xsmb1.com Open in urlscan Pro
2a06:98c1:3121::3 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://xsmb1.com/
Submission: On March 17 via api (March 17th 2023, 8:29:29 pm UTC) from US — Scanned from NL

Summary HTTP 106 Redirects Links 20 Behaviour Indicators

Summary

This website contacted 23 IPs in 5 countries across 20 domains to perform 106 HTTP transactions. The main IP is 2a06:98c1:3121::3, located in United States and belongs to CLOUDFLARENET, US. The main domain is xsmb1.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on May 17th 2022. Valid for: a year.

This is the only time xsmb1.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
23	2a06:98c1:312... 2a06:98c1:3121::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
8	2a00:1450:400... 2a00:1450:4001:82a::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:82a::200a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:811::2008	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:82b::2002	15169 (GOOGLE) (GOOGLE)
4	2a03:2880:f01... 2a03:2880:f01c:8012:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
16	2a00:1450:400... 2a00:1450:4001:801::2003	15169 (GOOGLE) (GOOGLE)
2	2001:4860:480... 2001:4860:4802:38::178	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80b::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:806::2002	15169 (GOOGLE) (GOOGLE)
4	2a02:6ea0:c70... 2a02:6ea0:c700::11	60068 (CDN77 ^_^) (CDN77 ^_^)
2	2a03:2880:f11... 2a03:2880:f11c:8183:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
12	2606:4700::68... 2606:4700::6812:a14	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2606:4700:1::... 2606:4700:1::6813:884e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	210.211.99.108 210.211.99.108	38731 (VTDC-AS-V...) (VTDC-AS-VN Vietel - CHT Compamy Ltd)
6	2606:4700::68... 2606:4700::6812:b14	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	69.192.160.199 69.192.160.199	16625 (AKAMAI-AS) (AKAMAI-AS)
2 4	2a02:2638::1c 2a02:2638::1c	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
4	178.250.1.11 178.250.1.11	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	52.17.83.170 52.17.83.170	16509 (AMAZON-02) (AMAZON-02)
3	2a00:1450:400... 2a00:1450:4001:811::2001	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:806::2004	15169 (GOOGLE) (GOOGLE)
106	23

23 2a06:98c1:3121::3 (United States)

ASN13335 (CLOUDFLARENET, US)

xsmb1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
static.xsmb1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
qc.kqbd88.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82a::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:811::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a03:2880:f01c:8012:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 2a00:1450:4001:801::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4860:4802:38::178 (United States)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.nl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:806::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a02:6ea0:c700::11 (Frankfurt am Main, Germany)

ASN60068 (CDN77 ^_^, GB)

img.icons8.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f11c:8183:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2606:4700::6812:a14 (United States)

ASN13335 (CLOUDFLARENET, US)

jsc.adskeeper.co.uk	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
c.adskeeper.co.uk	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn.adskeeper.co.uk	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
servicer.adskeeper.co.uk	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cm.adskeeper.co.uk	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:1::6813:884e (United States)

ASN13335 (CLOUDFLARENET, US)

jsc.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 210.211.99.108 (Ho Chi Minh City, Viet Nam)

ASN38731 (VTDC-AS-VN Vietel - CHT Compamy Ltd, VN)

static.xoso.wap.vn	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2606:4700::6812:b14 (United States)

ASN13335 (CLOUDFLARENET, US)

s-img.adskeeper.co.uk	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.192.160.199 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a69-192-160-199.deploy.static.akamaitechnologies.com

ads.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a02:2638::1c (France) 2 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 178.250.1.11 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

mug.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.17.83.170 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-17-83-170.eu-west-1.compute.amazonaws.com

id.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:811::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:806::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
22	xsmb1.com xsmb1.com static.xsmb1.com	827 KB
18	adskeeper.co.uk jsc.adskeeper.co.uk — Cisco Umbrella Rank: 73723 c.adskeeper.co.uk — Cisco Umbrella Rank: 46957 cdn.adskeeper.co.uk — Cisco Umbrella Rank: 33836 servicer.adskeeper.co.uk — Cisco Umbrella Rank: 73216 s-img.adskeeper.co.uk — Cisco Umbrella Rank: 45810 cm.adskeeper.co.uk — Cisco Umbrella Rank: 83099	234 KB
16	gstatic.com fonts.gstatic.com www.gstatic.com	280 KB
10	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 104 tpc.googlesyndication.com — Cisco Umbrella Rank: 134	249 KB
8	criteo.com 2 redirects gum.criteo.com — Cisco Umbrella Rank: 386 mug.criteo.com — Cisco Umbrella Rank: 2753	3 KB
4	icons8.com img.icons8.com — Cisco Umbrella Rank: 31626	4 KB
4	facebook.net connect.facebook.net — Cisco Umbrella Rank: 147	225 KB
2	crwdcntrl.net id.crwdcntrl.net — Cisco Umbrella Rank: 1424	626 B
2	mgid.com jsc.mgid.com — Cisco Umbrella Rank: 8722	975 B
2	facebook.com www.facebook.com — Cisco Umbrella Rank: 108	253 B
2	google.com adservice.google.com — Cisco Umbrella Rank: 68 www.google.com — Cisco Umbrella Rank: 2	1 KB
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 25	20 KB
2	doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 32	5 KB
2	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 34	2 KB
1	pubmatic.com ads.pubmatic.com — Cisco Umbrella Rank: 457	59 KB
1	wap.vn static.xoso.wap.vn	68 KB
1	kqbd88.com qc.kqbd88.com	1 KB
1	google.nl adservice.google.nl — Cisco Umbrella Rank: 14570	531 B
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 860	329 B
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 42	44 KB
106	20

	Domain	Requested by
16	static.xsmb1.com	xsmb1.com
15	fonts.gstatic.com	fonts.googleapis.com
7	pagead2.googlesyndication.com	xsmb1.com pagead2.googlesyndication.com tpc.googlesyndication.com
6	s-img.adskeeper.co.uk	xsmb1.com
6	xsmb1.com	xsmb1.com static.xsmb1.com
4	mug.criteo.com	xsmb1.com
4	gum.criteo.com	2 redirects
4	jsc.adskeeper.co.uk	static.xsmb1.com jsc.adskeeper.co.uk
4	img.icons8.com	xsmb1.com
4	connect.facebook.net	xsmb1.com connect.facebook.net
3	tpc.googlesyndication.com	pagead2.googlesyndication.com tpc.googlesyndication.com
3	c.adskeeper.co.uk	jsc.adskeeper.co.uk
2	id.crwdcntrl.net	ads.pubmatic.com
2	cm.adskeeper.co.uk	jsc.adskeeper.co.uk
2	servicer.adskeeper.co.uk	jsc.adskeeper.co.uk
2	jsc.mgid.com	static.xsmb1.com
2	www.facebook.com	xsmb1.com
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	googleads.g.doubleclick.net	pagead2.googlesyndication.com
2	fonts.googleapis.com	xsmb1.com client
1	www.google.com	tpc.googlesyndication.com
1	ads.pubmatic.com	jsc.adskeeper.co.uk
1	cdn.adskeeper.co.uk	xsmb1.com
1	static.xoso.wap.vn	xsmb1.com
1	qc.kqbd88.com	static.xsmb1.com
1	www.gstatic.com	xsmb1.com
1	adservice.google.com	pagead2.googlesyndication.com
1	adservice.google.nl	pagead2.googlesyndication.com
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	www.googletagmanager.com	xsmb1.com
106	30

This site contains links to these domains. Also see Links.

Domain
lichvansu.wap.vn
ketquabongda.com
widgets.adskeeper.com
clck.adskeeper.co.uk
xoso.wap.vn
sxmb.vn
lichthidau.com.vn
bongda.wap.vn
www.facebook.com
www.pinterest.com
twitter.com
www.linkedin.com

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-05-17` - `2023-05-16`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-03-02` - `2023-05-25`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-03-02` - `2023-05-25`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-03-02` - `2023-05-25`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2023-01-10` - `2023-03-25`	2 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-03-02` - `2023-05-25`	3 months	crt.sh
*.google.nl GTS CA 1C3	`2023-03-02` - `2023-05-25`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-03-02` - `2023-05-25`	3 months	crt.sh
1004834818.rsc.cdn77.org R3	`2023-02-18` - `2023-05-19`	3 months	crt.sh
*.kqbd88.com GTS CA 1P5	`2023-03-01` - `2023-05-30`	3 months	crt.sh
static.xoso.wap.vn Sectigo RSA Domain Validation Secure Server CA	`2022-06-27` - `2023-06-27`	a year	crt.sh
*.pubmatic.com DigiCert TLS RSA SHA256 2020 CA1	`2023-01-25` - `2024-01-24`	a year	crt.sh
*.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-03-09` - `2023-06-03`	3 months	crt.sh
*.crwdcntrl.net Go Daddy Secure Certificate Authority - G2	`2022-05-01` - `2023-06-02`	a year	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-03-02` - `2023-05-25`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-03-02` - `2023-05-25`	3 months	crt.sh

This page contains 8 frames:

Primary Page: https://xsmb1.com/
Frame ID: F3E65AA509C9E7CBB9EA26464444F65F
Requests: 90 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230315/r20190131/zrt_lookup.html
Frame ID: 8CA3CCC313095C09844AB2BA219E2DCE
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8294080246000107&output=html&adk=1812271804&adf=3025194257&lmt=1679084961&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=260x945_l%7C500x945_r&format=0x0&url=https%3A%2F%2Fxsmb1.com%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1679084960497&bpp=547&bdt=165&idt=666&shv=r20230315&mjsv=m202303140101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=4968247477165&frm=20&pv=2&ga_vid=1509602060.1679084961&ga_sid=1679084961&ga_hid=322086666&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44777876%2C44759875%2C44759926%2C31073099&oid=2&pvsid=522058922162169&tmod=78232909&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=692
Frame ID: 9E56C7ECDC508406F4D39E93EA311296
Requests: 1 HTTP requests in this frame

Frame: https://xsmb1.com/cdn-cgi/challenge-platform/h/g/scripts/alpha/invisible.js?ts=1679083200
Frame ID: 3DAFFFA7F8C2FC20ABE0BA0010B2F7F8
Requests: 3 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: D004D03AF130E1060FE6EC5294976BE3
Requests: 1 HTTP requests in this frame

Frame: https://cm.adskeeper.co.uk/i-noref.js?cbuster=1679084963914174483799
Frame ID: BB40321232728CFD11FFF9C0A775C339
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 9C543D0FD315BBC8D4071F5D4BDF9B55
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: C81121472659AF608F81C1C65C2819CC
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

XSMB - SXMB - XSTD - Kết quả xổ số miền bắc - KQXSMB

Detected technologies

Firebase (Databases) Expand

Overall confidence: 100%
Detected patterns

/(?:([\d.]+)/)?firebase(?:\.min)?\.js
/firebasejs/([\d.]+)/firebase

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

PubMatic (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.pubmatic\.com

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

106
Requests

92 %
HTTPS

82 %
IPv6

20
Domains

30
Subdomains

23
IPs

5
Countries

2024 kB
Transfer

4528 kB
Size

14
Cookies

20 Outgoing links

These are links going to different origins than the main page.

URL: http://lichvansu.wap.vn/
Title: lịch vạn niên

Search URL Search Domain Scan URL

URL: https://ketquabongda.com/
Title: Kết quả bóng đá

Search URL Search Domain Scan URL

URL: https://widgets.adskeeper.com/?utm_source=widget_adskeeper&utm_medium=text&utm_campaign=add&utm_content=1101395

Search URL Search Domain Scan URL

URL: https://clck.adskeeper.co.uk/ghits/14602895/i/57435285/2/pp/1/1?h=kSOFhaCGVMq98QlVFc-a5-ZRd6VCmtdh4AiUe5N-EZ5QP9qD6efvU5MHzsvRjjml3uNVFZtNEdel-Vb8AD1BJA**&rid=67b0b044-c502-11ed-89b0-e43d1a2a96ea&tt=Direct&att=3&cpm=1&gbpp=1&abd=1&iv=11&prid=1&ct=1&gdprApplies=1&st=60&mp4=1&h2=Dx967XgLhs7RWCzofF94NPLLwKxvjQCgXeZO-24sl5s*

Search URL Search Domain Scan URL

URL: https://clck.adskeeper.co.uk/ghits/15629140/i/57435285/2/pp/2/1?h=kSOFhaCGVMq98QlVFc-a54983AYXW-7GGy1BUZ92jR4HNAst2sNy06-ZEWL9HaIUZX0sSc0ew5f14DsVvsnMDQ**&rid=67b0b044-c502-11ed-89b0-e43d1a2a96ea&tt=Direct&att=3&cpm=1&gbpp=1&abd=1&iv=11&prid=1&ct=1&gdprApplies=1&st=60&mp4=1&h2=Dx967XgLhs7RWCzofF94NPLLwKxvjQCgXeZO-24sl5s*

Search URL Search Domain Scan URL

URL: https://clck.adskeeper.co.uk/ghits/14602903/i/57435285/2/pp/3/1?h=kSOFhaCGVMq98QlVFc-a57kx14L1GzG-bKqbhtM2VbUu0amTuYDSM66QZIkhgznvGV6aj6IgLJoJczpsRkSjxw**&rid=67b0b044-c502-11ed-89b0-e43d1a2a96ea&tt=Direct&att=3&cpm=1&gbpp=1&abd=1&iv=11&prid=1&ct=1&gdprApplies=1&st=60&mp4=1&h2=Dx967XgLhs7RWCzofF94NPLLwKxvjQCgXeZO-24sl5s*

Search URL Search Domain Scan URL

URL: https://clck.adskeeper.co.uk/ghits/15265512/i/57435285/2/pp/4/1?h=kSOFhaCGVMq98QlVFc-a55bmwsMgWeQHM_HL6Hw9z0LAlX6l9CAB5dQdbhJMNWrrpjvniYXWQOM3tz4-WsXaUg**&rid=67b0b044-c502-11ed-89b0-e43d1a2a96ea&tt=Direct&att=3&cpm=1&gbpp=1&abd=1&iv=11&prid=1&ct=1&gdprApplies=1&st=60&mp4=1&h2=Dx967XgLhs7RWCzofF94NPLLwKxvjQCgXeZO-24sl5s*

Search URL Search Domain Scan URL

URL: https://widgets.adskeeper.com/?utm_source=widget_adskeeper&utm_medium=text&utm_campaign=add&utm_content=1101390

Search URL Search Domain Scan URL

URL: https://clck.adskeeper.co.uk/ghits/12166266/i/57435280/2/pp/1/1?h=kSOFhaCGVMq98QlVFc-a54ExVwWKHt4WTQKOnFzh-BUgSMPby9u3gAEV9QL7XVlu1AbStSKEUjApZK7AIUBSEw**&rid=67b0c420-c502-11ed-89b0-e43d1a2a96ea&tt=Direct&att=3&cpm=1&gbpp=1&abd=1&iv=11&prid=1&ct=1&gdprApplies=1&st=60&mp4=1&h2=Dx967XgLhs7RWCzofF94NPLLwKxvjQCgXeZO-24sl5s*

Search URL Search Domain Scan URL

URL: https://clck.adskeeper.co.uk/ghits/15629143/i/57435280/2/pp/2/1?h=kSOFhaCGVMq98QlVFc-a53phU0G8-wTa3VyofxBe7JdIDKzP8n6XsBlGgzA4QvnTGI38zvkweG-IuekW17UyoA**&rid=67b0c420-c502-11ed-89b0-e43d1a2a96ea&tt=Direct&att=3&cpm=1&gbpp=1&abd=1&iv=11&prid=1&ct=1&gdprApplies=1&st=60&mp4=1&h2=Dx967XgLhs7RWCzofF94NPLLwKxvjQCgXeZO-24sl5s*

Search URL Search Domain Scan URL

URL: https://xoso.wap.vn/xsmb-ket-qua-xo-so-mien-bac-xstd.html
Title: XSMB

Search URL Search Domain Scan URL

URL: https://xoso.wap.vn/ket-qua-xo-so-mien-nam-xsmn.html
Title: XSMN

Search URL Search Domain Scan URL

URL: https://sxmb.vn/
Title: XSTD

Search URL Search Domain Scan URL

URL: https://lichthidau.com.vn/nhan-dinh-bong-da.html
Title: nhan dinh bong da hom nay

