| nguonphimb.com/site/site/embed/?url=http://nguonphimb.com/xem-phim/rick-va-morty-2-rick-morty-season-2-f39687.html | 94.242.50.163 | | 0 B |
URL nguonphimb.com/site/site/embed/?url=http://nguonphimb.com/xem-phim/rick-va-morty-2-rick-morty-season-2-f39687.html IP94.242.50.163:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /site/site/embed/?url=http://nguonphimb.com/xem-phim/rick-va-morty-2-rick-morty-season-2-f39687.html HTTP/1.1
Host: nguonphimb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 301 Moved Permanently
Date: Fri, 19 Apr 2024 07:10:38 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.0.33
X-Powered-By: PHP/7.0.33
Set-Cookie: PHPSESSID=tjp3ajlia19pktvckjncoi3np5; path=/
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Location: http://nguonphimb.com/site/site/embed/?url=http://nguonphimb.com/xem-phim/rick-va-morty-2-rick-morty-season-2-f39687.html
X-UA-Compatible: IE=edge,chrome=1
Content-Length: 0
Connection: close
Content-Type: text/html; charset=UTF-8
|
|
| nguonphimb.com/site/site/embed/?url=http://nguonphimb.com/xem-phim/rick-va-morty-2-rick-morty-season-2-f39687.html | 94.242.50.163 | | 0 B |
URL nguonphimb.com/site/site/embed/?url=http://nguonphimb.com/xem-phim/rick-va-morty-2-rick-morty-season-2-f39687.html IP94.242.50.163:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /site/site/embed/?url=http://nguonphimb.com/xem-phim/rick-va-morty-2-rick-morty-season-2-f39687.html HTTP/1.1
Host: nguonphimb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Cookie: PHPSESSID=tjp3ajlia19pktvckjncoi3np5
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 301 Moved Permanently
Date: Fri, 19 Apr 2024 07:10:38 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.0.33
X-Powered-By: PHP/7.0.33
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Location: http://nguonphimc.com/site/site/embed/?url=http://nguonphimb.com/xem-phim/rick-va-morty-2-rick-morty-season-2-f39687.html
X-UA-Compatible: IE=edge,chrome=1
Content-Length: 0
Connection: close
Content-Type: text/html; charset=UTF-8
|
|
| nguonphimc.com/site/site/embed/?url=http://nguonphimb.com/xem-phim/rick-va-morty-2-rick-morty-season-2-f39687.html | 94.242.50.163 | | 728 B |
URL nguonphimc.com/site/site/embed/?url=http://nguonphimb.com/xem-phim/rick-va-morty-2-rick-morty-season-2-f39687.html IP94.242.50.163:0
File typeHTML document, Unicode text, UTF-8 text, with CRLF, LF line terminators Hash766673734762331139b03f83676fa839 0a2f536fb34e03c83fe8628e48cfcb4b739b3b9b 4865c14b5fdad97081bcda1012bc213909c4ddff5c0bde34b63935ce3f64904a
GET /site/site/embed/?url=http://nguonphimb.com/xem-phim/rick-va-morty-2-rick-morty-season-2-f39687.html HTTP/1.1
Host: nguonphimc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 19 Apr 2024 07:10:38 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.0.33
X-Powered-By: PHP/7.0.33
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Set-Cookie: PHPSESSID=2uso23ujno34e1soodor2s6fc5; path=/
us_session_id=P70775; expires=Sat, 20-Apr-2024 07:10:38 GMT; Max-Age=86400; path=/
Vary: Accept-Encoding
Content-Encoding: gzip
X-UA-Compatible: IE=edge,chrome=1
Content-Length: 728
Connection: close
Content-Type: text/html; charset=UTF-8
|
|
| nguonphimc.com/assets/3bd14e95/jquery.min.js | 94.242.50.163 | 200 OK | 34 kB |
URL GET HTTP/1.1nguonphimc.com/assets/3bd14e95/jquery.min.js IP94.242.50.163:80
Requested byhttp://nguonphimc.com/xem-phim/rick-va-morty-2-rick-morty-season-2-f39687.html
File typeJavaScript source, ASCII text, with very long lines (32077) Hash0fca26b5a37a66d68d0f4406976be4b5 ee000eb654b3bd37185665d3901e93b34ce1aa52 8c2812ded6436715279f8fd8db58de307aa39ab0296fe3cf0e879067c51e9b18
GET /assets/3bd14e95/jquery.min.js HTTP/1.1
Host: nguonphimc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://nguonphimc.com/site/site/embed/?url=http://nguonphimb.com/xem-phim/rick-va-morty-2-rick-morty-season-2-f39687.html
Cookie: PHPSESSID=2uso23ujno34e1soodor2s6fc5; us_session_id=P70775
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 19 Apr 2024 07:10:38 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.0.33
Last-Modified: Wed, 30 Nov 2022 09:07:34 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: max-age=31536000, proxy-revalidate
Expires: Sat, 19 Apr 2025 07:10:38 GMT
Content-Length: 33693
Connection: close
Content-Type: application/javascript; charset=utf-8
|
|
| m3.nguonphim.net/media/images/1/favi/favicon-1498701606.png | 94.242.50.163 | 200 OK | 18 kB |
URL GET HTTP/1.1m3.nguonphim.net/media/images/1/favi/favicon-1498701606.png IP94.242.50.163:80
Requested byhttp://nguonphimc.com/xem-phim/rick-va-morty-2-rick-morty-season-2-f39687.html
File typePNG image data, 46 x 48, 8-bit/color RGBA, non-interlaced Hashe6f4a93efe2d93e885abcbb4cc09cd4a e4f94b9e95b40e30b215228316bb7f8c48d08ed2 93b7bbea433aa41f6efb860d3d9777d363f9e64fc1ad4186cd9ef525bbee9c94
GET /media/images/1/favi/favicon-1498701606.png HTTP/1.1
Host: m3.nguonphim.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://nguonphimc.com/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 19 Apr 2024 07:10:38 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.0.33
Last-Modified: Wed, 05 Jul 2017 04:14:59 GMT
ETag: "45d1-5538a3e52eb40"
Accept-Ranges: bytes
Content-Length: 17873
Cache-Control: max-age=5184000, public
Expires: Tue, 18 Jun 2024 07:10:38 GMT
Access-Control-Allow-Origin: *
Connection: close
Content-Type: image/png
|
|
| nguonphimb.com/xem-phim/rick-va-morty-2-rick-morty-season-2-f39687.html | 94.242.50.163 | 301 Moved Permanently | 0 B |
URL User Request GET HTTP/1.1nguonphimb.com/xem-phim/rick-va-morty-2-rick-morty-season-2-f39687.html IP94.242.50.163:80
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /xem-phim/rick-va-morty-2-rick-morty-season-2-f39687.html HTTP/1.1
Host: nguonphimb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://nguonphimc.com/
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Cookie: PHPSESSID=tjp3ajlia19pktvckjncoi3np5
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 301 Moved Permanently
Date: Fri, 19 Apr 2024 07:10:39 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.0.33
X-Powered-By: PHP/7.0.33
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Location: http://nguonphimb.com/xem-phim/rick-va-morty-2-rick-morty-season-2-f39687.html
X-UA-Compatible: IE=edge,chrome=1
Content-Length: 0
Connection: close
Content-Type: text/html; charset=UTF-8
|
|
| nguonphimb.com/xem-phim/rick-va-morty-2-rick-morty-season-2-f39687.html | 94.242.50.163 | 301 Moved Permanently | 0 B |
URL User Request GET HTTP/1.1nguonphimb.com/xem-phim/rick-va-morty-2-rick-morty-season-2-f39687.html IP94.242.50.163:80
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /xem-phim/rick-va-morty-2-rick-morty-season-2-f39687.html HTTP/1.1
Host: nguonphimb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://nguonphimc.com/
DNT: 1
Connection: keep-alive
Cookie: PHPSESSID=tjp3ajlia19pktvckjncoi3np5
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 301 Moved Permanently
Date: Fri, 19 Apr 2024 07:10:39 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.0.33
X-Powered-By: PHP/7.0.33
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Location: http://nguonphimc.com/xem-phim/rick-va-morty-2-rick-morty-season-2-f39687.html
X-UA-Compatible: IE=edge,chrome=1
Content-Length: 0
Connection: close
Content-Type: text/html; charset=UTF-8
|
|
| nguonphimc.com/xem-phim/rick-va-morty-2-rick-morty-season-2-f39687.html | 94.242.50.163 | 200 OK | 20 kB |
URL User Request GET HTTP/1.1nguonphimc.com/xem-phim/rick-va-morty-2-rick-morty-season-2-f39687.html IP94.242.50.163:80
File typeHTML document, Unicode text, UTF-8 text, with very long lines (339), with CRLF, LF line terminators Hash66606d0f10eec4962fb226347f742f87 354dc9ae796c6350b7d73c8e7a5c6a3b2c7f84f4 89a4c0e2c1aafe8abdd594f794c72f896da3961c748a8eb48018425fab2dab62
GET /xem-phim/rick-va-morty-2-rick-morty-season-2-f39687.html HTTP/1.1
Host: nguonphimc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://nguonphimc.com/
DNT: 1
Connection: keep-alive
Cookie: PHPSESSID=2uso23ujno34e1soodor2s6fc5; us_session_id=P70775
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 19 Apr 2024 07:10:39 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.0.33
X-Powered-By: PHP/7.0.33
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: Accept-Encoding
Content-Encoding: gzip
X-UA-Compatible: IE=edge,chrome=1
Content-Length: 19691
Connection: close
Content-Type: text/html; charset=UTF-8
|
|
| nguonphimc.com/themes/np/js/wow.min.js | 94.242.50.163 | 200 OK | 2.7 kB |
URL GET HTTP/1.1nguonphimc.com/themes/np/js/wow.min.js IP94.242.50.163:80
Requested byhttp://nguonphimc.com/xem-phim/rick-va-morty-2-rick-morty-season-2-f39687.html
File typeJavaScript source, ASCII text, with very long lines (8385), with CRLF line terminators Hashe1f1ff6897992a9165e8ce009b4039e3 e297207404fea99863aea60a1dcd3770f8ecddee 37461d9b50fd93b2e6d064c4aa48cbc16d5b1e82c27f47270b87a39225cc00ac
GET /themes/np/js/wow.min.js HTTP/1.1
Host: nguonphimc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://nguonphimc.com/xem-phim/rick-va-morty-2-rick-morty-season-2-f39687.html
Cookie: PHPSESSID=2uso23ujno34e1soodor2s6fc5; us_session_id=P70775
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 19 Apr 2024 07:10:40 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.0.33
Last-Modified: Fri, 19 Jan 2018 09:15:03 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: max-age=31536000, proxy-revalidate
Expires: Sat, 19 Apr 2025 07:10:40 GMT
Content-Length: 2742
Connection: close
Content-Type: application/javascript; charset=utf-8
|
|
| nguonphimc.com/themes/np/js/owl.carousel.min.js | 94.242.50.163 | 200 OK | 6.5 kB |
URL GET HTTP/1.1nguonphimc.com/themes/np/js/owl.carousel.min.js IP94.242.50.163:80
Requested byhttp://nguonphimc.com/xem-phim/rick-va-morty-2-rick-morty-season-2-f39687.html
File typeJavaScript source, ASCII text, with very long lines (635), with CRLF line terminators Hash8c52f27fcac36c7667f8fb846e1e94d5 e5862559db659ffd530c91452d668c5e7b3f0f2d 6c1e31700f68d1666de6b0992e89d413434707718bf729a472404029845bdbad
GET /themes/np/js/owl.carousel.min.js HTTP/1.1
Host: nguonphimc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://nguonphimc.com/xem-phim/rick-va-morty-2-rick-morty-season-2-f39687.html
Cookie: PHPSESSID=2uso23ujno34e1soodor2s6fc5; us_session_id=P70775
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 19 Apr 2024 07:10:40 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.0.33
Last-Modified: Fri, 19 Jan 2018 09:15:03 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: max-age=31536000, proxy-revalidate
Expires: Sat, 19 Apr 2025 07:10:40 GMT
Content-Length: 6464
Connection: close
Content-Type: application/javascript; charset=utf-8
|
|
| nguonphimc.com/themes/np/js/bootstrap.min.js | 94.242.50.163 | 200 OK | 9.7 kB |
URL GET HTTP/1.1nguonphimc.com/themes/np/js/bootstrap.min.js IP94.242.50.163:80
Requested byhttp://nguonphimc.com/xem-phim/rick-va-morty-2-rick-morty-season-2-f39687.html
File typeJavaScript source, ASCII text, with very long lines (32034), with CRLF line terminators Hashe7d9a06cf9053c51cd4ad3386da0659a e45bf1054704a1fdfc4ee2713a16bf9283dea995 9a3724b2051a82064c923cbd68343dcb04014adac3ccb8c4d8ac6a31ba2e12cd
GET /themes/np/js/bootstrap.min.js HTTP/1.1
Host: nguonphimc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://nguonphimc.com/xem-phim/rick-va-morty-2-rick-morty-season-2-f39687.html
Cookie: PHPSESSID=2uso23ujno34e1soodor2s6fc5; us_session_id=P70775
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 19 Apr 2024 07:10:40 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.0.33
Last-Modified: Fri, 19 Jan 2018 09:15:02 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: max-age=31536000, proxy-revalidate
Expires: Sat, 19 Apr 2025 07:10:40 GMT
Content-Length: 9726
Connection: close
Content-Type: application/javascript; charset=utf-8
|
|
| nguonphimc.com/assets/3bd14e95/jquery.min.js | 94.242.50.163 | 200 OK | 34 kB |
URL GET HTTP/1.1nguonphimc.com/assets/3bd14e95/jquery.min.js IP94.242.50.163:80
Requested byhttp://nguonphimc.com/xem-phim/rick-va-morty-2-rick-morty-season-2-f39687.html
File typeJavaScript source, ASCII text, with very long lines (32077) Hash0fca26b5a37a66d68d0f4406976be4b5 ee000eb654b3bd37185665d3901e93b34ce1aa52 8c2812ded6436715279f8fd8db58de307aa39ab0296fe3cf0e879067c51e9b18
GET /assets/3bd14e95/jquery.min.js HTTP/1.1
Host: nguonphimc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://nguonphimc.com/xem-phim/rick-va-morty-2-rick-morty-season-2-f39687.html
Cookie: PHPSESSID=2uso23ujno34e1soodor2s6fc5; us_session_id=P70775
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 19 Apr 2024 07:10:40 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.0.33
Last-Modified: Wed, 30 Nov 2022 09:07:34 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: max-age=31536000, proxy-revalidate
Expires: Sat, 19 Apr 2025 07:10:40 GMT
Content-Length: 33693
Connection: close
Content-Type: application/javascript; charset=utf-8
|
|
| nguonphimc.com/assets/b2993a05/jwplayer.js?ver=2.4.8.2 | 94.242.50.163 | 200 OK | 39 kB |
URL GET HTTP/1.1nguonphimc.com/assets/b2993a05/jwplayer.js?ver=2.4.8.2 IP94.242.50.163:80
Requested byhttp://nguonphimc.com/xem-phim/rick-va-morty-2-rick-morty-season-2-f39687.html
File typeJavaScript source, Unicode text, UTF-8 text, with very long lines (65140) Hash637800d55d2ac43cd3c4a864fac04661 bfb57b2bbe30a271e945e5d36027d69fb01b24cf 2aac7ee38577a71b8f0ec381c7836fc29274407517b9038e879fa762651dc5fc
GET /assets/b2993a05/jwplayer.js?ver=2.4.8.2 HTTP/1.1
Host: nguonphimc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://nguonphimc.com/xem-phim/rick-va-morty-2-rick-morty-season-2-f39687.html
Cookie: PHPSESSID=2uso23ujno34e1soodor2s6fc5; us_session_id=P70775
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 19 Apr 2024 07:10:40 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.0.33
Last-Modified: Wed, 30 Nov 2022 09:07:45 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: max-age=31536000, proxy-revalidate
Expires: Sat, 19 Apr 2025 07:10:40 GMT
Content-Length: 39208
Connection: close
Content-Type: application/javascript; charset=utf-8
|
|
| nguonphimc.com/themes/np/js/jquery.nice-select.js | 94.242.50.163 | 200 OK | 1.5 kB |
URL GET HTTP/1.1nguonphimc.com/themes/np/js/jquery.nice-select.js IP94.242.50.163:80
Requested byhttp://nguonphimc.com/xem-phim/rick-va-morty-2-rick-morty-season-2-f39687.html
File typeJavaScript source, Unicode text, UTF-8 text, with CRLF line terminators Hash723e741faba72abfb0e56b6e0f8a73d8 ba71788614e8e11dbeeebdcac9037b57e7a69ce4 39f6514264e1603542b6aa38ba44c3be0aa7bbdef56ed139d74fe75e24e642fa
GET /themes/np/js/jquery.nice-select.js HTTP/1.1
Host: nguonphimc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://nguonphimc.com/xem-phim/rick-va-morty-2-rick-morty-season-2-f39687.html
Cookie: PHPSESSID=2uso23ujno34e1soodor2s6fc5; us_session_id=P70775
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 19 Apr 2024 07:10:40 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.0.33
Last-Modified: Fri, 19 Jan 2018 09:15:03 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: max-age=31536000, proxy-revalidate
Expires: Sat, 19 Apr 2025 07:10:40 GMT
Content-Length: 1538
Connection: close
Content-Type: application/javascript; charset=utf-8
|
|
| nguonphimc.com/themes/np/js/jquery.magnific-popup.min.js | 94.242.50.163 | 200 OK | 7.3 kB |
URL GET HTTP/1.1nguonphimc.com/themes/np/js/jquery.magnific-popup.min.js IP94.242.50.163:80
Requested byhttp://nguonphimc.com/xem-phim/rick-va-morty-2-rick-morty-season-2-f39687.html
File typeJavaScript source, ASCII text, with very long lines (20087), with CRLF line terminators Hashb37d7edf99565d3858eaa1ad80df3cff 786a4343711e9af5e5dfcc493e7d2331b48875bb b0a45cd5aed66e27bd8ee861d0e3b782c8e79849bde32f90f078b9f2451a36f2
GET /themes/np/js/jquery.magnific-popup.min.js HTTP/1.1
Host: nguonphimc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://nguonphimc.com/xem-phim/rick-va-morty-2-rick-morty-season-2-f39687.html
Cookie: PHPSESSID=2uso23ujno34e1soodor2s6fc5; us_session_id=P70775
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 19 Apr 2024 07:10:40 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.0.33
Last-Modified: Fri, 19 Jan 2018 09:15:03 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: max-age=31536000, proxy-revalidate
Expires: Sat, 19 Apr 2025 07:10:40 GMT
Content-Length: 7346
Connection: close
Content-Type: application/javascript; charset=utf-8
|
|
| nguonphimc.com/themes/np/js/jquery.showmore.src.js | 94.242.50.163 | 200 OK | 434 B |
URL GET HTTP/1.1nguonphimc.com/themes/np/js/jquery.showmore.src.js IP94.242.50.163:80
Requested byhttp://nguonphimc.com/xem-phim/rick-va-morty-2-rick-morty-season-2-f39687.html
File typeJavaScript source, ASCII text, with very long lines (432) Hashf67d16dc855157012280d1b8d2d0ac55 4eaa66120111bb8cb4c21884c647bf609ef3a7a5 89a7b91f92a0583bcfabc3dc0347bfb78822ebe75d229fb766ae2fdc6e7e0d28
GET /themes/np/js/jquery.showmore.src.js HTTP/1.1
Host: nguonphimc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://nguonphimc.com/xem-phim/rick-va-morty-2-rick-morty-season-2-f39687.html
Cookie: PHPSESSID=2uso23ujno34e1soodor2s6fc5; us_session_id=P70775
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 19 Apr 2024 07:10:40 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.0.33
Last-Modified: Fri, 19 Jan 2018 09:15:03 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: max-age=31536000, proxy-revalidate
Expires: Sat, 19 Apr 2025 07:10:40 GMT
Content-Length: 434
Connection: close
Content-Type: application/javascript; charset=utf-8
|
|
| www.googletagmanager.com/gtag/js?id=G-DDD7EKFG6W | 142.250.74.168 | 200 OK | 97 kB |
URL GET HTTP/2www.googletagmanager.com/gtag/js?id=G-DDD7EKFG6W IP142.250.74.168:443
Requested byhttp://nguonphimc.com/xem-phim/rick-va-morty-2-rick-morty-season-2-f39687.html CertificateIssuerGoogle Trust Services LLC Subject*.google-analytics.com FingerprintBF:40:8C:8B:CB:69:1E:3F:E2:3B:B7:8A:8E:C0:D6:98:5F:81:FA:2D ValidityMon, 04 Mar 2024 06:35:45 GMT - Mon, 27 May 2024 06:35:44 GMT
File typeJavaScript source, ASCII text, with very long lines (3969) Hashb8f6033b9ce060e4f63a1ff77a61a7a7 0e6cff65aaba67cac591477b93b9db87c1379a8d 1117e8cf0ba1856f8e7c7cb5a2117fcc298d0c6b30636a25a5043ab6813fba95
GET /gtag/js?id=G-DDD7EKFG6W HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://nguonphimc.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Fri, 19 Apr 2024 07:10:40 GMT
expires: Fri, 19 Apr 2024 07:10:40 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 97099
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| nguonphimc.com/themes/np/css/color.css?v=np2.4.8.2 | 94.242.50.163 | 200 OK | 80 kB |
URL GET HTTP/1.1nguonphimc.com/themes/np/css/color.css?v=np2.4.8.2 IP94.242.50.163:80
Requested byhttp://nguonphimc.com/xem-phim/rick-va-morty-2-rick-morty-season-2-f39687.html
File typeUnicode text, UTF-8 (with BOM) text, with very long lines (65533), with no line terminators Hash9ccfae82c1f9be3cf7c148a39228f53c 9abd7857d28f34c5007b11ee53d2818482775163 d962cf8c297e2b013c20dadac3f99d1af50957de8e1d1de8b4ea960fbd6fd7b6
GET /themes/np/css/color.css?v=np2.4.8.2 HTTP/1.1
Host: nguonphimc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://nguonphimc.com/xem-phim/rick-va-morty-2-rick-morty-season-2-f39687.html
Cookie: PHPSESSID=2uso23ujno34e1soodor2s6fc5; us_session_id=P70775
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 19 Apr 2024 07:10:40 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.0.33
Last-Modified: Wed, 30 Nov 2022 08:58:35 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: max-age=31536000, proxy-revalidate
Expires: Sat, 19 Apr 2025 07:10:40 GMT
Connection: close
Transfer-Encoding: chunked
Content-Type: text/css; charset=utf-8
|
|
| nguonphimc.com/js/main.min.js?v=2.4.8.2 | 94.242.50.163 | 200 OK | 5.6 kB |
URL GET HTTP/1.1nguonphimc.com/js/main.min.js?v=2.4.8.2 IP94.242.50.163:80
Requested byhttp://nguonphimc.com/xem-phim/rick-va-morty-2-rick-morty-season-2-f39687.html
File typeJavaScript source, Unicode text, UTF-8 text, with very long lines (17159) Hash2f3514d630f0195787c0f99778202f3c 2ce2883a59c655b8e02d644a1449fcdfdf604486 23b47b8eb144a359fdd87940db44e0420e7e0062f3cbba762e0e22c35afb3749
GET /js/main.min.js?v=2.4.8.2 HTTP/1.1
Host: nguonphimc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://nguonphimc.com/xem-phim/rick-va-morty-2-rick-morty-season-2-f39687.html
Cookie: PHPSESSID=2uso23ujno34e1soodor2s6fc5; us_session_id=P70775
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 19 Apr 2024 07:10:40 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.0.33
Last-Modified: Sat, 02 May 2020 19:55:57 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: max-age=31536000, proxy-revalidate
Expires: Sat, 19 Apr 2025 07:10:40 GMT
Content-Length: 5620
Connection: close
Content-Type: application/javascript; charset=utf-8
|
|
| m3.nguonphim.net/media/images/1/logo/logo16012018.png | 94.242.50.163 | 200 OK | 10 kB |
URL GET HTTP/1.1m3.nguonphim.net/media/images/1/logo/logo16012018.png IP94.242.50.163:80
Requested byhttp://nguonphimc.com/xem-phim/rick-va-morty-2-rick-morty-season-2-f39687.html
File typePNG image data, 124 x 40, 8-bit/color RGBA, interlaced Hasha9da8ca65d6ba20845e49ae6b63a0a92 f1c7861f134ba1af81047a0fda27027327b736ab 39eb6969b37ac9325026f79f791a7f8a46f9baa5976e3f0aa8b8772730af4e2c
GET /media/images/1/logo/logo16012018.png HTTP/1.1
Host: m3.nguonphim.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://nguonphimc.com/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 19 Apr 2024 07:10:40 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.0.33
Last-Modified: Mon, 15 Jan 2018 20:06:20 GMT
ETag: "2751-562d625d53c2f"
Accept-Ranges: bytes
Content-Length: 10065
Cache-Control: max-age=5184000, public
Expires: Tue, 18 Jun 2024 07:10:40 GMT
Access-Control-Allow-Origin: *
Connection: close
Content-Type: image/png
|
|
| nguonphimc.com/img/loading_film.gif | 94.242.50.163 | 200 OK | 1.9 kB |
URL GET HTTP/1.1nguonphimc.com/img/loading_film.gif IP94.242.50.163:80
Requested byhttp://nguonphimc.com/xem-phim/rick-va-morty-2-rick-morty-season-2-f39687.html
File typeGIF image data, version 89a, 34 x 34 Hashb9d35ba13f16629ec47d785d61d2204c 680ccabf459357685db0c404f4ef23543e735729 43b3f6a202a86e29f40d8a102cf62565fcdc07cebb55185f13eb86b0fbc8c5e6
GET /img/loading_film.gif HTTP/1.1
Host: nguonphimc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://nguonphimc.com/xem-phim/rick-va-morty-2-rick-morty-season-2-f39687.html
Cookie: PHPSESSID=2uso23ujno34e1soodor2s6fc5; us_session_id=P70775
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 19 Apr 2024 07:10:40 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.0.33
Last-Modified: Mon, 25 Dec 2017 07:17:53 GMT
Accept-Ranges: bytes
Content-Length: 1924
Cache-Control: max-age=2592000, public
Expires: Sun, 19 May 2024 07:10:40 GMT
Connection: close
Content-Type: image/gif
|
|
| m3.nguonhay.com/media/images/film/pol/s350_700/vo-than-chua-te-1583765005.jpg | 94.242.50.163 | 200 OK | 70 kB |
URL GET HTTP/1.1m3.nguonhay.com/media/images/film/pol/s350_700/vo-than-chua-te-1583765005.jpg IP94.242.50.163:80
Requested byhttp://nguonphimc.com/xem-phim/rick-va-morty-2-rick-morty-season-2-f39687.html
File typeJPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, progressive, precision 8, 300x426, components 3 Hashfabd25bf58c53cf84b93d09b16a5dab1 44d008211bf7a481cb35b3187b825f54e7c9631c 06138ff6cdd143a248a3b31bbcb4e88ee295c0d11a987a60b9f0c4043fee79e0
GET /media/images/film/pol/s350_700/vo-than-chua-te-1583765005.jpg HTTP/1.1
Host: m3.nguonhay.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://nguonphimc.com/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 19 Apr 2024 07:10:40 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.0.33
Last-Modified: Fri, 12 Jun 2020 07:03:11 GMT
ETag: "112e1-5a7ddab8b8f40"
Accept-Ranges: bytes
Content-Length: 70369
Cache-Control: max-age=5184000, public
Expires: Tue, 18 Jun 2024 07:10:40 GMT
Access-Control-Allow-Origin: *
Connection: close
Content-Type: image/jpeg
|
|
| m3.nguonhay.com/media/images/film/vp/s350_700/rick-va-morty-3-1589872966.jpg | 94.242.50.163 | 200 OK | 54 kB |
URL GET HTTP/1.1m3.nguonhay.com/media/images/film/vp/s350_700/rick-va-morty-3-1589872966.jpg IP94.242.50.163:80
Requested byhttp://nguonphimc.com/xem-phim/rick-va-morty-2-rick-morty-season-2-f39687.html
File typeJPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, progressive, precision 8, 320x459, components 3 Hash3695e22872253d86f3a995f092e48333 0acbb1f8051969af3659f7ce844fe980c837edde 01c4cf086c243151be7984962a022da9863d5dbe6d5791eafc738c8316020c73
GET /media/images/film/vp/s350_700/rick-va-morty-3-1589872966.jpg HTTP/1.1
Host: m3.nguonhay.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://nguonphimc.com/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 19 Apr 2024 07:10:40 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.0.33
Last-Modified: Thu, 11 Jun 2020 15:34:19 GMT
ETag: "d499-5a7d0b1b35115"
Accept-Ranges: bytes
Content-Length: 54425
Cache-Control: max-age=5184000, public
Expires: Tue, 18 Jun 2024 07:10:40 GMT
Access-Control-Allow-Origin: *
Connection: close
Content-Type: image/jpeg
|
|
| m3.nguonhay.com/media/images/film/vp/s350_700/rick-va-morty-4-1589925510.jpg | 94.242.50.163 | 200 OK | 57 kB |
URL GET HTTP/1.1m3.nguonhay.com/media/images/film/vp/s350_700/rick-va-morty-4-1589925510.jpg IP94.242.50.163:80
Requested byhttp://nguonphimc.com/xem-phim/rick-va-morty-2-rick-morty-season-2-f39687.html
File typeJPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, progressive, precision 8, 320x459, components 3 Hash86095eec1a4477bfcd09c578e14e5b4f c976791323a4751d5af80ff1f0caab4dc28d9e28 73b9491892a70929bb3414b95ba66028c1ce76457ce5de1383b8d561b788d0be
GET /media/images/film/vp/s350_700/rick-va-morty-4-1589925510.jpg HTTP/1.1
Host: m3.nguonhay.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://nguonphimc.com/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 19 Apr 2024 07:10:40 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.0.33
Last-Modified: Fri, 12 Jun 2020 01:25:24 GMT
ETag: "df11-5a7d8f3956c83"
Accept-Ranges: bytes
Content-Length: 57105
Cache-Control: max-age=5184000, public
Expires: Tue, 18 Jun 2024 07:10:40 GMT
Access-Control-Allow-Origin: *
Connection: close
Content-Type: image/jpeg
|
|
| m3.nguonhay.com/media/images/film/vp/s350_700/rick-va-morty-5-1626452448.jpg | 94.242.50.163 | 200 OK | 48 kB |
URL GET HTTP/1.1m3.nguonhay.com/media/images/film/vp/s350_700/rick-va-morty-5-1626452448.jpg IP94.242.50.163:80
Requested byhttp://nguonphimc.com/xem-phim/rick-va-morty-2-rick-morty-season-2-f39687.html
File typeJPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, progressive, precision 8, 320x473, components 3 Hashcb3fbf418ea71947562c04fbf4dad917 61bba40f8b2a56a1dff5a29127f44f1c74564f84 10c0511f12483ec0a5b9f4e3e8dd5515d7db5f2f704062b916a8e9b730ff700d
GET /media/images/film/vp/s350_700/rick-va-morty-5-1626452448.jpg HTTP/1.1
Host: m3.nguonhay.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://nguonphimc.com/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 19 Apr 2024 07:10:40 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.0.33
Last-Modified: Fri, 16 Jul 2021 16:20:51 GMT
ETag: "bcba-5c73ff8a0728c"
Accept-Ranges: bytes
Content-Length: 48314
Cache-Control: max-age=5184000, public
Expires: Tue, 18 Jun 2024 07:10:40 GMT
Access-Control-Allow-Origin: *
Connection: close
Content-Type: image/jpeg
|
|
| m3.nguonhay.com/media/images/film/bio/s350_700/chim-boi-ca-1665899828.jpg | 94.242.50.163 | 200 OK | 87 kB |
URL GET HTTP/1.1m3.nguonhay.com/media/images/film/bio/s350_700/chim-boi-ca-1665899828.jpg IP94.242.50.163:80
Requested byhttp://nguonphimc.com/xem-phim/rick-va-morty-2-rick-morty-season-2-f39687.html
File typeJPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, progressive, precision 8, 350x438, components 3 Hashcdb099f8426bd971ac65260f52a7c035 549e05f3215272e4a12832eaf94504d694383bec e46c8ded7ae8965e2881e946441d5a65cfb6937e9f97d1351c70658c5818ba88
GET /media/images/film/bio/s350_700/chim-boi-ca-1665899828.jpg HTTP/1.1
Host: m3.nguonhay.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://nguonphimc.com/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 19 Apr 2024 07:10:40 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.0.33
Last-Modified: Mon, 24 Oct 2022 16:27:41 GMT
ETag: "15256-5ebca453fbe31"
Accept-Ranges: bytes
Content-Length: 86614
Cache-Control: max-age=5184000, public
Expires: Tue, 18 Jun 2024 07:10:40 GMT
Access-Control-Allow-Origin: *
Connection: close
Content-Type: image/jpeg
|
|
| m3.nguonhay.com/media/images/film/newcover/2021/6/s350_700/vua-hai-tac-1624252456.jpg | 94.242.50.163 | 200 OK | 102 kB |
URL GET HTTP/1.1m3.nguonhay.com/media/images/film/newcover/2021/6/s350_700/vua-hai-tac-1624252456.jpg IP94.242.50.163:80
Requested byhttp://nguonphimc.com/xem-phim/rick-va-morty-2-rick-morty-season-2-f39687.html
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 350x525, components 3 Size102 kB (102471 bytes) Hashf3b3235be303bcdd8806ee587f879d0a c5cfc2f2b686184a9bb5d8495268fb62e685d17c f365d987c622865d1bac410f3814dabce383d1dd2d961f00aafaf256b251c42e
GET /media/images/film/newcover/2021/6/s350_700/vua-hai-tac-1624252456.jpg HTTP/1.1
Host: m3.nguonhay.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://nguonphimc.com/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 19 Apr 2024 07:10:40 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.0.33
Last-Modified: Mon, 21 Jun 2021 05:14:17 GMT
ETag: "19047-5c53fbebf16b6"
Accept-Ranges: bytes
Content-Length: 102471
Cache-Control: max-age=5184000, public
Expires: Tue, 18 Jun 2024 07:10:40 GMT
Access-Control-Allow-Origin: *
Connection: close
Content-Type: image/jpeg
|
|
| chokedsmelt.com/5b/28/bb/5b28bb3338748187b2166508de2d96b3.js | 192.243.59.12 | 200 OK | 16 kB |
URL GET HTTP/1.1chokedsmelt.com/5b/28/bb/5b28bb3338748187b2166508de2d96b3.js IP192.243.59.12:80 ASN#39572 DataWeb Global Group B.V.
