xosodaiphat.com Open in urlscan Pro
2606:4700::6812:144c Public Scan

Go To Rescan
Add Verdict Report

URL:
https://xosodaiphat.com/xsmn-xo-so-mien-nam.html
Submission: On October 08 via api (October 8th 2023, 11:27:19 am UTC) from US — Scanned from DE

Summary HTTP 57 Redirects Links 2 Behaviour Indicators

Summary

This website contacted 24 IPs in 5 countries across 15 domains to perform 57 HTTP transactions. The main IP is 2606:4700::6812:144c, located in United States and belongs to CLOUDFLARENET, US. The main domain is xosodaiphat.com. The Cisco Umbrella rank of the primary domain is 43135.
TLS certificate: Issued by E1 on October 5th 2023. Valid for: 3 months.

This is the only time xosodaiphat.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2	2606:4700::68... 2606:4700::6812:144c	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2a00:1450:400... 2a00:1450:4001:80e::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:810::2002	15169 (GOOGLE) (GOOGLE)
10	2606:4700::68... 2606:4700::6812:154c	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:50c0:800... 2606:50c0:8001::153	54113 (FASTLY) (FASTLY)
2	2a00:1450:400... 2a00:1450:4001:831::2002	15169 (GOOGLE) (GOOGLE)
2	104.26.0.74 104.26.0.74	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2606:4700:440... 2606:4700:4400::ac40:986a	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2606:4700:440... 2606:4700:4400::6812:2341	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2400:52e0:1e0... 2400:52e0:1e00::1080:1	200325 (BUNNYCDN) (BUNNYCDN)
2	2a00:1450:400... 2a00:1450:4001:827::2003	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:806::2008	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:82f::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80f::2002	15169 (GOOGLE) (GOOGLE)
5	118.194.235.163 118.194.235.163	135377 (UCLOUD-HK...) (UCLOUD-HK-AS-AP UCLOUD INFORMATION TECHNOLOGY HK LIMITED)
1	107.155.55.90 107.155.55.90	135377 (UCLOUD-HK...) (UCLOUD-HK-AS-AP UCLOUD INFORMATION TECHNOLOGY HK LIMITED)
2	2001:4860:480... 2001:4860:4802:34::178	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:81c::200e	15169 (GOOGLE) (GOOGLE)
1	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c0b::9c	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:829::200a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:829::2001	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:812::2003	15169 (GOOGLE) (GOOGLE)
57	24

2 2606:4700::6812:144c (United States)

ASN13335 (CLOUDFLARENET, US)

xosodaiphat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:810::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2606:4700::6812:154c (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.xosodaiphat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:50c0:8001::153 (United States)

ASN54113 (FASTLY, US)

msdigita.github.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:831::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.26.0.74 (None, )

ASN13335 (CLOUDFLARENET, US)

api-sg.flygame.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
api.flygame.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700:4400::ac40:986a (United States)

ASN13335 (CLOUDFLARENET, US)

jsc.adskeeper.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
c.adskeeper.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:4400::6812:2341 (United States)

ASN13335 (CLOUDFLARENET, US)

jsc.adskeeper.co.uk	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2400:52e0:1e00::1080:1 (Germany)

ASN200325 (BUNNYCDN, SI)

images.dmca.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:827::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:806::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

apis.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 118.194.235.163 (Singapore)

ASN135377 (UCLOUD-HK-AS-AP UCLOUD INFORMATION TECHNOLOGY HK LIMITED, HK)

nstat-sg.flygame.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 107.155.55.90 (United States)

ASN135377 (UCLOUD-HK-AS-AP UCLOUD INFORMATION TECHNOLOGY HK LIMITED, HK)

api2-sg.flygame.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4860:4802:34::178 (United States)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:81c::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fundingchoicesmessages.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c0b::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:829::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:829::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

lh3.googleusercontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:812::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
12	xosodaiphat.com xosodaiphat.com — Cisco Umbrella Rank: 43135 cdn.xosodaiphat.com — Cisco Umbrella Rank: 88505	116 KB
8	flygame.io api-sg.flygame.io — Cisco Umbrella Rank: 111402 api.flygame.io — Cisco Umbrella Rank: 79859 nstat-sg.flygame.io — Cisco Umbrella Rank: 61394 api2-sg.flygame.io — Cisco Umbrella Rank: 58913	71 KB
6	google.com apis.google.com — Cisco Umbrella Rank: 125 fundingchoicesmessages.google.com — Cisco Umbrella Rank: 1474	293 KB
4	gstatic.com www.gstatic.com fonts.gstatic.com	204 KB
4	doubleclick.net securepubads.g.doubleclick.net — Cisco Umbrella Rank: 214 googleads.g.doubleclick.net — Cisco Umbrella Rank: 45 stats.g.doubleclick.net — Cisco Umbrella Rank: 98	167 KB
3	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 42 region1.google-analytics.com — Cisco Umbrella Rank: 2250	21 KB
3	adskeeper.com jsc.adskeeper.com — Cisco Umbrella Rank: 31723 c.adskeeper.com — Cisco Umbrella Rank: 21754	98 KB
3	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 108	233 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 56	163 KB
2	adskeeper.co.uk jsc.adskeeper.co.uk — Cisco Umbrella Rank: 56845	102 KB
1	googleusercontent.com lh3.googleusercontent.com — Cisco Umbrella Rank: 70	5 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 49	4 KB
1	dmca.com images.dmca.com — Cisco Umbrella Rank: 13957	761 B
1	github.io msdigita.github.io — Cisco Umbrella Rank: 74901	420 B
1	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 223	30 KB
57	15

	Domain	Requested by
10	cdn.xosodaiphat.com	xosodaiphat.com
5	nstat-sg.flygame.io	api.flygame.io api-sg.flygame.io
4	fundingchoicesmessages.google.com	securepubads.g.doubleclick.net pagead2.googlesyndication.com
3	pagead2.googlesyndication.com	xosodaiphat.com pagead2.googlesyndication.com
2	fonts.gstatic.com	xosodaiphat.com fonts.googleapis.com
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	apis.google.com	xosodaiphat.com apis.google.com
2	www.googletagmanager.com	xosodaiphat.com www.googletagmanager.com
2	www.gstatic.com	xosodaiphat.com
2	jsc.adskeeper.co.uk	xosodaiphat.com jsc.adskeeper.co.uk
2	jsc.adskeeper.com	xosodaiphat.com jsc.adskeeper.com
2	securepubads.g.doubleclick.net	xosodaiphat.com www.googletagservices.com
2	xosodaiphat.com	xosodaiphat.com
1	lh3.googleusercontent.com	xosodaiphat.com
1	fonts.googleapis.com
1	stats.g.doubleclick.net	www.google-analytics.com
1	c.adskeeper.com	xosodaiphat.com
1	region1.google-analytics.com	www.googletagmanager.com
1	api2-sg.flygame.io	api.flygame.io
1	googleads.g.doubleclick.net	pagead2.googlesyndication.com
1	images.dmca.com	xosodaiphat.com
1	api.flygame.io	xosodaiphat.com
1	api-sg.flygame.io	xosodaiphat.com
1	msdigita.github.io	xosodaiphat.com
1	www.googletagservices.com	xosodaiphat.com
57	25

This site contains links to these domains. Also see Links.

Domain
muvi.vn
www.dmca.com

Subject Issuer	Validity	Valid
xosodaiphat.com E1	`2023-10-05` - `2024-01-03`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-09-18` - `2023-12-11`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-05-26` - `2024-05-24`	a year	crt.sh
*.github.io DigiCert TLS RSA SHA256 2020 CA1	`2023-02-21` - `2024-03-20`	a year	crt.sh
flygame.io GTS CA 1P5	`2023-10-02` - `2023-12-31`	3 months	crt.sh
images.dmca.com R3	`2023-09-12` - `2023-12-11`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-09-18` - `2023-12-11`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-09-18` - `2023-12-11`	3 months	crt.sh
*.apis.google.com GTS CA 1C3	`2023-09-18` - `2023-12-11`	3 months	crt.sh
*.flygame.io R3	`2023-09-15` - `2023-12-14`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-09-18` - `2023-12-11`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-09-18` - `2023-12-11`	3 months	crt.sh
*.googleusercontent.com GTS CA 1C3	`2023-09-18` - `2023-12-11`	3 months	crt.sh

This page contains 2 frames:

Primary Page: https://xosodaiphat.com/xsmn-xo-so-mien-nam.html
Frame ID: 8BA7FC8C6B36AEC9D07F0F8E7CEF93E4
Requests: 57 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231004/r20190131/zrt_lookup.html
Frame ID: 063B55A57414464635F88BB029AD0189
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

XSMN - Xổ Số Miền Nam - Ket qua xo so mien nam - SXMN

Detected technologies

Firebase (Databases) Expand

Overall confidence: 100%
Detected patterns

/firebasejs/([\d.]+)/firebase

DoubleClick for Publishers (DFP) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googletagservices\.com/tag/js/gpt(?:_mobile)?\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Plus (Widgets) Expand

Overall confidence: 100%
Detected patterns

apis\.google\.com/js/[a-z]*\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

57
Requests

91 %
HTTPS

87 %
IPv6

15
Domains

25
Subdomains

24
IPs

5
Countries

1508 kB
Transfer

5102 kB
Size

7
Cookies

2 Outgoing links

These are links going to different origins than the main page.

