn.png
img.ex.co/image/upload/ar_1,c_crop/q_auto:good,f_auto,fl_lossy,w_1200,c_limit,dpr_1/v1707278759/ 19 KB
19 KB 123ms
31ms Image
image/webp 23.53.42.130
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.ex.co/image/upload/ar_1,c_crop/q_auto:good,f_auto,fl_lossy,w_1200,c_limit,dpr_1/v1707278759/e07psrvtglyuzja3vmsn.png
Requested by: Host: xosodaiphat.com
URL: https://xosodaiphat.com/xsdna-xo-so-da-nang.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.53.42.130 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-53-42-130.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: f60f10aade31270bc42c5fbbb9fd152a4269715cdcae040ae58aa52db0524647

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://xosodaiphat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 10:17:31 GMT
x-amz-meta-cld-surrogate-reporting: width=359,height=359,bytes=19060,owidth=479,oheight=359,obytes=270827,ef=(1,11,13,17,97)
x-amz-request-id: RBHA0RKR8XMGVRJ6
x-amz-meta-cld-transformation-id: 6945683890166280386
x-amz-server-side-encryption: AES256
x-amz-meta-cld-version: 1707278759
x-amz-meta-cld-surrogate-key: 398596383436384466942401275951874249905 413383918662121925581247277471629048273
content-disposition: inline; filename="e07psrvtglyuzja3vmsn.webp"
content-length: 19060
x-amz-id-2: z1oXYMh2gdiIlu+dUZGmzphmVv2BEbjELkFsLM0tMOSdQmtENd5IRxJqbi8snIku
last-modified: Wed, 07 Feb 2024 04:07:47 GMT
server: AmazonS3
etag: "e362e1a9fe7d0e9a87d167f22cf46ddd"
content-type: image/webp
access-control-allow-origin: *
cache-control: public, private, max-age=31524548
accept-ranges: bytes
expires: Thu, 06 Feb 2025 07:06:39 GMT

GET
H2 200 css2
fonts.googleapis.com/ 52 KB
5 KB 40ms
20ms Stylesheet
text/css 2a00:1450:4001:802::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?display=swap&family=Alef&family=Arimo&family=Assistant&family=Cousine&family=David+Libre&family=Frank+Ruhl+Libre&family=Heebo&family=Miriam+Libre&family=Noto+Sans&family=Noto+Serif&family=Poppins&family=Rubik&family=Secular+One&family=Tinos&family=Pacifico&family=Work+Sans&family=Rubik+Mono+One&family=Raleway&family=Paytone+One&family=Nunito&family=Merriweather&family=Ultra&family=Courgette&family=Josefin+Sans&family=Chivo&family=Karla&family=Lora&family=Oswald&family=Space+Mono&family=Libre+Baskerville&family=Libre+Franklin

Requested by

Host: static.ex.co
URL: https://static.ex.co/cdn/exco-sdk/production/c86772d4fc7bddcfae56e2d4d5ac7d4ecaf9a0b5-2022-08-15-12-54-31/app.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

5315fece4d3b2161fa837e97ee9194bd94ac08f5fc39c01b3ccf666ae640054e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://static.ex.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 07 Feb 2024 10:17:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 07 Feb 2024 10:17:31 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 07 Feb 2024 10:17:31 GMT

GET
H2 200 roboto-poppins-fonts.css
static.ex.co/cdn/fonts/google/ Frame 6ACC 3 KB
987 B 13ms
13ms Stylesheet
text/css 2a02:26f0:480:24::1726:6267
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://static.ex.co/cdn/fonts/google/roboto-poppins-fonts.css
Requested by: Host: static.ex.co
URL: https://static.ex.co/cdn/exco-sdk/production/c86772d4fc7bddcfae56e2d4d5ac7d4ecaf9a0b5-2022-08-15-12-54-31/app.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:480:24::1726:6267 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 573578494667f15a89f574fedfab20b31e6aaee9179ee9d02bfb1713ec1b37c7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://xosodaiphat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 10:17:31 GMT
content-encoding: gzip
x-amz-server-side-encryption: AES256
content-length: 659
last-modified: Mon, 22 May 2023 14:45:59 GMT
server: AmazonS3
etag: "4d43338904c64143444b4f1fdc1dd074"
vary: Accept-Encoding
access-control-max-age: 86400
access-control-allow-methods: GET,POST
access-control-allow-origin: *
content-type: text/css
cache-control: max-age=604800
access-control-allow-credentials: false
accept-ranges: bytes
access-control-allow-headers: *
expires: Wed, 14 Feb 2024 10:17:31 GMT

POST
H2 200 events Show response
prd-collector-platform.ex.co/main/ Frame 6ACC 17 B
154 B 131ms
131ms XHR
application/json 44.195.166.86
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://prd-collector-platform.ex.co/main/events
Requested by: Host: xosodaiphat.com
URL: https://xosodaiphat.com/xsdna-xo-so-da-nang.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 44.195.166.86 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-44-195-166-86.compute-1.amazonaws.com
Software: /
Resource Hash: cebe87559cf861d01e9c6b1cefd38ab1db9e13c8fe316b85a296b6cf220f883e

Request headers

Referer: https://xosodaiphat.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Wed, 07 Feb 2024 10:17:31 GMT
etag: W/"11-MaL8I3MaqLPWbOrdrabTmSWS9PM"
content-length: 17
content-type: application/json; charset=utf-8

GET
H2 200 story-viewer.js Show response
static.ex.co/pb-story/production/8fad3fe821d750d92b9ee96481830ddbcb223fc4-2023-05-31-10-50-43/ Frame 6ACC 586 KB
145 KB 14ms
14ms Script
application/x-javascript 2a02:26f0:480:24::1726:6267
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://static.ex.co/pb-story/production/8fad3fe821d750d92b9ee96481830ddbcb223fc4-2023-05-31-10-50-43/story-viewer.js
Requested by: Host: static.ex.co
URL: https://static.ex.co/cdn/exco-sdk/production/c86772d4fc7bddcfae56e2d4d5ac7d4ecaf9a0b5-2022-08-15-12-54-31/app.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:480:24::1726:6267 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 45745db6a137b469e44e00d469622072b166e516122635d284d5039573b79ddb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://xosodaiphat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 10:17:31 GMT
content-encoding: gzip
x-amz-server-side-encryption: AES256
content-length: 147920
last-modified: Wed, 31 May 2023 10:50:44 GMT
server: AmazonS3
etag: "0ddd126da642b6521b6b0e1b638cf1ed"
vary: Accept-Encoding
access-control-max-age: 86400
access-control-allow-methods: GET,POST
access-control-allow-origin: *
content-type: application/x-javascript;charset=utf-8
cache-control: must-revalidate, proxy-revalidate, max-age=604800, s-maxage=31536000
access-control-allow-credentials: false
accept-ranges: bytes
access-control-allow-headers: *
expires: Wed, 14 Feb 2024 10:17:31 GMT

GET
H2 200 playbuzz-ads-core.min.js Show response
static.ex.co/cdn/content/monetization/playbuzz-ads-core/production/latest/ Frame 6ACC 42 KB
12 KB 29ms
29ms Script
application/javascript 2a02:26f0:480:24::1726:6267
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://static.ex.co/cdn/content/monetization/playbuzz-ads-core/production/latest/playbuzz-ads-core.min.js
Requested by: Host: static.ex.co
URL: https://static.ex.co/cdn/exco-sdk/production/c86772d4fc7bddcfae56e2d4d5ac7d4ecaf9a0b5-2022-08-15-12-54-31/app.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:480:24::1726:6267 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 54992cc7785468dc624160738ef6642ed1c220bc5107e3cca971465d4db2e2f8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://xosodaiphat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 10:17:31 GMT
content-encoding: gzip
content-length: 11811
last-modified: Wed, 03 Jul 2019 05:57:43 GMT
server: AmazonS3
etag: "b2294dab735d3cbca7a404cdee3e7490"
vary: Accept-Encoding
access-control-max-age: 86400
access-control-allow-methods: GET,POST
access-control-allow-origin: *
content-type: application/javascript
cache-control: must-revalidate, proxy-revalidate, max-age=604800, s-maxage=31536000
access-control-allow-credentials: false
accept-ranges: bytes
access-control-allow-headers: *
expires: Wed, 14 Feb 2024 10:17:31 GMT

GET
H2 200 pixel-sdk.min.js Show response
static.ex.co/cdn/content/monetization/pixel-sdk/production/77606439af01b347cfad9e08d5eec7fb69b6c07c/ Frame 6ACC 8 KB
3 KB 14ms
14ms Script
application/javascript 2a02:26f0:480:24::1726:6267
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://static.ex.co/cdn/content/monetization/pixel-sdk/production/77606439af01b347cfad9e08d5eec7fb69b6c07c/pixel-sdk.min.js
Requested by: Host: static.ex.co
URL: https://static.ex.co/cdn/exco-sdk/production/c86772d4fc7bddcfae56e2d4d5ac7d4ecaf9a0b5-2022-08-15-12-54-31/app.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:480:24::1726:6267 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 664ab995d4d5177d74e16e73204ebaf6e3a72f0d2c280a6fabf731d718890aee

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://xosodaiphat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 10:17:31 GMT
content-encoding: gzip
x-amz-server-side-encryption: AES256
content-length: 2969
last-modified: Tue, 12 Sep 2023 10:11:48 GMT
server: AmazonS3
etag: "c1e834ba9e137083fcb25e378b5d9bf1"
vary: Accept-Encoding
access-control-max-age: 86400
access-control-allow-methods: GET,POST
access-control-allow-origin: *
content-type: application/javascript
cache-control: must-revalidate, proxy-revalidate, max-age=604800, s-maxage=31536000
access-control-allow-credentials: false
accept-ranges: bytes
access-control-allow-headers: *
expires: Wed, 14 Feb 2024 10:17:31 GMT

GET
H2 200 AGSKWxXlcj5dgzw55iM_zWI2no91bn_2ICzmHOlTW76f6Zq-g4yBkLSBP0jfRAdO74VmYKa87ExSbD1JEiHoCnLeLsnTvC1B5zAH6is-QSzD9oxBKTdl0HZToahl3phUIsxI7Ef0Vpu8DA== Show response
fundingchoicesmessages.google.com/f/ 367 KB
58 KB 146ms
144ms Script
application/javascript 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxXlcj5dgzw55iM_zWI2no91bn_2ICzmHOlTW76f6Zq-g4yBkLSBP0jfRAdO74VmYKa87ExSbD1JEiHoCnLeLsnTvC1B5zAH6is-QSzD9oxBKTdl0HZToahl3phUIsxI7Ef0Vpu8DA==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzA3MzAxMDUxLDc5OTAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzddXSwiaHR0cHM6Ly94b3NvZGFpcGhhdC5jb20veHNkbmEteG8tc28tZGEtbmFuZy5odG1sIixudWxsLFtbOCwiQzJReWRKNXZQb1kiXSxbOSwiZGUiXSxbMTgsIltbWzBdXV0iXSxbMTksIjEiXV1d

