xosodaiphat.com Open in urlscan Pro
2606:4700::6812:144c Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://xosodaiphat.com/xsmb-xo-so-mien-bac.html
Effective URL:
https://xosodaiphat.com/xsmb-xo-so-mien-bac.html
Submission: On October 05 via manual (October 5th 2023, 12:11:05 am UTC) from JP — Scanned from JP

Summary HTTP 196 Redirects Links 2 Behaviour Indicators

Summary

This website contacted 35 IPs in 6 countries across 28 domains to perform 196 HTTP transactions. The main IP is 2606:4700::6812:144c, located in United States and belongs to CLOUDFLARENET, US. The main domain is xosodaiphat.com. The Cisco Umbrella rank of the primary domain is 27378.
TLS certificate: Issued by E1 on September 30th 2023. Valid for: 3 months.

This is the only time xosodaiphat.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 14	2606:4700::68... 2606:4700::6812:144c	13335 (CLOUDFLAR...) (CLOUDFLARENET)
21	2404:6800:400... 2404:6800:4004:808::2002	15169 (GOOGLE) (GOOGLE)
6	2404:6800:400... 2404:6800:4004:825::2002	15169 (GOOGLE) (GOOGLE)
1	2606:50c0:800... 2606:50c0:8002::153	54113 (FASTLY) (FASTLY)
4	2404:6800:400... 2404:6800:4004:80b::2002	15169 (GOOGLE) (GOOGLE)
1	104.26.0.74 104.26.0.74	13335 (CLOUDFLAR...) (CLOUDFLARENET)
6	2606:4700:440... 2606:4700:4400::6812:2396	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2606:4700:440... 2606:4700:4400::ac40:98bf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	104.26.1.74 104.26.1.74	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2400:52e0:150... 2400:52e0:1501::1145:1	200325 (BUNNYCDN) (BUNNYCDN)
8	2404:6800:400... 2404:6800:4004:824::2003	15169 (GOOGLE) (GOOGLE)
2	2404:6800:400... 2404:6800:4004:825::2008	15169 (GOOGLE) (GOOGLE)
2	2404:6800:400... 2404:6800:4004:81c::200e	15169 (GOOGLE) (GOOGLE)
4 18	2404:6800:400... 2404:6800:4004:827::2002	15169 (GOOGLE) (GOOGLE)
15	2404:6800:400... 2404:6800:4004:822::200e	15169 (GOOGLE) (GOOGLE)
5	2404:6800:400... 2404:6800:4004:80a::200e	15169 (GOOGLE) (GOOGLE)
5	118.194.234.167 118.194.234.167	135377 (UCLOUD-HK...) (UCLOUD-HK-AS-AP UCLOUD INFORMATION TECHNOLOGY HK LIMITED)
1	128.1.40.229 128.1.40.229	135377 (UCLOUD-HK...) (UCLOUD-HK-AS-AP UCLOUD INFORMATION TECHNOLOGY HK LIMITED)
1	2404:6800:400... 2404:6800:4008:c13::9d	15169 (GOOGLE) (GOOGLE)
1	2404:6800:400... 2404:6800:4004:80f::2001	15169 (GOOGLE) (GOOGLE)
1	2404:6800:400... 2404:6800:4004:80a::2002	15169 (GOOGLE) (GOOGLE)
33	2404:6800:400... 2404:6800:4004:826::2001	15169 (GOOGLE) (GOOGLE)
3 5	2404:6800:400... 2404:6800:400a:80e::2004	15169 (GOOGLE) (GOOGLE)
8	142.251.42.130 142.251.42.130	15169 (GOOGLE) (GOOGLE)
8	2404:6800:400... 2404:6800:4004:827::200a	15169 (GOOGLE) (GOOGLE)
5	2404:6800:400... 2404:6800:4004:818::2001	15169 (GOOGLE) (GOOGLE)
5	2404:6800:400... 2404:6800:4004:826::2003	15169 (GOOGLE) (GOOGLE)
1 1	34.142.175.23 34.142.175.23	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
10	142.250.196.98 142.250.196.98	15169 (GOOGLE) (GOOGLE)
1 1	35.186.193.173 35.186.193.173	15169 (GOOGLE) (GOOGLE)
2 2	18.213.189.173 18.213.189.173	14618 (AMAZON-AES) (AMAZON-AES)
1 1	139.162.117.143 139.162.117.143	63949 (AKAMAI-LI...) (AKAMAI-LINODE-AP Akamai Connected Cloud)
2	133.186.161.89 133.186.161.89	45974 (NHN-AS-KR...) (NHN-AS-KR NHNCLOUD)
1 1	51.79.152.76 51.79.152.76	16276 (OVH) (OVH)
1 2	220.150.223.50 220.150.223.50	4686 (BEKKOAME ...) (BEKKOAME BEKKOAME INTERNET INC.)
2	2606:4700:440... 2606:4700:4400::ac40:986a	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	23.40.192.188 23.40.192.188	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2620:116:800e... 2620:116:800e:21:46d:7e81:55ff:4c12	16509 (AMAZON-02) (AMAZON-02)
1 1	151.101.130.49 151.101.130.49	54113 (FASTLY) (FASTLY)
1 1	202.232.238.37 202.232.238.37	2497 (IIJ Inter...) (IIJ Internet Initiative Japan Inc.)
1	202.233.84.1 202.233.84.1	131957 (MICROAD M...) (MICROAD MicroAd)
196	35

14 2606:4700::6812:144c (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

xosodaiphat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn.xosodaiphat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

21 2404:6800:4004:808::2002 (Australia)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2404:6800:4004:825::2002 (Australia)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:50c0:8002::153 (United States)

ASN54113 (FASTLY, US)

msdigita.github.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2404:6800:4004:80b::2002 (Australia)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.26.0.74 (None, )

ASN13335 (CLOUDFLARENET, US)

api-sg.flygame.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2606:4700:4400::6812:2396 (United States)

ASN13335 (CLOUDFLARENET, US)

jsc.adskeeper.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
c.adskeeper.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
servicer.adskeeper.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cm.adskeeper.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:4400::ac40:98bf (United States)

ASN13335 (CLOUDFLARENET, US)

jsc.adskeeper.co.uk	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.26.1.74 (None, )

ASN13335 (CLOUDFLARENET, US)

api.flygame.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2400:52e0:1501::1145:1 (Japan)

ASN200325 (BUNNYCDN, SI)

images.dmca.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2404:6800:4004:824::2003 (Australia)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2404:6800:4004:825::2008 (Australia)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2404:6800:4004:81c::200e (Australia)

ASN15169 (GOOGLE, US)

apis.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 2404:6800:4004:827::2002 (Australia) 4 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 2404:6800:4004:822::200e (Australia)

ASN15169 (GOOGLE, US)

fundingchoicesmessages.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2404:6800:4004:80a::200e (Australia)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 118.194.234.167 (Singapore)

ASN135377 (UCLOUD-HK-AS-AP UCLOUD INFORMATION TECHNOLOGY HK LIMITED, HK)

nstat-sg.flygame.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 128.1.40.229 (United States)

ASN135377 (UCLOUD-HK-AS-AP UCLOUD INFORMATION TECHNOLOGY HK LIMITED, HK)

api2-sg.flygame.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2404:6800:4008:c13::9d (Taipei, Taiwan)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2404:6800:4004:80f::2001 (Australia)

ASN15169 (GOOGLE, US)

a9429f471968253f5bd8b98d2fe4e3ec.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2404:6800:4004:80a::2002 (Australia)

ASN15169 (GOOGLE, US)

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

33 2404:6800:4004:826::2001 (Australia)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2404:6800:400a:80e::2004 (Osaka, Japan) 3 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 142.251.42.130 (Queens, United States)

ASN15169 (GOOGLE, US)
PTR: nrt12s45-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2404:6800:4004:827::200a (Australia)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2404:6800:4004:818::2001 (Australia)

ASN15169 (GOOGLE, US)

cdn.ampproject.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2404:6800:4004:826::2003 (Australia)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.142.175.23 (Singapore) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 23.175.142.34.bc.googleusercontent.com

um.simpli.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 142.250.196.98 (United States)

ASN15169 (GOOGLE, US)
PTR: nrt12s35-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.186.193.173 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 173.193.186.35.bc.googleusercontent.com

ipac.ctnsnet.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.213.189.173 (Ashburn, United States) 2 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-213-189-173.compute-1.amazonaws.com

fksnk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 139.162.117.143 (Tokyo, Japan) 1 redirects

ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG)
PTR: li1601-143.members.linode.com

a.c.appier.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 133.186.161.89 (Japan)

ASN45974 (NHN-AS-KR NHNCLOUD, KR)

app.cauly.co.kr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 51.79.152.76 (Singapore) 1 redirects

ASN16276 (OVH, FR)
PTR: ip76.ip-51-79-152.net

onetag-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 220.150.223.50 (Japan) 1 redirects

ASN4686 (BEKKOAME BEKKOAME INTERNET INC., JP)
PTR: 50.223.150.220.in-addr.arpa

sync-dsp.ad-m.asia	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:4400::ac40:986a (United States)

ASN13335 (CLOUDFLARENET, US)

s-img.adskeeper.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.40.192.188 (Tokyo, Japan)

ASN16625 (AKAMAI-AS, US)
PTR: a23-40-192-188.deploy.static.akamaitechnologies.com

ads.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:116:800e:21:46d:7e81:55ff:4c12 (United States)

ASN16509 (AMAZON-02, US)

cms.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.130.49 (United States) 1 redirects

ASN54113 (FASTLY, US)

sync-tm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 202.232.238.37 (Tokyo, Japan) 1 redirects

ASN2497 (IIJ Internet Initiative Japan Inc., JP)

sync.fout.jp	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 202.233.84.1 (Japan)

ASN131957 (MICROAD MicroAd, Inc., JP)

aid.send.microad.jp	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
55	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 122 a9429f471968253f5bd8b98d2fe4e3ec.safeframe.googlesyndication.com tpc.googlesyndication.com — Cisco Umbrella Rank: 169	692 KB
33	doubleclick.net 4 redirects securepubads.g.doubleclick.net — Cisco Umbrella Rank: 235 googleads.g.doubleclick.net — Cisco Umbrella Rank: 66 stats.g.doubleclick.net — Cisco Umbrella Rank: 175 cm.g.doubleclick.net — Cisco Umbrella Rank: 329	412 KB
22	google.com 3 redirects apis.google.com — Cisco Umbrella Rank: 242 fundingchoicesmessages.google.com — Cisco Umbrella Rank: 1673 www.google.com — Cisco Umbrella Rank: 11	191 KB
14	xosodaiphat.com 1 redirects xosodaiphat.com — Cisco Umbrella Rank: 27378 cdn.xosodaiphat.com — Cisco Umbrella Rank: 61624	237 KB
13	gstatic.com www.gstatic.com fonts.gstatic.com	176 KB
9	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 1368 www.googleadservices.com — Cisco Umbrella Rank: 178	602 B
8	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 113	5 KB
8	adskeeper.com jsc.adskeeper.com — Cisco Umbrella Rank: 23467 c.adskeeper.com — Cisco Umbrella Rank: 15562 servicer.adskeeper.com — Cisco Umbrella Rank: 21281 s-img.adskeeper.com — Cisco Umbrella Rank: 16830 cm.adskeeper.com — Cisco Umbrella Rank: 24128	114 KB
8	flygame.io api-sg.flygame.io — Cisco Umbrella Rank: 79841 api.flygame.io — Cisco Umbrella Rank: 62063 nstat-sg.flygame.io — Cisco Umbrella Rank: 45927 api2-sg.flygame.io — Cisco Umbrella Rank: 44677	71 KB
6	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 254	323 KB
5	ampproject.org cdn.ampproject.org — Cisco Umbrella Rank: 331	110 KB
5	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 96	21 KB
2	ad-m.asia 1 redirects sync-dsp.ad-m.asia — Cisco Umbrella Rank: 12125	814 B
2	cauly.co.kr app.cauly.co.kr — Cisco Umbrella Rank: 61312	322 B
2	fksnk.com 2 redirects fksnk.com — Cisco Umbrella Rank: 8734	1 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 111	163 KB
2	adskeeper.co.uk jsc.adskeeper.co.uk — Cisco Umbrella Rank: 43727	102 KB
1	microad.jp aid.send.microad.jp — Cisco Umbrella Rank: 11034	641 B
1	fout.jp 1 redirects sync.fout.jp — Cisco Umbrella Rank: 41521	664 B
1	everesttech.net 1 redirects sync-tm.everesttech.net — Cisco Umbrella Rank: 1237	545 B
1	quantserve.com cms.quantserve.com — Cisco Umbrella Rank: 1260	463 B
1	pubmatic.com ads.pubmatic.com — Cisco Umbrella Rank: 837	63 KB
1	onetag-sys.com 1 redirects onetag-sys.com — Cisco Umbrella Rank: 1153	340 B
1	appier.net 1 redirects a.c.appier.net — Cisco Umbrella Rank: 10594	600 B
1	ctnsnet.com 1 redirects ipac.ctnsnet.com — Cisco Umbrella Rank: 7500	614 B
1	simpli.fi 1 redirects um.simpli.fi — Cisco Umbrella Rank: 1332	719 B
1	dmca.com images.dmca.com — Cisco Umbrella Rank: 12920	773 B
1	github.io msdigita.github.io — Cisco Umbrella Rank: 53565	436 B
196	28

	Domain	Requested by
33	tpc.googlesyndication.com	googleads.g.doubleclick.net xosodaiphat.com cdn.ampproject.org securepubads.g.doubleclick.net tpc.googlesyndication.com
21	pagead2.googlesyndication.com	xosodaiphat.com pagead2.googlesyndication.com googleads.g.doubleclick.net www.googletagservices.com securepubads.g.doubleclick.net tpc.googlesyndication.com
18	googleads.g.doubleclick.net	4 redirects pagead2.googlesyndication.com googleads.g.doubleclick.net
15	fundingchoicesmessages.google.com	securepubads.g.doubleclick.net pagead2.googlesyndication.com xosodaiphat.com
10	cm.g.doubleclick.net	xosodaiphat.com googleads.g.doubleclick.net
10	cdn.xosodaiphat.com	xosodaiphat.com
8	fonts.googleapis.com	googleads.g.doubleclick.net securepubads.g.doubleclick.net
8	www.googleadservices.com	googleads.g.doubleclick.net xosodaiphat.com
8	www.gstatic.com	xosodaiphat.com googleads.g.doubleclick.net
6	www.googletagservices.com	xosodaiphat.com googleads.g.doubleclick.net
5	fonts.gstatic.com	fonts.googleapis.com
5	cdn.ampproject.org	securepubads.g.doubleclick.net
5	www.google.com	3 redirects googleads.g.doubleclick.net tpc.googlesyndication.com
5	nstat-sg.flygame.io	api-sg.flygame.io api.flygame.io
5	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
4	securepubads.g.doubleclick.net	xosodaiphat.com www.googletagservices.com securepubads.g.doubleclick.net
4	xosodaiphat.com	1 redirects xosodaiphat.com
2	cm.adskeeper.com	jsc.adskeeper.com
2	s-img.adskeeper.com	xosodaiphat.com
2	sync-dsp.ad-m.asia	1 redirects googleads.g.doubleclick.net
2	app.cauly.co.kr	googleads.g.doubleclick.net
2	fksnk.com	2 redirects
2	apis.google.com	xosodaiphat.com apis.google.com
2	www.googletagmanager.com	xosodaiphat.com www.googletagmanager.com
2	jsc.adskeeper.co.uk	xosodaiphat.com jsc.adskeeper.co.uk
2	jsc.adskeeper.com	xosodaiphat.com jsc.adskeeper.com
1	aid.send.microad.jp	googleads.g.doubleclick.net
1	sync.fout.jp	1 redirects
1	sync-tm.everesttech.net	1 redirects
1	cms.quantserve.com	googleads.g.doubleclick.net
1	ads.pubmatic.com	jsc.adskeeper.com
1	onetag-sys.com	1 redirects
1	a.c.appier.net	1 redirects
1	ipac.ctnsnet.com	1 redirects
1	um.simpli.fi	1 redirects
1	servicer.adskeeper.com	jsc.adskeeper.com
1	c.adskeeper.com	xosodaiphat.com
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	a9429f471968253f5bd8b98d2fe4e3ec.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	stats.g.doubleclick.net	www.google-analytics.com
1	api2-sg.flygame.io	api-sg.flygame.io
1	images.dmca.com	xosodaiphat.com
1	api.flygame.io	xosodaiphat.com
1	api-sg.flygame.io	xosodaiphat.com
1	msdigita.github.io	xosodaiphat.com
196	45

This site contains links to these domains. Also see Links.

Domain
muvi.vn
www.dmca.com

Subject Issuer	Validity	Valid
xosodaiphat.com E1	`2023-09-30` - `2023-12-29`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-09-04` - `2023-11-27`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-05-26` - `2024-05-24`	a year	crt.sh
*.github.io DigiCert TLS RSA SHA256 2020 CA1	`2023-02-21` - `2024-03-20`	a year	crt.sh
flygame.io GTS CA 1P5	`2023-10-02` - `2023-12-31`	3 months	crt.sh
images.dmca.com R3	`2023-09-12` - `2023-12-11`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-09-04` - `2023-11-27`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-09-04` - `2023-11-27`	3 months	crt.sh
*.apis.google.com GTS CA 1C3	`2023-09-04` - `2023-11-27`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-09-04` - `2023-11-27`	3 months	crt.sh
*.flygame.io R3	`2023-09-12` - `2023-12-11`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2023-09-04` - `2023-11-27`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-09-04` - `2023-11-27`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-09-04` - `2023-11-27`	3 months	crt.sh
www.googleadservices.com GTS CA 1C3	`2023-09-04` - `2023-11-27`	3 months	crt.sh
misc-sni.google.com GTS CA 1C3	`2023-09-04` - `2023-11-27`	3 months	crt.sh
*.cauly.co.kr Sectigo RSA Organization Validation Secure Server CA	`2023-02-17` - `2024-03-06`	a year	crt.sh
*.pubmatic.com DigiCert TLS RSA SHA256 2020 CA1	`2023-01-25` - `2024-01-24`	a year	crt.sh
quantserve.com R3	`2023-08-29` - `2023-11-27`	3 months	crt.sh
*.send.microad.jp GlobalSign RSA OV SSL CA 2018	`2022-10-05` - `2023-11-06`	a year	crt.sh

This page contains 25 frames:

Primary Page: https://xosodaiphat.com/xsmb-xo-so-mien-bac.html
Frame ID: 94F51490FE280997EA42A41047D59E40
Requests: 81 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231003/r20190131/zrt_lookup.html
Frame ID: C0CF0EC489CE5685506595E2D680038F
Requests: 1 HTTP requests in this frame

Frame: https://a9429f471968253f5bd8b98d2fe4e3ec.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: EEC2F7BC9080C33DB075E8D31266A5B7
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-2201058077065954&output=html&adk=1812271804&adf=3025194257&lmt=1696432254&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=212x945_l%7C212x945_r&format=0x0&url=https%3A%2F%2Fxosodaiphat.com%2Fxsmb-xo-so-mien-bac.html&ea=0&pra=5&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696464656969&bpp=2&bdt=157&idt=292&shv=r20231003&mjsv=m202309291101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=4714102405594&frm=20&pv=2&ga_vid=956390922.1696464657&ga_sid=1696464657&ga_hid=386890422&ga_fc=1&u_tz=540&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C42532403%2C44798934%2C31078301&oid=2&pvsid=3411337703873086&tmod=863633795&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=324
Frame ID: 15BDD7CAF652B951D7D17B5FB6C61252
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-2201058077065954&output=html&h=90&slotname=8940750168&adk=852557258&adf=4171771922&pi=t.ma~as.8940750168&w=728&lmt=1696432254&format=728x90&url=https%3A%2F%2Fxosodaiphat.com%2Fxsmb-xo-so-mien-bac.html&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696464656971&bpp=1&bdt=159&idt=327&shv=r20231003&mjsv=m202309291101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=4714102405594&frm=20&pv=1&ga_vid=956390922.1696464657&ga_sid=1696464657&ga_hid=386890422&ga_fc=1&u_tz=540&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=642&ady=10&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C42532403%2C44798934%2C31078301&oid=2&pvsid=3411337703873086&tmod=863633795&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=qVZLEZEM00&p=https%3A//xosodaiphat.com&dtd=331
Frame ID: 93E78647297312EADE28D4385A025664
Requests: 15 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-2201058077065954&output=html&h=600&slotname=5836698698&adk=1140614959&adf=3230151208&pi=t.ma~as.5836698698&w=300&lmt=1696432254&format=300x600&url=https%3A%2F%2Fxosodaiphat.com%2Fxsmb-xo-so-mien-bac.html&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696464657067&bpp=18&bdt=255&idt=239&shv=r20231003&mjsv=m202309291101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90&nras=1&correlator=4714102405594&frm=20&pv=1&ga_vid=956390922.1696464657&ga_sid=1696464657&ga_hid=386890422&ga_fc=1&u_tz=540&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1070&ady=242&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C42532403%2C44798934%2C31078301&oid=2&pvsid=3411337703873086&tmod=863633795&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&fsb=1&xpc=4y9pJ2VeIY&p=https%3A//xosodaiphat.com&dtd=242
Frame ID: 0DB8C1EC08D7B239FA45136E05119765
Requests: 10 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-2201058077065954&output=html&h=600&slotname=5836698698&adk=1479423516&adf=568754805&pi=t.ma~as.5836698698&w=300&lmt=1696432254&format=300x600&url=https%3A%2F%2Fxosodaiphat.com%2Fxsmb-xo-so-mien-bac.html&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696464657122&bpp=5&bdt=310&idt=191&shv=r20231003&mjsv=m202309291101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90%2C300x600&nras=1&correlator=4714102405594&frm=20&pv=1&ga_vid=956390922.1696464657&ga_sid=1696464657&ga_hid=386890422&ga_fc=1&u_tz=540&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1070&ady=2027&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C42532403%2C44798934%2C31078301&oid=2&pvsid=3411337703873086&tmod=863633795&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=pN5WF0Mr1d&p=https%3A//xosodaiphat.com&dtd=194
Frame ID: 5C4ACAB0E7C2B594C8F57262C97138CD
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: D79D42DEA7EC3D55A17FDE820AA4480F
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-2201058077065954&output=html&h=600&adk=3586858701&adf=1752004327&pi=t.aa~a.937086356~rp.3&w=253&fwrn=4&fwrnh=100&lmt=1696432254&rafmt=1&to=qs&pwprc=1907037601&format=253x600&url=https%3A%2F%2Fxosodaiphat.com%2Fxsmb-xo-so-mien-bac.html&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696464657731&bpp=1&bdt=919&idt=-M&shv=r20231003&mjsv=m202309291101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D6d4fa6c9c8a2e322%3AT%3D1696464657%3ART%3D1696464657%3AS%3DALNI_MZJT1uXzQ56DmJQxZ-1Mdjnr1BYzA&gpic=UID%3D00000c582546628f%3AT%3D1696464657%3ART%3D1696464657%3AS%3DALNI_MY9a-WJmFJPpgy1ShDRMFB1XHDBHg&prev_fmts=0x0%2C728x90%2C300x600%2C300x600&nras=2&correlator=4714102405594&frm=20&pv=1&ga_vid=956390922.1696464657&ga_sid=1696464657&ga_hid=386890422&ga_fc=1&u_tz=540&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=801&ady=1383&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C42532403%2C44798934%2C31078301&oid=2&pvsid=3411337703873086&tmod=863633795&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=2&fsb=1&xpc=tnnyZlO1Bi&p=https%3A//xosodaiphat.com&dtd=16
Frame ID: 022866D4C6019A9F323CF4B41A56893D
Requests: 11 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-2201058077065954&output=html&h=280&adk=2944179606&adf=4155368047&pi=t.aa~a.1392966683~rp.4&w=553&fwrn=4&fwrnh=100&lmt=1696432254&rafmt=1&to=qs&pwprc=1907037601&format=553x280&url=https%3A%2F%2Fxosodaiphat.com%2Fxsmb-xo-so-mien-bac.html&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696464657731&bpp=1&bdt=919&idt=1&shv=r20231003&mjsv=m202309291101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D6d4fa6c9c8a2e322%3AT%3D1696464657%3ART%3D1696464657%3AS%3DALNI_MZJT1uXzQ56DmJQxZ-1Mdjnr1BYzA&gpic=UID%3D00000c582546628f%3AT%3D1696464657%3ART%3D1696464657%3AS%3DALNI_MY9a-WJmFJPpgy1ShDRMFB1XHDBHg&prev_fmts=0x0%2C728x90%2C300x600%2C300x600%2C253x600&nras=3&correlator=4714102405594&frm=20&pv=1&ga_vid=956390922.1696464657&ga_sid=1696464657&ga_hid=386890422&ga_fc=1&u_tz=540&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=231&ady=2580&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C42532403%2C44798934%2C31078301&oid=2&pvsid=3411337703873086&tmod=863633795&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=7&uci=a!7&btvi=3&fsb=1&xpc=7lovSrQDlp&p=https%3A//xosodaiphat.com&dtd=19
Frame ID: F8A5922CC1ABBFDAF538056552BC2A33
Requests: 13 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231003/r20110914/zrt_lookup.html?fsb=1
Frame ID: 444704D0CA81DD80762FDF4DBDB66996
Requests: 6 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012309181453000/amp4ads-v0.mjs
Frame ID: A04CF73B97373A5C23293C990D51DEAC
Requests: 18 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/FvrbBlV_jFWbJeQ31HKG04hrbzYZAPR58b-SgZjo0Pc.js
Frame ID: 7557E7D280EF169A2C887E28ED593300
Requests: 1 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Noto%20Sans%20JP%3A400%2C500&text=%E8%82%9D%E3%81%88%E3%83%8D%E3%81%84%E3%83%92%E7%94%9F%E3%81%A8%E7%89%A9%E9%9F%BF%E3%81%9F%E3%83%BC%E8%89%AF%E3%82%92%E3%81%8C%E3%81%BE%E8%80%85%E3%81%93%E8%87%93%E3%82%A8%E6%98%8E%E3%81%99%E3%81%AB%E3%82%8B%E5%BD%B1%E3%81%97%E8%A8%BC%E3%83%AB%E3%81%AF%E3%82%AE%E5%AD%A6%E3%82%B3%E4%B8%8E
Frame ID: 9E873AE6F283C0B23B44BFBAF1A26BE3
Requests: 8 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 832B8E620DDACB9971A834102511DB16
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 2A7EFE3D678402A8024DFAC5B5CBBB28
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/FvrbBlV_jFWbJeQ31HKG04hrbzYZAPR58b-SgZjo0Pc.js
Frame ID: 863E0CEF2E2ABB7A6A76B40980B2778C
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/FvrbBlV_jFWbJeQ31HKG04hrbzYZAPR58b-SgZjo0Pc.js
Frame ID: D9377FEE6BCA475BAF577B3D31453FB9
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 181E96AB62512FC07F0582EA7ACF1C63
Requests: 9 HTTP requests in this frame

Frame: https://cm.adskeeper.com/i-noref.js?cbuster=1696464658610733252436
Frame ID: 4A6ABA510BE6763D380FA068D17BB991
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: D343BEBE0845C9185214A33DEC8779BF
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/FvrbBlV_jFWbJeQ31HKG04hrbzYZAPR58b-SgZjo0Pc.js
Frame ID: 3E8E72EA4636208750873C0E792DC563
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/FvrbBlV_jFWbJeQ31HKG04hrbzYZAPR58b-SgZjo0Pc.js
Frame ID: DD483EC424347EAE1784E03714D949D8
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: D1620905BC6ABCEEC7B329E3228EA721
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 439BF1FD7467DD75D2D2E1160F64D2A4
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

XSMB - SXMB - Kết Quả Xổ Số Miền Bắc Hôm Nay - KQXSMB

Page URL History Show full URLs

http://xosodaiphat.com/xsmb-xo-so-mien-bac.html HTTP 301
https://xosodaiphat.com/xsmb-xo-so-mien-bac.html Page URL

Detected technologies

Firebase (Databases) Expand

Overall confidence: 100%
Detected patterns

/firebasejs/([\d.]+)/firebase

DoubleClick for Publishers (DFP) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googletagservices\.com/tag/js/gpt(?:_mobile)?\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Plus (Widgets) Expand

Overall confidence: 100%
Detected patterns

apis\.google\.com/js/[a-z]*\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

PubMatic (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.pubmatic\.com

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

196
Requests

90 %
HTTPS

59 %
IPv6

28
Domains

45
Subdomains

35
IPs

6
Countries

2684 kB
Transfer

7607 kB
Size

28
Cookies

2 Outgoing links

These are links going to different origins than the main page.