URL: https://muvi.vn/playlist/lien-khuc-nhac-phat-tong-hop-cam-dong-hay-nhat.ZGRnxm93VOeA.html?utm_source=xosodaiphat.com&utm_medium=referral&utm_campaign=tinbai-xsmn-mien
Title: ️🎶Nhạc Phật cảm động ️🎼"Đến nơi đây dưới mái chùa yêu thương..." MUVI.VN

Search URL Search Domain Scan URL

URL: https://www.dmca.com/Protection/Status.aspx?ID=2fe00d0c-59bc-4930-bde8-11153f7264ff

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

57 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request xsmn-xo-so-mien-nam.html Show response
xosodaiphat.com/ 160 KB
42 KB 1188ms
1083ms Document
text/html 2606:4700::6812:144c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://xosodaiphat.com/xsmn-xo-so-mien-nam.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:144c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 9ecd1920eaa0ec5eb45906378c8929f191c1da07796c0fda8043903918ce9a4e

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
cache-control: public, max-age=60
cf-cache-status: HIT
cf-ray: 812e0883f9fe3616-FRA
content-encoding: gzip
content-length: 42257
content-type: text/html; charset=utf-8
date: Sun, 08 Oct 2023 11:27:13 GMT
expires: Sun, 08 Oct 2023 11:28:12 GMT
last-modified: Sun, 08 Oct 2023 11:25:42 GMT
server: cloudflare
vary: *, Accept-Encoding
x-aspnet-version: 4.0.30319
x-aspnetmvc-version: 4.0
x-html-minification-powered-by: WebMarkupMin
x-powered-by: ASP.NET

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 145 KB
50 KB 210ms
122ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: xosodaiphat.com
URL: https://xosodaiphat.com/xsmn-xo-so-mien-nam.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c9c21b62587ede6cc194c884829321cc73255718237d3fa2ea1453dbfc67ff51

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://xosodaiphat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Sun, 08 Oct 2023 11:27:13 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51151
x-xss-protection: 0
server: cafe
etag: 13543523839337362634
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Sun, 08 Oct 2023 11:27:13 GMT

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ 99 KB
30 KB 249ms
144ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: xosodaiphat.com
URL: https://xosodaiphat.com/xsmn-xo-so-mien-nam.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

682230f7a8f18edbe2ec5826afc7d8184bd6545c9249fbee715fc104848bbaea

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://xosodaiphat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Sun, 08 Oct 2023 11:27:13 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29804
x-xss-protection: 0
server: cafe
etag: 366 / 19638 / m202310030101 / config-hash: 4974023841911941900
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sun, 08 Oct 2023 11:27:13 GMT

GET
H2 200 logo.svg
cdn.xosodaiphat.com/assets/images/ 15 KB
5 KB 149ms
47ms Image
image/svg+xml 2606:4700::6812:154c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.xosodaiphat.com/assets/images/logo.svg
Requested by: Host: xosodaiphat.com
URL: https://xosodaiphat.com/xsmn-xo-so-mien-nam.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:154c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: dd382a0b771572febe55bbd91bca06284a52d4ac9bc73128f114914a4b3c7e97

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://xosodaiphat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Sun, 08 Oct 2023 11:27:13 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Fri, 21 Apr 2023 03:14:24 GMT
server: cloudflare
age: 976600
etag: W/"6bb87e5fff73d91:0"
x-powered-by: ASP.NET
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=2678400
cf-ray: 812e088b8acb1e57-FRA
alt-svc: h3=":443"; ma=86400
expires: Wed, 08 Nov 2023 11:27:13 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 146 KB
50 KB 181ms
96ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-2201058077065954

Requested by

Host: xosodaiphat.com
URL: https://xosodaiphat.com/xsmn-xo-so-mien-nam.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d12eef67d54c4878b6952a448b3a43cb374220a306b08d7b8bc714710e8cf0af

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://xosodaiphat.com/
Origin: https://xosodaiphat.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Sun, 08 Oct 2023 11:27:13 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51166
x-xss-protection: 0
server: cafe
etag: 10510338571322376414
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Sun, 08 Oct 2023 11:27:13 GMT

GET
H2 200 xsdp-pc-flyicon-ad.js Show response
msdigita.github.io/l/ 1 B
420 B 139ms
41ms Script
application/javascript 2606:50c0:8001::153
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://msdigita.github.io/l/xsdp-pc-flyicon-ad.js

Requested by

Host: xosodaiphat.com
URL: https://xosodaiphat.com/xsmn-xo-so-mien-nam.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:50c0:8001::153 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

GitHub.com /

Resource Hash

01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556952

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://xosodaiphat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

x-fastly-request-id: 3e0e7d6a0d986e76d2cfadf34b6356a990d0076e
strict-transport-security: max-age=31556952
date: Sun, 08 Oct 2023 11:27:13 GMT
via: 1.1 varnish
x-cache-hits: 2
age: 575
x-cache: HIT
x-proxy-cache: MISS
content-length: 1
x-served-by: cache-ams21055-AMS
last-modified: Fri, 01 Sep 2023 07:22:52 GMT
server: GitHub.com
x-github-request-id: 8448:9363:142B2C6:14C527A:65228815
x-timer: S1696764433.200726,VS0,VE0
etag: "64f1914c-1"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=600
permissions-policy: interest-cohort=()
accept-ranges: bytes
expires: Sun, 08 Oct 2023 10:54:37 GMT

GET
H2 200 home.svg
cdn.xosodaiphat.com/assets/images/ 958 B
583 B 98ms
49ms Image
image/svg+xml 2606:4700::6812:154c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.xosodaiphat.com/assets/images/home.svg
Requested by: Host: xosodaiphat.com
URL: https://xosodaiphat.com/xsmn-xo-so-mien-nam.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:154c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: f1cfe4f7d3b09de9e3537f0a2303e3e1f23825a794f744340ababa5807de75e1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://xosodaiphat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Sun, 08 Oct 2023 11:27:13 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Mon, 22 Nov 2021 04:03:56 GMT
server: cloudflare
age: 977680
etag: W/"34586ff855dfd71:0"
x-powered-by: ASP.NET
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=2678400
cf-ray: 812e088b8ad51e57-FRA
alt-svc: h3=":443"; ma=86400
expires: Wed, 08 Nov 2023 11:27:13 GMT

GET
H2 200 hot.gif
xosodaiphat.com/assets/images/ 181 B
350 B 52ms
50ms Image
image/gif 2606:4700::6812:144c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://xosodaiphat.com/assets/images/hot.gif
Requested by: Host: xosodaiphat.com
URL: https://xosodaiphat.com/xsmn-xo-so-mien-nam.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:144c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: ede1a14f2800eeb40e5370aef684dce98eff7eee4e6c75fb9b3c4c773351a8b2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://xosodaiphat.com/xsmn-xo-so-mien-nam.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Sun, 08 Oct 2023 11:27:13 GMT
cf-cache-status: HIT
last-modified: Fri, 26 May 2023 07:18:45 GMT
server: cloudflare
age: 959138
etag: "6f8eae4ea28fd91:0"
x-powered-by: ASP.NET
vary: Accept-Encoding
content-type: image/gif
cache-control: public, max-age=2678400
accept-ranges: bytes
cf-ray: 812e088aea983616-FRA
alt-svc: h3=":443"; ma=86400
content-length: 181
expires: Wed, 08 Nov 2023 11:27:13 GMT

