| nguonphimc.com/site/site/embed/?url=http://nguonphimb.com/xem-phim/vuong-quoc-cua-gio-f43859-15c-e533613.html | 94.242.50.163 | | 0 B |
URL nguonphimc.com/site/site/embed/?url=http://nguonphimb.com/xem-phim/vuong-quoc-cua-gio-f43859-15c-e533613.html IP94.242.50.163:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /site/site/embed/?url=http://nguonphimb.com/xem-phim/vuong-quoc-cua-gio-f43859-15c-e533613.html HTTP/1.1
Host: nguonphimc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 301 Moved Permanently
Date: Fri, 19 Apr 2024 03:37:18 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.0.33
X-Powered-By: PHP/7.0.33
Set-Cookie: PHPSESSID=6e7p16rmec7uov8hvl0a1h0f25; path=/
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Location: http://nguonphimc.com/site/site/embed/?url=http://nguonphimb.com/xem-phim/vuong-quoc-cua-gio-f43859-15c-e533613.html
X-UA-Compatible: IE=edge,chrome=1
Content-Length: 0
Connection: close
Content-Type: text/html; charset=UTF-8
|
|
| nguonphimc.com/site/site/embed/?url=http://nguonphimb.com/xem-phim/vuong-quoc-cua-gio-f43859-15c-e533613.html | 94.242.50.163 | | 732 B |
URL nguonphimc.com/site/site/embed/?url=http://nguonphimb.com/xem-phim/vuong-quoc-cua-gio-f43859-15c-e533613.html IP94.242.50.163:0
File typeHTML document, Unicode text, UTF-8 text, with CRLF, LF line terminators Hash275bb0c447eefe25e5b8309201df47a2 59c3bbe244d40eed0b315b0a0c6547039635deeb ae07b8a1d3ab3b03b83fe2af8271fdbb6a0f437fea0503c52eb554280cb16f42
GET /site/site/embed/?url=http://nguonphimb.com/xem-phim/vuong-quoc-cua-gio-f43859-15c-e533613.html HTTP/1.1
Host: nguonphimc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Cookie: PHPSESSID=6e7p16rmec7uov8hvl0a1h0f25
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 19 Apr 2024 03:37:18 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.0.33
X-Powered-By: PHP/7.0.33
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Set-Cookie: us_session_id=P26349; expires=Sat, 20-Apr-2024 03:37:18 GMT; Max-Age=86400; path=/
Vary: Accept-Encoding
Content-Encoding: gzip
X-UA-Compatible: IE=edge,chrome=1
Content-Length: 732
Connection: close
Content-Type: text/html; charset=UTF-8
|
|
| nguonphimc.com/assets/3bd14e95/jquery.min.js | 94.242.50.163 | 200 OK | 34 kB |
URL GET HTTP/1.1nguonphimc.com/assets/3bd14e95/jquery.min.js IP94.242.50.163:80
Requested byhttp://nguonphimc.com/xem-phim/vuong-quoc-cua-gio-f43859-15c-e533613.html
File typeJavaScript source, ASCII text, with very long lines (32077) Hash0fca26b5a37a66d68d0f4406976be4b5 ee000eb654b3bd37185665d3901e93b34ce1aa52 8c2812ded6436715279f8fd8db58de307aa39ab0296fe3cf0e879067c51e9b18
GET /assets/3bd14e95/jquery.min.js HTTP/1.1
Host: nguonphimc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://nguonphimc.com/site/site/embed/?url=http://nguonphimb.com/xem-phim/vuong-quoc-cua-gio-f43859-15c-e533613.html
Cookie: PHPSESSID=6e7p16rmec7uov8hvl0a1h0f25; us_session_id=P26349
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 19 Apr 2024 03:37:18 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.0.33
Last-Modified: Wed, 30 Nov 2022 09:07:34 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: max-age=31536000, proxy-revalidate
Expires: Sat, 19 Apr 2025 03:37:18 GMT
Content-Length: 33693
Connection: close
Content-Type: application/javascript; charset=utf-8
|
|
| m3.nguonphim.net/media/images/1/favi/favicon-1498701606.png | 94.242.50.163 | 200 OK | 18 kB |
URL GET HTTP/1.1m3.nguonphim.net/media/images/1/favi/favicon-1498701606.png IP94.242.50.163:80
Requested byhttp://nguonphimc.com/xem-phim/vuong-quoc-cua-gio-f43859-15c-e533613.html
File typePNG image data, 46 x 48, 8-bit/color RGBA, non-interlaced Hashe6f4a93efe2d93e885abcbb4cc09cd4a e4f94b9e95b40e30b215228316bb7f8c48d08ed2 93b7bbea433aa41f6efb860d3d9777d363f9e64fc1ad4186cd9ef525bbee9c94
GET /media/images/1/favi/favicon-1498701606.png HTTP/1.1
Host: m3.nguonphim.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://nguonphimc.com/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 19 Apr 2024 03:37:18 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.0.33
Last-Modified: Wed, 05 Jul 2017 04:14:59 GMT
ETag: "45d1-5538a3e52eb40"
Accept-Ranges: bytes
Content-Length: 17873
Cache-Control: max-age=5184000, public
Expires: Tue, 18 Jun 2024 03:37:18 GMT
Access-Control-Allow-Origin: *
Connection: close
Content-Type: image/png
|
|
| nguonphimb.com/xem-phim/vuong-quoc-cua-gio-f43859-15c-e533613.html | 94.242.50.163 | 301 Moved Permanently | 4 B |
URL User Request GET HTTP/1.1nguonphimb.com/xem-phim/vuong-quoc-cua-gio-f43859-15c-e533613.html IP94.242.50.163:443
CertificateIssuerLet's Encrypt Subjectnguonphimb.com FingerprintD9:F9:6D:82:7E:A7:A1:8A:D2:1B:76:5D:02:EA:BC:09:D5:71:F2:51 ValidityFri, 29 Mar 2024 10:13:08 GMT - Thu, 27 Jun 2024 10:13:07 GMT
File typeASCII text, with no line terminators Hashf92965e2c8a7afb3c1b9a5c09a263636 e9b450d14bc2363d292c84f17cfad5cfbd58a458 11a6767d5674c7e45f7e00dc525762275b3a48491ad6045427d2609cc496c516
GET /xem-phim/vuong-quoc-cua-gio-f43859-15c-e533613.html HTTP/1.1
Host: nguonphimb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://nguonphimc.com/
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 302 Found
Date: Fri, 19 Apr 2024 03:37:19 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.0.33
X-Powered-By: PHP/7.0.33
Location: https://nguonphimb.com/site/site/embed/?url=https%3A%2F%2Fnguonphimb.com%2Fxem-phim%2Fvuong-quoc-cua-gio-f43859-15c-e533613.html
X-UA-Compatible: IE=edge,chrome=1
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Content-Length: 4
Connection: close
Content-Type: text/html; charset=UTF-8
|
|
| nguonphimb.com/site/site/embed/?url=https%3A%2F%2Fnguonphimb.com%2Fxem-phim%2Fvuong-quoc-cua-gio-f43859-15c-e533613.html | 94.242.50.163 | | 0 B |
URL nguonphimb.com/site/site/embed/?url=https%3A%2F%2Fnguonphimb.com%2Fxem-phim%2Fvuong-quoc-cua-gio-f43859-15c-e533613.html IP94.242.50.163:0
CertificateIssuerLet's Encrypt Subjectnguonphimb.com FingerprintD9:F9:6D:82:7E:A7:A1:8A:D2:1B:76:5D:02:EA:BC:09:D5:71:F2:51 ValidityFri, 29 Mar 2024 10:13:08 GMT - Thu, 27 Jun 2024 10:13:07 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /site/site/embed/?url=https%3A%2F%2Fnguonphimb.com%2Fxem-phim%2Fvuong-quoc-cua-gio-f43859-15c-e533613.html HTTP/1.1
Host: nguonphimb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://nguonphimc.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 301 Moved Permanently
Date: Fri, 19 Apr 2024 03:37:20 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.0.33
X-Powered-By: PHP/7.0.33
Set-Cookie: PHPSESSID=88s13jl4seh2hhqihd0n2h05m4; path=/
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Location: http://nguonphimb.com/site/site/embed/?url=https%3A%2F%2Fnguonphimb.com%2Fxem-phim%2Fvuong-quoc-cua-gio-f43859-15c-e533613.html
X-UA-Compatible: IE=edge,chrome=1
Content-Length: 0
Connection: close
Content-Type: text/html; charset=UTF-8
|
|
| nguonphimb.com/site/site/embed/?url=https%3A%2F%2Fnguonphimb.com%2Fxem-phim%2Fvuong-quoc-cua-gio-f43859-15c-e533613.html | 94.242.50.163 | | 0 B |
URL nguonphimb.com/site/site/embed/?url=https%3A%2F%2Fnguonphimb.com%2Fxem-phim%2Fvuong-quoc-cua-gio-f43859-15c-e533613.html IP94.242.50.163:0
CertificateIssuerLet's Encrypt Subjectnguonphimb.com FingerprintD9:F9:6D:82:7E:A7:A1:8A:D2:1B:76:5D:02:EA:BC:09:D5:71:F2:51 ValidityFri, 29 Mar 2024 10:13:08 GMT - Thu, 27 Jun 2024 10:13:07 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /site/site/embed/?url=https%3A%2F%2Fnguonphimb.com%2Fxem-phim%2Fvuong-quoc-cua-gio-f43859-15c-e533613.html HTTP/1.1
Host: nguonphimb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://nguonphimc.com/
DNT: 1
Connection: keep-alive
Cookie: PHPSESSID=88s13jl4seh2hhqihd0n2h05m4
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 301 Moved Permanently
Date: Fri, 19 Apr 2024 03:37:20 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.0.33
X-Powered-By: PHP/7.0.33
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Location: http://nguonphimc.com/site/site/embed/?url=https%3A%2F%2Fnguonphimb.com%2Fxem-phim%2Fvuong-quoc-cua-gio-f43859-15c-e533613.html
X-UA-Compatible: IE=edge,chrome=1
Content-Length: 0
Connection: close
Content-Type: text/html; charset=UTF-8
|
|
| nguonphimc.com/site/site/embed/?url=https%3A%2F%2Fnguonphimb.com%2Fxem-phim%2Fvuong-quoc-cua-gio-f43859-15c-e533613.html | 94.242.50.163 | | 757 B |
URL nguonphimc.com/site/site/embed/?url=https%3A%2F%2Fnguonphimb.com%2Fxem-phim%2Fvuong-quoc-cua-gio-f43859-15c-e533613.html IP94.242.50.163:0
File typeHTML document, Unicode text, UTF-8 text, with CRLF, LF line terminators Hash7964f390d33c3239d9e19995bd672a26 8d24c6f006ef0056a47572bec13db41446484985 5cc79ce0a3c4f2165667006c4d121810198aaaefa44b9ac46622917613e54589
GET /site/site/embed/?url=https%3A%2F%2Fnguonphimb.com%2Fxem-phim%2Fvuong-quoc-cua-gio-f43859-15c-e533613.html HTTP/1.1
Host: nguonphimc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://nguonphimc.com/
DNT: 1
Connection: keep-alive
Cookie: PHPSESSID=6e7p16rmec7uov8hvl0a1h0f25; us_session_id=P26349
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 19 Apr 2024 03:37:20 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.0.33
X-Powered-By: PHP/7.0.33
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: Accept-Encoding
Content-Encoding: gzip
X-UA-Compatible: IE=edge,chrome=1
Content-Length: 757
Connection: close
Content-Type: text/html; charset=UTF-8
|
|
| nguonphimc.com/assets/3bd14e95/jquery.min.js | 94.242.50.163 | 200 OK | 34 kB |
URL GET HTTP/1.1nguonphimc.com/assets/3bd14e95/jquery.min.js IP94.242.50.163:80
Requested byhttp://nguonphimc.com/xem-phim/vuong-quoc-cua-gio-f43859-15c-e533613.html
File typeJavaScript source, ASCII text, with very long lines (32077) Hash0fca26b5a37a66d68d0f4406976be4b5 ee000eb654b3bd37185665d3901e93b34ce1aa52 8c2812ded6436715279f8fd8db58de307aa39ab0296fe3cf0e879067c51e9b18
GET /assets/3bd14e95/jquery.min.js HTTP/1.1
Host: nguonphimc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://nguonphimc.com/site/site/embed/?url=https%3A%2F%2Fnguonphimb.com%2Fxem-phim%2Fvuong-quoc-cua-gio-f43859-15c-e533613.html
Cookie: PHPSESSID=6e7p16rmec7uov8hvl0a1h0f25; us_session_id=P26349
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 19 Apr 2024 03:37:21 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.0.33
Last-Modified: Wed, 30 Nov 2022 09:07:34 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: max-age=31536000, proxy-revalidate
Expires: Sat, 19 Apr 2025 03:37:21 GMT
Content-Length: 33693
Connection: close
Content-Type: application/javascript; charset=utf-8
|
|
| m3.nguonphim.net/media/images/1/favi/favicon-1498701606.png | 94.242.50.163 | 200 OK | 18 kB |
URL GET HTTP/1.1m3.nguonphim.net/media/images/1/favi/favicon-1498701606.png IP94.242.50.163:80
Requested byhttp://nguonphimc.com/xem-phim/vuong-quoc-cua-gio-f43859-15c-e533613.html
File typePNG image data, 46 x 48, 8-bit/color RGBA, non-interlaced Hashe6f4a93efe2d93e885abcbb4cc09cd4a e4f94b9e95b40e30b215228316bb7f8c48d08ed2 93b7bbea433aa41f6efb860d3d9777d363f9e64fc1ad4186cd9ef525bbee9c94
GET /media/images/1/favi/favicon-1498701606.png HTTP/1.1
Host: m3.nguonphim.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://nguonphimc.com/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 19 Apr 2024 03:37:21 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.0.33
Last-Modified: Wed, 05 Jul 2017 04:14:59 GMT
ETag: "45d1-5538a3e52eb40"
Accept-Ranges: bytes
Content-Length: 17873
Cache-Control: max-age=5184000, public
Expires: Tue, 18 Jun 2024 03:37:21 GMT
Access-Control-Allow-Origin: *
Connection: close
Content-Type: image/png
|
|
| nguonphimb.com/xem-phim/vuong-quoc-cua-gio-f43859-15c-e533613.html | 94.242.50.163 | 301 Moved Permanently | 0 B |
URL User Request GET HTTP/1.1nguonphimb.com/xem-phim/vuong-quoc-cua-gio-f43859-15c-e533613.html IP94.242.50.163:443
CertificateIssuerLet's Encrypt Subjectnguonphimb.com FingerprintD9:F9:6D:82:7E:A7:A1:8A:D2:1B:76:5D:02:EA:BC:09:D5:71:F2:51 ValidityFri, 29 Mar 2024 10:13:08 GMT - Thu, 27 Jun 2024 10:13:07 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /xem-phim/vuong-quoc-cua-gio-f43859-15c-e533613.html HTTP/1.1
Host: nguonphimb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://nguonphimc.com/
Cookie: PHPSESSID=88s13jl4seh2hhqihd0n2h05m4
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 301 Moved Permanently
Date: Fri, 19 Apr 2024 03:37:22 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.0.33
X-Powered-By: PHP/7.0.33
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Location: http://nguonphimb.com/xem-phim/vuong-quoc-cua-gio-f43859-15c-e533613.html
X-UA-Compatible: IE=edge,chrome=1
Content-Length: 0
Connection: close
Content-Type: text/html; charset=UTF-8
|
|
| nguonphimb.com/xem-phim/vuong-quoc-cua-gio-f43859-15c-e533613.html | 94.242.50.163 | 301 Moved Permanently | 0 B |
URL User Request GET HTTP/1.1nguonphimb.com/xem-phim/vuong-quoc-cua-gio-f43859-15c-e533613.html IP94.242.50.163:443
CertificateIssuerLet's Encrypt Subjectnguonphimb.com FingerprintD9:F9:6D:82:7E:A7:A1:8A:D2:1B:76:5D:02:EA:BC:09:D5:71:F2:51 ValidityFri, 29 Mar 2024 10:13:08 GMT - Thu, 27 Jun 2024 10:13:07 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /xem-phim/vuong-quoc-cua-gio-f43859-15c-e533613.html HTTP/1.1
Host: nguonphimb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://nguonphimc.com/
DNT: 1
Connection: keep-alive
Cookie: PHPSESSID=88s13jl4seh2hhqihd0n2h05m4
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 301 Moved Permanently
Date: Fri, 19 Apr 2024 03:37:22 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.0.33
X-Powered-By: PHP/7.0.33
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Location: http://nguonphimc.com/xem-phim/vuong-quoc-cua-gio-f43859-15c-e533613.html
X-UA-Compatible: IE=edge,chrome=1
Content-Length: 0
Connection: close
Content-Type: text/html; charset=UTF-8
|
|
| nguonphimc.com/xem-phim/vuong-quoc-cua-gio-f43859-15c-e533613.html | 94.242.50.163 | 301 Moved Permanently | 0 B |
URL User Request GET HTTP/1.1nguonphimc.com/xem-phim/vuong-quoc-cua-gio-f43859-15c-e533613.html IP94.242.50.163:443
CertificateIssuerLet's Encrypt Subjectnguonphimc.com Fingerprint30:27:67:FA:FE:DB:78:5F:CD:B9:5D:D0:18:14:93:A4:BC:93:3D:C1 ValidityWed, 10 Apr 2024 08:07:50 GMT - Tue, 09 Jul 2024 08:07:49 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /xem-phim/vuong-quoc-cua-gio-f43859-15c-e533613.html HTTP/1.1
Host: nguonphimc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://nguonphimc.com/
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Cookie: PHPSESSID=6e7p16rmec7uov8hvl0a1h0f25; us_session_id=P26349
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 301 Moved Permanently
Date: Fri, 19 Apr 2024 03:37:22 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.0.33
X-Powered-By: PHP/7.0.33
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Location: http://nguonphimc.com/xem-phim/vuong-quoc-cua-gio-f43859-15c-e533613.html
X-UA-Compatible: IE=edge,chrome=1
Content-Length: 0
Connection: close
Content-Type: text/html; charset=UTF-8
|
|
| nguonphimc.com/xem-phim/vuong-quoc-cua-gio-f43859-15c-e533613.html | 94.242.50.163 | 301 Moved Permanently | 20 kB |
URL User Request GET HTTP/1.1nguonphimc.com/xem-phim/vuong-quoc-cua-gio-f43859-15c-e533613.html IP94.242.50.163:443
CertificateIssuerLet's Encrypt Subjectnguonphimc.com Fingerprint30:27:67:FA:FE:DB:78:5F:CD:B9:5D:D0:18:14:93:A4:BC:93:3D:C1 ValidityWed, 10 Apr 2024 08:07:50 GMT - Tue, 09 Jul 2024 08:07:49 GMT
File typeHTML document, Unicode text, UTF-8 text, with very long lines (602), with CRLF, LF line terminators Hash2ae7db950cf0d96cec837999192192ed 4baf91cc6021f04240ccc6d8b40e90343d78f93e 2fd180bb68dd7629d18ea13b2b6f07a045f2c41b3c168de086730114d12dc23d
GET /xem-phim/vuong-quoc-cua-gio-f43859-15c-e533613.html HTTP/1.1
Host: nguonphimc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://nguonphimc.com/
DNT: 1
Connection: keep-alive
Cookie: PHPSESSID=6e7p16rmec7uov8hvl0a1h0f25; us_session_id=P26349
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 19 Apr 2024 03:37:22 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.0.33
X-Powered-By: PHP/7.0.33
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: Accept-Encoding
Content-Encoding: gzip
X-UA-Compatible: IE=edge,chrome=1
Content-Length: 19535
Connection: close
Content-Type: text/html; charset=UTF-8
|
|
| nguonphimc.com/assets/3bd14e95/jquery.min.js | 94.242.50.163 | 200 OK | 34 kB |
URL GET HTTP/1.1nguonphimc.com/assets/3bd14e95/jquery.min.js IP94.242.50.163:80
Requested byhttp://nguonphimc.com/xem-phim/vuong-quoc-cua-gio-f43859-15c-e533613.html
File typeJavaScript source, ASCII text, with very long lines (32077) Hash0fca26b5a37a66d68d0f4406976be4b5 ee000eb654b3bd37185665d3901e93b34ce1aa52 8c2812ded6436715279f8fd8db58de307aa39ab0296fe3cf0e879067c51e9b18
GET /assets/3bd14e95/jquery.min.js HTTP/1.1
Host: nguonphimc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://nguonphimc.com/xem-phim/vuong-quoc-cua-gio-f43859-15c-e533613.html
Cookie: PHPSESSID=6e7p16rmec7uov8hvl0a1h0f25; us_session_id=P26349
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 19 Apr 2024 03:37:22 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.0.33
Last-Modified: Wed, 30 Nov 2022 09:07:34 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: max-age=31536000, proxy-revalidate
Expires: Sat, 19 Apr 2025 03:37:22 GMT
Content-Length: 33693
Connection: close
Content-Type: application/javascript; charset=utf-8
|
|
| nguonphimc.com/themes/np/js/wow.min.js | 94.242.50.163 | 200 OK | 2.7 kB |
URL GET HTTP/1.1nguonphimc.com/themes/np/js/wow.min.js IP94.242.50.163:80
Requested byhttp://nguonphimc.com/xem-phim/vuong-quoc-cua-gio-f43859-15c-e533613.html
File typeJavaScript source, ASCII text, with very long lines (8385), with CRLF line terminators Hashe1f1ff6897992a9165e8ce009b4039e3 e297207404fea99863aea60a1dcd3770f8ecddee 37461d9b50fd93b2e6d064c4aa48cbc16d5b1e82c27f47270b87a39225cc00ac
GET /themes/np/js/wow.min.js HTTP/1.1
Host: nguonphimc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://nguonphimc.com/xem-phim/vuong-quoc-cua-gio-f43859-15c-e533613.html
Cookie: PHPSESSID=6e7p16rmec7uov8hvl0a1h0f25; us_session_id=P26349
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 19 Apr 2024 03:37:22 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.0.33
Last-Modified: Fri, 19 Jan 2018 09:15:03 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: max-age=31536000, proxy-revalidate
Expires: Sat, 19 Apr 2025 03:37:22 GMT
Content-Length: 2742
Connection: close
Content-Type: application/javascript; charset=utf-8
|
|
| nguonphimc.com/themes/np/js/owl.carousel.min.js | 94.242.50.163 | 200 OK | 6.5 kB |
URL GET HTTP/1.1nguonphimc.com/themes/np/js/owl.carousel.min.js IP94.242.50.163:80
Requested byhttp://nguonphimc.com/xem-phim/vuong-quoc-cua-gio-f43859-15c-e533613.html
File typeJavaScript source, ASCII text, with very long lines (635), with CRLF line terminators Hash8c52f27fcac36c7667f8fb846e1e94d5 e5862559db659ffd530c91452d668c5e7b3f0f2d 6c1e31700f68d1666de6b0992e89d413434707718bf729a472404029845bdbad
GET /themes/np/js/owl.carousel.min.js HTTP/1.1
Host: nguonphimc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://nguonphimc.com/xem-phim/vuong-quoc-cua-gio-f43859-15c-e533613.html
Cookie: PHPSESSID=6e7p16rmec7uov8hvl0a1h0f25; us_session_id=P26349
