xsmb.me Open in urlscan Pro
210.211.98.16 Public Scan

URL:
http://xsmb.me/
Submission: On January 23 via manual (January 23rd 2018, 6:27:15 pm UTC) from VN

Summary HTTP 47 Redirects Links 5 Behaviour Indicators

Summary

This website contacted 12 IPs in 3 countries across 10 domains to perform 47 HTTP transactions. The main IP is 210.211.98.16, located in Ho Chi Minh City, Viet Nam and belongs to VTDC-AS-VN Vietel - CHT Compamy Ltd, VN. The main domain is xsmb.me.

This is the only time xsmb.me was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
11	210.211.98.16 210.211.98.16	38731 (VTDC-AS-V...) (VTDC-AS-VN Vietel - CHT Compamy Ltd)
3	216.58.210.2 216.58.210.2	15169 (GOOGLE) (GOOGLE - Google LLC)
1	172.217.16.206 172.217.16.206	15169 (GOOGLE) (GOOGLE - Google LLC)
2	216.58.207.74 216.58.207.74	15169 (GOOGLE) (GOOGLE - Google LLC)
2	185.60.216.19 185.60.216.19	32934 (FACEBOOK) (FACEBOOK - Facebook)
2	216.58.205.226 216.58.205.226	15169 (GOOGLE) (GOOGLE - Google LLC)
1	185.60.216.35 185.60.216.35	32934 (FACEBOOK) (FACEBOOK - Facebook)
2	172.217.23.142 172.217.23.142	15169 (GOOGLE) (GOOGLE - Google LLC)
6	172.217.22.2 172.217.22.2	15169 (GOOGLE) (GOOGLE - Google LLC)
10	172.217.22.1 172.217.22.1	15169 (GOOGLE) (GOOGLE - Google LLC)
1	172.217.23.162 172.217.23.162	15169 (GOOGLE) (GOOGLE - Google LLC)
47	12

11 210.211.98.16 (Ho Chi Minh City, Viet Nam)

ASN38731 (VTDC-AS-VN Vietel - CHT Compamy Ltd, VN)

xsmb.me	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 216.58.210.2 (Mountain View, United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: fra16s07-in-f2.1e100.net

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.16.206 (Mountain View, United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: fra16s08-in-f206.1e100.net

apis.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 216.58.207.74 (Mountain View, United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: fra16s25-in-f10.1e100.net

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.60.216.19 (Ireland)

ASN32934 (FACEBOOK - Facebook, Inc., US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 216.58.205.226 (Mountain View, United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: fra15s24-in-f2.1e100.net

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.60.216.35 (Ireland)

ASN32934 (FACEBOOK - Facebook, Inc., US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.217.23.142 (Mountain View, United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: fra16s18-in-f14.1e100.net

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 172.217.22.2 (Mountain View, United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: fra16s14-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 172.217.22.1 (Mountain View, United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: fra16s14-in-f1.1e100.net

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.23.162 (Mountain View, United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: fra15s22-in-f162.1e100.net

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
13	googlesyndication.com pagead2.googlesyndication.com tpc.googlesyndication.com	624 KB
11	xsmb.me xsmb.me	109 KB
6	doubleclick.net securepubads.g.doubleclick.net	103 KB
2	google-analytics.com www.google-analytics.com	14 KB
2	facebook.net connect.facebook.net	28 KB
2	googleapis.com ajax.googleapis.com	93 KB
2	google.com apis.google.com adservice.google.com	18 KB
1	facebook.com www.facebook.com	291 B
1	google.de adservice.google.de	174 B
1	googletagservices.com www.googletagservices.com	6 KB
47	10

	Domain	Requested by
11	xsmb.me	xsmb.me
10	tpc.googlesyndication.com	securepubads.g.doubleclick.net
6	securepubads.g.doubleclick.net	www.googletagservices.com securepubads.g.doubleclick.net xsmb.me
3	pagead2.googlesyndication.com	xsmb.me securepubads.g.doubleclick.net
2	www.google-analytics.com	xsmb.me
2	connect.facebook.net	xsmb.me connect.facebook.net
2	ajax.googleapis.com	xsmb.me
1	www.facebook.com	xsmb.me
1	adservice.google.com	pagead2.googlesyndication.com
1	adservice.google.de	pagead2.googlesyndication.com
1	apis.google.com	xsmb.me
1	www.googletagservices.com	xsmb.me
47	12

This site contains links to these domains. Also see Links.

Domain
caulovip99.win
soicaulagiau.com
giovangchotso6868.win
play.google.com
itunes.apple.com

Subject Issuer	Validity	Valid

This page contains 4 frames:

Primary Page: http://xsmb.me/
Frame ID: (C104A6ECE45560CC48433029FC2CA509)
Requests: 30 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/pagead/js/r20180118/r20110914/client/ext/m_window_focus_non_hydra.js
Frame ID: (AF28E6DF4B05B4EA59B3443008D4F884)
Requests: 5 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/pagead/js/r20180118/r20110914/client/ext/m_window_focus_non_hydra.js
Frame ID: (FB00C03A1548351D64E448308D1EDD87)
Requests: 4 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/pagead/js/r20180118/r20110914/client/ext/m_window_focus_non_hydra.js
Frame ID: (397F2B0B8E12024BCB090E53A953D79)
Requests: 4 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

Nginx (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /nginx(?:\/([\d.]+))?/i

DoubleClick for Publishers (DFP) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

script /googletagservices\.com\/tag\/js\/gpt(?:_mobile)?\.js/i

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

script /\/\/connect\.facebook\.net\/[^\/]*\/[a-z]*\.js/i

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

script /googlesyndication\.com\//i
env /^google_ad_/i
env /^__google_ad_/i
env /^Goog_AdSense_/i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|(analytics))\.js/i
env /^gaGlobal$/i

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

env /^googletag$/i

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

env /^jQuery$/i

Page Statistics

47
Requests

0 %
HTTPS

0 %
IPv6

10
Domains

12
Subdomains

12
IPs

3
Countries

996 kB
Transfer

1843 kB
Size

6
Cookies

5 Outgoing links

These are links going to different origins than the main page.

URL: http://caulovip99.win/
Title: Cầu lô 2 nháy

Search URL Search Domain Scan URL

URL: http://soicaulagiau.com/
Title: Lô vàng lô bạc

Search URL Search Domain Scan URL

URL: http://giovangchotso6868.win/
Title: Cầu vàng VIP

Search URL Search Domain Scan URL

URL: https://play.google.com/store/apps/details?id=xsmb.xosomienbac.tructiep

Search URL Search Domain Scan URL

URL: https://itunes.apple.com/ca/app/xsmb-k%E1%BA%BFt-qu%E1%BA%A3-x%E1%BB%95-s%E1%BB%91-mi%E1%BB%81n-b%E1%BA%AFc/id1241634752

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 19

http://www.google-analytics.com/analytics.js HTTP 307
https://www.google-analytics.com/analytics.js

Request Chain 21

http://www.google-analytics.com/r/collect?v=1&_v=j66&a=1796507711&t=pageview&_s=1&dl=http%3A%2F%2Fxsmb.me%2F&dr=http%3A%2F%2Fxskt.com.vn&ul=en-us&de=UTF-8&dt=X%E1%BB%95%20s%E1%BB%91%203%20mi%E1%BB%81n%20-%20KQXS%20-%20XSKT%20-%20XS3M%20-%20K%E1%BA%BFt%20qu%E1%BA%A3%20x%E1%BB%95%20s%E1%BB%91%20ki%E1%BA%BFn%20thi%E1%BA%BFt%20h%C3%B4m%20nay&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&_u=IEBAAEAB~&jid=924462534&gjid=903888708&cid=167419156.1516732024&tid=UA-80240517-1&_gid=361483502.1516732024&_r=1&z=504161913 HTTP 307
https://www.google-analytics.com/r/collect?v=1&_v=j66&a=1796507711&t=pageview&_s=1&dl=http%3A%2F%2Fxsmb.me%2F&dr=http%3A%2F%2Fxskt.com.vn&ul=en-us&de=UTF-8&dt=X%E1%BB%95%20s%E1%BB%91%203%20mi%E1%BB%81n%20-%20KQXS%20-%20XSKT%20-%20XS3M%20-%20K%E1%BA%BFt%20qu%E1%BA%A3%20x%E1%BB%95%20s%E1%BB%91%20ki%E1%BA%BFn%20thi%E1%BA%BFt%20h%C3%B4m%20nay&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&_u=IEBAAEAB~&jid=924462534&gjid=903888708&cid=167419156.1516732024&tid=UA-80240517-1&_gid=361483502.1516732024&_r=1&z=504161913

