Report - nguonchilla.com/site/site/embed/?url=http://nguonchilla.com/thanh-vat-ca-sau-crocodile-dundee-f41307.html

Report Overview

Submitted URL
nguonchilla.com/site/site/embed/?url=http://nguonchilla.com/thanh-vat-ca-sau-crocodile-dundee-f41307.html
IP
94.242.50.163
ASN
#43317 SIA VEESP
Submitted
2024-04-16 13:23:33
Access
public
Website Title
Phim Thánh Vật Cá Sấu | Crocodile Dundee - Vietsub, Thuyết Minh, HD - nguonchillb.com
Final URL
nguonchillb.com/thanh-vat-ca-sau-crocodile-dundee-f41307.html
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
20

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
fonts.googleapis.com	8877	2005-01-25	2013-06-10	2024-04-16	2.4 kB	54 kB	142.250.74.106
cdn.creative-bars1.com	unknown	2022-11-01	2022-11-15	2024-04-07	2.0 kB	150 kB	104.21.70.253
m3.nguonhay.com	unknown	2022-05-13	2022-10-28	2024-03-07	6.3 kB	1.2 MB	94.242.50.163
ocsp.r2m03.amazontrust.com	unknown	2007-05-11	2023-02-21	2024-04-16	338 B	942 B	143.204.53.97
unseenreport.com	unknown	2022-03-30	2022-03-30	2024-04-15	656 B	424 B	192.243.59.13
chokedsmelt.com	unknown	2022-02-17	2022-02-17	2024-03-09	352 B	17 kB	192.243.59.12
downstairsnegotiatebarren.com	unknown	2024-03-04	2024-03-04	2024-04-15	737 B	29 kB	172.67.180.87
continuousselfevidentinestimable.com	unknown	unknown	No data	No data	7.2 kB	13 kB	172.240.108.68
m3.nguonphim.net	926780	2016-09-27	2017-09-03	2024-03-07	1.1 kB	53 kB	94.242.50.163
www.googletagmanager.com	75	2011-11-11	2013-05-22	2024-04-16	875 B	162 kB	142.250.74.168
nguontv.com	336051	2017-12-19	2017-12-26	2024-04-05	340 B	52 kB	94.242.50.163
proftrafficcounter.com	unknown	2023-11-16	2023-11-21	2024-04-15	429 B	421 B	3.123.64.179
cdn.barscreative1.com	25648	2021-09-08	2021-09-16	2024-04-14	511 B	858 B	45.133.44.4
nguonchilla.com	unknown	2024-03-15	2024-03-15	2024-03-28	2.2 kB	2.1 kB	94.242.50.163
nguonchillb.com	unknown	unknown	No data	No data	10 kB	294 kB	94.242.50.163
fonts.gstatic.com	unknown	2008-02-11	2014-09-09	2024-04-16	7.9 kB	475 kB	142.250.74.99

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2024-04-16	medium	chokedsmelt.com	Sinkholed
2024-04-16	medium	continuousselfevidentinestimable.com	Sinkholed
2024-04-16	medium	continuousselfevidentinestimable.com	Sinkholed
2024-04-16	medium	continuousselfevidentinestimable.com	Sinkholed
2024-04-16	medium	continuousselfevidentinestimable.com	Sinkholed
2024-04-16	medium	continuousselfevidentinestimable.com	Sinkholed
2024-04-16	medium	continuousselfevidentinestimable.com	Sinkholed
2024-04-16	medium	unseenreport.com	Sinkholed
2024-04-16	medium	continuousselfevidentinestimable.com	Sinkholed
2024-04-16	medium	continuousselfevidentinestimable.com	Sinkholed

ThreatFox

No alerts detected

JavaScript (29)

	URL	Size	First Seen	Last Seen
	nguonchillb.com/thanh-vat-ca-sau-crocodile-dundee-f41307.html	155 B	2024-02-18	2024-04-16
Pretty URL nguonchillb.com/thanh-vat-ca-sau-crocodile-dundee-f41307.html IP 94.242.50.163 ASN #43317 SIA VEESP Introduced by scriptElement Embedded in HTML true Observations First Seen2024-02-18 22:54:31 Last Seen2024-04-16 15:23:41 Times Seen9 Hash 6051014c5e796fee2658df8215ca51b1 43a9c6fc8557d2ed77ed5148d988b60cd2fc9032 095fb8ece5340b7cf3dae710c4c0b18d4e3376c62776d10700cfc1b81fc5569f Loading...

	chokedsmelt.com/5b/28/bb/5b28bb3338748187b2166508de2d96b3.js	44 kB	2024-04-16	2024-04-16
Pretty URL chokedsmelt.com/5b/28/bb/5b28bb3338748187b2166508de2d96b3.js IP 192.243.59.12 ASN #39572 DataWeb Global Group B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-16 15:23:41 Last Seen2024-04-16 15:23:42 Times Seen4 Hash f86da52918926e8d5e65198181fa331b f594fc7df49e2850ee3a11a6c556d030988b7934 fb9d814b3e5058f29e4220aa9e9945a95ad0887a9238ab370c0f7d8a57999507 Loading...

	nguonchillb.com/themes/np/js/wow.min.js	8.4 kB	2023-03-07	2024-04-24
Pretty URL nguonchillb.com/themes/np/js/wow.min.js IP 94.242.50.163 ASN #43317 SIA VEESP Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:32 Last Seen2024-04-24 19:58:51 Times Seen1522 Hash e1f1ff6897992a9165e8ce009b4039e3 e297207404fea99863aea60a1dcd3770f8ecddee 37461d9b50fd93b2e6d064c4aa48cbc16d5b1e82c27f47270b87a39225cc00ac Loading...

	nguonchillb.com/js/main.min.js?v=2.4.8.2	18 kB	2023-03-08	2024-04-28
Pretty URL nguonchillb.com/js/main.min.js?v=2.4.8.2 IP 94.242.50.163 ASN #43317 SIA VEESP Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 05:21:43 Last Seen2024-04-28 23:23:46 Times Seen113 Hash 2f3514d630f0195787c0f99778202f3c 2ce2883a59c655b8e02d644a1449fcdfdf604486 23b47b8eb144a359fdd87940db44e0420e7e0062f3cbba762e0e22c35afb3749 Loading...

	downstairsnegotiatebarren.com/sfp.js	86 kB	2024-03-29	2024-04-30
Pretty URL downstairsnegotiatebarren.com/sfp.js IP 172.67.180.87 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-03-29 13:13:34 Last Seen2024-04-30 10:57:19 Times Seen1347 Hash f4a2f8f9f99541c6f105bbd0a025bd40 1f8e3eff12168fdd9e719adfc098d24a45b6916a b717cb04231a10d425fd55b73c85a5407119c6826a8bac94142fddfff6958716 Loading...

	nguonchillb.com/assets/3bd14e95/jquery.min.js	97 kB	2023-03-07	2024-04-29
Pretty URL nguonchillb.com/assets/3bd14e95/jquery.min.js IP 94.242.50.163 ASN #43317 SIA VEESP Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:06:51 Last Seen2024-04-29 08:27:34 Times Seen2410 Hash 0fca26b5a37a66d68d0f4406976be4b5 ee000eb654b3bd37185665d3901e93b34ce1aa52 8c2812ded6436715279f8fd8db58de307aa39ab0296fe3cf0e879067c51e9b18 Loading...

	nguonchillb.com/themes/np/js/jquery.nice-select.js	6.0 kB	2023-03-07	2024-04-20
Pretty URL nguonchillb.com/themes/np/js/jquery.nice-select.js IP 94.242.50.163 ASN #43317 SIA VEESP Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:02:53 Last Seen2024-04-20 07:49:24 Times Seen89 Hash 723e741faba72abfb0e56b6e0f8a73d8 ba71788614e8e11dbeeebdcac9037b57e7a69ce4 39f6514264e1603542b6aa38ba44c3be0aa7bbdef56ed139d74fe75e24e642fa Loading...

	moz-extension://dd2ceb24-9a5a-481a-a4f4-0bd0450fd8db/lib/shim_messaging_helper.js	1.7 kB	2023-05-05	2024-04-30
Pretty URL moz-extension://dd2ceb24-9a5a-481a-a4f4-0bd0450fd8db/lib/shim_messaging_helper.js IP 0.0.0.0 ASN #0 Introduced by Embedded in HTML false Observations First Seen2023-05-05 22:33:37 Last Seen2024-04-30 11:03:09 Times Seen45254 Hash 865f01cbb34eb505834e826380d7dc2e c239ccc37191f1be78dfaa6bb3f1da5d314fdf9e 30ed6392b8de4590bd974a4a797ee0b12b382f2141738115bfd2d692cfa6ec17 Loading...

	nguonchillb.com/themes/np/js/owl.carousel.min.js	24 kB	2023-03-07	2024-04-25
Pretty URL nguonchillb.com/themes/np/js/owl.carousel.min.js IP 94.242.50.163 ASN #43317 SIA VEESP Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:24 Last Seen2024-04-25 13:58:08 Times Seen1226 Hash 8c52f27fcac36c7667f8fb846e1e94d5 e5862559db659ffd530c91452d668c5e7b3f0f2d 6c1e31700f68d1666de6b0992e89d413434707718bf729a472404029845bdbad Loading...

	nguonchillb.com/thanh-vat-ca-sau-crocodile-dundee-f41307.html	445 B	2023-06-30	2024-04-20
Pretty URL nguonchillb.com/thanh-vat-ca-sau-crocodile-dundee-f41307.html IP 94.242.50.163 ASN #43317 SIA VEESP Introduced by scriptElement Embedded in HTML true Observations First Seen2023-06-30 17:21:06 Last Seen2024-04-20 07:49:23 Times Seen40 Hash 97e094668f02b1c249e1b0fde6a93c38 0153a494a8ff263e8e544dccddccd8fb0cafb4d1 58c2bf516e86f70bfeade925e3cacc9dada2b41883b78e2b090f41074283eca2 Loading...

	nguonchillb.com/thanh-vat-ca-sau-crocodile-dundee-f41307.html	2.6 kB	2023-03-14	2024-04-20
Pretty URL nguonchillb.com/thanh-vat-ca-sau-crocodile-dundee-f41307.html IP 94.242.50.163 ASN #43317 SIA VEESP Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-14 11:01:34 Last Seen2024-04-20 07:49:23 Times Seen41 Hash 60161d8d86847ca8b04f5b01ee669a6c 717b4881183bf8cf5ce77404d34a269a4050aeb1 a24fd0045c4ab300e6a50db2183ef069a1381b411e5266655083d9181cd34eb4 Loading...

	www.googletagmanager.com/gtag/js?id=UA-228470674-1	204 kB	2024-04-16	2024-04-16
Pretty URL www.googletagmanager.com/gtag/js?id=UA-228470674-1 IP 142.250.74.168 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-16 15:23:41 Last Seen2024-04-16 15:23:41 Times Seen2 Hash 2398f8728ffdea633f6912763076b359 c977dd5762546c5c393b5f5f46c5b400fe4d85e0 2a59ebd31ee6aab82dd787ed7c7d38b7c4e9831cf3ebd89dabea039998ace96f Loading...

	nguonchillb.com/thanh-vat-ca-sau-crocodile-dundee-f41307.html	1.1 kB	2024-04-16	2024-04-16
Pretty URL nguonchillb.com/thanh-vat-ca-sau-crocodile-dundee-f41307.html IP 94.242.50.163 ASN #43317 SIA VEESP Introduced by scriptElement Embedded in HTML true Observations First Seen2024-04-16 15:23:41 Last Seen2024-04-16 15:23:41 Times Seen2 Hash 5d1b3ba89f18c091d7fc75f6a60abd28 a2d77230c5eb480a2c07f59a27761762f6c8d941 2d21655ce9c21abb312e60788f8cc13db8d0ed786b13c9f06a61ba8c4bb08b3e Loading...

	nguonchillb.com/thanh-vat-ca-sau-crocodile-dundee-f41307.html	1.3 kB	2023-06-30	2024-04-20
Pretty URL nguonchillb.com/thanh-vat-ca-sau-crocodile-dundee-f41307.html IP 94.242.50.163 ASN #43317 SIA VEESP Introduced by scriptElement Embedded in HTML true Observations First Seen2023-06-30 17:21:06 Last Seen2024-04-20 07:49:23 Times Seen21 Hash d59eec928a2258943841a24265996b71 bcafb6d712b5384c229200ac334ae4edc4257666 2c95a0c2b22c434ddcafff4c6c066e0245fe952dc6ecac092f03a3e6dfdebca8 Loading...

	nguonchillb.com/thanh-vat-ca-sau-crocodile-dundee-f41307.html	186 B	2023-03-14	2024-04-20
Pretty URL nguonchillb.com/thanh-vat-ca-sau-crocodile-dundee-f41307.html IP 94.242.50.163 ASN #43317 SIA VEESP Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-14 11:01:34 Last Seen2024-04-20 07:49:23 Times Seen34 Hash b993e8a9b04faef49d09b434bd17084a 39a8f48a89f2e25c64f943ccbd07569554ee9c35 6f0325f63b0088d5d2b0077b848f4ad68412653d986d7bd5ffb5691ac86bf2c8 Loading...

	unknown	601 B	2024-03-07	2024-04-19
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2024-03-07 12:14:18 Last Seen2024-04-19 09:11:16 Times Seen20 Hash bc7e504d6391f5eb1881975bf5127984 16215184865d4a780ac3b19ff566779a3b732e8d 72e4587236f8dece3a52a83fb3180fe58efc56531f3163f409335dba109cfd3c Loading...

	nguonchillb.com/themes/np/js/jquery.magnific-popup.min.js	20 kB	2023-03-07	2024-04-28
Pretty URL nguonchillb.com/themes/np/js/jquery.magnific-popup.min.js IP 94.242.50.163 ASN #43317 SIA VEESP Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:21 Last Seen2024-04-28 18:23:45 Times Seen5910 Hash b37d7edf99565d3858eaa1ad80df3cff 786a4343711e9af5e5dfcc493e7d2331b48875bb b0a45cd5aed66e27bd8ee861d0e3b782c8e79849bde32f90f078b9f2451a36f2 Loading...

	www.googletagmanager.com/gtag/js?id=G-3RRF2WKVFP&l=dataLayer&cx=c	244 kB	2024-04-16	2024-04-16
Pretty URL www.googletagmanager.com/gtag/js?id=G-3RRF2WKVFP&l=dataLayer&cx=c IP 142.250.74.168 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-16 15:23:41 Last Seen2024-04-16 15:23:42 Times Seen2 Hash 7de56a1341d51530bb61cf7160133f9e 318f04a07cdda0a14971a4feb2d99841bceb849a 8ba98dc8b423cc12edc403f49dd3356997df7aafa53bfeb73c19006cea8fb512 Loading...

