urlscan.io logo urlscan.io
SecurityTrails logo

xosodaiphat.com Open in urlscan Pro
104.18.20.76  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://xosodaiphat.com/
Effective URL: https://xosodaiphat.com/
Submission: On July 06 via manual from VN — Scanned from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 87 IPs in 5 countries across 56 domains to perform 273 HTTP transactions. The main IP is 104.18.20.76, located in and belongs to CLOUDFLARENET, US. The main domain is xosodaiphat.com. The Cisco Umbrella rank of the primary domain is 62714.
TLS certificate: Issued by E1 on May 29th 2024. Valid for: 3 months.
This is the only time xosodaiphat.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 104.18.20.76 13335 (CLOUDFLAR...)
2 2607:f8b0:400... 15169 (GOOGLE)
30 142.250.80.66 15169 (GOOGLE)
6 104.18.20.206 13335 (CLOUDFLAR...)
11 104.18.21.76 13335 (CLOUDFLAR...)
6 104.21.234.15 13335 (CLOUDFLAR...)
1 2a02:6ea0:c45... 60068 (CDN77 _)
4 2607:f8b0:400... 15169 (GOOGLE)
3 2607:f8b0:400... 15169 (GOOGLE)
3 2606:4700::68... 13335 (CLOUDFLAR...)
13 34.160.152.31 396982 (GOOGLE-CL...)
2 2607:f8b0:400... 15169 (GOOGLE)
1 34.111.152.239 396982 (GOOGLE-CL...)
10 142.251.40.98 15169 (GOOGLE)
3 2607:f8b0:400... 15169 (GOOGLE)
2 2607:f8b0:400... 15169 (GOOGLE)
2 172.64.144.166 13335 (CLOUDFLAR...)
1 1 2606:4700:20:... 13335 (CLOUDFLAR...)
2 2606:4700:10:... 13335 (CLOUDFLAR...)
8 142.251.40.226 15169 (GOOGLE)
2 142.250.65.168 15169 (GOOGLE)
10 35.227.207.122 15169 (GOOGLE)
4 2607:f8b0:400... 15169 (GOOGLE)
1 130.211.23.194 396982 (GOOGLE-CL...)
2 2606:4700:20:... 13335 (CLOUDFLAR...)
5 142.250.72.102 15169 (GOOGLE)
3 18.238.63.215 16509 (AMAZON-02)
1 2606:4700:10:... 13335 (CLOUDFLAR...)
1 34.120.111.33 396982 (GOOGLE-CL...)
1 3 35.244.193.51 15169 (GOOGLE)
1 34.200.65.202 14618 (AMAZON-AES)
1 52.34.239.226 16509 (AMAZON-02)
7 2606:4700:10:... 13335 (CLOUDFLAR...)
8 13 162.19.138.116 16276 (OVH)
3 4 35.71.131.137 16509 (AMAZON-02)
2 2620:116:800b... 14618 (AMAZON-AES)
4 2607:f8b0:400... 15169 (GOOGLE)
1 2606:4700:303... 13335 (CLOUDFLAR...)
2 2607:f8b0:400... 15169 (GOOGLE)
1 108.138.106.70 16509 (AMAZON-02)
2 108.138.127.64 16509 (AMAZON-02)
1 34.36.214.49 396982 (GOOGLE-CL...)
2 23.45.193.13 16625 (AKAMAI-AS)
9 2600:1f18:235... 14618 (AMAZON-AES)
3 5 68.67.160.26 29990 (ASN-APPNEX)
2 54.84.174.74 14618 (AMAZON-AES)
2 207.65.37.179 62713 (AS-PUBMATIC)
2 34.120.63.153 396982 (GOOGLE-CL...)
3 104.18.36.155 13335 (CLOUDFLAR...)
4 74.119.117.6 19750 (AS-CRITEO)
2 35.186.253.211 15169 (GOOGLE)
2 2602:803:c002... 26667 (RUBICONPR...)
3 2606:4700:10:... 13335 (CLOUDFLAR...)
1 23.203.179.38 16625 (AKAMAI-AS)
1 108.138.128.124 16509 (AMAZON-02)
1 172.64.152.89 13335 (CLOUDFLAR...)
1 2606:4700:10:... 13335 (CLOUDFLAR...)
1 2600:9000:21d... 16509 (AMAZON-02)
2 162.19.138.117 16276 (OVH)
13 142.250.80.110 15169 (GOOGLE)
1 2 52.46.128.147 16509 (AMAZON-02)
1 2606:4700:10:... 13335 (CLOUDFLAR...)
1 8 54.213.6.218 16509 (AMAZON-02)
2 2 8.28.7.83 62713 (AS-PUBMATIC)
1 69.173.146.5 26667 (RUBICONPR...)
4 4 34.111.113.62 396982 (GOOGLE-CL...)
1 2 142.251.32.98 15169 (GOOGLE)
1 69.194.240.13 26120 (RHYTHMONE)
2 2 2607:f350:3:2... 27630 (AS-XFERNET)
2 3 44.208.217.105 14618 (AMAZON-AES)
3 2607:f8b0:400... 15169 (GOOGLE)
1 44.208.217.220 14618 (AMAZON-AES)
2 142.250.72.110 15169 (GOOGLE)
1 2607:f8b0:400... 15169 (GOOGLE)
1 34.200.12.207 14618 (AMAZON-AES)
1 23.45.192.247 16625 (AKAMAI-AS)
1 104.18.38.76 13335 (CLOUDFLAR...)
1 23.200.196.24 16625 (AKAMAI-AS)
2 23.200.198.128 16625 (AKAMAI-AS)
1 2 35.244.159.8 15169 (GOOGLE)
1 2 35.71.139.29 16509 (AMAZON-02)
1 35.211.178.172 15169 (GOOGLE)
1 2620:100:a00b::4 19750 (AS-CRITEO)
1 209.204.229.29 27381 (CASALE-MEDIA)
2 3.84.106.137 14618 (AMAZON-AES)
1 2602:803:c002... 26667 (RUBICONPR...)
3 216.239.32.181 15169 (GOOGLE)
1 1 178.250.7.11 44788 (ASN-CRITE...)
2 2 44.199.61.49 14618 (AMAZON-AES)
2 142.250.80.102 15169 (GOOGLE)
3 142.251.41.2 15169 (GOOGLE)
2 142.250.80.65 15169 (GOOGLE)
273 87
2    104.18.20.76 (None, )

ASN13335 (CLOUDFLARENET, US)
xosodaiphat.com
2    2607:f8b0:4006:80e::2008 (United States)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
30    142.250.80.66 (Plainview, United States)

ASN15169 (GOOGLE, US)
PTR: lga34s35-in-f2.1e100.net
pagead2.googlesyndication.com
6    104.18.20.206 (None, )

ASN13335 (CLOUDFLARENET, US)
a.pub.network
11    104.18.21.76 (None, )

ASN13335 (CLOUDFLARENET, US)
cdn.xosodaiphat.com
static.xosodaiphat.com
6    104.21.234.15 (None, )

ASN13335 (CLOUDFLARENET, US)
player.gliacloud.com
1    2a02:6ea0:c454::1 (New York, United States)

ASN60068 (CDN77 _, GB)
images.dmca.com
4    2607:f8b0:4006:824::2003 (United States)

ASN15169 (GOOGLE, US)
www.gstatic.com
fonts.gstatic.com
3    2607:f8b0:4006:80d::200e (United States)

ASN15169 (GOOGLE, US)
apis.google.com
fundingchoicesmessages.google.com
3    2606:4700::6812:c0d (United States)

ASN13335 (CLOUDFLARENET, US)
msdigital.vn
13    34.160.152.31 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 31.152.160.34.bc.googleusercontent.com
d.pub.network
c.pub.network
2    2607:f8b0:4006:809::200e (United States)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    34.111.152.239 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 239.152.111.34.bc.googleusercontent.com
optimise.net
10    142.251.40.98 (Queens, United States)

ASN15169 (GOOGLE, US)
PTR: lga25s79-in-f2.1e100.net
securepubads.g.doubleclick.net
3    2607:f8b0:4006:820::200e (United States)

ASN15169 (GOOGLE, US)
analytics.google.com
www.youtube.com
2    2607:f8b0:4004:c21::9c (Washington, United States)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
2    172.64.144.166 (San Francisco, United States)

ASN13335 (CLOUDFLARENET, US)
cdn.confiant-integrations.net
1    2606:4700:20::681a:932 (United States)

ASN13335 (CLOUDFLARENET, US)
freestar-io.videoplayerhub.com
2    2606:4700:10::6816:4ad8 (United States)

ASN13335 (CLOUDFLARENET, US)
btloader.com
8    142.251.40.226 (Queens, United States)

ASN15169 (GOOGLE, US)
PTR: lga34s39-in-f2.1e100.net
googleads.g.doubleclick.net
2    142.250.65.168 (Plainview, United States)

ASN15169 (GOOGLE, US)
PTR: lga25s71-in-f8.1e100.net
www.googletagmanager.com
10    35.227.207.122 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 122.207.227.35.bc.googleusercontent.com
pixel.gliacloud.com
4    2607:f8b0:4006:81f::200a (United States)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    130.211.23.194 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 194.23.211.130.bc.googleusercontent.com
api.btloader.com
2    2606:4700:20::681a:246 (United States)

ASN13335 (CLOUDFLARENET, US)
ad-delivery.net
5    142.250.72.102 (Plainview, United States)

ASN15169 (GOOGLE, US)
PTR: lga34s32-in-f6.1e100.net
ad.doubleclick.net
3    18.238.63.215 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-238-63-215.jfk52.r.cloudfront.net
c.amazon-adsystem.com
1    2606:4700:10::ac43:246e (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.hadronid.net
1    34.120.111.33 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 33.111.120.34.bc.googleusercontent.com
cdn.edkt.io
3    35.244.193.51 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 51.193.244.35.bc.googleusercontent.com
lexicon.33across.com
1    34.200.65.202 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-200-65-202.compute-1.amazonaws.com
ups.analytics.yahoo.com
1    52.34.239.226 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-34-239-226.us-west-2.compute.amazonaws.com
fid.agkn.com
7    2606:4700:10::6816:545 (United States)

ASN13335 (CLOUDFLARENET, US)
id.hadron.ad.gt
13    162.19.138.116 (Frankfurt am Main, Germany)

ASN16276 (OVH, FR)
PTR: ns31533567.ip-162-19-138.eu
id5-sync.com
4    35.71.131.137 (United States)

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com
match.adsrvr.org
2    2620:116:800b:21:a021:b886:81cc:55cf (United States)

ASN14618 (AMAZON-AES, US)
secure.quantserve.com
pixel.quantserve.com
4    2607:f8b0:4006:80c::2001 (United States)

ASN15169 (GOOGLE, US)
51e531cd837b7eb4ae819c576c27b552.safeframe.googlesyndication.com
tpc.googlesyndication.com
1    2606:4700:3030::ac43:b50d (United States)

ASN13335 (CLOUDFLARENET, US)
static-pixel.gliavideo.com
2    2607:f8b0:4006:823::200a (United States)

ASN15169 (GOOGLE, US)
imasdk.googleapis.com
1    108.138.106.70 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-106-70.jfk50.r.cloudfront.net
config.aps.amazon-adsystem.com
2    108.138.127.64 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-127-64.jfk50.r.cloudfront.net
aax.amazon-adsystem.com
1    34.36.214.49 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 49.214.36.34.bc.googleusercontent.com
pa.openx.net
2    23.45.193.13 (United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-45-193-13.deploy.static.akamaitechnologies.com
ads.pubmatic.com
9    2600:1f18:2352:af01:fb37:7890:d10:c020 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
c2shb.pubgw.yahoo.com
5    68.67.160.26 (Colonia, United States)

ASN29990 (ASN-APPNEX, US)
PTR: 567.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
ib.adnxs.com
secure.adnxs.com
2    54.84.174.74 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-84-174-74.compute-1.amazonaws.com
ads.yieldmo.com
2    207.65.37.179 (United States)

ASN62713 (AS-PUBMATIC, US)
hbopenbid.pubmatic.com
2    34.120.63.153 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 153.63.120.34.bc.googleusercontent.com
prebid.media.net
3    104.18.36.155 (None, )

ASN13335 (CLOUDFLARENET, US)
htlb.casalemedia.com
ssum-sec.casalemedia.com
4    74.119.117.6 (United States)

ASN19750 (AS-CRITEO, US)
bidder.criteo.com
grid.bidswitch.net
2    35.186.253.211 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 211.253.186.35.bc.googleusercontent.com
rtb.openx.net
2    2602:803:c002:200::32 (United States)

ASN26667 (RUBICONPROJECT, US)
fastlane.rubiconproject.com
3    2606:4700:10::6816:445 (United States)

ASN13335 (CLOUDFLARENET, US)
a.ad.gt
pixels.ad.gt
1    23.203.179.38 (Piscataway, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-203-179-38.deploy.static.akamaitechnologies.com
secure.cdn.fastclick.net
1    108.138.128.124 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-128-124.jfk50.r.cloudfront.net
tags.crwdcntrl.net
1    172.64.152.89 (San Francisco, United States)

ASN13335 (CLOUDFLARENET, US)
cdn-ima.33across.com
1    2606:4700:10::6816:3456 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.id5-sync.com
1    2600:9000:21dd:6c00:6:44e3:f8c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
rules.quantcount.com
2    162.19.138.117 (Frankfurt am Main, Germany)

ASN16276 (OVH, FR)
PTR: ns31533568.ip-162-19-138.eu
lb.eu-1-id5-sync.com
13    142.250.80.110 (Plainview, United States)

ASN15169 (GOOGLE, US)
PTR: lga34s36-in-f14.1e100.net
fundingchoicesmessages.google.com
www.youtube.com
2    52.46.128.147 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
s.amazon-adsystem.com
1    2606:4700:10::ac43:17ea (United States)

ASN13335 (CLOUDFLARENET, US)
p.ad.gt
8    54.213.6.218 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-213-6-218.us-west-2.compute.amazonaws.com
ids.ad.gt
2    8.28.7.83 (United States)

ASN62713 (AS-PUBMATIC, US)
image2.pubmatic.com
1    69.173.146.5 (United States)

ASN26667 (RUBICONPROJECT, US)
token.rubiconproject.com
4    34.111.113.62 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 62.113.111.34.bc.googleusercontent.com
pixel.tapad.com
2    142.251.32.98 (Queens, United States)

ASN15169 (GOOGLE, US)
PTR: lga25s77-in-f2.1e100.net
cm.g.doubleclick.net
1    69.194.240.13 (United States)

ASN26120 (RHYTHMONE, US)
sync.1rx.io
2    2607:f350:3:2569:0:10:0:c (United States)

ASN27630 (AS-XFERNET, US)
sync.go.sonobi.com
3    44.208.217.105 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-208-217-105.compute-1.amazonaws.com
ad.360yield.com
ice.360yield.com
3    2607:f8b0:4006:80d::2006 (United States)

ASN15169 (GOOGLE, US)
s0.2mdn.net
1    44.208.217.220 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-208-217-220.compute-1.amazonaws.com
bcp.crwdcntrl.net
2    142.250.72.110 (Plainview, United States)

ASN15169 (GOOGLE, US)
PTR: lga34s32-in-f14.1e100.net
www.google-analytics.com
1    2607:f8b0:4006:81e::200e (United States)

ASN15169 (GOOGLE, US)
www.youtube.com
1    34.200.12.207 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-200-12-207.compute-1.amazonaws.com
ads.yieldmo.com
1    23.45.192.247 (United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-45-192-247.deploy.static.akamaitechnologies.com
acdn.adnxs.com
1    104.18.38.76 (None, )

ASN13335 (CLOUDFLARENET, US)
js-sec.indexww.com
1    23.200.196.24 (Piscataway, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-200-196-24.deploy.static.akamaitechnologies.com
contextual.media.net
2    23.200.198.128 (Piscataway, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-200-198-128.deploy.static.akamaitechnologies.com
eus.rubiconproject.com
2    35.244.159.8 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com
freestar-d.openx.net
2    35.71.139.29 (United States)

ASN16509 (AMAZON-02, US)
PTR: afb83dd09526a6517.awsglobalaccelerator.com
eb2.3lift.com
1    35.211.178.172 (North Charleston, United States)

ASN15169 (GOOGLE, US)
PTR: 172.178.211.35.bc.googleusercontent.com
x.bidswitch.net
1    2620:100:a00b::4 (United States)

ASN19750 (AS-CRITEO, US)
static.criteo.net
1    209.204.229.29 (Canada)

ASN27381 (CASALE-MEDIA, CA)
a5588.casalemedia.com
2    3.84.106.137 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-84-106-137.compute-1.amazonaws.com
protected-by.clarium.io
1    2602:803:c002:200::24 (United States)

ASN26667 (RUBICONPROJECT, US)
beacon-iad2.rubiconproject.com
3    216.239.32.181 (United States)

ASN15169 (GOOGLE, US)
analytics.google.com
1    178.250.7.11 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
dis.eu.criteo.com
2    44.199.61.49 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-199-61-49.compute-1.amazonaws.com
ce.lijit.com
2    142.250.80.102 (Plainview, United States)

ASN15169 (GOOGLE, US)
PTR: lga34s36-in-f6.1e100.net
s0.2mdn.net
3    142.251.41.2 (Queens, United States)

ASN15169 (GOOGLE, US)
PTR: lga34s40-in-f2.1e100.net
www.googleadservices.com
2    142.250.80.65 (Plainview, United States)

ASN15169 (GOOGLE, US)
PTR: lga34s35-in-f1.1e100.net
tpc.googlesyndication.com
Apex Domain
Subdomains		 Transfer
36 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 152
51e531cd837b7eb4ae819c576c27b552.safeframe.googlesyndication.com
tpc.googlesyndication.com — Cisco Umbrella Rank: 197
518 KB
27 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 251
stats.g.doubleclick.net — Cisco Umbrella Rank: 158
googleads.g.doubleclick.net — Cisco Umbrella Rank: 76
ad.doubleclick.net — Cisco Umbrella Rank: 194
cm.g.doubleclick.net — Cisco Umbrella Rank: 301
291 KB
20 google.com
apis.google.com — Cisco Umbrella Rank: 222
analytics.google.com — Cisco Umbrella Rank: 195
fundingchoicesmessages.google.com — Cisco Umbrella Rank: 686
155 KB
19 ad.gt
id.hadron.ad.gt — Cisco Umbrella Rank: 1922
a.ad.gt — Cisco Umbrella Rank: 2149
p.ad.gt — Cisco Umbrella Rank: 2466
ids.ad.gt — Cisco Umbrella Rank: 1903
pixels.ad.gt — Cisco Umbrella Rank: 2390
20 KB
19 pub.network
a.pub.network — Cisco Umbrella Rank: 6707
d.pub.network — Cisco Umbrella Rank: 7169
c.pub.network — Cisco Umbrella Rank: 6724
369 KB
16 gliacloud.com
player.gliacloud.com — Cisco Umbrella Rank: 20851
pixel.gliacloud.com — Cisco Umbrella Rank: 19491
207 KB
14 id5-sync.com
id5-sync.com — Cisco Umbrella Rank: 608
cdn.id5-sync.com — Cisco Umbrella Rank: 1165
43 KB
13 xosodaiphat.com
xosodaiphat.com — Cisco Umbrella Rank: 62714
cdn.xosodaiphat.com — Cisco Umbrella Rank: 97674
static.xosodaiphat.com — Cisco Umbrella Rank: 186739
138 KB
10 yahoo.com
ups.analytics.yahoo.com — Cisco Umbrella Rank: 543
c2shb.pubgw.yahoo.com — Cisco Umbrella Rank: 3287
10 KB
8 amazon-adsystem.com
c.amazon-adsystem.com — Cisco Umbrella Rank: 381
config.aps.amazon-adsystem.com — Cisco Umbrella Rank: 781
aax.amazon-adsystem.com — Cisco Umbrella Rank: 514
s.amazon-adsystem.com — Cisco Umbrella Rank: 383
86 KB
6 rubiconproject.com
fastlane.rubiconproject.com — Cisco Umbrella Rank: 632
token.rubiconproject.com — Cisco Umbrella Rank: 574
eus.rubiconproject.com — Cisco Umbrella Rank: 703
beacon-iad2.rubiconproject.com — Cisco Umbrella Rank: 2342
13 KB
6 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 306
secure.adnxs.com — Cisco Umbrella Rank: 607
acdn.adnxs.com — Cisco Umbrella Rank: 659
18 KB
6 pubmatic.com
ads.pubmatic.com — Cisco Umbrella Rank: 650
hbopenbid.pubmatic.com — Cisco Umbrella Rank: 593
image2.pubmatic.com — Cisco Umbrella Rank: 1229
4 KB
6 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 87
imasdk.googleapis.com — Cisco Umbrella Rank: 564
178 KB
5 2mdn.net
s0.2mdn.net — Cisco Umbrella Rank: 400
57 KB
5 openx.net
pa.openx.net — Cisco Umbrella Rank: 4085
rtb.openx.net — Cisco Umbrella Rank: 678
freestar-d.openx.net — Cisco Umbrella Rank: 19582
808 B
4 tapad.com
pixel.tapad.com — Cisco Umbrella Rank: 602
1 KB
4 casalemedia.com
htlb.casalemedia.com — Cisco Umbrella Rank: 619
a5588.casalemedia.com — Cisco Umbrella Rank: 71350
ssum-sec.casalemedia.com — Cisco Umbrella Rank: 641
6 KB
4 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 453
2 KB
4 33across.com
lexicon.33across.com — Cisco Umbrella Rank: 2164
cdn-ima.33across.com — Cisco Umbrella Rank: 1800
7 KB
4 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 82
23 KB
4 gstatic.com
www.gstatic.com
fonts.gstatic.com
176 KB
4 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 85
370 KB
3 googleadservices.com
www.googleadservices.com — Cisco Umbrella Rank: 135
3 youtube.com
www.youtube.com — Cisco Umbrella Rank: 94
12 KB
3 360yield.com
ad.360yield.com — Cisco Umbrella Rank: 823
ice.360yield.com — Cisco Umbrella Rank: 2527
1 KB
3 bidswitch.net
grid.bidswitch.net — Cisco Umbrella Rank: 1622
x.bidswitch.net — Cisco Umbrella Rank: 442
762 B
3 criteo.com
bidder.criteo.com — Cisco Umbrella Rank: 719
dis.eu.criteo.com — Cisco Umbrella Rank: 12743
977 B
3 media.net
prebid.media.net — Cisco Umbrella Rank: 1328
contextual.media.net — Cisco Umbrella Rank: 809
17 KB
3 yieldmo.com
ads.yieldmo.com — Cisco Umbrella Rank: 672
447 B
3 btloader.com
btloader.com — Cisco Umbrella Rank: 1254
api.btloader.com — Cisco Umbrella Rank: 1343
19 KB
3 msdigital.vn
msdigital.vn — Cisco Umbrella Rank: 45561
2 lijit.com
ce.lijit.com — Cisco Umbrella Rank: 1222
1 KB
2 clarium.io
protected-by.clarium.io — Cisco Umbrella Rank: 1858
487 B
2 sonobi.com
sync.go.sonobi.com — Cisco Umbrella Rank: 1385
1 KB
2 eu-1-id5-sync.com
lb.eu-1-id5-sync.com — Cisco Umbrella Rank: 1037
549 B
2 crwdcntrl.net
tags.crwdcntrl.net — Cisco Umbrella Rank: 1205
bcp.crwdcntrl.net — Cisco Umbrella Rank: 1188
13 KB
2 3lift.com
tlx.3lift.com Failed
eb2.3lift.com — Cisco Umbrella Rank: 521
431 B
2 quantserve.com
secure.quantserve.com — Cisco Umbrella Rank: 1823
pixel.quantserve.com — Cisco Umbrella Rank: 1348
11 KB
2 ad-delivery.net
ad-delivery.net — Cisco Umbrella Rank: 1264
1 KB
2 confiant-integrations.net
cdn.confiant-integrations.net — Cisco Umbrella Rank: 2240
122 KB
1 criteo.net
static.criteo.net — Cisco Umbrella Rank: 745
31 KB
1 indexww.com
js-sec.indexww.com — Cisco Umbrella Rank: 827
1 1rx.io
sync.1rx.io — Cisco Umbrella Rank: 601
99 B
1 quantcount.com
rules.quantcount.com — Cisco Umbrella Rank: 1775
1 KB
1 fastclick.net
secure.cdn.fastclick.net — Cisco Umbrella Rank: 1450
17 KB
1 gliavideo.com
static-pixel.gliavideo.com — Cisco Umbrella Rank: 22192
657 B
1 agkn.com
fid.agkn.com — Cisco Umbrella Rank: 3421
687 B
1 edkt.io
cdn.edkt.io — Cisco Umbrella Rank: 8190
8 KB
1 hadronid.net
cdn.hadronid.net — Cisco Umbrella Rank: 2208
12 KB
1 videoplayerhub.com
freestar-io.videoplayerhub.com — Cisco Umbrella Rank: 10474
475 B
1 optimise.net
optimise.net — Cisco Umbrella Rank: 7862
2 KB
1 dmca.com
images.dmca.com — Cisco Umbrella Rank: 14451
843 B
0 jsdelivr.net Failed
cdn.jsdelivr.net Failed
0 rlcdn.com Failed
api.rlcdn.com Failed
0 spotxchange.com Failed
sync.search.spotxchange.com Failed
273 56
Domain Requested by
30 pagead2.googlesyndication.com xosodaiphat.com
pagead2.googlesyndication.com
imasdk.googleapis.com
securepubads.g.doubleclick.net
13 fundingchoicesmessages.google.com pagead2.googlesyndication.com
13 id5-sync.com 8 redirects a.pub.network
cdn.id5-sync.com
xosodaiphat.com
12 c.pub.network a.pub.network
10 pixel.gliacloud.com xosodaiphat.com
10 securepubads.g.doubleclick.net a.pub.network
securepubads.g.doubleclick.net
imasdk.googleapis.com
xosodaiphat.com
pagead2.googlesyndication.com
10 cdn.xosodaiphat.com xosodaiphat.com
9 c2shb.pubgw.yahoo.com a.pub.network
8 ids.ad.gt 1 redirects xosodaiphat.com
8 googleads.g.doubleclick.net pagead2.googlesyndication.com
xosodaiphat.com
7 id.hadron.ad.gt a.pub.network
cdn.hadronid.net
6 player.gliacloud.com xosodaiphat.com
player.gliacloud.com
6 a.pub.network xosodaiphat.com
a.pub.network
5 tpc.googlesyndication.com securepubads.g.doubleclick.net
xosodaiphat.com
5 s0.2mdn.net imasdk.googleapis.com
xosodaiphat.com
5 ad.doubleclick.net xosodaiphat.com
5 analytics.google.com www.googletagmanager.com
4 pixel.tapad.com 4 redirects
4 match.adsrvr.org 3 redirects a.pub.network
4 fonts.googleapis.com player.gliacloud.com
4 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
4 www.googletagmanager.com xosodaiphat.com
www.googletagmanager.com
player.gliacloud.com
p.ad.gt
3 www.googleadservices.com xosodaiphat.com
3 www.youtube.com player.gliacloud.com
www.youtube.com
3 ads.yieldmo.com a.pub.network
3 ib.adnxs.com 1 redirects a.pub.network
3 lexicon.33across.com 1 redirects xosodaiphat.com
cdn-ima.33across.com
3 c.amazon-adsystem.com a.pub.network
c.amazon-adsystem.com
3 msdigital.vn xosodaiphat.com
2 ce.lijit.com 2 redirects
2 ice.360yield.com 2 redirects
2 protected-by.clarium.io xosodaiphat.com
2 eb2.3lift.com 1 redirects a.pub.network
2 freestar-d.openx.net 1 redirects a.pub.network
2 eus.rubiconproject.com a.pub.network
xosodaiphat.com
2 fonts.gstatic.com fonts.googleapis.com
2 sync.go.sonobi.com 2 redirects
2 cm.g.doubleclick.net 1 redirects xosodaiphat.com
2 image2.pubmatic.com 2 redirects
2 secure.adnxs.com 2 redirects
2 s.amazon-adsystem.com 1 redirects c.amazon-adsystem.com
2 lb.eu-1-id5-sync.com a.pub.network
cdn.id5-sync.com
2 a.ad.gt cdn.hadronid.net
p.ad.gt
2 fastlane.rubiconproject.com a.pub.network
2 rtb.openx.net a.pub.network
2 grid.bidswitch.net a.pub.network
2 bidder.criteo.com a.pub.network
2 htlb.casalemedia.com a.pub.network
2 prebid.media.net a.pub.network
2 hbopenbid.pubmatic.com a.pub.network
2 ads.pubmatic.com a.pub.network
2 aax.amazon-adsystem.com c.amazon-adsystem.com
2 imasdk.googleapis.com player.gliacloud.com
imasdk.googleapis.com
2 ad-delivery.net xosodaiphat.com
2 btloader.com xosodaiphat.com
freestar-io.videoplayerhub.com
2 cdn.confiant-integrations.net a.pub.network
cdn.confiant-integrations.net
2 stats.g.doubleclick.net www.googletagmanager.com
www.google-analytics.com
2 apis.google.com xosodaiphat.com
apis.google.com
2 www.gstatic.com xosodaiphat.com
2 xosodaiphat.com xosodaiphat.com
1 ssum-sec.casalemedia.com xosodaiphat.com
1 dis.eu.criteo.com 1 redirects
1 beacon-iad2.rubiconproject.com xosodaiphat.com
1 a5588.casalemedia.com xosodaiphat.com
1 static.criteo.net a.pub.network
1 x.bidswitch.net xosodaiphat.com
1 contextual.media.net a.pub.network
1 js-sec.indexww.com a.pub.network
1 acdn.adnxs.com a.pub.network
1 pixels.ad.gt p.ad.gt
1 pixel.quantserve.com xosodaiphat.com
1 bcp.crwdcntrl.net tags.crwdcntrl.net
1 ad.360yield.com xosodaiphat.com
1 sync.1rx.io xosodaiphat.com
1 token.rubiconproject.com xosodaiphat.com
1 p.ad.gt a.ad.gt
1 rules.quantcount.com secure.quantserve.com
1 cdn.id5-sync.com xosodaiphat.com
1 cdn-ima.33across.com xosodaiphat.com
1 tags.crwdcntrl.net xosodaiphat.com
1 secure.cdn.fastclick.net xosodaiphat.com
1 pa.openx.net a.pub.network
1 config.aps.amazon-adsystem.com c.amazon-adsystem.com
1 static-pixel.gliavideo.com player.gliacloud.com
1 51e531cd837b7eb4ae819c576c27b552.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 secure.quantserve.com a.pub.network
1 fid.agkn.com a.pub.network
1 ups.analytics.yahoo.com a.pub.network
1 cdn.edkt.io a.pub.network
1 cdn.hadronid.net a.pub.network
1 api.btloader.com freestar-io.videoplayerhub.com
1 freestar-io.videoplayerhub.com 1 redirects
1 static.xosodaiphat.com xosodaiphat.com
1 optimise.net a.pub.network
1 d.pub.network xosodaiphat.com
1 images.dmca.com xosodaiphat.com
0 cdn.jsdelivr.net Failed player.gliacloud.com
0 tlx.3lift.com Failed a.pub.network
0 api.rlcdn.com Failed a.pub.network
0 sync.search.spotxchange.com Failed xosodaiphat.com
273 100

This site contains links to these domains. Also see Links.

Domain
muvi.vn
www.youtube.com
www.dmca.com
ads.freestar.com
Subject Issuer Validity Valid
xosodaiphat.com
E1		 2024-05-29 -
2024-08-27		 3 months crt.sh
*.google-analytics.com
WR2		 2024-06-13 -
2024-09-05		 3 months crt.sh
*.g.doubleclick.net
WR2		 2024-06-13 -
2024-09-05		 3 months crt.sh
pub.network
GTS CA 1P5		 2024-05-23 -
2024-08-21		 3 months crt.sh
gliacloud.com
E5		 2024-06-30 -
2024-09-28		 3 months crt.sh
images.dmca.com
R3		 2024-06-03 -
2024-09-01		 3 months crt.sh
*.gstatic.com
WR2		 2024-06-13 -
2024-09-05		 3 months crt.sh
*.apis.google.com
WR2		 2024-06-13 -
2024-09-05		 3 months crt.sh
msdigital.vn
WE1		 2024-06-23 -
2024-09-21		 3 months crt.sh
d.pub.network
WR3		 2024-05-21 -
2024-08-19		 3 months crt.sh
optimise.net
GTS CA 1D4		 2024-05-14 -
2024-08-12		 3 months crt.sh
*.google.com
WR2		 2024-06-13 -
2024-09-05		 3 months crt.sh
confiant-integrations.net
GTS CA 1P5		 2024-05-14 -
2024-08-12		 3 months crt.sh
pixel.gliacloud.com
WR3		 2024-06-01 -
2024-08-30		 3 months crt.sh
upload.video.google.com
WR2		 2024-06-13 -
2024-09-05		 3 months crt.sh
btloader.com
WE1		 2024-06-12 -
2024-09-10		 3 months crt.sh
api.btloader.com
GTS CA 1D4		 2024-06-04 -
2024-09-02		 3 months crt.sh
ad-delivery.net
GTS CA 1P5		 2024-05-17 -
2024-08-15		 3 months crt.sh
*.doubleclick.net
WR2		 2024-06-13 -
2024-09-05		 3 months crt.sh
c.amazon-adsystem.com
Amazon RSA 2048 M01		 2023-12-30 -
2024-12-04		 a year crt.sh
hadronid.net
GTS CA 1P5		 2024-05-29 -
2024-08-27		 3 months crt.sh
edkt.io
GTS CA 1D4		 2024-06-06 -
2024-09-04		 3 months crt.sh
ups.analytics.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2024-05-21 -
2024-11-13		 6 months crt.sh
*.agkn.com
RapidSSL Global TLS RSA4096 SHA256 2022 CA1		 2023-09-07 -
2024-09-29		 a year crt.sh
id.hadron.ad.gt
E1		 2024-05-25 -
2024-08-23		 3 months crt.sh
*.id5-sync.com
E6		 2024-07-01 -
2024-09-29		 3 months crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2024-04-23 -
2025-05-25		 a year crt.sh
c.pub.network
WR3		 2024-05-19 -
2024-08-17		 3 months crt.sh
quantserve.com
R10		 2024-06-24 -
2024-09-22		 3 months crt.sh
static-pixel.gliavideo.com
E5		 2024-07-01 -
2024-09-29		 3 months crt.sh
config.aps.amazon-adsystem.com
Amazon RSA 2048 M02		 2024-01-21 -
2025-02-19		 a year crt.sh
alt1-3ps.amazon-adsystem.com
Amazon RSA 2048 M03		 2024-03-29 -
2025-04-28		 a year crt.sh
pa.openx.net
WR3		 2024-05-26 -
2024-08-24		 3 months crt.sh
*.pubmatic.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-11-26 -
2024-11-26		 a year crt.sh
*.ybp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2024-05-02 -
2024-10-23		 6 months crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2024-02-14 -
2025-03-16		 a year crt.sh
*.yieldmo.com
Amazon RSA 2048 M01		 2023-08-14 -
2024-09-12		 a year crt.sh
prebid.media.net
WR3		 2024-06-13 -
2024-09-11		 3 months crt.sh
casalemedia.com
E5		 2024-06-17 -
2024-09-15		 3 months crt.sh
*.criteo.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2024-06-18 -
2024-09-17		 3 months crt.sh
*.bidswitch.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2024-05-15 -
2024-08-07		 3 months crt.sh
*.openx.net
RapidSSL TLS RSA CA G1		 2023-08-18 -
2024-08-18		 a year crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1		 2024-03-04 -
2025-04-03		 a year crt.sh
a.ad.gt
E6		 2024-06-09 -
2024-09-07		 3 months crt.sh
secure.cdn.fastclick.net
DigiCert TLS RSA SHA256 2020 CA1		 2023-10-03 -
2024-10-03		 a year crt.sh
*.crwdcntrl.net
Amazon RSA 2048 M01		 2023-10-08 -
2024-11-05		 a year crt.sh
*.33across.com
Sectigo RSA Domain Validation Secure Server CA		 2023-09-06 -
2024-09-30		 a year crt.sh
id5-sync.com
E1		 2024-06-04 -
2024-09-02		 3 months crt.sh
*.eu-1-id5-sync.com
R10		 2024-07-01 -
2024-09-29		 3 months crt.sh
s.amazon-adsystem.com
Amazon RSA 2048 M01		 2024-04-24 -
2025-04-17		 a year crt.sh
p.ad.gt
Cloudflare Inc ECC CA-3		 2023-11-09 -
2024-11-07		 a year crt.sh
*.ad.gt
Amazon RSA 2048 M02		 2024-03-10 -
2025-04-08		 a year crt.sh
*.1rx.io
Sectigo RSA Domain Validation Secure Server CA		 2024-06-13 -
2025-07-14		 a year crt.sh
*.360yield.com
Amazon RSA 2048 M02		 2024-06-15 -
2025-07-14		 a year crt.sh
lexicon.33across.com
WR3		 2024-05-15 -
2024-08-13		 3 months crt.sh
pixels.ad.gt
E1		 2024-05-10 -
2024-08-08		 3 months crt.sh
cdn.adnxs.com
GeoTrust RSA CA 2018		 2023-08-24 -
2024-08-24		 a year crt.sh
indexww.com
Cloudflare Inc ECC CA-3		 2023-09-05 -
2024-09-03		 a year crt.sh
*.media.net
DigiCert TLS RSA SHA256 2020 CA1		 2023-12-21 -
2024-12-21		 a year crt.sh
*.3lift.com
Amazon RSA 2048 M02		 2024-03-13 -
2025-04-10		 a year crt.sh
*.criteo.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2024-06-27 -
2024-09-24		 3 months crt.sh
protected-by.clarium.io
Amazon RSA 2048 M03		 2023-11-16 -
2024-12-15		 a year crt.sh
tpc.googlesyndication.com
WR2		 2024-06-13 -
2024-09-05		 3 months crt.sh
*.googleadservices.com
WR2		 2024-06-13 -
2024-09-05		 3 months crt.sh

This page contains 37 frames:

Primary Page: https://xosodaiphat.com/
Frame ID: 56D0FE9ABFCE5CCF0757EC917B55B8CA
Requests: 194 HTTP requests in this frame

Frame: https://msdigital.vn/ads/NjM4NTQ1ODY2Mzgx
Frame ID: D0CDD24A769E263D70929E9B971303FB
Requests: 1 HTTP requests in this frame

Frame: https://msdigital.vn/ads/NjM4NTQ1ODc4Mjc3
Frame ID: 2F5E55B2A5BAA980B047A976527850C2
Requests: 1 HTTP requests in this frame

Frame: https://msdigital.vn/ads/NjM4NTQ1ODc1NjQ2
Frame ID: B59267A091F08BE54F672C2B1F4C2723
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20240702/r20110914/zrt_lookup_fy2021.html
Frame ID: DF4154993468799A0962770CEB9DAAD4
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2201058077065954&output=html&adk=1812271804&adf=3025194257&abgtt=5&lmt=1720262354&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=212x945_l%7C212x945_r&format=0x0&url=https%3A%2F%2Fxosodaiphat.com%2F&pra=5&wgl=1&easpi=0&aihb=0&asro=0&ailel=31~27~29~1~2~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24~30&aiael=31~27~29~1~2~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24~30&aifxl=31_3~27_15~29_11~30_19&aiixl=31_8~27_3~29_5~30_6&aslmct=0.7&asamct=0.7&aisaib=1&uach=WyJXaW4zMiIsIjEwLjAuMCIsIng4NiIsIiIsIjEyNi4wLjY0NzguMTI2IixudWxsLDAsbnVsbCwiNjQiLFtbIk5vdC9BKUJyYW5kIiwiOC4wLjAuMCJdLFsiQ2hyb21pdW0iLCIxMjYuMC42NDc4LjEyNiJdLFsiR29vZ2xlIENocm9tZSIsIjEyNi4wLjY0NzguMTI2Il1dLDBd&dt=1720262386406&bpp=5&bdt=381&idt=347&shv=r20240702&mjsv=m202406260101&ptt=9&saldr=aa&abxe=1&cookie_enabled=1&eoidce=1&nras=1&correlator=7745832034737&frm=20&pv=2&ga_vid=1566292685.1720262387&ga_sid=1720262387&ga_hid=526396920&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44798934%2C95331695%2C95334510%2C95334525%2C95334566%2C95334578%2C31084926%2C95336267%2C31078663%2C31078668%2C31078670&oid=2&pvsid=2203719768510086&tmod=647419964&uas=0&nvt=1&fsapi=1&fc=1920&brdim=60%2C60%2C60%2C60%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&nt=1&ifi=1&uci=a!1&fsb=1&dtd=403
Frame ID: 747F6422701656846DAF260BE3E208C0
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2201058077065954&output=html&h=90&slotname=6870289708&adk=1372377908&adf=4171771922&pi=t.ma~as.6870289708&w=728&abgtt=5&lmt=1720262354&format=728x90&url=https%3A%2F%2Fxosodaiphat.com%2F&wgl=1&uach=WyJXaW4zMiIsIjEwLjAuMCIsIng4NiIsIiIsIjEyNi4wLjY0NzguMTI2IixudWxsLDAsbnVsbCwiNjQiLFtbIk5vdC9BKUJyYW5kIiwiOC4wLjAuMCJdLFsiQ2hyb21pdW0iLCIxMjYuMC42NDc4LjEyNiJdLFsiR29vZ2xlIENocm9tZSIsIjEyNi4wLjY0NzguMTI2Il1dLDBd&dt=1720262386411&bpp=1&bdt=386&idt=409&shv=r20240702&mjsv=m202406260101&ptt=9&saldr=aa&abxe=1&cookie_enabled=1&eoidce=1&prev_fmts=0x0&nras=1&correlator=7745832034737&frm=20&pv=1&ga_vid=1566292685.1720262387&ga_sid=1720262387&ga_hid=526396920&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=642&ady=10&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44798934%2C95331695%2C95334510%2C95334525%2C95334566%2C95334578%2C31084926%2C95336267%2C31078663%2C31078668%2C31078670&oid=2&pvsid=2203719768510086&tmod=647419964&uas=0&nvt=1&fc=1920&brdim=60%2C60%2C60%2C60%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=0&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&nt=1&ifi=2&uci=a!2&fsb=1&dtd=417
Frame ID: 66AAA2508680693E7465A94F1F289F87
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/static/topics/topics_frame.html
Frame ID: BDEC3896FD2D0BF9B7AB7000207CB5E8
Requests: 1 HTTP requests in this frame

Frame: https://51e531cd837b7eb4ae819c576c27b552.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: A9AEFE709EA8A263C515CF482F042EF7
Requests: 1 HTTP requests in this frame

Frame: https://pa.openx.net/topics_frame.html?bidder=openx
Frame ID: DE7422253311581FEFBE04EFBA15330A
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/topics/topics_frame.html?bidder=pubmatic
Frame ID: 6B9EFA2C639B72B54DB48BC53CC9AF7D
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20240702/r20110914/zrt_lookup_fy2021.html
Frame ID: 721409E08C509F6F8740C03A8CAC3F75
Requests: 1 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=gg_n-mediagrid_n-index_n-LoopMe_n-adMediaV1_rx_snb_n-MediaNet_n-Beeswax_ox-db5_n-inmobi_cnv_n-smaato_n-onetag_pm-db5_n-simpli.fi_ym_rbd_ppt_n-vmg_n-nativo_an-db5_3lift_n-Outbrain&dcc=t
Frame ID: 5E80194697DE16A3E137066B96694C49
Requests: 1 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.650.0_en.html
Frame ID: 15AC5FB8E915D86A79D48E2FF70AA10E
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: E4B48034A2E8C3F73828CD3B1675D46B
Requests: 1 HTTP requests in this frame

Frame: https://www.youtube.com/embed/VERPqcmO16E?playsinline=1&autoplay=0&fs=0&disablekb=1&modestbranding=1&rel=0&enablejsapi=1&origin=https%3A%2F%2Fxosodaiphat.com&widgetid=1
Frame ID: 300739BDECD6B90443456078BD1152D7
Requests: 1 HTTP requests in this frame

Frame: https://ads.yieldmo.com/pbcas?us_privacy=&gdpr=0&gdpr_consent=&type=iframe
Frame ID: B324EAAAB68467D6759B359A1C490715
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: E93C4C5010C924B223C87FAE45BA3482
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156696
Frame ID: C456B05CA4A92DC4FB6F3C24CEE82195
Requests: 1 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: 32F00BF806CDF93A9F0EF1A7443F8EBC
Requests: 1 HTTP requests in this frame

Frame: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUJ8GUQF&prvid=590%2C233%2C157%2C2027%2C159%2C2026%2C236%2C357%2C237%2C556%2C117%2C359%2C97%2C55%2C99%2C56%2C59%2C3012%2C3010%2C201%2C246%2C4%2C521%2C126%2C203%2C446%2C326%2C404%2C9%2C2099%2C173%2C294%2C251%2C175%2C450%2C178%2C3017%2C214%2C3016%2C337%2C338%2C459%2C339%2C77%2C38%2C261%2C262%2C461%2C222%2C542%2C345%2C543%2C226%2C468%2C10000%2C80%2C108%2C229%2C109%2C307%2C82&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Frame ID: 6493735DDC72D6CB6A8897568B4F40C2
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: F06F12657BE9880FE2A8D6F76F40CD0B
Requests: 1 HTTP requests in this frame

Frame: https://freestar-d.openx.net/w/1.0/pd?cc=1
Frame ID: 376C2378073DFA0D9DD0129D1C37D5B2
Requests: 1 HTTP requests in this frame

Frame: https://eb2.3lift.com/sync?&ld=1
Frame ID: AFEC5CC9C95A9270E2BBBF8687FB1E0C
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPDkLxCz8jkYuoz02QEwAQ&v=APEucNWGj4j4l6GbbSyVijluNJlF5z4MCLla2F3CgO7J3yuoES4xDuZN7WHc2AYaBSk6LA2fPwBFycyJixEyYmoq-QORGkkUWA
Frame ID: 1DD511650CBABD77C2666BE5DE6A3E1C
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Frame ID: 0BC85D752741085EB6D8F0A786D017C9
Requests: 17 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuT9GCyCNNN3zLRB62ukJDyCaz_VuelMaa0O0zbP9iVPo9799aIcuskTY2n2dyT-VmdIXyHycCc1CVHPy6KCy3QWo8W38u2IobmcS2uzrmZ2laXruRmnIustQYf_yA9B5hpLo6jmFp1j3vvuaSpr1Gr9b6dPeujK5zxAMfYOGhw3It65z32bgKIuFYKokTYkSOfgJZ4yijzHtcjDHE7e_AkxR9_GqPbOzwpiCAZEdAQEH7uyxdm75lKwrQK8FYuP893l59iXjxASNZCpvntDyuTGNgC2ywzhyXYTPxWEWJB7q_NTUqkoU88zsqbpgGSIUVZw6jkI5RU18hN_ghS5JfcH2ZgEFVr3wgG8KIaDC0HLwLAsh6q4svp2LxRr5FXnFNzoIlGyyPaJZJrSQiA8lvv&sai=AMfl-YT51Cb1SBCKQmanmuytzDJ6EoWzsYG1soGp5q0l1XOmWlLlirNqSEM3pKLhuNaB2E5KP-Mozvh56rBT-mJxpOd7ArDhAFOJ-oq1JPCBcGklqLzX50YKKIWVa3uxgP0&sig=Cg0ArKJSzBKk3LUuH-J_EAE&uach_m=%5BUACH%5D&urlfix=1&adurl=
Frame ID: AE5C139B3FD56BF2D1F50D863D4277DF
Requests: 23 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CP-1ygIQq87LAhixypyUAjAB&v=APEucNWF13jb_7zTkvVpcUdx19AaEJ-gjSwW47r9Pd2X5MqYzFGngfNiDOYrZPbOyd0MnYFYBVb7IQp6axwDOKG-tSLJFA8KSw
Frame ID: F4071B21DC1604E26BAF22646F7F7E9B
Requests: 1 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?ix_um=1&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&s=184310&gdpr=0
Frame ID: B79328510F7567B719FE0D688A4A066B
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?&geo=na&co=us
Frame ID: A52891F0D5668B14ABAD8384B1E37FE2
Requests: 1 HTTP requests in this frame

Frame: https://www.googleadservices.com/pagead/managed/js/activeview/current/reach_worklet.html
Frame ID: 372063DE3BA322239A35AE0B22183F3C
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: 648F06DC4FC0DB6FE93F13BCE253C8B1
Requests: 1 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/13273901356209860687/index.html?ev=01_251
Frame ID: E5DD1E3EB534E79683832F7F0E16A15F
Requests: 1 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/2299595170114639582/index.html?ev=01_251
Frame ID: F076CFA8F5EF38CC319FF869E83570E8
Requests: 1 HTTP requests in this frame

Frame: https://www.googleadservices.com/pagead/managed/js/activeview/current/reach_worklet.html
Frame ID: B27648497DC10C095A6BDE850AA7503B
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: EBEDE52AA981E237A1B5E4452FA3CE53
Requests: 1 HTTP requests in this frame

Frame: https://www.googleadservices.com/pagead/managed/js/activeview/current/reach_worklet.html
Frame ID: 95D194D588F16BE2C067FDF30AB22207
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

KQXS - Xổ số kiến thiết hôm nay - Xo So

Page URL History Show full URLs

  1. http://xosodaiphat.com/ HTTP 307
    https://xosodaiphat.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • /firebasejs/([\d.]+)/firebase
Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • apis\.google\.com/js/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net
Overall confidence: 100%
Detected patterns
  • adnxs\.com/[^"]*(?:prebid|/pb\.js)
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com
Overall confidence: 100%
Detected patterns
  • \.quantserve\.com/quant\.js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