Search URL Search Domain Scan URL

URL: https://lichvansu.wap.vn/lich-am-duong.html
Title: âm lịch

Search URL Search Domain Scan URL

URL: https://bongda.wap.vn/ty-le-bong-da.html
Title: ty le bong da

Search URL Search Domain Scan URL

URL: https://www.facebook.com/xsmb1.comm/

Search URL Search Domain Scan URL

URL: https://www.pinterest.com/xsmb1com/

Search URL Search Domain Scan URL

URL: https://twitter.com/XSMB1_COM

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/in/com-xsmb1-2b1604256/

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 88

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fxsmb1.com%2F&domain=xsmb1.com&cw=1&lsw=1 HTTP 302
https://mug.criteo.com/sid?cpp=V0zrc3x5TVFtTnhXRXNnTzZaYzFWYUhNUHBmYWJBKzFGeXhsWTFtcWpUUHJxaVMwS2ZYc2svaUJYbSt3c0JzaklSQU0vVGQ3eTVUeW1iVlBFcEFMbEJCYy9kSG5XY2Q2d1RYQjQxQUVSMVlFeXd4cjlCSXY3a0x0V25sNlNxUkY5RFpTS3FFM2szTVp3Y0phRDhsSGtXRjVDd0NjYXNrWWpQMnhuZlRYeGFoMHlKVEllcitXZ2pYaXRhcnZ2dmRaRHM1bjB6bW9IbnpRWUdrclJOM3JiMDlGdEtVL29qbzJRNW5EdW95dmpzR1ZsRVRNPXw&cppv=2

Request Chain 91

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fxsmb1.com%2F&domain=xsmb1.com&cw=1&lsw=1 HTTP 302
https://mug.criteo.com/sid?cpp=wkDPxXx1UG5VUkJuV2t6dUVkakNybG9pcTNmV0pNZTB2UTBqb3NhL2RueEpwQzRlVnZGZFZvZHA2UDc3NGVLcHRhZkpGS09SRDVRUzZlaFZnUGtnNzQ3Um9ITFdQWE82aUh4Znk4eGNlbm9BQ0FVVXZKeWZHSUw0OFNpS1luWWxHVlQxWU5FU281VHNWeGNDcDI5VERteFVBcXlVdC9Qc0taaUJkamN5cTFaZEJNNmwzSlkrWXJ1YW9kZlBqalUxSm1QK1VUNHUxa2pENnpIWVhLY0I4L0YzZjV5SU0veXF2SmIxRnBLWFdRNGN5K2tZPXw&cppv=2

106 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
xsmb1.com/ 351 KB
20 KB 548ms
478ms Document
text/html 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://xsmb1.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ff9bcdd5965fb5ca5ee54c895a1666a0eea1394d221202e3b88d8df5525a0f72

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

age: 0
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 7a97fcc71844bb85-FRA
content-encoding: br
content-language: nl-NL
content-type: text/html; charset=UTF-8
date: Fri, 17 Mar 2023 20:29:20 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PXk6540uDXy7pRG7F5W%2BAFz%2Fb8Z1iSL1SpDiz5RLdaKK6oxmy12Q6GaZpauPC0qnp5CuONXKzNNNgAqtlTAA%2B21QlAi18rqCRhO6qR%2B9KZDHiEYs6XVeN3Zs9cTmBcgj6s6KA1Dsj9o%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: User-Agent
via: 1.1 varnish
x-cache: MISS-srv194
x-oracle-dms-ecid: 2ef30fa1-7a17-43ea-adc7-da23900236bc-00641652
x-oracle-dms-rid: 0
x-ua-device: pc
x-varnish: 1120935385

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 142 KB
48 KB 99ms
52ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: xsmb1.com
URL: https://xsmb1.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

117a59881ef5256c2075fc5ba5a84fa4230d60d27d2148604fc4835f8b879360

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://xsmb1.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 17 Mar 2023 20:29:20 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 48544
x-xss-protection: 0
server: cafe
etag: 10239889753537454968
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Fri, 17 Mar 2023 20:29:20 GMT

GET
H2 200 style.css
static.xsmb1.com/css/ 52 KB
9 KB 475ms
451ms Stylesheet
text/css 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.xsmb1.com/css/style.css
Requested by: Host: xsmb1.com
URL: https://xsmb1.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2581ad76872186ba32d49425483ccb4a01a803e7ec58a959046aba7b5d1d00c7

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://xsmb1.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 17 Mar 2023 20:29:20 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Mon, 09 May 2022 07:46:53 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"6278c6ed-cebf"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=V7uP37VYVYJoTkfAAEiXh5szKJmjNRZarj3M4wbf46ip5McHqvxJ%2Bjk9tP%2FpH785DGHoEiXkzVWkSfqkEiVut%2F7uAzXAfijIHZOrrPw0RRoZ%2FaKQRNSbaTexQegQ%2BPfk7bfYCcDKNcnUmBQtAknO"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=2678400
cf-ray: 7a97fcca6e54bb85-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Fri, 24 Mar 2023 20:25:13 GMT

GET
H2 200 glDatePicker.default.css
static.xsmb1.com/css/ 9 KB
2 KB 441ms
418ms Stylesheet
text/css 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.xsmb1.com/css/glDatePicker.default.css
Requested by: Host: xsmb1.com
URL: https://xsmb1.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ed449020b65b29fada541cbeb7211419a95822b958aad9632d8b06df94964b67

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://xsmb1.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 17 Mar 2023 20:29:20 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Mon, 09 May 2022 07:46:53 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"6278c6ed-2251"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NIc1du2JUmJfl6Lex3qNB70h2Y%2BMMHuu99PsAoAcwBl0hBgZsRN%2FZDF8GOyqiFfLDoBBoMm2W%2BOdJENaDuYuXCIHWQF%2FXzXL23%2BHj7Pyf6tW2WiORUrcjO9MuyFHy3784j9ZvRZPFvEQjdJLfozh"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=2678400
cf-ray: 7a97fcca6e53bb85-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Fri, 24 Mar 2023 20:25:13 GMT

GET
H2 200 css
fonts.googleapis.com/ 4 KB
1 KB 95ms
40ms Stylesheet
text/css 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto+Condensed:400,700&subset=vietnamese,latin,latin-ext

Requested by

Host: xsmb1.com
URL: https://xsmb1.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

f1afbf02ff203dd3afa888e73449b44a0ce303f21ece8ee6e8277ec354cc1d63

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://xsmb1.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 17 Mar 2023 20:29:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 17 Mar 2023 20:29:20 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 17 Mar 2023 20:29:20 GMT

GET
H2 200 jquery-1.7.min.js Show response
static.xsmb1.com/js/ 92 KB
33 KB 624ms
602ms Script
application/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.xsmb1.com/js/jquery-1.7.min.js?v=1
Requested by: Host: xsmb1.com
URL: https://xsmb1.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7dd349d9689820cdca94922f9c9dccba2fdf14d309dd3aa08194039cc57bb6f3

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://xsmb1.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 17 Mar 2023 20:29:20 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Mon, 09 May 2022 07:46:55 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"6278c6ef-16f12"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8pTbpclN9aZhwL0cVh9euGQBXRyN0me8twITK3Wq5%2FNJAZoYJWcGXtun4L5%2FJioyu%2BiO9IfFxw%2F2iQ6p4FcRYVxqZzxn95krEMZz5RZV8qKiW4PtlK2OHWMXG%2FBfDAcu3CeFpfl%2FjVC8yVQr1ExN"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=2678400
cf-ray: 7a97fcca6e57bb85-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Fri, 24 Mar 2023 20:25:13 GMT

GET
H2 200 glDatePicker.js Show response
static.xsmb1.com/js/ 28 KB
8 KB 463ms
442ms Script
application/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.xsmb1.com/js/glDatePicker.js
Requested by: Host: xsmb1.com
URL: https://xsmb1.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7414d887e041987c07ceb790235a2e6cc2cc5909e3f0e6aaf38ec5ca34f5edf5

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://xsmb1.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 17 Mar 2023 20:29:20 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Mon, 09 May 2022 07:46:55 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"6278c6ef-6eb3"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MJ0dR0ESMajUJEwQVepvOcDRDtVA09wJs1nWuJ%2BY37kyXTfHa25yQRgV4bSjAuNGIN0lnRNn0zA2w%2BhBjv3HdqjKe%2FrSun%2BocgXePLFl%2B4UADpI2bUQlIeQejAHbEB0QVDz9ClBRYgdUi%2FeKXLJb"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=2678400
cf-ray: 7a97fcca6e59bb85-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Fri, 24 Mar 2023 20:25:13 GMT

GET
H2 200 xsthantai.js Show response
static.xsmb1.com/js/ 5 KB
1 KB 442ms
423ms Script
application/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.xsmb1.com/js/xsthantai.js
Requested by: Host: xsmb1.com
URL: https://xsmb1.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d24c25baae7cea20ac412c14924d522f75c78fe429139de810b21462519aa921

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://xsmb1.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 17 Mar 2023 20:29:20 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Mon, 09 May 2022 07:46:55 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"6278c6ef-141f"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4eDU9vWQntVHSF92%2BVQU7ViKk6QK5v1ieVlOYcdU7uaeBTZli33RAsWfjKpoAEZqj9T%2FNAgUA6ZMciYf57tWMA3a9rX%2BjQl53jk80FMIR%2BivvMstFfCHS%2BVBMb28MKw0CaaP%2BTEhi8kNsATJXUmE"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=2678400
cf-ray: 7a97fcca6e55bb85-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Fri, 24 Mar 2023 20:25:13 GMT

GET
H2 200 ismobile.js Show response
static.xsmb1.com/js/ 5 KB
2 KB 504ms
485ms Script
application/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.xsmb1.com/js/ismobile.js
Requested by: Host: xsmb1.com
URL: https://xsmb1.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9e422bb0d7984fe87783d040c57ffbe112bf631cd6757c1637e8090de687fddd

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://xsmb1.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 17 Mar 2023 20:29:20 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Mon, 09 May 2022 07:46:55 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"6278c6ef-1413"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FGo%2FE467T3Z7Tnnn8hkSgB1AbF8V9E7c9H%2FJVF2q00vECEll9vwHcE%2Fef%2BWbssp%2BnK6SU9tOxL43HL5EpbzZn4mUfNAXK5NpmtEvXY2gpczV1893LYgNy%2Fw1Iew8t9nbz96%2BqN%2FV3eH77pbhkI5c"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=2678400
cf-ray: 7a97fcca6e56bb85-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Fri, 24 Mar 2023 20:25:13 GMT

GET
H2 200 bootstrap.min.css
static.xsmb1.com/css/ 118 KB
20 KB 670ms
652ms Stylesheet
text/css 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.xsmb1.com/css/bootstrap.min.css
Requested by: Host: xsmb1.com
URL: https://xsmb1.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 880de7665b1aaa840303313deca3352af257d55aed4584d5e17f0fbffe0fde01

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://xsmb1.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 17 Mar 2023 20:29:21 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Mon, 09 May 2022 07:46:53 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"6278c6ed-1d9b1"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=p%2BkGFBTiuNAGWZVARszzT6poT25W%2BUEHo8TXLBj%2BRmE%2BJ90h2lyIQgvQDtCHe%2Fl09xNlaiECFTNJdeyMd4JktU1fXZR51QTmFW4UqzV2ZEmCrIiqCyuDpUK1qQLDHZNYg457jD047SbmDMtq324Q"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=2678400
cf-ray: 7a97fcca6e51bb85-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Fri, 24 Mar 2023 20:25:13 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 112 KB
44 KB 96ms
48ms Script
application/javascript 2a00:1450:4001:811::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-75176162-2

Requested by

Host: xsmb1.com
URL: https://xsmb1.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

38c81a6bc46665e0d8a256feb50a93eab7db7aeab4bf7f3d051da55315a5b597

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://xsmb1.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 17 Mar 2023 20:29:21 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 44658
x-xss-protection: 0
last-modified: Fri, 17 Mar 2023 18:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 17 Mar 2023 20:29:21 GMT

GET
H3 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 142 KB
47 KB 82ms
42ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-5650397705160395

Requested by

Host: xsmb1.com
URL: https://xsmb1.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

bfa46fd1167b331cfc669eb03da2c6a3265dcfe7f21a991b1960ae5dbc0fa232

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://xsmb1.com/
Origin: https://xsmb1.com
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 17 Mar 2023 20:29:21 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 48528
x-xss-protection: 0
server: cafe
etag: 4000163613215969407
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Fri, 17 Mar 2023 20:29:21 GMT

GET
H2 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202303140101/ 350 KB
117 KB 62ms
60ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202303140101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-8294080246000107&plah=xsmb1.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

57a782fe52ca48eda3ce791e4d1f3866f02fdc75395d3f355e5a54c40e623d19

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://xsmb1.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 17 Mar 2023 20:29:21 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 119661
x-xss-protection: 0
server: cafe
etag: 12607427882245339546
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Fri, 17 Mar 2023 20:29:21 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230315/r20190131/ Frame 8CA3 10 KB
5 KB 68ms
18ms Document
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230315/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ca070dfc7785775cbf5cce16064029ee534259de42c6d9de10e476e710000e93

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://xsmb1.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

age: 78233
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4549
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 16 Mar 2023 22:45:27 GMT
etag: 2378337311435320485
expires: Thu, 30 Mar 2023 22:45:27 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 xsmb-mxh-icon-google.png
static.xsmb1.com/images/ 2 KB
2 KB 407ms
405ms Image
image/png 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.xsmb1.com/images/xsmb-mxh-icon-google.png
Requested by: Host: xsmb1.com
URL: https://xsmb1.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 340eabc2a7ab4875f5dee7bb25cded5f5ddec3e900dd452777b7be63e89b4292

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://xsmb1.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 17 Mar 2023 20:29:21 GMT
cf-cache-status: MISS
last-modified: Mon, 09 May 2022 07:46:55 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "6278c6ef-62a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RiiW0SNc%2FBA7LaUFMGr6EO2GNmoQP4fxO38LjyazdjeuCqh3eGgqRjzm5IcVr6b2lba9kAD%2B0vnxi8uxiAx32AxkU3hjeZ0EKjb0sooKVSymJP7CKWeSUiw%2B7bUXl9KVm0favp%2BNsKfhm6utPkl1"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=2678400
accept-ranges: bytes
cf-ray: 7a97fcce9da6bb85-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1578
expires: Fri, 24 Mar 2023 20:25:13 GMT

GET
H2 200 xsmb-mxh-icon-face.png
static.xsmb1.com/images/ 1 KB
2 KB 453ms
452ms Image
image/png 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.xsmb1.com/images/xsmb-mxh-icon-face.png
Requested by: Host: xsmb1.com
URL: https://xsmb1.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 361239aeba0a3d4892786490dc32023a1519f6e682469e6aeb829c9d7d1bde5e

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://xsmb1.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 17 Mar 2023 20:29:21 GMT
cf-cache-status: MISS
last-modified: Mon, 09 May 2022 07:46:55 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "6278c6ef-5c0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DxtTAyIWDv0r3M9JZkMxFtoxYWigQilFTJ5n5HDzFsmtBonjR6tYMvw2Jr6bxzYCsk0m8Z61D1%2BOdITGfYYXWmYAcWO61eqmSqd%2FAVz3Lz7kC%2FxSE0uR5APhVPB1ttr%2FmLONcsUVWkoJ8y3Vci%2B2"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=2678400
accept-ranges: bytes
cf-ray: 7a97fcce9dabbb85-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1472
expires: Fri, 24 Mar 2023 20:25:13 GMT

GET
H2 200 xsmb1-logo.png
static.xsmb1.com/images/ 14 KB
15 KB 642ms
640ms Image
image/png 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.xsmb1.com/images/xsmb1-logo.png
Requested by: Host: xsmb1.com
URL: https://xsmb1.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8722172093266e44847fc4b60da4a4c94f740f7ae04eb34307e3d1b1a5afec6d