GET
H2 200 menu.svg
cdn.xosodaiphat.com/assets/images/ 1 KB
648 B 52ms
52ms Image
image/svg+xml 2606:4700::6812:154c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.xosodaiphat.com/assets/images/menu.svg
Requested by: Host: xosodaiphat.com
URL: https://xosodaiphat.com/xsmn-xo-so-mien-nam.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:154c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: c86bfeabd06ba640332347ce71c397f83fc766be7ba5cd8204d99b940e0fbcb6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://xosodaiphat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Sun, 08 Oct 2023 11:27:13 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Mon, 22 Nov 2021 04:03:56 GMT
server: cloudflare
age: 977680
etag: W/"b81b7bf855dfd71:0"
x-powered-by: ASP.NET
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=2678400
cf-ray: 812e088bbb1f1e57-FRA
alt-svc: h3=":443"; ma=86400
expires: Wed, 08 Nov 2023 11:27:13 GMT

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 99 KB
29 KB 310ms
194ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: xosodaiphat.com
URL: https://xosodaiphat.com/xsmn-xo-so-mien-nam.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7675a97ff46ccdf2a158f99484080515e0e0df9cdce11fc519382ace42a25d88

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://xosodaiphat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Sun, 08 Oct 2023 11:27:13 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29808
x-xss-protection: 0
server: cafe
etag: 128 / 19638 / 31078611 / config-hash: 4974023841911941900
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sun, 08 Oct 2023 11:27:13 GMT

GET
H2 200 xosodaiphat.com.3609.js Show response
api-sg.flygame.io/sdk/widget/ 239 KB
35 KB 484ms
383ms Script
application/javascript 104.26.0.74
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://api-sg.flygame.io/sdk/widget/xosodaiphat.com.3609.js
Requested by: Host: xosodaiphat.com
URL: https://xosodaiphat.com/xsmn-xo-so-mien-nam.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.0.74 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b89e680103994673476424f1b55975f5a015044b97b81fdfed4d3f5ab1f55f8e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://xosodaiphat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Sun, 08 Oct 2023 11:27:13 GMT
content-encoding: br
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"6458a404-3ba8d"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=x0hP%2FyNdOGiScLW0y9i97EMil5vHhlqHc3jv5sB0uAD7p5cYiT%2F18mxWN0aA7xZ5ACdPaNWeRuhgXENbxzPplQaZnitYQZROTEEytrWD20CZNOEeUn4f3s9IqmiN2C5utywM"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=14400
cf-ray: 812e088c7d7c2bc1-FRA

GET
H2 200 xosothienphu.com.1423705.js Show response
jsc.adskeeper.com/x/o/ 4 KB
2 KB 148ms
50ms Script
text/javascript 2606:4700:4400::ac40:986a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://jsc.adskeeper.com/x/o/xosothienphu.com.1423705.js
Requested by: Host: xosodaiphat.com
URL: https://xosodaiphat.com/xsmn-xo-so-mien-nam.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:986a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 626f8ed8d1ab8448c2296e9f672e372c0b5f42112238e561c0c36d63e6d34b64

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://xosodaiphat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Sun, 08 Oct 2023 11:27:13 GMT
content-encoding: gzip
x-amz-version-id: mO86_cxf71CAT8k6aWdNiXoBPkPAMoOT
cf-cache-status: HIT
x-amz-request-id: FJN78CV1H2TN1TBK
age: 6906
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400
content-length: 1459
x-amz-id-2: eefFG6cyP17nARza4jcLVi9PPSaN5GTYyVexfPY4PwKCy2lZcXy/rm+ZK25dDqqmQQbMKatfGdBmUb7RWSapGw/gzrUCEWs2WnTUoci/2RI=
last-modified: Mon, 02 Oct 2023 10:26:14 GMT
server: cloudflare
etag: "c8d579c08460cf70483bc55cb5649088"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 812e088c78853a7a-FRA
expires: Sun, 08 Oct 2023 15:27:13 GMT

GET
H2 200 xosodaiphat.com.1425077.js Show response
jsc.adskeeper.co.uk/x/o/ 4 KB
2 KB 150ms
47ms Script
text/javascript 2606:4700:4400::6812:2341
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://jsc.adskeeper.co.uk/x/o/xosodaiphat.com.1425077.js
Requested by: Host: xosodaiphat.com
URL: https://xosodaiphat.com/xsmn-xo-so-mien-nam.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:2341 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ece60d71cbe364ebf5237b52d2d4481d50349d6f651e1b4376ebeae32fbc18cb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://xosodaiphat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Sun, 08 Oct 2023 11:27:13 GMT
content-encoding: gzip
x-amz-version-id: kb21vZjej_lviDRCGrMtdY9dC3Ie2eY7
cf-cache-status: HIT
x-amz-request-id: P0NP6HZZF0QDB5XZ
age: 2960
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400
content-length: 1462
x-amz-id-2: vJKiN+YCRTwvVG0AQAhcvdSlAInROChhMPXNIwx3Jh/9s0M3jBqA5bAd68tBKV1ssoZJDekBmMA=
last-modified: Thu, 28 Sep 2023 08:47:25 GMT
server: cloudflare
etag: "5df0c4178db7199ae80d1184fb1ed071"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 812e088c9d9b03ec-FRA
expires: Sun, 08 Oct 2023 15:27:13 GMT

GET
H2 200 xosodaiphat.com.3418.js Show response
api.flygame.io/sdk/widget/ 239 KB
35 KB 164ms
58ms Script
application/javascript 104.26.0.74
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://api.flygame.io/sdk/widget/xosodaiphat.com.3418.js
Requested by: Host: xosodaiphat.com
URL: https://xosodaiphat.com/xsmn-xo-so-mien-nam.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.0.74 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: baa9d796be7e14ec9cc87eb0422e667656cf5d3242d4b92c1f8c0931ae1f1e65

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://xosodaiphat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Sun, 08 Oct 2023 11:27:13 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 632
etag: W/"6458a404-3ba8d"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uaA1NfSECRGZ3O5hknYfgrOhtrkrlQGvhaEzt6JRIFzRP1nCrHoEch5dmjovZTcHSuqhoLs6Ncr65P6%2FYSbelVPenjydvAPAlnrUhYD9JZ39YBWJAchpz7uaExWPTNgr"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=14400
cf-ray: 812e088ccf003734-FRA

GET
H2 200 Loading_icon.gif
cdn.xosodaiphat.com/assets/images/ 664 B
759 B 51ms
50ms Image
image/gif 2606:4700::6812:154c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.xosodaiphat.com/assets/images/Loading_icon.gif
Requested by: Host: xosodaiphat.com
URL: https://xosodaiphat.com/xsmn-xo-so-mien-nam.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:154c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 2a72e4899e019bb6fc9cdcd7c5edf076a9f2f6ccd80ba31e83736fac06272d34

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://xosodaiphat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Sun, 08 Oct 2023 11:27:13 GMT
cf-cache-status: HIT
age: 867378
x-powered-by: ASP.NET
alt-svc: h3=":443"; ma=86400
content-length: 664
last-modified: Mon, 22 Nov 2021 04:03:56 GMT
server: cloudflare
etag: "82175f855dfd71:0"
vary: Accept-Encoding
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=2678400
accept-ranges: bytes
cf-ray: 812e088c1b861e57-FRA
expires: Wed, 08 Nov 2023 11:27:13 GMT