273
Requests

94 %
HTTPS

32 %
IPv6

56
Domains

100
Subdomains

87
IPs

5
Countries

2946 kB
Transfer

8982 kB
Size

322
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://xosodaiphat.com/ HTTP 307
    https://xosodaiphat.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 38
  • https://freestar-io.videoplayerhub.com/gallery.js HTTP 301
  • https://btloader.com/tag?h=freestar-io&upapi=true
Request Chain 64
  • https://lexicon.33across.com/v1/envelope?pid=0013300001cFpYHAA0&gdpr=0&src=pbjs&ver=8.49.3&coppa=0 HTTP 307
  • https://lexicon.33across.com/v1/envelope?pid=0013300001cFpYHAA0&gdpr=0&src=pbjs&ver=8.49.3&coppa=0&b=1&g=jey9bhvrwztZWzCwD0PXQTEUq%2F5SPFtOfWyRiCOS32I%3D
Request Chain 132
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=gg_n-mediagrid_n-index_n-LoopMe_n-adMediaV1_rx_snb_n-MediaNet_n-Beeswax_ox-db5_n-inmobi_cnv_n-smaato_n-onetag_pm-db5_n-simpli.fi_ym_rbd_ppt_n-vmg_n-nativo_an-db5_3lift_n-Outbrain HTTP 302
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=gg_n-mediagrid_n-index_n-LoopMe_n-adMediaV1_rx_snb_n-MediaNet_n-Beeswax_ox-db5_n-inmobi_cnv_n-smaato_n-onetag_pm-db5_n-simpli.fi_ym_rbd_ppt_n-vmg_n-nativo_an-db5_3lift_n-Outbrain&dcc=t
Request Chain 138
  • https://secure.adnxs.com/getuid?https://ids.ad.gt/api/v1/match?id=AU1D-0100-001720262388-O0OKIR77-9QXB&adnxs_id=$UID&gdpr=0 HTTP 307
  • https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fmatch%3Fid%3DAU1D-0100-001720262388-O0OKIR77-9QXB%26adnxs_id%3D%24UID%26gdpr%3D0 HTTP 302
  • https://ids.ad.gt/api/v1/match?id=AU1D-0100-001720262388-O0OKIR77-9QXB&adnxs_id=2171395553848670899&gdpr=0
Request Chain 139
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=8gkxb6n&ttd_tpi=1&ttd_puid=AU1D-0100-001720262388-O0OKIR77-9QXB&gdpr=0 HTTP 302
  • https://ids.ad.gt/api/v1/t_match?tdid=549d8d79-5a7e-4d7f-ac03-6b693aeb00e7&id=AU1D-0100-001720262388-O0OKIR77-9QXB
Request Chain 140
  • https://image2.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fpbm_match%3Fpbm%3D%23PM_USER_ID%26id%3DAU1D-0100-001720262388-O0OKIR77-9QXB HTTP 302
  • https://image2.pubmatic.com/AdServer/UCookieSetPug?ird=1&rd=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fpbm_match%3Fpbm%3D%23PM_USER_ID%26id%3DAU1D-0100-001720262388-O0OKIR77-9QXB HTTP 302
  • https://ids.ad.gt/api/v1/pbm_match?pbm=336C3BC6-EE00-451E-8420-E332AE921915&id=AU1D-0100-001720262388-O0OKIR77-9QXB
Request Chain 142
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=3185&partner_device_id=AU1D-0100-001720262388-O0OKIR77-9QXB&partner_url=https://ids.ad.gt%2Fapi%2Fv1%2Ftapad_match%3Fid%3DAU1D-0100-001720262388-O0OKIR77-9QXB%26tapad_id%3D%24%7BTA_DEVICE_ID%7D HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3185&partner_device_id=AU1D-0100-001720262388-O0OKIR77-9QXB&partner_url=https://ids.ad.gt%2Fapi%2Fv1%2Ftapad_match%3Fid%3DAU1D-0100-001720262388-O0OKIR77-9QXB%26tapad_id%3D%24%7BTA_DEVICE_ID%7D HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=tapad&ttd_tpi=1&ttd_puid=6729625d-944e-48b5-abcf-743892922161%252Chttps%25253A%25252F%25252Fids.ad.gt%25252Fapi%25252Fv1%25252Ftapad_match%25253Fid%25253DAU1D-0100-001720262388-O0OKIR77-9QXB%252526tapad_id%25253D6729625d-944e-48b5-abcf-743892922161%252C&gdpr=0&gdpr_consent= HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=549d8d79-5a7e-4d7f-ac03-6b693aeb00e7&ttd_puid=6729625d-944e-48b5-abcf-743892922161%2Chttps%253A%252F%252Fids.ad.gt%252Fapi%252Fv1%252Ftapad_match%253Fid%253DAU1D-0100-001720262388-O0OKIR77-9QXB%2526tapad_id%253D6729625d-944e-48b5-abcf-743892922161%2C HTTP 302
  • https://ids.ad.gt/api/v1/tapad_match?id=AU1D-0100-001720262388-O0OKIR77-9QXB&tapad_id=6729625d-944e-48b5-abcf-743892922161
Request Chain 143
  • https://cm.g.doubleclick.net/pixel?google_nid=audigent_w_appnexus_3985&google_cm&google_sc&google_ula=450542624&id=AU1D-0100-001720262388-O0OKIR77-9QXB HTTP 302
  • https://ids.ad.gt/api/v1/g_match?id=AU1D-0100-001720262388-O0OKIR77-9QXB&google_gid=CAESEFu0DP-Qyx-ydDK3O9ja-J0&google_cver=1&google_ula=450542624,0
Request Chain 144
  • https://ids.ad.gt/api/v1/g_hosted?id=AU1D-0100-001720262388-O0OKIR77-9QXB HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=audigent_w_appnexus_3985&google_hm=QVUxRC0wMTAwLTAwMTcyMDI2MjM4OC1PME9LSVI3Ny05UVhC
Request Chain 146
  • https://sync.go.sonobi.com/us?https://ids.ad.gt/api/v1/son_match?id=AU1D-0100-001720262388-O0OKIR77-9QXB&uid=[UID]&gdpr=0 HTTP 302
  • https://ids.ad.gt/api/v1/son_match?id=AU1D-0100-001720262388-O0OKIR77-9QXB&uid=26a6f122-236e-4b85-b6e7-0ceff7cf1267&gdpr=0
Request Chain 186
  • https://freestar-d.openx.net/w/1.0/pd HTTP 302
  • https://freestar-d.openx.net/w/1.0/pd?cc=1
Request Chain 187
  • https://eb2.3lift.com/sync HTTP 302
  • https://eb2.3lift.com/sync?&ld=1
Request Chain 227
  • https://id5-sync.com/i/882/8.gif?o=api&id5id=ID5*bq_iBAh8VeaxYmdeNGlTpB2E0Ab2n0pEhpPKbVhv1iWuc3LoGeX9geLrPp94EmLo&gdpr_consent=undefined&gdpr=false HTTP 302
  • https://ice.360yield.com/match?publisher_dsp_id=79&dsp_callback=1&external_user_id=ID5-9e57X7aC1eaosG1jo4SXSk4HNaFVnXfRWR1eD6UBFg&r=https%3A%2F%2Fid5-sync.com%2Fcq%2F882%2F124%2F7%2F2.gif%3Fpuid%3D%7BPUB_USER_ID%7D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://ice.360yield.com/ul_cb/match?publisher_dsp_id=79&dsp_callback=1&external_user_id=ID5-9e57X7aC1eaosG1jo4SXSk4HNaFVnXfRWR1eD6UBFg&r=https%3A%2F%2Fid5-sync.com%2Fcq%2F882%2F124%2F7%2F2.gif%3Fpuid%3D%7BPUB_USER_ID%7D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://id5-sync.com/cq/882/124/7/2.gif?puid=e9567f2f-afed-4e2e-b2b1-891c7b434401&gdpr=0&gdpr_consent=&gdpr=0&gdpr_consent= HTTP 302
  • https://pixel.tapad.com/idsync/ex/push?partner_id=2922&partner_url=https%3A%2F%2Fid5-sync.com%2Fc%2F882%2F108%2F6%2F3.gif%3Fpuid%3D%24%7BTA_DEVICE_ID%7D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://id5-sync.com/c/882/108/6/3.gif?puid=6729625d-944e-48b5-abcf-743892922161&gdpr=0&gdpr_consent= HTTP 302
  • https://sync.go.sonobi.com/us?loc=https%3A%2F%2Fid5-sync.com%2Fc%2F882%2F434%2F5%2F4.gif%3Fpuid%3D%5BUID%5D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&consent= HTTP 302
  • https://id5-sync.com/c/882/434/5/4.gif?puid=26a6f122-236e-4b85-b6e7-0ceff7cf1267&gdpr=0&gdpr_consent= HTTP 302
  • https://ib.adnxs.com/getuid?https://id5-sync.com/c/882/2/4/5.gif?puid=$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://id5-sync.com/c/882/2/4/5.gif?puid=7260173943964548424&gdpr=0&gdpr_consent= HTTP 302
  • https://dis.eu.criteo.com/dis/usersync.aspx?r=30&p=59&cp=id5&cu=1&url=https%3A%2F%2Fid5-sync.com%2Fc%2F882%2F203%2F3%2F6.gif%3Fpuid%3D%40%40CRITEO_USERID%40%40%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://id5-sync.com/c/882/203/3/6.gif?puid=d2c046b8-7bca-4dfd-bc1e-8ae2e46d18f3&gdpr=0&gdpr_consent= HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=8h9u11h&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://id5-sync.com/k/264.gif?puid=549d8d79-5a7e-4d7f-ac03-6b693aeb00e7&ttl=%%TTL%% HTTP 302
  • https://ce.lijit.com/merge?pid=92&3pid=7260173943964548424&us_privacy=&gdpr=0&gdpr_consent=&location=https%3A%2F%2Fid5-sync.com%2Fc%2F882%2F1246%2F1%2F8.gif%3Fpuid%3D%5BSOVRNID%5D%26gdpr%3D0%26gdpr_consent%3D&s=id5 HTTP 302
  • https://id5-sync.com/c/882/1246/1/8.gif?puid=I8f_ALZH13MvmOfkQ8uZm2fa&gdpr=0&gdpr_consent= HTTP 302
  • https://ce.lijit.com/merge?pid=27&3pid=549d8d79-5a7e-4d7f-ac03-6b693aeb00e7&us_privacy=&gdpr=0&gdpr_consent=&location=https%3A%2F%2Fid5-sync.com%2Fc%2F882%2F1245%2F0%2F9.gif%3Fpuid%3D%5BSOVRNID%5D%26gdpr%3D0%26gdpr_consent%3D&s=id5 HTTP 302
  • https://id5-sync.com/c/882/1245/0/9.gif?puid=I8f_ALZH13MvmOfkQ8uZm2fa&gdpr=0&gdpr_consent=

273 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
xosodaiphat.com/
Redirect Chain
  • http://xosodaiphat.com/
  • https://xosodaiphat.com/
144 KB
41 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://xosodaiphat.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.20.76 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
e8bfd3478f33c2a04cf1c33986e790f962350705a2bd78fab3e4cf082814dd6b

Request headers

Accept-Language
en-US,en;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=86400
cache-control
public, max-age=60
cf-cache-status
HIT
cf-ray
89eef9010c4174c2-MIA
content-encoding
gzip
content-length
41928
content-type
text/html; charset=utf-8
date
Sat, 06 Jul 2024 10:39:46 GMT
expires
Sat, 06 Jul 2024 10:40:45 GMT
last-modified
Sat, 06 Jul 2024 10:39:14 GMT
server
cloudflare
vary
*, Accept-Encoding
x-aspnet-version
4.0.30319
x-aspnetmvc-version
4.0
x-html-minification-powered-by
WebMarkupMin
x-powered-by
ASP.NET

Redirect headers

Location
https://xosodaiphat.com/
Non-Authoritative-Reason
HttpsUpgrades
gtm.js
www.googletagmanager.com/ 		267 KB
95 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-KGDCKMX
Requested by
Host: xosodaiphat.com
URL: https://xosodaiphat.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80e::2008 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
3b408428a4706312309e6a0b7d2a8fe43acb5ff9292b0c2b24e4315d075c7f0f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://xosodaiphat.com/
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 06 Jul 2024 10:39:46 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
97299
x-xss-protection
0
last-modified
Sat, 06 Jul 2024 09:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sat, 06 Jul 2024 10:39:46 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		160 KB
52 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: xosodaiphat.com
URL: https://xosodaiphat.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.80.66 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s35-in-f2.1e100.net
Software
cafe /
Resource Hash
27638947806ac0f87353c7931a96a783b7685440dabc5ec8f056322e305e8c8a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://xosodaiphat.com/
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 06 Jul 2024 10:39:46 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
53223
x-xss-protection
0
server
cafe
etag
8690749110643181221
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
link
<https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
expires
Sat, 06 Jul 2024 10:39:46 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		163 KB
52 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-2201058077065954
Requested by
Host: xosodaiphat.com
URL: https://xosodaiphat.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.80.66 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s35-in-f2.1e100.net
Software
cafe /
Resource Hash
370ac9a7b9a0d65f044baf1d17194c30aa2bf40c6250d6bcdc6189a9652c7c31
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://xosodaiphat.com/
Origin
https://xosodaiphat.com
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 06 Jul 2024 10:39:46 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
53171
x-xss-protection
0
server
cafe
etag
6730580801912625069
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
link
<https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
expires
Sat, 06 Jul 2024 10:39:46 GMT
cls.css
a.pub.network/xosodaiphat-com/ 		1 KB
923 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://a.pub.network/xosodaiphat-com/cls.css
Requested by
Host: xosodaiphat.com
URL: https://xosodaiphat.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.20.206 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e1dbef5772f381d1aa21788b5fd895e017171ee64f0478cb78465496a3abdc7c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://xosodaiphat.com/
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 06 Jul 2024 10:39:46 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
cf-cache-status
REVALIDATED
x-guploader-uploadid
ACJd0NrT1DGcJUC8coP6hSAlugyJ6UweyigVNhQTRojoQIWCBhwiki4gt1ClIq5P-tr6YLaHSTsluw04nA
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400
last-modified
Mon, 01 Jul 2024 21:01:05 GMT
server
cloudflare
etag
W/"6c0f510c229f33f5f8a907b2e3980e72"
vary
Accept-Encoding
x-goog-hash
crc32c=kXdi0Q==, md5=bA9RDCKfM/X4qQey45gOcg==
x-goog-generation
1719867665832981
access-control-allow-origin
*
content-type
text/css
cache-control
public, max-age=1800
x-goog-stored-content-length
1419
access-control-expose-headers
*
cf-ray
89eef9094e4c67b1-MIA
expires
Sat, 06 Jul 2024 11:09:46 GMT
pubfig.min.js
a.pub.network/xosodaiphat-com/ 		160 KB
51 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a.pub.network/xosodaiphat-com/pubfig.min.js
Requested by
Host: xosodaiphat.com
URL: https://xosodaiphat.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.20.206 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ff86e41bafc57424727d46a60c7fd79074cb8439d480d60e09017a67a4ad019e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://xosodaiphat.com/
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 06 Jul 2024 10:39:46 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
cf-cache-status
HIT
age
43307
x-guploader-uploadid
ACJd0NqdqpC_16idLCaNf2xVpgYFJ7WqHENgIwK_mzE63E5-VCtGBfu08zieE_jo81RabNYcyuCs5OZBbg
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400
last-modified
Fri, 05 Jul 2024 22:29:00 GMT
server
cloudflare
etag
W/"1b04327658fc6f1babef1a90ee41b00c"
vary
Accept-Encoding
x-goog-generation
1720218540638779
content-type
application/javascript
access-control-allow-origin
*
x-goog-hash
crc32c=W1no5A==, md5=GwQydlj8bxur7xqQ7kGwDA==
access-control-expose-headers
*
cache-control
public, max-age=1800
x-goog-stored-content-length
163328
cf-ray
89eef909fea467b1-MIA
link
<https://d.pub.network/v2/sites/xosodaiphat-com/configs?env=PROD>; rel="preload"; as="fetch"; crossorigin="use-credentials", <https://optimise.net>; rel="preconnect", <https://api.floors.dev>; rel="preconnect"
expires
Sat, 06 Jul 2024 11:09:46 GMT
logo.svg
cdn.xosodaiphat.com/assets/images/ 		15 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.xosodaiphat.com/assets/images/logo.svg
Requested by
Host: xosodaiphat.com
URL: https://xosodaiphat.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.21.76 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
dd382a0b771572febe55bbd91bca06284a52d4ac9bc73128f114914a4b3c7e97

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://xosodaiphat.com/
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 06 Jul 2024 10:39:46 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Fri, 21 Apr 2023 03:14:24 GMT
server
cloudflare
age
1548785
etag
W/"6bb87e5fff73d91:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=2678400
cf-ray
89eef9094849a4bb-MIA
alt-svc
h3=":443"; ma=86400
expires
Tue, 06 Aug 2024 10:39:46 GMT
home.svg
cdn.xosodaiphat.com/assets/images/ 		958 B
761 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.xosodaiphat.com/assets/images/home.svg
Requested by
Host: xosodaiphat.com
URL: https://xosodaiphat.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.21.76 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
f1cfe4f7d3b09de9e3537f0a2303e3e1f23825a794f744340ababa5807de75e1

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://xosodaiphat.com/
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 06 Jul 2024 10:39:46 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Mon, 22 Nov 2021 04:03:56 GMT
server
cloudflare
age
491196
etag
W/"34586ff855dfd71:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=2678400
cf-ray
89eef9094848a4bb-MIA
alt-svc
h3=":443"; ma=86400
expires
Tue, 06 Aug 2024 10:39:46 GMT
hot.gif
xosodaiphat.com/assets/images/ 		181 B
418 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://xosodaiphat.com/assets/images/hot.gif
Requested by
Host: xosodaiphat.com
URL: https://xosodaiphat.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.20.76 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
ede1a14f2800eeb40e5370aef684dce98eff7eee4e6c75fb9b3c4c773351a8b2

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://xosodaiphat.com/
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 06 Jul 2024 10:39:46 GMT
cf-cache-status
HIT
last-modified
Fri, 26 May 2023 07:19:31 GMT
server
cloudflare
age
1548792
etag
"3be21a6aa28fd91:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
content-type
image/gif
cache-control
public, max-age=2678400
accept-ranges
bytes
cf-ray
89eef909885774c2-MIA
alt-svc
h3=":443"; ma=86400
content-length
181
expires
Tue, 06 Aug 2024 10:39:46 GMT
menu.svg
cdn.xosodaiphat.com/assets/images/ 		1 KB
819 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.xosodaiphat.com/assets/images/menu.svg
Requested by
Host: xosodaiphat.com
URL: https://xosodaiphat.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.21.76 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
c86bfeabd06ba640332347ce71c397f83fc766be7ba5cd8204d99b940e0fbcb6

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://xosodaiphat.com/
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 06 Jul 2024 10:39:46 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Mon, 22 Nov 2021 04:03:56 GMT
server
cloudflare
age
215479
etag
W/"b81b7bf855dfd71:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=2678400
cf-ray
89eef909886ea4bb-MIA
alt-svc
h3=":443"; ma=86400
expires
Tue, 06 Aug 2024 10:39:46 GMT
namviet_xosodaiphat_desktop
player.gliacloud.com/player/ 		145 KB
58 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://player.gliacloud.com/player/namviet_xosodaiphat_desktop
Requested by
Host: xosodaiphat.com
URL: https://xosodaiphat.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.234.15 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
443795c4c7acd188f6d2a3e7f1dd58de62ce4d910592e570dff579195a7f70c1

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://xosodaiphat.com/
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 06 Jul 2024 10:39:46 GMT
content-encoding
gzip
cf-cache-status
EXPIRED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
content-length
58506
pragma
Public
last-modified
Sat, 06 Jul 2024 09:35:21 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=i2jq%2BGzZVA3tB4kn28JGxzO7OH8tv3SZ5h1BYwo9vPeqj9Zym7SKwxUQxsr%2B9AUY3H%2B4ETqnaQatEFkcC4b0LnYPr5VM9p7yeOPDS5KoNUU4L9J3JGSBoRrsPf%2BKwExnMPFPazQ5bA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
x-cloud-trace-context
89498fc1f45759aa36e915f8d69b5795
cache-control
public, max-age=900
accept-ranges
bytes
cf-ray
89eef90a4f3a3dd7-MIA
priority
u=3,i=?0
expires
Sat, 06 Jul 2024 10:54:46 GMT
dmca.png
cdn.xosodaiphat.com/assets/images/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.xosodaiphat.com/assets/images/dmca.png?ID=2fe00d0c-59bc-4930-bde8-11153f7264ff
Requested by
Host: xosodaiphat.com
URL: https://xosodaiphat.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.21.76 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
c139d813498e013df39eea698dab24025cee5520480588f73cac443e222a58d1

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://xosodaiphat.com/
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 06 Jul 2024 10:39:46 GMT
cf-cache-status
HIT
age
1300059
x-powered-by
ASP.NET
alt-svc
h3=":443"; ma=86400
content-length
2525
last-modified
Mon, 22 Nov 2021 04:03:56 GMT
server
cloudflare
etag
"ea6465f855dfd71:0"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=2678400
accept-ranges
bytes
cf-ray
89eef909f8aba4bb-MIA
expires
Tue, 06 Aug 2024 10:39:46 GMT
DMCABadgeHelper.min.js
images.dmca.com/Badges/ 		465 B
843 B 		Script
General
Check archive.org
Download Go to
Full URL
https://images.dmca.com/Badges/DMCABadgeHelper.min.js
Requested by
Host: xosodaiphat.com
URL: https://xosodaiphat.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c454::1 New York, United States, ASN60068 (CDN77 _, GB),
Reverse DNS
Software
BunnyCDN-NY1-885 / ASP.NET
Resource Hash
e8021f1a9dad409f7e699457ac334653bf800464df69900237c4de1c29e275d0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://xosodaiphat.com/
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 06 Jul 2024 10:39:46 GMT
content-encoding
br
cdn-edgestorageid
885
x-powered-by
ASP.NET
cdn-cachedat
05/15/2024 07:09:19
cdn-pullzone
1574055
last-modified
Fri, 21 Jun 2019 20:14:34 GMT
server
BunnyCDN-NY1-885
cdn-proxyver
1.04
cdn-requestpullcode
200
etag
W/"26b181f16d28d51:0"
vary
Accept-Encoding, Accept-Encoding
content-type
application/javascript
cdn-cache
HIT
cdn-uid
c136c664-112d-4533-8247-f90f6849ab39
cache-control
public, max-age=31536000
cdn-requestid
c661d59de2f92e2999ac546f9cc05c14
cdn-requestcountrycode
US
link
<https://dmca-images.azurewebsites.net/Badges/DMCABadgeHelper.min.js>; rel="canonical"
cdn-status
200
cdn-requestpullsuccess
True
jquerylib.js
cdn.xosodaiphat.com/assets/js/ 		105 KB
43 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.xosodaiphat.com/assets/js/jquerylib.js?v=20230711
Requested by
Host: xosodaiphat.com
URL: https://xosodaiphat.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.21.76 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
c01eb076809b16051ebbb8ace592465ef2d059908c608a4e07a7c1b6c624249b

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://xosodaiphat.com/
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 06 Jul 2024 10:39:46 GMT
content-encoding
gzip
cf-cache-status
HIT
age
477856
x-powered-by
ASP.NET
alt-svc
h3=":443"; ma=86400
content-length
43717
last-modified
Tue, 11 Jul 2023 05:03:43 GMT
server
cloudflare
etag
"6ff6e510b5b3d91:0"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=2678400
accept-ranges
bytes
cf-ray
89eef909c88ea4bb-MIA
expires
Tue, 06 Aug 2024 10:39:46 GMT
lazyload.min.js
cdn.xosodaiphat.com/assets/js/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.xosodaiphat.com/assets/js/lazyload.min.js?v=20230112
Requested by
Host: xosodaiphat.com
URL: https://xosodaiphat.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.21.76 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
9ccd0b8dcedf64da15cc9c91034d10ead865813506f63c82b9b02ba7cc4df78a

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://xosodaiphat.com/
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 06 Jul 2024 10:39:46 GMT
content-encoding
gzip
cf-cache-status
HIT
age
210652
x-powered-by
ASP.NET
alt-svc
h3=":443"; ma=86400
content-length
1428
last-modified
Wed, 11 Jan 2023 07:27:37 GMT
server
cloudflare
etag
"5f34c2e8e25d91:0"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=691200
accept-ranges
bytes
cf-ray
89eef909d88fa4bb-MIA
expires
Sun, 14 Jul 2024 10:39:46 GMT
firebase-app.js
www.gstatic.com/firebasejs/8.3.0/ 		19 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/firebasejs/8.3.0/firebase-app.js
Requested by
Host: xosodaiphat.com
URL: https://xosodaiphat.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:824::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b33c75d66b6115b2b04d07e509b8b5def62e5ff9a5feb52c7b4dfedb748fa8ba
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://xosodaiphat.com/
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 05 Jul 2024 02:48:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
114665
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6476
x-xss-protection
0
last-modified
Thu, 11 Mar 2021 00:35:57 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="firebase-js"
vary
Accept-Encoding
report-to
{"group":"firebase-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/firebase-js"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 05 Jul 2025 02:48:41 GMT
firebase-messaging.js
www.gstatic.com/firebasejs/8.3.0/ 		40 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/firebasejs/8.3.0/firebase-messaging.js
Requested by
Host: xosodaiphat.com
URL: https://xosodaiphat.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:824::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e8001772f5fd68cdf6f4d82118d7d0b67cc65eb418f3994a4105837e5624894a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://xosodaiphat.com/
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 03 Jul 2024 22:35:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
216247
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
10873
x-xss-protection
0
last-modified
Thu, 11 Mar 2021 00:36:01 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="firebase-js"
vary
Accept-Encoding
report-to
{"group":"firebase-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/firebase-js"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 03 Jul 2025 22:35:39 GMT
xsdp-result.min.js
cdn.xosodaiphat.com/assets/js/ 		16 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.xosodaiphat.com/assets/js/xsdp-result.min.js?v=20230526
Requested by
Host: xosodaiphat.com
URL: https://xosodaiphat.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.21.76 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
ca52dfbb3f2b64b0d96603936970f78ca8a0fac76233aad6b9020ae2acdfa336

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://xosodaiphat.com/
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 06 Jul 2024 10:39:46 GMT
content-encoding
gzip
cf-cache-status
HIT
age
263652
x-powered-by
ASP.NET
alt-svc
h3=":443"; ma=86400
content-length
5420
last-modified
Mon, 29 May 2023 01:48:21 GMT
server
cloudflare
etag
"4abccca5cf91d91:0"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=691200
accept-ranges
bytes
cf-ray
89eef909f8a9a4bb-MIA
expires
Sun, 14 Jul 2024 10:39:46 GMT
lotterylivewk.min.js
cdn.xosodaiphat.com/Content/js/ 		53 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.xosodaiphat.com/Content/js/lotterylivewk.min.js?v=20240308
Requested by
Host: xosodaiphat.com
URL: https://xosodaiphat.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.21.76 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
90770153b501e152b3705e31d61696fa21e07d08a9d8e207a3f1207660b11071

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://xosodaiphat.com/
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 06 Jul 2024 10:39:46 GMT
content-encoding
gzip
cf-cache-status
HIT
age
240268
x-powered-by
ASP.NET
alt-svc
h3=":443"; ma=86400
content-length
16604
last-modified
Mon, 11 Mar 2024 01:58:33 GMT
server
cloudflare
etag
"8a51a19f5773da1:0"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=691200
accept-ranges
bytes
cf-ray
89eef909f8aaa4bb-MIA
expires
Sun, 14 Jul 2024 10:39:46 GMT
plusone.js
apis.google.com/js/ 		55 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://apis.google.com/js/plusone.js
Requested by
Host: xosodaiphat.com
URL: https://xosodaiphat.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80d::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
33400ad259cddf0871d1ab4f88169efc596cae3a5b9648c96e991a6cd4b5843e
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://xosodaiphat.com/
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

content-security-policy
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
content-encoding
gzip
x-content-type-options
nosniff
date
Sat, 06 Jul 2024 10:39:46 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
21607
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="gapi-team"
etag
"2b414a8fdc357a80"
vary
Accept-Encoding
report-to
{"group":"gapi-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gapi-team"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
private, max-age=1800, stale-while-revalidate=1800
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 06 Jul 2024 10:39:46 GMT
truncated
/ 		35 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
04c1bc744720c6e7542613e933c9a0f4bbd8f6ed45a5b1924223c256430dfd7b

Request headers

Accept-Language
en-US,en;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type
image/gif
NjM4NTQ1ODY2Mzgx
msdigital.vn/ads/ Frame D0CD 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://msdigital.vn/ads/NjM4NTQ1ODY2Mzgx
Requested by
Host: xosodaiphat.com
URL: https://xosodaiphat.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:c0d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
X-Frame-Options allow-from *

Request headers

Accept-Language
en-US,en;q=0.9;q=0.9
Referer
https://xosodaiphat.com/
Sec-Browsing-Topics
();p=P0000000000000000000000000000000
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

cache-control
public, max-age=300
cf-cache-status
HIT
cf-ray
89eef90a8bd24c08-MIA
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Sat, 06 Jul 2024 10:39:46 GMT
expires
Sat, 06 Jul 2024 10:44:46 GMT
last-modified
Sat, 06 Jul 2024 10:35:18 GMT
server
cloudflare
vary
Accept-Encoding
x-frame-options
allow-from *
NjM4NTQ1ODc4Mjc3
msdigital.vn/ads/ Frame 2F5E 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://msdigital.vn/ads/NjM4NTQ1ODc4Mjc3
Requested by
Host: xosodaiphat.com
URL: https://xosodaiphat.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:c0d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
X-Frame-Options allow-from *

Request headers

Accept-Language
en-US,en;q=0.9;q=0.9
Referer
https://xosodaiphat.com/
Sec-Browsing-Topics
();p=P0000000000000000000000000000000
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

cache-control
public, max-age=300
cf-cache-status
HIT
cf-ray
89eef90a8bd14c08-MIA
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Sat, 06 Jul 2024 10:39:47 GMT
expires
Sat, 06 Jul 2024 10:44:47 GMT
last-modified
Sat, 06 Jul 2024 10:35:59 GMT
server
cloudflare
vary
Accept-Encoding
x-frame-options
allow-from *
handpoint.svg
cdn.xosodaiphat.com/assets/images/ 		1 KB
1009 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.xosodaiphat.com/assets/images/handpoint.svg
Requested by
Host: xosodaiphat.com
URL: https://xosodaiphat.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.21.76 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
5b93756b4ce2e009cc63ea23ed9b723dee75e65a8aa1ffa97e8e68f2ec0cf3fe

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://xosodaiphat.com/
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 06 Jul 2024 10:39:46 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Mon, 22 Nov 2021 04:03:56 GMT
server
cloudflare
age
1293633
etag
W/"e4e06df855dfd71:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=2678400
cf-ray
89eef90a08b1a4bb-MIA
alt-svc
h3=":443"; ma=86400
expires
Tue, 06 Aug 2024 10:39:46 GMT
arow.svg
cdn.xosodaiphat.com/assets/images/ 		737 B
773 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.xosodaiphat.com/assets/images/arow.svg
Requested by
Host: xosodaiphat.com
URL: https://xosodaiphat.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.21.76 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
99984969b73a9759568e48a6e5e02f4fdc286cc3bd57f8e0fe94369b8dc920e4

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://xosodaiphat.com/
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 06 Jul 2024 10:39:46 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Mon, 22 Nov 2021 04:03:56 GMT
server
cloudflare
age
214282
etag
W/"188d5df855dfd71:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=2678400
cf-ray
89eef90a08b2a4bb-MIA
alt-svc
h3=":443"; ma=86400
expires
Tue, 06 Aug 2024 10:39:46 GMT
NjM4NTQ1ODc1NjQ2
msdigital.vn/ads/ Frame B592 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://msdigital.vn/ads/NjM4NTQ1ODc1NjQ2
Requested by
Host: xosodaiphat.com
URL: https://xosodaiphat.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:c0d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
X-Frame-Options allow-from *

Request headers

Accept-Language
en-US,en;q=0.9;q=0.9
Referer
https://xosodaiphat.com/
Sec-Browsing-Topics
();p=P0000000000000000000000000000000
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

cache-control
public, max-age=300
cf-cache-status
HIT
cf-ray
89eef90a8bd34c08-MIA
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Sat, 06 Jul 2024 10:39:47 GMT
expires
Sat, 06 Jul 2024 10:44:47 GMT
last-modified
Sat, 06 Jul 2024 10:38:37 GMT
server
cloudflare
vary
Accept-Encoding
x-frame-options
allow-from *
configs
d.pub.network/v2/sites/xosodaiphat-com/ 		48 KB
6 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://d.pub.network/v2/sites/xosodaiphat-com/configs?env=PROD
Requested by
Host: xosodaiphat.com
URL: https://xosodaiphat.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.160.152.31 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
31.152.160.34.bc.googleusercontent.com
Software
/
Resource Hash
feb294a6939435037d915fb9c2eeda3a6bf09627d2db95b1a5788fdc3a4532c3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://xosodaiphat.com/
Origin
https://xosodaiphat.com
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 06 Jul 2024 10:39:46 GMT
content-encoding
gzip
via
1.1 google
strict-transport-security
max-age=31536000
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Accept-Encoding, User-Agent
content-type
application/json
access-control-allow-origin
https://xosodaiphat.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
show_ads_impl_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202406260101/ 		425 KB
143 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202406260101/show_ads_impl_fy2021.js?bust=31084926
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.80.66 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s35-in-f2.1e100.net
Software
cafe /
Resource Hash
ebd6db0c39772804c1425c28d581ba43f64f0f50e01fee04e2b7e11e8e377cb2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://xosodaiphat.com/
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 06 Jul 2024 10:39:46 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
146813
x-xss-protection
0
server
cafe
etag
18395296142242939830
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Sat, 06 Jul 2024 10:39:46 GMT
js
www.googletagmanager.com/gtag/ 		304 KB
101 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-KPB8BPT4XL&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KGDCKMX
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80e::2008 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
9935cf9ce088e68d0e089c5d20acee9408d15bf1e284bb07b0a7d96323dbf1e2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://xosodaiphat.com/
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 06 Jul 2024 10:39:46 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
103767
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Sat, 06 Jul 2024 10:39:46 GMT
analytics.js
www.google-analytics.com/ 		52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KGDCKMX
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:809::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://xosodaiphat.com/
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Sat, 06 Jul 2024 10:15:29 GMT
last-modified
Tue, 12 Dec 2023 18:09:08 GMT
server
Golfe2
age
1457
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Sat, 06 Jul 2024 12:15:29 GMT
/
optimise.net/ 		2 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://optimise.net/?k=0&d=xosodaiphat.com&t=desktop&c=US
Requested by
Host: a.pub.network
URL: https://a.pub.network/xosodaiphat-com/pubfig.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.111.152.239 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
239.152.111.34.bc.googleusercontent.com
Software
/
Resource Hash
470cd1e288bd24b762e50e0e9463b5417ed523ef5d0f640bbad56aa22835944f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://xosodaiphat.com/
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 06 Jul 2024 10:39:46 GMT
strict-transport-security
max-age=31536000
via
1.1 google
fs-client-rtt
30
fs-country
US
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
pragma
no-cache
access-control-max-age
3600
access-control-allow-methods
ACL, CANCELUPLOAD, CHECKIN, CHECKOUT, COPY, DELETE, GET, HEAD, LOCK, MKCALENDAR, MKCOL, MOVE, OPTIONS, POST, PROPFIND, PROPPATCH, PUT, REPORT, SEARCH, UNCHECKOUT, UNLOCK, UPDATE, VERSION-CONTROL
content-type
application/json
access-control-allow-origin
https://xosodaiphat.com
access-control-expose-headers
fs-client-rtt,fs-country
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Key, Authorization, x-api-key
expires
0
boleromietvuon400_0107161311.jpg
static.xosodaiphat.com/uploaded/Images/Standard/2024/07/01/ 		19 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.xosodaiphat.com/uploaded/Images/Standard/2024/07/01/boleromietvuon400_0107161311.jpg
Requested by
Host: xosodaiphat.com
URL: https://xosodaiphat.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.21.76 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
4aaf47521cfc1263b018801985a770420e3c573f789ad469e7ff4bad72980d31

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://xosodaiphat.com/
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 06 Jul 2024 10:39:46 GMT
cf-cache-status
HIT
age
3859
x-powered-by
ASP.NET
alt-svc
h3=":443"; ma=86400
content-length
19222
cf-bgj
h2pri
last-modified
Mon, 01 Jul 2024 09:13:11 GMT
server
cloudflare
etag
"e5928ce596cbda1:0"
vary
Accept-Encoding
content-type
image/jpeg
cache-control
public, max-age=691200
accept-ranges
bytes
cf-ray
89eef90bb996a4bb-MIA
expires
Sun, 14 Jul 2024 10:39:46 GMT
cb=gapi.loaded_0
apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.IKZeRvoAYNY.O/m=plusone/rt=j/sv=1/d=1/ed=1/am=AAAQ/rs=AHpOoo-SMWTzMRJrTty6iE5dL_aWGYOnuw/ 		162 KB
57 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.IKZeRvoAYNY.O/m=plusone/rt=j/sv=1/d=1/ed=1/am=AAAQ/rs=AHpOoo-SMWTzMRJrTty6iE5dL_aWGYOnuw/cb=gapi.loaded_0?le=scs
Requested by
Host: apis.google.com
URL: https://apis.google.com/js/plusone.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80d::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f84a96b93f09aeb6b876e4138b8b7867c4e44be2065b640ba82825b2fd9831e7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://xosodaiphat.com/
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 04 Jul 2024 16:52:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
150413
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
57484
x-xss-protection
0
last-modified
Thu, 06 Jun 2024 15:21:04 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="social-frontend-mpm-access"
vary
Accept-Encoding
report-to
{"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 04 Jul 2025 16:52:53 GMT
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		99 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: a.pub.network
URL: https://a.pub.network/xosodaiphat-com/pubfig.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.40.98 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s79-in-f2.1e100.net
Software
cafe /
Resource Hash
0732bceb3a4006480a2125fd5566188a5b6cb4cd0b536a212574638f42dcdccc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://xosodaiphat.com/
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 06 Jul 2024 10:39:46 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
31683
x-xss-protection
0
server
cafe
etag
745 / 19910 / m202407020101 / config-hash: 10288659473878011519
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Sat, 06 Jul 2024 10:39:46 GMT
pubfig.engine.js
a.pub.network/core/pubfig/5.82.2/ 		374 KB
108 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a.pub.network/core/pubfig/5.82.2/pubfig.engine.js
Requested by
Host: a.pub.network
URL: https://a.pub.network/xosodaiphat-com/pubfig.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.20.206 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9ff6a42a886e2ce47bc93c2d1e51612e027aba3e27fd8a05b4d72d46a754e644
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://xosodaiphat.com/
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 06 Jul 2024 10:39:46 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
cf-cache-status
HIT
age
43369
x-guploader-uploadid
ACJd0NqIiXDwsO9F3eEPQc1l_504lsNRVMQHr57JP_fqWDID4MaXYcbmP6rNXKlkHQfeE2S6IxeCSxWBNQ
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400
last-modified
Fri, 05 Jul 2024 22:02:26 GMT
server
cloudflare
etag
W/"03b57e9ad8879c1ed984c7f03d154371"
vary
Accept-Encoding
x-goog-generation
1720216946669107
content-type
text/javascript
access-control-allow-origin
*
x-goog-hash
crc32c=TFfa3Q==, md5=A7V+mtiHnB7ZhMfwPRVDcQ==
access-control-expose-headers
*
cache-control
public, max-age=3600
x-goog-stored-content-length
383427
cf-ray
89eef90c4f8567b1-MIA
expires
Sat, 06 Jul 2024 11:39:46 GMT
collect
analytics.google.com/g/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://analytics.google.com/g/collect?v=2&tid=G-KPB8BPT4XL&gtm=45je4730v867871146z8867852407za200zb867852407&_p=1720262386055&_gaz=1&gcd=13l3l3l3l1&npa=0&dma=0&tag_exp=0&cid=1566292685.1720262387&ul=en-us&sr=1600x1200&uaa=x86&uab=64&uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.126%7CGoogle%2520Chrome%3B126.0.6478.126&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1720262386&sct=1&seg=0&dl=https%3A%2F%2Fxosodaiphat.com%2F&dt=KQXS%20-%20X%E1%BB%95%20s%E1%BB%91%20ki%E1%BA%BFn%20thi%E1%BA%BFt%20h%C3%B4m%20nay%20-%20Xo%20So&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=1911&_z=fetch
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-KPB8BPT4XL&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:820::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://xosodaiphat.com/
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Sat, 06 Jul 2024 10:39:46 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://xosodaiphat.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/g/ 		0
253 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-KPB8BPT4XL&cid=1566292685.1720262387&gtm=45je4730v867871146z8867852407za200zb867852407&aip=1&dma=0&gcd=13l3l3l3l1&npa=0&frm=0
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-KPB8BPT4XL&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c21::9c Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://xosodaiphat.com/
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Sat, 06 Jul 2024 10:39:46 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://xosodaiphat.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/j/ 		4 B
208 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=526396920&t=pageview&_s=1&dl=https%3A%2F%2Fxosodaiphat.com%2F&ul=en-us&de=UTF-8&dt=KQXS%20-%20X%E1%BB%95%20s%E1%BB%91%20ki%E1%BA%BFn%20thi%E1%BA%BFt%20h%C3%B4m%20nay%20-%20Xo%20So&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAEABAAAAACAAI~&jid=1074338313&gjid=1738828145&cid=1566292685.1720262387&tid=UA-72080428-1&_gid=1507656415.1720262387&_r=1&_slc=1&gtm=45He4730n81KGDCKMXv867852407za200&gcd=13l3l3l3l1&dma=0&tag_exp=0&z=1988306362
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:809::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform
"Win32"
Referer
https://xosodaiphat.com/
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 06 Jul 2024 10:39:46 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://xosodaiphat.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
config.js
cdn.confiant-integrations.net/qaKtxuL1KR_2Tfmz0NmPaAudsBc/gpt_and_prebid/ 		91 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.confiant-integrations.net/qaKtxuL1KR_2Tfmz0NmPaAudsBc/gpt_and_prebid/config.js
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/pubfig/5.82.2/pubfig.engine.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.144.166 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1f098f773b9493f67ed609c94de94d67b8366cbe413ee2fa7d107eb51028efa4

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://xosodaiphat.com/
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 06 Jul 2024 10:39:46 GMT
content-encoding
gzip
cf-cache-status
HIT
x-amz-request-id
FEESDV3G60KM91A4
age
70
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400
content-length
20252
x-amz-id-2
Hi7fgO7IU/Pd34H7d+toiJbz4cBFITxL3Zzgw3XiPmNNUXTk/yRCihyAFc0cFJDE0ie3Z31KSWpOETMhT4zgTEpLqaKsE26SVzlVkzHXA5M=
last-modified
Sat, 06 Jul 2024 10:21:05 GMT
server
cloudflare
etag
"5b36b803796c19120042daa3631dfc0e"
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=900, stale-while-revalidate=3600
accept-ranges
bytes
cf-ray
89eef90dca8b742a-MIA
tag
btloader.com/
Redirect Chain
  • https://freestar-io.videoplayerhub.com/gallery.js
  • https://btloader.com/tag?h=freestar-io&upapi=true
55 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://btloader.com/tag?h=freestar-io&upapi=true
Requested by
Host: xosodaiphat.com
URL: https://xosodaiphat.com/
Protocol
H2
Server
2606:4700:10::6816:4ad8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
38f65ea4ff5230dae66ed670b0520951e14cab8b6ab6adeef4b8fa9f939cb375

Request headers

Accept-Language
en-US,en;q=0.9;q=0.9
Referer
https://xosodaiphat.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Sat, 06 Jul 2024 10:39:47 GMT
content-encoding
gzip
via
1.1 google
cf-cache-status
HIT
last-modified
Sat, 06 Jul 2024 09:38:28 GMT
server
cloudflare
age
3591
etag
"09940dd5bd9134349014064c73277e97"
vary
Origin, Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=300, must-revalidate, stale-if-error=3600, stale-while-revalidate=300
accept-ranges
bytes
cf-ray
89eef90ef9718db8-MIA
content-length
18688

Redirect headers

date
Sat, 06 Jul 2024 10:39:46 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=NfNI7KdevK84eIQsFDEcHXAiv4viuRKjcQbl0%2FnWRe6EX%2FwdDShRe7mlony90tXbtleZ9XwDkhospoCVsQUpTll%2FsJ71O5MFfR5pXhFXMnYdi2dcbMPOi3eIlHiVuCaxrGlhGbnkwZG2R8KTUHFNAsfOnzt%2FezLQ7WvKnw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html
location
https://btloader.com/tag?h=freestar-io&upapi=true
cache-control
max-age=3600
cf-ray
89eef90dac61b3da-MIA
content-length
167
expires
Sat, 06 Jul 2024 11:39:46 GMT
prebid-analytics-8.49.3.js
a.pub.network/core/ 		588 KB
196 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a.pub.network/core/prebid-analytics-8.49.3.js
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/pubfig/5.82.2/pubfig.engine.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.20.206 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e9dc6b11134a01b0ada8523430d9cf21a3eac558245997e1a4d8b68235e7e7d7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://xosodaiphat.com/
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 06 Jul 2024 10:39:46 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
cf-cache-status
HIT
age
43368
x-guploader-uploadid
ACJd0NoGWYmpSGA8XUS3CcpoMnIAcc_EC3qpAM8NHU7ACi-caGACR0HkBJoHq87t01dqqxgirgIsyBh5Ew
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
3
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400
last-modified
Fri, 28 Jun 2024 15:47:36 GMT
server
cloudflare
etag
W/"7a2c98dda2e0fae362329baf7db200e2"
vary
Accept-Encoding
x-goog-generation
1719589656482730
content-type
text/html
access-control-allow-origin
*
x-goog-hash
crc32c=dcGvQw==, md5=eiyY3aLg+uNiMpuvfbIA4g==
content-language
en
access-control-expose-headers
*
cache-control
public, max-age=31492632
x-goog-stored-content-length
602566
cf-ray
89eef90d3ff067b1-MIA
expires
Sat, 05 Jul 2025 22:36:58 GMT
analytics.min.js
a.pub.network/core/analytics/1.4.2/ 		13 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a.pub.network/core/analytics/1.4.2/analytics.min.js
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/pubfig/5.82.2/pubfig.engine.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.20.206 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
88d7805a74ac5f036bb47930e6555f1656da22187e5f5e1376bf6ac29a0f7bac
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://xosodaiphat.com/
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 06 Jul 2024 10:39:46 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
cf-cache-status
HIT
age
43369
x-guploader-uploadid
ACJd0NpB3bUmuU1U2dRLW7pqHZX_cZYNwWeGmyXZ-8QPvkLLm3QnfhUT57DcqArxVTB8K7b8t0M
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400
last-modified
Wed, 22 May 2024 13:59:25 GMT
server
cloudflare
etag
W/"35dcda30703508261b9c4d8f98f94a6a"
vary
Accept-Encoding
x-goog-hash
crc32c=vucjuw==, md5=NdzaMHA1CCYbnE2PmPlKag==
x-goog-generation
1716386365851052
access-control-allow-origin
*
content-type
application/javascript
cache-control
public, max-age=3600
x-goog-stored-content-length
13601
access-control-expose-headers
*
cf-ray
89eef90d3ff167b1-MIA
expires
Sat, 06 Jul 2024 11:39:46 GMT
zrt_lookup_fy2021.html
googleads.g.doubleclick.net/pagead/html/r20240702/r20110914/ Frame DF41 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20240702/r20110914/zrt_lookup_fy2021.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202406260101/show_ads_impl_fy2021.js?bust=31084926
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.40.226 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s39-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9;q=0.9
Referer
https://xosodaiphat.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

age
51213
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4142
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 05 Jul 2024 20:26:13 GMT
etag
2738592464165616
expires
Fri, 19 Jul 2024 20:26:13 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 747F 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2201058077065954&output=html&adk=1812271804&adf=3025194257&abgtt=5&lmt=1720262354&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=212x945_l%7C212x945_r&format=0x0&url=https%3A%2F%2Fxosodaiphat.com%2F&pra=5&wgl=1&easpi=0&aihb=0&asro=0&ailel=31~27~29~1~2~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24~30&aiael=31~27~29~1~2~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24~30&aifxl=31_3~27_15~29_11~30_19&aiixl=31_8~27_3~29_5~30_6&aslmct=0.7&asamct=0.7&aisaib=1&uach=WyJXaW4zMiIsIjEwLjAuMCIsIng4NiIsIiIsIjEyNi4wLjY0NzguMTI2IixudWxsLDAsbnVsbCwiNjQiLFtbIk5vdC9BKUJyYW5kIiwiOC4wLjAuMCJdLFsiQ2hyb21pdW0iLCIxMjYuMC42NDc4LjEyNiJdLFsiR29vZ2xlIENocm9tZSIsIjEyNi4wLjY0NzguMTI2Il1dLDBd&dt=1720262386406&bpp=5&bdt=381&idt=347&shv=r20240702&mjsv=m202406260101&ptt=9&saldr=aa&abxe=1&cookie_enabled=1&eoidce=1&nras=1&correlator=7745832034737&frm=20&pv=2&ga_vid=1566292685.1720262387&ga_sid=1720262387&ga_hid=526396920&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44798934%2C95331695%2C95334510%2C95334525%2C95334566%2C95334578%2C31084926%2C95336267%2C31078663%2C31078668%2C31078670&oid=2&pvsid=2203719768510086&tmod=647419964&uas=0&nvt=1&fsapi=1&fc=1920&brdim=60%2C60%2C60%2C60%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&nt=1&ifi=1&uci=a!1&fsb=1&dtd=403
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202406260101/show_ads_impl_fy2021.js?bust=31084926
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.40.226 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s39-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9;q=0.9
Referer
https://xosodaiphat.com/
Sec-Browsing-Topics
();p=P0000000000000000000000000000000
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
67052
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 06 Jul 2024 10:39:47 GMT
expires
Sat, 06 Jul 2024 10:39:47 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 66AA 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2201058077065954&output=html&h=90&slotname=6870289708&adk=1372377908&adf=4171771922&pi=t.ma~as.6870289708&w=728&abgtt=5&lmt=1720262354&format=728x90&url=https%3A%2F%2Fxosodaiphat.com%2F&wgl=1&uach=WyJXaW4zMiIsIjEwLjAuMCIsIng4NiIsIiIsIjEyNi4wLjY0NzguMTI2IixudWxsLDAsbnVsbCwiNjQiLFtbIk5vdC9BKUJyYW5kIiwiOC4wLjAuMCJdLFsiQ2hyb21pdW0iLCIxMjYuMC42NDc4LjEyNiJdLFsiR29vZ2xlIENocm9tZSIsIjEyNi4wLjY0NzguMTI2Il1dLDBd&dt=1720262386411&bpp=1&bdt=386&idt=409&shv=r20240702&mjsv=m202406260101&ptt=9&saldr=aa&abxe=1&cookie_enabled=1&eoidce=1&prev_fmts=0x0&nras=1&correlator=7745832034737&frm=20&pv=1&ga_vid=1566292685.1720262387&ga_sid=1720262387&ga_hid=526396920&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=642&ady=10&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44798934%2C95331695%2C95334510%2C95334525%2C95334566%2C95334578%2C31084926%2C95336267%2C31078663%2C31078668%2C31078670&oid=2&pvsid=2203719768510086&tmod=647419964&uas=0&nvt=1&fc=1920&brdim=60%2C60%2C60%2C60%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=0&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&nt=1&ifi=2&uci=a!2&fsb=1&dtd=417
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202406260101/show_ads_impl_fy2021.js?bust=31084926
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.40.226 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s39-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9;q=0.9
Referer
https://xosodaiphat.com/
Sec-Browsing-Topics
();p=P0000000000000000000000000000000
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
43283
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 06 Jul 2024 10:39:47 GMT
expires
Sat, 06 Jul 2024 10:39:47 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
collect
stats.g.doubleclick.net/j/ 		1 B
148 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-72080428-1&cid=1566292685.1720262387&jid=1074338313&gjid=1738828145&_gid=1507656415.1720262387&_u=YADAAEAAAAAAACAAI~&z=2035004349
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c21::9c Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform
"Win32"
Referer
https://xosodaiphat.com/
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Sat, 06 Jul 2024 10:39:46 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://xosodaiphat.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
gtm.js
www.googletagmanager.com/ 		245 KB
84 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-PQ3GKRX&l=gliaDataLayer&cb=172026
Requested by
Host: player.gliacloud.com
URL: https://player.gliacloud.com/player/namviet_xosodaiphat_desktop
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.65.168 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s71-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
f8f651fb1913a1df3d3bd250383bf872930439d1b185efcacea909ce0b0afe51
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://xosodaiphat.com/
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 06 Jul 2024 10:39:46 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
86389
x-xss-protection
0
last-modified
Sat, 06 Jul 2024 09:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sat, 06 Jul 2024 10:39:46 GMT
gc-instream-yt.js
player.gliacloud.com/p/embed/ 		488 KB
138 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://player.gliacloud.com/p/embed/gc-instream-yt.js?v=0.4.58
Requested by
Host: player.gliacloud.com
URL: https://player.gliacloud.com/player/namviet_xosodaiphat_desktop
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.234.15 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
38366a7da4875816e2aa8b43c6aa15f59e2857325006273f6ee350680fe8e56b

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://xosodaiphat.com/
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 06 Jul 2024 10:39:46 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
16549
cf-polished
origSize=500210
alt-svc
h3=":443"; ma=86400
pragma
Public
cf-bgj
minify
last-modified
Sat, 06 Jul 2024 06:03:57 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=qjp5okx%2BXkKCd6tUI5iRmDFSIxI9AGGLidGpeb2pAq3UvWtOYCu%2BkIJykIguBcDyhZ%2F%2F09TaQqT66q2Sz2BUHr%2BFgVxoxsDXTSQtG7F4mYUdzqg5vPGNmFFpn9PS5QKTTOdqsV1E0A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
x-cloud-trace-context
f8425dbb4775992ad7a47992916a39d1
cache-control
public, max-age=86400
cf-ray
89eef90e386a3dd7-MIA
priority
u=3,i=?0
expires
Sun, 07 Jul 2024 06:03:57 GMT
gc-instream-yt.css
player.gliacloud.com/p/embed/ 		36 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://player.gliacloud.com/p/embed/gc-instream-yt.css?v=0.4.58
Requested by
Host: player.gliacloud.com
URL: https://player.gliacloud.com/player/namviet_xosodaiphat_desktop
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.234.15 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
321662c992cf07b0c55dd94d1049e94f254ebbe2a6abcd9b559855d411ae8289

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://xosodaiphat.com/
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 06 Jul 2024 10:39:46 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
16549
cf-polished
origSize=37064
alt-svc
h3=":443"; ma=86400
pragma
Public
cf-bgj
minify
last-modified
Sat, 06 Jul 2024 06:03:57 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ACrICqPIGmkPHB6d92HarwNbBbvP0SJscszUtTsvMBja8EhsTOtnLTs%2FLbLldTI%2FfgUPcQ9E4sZrnHfEBwdYT75BzvuzAyyU3DnMvZoY2JeH1CtXF1PkhrlgToKKUZJNBCo3gcS2ng%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
x-cloud-trace-context
a001b77ec3938a0bce6f57dbd14c0a1b
cache-control
public, max-age=86400
cf-ray
89eef90e386b3dd7-MIA
priority
u=0,i=?0
expires
Sat, 06 Jul 2024 14:24:58 GMT
pixel.gif
pixel.gliacloud.com/glia_player_media1/ 		43 B
191 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.gliacloud.com/glia_player_media1/pixel.gif?sid=glia-namviet_xosodaiphat_desktop&sk=namviet_xosodaiphat_desktop&si=namviet_xosodaiphat_desktop&sa=namviet_xosodaiphat&pt=YouTube&ab=0&ta=0&pgu=xosodaiphat.com&pv=0.4.58&ul=en-US&cb=145437639&payload=ea%3Dloader.init%26ofst%3D0
Requested by
Host: xosodaiphat.com
URL: https://xosodaiphat.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.227.207.122 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
122.207.227.35.bc.googleusercontent.com
Software
nginx/1.23.1 /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://xosodaiphat.com/
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 06 Jul 2024 10:39:47 GMT
via
1.1 google
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
server
nginx/1.23.1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
content-type
image/gif
partner
sync.search.spotxchange.com/ 		0
0
css
fonts.googleapis.com/ 		4 KB
1004 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Montserrat:400,700&display=swap
Requested by
Host: player.gliacloud.com
URL: https://player.gliacloud.com/p/embed/gc-instream-yt.css?v=0.4.58
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81f::200a , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
ad26ac49f179b50254d7ff0e94733c71dea4df8c1c30660e004f8cb68292dd6b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://player.gliacloud.com/
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000
date
Sat, 06 Jul 2024 10:39:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Sat, 06 Jul 2024 09:32:03 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sat, 06 Jul 2024 10:39:47 GMT
css
fonts.googleapis.com/ 		120 KB
33 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Noto+Sans+TC&display=swap&subset=chinese-traditional
Requested by
Host: player.gliacloud.com
URL: https://player.gliacloud.com/p/embed/gc-instream-yt.css?v=0.4.58
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81f::200a , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
78fd77e0744c746a2178e29c697fc34eb5ebbd75822d8e01344815002808b11f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://player.gliacloud.com/
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000
date
Sat, 06 Jul 2024 10:39:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Sat, 06 Jul 2024 08:57:58 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sat, 06 Jul 2024 10:39:47 GMT
css
fonts.googleapis.com/ 		5 KB
767 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto:400,700&display=swap
Requested by
Host: player.gliacloud.com
URL: https://player.gliacloud.com/p/embed/gc-instream-yt.css?v=0.4.58
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81f::200a , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
47ce859f7f0f545825c8ab983547bbf88d0de3f52afebc7a1ccc0611661df70d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://player.gliacloud.com/
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000
date
Sat, 06 Jul 2024 10:39:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Sat, 06 Jul 2024 09:20:51 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sat, 06 Jul 2024 10:39:47 GMT
icon
fonts.googleapis.com/ 		569 B
439 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/icon?family=Material+Icons
Requested by
Host: player.gliacloud.com
URL: https://player.gliacloud.com/p/embed/gc-instream-yt.css?v=0.4.58
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81f::200a , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
36b2057eb5eef261a2cbb8c149dcf3a11edaa15ccd8e3d462eb34999f5ff8f2a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://player.gliacloud.com/
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000
date
Sat, 06 Jul 2024 10:39:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Sat, 06 Jul 2024 10:39:47 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sat, 06 Jul 2024 10:39:47 GMT
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202407020101/ 		467 KB
145 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202407020101/pubads_impl.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.40.98 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s79-in-f2.1e100.net
Software
cafe /
Resource Hash
4416286665bbc024eb7d80114a57625e9f57ea495844950d060293b230599af5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://xosodaiphat.com/
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 05 Jul 2024 14:21:59 GMT
content-encoding
br
x-content-type-options
nosniff
age
73068
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
148860
x-xss-protection
0
server
cafe
etag
3071004405367439963
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Sat, 05 Jul 2025 14:21:59 GMT
wrap.js
cdn.confiant-integrations.net/gptprebidnative/202406120908/ 		287 KB
102 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.confiant-integrations.net/gptprebidnative/202406120908/wrap.js
Requested by
Host: cdn.confiant-integrations.net
URL: https://cdn.confiant-integrations.net/qaKtxuL1KR_2Tfmz0NmPaAudsBc/gpt_and_prebid/config.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.144.166 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
113b988757f4101d160571f19771fd5ea84f373457a7ca7f56b104cc51cd3d0f