Requested byhttp://nguonphimc.com/xem-phim/rick-va-morty-2-rick-morty-season-2-f39687.html
File typeJavaScript source, ASCII text, with very long lines (44104), with no line terminators Hash1a73d59e8d28fd5c6cacb0aaaa338520 d39bdbd108aa1b7a0f71a1e0a9ff4e54253891b6 6f96f3316888971f03ec064f245e1abdbe804efc4180c4a11746bcbbe26ca1a5
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /5b/28/bb/5b28bb3338748187b2166508de2d96b3.js HTTP/1.1
Host: chokedsmelt.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://nguonphimc.com/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Fri, 19 Apr 2024 07:10:40 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 96a3f8c39673252222d7f339d66d402d
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
|
|
| m3.nguonhay.com/media/images/film/vp/s350_700/rick-va-morty-1-1589763908.jpg | 94.242.50.163 | 200 OK | 45 kB |
URL GET HTTP/1.1m3.nguonhay.com/media/images/film/vp/s350_700/rick-va-morty-1-1589763908.jpg IP94.242.50.163:80
Requested byhttp://nguonphimc.com/xem-phim/rick-va-morty-2-rick-morty-season-2-f39687.html
File typeJPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, progressive, precision 8, 320x404, components 3 Hashfb7b29decbefcaadc327c27642192d47 ae21da46514ea38bf78550e7cdbdf6135a6d607c ff3f7bb6f026720257413c5c7cf35b95c80321ad46465d8d272bf5f4f93fb3b0
GET /media/images/film/vp/s350_700/rick-va-morty-1-1589763908.jpg HTTP/1.1
Host: m3.nguonhay.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://nguonphimc.com/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 19 Apr 2024 07:10:40 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.0.33
Last-Modified: Fri, 12 Jun 2020 01:29:29 GMT
ETag: "ae06-5a7d90224ca62"
Accept-Ranges: bytes
Content-Length: 44550
Cache-Control: max-age=5184000, public
Expires: Tue, 18 Jun 2024 07:10:40 GMT
Access-Control-Allow-Origin: *
Connection: close
Content-Type: image/jpeg
|
|
| m3.nguonhay.com/media/images/film/oph/s350_700/rick-va-morty-phan-4-1677508429.jpg | 94.242.50.163 | 200 OK | 86 kB |
URL GET HTTP/1.1m3.nguonhay.com/media/images/film/oph/s350_700/rick-va-morty-phan-4-1677508429.jpg IP94.242.50.163:80
Requested byhttp://nguonphimc.com/xem-phim/rick-va-morty-2-rick-morty-season-2-f39687.html
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 341x484, components 3 Hashf11a6d19c548d8992337e70a0ec6941b 686c46e7a13b4995bab3b83591b9091db911aefd bc207bbde663e202716e761b3a47bddb2825f47b4e3b641cc87e35a7b1215f2d
GET /media/images/film/oph/s350_700/rick-va-morty-phan-4-1677508429.jpg HTTP/1.1
Host: m3.nguonhay.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://nguonphimc.com/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 19 Apr 2024 07:10:40 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.0.33
Last-Modified: Sun, 12 Mar 2023 15:49:04 GMT
ETag: "14ea1-5f6b5ef167fe7"
Accept-Ranges: bytes
Content-Length: 85665
Cache-Control: max-age=5184000, public
Expires: Tue, 18 Jun 2024 07:10:40 GMT
Access-Control-Allow-Origin: *
Connection: close
Content-Type: image/jpeg
|
|
| m3.nguonhay.com/media/images/film/oph/s350_700/rick-va-morty-phan-1-1690112014.jpg | 94.242.50.163 | 200 OK | 87 kB |
URL GET HTTP/1.1m3.nguonhay.com/media/images/film/oph/s350_700/rick-va-morty-phan-1-1690112014.jpg IP94.242.50.163:80
Requested byhttp://nguonphimc.com/xem-phim/rick-va-morty-2-rick-morty-season-2-f39687.html
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 280x399, components 3 Hashfd39dedf5b2358cab84b85bc2c0944f8 de447ffceb03032396b3dbd73deac576fee7b353 00ea40c1bb1254ace7fddbee209085d0361781b04b1a422ac062e6a3778a8e12
GET /media/images/film/oph/s350_700/rick-va-morty-phan-1-1690112014.jpg HTTP/1.1
Host: m3.nguonhay.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://nguonphimc.com/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 19 Apr 2024 07:10:40 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.0.33
Last-Modified: Sun, 23 Jul 2023 15:44:35 GMT
ETag: "154ee-601295fee6732"
Accept-Ranges: bytes
Content-Length: 87278
Cache-Control: max-age=5184000, public
Expires: Tue, 18 Jun 2024 07:10:40 GMT
Access-Control-Allow-Origin: *
Connection: close
Content-Type: image/jpeg
|
|
| m3.nguonhay.com/media/images/film/ff/s350_700/rick-va-morty-phan-6-1662623947.jpg | 94.242.50.163 | 200 OK | 52 kB |
URL GET HTTP/1.1m3.nguonhay.com/media/images/film/ff/s350_700/rick-va-morty-phan-6-1662623947.jpg IP94.242.50.163:80
Requested byhttp://nguonphimc.com/xem-phim/rick-va-morty-2-rick-morty-season-2-f39687.html
File typeJPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, progressive, precision 8, 238x344, components 3 Hashb4ea7d2042faeb1c1294d16d94ec6377 059eb1a557034466c98945201d8f54324effb6c9 79a2bc0860b38c732cbcd2f657223ef5450216e167b9b5915acfc65b6196f474
GET /media/images/film/ff/s350_700/rick-va-morty-phan-6-1662623947.jpg HTTP/1.1
Host: m3.nguonhay.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://nguonphimc.com/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 19 Apr 2024 07:10:40 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.0.33
Last-Modified: Thu, 08 Sep 2022 07:59:12 GMT
ETag: "ca46-5e825ce0e2a91"
Accept-Ranges: bytes
Content-Length: 51782
Cache-Control: max-age=5184000, public
Expires: Tue, 18 Jun 2024 07:10:40 GMT
Access-Control-Allow-Origin: *
Connection: close
Content-Type: image/jpeg
|
|
| m3.nguonhay.com/media/images/film/mptv/s350_700/nu-hoang-nuoc-mat-1707443450.jpg | 94.242.50.163 | 200 OK | 55 kB |
URL GET HTTP/1.1m3.nguonhay.com/media/images/film/mptv/s350_700/nu-hoang-nuoc-mat-1707443450.jpg IP94.242.50.163:80
Requested byhttp://nguonphimc.com/xem-phim/rick-va-morty-2-rick-morty-season-2-f39687.html
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 350x501, components 3 Hash7d84be20e84510c02a36491f73526483 911556208f24946169d6e9afe33fc2e5f6e48470 84cdd62c2838005fc964ed071a20d264327cc45c1403b1126ceb263fe479c06a
GET /media/images/film/mptv/s350_700/nu-hoang-nuoc-mat-1707443450.jpg HTTP/1.1
Host: m3.nguonhay.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://nguonphimc.com/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 19 Apr 2024 07:10:40 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.0.33
Last-Modified: Sun, 10 Mar 2024 18:55:46 GMT
ETag: "d82c-61352f90ce8d6"
Accept-Ranges: bytes
Content-Length: 55340
Cache-Control: max-age=5184000, public
Expires: Tue, 18 Jun 2024 07:10:40 GMT
Access-Control-Allow-Origin: *
Connection: close
Content-Type: image/jpeg
|
|
| m3.nguonhay.com/media/images/film/oph/s350_700/rick-va-morty-phan-7-1700222705.jpg | 94.242.50.163 | 200 OK | 123 kB |
URL GET HTTP/1.1m3.nguonhay.com/media/images/film/oph/s350_700/rick-va-morty-phan-7-1700222705.jpg IP94.242.50.163:80
Requested byhttp://nguonphimc.com/xem-phim/rick-va-morty-2-rick-morty-season-2-f39687.html
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 350x525, components 3 Size123 kB (123276 bytes) Hashf1ab48b4270f7338cb230e8227b6d1cc 7ef7e5248fbf790770c7fdd6f8d1752b4f147f14 35decb96ae640459f22cd4b343c2f154f8335f3e5f27a45b43a482883730d070
GET /media/images/film/oph/s350_700/rick-va-morty-phan-7-1700222705.jpg HTTP/1.1
Host: m3.nguonhay.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://nguonphimc.com/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 19 Apr 2024 07:10:40 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.0.33
Last-Modified: Thu, 21 Dec 2023 15:12:32 GMT
ETag: "1e18c-60d0687668c00"
Accept-Ranges: bytes
Content-Length: 123276
Cache-Control: max-age=5184000, public
Expires: Tue, 18 Jun 2024 07:10:40 GMT
Access-Control-Allow-Origin: *
Connection: close
Content-Type: image/jpeg
|
|
| m3.nguonhay.com/media/images/film/ff/s350_700/co-dau-cua-phap-su-phan-2-1684436371.jpg | 94.242.50.163 | 200 OK | 44 kB |
URL GET HTTP/1.1m3.nguonhay.com/media/images/film/ff/s350_700/co-dau-cua-phap-su-phan-2-1684436371.jpg IP94.242.50.163:80
Requested byhttp://nguonphimc.com/xem-phim/rick-va-morty-2-rick-morty-season-2-f39687.html
File typeJPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 238x344, components 3 Hash38a7e921d074049812be6d7af6d0a027 5d1d7860658a7f9428c8ebbb441cc17876affef7 b5f8aca0da640aab08b6c045b8b7cbde4953d62b6f6a660534487db205ac1ab1
GET /media/images/film/ff/s350_700/co-dau-cua-phap-su-phan-2-1684436371.jpg HTTP/1.1
Host: m3.nguonhay.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://nguonphimc.com/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 19 Apr 2024 07:10:40 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.0.33
Last-Modified: Thu, 18 May 2023 19:00:09 GMT
ETag: "ac63-5fbfc69dab713"
Accept-Ranges: bytes
Content-Length: 44131
Cache-Control: max-age=5184000, public
Expires: Tue, 18 Jun 2024 07:10:40 GMT
Access-Control-Allow-Origin: *
Connection: close
Content-Type: image/jpeg
|
|
| m3.nguonhay.com/media/images/film/ff/s350_700/the-gioi-hoan-my-1619204356.jpg | 94.242.50.163 | 200 OK | 45 kB |
URL GET HTTP/1.1m3.nguonhay.com/media/images/film/ff/s350_700/the-gioi-hoan-my-1619204356.jpg IP94.242.50.163:80
Requested byhttp://nguonphimc.com/xem-phim/rick-va-morty-2-rick-morty-season-2-f39687.html
File typeJPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, progressive, precision 8, 238x344, components 3 Hash5e060cae43f33fc6ee9baa645c696f8e 9ac7805332b99d6e27afff6d96d47d72a0369fc8 ed17139b51f4cb501cfa17c692cc257437127fa92980851547df75f6402f13c0
GET /media/images/film/ff/s350_700/the-gioi-hoan-my-1619204356.jpg HTTP/1.1
Host: m3.nguonhay.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://nguonphimc.com/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 19 Apr 2024 07:10:40 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.0.33
Last-Modified: Fri, 23 Apr 2021 18:59:22 GMT
ETag: "af7d-5c0a864d52e4d"
Accept-Ranges: bytes
Content-Length: 44925
Cache-Control: max-age=5184000, public
Expires: Tue, 18 Jun 2024 07:10:40 GMT
Access-Control-Allow-Origin: *
Connection: close
Content-Type: image/jpeg
|
|
| m3.nguonhay.com/media/images/film/pbhorg/s350_700/rick-da-trang-1570529005.jpg | 94.242.50.163 | 200 OK | 37 kB |
URL GET HTTP/1.1m3.nguonhay.com/media/images/film/pbhorg/s350_700/rick-da-trang-1570529005.jpg IP94.242.50.163:80
Requested byhttp://nguonphimc.com/xem-phim/rick-va-morty-2-rick-morty-season-2-f39687.html
File typeJPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, progressive, precision 8, 260x346, components 3 Hashe48223af63f235dd2a158ab22c7349d2 596267f22ced567e94248b7053c8c0ffc394c821 da8817b2a440c6fba5f1734fc15aa0a3086b341c8b0e2c3f29372b96ae42f26a
GET /media/images/film/pbhorg/s350_700/rick-da-trang-1570529005.jpg HTTP/1.1
Host: m3.nguonhay.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://nguonphimc.com/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 19 Apr 2024 07:10:40 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.0.33
Last-Modified: Thu, 11 Jun 2020 15:58:11 GMT
ETag: "9199-5a7d10709d639"
Accept-Ranges: bytes
Content-Length: 37273
Cache-Control: max-age=5184000, public
Expires: Tue, 18 Jun 2024 07:10:40 GMT
Access-Control-Allow-Origin: *
Connection: close
Content-Type: image/jpeg
|
|
| m3.nguonhay.com/media/images/film/ff/s350_700/rick-va-morty-phan-5-1630609208.jpg | 94.242.50.163 | 200 OK | 49 kB |
URL GET HTTP/1.1m3.nguonhay.com/media/images/film/ff/s350_700/rick-va-morty-phan-5-1630609208.jpg IP94.242.50.163:80
Requested byhttp://nguonphimc.com/xem-phim/rick-va-morty-2-rick-morty-season-2-f39687.html
File typeJPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, progressive, precision 8, 238x344, components 3 Hashbd6854032f49622f944950cf8f64b81a f2ffb0742aa14d6a78c6c4d831e830ebb127e083 932afa4d57ce13099c013bee9aca512165ad7a3dbc6aba59f8740cf1b8d88b31
GET /media/images/film/ff/s350_700/rick-va-morty-phan-5-1630609208.jpg HTTP/1.1
Host: m3.nguonhay.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://nguonphimc.com/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 19 Apr 2024 07:10:40 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.0.33
Last-Modified: Thu, 02 Sep 2021 19:00:12 GMT
ETag: "c0fa-5cb07cae6365b"
Accept-Ranges: bytes
Content-Length: 49402
Cache-Control: max-age=5184000, public
Expires: Tue, 18 Jun 2024 07:10:40 GMT
Access-Control-Allow-Origin: *
Connection: close
Content-Type: image/jpeg
|
|
| m3.nguonhay.com/media/images/film/blp/s350_700/thanh-pho-vo-hinh-phan-2-1679987455.jpg | 94.242.50.163 | 200 OK | 48 kB |
URL GET HTTP/1.1m3.nguonhay.com/media/images/film/blp/s350_700/thanh-pho-vo-hinh-phan-2-1679987455.jpg IP94.242.50.163:80
Requested byhttp://nguonphimc.com/xem-phim/rick-va-morty-2-rick-morty-season-2-f39687.html
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 350x490, components 3 Hash8cc161140abbc224c164b98b84a0bcfc c87608439776923b6ebb50f9f82b26f94b2b28bd 0f9650612d5c6d384c88ad8bed442bc1c334f62b3dce609d3f00ac91859f5b71
GET /media/images/film/blp/s350_700/thanh-pho-vo-hinh-phan-2-1679987455.jpg HTTP/1.1
Host: m3.nguonhay.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://nguonphimc.com/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 19 Apr 2024 07:10:40 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.0.33
Last-Modified: Tue, 28 Mar 2023 10:56:11 GMT
ETag: "b985-5f7f3b51d8959"
Accept-Ranges: bytes
Content-Length: 47493
Cache-Control: max-age=5184000, public
Expires: Tue, 18 Jun 2024 07:10:40 GMT
Access-Control-Allow-Origin: *
Connection: close
Content-Type: image/jpeg
|
|
| m3.nguonhay.com/media/images/film/pbhorg/s350_700/vo-thuong-than-de-1607195046.jpg | 94.242.50.163 | 200 OK | 88 kB |
URL GET HTTP/1.1m3.nguonhay.com/media/images/film/pbhorg/s350_700/vo-thuong-than-de-1607195046.jpg IP94.242.50.163:80
Requested byhttp://nguonphimc.com/xem-phim/rick-va-morty-2-rick-morty-season-2-f39687.html
File typeJPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 350x467, components 3 Hashd854ee570202c0a20513c8515999e735 50226555cdc007798b51e22f3b198557930de4f4 ea888fd8948fd830499aaff6ef39e42aefcaaf0c189d570b61c4f80c473224b0
GET /media/images/film/pbhorg/s350_700/vo-thuong-than-de-1607195046.jpg HTTP/1.1
Host: m3.nguonhay.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://nguonphimc.com/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 19 Apr 2024 07:10:40 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.0.33
Last-Modified: Sat, 05 Dec 2020 19:05:23 GMT
ETag: "1572e-5b5bc466c8043"
Accept-Ranges: bytes
Content-Length: 87854
Cache-Control: max-age=5184000, public
Expires: Tue, 18 Jun 2024 07:10:40 GMT
Access-Control-Allow-Origin: *
Connection: close
Content-Type: image/jpeg
|
|
| downstairsnegotiatebarren.com/sfp.js | 188.114.97.1 | 200 OK | 167 B |
URL GET HTTP/2downstairsnegotiatebarren.com/sfp.js IP188.114.97.1:443
Requested byhttp://nguonphimc.com/xem-phim/rick-va-morty-2-rick-morty-season-2-f39687.html CertificateIssuerLet's Encrypt Subjectdownstairsnegotiatebarren.com Fingerprint2C:6A:E1:8E:26:5B:1D:8B:86:CB:C1:72:4E:52:4B:8B:67:3A:D2:44 ValidityMon, 04 Mar 2024 21:53:07 GMT - Sun, 02 Jun 2024 21:53:06 GMT
File typeHTML document, ASCII text, with CRLF line terminators Hash0104c301c5e02bd6148b8703d19b3a73 7436e0b4b1f8c222c38069890b75fa2baf9ca620 446a6087825fa73eadb045e5a2e9e2adf7df241b571228187728191d961dda1f
GET /sfp.js HTTP/1.1
Host: downstairsnegotiatebarren.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://nguonphimc.com/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 301 Moved Permanently
Date: Fri, 19 Apr 2024 07:10:40 GMT
Content-Type: text/html
Content-Length: 167
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Fri, 19 Apr 2024 08:10:40 GMT
Location: https://downstairsnegotiatebarren.com/sfp.js
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=yxkyh3XF2Npo6rWokUCCsyJC7wiYYkfMY2aNMorYho1JDEJ0%2FtQakP3xqmyHdLNlsu%2BTM%2FMmGl0Hdps5liGH53Dw6pXMxj8f69oYfjgPKd%2FprTwyT8RnieYHHh3SP%2BSm4Gp6B2t8LC0CHl96H1TVEA%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 876b1380fc6f1c12-OSL
alt-svc: h2=":443"; ma=60
|
|
| nguonphimc.com/themes/np/images/icon-search-menu.png | 94.242.50.163 | 200 OK | 1.2 kB |
URL GET HTTP/1.1nguonphimc.com/themes/np/images/icon-search-menu.png IP94.242.50.163:80
Requested byhttp://nguonphimc.com/xem-phim/rick-va-morty-2-rick-morty-season-2-f39687.html
File typePNG image data, 19 x 19, 8-bit/color RGBA, non-interlaced Hashe573652e7d75f6471431e9fd48ca706c ef9de78ae35eb6d6f3e04744612c7bed87c3a5ee 49cd4ed8ef5f3b960bdb9a9024f1b4a83b96e39425a339fd1afc2486709c432b
GET /themes/np/images/icon-search-menu.png HTTP/1.1
Host: nguonphimc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://nguonphimc.com/themes/np/css/color.css?v=np2.4.8.2
Cookie: PHPSESSID=2uso23ujno34e1soodor2s6fc5; us_session_id=P70775; _ga_DDD7EKFG6W=GS1.1.1713510640.1.0.1713510640.0.0.0; _ga=GA1.1.170140957.1713510640
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 19 Apr 2024 07:10:40 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.0.33
Last-Modified: Fri, 19 Jan 2018 09:15:00 GMT
Accept-Ranges: bytes
Content-Length: 1229
Cache-Control: max-age=2592000, public
Expires: Sun, 19 May 2024 07:10:40 GMT
Connection: close
Content-Type: image/png
|
|
| nguonphimc.com/themes/np/fonts/fontawesome-webfont.woff2?v=4.7.0 | 94.242.50.163 | 200 OK | 77 kB |
URL GET HTTP/1.1nguonphimc.com/themes/np/fonts/fontawesome-webfont.woff2?v=4.7.0 IP94.242.50.163:80
Requested byhttp://nguonphimc.com/xem-phim/rick-va-morty-2-rick-morty-season-2-f39687.html
File typeWeb Open Font Format (Version 2), TrueType, length 77160, version 4.459 Hashaf7ae505a9eed503f8b8e6982036873e d6f48cba7d076fb6f2fd6ba993a75b9dc1ecbf0c 2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
GET /themes/np/fonts/fontawesome-webfont.woff2?v=4.7.0 HTTP/1.1
Host: nguonphimc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: http://nguonphimc.com/themes/np/css/color.css?v=np2.4.8.2
Cookie: PHPSESSID=2uso23ujno34e1soodor2s6fc5; us_session_id=P70775; _ga_DDD7EKFG6W=GS1.1.1713510640.1.0.1713510640.0.0.0; _ga=GA1.1.170140957.1713510640
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 19 Apr 2024 07:10:40 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.0.33
Last-Modified: Fri, 19 Jan 2018 09:14:59 GMT
Accept-Ranges: bytes
Content-Length: 77160
Cache-Control: max-age=2592000
Expires: Sun, 19 May 2024 07:10:40 GMT
X-UA-Compatible: IE=edge,chrome=1
Connection: close
|
|
| proftrafficcounter.com/stats | 52.29.148.107 | 200 OK | 40 B |
URL GET HTTP/2proftrafficcounter.com/stats IP52.29.148.107:443
Requested byhttp://nguonphimc.com/xem-phim/rick-va-morty-2-rick-morty-season-2-f39687.html CertificateIssuerAmazon Subjectproftrafficcounter.com FingerprintE3:9F:79:6F:80:C0:BF:F8:C4:EB:45:F3:E9:0F:A7:41:F6:0C:05:E6 ValidityTue, 21 Nov 2023 00:00:00 GMT - Thu, 19 Dec 2024 23:59:59 GMT
File typeASCII text, with no line terminators Hash3ccfcb16b9f7fa637032ef7e08896e5d efd55cb7e798d7fb8ce3364e83aa2db4ac0aa412 2c90e4f955d8bd66f0470b916f38310373f0e68a4ff469610846d7a26277b3ce
GET /stats HTTP/1.1
Host: proftrafficcounter.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://nguonphimc.com
DNT: 1
Connection: keep-alive
Referer: http://nguonphimc.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 19 Apr 2024 07:10:40 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: http://nguonphimc.com
vary: Origin
access-control-allow-credentials: true
set-cookie: uid_id2=ffcf9cf4-4c7f-4c68-bb56-4add86711f89:3:1; expires=Mon, 17 Apr 2034 07:10:40 GMT; secure; SameSite=None
X-Firefox-Spdy: h2
|
|
| nguonphimc.com/themes/np/images/bottomNavON.png | 94.242.50.163 | 200 OK | 1.3 kB |
URL GET HTTP/1.1nguonphimc.com/themes/np/images/bottomNavON.png IP94.242.50.163:80
Requested byhttp://nguonphimc.com/xem-phim/rick-va-morty-2-rick-morty-season-2-f39687.html
File typePNG image data, 13 x 13, 8-bit/color RGBA, non-interlaced Hash0703045e13e1ab8508a2273cbe71d5d6 c2d2f79bb3758de5722cddd94eaf4701078b4d71 698cc5f19fb8e30c2a9d8471e81637cb26e8fcd67a55bfffc9ca651a0c45e90f
GET /themes/np/images/bottomNavON.png HTTP/1.1
Host: nguonphimc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://nguonphimc.com/themes/np/css/color.css?v=np2.4.8.2
Cookie: PHPSESSID=2uso23ujno34e1soodor2s6fc5; us_session_id=P70775; _ga_DDD7EKFG6W=GS1.1.1713510640.1.0.1713510640.0.0.0; _ga=GA1.1.170140957.1713510640
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 19 Apr 2024 07:10:40 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.0.33
Last-Modified: Fri, 19 Jan 2018 09:15:00 GMT
Accept-Ranges: bytes
Content-Length: 1334
Cache-Control: max-age=2592000, public
Expires: Sun, 19 May 2024 07:10:40 GMT
Connection: close
Content-Type: image/png
|
|
| nguonphimc.com/site/chatbot/refresh/ | 94.242.50.163 | 200 OK | 260 B |
URL POST HTTP/1.1nguonphimc.com/site/chatbot/refresh/ IP94.242.50.163:80
Requested byhttp://nguonphimc.com/xem-phim/rick-va-morty-2-rick-morty-season-2-f39687.html
Hashba0683de7607ad624fb4cecda80e9bc1 674cb63ed78bcbd018343354b0ae42e9c43d2ee1 83db877ee449fa874aaaf8896bc642c25fc2f6e8c0179b6d4d59a2c0c9cdfce1
POST /site/chatbot/refresh/ HTTP/1.1
Host: nguonphimc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
X-Requested-With: XMLHttpRequest
Content-Length: 16
Origin: http://nguonphimc.com
DNT: 1
Connection: keep-alive
Referer: http://nguonphimc.com/xem-phim/rick-va-morty-2-rick-morty-season-2-f39687.html
Cookie: PHPSESSID=2uso23ujno34e1soodor2s6fc5; us_session_id=P70775; _ga_DDD7EKFG6W=GS1.1.1713510640.1.0.1713510640.0.0.0; _ga=GA1.1.170140957.1713510640
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 19 Apr 2024 07:10:40 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.0.33
X-Powered-By: PHP/7.0.33
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: Accept-Encoding
Content-Encoding: gzip
X-UA-Compatible: IE=edge,chrome=1
Content-Length: 260
Connection: close
Content-Type: text/html; charset=UTF-8
|
|
| nguonphimc.com/site/site/checkaccess/ | 94.242.50.163 | 200 OK | 7 B |
URL POST HTTP/1.1nguonphimc.com/site/site/checkaccess/ IP94.242.50.163:80
Requested byhttp://nguonphimc.com/xem-phim/rick-va-morty-2-rick-morty-season-2-f39687.html
File typeASCII text, with no line terminators Hash4e3ca82bee9b6a4b6c6e30ca31234e50 f007b014714adb9c2c7c105e64dfa8448e9ec77a 148ecdac86b94c986a6bb2da57595b2cc4b35afa88e266ec7f30f79530803efb
POST /site/site/checkaccess/ HTTP/1.1
Host: nguonphimc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
X-Requested-With: XMLHttpRequest
Content-Length: 110
Origin: http://nguonphimc.com