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 19 Apr 2024 03:37:22 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.0.33
Last-Modified: Fri, 19 Jan 2018 09:15:03 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: max-age=31536000, proxy-revalidate
Expires: Sat, 19 Apr 2025 03:37:22 GMT
Content-Length: 6464
Connection: close
Content-Type: application/javascript; charset=utf-8
|
|
| www.googletagmanager.com/gtag/js?id=G-DDD7EKFG6W | 142.250.74.168 | 200 OK | 97 kB |
URL GET HTTP/2www.googletagmanager.com/gtag/js?id=G-DDD7EKFG6W IP142.250.74.168:443
Requested byhttp://nguonphimc.com/xem-phim/vuong-quoc-cua-gio-f43859-15c-e533613.html CertificateIssuerGoogle Trust Services LLC Subject*.google-analytics.com FingerprintBF:40:8C:8B:CB:69:1E:3F:E2:3B:B7:8A:8E:C0:D6:98:5F:81:FA:2D ValidityMon, 04 Mar 2024 06:35:45 GMT - Mon, 27 May 2024 06:35:44 GMT
File typeJavaScript source, ASCII text, with very long lines (3969) Hash077520cff155c20182180bf2f70cf6ca 7a2555d1f16c440e70e2af147b0c87549a973324 65073d7680f8ed728639c504a56f5b2fb8c332ca32477b4cf17070d38f512692
GET /gtag/js?id=G-DDD7EKFG6W HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://nguonphimc.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Fri, 19 Apr 2024 03:37:22 GMT
expires: Fri, 19 Apr 2024 03:37:22 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 97102
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| nguonphimc.com/assets/b2993a05/jwplayer.js?ver=2.4.8.2 | 94.242.50.163 | 200 OK | 39 kB |
URL GET HTTP/1.1nguonphimc.com/assets/b2993a05/jwplayer.js?ver=2.4.8.2 IP94.242.50.163:80
Requested byhttp://nguonphimc.com/xem-phim/vuong-quoc-cua-gio-f43859-15c-e533613.html
File typeJavaScript source, Unicode text, UTF-8 text, with very long lines (65140) Hash637800d55d2ac43cd3c4a864fac04661 bfb57b2bbe30a271e945e5d36027d69fb01b24cf 2aac7ee38577a71b8f0ec381c7836fc29274407517b9038e879fa762651dc5fc
GET /assets/b2993a05/jwplayer.js?ver=2.4.8.2 HTTP/1.1
Host: nguonphimc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://nguonphimc.com/xem-phim/vuong-quoc-cua-gio-f43859-15c-e533613.html
Cookie: PHPSESSID=6e7p16rmec7uov8hvl0a1h0f25; us_session_id=P26349
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 19 Apr 2024 03:37:22 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.0.33
Last-Modified: Wed, 30 Nov 2022 09:07:45 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: max-age=31536000, proxy-revalidate
Expires: Sat, 19 Apr 2025 03:37:22 GMT
Content-Length: 39208
Connection: close
Content-Type: application/javascript; charset=utf-8
|
|
| nguonphimc.com/themes/np/js/bootstrap.min.js | 94.242.50.163 | 200 OK | 9.7 kB |
URL GET HTTP/1.1nguonphimc.com/themes/np/js/bootstrap.min.js IP94.242.50.163:80
Requested byhttp://nguonphimc.com/xem-phim/vuong-quoc-cua-gio-f43859-15c-e533613.html
File typeJavaScript source, ASCII text, with very long lines (32034), with CRLF line terminators Hashe7d9a06cf9053c51cd4ad3386da0659a e45bf1054704a1fdfc4ee2713a16bf9283dea995 9a3724b2051a82064c923cbd68343dcb04014adac3ccb8c4d8ac6a31ba2e12cd
GET /themes/np/js/bootstrap.min.js HTTP/1.1
Host: nguonphimc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://nguonphimc.com/xem-phim/vuong-quoc-cua-gio-f43859-15c-e533613.html
Cookie: PHPSESSID=6e7p16rmec7uov8hvl0a1h0f25; us_session_id=P26349
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 19 Apr 2024 03:37:22 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.0.33
Last-Modified: Fri, 19 Jan 2018 09:15:02 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: max-age=31536000, proxy-revalidate
Expires: Sat, 19 Apr 2025 03:37:22 GMT
Content-Length: 9726
Connection: close
Content-Type: application/javascript; charset=utf-8
|
|
| nguonphimc.com/themes/np/css/color.css?v=np2.4.8.2 | 94.242.50.163 | 200 OK | 80 kB |
URL GET HTTP/1.1nguonphimc.com/themes/np/css/color.css?v=np2.4.8.2 IP94.242.50.163:80
Requested byhttp://nguonphimc.com/xem-phim/vuong-quoc-cua-gio-f43859-15c-e533613.html
File typeUnicode text, UTF-8 (with BOM) text, with very long lines (65533), with no line terminators Hash9ccfae82c1f9be3cf7c148a39228f53c 9abd7857d28f34c5007b11ee53d2818482775163 d962cf8c297e2b013c20dadac3f99d1af50957de8e1d1de8b4ea960fbd6fd7b6
GET /themes/np/css/color.css?v=np2.4.8.2 HTTP/1.1
Host: nguonphimc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://nguonphimc.com/xem-phim/vuong-quoc-cua-gio-f43859-15c-e533613.html
Cookie: PHPSESSID=6e7p16rmec7uov8hvl0a1h0f25; us_session_id=P26349
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 19 Apr 2024 03:37:22 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.0.33
Last-Modified: Wed, 30 Nov 2022 08:58:35 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: max-age=31536000, proxy-revalidate
Expires: Sat, 19 Apr 2025 03:37:22 GMT
Connection: close
Transfer-Encoding: chunked
Content-Type: text/css; charset=utf-8
|
|
| nguonphimc.com/themes/np/js/jquery.nice-select.js | 94.242.50.163 | 200 OK | 1.5 kB |
URL GET HTTP/1.1nguonphimc.com/themes/np/js/jquery.nice-select.js IP94.242.50.163:80
Requested byhttp://nguonphimc.com/xem-phim/vuong-quoc-cua-gio-f43859-15c-e533613.html
File typeJavaScript source, Unicode text, UTF-8 text, with CRLF line terminators Hash723e741faba72abfb0e56b6e0f8a73d8 ba71788614e8e11dbeeebdcac9037b57e7a69ce4 39f6514264e1603542b6aa38ba44c3be0aa7bbdef56ed139d74fe75e24e642fa
GET /themes/np/js/jquery.nice-select.js HTTP/1.1
Host: nguonphimc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://nguonphimc.com/xem-phim/vuong-quoc-cua-gio-f43859-15c-e533613.html
Cookie: PHPSESSID=6e7p16rmec7uov8hvl0a1h0f25; us_session_id=P26349
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 19 Apr 2024 03:37:22 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.0.33
Last-Modified: Fri, 19 Jan 2018 09:15:03 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: max-age=31536000, proxy-revalidate
Expires: Sat, 19 Apr 2025 03:37:22 GMT
Content-Length: 1538
Connection: close
Content-Type: application/javascript; charset=utf-8
|
|
| nguonphimc.com/themes/np/js/jquery.magnific-popup.min.js | 94.242.50.163 | 200 OK | 7.3 kB |
URL GET HTTP/1.1nguonphimc.com/themes/np/js/jquery.magnific-popup.min.js IP94.242.50.163:80
Requested byhttp://nguonphimc.com/xem-phim/vuong-quoc-cua-gio-f43859-15c-e533613.html
File typeJavaScript source, ASCII text, with very long lines (20087), with CRLF line terminators Hashb37d7edf99565d3858eaa1ad80df3cff 786a4343711e9af5e5dfcc493e7d2331b48875bb b0a45cd5aed66e27bd8ee861d0e3b782c8e79849bde32f90f078b9f2451a36f2
GET /themes/np/js/jquery.magnific-popup.min.js HTTP/1.1
Host: nguonphimc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://nguonphimc.com/xem-phim/vuong-quoc-cua-gio-f43859-15c-e533613.html
Cookie: PHPSESSID=6e7p16rmec7uov8hvl0a1h0f25; us_session_id=P26349
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 19 Apr 2024 03:37:22 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.0.33
Last-Modified: Fri, 19 Jan 2018 09:15:03 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: max-age=31536000, proxy-revalidate
Expires: Sat, 19 Apr 2025 03:37:22 GMT
Content-Length: 7346
Connection: close
Content-Type: application/javascript; charset=utf-8
|
|
| nguonphimc.com/themes/np/js/jquery.showmore.src.js | 94.242.50.163 | 200 OK | 434 B |
URL GET HTTP/1.1nguonphimc.com/themes/np/js/jquery.showmore.src.js IP94.242.50.163:80
Requested byhttp://nguonphimc.com/xem-phim/vuong-quoc-cua-gio-f43859-15c-e533613.html
File typeJavaScript source, ASCII text, with very long lines (432) Hashf67d16dc855157012280d1b8d2d0ac55 4eaa66120111bb8cb4c21884c647bf609ef3a7a5 89a7b91f92a0583bcfabc3dc0347bfb78822ebe75d229fb766ae2fdc6e7e0d28
GET /themes/np/js/jquery.showmore.src.js HTTP/1.1
Host: nguonphimc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://nguonphimc.com/xem-phim/vuong-quoc-cua-gio-f43859-15c-e533613.html
Cookie: PHPSESSID=6e7p16rmec7uov8hvl0a1h0f25; us_session_id=P26349
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 19 Apr 2024 03:37:22 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.0.33
Last-Modified: Fri, 19 Jan 2018 09:15:03 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: max-age=31536000, proxy-revalidate
Expires: Sat, 19 Apr 2025 03:37:22 GMT
Content-Length: 434
Connection: close
Content-Type: application/javascript; charset=utf-8
|
|
| nguonphimc.com/js/main.min.js?v=2.4.8.2 | 94.242.50.163 | 200 OK | 5.6 kB |
URL GET HTTP/1.1nguonphimc.com/js/main.min.js?v=2.4.8.2 IP94.242.50.163:80
Requested byhttp://nguonphimc.com/xem-phim/vuong-quoc-cua-gio-f43859-15c-e533613.html
File typeJavaScript source, Unicode text, UTF-8 text, with very long lines (17159) Hash2f3514d630f0195787c0f99778202f3c 2ce2883a59c655b8e02d644a1449fcdfdf604486 23b47b8eb144a359fdd87940db44e0420e7e0062f3cbba762e0e22c35afb3749
GET /js/main.min.js?v=2.4.8.2 HTTP/1.1
Host: nguonphimc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://nguonphimc.com/xem-phim/vuong-quoc-cua-gio-f43859-15c-e533613.html
Cookie: PHPSESSID=6e7p16rmec7uov8hvl0a1h0f25; us_session_id=P26349
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 19 Apr 2024 03:37:22 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.0.33
Last-Modified: Sat, 02 May 2020 19:55:57 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: max-age=31536000, proxy-revalidate
Expires: Sat, 19 Apr 2025 03:37:22 GMT
Content-Length: 5620
Connection: close
Content-Type: application/javascript; charset=utf-8
|
|
| m3.nguonphim.net/media/images/1/logo/logo16012018.png | 94.242.50.163 | 200 OK | 10 kB |
URL GET HTTP/1.1m3.nguonphim.net/media/images/1/logo/logo16012018.png IP94.242.50.163:80
Requested byhttp://nguonphimc.com/xem-phim/vuong-quoc-cua-gio-f43859-15c-e533613.html
File typePNG image data, 124 x 40, 8-bit/color RGBA, interlaced Hasha9da8ca65d6ba20845e49ae6b63a0a92 f1c7861f134ba1af81047a0fda27027327b736ab 39eb6969b37ac9325026f79f791a7f8a46f9baa5976e3f0aa8b8772730af4e2c
GET /media/images/1/logo/logo16012018.png HTTP/1.1
Host: m3.nguonphim.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://nguonphimc.com/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 19 Apr 2024 03:37:22 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.0.33
Last-Modified: Mon, 15 Jan 2018 20:06:20 GMT
ETag: "2751-562d625d53c2f"
Accept-Ranges: bytes
Content-Length: 10065
Cache-Control: max-age=5184000, public
Expires: Tue, 18 Jun 2024 03:37:22 GMT
Access-Control-Allow-Origin: *
Connection: close
Content-Type: image/png
|
|
| nguonphimc.com/img/loading_film.gif | 94.242.50.163 | 200 OK | 1.9 kB |
URL GET HTTP/1.1nguonphimc.com/img/loading_film.gif IP94.242.50.163:80
Requested byhttp://nguonphimc.com/xem-phim/vuong-quoc-cua-gio-f43859-15c-e533613.html
File typeGIF image data, version 89a, 34 x 34 Hashb9d35ba13f16629ec47d785d61d2204c 680ccabf459357685db0c404f4ef23543e735729 43b3f6a202a86e29f40d8a102cf62565fcdc07cebb55185f13eb86b0fbc8c5e6
GET /img/loading_film.gif HTTP/1.1
Host: nguonphimc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://nguonphimc.com/xem-phim/vuong-quoc-cua-gio-f43859-15c-e533613.html
Cookie: PHPSESSID=6e7p16rmec7uov8hvl0a1h0f25; us_session_id=P26349
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 19 Apr 2024 03:37:22 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.0.33
Last-Modified: Mon, 25 Dec 2017 07:17:53 GMT
Accept-Ranges: bytes
Content-Length: 1924
Cache-Control: max-age=2592000, public
Expires: Sun, 19 May 2024 03:37:22 GMT
Connection: close
Content-Type: image/gif
|
|
| chokedsmelt.com/5b/28/bb/5b28bb3338748187b2166508de2d96b3.js | 172.240.108.76 | 200 OK | 16 kB |
URL GET HTTP/1.1chokedsmelt.com/5b/28/bb/5b28bb3338748187b2166508de2d96b3.js IP172.240.108.76:80
Requested byhttp://nguonphimc.com/xem-phim/vuong-quoc-cua-gio-f43859-15c-e533613.html
File typeJavaScript source, ASCII text, with very long lines (44064), with no line terminators Hashdbd1246650dfc29a9b73c39dd61d72d1 0ebe5c413701261aa0a79069658e39d4c347a563 4b40dc9edf30b470e89ee9352cf9395363ceffff30546ca2a8875555e8f4fef8
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /5b/28/bb/5b28bb3338748187b2166508de2d96b3.js HTTP/1.1
Host: chokedsmelt.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://nguonphimc.com/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Fri, 19 Apr 2024 03:37:22 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: bed55bde8361eb190abd0e33742cf305
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
|
|
| m3.nguonhay.com/media/images/film/newcover/2024/1/s350_700/than-an-vuong-toa-throne-of-seal-1704993650.jpg | 94.242.50.163 | 200 OK | 70 kB |
URL GET HTTP/1.1m3.nguonhay.com/media/images/film/newcover/2024/1/s350_700/than-an-vuong-toa-throne-of-seal-1704993650.jpg IP94.242.50.163:80
Requested byhttp://nguonphimc.com/xem-phim/vuong-quoc-cua-gio-f43859-15c-e533613.html
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 350x491, components 3 Hash70a40dfce755801e4ba0d1556ef662e7 0d5ebbc060b1b79023a957a8aa26749b8358b1cb a6edfceb4621a262269195d22f063a64188fbb010013a6270161d517304dea9d
GET /media/images/film/newcover/2024/1/s350_700/than-an-vuong-toa-throne-of-seal-1704993650.jpg HTTP/1.1
Host: m3.nguonhay.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://nguonphimc.com/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 19 Apr 2024 03:37:22 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.0.33
Last-Modified: Thu, 11 Jan 2024 17:20:51 GMT
ETag: "10fbe-60eaec4f8a4c3"
Accept-Ranges: bytes
Content-Length: 69566
Cache-Control: max-age=5184000, public
Expires: Tue, 18 Jun 2024 03:37:22 GMT
Access-Control-Allow-Origin: *
Connection: close
Content-Type: image/jpeg
|
|
| m3.nguonhay.com/media/images/film/mptv/s350_700/nu-hoang-nuoc-mat-1707443450.jpg | 94.242.50.163 | 200 OK | 55 kB |
URL GET HTTP/1.1m3.nguonhay.com/media/images/film/mptv/s350_700/nu-hoang-nuoc-mat-1707443450.jpg IP94.242.50.163:80
Requested byhttp://nguonphimc.com/xem-phim/vuong-quoc-cua-gio-f43859-15c-e533613.html
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 350x501, components 3 Hash7d84be20e84510c02a36491f73526483 911556208f24946169d6e9afe33fc2e5f6e48470 84cdd62c2838005fc964ed071a20d264327cc45c1403b1126ceb263fe479c06a
GET /media/images/film/mptv/s350_700/nu-hoang-nuoc-mat-1707443450.jpg HTTP/1.1
Host: m3.nguonhay.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://nguonphimc.com/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 19 Apr 2024 03:37:22 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.0.33
Last-Modified: Sun, 10 Mar 2024 18:55:46 GMT
ETag: "d82c-61352f90ce8d6"
Accept-Ranges: bytes
Content-Length: 55340
Cache-Control: max-age=5184000, public
Expires: Tue, 18 Jun 2024 03:37:22 GMT
Access-Control-Allow-Origin: *
Connection: close
Content-Type: image/jpeg
|
|
| m3.nguonhay.com/media/images/film/ff/s350_700/the-gioi-hoan-my-1619204356.jpg | 94.242.50.163 | 200 OK | 45 kB |
URL GET HTTP/1.1m3.nguonhay.com/media/images/film/ff/s350_700/the-gioi-hoan-my-1619204356.jpg IP94.242.50.163:80
Requested byhttp://nguonphimc.com/xem-phim/vuong-quoc-cua-gio-f43859-15c-e533613.html
File typeJPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, progressive, precision 8, 238x344, components 3 Hash5e060cae43f33fc6ee9baa645c696f8e 9ac7805332b99d6e27afff6d96d47d72a0369fc8 ed17139b51f4cb501cfa17c692cc257437127fa92980851547df75f6402f13c0
GET /media/images/film/ff/s350_700/the-gioi-hoan-my-1619204356.jpg HTTP/1.1
Host: m3.nguonhay.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://nguonphimc.com/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 19 Apr 2024 03:37:22 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.0.33
Last-Modified: Fri, 23 Apr 2021 18:59:22 GMT
ETag: "af7d-5c0a864d52e4d"
Accept-Ranges: bytes
Content-Length: 44925
Cache-Control: max-age=5184000, public
Expires: Tue, 18 Jun 2024 03:37:22 GMT
Access-Control-Allow-Origin: *
Connection: close
Content-Type: image/jpeg
|
|
| m3.nguonhay.com/media/images/film/pol/s350_700/vo-than-chua-te-1583765005.jpg | 94.242.50.163 | 200 OK | 70 kB |
URL GET HTTP/1.1m3.nguonhay.com/media/images/film/pol/s350_700/vo-than-chua-te-1583765005.jpg IP94.242.50.163:80
Requested byhttp://nguonphimc.com/xem-phim/vuong-quoc-cua-gio-f43859-15c-e533613.html
File typeJPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, progressive, precision 8, 300x426, components 3 Hashfabd25bf58c53cf84b93d09b16a5dab1 44d008211bf7a481cb35b3187b825f54e7c9631c 06138ff6cdd143a248a3b31bbcb4e88ee295c0d11a987a60b9f0c4043fee79e0
GET /media/images/film/pol/s350_700/vo-than-chua-te-1583765005.jpg HTTP/1.1
Host: m3.nguonhay.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://nguonphimc.com/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 19 Apr 2024 03:37:22 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.0.33
Last-Modified: Fri, 12 Jun 2020 07:03:11 GMT
ETag: "112e1-5a7ddab8b8f40"
Accept-Ranges: bytes
Content-Length: 70369
Cache-Control: max-age=5184000, public
Expires: Tue, 18 Jun 2024 03:37:22 GMT
Access-Control-Allow-Origin: *
Connection: close
Content-Type: image/jpeg
|
|
| m3.nguonhay.com/media/images/film/newcover/2021/6/s350_700/vua-hai-tac-1624252456.jpg | 94.242.50.163 | 200 OK | 102 kB |
URL GET HTTP/1.1m3.nguonhay.com/media/images/film/newcover/2021/6/s350_700/vua-hai-tac-1624252456.jpg IP94.242.50.163:80
Requested byhttp://nguonphimc.com/xem-phim/vuong-quoc-cua-gio-f43859-15c-e533613.html
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 350x525, components 3 Size102 kB (102471 bytes) Hashf3b3235be303bcdd8806ee587f879d0a c5cfc2f2b686184a9bb5d8495268fb62e685d17c f365d987c622865d1bac410f3814dabce383d1dd2d961f00aafaf256b251c42e
GET /media/images/film/newcover/2021/6/s350_700/vua-hai-tac-1624252456.jpg HTTP/1.1
Host: m3.nguonhay.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://nguonphimc.com/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 19 Apr 2024 03:37:22 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.0.33
Last-Modified: Mon, 21 Jun 2021 05:14:17 GMT
ETag: "19047-5c53fbebf16b6"
Accept-Ranges: bytes
Content-Length: 102471
Cache-Control: max-age=5184000, public
Expires: Tue, 18 Jun 2024 03:37:22 GMT
Access-Control-Allow-Origin: *
Connection: close
Content-Type: image/jpeg
|
|
| m3.nguonhay.com/media/images/film/bio/s350_700/chim-boi-ca-1665899828.jpg | 94.242.50.163 | 200 OK | 87 kB |
URL GET HTTP/1.1m3.nguonhay.com/media/images/film/bio/s350_700/chim-boi-ca-1665899828.jpg IP94.242.50.163:80
Requested byhttp://nguonphimc.com/xem-phim/vuong-quoc-cua-gio-f43859-15c-e533613.html
File typeJPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, progressive, precision 8, 350x438, components 3 Hashcdb099f8426bd971ac65260f52a7c035 549e05f3215272e4a12832eaf94504d694383bec e46c8ded7ae8965e2881e946441d5a65cfb6937e9f97d1351c70658c5818ba88
GET /media/images/film/bio/s350_700/chim-boi-ca-1665899828.jpg HTTP/1.1
Host: m3.nguonhay.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://nguonphimc.com/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 19 Apr 2024 03:37:22 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.0.33
Last-Modified: Mon, 24 Oct 2022 16:27:41 GMT
ETag: "15256-5ebca453fbe31"
Accept-Ranges: bytes
Content-Length: 86614
Cache-Control: max-age=5184000, public
Expires: Tue, 18 Jun 2024 03:37:22 GMT
Access-Control-Allow-Origin: *
Connection: close
Content-Type: image/jpeg
|
|
| nguonphimc.com/themes/np/images/icon-search-menu.png | 94.242.50.163 | 200 OK | 1.2 kB |
