xoso.me Open in urlscan Pro
210.211.97.84 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://xoso.me/
Effective URL:
https://xoso.me/
Submission: On May 19 via manual (May 19th 2019, 9:41:10 am UTC) from VN

Summary HTTP 78 Redirects Links 5 Behaviour Indicators

Summary

This website contacted 22 IPs in 4 countries across 15 domains to perform 78 HTTP transactions. The main IP is 210.211.97.84, located in Viet Nam and belongs to VTDC-AS-VN Vietel - CHT Compamy Ltd, VN. The main domain is xoso.me.
TLS certificate: Issued by AlphaSSL CA - SHA256 - G2 on March 12th 2018. Valid for: 2 years.

This is the only time xoso.me was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 14	210.211.97.84 210.211.97.84	38731 (VTDC-AS-V...) (VTDC-AS-VN Vietel - CHT Compamy Ltd)
4	2a00:1450:400... 2a00:1450:4001:817::2002	15169 (GOOGLE) (GOOGLE - Google LLC)
3	2a00:1450:400... 2a00:1450:4001:81a::2002	15169 (GOOGLE) (GOOGLE - Google LLC)
4	210.211.101.203 210.211.101.203	38731 (VTDC-AS-V...) (VTDC-AS-VN Vietel - CHT Compamy Ltd)
2	151.139.242.29 151.139.242.29	33438 (HIGHWINDS2) (HIGHWINDS2 - Highwinds Network Group)
1	2a00:1450:400... 2a00:1450:4001:819::200e	15169 (GOOGLE) (GOOGLE - Google LLC)
2	2a00:1450:400... 2a00:1450:4001:81f::200a	15169 (GOOGLE) (GOOGLE - Google LLC)
1	2606:4700::68... 2606:4700::6813:c497	13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare)
1	2a00:1450:400... 2a00:1450:4001:81f::2002	15169 (GOOGLE) (GOOGLE - Google LLC)
1	2a00:1450:400... 2a00:1450:4001:81e::2002	15169 (GOOGLE) (GOOGLE - Google LLC)
5	2a00:1450:400... 2a00:1450:4001:814::2002	15169 (GOOGLE) (GOOGLE - Google LLC)
6	172.217.22.66 172.217.22.66	15169 (GOOGLE) (GOOGLE - Google LLC)
10	2a00:1450:400... 2a00:1450:4001:825::2001	15169 (GOOGLE) (GOOGLE - Google LLC)
2	2a00:1450:400... 2a00:1450:4001:817::200e	15169 (GOOGLE) (GOOGLE - Google LLC)
1	210.211.101.208 210.211.101.208	38731 (VTDC-AS-V...) (VTDC-AS-VN Vietel - CHT Compamy Ltd)
11	2a00:1450:400... 2a00:1450:4001:81b::2001	15169 (GOOGLE) (GOOGLE - Google LLC)
2	2a00:1450:400... 2a00:1450:4001:824::200a	15169 (GOOGLE) (GOOGLE - Google LLC)
1	61.213.187.172 61.213.187.172	2914 (NTT-COMMU...) (NTT-COMMUNICATIONS-2914 - NTT America)
2	2a00:1450:400... 2a00:1450:4001:820::2004	15169 (GOOGLE) (GOOGLE - Google LLC)
4	2a00:1450:400... 2a00:1450:4001:81f::2003	15169 (GOOGLE) (GOOGLE - Google LLC)
2	2a00:1450:400... 2a00:1450:4001:806::2014	15169 (GOOGLE) (GOOGLE - Google LLC)
78	22

14 210.211.97.84 (Viet Nam) 1 redirects

ASN38731 (VTDC-AS-VN Vietel - CHT Compamy Ltd, VN)

xoso.me	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:817::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:81a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 210.211.101.203 (Viet Nam)

ASN38731 (VTDC-AS-VN Vietel - CHT Compamy Ltd, VN)

images.xoso.me	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.139.242.29 (Dallas, United States)

ASN33438 (HIGHWINDS2 - Highwinds Network Group, Inc., US)

images.dmca.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:819::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

apis.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:81f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6813:c497 (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:814::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 172.217.22.66 (United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: fra15s17-in-f66.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:825::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:817::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 210.211.101.208 (Viet Nam)

ASN38731 (VTDC-AS-VN Vietel - CHT Compamy Ltd, VN)

s3.ketquaveso.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2a00:1450:4001:81b::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

cdn.ampproject.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:824::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 61.213.187.172 (Japan)

ASN2914 (NTT-COMMUNICATIONS-2914 - NTT America, Inc., US)

js.genieessp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:820::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:81f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:806::2014 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

amp-error-reporting.appspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
18	xoso.me 1 redirects xoso.me images.xoso.me	108 KB
14	googlesyndication.com pagead2.googlesyndication.com tpc.googlesyndication.com	283 KB
11	ampproject.org cdn.ampproject.org	272 KB
11	doubleclick.net googleads.g.doubleclick.net securepubads.g.doubleclick.net	108 KB
4	gstatic.com fonts.gstatic.com	44 KB
4	googleapis.com ajax.googleapis.com fonts.googleapis.com	98 KB
4	google.com apis.google.com adservice.google.com www.google.com	18 KB
3	googletagservices.com www.googletagservices.com	67 KB
2	appspot.com amp-error-reporting.appspot.com	221 B
2	google-analytics.com www.google-analytics.com	18 KB
2	dmca.com images.dmca.com	4 KB
1	genieessp.com js.genieessp.com	241 B
1	ketquaveso.com s3.ketquaveso.com	813 B
1	google.de adservice.google.de	482 B
1	cloudflare.com cdnjs.cloudflare.com	18 KB
78	15

	Domain	Requested by
14	xoso.me	1 redirects xoso.me pagead2.googlesyndication.com
11	cdn.ampproject.org	securepubads.g.doubleclick.net
10	tpc.googlesyndication.com	securepubads.g.doubleclick.net xoso.me
6	securepubads.g.doubleclick.net	www.googletagservices.com securepubads.g.doubleclick.net xoso.me
5	googleads.g.doubleclick.net	pagead2.googlesyndication.com
4	fonts.gstatic.com	www.googletagservices.com
4	images.xoso.me	xoso.me
4	pagead2.googlesyndication.com	xoso.me pagead2.googlesyndication.com
3	www.googletagservices.com	xoso.me pagead2.googlesyndication.com securepubads.g.doubleclick.net
2	amp-error-reporting.appspot.com	cdn.ampproject.org
2	www.google.com	xoso.me
2	fonts.googleapis.com	securepubads.g.doubleclick.net
2	www.google-analytics.com	xoso.me
2	ajax.googleapis.com	xoso.me
2	images.dmca.com	xoso.me
1	js.genieessp.com	securepubads.g.doubleclick.net
1	s3.ketquaveso.com	ajax.googleapis.com
1	adservice.google.com	pagead2.googlesyndication.com
1	adservice.google.de	pagead2.googlesyndication.com
1	cdnjs.cloudflare.com	xoso.me
1	apis.google.com	xoso.me
78	21

This site contains links to these domains. Also see Links.

Domain
bit.ly
vienthong.com.vn
play.google.com
itunes.apple.com
www.dmca.com

Subject Issuer	Validity	Valid
www.xoso.me AlphaSSL CA - SHA256 - G2	`2018-03-12` - `2020-03-12`	2 years	crt.sh
*.g.doubleclick.net Google Internet Authority G3	`2019-04-30` - `2019-07-23`	3 months	crt.sh
images.xoso.me Let's Encrypt Authority X3	`2019-03-15` - `2019-06-13`	3 months	crt.sh
images.dmca.com Go Daddy Secure Certificate Authority - G2	`2018-02-01` - `2020-04-04`	2 years	crt.sh
*.apis.google.com Google Internet Authority G3	`2019-04-30` - `2019-07-23`	3 months	crt.sh
*.googleapis.com Google Internet Authority G3	`2019-04-30` - `2019-07-23`	3 months	crt.sh
ssl412106.cloudflaressl.com COMODO ECC Domain Validation Secure Server CA 2	`2019-03-02` - `2019-09-08`	6 months	crt.sh
*.google.com Google Internet Authority G3	`2019-04-30` - `2019-07-23`	3 months	crt.sh
tpc.googlesyndication.com Google Internet Authority G3	`2019-04-30` - `2019-07-23`	3 months	crt.sh
*.google-analytics.com Google Internet Authority G3	`2019-04-30` - `2019-07-23`	3 months	crt.sh
s3.ketquaveso.com Let's Encrypt Authority X3	`2019-03-09` - `2019-06-07`	3 months	crt.sh
misc-sni.google.com Google Internet Authority G3	`2019-04-30` - `2019-07-23`	3 months	crt.sh
*.genieessp.com RapidSSL RSA CA 2018	`2018-09-11` - `2019-10-31`	a year	crt.sh
www.google.com Google Internet Authority G3	`2019-04-30` - `2019-07-23`	3 months	crt.sh
*.appspot.com Google Internet Authority G3	`2019-04-30` - `2019-07-23`	3 months	crt.sh

This page contains 11 frames:

Primary Page: https://xoso.me/
Frame ID: 5C586AD1055FEC2739B3F967121577A5
Requests: 41 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/js/r20190513/r20190131/show_ads_impl.js
Frame ID: BD2A5742029FC3E43086DE809293B033
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20190513/r20190131/zrt_lookup.html
Frame ID: 090968F66D70B3D2733A155DFCBDF588
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3084353470359421&output=html&adk=1812271804&adf=3025194257&lmt=1558258776&plaf=1%3A1&plat=1%3A32776%2C2%3A32776%2C8%3A32776%2C9%3A32776%2C16%3A8388608%2C30%3A1081344&fba=1&plach=4540957392%2C%2B%2C%2B%2C%2B%2C%2B%2C%2B&guci=1.2.0.0.2.2.0.0&format=0x0&url=https%3A%2F%2Fxoso.me%2F&ea=0&flash=0&pra=5&wgl=1&adsid=NT&dt=1558258853481&bpp=15&bdt=94&fdt=98&idt=99&shv=r20190513&cbv=r20190131&saldr=aa&abxe=1&nras=1&correlator=1554229265592&frm=20&pv=2&ga_vid=103030735.1558258854&ga_sid=1558258854&ga_hid=862689966&ga_fc=0&iag=0&icsg=2730&dssz=10&mdo=0&mso=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=0&ady=0&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=20040081%2C21060853%2C20040010&oid=3&rx=0&eae=2&fc=1936&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=16&bc=31&osw_key=2212649429&ifi=0&uci=0.6oz1or2ml2i&fsb=1&dtd=121
Frame ID: 4939F0947A4156CD8E6EB75CB45EF087
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3084353470359421&output=html&h=90&slotname=2008202591&adk=3038326453&adf=3296512626&w=970&lmt=1558258776&rafmt=12&guci=1.2.0.0.2.2.0.0&format=970x90&url=https%3A%2F%2Fxoso.me%2F&flash=0&wgl=1&adsid=NT&dt=1558258853635&bpp=59&bdt=248&fdt=60&idt=61&shv=r20190513&cbv=r20190131&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=1554229265592&frm=20&pv=1&ga_vid=103030735.1558258854&ga_sid=1558258854&ga_hid=862689966&ga_fc=0&iag=0&icsg=10922&dssz=12&mdo=0&mso=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=315&ady=137&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=20040081%2C21060853%2C20040010&oid=3&rx=0&eae=0&fc=1936&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=272&bc=31&osw_key=166692287&ifi=1&uci=1.q5sz5986z76y&fsb=1&xpc=9H0l1aL9uE&p=https%3A//xoso.me&dtd=78
Frame ID: 266B4A1228CA75F891390F0C6AD618B0
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3084353470359421&output=html&h=600&slotname=5842326193&adk=1214513561&adf=84565849&w=300&fwr_io=true&fwrn=4&fwrnh=100&lmt=1558258776&rafmt=1&guci=1.2.0.0.2.2.0.0&format=300x600&url=https%3A%2F%2Fxoso.me%2F&flash=0&fwr=0&fwrattr=true&resp_fmts=4&wgl=1&adsid=NT&dt=1558258853769&bpp=12&bdt=382&fdt=13&idt=13&shv=r20190513&cbv=r20190131&saldr=aa&abxe=1&prev_fmts=0x0%2C970x90&nras=1&correlator=1554229265592&frm=20&pv=1&ga_vid=103030735.1558258854&ga_sid=1558258854&ga_hid=862689966&ga_fc=0&iag=0&icsg=10922&dssz=14&mdo=0&mso=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=376&ady=1087&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=20040081%2C21060853%2C20040010&oid=3&rx=0&eae=0&fc=1936&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=144&bc=31&osw_key=794991049&ifi=2&uci=2.ig78ha5hr8ii&fsb=1&xpc=k2aBpKY3gi&p=https%3A//xoso.me&dtd=19
Frame ID: 9A0F3B0A1F53C22BCE626441F0B02131
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6036579657774106&output=html&h=600&slotname=5498735679&adk=4019378569&adf=459107925&w=300&lmt=1558258776&rafmt=12&guci=1.2.0.0.2.2.0.0&format=300x600&url=https%3A%2F%2Fxoso.me%2F&flash=0&wgl=1&adsid=NT&dt=1558258854104&bpp=67&bdt=717&fdt=70&idt=70&shv=r20190513&cbv=r20190131&saldr=aa&abxe=1&prev_fmts=0x0%2C970x90%2C300x600&nras=1&correlator=1554229265592&frm=20&pv=2&ga_vid=103030735.1558258854&ga_sid=1558258854&ga_hid=862689966&ga_fc=0&iag=0&icsg=43690&dssz=21&mdo=0&mso=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1038&ady=247&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=20040081%2C21060853%2C20040010&oid=3&rx=0&eae=0&fc=1936&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=272&bc=31&osw_key=19611649&ifi=16&uci=g.ixsqly4tm4vo&fsb=1&xpc=Cpz7a6nWyS&p=https%3A//xoso.me&dtd=75
Frame ID: 5BF6C77FEA2DD6BBC01343C171AB1F9B
Requests: 1 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/011905091827220/amp4ads-v0.js
Frame ID: 0FB8E94A5F7DD8B05FDDE6D4D4F18017
Requests: 17 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvNqekxkywVJ83joF7yY7BovV9CxoFRZRKwuRUYNgExBc31O2GXIjvSHBTwZ9qSK6ZLNFweftAUXFaxHwiHNoky_wIYsv_Dwdun_0q8HdZopNTYt_LQSubzsx0o9-i4K-EEN19jT23iTsn9ObU8wZhNEr8GaXk3lrgfPs-GOnMT2L7zItNSEfcsvGZKWtiutV6XA1k33tH9k5CpScJnLWGXEpIxsFajie_VNBjduYQLfar4IxTYHQVtq_QwKKM8wAc&sai=AMfl-YTRBEpwchHR8o90hp6qd35VcMXTmuJ8_75EWi_OLTOuneIYKxRQwbEQx7-wLEaB3PdzWayzXN2jpChZWm00oHftczRPzE0hP0VNVwTDrLMCV5T4WxNns_akhZhI&sig=Cg0ArKJSzICGVZaLG7WUEAE&urlfix=1&adurl=
Frame ID: 076611E5A6A26D4B9E8A8DD126316F80
Requests: 4 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/011905091827220/amp4ads-v0.js
Frame ID: 059C336C84F79158670C9EAD0775BE18
Requests: 17 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/safeframe/1-0-33/html/container.html
Frame ID: 7B545B61B4A446C9CB483ED1DAD2241B
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://xoso.me/ HTTP 301
https://xoso.me/ Page URL