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.de.C2QydJ5vPoY.es5.O/am=wA/d=1/rs=AJlcJMxKuy2FXwuOG2GZCbidw-lVOyC_1A/m=kernel_loader,loader_js_executable

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

d30246dceb8b00a5951fad904cc4ab611d098c634956fb63037cd300bfba0aeb

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-KvV9VA2pGNy3ZcP7vSzRdw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://xosodaiphat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 10:17:31 GMT
content-security-policy: script-src 'report-sample' 'nonce-KvV9VA2pGNy3ZcP7vSzRdw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzj2sKoxSXF4KYhxXDe6Q7TdSC-qPKU6SYQ1zI8Y2oF4gfhz5heALGBxnMmCyBm_POCiROI3315ycTx9SWTBBCrAfE7yVdM34B4h48Hy5vw6axsEdNZ4-qms-YAMd-66aya66ezbjkznXUPEMc8n86aAsSLWWewrgbiKYEzWOcAsVP6DNYAIP6cOYP1NxD71M9gjQListvnWOuAWFjuPKs0EAvxcOze2LuOTWDHkobdzAANQ1A9"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 xdomain_cookie.html Show response
embed.ex.co/ Frame EDE8 3 KB
2 KB 21ms
11ms Document
text/html 151.101.66.132
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://embed.ex.co/xdomain_cookie.html

Requested by

Host: static.ex.co
URL: https://static.ex.co/pb-story/production/8fad3fe821d750d92b9ee96481830ddbcb223fc4-2023-05-31-10-50-43/story-viewer.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.66.132 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

ef120b3854dcb45654a41cf35cbfd8bc64c3bf76116276705eb18379956e3ffe

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://xosodaiphat.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-headers: Accept, Authorization, Content-Type, X-PB-Referer
access-control-allow-methods: GET, POST, PUT, DELETE, PATCH
access-control-allow-origin: *
access-control-max-age: 600
age: 11004
cache-control: public, max-age=0
content-encoding: gzip
content-length: 1228
content-type: text/html; charset=UTF-8
date: Wed, 07 Feb 2024 10:17:31 GMT
etag: W/"a93-18ca5bd8fe8"
last-modified: Tue, 26 Dec 2023 10:48:33 GMT
server: nginx
strict-transport-security: max-age=15552000; includeSubDomains
vary: Accept-Encoding
via: 1.1 varnish, 1.1 varnish
x-cache: HIT, HIT
x-cache-hits: 27, 1
x-content-type-options: nosniff
x-served-by: cache-iad-kiad7000159-IAD, cache-fra-eddf8230042-FRA
x-timer: S1707301052.849127,VS0,VE4

GET
H2 200 media-viewer.js Show response
static.ex.co/pb-story/media/production/84310cabe557b118a939096ae3d84956705ec79a-2022-04-27-09-56-38/ Frame 6ACC 9 KB
3 KB 14ms
14ms Script
application/javascript 2a02:26f0:480:24::1726:6267
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://static.ex.co/pb-story/media/production/84310cabe557b118a939096ae3d84956705ec79a-2022-04-27-09-56-38/media-viewer.js
Requested by: Host: static.ex.co
URL: https://static.ex.co/pb-story/production/8fad3fe821d750d92b9ee96481830ddbcb223fc4-2023-05-31-10-50-43/story-viewer.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:480:24::1726:6267 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 490fd7e37ebfa00c423d35c6501b28bfd927f242917a7c4aaa9f88e696070399

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://xosodaiphat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 10:17:31 GMT
content-encoding: gzip
content-length: 2887
last-modified: Wed, 27 Apr 2022 09:56:39 GMT
server: AmazonS3
etag: "a0fbccb3b0fc67b17768bb1b72f05bb7"
vary: Accept-Encoding
access-control-max-age: 86400
access-control-allow-methods: GET,POST
access-control-allow-origin: *
content-type: application/javascript
cache-control: must-revalidate, proxy-revalidate, max-age=604800, s-maxage=31536000
access-control-allow-credentials: false
accept-ranges: bytes
access-control-allow-headers: *
expires: Wed, 14 Feb 2024 10:17:31 GMT

GET
H2 200 call-to-action-viewer.js Show response
static.ex.co/pb-story/call-to-action/production/5dd56c5f6ff95dc2d7d1fb449cfa88f2b2fd13c9-2022-08-11-10-12-04/ Frame 6ACC 41 KB
14 KB 14ms
14ms Script
application/javascript 2a02:26f0:480:24::1726:6267
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://static.ex.co/pb-story/call-to-action/production/5dd56c5f6ff95dc2d7d1fb449cfa88f2b2fd13c9-2022-08-11-10-12-04/call-to-action-viewer.js
Requested by: Host: static.ex.co
URL: https://static.ex.co/pb-story/production/8fad3fe821d750d92b9ee96481830ddbcb223fc4-2023-05-31-10-50-43/story-viewer.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:480:24::1726:6267 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 677bd8bfee14c25aa218da638a02a9a95cccf7af413458719e22a24751631c4a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://xosodaiphat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 10:17:31 GMT
content-encoding: gzip
content-length: 13820
last-modified: Thu, 11 Aug 2022 10:12:05 GMT
server: AmazonS3
etag: "5535095979b0c1ff247ec3eb4e2a1dfa"
vary: Accept-Encoding
access-control-max-age: 86400
access-control-allow-methods: GET,POST
access-control-allow-origin: *
content-type: application/javascript
cache-control: must-revalidate, proxy-revalidate, max-age=604800, s-maxage=31536000
access-control-allow-credentials: false
accept-ranges: bytes
access-control-allow-headers: *
expires: Wed, 14 Feb 2024 10:17:31 GMT

GET
H2 200 / Show response
pixel.ex.co/v1/playbuzz-network/ Frame 6ACC 2 B
247 B 16ms
6ms XHR
application/json 151.101.66.132
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://pixel.ex.co/v1/playbuzz-network/

Requested by

Host: static.ex.co
URL: https://static.ex.co/cdn/content/monetization/pixel-sdk/production/77606439af01b347cfad9e08d5eec7fb69b6c07c/pixel-sdk.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.66.132 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://xosodaiphat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

strict-transport-security: max-age=15552000; includeSubDomains
date: Wed, 07 Feb 2024 10:17:31 GMT
x-content-type-options: nosniff
via: 1.1 varnish
age: 2456
x-cache: HIT
content-length: 2
x-served-by: cache-fra-eddf8230037-FRA
server: nginx
x-timer: S1707301052.849044,VS0,VE0
etag: W/"2-l9Fw4VUO7kr8CvBlt4zaMCqXZ0w"
access-control-max-age: 600
access-control-allow-methods: GET, POST, PUT, DELETE, PATCH
content-type: application/json; charset=utf-8
access-control-allow-origin: *
accept-ranges: bytes
access-control-allow-headers: Accept, Authorization, Content-Type
x-cache-hits: 24

GET
H2 200 37da7910-e981-4a39-aec9-2f3847d4ba87 Show response
pixel.ex.co/v1/item/ Frame 6ACC 1 KB
645 B 8ms
8ms XHR
application/json 151.101.66.132
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://pixel.ex.co/v1/item/37da7910-e981-4a39-aec9-2f3847d4ba87

Requested by

Host: static.ex.co
URL: https://static.ex.co/cdn/content/monetization/pixel-sdk/production/77606439af01b347cfad9e08d5eec7fb69b6c07c/pixel-sdk.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.66.132 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

4ea471cc6d2642d2f29b0a2b44723838c431c02919aafec809bc50a3022ed0fa

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://xosodaiphat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

strict-transport-security: max-age=15552000; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 07 Feb 2024 10:17:31 GMT
via: 1.1 varnish
age: 2312
x-cache: HIT
content-length: 458
x-served-by: cache-fra-eddf8230037-FRA
server: nginx
x-timer: S1707301052.905719,VS0,VE1
etag: W/"5c6-O3zrPZgNio3Vn+SHXFpF671qpQI"
access-control-max-age: 600
access-control-allow-methods: GET, POST, PUT, DELETE, PATCH
content-type: application/json; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
accept-ranges: bytes
access-control-allow-headers: Accept, Authorization, Content-Type
x-cache-hits: 1

GET
H2 200 adwords.js Show response
mcd-sdk.playbuzz.com/ Frame 6ACC 0
0 52ms
7ms Script
text/html 151.101.2.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://mcd-sdk.playbuzz.com/adwords.js
Requested by: Host: static.ex.co
URL: https://static.ex.co/cdn/content/monetization/playbuzz-ads-core/production/latest/playbuzz-ads-core.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.2.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://xosodaiphat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

GET
H2 200 screenshot-626-131042.png
cdn.msdigital.vn/msdigital/images/2024/02/07/ Frame 5C1B 16 KB
16 KB 367ms
346ms Image
image/webp 2606:4700::6812:d0d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.msdigital.vn/msdigital/images/2024/02/07/screenshot-626-131042.png?w=300
Requested by: Host: msdigital.vn
URL: https://msdigital.vn/ads/NjM4Mzk4Nzk5NzIx
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:d0d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1d39ce4c484ea5c4ee6f293e5e19bda22879d18ab830a357e56578eefb1713be

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://msdigital.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 10:17:32 GMT
cf-cache-status: MISS
last-modified: Wed, 07 Feb 2024 10:17:32 GMT
server: cloudflare
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=604800
content-disposition: inline; filename="screenshot-626-131042.webp"
accept-ranges: bytes
cf-ray: 851ae23699954d67-FRA
content-length: 16428
x-request-id: Bkey2Ch3vWgBxp0Z_weod
expires: Wed, 14 Feb 2024 10:17:32 GMT