47 HTTP transactions
-4 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request / Show response
xsmb.me/ 55 KB
55 KB 489ms
245ms Document
text/html 210.211.98.16
CHT Compamy Ltd

General

Check archive.org

Show headers Download Go to

Full URL: http://xsmb.me/
Protocol: HTTP/1.1
Server: 210.211.98.16 Ho Chi Minh City, Viet Nam, ASN38731 (VTDC-AS-VN Vietel - CHT Compamy Ltd, VN),
Reverse DNS
Software: nginx/1.12.0 /
Resource Hash: 4944806b8a5dc90adee19cfbf8c85b75a6c907baffa474e3c81657b9c2f1467b

Request headers

Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Connection: keep-alive
Accept-Encoding: gzip, deflate
Host: xsmb.me
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
Upgrade-Insecure-Requests: 1
referer: http://xskt.com.vn
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Date: Tue, 23 Jan 2018 18:27:07 GMT
Content-Encoding: gzip
Last-Modified: Tue, 23 Jan 2018 18:01:01 GMT
Server: nginx/1.12.0
ETag: W/"5a67785d-da0f"
Vary: Accept-Encoding
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive

GET
H/1.1 200
OK adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 67 KB
26 KB 49ms
43ms Script
text/javascript 216.58.210.2
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: xsmb.me
URL: http://xsmb.me/

Protocol

HTTP/1.1

Server

216.58.210.2 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra16s07-in-f2.1e100.net

Software

cafe /

Resource Hash

ee29b2655b65d1e0cead819006fbd8827fa081574e471f70012d21952ba789f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://xskt.com.vn
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Timing-Allow-Origin: *
Date: Tue, 23 Jan 2018 18:27:03 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: cafe
ETag: 2320703979741374602
P3P: policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Cache-Control: private, max-age=3600
Content-Disposition: attachment; filename="f.txt"
Content-Type: text/javascript; charset=UTF-8
Content-Length: 25688
X-XSS-Protection: 1; mode=block
Expires: Tue, 23 Jan 2018 18:27:03 GMT

GET
S 200 gpt.js Show response
www.googletagservices.com/tag/js/ 13 KB
6 KB 77ms
44ms Script
text/javascript 216.58.210.2
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: xsmb.me
URL: http://xsmb.me/

Protocol

SPDY

Server

216.58.210.2 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra16s07-in-f2.1e100.net

Software

sffe /

Resource Hash

e73b41bb478beac2a8626b89206b0037e1f25246a579ec81d201b3fe7665871c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://xskt.com.vn
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

date: Tue, 23 Jan 2018 18:27:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1516668502354976"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: hq="googleads.g.doubleclick.net:443"; ma=2592000; quic=51303431; quic=51303339; quic=51303338; quic=51303337; quic=51303335,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="41,39,38,37,35",hq=":443"; ma=2592000; quic=51303431; quic=51303339; quic=51303338; quic=51303337; quic=51303335,quic=":443"; ma=2592000; v="41,39,38,37,35"
content-length: 5813
x-xss-protection: 1; mode=block
expires: Tue, 23 Jan 2018 18:27:03 GMT

GET
H/1.1 200
OK xsmn.min.css
xsmb.me/css/css/ 70 KB
18 KB 247ms
246ms Stylesheet
text/css 210.211.98.16
CHT Compamy Ltd

General

Check archive.org

Show headers Download Go to

Full URL: http://xsmb.me/css/css/xsmn.min.css?v=1505378822
Requested by: Host: xsmb.me
URL: http://xsmb.me/
Protocol: HTTP/1.1
Server: 210.211.98.16 Ho Chi Minh City, Viet Nam, ASN38731 (VTDC-AS-VN Vietel - CHT Compamy Ltd, VN),
Reverse DNS
Software: nginx/1.12.0 /
Resource Hash: bd0362e526b08f12309a5acf447eb5a26dbab24e4dea8b586b1de47ad64f9e6a

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: xsmb.me
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
Accept: text/css,*/*;q=0.1
Referer: http://xskt.com.vn/
Connection: keep-alive
Cache-Control: no-cache
Referer: http://xskt.com.vn
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Date: Tue, 23 Jan 2018 18:27:07 GMT
Content-Encoding: gzip
Last-Modified: Thu, 14 Sep 2017 08:47:02 GMT
Server: nginx/1.12.0
ETag: W/"59ba4206-11874"
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=2592000
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Thu, 22 Feb 2018 18:27:07 GMT

GET
H/1.1 200
OK logo.png
xsmb.me/css/images/ 2 KB
3 KB 324ms
244ms Image
image/png 210.211.98.16
CHT Compamy Ltd

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://xsmb.me/css/images/logo.png
Requested by: Host: xsmb.me
URL: http://xsmb.me/
Protocol: HTTP/1.1
Server: 210.211.98.16 Ho Chi Minh City, Viet Nam, ASN38731 (VTDC-AS-VN Vietel - CHT Compamy Ltd, VN),
Reverse DNS
Software: nginx/1.12.0 /
Resource Hash: 054b832eb4c07610e59a38af9669cadc9fc26d40fcdc2a9c55040e6ad2a3b563

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: xsmb.me
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: http://xskt.com.vn/
Connection: keep-alive
Cache-Control: no-cache
Referer: http://xskt.com.vn
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Date: Tue, 23 Jan 2018 18:27:08 GMT
Last-Modified: Wed, 06 Jul 2016 04:37:28 GMT
Server: nginx/1.12.0
ETag: "577c8b08-981"
Content-Type: image/png
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2433
Expires: Thu, 22 Feb 2018 18:27:08 GMT

GET
H/1.1 200
OK hot2.gif
xsmb.me/css/images/ 197 B
506 B 491ms
245ms Image
image/gif 210.211.98.16
CHT Compamy Ltd

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://xsmb.me/css/images/hot2.gif
Requested by: Host: xsmb.me
URL: http://xsmb.me/
Protocol: HTTP/1.1
Server: 210.211.98.16 Ho Chi Minh City, Viet Nam, ASN38731 (VTDC-AS-VN Vietel - CHT Compamy Ltd, VN),
Reverse DNS
Software: nginx/1.12.0 /
Resource Hash: 5d53ad980c61e383ebe6496cebc2d7c618cd128344b2d549b67215d7c9e67522

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: xsmb.me
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: http://xskt.com.vn/
Connection: keep-alive
Cache-Control: no-cache
Referer: http://xskt.com.vn
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Date: Tue, 23 Jan 2018 18:27:08 GMT
Last-Modified: Fri, 01 Jul 2016 04:57:02 GMT
Server: nginx/1.12.0
ETag: "5775f81e-c5"
Content-Type: image/gif
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 197
Expires: Thu, 22 Feb 2018 18:27:08 GMT

GET
H/1.1 200
OK click.gif
xsmb.me/css/images/ 1 KB
2 KB 491ms
245ms Image
image/gif 210.211.98.16
CHT Compamy Ltd

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://xsmb.me/css/images/click.gif
Requested by: Host: xsmb.me
URL: http://xsmb.me/
Protocol: HTTP/1.1
Server: 210.211.98.16 Ho Chi Minh City, Viet Nam, ASN38731 (VTDC-AS-VN Vietel - CHT Compamy Ltd, VN),
Reverse DNS
Software: nginx/1.12.0 /
Resource Hash: eef77dd538124c8ada7e993acad7d5c9dc69e47b3712bcd80e19a3b2ab4425d2

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: xsmb.me
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: http://xskt.com.vn/
Connection: keep-alive
Cache-Control: no-cache
Referer: http://xskt.com.vn
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Date: Tue, 23 Jan 2018 18:27:08 GMT
Last-Modified: Fri, 01 Jul 2016 04:57:02 GMT
Server: nginx/1.12.0
ETag: "5775f81e-540"
Content-Type: image/gif
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1344
Expires: Thu, 22 Feb 2018 18:27:08 GMT