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://xosodaiphat.com/
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 06 Jul 2024 10:39:47 GMT
content-encoding
gzip
cf-cache-status
HIT
x-amz-request-id
PFY74KFYDPVR92RA
age
2051239
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400
content-length
104306
x-amz-id-2
DQivZCTNvzVCa6FZBSDRrwlfHYFra3e1z+ODo18vmgZOpBCfKhX1q7ydfUxizOtcJjMrSAyXr9k=
last-modified
Wed, 12 Jun 2024 13:27:01 GMT
server
cloudflare
etag
"4496a4adfcb2b23691e0c5d2144addc0"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
89eef90edb39742a-MIA
websiteconfig
btloader.com/ 		1 B
173 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://btloader.com/websiteconfig?bt_env=prod&o=5714937848528896&w=xosodaiphat.com
Requested by
Host: freestar-io.videoplayerhub.com
URL: https://freestar-io.videoplayerhub.com/gallery.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:4ad8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://xosodaiphat.com/
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 06 Jul 2024 10:39:47 GMT
via
1.1 google
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
server
cloudflare
vary
Origin
content-type
text/plain; charset=utf-8
access-control-allow-origin
*
cf-ray
89eef90fbc09b3c5-MIA
content-length
1
state
api.btloader.com/mw/ 		0
101 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.btloader.com/mw/state?bt_env=prod
Requested by
Host: freestar-io.videoplayerhub.com
URL: https://freestar-io.videoplayerhub.com/gallery.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
130.211.23.194 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
194.23.211.130.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://xosodaiphat.com/
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

access-control-allow-origin
*
date
Sat, 06 Jul 2024 10:39:47 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
vary
Origin
px.gif
ad-delivery.net/ 		43 B
343 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad-delivery.net/px.gif?ch=2
Requested by
Host: xosodaiphat.com
URL: https://xosodaiphat.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:246 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://xosodaiphat.com/
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 06 Jul 2024 10:39:47 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
352617
x-guploader-uploadid
ACJd0Nr5WcLDppepUUS5nM2SiBfN_7n0EAsUDzgkapiFCffmjLHdHjStYyt8p_XVjseEloxUe8Q
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
5
x-goog-stored-content-encoding
identity
content-length
43
last-modified
Wed, 05 May 2021 19:25:32 GMT
server
cloudflare
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3"
vary
Accept-Encoding
x-goog-generation
1620242732037093
content-type
image/gif
access-control-allow-origin
*
x-goog-hash
crc32c=cpEfJQ==, md5=rUsPYG4PhGW8TEwXCzfhow==
access-control-expose-headers
*, Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public, max-age=86400
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=NImfKqB7Ln%2BJbAiD98LV3bvOvnipVCNLLfR%2BtJwJExpCzgNuy3CzHhsSZ7dBqrTnIa%2BVB4rlzY9f%2F%2BFMUw9vmcL1u5X2WojNMfi83wwZBvqQGgB1m9bi2PDubZQjYYho4TrnRIHf0lpBs8R%2Bsg%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length
43
accept-ranges
bytes
cf-ray
89eef90fcb180a12-MIA
expires
Tue, 02 Jul 2024 09:13:27 GMT
favicon.ico
ad.doubleclick.net/ 		1 KB
130 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.doubleclick.net/favicon.ico?ad=300x250&ad_box_=1&adnet=1&showad=1&size=250x250
Requested by
Host: xosodaiphat.com
URL: https://xosodaiphat.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.72.102 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s32-in-f6.1e100.net
Software
sffe /
Resource Hash
d961b08e4321250926de6f79087594975fe20ad1518de8f91eb711af5d1a6ef8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://xosodaiphat.com/
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 05 Jul 2024 20:49:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
49846
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
104
x-xss-protection
0
last-modified
Tue, 08 May 2012 13:08:06 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/x-icon
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 06 Jul 2024 20:49:01 GMT
px.gif
ad-delivery.net/ 		43 B
918 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad-delivery.net/px.gif?ch=1&e=0.4705600686596063
Requested by
Host: xosodaiphat.com
URL: https://xosodaiphat.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:246 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://xosodaiphat.com/
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 06 Jul 2024 10:39:47 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
352617
x-guploader-uploadid
ACJd0Nr5WcLDppepUUS5nM2SiBfN_7n0EAsUDzgkapiFCffmjLHdHjStYyt8p_XVjseEloxUe8Q
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
5
x-goog-stored-content-encoding
identity
content-length
43
last-modified
Wed, 05 May 2021 19:25:32 GMT
server
cloudflare
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3"
vary
Accept-Encoding
x-goog-generation
1620242732037093
content-type
image/gif
access-control-allow-origin
*
x-goog-hash
crc32c=cpEfJQ==, md5=rUsPYG4PhGW8TEwXCzfhow==
access-control-expose-headers
*, Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public, max-age=86400
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=hHreePwVQBmMEiEnfv5KWpTzSv1NwDxfb7x7I5iLo9vwu9fE37%2FrkNZT%2BcW%2Boq4H%2Fqj1g66SKLECNXkPFvYbahqxahS9EA5hPH46xaUbRwrnVOWyVwz48EOsrx9bUUYuvXxGLyJkFtZmY%2BCg%2Fw%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length
43
accept-ranges
bytes
cf-ray
89eef90fcb190a12-MIA
expires
Tue, 02 Jul 2024 09:13:27 GMT
apstag.js
c.amazon-adsystem.com/aax2/ 		310 KB
77 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/aax2/apstag.js
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/pubfig/5.82.2/pubfig.engine.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.238.63.215 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-238-63-215.jfk52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e03f31f070cdf96deb44c8a8760578f65f041cdfc2f69a1b449da43ee298c326

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://xosodaiphat.com/
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 06 Jul 2024 10:22:42 GMT
content-encoding
gzip
via
1.1 91e0db6ff3a77218c7993c4fa2b04cf6.cloudfront.net (CloudFront), 1.1 a09be795efaa72bd6adbcee7b35c4d1c.cloudfront.net (CloudFront)
last-modified
Tue, 25 Jun 2024 23:08:14 GMT
server
AmazonS3
x-amz-cf-pop
IAD61-P3, JFK52-P4
age
1026
x-amz-server-side-encryption
AES256
etag
W/"ba6b386e5d42265c831a1ba06f75f187"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=3600
x-amz-cf-id
RVxqZPTD1Uxo-Pneq003MkNaDpYRarF6-GyYTDWSBCfzRrX38q4K7w==
hadron.js
cdn.hadronid.net/ 		56 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.hadronid.net/hadron.js?url=https%3A%2F%2Fxosodaiphat.com%2F&ref=&_it=freestar&partner_id=474&ha=_hadron
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/pubfig/5.82.2/pubfig.engine.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:246e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
492db2ca577f4d221e3e28239c19e7db05f1701b298bf278fc4d1fcb92563586

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://xosodaiphat.com/
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 06 Jul 2024 10:39:47 GMT
content-encoding
br
cf-cache-status
HIT
cf-bgj
minify
last-modified
Tue, 04 Jun 2024 15:30:02 GMT
server
cloudflare
x-amz-request-id
4GNTEWM5RE8S976C
age
3907
etag
W/"1e77f38a1df1490d4175e3c4878bd150"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=432000
cf-ray
89eef9111a9fdb09-MIA
x-amz-id-2
1KYvP1UJui3F3sexSI8Edev0ssCxy0r1hoLYL3sInblmS0xC6TVIxfrJbVQshQPcVtGMRX8qMGE=
edgekit.min.js
cdn.edkt.io/PV483g/ 		23 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.edkt.io/PV483g/edgekit.min.js
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-8.49.3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.111.33 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
33.111.120.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
fd371b05170f328fbbdae7346b19740f0a60a9aa500b710a843c335fee8aaa44

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://xosodaiphat.com/
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 06 Jul 2024 02:38:06 GMT
content-encoding
gzip
age
28901
x-guploader-uploadid
ACJd0NppHXXylSBKM-HVRzZHfLoe2aDE2piyVR1ypZbVyIYJ-pFyh1_argO92-kmSx09FTkv7x0uSus37g
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7643
last-modified
Tue, 02 Jul 2024 08:33:53 GMT
server
UploadServer
etag
"3863dd68d7dadfc5d2eac16243de889e"
x-goog-generation
1719909233089612
x-goog-hash
crc32c=x8ss4A==, md5=OGPdaNfa38XS6sFiQ96Ing==
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400,no-transform
x-goog-stored-content-length
7643
accept-ranges
bytes
expires
Sun, 07 Jul 2024 02:38:06 GMT
envelope
lexicon.33across.com/v1/
Redirect Chain
  • https://lexicon.33across.com/v1/envelope?pid=0013300001cFpYHAA0&gdpr=0&src=pbjs&ver=8.49.3&coppa=0
  • https://lexicon.33across.com/v1/envelope?pid=0013300001cFpYHAA0&gdpr=0&src=pbjs&ver=8.49.3&coppa=0&b=1&g=jey9bhvrwztZWzCwD0PXQTEUq%2F5SPFtOfWyRiCOS32I%3D
42 B
138 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://lexicon.33across.com/v1/envelope?pid=0013300001cFpYHAA0&gdpr=0&src=pbjs&ver=8.49.3&coppa=0&b=1&g=jey9bhvrwztZWzCwD0PXQTEUq%2F5SPFtOfWyRiCOS32I%3D
Requested by
Host: xosodaiphat.com
URL: https://xosodaiphat.com/
Protocol
H2
Server
35.244.193.51 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
51.193.244.35.bc.googleusercontent.com
Software
/
Resource Hash
435b1ece4a55f4f8d06866b32c1aee3cc4661eb905265894795f15a57bf1b33d

Request headers

Accept-Language
en-US,en;q=0.9;q=0.9
Referer
https://xosodaiphat.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Sat, 06 Jul 2024 10:39:47 GMT
via
1.1 google
vary
origin
content-type
application/json
access-control-allow-origin
https://xosodaiphat.com
cache-control
private, must-revalidate, max-age=28800
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42

Redirect headers

date
Sat, 06 Jul 2024 10:39:47 GMT
via
1.1 google
referrer-policy
unsafe-url
vary
origin
access-control-allow-origin
https://xosodaiphat.com
location
https://lexicon.33across.com/v1/envelope?pid=0013300001cFpYHAA0&gdpr=0&src=pbjs&ver=8.49.3&coppa=0&b=1&g=jey9bhvrwztZWzCwD0PXQTEUq%2F5SPFtOfWyRiCOS32I%3D
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Sat, 26 Jul 1997 05:00:00 GMT
fed
ups.analytics.yahoo.com/ups/58657/ 		391 B
758 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ups.analytics.yahoo.com/ups/58657/fed?v=1&1p=0&gdpr=0&gdpr_consent=&us_privacy=&url=https://xosodaiphat.com/&pixelId=58657
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-8.49.3.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.200.65.202 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-200-65-202.compute-1.amazonaws.com
Software
ATS/9.1.10.121 /
Resource Hash
13c5e36dbfc67cc8a97728d4dc525e6315e6ba118a8eda06cd12704cb8cb38e8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform
"Win32"
Referer
https://xosodaiphat.com/
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
content-type
text/plain

Response headers

date
Sat, 06 Jul 2024 10:39:47 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.121
age
0
vary
Origin
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
access-control-allow-origin
https://xosodaiphat.com
content-type
application/json
access-control-allow-credentials
true
f
fid.agkn.com/ 		151 B
687 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://fid.agkn.com/f?apiKey=2111098132&r=https%3A%2F%2Fxosodaiphat.com%2F
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-8.49.3.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.34.239.226 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-34-239-226.us-west-2.compute.amazonaws.com
Software
AAWebServer /
Resource Hash
e78e054c41ebe993b4c5ca89264e3f39f6ebd5d56fd05cb88eb65a10a64a1154

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform
"Win32"
Referer
https://xosodaiphat.com/
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Sat, 06 Jul 2024 10:39:47 GMT
server
AAWebServer
vary
Origin
access-control-allow-methods
GET, POST, OPTIONS
p3p
policyref="https://www.agkn.com/p3p/p3p.xml",CP="NOI NID"
content-type
application/javascript;charset=iso-8859-1
access-control-allow-origin
https://xosodaiphat.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
access-control-allow-headers
accept, cache-control, origin, x-requested-with, x-file-name, content-type
content-length
151
expires
0
pbhid
id.hadron.ad.gt/api/v1/ 		227 B
319 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://id.hadron.ad.gt/api/v1/pbhid?partner_id=474&_it=prebid&t=1&src=id&domain=xosodaiphat.com
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-8.49.3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:545 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7c415e0eb17ead2fb65fed0185e557cc902c67b7b8430678b8a78d86ee9e0b54

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform
"Win32"
Referer
https://xosodaiphat.com/
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
content-type
text/plain

Response headers

date
Sat, 06 Jul 2024 10:39:47 GMT
content-encoding
br
server
cloudflare
allow
POST, OPTIONS, GET
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
cf-ray
89eef9117a028dd8-MIA
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
prebid
id5-sync.com/api/config/ 		194 B
664 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/api/config/prebid
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-8.49.3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.116 Frankfurt am Main, Germany, ASN16276 (OVH, FR),
Reverse DNS
ns31533567.ip-162-19-138.eu
Software
/
Resource Hash
69ddbfe0111131323a6c637b0fcf18449cd7f4bab70211c0b2c9bb51232bdb9b
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform
"Win32"
Referer
https://xosodaiphat.com/
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://xosodaiphat.com
date
Sat, 06 Jul 2024 10:39:47 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-credentials
true
p3p
CP="CAO PSA OUR"
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
content-type
application/json;charset=UTF-8
envelope
api.rlcdn.com/api/identity/ 		0
0
rid
match.adsrvr.org/track/ 		109 B
566 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/rid?ttd_pid=6bjin1p&fmt=json
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-8.49.3.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
d54eea750960c01893460142312ced45745cc98be2961d9a2ac6a2189fd6fe59

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform
"Win32"
Referer
https://xosodaiphat.com/
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
content-type
text/plain

Response headers

date
Sat, 06 Jul 2024 10:39:47 GMT
content-encoding
gzip
server
Kestrel
vary
Origin, Accept-Encoding
content-type
application/json
access-control-allow-origin
https://xosodaiphat.com
cache-control
private
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
expires
Mon, 05 Aug 2024 10:39:47 GMT
pixel.gif
pixel.gliacloud.com/glia_player_media1/ 		43 B
93 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.gliacloud.com/glia_player_media1/pixel.gif?sid=glia-namviet_xosodaiphat_desktop&sk=namviet_xosodaiphat_desktop&si=namviet_xosodaiphat_desktop&sa=namviet_xosodaiphat&pt=YouTube&ab=0&ta=0&pgu=xosodaiphat.com&pv=0.4.58&ul=en-US&cb=150939512&payload=ea%3Dslot.init%26ofst%3D0
Requested by
Host: xosodaiphat.com
URL: https://xosodaiphat.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.227.207.122 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
122.207.227.35.bc.googleusercontent.com
Software
nginx/1.23.1 /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://xosodaiphat.com/
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 06 Jul 2024 10:39:47 GMT
via
1.1 google
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
server
nginx/1.23.1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
content-type
image/gif
pixel.gif
pixel.gliacloud.com/glia_player_media1/ 		43 B
93 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.gliacloud.com/glia_player_media1/pixel.gif?sid=glia-namviet_xosodaiphat_desktop&sk=namviet_xosodaiphat_desktop&si=namviet_xosodaiphat_desktop&sa=namviet_xosodaiphat&pt=YouTube&ab=0&ta=0&pgu=xosodaiphat.com&pv=0.4.58&ul=en-US&cb=418748553&payload=ea%3DcustomScript.beforeLoaderInitDomStart%26ofst%3D0
Requested by
Host: xosodaiphat.com
URL: https://xosodaiphat.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.227.207.122 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
122.207.227.35.bc.googleusercontent.com
Software
nginx/1.23.1 /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://xosodaiphat.com/
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 06 Jul 2024 10:39:47 GMT
via
1.1 google
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
server
nginx/1.23.1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
content-type
image/gif
xosodaiphat.com1%7CYouTube
player.gliacloud.com/playlist/ 		8 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://player.gliacloud.com/playlist/xosodaiphat.com1%7CYouTube
Requested by
Host: player.gliacloud.com
URL: https://player.gliacloud.com/p/embed/gc-instream-yt.js?v=0.4.58
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.234.15 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3c021150e1785d8a7c525cc5f339ffb265b2ba37c9ce7b48c107c7e73f44955a

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://xosodaiphat.com/
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 06 Jul 2024 10:39:47 GMT
content-encoding
gzip
cf-cache-status
EXPIRED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
content-length
1415
pragma
Public
last-modified
Sat, 06 Jul 2024 10:08:37 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=qmOHbeRliDG7tHCpPdK5VRM0RaATSDR%2Fo0ku8h1SYdnHqlVghyHCAPrLkMECRSOUi7QNuUEFYPyjg3ihz43%2BtxKsn8Kt1cBSMIXJVatjD6BPKH8J2KppBnJoDmuYoPFQ6Ka%2B8lWUWw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
*
x-cloud-trace-context
a2d3f515072d14b464dc1c10a277bca1
cache-control
public, max-age=900
accept-ranges
bytes
cf-ray
89eef9118a25da6b-MIA
priority
u=1,i
expires
Sat, 06 Jul 2024 10:54:47 GMT
pixel.gif
pixel.gliacloud.com/glia_player_media1/ 		43 B
93 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.gliacloud.com/glia_player_media1/pixel.gif?sid=glia-namviet_xosodaiphat_desktop&sk=namviet_xosodaiphat_desktop&si=namviet_xosodaiphat_desktop&sa=namviet_xosodaiphat&pt=YouTube&ab=0&ta=0&pgu=xosodaiphat.com&pv=0.4.58&ul=en-US&cb=536731473&payload=ea%3DcustomScript.beforeLoaderInitDomEnd%26ofst%3D0
Requested by
Host: xosodaiphat.com
URL: https://xosodaiphat.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.227.207.122 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
122.207.227.35.bc.googleusercontent.com
Software
nginx/1.23.1 /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://xosodaiphat.com/
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 06 Jul 2024 10:39:47 GMT
via
1.1 google
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
server
nginx/1.23.1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
content-type
image/gif
pixel.gif
pixel.gliacloud.com/glia_player_media3/ 		43 B
93 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.gliacloud.com/glia_player_media3/pixel.gif?sid=glia-namviet_xosodaiphat_desktop&sk=namviet_xosodaiphat_desktop&si=namviet_xosodaiphat_desktop&sa=namviet_xosodaiphat&pt=YouTube&ab=0&ta=0&pgu=xosodaiphat.com&pv=0.4.58&ul=en-US&cb=595245539&payload=ea%3Dplayer.init%26ofst%3D0
Requested by
Host: xosodaiphat.com
URL: https://xosodaiphat.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.227.207.122 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
122.207.227.35.bc.googleusercontent.com
Software
nginx/1.23.1 /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://xosodaiphat.com/
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 06 Jul 2024 10:39:47 GMT
via
1.1 google
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
server
nginx/1.23.1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
content-type
image/gif
c
c.pub.network/v2/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://c.pub.network/v2/c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.160.152.31 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
31.152.160.34.bc.googleusercontent.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://xosodaiphat.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
POST
access-control-allow-origin
https://xosodaiphat.com
access-control-max-age
1800
allow
GET, HEAD, POST, PUT, DELETE, TRACE, OPTIONS, PATCH
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
date
Sat, 06 Jul 2024 10:39:47 GMT
vary
Origin Access-Control-Request-Method Access-Control-Request-Headers
via
1.1 google
c
c.pub.network/v2/ 		36 B
53 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://c.pub.network/v2/c
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/analytics/1.4.2/analytics.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.160.152.31 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
31.152.160.34.bc.googleusercontent.com
Software
/
Resource Hash
148f10a2d7b7465114dc40e598e85f0a3fa5e03bded69412a509d8e2b6b63f5b

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform
"Win32"
Referer
https://xosodaiphat.com/
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
application/json

Response headers

date
Sat, 06 Jul 2024 10:39:47 GMT
via
1.1 google
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
content-type
text/plain;charset=UTF-8
access-control-allow-origin
https://xosodaiphat.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
36
quant.js
secure.quantserve.com/ 		23 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.quantserve.com/quant.js
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/pubfig/5.82.2/pubfig.engine.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800b:21:a021:b886:81cc:55cf , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
76c46df9a6ba94318fafe8023e3f52e28b1b9a1eaf16dcd4d7ce95ab6942859b

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://xosodaiphat.com/
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 06 Jul 2024 10:39:47 GMT
content-encoding
gzip
etag
"tIg8n6xaLBY4WwNLLw9OGA=="
vary
Accept-Encoding
content-type
application/javascript
cache-control
private, max-age=604800
accept-ranges
bytes
expires
Sat, 13 Jul 2024 10:39:47 GMT
truncated
/ 		1 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b60f65161ce3517c2794eecab25981c51ffbcbc951a781270403e2f3572d0290

Request headers

Accept-Language
en-US,en;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type
image/svg+xml
fslogo-green.svg
a.pub.network/core/imgs/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.pub.network/core/imgs/fslogo-green.svg
Requested by
Host: xosodaiphat.com
URL: https://xosodaiphat.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.20.206 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ecc20ed3c5dedbe5bbe73d1e7b14270c65a85f7d0ec4c94c4f0c9f0071e471a2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://xosodaiphat.com/
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 06 Jul 2024 10:39:47 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
cf-cache-status
HIT
age
158
x-guploader-uploadid
ACJd0NrGWXQBlZDu-FkiRU53Y944v0mJA3HInd4rF7kinTgW_TcTqAvsKnsgeP70_Te4cLgbeiY
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400
last-modified
Tue, 08 Sep 2020 17:04:37 GMT
server
cloudflare
etag
W/"326d6cbd977657e1205bd616d1f2faca"
vary
Accept-Encoding
x-goog-hash
crc32c=Jh+rSg==, md5=Mm1svZd2V+EgW9YW0fL6yg==
x-goog-generation
1599584677716817
access-control-allow-origin
*
content-type
image/svg+xml
cache-control
public, max-age=3600
x-goog-stored-content-length
1193
access-control-expose-headers
*
cf-ray
89eef911a9d367b1-MIA
expires
Sat, 06 Jul 2024 11:39:47 GMT
topics_frame.html
securepubads.g.doubleclick.net/static/topics/ Frame BDEC 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/static/topics/topics_frame.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202407020101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.40.98 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s79-in-f2.1e100.net
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9;q=0.9
Referer
https://xosodaiphat.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

accept-ranges
bytes
age
1128
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=3000, stale-while-revalidate=3600
content-encoding
br
content-length
28552
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Sat, 06 Jul 2024 10:20:59 GMT
expires
Sat, 06 Jul 2024 11:10:59 GMT
last-modified
Mon, 01 Jul 2024 19:44:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		1 KB
594 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2203719768510086&correlator=3896146221314374&eid=31079957%2C31084973%2C31079525%2C31078663%2C31078668%2C31078670&output=ldjh&gdfp_req=1&vrg=202407020101&ptt=17&impl=fifs&iu_parts=22529613777%2Cxosodaiphat_google_interstitial&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&ifi=4&didk=4129377171&sfv=1-0-40&ists=1&fas=8&fsapi=1&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1720262387469&lmt=1720262354&adxs=-9&adys=-9&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=-600&dmc=8&bc=31&nvt=1&uach=WyJXaW4zMiIsIjEwLjAuMCIsIng4NiIsIiIsIjEyNi4wLjY0NzguMTI2IixudWxsLDAsbnVsbCwiNjQiLFtbIk5vdC9BKUJyYW5kIiwiOC4wLjAuMCJdLFsiQ2hyb21pdW0iLCIxMjYuMC42NDc4LjEyNiJdLFsiR29vZ2xlIENocm9tZSIsIjEyNi4wLjY0NzguMTI2Il1dLDBd&url=https%3A%2F%2Fxosodaiphat.com%2F&vis=1&psz=0x-1&msz=0x-1&fws=2&ohw=0&ga_vid=1566292685.1720262387&ga_sid=1720262387&ga_hid=526396920&ga_fc=true&topics=9&tps=9&htps=10&nt=1&psd=WzE0LG51bGwsbnVsbCwzXQ..&dlt=1720262386025&idt=1238&prev_scp=fs_ad_product%3DgoogleInterstitial&cust_params=fs_session_id%3D5818661d-67b0-407a-ab68-b0dabc56be8a%26fs_pageview_id%3D3b105bbe3648b068c59d835fbb5d806b%26fsitf%3DY-YYY-YYYY--YYNY------------------------%26user-agent%3DChrome%26floors_user%3D1%26floors_rtt%3D30%26fs_clientservermask%3D22222222220222222222212%26fs_testgroup%3Doptimised&adks=3793523187&frm=20&eoidce=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202407020101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.40.98 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s79-in-f2.1e100.net
Software
cafe /
Resource Hash
31a73049c40c9fc828bbc203265e9457898716e2cdb6560ec844e5d314bdc02f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://xosodaiphat.com/
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 06 Jul 2024 10:39:47 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
562
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://xosodaiphat.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
51e531cd837b7eb4ae819c576c27b552.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame A9AE 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://51e531cd837b7eb4ae819c576c27b552.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202407020101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80c::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9;q=0.9
Referer
https://xosodaiphat.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Sat, 06 Jul 2024 10:39:47 GMT
expires
Sat, 06 Jul 2024 10:39:47 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
pubads_impl_page_level_ads.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202407020101/ 		47 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202407020101/pubads_impl_page_level_ads.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202407020101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.40.98 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s79-in-f2.1e100.net
Software
cafe /
Resource Hash
4346a01b383b949bd8cedaf298011b23aa566005df05373b7d113a46420b09b6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://xosodaiphat.com/
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 05 Jul 2024 13:43:48 GMT
content-encoding
br
x-content-type-options
nosniff
age
75359
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15221
x-xss-protection
0
server
cafe
etag
8267160026837178045
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Sat, 05 Jul 2025 13:43:48 GMT
hadron.json
id.hadron.ad.gt/v1/ 		100 B
240 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id.hadron.ad.gt/v1/hadron.json?_it=freestar&partner_id=474&sync=0&domain=xosodaiphat.com&url=https://xosodaiphat.com/
Requested by
Host: cdn.hadronid.net
URL: https://cdn.hadronid.net/hadron.js?url=https%3A%2F%2Fxosodaiphat.com%2F&ref=&_it=freestar&partner_id=474&ha=_hadron
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:545 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
64e819926c5775047d93e4d92a6deb149ac4c4fd0fe95a47bca3b3550a58677e

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform
"Win32"
Referer
https://xosodaiphat.com/
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
application/json

Response headers

date
Sat, 06 Jul 2024 10:39:47 GMT
content-encoding
br
cf-cache-status
DYNAMIC
server
cloudflare
access-control-allow-methods
HEAD,GET,POST,PUT,DELETE,OPTIONS
content-type
application/json
access-control-allow-origin
*
cache-control
private,max-age=30
access-control-allow-credentials
true
debug
NON-OPTIONS
access-control-allow-headers
authorization
cf-ray
89eef9129ac88dd8-MIA
hadron.json
id.hadron.ad.gt/v1/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://id.hadron.ad.gt/v1/hadron.json?_it=freestar&partner_id=474&sync=0&domain=xosodaiphat.com&url=https://xosodaiphat.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:545 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://xosodaiphat.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
access-control-allow-origin
*
allow
POST, OPTIONS, GET
cache-control
max-age=31536000 public, no-transform
cf-cache-status
DYNAMIC
cf-ray
89eef9122a8b8dd8-MIA
content-length
0
content-type
application/json
date
Sat, 06 Jul 2024 10:39:47 GMT
debug
OPTIONS block
expires
Sun, 06 Jul 2025 10:39:47 GMT
server
cloudflare
reactive_library_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202406260101/ 		169 KB
57 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202406260101/reactive_library_fy2021.js?bust=31084926
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202406260101/show_ads_impl_fy2021.js?bust=31084926
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.80.66 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s35-in-f2.1e100.net
Software
cafe /
Resource Hash
9ddceb837db3be605e27b54d6e55d5c70085e77d17ce78651585812c5dda5379
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://xosodaiphat.com/
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 06 Jul 2024 10:39:47 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
58334
x-xss-protection
0
server
cafe
etag
13535599001139509375
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Sat, 06 Jul 2024 10:39:47 GMT
ca-pub-2201058077065954
fundingchoicesmessages.google.com/i/ 		199 KB
66 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/i/ca-pub-2201058077065954?href=https%3A%2F%2Fxosodaiphat.com&ers=2
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202406260101/show_ads_impl_fy2021.js?bust=31084926
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80d::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
aedc8b0104d965ea888fbe5cbf5a695de00045f7c84bf4a64f4d0e48e2c00e1f
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-grrn5iklLm7-CLv3Ka7izQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://xosodaiphat.com/
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 06 Jul 2024 10:39:47 GMT
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-grrn5iklLm7-CLv3Ka7izQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
reporting-endpoints
default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjitHikmII0pBiWMy_i-nErdtMF4D4vNMdputALPH1JZMWEDulz2ANAWKf-hmscUDcevMc63Qg_vz4HOtvIE76d561BIiXRFxkPZJ4kfXg44usJ4FYiIfj894lW9gEbjTe_8mkpJGUXxifnJ9XUpSZVFqSX5SWnJZanFpUlloUb2RgZGJgbmCoZ2AeX2AAAJFNQQE"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin
*
expires
Mon, 01 Jan 1990 00:00:00 GMT
slotcar_library_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202406260101/ 		93 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202406260101/slotcar_library_fy2021.js?bust=31084926
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.80.66 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s35-in-f2.1e100.net
Software
cafe /
Resource Hash
e5d68f5b20236928c8a5e53b3f352d8fddac599305907644448b2b2841d1d7d2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://xosodaiphat.com/
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 06 Jul 2024 10:39:47 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
33213
x-xss-protection
0
server
cafe
etag
7452143483144607502
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Sat, 06 Jul 2024 10:39:47 GMT
rtd
id.hadron.ad.gt/api/v1/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://id.hadron.ad.gt/api/v1/rtd
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:545 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://xosodaiphat.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

access-control-allow-headers
*
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
cf-cache-status
DYNAMIC
cf-ray
89eef9126aad8dd8-MIA
content-length
0
content-type
application/json
date
Sat, 06 Jul 2024 10:39:47 GMT
debug
rtd-nx-ny
server
cloudflare
rtd
id.hadron.ad.gt/api/v1/ 		27 B
85 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://id.hadron.ad.gt/api/v1/rtd
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-8.49.3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:545 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
33c1ab6a01b4049878497c2874d8cbb72e14ee7cf14fafec3c09b45f9874b67e

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform
"Win32"
Referer
https://xosodaiphat.com/
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
content-type
application/json

Response headers

date
Sat, 06 Jul 2024 10:39:47 GMT
cf-cache-status
DYNAMIC
server
cloudflare
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json
access-control-allow-origin
*
debug
rtd-nx-ny
access-control-allow-headers
*
content-length
27
cf-ray
89eef912eaef8dd8-MIA
rtd
id.hadron.ad.gt/api/v1/ 		27 B
82 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://id.hadron.ad.gt/api/v1/rtd
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-8.49.3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:545 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
33c1ab6a01b4049878497c2874d8cbb72e14ee7cf14fafec3c09b45f9874b67e

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform
"Win32"
Referer
https://xosodaiphat.com/
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
content-type
application/json

Response headers

date
Sat, 06 Jul 2024 10:39:47 GMT
cf-cache-status
DYNAMIC
server
cloudflare
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json
access-control-allow-origin
*
debug
rtd-nx-ny
access-control-allow-headers
*
content-length
27
cf-ray
89eef9132b058dd8-MIA
rtd
id.hadron.ad.gt/api/v1/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://id.hadron.ad.gt/api/v1/rtd
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:545 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://xosodaiphat.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

access-control-allow-headers
*
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
cf-cache-status
DYNAMIC
cf-ray
89eef9127ab78dd8-MIA
content-length
0
content-type
application/json
date
Sat, 06 Jul 2024 10:39:47 GMT
debug
rtd-nx-ny
server
cloudflare
draggable-icon.svg
player.gliacloud.com/vp/0.4.58/embed/img/ 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://player.gliacloud.com/vp/0.4.58/embed/img/draggable-icon.svg
Requested by
Host: xosodaiphat.com
URL: https://xosodaiphat.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.234.15 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0f2d79f369d3c083f2a4be911dc46e9a62188502d54c175533aba4909472ce3d

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://xosodaiphat.com/
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 06 Jul 2024 10:39:47 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
16796
alt-svc
h3=":443"; ma=86400
last-modified
Sat, 06 Jul 2024 05:59:51 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=rjJSD1usfQXyHoOT1uk7oLEFCbOEMELjKLh6jQcXlWD1kMTRVSqJmAE9Yo8QTLYr2I%2F%2BQxx%2F74kn7UrfLB5Cj6el8CJ2UV4eJYN%2BxA2c93zEGK8a1DhiRKV0sTmwfoQzpIS0P30lvA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
x-cloud-trace-context
77e0229bce4c0856fab7f80c70a6d601
cache-control
public, max-age=86400
cf-ray
89eef912ba273dd7-MIA
priority
u=3,i
expires
Sat, 06 Jul 2024 08:45:29 GMT
gif.gif
static-pixel.gliavideo.com/info/ 		14 B
657 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://static-pixel.gliavideo.com/info/gif.gif
Requested by
Host: player.gliacloud.com
URL: https://player.gliacloud.com/p/embed/gc-instream-yt.js?v=0.4.58
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::ac43:b50d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1f19970f056cd116a5fe3c02422c1ee1ac827136df470b5c89af492620512aa4

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://xosodaiphat.com/
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 06 Jul 2024 10:39:47 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
226898
custom-connecting-ip
2001:550:1d05:1::7
alt-svc
h3=":443"; ma=86400
content-length
14
custom-ipcountry
US
last-modified
Fri, 03 May 2024 05:38:39 GMT
server
cloudflare
etag
"bc4be32fc23f91be8d1d93f61cf61838"
vary
Origin, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=lJ%2BcdphkJZfm6ayG%2BsggCFWbAby0bB4cCbeLalbHez4nOsC5COp%2BIHvJXHfoaLc0ljW9EWVwwjr7NwepZMW31uIvHbBj19aF9LWl4WUSWI3c4ykiQ%2ByGaz7bO%2F2AxDweYaC9UiJoalUh70F6g2LQSM1K4TMHGL8%2FAw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Custom-Connecting-IP, Custom-IPCountry
cache-control
max-age=7200
accept-ranges
bytes
cf-ray
89eef9137ef49ae6-MIA
ima3.js
imasdk.googleapis.com/js/sdkloader/ 		415 KB
143 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/sdkloader/ima3.js
Requested by
Host: player.gliacloud.com
URL: https://player.gliacloud.com/p/embed/gc-instream-yt.js?v=0.4.58
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:823::200a , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
936f5a4299c7435fde1e9db72f95b51fe142f901e9fc9972395e508726b3a4ed
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://xosodaiphat.com/
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 06 Jul 2024 10:39:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
145330
x-xss-protection
0
expires
Sat, 06 Jul 2024 10:39:47 GMT
0ab198dd-b265-462a-ae36-74e163ad6159
config.aps.amazon-adsystem.com/configs/ 		563 B
830 B 		Script
General
Check archive.org
Download Go to
Full URL
https://config.aps.amazon-adsystem.com/configs/0ab198dd-b265-462a-ae36-74e163ad6159
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.106.70 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-106-70.jfk50.r.cloudfront.net
Software
CloudFront /
Resource Hash
8248d6cddfd9784d48db57abf5523eb486698aac1fe6e72ce8677c22f5e9f31e

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://xosodaiphat.com/
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 06 Jul 2024 10:01:39 GMT
via
1.1 a65e9b4047452e76aa43b68828db2d7e.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
JFK50-P3
age
2288
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=3600
content-length
563
x-amz-cf-id
rv1A8-8Zf-bey78R0zHHSExoEqh4-bNiUuqBr3VnrbdkFjDcLftxNw==
config
c.amazon-adsystem.com/cdn/prod/ 		3 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fxosodaiphat.com&pubid=0ab198dd-b265-462a-ae36-74e163ad6159
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.238.63.215 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-238-63-215.jfk52.r.cloudfront.net
Software
Server /
Resource Hash
2e28457fb19e528aaa91339f61757e9afb74499ce4325dba279fa4f8453dbb7d

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://xosodaiphat.com/
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 06 Jul 2024 10:04:21 GMT
via
1.1 a09be795efaa72bd6adbcee7b35c4d1c.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
JFK52-P4
age
2126
x-cache
Hit from cloudfront
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://xosodaiphat.com
cache-control
max-age=21550, s-maxage=21600
access-control-allow-credentials
true
content-length
3011
x-amz-cf-id
hpRiq-Qk9_b1pLEcIgv_TqMp1EJYcJnYwA5_aRRBxcGyRQz_yfKfxQ==
bid
aax.amazon-adsystem.com/e/dtb/ 		273 B
607 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://aax.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fxosodaiphat.com%2F&pid=unbIah0uAbkv8&cb=0&ws=1600x1200&v=24.620.1905&t=986&slots=%5B%7B%22sd%22%3A%22xosodaiphat_sticky_footer%22%2C%22s%22%3A%5B%221x1%22%2C%22300x50%22%2C%22320x50%22%2C%22468x60%22%2C%22728x90%22%2C%22970x90%22%2C%221200x90%22%2C%22300x100%22%2C%22320x100%22%2C%221005x124%22%5D%2C%22sn%22%3A%22%2F22529613777%2Fxosodaiphat_sticky_footer%22%7D%5D&pj=%7B%22device%22%3A%7B%22sua%22%3A%7B%22mobile%22%3A0%2C%22source%22%3A1%2C%22platform%22%3A%7B%22brand%22%3A%22Win32%22%7D%2C%22browsers%22%3A%5B%7B%22brand%22%3A%22Google+Chrome%22%2C%22version%22%3A%5B%22126%22%5D%7D%2C%7B%22brand%22%3A%22Not%3AA-Brand%22%2C%22version%22%3A%5B%228%22%5D%7D%2C%7B%22brand%22%3A%22Chromium%22%2C%22version%22%3A%5B%22126%22%5D%7D%5D%7D%7D%7D&schain=1.0%2C1%21freestar.com%2C1760%2C1%2C%2C%2C&sm=aa1faa77-0c08-46a4-a084-810610582056&pubid=0ab198dd-b265-462a-ae36-74e163ad6159&gdprl=%7B%22status%22%3A%22no-cmp%22%7D&_c=1
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.127.64 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-127-64.jfk50.r.cloudfront.net
Software
Server /
Resource Hash
d3fddd4ff0e9f303e9eb97d639db1d7e1dba59e2b7f438f084191c4c1dd76488

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://xosodaiphat.com/
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 06 Jul 2024 10:39:47 GMT
via
1.1 5d3699e517195152b2b0917312ab80b8.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
JFK50-P4
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://xosodaiphat.com
access-control-allow-credentials
true
timing-allow-origin
*
content-length
273
x-amz-cf-id
W7KtGWlMJKxz076aUu6vZVqh_ULrplScPkCzsfs6h7d6QkOY3lv3Lw==
bid
aax.amazon-adsystem.com/e/dtb/ 		273 B
606 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://aax.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fxosodaiphat.com%2F&pid=unbIah0uAbkv8&cb=1&ws=1600x1200&v=24.620.1905&t=986&slots=%5B%7B%22sd%22%3A%22xosodaiphat_sidewall_left%22%2C%22s%22%3A%5B%22200x600%22%2C%22160x600%22%2C%22120x600%22%5D%2C%22sn%22%3A%22%2F22529613777%2Fxosodaiphat_sidewall_left%22%7D%5D&pj=%7B%22device%22%3A%7B%22sua%22%3A%7B%22mobile%22%3A0%2C%22source%22%3A1%2C%22platform%22%3A%7B%22brand%22%3A%22Win32%22%7D%2C%22browsers%22%3A%5B%7B%22brand%22%3A%22Google+Chrome%22%2C%22version%22%3A%5B%22126%22%5D%7D%2C%7B%22brand%22%3A%22Not%3AA-Brand%22%2C%22version%22%3A%5B%228%22%5D%7D%2C%7B%22brand%22%3A%22Chromium%22%2C%22version%22%3A%5B%22126%22%5D%7D%5D%7D%7D%7D&schain=1.0%2C1%21freestar.com%2C1760%2C1%2C%2C%2C&sm=aa1faa77-0c08-46a4-a084-810610582056&pubid=0ab198dd-b265-462a-ae36-74e163ad6159&gdprl=%7B%22status%22%3A%22no-cmp%22%7D&_c=1
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.127.64 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-127-64.jfk50.r.cloudfront.net
Software
Server /
Resource Hash
a16cbc263c4a2f86d634cb11040ebdc0a61f1275664c4ad26afbf67bd9471501

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://xosodaiphat.com/
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 06 Jul 2024 10:39:47 GMT
via
1.1 5d3699e517195152b2b0917312ab80b8.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
JFK50-P4
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://xosodaiphat.com
access-control-allow-credentials
true
timing-allow-origin
*
content-length
273
x-amz-cf-id
fn5dbKmKN5MUjfgZNPk_FU2Rl3poyOMUYlQ80b539tNI689wHKD7ow==
aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/ 		6 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.238.63.215 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-238-63-215.jfk52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://xosodaiphat.com/
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 05 Jul 2024 18:31:39 GMT
x-amz-version-id
r5.lR.LJ66XEXzxUUVo7iMemjL_F_GoE
content-encoding
gzip
via
1.1 9ff0b6c9de3fbfb51f9f14244e2651a4.cloudfront.net (CloudFront)
x-amz-cf-pop
JFK52-P4
age
58089
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Thu, 29 Feb 2024 02:13:08 GMT
server
AmazonS3
etag
W/"a4d296427fc806b21335359e398c025c"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
vary
Accept-Encoding,Origin
x-amz-cf-id
46WTeVxqR5K6BWWxv5a1C2lXhn0kfkCLpotnK8j6ZdnlQDBt43eLXQ==
topics_frame.html
pa.openx.net/ Frame DE74 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://pa.openx.net/topics_frame.html?bidder=openx
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-8.49.3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.36.214.49 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
49.214.36.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash

Request headers

Accept-Language
en-US,en;q=0.9;q=0.9
Referer
https://xosodaiphat.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

accept-ranges
bytes
age
1157
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public,max-age=3600
content-length
1036
content-type
text/html; charset=utf-8
date
Sat, 06 Jul 2024 10:20:30 GMT
etag
"c5379e35e267deacc52e06ed0f5fa81f"
last-modified
Mon, 22 Jan 2024 14:38:43 GMT
server
UploadServer
supports-loading-mode
fenced-frame
vary
Origin
x-allow-fledge
true
x-goog-generation
1705934323795552
x-goog-hash
crc32c=eLLIGA== md5=xTeeNeJn3qzFLgbtD1+oHw==
x-goog-metageneration
1
x-goog-storage-class
STANDARD
x-goog-stored-content-encoding
identity
x-goog-stored-content-length
1036
x-guploader-uploadid
ACJd0Npz3Qs91882Efs4O7bTyb0FfzErg-CWGLg0lx7wSb9YXdKaUcXGZYZ98u5h6rDk2OroXw
topics_frame.html
ads.pubmatic.com/AdServer/js/topics/ Frame 6B9E 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/topics/topics_frame.html?bidder=pubmatic
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-8.49.3.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.45.193.13 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-45-193-13.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash

Request headers

Accept-Language
en-US,en;q=0.9;q=0.9
Referer
https://xosodaiphat.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

accept-ranges
bytes
cache-control
max-age=150642
content-encoding
gzip
content-length
859
content-type
text/html
date
Sat, 06 Jul 2024 10:39:48 GMT
expires
Mon, 08 Jul 2024 04:30:30 GMT
last-modified
Tue, 21 Mar 2023 05:02:13 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
bidRequest
c2shb.pubgw.yahoo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:2352:af01:fb37:7890:d10:c020 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-openrtb-version
Access-Control-Request-Method
POST
Origin
https://xosodaiphat.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
x-openrtb-version,Content-Type
access-control-allow-methods
OPTIONS,POST
access-control-allow-origin
https://xosodaiphat.com
access-control-max-age
3600
allow
OPTIONS,POST
content-length
0
date
Sat, 06 Jul 2024 10:39:48 GMT
bidRequest
c2shb.pubgw.yahoo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:2352:af01:fb37:7890:d10:c020 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-openrtb-version
Access-Control-Request-Method
POST
Origin
https://xosodaiphat.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
x-openrtb-version,Content-Type
access-control-allow-methods
OPTIONS,POST
access-control-allow-origin
https://xosodaiphat.com
access-control-max-age
3600
allow
OPTIONS,POST
content-length
0
date
Sat, 06 Jul 2024 10:39:48 GMT
bidRequest
c2shb.pubgw.yahoo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:2352:af01:fb37:7890:d10:c020 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-openrtb-version
Access-Control-Request-Method
POST
Origin
https://xosodaiphat.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
x-openrtb-version,Content-Type
access-control-allow-methods
OPTIONS,POST
access-control-allow-origin
https://xosodaiphat.com
access-control-max-age
3600
allow
OPTIONS,POST
content-length
0
date
Sat, 06 Jul 2024 10:39:48 GMT
bidRequest
c2shb.pubgw.yahoo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:2352:af01:fb37:7890:d10:c020 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-openrtb-version
Access-Control-Request-Method
POST
Origin
https://xosodaiphat.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
x-openrtb-version,Content-Type
access-control-allow-methods
OPTIONS,POST
access-control-allow-origin
https://xosodaiphat.com
access-control-max-age
3600
allow
OPTIONS,POST
content-length
0
date
Sat, 06 Jul 2024 10:39:48 GMT
prebid
ib.adnxs.com/ut/v3/ 		14 KB
8 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-8.49.3.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.160.26 Colonia, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
567.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
5827389148c26256e39be0c38389765833e4792c5d7bb02a4c36f9859e9ca7ff
Security Headers
Name Value
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform
"Win32"
Referer
https://xosodaiphat.com/
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Sat, 06 Jul 2024 10:39:48 GMT
content-encoding
gzip
an-x-request-uuid
60d601da-b44b-421a-93e3-434c4087f3cf
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
vary
Accept-Encoding
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
application/json; charset=utf-8
access-control-allow-origin
https://xosodaiphat.com
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
38.132.118.74; 38.132.118.74; 567.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
prebid
ads.yieldmo.com/exchange/ 		0
224 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ads.yieldmo.com/exchange/prebid?pbav=8.49.3&p=%5B%7B%22placement_id%22%3A%22xosodaiphat_sticky_footer%22%2C%22callback_id%22%3A%224208c9888cccf1%22%2C%22sizes%22%3A%5B%5B970%2C90%5D%2C%5B728%2C90%5D%2C%5B468%2C60%5D%2C%5B320%2C100%5D%2C%5B300%2C100%5D%2C%5B320%2C50%5D%2C%5B300%2C50%5D%2C%5B1%2C1%5D%5D%2C%22ym_placement_id%22%3A%222662464007037722661%22%2C%22gpid%22%3A%22%2F22529613777%2Fxosodaiphat_sticky_footer%2Fxosodaiphat_sticky_footer%22%2C%22tid%22%3A%221dfb5caa-fbde-463c-b841-ac49434b9fd2%22%2C%22auctionId%22%3A%22bb046e51-50d7-41f1-b16e-b95439c96204%22%7D%5D&page_url=https%3A%2F%2Fxosodaiphat.com%2F&bust=1720262387741&dnt=false&description=KQXS%20-%20X%E1%BB%95%20s%E1%BB%91%20ki%E1%BA%BFn%20thi%E1%BA%BFt%20h%C3%B4m%20nay%20-%20T%C6%B0%E1%BB%9Dng%20thu%E1%BA%ADt%20tr%E1%BB%B1c%20ti%E1%BA%BFp%20k%E1%BA%BFt%20qu%E1%BA%A3%20x%E1%BB%95%20s%E1%BB%91%20ba%20mi%E1%BB%81n%20nhanh%20ch%C3%B3ng%2C%20ch%C3%ADnh%20x%C3%A1c%20nh%E1%BA%A5t%20-%20T%E1%BB%95ng%20h%E1%BB%A3p%20x%E1%BB%95%20s%E1%BB%91%20truy%E1%BB%81n%20th%E1%BB%91ng%2C%20Vietlott%20h%C3%A0ng%20ng%C3%A0y.&tmax=986&userConsent=%7B%22gdprApplies%22%3A%22%22%2C%22cmp%22%3A%22%22%2C%22gpp%22%3A%22%22%2C%22gpp_sid%22%3A%5B%5D%7D&us_privacy=&pr=&scrd=1&title=KQXS%20-%20X%E1%BB%95%20s%E1%BB%91%20ki%E1%BA%BFn%20thi%E1%BA%BFt%20h%C3%B4m%20nay%20-%20Xo%20So&w=1600&h=1200&pubcid=b64e2aa8-6f4c-4ecf-a4fb-5b1ee28bf261&tdid=549d8d79-5a7e-4d7f-ac03-6b693aeb00e7&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22freestar.com%22%2C%22sid%22%3A%221760%22%2C%22hp%22%3A1%7D%5D%7D&eids=%5B%7B%22source%22%3A%22audigent.com%22%2C%22uids%22%3A%5B%7B%22id%22%3A%220001yum0eabkba98bciae6gibddj96ldclf786khdaabackkc2jl%22%2C%22atype%22%3A1%7D%5D%7D%2C%7B%22source%22%3A%22pubcid.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%22b64e2aa8-6f4c-4ecf-a4fb-5b1ee28bf261%22%2C%22atype%22%3A1%7D%5D%7D%2C%7B%22source%22%3A%22adserver.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%22549d8d79-5a7e-4d7f-ac03-6b693aeb00e7%22%2C%22atype%22%3A1%2C%22ext%22%3A%7B%22rtiPartner%22%3A%22TDID%22%7D%7D%5D%7D%5D
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-8.49.3.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.84.174.74 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-84-174-74.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform
"Win32"
Referer
https://xosodaiphat.com/
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
https://xosodaiphat.com
pragma
no-cache
date
Sat, 06 Jul 2024 10:39:48 GMT
access-control-allow-credentials
true
x-robots-tag
none,NOINDEX,NOFOLLOW
access-control-allow-methods
POST, GET, OPTIONS
access-control-request-headers
Cache-Control, Pragma
translator
hbopenbid.pubmatic.com/ 		7 KB
3 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-8.49.3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
207.65.37.179 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
4a499520342d7b8bc3fb58eed389965b413b371e7b794d2c11484aee4a64225a

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform
"Win32"
Referer
https://xosodaiphat.com/
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
content-type
text/plain

Response headers

date
Sat, 06 Jul 2024 10:39:48 GMT
content-encoding
gzip
x-openrtb-version
2.3
observe-browsing-topics
?1
content-type
application/json
access-control-allow-origin
https://xosodaiphat.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
prebid
prebid.media.net/rtb/ 		18 KB
9 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://prebid.media.net/rtb/prebid?cid=8CUJ8GUQF
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-8.49.3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.63.153 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
153.63.120.34.bc.googleusercontent.com
Software
envoy /
Resource Hash
12ada23bdb3a1ce383a5bcafda0abbf59bedbe47fc16af16580f6e85eccafdea

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform
"Win32"
Referer
https://xosodaiphat.com/
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Sat, 06 Jul 2024 10:39:47 GMT
content-encoding
gzip
via
1.1 google
accept-ch
Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model
server
envoy
observe-browsing-topics
?1
content-type
application/json;charset=utf-8
access-control-allow-origin
https://xosodaiphat.com
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
341
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Sat, 06 Jul 2024 10:39:47 GMT
bidRequest
c2shb.pubgw.yahoo.com/ 		2 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-8.49.3.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:2352:af01:fb37:7890:d10:c020 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
8b2bf9e6b0bd093dff7b55820a5d5bbc90f92fc9b62cd1a1dace9a5c221ead4a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
x-openrtb-version
2.5
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
content-type
application/json
Referer
https://xosodaiphat.com/
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 06 Jul 2024 10:39:48 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
content-encoding
zstd
access-control-max-age
3600
allow
OPTIONS,POST
access-control-allow-methods
OPTIONS,POST
content-type
application/json
access-control-allow-origin
https://xosodaiphat.com
x-frame-options
SAMEORIGIN
access-control-allow-credentials
true
access-control-allow-headers
x-openrtb-version,Content-Type
content-length
1520
bidRequest
c2shb.pubgw.yahoo.com/ 		2 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-8.49.3.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:2352:af01:fb37:7890:d10:c020 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
4abe1cedb274539491d570338f7900776d37aad1aa74ab9d1f250aaf949cbb13
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
x-openrtb-version
2.5
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
content-type
application/json
Referer
https://xosodaiphat.com/
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 06 Jul 2024 10:39:48 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
content-encoding
zstd
access-control-max-age
3600
allow
OPTIONS,POST
access-control-allow-methods
OPTIONS,POST
content-type
application/json
access-control-allow-origin
https://xosodaiphat.com
x-frame-options
SAMEORIGIN
access-control-allow-credentials
true
access-control-allow-headers
x-openrtb-version,Content-Type
content-length
1522
bidRequest
c2shb.pubgw.yahoo.com/ 		2 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-8.49.3.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:2352:af01:fb37:7890:d10:c020 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
5d62587ba2b5f7104d04883114f0e13939309f399f7947e2b492bce0bac623a3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
x-openrtb-version
2.5
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
content-type
application/json
Referer
https://xosodaiphat.com/
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 06 Jul 2024 10:39:48 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
content-encoding
zstd
access-control-max-age
3600
allow
OPTIONS,POST
access-control-allow-methods
OPTIONS,POST
content-type
application/json
access-control-allow-origin
https://xosodaiphat.com
x-frame-options
SAMEORIGIN
access-control-allow-credentials
true
access-control-allow-headers
x-openrtb-version,Content-Type
content-length
1525
bidRequest
c2shb.pubgw.yahoo.com/ 		2 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-8.49.3.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:2352:af01:fb37:7890:d10:c020 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
a471d9269979fb460086518cc72ccb19bf1a554ea9e29d97d95f7d0a1b195183
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
x-openrtb-version
2.5
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
content-type
application/json
Referer
https://xosodaiphat.com/
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 06 Jul 2024 10:39:48 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
content-encoding
zstd
access-control-max-age
3600
allow
OPTIONS,POST
access-control-allow-methods
OPTIONS,POST
content-type
application/json
access-control-allow-origin
https://xosodaiphat.com
x-frame-options
SAMEORIGIN
access-control-allow-credentials
true
access-control-allow-headers
x-openrtb-version,Content-Type
content-length
1521
pbjs
htlb.casalemedia.com/openrtb/ 		11 KB
6 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=676941
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-8.49.3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0f980b0ff1ceec1067d3dbabb9ce427bdcf06e2dfa282d7e5c30ad052debc844