URL: https://muvi.vn/playlist/lien-khuc-nhac-bolero-ve-mien-tay-hay-nhat.5m1Y0VPxGBL8.html?utm_source=xosodaiphat.com&utm_medium=referral&utm_campaign=tinbai-xsmb-mien
Title: Bolero về miền Tây🍂 🌺"Về phương Nam lắng nghe cung đàn" MUVI.VN

Search URL Search Domain Scan URL

URL: https://www.dmca.com/Protection/Status.aspx?ID=2fe00d0c-59bc-4930-bde8-11153f7264ff&refurl=https://xosodaiphat.com/xsmb-xo-so-mien-bac.html

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://xosodaiphat.com/xsmb-xo-so-mien-bac.html HTTP 301
https://xosodaiphat.com/xsmb-xo-so-mien-bac.html Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 68

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 72

https://googleads.g.doubleclick.net/pagead/adview?ai=CKyugEf8dZZKAFdmDid4P0tiPsA2k3dPmcPyNrYC1ELCQHxABILj-zn1gifPFhPQToAHgtrz6AsgBAqkCaeE5pYfSPD6oAwHIA8mEgIAEqgSNAk_QfIjTcKgGvZwDG-t98XO1HtLYQ0L3wSqcSszKijH0_ufLarYABmFdl4wvhL22IYot5319VZCQXNRIXDNR0xWUzsqZtUAHit8z9i02HZFo-foguz7wTt11nY46AqBL_CWG2i67Zs6NSSJ01yFW5za4cOSjnrfzyXzUdhLJp8EkEquZda98SC9pfakBSoBBm04w4gmyGWi_2W1Fo2sTsdqO5WUAXqkBFRF_lIIfEFJkzd79glFWcFtRMG_Zx6gRiyv1d219EkT-30gq_ZdpAr0dSfkrkhiWkdZmSnrB52JO0wlJJTMVQCxZ1okdWH-TFX-FWy9kKd0pRHrsiT5X5-GURe0ZUgU_pL4beKChwASpnpWElQSIBeGviNBCkgUECAQYAZIFBAgFGASgBgKAB4jJw4UBqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwHyBwQQs9AF0ggUCIBhEAEYHzICigI6AoBASL39wTqaCSFodHRwczovL3d3dy51bm91LWppa2Vubi5jby5qcC9scC-ACgHICwHaDBAKChCAk-Tqypi_7UASAgED2BMN0BUBgBcBshccChoIABIUcHViLTIyMDEwNTgwNzcwNjU5NTQYAA&sigh=EVCIDsrTkzA&uach_m=[UACH]&ase=2&nis=4&cid=CAQSSwDICaaN7U2K1iuk1vIA-s8fjALG1oKPb7j8gJZE220uGT-8K82XyBQXQv2EX5xmx04zVvRwzCDafOdZTE_SMiPqTTNuyR4AiDkMgxgB&cbvp=2&vis=1 HTTP 302
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x83c532fe71534a470000000000000000%22,%222%22:%220x702ba302efff65590000000000000000%22,%223%22:%220x2fdfc7582c9dcb420000000000000000%22,%224%22:%220x55325353dc76853f0000000000000000%22,%225%22:%220xd07edf6eed20b39b0000000000000000%22},%22debug_key%22:%2218242129618817375792%22,%22debug_reporting%22:true,%22destination%22:%22https://unou-jikenn.co.jp%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22793713504%22],%224%22:[%2210-05%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%22298017703579691633%22}&andc=true

Request Chain 115

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 119

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 126

https://googleads.g.doubleclick.net/pagead/adview?ai=Cqt0rEf8dZcy-FLWSid4PnMuL2AyewaWpc_zAxM_FEeOf8ZCCAhABILj-zn1gifPFhPQToAGhwJjxKMgBAakCyMnmBodfgj6oAwHIA8sEqgSPAk_Q5BfHSGUTwYQcH45KYSPaentkPgtqtkRygDDnXLsOpRxG4HKCrzHTPmisiqKzaH9BqoaH_iZA4ridnuZzg-LsvWNY-FxxG7uu3r8cZt3ruSZGEdyjUqZn64I1nmykB1KsYIKIYuU91N5XQBKJ7BAL04puyT79SVb1-lpYToJl0brMapZCkwqZDoVxVhkMEVXlS54RfH5TrRfjuaTx0sJrLoihMBRPQV3ajTJGC0DzvP6TOZ7KjCYrKjc1IFTMq23x1hYl4unxeL0255R1G_XETMr1W_2APszf0gBYlx8L1-EqXk2RNXeMIBXmT4iv-vdXjahqHF7wyMjkmsD8hhSXSEXiGVuxiC21GgO64oHABMqWtv3BBIgFtqmn3EySBQQIBBgBkgUECAUYBIAHtsbb1wSoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAfIHBBCQ3gPSCBQIgGEQARgfMgKKAjoCgEBIvf3BOpoJggJodHRwczovL3d3dy50ZW11LmNvbS9qcC9rdWlwZXIvdW4xLmh0bWw_c3Viaj1mZWVkLXVuJl9iZ19mcz0xJl9wX21hdDFfdHlwZT0xJl9wX2p1bXBfaWQ9NzI1Jl94X3ZzdF9zY2VuZT1hZGcmbG9jYWxlX292ZXJyaWRlPTEwMH5qYX5KUFkmZ29vZHNfaWQ9NjAxMDk5NTExODkzODM0Jl9wX3Jmcz0xJl94X2Fkc19zdWJfY2hhbm5lbD1vdGhlciZfeF9hZHNfY2hhbm5lbD1nb29nbGUmX3hfYmdfYWRpZD1nZDE1NTE4ODUtMyZ0b3BpY19jbGFzc2lmeT0xMTSACgHICwHaDBEKCxCA_9rendaTrMABEgIBA9gTC9AVAYAXAbIXHAoaCAASFHB1Yi0yMjAxMDU4MDc3MDY1OTU0GAA&sigh=IjMLT6_TkLo&uach_m=[UACH]&ase=2&nis=4&cid=CAQSSwDICaaN864ahuN1ZLGG8-7taINfg3lHv06J2_GqJvXfPEYlCJCkI-ShTvd-BrC3OLUhhgcz0mefwhjOLandHVWqDKf_PVviC48lCxgB&cbvp=2&vis=1 HTTP 302
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220xa686eebbebb161300000000000000000%22,%222%22:%220xb2fe92983f9657340000000000000000%22,%223%22:%220x89d062659e519adc0000000000000000%22,%224%22:%220x75c84cf0983d8d250000000000000000%22,%225%22:%220x2dbb436288369c7d0000000000000000%22},%22debug_key%22:%2213644703883333107108%22,%22debug_reporting%22:true,%22destination%22:%22https://temu.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%2210974797857%22],%224%22:[%2210-05%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%224589178308891973521%22}&andc=true

Request Chain 142

https://um.simpli.fi/gp_match?google_gid=CAESECl3j2q6mE4WHrti2kADsHY&google_cver=1&google_push=AXcoOmRBHU8-oBPbK6bt1tVo1yeUArrHOuUI6X6DTBjnAQLo7cupCV4RjTmC70ER674Hkq9qQxOZQf-4hODOJovPTh94zCPqEDRTRU-c HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=7CCA90ABA8554DEABB5871ED3CE2F7BE&google_push=AXcoOmRBHU8-oBPbK6bt1tVo1yeUArrHOuUI6X6DTBjnAQLo7cupCV4RjTmC70ER674Hkq9qQxOZQf-4hODOJovPTh94zCPqEDRTRU-c

Request Chain 143

https://ipac.ctnsnet.com/int/cm?exc=1&acc=crimtan_au&google_gid=CAESEB64jc6b1AdLmI_DjXiq6ig&google_cver=1&google_push=AXcoOmTmaXVbUcjLbeZoqQ1BhkCjtGxZ-Kx_JD6IkIzCrF5V9uuy69MRuXX3c7PDR7-jclpGdlOlz7gwV_Iario3GbioNodQ52TXVbq2 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=crimtan_au&google_push=AXcoOmTmaXVbUcjLbeZoqQ1BhkCjtGxZ-Kx_JD6IkIzCrF5V9uuy69MRuXX3c7PDR7-jclpGdlOlz7gwV_Iario3GbioNodQ52TXVbq2&google_hm=ndDHDDfDQ2ODwmW7DHdNa6g

Request Chain 144

https://fksnk.com/cs/google?google_gid=CAESEK395hdtcnrWXQchCLWejgE&google_cver=1&google_push=AXcoOmRbCO4CHZ5kw80SJTUBXST6Mlody9SWcE03-s2lw7ihQ91D2Rl7b0jfK3fIbQg8ecyyROXh-q5H6mMHHM1SKKAhZTd4xcu8YZzq HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=fiksu&google_hm=RDUyNTRENTY1QkZDNjk1Mw==

Request Chain 145

https://a.c.appier.net/gcm?google_gid=CAESEMYXqZNhAHm1iIVjpykkFsE&google_cver=1&google_push=AXcoOmSa1Iot5QsgTI0X7UzEifINrtv3idtrNdFkxQI2RrFGZXmQBOtERc1RyseLRbhx3wezXAX-8sYNrG2sR83JR68ZoQ8_yW1m9R1A HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appier&google_hm=dEFNUXhmdFZDeU9lS1pEYUV2OGRaUQ%3D%3D&google_push=AXcoOmSa1Iot5QsgTI0X7UzEifINrtv3idtrNdFkxQI2RrFGZXmQBOtERc1RyseLRbhx3wezXAX-8sYNrG2sR83JR68ZoQ8_yW1m9R1A

Request Chain 147

https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEOF04udUUmlFRrDqEOSXaOM&google_cver=1&google_push=AXcoOmREV-dW4dojl9iNsL5KfkMoBbJMQSsIQR2pIsD51Oq6ouC0ic1s_6Sve18KS6rVgDhdtfHyCyVzyXx1nOeB9rj-euOaVrFSgdDa HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmREV-dW4dojl9iNsL5KfkMoBbJMQSsIQR2pIsD51Oq6ouC0ic1s_6Sve18KS6rVgDhdtfHyCyVzyXx1nOeB9rj-euOaVrFSgdDa

Request Chain 148

https://sync-dsp.ad-m.asia/dsp/api/sync/send?s=google&pixel_match=y&google_gid=CAESEKSE-dEJcUmDtcLQ68Fn8Kk&google_cver=1&google_push=AXcoOmTOE40EugbKyW1VXgzlDaVJV-XW26KG0_sNOpBdS1EnCBL1za0772vm4a-l8Z--l-J9fB54YDH2qCb9fkW1iImaB_eURMIh3OtIsQ HTTP 302
https://sync-dsp.ad-m.asia/dsp/api/sync/send?s=google&pixel_match=y&google_gid=CAESEKSE-dEJcUmDtcLQ68Fn8Kk&google_cver=1&google_push=AXcoOmTOE40EugbKyW1VXgzlDaVJV-XW26KG0_sNOpBdS1EnCBL1za0772vm4a-l8Z--l-J9fB54YDH2qCb9fkW1iImaB_eURMIh3OtIsQ&uid-set=1

Request Chain 167

https://googleads.g.doubleclick.net/pagead/adview?ai=CQmz-Ef8dZejzL-iUid4P2Y2_sAySyaTHcvLrw5bxEdGxj6ndPxABILj-zn1gifPFhPQToAHCtL3TA8gBCakCaeE5pYfSPD6oAwHIA8sEqgSSAk_Qkmnh65nmUrHB8StUJ1gQyxzefAfIKtJjRi86CpsmebVHMIcYJJSD1OZHKV1ZoAbuG8WiaPKdroypKJiuMfKkRHkJHesEIIicTp42eK2LK5j-Dr5G6RB5lebzciN_ImjGBAVHSx9gZBUGAnvUv5stMgm5mLYdQq9K79LWAHnsx1Oxi1v55oxBqPPOZuLnkAi0siTAtz7kA8NWzVz1xRpJDft-myC39fO37D29oxtJ2PjpMFkxY9MBgXRUdMFxYdIWrJurERI5xRWZH4NQMWHWXuk9ICDbN4_YyRIk6-nwhWjF_8BFGgP5BHaajuKQtCj33DPt1O-GnCMeji-oDgTIdkJ9Pn53Q51dUOCo-V6AknjABMmlrJbGBIgFg6yFpUySBQQIBBgBkgUECAUYBJIFBAgFGBiSBQUIBRioAaAGLoAHpsvCLKgH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcA8gcEEIrKBdIIFAiAYRABGB8yAooCOgKAQEi9_cE6mgktaHR0cDovL3N1aXNvLXdhdGVyc2VydmVyLmNvbS9odG1sL3BhZ2UxNS5odG1sgAoByAsB2gwRCgsQkI6t1NShgZyNARICAQO4E-QD2BMC0BUBgBcBshccChoIABIUcHViLTIyMDEwNTgwNzcwNjU5NTQYAA&sigh=bOTXQMEQV1o&uach_m=[UACH]&ase=2&nis=4&cid=CAQSOwDICaaNdI-xjTx6USRCBC36Fcagv-OpqIVNUzbKKXY8GNnkAR_jFX3L_CDBDKqWHDPzK1tYP7pLjYEhGAE&template_id=484&cbvp=2&vis=1 HTTP 302
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x5143de656caa4da70000000000000000%22,%222%22:%220xad28b848fce9b23c0000000000000000%22,%223%22:%220x31789d035090ef5a0000000000000000%22,%224%22:%220x902337c4497283c80000000000000000%22,%225%22:%220xb70b17d11dd09b8f0000000000000000%22},%22debug_key%22:%2216847954066792731201%22,%22debug_reporting%22:true,%22destination%22:%22https://suiso-waterserver.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22980376130%22],%224%22:[%2210-05%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%222258375856180111969%22}&andc=true

Request Chain 170

https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESECqbCxDuZppfsGBiTS9XVyI&google_cver=1&google_push=AXcoOmTJTw9ye-dTNPsytKHeLWWktqSK3FeaHjBpJMfGCf28bcT0lZuyGQ2F5Q79hU39jetxWUvQ7Al_X9W5BPtKlYWneqEImivgJpo HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESECqbCxDuZppfsGBiTS9XVyI&google_push=AXcoOmTJTw9ye-dTNPsytKHeLWWktqSK3FeaHjBpJMfGCf28bcT0lZuyGQ2F5Q79hU39jetxWUvQ7Al_X9W5BPtKlYWneqEImivgJpo

Request Chain 171

https://sync.fout.jp/sync?xid=googleadex&g_pixel=&sp=1&google_gid=CAESEHWkqPBPvC9Ct6g-Gh6ujYA&google_cver=1&google_push=AXcoOmS0-3cxqYjqxS4r9Fg8s36S5-zKNI8w83t4EZ_v0hmr0KIW3r4-2sRSYFeVYBXnngEy5OzTo9-alnSnoeT1avRqzI_b4_Z98Ik HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=freakout&google_push=AXcoOmS0-3cxqYjqxS4r9Fg8s36S5-zKNI8w83t4EZ_v0hmr0KIW3r4-2sRSYFeVYBXnngEy5OzTo9-alnSnoeT1avRqzI_b4_Z98Ik&google_hm=SE9IM0xsVndGbjFDM2Y4RkJtYm1tdUtVVERj&from_google=sp1

Request Chain 172

https://fksnk.com/cs/google?google_gid=CAESEM8766PwDOmKcMJibUPYG2E&google_cver=1&google_push=AXcoOmQK5RIkCwqd4FG7CTHhCeadV62O4-nfurYH1YzpxnHzbtpmknHU1C80i6S-cLIG-mxiddfwicUDkrs5va0k5fCb_I63LxDYkfA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=fiksu&google_hm=QjEyQzE1QTgxNkYyNUEyRA==

Request Chain 175

https://sync-dsp.ad-m.asia/dsp/api/sync/send?s=google&pixel_match=y&google_gid=CAESEPG44qZyU1GWa2Z0uBI-Q5o&google_cver=1&google_push=AXcoOmRxwMV2QvwTLeO2Gt21_XNB--aS2PTkGeDxjz4IlcM73QgfxcxGZJBgKJXR6RleHrxSC0zG3Li5ouSqlDMlGEy-aKtucKu1GVEj HTTP 302
https://sync-dsp.ad-m.asia/dsp/api/sync/send?s=google&pixel_match=y&google_gid=CAESEPG44qZyU1GWa2Z0uBI-Q5o&google_cver=1&google_push=AXcoOmRxwMV2QvwTLeO2Gt21_XNB--aS2PTkGeDxjz4IlcM73QgfxcxGZJBgKJXR6RleHrxSC0zG3Li5ouSqlDMlGEy-aKtucKu1GVEj&uid-set=1

Request Chain 179

https://googleads.g.doubleclick.net/pagead/adview?ai=CoRShEf8dZfDbL4T18AXj0JKIBJLJpMdyku3DlvER0bGPqd0_EAEguP7OfWCJ88WE9BOgAcK0vdMDyAEBqQJp4Tmlh9I8PqgDAcgDy4SAgASqBJICT9AJNKy4fkXSUhEIIk5uxGUqdqnxk9ZJf2sXTwK6JaaBl9XgEynvErps-LJjQ3T5Xllt9rx0PbQp6KTUOoqhQQ5QEPM_-5eiF_3fRJrKl-nAJTRk7lnP3qYm8qgCYbMS9qDku86J985yeX93MlWpKi1JOLCJvlUMiNnD1c-qXcmWCEBtHm52feLUo2lvCzjjOx0mSSGOSycJV5k0uesEbRUgZB54-jg1KNns87rJWTQATXjLTA8ntcLDZPHgdJ__Fmzc_rPtfcXzCBiiGHJ1YG4J2Yvci1Ub-itF-oi4fxoq1k-CDlqQOc1SV_PGj_sHf4ogmcXzB1IqpxT6IBvdCHcmDeql8LLcxNRbHkJckHAb5sAEyaWslsYEiAWDrIWlTJIFBAgEGAGSBQQIBRgEkgUECAUYGJIFBQgFGKgBoAYCgAemy8IsqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwHyBwQQkN4D0ggUCIBhEAEYHzICigI6AoBASL39wTqaCS1odHRwOi8vc3Vpc28td2F0ZXJzZXJ2ZXIuY29tL2h0bWwvcGFnZTE1Lmh0bWyACgHICwHaDBAKChCAxpDcuvH5jhsSAgED2BMC0BUBgBcBshccChoIABIUcHViLTIyMDEwNTgwNzcwNjU5NTQYAA&sigh=vm-L9AGnOdg&uach_m=[UACH]&ase=2&nis=4&cid=CAQSOwDICaaN_UCk4-Rp4yu7CmPgvkRoGhkw1qB7JOqhRD90uofunp-6rP9gFL4vwkwfw-SlbQDn4xY9npnmGAE&cbvp=2&vis=1 HTTP 302
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x5143de656caa4da70000000000000000%22,%222%22:%220xad28b848fce9b23c0000000000000000%22,%223%22:%220x31789d035090ef5a0000000000000000%22,%224%22:%220x902337c4497283c80000000000000000%22,%225%22:%220xb70b17d11dd09b8f0000000000000000%22},%22debug_key%22:%221789310681588747107%22,%22debug_reporting%22:true,%22destination%22:%22https://suiso-waterserver.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22980376130%22],%224%22:[%2210-05%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2214869434678747145953%22}&andc=true

196 HTTP transactions
9 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request xsmb-xo-so-mien-bac.html Show response
xosodaiphat.com/
Redirect Chain

http://xosodaiphat.com/xsmb-xo-so-mien-bac.html
https://xosodaiphat.com/xsmb-xo-so-mien-bac.html

133 KB
37 KB

323ms
302ms

Document
text/html

2606:4700::6812:144c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://xosodaiphat.com/xsmb-xo-so-mien-bac.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:144c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: e47c3dc9aa46738f6cafad9265b67ba627a303c0a487cf1f4efe13dd42e8c1fc

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
cache-control: public, max-age=60
cf-cache-status: EXPIRED
cf-ray: 811171c72bd8e374-NRT
content-encoding: gzip
content-length: 37516
content-type: text/html; charset=utf-8
date: Thu, 05 Oct 2023 00:10:56 GMT
expires: Thu, 05 Oct 2023 00:11:56 GMT
last-modified: Thu, 05 Oct 2023 00:10:54 GMT
server: cloudflare
vary: *, Accept-Encoding
x-aspnet-version: 4.0.30319
x-aspnetmvc-version: 4.0
x-html-minification-powered-by: WebMarkupMin
x-powered-by: ASP.NET

Redirect headers

CF-Cache-Status: EXPIRED
CF-RAY: 811171c65a80dedb-NRT
Cache-Control: public, max-age=60
Connection: keep-alive
Content-Length: 0
Date: Thu, 05 Oct 2023 00:10:56 GMT
Expires: Thu, 05 Oct 2023 00:11:56 GMT
Server: cloudflare
Vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400
location: https://xosodaiphat.com/xsmb-xo-so-mien-bac.html

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 144 KB
50 KB 134ms
90ms Script
text/javascript 2404:6800:4004:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: xosodaiphat.com
URL: https://xosodaiphat.com/xsmb-xo-so-mien-bac.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:808::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

255a87031825f0c8024449878d1d52a644c8da27453ef922ce9ddbf3a1ae1965

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://xosodaiphat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Thu, 05 Oct 2023 00:10:56 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 50927
x-xss-protection: 0
server: cafe
etag: 15637473924469687336
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Thu, 05 Oct 2023 00:10:56 GMT

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ 99 KB
29 KB 107ms
69ms Script
text/javascript 2404:6800:4004:825::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: xosodaiphat.com
URL: https://xosodaiphat.com/xsmb-xo-so-mien-bac.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:825::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2c81c3d0aa0faf6cf4b941f88f6b5cfc1dd53985320ba416ad0789066ba08ded

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://xosodaiphat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Thu, 05 Oct 2023 00:10:56 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29664
x-xss-protection: 0
server: cafe
etag: 600 / 19635 / m202309280101 / config-hash: 7490124171647261433
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Thu, 05 Oct 2023 00:10:56 GMT

GET
H2 200 logo.svg
cdn.xosodaiphat.com/assets/images/ 15 KB
5 KB 23ms
12ms Image
image/svg+xml 2606:4700::6812:144c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.xosodaiphat.com/assets/images/logo.svg
Requested by: Host: xosodaiphat.com
URL: https://xosodaiphat.com/xsmb-xo-so-mien-bac.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:144c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: dd382a0b771572febe55bbd91bca06284a52d4ac9bc73128f114914a4b3c7e97

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://xosodaiphat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Thu, 05 Oct 2023 00:10:56 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Fri, 21 Apr 2023 03:14:12 GMT
server: cloudflare
age: 683033
etag: W/"f9bfcb58ff73d91:0"
x-powered-by: ASP.NET
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=2678400
cf-ray: 811171c948dc80f9-NRT
alt-svc: h3=":443"; ma=86400
expires: Sun, 05 Nov 2023 00:10:56 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 146 KB
50 KB 101ms
61ms Script
text/javascript 2404:6800:4004:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-2201058077065954

Requested by

Host: xosodaiphat.com
URL: https://xosodaiphat.com/xsmb-xo-so-mien-bac.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:808::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e407508c7871acd09717c96284619d0c597fa09a5107546aa48387688421eb55

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://xosodaiphat.com/
Origin: https://xosodaiphat.com
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Thu, 05 Oct 2023 00:10:56 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 50923
x-xss-protection: 0
server: cafe
etag: 192514763463931932
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Thu, 05 Oct 2023 00:10:56 GMT

GET
H2 200 xsdp-pc-flyicon-ad.js Show response
msdigita.github.io/l/ 1 B
436 B 208ms
68ms Script
application/javascript 2606:50c0:8002::153
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://msdigita.github.io/l/xsdp-pc-flyicon-ad.js

Requested by

Host: xosodaiphat.com
URL: https://xosodaiphat.com/xsmb-xo-so-mien-bac.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:50c0:8002::153 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

GitHub.com /

Resource Hash

01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556952

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://xosodaiphat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

x-fastly-request-id: 994704931d376d1929ef8270b96ac2cf5d7fc891
strict-transport-security: max-age=31556952
date: Thu, 05 Oct 2023 00:10:57 GMT
via: 1.1 varnish
x-cache-hits: 4
age: 179
x-cache: HIT
x-proxy-cache: MISS
content-length: 1
x-served-by: cache-qpg1245-QPG
last-modified: Fri, 01 Sep 2023 07:22:52 GMT
server: GitHub.com
x-github-request-id: 9248:29EBE7:2061ED:25026D:651A69CF
x-timer: S1696464657.006008,VS0,VE0
etag: "64f1914c-1"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=600
permissions-policy: interest-cohort=()
accept-ranges: bytes
x-origin-cache: HIT
expires: Mon, 02 Oct 2023 07:07:21 GMT

GET
H2 200 home.svg
cdn.xosodaiphat.com/assets/images/ 958 B
577 B 12ms
11ms Image
image/svg+xml 2606:4700::6812:144c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.xosodaiphat.com/assets/images/home.svg
Requested by: Host: xosodaiphat.com
URL: https://xosodaiphat.com/xsmb-xo-so-mien-bac.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:144c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: f1cfe4f7d3b09de9e3537f0a2303e3e1f23825a794f744340ababa5807de75e1

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://xosodaiphat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Thu, 05 Oct 2023 00:10:56 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Mon, 22 Nov 2021 04:03:56 GMT
server: cloudflare
age: 683033
etag: W/"34586ff855dfd71:0"
x-powered-by: ASP.NET
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=2678400
cf-ray: 811171c948de80f9-NRT
alt-svc: h3=":443"; ma=86400
expires: Sun, 05 Nov 2023 00:10:56 GMT

GET
H2 200 hot.gif
xosodaiphat.com/assets/images/ 181 B
355 B 12ms
10ms Image
image/gif 2606:4700::6812:144c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://xosodaiphat.com/assets/images/hot.gif
Requested by: Host: xosodaiphat.com
URL: https://xosodaiphat.com/xsmb-xo-so-mien-bac.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:144c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: ede1a14f2800eeb40e5370aef684dce98eff7eee4e6c75fb9b3c4c773351a8b2

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://xosodaiphat.com/xsmb-xo-so-mien-bac.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Thu, 05 Oct 2023 00:10:56 GMT
cf-cache-status: HIT
last-modified: Fri, 26 May 2023 07:18:20 GMT
server: cloudflare
age: 663088
etag: "d771d93fa28fd91:0"
x-powered-by: ASP.NET
vary: Accept-Encoding
content-type: image/gif
cache-control: public, max-age=2678400
accept-ranges: bytes
cf-ray: 811171c93e3ce374-NRT
alt-svc: h3=":443"; ma=86400
content-length: 181
expires: Sun, 05 Nov 2023 00:10:56 GMT

GET
H2 200 menu.svg
cdn.xosodaiphat.com/assets/images/ 1 KB
654 B 12ms
12ms Image
image/svg+xml 2606:4700::6812:144c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.xosodaiphat.com/assets/images/menu.svg
Requested by: Host: xosodaiphat.com
URL: https://xosodaiphat.com/xsmb-xo-so-mien-bac.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:144c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: c86bfeabd06ba640332347ce71c397f83fc766be7ba5cd8204d99b940e0fbcb6

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://xosodaiphat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Thu, 05 Oct 2023 00:10:56 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Mon, 22 Nov 2021 04:03:56 GMT
server: cloudflare
age: 682794
etag: W/"b81b7bf855dfd71:0"
x-powered-by: ASP.NET
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=2678400
cf-ray: 811171c948e080f9-NRT
alt-svc: h3=":443"; ma=86400
expires: Sun, 05 Nov 2023 00:10:56 GMT

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 99 KB
29 KB 121ms
80ms Script
text/javascript 2404:6800:4004:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: xosodaiphat.com
URL: https://xosodaiphat.com/xsmb-xo-so-mien-bac.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:80b::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c86f6f34a5d18beda08cbf553ded42b602f2f26ad8f29936a8c705eae5f1656d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://xosodaiphat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Thu, 05 Oct 2023 00:10:56 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29664
x-xss-protection: 0
server: cafe
etag: 963 / 19635 / m202309280101 / config-hash: 7490124171647261433
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Thu, 05 Oct 2023 00:10:56 GMT

GET
H2 200 xosodaiphat.com.3609.js Show response
api-sg.flygame.io/sdk/widget/ 239 KB
35 KB 27ms
12ms Script
application/javascript 104.26.0.74
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://api-sg.flygame.io/sdk/widget/xosodaiphat.com.3609.js
Requested by: Host: xosodaiphat.com
URL: https://xosodaiphat.com/xsmb-xo-so-mien-bac.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.0.74 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b89e680103994673476424f1b55975f5a015044b97b81fdfed4d3f5ab1f55f8e

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://xosodaiphat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Thu, 05 Oct 2023 00:10:56 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 735
etag: W/"6458a404-3ba8d"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=H3fpvmDauj5gYXUSpam7FzHvwp5cd0o1diSwfIcFv5iIJyjiKNLmOgWXTWO5iTABOV1HciobDJQv%2B3Gt4y2NHLKIUROq0PGlMj4nPZS55eFaqhdO8jC5rH%2FUH%2BBwfxh2C5j2"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=14400
cf-ray: 811171c978f48a6e-NRT

GET
H2 200 xosothienphu.com.1423705.js Show response
jsc.adskeeper.com/x/o/ 4 KB
2 KB 436ms
421ms Script
text/javascript 2606:4700:4400::6812:2396
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://jsc.adskeeper.com/x/o/xosothienphu.com.1423705.js
Requested by: Host: xosodaiphat.com
URL: https://xosodaiphat.com/xsmb-xo-so-mien-bac.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:2396 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 626f8ed8d1ab8448c2296e9f672e372c0b5f42112238e561c0c36d63e6d34b64

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://xosodaiphat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Thu, 05 Oct 2023 00:10:57 GMT
content-encoding: gzip
x-amz-version-id: mO86_cxf71CAT8k6aWdNiXoBPkPAMoOT
cf-cache-status: REVALIDATED
x-amz-request-id: FWD2PQJR5XTJPJBG
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400
content-length: 1459
x-amz-id-2: pHabmuXLlMCLJoOLbR3neRZf3Ek0t4HgA9iqUQtNZZKgaRZpjZyiXqe/VTxR9oQdPKVlgetcOW0=
last-modified: Mon, 02 Oct 2023 10:26:14 GMT
server: cloudflare
etag: "c8d579c08460cf70483bc55cb5649088"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 811171c97f898a72-NRT
expires: Thu, 05 Oct 2023 04:10:57 GMT

GET
H2 200 xosodaiphat.com.1425077.js Show response
jsc.adskeeper.co.uk/x/o/ 4 KB
2 KB 23ms
9ms Script
text/javascript 2606:4700:4400::ac40:98bf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://jsc.adskeeper.co.uk/x/o/xosodaiphat.com.1425077.js
Requested by: Host: xosodaiphat.com
URL: https://xosodaiphat.com/xsmb-xo-so-mien-bac.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:98bf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ece60d71cbe364ebf5237b52d2d4481d50349d6f651e1b4376ebeae32fbc18cb

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://xosodaiphat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Thu, 05 Oct 2023 00:10:56 GMT
content-encoding: gzip
x-amz-version-id: kb21vZjej_lviDRCGrMtdY9dC3Ie2eY7
cf-cache-status: HIT
x-amz-request-id: F22TECG53R4H7K8C
age: 4474
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400
content-length: 1462
x-amz-id-2: mnilsGP2a50Oqk3zwLXEobtsapusSkm4RUHNWOYTOzWdIQYRNwLDRIQkSyRMo/lwQEPDHKLQ/Fr6wNeFEMm1mQ==
last-modified: Thu, 28 Sep 2023 08:47:25 GMT
server: cloudflare
etag: "5df0c4178db7199ae80d1184fb1ed071"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 811171c97f0280cb-NRT
expires: Thu, 05 Oct 2023 04:10:56 GMT

GET
H2 200 xosodaiphat.com.3418.js Show response
api.flygame.io/sdk/widget/ 239 KB
35 KB 31ms
17ms Script
application/javascript 104.26.1.74
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://api.flygame.io/sdk/widget/xosodaiphat.com.3418.js
Requested by: Host: xosodaiphat.com
URL: https://xosodaiphat.com/xsmb-xo-so-mien-bac.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.1.74 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: baa9d796be7e14ec9cc87eb0422e667656cf5d3242d4b92c1f8c0931ae1f1e65

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://xosodaiphat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Thu, 05 Oct 2023 00:10:56 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 576
etag: W/"6458a404-3ba8d"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Nbj3%2Fjcek%2Bv4MlB%2F5fKayJDeI6TUZvH7ip2gnWGbIfG0ngFwwOQ4yBRq8OswZlq0VWnBG6AFQIbpWlmplsFYGTUoi4YF9eb1dkN9NS7WCsm5vTM5hjKA2944OajLOX2o"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=14400
cf-ray: 811171c97ebc0ab0-NRT

GET
H2 200 Loading_icon.gif
cdn.xosodaiphat.com/assets/images/ 664 B
760 B 9ms
9ms Image
image/gif 2606:4700::6812:144c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.xosodaiphat.com/assets/images/Loading_icon.gif
Requested by: Host: xosodaiphat.com
URL: https://xosodaiphat.com/xsmb-xo-so-mien-bac.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:144c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 2a72e4899e019bb6fc9cdcd7c5edf076a9f2f6ccd80ba31e83736fac06272d34

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://xosodaiphat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Thu, 05 Oct 2023 00:10:56 GMT
cf-cache-status: HIT
age: 1349593
x-powered-by: ASP.NET
alt-svc: h3=":443"; ma=86400
content-length: 664
last-modified: Mon, 22 Nov 2021 04:03:56 GMT
server: cloudflare
etag: "82175f855dfd71:0"
vary: Accept-Encoding
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=2678400
accept-ranges: bytes
cf-ray: 811171c958f180f9-NRT
expires: Sun, 05 Nov 2023 00:10:56 GMT