GET
H2 200 DMCABadgeHelper.min.js Show response
images.dmca.com/Badges/ 465 B
761 B 152ms
39ms Script
application/javascript 2400:52e0:1e00::1080:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL: https://images.dmca.com/Badges/DMCABadgeHelper.min.js
Requested by: Host: xosodaiphat.com
URL: https://xosodaiphat.com/xsmn-xo-so-mien-nam.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1e00::1080:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software: BunnyCDN-DE1-1080 / ASP.NET
Resource Hash: e8021f1a9dad409f7e699457ac334653bf800464df69900237c4de1c29e275d0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://xosodaiphat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Sun, 08 Oct 2023 11:27:13 GMT
content-encoding: br
cdn-edgestorageid: 1080
x-powered-by: ASP.NET
cdn-cachedat: 09/12/2023 22:47:45
cdn-pullzone: 1574055
last-modified: Fri, 21 Jun 2019 20:14:34 GMT
server: BunnyCDN-DE1-1080
cdn-proxyver: 1.04
cdn-requestpullcode: 200
etag: W/"26b181f16d28d51:0"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
cdn-cache: HIT
cdn-uid: c136c664-112d-4533-8247-f90f6849ab39
cache-control: public, max-age=31536000
cdn-requestid: 225529c1161062135a64a7e8ce61c5a3
cdn-requestcountrycode: DE
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 jquerylib.js Show response
cdn.xosodaiphat.com/assets/js/ 105 KB
43 KB 151ms
48ms Script
application/javascript 2606:4700::6812:154c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.xosodaiphat.com/assets/js/jquerylib.js?v=20230711
Requested by: Host: xosodaiphat.com
URL: https://xosodaiphat.com/xsmn-xo-so-mien-nam.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:154c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: c01eb076809b16051ebbb8ace592465ef2d059908c608a4e07a7c1b6c624249b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://xosodaiphat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Sun, 08 Oct 2023 11:27:13 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 977597
x-powered-by: ASP.NET
alt-svc: h3=":443"; ma=86400
content-length: 43717
last-modified: Tue, 11 Jul 2023 05:04:02 GMT
server: cloudflare
etag: "b7dc51bb5b3d91:0"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=2678400
accept-ranges: bytes
cf-ray: 812e088b8acf1e57-FRA
expires: Wed, 08 Nov 2023 11:27:13 GMT

GET
H2 200 lazyload.min.js Show response
cdn.xosodaiphat.com/assets/js/ 3 KB
2 KB 189ms
87ms Script
application/javascript 2606:4700::6812:154c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.xosodaiphat.com/assets/js/lazyload.min.js?v=20230112
Requested by: Host: xosodaiphat.com
URL: https://xosodaiphat.com/xsmn-xo-so-mien-nam.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:154c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 9ccd0b8dcedf64da15cc9c91034d10ead865813506f63c82b9b02ba7cc4df78a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://xosodaiphat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Sun, 08 Oct 2023 11:27:13 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 259289
x-powered-by: ASP.NET
alt-svc: h3=":443"; ma=86400
content-length: 1428
last-modified: Wed, 11 Jan 2023 07:27:37 GMT
server: cloudflare
etag: "5f34c2e8e25d91:0"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=691200
accept-ranges: bytes
cf-ray: 812e088b8ad21e57-FRA
expires: Mon, 16 Oct 2023 11:27:13 GMT

GET
H2 200 firebase-app.js Show response
www.gstatic.com/firebasejs/8.3.0/ 19 KB
20 KB 128ms
39ms Script
text/javascript 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/firebasejs/8.3.0/firebase-app.js

Requested by

Host: xosodaiphat.com
URL: https://xosodaiphat.com/xsmn-xo-so-mien-nam.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b33c75d66b6115b2b04d07e509b8b5def62e5ff9a5feb52c7b4dfedb748fa8ba

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://xosodaiphat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 05 Oct 2023 17:15:46 GMT
x-content-type-options: nosniff
age: 238287
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19867
x-xss-protection: 0
last-modified: Thu, 11 Mar 2021 00:35:57 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="firebase-js"
vary: Accept-Encoding
report-to: {"group":"firebase-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/firebase-js"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 04 Oct 2024 17:15:46 GMT

GET
H2 200 firebase-messaging.js Show response
www.gstatic.com/firebasejs/8.3.0/ 40 KB
11 KB 141ms
52ms Script
text/javascript 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/firebasejs/8.3.0/firebase-messaging.js

Requested by

Host: xosodaiphat.com
URL: https://xosodaiphat.com/xsmn-xo-so-mien-nam.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e8001772f5fd68cdf6f4d82118d7d0b67cc65eb418f3994a4105837e5624894a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://xosodaiphat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Tue, 03 Oct 2023 05:00:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 455182
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10873
x-xss-protection: 0
last-modified: Thu, 11 Mar 2021 00:36:01 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="firebase-js"
vary: Accept-Encoding
report-to: {"group":"firebase-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/firebase-js"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 02 Oct 2024 05:00:51 GMT

GET
H2 200 xsdp-result.min.js Show response
cdn.xosodaiphat.com/assets/js/ 16 KB
5 KB 190ms
87ms Script
application/javascript 2606:4700::6812:154c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.xosodaiphat.com/assets/js/xsdp-result.min.js?v=20230526
Requested by: Host: xosodaiphat.com
URL: https://xosodaiphat.com/xsmn-xo-so-mien-nam.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:154c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: ca52dfbb3f2b64b0d96603936970f78ca8a0fac76233aad6b9020ae2acdfa336

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://xosodaiphat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Sun, 08 Oct 2023 11:27:13 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 259288
x-powered-by: ASP.NET
alt-svc: h3=":443"; ma=86400
content-length: 5420
last-modified: Mon, 29 May 2023 01:47:52 GMT
server: cloudflare
etag: "25cbdb94cf91d91:0"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=691200
accept-ranges: bytes
cf-ray: 812e088b8ad31e57-FRA
expires: Mon, 16 Oct 2023 11:27:13 GMT

GET
H2 200 lotterylivewk.min.js Show response
cdn.xosodaiphat.com/Content/js/ 52 KB
16 KB 152ms
50ms Script
application/javascript 2606:4700::6812:154c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.xosodaiphat.com/Content/js/lotterylivewk.min.js?v=20230504
Requested by: Host: xosodaiphat.com
URL: https://xosodaiphat.com/xsmn-xo-so-mien-nam.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:154c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 9f73c17a1dc717043a8bbf6093683781326b055b78590dfb61b99d2307605522

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://xosodaiphat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Sun, 08 Oct 2023 11:27:13 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 259288
x-powered-by: ASP.NET
alt-svc: h3=":443"; ma=86400
content-length: 16447
last-modified: Mon, 08 May 2023 04:58:37 GMT
server: cloudflare
etag: "6095ac06981d91:0"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=691200
accept-ranges: bytes
cf-ray: 812e088b8ad41e57-FRA
expires: Mon, 16 Oct 2023 11:27:13 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 201 KB
73 KB 135ms
48ms Script
application/javascript 2a00:1450:4001:806::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-KGDCKMX

Requested by

Host: xosodaiphat.com
URL: https://xosodaiphat.com/xsmn-xo-so-mien-nam.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

faf51c308c5b1e555cc8a56668387b45d37645466b340d293f1ed3fb20e4e3cb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://xosodaiphat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Sun, 08 Oct 2023 11:27:13 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 74251
x-xss-protection: 0
last-modified: Sun, 08 Oct 2023 09:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sun, 08 Oct 2023 11:27:13 GMT

GET
H2 200 plusone.js Show response
apis.google.com/js/ 56 KB
22 KB 146ms
58ms Script
text/javascript 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/js/plusone.js

Requested by

Host: xosodaiphat.com
URL: https://xosodaiphat.com/xsmn-xo-so-mien-nam.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ca680e70424c7890b71a46ad8547ab40acb038a75e3a4350df6df3d5970573a7

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://xosodaiphat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

content-security-policy: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
content-encoding: gzip
x-content-type-options: nosniff
date: Sun, 08 Oct 2023 11:27:13 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 21949
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="gapi-team"
etag: "339f2dc289384999"
vary: Accept-Encoding
report-to: {"group":"gapi-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gapi-team"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: private, max-age=1800, stale-while-revalidate=1800
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 08 Oct 2023 11:27:13 GMT

GET
DATA 200
OK truncated
/ 35 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 04c1bc744720c6e7542613e933c9a0f4bbd8f6ed45a5b1924223c256430dfd7b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Content-Type: image/gif

GET
H2 200 arow.svg
cdn.xosodaiphat.com/assets/images/ 737 B
609 B 52ms
52ms Image
image/svg+xml 2606:4700::6812:154c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.xosodaiphat.com/assets/images/arow.svg
Requested by: Host: xosodaiphat.com
URL: https://xosodaiphat.com/xsmn-xo-so-mien-nam.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:154c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 99984969b73a9759568e48a6e5e02f4fdc286cc3bd57f8e0fe94369b8dc920e4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://xosodaiphat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Sun, 08 Oct 2023 11:27:13 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Mon, 22 Nov 2021 04:03:56 GMT
server: cloudflare
age: 976596
etag: W/"188d5df855dfd71:0"
x-powered-by: ASP.NET
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=2678400
cf-ray: 812e088bcb2b1e57-FRA
alt-svc: h3=":443"; ma=86400
expires: Wed, 08 Nov 2023 11:27:13 GMT