	nguonchillb.com/thanh-vat-ca-sau-crocodile-dundee-f41307.html	3.2 kB	2023-06-30	2024-04-20
Pretty URL nguonchillb.com/thanh-vat-ca-sau-crocodile-dundee-f41307.html IP 94.242.50.163 ASN #43317 SIA VEESP Introduced by scriptElement Embedded in HTML true Observations First Seen2023-06-30 17:21:06 Last Seen2024-04-20 07:49:23 Times Seen21 Hash b96f4a005c864862a4384b06d5a9107c fc78ac08d3340dbb4b804be29f7fc4b7681cc6d7 aed37495258d67e806aa0a4db84b8575f1ecad7860d09f533506754ec311d3fd Loading...

	nguonchillb.com/themes/np/js/jquery.showmore.src.js	1.0 kB	2023-03-13	2024-04-20
Pretty URL nguonchillb.com/themes/np/js/jquery.showmore.src.js IP 94.242.50.163 ASN #43317 SIA VEESP Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 02:25:00 Last Seen2024-04-20 07:49:24 Times Seen122 Hash f67d16dc855157012280d1b8d2d0ac55 4eaa66120111bb8cb4c21884c647bf609ef3a7a5 89a7b91f92a0583bcfabc3dc0347bfb78822ebe75d229fb766ae2fdc6e7e0d28 Loading...

	nguonchillb.com/thanh-vat-ca-sau-crocodile-dundee-f41307.html	1.2 kB	2023-03-14	2024-04-20
Pretty URL nguonchillb.com/thanh-vat-ca-sau-crocodile-dundee-f41307.html IP 94.242.50.163 ASN #43317 SIA VEESP Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-14 11:01:34 Last Seen2024-04-20 07:49:23 Times Seen41 Hash 9b84178904087e9ecab356dd1d22e7ac 7d8f1e77acc4c28b9c0302d86705315d0970ad5f 6dc11177a43f6eb08ce1e1076f1407df69952991908cfe350a82e5b0abbc6566 Loading...

	nguonchillb.com/thanh-vat-ca-sau-crocodile-dundee-f41307.html	3.9 kB	2024-02-18	2024-04-20
Pretty URL nguonchillb.com/thanh-vat-ca-sau-crocodile-dundee-f41307.html IP 94.242.50.163 ASN #43317 SIA VEESP Introduced by scriptElement Embedded in HTML true Observations First Seen2024-02-18 22:54:32 Last Seen2024-04-20 07:49:23 Times Seen32 Hash 972805b1a38054d9b5ccdb8e70028090 4710bc93ff6f4bcd3a154425aba307648efacdda 8ed077247980a4e781cdc45b2dbdea9875cabadd19eb48ef55d98708eb601401 Loading...

	nguonchillb.com/thanh-vat-ca-sau-crocodile-dundee-f41307.html	9.4 kB	2023-03-14	2024-04-20
Pretty URL nguonchillb.com/thanh-vat-ca-sau-crocodile-dundee-f41307.html IP 94.242.50.163 ASN #43317 SIA VEESP Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-14 11:01:34 Last Seen2024-04-20 07:49:24 Times Seen41 Hash 1fbb5a1c0db77beb2e5697fa2e4f2ba9 d50e55939259b9a1e60ba06e8aa6dbcbbe9b4f0b 20b7d396ca4d7747326ac67a5c06f5ca1b6391f794e8125b3583040e61c5c105 Loading...

	nguonchillb.com/sandbox%20eval%20code	147 B	2023-04-11	2024-04-30
Pretty URL nguonchillb.com/sandbox%20eval%20code IP 0.0.0.0 ASN #0 Introduced by Embedded in HTML false Observations First Seen2023-04-11 21:07:53 Last Seen2024-04-30 11:03:07 Times Seen343425 Hash 92b651082ce234f66bb544e678befda3 14c21c55ddce43b6f677caadf51d4ab98c6a3df8 25d57d1d97abeb84531d3d3e5754dd5cb19a2c115edfa7cfc7af8247084faded Loading...

	www.google-analytics.com/analytics.js	4.7 kB	2023-04-11	2024-04-30
Pretty URL www.google-analytics.com/analytics.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-04-11 21:07:53 Last Seen2024-04-30 11:03:08 Times Seen342920 Hash f24128d0c9cba7be2916c693427a3483 1b6397d496ea896ebc2018b01b995cee4f166029 58173de4697da1a218f04c3a783a733bab4e769ceabc37cd42da9dc3e036a7e8 Loading...

	nguonchillb.com/themes/np/js/bootstrap.min.js	37 kB	2023-03-07	2024-04-26
Pretty URL nguonchillb.com/themes/np/js/bootstrap.min.js IP 94.242.50.163 ASN #43317 SIA VEESP Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:10:31 Last Seen2024-04-26 14:21:47 Times Seen2942 Hash e7d9a06cf9053c51cd4ad3386da0659a e45bf1054704a1fdfc4ee2713a16bf9283dea995 9a3724b2051a82064c923cbd68343dcb04014adac3ccb8c4d8ac6a31ba2e12cd Loading...

	unknown	31 B	2023-06-30	2024-04-20
Pretty Introduced by eventHandler Embedded in HTML false Observations First Seen2023-06-30 17:21:06 Last Seen2024-04-20 07:49:23 Times Seen40 Hash 99435bde41f63f11e10faa33493d957c 8d71886c3801548743aadd0e77022831e1865834 ff338bca90a388441fe03cb825c6350d33321f0bafa5847c8e38aca7375b77ed Loading...

	nguonchillb.com/thanh-vat-ca-sau-crocodile-dundee-f41307.html	2.0 kB	2024-03-06	2024-04-20
Pretty URL nguonchillb.com/thanh-vat-ca-sau-crocodile-dundee-f41307.html IP 94.242.50.163 ASN #43317 SIA VEESP Introduced by scriptElement Embedded in HTML true Observations First Seen2024-03-06 18:44:11 Last Seen2024-04-20 07:49:24 Times Seen19 Hash fcadb5c8efae5c6a31b8811c0c0190ad 5fe0964556d6d600cddead526fee612292b27b3e 2354a6d75cd0de1884b028ddb8b09706c63dc4a6be142f296d335ab1548acf8a Loading...

	connect.facebook.net/vi_VN/sdk.js#xfbml=1&version=v4.0&appId=638726026897009	17 kB	2023-05-05	2024-04-30
Pretty URL connect.facebook.net/vi_VN/sdk.js#xfbml=1&version=v4.0&appId=638726026897009 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-05-05 22:33:37 Last Seen2024-04-30 11:03:06 Times Seen44714 Hash b938e0b835c600209bdaae9d8ccda6d7 d5ee79d277057e05f002a18381722b5eb75d3883 d1b95aeb57c3285042e1e24c00cc56a8560d16daf7ee5cdfd5c75296b21ac91b Loading...

HTTP Transactions (85)

URL IP Response Size

nguonchilla.com/site/site/embed/?url=http://nguonchilla.com/thanh-vat-ca-sau-crocodile-dundee-f41307.html

94.242.50.163

0 B

URL
nguonchilla.com/site/site/embed/?url=http://nguonchilla.com/thanh-vat-ca-sau-crocodile-dundee-f41307.html
IP
94.242.50.163:0
ASN
#43317 SIA VEESP

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /site/site/embed/?url=http://nguonchilla.com/thanh-vat-ca-sau-crocodile-dundee-f41307.html HTTP/1.1
Host: nguonchilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 301 Moved Permanently
Date: Tue, 16 Apr 2024 13:23:05 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.0.33
X-Powered-By: PHP/7.0.33
Set-Cookie: PHPSESSID=evvva2ptv8gs2140cmitdp6dr3; path=/
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Location: http://nguonchilla.com/site/site/embed/?url=http://nguonchilla.com/thanh-vat-ca-sau-crocodile-dundee-f41307.html
X-UA-Compatible: IE=edge,chrome=1
Content-Length: 0
Connection: close
Content-Type: text/html; charset=UTF-8

nguonchilla.com/site/site/embed/?url=http://nguonchilla.com/thanh-vat-ca-sau-crocodile-dundee-f41307.html

94.242.50.163

0 B

URL
nguonchilla.com/site/site/embed/?url=http://nguonchilla.com/thanh-vat-ca-sau-crocodile-dundee-f41307.html
IP
94.242.50.163:0
ASN
#43317 SIA VEESP

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /site/site/embed/?url=http://nguonchilla.com/thanh-vat-ca-sau-crocodile-dundee-f41307.html HTTP/1.1
Host: nguonchilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Cookie: PHPSESSID=evvva2ptv8gs2140cmitdp6dr3
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 301 Moved Permanently
Date: Tue, 16 Apr 2024 13:23:06 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.0.33
X-Powered-By: PHP/7.0.33
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Location: http://nguonchillb.com/site/site/embed/?url=http://nguonchilla.com/thanh-vat-ca-sau-crocodile-dundee-f41307.html
X-UA-Compatible: IE=edge,chrome=1
Content-Length: 0
Connection: close
Content-Type: text/html; charset=UTF-8

nguonchillb.com/site/site/embed/?url=http://nguonchilla.com/thanh-vat-ca-sau-crocodile-dundee-f41307.html

94.242.50.163

729 B

URL
nguonchillb.com/site/site/embed/?url=http://nguonchilla.com/thanh-vat-ca-sau-crocodile-dundee-f41307.html
IP
94.242.50.163:0
ASN
#43317 SIA VEESP

File type
HTML document, Unicode text, UTF-8 text, with CRLF, LF line terminators
Size
729 B (729 bytes)
Hash
8aa5253a4a8c149616c2d11dfae3a8dd
6cefd8983d523963aa1f3bcc0527e17b0d93e0f2
548396db27485edecf0eb95e3d4fcde16cded3e3fe37486ad63d289b9570f8e2

HTTP Headers

GET /site/site/embed/?url=http://nguonchilla.com/thanh-vat-ca-sau-crocodile-dundee-f41307.html HTTP/1.1
Host: nguonchillb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Tue, 16 Apr 2024 13:23:06 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.0.33
X-Powered-By: PHP/7.0.33
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Set-Cookie: PHPSESSID=8dvl95rdhpai9cna7n314km336; path=/
us_session_id=P1821; expires=Wed, 17-Apr-2024 13:23:06 GMT; Max-Age=86400; path=/
Vary: Accept-Encoding
Content-Encoding: gzip
X-UA-Compatible: IE=edge,chrome=1
Content-Length: 729
Connection: close
Content-Type: text/html; charset=UTF-8

nguonchillb.com/assets/3bd14e95/jquery.min.js

94.242.50.163

200 OK

34 kB

URL GET HTTP/1.1
nguonchillb.com/assets/3bd14e95/jquery.min.js
IP
94.242.50.163:80
ASN
#43317 SIA VEESP

Requested by
http://nguonchillb.com/thanh-vat-ca-sau-crocodile-dundee-f41307.html

File type
JavaScript source, ASCII text, with very long lines (32077)
Size
34 kB (33693 bytes)
Hash
0fca26b5a37a66d68d0f4406976be4b5
ee000eb654b3bd37185665d3901e93b34ce1aa52
8c2812ded6436715279f8fd8db58de307aa39ab0296fe3cf0e879067c51e9b18

HTTP Headers

GET /assets/3bd14e95/jquery.min.js HTTP/1.1
Host: nguonchillb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://nguonchillb.com/site/site/embed/?url=http://nguonchilla.com/thanh-vat-ca-sau-crocodile-dundee-f41307.html
Cookie: PHPSESSID=8dvl95rdhpai9cna7n314km336; us_session_id=P1821
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Tue, 16 Apr 2024 13:23:06 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.0.33
Last-Modified: Wed, 30 Nov 2022 09:07:34 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: max-age=31536000, proxy-revalidate
Expires: Wed, 16 Apr 2025 13:23:06 GMT
Content-Length: 33693
Connection: close
Content-Type: application/javascript; charset=utf-8

m3.nguonphim.net/media/images/1/favi/favicon-1498701606.png

94.242.50.163

200 OK

18 kB

URL GET HTTP/1.1
m3.nguonphim.net/media/images/1/favi/favicon-1498701606.png
IP
94.242.50.163:80
ASN
#43317 SIA VEESP

Requested by
http://nguonchillb.com/thanh-vat-ca-sau-crocodile-dundee-f41307.html

File type
PNG image data, 46 x 48, 8-bit/color RGBA, non-interlaced
Size
18 kB (17873 bytes)
Hash
e6f4a93efe2d93e885abcbb4cc09cd4a
e4f94b9e95b40e30b215228316bb7f8c48d08ed2
93b7bbea433aa41f6efb860d3d9777d363f9e64fc1ad4186cd9ef525bbee9c94

HTTP Headers

GET /media/images/1/favi/favicon-1498701606.png HTTP/1.1
Host: m3.nguonphim.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://nguonchillb.com/
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Tue, 16 Apr 2024 13:23:06 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.0.33
Last-Modified: Wed, 05 Jul 2017 04:14:59 GMT
ETag: "45d1-5538a3e52eb40"
Accept-Ranges: bytes
Content-Length: 17873
Cache-Control: max-age=5184000, public
Expires: Sat, 15 Jun 2024 13:23:06 GMT
Access-Control-Allow-Origin: *
Connection: close
Content-Type: image/png

nguonchilla.com/thanh-vat-ca-sau-crocodile-dundee-f41307.html

94.242.50.163

301 Moved Permanently

0 B

URL User Request GET HTTP/1.1
nguonchilla.com/thanh-vat-ca-sau-crocodile-dundee-f41307.html
IP
94.242.50.163:443
ASN
#43317 SIA VEESP

Certificate
IssuerLet's Encrypt
Subjectnguonchilla.com
FingerprintB8:4E:76:1B:BB:3D:79:0D:6A:15:F1:A0:AA:9D:F8:8C:22:04:95:2F
ValidityFri, 15 Mar 2024 00:53:33 GMT - Thu, 13 Jun 2024 00:53:32 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /thanh-vat-ca-sau-crocodile-dundee-f41307.html HTTP/1.1
Host: nguonchilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://nguonchillb.com/
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Cookie: PHPSESSID=evvva2ptv8gs2140cmitdp6dr3
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 301 Moved Permanently
Date: Tue, 16 Apr 2024 13:23:07 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.0.33
X-Powered-By: PHP/7.0.33
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Location: http://nguonchilla.com/thanh-vat-ca-sau-crocodile-dundee-f41307.html
X-UA-Compatible: IE=edge,chrome=1
Content-Length: 0
Connection: close
Content-Type: text/html; charset=UTF-8

nguonchilla.com/thanh-vat-ca-sau-crocodile-dundee-f41307.html

94.242.50.163

301 Moved Permanently

0 B

URL User Request GET HTTP/1.1
nguonchilla.com/thanh-vat-ca-sau-crocodile-dundee-f41307.html
IP
94.242.50.163:443
ASN
#43317 SIA VEESP