DNT: 1
Connection: keep-alive
Referer: http://nguonphimc.com/xem-phim/rick-va-morty-2-rick-morty-season-2-f39687.html
Cookie: PHPSESSID=2uso23ujno34e1soodor2s6fc5; us_session_id=P70775; _ga_DDD7EKFG6W=GS1.1.1713510640.1.0.1713510640.0.0.0; _ga=GA1.1.170140957.1713510640
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 19 Apr 2024 07:10:40 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.0.33
X-Powered-By: PHP/7.0.33
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
X-UA-Compatible: IE=edge,chrome=1
Content-Length: 7
Connection: close
Content-Type: text/html; charset=UTF-8
|
|
| fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 | 216.58.207.227 | 200 OK | 48 kB |
URL GET HTTP/2fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 IP216.58.207.227:443
Requested byhttp://nguonphimc.com/xem-phim/rick-va-morty-2-rick-morty-season-2-f39687.html CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com Fingerprint8F:81:43:71:C4:F3:8C:FA:6D:EC:B4:5E:1F:58:71:AA:48:42:0E:E9 ValidityMon, 04 Mar 2024 07:16:39 GMT - Mon, 27 May 2024 07:16:38 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 48236, version 1.0 Hash015c126a3520c9a8f6a27979d0266e96 2acf956561d44434a6d84204670cf849d3215d5f 3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
GET /s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://nguonphimc.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 48236
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 18 Apr 2024 02:35:00 GMT
expires: Fri, 18 Apr 2025 02:35:00 GMT
cache-control: public, max-age=31536000
age: 102940
last-modified: Thu, 14 Dec 2023 02:08:40 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 | 216.58.207.227 | 200 OK | 48 kB |
URL GET HTTP/2fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 IP216.58.207.227:443
Requested byhttp://nguonphimc.com/xem-phim/rick-va-morty-2-rick-morty-season-2-f39687.html CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com Fingerprint8F:81:43:71:C4:F3:8C:FA:6D:EC:B4:5E:1F:58:71:AA:48:42:0E:E9 ValidityMon, 04 Mar 2024 07:16:39 GMT - Mon, 27 May 2024 07:16:38 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 48236, version 1.0 Hash015c126a3520c9a8f6a27979d0266e96 2acf956561d44434a6d84204670cf849d3215d5f 3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
GET /s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://nguonphimc.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 48236
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 18 Apr 2024 02:35:00 GMT
expires: Fri, 18 Apr 2025 02:35:00 GMT
cache-control: public, max-age=31536000
age: 102940
last-modified: Thu, 14 Dec 2023 02:08:40 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu7WxKOzY.woff2 | 216.58.207.227 | 200 OK | 5.6 kB |
URL GET HTTP/2fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu7WxKOzY.woff2 IP216.58.207.227:443
Requested byhttp://nguonphimc.com/xem-phim/rick-va-morty-2-rick-morty-season-2-f39687.html CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com Fingerprint8F:81:43:71:C4:F3:8C:FA:6D:EC:B4:5E:1F:58:71:AA:48:42:0E:E9 ValidityMon, 04 Mar 2024 07:16:39 GMT - Mon, 27 May 2024 07:16:38 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 5560, version 1.0 Hashca3b09b62fda648a4511700413313fd0 109cd4c5435bd6614391bb8722c47c287c96b2ec 77b24796a3d4ab521f66765651875338ed50cb9306cfe4603a3e79618e429cec
GET /s/roboto/v30/KFOmCnqEu92Fr1Mu7WxKOzY.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://nguonphimc.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 5560
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 18 Apr 2024 02:45:32 GMT
expires: Fri, 18 Apr 2025 02:45:32 GMT
cache-control: public, max-age=31536000
age: 102308
last-modified: Wed, 11 May 2022 19:24:41 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu7GxKOzY.woff2 | 216.58.207.227 | 200 OK | 12 kB |
URL GET HTTP/2fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu7GxKOzY.woff2 IP216.58.207.227:443
Requested byhttp://nguonphimc.com/xem-phim/rick-va-morty-2-rick-morty-season-2-f39687.html CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com Fingerprint8F:81:43:71:C4:F3:8C:FA:6D:EC:B4:5E:1F:58:71:AA:48:42:0E:E9 ValidityMon, 04 Mar 2024 07:16:39 GMT - Mon, 27 May 2024 07:16:38 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 11872, version 1.0 Hash87ace20058325aa069320aa4af875dff b743548770c46d905ae1ba06310bc001c587fe8e 3c23eb02de6b34e30f18cfb7167abd81a2cedfd1da60dfcb71989517ab3fb431
GET /s/roboto/v30/KFOmCnqEu92Fr1Mu7GxKOzY.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://nguonphimc.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 11872
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 18 Apr 2024 08:34:01 GMT
expires: Fri, 18 Apr 2025 08:34:01 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 11 May 2022 19:25:01 GMT
content-type: font/woff2
age: 81399
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSCmu1aB.woff2 | 216.58.207.227 | 200 OK | 17 kB |
URL GET HTTP/2fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSCmu1aB.woff2 IP216.58.207.227:443
Requested byhttp://nguonphimc.com/xem-phim/rick-va-morty-2-rick-morty-season-2-f39687.html CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com Fingerprint8F:81:43:71:C4:F3:8C:FA:6D:EC:B4:5E:1F:58:71:AA:48:42:0E:E9 ValidityMon, 04 Mar 2024 07:16:39 GMT - Mon, 27 May 2024 07:16:38 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 16552, version 1.0 Hash283c40f79deab0300df8b3ffd86dfc7b 2ef09414a573ac59f4b37e81c8b8a881244b345f 35e5eea83f2e5f2bad1213aa4b4aef30a380720e35c1821f19bc894f8e61e406
GET /s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSCmu1aB.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://nguonphimc.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 16552
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 18 Apr 2024 03:10:17 GMT
expires: Fri, 18 Apr 2025 03:10:17 GMT
cache-control: public, max-age=31536000
last-modified: Thu, 14 Dec 2023 02:08:40 GMT
content-type: font/woff2
age: 100823
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSCmu1aB.woff2 | 216.58.207.227 | 200 OK | 17 kB |
URL GET HTTP/2fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSCmu1aB.woff2 IP216.58.207.227:443
Requested byhttp://nguonphimc.com/xem-phim/rick-va-morty-2-rick-morty-season-2-f39687.html CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com Fingerprint8F:81:43:71:C4:F3:8C:FA:6D:EC:B4:5E:1F:58:71:AA:48:42:0E:E9 ValidityMon, 04 Mar 2024 07:16:39 GMT - Mon, 27 May 2024 07:16:38 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 16552, version 1.0 Hash283c40f79deab0300df8b3ffd86dfc7b 2ef09414a573ac59f4b37e81c8b8a881244b345f 35e5eea83f2e5f2bad1213aa4b4aef30a380720e35c1821f19bc894f8e61e406
GET /s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSCmu1aB.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://nguonphimc.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 16552
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 18 Apr 2024 03:10:17 GMT
expires: Fri, 18 Apr 2025 03:10:17 GMT
cache-control: public, max-age=31536000
last-modified: Thu, 14 Dec 2023 02:08:40 GMT
content-type: font/woff2
age: 100823
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSGmu1aB.woff2 | 216.58.207.227 | 200 OK | 35 kB |
URL GET HTTP/2fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSGmu1aB.woff2 IP216.58.207.227:443
Requested byhttp://nguonphimc.com/xem-phim/rick-va-morty-2-rick-morty-season-2-f39687.html CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com Fingerprint8F:81:43:71:C4:F3:8C:FA:6D:EC:B4:5E:1F:58:71:AA:48:42:0E:E9 ValidityMon, 04 Mar 2024 07:16:39 GMT - Mon, 27 May 2024 07:16:38 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 35328, version 1.0 Hash7670dba29aa2a1560c5d711ea6f6b369 6a2a620d2972f139c804c5a8363c91eb1a7595f6 adfa45260a1306cb5fefc1f17c1b5e7b61135534a82bf1b8e3d0540af7e07e3b
GET /s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSGmu1aB.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://nguonphimc.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 35328
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 16 Apr 2024 07:26:46 GMT
expires: Wed, 16 Apr 2025 07:26:46 GMT
cache-control: public, max-age=31536000
age: 258234
last-modified: Thu, 14 Dec 2023 02:00:45 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSGmu1aB.woff2 | 216.58.207.227 | 200 OK | 35 kB |
URL GET HTTP/2fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSGmu1aB.woff2 IP216.58.207.227:443
Requested byhttp://nguonphimc.com/xem-phim/rick-va-morty-2-rick-morty-season-2-f39687.html CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com Fingerprint8F:81:43:71:C4:F3:8C:FA:6D:EC:B4:5E:1F:58:71:AA:48:42:0E:E9 ValidityMon, 04 Mar 2024 07:16:39 GMT - Mon, 27 May 2024 07:16:38 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 35328, version 1.0 Hash7670dba29aa2a1560c5d711ea6f6b369 6a2a620d2972f139c804c5a8363c91eb1a7595f6 adfa45260a1306cb5fefc1f17c1b5e7b61135534a82bf1b8e3d0540af7e07e3b
GET /s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSGmu1aB.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://nguonphimc.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 35328
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 16 Apr 2024 07:26:46 GMT
expires: Wed, 16 Apr 2025 07:26:46 GMT
cache-control: public, max-age=31536000
age: 258234
last-modified: Thu, 14 Dec 2023 02:00:45 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| fonts.googleapis.com/css?family=Roboto+Condensed:300,300i,400,400i,700,700i&subset=latin-ext,vietnamese | 142.250.74.106 | 200 OK | 129 kB |
URL GET HTTP/2fonts.googleapis.com/css?family=Roboto+Condensed:300,300i,400,400i,700,700i&subset=latin-ext,vietnamese IP142.250.74.106:443
Requested byhttp://nguonphimc.com/xem-phim/rick-va-morty-2-rick-morty-season-2-f39687.html CertificateIssuerGoogle Trust Services LLC Subjectupload.video.google.com Fingerprint47:5A:64:7D:9F:47:34:07:31:91:97:F7:04:42:7A:D5:EA:AD:07:4E ValidityMon, 04 Mar 2024 07:16:44 GMT - Mon, 27 May 2024 07:16:43 GMT
File typegzip compressed data, max compression Size129 kB (129193 bytes) Hash423fb017d1ca1e693a6caa254102f568 08c66881471d3945cfa41ed99cc74679e546b8dd 30f88ac5706a7d9448d0c4cb1c4a4a4a0097ecf9576d163db10cf22547eeb3e0
GET /css?family=Roboto+Condensed:300,300i,400,400i,700,700i&subset=latin-ext,vietnamese HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://nguonphimc.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Fri, 19 Apr 2024 07:10:40 GMT
date: Fri, 19 Apr 2024 07:10:40 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 | 216.58.207.227 | 200 OK | 48 kB |
URL GET HTTP/2fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 IP216.58.207.227:443
Requested byhttp://nguonphimc.com/xem-phim/rick-va-morty-2-rick-morty-season-2-f39687.html CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com Fingerprint8F:81:43:71:C4:F3:8C:FA:6D:EC:B4:5E:1F:58:71:AA:48:42:0E:E9 ValidityMon, 04 Mar 2024 07:16:39 GMT - Mon, 27 May 2024 07:16:38 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 48236, version 1.0 Hash015c126a3520c9a8f6a27979d0266e96 2acf956561d44434a6d84204670cf849d3215d5f 3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
GET /s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://nguonphimc.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 48236
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 18 Apr 2024 02:35:00 GMT
expires: Fri, 18 Apr 2025 02:35:00 GMT
cache-control: public, max-age=31536000
age: 102941
last-modified: Thu, 14 Dec 2023 02:08:40 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| nguonphimc.com/themes/np/images/bottomNavOFF.png | 94.242.50.163 | 200 OK | 1.3 kB |
URL GET HTTP/1.1nguonphimc.com/themes/np/images/bottomNavOFF.png IP94.242.50.163:80
Requested byhttp://nguonphimc.com/xem-phim/rick-va-morty-2-rick-morty-season-2-f39687.html
File typePNG image data, 13 x 13, 8-bit/color RGBA, non-interlaced Hash840cd790a57c4cee3fb5b50d448dfd3a 976ecfbdaadc569488019ad246b6dfa31bdab85b d317c5f6a5b4342d84bcc00cb0c99d2ce3c7d6f1044ac8036d722fcbf728baeb
GET /themes/np/images/bottomNavOFF.png HTTP/1.1
Host: nguonphimc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://nguonphimc.com/themes/np/css/color.css?v=np2.4.8.2
Cookie: PHPSESSID=2uso23ujno34e1soodor2s6fc5; us_session_id=P70775; _ga_DDD7EKFG6W=GS1.1.1713510640.1.0.1713510640.0.0.0; _ga=GA1.1.170140957.1713510640
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 19 Apr 2024 07:10:41 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.0.33
Last-Modified: Fri, 19 Jan 2018 09:15:00 GMT
Accept-Ranges: bytes
Content-Length: 1250
Cache-Control: max-age=2592000, public
Expires: Sun, 19 May 2024 07:10:41 GMT
Connection: close
Content-Type: image/png
|
|
| fonts.googleapis.com/css?family=Open+Sans:300,300i,400,400i,600,600i,700,700i,800,800i|Roboto:100,100i,300,300i,400,400i,500,500i,700,700i,900,900i&subset=latin-ext,vietnamese | 142.250.74.106 | 200 OK | 5.6 kB |
URL GET HTTP/3fonts.googleapis.com/css?family=Open+Sans:300,300i,400,400i,600,600i,700,700i,800,800i|Roboto:100,100i,300,300i,400,400i,500,500i,700,700i,900,900i&subset=latin-ext,vietnamese IP142.250.74.106:443
Requested byhttp://grab.nguonphimc.com/embed/rick-va-morty-2-rick-morty-season-2-f39687.html?api=nguonphimc.com&esp=496442&aesp=1&user=P70775&tim=1713510641&key=rVatn6GZVG5qbWVnZ2VpbGhlXlauqZmmkZ2dWG5krw CertificateIssuerGoogle Trust Services LLC Subjectupload.video.google.com Fingerprint47:5A:64:7D:9F:47:34:07:31:91:97:F7:04:42:7A:D5:EA:AD:07:4E ValidityMon, 04 Mar 2024 07:16:44 GMT - Mon, 27 May 2024 07:16:43 GMT
File typegzip compressed data, max compression Hashdde636ea2356ad7d99d48f2716ddf307 400f6a7454b1cb7a6ebbf7a61cd285366f545cc8 3949a29e128ec7d6afe21a4677ea40075783184721a785510d66d0e71b358fba
GET /css?family=Open+Sans:300,300i,400,400i,600,600i,700,700i,800,800i|Roboto:100,100i,300,300i,400,400i,500,500i,700,700i,900,900i&subset=latin-ext,vietnamese HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://nguonphimc.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Fri, 19 Apr 2024 07:10:40 GMT
date: Fri, 19 Apr 2024 07:10:40 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 | 216.58.207.227 | 200 OK | 16 kB |
URL GET HTTP/1.1fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 IP216.58.207.227:80
Requested byhttp://nguonphimc.com/xem-phim/rick-va-morty-2-rick-morty-season-2-f39687.html
File typeWeb Open Font Format (Version 2), TrueType, length 15860, version 1.0 Hashe9f5aaf547f165386cd313b995dddd8e acdef5603c2387b0e5bffd744b679a24a8bc1968 f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
GET /s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://nguonphimc.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15860
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 16 Apr 2024 01:54:31 GMT
expires: Wed, 16 Apr 2025 01:54:31 GMT
cache-control: public, max-age=31536000
age: 278170
last-modified: Wed, 11 May 2022 19:24:42 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 | 216.58.207.227 | 200 OK | 16 kB |
URL GET HTTP/1.1fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 IP216.58.207.227:80
Requested byhttp://nguonphimc.com/xem-phim/rick-va-morty-2-rick-morty-season-2-f39687.html
File typeWeb Open Font Format (Version 2), TrueType, length 15744, version 1.0 Hash15d9f621c3bd1599f0169dcf0bd5e63e 7ca9c5967f3bb8bffeab24b639b49c1e7d03fa52 f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://nguonphimc.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15744
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 16 Apr 2024 16:27:38 GMT
expires: Wed, 16 Apr 2025 16:27:38 GMT
cache-control: public, max-age=31536000
age: 225783
last-modified: Wed, 11 May 2022 19:24:48 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfCxc4EsA.woff2 | 216.58.207.227 | 200 OK | 5.5 kB |
URL GET HTTP/2fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfCxc4EsA.woff2 IP216.58.207.227:443
Requested byhttp://nguonphimc.com/xem-phim/rick-va-morty-2-rick-morty-season-2-f39687.html CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com Fingerprint8F:81:43:71:C4:F3:8C:FA:6D:EC:B4:5E:1F:58:71:AA:48:42:0E:E9 ValidityMon, 04 Mar 2024 07:16:39 GMT - Mon, 27 May 2024 07:16:38 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 5548, version 1.0 Hashcdaab83619fcacd4027a77c99dd51e69 9e6eae8554f8cc2309b2dae2d9fa217e34eed6a4 4ec57f2a80b91090971b83970230ca09ab3568c5f5b224896ca9aa6180a76aa9
GET /s/roboto/v30/KFOlCnqEu92Fr1MmWUlfCxc4EsA.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://nguonphimc.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 5548
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 18 Apr 2024 17:33:52 GMT
expires: Fri, 18 Apr 2025 17:33:52 GMT
cache-control: public, max-age=31536000
age: 49009
last-modified: Wed, 11 May 2022 19:24:45 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| nguonphimc.com/xem-phim/rick-va-morty-2-rick-morty-season-2-f39687.html | 94.242.50.163 | 200 OK | 508 B |
URL User Request GET HTTP/1.1nguonphimc.com/xem-phim/rick-va-morty-2-rick-morty-season-2-f39687.html IP94.242.50.163:80
Hashe3a6d72d7852cc1ee9865d046f4c8bd8 f8876d85a3e931bf528087ccc34d5912aca7bab7 e969dcadc66aa7a18a7fd60480babace2c441efe5c80c307ec07e6e8872bcaa5
POST /xem-phim/rick-va-morty-2-rick-morty-season-2-f39687.html HTTP/1.1
Host: nguonphimc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
X-Requested-With: XMLHttpRequest
Content-Length: 67
Origin: http://nguonphimc.com
DNT: 1
Connection: keep-alive
Referer: http://nguonphimc.com/xem-phim/rick-va-morty-2-rick-morty-season-2-f39687.html
Cookie: PHPSESSID=2uso23ujno34e1soodor2s6fc5; us_session_id=P70775; _ga_DDD7EKFG6W=GS1.1.1713510640.1.0.1713510640.0.0.0; _ga=GA1.1.170140957.1713510640; dom3ic8zudi28v8lr6fgphwffqoz0j6c=ffcf9cf4-4c7f-4c68-bb56-4add86711f89%3A3%3A1; sb_page_5b28bb3338748187b2166508de2d96b3=1; sb_onpage_5b28bb3338748187b2166508de2d96b3=1; sb_main_5b28bb3338748187b2166508de2d96b3=1; sb_count_5b28bb3338748187b2166508de2d96b3=1
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 19 Apr 2024 07:10:41 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.0.33
X-Powered-By: PHP/7.0.33
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: Accept-Encoding
Content-Encoding: gzip
X-UA-Compatible: IE=edge,chrome=1
Content-Length: 508
Connection: close
Content-Type: text/html; charset=UTF-8
|
|
| fonts.gstatic.com/s/materialiconsextended/v151/kJEjBvgX7BgnkSrUwT8UnLVc38YydejYY-oE_LvJ.woff2 | 216.58.207.227 | 200 OK | 163 kB |
URL GET HTTP/2fonts.gstatic.com/s/materialiconsextended/v151/kJEjBvgX7BgnkSrUwT8UnLVc38YydejYY-oE_LvJ.woff2 IP216.58.207.227:443
Requested byhttps://fundingchoicesmessages.google.com/s/whitelist?hl=vi CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com Fingerprint8F:81:43:71:C4:F3:8C:FA:6D:EC:B4:5E:1F:58:71:AA:48:42:0E:E9 ValidityMon, 04 Mar 2024 07:16:39 GMT - Mon, 27 May 2024 07:16:38 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 162924, version 1.0 Size163 kB (162924 bytes) Hash7f2e1b48b71ec58fda4539018a2f56cc 507bf81f52fa8c99bf2c5c8bd59a981899ca9995 7f80c4c91054b3d6c80721939242c2d4f68f15e41f251e12641f695d78eb2f35
GET /s/materialiconsextended/v151/kJEjBvgX7BgnkSrUwT8UnLVc38YydejYY-oE_LvJ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Referer: https://fundingchoicesmessages.google.com/
Origin: https://fundingchoicesmessages.google.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 162924
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 16 Apr 2024 08:39:07 GMT
expires: Wed, 16 Apr 2025 08:39:07 GMT
cache-control: public, max-age=31536000
age: 253894
last-modified: Mon, 08 Apr 2024 19:05:11 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2 | 216.58.207.227 | 200 OK | 15 kB |
URL GET HTTP/2fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2 IP216.58.207.227:443
Requested byhttps://fundingchoicesmessages.google.com/s/whitelist?hl=vi CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com Fingerprint8F:81:43:71:C4:F3:8C:FA:6D:EC:B4:5E:1F:58:71:AA:48:42:0E:E9 ValidityMon, 04 Mar 2024 07:16:39 GMT - Mon, 27 May 2024 07:16:38 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 15344, version 1.0 Hash5d4aeb4e5f5ef754e307d7ffaef688bd 06db651cdf354c64a7383ea9c77024ef4fb4cef8 3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
GET /s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Referer: https://fundingchoicesmessages.google.com/
Origin: https://fundingchoicesmessages.google.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15344
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 18 Apr 2024 02:43:03 GMT
expires: Fri, 18 Apr 2025 02:43:03 GMT
cache-control: public, max-age=31536000
age: 102458
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu7WxKOzY.woff2 | 216.58.207.227 | 200 OK | 5.2 kB |
URL GET HTTP/2fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu7WxKOzY.woff2 IP216.58.207.227:443
Requested byhttps://fundingchoicesmessages.google.com/s/whitelist?hl=vi CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com Fingerprint8F:81:43:71:C4:F3:8C:FA:6D:EC:B4:5E:1F:58:71:AA:48:42:0E:E9 ValidityMon, 04 Mar 2024 07:16:39 GMT - Mon, 27 May 2024 07:16:38 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 5224, version 1.0 Hasha835084624425dacc5e188c6973c1594 1bef196929bffcabdc834c0deefda104eb7a3318 0dfa6a82824cf2be6bb8543de6ef56b87daae5dd63f9e68c88f02697f94af740
GET /s/roboto/v18/KFOmCnqEu92Fr1Mu7WxKOzY.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Referer: https://fundingchoicesmessages.google.com/
Origin: https://fundingchoicesmessages.google.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 5224
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 18 Apr 2024 17:34:04 GMT
expires: Fri, 18 Apr 2025 17:34:04 GMT
cache-control: public, max-age=31536000
age: 48997
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu7GxKOzY.woff2 | 216.58.207.227 | 200 OK | 12 kB |
URL GET HTTP/2fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu7GxKOzY.woff2 IP216.58.207.227:443
Requested byhttps://fundingchoicesmessages.google.com/s/whitelist?hl=vi CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com Fingerprint8F:81:43:71:C4:F3:8C:FA:6D:EC:B4:5E:1F:58:71:AA:48:42:0E:E9 ValidityMon, 04 Mar 2024 07:16:39 GMT - Mon, 27 May 2024 07:16:38 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 11936, version 1.0 Hash15d8ede0a816bc7a9838207747c6620c f6e2e75f1277c66e282553ae6a22661e51f472b8 dbb8f45730d91bffff8307cfdf7c82e67745d84cb6063a1f3880fadfad59c57d