GET
H2 200 list-icon.png
cdn.xosodaiphat.com/assets/images/ 394 B
489 B 50ms
50ms Image
image/png 2606:4700::6812:154c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.xosodaiphat.com/assets/images/list-icon.png
Requested by: Host: xosodaiphat.com
URL: https://xosodaiphat.com/xsmn-xo-so-mien-nam.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:154c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 710d59cc71277c8e761e9dde1ba57bf54c4ff65f3fa912baeaff109e80ebd98c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://xosodaiphat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Sun, 08 Oct 2023 11:27:13 GMT
cf-cache-status: HIT
age: 967283
x-powered-by: ASP.NET
alt-svc: h3=":443"; ma=86400
content-length: 394
last-modified: Mon, 22 Nov 2021 04:03:56 GMT
server: cloudflare
etag: "f91873f855dfd71:0"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=2678400
accept-ranges: bytes
cf-ray: 812e088bdb3e1e57-FRA
expires: Wed, 08 Nov 2023 11:27:13 GMT

GET
H2 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310020101/ 390 KB
132 KB 129ms
128ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310020101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-2201058077065954&plah=xosodaiphat.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

498e96f2436aa3b9f709ea98261a9796d125cd76cc5c0fbf29a4ecfc7a585918

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://xosodaiphat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Sun, 08 Oct 2023 11:27:13 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 135220
x-xss-protection: 0
server: cafe
etag: 1180732713548795950
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sun, 08 Oct 2023 11:27:13 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20231004/r20190131/ Frame 063B 10 KB
5 KB 132ms
38ms Document
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20231004/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

041fe6e516177e777c651a95708ee4961723db34a974e8be9e6ba597a1313e51

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://xosodaiphat.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 81645
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4471
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 07 Oct 2023 12:46:28 GMT
etag: 2603938475786422795
expires: Sat, 21 Oct 2023 12:46:28 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310030101/ 419 KB
132 KB 43ms
42ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310030101/pubads_impl.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ab1e5ef8baed1d906b9e8ea4126ad958556881a46150cd6712ad5ebc40f4e46

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://xosodaiphat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Sun, 08 Oct 2023 10:33:01 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3252
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 134829
x-xss-protection: 0
server: cafe
etag: 3697166202567710199
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Mon, 07 Oct 2024 10:33:01 GMT

GET
H2 200 xosothienphu.com.1423705.es6.js Show response
jsc.adskeeper.com/x/o/ 310 KB
96 KB 49ms
47ms Script
text/javascript 2606:4700:4400::ac40:986a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://jsc.adskeeper.com/x/o/xosothienphu.com.1423705.es6.js
Requested by: Host: jsc.adskeeper.com
URL: https://jsc.adskeeper.com/x/o/xosothienphu.com.1423705.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:986a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d2bad93dd508b5ec78cb7818fb910499a0bb1597610ee4716a74efe54e9bd28e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://xosodaiphat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Sun, 08 Oct 2023 11:27:13 GMT
content-encoding: gzip
x-amz-version-id: Cnwq3Df7UYkHQhwwcAAmDXWsjF6FoENl
cf-cache-status: HIT
x-amz-request-id: RQYKAS4JWKXECHR3
age: 6906
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400
content-length: 97737
x-amz-id-2: A1sn84cvQaM8IfQ9Az27kskm+hdtwQV4Woz0SwNFSUpxDgpIeRTOgjV1eJYnCJwkVJ24xMy1pSc=
last-modified: Mon, 02 Oct 2023 10:26:14 GMT
server: cloudflare
etag: "85942f06e0493fe8b962c36ef9462732"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 812e088ce9413a7a-FRA
expires: Sun, 08 Oct 2023 15:27:13 GMT

GET
H2 200 xosodaiphat.com.1425077.es6.js Show response
jsc.adskeeper.co.uk/x/o/ 327 KB
100 KB 49ms
48ms Script
text/javascript 2606:4700:4400::6812:2341
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://jsc.adskeeper.co.uk/x/o/xosodaiphat.com.1425077.es6.js
Requested by: Host: jsc.adskeeper.co.uk
URL: https://jsc.adskeeper.co.uk/x/o/xosodaiphat.com.1425077.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:2341 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: feee83064f03a337be948ae3c4ea16eefe6d36ce32edc03919769e4fa2c367dd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://xosodaiphat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Sun, 08 Oct 2023 11:27:13 GMT
content-encoding: gzip
x-amz-version-id: nD4TQp2WgPExx2.56bSbsiiuWhbRkbae
cf-cache-status: HIT
x-amz-request-id: P0NKTPYGABTFKGFY
age: 2957
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400
content-length: 102466
x-amz-id-2: GJuRPW8kx6ILY9T9ET96F4sKPklQmy1zyp/W4jaw3wAggKaSXJNR8nNGQIIps/Y9jvZmP6cAwtY=
last-modified: Thu, 28 Sep 2023 08:47:24 GMT
server: cloudflare
etag: "bb6c40ef8bfc53d5244dd02e37a0b9d1"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 812e088cee1103ec-FRA
expires: Sun, 08 Oct 2023 15:27:13 GMT

POST
H/1.1 200
OK stat
nstat-sg.flygame.io/api/ 0
0 1052ms
379ms Ping
application/json 118.194.235.163
UCLOUD-HK-AS-AP U...

General

Check archive.org

Show headers Download Go to

Full URL: https://nstat-sg.flygame.io/api/stat?sign=f1dda1019665f2d28963ae8a57f1e09b
Requested by: Host: api.flygame.io
URL: https://api.flygame.io/sdk/widget/xosodaiphat.com.3418.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 118.194.235.163 , Singapore, ASN135377 (UCLOUD-HK-AS-AP UCLOUD INFORMATION TECHNOLOGY HK LIMITED, HK),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://xosodaiphat.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

GET
H/1.1 200
OK v2 Show response
api2-sg.flygame.io/api/ig/widget/fill/ 281 B
686 B 951ms
282ms XHR
application/json 107.155.55.90
UCLOUD-HK-AS-AP U...

General

Check archive.org

Show headers Download Go to

Full URL: https://api2-sg.flygame.io/api/ig/widget/fill/v2?appKey=websdk&nonce=189914&timestamp=1696764433456&deviceId=24AE1B2E97C5&widgetId=3418&publisher=xosodaiphat.com&os=ios&language=en-us&adid=&showedTimes=0&signature=4b03fc57461845be7aa4c8f6521ef5337036cbbf
Requested by: Host: api.flygame.io
URL: https://api.flygame.io/sdk/widget/xosodaiphat.com.3418.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 107.155.55.90 , United States, ASN135377 (UCLOUD-HK-AS-AP UCLOUD INFORMATION TECHNOLOGY HK LIMITED, HK),
Reverse DNS
Software: nginx /
Resource Hash: a664a283e7568eec8fde1d5032161f87dc514a57c59b47a51008aa53f9b060be

Request headers

Accept: application/json, text/plain, */*
Referer: https://xosodaiphat.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Date: Sun, 08 Oct 2023 11:27:14 GMT
Server: nginx
Access-Control-Max-Age: 86400
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: no-cache
Access-Control-Allow-Credentials: True
Connection: keep-alive
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
Content-Length: 281

GET
H2 200 cb=gapi.loaded_0 Show response
apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.de.B-JjfXXjM2M.O/m=plusone/rt=j/sv=1/d=1/ed=1/rs=AHpOoo95p0-_VFKUd25zvhq1myqBZc16PQ/ 157 KB
55 KB 39ms
39ms Script
text/javascript 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.de.B-JjfXXjM2M.O/m=plusone/rt=j/sv=1/d=1/ed=1/rs=AHpOoo95p0-_VFKUd25zvhq1myqBZc16PQ/cb=gapi.loaded_0?le=scs

Requested by

Host: apis.google.com
URL: https://apis.google.com/js/plusone.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