Detected technologies

Node.js (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

env /^io$/i

Nginx (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /nginx(?:\/([\d.]+))?/i

Socket.io (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

env /^io$/i

DoubleClick for Publishers (DFP) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

script /googletagservices\.com\/tag\/js\/gpt(?:_mobile)?\.js/i

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

script /googlesyndication\.com\//i
env /^google_ad_/i
env /^__google_ad_/i
env /^Goog_AdSense_/i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|(analytics))\.js/i
env /^gaGlobal$/i

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

env /^googletag$/i

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

env /^jQuery$/i

Page Statistics

78
Requests

100 %
HTTPS

71 %
IPv6

15
Domains

21
Subdomains

22
IPs

4
Countries

1038 kB
Transfer

2942 kB
Size

6
Cookies

5 Outgoing links

These are links going to different origins than the main page.

URL: http://bit.ly/2VZMu0Y
Title: Xổ số Trực Tiếp - Kênh Youtube Xoso.me

Search URL Search Domain Scan URL

URL: https://vienthong.com.vn/cach-nap-tien-dien-thoai-online/

Search URL Search Domain Scan URL

URL: https://play.google.com/store/apps/details?id=kqxs.ketquaxosotructiep

Search URL Search Domain Scan URL

URL: https://itunes.apple.com/ca/app/ket-qua-xo-so-mien-bac-mien/id828154474

Search URL Search Domain Scan URL

URL: http://www.dmca.com/Protection/Status.aspx?ID=8c76fc95-3877-4989-a088-082b6d4bfebc&refurl=https://xoso.me/
Title:

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://xoso.me/ HTTP 301
https://xoso.me/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

78 HTTP transactions
8 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
xoso.me/
Redirect Chain

http://xoso.me/
https://xoso.me/

74 KB
14 KB

665ms
214ms

Document
text/html

210.211.97.84
CHT Compamy Ltd

General

Check archive.org

Show headers Download Go to

Full URL: https://xoso.me/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 210.211.97.84 , Viet Nam, ASN38731 (VTDC-AS-VN Vietel - CHT Compamy Ltd, VN),
Reverse DNS
Software: nginx /
Resource Hash: a6edff240c857b97df668533c22fae8f946c4475068f63b73155e51c45c4d0f5

Request headers

:method: GET
:authority: xoso.me
:scheme: https
:path: /
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

status: 200
server: nginx
date: Sun, 19 May 2019 09:40:53 GMT
content-type: text/html
last-modified: Sun, 19 May 2019 09:39:36 GMT
vary: Accept-Encoding
etag: W/"5ce12458-128b8"
content-encoding: gzip

Redirect headers

Server: nginx
Date: Sun, 19 May 2019 09:40:52 GMT
Content-Type: text/html
Content-Length: 178
Connection: keep-alive
Location: https://xoso.me/

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 87 KB
33 KB 51ms
20ms Script
text/javascript 2a00:1450:4001:817::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: xoso.me
URL: https://xoso.me/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:817::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

1a774f9ff4c82d8feaa8412ed8a2520174ebda464b59bf772967a319d520e3ed

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://xoso.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Sun, 19 May 2019 09:40:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,44,43,39",quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 32987
x-xss-protection: 0
server: cafe
etag: 15335191640353697486
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Sun, 19 May 2019 09:40:53 GMT

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ 31 KB
11 KB 71ms
40ms Script
text/javascript 2a00:1450:4001:81a::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: xoso.me
URL: https://xoso.me/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

db798d296b529a533608ad27deb384e0247cf762ef44f3e04107ae4bb2be9ba8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://xoso.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Sun, 19 May 2019 09:40:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "170 / 855 of 1000 / last-modified: 1558022742"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,44,43,39",quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 10526
x-xss-protection: 0
expires: Sun, 19 May 2019 09:40:53 GMT

GET
H2 200 style.min.css
xoso.me/css/css/ 99 KB
25 KB 222ms
220ms Stylesheet
text/css 210.211.97.84
CHT Compamy Ltd

General

Check archive.org

Show headers Download Go to

Full URL: https://xoso.me/css/css/style.min.css?v=1556946124
Requested by: Host: xoso.me
URL: https://xoso.me/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 210.211.97.84 , Viet Nam, ASN38731 (VTDC-AS-VN Vietel - CHT Compamy Ltd, VN),
Reverse DNS
Software: nginx /
Resource Hash: 12e74f3af4fd22db96636fa60c2aad25eef70b38b03cf01b0de6af22f317bc6a

Request headers

Referer: https://xoso.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Sun, 19 May 2019 09:40:53 GMT
content-encoding: gzip
last-modified: Sat, 04 May 2019 05:02:04 GMT
server: nginx
etag: W/"5ccd1ccc-18dbb"
vary: Accept-Encoding
content-type: text/css
status: 200

GET
H2 200 hot2.gif
xoso.me/css/images/ 197 B
372 B 426ms
416ms Image
image/gif 210.211.97.84
CHT Compamy Ltd

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://xoso.me/css/images/hot2.gif
Requested by: Host: xoso.me
URL: https://xoso.me/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 210.211.97.84 , Viet Nam, ASN38731 (VTDC-AS-VN Vietel - CHT Compamy Ltd, VN),
Reverse DNS
Software: nginx /
Resource Hash: 5d53ad980c61e383ebe6496cebc2d7c618cd128344b2d549b67215d7c9e67522

Request headers

Referer: https://xoso.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Sun, 19 May 2019 09:40:53 GMT
last-modified: Mon, 28 Nov 2016 06:47:55 GMT
server: nginx
etag: "583bd31b-c5"
content-type: image/gif
status: 200
cache-control: max-age=604800
accept-ranges: bytes
content-length: 197
expires: Sun, 26 May 2019 09:40:53 GMT

GET
H2 200 waiting.gif
xoso.me/images/ 4 KB
5 KB 426ms
417ms Image
image/gif 210.211.97.84
CHT Compamy Ltd

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://xoso.me/images/waiting.gif
Requested by: Host: xoso.me
URL: https://xoso.me/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 210.211.97.84 , Viet Nam, ASN38731 (VTDC-AS-VN Vietel - CHT Compamy Ltd, VN),
Reverse DNS
Software: nginx /
Resource Hash: 0e835d13892184964b549a4b9996c56b0e14e1599936e5a1a14b36876d5b9150

Request headers

Referer: https://xoso.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Sun, 19 May 2019 09:40:53 GMT
last-modified: Fri, 23 Feb 2018 08:10:47 GMT
server: nginx
etag: "5a8fcc87-11cf"
content-type: image/gif
status: 200
cache-control: max-age=604800
accept-ranges: bytes
content-length: 4559
expires: Sun, 26 May 2019 09:40:53 GMT

GET
H2 200 rolling.gif
xoso.me/images/ 2 KB
2 KB 426ms
417ms Image
image/gif 210.211.97.84
CHT Compamy Ltd

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://xoso.me/images/rolling.gif
Requested by: Host: xoso.me
URL: https://xoso.me/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 210.211.97.84 , Viet Nam, ASN38731 (VTDC-AS-VN Vietel - CHT Compamy Ltd, VN),
Reverse DNS
Software: nginx /
Resource Hash: 2760113208187011130939bf07ab3e333422e432e1917a333efac9c9bfc16190

Request headers

Referer: https://xoso.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Sun, 19 May 2019 09:40:53 GMT
last-modified: Fri, 23 Feb 2018 08:10:47 GMT
server: nginx
etag: "5a8fcc87-704"
content-type: image/gif
status: 200
cache-control: max-age=604800
accept-ranges: bytes
content-length: 1796
expires: Sun, 26 May 2019 09:40:53 GMT

GET
H2 200 du-doan-xo-so-mien-bac-19-5-2019_60x60.png
images.xoso.me/news_xosome/2019/05/15/xA/ 4 KB
5 KB 682ms
216ms Image
image/png 210.211.101.203
CHT Compamy Ltd

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.xoso.me/news_xosome/2019/05/15/xA/du-doan-xo-so-mien-bac-19-5-2019_60x60.png
Requested by: Host: xoso.me
URL: https://xoso.me/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 210.211.101.203 , Viet Nam, ASN38731 (VTDC-AS-VN Vietel - CHT Compamy Ltd, VN),
Reverse DNS
Software: nginx/1.12.2 /
Resource Hash: 5179394c6aa3bb638c90abaf1e107be16df2207890d44f2cb2024f9a3e63c49a

Request headers

Referer: https://xoso.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Sun, 19 May 2019 09:40:54 GMT
last-modified: Wed, 15 May 2019 03:45:05 GMT
server: nginx/1.12.2
etag: "5cdb8b41-11dc"
content-type: image/png
status: 200
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 4572
expires: Tue, 18 Jun 2019 09:40:54 GMT

GET
H2 200 du-doan-xo-so-mien-trung-19-5-2019_60x60.png
images.xoso.me/news_xosome/2019/05/15/hx/ 4 KB
5 KB 898ms
432ms Image
image/png 210.211.101.203
CHT Compamy Ltd

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.xoso.me/news_xosome/2019/05/15/hx/du-doan-xo-so-mien-trung-19-5-2019_60x60.png
Requested by: Host: xoso.me
URL: https://xoso.me/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 210.211.101.203 , Viet Nam, ASN38731 (VTDC-AS-VN Vietel - CHT Compamy Ltd, VN),
Reverse DNS
Software: nginx/1.12.2 /
Resource Hash: 6bfc4b6f71f13b7c040b1e2415afd5ea0ffbe7b7d3a66dabbb0a51b23d63ed42

Request headers

Referer: https://xoso.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Sun, 19 May 2019 09:40:54 GMT
last-modified: Wed, 15 May 2019 03:40:32 GMT
server: nginx/1.12.2
etag: "5cdb8a30-1193"
content-type: image/png
status: 200
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 4499
expires: Tue, 18 Jun 2019 09:40:54 GMT

GET
H2 200 du-doan-xo-so-mien-nam-19-5-2019_60x60.png
images.xoso.me/news_xosome/2019/05/15/ox/ 5 KB
5 KB 904ms
438ms Image
image/png 210.211.101.203
CHT Compamy Ltd