GET
H2 200 DMCABadgeHelper.min.js Show response
images.dmca.com/Badges/ 465 B
773 B 15ms
1ms Script
application/javascript 2400:52e0:1501::1145:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL: https://images.dmca.com/Badges/DMCABadgeHelper.min.js
Requested by: Host: xosodaiphat.com
URL: https://xosodaiphat.com/xsmb-xo-so-mien-bac.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1501::1145:1 , Japan, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software: BunnyCDN-JP1-1145 / ASP.NET
Resource Hash: e8021f1a9dad409f7e699457ac334653bf800464df69900237c4de1c29e275d0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://xosodaiphat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Thu, 05 Oct 2023 00:10:56 GMT
content-encoding: br
cdn-edgestorageid: 1149
x-powered-by: ASP.NET
cdn-cachedat: 09/12/2023 22:47:48
cdn-pullzone: 1574055
last-modified: Fri, 21 Jun 2019 20:14:34 GMT
server: BunnyCDN-JP1-1145
cdn-proxyver: 1.04
cdn-requestpullcode: 200
etag: W/"26b181f16d28d51:0"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
cdn-cache: HIT
cdn-uid: c136c664-112d-4533-8247-f90f6849ab39
cache-control: public, max-age=31536000
cdn-requestid: 6d5ccf9c9db9c778deeb8412492c0ba2
cdn-requestcountrycode: JP
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 jquerylib.js Show response
cdn.xosodaiphat.com/assets/js/ 105 KB
43 KB 21ms
9ms Script
application/javascript 2606:4700::6812:144c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.xosodaiphat.com/assets/js/jquerylib.js?v=20230711
Requested by: Host: xosodaiphat.com
URL: https://xosodaiphat.com/xsmb-xo-so-mien-bac.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:144c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: c01eb076809b16051ebbb8ace592465ef2d059908c608a4e07a7c1b6c624249b

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://xosodaiphat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Thu, 05 Oct 2023 00:10:56 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 682965
x-powered-by: ASP.NET
alt-svc: h3=":443"; ma=86400
content-length: 43717
last-modified: Tue, 11 Jul 2023 05:04:02 GMT
server: cloudflare
etag: "b7dc51bb5b3d91:0"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=2678400
accept-ranges: bytes
cf-ray: 811171c948d780f9-NRT
expires: Sun, 05 Nov 2023 00:10:56 GMT

GET
H2 200 lazyload.min.js Show response
cdn.xosodaiphat.com/assets/js/ 3 KB
2 KB 24ms
13ms Script
application/javascript 2606:4700::6812:144c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.xosodaiphat.com/assets/js/lazyload.min.js?v=20230112
Requested by: Host: xosodaiphat.com
URL: https://xosodaiphat.com/xsmb-xo-so-mien-bac.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:144c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 9ccd0b8dcedf64da15cc9c91034d10ead865813506f63c82b9b02ba7cc4df78a

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://xosodaiphat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Thu, 05 Oct 2023 00:10:56 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 592941
x-powered-by: ASP.NET
alt-svc: h3=":443"; ma=86400
content-length: 1428
last-modified: Wed, 11 Jan 2023 07:27:37 GMT
server: cloudflare
etag: "5f34c2e8e25d91:0"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=691200
accept-ranges: bytes
cf-ray: 811171c948d880f9-NRT
expires: Fri, 13 Oct 2023 00:10:56 GMT

GET
H2 200 firebase-app.js Show response
www.gstatic.com/firebasejs/8.3.0/ 19 KB
7 KB 44ms
3ms Script
text/javascript 2404:6800:4004:824::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/firebasejs/8.3.0/firebase-app.js

Requested by

Host: xosodaiphat.com
URL: https://xosodaiphat.com/xsmb-xo-so-mien-bac.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:824::2003 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b33c75d66b6115b2b04d07e509b8b5def62e5ff9a5feb52c7b4dfedb748fa8ba

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://xosodaiphat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Mon, 02 Oct 2023 15:05:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 205524
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6476
x-xss-protection: 0
last-modified: Thu, 11 Mar 2021 00:35:57 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="firebase-js"
vary: Accept-Encoding
report-to: {"group":"firebase-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/firebase-js"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 01 Oct 2024 15:05:32 GMT

GET
H2 200 firebase-messaging.js Show response
www.gstatic.com/firebasejs/8.3.0/ 40 KB
11 KB 44ms
4ms Script
text/javascript 2404:6800:4004:824::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/firebasejs/8.3.0/firebase-messaging.js

Requested by

Host: xosodaiphat.com
URL: https://xosodaiphat.com/xsmb-xo-so-mien-bac.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:824::2003 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e8001772f5fd68cdf6f4d82118d7d0b67cc65eb418f3994a4105837e5624894a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://xosodaiphat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Thu, 28 Sep 2023 11:27:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 564186
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10873
x-xss-protection: 0
last-modified: Thu, 11 Mar 2021 00:36:01 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="firebase-js"
vary: Accept-Encoding
report-to: {"group":"firebase-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/firebase-js"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 27 Sep 2024 11:27:50 GMT

GET
H2 200 xsdp-result.min.js Show response
cdn.xosodaiphat.com/assets/js/ 16 KB
5 KB 22ms
11ms Script
application/javascript 2606:4700::6812:144c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.xosodaiphat.com/assets/js/xsdp-result.min.js?v=20230526
Requested by: Host: xosodaiphat.com
URL: https://xosodaiphat.com/xsmb-xo-so-mien-bac.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:144c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: ca52dfbb3f2b64b0d96603936970f78ca8a0fac76233aad6b9020ae2acdfa336

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://xosodaiphat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Thu, 05 Oct 2023 00:10:56 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 592973
x-powered-by: ASP.NET
alt-svc: h3=":443"; ma=86400
content-length: 5420
last-modified: Mon, 29 May 2023 01:48:17 GMT
server: cloudflare
etag: "f03df3a3cf91d91:0"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=691200
accept-ranges: bytes
cf-ray: 811171c948d980f9-NRT
expires: Fri, 13 Oct 2023 00:10:56 GMT

GET
H2 200 lotterylivewk.min.js Show response
cdn.xosodaiphat.com/Content/js/ 52 KB
16 KB 23ms
12ms Script
application/javascript 2606:4700::6812:144c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.xosodaiphat.com/Content/js/lotterylivewk.min.js?v=20230504
Requested by: Host: xosodaiphat.com
URL: https://xosodaiphat.com/xsmb-xo-so-mien-bac.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:144c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 9f73c17a1dc717043a8bbf6093683781326b055b78590dfb61b99d2307605522

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://xosodaiphat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Thu, 05 Oct 2023 00:10:56 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 592973
x-powered-by: ASP.NET
alt-svc: h3=":443"; ma=86400
content-length: 16447
last-modified: Mon, 08 May 2023 04:58:37 GMT
server: cloudflare
etag: "6095ac06981d91:0"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=691200
accept-ranges: bytes
cf-ray: 811171c948da80f9-NRT
expires: Fri, 13 Oct 2023 00:10:56 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 200 KB
73 KB 89ms
49ms Script
application/javascript 2404:6800:4004:825::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-KGDCKMX

Requested by

Host: xosodaiphat.com
URL: https://xosodaiphat.com/xsmb-xo-so-mien-bac.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:825::2008 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

becbec5893ddeb3d797afdcb2268434b0b425f97297452f5de3bd6a4941c2fbe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://xosodaiphat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Thu, 05 Oct 2023 00:10:56 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 74110
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Thu, 05 Oct 2023 00:10:56 GMT

GET
H2 200 plusone.js Show response
apis.google.com/js/ 56 KB
22 KB 128ms
84ms Script
text/javascript 2404:6800:4004:81c::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/js/plusone.js

Requested by

Host: xosodaiphat.com
URL: https://xosodaiphat.com/xsmb-xo-so-mien-bac.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:81c::200e , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

21b7a044584ef7456c5de9e0cc8beb629f62c8663a558ec0d95862b18cf3b851

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://xosodaiphat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

content-security-policy: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 05 Oct 2023 00:10:56 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 21950
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="gapi-team"
etag: "00e1f4ea5a65d0e5"
vary: Accept-Encoding
report-to: {"group":"gapi-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gapi-team"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: private, max-age=1800, stale-while-revalidate=1800
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 05 Oct 2023 00:10:56 GMT

GET
H2 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309280101/ 413 KB
131 KB 3ms
2ms Script
text/javascript 2404:6800:4004:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309280101/pubads_impl.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:80b::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

51b5ae1f0ff10c4595493fa2d4edb2c308f97976be783ed5d7d962a8d81606d1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://xosodaiphat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Wed, 04 Oct 2023 16:33:50 GMT
content-encoding: br
x-content-type-options: nosniff
age: 27426
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 133452
x-xss-protection: 0
server: cafe
etag: 5291400228273913750
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Thu, 03 Oct 2024 16:33:50 GMT

GET
H2 200 show_ads_impl_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202309291101/ 380 KB
129 KB 100ms
99ms Script
text/javascript 2404:6800:4004:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202309291101/show_ads_impl_fy2021.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-2201058077065954

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:808::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c784133710320928b175ae1ea56dc0335e242296f887f48eb07f0531956dda9a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://xosodaiphat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Thu, 05 Oct 2023 00:10:57 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 131766
x-xss-protection: 0
server: cafe
etag: 14616093466974122087
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Thu, 05 Oct 2023 00:10:57 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20231003/r20190131/ Frame C0CF 10 KB
5 KB 85ms
2ms Document
text/html 2404:6800:4004:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20231003/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-2201058077065954

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:827::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

041fe6e516177e777c651a95708ee4961723db34a974e8be9e6ba597a1313e51

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://xosodaiphat.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

age: 2783
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4471
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 04 Oct 2023 23:24:34 GMT
etag: 2603938475786422795
expires: Wed, 18 Oct 2023 23:24:34 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 103512698 Show response
fundingchoicesmessages.google.com/i/ 157 KB
52 KB 143ms
103ms Script
application/javascript 2404:6800:4004:822::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/i/103512698?ers=3

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309280101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:822::200e , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2b2e8ebe909be0d3ed4533a4fd82486c3c54f3c0de5588bdbf5f8357e166037a

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-_nL-epmbb-1sGaFYfOlM0A' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://xosodaiphat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Thu, 05 Oct 2023 00:10:57 GMT
content-security-policy: script-src 'report-sample' 'nonce-_nL-epmbb-1sGaFYfOlM0A' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 cb=gapi.loaded_0 Show response
apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.L92w_vMR5kE.O/m=plusone/rt=j/sv=1/d=1/ed=1/rs=AHpOoo-GjmyR8TQVDKPrbqj5UQg7cU3cCA/ 157 KB
55 KB 3ms
3ms Script
text/javascript 2404:6800:4004:81c::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.L92w_vMR5kE.O/m=plusone/rt=j/sv=1/d=1/ed=1/rs=AHpOoo-GjmyR8TQVDKPrbqj5UQg7cU3cCA/cb=gapi.loaded_0?le=scs

Requested by

Host: apis.google.com
URL: https://apis.google.com/js/plusone.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:81c::200e , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

97ad2f5f2d0652571a124e7b07415cebe4e70edc45469ed95bf19cc6898e54cc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://xosodaiphat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Mon, 02 Oct 2023 17:22:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 197335
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 55720
x-xss-protection: 0
last-modified: Sat, 02 Sep 2023 15:18:27 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="social-frontend-mpm-access"
vary: Accept-Encoding
report-to: {"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 01 Oct 2024 17:22:02 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 41ms
2ms Script
text/javascript 2404:6800:4004:80a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KGDCKMX

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:80a::200e , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://xosodaiphat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 04 Oct 2023 23:44:40 GMT
last-modified: Mon, 12 Jun 2023 18:23:07 GMT
server: Golfe2
age: 1577
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Thu, 05 Oct 2023 01:44:40 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 269 KB
90 KB 45ms
44ms Script
application/javascript 2404:6800:4004:825::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-KPB8BPT4XL&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KGDCKMX

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:825::2008 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

80b5677c54bae2cb8adcd74c4e1bfa859f8f75c0717c27e2f78441d55e024382

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://xosodaiphat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Thu, 05 Oct 2023 00:10:57 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 92289
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Thu, 05 Oct 2023 00:10:57 GMT

GET
DATA 200
OK truncated
/ 35 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 04c1bc744720c6e7542613e933c9a0f4bbd8f6ed45a5b1924223c256430dfd7b

Request headers

accept-language: jp-JP,jp;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

Content-Type: image/gif

GET
H3 200 arow.svg
cdn.xosodaiphat.com/assets/images/ 737 B
809 B 12ms
11ms Image
image/svg+xml 2606:4700::6812:144c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.xosodaiphat.com/assets/images/arow.svg
Requested by: Host: xosodaiphat.com
URL: https://xosodaiphat.com/xsmb-xo-so-mien-bac.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6812:144c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 99984969b73a9759568e48a6e5e02f4fdc286cc3bd57f8e0fe94369b8dc920e4

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://xosodaiphat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Thu, 05 Oct 2023 00:10:57 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Mon, 22 Nov 2021 04:03:56 GMT
server: cloudflare
age: 762992
etag: W/"188d5df855dfd71:0"
x-powered-by: ASP.NET
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=2678400
cf-ray: 811171cabe9ae072-NRT
alt-svc: h3=":443"; ma=86400
expires: Sun, 05 Nov 2023 00:10:57 GMT

POST
H/1.1 200
OK stat
nstat-sg.flygame.io/api/ 0
0 224ms
82ms Ping
application/json 118.194.234.167
UCLOUD-HK-AS-AP U...

General

Check archive.org

Show headers Download Go to

Full URL: https://nstat-sg.flygame.io/api/stat?sign=204079b69b2019057f194d283a7aa4c8
Requested by: Host: api-sg.flygame.io
URL: https://api-sg.flygame.io/sdk/widget/xosodaiphat.com.3609.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 118.194.234.167 , Singapore, ASN135377 (UCLOUD-HK-AS-AP UCLOUD INFORMATION TECHNOLOGY HK LIMITED, HK),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://xosodaiphat.com/
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

GET
H/1.1 200
OK v2 Show response
api2-sg.flygame.io/api/ig/widget/fill/ 285 B
690 B 209ms
69ms XHR
application/json 128.1.40.229
UCLOUD-HK-AS-AP U...

General

Check archive.org

Show headers Download Go to

Full URL: https://api2-sg.flygame.io/api/ig/widget/fill/v2?appKey=websdk&nonce=750274&timestamp=1696464657092&deviceId=77BE8C561183&widgetId=3609&publisher=xosodaiphat.com&os=ios&language=en-us&adid=&showedTimes=0&signature=dbc65e4dd0d54df7fee313754e87242add785c22
Requested by: Host: api-sg.flygame.io
URL: https://api-sg.flygame.io/sdk/widget/xosodaiphat.com.3609.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 128.1.40.229 , United States, ASN135377 (UCLOUD-HK-AS-AP UCLOUD INFORMATION TECHNOLOGY HK LIMITED, HK),
Reverse DNS
Software: nginx /
Resource Hash: ecb2314a2512d42573af057ecb1a843aa7bf233447f3ee71b7de343c14aa42c7

Request headers

Accept: application/json, text/plain, */*
Referer: https://xosodaiphat.com/
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

Date: Thu, 05 Oct 2023 00:10:57 GMT
Server: nginx
Access-Control-Max-Age: 86400
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: no-cache
Access-Control-Allow-Credentials: True
Connection: keep-alive
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
Content-Length: 285

GET
H2 200 xosodaiphat.com.1425077.es6.js Show response
jsc.adskeeper.co.uk/x/o/ 327 KB
100 KB 11ms
11ms Script
text/javascript 2606:4700:4400::ac40:98bf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://jsc.adskeeper.co.uk/x/o/xosodaiphat.com.1425077.es6.js
Requested by: Host: jsc.adskeeper.co.uk
URL: https://jsc.adskeeper.co.uk/x/o/xosodaiphat.com.1425077.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:98bf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: feee83064f03a337be948ae3c4ea16eefe6d36ce32edc03919769e4fa2c367dd

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://xosodaiphat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Thu, 05 Oct 2023 00:10:57 GMT
content-encoding: gzip
x-amz-version-id: nD4TQp2WgPExx2.56bSbsiiuWhbRkbae
cf-cache-status: HIT
x-amz-request-id: DJ79PV3JF37J1ZGR
age: 4474
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400
content-length: 102466
x-amz-id-2: /Tj7pONZgWNQwcgST2CoVe1ofZZrn0TsJplNfrjE0rlc8zJ5Qv3+bIsY61hiQ7viT54DiU0tjhBGBEWkFGd3vw==
last-modified: Thu, 28 Sep 2023 08:47:24 GMT
server: cloudflare
etag: "bb6c40ef8bfc53d5244dd02e37a0b9d1"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 811171cad93d80cb-NRT
expires: Thu, 05 Oct 2023 04:10:57 GMT

POST
H/1.1 200
OK stat
nstat-sg.flygame.io/api/ 0
0 209ms
75ms Ping
application/json 118.194.234.167
UCLOUD-HK-AS-AP U...

General

Check archive.org

Show headers Download Go to

Full URL: https://nstat-sg.flygame.io/api/stat?sign=82afe2fc1e9892851694a15d1ac8f558
Requested by: Host: api.flygame.io
URL: https://api.flygame.io/sdk/widget/xosodaiphat.com.3418.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 118.194.234.167 , Singapore, ASN135377 (UCLOUD-HK-AS-AP UCLOUD INFORMATION TECHNOLOGY HK LIMITED, HK),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://xosodaiphat.com/
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

GET
H3 200 list-icon.png
cdn.xosodaiphat.com/assets/images/ 394 B
633 B 12ms
11ms Image
image/png 2606:4700::6812:144c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.xosodaiphat.com/assets/images/list-icon.png
Requested by: Host: xosodaiphat.com
URL: https://xosodaiphat.com/xsmb-xo-so-mien-bac.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6812:144c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 710d59cc71277c8e761e9dde1ba57bf54c4ff65f3fa912baeaff109e80ebd98c

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://xosodaiphat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Thu, 05 Oct 2023 00:10:57 GMT
cf-cache-status: HIT
age: 1000090
x-powered-by: ASP.NET
alt-svc: h3=":443"; ma=86400
content-length: 394
last-modified: Mon, 22 Nov 2021 04:03:56 GMT
server: cloudflare
etag: "f91873f855dfd71:0"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=2678400
accept-ranges: bytes
cf-ray: 811171cb2f16e072-NRT
expires: Sun, 05 Nov 2023 00:10:57 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 4 B
208 B 39ms
38ms XHR
text/plain 2404:6800:4004:80a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=386890422&t=pageview&_s=1&dl=https%3A%2F%2Fxosodaiphat.com%2Fxsmb-xo-so-mien-bac.html&ul=en-us&de=UTF-8&dt=XSMB%20-%20SXMB%20-%20K%E1%BA%BFt%20Qu%E1%BA%A3%20X%E1%BB%95%20S%E1%BB%91%20Mi%E1%BB%81n%20B%E1%BA%AFc%20H%C3%B4m%20Nay%20-%20KQXSMB&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEABAAAAACAAI~&jid=1639825951&gjid=2057981975&cid=956390922.1696464657&tid=UA-72080428-1&_gid=1965492665.1696464657&_r=1&_slc=1&gtm=45He3a20n81KGDCKMX&z=1550498510

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:80a::200e , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://xosodaiphat.com/
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 05 Oct 2023 00:10:57 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://xosodaiphat.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
www.google-analytics.com/g/ 0
56 B 41ms
41ms Ping
text/plain 2404:6800:4004:80a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-KPB8BPT4XL&gtm=45je3a20&_p=386890422&cid=956390922.1696464657&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1696464657&sct=1&seg=0&dl=https%3A%2F%2Fxosodaiphat.com%2Fxsmb-xo-so-mien-bac.html&dt=XSMB%20-%20SXMB%20-%20K%E1%BA%BFt%20Qu%E1%BA%A3%20X%E1%BB%95%20S%E1%BB%91%20Mi%E1%BB%81n%20B%E1%BA%AFc%20H%C3%B4m%20Nay%20-%20KQXSMB&en=page_view&_fv=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-KPB8BPT4XL&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2404:6800:4004:80a::200e , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://xosodaiphat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 05 Oct 2023 00:10:57 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://xosodaiphat.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
345 B 145ms
48ms XHR
text/plain 2404:6800:4008:c13::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-72080428-1&cid=956390922.1696464657&jid=1639825951&gjid=2057981975&_gid=1965492665.1696464657&_u=YEBAAEAAAAAAACAAI~&z=871094354

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4008:c13::9d Taipei, Taiwan, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://xosodaiphat.com/
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Thu, 05 Oct 2023 00:10:57 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://xosodaiphat.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 AGSKWxXfOAGWDydygLaqqvukTT1bdd_11d-3KWpqeugrGvdciOASnTCTTykEYD-ZV7d5reQP7CbDLkM4bsDeR9yjfnQ-8Qwd2eGbRW7ZpnSRP_Qh1_ilYQHTdiPXPI7F8tKEI4kZNp9bOw== Show response
fundingchoicesmessages.google.com/f/ 3 KB
2 KB 102ms
101ms Script
application/javascript 2404:6800:4004:822::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxXfOAGWDydygLaqqvukTT1bdd_11d-3KWpqeugrGvdciOASnTCTTykEYD-ZV7d5reQP7CbDLkM4bsDeR9yjfnQ-8Qwd2eGbRW7ZpnSRP_Qh1_ilYQHTdiPXPI7F8tKEI4kZNp9bOw==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNjk2NDY0NjU3LDIyODAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzddXSwiaHR0cHM6Ly94b3NvZGFpcGhhdC5jb20veHNtYi14by1zby1taWVuLWJhYy5odG1sIixudWxsLFtbOCwiamZzdkpIc3h2T1EiXSxbOSwiZW4tVVMiXSxbMTksIjIiXSxbMTcsIlswXSJdXV0

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.jfsvJHsxvOQ.es5.O/am=ggE/d=1/rs=AJlcJMxAmHb91OLzU8wgdngu_QR3kXl4Dw/m=kernel_loader,loader_js_executable

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:822::200e , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

44ef533e0d0635be9664f1ef3a35ffbd3615aed38faa0aaa326058b3db1578f4

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-4p3HdayECJylUnnfryvsKw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://xosodaiphat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Thu, 05 Oct 2023 00:10:57 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-4p3HdayECJylUnnfryvsKw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 62 KB
15 KB 698ms
698ms Fetch
text/plain 2404:6800:4004:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3411337703873086&correlator=1281633664557940&eid=31077098&output=ldjh&gdfp_req=1&vrg=202309280101&ptt=17&impl=fif&gdpr=0&iu_parts=154031234%2CDirect_Deal_336x280&enc_prev_ius=%2F0%2F1&prev_iu_szs=336x280&ifi=5&didk=607409652&sfv=1-0-40&sc=1&cookie_enabled=1&abxe=1&dt=1696464657240&lmt=1696432254&adxs=231&adys=901&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=540&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fxosodaiphat.com%2Fxsmb-xo-so-mien-bac.html&vis=1&psz=553x35&msz=553x0&fws=0&ohw=0&ga_vid=956390922.1696464657&ga_sid=1696464657&ga_hid=386890422&ga_fc=true&dlt=1696464656812&idt=178&adks=1137047589&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309280101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:80b::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

097033b4235fc89a9994d3c1dd36c12d42bb2e8205845c869d2be12c0df174c4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://xosodaiphat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Thu, 05 Oct 2023 00:10:57 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14746
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://xosodaiphat.com
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
a9429f471968253f5bd8b98d2fe4e3ec.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame EEC2 6 KB
3 KB 84ms
38ms Document
text/html 2404:6800:4004:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://a9429f471968253f5bd8b98d2fe4e3ec.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309280101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:80f::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://xosodaiphat.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 05 Oct 2023 00:10:57 GMT
expires: Fri, 04 Oct 2024 00:10:57 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
BLOB 200
OK b1ef1540-d0f9-4991-b46a-4b3291691cc9
https://xosodaiphat.com/ 0
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://xosodaiphat.com/b1ef1540-d0f9-4991-b46a-4b3291691cc9
Requested by: Host: xosodaiphat.com
URL: https://xosodaiphat.com/xsmb-xo-so-mien-bac.html
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: jp-JP,jp;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

Content-Length: 0
Content-Type: text/javascript

GET
BLOB 200
OK 8be53d88-cd09-4853-ac73-800cd584da1d
https://xosodaiphat.com/ 250 B
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://xosodaiphat.com/8be53d88-cd09-4853-ac73-800cd584da1d
Requested by: Host: xosodaiphat.com
URL: https://xosodaiphat.com/xsmb-xo-so-mien-bac.html
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e37071398d21f18dff2370ee0885f38811bb69bb465b398100ab3101fc521d6b

Request headers

accept-language: jp-JP,jp;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

Content-Length: 250
Content-Type: text/javascript

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 397 B
602 B 94ms
39ms Script
text/javascript 2404:6800:4004:80a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=xosodaiphat.com&callback=_gfp_s_&client=ca-pub-2201058077065954

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202309291101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:80a::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b232a2be54cc094fd2684ce71c633b33d19dc0088d472d15a8b6146dbd1c67cb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://xosodaiphat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Thu, 05 Oct 2023 00:10:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 251
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 15BD 252 KB
57 KB 335ms
334ms Document
text/html 2404:6800:4004:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-2201058077065954&output=html&adk=1812271804&adf=3025194257&lmt=1696432254&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=212x945_l%7C212x945_r&format=0x0&url=https%3A%2F%2Fxosodaiphat.com%2Fxsmb-xo-so-mien-bac.html&ea=0&pra=5&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696464656969&bpp=2&bdt=157&idt=292&shv=r20231003&mjsv=m202309291101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=4714102405594&frm=20&pv=2&ga_vid=956390922.1696464657&ga_sid=1696464657&ga_hid=386890422&ga_fc=1&u_tz=540&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C42532403%2C44798934%2C31078301&oid=2&pvsid=3411337703873086&tmod=863633795&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=324

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202309291101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:827::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e90a98a0e5128f8f57495d739b9a1057f72d3fe4af49da3342f6ebe116150f6f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://xosodaiphat.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 58578
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 05 Oct 2023 00:10:57 GMT
expires: Thu, 05 Oct 2023 00:10:57 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 93E7 135 KB
43 KB 733ms
732ms Document
text/html 2404:6800:4004:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-2201058077065954&output=html&h=90&slotname=8940750168&adk=852557258&adf=4171771922&pi=t.ma~as.8940750168&w=728&lmt=1696432254&format=728x90&url=https%3A%2F%2Fxosodaiphat.com%2Fxsmb-xo-so-mien-bac.html&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696464656971&bpp=1&bdt=159&idt=327&shv=r20231003&mjsv=m202309291101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=4714102405594&frm=20&pv=1&ga_vid=956390922.1696464657&ga_sid=1696464657&ga_hid=386890422&ga_fc=1&u_tz=540&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=642&ady=10&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C42532403%2C44798934%2C31078301&oid=2&pvsid=3411337703873086&tmod=863633795&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=qVZLEZEM00&p=https%3A//xosodaiphat.com&dtd=331

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202309291101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:827::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fdbec4d899be4651a6609b44bbdec3af40f515e4fb6726238aeeab8cc328482b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://xosodaiphat.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 43782
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 05 Oct 2023 00:10:58 GMT
expires: Thu, 05 Oct 2023 00:10:58 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 0DB8 111 KB
40 KB 352ms
352ms Document
text/html 2404:6800:4004:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-2201058077065954&output=html&h=600&slotname=5836698698&adk=1140614959&adf=3230151208&pi=t.ma~as.5836698698&w=300&lmt=1696432254&format=300x600&url=https%3A%2F%2Fxosodaiphat.com%2Fxsmb-xo-so-mien-bac.html&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696464657067&bpp=18&bdt=255&idt=239&shv=r20231003&mjsv=m202309291101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90&nras=1&correlator=4714102405594&frm=20&pv=1&ga_vid=956390922.1696464657&ga_sid=1696464657&ga_hid=386890422&ga_fc=1&u_tz=540&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1070&ady=242&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C42532403%2C44798934%2C31078301&oid=2&pvsid=3411337703873086&tmod=863633795&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&fsb=1&xpc=4y9pJ2VeIY&p=https%3A//xosodaiphat.com&dtd=242

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202309291101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:827::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

20dbfd15ad1c76270fa9fab30c9397e3c5180e570a34d4b18aa5ee1cd1af613d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://xosodaiphat.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 41004
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 05 Oct 2023 00:10:57 GMT
expires: Thu, 05 Oct 2023 00:10:57 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

POST
H/1.1 200
OK stat
nstat-sg.flygame.io/api/ 0
0 208ms
75ms Ping
application/json 118.194.234.167
UCLOUD-HK-AS-AP U...

General

Check archive.org

Show headers Download Go to

Full URL: https://nstat-sg.flygame.io/api/stat?sign=286a2f2b6cbd4719c5d43e98db6b1934
Requested by: Host: api-sg.flygame.io
URL: https://api-sg.flygame.io/sdk/widget/xosodaiphat.com.3609.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 118.194.234.167 , Singapore, ASN135377 (UCLOUD-HK-AS-AP UCLOUD INFORMATION TECHNOLOGY HK LIMITED, HK),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://xosodaiphat.com/
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

POST
H/1.1 200
OK stat
nstat-sg.flygame.io/api/ 0
0 204ms
71ms Ping
application/json 118.194.234.167
UCLOUD-HK-AS-AP U...

General

Check archive.org

Show headers Download Go to

Full URL: https://nstat-sg.flygame.io/api/stat?sign=91bf4b6d7606e3ade33132c41fd4fc08
Requested by: Host: api-sg.flygame.io
URL: https://api-sg.flygame.io/sdk/widget/xosodaiphat.com.3609.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 118.194.234.167 , Singapore, ASN135377 (UCLOUD-HK-AS-AP UCLOUD INFORMATION TECHNOLOGY HK LIMITED, HK),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://xosodaiphat.com/
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

POST
H/1.1 200
OK stat
nstat-sg.flygame.io/api/ 0
0 210ms
77ms Ping
application/json 118.194.234.167
UCLOUD-HK-AS-AP U...