12911cd256bb8c5119c9d104cb6e323280c827243431afd1aeb8ad77e62fffa4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://xosodaiphat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Mon, 02 Oct 2023 08:31:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 528932
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 55816
x-xss-protection: 0
last-modified: Sat, 02 Sep 2023 15:18:27 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="social-frontend-mpm-access"
vary: Accept-Encoding
report-to: {"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 01 Oct 2024 08:31:41 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 128ms
40ms Script
text/javascript 2001:4860:4802:34::178
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KGDCKMX

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4860:4802:34::178 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://xosodaiphat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Sun, 08 Oct 2023 09:49:42 GMT
last-modified: Mon, 12 Jun 2023 18:23:07 GMT
server: Golfe2
age: 5851
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Sun, 08 Oct 2023 11:49:42 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 269 KB
90 KB 56ms
55ms Script
application/javascript 2a00:1450:4001:806::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-KPB8BPT4XL&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KGDCKMX

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

48dd558693fd6b2cdb4ebcfc9f126e3170ee7a04e08dd673b6b06442f8bfef17

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://xosodaiphat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Sun, 08 Oct 2023 11:27:13 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 92382
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sun, 08 Oct 2023 11:27:13 GMT

GET
BLOB 200
OK fdb77c62-f71e-4ae9-a079-78e1d1295e0e
https://xosodaiphat.com/ 0
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://xosodaiphat.com/fdb77c62-f71e-4ae9-a079-78e1d1295e0e
Requested by: Host: xosodaiphat.com
URL: https://xosodaiphat.com/xsmn-xo-so-mien-nam.html
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Content-Length: 0
Content-Type: text/javascript

GET
BLOB 200
OK 68b0b8b4-4954-4809-be7b-c86f3d6468fb
https://xosodaiphat.com/ 250 B
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://xosodaiphat.com/68b0b8b4-4954-4809-be7b-c86f3d6468fb
Requested by: Host: xosodaiphat.com
URL: https://xosodaiphat.com/xsmn-xo-so-mien-nam.html
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e37071398d21f18dff2370ee0885f38811bb69bb465b398100ab3101fc521d6b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Content-Length: 250
Content-Type: text/javascript

GET
BLOB 200
OK 2ba333cd-1ed5-4755-a29e-d164907cae3d
https://xosodaiphat.com/ 0
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://xosodaiphat.com/2ba333cd-1ed5-4755-a29e-d164907cae3d
Requested by: Host: xosodaiphat.com
URL: https://xosodaiphat.com/xsmn-xo-so-mien-nam.html
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Content-Length: 0
Content-Type: text/javascript

GET
BLOB 200
OK 5f9d0c40-b456-4516-a959-a03dd7efc4e4
https://xosodaiphat.com/ 250 B
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://xosodaiphat.com/5f9d0c40-b456-4516-a959-a03dd7efc4e4
Requested by: Host: xosodaiphat.com
URL: https://xosodaiphat.com/xsmn-xo-so-mien-nam.html
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e37071398d21f18dff2370ee0885f38811bb69bb465b398100ab3101fc521d6b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Content-Length: 250
Content-Type: text/javascript

GET
H2 200 103512698 Show response
fundingchoicesmessages.google.com/i/ 157 KB
52 KB 231ms
113ms Script
application/javascript 2a00:1450:4001:81c::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/i/103512698?ers=3

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310030101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

681c99a79c536103cfab3455cdd6e89905f465435f767c49093af21d75c4742e

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-TZd6GKe7SYwvdLZExZkwZg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://xosodaiphat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Sun, 08 Oct 2023 11:27:13 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-TZd6GKe7SYwvdLZExZkwZg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ca-pub-2201058077065954 Show response
fundingchoicesmessages.google.com/i/ 157 KB
51 KB 228ms
125ms Script
application/javascript 2a00:1450:4001:81c::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/i/ca-pub-2201058077065954?ers=2

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310020101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-2201058077065954&plah=xosodaiphat.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2d241b249f832caa4db1651cc79081591e53b8c45bf6ab267198c5aa05e92c4d

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-vU8hvhlJtybtfV8HxuocTg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://xosodaiphat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Sun, 08 Oct 2023 11:27:13 GMT
content-security-policy: script-src 'report-sample' 'nonce-vU8hvhlJtybtfV8HxuocTg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
244 B 133ms
47ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-KPB8BPT4XL&gtm=45je3a40&_p=1504313189&cid=490054071.1696764434&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1696764433&sct=1&seg=0&dl=https%3A%2F%2Fxosodaiphat.com%2Fxsmn-xo-so-mien-nam.html&dt=XSMN%20-%20X%E1%BB%95%20S%E1%BB%91%20Mi%E1%BB%81n%20Nam%20-%20Ket%20qua%20xo%20so%20mien%20nam%20-%20SXMN&en=page_view&_fv=1&_nsi=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-KPB8BPT4XL&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://xosodaiphat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 08 Oct 2023 11:27:13 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://xosodaiphat.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
c.adskeeper.com/pv/ 43 B
114 B 82ms
63ms Image
image/gif 2606:4700:4400::ac40:986a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.adskeeper.com/pv/?lu=https%3A%2F%2Fxosodaiphat.com%2Fxsmn-xo-so-mien-nam.html&cbuster=1696764433670196087536&pvid=18b0f0a950686ea3b07&implVersion=11&cxurl=https%3A%2F%2Fxosodaiphat.com%2Fxsmn-xo-so-mien-nam.html&site=802834&i=1&scum=%3F0&scuw=%3F0
Requested by: Host: xosodaiphat.com
URL: https://xosodaiphat.com/xsmn-xo-so-mien-nam.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:986a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://xosodaiphat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Sun, 08 Oct 2023 11:27:13 GMT
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 812e088eab563a7a-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43
content-type: image/gif

POST
H2 200 collect Show response
www.google-analytics.com/j/ 4 B
208 B 46ms
46ms XHR
text/plain 2001:4860:4802:34::178
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1504313189&t=pageview&_s=1&dl=https%3A%2F%2Fxosodaiphat.com%2Fxsmn-xo-so-mien-nam.html&ul=en-us&de=UTF-8&dt=XSMN%20-%20X%E1%BB%95%20S%E1%BB%91%20Mi%E1%BB%81n%20Nam%20-%20Ket%20qua%20xo%20so%20mien%20nam%20-%20SXMN&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAEABAAAAACAAI~&jid=1193794915&gjid=1451317314&cid=490054071.1696764434&tid=UA-72080428-1&_gid=1021077097.1696764434&_r=1&_slc=1&gtm=45He3a40n81KGDCKMX&z=1760975407

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4860:4802:34::178 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://xosodaiphat.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 08 Oct 2023 11:27:13 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://xosodaiphat.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H/1.1 200
OK stat
nstat-sg.flygame.io/api/ 0
0 950ms
395ms Ping
application/json 118.194.235.163
UCLOUD-HK-AS-AP U...

General

Check archive.org

Show headers Download Go to

Full URL: https://nstat-sg.flygame.io/api/stat?sign=39359855b450a6a7f8bd4c790f10c717
Requested by: Host: api-sg.flygame.io
URL: https://api-sg.flygame.io/sdk/widget/xosodaiphat.com.3609.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 118.194.235.163 , Singapore, ASN135377 (UCLOUD-HK-AS-AP UCLOUD INFORMATION TECHNOLOGY HK LIMITED, HK),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://xosodaiphat.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
345 B 147ms
49ms XHR
text/plain 2a00:1450:400c:c0b::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-72080428-1&cid=490054071.1696764434&jid=1193794915&gjid=1451317314&_gid=1021077097.1696764434&_u=YADAAEAAAAAAACAAI~&z=2092832985

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c0b::9c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://xosodaiphat.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Sun, 08 Oct 2023 11:27:13 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://xosodaiphat.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
BLOB 206
Partial Content 96cc6177-8075-449e-8bd0-238a984dcf6d
https://xosodaiphat.com/ 1 KB
0 Media
video/mp4

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://xosodaiphat.com/96cc6177-8075-449e-8bd0-238a984dcf6d
Requested by: Host: xosodaiphat.com
URL: https://xosodaiphat.com/xsmn-xo-so-mien-nam.html
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 60ddc774c7b5fd0c01d169321a444da403d60c0042f6bee01b0c96f6e1535fda