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://xsmb1.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 17 Mar 2023 20:29:21 GMT
cf-cache-status: MISS
last-modified: Wed, 18 May 2022 08:47:21 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "6284b299-3951"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=86qXiFGbXkjIZ6dbm8yhkuTWBBvDGYikM2RYX8jSBhLAmzo8lxN3GVr%2FRIASFqjXmqGixj1j5bv48vu7ADjIl8vGoPhEBSe%2BMBvBLqudTJb1A1A0w20nZNmKYHb%2FQXTIAcj60rxNYbpf1HT1H811"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=2678400
accept-ranges: bytes
cf-ray: 7a97fcce9dadbb85-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 14673
expires: Fri, 24 Mar 2023 20:25:13 GMT

GET
H2 200 xsmb-icon-list.png
static.xsmb1.com/images/ 1 KB
2 KB 459ms
457ms Image
image/png 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.xsmb1.com/images/xsmb-icon-list.png
Requested by: Host: xsmb1.com
URL: https://xsmb1.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6e5ef5b3c3f306713e18112a770cd89bbbd16063641cfcd520e40bcf61408a7e

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://xsmb1.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 17 Mar 2023 20:29:21 GMT
cf-cache-status: MISS
last-modified: Mon, 09 May 2022 07:46:55 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "6278c6ef-4de"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kDvpXqiUa0lDaawgo%2B3d2zDMZZrnILdqIYGrnhmn7dYLjPeR44yjFUMKwVWH%2BSEx0SEAJKfLk94QIomx78U55dcrC5fQpi5tHKShFbnN13QEk2CX22sdYmu2Xsu00VfJsbYXElfdHZeN2xS23C5h"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=2678400
accept-ranges: bytes
cf-ray: 7a97fcce9db0bb85-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1246
expires: Fri, 24 Mar 2023 20:25:13 GMT

GET
H2 200 xsmb-icon-list.png
xsmb1.com/images/ 1 KB
2 KB 460ms
458ms Image
image/png 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://xsmb1.com/images/xsmb-icon-list.png
Requested by: Host: xsmb1.com
URL: https://xsmb1.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6e5ef5b3c3f306713e18112a770cd89bbbd16063641cfcd520e40bcf61408a7e

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://xsmb1.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 17 Mar 2023 20:29:21 GMT
via: 1.1 varnish
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-cache: MISS-srv194
x-oracle-dms-rid: 0
x-ua-device: pc
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1246
last-modified: Mon, 09 May 2022 07:46:55 GMT
server: cloudflare
vary: User-Agent, Accept-Encoding
x-oracle-dms-ecid: 2ef30fa1-7a17-43ea-adc7-da23900236bc-00641653
x-varnish: 1120935399
content-type: image/png
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2E3R955v3BJ6nrdCShsCwrJ49VYemPwwOsHaBqGFoJ5%2FJPP9bgoKa4Mj2oTX5ROHJ8ixlO77cQLYsLd1VXowsxepdZgbXnON92Y6qSTis9a0RSfbcjTFZRiHqedrUoNwWT0jkWp%2BQGY%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=2678400
accept-ranges: bytes
cf-ray: 7a97fcce9db2bb85-FRA

GET
H2 200 xsmb-icon-list-xam.png
static.xsmb1.com/images/ 1 KB
2 KB 449ms
448ms Image
image/png 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.xsmb1.com/images/xsmb-icon-list-xam.png
Requested by: Host: xsmb1.com
URL: https://xsmb1.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ce2af78568d223fb64e11bad152ac76f6f3da732d06d38ee05e71931ee59e959

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://xsmb1.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 17 Mar 2023 20:29:21 GMT
cf-cache-status: MISS
last-modified: Mon, 09 May 2022 07:46:55 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "6278c6ef-4f8"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AH6GZ6lPXBT4bF2Rb90%2FEsch3WzciS0FUCUCdwFHf5XLUry5yC9%2F%2FYJ0dJV8oMv5auy4ib5E9CqSgSm2BX8DvHnXwNVx4%2F%2BG9Ov4VzWuRzLN9FHXggb1D3KjDR5pP5ySPSjG0%2BAUJrZjjwXqxrcV"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=2678400
accept-ranges: bytes
cf-ray: 7a97fcce9db3bb85-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1272
expires: Fri, 24 Mar 2023 20:25:13 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 107 KB
28 KB 72ms
20ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: xsmb1.com
URL: https://xsmb1.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

0a19fce040b8127f3e2e3ed609f7800153be329d6420b53295fb79a4f40012ec

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://xsmb1.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Fri, 17 Mar 2023 20:29:21 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 27907
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: aNu6C9bbiK/gTHgNU+E3S0gaofOA3fCOokptgY0kVLk4WzuMX/TdzNn++C+f5AkS5bm5GhVQ1gQdbbGLQcrwkw==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-trip-id: 686109401
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 sdk.js Show response
connect.facebook.net/en_US/ 3 KB
2 KB 72ms
21ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js

Requested by

Host: xsmb1.com
URL: https://xsmb1.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

89e6a57b279f6b8a0bb73bc8dc0c529e5e54a3c55f5bc299336dfdb28fb760d9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://xsmb1.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Fri, 17 Mar 2023 20:29:21 GMT
content-md5: phOFytGXGEqvnG53qb+2gw==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 1686
x-fb-rlafr: 0
x-fb-debug: QYM+sQaqtIjaT2hCWOokT6Tmg6jEqRxfCQSv2mTlmWLcQDarzj6X3i5j0/oJ0XJ6WFc4NKcnixl38tYhW9Hx5Q==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-trip-id: 686109401
x-fb-content-md5: 73114a9bcc96e4a451e0f47aac61c798
cross-origin-opener-policy: same-origin-allow-popups
etag: "d523bd8fcc5559775f225dec456c10fd"
vary: Accept-Encoding
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
x-frame-options: DENY
timing-allow-origin: *
expires: Fri, 17 Mar 2023 20:45:25 GMT

GET
H2 200 ieVi2ZhZI2eCN5jzbjEETS9weq8-32meGCQYbw.woff2
fonts.gstatic.com/s/robotocondensed/v25/ 15 KB
15 KB 76ms
27ms Font
font/woff2 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/robotocondensed/v25/ieVi2ZhZI2eCN5jzbjEETS9weq8-32meGCQYbw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto+Condensed:400,700&subset=vietnamese,latin,latin-ext

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e79c1c1a140e6afb861074c70392db54cc65a06050de2a69162ab94eb95b0516

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://xsmb1.com
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 16 Mar 2023 20:14:15 GMT
x-content-type-options: nosniff
age: 87306
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15660
x-xss-protection: 0
last-modified: Tue, 19 Apr 2022 18:42:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 15 Mar 2024 20:14:15 GMT

GET
H2 200 ieVi2ZhZI2eCN5jzbjEETS9weq8-32meGCoYb8td.woff2
fonts.gstatic.com/s/robotocondensed/v25/ 11 KB
12 KB 67ms
27ms Font
font/woff2 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/robotocondensed/v25/ieVi2ZhZI2eCN5jzbjEETS9weq8-32meGCoYb8td.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto+Condensed:400,700&subset=vietnamese,latin,latin-ext

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b7eaf0683081d1ec178eafefff2c407475fe4e69e0d7104e0121f72dcdd1c4d2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://xsmb1.com
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 16 Mar 2023 09:34:18 GMT
x-content-type-options: nosniff
age: 125703
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11760
x-xss-protection: 0
last-modified: Tue, 19 Apr 2022 19:07:19 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 15 Mar 2024 09:34:18 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 45ms
12ms Script
text/javascript 2001:4860:4802:38::178
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-75176162-2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4860:4802:38::178 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://xsmb1.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Fri, 17 Mar 2023 19:14:20 GMT
last-modified: Tue, 10 Jan 2023 21:29:14 GMT
server: Golfe2
age: 4501
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20085
expires: Fri, 17 Mar 2023 21:14:20 GMT

GET
H2 200 ieVi2ZhZI2eCN5jzbjEETS9weq8-32meGCsYb8td.woff2
fonts.gstatic.com/s/robotocondensed/v25/ 5 KB
6 KB 20ms
19ms Font
font/woff2 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/robotocondensed/v25/ieVi2ZhZI2eCN5jzbjEETS9weq8-32meGCsYb8td.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto+Condensed:400,700&subset=vietnamese,latin,latin-ext

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bf3fbb19e9654fa5727bc1312cd4b8bd54d23adb70168da4315cead4666f7dc8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://xsmb1.com
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 17 Mar 2023 13:49:13 GMT
x-content-type-options: nosniff
age: 24008
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5564
x-xss-protection: 0
last-modified: Tue, 19 Apr 2022 19:11:49 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 16 Mar 2024 13:49:13 GMT

GET
H2 200 711118155699068 Show response
connect.facebook.net/signals/config/ 377 KB
108 KB 360ms
360ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/711118155699068?v=2.9.99&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

d569db18093c3af73cc6ce00bf66509f7e75d26b1e72851eb4c21c925bd6edec

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://xsmb1.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Fri, 17 Mar 2023 20:29:21 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: E/RyTzj3fNFk697wz9uM+o0EiO4GOynEXIDcMV+ApCHhl8r8wwzt5VPOUMPVx8o7dHhdZ15mtVX/t5aDU1E5lA==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-trip-id: 686109401
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 385 B
329 B 29ms
28ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=xsmb1.com&callback=_gfp_s_&client=ca-pub-8294080246000107

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202303140101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-8294080246000107&plah=xsmb1.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

abeb1cd666eb4b7ecdb9bf86eca28358007a74ea2bed6d00e59e30b703ce6668

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://xsmb1.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 17 Mar 2023 20:29:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 251
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.nl/adsid/ 107 B
531 B 92ms
29ms Script
application/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.nl/adsid/integrator.js?domain=xsmb1.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://xsmb1.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 17 Mar 2023 20:29:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
456 B 76ms
28ms Script
application/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=xsmb1.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://xsmb1.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 17 Mar 2023 20:29:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 403 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 9E56 603 B
218 B 189ms
188ms Document
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8294080246000107&output=html&adk=1812271804&adf=3025194257&lmt=1679084961&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=260x945_l%7C500x945_r&format=0x0&url=https%3A%2F%2Fxsmb1.com%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1679084960497&bpp=547&bdt=165&idt=666&shv=r20230315&mjsv=m202303140101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=4968247477165&frm=20&pv=2&ga_vid=1509602060.1679084961&ga_sid=1679084961&ga_hid=322086666&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44777876%2C44759875%2C44759926%2C31073099&oid=2&pvsid=522058922162169&tmod=78232909&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=692

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://xsmb1.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 46
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 17 Mar 2023 20:29:21 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 sdk.js Show response
connect.facebook.net/en_US/ 306 KB
87 KB 52ms
26ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js?hash=c2d3050bcb945782cf124ff01e142eb0

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

d24b88360a063b70e1b96a3d30a70d9df99dc80733d855dd6c0a4d608cff22da

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://xsmb1.com/
Origin: https://xsmb1.com
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Fri, 17 Mar 2023 20:29:21 GMT
content-md5: wZFHg9PP4CcwFmLNFLtvsg==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 88587
x-fb-rlafr: 0
x-fb-debug: Au6N+twvcio9ADR2hfLlsbx7Or03unWB5hGv6W1boZla5lvavZSjCB7OD+OYLqSDmlMbH4dJpfMcYHIsvh++hg==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-content-md5: e20987ec9700b6c55529b1e359446f17
cross-origin-opener-policy: same-origin-allow-popups
etag: "434cc1ee3aa52a4d2d25890929fda303"
vary: Accept-Encoding
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
x-frame-options: DENY
timing-allow-origin: *
priority: u=3,i
expires: Sat, 16 Mar 2024 18:24:21 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 1 B
202 B 17ms
16ms XHR
text/plain 2001:4860:4802:38::178
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j99&a=322086666&t=pageview&_s=1&dl=https%3A%2F%2Fxsmb1.com%2F&ul=en-us&de=UTF-8&dt=XSMB%20-%20SXMB%20-%20XSTD%20-%20K%E1%BA%BFt%20qu%E1%BA%A3%20x%E1%BB%95%20s%E1%BB%91%20mi%E1%BB%81n%20b%E1%BA%AFc%20-%20KQXSMB&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YAhAAUABAAAAACAAI~&jid=1168806750&gjid=288516772&cid=1509602060.1679084961&tid=UA-75176162-2&_gid=557862081.1679084961&_r=1&gtm=457e33f0&z=1192188466

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4860:4802:38::178 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://xsmb1.com/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 17 Mar 2023 20:29:21 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://xsmb1.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 du-doan-xsmb-ngay-17-3-2023-thu-6-hom-nay_1753833843886762342.jpg
static.xsmb1.com/upload/images/news/ 231 KB
231 KB 240ms
239ms Image
image/jpeg 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.xsmb1.com/upload/images/news/du-doan-xsmb-ngay-17-3-2023-thu-6-hom-nay_1753833843886762342.jpg
Requested by: Host: xsmb1.com
URL: https://xsmb1.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 207b4dc79c1d2d4f2b4c64e85d02bce467e1ad692724eb3e47fd574c9e6cfa07

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://xsmb1.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 17 Mar 2023 20:29:22 GMT
cf-cache-status: REVALIDATED
last-modified: Thu, 16 Mar 2023 02:09:37 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "64127a61-39b5e"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=T4YjAhIhyB10hOwidrRuYj%2FpA2y0IbCGp2BQk4Dlsg0vcQUXARJPBl%2BueVpiIifLaB60bkhzdN6M3%2F7mmORC3aJShEGoU3INreBfJcZRBK7BdNo%2BkIfMCKTrrM6mQyYHcsD3vQcWeNGNIyxT6tdZ"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=2678400
accept-ranges: bytes
cf-ray: 7a97fcd32db39001-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 236382

GET
H3 200 du-doan-xsmb-ngay-16-3-2023-thu-5-hom-nay_2145625309895445233.jpg
static.xsmb1.com/upload/images/news/ 238 KB
238 KB 788ms
788ms Image
image/jpeg 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.xsmb1.com/upload/images/news/du-doan-xsmb-ngay-16-3-2023-thu-5-hom-nay_2145625309895445233.jpg
Requested by: Host: xsmb1.com
URL: https://xsmb1.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d11a6072df58f67c1c47b71e5353d3e9e60eef3e71aa636cb771f0dfabb80d75

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://xsmb1.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 17 Mar 2023 20:29:22 GMT
cf-cache-status: MISS
last-modified: Wed, 15 Mar 2023 03:11:32 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "64113764-3b678"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YPps4jIMeupWYc3xd%2FUQ3NaRTVm6Bz32C2OOxbn4LTaWOXKe%2BEpfh4ZMfaWZx6H0H0ZWAnl%2FaHWAK1VMyQNr88NyvmLRXZ%2FQZ6PYw8C1SbI3yPsTopC4qiRVZdiH17T9lATZ7EY0SDLiN4pwzsI9"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=2678400
accept-ranges: bytes
cf-ray: 7a97fcd32db79001-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 243320

GET
H3 200 du-doan-xsmb-ngay-15-3-2023-thu-4-hom-nay_80613099163377237.jpg
static.xsmb1.com/upload/images/news/ 220 KB
221 KB 810ms
809ms Image
image/jpeg 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.xsmb1.com/upload/images/news/du-doan-xsmb-ngay-15-3-2023-thu-4-hom-nay_80613099163377237.jpg
Requested by: Host: xsmb1.com
URL: https://xsmb1.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6920066b5959704db1374491cfd7f94f719acb687f8fa641750a2c01147592e1

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://xsmb1.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 17 Mar 2023 20:29:22 GMT
cf-cache-status: MISS
last-modified: Tue, 14 Mar 2023 02:19:33 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "640fd9b5-37138"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=A7tqEdyYb0giADDnbeKyeAnpY8sa9rH%2BcY3Ols2uxOmcBTEvqQqwMuMQq7kR25CHXQITXw5dY74NZFdB8xJ%2BemOnvxTAMWYxIkED2ZiZ0sh3xoWSHCZLuMX%2FZYS6YamXZDHLI0EtZKR1PcOdfDdB"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=2678400
accept-ranges: bytes
cf-ray: 7a97fcd32dbd9001-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 225592