Certificate
IssuerLet's Encrypt
Subjectnguonchilla.com
FingerprintB8:4E:76:1B:BB:3D:79:0D:6A:15:F1:A0:AA:9D:F8:8C:22:04:95:2F
ValidityFri, 15 Mar 2024 00:53:33 GMT - Thu, 13 Jun 2024 00:53:32 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /thanh-vat-ca-sau-crocodile-dundee-f41307.html HTTP/1.1
Host: nguonchilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://nguonchillb.com/
DNT: 1
Connection: keep-alive
Cookie: PHPSESSID=evvva2ptv8gs2140cmitdp6dr3
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 301 Moved Permanently
Date: Tue, 16 Apr 2024 13:23:07 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.0.33
X-Powered-By: PHP/7.0.33
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Location: http://nguonchillb.com/thanh-vat-ca-sau-crocodile-dundee-f41307.html
X-UA-Compatible: IE=edge,chrome=1
Content-Length: 0
Connection: close
Content-Type: text/html; charset=UTF-8

nguonchillb.com/thanh-vat-ca-sau-crocodile-dundee-f41307.html

94.242.50.163

200 OK

16 kB

URL User Request GET HTTP/1.1
nguonchillb.com/thanh-vat-ca-sau-crocodile-dundee-f41307.html
IP
94.242.50.163:80
ASN
#43317 SIA VEESP

File type
HTML document, Unicode text, UTF-8 text, with very long lines (616), with CRLF, LF line terminators
Size
16 kB (16176 bytes)
Hash
77c394485bc94e9e616a4a2d1d7a1ca8
1673734f03d5fdc12c99f36862f4b665ab302451
d94eeede7ffb72048886d2a0d1ad1c570a37924a71536c78154444946f7f2eb4

HTTP Headers

GET /thanh-vat-ca-sau-crocodile-dundee-f41307.html HTTP/1.1
Host: nguonchillb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://nguonchillb.com/
DNT: 1
Connection: keep-alive
Cookie: PHPSESSID=8dvl95rdhpai9cna7n314km336; us_session_id=P1821
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Tue, 16 Apr 2024 13:23:07 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.0.33
X-Powered-By: PHP/7.0.33
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: Accept-Encoding
Content-Encoding: gzip
X-UA-Compatible: IE=edge,chrome=1
Content-Length: 16176
Connection: close
Content-Type: text/html; charset=UTF-8

nguonchillb.com/themes/np/js/bootstrap.min.js

94.242.50.163

200 OK

9.7 kB

URL GET HTTP/1.1
nguonchillb.com/themes/np/js/bootstrap.min.js
IP
94.242.50.163:80
ASN
#43317 SIA VEESP

Requested by
http://nguonchillb.com/thanh-vat-ca-sau-crocodile-dundee-f41307.html

File type
JavaScript source, ASCII text, with very long lines (32034), with CRLF line terminators
Size
9.7 kB (9726 bytes)
Hash
e7d9a06cf9053c51cd4ad3386da0659a
e45bf1054704a1fdfc4ee2713a16bf9283dea995
9a3724b2051a82064c923cbd68343dcb04014adac3ccb8c4d8ac6a31ba2e12cd

HTTP Headers

GET /themes/np/js/bootstrap.min.js HTTP/1.1
Host: nguonchillb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://nguonchillb.com/thanh-vat-ca-sau-crocodile-dundee-f41307.html
Cookie: PHPSESSID=8dvl95rdhpai9cna7n314km336; us_session_id=P1821
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Tue, 16 Apr 2024 13:23:07 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.0.33
Last-Modified: Fri, 19 Jan 2018 09:15:02 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: max-age=31536000, proxy-revalidate
Expires: Wed, 16 Apr 2025 13:23:07 GMT
Content-Length: 9726
Connection: close
Content-Type: application/javascript; charset=utf-8

nguonchillb.com/assets/3bd14e95/jquery.min.js

94.242.50.163

200 OK

34 kB

URL GET HTTP/1.1
nguonchillb.com/assets/3bd14e95/jquery.min.js
IP
94.242.50.163:80
ASN
#43317 SIA VEESP

Requested by
http://nguonchillb.com/thanh-vat-ca-sau-crocodile-dundee-f41307.html

File type
JavaScript source, ASCII text, with very long lines (32077)
Size
34 kB (33693 bytes)
Hash
0fca26b5a37a66d68d0f4406976be4b5
ee000eb654b3bd37185665d3901e93b34ce1aa52
8c2812ded6436715279f8fd8db58de307aa39ab0296fe3cf0e879067c51e9b18

HTTP Headers

GET /assets/3bd14e95/jquery.min.js HTTP/1.1
Host: nguonchillb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://nguonchillb.com/thanh-vat-ca-sau-crocodile-dundee-f41307.html
Cookie: PHPSESSID=8dvl95rdhpai9cna7n314km336; us_session_id=P1821
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Tue, 16 Apr 2024 13:23:07 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.0.33
Last-Modified: Wed, 30 Nov 2022 09:07:34 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: max-age=31536000, proxy-revalidate
Expires: Wed, 16 Apr 2025 13:23:07 GMT
Content-Length: 33693
Connection: close
Content-Type: application/javascript; charset=utf-8

nguonchillb.com/themes/np/js/wow.min.js

94.242.50.163

200 OK

2.7 kB

URL GET HTTP/1.1
nguonchillb.com/themes/np/js/wow.min.js
IP
94.242.50.163:80
ASN
#43317 SIA VEESP

Requested by
http://nguonchillb.com/thanh-vat-ca-sau-crocodile-dundee-f41307.html

File type
JavaScript source, ASCII text, with very long lines (8385), with CRLF line terminators
Size
2.7 kB (2742 bytes)
Hash
e1f1ff6897992a9165e8ce009b4039e3
e297207404fea99863aea60a1dcd3770f8ecddee
37461d9b50fd93b2e6d064c4aa48cbc16d5b1e82c27f47270b87a39225cc00ac

HTTP Headers

GET /themes/np/js/wow.min.js HTTP/1.1
Host: nguonchillb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://nguonchillb.com/thanh-vat-ca-sau-crocodile-dundee-f41307.html
Cookie: PHPSESSID=8dvl95rdhpai9cna7n314km336; us_session_id=P1821
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Tue, 16 Apr 2024 13:23:07 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.0.33
Last-Modified: Fri, 19 Jan 2018 09:15:03 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: max-age=31536000, proxy-revalidate
Expires: Wed, 16 Apr 2025 13:23:07 GMT
Content-Length: 2742
Connection: close
Content-Type: application/javascript; charset=utf-8

nguonchillb.com/themes/np/js/jquery.nice-select.js

94.242.50.163

200 OK

1.5 kB

URL GET HTTP/1.1
nguonchillb.com/themes/np/js/jquery.nice-select.js
IP
94.242.50.163:80
ASN
#43317 SIA VEESP

Requested by
http://nguonchillb.com/thanh-vat-ca-sau-crocodile-dundee-f41307.html

File type
JavaScript source, Unicode text, UTF-8 text, with CRLF line terminators
Size
1.5 kB (1538 bytes)
Hash
723e741faba72abfb0e56b6e0f8a73d8
ba71788614e8e11dbeeebdcac9037b57e7a69ce4
39f6514264e1603542b6aa38ba44c3be0aa7bbdef56ed139d74fe75e24e642fa

HTTP Headers

GET /themes/np/js/jquery.nice-select.js HTTP/1.1
Host: nguonchillb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://nguonchillb.com/thanh-vat-ca-sau-crocodile-dundee-f41307.html
Cookie: PHPSESSID=8dvl95rdhpai9cna7n314km336; us_session_id=P1821
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Tue, 16 Apr 2024 13:23:07 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.0.33
Last-Modified: Fri, 19 Jan 2018 09:15:03 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: max-age=31536000, proxy-revalidate
Expires: Wed, 16 Apr 2025 13:23:07 GMT
Content-Length: 1538
Connection: close
Content-Type: application/javascript; charset=utf-8

nguonchillb.com/themes/np/js/owl.carousel.min.js

94.242.50.163

200 OK

6.5 kB

URL GET HTTP/1.1
nguonchillb.com/themes/np/js/owl.carousel.min.js
IP
94.242.50.163:80
ASN
#43317 SIA VEESP

Requested by
http://nguonchillb.com/thanh-vat-ca-sau-crocodile-dundee-f41307.html

File type
JavaScript source, ASCII text, with very long lines (635), with CRLF line terminators
Size
6.5 kB (6464 bytes)
Hash
8c52f27fcac36c7667f8fb846e1e94d5
e5862559db659ffd530c91452d668c5e7b3f0f2d
6c1e31700f68d1666de6b0992e89d413434707718bf729a472404029845bdbad

HTTP Headers

GET /themes/np/js/owl.carousel.min.js HTTP/1.1
Host: nguonchillb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://nguonchillb.com/thanh-vat-ca-sau-crocodile-dundee-f41307.html
Cookie: PHPSESSID=8dvl95rdhpai9cna7n314km336; us_session_id=P1821
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Tue, 16 Apr 2024 13:23:07 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.0.33
Last-Modified: Fri, 19 Jan 2018 09:15:03 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: max-age=31536000, proxy-revalidate
Expires: Wed, 16 Apr 2025 13:23:07 GMT
Content-Length: 6464
Connection: close
Content-Type: application/javascript; charset=utf-8

nguonchillb.com/themes/np/css/color.css?v=np2.4.8.2

94.242.50.163

200 OK

80 kB

URL GET HTTP/1.1
nguonchillb.com/themes/np/css/color.css?v=np2.4.8.2
IP
94.242.50.163:80
ASN
#43317 SIA VEESP

Requested by
http://nguonchillb.com/thanh-vat-ca-sau-crocodile-dundee-f41307.html

File type
Unicode text, UTF-8 (with BOM) text, with very long lines (65533), with no line terminators
Size
80 kB (80132 bytes)
Hash
9ccfae82c1f9be3cf7c148a39228f53c
9abd7857d28f34c5007b11ee53d2818482775163
d962cf8c297e2b013c20dadac3f99d1af50957de8e1d1de8b4ea960fbd6fd7b6

HTTP Headers

GET /themes/np/css/color.css?v=np2.4.8.2 HTTP/1.1
Host: nguonchillb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://nguonchillb.com/thanh-vat-ca-sau-crocodile-dundee-f41307.html
Cookie: PHPSESSID=8dvl95rdhpai9cna7n314km336; us_session_id=P1821
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Tue, 16 Apr 2024 13:23:07 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.0.33
Last-Modified: Wed, 30 Nov 2022 08:58:35 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: max-age=31536000, proxy-revalidate
Expires: Wed, 16 Apr 2025 13:23:07 GMT
Connection: close
Transfer-Encoding: chunked
Content-Type: text/css; charset=utf-8

nguonchillb.com/themes/np/js/jquery.magnific-popup.min.js

94.242.50.163

200 OK

7.3 kB

URL GET HTTP/1.1
nguonchillb.com/themes/np/js/jquery.magnific-popup.min.js
IP
94.242.50.163:80
ASN
#43317 SIA VEESP

Requested by
http://nguonchillb.com/thanh-vat-ca-sau-crocodile-dundee-f41307.html

File type
JavaScript source, ASCII text, with very long lines (20087), with CRLF line terminators
Size
7.3 kB (7346 bytes)
Hash
b37d7edf99565d3858eaa1ad80df3cff
786a4343711e9af5e5dfcc493e7d2331b48875bb
b0a45cd5aed66e27bd8ee861d0e3b782c8e79849bde32f90f078b9f2451a36f2

HTTP Headers

GET /themes/np/js/jquery.magnific-popup.min.js HTTP/1.1
Host: nguonchillb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://nguonchillb.com/thanh-vat-ca-sau-crocodile-dundee-f41307.html
Cookie: PHPSESSID=8dvl95rdhpai9cna7n314km336; us_session_id=P1821
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Tue, 16 Apr 2024 13:23:07 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.0.33
Last-Modified: Fri, 19 Jan 2018 09:15:03 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: max-age=31536000, proxy-revalidate
Expires: Wed, 16 Apr 2025 13:23:07 GMT
Content-Length: 7346
Connection: close
Content-Type: application/javascript; charset=utf-8

nguonchillb.com/themes/np/js/jquery.showmore.src.js

94.242.50.163

200 OK

434 B

URL GET HTTP/1.1
nguonchillb.com/themes/np/js/jquery.showmore.src.js
IP
94.242.50.163:80
ASN
#43317 SIA VEESP

Requested by
http://nguonchillb.com/thanh-vat-ca-sau-crocodile-dundee-f41307.html

File type
JavaScript source, ASCII text, with very long lines (432)
Size
434 B (434 bytes)
Hash
f67d16dc855157012280d1b8d2d0ac55
4eaa66120111bb8cb4c21884c647bf609ef3a7a5
89a7b91f92a0583bcfabc3dc0347bfb78822ebe75d229fb766ae2fdc6e7e0d28

HTTP Headers

GET /themes/np/js/jquery.showmore.src.js HTTP/1.1
Host: nguonchillb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://nguonchillb.com/thanh-vat-ca-sau-crocodile-dundee-f41307.html
Cookie: PHPSESSID=8dvl95rdhpai9cna7n314km336; us_session_id=P1821
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Tue, 16 Apr 2024 13:23:07 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.0.33
Last-Modified: Fri, 19 Jan 2018 09:15:03 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: max-age=31536000, proxy-revalidate
Expires: Wed, 16 Apr 2025 13:23:07 GMT
Content-Length: 434
Connection: close
Content-Type: application/javascript; charset=utf-8

nguonchillb.com/js/main.min.js?v=2.4.8.2

94.242.50.163

200 OK

5.6 kB

URL GET HTTP/1.1
nguonchillb.com/js/main.min.js?v=2.4.8.2
IP
94.242.50.163:80
ASN
#43317 SIA VEESP

Requested by
http://nguonchillb.com/thanh-vat-ca-sau-crocodile-dundee-f41307.html

File type
JavaScript source, Unicode text, UTF-8 text, with very long lines (17159)
Size
5.6 kB (5620 bytes)
Hash
2f3514d630f0195787c0f99778202f3c
2ce2883a59c655b8e02d644a1449fcdfdf604486
23b47b8eb144a359fdd87940db44e0420e7e0062f3cbba762e0e22c35afb3749