URL GET HTTP/1.1nguonphimc.com/themes/np/images/icon-search-menu.png IP94.242.50.163:80
Requested byhttp://nguonphimc.com/xem-phim/vuong-quoc-cua-gio-f43859-15c-e533613.html
File typePNG image data, 19 x 19, 8-bit/color RGBA, non-interlaced Hashe573652e7d75f6471431e9fd48ca706c ef9de78ae35eb6d6f3e04744612c7bed87c3a5ee 49cd4ed8ef5f3b960bdb9a9024f1b4a83b96e39425a339fd1afc2486709c432b
GET /themes/np/images/icon-search-menu.png HTTP/1.1
Host: nguonphimc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://nguonphimc.com/themes/np/css/color.css?v=np2.4.8.2
Cookie: PHPSESSID=6e7p16rmec7uov8hvl0a1h0f25; us_session_id=P26349; _ga_DDD7EKFG6W=GS1.1.1713497842.1.0.1713497842.0.0.0; _ga=GA1.1.1963755912.1713497843
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 19 Apr 2024 03:37:23 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.0.33
Last-Modified: Fri, 19 Jan 2018 09:15:00 GMT
Accept-Ranges: bytes
Content-Length: 1229
Cache-Control: max-age=2592000, public
Expires: Sun, 19 May 2024 03:37:23 GMT
Connection: close
Content-Type: image/png
|
|
| downstairsnegotiatebarren.com/sfp.js | 172.67.180.87 | 200 OK | 167 B |
URL GET HTTP/2downstairsnegotiatebarren.com/sfp.js IP172.67.180.87:443
Requested byhttp://nguonphimc.com/xem-phim/vuong-quoc-cua-gio-f43859-15c-e533613.html CertificateIssuerLet's Encrypt Subjectdownstairsnegotiatebarren.com Fingerprint2C:6A:E1:8E:26:5B:1D:8B:86:CB:C1:72:4E:52:4B:8B:67:3A:D2:44 ValidityMon, 04 Mar 2024 21:53:07 GMT - Sun, 02 Jun 2024 21:53:06 GMT
File typeHTML document, ASCII text, with CRLF line terminators Hash0104c301c5e02bd6148b8703d19b3a73 7436e0b4b1f8c222c38069890b75fa2baf9ca620 446a6087825fa73eadb045e5a2e9e2adf7df241b571228187728191d961dda1f
GET /sfp.js HTTP/1.1
Host: downstairsnegotiatebarren.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://nguonphimc.com/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 301 Moved Permanently
Date: Fri, 19 Apr 2024 03:37:23 GMT
Content-Type: text/html
Content-Length: 167
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Fri, 19 Apr 2024 04:37:23 GMT
Location: https://downstairsnegotiatebarren.com/sfp.js
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Yx0X1rYEju7F%2BHbWavcB5oLSNQDs7Ff%2FUb7zU5NVVLScyaKRvYOK4kFzVLUOJEBOeFdhog3MnjdPsYqm42GiXbQ0l12hxuU%2BbTLGm7ATLoZLnE4CzMz28E7OFE3dcaoMimCRg%2Ft2x23dWUgC6a0Wbg%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 8769db0f6e17b4ff-OSL
alt-svc: h2=":443"; ma=60
|
|
| nguonphimc.com/themes/np/fonts/fontawesome-webfont.woff2?v=4.7.0 | 94.242.50.163 | 200 OK | 77 kB |
URL GET HTTP/1.1nguonphimc.com/themes/np/fonts/fontawesome-webfont.woff2?v=4.7.0 IP94.242.50.163:80
Requested byhttp://nguonphimc.com/xem-phim/vuong-quoc-cua-gio-f43859-15c-e533613.html
File typeWeb Open Font Format (Version 2), TrueType, length 77160, version 4.459 Hashaf7ae505a9eed503f8b8e6982036873e d6f48cba7d076fb6f2fd6ba993a75b9dc1ecbf0c 2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
GET /themes/np/fonts/fontawesome-webfont.woff2?v=4.7.0 HTTP/1.1
Host: nguonphimc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: http://nguonphimc.com/themes/np/css/color.css?v=np2.4.8.2
Cookie: PHPSESSID=6e7p16rmec7uov8hvl0a1h0f25; us_session_id=P26349; _ga_DDD7EKFG6W=GS1.1.1713497842.1.0.1713497842.0.0.0; _ga=GA1.1.1963755912.1713497843
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 19 Apr 2024 03:37:23 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.0.33
Last-Modified: Fri, 19 Jan 2018 09:14:59 GMT
Accept-Ranges: bytes
Content-Length: 77160
Cache-Control: max-age=2592000
Expires: Sun, 19 May 2024 03:37:23 GMT
X-UA-Compatible: IE=edge,chrome=1
Connection: close
|
|
| fonts.gstatic.com/s/materialicons/v142/flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2 | 142.250.74.131 | 200 OK | 128 kB |
URL GET HTTP/2fonts.gstatic.com/s/materialicons/v142/flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2 IP142.250.74.131:443
Requested byhttp://nguonphimc.com/xem-phim/vuong-quoc-cua-gio-f43859-15c-e533613.html CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com Fingerprint8F:81:43:71:C4:F3:8C:FA:6D:EC:B4:5E:1F:58:71:AA:48:42:0E:E9 ValidityMon, 04 Mar 2024 07:16:39 GMT - Mon, 27 May 2024 07:16:38 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 128352, version 1.0 Size128 kB (128352 bytes) Hash53436aca8627a49f4deaaa44dc9e3c05 0bc0c675480d94ec7e8609dda6227f88c5d08d2c 8265f64786397d6b832d1ca0aafdf149ad84e72759fffa9f7272e91a0fb015d1
GET /s/materialicons/v142/flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://nguonphimc.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 128352
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 15 Apr 2024 21:27:45 GMT
expires: Tue, 15 Apr 2025 21:27:45 GMT
cache-control: public, max-age=31536000
age: 281378
last-modified: Mon, 08 Apr 2024 19:04:47 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSCmu1aB.woff2 | 142.250.74.131 | 200 OK | 17 kB |
URL GET HTTP/2fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSCmu1aB.woff2 IP142.250.74.131:443
Requested byhttp://nguonphimc.com/xem-phim/vuong-quoc-cua-gio-f43859-15c-e533613.html CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com Fingerprint8F:81:43:71:C4:F3:8C:FA:6D:EC:B4:5E:1F:58:71:AA:48:42:0E:E9 ValidityMon, 04 Mar 2024 07:16:39 GMT - Mon, 27 May 2024 07:16:38 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 16552, version 1.0 Hash283c40f79deab0300df8b3ffd86dfc7b 2ef09414a573ac59f4b37e81c8b8a881244b345f 35e5eea83f2e5f2bad1213aa4b4aef30a380720e35c1821f19bc894f8e61e406
GET /s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSCmu1aB.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://nguonphimc.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 16552
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 18 Apr 2024 02:33:39 GMT
expires: Fri, 18 Apr 2025 02:33:39 GMT
cache-control: public, max-age=31536000
age: 90224
last-modified: Thu, 14 Dec 2023 02:08:40 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu7GxKOzY.woff2 | 142.250.74.131 | 200 OK | 12 kB |
URL GET HTTP/2fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu7GxKOzY.woff2 IP142.250.74.131:443
Requested byhttp://nguonphimc.com/xem-phim/vuong-quoc-cua-gio-f43859-15c-e533613.html CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com Fingerprint8F:81:43:71:C4:F3:8C:FA:6D:EC:B4:5E:1F:58:71:AA:48:42:0E:E9 ValidityMon, 04 Mar 2024 07:16:39 GMT - Mon, 27 May 2024 07:16:38 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 11872, version 1.0 Hash87ace20058325aa069320aa4af875dff b743548770c46d905ae1ba06310bc001c587fe8e 3c23eb02de6b34e30f18cfb7167abd81a2cedfd1da60dfcb71989517ab3fb431
GET /s/roboto/v30/KFOmCnqEu92Fr1Mu7GxKOzY.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://nguonphimc.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 11872
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 16 Apr 2024 01:19:30 GMT
expires: Wed, 16 Apr 2025 01:19:30 GMT
cache-control: public, max-age=31536000
age: 267473
last-modified: Wed, 11 May 2022 19:25:01 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSGmu1aB.woff2 | 142.250.74.131 | 200 OK | 35 kB |
URL GET HTTP/2fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSGmu1aB.woff2 IP142.250.74.131:443
Requested byhttp://nguonphimc.com/xem-phim/vuong-quoc-cua-gio-f43859-15c-e533613.html CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com Fingerprint8F:81:43:71:C4:F3:8C:FA:6D:EC:B4:5E:1F:58:71:AA:48:42:0E:E9 ValidityMon, 04 Mar 2024 07:16:39 GMT - Mon, 27 May 2024 07:16:38 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 35328, version 1.0 Hash7670dba29aa2a1560c5d711ea6f6b369 6a2a620d2972f139c804c5a8363c91eb1a7595f6 adfa45260a1306cb5fefc1f17c1b5e7b61135534a82bf1b8e3d0540af7e07e3b
GET /s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSGmu1aB.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://nguonphimc.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 35328
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 18 Apr 2024 17:27:30 GMT
expires: Fri, 18 Apr 2025 17:27:30 GMT
cache-control: public, max-age=31536000
age: 36593
last-modified: Thu, 14 Dec 2023 02:00:45 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| fonts.googleapis.com/css?family=Roboto+Condensed:300,300i,400,400i,700,700i&subset=latin-ext,vietnamese | 142.250.74.106 | 200 OK | 17 kB |
URL GET HTTP/3fonts.googleapis.com/css?family=Roboto+Condensed:300,300i,400,400i,700,700i&subset=latin-ext,vietnamese IP142.250.74.106:443
Requested byhttp://grab.nguonphimc.com/embed/vuong-quoc-cua-gio-f43859.html?api=nguonphimc.com&esp=533613&aesp=15c&user=P26349&tim=1713497843&key=rlennKOWVW9kamdkZ25qa2pkX1eoppujkp6XVXBhsA CertificateIssuerGoogle Trust Services LLC Subjectupload.video.google.com Fingerprint47:5A:64:7D:9F:47:34:07:31:91:97:F7:04:42:7A:D5:EA:AD:07:4E ValidityMon, 04 Mar 2024 07:16:44 GMT - Mon, 27 May 2024 07:16:43 GMT
File typegzip compressed data, max compression Hash5fa0b0e7c65bfa7808c73f2ace248f66 617d9878d8d990ebd155b894e5f7ed60be40fa40 b5f40c25eac09e24b8f98ca7d7577574e37fe30610df9b159f18eb45b5b54a4e
GET /css?family=Roboto+Condensed:300,300i,400,400i,700,700i&subset=latin-ext,vietnamese HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://nguonphimc.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Fri, 19 Apr 2024 03:37:22 GMT
date: Fri, 19 Apr 2024 03:37:22 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu7WxKOzY.woff2 | 142.250.74.131 | 200 OK | 5.6 kB |
URL GET HTTP/2fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu7WxKOzY.woff2 IP142.250.74.131:443
Requested byhttp://nguonphimc.com/xem-phim/vuong-quoc-cua-gio-f43859-15c-e533613.html CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com Fingerprint8F:81:43:71:C4:F3:8C:FA:6D:EC:B4:5E:1F:58:71:AA:48:42:0E:E9 ValidityMon, 04 Mar 2024 07:16:39 GMT - Mon, 27 May 2024 07:16:38 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 5560, version 1.0 Hashca3b09b62fda648a4511700413313fd0 109cd4c5435bd6614391bb8722c47c287c96b2ec 77b24796a3d4ab521f66765651875338ed50cb9306cfe4603a3e79618e429cec
GET /s/roboto/v30/KFOmCnqEu92Fr1Mu7WxKOzY.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://nguonphimc.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 5560
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 18 Apr 2024 02:39:02 GMT
expires: Fri, 18 Apr 2025 02:39:02 GMT
cache-control: public, max-age=31536000
age: 89901
last-modified: Wed, 11 May 2022 19:24:41 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 | 142.250.74.131 | 200 OK | 16 kB |
URL GET HTTP/2fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 IP142.250.74.131:443
Requested byhttp://nguonphimc.com/xem-phim/vuong-quoc-cua-gio-f43859-15c-e533613.html CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com Fingerprint8F:81:43:71:C4:F3:8C:FA:6D:EC:B4:5E:1F:58:71:AA:48:42:0E:E9 ValidityMon, 04 Mar 2024 07:16:39 GMT - Mon, 27 May 2024 07:16:38 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 15860, version 1.0 Hashe9f5aaf547f165386cd313b995dddd8e acdef5603c2387b0e5bffd744b679a24a8bc1968 f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
GET /s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://nguonphimc.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15860
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 16 Apr 2024 10:46:32 GMT
expires: Wed, 16 Apr 2025 10:46:32 GMT
cache-control: public, max-age=31536000
age: 233451
last-modified: Wed, 11 May 2022 19:24:42 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 | 142.250.74.131 | 200 OK | 48 kB |
URL GET HTTP/2fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 IP142.250.74.131:443
Requested byhttp://nguonphimc.com/xem-phim/vuong-quoc-cua-gio-f43859-15c-e533613.html CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com Fingerprint8F:81:43:71:C4:F3:8C:FA:6D:EC:B4:5E:1F:58:71:AA:48:42:0E:E9 ValidityMon, 04 Mar 2024 07:16:39 GMT - Mon, 27 May 2024 07:16:38 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 48236, version 1.0 Hash015c126a3520c9a8f6a27979d0266e96 2acf956561d44434a6d84204670cf849d3215d5f 3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
GET /s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://nguonphimc.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 48236
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 16 Apr 2024 08:04:32 GMT
expires: Wed, 16 Apr 2025 08:04:32 GMT
cache-control: public, max-age=31536000
age: 243171
last-modified: Thu, 14 Dec 2023 02:08:40 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfCxc4EsA.woff2 | 142.250.74.131 | 200 OK | 5.5 kB |
URL GET HTTP/2fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfCxc4EsA.woff2 IP142.250.74.131:443
Requested byhttp://nguonphimc.com/xem-phim/vuong-quoc-cua-gio-f43859-15c-e533613.html CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com Fingerprint8F:81:43:71:C4:F3:8C:FA:6D:EC:B4:5E:1F:58:71:AA:48:42:0E:E9 ValidityMon, 04 Mar 2024 07:16:39 GMT - Mon, 27 May 2024 07:16:38 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 5548, version 1.0 Hashcdaab83619fcacd4027a77c99dd51e69 9e6eae8554f8cc2309b2dae2d9fa217e34eed6a4 4ec57f2a80b91090971b83970230ca09ab3568c5f5b224896ca9aa6180a76aa9
GET /s/roboto/v30/KFOlCnqEu92Fr1MmWUlfCxc4EsA.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://nguonphimc.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 5548
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 18 Apr 2024 02:45:59 GMT
expires: Fri, 18 Apr 2025 02:45:59 GMT
cache-control: public, max-age=31536000
age: 89484
last-modified: Wed, 11 May 2022 19:24:45 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| proftrafficcounter.com/stats | 3.123.64.179 | 200 OK | 40 B |
URL GET HTTP/2proftrafficcounter.com/stats IP3.123.64.179:443
Requested byhttp://nguonphimc.com/xem-phim/vuong-quoc-cua-gio-f43859-15c-e533613.html CertificateIssuerAmazon Subjectproftrafficcounter.com FingerprintE3:9F:79:6F:80:C0:BF:F8:C4:EB:45:F3:E9:0F:A7:41:F6:0C:05:E6 ValidityTue, 21 Nov 2023 00:00:00 GMT - Thu, 19 Dec 2024 23:59:59 GMT
File typeASCII text, with no line terminators Hash76713cbd5165b09cff4500aa0dc2edbd 21289e7aa1a1dca602fecfe0d8b06f751657a011 1490c26c8abc2a47433bc3c1809854a14aab131c75219b54348a05873988cbdb
GET /stats HTTP/1.1
Host: proftrafficcounter.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://nguonphimc.com
DNT: 1
Connection: keep-alive
Referer: http://nguonphimc.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 19 Apr 2024 03:37:23 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: http://nguonphimc.com
vary: Origin
access-control-allow-credentials: true
set-cookie: uid_id2=c6800e26-d533-4dbb-aba8-173ca4d7ed9b:3:1; expires=Mon, 17 Apr 2034 03:37:23 GMT; secure; SameSite=None
X-Firefox-Spdy: h2
|
|
| fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 | 142.250.74.131 | 200 OK | 48 kB |
URL GET HTTP/2fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 IP142.250.74.131:443
Requested byhttp://nguonphimc.com/xem-phim/vuong-quoc-cua-gio-f43859-15c-e533613.html CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com Fingerprint8F:81:43:71:C4:F3:8C:FA:6D:EC:B4:5E:1F:58:71:AA:48:42:0E:E9 ValidityMon, 04 Mar 2024 07:16:39 GMT - Mon, 27 May 2024 07:16:38 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 48236, version 1.0 Hash015c126a3520c9a8f6a27979d0266e96 2acf956561d44434a6d84204670cf849d3215d5f 3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
GET /s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://nguonphimc.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 48236
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 16 Apr 2024 08:04:32 GMT
expires: Wed, 16 Apr 2025 08:04:32 GMT
cache-control: public, max-age=31536000
age: 243171
last-modified: Thu, 14 Dec 2023 02:08:40 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 | 142.250.74.131 | 200 OK | 48 kB |
URL GET HTTP/2fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 IP142.250.74.131:443
Requested byhttp://nguonphimc.com/xem-phim/vuong-quoc-cua-gio-f43859-15c-e533613.html CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com Fingerprint8F:81:43:71:C4:F3:8C:FA:6D:EC:B4:5E:1F:58:71:AA:48:42:0E:E9 ValidityMon, 04 Mar 2024 07:16:39 GMT - Mon, 27 May 2024 07:16:38 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 48236, version 1.0 Hash015c126a3520c9a8f6a27979d0266e96 2acf956561d44434a6d84204670cf849d3215d5f 3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
GET /s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://nguonphimc.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 48236
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 16 Apr 2024 08:04:32 GMT
expires: Wed, 16 Apr 2025 08:04:32 GMT
cache-control: public, max-age=31536000
age: 243171
last-modified: Thu, 14 Dec 2023 02:08:40 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSGmu1aB.woff2 | 142.250.74.131 | 200 OK | 35 kB |
URL GET HTTP/2fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSGmu1aB.woff2 IP142.250.74.131:443
Requested byhttp://nguonphimc.com/xem-phim/vuong-quoc-cua-gio-f43859-15c-e533613.html CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com Fingerprint8F:81:43:71:C4:F3:8C:FA:6D:EC:B4:5E:1F:58:71:AA:48:42:0E:E9 ValidityMon, 04 Mar 2024 07:16:39 GMT - Mon, 27 May 2024 07:16:38 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 35328, version 1.0 Hash7670dba29aa2a1560c5d711ea6f6b369 6a2a620d2972f139c804c5a8363c91eb1a7595f6 adfa45260a1306cb5fefc1f17c1b5e7b61135534a82bf1b8e3d0540af7e07e3b
GET /s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSGmu1aB.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://nguonphimc.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 35328
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 18 Apr 2024 17:27:30 GMT
expires: Fri, 18 Apr 2025 17:27:30 GMT
cache-control: public, max-age=31536000
age: 36593
last-modified: Thu, 14 Dec 2023 02:00:45 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSCmu1aB.woff2 | 142.250.74.131 | 200 OK | 17 kB |
URL GET HTTP/2fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSCmu1aB.woff2 IP142.250.74.131:443
Requested byhttp://nguonphimc.com/xem-phim/vuong-quoc-cua-gio-f43859-15c-e533613.html CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com Fingerprint8F:81:43:71:C4:F3:8C:FA:6D:EC:B4:5E:1F:58:71:AA:48:42:0E:E9 ValidityMon, 04 Mar 2024 07:16:39 GMT - Mon, 27 May 2024 07:16:38 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 16552, version 1.0 Hash283c40f79deab0300df8b3ffd86dfc7b 2ef09414a573ac59f4b37e81c8b8a881244b345f 35e5eea83f2e5f2bad1213aa4b4aef30a380720e35c1821f19bc894f8e61e406
GET /s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSCmu1aB.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://nguonphimc.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 16552
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 18 Apr 2024 02:33:39 GMT
expires: Fri, 18 Apr 2025 02:33:39 GMT
cache-control: public, max-age=31536000
age: 90224
last-modified: Thu, 14 Dec 2023 02:08:40 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| nguonphimc.com/themes/np/images/bottomNavOFF.png | 94.242.50.163 | 200 OK | 1.3 kB |
URL GET HTTP/1.1nguonphimc.com/themes/np/images/bottomNavOFF.png IP94.242.50.163:80
Requested byhttp://nguonphimc.com/xem-phim/vuong-quoc-cua-gio-f43859-15c-e533613.html
File typePNG image data, 13 x 13, 8-bit/color RGBA, non-interlaced Hash840cd790a57c4cee3fb5b50d448dfd3a 976ecfbdaadc569488019ad246b6dfa31bdab85b d317c5f6a5b4342d84bcc00cb0c99d2ce3c7d6f1044ac8036d722fcbf728baeb