GET
H2 200 benh-vien-covid-19-cap-cuu-minh-hoa-145844.jpg
cdn.msdigital.vn/msdigital/images/2024/02/07/ Frame 5C1B 12 KB
12 KB 44ms
23ms Image
image/webp 2606:4700::6812:d0d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.msdigital.vn/msdigital/images/2024/02/07/benh-vien-covid-19-cap-cuu-minh-hoa-145844.jpg?w=300
Requested by: Host: msdigital.vn
URL: https://msdigital.vn/ads/NjM4Mzk4Nzk5NzIx
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:d0d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 97a875101b4eb1d3be832917837c523a7af23f736ae6bdfbca57e740b30caee3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://msdigital.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 10:17:31 GMT
cf-cache-status: HIT
last-modified: Wed, 07 Feb 2024 10:07:47 GMT
server: cloudflare
age: 584
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=604800
content-disposition: inline; filename="benh-vien-covid-19-cap-cuu-minh-hoa-145844.webp"
accept-ranges: bytes
cf-ray: 851ae236999c4d67-FRA
content-length: 12572
x-request-id: dOxGRuFCGkIhyg9Y6tn77
expires: Wed, 14 Feb 2024 10:17:31 GMT

GET
H2 200 mainoo-100940.jpg
cdn.msdigital.vn/msdigital/images/2024/02/07/ Frame 5C1B 13 KB
13 KB 39ms
23ms Image
image/webp 2606:4700::6812:d0d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.msdigital.vn/msdigital/images/2024/02/07/mainoo-100940.jpg?w=300
Requested by: Host: msdigital.vn
URL: https://msdigital.vn/ads/NjM4Mzk4Nzk5NzIx
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:d0d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1df09b28661af91ade9d078d28cb52f0ecf036fa91c737cd5d346ce52b2b62f8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://msdigital.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 10:17:31 GMT
cf-cache-status: HIT
last-modified: Wed, 07 Feb 2024 08:00:55 GMT
server: cloudflare
age: 8196
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=604800
content-disposition: inline; filename="mainoo-100940.webp"
accept-ranges: bytes
cf-ray: 851ae236999d4d67-FRA
content-length: 13202
x-request-id: _u7AqT5nUcQ6ii3RAfU_D
expires: Wed, 14 Feb 2024 10:17:31 GMT

GET
H2 200 plan-20-054542.jpg
cdn.msdigital.vn/msdigital/images/2024/02/07/ Frame 5C1B 8 KB
8 KB 342ms
326ms Image
image/webp 2606:4700::6812:d0d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.msdigital.vn/msdigital/images/2024/02/07/plan-20-054542.jpg?w=300
Requested by: Host: msdigital.vn
URL: https://msdigital.vn/ads/NjM4Mzk4Nzk5NzIx
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:d0d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4dccee44014fcc4dedcbdb8d27a7245127c67462249b6f53493431ecfc5dab05

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://msdigital.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 10:17:32 GMT
cf-cache-status: MISS
last-modified: Wed, 07 Feb 2024 10:17:32 GMT
server: cloudflare
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=604800
content-disposition: inline; filename="plan-20-054542.webp"
accept-ranges: bytes
cf-ray: 851ae23699984d67-FRA
content-length: 8358
x-request-id: sgi4ATHbXGyNRWaulHXJp
expires: Wed, 14 Feb 2024 10:17:32 GMT

GET
H2 200 css
fonts.googleapis.com/ 105 KB
6 KB 23ms
23ms Stylesheet
text/css 2a00:1450:4001:802::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.de.C2QydJ5vPoY.es5.O/d=1/exm=kernel_loader,loader_js_executable/ed=1/rs=AJlcJMzgffkJcizCmCQfGxxELphQRTDJrA/m=web_iab_tcf_v2_wall_executable

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

867f683e26903b242dee20b61aa0ffba68101a72a70d279d8a5c6e77e9f48a2b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://xosodaiphat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 07 Feb 2024 10:17:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 07 Feb 2024 10:17:31 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 07 Feb 2024 10:17:31 GMT

GET
H2 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v40/ 47 KB
48 KB 29ms
7ms Font
font/woff2 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Host: xosodaiphat.com
URL: https://xosodaiphat.com/xsdna-xo-so-da-nang.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://xosodaiphat.com/
Origin: https://xosodaiphat.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 18:59:51 GMT
x-content-type-options: nosniff
age: 55061
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 48236
x-xss-protection: 0
last-modified: Thu, 14 Dec 2023 02:08:40 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 05 Feb 2025 18:59:51 GMT

GET
H2 200 flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2
fonts.gstatic.com/s/materialicons/v140/ 125 KB
126 KB 36ms
14ms Font
font/woff2 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/materialicons/v140/flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2

Requested by

Host: xosodaiphat.com
URL: https://xosodaiphat.com/xsdna-xo-so-da-nang.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8265f64786397d6b832d1ca0aafdf149ad84e72759fffa9f7272e91a0fb015d1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://xosodaiphat.com/
Origin: https://xosodaiphat.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 00:59:33 GMT
x-content-type-options: nosniff
age: 119879
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 128352
x-xss-protection: 0
last-modified: Tue, 07 Mar 2023 19:51:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 05 Feb 2025 00:59:33 GMT

POST
H3 204 AGSKWxXMw_k_sX48A7u-pEfk-w1EV_xdF7pw2xN8q4PSlSsng5mLGki53X3vtHo7hYHAZAAYoIP_oauM5S5p-R6HSI_s18Coqu3gJ3GIfFiQ1oFRKkp4Jo_34VlcGe4NnHJ5NSi2eshpyQ== Show response
fundingchoicesmessages.google.com/el/ 0
29 B 33ms
17ms XHR
text/html 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxXMw_k_sX48A7u-pEfk-w1EV_xdF7pw2xN8q4PSlSsng5mLGki53X3vtHo7hYHAZAAYoIP_oauM5S5p-R6HSI_s18Coqu3gJ3GIfFiQ1oFRKkp4Jo_34VlcGe4NnHJ5NSi2eshpyQ==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-475JjBIwjwjsh8HqUHnE-g' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://xosodaiphat.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 07 Feb 2024 10:17:32 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-475JjBIwjwjsh8HqUHnE-g' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzjctHikmLw1ZBiqGV4xtQKxIx_XjBxAvE7yVdM34B4h48Hy5TAGaxzgNgpfQZrABCX3T7HWgfEwnLnWaWBWIibY8_G3nVsAh2dX9kAqd4eCQ"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
access-control-max-age: 86400
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type: text/html; charset=utf-8
access-control-allow-origin: https://xosodaiphat.com
access-control-allow-methods: POST, GET, OPTIONS
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 template Show response
ads.playbuzz.com/api/v1/ Frame 6ACC 67 B
449 B 462ms
436ms Fetch
application/json 151.101.2.132
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.playbuzz.com/api/v1/template?itemId=37da7910-e981-4a39-aec9-2f3847d4ba87&referrer=https%3A%2F%2Fxosodaiphat.com%2Fxsdna-xo-so-da-nang.html
Requested by: Host: static.ex.co
URL: https://static.ex.co/cdn/content/monetization/playbuzz-ads-core/production/latest/playbuzz-ads-core.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.2.132 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 6aaf7ff9825584d4789034f1e39ada3ab1351b5ccafe4c18cc44394d25213423

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://xosodaiphat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 10:17:32 GMT
via: 1.1 varnish
age: 0
x-cache: MISS
content-length: 67
x-served-by: cache-fra-eddf8230040-FRA
server: nginx
x-timer: S1707301052.018288,VS0,VE428
etag: W/"43-sC0The1Lna+pr/V3rSFM5A"
access-control-max-age: 600
access-control-allow-methods: GET, POST, PUT, DELETE
content-type: application/json; charset=utf-8
access-control-allow-origin: https://xosodaiphat.com
vary: Origin, x-pb-country
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: Accept, Authorization, Content-Type
x-cache-hits: 0

GET
H2 200 container.html Show response
09160a512015889a23a9b23d102dbad6.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame BF12 6 KB
3 KB 7ms
7ms Document
text/html 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://09160a512015889a23a9b23d102dbad6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202402010101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://xosodaiphat.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 07 Feb 2024 10:17:31 GMT
expires: Thu, 06 Feb 2025 10:17:31 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 2965 624 B
537 B 48ms
48ms Document
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CKv65gIQm-jrAhidisT_ATAB&v=APEucNVwqAEUn9IHhVzmxfz6cd3f3CgX_Kxv2jeUgwqw-JLbSwQtFglPo03EyMmvxDgH4wHuqF9gD4k6z3A13J9UD7hSICgjKqUDiTHwd_CnO5ZX-wvr3nazrS-gfkPWahjLBN4bgHNN-QH6RSvMYR5C_WwRuRq2FZfoSrSDOMW4m-FWrHhNRiw

Requested by

Host: 09160a512015889a23a9b23d102dbad6.safeframe.googlesyndication.com
URL: https://09160a512015889a23a9b23d102dbad6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://09160a512015889a23a9b23d102dbad6.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 222
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 07 Feb 2024 10:17:32 GMT
expires: Wed, 07 Feb 2024 10:17:32 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 abg_lite_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20240205/r20110914/ Frame BF12 23 KB
9 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20240205/r20110914/abg_lite_fy2021.js

Requested by

Host: xosodaiphat.com
URL: https://xosodaiphat.com/xsdna-xo-so-da-nang.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7f83ea973e4739eb4a3d39bf8bac90016fa95d0167c45d3b883d34f39868e132

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://09160a512015889a23a9b23d102dbad6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 16:51:05 GMT
content-encoding: br
x-content-type-options: nosniff
age: 62787
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9319
x-xss-protection: 0
server: cafe
etag: 3610546441309021303
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 20 Feb 2024 16:51:05 GMT

GET
H3 200 omrhp_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20240205/r20110914/elements/html/ Frame BF12 8 KB
3 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20240205/r20110914/elements/html/omrhp_fy2021.js

Requested by

Host: xosodaiphat.com
URL: https://xosodaiphat.com/xsdna-xo-so-da-nang.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef34301455784e8a56ecc7a80985d6fd317ddd8328b6232dc0bc3223d79c91c2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://09160a512015889a23a9b23d102dbad6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 16:53:19 GMT
content-encoding: br
x-content-type-options: nosniff
age: 62653
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3206
x-xss-protection: 0
server: cafe
etag: 12640889860211258669
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 20 Feb 2024 16:53:19 GMT