Request headers

Referer
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
Range: bytes=0-

Response headers

Content-Range: bytes 0-1492/1493
Content-Length: 1493
Content-Type: video/mp4

GET
H2 200 AGSKWxW9cXQ2cKCJILqoyZQiauBNwMGkqGJunvxktM_5EKIma-cmNXPhlAs14mgy0-peji6x-G6Mq5dABv5TTlndxYw3hgGjybkbneXvLF754taWYNnMpL4fcQ-ZmTXomlfKzytSdc6Anw== Show response
fundingchoicesmessages.google.com/f/ 959 KB
112 KB 218ms
217ms Script
application/javascript 2a00:1450:4001:81c::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxW9cXQ2cKCJILqoyZQiauBNwMGkqGJunvxktM_5EKIma-cmNXPhlAs14mgy0-peji6x-G6Mq5dABv5TTlndxYw3hgGjybkbneXvLF754taWYNnMpL4fcQ-ZmTXomlfKzytSdc6Anw==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNjk2NzY0NDMzLDkzMjAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzddXSwiaHR0cHM6Ly94b3NvZGFpcGhhdC5jb20veHNtbi14by1zby1taWVuLW5hbS5odG1sIixudWxsLFtbOCwiSVN1QV9GTFMwdUkiXSxbOSwiZGUiXSxbMTgsIltbWzBdXV0iXSxbMTksIjEiXSxbMTcsIlswXSJdXV0

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.de.ISuA_FLS0uI.es5.O/am=ggE/d=1/rs=AJlcJMzwaUy1AEc2c7_89HySqFvNL-gSlg/m=kernel_loader,loader_js_executable

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

f17af47f9930598fbbf14607ee578916eb5509639b4a2f1237f6394892bc42e3

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-n_sDlBiQKK5__2jsV5cKnQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://xosodaiphat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Sun, 08 Oct 2023 11:27:14 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-n_sDlBiQKK5__2jsV5cKnQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 css
fonts.googleapis.com/ 69 KB
4 KB 156ms
56ms Stylesheet
text/css 2a00:1450:4001:829::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.de.ISuA_FLS0uI.es5.O/d=1/exm=kernel_loader,loader_js_executable/ed=1/rs=AJlcJMxGPEcEyM__geJv35PaUEFtF_ef3Q/m=web_iab_tcf_v2_wall_executable

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2cad1c8be3f8f84a05361f5b560fbd93895541c6da9de09b995ee742f0b4c6ea

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://xosodaiphat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sun, 08 Oct 2023 11:27:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sun, 08 Oct 2023 11:27:14 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 08 Oct 2023 11:27:14 GMT

GET
H2 200 ZmGcQcL3br-gEu0o9CTG80T5i5OQxQjTYk-9w-_LqBLZI9QXHP_PX52ImwX7oIWQUMojUojo65NQbl_shxSUEH0WS-75V_Zx32iCgC81gnGZTKqvwVm2TA=h60
lh3.googleusercontent.com/ 4 KB
5 KB 162ms
41ms Image
image/jpeg 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/ZmGcQcL3br-gEu0o9CTG80T5i5OQxQjTYk-9w-_LqBLZI9QXHP_PX52ImwX7oIWQUMojUojo65NQbl_shxSUEH0WS-75V_Zx32iCgC81gnGZTKqvwVm2TA=h60

Requested by

Host: xosodaiphat.com
URL: https://xosodaiphat.com/xsmn-xo-so-mien-nam.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

bf0e19b25b6026e03d52ef044756b38a9e33c32a11b82fb12c588d118eefd743

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://xosodaiphat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Sun, 08 Oct 2023 08:19:02 GMT
x-content-type-options: nosniff
age: 11292
content-disposition: inline;filename="unnamed.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4482
x-xss-protection: 0
server: fife
etag: "v1"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Mon, 09 Oct 2023 08:19:02 GMT

GET
H2 200 flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2
fonts.gstatic.com/s/materialicons/v140/ 125 KB
126 KB 129ms
40ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/materialicons/v140/flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2

Requested by

Host: xosodaiphat.com
URL: https://xosodaiphat.com/xsmn-xo-so-mien-nam.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8265f64786397d6b832d1ca0aafdf149ad84e72759fffa9f7272e91a0fb015d1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://xosodaiphat.com/
Origin: https://xosodaiphat.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Tue, 03 Oct 2023 09:56:40 GMT
x-content-type-options: nosniff
age: 437434
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 128352
x-xss-protection: 0
last-modified: Tue, 07 Mar 2023 19:51:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 02 Oct 2024 09:56:40 GMT

POST
H3 204 AGSKWxVaTi47WOXcdYINpv4z4suLLod-vkI6Pkd5QPrg-MkZ5IQXpF5LduZR18BVAukz9PmHj_X1Ailo7GhHw_o--W_LlpCpWVGASQS7b76EU_YJ0yyg_uY8eRn3iazDLf_aHGH3PjOTYQ== Show response
fundingchoicesmessages.google.com/el/ 0
28 B 139ms
54ms XHR
text/html 2a00:1450:4001:81c::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxVaTi47WOXcdYINpv4z4suLLod-vkI6Pkd5QPrg-MkZ5IQXpF5LduZR18BVAukz9PmHj_X1Ailo7GhHw_o--W_LlpCpWVGASQS7b76EU_YJ0yyg_uY8eRn3iazDLf_aHGH3PjOTYQ==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-10kIK4pggp2zLXJq-fiXHQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://xosodaiphat.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
Content-Type: text/plain

Response headers

date: Sun, 08 Oct 2023 11:27:14 GMT
content-security-policy: script-src 'report-sample' 'nonce-10kIK4pggp2zLXJq-fiXHQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://xosodaiphat.com
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H/1.1 200
OK stat
nstat-sg.flygame.io/api/ 0
0 398ms
398ms Ping
application/json 118.194.235.163
UCLOUD-HK-AS-AP U...

General

Check archive.org

Show headers Download Go to

Full URL: https://nstat-sg.flygame.io/api/stat?sign=33fdf3acf46e5b9464f0b4931741c93a
Requested by: Host: api.flygame.io
URL: https://api.flygame.io/sdk/widget/xosodaiphat.com.3418.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 118.194.235.163 , Singapore, ASN135377 (UCLOUD-HK-AS-AP UCLOUD INFORMATION TECHNOLOGY HK LIMITED, HK),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://xosodaiphat.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

POST
H/1.1 200
OK stat
nstat-sg.flygame.io/api/ 0
0 959ms
384ms Ping
application/json 118.194.235.163
UCLOUD-HK-AS-AP U...

General

Check archive.org

Show headers Download Go to

Full URL: https://nstat-sg.flygame.io/api/stat?sign=710230a03ddeb2453ac71ffe57f508d2
Requested by: Host: api.flygame.io
URL: https://api.flygame.io/sdk/widget/xosodaiphat.com.3418.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 118.194.235.163 , Singapore, ASN135377 (UCLOUD-HK-AS-AP UCLOUD INFORMATION TECHNOLOGY HK LIMITED, HK),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://xosodaiphat.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

POST
H/1.1 200
OK stat
nstat-sg.flygame.io/api/ 0
0 1012ms
425ms Ping
application/json 118.194.235.163
UCLOUD-HK-AS-AP U...