GET /themes/np/images/bottomNavOFF.png HTTP/1.1
Host: nguonphimc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://nguonphimc.com/themes/np/css/color.css?v=np2.4.8.2
Cookie: PHPSESSID=6e7p16rmec7uov8hvl0a1h0f25; us_session_id=P26349; _ga_DDD7EKFG6W=GS1.1.1713497842.1.0.1713497842.0.0.0; _ga=GA1.1.1963755912.1713497843; dom3ic8zudi28v8lr6fgphwffqoz0j6c=c6800e26-d533-4dbb-aba8-173ca4d7ed9b%3A3%3A1
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 19 Apr 2024 03:37:23 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.0.33
Last-Modified: Fri, 19 Jan 2018 09:15:00 GMT
Accept-Ranges: bytes
Content-Length: 1250
Cache-Control: max-age=2592000, public
Expires: Sun, 19 May 2024 03:37:23 GMT
Connection: close
Content-Type: image/png
|
|
| nguonphimc.com/themes/np/images/bottomNavON.png | 94.242.50.163 | 200 OK | 1.3 kB |
URL GET HTTP/1.1nguonphimc.com/themes/np/images/bottomNavON.png IP94.242.50.163:80
Requested byhttp://nguonphimc.com/xem-phim/vuong-quoc-cua-gio-f43859-15c-e533613.html
File typePNG image data, 13 x 13, 8-bit/color RGBA, non-interlaced Hash0703045e13e1ab8508a2273cbe71d5d6 c2d2f79bb3758de5722cddd94eaf4701078b4d71 698cc5f19fb8e30c2a9d8471e81637cb26e8fcd67a55bfffc9ca651a0c45e90f
GET /themes/np/images/bottomNavON.png HTTP/1.1
Host: nguonphimc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://nguonphimc.com/themes/np/css/color.css?v=np2.4.8.2
Cookie: PHPSESSID=6e7p16rmec7uov8hvl0a1h0f25; us_session_id=P26349; _ga_DDD7EKFG6W=GS1.1.1713497842.1.0.1713497842.0.0.0; _ga=GA1.1.1963755912.1713497843; dom3ic8zudi28v8lr6fgphwffqoz0j6c=c6800e26-d533-4dbb-aba8-173ca4d7ed9b%3A3%3A1
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 19 Apr 2024 03:37:23 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.0.33
Last-Modified: Fri, 19 Jan 2018 09:15:00 GMT
Accept-Ranges: bytes
Content-Length: 1334
Cache-Control: max-age=2592000, public
Expires: Sun, 19 May 2024 03:37:23 GMT
Connection: close
Content-Type: image/png
|
|
| nguonphimc.com/themes/np/images/button_km.png | 94.242.50.163 | 200 OK | 2.6 kB |
URL GET HTTP/1.1nguonphimc.com/themes/np/images/button_km.png IP94.242.50.163:80
Requested byhttp://nguonphimc.com/xem-phim/vuong-quoc-cua-gio-f43859-15c-e533613.html
File typePNG image data, 66 x 50, 8-bit/color RGBA, non-interlaced Hash05238f78240b8bb3d2453e866550a011 766a5353d457d5282bb04192072a116073b8666d aed76e5f2deac5394da887c6b862ab04fbc3e601348006da714310d72c5dfc60
GET /themes/np/images/button_km.png HTTP/1.1
Host: nguonphimc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://nguonphimc.com/themes/np/css/color.css?v=np2.4.8.2
Cookie: PHPSESSID=6e7p16rmec7uov8hvl0a1h0f25; us_session_id=P26349; _ga_DDD7EKFG6W=GS1.1.1713497842.1.0.1713497842.0.0.0; _ga=GA1.1.1963755912.1713497843; dom3ic8zudi28v8lr6fgphwffqoz0j6c=c6800e26-d533-4dbb-aba8-173ca4d7ed9b%3A3%3A1
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 19 Apr 2024 03:37:23 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.0.33
Last-Modified: Fri, 19 Jan 2018 09:15:00 GMT
Accept-Ranges: bytes
Content-Length: 2646
Cache-Control: max-age=2592000, public
Expires: Sun, 19 May 2024 03:37:23 GMT
Connection: close
Content-Type: image/png
|
|
| fonts.googleapis.com/css?family=Montserrat:100,100i,200,200i,300,300i,400,400i,500,500i,600,600i,700,700i,800,800i,900,900i | 142.250.74.106 | 200 OK | 1.3 kB |
URL GET HTTP/2fonts.googleapis.com/css?family=Montserrat:100,100i,200,200i,300,300i,400,400i,500,500i,600,600i,700,700i,800,800i,900,900i IP142.250.74.106:443
Requested byhttp://nguonphimc.com/xem-phim/vuong-quoc-cua-gio-f43859-15c-e533613.html CertificateIssuerGoogle Trust Services LLC Subjectupload.video.google.com Fingerprint47:5A:64:7D:9F:47:34:07:31:91:97:F7:04:42:7A:D5:EA:AD:07:4E ValidityMon, 04 Mar 2024 07:16:44 GMT - Mon, 27 May 2024 07:16:43 GMT
File typeASCII text, with very long lines (510) Hash2fba94d16c7ff69308ec5a8ae9aa2454 5da2b2d79240bdd9b821868d702949069baf59a1 24b2ba3ea36e0922cae152a734f9b251699848d854ad5f5ed602f3d9d78b54ea
GET /css?family=Montserrat:100,100i,200,200i,300,300i,400,400i,500,500i,600,600i,700,700i,800,800i,900,900i HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://nguonphimc.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Fri, 19 Apr 2024 03:37:22 GMT
date: Fri, 19 Apr 2024 03:37:22 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| nguonphimc.com/site/site/checkaccess/ | 94.242.50.163 | 200 OK | 7 B |
URL POST HTTP/1.1nguonphimc.com/site/site/checkaccess/ IP94.242.50.163:80
Requested byhttp://nguonphimc.com/xem-phim/vuong-quoc-cua-gio-f43859-15c-e533613.html
File typeASCII text, with no line terminators Hash4e3ca82bee9b6a4b6c6e30ca31234e50 f007b014714adb9c2c7c105e64dfa8448e9ec77a 148ecdac86b94c986a6bb2da57595b2cc4b35afa88e266ec7f30f79530803efb
POST /site/site/checkaccess/ HTTP/1.1
Host: nguonphimc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
X-Requested-With: XMLHttpRequest
Content-Length: 105
Origin: http://nguonphimc.com
DNT: 1
Connection: keep-alive
Referer: http://nguonphimc.com/xem-phim/vuong-quoc-cua-gio-f43859-15c-e533613.html
Cookie: PHPSESSID=6e7p16rmec7uov8hvl0a1h0f25; us_session_id=P26349; _ga_DDD7EKFG6W=GS1.1.1713497842.1.0.1713497842.0.0.0; _ga=GA1.1.1963755912.1713497843; dom3ic8zudi28v8lr6fgphwffqoz0j6c=c6800e26-d533-4dbb-aba8-173ca4d7ed9b%3A3%3A1
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 19 Apr 2024 03:37:23 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.0.33
X-Powered-By: PHP/7.0.33
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
X-UA-Compatible: IE=edge,chrome=1
Content-Length: 7
Connection: close
Content-Type: text/html; charset=UTF-8
|
|
| downstairsnegotiatebarren.com/sfp.js | 172.67.180.87 | 200 OK | 28 kB |
URL GET HTTP/2downstairsnegotiatebarren.com/sfp.js IP172.67.180.87:443
Requested byhttp://nguonphimc.com/xem-phim/vuong-quoc-cua-gio-f43859-15c-e533613.html CertificateIssuerLet's Encrypt Subjectdownstairsnegotiatebarren.com Fingerprint2C:6A:E1:8E:26:5B:1D:8B:86:CB:C1:72:4E:52:4B:8B:67:3A:D2:44 ValidityMon, 04 Mar 2024 21:53:07 GMT - Sun, 02 Jun 2024 21:53:06 GMT
File typeJavaScript source, Unicode text, UTF-8 text, with very long lines (65529), with no line terminators Hashf4a2f8f9f99541c6f105bbd0a025bd40 1f8e3eff12168fdd9e719adfc098d24a45b6916a b717cb04231a10d425fd55b73c85a5407119c6826a8bac94142fddfff6958716
GET /sfp.js HTTP/1.1
Host: downstairsnegotiatebarren.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://nguonphimc.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 19 Apr 2024 03:37:23 GMT
content-type: application/javascript; charset=utf-8
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin: *
expires: Thu, 01 Jan 1970 00:00:01 GMT
cache-control: max-age=14400
x-request-id: e18c95b6ce38c837bdfef6f03a22f6cf
strict-transport-security: max-age=0; includeSubdomains
cf-cache-status: EXPIRED
last-modified: Fri, 19 Apr 2024 03:37:23 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=jZSDvF8FkhxKDuG3aIfdXbKd3mM09TBNbQjMg5xNYwqdIR%2Bpo1QDuDJ6II52MLsTIg9P7x%2Fx9SqJcESJFqSscs2g9x9oGc7CMCUtmikpPoD9MYCGErh0xR7zF3OJKqI8fxkX3kAaeScVxlYEEK5yrQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8769db117be7712d-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| fonts.gstatic.com/s/materialiconsextended/v151/kJEjBvgX7BgnkSrUwT8UnLVc38YydejYY-oE_LvJ.woff2 | 142.250.74.131 | 200 OK | 163 kB |
URL GET HTTP/2fonts.gstatic.com/s/materialiconsextended/v151/kJEjBvgX7BgnkSrUwT8UnLVc38YydejYY-oE_LvJ.woff2 IP142.250.74.131:443
Requested byhttps://fundingchoicesmessages.google.com/s/whitelist?hl=vi CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com Fingerprint8F:81:43:71:C4:F3:8C:FA:6D:EC:B4:5E:1F:58:71:AA:48:42:0E:E9 ValidityMon, 04 Mar 2024 07:16:39 GMT - Mon, 27 May 2024 07:16:38 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 162924, version 1.0 Size163 kB (162924 bytes) Hash7f2e1b48b71ec58fda4539018a2f56cc 507bf81f52fa8c99bf2c5c8bd59a981899ca9995 7f80c4c91054b3d6c80721939242c2d4f68f15e41f251e12641f695d78eb2f35
GET /s/materialiconsextended/v151/kJEjBvgX7BgnkSrUwT8UnLVc38YydejYY-oE_LvJ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Referer: https://fundingchoicesmessages.google.com/
Origin: https://fundingchoicesmessages.google.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 162924
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 16 Apr 2024 15:10:32 GMT
expires: Wed, 16 Apr 2025 15:10:32 GMT
cache-control: public, max-age=31536000
age: 217611
last-modified: Mon, 08 Apr 2024 19:05:11 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2 | 142.250.74.131 | 200 OK | 15 kB |
URL GET HTTP/2fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2 IP142.250.74.131:443
Requested byhttps://fundingchoicesmessages.google.com/s/whitelist?hl=vi CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com Fingerprint8F:81:43:71:C4:F3:8C:FA:6D:EC:B4:5E:1F:58:71:AA:48:42:0E:E9 ValidityMon, 04 Mar 2024 07:16:39 GMT - Mon, 27 May 2024 07:16:38 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 15344, version 1.0 Hash5d4aeb4e5f5ef754e307d7ffaef688bd 06db651cdf354c64a7383ea9c77024ef4fb4cef8 3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
GET /s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Referer: https://fundingchoicesmessages.google.com/
Origin: https://fundingchoicesmessages.google.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15344
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 16 Apr 2024 06:43:51 GMT
expires: Wed, 16 Apr 2025 06:43:51 GMT
cache-control: public, max-age=31536000
age: 248012
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu7WxKOzY.woff2 | 142.250.74.131 | 200 OK | 5.2 kB |
URL GET HTTP/2fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu7WxKOzY.woff2 IP142.250.74.131:443
Requested byhttps://fundingchoicesmessages.google.com/s/whitelist?hl=vi CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com Fingerprint8F:81:43:71:C4:F3:8C:FA:6D:EC:B4:5E:1F:58:71:AA:48:42:0E:E9 ValidityMon, 04 Mar 2024 07:16:39 GMT - Mon, 27 May 2024 07:16:38 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 5224, version 1.0 Hasha835084624425dacc5e188c6973c1594 1bef196929bffcabdc834c0deefda104eb7a3318 0dfa6a82824cf2be6bb8543de6ef56b87daae5dd63f9e68c88f02697f94af740
GET /s/roboto/v18/KFOmCnqEu92Fr1Mu7WxKOzY.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Referer: https://fundingchoicesmessages.google.com/
Origin: https://fundingchoicesmessages.google.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 5224
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 18 Apr 2024 17:53:44 GMT
expires: Fri, 18 Apr 2025 17:53:44 GMT
cache-control: public, max-age=31536000
age: 35019
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu7GxKOzY.woff2 | 142.250.74.131 | 200 OK | 12 kB |
URL GET HTTP/2fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu7GxKOzY.woff2 IP142.250.74.131:443
Requested byhttps://fundingchoicesmessages.google.com/s/whitelist?hl=vi CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com Fingerprint8F:81:43:71:C4:F3:8C:FA:6D:EC:B4:5E:1F:58:71:AA:48:42:0E:E9 ValidityMon, 04 Mar 2024 07:16:39 GMT - Mon, 27 May 2024 07:16:38 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 11936, version 1.0 Hash15d8ede0a816bc7a9838207747c6620c f6e2e75f1277c66e282553ae6a22661e51f472b8 dbb8f45730d91bffff8307cfdf7c82e67745d84cb6063a1f3880fadfad59c57d
GET /s/roboto/v18/KFOmCnqEu92Fr1Mu7GxKOzY.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Referer: https://fundingchoicesmessages.google.com/
Origin: https://fundingchoicesmessages.google.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 11936
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 16 Apr 2024 05:22:41 GMT
expires: Wed, 16 Apr 2025 05:22:41 GMT
cache-control: public, max-age=31536000
age: 252882
last-modified: Mon, 16 Oct 2017 17:33:01 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| grab.nguonphimc.com/embed/vuong-quoc-cua-gio-f43859.html?api=nguonphimc.com&esp=533613&aesp=15c&user=P26349&tim=1713497843&key=rlennKOWVW9kamdkZ25qa2pkX1eoppujkp6XVXBhsA | 94.242.50.163 | 200 OK | 3.6 kB |
URL GET HTTP/1.1grab.nguonphimc.com/embed/vuong-quoc-cua-gio-f43859.html?api=nguonphimc.com&esp=533613&aesp=15c&user=P26349&tim=1713497843&key=rlennKOWVW9kamdkZ25qa2pkX1eoppujkp6XVXBhsA IP94.242.50.163:80
Requested byhttp://nguonphimc.com/xem-phim/vuong-quoc-cua-gio-f43859-15c-e533613.html
File typeHTML document, Unicode text, UTF-8 text, with CRLF, LF line terminators Hash1d854eb78412b93d31a4bd0063cb22c4 4c1dc39cb505031da42fb674555b7cad397cd81e e65a2020b829bc693d7c7af114c18f29d8675ae53853a6228ddd07ef4ff4f516
GET /embed/vuong-quoc-cua-gio-f43859.html?api=nguonphimc.com&esp=533613&aesp=15c&user=P26349&tim=1713497843&key=rlennKOWVW9kamdkZ25qa2pkX1eoppujkp6XVXBhsA HTTP/1.1
Host: grab.nguonphimc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://nguonphimc.com/
Cookie: _ga_DDD7EKFG6W=GS1.1.1713497842.1.0.1713497842.0.0.0; _ga=GA1.1.1963755912.1713497843
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 19 Apr 2024 03:37:23 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.0.33
X-Powered-By: PHP/7.0.33
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Set-Cookie: PHPSESSID=ltkkefb5fel2dida0mujhgvks6; path=/
us_session_id=P26368; expires=Sat, 20-Apr-2024 03:37:23 GMT; Max-Age=86400; path=/
Vary: Accept-Encoding
Content-Encoding: gzip
X-UA-Compatible: IE=edge,chrome=1
Content-Length: 3639
Connection: close
Content-Type: text/html; charset=UTF-8
|
|
| fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 | 142.250.74.131 | 200 OK | 15 kB |
URL GET HTTP/2fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 IP142.250.74.131:443
Requested byhttps://fundingchoicesmessages.google.com/s/whitelist?hl=vi CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com Fingerprint8F:81:43:71:C4:F3:8C:FA:6D:EC:B4:5E:1F:58:71:AA:48:42:0E:E9 ValidityMon, 04 Mar 2024 07:16:39 GMT - Mon, 27 May 2024 07:16:38 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 15436, version 1.0 Hash037d830416495def72b7881024c14b7b 619389190b3cafafb5db94113990350acc8a0278 1d5b7c64458f4af91dcfee0354be47adde1f739b5aded03a7ab6068a1bb6ca97
GET /s/roboto/v18/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Referer: https://fundingchoicesmessages.google.com/
Origin: https://fundingchoicesmessages.google.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15436
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 16 Apr 2024 04:01:43 GMT
expires: Wed, 16 Apr 2025 04:01:43 GMT
cache-control: public, max-age=31536000
age: 257740
last-modified: Mon, 16 Oct 2017 17:33:12 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmWUlfCxc4EsA.woff2 | 142.250.74.131 | 200 OK | 5.2 kB |
URL GET HTTP/2fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmWUlfCxc4EsA.woff2 IP142.250.74.131:443
Requested byhttps://fundingchoicesmessages.google.com/s/whitelist?hl=vi CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com Fingerprint8F:81:43:71:C4:F3:8C:FA:6D:EC:B4:5E:1F:58:71:AA:48:42:0E:E9 ValidityMon, 04 Mar 2024 07:16:39 GMT - Mon, 27 May 2024 07:16:38 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 5164, version 1.0 Hashe1d4c2969a3dd92f91fea51f652831ef ff3be3617b93fca22d758f43920abfa313337bc2 570d2dc2ce988d8ae09147ee2eca5ec53f8d5f036e84e3212bf03503374054e5
GET /s/roboto/v18/KFOlCnqEu92Fr1MmWUlfCxc4EsA.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Referer: https://fundingchoicesmessages.google.com/
Origin: https://fundingchoicesmessages.google.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 5164
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 16 Apr 2024 12:26:13 GMT
expires: Wed, 16 Apr 2025 12:26:13 GMT
cache-control: public, max-age=31536000
age: 227470
last-modified: Mon, 16 Oct 2017 17:33:09 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 | 142.250.74.131 | 200 OK | 16 kB |
URL GET HTTP/2fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 IP142.250.74.131:443
Requested byhttps://fundingchoicesmessages.google.com/s/whitelist?hl=vi CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com Fingerprint8F:81:43:71:C4:F3:8C:FA:6D:EC:B4:5E:1F:58:71:AA:48:42:0E:E9 ValidityMon, 04 Mar 2024 07:16:39 GMT - Mon, 27 May 2024 07:16:38 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 15552, version 1.0 Hash285467176f7fe6bb6a9c6873b3dad2cc ea04e4ff5142ddd69307c183def721a160e0a64e 5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
GET /s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Referer: https://fundingchoicesmessages.google.com/
Origin: https://fundingchoicesmessages.google.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15552
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 15 Apr 2024 22:10:11 GMT
expires: Tue, 15 Apr 2025 22:10:11 GMT
cache-control: public, max-age=31536000
age: 278832
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fCxc4EsA.woff2 | 142.250.74.131 | 200 OK | 5.3 kB |
URL GET HTTP/2fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fCxc4EsA.woff2 IP142.250.74.131:443
Requested byhttps://fundingchoicesmessages.google.com/s/whitelist?hl=vi CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com Fingerprint8F:81:43:71:C4:F3:8C:FA:6D:EC:B4:5E:1F:58:71:AA:48:42:0E:E9 ValidityMon, 04 Mar 2024 07:16:39 GMT - Mon, 27 May 2024 07:16:38 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 5284, version 1.0 Hash6bef514048228359f2f8f5e0235f8599 318cb182661d72332dc8a8316d2e6df0332756c4 135d563a494b1f8e6196278b7f597258a563f1438f5953c6fbef106070f66ec8
GET /s/roboto/v18/KFOlCnqEu92Fr1MmEU9fCxc4EsA.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Referer: https://fundingchoicesmessages.google.com/
Origin: https://fundingchoicesmessages.google.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 5284
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 16 Apr 2024 01:54:26 GMT
expires: Wed, 16 Apr 2025 01:54:26 GMT
cache-control: public, max-age=31536000
age: 265377
last-modified: Mon, 16 Oct 2017 17:32:49 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| www.gstatic.com/_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingAdwallUi.vi.pWvgqKnqE8Y.es5.O/am=gKEb/d=1/excm=_b,_tp,allowadsview/ed=1/dg=0/wt=2/ujg=1/rs=AJlcJMyk_vGx5h43VSCi6ky069QGFQvtIA/m=_b,_tp | 142.250.74.35 | 200 OK | 56 kB |
URL GET HTTP/2www.gstatic.com/_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingAdwallUi.vi.pWvgqKnqE8Y.es5.O/am=gKEb/d=1/excm=_b,_tp,allowadsview/ed=1/dg=0/wt=2/ujg=1/rs=AJlcJMyk_vGx5h43VSCi6ky069QGFQvtIA/m=_b,_tp IP142.250.74.35:443
Requested byhttps://fundingchoicesmessages.google.com/s/whitelist?hl=vi CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com Fingerprint8F:81:43:71:C4:F3:8C:FA:6D:EC:B4:5E:1F:58:71:AA:48:42:0E:E9 ValidityMon, 04 Mar 2024 07:16:39 GMT - Mon, 27 May 2024 07:16:38 GMT
File typeJavaScript source, ASCII text, with very long lines (2331) Hash65e864be75ee444565658d67774b0c54 7f0f29fd4bb9ca93150b786e4f48f5c2f8bca773 db02c8b4797a18ccbe137c9fc2de340c332ff76454cfd1aaa1e8545766b8ba8f
GET /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingAdwallUi.vi.pWvgqKnqE8Y.es5.O/am=gKEb/d=1/excm=_b,_tp,allowadsview/ed=1/dg=0/wt=2/ujg=1/rs=AJlcJMyk_vGx5h43VSCi6ky069QGFQvtIA/m=_b,_tp HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://fundingchoicesmessages.google.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/content-ads-contributor-boq-js-css-signers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="boq-infra/content-ads-contributor-boq-js-css-signers"