General

Check archive.org

Show headers Download Go to

Full URL: https://nstat-sg.flygame.io/api/stat?sign=27f65b0a8e880d8daeb785350eca2e94
Requested by: Host: api-sg.flygame.io
URL: https://api-sg.flygame.io/sdk/widget/xosodaiphat.com.3609.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 118.194.234.167 , Singapore, ASN135377 (UCLOUD-HK-AS-AP UCLOUD INFORMATION TECHNOLOGY HK LIMITED, HK),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://xosodaiphat.com/
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 5C4A 725 B
578 B 262ms
261ms Document
text/html 2404:6800:4004:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-2201058077065954&output=html&h=600&slotname=5836698698&adk=1479423516&adf=568754805&pi=t.ma~as.5836698698&w=300&lmt=1696432254&format=300x600&url=https%3A%2F%2Fxosodaiphat.com%2Fxsmb-xo-so-mien-bac.html&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696464657122&bpp=5&bdt=310&idt=191&shv=r20231003&mjsv=m202309291101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90%2C300x600&nras=1&correlator=4714102405594&frm=20&pv=1&ga_vid=956390922.1696464657&ga_sid=1696464657&ga_hid=386890422&ga_fc=1&u_tz=540&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1070&ady=2027&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C42532403%2C44798934%2C31078301&oid=2&pvsid=3411337703873086&tmod=863633795&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=pN5WF0Mr1d&p=https%3A//xosodaiphat.com&dtd=194

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202309291101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:827::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

339675576d1f9d253b2f142fb164aaab0e65072244d3dcff3249f37cab23bdf6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://xosodaiphat.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 357
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 05 Oct 2023 00:10:57 GMT
expires: Thu, 05 Oct 2023 00:10:57 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 xosothienphu.com.1423705.es6.js Show response
jsc.adskeeper.com/x/o/ 310 KB
96 KB 378ms
376ms Script
text/javascript 2606:4700:4400::6812:2396
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://jsc.adskeeper.com/x/o/xosothienphu.com.1423705.es6.js
Requested by: Host: jsc.adskeeper.com
URL: https://jsc.adskeeper.com/x/o/xosothienphu.com.1423705.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:2396 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d2bad93dd508b5ec78cb7818fb910499a0bb1597610ee4716a74efe54e9bd28e

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://xosodaiphat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Thu, 05 Oct 2023 00:10:57 GMT
content-encoding: gzip
x-amz-version-id: Cnwq3Df7UYkHQhwwcAAmDXWsjF6FoENl
cf-cache-status: REVALIDATED
x-amz-request-id: FWDAA88J6Z4QN7S3
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400
content-length: 97737
x-amz-id-2: SrYHPbUuX9us9HGxwPaRaWrJJztYX8yV+SkGePF+smqxiGJXlR8rm6B11QItqhO1pc8/ubwt7O8=
last-modified: Mon, 02 Oct 2023 10:26:14 GMT
server: cloudflare
etag: "85942f06e0493fe8b962c36ef9462732"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 811171cc39bc8a72-NRT
expires: Thu, 05 Oct 2023 04:10:57 GMT

GET
H3 200 AGSKWxWfeS6igbM0XX3WR-Hk0cYRGKBBlwdKrL0KlTxTDLr75HNTA9F8Bo5i6s753tMnjt_tHOLCqrAfj4tU8P-B6uTh43jz5I_UTJfz31v6ksriWTanHHzH6usiM-UZzzylyk3qE1oOrQ== Show response
fundingchoicesmessages.google.com/f/ 13 KB
6 KB 114ms
114ms Script
application/javascript 2404:6800:4004:822::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxWfeS6igbM0XX3WR-Hk0cYRGKBBlwdKrL0KlTxTDLr75HNTA9F8Bo5i6s753tMnjt_tHOLCqrAfj4tU8P-B6uTh43jz5I_UTJfz31v6ksriWTanHHzH6usiM-UZzzylyk3qE1oOrQ==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNjk2NDY0NjU3LDMzNTAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsOV0sbnVsbCwyXSwiaHR0cHM6Ly94b3NvZGFpcGhhdC5jb20veHNtYi14by1zby1taWVuLWJhYy5odG1sIixudWxsLFtbOCwiamZzdkpIc3h2T1EiXSxbOSwiZW4tVVMiXSxbMTksIjIiXSxbMTcsIlswXSJdXV0

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:822::200e , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

fb470daa427a2acd99ccf5487aeb0023e39cf60fb17314793f7c1448ffd52d44

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-K__dLE2auQgcrCJs_6Z0bA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://xosodaiphat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Thu, 05 Oct 2023 00:10:57 GMT
content-security-policy: script-src 'report-sample' 'nonce-K__dLE2auQgcrCJs_6Z0bA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 reactive_library_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202309291101/ 154 KB
53 KB 87ms
87ms Script
text/javascript 2404:6800:4004:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202309291101/reactive_library_fy2021.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202309291101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:808::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ed6e026876182b9e60799b361b8d65a5f7713beccd5e67606ffd55d9232f4513

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://xosodaiphat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Thu, 05 Oct 2023 00:10:57 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 53737
x-xss-protection: 0
server: cafe
etag: 18201463305434327476
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Thu, 05 Oct 2023 00:10:57 GMT

GET
H2 200 17401517616923425266
tpc.googlesyndication.com/daca_images/simgad/ Frame 0DB8 25 KB
26 KB 46ms
5ms Image
image/png 2404:6800:4004:826::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/daca_images/simgad/17401517616923425266

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-2201058077065954&output=html&h=600&slotname=5836698698&adk=1140614959&adf=3230151208&pi=t.ma~as.5836698698&w=300&lmt=1696432254&format=300x600&url=https%3A%2F%2Fxosodaiphat.com%2Fxsmb-xo-so-mien-bac.html&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696464657067&bpp=18&bdt=255&idt=239&shv=r20231003&mjsv=m202309291101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90&nras=1&correlator=4714102405594&frm=20&pv=1&ga_vid=956390922.1696464657&ga_sid=1696464657&ga_hid=386890422&ga_fc=1&u_tz=540&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1070&ady=242&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C42532403%2C44798934%2C31078301&oid=2&pvsid=3411337703873086&tmod=863633795&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&fsb=1&xpc=4y9pJ2VeIY&p=https%3A//xosodaiphat.com&dtd=242

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:826::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c12650b6e9de2475417024121ec7c86cbc1b64d6320ff01015117e2edfc9f19c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Wed, 04 Oct 2023 00:05:31 GMT
x-content-type-options: nosniff
age: 86726
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 25961
x-xss-protection: 0
last-modified: Thu, 20 Oct 2022 23:06:49 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 03 Oct 2024 00:05:31 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231003/r20110914/ Frame 0DB8 23 KB
9 KB 45ms
5ms Script
text/javascript 2404:6800:4004:826::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231003/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:826::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e0309fd597700b89310de557575438fb73dbee569cf734340057c0884ce91c20

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Wed, 04 Oct 2023 13:56:49 GMT
content-encoding: br
x-content-type-options: nosniff
age: 36848
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9151
x-xss-protection: 0
server: cafe
etag: 7930219084593097114
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 18 Oct 2023 13:56:49 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231003/r20110914/client/ Frame 0DB8 3 KB
1 KB 25ms
4ms Script
text/javascript 2404:6800:4004:826::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231003/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:826::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Wed, 04 Oct 2023 13:56:49 GMT
content-encoding: br
x-content-type-options: nosniff
age: 36848
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 18 Oct 2023 13:56:49 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231003/r20110914/client/ Frame 0DB8 20 KB
9 KB 24ms
2ms Script
text/javascript 2404:6800:4004:826::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231003/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:826::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

50a61db1134643f3360d0e1ff16c4e48fdf700090052d0fcf9301e95884ae9d9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Wed, 04 Oct 2023 13:55:52 GMT
content-encoding: br
x-content-type-options: nosniff
age: 36905
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8339
x-xss-protection: 0
server: cafe
etag: 16954770952846736976
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 18 Oct 2023 13:55:52 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 0DB8 187 KB
59 KB 59ms
58ms Script
text/javascript 2404:6800:4004:825::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:825::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

89403ef16933d6911ecc68da312e1934f696994b35d4824928649954a5980bec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Thu, 05 Oct 2023 00:10:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 60043
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1696419354076528"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 05 Oct 2023 00:10:57 GMT

GET
H2 200 one_click_handler_one_afma_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231003/r20110914/client/ Frame 0DB8 36 KB
15 KB 24ms
3ms Script
text/javascript 2404:6800:4004:826::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231003/r20110914/client/one_click_handler_one_afma_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:826::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

93340594a3f629999eacb6d03aac3d49a76ca9023c18a90bce7e7e8d3ef9a68c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Wed, 04 Oct 2023 14:08:47 GMT
content-encoding: br
x-content-type-options: nosniff
age: 36130
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14932
x-xss-protection: 0
server: cafe
etag: 14442377342001293717
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 18 Oct 2023 14:08:47 GMT

GET
H3 200 ca-pub-2201058077065954 Show response
fundingchoicesmessages.google.com/i/ 157 KB
51 KB 93ms
93ms Script
application/javascript 2404:6800:4004:822::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/i/ca-pub-2201058077065954?ers=2

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202309291101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:822::200e , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

be3179ae4fe9a392df940fe67d1efec4647f59e07362ce1eae10724ea7baa5c1

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-jIcCYp4mP_LsUOBOb_il-Q' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://xosodaiphat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Thu, 05 Oct 2023 00:10:57 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-jIcCYp4mP_LsUOBOb_il-Q' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 slotcar_library_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202309291101/ 90 KB
31 KB 64ms
63ms Script
text/javascript 2404:6800:4004:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202309291101/slotcar_library_fy2021.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-2201058077065954

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:808::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4e985c9eb13d7f22fb258a7ff901f553527b27e3414f5dbf53eb1a69857f4c73

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://xosodaiphat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Thu, 05 Oct 2023 00:10:57 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31667
x-xss-protection: 0
server: cafe
etag: 1111437205324871807
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Thu, 05 Oct 2023 00:10:57 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame D79D 143 B
166 B 3ms
2ms Document
text/html 2404:6800:4004:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:827::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-2201058077065954&output=html&h=600&slotname=5836698698&adk=1140614959&adf=3230151208&pi=t.ma~as.5836698698&w=300&lmt=1696432254&format=300x600&url=https%3A%2F%2Fxosodaiphat.com%2Fxsmb-xo-so-mien-bac.html&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696464657067&bpp=18&bdt=255&idt=239&shv=r20231003&mjsv=m202309291101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90&nras=1&correlator=4714102405594&frm=20&pv=1&ga_vid=956390922.1696464657&ga_sid=1696464657&ga_hid=386890422&ga_fc=1&u_tz=540&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1070&ady=242&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C42532403%2C44798934%2C31078301&oid=2&pvsid=3411337703873086&tmod=863633795&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&fsb=1&xpc=4y9pJ2VeIY&p=https%3A//xosodaiphat.com&dtd=242
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

age: 854
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 04 Oct 2023 23:56:43 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 0228 118 KB
41 KB 905ms
904ms Document
text/html 2404:6800:4004:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-2201058077065954&output=html&h=600&adk=3586858701&adf=1752004327&pi=t.aa~a.937086356~rp.3&w=253&fwrn=4&fwrnh=100&lmt=1696432254&rafmt=1&to=qs&pwprc=1907037601&format=253x600&url=https%3A%2F%2Fxosodaiphat.com%2Fxsmb-xo-so-mien-bac.html&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696464657731&bpp=1&bdt=919&idt=-M&shv=r20231003&mjsv=m202309291101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D6d4fa6c9c8a2e322%3AT%3D1696464657%3ART%3D1696464657%3AS%3DALNI_MZJT1uXzQ56DmJQxZ-1Mdjnr1BYzA&gpic=UID%3D00000c582546628f%3AT%3D1696464657%3ART%3D1696464657%3AS%3DALNI_MY9a-WJmFJPpgy1ShDRMFB1XHDBHg&prev_fmts=0x0%2C728x90%2C300x600%2C300x600&nras=2&correlator=4714102405594&frm=20&pv=1&ga_vid=956390922.1696464657&ga_sid=1696464657&ga_hid=386890422&ga_fc=1&u_tz=540&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=801&ady=1383&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C42532403%2C44798934%2C31078301&oid=2&pvsid=3411337703873086&tmod=863633795&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=2&fsb=1&xpc=tnnyZlO1Bi&p=https%3A//xosodaiphat.com&dtd=16

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202309291101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:827::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ecfca359531a1b9a7c6315f1c0af9d32a6b9d63e2838cd812501865dfe428837

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://xosodaiphat.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 42418
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 05 Oct 2023 00:10:58 GMT
expires: Thu, 05 Oct 2023 00:10:58 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame F8A5 126 KB
43 KB 787ms
786ms Document
text/html 2404:6800:4004:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-2201058077065954&output=html&h=280&adk=2944179606&adf=4155368047&pi=t.aa~a.1392966683~rp.4&w=553&fwrn=4&fwrnh=100&lmt=1696432254&rafmt=1&to=qs&pwprc=1907037601&format=553x280&url=https%3A%2F%2Fxosodaiphat.com%2Fxsmb-xo-so-mien-bac.html&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696464657731&bpp=1&bdt=919&idt=1&shv=r20231003&mjsv=m202309291101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D6d4fa6c9c8a2e322%3AT%3D1696464657%3ART%3D1696464657%3AS%3DALNI_MZJT1uXzQ56DmJQxZ-1Mdjnr1BYzA&gpic=UID%3D00000c582546628f%3AT%3D1696464657%3ART%3D1696464657%3AS%3DALNI_MY9a-WJmFJPpgy1ShDRMFB1XHDBHg&prev_fmts=0x0%2C728x90%2C300x600%2C300x600%2C253x600&nras=3&correlator=4714102405594&frm=20&pv=1&ga_vid=956390922.1696464657&ga_sid=1696464657&ga_hid=386890422&ga_fc=1&u_tz=540&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=231&ady=2580&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C42532403%2C44798934%2C31078301&oid=2&pvsid=3411337703873086&tmod=863633795&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=7&uci=a!7&btvi=3&fsb=1&xpc=7lovSrQDlp&p=https%3A//xosodaiphat.com&dtd=19

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202309291101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:827::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

daaca14937b317ef2e026b4b855c2abe4c7061a83e8e34209e6422d31b1a7ccb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://xosodaiphat.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 43687
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 05 Oct 2023 00:10:58 GMT
expires: Thu, 05 Oct 2023 00:10:58 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 0DB8 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: acd5235448fa6b8890fd7f7baf279fc2803f8af80b497229a2d730217a6146a9

Request headers

accept-language: jp-JP,jp;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

Content-Type: image/png

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame D79D
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

43ms
43ms

Document
text/html

2404:6800:4004:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:827::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 05 Oct 2023 00:10:57 GMT
expires: Thu, 05 Oct 2023 00:10:57 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 05 Oct 2023 00:10:57 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
BLOB 200
OK 1593e2fb-cf21-4804-b1a5-3e3363679c2e
https://xosodaiphat.com/ 0
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://xosodaiphat.com/1593e2fb-cf21-4804-b1a5-3e3363679c2e
Requested by: Host: xosodaiphat.com
URL: https://xosodaiphat.com/xsmb-xo-so-mien-bac.html
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: jp-JP,jp;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

Content-Length: 0
Content-Type: text/javascript

GET
BLOB 200
OK a824341e-801c-4bbc-91ef-49a2e7177e5b
https://xosodaiphat.com/ 250 B
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://xosodaiphat.com/a824341e-801c-4bbc-91ef-49a2e7177e5b
Requested by: Host: xosodaiphat.com
URL: https://xosodaiphat.com/xsmb-xo-so-mien-bac.html
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e37071398d21f18dff2370ee0885f38811bb69bb465b398100ab3101fc521d6b

Request headers

accept-language: jp-JP,jp;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

Content-Length: 250
Content-Type: text/javascript

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20231003/r20110914/ Frame 4447 10 KB
4 KB 2ms
2ms Document
text/html 2404:6800:4004:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20231003/r20110914/zrt_lookup.html?fsb=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202309291101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:827::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

041fe6e516177e777c651a95708ee4961723db34a974e8be9e6ba597a1313e51

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://xosodaiphat.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

age: 3582
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4471
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 04 Oct 2023 23:11:15 GMT
etag: 2603938475786422795
expires: Wed, 18 Oct 2023 23:11:15 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3

200

/
www.googleadservices.com/pagead/ar-adview/ Frame 0DB8
Redirect Chain

https://googleads.g.doubleclick.net/pagead/adview?ai=CKyugEf8dZZKAFdmDid4P0tiPsA2k3dPmcPyNrYC1ELCQHxABILj-zn1gifPFhPQToAHgtrz6AsgBAqkCaeE5pYfSPD6oAwHIA8mEgIAEqgSNAk_QfIjTcKgGvZwDG-t98XO1HtLYQ0L3wSq...
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x83c532fe71534a470000000000000000%22,%222%22:%220x702ba302efff65590000000000000000%22,%223%22:%220x2fdfc7...

0
0

81ms
37ms

Fetch
text/css

142.251.42.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x83c532fe71534a470000000000000000%22,%222%22:%220x702ba302efff65590000000000000000%22,%223%22:%220x2fdfc7582c9dcb420000000000000000%22,%224%22:%220x55325353dc76853f0000000000000000%22,%225%22:%220xd07edf6eed20b39b0000000000000000%22},%22debug_key%22:%2218242129618817375792%22,%22debug_reporting%22:true,%22destination%22:%22https://unou-jikenn.co.jp%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22793713504%22],%224%22:[%2210-05%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%22298017703579691633%22}&andc=true

Requested by

Protocol

Server

142.251.42.130 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s45-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Thu, 05 Oct 2023 00:10:58 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"aggregation_keys":{"1":"0x83c532fe71534a470000000000000000","2":"0x702ba302efff65590000000000000000","3":"0x2fdfc7582c9dcb420000000000000000","4":"0x55325353dc76853f0000000000000000","5":"0xd07edf6eed20b39b0000000000000000"},"debug_key":"18242129618817375792","debug_reporting":true,"destination":"https://unou-jikenn.co.jp","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["793713504"],"4":["10-05"],"6":["true"]},"priority":"500","source_event_id":"298017703579691633"}
server: cafe
content-type: text/css; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Thu, 05 Oct 2023 00:10:58 GMT

Redirect headers

content-security-policy: script-src 'none'; object-src 'none'
date: Thu, 05 Oct 2023 00:10:57 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://www.googleadservices.com/pagead/ar-adview/?nrh={"aggregation_keys":{"1":"0x83c532fe71534a470000000000000000","2":"0x702ba302efff65590000000000000000","3":"0x2fdfc7582c9dcb420000000000000000","4":"0x55325353dc76853f0000000000000000","5":"0xd07edf6eed20b39b0000000000000000"},"debug_key":"18242129618817375792","debug_reporting":true,"destination":"https://unou-jikenn.co.jp","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["793713504"],"4":["10-05"],"6":["true"]},"priority":"500","source_event_id":"298017703579691633"}&andc=true
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 css2
fonts.googleapis.com/ Frame 4447 4 KB
1 KB 84ms
42ms Stylesheet
text/css 2404:6800:4004:827::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231003/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:827::200a , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 05 Oct 2023 00:10:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 04 Oct 2023 23:41:30 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 05 Oct 2023 00:10:57 GMT

GET
H2 200 feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 4447 205 B
501 B 3ms
2ms Image
image/png 2404:6800:4004:824::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231003/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:824::2003 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Fri, 29 Sep 2023 14:26:44 GMT
x-content-type-options: nosniff
age: 467053
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 205
x-xss-protection: 0
last-modified: Thu, 20 Jul 2023 22:48:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Sat, 28 Sep 2024 14:26:44 GMT

GET
H2 200 settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 4447 604 B
695 B 5ms
4ms Image
image/png 2404:6800:4004:824::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231003/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:824::2003 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Tue, 03 Oct 2023 20:36:21 GMT
x-content-type-options: nosniff
age: 99276
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 604
x-xss-protection: 0
last-modified: Thu, 20 Jul 2023 22:48:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Wed, 02 Oct 2024 20:36:21 GMT

GET
H2 200 fullscreen_api_adapter_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231003/r20110914/elements/html/ Frame 4447 15 KB
7 KB 4ms
3ms Script
text/javascript 2404:6800:4004:826::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231003/r20110914/elements/html/fullscreen_api_adapter_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231003/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:826::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

729bb9007929a8af5c6f300c99e7c5899043ed1734d39fd6f4e0361b94d1adbc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Wed, 04 Oct 2023 14:45:57 GMT
content-encoding: br
x-content-type-options: nosniff
age: 33900
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6551
x-xss-protection: 0
server: cafe
etag: 6101707970674548951
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 18 Oct 2023 14:45:57 GMT

GET
H2 200 interstitial_ad_frame_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231003/r20110914/elements/html/ Frame 4447 20 KB
8 KB 4ms
3ms Script
text/javascript 2404:6800:4004:826::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231003/r20110914/elements/html/interstitial_ad_frame_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231003/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:826::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7f8d937ac3c24cd9099dccaeb3e160dba15d6396b7f8ada3ca95f9ef24633aee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Wed, 04 Oct 2023 14:24:38 GMT
content-encoding: br
x-content-type-options: nosniff
age: 35179
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8566
x-xss-protection: 0
server: cafe
etag: 11420928434021954480
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 18 Oct 2023 14:24:38 GMT

GET
H2 200 /
c.adskeeper.com/pv/ 43 B
137 B 153ms
145ms Image
image/gif 2606:4700:4400::6812:2396
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.adskeeper.com/pv/?lu=https%3A%2F%2Fxosodaiphat.com%2Fxsmb-xo-so-mien-bac.html&cbuster=1696464657887700463896&pvid=18afd2c5ddfa1621878&implVersion=11&cxurl=https%3A%2F%2Fxosodaiphat.com%2Fxsmb-xo-so-mien-bac.html&site=802834&i=1&scum=%3F0&scuw=%3F0
Requested by: Host: xosodaiphat.com
URL: https://xosodaiphat.com/xsmb-xo-so-mien-bac.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:2396 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://xosodaiphat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Thu, 05 Oct 2023 00:10:58 GMT
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 811171cfdcb48a72-NRT
alt-svc: h3=":443"; ma=86400
content-length: 43
content-type: image/gif

POST
H2 204 ping
pagead2.googlesyndication.com/pagead/ 0
0 39ms
39ms Fetch
text/html 2404:6800:4004:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://pagead2.googlesyndication.com/pagead/ping?e=1
Requested by: Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-2201058077065954
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2404:6800:4004:808::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://xosodaiphat.com/
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

OPTIONS
H2 204 /
www.googleadservices.com/pagead/ar-adview/ Frame 0
0 85ms
39ms Preflight
text/html 142.251.42.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.42.130 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s45-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: https://googleads.g.doubleclick.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://googleads.g.doubleclick.net
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Thu, 05 Oct 2023 00:10:57 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/012309181453000/ Frame A04C 223 KB
62 KB 86ms
4ms Script
text/javascript 2404:6800:4004:818::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012309181453000/amp4ads-v0.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309280101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:818::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fd48a69933bfa6d5e51393b093d776d09a1e7bfb4b7c1e6d4aa00d75f0b3d2d1

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://xosodaiphat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Mon, 02 Oct 2023 17:11:32 GMT
age: 197966
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 62203
x-xss-protection: 0
server: sffe
etag: "59b685ca39a652ba"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 01 Oct 2024 17:11:32 GMT

GET
H2 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/012309181453000/v0/ Frame A04C 15 KB
5 KB 91ms
9ms Script
text/javascript 2404:6800:4004:818::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012309181453000/v0/amp-ad-exit-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309280101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:818::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f335a91239c4af1c0491727be910330d3231f01b7498352ddea85ebc5480007a

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://xosodaiphat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Mon, 02 Oct 2023 17:11:32 GMT
age: 197966
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5217
x-xss-protection: 0
server: sffe
etag: "38a16d64b8e81628"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 01 Oct 2024 17:11:32 GMT

GET
H2 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/012309181453000/v0/ Frame A04C 94 KB
28 KB 90ms
8ms Script
text/javascript 2404:6800:4004:818::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012309181453000/v0/amp-analytics-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309280101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:818::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3d23cbcfd35d90cfb139e6f05b6a7fbc22891e2936b6a706ef8147300d66aa08

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://xosodaiphat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Mon, 02 Oct 2023 17:11:32 GMT
age: 197966
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29033
x-xss-protection: 0
server: sffe
etag: "ac3d68f1a1bd2015"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 01 Oct 2024 17:11:32 GMT

GET
H2 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/012309181453000/v0/ Frame A04C 5 KB
2 KB 92ms
10ms Script
text/javascript 2404:6800:4004:818::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012309181453000/v0/amp-fit-text-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309280101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:818::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

309773fa6c23f46befd5880e169b6bc47fe53c4fd326ec1c84d7d53cde803bc9

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://xosodaiphat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Mon, 02 Oct 2023 17:11:32 GMT
age: 197966
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1919
x-xss-protection: 0
server: sffe
etag: "93680ba5e670b6a8"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 01 Oct 2024 17:11:32 GMT

GET
H2 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/012309181453000/v0/ Frame A04C 40 KB
13 KB 89ms
7ms Script
text/javascript 2404:6800:4004:818::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012309181453000/v0/amp-form-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309280101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:818::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f90a0bfda110d40a81d391edeccd1143806c608fd7c64786142c222709d55499

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://xosodaiphat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Mon, 02 Oct 2023 17:11:32 GMT
age: 197966
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12946
x-xss-protection: 0
server: sffe
etag: "6bacf375b2677883"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 01 Oct 2024 17:11:32 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame A04C 508 B
354 B 44ms
43ms Stylesheet
text/css 2404:6800:4004:827::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Noto%20Sans%20JP%3A400%2C700&text=%E3%82%BBeTL%E9%96%8B%EF%BC%88umSA%E3%83%BC%E3%83%AB%EF%BC%89%E5%82%AC%E4%B8%ADE

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309280101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:827::200a , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

54d2f32f41cf177b9e5b4ac11b84c6c2b72da2b2343e705b5209b1c5fdce3fc9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://xosodaiphat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 05 Oct 2023 00:10:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 05 Oct 2023 00:10:57 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 05 Oct 2023 00:10:57 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame A04C 4 KB
729 B 42ms
41ms Stylesheet
text/css 2404:6800:4004:827::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A300%2C400

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309280101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:827::200a , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

d95ffdcf010d6749281f6cd27c3a5f9c856d4b5590cee285f4b4fdbebce22b4c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://xosodaiphat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 05 Oct 2023 00:10:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 04 Oct 2023 23:45:57 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 05 Oct 2023 00:10:57 GMT

GET
H3 200 vi.png
tpc.googlesyndication.com/pagead/images/abg/ Frame A04C 3 KB
3 KB 6ms
6ms Image
image/png 2404:6800:4004:826::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/vi.png

Requested by

Host: xosodaiphat.com
URL: https://xosodaiphat.com/xsmb-xo-so-mien-bac.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:826::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b123d3cd853f7cd9c7d7c92b0ca99a37b4fa7e654fca65be5f1a15fd9253635e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://xosodaiphat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Wed, 04 Oct 2023 05:59:21 GMT
x-content-type-options: nosniff
server: cafe
age: 65496
etag: 10932518847931040692
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3099
x-xss-protection: 0
expires: Thu, 05 Oct 2023 05:59:21 GMT

GET
H3 200 icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame A04C 344 B
368 B 3ms
3ms Image
image/png 2404:6800:4004:826::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/icon.png

Requested by

Host: xosodaiphat.com
URL: https://xosodaiphat.com/xsmb-xo-so-mien-bac.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:826::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://xosodaiphat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Wed, 04 Oct 2023 07:37:54 GMT
x-content-type-options: nosniff
server: cafe
age: 59583
etag: 6766994032117382215
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 344
x-xss-protection: 0
expires: Thu, 05 Oct 2023 07:37:54 GMT

GET
H3 200 2076313506083323656
tpc.googlesyndication.com/simgad/14899783874339908851/ Frame A04C 51 KB
51 KB 3ms
2ms Image
image/jpeg 2404:6800:4004:826::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/14899783874339908851/2076313506083323656

Requested by

Host: xosodaiphat.com
URL: https://xosodaiphat.com/xsmb-xo-so-mien-bac.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:826::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e92e8250c7bcfc8147848a529673962da41a8c4413c112da70b4cce8f1513299

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://xosodaiphat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Wed, 04 Oct 2023 16:11:57 GMT
x-content-type-options: nosniff
age: 28740
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 52104
x-xss-protection: 0
last-modified: Sat, 05 Aug 2023 13:50:51 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 03 Oct 2024 16:11:57 GMT

GET
DATA 200
OK truncated
/ Frame A04C 219 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ce33f92c59494e54b697d9ebf7827b69a7ff689bdc1500c908dd2b43d518d920

Request headers

accept-language: jp-JP,jp;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame A04C 218 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5fd2075b7fe0a994ec6cc9a0ea1913a26d50df490f563dc1d0a77dba554672b2

Request headers

accept-language: jp-JP,jp;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 FvrbBlV_jFWbJeQ31HKG04hrbzYZAPR58b-SgZjo0Pc.js Show response
pagead2.googlesyndication.com/bg/ Frame 7557 37 KB
14 KB 3ms
3ms Script
text/javascript 2404:6800:4004:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/FvrbBlV_jFWbJeQ31HKG04hrbzYZAPR58b-SgZjo0Pc.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:808::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

16fadb06557f8c559b25e437d47286d3886b6f361900f479f1bf928198e8d0f7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Tue, 03 Oct 2023 05:32:35 GMT
content-encoding: br
x-content-type-options: nosniff
age: 153502
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14696
x-xss-protection: 0
last-modified: Mon, 02 Oct 2023 14:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 02 Oct 2024 05:32:35 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 9E87 770 B
391 B 47ms
46ms Stylesheet
text/css 2404:6800:4004:827::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Noto%20Sans%20JP%3A400%2C500&text=%E8%82%9D%E3%81%88%E3%83%8D%E3%81%84%E3%83%92%E7%94%9F%E3%81%A8%E7%89%A9%E9%9F%BF%E3%81%9F%E3%83%BC%E8%89%AF%E3%82%92%E3%81%8C%E3%81%BE%E8%80%85%E3%81%93%E8%87%93%E3%82%A8%E6%98%8E%E3%81%99%E3%81%AB%E3%82%8B%E5%BD%B1%E3%81%97%E8%A8%BC%E3%83%AB%E3%81%AF%E3%82%AE%E5%AD%A6%E3%82%B3%E4%B8%8E

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231003/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:827::200a , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

8538a72b84463747021ed0d5255c72ca5335e22d7b0fbbf14d0a2cecc5a97f6a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 05 Oct 2023 00:10:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 05 Oct 2023 00:10:58 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 05 Oct 2023 00:10:58 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 9E87 7 KB
1 KB 47ms
47ms Stylesheet
text/css 2404:6800:4004:827::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231003/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:827::200a , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

98ea92621a1e03efc11987fba7aff5dae88cd39ffa85960a627b7c8c7b002e8e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 05 Oct 2023 00:10:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 04 Oct 2023 23:44:33 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 05 Oct 2023 00:10:58 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231003/r20110914/client/ Frame 9E87 2 KB
892 B 3ms
3ms Script
text/javascript 2404:6800:4004:826::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231003/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231003/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:826::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Wed, 04 Oct 2023 13:57:08 GMT
content-encoding: br
x-content-type-options: nosniff
age: 36830
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 865
x-xss-protection: 0
server: cafe
etag: 5051423035144352294
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 18 Oct 2023 13:57:08 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231003/r20110914/ Frame 9E87 23 KB
9 KB 2ms
2ms Script
text/javascript 2404:6800:4004:826::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231003/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231003/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:826::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e0309fd597700b89310de557575438fb73dbee569cf734340057c0884ce91c20