GET
H/1.1 200
OK xsmb-300x9-3.gif
xsmb.me/images/ 18 KB
19 KB 491ms
245ms Image
image/gif 210.211.98.16
CHT Compamy Ltd

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://xsmb.me/images/xsmb-300x9-3.gif
Requested by: Host: xsmb.me
URL: http://xsmb.me/
Protocol: HTTP/1.1
Server: 210.211.98.16 Ho Chi Minh City, Viet Nam, ASN38731 (VTDC-AS-VN Vietel - CHT Compamy Ltd, VN),
Reverse DNS
Software: nginx/1.12.0 /
Resource Hash: 0ee776172c409c9263c5f74ed3a527032fd3a2a7153dd2081c4d1fc3bb598a4e

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: xsmb.me
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: http://xskt.com.vn/
Connection: keep-alive
Cache-Control: no-cache
Referer: http://xskt.com.vn
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Date: Tue, 23 Jan 2018 18:27:08 GMT
Last-Modified: Tue, 05 Sep 2017 09:12:45 GMT
Server: nginx/1.12.0
ETag: "59ae6a8d-492e"
Content-Type: image/gif
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 18734
Expires: Thu, 22 Feb 2018 18:27:08 GMT

GET
H/1.1 200
OK icon-android.png
xsmb.me/images/ 2 KB
2 KB 490ms
244ms Image
image/png 210.211.98.16
CHT Compamy Ltd

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://xsmb.me/images/icon-android.png
Requested by: Host: xsmb.me
URL: http://xsmb.me/
Protocol: HTTP/1.1
Server: 210.211.98.16 Ho Chi Minh City, Viet Nam, ASN38731 (VTDC-AS-VN Vietel - CHT Compamy Ltd, VN),
Reverse DNS
Software: nginx/1.12.0 /
Resource Hash: 328d31c6b53eeab86ddb7a62b413f370cc8b0ac900257ebb6e598989aec431d9

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: xsmb.me
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: http://xskt.com.vn/
Connection: keep-alive
Cache-Control: no-cache
Referer: http://xskt.com.vn
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Date: Tue, 23 Jan 2018 18:27:08 GMT
Last-Modified: Fri, 26 May 2017 06:58:39 GMT
Server: nginx/1.12.0
ETag: "5927d21f-812"
Content-Type: image/png
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2066
Expires: Thu, 22 Feb 2018 18:27:08 GMT

GET
H/1.1 200
OK icon-ios.png
xsmb.me/images/ 1 KB
1 KB 244ms
244ms Image
image/png 210.211.98.16
CHT Compamy Ltd

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://xsmb.me/images/icon-ios.png
Requested by: Host: xsmb.me
URL: http://xsmb.me/
Protocol: HTTP/1.1
Server: 210.211.98.16 Ho Chi Minh City, Viet Nam, ASN38731 (VTDC-AS-VN Vietel - CHT Compamy Ltd, VN),
Reverse DNS
Software: nginx/1.12.0 /
Resource Hash: d7d387bcc507ef571e7bf75ebba2c86376f606d4bbe7b0a2db81e876654de796

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: xsmb.me
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: http://xskt.com.vn/
Cookie: _ga=GA1.2.167419156.1516732024; _gid=GA1.2.361483502.1516732024; _gat=1
Connection: keep-alive
Cache-Control: no-cache
Referer: http://xskt.com.vn
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Date: Tue, 23 Jan 2018 18:27:08 GMT
Last-Modified: Fri, 26 May 2017 06:58:39 GMT
Server: nginx/1.12.0
ETag: "5927d21f-446"
Content-Type: image/png
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1094
Expires: Thu, 22 Feb 2018 18:27:08 GMT

GET
S 200 platform.js Show response
apis.google.com/js/ 43 KB
17 KB 69ms
43ms Script
application/javascript 172.217.16.206
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/js/platform.js

Requested by

Host: xsmb.me
URL: http://xsmb.me/

Protocol

SPDY

Server

172.217.16.206 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra16s08-in-f206.1e100.net

Software

ESF /

Resource Hash

36aaf637892b0fbb0a9381ee88feceb49f3999982d969bd818c4c77914b3a323

Security Headers

Name	Value
Content-Security-Policy	script-src 'unsafe-inline' 'unsafe-eval' 'self' https://*.gstatic.com https://www.google-analytics.com https://pagead2.googleadservices.com https://pagead2.googlesyndication.com https://tpc.googlesyndication.com https://s.ytimg.com https://www.youtube.com;report-uri /_/cspreport/es_oz_20180121.19_p0
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: http://xskt.com.vn
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

content-security-policy: script-src 'unsafe-inline' 'unsafe-eval' 'self' https://*.gstatic.com https://www.google-analytics.com https://pagead2.googleadservices.com https://pagead2.googlesyndication.com https://tpc.googlesyndication.com https://s.ytimg.com https://www.youtube.com;report-uri /_/cspreport/es_oz_20180121.19_p0
content-encoding: gzip
x-content-type-options: nosniff
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
status: 200
alt-svc: hq=":443"; ma=2592000; quic=51303431; quic=51303339; quic=51303338; quic=51303337; quic=51303335,quic=":443"; ma=2592000; v="41,39,38,37,35"
x-xss-protection: 1; mode=block
x-ua-compatible: IE=edge, chrome=1
server: ESF
x-frame-options: SAMEORIGIN
date: Tue, 23 Jan 2018 18:27:03 GMT
strict-transport-security: max-age=31536000
content-type: application/javascript; charset=utf-8
cache-control: private, max-age=1800, stale-while-revalidate=1800
etag: "6b06c644e61e31403fadc9495693a1b4"
timing-allow-origin: *
expires: Tue, 23 Jan 2018 18:27:03 GMT

GET
H/1.1 200
OK jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/2.1.3/ 82 KB
30 KB 6ms
5ms Script
text/javascript 216.58.207.74
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

http://ajax.googleapis.com/ajax/libs/jquery/2.1.3/jquery.min.js

Requested by

Host: xsmb.me
URL: http://xsmb.me/

Protocol

HTTP/1.1

Server

216.58.207.74 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra16s25-in-f10.1e100.net

Software

sffe /

Resource Hash

8af93bd675e1cfd9ecc850e862819fdac6e3ad1f5d761f970e409c7d9c63bdc3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://xskt.com.vn
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Date: Mon, 11 Dec 2017 09:13:36 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Tue, 20 Dec 2016 18:17:03 GMT
Server: sffe
Age: 3748407
Vary: Accept-Encoding
Content-Type: text/javascript; charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000, stale-while-revalidate=2592000
Accept-Ranges: bytes
Timing-Allow-Origin: *
Content-Length: 29707
X-XSS-Protection: 1; mode=block
Expires: Tue, 11 Dec 2018 09:13:36 GMT

GET
H/1.1 200
OK jquery-ui.min.js Show response
ajax.googleapis.com/ajax/libs/jqueryui/1.11.4/ 235 KB
63 KB 9ms
9ms Script
text/javascript 216.58.207.74
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

http://ajax.googleapis.com/ajax/libs/jqueryui/1.11.4/jquery-ui.min.js

Requested by

Host: xsmb.me
URL: http://xsmb.me/

Protocol

HTTP/1.1

Server

216.58.207.74 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra16s25-in-f10.1e100.net

Software

sffe /

Resource Hash

c4d8dbe77feb63e5a61bee0bead4e5f66e8fa6a927599bd1b74aced52467273c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://xskt.com.vn
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Date: Thu, 07 Dec 2017 09:28:32 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Tue, 20 Dec 2016 18:17:03 GMT
Server: sffe
Age: 4093111
Vary: Accept-Encoding
Content-Type: text/javascript; charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000, stale-while-revalidate=2592000
Accept-Ranges: bytes
Timing-Allow-Origin: *
Content-Length: 64481
X-XSS-Protection: 1; mode=block
Expires: Fri, 07 Dec 2018 09:28:32 GMT

GET
H/1.1 200
OK xsmn.min.js Show response
xsmb.me/js/ 14 KB
4 KB 412ms
245ms Script
application/javascript 210.211.98.16
CHT Compamy Ltd