report-to: {"group":"boq-infra/content-ads-contributor-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/content-ads-contributor-boq-js-css-signers"}]}
content-length: 55653
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 18 Apr 2024 15:17:07 GMT
expires: Fri, 18 Apr 2025 15:17:07 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Wed, 17 Apr 2024 21:34:52 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
age: 44416
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| m3.nguonphim.net/media/images/1/favi/favicon-1498701606.png | 94.242.50.163 | 200 OK | 18 kB |
URL GET HTTP/1.1m3.nguonphim.net/media/images/1/favi/favicon-1498701606.png IP94.242.50.163:80
Requested byhttp://nguonphimc.com/xem-phim/vuong-quoc-cua-gio-f43859-15c-e533613.html
File typePNG image data, 46 x 48, 8-bit/color RGBA, non-interlaced Hashe6f4a93efe2d93e885abcbb4cc09cd4a e4f94b9e95b40e30b215228316bb7f8c48d08ed2 93b7bbea433aa41f6efb860d3d9777d363f9e64fc1ad4186cd9ef525bbee9c94
GET /media/images/1/favi/favicon-1498701606.png HTTP/1.1
Host: m3.nguonphim.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://nguonphimc.com/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 19 Apr 2024 03:37:23 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.0.33
Last-Modified: Wed, 05 Jul 2017 04:14:59 GMT
ETag: "45d1-5538a3e52eb40"
Accept-Ranges: bytes
Content-Length: 17873
Cache-Control: max-age=5184000, public
Expires: Tue, 18 Jun 2024 03:37:23 GMT
Access-Control-Allow-Origin: *
Connection: close
Content-Type: image/png
|
|
| grab.nguonphimc.com/js/main.min.js?v=2.4.8.2 | 94.242.50.163 | 200 OK | 5.6 kB |
URL GET HTTP/1.1grab.nguonphimc.com/js/main.min.js?v=2.4.8.2 IP94.242.50.163:80
Requested byhttp://grab.nguonphimc.com/embed/vuong-quoc-cua-gio-f43859.html?api=nguonphimc.com&esp=533613&aesp=15c&user=P26349&tim=1713497843&key=rlennKOWVW9kamdkZ25qa2pkX1eoppujkp6XVXBhsA
File typeJavaScript source, Unicode text, UTF-8 text, with very long lines (17159) Hash2f3514d630f0195787c0f99778202f3c 2ce2883a59c655b8e02d644a1449fcdfdf604486 23b47b8eb144a359fdd87940db44e0420e7e0062f3cbba762e0e22c35afb3749
GET /js/main.min.js?v=2.4.8.2 HTTP/1.1
Host: grab.nguonphimc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://grab.nguonphimc.com/embed/vuong-quoc-cua-gio-f43859.html?api=nguonphimc.com&esp=533613&aesp=15c&user=P26349&tim=1713497843&key=rlennKOWVW9kamdkZ25qa2pkX1eoppujkp6XVXBhsA
Cookie: _ga_DDD7EKFG6W=GS1.1.1713497842.1.0.1713497842.0.0.0; _ga=GA1.1.1963755912.1713497843; PHPSESSID=ltkkefb5fel2dida0mujhgvks6; us_session_id=P26368
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 19 Apr 2024 03:37:23 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.0.33
Last-Modified: Sat, 02 May 2020 19:55:57 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: max-age=31536000, proxy-revalidate
Expires: Sat, 19 Apr 2025 03:37:23 GMT
Content-Length: 5620
Connection: close
Content-Type: application/javascript; charset=utf-8
|
|
| grab.nguonphimc.com/assets/3bd14e95/jquery.min.js | 94.242.50.163 | 200 OK | 34 kB |
URL GET HTTP/1.1grab.nguonphimc.com/assets/3bd14e95/jquery.min.js IP94.242.50.163:80
Requested byhttp://grab.nguonphimc.com/embed/vuong-quoc-cua-gio-f43859.html?api=nguonphimc.com&esp=533613&aesp=15c&user=P26349&tim=1713497843&key=rlennKOWVW9kamdkZ25qa2pkX1eoppujkp6XVXBhsA
File typeJavaScript source, ASCII text, with very long lines (32077) Hash0fca26b5a37a66d68d0f4406976be4b5 ee000eb654b3bd37185665d3901e93b34ce1aa52 8c2812ded6436715279f8fd8db58de307aa39ab0296fe3cf0e879067c51e9b18
GET /assets/3bd14e95/jquery.min.js HTTP/1.1
Host: grab.nguonphimc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://grab.nguonphimc.com/embed/vuong-quoc-cua-gio-f43859.html?api=nguonphimc.com&esp=533613&aesp=15c&user=P26349&tim=1713497843&key=rlennKOWVW9kamdkZ25qa2pkX1eoppujkp6XVXBhsA
Cookie: _ga_DDD7EKFG6W=GS1.1.1713497842.1.0.1713497842.0.0.0; _ga=GA1.1.1963755912.1713497843; PHPSESSID=ltkkefb5fel2dida0mujhgvks6; us_session_id=P26368
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 19 Apr 2024 03:37:23 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.0.33
Last-Modified: Wed, 30 Nov 2022 09:07:34 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: max-age=31536000, proxy-revalidate
Expires: Sat, 19 Apr 2025 03:37:23 GMT
Content-Length: 33693
Connection: close
Content-Type: application/javascript; charset=utf-8
|
|
| grab.nguonphimc.com/assets/b2993a05/jwplayer.js?ver=2.4.8.2 | 94.242.50.163 | 200 OK | 39 kB |
URL GET HTTP/1.1grab.nguonphimc.com/assets/b2993a05/jwplayer.js?ver=2.4.8.2 IP94.242.50.163:80
Requested byhttp://grab.nguonphimc.com/embed/vuong-quoc-cua-gio-f43859.html?api=nguonphimc.com&esp=533613&aesp=15c&user=P26349&tim=1713497843&key=rlennKOWVW9kamdkZ25qa2pkX1eoppujkp6XVXBhsA
File typeJavaScript source, Unicode text, UTF-8 text, with very long lines (65140) Hash637800d55d2ac43cd3c4a864fac04661 bfb57b2bbe30a271e945e5d36027d69fb01b24cf 2aac7ee38577a71b8f0ec381c7836fc29274407517b9038e879fa762651dc5fc
GET /assets/b2993a05/jwplayer.js?ver=2.4.8.2 HTTP/1.1
Host: grab.nguonphimc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://grab.nguonphimc.com/embed/vuong-quoc-cua-gio-f43859.html?api=nguonphimc.com&esp=533613&aesp=15c&user=P26349&tim=1713497843&key=rlennKOWVW9kamdkZ25qa2pkX1eoppujkp6XVXBhsA
Cookie: _ga_DDD7EKFG6W=GS1.1.1713497842.1.0.1713497842.0.0.0; _ga=GA1.1.1963755912.1713497843; PHPSESSID=ltkkefb5fel2dida0mujhgvks6; us_session_id=P26368
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 19 Apr 2024 03:37:23 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.0.33
Last-Modified: Wed, 30 Nov 2022 09:07:45 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: max-age=31536000, proxy-revalidate
Expires: Sat, 19 Apr 2025 03:37:23 GMT
Content-Length: 39208
Connection: close
Content-Type: application/javascript; charset=utf-8
|
|
| www.gstatic.com/_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingAdwallUi.vi.pWvgqKnqE8Y.es5.O/ck=boq-content-ads-contributor.ContributorServingAdwallUi.payteTO1wl8.L.F4.O/am=gKEb/d=1/exm=_b,_tp/excm=_b,_tp,allowadsview/ed=1/wt=2/ujg=1/rs=AJlcJMzSUfO5Mm9PUNsFdowDQWxkjdegOQ/ee=EmZ2Bf:zr1jrb;JsbNhc:Xd8iUd;LBgRLc:XVMNvd;NPKaK:PVlQOd;SNUn3:ZwDk9d;cEt90b:ws9Tlc;dIoSBb:SpsfSb;eBAeSb:zbML3c;iFQyKf:vfuNJf;nAFL3:NTMZac;oGtAuc:sOXFj;qddgKe:xQtZb;wR5FRb:siKnQd;yxTchf:KUM7Z/m=BWd0oe | 142.250.74.35 | 200 OK | 15 kB |
URL GET HTTP/3www.gstatic.com/_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingAdwallUi.vi.pWvgqKnqE8Y.es5.O/ck=boq-content-ads-contributor.ContributorServingAdwallUi.payteTO1wl8.L.F4.O/am=gKEb/d=1/exm=_b,_tp/excm=_b,_tp,allowadsview/ed=1/wt=2/ujg=1/rs=AJlcJMzSUfO5Mm9PUNsFdowDQWxkjdegOQ/ee=EmZ2Bf:zr1jrb;JsbNhc:Xd8iUd;LBgRLc:XVMNvd;NPKaK:PVlQOd;SNUn3:ZwDk9d;cEt90b:ws9Tlc;dIoSBb:SpsfSb;eBAeSb:zbML3c;iFQyKf:vfuNJf;nAFL3:NTMZac;oGtAuc:sOXFj;qddgKe:xQtZb;wR5FRb:siKnQd;yxTchf:KUM7Z/m=BWd0oe IP142.250.74.35:443
Requested byhttps://fundingchoicesmessages.google.com/s/whitelist?hl=vi CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com Fingerprint8F:81:43:71:C4:F3:8C:FA:6D:EC:B4:5E:1F:58:71:AA:48:42:0E:E9 ValidityMon, 04 Mar 2024 07:16:39 GMT - Mon, 27 May 2024 07:16:38 GMT
File typeJavaScript source, ASCII text, with very long lines (1424) Hash124ba95b2ec12aff22f988c42b14d353 e506202fff14601dba2b44d807b1319968bb3216 50aff2092ce10805752997b823e0bb7490112ff66b9f2d00eaa8b6cada98a873
GET /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingAdwallUi.vi.pWvgqKnqE8Y.es5.O/ck=boq-content-ads-contributor.ContributorServingAdwallUi.payteTO1wl8.L.F4.O/am=gKEb/d=1/exm=_b,_tp/excm=_b,_tp,allowadsview/ed=1/wt=2/ujg=1/rs=AJlcJMzSUfO5Mm9PUNsFdowDQWxkjdegOQ/ee=EmZ2Bf:zr1jrb;JsbNhc:Xd8iUd;LBgRLc:XVMNvd;NPKaK:PVlQOd;SNUn3:ZwDk9d;cEt90b:ws9Tlc;dIoSBb:SpsfSb;eBAeSb:zbML3c;iFQyKf:vfuNJf;nAFL3:NTMZac;oGtAuc:sOXFj;qddgKe:xQtZb;wR5FRb:siKnQd;yxTchf:KUM7Z/m=BWd0oe HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://fundingchoicesmessages.google.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/content-ads-contributor-boq-js-css-signers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="boq-infra/content-ads-contributor-boq-js-css-signers"
report-to: {"group":"boq-infra/content-ads-contributor-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/content-ads-contributor-boq-js-css-signers"}]}
content-length: 15156
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 19 Apr 2024 03:37:05 GMT
expires: Sat, 19 Apr 2025 03:37:05 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Sun, 14 Apr 2024 07:33:00 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
age: 18
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| grab.nguonphimc.com/themes/np/css/color.css?v=2.4.8.2 | 94.242.50.163 | 200 OK | 80 kB |
URL GET HTTP/1.1grab.nguonphimc.com/themes/np/css/color.css?v=2.4.8.2 IP94.242.50.163:80
Requested byhttp://grab.nguonphimc.com/embed/vuong-quoc-cua-gio-f43859.html?api=nguonphimc.com&esp=533613&aesp=15c&user=P26349&tim=1713497843&key=rlennKOWVW9kamdkZ25qa2pkX1eoppujkp6XVXBhsA
File typeUnicode text, UTF-8 (with BOM) text, with very long lines (65533), with no line terminators Hash9ccfae82c1f9be3cf7c148a39228f53c 9abd7857d28f34c5007b11ee53d2818482775163 d962cf8c297e2b013c20dadac3f99d1af50957de8e1d1de8b4ea960fbd6fd7b6
GET /themes/np/css/color.css?v=2.4.8.2 HTTP/1.1
Host: grab.nguonphimc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://grab.nguonphimc.com/embed/vuong-quoc-cua-gio-f43859.html?api=nguonphimc.com&esp=533613&aesp=15c&user=P26349&tim=1713497843&key=rlennKOWVW9kamdkZ25qa2pkX1eoppujkp6XVXBhsA
Cookie: _ga_DDD7EKFG6W=GS1.1.1713497842.1.0.1713497842.0.0.0; _ga=GA1.1.1963755912.1713497843; PHPSESSID=ltkkefb5fel2dida0mujhgvks6; us_session_id=P26368
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 19 Apr 2024 03:37:23 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.0.33
Last-Modified: Wed, 30 Nov 2022 08:58:35 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: max-age=31536000, proxy-revalidate
Expires: Sat, 19 Apr 2025 03:37:23 GMT
Connection: close
Transfer-Encoding: chunked
Content-Type: text/css; charset=utf-8
|
|
| fundingchoicesmessages.google.com/s/whitelist?hl=vi | 216.58.211.14 | 200 OK | 70 kB |
URL GET HTTP/2fundingchoicesmessages.google.com/s/whitelist?hl=vi IP216.58.211.14:443
Requested byhttp://nguonphimc.com/xem-phim/vuong-quoc-cua-gio-f43859-15c-e533613.html CertificateIssuerGoogle Trust Services LLC Subject*.google.com Fingerprint02:6C:2F:38:A0:8A:95:AC:E8:2B:67:AA:69:A4:34:6E:15:99:F5:1D ValidityMon, 04 Mar 2024 06:35:50 GMT - Mon, 27 May 2024 06:35:49 GMT
File typegzip compressed data, max compression Hash877a5e2c01d1c72d25894221f3d2daa4 f9685da83abcbd3e657f1ceef11b6c4f6d124dbb 961bbaedccda87897966bd625cc1184d18c0540bc3859296be47a3ff9833e248
GET /s/whitelist?hl=vi HTTP/1.1
Host: fundingchoicesmessages.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://nguonphimc.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/html; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-ua-compatible: IE=edge
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Fri, 19 Apr 2024 03:37:23 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorServingAdwallUi/cspreport, script-src 'nonce-XY0PEK7hw3vtoRcaklzNrQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingAdwallUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingAdwallUi/cspreport/allowlist
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
cross-origin-resource-policy: same-site
reporting-endpoints: default="/_/ContributorServingAdwallUi/web-reports?context=eJzjMtDikmLw1ZBikPj6kkkLiJ3SZ7CGALFP_QzWOCBuvXmOdToQJ_07z1oCxEI8HJ_Ptm9kE3gx78AHRgDV1xnz"
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| grab.nguonphimc.com/img/loading_film.gif | 94.242.50.163 | 200 OK | 1.9 kB |
URL GET HTTP/1.1grab.nguonphimc.com/img/loading_film.gif IP94.242.50.163:80
Requested byhttp://grab.nguonphimc.com/embed/vuong-quoc-cua-gio-f43859.html?api=nguonphimc.com&esp=533613&aesp=15c&user=P26349&tim=1713497843&key=rlennKOWVW9kamdkZ25qa2pkX1eoppujkp6XVXBhsA
File typeGIF image data, version 89a, 34 x 34 Hashb9d35ba13f16629ec47d785d61d2204c 680ccabf459357685db0c404f4ef23543e735729 43b3f6a202a86e29f40d8a102cf62565fcdc07cebb55185f13eb86b0fbc8c5e6
GET /img/loading_film.gif HTTP/1.1
Host: grab.nguonphimc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://grab.nguonphimc.com/embed/vuong-quoc-cua-gio-f43859.html?api=nguonphimc.com&esp=533613&aesp=15c&user=P26349&tim=1713497843&key=rlennKOWVW9kamdkZ25qa2pkX1eoppujkp6XVXBhsA
Cookie: _ga_DDD7EKFG6W=GS1.1.1713497842.1.0.1713497842.0.0.0; _ga=GA1.1.1963755912.1713497843; PHPSESSID=ltkkefb5fel2dida0mujhgvks6; us_session_id=P26368
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 19 Apr 2024 03:37:24 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.0.33
Last-Modified: Mon, 25 Dec 2017 07:17:53 GMT
Accept-Ranges: bytes
Content-Length: 1924
Cache-Control: max-age=2592000, public
Expires: Sun, 19 May 2024 03:37:24 GMT
Connection: close
Content-Type: image/gif
|
|
| www.gstatic.com/fundingchoices/allowads/blockers/firefox/browser_abp-2.png | 142.250.74.35 | 200 OK | 7.4 kB |
URL GET HTTP/3www.gstatic.com/fundingchoices/allowads/blockers/firefox/browser_abp-2.png IP142.250.74.35:443
Requested byhttps://fundingchoicesmessages.google.com/s/whitelist?hl=vi CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com Fingerprint8F:81:43:71:C4:F3:8C:FA:6D:EC:B4:5E:1F:58:71:AA:48:42:0E:E9 ValidityMon, 04 Mar 2024 07:16:39 GMT - Mon, 27 May 2024 07:16:38 GMT
File typePNG image data, 794 x 184, 8-bit colormap, non-interlaced Hash3d77be4b727c5ff097bcac7eb68c09f9 785be4dc822e6817dbc03b69246cd089436bf108 b77a4547e701c49192847e60735a7027f0910a0df2ccf6d6193dcf1e4a74f719
GET /fundingchoices/allowads/blockers/firefox/browser_abp-2.png HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://fundingchoicesmessages.google.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-length: 7390
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 15 Apr 2024 21:55:20 GMT
expires: Tue, 15 Apr 2025 21:55:20 GMT
cache-control: public, max-age=31536000
age: 279724
last-modified: Tue, 19 Oct 2021 16:18:00 GMT
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| www.gstatic.com/fundingchoices/allowads/blockers/firefox/uo_allowads_icon-1.png | 142.250.74.35 | 200 OK | 1.1 kB |
URL GET HTTP/3www.gstatic.com/fundingchoices/allowads/blockers/firefox/uo_allowads_icon-1.png IP142.250.74.35:443
Requested byhttps://fundingchoicesmessages.google.com/s/whitelist?hl=vi CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com Fingerprint8F:81:43:71:C4:F3:8C:FA:6D:EC:B4:5E:1F:58:71:AA:48:42:0E:E9 ValidityMon, 04 Mar 2024 07:16:39 GMT - Mon, 27 May 2024 07:16:38 GMT
File typePNG image data, 117 x 127, 8-bit colormap, non-interlaced Hash975c9f127c385e3699795a74098872d8 a83d8ebdda4fc135a66de267850c9f573a52b9fe 5caf71572cd2c4167c04a6ecef78d7b407e460b0517c9b11df5cc0c0b9a0d320
GET /fundingchoices/allowads/blockers/firefox/uo_allowads_icon-1.png HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://fundingchoicesmessages.google.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-length: 1071
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 18 Apr 2024 17:28:24 GMT
expires: Fri, 18 Apr 2025 17:28:24 GMT
cache-control: public, max-age=31536000
age: 36540
last-modified: Thu, 20 Jul 2023 22:48:00 GMT
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| www.gstatic.com/fundingchoices/allowads/blockers/firefox/browser_ab-2.png | 142.250.74.35 | 200 OK | 7.7 kB |
URL GET HTTP/3www.gstatic.com/fundingchoices/allowads/blockers/firefox/browser_ab-2.png IP142.250.74.35:443
Requested byhttps://fundingchoicesmessages.google.com/s/whitelist?hl=vi CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com Fingerprint8F:81:43:71:C4:F3:8C:FA:6D:EC:B4:5E:1F:58:71:AA:48:42:0E:E9 ValidityMon, 04 Mar 2024 07:16:39 GMT - Mon, 27 May 2024 07:16:38 GMT
File typePNG image data, 794 x 184, 8-bit colormap, non-interlaced Hash13a0bd1dcfc87f4f19579dc5b059af16 82aa8a7312d5023667edc1565962ddfdfb99a678 818af03e73fcb8964cc644383aa9a2ca4db0b1d8634fbdc9216d8a1d460aab6c
GET /fundingchoices/allowads/blockers/firefox/browser_ab-2.png HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://fundingchoicesmessages.google.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-length: 7688
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 15 Apr 2024 20:31:55 GMT
expires: Tue, 15 Apr 2025 20:31:55 GMT
cache-control: public, max-age=31536000
age: 284729
last-modified: Tue, 19 Oct 2021 16:18:00 GMT
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| www.gstatic.com/fundingchoices/allowads/blockers/firefox/browser_uo-2.png | 142.250.74.35 | 200 OK | 7.2 kB |
URL GET HTTP/3www.gstatic.com/fundingchoices/allowads/blockers/firefox/browser_uo-2.png IP142.250.74.35:443
Requested byhttps://fundingchoicesmessages.google.com/s/whitelist?hl=vi CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com Fingerprint8F:81:43:71:C4:F3:8C:FA:6D:EC:B4:5E:1F:58:71:AA:48:42:0E:E9 ValidityMon, 04 Mar 2024 07:16:39 GMT - Mon, 27 May 2024 07:16:38 GMT
File typePNG image data, 794 x 184, 8-bit colormap, non-interlaced Hash2ca4823b87ee46e5d7a641195cfde652 1d0b4aceb1b0276cbdffaa84facd66b5fe41c714 3d74f9a6b34a1f9936cf3fdcf33ec06f48b602a7202396dcc3aef424a54e5413
GET /fundingchoices/allowads/blockers/firefox/browser_uo-2.png HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://fundingchoicesmessages.google.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-length: 7205
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 18 Apr 2024 17:42:16 GMT
expires: Fri, 18 Apr 2025 17:42:16 GMT
cache-control: public, max-age=31536000
age: 35708
last-modified: Thu, 02 Nov 2023 22:48:00 GMT
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| www.gstatic.com/fundingchoices/allowads/blockers/firefox/abp_power_icon-1.svg | 142.250.74.35 | 200 OK | 731 B |
URL GET HTTP/3www.gstatic.com/fundingchoices/allowads/blockers/firefox/abp_power_icon-1.svg IP142.250.74.35:443
Requested byhttps://fundingchoicesmessages.google.com/s/whitelist?hl=vi CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com Fingerprint8F:81:43:71:C4:F3:8C:FA:6D:EC:B4:5E:1F:58:71:AA:48:42:0E:E9 ValidityMon, 04 Mar 2024 07:16:39 GMT - Mon, 27 May 2024 07:16:38 GMT
File typeSVG Scalable Vector Graphics image Hashc663022865c526afe63691faf0d14725 f1e821f6920fc1b9db40ccf35ed0f6fb54ea8592 56ff7605344ed5eb3a68f8edc6b048658ee714bdfed56d487cb1e1bb62eb24f8
GET /fundingchoices/allowads/blockers/firefox/abp_power_icon-1.svg HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://fundingchoicesmessages.google.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
content-encoding: br
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-length: 731
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 16 Apr 2024 09:59:27 GMT
expires: Wed, 16 Apr 2025 09:59:27 GMT
cache-control: public, max-age=31536000
age: 236277
last-modified: Thu, 02 Nov 2023 22:48:00 GMT
content-type: image/svg+xml
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| www.gstatic.com/fundingchoices/allowads/blockers/firefox/abp_icon-1.svg | 142.250.74.35 | 200 OK | 1.8 kB |
URL GET HTTP/3www.gstatic.com/fundingchoices/allowads/blockers/firefox/abp_icon-1.svg IP142.250.74.35:443