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform
"Win32"
Referer
https://xosodaiphat.com/
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
content-type
text/plain

Response headers

date
Sat, 06 Jul 2024 10:39:48 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
observe-browsing-topics
?1
alt-svc
h3=":443"; ma=86400
content-length
4993
pragma
no-cache
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=l16ccQqKcb6rsEbKt0Z0nd5czLEiY8Hq7Bz8TkKmRiDkiDtosdFZtlkoes9BMN%2FrClO8gbq2xztk3Do%2Bmm83WZnmClX9xa%2BMkxVyK7h22ah3r%2BM3hd%2B2UeVh%2BwbqLjQeOXK85xpr"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://xosodaiphat.com
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
89eef9142f498752-MIA
expires
0
cdb
bidder.criteo.com/ 		0
222 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=36&wv=8.49.3&cb=17276054101&lsavail=1
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-8.49.3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.119.117.6 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform
"Win32"
Referer
https://xosodaiphat.com/
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
content-type
text/plain

Response headers

date
Sat, 06 Jul 2024 10:39:48 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
observe-browsing-topics
?1
vary
Origin
access-control-allow-origin
https://xosodaiphat.com
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
hbjson
grid.bidswitch.net/ 		24 B
264 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://grid.bidswitch.net/hbjson
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-8.49.3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.119.117.6 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
nginx /
Resource Hash
1212819a5cca85efcee76b60a0cb385ff75d871ef821cac6fb8bebd5560dc8ce
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform
"Win32"
Referer
https://xosodaiphat.com/
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
content-type
text/plain

Response headers

date
Sat, 06 Jul 2024 10:39:48 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
server
nginx
content-type
application/json
access-control-allow-origin
https://xosodaiphat.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
49
auction
tlx.3lift.com/header/ 		0
0
prebidjs
rtb.openx.net/openrtbb/ 		53 B
384 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://rtb.openx.net/openrtbb/prebidjs
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-8.49.3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.253.211 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
211.253.186.35.bc.googleusercontent.com
Software
/
Resource Hash
b35f3f631fe613e539ec799b377518466e99f3b99e7e6eb2c66c174628fa2d5a

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform
"Win32"
Referer
https://xosodaiphat.com/
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
content-type
text/plain

Response headers

date
Sat, 06 Jul 2024 10:39:47 GMT
content-encoding
gzip
via
1.1 google
observe-browsing-topics
?1
vary
Origin
x-forwarded-for
38.132.118.74
content-type
text/plain
access-control-allow-origin
https://xosodaiphat.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
77
fastlane.json
fastlane.rubiconproject.com/a/api/ 		12 KB
6 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=16924&site_id=500600&zone_id=2983354&size_id=2&alt_size_ids=1%2C19%2C43%2C44%2C55%2C117%2C221&rp_schain=1.0,1!freestar.com,1760,1,,,&eid_audigent.com=0001yum0eabkba98bciae6gibddj96ldclf786khdaabackkc2jl%5E1&eid_pubcid.org=b64e2aa8-6f4c-4ecf-a4fb-5b1ee28bf261%5E1&tpid_tdid=549d8d79-5a7e-4d7f-ac03-6b693aeb00e7&eid_adserver.org=549d8d79-5a7e-4d7f-ac03-6b693aeb00e7&rf=https%3A%2F%2Fxosodaiphat.com%2F&kw=kqxs%2Cxoso%2Cx%E1%BB%95s%E1%BB%91ki%E1%BA%BFnthi%E1%BA%BFt%2Cx%E1%BB%95s%E1%BB%91bami%E1%BB%81n%2Cx%E1%BB%95s%E1%BB%91truy%E1%BB%81nth%E1%BB%91ng%2Cx%E1%BB%95s%E1%BB%91&tg_v.id=a07a17ef-a98b-4fc7-8de1-5ca9415a19ef&tg_i.domain=xosodaiphat.com&tg_i.page=https%3A%2F%2Fxosodaiphat.com%2F&tg_i.name=xosodaiphat-com&tg_i.cat=IAB12&tg_i.sectioncat=IAB12&tg_i.pagecat=IAB12&tg_i.mobile=0&tg_i.fs_optimized=false&tg_i.fs_site=6317&tg_i.fs_ad_product=stickyFooter&tg_i.pbadslot=%2F22529613777%2Fxosodaiphat_sticky_footer%2Fxosodaiphat_sticky_footer&tk_flint=pbjs_lite_v8.49.3&x_source.tid=bb046e51-50d7-41f1-b16e-b95439c96204&l_pb_bid_id=3941f380650480b&p_screen_res=1600x1200&rp_secure=1&x_imp.ext.tid=1dfb5caa-fbde-463c-b841-ac49434b9fd2&rp_maxbids=1&p_gpid=%2F22529613777%2Fxosodaiphat_sticky_footer%2Fxosodaiphat_sticky_footer&m_ch_ua=%22Google%20Chrome%22%7Cv%3D%22126%22%2C%22Not%3AA-Brand%22%7Cv%3D%228%22%2C%22Chromium%22%7Cv%3D%22126%22&m_ch_full_ver=%22Google%20Chrome%22%7Cv%3D%22126%22%2C%22Not%3AA-Brand%22%7Cv%3D%228%22%2C%22Chromium%22%7Cv%3D%22126%22&m_ch_mobile=%3F0&m_ch_platform=Win32&slots=1&rand=0.05623193207010879
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-8.49.3.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c002:200::32 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
65591e57e4be656669b157490f15e343e9a95894bb8cb7a3f55386541864b2a6

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform
"Win32"
Referer
https://xosodaiphat.com/
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Sat, 06 Jul 2024 10:39:48 GMT
content-encoding
gzip
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://xosodaiphat.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
expires
Wed, 17 Sep 1975 21:32:10 GMT
474
a.ad.gt/api/v1/u/matches/ 		13 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a.ad.gt/api/v1/u/matches/474?_it=freestar
Requested by
Host: cdn.hadronid.net
URL: https://cdn.hadronid.net/hadron.js?url=https%3A%2F%2Fxosodaiphat.com%2F&ref=&_it=freestar&partner_id=474&ha=_hadron
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:445 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
323078255b49de637d9a1eb7b8c55c603b62bd4fe0d2a028403488ae56e4762e

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://xosodaiphat.com/
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 06 Jul 2024 10:39:48 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Sat, 06 Jul 2024 10:35:28 GMT
server
cloudflare
age
196
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=14400
cross-origin-resource-policy
cross-origin
cf-ray
89eef9161bd1db25-MIA
pubcid.min.js
secure.cdn.fastclick.net/js/pubcid/latest/ 		54 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.cdn.fastclick.net/js/pubcid/latest/pubcid.min.js
Requested by
Host: xosodaiphat.com
URL: https://xosodaiphat.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.203.179.38 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-203-179-38.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
43f804d38a294c6df1ce8ee64fb95ad0ff5a8d6d5685d9537df02212668a1dff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://xosodaiphat.com/
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 06 Jul 2024 10:39:48 GMT
content-encoding
gzip
last-modified
Mon, 23 Jan 2023 19:40:17 GMT
server
Apache
etag
"d734-5f2f3919e751f-gzip"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=900
accept-ranges
bytes
content-length
17407
expires
Sat, 06 Jul 2024 10:54:48 GMT
sync.min.js
tags.crwdcntrl.net/lt/c/16576/ 		42 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.crwdcntrl.net/lt/c/16576/sync.min.js
Requested by
Host: xosodaiphat.com
URL: https://xosodaiphat.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.128.124 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-128-124.jfk50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
7fe341b15b354839cdd60af498360ae74b247cf2735dc3acb06f9209178e78f6

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://xosodaiphat.com/
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 05 Jul 2024 11:24:54 GMT
content-encoding
gzip
via
1.1 bd83fc15ab125846f839dd3c1ad21462.cloudfront.net (CloudFront)
last-modified
Thu, 27 Jun 2024 17:09:24 GMT
server
AmazonS3
x-amz-cf-pop
JFK50-P4
age
83695
x-amz-server-side-encryption
AES256
etag
W/"0fa7c7fefa97798610e7d35cf47b7fdd"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
public, max-age=86400
x-amz-cf-id
Ki8FqTJpkUkYKGUYg56aWJqLwZoushPcvq9AnpDHR_cA6j9E_XgZRQ==
ima.js
cdn-ima.33across.com/ 		16 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn-ima.33across.com/ima.js
Requested by
Host: xosodaiphat.com
URL: https://xosodaiphat.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.152.89 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
65380b178237f3a85e5fcefbd766a6ac82e40cf1b81f6f79c092df1720167b0b

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://xosodaiphat.com/
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 06 Jul 2024 10:39:48 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Fri, 05 Jul 2024 19:54:52 GMT
server
cloudflare
age
52624
etag
W/"66884f8c-4089"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=259200
cf-ray
89eef9163f69a681-MIA
expires
Tue, 09 Jul 2024 10:39:48 GMT
id5-api.js
cdn.id5-sync.com/api/1.0/ 		94 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.id5-sync.com/api/1.0/id5-api.js
Requested by
Host: xosodaiphat.com
URL: https://xosodaiphat.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:3456 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cccaedb13f2aa38970538b043bfd16b0fa24e6a6a386833059595fd0a408e105
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://xosodaiphat.com/
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 06 Jul 2024 10:39:48 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 19 Jun 2024 08:15:00 GMT
server
cloudflare
x-amz-request-id
WM1RZ62S3TETY84Y
age
2891
etag
W/"7549ecdacdd2ca9502744f648799d58a"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
text/javascript;charset=utf-8
cache-control
public, max-age=3600
cf-ray
89eef9163b5d8da3-MIA
x-amz-id-2
c1mjZawPREbT4KWV1oBN9Tw4mqD90X9k+oaPjWAfxhVSA/xCIfjtFwkE2+YHYVvo/tMw7xGHK7e802KpzTUo7g==
rules-p-UeXruRVtZz7w6.js
rules.quantcount.com/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://rules.quantcount.com/rules-p-UeXruRVtZz7w6.js
Requested by
Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21dd:6c00:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
a7b5f5f96f81dea4efc53e1d4dae8b37c28bec27a45b42ccf604ee759e20caec

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://xosodaiphat.com/
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 06 Jul 2024 10:29:02 GMT
content-encoding
gzip
via
1.1 f63b7060880d6ffdf68ba8d91762570c.cloudfront.net (CloudFront)
x-amz-cf-pop
EWR53-C2
age
647
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
last-modified
Thu, 07 Dec 2017 17:06:25 GMT
server
AmazonS3
etag
W/"cbc97d16c77ea1fcbbf42d246001e982"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600
x-amz-cf-id
UaIjDYwcY9qKqBhpipibHUZaO-SiJd5MvE6DYmzEpqk44ZGk98eXqA==
v1
lb.eu-1-id5-sync.com/lb/ 		33 B
275 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://lb.eu-1-id5-sync.com/lb/v1
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-8.49.3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.117 Frankfurt am Main, Germany, ASN16276 (OVH, FR),
Reverse DNS
ns31533568.ip-162-19-138.eu
Software
/
Resource Hash
9665d144a9f7093546f50b288a7705c34b08fb7743734b13bb1e2b25900c2d65
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://xosodaiphat.com/
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

access-control-allow-origin
https://xosodaiphat.com
date
Sat, 06 Jul 2024 10:39:47 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
content-type
application/json;charset=UTF-8
AGSKWxXaZ67i9e1I-QV7SNW8f2muJ6uf7DeS0vg5-DcuAJa60DI76fO0mRHVLdaMxl2-JD_ZoyOYCrax2tF2AQOMJnctt2t7uEONsg1_Bq2cEJiORgWR5H64najurQjxKdIRkNczv8QvGg==
fundingchoicesmessages.google.com/f/ 		10 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxXaZ67i9e1I-QV7SNW8f2muJ6uf7DeS0vg5-DcuAJa60DI76fO0mRHVLdaMxl2-JD_ZoyOYCrax2tF2AQOMJnctt2t7uEONsg1_Bq2cEJiORgWR5H64najurQjxKdIRkNczv8QvGg==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzIwMjYyMzg4XSxudWxsLG51bGwsbnVsbCxbbnVsbCxbN11dLCJodHRwczovL3hvc29kYWlwaGF0LmNvbS8iLG51bGwsW1s4LCJLcHdXOEJUNXhDSSJdLFs5LCJlbi1VUyJdLFsxOCwiW1tbMF1dXSJdLFsyMiwiZmFsc2UiXSxbMTksIjIiXV1d
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.KpwW8BT5xCI.es5.O/am=GAY/d=1/rs=AJlcJMyVqgfvVK3kYS1nZ1Hxkf7pChwMDQ/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.80.110 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s36-in-f14.1e100.net
Software
ESF /
Resource Hash
0899dfba882b23053661826a294de10c554ccaeafbd2a7e71ef80a36554aec58
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-DhBbAdtK7WNJVsZF8M7TQA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://xosodaiphat.com/
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 06 Jul 2024 10:39:48 GMT
content-security-policy
script-src 'report-sample' 'nonce-DhBbAdtK7WNJVsZF8M7TQA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
reporting-endpoints
default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzjCtDikmLw1JBiOO90h-k6EEt8fcmkBcRO6TNYQ4DYp34GaxwQt948xzodiD8_Psf6G4iT_p1nLQHiJREXWY8kXmQ9-Pgi60kgFuLm-LJ3yRY2gRvNG-WVNJLyC-OT8_NKijKTSkvyi9KS01KLU4vKUovijQyMTAzMDQz1DMzjCwwAu2g5cA"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin
*
expires
Mon, 01 Jan 1990 00:00:00 GMT
zrt_lookup_fy2021.html
googleads.g.doubleclick.net/pagead/html/r20240702/r20110914/ Frame 7214 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20240702/r20110914/zrt_lookup_fy2021.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202406260101/show_ads_impl_fy2021.js?bust=31084926
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.40.226 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s39-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9;q=0.9
Referer
https://xosodaiphat.com/
Sec-Browsing-Topics
();p=P0000000000000000000000000000000
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

age
51213
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4142
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 05 Jul 2024 20:26:13 GMT
etag
2738592464165616
expires
Fri, 19 Jul 2024 20:26:13 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
ping
pagead2.googlesyndication.com/pagead/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/ping?e=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.80.66 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s35-in-f2.1e100.net
Software
/
Resource Hash

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform
"Win32"
Referer
https://xosodaiphat.com/
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers
iu3
s.amazon-adsystem.com/ Frame 5E80
Redirect Chain
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=gg_n-mediagrid_n-index_n-LoopMe_n-adMediaV1_rx_snb_n-MediaNet_n-Beeswax_ox-db5_n-inmobi_cnv_n-smaato_n-onetag_pm-db5_n-simpli.fi_ym_rb...
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=gg_n-mediagrid_n-index_n-LoopMe_n-adMediaV1_rx_snb_n-MediaNet_n-Beeswax_ox-db5_n-inmobi_cnv_n-smaato_n-onetag_pm-db5_n-simpli.fi_ym_rb...
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=gg_n-mediagrid_n-index_n-LoopMe_n-adMediaV1_rx_snb_n-MediaNet_n-Beeswax_ox-db5_n-inmobi_cnv_n-smaato_n-onetag_pm-db5_n-simpli.fi_ym_rbd_ppt_n-vmg_n-nativo_an-db5_3lift_n-Outbrain&dcc=t
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language
en-US,en;q=0.9;q=0.9
Referer
https://xosodaiphat.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
443
Content-Type
text/html;charset=ISO-8859-1
Date
Sat, 06 Jul 2024 10:39:48 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid
GYC3HDGJRQAE7HBVVY78

Redirect headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
0
Date
Sat, 06 Jul 2024 10:39:48 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Location
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=gg_n-mediagrid_n-index_n-LoopMe_n-adMediaV1_rx_snb_n-MediaNet_n-Beeswax_ox-db5_n-inmobi_cnv_n-smaato_n-onetag_pm-db5_n-simpli.fi_ym_rbd_ppt_n-vmg_n-nativo_an-db5_3lift_n-Outbrain&dcc=t
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid
EBK3YRS9SSBXPVATP2YT
ima_ppub_config
securepubads.g.doubleclick.net/pagead/ 		2 KB
353 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/ima_ppub_config?ippd=https%3A%2F%2Fxosodaiphat.com%2F
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.40.98 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s79-in-f2.1e100.net
Software
cafe /
Resource Hash
6470b366d0c8c0a354dad603405a0b8bd887aceb8da1ecd4959d0d580375b45a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://xosodaiphat.com/
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 06 Jul 2024 10:39:48 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
328
x-xss-protection
0
expires
Sat, 06 Jul 2024 10:39:48 GMT
adScriptBlocking.min.js
cdn.jsdelivr.net/gh/unib0ts/unibots@latest/main/script/ 		0
0
xosodaiphat.com
player.gliacloud.com/violations/ 		26 B
591 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://player.gliacloud.com/violations/xosodaiphat.com
Requested by
Host: player.gliacloud.com
URL: https://player.gliacloud.com/p/embed/gc-instream-yt.js?v=0.4.58
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.234.15 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6928acfea351e62723cd2af8ecb4f838f7826708e95b1b6a5ce613d2913df268

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://xosodaiphat.com/
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 06 Jul 2024 10:39:48 GMT
content-encoding
gzip
cf-cache-status
EXPIRED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
content-length
47
pragma
Public
last-modified
Sat, 06 Jul 2024 10:22:37 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=jEB01W4qr%2FNVwutPJ0S00kv25ZE%2FHJLyq2GKkv8p47YgW959bh7hZh%2Fryj%2FE02sNIMCBdfWF4Km0XLyf0D2ojrppEaEiXc0RFcmTBLLzboxCALzyTSRysMzjfkYFtfliCTGAJp5Bgw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
*
x-cloud-trace-context
c5396eb0106d152eab2d2b5543adac5a
cache-control
public, max-age=900
accept-ranges
bytes
cf-ray
89eef9159cbada6b-MIA
priority
u=1,i
expires
Sat, 06 Jul 2024 10:54:48 GMT
474
p.ad.gt/api/v1/p/ 		39 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://p.ad.gt/api/v1/p/474
Requested by
Host: a.ad.gt
URL: https://a.ad.gt/api/v1/u/matches/474?_it=freestar
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:17ea , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
61aca18f7c51ad5b0c45fd95a23478aa3e2bdbedacef7d5970948717ee63b6c7

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://xosodaiphat.com/
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 06 Jul 2024 10:39:48 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Sat, 06 Jul 2024 10:34:07 GMT
server
cloudflare
age
231
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=14400
cf-ray
89eef91749d46daa-MIA
halo_match
ids.ad.gt/api/v1/ 		43 B
143 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ids.ad.gt/api/v1/halo_match?id=AU1D-0100-001720262388-O0OKIR77-9QXB&halo_id=060kihgfc676faj6hbef6ekceadlebk8k98yusqoi020oew0sgmo0myimek0mgy4y
Requested by
Host: xosodaiphat.com
URL: https://xosodaiphat.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.213.6.218 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-213-6-218.us-west-2.compute.amazonaws.com
Software
nginx/1.24.0 /
Resource Hash
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://xosodaiphat.com/
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 06 Jul 2024 10:39:48 GMT
cache-control
no-cache
server
nginx/1.24.0
content-length
43
content-type
image/gif
match
ids.ad.gt/api/v1/
Redirect Chain
  • https://secure.adnxs.com/getuid?https://ids.ad.gt/api/v1/match?id=AU1D-0100-001720262388-O0OKIR77-9QXB&adnxs_id=$UID&gdpr=0
  • https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fmatch%3Fid%3DAU1D-0100-001720262388-O0OKIR77-9QXB%26adnxs_id%3D%24UID%26gdpr%3D0
  • https://ids.ad.gt/api/v1/match?id=AU1D-0100-001720262388-O0OKIR77-9QXB&adnxs_id=2171395553848670899&gdpr=0
43 B
143 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ids.ad.gt/api/v1/match?id=AU1D-0100-001720262388-O0OKIR77-9QXB&adnxs_id=2171395553848670899&gdpr=0
Requested by
Host: xosodaiphat.com
URL: https://xosodaiphat.com/
Protocol
H2
Server
54.213.6.218 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-213-6-218.us-west-2.compute.amazonaws.com
Software
nginx/1.24.0 /
Resource Hash
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

Accept-Language
en-US,en;q=0.9;q=0.9
Referer
https://xosodaiphat.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Sat, 06 Jul 2024 10:39:48 GMT
cache-control
no-cache
server
nginx/1.24.0
content-length
43
content-type
image/gif

Redirect headers

pragma
no-cache
date
Sat, 06 Jul 2024 10:39:48 GMT
an-x-request-uuid
62a6d5cf-aa54-4983-ab96-1fedbb8e939a
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://ids.ad.gt/api/v1/match?id=AU1D-0100-001720262388-O0OKIR77-9QXB&adnxs_id=2171395553848670899&gdpr=0
x-proxy-origin
38.132.118.74; 38.132.118.74; 567.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
t_match
ids.ad.gt/api/v1/
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=8gkxb6n&ttd_tpi=1&ttd_puid=AU1D-0100-001720262388-O0OKIR77-9QXB&gdpr=0
  • https://ids.ad.gt/api/v1/t_match?tdid=549d8d79-5a7e-4d7f-ac03-6b693aeb00e7&id=AU1D-0100-001720262388-O0OKIR77-9QXB
43 B
144 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ids.ad.gt/api/v1/t_match?tdid=549d8d79-5a7e-4d7f-ac03-6b693aeb00e7&id=AU1D-0100-001720262388-O0OKIR77-9QXB
Requested by
Host: xosodaiphat.com
URL: https://xosodaiphat.com/
Protocol
H2
Server
54.213.6.218 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-213-6-218.us-west-2.compute.amazonaws.com
Software
nginx/1.24.0 /
Resource Hash
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

Accept-Language
en-US,en;q=0.9;q=0.9
Referer
https://xosodaiphat.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Sat, 06 Jul 2024 10:39:48 GMT
cache-control
no-cache
server
nginx/1.24.0
content-length
43
content-type
image/gif

Redirect headers

location
https://ids.ad.gt/api/v1/t_match?tdid=549d8d79-5a7e-4d7f-ac03-6b693aeb00e7&id=AU1D-0100-001720262388-O0OKIR77-9QXB
date
Sat, 06 Jul 2024 10:39:48 GMT
server
Kestrel
content-length
259
pbm_match
ids.ad.gt/api/v1/
Redirect Chain
  • https://image2.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fpbm_match%3Fpbm%3D%23PM_USER_ID%26id%3DAU1D-0100-001720262388-O0OKIR77-9QXB
  • https://image2.pubmatic.com/AdServer/UCookieSetPug?ird=1&rd=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fpbm_match%3Fpbm%3D%23PM_USER_ID%26id%3DAU1D-0100-001720262388-O0OKIR77-9QXB
  • https://ids.ad.gt/api/v1/pbm_match?pbm=336C3BC6-EE00-451E-8420-E332AE921915&id=AU1D-0100-001720262388-O0OKIR77-9QXB
43 B
143 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ids.ad.gt/api/v1/pbm_match?pbm=336C3BC6-EE00-451E-8420-E332AE921915&id=AU1D-0100-001720262388-O0OKIR77-9QXB
Requested by
Host: xosodaiphat.com
URL: https://xosodaiphat.com/
Protocol
H2
Server
54.213.6.218 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-213-6-218.us-west-2.compute.amazonaws.com
Software
nginx/1.24.0 /
Resource Hash
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

Accept-Language
en-US,en;q=0.9;q=0.9
Referer
https://xosodaiphat.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Sat, 06 Jul 2024 10:39:48 GMT
cache-control
no-cache
server
nginx/1.24.0
content-length
43
content-type
image/gif

Redirect headers

location
https://ids.ad.gt/api/v1/pbm_match?pbm=336C3BC6-EE00-451E-8420-E332AE921915&id=AU1D-0100-001720262388-O0OKIR77-9QXB
date
Sat, 06 Jul 2024 10:39:47 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
token
token.rubiconproject.com/ 		0
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://token.rubiconproject.com/token?pid=50242&puid=AU1D-0100-001720262388-O0OKIR77-9QXB&gdpr=0
Requested by
Host: xosodaiphat.com
URL: https://xosodaiphat.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
69.173.146.5 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://xosodaiphat.com/
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Expires
0
Pragma
no-cache
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
abdced99217677a3fee148679dae3157
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
tapad_match
ids.ad.gt/api/v1/
Redirect Chain
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=3185&partner_device_id=AU1D-0100-001720262388-O0OKIR77-9QXB&partner_url=https://ids.ad.gt%2Fapi%2Fv1%2Ftapad_match%3Fid%3DAU1D-0100-001720262388...
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3185&partner_device_id=AU1D-0100-001720262388-O0OKIR77-9QXB&partner_url=https://ids.ad.gt%2Fapi%2Fv1%2Ftapad_match%3Fid%3DAU1D-0100-001720...
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=tapad&ttd_tpi=1&ttd_puid=6729625d-944e-48b5-abcf-743892922161%252Chttps%25253A%25252F%25252Fids.ad.gt%25252Fapi%25252Fv1%25252Ftapad_match%25253Fi...
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=549d8d79-5a7e-4d7f-ac03-6b693aeb00e7&ttd_puid=6729625d-944e-48b5-abcf-743892922161%2Chttps%253A%252F%252Fids.ad.gt%252Fap...
  • https://ids.ad.gt/api/v1/tapad_match?id=AU1D-0100-001720262388-O0OKIR77-9QXB&tapad_id=6729625d-944e-48b5-abcf-743892922161
43 B
143 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ids.ad.gt/api/v1/tapad_match?id=AU1D-0100-001720262388-O0OKIR77-9QXB&tapad_id=6729625d-944e-48b5-abcf-743892922161
Requested by
Host: xosodaiphat.com
URL: https://xosodaiphat.com/
Protocol
H2
Server
54.213.6.218 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-213-6-218.us-west-2.compute.amazonaws.com
Software
nginx/1.24.0 /
Resource Hash
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

Accept-Language
en-US,en;q=0.9;q=0.9
Referer
https://xosodaiphat.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Sat, 06 Jul 2024 10:39:48 GMT
cache-control
no-cache
server
nginx/1.24.0
content-length
43
content-type
image/gif

Redirect headers

date
Sat, 06 Jul 2024 10:39:48 GMT
strict-transport-security
max-age=31536000
via
1.1 google
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
Jetty(11.0.13)
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
access-control-allow-origin
*
location
https://ids.ad.gt/api/v1/tapad_match?id=AU1D-0100-001720262388-O0OKIR77-9QXB&tapad_id=6729625d-944e-48b5-abcf-743892922161
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
g_match
ids.ad.gt/api/v1/
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=audigent_w_appnexus_3985&google_cm&google_sc&google_ula=450542624&id=AU1D-0100-001720262388-O0OKIR77-9QXB
  • https://ids.ad.gt/api/v1/g_match?id=AU1D-0100-001720262388-O0OKIR77-9QXB&google_gid=CAESEFu0DP-Qyx-ydDK3O9ja-J0&google_cver=1&google_ula=450542624,0
43 B
143 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ids.ad.gt/api/v1/g_match?id=AU1D-0100-001720262388-O0OKIR77-9QXB&google_gid=CAESEFu0DP-Qyx-ydDK3O9ja-J0&google_cver=1&google_ula=450542624,0
Requested by
Host: xosodaiphat.com
URL: https://xosodaiphat.com/
Protocol
H2
Server
54.213.6.218 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-213-6-218.us-west-2.compute.amazonaws.com
Software
nginx/1.24.0 /
Resource Hash
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

Accept-Language
en-US,en;q=0.9;q=0.9
Referer
https://xosodaiphat.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Sat, 06 Jul 2024 10:39:48 GMT
cache-control
no-cache
server
nginx/1.24.0
content-length
43
content-type
image/gif

Redirect headers

pragma
no-cache
date
Sat, 06 Jul 2024 10:39:48 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ids.ad.gt/api/v1/g_match?id=AU1D-0100-001720262388-O0OKIR77-9QXB&google_gid=CAESEFu0DP-Qyx-ydDK3O9ja-J0&google_cver=1&google_ula=450542624,0
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
357
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/
Redirect Chain
  • https://ids.ad.gt/api/v1/g_hosted?id=AU1D-0100-001720262388-O0OKIR77-9QXB
  • https://cm.g.doubleclick.net/pixel?google_nid=audigent_w_appnexus_3985&google_hm=QVUxRC0wMTAwLTAwMTcyMDI2MjM4OC1PME9LSVI3Ny05UVhC
170 B
243 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=audigent_w_appnexus_3985&google_hm=QVUxRC0wMTAwLTAwMTcyMDI2MjM4OC1PME9LSVI3Ny05UVhC
Requested by
Host: xosodaiphat.com
URL: https://xosodaiphat.com/
Protocol
H2
Server
142.251.32.98 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s77-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9;q=0.9
Referer
https://xosodaiphat.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 06 Jul 2024 10:39:48 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=audigent_w_appnexus_3985&google_hm=QVUxRC0wMTAwLTAwMTcyMDI2MjM4OC1PME9LSVI3Ny05UVhC
date
Sat, 06 Jul 2024 10:39:48 GMT
server
nginx/1.24.0
content-length
453
content-type
text/html; charset=utf-8
0
sync.1rx.io/usersync/audigent/ 		0
99 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.1rx.io/usersync/audigent/0?dspret=1&redir=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Funruly%3Fid%3DAU1D-0100-001720262388-O0OKIR77-9QXB%26unruly_id%3D%5BRX_UUID%5D
Requested by
Host: xosodaiphat.com
URL: https://xosodaiphat.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
69.194.240.13 , United States, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://xosodaiphat.com/
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Sat, 06 Jul 2024 10:39:43 GMT
cache-control
no-store, no-cache, must-revalidate
expires
0
son_match
ids.ad.gt/api/v1/
Redirect Chain
  • https://sync.go.sonobi.com/us?https://ids.ad.gt/api/v1/son_match?id=AU1D-0100-001720262388-O0OKIR77-9QXB&uid=[UID]&gdpr=0
  • https://ids.ad.gt/api/v1/son_match?id=AU1D-0100-001720262388-O0OKIR77-9QXB&uid=26a6f122-236e-4b85-b6e7-0ceff7cf1267&gdpr=0
43 B
143 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ids.ad.gt/api/v1/son_match?id=AU1D-0100-001720262388-O0OKIR77-9QXB&uid=26a6f122-236e-4b85-b6e7-0ceff7cf1267&gdpr=0
Requested by
Host: xosodaiphat.com
URL: https://xosodaiphat.com/
Protocol
H2
Server
54.213.6.218 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-213-6-218.us-west-2.compute.amazonaws.com
Software
nginx/1.24.0 /
Resource Hash
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

Accept-Language
en-US,en;q=0.9;q=0.9
Referer
https://xosodaiphat.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Sat, 06 Jul 2024 10:39:48 GMT
cache-control
no-cache
server
nginx/1.24.0
content-length
43
content-type
image/gif

Redirect headers

pragma
no-cache
date
Sat, 06 Jul 2024 10:39:48 GMT
server
sonobi-go
vary
negotiate,Accept-Encoding
x-go-server
go-iad-2-6-91
content-type
text/plain; charset=utf8
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://ids.ad.gt/api/v1/son_match?id=AU1D-0100-001720262388-O0OKIR77-9QXB&uid=26a6f122-236e-4b85-b6e7-0ceff7cf1267&gdpr=0
cache-control
no-cache, no-store, private
tcn
Choice
content-length
0
x-xss-protection
0
expires
Sat, 26 Jul 1997 05:00:00 GMT
ux
ad.360yield.com/ 		43 B
199 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.360yield.com/ux?&publisher_dmp_id=15&r=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fimpr_match%3Fid%3DAU1D-0100-001720262388-O0OKIR77-9QXB%26impr_uid%3D%7BPUB_USER_ID%7D
Requested by
Host: xosodaiphat.com
URL: https://xosodaiphat.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
44.208.217.105 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-208-217-105.compute-1.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://xosodaiphat.com/
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

access-control-allow-origin
*
date
Sat, 06 Jul 2024 10:39:48 GMT
content-type
image/gif
content-length
43
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
collect
analytics.google.com/g/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://analytics.google.com/g/collect?v=2&tid=G-KPB8BPT4XL&gtm=45je4730v867871146za200zb867852407&_p=1720262386055&gcd=13l3l3l3l1&npa=0&dma=0&tag_exp=0&cid=1566292685.1720262387&ul=en-us&sr=1600x1200&uaa=x86&uab=64&uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.126%7CGoogle%2520Chrome%3B126.0.6478.126&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&are=1&frm=0&pscdl=noapi&_eu=AEI&_s=2&sid=1720262386&sct=1&seg=0&dl=https%3A%2F%2Fxosodaiphat.com%2F&dt=KQXS%20-%20X%E1%BB%95%20s%E1%BB%91%20ki%E1%BA%BFn%20thi%E1%BA%BFt%20h%C3%B4m%20nay%20-%20Xo%20So&en=ad_impression&ep.query_id=COvx--OckocDFYpXCAQdUQoBNA&_et=1195&tfd=3519&_z=fetch
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-KPB8BPT4XL&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:820::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://xosodaiphat.com/
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Sat, 06 Jul 2024 10:39:48 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://xosodaiphat.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
envelope
lexicon.33across.com/v1/ 		42 B
58 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://lexicon.33across.com/v1/envelope?pid=0013300001cFpYHAA0&src=aps&ver=1.12.1&us_privacy=1---
Requested by
Host: cdn-ima.33across.com
URL: https://cdn-ima.33across.com/ima.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.244.193.51 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
51.193.244.35.bc.googleusercontent.com
Software
/
Resource Hash
435b1ece4a55f4f8d06866b32c1aee3cc4661eb905265894795f15a57bf1b33d

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform
"Win32"
Referer
https://xosodaiphat.com/
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

date
Sat, 06 Jul 2024 10:39:48 GMT
via
1.1 google
vary
origin
content-type
application/json
access-control-allow-origin
https://xosodaiphat.com
cache-control
private, must-revalidate, max-age=28800
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
pixel.gif
pixel.gliacloud.com/glia_player_media3/ 		43 B
57 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.gliacloud.com/glia_player_media3/pixel.gif?pp=553%2C311.0625%2C231%2C1138&bp=1600%2C1200&wp=1600%2C12260%2C0%2C0&sid=glia-namviet_xosodaiphat_desktop&sk=namviet_xosodaiphat_desktop&si=namviet_xosodaiphat_desktop&sa=namviet_xosodaiphat&pt=YouTube&ab=0&ta=0&pgu=xosodaiphat.com&pv=0.4.58&ul=en-US&cb=0971722537&payload=ea%3Dwaterfall.fallStart%26ofst%3D0
Requested by
Host: xosodaiphat.com
URL: https://xosodaiphat.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.227.207.122 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
122.207.227.35.bc.googleusercontent.com
Software
nginx/1.23.1 /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://xosodaiphat.com/
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 06 Jul 2024 10:39:48 GMT
via
1.1 google
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
server
nginx/1.23.1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
content-type
image/gif
iframe_api
www.youtube.com/ 		993 B
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/iframe_api
Requested by
Host: player.gliacloud.com
URL: https://player.gliacloud.com/p/embed/gc-instream-yt.js?v=0.4.58
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:820::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
96e567e55058088bf057ebeb964b202435a2c745a55f49df106fe22f2a9a8e11
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://xosodaiphat.com/
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 06 Jul 2024 10:39:48 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
content-encoding
br
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info."
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
server
ESF
x-frame-options
SAMEORIGIN
vary
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
content-type
text/javascript; charset=utf-8
report-to
{"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
cache-control
private, max-age=0
origin-trial
AmhMBR6zCLzDDxpW+HfpP67BqwIknWnyMOXOQGfzYswFmJe+fgaI6XZgAzcxOrzNtP7hEDsOo1jdjFnVr2IdxQ4AAAB4eyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTc1ODA2NzE5OSwiaXNTdWJkb21haW4iOnRydWV9
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
cross-origin-opener-policy-report-only
same-origin; report-to="youtube_main"
expires
Sat, 06 Jul 2024 10:39:48 GMT
bridge3.650.0_en.html
imasdk.googleapis.com/js/core/ Frame 15AC 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/core/bridge3.650.0_en.html
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:823::200a , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9;q=0.9
Referer
https://xosodaiphat.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

accept-ranges
bytes
age
165259
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
256340
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy
cross-origin
date
Thu, 04 Jul 2024 12:45:29 GMT
expires
Fri, 04 Jul 2025 12:45:29 GMT
last-modified
Wed, 03 Jul 2024 13:55:11 GMT
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
client.js
s0.2mdn.net/instream/video/ 		44 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/instream/video/client.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80d::2006 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://xosodaiphat.com/
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 06 Jul 2024 10:39:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
16746
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 06 Jul 2024 10:39:48 GMT
omweb-v1.js
pagead2.googlesyndication.com/omsdk/releases/live/ Frame E4B4 		40 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.80.66 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s35-in-f2.1e100.net
Software
sffe /
Resource Hash
5b9cfa0283d9a9f6a909df2b61c9933c11130343f08aec96cdd8f49c29972526
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 06 Jul 2024 09:53:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2777
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13943
x-xss-protection
0
last-modified
Thu, 11 Apr 2024 19:10:13 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="omsdk-team-release-policy"
vary
Accept-Encoding
report-to
{"group":"omsdk-team-release-policy","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/omsdk-team-release-policy"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
expires
Sat, 06 Jul 2024 10:53:31 GMT
flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2
fonts.gstatic.com/s/materialicons/v142/ 		125 KB
126 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/materialicons/v142/flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/icon?family=Material+Icons
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:824::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8265f64786397d6b832d1ca0aafdf149ad84e72759fffa9f7272e91a0fb015d1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://fonts.googleapis.com/
Origin
https://xosodaiphat.com
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 03 Jul 2024 18:04:15 GMT
x-content-type-options
nosniff
age
232533
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
128352
x-xss-protection
0
last-modified
Mon, 08 Apr 2024 19:04:47 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 03 Jul 2025 18:04:15 GMT
JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
fonts.gstatic.com/s/montserrat/v26/ 		32 KB
32 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/montserrat/v26/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat:400,700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:824::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bb2f90081933c0f2475883ca2c5cfee94e96d7314a09433fffc42e37f4cffd3b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://fonts.googleapis.com/
Origin
https://xosodaiphat.com
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 04 Jul 2024 15:39:06 GMT
x-content-type-options
nosniff
age
154842
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
33092
x-xss-protection
0
last-modified
Wed, 13 Sep 2023 22:51:58 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 04 Jul 2025 15:39:06 GMT
c
c.pub.network/v2/ 		36 B
53 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://c.pub.network/v2/c
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/analytics/1.4.2/analytics.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.160.152.31 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
31.152.160.34.bc.googleusercontent.com
Software
/
Resource Hash
148f10a2d7b7465114dc40e598e85f0a3fa5e03bded69412a509d8e2b6b63f5b

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform
"Win32"
Referer
https://xosodaiphat.com/
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
application/json

Response headers

date
Sat, 06 Jul 2024 10:39:48 GMT
via
1.1 google
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
content-type
text/plain;charset=UTF-8
access-control-allow-origin
https://xosodaiphat.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
36
ads
securepubads.g.doubleclick.net/gampad/ 		419 B
179 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2203719768510086&correlator=3726148417463566&eid=31079957%2C31084973%2C31079525%2C31078663%2C31078668%2C31078670&output=ldjh&gdfp_req=1&vrg=202407020101&ptt=17&impl=fifs&gdpr=0&us_privacy=1---&gpp_sid=-1&iu_parts=22529613777%2Cxosodaiphat_sticky_footer&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1%7C300x50%7C320x50%7C468x60%7C728x90%7C970x90%7C1200x90%7C300x100%7C320x100%7C1005x124&ifi=6&didk=808127829&sfv=1-0-40&eri=1&sc=1&cookie=ID%3Da0d1f9afb637c78c%3AT%3D1720262387%3ART%3D1720262387%3AS%3DALNI_Mb7ELf6VTGsufCoyfbWAZoaLwrhaQ&gpic=UID%3D00000a3a2509c96c%3AT%3D1720262387%3ART%3D1720262387%3AS%3DALNI_MYSpSWvjHa6qPThcZqFuZpq6uLRFg&abxe=1&dt=1720262388490&lmt=1720262354&adxs=631&adys=1150&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=-600&dmc=8&bc=31&nvt=1&uach=WyJXaW4zMiIsIjEwLjAuMCIsIng4NiIsIiIsIjEyNi4wLjY0NzguMTI2IixudWxsLDAsbnVsbCwiNjQiLFtbIk5vdC9BKUJyYW5kIiwiOC4wLjAuMCJdLFsiQ2hyb21pdW0iLCIxMjYuMC42NDc4LjEyNiJdLFsiR29vZ2xlIENocm9tZSIsIjEyNi4wLjY0NzguMTI2Il1dLDBd&url=https%3A%2F%2Fxosodaiphat.com%2F&vis=1&psz=338x-1&msz=300x-1&fws=512&ohw=0&psts=AOrYGsno0sjMchl5Tr_HR1sm5CfSRE2PeNcccDmPV0JxG1eT&ga_vid=1566292685.1720262387&ga_sid=1720262387&ga_hid=526396920&ga_fc=true&topics=3&tps=3&htps=10&nt=1&psd=WzE0LG51bGwsbnVsbCwzXQ..&dlt=1720262386025&idt=1238&prev_scp=fsrefresh%3D0%26fsrebid%3D0%26fs_uuid%3D32adf973-389d-4976-815a-0181ec8790d5%26fs_placementName%3Dxosodaiphat_sticky_footer%26fs_ad_product%3DstickyFooter%26amznbid%3D2%26amznp%3D2%26fs-auuid%3Dbb046e51-50d7-41f1-b16e-b95439c96204%26fsbid%3Dtimeout&cust_params=fs_session_id%3D5818661d-67b0-407a-ab68-b0dabc56be8a%26fs_pageview_id%3D3b105bbe3648b068c59d835fbb5d806b%26fsitf%3DY-YYY-YYYY--YYNY------------------------%26user-agent%3DChrome%26floors_user%3D1%26floors_rtt%3D30%26fs_clientservermask%3D22222222220222222222212%26fs_testgroup%3Doptimised&adks=538709195&frm=20&eo_id_str=ID%3D7a9265fec0dbdca1%3AT%3D1720262387%3ART%3D1720262387%3AS%3DAA-AfjY5Oul47E2dvDjxXOF6m_t0
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202407020101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.40.98 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s79-in-f2.1e100.net
Software
cafe /
Resource Hash
a4b91763c6a08450e8194c343096b6b5a6af56c265e0d1022914dad08ffb2ff1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://xosodaiphat.com/
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 06 Jul 2024 10:39:48 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
149
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://xosodaiphat.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
cdb
bidder.criteo.com/ 		0
221 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=36&wv=8.49.3&cb=54201949346&lsavail=1
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-8.49.3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.119.117.6 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform
"Win32"
Referer
https://xosodaiphat.com/
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
content-type
text/plain

Response headers

date
Sat, 06 Jul 2024 10:39:47 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
observe-browsing-topics
?1
vary
Origin
access-control-allow-origin
https://xosodaiphat.com
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
pbjs
htlb.casalemedia.com/openrtb/ 		37 B
312 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=676941
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-8.49.3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0d56f97640ee9571ff5dc7429665d5ce58f3f7f635d6a85a7cc8717bc5873de6

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform
"Win32"
Referer
https://xosodaiphat.com/
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
content-type
text/plain

Response headers

date
Sat, 06 Jul 2024 10:39:48 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
observe-browsing-topics
?1
alt-svc
h3=":443"; ma=86400
content-length
37
pragma
no-cache
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=t4dnIUKBIMvwQRXYpfr2IY1slCxO%2F5EzPsIJixPp6qkjCYPZxFhaByhy7JOfhzz3qGPAPl1Eky2KGhOk12gAlrALxRpmpvbJN3wAW9jTHkQs7RoQGzqDCPath9yE6l7il7FVbczl"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://xosodaiphat.com
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
89eef91849328752-MIA
expires
0
bidRequest
c2shb.pubgw.yahoo.com/ 		2 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-8.49.3.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:2352:af01:fb37:7890:d10:c020 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
a12f5e25ae30d8c245b37c8837654fb78984246eba0a52d29b65f01d23058769
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
x-openrtb-version
2.5
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
content-type
application/json
Referer
https://xosodaiphat.com/
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 06 Jul 2024 10:39:48 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
content-encoding
zstd
access-control-max-age
3600
allow
OPTIONS,POST
access-control-allow-methods
OPTIONS,POST
content-type
application/json
access-control-allow-origin
https://xosodaiphat.com
x-frame-options
SAMEORIGIN
access-control-allow-credentials
true
access-control-allow-headers
x-openrtb-version,Content-Type
content-length
1518
prebid
prebid.media.net/rtb/ 		17 KB
8 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://prebid.media.net/rtb/prebid?cid=8CUJ8GUQF
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-8.49.3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.63.153 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
153.63.120.34.bc.googleusercontent.com
Software
envoy /
Resource Hash
93d85570e7cfd2be5ad7c0be67c5d8859ca566c12a8463c5b804171680a146a3

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform
"Win32"
Referer
https://xosodaiphat.com/
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Sat, 06 Jul 2024 10:39:47 GMT
content-encoding
gzip
via
1.1 google
accept-ch
Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model
server
envoy
observe-browsing-topics
?1
content-type
application/json;charset=utf-8
access-control-allow-origin
https://xosodaiphat.com
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
171
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Sat, 06 Jul 2024 10:39:48 GMT
prebidjs
rtb.openx.net/openrtbb/ 		53 B
222 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://rtb.openx.net/openrtbb/prebidjs
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-8.49.3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.253.211 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
211.253.186.35.bc.googleusercontent.com
Software
/
Resource Hash
71184f84f1d6701e57cfeb3286bab76668221cd67f34fa58448642e4b3f06349

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform
"Win32"
Referer
https://xosodaiphat.com/
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
content-type
text/plain

Response headers

date
Sat, 06 Jul 2024 10:39:47 GMT
content-encoding
gzip
via
1.1 google
observe-browsing-topics
?1
vary
Origin
x-forwarded-for
38.132.118.74
content-type
text/plain
access-control-allow-origin
https://xosodaiphat.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
77
fastlane.json
fastlane.rubiconproject.com/a/api/ 		12 KB
6 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=16924&site_id=500600&zone_id=2983354&size_id=9&alt_size_ids=8&rp_schain=1.0,1!freestar.com,1760,1,,,&eid_audigent.com=0001yum0eabkba98bciae6gibddj96ldclf786khdaabackkc2jl%5E1&eid_pubcid.org=b64e2aa8-6f4c-4ecf-a4fb-5b1ee28bf261%5E1&tpid_tdid=549d8d79-5a7e-4d7f-ac03-6b693aeb00e7&eid_adserver.org=549d8d79-5a7e-4d7f-ac03-6b693aeb00e7&rf=https%3A%2F%2Fxosodaiphat.com%2F&kw=kqxs%2Cxoso%2Cx%E1%BB%95s%E1%BB%91ki%E1%BA%BFnthi%E1%BA%BFt%2Cx%E1%BB%95s%E1%BB%91bami%E1%BB%81n%2Cx%E1%BB%95s%E1%BB%91truy%E1%BB%81nth%E1%BB%91ng%2Cx%E1%BB%95s%E1%BB%91&tg_v.id=a07a17ef-a98b-4fc7-8de1-5ca9415a19ef&tg_i.domain=xosodaiphat.com&tg_i.page=https%3A%2F%2Fxosodaiphat.com%2F&tg_i.name=xosodaiphat-com&tg_i.cat=IAB12&tg_i.sectioncat=IAB12&tg_i.pagecat=IAB12&tg_i.mobile=0&tg_i.fs_optimized=false&tg_i.fs_site=6317&tg_i.fs_ad_product=sideWall&tg_i.pbadslot=%2F22529613777%2Fxosodaiphat_sidewall_left%2Fxosodaiphat_sidewall_left&tk_flint=pbjs_lite_v8.49.3&x_source.tid=edc3e2da-95c4-407c-97c5-546f185e6b29&l_pb_bid_id=52487ec8e6c0f25&p_screen_res=1600x1200&rp_secure=1&x_imp.ext.tid=dea8ab00-79c2-469b-9cb4-1f6567bf612f&rp_maxbids=1&p_gpid=%2F22529613777%2Fxosodaiphat_sidewall_left%2Fxosodaiphat_sidewall_left&m_ch_ua=%22Google%20Chrome%22%7Cv%3D%22126%22%2C%22Not%3AA-Brand%22%7Cv%3D%228%22%2C%22Chromium%22%7Cv%3D%22126%22&m_ch_full_ver=%22Google%20Chrome%22%7Cv%3D%22126%22%2C%22Not%3AA-Brand%22%7Cv%3D%228%22%2C%22Chromium%22%7Cv%3D%22126%22&m_ch_mobile=%3F0&m_ch_platform=Win32&slots=1&rand=0.12149056968891969
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-8.49.3.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c002:200::32 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
a31cb072b27a0f30183015e80c300bd8f569f49897b6c651adf9ff985f43508d

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform
"Win32"
Referer
https://xosodaiphat.com/
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Sat, 06 Jul 2024 10:39:48 GMT
content-encoding
gzip
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://xosodaiphat.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
expires
Wed, 17 Sep 1975 21:32:10 GMT
hbjson
grid.bidswitch.net/ 		24 B
263 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://grid.bidswitch.net/hbjson
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-8.49.3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.119.117.6 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
nginx /
Resource Hash
44c6f96d3cfe5167864bafed398464dddd32b15734b5d92497997cc9451b4361
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform
"Win32"
Referer
https://xosodaiphat.com/
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
content-type
text/plain

Response headers

date
Sat, 06 Jul 2024 10:39:48 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
server
nginx
content-type
application/json
access-control-allow-origin
https://xosodaiphat.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
49
auction
tlx.3lift.com/header/ 		0
0
translator
hbopenbid.pubmatic.com/ 		0
56 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-8.49.3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
207.65.37.179 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform
"Win32"
Referer
https://xosodaiphat.com/
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
https://xosodaiphat.com
date
Sat, 06 Jul 2024 10:39:48 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
prebid
ads.yieldmo.com/exchange/ 		0
223 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ads.yieldmo.com/exchange/prebid?pbav=8.49.3&p=%5B%7B%22placement_id%22%3A%22xosodaiphat_sidewall_left%22%2C%22callback_id%22%3A%2260ffdf8531e5ca5%22%2C%22sizes%22%3A%5B%5B160%2C600%5D%2C%5B120%2C600%5D%5D%2C%22ym_placement_id%22%3A%222662464007037722661%22%2C%22gpid%22%3A%22%2F22529613777%2Fxosodaiphat_sidewall_left%2Fxosodaiphat_sidewall_left%22%2C%22tid%22%3A%22dea8ab00-79c2-469b-9cb4-1f6567bf612f%22%2C%22auctionId%22%3A%22edc3e2da-95c4-407c-97c5-546f185e6b29%22%7D%5D&page_url=https%3A%2F%2Fxosodaiphat.com%2F&bust=1720262388511&dnt=false&description=KQXS%20-%20X%E1%BB%95%20s%E1%BB%91%20ki%E1%BA%BFn%20thi%E1%BA%BFt%20h%C3%B4m%20nay%20-%20T%C6%B0%E1%BB%9Dng%20thu%E1%BA%ADt%20tr%E1%BB%B1c%20ti%E1%BA%BFp%20k%E1%BA%BFt%20qu%E1%BA%A3%20x%E1%BB%95%20s%E1%BB%91%20ba%20mi%E1%BB%81n%20nhanh%20ch%C3%B3ng%2C%20ch%C3%ADnh%20x%C3%A1c%20nh%E1%BA%A5t%20-%20T%E1%BB%95ng%20h%E1%BB%A3p%20x%E1%BB%95%20s%E1%BB%91%20truy%E1%BB%81n%20th%E1%BB%91ng%2C%20Vietlott%20h%C3%A0ng%20ng%C3%A0y.&tmax=986&userConsent=%7B%22gdprApplies%22%3A%22%22%2C%22cmp%22%3A%22%22%2C%22gpp%22%3A%22%22%2C%22gpp_sid%22%3A%5B%5D%7D&us_privacy=&pr=&scrd=1&title=KQXS%20-%20X%E1%BB%95%20s%E1%BB%91%20ki%E1%BA%BFn%20thi%E1%BA%BFt%20h%C3%B4m%20nay%20-%20Xo%20So&w=1600&h=1200&pubcid=b64e2aa8-6f4c-4ecf-a4fb-5b1ee28bf261&tdid=549d8d79-5a7e-4d7f-ac03-6b693aeb00e7&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22freestar.com%22%2C%22sid%22%3A%221760%22%2C%22hp%22%3A1%7D%5D%7D&eids=%5B%7B%22source%22%3A%22audigent.com%22%2C%22uids%22%3A%5B%7B%22id%22%3A%220001yum0eabkba98bciae6gibddj96ldclf786khdaabackkc2jl%22%2C%22atype%22%3A1%7D%5D%7D%2C%7B%22source%22%3A%22pubcid.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%22b64e2aa8-6f4c-4ecf-a4fb-5b1ee28bf261%22%2C%22atype%22%3A1%7D%5D%7D%2C%7B%22source%22%3A%22adserver.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%22549d8d79-5a7e-4d7f-ac03-6b693aeb00e7%22%2C%22atype%22%3A1%2C%22ext%22%3A%7B%22rtiPartner%22%3A%22TDID%22%7D%7D%5D%7D%5D
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-8.49.3.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.84.174.74 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-84-174-74.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform
"Win32"
Referer
https://xosodaiphat.com/
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
https://xosodaiphat.com
pragma
no-cache
date
Sat, 06 Jul 2024 10:39:48 GMT
access-control-allow-credentials
true
x-robots-tag
none,NOINDEX,NOFOLLOW
access-control-allow-methods
POST, GET, OPTIONS
access-control-request-headers
Cache-Control, Pragma
prebid
ib.adnxs.com/ut/v3/ 		15 KB
8 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-8.49.3.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.160.26 Colonia, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
567.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
f232eb3e282727a3fd683ec3510d56ddf47b80570e4a13c976ee960c9aee22ea
Security Headers
Name Value
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform
"Win32"
Referer
https://xosodaiphat.com/
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Sat, 06 Jul 2024 10:39:48 GMT
content-encoding
gzip
an-x-request-uuid
3c3ef627-a864-494a-80f0-b8586933ef06
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
vary
Accept-Encoding
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
application/json; charset=utf-8
access-control-allow-origin
https://xosodaiphat.com
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
38.132.118.74; 38.132.118.74; 567.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
map
bcp.crwdcntrl.net/6/ 		156 B
612 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bcp.crwdcntrl.net/6/map
Requested by
Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/16576/sync.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.208.217.220 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-208-217-220.compute-1.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
b1b9317cb75824c6cefea930c0e75581235ad2a8da972a80cd1af33960cab1bc