General

Check archive.org

Show headers Download Go to

Full URL: http://xsmb.me/js/xsmn.min.js?v=1502444768
Requested by: Host: xsmb.me
URL: http://xsmb.me/
Protocol: HTTP/1.1
Server: 210.211.98.16 Ho Chi Minh City, Viet Nam, ASN38731 (VTDC-AS-VN Vietel - CHT Compamy Ltd, VN),
Reverse DNS
Software: nginx/1.12.0 /
Resource Hash: 1265bb5622e1d385f5e575aceb3a4358fcd1cf2003db583d50f4781a46732f9c

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: xsmb.me
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
Accept: */*
Referer: http://xskt.com.vn/
Connection: keep-alive
Cache-Control: no-cache
Referer: http://xskt.com.vn
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Date: Tue, 23 Jan 2018 18:27:07 GMT
Content-Encoding: gzip
Last-Modified: Fri, 11 Aug 2017 09:46:08 GMT
Server: nginx/1.12.0
ETag: W/"598d7ce0-3831"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=2592000
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Thu, 22 Feb 2018 18:27:07 GMT

GET
S 200 fbevents.js Show response
connect.facebook.net/en_US/ 37 KB
13 KB 18ms
6ms Script
application/x-javascript 185.60.216.19
Facebook

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: xsmb.me
URL: http://xsmb.me/

Protocol

SPDY

Server

185.60.216.19 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),

Reverse DNS

Software

Resource Hash

0ee23d789a50d2a3213f301b929b9803f8ae1d4e661ad3fc75d5ce1facfe6408

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob:;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' fbstatic-a.akamaihd.net fbcdn-static-b-a.akamaihd.net .atlassolutions.com blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com:* .akamaihd.net wss://.facebook.com:* https://fb.scanandcleanlocal.com:* .atlassolutions.com attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';report-uri https://www.facebook.net/csp.php
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: http://xskt.com.vn
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

content-security-policy: default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' fbstatic-a.akamaihd.net fbcdn-static-b-a.akamaihd.net *.atlassolutions.com blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* *.akamaihd.net wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* *.atlassolutions.com attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';report-uri https://www.facebook.net/csp.php
content-encoding: gzip
x-content-type-options: nosniff
status: 200
vary: Origin, Accept-Encoding
content-length: 12106
x-xss-protection: 0
pragma: public
x-fb-debug: C4zMi4DMjvI63WFOOO/rEKdcN0y24SyE8h5ljPxMPGhxbyiO41hmBStLfojOvzISfwSjPFU34KjgR9glDXMMWw==
x-frame-options: DENY
date: Tue, 23 Jan 2018 18:27:03 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
access-control-allow-methods: OPTIONS
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://connect.facebook.net
access-control-expose-headers: X-FB-Debug, X-Loader-Length
cache-control: public, max-age=1200
access-control-allow-credentials: true
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
S 200 integrator.js Show response
adservice.google.de/adsid/ 108 B
174 B 14ms
14ms Script
application/javascript 216.58.205.226
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=xsmb.me

Requested by

Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

SPDY

Server

216.58.205.226 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra15s24-in-f2.1e100.net

Software

cafe /

Resource Hash

fcc6715e9b73cb3c1c1b8042fb590efc76697e6187fcada5c5315180252f98d8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://xskt.com.vn
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 23 Jan 2018 18:27:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: hq="googleads.g.doubleclick.net:443"; ma=2592000; quic=51303431; quic=51303339; quic=51303338; quic=51303337; quic=51303335,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="41,39,38,37,35",hq=":443"; ma=2592000; quic=51303431; quic=51303339; quic=51303338; quic=51303337; quic=51303335,quic=":443"; ma=2592000; v="41,39,38,37,35"
content-length: 107
x-xss-protection: 1; mode=block

GET
S 200 integrator.js Show response
adservice.google.com/adsid/ 108 B
174 B 14ms
14ms Script
application/javascript 216.58.205.226
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=xsmb.me

Requested by

Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

SPDY

Server

216.58.205.226 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra15s24-in-f2.1e100.net

Software

cafe /

Resource Hash

fcc6715e9b73cb3c1c1b8042fb590efc76697e6187fcada5c5315180252f98d8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://xskt.com.vn
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 23 Jan 2018 18:27:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: hq="googleads.g.doubleclick.net:443"; ma=2592000; quic=51303431; quic=51303339; quic=51303338; quic=51303337; quic=51303335,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="41,39,38,37,35",hq=":443"; ma=2592000; quic=51303431; quic=51303339; quic=51303338; quic=51303337; quic=51303335,quic=":443"; ma=2592000; v="41,39,38,37,35"
content-length: 107
x-xss-protection: 1; mode=block

GET
S 200 211265126009296 Show response
connect.facebook.net/signals/config/ 55 KB
15 KB 49ms
49ms Script
application/x-javascript 185.60.216.19
Facebook

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/211265126009296?v=2.8.8&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

SPDY

Server

185.60.216.19 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),

Reverse DNS

Software

Resource Hash

91218cfb85422e17e6765229114aa01169317c8235f906f50eda98e3677848ed

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob:;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' fbstatic-a.akamaihd.net fbcdn-static-b-a.akamaihd.net .atlassolutions.com blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com:* .akamaihd.net wss://.facebook.com:* https://fb.scanandcleanlocal.com:* .atlassolutions.com attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: http://xskt.com.vn
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

content-security-policy: default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' fbstatic-a.akamaihd.net fbcdn-static-b-a.akamaihd.net *.atlassolutions.com blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* *.akamaihd.net wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* *.atlassolutions.com attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
content-encoding: gzip
x-content-type-options: nosniff
status: 200
vary: Origin, Accept-Encoding
x-xss-protection: 0
pragma: public
x-fb-debug: YJkWeD9aJv/53qm/qcekUiiCZlsIO5uADWqCLBcZVdsy19bbvgy8NSluZcr+2ZXZGppOFPEzHbgm9FlH89LvJQ==
x-frame-options: DENY
date: Tue, 23 Jan 2018 18:27:03 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
access-control-allow-methods: OPTIONS
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://connect.facebook.net
access-control-expose-headers: X-FB-Debug, X-Loader-Length
cache-control: public, max-age=1200
access-control-allow-credentials: true
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
S 200 /
www.facebook.com/tr/ 44 B
291 B 19ms
6ms Image
image/gif 185.60.216.35
Facebook

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.facebook.com/tr/?id=211265126009296&ev=PageView&dl=http%3A%2F%2Fxsmb.me%2F&rl=http%3A%2F%2Fxskt.com.vn&if=false&ts=1516732023388&sw=1600&sh=1200&v=2.8.8&r=stable&ec=0&o=28&it=1516732023314
Requested by: Host: xsmb.me
URL: http://xsmb.me/
Protocol: SPDY
Server: 185.60.216.35 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software: proxygen /
Resource Hash: 10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Request headers

Referer: http://xskt.com.vn
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

date: Tue, 23 Jan 2018 18:27:03 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen
content-type: image/gif
status: 200
cache-control: no-cache, must-revalidate, max-age=0
content-length: 44
expires: Tue, 23 Jan 2018 18:27:03 GMT

GET
H/1.1 200
OK ics.png
xsmb.me/css/images/ 4 KB
5 KB 411ms
244ms Image
image/png 210.211.98.16
CHT Compamy Ltd

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://xsmb.me/css/images/ics.png
Requested by: Host: xsmb.me
URL: http://xsmb.me/
Protocol: HTTP/1.1
Server: 210.211.98.16 Ho Chi Minh City, Viet Nam, ASN38731 (VTDC-AS-VN Vietel - CHT Compamy Ltd, VN),
Reverse DNS
Software: nginx/1.12.0 /
Resource Hash: eb3d45d5a1c2702b9eb25d43b10a259987962271226e7ab0b11e4145ca09b93e

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: xsmb.me
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: http://xskt.com.vn/
Connection: keep-alive
Cache-Control: no-cache
Referer: http://xskt.com.vn
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Date: Tue, 23 Jan 2018 18:27:08 GMT
Last-Modified: Wed, 15 Feb 2017 01:19:10 GMT
Server: nginx/1.12.0
ETag: "58a3ac8e-10df"
Content-Type: image/png
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 4319
Expires: Thu, 22 Feb 2018 18:27:08 GMT