Requested byhttps://fundingchoicesmessages.google.com/s/whitelist?hl=vi CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com Fingerprint8F:81:43:71:C4:F3:8C:FA:6D:EC:B4:5E:1F:58:71:AA:48:42:0E:E9 ValidityMon, 04 Mar 2024 07:16:39 GMT - Mon, 27 May 2024 07:16:38 GMT
File typeSVG Scalable Vector Graphics image Hash32014d3c673c214354e3236b76047386 f01e5134d98ab4029bb6b7022b00516c9df35b37 bf72e9d16e37c6c685185dfc73478765de0cb102f34872cd90cc28b6a9ab3736
GET /fundingchoices/allowads/blockers/firefox/abp_icon-1.svg HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://fundingchoicesmessages.google.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
content-encoding: br
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-length: 1772
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 18 Apr 2024 03:19:24 GMT
expires: Fri, 18 Apr 2025 03:19:24 GMT
cache-control: public, max-age=31536000
age: 87480
last-modified: Thu, 20 Jul 2023 22:48:00 GMT
content-type: image/svg+xml
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| www.gstatic.com/fundingchoices/allowads/blockers/firefox/uo_icon-1.svg | 142.250.74.35 | 200 OK | 1.3 kB |
URL GET HTTP/3www.gstatic.com/fundingchoices/allowads/blockers/firefox/uo_icon-1.svg IP142.250.74.35:443
Requested byhttps://fundingchoicesmessages.google.com/s/whitelist?hl=vi CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com Fingerprint8F:81:43:71:C4:F3:8C:FA:6D:EC:B4:5E:1F:58:71:AA:48:42:0E:E9 ValidityMon, 04 Mar 2024 07:16:39 GMT - Mon, 27 May 2024 07:16:38 GMT
File typeSVG Scalable Vector Graphics image Hash9d378dcff1b89001c348f1df4564ba48 d81c2c163657754563fcd33b793dc36cd6b3a21e f194962656d2b52acaba476410973194ffc377f15f8710a25b7fbee9fd99a2df
GET /fundingchoices/allowads/blockers/firefox/uo_icon-1.svg HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://fundingchoicesmessages.google.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
content-encoding: br
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-length: 1258
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 18 Apr 2024 17:42:16 GMT
expires: Fri, 18 Apr 2025 17:42:16 GMT
cache-control: public, max-age=31536000
age: 35708
last-modified: Thu, 30 Dec 2021 12:48:00 GMT
content-type: image/svg+xml
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| www.gstatic.com/_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingAdwallUi.vi.pWvgqKnqE8Y.es5.O/ck=boq-content-ads-contributor.ContributorServingAdwallUi.payteTO1wl8.L.F4.O/am=gKEb/d=1/exm=BWd0oe,_b,_tp/excm=_b,_tp,allowadsview/ed=1/wt=2/ujg=1/rs=AJlcJMzSUfO5Mm9PUNsFdowDQWxkjdegOQ/ee=EmZ2Bf:zr1jrb;JsbNhc:Xd8iUd;LBgRLc:XVMNvd;NPKaK:PVlQOd;SNUn3:ZwDk9d;cEt90b:ws9Tlc;dIoSBb:SpsfSb;eBAeSb:zbML3c;iFQyKf:vfuNJf;nAFL3:NTMZac;oGtAuc:sOXFj;qddgKe:xQtZb;wR5FRb:siKnQd;yxTchf:KUM7Z/m=soHxf | 142.250.74.35 | 200 OK | 9.3 kB |
URL GET HTTP/3www.gstatic.com/_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingAdwallUi.vi.pWvgqKnqE8Y.es5.O/ck=boq-content-ads-contributor.ContributorServingAdwallUi.payteTO1wl8.L.F4.O/am=gKEb/d=1/exm=BWd0oe,_b,_tp/excm=_b,_tp,allowadsview/ed=1/wt=2/ujg=1/rs=AJlcJMzSUfO5Mm9PUNsFdowDQWxkjdegOQ/ee=EmZ2Bf:zr1jrb;JsbNhc:Xd8iUd;LBgRLc:XVMNvd;NPKaK:PVlQOd;SNUn3:ZwDk9d;cEt90b:ws9Tlc;dIoSBb:SpsfSb;eBAeSb:zbML3c;iFQyKf:vfuNJf;nAFL3:NTMZac;oGtAuc:sOXFj;qddgKe:xQtZb;wR5FRb:siKnQd;yxTchf:KUM7Z/m=soHxf IP142.250.74.35:443
Requested byhttps://fundingchoicesmessages.google.com/s/whitelist?hl=vi CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com Fingerprint8F:81:43:71:C4:F3:8C:FA:6D:EC:B4:5E:1F:58:71:AA:48:42:0E:E9 ValidityMon, 04 Mar 2024 07:16:39 GMT - Mon, 27 May 2024 07:16:38 GMT
File typeJavaScript source, ASCII text, with very long lines (1226) Hash0df69be878f840c3ece59615858c5009 65d903b30ab94d986ae198622811f39576d4da4c b51d740f6556a23458f1715f7183de04394c359a5d5645175c914c880a7e0a16
GET /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingAdwallUi.vi.pWvgqKnqE8Y.es5.O/ck=boq-content-ads-contributor.ContributorServingAdwallUi.payteTO1wl8.L.F4.O/am=gKEb/d=1/exm=BWd0oe,_b,_tp/excm=_b,_tp,allowadsview/ed=1/wt=2/ujg=1/rs=AJlcJMzSUfO5Mm9PUNsFdowDQWxkjdegOQ/ee=EmZ2Bf:zr1jrb;JsbNhc:Xd8iUd;LBgRLc:XVMNvd;NPKaK:PVlQOd;SNUn3:ZwDk9d;cEt90b:ws9Tlc;dIoSBb:SpsfSb;eBAeSb:zbML3c;iFQyKf:vfuNJf;nAFL3:NTMZac;oGtAuc:sOXFj;qddgKe:xQtZb;wR5FRb:siKnQd;yxTchf:KUM7Z/m=soHxf HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://fundingchoicesmessages.google.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/content-ads-contributor-boq-js-css-signers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="boq-infra/content-ads-contributor-boq-js-css-signers"
report-to: {"group":"boq-infra/content-ads-contributor-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/content-ads-contributor-boq-js-css-signers"}]}
content-length: 9278
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 19 Apr 2024 03:37:05 GMT
expires: Sat, 19 Apr 2025 03:37:05 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Sun, 14 Apr 2024 07:33:00 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
age: 19
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| www.gstatic.com/fundingchoices/allowads/blockers/firefox/ab_icon-1.svg | 142.250.74.35 | 200 OK | 15 kB |
URL GET HTTP/3www.gstatic.com/fundingchoices/allowads/blockers/firefox/ab_icon-1.svg IP142.250.74.35:443
Requested byhttps://fundingchoicesmessages.google.com/s/whitelist?hl=vi CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com Fingerprint8F:81:43:71:C4:F3:8C:FA:6D:EC:B4:5E:1F:58:71:AA:48:42:0E:E9 ValidityMon, 04 Mar 2024 07:16:39 GMT - Mon, 27 May 2024 07:16:38 GMT
File typeSVG Scalable Vector Graphics image Hash419033f4f0383492c93db1e6b5e7fa23 96584fdfb4d58c70fb1db6dfc128db296e5cf4e0 c75fbc4fd1beb52bbe64df89d8c402290f5b23bb518abbdd159a268aa0a5f782
GET /fundingchoices/allowads/blockers/firefox/ab_icon-1.svg HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://fundingchoicesmessages.google.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
content-encoding: br
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-length: 15403
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 18 Apr 2024 03:19:24 GMT
expires: Fri, 18 Apr 2025 03:19:24 GMT
cache-control: public, max-age=31536000
age: 87480
last-modified: Tue, 19 Oct 2021 16:18:00 GMT
content-type: image/svg+xml
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| www.gstatic.com/fundingchoices/allowads/blockers/firefox/uo_refresh_icon-1.svg | 142.250.74.35 | 200 OK | 1.5 kB |
URL GET HTTP/3www.gstatic.com/fundingchoices/allowads/blockers/firefox/uo_refresh_icon-1.svg IP142.250.74.35:443
Requested byhttps://fundingchoicesmessages.google.com/s/whitelist?hl=vi CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com Fingerprint8F:81:43:71:C4:F3:8C:FA:6D:EC:B4:5E:1F:58:71:AA:48:42:0E:E9 ValidityMon, 04 Mar 2024 07:16:39 GMT - Mon, 27 May 2024 07:16:38 GMT
File typeSVG Scalable Vector Graphics image Hash606c949e5f626ea9a5a1a1a346209c59 f7700e18535dbb3108d50acbcd6f4f18a533843b bc6e55b647b6656e06c02477e957a9ab8dd2164058f8046bf2c5522a219b7e98
GET /fundingchoices/allowads/blockers/firefox/uo_refresh_icon-1.svg HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://fundingchoicesmessages.google.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
content-encoding: br
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-length: 1492
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 18 Apr 2024 17:33:37 GMT
expires: Fri, 18 Apr 2025 17:33:37 GMT
cache-control: public, max-age=31536000
age: 36227
last-modified: Tue, 19 Oct 2021 16:18:00 GMT
content-type: image/svg+xml
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| www.gstatic.com/_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingAdwallUi.vi.pWvgqKnqE8Y.es5.O/ck=boq-content-ads-contributor.ContributorServingAdwallUi.payteTO1wl8.L.F4.O/am=gKEb/d=1/exm=BWd0oe,_b,_tp,soHxf/excm=_b,_tp,allowadsview/ed=1/wt=2/ujg=1/rs=AJlcJMzSUfO5Mm9PUNsFdowDQWxkjdegOQ/ee=EmZ2Bf:zr1jrb;JsbNhc:Xd8iUd;LBgRLc:XVMNvd;NPKaK:PVlQOd;SNUn3:ZwDk9d;cEt90b:ws9Tlc;dIoSBb:SpsfSb;eBAeSb:zbML3c;iFQyKf:vfuNJf;nAFL3:NTMZac;oGtAuc:sOXFj;qddgKe:xQtZb;wR5FRb:siKnQd;yxTchf:KUM7Z/m=Wt6vjf,hhhU8,FCpbqb,ws9Tlc,WhJNk | 142.250.74.35 | 200 OK | 3.5 kB |
URL GET HTTP/3www.gstatic.com/_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingAdwallUi.vi.pWvgqKnqE8Y.es5.O/ck=boq-content-ads-contributor.ContributorServingAdwallUi.payteTO1wl8.L.F4.O/am=gKEb/d=1/exm=BWd0oe,_b,_tp,soHxf/excm=_b,_tp,allowadsview/ed=1/wt=2/ujg=1/rs=AJlcJMzSUfO5Mm9PUNsFdowDQWxkjdegOQ/ee=EmZ2Bf:zr1jrb;JsbNhc:Xd8iUd;LBgRLc:XVMNvd;NPKaK:PVlQOd;SNUn3:ZwDk9d;cEt90b:ws9Tlc;dIoSBb:SpsfSb;eBAeSb:zbML3c;iFQyKf:vfuNJf;nAFL3:NTMZac;oGtAuc:sOXFj;qddgKe:xQtZb;wR5FRb:siKnQd;yxTchf:KUM7Z/m=Wt6vjf,hhhU8,FCpbqb,ws9Tlc,WhJNk IP142.250.74.35:443
Requested byhttps://fundingchoicesmessages.google.com/s/whitelist?hl=vi CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com Fingerprint8F:81:43:71:C4:F3:8C:FA:6D:EC:B4:5E:1F:58:71:AA:48:42:0E:E9 ValidityMon, 04 Mar 2024 07:16:39 GMT - Mon, 27 May 2024 07:16:38 GMT
File typeJavaScript source, ASCII text, with very long lines (763) Hashab1564f0dc81e3cdd5ded3cc022d6364 821fe2a008e172df73c12e0a3d2eb6da3c4cb717 872b63440dfdc5f5b4b42cddd6aa1ce863efcd72d3816e927dcd3cd65c2b06c3
GET /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingAdwallUi.vi.pWvgqKnqE8Y.es5.O/ck=boq-content-ads-contributor.ContributorServingAdwallUi.payteTO1wl8.L.F4.O/am=gKEb/d=1/exm=BWd0oe,_b,_tp,soHxf/excm=_b,_tp,allowadsview/ed=1/wt=2/ujg=1/rs=AJlcJMzSUfO5Mm9PUNsFdowDQWxkjdegOQ/ee=EmZ2Bf:zr1jrb;JsbNhc:Xd8iUd;LBgRLc:XVMNvd;NPKaK:PVlQOd;SNUn3:ZwDk9d;cEt90b:ws9Tlc;dIoSBb:SpsfSb;eBAeSb:zbML3c;iFQyKf:vfuNJf;nAFL3:NTMZac;oGtAuc:sOXFj;qddgKe:xQtZb;wR5FRb:siKnQd;yxTchf:KUM7Z/m=Wt6vjf,hhhU8,FCpbqb,ws9Tlc,WhJNk HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://fundingchoicesmessages.google.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/content-ads-contributor-boq-js-css-signers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="boq-infra/content-ads-contributor-boq-js-css-signers"
report-to: {"group":"boq-infra/content-ads-contributor-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/content-ads-contributor-boq-js-css-signers"}]}
content-length: 3490
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 19 Apr 2024 03:37:05 GMT
expires: Sat, 19 Apr 2025 03:37:05 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Sun, 14 Apr 2024 07:33:00 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
age: 19
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| www.gstatic.com/_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingAdwallUi.vi.pWvgqKnqE8Y.es5.O/ck=boq-content-ads-contributor.ContributorServingAdwallUi.payteTO1wl8.L.F4.O/am=gKEb/d=1/exm=BWd0oe,FCpbqb,WhJNk,Wt6vjf,_b,_tp,hhhU8,soHxf,ws9Tlc/excm=_b,_tp,allowadsview/ed=1/wt=2/ujg=1/rs=AJlcJMzSUfO5Mm9PUNsFdowDQWxkjdegOQ/ee=EmZ2Bf:zr1jrb;JsbNhc:Xd8iUd;LBgRLc:XVMNvd;NPKaK:PVlQOd;SNUn3:ZwDk9d;cEt90b:ws9Tlc;dIoSBb:SpsfSb;eBAeSb:zbML3c;iFQyKf:vfuNJf;nAFL3:NTMZac;oGtAuc:sOXFj;qddgKe:xQtZb;wR5FRb:siKnQd;yxTchf:KUM7Z/m=byfTOb,lsjVmc,LEikZe,lwddkf,EFQ78c | 142.250.74.35 | 200 OK | 13 kB |
URL GET HTTP/3www.gstatic.com/_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingAdwallUi.vi.pWvgqKnqE8Y.es5.O/ck=boq-content-ads-contributor.ContributorServingAdwallUi.payteTO1wl8.L.F4.O/am=gKEb/d=1/exm=BWd0oe,FCpbqb,WhJNk,Wt6vjf,_b,_tp,hhhU8,soHxf,ws9Tlc/excm=_b,_tp,allowadsview/ed=1/wt=2/ujg=1/rs=AJlcJMzSUfO5Mm9PUNsFdowDQWxkjdegOQ/ee=EmZ2Bf:zr1jrb;JsbNhc:Xd8iUd;LBgRLc:XVMNvd;NPKaK:PVlQOd;SNUn3:ZwDk9d;cEt90b:ws9Tlc;dIoSBb:SpsfSb;eBAeSb:zbML3c;iFQyKf:vfuNJf;nAFL3:NTMZac;oGtAuc:sOXFj;qddgKe:xQtZb;wR5FRb:siKnQd;yxTchf:KUM7Z/m=byfTOb,lsjVmc,LEikZe,lwddkf,EFQ78c IP142.250.74.35:443
Requested byhttps://fundingchoicesmessages.google.com/s/whitelist?hl=vi CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com Fingerprint8F:81:43:71:C4:F3:8C:FA:6D:EC:B4:5E:1F:58:71:AA:48:42:0E:E9 ValidityMon, 04 Mar 2024 07:16:39 GMT - Mon, 27 May 2024 07:16:38 GMT
File typeJavaScript source, ASCII text, with very long lines (1600) Hashab199b9dc5faf341e688a4c9196b0874 fdf2ccb808e05f2789ced334d3d18e13ec59d71c 454a7e35fa7a6c0a52d616009ce1964375308a1b839a87095780df64b70c4e0e
GET /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingAdwallUi.vi.pWvgqKnqE8Y.es5.O/ck=boq-content-ads-contributor.ContributorServingAdwallUi.payteTO1wl8.L.F4.O/am=gKEb/d=1/exm=BWd0oe,FCpbqb,WhJNk,Wt6vjf,_b,_tp,hhhU8,soHxf,ws9Tlc/excm=_b,_tp,allowadsview/ed=1/wt=2/ujg=1/rs=AJlcJMzSUfO5Mm9PUNsFdowDQWxkjdegOQ/ee=EmZ2Bf:zr1jrb;JsbNhc:Xd8iUd;LBgRLc:XVMNvd;NPKaK:PVlQOd;SNUn3:ZwDk9d;cEt90b:ws9Tlc;dIoSBb:SpsfSb;eBAeSb:zbML3c;iFQyKf:vfuNJf;nAFL3:NTMZac;oGtAuc:sOXFj;qddgKe:xQtZb;wR5FRb:siKnQd;yxTchf:KUM7Z/m=byfTOb,lsjVmc,LEikZe,lwddkf,EFQ78c HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://fundingchoicesmessages.google.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/content-ads-contributor-boq-js-css-signers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="boq-infra/content-ads-contributor-boq-js-css-signers"
report-to: {"group":"boq-infra/content-ads-contributor-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/content-ads-contributor-boq-js-css-signers"}]}
content-length: 12692
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 19 Apr 2024 03:37:05 GMT
expires: Sat, 19 Apr 2025 03:37:05 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Sun, 14 Apr 2024 07:33:00 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
age: 19
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| www.gstatic.com/_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingAdwallUi.vi.pWvgqKnqE8Y.es5.O/ck=boq-content-ads-contributor.ContributorServingAdwallUi.payteTO1wl8.L.F4.O/am=gKEb/d=1/exm=BWd0oe,EFQ78c,FCpbqb,LEikZe,WhJNk,Wt6vjf,_b,_tp,byfTOb,hhhU8,lsjVmc,lwddkf,soHxf,ws9Tlc/excm=_b,_tp,allowadsview/ed=1/wt=2/ujg=1/rs=AJlcJMzSUfO5Mm9PUNsFdowDQWxkjdegOQ/ee=EmZ2Bf:zr1jrb;JsbNhc:Xd8iUd;LBgRLc:XVMNvd;NPKaK:PVlQOd;SNUn3:ZwDk9d;cEt90b:ws9Tlc;dIoSBb:SpsfSb;eBAeSb:zbML3c;iFQyKf:vfuNJf;nAFL3:NTMZac;oGtAuc:sOXFj;qddgKe:xQtZb;wR5FRb:siKnQd;yxTchf:KUM7Z/m=RqjULd | 142.250.74.35 | 200 OK | 12 kB |
URL GET HTTP/3www.gstatic.com/_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingAdwallUi.vi.pWvgqKnqE8Y.es5.O/ck=boq-content-ads-contributor.ContributorServingAdwallUi.payteTO1wl8.L.F4.O/am=gKEb/d=1/exm=BWd0oe,EFQ78c,FCpbqb,LEikZe,WhJNk,Wt6vjf,_b,_tp,byfTOb,hhhU8,lsjVmc,lwddkf,soHxf,ws9Tlc/excm=_b,_tp,allowadsview/ed=1/wt=2/ujg=1/rs=AJlcJMzSUfO5Mm9PUNsFdowDQWxkjdegOQ/ee=EmZ2Bf:zr1jrb;JsbNhc:Xd8iUd;LBgRLc:XVMNvd;NPKaK:PVlQOd;SNUn3:ZwDk9d;cEt90b:ws9Tlc;dIoSBb:SpsfSb;eBAeSb:zbML3c;iFQyKf:vfuNJf;nAFL3:NTMZac;oGtAuc:sOXFj;qddgKe:xQtZb;wR5FRb:siKnQd;yxTchf:KUM7Z/m=RqjULd IP142.250.74.35:443
Requested byhttps://fundingchoicesmessages.google.com/s/whitelist?hl=vi CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com Fingerprint8F:81:43:71:C4:F3:8C:FA:6D:EC:B4:5E:1F:58:71:AA:48:42:0E:E9 ValidityMon, 04 Mar 2024 07:16:39 GMT - Mon, 27 May 2024 07:16:38 GMT
File typeJavaScript source, ASCII text, with very long lines (2968) Hashf5c7fc324e43f85696f2873b1fe2a8d4 7d90bee3a4626a8766fad6ba57e8a065b9c5d19f 5485453d1c290f9728e0756544aea1360eaf9a5b5555d1017b69d213d3d82455
GET /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingAdwallUi.vi.pWvgqKnqE8Y.es5.O/ck=boq-content-ads-contributor.ContributorServingAdwallUi.payteTO1wl8.L.F4.O/am=gKEb/d=1/exm=BWd0oe,EFQ78c,FCpbqb,LEikZe,WhJNk,Wt6vjf,_b,_tp,byfTOb,hhhU8,lsjVmc,lwddkf,soHxf,ws9Tlc/excm=_b,_tp,allowadsview/ed=1/wt=2/ujg=1/rs=AJlcJMzSUfO5Mm9PUNsFdowDQWxkjdegOQ/ee=EmZ2Bf:zr1jrb;JsbNhc:Xd8iUd;LBgRLc:XVMNvd;NPKaK:PVlQOd;SNUn3:ZwDk9d;cEt90b:ws9Tlc;dIoSBb:SpsfSb;eBAeSb:zbML3c;iFQyKf:vfuNJf;nAFL3:NTMZac;oGtAuc:sOXFj;qddgKe:xQtZb;wR5FRb:siKnQd;yxTchf:KUM7Z/m=RqjULd HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://fundingchoicesmessages.google.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/content-ads-contributor-boq-js-css-signers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="boq-infra/content-ads-contributor-boq-js-css-signers"
report-to: {"group":"boq-infra/content-ads-contributor-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/content-ads-contributor-boq-js-css-signers"}]}
content-length: 11750
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 19 Apr 2024 03:37:05 GMT
expires: Sat, 19 Apr 2025 03:37:05 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Sun, 14 Apr 2024 07:33:00 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
age: 19
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| stripherselfscuba.com/sbar.json?key=5b28bb3338748187b2166508de2d96b3&uuid=c6800e26-d533-4dbb-aba8-173ca4d7ed9b%3A3%3A1 | 172.240.108.68 | 200 OK | 8.5 kB |
URL GET HTTP/1.1stripherselfscuba.com/sbar.json?key=5b28bb3338748187b2166508de2d96b3&uuid=c6800e26-d533-4dbb-aba8-173ca4d7ed9b%3A3%3A1 IP172.240.108.68:443
Requested byhttp://nguonphimc.com/xem-phim/vuong-quoc-cua-gio-f43859-15c-e533613.html CertificateIssuerLet's Encrypt Subjectstripherselfscuba.com Fingerprint27:09:AC:8B:2B:B3:33:5D:E9:D5:03:33:75:F8:E2:63:AA:1A:2B:92 ValidityTue, 16 Apr 2024 13:43:56 GMT - Mon, 15 Jul 2024 13:43:55 GMT
Hash1dede291d8797856fc4c6893e7ee3ed0 4a1601e3098f3bc65a9f907b25e6bc8bd20c79bb ae12dd1008d08db3ffb98639cec074c4bfbd12e73ccf44446936709c97c42542
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /sbar.json?key=5b28bb3338748187b2166508de2d96b3&uuid=c6800e26-d533-4dbb-aba8-173ca4d7ed9b%3A3%3A1 HTTP/1.1
Host: stripherselfscuba.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://nguonphimc.com
DNT: 1
Connection: keep-alive
Referer: http://nguonphimc.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Fri, 19 Apr 2024 03:37:24 GMT
Content-Type: text/plain; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: http://nguonphimc.com
Access-Control-Allow-Origin: http://nguonphimc.com
Access-Control-Allow-Credentials: true
Set-Cookie: u_pl=17093374; expires=Sat, 20 Apr 2024 03:37:24 GMT; secure; SameSite=None
uid_id2=c6800e26-d533-4dbb-aba8-173ca4d7ed9b:3:1; expires=Fri, 26 Apr 2024 03:37:24 GMT; secure; SameSite=None
pdhtkv=true; expires=Sat, 20 Apr 2024 03:37:24 GMT; secure; SameSite=None
uncs=1; expires=Sat, 20 Apr 2024 03:37:24 GMT; secure; SameSite=None
pdhtkv29=true; expires=Sat, 20 Apr 2024 03:37:24 GMT; secure; SameSite=None
uncs29=1; expires=Sat, 20 Apr 2024 03:37:24 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 58834516fe5789c93535e3fca30ba965
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
|
|
| grab.nguonphimc.com/themes/np/fonts/fontawesome-webfont.woff2?v=4.7.0 | 94.242.50.163 | 200 OK | 77 kB |
URL GET HTTP/1.1grab.nguonphimc.com/themes/np/fonts/fontawesome-webfont.woff2?v=4.7.0 IP94.242.50.163:80
Requested byhttp://grab.nguonphimc.com/embed/vuong-quoc-cua-gio-f43859.html?api=nguonphimc.com&esp=533613&aesp=15c&user=P26349&tim=1713497843&key=rlennKOWVW9kamdkZ25qa2pkX1eoppujkp6XVXBhsA
File typeWeb Open Font Format (Version 2), TrueType, length 77160, version 4.459 Hashaf7ae505a9eed503f8b8e6982036873e d6f48cba7d076fb6f2fd6ba993a75b9dc1ecbf0c 2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
GET /themes/np/fonts/fontawesome-webfont.woff2?v=4.7.0 HTTP/1.1
Host: grab.nguonphimc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: http://grab.nguonphimc.com/themes/np/css/color.css?v=2.4.8.2