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform
"Win32"
Referer
https://xosodaiphat.com/
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Sat, 06 Jul 2024 10:39:48 GMT
server
Jetty(9.4.38.v20210224)
content-type
application/json;charset=utf-8
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
https://xosodaiphat.com
cache-control
no-cache
x-server
10.40.53.81
access-control-allow-credentials
true
content-length
156
expires
0
882.json
id5-sync.com/g/v2/ 		600 B
1014 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/g/v2/882.json
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-8.49.3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.116 Frankfurt am Main, Germany, ASN16276 (OVH, FR),
Reverse DNS
ns31533567.ip-162-19-138.eu
Software
/
Resource Hash
ade7ac4c82d4a3ff060b351571ede4cb43360d9ddb162a5f82b2d65d779fddca
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform
"Win32"
Referer
https://xosodaiphat.com/
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Sat, 06 Jul 2024 10:39:48 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Origin
p3p
CP="CAO PSA OUR"
access-control-allow-origin
https://xosodaiphat.com
content-type
application/json
access-control-allow-credentials
true
expires
Thu, 01 Jan 1970 00:00:00 GMT
pixel;r=213608077;labels=keywords.kqxs%2Ckeywords.xo%20so%2Ckeywords.x%E1%BB%95%20s%E1%BB%91%20ki%E1%BA%BFn%20thi%E1%BA%BFt%2Ckeywords.x%E1%BB%95%20s%E1%BB%91%20ba%20mi%E1%BB%81n%2Ckeywords.x%E1%BB...
pixel.quantserve.com/ 		35 B
953 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.quantserve.com/pixel;r=213608077;labels=keywords.kqxs%2Ckeywords.xo%20so%2Ckeywords.x%E1%BB%95%20s%E1%BB%91%20ki%E1%BA%BFn%20thi%E1%BA%BFt%2Ckeywords.x%E1%BB%95%20s%E1%BB%91%20ba%20mi%E1%BB%81n%2Ckeywords.x%E1%BB%95%20s%E1%BB%91%20truy%E1%BB%81n%20th%E1%BB%91ng%2Ckeywords.x%E1%BB%95%20s%E1%BB%91%2Ctitle.KQXS%20-%20X%E1%BB%95%20s%E1%BB%91%20ki%E1%BA%BFn%20thi%E1%BA%BFt%20h%C3%B4m%20nay%20-%20Xo%20So%2Cauthor.xosodaiphat.com;rf=0;a=p-UeXruRVtZz7w6;url=https%3A%2F%2Fxosodaiphat.com%2F;uht=2;fpan=1;fpa=P0-1330989187-1720262387853;pbc=;ns=0;ce=1;qjs=1;qv=15f23c9a-20240703164903;cm=;gdpr=0;us_privacy=1---;gpp_sid=-1;ref=;d=xosodaiphat.com;dst=0;et=1720262388435;tzo=600;ogl=site_name.X%E1%BB%95%20s%E1%BB%91%20%C4%90%E1%BA%A1i%20Ph%C3%A1t%2Ctitle.KQXS%20-%20X%E1%BB%95%20s%E1%BB%91%20ki%E1%BA%BFn%20thi%E1%BA%BFt%20h%C3%B4m%20nay%20-%20Xo%20So%2Curl.https%3A%2F%2Fxosodaiphat%252Ecom%2F%2Ctype.article%2Clocale.vi_VN%2Cdescription.KQXS%20-%20X%E1%BB%95%20s%E1%BB%91%20ki%E1%BA%BFn%20thi%E1%BA%BFt%20h%C3%B4m%20nay%20-%20T%C6%B0%E1%BB%9Dng%20thu%E1%BA%ADt%20tr%E1%BB%B1c%20ti%E1%BA%BFp%20k%E1%BA%BFt%20qu%E1%BA%A3%20x%E1%BB%95%20s%E1%BB%91%20ba%20mi%E1%BB%81n%20nh%2Cimage.https%3A%2F%2Fcdn%252Exosodaiphat%252Ecom%2Fassets%2Fimages%2Flogo%252Epng;ses=196d79b7-491a-494e-acbd-3eb9639f42dc;mdl=
Requested by
Host: xosodaiphat.com
URL: https://xosodaiphat.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800b:21:a021:b886:81cc:55cf , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://xosodaiphat.com/
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Sat, 06 Jul 2024 10:39:48 GMT
attribution-reporting-register-trigger
{"event_trigger_data":[{"filters":[{"label":["iPwDrZjjOpaw8aERjmEvbw=="],"pcode":["p-UeXruRVtZz7w6"]},{"label":["X2EClZmmRhSjojdlLdaeGw=="],"pcode":["p-UeXruRVtZz7w6"]},{"label":["QTiiAkHWV3LHBnfv24So9g=="],"pcode":["p-UeXruRVtZz7w6"]},{"label":["VeeWK+vBF1wl9AItk55tUA=="],"pcode":["p-UeXruRVtZz7w6"]},{"label":["luZT7mPpCusD68IACkUuAw=="],"pcode":["p-UeXruRVtZz7w6"]},{"label":["pVliaKzMP3rBhzZadauXmQ=="],"pcode":["p-UeXruRVtZz7w6"]},{"label":["IYCo64ghdOw6ggfeWRXjIQ=="],"pcode":["p-UeXruRVtZz7w6"]},{"label":["UTQ7NWGz6huDIFgb7N6BJg=="],"pcode":["p-UeXruRVtZz7w6"]}],"trigger_data":"1"}]}
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type
image/gif
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
35
expires
Fri, 04 Aug 1978 12:00:00 GMT
ecommerce.js
www.google-analytics.com/plugins/ua/ 		1 KB
655 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/plugins/ua/ecommerce.js
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.72.110 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s32-in-f14.1e100.net
Software
sffe /
Resource Hash
8e1b84265e633c043720dd0921476c16bc9f75e393e855c9116ca7c3a847b5c7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://xosodaiphat.com/
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 06 Jul 2024 10:24:16 GMT
content-encoding
br
x-content-type-options
nosniff
age
932
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
630
x-xss-protection
0
last-modified
Thu, 20 Jul 2023 22:48:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Sat, 06 Jul 2024 11:24:16 GMT
ec.js
www.google-analytics.com/plugins/ua/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/plugins/ua/ec.js
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.72.110 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s32-in-f14.1e100.net
Software
sffe /
Resource Hash
058ed961bfe422af7bfc65865f4c08531ec8ace995f8a1ec560a46581cb7712c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://xosodaiphat.com/
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 06 Jul 2024 10:04:55 GMT
content-encoding
br
x-content-type-options
nosniff
age
2093
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1129
x-xss-protection
0
last-modified
Tue, 27 Jun 2023 17:28:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Sat, 06 Jul 2024 11:04:55 GMT
js
www.googletagmanager.com/gtag/ 		253 KB
89 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-FVWZ0RM4DH&l=audDataLayer
Requested by
Host: p.ad.gt
URL: https://p.ad.gt/api/v1/p/474
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.65.168 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s71-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
69a30a181fb8aef3635ffb18653f9ffd3ddf0140d51ba34688464bb6e9c71d26
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://xosodaiphat.com/
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 06 Jul 2024 10:39:48 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
91167
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Sat, 06 Jul 2024 10:39:48 GMT
collect
a.ad.gt/api/v1/ 		0
141 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://a.ad.gt/api/v1/collect
Requested by
Host: p.ad.gt
URL: https://p.ad.gt/api/v1/p/474
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:445 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform
"Win32"
Referer
https://xosodaiphat.com/
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-type
text/plain

Response headers

access-control-allow-origin
https://xosodaiphat.com
date
Sat, 06 Jul 2024 10:39:48 GMT
access-control-allow-credentials
true
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
89eef91978976de0-MIA
vary
Origin
getpixels
pixels.ad.gt/api/v1/ 		0
88 B 		Script
General
Check archive.org
Download Go to
Full URL
https://pixels.ad.gt/api/v1/getpixels?tagger_id=8d826ea3890834c19363fc10ff8feca3&url=https%3A%2F%2Fxosodaiphat.com%2F&code=%27none%27
Requested by
Host: p.ad.gt
URL: https://p.ad.gt/api/v1/p/474
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:445 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://xosodaiphat.com/
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 06 Jul 2024 10:39:49 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
89eef91acf79a4c1-MIA
www-widgetapi.js
www.youtube.com/s/player/5352eb4f/www-widgetapi.vflset/ 		31 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/5352eb4f/www-widgetapi.vflset/www-widgetapi.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/iframe_api
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.80.110 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s36-in-f14.1e100.net
Software
sffe /
Resource Hash
d7a4d3c6bbb813b80afb47a45e75320ff14b02e65ad1ca740d62bcbfb646f2ad
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://xosodaiphat.com/
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 06 Jul 2024 10:38:38 GMT
content-encoding
br
x-content-type-options
nosniff
age
70
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
10362
x-xss-protection
0
last-modified
Tue, 02 Jul 2024 04:25:50 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Sun, 06 Jul 2025 10:38:38 GMT
VERPqcmO16E
www.youtube.com/embed/ Frame 3007 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/embed/VERPqcmO16E?playsinline=1&autoplay=0&fs=0&disablekb=1&modestbranding=1&rel=0&enablejsapi=1&origin=https%3A%2F%2Fxosodaiphat.com&widgetid=1
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/5352eb4f/www-widgetapi.vflset/www-widgetapi.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81e::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9;q=0.9
Referer
https://xosodaiphat.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
br
content-type
text/html; charset=utf-8
cross-origin-opener-policy-report-only
same-origin; report-to="youtube_main"
cross-origin-resource-policy
cross-origin
date
Sat, 06 Jul 2024 10:39:49 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
origin-trial
AmhMBR6zCLzDDxpW+HfpP67BqwIknWnyMOXOQGfzYswFmJe+fgaI6XZgAzcxOrzNtP7hEDsOo1jdjFnVr2IdxQ4AAAB4eyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTc1ODA2NzE5OSwiaXNTdWJkb21haW4iOnRydWV9
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma
no-cache
report-to
{"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
server
ESF
strict-transport-security
max-age=31536000
vary
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-content-type-options
nosniff
x-xss-protection
0
pbcas
ads.yieldmo.com/ Frame B324 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.yieldmo.com/pbcas?us_privacy=&gdpr=0&gdpr_consent=&type=iframe
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-8.49.3.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.200.12.207 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-200-12-207.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

Accept-Language
en-US,en;q=0.9;q=0.9
Referer
https://xosodaiphat.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

accept-ch
Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Model,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile
access-control-allow-headers
Cache-Control, Pragma, *
access-control-allow-methods
POST, GET, OPTIONS
access-control-allow-origin
*
content-encoding
gzip
content-type
text/html;charset=utf-8
date
Sat, 06 Jul 2024 10:39:48 GMT
pragma
no-cache
vary
accept-encoding
async_usersync.html
acdn.adnxs.com/dmp/ Frame E93C 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-8.49.3.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.45.192.247 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-45-192-247.deploy.static.akamaitechnologies.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash

Request headers

Accept-Language
en-US,en;q=0.9;q=0.9
Referer
https://xosodaiphat.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

Access-Control-Allow-Origin
*
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Sat, 06 Jul 2024 10:39:49 GMT
ETag
W/"623de86a-cf34"
Expires
Sun, 07 Jul 2024 10:39:51 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame C456 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156696
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-8.49.3.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.45.193.13 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-45-193-13.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash

Request headers

Accept-Language
en-US,en;q=0.9;q=0.9
Referer
https://xosodaiphat.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

accept-ranges
bytes
cache-control
max-age=124143
content-encoding
gzip
content-length
5492
content-type
text/html
date
Sat, 06 Jul 2024 10:39:48 GMT
expires
Sun, 07 Jul 2024 21:08:51 GMT
last-modified
Wed, 05 Jun 2024 06:37:38 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
ixmatch.html
js-sec.indexww.com/um/ Frame 32F0 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://js-sec.indexww.com/um/ixmatch.html
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-8.49.3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.38.76 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept-Language
en-US,en;q=0.9;q=0.9
Referer
https://xosodaiphat.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

age
25
cache-control
public, max-age=14400
cf-cache-status
HIT
cf-ray
89eef91c8a1431dd-MIA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Sat, 06 Jul 2024 10:39:49 GMT
expires
Sat, 06 Jul 2024 14:39:49 GMT
last-modified
Mon, 25 Jul 2022 19:18:19 GMT
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
server
cloudflare
vary
Accept-Encoding
checksync.php
contextual.media.net/ Frame 6493 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUJ8GUQF&prvid=590%2C233%2C157%2C2027%2C159%2C2026%2C236%2C357%2C237%2C556%2C117%2C359%2C97%2C55%2C99%2C56%2C59%2C3012%2C3010%2C201%2C246%2C4%2C521%2C126%2C203%2C446%2C326%2C404%2C9%2C2099%2C173%2C294%2C251%2C175%2C450%2C178%2C3017%2C214%2C3016%2C337%2C338%2C459%2C339%2C77%2C38%2C261%2C262%2C461%2C222%2C542%2C345%2C543%2C226%2C468%2C10000%2C80%2C108%2C229%2C109%2C307%2C82&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-8.49.3.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.200.196.24 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-200-196-24.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
en-US,en;q=0.9;q=0.9
Referer
https://xosodaiphat.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

alt-svc
h3=":443"; ma=93600
cache-control
max-age=172800
content-encoding
gzip
content-length
12855
content-type
text/html; charset=UTF-8
date
Sat, 06 Jul 2024 10:39:49 GMT
expires
Mon, 08 Jul 2024 10:39:49 GMT
p3p
CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
server
Apache
strict-transport-security
max-age=31536000
vary
Accept-Encoding
x-mnet-hl2
E
usync.html
eus.rubiconproject.com/ Frame F06F 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-8.49.3.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.200.198.128 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-200-198-128.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash

Request headers

Accept-Language
en-US,en;q=0.9;q=0.9
Referer
https://xosodaiphat.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
224
Content-Type
text/html; charset=UTF-8
Date
Sat, 06 Jul 2024 10:39:49 GMT
ETag
"2052a-10d-6142d69a886c0"
Last-Modified
Thu, 21 Mar 2024 15:32:19 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding
pd
freestar-d.openx.net/w/1.0/ Frame 376C
Redirect Chain
  • https://freestar-d.openx.net/w/1.0/pd
  • https://freestar-d.openx.net/w/1.0/pd?cc=1
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://freestar-d.openx.net/w/1.0/pd?cc=1
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-8.49.3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash

Request headers

Accept-Language
en-US,en;q=0.9;q=0.9
Referer
https://xosodaiphat.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
733
content-type
text/html
date
Sat, 06 Jul 2024 10:39:49 GMT
p3p
CP="CUR ADM OUR NOR STA NID"
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
via
1.1 google

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
date
Sat, 06 Jul 2024 10:39:48 GMT
location
https://freestar-d.openx.net/w/1.0/pd?cc=1
p3p
CP="CUR ADM OUR NOR STA NID"
server
OXGW/0.0.0
via
1.1 google
sync
eb2.3lift.com/ Frame AFEC
Redirect Chain
  • https://eb2.3lift.com/sync?
  • https://eb2.3lift.com/sync?&ld=1
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://eb2.3lift.com/sync?&ld=1
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-8.49.3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.71.139.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash

Request headers

Accept-Language
en-US,en;q=0.9;q=0.9
Referer
https://xosodaiphat.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

cache-control
no-cache, no-store, must-revalidate
content-length
1072
content-type
text/html; charset=utf-8
date
Sat, 06 Jul 2024 10:39:49 GMT
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

cache-control
no-cache, no-store, must-revalidate
content-length
0
date
Sat, 06 Jul 2024 10:39:49 GMT
location
/sync?&ld=1
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
sync
x.bidswitch.net/ 		43 B
235 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/sync?ssp=themediagrid
Requested by
Host: xosodaiphat.com
URL: https://xosodaiphat.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
35.211.178.172 North Charleston, United States, ASN15169 (GOOGLE, US),
Reverse DNS
172.178.211.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://xosodaiphat.com/
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Sat, 06 Jul 2024 10:39:48 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
publishertag.prebid.144.js
static.criteo.net/js/ld/ 		96 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.144.js
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-8.49.3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a00b::4 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
nginx /
Resource Hash
66776998b10e583a72f8fd29391a50e2c80eb3bc9a65b0dafe97e576d7d88507
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://xosodaiphat.com/
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 06 Jul 2024 10:39:49 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Fri, 27 Oct 2023 06:43:26 GMT
server
nginx
etag
W/"653b5c0e-1811e"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sun, 07 Jul 2024 10:39:49 GMT
c
c.pub.network/v2/ 		36 B
53 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://c.pub.network/v2/c
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/analytics/1.4.2/analytics.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.160.152.31 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
31.152.160.34.bc.googleusercontent.com
Software
/
Resource Hash
148f10a2d7b7465114dc40e598e85f0a3fa5e03bded69412a509d8e2b6b63f5b

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform
"Win32"
Referer
https://xosodaiphat.com/
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
application/json

Response headers

date
Sat, 06 Jul 2024 10:39:48 GMT
via
1.1 google
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
content-type
text/plain;charset=UTF-8
access-control-allow-origin
https://xosodaiphat.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
36
/
fundingchoicesmessages.google.com/f/AGSKWxVb1fm0lK86VMBrk1jXqB7A-rI9xmLLVDmVOSf6qUVPhc7A3w7y2mVsY5JkkYBbKWlrblBLG-WG_xLk8mkIDn9KZhqr5a6PUECNm3qTj8pwwjDfiADV-2Jw44ByAQ2oqMW3aAHG71Ku5IUDcDM52vS1waOIW... 		54 B
109 B 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxVb1fm0lK86VMBrk1jXqB7A-rI9xmLLVDmVOSf6qUVPhc7A3w7y2mVsY5JkkYBbKWlrblBLG-WG_xLk8mkIDn9KZhqr5a6PUECNm3qTj8pwwjDfiADV-2Jw44ByAQ2oqMW3aAHG71Ku5IUDcDM52vS1waOIWtkivxTjvAAAAPjHll6XR-WjiO37bSU0/_/ad/?host=/ad-600-/banners_rotation./inc_ad_/ad-api-
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.KpwW8BT5xCI.es5.O/d=1/exm=kernel_loader,loader_js_executable/ed=1/rs=AJlcJMyNMyDnYXUa11dwMrEr88Z_6LiXWg/m=ad_blocking_detection_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.80.110 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s36-in-f14.1e100.net
Software
ESF /
Resource Hash
bc1312423ab1484c4b63fe13107bf1d00490f8fedfecb2da41f6bd399779f147
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-VH91RkdVrjFPGuTJSCJayQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://xosodaiphat.com/
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 06 Jul 2024 10:39:48 GMT
content-security-policy
script-src 'report-sample' 'nonce-VH91RkdVrjFPGuTJSCJayQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
reporting-endpoints
default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzjCtDikmII1pBiOO90h-k6EEt8fcmkBcRO6TNYQ4DYp34GaxwQt948xzodiD8_Psf6G4iT_p1nLQHiJREXWY8kXmQ9-Pgi60kgFuLh-LJ3yRY2gR9rDl5lVtJIyi-MT87PKynKTCotyS9KS05LLU4tKkstijcyMDIxMDcw1DMwjy8wAAAbyTqN"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
expires
Mon, 01 Jan 1990 00:00:00 GMT
lidar.js
pagead2.googlesyndication.com/pagead/js/ 		85 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/lidar.js?fcd=true
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.KpwW8BT5xCI.es5.O/d=1/exm=kernel_loader,loader_js_executable/ed=1/rs=AJlcJMyNMyDnYXUa11dwMrEr88Z_6LiXWg/m=ad_blocking_detection_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.80.66 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s35-in-f2.1e100.net
Software
cafe /
Resource Hash
0e4b38ad7e35f3b75be62478386d02486572d91f48aeb674c50f0b417a73ada6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://xosodaiphat.com/
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 06 Jul 2024 09:42:53 GMT
content-encoding
br
x-content-type-options
nosniff
age
3415
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
30799
x-xss-protection
0
server
cafe
etag
30843925580550886
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=3600
timing-allow-origin
*
expires
Sat, 06 Jul 2024 10:42:53 GMT
AGSKWxWZtO65VpEFoqROfOgwXAdt4wZekxC_l3WgrnupFj66xCnO8-9Hwd-LI6ECeUKUjk5ighePUZHNr0heF1emh-G0JyzCm-tUVZpRlNjZYRaM7rb9wPW_g6xCYdYou4Ki1XIa9_3_iA==
fundingchoicesmessages.google.com/el/ 		0
28 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxWZtO65VpEFoqROfOgwXAdt4wZekxC_l3WgrnupFj66xCnO8-9Hwd-LI6ECeUKUjk5ighePUZHNr0heF1emh-G0JyzCm-tUVZpRlNjZYRaM7rb9wPW_g6xCYdYou4Ki1XIa9_3_iA==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.KpwW8BT5xCI.es5.O/am=GAY/d=1/rs=AJlcJMyVqgfvVK3kYS1nZ1Hxkf7pChwMDQ/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.80.110 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s36-in-f14.1e100.net
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-Ij1dzDUdFgVvvn6x9U3BEw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform
"Win32"
Referer
https://xosodaiphat.com/
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 06 Jul 2024 10:39:49 GMT
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-Ij1dzDUdFgVvvn6x9U3BEw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
reporting-endpoints
default="/_/ContributorLoggingHttp/web-reports?context=eJzjUtDikmLw1ZBicEqfwRoCxJ8fn2P9DcRLIi6yHkm8yCrEzfF175ItbAIfrp0NVHJJyi-MT87PK0nNK9FNTCnWBbGLMpNKS_KLUNipZSAVOfnp6Zl56fFGBkYmBuYGhnoG5vEFBgBYsiwT"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
content-type
text/html; charset=utf-8
access-control-allow-origin
https://xosodaiphat.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options
SAMEORIGIN
expires
Mon, 01 Jan 1990 00:00:00 GMT
pixel
googleads.g.doubleclick.net/xbbe/ Frame 1DD5 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CPDkLxCz8jkYuoz02QEwAQ&v=APEucNWGj4j4l6GbbSyVijluNJlF5z4MCLla2F3CgO7J3yuoES4xDuZN7WHc2AYaBSk6LA2fPwBFycyJixEyYmoq-QORGkkUWA
Requested by
Host: xosodaiphat.com
URL: https://xosodaiphat.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.40.226 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s39-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9;q=0.9
Referer
https://xosodaiphat.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
234
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 06 Jul 2024 10:39:49 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
dv3.js
pagead2.googlesyndication.com/pagead/js/ Frame 0BC8 		99 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/dv3.js
Requested by
Host: xosodaiphat.com
URL: https://xosodaiphat.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.80.66 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s35-in-f2.1e100.net
Software
cafe /
Resource Hash
4b69a3f605576e2a0cdb6abd74d3efdf893c4b6124ace390559d62437b9553d7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://xosodaiphat.com/
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 06 Jul 2024 10:39:49 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35122
x-xss-protection
0
server
cafe
etag
2418474175030562626
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=600
timing-allow-origin
*
expires
Sat, 06 Jul 2024 10:39:49 GMT
86a128e0-cf19-445b-a6c0-0f284e3734da
a5588.casalemedia.com/impression/v2/676941/85/cq4htspi4i2bvnc2l400/ Frame 0BC8 		43 B
303 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a5588.casalemedia.com/impression/v2/676941/85/cq4htspi4i2bvnc2l400/86a128e0-cf19-445b-a6c0-0f284e3734da?verifieD=1&userID=&cmpro=0&deviceType=2&expiryTime=1720262988&profileIDs=&creativeID=2fa541b&pubID=184310&format=banner&channel=site
Requested by
Host: xosodaiphat.com
URL: https://xosodaiphat.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
209.204.229.29 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://xosodaiphat.com/
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Pragma
no-cache
Date
Sat, 06 Jul 2024 10:39:49 GMT
Server
Apache
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=500
Content-Length
43
Expires
0
gen_204
pagead2.googlesyndication.com/pagead/ Frame 0BC8 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-BCV1jNASohPBPUTG1ct5TrwQXiQjDs32CpQ084azX_-8ZpaKPfYkGa-ksSG8bAiZUJbkVvNxxLrtoPQmb8PPqLNmZ2Ah2BRfBeJrrUeA3kzFCxgwk
Requested by
Host: xosodaiphat.com
URL: https://xosodaiphat.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.80.66 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s35-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://xosodaiphat.com/
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Sat, 06 Jul 2024 10:39:49 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
protected-by.clarium.io/ Frame 0BC8 		68 B
244 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://protected-by.clarium.io/pixel?tag=wt_cWFLdHh1TDFLUl8yVGZtejBObVBhQXVkc0JjL2l4OjcyOHg5MA==&v=5&s=v31i23q1red&id=eyJwcmViaWQiOnsiYWRJZCI6IjY1NjNiMmEyZjk0M2VmNiIsImNwbSI6MS4xNSwicyI6Inhvc29kYWlwaGF0X3N0aWNreV9mb290ZXIiLCJzcmMiOiJjbGllbnQifSwidHBfY3JpZCI6IlBCOml4OzQ5OTU5OTYzIiwiYWRvbWFpbiI6ImJpdGRlZmVuZGVyLmNvbSJ9&cb=8869801&h=xosodaiphat.com&d=eyJ3aCI6ImNXRkxkSGgxVERGTFVsOHlWR1p0ZWpCT2JWQmhRWFZrYzBKakwybDRPamN5T0hnNU1BPT0iLCJ3ZCI6eyJrIjp7ImhiX2JpZGRlciI6WyJpeCJdLCJoYl9zaXplIjpbIjcyOHg5MCJdfX0sIndyIjowfQ==
Requested by
Host: xosodaiphat.com
URL: https://xosodaiphat.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.84.106.137 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-84-106-137.compute-1.amazonaws.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
69539b5b3777cffda28a66d7f2aa9b17c91ee1ec8fd50c00c442af91753a60f7

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://xosodaiphat.com/
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

content-type
image/png
pragma
no-cache
date
Sat, 06 Jul 2024 10:39:49 GMT
cache-control
no-store, no-cache, must-revalidate, max-age=0
server
nginx/1.18.0 (Ubuntu)
expires
Sat, 26 Jul 1997 05:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		45 KB
18 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2203719768510086&correlator=3726148417463566&eid=31079957%2C31084973%2C31079525%2C31078663%2C31078668%2C31078670&output=ldjh&gdfp_req=1&vrg=202407020101&ptt=17&impl=fifs&gdpr=0&us_privacy=1---&gpp_sid=-1&iu_parts=22529613777%2Cxosodaiphat_sidewall_left&enc_prev_ius=%2F0%2F1&prev_iu_szs=200x600%7C160x600%7C120x600&ifi=7&didk=1095697252&sfv=1-0-40&eri=1&sc=1&cookie=ID%3Da0d1f9afb637c78c%3AT%3D1720262387%3ART%3D1720262387%3AS%3DALNI_Mb7ELf6VTGsufCoyfbWAZoaLwrhaQ&gpic=UID%3D00000a3a2509c96c%3AT%3D1720262387%3ART%3D1720262387%3AS%3DALNI_MYSpSWvjHa6qPThcZqFuZpq6uLRFg&abxe=1&dt=1720262389314&lmt=1720262354&adxs=5&adys=120&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=3&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=-600&dmc=8&bc=31&nvt=1&uach=WyJXaW4zMiIsIjEwLjAuMCIsIng4NiIsIiIsIjEyNi4wLjY0NzguMTI2IixudWxsLDAsbnVsbCwiNjQiLFtbIk5vdC9BKUJyYW5kIiwiOC4wLjAuMCJdLFsiQ2hyb21pdW0iLCIxMjYuMC42NDc4LjEyNiJdLFsiR29vZ2xlIENocm9tZSIsIjEyNi4wLjY0NzguMTI2Il1dLDBd&url=https%3A%2F%2Fxosodaiphat.com%2F&vis=1&psz=200x-1&msz=200x-1&fws=516&ohw=200&psts=AOrYGslXqzWxZnMwa10HhsoG5C0a%2CAOrYGsno0sjMchl5Tr_HR1sm5CfSRE2PeNcccDmPV0JxG1eT&ga_vid=1566292685.1720262387&ga_sid=1720262387&ga_hid=526396920&ga_fc=true&topics=3&tps=3&htps=10&nt=1&psd=WzE0LG51bGwsbnVsbCwzXQ..&dlt=1720262386025&idt=1238&prev_scp=fsrefresh%3D0%26fsrebid%3D0%26fs_uuid%3Df737e542-9c2d-4e34-9957-cf2d59ae0889%26fs_placementName%3Dxosodaiphat_sidewall_left%26fs_ad_product%3DsideWall%26amznbid%3D2%26amznp%3D2%26fsbid%3D0%26fs-auuid%3Dedc3e2da-95c4-407c-97c5-546f185e6b29%26hb_auction_id%3Dedc3e2da-95c4-407c-97c5-546f185e6b29%26freestar_path%3D%252F%26freestar_domain%3Dxosodaiphat.com%26custom_bidder_size%3Drubicon_160x600%26hb_format%3Dbanner%26hb_size%3D160x600%26hb_pb%3D0.16%26hb_adid%3D84c2f3530cc4375%26hb_bidder%3Drubicon&cust_params=fs_session_id%3D5818661d-67b0-407a-ab68-b0dabc56be8a%26fs_pageview_id%3D3b105bbe3648b068c59d835fbb5d806b%26fsitf%3DY-YYY-YYYY--YYNY------------------------%26user-agent%3DChrome%26floors_user%3D1%26floors_rtt%3D30%26fs_clientservermask%3D22222222220222222222212%26fs_testgroup%3Doptimised&adks=3238035190&frm=20&eo_id_str=ID%3D7a9265fec0dbdca1%3AT%3D1720262387%3ART%3D1720262387%3AS%3DAA-AfjY5Oul47E2dvDjxXOF6m_t0
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202407020101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.40.98 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s79-in-f2.1e100.net
Software
cafe /
Resource Hash
15d5cd69c0971061f8e3b2245372809acead41fe04d1e90f63b4cc1ca92b3dde
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://xosodaiphat.com/
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 06 Jul 2024 10:39:49 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
18366
x-xss-protection
0
google-lineitem-id
6526902640
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138463673168
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://xosodaiphat.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
AGSKWxWZtO65VpEFoqROfOgwXAdt4wZekxC_l3WgrnupFj66xCnO8-9Hwd-LI6ECeUKUjk5ighePUZHNr0heF1emh-G0JyzCm-tUVZpRlNjZYRaM7rb9wPW_g6xCYdYou4Ki1XIa9_3_iA==
fundingchoicesmessages.google.com/el/ 		0
28 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxWZtO65VpEFoqROfOgwXAdt4wZekxC_l3WgrnupFj66xCnO8-9Hwd-LI6ECeUKUjk5ighePUZHNr0heF1emh-G0JyzCm-tUVZpRlNjZYRaM7rb9wPW_g6xCYdYou4Ki1XIa9_3_iA==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.KpwW8BT5xCI.es5.O/am=GAY/d=1/rs=AJlcJMyVqgfvVK3kYS1nZ1Hxkf7pChwMDQ/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.80.110 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s36-in-f14.1e100.net
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-nr9SpwDCsgPY9hJT4fZFDQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform
"Win32"
Referer
https://xosodaiphat.com/
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 06 Jul 2024 10:39:49 GMT
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-nr9SpwDCsgPY9hJT4fZFDQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
reporting-endpoints
default="/_/ContributorLoggingHttp/web-reports?context=eJzjUtDikmII1JBicEqfwRoCxJ8fn2P9DcRLIi6yHkm8yCrEw_F175ItbAIf9t96wajkkpRfGJ-cn1eSmleim5hSrAtiF2UmlZbkF6GwU8tAKnLy09Mz89LjjQyMTAzMDQz1DMzjCwwAlYkspg"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
content-type
text/html; charset=utf-8
access-control-allow-origin
https://xosodaiphat.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options
SAMEORIGIN
expires
Mon, 01 Jan 1990 00:00:00 GMT
bounce
id5-sync.com/ 		30 B
233 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/bounce
Requested by
Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.116 Frankfurt am Main, Germany, ASN16276 (OVH, FR),
Reverse DNS
ns31533567.ip-162-19-138.eu
Software
/
Resource Hash
b04cd869cfd41a48c006458f71969a0eb26f33fec12f3cfe00408f8b73bf3ff8
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://xosodaiphat.com/
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

access-control-allow-origin
https://xosodaiphat.com
date
Sat, 06 Jul 2024 10:39:49 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-credentials
true
vary
Origin
content-type
text/plain;charset=utf-8
v1
lb.eu-1-id5-sync.com/lb/ 		33 B
274 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://lb.eu-1-id5-sync.com/lb/v1
Requested by
Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.117 Frankfurt am Main, Germany, ASN16276 (OVH, FR),
Reverse DNS
ns31533568.ip-162-19-138.eu
Software
/
Resource Hash
c75a030e4897c932d6108eda470a4bd00a7295e71a2ff7e9b8d9b767d5604795
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://xosodaiphat.com/
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

access-control-allow-origin
https://xosodaiphat.com
date
Sat, 06 Jul 2024 10:39:49 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
content-type
application/json;charset=UTF-8
c
c.pub.network/v2/ 		36 B
53 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://c.pub.network/v2/c
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/analytics/1.4.2/analytics.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.160.152.31 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
31.152.160.34.bc.googleusercontent.com
Software
/
Resource Hash
148f10a2d7b7465114dc40e598e85f0a3fa5e03bded69412a509d8e2b6b63f5b

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform
"Win32"
Referer
https://xosodaiphat.com/
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
application/json

Response headers

date
Sat, 06 Jul 2024 10:39:49 GMT
via
1.1 google
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
content-type
text/plain;charset=UTF-8
access-control-allow-origin
https://xosodaiphat.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
36
c
c.pub.network/v2/ 		36 B
53 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://c.pub.network/v2/c
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/analytics/1.4.2/analytics.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.160.152.31 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
31.152.160.34.bc.googleusercontent.com
Software
/
Resource Hash
148f10a2d7b7465114dc40e598e85f0a3fa5e03bded69412a509d8e2b6b63f5b

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform
"Win32"
Referer
https://xosodaiphat.com/
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
application/json

Response headers

date
Sat, 06 Jul 2024 10:39:49 GMT
via
1.1 google
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
content-type
text/plain;charset=UTF-8
access-control-allow-origin
https://xosodaiphat.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
36
AGSKWxWZtO65VpEFoqROfOgwXAdt4wZekxC_l3WgrnupFj66xCnO8-9Hwd-LI6ECeUKUjk5ighePUZHNr0heF1emh-G0JyzCm-tUVZpRlNjZYRaM7rb9wPW_g6xCYdYou4Ki1XIa9_3_iA==
fundingchoicesmessages.google.com/el/ 		0
28 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxWZtO65VpEFoqROfOgwXAdt4wZekxC_l3WgrnupFj66xCnO8-9Hwd-LI6ECeUKUjk5ighePUZHNr0heF1emh-G0JyzCm-tUVZpRlNjZYRaM7rb9wPW_g6xCYdYou4Ki1XIa9_3_iA==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.KpwW8BT5xCI.es5.O/am=GAY/d=1/rs=AJlcJMyVqgfvVK3kYS1nZ1Hxkf7pChwMDQ/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.80.110 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s36-in-f14.1e100.net
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-ZQT7I2I5n88TQoF76-gfHQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform
"Win32"
Referer
https://xosodaiphat.com/
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 06 Jul 2024 10:39:49 GMT
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-ZQT7I2I5n88TQoF76-gfHQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
reporting-endpoints
default="/_/ContributorLoggingHttp/web-reports?context=eJzjUtDikmLw1JBicEqfwRoCxJ8fn2P9DcRLIi6yHkm8yCrEw_F175ItbAITpjx_w6jkkpRfGJ-cn1eSmleim5hSrAtiF2UmlZbkF6GwU8tAKnLy09Mz89LjjQyMTAzMDQz1DMzjCwwAblAsJA"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
content-type
text/html; charset=utf-8
access-control-allow-origin
https://xosodaiphat.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options
SAMEORIGIN
expires
Mon, 01 Jan 1990 00:00:00 GMT
AGSKWxWZtO65VpEFoqROfOgwXAdt4wZekxC_l3WgrnupFj66xCnO8-9Hwd-LI6ECeUKUjk5ighePUZHNr0heF1emh-G0JyzCm-tUVZpRlNjZYRaM7rb9wPW_g6xCYdYou4Ki1XIa9_3_iA==
fundingchoicesmessages.google.com/el/ 		0
28 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxWZtO65VpEFoqROfOgwXAdt4wZekxC_l3WgrnupFj66xCnO8-9Hwd-LI6ECeUKUjk5ighePUZHNr0heF1emh-G0JyzCm-tUVZpRlNjZYRaM7rb9wPW_g6xCYdYou4Ki1XIa9_3_iA==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.KpwW8BT5xCI.es5.O/am=GAY/d=1/rs=AJlcJMyVqgfvVK3kYS1nZ1Hxkf7pChwMDQ/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.80.110 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s36-in-f14.1e100.net
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-ilMPNN_Zj1wRxQFtkIN_FA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform
"Win32"
Referer
https://xosodaiphat.com/
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 06 Jul 2024 10:39:49 GMT
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-ilMPNN_Zj1wRxQFtkIN_FA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
reporting-endpoints
default="/_/ContributorLoggingHttp/web-reports?context=eJzjUtDikmJw1ZBicEqfwRoCxJ8fn2P9DcRLIi6yHkm8yCrEw_F175ItbAIfFvx_y6jkkpRfGJ-cn1eSmleim5hSrAtiF2UmlZbkF6GwU8tAKnLy09Mz89LjjQyMTAzMDQz1DMzjCwwAk0gspQ"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
content-type
text/html; charset=utf-8
access-control-allow-origin
https://xosodaiphat.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options
SAMEORIGIN
expires
Mon, 01 Jan 1990 00:00:00 GMT
AGSKWxWgEwnfYQseNFBhzeXitQf5iz_yPfOJtIX3IjvJf4HLFW3QaiCpTokiKrsBR3ZBkyjmxfzOBst-xth3YfS5KkWAXMTj6mTr2t_8vWeUr6mZXrPClJDjltIJfsNPcu5Hrnrx_YZeGg==
fundingchoicesmessages.google.com/f/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxWgEwnfYQseNFBhzeXitQf5iz_yPfOJtIX3IjvJf4HLFW3QaiCpTokiKrsBR3ZBkyjmxfzOBst-xth3YfS5KkWAXMTj6mTr2t_8vWeUr6mZXrPClJDjltIJfsNPcu5Hrnrx_YZeGg==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzIwMjYyMzg5LDM4NDAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsNl0sbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLG51bGwsMV0sImh0dHBzOi8veG9zb2RhaXBoYXQuY29tLyIsbnVsbCxbWzgsIktwd1c4QlQ1eENJIl0sWzksImVuLVVTIl0sWzE4LCJbW1swXV1dIl0sWzIyLCJmYWxzZSJdLFsxOSwiMiJdXV0
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.KpwW8BT5xCI.es5.O/am=GAY/d=1/rs=AJlcJMyVqgfvVK3kYS1nZ1Hxkf7pChwMDQ/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.80.110 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s36-in-f14.1e100.net
Software
ESF /
Resource Hash
b4884388342defd9d0f4d5a3dec3c2b49dc8a30ff88da67ff8e58ea10e755b81
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-sGAhYvzm8qdQyq1e69LQuw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://xosodaiphat.com/
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 06 Jul 2024 10:39:49 GMT
content-security-policy
script-src 'report-sample' 'nonce-sGAhYvzm8qdQyq1e69LQuw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
reporting-endpoints
default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzjCtDikmJw0ZBiOO90h-k6EEt8fcmkBcRO6TNYQ4DYp34GaxwQt948xzodiD8_Psf6G4iT_p1nLQHiJREXWY8kXmQ9-Pgi60kgFuLh-Lp3yRY2gRNbznxhVNJIyi-MT87PKynKTCotyS9KS05LLU4tKkstijcyMDIxMDcw1DMwjy8wAAATzzp_"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin
*
expires
Mon, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 0BC8 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=9049393941142&version=m202406030101
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.80.66 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s35-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://xosodaiphat.com/
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Sat, 06 Jul 2024 10:39:49 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 0BC8 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=9049393941142&version=m202406030101&ct=76&x=13&cor=8664946375698046000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.80.66 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s35-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://xosodaiphat.com/
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Sat, 06 Jul 2024 10:39:49 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad
googleads.g.doubleclick.net/dbm/ Frame 0BC8 		95 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BGPltbYFaDNdqlyqAWJtBThNFv7U13zkAGnI--XSk-9F3F2Vgq86M2gGygo1KJycOTlL54EZHG_I1iVaDsLVdWsNpxXVQ__ooBc8UenKQ6Pt8i4HRP063KKfFviYJ2omXgBGP9i9T9MVS2txRv1M27aDXsMNkn9XzZYrbCAhZUm6v18e9ZrVfBpv0U4esX0-aKlFTq6jPPt6xoh_HAL_gcnER8_dVBVrFVZiUG8MN39mrlHIE&dbm_d=AKAmf-AfjSG23YqsOip60x51xTODq019ERKxCp_xIS6K2hyqyU7cIM7XD8sI_wIn29jaFy3TJ4A6aNdX7Cl3pnP3rc6eEbYy3pWjhF0GRoxwjuUmpGXbIVQxsEuhlu2DbCrFRls1D-D40PaE-b_Y9t9KrLqcogpdrNow2f5_e3JXj9vVFZKoyzydkKEbxH4m1M07MAkWndUUrKKiyNuf88dN3uJGqvU0zvxQSFkwUnflOLlE5zPopHeX97J3duE40K81P_BJ07UjEGc-J3vBmTm9Y2N7ViSjm7f9d5khFPbat3d8Q1t1H6mYZ-7Ci9wDB22PHSY_tQsXUnJ55GyL3T1rPP-R4CdNvC7ISHhXqO_yIpBZYk1hcYZ6JKnwb5ObrTMXxYBQgYIoO4tvLdpHB7ICAEkmNfYrYmwNklva7CN01zMIqLA2hqPnwdzlJ9u_Eo8PL0ZE_mjGqNmjaaE8u9AqOdRE7Zyis015ABsfmNno1KRi8q3OSHHSKWIroAMI-qxHYfoTXn13dKtxmLOOddw4PaaQ7__vUpU25_ZYJ4U5DRyDsyZHwyoGfOTBBcvLXwU52WlEmZWK1qf5mGPtqceMzYyxak2iz0reFc-pmPEjf-5lSsmuuycbWbtn6bNYrCMfPrxHi896iCIzPrz2IlsfspkodqxZnlOjHu9K84iUJ8alF04VQkLMvBlLJtCZBBiavx31xn7E-PBo7o6-FpO70msQnk1gxbrTmAPpjfRsTeRVQ98a992suU8QICFNWNcoLbDHRGfHi22zLQ_HFbO3cFBkEl5Sr5RgffSyYtbRWVNk6twv3_Fb1kzOW7JSHlnKl4wOjAb0tv77N59f49JynE7z6d-bvawx4SMX6xk-ut3dX1iD_MnQ8IHL3mr4yCBjzaGdmZwnEfzELIPVI7sSp4iOWbkkmt0WWr3KksUZVIzJMdKR3Pl3oHs2y_xYhNheEQrlpd7yUWCF5BlBa1i-D9XUy0YBv2j1b8BFiWr7Cy1Az7u14qmJjPw69fbXJ1mLCYHp9q7JW38vgRvhiECzQAOsJQmoojk8Wz1bsxNy4e7p4XN3ItU2avP4P7aQ4-sHIJ1-ElF4jfLfEFqpVoDplBzdi6JgqQLKPB0anNZcXtaT6GA8GIjIIIX6As3J6_bmkYLYzg-SpVcrEe9TuaW8ax8SUK4q76icYXGeSMlzT4CVzkiznPkRqvoSLMymddQIludMrS1RMxhqFuIRCz82kl-Sn-_CbcyUsbSU0I7-yaN0F3Jo5XprSa_AX-meAwpCmMhkSVRhyY5umLVuB5H60ohb4vRcpQ8LVKbt5kywQASMmdC7R7SDfOfZJbADBpIjpGQmTzXKvA_PVMJAFiGxvhTBpXfHuLxWOlf7zLWGXwS9W5RgGGRq0rOHeCXjdtakkvW7r5djUXDWyq6-czIJYJmC_gJwK49EQrVlPtmr7R1SxvBu_vOG8h9VTTcrWTu-ZGLB-BP5NT59uHx4V0c40ryAtrHpLbnhPX6Zc9vYpiHt0UP_ra3687yZSGgXdqdEOtrVNhCnWF8bLSRbTucMaR1-7MnXrt8Hq1nKDVFmZWSqIv3WOF0IYCuOl4NcMglChccS1oKduGR4cvIpv5JD1D0okp67buAZL2ZLyc-JKhp5Y0VV7gFzLC1o4fe9acfnZcz4bd4tbG1hwjHFTlwW4K6T8G1EWI6NLAQmvqo81m0ZW7xnUlwYi76sjCudrXEsMcerv0mC87XJyH3zzNfDaTvmHDokyfkuAMLiYGYTCVGx6bxoE5IimdJUkBwYXbc7ds9PuPhhhVQrlFneRuoWvlWfooVXrMRVp8cH_bclYh4gPu_S7XLoejWdQMe2pszKvdNFj-1Rw2NKTfWV3EMcndoFiAHmmL8yhYKWfDH1M2ZlS7J1M5asOKM_9aAFpRdjV59ZnYTRHxy7QWXZjgikKTQh8VdOczYKgQdQfaIbY0_1kKLf7bZZDYu0XNMhBdmeuZpU1U_0h1zIGWEabBNxzjEKJ6wVJU_fZs83KQRihfwC_bVpMNo7HE3Br5JuZI7vdVUpBoMhjs22OU0KgCl2OcGXuTTE4ZRYl_dsJWbATNc36y3h9OaqpF3pG7kX0lJw9Xo0FBB4mrSbR7l12bZ1OyCZGytK0FFNfjeVaVT___5yHRu8jJpbeYFKBKwKU9QPAGvRDE5Mp_eUmVz27FjZk1Aceb0NE55fBis9MVa6bi-CwB8XFdVN_erSrluqYeJSEA2b4lWQceI3kwO9qkNhYAd-QJNiUEJImv6w1HkB2Se_WJ0ncbYnl8XOE1sYFzXhHuD4iGyKmSwSz2u6kS_J6giOsjcLLO4CfDrjzFipudlUxhPh_CtKyxbZn2UYs0T3kCQHCz3I7-aT_odO4WJO4tCTj16peZsr4q9SvWofz6hFkbmFV0LsZCjtN-Zb5lcNZ9yUpV6fd9-xqJ0cyJw27Ont5FiUoHlUT1dQ90YwRQAA1o7-XZnucKbBQyA7pcTsZKDYRddFQTXDgwUUb0QExJ7VdFG6OckpAmiVM11mzf7kvynO01znS5skdoncqfY83WduBKoUSkkEQ0qXw21MlOdAUflgwLO-Ob5lkYj2yOVBJKoF1DnUj1Vd5TUoP_8x9uZenRyEoC2JClabHy8OwI2KWngYmypoDauEfBhbSkSBz_ezJE8ox_xeRMJaPUvTgQZRtLZat-hdiZ6BBon_LhFCKWrwOiNNkRWATVMxERAXZSqLfBXvfMfIBnQ3LItDMK--bKeAkW7rqSSXpXTVJQmv8noJRLqRVYUe5h7mrJYsJn7ErlzWbcEP18aOhzx-5ysvY3lu1NwyqAx0hcEdKM6ygeopgd9midubOIkZbMSxgK3REEOLqRf-QUzPp0ckEkgKYDbA10pPnPt7Si19I8Eo2MyIMWo2PgLUPswYM1pkztuelJr5I1GDKSFwlrZBctjMQcngcRcxCc27IV4NJTpQM6AeNdA9z73YpfWbmsFPK31gPM7_6Or64eodzRlXkzRlu-TZbu7hl-XnZHxtUCcvnQqhGqGONaZhBNduZuPwpPqs13IvTep6hrNbLzqxbVRUtHJXVZRaHO-x-GkvJaqW3cOu1-5CmjCBUoF-cnXh06ROW5CTirhaRs_eixrbPrAgozDRcziQforisdm8GNKfhUALGtR-qBWro6f0aQPavMnCecPAiEYg9jRBwurpMUh0ebyhA_5GCsAr0dfYO9ZPn69L9f7yFXkg83s8ZYSCBjLMpYmxvkcf53dGMCHg4s-eWOcNgY-hx9y32585oGtLBOmwGoYwHnIAcOCAZ_IFJA4b6VPET14zOaITBvbLNtOtcxZ1Tc2AoL0YmMwSgF-x2SbpR-MdlJOB0R1NWKIiJ5OiTlLaB6f7_4fLOp0p8SNH1CZRUzbU4dvbA8QN-CTprNC55dn0HowaLzCLBaDmfjAgwOYGqTK8MmivW7Wr9TV7ZWQ3IeoXHyfeWfNAPO5SlekIYFjTUerhAz0OZ6vv4hfjF9_ueJKUEH5_KlCcB1NhjpBl8ywmkC-ptTCa1TYITyfZZ9x_hyG8TXn9FHGRBUPttkCcUNszVRSeolL8kYpQmdYPLMCALUDJlJR4qJ3Kg-WtVaDdu9X787VmKLVzG-zX06_446jLNz-ltSxqXsDEsz5hs3fVGuwbKiDMdoRcHln_MsNWumk3hdQo3D9OhDCmD3Fbysm40MO2-W3T83Oy5td2lFcD0BSoQ4aWeMkSfpnRuYh-zbrvqmOjVV4WUUYxKZQ&pr=13%3AZoke9AAAAACCOcteN55sIcjqfrNABTk-js8djw&cid=CAQSMgDaQooLJiS5vcluxHm84JAN8XVrcCGj3gPAy7coKFgrfLSqg_cYaMBpBQZKaIvy1cgGGAE&uach=WyJXaW4zMiIsIjEwLjAuMCIsIng4NiIsIiIsIjEyNi4wLjY0NzguMTI2IixudWxsLDAsbnVsbCwiNjQiLFtbIk5vdC9BKUJyYW5kIiwiOC4wLjAuMCJdLFsiQ2hyb21pdW0iLCIxMjYuMC42NDc4LjEyNiJdLFsiR29vZ2xlIENocm9tZSIsIjEyNi4wLjY0NzguMTI2Il1dLDBd&dv3_ver=m202406030101&nel=1&rfl=https%3A%2F%2Fxosodaiphat.com%2F&ds=l&xdt=0&iif=1&cor=8664946375698046000&adk=3146324369&idt=386&cac=0&dtd=54
Requested by
Host: xosodaiphat.com
URL: https://xosodaiphat.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.40.226 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s39-in-f2.1e100.net
Software
cafe /
Resource Hash
a1e423bb8d539311a608bee82a39532c8caa7feb29a4e95c26a0ce7dbf13d60b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://xosodaiphat.com/
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Sat, 06 Jul 2024 10:39:49 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
41116
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
AGSKWxWZtO65VpEFoqROfOgwXAdt4wZekxC_l3WgrnupFj66xCnO8-9Hwd-LI6ECeUKUjk5ighePUZHNr0heF1emh-G0JyzCm-tUVZpRlNjZYRaM7rb9wPW_g6xCYdYou4Ki1XIa9_3_iA==
fundingchoicesmessages.google.com/el/ 		0
28 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxWZtO65VpEFoqROfOgwXAdt4wZekxC_l3WgrnupFj66xCnO8-9Hwd-LI6ECeUKUjk5ighePUZHNr0heF1emh-G0JyzCm-tUVZpRlNjZYRaM7rb9wPW_g6xCYdYou4Ki1XIa9_3_iA==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.KpwW8BT5xCI.es5.O/am=GAY/d=1/rs=AJlcJMyVqgfvVK3kYS1nZ1Hxkf7pChwMDQ/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.80.110 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s36-in-f14.1e100.net
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-7AC9mLvclnA5VVeZjAuuuA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform
"Win32"
Referer
https://xosodaiphat.com/
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 06 Jul 2024 10:39:49 GMT
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-7AC9mLvclnA5VVeZjAuuuA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
reporting-endpoints
default="/_/ContributorLoggingHttp/web-reports?context=eJzjUtDikmLw15BicEqfwRoCxJ8fn2P9DcRLIi6yHkm8yCrEw_F175ItbAITtkx6xqTkkpRfGJ-cn1eSmleim5hSrAtiF2UmlZbkF6GwU8tAKnLy09Mz89LjjQyMTAzMDQz1DMzjCwwAYIor8A"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
content-type
text/html; charset=utf-8
access-control-allow-origin
https://xosodaiphat.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options
SAMEORIGIN
expires
Mon, 01 Jan 1990 00:00:00 GMT
AGSKWxUPaKjWXLsS-G9JQ7ePPhCZc5h4Ld2O5X5XKR1dff6YayUn_QQBjDoQdlO9IYXRIVQLFBPzcBjkeV2sZ2giq-wZeNeBVfpnJuU3FaLmI2Z7IIDWfmfKWZ2w5aqgdZ_oGV_a5C7awA==
fundingchoicesmessages.google.com/f/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxUPaKjWXLsS-G9JQ7ePPhCZc5h4Ld2O5X5XKR1dff6YayUn_QQBjDoQdlO9IYXRIVQLFBPzcBjkeV2sZ2giq-wZeNeBVfpnJuU3FaLmI2Z7IIDWfmfKWZ2w5aqgdZ_oGV_a5C7awA==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzIwMjYyMzg5LDY4ODAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsNiwxMF0sbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLG51bGwsMV0sImh0dHBzOi8veG9zb2RhaXBoYXQuY29tLyIsbnVsbCxbWzgsIktwd1c4QlQ1eENJIl0sWzksImVuLVVTIl0sWzE4LCJbW1swXV1dIl0sWzIyLCJmYWxzZSJdLFsxOSwiMiJdXV0
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.KpwW8BT5xCI.es5.O/am=GAY/d=1/rs=AJlcJMyVqgfvVK3kYS1nZ1Hxkf7pChwMDQ/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.80.110 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s36-in-f14.1e100.net
Software
ESF /
Resource Hash
0aa031394ba5dcf9b550d3c1ce30e1ffd748307577ae7bbbdf0045abcb0a8d45
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-exI2i1SAGJzV94vHIyT9Ng' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://xosodaiphat.com/
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 06 Jul 2024 10:39:49 GMT
content-security-policy
script-src 'report-sample' 'nonce-exI2i1SAGJzV94vHIyT9Ng' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
reporting-endpoints
default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzjCtDikmLw1pBiOO90h-k6EEt8fcmkBcRO6TNYQ4DYp34GaxwQt948xzodiD8_Psf6G4iT_p1nLQHiJREXWY8kXmQ9-Pgi60kgFuLh-Lp3yRY2gQ9Xp79mUtJIyi-MT87PKynKTCotyS9KS05LLU4tKkstijcyMDIxMDcw1DMwjy8wAAAZ_zqS"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin
*
expires
Mon, 01 Jan 1990 00:00:00 GMT
v3
id5-sync.com/gm/ 		668 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/gm/v3
Requested by
Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.116 Frankfurt am Main, Germany, ASN16276 (OVH, FR),
Reverse DNS
ns31533567.ip-162-19-138.eu
Software
/
Resource Hash
e58dca8876c5149b643df59aac69a7d43e5a333ffbcf77a3f766bb37ffcd5ce9
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform
"Win32"
Referer
https://xosodaiphat.com/
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 06 Jul 2024 10:39:49 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Origin
p3p
CP="CAO PSA OUR"
access-control-allow-origin
https://xosodaiphat.com
content-type
application/json
access-control-allow-credentials
true
expires
Thu, 01 Jan 1970 00:00:00 GMT
c
c.pub.network/v2/ 		36 B
53 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://c.pub.network/v2/c
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/analytics/1.4.2/analytics.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.160.152.31 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
31.152.160.34.bc.googleusercontent.com
Software
/
Resource Hash
148f10a2d7b7465114dc40e598e85f0a3fa5e03bded69412a509d8e2b6b63f5b