GET
S

200

analytics.js Show response
www.google-analytics.com/
Redirect Chain

http://www.google-analytics.com/analytics.js
https://www.google-analytics.com/analytics.js

35 KB
14 KB

6ms
6ms

Script
text/javascript

172.217.23.142
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: xsmb.me
URL: http://xsmb.me/

Protocol

SPDY

Server

172.217.23.142 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra16s18-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

f8ef655ef916e39713ede9c6db56d7ca5618bd82cf5ac991dcd013f05e0fdfc7

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: http://xskt.com.vn
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 13 Nov 2017 20:19:12 GMT
server: Golfe2
age: 1908
date: Tue, 23 Jan 2018 17:55:15 GMT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=7200
timing-allow-origin: *
alt-svc: hq=":443"; ma=2592000; quic=51303431; quic=51303339; quic=51303338; quic=51303337; quic=51303335,quic=":443"; ma=2592000; v="41,39,38,37,35"
content-length: 14597
expires: Tue, 23 Jan 2018 19:55:15 GMT

Redirect headers

Location: https://www.google-analytics.com/analytics.js
Non-Authoritative-Reason: HSTS

GET
S 200 pubads_impl_173.js Show response
securepubads.g.doubleclick.net/gpt/ 178 KB
63 KB 68ms
45ms Script
text/javascript 172.217.22.2
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_173.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

SPDY

Server

172.217.22.2 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra16s14-in-f2.1e100.net

Software

sffe /

Resource Hash

ddb769c3890511b2f212be39e07999ed414c193c28041723293ae822ebcfc91e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://xskt.com.vn
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

date: Tue, 23 Jan 2018 18:27:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 09 Jan 2018 21:38:26 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: hq=":443"; ma=2592000; quic=51303431; quic=51303339; quic=51303338; quic=51303337; quic=51303335,quic=":443"; ma=2592000; v="41,39,38,37,35"
content-length: 63980
x-xss-protection: 1; mode=block
expires: Tue, 23 Jan 2018 18:27:03 GMT

GET
S

200

collect
www.google-analytics.com/r/
Redirect Chain

http://www.google-analytics.com/r/collect?v=1&_v=j66&a=1796507711&t=pageview&_s=1&dl=http%3A%2F%2Fxsmb.me%2F&dr=http%3A%2F%2Fxskt.com.vn&ul=en-us&de=UTF-8&dt=X%E1%BB%95%20s%E1%BB%91%203%20mi%E1%BB%...
https://www.google-analytics.com/r/collect?v=1&_v=j66&a=1796507711&t=pageview&_s=1&dl=http%3A%2F%2Fxsmb.me%2F&dr=http%3A%2F%2Fxskt.com.vn&ul=en-us&de=UTF-8&dt=X%E1%BB%95%20s%E1%BB%91%203%20mi%E1%BB...

35 B
101 B

14ms
14ms

Image
image/gif

172.217.23.142
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/r/collect?v=1&_v=j66&a=1796507711&t=pageview&_s=1&dl=http%3A%2F%2Fxsmb.me%2F&dr=http%3A%2F%2Fxskt.com.vn&ul=en-us&de=UTF-8&dt=X%E1%BB%95%20s%E1%BB%91%203%20mi%E1%BB%81n%20-%20KQXS%20-%20XSKT%20-%20XS3M%20-%20K%E1%BA%BFt%20qu%E1%BA%A3%20x%E1%BB%95%20s%E1%BB%91%20ki%E1%BA%BFn%20thi%E1%BA%BFt%20h%C3%B4m%20nay&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&_u=IEBAAEAB~&jid=924462534&gjid=903888708&cid=167419156.1516732024&tid=UA-80240517-1&_gid=361483502.1516732024&_r=1&z=504161913

Requested by

Host: xsmb.me
URL: http://xsmb.me/

Protocol

SPDY

Server

172.217.23.142 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra16s18-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: http://xskt.com.vn
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 23 Jan 2018 18:27:03 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
status: 200
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
alt-svc: hq=":443"; ma=2592000; quic=51303431; quic=51303339; quic=51303338; quic=51303337; quic=51303335,quic=":443"; ma=2592000; v="41,39,38,37,35"
content-length: 35
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://www.google-analytics.com/r/collect?v=1&_v=j66&a=1796507711&t=pageview&_s=1&dl=http%3A%2F%2Fxsmb.me%2F&dr=http%3A%2F%2Fxskt.com.vn&ul=en-us&de=UTF-8&dt=X%E1%BB%95%20s%E1%BB%91%203%20mi%E1%BB%81n%20-%20KQXS%20-%20XSKT%20-%20XS3M%20-%20K%E1%BA%BFt%20qu%E1%BA%A3%20x%E1%BB%95%20s%E1%BB%91%20ki%E1%BA%BFn%20thi%E1%BA%BFt%20h%C3%B4m%20nay&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&_u=IEBAAEAB~&jid=924462534&gjid=903888708&cid=167419156.1516732024&tid=UA-80240517-1&_gid=361483502.1516732024&_r=1&z=504161913
Non-Authoritative-Reason: HSTS

GET
H/1.1 200
OK ui-bg_highlight-soft_100_eeeeee_1x100.png
xsmb.me/css/css/images/ 278 B
588 B 244ms
244ms Image
image/png 210.211.98.16
CHT Compamy Ltd

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://xsmb.me/css/css/images/ui-bg_highlight-soft_100_eeeeee_1x100.png
Requested by: Host: xsmb.me
URL: http://xsmb.me/
Protocol: HTTP/1.1
Server: 210.211.98.16 Ho Chi Minh City, Viet Nam, ASN38731 (VTDC-AS-VN Vietel - CHT Compamy Ltd, VN),
Reverse DNS
Software: nginx/1.12.0 /
Resource Hash: f34ac7dad709c9ba69ac7d7390720dd54fda56151c64e73d9aff4e1186af8510

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: xsmb.me
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: http://xskt.com.vn/
Cookie: _ga=GA1.2.167419156.1516732024; _gid=GA1.2.361483502.1516732024; _gat=1
Connection: keep-alive
Cache-Control: no-cache
Referer: http://xskt.com.vn
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Date: Tue, 23 Jan 2018 18:27:08 GMT
Last-Modified: Wed, 06 Jul 2016 09:15:46 GMT
Server: nginx/1.12.0
ETag: "577ccc42-116"
Content-Type: image/png
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 278
Expires: Thu, 22 Feb 2018 18:27:08 GMT

GET
DATA 200
OK truncated
/ 172 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d3b1ef092c45b1191cb15dbfeb6c7b9cfef1525022df4143036abf8b2eb13a71

Request headers

referer: http://xskt.com.vn

Response headers

Access-Control-Allow-Origin: *
Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 439 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1210ad7a47a5ab764a2db08ff4864ade4abb6a0617525cb25309780f9be5458a

Request headers

referer: http://xskt.com.vn

Response headers

Access-Control-Allow-Origin: *
Content-Type: image/png

GET
S 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 179 KB
27 KB 381ms
380ms Script
text/javascript 172.217.22.2
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&correlator=329629678121112&output=json_html&callback=googletag.impl.pubads.callbackProxy1&impl=fifs&adsid=NT&json_a=1&eid=21060362%2C21061149&sc=0&sfv=1-0-15&iu_parts=117390890%2Cxsmb-header%2Cxsmb-right-1%2Cxsmb-midle-live-1%2Cxsmb-cat-1%2Cxsmb-me-live-2%2Cxsmb-me-live-3%2Cxsmb-cat-2%2Cxsmb-article%2Cxsmb-statistic%2Cxsmb-right-2&enc_prev_ius=%2F0%2F1%2C%2F0%2F2%2C%2F0%2F3%2C%2F0%2F4%2C%2F0%2F5%2C%2F0%2F6%2C%2F0%2F7%2C%2F0%2F8%2C%2F0%2F9%2C%2F0%2F10&prev_iu_szs=728x90%2C300x250%2C300x250%2C300x250%2C300x250%2C300x250%2C300x250%2C300x250%2C300x250%2C320x100&cookie_enabled=1&abxe=1&lmt=1516730461&dt=1516732023886&frm=20&biw=1585&bih=1200&oid=3&adxs=429%2C974%2C488%2C-9%2C488%2C488%2C-9%2C-9%2C-9%2C974&adys=78%2C1314%2C748%2C-9%2C1291%2C2117%2C-9%2C-9%2C-9%2C1564&adks=939963270%2C467877560%2C2258558940%2C2105972982%2C2813670427%2C1545518062%2C3082229278%2C2338777367%2C2922168204%2C1976149622&gut=v2&ifi=1&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=http%3A%2F%2Fxsmb.me%2F&ref=http%3A%2F%2Fxskt.com.vn&dssz=34&icsg=164355&std=0&vrg=173&vis=1&scr_x=0&scr_y=0&ga_vid=167419156.1516732024&ga_sid=1516732024&ga_hid=1796507711