GET /s/roboto/v18/KFOmCnqEu92Fr1Mu7GxKOzY.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Referer: https://fundingchoicesmessages.google.com/
Origin: https://fundingchoicesmessages.google.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 11936
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 18 Apr 2024 02:57:06 GMT
expires: Fri, 18 Apr 2025 02:57:06 GMT
cache-control: public, max-age=31536000
age: 101615
last-modified: Mon, 16 Oct 2017 17:33:01 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| downstairsnegotiatebarren.com/sfp.js | 188.114.97.1 | 200 OK | 43 kB |
URL GET HTTP/2downstairsnegotiatebarren.com/sfp.js IP188.114.97.1:443
Requested byhttp://nguonphimc.com/xem-phim/rick-va-morty-2-rick-morty-season-2-f39687.html CertificateIssuerLet's Encrypt Subjectdownstairsnegotiatebarren.com Fingerprint2C:6A:E1:8E:26:5B:1D:8B:86:CB:C1:72:4E:52:4B:8B:67:3A:D2:44 ValidityMon, 04 Mar 2024 21:53:07 GMT - Sun, 02 Jun 2024 21:53:06 GMT
File typeJavaScript source, Unicode text, UTF-8 text, with very long lines (65529), with no line terminators Hashf4a2f8f9f99541c6f105bbd0a025bd40 1f8e3eff12168fdd9e719adfc098d24a45b6916a b717cb04231a10d425fd55b73c85a5407119c6826a8bac94142fddfff6958716
GET /sfp.js HTTP/1.1
Host: downstairsnegotiatebarren.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://nguonphimc.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 19 Apr 2024 07:10:41 GMT
content-type: application/javascript; charset=utf-8
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin: *
expires: Thu, 01 Jan 1970 00:00:01 GMT
cache-control: max-age=14400
x-request-id: 74eed0e946d79f284c16734a8bd7ec55
strict-transport-security: max-age=0; includeSubdomains
cf-cache-status: EXPIRED
last-modified: Fri, 19 Apr 2024 07:10:40 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=CS3AZ%2B9srBo6ZW7RU71T07t5%2F0EW4AwDVr2FXcqvqUpdTpj8T6BqL7Ylh9m1vGefdMbxhVCIQ54blVNGSpB5qTX7W5XNrOhNVJR%2BIr72Q7OTv3tFhEJuwV%2FXZd%2F9mnkGnL36QfmzewsEYttBLOSBeg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 876b1382dd87b4ee-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmWUlfCxc4EsA.woff2 | 216.58.207.227 | 200 OK | 5.2 kB |
URL GET HTTP/2fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmWUlfCxc4EsA.woff2 IP216.58.207.227:443
Requested byhttps://fundingchoicesmessages.google.com/s/whitelist?hl=vi CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com Fingerprint8F:81:43:71:C4:F3:8C:FA:6D:EC:B4:5E:1F:58:71:AA:48:42:0E:E9 ValidityMon, 04 Mar 2024 07:16:39 GMT - Mon, 27 May 2024 07:16:38 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 5164, version 1.0 Hashe1d4c2969a3dd92f91fea51f652831ef ff3be3617b93fca22d758f43920abfa313337bc2 570d2dc2ce988d8ae09147ee2eca5ec53f8d5f036e84e3212bf03503374054e5
GET /s/roboto/v18/KFOlCnqEu92Fr1MmWUlfCxc4EsA.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Referer: https://fundingchoicesmessages.google.com/
Origin: https://fundingchoicesmessages.google.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 5164
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 18 Apr 2024 17:40:00 GMT
expires: Fri, 18 Apr 2025 17:40:00 GMT
cache-control: public, max-age=31536000
age: 48641
last-modified: Mon, 16 Oct 2017 17:33:09 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 | 216.58.207.227 | 200 OK | 16 kB |
URL GET HTTP/2fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 IP216.58.207.227:443
Requested byhttps://fundingchoicesmessages.google.com/s/whitelist?hl=vi CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com Fingerprint8F:81:43:71:C4:F3:8C:FA:6D:EC:B4:5E:1F:58:71:AA:48:42:0E:E9 ValidityMon, 04 Mar 2024 07:16:39 GMT - Mon, 27 May 2024 07:16:38 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 15552, version 1.0 Hash285467176f7fe6bb6a9c6873b3dad2cc ea04e4ff5142ddd69307c183def721a160e0a64e 5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
GET /s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Referer: https://fundingchoicesmessages.google.com/
Origin: https://fundingchoicesmessages.google.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15552
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 18 Apr 2024 17:25:07 GMT
expires: Fri, 18 Apr 2025 17:25:07 GMT
cache-control: public, max-age=31536000
age: 49534
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| www.gstatic.com/_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingAdwallUi.vi.pWvgqKnqE8Y.es5.O/am=gKEb/d=1/excm=_b,_tp,allowadsview/ed=1/dg=0/wt=2/ujg=1/rs=AJlcJMyk_vGx5h43VSCi6ky069QGFQvtIA/m=_b,_tp | 142.250.74.35 | 200 OK | 56 kB |
URL GET HTTP/2www.gstatic.com/_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingAdwallUi.vi.pWvgqKnqE8Y.es5.O/am=gKEb/d=1/excm=_b,_tp,allowadsview/ed=1/dg=0/wt=2/ujg=1/rs=AJlcJMyk_vGx5h43VSCi6ky069QGFQvtIA/m=_b,_tp IP142.250.74.35:443
Requested byhttps://fundingchoicesmessages.google.com/s/whitelist?hl=vi CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com Fingerprint8F:81:43:71:C4:F3:8C:FA:6D:EC:B4:5E:1F:58:71:AA:48:42:0E:E9 ValidityMon, 04 Mar 2024 07:16:39 GMT - Mon, 27 May 2024 07:16:38 GMT
File typeJavaScript source, ASCII text, with very long lines (2331) Hash65e864be75ee444565658d67774b0c54 7f0f29fd4bb9ca93150b786e4f48f5c2f8bca773 db02c8b4797a18ccbe137c9fc2de340c332ff76454cfd1aaa1e8545766b8ba8f
GET /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingAdwallUi.vi.pWvgqKnqE8Y.es5.O/am=gKEb/d=1/excm=_b,_tp,allowadsview/ed=1/dg=0/wt=2/ujg=1/rs=AJlcJMyk_vGx5h43VSCi6ky069QGFQvtIA/m=_b,_tp HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://fundingchoicesmessages.google.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/content-ads-contributor-boq-js-css-signers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="boq-infra/content-ads-contributor-boq-js-css-signers"
report-to: {"group":"boq-infra/content-ads-contributor-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/content-ads-contributor-boq-js-css-signers"}]}
content-length: 55653
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 18 Apr 2024 15:17:07 GMT
expires: Fri, 18 Apr 2025 15:17:07 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Wed, 17 Apr 2024 21:34:52 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
age: 57214
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fCxc4EsA.woff2 | 216.58.207.227 | 200 OK | 5.3 kB |
URL GET HTTP/2fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fCxc4EsA.woff2 IP216.58.207.227:443
Requested byhttps://fundingchoicesmessages.google.com/s/whitelist?hl=vi CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com Fingerprint8F:81:43:71:C4:F3:8C:FA:6D:EC:B4:5E:1F:58:71:AA:48:42:0E:E9 ValidityMon, 04 Mar 2024 07:16:39 GMT - Mon, 27 May 2024 07:16:38 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 5284, version 1.0 Hash6bef514048228359f2f8f5e0235f8599 318cb182661d72332dc8a8316d2e6df0332756c4 135d563a494b1f8e6196278b7f597258a563f1438f5953c6fbef106070f66ec8
GET /s/roboto/v18/KFOlCnqEu92Fr1MmEU9fCxc4EsA.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Referer: https://fundingchoicesmessages.google.com/
Origin: https://fundingchoicesmessages.google.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 5284
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 18 Apr 2024 02:37:21 GMT
expires: Fri, 18 Apr 2025 02:37:21 GMT
cache-control: public, max-age=31536000
age: 102800
last-modified: Mon, 16 Oct 2017 17:32:49 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| grab.nguonphimc.com/embed/rick-va-morty-2-rick-morty-season-2-f39687.html?api=nguonphimc.com&esp=496442&aesp=1&user=P70775&tim=1713510641&key=rVatn6GZVG5qbWVnZ2VpbGhlXlauqZmmkZ2dWG5krw | 94.242.50.163 | 200 OK | 5.1 kB |
URL GET HTTP/1.1grab.nguonphimc.com/embed/rick-va-morty-2-rick-morty-season-2-f39687.html?api=nguonphimc.com&esp=496442&aesp=1&user=P70775&tim=1713510641&key=rVatn6GZVG5qbWVnZ2VpbGhlXlauqZmmkZ2dWG5krw IP94.242.50.163:80
Requested byhttp://nguonphimc.com/xem-phim/rick-va-morty-2-rick-morty-season-2-f39687.html
File typeHTML document, Unicode text, UTF-8 text, with CRLF, LF line terminators Hashc3911a34ad838a26e2d2cda46c347621 3ef1bf36ce6169d0ad5b3d52b6105e86458baa50 b19362bd4c77fb1e8466856508310b4c1e879d0338eae65dc81e50b5f77726ff
GET /embed/rick-va-morty-2-rick-morty-season-2-f39687.html?api=nguonphimc.com&esp=496442&aesp=1&user=P70775&tim=1713510641&key=rVatn6GZVG5qbWVnZ2VpbGhlXlauqZmmkZ2dWG5krw HTTP/1.1
Host: grab.nguonphimc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://nguonphimc.com/
Cookie: _ga_DDD7EKFG6W=GS1.1.1713510640.1.0.1713510640.0.0.0; _ga=GA1.1.170140957.1713510640
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 19 Apr 2024 07:10:41 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.0.33
X-Powered-By: PHP/7.0.33
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Set-Cookie: PHPSESSID=4m1nt5lg3no64vfi0j3ic3bn94; path=/
us_session_id=P70785; expires=Sat, 20-Apr-2024 07:10:41 GMT; Max-Age=86400; path=/
Vary: Accept-Encoding
Content-Encoding: gzip
X-UA-Compatible: IE=edge,chrome=1
Content-Length: 5059
Connection: close
Content-Type: text/html; charset=UTF-8
|
|
| fonts.googleapis.com/css?family=Montserrat:100,100i,200,200i,300,300i,400,400i,500,500i,600,600i,700,700i,800,800i,900,900i | 142.250.74.106 | 200 OK | 36 kB |
URL GET HTTP/3fonts.googleapis.com/css?family=Montserrat:100,100i,200,200i,300,300i,400,400i,500,500i,600,600i,700,700i,800,800i,900,900i IP142.250.74.106:443
Requested byhttp://grab.nguonphimc.com/embed/rick-va-morty-2-rick-morty-season-2-f39687.html?api=nguonphimc.com&esp=496442&aesp=1&user=P70775&tim=1713510641&key=rVatn6GZVG5qbWVnZ2VpbGhlXlauqZmmkZ2dWG5krw CertificateIssuerGoogle Trust Services LLC Subjectupload.video.google.com Fingerprint47:5A:64:7D:9F:47:34:07:31:91:97:F7:04:42:7A:D5:EA:AD:07:4E ValidityMon, 04 Mar 2024 07:16:44 GMT - Mon, 27 May 2024 07:16:43 GMT
File typeJavaScript source, ASCII text, with very long lines (26972) Hash614d1d9f548535a1326418a4585c5422 26bf5e9bfe2f534bc0b983ac9aa0f5828ad37c74 fff22ef81bb0608f61727fb3c95b6e85ec071bc0114d7a5f7b8c1293401da9c2
GET /css?family=Montserrat:100,100i,200,200i,300,300i,400,400i,500,500i,600,600i,700,700i,800,800i,900,900i HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://nguonphimc.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Fri, 19 Apr 2024 07:10:40 GMT
date: Fri, 19 Apr 2024 07:10:40 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| m3.nguonphim.net/media/images/1/favi/favicon-1498701606.png | 94.242.50.163 | 200 OK | 18 kB |
URL GET HTTP/1.1m3.nguonphim.net/media/images/1/favi/favicon-1498701606.png IP94.242.50.163:80
Requested byhttp://nguonphimc.com/xem-phim/rick-va-morty-2-rick-morty-season-2-f39687.html
File typePNG image data, 46 x 48, 8-bit/color RGBA, non-interlaced Hashe6f4a93efe2d93e885abcbb4cc09cd4a e4f94b9e95b40e30b215228316bb7f8c48d08ed2 93b7bbea433aa41f6efb860d3d9777d363f9e64fc1ad4186cd9ef525bbee9c94
GET /media/images/1/favi/favicon-1498701606.png HTTP/1.1
Host: m3.nguonphim.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://nguonphimc.com/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 19 Apr 2024 07:10:41 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.0.33
Last-Modified: Wed, 05 Jul 2017 04:14:59 GMT
ETag: "45d1-5538a3e52eb40"
Accept-Ranges: bytes
Content-Length: 17873
Cache-Control: max-age=5184000, public
Expires: Tue, 18 Jun 2024 07:10:41 GMT
Access-Control-Allow-Origin: *
Connection: close
Content-Type: image/png
|
|
| pagead2.googlesyndication.com/pagead/js/adsbygoogle.js | 142.250.74.34 | 200 OK | 51 kB |
URL GET HTTP/2pagead2.googlesyndication.com/pagead/js/adsbygoogle.js IP142.250.74.34:443
Requested byhttp://nguonphimc.com/xem-phim/rick-va-morty-2-rick-morty-season-2-f39687.html CertificateIssuerGoogle Trust Services LLC Subject*.g.doubleclick.net FingerprintED:0D:E8:DC:2E:0E:7D:5F:CB:BE:43:7B:C7:CB:BF:BC:B7:E5:FC:1E ValidityMon, 04 Mar 2024 06:35:32 GMT - Mon, 27 May 2024 06:35:31 GMT
File typeJavaScript source, ASCII text, with very long lines (3920) Hash737048521d8215c7421d9945d084dfd4 6c10b3be2e1666282c093f561de46449ad2edc23 110b56b4d7b3e71425e11f4c491806d1846f3c0dfa6b98c99cabcc52ec538bb9
GET /pagead/js/adsbygoogle.js HTTP/1.1
Host: pagead2.googlesyndication.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://nguonphimc.com/
Origin: http://nguonphimc.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
link: <https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
vary: Accept-Encoding
date: Fri, 19 Apr 2024 07:10:41 GMT
expires: Fri, 19 Apr 2024 07:10:41 GMT
cache-control: private, max-age=3600, stale-while-revalidate=3600
content-type: text/javascript; charset=UTF-8
etag: 9933551581945205160
access-control-allow-origin: *
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 50818
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| www.gstatic.com/fundingchoices/allowads/blockers/firefox/ab_icon-1.svg | 142.250.74.35 | 200 OK | 15 kB |
URL GET HTTP/3www.gstatic.com/fundingchoices/allowads/blockers/firefox/ab_icon-1.svg IP142.250.74.35:443
Requested byhttps://fundingchoicesmessages.google.com/s/whitelist?hl=vi CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com Fingerprint8F:81:43:71:C4:F3:8C:FA:6D:EC:B4:5E:1F:58:71:AA:48:42:0E:E9 ValidityMon, 04 Mar 2024 07:16:39 GMT - Mon, 27 May 2024 07:16:38 GMT
File typeSVG Scalable Vector Graphics image Hash419033f4f0383492c93db1e6b5e7fa23 96584fdfb4d58c70fb1db6dfc128db296e5cf4e0 c75fbc4fd1beb52bbe64df89d8c402290f5b23bb518abbdd159a268aa0a5f782
GET /fundingchoices/allowads/blockers/firefox/ab_icon-1.svg HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://fundingchoicesmessages.google.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
content-encoding: br
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-length: 15403
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 18 Apr 2024 03:19:24 GMT
expires: Fri, 18 Apr 2025 03:19:24 GMT
cache-control: public, max-age=31536000
age: 100277
last-modified: Tue, 19 Oct 2021 16:18:00 GMT
content-type: image/svg+xml
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| www.gstatic.com/fundingchoices/allowads/blockers/firefox/abp_icon-1.svg | 142.250.74.35 | 200 OK | 1.8 kB |
URL GET HTTP/3www.gstatic.com/fundingchoices/allowads/blockers/firefox/abp_icon-1.svg IP142.250.74.35:443
Requested byhttps://fundingchoicesmessages.google.com/s/whitelist?hl=vi CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com Fingerprint8F:81:43:71:C4:F3:8C:FA:6D:EC:B4:5E:1F:58:71:AA:48:42:0E:E9 ValidityMon, 04 Mar 2024 07:16:39 GMT - Mon, 27 May 2024 07:16:38 GMT
File typeSVG Scalable Vector Graphics image Hash32014d3c673c214354e3236b76047386 f01e5134d98ab4029bb6b7022b00516c9df35b37 bf72e9d16e37c6c685185dfc73478765de0cb102f34872cd90cc28b6a9ab3736
GET /fundingchoices/allowads/blockers/firefox/abp_icon-1.svg HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://fundingchoicesmessages.google.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
content-encoding: br
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-length: 1772
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 18 Apr 2024 03:19:24 GMT
expires: Fri, 18 Apr 2025 03:19:24 GMT
cache-control: public, max-age=31536000
age: 100277
last-modified: Thu, 20 Jul 2023 22:48:00 GMT
content-type: image/svg+xml
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| www.gstatic.com/fundingchoices/allowads/blockers/firefox/browser_ab-2.png | 142.250.74.35 | 200 OK | 7.7 kB |
URL GET HTTP/3www.gstatic.com/fundingchoices/allowads/blockers/firefox/browser_ab-2.png IP142.250.74.35:443
Requested byhttps://fundingchoicesmessages.google.com/s/whitelist?hl=vi CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com Fingerprint8F:81:43:71:C4:F3:8C:FA:6D:EC:B4:5E:1F:58:71:AA:48:42:0E:E9 ValidityMon, 04 Mar 2024 07:16:39 GMT - Mon, 27 May 2024 07:16:38 GMT
File typePNG image data, 794 x 184, 8-bit colormap, non-interlaced Hash13a0bd1dcfc87f4f19579dc5b059af16 82aa8a7312d5023667edc1565962ddfdfb99a678 818af03e73fcb8964cc644383aa9a2ca4db0b1d8634fbdc9216d8a1d460aab6c
GET /fundingchoices/allowads/blockers/firefox/browser_ab-2.png HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://fundingchoicesmessages.google.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-length: 7688
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 15 Apr 2024 20:31:55 GMT
expires: Tue, 15 Apr 2025 20:31:55 GMT
cache-control: public, max-age=31536000
age: 297526
last-modified: Tue, 19 Oct 2021 16:18:00 GMT
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| www.gstatic.com/fundingchoices/allowads/blockers/firefox/uo_icon-1.svg | 142.250.74.35 | 200 OK | 1.3 kB |
URL GET HTTP/3www.gstatic.com/fundingchoices/allowads/blockers/firefox/uo_icon-1.svg IP142.250.74.35:443
Requested byhttps://fundingchoicesmessages.google.com/s/whitelist?hl=vi CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com Fingerprint8F:81:43:71:C4:F3:8C:FA:6D:EC:B4:5E:1F:58:71:AA:48:42:0E:E9 ValidityMon, 04 Mar 2024 07:16:39 GMT - Mon, 27 May 2024 07:16:38 GMT
File typeSVG Scalable Vector Graphics image Hash9d378dcff1b89001c348f1df4564ba48 d81c2c163657754563fcd33b793dc36cd6b3a21e f194962656d2b52acaba476410973194ffc377f15f8710a25b7fbee9fd99a2df
GET /fundingchoices/allowads/blockers/firefox/uo_icon-1.svg HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://fundingchoicesmessages.google.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
content-encoding: br
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-length: 1258
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 18 Apr 2024 17:42:16 GMT
expires: Fri, 18 Apr 2025 17:42:16 GMT
cache-control: public, max-age=31536000
age: 48505
last-modified: Thu, 30 Dec 2021 12:48:00 GMT
content-type: image/svg+xml
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| www.gstatic.com/fundingchoices/allowads/blockers/firefox/uo_allowads_icon-1.png | 142.250.74.35 | 200 OK | 1.1 kB |
URL GET HTTP/3www.gstatic.com/fundingchoices/allowads/blockers/firefox/uo_allowads_icon-1.png IP142.250.74.35:443
Requested byhttps://fundingchoicesmessages.google.com/s/whitelist?hl=vi CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com Fingerprint8F:81:43:71:C4:F3:8C:FA:6D:EC:B4:5E:1F:58:71:AA:48:42:0E:E9 ValidityMon, 04 Mar 2024 07:16:39 GMT - Mon, 27 May 2024 07:16:38 GMT
File typePNG image data, 117 x 127, 8-bit colormap, non-interlaced Hash975c9f127c385e3699795a74098872d8 a83d8ebdda4fc135a66de267850c9f573a52b9fe 5caf71572cd2c4167c04a6ecef78d7b407e460b0517c9b11df5cc0c0b9a0d320
GET /fundingchoices/allowads/blockers/firefox/uo_allowads_icon-1.png HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://fundingchoicesmessages.google.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-length: 1071
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 18 Apr 2024 17:28:24 GMT
expires: Fri, 18 Apr 2025 17:28:24 GMT
cache-control: public, max-age=31536000
age: 49337
last-modified: Thu, 20 Jul 2023 22:48:00 GMT
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| www.gstatic.com/fundingchoices/allowads/blockers/firefox/uo_refresh_icon-1.svg | 142.250.74.35 | 200 OK | 1.5 kB |
URL GET HTTP/3www.gstatic.com/fundingchoices/allowads/blockers/firefox/uo_refresh_icon-1.svg IP142.250.74.35:443
Requested byhttps://fundingchoicesmessages.google.com/s/whitelist?hl=vi CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com Fingerprint8F:81:43:71:C4:F3:8C:FA:6D:EC:B4:5E:1F:58:71:AA:48:42:0E:E9 ValidityMon, 04 Mar 2024 07:16:39 GMT - Mon, 27 May 2024 07:16:38 GMT
File typeSVG Scalable Vector Graphics image Hash606c949e5f626ea9a5a1a1a346209c59 f7700e18535dbb3108d50acbcd6f4f18a533843b bc6e55b647b6656e06c02477e957a9ab8dd2164058f8046bf2c5522a219b7e98
GET /fundingchoices/allowads/blockers/firefox/uo_refresh_icon-1.svg HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://fundingchoicesmessages.google.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
content-encoding: br
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-length: 1492
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 18 Apr 2024 17:33:37 GMT
expires: Fri, 18 Apr 2025 17:33:37 GMT
cache-control: public, max-age=31536000
age: 49024
last-modified: Tue, 19 Oct 2021 16:18:00 GMT
content-type: image/svg+xml
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| www.gstatic.com/fundingchoices/allowads/blockers/firefox/browser_abp-2.png | 142.250.74.35 | 200 OK | 7.4 kB |
URL GET HTTP/3www.gstatic.com/fundingchoices/allowads/blockers/firefox/browser_abp-2.png IP142.250.74.35:443
Requested byhttps://fundingchoicesmessages.google.com/s/whitelist?hl=vi CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com Fingerprint8F:81:43:71:C4:F3:8C:FA:6D:EC:B4:5E:1F:58:71:AA:48:42:0E:E9 ValidityMon, 04 Mar 2024 07:16:39 GMT - Mon, 27 May 2024 07:16:38 GMT
File typePNG image data, 794 x 184, 8-bit colormap, non-interlaced Hash3d77be4b727c5ff097bcac7eb68c09f9 785be4dc822e6817dbc03b69246cd089436bf108 b77a4547e701c49192847e60735a7027f0910a0df2ccf6d6193dcf1e4a74f719
GET /fundingchoices/allowads/blockers/firefox/browser_abp-2.png HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://fundingchoicesmessages.google.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-length: 7390
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 15 Apr 2024 21:55:20 GMT
expires: Tue, 15 Apr 2025 21:55:20 GMT
cache-control: public, max-age=31536000
age: 292521
last-modified: Tue, 19 Oct 2021 16:18:00 GMT
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| www.gstatic.com/fundingchoices/allowads/blockers/firefox/browser_uo-2.png | 142.250.74.35 | 200 OK | 7.2 kB |
URL GET HTTP/3www.gstatic.com/fundingchoices/allowads/blockers/firefox/browser_uo-2.png IP142.250.74.35:443
Requested byhttps://fundingchoicesmessages.google.com/s/whitelist?hl=vi CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com Fingerprint8F:81:43:71:C4:F3:8C:FA:6D:EC:B4:5E:1F:58:71:AA:48:42:0E:E9 ValidityMon, 04 Mar 2024 07:16:39 GMT - Mon, 27 May 2024 07:16:38 GMT
File typePNG image data, 794 x 184, 8-bit colormap, non-interlaced Hash2ca4823b87ee46e5d7a641195cfde652 1d0b4aceb1b0276cbdffaa84facd66b5fe41c714 3d74f9a6b34a1f9936cf3fdcf33ec06f48b602a7202396dcc3aef424a54e5413