General

Check archive.org

Show headers Download Go to

Full URL: https://nstat-sg.flygame.io/api/stat?sign=baff273b2b4fba8132b74c8b4000265a
Requested by: Host: api.flygame.io
URL: https://api.flygame.io/sdk/widget/xosodaiphat.com.3418.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 118.194.235.163 , Singapore, ASN135377 (UCLOUD-HK-AS-AP UCLOUD INFORMATION TECHNOLOGY HK LIMITED, HK),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://xosodaiphat.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

GET
H2 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v36/ 47 KB
47 KB 114ms
113ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v36/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9b1b9d7cb74a9923d83f36f0026f421940b861fd6e1a51b8f79af45492ed4ed5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://xosodaiphat.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 05 Oct 2023 18:17:53 GMT
x-content-type-options: nosniff
age: 234561
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 48432
x-xss-protection: 0
last-modified: Thu, 14 Sep 2023 00:40:31 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 04 Oct 2024 18:17:53 GMT

Verdicts & Comments Add Verdict or Comment

239 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

7 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.google.com/	1970-01-20 19:42:55	Name: NID Value: 511=lFysFBw2IhBIBKXWYQPFIpujFWiDv9Ntr7Sa6iKoSgBIKJCakwaQ4haUSv68Iq4oDqOEiT_LEMc7Vx-YmQmKlC_mwGV2OmBuvU1mhTl0xRigoZNXdhM_MG8LFDVt_31jlZRJZeCF9PP_iApP3JrO9DwyyS5o9M7d97Vn1MRaCrQ
.xosodaiphat.com/	1970-01-20 17:29:00	Name: _gcl_au Value: 1.1.1164450815.1696764434
.xosodaiphat.com/	1970-01-21 00:55:24	Name: _ga_KPB8BPT4XL Value: GS1.1.1696764433.1.0.1696764433.0.0.0
.xosodaiphat.com/	1970-01-21 00:55:24	Name: _ga Value: GA1.2.490054071.1696764434
.xosodaiphat.com/	1970-01-20 15:20:50	Name: _gid Value: GA1.2.1021077097.1696764434
.xosodaiphat.com/	1970-01-20 15:19:24	Name: _gat_UA-72080428-1 Value: 1
xosodaiphat.com/	1969-12-31 23:59:59	Name: AdskeeperStorage Value: %7B%220%22%3A%7B%22svspr%22%3A%22%22%2C%22svsds%22%3A1%7D%2C%22C1423705%22%3A%7B%22page%22%3A1%7D%7D

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
rendering	warning	URL: https://xosodaiphat.com/xsmn-xo-so-mien-nam.html Message: The value "160dpi" for key "target-densitydpi" was truncated to its numeric prefix.
rendering	warning	URL: https://xosodaiphat.com/xsmn-xo-so-mien-nam.html Message: The key "target-densitydpi" is not supported.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api-sg.flygame.io
api.flygame.io
api2-sg.flygame.io
apis.google.com
c.adskeeper.com
cdn.xosodaiphat.com
fonts.googleapis.com
fonts.gstatic.com
fundingchoicesmessages.google.com
googleads.g.doubleclick.net
images.dmca.com
jsc.adskeeper.co.uk
jsc.adskeeper.com
lh3.googleusercontent.com
msdigita.github.io
nstat-sg.flygame.io
pagead2.googlesyndication.com
region1.google-analytics.com
securepubads.g.doubleclick.net
stats.g.doubleclick.net
www.google-analytics.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
xosodaiphat.com
104.26.0.74
107.155.55.90
118.194.235.163
2001:4860:4802:32::36
2001:4860:4802:34::178
2400:52e0:1e00::1080:1
2606:4700:4400::6812:2341
2606:4700:4400::ac40:986a
2606:4700::6812:144c
2606:4700::6812:154c
2606:50c0:8001::153
2a00:1450:4001:806::2008
2a00:1450:4001:80e::2002
2a00:1450:4001:80f::2002
2a00:1450:4001:810::2002
2a00:1450:4001:812::2003
2a00:1450:4001:81c::200e
2a00:1450:4001:827::2003
2a00:1450:4001:829::2001
2a00:1450:4001:829::200a
2a00:1450:4001:82f::200e
2a00:1450:4001:831::2002
2a00:1450:400c:c0b::9c
01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b
041fe6e516177e777c651a95708ee4961723db34a974e8be9e6ba597a1313e51
04c1bc744720c6e7542613e933c9a0f4bbd8f6ed45a5b1924223c256430dfd7b
12911cd256bb8c5119c9d104cb6e323280c827243431afd1aeb8ad77e62fffa4
2a72e4899e019bb6fc9cdcd7c5edf076a9f2f6ccd80ba31e83736fac06272d34
2cad1c8be3f8f84a05361f5b560fbd93895541c6da9de09b995ee742f0b4c6ea
2d241b249f832caa4db1651cc79081591e53b8c45bf6ab267198c5aa05e92c4d
48dd558693fd6b2cdb4ebcfc9f126e3170ee7a04e08dd673b6b06442f8bfef17
498e96f2436aa3b9f709ea98261a9796d125cd76cc5c0fbf29a4ecfc7a585918
60ddc774c7b5fd0c01d169321a444da403d60c0042f6bee01b0c96f6e1535fda
626f8ed8d1ab8448c2296e9f672e372c0b5f42112238e561c0c36d63e6d34b64
681c99a79c536103cfab3455cdd6e89905f465435f767c49093af21d75c4742e
682230f7a8f18edbe2ec5826afc7d8184bd6545c9249fbee715fc104848bbaea
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
710d59cc71277c8e761e9dde1ba57bf54c4ff65f3fa912baeaff109e80ebd98c
7675a97ff46ccdf2a158f99484080515e0e0df9cdce11fc519382ace42a25d88
8265f64786397d6b832d1ca0aafdf149ad84e72759fffa9f7272e91a0fb015d1
99984969b73a9759568e48a6e5e02f4fdc286cc3bd57f8e0fe94369b8dc920e4
9ab1e5ef8baed1d906b9e8ea4126ad958556881a46150cd6712ad5ebc40f4e46
9b1b9d7cb74a9923d83f36f0026f421940b861fd6e1a51b8f79af45492ed4ed5
9ccd0b8dcedf64da15cc9c91034d10ead865813506f63c82b9b02ba7cc4df78a
9ecd1920eaa0ec5eb45906378c8929f191c1da07796c0fda8043903918ce9a4e
9f73c17a1dc717043a8bbf6093683781326b055b78590dfb61b99d2307605522
a664a283e7568eec8fde1d5032161f87dc514a57c59b47a51008aa53f9b060be
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
b33c75d66b6115b2b04d07e509b8b5def62e5ff9a5feb52c7b4dfedb748fa8ba
b89e680103994673476424f1b55975f5a015044b97b81fdfed4d3f5ab1f55f8e
baa9d796be7e14ec9cc87eb0422e667656cf5d3242d4b92c1f8c0931ae1f1e65
bf0e19b25b6026e03d52ef044756b38a9e33c32a11b82fb12c588d118eefd743
c01eb076809b16051ebbb8ace592465ef2d059908c608a4e07a7c1b6c624249b
c86bfeabd06ba640332347ce71c397f83fc766be7ba5cd8204d99b940e0fbcb6
c9c21b62587ede6cc194c884829321cc73255718237d3fa2ea1453dbfc67ff51
ca52dfbb3f2b64b0d96603936970f78ca8a0fac76233aad6b9020ae2acdfa336
ca680e70424c7890b71a46ad8547ab40acb038a75e3a4350df6df3d5970573a7
d12eef67d54c4878b6952a448b3a43cb374220a306b08d7b8bc714710e8cf0af
d2bad93dd508b5ec78cb7818fb910499a0bb1597610ee4716a74efe54e9bd28e
dd382a0b771572febe55bbd91bca06284a52d4ac9bc73128f114914a4b3c7e97
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e37071398d21f18dff2370ee0885f38811bb69bb465b398100ab3101fc521d6b
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e8001772f5fd68cdf6f4d82118d7d0b67cc65eb418f3994a4105837e5624894a
e8021f1a9dad409f7e699457ac334653bf800464df69900237c4de1c29e275d0
ece60d71cbe364ebf5237b52d2d4481d50349d6f651e1b4376ebeae32fbc18cb
ede1a14f2800eeb40e5370aef684dce98eff7eee4e6c75fb9b3c4c773351a8b2
f17af47f9930598fbbf14607ee578916eb5509639b4a2f1237f6394892bc42e3
f1cfe4f7d3b09de9e3537f0a2303e3e1f23825a794f744340ababa5807de75e1
faf51c308c5b1e555cc8a56668387b45d37645466b340d293f1ed3fb20e4e3cb
feee83064f03a337be948ae3c4ea16eefe6d36ce32edc03919769e4fa2c367dd

xosodaiphat.com Open in urlscan Pro 2606:4700::6812:144c Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

57 Requests

91 %HTTPS

87 %IPv6

15 Domains

25 Subdomains

24 IPs

5 Countries

1508 kBTransfer

5102 kBSize

7 Cookies

2 Outgoing links

Redirected requests

57 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

xosodaiphat.com Open in urlscan Pro
2606:4700::6812:144c Public Scan

Screenshot
Live screenshot

Full Image

57
Requests

91 %
HTTPS

87 %
IPv6

15
Domains

25
Subdomains

24
IPs

5
Countries

1508 kB
Transfer

5102 kB
Size

7
Cookies

57 HTTP transactions
1 data transactions