HTTP Headers

GET /js/main.min.js?v=2.4.8.2 HTTP/1.1
Host: nguonchillb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://nguonchillb.com/thanh-vat-ca-sau-crocodile-dundee-f41307.html
Cookie: PHPSESSID=8dvl95rdhpai9cna7n314km336; us_session_id=P1821
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Tue, 16 Apr 2024 13:23:07 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.0.33
Last-Modified: Sat, 02 May 2020 19:55:57 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: max-age=31536000, proxy-revalidate
Expires: Wed, 16 Apr 2025 13:23:07 GMT
Content-Length: 5620
Connection: close
Content-Type: application/javascript; charset=utf-8

m3.nguonphim.net/media/images/4/logo.png

94.242.50.163

200 OK

16 kB

URL GET HTTP/1.1
m3.nguonphim.net/media/images/4/logo.png
IP
94.242.50.163:80
ASN
#43317 SIA VEESP

Requested by
http://nguonchillb.com/thanh-vat-ca-sau-crocodile-dundee-f41307.html

File type
PNG image data, 280 x 94, 8-bit/color RGBA, non-interlaced
Size
16 kB (15696 bytes)
Hash
6e12d870d9aebf2230f92a6fb0abf91e
f84aa519902c97d5581e123a977a964b107b5b39
de47df21115fcf985a37917e6681dc8648566a7807769e414f52a59f3033ee5a

HTTP Headers

GET /media/images/4/logo.png HTTP/1.1
Host: m3.nguonphim.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://nguonchillb.com/
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Tue, 16 Apr 2024 13:23:07 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.0.33
Last-Modified: Thu, 04 May 2023 04:11:49 GMT
ETag: "3d50-5fad65f19af8d"
Accept-Ranges: bytes
Content-Length: 15696
Cache-Control: max-age=5184000, public
Expires: Sat, 15 Jun 2024 13:23:07 GMT
Access-Control-Allow-Origin: *
Connection: close
Content-Type: image/png

www.googletagmanager.com/gtag/js?id=UA-228470674-1

142.250.74.168

200 OK

74 kB

URL GET HTTP/2
www.googletagmanager.com/gtag/js?id=UA-228470674-1
IP
142.250.74.168:443
ASN
#15169 GOOGLE

Requested by
http://nguonchillb.com/thanh-vat-ca-sau-crocodile-dundee-f41307.html
Certificate
IssuerGoogle Trust Services LLC
Subject*.google-analytics.com
FingerprintBF:40:8C:8B:CB:69:1E:3F:E2:3B:B7:8A:8E:C0:D6:98:5F:81:FA:2D
ValidityMon, 04 Mar 2024 06:35:45 GMT - Mon, 27 May 2024 06:35:44 GMT

File type
JavaScript source, ASCII text, with very long lines (4179)
Size
74 kB (73721 bytes)
Hash
2398f8728ffdea633f6912763076b359
c977dd5762546c5c393b5f5f46c5b400fe4d85e0
2a59ebd31ee6aab82dd787ed7c7d38b7c4e9831cf3ebd89dabea039998ace96f

HTTP Headers

GET /gtag/js?id=UA-228470674-1 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://nguonchillb.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Tue, 16 Apr 2024 13:23:07 GMT
expires: Tue, 16 Apr 2024 13:23:07 GMT
cache-control: private, max-age=900
last-modified: Tue, 16 Apr 2024 12:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 73721
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

m3.nguonhay.com/media/images/film/ff/s350_700/van-gioi-doc-ton-1618772358.jpg

94.242.50.163

200 OK

41 kB

URL GET HTTP/1.1
m3.nguonhay.com/media/images/film/ff/s350_700/van-gioi-doc-ton-1618772358.jpg
IP
94.242.50.163:80
ASN
#43317 SIA VEESP

Requested by
http://nguonchillb.com/thanh-vat-ca-sau-crocodile-dundee-f41307.html

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, progressive, precision 8, 238x344, components 3
Size
41 kB (41269 bytes)
Hash
8091041d69926e839902891831a9de78
e52932c8c944335a27363acefac27bf5be99780c
7348a57c603b9ab830af894eb6dcc70e545aa78850aa73fc9c8559f78358d5da

HTTP Headers

GET /media/images/film/ff/s350_700/van-gioi-doc-ton-1618772358.jpg HTTP/1.1
Host: m3.nguonhay.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://nguonchillb.com/
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Tue, 16 Apr 2024 13:23:07 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.0.33
Last-Modified: Sun, 18 Apr 2021 18:59:23 GMT
ETag: "a135-5c043cfb0f712"
Accept-Ranges: bytes
Content-Length: 41269
Cache-Control: max-age=5184000, public
Expires: Sat, 15 Jun 2024 13:23:07 GMT
Access-Control-Allow-Origin: *
Connection: close
Content-Type: image/jpeg

m3.nguonhay.com/media/images/film/xpm/s350_700/cuoc-san-ca-sau-1607079200.jpg

94.242.50.163

200 OK

41 kB

URL GET HTTP/1.1
m3.nguonhay.com/media/images/film/xpm/s350_700/cuoc-san-ca-sau-1607079200.jpg
IP
94.242.50.163:80
ASN
#43317 SIA VEESP

Requested by
http://nguonchillb.com/thanh-vat-ca-sau-crocodile-dundee-f41307.html

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 265x320, components 3
Size
41 kB (41363 bytes)
Hash
d78b364dde2fb8f32c1d833b1bf1c01a
33587b579b785819c8cb5af28bc5c84aed133e0f
276d4959a1555fb83b8bed881f4687ccd8e4ac5cb15bf131c407b887092584a4

HTTP Headers

GET /media/images/film/xpm/s350_700/cuoc-san-ca-sau-1607079200.jpg HTTP/1.1
Host: m3.nguonhay.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://nguonchillb.com/
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Tue, 16 Apr 2024 13:23:07 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.0.33
Last-Modified: Thu, 17 Feb 2022 13:42:22 GMT
ETag: "a193-5d836ef92bcca"
Accept-Ranges: bytes
Content-Length: 41363
Cache-Control: max-age=5184000, public
Expires: Sat, 15 Jun 2024 13:23:07 GMT
Access-Control-Allow-Origin: *
Connection: close
Content-Type: image/jpeg

nguontv.com/media/vn02.jpg

94.242.50.163

200 OK

52 kB

URL GET HTTP/1.1
nguontv.com/media/vn02.jpg
IP
94.242.50.163:80
ASN
#43317 SIA VEESP

Requested by
http://nguonchillb.com/thanh-vat-ca-sau-crocodile-dundee-f41307.html

File type
JPEG image data, progressive, precision 8, 400x300, components 3
Size
52 kB (51852 bytes)
Hash
dfa57a5b5804336f78b1fc7ab5d0346d
832189153c9a5f23293da826eed7867e7e3836f4
b1c09b4d08344c3d7c5367f0c821bda7195ddd7a8c169febb04f9960142c5517

HTTP Headers

GET /media/vn02.jpg HTTP/1.1
Host: nguontv.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://nguonchillb.com/
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Tue, 16 Apr 2024 13:23:07 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.0.33
Last-Modified: Tue, 02 Jan 2024 07:37:13 GMT
Accept-Ranges: bytes
Content-Length: 51852
Cache-Control: max-age=2592000
Expires: Thu, 16 May 2024 13:23:07 GMT
Connection: close
Content-Type: image/jpeg

nguonchillb.com/images/headshot-placeholder.png

94.242.50.163

200 OK

3.4 kB

URL GET HTTP/1.1
nguonchillb.com/images/headshot-placeholder.png
IP
94.242.50.163:80
ASN
#43317 SIA VEESP

Requested by
http://nguonchillb.com/thanh-vat-ca-sau-crocodile-dundee-f41307.html

File type
PNG image data, 252 x 345, 8-bit/color RGB, non-interlaced
Size
3.4 kB (3412 bytes)
Hash
25fa9ab09a307f1332ebaf0e5b59e033
060f94c03f4f1d34cc99de9f86f335a5a2abaaed
e721eaf6440c791758ba62c1dc1e5dc2be909264b658afd34b6cc3ca3de9287d

HTTP Headers

GET /images/headshot-placeholder.png HTTP/1.1
Host: nguonchillb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://nguonchillb.com/thanh-vat-ca-sau-crocodile-dundee-f41307.html
Cookie: PHPSESSID=8dvl95rdhpai9cna7n314km336; us_session_id=P1821
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Tue, 16 Apr 2024 13:23:07 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.0.33
Last-Modified: Thu, 04 Jan 2018 07:48:49 GMT
Accept-Ranges: bytes
Content-Length: 3412
Cache-Control: max-age=2592000, public
Expires: Thu, 16 May 2024 13:23:07 GMT
Connection: close
Content-Type: image/png

m3.nguonhay.com/media/images/film/newcover/2021/6/s350_700/vua-hai-tac-1624252456.jpg

94.242.50.163

200 OK

102 kB

URL GET HTTP/1.1
m3.nguonhay.com/media/images/film/newcover/2021/6/s350_700/vua-hai-tac-1624252456.jpg
IP
94.242.50.163:80
ASN
#43317 SIA VEESP

Requested by
http://nguonchillb.com/thanh-vat-ca-sau-crocodile-dundee-f41307.html

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 350x525, components 3
Size
102 kB (102471 bytes)
Hash
f3b3235be303bcdd8806ee587f879d0a
c5cfc2f2b686184a9bb5d8495268fb62e685d17c
f365d987c622865d1bac410f3814dabce383d1dd2d961f00aafaf256b251c42e

HTTP Headers

GET /media/images/film/newcover/2021/6/s350_700/vua-hai-tac-1624252456.jpg HTTP/1.1
Host: m3.nguonhay.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://nguonchillb.com/
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Tue, 16 Apr 2024 13:23:07 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.0.33
Last-Modified: Mon, 21 Jun 2021 05:14:17 GMT
ETag: "19047-5c53fbebf16b6"
Accept-Ranges: bytes
Content-Length: 102471
Cache-Control: max-age=5184000, public
Expires: Sat, 15 Jun 2024 13:23:07 GMT
Access-Control-Allow-Origin: *
Connection: close
Content-Type: image/jpeg

m3.nguonhay.com/media/images/film/pol/s350_700/dao-ca-sau-1587366949.jpg

94.242.50.163

200 OK

74 kB

URL GET HTTP/1.1
m3.nguonhay.com/media/images/film/pol/s350_700/dao-ca-sau-1587366949.jpg
IP
94.242.50.163:80
ASN
#43317 SIA VEESP

Requested by
http://nguonchillb.com/thanh-vat-ca-sau-crocodile-dundee-f41307.html

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, progressive, precision 8, 300x426, components 3
Size
74 kB (74274 bytes)
Hash
559a32977c03d41aec587dd09fe6d843
33d2dcb4868d167c26eb190dd45d2e5ff26a11fd
d1901599fe05e8635911c65814de478dd4e810761e28ddef0296eb5fbe025a2c

HTTP Headers

GET /media/images/film/pol/s350_700/dao-ca-sau-1587366949.jpg HTTP/1.1
Host: m3.nguonhay.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://nguonchillb.com/
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Tue, 16 Apr 2024 13:23:07 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.0.33
Last-Modified: Thu, 11 Jun 2020 15:13:24 GMT
ETag: "12222-5a7d066e69614"
Accept-Ranges: bytes
Content-Length: 74274
Cache-Control: max-age=5184000, public
Expires: Sat, 15 Jun 2024 13:23:07 GMT
Access-Control-Allow-Origin: *
Connection: close
Content-Type: image/jpeg

m3.nguonhay.com/media/images/film/phimbathu/s350_700/ca-sau-201608780-1496780031.jpg

94.242.50.163

200 OK

65 kB

URL GET HTTP/1.1
m3.nguonhay.com/media/images/film/phimbathu/s350_700/ca-sau-201608780-1496780031.jpg
IP
94.242.50.163:80
ASN
#43317 SIA VEESP

Requested by
http://nguonchillb.com/thanh-vat-ca-sau-crocodile-dundee-f41307.html

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, progressive, precision 8, 350x489, components 3
Size
65 kB (65297 bytes)
Hash
5146228e85e112d77c43b0601b18538a
14a95c2fa61cb6845a74197b7e506afc5f4fc026
d4161e07417adfe8004c108b55248bc04d84418b3bbb56ff6397dc889dfa09af

HTTP Headers

GET /media/images/film/phimbathu/s350_700/ca-sau-201608780-1496780031.jpg HTTP/1.1
Host: m3.nguonhay.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://nguonchillb.com/
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Tue, 16 Apr 2024 13:23:07 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.0.33
Last-Modified: Fri, 18 Feb 2022 16:10:38 GMT
ETag: "ff11-5d84d1f9da0a6"
Accept-Ranges: bytes
Content-Length: 65297
Cache-Control: max-age=5184000, public
Expires: Sat, 15 Jun 2024 13:23:07 GMT
Access-Control-Allow-Origin: *
Connection: close
Content-Type: image/jpeg

m3.nguonhay.com/media/images/film/newcover/2022/12/s350_700/ca-sau-khong-lo-2-mega-crocodile-2-1670431872.jpg

94.242.50.163

200 OK

104 kB

URL GET HTTP/1.1
m3.nguonhay.com/media/images/film/newcover/2022/12/s350_700/ca-sau-khong-lo-2-mega-crocodile-2-1670431872.jpg
IP
94.242.50.163:80
ASN
#43317 SIA VEESP

Requested by
http://nguonchillb.com/thanh-vat-ca-sau-crocodile-dundee-f41307.html

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, progressive, precision 8, 350x525, components 3
Size
104 kB (104029 bytes)
Hash
2d7a6d8f1bd6780cb7fe5b1184bab377
da3e6e6b8fef84201ef21776e39ae21e54179c89
98a1b51e1ae639b650bfd4c824768c123d01d4f9e6841f30912faeef54699195

HTTP Headers

GET /media/images/film/newcover/2022/12/s350_700/ca-sau-khong-lo-2-mega-crocodile-2-1670431872.jpg HTTP/1.1
Host: m3.nguonhay.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://nguonchillb.com/
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Tue, 16 Apr 2024 13:23:07 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.0.33
Last-Modified: Wed, 07 Dec 2022 16:51:14 GMT
ETag: "1965d-5ef3fba78caf0"
Accept-Ranges: bytes
Content-Length: 104029
Cache-Control: max-age=5184000, public
Expires: Sat, 15 Jun 2024 13:23:07 GMT
Access-Control-Allow-Origin: *
Connection: close
Content-Type: image/jpeg

m3.nguonhay.com/media/images/qrcode/41307.png

94.242.50.163

200 OK

585 B

URL GET HTTP/1.1
m3.nguonhay.com/media/images/qrcode/41307.png
IP
94.242.50.163:80
ASN
#43317 SIA VEESP

Requested by
http://nguonchillb.com/thanh-vat-ca-sau-crocodile-dundee-f41307.html

File type
PNG image data, 390 x 390, 1-bit colormap, non-interlaced
Size
585 B (585 bytes)
Hash
6f2512dfc6cee47ff29f81ed6081333a
b9bf491261e26a0704749f92579fd724d8d3bf97
e629408e0829a875afbba16710c1ee23cd739276fee7cd060c688252a3961d53