Cookie: _ga_DDD7EKFG6W=GS1.1.1713497842.1.0.1713497842.0.0.0; _ga=GA1.1.1963755912.1713497843; PHPSESSID=ltkkefb5fel2dida0mujhgvks6; us_session_id=P26368
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 19 Apr 2024 03:37:24 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.0.33
Last-Modified: Fri, 19 Jan 2018 09:14:59 GMT
Accept-Ranges: bytes
Content-Length: 77160
Cache-Control: max-age=2592000
Expires: Sun, 19 May 2024 03:37:24 GMT
X-UA-Compatible: IE=edge,chrome=1
Connection: close
|
|
| fonts.googleapis.com/css?family=Roboto+Condensed:300,300i,400,400i,700,700i&subset=latin-ext,vietnamese | 142.250.74.106 | 200 OK | 1.3 kB |
URL GET HTTP/3fonts.googleapis.com/css?family=Roboto+Condensed:300,300i,400,400i,700,700i&subset=latin-ext,vietnamese IP142.250.74.106:443
Requested byhttp://grab.nguonphimc.com/embed/vuong-quoc-cua-gio-f43859.html?api=nguonphimc.com&esp=533613&aesp=15c&user=P26349&tim=1713497843&key=rlennKOWVW9kamdkZ25qa2pkX1eoppujkp6XVXBhsA CertificateIssuerGoogle Trust Services LLC Subjectupload.video.google.com Fingerprint47:5A:64:7D:9F:47:34:07:31:91:97:F7:04:42:7A:D5:EA:AD:07:4E ValidityMon, 04 Mar 2024 07:16:44 GMT - Mon, 27 May 2024 07:16:43 GMT
File typegzip compressed data, max compression Hasha1d357e4b9766c27e5cdf49ad3e9be1d 46b8bc9ac3ad287776be04632a0b8b6bef7173bb 0c0fd4c32b25716d2ae1f02064a7e083ed91a0b9d25290f4f2d8fd738c221121
GET /css?family=Roboto+Condensed:300,300i,400,400i,700,700i&subset=latin-ext,vietnamese HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://grab.nguonphimc.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Fri, 19 Apr 2024 03:37:24 GMT
date: Fri, 19 Apr 2024 03:37:24 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| stripherselfscuba.com/ren.gif?sid=H4sIAAAAAAAC%2F1RSz4scxR%2Bt3gx8D19ElNxEGMVDhOxs%2F5jpmTGHxTWuLG6yIVH0IlLVVTMpt7qrqeqanuwpGJAcB%2B9C75tNlpgg5g8w6mzAw4qQ8bQH9yKIBw%2BKEhBEZCaDi5%2FL5%2FOp9wpevVcf7bpjEsLRo%2FMX9I5Uiq60Gn79zLtBcK6%2BKTM3rA878ftx81zdDF7pxg3%2F5fobItnWK6Ef%2BH7gB%2FV1aURPD1dmIGR%2Brxs0un6jGTaCVhND89%2FdOg%2BWeuCDY%2FIsJJ%2FWHnqnIZMJsvTz88JuFzo%2F%2B3rqFC20wYDvv51tZ7rMkJ6MPeOhl%2B0v2ND20foD6OzWXC704F8ik1PiffMALNtfiAQb7M11MgWRgfH%2FoxxMINQEkk6Q6BuQ%2FBEBEo6LW8jS2xe1Kem1JyidoVNSe%2Fw7ZDkltR9OI0s%2FW1NyWL%2BilSukziyGvQpyOIHsT5C7AxQ7S5DlAZLiQ0j%2BHVl5vIks3duySkPyo5eSuOP7IoyXeSuKlpucsWXKaGc5aEcJbfK24F02N0jKCWRvAiVGoPYUnPXgpAfX8%2BByDyk%2FqidBELR9nlC%2F002SiLcFi7kf0HYvoIEfd%2BCS2RtGKPIREjVCYq4jN9exLUcw7ivYqxUs92ALggGvUAqC0hKUlKCUBGVBUA6qW1zZ0Fa3ubKOBYseLnpUjXXR36W3dNEXGQE1Ixhe7ebH5JmZgV5t%2Bje2xVG9xcIOY1EUddrNTtBpszCI45bf4SLk3ZhFsLKCtEug1sPOLMyv15DP%2BourYPQAVh0gkR6oex60rECvVtjJ7mZ9p7Ni0Eh0Cq4r5EUNxTVvVx2T5%2BYJXvzzDERyuPozuzD97c5fSEyF3FT4QD4k6Kub48u6JHuXdWnJ%2Fa28kKncobN0rxS0ELVP3xTXSm34xnk7uvNqMgNm4723hC02acZl1rfk7prkXJh1bRJBvtiw7wh2ydmra85kLt%2B89Nr6RpobYa3U2QRUTsn%2F3vsFiZySpz%2F5dv5xzz7VhDQTGFchdYdkUZB6giS%2FDpsfrv4YzQtWExh1wmG5h9JVYxOyk0MlCZQ42SmrYMWJCUwcfvnrE2xs6Ow2ldWuvYm%2BWQItbiBLKwxMhYGqQNUI1p0aF7k5XP1%2BIYOppTFTZmmPKaM%2Bnts8JRtb92HlUb0dRT6Nu62g3aaizZphpxcHnNKwGYdxTCMUdtp74ac%2F%2FgEAAP%2F%2FAQAA%2F%2F%2Fz%2BBuvkgQAAA%3D%3D | 172.240.108.68 | 200 OK | 7 B |
URL GET HTTP/1.1stripherselfscuba.com/ren.gif?sid=H4sIAAAAAAAC%2F1RSz4scxR%2Bt3gx8D19ElNxEGMVDhOxs%2F5jpmTGHxTWuLG6yIVH0IlLVVTMpt7qrqeqanuwpGJAcB%2B9C75tNlpgg5g8w6mzAw4qQ8bQH9yKIBw%2BKEhBEZCaDi5%2FL5%2FOp9wpevVcf7bpjEsLRo%2FMX9I5Uiq60Gn79zLtBcK6%2BKTM3rA878ftx81zdDF7pxg3%2F5fobItnWK6Ef%2BH7gB%2FV1aURPD1dmIGR%2Brxs0un6jGTaCVhND89%2FdOg%2BWeuCDY%2FIsJJ%2FWHnqnIZMJsvTz88JuFzo%2F%2B3rqFC20wYDvv51tZ7rMkJ6MPeOhl%2B0v2ND20foD6OzWXC704F8ik1PiffMALNtfiAQb7M11MgWRgfH%2FoxxMINQEkk6Q6BuQ%2FBEBEo6LW8jS2xe1Kem1JyidoVNSe%2Fw7ZDkltR9OI0s%2FW1NyWL%2BilSukziyGvQpyOIHsT5C7AxQ7S5DlAZLiQ0j%2BHVl5vIks3duySkPyo5eSuOP7IoyXeSuKlpucsWXKaGc5aEcJbfK24F02N0jKCWRvAiVGoPYUnPXgpAfX8%2BByDyk%2FqidBELR9nlC%2F002SiLcFi7kf0HYvoIEfd%2BCS2RtGKPIREjVCYq4jN9exLUcw7ivYqxUs92ALggGvUAqC0hKUlKCUBGVBUA6qW1zZ0Fa3ubKOBYseLnpUjXXR36W3dNEXGQE1Ixhe7ebH5JmZgV5t%2Bje2xVG9xcIOY1EUddrNTtBpszCI45bf4SLk3ZhFsLKCtEug1sPOLMyv15DP%2BourYPQAVh0gkR6oex60rECvVtjJ7mZ9p7Ni0Eh0Cq4r5EUNxTVvVx2T5%2BYJXvzzDERyuPozuzD97c5fSEyF3FT4QD4k6Kub48u6JHuXdWnJ%2Fa28kKncobN0rxS0ELVP3xTXSm34xnk7uvNqMgNm4723hC02acZl1rfk7prkXJh1bRJBvtiw7wh2ydmra85kLt%2B89Nr6RpobYa3U2QRUTsn%2F3vsFiZySpz%2F5dv5xzz7VhDQTGFchdYdkUZB6giS%2FDpsfrv4YzQtWExh1wmG5h9JVYxOyk0MlCZQ42SmrYMWJCUwcfvnrE2xs6Ow2ldWuvYm%2BWQItbiBLKwxMhYGqQNUI1p0aF7k5XP1%2BIYOppTFTZmmPKaM%2Bnts8JRtb92HlUb0dRT6Nu62g3aaizZphpxcHnNKwGYdxTCMUdtp74ac%2F%2FgEAAP%2F%2FAQAA%2F%2F%2Fz%2BBuvkgQAAA%3D%3D IP172.240.108.68:443
Requested byhttp://nguonphimc.com/xem-phim/vuong-quoc-cua-gio-f43859-15c-e533613.html CertificateIssuerLet's Encrypt Subjectstripherselfscuba.com Fingerprint27:09:AC:8B:2B:B3:33:5D:E9:D5:03:33:75:F8:E2:63:AA:1A:2B:92 ValidityTue, 16 Apr 2024 13:43:56 GMT - Mon, 15 Jul 2024 13:43:55 GMT
File typeASCII text, with no line terminators Hash132d6af1b46048b45cf86cdee7991d31 eb7007d03d59b65bc6da7e098c4d38fc6dfb6285 ab852e838deccd742a03ca81d4a8d75cf1a00b327db3eaf46bd7da6b6db9384c
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /ren.gif?sid=H4sIAAAAAAAC%2F1RSz4scxR%2Bt3gx8D19ElNxEGMVDhOxs%2F5jpmTGHxTWuLG6yIVH0IlLVVTMpt7qrqeqanuwpGJAcB%2B9C75tNlpgg5g8w6mzAw4qQ8bQH9yKIBw%2BKEhBEZCaDi5%2FL5%2FOp9wpevVcf7bpjEsLRo%2FMX9I5Uiq60Gn79zLtBcK6%2BKTM3rA878ftx81zdDF7pxg3%2F5fobItnWK6Ef%2BH7gB%2FV1aURPD1dmIGR%2Brxs0un6jGTaCVhND89%2FdOg%2BWeuCDY%2FIsJJ%2FWHnqnIZMJsvTz88JuFzo%2F%2B3rqFC20wYDvv51tZ7rMkJ6MPeOhl%2B0v2ND20foD6OzWXC704F8ik1PiffMALNtfiAQb7M11MgWRgfH%2FoxxMINQEkk6Q6BuQ%2FBEBEo6LW8jS2xe1Kem1JyidoVNSe%2Fw7ZDkltR9OI0s%2FW1NyWL%2BilSukziyGvQpyOIHsT5C7AxQ7S5DlAZLiQ0j%2BHVl5vIks3duySkPyo5eSuOP7IoyXeSuKlpucsWXKaGc5aEcJbfK24F02N0jKCWRvAiVGoPYUnPXgpAfX8%2BByDyk%2FqidBELR9nlC%2F002SiLcFi7kf0HYvoIEfd%2BCS2RtGKPIREjVCYq4jN9exLUcw7ivYqxUs92ALggGvUAqC0hKUlKCUBGVBUA6qW1zZ0Fa3ubKOBYseLnpUjXXR36W3dNEXGQE1Ixhe7ebH5JmZgV5t%2Bje2xVG9xcIOY1EUddrNTtBpszCI45bf4SLk3ZhFsLKCtEug1sPOLMyv15DP%2BourYPQAVh0gkR6oex60rECvVtjJ7mZ9p7Ni0Eh0Cq4r5EUNxTVvVx2T5%2BYJXvzzDERyuPozuzD97c5fSEyF3FT4QD4k6Kub48u6JHuXdWnJ%2Fa28kKncobN0rxS0ELVP3xTXSm34xnk7uvNqMgNm4723hC02acZl1rfk7prkXJh1bRJBvtiw7wh2ydmra85kLt%2B89Nr6RpobYa3U2QRUTsn%2F3vsFiZySpz%2F5dv5xzz7VhDQTGFchdYdkUZB6giS%2FDpsfrv4YzQtWExh1wmG5h9JVYxOyk0MlCZQ42SmrYMWJCUwcfvnrE2xs6Ow2ldWuvYm%2BWQItbiBLKwxMhYGqQNUI1p0aF7k5XP1%2BIYOppTFTZmmPKaM%2Bnts8JRtb92HlUb0dRT6Nu62g3aaizZphpxcHnNKwGYdxTCMUdtp74ac%2F%2FgEAAP%2F%2FAQAA%2F%2F%2Fz%2BBuvkgQAAA%3D%3D HTTP/1.1
Host: stripherselfscuba.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://nguonphimc.com/
Cookie: u_pl=17093374; uid_id2=c6800e26-d533-4dbb-aba8-173ca4d7ed9b:3:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Fri, 19 Apr 2024 03:37:24 GMT
Content-Type: image/gif
Content-Length: 7
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 59e969701dced2179a5ed98c8eff8650
Strict-Transport-Security: max-age=0; includeSubdomains
|
|
| cdn.creative-bars1.com/sb/ssp/vpn/classic-push/small/img/close.png | 188.114.97.1 | 200 OK | 591 B |
URL GET HTTP/3cdn.creative-bars1.com/sb/ssp/vpn/classic-push/small/img/close.png IP188.114.97.1:443
Requested byhttp://nguonphimc.com/xem-phim/vuong-quoc-cua-gio-f43859-15c-e533613.html CertificateIssuerGoogle Trust Services LLC Subjectcreative-bars1.com Fingerprint3D:29:39:2C:F1:E5:C6:EF:54:F5:70:B5:CF:A8:C2:75:4D:89:72:13 ValidityMon, 15 Apr 2024 15:02:18 GMT - Sun, 14 Jul 2024 15:02:17 GMT
File typePNG image data, 12 x 12, 8-bit/color RGBA, non-interlaced Hash9fd5bcb6103d86e317bd1eb019bcbe71 6b5a52ea669dcb74946f2bed4bdd7ec985026113 0ddd3be104ac7945fb062096df62034a6a24ecc76ba92493c35c62c3c25982ae
GET /sb/ssp/vpn/classic-push/small/img/close.png HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 19 Apr 2024 03:37:24 GMT
content-type: image/png
content-length: 591
last-modified: Fri, 19 Jan 2024 14:19:42 GMT
etag: "65aa84fe-24f"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 5581937
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=2AUNyh7CVKat3iVNz2NRkhfy3%2BROpcBW9ZDS%2B362gqOSdwM2SisLXO1gPXZSdfpaxdlIYLn84QH6gCv4DMgQwAUE8pg7A4IT6%2FpY8vPykhbi4eEjNI3sMMfYz9xzcloN1jwkzFDE5WGH"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8769db18fbf75694-OSL
alt-svc: h3=":443"; ma=86400
|
|
| fonts.googleapis.com/css?family=Roboto:300,400,700&display=swap | 142.250.74.106 | 200 OK | 717 B |
URL GET HTTP/1.1fonts.googleapis.com/css?family=Roboto:300,400,700&display=swap IP142.250.74.106:80
Requested byhttp://nguonphimc.com/xem-phim/vuong-quoc-cua-gio-f43859-15c-e533613.html
Hash9cc7d472437c87f6f7ebeb35abec09f1 948bb2b7bf4bbc829015c125e1b6f7859b2948b0 9a39510af72db44fb14d333c52c41da0e90827afcfe78c8f12b367f0a94783b7
GET /css?family=Roboto:300,400,700&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: text/css; charset=utf-8
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Link: <http://fonts.gstatic.com>; rel=preconnect; crossorigin
Expires: Fri, 19 Apr 2024 03:37:24 GMT
Date: Fri, 19 Apr 2024 03:37:24 GMT
Cache-Control: private, max-age=86400
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin-allow-popups
Content-Encoding: gzip
Transfer-Encoding: chunked
Server: ESF
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
|
|
| stripherselfscuba.com/pixel/sbls?bv=24.6.6370&tmpl=482&u=https%3A%2F%2Fcdn.barscreative1.com%2Fsb%2Fau%2F0c%2Fc8%2Fe1%2F0cc8e13ba9d5dbc867b982993e805a9d%2F1632728593.html&l=1325&fd=84 | 172.240.108.68 | 200 OK | 0 B |
URL GET HTTP/1.1stripherselfscuba.com/pixel/sbls?bv=24.6.6370&tmpl=482&u=https%3A%2F%2Fcdn.barscreative1.com%2Fsb%2Fau%2F0c%2Fc8%2Fe1%2F0cc8e13ba9d5dbc867b982993e805a9d%2F1632728593.html&l=1325&fd=84 IP172.240.108.68:80
Requested byhttp://nguonphimc.com/xem-phim/vuong-quoc-cua-gio-f43859-15c-e533613.html
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /pixel/sbls?bv=24.6.6370&tmpl=482&u=https%3A%2F%2Fcdn.barscreative1.com%2Fsb%2Fau%2F0c%2Fc8%2Fe1%2F0cc8e13ba9d5dbc867b982993e805a9d%2F1632728593.html&l=1325&fd=84 HTTP/1.1
Host: stripherselfscuba.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://nguonphimc.com/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Fri, 19 Apr 2024 03:37:24 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
|
|
| stripherselfscuba.com/pixel/sbls?bv=24.6.6370&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Fssp%2Fvpn%2Fclassic-push%2Fsmall%2Fcss%2Fstyle.css&l=3355&fd=31 | 172.240.108.68 | 200 OK | 0 B |
URL GET HTTP/1.1stripherselfscuba.com/pixel/sbls?bv=24.6.6370&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Fssp%2Fvpn%2Fclassic-push%2Fsmall%2Fcss%2Fstyle.css&l=3355&fd=31 IP172.240.108.68:80
Requested byhttp://nguonphimc.com/xem-phim/vuong-quoc-cua-gio-f43859-15c-e533613.html
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /pixel/sbls?bv=24.6.6370&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Fssp%2Fvpn%2Fclassic-push%2Fsmall%2Fcss%2Fstyle.css&l=3355&fd=31 HTTP/1.1
Host: stripherselfscuba.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://nguonphimc.com/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Fri, 19 Apr 2024 03:37:24 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
|
|
| cdn.cloudimagesb.com/si/63/93/4f/63934f19816e914cdf9542ebd1ea81b2/1713364719.png | 45.133.44.9 | 200 OK | 79 kB |
URL GET HTTP/2cdn.cloudimagesb.com/si/63/93/4f/63934f19816e914cdf9542ebd1ea81b2/1713364719.png IP45.133.44.9:443 ASN#39572 DataWeb Global Group B.V.
Requested byhttp://nguonphimc.com/xem-phim/vuong-quoc-cua-gio-f43859-15c-e533613.html CertificateIssuerLet's Encrypt Subjectcdn.cloudimagesb.com FingerprintC6:F3:21:F0:21:7D:7E:96:0F:E8:46:7A:5E:C5:3F:D1:52:B0:67:B0 ValidityFri, 22 Mar 2024 03:01:35 GMT - Thu, 20 Jun 2024 03:01:34 GMT
File typePNG image data, 192 x 192, 8-bit/color RGBA, non-interlaced Hash056a5db1da586024c4c315659f1a70da 364dbecd8995d974c1a8765edd125a62c9dc6754 ef512fcfc0a38fbc2e0299170bbd0b88e2ba27a20180d33fb989eb4dd8b25e6c
GET /si/63/93/4f/63934f19816e914cdf9542ebd1ea81b2/1713364719.png HTTP/1.1
Host: cdn.cloudimagesb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Fri, 19 Apr 2024 03:37:24 GMT
content-type: image/png
content-length: 78742
server: nginx/1.21.6
last-modified: Wed, 17 Apr 2024 14:38:47 GMT
etag: "661fdef7-13396"
expires: Sun, 21 Apr 2024 03:37:24 GMT
cache-control: max-age=172800
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| cdn.creative-bars1.com/sb/ssp/vpn/classic-push/small/css/animate.css | 188.114.97.1 | 200 OK | 4.9 kB |
URL GET HTTP/2cdn.creative-bars1.com/sb/ssp/vpn/classic-push/small/css/animate.css IP188.114.97.1:443
Requested byhttp://nguonphimc.com/xem-phim/vuong-quoc-cua-gio-f43859-15c-e533613.html CertificateIssuerGoogle Trust Services LLC Subjectcreative-bars1.com Fingerprint3D:29:39:2C:F1:E5:C6:EF:54:F5:70:B5:CF:A8:C2:75:4D:89:72:13 ValidityMon, 15 Apr 2024 15:02:18 GMT - Sun, 14 Jul 2024 15:02:17 GMT
Hash3d4123dbfb33d27a5cfdfcfa91df6783 e7d0eeeec54b848f0bc3da8685fa3bc88429d660 cb7d1393b65701b2f97d8da244c2c6023e9cbc3463ecb0136b915cfc775c6887
GET /sb/ssp/vpn/classic-push/small/css/animate.css HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://nguonphimc.com
DNT: 1
Connection: keep-alive
Referer: http://nguonphimc.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 19 Apr 2024 03:37:24 GMT
content-type: text/css
last-modified: Fri, 19 Jan 2024 14:19:42 GMT
etag: W/"65aa84fe-13361"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 18
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ohrMPA%2FWCrH0jAan4MvzlGk1U8bpP1UvxulXpgQbIfqDMsy%2FcF2%2BsHoRDI1NPguMfZI3PhHWVp%2BUBLrM8OHFrwqxPiGT1%2FSvTJf%2BGomvwSKRX8D%2FU%2BGn7ByJo6Ap2nowOiSCHYz%2BQCUw"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8769db183edc0b3d-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| cdn.creative-bars1.com/sb/ssp/vpn/classic-push/small/js/jquery.min.js | 188.114.97.1 | 200 OK | 31 kB |
URL GET HTTP/3cdn.creative-bars1.com/sb/ssp/vpn/classic-push/small/js/jquery.min.js IP188.114.97.1:443
Requested byhttp://nguonphimc.com/xem-phim/vuong-quoc-cua-gio-f43859-15c-e533613.html CertificateIssuerGoogle Trust Services LLC Subjectcreative-bars1.com Fingerprint3D:29:39:2C:F1:E5:C6:EF:54:F5:70:B5:CF:A8:C2:75:4D:89:72:13 ValidityMon, 15 Apr 2024 15:02:18 GMT - Sun, 14 Jul 2024 15:02:17 GMT
File typeJavaScript source, ASCII text, with very long lines (32025) Hash4a356126b9573eb7bd1e9a7494737410 8258d046f17dd3c15a5d3984e1868b7b5d1db329 22642f202577f0ba2f22cbe56b6cf291a09374487567cd3563e0d2a29f75c0c5
GET /sb/ssp/vpn/classic-push/small/js/jquery.min.js HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 19 Apr 2024 03:37:24 GMT
content-type: application/javascript
last-modified: Fri, 19 Jan 2024 14:19:42 GMT
etag: W/"65aa84fe-1499c"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 5581938
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=NyBzCVw19isOt%2FvG%2B%2FTOUc38Xyzgsim8fE209%2BEbTM6NKmpxNAeRmEDtLagTDBHL9JPfllHO%2Fq%2B72u55EUPOFOSQ9yVX%2BYxU3g7rLRjfAkrrvx8UCiAtre%2BmRK7M7AXH63ztqLtNGkEd"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8769db190bfc5694-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| unseenreport.com/pxf.gif?uuid=c6800e26-d533-4dbb-aba8-173ca4d7ed9b&eb=978028c5053b26833423c7a069ce3bd5&te=5db3a4e34790624df926db520a13f79f&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=e&res=14.2069&b_frame=0&pk=5b28bb3338748187b2166508de2d96b3&bl=en-US&sr=1024x1280&sz=1024x1280&hjs=3 | 192.243.59.12 | 200 OK | 1 B |
URL GET HTTP/1.1unseenreport.com/pxf.gif?uuid=c6800e26-d533-4dbb-aba8-173ca4d7ed9b&eb=978028c5053b26833423c7a069ce3bd5&te=5db3a4e34790624df926db520a13f79f&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=e&res=14.2069&b_frame=0&pk=5b28bb3338748187b2166508de2d96b3&bl=en-US&sr=1024x1280&sz=1024x1280&hjs=3 IP192.243.59.12:80 ASN#39572 DataWeb Global Group B.V.
Requested byhttp://nguonphimc.com/xem-phim/vuong-quoc-cua-gio-f43859-15c-e533613.html
File typevery short file (no magic) Hash93b885adfe0da089cdf634904fd59f71 5ba93c9db0cff93f52b521d7420e43f6eda2784f 6e340b9cffb37a989ca544e6bb780a2c78901d3fb33738768511a30617afa01d
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /pxf.gif?uuid=c6800e26-d533-4dbb-aba8-173ca4d7ed9b&eb=978028c5053b26833423c7a069ce3bd5&te=5db3a4e34790624df926db520a13f79f&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=e&res=14.2069&b_frame=0&pk=5b28bb3338748187b2166508de2d96b3&bl=en-US&sr=1024x1280&sz=1024x1280&hjs=3 HTTP/1.1
Host: unseenreport.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://nguonphimc.com/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Fri, 19 Apr 2024 03:37:24 GMT
Content-Type: image/gif
Content-Length: 1
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 8b03f90eae88fd3964fafc5a765889cf
Strict-Transport-Security: max-age=0; includeSubdomains
|
|
| fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 | 142.250.74.131 | 200 OK | 16 kB |
URL GET HTTP/2fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 IP142.250.74.131:443
Requested byhttp://nguonphimc.com/xem-phim/vuong-quoc-cua-gio-f43859-15c-e533613.html CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com Fingerprint8F:81:43:71:C4:F3:8C:FA:6D:EC:B4:5E:1F:58:71:AA:48:42:0E:E9 ValidityMon, 04 Mar 2024 07:16:39 GMT - Mon, 27 May 2024 07:16:38 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 15860, version 1.0 Hashe9f5aaf547f165386cd313b995dddd8e acdef5603c2387b0e5bffd744b679a24a8bc1968 f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
GET /s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://nguonphimc.com
DNT: 1
Connection: keep-alive
Referer: http://fonts.googleapis.com/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin; report-to="apps-themes"
Report-To: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
Timing-Allow-Origin: *
Content-Length: 15860
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Tue, 16 Apr 2024 20:24:04 GMT
Expires: Wed, 16 Apr 2025 20:24:04 GMT
Cache-Control: public, max-age=31536000
Age: 198801
Last-Modified: Wed, 11 May 2022 19:24:42 GMT
Content-Type: font/woff2
|
|
| fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 | 142.250.74.131 | 200 OK | 16 kB |
URL GET HTTP/2fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 IP142.250.74.131:443
Requested byhttp://nguonphimc.com/xem-phim/vuong-quoc-cua-gio-f43859-15c-e533613.html CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com Fingerprint8F:81:43:71:C4:F3:8C:FA:6D:EC:B4:5E:1F:58:71:AA:48:42:0E:E9 ValidityMon, 04 Mar 2024 07:16:39 GMT - Mon, 27 May 2024 07:16:38 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 15744, version 1.0 Hash15d9f621c3bd1599f0169dcf0bd5e63e 7ca9c5967f3bb8bffeab24b639b49c1e7d03fa52 f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://nguonphimc.com
DNT: 1
Connection: keep-alive
Referer: http://fonts.googleapis.com/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin; report-to="apps-themes"
Report-To: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
Timing-Allow-Origin: *
Content-Length: 15744
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Thu, 18 Apr 2024 02:58:06 GMT
Expires: Fri, 18 Apr 2025 02:58:06 GMT
Cache-Control: public, max-age=31536000
Age: 88759
Last-Modified: Wed, 11 May 2022 19:24:48 GMT
Content-Type: font/woff2
|
|
| cdn.barscreative1.com/sb/au/0c/c8/e1/0cc8e13ba9d5dbc867b982993e805a9d/1632728593.html | 45.133.44.3 | 200 OK | 447 B |
URL GET HTTP/2cdn.barscreative1.com/sb/au/0c/c8/e1/0cc8e13ba9d5dbc867b982993e805a9d/1632728593.html IP45.133.44.3:443 ASN#39572 DataWeb Global Group B.V.