GET /fundingchoices/allowads/blockers/firefox/browser_uo-2.png HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://fundingchoicesmessages.google.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-length: 7205
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 18 Apr 2024 17:42:16 GMT
expires: Fri, 18 Apr 2025 17:42:16 GMT
cache-control: public, max-age=31536000
age: 48505
last-modified: Thu, 02 Nov 2023 22:48:00 GMT
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| www.gstatic.com/fundingchoices/allowads/blockers/firefox/abp_power_icon-1.svg | 142.250.74.35 | 200 OK | 731 B |
URL GET HTTP/3www.gstatic.com/fundingchoices/allowads/blockers/firefox/abp_power_icon-1.svg IP142.250.74.35:443
Requested byhttps://fundingchoicesmessages.google.com/s/whitelist?hl=vi CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com Fingerprint8F:81:43:71:C4:F3:8C:FA:6D:EC:B4:5E:1F:58:71:AA:48:42:0E:E9 ValidityMon, 04 Mar 2024 07:16:39 GMT - Mon, 27 May 2024 07:16:38 GMT
File typeSVG Scalable Vector Graphics image Hashc663022865c526afe63691faf0d14725 f1e821f6920fc1b9db40ccf35ed0f6fb54ea8592 56ff7605344ed5eb3a68f8edc6b048658ee714bdfed56d487cb1e1bb62eb24f8
GET /fundingchoices/allowads/blockers/firefox/abp_power_icon-1.svg HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://fundingchoicesmessages.google.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
content-encoding: br
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-length: 731
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 16 Apr 2024 09:59:27 GMT
expires: Wed, 16 Apr 2025 09:59:27 GMT
cache-control: public, max-age=31536000
age: 249074
last-modified: Thu, 02 Nov 2023 22:48:00 GMT
content-type: image/svg+xml
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| grab.nguonphimc.com/assets/3bd14e95/jquery.min.js | 94.242.50.163 | 200 OK | 34 kB |
URL GET HTTP/1.1grab.nguonphimc.com/assets/3bd14e95/jquery.min.js IP94.242.50.163:80
Requested byhttp://grab.nguonphimc.com/embed/rick-va-morty-2-rick-morty-season-2-f39687.html?api=nguonphimc.com&esp=496442&aesp=1&user=P70775&tim=1713510641&key=rVatn6GZVG5qbWVnZ2VpbGhlXlauqZmmkZ2dWG5krw
File typeJavaScript source, ASCII text, with very long lines (32077) Hash0fca26b5a37a66d68d0f4406976be4b5 ee000eb654b3bd37185665d3901e93b34ce1aa52 8c2812ded6436715279f8fd8db58de307aa39ab0296fe3cf0e879067c51e9b18
GET /assets/3bd14e95/jquery.min.js HTTP/1.1
Host: grab.nguonphimc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://grab.nguonphimc.com/embed/rick-va-morty-2-rick-morty-season-2-f39687.html?api=nguonphimc.com&esp=496442&aesp=1&user=P70775&tim=1713510641&key=rVatn6GZVG5qbWVnZ2VpbGhlXlauqZmmkZ2dWG5krw
Cookie: _ga_DDD7EKFG6W=GS1.1.1713510640.1.0.1713510640.0.0.0; _ga=GA1.1.170140957.1713510640; PHPSESSID=4m1nt5lg3no64vfi0j3ic3bn94; us_session_id=P70785
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 19 Apr 2024 07:10:41 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.0.33
Last-Modified: Wed, 30 Nov 2022 09:07:34 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: max-age=31536000, proxy-revalidate
Expires: Sat, 19 Apr 2025 07:10:41 GMT
Content-Length: 33693
Connection: close
Content-Type: application/javascript; charset=utf-8
|
|
| grab.nguonphimc.com/js/main.min.js?v=2.4.8.2 | 94.242.50.163 | 200 OK | 5.6 kB |
URL GET HTTP/1.1grab.nguonphimc.com/js/main.min.js?v=2.4.8.2 IP94.242.50.163:80
Requested byhttp://grab.nguonphimc.com/embed/rick-va-morty-2-rick-morty-season-2-f39687.html?api=nguonphimc.com&esp=496442&aesp=1&user=P70775&tim=1713510641&key=rVatn6GZVG5qbWVnZ2VpbGhlXlauqZmmkZ2dWG5krw
File typeJavaScript source, Unicode text, UTF-8 text, with very long lines (17159) Hash2f3514d630f0195787c0f99778202f3c 2ce2883a59c655b8e02d644a1449fcdfdf604486 23b47b8eb144a359fdd87940db44e0420e7e0062f3cbba762e0e22c35afb3749
GET /js/main.min.js?v=2.4.8.2 HTTP/1.1
Host: grab.nguonphimc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://grab.nguonphimc.com/embed/rick-va-morty-2-rick-morty-season-2-f39687.html?api=nguonphimc.com&esp=496442&aesp=1&user=P70775&tim=1713510641&key=rVatn6GZVG5qbWVnZ2VpbGhlXlauqZmmkZ2dWG5krw
Cookie: _ga_DDD7EKFG6W=GS1.1.1713510640.1.0.1713510640.0.0.0; _ga=GA1.1.170140957.1713510640; PHPSESSID=4m1nt5lg3no64vfi0j3ic3bn94; us_session_id=P70785
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 19 Apr 2024 07:10:41 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.0.33
Last-Modified: Sat, 02 May 2020 19:55:57 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: max-age=31536000, proxy-revalidate
Expires: Sat, 19 Apr 2025 07:10:41 GMT
Content-Length: 5620
Connection: close
Content-Type: application/javascript; charset=utf-8
|
|
| grab.nguonphimc.com/assets/b2993a05/jwplayer.js?ver=2.4.8.2 | 94.242.50.163 | 200 OK | 39 kB |
URL GET HTTP/1.1grab.nguonphimc.com/assets/b2993a05/jwplayer.js?ver=2.4.8.2 IP94.242.50.163:80
Requested byhttp://grab.nguonphimc.com/embed/rick-va-morty-2-rick-morty-season-2-f39687.html?api=nguonphimc.com&esp=496442&aesp=1&user=P70775&tim=1713510641&key=rVatn6GZVG5qbWVnZ2VpbGhlXlauqZmmkZ2dWG5krw
File typeJavaScript source, Unicode text, UTF-8 text, with very long lines (65140) Hash637800d55d2ac43cd3c4a864fac04661 bfb57b2bbe30a271e945e5d36027d69fb01b24cf 2aac7ee38577a71b8f0ec381c7836fc29274407517b9038e879fa762651dc5fc
GET /assets/b2993a05/jwplayer.js?ver=2.4.8.2 HTTP/1.1
Host: grab.nguonphimc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://grab.nguonphimc.com/embed/rick-va-morty-2-rick-morty-season-2-f39687.html?api=nguonphimc.com&esp=496442&aesp=1&user=P70775&tim=1713510641&key=rVatn6GZVG5qbWVnZ2VpbGhlXlauqZmmkZ2dWG5krw
Cookie: _ga_DDD7EKFG6W=GS1.1.1713510640.1.0.1713510640.0.0.0; _ga=GA1.1.170140957.1713510640; PHPSESSID=4m1nt5lg3no64vfi0j3ic3bn94; us_session_id=P70785
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 19 Apr 2024 07:10:41 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.0.33
Last-Modified: Wed, 30 Nov 2022 09:07:45 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: max-age=31536000, proxy-revalidate
Expires: Sat, 19 Apr 2025 07:10:41 GMT
Content-Length: 39208
Connection: close
Content-Type: application/javascript; charset=utf-8
|
|
| www.gstatic.com/_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingAdwallUi.vi.pWvgqKnqE8Y.es5.O/ck=boq-content-ads-contributor.ContributorServingAdwallUi.payteTO1wl8.L.F4.O/am=gKEb/d=1/exm=BWd0oe,_b,_tp/excm=_b,_tp,allowadsview/ed=1/wt=2/ujg=1/rs=AJlcJMzSUfO5Mm9PUNsFdowDQWxkjdegOQ/ee=EmZ2Bf:zr1jrb;JsbNhc:Xd8iUd;LBgRLc:XVMNvd;NPKaK:PVlQOd;SNUn3:ZwDk9d;cEt90b:ws9Tlc;dIoSBb:SpsfSb;eBAeSb:zbML3c;iFQyKf:vfuNJf;nAFL3:NTMZac;oGtAuc:sOXFj;qddgKe:xQtZb;wR5FRb:siKnQd;yxTchf:KUM7Z/m=soHxf | 142.250.74.35 | 200 OK | 9.3 kB |
URL GET HTTP/3www.gstatic.com/_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingAdwallUi.vi.pWvgqKnqE8Y.es5.O/ck=boq-content-ads-contributor.ContributorServingAdwallUi.payteTO1wl8.L.F4.O/am=gKEb/d=1/exm=BWd0oe,_b,_tp/excm=_b,_tp,allowadsview/ed=1/wt=2/ujg=1/rs=AJlcJMzSUfO5Mm9PUNsFdowDQWxkjdegOQ/ee=EmZ2Bf:zr1jrb;JsbNhc:Xd8iUd;LBgRLc:XVMNvd;NPKaK:PVlQOd;SNUn3:ZwDk9d;cEt90b:ws9Tlc;dIoSBb:SpsfSb;eBAeSb:zbML3c;iFQyKf:vfuNJf;nAFL3:NTMZac;oGtAuc:sOXFj;qddgKe:xQtZb;wR5FRb:siKnQd;yxTchf:KUM7Z/m=soHxf IP142.250.74.35:443
Requested byhttps://fundingchoicesmessages.google.com/s/whitelist?hl=vi CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com Fingerprint8F:81:43:71:C4:F3:8C:FA:6D:EC:B4:5E:1F:58:71:AA:48:42:0E:E9 ValidityMon, 04 Mar 2024 07:16:39 GMT - Mon, 27 May 2024 07:16:38 GMT
File typeJavaScript source, ASCII text, with very long lines (1226) Hash0df69be878f840c3ece59615858c5009 65d903b30ab94d986ae198622811f39576d4da4c b51d740f6556a23458f1715f7183de04394c359a5d5645175c914c880a7e0a16
GET /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingAdwallUi.vi.pWvgqKnqE8Y.es5.O/ck=boq-content-ads-contributor.ContributorServingAdwallUi.payteTO1wl8.L.F4.O/am=gKEb/d=1/exm=BWd0oe,_b,_tp/excm=_b,_tp,allowadsview/ed=1/wt=2/ujg=1/rs=AJlcJMzSUfO5Mm9PUNsFdowDQWxkjdegOQ/ee=EmZ2Bf:zr1jrb;JsbNhc:Xd8iUd;LBgRLc:XVMNvd;NPKaK:PVlQOd;SNUn3:ZwDk9d;cEt90b:ws9Tlc;dIoSBb:SpsfSb;eBAeSb:zbML3c;iFQyKf:vfuNJf;nAFL3:NTMZac;oGtAuc:sOXFj;qddgKe:xQtZb;wR5FRb:siKnQd;yxTchf:KUM7Z/m=soHxf HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://fundingchoicesmessages.google.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/content-ads-contributor-boq-js-css-signers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="boq-infra/content-ads-contributor-boq-js-css-signers"
report-to: {"group":"boq-infra/content-ads-contributor-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/content-ads-contributor-boq-js-css-signers"}]}
content-length: 9278
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 19 Apr 2024 03:37:05 GMT
expires: Sat, 19 Apr 2025 03:37:05 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Sun, 14 Apr 2024 07:33:00 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
age: 12816
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| grab.nguonphimc.com/themes/np/css/color.css?v=2.4.8.2 | 94.242.50.163 | 200 OK | 80 kB |
URL GET HTTP/1.1grab.nguonphimc.com/themes/np/css/color.css?v=2.4.8.2 IP94.242.50.163:80
Requested byhttp://grab.nguonphimc.com/embed/rick-va-morty-2-rick-morty-season-2-f39687.html?api=nguonphimc.com&esp=496442&aesp=1&user=P70775&tim=1713510641&key=rVatn6GZVG5qbWVnZ2VpbGhlXlauqZmmkZ2dWG5krw
File typeUnicode text, UTF-8 (with BOM) text, with very long lines (65533), with no line terminators Hash9ccfae82c1f9be3cf7c148a39228f53c 9abd7857d28f34c5007b11ee53d2818482775163 d962cf8c297e2b013c20dadac3f99d1af50957de8e1d1de8b4ea960fbd6fd7b6
GET /themes/np/css/color.css?v=2.4.8.2 HTTP/1.1
Host: grab.nguonphimc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://grab.nguonphimc.com/embed/rick-va-morty-2-rick-morty-season-2-f39687.html?api=nguonphimc.com&esp=496442&aesp=1&user=P70775&tim=1713510641&key=rVatn6GZVG5qbWVnZ2VpbGhlXlauqZmmkZ2dWG5krw
Cookie: _ga_DDD7EKFG6W=GS1.1.1713510640.1.0.1713510640.0.0.0; _ga=GA1.1.170140957.1713510640; PHPSESSID=4m1nt5lg3no64vfi0j3ic3bn94; us_session_id=P70785
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 19 Apr 2024 07:10:41 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.0.33
Last-Modified: Wed, 30 Nov 2022 08:58:35 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: max-age=31536000, proxy-revalidate
Expires: Sat, 19 Apr 2025 07:10:41 GMT
Connection: close
Transfer-Encoding: chunked
Content-Type: text/css; charset=utf-8
|
|
| www.gstatic.com/_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingAdwallUi.vi.pWvgqKnqE8Y.es5.O/ck=boq-content-ads-contributor.ContributorServingAdwallUi.payteTO1wl8.L.F4.O/am=gKEb/d=1/exm=BWd0oe,_b,_tp,soHxf/excm=_b,_tp,allowadsview/ed=1/wt=2/ujg=1/rs=AJlcJMzSUfO5Mm9PUNsFdowDQWxkjdegOQ/ee=EmZ2Bf:zr1jrb;JsbNhc:Xd8iUd;LBgRLc:XVMNvd;NPKaK:PVlQOd;SNUn3:ZwDk9d;cEt90b:ws9Tlc;dIoSBb:SpsfSb;eBAeSb:zbML3c;iFQyKf:vfuNJf;nAFL3:NTMZac;oGtAuc:sOXFj;qddgKe:xQtZb;wR5FRb:siKnQd;yxTchf:KUM7Z/m=Wt6vjf,hhhU8,FCpbqb,ws9Tlc,WhJNk | 142.250.74.35 | 200 OK | 3.5 kB |
URL GET HTTP/3www.gstatic.com/_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingAdwallUi.vi.pWvgqKnqE8Y.es5.O/ck=boq-content-ads-contributor.ContributorServingAdwallUi.payteTO1wl8.L.F4.O/am=gKEb/d=1/exm=BWd0oe,_b,_tp,soHxf/excm=_b,_tp,allowadsview/ed=1/wt=2/ujg=1/rs=AJlcJMzSUfO5Mm9PUNsFdowDQWxkjdegOQ/ee=EmZ2Bf:zr1jrb;JsbNhc:Xd8iUd;LBgRLc:XVMNvd;NPKaK:PVlQOd;SNUn3:ZwDk9d;cEt90b:ws9Tlc;dIoSBb:SpsfSb;eBAeSb:zbML3c;iFQyKf:vfuNJf;nAFL3:NTMZac;oGtAuc:sOXFj;qddgKe:xQtZb;wR5FRb:siKnQd;yxTchf:KUM7Z/m=Wt6vjf,hhhU8,FCpbqb,ws9Tlc,WhJNk IP142.250.74.35:443
Requested byhttps://fundingchoicesmessages.google.com/s/whitelist?hl=vi CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com Fingerprint8F:81:43:71:C4:F3:8C:FA:6D:EC:B4:5E:1F:58:71:AA:48:42:0E:E9 ValidityMon, 04 Mar 2024 07:16:39 GMT - Mon, 27 May 2024 07:16:38 GMT
File typeJavaScript source, ASCII text, with very long lines (763) Hashab1564f0dc81e3cdd5ded3cc022d6364 821fe2a008e172df73c12e0a3d2eb6da3c4cb717 872b63440dfdc5f5b4b42cddd6aa1ce863efcd72d3816e927dcd3cd65c2b06c3
GET /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingAdwallUi.vi.pWvgqKnqE8Y.es5.O/ck=boq-content-ads-contributor.ContributorServingAdwallUi.payteTO1wl8.L.F4.O/am=gKEb/d=1/exm=BWd0oe,_b,_tp,soHxf/excm=_b,_tp,allowadsview/ed=1/wt=2/ujg=1/rs=AJlcJMzSUfO5Mm9PUNsFdowDQWxkjdegOQ/ee=EmZ2Bf:zr1jrb;JsbNhc:Xd8iUd;LBgRLc:XVMNvd;NPKaK:PVlQOd;SNUn3:ZwDk9d;cEt90b:ws9Tlc;dIoSBb:SpsfSb;eBAeSb:zbML3c;iFQyKf:vfuNJf;nAFL3:NTMZac;oGtAuc:sOXFj;qddgKe:xQtZb;wR5FRb:siKnQd;yxTchf:KUM7Z/m=Wt6vjf,hhhU8,FCpbqb,ws9Tlc,WhJNk HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://fundingchoicesmessages.google.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/content-ads-contributor-boq-js-css-signers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="boq-infra/content-ads-contributor-boq-js-css-signers"
report-to: {"group":"boq-infra/content-ads-contributor-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/content-ads-contributor-boq-js-css-signers"}]}
content-length: 3490
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 19 Apr 2024 03:37:05 GMT
expires: Sat, 19 Apr 2025 03:37:05 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Sun, 14 Apr 2024 07:33:00 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
age: 12816
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| grab.nguonphimc.com/img/loading_film.gif | 94.242.50.163 | 200 OK | 1.9 kB |
URL GET HTTP/1.1grab.nguonphimc.com/img/loading_film.gif IP94.242.50.163:80
Requested byhttp://grab.nguonphimc.com/embed/rick-va-morty-2-rick-morty-season-2-f39687.html?api=nguonphimc.com&esp=496442&aesp=1&user=P70775&tim=1713510641&key=rVatn6GZVG5qbWVnZ2VpbGhlXlauqZmmkZ2dWG5krw
File typeGIF image data, version 89a, 34 x 34 Hashb9d35ba13f16629ec47d785d61d2204c 680ccabf459357685db0c404f4ef23543e735729 43b3f6a202a86e29f40d8a102cf62565fcdc07cebb55185f13eb86b0fbc8c5e6
GET /img/loading_film.gif HTTP/1.1
Host: grab.nguonphimc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://grab.nguonphimc.com/embed/rick-va-morty-2-rick-morty-season-2-f39687.html?api=nguonphimc.com&esp=496442&aesp=1&user=P70775&tim=1713510641&key=rVatn6GZVG5qbWVnZ2VpbGhlXlauqZmmkZ2dWG5krw
Cookie: _ga_DDD7EKFG6W=GS1.1.1713510640.1.0.1713510640.0.0.0; _ga=GA1.1.170140957.1713510640; PHPSESSID=4m1nt5lg3no64vfi0j3ic3bn94; us_session_id=P70785
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 19 Apr 2024 07:10:41 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.0.33
Last-Modified: Mon, 25 Dec 2017 07:17:53 GMT
Accept-Ranges: bytes
Content-Length: 1924
Cache-Control: max-age=2592000, public
Expires: Sun, 19 May 2024 07:10:41 GMT
Connection: close
Content-Type: image/gif
|
|
| www.gstatic.com/_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingAdwallUi.vi.pWvgqKnqE8Y.es5.O/ck=boq-content-ads-contributor.ContributorServingAdwallUi.payteTO1wl8.L.F4.O/am=gKEb/d=1/exm=BWd0oe,FCpbqb,WhJNk,Wt6vjf,_b,_tp,hhhU8,soHxf,ws9Tlc/excm=_b,_tp,allowadsview/ed=1/wt=2/ujg=1/rs=AJlcJMzSUfO5Mm9PUNsFdowDQWxkjdegOQ/ee=EmZ2Bf:zr1jrb;JsbNhc:Xd8iUd;LBgRLc:XVMNvd;NPKaK:PVlQOd;SNUn3:ZwDk9d;cEt90b:ws9Tlc;dIoSBb:SpsfSb;eBAeSb:zbML3c;iFQyKf:vfuNJf;nAFL3:NTMZac;oGtAuc:sOXFj;qddgKe:xQtZb;wR5FRb:siKnQd;yxTchf:KUM7Z/m=byfTOb,lsjVmc,LEikZe,lwddkf,EFQ78c | 142.250.74.35 | 200 OK | 13 kB |
URL GET HTTP/3www.gstatic.com/_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingAdwallUi.vi.pWvgqKnqE8Y.es5.O/ck=boq-content-ads-contributor.ContributorServingAdwallUi.payteTO1wl8.L.F4.O/am=gKEb/d=1/exm=BWd0oe,FCpbqb,WhJNk,Wt6vjf,_b,_tp,hhhU8,soHxf,ws9Tlc/excm=_b,_tp,allowadsview/ed=1/wt=2/ujg=1/rs=AJlcJMzSUfO5Mm9PUNsFdowDQWxkjdegOQ/ee=EmZ2Bf:zr1jrb;JsbNhc:Xd8iUd;LBgRLc:XVMNvd;NPKaK:PVlQOd;SNUn3:ZwDk9d;cEt90b:ws9Tlc;dIoSBb:SpsfSb;eBAeSb:zbML3c;iFQyKf:vfuNJf;nAFL3:NTMZac;oGtAuc:sOXFj;qddgKe:xQtZb;wR5FRb:siKnQd;yxTchf:KUM7Z/m=byfTOb,lsjVmc,LEikZe,lwddkf,EFQ78c IP142.250.74.35:443
Requested byhttps://fundingchoicesmessages.google.com/s/whitelist?hl=vi CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com Fingerprint8F:81:43:71:C4:F3:8C:FA:6D:EC:B4:5E:1F:58:71:AA:48:42:0E:E9 ValidityMon, 04 Mar 2024 07:16:39 GMT - Mon, 27 May 2024 07:16:38 GMT
File typeJavaScript source, ASCII text, with very long lines (1600) Hashab199b9dc5faf341e688a4c9196b0874 fdf2ccb808e05f2789ced334d3d18e13ec59d71c 454a7e35fa7a6c0a52d616009ce1964375308a1b839a87095780df64b70c4e0e
GET /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingAdwallUi.vi.pWvgqKnqE8Y.es5.O/ck=boq-content-ads-contributor.ContributorServingAdwallUi.payteTO1wl8.L.F4.O/am=gKEb/d=1/exm=BWd0oe,FCpbqb,WhJNk,Wt6vjf,_b,_tp,hhhU8,soHxf,ws9Tlc/excm=_b,_tp,allowadsview/ed=1/wt=2/ujg=1/rs=AJlcJMzSUfO5Mm9PUNsFdowDQWxkjdegOQ/ee=EmZ2Bf:zr1jrb;JsbNhc:Xd8iUd;LBgRLc:XVMNvd;NPKaK:PVlQOd;SNUn3:ZwDk9d;cEt90b:ws9Tlc;dIoSBb:SpsfSb;eBAeSb:zbML3c;iFQyKf:vfuNJf;nAFL3:NTMZac;oGtAuc:sOXFj;qddgKe:xQtZb;wR5FRb:siKnQd;yxTchf:KUM7Z/m=byfTOb,lsjVmc,LEikZe,lwddkf,EFQ78c HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://fundingchoicesmessages.google.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/content-ads-contributor-boq-js-css-signers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="boq-infra/content-ads-contributor-boq-js-css-signers"
report-to: {"group":"boq-infra/content-ads-contributor-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/content-ads-contributor-boq-js-css-signers"}]}
content-length: 12692
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 19 Apr 2024 03:37:05 GMT
expires: Sat, 19 Apr 2025 03:37:05 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Sun, 14 Apr 2024 07:33:00 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
age: 12816
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| www.gstatic.com/_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingAdwallUi.vi.pWvgqKnqE8Y.es5.O/ck=boq-content-ads-contributor.ContributorServingAdwallUi.payteTO1wl8.L.F4.O/am=gKEb/d=1/exm=BWd0oe,EFQ78c,FCpbqb,LEikZe,WhJNk,Wt6vjf,_b,_tp,byfTOb,hhhU8,lsjVmc,lwddkf,soHxf,ws9Tlc/excm=_b,_tp,allowadsview/ed=1/wt=2/ujg=1/rs=AJlcJMzSUfO5Mm9PUNsFdowDQWxkjdegOQ/ee=EmZ2Bf:zr1jrb;JsbNhc:Xd8iUd;LBgRLc:XVMNvd;NPKaK:PVlQOd;SNUn3:ZwDk9d;cEt90b:ws9Tlc;dIoSBb:SpsfSb;eBAeSb:zbML3c;iFQyKf:vfuNJf;nAFL3:NTMZac;oGtAuc:sOXFj;qddgKe:xQtZb;wR5FRb:siKnQd;yxTchf:KUM7Z/m=RqjULd | 142.250.74.35 | 200 OK | 12 kB |
URL GET HTTP/3www.gstatic.com/_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingAdwallUi.vi.pWvgqKnqE8Y.es5.O/ck=boq-content-ads-contributor.ContributorServingAdwallUi.payteTO1wl8.L.F4.O/am=gKEb/d=1/exm=BWd0oe,EFQ78c,FCpbqb,LEikZe,WhJNk,Wt6vjf,_b,_tp,byfTOb,hhhU8,lsjVmc,lwddkf,soHxf,ws9Tlc/excm=_b,_tp,allowadsview/ed=1/wt=2/ujg=1/rs=AJlcJMzSUfO5Mm9PUNsFdowDQWxkjdegOQ/ee=EmZ2Bf:zr1jrb;JsbNhc:Xd8iUd;LBgRLc:XVMNvd;NPKaK:PVlQOd;SNUn3:ZwDk9d;cEt90b:ws9Tlc;dIoSBb:SpsfSb;eBAeSb:zbML3c;iFQyKf:vfuNJf;nAFL3:NTMZac;oGtAuc:sOXFj;qddgKe:xQtZb;wR5FRb:siKnQd;yxTchf:KUM7Z/m=RqjULd IP142.250.74.35:443
Requested byhttps://fundingchoicesmessages.google.com/s/whitelist?hl=vi CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com Fingerprint8F:81:43:71:C4:F3:8C:FA:6D:EC:B4:5E:1F:58:71:AA:48:42:0E:E9 ValidityMon, 04 Mar 2024 07:16:39 GMT - Mon, 27 May 2024 07:16:38 GMT
File typeJavaScript source, ASCII text, with very long lines (2968) Hashf5c7fc324e43f85696f2873b1fe2a8d4 7d90bee3a4626a8766fad6ba57e8a065b9c5d19f 5485453d1c290f9728e0756544aea1360eaf9a5b5555d1017b69d213d3d82455
GET /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingAdwallUi.vi.pWvgqKnqE8Y.es5.O/ck=boq-content-ads-contributor.ContributorServingAdwallUi.payteTO1wl8.L.F4.O/am=gKEb/d=1/exm=BWd0oe,EFQ78c,FCpbqb,LEikZe,WhJNk,Wt6vjf,_b,_tp,byfTOb,hhhU8,lsjVmc,lwddkf,soHxf,ws9Tlc/excm=_b,_tp,allowadsview/ed=1/wt=2/ujg=1/rs=AJlcJMzSUfO5Mm9PUNsFdowDQWxkjdegOQ/ee=EmZ2Bf:zr1jrb;JsbNhc:Xd8iUd;LBgRLc:XVMNvd;NPKaK:PVlQOd;SNUn3:ZwDk9d;cEt90b:ws9Tlc;dIoSBb:SpsfSb;eBAeSb:zbML3c;iFQyKf:vfuNJf;nAFL3:NTMZac;oGtAuc:sOXFj;qddgKe:xQtZb;wR5FRb:siKnQd;yxTchf:KUM7Z/m=RqjULd HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://fundingchoicesmessages.google.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/content-ads-contributor-boq-js-css-signers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="boq-infra/content-ads-contributor-boq-js-css-signers"
report-to: {"group":"boq-infra/content-ads-contributor-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/content-ads-contributor-boq-js-css-signers"}]}
content-length: 11750
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 19 Apr 2024 03:37:05 GMT
expires: Sat, 19 Apr 2025 03:37:05 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Sun, 14 Apr 2024 07:33:00 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
age: 12816
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| ssl.p.jwpcdn.com/player/plugins/vast/v/8.10.0/vast.js | 151.101.66.114 | | 32 kB |
URL GET ssl.p.jwpcdn.com/player/plugins/vast/v/8.10.0/vast.js IP151.101.66.114:0
Requested byhttp://grab.nguonphimc.com/embed/rick-va-morty-2-rick-morty-season-2-f39687.html?api=nguonphimc.com&esp=496442&aesp=1&user=P70775&tim=1713510641&key=rVatn6GZVG5qbWVnZ2VpbGhlXlauqZmmkZ2dWG5krw
File typeJavaScript source, ASCII text, with very long lines (65536), with no line terminators Hash88bdba98e65bc6103f4f8d3324cb4830 d46bed8cc92bc982d6ba160097982bef594f1b99 cf61db6ec36f7680b3186b905485131cb1c87d894e16d94ba92352516f7e80e7
GET /player/plugins/vast/v/8.10.0/vast.js HTTP/1.1
Host: ssl.p.jwpcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://grab.nguonphimc.com/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Connection: keep-alive
Content-Length: 31611
Cache-Control: max-age=31536000, immutable
Last-Modified: Thu, 02 Dec 2021 18:13:12 GMT
ETag: "88bdba98e65bc6103f4f8d3324cb4830"
Content-Type: text/plain
Server: AmazonS3
Content-Encoding: gzip
Accept-Ranges: bytes
Date: Fri, 19 Apr 2024 07:10:41 GMT
Via: 1.1 varnish
Age: 889314
X-Served-By: cache-hel1410031-HEL
X-Cache: HIT
X-Cache-Hits: 4160
X-Timer: S1713510642.875082,VS0,VE0
Vary: Accept-Encoding
Access-Control-Allow-Origin: *
|
|
| pleasantpaltryconnections.com/sbar.json?key=5b28bb3338748187b2166508de2d96b3&uuid=ffcf9cf4-4c7f-4c68-bb56-4add86711f89%3A3%3A1 | 192.243.61.227 | 200 OK | 6.7 kB |
URL GET HTTP/1.1pleasantpaltryconnections.com/sbar.json?key=5b28bb3338748187b2166508de2d96b3&uuid=ffcf9cf4-4c7f-4c68-bb56-4add86711f89%3A3%3A1 IP192.243.61.227:443 ASN#39572 DataWeb Global Group B.V.