HTTP Headers

GET /media/images/qrcode/41307.png HTTP/1.1
Host: m3.nguonhay.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://nguonchillb.com/
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Tue, 16 Apr 2024 13:23:08 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.0.33
Last-Modified: Mon, 29 Mar 2021 01:19:02 GMT
ETag: "249-5bea2aac5aff2"
Accept-Ranges: bytes
Content-Length: 585
Cache-Control: max-age=5184000, public
Expires: Sat, 15 Jun 2024 13:23:08 GMT
Access-Control-Allow-Origin: *
Connection: close
Content-Type: image/png

m3.nguonhay.com/media/images/film/vp/s350_700/thanh-vat-ca-sau-2-1589918201.jpg

94.242.50.163

200 OK

52 kB

URL GET HTTP/1.1
m3.nguonhay.com/media/images/film/vp/s350_700/thanh-vat-ca-sau-2-1589918201.jpg
IP
94.242.50.163:80
ASN
#43317 SIA VEESP

Requested by
http://nguonchillb.com/thanh-vat-ca-sau-crocodile-dundee-f41307.html

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, progressive, precision 8, 320x474, components 3
Size
52 kB (51598 bytes)
Hash
84aee2b1c098c3a351e057721b441277
16cd47134860c6fc0e6243d0ea782017f17c20aa
5380a70c89fa4ccb7e937f1e3097d3574859108fbc4bbb441bb7edb2975e9a38

HTTP Headers

GET /media/images/film/vp/s350_700/thanh-vat-ca-sau-2-1589918201.jpg HTTP/1.1
Host: m3.nguonhay.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://nguonchillb.com/
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Tue, 16 Apr 2024 13:23:08 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.0.33
Last-Modified: Thu, 11 Jun 2020 15:05:52 GMT
ETag: "c98e-5a7d04be9af65"
Accept-Ranges: bytes
Content-Length: 51598
Cache-Control: max-age=5184000, public
Expires: Sat, 15 Jun 2024 13:23:08 GMT
Access-Control-Allow-Origin: *
Connection: close
Content-Type: image/jpeg

m3.nguonhay.com/media/images/film/oph/s350_700/lyle-chu-ca-sau-biet-hat-1668002484.jpg

94.242.50.163

200 OK

61 kB

URL GET HTTP/1.1
m3.nguonhay.com/media/images/film/oph/s350_700/lyle-chu-ca-sau-biet-hat-1668002484.jpg
IP
94.242.50.163:80
ASN
#43317 SIA VEESP

Requested by
http://nguonchillb.com/thanh-vat-ca-sau-crocodile-dundee-f41307.html

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 350x525, components 3
Size
61 kB (61394 bytes)
Hash
4b2ab1668e01371268e884069d21c7d1
568dfb4bb9040c94474ec364ad4bd1d618a905a2
049a4642c4913a52be84bc14c188d0fedc18d4434154494fb5ffd2bbc1b4281c

HTTP Headers

GET /media/images/film/oph/s350_700/lyle-chu-ca-sau-biet-hat-1668002484.jpg HTTP/1.1
Host: m3.nguonhay.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://nguonchillb.com/
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Tue, 16 Apr 2024 13:23:08 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.0.33
Last-Modified: Wed, 09 Nov 2022 15:20:55 GMT
ETag: "efd2-5ed0b33ef7a6d"
Accept-Ranges: bytes
Content-Length: 61394
Cache-Control: max-age=5184000, public
Expires: Sat, 15 Jun 2024 13:23:08 GMT
Access-Control-Allow-Origin: *
Connection: close
Content-Type: image/jpeg

m3.nguonhay.com/media/images/film/blp/s350_700/lyle-chu-ca-sau-biet-hat-1669115045.jpg

94.242.50.163

200 OK

98 kB

URL GET HTTP/1.1
m3.nguonhay.com/media/images/film/blp/s350_700/lyle-chu-ca-sau-biet-hat-1669115045.jpg
IP
94.242.50.163:80
ASN
#43317 SIA VEESP

Requested by
http://nguonchillb.com/thanh-vat-ca-sau-crocodile-dundee-f41307.html

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 350x490, components 3
Size
98 kB (98190 bytes)
Hash
162fa9c29735bb7232fcdb5911355c5b
cd2ac80968c42958d1ec7cd971636e2e5e4227ee
d5a156efb80764c0ee9f9c983a27523d6ed247e37fc5a60cb42afecad991a5b5

HTTP Headers

GET /media/images/film/blp/s350_700/lyle-chu-ca-sau-biet-hat-1669115045.jpg HTTP/1.1
Host: m3.nguonhay.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://nguonchillb.com/
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Tue, 16 Apr 2024 13:23:08 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.0.33
Last-Modified: Tue, 22 Nov 2022 11:04:19 GMT
ETag: "17f8e-5ee0d223ab9f4"
Accept-Ranges: bytes
Content-Length: 98190
Cache-Control: max-age=5184000, public
Expires: Sat, 15 Jun 2024 13:23:08 GMT
Access-Control-Allow-Origin: *
Connection: close
Content-Type: image/jpeg

m3.nguonhay.com/media/images/film/bio/s350_700/chim-boi-ca-1665899828.jpg

94.242.50.163

200 OK

87 kB

URL GET HTTP/1.1
m3.nguonhay.com/media/images/film/bio/s350_700/chim-boi-ca-1665899828.jpg
IP
94.242.50.163:80
ASN
#43317 SIA VEESP

Requested by
http://nguonchillb.com/thanh-vat-ca-sau-crocodile-dundee-f41307.html

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, progressive, precision 8, 350x438, components 3
Size
87 kB (86614 bytes)
Hash
cdb099f8426bd971ac65260f52a7c035
549e05f3215272e4a12832eaf94504d694383bec
e46c8ded7ae8965e2881e946441d5a65cfb6937e9f97d1351c70658c5818ba88

HTTP Headers

GET /media/images/film/bio/s350_700/chim-boi-ca-1665899828.jpg HTTP/1.1
Host: m3.nguonhay.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://nguonchillb.com/
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Tue, 16 Apr 2024 13:23:08 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.0.33
Last-Modified: Mon, 24 Oct 2022 16:27:41 GMT
ETag: "15256-5ebca453fbe31"
Accept-Ranges: bytes
Content-Length: 86614
Cache-Control: max-age=5184000, public
Expires: Sat, 15 Jun 2024 13:23:08 GMT
Access-Control-Allow-Origin: *
Connection: close
Content-Type: image/jpeg

m3.nguonhay.com/media/images/film/oph/s350_700/dau-la-dai-luc-2-tuyet-the-duong-mon-1687591991.jpg

94.242.50.163

200 OK

114 kB

URL GET HTTP/1.1
m3.nguonhay.com/media/images/film/oph/s350_700/dau-la-dai-luc-2-tuyet-the-duong-mon-1687591991.jpg
IP
94.242.50.163:80
ASN
#43317 SIA VEESP

Requested by
http://nguonchillb.com/thanh-vat-ca-sau-crocodile-dundee-f41307.html

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 350x491, components 3
Size
114 kB (113813 bytes)
Hash
328444b1578b88e44b0be954a812b457
f2fc2f4e0092cd260b42728b2a9a68d3232d2e25
379649087bbdf853045ccb1e73fdb9012ad0274a2a080601fcb9285e47a48372

HTTP Headers

GET /media/images/film/oph/s350_700/dau-la-dai-luc-2-tuyet-the-duong-mon-1687591991.jpg HTTP/1.1
Host: m3.nguonhay.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://nguonchillb.com/
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Tue, 16 Apr 2024 13:23:08 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.0.33
Last-Modified: Sun, 25 Jun 2023 08:17:21 GMT
ETag: "1bc95-5feefdcf55eed"
Accept-Ranges: bytes
Content-Length: 113813
Cache-Control: max-age=5184000, public
Expires: Sat, 15 Jun 2024 13:23:08 GMT
Access-Control-Allow-Origin: *
Connection: close
Content-Type: image/jpeg

m3.nguonhay.com/media/images/film/vp/s350_700/thanh-vat-ca-sau-1589918401.jpg

94.242.50.163

200 OK

54 kB

URL GET HTTP/1.1
m3.nguonhay.com/media/images/film/vp/s350_700/thanh-vat-ca-sau-1589918401.jpg
IP
94.242.50.163:80
ASN
#43317 SIA VEESP

Requested by
http://nguonchillb.com/thanh-vat-ca-sau-crocodile-dundee-f41307.html

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, progressive, precision 8, 320x485, components 3
Size
54 kB (54225 bytes)
Hash
a15ef35c7f200d364add75da15be3bf5
f0370a652f39357f4ba94577ff5b08cfd9a1be40
52cdc7530a47254464b3daf5ed4bd4bdbf267eae946781f43fd404b391a73628

HTTP Headers

GET /media/images/film/vp/s350_700/thanh-vat-ca-sau-1589918401.jpg HTTP/1.1
Host: m3.nguonhay.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://nguonchillb.com/
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Tue, 16 Apr 2024 13:23:08 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.0.33
Last-Modified: Thu, 11 Jun 2020 13:20:23 GMT
ETag: "d3d1-5a7ced2aacd7e"
Accept-Ranges: bytes
Content-Length: 54225
Cache-Control: max-age=5184000, public
Expires: Sat, 15 Jun 2024 13:23:08 GMT
Access-Control-Allow-Origin: *
Connection: close
Content-Type: image/jpeg

nguonchillb.com/themes/np/images/icon-search-menu.png

94.242.50.163

200 OK

1.2 kB

URL GET HTTP/1.1
nguonchillb.com/themes/np/images/icon-search-menu.png
IP
94.242.50.163:80
ASN
#43317 SIA VEESP

Requested by
http://nguonchillb.com/thanh-vat-ca-sau-crocodile-dundee-f41307.html

File type
PNG image data, 19 x 19, 8-bit/color RGBA, non-interlaced
Size
1.2 kB (1229 bytes)
Hash
e573652e7d75f6471431e9fd48ca706c
ef9de78ae35eb6d6f3e04744612c7bed87c3a5ee
49cd4ed8ef5f3b960bdb9a9024f1b4a83b96e39425a339fd1afc2486709c432b

HTTP Headers

GET /themes/np/images/icon-search-menu.png HTTP/1.1
Host: nguonchillb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://nguonchillb.com/themes/np/css/color.css?v=np2.4.8.2
Cookie: PHPSESSID=8dvl95rdhpai9cna7n314km336; us_session_id=P1821
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Tue, 16 Apr 2024 13:23:08 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.0.33
Last-Modified: Fri, 19 Jan 2018 09:15:00 GMT
Accept-Ranges: bytes
Content-Length: 1229
Cache-Control: max-age=2592000, public
Expires: Thu, 16 May 2024 13:23:08 GMT
Connection: close
Content-Type: image/png

nguonchillb.com/themes/np/fonts/fontawesome-webfont.woff2?v=4.7.0

94.242.50.163

200 OK

77 kB

URL GET HTTP/1.1
nguonchillb.com/themes/np/fonts/fontawesome-webfont.woff2?v=4.7.0
IP
94.242.50.163:80
ASN
#43317 SIA VEESP

Requested by
http://nguonchillb.com/thanh-vat-ca-sau-crocodile-dundee-f41307.html

File type
Web Open Font Format (Version 2), TrueType, length 77160, version 4.459
Size
77 kB (77160 bytes)
Hash
af7ae505a9eed503f8b8e6982036873e
d6f48cba7d076fb6f2fd6ba993a75b9dc1ecbf0c
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

HTTP Headers

GET /themes/np/fonts/fontawesome-webfont.woff2?v=4.7.0 HTTP/1.1
Host: nguonchillb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: http://nguonchillb.com/themes/np/css/color.css?v=np2.4.8.2
Cookie: PHPSESSID=8dvl95rdhpai9cna7n314km336; us_session_id=P1821
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Tue, 16 Apr 2024 13:23:08 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.0.33
Last-Modified: Fri, 19 Jan 2018 09:14:59 GMT
Accept-Ranges: bytes
Content-Length: 77160
Cache-Control: max-age=2592000
Expires: Thu, 16 May 2024 13:23:08 GMT
X-UA-Compatible: IE=edge,chrome=1
Connection: close

m3.nguonhay.com/media/images/film/pol/s350_700/vo-than-chua-te-1583765005.jpg

94.242.50.163

200 OK

70 kB

URL GET HTTP/1.1
m3.nguonhay.com/media/images/film/pol/s350_700/vo-than-chua-te-1583765005.jpg
IP
94.242.50.163:80
ASN
#43317 SIA VEESP

Requested by
http://nguonchillb.com/thanh-vat-ca-sau-crocodile-dundee-f41307.html

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, progressive, precision 8, 300x426, components 3
Size
70 kB (70369 bytes)
Hash
fabd25bf58c53cf84b93d09b16a5dab1
44d008211bf7a481cb35b3187b825f54e7c9631c
06138ff6cdd143a248a3b31bbcb4e88ee295c0d11a987a60b9f0c4043fee79e0

HTTP Headers

GET /media/images/film/pol/s350_700/vo-than-chua-te-1583765005.jpg HTTP/1.1
Host: m3.nguonhay.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://nguonchillb.com/
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Tue, 16 Apr 2024 13:23:08 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.0.33
Last-Modified: Fri, 12 Jun 2020 07:03:11 GMT
ETag: "112e1-5a7ddab8b8f40"
Accept-Ranges: bytes
Content-Length: 70369
Cache-Control: max-age=5184000, public
Expires: Sat, 15 Jun 2024 13:23:08 GMT
Access-Control-Allow-Origin: *
Connection: close
Content-Type: image/jpeg

m3.nguonhay.com/media/images/film/mptv/s350_700/nu-hoang-nuoc-mat-1707443450.jpg

94.242.50.163

200 OK

55 kB

URL GET HTTP/1.1
m3.nguonhay.com/media/images/film/mptv/s350_700/nu-hoang-nuoc-mat-1707443450.jpg
IP
94.242.50.163:80
ASN
#43317 SIA VEESP

Requested by
http://nguonchillb.com/thanh-vat-ca-sau-crocodile-dundee-f41307.html

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 350x501, components 3
Size
55 kB (55340 bytes)
Hash
7d84be20e84510c02a36491f73526483
911556208f24946169d6e9afe33fc2e5f6e48470
84cdd62c2838005fc964ed071a20d264327cc45c1403b1126ceb263fe479c06a