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Wed, 04 Oct 2023 13:56:49 GMT
content-encoding: br
x-content-type-options: nosniff
age: 36849
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9151
x-xss-protection: 0
server: cafe
etag: 7930219084593097114
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 18 Oct 2023 13:56:49 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 832B 143 B
166 B 3ms
2ms Document
text/html 2404:6800:4004:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231003/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:827::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20231003/r20110914/zrt_lookup.html?fsb=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

age: 855
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 04 Oct 2023 23:56:43 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231003/r20110914/client/ Frame 9E87 3 KB
1 KB 2ms
2ms Script
text/javascript 2404:6800:4004:826::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231003/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231003/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:826::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Wed, 04 Oct 2023 13:56:49 GMT
content-encoding: br
x-content-type-options: nosniff
age: 36849
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 18 Oct 2023 13:56:49 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231003/r20110914/client/ Frame 9E87 20 KB
8 KB 3ms
2ms Script
text/javascript 2404:6800:4004:826::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231003/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231003/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:826::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

50a61db1134643f3360d0e1ff16c4e48fdf700090052d0fcf9301e95884ae9d9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Wed, 04 Oct 2023 13:55:52 GMT
content-encoding: br
x-content-type-options: nosniff
age: 36906
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8339
x-xss-protection: 0
server: cafe
etag: 16954770952846736976
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 18 Oct 2023 13:55:52 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 9E87 187 KB
59 KB 47ms
45ms Script
text/javascript 2404:6800:4004:825::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231003/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:825::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

89403ef16933d6911ecc68da312e1934f696994b35d4824928649954a5980bec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Thu, 05 Oct 2023 00:10:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 60043
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1696419354076528"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 05 Oct 2023 00:10:58 GMT

GET
H3 200 fda82c26911938d9c7ca79f9220f8b0c.js Show response
www.gstatic.com/mysidia/ Frame 9E87 36 KB
15 KB 4ms
2ms Script
text/javascript 2404:6800:4004:824::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/fda82c26911938d9c7ca79f9220f8b0c.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231003/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:824::2003 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8f1843ba4bdea64726280f2365f8ad8a47e70ee54327f98273daf7fac5120074

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Mon, 02 Oct 2023 22:09:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 180103
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15328
x-xss-protection: 0
last-modified: Thu, 28 Sep 2023 21:33:43 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Sun, 31 Dec 2023 22:09:15 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 93E7 836 B
414 B 46ms
46ms Stylesheet
text/css 2404:6800:4004:827::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Noto%20Sans%20JP%3A400%2C500&text=%E6%96%99%E6%96%87%E3%82%B0%E3%82%B9T%E3%82%BB%E3%81%AA%E3%81%8F%E3%83%B3%E3%81%8A%E3%80%82%E3%81%A7%E3%83%A3%E4%BB%8A%E3%82%92%E5%85%A5u%E3%83%BC%E3%81%AE%E3%81%9C%E3%81%B2%E9%80%81%E6%B3%A8%E3%83%81%E3%83%93%E9%80%83%E5%9B%9E%E3%81%97%E5%BE%97e%E3%83%83%E5%88%9D%E3%81%99%E3%81%90%E8%B3%BC%E7%84%A1m%E3%81%AF%E3%83%AB%E3%81%94%E8%A6%8B

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-2201058077065954&output=html&h=90&slotname=8940750168&adk=852557258&adf=4171771922&pi=t.ma~as.8940750168&w=728&lmt=1696432254&format=728x90&url=https%3A%2F%2Fxosodaiphat.com%2Fxsmb-xo-so-mien-bac.html&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696464656971&bpp=1&bdt=159&idt=327&shv=r20231003&mjsv=m202309291101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=4714102405594&frm=20&pv=1&ga_vid=956390922.1696464657&ga_sid=1696464657&ga_hid=386890422&ga_fc=1&u_tz=540&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=642&ady=10&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C42532403%2C44798934%2C31078301&oid=2&pvsid=3411337703873086&tmod=863633795&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=qVZLEZEM00&p=https%3A//xosodaiphat.com&dtd=331

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:827::200a , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

82507e80f1541996523bb59fa626915c221bf9fca64171903eda6c87dd9138b8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 05 Oct 2023 00:10:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 05 Oct 2023 00:10:58 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 05 Oct 2023 00:10:58 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 93E7 7 KB
1 KB 40ms
39ms Stylesheet
text/css 2404:6800:4004:827::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:827::200a , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

98ea92621a1e03efc11987fba7aff5dae88cd39ffa85960a627b7c8c7b002e8e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 05 Oct 2023 00:10:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 04 Oct 2023 23:40:17 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 05 Oct 2023 00:10:58 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231003/r20110914/client/ Frame 93E7 2 KB
892 B 2ms
2ms Script
text/javascript 2404:6800:4004:826::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231003/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:826::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Wed, 04 Oct 2023 13:57:08 GMT
content-encoding: br
x-content-type-options: nosniff
age: 36830
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 865
x-xss-protection: 0
server: cafe
etag: 5051423035144352294
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 18 Oct 2023 13:57:08 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231003/r20110914/ Frame 93E7 23 KB
9 KB 3ms
2ms Script
text/javascript 2404:6800:4004:826::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231003/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:826::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e0309fd597700b89310de557575438fb73dbee569cf734340057c0884ce91c20

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Wed, 04 Oct 2023 13:56:49 GMT
content-encoding: br
x-content-type-options: nosniff
age: 36849
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9151
x-xss-protection: 0
server: cafe
etag: 7930219084593097114
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 18 Oct 2023 13:56:49 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231003/r20110914/client/ Frame 93E7 3 KB
1 KB 4ms
3ms Script
text/javascript 2404:6800:4004:826::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231003/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:826::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Wed, 04 Oct 2023 13:56:49 GMT
content-encoding: br
x-content-type-options: nosniff
age: 36849
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 18 Oct 2023 13:56:49 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231003/r20110914/client/ Frame 93E7 20 KB
8 KB 2ms
2ms Script
text/javascript 2404:6800:4004:826::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231003/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:826::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

50a61db1134643f3360d0e1ff16c4e48fdf700090052d0fcf9301e95884ae9d9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Wed, 04 Oct 2023 13:55:52 GMT
content-encoding: br
x-content-type-options: nosniff
age: 36906
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8339
x-xss-protection: 0
server: cafe
etag: 16954770952846736976
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 18 Oct 2023 13:55:52 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 93E7 187 KB
59 KB 46ms
46ms Script
text/javascript 2404:6800:4004:825::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:825::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

89403ef16933d6911ecc68da312e1934f696994b35d4824928649954a5980bec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Thu, 05 Oct 2023 00:10:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 60043
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1696419354076528"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 05 Oct 2023 00:10:58 GMT

GET
H3 200 fda82c26911938d9c7ca79f9220f8b0c.js Show response
www.gstatic.com/mysidia/ Frame 93E7 36 KB
15 KB 4ms
4ms Script
text/javascript 2404:6800:4004:824::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/fda82c26911938d9c7ca79f9220f8b0c.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:824::2003 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8f1843ba4bdea64726280f2365f8ad8a47e70ee54327f98273daf7fac5120074

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Mon, 02 Oct 2023 22:09:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 180103
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15328
x-xss-protection: 0
last-modified: Thu, 28 Sep 2023 21:33:43 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Sun, 31 Dec 2023 22:09:15 GMT

GET
H2 200 font
fonts.gstatic.com/l/ Frame A04C 5 KB
5 KB 46ms
3ms Font
text/html 2404:6800:4004:826::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/l/font?kit=-F62fjtqLzI2JPCgQBnw7HFowxoqkxIp1L5weayDTSARVR_cO3xz2RODxwukttf_4OShQfI&skey=72472b0eb8793570&v=v52

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Noto%20Sans%20JP%3A400%2C700&text=%E3%82%BBeTL%E9%96%8B%EF%BC%88umSA%E3%83%BC%E3%83%AB%EF%BC%89%E5%82%AC%E4%B8%ADE

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:826::2003 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

6f6765cd1da0d1610a04e470ab5e1439d3e00956adbe6fa78ce101602159acbd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://xosodaiphat.com
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Wed, 04 Oct 2023 08:49:49 GMT
x-content-type-options: nosniff
age: 55269
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="font.woff2"; filename*=UTF-8''font.woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4932
x-xss-protection: 0
last-modified: Tue, 02 May 2023 23:59:44 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400
timing-allow-origin: *
expires: Wed, 04 Oct 2023 08:49:49 GMT

GET
H2 200 KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame A04C 15 KB
16 KB 44ms
2ms Font
font/woff2 2404:6800:4004:826::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:826::2003 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://xosodaiphat.com
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Fri, 29 Sep 2023 04:55:40 GMT
x-content-type-options: nosniff
age: 501318
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15740
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 28 Sep 2024 04:55:40 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 2A7E 143 B
166 B 3ms
2ms Document
text/html 2404:6800:4004:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:827::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-2201058077065954&output=html&h=90&slotname=8940750168&adk=852557258&adf=4171771922&pi=t.ma~as.8940750168&w=728&lmt=1696432254&format=728x90&url=https%3A%2F%2Fxosodaiphat.com%2Fxsmb-xo-so-mien-bac.html&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696464656971&bpp=1&bdt=159&idt=327&shv=r20231003&mjsv=m202309291101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=4714102405594&frm=20&pv=1&ga_vid=956390922.1696464657&ga_sid=1696464657&ga_hid=386890422&ga_fc=1&u_tz=540&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=642&ady=10&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C42532403%2C44798934%2C31078301&oid=2&pvsid=3411337703873086&tmod=863633795&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=qVZLEZEM00&p=https%3A//xosodaiphat.com&dtd=331
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

age: 855
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 04 Oct 2023 23:56:43 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 93E7 161 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 29e4c24a2fa1b6c2218b217e252a8d838cb65819a3b959a73c1a3565067ec0d9

Request headers

accept-language: jp-JP,jp;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 832B
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

40ms
39ms

Document
text/html

2404:6800:4004:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231003/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:827::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 05 Oct 2023 00:10:58 GMT
expires: Thu, 05 Oct 2023 00:10:58 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 05 Oct 2023 00:10:58 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 93E7 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b7a0f7c8fe628de8e2ee647271c0ba6cd90dfc8205f22cf351a0335ec18ff66b

Request headers

accept-language: jp-JP,jp;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 vi.png
tpc.googlesyndication.com/pagead/images/abg/ Frame A04C 3 KB
3 KB 2ms
2ms Image
image/png 2404:6800:4004:826::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/vi.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012309181453000/amp4ads-v0.mjs

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:826::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b123d3cd853f7cd9c7d7c92b0ca99a37b4fa7e654fca65be5f1a15fd9253635e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://xosodaiphat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Wed, 04 Oct 2023 05:59:21 GMT
x-content-type-options: nosniff
server: cafe
age: 65497
etag: 10932518847931040692
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3099
x-xss-protection: 0
expires: Thu, 05 Oct 2023 05:59:21 GMT

GET
H3 200 icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame A04C 344 B
368 B 2ms
2ms Image
image/png 2404:6800:4004:826::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/icon.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012309181453000/amp4ads-v0.mjs

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:826::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://xosodaiphat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Wed, 04 Oct 2023 07:37:54 GMT
x-content-type-options: nosniff
server: cafe
age: 59584
etag: 6766994032117382215
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 344
x-xss-protection: 0
expires: Thu, 05 Oct 2023 07:37:54 GMT

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 2A7E
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

93ms
92ms

Document
text/html

2404:6800:4004:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:827::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 05 Oct 2023 00:10:58 GMT
expires: Thu, 05 Oct 2023 00:10:58 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 05 Oct 2023 00:10:58 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
BLOB 206
Partial Content 1a1d617b-259b-40e2-9a53-1b8f82d181f8
https://xosodaiphat.com/ 1 KB
0 Media
video/mp4

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://xosodaiphat.com/1a1d617b-259b-40e2-9a53-1b8f82d181f8
Requested by: Host: xosodaiphat.com
URL: https://xosodaiphat.com/xsmb-xo-so-mien-bac.html
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 60ddc774c7b5fd0c01d169321a444da403d60c0042f6bee01b0c96f6e1535fda

Request headers

Referer
Accept-Encoding: identity;q=1, *;q=0
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
Range: bytes=0-

Response headers

Content-Range: bytes 0-1492/1493
Content-Length: 1493
Content-Type: video/mp4

GET
H2 200 font
fonts.gstatic.com/l/ Frame 93E7 25 KB
25 KB 3ms
2ms Font
text/html 2404:6800:4004:826::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/l/font?kit=-F62fjtqLzI2JPCgQBnw7HFowxqQ0wMA6p_2lFuDThERVzvcOVB04C2FxDOuocvz3fStfOLDRluPjiSFP8GIi3-L1DQgz-FLL1NROh4km5Bx_ffAbsBAv8kYw0Cs0zUEwKcex1Stg6dpntdk-sEJYkQzMaAfpbou58-RPg1AnSkgb38HgoNinfQsC7ysppMLc8L-QqZ2r-cKoxcMDTlDFHH7ri4rur8rv9GD9AHt5Ow&skey=72472b0eb8793570&v=v52

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Noto%20Sans%20JP%3A400%2C500&text=%E6%96%99%E6%96%87%E3%82%B0%E3%82%B9T%E3%82%BB%E3%81%AA%E3%81%8F%E3%83%B3%E3%81%8A%E3%80%82%E3%81%A7%E3%83%A3%E4%BB%8A%E3%82%92%E5%85%A5u%E3%83%BC%E3%81%AE%E3%81%9C%E3%81%B2%E9%80%81%E6%B3%A8%E3%83%81%E3%83%93%E9%80%83%E5%9B%9E%E3%81%97%E5%BE%97e%E3%83%83%E5%88%9D%E3%81%99%E3%81%90%E8%B3%BC%E7%84%A1m%E3%81%AF%E3%83%AB%E3%81%94%E8%A6%8B

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:826::2003 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

96afe494e4876cd3b115878760a73dda4ffa414f841892c2b29647314e9328ff

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Wed, 04 Oct 2023 17:47:52 GMT
x-content-type-options: nosniff
age: 22986
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="font.woff2"; filename*=UTF-8''font.woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 25688
x-xss-protection: 0
last-modified: Tue, 02 May 2023 23:59:44 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400
timing-allow-origin: *
expires: Wed, 04 Oct 2023 17:47:52 GMT

GET
H2 200 4Ua_rENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RFD48TE63OOYKtrwEIJllpyk.woff2
fonts.gstatic.com/s/googlesans/v58/ Frame 93E7 21 KB
21 KB 2ms
2ms Font
font/woff2 2404:6800:4004:826::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v58/4Ua_rENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RFD48TE63OOYKtrwEIJllpyk.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:826::2003 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3fd13aa5309882955edefa1157aab289e1542b6cac5b258f7a486ef88ed1d876

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Fri, 29 Sep 2023 10:17:30 GMT
x-content-type-options: nosniff
age: 482008
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 21360
x-xss-protection: 0
last-modified: Tue, 23 May 2023 16:35:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 28 Sep 2024 10:17:30 GMT

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame A04C 0
0 56ms
55ms Image
text/html 2404:6800:4004:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CFdaqEf8dZbftEZi77OsPktyc2AW_4JKcc5PZrIP2EfrntLX5ARABIP2ds5UBYInzxYT0E6ABocCY8SjIAQngAgCoAwHIAwqqBL4CT9DwT-QsfgUYr7rVq0Ti0dD-Kt0Ko-8fscceQeI1-o0s-k_JzTj-eaf3rMhL-As5DLeszifd5RBTa4BqQ-9xggaBzJVv_zDh0hOSCB_OO8RId96joeRzPDU26R-JMgIu_a3KjLdhVCAYrg2EAMmkMR5gB-gIhtGJ9mgBouF4zfq2JeYOZgaSsR1w2UugBwIWfz45Su7X94kkargFxCrBCu648AXc2Z0_2Wvz0w0ArZPYhZq7xyGjI7zZUnOvydPI2wZ_s9H1nGgowG4_QAp2PCbEqlFBLON6rI0xXwo4TZItUzXpBhvFiZXGX29gmfVMAmQEkKlP-2-qTSBM48xQ6SSqhpR06VtjGDfkYa1LZ09JwI8OmTOhhiT_1SQzf05KY9eTzZyEHgsNgvkpLnTnJFPNJq3WslaydLYQwYsawAT736_wuATgBAGIBbSr2bNMkgUECAQYAZIFBAgFGASgBi6AB-y6l9gEqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwDyBwQQ1fEL0ggUCIBhEAEYHTICigI6AoBASL39wTqaCYICaHR0cHM6Ly93d3cudGVtdS5jb20vanAva3VpcGVyL3VuMS5odG1sP3N1Ymo9ZmVlZC11biZfYmdfZnM9MSZfcF9tYXQxX3R5cGU9MSZfcF9qdW1wX2lkPTcyNSZfeF92c3Rfc2NlbmU9YWRnJmxvY2FsZV9vdmVycmlkZT0xMDB-amF-SlBZJmdvb2RzX2lkPTYwMTA5OTUxNTc3MDk1NSZfcF9yZnM9MSZfeF9hZHNfc3ViX2NoYW5uZWw9b3RoZXImX3hfYWRzX2NoYW5uZWw9Z29vZ2xlJl94X2JnX2FkaWQ9Z2QxMTgxNDQxLTImdG9waWNfY2xhc3NpZnk9MTA5gAoDyAsB2gwRCgsQ0MDWop3M0cecARICAQPiDRMItcKVqs_dgQMVmB17Bx0SLgdbuBPkA9gTC9AVAYAXAbIXHgocCAASFHB1Yi03MDc4NDAwMjQ1Mzk0NDYwGOLvIA&sigh=2fII26ruxys&uach_m=[]&ase=2&nis=5&cid=CAQSSwDICaaNXGxe8LkDi4eqILRSNLFdcpl58s4atU-rNGP-Q-dtF1pjU3TYnXjq6XF67qGEqN_r9ubga1xo6BQDh3c-EVjWgwJ-nyPMyhgB&template_id=484&cbvp=2
Requested by: Host: xosodaiphat.com
URL: https://xosodaiphat.com/xsmb-xo-so-mien-bac.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2404:6800:4004:80b::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://xosodaiphat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

GET
H3 200 FvrbBlV_jFWbJeQ31HKG04hrbzYZAPR58b-SgZjo0Pc.js Show response
pagead2.googlesyndication.com/bg/ Frame 863E 37 KB
14 KB 3ms
2ms Script
text/javascript 2404:6800:4004:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/FvrbBlV_jFWbJeQ31HKG04hrbzYZAPR58b-SgZjo0Pc.js

Requested by

Host: xosodaiphat.com
URL: https://xosodaiphat.com/xsmb-xo-so-mien-bac.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:808::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

16fadb06557f8c559b25e437d47286d3886b6f361900f479f1bf928198e8d0f7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Tue, 03 Oct 2023 05:32:35 GMT
content-encoding: br
x-content-type-options: nosniff
age: 153503
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14696
x-xss-protection: 0
last-modified: Mon, 02 Oct 2023 14:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 02 Oct 2024 05:32:35 GMT

GET
H2 200 1 Show response
servicer.adskeeper.com/1423705/ 2 KB
1 KB 124ms
113ms Script
application/x-javascript 2606:4700:4400::6812:2396
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://servicer.adskeeper.com/1423705/1?tcfV2=1&mp4=1&ap=1&w=555&h=225&sz=270x203&szp=1,2&szl=1,2&cols=2&sessionId=651dff12-0b837&sessionPage=1&sessionNumberWeek=1&sessionNumber=1&lu=https%3A%2F%2Fxosodaiphat.com%2Fxsmb-xo-so-mien-bac.html&cbuster=1696464658412751071560&pvid=18afd2c5ddfa1621878&implVersion=11&cxurl=https%3A%2F%2Fxosodaiphat.com%2Fxsmb-xo-so-mien-bac.html&scum=%3F0&scuw=%3F0&uniqId=0a7a1&niet=4g&nisd=false&pv=5&lct=1696204800&jsv=es6&pageView=1&dpr=1&ref=&tfre=1601
Requested by: Host: jsc.adskeeper.com
URL: https://jsc.adskeeper.com/x/o/xosothienphu.com.1423705.es6.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:2396 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7c99248572fb027d3c5047cc6787e8ef84d41a7760e865eddb697b8f7799f463

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://xosodaiphat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Thu, 05 Oct 2023 00:10:58 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-allow-credentials: true
cf-ray: 811171d32f838a72-NRT
alt-svc: h3=":443"; ma=86400

GET
H3

200

/
www.googleadservices.com/pagead/ar-adview/ Frame 93E7
Redirect Chain

https://googleads.g.doubleclick.net/pagead/adview?ai=Cqt0rEf8dZcy-FLWSid4PnMuL2AyewaWpc_zAxM_FEeOf8ZCCAhABILj-zn1gifPFhPQToAGhwJjxKMgBAakCyMnmBodfgj6oAwHIA8sEqgSPAk_Q5BfHSGUTwYQcH45KYSPaentkPgtqtkR...
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220xa686eebbebb161300000000000000000%22,%222%22:%220xb2fe92983f9657340000000000000000%22,%223%22:%220x89d062...

0
0

43ms
42ms

Fetch
text/css

142.251.42.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220xa686eebbebb161300000000000000000%22,%222%22:%220xb2fe92983f9657340000000000000000%22,%223%22:%220x89d062659e519adc0000000000000000%22,%224%22:%220x75c84cf0983d8d250000000000000000%22,%225%22:%220x2dbb436288369c7d0000000000000000%22},%22debug_key%22:%2213644703883333107108%22,%22debug_reporting%22:true,%22destination%22:%22https://temu.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%2210974797857%22],%224%22:[%2210-05%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%224589178308891973521%22}&andc=true

Requested by

Host: xosodaiphat.com
URL: https://xosodaiphat.com/xsmb-xo-so-mien-bac.html

Protocol

Server

142.251.42.130 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s45-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Thu, 05 Oct 2023 00:10:58 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"aggregation_keys":{"1":"0xa686eebbebb161300000000000000000","2":"0xb2fe92983f9657340000000000000000","3":"0x89d062659e519adc0000000000000000","4":"0x75c84cf0983d8d250000000000000000","5":"0x2dbb436288369c7d0000000000000000"},"debug_key":"13644703883333107108","debug_reporting":true,"destination":"https://temu.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["10974797857"],"4":["10-05"],"6":["true"]},"priority":"500","source_event_id":"4589178308891973521"}
server: cafe
content-type: text/css; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Thu, 05 Oct 2023 00:10:58 GMT

Redirect headers

content-security-policy: script-src 'none'; object-src 'none'
date: Thu, 05 Oct 2023 00:10:58 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://www.googleadservices.com/pagead/ar-adview/?nrh={"aggregation_keys":{"1":"0xa686eebbebb161300000000000000000","2":"0xb2fe92983f9657340000000000000000","3":"0x89d062659e519adc0000000000000000","4":"0x75c84cf0983d8d250000000000000000","5":"0x2dbb436288369c7d0000000000000000"},"debug_key":"13644703883333107108","debug_reporting":true,"destination":"https://temu.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["10974797857"],"4":["10-05"],"6":["true"]},"priority":"500","source_event_id":"4589178308891973521"}&andc=true
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 FvrbBlV_jFWbJeQ31HKG04hrbzYZAPR58b-SgZjo0Pc.js Show response
pagead2.googlesyndication.com/bg/ Frame D937 37 KB
14 KB 3ms
2ms Script
text/javascript 2404:6800:4004:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/FvrbBlV_jFWbJeQ31HKG04hrbzYZAPR58b-SgZjo0Pc.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:808::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

16fadb06557f8c559b25e437d47286d3886b6f361900f479f1bf928198e8d0f7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Tue, 03 Oct 2023 05:32:35 GMT
content-encoding: br
x-content-type-options: nosniff
age: 153503
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14696
x-xss-protection: 0
last-modified: Mon, 02 Oct 2023 14:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 02 Oct 2024 05:32:35 GMT

GET
H3 200 px.gif
fundingchoicesmessages.google.com/img/ 43 B
68 B 61ms
61ms Image
image/gif 2404:6800:4004:822::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://fundingchoicesmessages.google.com/img/px.gif?ch=1&rn=5.255149530857118

Requested by

Host: xosodaiphat.com
URL: https://xosodaiphat.com/xsmb-xo-so-mien-bac.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:822::200e , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-6POWwbCfA9W9n5hYjx4qWg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingDetectionHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingDetectionHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingDetectionHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://xosodaiphat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Thu, 05 Oct 2023 00:10:58 GMT
content-security-policy: script-src 'report-sample' 'nonce-6POWwbCfA9W9n5hYjx4qWg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingDetectionHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingDetectionHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingDetectionHttp/cspreport
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: image/gif
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 px.gif
fundingchoicesmessages.google.com/img/ 43 B
68 B 93ms
92ms Image
image/gif 2404:6800:4004:822::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://fundingchoicesmessages.google.com/img/px.gif?ch=2&rn=9.145424503332382

Requested by

Host: xosodaiphat.com
URL: https://xosodaiphat.com/xsmb-xo-so-mien-bac.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:822::200e , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-RLVpWXWMDR84gtXiztencA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingDetectionHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingDetectionHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingDetectionHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://xosodaiphat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Thu, 05 Oct 2023 00:10:58 GMT
content-security-policy: script-src 'report-sample' 'nonce-RLVpWXWMDR84gtXiztencA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingDetectionHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingDetectionHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingDetectionHttp/cspreport
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: image/gif
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Mon, 01 Jan 1990 00:00:00 GMT

OPTIONS
H2 204 /
www.googleadservices.com/pagead/ar-adview/ Frame 0
0 40ms
40ms Preflight
text/html 142.251.42.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.42.130 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s45-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: https://googleads.g.doubleclick.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://googleads.g.doubleclick.net
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Thu, 05 Oct 2023 00:10:58 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 css
fonts.googleapis.com/ Frame F8A5 1 KB
467 B 45ms
45ms Stylesheet
text/css 2404:6800:4004:827::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Noto%20Sans%20JP%3A300%2C400%2C700&text=%E3%81%A4%E5%BE%97%E3%83%9F%E5%88%A5%E3%83%89%E3%82%AD%E3%82%89%E3%83%BC%E5%A3%B2%E3%83%A3u%E3%82%BFC%E6%9C%AC%E6%B0%B41%E4%BB%8A%E3%82%A2%E7%B4%A0%E3%83%A7b%E4%BE%A1%E3%83%8E%E3%82%BC0%E3%81%AA%E3%83%96%E5%B0%8F%E3%81%8D%E6%A0%BC%E3%82%B9%E5%A5%BD%E3%82%A4%E3%81%A7%E3%83%AC%E3%83%9A%E3%83%88%E5%90%B8%E7%89%B9%E3%80%82e%E3%81%8A%E5%85%A5%E3%83%B3%E3%82%BA%E3%81%AB%E3%83%81%E3%82%AF%E7%99%BA%E3%83%A5%EF%BC%81%E5%99%A8%E3%83%97%E8%A9%95%20%E4%B8%AD%E5%9E%8B

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-2201058077065954&output=html&h=280&adk=2944179606&adf=4155368047&pi=t.aa~a.1392966683~rp.4&w=553&fwrn=4&fwrnh=100&lmt=1696432254&rafmt=1&to=qs&pwprc=1907037601&format=553x280&url=https%3A%2F%2Fxosodaiphat.com%2Fxsmb-xo-so-mien-bac.html&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696464657731&bpp=1&bdt=919&idt=1&shv=r20231003&mjsv=m202309291101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D6d4fa6c9c8a2e322%3AT%3D1696464657%3ART%3D1696464657%3AS%3DALNI_MZJT1uXzQ56DmJQxZ-1Mdjnr1BYzA&gpic=UID%3D00000c582546628f%3AT%3D1696464657%3ART%3D1696464657%3AS%3DALNI_MY9a-WJmFJPpgy1ShDRMFB1XHDBHg&prev_fmts=0x0%2C728x90%2C300x600%2C300x600%2C253x600&nras=3&correlator=4714102405594&frm=20&pv=1&ga_vid=956390922.1696464657&ga_sid=1696464657&ga_hid=386890422&ga_fc=1&u_tz=540&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=231&ady=2580&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C42532403%2C44798934%2C31078301&oid=2&pvsid=3411337703873086&tmod=863633795&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=7&uci=a!7&btvi=3&fsb=1&xpc=7lovSrQDlp&p=https%3A//xosodaiphat.com&dtd=19

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:827::200a , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a5b5a41cfd6961ecb186eff63e06f22fa0ec7dc7766b8f8775e69475fbf2428d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 05 Oct 2023 00:10:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 05 Oct 2023 00:10:58 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 05 Oct 2023 00:10:58 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231003/r20110914/client/ Frame F8A5 2 KB
892 B 2ms
2ms Script
text/javascript 2404:6800:4004:826::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231003/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:826::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Wed, 04 Oct 2023 13:57:08 GMT
content-encoding: br
x-content-type-options: nosniff
age: 36830
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 865
x-xss-protection: 0
server: cafe
etag: 5051423035144352294
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 18 Oct 2023 13:57:08 GMT

GET
H3 200 14763004658117789537
tpc.googlesyndication.com/simgad/8819553350297933535/ Frame F8A5 19 KB
19 KB 3ms
2ms Image
image/jpeg 2404:6800:4004:826::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/8819553350297933535/14763004658117789537?w=400&h=209

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:826::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5afe80d3e0f9d951ed01cc6206786f2c28b8986c98c70fc1e039a751ea77e5c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Tue, 03 Oct 2023 23:28:10 GMT
x-content-type-options: nosniff
age: 88968
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19607
x-xss-protection: 0
last-modified: Mon, 27 Jun 2022 10:19:33 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 02 Oct 2024 23:28:10 GMT

GET
DATA 200
OK truncated
/ Frame F8A5 206 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 76ebd2a7078570fa9f6a50855b4ade57c6b558cca7c95801b2b247406b274975

Request headers

accept-language: jp-JP,jp;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231003/r20110914/ Frame F8A5 23 KB
9 KB 2ms
2ms Script
text/javascript 2404:6800:4004:826::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231003/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:826::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e0309fd597700b89310de557575438fb73dbee569cf734340057c0884ce91c20

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Wed, 04 Oct 2023 13:56:49 GMT
content-encoding: br
x-content-type-options: nosniff
age: 36849
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9151
x-xss-protection: 0
server: cafe
etag: 7930219084593097114
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 18 Oct 2023 13:56:49 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231003/r20110914/client/ Frame F8A5 3 KB
1 KB 3ms
3ms Script
text/javascript 2404:6800:4004:826::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231003/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:826::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Wed, 04 Oct 2023 13:56:49 GMT
content-encoding: br
x-content-type-options: nosniff
age: 36849
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 18 Oct 2023 13:56:49 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 181E 1 KB
643 B 3ms
3ms Document
text/html 2404:6800:4004:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:808::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

age: 56581
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 04 Oct 2023 08:27:57 GMT
etag: 48472445140208031
expires: Thu, 05 Oct 2023 08:27:57 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231003/r20110914/client/ Frame F8A5 20 KB
8 KB 3ms
3ms Script
text/javascript 2404:6800:4004:826::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231003/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:826::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

50a61db1134643f3360d0e1ff16c4e48fdf700090052d0fcf9301e95884ae9d9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Wed, 04 Oct 2023 13:55:52 GMT
content-encoding: br
x-content-type-options: nosniff
age: 36906
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8339
x-xss-protection: 0
server: cafe
etag: 16954770952846736976
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 18 Oct 2023 13:55:52 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame F8A5 187 KB
59 KB 64ms
62ms Script
text/javascript 2404:6800:4004:825::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:825::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

89403ef16933d6911ecc68da312e1934f696994b35d4824928649954a5980bec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Thu, 05 Oct 2023 00:10:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 60043
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1696419354076528"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 05 Oct 2023 00:10:58 GMT

GET
H3 200 fda82c26911938d9c7ca79f9220f8b0c.js Show response
www.gstatic.com/mysidia/ Frame F8A5 36 KB
15 KB 4ms
3ms Script
text/javascript 2404:6800:4004:824::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/fda82c26911938d9c7ca79f9220f8b0c.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:824::2003 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8f1843ba4bdea64726280f2365f8ad8a47e70ee54327f98273daf7fac5120074

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Mon, 02 Oct 2023 22:09:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 180103
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15328
x-xss-protection: 0
last-modified: Thu, 28 Sep 2023 21:33:43 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Sun, 31 Dec 2023 22:09:15 GMT

POST
H3 204 AGSKWxW2hgDAomhcJSxsLaJ6QzGlLBuHYPV_hQyHYdxrT7HikqbcY9PMcrXuz37_aR6fNYG0ICvBWssCltTBHVtLVX5wWYLXmUZDsArSo1ya-4gog0W9D8dOugHkCphEJBYo1eBQZLBvug== Show response
fundingchoicesmessages.google.com/el/ 0
28 B 85ms
49ms XHR
text/html 2404:6800:4004:822::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxW2hgDAomhcJSxsLaJ6QzGlLBuHYPV_hQyHYdxrT7HikqbcY9PMcrXuz37_aR6fNYG0ICvBWssCltTBHVtLVX5wWYLXmUZDsArSo1ya-4gog0W9D8dOugHkCphEJBYo1eBQZLBvug==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:822::200e , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-BzZHIyVyjSuTA0iUctHp_g' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://xosodaiphat.com/
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 05 Oct 2023 00:10:58 GMT
content-security-policy: script-src 'report-sample' 'nonce-BzZHIyVyjSuTA0iUctHp_g' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
access-control-max-age: 86400
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type: text/html; charset=utf-8
access-control-allow-origin: https://xosodaiphat.com
access-control-allow-methods: POST, GET, OPTIONS
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 181E
Redirect Chain

https://um.simpli.fi/gp_match?google_gid=CAESECl3j2q6mE4WHrti2kADsHY&google_cver=1&google_push=AXcoOmRBHU8-oBPbK6bt1tVo1yeUArrHOuUI6X6DTBjnAQLo7cupCV4RjTmC70ER674Hkq9qQxOZQf-4hODOJovPTh94zCPqEDRTRU-c
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=7CCA90ABA8554DEABB5871ED3CE2F7BE&google_push=AXcoOmRBHU8-oBPbK6bt1tVo1yeUArrHOuUI6X6DTBjnAQLo7cupCV4RjTmC70ER674Hkq9qQxOZQf-4hODOJov...