GET
H2 200 facebook-new.png
img.icons8.com/officexs/16/000000/ 516 B
999 B 88ms
27ms Image
image/png 2a02:6ea0:c700::11
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.icons8.com/officexs/16/000000/facebook-new.png

Requested by

Host: xsmb1.com
URL: https://xsmb1.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6ea0:c700::11 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),

Reverse DNS

Software

CDN77-Turbo /

Resource Hash

c0fe225d3c1402cd8de94163dc5ebd015889d1336e9660325325c15614cfbf3c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://xsmb1.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Fri, 17 Mar 2023 20:29:21 GMT
strict-transport-security: max-age=15724800; includeSubDomains
version: 0.0.29
icon-format: png
x-cache: HIT
x-77-cache: HIT
x-age: 163456
content-length: 516
x-77-nzt: AcO1rgVm4cH/gH4CAA
x-accel-expires: @1679223905
not-found-platform: false
icon-size: 16
last-modified: Thu, 09 Mar 2023 11:47:37
from-mongo-cache: false
server: CDN77-Turbo
x-77-nzt-ray: 25b02131d480504ea1cd146409bf5c32
vary: Origin
from-redis-cache: false
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=302400
accept-ranges: bytes
icon-id: qwzAoTEWRtn7

GET
H2 200 pinterest.png
img.icons8.com/officexs/16/000000/ 605 B
1 KB 89ms
29ms Image
image/png 2a02:6ea0:c700::11
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.icons8.com/officexs/16/000000/pinterest.png

Requested by

Host: xsmb1.com
URL: https://xsmb1.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6ea0:c700::11 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),

Reverse DNS

Software

CDN77-Turbo /

Resource Hash

492f416182c343648a35c4f704bb621a9bffc596f67580ffff3df88bf9e5e183

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://xsmb1.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Fri, 17 Mar 2023 20:29:21 GMT
strict-transport-security: max-age=15724800; includeSubDomains
version: 0.0.29
icon-format: png
x-cache: HIT
x-77-cache: HIT
x-age: 149699
content-length: 605
x-77-nzt: AcO1rgX9BE3/w0gCAA
x-accel-expires: @1679237662
not-found-platform: false
icon-size: 16
last-modified: Thu, 16 Mar 2023 00:45:03
from-mongo-cache: false
server: CDN77-Turbo
x-77-nzt-ray: 25b02131d480504ea1cd14643bff6132
vary: Origin
from-redis-cache: true
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=302400
accept-ranges: bytes
icon-id: TH_37MlgSpXF

GET
H2 200 twitter.png
img.icons8.com/officexs/16/000000/ 409 B
891 B 90ms
30ms Image
image/png 2a02:6ea0:c700::11
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.icons8.com/officexs/16/000000/twitter.png

Requested by

Host: xsmb1.com
URL: https://xsmb1.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6ea0:c700::11 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),

Reverse DNS

Software

CDN77-Turbo /

Resource Hash

c76d908cc168309691a5344f8f55217683285581e667d6a2f87a94661a4f29cc

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://xsmb1.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Fri, 17 Mar 2023 20:29:21 GMT
strict-transport-security: max-age=15724800; includeSubDomains
version: 0.0.29
icon-format: png
x-cache: HIT
x-77-cache: HIT
x-age: 163456
content-length: 409
x-77-nzt: AcO1rgW1FbL/gH4CAA
x-accel-expires: @1679223905
not-found-platform: false
icon-size: 16
last-modified: Wed, 15 Mar 2023 22:37:06
from-mongo-cache: true
server: CDN77-Turbo
x-77-nzt-ray: 25b02131d480504ea1cd146468096732
vary: Origin
from-redis-cache: false
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=302400
accept-ranges: bytes
icon-id: OucUKTHZvuzz

GET
H2 200 linkedin.png
img.icons8.com/officexs/16/000000/ 232 B
714 B 90ms
31ms Image
image/png 2a02:6ea0:c700::11
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.icons8.com/officexs/16/000000/linkedin.png

Requested by

Host: xsmb1.com
URL: https://xsmb1.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6ea0:c700::11 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),

Reverse DNS

Software

CDN77-Turbo /

Resource Hash

daedf9178a7d062112a0b0fcf32be112c08e8762036d107433188548c143c7e8

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://xsmb1.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Fri, 17 Mar 2023 20:29:21 GMT
strict-transport-security: max-age=15724800; includeSubDomains
version: 0.0.29
icon-format: png
x-cache: HIT
x-77-cache: HIT
x-age: 163456
content-length: 232
x-77-nzt: AcO1rgWBfEj/gH4CAA
x-accel-expires: @1679223905
not-found-platform: false
icon-size: 16
last-modified: Wed, 15 Mar 2023 22:55:56
from-mongo-cache: true
server: CDN77-Turbo
x-77-nzt-ray: 25b02131d480504ea1cd14644df56b32
vary: Origin
from-redis-cache: false
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=302400
accept-ranges: bytes
icon-id: tvG-nQ3s2hZL

GET
H2 200 firebase.js Show response
www.gstatic.com/firebasejs/4.8.0/ 386 KB
114 KB 81ms
20ms Script
text/javascript 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/firebasejs/4.8.0/firebase.js

Requested by

Host: xsmb1.com
URL: https://xsmb1.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

247a64693b38ff04db57ff8b3b5fc308e593957d0bea794ab66aa2a47e3536ca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://xsmb1.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 16 Mar 2023 15:07:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 105722
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 115815
x-xss-protection: 0
last-modified: Thu, 07 Dec 2017 23:35:31 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="firebase-js"
vary: Accept-Encoding
report-to: {"group":"firebase-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/firebase-js"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 15 Mar 2024 15:07:19 GMT

GET
H3 200 ads.js Show response
static.xsmb1.com/js/ 3 KB
2 KB 476ms
476ms Script
application/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.xsmb1.com/js/ads.js?v=4
Requested by: Host: xsmb1.com
URL: https://xsmb1.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 14f7199342f507c75d398d327ad7d65b07d80d7b0cb06ac31dd956dbfd0574c4

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://xsmb1.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 17 Mar 2023 20:29:22 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Sun, 27 Nov 2022 03:08:35 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"6382d4b3-aec"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RTqUnsPfVl%2FmQgH1YF3yuBAS54vy87AGr56ilVC3IkZz4VADVsOWPYk%2BKY1dcjqG6N%2FiUBCFfNxjrITkrjnQq2V%2BcwPR141pWFs%2B9TKLP3uh1HlweKYjfAVl%2BSG1ec4%2F%2BS%2BB%2BjW4YksVmPzyW8xp"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=2678400
cf-ray: 7a97fcd35e079001-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Fri, 24 Mar 2023 20:25:14 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
185 B 72ms
20ms Image
text/plain 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=711118155699068&ev=PageView&dl=https%3A%2F%2Fxsmb1.com%2F&rl=&if=false&ts=1679084961860&sw=1600&sh=1200&v=2.9.99&r=stable&ec=0&o=30&cs_est=true&fbp=fb.1.1679084961858.953561097&it=1679084961155&coo=false&rqm=GET

Requested by

Host: xsmb1.com
URL: https://xsmb1.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://xsmb1.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Fri, 17 Mar 2023 20:29:21 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H3 200 live.htm Show response
xsmb1.com/ajax/ 52 B
628 B 239ms
239ms XHR
text/html 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://xsmb1.com/ajax/live.htm?r=MB&_=1679084962291
Requested by: Host: static.xsmb1.com
URL: https://static.xsmb1.com/js/jquery-1.7.min.js?v=1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 575a88cd7a18108bb0a0980fed622d9e85f2a0131314fbd6cdf86c2ecfa432de

Request headers

Accept: text/plain, */*; q=0.01
Referer: https://xsmb1.com/
X-Requested-With: XMLHttpRequest
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 17 Mar 2023 20:29:22 GMT
via: 1.1 varnish
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 0
x-cache: MISS-srv194
x-oracle-dms-rid: 0
x-ua-device: pc
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
server: cloudflare
vary: User-Agent
x-oracle-dms-ecid: 2ef30fa1-7a17-43ea-adc7-da23900236bc-00641655
content-language: nl-NL
x-varnish: 1120935428
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4ebI4lVazM2UiGi9BSHZLe6Zvbdk0XV4HpbwxN4AScRIeaKKfyPKqFVl6BFNgph49p0KIJ1Lmd3H6nxKIBG1%2BV4fFnU8vStOPcHxu%2FK8xVu9LC62p66Js%2FzhHTsLVBF5a1Ij51gXFqk%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=UTF-8
cf-ray: 7a97fcd6699b9001-FRA

GET
H2 200 get_ads.htm Show response
qc.kqbd88.com/ads.api/ 4 KB
1 KB 608ms
546ms XHR
application/json 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://qc.kqbd88.com/ads.api/get_ads.htm?domain=xsmb&page=0&kieu=pc&trangthai=1&_=1679084962292
Requested by: Host: static.xsmb1.com
URL: https://static.xsmb1.com/js/jquery-1.7.min.js?v=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a52a2a76c890b60c9db5d5a18370cc26e7eede0f4b0ac1df91bc49a3b54fc6aa

Request headers

Accept: text/plain, */*; q=0.01
Referer: https://xsmb1.com/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 17 Mar 2023 20:29:22 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6J0u%2FB%2FPxDklEAo0kv%2BdLOotDYOzmU6xuNkG5LouPLIMeA3fF31gyFnH35KEXU3akSP17beZr2usTN2b18wv1MtmQ1otO4B1Z1cc0e5numu0cIJMFWNY%2B3%2B4SRZ1z5HF9Iq4BtOvzUmnzOer"}],"group":"cf-nel","max_age":604800}
x-oracle-dms-ecid: 8ce89baf-22c9-4e49-8917-6f00ad48570e-0167e68e
x-oracle-dms-rid: 0
access-control-allow-origin: *
content-type: application/json; charset=UTF-8
cf-ray: 7a97fcd6cb8f39da-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 invisible.js Show response
xsmb1.com/cdn-cgi/challenge-platform/h/g/scripts/alpha/ Frame 3DAF 25 KB
11 KB 28ms
27ms Script
application/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://xsmb1.com/cdn-cgi/challenge-platform/h/g/scripts/alpha/invisible.js?ts=1679083200
Requested by: Host: xsmb1.com
URL: https://xsmb1.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d03b70a463db165b3fe59f2a48f8d506720865af913a9e265d9918f6f88b5dea

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 17 Mar 2023 20:29:22 GMT
content-encoding: br
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: accept-encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yZ%2BlTfG%2B2X970Z6rHDFPbkkcfsK%2Bxe%2FCyIajooIPQvl5hBN%2BhjtTjH4GCgYrYJsDCeHmOI2fvnOvnb8UpQJl%2FNit0xjcClTWrTbfawmG6W7A4AP7HZ3sErw468CGf44tcVBbtitZ21A%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: max-age=14400, public
x-control-type-options: nosniff
cf-ray: 7a97fcd669a69001-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 pica.js
xsmb1.com/cdn-cgi/challenge-platform/h/g/scripts/ Frame 3DAF 7 KB
4 KB 24ms
24ms Other
application/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://xsmb1.com/cdn-cgi/challenge-platform/h/g/scripts/pica.js
Requested by: Host: xsmb1.com
URL: https://xsmb1.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2ec492f62e2166d2bcb25bd011835ed8e6ad017ec9bb583b0d6b87111fbf9310

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 17 Mar 2023 20:29:22 GMT
content-encoding: br
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: accept-encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ganRlR4llRvPL1QiDMONHXM0Z4iI%2Fh67bMfVXs8MrF4nEbD86B%2FUdh9t4myzq8eITL%2BSThRJMNseqRMmCGGxQMTOczwbCBKwnoVCNu2AWEI2t%2BTcGPP8Mu1QjJkrHYkASBfpQ%2BEqpx8%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: max-age=14400, public
x-control-type-options: nosniff
cf-ray: 7a97fcd6a9e39001-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

POST
H2 200 / Show response
www.facebook.com/tr/ Frame D004 0
68 B 20ms
20ms Document
text/plain 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Requested by

Host: xsmb1.com
URL: https://xsmb1.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Content-Type: application/x-www-form-urlencoded
Origin: https://xsmb1.com
Referer: https://xsmb1.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-origin: https://xsmb1.com
alt-svc: h3=":443"; ma=86400
content-length: 0
content-type: text/plain
cross-origin-resource-policy: cross-origin
date: Fri, 17 Mar 2023 20:29:22 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains

POST
H3 200 7a97fcc71844bb85 Show response
xsmb1.com/cdn-cgi/challenge-platform/h/g/cv/result/ Frame 3DAF 2 B
653 B 48ms
47ms XHR
text/plain 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://xsmb1.com/cdn-cgi/challenge-platform/h/g/cv/result/7a97fcc71844bb85
Requested by: Host: xsmb1.com
URL: https://xsmb1.com/cdn-cgi/challenge-platform/h/g/scripts/alpha/invisible.js?ts=1679083200
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-Type: application/json

Response headers

date: Fri, 17 Mar 2023 20:29:22 GMT
content-encoding: br
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5J06U8B7ISY6a4z%2FeFtDsjqeQR9YhbEImYNcwNDSWrbYza6dYbAD9TBXGZtWOgvdgE%2BdJgdJVAXKun7T%2FbR8zBxFOe6GKQPB2x%2FI%2BPAJ1fyQElmyMfEZLaSQi8tmbLnXMOg407l9%2FrI%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/plain; charset=UTF-8
cf-ray: 7a97fcd7fb8d9001-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 xsmb.vn.1101395.js Show response
jsc.adskeeper.co.uk/x/s/ 3 KB
1 KB 298ms
235ms Script
text/javascript 2606:4700::6812:a14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://jsc.adskeeper.co.uk/x/s/xsmb.vn.1101395.js?_=1679084962903
Requested by: Host: static.xsmb1.com
URL: https://static.xsmb1.com/js/jquery-1.7.min.js?v=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:a14 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7d575744fbbd2500e185a769db715edeb9278f5d4486b456868c04f3e735c052

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://xsmb1.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 17 Mar 2023 20:29:23 GMT
content-encoding: gzip
x-amz-version-id: XUWRUg3vSXgDOqo7_O7KF9DqMpAAH5b8
cf-cache-status: REVALIDATED
x-amz-request-id: 6B25F5ESZNHVS3S4
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1016
x-amz-id-2: 6WukeF/Sn4g2JmzNcptw188kYWdJvFJn6Qvj7iuRRW4pXlnFIzsV4/KwjtBNW6TmNXDZsiVBntw=
last-modified: Wed, 18 Jan 2023 10:13:51 GMT
server: cloudflare
etag: "32584983305ea752c7c157b277d57cc2"
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 7a97fcda9dd29966-FRA
expires: Sat, 18 Mar 2023 00:29:23 GMT

GET
H2 200 xsmb.vn.991663.js Show response
jsc.mgid.com/x/s/ 0
585 B 245ms
193ms Script
text/javascript 2606:4700:1::6813:884e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://jsc.mgid.com/x/s/xsmb.vn.991663.js?_=1679084962905
Requested by: Host: static.xsmb1.com
URL: https://static.xsmb1.com/js/jquery-1.7.min.js?v=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:1::6813:884e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://xsmb1.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 17 Mar 2023 20:29:23 GMT
x-amz-version-id: null
cf-cache-status: HIT
x-amz-request-id: D6KAS7Q858QWENR6
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
x-amz-id-2: ffQWfvccQDQwAyd7ItsZhwmHSZIQNryPN1EL59ouqLRVZz9KL/ECCxdrOloJ5ut3UlGrektjfiw=
cf-bgj: minify
last-modified: Fri, 16 Apr 2021 16:07:54 GMT
server: cloudflare
etag: "d41d8cd98f00b204e9800998ecf8427e"
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=10800
accept-ranges: bytes
cf-ray: 7a97fcda8ef13627-FRA
expires: Fri, 17 Mar 2023 23:29:23 GMT