HTTP Headers

GET /media/images/film/mptv/s350_700/nu-hoang-nuoc-mat-1707443450.jpg HTTP/1.1
Host: m3.nguonhay.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://nguonchillb.com/
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Tue, 16 Apr 2024 13:23:08 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.0.33
Last-Modified: Sun, 10 Mar 2024 18:55:46 GMT
ETag: "d82c-61352f90ce8d6"
Accept-Ranges: bytes
Content-Length: 55340
Cache-Control: max-age=5184000, public
Expires: Sat, 15 Jun 2024 13:23:08 GMT
Access-Control-Allow-Origin: *
Connection: close
Content-Type: image/jpeg

fonts.googleapis.com/icon?family=Material+Icons

142.250.74.106

200 OK

811 B

URL GET HTTP/2
fonts.googleapis.com/icon?family=Material+Icons
IP
142.250.74.106:443
ASN
#15169 GOOGLE

Requested by
http://nguonchillb.com/thanh-vat-ca-sau-crocodile-dundee-f41307.html
Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint47:5A:64:7D:9F:47:34:07:31:91:97:F7:04:42:7A:D5:EA:AD:07:4E
ValidityMon, 04 Mar 2024 07:16:44 GMT - Mon, 27 May 2024 07:16:43 GMT

File type
gzip compressed data, max compression
Size
811 B (811 bytes)
Hash
5f43c3db976ef0cab9d7cd8031f0fcff
6c8522e987022c396c8b161fae1013d6736b6f95
97260f6f2b7ad22da9507f77af1fc98745ef235595094cb3982b7e3b4a5994c1

HTTP Headers

GET /icon?family=Material+Icons HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://nguonchillb.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Tue, 16 Apr 2024 13:23:07 GMT
date: Tue, 16 Apr 2024 13:23:07 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

www.googletagmanager.com/gtag/js?id=G-3RRF2WKVFP&l=dataLayer&cx=c

142.250.74.168

200 OK

87 kB

URL GET HTTP/3
www.googletagmanager.com/gtag/js?id=G-3RRF2WKVFP&l=dataLayer&cx=c
IP
142.250.74.168:443
ASN
#15169 GOOGLE

Requested by
http://nguonchillb.com/thanh-vat-ca-sau-crocodile-dundee-f41307.html
Certificate
IssuerGoogle Trust Services LLC
Subject*.google-analytics.com
FingerprintBF:40:8C:8B:CB:69:1E:3F:E2:3B:B7:8A:8E:C0:D6:98:5F:81:FA:2D
ValidityMon, 04 Mar 2024 06:35:45 GMT - Mon, 27 May 2024 06:35:44 GMT

File type
JavaScript source, ASCII text, with very long lines (4179)
Size
87 kB (87128 bytes)
Hash
7de56a1341d51530bb61cf7160133f9e
318f04a07cdda0a14971a4feb2d99841bceb849a
8ba98dc8b423cc12edc403f49dd3356997df7aafa53bfeb73c19006cea8fb512

HTTP Headers

GET /gtag/js?id=G-3RRF2WKVFP&l=dataLayer&cx=c HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://nguonchillb.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Tue, 16 Apr 2024 13:23:08 GMT
expires: Tue, 16 Apr 2024 13:23:08 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 87128
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

m3.nguonhay.com/media/images/film/blp/s350_700/ca-sau-khong-lo-phan-2-1670396602.jpg

94.242.50.163

200 OK

138 kB

URL GET HTTP/1.1
m3.nguonhay.com/media/images/film/blp/s350_700/ca-sau-khong-lo-phan-2-1670396602.jpg
IP
94.242.50.163:80
ASN
#43317 SIA VEESP

Requested by
http://nguonchillb.com/thanh-vat-ca-sau-crocodile-dundee-f41307.html

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 350x622, components 3
Size
138 kB (137869 bytes)
Hash
07b28bdf5747734480d3c7e1ce16531b
55590544fb623bbf64f3a02b14098559f3c6187c
3e1b2ca069c9f4475514355e212387177e49d0f0e3c5585841a8bcbd7d4cb2e9

HTTP Headers

GET /media/images/film/blp/s350_700/ca-sau-khong-lo-phan-2-1670396602.jpg HTTP/1.1
Host: m3.nguonhay.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://nguonchillb.com/
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Tue, 16 Apr 2024 13:23:08 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.0.33
Last-Modified: Wed, 07 Dec 2022 07:05:22 GMT
ETag: "21a8d-5ef378b4b39c9"
Accept-Ranges: bytes
Content-Length: 137869
Cache-Control: max-age=5184000, public
Expires: Sat, 15 Jun 2024 13:23:08 GMT
Access-Control-Allow-Origin: *
Connection: close
Content-Type: image/jpeg

fonts.googleapis.com/css?family=Open+Sans:300,300i,400,400i,600,600i,700,700i,800,800i|Roboto:100,100i,300,300i,400,400i,500,500i,700,700i,900,900i&subset=latin-ext,vietnamese

142.250.74.106

200 OK

3.5 kB

URL GET HTTP/2
fonts.googleapis.com/css?family=Open+Sans:300,300i,400,400i,600,600i,700,700i,800,800i|Roboto:100,100i,300,300i,400,400i,500,500i,700,700i,900,900i&subset=latin-ext,vietnamese
IP
142.250.74.106:443
ASN
#15169 GOOGLE

Requested by
http://nguonchillb.com/thanh-vat-ca-sau-crocodile-dundee-f41307.html
Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint47:5A:64:7D:9F:47:34:07:31:91:97:F7:04:42:7A:D5:EA:AD:07:4E
ValidityMon, 04 Mar 2024 07:16:44 GMT - Mon, 27 May 2024 07:16:43 GMT

File type
gzip compressed data, max compression
Size
3.5 kB (3463 bytes)
Hash
69c3b7a332d3006b0ced5b3bea230e70
3393c41057aa4326ad3271117669bde28fa0aa4d
37fdd1ff5e6c37870ae8b761dad3fd838e80ee0a94e3b32ae404649e07191193

HTTP Headers

GET /css?family=Open+Sans:300,300i,400,400i,600,600i,700,700i,800,800i|Roboto:100,100i,300,300i,400,400i,500,500i,700,700i,900,900i&subset=latin-ext,vietnamese HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://nguonchillb.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Tue, 16 Apr 2024 13:23:07 GMT
date: Tue, 16 Apr 2024 13:23:07 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu7GxKOzY.woff2

142.250.74.99

200 OK

12 kB

URL GET HTTP/2
fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu7GxKOzY.woff2
IP
142.250.74.99:443
ASN
#15169 GOOGLE

Requested by
http://nguonchillb.com/thanh-vat-ca-sau-crocodile-dundee-f41307.html
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint8F:81:43:71:C4:F3:8C:FA:6D:EC:B4:5E:1F:58:71:AA:48:42:0E:E9
ValidityMon, 04 Mar 2024 07:16:39 GMT - Mon, 27 May 2024 07:16:38 GMT

File type
Web Open Font Format (Version 2), TrueType, length 11872, version 1.0
Size
12 kB (11872 bytes)
Hash
87ace20058325aa069320aa4af875dff
b743548770c46d905ae1ba06310bc001c587fe8e
3c23eb02de6b34e30f18cfb7167abd81a2cedfd1da60dfcb71989517ab3fb431

HTTP Headers

GET /s/roboto/v30/KFOmCnqEu92Fr1Mu7GxKOzY.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://nguonchillb.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 11872
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 16 Apr 2024 01:19:30 GMT
expires: Wed, 16 Apr 2025 01:19:30 GMT
cache-control: public, max-age=31536000
age: 43418
last-modified: Wed, 11 May 2022 19:25:01 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu7WxKOzY.woff2

142.250.74.99

200 OK

5.6 kB

URL GET HTTP/2
fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu7WxKOzY.woff2
IP
142.250.74.99:443
ASN
#15169 GOOGLE

Requested by
http://nguonchillb.com/thanh-vat-ca-sau-crocodile-dundee-f41307.html
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint8F:81:43:71:C4:F3:8C:FA:6D:EC:B4:5E:1F:58:71:AA:48:42:0E:E9
ValidityMon, 04 Mar 2024 07:16:39 GMT - Mon, 27 May 2024 07:16:38 GMT

File type
Web Open Font Format (Version 2), TrueType, length 5560, version 1.0
Size
5.6 kB (5560 bytes)
Hash
ca3b09b62fda648a4511700413313fd0
109cd4c5435bd6614391bb8722c47c287c96b2ec
77b24796a3d4ab521f66765651875338ed50cb9306cfe4603a3e79618e429cec

HTTP Headers

GET /s/roboto/v30/KFOmCnqEu92Fr1Mu7WxKOzY.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://nguonchillb.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 5560
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 11 Apr 2024 02:39:02 GMT
expires: Fri, 11 Apr 2025 02:39:02 GMT
cache-control: public, max-age=31536000
age: 470646
last-modified: Wed, 11 May 2022 19:24:41 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSCmu1aB.woff2

142.250.74.99

200 OK

17 kB

URL GET HTTP/2
fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSCmu1aB.woff2
IP
142.250.74.99:443
ASN
#15169 GOOGLE

Requested by
http://nguonchillb.com/thanh-vat-ca-sau-crocodile-dundee-f41307.html
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint8F:81:43:71:C4:F3:8C:FA:6D:EC:B4:5E:1F:58:71:AA:48:42:0E:E9
ValidityMon, 04 Mar 2024 07:16:39 GMT - Mon, 27 May 2024 07:16:38 GMT

File type
Web Open Font Format (Version 2), TrueType, length 16552, version 1.0
Size
17 kB (16552 bytes)
Hash
283c40f79deab0300df8b3ffd86dfc7b
2ef09414a573ac59f4b37e81c8b8a881244b345f
35e5eea83f2e5f2bad1213aa4b4aef30a380720e35c1821f19bc894f8e61e406

HTTP Headers

GET /s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSCmu1aB.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://nguonchillb.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 16552
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 11 Apr 2024 02:33:37 GMT
expires: Fri, 11 Apr 2025 02:33:37 GMT
cache-control: public, max-age=31536000
age: 470971
last-modified: Thu, 14 Dec 2023 02:08:40 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSGmu1aB.woff2

142.250.74.99

200 OK

35 kB

URL GET HTTP/2
fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSGmu1aB.woff2
IP
142.250.74.99:443
ASN
#15169 GOOGLE

Requested by
http://nguonchillb.com/thanh-vat-ca-sau-crocodile-dundee-f41307.html
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint8F:81:43:71:C4:F3:8C:FA:6D:EC:B4:5E:1F:58:71:AA:48:42:0E:E9
ValidityMon, 04 Mar 2024 07:16:39 GMT - Mon, 27 May 2024 07:16:38 GMT

File type
Web Open Font Format (Version 2), TrueType, length 35328, version 1.0
Size
35 kB (35328 bytes)
Hash
7670dba29aa2a1560c5d711ea6f6b369
6a2a620d2972f139c804c5a8363c91eb1a7595f6
adfa45260a1306cb5fefc1f17c1b5e7b61135534a82bf1b8e3d0540af7e07e3b

HTTP Headers

GET /s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSGmu1aB.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://nguonchillb.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 35328
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 11 Apr 2024 17:27:30 GMT
expires: Fri, 11 Apr 2025 17:27:30 GMT
cache-control: public, max-age=31536000
age: 417338
last-modified: Thu, 14 Dec 2023 02:00:45 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.gstatic.com/s/materialicons/v142/flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2

142.250.74.99

200 OK

128 kB

URL GET HTTP/2
fonts.gstatic.com/s/materialicons/v142/flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2
IP
142.250.74.99:443
ASN
#15169 GOOGLE

Requested by
http://nguonchillb.com/thanh-vat-ca-sau-crocodile-dundee-f41307.html
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint8F:81:43:71:C4:F3:8C:FA:6D:EC:B4:5E:1F:58:71:AA:48:42:0E:E9
ValidityMon, 04 Mar 2024 07:16:39 GMT - Mon, 27 May 2024 07:16:38 GMT

File type
Web Open Font Format (Version 2), TrueType, length 128352, version 1.0
Size
128 kB (128352 bytes)
Hash
53436aca8627a49f4deaaa44dc9e3c05
0bc0c675480d94ec7e8609dda6227f88c5d08d2c
8265f64786397d6b832d1ca0aafdf149ad84e72759fffa9f7272e91a0fb015d1

HTTP Headers

GET /s/materialicons/v142/flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://nguonchillb.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 128352
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 15 Apr 2024 21:27:45 GMT
expires: Tue, 15 Apr 2025 21:27:45 GMT
cache-control: public, max-age=31536000
age: 57323
last-modified: Mon, 08 Apr 2024 19:04:47 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfCxc4EsA.woff2

142.250.74.99

200 OK

5.5 kB

URL GET HTTP/2
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfCxc4EsA.woff2
IP
142.250.74.99:443
ASN
#15169 GOOGLE

Requested by
http://nguonchillb.com/thanh-vat-ca-sau-crocodile-dundee-f41307.html
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint8F:81:43:71:C4:F3:8C:FA:6D:EC:B4:5E:1F:58:71:AA:48:42:0E:E9
ValidityMon, 04 Mar 2024 07:16:39 GMT - Mon, 27 May 2024 07:16:38 GMT

File type
Web Open Font Format (Version 2), TrueType, length 5548, version 1.0
Size
5.5 kB (5548 bytes)
Hash
cdaab83619fcacd4027a77c99dd51e69
9e6eae8554f8cc2309b2dae2d9fa217e34eed6a4
4ec57f2a80b91090971b83970230ca09ab3568c5f5b224896ca9aa6180a76aa9

HTTP Headers

GET /s/roboto/v30/KFOlCnqEu92Fr1MmWUlfCxc4EsA.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://nguonchillb.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 5548
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 11 Apr 2024 02:45:59 GMT
expires: Fri, 11 Apr 2025 02:45:59 GMT
cache-control: public, max-age=31536000
age: 470229
last-modified: Wed, 11 May 2022 19:24:45 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

142.250.74.99

200 OK

48 kB

URL GET HTTP/2
fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
IP
142.250.74.99:443
ASN
#15169 GOOGLE

Requested by
http://nguonchillb.com/thanh-vat-ca-sau-crocodile-dundee-f41307.html
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint8F:81:43:71:C4:F3:8C:FA:6D:EC:B4:5E:1F:58:71:AA:48:42:0E:E9
ValidityMon, 04 Mar 2024 07:16:39 GMT - Mon, 27 May 2024 07:16:38 GMT

File type
Web Open Font Format (Version 2), TrueType, length 48236, version 1.0
Size
48 kB (48236 bytes)
Hash
015c126a3520c9a8f6a27979d0266e96
2acf956561d44434a6d84204670cf849d3215d5f
3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa

HTTP Headers

GET /s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://nguonchillb.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 48236
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 16 Apr 2024 08:04:32 GMT
expires: Wed, 16 Apr 2025 08:04:32 GMT
cache-control: public, max-age=31536000
age: 19116
last-modified: Thu, 14 Dec 2023 02:08:40 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

142.250.74.99

200 OK

16 kB

URL GET HTTP/2
fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
IP
142.250.74.99:443
ASN
#15169 GOOGLE

Requested by
http://nguonchillb.com/thanh-vat-ca-sau-crocodile-dundee-f41307.html
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint8F:81:43:71:C4:F3:8C:FA:6D:EC:B4:5E:1F:58:71:AA:48:42:0E:E9
ValidityMon, 04 Mar 2024 07:16:39 GMT - Mon, 27 May 2024 07:16:38 GMT

File type
Web Open Font Format (Version 2), TrueType, length 15744, version 1.0
Size
16 kB (15744 bytes)
Hash
15d9f621c3bd1599f0169dcf0bd5e63e
7ca9c5967f3bb8bffeab24b639b49c1e7d03fa52
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

HTTP Headers

GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://nguonchillb.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15744
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 11 Apr 2024 02:37:01 GMT
expires: Fri, 11 Apr 2025 02:37:01 GMT
cache-control: public, max-age=31536000
age: 470767
last-modified: Wed, 11 May 2022 19:24:48 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

chokedsmelt.com/5b/28/bb/5b28bb3338748187b2166508de2d96b3.js

192.243.59.12

200 OK

16 kB

URL GET HTTP/1.1
chokedsmelt.com/5b/28/bb/5b28bb3338748187b2166508de2d96b3.js
IP
192.243.59.12:80
ASN
#39572 DataWeb Global Group B.V.