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.xoso.me/news_xosome/2019/05/15/ox/du-doan-xo-so-mien-nam-19-5-2019_60x60.png
Requested by: Host: xoso.me
URL: https://xoso.me/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 210.211.101.203 , Viet Nam, ASN38731 (VTDC-AS-VN Vietel - CHT Compamy Ltd, VN),
Reverse DNS
Software: nginx/1.12.2 /
Resource Hash: 9ab6838ef4f3ee36bac5ea8e13f6656d5846e14f5c6af07066a50bbff048b1d7

Request headers

Referer: https://xoso.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Sun, 19 May 2019 09:40:54 GMT
last-modified: Wed, 15 May 2019 03:27:31 GMT
server: nginx/1.12.2
etag: "5cdb8723-127f"
content-type: image/png
status: 200
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 4735
expires: Tue, 18 Jun 2019 09:40:54 GMT

GET
H2 200 cach-chen-ma-code-nhung-ket-qua-truc-tiep-xo-so-dua-vao-website-blog_60x60.JPG
images.xoso.me/news_xosome/2019/03/01/Nv/ 1 KB
2 KB 904ms
439ms Image
image/jpeg 210.211.101.203
CHT Compamy Ltd

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.xoso.me/news_xosome/2019/03/01/Nv/cach-chen-ma-code-nhung-ket-qua-truc-tiep-xo-so-dua-vao-website-blog_60x60.JPG
Requested by: Host: xoso.me
URL: https://xoso.me/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 210.211.101.203 , Viet Nam, ASN38731 (VTDC-AS-VN Vietel - CHT Compamy Ltd, VN),
Reverse DNS
Software: nginx/1.12.2 /
Resource Hash: 7c6b65789d61bb8afae80679174f1dd496ecc26c8534a580aa735c866e6f17e3

Request headers

Referer: https://xoso.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Sun, 19 May 2019 09:40:54 GMT
last-modified: Fri, 01 Mar 2019 09:08:38 GMT
server: nginx/1.12.2
etag: "5c78f696-58a"
content-type: image/jpeg
status: 200
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 1418
expires: Tue, 18 Jun 2019 09:40:54 GMT

GET
H2 200 vienthong_210x147x.jpg
xoso.me/images/ 14 KB
14 KB 425ms
418ms Image
image/jpeg 210.211.97.84
CHT Compamy Ltd

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://xoso.me/images/vienthong_210x147x.jpg
Requested by: Host: xoso.me
URL: https://xoso.me/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 210.211.97.84 , Viet Nam, ASN38731 (VTDC-AS-VN Vietel - CHT Compamy Ltd, VN),
Reverse DNS
Software: nginx /
Resource Hash: 89f4a0494cb2ba9dd7fbecaffd34271312c4ecd71a870fd0f69750cd026213e0

Request headers

Referer: https://xoso.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Sun, 19 May 2019 09:40:53 GMT
last-modified: Wed, 14 Dec 2016 10:40:49 GMT
server: nginx
etag: "585121b1-384f"
content-type: image/jpeg
status: 200
cache-control: max-age=604800
accept-ranges: bytes
content-length: 14415
expires: Sun, 26 May 2019 09:40:53 GMT

GET
H2 200 icon-android.png
xoso.me/images/ 2 KB
2 KB 425ms
418ms Image
image/png 210.211.97.84
CHT Compamy Ltd

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://xoso.me/images/icon-android.png
Requested by: Host: xoso.me
URL: https://xoso.me/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 210.211.97.84 , Viet Nam, ASN38731 (VTDC-AS-VN Vietel - CHT Compamy Ltd, VN),
Reverse DNS
Software: nginx /
Resource Hash: 328d31c6b53eeab86ddb7a62b413f370cc8b0ac900257ebb6e598989aec431d9

Request headers

Referer: https://xoso.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Sun, 19 May 2019 09:40:53 GMT
last-modified: Fri, 17 Mar 2017 08:44:45 GMT
server: nginx
etag: "58cba1fd-812"
content-type: image/png
status: 200
cache-control: max-age=604800
accept-ranges: bytes
content-length: 2066
expires: Sun, 26 May 2019 09:40:53 GMT

GET
H2 200 icon-ios.png
xoso.me/images/ 1 KB
1 KB 428ms
421ms Image
image/png 210.211.97.84
CHT Compamy Ltd

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://xoso.me/images/icon-ios.png
Requested by: Host: xoso.me
URL: https://xoso.me/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 210.211.97.84 , Viet Nam, ASN38731 (VTDC-AS-VN Vietel - CHT Compamy Ltd, VN),
Reverse DNS
Software: nginx /
Resource Hash: d7d387bcc507ef571e7bf75ebba2c86376f606d4bbe7b0a2db81e876654de796

Request headers

Referer: https://xoso.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Sun, 19 May 2019 09:40:53 GMT
last-modified: Tue, 18 Apr 2017 07:28:39 GMT
server: nginx
etag: "58f5c027-446"
content-type: image/png
status: 200
cache-control: max-age=604800
accept-ranges: bytes
content-length: 1094
expires: Sun, 26 May 2019 09:40:53 GMT

GET
H2 200 dmca_protected_sml_120ak.png
images.dmca.com/Badges/ 2 KB
3 KB 59ms
15ms Image
image/png 151.139.242.29
Highwinds Network...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.dmca.com/Badges/dmca_protected_sml_120ak.png?ID=8c76fc95-3877-4989-a088-082b6d4bfebc
Requested by: Host: xoso.me
URL: https://xoso.me/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.139.242.29 Dallas, United States, ASN33438 (HIGHWINDS2 - Highwinds Network Group, Inc., US),
Reverse DNS
Software: nginx / ASP.NET
Resource Hash: a0ca626d2c49a254962bf811eea12f76d29e4872563c91b00abeee5ed4fc06d4

Request headers

Referer: https://xoso.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Sun, 19 May 2019 09:40:53 GMT
server: nginx
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
x-cache: HIT
content-type: image/png
status: 200
cache-control: max-age=2592000
accept-ranges: bytes
link: <http://dmca-images.cloudapp.net/Badges/dmca_protected_sml_120ak.png>; rel="canonical"
content-length: 2418
expires: Tue, 18 Jun 2019 09:40:44 GMT

GET
H2 200 platform.js Show response
apis.google.com/js/ 44 KB
17 KB 53ms
29ms Script
application/javascript 2a00:1450:4001:819::200e
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/js/platform.js?onload=gginit

Requested by

Host: xoso.me
URL: https://xoso.me/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:819::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

ESF /

Resource Hash

c485230ae23c490980d10d8e6753b8ee7f8fdc60416e8fb84f5f4c55628fd56b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://xoso.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Sun, 19 May 2019 09:40:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: script-src 'report-sample' 'nonce-7TiGMWoU6hKuU3BdiEYr8Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/cspreport
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
status: 200
strict-transport-security: max-age=31536000
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
x-xss-protection: 0
x-ua-compatible: IE=edge, chrome=1
server: ESF
etag: "4be6ea33607705f5a530a78ef3b83829"
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: private, max-age=1800, stale-while-revalidate=1800
timing-allow-origin: *
expires: Sun, 19 May 2019 09:40:53 GMT

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/3.3.1/ 85 KB
30 KB 16ms
5ms Script
text/javascript 2a00:1450:4001:81f::200a
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/3.3.1/jquery.min.js

Requested by

Host: xoso.me
URL: https://xoso.me/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://xoso.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Sat, 09 Mar 2019 04:41:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 6152363
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 30399
x-xss-protection: 1; mode=block
last-modified: Thu, 25 Jan 2018 15:33:24 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 08 Mar 2020 04:41:30 GMT

GET
H2 200 jquery-ui.min.js Show response
ajax.googleapis.com/ajax/libs/jqueryui/1.12.1/ 248 KB
66 KB 19ms
7ms Script
text/javascript 2a00:1450:4001:81f::200a
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jqueryui/1.12.1/jquery-ui.min.js

Requested by

Host: xoso.me
URL: https://xoso.me/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

55accff7b642c2d7a402cbe03c1494c0f14a76bc03dee9d47d219562b6a152a5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://xoso.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Sat, 09 Mar 2019 02:20:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 6160817
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 67948
x-xss-protection: 1; mode=block
last-modified: Tue, 20 Dec 2016 18:17:03 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 08 Mar 2020 02:20:36 GMT

GET
H2 200 xsmn.min.js Show response
xoso.me/js/ 42 KB
13 KB 427ms
416ms Script
application/javascript 210.211.97.84
CHT Compamy Ltd

General

Check archive.org

Show headers Download Go to

Full URL: https://xoso.me/js/xsmn.min.js?v=1554109270
Requested by: Host: xoso.me
URL: https://xoso.me/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 210.211.97.84 , Viet Nam, ASN38731 (VTDC-AS-VN Vietel - CHT Compamy Ltd, VN),
Reverse DNS
Software: nginx /
Resource Hash: 76f1ed08e2c40aa2b7a6730b58c945c61b700b19a866434a5ce47a63f430cde6

Request headers

Referer: https://xoso.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Sun, 19 May 2019 09:40:53 GMT
content-encoding: gzip
last-modified: Mon, 01 Apr 2019 09:01:10 GMT
server: nginx
etag: W/"5ca1d356-a82b"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: max-age=604800
expires: Sun, 26 May 2019 09:40:53 GMT

GET
H2 200 DMCABadgeHelper.min.js Show response
images.dmca.com/Badges/ 852 B
1 KB 77ms
14ms Script
application/zip 151.139.242.29
Highwinds Network...

General

Check archive.org

Show headers Download Go to

Full URL: https://images.dmca.com/Badges/DMCABadgeHelper.min.js
Requested by: Host: xoso.me
URL: https://xoso.me/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.139.242.29 Dallas, United States, ASN33438 (HIGHWINDS2 - Highwinds Network Group, Inc., US),
Reverse DNS
Software: nginx / ASP.NET
Resource Hash: 8464f9a28062d00fd300538f9e93fad38faa64b9751db49b28911b9b6cceafdd

Request headers

Referer: https://xoso.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Sun, 19 May 2019 09:40:53 GMT
server: nginx
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
x-cache: HIT
content-type: application/zip
status: 200
cache-control: max-age=2592000
accept-ranges: bytes
link: <http://dmca-images.cloudapp.net/Badges/DMCABadgeHelper.min.js>; rel="canonical"
content-length: 852
expires: Tue, 18 Jun 2019 09:40:23 GMT

GET
H2 200 socket.io.js Show response
cdnjs.cloudflare.com/ajax/libs/socket.io/2.1.0/ 61 KB
18 KB 23ms
13ms Script
application/javascript 2606:4700::6813:c497
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/socket.io/2.1.0/socket.io.js

Requested by

Host: xoso.me
URL: https://xoso.me/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:c497 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

4e19bd90c2360502b15670968a940819e6fc41597696884ef965967c2885f1bd

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000; includeSubDomains

Request headers

Referer: https://xoso.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Sun, 19 May 2019 09:40:53 GMT
content-encoding: br
cf-cache-status: HIT
status: 200
strict-transport-security: max-age=15780000; includeSubDomains
timing-allow-origin: *
last-modified: Thu, 17 May 2018 09:26:47 GMT
server: cloudflare
etag: W/"5afd4ad7-f3bb"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
expires: Fri, 08 May 2020 09:40:53 GMT
cache-control: public, max-age=30672000
cf-ray: 4d951ca9debabeb5-FRA
served-in-seconds: 0.002

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 109 B
482 B 53ms
16ms Script
application/javascript 2a00:1450:4001:81f::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=xoso.me

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://xoso.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Sun, 19 May 2019 09:40:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-type: application/javascript; charset=UTF-8
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,44,43,39",quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 104
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 109 B
482 B 51ms
14ms Script
application/javascript 2a00:1450:4001:81e::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=xoso.me

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://xoso.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Sun, 19 May 2019 09:40:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-type: application/javascript; charset=UTF-8
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,44,43,39",quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 104
x-xss-protection: 0

GET
H2 200 show_ads_impl.js Show response
pagead2.googlesyndication.com/pagead/js/r20190513/r20190131/ 204 KB
76 KB 31ms
29ms Script
text/javascript 2a00:1450:4001:817::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20190513/r20190131/show_ads_impl.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:817::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

3d5094c1d23b5cf90a1e612d406a1c09b89533c889c287e316aa8ec1da3151f0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://xoso.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Sun, 19 May 2019 09:40:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,44,43,39",quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 77648
x-xss-protection: 0
server: cafe
etag: 10849630386184038813
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Sun, 19 May 2019 09:40:53 GMT

GET
H2 200 show_ads_impl.js Show response
pagead2.googlesyndication.com/pagead/js/r20190513/r20190131/ Frame BD2A 204 KB
76 KB 25ms
25ms Script
text/javascript 2a00:1450:4001:817::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20190513/r20190131/show_ads_impl.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:817::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