GET
H2 200 xsmb.vn.991667.js Show response
jsc.mgid.com/x/s/ 0
390 B 276ms
224ms Script
text/javascript 2606:4700:1::6813:884e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://jsc.mgid.com/x/s/xsmb.vn.991667.js?_=1679084962905
Requested by: Host: static.xsmb1.com
URL: https://static.xsmb1.com/js/jquery-1.7.min.js?v=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:1::6813:884e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://xsmb1.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 17 Mar 2023 20:29:23 GMT
x-amz-version-id: null
cf-cache-status: HIT
x-amz-request-id: MDQGRWVJ82SS73J2
cf-polished: origSize=3
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
x-amz-id-2: ifkiMfXudyY0unW4qNgK7SZaVQNsaS46kyRoOTbMZ28Y36cgzMLe0xNwvjxgDwjcqWJqQ4BYWU0=
cf-bgj: minify
last-modified: Thu, 16 Sep 2021 16:08:42 GMT
server: cloudflare
etag: "cf64b89236d83f0076d28cfa07bc8d51"
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=10800
accept-ranges: bytes
cf-ray: 7a97fcda8ef43627-FRA
expires: Fri, 17 Mar 2023 23:29:23 GMT

GET
H2 200 xsmb.vn.1101390.js Show response
jsc.adskeeper.co.uk/x/s/ 3 KB
1 KB 272ms
213ms Script
text/javascript 2606:4700::6812:a14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://jsc.adskeeper.co.uk/x/s/xsmb.vn.1101390.js?_=1679084962908
Requested by: Host: static.xsmb1.com
URL: https://static.xsmb1.com/js/jquery-1.7.min.js?v=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:a14 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3e93c0d4f5f553f6938285b9b9cea3559e584b43f3592752cd42647f91c376cc

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://xsmb1.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 17 Mar 2023 20:29:23 GMT
content-encoding: gzip
x-amz-version-id: OuwDgXHuKL9.2O7CL6Swtecfo_a8q6bM
cf-cache-status: REVALIDATED
x-amz-request-id: W1F81R4VTHD2AVJW
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1016
x-amz-id-2: UKhQMZd0BzQ8PDUHuMO1nF6y6tBROmM3+F1TWtvMOet3iRjvf5ahm9x1x/W20g6enFC3vfgB+og=
last-modified: Mon, 13 Mar 2023 23:01:41 GMT
server: cloudflare
etag: "61311ce4509f1158c6548c34884b956d"
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 7a97fcda9dd69966-FRA
expires: Sat, 18 Mar 2023 00:29:23 GMT

GET
H2 200 300x250-1.jpg
static.xoso.wap.vn/version_2/images/quangcao/ 68 KB
68 KB 897ms
290ms Image
image/jpeg 210.211.99.108
CHT Compamy Ltd

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.xoso.wap.vn/version_2/images/quangcao/300x250-1.jpg
Requested by: Host: xsmb1.com
URL: https://xsmb1.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 210.211.99.108 Ho Chi Minh City, Viet Nam, ASN38731 (VTDC-AS-VN Vietel - CHT Compamy Ltd, VN),
Reverse DNS
Software: nginx /
Resource Hash: 5f8b72d9b3de24321c4602baa9eb009d434dd51f792eabebbd7c97683b235558

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://xsmb1.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 17 Mar 2023 20:25:15 GMT
last-modified: Wed, 28 Oct 2020 08:11:12 GMT
server: nginx
etag: "5f9927a0-11054"
content-type: image/jpeg
cache-control: max-age=604800, public
accept-ranges: bytes
content-length: 69716
expires: Fri, 24 Mar 2023 20:25:15 GMT

GET
H2 200 xsmb.vn.1101390.es6.js Show response
jsc.adskeeper.co.uk/x/s/ 245 KB
71 KB 242ms
240ms Script
text/javascript 2606:4700::6812:a14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://jsc.adskeeper.co.uk/x/s/xsmb.vn.1101390.es6.js
Requested by: Host: jsc.adskeeper.co.uk
URL: https://jsc.adskeeper.co.uk/x/s/xsmb.vn.1101390.js?_=1679084962908
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:a14 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: be60e7c4534e7bacb6bcf321453d16df9a17339f19de7b2674e4d2bbb3336bfd

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://xsmb1.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 17 Mar 2023 20:29:23 GMT
content-encoding: gzip
x-amz-version-id: .1_txmvCYYFkXYXdwjJTa5QCEQHaLJPV
cf-cache-status: REVALIDATED
x-amz-request-id: 9R3GR6SGHYVS7WDP
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 72128
x-amz-id-2: WJ+O5S6J1gEygtQrtLppT2VOGdlH+udnE4osdMig9bzWtEe/K2fjCChmvGPOQNLBnM2tngrIA9I=
last-modified: Mon, 13 Mar 2023 23:01:41 GMT
server: cloudflare
etag: "fdd7988e8b6f20c7ef18635742b9a4f1"
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 7a97fcdbffc59966-FRA
expires: Sat, 18 Mar 2023 00:29:23 GMT

GET
H2 200 xsmb.vn.1101395.es6.js Show response
jsc.adskeeper.co.uk/x/s/ 263 KB
78 KB 244ms
244ms Script
text/javascript 2606:4700::6812:a14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://jsc.adskeeper.co.uk/x/s/xsmb.vn.1101395.es6.js
Requested by: Host: jsc.adskeeper.co.uk
URL: https://jsc.adskeeper.co.uk/x/s/xsmb.vn.1101395.js?_=1679084962903
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:a14 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0cdfd65d00bd89af0c5bb8a8953d1765458240351d5baa84fcde02171b572338

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://xsmb1.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 17 Mar 2023 20:29:23 GMT
content-encoding: gzip
x-amz-version-id: Qn0PTt.mB48V8mYrJ6d5aQOHGf1H1G6o
cf-cache-status: REVALIDATED
x-amz-request-id: 9R3VFFGMPDATV7V4
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 79878
x-amz-id-2: YUWryZwiWUARxJcwnp3XyDMqDM4XuVfNm0BKTNerSC+ax7ekP9XTQ7FgY0c2/ckDcE2AJpm18Ug=
last-modified: Wed, 18 Jan 2023 10:13:51 GMT
server: cloudflare
etag: "d31fa0087a89c836b7e05230058d7415"
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 7a97fcdc1ff29966-FRA
expires: Sat, 18 Mar 2023 00:29:23 GMT

GET
BLOB 200
OK 4068c5d3-de83-4c6d-b883-e1b159f18155
https://xsmb1.com/ 0
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://xsmb1.com/4068c5d3-de83-4c6d-b883-e1b159f18155
Requested by: Host: xsmb1.com
URL: https://xsmb1.com/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Content-Length: 0
Content-Type: text/javascript

GET
BLOB 200
OK 18b2b52b-72e8-4d74-a8c4-98466dcc3100
https://xsmb1.com/ 250 B
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://xsmb1.com/18b2b52b-72e8-4d74-a8c4-98466dcc3100
Requested by: Host: xsmb1.com
URL: https://xsmb1.com/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e37071398d21f18dff2370ee0885f38811bb69bb465b398100ab3101fc521d6b

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Content-Length: 250
Content-Type: text/javascript

GET
BLOB 200
OK 65d5aa59-dd6c-4e92-a9f6-88e571c92bac
https://xsmb1.com/ 0
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://xsmb1.com/65d5aa59-dd6c-4e92-a9f6-88e571c92bac
Requested by: Host: xsmb1.com
URL: https://xsmb1.com/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Content-Length: 0
Content-Type: text/javascript

GET
BLOB 200
OK c36fac75-f19c-483f-8757-aa4f0bc58156
https://xsmb1.com/ 250 B
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://xsmb1.com/c36fac75-f19c-483f-8757-aa4f0bc58156
Requested by: Host: xsmb1.com
URL: https://xsmb1.com/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e37071398d21f18dff2370ee0885f38811bb69bb465b398100ab3101fc521d6b

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Content-Length: 250
Content-Type: text/javascript

GET
H2 200 css
fonts.googleapis.com/ 21 KB
1 KB 30ms
29ms Stylesheet
text/css 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:300,300i,400,400i,500,500i,700,700i,900,900i&display=swap&subset=cyrillic,greek,vietnamese

Requested by

Host: client
URL: about:client

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e46d7c330d93ed1f46eac182657707e88ef70819d1c44d0a830b9870fe1f3aea

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://xsmb1.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 17 Mar 2023 20:29:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 17 Mar 2023 18:36:39 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 17 Mar 2023 20:29:23 GMT

GET
H2 200 / Show response
c.adskeeper.co.uk/pv/ 0
43 B 54ms
43ms Script
text/plain 2606:4700::6812:a14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://c.adskeeper.co.uk/pv/?scum=%3F0&scuw=%3F0&pv=5&cbuster=1679084963552153289218&lct=1678665600&niet=4g&nisd=false&jsv=es6&ref=&cxurl=https%3A%2F%2Fxsmb1.com%2F&lu=https%3A%2F%2Fxsmb1.com%2F&sessionId=6414cda4-03969&pageView=1&pvid=186f14346e18b0f1692&site=694887&implVersion=11&dpr=1&tfre=1789
Requested by: Host: jsc.adskeeper.co.uk
URL: https://jsc.adskeeper.co.uk/x/s/xsmb.vn.1101390.es6.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:a14 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://xsmb1.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 17 Mar 2023 20:29:23 GMT
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 7a97fcde5b1a9966-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0

GET
BLOB 206
Partial Content a1e9a348-d4b8-4ca5-a2e5-09c953f6d00e
https://xsmb1.com/ 1 KB
0 Media
video/mp4

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://xsmb1.com/a1e9a348-d4b8-4ca5-a2e5-09c953f6d00e
Requested by: Host: xsmb1.com
URL: https://xsmb1.com/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 60ddc774c7b5fd0c01d169321a444da403d60c0042f6bee01b0c96f6e1535fda

Request headers

Referer
Accept-Encoding: identity;q=1, *;q=0
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Range: bytes=0-

Response headers

Content-Range: bytes 0-1492/1493
Content-Length: 1493
Content-Type: video/mp4

GET
H3 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
16 KB 20ms
19ms Font
font/woff2 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,300i,400,400i,500,500i,700,700i,900,900i&display=swap&subset=cyrillic,greek,vietnamese

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://xsmb1.com
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 17 Mar 2023 09:37:51 GMT
x-content-type-options: nosniff
age: 39092
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 16 Mar 2024 09:37:51 GMT

GET
H3 200 KFOlCnqEu92Fr1MmWUlfChc4EsA.woff2
fonts.gstatic.com/s/roboto/v30/ 12 KB
12 KB 23ms
22ms Font
font/woff2 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfChc4EsA.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,300i,400,400i,500,500i,700,700i,900,900i&display=swap&subset=cyrillic,greek,vietnamese

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fc66f942651a9fe1a598770d3d896529dcd7a03d02f40655451513093103e61b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://xsmb1.com
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 16 Mar 2023 08:48:33 GMT
x-content-type-options: nosniff
age: 128450
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11824
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:43 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 15 Mar 2024 08:48:33 GMT

GET
H3 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
15 KB 26ms
25ms Font
font/woff2 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,300i,400,400i,500,500i,700,700i,900,900i&display=swap&subset=cyrillic,greek,vietnamese

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://xsmb1.com
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 10 Mar 2023 21:07:17 GMT
x-content-type-options: nosniff
age: 602526
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 09 Mar 2024 21:07:17 GMT

GET
H3 200 KFOmCnqEu92Fr1Mu7GxKOzY.woff2
fonts.gstatic.com/s/roboto/v30/ 12 KB
12 KB 33ms
33ms Font
font/woff2 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu7GxKOzY.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,300i,400,400i,500,500i,700,700i,900,900i&display=swap&subset=cyrillic,greek,vietnamese

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3c23eb02de6b34e30f18cfb7167abd81a2cedfd1da60dfcb71989517ab3fb431

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://xsmb1.com
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Tue, 14 Mar 2023 07:59:57 GMT
x-content-type-options: nosniff
age: 304166
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11872
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:25:01 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 13 Mar 2024 07:59:57 GMT

GET
H3 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 16 KB
16 KB 46ms
46ms Font
font/woff2 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,300i,400,400i,500,500i,700,700i,900,900i&display=swap&subset=cyrillic,greek,vietnamese

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://xsmb1.com
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 16 Mar 2023 05:21:08 GMT
x-content-type-options: nosniff
age: 140895
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15920
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:45 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 15 Mar 2024 05:21:08 GMT

GET
H3 200 KFOlCnqEu92Fr1MmEU9fChc4EsA.woff2
fonts.gstatic.com/s/roboto/v30/ 12 KB
12 KB 47ms
46ms Font
font/woff2 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fChc4EsA.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,300i,400,400i,500,500i,700,700i,900,900i&display=swap&subset=cyrillic,greek,vietnamese

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7f1c829b0c90fd664a03bb714a74f7d35d9e38ee1687104abc8ad5bd9c8ccb6c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://xsmb1.com
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 16 Mar 2023 04:57:51 GMT
x-content-type-options: nosniff
age: 142292
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11800
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:25:05 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 15 Mar 2024 04:57:51 GMT

GET
H3 200 KFOkCnqEu92Fr1Mu51xIIzI.woff2
fonts.gstatic.com/s/roboto/v30/ 17 KB
17 KB 43ms
43ms Font
font/woff2 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOkCnqEu92Fr1Mu51xIIzI.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,300i,400,400i,500,500i,700,700i,900,900i&display=swap&subset=cyrillic,greek,vietnamese

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

db0424fb67fb52e7e538490240cc7fb9c05aa076333a4968f3dee30b825dabf9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://xsmb1.com
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 16 Mar 2023 05:20:36 GMT
x-content-type-options: nosniff
age: 140927
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 17368
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 15 Mar 2024 05:20:36 GMT

GET
H3 200 KFOkCnqEu92Fr1Mu51xGIzIFKw.woff2
fonts.gstatic.com/s/roboto/v30/ 12 KB
12 KB 44ms
44ms Font
font/woff2 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOkCnqEu92Fr1Mu51xGIzIFKw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,300i,400,400i,500,500i,700,700i,900,900i&display=swap&subset=cyrillic,greek,vietnamese

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9582ced8a675bf267cc7ac392a86413ed850e53c85919b93719134ecc22ea04b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://xsmb1.com
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 16 Mar 2023 00:42:26 GMT
x-content-type-options: nosniff
age: 157617
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12704
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:45 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 15 Mar 2024 00:42:26 GMT

GET
H3 200 KFOlCnqEu92Fr1MmWUlfCxc4EsA.woff2
fonts.gstatic.com/s/roboto/v30/ 5 KB
5 KB 23ms
19ms Font
font/woff2 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfCxc4EsA.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,300i,400,400i,500,500i,700,700i,900,900i&display=swap&subset=cyrillic,greek,vietnamese

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4ec57f2a80b91090971b83970230ca09ab3568c5f5b224896ca9aa6180a76aa9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://xsmb1.com
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 15 Mar 2023 12:46:13 GMT
x-content-type-options: nosniff
age: 200590
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5548
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:45 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 14 Mar 2024 12:46:13 GMT

GET
H3 200 KFOmCnqEu92Fr1Mu7WxKOzY.woff2
fonts.gstatic.com/s/roboto/v30/ 5 KB
5 KB 20ms
20ms Font
font/woff2 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu7WxKOzY.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,300i,400,400i,500,500i,700,700i,900,900i&display=swap&subset=cyrillic,greek,vietnamese

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

77b24796a3d4ab521f66765651875338ed50cb9306cfe4603a3e79618e429cec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://xsmb1.com
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sat, 11 Mar 2023 19:38:46 GMT
x-content-type-options: nosniff
age: 521437
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5560
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:41 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 10 Mar 2024 19:38:46 GMT

GET
H3 200 KFOlCnqEu92Fr1MmEU9fCxc4EsA.woff2
fonts.gstatic.com/s/roboto/v30/ 5 KB
5 KB 20ms
19ms Font
font/woff2 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fCxc4EsA.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,300i,400,400i,500,500i,700,700i,900,900i&display=swap&subset=cyrillic,greek,vietnamese