GET
H2 200 view
ad.doubleclick.net/pcs/ Frame BF12 0
0 83ms
57ms Fetch
image/gif 142.250.185.102
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.doubleclick.net/pcs/view?xai=AKAOjsu_Hjfmxk6RqgSxB2rmFfU5_-NkSeq3PMYj1-3NPK_cRZOp8-03t9zpU2qYLLmfFCf7RBvs_7REZ3mmBqhDJPKOzl-IC1A8dtsu6oA4DVk8lJkpIWVURyYbjHam7FSMFI-OHYSc8lyHkNcxgsjZXgKPnY8JRg8ktFOsFOySeqL-MdCsixpJpxphmmGGcgcotad-nqrRhIHgC8Pb50jCwGoqDGdLbG7ZqCCMp8RuUsoWffK5UvIUdAQ25yHcb_5XgX3Hz0jz01oLZ7lp0VS148eRRAIlrtZgsZRX3BYHzkjkm5vJ6TYdwRAIXwNwyYoN6AMYVIsdxP12jHwAj8ksuOfkraQYO3vuGlaVhWV5hh_-6NHxqlihvLtLshemauHkPFcI707VoyVyCrU4CCpfx8dU-3PqU8w8miGN6s7wkF57Lh7gTS0Xe-Um6xhsqL49wGR6_qSwTY6phKWqudb7ogvxihVxw6q7rKLOwp_MDJ4XlKm9fTLdRf2T_vl8av0e5Bq3IJQ_FNPZsPiEQWb7QlJfxkF9_J8Z5EoChGm98jVRzccjQBX4S-g5iqXPKF5vg3HkAYFRNIDZ0K8TPLjLY7XbSkHKKfKZtQ17oOc1N6AIieWGqMxrqnw0zs2JWa7zMv395Ox72wtV8oxN-zncEqRLgOw4CQTiYzkhVsgpXwx6C_4rdl5JqaGgV7O1lFa5TGZVfFmXzRTxnqiNGDW3sGCsQjeyq3Bczvrs-7y5ZHC_Kn_Nc4DZ0_ucUJ7yg_xFbKuGTtSLuXCgLPgR69E2yWDvX8Ievc7IxlSXLV17NxT_2qdl_kuQhpM3yYX07-NTqYoq790mRDzwmW6Msn5cnpvkxxZgBXXBhaBmVIEpmNTaG8UUtA6fmbn05JWyLockrfSDeKgY_Ke-5Wd1wpoJVQu7UEWxRog7vNmyWHcRUqGU9j9cwR_tCQe6gNfdGSRZe5uHDLuYi-UsWQP9O1idUAwee7kn9B80g0WfeE6o1CIrOeLK-SO9UylqjT-M8Pjim81Ve09vRiqa0r7GWmCLXMQ3BfTuEOSH0xaVHirOrYBChYk8BubBt0-tWbCbazqcSsfif2ol0JI0EgDdJuK8pDUqBerNzm8jSvuHIrSYSDnvhYHRDrz-r5mH6AjroSoL5rmACf86MKlCTm6yF-6fXbkZGCdyac2P6pXfWMR40LbFXK8YUArzOlA10-IhUBu9-9Erjb8YMkK4Hpa4KKe2KZMC0oQ-RmdPVq88uorlq7y4bw-G2GEATTJuctf4VJkFc20P8y_sNeKdm105PZN7pHXZlQollk91W_r6_7MhATr5KtznyVqkcnxCsygoWswntuPEJjNZryiTwvljmLEnWa9I20PN&sai=AMfl-YQZxch2bPDUu4SPfaWOLk6BTbrM6i1hncGicVO9unfdDzeup-rWK9MD2Rrw9zXjMZ7pJ1Q7UiMtcE61c6eJzn6-vhGJ08T6O6bB9tiQ2rufFqrca_Rn53Zh4EuiJA6TTdLuRrRy1asiRHpSEHzy7We5fon7wZsve54FWlvZ3cCpYmIp-bNYegPn9hkfJ2SN59-4kiwsHaQfiDC_i4hIpVHRwVKYrag_xzThzC87OwNFsVA1RZ0jPfM_3AW_KnXcxw2VYOlaMNWnrs77LHj_GUanVYqoSeFgU9Y1GGlcZouUcjDYI-bCpDZNOtz7u4HKzKHVKlTAz57FfHso0sYhmyZKgeemjHK1H8yxeAcAeCuXCFxQHBDY7uUBFW5F79aQKAuwZm0hGRJmEsqEvUQlRe6BcqTLhqPZj7ypS6-EUDkuanLAsiu5k3fFGFrHRu-6LGnJkpDuNA7h5TUkpfVP3KOftpMP12qcS5SGjdvzt4VT_57vqndsxw_6n7WKgQuMAXId2A&sig=Cg0ArKJSzOJWITlh8GQNEAE&uach_m=%5BUACH%5D&pr=missingexchangepricemacro&crd=aHR0cHM6Ly9ldG9yby5jb20&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=1&cbvp=1&cstd=0&cisv=r20240205.97034&arae=0&ftch=1&adurl=

Requested by

Host: xosodaiphat.com
URL: https://xosodaiphat.com/xsdna-xo-so-da-nang.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.102 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f6.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://09160a512015889a23a9b23d102dbad6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Wed, 07 Feb 2024 10:17:32 GMT
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
cache-control: private
access-control-allow-credentials: true
timing-allow-origin: *
expires: Wed, 07 Feb 2024 10:17:32 GMT

GET
H2 200 Q12zgMmT.js Show response
tpc.googlesyndication.com/sodar/ Frame BF12 41 KB
14 KB 29ms
8ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Requested by

Host: xosodaiphat.com
URL: https://xosodaiphat.com/xsdna-xo-so-da-nang.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://09160a512015889a23a9b23d102dbad6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 19:07:58 GMT
content-encoding: br
x-content-type-options: nosniff
age: 54574
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13937
x-xss-protection: 0
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 05 Feb 2025 19:07:58 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240205/r20110914/client/ Frame BF12 3 KB
1 KB 28ms
7ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240205/r20110914/client/window_focus_fy2021.js

Requested by

Host: 09160a512015889a23a9b23d102dbad6.safeframe.googlesyndication.com
URL: https://09160a512015889a23a9b23d102dbad6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://09160a512015889a23a9b23d102dbad6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 09:32:14 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2718
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 21 Feb 2024 09:32:14 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240205/r20110914/client/ Frame BF12 20 KB
9 KB 26ms
6ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240205/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 09160a512015889a23a9b23d102dbad6.safeframe.googlesyndication.com
URL: https://09160a512015889a23a9b23d102dbad6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0899097f526aab0c82c4332c8dd24d4041cb5fbde0638d98e883e159ecbe2a64

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://09160a512015889a23a9b23d102dbad6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 16:45:59 GMT
content-encoding: br
x-content-type-options: nosniff
age: 63093
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8501
x-xss-protection: 0
server: cafe
etag: 9351358253902147912
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 20 Feb 2024 16:45:59 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame BF12 42 B
63 B 38ms
38ms Image
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-CVxsMIm3R_uyHLHVQ0CtUzQFEfuWeahOnh35XTmmy66FFZzv4TMYp7Eb-NH_Z45b9W_VgFEmMB9XqFaHvv2feJ3hkLt0YzgtpGHPamhmsvP5Pob6I

Requested by

Host: 09160a512015889a23a9b23d102dbad6.safeframe.googlesyndication.com
URL: https://09160a512015889a23a9b23d102dbad6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://09160a512015889a23a9b23d102dbad6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 07 Feb 2024 10:17:32 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame BF12 205 KB
65 KB 119ms
100ms Script
text/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: 09160a512015889a23a9b23d102dbad6.safeframe.googlesyndication.com
URL: https://09160a512015889a23a9b23d102dbad6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

91c697159132fd3884e508f6548c96cb17e460d7456d43e9c4d174fcf84521bf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://09160a512015889a23a9b23d102dbad6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 10:17:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 66417
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1707137874550712"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 07 Feb 2024 10:17:32 GMT

GET
H2 200 5255163123793238414
s0.2mdn.net/simgad/ Frame BF12 3 MB
3 MB 41ms
9ms Image
image/gif 2a00:1450:4001:808::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/simgad/5255163123793238414

Requested by

Host: 09160a512015889a23a9b23d102dbad6.safeframe.googlesyndication.com
URL: https://09160a512015889a23a9b23d102dbad6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1a0bd0b5c0097cb02c85b93ef1bca5ff66b4ed82650b56300cb7a04724d2ec42

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://09160a512015889a23a9b23d102dbad6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

expires: Wed, 05 Feb 2025 18:53:46 GMT
date: Tue, 06 Feb 2024 18:53:46 GMT
x-content-type-options: nosniff
age: 55426
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2724524
x-xss-protection: 0
last-modified: Mon, 27 Nov 2023 14:08:43 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H2 200 62bHydCX.html Show response
tpc.googlesyndication.com/sodar/ Frame A143 38 KB
13 KB 6ms
6ms Document
text/html 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/62bHydCX.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://09160a512015889a23a9b23d102dbad6.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 42637
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 13045
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 06 Feb 2024 22:26:55 GMT
expires: Wed, 05 Feb 2025 22:26:55 GMT
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame BF12 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2ac83f992cdd7ab534cf8daf199e4ca42e72ad4e6d4f57075dff7b118f92cfff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Content-Type: image/png

GET
H2

200

rum
dsum-sec.casalemedia.com/ Frame 2965
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEGo-eqMaMcjXMvZ6c3Th9a0&google_cver=1

43 B
342 B

26ms
25ms

Image
image/gif

172.64.151.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEGo-eqMaMcjXMvZ6c3Th9a0&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CKv65gIQm-jrAhidisT_ATAB&v=APEucNVwqAEUn9IHhVzmxfz6cd3f3CgX_Kxv2jeUgwqw-JLbSwQtFglPo03EyMmvxDgH4wHuqF9gD4k6z3A13J9UD7hSICgjKqUDiTHwd_CnO5ZX-wvr3nazrS-gfkPWahjLBN4bgHNN-QH6RSvMYR5C_WwRuRq2FZfoSrSDOMW4m-FWrHhNRiw
Protocol: H2
Server: 172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 07 Feb 2024 10:17:32 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=czDP1Y3JqKIFK%2BtyAuKdY75PbS9%2Fczu5gO5U%2BsCdTbOh9EFXam%2Be7uqiW0fC1g%2BCyUZPVM4nm%2B4i5SoWHAr0J3zsbM9M2GM5XEMlPdYVGTpwZWZ7yPWR79ud%2ByzZ6pstaz5A0Hj2FT9cLQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 851ae2382dca1d8e-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Wed, 07 Feb 2024 10:17:32 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEGo-eqMaMcjXMvZ6c3Th9a0&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame 2965
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZcNYvE2NLwiu294gHQG4egAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENjbnVz_a1sFiO2VpmK7_lc&google_cver=1