3d5094c1d23b5cf90a1e612d406a1c09b89533c889c287e316aa8ec1da3151f0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://xoso.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Sun, 19 May 2019 09:40:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,44,43,39",quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 77648
x-xss-protection: 0
server: cafe
etag: 10849630386184038813
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Sun, 19 May 2019 09:40:53 GMT

GET
H2 200 ca-pub-3084353470359421.js Show response
pagead2.googlesyndication.com/pub-config/r20160913/ 133 B
277 B 6ms
6ms Script
text/javascript 2a00:1450:4001:817::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pub-config/r20160913/ca-pub-3084353470359421.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:817::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

7e7fa886d5d75c745d95be4fc3c5bfb4c988019b3f643c669734612345e1b8c8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://xoso.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Sat, 18 May 2019 23:16:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Sun, 12 May 2019 19:20:28 GMT
server: sffe
age: 37461
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=43200
accept-ranges: bytes
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,44,43,39",quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 125
x-xss-protection: 0
expires: Sun, 19 May 2019 11:16:32 GMT

GET
H2 200 zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20190513/r20190131/ Frame 0909 0
0 6ms
6ms Document
text/html 2a00:1450:4001:814::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20190513/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:814::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/html/r20190513/r20190131/zrt_lookup.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
referer: https://xoso.me/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://xoso.me/

Response headers

status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
vary: Accept-Encoding
date: Mon, 13 May 2019 13:07:57 GMT
expires: Mon, 27 May 2019 13:07:57 GMT
content-type: text/html; charset=UTF-8
etag: 7423447574459395779
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 6990
x-xss-protection: 0
cache-control: public, max-age=1209600
age: 505976
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,44,43,39",quic=":443"; ma=2592000; v="46,44,43,39"

GET
H2 200 pubads_impl_2019051301.js Show response
securepubads.g.doubleclick.net/gpt/ 152 KB
56 KB 96ms
47ms Script
text/javascript 172.217.22.66
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019051301.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.22.66 , United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra15s17-in-f66.1e100.net

Software

sffe /

Resource Hash

2b83db827fbd3e671aa2f4628103e8da1f4b96c7e935025b8742e5e7098a6b66

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://xoso.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Sun, 19 May 2019 09:40:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 13 May 2019 13:05:10 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 56606
x-xss-protection: 0
expires: Sun, 19 May 2019 09:40:53 GMT

GET
H2 200 ads
googleads.g.doubleclick.net/pagead/ Frame 4939 0
0 42ms
41ms Document
text/html 2a00:1450:4001:814::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3084353470359421&output=html&adk=1812271804&adf=3025194257&lmt=1558258776&plaf=1%3A1&plat=1%3A32776%2C2%3A32776%2C8%3A32776%2C9%3A32776%2C16%3A8388608%2C30%3A1081344&fba=1&plach=4540957392%2C%2B%2C%2B%2C%2B%2C%2B%2C%2B&guci=1.2.0.0.2.2.0.0&format=0x0&url=https%3A%2F%2Fxoso.me%2F&ea=0&flash=0&pra=5&wgl=1&adsid=NT&dt=1558258853481&bpp=15&bdt=94&fdt=98&idt=99&shv=r20190513&cbv=r20190131&saldr=aa&abxe=1&nras=1&correlator=1554229265592&frm=20&pv=2&ga_vid=103030735.1558258854&ga_sid=1558258854&ga_hid=862689966&ga_fc=0&iag=0&icsg=2730&dssz=10&mdo=0&mso=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=0&ady=0&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=20040081%2C21060853%2C20040010&oid=3&rx=0&eae=2&fc=1936&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=16&bc=31&osw_key=2212649429&ifi=0&uci=0.6oz1or2ml2i&fsb=1&dtd=121

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20190513/r20190131/show_ads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:814::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-3084353470359421&output=html&adk=1812271804&adf=3025194257&lmt=1558258776&plaf=1%3A1&plat=1%3A32776%2C2%3A32776%2C8%3A32776%2C9%3A32776%2C16%3A8388608%2C30%3A1081344&fba=1&plach=4540957392%2C%2B%2C%2B%2C%2B%2C%2B%2C%2B&guci=1.2.0.0.2.2.0.0&format=0x0&url=https%3A%2F%2Fxoso.me%2F&ea=0&flash=0&pra=5&wgl=1&adsid=NT&dt=1558258853481&bpp=15&bdt=94&fdt=98&idt=99&shv=r20190513&cbv=r20190131&saldr=aa&abxe=1&nras=1&correlator=1554229265592&frm=20&pv=2&ga_vid=103030735.1558258854&ga_sid=1558258854&ga_hid=862689966&ga_fc=0&iag=0&icsg=2730&dssz=10&mdo=0&mso=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=0&ady=0&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=20040081%2C21060853%2C20040010&oid=3&rx=0&eae=2&fc=1936&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=16&bc=31&osw_key=2212649429&ifi=0&uci=0.6oz1or2ml2i&fsb=1&dtd=121
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
referer: https://xoso.me/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://xoso.me/

Response headers

status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Sun, 19 May 2019 09:40:53 GMT
server: cafe
content-length: 44
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Sun, 19-May-2019 09:55:53 GMT; path=/; domain=.doubleclick.net
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,44,43,39",quic=":443"; ma=2592000; v="46,44,43,39"
expires: Sun, 19 May 2019 09:40:53 GMT
cache-control: private

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ 76 KB
28 KB 40ms
39ms Script
text/javascript 2a00:1450:4001:81a::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20190513/r20190131/show_ads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

05ca7febbb9f350c88fa88057ddea8ba095ef65bcaaaa1c9c84a3404be43b6c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://xoso.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Sun, 19 May 2019 09:40:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1558113546443716"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,44,43,39",quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 28510
x-xss-protection: 0
expires: Sun, 19 May 2019 09:40:53 GMT

GET
H2 200 icons.png
xoso.me/css/images/ 10 KB
10 KB 215ms
214ms Image
image/png 210.211.97.84
CHT Compamy Ltd

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://xoso.me/css/images/icons.png
Requested by: Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 210.211.97.84 , Viet Nam, ASN38731 (VTDC-AS-VN Vietel - CHT Compamy Ltd, VN),
Reverse DNS
Software: nginx /
Resource Hash: e9799e8d48a2f25cb08a7e8f514fe6bc0d5f8516664853801170985302934ffe

Request headers

Referer: https://xoso.me/css/css/style.min.css?v=1556946124
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Sun, 19 May 2019 09:40:53 GMT
last-modified: Mon, 28 Nov 2016 06:47:55 GMT
server: nginx
etag: "583bd31b-28b7"
content-type: image/png
status: 200
cache-control: max-age=604800
accept-ranges: bytes
content-length: 10423
expires: Sun, 26 May 2019 09:40:53 GMT

GET
H2 200 ads
googleads.g.doubleclick.net/pagead/ Frame 266B 0
0 223ms
222ms Document
text/html 2a00:1450:4001:814::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3084353470359421&output=html&h=90&slotname=2008202591&adk=3038326453&adf=3296512626&w=970&lmt=1558258776&rafmt=12&guci=1.2.0.0.2.2.0.0&format=970x90&url=https%3A%2F%2Fxoso.me%2F&flash=0&wgl=1&adsid=NT&dt=1558258853635&bpp=59&bdt=248&fdt=60&idt=61&shv=r20190513&cbv=r20190131&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=1554229265592&frm=20&pv=1&ga_vid=103030735.1558258854&ga_sid=1558258854&ga_hid=862689966&ga_fc=0&iag=0&icsg=10922&dssz=12&mdo=0&mso=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=315&ady=137&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=20040081%2C21060853%2C20040010&oid=3&rx=0&eae=0&fc=1936&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=272&bc=31&osw_key=166692287&ifi=1&uci=1.q5sz5986z76y&fsb=1&xpc=9H0l1aL9uE&p=https%3A//xoso.me&dtd=78

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20190513/r20190131/show_ads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:814::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-3084353470359421&output=html&h=90&slotname=2008202591&adk=3038326453&adf=3296512626&w=970&lmt=1558258776&rafmt=12&guci=1.2.0.0.2.2.0.0&format=970x90&url=https%3A%2F%2Fxoso.me%2F&flash=0&wgl=1&adsid=NT&dt=1558258853635&bpp=59&bdt=248&fdt=60&idt=61&shv=r20190513&cbv=r20190131&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=1554229265592&frm=20&pv=1&ga_vid=103030735.1558258854&ga_sid=1558258854&ga_hid=862689966&ga_fc=0&iag=0&icsg=10922&dssz=12&mdo=0&mso=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=315&ady=137&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=20040081%2C21060853%2C20040010&oid=3&rx=0&eae=0&fc=1936&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=272&bc=31&osw_key=166692287&ifi=1&uci=1.q5sz5986z76y&fsb=1&xpc=9H0l1aL9uE&p=https%3A//xoso.me&dtd=78
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
referer: https://xoso.me/
accept-encoding: gzip, deflate, br
cookie: test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://xoso.me/

Response headers

status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Sun, 19 May 2019 09:40:53 GMT
server: cafe
content-length: 35521
x-xss-protection: 0
set-cookie: IDE=AHWqTUm55IB9YxhkpfSAMys3r-kQLOHNi8vk2Pwdr7ADQJbMeeYOKQXMyxQxrF1Z; expires=Fri, 12-Jun-2020 09:40:53 GMT; path=/; domain=.doubleclick.net; HttpOnly test_cookie=; domain=.doubleclick.net; path=/; expires=Mon, 21 Jul 2008 23:59:00 GMT
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,44,43,39",quic=":443"; ma=2592000; v="46,44,43,39"
expires: Sun, 19 May 2019 09:40:53 GMT
cache-control: private

GET
H2 200 loader-red.gif
xoso.me/css/images/ 4 KB
4 KB 215ms
214ms Image
image/gif 210.211.97.84
CHT Compamy Ltd

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://xoso.me/css/images/loader-red.gif
Requested by: Host: xoso.me
URL: https://xoso.me/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 210.211.97.84 , Viet Nam, ASN38731 (VTDC-AS-VN Vietel - CHT Compamy Ltd, VN),
Reverse DNS
Software: nginx /
Resource Hash: b7e0fa884143d7d6979dff10731ec09e2dee11f58481f486bda7ee70b0055e88

Request headers

Referer: https://xoso.me/css/css/style.min.css?v=1556946124
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Sun, 19 May 2019 09:40:53 GMT
last-modified: Wed, 22 Mar 2017 04:21:49 GMT
server: nginx
etag: "58d1fbdd-10b6"
content-type: image/gif
status: 200
cache-control: max-age=604800
accept-ranges: bytes
content-length: 4278
expires: Sun, 26 May 2019 09:40:53 GMT

GET
H2 200 ads
googleads.g.doubleclick.net/pagead/ Frame 9A0F 0
0 209ms
208ms Document
text/html 2a00:1450:4001:814::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3084353470359421&output=html&h=600&slotname=5842326193&adk=1214513561&adf=84565849&w=300&fwr_io=true&fwrn=4&fwrnh=100&lmt=1558258776&rafmt=1&guci=1.2.0.0.2.2.0.0&format=300x600&url=https%3A%2F%2Fxoso.me%2F&flash=0&fwr=0&fwrattr=true&resp_fmts=4&wgl=1&adsid=NT&dt=1558258853769&bpp=12&bdt=382&fdt=13&idt=13&shv=r20190513&cbv=r20190131&saldr=aa&abxe=1&prev_fmts=0x0%2C970x90&nras=1&correlator=1554229265592&frm=20&pv=1&ga_vid=103030735.1558258854&ga_sid=1558258854&ga_hid=862689966&ga_fc=0&iag=0&icsg=10922&dssz=14&mdo=0&mso=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=376&ady=1087&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=20040081%2C21060853%2C20040010&oid=3&rx=0&eae=0&fc=1936&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=144&bc=31&osw_key=794991049&ifi=2&uci=2.ig78ha5hr8ii&fsb=1&xpc=k2aBpKY3gi&p=https%3A//xoso.me&dtd=19

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20190513/r20190131/show_ads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:814::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-3084353470359421&output=html&h=600&slotname=5842326193&adk=1214513561&adf=84565849&w=300&fwr_io=true&fwrn=4&fwrnh=100&lmt=1558258776&rafmt=1&guci=1.2.0.0.2.2.0.0&format=300x600&url=https%3A%2F%2Fxoso.me%2F&flash=0&fwr=0&fwrattr=true&resp_fmts=4&wgl=1&adsid=NT&dt=1558258853769&bpp=12&bdt=382&fdt=13&idt=13&shv=r20190513&cbv=r20190131&saldr=aa&abxe=1&prev_fmts=0x0%2C970x90&nras=1&correlator=1554229265592&frm=20&pv=1&ga_vid=103030735.1558258854&ga_sid=1558258854&ga_hid=862689966&ga_fc=0&iag=0&icsg=10922&dssz=14&mdo=0&mso=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=376&ady=1087&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=20040081%2C21060853%2C20040010&oid=3&rx=0&eae=0&fc=1936&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=144&bc=31&osw_key=794991049&ifi=2&uci=2.ig78ha5hr8ii&fsb=1&xpc=k2aBpKY3gi&p=https%3A//xoso.me&dtd=19
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
referer: https://xoso.me/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://xoso.me/