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0948409a22b5979aa7e1ec20da9e61f12e7d403800b541ece053881bd2542b70

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://xsmb1.com
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 17 Mar 2023 06:22:44 GMT
x-content-type-options: nosniff
age: 50799
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5604
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:41 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 16 Mar 2024 06:22:44 GMT

GET
H3 200 KFOkCnqEu92Fr1Mu51xHIzIFKw.woff2
fonts.gstatic.com/s/roboto/v30/ 6 KB
6 KB 21ms
20ms Font
font/woff2 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOkCnqEu92Fr1Mu51xHIzIFKw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,300i,400,400i,500,500i,700,700i,900,900i&display=swap&subset=cyrillic,greek,vietnamese

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0b68e8634c96265eb32a0c769416b5b02215ee3fee0c9e228f3455dc13ecabaf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://xsmb1.com
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 15 Mar 2023 12:24:24 GMT
x-content-type-options: nosniff
age: 201899
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5928
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:40 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 14 Mar 2024 12:24:24 GMT

GET
BLOB 206
Partial Content d403aa8f-86d4-4c62-8ae5-1f5f27edcd64
https://xsmb1.com/ 1 KB
0 Media
video/mp4

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://xsmb1.com/d403aa8f-86d4-4c62-8ae5-1f5f27edcd64
Requested by: Host: xsmb1.com
URL: https://xsmb1.com/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 60ddc774c7b5fd0c01d169321a444da403d60c0042f6bee01b0c96f6e1535fda

Request headers

Referer
Accept-Encoding: identity;q=1, *;q=0
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Range: bytes=0-

Response headers

Content-Range: bytes 0-1492/1493
Content-Length: 1493
Content-Type: video/mp4

GET
H2 200 adskeeper_svg.svg
cdn.adskeeper.co.uk/images/ 4 KB
1 KB 39ms
28ms Image
image/svg+xml 2606:4700::6812:a14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.adskeeper.co.uk/images/adskeeper_svg.svg
Requested by: Host: xsmb1.com
URL: https://xsmb1.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:a14 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3c1798ee0e6e7de78f91bb457e6670385951caea9fc9c97295ca303ec6fe49be

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://xsmb1.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 17 Mar 2023 20:29:23 GMT
x-amz-version-id: null
content-encoding: gzip
cf-cache-status: HIT
x-amz-request-id: 6MNX2MTGJN85G3DR
age: 6186
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: uVYN4THI3XWNXs2pKJp3igZaYY/0ylOvx7HnZiKG6/WrJVpwFBMB1QO++JO3ZWcshaslZ238S8k=
last-modified: Tue, 08 Dec 2020 08:34:59 GMT
server: cloudflare
x-amz-meta-s3cmd-attrs: atime:1607416491/ctime:1607416491/gid:0/gname:root/md5:93f6d1136fb77e38a0a2c72108588f09/mode:33206/mtime:1607416491/uid:0/uname:root
etag: W/"93f6d1136fb77e38a0a2c72108588f09"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=14400
cf-ray: 7a97fcdfad529966-FRA
expires: Sat, 18 Mar 2023 00:29:23 GMT

GET
H2 200 1 Show response
servicer.adskeeper.co.uk/1101390/ 2 KB
1 KB 73ms
62ms Script
application/x-javascript 2606:4700::6812:a14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://servicer.adskeeper.co.uk/1101390/1?scum=%3F0&scuw=%3F0&pv=5&cbuster=1679084963815870901700&lct=1678665600&niet=4g&nisd=false&jsv=es6&mp4=1&ap=1&w=500&h=251&cols=2&ref=&cxurl=https%3A%2F%2Fxsmb1.com%2F&lu=https%3A%2F%2Fxsmb1.com%2F&sessionId=6414cda4-03969&pageView=1&pvid=186f14346e18b0f1692&implVersion=11&dpr=1&tfre=2051
Requested by: Host: jsc.adskeeper.co.uk
URL: https://jsc.adskeeper.co.uk/x/s/xsmb.vn.1101390.es6.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:a14 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 81b4e656b88f5328a624f8de1d4189678ebe24457acd785a8bd654170789783a

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://xsmb1.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 17 Mar 2023 20:29:23 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-allow-credentials: true
cf-ray: 7a97fcdffde59966-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 1 Show response
servicer.adskeeper.co.uk/1101395/ 4 KB
2 KB 52ms
52ms Script
application/x-javascript 2606:4700::6812:a14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://servicer.adskeeper.co.uk/1101395/1?scum=%3F0&scuw=%3F0&mp4=1&ap=1&w=494&h=196&cols=4&pv=5&cbuster=1679084963830685710462&lct=1674000000&niet=4g&nisd=false&jsv=es6&ref=&cxurl=https%3A%2F%2Fxsmb1.com%2F&lu=https%3A%2F%2Fxsmb1.com%2F&sessionId=6414cda4-03969&pageView=0&pvid=186f14346e18b0f1692&implVersion=11&dpr=1&tfre=2066
Requested by: Host: jsc.adskeeper.co.uk
URL: https://jsc.adskeeper.co.uk/x/s/xsmb.vn.1101395.es6.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:a14 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 41381bdf3719d5cf87bb8106ff98ab4e0e015066c556d28c55a5cc19023f3a0a

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://xsmb1.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 17 Mar 2023 20:29:23 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-allow-credentials: true
cf-ray: 7a97fce00df79966-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzM6MixjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX3h5X2NlbnRlcixxX2F1dG86Z29vZCx3XzEwMjAseF8zNzkseV8xODEvaHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjItMTEvM...
s-img.adskeeper.co.uk/g/14602895/492x328/-/ 14 KB
14 KB 78ms
25ms Image
image/webp 2606:4700::6812:b14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.adskeeper.co.uk/g/14602895/492x328/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzM6MixjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX3h5X2NlbnRlcixxX2F1dG86Z29vZCx3XzEwMjAseF8zNzkseV8xODEvaHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjItMTEvMjQ3MzE5L2Y5NTdiNmRjMDdhOTExZjdkNTgzYTY4MTUxNmM2NTk2LnBuZw.webp?v=1679084963-zLo6plgDLeHtzFCz9e7oAXTjsFvlvHkkmXTn7QOwIGU
Requested by: Host: xsmb1.com
URL: https://xsmb1.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:b14 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f7a892c96fd9db001f4c4ea9c26b2d42b1b39d0263ffe159b1fdc41f64b4a491

Request headers

Referer: https://xsmb1.com/
Origin: https://xsmb1.com
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 17 Mar 2023 20:29:23 GMT
cf-cache-status: HIT
last-modified: Sat, 12 Nov 2022 08:01:31 GMT
x-mg-request-uuid: 8f42dbbc-dc02-44a7-88c2-c0335039248b
server: cloudflare
age: 100216
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 7a97fce0bf6e2bad-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 13846

GET
H2 200 aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzM6MixjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX2ZhY2VzOmF1dG8scV9hdXRvOmdvb2Qsd18xMDIwL2h0dHA6Ly9pbWdob3N0cy5jb20vdC8yMDIzLTAzLzEyNDI5Ni84OTQ5N...
s-img.adskeeper.co.uk/g/15629140/492x328/-/ 11 KB
11 KB 333ms
281ms Image
image/webp 2606:4700::6812:b14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.adskeeper.co.uk/g/15629140/492x328/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzM6MixjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX2ZhY2VzOmF1dG8scV9hdXRvOmdvb2Qsd18xMDIwL2h0dHA6Ly9pbWdob3N0cy5jb20vdC8yMDIzLTAzLzEyNDI5Ni84OTQ5Nzg5ZTg0YjM1Y2VmYzAwOWQxOGI3NDg4OGY1OS5qcGc.webp?v=1679084963-i7aVJh5C7ZI0EPAQaZ8Q06ChEtNoTmprCk1zbT8vf5Q
Requested by: Host: xsmb1.com
URL: https://xsmb1.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:b14 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 50583ed80e031eb7f1c97e6ea480a8095f42c7975f691c91f45a53211cd4fc7f

Request headers

Referer: https://xsmb1.com/
Origin: https://xsmb1.com
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 17 Mar 2023 20:29:24 GMT
cf-cache-status: MISS
last-modified: Wed, 15 Mar 2023 09:37:20 GMT
x-mg-request-uuid: a22fa885-da61-43d1-a039-f333fa0706f0
server: cloudflare
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 7a97fce0bf742bad-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 11104

GET
H2 200 aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzM6MixjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX2ZhY2VzOmF1dG8scV9hdXRvOmdvb2Qsd18xMDIwL2h0dHA6Ly9pbWdob3N0cy5jb20vdC8yMDIyLTExLzI0NzMxOS8yZTVmY...
s-img.adskeeper.co.uk/g/14602903/492x328/-/ 14 KB
14 KB 463ms
411ms Image
image/webp 2606:4700::6812:b14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.adskeeper.co.uk/g/14602903/492x328/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzM6MixjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX2ZhY2VzOmF1dG8scV9hdXRvOmdvb2Qsd18xMDIwL2h0dHA6Ly9pbWdob3N0cy5jb20vdC8yMDIyLTExLzI0NzMxOS8yZTVmYWZlZGE5N2MyY2YwNTU5YmQ2NDZlNjBmOWM2Zi5wbmc.webp?v=1679084963-5oVY2Bm2WBNalBT_nEhBOePKRErAZOpUGqbxOor1zQw
Requested by: Host: xsmb1.com
URL: https://xsmb1.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:b14 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 90fb25eda0284475ab54a678a70cfc6d183f51e8db8318b71be4f87f2b45e55c

Request headers

Referer: https://xsmb1.com/
Origin: https://xsmb1.com
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 17 Mar 2023 20:29:24 GMT
cf-cache-status: MISS
last-modified: Sat, 12 Nov 2022 08:05:09 GMT
x-mg-request-uuid: a5794bfd-ad2a-4022-8574-49de6ec8c622
server: cloudflare
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 7a97fce0bf752bad-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 14632

GET
H2 200 aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzM6MixjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX2ZhY2VzOmF1dG8scV9hdXRvOmdvb2Qsd18xMDIwL2h0dHA6Ly9pbWdob3N0cy5jb20vdC8yMDIzLTAxLzM2OTQwMy9mZmMxM...
s-img.adskeeper.co.uk/g/15265512/492x328/-/ 23 KB
24 KB 457ms
406ms Image
image/webp 2606:4700::6812:b14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.adskeeper.co.uk/g/15265512/492x328/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzM6MixjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX2ZhY2VzOmF1dG8scV9hdXRvOmdvb2Qsd18xMDIwL2h0dHA6Ly9pbWdob3N0cy5jb20vdC8yMDIzLTAxLzM2OTQwMy9mZmMxM2RjNWUzNGRiYzM1N2YyM2Q4YWFiY2RkMjk0ZS5wbmc.webp?v=1679084963-WTUkoQO0trlCZrKzz_BNdyGqxofB7NhUjgNn0q0Q2wg
Requested by: Host: xsmb1.com
URL: https://xsmb1.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:b14 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d11657287cf31157ba8817908561d868ad22dd5b5e36b153499f033468680a9e

Request headers

Referer: https://xsmb1.com/
Origin: https://xsmb1.com
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 17 Mar 2023 20:29:24 GMT
cf-cache-status: MISS
last-modified: Wed, 01 Feb 2023 10:37:11 GMT
x-mg-request-uuid: 2ef55b60-0305-48fc-b9b9-5037bf807cdf
server: cloudflare
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 7a97fce0bf782bad-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 23962

GET
H2 200 aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzM6MixjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX2ZhY2VzOmF1dG8sd18xMDIwL2h0dHA6Ly9pbWdob3N0cy5jb20vdC8yMDIyLTAyLzY5ODkyMC8yZDhjM2QwMGU1OTkwODBjZ...
s-img.adskeeper.co.uk/g/12166266/492x328/-/ 7 KB
7 KB 330ms
283ms Image
image/webp 2606:4700::6812:b14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.adskeeper.co.uk/g/12166266/492x328/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzM6MixjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX2ZhY2VzOmF1dG8sd18xMDIwL2h0dHA6Ly9pbWdob3N0cy5jb20vdC8yMDIyLTAyLzY5ODkyMC8yZDhjM2QwMGU1OTkwODBjZmUxM2E4NTQ4NTFjM2ZiMy5wbmc.webp?v=1679084963-Tk8bhrafBLoHGPEpuDBmjUujPlto8kFOuRGryK5uq4E
Requested by: Host: xsmb1.com
URL: https://xsmb1.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:b14 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bea2774827e04e615768fcf5db983279e5007bbeb4f8482fe47326a6f483859e

Request headers

Referer: https://xsmb1.com/
Origin: https://xsmb1.com
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 17 Mar 2023 20:29:24 GMT
cf-cache-status: MISS
last-modified: Fri, 03 Mar 2023 03:33:33 GMT
x-mg-request-uuid: 2bb4f2d1-1ca5-4813-ad61-5c7b8e777fb8
server: cloudflare
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 7a97fce0bf792bad-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 7286

GET
H2 200 aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzM6MixjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX2ZhY2VzOmF1dG8scV9hdXRvOmdvb2Qsd18xMDIwL2h0dHA6Ly9pbWdob3N0cy5jb20vdC8yMDIzLTAzLzEyNDI5Ni9iZDQ4Z...
s-img.adskeeper.co.uk/g/15629143/492x328/-/ 7 KB
8 KB 330ms
284ms Image
image/webp 2606:4700::6812:b14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.adskeeper.co.uk/g/15629143/492x328/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzM6MixjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX2ZhY2VzOmF1dG8scV9hdXRvOmdvb2Qsd18xMDIwL2h0dHA6Ly9pbWdob3N0cy5jb20vdC8yMDIzLTAzLzEyNDI5Ni9iZDQ4ZjJjNzMxN2QwODgzYzc1NzVlZDkwOTA0Yjg2NS5qcGc.webp?v=1679084963-PFjn3Q3Z9xWpyCVcvQrFYUvsbqFNgnjxlDzY5b3lxLA
Requested by: Host: xsmb1.com
URL: https://xsmb1.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:b14 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fd468a66ddfd25434ac4e36aceae29db71a47fadd168a84add2295d43c82d871

Request headers

Referer: https://xsmb1.com/
Origin: https://xsmb1.com
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 17 Mar 2023 20:29:24 GMT
cf-cache-status: MISS
last-modified: Wed, 15 Mar 2023 09:15:26 GMT
x-mg-request-uuid: 907c8158-18f6-4889-badf-81c7a601feb0
server: cloudflare
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 7a97fce0bf7a2bad-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 7648

GET
H2 200 i.js Show response
cm.adskeeper.co.uk/ 0
124 B 129ms
118ms Script
application/javascript 2606:4700::6812:a14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cm.adskeeper.co.uk/i.js?&cbuster=167908496390734571503
Requested by: Host: jsc.adskeeper.co.uk
URL: https://jsc.adskeeper.co.uk/x/s/xsmb.vn.1101395.es6.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:a14 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://xsmb1.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Mar 2023 20:29:24 GMT
cf-cache-status: DYNAMIC
server: cloudflare
content-type: application/javascript
cache-control: no-store, no-cache, must-revalidate, max-age=0
cf-ray: 7a97fce08eb99966-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0

GET
H2 200 i-noref.js Show response
cm.adskeeper.co.uk/ Frame BB40 0
37 B 130ms
126ms Script
application/javascript 2606:4700::6812:a14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cm.adskeeper.co.uk/i-noref.js?cbuster=1679084963914174483799
Requested by: Host: jsc.adskeeper.co.uk
URL: https://jsc.adskeeper.co.uk/x/s/xsmb.vn.1101395.es6.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:a14 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Mar 2023 20:29:24 GMT
cf-cache-status: DYNAMIC
server: cloudflare
content-type: application/javascript
cache-control: no-store, no-cache, must-revalidate, max-age=0
cf-ray: 7a97fce08ebc9966-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0

GET
H2 200 pwt.js Show response
ads.pubmatic.com/AdServer/js/pwt/161673/7165/ 190 KB
59 KB 69ms
21ms Script
application/javascript 69.192.160.199
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/pwt/161673/7165/pwt.js
Requested by: Host: jsc.adskeeper.co.uk
URL: https://jsc.adskeeper.co.uk/x/s/xsmb.vn.1101395.es6.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 69.192.160.199 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a69-192-160-199.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 25795c5164a6b299891cdaf8925dfb9b5e7961ac9f740667c3722e0111353986

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://xsmb1.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 17 Mar 2023 20:29:23 GMT
content-encoding: gzip
last-modified: Wed, 22 Feb 2023 07:52:04 GMT
server: Apache
vary: Accept-Encoding
content-type: application/javascript
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: max-age=31931
accept-ranges: bytes
content-length: 60066
expires: Sat, 18 Mar 2023 05:21:34 GMT

OPTIONS
H2 200 json
gum.criteo.com/sid/ Frame 0
0 71ms
21ms Preflight
application/json 2a02:2638::1c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fxsmb1.com%2F&domain=xsmb1.com&cw=1&lsw=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::1c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://xsmb1.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET
access-control-allow-origin: https://xsmb1.com
cache-control: no-cache, no-store, must-revalidate
content-encoding: gzip
content-type: application/json; charset=utf-8
date: Fri, 17 Mar 2023 20:29:23 GMT
expires: 0
pragma: no-cache
server: Kestrel
server-processing-duration-in-ticks: 359417
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2

200

sid Show response
mug.criteo.com/
Redirect Chain

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fxsmb1.com%2F&domain=xsmb1.com&cw=1&lsw=1
https://mug.criteo.com/sid?cpp=V0zrc3x5TVFtTnhXRXNnTzZaYzFWYUhNUHBmYWJBKzFGeXhsWTFtcWpUUHJxaVMwS2ZYc2svaUJYbSt3c0JzaklSQU0vVGQ3eTVUeW1iVlBFcEFMbEJCYy9kSG5XY2Q2d1RYQjQxQUVSMVlFeXd4cjlCSXY3a0x0V25sNl...