43 B
771 B

36ms
36ms

Image
image/gif

172.64.151.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENjbnVz_a1sFiO2VpmK7_lc&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CKv65gIQm-jrAhidisT_ATAB&v=APEucNVwqAEUn9IHhVzmxfz6cd3f3CgX_Kxv2jeUgwqw-JLbSwQtFglPo03EyMmvxDgH4wHuqF9gD4k6z3A13J9UD7hSICgjKqUDiTHwd_CnO5ZX-wvr3nazrS-gfkPWahjLBN4bgHNN-QH6RSvMYR5C_WwRuRq2FZfoSrSDOMW4m-FWrHhNRiw
Protocol: H3
Server: 172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 07 Feb 2024 10:17:32 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yBw1G3GZwrr3mgqVibBAe%2FdYYTVygY4Aq4rS8uNn%2B0dFFwnCSq83SEQQ9p7Om3%2BOj3%2Fd6MuytlgwkmYHglnXfzY1NatGF%2FIL4pYRwkdur5vf7kyGa85r9PueRzuUHHcmwcQDPcFVbuusyA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 851ae2388bd765a7-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Wed, 07 Feb 2024 10:17:32 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENjbnVz_a1sFiO2VpmK7_lc&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

bounce
ib.adnxs.com/ Frame 2965
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESELLd_d08-Ky2ueMpPEVsVOM&google_cver=1
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESELLd_d08-Ky2ueMpPEVsVOM%26google_cver%3D1

43 B
1 KB

13ms
13ms

Image
image/gif

185.89.210.82
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESELLd_d08-Ky2ueMpPEVsVOM%26google_cver%3D1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CKv65gIQm-jrAhidisT_ATAB&v=APEucNVwqAEUn9IHhVzmxfz6cd3f3CgX_Kxv2jeUgwqw-JLbSwQtFglPo03EyMmvxDgH4wHuqF9gD4k6z3A13J9UD7hSICgjKqUDiTHwd_CnO5ZX-wvr3nazrS-gfkPWahjLBN4bgHNN-QH6RSvMYR5C_WwRuRq2FZfoSrSDOMW4m-FWrHhNRiw

Protocol

Server

185.89.210.82 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

952.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 07 Feb 2024 10:17:32 GMT
an-x-request-uuid: 8b7c2efe-77c5-459b-b9b9-7d3dbafbaf2b
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: image/gif
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 45.141.152.73; 45.141.152.73; 952.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 43
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 07 Feb 2024 10:17:32 GMT
an-x-request-uuid: 1b6c7184-e272-4fe3-b09d-c13cbd46f411
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
location: https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESELLd_d08-Ky2ueMpPEVsVOM%26google_cver%3D1
cache-control: no-store, no-cache, private
x-proxy-origin: 45.141.152.73; 45.141.152.73; 952.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 2965
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=OTE4MzIzMTMxNjY3MDc3NjE2OA%3D%3D

170 B
188 B

17ms
17ms

Image
image/png

142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=OTE4MzIzMTMxNjY3MDc3NjE2OA%3D%3D

Requested by

Protocol

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 07 Feb 2024 10:17:32 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 07 Feb 2024 10:17:32 GMT
an-x-request-uuid: 9947e425-669b-4d1e-9101-715141ce4bc0
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=OTE4MzIzMTMxNjY3MDc3NjE2OA%3D%3D
x-proxy-origin: 45.141.152.73; 45.141.152.73; 952.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 200 pOkZermKdcwvcdfsJauNAZYLsZag1OhXX1s4zePfrzc.js Show response
pagead2.googlesyndication.com/bg/ Frame A143 50 KB
19 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/pOkZermKdcwvcdfsJauNAZYLsZag1OhXX1s4zePfrzc.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a4e9197ab98a75cc2f71d7ec25ab8d01960bb196a0d4e8575f5b38cde3dfaf37

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Mon, 05 Feb 2024 18:13:15 GMT
content-encoding: br
x-content-type-options: nosniff
age: 144257
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19519
x-xss-protection: 0
last-modified: Thu, 01 Feb 2024 12:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 04 Feb 2025 18:13:15 GMT

GET
H2 200 view
ad.doubleclick.net/pcs/ Frame BF12 0
0 41ms
41ms Fetch
image/gif 142.250.185.102
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.doubleclick.net/pcs/view?xai=AKAOjsu_Hjfmxk6RqgSxB2rmFfU5_-NkSeq3PMYj1-3NPK_cRZOp8-03t9zpU2qYLLmfFCf7RBvs_7REZ3mmBqhDJPKOzl-IC1A8dtsu6oA4DVk8lJkpIWVURyYbjHam7FSMFI-OHYSc8lyHkNcxgsjZXgKPnY8JRg8ktFOsFOySeqL-MdCsixpJpxphmmGGcgcotad-nqrRhIHgC8Pb50jCwGoqDGdLbG7ZqCCMp8RuUsoWffK5UvIUdAQ25yHcb_5XgX3Hz0jz01oLZ7lp0VS148eRRAIlrtZgsZRX3BYHzkjkm5vJ6TYdwRAIXwNwyYoN6AMYVIsdxP12jHwAj8ksuOfkraQYO3vuGlaVhWV5hh_-6NHxqlihvLtLshemauHkPFcI707VoyVyCrU4CCpfx8dU-3PqU8w8miGN6s7wkF57Lh7gTS0Xe-Um6xhsqL49wGR6_qSwTY6phKWqudb7ogvxihVxw6q7rKLOwp_MDJ4XlKm9fTLdRf2T_vl8av0e5Bq3IJQ_FNPZsPiEQWb7QlJfxkF9_J8Z5EoChGm98jVRzccjQBX4S-g5iqXPKF5vg3HkAYFRNIDZ0K8TPLjLY7XbSkHKKfKZtQ17oOc1N6AIieWGqMxrqnw0zs2JWa7zMv395Ox72wtV8oxN-zncEqRLgOw4CQTiYzkhVsgpXwx6C_4rdl5JqaGgV7O1lFa5TGZVfFmXzRTxnqiNGDW3sGCsQjeyq3Bczvrs-7y5ZHC_Kn_Nc4DZ0_ucUJ7yg_xFbKuGTtSLuXCgLPgR69E2yWDvX8Ievc7IxlSXLV17NxT_2qdl_kuQhpM3yYX07-NTqYoq790mRDzwmW6Msn5cnpvkxxZgBXXBhaBmVIEpmNTaG8UUtA6fmbn05JWyLockrfSDeKgY_Ke-5Wd1wpoJVQu7UEWxRog7vNmyWHcRUqGU9j9cwR_tCQe6gNfdGSRZe5uHDLuYi-UsWQP9O1idUAwee7kn9B80g0WfeE6o1CIrOeLK-SO9UylqjT-M8Pjim81Ve09vRiqa0r7GWmCLXMQ3BfTuEOSH0xaVHirOrYBChYk8BubBt0-tWbCbazqcSsfif2ol0JI0EgDdJuK8pDUqBerNzm8jSvuHIrSYSDnvhYHRDrz-r5mH6AjroSoL5rmACf86MKlCTm6yF-6fXbkZGCdyac2P6pXfWMR40LbFXK8YUArzOlA10-IhUBu9-9Erjb8YMkK4Hpa4KKe2KZMC0oQ-RmdPVq88uorlq7y4bw-G2GEATTJuctf4VJkFc20P8y_sNeKdm105PZN7pHXZlQollk91W_r6_7MhATr5KtznyVqkcnxCsygoWswntuPEJjNZryiTwvljmLEnWa9I20PN&sai=AMfl-YQZxch2bPDUu4SPfaWOLk6BTbrM6i1hncGicVO9unfdDzeup-rWK9MD2Rrw9zXjMZ7pJ1Q7UiMtcE61c6eJzn6-vhGJ08T6O6bB9tiQ2rufFqrca_Rn53Zh4EuiJA6TTdLuRrRy1asiRHpSEHzy7We5fon7wZsve54FWlvZ3cCpYmIp-bNYegPn9hkfJ2SN59-4kiwsHaQfiDC_i4hIpVHRwVKYrag_xzThzC87OwNFsVA1RZ0jPfM_3AW_KnXcxw2VYOlaMNWnrs77LHj_GUanVYqoSeFgU9Y1GGlcZouUcjDYI-bCpDZNOtz7u4HKzKHVKlTAz57FfHso0sYhmyZKgeemjHK1H8yxeAcAeCuXCFxQHBDY7uUBFW5F79aQKAuwZm0hGRJmEsqEvUQlRe6BcqTLhqPZj7ypS6-EUDkuanLAsiu5k3fFGFrHRu-6LGnJkpDuNA7h5TUkpfVP3KOftpMP12qcS5SGjdvzt4VT_57vqndsxw_6n7WKgQuMAXId2A&sig=Cg0ArKJSzOJWITlh8GQNEAE&uach_m=%5BUACH%5D&pr=missingexchangepricemacro&crd=aHR0cHM6Ly9ldG9yby5jb20&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=123&vt=11&dtpt=122&dett=2&cstd=0&cisv=r20240205.97034&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=