Requested by
http://nguonchillb.com/thanh-vat-ca-sau-crocodile-dundee-f41307.html

File type
JavaScript source, ASCII text, with very long lines (44139), with no line terminators
Size
16 kB (15839 bytes)
Hash
f86da52918926e8d5e65198181fa331b
f594fc7df49e2850ee3a11a6c556d030988b7934
fb9d814b3e5058f29e4220aa9e9945a95ad0887a9238ab370c0f7d8a57999507

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /5b/28/bb/5b28bb3338748187b2166508de2d96b3.js HTTP/1.1
Host: chokedsmelt.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://nguonchillb.com/
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Tue, 16 Apr 2024 13:23:08 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: ec6dc16fa35a1c032424bf3c7828d8fb
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip

fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

142.250.74.99

200 OK

16 kB

URL GET HTTP/2
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
IP
142.250.74.99:443
ASN
#15169 GOOGLE

Requested by
http://nguonchillb.com/thanh-vat-ca-sau-crocodile-dundee-f41307.html
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint8F:81:43:71:C4:F3:8C:FA:6D:EC:B4:5E:1F:58:71:AA:48:42:0E:E9
ValidityMon, 04 Mar 2024 07:16:39 GMT - Mon, 27 May 2024 07:16:38 GMT

File type
Web Open Font Format (Version 2), TrueType, length 15860, version 1.0
Size
16 kB (15860 bytes)
Hash
e9f5aaf547f165386cd313b995dddd8e
acdef5603c2387b0e5bffd744b679a24a8bc1968
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

HTTP Headers

GET /s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://nguonchillb.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15860
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 16 Apr 2024 10:46:32 GMT
expires: Wed, 16 Apr 2025 10:46:32 GMT
cache-control: public, max-age=31536000
age: 9396
last-modified: Wed, 11 May 2022 19:24:42 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

downstairsnegotiatebarren.com/sfp.js

172.67.180.87

301 Moved Permanently

167 B

URL GET HTTP/1.1
downstairsnegotiatebarren.com/sfp.js
IP
172.67.180.87:80
ASN
#13335 CLOUDFLARENET

Requested by
http://nguonchillb.com/thanh-vat-ca-sau-crocodile-dundee-f41307.html

File type
HTML document, ASCII text, with CRLF line terminators
Size
167 B (167 bytes)
Hash
0104c301c5e02bd6148b8703d19b3a73
7436e0b4b1f8c222c38069890b75fa2baf9ca620
446a6087825fa73eadb045e5a2e9e2adf7df241b571228187728191d961dda1f

HTTP Headers

GET /sfp.js HTTP/1.1
Host: downstairsnegotiatebarren.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://nguonchillb.com/
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 301 Moved Permanently
Date: Tue, 16 Apr 2024 13:23:08 GMT
Content-Type: text/html
Content-Length: 167
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Tue, 16 Apr 2024 14:23:08 GMT
Location: https://downstairsnegotiatebarren.com/sfp.js
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=oOhOJIYFhOrsuqy9Uct5oXqprB52GGRMh0PGlsZQNo%2BcN2u6FVzRguddbBTv%2BKO6N%2BQ6RFGQ%2Bwf1yOZpnyYRcS64vXu%2Bc9%2FweLJhJ49rMdPXaIFRqicCPWhEF2oLG3dMcfpbh8cLkBi29eAq%2BcRLTA%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 87547cfaba620b55-OSL
alt-svc: h2=":443"; ma=60

fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSCmu1aB.woff2

142.250.74.99

200 OK

17 kB

URL GET HTTP/2
fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSCmu1aB.woff2
IP
142.250.74.99:443
ASN
#15169 GOOGLE

Requested by
http://nguonchillb.com/thanh-vat-ca-sau-crocodile-dundee-f41307.html
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint8F:81:43:71:C4:F3:8C:FA:6D:EC:B4:5E:1F:58:71:AA:48:42:0E:E9
ValidityMon, 04 Mar 2024 07:16:39 GMT - Mon, 27 May 2024 07:16:38 GMT

File type
Web Open Font Format (Version 2), TrueType, length 16552, version 1.0
Size
17 kB (16552 bytes)
Hash
283c40f79deab0300df8b3ffd86dfc7b
2ef09414a573ac59f4b37e81c8b8a881244b345f
35e5eea83f2e5f2bad1213aa4b4aef30a380720e35c1821f19bc894f8e61e406

HTTP Headers

GET /s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSCmu1aB.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://nguonchillb.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 16552
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 11 Apr 2024 02:33:37 GMT
expires: Fri, 11 Apr 2025 02:33:37 GMT
cache-control: public, max-age=31536000
age: 470971
last-modified: Thu, 14 Dec 2023 02:08:40 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

142.250.74.99

200 OK

48 kB

URL GET HTTP/2
fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
IP
142.250.74.99:443
ASN
#15169 GOOGLE

Requested by
http://nguonchillb.com/thanh-vat-ca-sau-crocodile-dundee-f41307.html
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint8F:81:43:71:C4:F3:8C:FA:6D:EC:B4:5E:1F:58:71:AA:48:42:0E:E9
ValidityMon, 04 Mar 2024 07:16:39 GMT - Mon, 27 May 2024 07:16:38 GMT

File type
Web Open Font Format (Version 2), TrueType, length 48236, version 1.0
Size
48 kB (48236 bytes)
Hash
015c126a3520c9a8f6a27979d0266e96
2acf956561d44434a6d84204670cf849d3215d5f
3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa

HTTP Headers

GET /s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://nguonchillb.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 48236
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 16 Apr 2024 08:04:32 GMT
expires: Wed, 16 Apr 2025 08:04:32 GMT
cache-control: public, max-age=31536000
age: 19116
last-modified: Thu, 14 Dec 2023 02:08:40 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

142.250.74.99

200 OK

48 kB

URL GET HTTP/2
fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
IP
142.250.74.99:443
ASN
#15169 GOOGLE

Requested by
http://nguonchillb.com/thanh-vat-ca-sau-crocodile-dundee-f41307.html
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint8F:81:43:71:C4:F3:8C:FA:6D:EC:B4:5E:1F:58:71:AA:48:42:0E:E9
ValidityMon, 04 Mar 2024 07:16:39 GMT - Mon, 27 May 2024 07:16:38 GMT

File type
Web Open Font Format (Version 2), TrueType, length 48236, version 1.0
Size
48 kB (48236 bytes)
Hash
015c126a3520c9a8f6a27979d0266e96
2acf956561d44434a6d84204670cf849d3215d5f
3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa

HTTP Headers

GET /s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://nguonchillb.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 48236
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 16 Apr 2024 08:04:32 GMT
expires: Wed, 16 Apr 2025 08:04:32 GMT
cache-control: public, max-age=31536000
age: 19116
last-modified: Thu, 14 Dec 2023 02:08:40 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSGmu1aB.woff2

142.250.74.99

200 OK

35 kB

URL GET HTTP/2
fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSGmu1aB.woff2
IP
142.250.74.99:443
ASN
#15169 GOOGLE

Requested by
http://nguonchillb.com/thanh-vat-ca-sau-crocodile-dundee-f41307.html
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint8F:81:43:71:C4:F3:8C:FA:6D:EC:B4:5E:1F:58:71:AA:48:42:0E:E9
ValidityMon, 04 Mar 2024 07:16:39 GMT - Mon, 27 May 2024 07:16:38 GMT

File type
Web Open Font Format (Version 2), TrueType, length 35328, version 1.0
Size
35 kB (35328 bytes)
Hash
7670dba29aa2a1560c5d711ea6f6b369
6a2a620d2972f139c804c5a8363c91eb1a7595f6
adfa45260a1306cb5fefc1f17c1b5e7b61135534a82bf1b8e3d0540af7e07e3b

HTTP Headers

GET /s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSGmu1aB.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://nguonchillb.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 35328
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 11 Apr 2024 17:27:30 GMT
expires: Fri, 11 Apr 2025 17:27:30 GMT
cache-control: public, max-age=31536000
age: 417338
last-modified: Thu, 14 Dec 2023 02:00:45 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

ocsp.r2m03.amazontrust.com/

143.204.53.97

471 B

URL
ocsp.r2m03.amazontrust.com/
IP
143.204.53.97:0
ASN
#16509 AMAZON-02

File type
data
Size
471 B (471 bytes)
Hash
0bea14a24acf01e7602c416935848793
3493b99ca0da4d0c60f848069fa57e39b335a87a
229a97c14569254bf9fe6342e7cd4efd9e4f4b0ff89fb3c1e5c935976ab01062

HTTP Headers

POST / HTTP/1.1
Host: ocsp.r2m03.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=7200
Date: Tue, 16 Apr 2024 13:23:08 GMT
Last-Modified: Tue, 16 Apr 2024 12:14:01 GMT
Server: ECAcc (ska/F6E3)
X-Cache: Miss from cloudfront
Via: 1.1 6480520a5e02f3163410e3134bd77baa.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: ZguMAx-5Yx0RD5LBB_rOEmBy8oGmRDSuXbf-ZK5I902EjSkrBs058g==
Age: 4147

proftrafficcounter.com/stats

3.123.64.179

200 OK

40 B

URL GET HTTP/2
proftrafficcounter.com/stats
IP
3.123.64.179:443
ASN
#16509 AMAZON-02

Requested by
http://nguonchillb.com/thanh-vat-ca-sau-crocodile-dundee-f41307.html
Certificate
IssuerAmazon
Subjectproftrafficcounter.com
FingerprintE3:9F:79:6F:80:C0:BF:F8:C4:EB:45:F3:E9:0F:A7:41:F6:0C:05:E6
ValidityTue, 21 Nov 2023 00:00:00 GMT - Thu, 19 Dec 2024 23:59:59 GMT

File type
ASCII text, with no line terminators
Size
40 B (40 bytes)
Hash
b2f32f9f0bb798b49dfacad7dbf4c9a6
a9c3bc80e82a0ba9b6fbacd2f23d3538c16c902a
da4ecc01d6250fd00bc79f0d7d53a033ec9c0d56da3e0270408f72dae6d32243

HTTP Headers

GET /stats HTTP/1.1
Host: proftrafficcounter.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://nguonchillb.com
DNT: 1
Connection: keep-alive
Referer: http://nguonchillb.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Tue, 16 Apr 2024 13:23:08 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: http://nguonchillb.com
vary: Origin
access-control-allow-credentials: true
set-cookie: uid_id2=2e4050e2-862b-478b-bced-8ca26bdfb72a:1:1; expires=Fri, 14 Apr 2034 13:23:08 GMT; secure; SameSite=None
X-Firefox-Spdy: h2

nguonchillb.com/themes/np/images/button_km.png

94.242.50.163

200 OK

2.6 kB

URL GET HTTP/1.1
nguonchillb.com/themes/np/images/button_km.png
IP
94.242.50.163:80
ASN
#43317 SIA VEESP

Requested by
http://nguonchillb.com/thanh-vat-ca-sau-crocodile-dundee-f41307.html

File type
PNG image data, 66 x 50, 8-bit/color RGBA, non-interlaced
Size
2.6 kB (2646 bytes)
Hash
05238f78240b8bb3d2453e866550a011
766a5353d457d5282bb04192072a116073b8666d
aed76e5f2deac5394da887c6b862ab04fbc3e601348006da714310d72c5dfc60

HTTP Headers

GET /themes/np/images/button_km.png HTTP/1.1
Host: nguonchillb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://nguonchillb.com/themes/np/css/color.css?v=np2.4.8.2
Cookie: PHPSESSID=8dvl95rdhpai9cna7n314km336; us_session_id=P1821; _ga_3RRF2WKVFP=GS1.1.1713273788.1.0.1713273788.0.0.0; _ga=GA1.1.12000175.1713273788
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Tue, 16 Apr 2024 13:23:08 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.0.33
Last-Modified: Fri, 19 Jan 2018 09:15:00 GMT
Accept-Ranges: bytes
Content-Length: 2646
Cache-Control: max-age=2592000, public
Expires: Thu, 16 May 2024 13:23:08 GMT
Connection: close
Content-Type: image/png

nguonchillb.com/themes/np/images/bottomNavON.png

94.242.50.163

200 OK

1.3 kB

URL GET HTTP/1.1
nguonchillb.com/themes/np/images/bottomNavON.png
IP
94.242.50.163:80
ASN
#43317 SIA VEESP

Requested by
http://nguonchillb.com/thanh-vat-ca-sau-crocodile-dundee-f41307.html

File type
PNG image data, 13 x 13, 8-bit/color RGBA, non-interlaced
Size
1.3 kB (1334 bytes)
Hash
0703045e13e1ab8508a2273cbe71d5d6
c2d2f79bb3758de5722cddd94eaf4701078b4d71
698cc5f19fb8e30c2a9d8471e81637cb26e8fcd67a55bfffc9ca651a0c45e90f

HTTP Headers

GET /themes/np/images/bottomNavON.png HTTP/1.1
Host: nguonchillb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://nguonchillb.com/themes/np/css/color.css?v=np2.4.8.2
Cookie: PHPSESSID=8dvl95rdhpai9cna7n314km336; us_session_id=P1821; _ga_3RRF2WKVFP=GS1.1.1713273788.1.0.1713273788.0.0.0; _ga=GA1.1.12000175.1713273788
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Tue, 16 Apr 2024 13:23:08 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.0.33
Last-Modified: Fri, 19 Jan 2018 09:15:00 GMT
Accept-Ranges: bytes
Content-Length: 1334
Cache-Control: max-age=2592000, public
Expires: Thu, 16 May 2024 13:23:08 GMT
Connection: close
Content-Type: image/png

nguonchillb.com/themes/np/images/bottomNavOFF.png

94.242.50.163

200 OK

1.3 kB

URL GET HTTP/1.1
nguonchillb.com/themes/np/images/bottomNavOFF.png
IP
94.242.50.163:80
ASN
#43317 SIA VEESP