Requested byhttp://nguonphimc.com/xem-phim/rick-va-morty-2-rick-morty-season-2-f39687.html CertificateIssuerLet's Encrypt Subjectpleasantpaltryconnections.com Fingerprint99:F7:20:AC:E5:CE:C1:BC:60:70:9B:07:CF:5F:D0:2C:74:19:AE:30 ValidityTue, 16 Apr 2024 10:20:13 GMT - Mon, 15 Jul 2024 10:20:12 GMT
Hash2f877994814fe6f6559f4b484a598804 c1f4a35edc235645be5f68ad6b3f7cb1465cb012 d2cc18d4d7407e079aae5eac7de9f7fb6a6d7d98723218673f88df72b482433e
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /sbar.json?key=5b28bb3338748187b2166508de2d96b3&uuid=ffcf9cf4-4c7f-4c68-bb56-4add86711f89%3A3%3A1 HTTP/1.1
Host: pleasantpaltryconnections.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://nguonphimc.com
DNT: 1
Connection: keep-alive
Referer: http://nguonphimc.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Fri, 19 Apr 2024 07:10:41 GMT
Content-Type: text/plain; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: http://nguonphimc.com
Access-Control-Allow-Origin: http://nguonphimc.com
Access-Control-Allow-Credentials: true
Set-Cookie: u_pl=17093374; expires=Sat, 20 Apr 2024 07:10:41 GMT; secure; SameSite=None
uid_id2=ffcf9cf4-4c7f-4c68-bb56-4add86711f89:3:1; expires=Fri, 26 Apr 2024 07:10:41 GMT; secure; SameSite=None
pdhtkv=true; expires=Sat, 20 Apr 2024 07:10:41 GMT; secure; SameSite=None
uncs=1; expires=Sat, 20 Apr 2024 07:10:41 GMT; secure; SameSite=None
pdhtkv29=true; expires=Sat, 20 Apr 2024 07:10:41 GMT; secure; SameSite=None
uncs29=1; expires=Sat, 20 Apr 2024 07:10:41 GMT; secure; SameSite=None
slec5b28bb3338748187b2166508de2d96b3=[3078195,3078189]; expires=Fri, 19 Apr 2024 07:10:46 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 8b08169dab561bac8776edc90632219e
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
|
|
| fonts.googleapis.com/css?family=Open+Sans:300,300i,400,400i,600,600i,700,700i,800,800i|Roboto:100,100i,300,300i,400,400i,500,500i,700,700i,900,900i&subset=latin-ext,vietnamese | 142.250.74.106 | 200 OK | 23 kB |
URL GET HTTP/3fonts.googleapis.com/css?family=Open+Sans:300,300i,400,400i,600,600i,700,700i,800,800i|Roboto:100,100i,300,300i,400,400i,500,500i,700,700i,900,900i&subset=latin-ext,vietnamese IP142.250.74.106:443
Requested byhttp://grab.nguonphimc.com/embed/rick-va-morty-2-rick-morty-season-2-f39687.html?api=nguonphimc.com&esp=496442&aesp=1&user=P70775&tim=1713510641&key=rVatn6GZVG5qbWVnZ2VpbGhlXlauqZmmkZ2dWG5krw CertificateIssuerGoogle Trust Services LLC Subjectupload.video.google.com Fingerprint47:5A:64:7D:9F:47:34:07:31:91:97:F7:04:42:7A:D5:EA:AD:07:4E ValidityMon, 04 Mar 2024 07:16:44 GMT - Mon, 27 May 2024 07:16:43 GMT
File typeASCII text, with very long lines (1572) Hashf7c3451dfc365d7c71466a3275971d98 17e58c34961d2f7aede1b7c9de30e03e005db074 7a2100b9b357dce327405a71f07e84039e033e0559ff79cc45d8fff9d3419706
GET /css?family=Open+Sans:300,300i,400,400i,600,600i,700,700i,800,800i|Roboto:100,100i,300,300i,400,400i,500,500i,700,700i,900,900i&subset=latin-ext,vietnamese HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://grab.nguonphimc.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Fri, 19 Apr 2024 07:10:41 GMT
date: Fri, 19 Apr 2024 07:10:41 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| ssl.p.jwpcdn.com/player/v/8.24.0/jwplayer.core.controls.html5.js | 151.101.66.114 | 200 OK | 94 kB |
URL GET HTTP/1.1ssl.p.jwpcdn.com/player/v/8.24.0/jwplayer.core.controls.html5.js IP151.101.66.114:80
Requested byhttp://grab.nguonphimc.com/embed/rick-va-morty-2-rick-morty-season-2-f39687.html?api=nguonphimc.com&esp=496442&aesp=1&user=P70775&tim=1713510641&key=rVatn6GZVG5qbWVnZ2VpbGhlXlauqZmmkZ2dWG5krw
File typeJavaScript source, Unicode text, UTF-8 text, with very long lines (65135) Hashe2ac36ede4d0b25455f3d5b9a51e718b 98eef89297a28352ab5b5d9814c8977ff805f713 a34f8bc84784c968be9b5dd5de4dda1f18166bc096866c51c792f8ddada9fad3
GET /player/v/8.24.0/jwplayer.core.controls.html5.js HTTP/1.1
Host: ssl.p.jwpcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://grab.nguonphimc.com/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Connection: keep-alive
Content-Length: 93881
Cache-Control: max-age=31536000, immutable
Last-Modified: Wed, 15 Dec 2021 01:03:59 GMT
ETag: "e2ac36ede4d0b25455f3d5b9a51e718b"
Content-Type: application/javascript
Server: AmazonS3
Content-Encoding: gzip
Accept-Ranges: bytes
Date: Fri, 19 Apr 2024 07:10:41 GMT
Via: 1.1 varnish
Age: 893788
X-Served-By: cache-hel1410031-HEL
X-Cache: HIT
X-Cache-Hits: 345
X-Timer: S1713510642.892845,VS0,VE0
Vary: Accept-Encoding
Access-Control-Allow-Origin: *
|
|
| grab.nguonphimc.com/themes/np/fonts/fontawesome-webfont.woff2?v=4.7.0 | 94.242.50.163 | 200 OK | 77 kB |
URL GET HTTP/1.1grab.nguonphimc.com/themes/np/fonts/fontawesome-webfont.woff2?v=4.7.0 IP94.242.50.163:80
Requested byhttp://grab.nguonphimc.com/embed/rick-va-morty-2-rick-morty-season-2-f39687.html?api=nguonphimc.com&esp=496442&aesp=1&user=P70775&tim=1713510641&key=rVatn6GZVG5qbWVnZ2VpbGhlXlauqZmmkZ2dWG5krw
File typeWeb Open Font Format (Version 2), TrueType, length 77160, version 4.459 Hashaf7ae505a9eed503f8b8e6982036873e d6f48cba7d076fb6f2fd6ba993a75b9dc1ecbf0c 2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
GET /themes/np/fonts/fontawesome-webfont.woff2?v=4.7.0 HTTP/1.1
Host: grab.nguonphimc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: http://grab.nguonphimc.com/themes/np/css/color.css?v=2.4.8.2
Cookie: _ga_DDD7EKFG6W=GS1.1.1713510640.1.0.1713510640.0.0.0; _ga=GA1.1.170140957.1713510640; PHPSESSID=4m1nt5lg3no64vfi0j3ic3bn94; us_session_id=P70785
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 19 Apr 2024 07:10:41 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.0.33
Last-Modified: Fri, 19 Jan 2018 09:14:59 GMT
Accept-Ranges: bytes
Content-Length: 77160
Cache-Control: max-age=2592000
Expires: Sun, 19 May 2024 07:10:41 GMT
X-UA-Compatible: IE=edge,chrome=1
Connection: close
|
|
| entitlements.jwplayer.com/GCCG.json | 152.199.22.243 | 400 Bad Request | 71 B |
URL GET HTTP/1.1entitlements.jwplayer.com/GCCG.json IP152.199.22.243:80
Requested byhttp://grab.nguonphimc.com/embed/rick-va-morty-2-rick-morty-season-2-f39687.html?api=nguonphimc.com&esp=496442&aesp=1&user=P70775&tim=1713510641&key=rVatn6GZVG5qbWVnZ2VpbGhlXlauqZmmkZ2dWG5krw
Hash5534f424f1d6586164a58758f3e2c51a ef37ca3d8831aaad699430dcaa9967469542d602 f28df38bea81995fd78f9077bff2dfc9d60ee13b8c414bc426c61c0e1b0bee86
GET /GCCG.json HTTP/1.1
Host: entitlements.jwplayer.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Origin: http://grab.nguonphimc.com
DNT: 1
Connection: keep-alive
Referer: http://grab.nguonphimc.com/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 400 Bad Request
Accept-Ranges: bytes
access-control-allow-origin: *
Age: 4857
cache-control: max-age=1800, s-maxage=17040
Content-Type: application/json
Date: Fri, 19 Apr 2024 07:10:42 GMT
Last-Modified: Fri, 19 Apr 2024 05:49:45 GMT
Server: ECAcc (ska/F77E)
X-Cache: 400-HIT
Content-Length: 71
|
|
| grab.nguonphimc.com/img/player-logo.png | 94.242.50.163 | 200 OK | 10 kB |
URL GET HTTP/1.1grab.nguonphimc.com/img/player-logo.png IP94.242.50.163:80
Requested byhttp://grab.nguonphimc.com/embed/rick-va-morty-2-rick-morty-season-2-f39687.html?api=nguonphimc.com&esp=496442&aesp=1&user=P70775&tim=1713510641&key=rVatn6GZVG5qbWVnZ2VpbGhlXlauqZmmkZ2dWG5krw
File typePNG image data, 124 x 40, 8-bit/color RGBA, interlaced Hasha9da8ca65d6ba20845e49ae6b63a0a92 f1c7861f134ba1af81047a0fda27027327b736ab 39eb6969b37ac9325026f79f791a7f8a46f9baa5976e3f0aa8b8772730af4e2c
GET /img/player-logo.png HTTP/1.1
Host: grab.nguonphimc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://grab.nguonphimc.com/embed/rick-va-morty-2-rick-morty-season-2-f39687.html?api=nguonphimc.com&esp=496442&aesp=1&user=P70775&tim=1713510641&key=rVatn6GZVG5qbWVnZ2VpbGhlXlauqZmmkZ2dWG5krw
Cookie: _ga_DDD7EKFG6W=GS1.1.1713510640.1.0.1713510640.0.0.0; _ga=GA1.1.170140957.1713510640; PHPSESSID=4m1nt5lg3no64vfi0j3ic3bn94; us_session_id=P70785
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 19 Apr 2024 07:10:42 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.0.33
Last-Modified: Mon, 25 Dec 2017 07:17:53 GMT
Accept-Ranges: bytes
Content-Length: 10065
Cache-Control: max-age=2592000, public
Expires: Sun, 19 May 2024 07:10:42 GMT
Connection: close
Content-Type: image/png
|
|
| grab.nguonphimc.com/ZXBzaG93ODMyODU5|MTI57LjIxMi4xOTIuNTp@nrtMT!UmFxMzUxMDYxMQ== | 94.242.50.163 | 206 Partial Content | 110 B |
URL GET HTTP/1.1grab.nguonphimc.com/ZXBzaG93ODMyODU5|MTI57LjIxMi4xOTIuNTp@nrtMT!UmFxMzUxMDYxMQ== IP94.242.50.163:80
Requested byhttp://grab.nguonphimc.com/embed/rick-va-morty-2-rick-morty-season-2-f39687.html?api=nguonphimc.com&esp=496442&aesp=1&user=P70775&tim=1713510641&key=rVatn6GZVG5qbWVnZ2VpbGhlXlauqZmmkZ2dWG5krw
File typeASCII text, with no line terminators Hash14a90ed998a6606ce5e24c9c245b79a3 6cf538254bdc69eac92d65bf2fe41037067773c8 d6f3f4455ab58578f517d8d816dfd4b1b51a22ba5b658b78f9d53f793bf11fc7
GET /ZXBzaG93ODMyODU5|MTI57LjIxMi4xOTIuNTp@nrtMT!UmFxMzUxMDYxMQ== HTTP/1.1
Host: grab.nguonphimc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: video/webm,video/ogg,video/*;q=0.9,application/ogg;q=0.7,audio/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
DNT: 1
Connection: keep-alive
Referer: http://grab.nguonphimc.com/embed/rick-va-morty-2-rick-morty-season-2-f39687.html?api=nguonphimc.com&esp=496442&aesp=1&user=P70775&tim=1713510641&key=rVatn6GZVG5qbWVnZ2VpbGhlXlauqZmmkZ2dWG5krw
Cookie: _ga_DDD7EKFG6W=GS1.1.1713510640.1.0.1713510640.0.0.0; _ga=GA1.1.170140957.1713510640; PHPSESSID=4m1nt5lg3no64vfi0j3ic3bn94; us_session_id=P70785
Accept-Encoding: identity
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 206 Partial Content
Date: Fri, 19 Apr 2024 07:10:42 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.0.33
X-Powered-By: PHP/7.0.33
Vary: Accept-Encoding
X-UA-Compatible: IE=edge,chrome=1
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Content-Range: bytes 0-109/110
Content-Length: 110
Connection: close
Content-Type: text/html; charset=UTF-8
|
|
| grab.nguonphimc.com/ZXBzaG93ODMyODU5|MTI57LjIxMi4xOTIuNTp@nrtMT!UmFxMzUxMDYxMQ== | 94.242.50.163 | 206 Partial Content | 110 B |
URL GET HTTP/1.1grab.nguonphimc.com/ZXBzaG93ODMyODU5|MTI57LjIxMi4xOTIuNTp@nrtMT!UmFxMzUxMDYxMQ== IP94.242.50.163:80
Requested byhttp://grab.nguonphimc.com/embed/rick-va-morty-2-rick-morty-season-2-f39687.html?api=nguonphimc.com&esp=496442&aesp=1&user=P70775&tim=1713510641&key=rVatn6GZVG5qbWVnZ2VpbGhlXlauqZmmkZ2dWG5krw
File typeASCII text, with no line terminators Hash14a90ed998a6606ce5e24c9c245b79a3 6cf538254bdc69eac92d65bf2fe41037067773c8 d6f3f4455ab58578f517d8d816dfd4b1b51a22ba5b658b78f9d53f793bf11fc7
GET /ZXBzaG93ODMyODU5|MTI57LjIxMi4xOTIuNTp@nrtMT!UmFxMzUxMDYxMQ== HTTP/1.1
Host: grab.nguonphimc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: video/webm,video/ogg,video/*;q=0.9,application/ogg;q=0.7,audio/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
DNT: 1
Connection: keep-alive
Referer: http://grab.nguonphimc.com/embed/rick-va-morty-2-rick-morty-season-2-f39687.html?api=nguonphimc.com&esp=496442&aesp=1&user=P70775&tim=1713510641&key=rVatn6GZVG5qbWVnZ2VpbGhlXlauqZmmkZ2dWG5krw
Cookie: _ga_DDD7EKFG6W=GS1.1.1713510640.1.0.1713510640.0.0.0; _ga=GA1.1.170140957.1713510640; PHPSESSID=4m1nt5lg3no64vfi0j3ic3bn94; us_session_id=P70785
Accept-Encoding: identity
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 206 Partial Content
Date: Fri, 19 Apr 2024 07:10:42 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.0.33
X-Powered-By: PHP/7.0.33
Vary: Accept-Encoding
X-UA-Compatible: IE=edge,chrome=1
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Content-Range: bytes 0-109/110
Content-Length: 110
Connection: close
Content-Type: text/html; charset=UTF-8
|
|
| grab.nguonphimc.com/ZXBzaG93ODMyODU5|MTI57LjIxMi4xOTIuNTp@nrtMT!UmFxMzUxMDYxMQ== | 94.242.50.163 | 206 Partial Content | 110 B |
URL GET HTTP/1.1grab.nguonphimc.com/ZXBzaG93ODMyODU5|MTI57LjIxMi4xOTIuNTp@nrtMT!UmFxMzUxMDYxMQ== IP94.242.50.163:80
Requested byhttp://grab.nguonphimc.com/embed/rick-va-morty-2-rick-morty-season-2-f39687.html?api=nguonphimc.com&esp=496442&aesp=1&user=P70775&tim=1713510641&key=rVatn6GZVG5qbWVnZ2VpbGhlXlauqZmmkZ2dWG5krw
File typeASCII text, with no line terminators Hash14a90ed998a6606ce5e24c9c245b79a3 6cf538254bdc69eac92d65bf2fe41037067773c8 d6f3f4455ab58578f517d8d816dfd4b1b51a22ba5b658b78f9d53f793bf11fc7
GET /ZXBzaG93ODMyODU5|MTI57LjIxMi4xOTIuNTp@nrtMT!UmFxMzUxMDYxMQ== HTTP/1.1
Host: grab.nguonphimc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: video/webm,video/ogg,video/*;q=0.9,application/ogg;q=0.7,audio/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
DNT: 1
Connection: keep-alive
Referer: http://grab.nguonphimc.com/embed/rick-va-morty-2-rick-morty-season-2-f39687.html?api=nguonphimc.com&esp=496442&aesp=1&user=P70775&tim=1713510641&key=rVatn6GZVG5qbWVnZ2VpbGhlXlauqZmmkZ2dWG5krw
Cookie: _ga_DDD7EKFG6W=GS1.1.1713510640.1.0.1713510640.0.0.0; _ga=GA1.1.170140957.1713510640; PHPSESSID=4m1nt5lg3no64vfi0j3ic3bn94; us_session_id=P70785
Accept-Encoding: identity
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 206 Partial Content
Date: Fri, 19 Apr 2024 07:10:42 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.0.33
X-Powered-By: PHP/7.0.33
Vary: Accept-Encoding
X-UA-Compatible: IE=edge,chrome=1
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Content-Range: bytes 0-109/110
Content-Length: 110
Connection: close
Content-Type: text/html; charset=UTF-8
|
|
| grab.nguonphimc.com/ZXBzaG93ODMyODU5|MTI57LjIxMi4xOTIuNTp@nrtMT!UmFxMzUxMDYxMQ== | 94.242.50.163 | 206 Partial Content | 110 B |
URL GET HTTP/1.1grab.nguonphimc.com/ZXBzaG93ODMyODU5|MTI57LjIxMi4xOTIuNTp@nrtMT!UmFxMzUxMDYxMQ== IP94.242.50.163:80
Requested byhttp://grab.nguonphimc.com/embed/rick-va-morty-2-rick-morty-season-2-f39687.html?api=nguonphimc.com&esp=496442&aesp=1&user=P70775&tim=1713510641&key=rVatn6GZVG5qbWVnZ2VpbGhlXlauqZmmkZ2dWG5krw
File typeASCII text, with no line terminators Hash14a90ed998a6606ce5e24c9c245b79a3 6cf538254bdc69eac92d65bf2fe41037067773c8 d6f3f4455ab58578f517d8d816dfd4b1b51a22ba5b658b78f9d53f793bf11fc7
GET /ZXBzaG93ODMyODU5|MTI57LjIxMi4xOTIuNTp@nrtMT!UmFxMzUxMDYxMQ== HTTP/1.1
Host: grab.nguonphimc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: video/webm,video/ogg,video/*;q=0.9,application/ogg;q=0.7,audio/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
DNT: 1
Connection: keep-alive
Referer: http://grab.nguonphimc.com/embed/rick-va-morty-2-rick-morty-season-2-f39687.html?api=nguonphimc.com&esp=496442&aesp=1&user=P70775&tim=1713510641&key=rVatn6GZVG5qbWVnZ2VpbGhlXlauqZmmkZ2dWG5krw
Cookie: _ga_DDD7EKFG6W=GS1.1.1713510640.1.0.1713510640.0.0.0; _ga=GA1.1.170140957.1713510640; PHPSESSID=4m1nt5lg3no64vfi0j3ic3bn94; us_session_id=P70785
Accept-Encoding: identity
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 206 Partial Content
Date: Fri, 19 Apr 2024 07:10:42 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.0.33
X-Powered-By: PHP/7.0.33
Vary: Accept-Encoding
X-UA-Compatible: IE=edge,chrome=1
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Content-Range: bytes 0-109/110
Content-Length: 110
Connection: close
Content-Type: text/html; charset=UTF-8
|
|
| pleasantpaltryconnections.com/ren.gif?sid=H4sIAAAAAAAC%2F1RS32scVRi9kwZ8EApKQVGEpfigYDYzs7uzs%2FahGGukGNvSKvom98fM5po7c4d75%2B5s8hQsSB8X%2F4LJ2aRBW0T%2FAKtuCiIBIetTHszfoIjFJ5Fdo4vfw3w%2FzvfBmXPup3vujIRw9PTau3pHKkVXO02%2F8cqHQXClsSFzN2wM4%2BijqH2lYQav96Km%2F2rj7YRv6dXQD3w%2F8IPGujRJqoerMxCyeNgLmj2%2F2Q6bQaeNofl%2Fb50HSz2IwRl5FlJMlx97lyD5BHn21bXEbpW6eO2tzClaaoOBOHw%2F38p1lSNblKnxkOaH59vQ9mT9EXR%2BMKcLPfhvkckp8X54BJYfnpMEG%2BzPeTKFJAcTT6MaTJCoCSSdgOu7kOKEAFzgxk3k2f0b2lR0%2Bx%2BUztApWX7yO2Q1Jcu%2FXEKefbmm5LBxRytXSp1bDNMacjiB7E9QuCOUO0uQ1RF4%2BQmk%2BImsPtlAnu3ftEpDitOX05SnPZ62V9q8m660eRSvMNaJVtpUiDjqBkEa9%2BYCSTmBTCdQyQjUXoCzHpz04FIPrvCQidMGD4Kg6wtO%2FbjHeUt0ExYJP6DdNKCBH8VwfPYPI5TFCFyNwM0uCrOLLTmCcd%2FBbtawwoMtCQaiRpUQVJagogSVJKhKgmpQHwhlQ1vfF8o6Fpzn8Dy36rEu%2B3v0QJf9JCegZgQj6r3ijDwzE9Bbnv6FreS00WFhzFir1Yq77TiIuywMoqjjxyIJRS9iLVhZQ9olUOthZ2bm92soZvnyVTB6BKuOwKUH6l4CrWrQzRo7%2BYO873ReDppcZxC6RlEuo9z29tQZeXHuYPPPFhJ%2BTM4D3NQoTI2P5WOCvro3vq0rsn9bV5Z8fbMoZSZ36MzdOyUtE%2B%2BLd5LtShtx%2FZodff4GnwGz8uF7iS03aC5k3rfkwZoUIjHr2vCEfHPdfpCwW85urjmTu2Lj1pvr17PCJNZKnU9A5cnFi%2BBySp768Y%2F5s33u7AVIM4FxNTK3YCr1EXixC1ssZlYTGLXoWeGhcvXYhGwxVJJAJYuesho2Of7213%2BPFvXY0Nk1lfWevYe%2BWQIt7yLPagxMjYGqQdUI1l0Yl4U5vvpzax5gamnMlFnaZ8qoz%2BYizz4rsPK00W21fBr1OkG3S5Mua4dxGgWC0rAdhVFEWyjtNL38%2FG9%2FAwAA%2F%2F8BAAD%2F%2F6DBPXWQBAAA | 192.243.61.227 | 200 OK | 7 B |
URL GET HTTP/1.1pleasantpaltryconnections.com/ren.gif?sid=H4sIAAAAAAAC%2F1RS32scVRi9kwZ8EApKQVGEpfigYDYzs7uzs%2FahGGukGNvSKvom98fM5po7c4d75%2B5s8hQsSB8X%2F4LJ2aRBW0T%2FAKtuCiIBIetTHszfoIjFJ5Fdo4vfw3w%2FzvfBmXPup3vujIRw9PTau3pHKkVXO02%2F8cqHQXClsSFzN2wM4%2BijqH2lYQav96Km%2F2rj7YRv6dXQD3w%2F8IPGujRJqoerMxCyeNgLmj2%2F2Q6bQaeNofl%2Fb50HSz2IwRl5FlJMlx97lyD5BHn21bXEbpW6eO2tzClaaoOBOHw%2F38p1lSNblKnxkOaH59vQ9mT9EXR%2BMKcLPfhvkckp8X54BJYfnpMEG%2BzPeTKFJAcTT6MaTJCoCSSdgOu7kOKEAFzgxk3k2f0b2lR0%2Bx%2BUztApWX7yO2Q1Jcu%2FXEKefbmm5LBxRytXSp1bDNMacjiB7E9QuCOUO0uQ1RF4%2BQmk%2BImsPtlAnu3ftEpDitOX05SnPZ62V9q8m660eRSvMNaJVtpUiDjqBkEa9%2BYCSTmBTCdQyQjUXoCzHpz04FIPrvCQidMGD4Kg6wtO%2FbjHeUt0ExYJP6DdNKCBH8VwfPYPI5TFCFyNwM0uCrOLLTmCcd%2FBbtawwoMtCQaiRpUQVJagogSVJKhKgmpQHwhlQ1vfF8o6Fpzn8Dy36rEu%2B3v0QJf9JCegZgQj6r3ijDwzE9Bbnv6FreS00WFhzFir1Yq77TiIuywMoqjjxyIJRS9iLVhZQ9olUOthZ2bm92soZvnyVTB6BKuOwKUH6l4CrWrQzRo7%2BYO873ReDppcZxC6RlEuo9z29tQZeXHuYPPPFhJ%2BTM4D3NQoTI2P5WOCvro3vq0rsn9bV5Z8fbMoZSZ36MzdOyUtE%2B%2BLd5LtShtx%2FZodff4GnwGz8uF7iS03aC5k3rfkwZoUIjHr2vCEfHPdfpCwW85urjmTu2Lj1pvr17PCJNZKnU9A5cnFi%2BBySp768Y%2F5s33u7AVIM4FxNTK3YCr1EXixC1ssZlYTGLXoWeGhcvXYhGwxVJJAJYuesho2Of7213%2BPFvXY0Nk1lfWevYe%2BWQIt7yLPagxMjYGqQdUI1l0Yl4U5vvpzax5gamnMlFnaZ8qoz%2BYizz4rsPK00W21fBr1OkG3S5Mua4dxGgWC0rAdhVFEWyjtNL38%2FG9%2FAwAA%2F%2F8BAAD%2F%2F6DBPXWQBAAA IP192.243.61.227:443 ASN#39572 DataWeb Global Group B.V.