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_173.js

Protocol

SPDY

Server

172.217.22.2 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra16s14-in-f2.1e100.net

Software

cafe /

Resource Hash

024b50990392a113a0032dac8ae51f4a2857a9e0b46a1ee5f34b01173120b577

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://xskt.com.vn
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

date: Tue, 23 Jan 2018 18:27:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
google-mediationgroup-id: -2,-2,-2,-2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: hq=":443"; ma=2592000; quic=51303431; quic=51303339; quic=51303338; quic=51303337; quic=51303335,quic=":443"; ma=2592000; v="41,39,38,37,35"
content-length: 27268
x-xss-protection: 1; mode=block
google-lineitem-id: -1,-1,110409130,-1,4362034956,-1,-1,4364860682,-1,4493299390
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -1,-1,138221161118,-1,138213224383,-1,-1,138221568404,-1,138217399184
content-type: text/javascript; charset=UTF-8
cache-control: no-cache, must-revalidate
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
S 200 pubads_impl_rendering_173.js Show response
securepubads.g.doubleclick.net/gpt/ 33 KB
13 KB 40ms
40ms Script
text/javascript 172.217.22.2
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_173.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_173.js

Protocol

SPDY

Server

172.217.22.2 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra16s14-in-f2.1e100.net

Software

sffe /

Resource Hash

643265847777ab36f618e1ff5dfd58b1547dec1676d3a233a1554747e4d91d88

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://xskt.com.vn
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

date: Tue, 23 Jan 2018 18:27:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 09 Jan 2018 21:38:26 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: hq=":443"; ma=2592000; quic=51303431; quic=51303339; quic=51303338; quic=51303337; quic=51303335,quic=":443"; ma=2592000; v="41,39,38,37,35"
content-length: 12741
x-xss-protection: 1; mode=block
expires: Tue, 23 Jan 2018 18:27:03 GMT

GET
H/1.1 200
OK container.html
tpc.googlesyndication.com/safeframe/1-0-15/html/ 0
0 19ms
7ms Other
text/html 172.217.22.1
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

http://tpc.googlesyndication.com/safeframe/1-0-15/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_173.js

Protocol

HTTP/1.1

Server

172.217.22.1 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra16s14-in-f1.1e100.net

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Purpose: prefetch
Referer: http://xskt.com.vn
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Date: Fri, 12 Jan 2018 16:47:27 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Wed, 10 Jan 2018 20:47:08 GMT
Server: sffe
Age: 956376
Vary: Accept-Encoding
Content-Type: text/html
Cache-Control: public, immutable, max-age=31536000
Accept-Ranges: bytes
Timing-Allow-Origin: *
Content-Length: 1453
X-XSS-Protection: 1; mode=block
Expires: Sat, 12 Jan 2019 16:47:27 GMT

GET
H/1.1 200
OK osd.js Show response
pagead2.googlesyndication.com/pagead/ 83 KB
30 KB 6ms
5ms Script
text/javascript 216.58.210.2
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

http://pagead2.googlesyndication.com/pagead/osd.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_173.js

Protocol

HTTP/1.1

Server

216.58.210.2 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra16s07-in-f2.1e100.net

Software

cafe /

Resource Hash

af583ba439f2ae017bc3c259ec35efd7a6c22b69c36b1edb7c6a46d576befefc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://xskt.com.vn
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Timing-Allow-Origin: *
Date: Tue, 23 Jan 2018 18:18:14 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: cafe
Age: 530
ETag: 15648377097031356754
P3P: policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Cache-Control: public, max-age=3600
Content-Disposition: attachment; filename="f.txt"
Content-Type: text/javascript; charset=UTF-8
Content-Length: 30434
X-XSS-Protection: 1; mode=block
Expires: Tue, 23 Jan 2018 19:18:14 GMT

GET
S 200 m_window_focus_non_hydra.js Show response
tpc.googlesyndication.com/pagead/js/r20180118/r20110914/client/ext/ Frame (AF2 3 KB
1 KB 51ms
0ms Script
text/javascript 172.217.22.1
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20180118/r20110914/client/ext/m_window_focus_non_hydra.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_173.js

Protocol

SPDY

Server

172.217.22.1 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra16s14-in-f1.1e100.net

Software

cafe /

Resource Hash

f17c52d128492e3041982fb68e8aef913b60dacdffae62cb260af2a67eaec603

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://xskt.com.vn
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

date: Thu, 18 Jan 2018 14:04:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 447739
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: hq=":443"; ma=2592000; quic=51303431; quic=51303339; quic=51303338; quic=51303337; quic=51303335,quic=":443"; ma=2592000; v="41,39,38,37,35"
content-length: 1203
x-xss-protection: 1; mode=block
server: cafe
etag: 2112876643077467119
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 01 Feb 2018 14:04:45 GMT

GET
S 200 osd_listener.js Show response
tpc.googlesyndication.com/pagead/js/r20180118/r20180118/activeview/ Frame (AF2 33 KB
13 KB 49ms
0ms Script
text/javascript 172.217.22.1
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20180118/r20180118/activeview/osd_listener.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_173.js

Protocol

SPDY

Server

172.217.22.1 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra16s14-in-f1.1e100.net

Software

cafe /

Resource Hash

2cbd83356ddca15fa67eb1fdf7741603f27567e9e9dd7352036b699e70760cb2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://xskt.com.vn
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

date: Fri, 19 Jan 2018 15:16:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 357012
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: hq=":443"; ma=2592000; quic=51303431; quic=51303339; quic=51303338; quic=51303337; quic=51303335,quic=":443"; ma=2592000; v="41,39,38,37,35"
content-length: 12963
x-xss-protection: 1; mode=block
server: cafe
etag: 18004396436942889959
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 02 Feb 2018 15:16:52 GMT

GET
S 200 14610864894927201252
tpc.googlesyndication.com/simgad/ Frame (AF2 467 KB
467 KB 53ms
2ms Image
image/gif 172.217.22.1
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/14610864894927201252

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_173.js

Protocol

SPDY

Server

172.217.22.1 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra16s14-in-f1.1e100.net

Software

sffe /

Resource Hash

0543360ab453c8f578006674eb54a527ed64597a5b4304c73e64f5692bc3e3ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://xskt.com.vn
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

date: Thu, 18 Jan 2018 04:18:01 GMT
x-content-type-options: nosniff
last-modified: Wed, 27 Dec 2017 07:06:39 GMT
server: sffe
age: 482943
status: 200
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: hq=":443"; ma=2592000; quic=51303431; quic=51303339; quic=51303338; quic=51303337; quic=51303335,quic=":443"; ma=2592000; v="41,39,38,37,35"
content-length: 478009
x-xss-protection: 1; mode=block
expires: Fri, 18 Jan 2019 04:18:01 GMT

GET
S 200 m_window_focus_non_hydra.js Show response
tpc.googlesyndication.com/pagead/js/r20180118/r20110914/client/ext/ Frame (FB0 3 KB
1 KB 45ms
0ms Script
text/javascript 172.217.22.1
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20180118/r20110914/client/ext/m_window_focus_non_hydra.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_173.js

Protocol

SPDY

Server

172.217.22.1 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra16s14-in-f1.1e100.net

Software

cafe /

Resource Hash

f17c52d128492e3041982fb68e8aef913b60dacdffae62cb260af2a67eaec603

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://xskt.com.vn
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

date: Thu, 18 Jan 2018 14:04:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 447739
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: hq=":443"; ma=2592000; quic=51303431; quic=51303339; quic=51303338; quic=51303337; quic=51303335,quic=":443"; ma=2592000; v="41,39,38,37,35"
content-length: 1203
x-xss-protection: 1; mode=block
server: cafe
etag: 2112876643077467119
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 01 Feb 2018 14:04:45 GMT