Response headers

status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Sun, 19 May 2019 09:40:53 GMT
server: cafe
content-length: 38517
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Sun, 19-May-2019 09:55:53 GMT; path=/; domain=.doubleclick.net
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,44,43,39",quic=":443"; ma=2592000; v="46,44,43,39"
expires: Sun, 19 May 2019 09:40:53 GMT
cache-control: private

GET
DATA 200
OK truncated
/ 308 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b32f1df89c842cfd8c1f1eba28280fde36ef93a1777645baf7d2dd2122dd508e

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 157 KB
25 KB 629ms
628ms XHR
text/javascript 172.217.22.66
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=4350022609871829&correlator=3760392262387632&output=json_html&callback=googletag.impl.pubads.callbackProxy1&impl=fifs&adsid=NT&json_a=1&eid=21063235%2C21062886%2C21063202%2C953563515&vrg=2019051301&guci=1.2.0.0.2.2.0.0&plat=1%3A32776%2C2%3A32776%2C8%3A32776&sc=1&sfv=1-0-33&ecs=20190519&iu_parts=117390890%2Cxsme-middle-live-1%2Cxsme-middle-2%2Cxsme-middle-live-3%2Cxsme-article-cat-middle%2Cxsme-article-bottom%2Cxsme-middle-live-4%2Cxsme-statistic-1%2Cxsme-statistic-page%2Cxsme-dreambook%2Cxsme-sokq-1%2Cxsme-sokq-2%2Cxsme-article-top-1&enc_prev_ius=%2F0%2F1%2C%2F0%2F2%2C%2F0%2F3%2C%2F0%2F4%2C%2F0%2F5%2C%2F0%2F6%2C%2F0%2F7%2C%2F0%2F8%2C%2F0%2F9%2C%2F0%2F10%2C%2F0%2F11%2C%2F0%2F12&prev_iu_szs=336x280%2C336x280%2C300x250%7C336x280%2C300x250%7C336x280%2C300x250%7C336x280%2C300x250%7C336x280%2C300x250%7C336x280%2C300x250%7C336x280%2C300x250%7C336x280%2C300x250%7C336x280%2C300x250%7C336x280%2C468x60&cookie_enabled=1&bc=31&abxe=1&lmt=1558258776&dt=1558258853872&dlt=1558258853387&idt=419&frm=20&biw=1585&bih=1200&oid=3&adxs=-9%2C248%2C-9%2C-9%2C-9%2C-9%2C-9%2C-9%2C-9%2C-9%2C-9%2C-9&adys=-9%2C2168%2C-9%2C-9%2C-9%2C-9%2C-9%2C-9%2C-9%2C-9%2C-9%2C-9&adks=3892807697%2C83220490%2C591714172%2C455965895%2C3515037809%2C3744347432%2C1451861404%2C373023423%2C1600504503%2C1061487454%2C2796047044%2C2479368732&ucis=1%7C2%7C3%7C4%7C5%7C6%7C7%7C8%7C9%7Ca%7Cb%7Cc&ifi=3&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fxoso.me%2F&dssz=15&icsg=10922&std=0&csl=84&vis=1&dmc=8&scr_x=0&scr_y=0&psz=0x-1%7C557x280%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1&msz=0x-1%7C557x280%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1&blev=1&bisch=1&ga_vid=103030735.1558258854&ga_sid=1558258854&ga_hid=862689966&fws=2%2C0%2C2%2C2%2C2%2C2%2C2%2C2%2C2%2C2%2C2%2C2

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019051301.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.22.66 , United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra15s17-in-f66.1e100.net

Software

cafe /

Resource Hash

11c5ead5367a77aa9160542864acd3bc2800cec42143316232b6d82340c80a94

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://xoso.me/
Origin: https://xoso.me

Response headers

date: Sun, 19 May 2019 09:40:54 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2,-2,-2,-2,-2,-2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 25448
x-xss-protection: 0
google-lineitem-id: -1,-1,121405690,-1,-1,-1,-1,-2,-2,-2,-2,4542253649
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -1,-1,138226941514,-1,-1,-1,-1,-2,-2,-2,-2,138248602465
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: https://xoso.me
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pubads_impl_rendering_2019051301.js Show response
securepubads.g.doubleclick.net/gpt/ 71 KB
27 KB 53ms
51ms Script
text/javascript 172.217.22.66
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2019051301.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019051301.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.22.66 , United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra15s17-in-f66.1e100.net

Software

sffe /

Resource Hash

bd9265e706c41cf364cc226eeea4b77dcc188fda93940f4050af552eb553db0f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://xoso.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Sun, 19 May 2019 09:40:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 13 May 2019 13:05:10 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 27438
x-xss-protection: 0
expires: Sun, 19 May 2019 09:40:54 GMT

GET
H2 200 container.html
tpc.googlesyndication.com/safeframe/1-0-33/html/ 0
0 8ms
8ms Other
text/html 2a00:1450:4001:825::2001
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://tpc.googlesyndication.com/safeframe/1-0-33/html/container.html
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019051301.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:825::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Purpose: prefetch
Referer: https://xoso.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

GET
H2 200 bulett5.png
xoso.me/css/images/ 104 B
279 B 216ms
216ms Image
image/png 210.211.97.84
CHT Compamy Ltd

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://xoso.me/css/images/bulett5.png
Requested by: Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 210.211.97.84 , Viet Nam, ASN38731 (VTDC-AS-VN Vietel - CHT Compamy Ltd, VN),
Reverse DNS
Software: nginx /
Resource Hash: e287dea12990f0dcdab9bd6e7ff12d3ca9d7bcc4be150a7745f34690d97c146d

Request headers

Referer: https://xoso.me/css/css/style.min.css?v=1556946124
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Sun, 19 May 2019 09:40:54 GMT
last-modified: Mon, 28 Nov 2016 06:47:55 GMT
server: nginx
etag: "583bd31b-68"
content-type: image/png
status: 200
cache-control: max-age=604800
accept-ranges: bytes
content-length: 104
expires: Sun, 26 May 2019 09:40:54 GMT

GET
H2 200 ads
googleads.g.doubleclick.net/pagead/ Frame 5BF6 0
0 191ms
190ms Document
text/html 2a00:1450:4001:814::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6036579657774106&output=html&h=600&slotname=5498735679&adk=4019378569&adf=459107925&w=300&lmt=1558258776&rafmt=12&guci=1.2.0.0.2.2.0.0&format=300x600&url=https%3A%2F%2Fxoso.me%2F&flash=0&wgl=1&adsid=NT&dt=1558258854104&bpp=67&bdt=717&fdt=70&idt=70&shv=r20190513&cbv=r20190131&saldr=aa&abxe=1&prev_fmts=0x0%2C970x90%2C300x600&nras=1&correlator=1554229265592&frm=20&pv=2&ga_vid=103030735.1558258854&ga_sid=1558258854&ga_hid=862689966&ga_fc=0&iag=0&icsg=43690&dssz=21&mdo=0&mso=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1038&ady=247&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=20040081%2C21060853%2C20040010&oid=3&rx=0&eae=0&fc=1936&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=272&bc=31&osw_key=19611649&ifi=16&uci=g.ixsqly4tm4vo&fsb=1&xpc=Cpz7a6nWyS&p=https%3A//xoso.me&dtd=75

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20190513/r20190131/show_ads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:814::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9544712916855324749/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9544712916855324749/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CI-P5Mump-ICFYyHdwodgzMCpg&gqi=piThXNTjC42S3wP20aOoCA&layout=/sadbundle/%24csp%253Der3%24/9544712916855324749/index.html
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-6036579657774106&output=html&h=600&slotname=5498735679&adk=4019378569&adf=459107925&w=300&lmt=1558258776&rafmt=12&guci=1.2.0.0.2.2.0.0&format=300x600&url=https%3A%2F%2Fxoso.me%2F&flash=0&wgl=1&adsid=NT&dt=1558258854104&bpp=67&bdt=717&fdt=70&idt=70&shv=r20190513&cbv=r20190131&saldr=aa&abxe=1&prev_fmts=0x0%2C970x90%2C300x600&nras=1&correlator=1554229265592&frm=20&pv=2&ga_vid=103030735.1558258854&ga_sid=1558258854&ga_hid=862689966&ga_fc=0&iag=0&icsg=43690&dssz=21&mdo=0&mso=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1038&ady=247&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=20040081%2C21060853%2C20040010&oid=3&rx=0&eae=0&fc=1936&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=272&bc=31&osw_key=19611649&ifi=16&uci=g.ixsqly4tm4vo&fsb=1&xpc=Cpz7a6nWyS&p=https%3A//xoso.me&dtd=75
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
referer: https://xoso.me/
accept-encoding: gzip, deflate, br
cookie: IDE=AHWqTUm55IB9YxhkpfSAMys3r-kQLOHNi8vk2Pwdr7ADQJbMeeYOKQXMyxQxrF1Z
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://xoso.me/

Response headers

status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
content-security-policy: child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9544712916855324749/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9544712916855324749/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CI-P5Mump-ICFYyHdwodgzMCpg&gqi=piThXNTjC42S3wP20aOoCA&layout=/sadbundle/%24csp%253Der3%24/9544712916855324749/index.html
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Sun, 19 May 2019 09:40:54 GMT
server: cafe
content-length: 25639
x-xss-protection: 0
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,44,43,39",quic=":443"; ma=2592000; v="46,44,43,39"

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 43 KB
17 KB 10ms
5ms Script
text/javascript 2a00:1450:4001:817::200e
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: xoso.me
URL: https://xoso.me/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:817::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

7dff09578729615fcd15c840a32c9f82a33fe2331a851e4ac40be03cb111b3f0

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://xoso.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 02 May 2019 01:33:03 GMT
server: Golfe2
age: 6838
date: Sun, 19 May 2019 07:46:56 GMT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=7200
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 17779
expires: Sun, 19 May 2019 09:46:56 GMT

GET
H2 200 collect
www.google-analytics.com/r/ 35 B
112 B 17ms
13ms Image
image/gif 2a00:1450:4001:817::200e
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/r/collect?v=1&_v=j75&a=862689966&t=pageview&_s=1&dl=https%3A%2F%2Fxoso.me%2F&ul=en-us&de=UTF-8&dt=Xo%20so%20-%20KQXS%20-%20XS%20-%20K%E1%BA%BFt%20qu%E1%BA%A3%20x%E1%BB%95%20s%E1%BB%91%20ki%E1%BA%BFn%20thi%E1%BA%BFt%20tr%E1%BB%B1c%20ti%E1%BA%BFp%203%20mi%E1%BB%81n%20nhanh%20nh%E1%BA%A5t&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&_u=IAjAAEAB~&jid=494003206&gjid=1075743650&cid=103030735.1558258854&tid=UA-116052681-1&_gid=102658174.1558258854&_r=1&z=1852975328

Requested by

Host: xoso.me
URL: https://xoso.me/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:817::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://xoso.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 19 May 2019 09:40:54 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
access-control-allow-origin: *
content-type: image/gif
status: 200
cache-control: no-cache, no-store, must-revalidate
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 35
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
DATA 200
OK truncated
/ 172 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d3b1ef092c45b1191cb15dbfeb6c7b9cfef1525022df4143036abf8b2eb13a71

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 439 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1210ad7a47a5ab764a2db08ff4864ade4abb6a0617525cb25309780f9be5458a

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 ui-bg_highlight-soft_100_eeeeee_1x100.png
xoso.me/css/css/images/ 278 B
454 B 219ms
214ms Image
image/png 210.211.97.84
CHT Compamy Ltd

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://xoso.me/css/css/images/ui-bg_highlight-soft_100_eeeeee_1x100.png
Requested by: Host: xoso.me
URL: https://xoso.me/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 210.211.97.84 , Viet Nam, ASN38731 (VTDC-AS-VN Vietel - CHT Compamy Ltd, VN),
Reverse DNS
Software: nginx /
Resource Hash: f34ac7dad709c9ba69ac7d7390720dd54fda56151c64e73d9aff4e1186af8510

Request headers

Referer: https://xoso.me/css/css/style.min.css?v=1556946124
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Sun, 19 May 2019 09:40:54 GMT
last-modified: Mon, 28 Nov 2016 06:47:55 GMT
server: nginx
etag: "583bd31b-116"
content-type: image/png
status: 200
cache-control: max-age=604800
accept-ranges: bytes
content-length: 278
expires: Sun, 26 May 2019 09:40:54 GMT