Requested byhttp://nguonphimc.com/xem-phim/rick-va-morty-2-rick-morty-season-2-f39687.html CertificateIssuerLet's Encrypt Subjectpleasantpaltryconnections.com Fingerprint99:F7:20:AC:E5:CE:C1:BC:60:70:9B:07:CF:5F:D0:2C:74:19:AE:30 ValidityTue, 16 Apr 2024 10:20:13 GMT - Mon, 15 Jul 2024 10:20:12 GMT
File typeASCII text, with no line terminators Hash132d6af1b46048b45cf86cdee7991d31 eb7007d03d59b65bc6da7e098c4d38fc6dfb6285 ab852e838deccd742a03ca81d4a8d75cf1a00b327db3eaf46bd7da6b6db9384c
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /ren.gif?sid=H4sIAAAAAAAC%2F1RS32scVRi9kwZ8EApKQVGEpfigYDYzs7uzs%2FahGGukGNvSKvom98fM5po7c4d75%2B5s8hQsSB8X%2F4LJ2aRBW0T%2FAKtuCiIBIetTHszfoIjFJ5Fdo4vfw3w%2FzvfBmXPup3vujIRw9PTau3pHKkVXO02%2F8cqHQXClsSFzN2wM4%2BijqH2lYQav96Km%2F2rj7YRv6dXQD3w%2F8IPGujRJqoerMxCyeNgLmj2%2F2Q6bQaeNofl%2Fb50HSz2IwRl5FlJMlx97lyD5BHn21bXEbpW6eO2tzClaaoOBOHw%2F38p1lSNblKnxkOaH59vQ9mT9EXR%2BMKcLPfhvkckp8X54BJYfnpMEG%2BzPeTKFJAcTT6MaTJCoCSSdgOu7kOKEAFzgxk3k2f0b2lR0%2Bx%2BUztApWX7yO2Q1Jcu%2FXEKefbmm5LBxRytXSp1bDNMacjiB7E9QuCOUO0uQ1RF4%2BQmk%2BImsPtlAnu3ftEpDitOX05SnPZ62V9q8m660eRSvMNaJVtpUiDjqBkEa9%2BYCSTmBTCdQyQjUXoCzHpz04FIPrvCQidMGD4Kg6wtO%2FbjHeUt0ExYJP6DdNKCBH8VwfPYPI5TFCFyNwM0uCrOLLTmCcd%2FBbtawwoMtCQaiRpUQVJagogSVJKhKgmpQHwhlQ1vfF8o6Fpzn8Dy36rEu%2B3v0QJf9JCegZgQj6r3ijDwzE9Bbnv6FreS00WFhzFir1Yq77TiIuywMoqjjxyIJRS9iLVhZQ9olUOthZ2bm92soZvnyVTB6BKuOwKUH6l4CrWrQzRo7%2BYO873ReDppcZxC6RlEuo9z29tQZeXHuYPPPFhJ%2BTM4D3NQoTI2P5WOCvro3vq0rsn9bV5Z8fbMoZSZ36MzdOyUtE%2B%2BLd5LtShtx%2FZodff4GnwGz8uF7iS03aC5k3rfkwZoUIjHr2vCEfHPdfpCwW85urjmTu2Lj1pvr17PCJNZKnU9A5cnFi%2BBySp768Y%2F5s33u7AVIM4FxNTK3YCr1EXixC1ssZlYTGLXoWeGhcvXYhGwxVJJAJYuesho2Of7213%2BPFvXY0Nk1lfWevYe%2BWQIt7yLPagxMjYGqQdUI1l0Yl4U5vvpzax5gamnMlFnaZ8qoz%2BYizz4rsPK00W21fBr1OkG3S5Mua4dxGgWC0rAdhVFEWyjtNL38%2FG9%2FAwAA%2F%2F8BAAD%2F%2F6DBPXWQBAAA HTTP/1.1
Host: pleasantpaltryconnections.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://nguonphimc.com/
Cookie: u_pl=17093374; uid_id2=ffcf9cf4-4c7f-4c68-bb56-4add86711f89:3:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; slec5b28bb3338748187b2166508de2d96b3=[3078195,3078189]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Fri, 19 Apr 2024 07:10:42 GMT
Content-Type: image/gif
Content-Length: 7
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 98d62c45e413ec716980062a6d77765f
Strict-Transport-Security: max-age=0; includeSubdomains
|
|
| cdn.creative-bars1.com/sb/notifications/utility/default/us/blog/financeskipper/message_redcircle2/16/img/sale3.jpg | 188.114.96.1 | 200 OK | 65 kB |
URL GET HTTP/3cdn.creative-bars1.com/sb/notifications/utility/default/us/blog/financeskipper/message_redcircle2/16/img/sale3.jpg IP188.114.96.1:443
Requested byhttp://nguonphimc.com/xem-phim/rick-va-morty-2-rick-morty-season-2-f39687.html CertificateIssuerGoogle Trust Services LLC Subjectcreative-bars1.com Fingerprint3D:29:39:2C:F1:E5:C6:EF:54:F5:70:B5:CF:A8:C2:75:4D:89:72:13 ValidityMon, 15 Apr 2024 15:02:18 GMT - Sun, 14 Jul 2024 15:02:17 GMT
File typeJPEG image data, Exif standard: [TIFF image data, big-endian, direntries=12, height=242, bps=0, PhotometricInterpretation=RGB, orientation=upper-left, width=364], progressive, precision 8, 364x242, components 3 Hash61f7b1fa1698507638df7882e2bdfcaf 89134af9a734f4c30d0db01ea36c86895e46b7e3 bc0a583f7e3c834e53d5263ecc90d279b27460ea2e9bce56b7ac6b129eb5849c
GET /sb/notifications/utility/default/us/blog/financeskipper/message_redcircle2/16/img/sale3.jpg HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 19 Apr 2024 07:10:42 GMT
content-type: image/jpeg
content-length: 64642
last-modified: Fri, 19 Jan 2024 14:21:26 GMT
etag: "65aa8566-fc82"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 5591126
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=4mms1k21mMqYTXICC68oSK8X8V5kc%2B%2FnKQCk8TUaSkfnnA4pWwNIvZjCtOdlEsmqexD63HSFa5D5ZAepVZCNXr7bT85YmbDUktH71xDHs8G%2FZWDuRQTMSQqC9dL9oOiO9412nla0s8M%2B"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 876b138c0db55690-OSL
alt-svc: h3=":443"; ma=86400
|
|
| fonts.googleapis.com/css?family=Roboto:300,400,700&display=swap | 142.250.74.106 | 200 OK | 717 B |
URL GET HTTP/1.1fonts.googleapis.com/css?family=Roboto:300,400,700&display=swap IP142.250.74.106:80
Requested byhttp://nguonphimc.com/xem-phim/rick-va-morty-2-rick-morty-season-2-f39687.html
Hash9cc7d472437c87f6f7ebeb35abec09f1 948bb2b7bf4bbc829015c125e1b6f7859b2948b0 9a39510af72db44fb14d333c52c41da0e90827afcfe78c8f12b367f0a94783b7
GET /css?family=Roboto:300,400,700&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: text/css; charset=utf-8
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Link: <http://fonts.gstatic.com>; rel=preconnect; crossorigin
Expires: Fri, 19 Apr 2024 07:10:42 GMT
Date: Fri, 19 Apr 2024 07:10:42 GMT
Cache-Control: private, max-age=86400
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin-allow-popups
Content-Encoding: gzip
Transfer-Encoding: chunked
Server: ESF
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
|
|
| pleasantpaltryconnections.com/pixel/sbls?bv=24.6.6370&tmpl=482&u=https%3A%2F%2Fcdn.barscreative1.com%2Fsb%2Fnotifications%2Futility%2Fdefault%2Fus%2Fblog%2Ffinanceskipper%2Fmessage_redcircle2%2F16%2Findex.html&l=1545&fd=85 | 192.243.61.227 | 200 OK | 0 B |
URL GET HTTP/1.1pleasantpaltryconnections.com/pixel/sbls?bv=24.6.6370&tmpl=482&u=https%3A%2F%2Fcdn.barscreative1.com%2Fsb%2Fnotifications%2Futility%2Fdefault%2Fus%2Fblog%2Ffinanceskipper%2Fmessage_redcircle2%2F16%2Findex.html&l=1545&fd=85 IP192.243.61.227:80 ASN#39572 DataWeb Global Group B.V.
Requested byhttp://nguonphimc.com/xem-phim/rick-va-morty-2-rick-morty-season-2-f39687.html
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /pixel/sbls?bv=24.6.6370&tmpl=482&u=https%3A%2F%2Fcdn.barscreative1.com%2Fsb%2Fnotifications%2Futility%2Fdefault%2Fus%2Fblog%2Ffinanceskipper%2Fmessage_redcircle2%2F16%2Findex.html&l=1545&fd=85 HTTP/1.1
Host: pleasantpaltryconnections.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://nguonphimc.com/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Fri, 19 Apr 2024 07:10:42 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
|
|
| cdn.creative-bars1.com/sb/notifications/utility/default/us/blog/financeskipper/message_redcircle2/16/css/style.css | 188.114.96.1 | 200 OK | 1.0 kB |
URL GET HTTP/2cdn.creative-bars1.com/sb/notifications/utility/default/us/blog/financeskipper/message_redcircle2/16/css/style.css IP188.114.96.1:443
Requested byhttp://nguonphimc.com/xem-phim/rick-va-morty-2-rick-morty-season-2-f39687.html CertificateIssuerGoogle Trust Services LLC Subjectcreative-bars1.com Fingerprint3D:29:39:2C:F1:E5:C6:EF:54:F5:70:B5:CF:A8:C2:75:4D:89:72:13 ValidityMon, 15 Apr 2024 15:02:18 GMT - Sun, 14 Jul 2024 15:02:17 GMT
Hashda91945ede579f34a99cde40a98ce5a4 cfbf9b6c295766437a906f7fd6f46a0302240c9a 9b9d07bcd50263ebd848d3f60889a594727d925ee4488df503eac791023d57b1
GET /sb/notifications/utility/default/us/blog/financeskipper/message_redcircle2/16/css/style.css HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://nguonphimc.com
DNT: 1
Connection: keep-alive
Referer: http://nguonphimc.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 19 Apr 2024 07:10:42 GMT
content-type: text/css
last-modified: Fri, 19 Jan 2024 14:21:26 GMT
etag: W/"65aa8566-e50"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 219993
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=VYyCiSF3FaxIjwPWFaV9R9smMBYkDR%2Bl8CuZjZnb4XE6MRf342R4bvjDyxboYuQ6F98lveJmnS4dULzNmF8rCdBGmXKYG%2BdL3iaH3rRBFyaOTm8QMkWXZqMOXhuGaw5qE%2BpZNvyiPfrr"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 876b138b8d1d0b31-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| pleasantpaltryconnections.com/pixel/sbls?bv=24.6.6370&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Fnotifications%2Futility%2Fdefault%2Fus%2Fblog%2Ffinanceskipper%2Fmessage_redcircle2%2F16%2Fcss%2Fanimate.css&l=78689&fd=323 | 192.243.61.227 | 200 OK | 0 B |
URL GET HTTP/1.1pleasantpaltryconnections.com/pixel/sbls?bv=24.6.6370&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Fnotifications%2Futility%2Fdefault%2Fus%2Fblog%2Ffinanceskipper%2Fmessage_redcircle2%2F16%2Fcss%2Fanimate.css&l=78689&fd=323 IP192.243.61.227:80 ASN#39572 DataWeb Global Group B.V.
Requested byhttp://nguonphimc.com/xem-phim/rick-va-morty-2-rick-morty-season-2-f39687.html
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /pixel/sbls?bv=24.6.6370&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Fnotifications%2Futility%2Fdefault%2Fus%2Fblog%2Ffinanceskipper%2Fmessage_redcircle2%2F16%2Fcss%2Fanimate.css&l=78689&fd=323 HTTP/1.1
Host: pleasantpaltryconnections.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://nguonphimc.com/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Fri, 19 Apr 2024 07:10:42 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
|
|
| pleasantpaltryconnections.com/pixel/sbls?bv=24.6.6370&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Fnotifications%2Futility%2Fdefault%2Fus%2Fblog%2Ffinanceskipper%2Fmessage_redcircle2%2F16%2Fjs%2Fscript.js&l=386&fd=330 | 192.243.61.227 | 200 OK | 0 B |
URL GET HTTP/1.1pleasantpaltryconnections.com/pixel/sbls?bv=24.6.6370&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Fnotifications%2Futility%2Fdefault%2Fus%2Fblog%2Ffinanceskipper%2Fmessage_redcircle2%2F16%2Fjs%2Fscript.js&l=386&fd=330 IP192.243.61.227:80 ASN#39572 DataWeb Global Group B.V.
Requested byhttp://nguonphimc.com/xem-phim/rick-va-morty-2-rick-morty-season-2-f39687.html
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /pixel/sbls?bv=24.6.6370&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Fnotifications%2Futility%2Fdefault%2Fus%2Fblog%2Ffinanceskipper%2Fmessage_redcircle2%2F16%2Fjs%2Fscript.js&l=386&fd=330 HTTP/1.1
Host: pleasantpaltryconnections.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://nguonphimc.com/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Fri, 19 Apr 2024 07:10:42 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
|
|
| cdn.creative-bars1.com/sb/notifications/utility/default/us/blog/financeskipper/message_redcircle2/16/css/animate.css | 188.114.96.1 | 200 OK | 21 kB |
URL GET HTTP/2cdn.creative-bars1.com/sb/notifications/utility/default/us/blog/financeskipper/message_redcircle2/16/css/animate.css IP188.114.96.1:443
Requested byhttp://nguonphimc.com/xem-phim/rick-va-morty-2-rick-morty-season-2-f39687.html CertificateIssuerGoogle Trust Services LLC Subjectcreative-bars1.com Fingerprint3D:29:39:2C:F1:E5:C6:EF:54:F5:70:B5:CF:A8:C2:75:4D:89:72:13 ValidityMon, 15 Apr 2024 15:02:18 GMT - Sun, 14 Jul 2024 15:02:17 GMT
Hash3d4123dbfb33d27a5cfdfcfa91df6783 e7d0eeeec54b848f0bc3da8685fa3bc88429d660 cb7d1393b65701b2f97d8da244c2c6023e9cbc3463ecb0136b915cfc775c6887
GET /sb/notifications/utility/default/us/blog/financeskipper/message_redcircle2/16/css/animate.css HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://nguonphimc.com
DNT: 1
Connection: keep-alive
Referer: http://nguonphimc.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 19 Apr 2024 07:10:42 GMT
content-type: text/css
last-modified: Fri, 19 Jan 2024 14:21:26 GMT
etag: W/"65aa8566-13361"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=p0amlm%2FXvpmWGSXKDezrhMEpJVEBm1sfvBCC%2FaJbt%2BOQThZXkfjxDI3PAuiizoFx77bOxScmHFhxS7RuG9QFC3N%2FcheKEkTMh1l81oMz6z1Zyt6DNSTiu9tq4zI6QaDlQVF7sVTNl57h"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 876b138b8d180b31-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 | 216.58.207.227 | 200 OK | 16 kB |
URL GET HTTP/1.1fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 IP216.58.207.227:80
Requested byhttp://nguonphimc.com/xem-phim/rick-va-morty-2-rick-morty-season-2-f39687.html
File typeWeb Open Font Format (Version 2), TrueType, length 15860, version 1.0 Hashe9f5aaf547f165386cd313b995dddd8e acdef5603c2387b0e5bffd744b679a24a8bc1968 f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
GET /s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://nguonphimc.com
DNT: 1
Connection: keep-alive
Referer: http://fonts.googleapis.com/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin; report-to="apps-themes"
Report-To: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
Timing-Allow-Origin: *
Content-Length: 15860
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Thu, 18 Apr 2024 02:43:51 GMT
Expires: Fri, 18 Apr 2025 02:43:51 GMT
Cache-Control: public, max-age=31536000
Age: 102412
Last-Modified: Wed, 11 May 2022 19:24:42 GMT
Content-Type: font/woff2
|
|
| pleasantpaltryconnections.com/impr.gif?sid=H4sIAAAAAAAC%2F1RSXWscVRg%2Bkwa8EApKQVGEpXihYDYz%2BzlrL4qxRoqxLa2id3K%2BZnPMmTnDOXN2NrkKFqSXi79g8mzSoC2iP8Cqm4JIQMh6lQvzGxSxeCWya3TxvZj343lfeOZ5zqd7%2Fow04OnptXfNjtKarrbrYe2VD6PoSm1DZX5YG8adjzqtKzU7eL3XqYev1t6WfMusNsIoDKMwqq0rKxMzXJ2BUPnDXlTvhfVWox61Wxja%2F%2FfOB3A0gBickWehxHT5cXAJik%2BQpV9dk26rMPlrb6Ve08JYDMTh%2B9lWZsoM6aJMbIAkOzzfhnEn649gsoM5XZjBf4tMTUnwwyOw7PCcJNhgf86TacgMTDyNcjCB1BMoOgE3d6HECQG4wI2byNL7N4wt6fY%2FKJ2hU7L85HeockqWf7mELP1yTath7Y7RvlAmcxgmFdRwAtWfIPdHKHaWoMoj8OITKPETWX2ygSzdv%2Bm0gRKnLycJT3o8aa20eDdZafFOvMJYu7PSokLEnW4UJXFvLpBSE6hkAi1HoO4CvAvgVQCfBPB5gFSc1ngURd1QcBrGPc6boitZR4QR7SYRjcJODM9n%2FzBCkY%2FA9Qjc7iK3u9hSI1j%2FHdxmBScCuIJgICqUkqB0BCUlKBVBWRCUg%2BpAaNdw1X2hnWfReW6c52Y1NkV%2Fjx6Yoi8zAmpHsKLay8%2FIMzMBg%2BXpX9iSp7U2a8SMNZvNuNuKo7jLGlGn0w5jIRui12FNOFVBuSVQF2BnZub3a8hn%2BfJVMHoEp4%2FAVQDqXwItK9DNCjvZg6zvTVYM6tykEKZCXiyj2A729Bl5ce5g%2Fc8mJD8m5wFuK%2BS2wsfqMUFf3xvfNiXZv21KR76%2BmRcqVTt05u6dghYy%2BOIduV0aK65fc6PP3%2BAzYFY%2BfE%2B6YoNmQmV9Rx6sKSGkXTeWS%2FLNdfeBZLe821zzNvP5xq0316%2BnuZXOKZNNQNXJxYvgakqe%2BvGP%2BbN97uwFKDuB9RVSv2CqzBF4vguXL2bOEFi96FkeoPTV2DbYYqgVgZaLnrIKTh5%2F%2B%2Bu%2FR4t6bOnsmqpqz91D3y6BFneRpRUGtsJAV6B6BOcvjIvcHl%2F9uTkPML00Ztou7TNt9WdzkWefFTh1WmuGostkIrtMttqtRHLB2m0W8oSzpohjjsJNk8vP%2F%2FY3AAAA%2F%2F8BAAD%2F%2FyAV6J2QBAAA | 192.243.61.227 | 200 OK | 7 B |
URL GET HTTP/1.1pleasantpaltryconnections.com/impr.gif?sid=H4sIAAAAAAAC%2F1RSXWscVRg%2Bkwa8EApKQVGEpXihYDYz%2BzlrL4qxRoqxLa2id3K%2BZnPMmTnDOXN2NrkKFqSXi79g8mzSoC2iP8Cqm4JIQMh6lQvzGxSxeCWya3TxvZj343lfeOZ5zqd7%2Fow04OnptXfNjtKarrbrYe2VD6PoSm1DZX5YG8adjzqtKzU7eL3XqYev1t6WfMusNsIoDKMwqq0rKxMzXJ2BUPnDXlTvhfVWox61Wxja%2F%2FfOB3A0gBickWehxHT5cXAJik%2BQpV9dk26rMPlrb6Ve08JYDMTh%2B9lWZsoM6aJMbIAkOzzfhnEn649gsoM5XZjBf4tMTUnwwyOw7PCcJNhgf86TacgMTDyNcjCB1BMoOgE3d6HECQG4wI2byNL7N4wt6fY%2FKJ2hU7L85HeockqWf7mELP1yTath7Y7RvlAmcxgmFdRwAtWfIPdHKHaWoMoj8OITKPETWX2ygSzdv%2Bm0gRKnLycJT3o8aa20eDdZafFOvMJYu7PSokLEnW4UJXFvLpBSE6hkAi1HoO4CvAvgVQCfBPB5gFSc1ngURd1QcBrGPc6boitZR4QR7SYRjcJODM9n%2FzBCkY%2FA9Qjc7iK3u9hSI1j%2FHdxmBScCuIJgICqUkqB0BCUlKBVBWRCUg%2BpAaNdw1X2hnWfReW6c52Y1NkV%2Fjx6Yoi8zAmpHsKLay8%2FIMzMBg%2BXpX9iSp7U2a8SMNZvNuNuKo7jLGlGn0w5jIRui12FNOFVBuSVQF2BnZub3a8hn%2BfJVMHoEp4%2FAVQDqXwItK9DNCjvZg6zvTVYM6tykEKZCXiyj2A729Bl5ce5g%2Fc8mJD8m5wFuK%2BS2wsfqMUFf3xvfNiXZv21KR76%2BmRcqVTt05u6dghYy%2BOIduV0aK65fc6PP3%2BAzYFY%2BfE%2B6YoNmQmV9Rx6sKSGkXTeWS%2FLNdfeBZLe821zzNvP5xq0316%2BnuZXOKZNNQNXJxYvgakqe%2BvGP%2BbN97uwFKDuB9RVSv2CqzBF4vguXL2bOEFi96FkeoPTV2DbYYqgVgZaLnrIKTh5%2F%2B%2Bu%2FR4t6bOnsmqpqz91D3y6BFneRpRUGtsJAV6B6BOcvjIvcHl%2F9uTkPML00Ztou7TNt9WdzkWefFTh1WmuGostkIrtMttqtRHLB2m0W8oSzpohjjsJNk8vP%2F%2FY3AAAA%2F%2F8BAAD%2F%2FyAV6J2QBAAA IP192.243.61.227:443 ASN#39572 DataWeb Global Group B.V.