GET
S 200 osd_listener.js Show response
tpc.googlesyndication.com/pagead/js/r20180118/r20180118/activeview/ Frame (FB0 33 KB
13 KB 46ms
0ms Script
text/javascript 172.217.22.1
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20180118/r20180118/activeview/osd_listener.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_173.js

Protocol

SPDY

Server

172.217.22.1 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra16s14-in-f1.1e100.net

Software

cafe /

Resource Hash

2cbd83356ddca15fa67eb1fdf7741603f27567e9e9dd7352036b699e70760cb2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://xskt.com.vn
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

date: Fri, 19 Jan 2018 15:16:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 357012
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: hq=":443"; ma=2592000; quic=51303431; quic=51303339; quic=51303338; quic=51303337; quic=51303335,quic=":443"; ma=2592000; v="41,39,38,37,35"
content-length: 12963
x-xss-protection: 1; mode=block
server: cafe
etag: 18004396436942889959
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 02 Feb 2018 15:16:52 GMT

GET
S 200 2891333713372867891
tpc.googlesyndication.com/simgad/ Frame (FB0 34 KB
34 KB 46ms
0ms Image
image/gif 172.217.22.1
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/2891333713372867891

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_173.js

Protocol

SPDY

Server

172.217.22.1 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra16s14-in-f1.1e100.net

Software

sffe /

Resource Hash

e3111abbc45dbdfcc17ce628e4774c173125eff5d5925fa2ab79ea4341dfe1a7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://xskt.com.vn
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

date: Tue, 16 Jan 2018 13:15:02 GMT
x-content-type-options: nosniff
last-modified: Fri, 06 Oct 2017 10:07:28 GMT
server: sffe
age: 623522
status: 200
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: hq=":443"; ma=2592000; quic=51303431; quic=51303339; quic=51303338; quic=51303337; quic=51303335,quic=":443"; ma=2592000; v="41,39,38,37,35"
content-length: 34644
x-xss-protection: 1; mode=block
expires: Wed, 16 Jan 2019 13:15:02 GMT

GET
S 200 m_window_focus_non_hydra.js Show response
tpc.googlesyndication.com/pagead/js/r20180118/r20110914/client/ext/ Frame (397 3 KB
1 KB 40ms
35ms Script
text/javascript 172.217.22.1
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20180118/r20110914/client/ext/m_window_focus_non_hydra.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_173.js

Protocol

SPDY

Server

172.217.22.1 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra16s14-in-f1.1e100.net

Software

cafe /

Resource Hash

f17c52d128492e3041982fb68e8aef913b60dacdffae62cb260af2a67eaec603

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://xskt.com.vn
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

date: Thu, 18 Jan 2018 14:04:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 447739
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: hq=":443"; ma=2592000; quic=51303431; quic=51303339; quic=51303338; quic=51303337; quic=51303335,quic=":443"; ma=2592000; v="41,39,38,37,35"
content-length: 1203
x-xss-protection: 1; mode=block
server: cafe
etag: 2112876643077467119
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 01 Feb 2018 14:04:45 GMT

GET
S 200 osd_listener.js Show response
tpc.googlesyndication.com/pagead/js/r20180118/r20180118/activeview/ Frame (397 33 KB
13 KB 41ms
36ms Script
text/javascript 172.217.22.1
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20180118/r20180118/activeview/osd_listener.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_173.js

Protocol

SPDY

Server

172.217.22.1 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra16s14-in-f1.1e100.net

Software

cafe /

Resource Hash

2cbd83356ddca15fa67eb1fdf7741603f27567e9e9dd7352036b699e70760cb2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://xskt.com.vn
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

date: Fri, 19 Jan 2018 15:16:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 357012
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: hq=":443"; ma=2592000; quic=51303431; quic=51303339; quic=51303338; quic=51303337; quic=51303335,quic=":443"; ma=2592000; v="41,39,38,37,35"
content-length: 12963
x-xss-protection: 1; mode=block
server: cafe
etag: 18004396436942889959
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 02 Feb 2018 15:16:52 GMT

GET
S 200 14968177307136015173
tpc.googlesyndication.com/simgad/ Frame (397 24 KB
24 KB 41ms
36ms Image
image/gif 172.217.22.1
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/14968177307136015173

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_173.js

Protocol

SPDY

Server

172.217.22.1 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra16s14-in-f1.1e100.net

Software

sffe /

Resource Hash

59f81188c9f8969e0c4c480294c71e6e3687edd2d6567f4fc28af85e28f5359f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://xskt.com.vn
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

date: Mon, 25 Dec 2017 13:59:26 GMT
x-content-type-options: nosniff
last-modified: Fri, 17 Nov 2017 08:02:03 GMT
server: sffe
age: 2521658
status: 200
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: hq=":443"; ma=2592000; quic=51303431; quic=51303339; quic=51303338; quic=51303337; quic=51303335,quic=":443"; ma=2592000; v="41,39,38,37,35"
content-length: 24829
x-xss-protection: 1; mode=block
expires: Tue, 25 Dec 2018 13:59:26 GMT

GET
S 200 view
securepubads.g.doubleclick.net/pcs/ Frame (AF2 0
294 B 25ms
20ms Image
text/html 172.217.22.2
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssbxMBKvtOXHmnLtZr32gOJIgMBF-sD_if6cTM5VcRhzTpjXi6Fic5jBPsctAeYxtR7br70Os0Q0Os0hsadHG3hND35tDFHEqCEGCKlWnix_sY3yuqqnLqHNfZkjmEJFK10_M42n95mDQNAMijuJU2W2ZEMAeYACXSVAIIEIX-76u7HheT1BbFFa_FvwAaJsQjrPhII3u7KsO7Oo9CCqq2RCaMUhX01smoRA1HT48Vk0VekEcsOqG0K&sig=Cg0ArKJSzAFA7OvXO4yWEAE&adurl=

Requested by

Host: xsmb.me
URL: http://xsmb.me/

Protocol

SPDY

Server

172.217.22.2 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra16s14-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://xskt.com.vn
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 23 Jan 2018 18:27:04 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
cache-control: private
content-type: text/html; charset=UTF-8
alt-svc: hq=":443"; ma=2592000; quic=51303431; quic=51303339; quic=51303338; quic=51303337; quic=51303335,quic=":443"; ma=2592000; v="41,39,38,37,35"
content-length: 0
x-xss-protection: 1; mode=block
expires: Tue, 23 Jan 2018 18:27:04 GMT

GET
S 200 view
securepubads.g.doubleclick.net/pcs/ Frame (FB0 0
246 B 28ms
23ms Image
text/html 172.217.22.2
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuhjbhcqiVYCDLYGuUTvCExyZv4uWSCqxJJ94shFr189xCXA4NEcQtNstxl1lmPM3X7xfa2nCJXeDOJbg4Sv0Gd17hdBu_dOuf31-2nqAjyDKvL3RcmNMrz0zcpVfXDQYoxXfZZca9lQb0bZc8yd6iCzbHgbBxHy8sEQt3NWNoCT663jlhrVic6WH8ilaRy-TQXIP2-6pnDXdo5iQLWz7aF9XbLkDaVLn8EGJGhz8-CRqltStZjmw&sig=Cg0ArKJSzPqsKSp4TXvUEAE&adurl=

Requested by

Host: xsmb.me
URL: http://xsmb.me/

Protocol

SPDY

Server

172.217.22.2 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra16s14-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://xskt.com.vn
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 23 Jan 2018 18:27:04 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
cache-control: private
content-type: text/html; charset=UTF-8
alt-svc: hq=":443"; ma=2592000; quic=51303431; quic=51303339; quic=51303338; quic=51303337; quic=51303335,quic=":443"; ma=2592000; v="41,39,38,37,35"
content-length: 0
x-xss-protection: 1; mode=block
expires: Tue, 23 Jan 2018 18:27:04 GMT