Requested by

Host: xosodaiphat.com
URL: https://xosodaiphat.com/xsdna-xo-so-da-nang.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.102 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f6.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://09160a512015889a23a9b23d102dbad6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 10:17:32 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Wed, 07 Feb 2024 10:17:32 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame A143 0
20 B 41ms
41ms Image
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=BivS2u1jDZaW5K87H9u8PuvaWwAUAAAAAOAHgBAI&bg=!7O-l76DNAAbAkqib4JI7ADQBe5WfODN6fUj1PDZXbEyqiRBqGbv_nhKevyEK2SaTs661yQXFBTyYVeHeKAL0us1zPnKAAgAAAPZSAAAAAmgBBwoAHhc0WFevbsWdf6BeLedpoVfPBMwQps60PJsbOZw-B5kDJ6ZcGlyx3hzMtLy0Kvs9qqboLXxm19GN-MQoacYmvipJ7Qu0vk-TrqjtjYKdeyYuXaLZG9Hp6iiY0HwUsznr6mQS_pNjHmyOqq0Vum1My4aWQvVjkEmDog3IwKWeET48HcQT_nOTAmAO5-rs7s9H_rVQZ2Ycu7aNxuLyRlyQaWXGC_gbidOkhxjy2CxBiulcMZyJyAuebdAf6XK9xLjwtLTH61eE91Q_iwD8oESgUOdMzW9skP2nRNarJcpuVMBp7ta5NvTI_pHinJxAhvLjNCufvMWVDnLKS_-zzlGRuEGBKzgJdpvUMMFrqRJRFHuySwTEoRC3s6PyWtSr5wdYdc9AdYD05bQQpDH9CIo5OdRtvCcl1RCVpkLsy0L6m_LdwgJY_UlNzle-z_LBfBMGq9DjBBPQGwU7F8_RTTJLCsVL4GiczVUfS5hLspMM6Xu7bUytacBKiIJqnvwF1MlmvbyBjsPoDpIvhQ9781tqI5AB71srBfIPX4Tt3WknPje893zSGyP1rP54Wr7EwcGBfosUI0DjYuRlTM1RQCDxmtR9qa7l_r7gMfYj_WAaY_aJcelTl22-uf02XS9PNf4Ebf89uLTlG2dgid-Da-GSvEV9F9tj93nk3xgMoV-xznh0HXsnOZNkMTWKMjs2gxlmRjz3kkxkNXvxSH-wumcWHGcHMykbFVwm0pEtu2oqNZJvQQGbtCzL216oMuAbmgz0Z7Igx1Jg25qJbq8Ca8I0UIM2sLiR8eucHGJwQqC1OvNdeScHKMnfZqOOwIFN5qa8pcCTYKAKWjejqx_wWyu8GBo5HkCo8zrMg0B1yXRKHnabNWF9BVaINnmtAMqljLLYapcvSENIji-mQeN57962xUAfTbTMXNUJSnSyrU-jM6Gk3Tign9aL3S5XmER6w_K1c5T2prlG7-GJlT5Fq0onQq7BwpURciRUZpAGS9Ecj9wFp8-dANf0Og2HACLn3rllNtywHZ8JWiNpdPBW1B4nzGxDoC8D826v0zm6f7hTZYidb0W1L5wFFek8laxRxy9i-FL-DoArKE5lnAFhMfDiWT6yFmtHyOHh9A

Requested by

Host: xosodaiphat.com
URL: https://xosodaiphat.com/xsdna-xo-so-da-nang.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 07 Feb 2024 10:17:32 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 gkqcgo047yrrhm7emgxo.jpg
img.ex.co/image/upload/q_auto:good,f_auto,fl_lossy,w_640,c_limit,dpr_1/v1707278391/ Frame 6ACC 37 KB
38 KB 20ms
20ms Image
image/webp 23.53.42.130
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.ex.co/image/upload/q_auto:good,f_auto,fl_lossy,w_640,c_limit,dpr_1/v1707278391/gkqcgo047yrrhm7emgxo.jpg
Requested by: Host: xosodaiphat.com
URL: https://xosodaiphat.com/xsdna-xo-so-da-nang.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.53.42.130 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-53-42-130.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 7de4586d67effed4b1b2778385c6663bf676f5296fe72f6196b3941e81dd7dd1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://xosodaiphat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

x-amz-meta-cld-original-filename: m5X-7kSDCUIsd
date: Wed, 07 Feb 2024 10:17:32 GMT
x-amz-meta-cld-surrogate-reporting: width=640,height=480,bytes=38068,owidth=640,oheight=480,obytes=74256,ef=(1,11,13,17,97)
x-amz-request-id: H234SPDZ3Z1M7RG9
x-amz-meta-cld-transformation-id: 6721778915498761550
x-amz-server-side-encryption: AES256
x-amz-meta-cld-version: 1707278391
x-amz-meta-cld-surrogate-key: 213982809531535022243194484195933359783 189481846439524980135327016119240092124
content-disposition: inline; filename="gkqcgo047yrrhm7emgxo.webp"
content-length: 38068
x-amz-id-2: 6nUWJ7GTXS9B8MhtKke9Q+5SOHa2zg23BHKYF3ALUEOJIfc/OKKa2RbqGhZl5Cyw36TQgg9YkMI=
last-modified: Wed, 07 Feb 2024 04:07:49 GMT
server: AmazonS3
etag: "c4fa3e6ee94d18f40758a39d664d101c"
content-type: image/webp
access-control-allow-origin: *
cache-control: public, private, max-age=31524660
accept-ranges: bytes
expires: Thu, 06 Feb 2025 07:08:32 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 16 KB
12 KB 53ms
53ms XHR
application/json 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202402010101&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202402010101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

03c4f43ebbb1352ca118e5248b594343a5d02d0a3ed5cc4505c846738257c599

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://xosodaiphat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 10:17:32 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12206
x-xss-protection: 0

POST
H2 204 collect
region1.analytics.google.com/g/ 0
54 B 14ms
14ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-KPB8BPT4XL&gtm=45je4250v867871146za200&_p=1707301051501&gcd=13l3l3l3l1&npa=0&dma_cps=sypham&dma=1&tcfd=10001&cid=929259871.1707301052&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&pscdl=noapi&_eu=AEI&_s=2&sid=1707301051&sct=1&seg=0&dl=https%3A%2F%2Fxosodaiphat.com%2Fxsdna-xo-so-da-nang.html&dt=XSDNA%20-%20SXDNA%20-%20Xo%20So%20Da%20Nang%20-%20K%E1%BA%BFt%20Qu%E1%BA%A3%20X%E1%BB%95%20S%E1%BB%91%20%C4%90%C3%A0%20N%E1%BA%B5ng&en=ad_impression&ep.query_id=COWC2YWAmYQDFc6j_QcdOrsFWA&_et=404&tfd=2070
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-KPB8BPT4XL&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://xosodaiphat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 07 Feb 2024 10:17:32 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://xosodaiphat.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 75ms
75ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202402010101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://xosodaiphat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 10:17:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 07 Feb 2024 10:17:32 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 7F77 13 KB
5 KB 7ms
6ms Document
text/html 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://xosodaiphat.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 2366
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 07 Feb 2024 09:38:06 GMT
expires: Thu, 06 Feb 2025 09:38:06 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame D15F 829 B
1 KB 38ms
16ms Document
text/html 2a00:1450:4001:830::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

a1d5fc19c6fb5e9c154b76c9fcc5a97e9fdc3dc46878a204f3fd46de910d72a5

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-2cklz4JAm3eGuENurLXlVg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://xosodaiphat.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-2cklz4JAm3eGuENurLXlVg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Wed, 07 Feb 2024 10:17:32 GMT
expires: Wed, 07 Feb 2024 10:17:32 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 IHSjRKKj3q_1Pt3c2sGWHmUCy_Bw5n5yhKh9CWyZSw4.js Show response
pagead2.googlesyndication.com/bg/ Frame 7F77 39 KB
15 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/IHSjRKKj3q_1Pt3c2sGWHmUCy_Bw5n5yhKh9CWyZSw4.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2074a344a2a3deaff53edddcdac1961e6502cbf070e67e7284a87d096c994b0e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 08:32:56 GMT
content-encoding: br
x-content-type-options: nosniff
age: 6276
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15219
x-xss-protection: 0
last-modified: Mon, 15 Jan 2024 09:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 06 Feb 2025 08:32:56 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame D15F 0
0 38ms
38ms Image
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202402010101&jk=654494967786740&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

POST
H2 200 events Show response
prd-collector-platform.ex.co/main/ Frame 6ACC 17 B
154 B 95ms
94ms Fetch
application/json 44.195.166.86
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://prd-collector-platform.ex.co/main/events
Requested by: Host: static.ex.co
URL: https://static.ex.co/pb-story/production/8fad3fe821d750d92b9ee96481830ddbcb223fc4-2023-05-31-10-50-43/story-viewer.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 44.195.166.86 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-44-195-166-86.compute-1.amazonaws.com
Software: /
Resource Hash: cebe87559cf861d01e9c6b1cefd38ab1db9e13c8fe316b85a296b6cf220f883e

Request headers

Accept: application/json
Referer: https://xosodaiphat.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Wed, 07 Feb 2024 10:17:32 GMT
etag: W/"11-MaL8I3MaqLPWbOrdrabTmSWS9PM"
content-length: 17
content-type: application/json; charset=utf-8

POST
H2 200 events Show response
prd-collector-anon.playbuzz.com/main/ Frame 6ACC 17 B
155 B 315ms
97ms Fetch
application/json 3.233.110.153
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://prd-collector-anon.playbuzz.com/main/events
Requested by: Host: static.ex.co
URL: https://static.ex.co/cdn/content/monetization/playbuzz-ads-core/production/latest/playbuzz-ads-core.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.233.110.153 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-233-110-153.compute-1.amazonaws.com
Software: /
Resource Hash: cebe87559cf861d01e9c6b1cefd38ab1db9e13c8fe316b85a296b6cf220f883e

Request headers

Accept: application/json
Referer: https://xosodaiphat.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Wed, 07 Feb 2024 10:17:33 GMT
etag: W/"11-MaL8I3MaqLPWbOrdrabTmSWS9PM"
content-length: 17
content-type: application/json; charset=utf-8