170 B
188 B

38ms
38ms

Image
image/png

142.250.196.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=7CCA90ABA8554DEABB5871ED3CE2F7BE&google_push=AXcoOmRBHU8-oBPbK6bt1tVo1yeUArrHOuUI6X6DTBjnAQLo7cupCV4RjTmC70ER674Hkq9qQxOZQf-4hODOJovPTh94zCPqEDRTRU-c

Requested by

Host: xosodaiphat.com
URL: https://xosodaiphat.com/xsmb-xo-so-mien-bac.html

Protocol

Server

142.250.196.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s35-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 05 Oct 2023 00:10:58 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Thu, 05 Oct 2023 00:10:58 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=7CCA90ABA8554DEABB5871ED3CE2F7BE&google_push=AXcoOmRBHU8-oBPbK6bt1tVo1yeUArrHOuUI6X6DTBjnAQLo7cupCV4RjTmC70ER674Hkq9qQxOZQf-4hODOJovPTh94zCPqEDRTRU-c
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Wed, 04 Oct 2023 00:10:58 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 181E
Redirect Chain

https://ipac.ctnsnet.com/int/cm?exc=1&acc=crimtan_au&google_gid=CAESEB64jc6b1AdLmI_DjXiq6ig&google_cver=1&google_push=AXcoOmTmaXVbUcjLbeZoqQ1BhkCjtGxZ-Kx_JD6IkIzCrF5V9uuy69MRuXX3c7PDR7-jclpGdlOlz7g...
https://cm.g.doubleclick.net/pixel?google_nid=crimtan_au&google_push=AXcoOmTmaXVbUcjLbeZoqQ1BhkCjtGxZ-Kx_JD6IkIzCrF5V9uuy69MRuXX3c7PDR7-jclpGdlOlz7gwV_Iario3GbioNodQ52TXVbq2&google_hm=ndDHDDfDQ2ODw...

170 B
232 B

41ms
40ms

Image
image/png

142.250.196.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=crimtan_au&google_push=AXcoOmTmaXVbUcjLbeZoqQ1BhkCjtGxZ-Kx_JD6IkIzCrF5V9uuy69MRuXX3c7PDR7-jclpGdlOlz7gwV_Iario3GbioNodQ52TXVbq2&google_hm=ndDHDDfDQ2ODwmW7DHdNa6g

Requested by

Protocol

Server

142.250.196.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s35-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 05 Oct 2023 00:10:58 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 05 Oct 2023 00:10:57 GMT
via: 1.1 google
server: Apache-Coyote/1.1
p3p: CP="NOI DSP COR NID CUR OUR NOR"
status: 302
location: https://cm.g.doubleclick.net/pixel?google_nid=crimtan_au&google_push=AXcoOmTmaXVbUcjLbeZoqQ1BhkCjtGxZ-Kx_JD6IkIzCrF5V9uuy69MRuXX3c7PDR7-jclpGdlOlz7gwV_Iario3GbioNodQ52TXVbq2&google_hm=ndDHDDfDQ2ODwmW7DHdNa6g
content-type: text/html;charset=UTF-8
cache-control: no-cache, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 1; mode=block
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 181E
Redirect Chain

https://fksnk.com/cs/google?google_gid=CAESEK395hdtcnrWXQchCLWejgE&google_cver=1&google_push=AXcoOmRbCO4CHZ5kw80SJTUBXST6Mlody9SWcE03-s2lw7ihQ91D2Rl7b0jfK3fIbQg8ecyyROXh-q5H6mMHHM1SKKAhZTd4xcu8YZzq
https://cm.g.doubleclick.net/pixel?google_nid=fiksu&google_hm=RDUyNTRENTY1QkZDNjk1Mw==

170 B
188 B

39ms
39ms

Image
image/png

142.250.196.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=fiksu&google_hm=RDUyNTRENTY1QkZDNjk1Mw==

Protocol

Server

142.250.196.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s35-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 05 Oct 2023 00:10:59 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=fiksu&google_hm=RDUyNTRENTY1QkZDNjk1Mw==
date: Thu, 05 Oct 2023 00:10:59 GMT
content-language: en-US
content-type: text/html;charset=ISO-8859-1

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 181E
Redirect Chain

https://a.c.appier.net/gcm?google_gid=CAESEMYXqZNhAHm1iIVjpykkFsE&google_cver=1&google_push=AXcoOmSa1Iot5QsgTI0X7UzEifINrtv3idtrNdFkxQI2RrFGZXmQBOtERc1RyseLRbhx3wezXAX-8sYNrG2sR83JR68ZoQ8_yW1m9R1A
https://cm.g.doubleclick.net/pixel?google_nid=appier&google_hm=dEFNUXhmdFZDeU9lS1pEYUV2OGRaUQ%3D%3D&google_push=AXcoOmSa1Iot5QsgTI0X7UzEifINrtv3idtrNdFkxQI2RrFGZXmQBOtERc1RyseLRbhx3wezXAX-8sYNrG2sR...

170 B
329 B

73ms
42ms

Image
image/png

142.250.196.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appier&google_hm=dEFNUXhmdFZDeU9lS1pEYUV2OGRaUQ%3D%3D&google_push=AXcoOmSa1Iot5QsgTI0X7UzEifINrtv3idtrNdFkxQI2RrFGZXmQBOtERc1RyseLRbhx3wezXAX-8sYNrG2sR83JR68ZoQ8_yW1m9R1A

Requested by

Protocol

Server

142.250.196.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s35-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 05 Oct 2023 00:10:58 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Thu, 05 Oct 2023 00:10:58 GMT
server: nginx
accept-ch: Sec-CH-UA-Model,Sec-CH-UA-Platform-Version
p3p: CP="CUR ADM DEV TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://cm.g.doubleclick.net/pixel?google_nid=appier&google_hm=dEFNUXhmdFZDeU9lS1pEYUV2OGRaUQ%3D%3D&google_push=AXcoOmSa1Iot5QsgTI0X7UzEifINrtv3idtrNdFkxQI2RrFGZXmQBOtERc1RyseLRbhx3wezXAX-8sYNrG2sR83JR68ZoQ8_yW1m9R1A
content-type: text/html; charset=utf-8
cache-control: no-store
content-length: 247

GET
H/1.1 404
Not Found doubleclick
app.cauly.co.kr/idsync_ssp/ Frame 181E 0
161 B 115ms
36ms Image
application/xml 133.186.161.89
NHN-AS-KR NHNCLOUD

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://app.cauly.co.kr/idsync_ssp/doubleclick?google_gid=CAESEE_4zepggqoRiSvB0yG-Pow&google_cver=1&google_push=AXcoOmQXlnjaHNO4LKk5Rr5307vYX9FuhNKqQwH3CuX5pE3ZrZ0ntk84ZduyhAzRMOQ1jYEU_OupZkpdSFXAJ5FTwVQfRVee5AjWiJHA
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-2201058077065954&output=html&h=280&adk=2944179606&adf=4155368047&pi=t.aa~a.1392966683~rp.4&w=553&fwrn=4&fwrnh=100&lmt=1696432254&rafmt=1&to=qs&pwprc=1907037601&format=553x280&url=https%3A%2F%2Fxosodaiphat.com%2Fxsmb-xo-so-mien-bac.html&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696464657731&bpp=1&bdt=919&idt=1&shv=r20231003&mjsv=m202309291101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D6d4fa6c9c8a2e322%3AT%3D1696464657%3ART%3D1696464657%3AS%3DALNI_MZJT1uXzQ56DmJQxZ-1Mdjnr1BYzA&gpic=UID%3D00000c582546628f%3AT%3D1696464657%3ART%3D1696464657%3AS%3DALNI_MY9a-WJmFJPpgy1ShDRMFB1XHDBHg&prev_fmts=0x0%2C728x90%2C300x600%2C300x600%2C253x600&nras=3&correlator=4714102405594&frm=20&pv=1&ga_vid=956390922.1696464657&ga_sid=1696464657&ga_hid=386890422&ga_fc=1&u_tz=540&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=231&ady=2580&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C42532403%2C44798934%2C31078301&oid=2&pvsid=3411337703873086&tmod=863633795&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=7&uci=a!7&btvi=3&fsb=1&xpc=7lovSrQDlp&p=https%3A//xosodaiphat.com&dtd=19
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 133.186.161.89 , Japan, ASN45974 (NHN-AS-KR NHNCLOUD, KR),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

Date: Thu, 05 Oct 2023 00:10:58 GMT
Server: nginx
Connection: close
Content-Length: 0
Content-Type: Application/xml;charset=UTF-8

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 181E
Redirect Chain

https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEOF04udUUmlFRrDqEOSXaOM&google_cver=1&google_push=AXcoOmREV-dW4dojl9iNsL5KfkMoBbJMQSsIQR2pIsD51Oq6ouC0ic1s_6Sve18KS6rVgDhdtfHyCyVzyXx1...
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmREV-dW4dojl9iNsL5KfkMoBbJMQSsIQR2pIsD51Oq6ouC0ic1s_6Sve18KS6rVgDhdtfHyCyVzyXx1nOeB9rj-euOaVrFSgdDa

170 B
188 B

39ms
38ms

Image
image/png

142.250.196.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmREV-dW4dojl9iNsL5KfkMoBbJMQSsIQR2pIsD51Oq6ouC0ic1s_6Sve18KS6rVgDhdtfHyCyVzyXx1nOeB9rj-euOaVrFSgdDa

Requested by

Host: xosodaiphat.com
URL: https://xosodaiphat.com/xsmb-xo-so-mien-bac.html

Protocol

Server

142.250.196.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s35-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 05 Oct 2023 00:10:58 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmREV-dW4dojl9iNsL5KfkMoBbJMQSsIQR2pIsD51Oq6ouC0ic1s_6Sve18KS6rVgDhdtfHyCyVzyXx1nOeB9rj-euOaVrFSgdDa
strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

GET
H/1.1

200
OK

send
sync-dsp.ad-m.asia/dsp/api/sync/ Frame 181E
Redirect Chain

https://sync-dsp.ad-m.asia/dsp/api/sync/send?s=google&pixel_match=y&google_gid=CAESEKSE-dEJcUmDtcLQ68Fn8Kk&google_cver=1&google_push=AXcoOmTOE40EugbKyW1VXgzlDaVJV-XW26KG0_sNOpBdS1EnCBL1za0772vm4a-l...
https://sync-dsp.ad-m.asia/dsp/api/sync/send?s=google&pixel_match=y&google_gid=CAESEKSE-dEJcUmDtcLQ68Fn8Kk&google_cver=1&google_push=AXcoOmTOE40EugbKyW1VXgzlDaVJV-XW26KG0_sNOpBdS1EnCBL1za0772vm4a-l...

43 B
243 B

25ms
4ms

Image
image/gif

220.150.223.50
BEKKOAME BEKKOAME...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync-dsp.ad-m.asia/dsp/api/sync/send?s=google&pixel_match=y&google_gid=CAESEKSE-dEJcUmDtcLQ68Fn8Kk&google_cver=1&google_push=AXcoOmTOE40EugbKyW1VXgzlDaVJV-XW26KG0_sNOpBdS1EnCBL1za0772vm4a-l8Z--l-J9fB54YDH2qCb9fkW1iImaB_eURMIh3OtIsQ&uid-set=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-2201058077065954&output=html&h=280&adk=2944179606&adf=4155368047&pi=t.aa~a.1392966683~rp.4&w=553&fwrn=4&fwrnh=100&lmt=1696432254&rafmt=1&to=qs&pwprc=1907037601&format=553x280&url=https%3A%2F%2Fxosodaiphat.com%2Fxsmb-xo-so-mien-bac.html&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696464657731&bpp=1&bdt=919&idt=1&shv=r20231003&mjsv=m202309291101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D6d4fa6c9c8a2e322%3AT%3D1696464657%3ART%3D1696464657%3AS%3DALNI_MZJT1uXzQ56DmJQxZ-1Mdjnr1BYzA&gpic=UID%3D00000c582546628f%3AT%3D1696464657%3ART%3D1696464657%3AS%3DALNI_MY9a-WJmFJPpgy1ShDRMFB1XHDBHg&prev_fmts=0x0%2C728x90%2C300x600%2C300x600%2C253x600&nras=3&correlator=4714102405594&frm=20&pv=1&ga_vid=956390922.1696464657&ga_sid=1696464657&ga_hid=386890422&ga_fc=1&u_tz=540&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=231&ady=2580&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C42532403%2C44798934%2C31078301&oid=2&pvsid=3411337703873086&tmod=863633795&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=7&uci=a!7&btvi=3&fsb=1&xpc=7lovSrQDlp&p=https%3A//xosodaiphat.com&dtd=19
Protocol: HTTP/1.1
Server: 220.150.223.50 , Japan, ASN4686 (BEKKOAME BEKKOAME INTERNET INC., JP),
Reverse DNS: 50.223.150.220.in-addr.arpa
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 05 Oct 2023 00:10:58 GMT
Server: nginx
Content-Type: image/gif
Cache-Control: no-store,no-cache
Connection: close
Content-Length: 43
expires: -1

Redirect headers

Pragma: no-cache
Date: Thu, 05 Oct 2023 00:10:58 GMT
Server: nginx
P3P: CP='CAO PSA CONi OTR OUR DEM ONL'
Location: http://sync-dsp.ad-m.asia/dsp/api/sync/send?s=google&pixel_match=y&google_gid=CAESEKSE-dEJcUmDtcLQ68Fn8Kk&google_cver=1&google_push=AXcoOmTOE40EugbKyW1VXgzlDaVJV-XW26KG0_sNOpBdS1EnCBL1za0772vm4a-l8Z--l-J9fB54YDH2qCb9fkW1iImaB_eURMIh3OtIsQ&uid-set=1
Cache-Control: no-store,no-cache
Connection: close
Content-Length: 0
expires: -1

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame 181E 0
130 B 93ms
39ms Image
text/html 142.250.196.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13IsxIAqywSLsQLz8CKYbFz1JDBCJfjLFZd157bjlItXgGOLUaylDBbHwwa0f6XWeTcZGZEh3g

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.196.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s35-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Thu, 05 Oct 2023 00:10:58 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H2 200 aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzQ6MyxjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX2ZhY2VzOmF1dG8scV9hdXRvOmdvb2Qsd18xMDIwL2h0dHA6Ly9pbWdob3N0cy5jb20vdC8yMDIzLTAzLzM3MzI2Mi85ODFmO...
s-img.adskeeper.com/g/15629096/200x150/-/ 9 KB
10 KB 32ms
13ms Image
image/webp 2606:4700:4400::ac40:986a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.adskeeper.com/g/15629096/200x150/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzQ6MyxjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX2ZhY2VzOmF1dG8scV9hdXRvOmdvb2Qsd18xMDIwL2h0dHA6Ly9pbWdob3N0cy5jb20vdC8yMDIzLTAzLzM3MzI2Mi85ODFmOGYyMzRjNDQ2ZmUxM2JhOTQ2ZWI1ZTU2YTZhZS5qcGc.webp?v=1696464658-uxeZe320vZx2tSNhHOqNKTDQRJh8DjJJGc_q8hH1glc
Requested by: Host: xosodaiphat.com
URL: https://xosodaiphat.com/xsmb-xo-so-mien-bac.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:986a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c65b38c4031d7a131b155697a6a4741835373902efda19908fc07779f6a61911

Request headers

Referer: https://xosodaiphat.com/
Origin: https://xosodaiphat.com
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Thu, 05 Oct 2023 00:10:58 GMT
cf-cache-status: HIT
last-modified: Mon, 07 Aug 2023 14:46:41 GMT
x-mg-request-uuid: 64075a45-d6e0-4b8c-925d-cc37eb604564
server: cloudflare
age: 45929
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
x-robots-tag: noindex
cf-ray: 811171d44d691d83-NRT
content-length: 9572
alt-svc: h3=":443"; ma=86400

GET
H2 200 aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzQ6MyxjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX2ZhY2VzOmF1dG8scV9hdXRvOmdvb2Qsd18xMDIwL2h0dHA6Ly9pbWdob3N0cy5jb20vdC8yMDIzLTA0LzM3MzI2Mi9lNzZlM...
s-img.adskeeper.com/g/15995380/200x150/-/ 5 KB
5 KB 297ms
278ms Image
image/webp 2606:4700:4400::ac40:986a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.adskeeper.com/g/15995380/200x150/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzQ6MyxjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX2ZhY2VzOmF1dG8scV9hdXRvOmdvb2Qsd18xMDIwL2h0dHA6Ly9pbWdob3N0cy5jb20vdC8yMDIzLTA0LzM3MzI2Mi9lNzZlM2I0YTA0ZjFlY2EzM2VjNmE2OThkNTkxNmU3Ni5qcGc.webp?v=1696464658-6j-XTfR1-m2RIGVPkY2x9Ls4VWZiS0oY0ToBtlcBi4A
Requested by: Host: xosodaiphat.com
URL: https://xosodaiphat.com/xsmb-xo-so-mien-bac.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:986a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 787a2b101f96706c537e2cebc2b6f1d191ea05a0b74ad2f48c8b5b4c8e8555fd

Request headers

Referer: https://xosodaiphat.com/
Origin: https://xosodaiphat.com
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Thu, 05 Oct 2023 00:10:58 GMT
cf-cache-status: MISS
last-modified: Sun, 10 Sep 2023 10:41:32 GMT
x-mg-request-uuid: a555d0d4-eb4a-4b93-b428-2a7cadc07b57
server: cloudflare
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
x-robots-tag: noindex
cf-ray: 811171d44d6a1d83-NRT
content-length: 5226
alt-svc: h3=":443"; ma=86400

GET
DATA 200
OK truncated
/ Frame F8A5 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4d82dc1b6fe41e62d924270473b4632bbdf3eae2dc3579dfcc60fbe5138102c7

Request headers

accept-language: jp-JP,jp;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 xsmb-xo-so-mien-bac.html
xosodaiphat.com/ 125 KB
125 KB 9ms
9ms Image
text/html 2606:4700::6812:144c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://xosodaiphat.com/xsmb-xo-so-mien-bac.html
Requested by: Host: xosodaiphat.com
URL: https://xosodaiphat.com/xsmb-xo-so-mien-bac.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6812:144c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://xosodaiphat.com/xsmb-xo-so-mien-bac.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

x-html-minification-powered-by: WebMarkupMin
date: Thu, 05 Oct 2023 00:10:58 GMT
content-encoding: gzip
cf-cache-status: HIT
x-aspnet-version: 4.0.30319
age: 34
x-powered-by: ASP.NET
alt-svc: h3=":443"; ma=86400
content-length: 37516
x-aspnetmvc-version: 4.0
last-modified: Thu, 05 Oct 2023 00:10:16 GMT
server: cloudflare
vary: *, Accept-Encoding
content-type: text/html; charset=utf-8
cache-control: public, max-age=60
accept-ranges: bytes
cf-ray: 811171d44b72806f-NRT
expires: Thu, 05 Oct 2023 00:11:58 GMT

GET
H2 200 i.js Show response
cm.adskeeper.com/ 0
104 B 101ms
91ms Script
application/javascript 2606:4700:4400::6812:2396
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cm.adskeeper.com/i.js?muid=n94WNFwTLWah&cbuster=1696464658608366601998
Requested by: Host: jsc.adskeeper.com
URL: https://jsc.adskeeper.com/x/o/xosothienphu.com.1423705.es6.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:2396 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://xosodaiphat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 05 Oct 2023 00:10:58 GMT
cf-cache-status: DYNAMIC
server: cloudflare
content-type: application/javascript
cache-control: no-store, no-cache, must-revalidate, max-age=0
cf-ray: 811171d458d88a72-NRT
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 i-noref.js Show response
cm.adskeeper.com/ Frame 4A6A 0
38 B 169ms
165ms Script
application/javascript 2606:4700:4400::6812:2396
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cm.adskeeper.com/i-noref.js?cbuster=1696464658610733252436
Requested by: Host: jsc.adskeeper.com
URL: https://jsc.adskeeper.com/x/o/xosothienphu.com.1423705.es6.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:2396 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: jp-JP,jp;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 05 Oct 2023 00:10:58 GMT
cf-cache-status: DYNAMIC
server: cloudflare
content-type: application/javascript
cache-control: no-store, no-cache, must-revalidate, max-age=0
cf-ray: 811171d458d68a72-NRT
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 pwt.js Show response
ads.pubmatic.com/AdServer/js/pwt/161673/7165/ 207 KB
63 KB 31ms
4ms Script
application/javascript 23.40.192.188
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/pwt/161673/7165/pwt.js
Requested by: Host: jsc.adskeeper.com
URL: https://jsc.adskeeper.com/x/o/xosothienphu.com.1423705.es6.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.40.192.188 Tokyo, Japan, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-40-192-188.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: a9f959272120a8fe9fc940b8df6a07a9e6c79d9b72773d62878e82fcd1c51951

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://xosodaiphat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Thu, 05 Oct 2023 00:10:58 GMT
content-encoding: gzip
last-modified: Sat, 29 Apr 2023 00:55:21 GMT
server: Apache
vary: Accept-Encoding
content-type: application/javascript
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: max-age=51350
accept-ranges: bytes
content-length: 63913
expires: Thu, 05 Oct 2023 14:26:48 GMT

GET
H3 200 16885980893607394002
tpc.googlesyndication.com/daca_images/simgad/ Frame 0228 27 KB
27 KB 4ms
4ms Image
image/jpeg 2404:6800:4004:826::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/daca_images/simgad/16885980893607394002?w=360&h=720

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-2201058077065954&output=html&h=600&adk=3586858701&adf=1752004327&pi=t.aa~a.937086356~rp.3&w=253&fwrn=4&fwrnh=100&lmt=1696432254&rafmt=1&to=qs&pwprc=1907037601&format=253x600&url=https%3A%2F%2Fxosodaiphat.com%2Fxsmb-xo-so-mien-bac.html&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696464657731&bpp=1&bdt=919&idt=-M&shv=r20231003&mjsv=m202309291101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D6d4fa6c9c8a2e322%3AT%3D1696464657%3ART%3D1696464657%3AS%3DALNI_MZJT1uXzQ56DmJQxZ-1Mdjnr1BYzA&gpic=UID%3D00000c582546628f%3AT%3D1696464657%3ART%3D1696464657%3AS%3DALNI_MY9a-WJmFJPpgy1ShDRMFB1XHDBHg&prev_fmts=0x0%2C728x90%2C300x600%2C300x600&nras=2&correlator=4714102405594&frm=20&pv=1&ga_vid=956390922.1696464657&ga_sid=1696464657&ga_hid=386890422&ga_fc=1&u_tz=540&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=801&ady=1383&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C42532403%2C44798934%2C31078301&oid=2&pvsid=3411337703873086&tmod=863633795&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=2&fsb=1&xpc=tnnyZlO1Bi&p=https%3A//xosodaiphat.com&dtd=16

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:826::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cc3979f7664633cd797855ac6ee465894fd9737a278e355e89f2de25d7c67fcb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Tue, 03 Oct 2023 21:07:31 GMT
x-content-type-options: nosniff
age: 97407
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 27336
x-xss-protection: 0
last-modified: Sun, 27 Aug 2023 17:54:49 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=604800
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 10 Oct 2023 21:07:31 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231003/r20110914/client/ Frame 0228 2 KB
892 B 2ms
2ms Script
text/javascript 2404:6800:4004:826::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231003/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:826::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Wed, 04 Oct 2023 13:57:08 GMT
content-encoding: br
x-content-type-options: nosniff
age: 36830
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 865
x-xss-protection: 0
server: cafe
etag: 5051423035144352294
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 18 Oct 2023 13:57:08 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231003/r20110914/ Frame 0228 23 KB
9 KB 3ms
2ms Script
text/javascript 2404:6800:4004:826::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231003/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:826::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e0309fd597700b89310de557575438fb73dbee569cf734340057c0884ce91c20

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Wed, 04 Oct 2023 13:56:49 GMT
content-encoding: br
x-content-type-options: nosniff
age: 36849
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9151
x-xss-protection: 0
server: cafe
etag: 7930219084593097114
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 18 Oct 2023 13:56:49 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231003/r20110914/client/ Frame 0228 3 KB
1 KB 4ms
2ms Script
text/javascript 2404:6800:4004:826::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231003/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:826::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Wed, 04 Oct 2023 13:56:49 GMT
content-encoding: br
x-content-type-options: nosniff
age: 36849
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 18 Oct 2023 13:56:49 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231003/r20110914/client/ Frame 0228 20 KB
8 KB 2ms
2ms Script
text/javascript 2404:6800:4004:826::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231003/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:826::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

50a61db1134643f3360d0e1ff16c4e48fdf700090052d0fcf9301e95884ae9d9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Wed, 04 Oct 2023 13:55:52 GMT
content-encoding: br
x-content-type-options: nosniff
age: 36906
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8339
x-xss-protection: 0
server: cafe
etag: 16954770952846736976
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 18 Oct 2023 13:55:52 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 0228 0
0 42ms
40ms Image
text/html 2404:6800:400a:80e::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQ-_5fcbjXxMUWw1bbPLbhUyq3w4qbiio_eJWAopAsZLXheyFvlKrXI2XRHUUSFGMvC4jbEABywWm9EcgMYMMCIpK8s9w
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-2201058077065954&output=html&h=600&adk=3586858701&adf=1752004327&pi=t.aa~a.937086356~rp.3&w=253&fwrn=4&fwrnh=100&lmt=1696432254&rafmt=1&to=qs&pwprc=1907037601&format=253x600&url=https%3A%2F%2Fxosodaiphat.com%2Fxsmb-xo-so-mien-bac.html&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696464657731&bpp=1&bdt=919&idt=-M&shv=r20231003&mjsv=m202309291101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D6d4fa6c9c8a2e322%3AT%3D1696464657%3ART%3D1696464657%3AS%3DALNI_MZJT1uXzQ56DmJQxZ-1Mdjnr1BYzA&gpic=UID%3D00000c582546628f%3AT%3D1696464657%3ART%3D1696464657%3AS%3DALNI_MY9a-WJmFJPpgy1ShDRMFB1XHDBHg&prev_fmts=0x0%2C728x90%2C300x600%2C300x600&nras=2&correlator=4714102405594&frm=20&pv=1&ga_vid=956390922.1696464657&ga_sid=1696464657&ga_hid=386890422&ga_fc=1&u_tz=540&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=801&ady=1383&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C42532403%2C44798934%2C31078301&oid=2&pvsid=3411337703873086&tmod=863633795&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=2&fsb=1&xpc=tnnyZlO1Bi&p=https%3A//xosodaiphat.com&dtd=16
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2404:6800:400a:80e::2004 Osaka, Japan, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 0228 187 KB
59 KB 71ms
70ms Script
text/javascript 2404:6800:4004:825::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:825::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

89403ef16933d6911ecc68da312e1934f696994b35d4824928649954a5980bec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Thu, 05 Oct 2023 00:10:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 60043
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1696419354076528"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 05 Oct 2023 00:10:58 GMT

GET
H3 200 fda82c26911938d9c7ca79f9220f8b0c.js Show response
www.gstatic.com/mysidia/ Frame 0228 36 KB
15 KB 5ms
4ms Script
text/javascript 2404:6800:4004:824::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/fda82c26911938d9c7ca79f9220f8b0c.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:824::2003 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8f1843ba4bdea64726280f2365f8ad8a47e70ee54327f98273daf7fac5120074

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Mon, 02 Oct 2023 22:09:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 180103
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15328
x-xss-protection: 0
last-modified: Thu, 28 Sep 2023 21:33:43 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Sun, 31 Dec 2023 22:09:15 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame D343 1 KB
643 B 3ms
2ms Document
text/html 2404:6800:4004:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:808::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

age: 56581
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 04 Oct 2023 08:27:57 GMT
etag: 48472445140208031
expires: Thu, 05 Oct 2023 08:27:57 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 font
fonts.gstatic.com/l/ Frame F8A5 30 KB
30 KB 3ms
3ms Font
text/html 2404:6800:4004:826::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/l/font?kit=-F62fjtqLzI2JPCgQBnw7HFowxrO03dVtql3cayDTxkRVz7cOU104DCFxAOuofnz3cqtfNzDRmuPjhSFPNSIiECL1wkgzOlLLFlRORwkmI5x_urAbcNAv-IYw2Os0yEEwKsex1Ktgp1pn-1k-_8JYk0zMasfpbcu58iRPghAnR0gb0wHgqlindIrM6mqoJUNePr4Wp9wktwPtiMJGBxBH3T4kQUnopUmiciP_CXh9NePFgi5HyQrdRT7zn9LXKHvIyPYTc2EIzHYyxeup8xtqAVfLT5Dkxv4SNs&skey=72472b0eb8793570&v=v52

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Noto%20Sans%20JP%3A300%2C400%2C700&text=%E3%81%A4%E5%BE%97%E3%83%9F%E5%88%A5%E3%83%89%E3%82%AD%E3%82%89%E3%83%BC%E5%A3%B2%E3%83%A3u%E3%82%BFC%E6%9C%AC%E6%B0%B41%E4%BB%8A%E3%82%A2%E7%B4%A0%E3%83%A7b%E4%BE%A1%E3%83%8E%E3%82%BC0%E3%81%AA%E3%83%96%E5%B0%8F%E3%81%8D%E6%A0%BC%E3%82%B9%E5%A5%BD%E3%82%A4%E3%81%A7%E3%83%AC%E3%83%9A%E3%83%88%E5%90%B8%E7%89%B9%E3%80%82e%E3%81%8A%E5%85%A5%E3%83%B3%E3%82%BA%E3%81%AB%E3%83%81%E3%82%AF%E7%99%BA%E3%83%A5%EF%BC%81%E5%99%A8%E3%83%97%E8%A9%95%20%E4%B8%AD%E5%9E%8B

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:826::2003 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e2508f59f1455191e2b17202043bccc62fb469bb410a87188879f7989dcb92cc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Wed, 04 Oct 2023 18:13:15 GMT
x-content-type-options: nosniff
age: 21463
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="font.woff2"; filename*=UTF-8''font.woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 30968
x-xss-protection: 0
last-modified: Tue, 02 May 2023 23:59:44 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400
timing-allow-origin: *
expires: Wed, 04 Oct 2023 18:13:15 GMT

GET
H3

200

/
www.googleadservices.com/pagead/ar-adview/ Frame F8A5
Redirect Chain

https://googleads.g.doubleclick.net/pagead/adview?ai=CQmz-Ef8dZejzL-iUid4P2Y2_sAySyaTHcvLrw5bxEdGxj6ndPxABILj-zn1gifPFhPQToAHCtL3TA8gBCakCaeE5pYfSPD6oAwHIA8sEqgSSAk_Qkmnh65nmUrHB8StUJ1gQyxzefAfIKtJ...
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x5143de656caa4da70000000000000000%22,%222%22:%220xad28b848fce9b23c0000000000000000%22,%223%22:%220x31789d...