GET
S 200 view
securepubads.g.doubleclick.net/pcs/ Frame (397 0
245 B 28ms
24ms Image
text/html 172.217.22.2
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjst99ZHp3LwBTnhNPtwKCV8VO7iVsUS6c7lEE41B04ybfb5M9TdvO3ybDMr_tP2-wLeEhZsQO9DJPGV61DjKVwPNjW8QjS0bwQT9iv6uzC4rtjKq1WBlUBhwSWVVIAzh-4iVeTu0hzIOyOL3MJ37DLjoNfzI_kDeg5QISwB6wLRp2lkDdr_NIgRCBT4pPrSYbzLllqn-LOOk-oFAFXX365JnYI9I8MEf1AUY0Qd-eeqFQA&sig=Cg0ArKJSzLhPKrr8bq6UEAE&adurl=

Requested by

Host: xsmb.me
URL: http://xsmb.me/

Protocol

SPDY

Server

172.217.22.2 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra16s14-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://xskt.com.vn
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 23 Jan 2018 18:27:04 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
cache-control: private
content-type: text/html; charset=UTF-8
alt-svc: hq=":443"; ma=2592000; quic=51303431; quic=51303339; quic=51303338; quic=51303337; quic=51303335,quic=":443"; ma=2592000; v="41,39,38,37,35"
content-length: 0
x-xss-protection: 1; mode=block
expires: Tue, 23 Jan 2018 18:27:04 GMT

GET
S 200 activeview
pagead2.googlesyndication.com/pcs/ Frame (AF2 42 B
605 B 37ms
14ms Image
image/gif 172.217.23.162
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssAeS5xrR214QCHAaZSKTBGWcMJOBFheplCftGlp__ApX5DXwjTrDPwkF12LMcXad9igb2U6AsUsXJ1UHzMDeB1rBYq54lV72U&sig=Cg0ArKJSzNKJ2ekIslxxEAE&id=osdim&ti=1&r=v&adk=2258558940&tt=626&bs=1585,1200&mtos=1032,1032,1032,1032,1032&tos=1032,0,0,0,0&p=783,488,1033,788&inapp=0&mcvt=1032&rs=3&ht=0&tfs=110&tls=1142&mc=1&lte=1&bas=0&bac=0&bos=1600,1200&ps=1585,4344&ss=1600,1200&pt=517&deb=1-6-6-18-16-4&tvt=1107&op=1&avms=geo&uc=13&tgt=DIV&cl=1&cec=5&clc=1&cac=0300x250&v=r20180118

Protocol

SPDY

Server

172.217.23.162 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra15s22-in-f162.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://xskt.com.vn
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 23 Jan 2018 18:27:05 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
status: 200
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
content-type: image/gif
alt-svc: hq="googleads.g.doubleclick.net:443"; ma=2592000; quic=51303431; quic=51303339; quic=51303338; quic=51303337; quic=51303335,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="41,39,38,37,35",hq=":443"; ma=2592000; quic=51303431; quic=51303339; quic=51303338; quic=51303337; quic=51303335,quic=":443"; ma=2592000; v="41,39,38,37,35"
content-length: 42
x-xss-protection: 1; mode=block
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

45 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

6 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.doubleclick.net/	1970-01-18 13:18:55	Name: DSID Value: NO_DATA
.xsmb.me/	1970-01-19 06:50:04	Name: _ga Value: GA1.2.167419156.1516732024
.doubleclick.net/	1970-01-18 22:40:28	Name: IDE Value: AHWqTUn3RHFzoezBEBJmK-eaYNCEwZ-l4KyFxiuJnOMat5mYadi6AtpCauXEApLZ
.xsmb.me/	1970-01-19 06:50:04	Name: __gads Value: ID=3124414d1a5d6354:T=1516732023:S=ALNI_Mb6PXAvo1iGO7sv11Qr-Mg5vr3TmA
.xsmb.me/	1970-01-18 13:18:52	Name: _gat Value: 1
.xsmb.me/	1970-01-18 13:20:18	Name: _gid Value: GA1.2.361483502.1516732024

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
adservice.google.de
ajax.googleapis.com
apis.google.com
connect.facebook.net
pagead2.googlesyndication.com
securepubads.g.doubleclick.net
tpc.googlesyndication.com
www.facebook.com
www.google-analytics.com
www.googletagservices.com
xsmb.me
172.217.16.206
172.217.22.1
172.217.22.2
172.217.23.142
172.217.23.162
185.60.216.19
185.60.216.35
210.211.98.16
216.58.205.226
216.58.207.74
216.58.210.2
024b50990392a113a0032dac8ae51f4a2857a9e0b46a1ee5f34b01173120b577
0543360ab453c8f578006674eb54a527ed64597a5b4304c73e64f5692bc3e3ec
054b832eb4c07610e59a38af9669cadc9fc26d40fcdc2a9c55040e6ad2a3b563
0ee23d789a50d2a3213f301b929b9803f8ae1d4e661ad3fc75d5ce1facfe6408
0ee776172c409c9263c5f74ed3a527032fd3a2a7153dd2081c4d1fc3bb598a4e
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
1210ad7a47a5ab764a2db08ff4864ade4abb6a0617525cb25309780f9be5458a
1265bb5622e1d385f5e575aceb3a4358fcd1cf2003db583d50f4781a46732f9c
2cbd83356ddca15fa67eb1fdf7741603f27567e9e9dd7352036b699e70760cb2
328d31c6b53eeab86ddb7a62b413f370cc8b0ac900257ebb6e598989aec431d9
36aaf637892b0fbb0a9381ee88feceb49f3999982d969bd818c4c77914b3a323
4944806b8a5dc90adee19cfbf8c85b75a6c907baffa474e3c81657b9c2f1467b
59f81188c9f8969e0c4c480294c71e6e3687edd2d6567f4fc28af85e28f5359f
5d53ad980c61e383ebe6496cebc2d7c618cd128344b2d549b67215d7c9e67522
643265847777ab36f618e1ff5dfd58b1547dec1676d3a233a1554747e4d91d88
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8af93bd675e1cfd9ecc850e862819fdac6e3ad1f5d761f970e409c7d9c63bdc3
91218cfb85422e17e6765229114aa01169317c8235f906f50eda98e3677848ed
af583ba439f2ae017bc3c259ec35efd7a6c22b69c36b1edb7c6a46d576befefc
bd0362e526b08f12309a5acf447eb5a26dbab24e4dea8b586b1de47ad64f9e6a
c4d8dbe77feb63e5a61bee0bead4e5f66e8fa6a927599bd1b74aced52467273c
d3b1ef092c45b1191cb15dbfeb6c7b9cfef1525022df4143036abf8b2eb13a71
d7d387bcc507ef571e7bf75ebba2c86376f606d4bbe7b0a2db81e876654de796
ddb769c3890511b2f212be39e07999ed414c193c28041723293ae822ebcfc91e
e3111abbc45dbdfcc17ce628e4774c173125eff5d5925fa2ab79ea4341dfe1a7
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e73b41bb478beac2a8626b89206b0037e1f25246a579ec81d201b3fe7665871c
eb3d45d5a1c2702b9eb25d43b10a259987962271226e7ab0b11e4145ca09b93e
ee29b2655b65d1e0cead819006fbd8827fa081574e471f70012d21952ba789f2
eef77dd538124c8ada7e993acad7d5c9dc69e47b3712bcd80e19a3b2ab4425d2
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f17c52d128492e3041982fb68e8aef913b60dacdffae62cb260af2a67eaec603
f34ac7dad709c9ba69ac7d7390720dd54fda56151c64e73d9aff4e1186af8510
f8ef655ef916e39713ede9c6db56d7ca5618bd82cf5ac991dcd013f05e0fdfc7
fcc6715e9b73cb3c1c1b8042fb590efc76697e6187fcada5c5315180252f98d8

xsmb.me Open in urlscan Pro 210.211.98.16 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

47 Requests

0 %HTTPS

0 %IPv6

10 Domains

12 Subdomains

12 IPs

3 Countries

996 kBTransfer

1843 kBSize

6 Cookies

5 Outgoing links

Redirected requests

47 HTTP transactions Everything HTML Script AJAX CSS Image Expand all -4 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

xsmb.me Open in urlscan Pro
210.211.98.16 Public Scan

Screenshot
Live screenshot

Full Image

47
Requests

0 %
HTTPS

0 %
IPv6

10
Domains

12
Subdomains

12
IPs

3
Countries

996 kB
Transfer

1843 kB
Size

6
Cookies

47 HTTP transactions
-4 data transactions