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 7F77 0
10 B 6ms
6ms Image
text/plain 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?PX5DZA
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 10:17:33 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame BF12 42 B
64 B 41ms
40ms Fetch
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuH6VI7OqHWa-eojeKv3rlchDag7GYBYhla1L7qPczUBMS9bA9tTPCg6gxOy58ZQhmCAV0OJ_nQjTxm5YHI3P0Lp-h3hAh4kq_1ak95nea6P9EoqBZnzWuTNn5DNEH7PwqTFtTCxQUiXOdsfVuGBoTjmY_NvioAAtOUUg&sai=AMfl-YQpNnqg5j8AdPSEFeRd0SRPnnyTQXZeZgAZEYpHNZigbptSlqIKHJ87IvQbeZPzJ-Tralie-mG20ErghzydyZoff08jYKTv0LWKXbHoUSa9aMHVRoKA0jE-wzKrgm2JxcBHyEm1v-ccZVjFM9Jo&sig=Cg0ArKJSzFx8_asR6mZeEAE&cid=CAQSTgAvHhf_mmjToRjZXKF84KAccX2y7j1pAfPJ0gLjBX-I9gfLpOPMWdPGvoBLZDeeFHJB1qLDU_CWMqzJde689ArfZOefaFTHT6Ra2IIuZRgB&id=lidar2&mcvt=1000&p=870,357,1470,657&mtos=0,0,1000,1000,1000&tos=0,0,1000,0,0&v=20240205&bin=7&avms=nio&bs=0,0&mc=0.55&if=1&vu=1&app=0&itpl=20&adk=959143892&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&co=323385200&rst=1707301052054&rpt=214&isd=0&lsd=0&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=8&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://09160a512015889a23a9b23d102dbad6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 07 Feb 2024 10:17:33 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 41ms
40ms Image
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202402010101&jk=654494967786740&bg=!7e6l7qHNAAa8BdJLnAU7ADQBe5WfOA6qkaZqCQR-0NVMw1DPu5xBkc155rENELckD9E74twBKxKlVpgo5si3aWwrQUTAAgAAAMJSAAAAAmgBB5kCx4IOMYzpPwiKJ70KNOUK1rpeSGuRCcs4cZIOD8vt6nEjt5gen54WRP1iAcFAxXn2LNK9I2mSihFYxXj0oqWHUs2VoxCegjx8Bs_-EE9CAVIUr68gbHgMMhGhKQ5eH637HAEJQLI66P1O6M8q3KHxnmOhH2kIpPkAB1skTll3n9o7l8ou1HfOhNLM5ZsISIMFP7LHcNMLEikliuhMT56QTF8mPEtv9nfz9h7K9N7ExK7pTNjWwI4mjfskCrA3bmBneyGni5ZOhFL-1vQ28lW8MTxNDyJFsQbJhIoyEDkR1m4k2c6PKzUxMeBzvy-_7EvY-zRs2xpIX6x-ONvv5sQh9P_EcJDDhBnxKWcOhoiX2S7yDHHxKqRI3W9EikAuSChHfCDtSX4MZcTrQJFuoTHt6urhawKLHMiY5II17inOTJJAm4_4w6wElUUo_Kwt2lxnM92V7ngJ6b1bGFgNQA-MfTKwgW83LMc9LElnXbfu9VWKdHHHtYcPLCENMDpzk0LUUlyAOK_Ub83Udo2Ld1LSlR7zEbgqHAH4nQfGtVtKYlLwgROyNpioybKjJtGKAQ8dLUCl1c_WhleqOTKkqAUy-lcPc8jZi2e3WsALWspI6wY_4yu-8gMuaFIg_LeNaUP7sbSoogqwG3ata9tdGhPlmGjbyopBX-LvrLu7zmkwjVY_2w9bUxC8tMG-1mlAnSMEvaruL0EM3P2dCYf3RxugRoZC8VBjOQG4cZndkuOwLCwglMlYXBpZg8kB2nxn32nzVxJwYOR4HZtyV495gaOW_k3ORygRUUlQAIF1ZU-yrTAokdfZJxyM_PP9HqZoKXWoeWA9GGhl5zlP7oi3ZeDOpXZIyhHiP9SO6MXEHbw1nkALmmBFgPcAT8TRo78JUlplxPK-vDEe1A3NJMDnooec5CcDsYle2kz1cDFndk9lkFs1zNusG38M-A
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://xosodaiphat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

POST
H3 204 collect
region1.analytics.google.com/g/ 0
17 B 14ms
13ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-KPB8BPT4XL&gtm=45je4250v867871146z8867852407za200&_p=1707301051501&gcd=13l3l3l3l1&npa=0&dma_cps=sypham&dma=1&tcfd=10001&cid=929259871.1707301052&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&pscdl=noapi&sid=1707301051&sct=1&seg=0&dl=https%3A%2F%2Fxosodaiphat.com%2Fxsdna-xo-so-da-nang.html&dt=XSDNA%20-%20SXDNA%20-%20Xo%20So%20Da%20Nang%20-%20K%E1%BA%BFt%20Qu%E1%BA%A3%20X%E1%BB%95%20S%E1%BB%91%20%C4%90%C3%A0%20N%E1%BA%B5ng&_s=3&tfd=7071
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-KPB8BPT4XL&l=dataLayer&cx=c
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://xosodaiphat.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Wed, 07 Feb 2024 10:17:37 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://xosodaiphat.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

241 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

19 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
xosodaiphat.com/	1970-01-20 18:58:13	Name: exco-uid Value: cqjfct1lp8ghnfss
.google.com/	1970-01-20 22:38:32	Name: NID Value: 511=iwjB3tvO3BqF1OpUj_w0zZr9OJg3MNcpgsduj9SOJa9PHCnNqhMahqkBzeUfBz3LpBYXi8kYs6Q4GEXSyNyN1dIkun_4OudOzVvYSozJrFyyohlO2WVsHPfOKgMC3QmE2R9dUPWW-9cCNYadWWzwaX1ruSm-kUdW5Y3MR6wW4dw
.xosodaiphat.com/	1970-01-20 20:24:37	Name: _gcl_au Value: 1.1.2013369360.1707301052
.xosodaiphat.com/	1970-01-20 18:16:27	Name: _gid Value: GA1.2.965215509.1707301052
.xosodaiphat.com/	1970-01-20 18:15:01	Name: _gat_UA-72080428-1 Value: 1
.xosodaiphat.com/	1970-01-21 03:51:01	Name: _ga Value: GA1.1.929259871.1707301052
.xosodaiphat.com/	1970-01-21 03:36:37	Name: __gads Value: ID=1a983f33daacdfbe:T=1707301051:RT=1707301051:S=ALNI_MYWfLK0ed7ZCc3jwmTJkZqqQsl7DQ
.xosodaiphat.com/	1970-01-21 03:36:37	Name: __gpi Value: UID=00000d52e91b1a6f:T=1707301051:RT=1707301051:S=ALNI_MYmJSK4Afn9ES-bohHtnQeeBx5l9Q
.xosodaiphat.com/	1970-01-20 22:34:13	Name: __eoi Value: ID=f64f13babc531e46:T=1707301051:RT=1707301051:S=AA-AfjYNl9H_QOnnflRQFbz5-n5_
.doubleclick.net/	1970-01-21 03:36:37	Name: IDE Value: AHWqTUlRpHsVynvJt6TTt2cXa00sJGQaGJsl0zvJxlpdNxP70iCrTIbp_ls0y772TMI
.doubleclick.net/	1970-01-20 22:34:13	Name: receive-cookie-deprecation Value: 1
.casalemedia.com/	1970-01-21 03:00:37	Name: CMID Value: ZcNYvE2NLwiu294gHQG4egAA
.casalemedia.com/	1970-01-20 20:24:37	Name: CMPS Value: 3250
.casalemedia.com/	1970-01-20 20:24:37	Name: CMPRO Value: 3250
.adnxs.com/	1970-01-21 03:51:01	Name: receive-cookie-deprecation Value: 1
.adnxs.com/	1970-01-20 20:24:37	Name: XANDR_PANID Value: w1ekFW81CrY_0JlVUnL3lk0ADrc7gsecZS4eWW5KeWrvCjNvxLKgaXklBL51TX2Q0HvgHcdey8Y_ORGX626pgfBxFLprQRdwlro8fsURirM.
.adnxs.com/	1970-01-20 20:24:37	Name: anj Value: dTM7k!M41.D>6NRF']wIg2In4iF$Hq!]tbPl1M>e)ZlrFUfJ+tGXxp$>N0#qNZG:RZ/>x/HfEsmAI3dG^NCemc%J?wbpRzqF1`ba%_:/#%
.adnxs.com/	1970-01-20 20:24:37	Name: uuid2 Value: 9183231316670776168
.xosodaiphat.com/	1970-01-21 03:51:01	Name: _ga_KPB8BPT4XL Value: GS1.1.1707301051.1.0.1707301052.59.0.0

50 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
rendering	warning	URL: https://xosodaiphat.com/xsdna-xo-so-da-nang.html(Line 5) Message: The value "160dpi" for key "target-densitydpi" was truncated to its numeric prefix.
rendering	warning	URL: https://xosodaiphat.com/xsdna-xo-so-da-nang.html(Line 5) Message: The key "target-densitydpi" is not supported.
other	warning	URL: https://xosodaiphat.com/xsdna-xo-so-da-nang.html(Line 718) Message: Origin trial controlled feature not enabled: 'attribution-reporting'.
other	warning	URL: https://xosodaiphat.com/xsdna-xo-so-da-nang.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://xosodaiphat.com/xsdna-xo-so-da-nang.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://xosodaiphat.com/xsdna-xo-so-da-nang.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://xosodaiphat.com/xsdna-xo-so-da-nang.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	error	URL: https://msdigital.vn/ads/NjM4Mzk4Nzk5NzIx Message: Invalid 'X-Frame-Options' header encountered when loading 'https://msdigital.vn/': 'allow-from *' is not a recognized directive. The header will be ignored.
other	warning	URL: https://xosodaiphat.com/xsdna-xo-so-da-nang.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://xosodaiphat.com/xsdna-xo-so-da-nang.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://xosodaiphat.com/xsdna-xo-so-da-nang.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://xosodaiphat.com/xsdna-xo-so-da-nang.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://xosodaiphat.com/xsdna-xo-so-da-nang.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://xosodaiphat.com/xsdna-xo-so-da-nang.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://xosodaiphat.com/xsdna-xo-so-da-nang.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://xosodaiphat.com/xsdna-xo-so-da-nang.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://xosodaiphat.com/xsdna-xo-so-da-nang.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://xosodaiphat.com/xsdna-xo-so-da-nang.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://xosodaiphat.com/xsdna-xo-so-da-nang.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://xosodaiphat.com/xsdna-xo-so-da-nang.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://xosodaiphat.com/xsdna-xo-so-da-nang.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://xosodaiphat.com/xsdna-xo-so-da-nang.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://xosodaiphat.com/xsdna-xo-so-da-nang.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://xosodaiphat.com/xsdna-xo-so-da-nang.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://xosodaiphat.com/xsdna-xo-so-da-nang.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://xosodaiphat.com/xsdna-xo-so-da-nang.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://xosodaiphat.com/xsdna-xo-so-da-nang.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://xosodaiphat.com/xsdna-xo-so-da-nang.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://xosodaiphat.com/xsdna-xo-so-da-nang.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://xosodaiphat.com/xsdna-xo-so-da-nang.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://xosodaiphat.com/xsdna-xo-so-da-nang.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://xosodaiphat.com/xsdna-xo-so-da-nang.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://xosodaiphat.com/xsdna-xo-so-da-nang.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://xosodaiphat.com/xsdna-xo-so-da-nang.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://xosodaiphat.com/xsdna-xo-so-da-nang.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://xosodaiphat.com/xsdna-xo-so-da-nang.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://xosodaiphat.com/xsdna-xo-so-da-nang.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://xosodaiphat.com/xsdna-xo-so-da-nang.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://xosodaiphat.com/xsdna-xo-so-da-nang.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://xosodaiphat.com/xsdna-xo-so-da-nang.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://xosodaiphat.com/xsdna-xo-so-da-nang.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://xosodaiphat.com/xsdna-xo-so-da-nang.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://xosodaiphat.com/xsdna-xo-so-da-nang.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://xosodaiphat.com/xsdna-xo-so-da-nang.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://xosodaiphat.com/xsdna-xo-so-da-nang.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://xosodaiphat.com/xsdna-xo-so-da-nang.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://xosodaiphat.com/xsdna-xo-so-da-nang.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://xosodaiphat.com/xsdna-xo-so-da-nang.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://xosodaiphat.com/xsdna-xo-so-da-nang.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://xosodaiphat.com/xsdna-xo-so-da-nang.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