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform
"Win32"
Referer
https://xosodaiphat.com/
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
application/json

Response headers

date
Sat, 06 Jul 2024 10:39:49 GMT
via
1.1 google
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
content-type
text/plain;charset=UTF-8
access-control-allow-origin
https://xosodaiphat.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
36
view
securepubads.g.doubleclick.net/pcs/ Frame AE5C 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuT9GCyCNNN3zLRB62ukJDyCaz_VuelMaa0O0zbP9iVPo9799aIcuskTY2n2dyT-VmdIXyHycCc1CVHPy6KCy3QWo8W38u2IobmcS2uzrmZ2laXruRmnIustQYf_yA9B5hpLo6jmFp1j3vvuaSpr1Gr9b6dPeujK5zxAMfYOGhw3It65z32bgKIuFYKokTYkSOfgJZ4yijzHtcjDHE7e_AkxR9_GqPbOzwpiCAZEdAQEH7uyxdm75lKwrQK8FYuP893l59iXjxASNZCpvntDyuTGNgC2ywzhyXYTPxWEWJB7q_NTUqkoU88zsqbpgGSIUVZw6jkI5RU18hN_ghS5JfcH2ZgEFVr3wgG8KIaDC0HLwLAsh6q4svp2LxRr5FXnFNzoIlGyyPaJZJrSQiA8lvv&sai=AMfl-YT51Cb1SBCKQmanmuytzDJ6EoWzsYG1soGp5q0l1XOmWlLlirNqSEM3pKLhuNaB2E5KP-Mozvh56rBT-mJxpOd7ArDhAFOJ-oq1JPCBcGklqLzX50YKKIWVa3uxgP0&sig=Cg0ArKJSzBKk3LUuH-J_EAE&uach_m=%5BUACH%5D&urlfix=1&adurl=
Requested by
Host: xosodaiphat.com
URL: https://xosodaiphat.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.40.98 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s79-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://xosodaiphat.com/
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 06 Jul 2024 10:39:49 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240702/r20110914/ Frame AE5C 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240702/r20110914/abg_lite_fy2021.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202407020101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80c::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
679e233357e93a4f4d15bc2e62d33e0048a978a5ddd57a78ad1203d614b0773a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://xosodaiphat.com/
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 05 Jul 2024 14:25:24 GMT
content-encoding
br
x-content-type-options
nosniff
age
72866
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9191
x-xss-protection
0
server
cafe
etag
8778699909409299010
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 19 Jul 2024 14:25:24 GMT
pixel
googleads.g.doubleclick.net/xbbe/ Frame F407 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CP-1ygIQq87LAhixypyUAjAB&v=APEucNWF13jb_7zTkvVpcUdx19AaEJ-gjSwW47r9Pd2X5MqYzFGngfNiDOYrZPbOyd0MnYFYBVb7IQp6axwDOKG-tSLJFA8KSw
Requested by
Host: xosodaiphat.com
URL: https://xosodaiphat.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.40.226 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s39-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9;q=0.9
Referer
https://xosodaiphat.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
170
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 06 Jul 2024 10:39:50 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
dv3.js
pagead2.googlesyndication.com/pagead/js/ Frame AE5C 		99 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/dv3.js
Requested by
Host: xosodaiphat.com
URL: https://xosodaiphat.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.80.66 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s35-in-f2.1e100.net
Software
cafe /
Resource Hash
4b69a3f605576e2a0cdb6abd74d3efdf893c4b6124ace390559d62437b9553d7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://xosodaiphat.com/
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 06 Jul 2024 10:39:49 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35122
x-xss-protection
0
server
cafe
etag
2418474175030562626
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=600
timing-allow-origin
*
expires
Sat, 06 Jul 2024 10:39:49 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame AE5C 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-Dn0_3YVFOtFoJGAby6HurrEfnGO9E9L7-HgQRiddIiVkPQWpYiY8d3eyFGVY0qozNoK3hNt_38N_JZJOKQVy1_EfTXRWkhPTkUrgHGpoJ7b3gZ3gk
Requested by
Host: xosodaiphat.com
URL: https://xosodaiphat.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.80.66 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s35-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://xosodaiphat.com/
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Sat, 06 Jul 2024 10:39:50 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
e83042a5-2d27-4616-b7c4-ae0086191b5f
beacon-iad2.rubiconproject.com/beacon/d/ Frame AE5C 		43 B
227 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beacon-iad2.rubiconproject.com/beacon/d/e83042a5-2d27-4616-b7c4-ae0086191b5f?oo=0&accountId=16924&siteId=500600&zoneId=2983354&sizeId=9&e=6A1E40E384DA563B0304C9BFDA12D15E3C1DC009910A7CCFD42E756CA94C1C7B6ABD6E9387FDABBF9EC3ED2BE76641D61C084CBD9223F08FEC453689F20FE45ABB9674A7F7C7AB0E656D6BB7E33B0DBC69A6ECEEE6A9488CF1CC3C1E32DF08275BA4B7CE7EFD03FB031E5A33D6615831C462FF4226EE847E0EAC43E8703D10AC6D2EDA147CFD43AA6135086E7DDD7C3D4B54DC7445615BF4A836719B6BEF277DBFFB859EE12B791037235FF16BEE5B7BDDC5A906A560752942584CA04B63589D
Requested by
Host: xosodaiphat.com
URL: https://xosodaiphat.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c002:200::24 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://xosodaiphat.com/
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Sat, 06 Jul 2024 10:39:50 GMT
x-content-type-options
nosniff
x-frame-options
DENY
content-type
image/avif
cache-control
private, max-age=0, no-cache
content-length
43
x-xss-protection
1; mode=block
expires
01 Jan 1970 10:00:00 GMT
ufs_web_display.js
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame AE5C 		205 KB
63 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202407020101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.80.66 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s35-in-f2.1e100.net
Software
cafe /
Resource Hash
066bf781659af09bb40a24a7d87dd2310c2324c9619e347c6d6d05c00ffeb182
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://xosodaiphat.com/
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 06 Jul 2024 10:10:58 GMT
content-encoding
br
x-content-type-options
nosniff
age
1732
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
64446
x-xss-protection
0
server
cafe
etag
vary
Accept-Encoding
content-type
text/javascript; charset=ISO-8859-1
cache-control
public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Sat, 06 Jul 2024 11:10:58 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame AE5C 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=5389814665055&version=m202406030101
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.80.66 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s35-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://xosodaiphat.com/
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Sat, 06 Jul 2024 10:39:50 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame AE5C 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=5389814665055&version=m202406030101&ct=76&x=8&cor=3952625930970695000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.80.66 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s35-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://xosodaiphat.com/
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Sat, 06 Jul 2024 10:39:50 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad
googleads.g.doubleclick.net/dbm/ Frame AE5C 		94 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AcR_bXvwfeqPnXOd-lze3TqiLz7JqBIihEpG8vyGZh8U0oAkb-JMxtoYqx-hhFp2QL-yKVEprW-rDZrhly0x0rmaLbfTpo0KmBYqK-SN1C2grZHMCPHuIdoQ-dFv509M5kPz0VoBxVBwZdJYFllncrA9SDzOuNBmsPTDR2D8usdIxAUY0j33z5i6PmhNPyd8HlZnLwonhUKM7RH2mP1oswQvtT21otVhEy19Q7_mU1G3CMNBg&dbm_d=AKAmf-Dyafd-6H6VPYl-7E1wWbf-9bZ1fESfbkvWhnqiTZd1L-wb9G0GOq6yw79naNZ1VmsKGhHjyQk4k7eM6ZxwvbRe55rhsirjYSKUgNd2ivtgIn4_WmnFAMo2LE3NFkbDswBLW140iZkTKgpzdeVliBBNwIHDPEXhbO5-rw8RmBvtLhl_VPqjQFiolxtZBb2mOFCtd1H6Q0Z_HwVn0_D96tG2qSDyEn3Ph_fk9ULS3Fraw-nObVFDvxtC2tJ9LNUTt2unrJ8fEi62pCCjE6YrL3EsPmPiekygcmXZFT3rVy5M3PIcJJ0TvGPpgxDwFqzeTJ2OfZYh1LdNChWN07q4JApT_7nzGwBiXHrB_-BY_qfoRJ9RCXbVVyG0PvmaE8bffjz76u0lQSeIHoe6K8tiRxzYLvjn4GUo-gMyX1IiKe3KSHRB8mETPIq5lSPicslPaA-W-wQsVTIBjimfXz2uE1vaciy7GW1VNOULqzkH5mogizQ1QKxhGlg1GpcARYsCS7UKQ55svzcYncn3Kp1R6iWz8GVXRJN3nMGVMlyK93FwBU2dZB-XizaeE72mlrDuJe1A_yFs4Qfqzn0z1Ri1QT4y0urLi81LfWwtMdbjP7vyyMXyEgTcua7mMtXVeQigCIBlZLijyjwU7bRtkNisALBPYmArMkpA8P6cGbLRB-lsB00X4GT3izB4BspshqkL5SvxA6SfDUSuWS7pb9qP_mjNbREiXy0r6Yxn1A0TMaHffBmFZXvSWoBg9rWadbnwFB6dTl2qG29WRMgt616vgKUS1g7tbI5CRX_h607KCIUdgMFlywkNDuike6u2aa-_thpVsirUv25EuhTVWTxSZpOeRZGfvDlMWf42lQ-EsN6JAIPiUfypvPTtnCUmSOqFaHYYYOsqS3NYmuK2Nqyp-tDoDalkAKIBqhK4NWGKBMsambxJjjmYyNn3wrW-88XMZdoJPvzUstQIL46tBP_Wk6KkbD1t5VJKZjG16V66GdgUP5dLuzrogVsqcji5ydsI_f5xI36Gajq9YQNdklIccmX3aspHacC5HxOoe9wOVggEM7ZzrbUjFg9BxX5CvBj2UbZznVimlxLOKgPt1kP26PtTaKYhTwhRHeUaFfPTs8gaq3720IazMaLOYua5oDiImJIqIIL1iLr8mkT8TJDp5QCthtgE_nyhUvp4khuuOG2smPQloFwzf47ztZfPvuwSwwYcFLJqCu9B8yhYUfJxcpPQUv9TOHYZOjEwbFbQKEMb2ee0-6J0UqqJcfasvxf3a-FhE1pNAntr1jeAEkhfBoLLKMv24hsrnEXu8Xvl7HK50T4d7jjcLEdAupAog9I-W-xxXQHwEbF45YOH0vvUJPa5PQKoqTwGmvwRUgaDtfjjS3HTBI1a8YUbiPXzamtdKuxOyum2TiuZrJxHx3BFhpcvCaa0LR8DVvuegpKzH0wd4nOxlNc84UuHdRz6gIIJQH9P0j2DBSIKEW1qjYogb8FmzDwK9rjZ2tuNjK4G8IWcdsjwjzqRJ3uGL4jrOV8sAI6vy4Zcvdq8Dme7ZcNggSbRFRdhrzGQ483KRk6CRm_r_ffAMFSz43rLyp0XivPzz4wawMPkMRmY3IeYARg4P6pKdiFxMmtjBMEppkM-HADwLjCJ7RGAmCSgX0SsY2dAgOGtjdMLaFEPMMhTeEJTTraY53D2vJ58FFca9B2bMXKuyRpftwlRUfi-bgwN2DdoHgd5EEGAoQ809YJWtNO7aEfCEQsADJbwWtRqjD78Uvw8IZWJJKvo8kwgUZOLxvdG1qTgtPuPDWw1lNR1ohiEsbLRGgR2NXkLb51wGXRe6C0EvE7N10bYZScGhK368pEZVdOAP0QyTwVClnpODZnJDCLnPpaKu-8I8XCIlZsvnipRcN2cWST7--xrmhMsR6dAElLVMks3KCNw8qKbjdI83TZAcOVpwduM0Q90va-r-CL5Zoglnb5dpm7T4yrm_OcxKytr9CwsKKF56Ng4xMVV9ZGfBLE2010Snm1LiWZO79GEO_3XpNWtD87bmzFwZJapbS3FvT6i_aa4p2vnsarqv6YPnsEEbNINiu6HioainavtR5AxprN6Li1oO72EC71hNVjV3j6GIlKehxFhXJHa6QJaNCjgCoj1tLlwEn0X4tH4no6Bym5tRBELen5rT3snacqgKs7OzDpogzc7SQNythwxnCqdISRTpRUAwbpX7plcouiqrMBPs5JrqL_DvSVB4vnLtdvKmgmHlj-IWhWqOVHmhhXUFRGa-9IndA3ljFbT-sjCbSET1blhJRgslPgR1NAf3f3HRx6vouO2hmCt3fH8QHV-0o7dviC7oMfgv7puKlZpmyqK0aWE8RoWWc45pGdeAETP9UgRpTq4TtEF0aFiiXJhijAag5G8Sz0wUXVaDQmvBeKVwRPq4VJQcQX18UgHkgjDYeHNTxKrLKYl24-k0c9cuUbMlQcT3LT1sEP2ilAnSTg3ioLKkQmmGzie3APV7iXY1bF2ggvIT0jLswJRoc_bjLu9JeVenEjRQzH0XDG5XSWAm00k0-HhTH2JNkoLxVdyZVIaF2OzFYs5zU3qTThmPByOhaYgdBnEOxeDbOtu6CvM87xqSkuzXtkHpYJXQpEKX1zl5EkKM9q007Yptaa4DN5Dt0Z6WTipynoiGn2rXunACxy-rCCb-dizrUmZLTZP3cg0zVX3BIJkCTcCjEBiv5UAAgT6Ik1fPgyVMuWvrTxPtBtlf5Y7XYcG6_SvyZeFR__3ehMpGIOi9f3hPUvYaeFtG0n0sOK9ySgD-ZtT2-yKW-i7bKqbM-lGrv3fiLv17e71GpnFgdNCnYJj-wuCEaSTRMMK0evKeIY1A3D1o7pjwlZickQyXjwpGjDjDN_lWdH0yspuF834npSm5uGJcey633pBdMpf5SZ6k32p5Mfr_ZZ62wSn3j_CT2RT-yaLCNu2XTYU2KzbLG0ilLLlADf2Jt53zvo5zdTt-A6DgOajkrUSvkakszO3MjY1LT2-rNpncwACBKsYvfHldFpsWC-XIP4aYryfyXfEpcl1YWv60pDLuLi5WwSylZjgD7HHiH8jND08tF9R6g8o_dF_lxQnAXcCflPuz2ZNFxPGfX9JEhqLErm-b3a4djBmLmmQx4KQZU7ODgkxqeegLRaiu3gvTWxo-M_oRXoQ7XfU3FvUf0qKyjQ0w6au01wpISxFDxXge2fqQVa1NB46X6wwYI7pjEHNXnsUzpp297_wcux_1PtQ0OMJeEv6tm5xNt5G5AYBQ4L5g_x3gpi_nWxcWz1xi4KYyEJ7mvEBaFcQh21DvzgN7B2r7Gvx57rbp392q7vb93L7Ut_dWGbZMUyuuXmuj67U4EPhl391poxT8NbXhcKk5f-mWeLDlYbL23SnND28TwnManuFKi0tswElxk-e7uDpDo6L2IHcmvlgFG1CKZj3BxqD_9CsisKGW-kQGpg0c2hNtC2YQeLdaqdEmsK7AMBszclevq40XTUmkvvUX0BazjxaUJCsuIf1FVNgCmgTB-DG_n2caBclcq6-lJIad7JGEz_M-3rgRxKBBTTJtU63A5tBbfzh4KSGr1vvjQYShyWM5ay4Iuu51zbxcQ-gHa8hkxOEqJSg00lWKcC21jooofYqXC8gglJr984DuAS9JkmVY4mSWqcs_TlkimTx7z-vF5vSQzucjUWPyx0iGN6AWqzet0X3YQUPXIvpetSX6TEwcCmkwTt-UT0ZkbBedOw8hsFUQNQ1a1o2eDIwJ1-OBeXrSJmWBlQqxD5m&pr=8%3A236867B6F220604A&cid=CAQSSQDaQooLPhkB-VtDtcYZm7izquR3Wl-EDbcpaClXeAp_3oFhPaOlPizb-O-EtsFPihkHfcU9Xn3AISMX8H1_Cjf-qTvgDfgm98UYAQ&uach=WyJXaW4zMiIsIjEwLjAuMCIsIng4NiIsIiIsIjEyNi4wLjY0NzguMTI2IixudWxsLDAsbnVsbCwiNjQiLFtbIk5vdC9BKUJyYW5kIiwiOC4wLjAuMCJdLFsiQ2hyb21pdW0iLCIxMjYuMC42NDc4LjEyNiJdLFsiR29vZ2xlIENocm9tZSIsIjEyNi4wLjY0NzguMTI2Il1dLDBd&dv3_ver=m202406030101&nel=1&rfl=https%3A%2F%2Fxosodaiphat.com%2F&ds=l&xdt=0&iif=1&cor=3952625930970695000&adk=3678944739&dtd=81
Requested by
Host: xosodaiphat.com
URL: https://xosodaiphat.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.40.226 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s39-in-f2.1e100.net
Software
cafe /
Resource Hash
316e4e1717995d5487e376f8f42409f584d886dab449da0bace8bccaa94f80a8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://xosodaiphat.com/
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Sat, 06 Jul 2024 10:39:50 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
40627
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
protected-by.clarium.io/ Frame AE5C 		68 B
243 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://protected-by.clarium.io/pixel?tag=wt_cWFLdHh1TDFLUl8yVGZtejBObVBhQXVkc0JjL3J1Ymljb246MTYweDYwMA==&v=5&s=v31i23q1s6b&id=eyJwcmViaWQiOnsiYWRJZCI6Ijg0YzJmMzUzMGNjNDM3NSIsImNwbSI6MC4xNiwicyI6Inhvc29kYWlwaGF0X3NpZGV3YWxsX2xlZnQiLCJzcmMiOiJjbGllbnQifSwidHBfY3JpZCI6IlBCOnJ1Ymljb247MjI0OTo1NzkyODIyMjUiLCJhZG9tYWluIjoiY2FycGFydHMuY29tIn0%3D&cb=1614612&h=xosodaiphat.com&d=eyJ3aCI6ImNXRkxkSGgxVERGTFVsOHlWR1p0ZWpCT2JWQmhRWFZrYzBKakwzSjFZbWxqYjI0Nk1UWXdlRFl3TUE9PSIsIndkIjp7ImsiOnsiaGJfYmlkZGVyIjpbInJ1Ymljb24iXSwiaGJfc2l6ZSI6WyIxNjB4NjAwIl19fSwid3IiOjB9
Requested by
Host: xosodaiphat.com
URL: https://xosodaiphat.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.84.106.137 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-84-106-137.compute-1.amazonaws.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
69539b5b3777cffda28a66d7f2aa9b17c91ee1ec8fd50c00c442af91753a60f7

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://xosodaiphat.com/
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

content-type
image/png
pragma
no-cache
date
Sat, 06 Jul 2024 10:39:50 GMT
cache-control
no-store, no-cache, must-revalidate, max-age=0
server
nginx/1.18.0 (Ubuntu)
expires
Sat, 26 Jul 1997 05:00:00 GMT
collect
analytics.google.com/g/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://analytics.google.com/g/collect?v=2&tid=G-KPB8BPT4XL&gtm=45je4730v867871146za200zb867852407&_p=1720262386055&gcd=13l3l3l3l1&npa=0&dma=0&tcfd=10000&tag_exp=0&cid=1566292685.1720262387&ul=en-us&sr=1600x1200&uaa=x86&uab=64&uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.126%7CGoogle%2520Chrome%3B126.0.6478.126&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&are=1&frm=0&pscdl=noapi&_eu=AEI&_s=3&sid=1720262386&sct=1&seg=0&dl=https%3A%2F%2Fxosodaiphat.com%2F&dt=KQXS%20-%20X%E1%BB%95%20s%E1%BB%91%20ki%E1%BA%BFn%20thi%E1%BA%BFt%20h%C3%B4m%20nay%20-%20Xo%20So&en=ad_impression&ep.query_id=CMuG_OOckocDFQiuOgUdQbYKlQ&_et=402&tfd=5360&_z=fetch
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-KPB8BPT4XL&l=dataLayer&cx=c
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.239.32.181 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://xosodaiphat.com/
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Sat, 06 Jul 2024 10:39:50 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://xosodaiphat.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
9.gif
id5-sync.com/c/882/1245/0/
Redirect Chain
  • https://id5-sync.com/i/882/8.gif?o=api&id5id=ID5*bq_iBAh8VeaxYmdeNGlTpB2E0Ab2n0pEhpPKbVhv1iWuc3LoGeX9geLrPp94EmLo&gdpr_consent=undefined&gdpr=false
  • https://ice.360yield.com/match?publisher_dsp_id=79&dsp_callback=1&external_user_id=ID5-9e57X7aC1eaosG1jo4SXSk4HNaFVnXfRWR1eD6UBFg&r=https%3A%2F%2Fid5-sync.com%2Fcq%2F882%2F124%2F7%2F2.gif%3Fpuid%3D...
  • https://ice.360yield.com/ul_cb/match?publisher_dsp_id=79&dsp_callback=1&external_user_id=ID5-9e57X7aC1eaosG1jo4SXSk4HNaFVnXfRWR1eD6UBFg&r=https%3A%2F%2Fid5-sync.com%2Fcq%2F882%2F124%2F7%2F2.gif%3Fp...
  • https://id5-sync.com/cq/882/124/7/2.gif?puid=e9567f2f-afed-4e2e-b2b1-891c7b434401&gdpr=0&gdpr_consent=&gdpr=0&gdpr_consent=
  • https://pixel.tapad.com/idsync/ex/push?partner_id=2922&partner_url=https%3A%2F%2Fid5-sync.com%2Fc%2F882%2F108%2F6%2F3.gif%3Fpuid%3D%24%7BTA_DEVICE_ID%7D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_con...
  • https://id5-sync.com/c/882/108/6/3.gif?puid=6729625d-944e-48b5-abcf-743892922161&gdpr=0&gdpr_consent=
  • https://sync.go.sonobi.com/us?loc=https%3A%2F%2Fid5-sync.com%2Fc%2F882%2F434%2F5%2F4.gif%3Fpuid%3D%5BUID%5D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&consent=
  • https://id5-sync.com/c/882/434/5/4.gif?puid=26a6f122-236e-4b85-b6e7-0ceff7cf1267&gdpr=0&gdpr_consent=
  • https://ib.adnxs.com/getuid?https://id5-sync.com/c/882/2/4/5.gif?puid=$UID&gdpr=0&gdpr_consent=
  • https://id5-sync.com/c/882/2/4/5.gif?puid=7260173943964548424&gdpr=0&gdpr_consent=
  • https://dis.eu.criteo.com/dis/usersync.aspx?r=30&p=59&cp=id5&cu=1&url=https%3A%2F%2Fid5-sync.com%2Fc%2F882%2F203%2F3%2F6.gif%3Fpuid%3D%40%40CRITEO_USERID%40%40%26gdpr%3D0%26gdpr_consent%3D
  • https://id5-sync.com/c/882/203/3/6.gif?puid=d2c046b8-7bca-4dfd-bc1e-8ae2e46d18f3&gdpr=0&gdpr_consent=
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=8h9u11h&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://id5-sync.com/k/264.gif?puid=549d8d79-5a7e-4d7f-ac03-6b693aeb00e7&ttl=%%TTL%%
  • https://ce.lijit.com/merge?pid=92&3pid=7260173943964548424&us_privacy=&gdpr=0&gdpr_consent=&location=https%3A%2F%2Fid5-sync.com%2Fc%2F882%2F1246%2F1%2F8.gif%3Fpuid%3D%5BSOVRNID%5D%26gdpr%3D0%26gdpr...
  • https://id5-sync.com/c/882/1246/1/8.gif?puid=I8f_ALZH13MvmOfkQ8uZm2fa&gdpr=0&gdpr_consent=
  • https://ce.lijit.com/merge?pid=27&3pid=549d8d79-5a7e-4d7f-ac03-6b693aeb00e7&us_privacy=&gdpr=0&gdpr_consent=&location=https%3A%2F%2Fid5-sync.com%2Fc%2F882%2F1245%2F0%2F9.gif%3Fpuid%3D%5BSOVRNID%5D%...
  • https://id5-sync.com/c/882/1245/0/9.gif?puid=I8f_ALZH13MvmOfkQ8uZm2fa&gdpr=0&gdpr_consent=
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://id5-sync.com/c/882/1245/0/9.gif?puid=I8f_ALZH13MvmOfkQ8uZm2fa&gdpr=0&gdpr_consent=
Requested by
Host: xosodaiphat.com
URL: https://xosodaiphat.com/
Protocol
H2
Server
162.19.138.116 Frankfurt am Main, Germany, ASN16276 (OVH, FR),
Reverse DNS
ns31533567.ip-162-19-138.eu
Software
/
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Accept-Language
en-US,en;q=0.9;q=0.9
Referer
https://xosodaiphat.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

content-type
image/gif;charset=UTF-8
date
Sat, 06 Jul 2024 10:39:52 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
p3p
CP="CAO PSA OUR"

Redirect headers

pragma
no-cache
date
Sat, 06 Jul 2024 10:39:53 GMT
vary
Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
location
https://id5-sync.com/c/882/1245/0/9.gif?puid=I8f_ALZH13MvmOfkQ8uZm2fa&gdpr=0&gdpr_consent=
cache-control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
content-length
0
expires
Fri, 20 Mar 2009 00:00:00 GMT
AGSKWxVpaLBLEWU17j2L7rfLmpqXwMPLJfcvpp2Z3AHT5rjntlZB43VwM7Ges8eKrf4MNXKBxPNuMTpWVLxoX0UM4Icz8alEil9KcHBUFTBe2D5K4iFGUX9dg2528L9q2mbi5KZCUtqoPg==
fundingchoicesmessages.google.com/f/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxVpaLBLEWU17j2L7rfLmpqXwMPLJfcvpp2Z3AHT5rjntlZB43VwM7Ges8eKrf4MNXKBxPNuMTpWVLxoX0UM4Icz8alEil9KcHBUFTBe2D5K4iFGUX9dg2528L9q2mbi5KZCUtqoPg==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzIwMjYyMzkwLDEzNzAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsNiwxMCw5XSxudWxsLDIsbnVsbCwiZW4iLG51bGwsbnVsbCxudWxsLG51bGwsbnVsbCwxXSwiaHR0cHM6Ly94b3NvZGFpcGhhdC5jb20vIixudWxsLFtbOCwiS3B3VzhCVDV4Q0kiXSxbOSwiZW4tVVMiXSxbMTgsIltbWzBdXV0iXSxbMjIsImZhbHNlIl0sWzE5LCIyIl1dXQ
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.KpwW8BT5xCI.es5.O/am=GAY/d=1/rs=AJlcJMyVqgfvVK3kYS1nZ1Hxkf7pChwMDQ/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.80.110 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s36-in-f14.1e100.net
Software
ESF /
Resource Hash
e1c8a4270ee0ee67c3795425849c7d6a20268ebe4c35342d145cfb4553cb0bf6
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-I5u_agIi113jsBd9ZtNHMA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://xosodaiphat.com/
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 06 Jul 2024 10:39:50 GMT
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-I5u_agIi113jsBd9ZtNHMA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
reporting-endpoints
default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzjitDikmLw05BiOHHrNtMFID7vdIfpOhBLfH3JpAXETukzWEOA2Kd-BmscELfePMc6HYg_Pz7H-huIk_6dZy0B4iURF1mPJF5kPfj4IutJIBbi5vi2d8kWNoENd2dEK2kk5RfGJ-fnlRRlJpWW5BelJaelFqcWlaUWxRsZGJkYmBsY6hmYxxcYAAByID7a"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin
*
expires
Mon, 01 Jan 1990 00:00:00 GMT
express_html_inpage_rendering_lib_200_279.js
s0.2mdn.net/879366/ Frame 0BC8 		116 KB
41 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_279.js
Requested by
Host: xosodaiphat.com
URL: https://xosodaiphat.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.80.102 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s36-in-f6.1e100.net
Software
sffe /
Resource Hash
f4d9dedffa6ec9dd7ec66eef0915017183e812e17b39f30e2407c8da747de77b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://xosodaiphat.com/
Origin
https://xosodaiphat.com
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 05 Jul 2024 22:24:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
44128
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
41555
x-xss-protection
0
last-modified
Thu, 02 May 2024 19:23:25 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 06 Jul 2024 22:24:22 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20240702/r20110914/elements/html/ Frame 0BC8 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20240702/r20110914/elements/html/omrhp.js
Requested by
Host: xosodaiphat.com
URL: https://xosodaiphat.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.80.66 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s35-in-f2.1e100.net
Software
cafe /
Resource Hash
ce13d5d11a2c8a21612d2eae7a1732f20ca5a38daf0be8af6aaeef64e07d75e4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://xosodaiphat.com/
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 05 Jul 2024 14:25:44 GMT
content-encoding
br
x-content-type-options
nosniff
age
72846
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4395
x-xss-protection
0
server
cafe
etag
4271344721252203484
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 19 Jul 2024 14:25:44 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20240702/r20110914/ Frame 0BC8 		31 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20240702/r20110914/abg_lite.js
Requested by
Host: xosodaiphat.com
URL: https://xosodaiphat.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.80.66 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s35-in-f2.1e100.net
Software
cafe /
Resource Hash
35f10e930001942305150e2cd414336f02d9365cc6ce3b94c9ef2bac90d70e3f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://xosodaiphat.com/
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 05 Jul 2024 14:28:56 GMT
content-encoding
br
x-content-type-options
nosniff
age
72654
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11781
x-xss-protection
0
server
cafe
etag
4708425956095714790
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 19 Jul 2024 14:28:56 GMT
Q12zgMmT.js
tpc.googlesyndication.com/sodar/ Frame 0BC8 		41 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Q12zgMmT.js
Requested by
Host: xosodaiphat.com
URL: https://xosodaiphat.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80c::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://xosodaiphat.com/
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 05 Jul 2024 00:32:29 GMT
content-encoding
br
x-content-type-options
nosniff
age
122841
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13937
x-xss-protection
0
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 05 Jul 2025 00:32:29 GMT
usermatch
ssum-sec.casalemedia.com/ Frame B793 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?ix_um=1&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&s=184310&gdpr=0
Requested by
Host: xosodaiphat.com
URL: https://xosodaiphat.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept-Language
en-US,en;q=0.9;q=0.9
Referer
https://xosodaiphat.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
89eef9231ab48d9d-MIA
content-encoding
br
content-type
text/html
date
Sat, 06 Jul 2024 10:39:50 GMT
expires
0
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=jDF55q3XsRJLi0w9%2BjxShjXtC7OeDPHAZaVj2iisqXaolNder75RGOQaD4LD1yJk6i8Z2osUwldzL88uhojEyL2vlHDpsLVN1EDyJojkW0x2jHkqmIPQ7DT%2BmbSzqg3agx4kDuQdAKNd9A%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
express_html_inpage_rendering_lib_200_279.js
s0.2mdn.net/879366/ Frame AE5C 		116 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_279.js
Requested by
Host: xosodaiphat.com
URL: https://xosodaiphat.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.80.102 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s36-in-f6.1e100.net
Software
sffe /
Resource Hash
f4d9dedffa6ec9dd7ec66eef0915017183e812e17b39f30e2407c8da747de77b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://xosodaiphat.com/
Origin
https://xosodaiphat.com
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 05 Jul 2024 22:24:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
44128
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
41555
x-xss-protection
0
last-modified
Thu, 02 May 2024 19:23:25 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 06 Jul 2024 22:24:22 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20240702/r20110914/elements/html/ Frame AE5C 		12 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20240702/r20110914/elements/html/omrhp.js
Requested by
Host: xosodaiphat.com
URL: https://xosodaiphat.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.80.66 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s35-in-f2.1e100.net
Software
cafe /
Resource Hash
ce13d5d11a2c8a21612d2eae7a1732f20ca5a38daf0be8af6aaeef64e07d75e4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://xosodaiphat.com/
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 05 Jul 2024 14:25:44 GMT
content-encoding
br
x-content-type-options
nosniff
age
72846
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4395
x-xss-protection
0
server
cafe
etag
4271344721252203484
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 19 Jul 2024 14:25:44 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20240702/r20110914/ Frame AE5C 		31 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20240702/r20110914/abg_lite.js
Requested by
Host: xosodaiphat.com
URL: https://xosodaiphat.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.80.66 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s35-in-f2.1e100.net
Software
cafe /
Resource Hash
35f10e930001942305150e2cd414336f02d9365cc6ce3b94c9ef2bac90d70e3f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://xosodaiphat.com/
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 05 Jul 2024 14:28:56 GMT
content-encoding
br
x-content-type-options
nosniff
age
72654
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11781
x-xss-protection
0
server
cafe
etag
4708425956095714790
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 19 Jul 2024 14:28:56 GMT
Q12zgMmT.js
tpc.googlesyndication.com/sodar/ Frame AE5C 		41 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Q12zgMmT.js
Requested by
Host: xosodaiphat.com
URL: https://xosodaiphat.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80c::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://xosodaiphat.com/
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 05 Jul 2024 00:32:29 GMT
content-encoding
br
x-content-type-options
nosniff
age
122841
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13937
x-xss-protection
0
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 05 Jul 2025 00:32:29 GMT
usync.html
eus.rubiconproject.com/ Frame A528 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?&geo=na&co=us
Requested by
Host: xosodaiphat.com
URL: https://xosodaiphat.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.200.198.128 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-200-198-128.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash

Request headers

Accept-Language
en-US,en;q=0.9;q=0.9
Referer
https://xosodaiphat.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
224
Content-Type
text/html; charset=UTF-8
Date
Sat, 06 Jul 2024 10:39:50 GMT
ETag
"2052a-10d-6142d69a886c0"
Last-Modified
Thu, 21 Mar 2024 15:32:19 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding
view
securepubads.g.doubleclick.net/pcs/ Frame AE5C 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjss6-drB0CXx4tdnNhjOjuIbspeidkxAHEEPL1Hb1rQJZ8r4JDh8RQITRUcmiEUIcTI-7uYQw9ieHT0jIqj_um01hEbbTnqDQpPREdpN9D_XVfzLmPrBfxVjtnJJC5HgzDQfyU-L2zmequy9H8kT5vi-ecHtYLoQGUjyhywlrNT4tVBbAyFLJkH2eUWzMlz7HXpBkTQSXTKw-30vLVYPXbu8JsQGQCwPhvyREJcLkxgiz50OhByw5jfOQi-dsjJjR2vM_09PBG7AMyDSZpbwcLze1mmGLuRGbzgBiMWjMrTqG51M0NYZtkUtuXkx2V45HMel4SFe5JJUeEQdcML128H9hqkwiJDMd9L-dO6T_AByPGZ86ybE9SwcYuG_QQL8PqiVJ4EBDvy3zBUy46opJt9dscU&sai=AMfl-YS4eic5wVwO7jXc6XP-9XZyPgac4cojkaslR7fz7IG0GpEx336jR5Gndlsfc9jWli8hYQXPofe_3cx-Zrfhvw2YSBGR6bKxdlSyKPtBDXSc9HUn4o6Og7DOeZYIe0M&sig=Cg0ArKJSzIEY3tdAhL6jEAE&uach_m=%5BUACH%5D&urlfix=1&adurl=
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.40.98 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s79-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://xosodaiphat.com/
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 06 Jul 2024 10:39:50 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Sat, 06 Jul 2024 10:39:50 GMT
truncated
/ Frame AE5C 		211 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
750265e0a75ce476f0064228d9ff721b7fde70d43acfa6cc765db459cd7c74c5

Request headers

Accept-Language
en-US,en;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type
image/png
reach_worklet.html
www.googleadservices.com/pagead/managed/js/activeview/current/ Frame 3720 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/managed/js/activeview/current/reach_worklet.html
Requested by
Host: xosodaiphat.com
URL: https://xosodaiphat.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.41.2 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s40-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9;q=0.9
Referer
https://xosodaiphat.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=3600, stale-while-revalidate=3600
content-encoding
br
content-length
69
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 06 Jul 2024 10:39:47 GMT
etag
expires
Sat, 06 Jul 2024 10:39:47 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
c
c.pub.network/v2/ 		36 B
53 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://c.pub.network/v2/c
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/analytics/1.4.2/analytics.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.160.152.31 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
31.152.160.34.bc.googleusercontent.com
Software
/
Resource Hash
148f10a2d7b7465114dc40e598e85f0a3fa5e03bded69412a509d8e2b6b63f5b

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform
"Win32"
Referer
https://xosodaiphat.com/
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
application/json

Response headers

date
Sat, 06 Jul 2024 10:39:50 GMT
via
1.1 google
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
content-type
text/plain;charset=UTF-8
access-control-allow-origin
https://xosodaiphat.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
36
c
c.pub.network/v2/ 		36 B
53 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://c.pub.network/v2/c
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/analytics/1.4.2/analytics.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.160.152.31 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
31.152.160.34.bc.googleusercontent.com
Software
/
Resource Hash
148f10a2d7b7465114dc40e598e85f0a3fa5e03bded69412a509d8e2b6b63f5b

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform
"Win32"
Referer
https://xosodaiphat.com/
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
application/json

Response headers

date
Sat, 06 Jul 2024 10:39:50 GMT
via
1.1 google
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
content-type
text/plain;charset=UTF-8
access-control-allow-origin
https://xosodaiphat.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
36
AGSKWxUXO1Pbv9MSUe_8k2a79dlfZEYOSb77OwjOSYYrkFp2kjha2KvzkTmRTon_2rLcbfIJGSTo_N4F8gpT5Tv5EpO487ptLv_P7aWzXHMfZjetbnwEoHH4tCubGBNpPnqv3HqdJ9Hygw==
fundingchoicesmessages.google.com/el/ 		0
28 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxUXO1Pbv9MSUe_8k2a79dlfZEYOSb77OwjOSYYrkFp2kjha2KvzkTmRTon_2rLcbfIJGSTo_N4F8gpT5Tv5EpO487ptLv_P7aWzXHMfZjetbnwEoHH4tCubGBNpPnqv3HqdJ9Hygw==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.KpwW8BT5xCI.es5.O/am=GAY/d=1/rs=AJlcJMyVqgfvVK3kYS1nZ1Hxkf7pChwMDQ/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.80.110 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s36-in-f14.1e100.net
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-PCxNWLOgBjEXe2OKF8s_uQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform
"Win32"
Referer
https://xosodaiphat.com/
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 06 Jul 2024 10:39:50 GMT
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-PCxNWLOgBjEXe2OKF8s_uQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
reporting-endpoints
default="/_/ContributorLoggingHttp/web-reports?context=eJzjUtDikmLw1ZBicEqfwRoCxJ8fn2P9DcRLIi6yHkm8yCrEw_Ft75ItbAI7juzuZlJyScovjE_OzytJzSvRTUwp1gWxizKTSkvyi1DYqWUgFTn56emZeenxRgZGJgbmBoZ6BubxBQYAYmwr9Q"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
content-type
text/html; charset=utf-8
access-control-allow-origin
https://xosodaiphat.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options
SAMEORIGIN
expires
Mon, 01 Jan 1990 00:00:00 GMT
AGSKWxWZtO65VpEFoqROfOgwXAdt4wZekxC_l3WgrnupFj66xCnO8-9Hwd-LI6ECeUKUjk5ighePUZHNr0heF1emh-G0JyzCm-tUVZpRlNjZYRaM7rb9wPW_g6xCYdYou4Ki1XIa9_3_iA==
fundingchoicesmessages.google.com/el/ 		0
28 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxWZtO65VpEFoqROfOgwXAdt4wZekxC_l3WgrnupFj66xCnO8-9Hwd-LI6ECeUKUjk5ighePUZHNr0heF1emh-G0JyzCm-tUVZpRlNjZYRaM7rb9wPW_g6xCYdYou4Ki1XIa9_3_iA==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.KpwW8BT5xCI.es5.O/am=GAY/d=1/rs=AJlcJMyVqgfvVK3kYS1nZ1Hxkf7pChwMDQ/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.80.110 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s36-in-f14.1e100.net
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-kurukKMYALcNRihJoDOFDw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform
"Win32"
Referer
https://xosodaiphat.com/
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 06 Jul 2024 10:39:50 GMT
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-kurukKMYALcNRihJoDOFDw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
reporting-endpoints
default="/_/ContributorLoggingHttp/web-reports?context=eJzjUtDikmLw05BicEqfwRoCxJ8fn2P9DcRLIi6yHkm8yCrEw_Ft75ItbAIrVlzpZlJyScovjE_OzytJzSvRTUwp1gWxizKTSkvyi1DYqWUgFTn56emZeenxRgZGJgbmBoZ6BubxBQYAXTUr4w"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
content-type
text/html; charset=utf-8
access-control-allow-origin
https://xosodaiphat.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options
SAMEORIGIN
expires
Mon, 01 Jan 1990 00:00:00 GMT
62bHydCX.html
tpc.googlesyndication.com/sodar/ Frame 648F 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/62bHydCX.html
Requested by
Host: xosodaiphat.com
URL: https://xosodaiphat.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.80.65 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s35-in-f1.1e100.net
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9;q=0.9
Referer
https://xosodaiphat.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

accept-ranges
bytes
age
129310
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
br
content-length
13045
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 04 Jul 2024 22:44:40 GMT
expires
Fri, 04 Jul 2025 22:44:40 GMT
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
ufs_web_display.js
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame 0BC8 		205 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js
Requested by
Host: xosodaiphat.com
URL: https://xosodaiphat.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.80.66 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s35-in-f2.1e100.net
Software
cafe /
Resource Hash
066bf781659af09bb40a24a7d87dd2310c2324c9619e347c6d6d05c00ffeb182
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://xosodaiphat.com/
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 06 Jul 2024 10:10:58 GMT
content-encoding
br
x-content-type-options
nosniff
age
1732
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
64446
x-xss-protection
0
server
cafe
etag
vary
Accept-Encoding
content-type
text/javascript; charset=ISO-8859-1
cache-control
public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Sat, 06 Jul 2024 11:10:58 GMT
index.html
s0.2mdn.net/sadbundle/13273901356209860687/ Frame E5DD 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/13273901356209860687/index.html?ev=01_251
Requested by
Host: xosodaiphat.com
URL: https://xosodaiphat.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80d::2006 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9;q=0.9
Referer
https://xosodaiphat.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
169269
allow-fenced-frame-automatic-beacons
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
7287
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy
cross-origin
date
Thu, 04 Jul 2024 11:38:41 GMT
expires
Fri, 04 Jul 2025 11:38:41 GMT
last-modified
Mon, 01 Jul 2024 08:02:50 GMT
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
view
ad.doubleclick.net/pcs/ Frame 0BC8 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ad.doubleclick.net/pcs/view?xai=AKAOjsu6eEk-IODIprj3tajfaB89_Xac1uilgCYUWfCr9COgjSw5XrDe4yy1mna26W31nvctuqvOJhNgfMHePGpNdZZOGICNIg0gIeyqVrC0L4phwU7HdnbVBVjkvrkGun0BLQc6tBVet17wvrq3X4q6bODJuYyMKQcyXiiPrhbAipxjp52ikvJZ8wSsQetRpaO3cP2_ih2RDSfaKo4OH8AXHcke1BpsKySUP372WkQmCfJNP1jPHLFTg5LfU1ZFegMedtRcX-xzlK-eVDqZ0ITqO03Jar-LRilXjQhnSY5SygUFjK4rn4c9wDnZaqvqCSSOUDjPIfQHsvrU-5s7BW0LzDoNHbSTikPaIreBgTQ7oVPNWBkFMy2N5uLrjStCNEjnlpFNRABsZkfbzIiVB9Rd7baEV4aTep7W0Mf4BC2n0ks9iq7Eelie2g_jnqAMMMhrazFcUdN_y0HjJd6ur2B96d1R-LgN5fGc8CKvayBehUat9yV6dkMbHcmT_TZsTawm-Cjv0iweEDvoVGVGH67j8agUlEshik22Rt-Egfjlx2-G3OGfWYzmDuqeq_C9FkT0noILJ1VOX_wSSwHII1ZFCddC7lxpcbSZ9eYjY-OTgkfzpbG5DycL5MlhV0BvzhGRJahfs8oLXAGMPDblNG3gS6QoLGS_8sIO18aSOjAq-SGwgvompnBU9NBNHQ4sHsFYe71bzPujuixIuU8gXvvNNboBJx_5iv575ixSGZ3sYCGbe8SiLCAd0XiHHaai2IyoWG9013rDIUQ1tReL1BJ9GiL8H4-5CAUKtUINDK6z6HqGpkc4kGYvjYA8HekuKoWw2GJXYYjKxzAw2IG8PtBpUYkee-JOrRRUZDXPgpQ7c8VzoqmMk6s1XDDCweR5nxeAmAtbU_zM68a46bajCuHSHrtrnNk8BAFhPx1aKMGCuiSiFVTyg5FQfsq8KgSKZ-zRTM916RaysfYqToTwEnp3L1tiKSzqLAmBQ26FaG0OEzx_DVr4xWqxw7iS3XAOa76L-dbuKZ-h9jaW5Ram1VnPcI-nVCRxnRBlKhI8DaQWL8IqNX2DUoXsKsb0HYINgZvMZJwvpk0Xdg5oq36yyzpJtaSKAJk2Cs20iMeynZREG6ZTgZUjxatw2Np68n8qPLZUPYCb8OGrfoLzdyrlxGhZkm84_2tdjONM43BPZQnq4sN0hCU8SxXxokNj42iylWiQXconr2kN4bSXQdHNbTm3DT2-u328CaGyhv_GZZ_I1S3VTrFvG4zlfzyN4sd6wpY30XBDalpGoAU6ByQQopzdYUh3FkyKvftPi8ogVcSCAciO3GI-eyFBlfPdJXjENlcByGLrv5QTUOc5CrpaD4i15WagTJYRtwPIziTwIK9G3qWgXyCwsL559xoqpXg9PQ6WinvCwIhxRQ&sai=AMfl-YTpm03xmA72FlI1q2D0b_b4FM2Iq5bHnpcbyslCccgVDA40s5t3RYf2wgM5p9bGZWrzgUpKNTKTDQCEBUXfqdGJU_vTHrsESEAduo3f4WDyirm6E0ncSenw4MFIn5K58Ct-cHVwqcbADEeSt6qveZKR9aTf8YlIQjMJLm5nsdJQiymHO5sjdr3jetadua36Qj3XO-FSwvq8o4eI3m7beXcIm-lsE39t1GXyLIKVu6J5Lc0GrBNVJXwWRAeN_lsOqL6StKHe_XZSNPXHuw&sig=Cg0ArKJSzNqkKnFjSmHNEAE&uach_m=%5BUACH%5D&pr=13:Zoke9AAAAACCOcteN55sIcjqfrNABTk-js8djw&cry=1&crd=aHR0cHM6Ly9iaXRkZWZlbmRlci5jb20&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=306&cbvp=1&cstd=301&cisv=r20240702.85003&uach=WyJXaW4zMiIsIjEwLjAuMCIsIng4NiIsIiIsIjEyNi4wLjY0NzguMTI2IixudWxsLDAsbnVsbCwiNjQiLFtbIk5vdC9BKUJyYW5kIiwiOC4wLjAuMCJdLFsiQ2hyb21pdW0iLCIxMjYuMC42NDc4LjEyNiJdLFsiR29vZ2xlIENocm9tZSIsIjEyNi4wLjY0NzguMTI2Il1dLDBd&arae=1&ftch=1&adurl=
Requested by
Host: xosodaiphat.com
URL: https://xosodaiphat.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.72.102 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s32-in-f6.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://xosodaiphat.com/
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Sat, 06 Jul 2024 10:39:50 GMT
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
attribution-reporting-register-source
{"aggregation_keys":{"628893860":"0xc92383f3dcf3e8120000000000000000","628893861":"0xc5e9c0cca7bda63c0000000000000000","628893862":"0x446a552fb038756c0000000000000000","628893863":"0x921b3d6eca9320f70000000000000000"},"debug_key":"3682856568047642890","debug_reporting":true,"destination":["https://bitdefender.com","https://bitdefender.de","https://bitdefender.fr"],"event_report_windows":{"end_times":[86400,345600]},"expiry":"1382400","filter_data":{"14":["2831060"],"21":[],"23":[],"24":[],"25":[],"26":[],"27":[],"28":[],"29":[],"8":["5165113"]},"max_event_level_reports":2,"priority":"0","source_event_id":"15608244158104225063"}
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/png
access-control-allow-origin
*
cache-control
private
access-control-allow-credentials
true
timing-allow-origin
*
expires
Sat, 06 Jul 2024 10:39:50 GMT
index.html
s0.2mdn.net/sadbundle/2299595170114639582/ Frame F076 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/2299595170114639582/index.html?ev=01_251
Requested by
Host: xosodaiphat.com
URL: https://xosodaiphat.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80d::2006 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9;q=0.9
Referer
https://xosodaiphat.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
153125
allow-fenced-frame-automatic-beacons
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
23217
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy
cross-origin
date
Thu, 04 Jul 2024 16:07:45 GMT
expires
Fri, 04 Jul 2025 16:07:45 GMT
last-modified
Thu, 20 Jun 2024 17:22:08 GMT
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
view
ad.doubleclick.net/pcs/ Frame AE5C 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ad.doubleclick.net/pcs/view?xai=AKAOjstd17211m1nb7xBKkSsORFb9TBB64hEZXEMEwzdL4NlAoc2KAZ3BYkPD7G-i92zUEIS4yffCOzqG-jl5406W_nEJVOv2EL38lnHz_E0LJ_3fsi6k-kt011fc5QoHAtpZ2JS9BjXhxyrvuxNdhgBB0_3MHvk5ZMfr3B7I2BD9F-9vtyrPqcoHKF5rCsW4Pmbfna_vXBbpsaNBwta4lAMU2d73l5kDwDx2Xkvjd89oUilK321IfrLP9xXKIgYszs28kvok2yycRHAFLe0dXHNMxkoIqdGvUVU3l4PlG9Sp44fEc09vFE6Ak8gyLq9p6YJIcdETSomQhaK-xvsviRsePShtr72GIaWe5bgsrZTBDp_K6F4S2qEvLg6lcm7iP8s1aUlM2J2OmuuaCJoi_WjLqQ02UyOYovtB9qqlvIgfYOH9pGTKcNX4riEo5VHRH-IwdpgDZb7TWb6_LsbjWe_-9RYSf7X7DhyZw75JBxinHbupXCGR9pXAQEDyB90beE6YWgDc4qpFO2gaN1TKV1QjtmebKmhJUBAn0FlRutWiENXplAl_XgsGP3MXCHkaApBMSnXi1LL-6c9oBNHNSX-jugtQH8q1RYOPQPL0mgATCW6Qh9DTGesORdGxjUM1dpxr-QOzRY2m9YbMY1tg4QA4ZRnVbp5AmnL__4gn6jLNx_HcvaoSEJoWdmTrh41eqz0TrrdqL-MY88IVZzNr6PNEImvJ5aJ6uW19OADZiyytx2CxBzVwUrL8aSyL0iA2fc0ey7EYYWLosACRFzzyzYHS5jSeuDGLkIIys0s3KSrcbmiylQWSTKCnxIXxEkTiqU8MR1O_3cHw6Pv705sPzd1Af5Xw7432o_2hVefHTvOGwcHI31UWmzE9DJanFSphwJ4DpjMBDj6NdIeEI1veM4H8fiK5-_k-DQcSBWAvcAzuTF4x3Ad4ysgsBdyRW5p2KsjErm1qiMlzc4bO3p749z_otdmDCc1-L3s2DYj1jO1digTMjtZ3KP7hHkpE_c5xpIT1V2jI8P8nOGjXKDnmsgvjnXqfipTBk3G8O9aFxgVzdGlL6fdKd58HrYGZMun7F-s5wPe82Ey40ShvMSTyxuA3_IV4xeh_0LwWfedyNX7QCDIiHqpig67Q5f2fzSV3aQzpzVVUB1EFod4o9YgQyDyL4Vd5smAKw0w_TDF6B2urZIVlecjRtaPecIl8fI-R-h31m6Xt_THKXcvyUINGwcprliNTj87ihz7ZOFvGf5jNBOd2EYE5gldPexPnNcwXWk_T5rNK15smviO8IthXrmzvHFWb25iXPRJnFrr5abbVtXz6wevGl6LiZtO-iQBq2tblvowz0yVXxkalkfu2cTFePc1E9hVxv8G63jo9aD3ez_2jKc8T67aOF5iISu0TML-QHI281xbxpJgCfHSEcxskIuQww&sai=AMfl-YQK5vn507nbrRzgKsH50lY5gXM7TgkORmAGRYBtDWXOhFz4WvVgRU6ZuY_R6FGJHhtXs-OY5BbyThgeU2YEK2ohJpOqEWMsrI0xJdElQw8bBANiQJbgR5OXEJ1fX7cy5eN8e7gAKq5Q9fcq9tbjHYyQngi_H2Ilc-mRT1UAfZ8p6OftCKI2-bktOKls9JQsJRNlpRU1IZl48lMyIkTe9t8xzVeOR5JO0HnDxBSBOla8P5ZERxr_LKJKiMSoXxXs6Lpms23dQ4Aqd1CNw5WVxflquhEGc4FlOoE-JCKPxFIBfCxKPeMQspsJg6m0MubrB7mKFYQvk3wDITm0cg&sig=Cg0ArKJSzAZ4jX2OWG7oEAE&uach_m=%5BUACH%5D&pr=8:236867B6F220604A&cry=1&crd=aHR0cHM6Ly9jYXJwYXJ0cy5jb20&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=212&cbvp=1&cstd=210&cisv=r20240702.65004&uach=WyJXaW4zMiIsIjEwLjAuMCIsIng4NiIsIiIsIjEyNi4wLjY0NzguMTI2IixudWxsLDAsbnVsbCwiNjQiLFtbIk5vdC9BKUJyYW5kIiwiOC4wLjAuMCJdLFsiQ2hyb21pdW0iLCIxMjYuMC42NDc4LjEyNiJdLFsiR29vZ2xlIENocm9tZSIsIjEyNi4wLjY0NzguMTI2Il1dLDBd&arae=1&ftch=1&adurl=
Requested by
Host: xosodaiphat.com
URL: https://xosodaiphat.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.72.102 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s32-in-f6.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://xosodaiphat.com/
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Sat, 06 Jul 2024 10:39:50 GMT
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
attribution-reporting-register-source
{"aggregation_keys":{"634925776":"0xafc77aae44fafbb20000000000000000","634925777":"0x336c4719f80e0c840000000000000000","634925778":"0x60f200eb4687317b0000000000000000","634925779":"0xfde32e1842c512510000000000000000"},"debug_key":"1382370912715313282","debug_reporting":true,"destination":["https://carparts.com","https://debugconversiondomain1.com","https://debugconversiondomain2.com"],"event_report_windows":{"end_times":[86400,345600]},"expiry":"1296000","filter_data":{"14":["2955688","9212289","9147650"],"21":[],"23":[],"24":[],"25":[],"26":[],"27":[],"28":[],"29":[],"8":["5217533"]},"max_event_level_reports":2,"priority":"0","source_event_id":"17739529605521868060"}
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/png
access-control-allow-origin
*
cache-control
private
access-control-allow-credentials
true
timing-allow-origin
*
expires
Sat, 06 Jul 2024 10:39:50 GMT
reach_worklet.html
www.googleadservices.com/pagead/managed/js/activeview/current/ Frame B276 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/managed/js/activeview/current/reach_worklet.html
Requested by
Host: xosodaiphat.com
URL: https://xosodaiphat.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.41.2 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s40-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9;q=0.9
Referer
https://xosodaiphat.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=3600, stale-while-revalidate=3600
content-encoding
br
content-length
69
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 06 Jul 2024 10:39:47 GMT
etag
expires
Sat, 06 Jul 2024 10:39:47 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
62bHydCX.html
tpc.googlesyndication.com/sodar/ Frame EBED 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/62bHydCX.html
Requested by
Host: xosodaiphat.com
URL: https://xosodaiphat.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.80.65 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s35-in-f1.1e100.net
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9;q=0.9
Referer
https://xosodaiphat.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

accept-ranges
bytes
age
129310
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
br
content-length
13045
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 04 Jul 2024 22:44:40 GMT
expires
Fri, 04 Jul 2025 22:44:40 GMT
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
reach_worklet.html
www.googleadservices.com/pagead/managed/js/activeview/current/ Frame 95D1 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/managed/js/activeview/current/reach_worklet.html
Requested by
Host: xosodaiphat.com
URL: https://xosodaiphat.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.41.2 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s40-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9;q=0.9
Referer
https://xosodaiphat.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=3600, stale-while-revalidate=3600
content-encoding
br
content-length
69
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 06 Jul 2024 10:39:47 GMT
etag
expires
Sat, 06 Jul 2024 10:39:47 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
gen_204
pagead2.googlesyndication.com/pagead/ Frame AE5C 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=av-js&type=reach&proto=CAlgAWACYANgBGgD
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.80.66 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s35-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://xosodaiphat.com/
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Sat, 06 Jul 2024 10:39:50 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel.gif
pixel.gliacloud.com/glia_player_media3/ 		43 B
57 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.gliacloud.com/glia_player_media3/pixel.gif?sid=glia-namviet_xosodaiphat_desktop&sk=namviet_xosodaiphat_desktop&si=namviet_xosodaiphat_desktop&sa=namviet_xosodaiphat&pt=YouTube&ab=0&ta=0&pgu=xosodaiphat.com&pv=0.4.58&ul=en-US&cb=72986188&payload=ea%3Dplayer.inited%26ofst%3D0
Requested by
Host: xosodaiphat.com
URL: https://xosodaiphat.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.227.207.122 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
122.207.227.35.bc.googleusercontent.com
Software
nginx/1.23.1 /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://xosodaiphat.com/
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 06 Jul 2024 10:39:50 GMT
via
1.1 google
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
server
nginx/1.23.1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
content-type
image/gif
pixel.gif
pixel.gliacloud.com/glia_player_media1/ 		43 B
57 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.gliacloud.com/glia_player_media1/pixel.gif?sid=glia-namviet_xosodaiphat_desktop&sk=namviet_xosodaiphat_desktop&si=namviet_xosodaiphat_desktop&sa=namviet_xosodaiphat&pt=YouTube&ab=0&ta=0&pgu=xosodaiphat.com&pv=0.4.58&ul=en-US&cb=630171394&payload=ea%3Dslot.inited%26ofst%3D0
Requested by
Host: xosodaiphat.com
URL: https://xosodaiphat.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.227.207.122 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
122.207.227.35.bc.googleusercontent.com
Software
nginx/1.23.1 /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://xosodaiphat.com/
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 06 Jul 2024 10:39:50 GMT
via
1.1 google
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
server
nginx/1.23.1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
content-type
image/gif
c
c.pub.network/v2/ 		36 B
53 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://c.pub.network/v2/c
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/analytics/1.4.2/analytics.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.160.152.31 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
31.152.160.34.bc.googleusercontent.com
Software
/
Resource Hash
148f10a2d7b7465114dc40e598e85f0a3fa5e03bded69412a509d8e2b6b63f5b