Requested byhttp://nguonphimc.com/xem-phim/rick-va-morty-2-rick-morty-season-2-f39687.html CertificateIssuerLet's Encrypt Subjectpleasantpaltryconnections.com Fingerprint99:F7:20:AC:E5:CE:C1:BC:60:70:9B:07:CF:5F:D0:2C:74:19:AE:30 ValidityTue, 16 Apr 2024 10:20:13 GMT - Mon, 15 Jul 2024 10:20:12 GMT
File typeASCII text, with no line terminators Hash132d6af1b46048b45cf86cdee7991d31 eb7007d03d59b65bc6da7e098c4d38fc6dfb6285 ab852e838deccd742a03ca81d4a8d75cf1a00b327db3eaf46bd7da6b6db9384c
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /impr.gif?sid=H4sIAAAAAAAC%2F1RSXWscVRg%2Bkwa8EApKQVGEpXihYDYz%2BzlrL4qxRoqxLa2id3K%2BZnPMmTnDOXN2NrkKFqSXi79g8mzSoC2iP8Cqm4JIQMh6lQvzGxSxeCWya3TxvZj343lfeOZ5zqd7%2Fow04OnptXfNjtKarrbrYe2VD6PoSm1DZX5YG8adjzqtKzU7eL3XqYev1t6WfMusNsIoDKMwqq0rKxMzXJ2BUPnDXlTvhfVWox61Wxja%2F%2FfOB3A0gBickWehxHT5cXAJik%2BQpV9dk26rMPlrb6Ve08JYDMTh%2B9lWZsoM6aJMbIAkOzzfhnEn649gsoM5XZjBf4tMTUnwwyOw7PCcJNhgf86TacgMTDyNcjCB1BMoOgE3d6HECQG4wI2byNL7N4wt6fY%2FKJ2hU7L85HeockqWf7mELP1yTath7Y7RvlAmcxgmFdRwAtWfIPdHKHaWoMoj8OITKPETWX2ygSzdv%2Bm0gRKnLycJT3o8aa20eDdZafFOvMJYu7PSokLEnW4UJXFvLpBSE6hkAi1HoO4CvAvgVQCfBPB5gFSc1ngURd1QcBrGPc6boitZR4QR7SYRjcJODM9n%2FzBCkY%2FA9Qjc7iK3u9hSI1j%2FHdxmBScCuIJgICqUkqB0BCUlKBVBWRCUg%2BpAaNdw1X2hnWfReW6c52Y1NkV%2Fjx6Yoi8zAmpHsKLay8%2FIMzMBg%2BXpX9iSp7U2a8SMNZvNuNuKo7jLGlGn0w5jIRui12FNOFVBuSVQF2BnZub3a8hn%2BfJVMHoEp4%2FAVQDqXwItK9DNCjvZg6zvTVYM6tykEKZCXiyj2A729Bl5ce5g%2Fc8mJD8m5wFuK%2BS2wsfqMUFf3xvfNiXZv21KR76%2BmRcqVTt05u6dghYy%2BOIduV0aK65fc6PP3%2BAzYFY%2BfE%2B6YoNmQmV9Rx6sKSGkXTeWS%2FLNdfeBZLe821zzNvP5xq0316%2BnuZXOKZNNQNXJxYvgakqe%2BvGP%2BbN97uwFKDuB9RVSv2CqzBF4vguXL2bOEFi96FkeoPTV2DbYYqgVgZaLnrIKTh5%2F%2B%2Bu%2FR4t6bOnsmqpqz91D3y6BFneRpRUGtsJAV6B6BOcvjIvcHl%2F9uTkPML00Ztou7TNt9WdzkWefFTh1WmuGostkIrtMttqtRHLB2m0W8oSzpohjjsJNk8vP%2F%2FY3AAAA%2F%2F8BAAD%2F%2FyAV6J2QBAAA HTTP/1.1
Host: pleasantpaltryconnections.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://nguonphimc.com/
Cookie: u_pl=17093374; uid_id2=ffcf9cf4-4c7f-4c68-bb56-4add86711f89:3:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; slec5b28bb3338748187b2166508de2d96b3=[3078195,3078189]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Fri, 19 Apr 2024 07:10:43 GMT
Content-Type: image/gif
Content-Length: 7
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: f69888cc680cfae21fb1b4f81619b81f
Strict-Transport-Security: max-age=0; includeSubdomains
|
|
| unseenreport.com/pxf.gif?uuid=ffcf9cf4-4c7f-4c68-bb56-4add86711f89&eb=978028c5053b26833423c7a069ce3bd5&te=5db3a4e34790624df926db520a13f79f&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=e&res=14.2069&b_frame=0&pk=5b28bb3338748187b2166508de2d96b3&bl=en-US&sr=1024x1280&sz=1024x1280&hjs=7 | 192.243.59.12 | 200 OK | 1 B |
URL GET HTTP/1.1unseenreport.com/pxf.gif?uuid=ffcf9cf4-4c7f-4c68-bb56-4add86711f89&eb=978028c5053b26833423c7a069ce3bd5&te=5db3a4e34790624df926db520a13f79f&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=e&res=14.2069&b_frame=0&pk=5b28bb3338748187b2166508de2d96b3&bl=en-US&sr=1024x1280&sz=1024x1280&hjs=7 IP192.243.59.12:80 ASN#39572 DataWeb Global Group B.V.
Requested byhttp://nguonphimc.com/xem-phim/rick-va-morty-2-rick-morty-season-2-f39687.html
File typevery short file (no magic) Hash93b885adfe0da089cdf634904fd59f71 5ba93c9db0cff93f52b521d7420e43f6eda2784f 6e340b9cffb37a989ca544e6bb780a2c78901d3fb33738768511a30617afa01d
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /pxf.gif?uuid=ffcf9cf4-4c7f-4c68-bb56-4add86711f89&eb=978028c5053b26833423c7a069ce3bd5&te=5db3a4e34790624df926db520a13f79f&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=e&res=14.2069&b_frame=0&pk=5b28bb3338748187b2166508de2d96b3&bl=en-US&sr=1024x1280&sz=1024x1280&hjs=7 HTTP/1.1
Host: unseenreport.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://nguonphimc.com/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Fri, 19 Apr 2024 07:10:43 GMT
Content-Type: image/gif
Content-Length: 1
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: c51d59dd330255d4ed0f48376d8bf859
Strict-Transport-Security: max-age=0; includeSubdomains
|
|
| pleasantpaltryconnections.com/pixel/sbs?c=1 | 172.240.108.84 | 200 OK | 0 B |
URL GET HTTP/1.1pleasantpaltryconnections.com/pixel/sbs?c=1 IP172.240.108.84:443
Requested byhttp://nguonphimc.com/xem-phim/rick-va-morty-2-rick-morty-season-2-f39687.html CertificateIssuerLet's Encrypt Subjectpleasantpaltryconnections.com Fingerprint99:F7:20:AC:E5:CE:C1:BC:60:70:9B:07:CF:5F:D0:2C:74:19:AE:30 ValidityTue, 16 Apr 2024 10:20:13 GMT - Mon, 15 Jul 2024 10:20:12 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /pixel/sbs?c=1 HTTP/1.1
Host: pleasantpaltryconnections.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://nguonphimc.com/
Cookie: u_pl=17093374; uid_id2=ffcf9cf4-4c7f-4c68-bb56-4add86711f89:3:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; slec5b28bb3338748187b2166508de2d96b3=[3078195,3078189]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Fri, 19 Apr 2024 07:10:43 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
|
|
| nguonphimc.com/xem-phim/rick-va-morty-2-rick-morty-season-2-f39687-2-e496443.html | 94.242.50.163 | 200 OK | 282 B |
URL POST HTTP/1.1nguonphimc.com/xem-phim/rick-va-morty-2-rick-morty-season-2-f39687-2-e496443.html IP94.242.50.163:80
Requested byhttp://nguonphimc.com/xem-phim/rick-va-morty-2-rick-morty-season-2-f39687.html
Hash6e27ff96e6d6741bf588413be24d23b5 1275bb6ad8cc23d43c9799e9158d51c2fd4ff9b1 19c5c404a753b61425819407a53ab87120a5a15208baf288348d907779d094bc
POST /xem-phim/rick-va-morty-2-rick-morty-season-2-f39687-2-e496443.html HTTP/1.1
Host: nguonphimc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
X-Requested-With: XMLHttpRequest
Content-Length: 87
Origin: http://nguonphimc.com
DNT: 1
Connection: keep-alive
Referer: http://nguonphimc.com/xem-phim/rick-va-morty-2-rick-morty-season-2-f39687.html
Cookie: PHPSESSID=2uso23ujno34e1soodor2s6fc5; us_session_id=P70775; _ga_DDD7EKFG6W=GS1.1.1713510640.1.0.1713510640.0.0.0; _ga=GA1.1.170140957.1713510640; dom3ic8zudi28v8lr6fgphwffqoz0j6c=ffcf9cf4-4c7f-4c68-bb56-4add86711f89%3A3%3A1; sb_page_5b28bb3338748187b2166508de2d96b3=1; sb_onpage_5b28bb3338748187b2166508de2d96b3=1; sb_main_5b28bb3338748187b2166508de2d96b3=1; sb_count_5b28bb3338748187b2166508de2d96b3=1
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 19 Apr 2024 07:10:52 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.0.33
X-Powered-By: PHP/7.0.33
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: Accept-Encoding
Content-Encoding: gzip
X-UA-Compatible: IE=edge,chrome=1
Content-Length: 282
Connection: close
Content-Type: text/html; charset=UTF-8
|
|
| grab.nguonphimc.com/embed/rick-va-morty-2-rick-morty-season-2-f39687.html?api=nguonphimc.com&esp=496443&aesp=2&user=P70775&tim=1713510652&key=rlatn6GZVW5qbWVnaGVpbGlmX1auqZmmkp2dWG5ksA | 94.242.50.163 | | 5.1 kB |
URL GET grab.nguonphimc.com/embed/rick-va-morty-2-rick-morty-season-2-f39687.html?api=nguonphimc.com&esp=496443&aesp=2&user=P70775&tim=1713510652&key=rlatn6GZVW5qbWVnaGVpbGlmX1auqZmmkp2dWG5ksA IP94.242.50.163:0
Requested byhttp://nguonphimc.com/xem-phim/rick-va-morty-2-rick-morty-season-2-f39687.html
File typeHTML document, Unicode text, UTF-8 text, with CRLF, LF line terminators Hash273c97160211d0011b4fd41ea4d9b88a 316dcc78367ab53db3cc390bf11353576437b4c5 d8f9bf293f401fbf56c550a8902f31e1058d40ae6401e7811a923b06ae0137dd
GET /embed/rick-va-morty-2-rick-morty-season-2-f39687.html?api=nguonphimc.com&esp=496443&aesp=2&user=P70775&tim=1713510652&key=rlatn6GZVW5qbWVnaGVpbGlmX1auqZmmkp2dWG5ksA HTTP/1.1
Host: grab.nguonphimc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://nguonphimc.com/
Cookie: _ga_DDD7EKFG6W=GS1.1.1713510640.1.0.1713510640.0.0.0; _ga=GA1.1.170140957.1713510640; PHPSESSID=4m1nt5lg3no64vfi0j3ic3bn94; us_session_id=P70785
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 19 Apr 2024 07:10:52 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.0.33
X-Powered-By: PHP/7.0.33
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: Accept-Encoding
Content-Encoding: gzip
X-UA-Compatible: IE=edge,chrome=1
Content-Length: 5055
Connection: close
Content-Type: text/html; charset=UTF-8
|
|
| www.gstatic.com/_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingAdwallUi.vi.pWvgqKnqE8Y.es5.O/ck=boq-content-ads-contributor.ContributorServingAdwallUi.payteTO1wl8.L.F4.O/am=gKEb/d=1/exm=_b,_tp/excm=_b,_tp,allowadsview/ed=1/wt=2/ujg=1/rs=AJlcJMzSUfO5Mm9PUNsFdowDQWxkjdegOQ/ee=EmZ2Bf:zr1jrb;JsbNhc:Xd8iUd;LBgRLc:XVMNvd;NPKaK:PVlQOd;SNUn3:ZwDk9d;cEt90b:ws9Tlc;dIoSBb:SpsfSb;eBAeSb:zbML3c;iFQyKf:vfuNJf;nAFL3:NTMZac;oGtAuc:sOXFj;qddgKe:xQtZb;wR5FRb:siKnQd;yxTchf:KUM7Z/m=BWd0oe | 142.250.74.35 | 200 OK | 43 kB |
URL GET HTTP/3www.gstatic.com/_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingAdwallUi.vi.pWvgqKnqE8Y.es5.O/ck=boq-content-ads-contributor.ContributorServingAdwallUi.payteTO1wl8.L.F4.O/am=gKEb/d=1/exm=_b,_tp/excm=_b,_tp,allowadsview/ed=1/wt=2/ujg=1/rs=AJlcJMzSUfO5Mm9PUNsFdowDQWxkjdegOQ/ee=EmZ2Bf:zr1jrb;JsbNhc:Xd8iUd;LBgRLc:XVMNvd;NPKaK:PVlQOd;SNUn3:ZwDk9d;cEt90b:ws9Tlc;dIoSBb:SpsfSb;eBAeSb:zbML3c;iFQyKf:vfuNJf;nAFL3:NTMZac;oGtAuc:sOXFj;qddgKe:xQtZb;wR5FRb:siKnQd;yxTchf:KUM7Z/m=BWd0oe IP142.250.74.35:443
Requested byhttps://fundingchoicesmessages.google.com/s/whitelist?hl=vi CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com Fingerprint8F:81:43:71:C4:F3:8C:FA:6D:EC:B4:5E:1F:58:71:AA:48:42:0E:E9 ValidityMon, 04 Mar 2024 07:16:39 GMT - Mon, 27 May 2024 07:16:38 GMT
File typeJavaScript source, ASCII text, with very long lines (1424) Hash124ba95b2ec12aff22f988c42b14d353 e506202fff14601dba2b44d807b1319968bb3216 50aff2092ce10805752997b823e0bb7490112ff66b9f2d00eaa8b6cada98a873
GET /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingAdwallUi.vi.pWvgqKnqE8Y.es5.O/ck=boq-content-ads-contributor.ContributorServingAdwallUi.payteTO1wl8.L.F4.O/am=gKEb/d=1/exm=_b,_tp/excm=_b,_tp,allowadsview/ed=1/wt=2/ujg=1/rs=AJlcJMzSUfO5Mm9PUNsFdowDQWxkjdegOQ/ee=EmZ2Bf:zr1jrb;JsbNhc:Xd8iUd;LBgRLc:XVMNvd;NPKaK:PVlQOd;SNUn3:ZwDk9d;cEt90b:ws9Tlc;dIoSBb:SpsfSb;eBAeSb:zbML3c;iFQyKf:vfuNJf;nAFL3:NTMZac;oGtAuc:sOXFj;qddgKe:xQtZb;wR5FRb:siKnQd;yxTchf:KUM7Z/m=BWd0oe HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://fundingchoicesmessages.google.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/content-ads-contributor-boq-js-css-signers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="boq-infra/content-ads-contributor-boq-js-css-signers"
report-to: {"group":"boq-infra/content-ads-contributor-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/content-ads-contributor-boq-js-css-signers"}]}
content-length: 15156
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 19 Apr 2024 03:37:05 GMT
expires: Sat, 19 Apr 2025 03:37:05 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Sun, 14 Apr 2024 07:33:00 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
age: 12816
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| fundingchoicesmessages.google.com/s/whitelist?hl=vi | 142.250.74.46 | 200 OK | 100 kB |
URL GET HTTP/2fundingchoicesmessages.google.com/s/whitelist?hl=vi IP142.250.74.46:443
Requested byhttp://nguonphimc.com/xem-phim/rick-va-morty-2-rick-morty-season-2-f39687.html CertificateIssuerGoogle Trust Services LLC Subject*.google.com Fingerprint02:6C:2F:38:A0:8A:95:AC:E8:2B:67:AA:69:A4:34:6E:15:99:F5:1D ValidityMon, 04 Mar 2024 06:35:50 GMT - Mon, 27 May 2024 06:35:49 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /s/whitelist?hl=vi HTTP/1.1
Host: fundingchoicesmessages.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://nguonphimc.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/html; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-ua-compatible: IE=edge
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Fri, 19 Apr 2024 07:10:40 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
content-security-policy: script-src 'nonce-AYcWaCCHlmtLvETn73e-8w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingAdwallUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingAdwallUi/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingAdwallUi/cspreport
cross-origin-resource-policy: same-site
cross-origin-opener-policy: same-origin
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
reporting-endpoints: default="/_/ContributorServingAdwallUi/web-reports?context=eJzjMtDikmLw0pBikPj6kkkLiJ3SZ7CGALFP_QzWOCBuvXmOdToQJ_07z1oCxEI8HB82dmxkE7jRvvE2MwDS-BmJ"
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 | 216.58.207.227 | 200 OK | 15 kB |
URL GET HTTP/2fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 IP216.58.207.227:443
Requested byhttps://fundingchoicesmessages.google.com/s/whitelist?hl=vi CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com Fingerprint8F:81:43:71:C4:F3:8C:FA:6D:EC:B4:5E:1F:58:71:AA:48:42:0E:E9 ValidityMon, 04 Mar 2024 07:16:39 GMT - Mon, 27 May 2024 07:16:38 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 15436, version 1.0 Hash037d830416495def72b7881024c14b7b 619389190b3cafafb5db94113990350acc8a0278 1d5b7c64458f4af91dcfee0354be47adde1f739b5aded03a7ab6068a1bb6ca97
GET /s/roboto/v18/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Referer: https://fundingchoicesmessages.google.com/
Origin: https://fundingchoicesmessages.google.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15436
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 18 Apr 2024 08:34:02 GMT
expires: Fri, 18 Apr 2025 08:34:02 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 16 Oct 2017 17:33:12 GMT
content-type: font/woff2
age: 81399
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| nguonphimc.com/themes/np/images/button_km.png | 94.242.50.163 | 200 OK | 2.6 kB |
URL GET HTTP/1.1nguonphimc.com/themes/np/images/button_km.png IP94.242.50.163:80
Requested byhttp://nguonphimc.com/xem-phim/rick-va-morty-2-rick-morty-season-2-f39687.html
File typePNG image data, 66 x 50, 8-bit/color RGBA, non-interlaced Hash05238f78240b8bb3d2453e866550a011 766a5353d457d5282bb04192072a116073b8666d aed76e5f2deac5394da887c6b862ab04fbc3e601348006da714310d72c5dfc60
GET /themes/np/images/button_km.png HTTP/1.1
Host: nguonphimc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://nguonphimc.com/themes/np/css/color.css?v=np2.4.8.2
Cookie: PHPSESSID=2uso23ujno34e1soodor2s6fc5; us_session_id=P70775; _ga_DDD7EKFG6W=GS1.1.1713510640.1.0.1713510640.0.0.0; _ga=GA1.1.170140957.1713510640
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 19 Apr 2024 07:10:41 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.0.33
Last-Modified: Fri, 19 Jan 2018 09:15:00 GMT
Accept-Ranges: bytes
Content-Length: 2646
Cache-Control: max-age=2592000, public
Expires: Sun, 19 May 2024 07:10:41 GMT
Connection: close
Content-Type: image/png
|
|
| pleasantpaltryconnections.com/pixel/sbls?bv=24.6.6370&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Fnotifications%2Futility%2Fdefault%2Fus%2Fblog%2Ffinanceskipper%2Fmessage_redcircle2%2F16%2Fcss%2Fstyle.css&l=3664&fd=46 | 192.243.61.227 | 200 OK | 0 B |
URL GET HTTP/1.1pleasantpaltryconnections.com/pixel/sbls?bv=24.6.6370&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Fnotifications%2Futility%2Fdefault%2Fus%2Fblog%2Ffinanceskipper%2Fmessage_redcircle2%2F16%2Fcss%2Fstyle.css&l=3664&fd=46 IP192.243.61.227:80 ASN#39572 DataWeb Global Group B.V.
Requested byhttp://nguonphimc.com/xem-phim/rick-va-morty-2-rick-morty-season-2-f39687.html
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /pixel/sbls?bv=24.6.6370&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Fnotifications%2Futility%2Fdefault%2Fus%2Fblog%2Ffinanceskipper%2Fmessage_redcircle2%2F16%2Fcss%2Fstyle.css&l=3664&fd=46 HTTP/1.1
Host: pleasantpaltryconnections.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://nguonphimc.com/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Fri, 19 Apr 2024 07:10:42 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
|
|
| fonts.gstatic.com/s/materialicons/v142/flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2 | 216.58.207.227 | 200 OK | 128 kB |
URL GET HTTP/2fonts.gstatic.com/s/materialicons/v142/flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2 IP216.58.207.227:443
Requested byhttp://nguonphimc.com/xem-phim/rick-va-morty-2-rick-morty-season-2-f39687.html CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com Fingerprint8F:81:43:71:C4:F3:8C:FA:6D:EC:B4:5E:1F:58:71:AA:48:42:0E:E9 ValidityMon, 04 Mar 2024 07:16:39 GMT - Mon, 27 May 2024 07:16:38 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 128352, version 1.0 Size128 kB (128352 bytes) Hash53436aca8627a49f4deaaa44dc9e3c05 0bc0c675480d94ec7e8609dda6227f88c5d08d2c 8265f64786397d6b832d1ca0aafdf149ad84e72759fffa9f7272e91a0fb015d1
GET /s/materialicons/v142/flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://nguonphimc.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 128352
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 13 Apr 2024 06:44:19 GMT
expires: Sun, 13 Apr 2025 06:44:19 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 08 Apr 2024 19:04:47 GMT
content-type: font/woff2
age: 519981
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| ssl.p.jwpcdn.com/player/v/8.24.0/jwpsrv.js | 151.101.66.114 | 200 OK | 66 kB |
URL GET HTTP/1.1ssl.p.jwpcdn.com/player/v/8.24.0/jwpsrv.js IP151.101.66.114:80
Requested byhttp://grab.nguonphimc.com/embed/rick-va-morty-2-rick-morty-season-2-f39687.html?api=nguonphimc.com&esp=496442&aesp=1&user=P70775&tim=1713510641&key=rVatn6GZVG5qbWVnZ2VpbGhlXlauqZmmkZ2dWG5krw
File typeJavaScript source, ASCII text, with very long lines (65536), with no line terminators Hash1a96e7c0d0040b922d2458e3bc2cfe7f 2088da30a0d3ff7fa3d619f6bfd0661f236494dc e3c5ff38a6b645121ae055d1bb18885c2f185331f58f6229443c2f031684216f
GET /player/v/8.24.0/jwpsrv.js HTTP/1.1
Host: ssl.p.jwpcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://grab.nguonphimc.com/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Connection: keep-alive
Content-Length: 19890
Cache-Control: max-age=900, immutable
Last-Modified: Tue, 12 Dec 2023 21:44:08 GMT
ETag: "1a96e7c0d0040b922d2458e3bc2cfe7f"
Content-Type: application/javascript
Server: AmazonS3
Content-Encoding: gzip
Accept-Ranges: bytes
Date: Fri, 19 Apr 2024 07:10:41 GMT
Via: 1.1 varnish
Age: 822
X-Served-By: cache-hel1410034-HEL
X-Cache: HIT
X-Cache-Hits: 11869
X-Timer: S1713510642.897599,VS0,VE0
Vary: Accept-Encoding
Access-Control-Allow-Origin: *
|
|
| cdn.creative-bars1.com/sb/notifications/utility/default/us/blog/financeskipper/message_redcircle2/16/js/script.js | 188.114.96.1 | 200 OK | 386 B |
URL GET HTTP/2cdn.creative-bars1.com/sb/notifications/utility/default/us/blog/financeskipper/message_redcircle2/16/js/script.js IP188.114.96.1:443
Requested byhttp://nguonphimc.com/xem-phim/rick-va-morty-2-rick-morty-season-2-f39687.html CertificateIssuerGoogle Trust Services LLC Subjectcreative-bars1.com Fingerprint3D:29:39:2C:F1:E5:C6:EF:54:F5:70:B5:CF:A8:C2:75:4D:89:72:13 ValidityMon, 15 Apr 2024 15:02:18 GMT - Sun, 14 Jul 2024 15:02:17 GMT
File typeASCII text, with very long lines (399), with no line terminators Hash022602a468da44628060800173771da2 9be813fbfebbcb2aa46d8c6b8abec68b3d16c89c 6742c376e658c34d09b2dc5772bd798e3cd52bb265758bac5bce184f8ee7b5cc
GET /sb/notifications/utility/default/us/blog/financeskipper/message_redcircle2/16/js/script.js HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://nguonphimc.com
DNT: 1
Connection: keep-alive
Referer: http://nguonphimc.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 19 Apr 2024 07:10:42 GMT
content-type: application/javascript
last-modified: Fri, 19 Jan 2024 14:21:26 GMT
etag: W/"65aa8566-182"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=V6apxKi0fEIkQNjtSUStxo6DH1XimRzLruB%2BbsZnmSEZT6jAnnYkcecXHVX6VBkAcD02rTp6hGEBYtsJ0PxpKeR5iVghOrqVpH5cTGQJ5CMjx9LIcHfz3SYBGXmdJpt44rdDGShli81W"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 876b138b9d1f0b31-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| fonts.googleapis.com/icon?family=Material+Icons | 142.250.74.106 | 200 OK | 565 B |
URL GET HTTP/2fonts.googleapis.com/icon?family=Material+Icons IP142.250.74.106:443
Requested byhttp://nguonphimc.com/xem-phim/rick-va-morty-2-rick-morty-season-2-f39687.html CertificateIssuerGoogle Trust Services LLC Subjectupload.video.google.com Fingerprint47:5A:64:7D:9F:47:34:07:31:91:97:F7:04:42:7A:D5:EA:AD:07:4E ValidityMon, 04 Mar 2024 07:16:44 GMT - Mon, 27 May 2024 07:16:43 GMT
File typeASCII text, with very long lines (588), with no line terminators Hash959a533a3dc02649e0cc3f8f67d942af 34db49ff64aed8b51beaba5b9928ad504a4df335 24864ed3ee6fab66640980d4c24640e579e5583764a8ee8c4f09decf27977247
GET /icon?family=Material+Icons HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://nguonphimc.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Fri, 19 Apr 2024 07:10:40 GMT
date: Fri, 19 Apr 2024 07:10:40 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| cdn.barscreative1.com/sb/notifications/utility/default/us/blog/financeskipper/message_redcircle2/16/index.html | 45.133.44.3 | 200 OK | 1.5 kB |
URL GET HTTP/2cdn.barscreative1.com/sb/notifications/utility/default/us/blog/financeskipper/message_redcircle2/16/index.html IP45.133.44.3:443 ASN#39572 DataWeb Global Group B.V.
Requested byhttp://nguonphimc.com/xem-phim/rick-va-morty-2-rick-morty-season-2-f39687.html CertificateIssuerLet's Encrypt Subjectcdn.barscreative1.com FingerprintF6:54:F4:B9:EB:AD:1E:FA:8F:76:B9:75:20:9B:41:57:32:37:94:E3 ValiditySun, 10 Mar 2024 03:01:32 GMT - Sat, 08 Jun 2024 03:01:31 GMT
File typeHTML document, ASCII text, with very long lines (1633), with no line terminators Hashf93ed3ce8bed77cddedfbd4906ec1e86 a6860f6e0d690ac796f5c8e9211aef6031a29abb 7a7a3a39b0cf96b597a8da0cef9b2093229e1778fda9697b5215ba4cb267c1a0
GET /sb/notifications/utility/default/us/blog/financeskipper/message_redcircle2/16/index.html HTTP/1.1
Host: cdn.barscreative1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://nguonphimc.com
DNT: 1
Connection: keep-alive
Referer: http://nguonphimc.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 19 Apr 2024 07:10:42 GMT
content-type: text/html; charset=utf-8
server: nginx/1.21.6
last-modified: Fri, 19 Jan 2024 14:21:26 GMT
etag: W/"65aa8566-609"
cache-control: max-age=3600
access-control-allow-origin: *
access-control-expose-headers: Date
content-encoding: gzip
expires: Fri, 19 Apr 2024 08:10:42 GMT
x-proxy-cache: HIT
X-Firefox-Spdy: h2
|
|