0
0

40ms
39ms

Fetch
text/css

142.251.42.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x5143de656caa4da70000000000000000%22,%222%22:%220xad28b848fce9b23c0000000000000000%22,%223%22:%220x31789d035090ef5a0000000000000000%22,%224%22:%220x902337c4497283c80000000000000000%22,%225%22:%220xb70b17d11dd09b8f0000000000000000%22},%22debug_key%22:%2216847954066792731201%22,%22debug_reporting%22:true,%22destination%22:%22https://suiso-waterserver.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22980376130%22],%224%22:[%2210-05%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%222258375856180111969%22}&andc=true

Requested by

Host: xosodaiphat.com
URL: https://xosodaiphat.com/xsmb-xo-so-mien-bac.html

Protocol

Server

142.251.42.130 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s45-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Thu, 05 Oct 2023 00:10:58 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"aggregation_keys":{"1":"0x5143de656caa4da70000000000000000","2":"0xad28b848fce9b23c0000000000000000","3":"0x31789d035090ef5a0000000000000000","4":"0x902337c4497283c80000000000000000","5":"0xb70b17d11dd09b8f0000000000000000"},"debug_key":"16847954066792731201","debug_reporting":true,"destination":"https://suiso-waterserver.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["980376130"],"4":["10-05"],"6":["true"]},"priority":"500","source_event_id":"2258375856180111969"}
server: cafe
content-type: text/css; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Thu, 05 Oct 2023 00:10:58 GMT

Redirect headers

content-security-policy: script-src 'none'; object-src 'none'
date: Thu, 05 Oct 2023 00:10:58 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://www.googleadservices.com/pagead/ar-adview/?nrh={"aggregation_keys":{"1":"0x5143de656caa4da70000000000000000","2":"0xad28b848fce9b23c0000000000000000","3":"0x31789d035090ef5a0000000000000000","4":"0x902337c4497283c80000000000000000","5":"0xb70b17d11dd09b8f0000000000000000"},"debug_key":"16847954066792731201","debug_reporting":true,"destination":"https://suiso-waterserver.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["980376130"],"4":["10-05"],"6":["true"]},"priority":"500","source_event_id":"2258375856180111969"}&andc=true
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 FvrbBlV_jFWbJeQ31HKG04hrbzYZAPR58b-SgZjo0Pc.js Show response
pagead2.googlesyndication.com/bg/ Frame 3E8E 37 KB
14 KB 3ms
2ms Script
text/javascript 2404:6800:4004:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/FvrbBlV_jFWbJeQ31HKG04hrbzYZAPR58b-SgZjo0Pc.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:808::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

16fadb06557f8c559b25e437d47286d3886b6f361900f479f1bf928198e8d0f7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Tue, 03 Oct 2023 05:32:35 GMT
content-encoding: br
x-content-type-options: nosniff
age: 153503
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14696
x-xss-protection: 0
last-modified: Mon, 02 Oct 2023 14:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 02 Oct 2024 05:32:35 GMT

GET
H2 200 dpixel
cms.quantserve.com/ Frame D343 35 B
463 B 216ms
68ms Image
image/gif 2620:116:800e:21:46d:7e81:55ff:4c12
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEGox1dndG9IjS9QIbP0CpvQ&google_cver=1&google_push=AXcoOmTdQDrcFaZMF9Pz8zlfLcPTqZ1ev9CB4etLXJbdgR-98QinMqmrPfxHuI-4PafIZovEom2k4MCagJoEevjtrgxol06rbiv8QL4

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800e:21:46d:7e81:55ff:4c12 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 05 Oct 2023 00:10:58 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type: image/gif
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame D343
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESE...
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESECqbCxDuZppfsGBiTS9XVyI&google_push=AXcoOmTJTw9ye-dTNPsytKHeLWWktqSK3FeaHjBpJMfGCf28bcT0lZuyGQ...

170 B
188 B

43ms
42ms

Image
image/png

142.250.196.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESECqbCxDuZppfsGBiTS9XVyI&google_push=AXcoOmTJTw9ye-dTNPsytKHeLWWktqSK3FeaHjBpJMfGCf28bcT0lZuyGQ2F5Q79hU39jetxWUvQ7Al_X9W5BPtKlYWneqEImivgJpo

Protocol

Server

142.250.196.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s35-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 05 Oct 2023 00:10:58 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

x-served-by: cache-nrt-rjtf7700042-NRT
pragma: no-cache
date: Thu, 05 Oct 2023 00:10:58 GMT
via: 1.1 varnish
server: Jetty(9.4.35.v20201120)
x-timer: S1696464659.750742,VS0,VE158
x-cache: MISS
p3p: CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
access-control-allow-origin: *
location: https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESECqbCxDuZppfsGBiTS9XVyI&google_push=AXcoOmTJTw9ye-dTNPsytKHeLWWktqSK3FeaHjBpJMfGCf28bcT0lZuyGQ2F5Q79hU39jetxWUvQ7Al_X9W5BPtKlYWneqEImivgJpo
cache-control: no-cache
accept-ranges: bytes
content-length: 0
x-cache-hits: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame D343
Redirect Chain

https://sync.fout.jp/sync?xid=googleadex&g_pixel=&sp=1&google_gid=CAESEHWkqPBPvC9Ct6g-Gh6ujYA&google_cver=1&google_push=AXcoOmS0-3cxqYjqxS4r9Fg8s36S5-zKNI8w83t4EZ_v0hmr0KIW3r4-2sRSYFeVYBXnngEy5OzTo...
https://cm.g.doubleclick.net/pixel?google_nid=freakout&google_push=AXcoOmS0-3cxqYjqxS4r9Fg8s36S5-zKNI8w83t4EZ_v0hmr0KIW3r4-2sRSYFeVYBXnngEy5OzTo9-alnSnoeT1avRqzI_b4_Z98Ik&google_hm=SE9IM0xsVndGbjFD...

170 B
188 B

38ms
37ms

Image
image/png

142.250.196.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=freakout&google_push=AXcoOmS0-3cxqYjqxS4r9Fg8s36S5-zKNI8w83t4EZ_v0hmr0KIW3r4-2sRSYFeVYBXnngEy5OzTo9-alnSnoeT1avRqzI_b4_Z98Ik&google_hm=SE9IM0xsVndGbjFDM2Y4RkJtYm1tdUtVVERj&from_google=sp1

Requested by

Protocol

Server

142.250.196.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s35-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 05 Oct 2023 00:10:58 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Thu, 05 Oct 2023 00:10:58 GMT
Strict-Transport-Security: max-age=15768000
Server: nginx
Transfer-Encoding: chunked
P3P: CP="ADM NOI OUR"
Location: https://cm.g.doubleclick.net/pixel?google_nid=freakout&google_push=AXcoOmS0-3cxqYjqxS4r9Fg8s36S5-zKNI8w83t4EZ_v0hmr0KIW3r4-2sRSYFeVYBXnngEy5OzTo9-alnSnoeT1avRqzI_b4_Z98Ik&google_hm=SE9IM0xsVndGbjFDM2Y4RkJtYm1tdUtVVERj&from_google=sp1
Cache-Control: private, no-cache, no-cache="Set-Cookie", proxy-revalidate
Connection: keep-alive

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame D343
Redirect Chain

https://fksnk.com/cs/google?google_gid=CAESEM8766PwDOmKcMJibUPYG2E&google_cver=1&google_push=AXcoOmQK5RIkCwqd4FG7CTHhCeadV62O4-nfurYH1YzpxnHzbtpmknHU1C80i6S-cLIG-mxiddfwicUDkrs5va0k5fCb_I63LxDYkfA
https://cm.g.doubleclick.net/pixel?google_nid=fiksu&google_hm=QjEyQzE1QTgxNkYyNUEyRA==

170 B
188 B

41ms
41ms

Image
image/png

142.250.196.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=fiksu&google_hm=QjEyQzE1QTgxNkYyNUEyRA==

Protocol

Server

142.250.196.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s35-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 05 Oct 2023 00:10:59 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=fiksu&google_hm=QjEyQzE1QTgxNkYyNUEyRA==
date: Thu, 05 Oct 2023 00:10:59 GMT
content-language: en-US
content-type: text/html;charset=ISO-8859-1

GET
H/1.1 200
200 asr
aid.send.microad.jp/g/ Frame D343 43 B
641 B 9ms
2ms Image
image/gif 202.233.84.1
MICROAD MicroAd

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://aid.send.microad.jp/g/asr?google_gid=CAESEF_osmUuP-eRMWvFXEf8MZo&google_cver=1&google_push=AXcoOmRDkUXTlo0pvF9dhMmUvNIdU7RooUS5-cJrjvww9WqcNjTvr6uSIS1a8uRzZgeDKEEL_MbkLrpCqOFFTHhgzWGc8dBsS2LhWGQ

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

202.233.84.1 , Japan, ASN131957 (MICROAD MicroAd, Inc., JP),

Reverse DNS

Software

Apache /

Resource Hash

b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Security Headers

Name	Value
Strict-Transport-Security	max-age=3600

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

Date: Thu, 05 Oct 2023 00:10:58 GMT
Strict-Transport-Security: max-age=3600
Server: Apache
P3P: policyref="http://www.microad.jp/w3c/p3p.xml",CP="NOI DSP COR NID DEVo PSAo OUR STP STA PRE"
Access-Control-Allow-Origin: *
Content-Type: image/gif
Connection: close
Access-Control-Allow-Headers: origin, x-requested-with, If-Modified-Since, content-type, Pragma, Cache-Control
Content-Length: 43

GET
H/1.1 404
Not Found doubleclick
app.cauly.co.kr/idsync_ssp/ Frame D343 0
161 B 107ms
36ms Image
application/xml 133.186.161.89
NHN-AS-KR NHNCLOUD

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://app.cauly.co.kr/idsync_ssp/doubleclick?google_gid=CAESEEF_Sx8LSTq_SpEMMIVMULI&google_cver=1&google_push=AXcoOmSQ4xK4N0nSRczSDSXpjPwfocAvYwDWnrYOoeKuVRuUKuMCwKf4JSKMvdlvTPYxOoVu2BEKbl3W-nuw_-JHP8Zw-ReXDUm-i0k
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-2201058077065954&output=html&h=600&adk=3586858701&adf=1752004327&pi=t.aa~a.937086356~rp.3&w=253&fwrn=4&fwrnh=100&lmt=1696432254&rafmt=1&to=qs&pwprc=1907037601&format=253x600&url=https%3A%2F%2Fxosodaiphat.com%2Fxsmb-xo-so-mien-bac.html&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696464657731&bpp=1&bdt=919&idt=-M&shv=r20231003&mjsv=m202309291101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D6d4fa6c9c8a2e322%3AT%3D1696464657%3ART%3D1696464657%3AS%3DALNI_MZJT1uXzQ56DmJQxZ-1Mdjnr1BYzA&gpic=UID%3D00000c582546628f%3AT%3D1696464657%3ART%3D1696464657%3AS%3DALNI_MY9a-WJmFJPpgy1ShDRMFB1XHDBHg&prev_fmts=0x0%2C728x90%2C300x600%2C300x600&nras=2&correlator=4714102405594&frm=20&pv=1&ga_vid=956390922.1696464657&ga_sid=1696464657&ga_hid=386890422&ga_fc=1&u_tz=540&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=801&ady=1383&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C42532403%2C44798934%2C31078301&oid=2&pvsid=3411337703873086&tmod=863633795&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=2&fsb=1&xpc=tnnyZlO1Bi&p=https%3A//xosodaiphat.com&dtd=16
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 133.186.161.89 , Japan, ASN45974 (NHN-AS-KR NHNCLOUD, KR),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

Date: Thu, 05 Oct 2023 00:10:58 GMT
Server: nginx
Connection: close
Content-Length: 0
Content-Type: Application/xml;charset=UTF-8

GET

send
sync-dsp.ad-m.asia/dsp/api/sync/ Frame D343
Redirect Chain

https://sync-dsp.ad-m.asia/dsp/api/sync/send?s=google&pixel_match=y&google_gid=CAESEPG44qZyU1GWa2Z0uBI-Q5o&google_cver=1&google_push=AXcoOmRxwMV2QvwTLeO2Gt21_XNB--aS2PTkGeDxjz4IlcM73QgfxcxGZJBgKJXR...
https://sync-dsp.ad-m.asia/dsp/api/sync/send?s=google&pixel_match=y&google_gid=CAESEPG44qZyU1GWa2Z0uBI-Q5o&google_cver=1&google_push=AXcoOmRxwMV2QvwTLeO2Gt21_XNB--aS2PTkGeDxjz4IlcM73QgfxcxGZJBgKJXR...

0
0

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame D343 0
40 B 40ms
39ms Image
text/html 142.250.196.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13J0CX7SbVJsS-HQf8bxn9TrJ3AK8BxVMVhUieE3nmz6f0iLoY_17eJj2GM0HJqIxvGo4B_QkA

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.196.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s35-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Thu, 05 Oct 2023 00:10:58 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
DATA 200
OK truncated
/ Frame 0228 210 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a8a8b316b08de440d21bbcbb663c9f4f513bbba7e2a7cb2d3529000b0a9c4f8b

Request headers

accept-language: jp-JP,jp;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

Content-Type: image/png

OPTIONS
H3 204 /
www.googleadservices.com/pagead/ar-adview/ Frame 0
0 39ms
39ms Preflight
text/html 142.251.42.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.42.130 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s45-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: https://googleads.g.doubleclick.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://googleads.g.doubleclick.net
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Thu, 05 Oct 2023 00:10:58 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3

200

/
www.googleadservices.com/pagead/ar-adview/ Frame 0228
Redirect Chain

https://googleads.g.doubleclick.net/pagead/adview?ai=CoRShEf8dZfDbL4T18AXj0JKIBJLJpMdyku3DlvER0bGPqd0_EAEguP7OfWCJ88WE9BOgAcK0vdMDyAEBqQJp4Tmlh9I8PqgDAcgDy4SAgASqBJICT9AJNKy4fkXSUhEIIk5uxGUqdqnxk9Z...
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x5143de656caa4da70000000000000000%22,%222%22:%220xad28b848fce9b23c0000000000000000%22,%223%22:%220x31789d...

0
0

40ms
40ms

Fetch
text/css

142.251.42.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x5143de656caa4da70000000000000000%22,%222%22:%220xad28b848fce9b23c0000000000000000%22,%223%22:%220x31789d035090ef5a0000000000000000%22,%224%22:%220x902337c4497283c80000000000000000%22,%225%22:%220xb70b17d11dd09b8f0000000000000000%22},%22debug_key%22:%221789310681588747107%22,%22debug_reporting%22:true,%22destination%22:%22https://suiso-waterserver.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22980376130%22],%224%22:[%2210-05%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2214869434678747145953%22}&andc=true

Requested by

Host: xosodaiphat.com
URL: https://xosodaiphat.com/xsmb-xo-so-mien-bac.html

Protocol

Server

142.251.42.130 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s45-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Thu, 05 Oct 2023 00:10:58 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"aggregation_keys":{"1":"0x5143de656caa4da70000000000000000","2":"0xad28b848fce9b23c0000000000000000","3":"0x31789d035090ef5a0000000000000000","4":"0x902337c4497283c80000000000000000","5":"0xb70b17d11dd09b8f0000000000000000"},"debug_key":"1789310681588747107","debug_reporting":true,"destination":"https://suiso-waterserver.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["980376130"],"4":["10-05"],"6":["true"]},"priority":"500","source_event_id":"14869434678747145953"}
server: cafe
content-type: text/css; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Thu, 05 Oct 2023 00:10:58 GMT

Redirect headers

content-security-policy: script-src 'none'; object-src 'none'
date: Thu, 05 Oct 2023 00:10:58 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://www.googleadservices.com/pagead/ar-adview/?nrh={"aggregation_keys":{"1":"0x5143de656caa4da70000000000000000","2":"0xad28b848fce9b23c0000000000000000","3":"0x31789d035090ef5a0000000000000000","4":"0x902337c4497283c80000000000000000","5":"0xb70b17d11dd09b8f0000000000000000"},"debug_key":"1789310681588747107","debug_reporting":true,"destination":"https://suiso-waterserver.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["980376130"],"4":["10-05"],"6":["true"]},"priority":"500","source_event_id":"14869434678747145953"}&andc=true
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 FvrbBlV_jFWbJeQ31HKG04hrbzYZAPR58b-SgZjo0Pc.js Show response
pagead2.googlesyndication.com/bg/ Frame DD48 37 KB
14 KB 3ms
2ms Script
text/javascript 2404:6800:4004:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/FvrbBlV_jFWbJeQ31HKG04hrbzYZAPR58b-SgZjo0Pc.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:808::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

16fadb06557f8c559b25e437d47286d3886b6f361900f479f1bf928198e8d0f7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Tue, 03 Oct 2023 05:32:35 GMT
content-encoding: br
x-content-type-options: nosniff
age: 153503
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14696
x-xss-protection: 0
last-modified: Mon, 02 Oct 2023 14:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 02 Oct 2024 05:32:35 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 0DB8 42 B
64 B 53ms
52ms Fetch
image/gif 2404:6800:4004:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjss8qO2wauR60Cb175KxjZVqFjrLTrCtEUzLuNG1FMXO_I6YBX8mS79cuKiuvql0Sz4Id-vxlxc-PEQQts5dXrzad_ASIikbn29qeBsdztmh0xhYQrcxSsmsmZFvYBlLgTguZZSLKgwTWg&sai=AMfl-YRA2AwMOHEjZQ8RQcUqZIZqCuk8JoZ_RET_-4dwnBvvV6Wv9Ztqi3KoGwQJo64FrIh-uhFc56it3NEzPhmi7QAo0C42wb0ss5tpzIrBdthKzRZS7LwmTaV-wLHr4njxM5bl-ceOKqWAUdWH&sig=Cg0ArKJSzGDQ_GDP3HF8EAE&cid=CAQSSwDICaaN7U2K1iuk1vIA-s8fjALG1oKPb7j8gJZE220uGT-8K82XyBQXQv2EX5xmx04zVvRwzCDafOdZTE_SMiPqTTNuyR4AiDkMgxgB&id=lidar2&mcvt=1001&p=0,0,450,300&mtos=1001,1001,1001,1001,1001&tos=1001,0,0,0,0&v=20231004&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=4&adk=1140614959&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1696464657310&rpt=522&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:808::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 05 Oct 2023 00:10:58 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

OPTIONS
H3 204 /
www.googleadservices.com/pagead/ar-adview/ Frame 0
0 53ms
53ms Preflight
text/html 142.251.42.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x5143de656caa4da70000000000000000%22,%222%22:%220xad28b848fce9b23c0000000000000000%22,%223%22:%220x31789d035090ef5a0000000000000000%22,%224%22:%220x902337c4497283c80000000000000000%22,%225%22:%220xb70b17d11dd09b8f0000000000000000%22},%22debug_key%22:%221789310681588747107%22,%22debug_reporting%22:true,%22destination%22:%22https://suiso-waterserver.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22980376130%22],%224%22:[%2210-05%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2214869434678747145953%22}&andc=true

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.42.130 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s45-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: https://googleads.g.doubleclick.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://googleads.g.doubleclick.net
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Thu, 05 Oct 2023 00:10:58 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 16 KB
12 KB 53ms
52ms XHR
application/json 2404:6800:4004:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202309280101&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309280101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:808::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

22b9156352b98e4bf328c85ec4f5f5e61b4f7a66d48216dbfa06eae8ff7e8e58

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://xosodaiphat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Thu, 05 Oct 2023 00:10:58 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12207
x-xss-protection: 0

POST
H3 204 collect
www.google-analytics.com/g/ 0
17 B 42ms
41ms Ping
text/plain 2404:6800:4004:80a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-KPB8BPT4XL&gtm=45je3a20&_p=386890422&cid=956390922.1696464657&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AEI&sid=1696464657&sct=1&seg=0&dl=https%3A%2F%2Fxosodaiphat.com%2Fxsmb-xo-so-mien-bac.html&dt=XSMB%20-%20SXMB%20-%20K%E1%BA%BFt%20Qu%E1%BA%A3%20X%E1%BB%95%20S%E1%BB%91%20Mi%E1%BB%81n%20B%E1%BA%AFc%20H%C3%B4m%20Nay%20-%20KQXSMB&_s=2
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-KPB8BPT4XL&l=dataLayer&cx=c
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2404:6800:4004:80a::200e , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://xosodaiphat.com/
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Thu, 05 Oct 2023 00:10:58 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://xosodaiphat.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 61ms
61ms Script
text/javascript 2404:6800:4004:826::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309280101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:826::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://xosodaiphat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Thu, 05 Oct 2023 00:10:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 05 Oct 2023 00:10:58 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame D162 13 KB
5 KB 8ms
3ms Document
text/html 2404:6800:4004:826::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:826::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://xosodaiphat.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

accept-ranges: bytes
age: 505622
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 29 Sep 2023 03:43:57 GMT
expires: Sat, 28 Sep 2024 03:43:57 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 439B 829 B
558 B 54ms
52ms Document
text/html 2404:6800:400a:80e::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:400a:80e::2004 Osaka, Japan, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

3dff87b8e818175bc6f008df5d14ae90d7f9d4a2406485359111c80b3cccc018

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-tFOaP55UR_gLlL5X7mn12Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://xosodaiphat.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-tFOaP55UR_gLlL5X7mn12Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Thu, 05 Oct 2023 00:10:59 GMT
expires: Thu, 05 Oct 2023 00:10:59 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 YeTNF82ErcXtSc42GSWrie2SEIEL8DxR64dbf1nZkSc.js Show response
pagead2.googlesyndication.com/bg/ Frame D162 37 KB
14 KB 7ms
7ms Script
text/javascript 2404:6800:4004:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/YeTNF82ErcXtSc42GSWrie2SEIEL8DxR64dbf1nZkSc.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:808::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61e4cd17cd84adc5ed49ce361925ab89ed9210810bf03c51eb875b7f59d99127

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Tue, 03 Oct 2023 05:13:46 GMT
content-encoding: br
x-content-type-options: nosniff
age: 154633
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14663
x-xss-protection: 0
last-modified: Mon, 02 Oct 2023 14:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 02 Oct 2024 05:13:46 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 439B 0
0 36ms
36ms Image
text/html 2404:6800:4004:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202309280101&jk=3411337703873086&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2404:6800:4004:808::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame D162 0
11 B 2ms
2ms Image
text/plain 2404:6800:4004:826::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?ton0TQ
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2404:6800:4004:826::2001 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Thu, 05 Oct 2023 00:10:59 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 200 468_80._480x60- Show response
fundingchoicesmessages.google.com/f/AGSKWxWZjm8GD_5I_OWfMjNgebLMHHRQX8wu1fUOFWftGmT3-ordy_oj0EVuB6H3ikvPmKr9C_XvSuLrScEUPFsb_4tk96B7R5MkL-g5h6pYxsOsNinTgWle1Ga4c6Bwn4TWsXTuNPZrOcW6nyIoEZchc54K6wF1T... 54 B
109 B 71ms
70ms Script
application/javascript 2404:6800:4004:822::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxWZjm8GD_5I_OWfMjNgebLMHHRQX8wu1fUOFWftGmT3-ordy_oj0EVuB6H3ikvPmKr9C_XvSuLrScEUPFsb_4tk96B7R5MkL-g5h6pYxsOsNinTgWle1Ga4c6Bwn4TWsXTuNPZrOcW6nyIoEZchc54K6wF1T4TwS-f27NxzrbrbVd89y2cp69FEb-R4/_/outbrain-min.=pmd-advertising-.adsbox./468_80._480x60-

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.jfsvJHsxvOQ.es5.O/d=1/exm=kernel_loader,loader_js_executable,web_iab_tcf_v2_signal_executable/ed=1/rs=AJlcJMwY0U5cZ4lGP94c98iDBUnHN28m_g/m=ad_blocking_detection_executable

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:822::200e , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

023171a0f209d74c841bea453cfc707fca22e53b005498b744c96a66f2150384

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-jAYehcv7saLMAxtvHdOrYw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://xosodaiphat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Thu, 05 Oct 2023 00:10:59 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-jAYehcv7saLMAxtvHdOrYw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 show_companion_ad.js Show response
pagead2.googlesyndication.com/pagead/ 29 KB
11 KB 4ms
3ms Script
text/javascript 2404:6800:4004:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/show_companion_ad.js?fcd=true

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:808::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1aba26831a6efe421d112d56df8a2bdc7b733b2fb84d9ff1c0ada0a5feca5cf6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://xosodaiphat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Thu, 05 Oct 2023 00:10:16 GMT
content-encoding: br
x-content-type-options: nosniff
age: 43
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11277
x-xss-protection: 0
server: cafe
etag: 8483358422572587102
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=3600
timing-allow-origin: *
expires: Thu, 05 Oct 2023 01:10:16 GMT

POST
H3 204 AGSKWxW2hgDAomhcJSxsLaJ6QzGlLBuHYPV_hQyHYdxrT7HikqbcY9PMcrXuz37_aR6fNYG0ICvBWssCltTBHVtLVX5wWYLXmUZDsArSo1ya-4gog0W9D8dOugHkCphEJBYo1eBQZLBvug== Show response
fundingchoicesmessages.google.com/el/ 0
28 B 52ms
52ms XHR
text/html 2404:6800:4004:822::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxW2hgDAomhcJSxsLaJ6QzGlLBuHYPV_hQyHYdxrT7HikqbcY9PMcrXuz37_aR6fNYG0ICvBWssCltTBHVtLVX5wWYLXmUZDsArSo1ya-4gog0W9D8dOugHkCphEJBYo1eBQZLBvug==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:822::200e , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-M4pDnbDSiJta02oF6U0uJw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://xosodaiphat.com/
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 05 Oct 2023 00:10:59 GMT
content-security-policy: script-src 'report-sample' 'nonce-M4pDnbDSiJta02oF6U0uJw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
access-control-max-age: 86400
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type: text/html; charset=utf-8
access-control-allow-origin: https://xosodaiphat.com
access-control-allow-methods: POST, GET, OPTIONS
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3 204 AGSKWxW2hgDAomhcJSxsLaJ6QzGlLBuHYPV_hQyHYdxrT7HikqbcY9PMcrXuz37_aR6fNYG0ICvBWssCltTBHVtLVX5wWYLXmUZDsArSo1ya-4gog0W9D8dOugHkCphEJBYo1eBQZLBvug== Show response
fundingchoicesmessages.google.com/el/ 0
28 B 417ms
417ms XHR
text/html 2404:6800:4004:822::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxW2hgDAomhcJSxsLaJ6QzGlLBuHYPV_hQyHYdxrT7HikqbcY9PMcrXuz37_aR6fNYG0ICvBWssCltTBHVtLVX5wWYLXmUZDsArSo1ya-4gog0W9D8dOugHkCphEJBYo1eBQZLBvug==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:822::200e , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-Vo50Xv_RdvwnlLtS9hlAOQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://xosodaiphat.com/
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 05 Oct 2023 00:10:59 GMT
content-security-policy: script-src 'report-sample' 'nonce-Vo50Xv_RdvwnlLtS9hlAOQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://xosodaiphat.com
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview
pagead2.googlesyndication.com/pcs/ Frame A04C 42 B
64 B 44ms
43ms Image
image/gif 2404:6800:4004:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssHHPGRHBeC7UG7q_7c8EQGikGLuJEU-GNuETByubW4OtzPxgaPT8PWGEegr1itfqxbnKHAF0l-DYZtfBxWCTrWg0si3gNcwBfU6cOFBMvZ23mJ6KYlkkm-Oyb5Wjpz2Zrvs-LblL7Liw&sai=AMfl-YS5U3Qb-RCcWni8E3k6XCwMUdE9xQZ1_4AjaOgVlh2Q0BnokMlrzO9VAZmvsFM2Q2e_aAw9KFIrtS0lsvYyGvmGCDldMxpHyAdz_4azeBfN-CFhR9hED7Vap2LNQ6VYV2Ai0tICnMgSxvfk&sig=Cg0ArKJSzNg85iDpjkZFEAE&cid=CAQSSwDICaaNXGxe8LkDi4eqILRSNLFdcpl58s4atU-rNGP-Q-dtF1pjU3TYnXjq6XF67qGEqN_r9ubga1xo6BQDh3c-EVjWgwJ-nyPMyhgB&id=ampim&o=340,901&d=336,280&ss=1600,1200&bs=1600,1200&mcvt=1007&mtos=0,0,1007,1007,1007&tos=0,0,1007,0,0&tfs=336&tls=1343&g=100&h=100&tt=1343&r=v&avms=ampa&uap=&uapv=&uaa=&uam=&uafv=&uab=&uafvl=%5B%5D&uaw=false&adk=0