GET
H2 200 a Show response
s3.ketquaveso.com/ttkq/json_kqmn/ 2 KB
813 B 703ms
217ms XHR
text/html 210.211.101.208
CHT Compamy Ltd

General

Check archive.org

Show headers Download Go to

Full URL: https://s3.ketquaveso.com/ttkq/json_kqmn/a?t=1558258854371
Requested by: Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/3.3.1/jquery.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 210.211.101.208 , Viet Nam, ASN38731 (VTDC-AS-VN Vietel - CHT Compamy Ltd, VN),
Reverse DNS
Software: nginx /
Resource Hash: dfa3dfb5c96ffccb200f234fe6449d3cd12cf2239f001d99e73e8424bb94d2b5

Request headers

Accept: */*
Referer: https://xoso.me/
Origin: https://xoso.me
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Sun, 19 May 2019 09:40:27 GMT
content-encoding: gzip
last-modified: Sun, 19 May 2019 09:39:07 GMT
server: nginx
status: 200
etag: W/"5ce1243b-742"
vary: Accept-Encoding
content-type: text/html
access-control-allow-origin: *

GET
H2 200 amp4ads-host-v0.js Show response
cdn.ampproject.org/rtv/011905091827220/ 20 KB
7 KB 84ms
20ms Script
text/javascript 2a00:1450:4001:81b::2001
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/011905091827220/amp4ads-host-v0.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019051301.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

78c4e8bc80afcf139bd25392b030caf166daba88abad0b23793728e1de009a01

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://xoso.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
content-encoding: br
vary: Accept-Encoding
age: 662286
status: 200
date: Sat, 11 May 2019 17:42:48 GMT
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 7340
x-xss-protection: 0
server: sffe
etag: "b486b187c3bee865"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-content-type-options: nosniff
expires: Sun, 10 May 2020 17:42:48 GMT

GET
H2 200 amp4ads-v0.js Show response
cdn.ampproject.org/rtv/011905091827220/ Frame 0FB8 278 KB
75 KB 68ms
5ms Script
text/javascript 2a00:1450:4001:81b::2001
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/011905091827220/amp4ads-v0.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2019051301.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

de6df3644ecbda16f285c388ab30d251b47eeb685a658c6c4b066194b618335d

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://xoso.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
content-encoding: br
vary: Accept-Encoding
age: 318433
status: 200
date: Wed, 15 May 2019 17:13:41 GMT
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 76265
x-xss-protection: 0
server: sffe
etag: "ded310df6ab2f360"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-content-type-options: nosniff
expires: Thu, 14 May 2020 17:13:41 GMT

GET
H2 200 amp-ad-exit-0.1.js Show response
cdn.ampproject.org/rtv/011905091827220/v0/ Frame 0FB8 13 KB
5 KB 79ms
16ms Script
text/javascript 2a00:1450:4001:81b::2001
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/011905091827220/v0/amp-ad-exit-0.1.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2019051301.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

bc8fd14e678c5376e3e39d62901e3792e927afa77e5e677d03044b992f770ed6

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://xoso.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
content-encoding: br
vary: Accept-Encoding
age: 162802
status: 200
date: Fri, 17 May 2019 12:27:32 GMT
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 4873
x-xss-protection: 0
server: sffe
etag: "842a743fbcbe56f2"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-content-type-options: nosniff
expires: Sat, 16 May 2020 12:27:32 GMT

GET
H2 200 amp-analytics-0.1.js Show response
cdn.ampproject.org/rtv/011905091827220/v0/ Frame 0FB8 139 KB
38 KB 80ms
17ms Script
text/javascript 2a00:1450:4001:81b::2001
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/011905091827220/v0/amp-analytics-0.1.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2019051301.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

3c0a37d81e11d8af431b12d63de18637a8769ba467dc1645f71c2110838dfc44

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://xoso.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
content-encoding: br
vary: Accept-Encoding
age: 821304
status: 200
date: Thu, 09 May 2019 21:32:30 GMT
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 38610
x-xss-protection: 0
server: sffe
etag: "718461838a8befbe"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-content-type-options: nosniff
expires: Fri, 08 May 2020 21:32:30 GMT

GET
H2 200 amp-fit-text-0.1.js Show response
cdn.ampproject.org/rtv/011905091827220/v0/ Frame 0FB8 3 KB
1 KB 84ms
21ms Script
text/javascript 2a00:1450:4001:81b::2001
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/011905091827220/v0/amp-fit-text-0.1.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2019051301.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

b0ba028a853076b0d56890095a662379e160d80a244267fdf638959a2437abeb

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://xoso.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
content-encoding: br
vary: Accept-Encoding
age: 806728
status: 200
date: Fri, 10 May 2019 01:35:26 GMT
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 1396
x-xss-protection: 0
server: sffe
etag: "0fa525e74caf176a"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-content-type-options: nosniff
expires: Sat, 09 May 2020 01:35:26 GMT

GET
H2 200 amp-form-0.1.js Show response
cdn.ampproject.org/rtv/011905091827220/v0/ Frame 0FB8 42 KB
13 KB 84ms
22ms Script
text/javascript 2a00:1450:4001:81b::2001
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/011905091827220/v0/amp-form-0.1.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2019051301.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

825e269f947cbf2ccdb6fe1f1c0e74e50e5dbecedef5042c2c5662744f92e695

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://xoso.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
content-encoding: br
vary: Accept-Encoding
age: 821299
status: 200
date: Thu, 09 May 2019 21:32:35 GMT
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 13445
x-xss-protection: 0
server: sffe
etag: "0ada641ad8c90b98"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-content-type-options: nosniff
expires: Fri, 08 May 2020 21:32:35 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 0FB8 7 KB
738 B 18ms
16ms Stylesheet
text/css 2a00:1450:4001:824::200a
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2019051301.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:824::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

ESF /

Resource Hash

2854d1a7a60eaaf973f850aa7303ac2705a26f92011281ac9b41b684796ed5c3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://xoso.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
last-modified: Sun, 19 May 2019 09:40:54 GMT
server: ESF
access-control-allow-origin: *
date: Sun, 19 May 2019 09:40:54 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
x-xss-protection: 0
expires: Sun, 19 May 2019 09:40:54 GMT

GET
H2 200 7638155975614896176
tpc.googlesyndication.com/daca_images/simgad/ Frame 0FB8 35 KB
36 KB 9ms
8ms Image
image/jpeg 2a00:1450:4001:825::2001
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/daca_images/simgad/7638155975614896176

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2019051301.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:825::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

7df4466bb400c547dfc2f68f661c6a972521ead34c8e9105ffc222e12ef58fec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://xoso.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Wed, 08 May 2019 12:20:50 GMT
x-content-type-options: nosniff
age: 940804
x-dns-prefetch-control: off
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 36347
x-xss-protection: 0
last-modified: Thu, 11 Apr 2019 16:56:31 GMT
server: sffe
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 07 May 2020 12:20:50 GMT

GET
H2 200 downsize_200k_v1
tpc.googlesyndication.com/simgad/7870267691701118609/ Frame 0FB8 10 KB
10 KB 7ms
6ms Image
image/jpeg 2a00:1450:4001:825::2001
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/7870267691701118609/downsize_200k_v1?w=300&h=300

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2019051301.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:825::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

ebcb8527950ba26c670b05d2c61bc460ecd2380d88f5a490f098c8fa19990860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://xoso.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Sat, 09 Mar 2019 03:53:43 GMT
x-content-type-options: nosniff
age: 6155231
x-dns-prefetch-control: off
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 10218
x-xss-protection: 1; mode=block
last-modified: Wed, 26 Sep 2018 09:25:47 GMT
server: sffe
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 08 Mar 2020 03:53:43 GMT

GET
DATA 200
OK truncated
/ Frame 0FB8 219 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b21887e89534a534ec3432df11fc7860ccc86118d1f1c1a54a303ecb7559a38e

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 0FB8 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6dc5d277e9f2773b1952e8dd36eec49c0b6f1dfbb8b4b53b680c8d0882fcbfb0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 view Show response
securepubads.g.doubleclick.net/pcs/ Frame 0766 0
67 B 29ms
26ms Fetch
image/gif 172.217.22.66
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvNqekxkywVJ83joF7yY7BovV9CxoFRZRKwuRUYNgExBc31O2GXIjvSHBTwZ9qSK6ZLNFweftAUXFaxHwiHNoky_wIYsv_Dwdun_0q8HdZopNTYt_LQSubzsx0o9-i4K-EEN19jT23iTsn9ObU8wZhNEr8GaXk3lrgfPs-GOnMT2L7zItNSEfcsvGZKWtiutV6XA1k33tH9k5CpScJnLWGXEpIxsFajie_VNBjduYQLfar4IxTYHQVtq_QwKKM8wAc&sai=AMfl-YTRBEpwchHR8o90hp6qd35VcMXTmuJ8_75EWi_OLTOuneIYKxRQwbEQx7-wLEaB3PdzWayzXN2jpChZWm00oHftczRPzE0hP0VNVwTDrLMCV5T4WxNns_akhZhI&sig=Cg0ArKJSzICGVZaLG7WUEAE&urlfix=1&adurl=

Requested by

Host: xoso.me
URL: https://xoso.me/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.22.66 , United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra15s17-in-f66.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://xoso.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 19 May 2019 09:40:54 GMT
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
content-type: image/gif
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 0
x-xss-protection: 0

GET
H/1.1 200
OK a1293675.js Show response
js.genieessp.com/t/293/675/ Frame 0766 0
241 B 794ms
254ms Script
text/plain 61.213.187.172
NTT America

General

Check archive.org

Show headers Download Go to

Full URL: https://js.genieessp.com/t/293/675/a1293675.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2019051301.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 61.213.187.172 , Japan, ASN2914 (NTT-COMMUNICATIONS-2914 - NTT America, Inc., US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://xoso.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Sun, 19 May 2019 09:40:55 GMT
Server: nginx
Connection: keep-alive
Content-Length: 0
Warning: 199 - "You are prohibited from visiting this website due to GDPR compliance requirements."
Content-Type: text/plain

GET
H2 200 osd_listener.js Show response
www.googletagservices.com/activeview/js/current/ Frame 0766 75 KB
28 KB 44ms
43ms Script
text/javascript 2a00:1450:4001:81a::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd_listener.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2019051301.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

f775fe0cc24bfc5074c6af17ddb7338478982684735c296b2405108f0de590d1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://xoso.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Sun, 19 May 2019 09:40:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1558113546443716"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,44,43,39",quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 28559
x-xss-protection: 0
expires: Sun, 19 May 2019 09:40:54 GMT

GET
H2 200 amp4ads-v0.js Show response
cdn.ampproject.org/rtv/011905091827220/ Frame 059C 278 KB
75 KB 66ms
30ms Script
text/javascript 2a00:1450:4001:81b::2001
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/011905091827220/amp4ads-v0.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2019051301.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

de6df3644ecbda16f285c388ab30d251b47eeb685a658c6c4b066194b618335d

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://xoso.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
content-encoding: br
vary: Accept-Encoding
age: 318433
status: 200
date: Wed, 15 May 2019 17:13:41 GMT
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 76265
x-xss-protection: 0
server: sffe
etag: "ded310df6ab2f360"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-content-type-options: nosniff
expires: Thu, 14 May 2020 17:13:41 GMT

GET
H2 200 amp-ad-exit-0.1.js Show response
cdn.ampproject.org/rtv/011905091827220/v0/ Frame 059C 13 KB
5 KB 30ms
28ms Script
text/javascript 2a00:1450:4001:81b::2001
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/011905091827220/v0/amp-ad-exit-0.1.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2019051301.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

bc8fd14e678c5376e3e39d62901e3792e927afa77e5e677d03044b992f770ed6

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://xoso.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
content-encoding: br
vary: Accept-Encoding
age: 162802
status: 200
date: Fri, 17 May 2019 12:27:32 GMT
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 4873
x-xss-protection: 0
server: sffe
etag: "842a743fbcbe56f2"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-content-type-options: nosniff
expires: Sat, 16 May 2020 12:27:32 GMT

GET
H2 200 amp-analytics-0.1.js Show response
cdn.ampproject.org/rtv/011905091827220/v0/ Frame 059C 139 KB
38 KB 28ms
26ms Script
text/javascript 2a00:1450:4001:81b::2001
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/011905091827220/v0/amp-analytics-0.1.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2019051301.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

3c0a37d81e11d8af431b12d63de18637a8769ba467dc1645f71c2110838dfc44

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://xoso.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
content-encoding: br
vary: Accept-Encoding
age: 821304
status: 200
date: Thu, 09 May 2019 21:32:30 GMT
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 38610
x-xss-protection: 0
server: sffe
etag: "718461838a8befbe"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-content-type-options: nosniff
expires: Fri, 08 May 2020 21:32:30 GMT