354 B
644 B

41ms
14ms

XHR
application/json

178.250.1.11
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=V0zrc3x5TVFtTnhXRXNnTzZaYzFWYUhNUHBmYWJBKzFGeXhsWTFtcWpUUHJxaVMwS2ZYc2svaUJYbSt3c0JzaklSQU0vVGQ3eTVUeW1iVlBFcEFMbEJCYy9kSG5XY2Q2d1RYQjQxQUVSMVlFeXd4cjlCSXY3a0x0V25sNlNxUkY5RFpTS3FFM2szTVp3Y0phRDhsSGtXRjVDd0NjYXNrWWpQMnhuZlRYeGFoMHlKVEllcitXZ2pYaXRhcnZ2dmRaRHM1bjB6bW9IbnpRWUdrclJOM3JiMDlGdEtVL29qbzJRNW5EdW95dmpzR1ZsRVRNPXw&cppv=2

Requested by

Host: xsmb1.com
URL: https://xsmb1.com/

Protocol

Server

178.250.1.11 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

a8c979abdf5904b30f9a06e8adb30f03dae8cfd45268a945db81050e1e8cd8dc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://xsmb1.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Mar 2023 20:29:23 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: null
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 681573
expires: 0

Redirect headers

pragma: no-cache
date: Fri, 17 Mar 2023 20:29:23 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
access-control-allow-methods: GET
location: https://mug.criteo.com/sid?cpp=V0zrc3x5TVFtTnhXRXNnTzZaYzFWYUhNUHBmYWJBKzFGeXhsWTFtcWpUUHJxaVMwS2ZYc2svaUJYbSt3c0JzaklSQU0vVGQ3eTVUeW1iVlBFcEFMbEJCYy9kSG5XY2Q2d1RYQjQxQUVSMVlFeXd4cjlCSXY3a0x0V25sNlNxUkY5RFpTS3FFM2szTVp3Y0phRDhsSGtXRjVDd0NjYXNrWWpQMnhuZlRYeGFoMHlKVEllcitXZ2pYaXRhcnZ2dmRaRHM1bjB6bW9IbnpRWUdrclJOM3JiMDlGdEtVL29qbzJRNW5EdW95dmpzR1ZsRVRNPXw&cppv=2
access-control-allow-origin: https://xsmb1.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 792762
content-length: 0
expires: 0

GET
H2 200 id Show response
id.crwdcntrl.net/ 43 B
313 B 108ms
31ms XHR
application/json 52.17.83.170
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://id.crwdcntrl.net/id
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/161673/7165/pwt.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.17.83.170 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-17-83-170.eu-west-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: a96e1e97d62ab9747678b947bdf0a0ea5f81790b1e3a1df2d4607a86bf802596

Request headers

Referer: https://xsmb1.com/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 17 Mar 2023 20:29:24 GMT
server: Jetty(9.4.38.v20210224)
content-type: application/json;charset=utf-8
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: https://xsmb1.com
cache-control: no-cache
x-server: 10.45.16.62
access-control-allow-credentials: true
content-length: 43
expires: 0

OPTIONS
H2 200 json
gum.criteo.com/sid/ Frame 0
0 64ms
22ms Preflight
application/json 2a02:2638::1c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fxsmb1.com%2F&domain=xsmb1.com&cw=1&lsw=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::1c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://xsmb1.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET
access-control-allow-origin: https://xsmb1.com
cache-control: no-cache, no-store, must-revalidate
content-encoding: gzip
content-type: application/json; charset=utf-8
date: Fri, 17 Mar 2023 20:29:24 GMT
expires: 0
pragma: no-cache
server: Kestrel
server-processing-duration-in-ticks: 296155
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2

200

sid Show response
mug.criteo.com/
Redirect Chain

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fxsmb1.com%2F&domain=xsmb1.com&cw=1&lsw=1
https://mug.criteo.com/sid?cpp=wkDPxXx1UG5VUkJuV2t6dUVkakNybG9pcTNmV0pNZTB2UTBqb3NhL2RueEpwQzRlVnZGZFZvZHA2UDc3NGVLcHRhZkpGS09SRDVRUzZlaFZnUGtnNzQ3Um9ITFdQWE82aUh4Znk4eGNlbm9BQ0FVVXZKeWZHSUw0OFNpS1...

357 B
647 B

49ms
22ms

XHR
application/json

178.250.1.11
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=wkDPxXx1UG5VUkJuV2t6dUVkakNybG9pcTNmV0pNZTB2UTBqb3NhL2RueEpwQzRlVnZGZFZvZHA2UDc3NGVLcHRhZkpGS09SRDVRUzZlaFZnUGtnNzQ3Um9ITFdQWE82aUh4Znk4eGNlbm9BQ0FVVXZKeWZHSUw0OFNpS1luWWxHVlQxWU5FU281VHNWeGNDcDI5VERteFVBcXlVdC9Qc0taaUJkamN5cTFaZEJNNmwzSlkrWXJ1YW9kZlBqalUxSm1QK1VUNHUxa2pENnpIWVhLY0I4L0YzZjV5SU0veXF2SmIxRnBLWFdRNGN5K2tZPXw&cppv=2

Requested by

Host: xsmb1.com
URL: https://xsmb1.com/

Protocol

Server

178.250.1.11 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

103e130dc8495fbd3cc13556dd226920538082422c1dc3a7dc0233d5e5e5a613

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://xsmb1.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Mar 2023 20:29:24 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: null
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 1110988
expires: 0

Redirect headers

pragma: no-cache
date: Fri, 17 Mar 2023 20:29:23 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
access-control-allow-methods: GET
location: https://mug.criteo.com/sid?cpp=wkDPxXx1UG5VUkJuV2t6dUVkakNybG9pcTNmV0pNZTB2UTBqb3NhL2RueEpwQzRlVnZGZFZvZHA2UDc3NGVLcHRhZkpGS09SRDVRUzZlaFZnUGtnNzQ3Um9ITFdQWE82aUh4Znk4eGNlbm9BQ0FVVXZKeWZHSUw0OFNpS1luWWxHVlQxWU5FU281VHNWeGNDcDI5VERteFVBcXlVdC9Qc0taaUJkamN5cTFaZEJNNmwzSlkrWXJ1YW9kZlBqalUxSm1QK1VUNHUxa2pENnpIWVhLY0I4L0YzZjV5SU0veXF2SmIxRnBLWFdRNGN5K2tZPXw&cppv=2
access-control-allow-origin: https://xsmb1.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 632385
content-length: 0
expires: 0

GET
H2 200 id Show response
id.crwdcntrl.net/ 43 B
313 B 128ms
62ms XHR
application/json 52.17.83.170
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://id.crwdcntrl.net/id
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/161673/7165/pwt.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.17.83.170 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-17-83-170.eu-west-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: a96e1e97d62ab9747678b947bdf0a0ea5f81790b1e3a1df2d4607a86bf802596

Request headers

Referer: https://xsmb1.com/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 17 Mar 2023 20:29:24 GMT
server: Jetty(9.4.38.v20210224)
content-type: application/json;charset=utf-8
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: https://xsmb1.com
cache-control: no-cache
x-server: 10.45.26.241
access-control-allow-credentials: true
content-length: 43
expires: 0

OPTIONS
H2 200 sid
mug.criteo.com/ Frame 0
0 63ms
13ms Preflight
application/json 178.250.1.11
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.1.11 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: null
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET
access-control-allow-origin: null
cache-control: no-cache, no-store, must-revalidate
content-encoding: gzip
content-type: application/json; charset=utf-8
date: Fri, 17 Mar 2023 20:29:23 GMT
expires: 0
pragma: no-cache
server: Kestrel
server-processing-duration-in-ticks: 257501
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

OPTIONS
H2 200 sid
mug.criteo.com/ Frame 0
0 63ms
13ms Preflight
application/json 178.250.1.11
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.1.11 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: null
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET
access-control-allow-origin: null
cache-control: no-cache, no-store, must-revalidate
content-encoding: gzip
content-type: application/json; charset=utf-8
date: Fri, 17 Mar 2023 20:29:23 GMT
expires: 0
pragma: no-cache
server: Kestrel
server-processing-duration-in-ticks: 232783
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 14 KB
11 KB 69ms
69ms XHR
application/json 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230315&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f748cc1f6c9316adb3f732eacfe58281f940f247e446182c6f5f0a084d46d8ba

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://xsmb1.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 17 Mar 2023 20:29:24 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11116
x-xss-protection: 0

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 86ms
38ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://xsmb1.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 17 Mar 2023 20:29:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 17 Mar 2023 20:29:24 GMT

GET
H2 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 9C54 13 KB
5 KB 28ms
19ms Document
text/html 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://xsmb1.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

accept-ranges: bytes
age: 20810
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 17 Mar 2023 14:42:34 GMT
expires: Sat, 16 Mar 2024 14:42:34 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame C811 783 B
1 KB 84ms
31ms Document
text/html 2a00:1450:4001:806::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

ad565ef36f981ca04c6ded0ebe59e4cb7a80ba3be16c44f7c2b8f3cf8c889617

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-8_SsJ-4qabV-ND-bOYAp1A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://xsmb1.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 512
content-security-policy: script-src 'report-sample' 'nonce-8_SsJ-4qabV-ND-bOYAp1A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Fri, 17 Mar 2023 20:29:24 GMT
expires: Fri, 17 Mar 2023 20:29:24 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 n7KdSiWJFgbDLHajlxoGzrM9J1DJZleIE0kt7I04uFE.js Show response
pagead2.googlesyndication.com/bg/ Frame 9C54 36 KB
14 KB 21ms
20ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/n7KdSiWJFgbDLHajlxoGzrM9J1DJZleIE0kt7I04uFE.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9fb29d4a25891606c32c76a3971a06ceb33d2750c966578813492dec8d38b851

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 17 Mar 2023 17:46:35 GMT
content-encoding: br
x-content-type-options: nosniff
age: 9769
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14330
x-xss-protection: 0
last-modified: Tue, 14 Mar 2023 09:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 16 Mar 2024 17:46:35 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame C811 0
0 54ms
53ms Image
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20230315&jk=522058922162169&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 9C54 0
10 B 20ms
19ms Image
text/plain 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?TL-oiQ
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 17 Mar 2023 20:29:24 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 200 c
c.adskeeper.co.uk/ 43 B
249 B 41ms
41ms Image
image/gif 2606:4700::6812:a14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.adskeeper.co.uk/c?f=1&pv=3&v=119|157|8|kSOFhaCGVMq98QlVFc-a5-ZRd6VCmtdh4AiUe5N-EZ5QP9qD6efvU5MHzsvRjjml3uNVFZtNEdel-Vb8AD1BJA**&fw=1&extjs=66044&cid=1101395&h2=Dx967XgLhs7RWCzofF94NPLLwKxvjQCgXeZO-24sl5s*&rid=67b0b044-c502-11ed-89b0-e43d1a2a96ea&tt=Direct&iv=11&pageImp=1&pvid=186f14346e18b0f1692&cbuster=1679084965094804900317
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6812:a14 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://xsmb1.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 17 Mar 2023 20:29:25 GMT
cf-cache-status: DYNAMIC
x-mg-request-uuid: 8ec7b9ea-4b52-48be-930a-7a75a1ac4bae
server: cloudflare
content-type: image/gif
cf-ray: 7a97fce7edee39ce-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 59ms
58ms Image
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20230315&jk=522058922162169&bg=!HB-lH0vNAAZEjmHWZI47ADkAdvg8WrucS9grJeUyPpzsM1KnYPgP5LCPecvTOroK3HaiB-Jf-8RZDllVAKPLYIk7fYZgNFct9OACAAAAmFIAAAADaAEHCgC58Ec3vbLoxXZ-YSDblXQl5ObaZbY-6ryfOlzLLJt4SqLtyCtud1GsqQa85InIZRLPR2nQKGiS21QdcOuSqKuRWPuMQtM8B6C9DKI6EGOTpiHsS6xOUQjIs6csKnl3mbUe-b0wahdVhGtUbk83mqOBLadgzuHwMc8vuIARbeZQBOoXVWEVc-gZ47htulcuT6wkdmDpU7A6EEbbAr6umgeFOzKVBUDOfcTq09PFYQ2o_u79FPVruOnAnR2ZAqGSruMVb1VHY30oI-7Yk06ep6JEs09q6e6x_AVP_lroXP0EcKUXSYgXWmuQ3DfboJ08VRcMWH3_qMQVYxdlSHYhbGF0UTEhNnFttjBP-EWCd7C1zHFou7iGhOAbnXrUUN9Dua38CVvQPMfM26SmOeMTqcZwQwHbRP646EotcNsZ1pjKClrrfstaer-JwUI7h1WtIccY5p2tiV4fGJOndicvTcKMbgJC3B4vkxTu5-M7CCBQalskLAzxu7IbqOP-R2F2IValpiC3MZzTWHjP0CEaxoJvY53ojAyGbs2Cl_sx2NNL7krSq6XJKAudRJgmFyNbzr6TF0j2pA7NQ1fCvN9gyzKQNnzsn1r10KRYsKW94BcsbngMT_klzncqAEXBCSDoPm1BT-rM7CRErxeZ1CBFSp55ISj1Uu7uSfxwrb7A8J1QexzdHConNZrGC7RsQ-K2IO69JP1EZ9in4fJ9EgJefouVU78proMYdzYQ1yP1vqF8U6_H0MmvpW0Pm11AQlhBS5ohbiQHGFjrV5TRw3z9qT0gg5Oxbkw6Rvfrx5R5i0lwQ7YDYuvkobq-3FG5_OdoRcNGXuu7CmaWW1gysXAEMEb7fw1y814tggSEsnoa21XSygBabI2X4zyQ_664uSu1DLtXoe8tSPRIDI3rcWkED8GR_PW4srn-aoqhPMn5Re6cbOoQgsAJ7E_En9tucBptMx6aC4g9BJ3NfQNGq4s0HEc8O1RIkAFl_VzxBS14S-bj_fxDOYmKoSKSv_J86y0kaYCJZqD1XSiR8_ZktFSMzJVP5sAH4pYlrGvLsdADUddIIuz_vgy5EHQ-JRy0WhHvrrZg4_TVtuczRhax85V-gljwq7YnbK01_wUCnOTVpdfMDN2ByMeOfyeRIy6kG16C
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://xsmb1.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