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:808::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://xosodaiphat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 05 Oct 2023 00:10:59 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 AGSKWxW2hgDAomhcJSxsLaJ6QzGlLBuHYPV_hQyHYdxrT7HikqbcY9PMcrXuz37_aR6fNYG0ICvBWssCltTBHVtLVX5wWYLXmUZDsArSo1ya-4gog0W9D8dOugHkCphEJBYo1eBQZLBvug== Show response
fundingchoicesmessages.google.com/el/ 0
28 B 354ms
353ms XHR
text/html 2404:6800:4004:822::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxW2hgDAomhcJSxsLaJ6QzGlLBuHYPV_hQyHYdxrT7HikqbcY9PMcrXuz37_aR6fNYG0ICvBWssCltTBHVtLVX5wWYLXmUZDsArSo1ya-4gog0W9D8dOugHkCphEJBYo1eBQZLBvug==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:822::200e , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-XHn_OJUSlSRMh_geJg5cFQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://xosodaiphat.com/
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 05 Oct 2023 00:10:59 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-XHn_OJUSlSRMh_geJg5cFQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
access-control-max-age: 86400
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type: text/html; charset=utf-8
access-control-allow-origin: https://xosodaiphat.com
access-control-allow-methods: POST, GET, OPTIONS
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3 204 AGSKWxW2hgDAomhcJSxsLaJ6QzGlLBuHYPV_hQyHYdxrT7HikqbcY9PMcrXuz37_aR6fNYG0ICvBWssCltTBHVtLVX5wWYLXmUZDsArSo1ya-4gog0W9D8dOugHkCphEJBYo1eBQZLBvug== Show response
fundingchoicesmessages.google.com/el/ 0
28 B 353ms
352ms XHR
text/html 2404:6800:4004:822::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxW2hgDAomhcJSxsLaJ6QzGlLBuHYPV_hQyHYdxrT7HikqbcY9PMcrXuz37_aR6fNYG0ICvBWssCltTBHVtLVX5wWYLXmUZDsArSo1ya-4gog0W9D8dOugHkCphEJBYo1eBQZLBvug==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:822::200e , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-un3MubvHZs5aEJVSvXwK7w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://xosodaiphat.com/
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 05 Oct 2023 00:10:59 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-un3MubvHZs5aEJVSvXwK7w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
access-control-max-age: 86400
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type: text/html; charset=utf-8
access-control-allow-origin: https://xosodaiphat.com
access-control-allow-methods: POST, GET, OPTIONS
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 AGSKWxV96Bh8c9kGe2XeCKzu5j269udkPyfa5wis3llDhs7nGvMhzhaz1p-0TYXqH5QCK-m1_rRpZzMbMH3xJox0o2D4wMiG4djbP8tw3qDYJGdF5zMi3ETpHeRrx5v9SYyZpCLF-F-frw== Show response
fundingchoicesmessages.google.com/f/ 3 KB
2 KB 343ms
342ms Script
application/javascript 2404:6800:4004:822::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxV96Bh8c9kGe2XeCKzu5j269udkPyfa5wis3llDhs7nGvMhzhaz1p-0TYXqH5QCK-m1_rRpZzMbMH3xJox0o2D4wMiG4djbP8tw3qDYJGdF5zMi3ETpHeRrx5v9SYyZpCLF-F-frw==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNjk2NDY0NjU5LDMyNDAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsOSw2XSxudWxsLDIsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLG51bGwsbnVsbCwxXSwiaHR0cHM6Ly94b3NvZGFpcGhhdC5jb20veHNtYi14by1zby1taWVuLWJhYy5odG1sIixudWxsLFtbOCwiamZzdkpIc3h2T1EiXSxbOSwiZW4tVVMiXSxbMTksIjIiXSxbMTcsIlswXSJdLFsxOCwiW1tbMF1dXSJdXV0

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:822::200e , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

deb887213efb6052e992539fcc5fced67934a1163f06f46cfa79e2f96cb61134

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-Q4mIcD5gdDD7F3xXxCWr0A' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://xosodaiphat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date: Thu, 05 Oct 2023 00:10:59 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-Q4mIcD5gdDD7F3xXxCWr0A' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 93E7 42 B
64 B 239ms
238ms Fetch
image/gif 2404:6800:4004:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuQOeuIzNABh7gG21xZWhH8Ge9nFNQEmx41pHwcQyXm1_9zmLbR_CoAxHsKAPxdXVS_iejySc-BY-4YnH_r_mY3QzJgg4acMXobjMwQBWvg_4BZZeEY3akMu4pmkzYwVULOBNa37VdIVw&sai=AMfl-YRsmSbUfsjAsgihnw8CpbMhtnG8lidJ6TgMYZu0vEtV_FuqmvYN48Xn5Zvn1REn_YmucdhGcElpAHApmDdB32nbU88tLcdflbe-KEXToMYkd_43FuVAX_kW1JqYM8PyNYqE1U1oRDziFD-S&sig=Cg0ArKJSzAMmNUyLqdT4EAE&cid=CAQSSwDICaaN864ahuN1ZLGG8-7taINfg3lHv06J2_GqJvXfPEYlCJCkI-ShTvd-BrC3OLUhhgcz0mefwhjOLandHVWqDKf_PVviC48lCxgB&id=lidar2&mcvt=1005&p=0,0,90,728&mtos=1005,1005,1005,1005,1005&tos=1005,0,0,0,0&v=20231004&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=852557258&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1696464657303&rpt=1151&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:808::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 05 Oct 2023 00:10:59 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 AGSKWxVWyjlbcIuGkM4ZiCTjG44Mfr1Jiz0Os1RKj14Zm_f8owFoJG9t5N12oS3h7XHjdj0bU8GhyXeTNatKWs6ODRBuT5oiQOdpovE6RxougKED3V17g0aUyfW__ECqCfG1B61i0SYFmw== Show response
fundingchoicesmessages.google.com/el/ 0
28 B 50ms
49ms XHR
text/html 2404:6800:4004:822::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxVWyjlbcIuGkM4ZiCTjG44Mfr1Jiz0Os1RKj14Zm_f8owFoJG9t5N12oS3h7XHjdj0bU8GhyXeTNatKWs6ODRBuT5oiQOdpovE6RxougKED3V17g0aUyfW__ECqCfG1B61i0SYFmw==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:822::200e , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-bPzsjptA2f7vutCsCRaAcQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://xosodaiphat.com/
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 05 Oct 2023 00:10:59 GMT
content-security-policy: script-src 'report-sample' 'nonce-bPzsjptA2f7vutCsCRaAcQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
access-control-max-age: 86400
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type: text/html; charset=utf-8
access-control-allow-origin: https://xosodaiphat.com
access-control-allow-methods: POST, GET, OPTIONS
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3 204 AGSKWxW2hgDAomhcJSxsLaJ6QzGlLBuHYPV_hQyHYdxrT7HikqbcY9PMcrXuz37_aR6fNYG0ICvBWssCltTBHVtLVX5wWYLXmUZDsArSo1ya-4gog0W9D8dOugHkCphEJBYo1eBQZLBvug== Show response
fundingchoicesmessages.google.com/el/ 0
28 B 214ms
213ms XHR
text/html 2404:6800:4004:822::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxW2hgDAomhcJSxsLaJ6QzGlLBuHYPV_hQyHYdxrT7HikqbcY9PMcrXuz37_aR6fNYG0ICvBWssCltTBHVtLVX5wWYLXmUZDsArSo1ya-4gog0W9D8dOugHkCphEJBYo1eBQZLBvug==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:822::200e , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-X84SH517uQf2w3n0pZdmJw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://xosodaiphat.com/
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 05 Oct 2023 00:10:59 GMT
content-security-policy: script-src 'report-sample' 'nonce-X84SH517uQf2w3n0pZdmJw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
access-control-max-age: 86400
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type: text/html; charset=utf-8
access-control-allow-origin: https://xosodaiphat.com
access-control-allow-methods: POST, GET, OPTIONS
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 74ms
73ms Image
text/html 2404:6800:4004:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202309280101&jk=3411337703873086&bg=!iYqlisXNAAbjlzx0w5c7ADQBe5WfOPmml30iDwRlsjRwVY86r4Z8y1qUp8jma4U5I2pezTV1AkSyL0HFytDblEyBFUoUAgAAAE1SAAAAGWgBBwoAl9PDjf2kUOPoAwGVU5tzBZwSA534IqG6igD-Gzug8l66liDZDrA9xNLS94RP9-c9VqdUrzq_NkQNPTgxJlQDOxHWTNtWL2-kqOikkU41mZ0xulf16lJsp8pMKerjacJ3x8l0iSHLurgchkHTM1oxqoV7ZaMYO9OHCSYRNXzu8qljVWnGpXe9ERADWS0CX2Cgkii7GFv8tOyZAqjB3QOniMPVkvc_6BEbs3_9MhGNYl-oCKsqKseXg2QRkhakr3WKvMAEhhMlkq5ZhMW7hKZmcFNJpKloYJXd2lUjkFdejhi17Sdih-HAKdoj0dIcwwx10yy9bO2oIltq4W5269vC_RtMSs-XWXE84AFMnr3_rV27j_IZmaBSwFqNnVDevBMYDt2wg22aYXUgetMhhlTwMWiQaJSCkkhOO1KAwGX9sKv5-7jn-wJ3jySp3qNmQPwMCHzMRAdAdLr5pEkAgeHpSNce6Zm_U7-pSFBTwfIn5W2XbW1lbmNgj7eheahRNKiBWKueGeZNt357YELmPzCL95odmWIpZLOVBXm9PRM3aR4Avakx3Fnrkae0IN6B18sy6oxZBEtjvC5rTJ4JMHjQ_5eecGasaVKUph4VJpCPcs50tZaHRuQ0T40l7en5f5pCzsIvmu3Xm-S2FhxQ8MRUiFFp4Yrjgs80E47je7-YJWopjpipT-vojRS18Un8UxtSPt3LmqpzACMn-iMa9L9mMX1LLjqqaWRd3KcPKLkMitB6AxUKyRGVwIct_DWGlmcT1WraxMOALnUR5fuwihb_-whvsvlqTaEWsEW3fELZ_keoYdPQdtBzjvDGRyf13muQ2fgpzsoZRl8tpbUeu17gisqBbgi3dNBrz1R8tNBB5QA81QetumUWFQBvK6EfcQgdLY8rqcr4lHkyNMak1dwVx5q8drmctxUAMfw70Ui6eG0OJ9Opgf-g8JEiTJsZi_da097i_GaAlS31q15sDt-N9BqvNgs0_4T3gnmCIUTU-fr4Z8FciRAqp7gSzx6NG3cOcpLhFEXaui0864AgaJ92HlOEC-MP0_vBEidnckvOnIkMetMKIH624JVoCsOHorN0YGpNlhb9BdIasKMEdbWLULoUnQ
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2404:6800:4004:808::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://xosodaiphat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

POST
H3 204 collect
www.google-analytics.com/g/ 0
17 B 39ms
39ms Ping
text/plain 2404:6800:4004:80a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-KPB8BPT4XL&gtm=45je3a20&_p=386890422&cid=956390922.1696464657&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&sid=1696464657&sct=1&seg=0&dl=https%3A%2F%2Fxosodaiphat.com%2Fxsmb-xo-so-mien-bac.html&dt=XSMB%20-%20SXMB%20-%20K%E1%BA%BFt%20Qu%E1%BA%A3%20X%E1%BB%95%20S%E1%BB%91%20Mi%E1%BB%81n%20B%E1%BA%AFc%20H%C3%B4m%20Nay%20-%20KQXSMB&_s=3
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-KPB8BPT4XL&l=dataLayer&cx=c
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2404:6800:4004:80a::200e , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://xosodaiphat.com/
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Thu, 05 Oct 2023 00:11:03 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://xosodaiphat.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: sync-dsp.ad-m.asia
URL: https://sync-dsp.ad-m.asia/dsp/api/sync/send?s=google&pixel_match=y&google_gid=CAESEPG44qZyU1GWa2Z0uBI-Q5o&google_cver=1&google_push=AXcoOmRxwMV2QvwTLeO2Gt21_XNB--aS2PTkGeDxjz4IlcM73QgfxcxGZJBgKJXR6RleHrxSC0zG3Li5ouSqlDMlGEy-aKtucKu1GVEj&uid-set=1

Verdicts & Comments Add Verdict or Comment

279 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

28 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.google.com/	1970-01-20 19:37:55	Name: NID Value: 511=uVJ7FrwWjtF86KlJGb8tnKOtwporuKEenU0ls_91GYefJFZCfAsEb__GKc2lYsUY0hgq_NWtDzMTUhADNiZ-mOfT5AVZJrcvM4R-fDaPUUGvNzjbYWueJqMnAMZUy91Pqyb2-581GA41s-JJFHWVmC9Vwqyi2WMmqph-lBplFKU
.xosodaiphat.com/	1970-01-20 17:24:00	Name: _gcl_au Value: 1.1.983082009.1696464657
.xosodaiphat.com/	1970-01-20 15:15:51	Name: _gid Value: GA1.2.1965492665.1696464657
.xosodaiphat.com/	1970-01-20 15:14:24	Name: _gat_UA-72080428-1 Value: 1
.xosodaiphat.com/	1970-01-21 00:50:24	Name: _ga Value: GA1.1.956390922.1696464657
.xosodaiphat.com/	1970-01-21 00:36:00	Name: __gads Value: ID=0e12ac60c8d81a12:T=1696464657:RT=1696464657:S=ALNI_MYCFxRT9zcNaz0bnj4cXzctUuNoIQ
.xosodaiphat.com/	1970-01-21 00:36:00	Name: __gpi Value: UID=00000c5824491eb1:T=1696464657:RT=1696464657:S=ALNI_MaWXaKr7f2BSTxKS3dkenlfUs4AUg
.doubleclick.net/	1970-01-20 15:14:28	Name: DSID Value: NO_DATA
.googleadservices.com/	1970-01-20 17:24:00	Name: ar_debug Value: 1
.adskeeper.com/	1970-01-21 00:00:00	Name: muidn Value: n94WNFwTLWah
xosodaiphat.com/	1969-12-31 23:59:59	Name: AdskeeperStorage Value: %7B%220%22%3A%7B%22svspr%22%3A%22%22%2C%22svsds%22%3A1%7D%2C%22C1423705%22%3A%7B%22page%22%3A1%2C%22time%22%3A%221696464658591%22%7D%7D
.c.appier.net/	1970-01-21 00:00:00	Name: _auid Value: tAMQxftVCyOeKZDaEv8dZQ
.c.appier.net/	1970-01-20 15:57:36	Name: _gu Value: CAESEMYXqZNhAHm1iIVjpykkFsE
.ctnsnet.com/	1970-01-21 00:00:00	Name: cid_9dd0c70c37c3436383c265bb0c774d6b Value: 1
.ctnsnet.com/	1970-01-21 00:00:00	Name: gid_CAESEB64jc6b1AdLmI_DjXiq6ig Value: 1
.doubleclick.net/	1970-01-21 00:50:24	Name: IDE Value: AHWqTUmoVUGXSMdD39qyyts-z2xi0bMREoot6J5jFIWSCFQkbRUvAueF09_5QH2b1nk
xosodaiphat.com/	1970-01-20 15:57:36	Name: _pbjs_userid_consent_data Value: 6683316680106290
.send.microad.jp/	1970-01-20 17:24:00	Name: TR Value: e11bb0cf688f72f7c560673a30d28f9f9a61c57a0223f7c3
.fout.jp/	1970-01-21 00:50:24	Name: uid Value: HOH3LlVwFn1C3f8FBmbmmuKUTDc
.simpli.fi/	1970-01-21 00:01:27	Name: suid Value: 7CCA90ABA8554DEABB5871ED3CE2F7BE
.xosodaiphat.com/	1970-01-21 00:50:24	Name: _ga_KPB8BPT4XL Value: GS1.1.1696464657.1.0.1696464658.0.0.0
.everesttech.net/	1970-01-21 00:00:00	Name: everest_g_v2 Value: g_surferid~ZR3-EgAVTNgqvAAN
.quantserve.com/	1970-01-20 17:24:00	Name: d Value: EDwBCQGOKoEA
.quantserve.com/	1970-01-21 00:44:39	Name: mc Value: 651dff12-e158d-61e5d-06690
.fksnk.com/	1970-01-20 15:15:51	Name: g_001 Value: 1
fksnk.com/	1970-01-20 15:24:29	Name: AWSALBCORS Value: sWbzwksOwXnDQVo3rZfmRZA/2PdZtodZefHhKIvuBHaE8C41qzXsv0BR6A+O2uFxoNHqNS4HWbmlff13y8eOoQDMWFZ6zoKJMJhtdeSaRjXSMRUgxVqu/qIFt/jw
.fksnk.com/	1970-01-20 17:24:00	Name: f_001 Value: D5254D565BFC6953
.xosodaiphat.com/	1970-01-21 00:00:00	Name: FCNEC Value: %5B%5B%22AKsRol-3lCw1LWcOLR6m_32JuTd-TRCwl5ZPIwvG5y6F-3DDll7Q6l6xOy0Xf-Gz8EvVZJkNLf0VIaypwL51Rhsuc7mClBR9jRjjzYb_afhrj-b9gN7fyVZdBXnwG1w6t1CUr627WOMNcHfd5dQjad-BCAyIrtfrvg%3D%3D%22%5D%2Cnull%2C%5B%5D%5D

4 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
rendering	warning	URL: https://xosodaiphat.com/xsmb-xo-so-mien-bac.html Message: The value "160dpi" for key "target-densitydpi" was truncated to its numeric prefix.
rendering	warning	URL: https://xosodaiphat.com/xsmb-xo-so-mien-bac.html Message: The key "target-densitydpi" is not supported.
network	error	URL: https://app.cauly.co.kr/idsync_ssp/doubleclick?google_gid=CAESEE_4zepggqoRiSvB0yG-Pow&google_cver=1&google_push=AXcoOmQXlnjaHNO4LKk5Rr5307vYX9FuhNKqQwH3CuX5pE3ZrZ0ntk84ZduyhAzRMOQ1jYEU_OupZkpdSFXAJ5FTwVQfRVee5AjWiJHA Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: https://app.cauly.co.kr/idsync_ssp/doubleclick?google_gid=CAESEEF_Sx8LSTq_SpEMMIVMULI&google_cver=1&google_push=AXcoOmSQ4xK4N0nSRczSDSXpjPwfocAvYwDWnrYOoeKuVRuUKuMCwKf4JSKMvdlvTPYxOoVu2BEKbl3W-nuw_-JHP8Zw-ReXDUm-i0k Message: Failed to load resource: the server responded with a status of 404 (Not Found)

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.c.appier.net
a9429f471968253f5bd8b98d2fe4e3ec.safeframe.googlesyndication.com
ads.pubmatic.com
aid.send.microad.jp
api-sg.flygame.io
api.flygame.io
api2-sg.flygame.io
apis.google.com
app.cauly.co.kr
c.adskeeper.com
cdn.ampproject.org
cdn.xosodaiphat.com
cm.adskeeper.com
cm.g.doubleclick.net
cms.quantserve.com
fksnk.com
fonts.googleapis.com
fonts.gstatic.com
fundingchoicesmessages.google.com
googleads.g.doubleclick.net
images.dmca.com
ipac.ctnsnet.com
jsc.adskeeper.co.uk
jsc.adskeeper.com
msdigita.github.io
nstat-sg.flygame.io
onetag-sys.com
pagead2.googlesyndication.com
partner.googleadservices.com
s-img.adskeeper.com
securepubads.g.doubleclick.net
servicer.adskeeper.com
stats.g.doubleclick.net
sync-dsp.ad-m.asia
sync-tm.everesttech.net
sync.fout.jp
tpc.googlesyndication.com
um.simpli.fi
www.google-analytics.com
www.google.com
www.googleadservices.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
xosodaiphat.com
sync-dsp.ad-m.asia
104.26.0.74
104.26.1.74
118.194.234.167
128.1.40.229
133.186.161.89
139.162.117.143
142.250.196.98
142.251.42.130
151.101.130.49
18.213.189.173
202.232.238.37
202.233.84.1
220.150.223.50
23.40.192.188
2400:52e0:1501::1145:1
2404:6800:4004:808::2002
2404:6800:4004:80a::2002
2404:6800:4004:80a::200e
2404:6800:4004:80b::2002
2404:6800:4004:80f::2001
2404:6800:4004:818::2001
2404:6800:4004:81c::200e
2404:6800:4004:822::200e
2404:6800:4004:824::2003
2404:6800:4004:825::2002
2404:6800:4004:825::2008
2404:6800:4004:826::2001
2404:6800:4004:826::2003
2404:6800:4004:827::2002
2404:6800:4004:827::200a
2404:6800:4008:c13::9d
2404:6800:400a:80e::2004
2606:4700:4400::6812:2396
2606:4700:4400::ac40:986a
2606:4700:4400::ac40:98bf
2606:4700::6812:144c
2606:50c0:8002::153
2620:116:800e:21:46d:7e81:55ff:4c12
34.142.175.23
35.186.193.173
51.79.152.76
01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b
023171a0f209d74c841bea453cfc707fca22e53b005498b744c96a66f2150384
041fe6e516177e777c651a95708ee4961723db34a974e8be9e6ba597a1313e51
04c1bc744720c6e7542613e933c9a0f4bbd8f6ed45a5b1924223c256430dfd7b
097033b4235fc89a9994d3c1dd36c12d42bb2e8205845c869d2be12c0df174c4
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
16fadb06557f8c559b25e437d47286d3886b6f361900f479f1bf928198e8d0f7
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1aba26831a6efe421d112d56df8a2bdc7b733b2fb84d9ff1c0ada0a5feca5cf6
20dbfd15ad1c76270fa9fab30c9397e3c5180e570a34d4b18aa5ee1cd1af613d
21b7a044584ef7456c5de9e0cc8beb629f62c8663a558ec0d95862b18cf3b851
22b9156352b98e4bf328c85ec4f5f5e61b4f7a66d48216dbfa06eae8ff7e8e58
255a87031825f0c8024449878d1d52a644c8da27453ef922ce9ddbf3a1ae1965
29e4c24a2fa1b6c2218b217e252a8d838cb65819a3b959a73c1a3565067ec0d9
2a72e4899e019bb6fc9cdcd7c5edf076a9f2f6ccd80ba31e83736fac06272d34
2b2e8ebe909be0d3ed4533a4fd82486c3c54f3c0de5588bdbf5f8357e166037a
2c81c3d0aa0faf6cf4b941f88f6b5cfc1dd53985320ba416ad0789066ba08ded
2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
309773fa6c23f46befd5880e169b6bc47fe53c4fd326ec1c84d7d53cde803bc9
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
339675576d1f9d253b2f142fb164aaab0e65072244d3dcff3249f37cab23bdf6
3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280
3d23cbcfd35d90cfb139e6f05b6a7fbc22891e2936b6a706ef8147300d66aa08
3dff87b8e818175bc6f008df5d14ae90d7f9d4a2406485359111c80b3cccc018
3fd13aa5309882955edefa1157aab289e1542b6cac5b258f7a486ef88ed1d876
44ef533e0d0635be9664f1ef3a35ffbd3615aed38faa0aaa326058b3db1578f4
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
4d82dc1b6fe41e62d924270473b4632bbdf3eae2dc3579dfcc60fbe5138102c7
4e985c9eb13d7f22fb258a7ff901f553527b27e3414f5dbf53eb1a69857f4c73
50a61db1134643f3360d0e1ff16c4e48fdf700090052d0fcf9301e95884ae9d9
51b5ae1f0ff10c4595493fa2d4edb2c308f97976be783ed5d7d962a8d81606d1
53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2
54d2f32f41cf177b9e5b4ac11b84c6c2b72da2b2343e705b5209b1c5fdce3fc9
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5afe80d3e0f9d951ed01cc6206786f2c28b8986c98c70fc1e039a751ea77e5c1
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
5fd2075b7fe0a994ec6cc9a0ea1913a26d50df490f563dc1d0a77dba554672b2
60ddc774c7b5fd0c01d169321a444da403d60c0042f6bee01b0c96f6e1535fda
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
61e4cd17cd84adc5ed49ce361925ab89ed9210810bf03c51eb875b7f59d99127
626f8ed8d1ab8448c2296e9f672e372c0b5f42112238e561c0c36d63e6d34b64
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6f6765cd1da0d1610a04e470ab5e1439d3e00956adbe6fa78ce101602159acbd
710d59cc71277c8e761e9dde1ba57bf54c4ff65f3fa912baeaff109e80ebd98c
729bb9007929a8af5c6f300c99e7c5899043ed1734d39fd6f4e0361b94d1adbc
76ebd2a7078570fa9f6a50855b4ade57c6b558cca7c95801b2b247406b274975
787a2b101f96706c537e2cebc2b6f1d191ea05a0b74ad2f48c8b5b4c8e8555fd
7c99248572fb027d3c5047cc6787e8ef84d41a7760e865eddb697b8f7799f463
7f8d937ac3c24cd9099dccaeb3e160dba15d6396b7f8ada3ca95f9ef24633aee
80b5677c54bae2cb8adcd74c4e1bfa859f8f75c0717c27e2f78441d55e024382
82507e80f1541996523bb59fa626915c221bf9fca64171903eda6c87dd9138b8
8538a72b84463747021ed0d5255c72ca5335e22d7b0fbbf14d0a2cecc5a97f6a
89403ef16933d6911ecc68da312e1934f696994b35d4824928649954a5980bec
8f1843ba4bdea64726280f2365f8ad8a47e70ee54327f98273daf7fac5120074
93340594a3f629999eacb6d03aac3d49a76ca9023c18a90bce7e7e8d3ef9a68c
96afe494e4876cd3b115878760a73dda4ffa414f841892c2b29647314e9328ff
97ad2f5f2d0652571a124e7b07415cebe4e70edc45469ed95bf19cc6898e54cc
98ea92621a1e03efc11987fba7aff5dae88cd39ffa85960a627b7c8c7b002e8e
99984969b73a9759568e48a6e5e02f4fdc286cc3bd57f8e0fe94369b8dc920e4
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9ccd0b8dcedf64da15cc9c91034d10ead865813506f63c82b9b02ba7cc4df78a
9f73c17a1dc717043a8bbf6093683781326b055b78590dfb61b99d2307605522
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a5b5a41cfd6961ecb186eff63e06f22fa0ec7dc7766b8f8775e69475fbf2428d
a8a8b316b08de440d21bbcbb663c9f4f513bbba7e2a7cb2d3529000b0a9c4f8b
a9f959272120a8fe9fc940b8df6a07a9e6c79d9b72773d62878e82fcd1c51951
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
acd5235448fa6b8890fd7f7baf279fc2803f8af80b497229a2d730217a6146a9
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
b123d3cd853f7cd9c7d7c92b0ca99a37b4fa7e654fca65be5f1a15fd9253635e
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b232a2be54cc094fd2684ce71c633b33d19dc0088d472d15a8b6146dbd1c67cb
b33c75d66b6115b2b04d07e509b8b5def62e5ff9a5feb52c7b4dfedb748fa8ba
b7a0f7c8fe628de8e2ee647271c0ba6cd90dfc8205f22cf351a0335ec18ff66b
b89e680103994673476424f1b55975f5a015044b97b81fdfed4d3f5ab1f55f8e
baa9d796be7e14ec9cc87eb0422e667656cf5d3242d4b92c1f8c0931ae1f1e65
be3179ae4fe9a392df940fe67d1efec4647f59e07362ce1eae10724ea7baa5c1
becbec5893ddeb3d797afdcb2268434b0b425f97297452f5de3bd6a4941c2fbe
c01eb076809b16051ebbb8ace592465ef2d059908c608a4e07a7c1b6c624249b
c12650b6e9de2475417024121ec7c86cbc1b64d6320ff01015117e2edfc9f19c
c65b38c4031d7a131b155697a6a4741835373902efda19908fc07779f6a61911
c784133710320928b175ae1ea56dc0335e242296f887f48eb07f0531956dda9a
c86bfeabd06ba640332347ce71c397f83fc766be7ba5cd8204d99b940e0fbcb6
c86f6f34a5d18beda08cbf553ded42b602f2f26ad8f29936a8c705eae5f1656d
ca52dfbb3f2b64b0d96603936970f78ca8a0fac76233aad6b9020ae2acdfa336
cc3979f7664633cd797855ac6ee465894fd9737a278e355e89f2de25d7c67fcb
ce33f92c59494e54b697d9ebf7827b69a7ff689bdc1500c908dd2b43d518d920
d2bad93dd508b5ec78cb7818fb910499a0bb1597610ee4716a74efe54e9bd28e
d95ffdcf010d6749281f6cd27c3a5f9c856d4b5590cee285f4b4fdbebce22b4c
daaca14937b317ef2e026b4b855c2abe4c7061a83e8e34209e6422d31b1a7ccb
dd382a0b771572febe55bbd91bca06284a52d4ac9bc73128f114914a4b3c7e97
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
deb887213efb6052e992539fcc5fced67934a1163f06f46cfa79e2f96cb61134
e0309fd597700b89310de557575438fb73dbee569cf734340057c0884ce91c20
e2508f59f1455191e2b17202043bccc62fb469bb410a87188879f7989dcb92cc
e37071398d21f18dff2370ee0885f38811bb69bb465b398100ab3101fc521d6b
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e407508c7871acd09717c96284619d0c597fa09a5107546aa48387688421eb55
e47c3dc9aa46738f6cafad9265b67ba627a303c0a487cf1f4efe13dd42e8c1fc
e8001772f5fd68cdf6f4d82118d7d0b67cc65eb418f3994a4105837e5624894a
e8021f1a9dad409f7e699457ac334653bf800464df69900237c4de1c29e275d0
e90a98a0e5128f8f57495d739b9a1057f72d3fe4af49da3342f6ebe116150f6f
e92e8250c7bcfc8147848a529673962da41a8c4413c112da70b4cce8f1513299
ecb2314a2512d42573af057ecb1a843aa7bf233447f3ee71b7de343c14aa42c7
ece60d71cbe364ebf5237b52d2d4481d50349d6f651e1b4376ebeae32fbc18cb
ecfca359531a1b9a7c6315f1c0af9d32a6b9d63e2838cd812501865dfe428837
ed6e026876182b9e60799b361b8d65a5f7713beccd5e67606ffd55d9232f4513
ede1a14f2800eeb40e5370aef684dce98eff7eee4e6c75fb9b3c4c773351a8b2
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f1cfe4f7d3b09de9e3537f0a2303e3e1f23825a794f744340ababa5807de75e1
f335a91239c4af1c0491727be910330d3231f01b7498352ddea85ebc5480007a
f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef
f90a0bfda110d40a81d391edeccd1143806c608fd7c64786142c222709d55499
fb470daa427a2acd99ccf5487aeb0023e39cf60fb17314793f7c1448ffd52d44
fd48a69933bfa6d5e51393b093d776d09a1e7bfb4b7c1e6d4aa00d75f0b3d2d1
fdbec4d899be4651a6609b44bbdec3af40f515e4fb6726238aeeab8cc328482b
feee83064f03a337be948ae3c4ea16eefe6d36ce32edc03919769e4fa2c367dd

xosodaiphat.com Open in urlscan Pro 2606:4700::6812:144c Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

196 Requests

90 %HTTPS

59 %IPv6

28 Domains

45 Subdomains

35 IPs

6 Countries

2684 kBTransfer

7607 kBSize

28 Cookies

2 Outgoing links

Page URL History

Redirected requests

196 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 9 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

xosodaiphat.com Open in urlscan Pro
2606:4700::6812:144c Public Scan

Screenshot
Live screenshot

Full Image

196
Requests

90 %
HTTPS

59 %
IPv6

28
Domains

45
Subdomains

35
IPs

6
Countries

2684 kB
Transfer

7607 kB
Size

28
Cookies

196 HTTP transactions
9 data transactions