GET
H2 200 amp-fit-text-0.1.js Show response
cdn.ampproject.org/rtv/011905091827220/v0/ Frame 059C 3 KB
1 KB 27ms
26ms Script
text/javascript 2a00:1450:4001:81b::2001
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/011905091827220/v0/amp-fit-text-0.1.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2019051301.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

b0ba028a853076b0d56890095a662379e160d80a244267fdf638959a2437abeb

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://xoso.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
content-encoding: br
vary: Accept-Encoding
age: 806728
status: 200
date: Fri, 10 May 2019 01:35:26 GMT
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 1396
x-xss-protection: 0
server: sffe
etag: "0fa525e74caf176a"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-content-type-options: nosniff
expires: Sat, 09 May 2020 01:35:26 GMT

GET
H2 200 amp-form-0.1.js Show response
cdn.ampproject.org/rtv/011905091827220/v0/ Frame 059C 42 KB
13 KB 24ms
23ms Script
text/javascript 2a00:1450:4001:81b::2001
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/011905091827220/v0/amp-form-0.1.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2019051301.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

825e269f947cbf2ccdb6fe1f1c0e74e50e5dbecedef5042c2c5662744f92e695

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://xoso.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
content-encoding: br
vary: Accept-Encoding
age: 821299
status: 200
date: Thu, 09 May 2019 21:32:35 GMT
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 13445
x-xss-protection: 0
server: sffe
etag: "0ada641ad8c90b98"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-content-type-options: nosniff
expires: Fri, 08 May 2020 21:32:35 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 059C 7 KB
690 B 17ms
16ms Stylesheet
text/css 2a00:1450:4001:824::200a
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2019051301.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:824::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

ESF /

Resource Hash

2854d1a7a60eaaf973f850aa7303ac2705a26f92011281ac9b41b684796ed5c3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://xoso.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
last-modified: Sun, 19 May 2019 09:40:54 GMT
server: ESF
access-control-allow-origin: *
date: Sun, 19 May 2019 09:40:54 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
x-xss-protection: 0
expires: Sun, 19 May 2019 09:40:54 GMT

GET
H2 200 7638155975614896176
tpc.googlesyndication.com/daca_images/simgad/ Frame 059C 35 KB
36 KB 9ms
7ms Image
image/jpeg 2a00:1450:4001:825::2001
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/daca_images/simgad/7638155975614896176

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2019051301.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:825::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

7df4466bb400c547dfc2f68f661c6a972521ead34c8e9105ffc222e12ef58fec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://xoso.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Wed, 08 May 2019 12:20:50 GMT
x-content-type-options: nosniff
age: 940804
x-dns-prefetch-control: off
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 36347
x-xss-protection: 0
last-modified: Thu, 11 Apr 2019 16:56:31 GMT
server: sffe
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 07 May 2020 12:20:50 GMT

GET
H2 200 downsize_200k_v1
tpc.googlesyndication.com/simgad/7870267691701118609/ Frame 059C 10 KB
10 KB 8ms
7ms Image
image/jpeg 2a00:1450:4001:825::2001
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/7870267691701118609/downsize_200k_v1?w=300&h=300

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2019051301.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:825::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

ebcb8527950ba26c670b05d2c61bc460ecd2380d88f5a490f098c8fa19990860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://xoso.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Sat, 09 Mar 2019 03:53:43 GMT
x-content-type-options: nosniff
age: 6155231
x-dns-prefetch-control: off
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 10218
x-xss-protection: 1; mode=block
last-modified: Wed, 26 Sep 2018 09:25:47 GMT
server: sffe
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 08 Mar 2020 03:53:43 GMT

GET
DATA 200
OK truncated
/ Frame 059C 219 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b21887e89534a534ec3432df11fc7860ccc86118d1f1c1a54a303ecb7559a38e

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 059C 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 99cc17cbf56482729841d7623e46e4554a999d3828e0afd3241b03a1c2b302a4

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 container.html
tpc.googlesyndication.com/safeframe/1-0-33/html/ Frame 7B54 0
0 23ms
9ms Document
text/html 2a00:1450:4001:825::2001
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-33/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2019051301.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:825::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /safeframe/1-0-33/html/container.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
referer: https://xoso.me/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://xoso.me/

Response headers

status: 200
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
timing-allow-origin: *
content-length: 3444
date: Thu, 18 Apr 2019 17:57:57 GMT
expires: Fri, 17 Apr 2020 17:57:57 GMT
last-modified: Tue, 16 Apr 2019 19:37:56 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 2648577
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"

GET
H2 200 vi.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 0FB8 3 KB
3 KB 26ms
10ms Image
image/png 2a00:1450:4001:825::2001
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/vi.png

Requested by

Host: xoso.me
URL: https://xoso.me/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:825::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

b123d3cd853f7cd9c7d7c92b0ca99a37b4fa7e654fca65be5f1a15fd9253635e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://xoso.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Sat, 18 May 2019 22:00:30 GMT
x-content-type-options: nosniff
content-type: image/png
server: cafe
age: 42024
etag: 10932518847931040692
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: public, max-age=86400
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 3099
x-xss-protection: 0
expires: Sun, 19 May 2019 22:00:30 GMT

GET
H2 200 icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 0FB8 344 B
411 B 25ms
10ms Image
image/png 2a00:1450:4001:825::2001
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/icon.png

Requested by

Host: xoso.me
URL: https://xoso.me/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:825::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://xoso.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Sat, 18 May 2019 21:03:30 GMT
x-content-type-options: nosniff
content-type: image/png
server: cafe
age: 45444
etag: 6766994032117382215
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: public, max-age=86400
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 344
x-xss-protection: 0
expires: Sun, 19 May 2019 21:03:30 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame 0FB8 0
0 29ms
14ms Image
text/html 2a00:1450:4001:820::2004
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaSaEXF9ynT5ELO1BV5LWt40a1flBFxL9XQa64yIwi6kq9JIHLBWdfUxADENYArszUyqC-o5qBiL1HOWdq5sCkTxW240JA
Requested by: Host: xoso.me
URL: https://xoso.me/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:820::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://xoso.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

GET
H2 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 0FB8 0
0 44ms
29ms Image
text/html 172.217.22.66
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CrSSTpiThXPzkBIb_3gOL7aOgC6CL59dUpOipiKEJuoPV68wREAEg6qekV2CVgoCAlAegAbvqstsDyAEJqQIXJRmpa7iyPuACAKgDAcgDCqoEugFP0HiWx3TgXBrPe8krzJdMSeeO5gJO3PyvPyEUzMl75O4mtTwGbiPWkByxvicxV6TVVtEF8jsQEo7OuSrKroQOmjkr7X44GnaZFaCv6v2uXKJw77M0Cu608pcFC0qiYCbVhdFnJcLY1TURQn5PGFQ6NTy8K9mZJ2Z_iIFAacsyu2lc57et3xeqC80W9TmrBh5lrByWvXjFkfUzgOTZM1MoSVHAVg9s3mtC73bzMeCZ7JkIdt-W7eLNS-TABND566yDAuAEAZIFBAgEGAGSBQQIBRgEkgUECAUYGJIFBQgFGKgBoAYugAekh5KGAagHjs4bqAfVyRuoB-DTG6gHugaoB9nLG6gHz8wbqAemvhvYBwDyBwQQmvsC0ggJCIDhgBAQARgN8ggbYWR4LXN1YnN5bi00MTgwMTY5MTYwNDM1Njg1gAoD2BMMiBQB&sigh=3p7ei05GXZM&template_id=484&tpd=AGWhJmsjA9IHkWzOhpQ04c-AyymhwuMKt1dEz9XeCYeZV5uMIA
Requested by: Host: xoso.me
URL: https://xoso.me/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.217.22.66 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS: fra15s17-in-f66.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://xoso.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

GET
H2 200 vi.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 059C 3 KB
3 KB 25ms
11ms Image
image/png 2a00:1450:4001:825::2001
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/vi.png

Requested by

Host: xoso.me
URL: https://xoso.me/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:825::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

b123d3cd853f7cd9c7d7c92b0ca99a37b4fa7e654fca65be5f1a15fd9253635e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://xoso.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Sat, 18 May 2019 22:00:30 GMT
x-content-type-options: nosniff
content-type: image/png
server: cafe
age: 42024
etag: 10932518847931040692
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: public, max-age=86400
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 3099
x-xss-protection: 0
expires: Sun, 19 May 2019 22:00:30 GMT

GET
H2 200 icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 059C 344 B
458 B 23ms
9ms Image
image/png 2a00:1450:4001:825::2001
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/icon.png

Requested by

Host: xoso.me
URL: https://xoso.me/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:825::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://xoso.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Sat, 18 May 2019 21:03:30 GMT
x-content-type-options: nosniff
content-type: image/png
server: cafe
age: 45444
etag: 6766994032117382215
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: public, max-age=86400
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 344
x-xss-protection: 0
expires: Sun, 19 May 2019 21:03:30 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame 059C 0
0 28ms
14ms Image
text/html 2a00:1450:4001:820::2004
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaSPe5d4GXHKOqas05L4G2cWNP2K1n9Kq59IIj4WurelOq5CJ_3GCh8etV1H34xcxUhLcQxtPpj4bMGJEJ3jNbqcPSjxSQ
Requested by: Host: xoso.me
URL: https://xoso.me/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:820::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://xoso.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

GET
H2 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 059C 0
0 43ms
30ms Image
text/html 172.217.22.66
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CWYl_piThXLDtBIb_3gOL7aOgC6CL59dUpOipiKEJuoPV68wREAEguuKBIGCVgoCAlAegAbvqstsDyAEJqQIXJRmpa7iyPuACAKgDAcgDCqoE0wFP0Nd_D6K-uMkPES2NWutedELaFel4LoBqu4HJ7885ET8PP8y8gZfpiTTRn68jc621YsGR-qSWHj59aA0uf1qBNtt36dqqtDs8ufuc7zEJzB19Uyce-EucR5nKhzU2CHWkxXzqMxD-rd8bd83P6UzTucykaSlBO8rOUygx2cQyQXyjrcukWA0by13i0t3_ofcdidYOLDOtezcR2THX1GxGKgACwUoqPOFbQC0gBBaBRhaUiL9CxBh7iTyz1JR9Hhu2VKghiQrklOmdcE_OOel5yuWuwATQ-eusgwLgBAGSBQQIBBgBkgUECAUYBJIFBAgFGBiSBQUIBRioAaAGLoAHpIeShgGoB47OG6gH1ckbqAfg0xuoB7oGqAfZyxuoB8_MG6gHpr4b2AcA8gcEEL_IAdIICQiA4YAQEAEYDYAKAdgTDIgUAQ&sigh=hnpRrrl8Bhc&template_id=484&tpd=AGWhJmsg1tyD_ca0gyBWnuBER59_BM9XMTP18hUFWmI3C5r2aw
Requested by: Host: xoso.me
URL: https://xoso.me/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.217.22.66 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS: fra15s17-in-f66.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://xoso.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4AMP6lQ.woff2
fonts.gstatic.com/s/roboto/v19/ Frame 0FB8 11 KB
11 KB 50ms
24ms Font
font/woff2 2a00:1450:4001:81f::2003
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v19/KFOlCnqEu92Fr1MmWUlfBBc4AMP6lQ.woff2

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

0d9fd7ccabde9b202de45ee6b65878ce9594975d8e8810b0878d3f3fa3637d0e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700
Origin: https://xoso.me

Response headers

date: Mon, 25 Mar 2019 20:20:11 GMT
x-content-type-options: nosniff
last-modified: Mon, 25 Mar 2019 20:14:03 GMT
server: sffe
age: 4713643
content-type: font/woff2
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-origin: *
content-length: 11020
x-xss-protection: 1; mode=block
expires: Tue, 24 Mar 2020 20:20:11 GMT

GET
H2 200 KFOlCnqEu92Fr1MmSU5fBBc4AMP6lQ.woff2
fonts.gstatic.com/s/roboto/v19/ Frame 0FB8 11 KB
11 KB 41ms
16ms Font
font/woff2 2a00:1450:4001:81f::2003
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v19/KFOlCnqEu92Fr1MmSU5fBBc4AMP6lQ.woff2

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

92606bd38901e67d069f2ef883715b6e5ae07d72ae3bead3ad92346528374afc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700
Origin: https://xoso.me

Response headers

date: Mon, 25 Mar 2019 20:19:57 GMT
x-content-type-options: nosniff
last-modified: Mon, 25 Mar 2019 20:14:42 GMT
server: sffe
age: 4713657
content-type: font/woff2
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-origin: *
content-length: 11180
x-xss-protection: 1; mode=block
expires: Tue, 24 Mar 2020 20:19:57 GMT