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform
"Win32"
Referer
https://xosodaiphat.com/
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
application/json

Response headers

date
Sat, 06 Jul 2024 10:39:50 GMT
via
1.1 google
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
content-type
text/plain;charset=UTF-8
access-control-allow-origin
https://xosodaiphat.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
36
gen_204
pagead2.googlesyndication.com/pagead/ Frame 0BC8 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=av-js&type=reach&proto=CAlgAWACYANgBGgD
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.80.66 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s35-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://xosodaiphat.com/
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Sat, 06 Jul 2024 10:39:51 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame AE5C 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=av-js&type=reach&proto=CAlgAWACYANgBGgD
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.80.66 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s35-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://xosodaiphat.com/
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Sat, 06 Jul 2024 10:39:51 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
c
c.pub.network/v2/ 		36 B
53 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://c.pub.network/v2/c
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/analytics/1.4.2/analytics.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.160.152.31 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
31.152.160.34.bc.googleusercontent.com
Software
/
Resource Hash
148f10a2d7b7465114dc40e598e85f0a3fa5e03bded69412a509d8e2b6b63f5b

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform
"Win32"
Referer
https://xosodaiphat.com/
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
application/json

Response headers

date
Sat, 06 Jul 2024 10:39:51 GMT
via
1.1 google
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
content-type
text/plain;charset=UTF-8
access-control-allow-origin
https://xosodaiphat.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
36
view
ad.doubleclick.net/pcs/ Frame 0BC8 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ad.doubleclick.net/pcs/view?xai=AKAOjsu6eEk-IODIprj3tajfaB89_Xac1uilgCYUWfCr9COgjSw5XrDe4yy1mna26W31nvctuqvOJhNgfMHePGpNdZZOGICNIg0gIeyqVrC0L4phwU7HdnbVBVjkvrkGun0BLQc6tBVet17wvrq3X4q6bODJuYyMKQcyXiiPrhbAipxjp52ikvJZ8wSsQetRpaO3cP2_ih2RDSfaKo4OH8AXHcke1BpsKySUP372WkQmCfJNP1jPHLFTg5LfU1ZFegMedtRcX-xzlK-eVDqZ0ITqO03Jar-LRilXjQhnSY5SygUFjK4rn4c9wDnZaqvqCSSOUDjPIfQHsvrU-5s7BW0LzDoNHbSTikPaIreBgTQ7oVPNWBkFMy2N5uLrjStCNEjnlpFNRABsZkfbzIiVB9Rd7baEV4aTep7W0Mf4BC2n0ks9iq7Eelie2g_jnqAMMMhrazFcUdN_y0HjJd6ur2B96d1R-LgN5fGc8CKvayBehUat9yV6dkMbHcmT_TZsTawm-Cjv0iweEDvoVGVGH67j8agUlEshik22Rt-Egfjlx2-G3OGfWYzmDuqeq_C9FkT0noILJ1VOX_wSSwHII1ZFCddC7lxpcbSZ9eYjY-OTgkfzpbG5DycL5MlhV0BvzhGRJahfs8oLXAGMPDblNG3gS6QoLGS_8sIO18aSOjAq-SGwgvompnBU9NBNHQ4sHsFYe71bzPujuixIuU8gXvvNNboBJx_5iv575ixSGZ3sYCGbe8SiLCAd0XiHHaai2IyoWG9013rDIUQ1tReL1BJ9GiL8H4-5CAUKtUINDK6z6HqGpkc4kGYvjYA8HekuKoWw2GJXYYjKxzAw2IG8PtBpUYkee-JOrRRUZDXPgpQ7c8VzoqmMk6s1XDDCweR5nxeAmAtbU_zM68a46bajCuHSHrtrnNk8BAFhPx1aKMGCuiSiFVTyg5FQfsq8KgSKZ-zRTM916RaysfYqToTwEnp3L1tiKSzqLAmBQ26FaG0OEzx_DVr4xWqxw7iS3XAOa76L-dbuKZ-h9jaW5Ram1VnPcI-nVCRxnRBlKhI8DaQWL8IqNX2DUoXsKsb0HYINgZvMZJwvpk0Xdg5oq36yyzpJtaSKAJk2Cs20iMeynZREG6ZTgZUjxatw2Np68n8qPLZUPYCb8OGrfoLzdyrlxGhZkm84_2tdjONM43BPZQnq4sN0hCU8SxXxokNj42iylWiQXconr2kN4bSXQdHNbTm3DT2-u328CaGyhv_GZZ_I1S3VTrFvG4zlfzyN4sd6wpY30XBDalpGoAU6ByQQopzdYUh3FkyKvftPi8ogVcSCAciO3GI-eyFBlfPdJXjENlcByGLrv5QTUOc5CrpaD4i15WagTJYRtwPIziTwIK9G3qWgXyCwsL559xoqpXg9PQ6WinvCwIhxRQ&sai=AMfl-YTpm03xmA72FlI1q2D0b_b4FM2Iq5bHnpcbyslCccgVDA40s5t3RYf2wgM5p9bGZWrzgUpKNTKTDQCEBUXfqdGJU_vTHrsESEAduo3f4WDyirm6E0ncSenw4MFIn5K58Ct-cHVwqcbADEeSt6qveZKR9aTf8YlIQjMJLm5nsdJQiymHO5sjdr3jetadua36Qj3XO-FSwvq8o4eI3m7beXcIm-lsE39t1GXyLIKVu6J5Lc0GrBNVJXwWRAeN_lsOqL6StKHe_XZSNPXHuw&sig=Cg0ArKJSzNqkKnFjSmHNEAE&uach_m=%5BUACH%5D&pr=13:Zoke9AAAAACCOcteN55sIcjqfrNABTk-js8djw&cry=1&crd=aHR0cHM6Ly9iaXRkZWZlbmRlci5jb20&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=1184&vt=11&dtpt=878&dett=3&cstd=301&cisv=r20240702.85003&uach=WyJXaW4zMiIsIjEwLjAuMCIsIng4NiIsIiIsIjEyNi4wLjY0NzguMTI2IixudWxsLDAsbnVsbCwiNjQiLFtbIk5vdC9BKUJyYW5kIiwiOC4wLjAuMCJdLFsiQ2hyb21pdW0iLCIxMjYuMC42NDc4LjEyNiJdLFsiR29vZ2xlIENocm9tZSIsIjEyNi4wLjY0NzguMTI2Il1dLDBd&arae=1&ftch=1&adurl=
Requested by
Host: xosodaiphat.com
URL: https://xosodaiphat.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.72.102 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s32-in-f6.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://xosodaiphat.com/
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 06 Jul 2024 10:39:51 GMT
x-content-type-options
nosniff
attribution-reporting-register-source
{"aggregation_keys":{"628893860":"0xc92383f3dcf3e8120000000000000000","628893861":"0xc5e9c0cca7bda63c0000000000000000","628893862":"0x446a552fb038756c0000000000000000","628893863":"0x921b3d6eca9320f70000000000000000"},"debug_key":"6562937951911239886","debug_reporting":true,"destination":["https://bitdefender.com","https://bitdefender.de","https://bitdefender.fr"],"event_report_windows":{"end_times":[86400,345600]},"expiry":"1382400","filter_data":{"14":["2831060"],"21":[],"23":[],"24":[],"25":[],"26":[],"27":[],"28":[],"29":[],"8":["5165113"]},"max_event_level_reports":2,"priority":"0","source_event_id":"14946149637243118121"}
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/png
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Sat, 06 Jul 2024 10:39:51 GMT
collect
analytics.google.com/g/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://analytics.google.com/g/collect?v=2&tid=G-KPB8BPT4XL&gtm=45je4730v867871146za200zb867852407&_p=1720262386055&gcs=G1--&gcd=13l3l3l3l5&npa=0&dma=0&tcfd=10000&tag_exp=0&cid=1566292685.1720262387&ul=en-us&sr=1600x1200&uaa=x86&uab=64&uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.126%7CGoogle%2520Chrome%3B126.0.6478.126&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&are=1&frm=0&pscdl=noapi&_eu=AEI&_s=4&sid=1720262386&sct=1&seg=0&dl=https%3A%2F%2Fxosodaiphat.com%2F&dt=KQXS%20-%20X%E1%BB%95%20s%E1%BB%91%20ki%E1%BA%BFn%20thi%E1%BA%BFt%20h%C3%B4m%20nay%20-%20Xo%20So&en=ad_impression&ep.query_id=CK7NleWckocDFU4W0AQd2m4DbQ&_et=1832&tfd=6745&_z=fetch
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-KPB8BPT4XL&l=dataLayer&cx=c
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.239.32.181 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://xosodaiphat.com/
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Sat, 06 Jul 2024 10:39:51 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://xosodaiphat.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel.gif
pixel.gliacloud.com/glia_player_media3/ 		43 B
57 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.gliacloud.com/glia_player_media3/pixel.gif?pp=553%2C311.0625%2C231%2C1138&bp=1600%2C1200&wp=1600%2C12260%2C0%2C0&sid=glia-namviet_xosodaiphat_desktop&sk=namviet_xosodaiphat_desktop&si=namviet_xosodaiphat_desktop&sa=namviet_xosodaiphat&pt=YouTube&ab=0&ta=0&pgu=xosodaiphat.com&pv=0.4.58&ul=en-US&cb=580595531&payload=ea%3Dvideo.begin%26vk%3Dgs-VERPqcmO16E-xosodaiphat.com1%257CYouTube%26vt%3Dcollection%26ofst%3D0
Requested by
Host: xosodaiphat.com
URL: https://xosodaiphat.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.227.207.122 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
122.207.227.35.bc.googleusercontent.com
Software
nginx/1.23.1 /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://xosodaiphat.com/
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 06 Jul 2024 10:39:51 GMT
via
1.1 google
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
server
nginx/1.23.1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
content-type
image/gif
view
ad.doubleclick.net/pcs/ Frame AE5C 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ad.doubleclick.net/pcs/view?xai=AKAOjstd17211m1nb7xBKkSsORFb9TBB64hEZXEMEwzdL4NlAoc2KAZ3BYkPD7G-i92zUEIS4yffCOzqG-jl5406W_nEJVOv2EL38lnHz_E0LJ_3fsi6k-kt011fc5QoHAtpZ2JS9BjXhxyrvuxNdhgBB0_3MHvk5ZMfr3B7I2BD9F-9vtyrPqcoHKF5rCsW4Pmbfna_vXBbpsaNBwta4lAMU2d73l5kDwDx2Xkvjd89oUilK321IfrLP9xXKIgYszs28kvok2yycRHAFLe0dXHNMxkoIqdGvUVU3l4PlG9Sp44fEc09vFE6Ak8gyLq9p6YJIcdETSomQhaK-xvsviRsePShtr72GIaWe5bgsrZTBDp_K6F4S2qEvLg6lcm7iP8s1aUlM2J2OmuuaCJoi_WjLqQ02UyOYovtB9qqlvIgfYOH9pGTKcNX4riEo5VHRH-IwdpgDZb7TWb6_LsbjWe_-9RYSf7X7DhyZw75JBxinHbupXCGR9pXAQEDyB90beE6YWgDc4qpFO2gaN1TKV1QjtmebKmhJUBAn0FlRutWiENXplAl_XgsGP3MXCHkaApBMSnXi1LL-6c9oBNHNSX-jugtQH8q1RYOPQPL0mgATCW6Qh9DTGesORdGxjUM1dpxr-QOzRY2m9YbMY1tg4QA4ZRnVbp5AmnL__4gn6jLNx_HcvaoSEJoWdmTrh41eqz0TrrdqL-MY88IVZzNr6PNEImvJ5aJ6uW19OADZiyytx2CxBzVwUrL8aSyL0iA2fc0ey7EYYWLosACRFzzyzYHS5jSeuDGLkIIys0s3KSrcbmiylQWSTKCnxIXxEkTiqU8MR1O_3cHw6Pv705sPzd1Af5Xw7432o_2hVefHTvOGwcHI31UWmzE9DJanFSphwJ4DpjMBDj6NdIeEI1veM4H8fiK5-_k-DQcSBWAvcAzuTF4x3Ad4ysgsBdyRW5p2KsjErm1qiMlzc4bO3p749z_otdmDCc1-L3s2DYj1jO1digTMjtZ3KP7hHkpE_c5xpIT1V2jI8P8nOGjXKDnmsgvjnXqfipTBk3G8O9aFxgVzdGlL6fdKd58HrYGZMun7F-s5wPe82Ey40ShvMSTyxuA3_IV4xeh_0LwWfedyNX7QCDIiHqpig67Q5f2fzSV3aQzpzVVUB1EFod4o9YgQyDyL4Vd5smAKw0w_TDF6B2urZIVlecjRtaPecIl8fI-R-h31m6Xt_THKXcvyUINGwcprliNTj87ihz7ZOFvGf5jNBOd2EYE5gldPexPnNcwXWk_T5rNK15smviO8IthXrmzvHFWb25iXPRJnFrr5abbVtXz6wevGl6LiZtO-iQBq2tblvowz0yVXxkalkfu2cTFePc1E9hVxv8G63jo9aD3ez_2jKc8T67aOF5iISu0TML-QHI281xbxpJgCfHSEcxskIuQww&sai=AMfl-YQK5vn507nbrRzgKsH50lY5gXM7TgkORmAGRYBtDWXOhFz4WvVgRU6ZuY_R6FGJHhtXs-OY5BbyThgeU2YEK2ohJpOqEWMsrI0xJdElQw8bBANiQJbgR5OXEJ1fX7cy5eN8e7gAKq5Q9fcq9tbjHYyQngi_H2Ilc-mRT1UAfZ8p6OftCKI2-bktOKls9JQsJRNlpRU1IZl48lMyIkTe9t8xzVeOR5JO0HnDxBSBOla8P5ZERxr_LKJKiMSoXxXs6Lpms23dQ4Aqd1CNw5WVxflquhEGc4FlOoE-JCKPxFIBfCxKPeMQspsJg6m0MubrB7mKFYQvk3wDITm0cg&sig=Cg0ArKJSzAZ4jX2OWG7oEAE&uach_m=%5BUACH%5D&pr=8:236867B6F220604A&cry=1&crd=aHR0cHM6Ly9jYXJwYXJ0cy5jb20&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=1171&vt=11&dtpt=959&dett=3&cstd=210&cisv=r20240702.65004&uach=WyJXaW4zMiIsIjEwLjAuMCIsIng4NiIsIiIsIjEyNi4wLjY0NzguMTI2IixudWxsLDAsbnVsbCwiNjQiLFtbIk5vdC9BKUJyYW5kIiwiOC4wLjAuMCJdLFsiQ2hyb21pdW0iLCIxMjYuMC42NDc4LjEyNiJdLFsiR29vZ2xlIENocm9tZSIsIjEyNi4wLjY0NzguMTI2Il1dLDBd&arae=1&ftch=1&adurl=
Requested by
Host: xosodaiphat.com
URL: https://xosodaiphat.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.72.102 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s32-in-f6.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://xosodaiphat.com/
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 06 Jul 2024 10:39:51 GMT
x-content-type-options
nosniff
attribution-reporting-register-source
{"aggregation_keys":{"634925776":"0xafc77aae44fafbb20000000000000000","634925777":"0x336c4719f80e0c840000000000000000","634925778":"0x60f200eb4687317b0000000000000000","634925779":"0xfde32e1842c512510000000000000000"},"debug_key":"10051351929033749954","debug_reporting":true,"destination":["https://carparts.com","https://debugconversiondomain1.com","https://debugconversiondomain2.com"],"event_report_windows":{"end_times":[86400,345600]},"expiry":"1296000","filter_data":{"14":["2955688","9212289","9147650"],"21":[],"23":[],"24":[],"25":[],"26":[],"27":[],"28":[],"29":[],"8":["5217533"]},"max_event_level_reports":2,"priority":"0","source_event_id":"10290954033437334566"}
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/png
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Sat, 06 Jul 2024 10:39:51 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame AE5C 		42 B
65 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjst6U3x7_Neb2-i40kkT_zEFRFUtASbK1074BOd1ojLplRyyWPHEeUKCY0NdSsaJZKWCYznVQuiCLG7OpVItZD1D25e2ObazwnAYw1hOO9NUYdUnIiX1vMx3i16Rusol7TGUoOrIUgshPEbCNmssN6NfTEITcG89rVExCj-Q4A&sig=Cg0ArKJSzEclsb5zzqHLEAE&id=lidar2&mcvt=1000&p=120,124,160,165&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20240701&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=19&adk=3238035190&rs=4&la=0&cr=0&uach=WyJXaW4zMiIsIjEwLjAuMCIsIng4NiIsIiIsIjEyNi4wLjY0NzguMTI2IixudWxsLDAsbnVsbCwiNjQiLFtbIk5vdC9BKUJyYW5kIiwiOC4wLjAuMCJdLFsiQ2hyb21pdW0iLCIxMjYuMC42NDc4LjEyNiJdLFsiR29vZ2xlIENocm9tZSIsIjEyNi4wLjY0NzguMTI2Il1dLDBd&vs=4&r=v&co=1619519000&rst=1720262389900&rpt=478&isd=0&lsd=0&met=ie&wmsd=0&pbe=0&fle=0&vae=0&spb=0&sfl=0&ffslot=0&reach=8&io2=0
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.80.66 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s35-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://xosodaiphat.com/
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Sat, 06 Jul 2024 10:39:51 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 0BC8 		42 B
65 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsukjw9du9EII7zRVZ9H_SiCVYIhcR-cQFR38cASkMCYXb_NFbrYsmrdmUWzSmOUvWSoCQEJB_oKDvtMONZhZa0-YKEAcRQBY8TrX3t4fqShFw7ME4lTU9AlFDmRtJnczNvjld5tA4f9II5KYejmW467&sig=Cg0ArKJSzMK_B81BoVEPEAE&id=lidar2&mcvt=1002&p=0,0,90,728&mtos=1002,1002,1002,1002,1002&tos=1002,0,0,0,0&v=20240701&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=34&adk=0&rs=6&la=0&cr=0&uach=WyJXaW4zMiIsIjEwLjAuMCIsIng4NiIsIiIsIjEyNi4wLjY0NzguMTI2IixudWxsLDAsbnVsbCwiNjQiLFtbIk5vdC9BKUJyYW5kIiwiOC4wLjAuMCJdLFsiQ2hyb21pdW0iLCIxMjYuMC42NDc4LjEyNiJdLFsiR29vZ2xlIENocm9tZSIsIjEyNi4wLjY0NzguMTI2Il1dLDBd&vs=4&r=v&co=1619519000&rst=1720262389082&rpt=1535&met=mue&wmsd=0&pbe=0&fle=0&vae=0&spb=0&sfl=0&ffslot=0&reach=8&io2=0
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.80.66 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s35-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://xosodaiphat.com/
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Sat, 06 Jul 2024 10:39:51 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame AE5C 		42 B
65 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvPagUc4-YSnKnSThcwtwSY3TpM1nWNeQxa9aGBHR8wVoSFp7cs6MbJfR73UBltJabnimkDqUPkopGx0TxEN063ojYhm88hlcK48KIp3iFx6sBAgWBUCNDerJqEAXBv2Hv7kNhMp4sSMOzhohQEI_Fr&sig=Cg0ArKJSzD4HwtGsd7-6EAE&id=lidar2&mcvt=1000&p=0,0,600,160&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20240701&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=34&adk=0&rs=6&la=0&cr=0&uach=WyJXaW4zMiIsIjEwLjAuMCIsIng4NiIsIiIsIjEyNi4wLjY0NzguMTI2IixudWxsLDAsbnVsbCwiNjQiLFtbIk5vdC9BKUJyYW5kIiwiOC4wLjAuMCJdLFsiQ2hyb21pdW0iLCIxMjYuMC42NDc4LjEyNiJdLFsiR29vZ2xlIENocm9tZSIsIjEyNi4wLjY0NzguMTI2Il1dLDBd&vs=4&r=v&co=1619519000&rst=1720262389900&rpt=800&met=mue&wmsd=0&pbe=0&fle=0&vae=0&spb=0&sfl=0&ffslot=0&reach=8&io2=0
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.80.66 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s35-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://xosodaiphat.com/
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Sat, 06 Jul 2024 10:39:51 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
c
c.pub.network/v2/ 		36 B
53 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://c.pub.network/v2/c
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/analytics/1.4.2/analytics.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.160.152.31 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
31.152.160.34.bc.googleusercontent.com
Software
/
Resource Hash
148f10a2d7b7465114dc40e598e85f0a3fa5e03bded69412a509d8e2b6b63f5b

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform
"Win32"
Referer
https://xosodaiphat.com/
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
application/json

Response headers

date
Sat, 06 Jul 2024 10:39:51 GMT
via
1.1 google
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
content-type
text/plain;charset=UTF-8
access-control-allow-origin
https://xosodaiphat.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
36
pixel.gif
pixel.gliacloud.com/glia_player_media3/ 		43 B
57 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.gliacloud.com/glia_player_media3/pixel.gif?pp=553%2C311.0625%2C231%2C1138&bp=1600%2C1200&wp=1600%2C12260%2C0%2C0&sid=glia-namviet_xosodaiphat_desktop&sk=namviet_xosodaiphat_desktop&si=namviet_xosodaiphat_desktop&sa=namviet_xosodaiphat&pt=YouTube&ab=0&ta=0&pgu=xosodaiphat.com&pv=0.4.58&ul=en-US&cb=665927548&payload=ea%3Dad.request%26aui%3D321863%26aup%3Dglia_adx_outview_3%26auo%3D0%26aut%3Dgoogle%26ofst%3D-4%7C%7Cea%3Dad.request%26aui%3D321863%26aup%3Dglia_adx_outview_3%26auo%3D1%26aut%3Dgoogle%26ofst%3D-2%7C%7Cea%3Dad.request%26aui%3D321863%26aup%3Dglia_adx_outview_3%26auo%3D2%26aut%3Dgoogle%26ofst%3D-1%7C%7Cea%3Dad.request%26aui%3D321863%26aup%3Dglia_adx_outview_3%26auo%3D3%26aut%3Dgoogle%26ofst%3D-1%7C%7Cea%3Dad.request%26aui%3D321863%26aup%3Dglia_adx_outview_3%26auo%3D4%26aut%3Dgoogle%26ofst%3D0%7C%7Cea%3Dad.request%26aui%3D321863%26aup%3Dglia_adx_outview_3%26auo%3D5%26aut%3Dgoogle%26ofst%3D0
Requested by
Host: xosodaiphat.com
URL: https://xosodaiphat.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.227.207.122 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
122.207.227.35.bc.googleusercontent.com
Software
nginx/1.23.1 /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://xosodaiphat.com/
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 06 Jul 2024 10:39:52 GMT
via
1.1 google
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
server
nginx/1.23.1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
content-type
image/gif
gen_204
pagead2.googlesyndication.com/pagead/ Frame 0BC8 		0
22 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=9049393941142&version=m202406030101&ct=76&x=13&cor=8664946375698046000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.80.66 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s35-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://xosodaiphat.com/
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Sat, 06 Jul 2024 10:39:52 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame AE5C 		0
22 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=5389814665055&version=m202406030101&ct=76&x=8&cor=3952625930970695000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.80.66 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s35-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://xosodaiphat.com/
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Sat, 06 Jul 2024 10:39:52 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
analytics.google.com/g/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://analytics.google.com/g/collect?v=2&tid=G-KPB8BPT4XL&gtm=45je4730v867871146za200zb867852407&_p=1720262386055&gcs=G1--&gcd=13l3l3l3l5&npa=0&dma=0&tcfd=10000&tag_exp=0&cid=1566292685.1720262387&ul=en-us&sr=1600x1200&uaa=x86&uab=64&uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.126%7CGoogle%2520Chrome%3B126.0.6478.126&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&are=1&frm=0&pscdl=noapi&_eu=AEA&_s=5&sid=1720262386&sct=1&seg=0&dl=https%3A%2F%2Fxosodaiphat.com%2F&dt=KQXS%20-%20X%E1%BB%95%20s%E1%BB%91%20ki%E1%BA%BFn%20thi%E1%BA%BFt%20h%C3%B4m%20nay%20-%20Xo%20So&en=video_start&epn.video_current_time=0&epn.video_duration=60&epn.video_percent=0&ep.video_provider=youtube&ep.video_title=Treo%20th%C6%B0%E1%BB%9Fng%20500%20tri%E1%BB%87u%20cho%20ng%C6%B0%E1%BB%9Di%20cung%20c%E1%BA%A5p%20th%C3%B4ng%20tin%20k%E1%BA%BB%20khi%E1%BA%BFn%202%20ng%C6%B0%E1%BB%9Di%20%E2%80%9C%C4%91%C4%83ng%20xu%E1%BA%A5t%E2%80%9D%7C%20H%C3%B3ng%20Chuy%E1%BB%87n%20%C4%90%C3%B3%20%C4%90%C3%A2y&ep.video_url=https%3A%2F%2Fwww.youtube.com%2Fwatch%3Fv%3DVERPqcmO16E&ep.visible=false&_et=1377&tfd=11746&_z=fetch
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-KPB8BPT4XL&l=dataLayer&cx=c
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.239.32.181 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://xosodaiphat.com/
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Sat, 06 Jul 2024 10:39:56 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://xosodaiphat.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel.gif
pixel.gliacloud.com/glia_player_media3/ 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
sync.search.spotxchange.com
URL
https://sync.search.spotxchange.com/partner?source=283156&sync_limit=7
Domain
api.rlcdn.com
URL
https://api.rlcdn.com/api/identity/envelope?pid=106
Domain
tlx.3lift.com
URL
https://tlx.3lift.com/header/auction?lib=prebid&v=8.49.3&referrer=https%3A%2F%2Fxosodaiphat.com%2F&tmax=986
Domain
cdn.jsdelivr.net
URL
https://cdn.jsdelivr.net/gh/unib0ts/unibots@latest/main/script/adScriptBlocking.min.js
Domain
tlx.3lift.com
URL
https://tlx.3lift.com/header/auction?lib=prebid&v=8.49.3&referrer=https%3A%2F%2Fxosodaiphat.com%2F&tmax=986
Domain
pixel.gliacloud.com
URL
https://pixel.gliacloud.com/glia_player_media3/pixel.gif?pp=553%2C311.0625%2C231%2C1138&bp=1600%2C1200&wp=1600%2C12260%2C0%2C0&sid=glia-namviet_xosodaiphat_desktop&sk=namviet_xosodaiphat_desktop&si=namviet_xosodaiphat_desktop&sa=namviet_xosodaiphat&pt=YouTube&ab=0&ta=0&pgu=xosodaiphat.com&pv=0.4.58&ul=en-US&cb=42195685&payload=ea%3Dwaterfall.adGroupStartCount%26ev%3D0%26ofst%3D-4%7C%7Cea%3Dwaterfall.fallEnd%26ofst%3D-4

Verdicts & Comments Add Verdict or Comment

450 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 object| 14 object| 15 object| 16 object| 17 object| 18 object| 19 object| 20 object| 21 object| 22 object| 23 object| 24 object| 25 object| 26 object| 27 object| 28 object| 29 object| 30 object| 31 undefined| event object| fence object| sharedStorage object| dataLayer function| mobileAndTabletcheck object| freestar object| ___gcfg object| adsbygoogle function| $ function| jQuery function| lazyload function| LazyLoad object| _pubfigInstanceManagerConfig object| google_js_reporting_queue number| google_srt object| google_persistent_state_async object| google_logging_queue number| tmod object| google_ad_modifications object| ggeac boolean| google_measure_js_timing object| google_tag_data object| google_reactive_ads_global_state object| google_sa_queue function| google_process_slots function| google_spfd number| google_unique_id object| google_sv_map number| google_rum_task_id_counter string| google_user_agent_client_hint object| firebase object| google_tag_manager string| GoogleAnalyticsObject function| ga undefined| reg undefined| sub object| xsdpconfig object| xsdp boolean| isSubscribed boolean| isBlock boolean| autoRegist number| maxFailCount string| domainName boolean| isInit boolean| isGetNotifyDinamic string| iconDefault string| fbScop string| notifyVersion function| firtInitialiseUI function| subscribeNotify function| subscribeFull function| unsubscribeNotify string| liveServerIp boolean| isResultLive boolean| isUsingWk boolean| isfmr number| maxretry number| retry number| retryonerror string| liveUrl number| curentCheckHour function| getSearchParams function| onWSMessageArrived function| resetVar function| finisDisconnect function| finisSocket function| retrySocket function| connect function| safe_tags_regex function| newGuid function| isGuid function| myconn function| LiveMB function| LiveMBBegin function| LiveMBError function| LiveMBSuccess function| startRandomValue function| generateNumber function| LiveMT function| LiveMTBegin function| LiveMTError function| LiveMTSuccess function| LiveMN function| LiveMNBegin function| LiveMNError function| LiveMNSuccess function| getTemplateTN function| updateTNResult function| updateMBResult function| getTemplateMB function| getRandomTextMB function| getRandomTextTN function| getRandomTextProvince function| getRandomString function| getLotteryLink function| getLotteryByDateLink function| getLotteryByDayOfWeekLink function| getLinkLotoByDayOfWeekLink function| locdau function| LiveProvince function| LiveProvinceBegin function| LiveProvinceError function| LiveProvinceSuccess function| getProvinceHTML function| updateProvinceResult function| dcn function| myJSONParse function| getFullPrize function| getPrizeLabel function| isNoteJs function| getTime15s function| orderTN function| GetFullJsonObject function| MQTTLiveXS function| MQTTLiveMB function| MQTTLiveMT function| MQTTLiveMN function| MQTTLiveProvince function| updateCountNMS number| checkCountNMS undefined| animationTimer undefined| l_root undefined| start_time undefined| request_time boolean| isFinisDisconnect boolean| isfinisSocket number| countNDT number| countNMS number| maxNMS number| maxNMSFirst number| maxNDT object| root number| statusLive boolean| log string| headingTag object| currentdate number| hours number| minute number| currentPrize number| currentRangeIndex boolean| isLive boolean| resultUpdating boolean| startDB boolean| newResult boolean| resultupdating boolean| finishDb boolean| finishSpecialCode number| currentCountDB object| TNcurrentPrize object| TNcurrentPrizeIndex object| RandomNumber number| sucLiveUrlIndex number| warringTime object| lottery_json boolean| is_first_nodejs number| group object| svdate number| lotteryId object| client boolean| connected boolean| connecting number| timerconnect object| subscribeMessageId object| mFeeds_realtime object| lasttime_receive boolean| e_live_err_flag string| rootPath string| appKey undefined| interval undefined| intervalVariable number| timeInter boolean| isRunning object| dateNow number| lastLiveHour function| showLiveNote object| gapi object| ___jsl object| ___gu object| googletag object| fsprebid function| onYouTubeIframeAPIReady object| gaGlobal object| _F_toggles object| osapi object| gadgets object| iframer object| __gapi_jstiming__ object| shindig function| ToolbarApi object| iframes function| IframeBase function| Iframe function| IframeProxy function| IframeWindow object| gaplugins object| gaData function| load_script object| confiant function| google_sa_impl number| google_global_correlator object| google_prev_clients object| ampInaboxIframes object| ampInaboxPendingMessages object| gliaDataLayer object| fsprebidChunk object| _pbjsGlobals object| mnet object| __bt object| __bt_intrnl function| postscribe object| google_tag_manager_external object| __bt_tag_d object| apstag function| _hadron object| edktInitializor object| _qevents object| google_tag_topics_state object| hadron boolean| __halo_loaded__ object| google_llp object| googlefc boolean| adsbygoogle_ama_fc_has_run boolean| __VUE__ object| _aps boolean| apstagLOADED object| apscustom object| Criteo object| au object| lotame_sync_16576 boolean| creativeVendorLibraryLoaded function| quantserve function| __qc object| ezt object| _qoptions function| AFMA_AddEventListener function| AFMA_RemoveEventListener function| AFMA_AddObserver function| AFMA_RemoveObserver function| AFMA_ReceiveMessage function| AFMA_SendMessage object| AFMA_Communicator object| default_ContributorServingResponseClientJs object| __googlefc string| __fcInvoked string| __fcexpdef string| ZGI2MWRkYjNmODk4OGJkZWxvYWRlcl9qcw== string| ZGI2MWRkYjNmODk4OGJkZWNhY2hlZF9qcw== object| __fcInternalApiManager boolean| __fcInternalApiPostMessageReady object| __tcfapiEventListeners function| __tcfapi object| __tcfapiManager boolean| __tcfapiPostMessageReady function| __uspapi object| __uspapiManager boolean| __uspapiPostMessageReady object| __gppEventListeners function| __gpp object| __gppManager boolean| __gppPostMessageReady object| _google_rum_ns_ function| Goog_AdSense_Lidar_sendVastEvent function| Goog_AdSense_Lidar_getViewability function| Goog_AdSense_Lidar_getUrlSignalsArray function| Goog_AdSense_Lidar_getUrlSignalsList object| google object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$companion_ad_selection_settings object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$ads_rendering_settings object| ima object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$ad_error object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$ad_error_event object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$ad_event object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$ads_manager_loaded_event object| auvars function| _33AcrossIdMappingsProvider object| __id5_finalization_registry object| ID5 object| closure_lm_517834 function| lotameIsCompatible function| sync16576_aa function| sync16576_c undefined| sync16576_d undefined| sync16576_ba undefined| sync16576_ca function| sync16576_da object| sync16576_f function| sync16576_ea function| sync16576_h function| sync16576_ga object| sync16576_ object| sync16576_ma object| sync16576_na object| sync16576_o object| sync16576_x object| sync16576_xa function| sync16576_a function| sync16576_b function| sync16576_e function| sync16576_g function| sync16576_i function| sync16576_fa function| sync16576_ha function| sync16576_j function| sync16576_ia function| sync16576_k function| sync16576_l function| sync16576_m function| sync16576_ka function| sync16576_ja function| sync16576_n function| sync16576_la function| sync16576_p function| sync16576_r function| sync16576_s function| sync16576_t function| sync16576_oa function| sync16576_pa function| sync16576_u function| sync16576_qa function| sync16576_v function| sync16576_w function| sync16576_q function| sync16576_y function| sync16576_ra function| sync16576_A function| sync16576_sa function| sync16576_z function| sync16576_B function| sync16576_C function| sync16576_ta function| sync16576_D function| sync16576_E function| sync16576_F function| sync16576_H function| sync16576_J function| sync16576_I function| sync16576_K function| sync16576_L function| sync16576_G function| sync16576_ua function| sync16576_va function| sync16576_wa function| sync16576_M function| sync16576_N function| sync16576_ya function| sync16576_O function| sync16576_za function| sync16576_Aa function| sync16576_Ba function| sync16576_P function| sync16576_Ca function| sync16576_Da function| sync16576_Ea function| sync16576_Fa function| sync16576_Q function| sync16576_Ga function| sync16576_R function| sync16576_S function| sync16576_T function| sync16576_U function| sync16576_Ha function| sync16576_V function| sync16576_W function| sync16576_X function| sync16576_Y function| sync16576_Z function| sync16576__ function| sync16576_La function| sync16576_Ia function| sync16576_0 function| sync16576_Ka function| sync16576_Ja function| sync16576_1 function| sync16576_2 function| sync16576_Ma function| sync16576_3 function| sync16576_4 function| sync16576_Oa function| sync16576_Na function| sync16576_Qa function| sync16576_Sa function| sync16576_Pa function| sync16576_6 function| sync16576_Ra function| sync16576_Va function| sync16576_Ua function| sync16576_Ta function| sync16576_7 function| sync16576_5 function| sync16576_8 function| sync16576_Wa function| sync16576_Xa function| sync16576_Ya function| sync16576_Za function| sync16576_9 function| sync16576__a function| sync16576_$ function| sync16576_0a function| sync16576_1a function| sync16576_2a object| PublisherCommonId function| docReady object| autag object| audDataLayer function| audGtag object| scriptUrl object| ttPolicy object| YT object| YTConfig function| onYTReady object| closure_lm_112560 boolean| 135e2753-5354-40ac-89ed-a168564a2ab3 number| __google_lidar_ function| __google_lidar_radf_ object| criteo_pubtag object| criteo_pubtag_prebid_144 object| Criteo_prebid_144 object| googDdmPs