09160a512015889a23a9b23d102dbad6.safeframe.googlesyndication.com
ad.doubleclick.net
ads.playbuzz.com
apis.google.com
cdn.adop.asia
cdn.msdigital.vn
cdn.xosodaiphat.com
cm.g.doubleclick.net
dsum-sec.casalemedia.com
embed.ex.co
experience.ex.co
fonts.googleapis.com
fonts.gstatic.com
fundingchoicesmessages.google.com
googleads.g.doubleclick.net
ib.adnxs.com
images.dmca.com
img.ex.co
mcd-sdk.playbuzz.com
msdigital.vn
pagead2.googlesyndication.com
pixel.ex.co
prd-collector-anon.playbuzz.com
prd-collector-platform.ex.co
region1.analytics.google.com
s0.2mdn.net
securepubads.g.doubleclick.net
smart-placements-sdk.ex.co
static.ex.co
stats.g.doubleclick.net
tpc.googlesyndication.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
xosodaiphat.com
103.229.42.224
142.250.185.102
142.250.185.98
151.101.2.132
151.101.2.137
151.101.66.132
172.64.151.101
185.89.210.82
2001:4860:4802:32::36
23.53.42.130
2400:52e0:1e00::1081:1
2606:4700::6812:144c
2606:4700::6812:d0d
2a00:1450:4001:800::2002
2a00:1450:4001:802::200a
2a00:1450:4001:806::2008
2a00:1450:4001:808::2002
2a00:1450:4001:808::2006
2a00:1450:4001:80e::2001
2a00:1450:4001:812::2003
2a00:1450:4001:827::200e
2a00:1450:4001:828::2001
2a00:1450:4001:828::200e
2a00:1450:4001:829::2002
2a00:1450:4001:82a::2003
2a00:1450:4001:82f::2003
2a00:1450:4001:830::2004
2a00:1450:4001:831::2002
2a00:1450:4001:831::200e
2a00:1450:400c:c00::9c
2a02:26f0:480:24::1726:6267
3.233.110.153
44.195.166.86
03c4f43ebbb1352ca118e5248b594343a5d02d0a3ed5cc4505c846738257c599
04c1bc744720c6e7542613e933c9a0f4bbd8f6ed45a5b1924223c256430dfd7b
0899097f526aab0c82c4332c8dd24d4041cb5fbde0638d98e883e159ecbe2a64
09a423ac9e66a43b1e3f5e2ede68b694d047effe0b39b927327f4fe25d5cbd37
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
16df7b4184ea95b13df62d05dddebc06f0e788dd2aeed77df742133c66730a7c
17bd94a28d6447ce95fcb2b8e6b84f4cc8174fd264df5fff305f2c55dbb40c4a
1a0bd0b5c0097cb02c85b93ef1bca5ff66b4ed82650b56300cb7a04724d2ec42
1d07ee57409ba29ae16fe77a8c7f0ca9f6c2df90a6422dc7869eb32d2e4d531c
1d39ce4c484ea5c4ee6f293e5e19bda22879d18ab830a357e56578eefb1713be
1df09b28661af91ade9d078d28cb52f0ecf036fa91c737cd5d346ce52b2b62f8
2074a344a2a3deaff53edddcdac1961e6502cbf070e67e7284a87d096c994b0e
266d386b294c2a628ca6c650a288b58c6ee6e652a1ee32de8bfcb38020f6439a
2956ae945c27514e2430022b0aeac654523718005036136bb2c9bc72b63dbaf7
2a72e4899e019bb6fc9cdcd7c5edf076a9f2f6ccd80ba31e83736fac06272d34
2ac83f992cdd7ab534cf8daf199e4ca42e72ad4e6d4f57075dff7b118f92cfff
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
3d774f58b960045a13d077ee62582d4ade0eac48358cd30c03e9f3de5f86b425
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
4491a962c7caf00e40391db93cd9c1c32a4e437be868b1ed8f91aa0c4d1a85ed
45745db6a137b469e44e00d469622072b166e516122635d284d5039573b79ddb
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
47d62b21d83d5e6def99116eaca8fc8c6a2e977ad45cb460e12af182974d2a1d
490fd7e37ebfa00c423d35c6501b28bfd927f242917a7c4aaa9f88e696070399
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4dccee44014fcc4dedcbdb8d27a7245127c67462249b6f53493431ecfc5dab05
4ea471cc6d2642d2f29b0a2b44723838c431c02919aafec809bc50a3022ed0fa
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
52c19eaf43e9a3bd45519b5999699a6ce0ec5a959327450522fd4b9ebfbe7d76
5315fece4d3b2161fa837e97ee9194bd94ac08f5fc39c01b3ccf666ae640054e
54992cc7785468dc624160738ef6642ed1c220bc5107e3cca971465d4db2e2f8
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
573578494667f15a89f574fedfab20b31e6aaee9179ee9d02bfb1713ec1b37c7
5c8aa2a3f11c98a965938267f743e26504d3127d68cc425821c8a8a1f523a670
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
664ab995d4d5177d74e16e73204ebaf6e3a72f0d2c280a6fabf731d718890aee
677bd8bfee14c25aa218da638a02a9a95cccf7af413458719e22a24751631c4a
678fd82a47859b36c9e236184ce19ac3a58a32c1362ac72b170830f114353b2e
6aaf7ff9825584d4789034f1e39ada3ab1351b5ccafe4c18cc44394d25213423
6b1855c3e93981dd579aedb73e6841185a1ce1d3abe0b2dbe3bb1249bedcd82c
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6fe1405bd9125051de2258e4ba8b8d5635b223856c3d5ec647734f49b795507a
75d5eaf3029fcc3aeb279e2c6b88a7f7bbd958cc5e6bc784135373094a7c008c
794f20c2790a4d3f27b8241288c24569d57ddc48f10dacb8fe6a0187db69dd6c
7a0b8b2346decace206280825ba10ad98156b636d342224c18723ee7d3c94b0c
7de4586d67effed4b1b2778385c6663bf676f5296fe72f6196b3941e81dd7dd1
7f83ea973e4739eb4a3d39bf8bac90016fa95d0167c45d3b883d34f39868e132
8265f64786397d6b832d1ca0aafdf149ad84e72759fffa9f7272e91a0fb015d1
867f683e26903b242dee20b61aa0ffba68101a72a70d279d8a5c6e77e9f48a2b
91c697159132fd3884e508f6548c96cb17e460d7456d43e9c4d174fcf84521bf
9541b7e6084bcd4fa7a6f48b87db5cf08d21ba985810492e7964e5291bd69f69
97a875101b4eb1d3be832917837c523a7af23f736ae6bdfbca57e740b30caee3
99984969b73a9759568e48a6e5e02f4fdc286cc3bd57f8e0fe94369b8dc920e4
9ba2c2b2479cc7044e4af1a0123ec24531e8ad57aa91d4d5655405a148271589
9cb719560eaea3498d844292ddbc78102de9efd6d703a0085288d513b035066f
9ccd0b8dcedf64da15cc9c91034d10ead865813506f63c82b9b02ba7cc4df78a
9d1159a08f439c5bd45dc5704422ace4528e489c1a8b796661e463676a4ab2f1
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a1d5fc19c6fb5e9c154b76c9fcc5a97e9fdc3dc46878a204f3fd46de910d72a5
a4e9197ab98a75cc2f71d7ec25ab8d01960bb196a0d4e8575f5b38cde3dfaf37
aabb2779ac0a3851f52c262fa7d26ca98a35546f1ae6b63701c434a0ded86dad
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
b00ed7ac792010cdeddcb5d6c719ff7e719e5046dedac2053b3caf64fceb579a
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b33c75d66b6115b2b04d07e509b8b5def62e5ff9a5feb52c7b4dfedb748fa8ba
c01eb076809b16051ebbb8ace592465ef2d059908c608a4e07a7c1b6c624249b
c139d813498e013df39eea698dab24025cee5520480588f73cac443e222a58d1
c86bfeabd06ba640332347ce71c397f83fc766be7ba5cd8204d99b940e0fbcb6
cebe87559cf861d01e9c6b1cefd38ab1db9e13c8fe316b85a296b6cf220f883e
d30246dceb8b00a5951fad904cc4ab611d098c634956fb63037cd300bfba0aeb
dd382a0b771572febe55bbd91bca06284a52d4ac9bc73128f114914a4b3c7e97
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e8001772f5fd68cdf6f4d82118d7d0b67cc65eb418f3994a4105837e5624894a
e8021f1a9dad409f7e699457ac334653bf800464df69900237c4de1c29e275d0
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
ede1a14f2800eeb40e5370aef684dce98eff7eee4e6c75fb9b3c4c773351a8b2
ef120b3854dcb45654a41cf35cbfd8bc64c3bf76116276705eb18379956e3ffe
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef34301455784e8a56ecc7a80985d6fd317ddd8328b6232dc0bc3223d79c91c2
f1cfe4f7d3b09de9e3537f0a2303e3e1f23825a794f744340ababa5807de75e1
f60f10aade31270bc42c5fbbb9fd152a4269715cdcae040ae58aa52db0524647

xosodaiphat.com Open in urlscan Pro 2606:4700::6812:144c Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

102 Requests

96 %HTTPS

67 %IPv6

18 Domains

38 Subdomains

34 IPs

4 Countries

4526 kBTransfer

8185 kBSize

19 Cookies

4 Outgoing links

Redirected requests

102 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

xosodaiphat.com Open in urlscan Pro
2606:4700::6812:144c Public Scan

Screenshot
Live screenshot

Full Image

102
Requests

96 %
HTTPS

67 %
IPv6

18
Domains

38
Subdomains

34
IPs

4
Countries

4526 kB
Transfer

8185 kB
Size

19
Cookies

102 HTTP transactions
2 data transactions