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4AMP6lQ.woff2
fonts.gstatic.com/s/roboto/v19/ Frame 059C 11 KB
11 KB 33ms
18ms Font
font/woff2 2a00:1450:4001:81f::2003
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v19/KFOlCnqEu92Fr1MmWUlfBBc4AMP6lQ.woff2

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

0d9fd7ccabde9b202de45ee6b65878ce9594975d8e8810b0878d3f3fa3637d0e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700
Origin: https://xoso.me

Response headers

date: Mon, 25 Mar 2019 20:20:11 GMT
x-content-type-options: nosniff
last-modified: Mon, 25 Mar 2019 20:14:03 GMT
server: sffe
age: 4713643
content-type: font/woff2
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-origin: *
content-length: 11020
x-xss-protection: 1; mode=block
expires: Tue, 24 Mar 2020 20:20:11 GMT

GET
H2 200 KFOlCnqEu92Fr1MmSU5fBBc4AMP6lQ.woff2
fonts.gstatic.com/s/roboto/v19/ Frame 059C 11 KB
11 KB 22ms
10ms Font
font/woff2 2a00:1450:4001:81f::2003
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v19/KFOlCnqEu92Fr1MmSU5fBBc4AMP6lQ.woff2

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

92606bd38901e67d069f2ef883715b6e5ae07d72ae3bead3ad92346528374afc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700
Origin: https://xoso.me

Response headers

date: Mon, 25 Mar 2019 20:19:57 GMT
x-content-type-options: nosniff
last-modified: Mon, 25 Mar 2019 20:14:42 GMT
server: sffe
age: 4713657
content-type: font/woff2
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-origin: *
content-length: 11180
x-xss-protection: 1; mode=block
expires: Tue, 24 Mar 2020 20:19:57 GMT

GET
DATA 200
OK truncated
/ Frame 0766 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: dc238bbd3667f2674602973596706b5ef437f7a009e2d51b31341893a3af3e75

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Content-Type: image/png

POST
H2 200 r Show response
amp-error-reporting.appspot.com/ Frame 0FB8 2 B
156 B 159ms
118ms XHR
text/plain 2a00:1450:4001:806::2014
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://amp-error-reporting.appspot.com/r
Requested by: Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/011905091827220/amp4ads-v0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:806::2014 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software: / Express
Resource Hash: 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

Referer: https://xoso.me/
Origin: https://xoso.me
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Sun, 19 May 2019 09:40:55 GMT
via: 1.1 google
x-powered-by: Express
status: 200
content-type: text/plain; charset=utf-8
access-control-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 2

POST
H2 200 r Show response
amp-error-reporting.appspot.com/ Frame 059C 2 B
65 B 118ms
118ms XHR
text/plain 2a00:1450:4001:806::2014
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://amp-error-reporting.appspot.com/r
Requested by: Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/011905091827220/amp4ads-v0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:806::2014 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software: / Express
Resource Hash: 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

Referer: https://xoso.me/
Origin: https://xoso.me
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Sun, 19 May 2019 09:40:56 GMT
via: 1.1 google
x-powered-by: Express
status: 200
content-type: text/plain; charset=utf-8
access-control-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 2

Verdicts & Comments Add Verdict or Comment

77 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

6 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.doubleclick.net/	1970-01-19 00:51:02	Name: DSID Value: NO_DATA
.xoso.me/	1970-01-19 18:22:10	Name: __gads Value: ID=c8ceeeffd4f3fa5e:T=1558258854:S=ALNI_Mb9hhXCXnHFrJIaD5W080LNcL5StQ
.xoso.me/	1970-01-19 00:50:58	Name: _gat_daily1 Value: 1
.doubleclick.net/	1970-01-19 10:12:34	Name: IDE Value: AHWqTUm55IB9YxhkpfSAMys3r-kQLOHNi8vk2Pwdr7ADQJbMeeYOKQXMyxQxrF1Z
.xoso.me/	1970-01-19 00:52:25	Name: _gid Value: GA1.2.102658174.1558258854
.xoso.me/	1970-01-19 18:22:10	Name: _ga Value: GA1.2.103030735.1558258854

10 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: https://xoso.me/js/xsmn.min.js?v=1554109270(Line 1) Message: push not support or push btn not found
console-api	info	URL: https://cdn.ampproject.org/rtv/011905091827220/amp4ads-v0.js(Line 576) Message: Powered by AMP ⚡ HTML – Version 1905091827220
console-api	error	URL: https://cdn.ampproject.org/rtv/011905091827220/amp4ads-v0.js(Line 159) Message: localStorage not supported.
console-api	info	URL: https://cdn.ampproject.org/rtv/011905091827220/amp4ads-v0.js(Line 576) Message: Powered by AMP ⚡ HTML – Version 1905091827220
console-api	error	URL: https://cdn.ampproject.org/rtv/011905091827220/amp4ads-v0.js(Line 159) Message: localStorage not supported.
console-api	log	URL: https://xoso.me/js/xsmn.min.js?v=1554109270(Line 1) Message: connect_error: {"type":"TransportError","description":{"isTrusted":true}}
console-api	log	URL: https://xoso.me/js/xsmn.min.js?v=1554109270(Line 1) Message: 2000
console-api	log	URL: https://xoso.me/js/xsmn.min.js?v=1554109270(Line 1) Message: updated
console-api	log	URL: https://xoso.me/js/xsmn.min.js?v=1554109270(Line 1) Message: connect_error: {"type":"TransportError","description":{"isTrusted":true}}
console-api	log	URL: https://xoso.me/js/xsmn.min.js?v=1554109270(Line 1) Message: connect_error: {"type":"TransportError","description":{"isTrusted":true}}

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
adservice.google.de
ajax.googleapis.com
amp-error-reporting.appspot.com
apis.google.com
cdn.ampproject.org
cdnjs.cloudflare.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
images.dmca.com
images.xoso.me
js.genieessp.com
pagead2.googlesyndication.com
s3.ketquaveso.com
securepubads.g.doubleclick.net
tpc.googlesyndication.com
www.google-analytics.com
www.google.com
www.googletagservices.com
xoso.me
151.139.242.29
172.217.22.66
210.211.101.203
210.211.101.208
210.211.97.84
2606:4700::6813:c497
2a00:1450:4001:806::2014
2a00:1450:4001:814::2002
2a00:1450:4001:817::2002
2a00:1450:4001:817::200e
2a00:1450:4001:819::200e
2a00:1450:4001:81a::2002
2a00:1450:4001:81b::2001
2a00:1450:4001:81e::2002
2a00:1450:4001:81f::2002
2a00:1450:4001:81f::2003
2a00:1450:4001:81f::200a
2a00:1450:4001:820::2004
2a00:1450:4001:824::200a
2a00:1450:4001:825::2001
61.213.187.172
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
05ca7febbb9f350c88fa88057ddea8ba095ef65bcaaaa1c9c84a3404be43b6c1
0d9fd7ccabde9b202de45ee6b65878ce9594975d8e8810b0878d3f3fa3637d0e
0e835d13892184964b549a4b9996c56b0e14e1599936e5a1a14b36876d5b9150
11c5ead5367a77aa9160542864acd3bc2800cec42143316232b6d82340c80a94
1210ad7a47a5ab764a2db08ff4864ade4abb6a0617525cb25309780f9be5458a
12e74f3af4fd22db96636fa60c2aad25eef70b38b03cf01b0de6af22f317bc6a
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef
1a774f9ff4c82d8feaa8412ed8a2520174ebda464b59bf772967a319d520e3ed
2760113208187011130939bf07ab3e333422e432e1917a333efac9c9bfc16190
2854d1a7a60eaaf973f850aa7303ac2705a26f92011281ac9b41b684796ed5c3
2b83db827fbd3e671aa2f4628103e8da1f4b96c7e935025b8742e5e7098a6b66
328d31c6b53eeab86ddb7a62b413f370cc8b0ac900257ebb6e598989aec431d9
3c0a37d81e11d8af431b12d63de18637a8769ba467dc1645f71c2110838dfc44
3d5094c1d23b5cf90a1e612d406a1c09b89533c889c287e316aa8ec1da3151f0
4e19bd90c2360502b15670968a940819e6fc41597696884ef965967c2885f1bd
5179394c6aa3bb638c90abaf1e107be16df2207890d44f2cb2024f9a3e63c49a
53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2
55accff7b642c2d7a402cbe03c1494c0f14a76bc03dee9d47d219562b6a152a5
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
5d53ad980c61e383ebe6496cebc2d7c618cd128344b2d549b67215d7c9e67522
6bfc4b6f71f13b7c040b1e2415afd5ea0ffbe7b7d3a66dabbb0a51b23d63ed42
6dc5d277e9f2773b1952e8dd36eec49c0b6f1dfbb8b4b53b680c8d0882fcbfb0
76f1ed08e2c40aa2b7a6730b58c945c61b700b19a866434a5ce47a63f430cde6
78c4e8bc80afcf139bd25392b030caf166daba88abad0b23793728e1de009a01
7c6b65789d61bb8afae80679174f1dd496ecc26c8534a580aa735c866e6f17e3
7df4466bb400c547dfc2f68f661c6a972521ead34c8e9105ffc222e12ef58fec
7dff09578729615fcd15c840a32c9f82a33fe2331a851e4ac40be03cb111b3f0
7e7fa886d5d75c745d95be4fc3c5bfb4c988019b3f643c669734612345e1b8c8
825e269f947cbf2ccdb6fe1f1c0e74e50e5dbecedef5042c2c5662744f92e695
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8464f9a28062d00fd300538f9e93fad38faa64b9751db49b28911b9b6cceafdd
89f4a0494cb2ba9dd7fbecaffd34271312c4ecd71a870fd0f69750cd026213e0
92606bd38901e67d069f2ef883715b6e5ae07d72ae3bead3ad92346528374afc
99cc17cbf56482729841d7623e46e4554a999d3828e0afd3241b03a1c2b302a4
9ab6838ef4f3ee36bac5ea8e13f6656d5846e14f5c6af07066a50bbff048b1d7
a0ca626d2c49a254962bf811eea12f76d29e4872563c91b00abeee5ed4fc06d4
a6edff240c857b97df668533c22fae8f946c4475068f63b73155e51c45c4d0f5
b0ba028a853076b0d56890095a662379e160d80a244267fdf638959a2437abeb
b123d3cd853f7cd9c7d7c92b0ca99a37b4fa7e654fca65be5f1a15fd9253635e
b21887e89534a534ec3432df11fc7860ccc86118d1f1c1a54a303ecb7559a38e
b32f1df89c842cfd8c1f1eba28280fde36ef93a1777645baf7d2dd2122dd508e
b7e0fa884143d7d6979dff10731ec09e2dee11f58481f486bda7ee70b0055e88
bc8fd14e678c5376e3e39d62901e3792e927afa77e5e677d03044b992f770ed6
bd9265e706c41cf364cc226eeea4b77dcc188fda93940f4050af552eb553db0f
c485230ae23c490980d10d8e6753b8ee7f8fdc60416e8fb84f5f4c55628fd56b
d3b1ef092c45b1191cb15dbfeb6c7b9cfef1525022df4143036abf8b2eb13a71
d7d387bcc507ef571e7bf75ebba2c86376f606d4bbe7b0a2db81e876654de796
db798d296b529a533608ad27deb384e0247cf762ef44f3e04107ae4bb2be9ba8
dc238bbd3667f2674602973596706b5ef437f7a009e2d51b31341893a3af3e75
de6df3644ecbda16f285c388ab30d251b47eeb685a658c6c4b066194b618335d
dfa3dfb5c96ffccb200f234fe6449d3cd12cf2239f001d99e73e8424bb94d2b5
e287dea12990f0dcdab9bd6e7ff12d3ca9d7bcc4be150a7745f34690d97c146d
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e9799e8d48a2f25cb08a7e8f514fe6bc0d5f8516664853801170985302934ffe
ebcb8527950ba26c670b05d2c61bc460ecd2380d88f5a490f098c8fa19990860
f34ac7dad709c9ba69ac7d7390720dd54fda56151c64e73d9aff4e1186af8510
f775fe0cc24bfc5074c6af17ddb7338478982684735c296b2405108f0de590d1

xoso.me Open in urlscan Pro 210.211.97.84 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

78 Requests

100 %HTTPS

71 %IPv6

15 Domains

21 Subdomains

22 IPs

4 Countries

1038 kBTransfer

2942 kBSize

6 Cookies

5 Outgoing links

Page URL History

Redirected requests

78 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 8 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

xoso.me Open in urlscan Pro
210.211.97.84 Public Scan

Screenshot
Live screenshot

Full Image

78
Requests

100 %
HTTPS

71 %
IPv6

15
Domains

21
Subdomains

22
IPs

4
Countries

1038 kB
Transfer

2942 kB
Size

6
Cookies

78 HTTP transactions
8 data transactions