322 Cookies

Domain/Path Name / Value
ad-cdn.technoratimedia.com/html Name: tads_tbla_bidi
Value: 1720262390692
.3lift.com/sync Name: sync
Value: CgoIgAIQp-iDvYgyCgoIoQEQg96DvYgyCgoIgQIQp-iDvYgyCgoI4gEQg96DvYgyCgoI5gEQg96DvYgyCgoIhwIQg96DvYgyCgoI5wEQp-iDvYgyCgkISRCn6IO9iDIKCQgLEKfog72IMgoKCIwCEIPeg72IMgoKCKwCEIPeg72IMgoKCK0CEIPeg72IMgoKCM4BEKfog72IMgoKCLQCEKfog72IMgoKCJQCEKfog72IMgoJCDoQg96DvYgyCgkIGxCD3oO9iDIKCgidAhCn6IO9iDIKCgjeARCn6IO9iDIKCQhfEIPeg72IMg==
.smartadserver.com/api Name: pid
Value: 6292661009517149962
.pub.network/ Name: _fsuid
Value: a07a17ef-a98b-4fc7-8de1-5ca9415a19ef
.xosodaiphat.com/ Name: _gcl_au
Value: 1.1.936641776.1720262386
.xosodaiphat.com/ Name: _ga
Value: GA1.2.1566292685.1720262387
.xosodaiphat.com/ Name: _gid
Value: GA1.2.1507656415.1720262387
.xosodaiphat.com/ Name: _gat_UA-72080428-1
Value: 1
.xosodaiphat.com/ Name: cookie
Value: b64e2aa8-6f4c-4ecf-a4fb-5b1ee28bf261
.xosodaiphat.com/ Name: cookie_cst
Value: zix7LPQsHA%3D%3D
xosodaiphat.com/ Name: _lr_retry_request
Value: true
xosodaiphat.com/ Name: _lr_env_src_ats
Value: false
.33across.com/ Name: check
Value: true
.adsrvr.org/ Name: TDID
Value: 549d8d79-5a7e-4d7f-ac03-6b693aeb00e7
.yahoo.com/ Name: A3
Value: d=AQABBPMeiWYCEN0JI1m-Lhba8nY5-KHsdiMFEgEBAQFwimaTZtxH0iMA_eMAAA&S=AQAAAsEdWfRZhhOT0qaeW2Ae284
.xosodaiphat.com/ Name: connectId
Value: %7B%22puid%22%3A%22ed4c9563e0c39923669aad1a9b66c6b7a0a657193f9e4edc206053cb616f61a6%22%2C%22vmuid%22%3A%22b97TfvQPpftrFLl3qQn_ewhqNMJqoW7lfkj1qljKJ56FhghZ1nOFZdGwz998ZYNNmNyUgiuxz3p53yeDjvmQag%22%2C%22connectid%22%3A%22b97TfvQPpftrFLl3qQn_ewhqNMJqoW7lfkj1qljKJ56FhghZ1nOFZdGwz998ZYNNmNyUgiuxz3p53yeDjvmQag%22%2C%22connectId%22%3A%22b97TfvQPpftrFLl3qQn_ewhqNMJqoW7lfkj1qljKJ56FhghZ1nOFZdGwz998ZYNNmNyUgiuxz3p53yeDjvmQag%22%2C%22ttl%22%3A86400000%2C%22lastSynced%22%3A1720262387582%2C%22lastUsed%22%3A1720262387582%7D
xosodaiphat.com/ Name: jiyakeji_uuid
Value: 10da2b70-3b84-11ef-b071-1de4a58c8c46
.agkn.com/ Name: ab
Value: 0001%3AxadWaQ49BuAbTmFBwc3%2BHuXaAFwEiNx8
.googleadservices.com/ Name: ar_debug
Value: 1
.doubleclick.net/ Name: DSID
Value: NO_DATA
.doubleclick.net/ Name: IDE
Value: AHWqTUkDHeKPP8hkdmj4YEQGu3LaP6u5zDhiqXIRqoZvMcfTrnfZKXqsFjEbSJNjrwk
xosodaiphat.com/ Name: pbjs_fabrickId
Value: %7B%22fabrickId%22%3A%22E1%3AGxVAbEYA69oguEk3eexRalxFhAYbkK4Xms7hMOnPeTYeo0d-89sGRWKgRT4sFLzK0UBVUioTlxPF0wr0QcDnHubZpWt75Nra8f3ef1cjh0XsTVMo83Ht4e2XqjA1ddH6%22%7D
xosodaiphat.com/ Name: pbjs_fabrickId_cst
Value: zix7LPQsHA%3D%3D
.xosodaiphat.com/ Name: __gads
Value: ID=a0d1f9afb637c78c:T=1720262387:RT=1720262387:S=ALNI_Mb7ELf6VTGsufCoyfbWAZoaLwrhaQ
.xosodaiphat.com/ Name: __gpi
Value: UID=00000a3a2509c96c:T=1720262387:RT=1720262387:S=ALNI_MYSpSWvjHa6qPThcZqFuZpq6uLRFg
.xosodaiphat.com/ Name: __eoi
Value: ID=7a9265fec0dbdca1:T=1720262387:RT=1720262387:S=AA-AfjY5Oul47E2dvDjxXOF6m_t0
.casalemedia.com/ Name: receive-cookie-deprecation
Value: 1
.xosodaiphat.com/ Name: _au_1d
Value: AU1D-0100-001720262388-O0OKIR77-9QXB
.3lift.com/ Name: receive-cookie-deprecation
Value: 1
prebid.media.net/ Name: receive-cookie-deprecation
Value: 1
.openx.net/ Name: receive-cookie-deprecation
Value: 1
.adnxs.com/ Name: receive-cookie-deprecation
Value: 1
.tapad.com/ Name: TapAd_TS
Value: 1720262388376
.tapad.com/ Name: TapAd_DID
Value: 6729625d-944e-48b5-abcf-743892922161
.amazon-adsystem.com/ Name: ad-id
Value: A7P608XXBEtlgopP1x9Xf3Q
.amazon-adsystem.com/ Name: ad-privacy
Value: 0
.rubiconproject.com/ Name: khaos
Value: LY9ZT60W-22-AQZ6
.rubiconproject.com/ Name: khaos_p
Value: LY9ZT60W-22-AQZ6
.go.sonobi.com/ Name: __uis
Value: 26a6f122-236e-4b85-b6e7-0ceff7cf1267
.adnxs.com/ Name: XANDR_PANID
Value: SX4SwZSZLf1_v2YqWJfNTMnRVyqZ7XOvQJjlnJITQSFeURdrAd-jRT7nohtxgjDJIbz5Hc9JrNELtrKgpbTe6czm4w_q5cXjznC05DXBsR0.
.adnxs.com/ Name: uuid2
Value: 7260173943964548424
.pubmatic.com/ Name: KADUSERCOOKIE
Value: 336C3BC6-EE00-451E-8420-E332AE921915
.youtube.com/ Name: YSC
Value: T8iCYmFGl8k
.youtube.com/ Name: VISITOR_INFO1_LIVE
Value: uZr58GXOIRs
.youtube.com/ Name: VISITOR_PRIVACY_METADATA
Value: CgJVUxIEGgAgSg%3D%3D
.tapad.com/ Name: TapAd_3WAY_SYNCS
Value: 1!4522
.quantserve.com/ Name: mc
Value: 66891ef4-a841e-07410-a0a1a
.xosodaiphat.com/ Name: __qca
Value: P0-1330989187-1720262387853
.go.sonobi.com/ Name: __uqc
Value: 1
.go.sonobi.com/ Name: __uin_iq
Value: 1
.go.sonobi.com/ Name: __uir_iq
Value: 47727588
.go.sonobi.com/ Name: __uin_z1
Value: 1
.go.sonobi.com/ Name: __uir_z1
Value: 47727588
.go.sonobi.com/ Name: __uin_tp
Value: 1
.go.sonobi.com/ Name: __uir_tp
Value: 47727588
.go.sonobi.com/ Name: __uin_a9
Value: 1
.go.sonobi.com/ Name: __uir_a9
Value: 47727588
.go.sonobi.com/ Name: __uin_ex
Value: 1
.go.sonobi.com/ Name: __uir_ex
Value: 47727588
.go.sonobi.com/ Name: __uin_cx
Value: 1
.go.sonobi.com/ Name: __uir_cx
Value: 47727588
.go.sonobi.com/ Name: __uin_i5
Value: 1
.go.sonobi.com/ Name: __uir_i5
Value: 47727588
.adnxs.com/ Name: icu
Value: ChgIodc0EAoYAiACKAIw9L2ktAY4AkACSAIQ9L2ktAYYAQ..
.bidswitch.net/ Name: tuuid
Value: 956b86b1-dc66-4676-879c-ab3a0e826999
.bidswitch.net/ Name: c
Value: 1720262388
.bidswitch.net/ Name: tuuid_lu
Value: 1720262388
.casalemedia.com/ Name: CMID
Value: Zoke9MAoJK0AAA2PABrb3wAA
.casalemedia.com/ Name: CMPS
Value: 1649
.casalemedia.com/ Name: CMPRO
Value: 1649
.crwdcntrl.net/ Name: _cc_dc
Value: 0
.crwdcntrl.net/ Name: _cc_id
Value: 15e4194b7edcd1cdc4202add8264263c
.xosodaiphat.com/ Name: _cc_id
Value: 15e4194b7edcd1cdc4202add8264263c
.xosodaiphat.com/ Name: panoramaId_expiry
Value: 1720348788852
.openx.net/ Name: i
Value: 9b0de7e0-b1d2-0f0f-307c-b194c2e0cae8|1720262388
.gumgum.com/ Name: vst
Value: u_8344eca7-f5fa-4a6d-bcd1-cf96cf90b9cf
.zemanta.com/ Name: zuid
Value: zYIuKWZzJslqeXj2MPje
.smaato.net/ Name: SCM
Value: 003fe01ad1
.smaato.net/ Name: SCMaps
Value: 003fe01ad1
.simpli.fi/ Name: suid
Value: 81BE3B6326E2436F8E2FF93CB3BB285D
.s3xified.com/ Name: admRtbUidCkey34334Ssp245
Value: f9b1f926ff92fdf0478a3401a2f754b8
.bidr.io/ Name: bito
Value: AAHiK07NEj4AABOfyNqkLQ
.bidr.io/ Name: bitoIsSecure
Value: ok
.go.sonobi.com/ Name: __uir_td
Value: 204988429624689636
.go.sonobi.com/ Name: __uin_td
Value: 549d8d79-5a7e-4d7f-ac03-6b693aeb00e7
.go.sonobi.com/ Name: HAPLB8G
Value: s8691|Zoke+
.openx.net/ Name: pd
Value: v2|1720262389|vMbwgag2gKhEvPkWgyiK
.postrelease.com/ Name: visitor
Value: cdbaba60-0a2b-4b49-9679-2e1dd04db04a
.postrelease.com/ Name: status
Value: 0
.yieldmo.com/ Name: yieldmo_id
Value: VahYFccQmYcpA4Lk6Xyu%7C1720224000000%7C0
.ads.yieldmo.com/ Name: re_sync
Value: pp%3D1195466%7Crc%3D1195466%7Ct%3D1195466%7Cdv360%3D1195466%7Can%3D1195466
.sitescout.com/ Name: ssi
Value: fa8b02fa-7277-45df-9d4a-df264dbf7868#1720262389213
.3lift.com/ Name: tluidp
Value: 4196164055724674145845
.3lift.com/ Name: tluid
Value: 4196164055724674145845
.mathtag.com/ Name: uuid
Value: dfca6689-1ef5-4f00-939a-a8630f8c2907
.contextweb.com/ Name: V
Value: crGfuwTtF0PH
.contextweb.com/ Name: VP
Value: part_crGfuwTtF0PH
bh.contextweb.com/ Name: INGRESSCOOKIE
Value: b7242eff67fe8215
.demdex.net/ Name: demdex
Value: 42429579911254019311505856935703401331
.intentiq.com/ Name: IQver
Value: 1.9
.rfihub.com/ Name: rud
Value: H4sIAAAAAAAA_-MSsjSzNDc1NDcwMDc0NLIwMzQyFuIz1M3OsDQI8jbRdUrxzgYAkD8R6CQAAAA
.rfihub.com/ Name: ruds
Value: H4sIAAAAAAAA_-MSsjSzNDc1NDcwMDc0NLIwMzQyFuIz1M3OsDQI8jbRdUrxzgYAkD8R6CQAAAA
sync.srv.stackadapt.com/ Name: sa-user-id
Value: s%3A0-cc79046f-3e7f-5a94-622b-2faddbc66334.AXgSjAM4GBrLfi12LubQJlGyAcSEE6L2iV8O5O%2B8H5M
.srv.stackadapt.com/ Name: sa-user-id
Value: s%3A0-cc79046f-3e7f-5a94-622b-2faddbc66334.AXgSjAM4GBrLfi12LubQJlGyAcSEE6L2iV8O5O%2B8H5M
sync.srv.stackadapt.com/ Name: sa-user-id-v2
Value: s%3AzHkEbz5_WpRiKy-t28ZjNCaEdko.BWk5qocmiTLT9grcNyBnt%2BQ5fIN3G%2Frc89I0oYh03Yo
.srv.stackadapt.com/ Name: sa-user-id-v2
Value: s%3AzHkEbz5_WpRiKy-t28ZjNCaEdko.BWk5qocmiTLT9grcNyBnt%2BQ5fIN3G%2Frc89I0oYh03Yo
.media.net/ Name: visitor-id
Value: 3632639891524253000V10
.csync.loopme.me/ Name: viewer_token
Value: 2e3921e2-99db-4856-886d-579406b7aa11
.creativecdn.com/ Name: ts
Value: 1720262389
.creativecdn.com/ Name: g
Value: N086mPkDyPufJBJeiCdf_1720262389271
sync.srv.stackadapt.com/ Name: sa-user-id-v3
Value: s%3AAQAKIBLFZSEcuVvcYKPRA2LvKzVHZqLmtKLx9YrejUtnrt_9EGcYBCD1vaS0BjABOgTwTC9rQgTA0iNq.ONBOo7ztforD7lwLoM2MY25D%2BLgTID7tPO%2FQ9ddG5fc
.srv.stackadapt.com/ Name: sa-user-id-v3
Value: s%3AAQAKIBLFZSEcuVvcYKPRA2LvKzVHZqLmtKLx9YrejUtnrt_9EGcYBCD1vaS0BjABOgTwTC9rQgTA0iNq.ONBOo7ztforD7lwLoM2MY25D%2BLgTID7tPO%2FQ9ddG5fc
.technoratimedia.com/ Name: tads_ipv6
Value: 2001:550:1d05:1::7
.sync.inmobi.com/ Name: TEST-COOKIE
Value: YES
.dpm.demdex.net/ Name: dpm
Value: 42429579911254019311505856935703401331
.go.sonobi.com/ Name: __uir_if
Value: 204988429624689636
.go.sonobi.com/ Name: __uin_if
Value: dfca6689-1ef5-4f00-939a-a8630f8c2907
.go.sonobi.com/ Name: __uir_zt
Value: 204988429624689636
.go.sonobi.com/ Name: __uin_zt
Value: 969751700711286123
.ipredictive.com/ Name: cu
Value: 16e95078-41cb-4158-b067-bf814d7e8b71|1720262389514
.deepintent.com/ Name: CDIUSER
Value: di_dbdd5be833634f70bf1d6
.turn.com/ Name: uid
Value: 7939588091985856387
.go.sonobi.com/ Name: __uir_fw
Value: 204988433919656933
.go.sonobi.com/ Name: __uin_fw
Value: f4bf60ee6dbbe4676a5242f64316d150
.adform.net/ Name: C
Value: 1
.ads.yieldmo.com/ Name: ptrpp
Value: crGfuwTtF0PH
.ads.yieldmo.com/ Name: ptrt
Value: 549d8d79-5a7e-4d7f-ac03-6b693aeb00e7
.go.sonobi.com/ Name: __uir_st
Value: 204988433919656933
.go.sonobi.com/ Name: __uin_st
Value: zHkEbz5_WpRiKy-t28ZjNCaEdko
.sync.inmobi.com/ Name: iid
Value: ID5-1-adc96800-9172-43fe-ad27-d1694d5296a9
.w55c.net/ Name: wfivefivec
Value: qtk8uG5r1Sq2Pz5
.go.sonobi.com/ Name: __uir_rh
Value: 204988433919656933
.go.sonobi.com/ Name: __uin_rh
Value: G1nUHncErrlbz3FjLJmIFDXWWydgG0kE_PJg5XmZpt4
.media.net/ Name: data-ttd
Value: 549d8d79-5a7e-4d7f-ac03-6b693aeb00e7~~1
.media.net/ Name: data-ze
Value: zYIuKWZzJslqeXj2MPje~~1
.media.net/ Name: data-r1
Value: OPTOUT~~8
.media.net/ Name: data-rk
Value: 969751700711286123~~8
.media.net/ Name: data-p
Value: crGfuwTtF0PH~~8
.connatix.com/ Name: cnx_userId
Value: b3ce461c682b4dada5a20de109d09580
.media.net/ Name: data-so
Value: 26a6f122-236e-4b85-b6e7-0ceff7cf1267~~8
.rubiconproject.com/ Name: receive-cookie-deprecation
Value: 1
.media.net/ Name: data-o
Value: 808db126-b355-0a18-09e5-071214286bc9~~8
.socdm.com/ Name: SOC
Value: Zoke9cCo8XwAAFEt4aoAAAAA
.pubmatic.com/ Name: KRTBCOOKIE_80
Value: 22987-CAESEAZdhiK1IcX5ptByTqux-bs&KRTB&23025-CAESEAZdhiK1IcX5ptByTqux-bs&KRTB&23386-CAESEAZdhiK1IcX5ptByTqux-bs
.mfadsrvr.com/ Name: tuuid
Value: 592139a8-ae38-452d-92e7-870414350dbb
.mfadsrvr.com/ Name: c
Value: 1720262389
.w55c.net/ Name: matchmedianet
Value: 5
.pubmatic.com/ Name: KRTBCOOKIE_148
Value: 19421-uid:81BE3B6326E2436F8E2FF93CB3BB285D&KRTB&23486-uid:81BE3B6326E2436F8E2FF93CB3BB285D&KRTB&23489-uid:81BE3B6326E2436F8E2FF93CB3BB285D&KRTB&23539-uid:81BE3B6326E2436F8E2FF93CB3BB285D
.smaato.net/ Name: SCMinmobi
Value: 003fe01ad1
.bing.com/ Name: MUID
Value: 3289B8A4137C69953C69AC10126068ED
.c.bing.com/ Name: MR
Value: 0
.pubmatic.com/ Name: KRTBCOOKIE_377
Value: 22918-549d8d79-5a7e-4d7f-ac03-6b693aeb00e7&KRTB&22926-549d8d79-5a7e-4d7f-ac03-6b693aeb00e7&KRTB&23031-549d8d79-5a7e-4d7f-ac03-6b693aeb00e7
.go.sonobi.com/ Name: __uir_eb
Value: 204988433919656933
.go.sonobi.com/ Name: __uin_eb
Value: CAESEOYriAsT49xWwEIgAg0rurQ||1
.go.sonobi.com/ Name: __uir_pp
Value: 204988433919656933
.go.sonobi.com/ Name: __uin_pp
Value: crGfuwTtF0PH
.adform.net/ Name: uid
Value: 9118179168940926163
.technoratimedia.com/ Name: tads_uidp_16
Value: 1551371482546
.technoratimedia.com/ Name: tads_uidp_45
Value: 79F2060E-A633-4206-A893-10347237D95B
.technoratimedia.com/ Name: tads_uidp_46
Value: 5591610815145022960
.technoratimedia.com/ Name: tads_uidp_64
Value: lnRuPeSnjvB_abtGajyEYh_0UOeKx8EP
.technoratimedia.com/ Name: tads_uidp_70
Value: 1668364574412-986994375386-009124-010-008838
.technoratimedia.com/ Name: tads_uidp_76
Value: RX-46601601-5b05-4ee5-8d27-c5beba1e724a-004
.technoratimedia.com/ Name: tads_uidp_77
Value: vJRySJJfiJo3FivguapreF3WU8eJPNFNLNwElOvvM5w
.technoratimedia.com/ Name: tads_uidp_79
Value: a3f5059b-ae0a-4bcf-ae44-ea9bcf3796c3
.technoratimedia.com/ Name: tads_uidp_83
Value: R9WXtN4HSgtT
.technoratimedia.com/ Name: tads_uidp_90
Value: 10c87e9f-8a95-459f-8d8c-ece36ac01bef
.technoratimedia.com/ Name: tads_uidp_91
Value: 1127780877599371273brt56851661351334633785b9
.technoratimedia.com/ Name: tads_uid
Value: 0ACA07A79B244833993E8B9798357D18
.technoratimedia.com/ Name: tads_uid_cd
Value: 20230514043511+0000
.technoratimedia.com/ Name: tads_zora
Value: 2
.technoratimedia.com/ Name: envelope_liveramp.com
Value: 1706659281636
.ads.yieldmo.com/ Name: ptrrc
Value: LY9ZT60W-22-AQZ6
.trustedstack.com/ Name: visitor-id
Value: 3632639891524291000V10
.media.net/ Name: data-g
Value: CAESEMpmlznI16ArcVHcQ7dOV4A~~8
.media.net/ Name: data-exp
Value: setstatuscode~~1
.linkedin.com/ Name: li_sugr
Value: 9e32c363-7980-49e8-b4cc-3e8778e731b5
.linkedin.com/ Name: bcookie
Value: "v=2&6ff8b3fc-1f56-4e29-81aa-220bad817fca"
.linkedin.com/ Name: lidc
Value: "b=OGST03:s=O:r=O:a=O:p=O:g=3278:u=1:x=1:i=1720262390:t=1720348790:v=2:sig=AQFntlTPX7u7AnzSl9lt2Oc_NqyGQLPC"
.doubleclick.net/ Name: receive-cookie-deprecation
Value: 1
.media.net/ Name: data-c
Value: 16d99a73-092f-461d-b5ee-983d437357c9~~1
.media.net/ Name: data-c-ts
Value: 1720262389
s2s.t13.io/ Name: uids
Value: eyJ0ZW1wVUlEcyI6eyJpbm1vYmkiOnsidWlkIjoiSUQ1LTEtYWRjOTY4MDAtOTE3Mi00M2ZlLWFkMjctZDE2OTRkNTI5NmE5IiwiZXhwaXJlcyI6IjIwMjQtMDctMjBUMTA6Mzk6NTAuMTM1MzE0ODI0WiJ9fX0=
.ortb.net/ Name: lluid
Value: f2dd888f-1e23-6423-54fe-b43f4974e974
.ortb.net/ Name: llum
Value: eyJzaHIiOnsiMSI6MTcyMDI2MjM5MDEzMn19
.mfadsrvr.com/ Name: tuuid_lu
Value: 1720262390
.s3xified.com/ Name: rtbDspUserSyncIDs231123sd3r32
Value: {"1642":"0ACA07A79B244833993E8B9798357D18"}
.blismedia.com/ Name: b
Value: 66891EF64A643007F3FA5A40BLIS
.adkernel.com/ Name: ADKUID
Value: A9073684927731402412
.lijit.com/ Name: ljt_reader
Value: I8f_ALZH13MvmOfkQ8uZm2fa
.doubleclick.net/ Name: APC
Value: AfxxVi7TJbc4Yy8hDbODp0PE60zMDgEXRMzEYe5PJMOUN6di1yN80Q
.admanmedia.com/ Name: admtr
Value: a2e50ad1-1554-432e-b84f-9b04ad8012f6
.admanmedia.com/ Name: ac_r
Value: CS208
.go.sonobi.com/ Name: __uir_bs
Value: 204988433919656933
.go.sonobi.com/ Name: __uin_bs
Value: fa8b02fa-7277-45df-9d4a-df264dbf7868-66891ef5-5553
.media.net/ Name: data-mts
Value: 3632639891524291000V10~~1
.id5-sync.com/ Name: id5
Value: 9851e529-e55e-783f-bd45-fc89b33a65f7#1720262387682#4
.pippio.com/ Name: did
Value: oHT-EGUEx1hrZW52
.pippio.com/ Name: didts
Value: 1720262390
.pippio.com/ Name: nnls
Value:
.pippio.com/ Name: pxrc
Value: CPa9pLQGEgYIgr0rEAA=
.media.net/ Name: data-xu
Value: qtk8uG5r1Sq2Pz5~~8
.media.net/ Name: data-bs
Value: 956b86b1-dc66-4676-879c-ab3a0e826999~~1
.media.net/ Name: data-co
Value: AQANideQqFhVIwIX7EH1AQEBAQEBAQCRhqHxxgEBAJGGofHG~~8
.media.net/ Name: data-mf
Value: 592139a8-ae38-452d-92e7-870414350dbb~~1
.creative-serving.com/ Name: tuuid
Value: 8ddc51b5-1d15-4f82-adad-13a35040dc40
.creative-serving.com/ Name: c
Value: 1720262390
.creative-serving.com/ Name: tuuid_lu
Value: 1720262390
.xosodaiphat.com/ Name: FCNEC
Value: %5B%5B%22AKsRol-D2F9fr6KhFVSK1vZvfIpFpRDWlr3gBIZv3EaKMgJHAZCWJ6LtQgEjbnsQxXBjYnV1NTqn3ylqHH_lKXhPkHUXS7ThGcowjzNq0Em447iW0AMYYARSptRizRP8vWVFU82IbnU8NW9ywoWQ3aYUVLtGMsn54A%3D%3D%22%5D%5D
.eqads.com/ Name: EQUser
Value: UID=cef8653f-ab0e-4e4b-8f3b-93ed5eb05cab
.360yield.com/ Name: tuuid
Value: e9567f2f-afed-4e2e-b2b1-891c7b434401
.360yield.com/ Name: tuuid_lu
Value: 1720262390
.doubleclick.net/ Name: ar_debug
Value: 1
.ads.yieldmo.com/ Name: ptrpub
Value: 336C3BC6-EE00-451E-8420-E332AE921915
.media.net/ Name: data-r
Value: LY9ZT60W-22-AQZ6~~1
.360yield.com/ Name: um
Value: !79,-C4E8JFmcsGGKojN8N2Oa3UFKJkCpo6m7IfV0lqN5X8tsm5Sc4i4WAddIRzJmrK8QD1W4BftnWOmi9wa,1728038390
.360yield.com/ Name: umeh
Value: !79,0,1782470390,-1
.media.net/ Name: data-sy
Value: 0ACA07A79B244833993E8B9798357D18~~3
.w55c.net/ Name: matchtriplelift
Value: 5
.technoratimedia.com/ Name: tads_uidp_88
Value: 4196164055724674145845
.technoratimedia.com/ Name: tads_uidp_80
Value: y-EpyKjcVE2uHs6lHY.PhUHMisZL8s3ItF~A
.technoratimedia.com/ Name: tads_uidp_7
Value: 549d8d79-5a7e-4d7f-ac03-6b693aeb00e7
.33across.com/ Name: 33x_ps
Value: u%3D212682924589804%3As1%3D1720262391156%3Ats%3D1720262391156
.technoratimedia.com/ Name: tads_uidp_48
Value: 956b86b1-dc66-4676-879c-ab3a0e826999
.technoratimedia.com/ Name: tads_uidp_50
Value: 58a26c34-ce21-46e2-bcd0-39366e3b1c56
.technoratimedia.com/ Name: tads_uidp_62
Value: 3632279861524571000V10
.technoratimedia.com/ Name: tads_uidp_82
Value: ZoiSUtHM5GMAAFmGAA5KsgAA&2717
.clickagy.com/ Name: cb
Value: Zoke94Kj-iBugpRJOHEAisNU
aorta.clickagy.com/ Name: chs
Value: [{"ch":"4","t":"2024-07-06 10:39:51"}]
.aralego.com/ Name: sspid
Value: a451ed3f-abce-3675-91b4-3f9b05146cb0
.media6degrees.com/ Name: clid
Value: 2sg76yf01171ceopynp2yywu0000000158010r01701
.media6degrees.com/ Name: acs
Value: 012020k1sg76yfxzt10
.bluekai.com/ Name: bkdc
Value: phx
.bluekai.com/ Name: bku
Value: ZoW99wzKiVqNc3WQ
.pubmatic.com/ Name: KRTBCOOKIE_699
Value: 22727-AAHiK07NEj4AABOfyNqkLQ
.technoratimedia.com/ Name: tads_uidp_49
Value: AQADweO1BU_mCgJXhVsqAQEBAQEBAQCRhqH0YgEBAJGGofRi
.technoratimedia.com/ Name: tads_uidp_37
Value: a451ed3f-abce-3675-91b4-3f9b05146cb0
.sharethrough.com/ Name: stx_user_id
Value: 4c75583e-a6e7-4ae4-bf35-6457e757045b
.xosodaiphat.com/ Name: _ga_KPB8BPT4XL
Value: GS1.1.1720262386.1.0.1720262391.55.0.0
.contextweb.com/ Name: pb_rtb_ev
Value: 3-1sc5|2N.0.AQAA4jM65c1OzwJOm8TUAQEBAQEBAQCRhqHx1gEBAJGGofHW|4is.0.CAESEGu8BqRhiGnD3eKuke8iPOM|7LJ.0.26a6f122-236e-4b85-b6e7-0ceff7cf1267|7TZ.0.1|7dN.0.AAHiK07NEj4AABOfyNqkLQ
.contextweb.com/ Name: pb_rtb_ev_part
Value: 3-1sc5|2N.0.AQAA4jM65c1OzwJOm8TUAQEBAQEBAQCRhqHx1gEBAJGGofHW|4is.0.CAESEGu8BqRhiGnD3eKuke8iPOM|7LJ.0.26a6f122-236e-4b85-b6e7-0ceff7cf1267|7TZ.0.1|7dN.0.AAHiK07NEj4AABOfyNqkLQ
.tynt.com/ Name: uid
Value: OY/j22aJHven+sRSWlNyRQ==
.technoratimedia.com/ Name: tads_uidp_44
Value: LY9ZT60W-22-AQZ6
.smartadserver.com/ Name: pid
Value: 3784152061406904187
.smartadserver.com/ Name: TestIfCookieP
Value: ok
.smartadserver.com/ Name: csync
Value: 127:AAHiK07NEj4AABOfyNqkLQ
.tynt.com/ Name: pids
Value: %5B%7B%22p%22%3A%22797f54a72d%22%2C%22f%22%3A1%2C%22ts%22%3A1720262391841%7D%2C%7B%22p%22%3A%224ef5c9a86a%22%2C%22f%22%3A1%2C%22ts%22%3A1720262391841%7D%2C%7B%22p%22%3A%2224c05c7b76%22%2C%22f%22%3A1%2C%22ts%22%3A1720262391841%7D%2C%7B%22p%22%3A%22d26852f088%22%2C%22f%22%3A1%2C%22ts%22%3A1720262391841%7D%2C%7B%22p%22%3A%22cf4d6e49b5%22%2C%22f%22%3A1%2C%22ts%22%3A1720262391841%7D%2C%7B%22p%22%3A%22f9a4a8fd15%22%2C%22f%22%3A1%2C%22ts%22%3A1720262391841%7D%5D
.deepintent.com/ Name: CDIPARTNERS
Value: %7B%221%22%3A%2220240706%22%2C%22141%22%3A%2220240706%22%7D
.pubmatic.com/ Name: KRTBCOOKIE_279
Value: 22890-16e95078-41cb-4158-b067-bf814d7e8b71&KRTB&23011-16e95078-41cb-4158-b067-bf814d7e8b71&KRTB&23355-16e95078-41cb-4158-b067-bf814d7e8b71
.technoratimedia.com/ Name: tads_uidp_61
Value: 212682924589804
.pubmatic.com/ Name: KRTBCOOKIE_1251
Value: 23269-di_dbdd5be833634f70bf1d6&KRTB&23571-di_dbdd5be833634f70bf1d6
.kargo.com/ Name: ktcid
Value: 2747d9c7-d86a-0276-5bd8-b704f51026b3
.krushmedia.com/ Name: krm_usr
Value: cce2ce13-93f0-53de-8f46-6d55f2663fa4
.krushmedia.com/ Name: krm_r
Value: 615
.sitescout.com/ Name: _ssuma
Value: eyI0NSI6MTcyMDI2MjM5MjQ0NSwiMjYiOjE3MjAyNjIzOTA5NDUsIjM5IjoxNzIwMjYyMzg5NTA3LCI3IjoxNzIwMjYyMzg5NTA3fQ
.w55c.net/ Name: matchpubmatic
Value: 5
.thrtle.com/ Name: mc
Value: eyJpZCI6ImExMjg5YmQyLTM4YjgtNGM2My1hMTE3LWMwMTI5MjdiMDc4NiIsImwiOjE3MjAyNjIzOTI0NDUsInQiOjF9
.rlcdn.com/ Name: rlas3
Value: sO0MMOosfXoxzKyW0FsDeldfYF9GIAN0VpOilqzeCqg=
.rlcdn.com/ Name: pxrc
Value: CPa9pLQGEgUI6AcQABIOCOhHEP///////////wESBgi66gEQAhIGCLjrARAA
.rfihub.com/ Name: eud
Value: H4sIAAAAAAAA_9vEyGtobmRgZGZkbGlkYm6wigXBN7A0slwlCudbWBoZGwIASSwVVDAAAAA
.pubmatic.com/ Name: SyncRTB3
Value: 1722816000%3A224%7C1720656000%3A216%7C1721088000%3A63%7C1720828800%3A15_38_2_223%7C1725408000%3A69%7C1721433600%3A8_178_264_166_176_48_56_71_46_13_231_220_214_238_81_234_54_267_233_165_266_7_22_5_104_21_240_3_250_249_55_243_96_99%7C1721520000%3A268_35
.quantserve.com/ Name: d
Value: EOoBEgGhLPijD9r7EA
.dotomi.com/ Name: DotomiTest
Value: 2e22913d532f044b
.pubmatic.com/ Name: KRTBCOOKIE_188
Value: 3189-fa8b02fa-7277-45df-9d4a-df264dbf7868-66891ef5-5553&KRTB&23418-fa8b02fa-7277-45df-9d4a-df264dbf7868-66891ef5-5553
.pubmatic.com/ Name: KRTBCOOKIE_107
Value: 1471-uid:qtk8uG5r1Sq2Pz5&KRTB&23421-uid:qtk8uG5r1Sq2Pz5
.mfadsrvr.com/ Name: ssh
Value: !bidswitch=1720262392!medianet=1720262390
.pubmatic.com/ Name: KRTBCOOKIE_22
Value: 14911-7939588091985856387&KRTB&23150-7939588091985856387&KRTB&23527-7939588091985856387
.pubmatic.com/ Name: KRTBCOOKIE_860
Value: 16335-zHkEbz5_WpRiKy-t28ZjNCaEdko&KRTB&23334-zHkEbz5_WpRiKy-t28ZjNCaEdko&KRTB&23417-zHkEbz5_WpRiKy-t28ZjNCaEdko&KRTB&23426-zHkEbz5_WpRiKy-t28ZjNCaEdko
.pubmatic.com/ Name: KRTBCOOKIE_391
Value: 22924-9118179168940926163&KRTB&23263-9118179168940926163&KRTB&23481-9118179168940926163
.pubmatic.com/ Name: KRTBCOOKIE_18
Value: 22947-969751700711286123
.tribalfusion.com/ Name: ANON_ID
Value: apnvvvRkP6i6eCno6rTrsCqeSeZdirsyvZauPDoaRYdMfkONaPpbrM3aabZdhr6ZdDgyr4SD4222tNc9uuU4SPAKI19tLeX82PQUYkabbrZdSmBiYWfAq
.pubmatic.com/ Name: KRTBCOOKIE_153
Value: 19420-69WB3eyG39DwgoHQ7IaU1OrXiNTwgomF7IJFEU3w&KRTB&22979-69WB3eyG39DwgoHQ7IaU1OrXiNTwgomF7IJFEU3w&KRTB&23462-69WB3eyG39DwgoHQ7IaU1OrXiNTwgomF7IJFEU3w
.pubmatic.com/ Name: KRTBCOOKIE_632
Value: 23041-G1nUHncErrlbz3FjLJmIFDXWWydgG0kE_PJg5XmZpt4&KRTB&23047-G1nUHncErrlbz3FjLJmIFDXWWydgG0kE_PJg5XmZpt4&KRTB&23234-G1nUHncErrlbz3FjLJmIFDXWWydgG0kE_PJg5XmZpt4&KRTB&23361-G1nUHncErrlbz3FjLJmIFDXWWydgG0kE_PJg5XmZpt4
.pubmatic.com/ Name: KRTBCOOKIE_594
Value: 17105-OPTOUT&KRTB&17107-OPTOUT
.pubmatic.com/ Name: KRTBCOOKIE_27
Value: 16735-uid:dfca6689-1ef5-4f00-939a-a8630f8c2907
.pubmatic.com/ Name: KRTBCOOKIE_32
Value: 11175-AQANideQqFhVOgIxVz9eAQEBAQEBAQCRhqH6EAEBAJGGofoQ&KRTB&22715-AQANideQqFhVOgIxVz9eAQEBAQEBAQCRhqH6EAEBAJGGofoQ&KRTB&23519-AQANideQqFhVOgIxVz9eAQEBAQEBAQCRhqH6EAEBAJGGofoQ
.pubmatic.com/ Name: KRTBCOOKIE_466
Value: 16530-956b86b1-dc66-4676-879c-ab3a0e826999
.criteo.com/ Name: uid
Value: d2c046b8-7bca-4dfd-bc1e-8ae2e46d18f3
.adentifi.com/ Name: adtheorent[cuid]
Value: cuid_1416dfe0-3b84-11ef-b755-126f6c678c69
.adgrx.com/ Name: ADGRX_UID
Value: 14172892-3b84-11ef-b8e5-0eb5ce328e5c
.rubiconproject.com/ Name: audit_p
Value: 1|RUKE1kp/LI9cgol9u/vHSSBu2U5NxvoaOzjX40oWVrWbz16xSA9sXUHJVMaZxYwoC3VUO3E712vyUhTWCqUS/Pv31DA4fHDqMp0HTDw5gZ7V/IjBlWfcnUxALFnz58BBXQ9O0cmG97syO3IFFdmF1pSBGIYSZF2NYPDxny9O7hNPVHjylZIeXA8g3IVFsQqk
.rubiconproject.com/ Name: audit
Value: 1|RUKE1kp/LI9cgol9u/vHSSBu2U5NxvoaOzjX40oWVrWbz16xSA9sXUHJVMaZxYwoC3VUO3E712vyUhTWCqUS/Pv31DA4fHDqMp0HTDw5gZ7V/IjBlWfcnUxALFnz58BBXQ9O0cmG97syO3IFFdmF1pSBGIYSZF2NYPDxny9O7hNPVHjylZIeXA8g3IVFsQqk
.iqzone.com/ Name: iq_u_key
Value: 933ea41c-c792-4910-9e72-853d34ffd071
.iqzone.com/ Name: iq_r_key
Value: 277
.resetdigital.co/ Name: ckbk
Value: 0000014B9E1FAEA3
.mxptint.net/ Name: mxpim
Value: R33647_1183B7B13_8710F8F.1.000000000000000066891EF9
.adgrx.com/ Name: ADGRX_CM_PUBMATIC_BRIDGED
Value: 1
.pubmatic.com/ Name: KRTBCOOKIE_1199
Value: 23168-0000014B9E1FAEA3&KRTB&23175-0000014B9E1FAEA3
.pubmatic.com/ Name: KRTBCOOKIE_52
Value: 22772-R33647_1183B7B13_8710F8F&KRTB&23092-R33647_1183B7B13_8710F8F
.adx.opera.com/ Name: UID
Value: OPU822e2f0cf63648eab1f178b51aa5cf94
.adsrvr.org/ Name: TDCPM
Value: CAESFAoFdGFwYWQSCwiyypzev-yOPRAFEhYKB3N2eDl0NTASCwjkgb7pv-yOPRAFEhYKB3J1Ymljb24SCwjKhOvwv-yOPRAFEhcKCHB1Ym1hdGljEgsIpMq197_sjj0QBRgBIAEoAjILCIjyl7fW7I49EAU4AVoHOGg5dTExaGAC
.pubmatic.com/ Name: KRTBCOOKIE_1278
Value: 23329-e86fd1cd-8ff4-4adf-90ff-688cf594e2aa&KRTB&23340-e86fd1cd-8ff4-4adf-90ff-688cf594e2aa&KRTB&23498-e86fd1cd-8ff4-4adf-90ff-688cf594e2aa
.pubmatic.com/ Name: chkChromeAb67Sec
Value: 11
.pubmatic.com/ Name: DPSync3
Value: 1721433600%3A228_260_259_258_261_235_219_226_263_245_256_236_201_262%7C1720828800%3A252_253_265%7C1720310400%3A248_255%7C1721260800%3A257
.pubmatic.com/ Name: KRTBCOOKIE_1003
Value: 22761-14172892-3b84-11ef-b8e5-0eb5ce328e5c&KRTB&23275-14172892-3b84-11ef-b8e5-0eb5ce328e5c
.ctnsnet.com/ Name: cid_38dfab657aa24c51ad98c653e2e26a63
Value: 1
.pubmatic.com/ Name: KRTBCOOKIE_1323
Value: 23480-OPU822e2f0cf63648eab1f178b51aa5cf94&KRTB&23485-OPU822e2f0cf63648eab1f178b51aa5cf94&KRTB&23524-OPU822e2f0cf63648eab1f178b51aa5cf94&KRTB&23575-OPU822e2f0cf63648eab1f178b51aa5cf94
.ads.pubmatic.com/ Name: pubsyncexp
Value: 1720283993454
beacon.lynx.cognitivlabs.com/ Name: UID
Value: 92b70b74-5251-472d-b754-9368ae80aa98
beacon.lynx.cognitivlabs.com/ Name: ss
Value: Mjqb15%2BcjLHsJaEetRnLsSIZeO0HnVApgFYpwr57g5E721qQEDaBgGYYEtzH%2FvwgBEYCzlRzDSnr3ilkEuXyVQ%3D%3D
.owneriq.net/ Name: p2
Value: pmc
.owneriq.net/ Name: si
Value: Q7735487932000748931P
.owneriq.net/ Name: pmc
Value: 1
io.narrative.io/ Name: io.narrative.guid.v2
Value: 146526f0-3b84-11ef-93d4-00000a0f607e
.lijit.com/ Name: _ljtrtb_92
Value: 7260173943964548424
.onaudience.com/ Name: cookie
Value: 33bef8bc2efe1bad
.onaudience.com/ Name: done_redirects252
Value: 1
.adsby.bidtheatre.com/ Name: __kuid
Value: c71b8cc6-cbea-4cec-8573-8d3ac0d9b761.489476393
.semasio.net/ Name: SEUNCY
Value: B5721CEA4109C8A8
.analytics.yahoo.com/ Name: IDSYNC
Value: "18y3~2jea:18za~2jea:18z8~2jea:18yi~2jea:199z~2jea"
.pubmatic.com/ Name: KRTBCOOKIE_904
Value: 23554-k-q66r6oBCKwB-uS-R6JZg&KRTB&23557-k-q66r6oBCKwB-uS-R6JZg&KRTB&23586-k-q66r6oBCKwB-uS-R6JZg
.pubmatic.com/ Name: PugT
Value: 1720262392
.lijit.com/ Name: ljtrtb
Value: eJyrVrI0UrJSMjcyMzA0N7Y0MbY0MzE1sTAxMlGqBQBWtQYO
.lijit.com/ Name: _ljtrtb_27
Value: 549d8d79-5a7e-4d7f-ac03-6b693aeb00e7
.onaudience.com/ Name: done_redirects282
Value: 1
.id5-sync.com/ Name: 3pi
Value: 434#1720262391757#167951651|2#1720262392028#-913093836#7260173943964548424|264#1720262393240#1986973476#549d8d79-5a7e-4d7f-ac03-6b693aeb00e7|203#1720262393036#1817835946#d2c046b8-7bca-4dfd-bc1e-8ae2e46d18f3|124#1720262391026#617796631|108#1720262391393#-1003140920|1245#1720262393935#-1085460481|1246#1720262393719#-1085460481
.audrte.com/ Name: arcki2
Value: 8ehm5Uh98qRSDmUcC22YCXa-Q!20220908!1720262394001!ip#38.132.118.74
.audrte.com/ Name: arcki2_pubmatic
Value: 336C3BC6-EE00-451E-8420-E332AE921915!20220908!1720262394001
.pubmatic.com/ Name: SPugT
Value: 1720262394
.technoratimedia.com/ Name: tads_uidp_73
Value: AAFmYE7NEj4AABSsuB1nkw
.audrte.com/ Name: arcki2_ddp2
Value: 8ehm5Uh98qRSDmUcC22YCXa-Q!20220908!1720262394234
.audrte.com/ Name: arcki2_adform
Value: 9118179168940926163!20220908!1720262394518

13 Console Messages

Source Level URL
Text
rendering warning URL: https://xosodaiphat.com/
Message:
The value "160dpi" for key "target-densitydpi" was truncated to its numeric prefix.
rendering warning URL: https://xosodaiphat.com/
Message:
The key "target-densitydpi" is not supported.
network error URL: https://sync.search.spotxchange.com/partner?source=283156&sync_limit=7
Message:
Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network error URL: https://btloader.com/websiteconfig?bt_env=prod&o=5714937848528896&w=xosodaiphat.com
Message:
Failed to load resource: the server responded with a status of 404 ()
javascript error URL: https://xosodaiphat.com/
Message:
Access to fetch at 'https://api.rlcdn.com/api/identity/envelope?pid=106' from origin 'https://xosodaiphat.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource. If an opaque response serves your needs, set the request's mode to 'no-cors' to fetch the resource with CORS disabled.
network error URL: https://api.rlcdn.com/api/identity/envelope?pid=106
Message:
Failed to load resource: net::ERR_FAILED
javascript error URL: https://xosodaiphat.com/
Message:
Access to fetch at 'https://tlx.3lift.com/header/auction?lib=prebid&v=8.49.3&referrer=https%3A%2F%2Fxosodaiphat.com%2F&tmax=986' from origin 'https://xosodaiphat.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource. If an opaque response serves your needs, set the request's mode to 'no-cors' to fetch the resource with CORS disabled.
network error URL: https://tlx.3lift.com/header/auction?lib=prebid&v=8.49.3&referrer=https%3A%2F%2Fxosodaiphat.com%2F&tmax=986
Message:
Failed to load resource: net::ERR_FAILED
javascript error URL: https://xosodaiphat.com/
Message:
Access to fetch at 'https://tlx.3lift.com/header/auction?lib=prebid&v=8.49.3&referrer=https%3A%2F%2Fxosodaiphat.com%2F&tmax=986' from origin 'https://xosodaiphat.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource. If an opaque response serves your needs, set the request's mode to 'no-cors' to fetch the resource with CORS disabled.
network error URL: https://tlx.3lift.com/header/auction?lib=prebid&v=8.49.3&referrer=https%3A%2F%2Fxosodaiphat.com%2F&tmax=986
Message:
Failed to load resource: net::ERR_FAILED
other warning URL: https://www.youtube.com/s/player/5352eb4f/www-widgetapi.vflset/www-widgetapi.js(Line 200)
Message:
Unrecognized feature: 'web-share'.
security warning URL: https://www.youtube.com/s/player/5352eb4f/www-widgetapi.vflset/www-widgetapi.js(Line 207)
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://www.youtube.com') does not match the recipient window's origin ('https://xosodaiphat.com').
security warning URL: https://www.youtube.com/s/player/5352eb4f/www-widgetapi.vflset/www-widgetapi.js(Line 207)
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://www.youtube.com') does not match the recipient window's origin ('https://xosodaiphat.com').

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

51e531cd837b7eb4ae819c576c27b552.safeframe.googlesyndication.com
a.ad.gt
a.pub.network
a5588.casalemedia.com
aax.amazon-adsystem.com
acdn.adnxs.com
ad-delivery.net
ad.360yield.com
ad.doubleclick.net
ads.pubmatic.com
ads.yieldmo.com
analytics.google.com
api.btloader.com
api.rlcdn.com
apis.google.com
bcp.crwdcntrl.net
beacon-iad2.rubiconproject.com
bidder.criteo.com
btloader.com
c.amazon-adsystem.com
c.pub.network
c2shb.pubgw.yahoo.com
cdn-ima.33across.com
cdn.confiant-integrations.net
cdn.edkt.io
cdn.hadronid.net
cdn.id5-sync.com
cdn.jsdelivr.net
cdn.xosodaiphat.com
ce.lijit.com
cm.g.doubleclick.net
config.aps.amazon-adsystem.com
contextual.media.net
d.pub.network
dis.eu.criteo.com
eb2.3lift.com
eus.rubiconproject.com
fastlane.rubiconproject.com
fid.agkn.com
fonts.googleapis.com
fonts.gstatic.com
freestar-d.openx.net
freestar-io.videoplayerhub.com
fundingchoicesmessages.google.com
googleads.g.doubleclick.net
grid.bidswitch.net
hbopenbid.pubmatic.com
htlb.casalemedia.com
ib.adnxs.com
ice.360yield.com
id.hadron.ad.gt
id5-sync.com
ids.ad.gt
image2.pubmatic.com
images.dmca.com
imasdk.googleapis.com
js-sec.indexww.com
lb.eu-1-id5-sync.com
lexicon.33across.com
match.adsrvr.org
msdigital.vn
optimise.net
p.ad.gt
pa.openx.net
pagead2.googlesyndication.com
pixel.gliacloud.com
pixel.quantserve.com
pixel.tapad.com
pixels.ad.gt
player.gliacloud.com
prebid.media.net
protected-by.clarium.io
rtb.openx.net
rules.quantcount.com
s.amazon-adsystem.com
s0.2mdn.net
secure.adnxs.com
secure.cdn.fastclick.net
secure.quantserve.com
securepubads.g.doubleclick.net
ssum-sec.casalemedia.com
static-pixel.gliavideo.com
static.criteo.net
static.xosodaiphat.com
stats.g.doubleclick.net
sync.1rx.io
sync.go.sonobi.com
sync.search.spotxchange.com
tags.crwdcntrl.net
tlx.3lift.com
token.rubiconproject.com
tpc.googlesyndication.com
ups.analytics.yahoo.com
www.google-analytics.com
www.googleadservices.com
www.googletagmanager.com
www.gstatic.com
www.youtube.com
x.bidswitch.net
xosodaiphat.com
api.rlcdn.com
cdn.jsdelivr.net
pixel.gliacloud.com
sync.search.spotxchange.com
tlx.3lift.com
104.18.20.206
104.18.20.76
104.18.21.76
104.18.36.155
104.18.38.76
104.21.234.15
108.138.106.70
108.138.127.64
108.138.128.124
130.211.23.194
142.250.65.168
142.250.72.102
142.250.72.110
142.250.80.102
142.250.80.110
142.250.80.65
142.250.80.66
142.251.32.98
142.251.40.226
142.251.40.98
142.251.41.2
162.19.138.116
162.19.138.117
172.64.144.166
172.64.152.89
178.250.7.11
18.238.63.215
207.65.37.179
209.204.229.29
216.239.32.181
23.200.196.24
23.200.198.128
23.203.179.38
23.45.192.247
23.45.193.13
2600:1f18:2352:af01:fb37:7890:d10:c020
2600:9000:21dd:6c00:6:44e3:f8c0:93a1
2602:803:c002:200::24
2602:803:c002:200::32
2606:4700:10::6816:3456
2606:4700:10::6816:445
2606:4700:10::6816:4ad8
2606:4700:10::6816:545
2606:4700:10::ac43:17ea
2606:4700:10::ac43:246e
2606:4700:20::681a:246
2606:4700:20::681a:932
2606:4700:3030::ac43:b50d
2606:4700::6812:c0d
2607:f350:3:2569:0:10:0:c
2607:f8b0:4004:c21::9c
2607:f8b0:4006:809::200e
2607:f8b0:4006:80c::2001
2607:f8b0:4006:80d::2006
2607:f8b0:4006:80d::200e
2607:f8b0:4006:80e::2008
2607:f8b0:4006:81e::200e
2607:f8b0:4006:81f::200a
2607:f8b0:4006:820::200e
2607:f8b0:4006:823::200a
2607:f8b0:4006:824::2003
2620:100:a00b::4
2620:116:800b:21:a021:b886:81cc:55cf
2a02:6ea0:c454::1
3.84.106.137
34.111.113.62
34.111.152.239
34.120.111.33
34.120.63.153
34.160.152.31
34.200.12.207
34.200.65.202
34.36.214.49
35.186.253.211
35.211.178.172
35.227.207.122
35.244.159.8
35.244.193.51
35.71.131.137
35.71.139.29
44.199.61.49
44.208.217.105
44.208.217.220
52.34.239.226
52.46.128.147
54.213.6.218
54.84.174.74
68.67.160.26
69.173.146.5
69.194.240.13
74.119.117.6
8.28.7.83
01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b
04c1bc744720c6e7542613e933c9a0f4bbd8f6ed45a5b1924223c256430dfd7b
058ed961bfe422af7bfc65865f4c08531ec8ace995f8a1ec560a46581cb7712c
066bf781659af09bb40a24a7d87dd2310c2324c9619e347c6d6d05c00ffeb182
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
0732bceb3a4006480a2125fd5566188a5b6cb4cd0b536a212574638f42dcdccc
0899dfba882b23053661826a294de10c554ccaeafbd2a7e71ef80a36554aec58
0aa031394ba5dcf9b550d3c1ce30e1ffd748307577ae7bbbdf0045abcb0a8d45
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0d56f97640ee9571ff5dc7429665d5ce58f3f7f635d6a85a7cc8717bc5873de6
0e4b38ad7e35f3b75be62478386d02486572d91f48aeb674c50f0b417a73ada6
0f2d79f369d3c083f2a4be911dc46e9a62188502d54c175533aba4909472ce3d
0f980b0ff1ceec1067d3dbabb9ce427bdcf06e2dfa282d7e5c30ad052debc844
113b988757f4101d160571f19771fd5ea84f373457a7ca7f56b104cc51cd3d0f
1212819a5cca85efcee76b60a0cb385ff75d871ef821cac6fb8bebd5560dc8ce
12ada23bdb3a1ce383a5bcafda0abbf59bedbe47fc16af16580f6e85eccafdea
13c5e36dbfc67cc8a97728d4dc525e6315e6ba118a8eda06cd12704cb8cb38e8
148f10a2d7b7465114dc40e598e85f0a3fa5e03bded69412a509d8e2b6b63f5b
15d5cd69c0971061f8e3b2245372809acead41fe04d1e90f63b4cc1ca92b3dde
1f098f773b9493f67ed609c94de94d67b8366cbe413ee2fa7d107eb51028efa4
1f19970f056cd116a5fe3c02422c1ee1ac827136df470b5c89af492620512aa4
27638947806ac0f87353c7931a96a783b7685440dabc5ec8f056322e305e8c8a
2e28457fb19e528aaa91339f61757e9afb74499ce4325dba279fa4f8453dbb7d
316e4e1717995d5487e376f8f42409f584d886dab449da0bace8bccaa94f80a8
31a73049c40c9fc828bbc203265e9457898716e2cdb6560ec844e5d314bdc02f
321662c992cf07b0c55dd94d1049e94f254ebbe2a6abcd9b559855d411ae8289
323078255b49de637d9a1eb7b8c55c603b62bd4fe0d2a028403488ae56e4762e
33400ad259cddf0871d1ab4f88169efc596cae3a5b9648c96e991a6cd4b5843e
33c1ab6a01b4049878497c2874d8cbb72e14ee7cf14fafec3c09b45f9874b67e
35f10e930001942305150e2cd414336f02d9365cc6ce3b94c9ef2bac90d70e3f
36b2057eb5eef261a2cbb8c149dcf3a11edaa15ccd8e3d462eb34999f5ff8f2a
370ac9a7b9a0d65f044baf1d17194c30aa2bf40c6250d6bcdc6189a9652c7c31
38366a7da4875816e2aa8b43c6aa15f59e2857325006273f6ee350680fe8e56b
38f65ea4ff5230dae66ed670b0520951e14cab8b6ab6adeef4b8fa9f939cb375
3b408428a4706312309e6a0b7d2a8fe43acb5ff9292b0c2b24e4315d075c7f0f
3c021150e1785d8a7c525cc5f339ffb265b2ba37c9ce7b48c107c7e73f44955a
4346a01b383b949bd8cedaf298011b23aa566005df05373b7d113a46420b09b6
435b1ece4a55f4f8d06866b32c1aee3cc4661eb905265894795f15a57bf1b33d
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
43f804d38a294c6df1ce8ee64fb95ad0ff5a8d6d5685d9537df02212668a1dff
4416286665bbc024eb7d80114a57625e9f57ea495844950d060293b230599af5
443795c4c7acd188f6d2a3e7f1dd58de62ce4d910592e570dff579195a7f70c1
44c6f96d3cfe5167864bafed398464dddd32b15734b5d92497997cc9451b4361
470cd1e288bd24b762e50e0e9463b5417ed523ef5d0f640bbad56aa22835944f
47ce859f7f0f545825c8ab983547bbf88d0de3f52afebc7a1ccc0611661df70d
492db2ca577f4d221e3e28239c19e7db05f1701b298bf278fc4d1fcb92563586
4a499520342d7b8bc3fb58eed389965b413b371e7b794d2c11484aee4a64225a
4aaf47521cfc1263b018801985a770420e3c573f789ad469e7ff4bad72980d31
4abe1cedb274539491d570338f7900776d37aad1aa74ab9d1f250aaf949cbb13
4b69a3f605576e2a0cdb6abd74d3efdf893c4b6124ace390559d62437b9553d7
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
5827389148c26256e39be0c38389765833e4792c5d7bb02a4c36f9859e9ca7ff
5b93756b4ce2e009cc63ea23ed9b723dee75e65a8aa1ffa97e8e68f2ec0cf3fe
5b9cfa0283d9a9f6a909df2b61c9933c11130343f08aec96cdd8f49c29972526
5d62587ba2b5f7104d04883114f0e13939309f399f7947e2b492bce0bac623a3
61aca18f7c51ad5b0c45fd95a23478aa3e2bdbedacef7d5970948717ee63b6c7
6470b366d0c8c0a354dad603405a0b8bd887aceb8da1ecd4959d0d580375b45a
64e819926c5775047d93e4d92a6deb149ac4c4fd0fe95a47bca3b3550a58677e
65380b178237f3a85e5fcefbd766a6ac82e40cf1b81f6f79c092df1720167b0b
65591e57e4be656669b157490f15e343e9a95894bb8cb7a3f55386541864b2a6
66776998b10e583a72f8fd29391a50e2c80eb3bc9a65b0dafe97e576d7d88507
679e233357e93a4f4d15bc2e62d33e0048a978a5ddd57a78ad1203d614b0773a
6928acfea351e62723cd2af8ecb4f838f7826708e95b1b6a5ce613d2913df268
69539b5b3777cffda28a66d7f2aa9b17c91ee1ec8fd50c00c442af91753a60f7
69a30a181fb8aef3635ffb18653f9ffd3ddf0140d51ba34688464bb6e9c71d26
69ddbfe0111131323a6c637b0fcf18449cd7f4bab70211c0b2c9bb51232bdb9b
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
71184f84f1d6701e57cfeb3286bab76668221cd67f34fa58448642e4b3f06349
750265e0a75ce476f0064228d9ff721b7fde70d43acfa6cc765db459cd7c74c5
76c46df9a6ba94318fafe8023e3f52e28b1b9a1eaf16dcd4d7ce95ab6942859b
78fd77e0744c746a2178e29c697fc34eb5ebbd75822d8e01344815002808b11f
7c415e0eb17ead2fb65fed0185e557cc902c67b7b8430678b8a78d86ee9e0b54
7fe341b15b354839cdd60af498360ae74b247cf2735dc3acb06f9209178e78f6
8248d6cddfd9784d48db57abf5523eb486698aac1fe6e72ce8677c22f5e9f31e
8265f64786397d6b832d1ca0aafdf149ad84e72759fffa9f7272e91a0fb015d1
88d7805a74ac5f036bb47930e6555f1656da22187e5f5e1376bf6ac29a0f7bac
8b2bf9e6b0bd093dff7b55820a5d5bbc90f92fc9b62cd1a1dace9a5c221ead4a
8e1b84265e633c043720dd0921476c16bc9f75e393e855c9116ca7c3a847b5c7
90770153b501e152b3705e31d61696fa21e07d08a9d8e207a3f1207660b11071
936f5a4299c7435fde1e9db72f95b51fe142f901e9fc9972395e508726b3a4ed
93d85570e7cfd2be5ad7c0be67c5d8859ca566c12a8463c5b804171680a146a3
9665d144a9f7093546f50b288a7705c34b08fb7743734b13bb1e2b25900c2d65
96e567e55058088bf057ebeb964b202435a2c745a55f49df106fe22f2a9a8e11
9935cf9ce088e68d0e089c5d20acee9408d15bf1e284bb07b0a7d96323dbf1e2
99984969b73a9759568e48a6e5e02f4fdc286cc3bd57f8e0fe94369b8dc920e4
9ccd0b8dcedf64da15cc9c91034d10ead865813506f63c82b9b02ba7cc4df78a
9ddceb837db3be605e27b54d6e55d5c70085e77d17ce78651585812c5dda5379
9ff6a42a886e2ce47bc93c2d1e51612e027aba3e27fd8a05b4d72d46a754e644
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a12f5e25ae30d8c245b37c8837654fb78984246eba0a52d29b65f01d23058769
a16cbc263c4a2f86d634cb11040ebdc0a61f1275664c4ad26afbf67bd9471501
a1e423bb8d539311a608bee82a39532c8caa7feb29a4e95c26a0ce7dbf13d60b
a31cb072b27a0f30183015e80c300bd8f569f49897b6c651adf9ff985f43508d
a471d9269979fb460086518cc72ccb19bf1a554ea9e29d97d95f7d0a1b195183
a4b91763c6a08450e8194c343096b6b5a6af56c265e0d1022914dad08ffb2ff1
a7b5f5f96f81dea4efc53e1d4dae8b37c28bec27a45b42ccf604ee759e20caec
ad26ac49f179b50254d7ff0e94733c71dea4df8c1c30660e004f8cb68292dd6b
ade7ac4c82d4a3ff060b351571ede4cb43360d9ddb162a5f82b2d65d779fddca
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
aedc8b0104d965ea888fbe5cbf5a695de00045f7c84bf4a64f4d0e48e2c00e1f
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277
b04cd869cfd41a48c006458f71969a0eb26f33fec12f3cfe00408f8b73bf3ff8
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b1b9317cb75824c6cefea930c0e75581235ad2a8da972a80cd1af33960cab1bc
b33c75d66b6115b2b04d07e509b8b5def62e5ff9a5feb52c7b4dfedb748fa8ba
b35f3f631fe613e539ec799b377518466e99f3b99e7e6eb2c66c174628fa2d5a
b4884388342defd9d0f4d5a3dec3c2b49dc8a30ff88da67ff8e58ea10e755b81
b60f65161ce3517c2794eecab25981c51ffbcbc951a781270403e2f3572d0290
bb2f90081933c0f2475883ca2c5cfee94e96d7314a09433fffc42e37f4cffd3b
bc1312423ab1484c4b63fe13107bf1d00490f8fedfecb2da41f6bd399779f147
c01eb076809b16051ebbb8ace592465ef2d059908c608a4e07a7c1b6c624249b
c139d813498e013df39eea698dab24025cee5520480588f73cac443e222a58d1
c75a030e4897c932d6108eda470a4bd00a7295e71a2ff7e9b8d9b767d5604795
c86bfeabd06ba640332347ce71c397f83fc766be7ba5cd8204d99b940e0fbcb6
ca52dfbb3f2b64b0d96603936970f78ca8a0fac76233aad6b9020ae2acdfa336
cccaedb13f2aa38970538b043bfd16b0fa24e6a6a386833059595fd0a408e105
ce13d5d11a2c8a21612d2eae7a1732f20ca5a38daf0be8af6aaeef64e07d75e4
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
d3fddd4ff0e9f303e9eb97d639db1d7e1dba59e2b7f438f084191c4c1dd76488
d54eea750960c01893460142312ced45745cc98be2961d9a2ac6a2189fd6fe59
d7a4d3c6bbb813b80afb47a45e75320ff14b02e65ad1ca740d62bcbfb646f2ad
d961b08e4321250926de6f79087594975fe20ad1518de8f91eb711af5d1a6ef8
dd382a0b771572febe55bbd91bca06284a52d4ac9bc73128f114914a4b3c7e97
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e03f31f070cdf96deb44c8a8760578f65f041cdfc2f69a1b449da43ee298c326
e1c8a4270ee0ee67c3795425849c7d6a20268ebe4c35342d145cfb4553cb0bf6
e1dbef5772f381d1aa21788b5fd895e017171ee64f0478cb78465496a3abdc7c
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e58dca8876c5149b643df59aac69a7d43e5a333ffbcf77a3f766bb37ffcd5ce9
e5d68f5b20236928c8a5e53b3f352d8fddac599305907644448b2b2841d1d7d2
e78e054c41ebe993b4c5ca89264e3f39f6ebd5d56fd05cb88eb65a10a64a1154
e8001772f5fd68cdf6f4d82118d7d0b67cc65eb418f3994a4105837e5624894a
e8021f1a9dad409f7e699457ac334653bf800464df69900237c4de1c29e275d0
e8bfd3478f33c2a04cf1c33986e790f962350705a2bd78fab3e4cf082814dd6b
e9dc6b11134a01b0ada8523430d9cf21a3eac558245997e1a4d8b68235e7e7d7
ebd6db0c39772804c1425c28d581ba43f64f0f50e01fee04e2b7e11e8e377cb2
ecc20ed3c5dedbe5bbe73d1e7b14270c65a85f7d0ec4c94c4f0c9f0071e471a2
ede1a14f2800eeb40e5370aef684dce98eff7eee4e6c75fb9b3c4c773351a8b2
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f1cfe4f7d3b09de9e3537f0a2303e3e1f23825a794f744340ababa5807de75e1
f232eb3e282727a3fd683ec3510d56ddf47b80570e4a13c976ee960c9aee22ea
f4d9dedffa6ec9dd7ec66eef0915017183e812e17b39f30e2407c8da747de77b
f84a96b93f09aeb6b876e4138b8b7867c4e44be2065b640ba82825b2fd9831e7
f8f651fb1913a1df3d3bd250383bf872930439d1b185efcacea909ce0b0afe51
fd371b05170f328fbbdae7346b19740f0a60a9aa500b710a843c335fee8aaa44
feb294a6939435037d915fb9c2eeda3a6bf09627d2db95b1a5788fdc3a4532c3
ff86e41bafc57424727d46a60c7fd79074cb8439d480d60e09017a67a4ad019e