Requested byhttp://nguonphimc.com/xem-phim/vuong-quoc-cua-gio-f43859-15c-e533613.html CertificateIssuerLet's Encrypt Subjectcdn.barscreative1.com FingerprintF6:54:F4:B9:EB:AD:1E:FA:8F:76:B9:75:20:9B:41:57:32:37:94:E3 ValiditySun, 10 Mar 2024 03:01:32 GMT - Sat, 08 Jun 2024 03:01:31 GMT
File typegzip compressed data, from Unix Hash1a6f9600fabfee23ddacba3be718fada 94cf50b770d771b7df163394431fc08776f5be4a e7853429724a894b03b8c39a12ae3bd14d6e18fb612d77603eb27404e3c641af
GET /sb/au/0c/c8/e1/0cc8e13ba9d5dbc867b982993e805a9d/1632728593.html HTTP/1.1
Host: cdn.barscreative1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://nguonphimc.com
DNT: 1
Connection: keep-alive
Referer: http://nguonphimc.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 19 Apr 2024 03:37:24 GMT
content-type: text/html; charset=utf-8
server: nginx/1.21.6
last-modified: Mon, 27 Sep 2021 07:43:24 GMT
etag: W/"6151761c-52d"
cache-control: max-age=3600
access-control-allow-origin: *
access-control-expose-headers: Date
content-encoding: gzip
expires: Fri, 19 Apr 2024 04:37:24 GMT
x-proxy-cache: HIT
X-Firefox-Spdy: h2
|
|
| stripherselfscuba.com/pixel/sbs?c=1 | 172.240.108.76 | 200 OK | 0 B |
URL GET HTTP/1.1stripherselfscuba.com/pixel/sbs?c=1 IP172.240.108.76:443
Requested byhttp://nguonphimc.com/xem-phim/vuong-quoc-cua-gio-f43859-15c-e533613.html CertificateIssuerLet's Encrypt Subjectstripherselfscuba.com Fingerprint27:09:AC:8B:2B:B3:33:5D:E9:D5:03:33:75:F8:E2:63:AA:1A:2B:92 ValidityTue, 16 Apr 2024 13:43:56 GMT - Mon, 15 Jul 2024 13:43:55 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /pixel/sbs?c=1 HTTP/1.1
Host: stripherselfscuba.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://nguonphimc.com/
Cookie: u_pl=17093374; uid_id2=c6800e26-d533-4dbb-aba8-173ca4d7ed9b:3:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Fri, 19 Apr 2024 03:37:25 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
|
|
| nguonphimc.com/xem-phim/vuong-quoc-cua-gio-f43859-15d-e533614.html | 94.242.50.163 | 200 OK | 278 B |
URL POST HTTP/1.1nguonphimc.com/xem-phim/vuong-quoc-cua-gio-f43859-15d-e533614.html IP94.242.50.163:80
Requested byhttp://nguonphimc.com/xem-phim/vuong-quoc-cua-gio-f43859-15c-e533613.html
Hash46acadbb986f185fe0f226c6741c83cd 4071f54d1b08e4b9b657fae4ee8876164138ffe4 55d809fe3625c090dfd566cb4c251060f13c8490e54ab9d737fcbd2e85d3e17e
POST /xem-phim/vuong-quoc-cua-gio-f43859-15d-e533614.html HTTP/1.1
Host: nguonphimc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
X-Requested-With: XMLHttpRequest
Content-Length: 87
Origin: http://nguonphimc.com
DNT: 1
Connection: keep-alive
Referer: http://nguonphimc.com/xem-phim/vuong-quoc-cua-gio-f43859-15c-e533613.html
Cookie: PHPSESSID=6e7p16rmec7uov8hvl0a1h0f25; us_session_id=P26349; _ga_DDD7EKFG6W=GS1.1.1713497842.1.0.1713497842.0.0.0; _ga=GA1.1.1963755912.1713497843; dom3ic8zudi28v8lr6fgphwffqoz0j6c=c6800e26-d533-4dbb-aba8-173ca4d7ed9b%3A3%3A1; sb_page_5b28bb3338748187b2166508de2d96b3=1; sb_onpage_5b28bb3338748187b2166508de2d96b3=1; sb_main_5b28bb3338748187b2166508de2d96b3=1; sb_count_5b28bb3338748187b2166508de2d96b3=1
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 19 Apr 2024 03:37:34 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.0.33
X-Powered-By: PHP/7.0.33
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: Accept-Encoding
Content-Encoding: gzip
X-UA-Compatible: IE=edge,chrome=1
Content-Length: 278
Connection: close
Content-Type: text/html; charset=UTF-8
|
|
| grab.nguonphimc.com/embed/vuong-quoc-cua-gio-f43859.html?api=nguonphimc.com&esp=533614&aesp=15d&user=P26349&tim=1713497854&key=r1ennKOWVm9kamdkaG5qa2tlYFeoppujk56XVXBhsQ | 94.242.50.163 | | 3.6 kB |
URL GET grab.nguonphimc.com/embed/vuong-quoc-cua-gio-f43859.html?api=nguonphimc.com&esp=533614&aesp=15d&user=P26349&tim=1713497854&key=r1ennKOWVm9kamdkaG5qa2tlYFeoppujk56XVXBhsQ IP94.242.50.163:0
Requested byhttp://nguonphimc.com/xem-phim/vuong-quoc-cua-gio-f43859-15c-e533613.html
File typeHTML document, Unicode text, UTF-8 text, with CRLF, LF line terminators Hasha80a6eaa82b16ece0ba170b0ebbfa819 9e0a6e7b58a1923e6a66f9afcf8376a016882d34 810cdaebf9742ecb3979b0f7af21f599b2819b739653463321a82ba26dc64c35
GET /embed/vuong-quoc-cua-gio-f43859.html?api=nguonphimc.com&esp=533614&aesp=15d&user=P26349&tim=1713497854&key=r1ennKOWVm9kamdkaG5qa2tlYFeoppujk56XVXBhsQ HTTP/1.1
Host: grab.nguonphimc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://nguonphimc.com/
Cookie: _ga_DDD7EKFG6W=GS1.1.1713497842.1.0.1713497842.0.0.0; _ga=GA1.1.1963755912.1713497843; PHPSESSID=ltkkefb5fel2dida0mujhgvks6; us_session_id=P26368
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 19 Apr 2024 03:37:34 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.0.33
X-Powered-By: PHP/7.0.33
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: Accept-Encoding
Content-Encoding: gzip
X-UA-Compatible: IE=edge,chrome=1
Content-Length: 3639
Connection: close
Content-Type: text/html; charset=UTF-8
|
|
| cdn.creative-bars1.com/sb/ssp/vpn/classic-push/small/css/style.css | 188.114.97.1 | 200 OK | 3.4 kB |
URL GET HTTP/2cdn.creative-bars1.com/sb/ssp/vpn/classic-push/small/css/style.css IP188.114.97.1:443
Requested byhttp://nguonphimc.com/xem-phim/vuong-quoc-cua-gio-f43859-15c-e533613.html CertificateIssuerGoogle Trust Services LLC Subjectcreative-bars1.com Fingerprint3D:29:39:2C:F1:E5:C6:EF:54:F5:70:B5:CF:A8:C2:75:4D:89:72:13 ValidityMon, 15 Apr 2024 15:02:18 GMT - Sun, 14 Jul 2024 15:02:17 GMT
File typeASCII text, with very long lines (3537), with no line terminators Hashb8a277e051f047a41d3229377460f0c9 596b934114e1b6e3cee15ef19925c7f2ff5607e7 9cf981fe6d59b72cb9d12e4bc958983bac07f16b8f1b40bb1c6ced0bf2d6b2d0
GET /sb/ssp/vpn/classic-push/small/css/style.css HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://nguonphimc.com
DNT: 1
Connection: keep-alive
Referer: http://nguonphimc.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 19 Apr 2024 03:37:24 GMT
content-type: text/css
last-modified: Fri, 19 Jan 2024 14:19:42 GMT
etag: W/"65aa84fe-d1b"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 18
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=dFjcQw7vs8iCdaJfSv2vkxY8skmlMZbNkk%2BJfU4FrjGoRueG8JSkyriosmxrouw2RhcSGV%2BVolohXEYvAbEJwETcYaguCPfz3HDwln16NQwoBxFz4PZbdLgs13eg7nSekWvTfMh1XOjP"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8769db183edd0b3d-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| fonts.googleapis.com/css?family=Open+Sans:300,300i,400,400i,600,600i,700,700i,800,800i|Roboto:100,100i,300,300i,400,400i,500,500i,700,700i,900,900i&subset=latin-ext,vietnamese | 142.250.74.106 | 200 OK | 82 kB |
URL GET HTTP/3fonts.googleapis.com/css?family=Open+Sans:300,300i,400,400i,600,600i,700,700i,800,800i|Roboto:100,100i,300,300i,400,400i,500,500i,700,700i,900,900i&subset=latin-ext,vietnamese IP142.250.74.106:443
Requested byhttp://grab.nguonphimc.com/embed/vuong-quoc-cua-gio-f43859.html?api=nguonphimc.com&esp=533613&aesp=15c&user=P26349&tim=1713497843&key=rlennKOWVW9kamdkZ25qa2pkX1eoppujkp6XVXBhsA CertificateIssuerGoogle Trust Services LLC Subjectupload.video.google.com Fingerprint47:5A:64:7D:9F:47:34:07:31:91:97:F7:04:42:7A:D5:EA:AD:07:4E ValidityMon, 04 Mar 2024 07:16:44 GMT - Mon, 27 May 2024 07:16:43 GMT
File typeASCII text, with very long lines (1572) Hash82616926c46483e82c9e0effd92ad431 7def66e1e20fc4cdeb1af4bcad892fbed1be39ba a6dbd8ee53f621b0e770fd487bf3d5dea24a2c804fa468de5f218305420ff120
GET /css?family=Open+Sans:300,300i,400,400i,600,600i,700,700i,800,800i|Roboto:100,100i,300,300i,400,400i,500,500i,700,700i,900,900i&subset=latin-ext,vietnamese HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://grab.nguonphimc.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Fri, 19 Apr 2024 03:37:24 GMT
date: Fri, 19 Apr 2024 03:37:24 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| nguonphimc.com/site/chatbot/refresh/ | 94.242.50.163 | 200 OK | 510 B |
URL POST HTTP/1.1nguonphimc.com/site/chatbot/refresh/ IP94.242.50.163:80
Requested byhttp://nguonphimc.com/xem-phim/vuong-quoc-cua-gio-f43859-15c-e533613.html
File typetroff or preprocessor input, ASCII text, with very long lines (563), with no line terminators Hashbff22fe17036c5b6c547dd78c5bd94cc cd2313c168a5d83c42c6baef7df6a75ccdd4dfec 7c6d2839a65f9d641c45ece431fc26e1337d947ab6876e82ae13005d5a491ff9
POST /site/chatbot/refresh/ HTTP/1.1
Host: nguonphimc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
X-Requested-With: XMLHttpRequest
Content-Length: 16
Origin: http://nguonphimc.com
DNT: 1
Connection: keep-alive
Referer: http://nguonphimc.com/xem-phim/vuong-quoc-cua-gio-f43859-15c-e533613.html
Cookie: PHPSESSID=6e7p16rmec7uov8hvl0a1h0f25; us_session_id=P26349; _ga_DDD7EKFG6W=GS1.1.1713497842.1.0.1713497842.0.0.0; _ga=GA1.1.1963755912.1713497843; dom3ic8zudi28v8lr6fgphwffqoz0j6c=c6800e26-d533-4dbb-aba8-173ca4d7ed9b%3A3%3A1
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 19 Apr 2024 03:37:23 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.0.33
X-Powered-By: PHP/7.0.33
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: Accept-Encoding
Content-Encoding: gzip
X-UA-Compatible: IE=edge,chrome=1
Content-Length: 260
Connection: close
Content-Type: text/html; charset=UTF-8
|
|
| pagead2.googlesyndication.com/pagead/js/adsbygoogle.js | 142.250.74.66 | 200 OK | 148 kB |
URL GET HTTP/2pagead2.googlesyndication.com/pagead/js/adsbygoogle.js IP142.250.74.66:443
Requested byhttp://nguonphimc.com/xem-phim/vuong-quoc-cua-gio-f43859-15c-e533613.html CertificateIssuerGoogle Trust Services LLC Subject*.g.doubleclick.net FingerprintED:0D:E8:DC:2E:0E:7D:5F:CB:BE:43:7B:C7:CB:BF:BC:B7:E5:FC:1E ValidityMon, 04 Mar 2024 06:35:32 GMT - Mon, 27 May 2024 06:35:31 GMT
File typeJavaScript source, ASCII text, with very long lines (3920) Size148 kB (147645 bytes) Hashc5d2c8eda486422a36848b9616727cd5 420828ca13e969301183b6eb53163a3a5168d246 7d80d206905c8d0472fcd3e47481266934bd7d92a8411991a5bf4cdd0d01e64a
GET /pagead/js/adsbygoogle.js HTTP/1.1
Host: pagead2.googlesyndication.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://nguonphimc.com/
Origin: http://nguonphimc.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
link: <https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
vary: Accept-Encoding
date: Fri, 19 Apr 2024 03:37:23 GMT
expires: Fri, 19 Apr 2024 03:37:23 GMT
cache-control: private, max-age=3600, stale-while-revalidate=3600
content-type: text/javascript; charset=UTF-8
etag: 3203851599254655820
access-control-allow-origin: *
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 50759
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| fonts.googleapis.com/icon?family=Material+Icons | 142.250.74.106 | 200 OK | 565 B |
URL GET HTTP/2fonts.googleapis.com/icon?family=Material+Icons IP142.250.74.106:443
Requested byhttp://nguonphimc.com/xem-phim/vuong-quoc-cua-gio-f43859-15c-e533613.html CertificateIssuerGoogle Trust Services LLC Subjectupload.video.google.com Fingerprint47:5A:64:7D:9F:47:34:07:31:91:97:F7:04:42:7A:D5:EA:AD:07:4E ValidityMon, 04 Mar 2024 07:16:44 GMT - Mon, 27 May 2024 07:16:43 GMT
File typeASCII text, with very long lines (588), with no line terminators Hash959a533a3dc02649e0cc3f8f67d942af 34db49ff64aed8b51beaba5b9928ad504a4df335 24864ed3ee6fab66640980d4c24640e579e5583764a8ee8c4f09decf27977247
GET /icon?family=Material+Icons HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://nguonphimc.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Fri, 19 Apr 2024 03:37:22 GMT
date: Fri, 19 Apr 2024 03:37:22 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| stripherselfscuba.com/impr.gif?sid=H4sIAAAAAAAC%2F1RSz2tc1R%2B9Lx34Lr6IKN2JMIqLCs3kvXnz441dBGONBNOmtIpuRO6vmVxz37uPe9%2BbN8kqWJAuB%2FfCy5mkobaI%2FQOsOim4iAgdV1mYjSAuXChKQRCRmQ4GP5vP53PPuXDuOfejvfyU1JHTk8tXzI7Smi41a371wrtBcKm6rpJ8UB1ErfdbjUtV23%2Bl06r5L1ffkHzLLNX9wPcDP6iuKiu7ZrA0BaHSe52g1vFrjXotaDYwsP%2FdXe7BUQ%2Bif0qehRKTykPvPBQfI4k%2FvyzdVmbSi6%2FHuaaZseiLw7eTrcQUCeKzsWs9dJPDORvGPVp9AJMczOTC9P8lMjUh3jcPwJLDuUiw%2Fv5MJ9OQCZj4P4r%2BGFKPoegY3NyEEo8IwAWubiCJb181tqDbT1A6RSek8vh3qGJCKj%2BcRxJ%2FtqLVoHrD6DxTJnEYdEuowRiqN0aaHyHbWYAqjsCzD6HEd2Tp8TqSeH%2FDaQMlTl7ircj3Zb21KJphuNgQjC1SRqPFoB1y2hBtKTpsZpBSY6juGFoOQd055M5DrjzkXQ956iEWJ1UeBEHbF5z6UYfzULQlawk%2FoO1uQAO%2FFSHn0zcMkaVDcD0Et7tI7S621BA2%2Fwpus4QTHlxG0BclCklQOIKCEhSKoMgIin55ILSru%2FK20C5nwbzX5z0sRybr7dEDk%2FVkQkDtEFaUe%2BkpeWZqoFeZ%2FI0teVJtsnrEWBiGUbsRBVGb1YNWq%2BlHQtZFp8VCOFVCuQVQ52FnGubXK0in%2FcVlMHoEp4%2FAlQeaPw9alKCbJXaSu0kvN0nWr3ETQ5gSaVZBtu3t6VPy3CzBq39egOTHyz%2BzK5Pf7vwFbkuktsQH6iFBT98aXTcF2b9uCkfub6SZitUOnaZ7I6OZrHz6ptwujBVrl93wzqt8CkzHe29Jl63TRKik58jdFSWEtKvGckm%2BWHPvSHYtd5sruU3ydP3aa6trcWqlc8okY1A1If977xdwNSFPf%2FLt7ONefKoBZceweYk4PybzgjJj8HQXLj1e%2FjGcFZwhsPqMw1IPRV6ObJ2dHWpFoOXZTlkJJ89MYPL4y1%2BfYCNLp7epKvfcLfTsAmh2E0lcom9L9HUJqodw%2BblRltrj5e%2FnMpheGDFtF%2FaZtvrjmc0TsrZxH06dVENftJnsyjaTjWajK7lgzSbzeZezUEQRR%2BYm3Rd%2B%2BuMfAAAA%2F%2F8BAAD%2F%2F3MszkeSBAAA | 172.240.108.68 | 200 OK | 0 B |
URL GET HTTP/1.1stripherselfscuba.com/impr.gif?sid=H4sIAAAAAAAC%2F1RSz2tc1R%2B9Lx34Lr6IKN2JMIqLCs3kvXnz441dBGONBNOmtIpuRO6vmVxz37uPe9%2BbN8kqWJAuB%2FfCy5mkobaI%2FQOsOim4iAgdV1mYjSAuXChKQRCRmQ4GP5vP53PPuXDuOfejvfyU1JHTk8tXzI7Smi41a371wrtBcKm6rpJ8UB1ErfdbjUtV23%2Bl06r5L1ffkHzLLNX9wPcDP6iuKiu7ZrA0BaHSe52g1vFrjXotaDYwsP%2FdXe7BUQ%2Bif0qehRKTykPvPBQfI4k%2FvyzdVmbSi6%2FHuaaZseiLw7eTrcQUCeKzsWs9dJPDORvGPVp9AJMczOTC9P8lMjUh3jcPwJLDuUiw%2Fv5MJ9OQCZj4P4r%2BGFKPoegY3NyEEo8IwAWubiCJb181tqDbT1A6RSek8vh3qGJCKj%2BcRxJ%2FtqLVoHrD6DxTJnEYdEuowRiqN0aaHyHbWYAqjsCzD6HEd2Tp8TqSeH%2FDaQMlTl7ircj3Zb21KJphuNgQjC1SRqPFoB1y2hBtKTpsZpBSY6juGFoOQd055M5DrjzkXQ956iEWJ1UeBEHbF5z6UYfzULQlawk%2FoO1uQAO%2FFSHn0zcMkaVDcD0Et7tI7S621BA2%2Fwpus4QTHlxG0BclCklQOIKCEhSKoMgIin55ILSru%2FK20C5nwbzX5z0sRybr7dEDk%2FVkQkDtEFaUe%2BkpeWZqoFeZ%2FI0teVJtsnrEWBiGUbsRBVGb1YNWq%2BlHQtZFp8VCOFVCuQVQ52FnGubXK0in%2FcVlMHoEp4%2FAlQeaPw9alKCbJXaSu0kvN0nWr3ETQ5gSaVZBtu3t6VPy3CzBq39egOTHyz%2BzK5Pf7vwFbkuktsQH6iFBT98aXTcF2b9uCkfub6SZitUOnaZ7I6OZrHz6ptwujBVrl93wzqt8CkzHe29Jl63TRKik58jdFSWEtKvGckm%2BWHPvSHYtd5sruU3ydP3aa6trcWqlc8okY1A1If977xdwNSFPf%2FLt7ONefKoBZceweYk4PybzgjJj8HQXLj1e%2FjGcFZwhsPqMw1IPRV6ObJ2dHWpFoOXZTlkJJ89MYPL4y1%2BfYCNLp7epKvfcLfTsAmh2E0lcom9L9HUJqodw%2BblRltrj5e%2FnMpheGDFtF%2FaZtvrjmc0TsrZxH06dVENftJnsyjaTjWajK7lgzSbzeZezUEQRR%2BYm3Rd%2B%2BuMfAAAA%2F%2F8BAAD%2F%2F3MszkeSBAAA IP172.240.108.68:443
Requested byhttp://nguonphimc.com/xem-phim/vuong-quoc-cua-gio-f43859-15c-e533613.html CertificateIssuerLet's Encrypt Subjectstripherselfscuba.com Fingerprint27:09:AC:8B:2B:B3:33:5D:E9:D5:03:33:75:F8:E2:63:AA:1A:2B:92 ValidityTue, 16 Apr 2024 13:43:56 GMT - Mon, 15 Jul 2024 13:43:55 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /impr.gif?sid=H4sIAAAAAAAC%2F1RSz2tc1R%2B9Lx34Lr6IKN2JMIqLCs3kvXnz441dBGONBNOmtIpuRO6vmVxz37uPe9%2BbN8kqWJAuB%2FfCy5mkobaI%2FQOsOim4iAgdV1mYjSAuXChKQRCRmQ4GP5vP53PPuXDuOfejvfyU1JHTk8tXzI7Smi41a371wrtBcKm6rpJ8UB1ErfdbjUtV23%2Bl06r5L1ffkHzLLNX9wPcDP6iuKiu7ZrA0BaHSe52g1vFrjXotaDYwsP%2FdXe7BUQ%2Bif0qehRKTykPvPBQfI4k%2FvyzdVmbSi6%2FHuaaZseiLw7eTrcQUCeKzsWs9dJPDORvGPVp9AJMczOTC9P8lMjUh3jcPwJLDuUiw%2Fv5MJ9OQCZj4P4r%2BGFKPoegY3NyEEo8IwAWubiCJb181tqDbT1A6RSek8vh3qGJCKj%2BcRxJ%2FtqLVoHrD6DxTJnEYdEuowRiqN0aaHyHbWYAqjsCzD6HEd2Tp8TqSeH%2FDaQMlTl7ircj3Zb21KJphuNgQjC1SRqPFoB1y2hBtKTpsZpBSY6juGFoOQd055M5DrjzkXQ956iEWJ1UeBEHbF5z6UYfzULQlawk%2FoO1uQAO%2FFSHn0zcMkaVDcD0Et7tI7S621BA2%2Fwpus4QTHlxG0BclCklQOIKCEhSKoMgIin55ILSru%2FK20C5nwbzX5z0sRybr7dEDk%2FVkQkDtEFaUe%2BkpeWZqoFeZ%2FI0teVJtsnrEWBiGUbsRBVGb1YNWq%2BlHQtZFp8VCOFVCuQVQ52FnGubXK0in%2FcVlMHoEp4%2FAlQeaPw9alKCbJXaSu0kvN0nWr3ETQ5gSaVZBtu3t6VPy3CzBq39egOTHyz%2BzK5Pf7vwFbkuktsQH6iFBT98aXTcF2b9uCkfub6SZitUOnaZ7I6OZrHz6ptwujBVrl93wzqt8CkzHe29Jl63TRKik58jdFSWEtKvGckm%2BWHPvSHYtd5sruU3ydP3aa6trcWqlc8okY1A1If977xdwNSFPf%2FLt7ONefKoBZceweYk4PybzgjJj8HQXLj1e%2FjGcFZwhsPqMw1IPRV6ObJ2dHWpFoOXZTlkJJ89MYPL4y1%2BfYCNLp7epKvfcLfTsAmh2E0lcom9L9HUJqodw%2BblRltrj5e%2FnMpheGDFtF%2FaZtvrjmc0TsrZxH06dVENftJnsyjaTjWajK7lgzSbzeZezUEQRR%2BYm3Rd%2B%2BuMfAAAA%2F%2F8BAAD%2F%2F3MszkeSBAAA HTTP/1.1
Host: stripherselfscuba.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://nguonphimc.com/
Cookie: u_pl=17093374; uid_id2=c6800e26-d533-4dbb-aba8-173ca4d7ed9b:3:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Fri, 19 Apr 2024 03:37:25 GMT
Content-Type: image/gif
Content-Length: 7
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: dcb8eec254d660686fdbd1fb046d8431
Strict-Transport-Security: max-age=0; includeSubdomains
|
|
| stripherselfscuba.com/pixel/sbls?bv=24.6.6370&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Fssp%2Fvpn%2Fclassic-push%2Fsmall%2Fcss%2Fanimate.css&l=78689&fd=30 | 172.240.108.68 | 200 OK | 0 B |
URL GET HTTP/1.1stripherselfscuba.com/pixel/sbls?bv=24.6.6370&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Fssp%2Fvpn%2Fclassic-push%2Fsmall%2Fcss%2Fanimate.css&l=78689&fd=30 IP172.240.108.68:80
Requested byhttp://nguonphimc.com/xem-phim/vuong-quoc-cua-gio-f43859-15c-e533613.html
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /pixel/sbls?bv=24.6.6370&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Fssp%2Fvpn%2Fclassic-push%2Fsmall%2Fcss%2Fanimate.css&l=78689&fd=30 HTTP/1.1
Host: stripherselfscuba.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://nguonphimc.com/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Fri, 19 Apr 2024 03:37:24 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
|
|
| cdn.creative-bars1.com/sb/ssp/vpn/classic-push/small/js/script.js | 188.114.97.1 | 200 OK | 962 B |
URL GET HTTP/3cdn.creative-bars1.com/sb/ssp/vpn/classic-push/small/js/script.js IP188.114.97.1:443
Requested byhttp://nguonphimc.com/xem-phim/vuong-quoc-cua-gio-f43859-15c-e533613.html CertificateIssuerGoogle Trust Services LLC Subjectcreative-bars1.com Fingerprint3D:29:39:2C:F1:E5:C6:EF:54:F5:70:B5:CF:A8:C2:75:4D:89:72:13 ValidityMon, 15 Apr 2024 15:02:18 GMT - Sun, 14 Jul 2024 15:02:17 GMT
File typeASCII text, with very long lines (1015), with no line terminators Hash88523e22d10f0cbad31aa1d8276764fa 9238cd9499e01abdbeb33e68c550d26cfb6eaba5 d553390acb639c765cb6aaa4fbb72529e4005227d190f53108aec87ccec411c2
GET /sb/ssp/vpn/classic-push/small/js/script.js HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://nguonphimc.com
DNT: 1
Connection: keep-alive
Referer: http://nguonphimc.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 19 Apr 2024 03:37:24 GMT
content-type: application/javascript
last-modified: Fri, 19 Jan 2024 14:19:42 GMT
etag: W/"65aa84fe-3c2"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 206097
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=jsNSjiKBdhjksi7bzlu086D4qOMnFuAfof%2B16r5VQuzkaBB%2FDzs0FLTF%2F%2F96xqdUrVV594x%2F97MtnyJXzh5G2BEpP%2B3oZo%2FBuqbRS%2BXBgrTmmXtw07mSjtmQLX2uQ15q5xZhK%2FP4w%2ByL"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8769db196c175694-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| fonts.googleapis.com/css?family=Open+Sans:300,300i,400,400i,600,600i,700,700i,800,800i|Roboto:100,100i,300,300i,400,400i,500,500i,700,700i,900,900i&subset=latin-ext,vietnamese | 142.250.74.106 | 200 OK | 82 kB |
URL GET HTTP/2fonts.googleapis.com/css?family=Open+Sans:300,300i,400,400i,600,600i,700,700i,800,800i|Roboto:100,100i,300,300i,400,400i,500,500i,700,700i,900,900i&subset=latin-ext,vietnamese IP142.250.74.106:443
Requested byhttp://nguonphimc.com/xem-phim/vuong-quoc-cua-gio-f43859-15c-e533613.html CertificateIssuerGoogle Trust Services LLC Subjectupload.video.google.com Fingerprint47:5A:64:7D:9F:47:34:07:31:91:97:F7:04:42:7A:D5:EA:AD:07:4E ValidityMon, 04 Mar 2024 07:16:44 GMT - Mon, 27 May 2024 07:16:43 GMT
File typeASCII text, with very long lines (1572) Hash82616926c46483e82c9e0effd92ad431 7def66e1e20fc4cdeb1af4bcad892fbed1be39ba a6dbd8ee53f621b0e770fd487bf3d5dea24a2c804fa468de5f218305420ff120
GET /css?family=Open+Sans:300,300i,400,400i,600,600i,700,700i,800,800i|Roboto:100,100i,300,300i,400,400i,500,500i,700,700i,900,900i&subset=latin-ext,vietnamese HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://nguonphimc.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Fri, 19 Apr 2024 03:37:22 GMT
date: Fri, 19 Apr 2024 03:37:22 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| stripherselfscuba.com/pixel/sbls?bv=24.6.6370&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Fssp%2Fvpn%2Fclassic-push%2Fsmall%2Fjs%2Fscript.js&l=962&fd=14 | 172.240.108.76 | 200 OK | 0 B |
URL GET HTTP/1.1stripherselfscuba.com/pixel/sbls?bv=24.6.6370&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Fssp%2Fvpn%2Fclassic-push%2Fsmall%2Fjs%2Fscript.js&l=962&fd=14 IP172.240.108.76:80
Requested byhttp://nguonphimc.com/xem-phim/vuong-quoc-cua-gio-f43859-15c-e533613.html
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /pixel/sbls?bv=24.6.6370&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Fssp%2Fvpn%2Fclassic-push%2Fsmall%2Fjs%2Fscript.js&l=962&fd=14 HTTP/1.1
Host: stripherselfscuba.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://nguonphimc.com/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Fri, 19 Apr 2024 03:37:24 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
|
|