GET
H3 200 c
c.adskeeper.co.uk/ 43 B
213 B 34ms
33ms Image
image/gif 2606:4700::6812:a14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.adskeeper.co.uk/c?pv=3&v=119|157|8|kSOFhaCGVMq98QlVFc-a54983AYXW-7GGy1BUZ92jR4HNAst2sNy06-ZEWL9HaIUZX0sSc0ew5f14DsVvsnMDQ**&extjs=66044&v=119|157|8|kSOFhaCGVMq98QlVFc-a55bmwsMgWeQHM_HL6Hw9z0LAlX6l9CAB5dQdbhJMNWrrpjvniYXWQOM3tz4-WsXaUg**&v=119|157|8|kSOFhaCGVMq98QlVFc-a57kx14L1GzG-bKqbhtM2VbUu0amTuYDSM66QZIkhgznvGV6aj6IgLJoJczpsRkSjxw**&cid=1101395&h2=Dx967XgLhs7RWCzofF94NPLLwKxvjQCgXeZO-24sl5s*&rid=67b0b044-c502-11ed-89b0-e43d1a2a96ea&tt=Direct&iv=11&pageImp=0&pvid=186f14346e18b0f1692&cbuster=1679084965393263811086
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6812:a14 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://xsmb1.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 17 Mar 2023 20:29:25 GMT
cf-cache-status: DYNAMIC
x-mg-request-uuid: 6d2be35f-0b35-44f0-a1c0-ac34096f34ad
server: cloudflare
content-type: image/gif
cf-ray: 7a97fce9c90539ce-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43

Verdicts & Comments Add Verdict or Comment

112 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

14 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
xsmb1.com/	1969-12-31 23:59:59	Name: JSESSIONID Value: sQvxQtRWX_R75mhPJXkun4Mmb7O24I9t_g4zhq7sWGuaMaPLNHip!175229705
.xsmb1.com/	1970-01-20 20:00:44	Name: _ga Value: GA1.2.1509602060.1679084961
.xsmb1.com/	1970-01-20 10:26:11	Name: _gid Value: GA1.2.557862081.1679084961
.xsmb1.com/	1970-01-20 10:24:45	Name: _gat_gtag_UA_75176162_2 Value: 1
.xsmb1.com/	1970-01-20 19:46:20	Name: __gads Value: ID=92ad061584da767c-22aba863d0de00b2:T=1679084961:RT=1679084961:S=ALNI_MbM6NEU9G7uTOlWxYBLYQrpXm1vQQ
.xsmb1.com/	1970-01-20 19:46:20	Name: __gpi Value: UID=00000bc7ec5e7f9a:T=1679084961:RT=1679084961:S=ALNI_MYxpyquJ-6QlGplrVZhZQoI6ZRiow
.doubleclick.net/	1970-01-20 10:24:45	Name: test_cookie Value: CheckForPermission
.xsmb1.com/	1970-01-20 12:34:20	Name: _fbp Value: fb.1.1679084961858.953561097
.xsmb1.com/	1970-01-20 10:24:46	Name: __cf_bm Value: YDaDGcQm1A52a1Sq1JFkGfQeAaxIjbcHfiSsGlNdugQ-1679084962-0-AfCzEaRCi+CX6ibUSvQPRWkxysywnlRuxftdsvXIiTjbPDO5+6cOylt72lNh/IlBdcjc2+Y1VR5mFU70yfjyEFqCB+OwJOfPAyaTvM889RWbaCM5+NQPXqfoHBdhCK36Jw==
.mgid.com/	1970-01-20 10:24:46	Name: __cf_bm Value: I3MAxv5wR2x8aTHd3HKUhGaTCQoK8b0qFL4p7rIo7rg-1679084963-0-AX9iNx2afHf+EB3uQxDS2Q0bXDqfDFHQpB5Q7WSreyWf7Mt4bhSSKu2Us5TqXVBKfYvAa6S7JNjXoXpKE1tmZkQ=
xsmb1.com/	1969-12-31 23:59:59	Name: AdskeeperStorage Value: %7B%220%22%3A%7B%22svspr%22%3A%22%22%2C%22svsds%22%3A1%7D%2C%22C1101390%22%3A%7B%22page%22%3A1%2C%22time%22%3A1679084963896%7D%2C%22C1101395%22%3A%7B%22page%22%3A1%2C%22time%22%3A1679084963890%7D%7D
xsmb1.com/	1970-01-20 11:07:56	Name: _pbjs_userid_consent_data Value: 3524755945110770
.xsmb1.com/	1970-01-20 19:46:20	Name: cto_bundle Value: 9aek3V8yeVdva01ZS1JvclZDWGFTYVZJR3c3RmR6TDk5enBZNmMlMkJySGN2dEVHWHdBb1dQQk4lMkJmUnJobWgzWkl0NGJ6V1gyOXFYMHJubTdTU0NQT2wlMkJ2OFlGc2ZjcmV6TG9ORmV1T1QyempaUld5UHdzOGNHZE5rcHJWQk9oNmRYOUhiSA
.xsmb1.com/	1970-01-20 19:46:20	Name: cto_bidid Value: 0iE2nV9lJTJGMVplUjBlWGlRaTUxc2I3bXV6dnRYSWZoUUY0U3ZTWXB0UCUyQnVmeHh5WTZMMkVPUFNDcndFZmxnY3JKY3lzbWtMUXl3WVFDU2ZkU21Ga0tpa29UZWclM0QlM0Q

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8294080246000107&output=html&adk=1812271804&adf=3025194257&lmt=1679084961&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=260x945_l%7C500x945_r&format=0x0&url=https%3A%2F%2Fxsmb1.com%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1679084960497&bpp=547&bdt=165&idt=666&shv=r20230315&mjsv=m202303140101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=4968247477165&frm=20&pv=2&ga_vid=1509602060.1679084961&ga_sid=1679084961&ga_hid=322086666&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44777876%2C44759875%2C44759926%2C31073099&oid=2&pvsid=522058922162169&tmod=78232909&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=692 Message: Failed to load resource: the server responded with a status of 403 ()
security	warning	URL: https://xsmb1.com/ Message: Mixed Content: The page at 'https://xsmb1.com/' was loaded over HTTPS, but requested an insecure element 'http://static.xoso.wap.vn/version_2/images/quangcao/300x250-1.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ads.pubmatic.com
adservice.google.com
adservice.google.nl
c.adskeeper.co.uk
cdn.adskeeper.co.uk
cm.adskeeper.co.uk
connect.facebook.net
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
gum.criteo.com
id.crwdcntrl.net
img.icons8.com
jsc.adskeeper.co.uk
jsc.mgid.com
mug.criteo.com
pagead2.googlesyndication.com
partner.googleadservices.com
qc.kqbd88.com
s-img.adskeeper.co.uk
servicer.adskeeper.co.uk
static.xoso.wap.vn
static.xsmb1.com
tpc.googlesyndication.com
www.facebook.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.gstatic.com
xsmb1.com
178.250.1.11
2001:4860:4802:38::178
210.211.99.108
2606:4700:1::6813:884e
2606:4700::6812:a14
2606:4700::6812:b14
2a00:1450:4001:801::2003
2a00:1450:4001:806::2002
2a00:1450:4001:806::2004
2a00:1450:4001:80b::2002
2a00:1450:4001:811::2001
2a00:1450:4001:811::2008
2a00:1450:4001:82a::2002
2a00:1450:4001:82a::200a
2a00:1450:4001:82b::2002
2a02:2638::1c
2a02:6ea0:c700::11
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
2a06:98c1:3121::3
52.17.83.170
69.192.160.199
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
0948409a22b5979aa7e1ec20da9e61f12e7d403800b541ece053881bd2542b70
0a19fce040b8127f3e2e3ed609f7800153be329d6420b53295fb79a4f40012ec
0b68e8634c96265eb32a0c769416b5b02215ee3fee0c9e228f3455dc13ecabaf
0cdfd65d00bd89af0c5bb8a8953d1765458240351d5baa84fcde02171b572338
103e130dc8495fbd3cc13556dd226920538082422c1dc3a7dc0233d5e5e5a613
117a59881ef5256c2075fc5ba5a84fa4230d60d27d2148604fc4835f8b879360
14f7199342f507c75d398d327ad7d65b07d80d7b0cb06ac31dd956dbfd0574c4
207b4dc79c1d2d4f2b4c64e85d02bce467e1ad692724eb3e47fd574c9e6cfa07
247a64693b38ff04db57ff8b3b5fc308e593957d0bea794ab66aa2a47e3536ca
25795c5164a6b299891cdaf8925dfb9b5e7961ac9f740667c3722e0111353986
2581ad76872186ba32d49425483ccb4a01a803e7ec58a959046aba7b5d1d00c7
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
2ec492f62e2166d2bcb25bd011835ed8e6ad017ec9bb583b0d6b87111fbf9310
340eabc2a7ab4875f5dee7bb25cded5f5ddec3e900dd452777b7be63e89b4292
361239aeba0a3d4892786490dc32023a1519f6e682469e6aeb829c9d7d1bde5e
38c81a6bc46665e0d8a256feb50a93eab7db7aeab4bf7f3d051da55315a5b597
3c1798ee0e6e7de78f91bb457e6670385951caea9fc9c97295ca303ec6fe49be
3c23eb02de6b34e30f18cfb7167abd81a2cedfd1da60dfcb71989517ab3fb431
3e93c0d4f5f553f6938285b9b9cea3559e584b43f3592752cd42647f91c376cc
41381bdf3719d5cf87bb8106ff98ab4e0e015066c556d28c55a5cc19023f3a0a
492f416182c343648a35c4f704bb621a9bffc596f67580ffff3df88bf9e5e183
4ec57f2a80b91090971b83970230ca09ab3568c5f5b224896ca9aa6180a76aa9
50583ed80e031eb7f1c97e6ea480a8095f42c7975f691c91f45a53211cd4fc7f
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
575a88cd7a18108bb0a0980fed622d9e85f2a0131314fbd6cdf86c2ecfa432de
57a782fe52ca48eda3ce791e4d1f3866f02fdc75395d3f355e5a54c40e623d19
5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de
5f8b72d9b3de24321c4602baa9eb009d434dd51f792eabebbd7c97683b235558
60ddc774c7b5fd0c01d169321a444da403d60c0042f6bee01b0c96f6e1535fda
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6920066b5959704db1374491cfd7f94f719acb687f8fa641750a2c01147592e1
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6e5ef5b3c3f306713e18112a770cd89bbbd16063641cfcd520e40bcf61408a7e
7414d887e041987c07ceb790235a2e6cc2cc5909e3f0e6aaf38ec5ca34f5edf5
77b24796a3d4ab521f66765651875338ed50cb9306cfe4603a3e79618e429cec
7d575744fbbd2500e185a769db715edeb9278f5d4486b456868c04f3e735c052
7dd349d9689820cdca94922f9c9dccba2fdf14d309dd3aa08194039cc57bb6f3
7f1c829b0c90fd664a03bb714a74f7d35d9e38ee1687104abc8ad5bd9c8ccb6c
81b4e656b88f5328a624f8de1d4189678ebe24457acd785a8bd654170789783a
8722172093266e44847fc4b60da4a4c94f740f7ae04eb34307e3d1b1a5afec6d
880de7665b1aaa840303313deca3352af257d55aed4584d5e17f0fbffe0fde01
89e6a57b279f6b8a0bb73bc8dc0c529e5e54a3c55f5bc299336dfdb28fb760d9
90fb25eda0284475ab54a678a70cfc6d183f51e8db8318b71be4f87f2b45e55c
9582ced8a675bf267cc7ac392a86413ed850e53c85919b93719134ecc22ea04b
9e422bb0d7984fe87783d040c57ffbe112bf631cd6757c1637e8090de687fddd
9fb29d4a25891606c32c76a3971a06ceb33d2750c966578813492dec8d38b851
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a52a2a76c890b60c9db5d5a18370cc26e7eede0f4b0ac1df91bc49a3b54fc6aa
a8c979abdf5904b30f9a06e8adb30f03dae8cfd45268a945db81050e1e8cd8dc
a96e1e97d62ab9747678b947bdf0a0ea5f81790b1e3a1df2d4607a86bf802596
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
abeb1cd666eb4b7ecdb9bf86eca28358007a74ea2bed6d00e59e30b703ce6668
ad565ef36f981ca04c6ded0ebe59e4cb7a80ba3be16c44f7c2b8f3cf8c889617
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
b7eaf0683081d1ec178eafefff2c407475fe4e69e0d7104e0121f72dcdd1c4d2
be60e7c4534e7bacb6bcf321453d16df9a17339f19de7b2674e4d2bbb3336bfd
bea2774827e04e615768fcf5db983279e5007bbeb4f8482fe47326a6f483859e
bf3fbb19e9654fa5727bc1312cd4b8bd54d23adb70168da4315cead4666f7dc8
bfa46fd1167b331cfc669eb03da2c6a3265dcfe7f21a991b1960ae5dbc0fa232
c0fe225d3c1402cd8de94163dc5ebd015889d1336e9660325325c15614cfbf3c
c76d908cc168309691a5344f8f55217683285581e667d6a2f87a94661a4f29cc
ca070dfc7785775cbf5cce16064029ee534259de42c6d9de10e476e710000e93
ce2af78568d223fb64e11bad152ac76f6f3da732d06d38ee05e71931ee59e959
d03b70a463db165b3fe59f2a48f8d506720865af913a9e265d9918f6f88b5dea
d11657287cf31157ba8817908561d868ad22dd5b5e36b153499f033468680a9e
d11a6072df58f67c1c47b71e5353d3e9e60eef3e71aa636cb771f0dfabb80d75
d24b88360a063b70e1b96a3d30a70d9df99dc80733d855dd6c0a4d608cff22da
d24c25baae7cea20ac412c14924d522f75c78fe429139de810b21462519aa921
d569db18093c3af73cc6ce00bf66509f7e75d26b1e72851eb4c21c925bd6edec
daedf9178a7d062112a0b0fcf32be112c08e8762036d107433188548c143c7e8
db0424fb67fb52e7e538490240cc7fb9c05aa076333a4968f3dee30b825dabf9
e37071398d21f18dff2370ee0885f38811bb69bb465b398100ab3101fc521d6b
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e46d7c330d93ed1f46eac182657707e88ef70819d1c44d0a830b9870fe1f3aea
e79c1c1a140e6afb861074c70392db54cc65a06050de2a69162ab94eb95b0516
ed449020b65b29fada541cbeb7211419a95822b958aad9632d8b06df94964b67
f1afbf02ff203dd3afa888e73449b44a0ce303f21ece8ee6e8277ec354cc1d63
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f748cc1f6c9316adb3f732eacfe58281f940f247e446182c6f5f0a084d46d8ba
f7a892c96fd9db001f4c4ea9c26b2d42b1b39d0263ffe159b1fdc41f64b4a491
fc66f942651a9fe1a598770d3d896529dcd7a03d02f40655451513093103e61b
fd468a66ddfd25434ac4e36aceae29db71a47fadd168a84add2295d43c82d871
ff9bcdd5965fb5ca5ee54c895a1666a0eea1394d221202e3b88d8df5525a0f72

xsmb1.com Open in urlscan Pro 2a06:98c1:3121::3 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

106 Requests

92 %HTTPS

82 %IPv6

20 Domains

30 Subdomains

23 IPs

5 Countries

2024 kBTransfer

4528 kBSize

14 Cookies

20 Outgoing links

Redirected requests

106 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

xsmb1.com Open in urlscan Pro
2a06:98c1:3121::3 Public Scan

Screenshot
Live screenshot

Full Image

106
Requests

92 %
HTTPS

82 %
IPv6

20
Domains

30
Subdomains

23
IPs

5
Countries

2024 kB
Transfer

4528 kB
Size

14
Cookies

106 HTTP transactions
0 data transactions