Requested by
http://nguonchillb.com/thanh-vat-ca-sau-crocodile-dundee-f41307.html

File type
PNG image data, 13 x 13, 8-bit/color RGBA, non-interlaced
Size
1.3 kB (1250 bytes)
Hash
840cd790a57c4cee3fb5b50d448dfd3a
976ecfbdaadc569488019ad246b6dfa31bdab85b
d317c5f6a5b4342d84bcc00cb0c99d2ce3c7d6f1044ac8036d722fcbf728baeb

HTTP Headers

GET /themes/np/images/bottomNavOFF.png HTTP/1.1
Host: nguonchillb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://nguonchillb.com/themes/np/css/color.css?v=np2.4.8.2
Cookie: PHPSESSID=8dvl95rdhpai9cna7n314km336; us_session_id=P1821; _ga_3RRF2WKVFP=GS1.1.1713273788.1.0.1713273788.0.0.0; _ga=GA1.1.12000175.1713273788
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Tue, 16 Apr 2024 13:23:08 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.0.33
Last-Modified: Fri, 19 Jan 2018 09:15:00 GMT
Accept-Ranges: bytes
Content-Length: 1250
Cache-Control: max-age=2592000, public
Expires: Thu, 16 May 2024 13:23:08 GMT
Connection: close
Content-Type: image/png

nguonchillb.com/site/site/checkaccess/

94.242.50.163

200 OK

7 B

URL POST HTTP/1.1
nguonchillb.com/site/site/checkaccess/
IP
94.242.50.163:80
ASN
#43317 SIA VEESP

Requested by
http://nguonchillb.com/thanh-vat-ca-sau-crocodile-dundee-f41307.html

File type
ASCII text, with no line terminators
Size
7 B (7 bytes)
Hash
4e3ca82bee9b6a4b6c6e30ca31234e50
f007b014714adb9c2c7c105e64dfa8448e9ec77a
148ecdac86b94c986a6bb2da57595b2cc4b35afa88e266ec7f30f79530803efb

HTTP Headers

POST /site/site/checkaccess/ HTTP/1.1
Host: nguonchillb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
X-Requested-With: XMLHttpRequest
Content-Length: 99
Origin: http://nguonchillb.com
DNT: 1
Connection: keep-alive
Referer: http://nguonchillb.com/thanh-vat-ca-sau-crocodile-dundee-f41307.html
Cookie: PHPSESSID=8dvl95rdhpai9cna7n314km336; us_session_id=P1821; _ga_3RRF2WKVFP=GS1.1.1713273788.1.0.1713273788.0.0.0; _ga=GA1.1.12000175.1713273788
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Tue, 16 Apr 2024 13:23:08 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.0.33
X-Powered-By: PHP/7.0.33
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
X-UA-Compatible: IE=edge,chrome=1
Content-Length: 7
Connection: close
Content-Type: text/html; charset=UTF-8

nguonchillb.com/site/chatbot/refresh/

94.242.50.163

200 OK

260 B

URL POST HTTP/1.1
nguonchillb.com/site/chatbot/refresh/
IP
94.242.50.163:80
ASN
#43317 SIA VEESP

Requested by
http://nguonchillb.com/thanh-vat-ca-sau-crocodile-dundee-f41307.html

File type
JSON text data
Size
260 B (260 bytes)
Hash
ba0683de7607ad624fb4cecda80e9bc1
674cb63ed78bcbd018343354b0ae42e9c43d2ee1
83db877ee449fa874aaaf8896bc642c25fc2f6e8c0179b6d4d59a2c0c9cdfce1

HTTP Headers

POST /site/chatbot/refresh/ HTTP/1.1
Host: nguonchillb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
X-Requested-With: XMLHttpRequest
Content-Length: 16
Origin: http://nguonchillb.com
DNT: 1
Connection: keep-alive
Referer: http://nguonchillb.com/thanh-vat-ca-sau-crocodile-dundee-f41307.html
Cookie: PHPSESSID=8dvl95rdhpai9cna7n314km336; us_session_id=P1821; _ga_3RRF2WKVFP=GS1.1.1713273788.1.0.1713273788.0.0.0; _ga=GA1.1.12000175.1713273788
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Tue, 16 Apr 2024 13:23:08 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.0.33
X-Powered-By: PHP/7.0.33
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: Accept-Encoding
Content-Encoding: gzip
X-UA-Compatible: IE=edge,chrome=1
Content-Length: 260
Connection: close
Content-Type: text/html; charset=UTF-8

m3.nguonphim.net/media/images/1/favi/favicon-1498701606.png

94.242.50.163

200 OK

18 kB

URL GET HTTP/1.1
m3.nguonphim.net/media/images/1/favi/favicon-1498701606.png
IP
94.242.50.163:80
ASN
#43317 SIA VEESP

Requested by
http://nguonchillb.com/thanh-vat-ca-sau-crocodile-dundee-f41307.html

File type
PNG image data, 46 x 48, 8-bit/color RGBA, non-interlaced
Size
18 kB (17873 bytes)
Hash
e6f4a93efe2d93e885abcbb4cc09cd4a
e4f94b9e95b40e30b215228316bb7f8c48d08ed2
93b7bbea433aa41f6efb860d3d9777d363f9e64fc1ad4186cd9ef525bbee9c94

HTTP Headers

GET /media/images/1/favi/favicon-1498701606.png HTTP/1.1
Host: m3.nguonphim.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://nguonchillb.com/
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Tue, 16 Apr 2024 13:23:08 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.0.33
Last-Modified: Wed, 05 Jul 2017 04:14:59 GMT
ETag: "45d1-5538a3e52eb40"
Accept-Ranges: bytes
Content-Length: 17873
Cache-Control: max-age=5184000, public
Expires: Sat, 15 Jun 2024 13:23:08 GMT
Access-Control-Allow-Origin: *
Connection: close
Content-Type: image/png

continuousselfevidentinestimable.com/sbar.json?key=5b28bb3338748187b2166508de2d96b3&uuid=2e4050e2-862b-478b-bced-8ca26bdfb72a%3A1%3A1

172.240.108.68

200 OK

8.1 kB

URL GET HTTP/1.1
continuousselfevidentinestimable.com/sbar.json?key=5b28bb3338748187b2166508de2d96b3&uuid=2e4050e2-862b-478b-bced-8ca26bdfb72a%3A1%3A1
IP
172.240.108.68:443
ASN
#7979 SERVERS-COM

Requested by
http://nguonchillb.com/thanh-vat-ca-sau-crocodile-dundee-f41307.html
Certificate
IssuerLet's Encrypt
Subjectcontinuousselfevidentinestimable.com
Fingerprint1F:F4:36:85:7F:D7:60:BF:21:DA:52:FF:00:60:97:80:4B:6D:0D:3A
ValidityMon, 15 Apr 2024 12:20:33 GMT - Sun, 14 Jul 2024 12:20:32 GMT

File type
JSON text data
Size
8.1 kB (8059 bytes)
Hash
5c6527f0cfd80b519fdca40c9581bf66
491f0c8350f0a42083a34fd73901d59fe86151e7
7f49ad1ba4b4d8326eca2c2af939496bb4b85fe5579789fa500f9d65d970d6c2

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /sbar.json?key=5b28bb3338748187b2166508de2d96b3&uuid=2e4050e2-862b-478b-bced-8ca26bdfb72a%3A1%3A1 HTTP/1.1
Host: continuousselfevidentinestimable.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://nguonchillb.com
DNT: 1
Connection: keep-alive
Referer: http://nguonchillb.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Tue, 16 Apr 2024 13:23:09 GMT
Content-Type: text/plain; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: http://nguonchillb.com
Access-Control-Allow-Origin: http://nguonchillb.com
Access-Control-Allow-Credentials: true
Set-Cookie: u_pl=17093374; expires=Wed, 17 Apr 2024 13:23:09 GMT; secure; SameSite=None
uid_id2=2e4050e2-862b-478b-bced-8ca26bdfb72a:1:1; expires=Tue, 23 Apr 2024 13:23:09 GMT; secure; SameSite=None
pdhtkv=true; expires=Wed, 17 Apr 2024 13:23:09 GMT; secure; SameSite=None
uncs=1; expires=Wed, 17 Apr 2024 13:23:09 GMT; secure; SameSite=None
pdhtkv29=true; expires=Wed, 17 Apr 2024 13:23:09 GMT; secure; SameSite=None
uncs29=1; expires=Wed, 17 Apr 2024 13:23:09 GMT; secure; SameSite=None
slec5b28bb3338748187b2166508de2d96b3=[3078195,3078189]; expires=Tue, 16 Apr 2024 13:23:14 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 575cb0e39baa02c1b611f9247bbbeade
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip

continuousselfevidentinestimable.com/ren.gif?sid=H4sIAAAAAAAC%2F1RSX2skxRetzi%2FwexAWlAVBUQbxQcFMuntmenrch8W4RhbjZtlV9E2qumomZaq7mqqu6Ul8CS7IPg5%2Bgs6ZZIPuIvoBdtXJgkhAyPiUB%2FMZBHHxSaTH6OCF7vvn3Avn3lOf7btzEsLRs2vv6l2pFF3tNP3GKx8GwZXGhszcqDGKo4%2Bi9pWGGb7ei5r%2Bq423RbKtV0M%2F8P3ADxrr0oi%2BHq3WIGT%2BoBc0e36zHTaDThsj89%2FcOg%2BWeuDDc%2FIMJJ8tP%2FYuQyZTZOnX14TdLnT%2B2lupU7TQBkN%2B9H62nekyQ7oI%2B8ZDPzu66Ia2p%2BuPoLPDOV3o4b%2BNTM6I98MjsOzogiTY8GDOkymIDIw%2FhXI4hVBTSDpFou9A8lMCJBw3NpGl925oU9Kdv1FaozOy%2FOQ3yHJGln%2B5jCz9ak3JUeO2Vq6QOrMY9SvI0RRyMEXujlHsLkGWx0iKTyH5T2T1yQay9GDTKg3Jz14ORdvv%2BCJciaOQrbS7MVthieArcULDiPE%2B64Z0fiApp5D9KZQYg1oPrv6kB9f34HIPKT9rJEEQdH2eUD%2FuJUmLdwWLuB%2FQbj%2BggR%2FFcEm9wxhFPkaixkjMHnKzh205hnHfwW5VsNyDLQiGvEIpCEpLUFKCUhKUBUE5rA65sqGt7nFlHQsufHjhW9VEF4N9eqiLgcgIqBnD8Go%2FPydP1wf0lmd%2FYlucNTosjBlrtVpxtx0HcZeFQRR1%2FJiLkPci1oKVFaRdmq%2B7W4v5%2FRry2r90FYwew6pjJNIDdS%2BAlhXoVoXd7H42cDorhs1Ep%2BC6Ql4so9jx9tU5eX6uYPOPFkRyQi4MiamQmwofy8cEA3V3ckuX5OCWLi35ZjMvZCp3aa3u7YIWwvvyHbFTasOvX7PjL95IaqAOH7wnbLFBMy6zgSX31yTnwqxrkwjy8Lr9QLCbzm6tOZO5fOPmm%2BvX09wIa6XOpqDy9NIlJHJG%2Fv%2Fj7%2FNn%2B%2Bz5c5BmCuMqpG7BVOpjJPkebL6oWU1g1CJnuYfSVRMTskVRSQIlFjllFaw4%2BfbXf4YW8cTQeprKat%2FexcAsgRZ3kKUVhqbCUFWgagzr%2FjcpcnNy9efW3MDU0oQps3TAlFGfz49c%2F1Zg5Vmj22r5NOp1gm6Xii5rh3E%2FCjilYTsKo4i2UNhZ%2F8VPHv4FAAD%2F%2FwEAAP%2F%2F4EWFMpAEAAA%3D

172.240.108.68

200 OK

7 B

URL GET HTTP/1.1
continuousselfevidentinestimable.com/ren.gif?sid=H4sIAAAAAAAC%2F1RSX2skxRetzi%2FwexAWlAVBUQbxQcFMuntmenrch8W4RhbjZtlV9E2qumomZaq7mqqu6Ul8CS7IPg5%2Bgs6ZZIPuIvoBdtXJgkhAyPiUB%2FMZBHHxSaTH6OCF7vvn3Avn3lOf7btzEsLRs2vv6l2pFF3tNP3GKx8GwZXGhszcqDGKo4%2Bi9pWGGb7ei5r%2Bq423RbKtV0M%2F8P3ADxrr0oi%2BHq3WIGT%2BoBc0e36zHTaDThsj89%2FcOg%2BWeuDDc%2FIMJJ8tP%2FYuQyZTZOnX14TdLnT%2B2lupU7TQBkN%2B9H62nekyQ7oI%2B8ZDPzu66Ia2p%2BuPoLPDOV3o4b%2BNTM6I98MjsOzogiTY8GDOkymIDIw%2FhXI4hVBTSDpFou9A8lMCJBw3NpGl925oU9Kdv1FaozOy%2FOQ3yHJGln%2B5jCz9ak3JUeO2Vq6QOrMY9SvI0RRyMEXujlHsLkGWx0iKTyH5T2T1yQay9GDTKg3Jz14ORdvv%2BCJciaOQrbS7MVthieArcULDiPE%2B64Z0fiApp5D9KZQYg1oPrv6kB9f34HIPKT9rJEEQdH2eUD%2FuJUmLdwWLuB%2FQbj%2BggR%2FFcEm9wxhFPkaixkjMHnKzh205hnHfwW5VsNyDLQiGvEIpCEpLUFKCUhKUBUE5rA65sqGt7nFlHQsufHjhW9VEF4N9eqiLgcgIqBnD8Go%2FPydP1wf0lmd%2FYlucNTosjBlrtVpxtx0HcZeFQRR1%2FJiLkPci1oKVFaRdmq%2B7W4v5%2FRry2r90FYwew6pjJNIDdS%2BAlhXoVoXd7H42cDorhs1Ep%2BC6Ql4so9jx9tU5eX6uYPOPFkRyQi4MiamQmwofy8cEA3V3ckuX5OCWLi35ZjMvZCp3aa3u7YIWwvvyHbFTasOvX7PjL95IaqAOH7wnbLFBMy6zgSX31yTnwqxrkwjy8Lr9QLCbzm6tOZO5fOPmm%2BvX09wIa6XOpqDy9NIlJHJG%2Fv%2Fj7%2FNn%2B%2Bz5c5BmCuMqpG7BVOpjJPkebL6oWU1g1CJnuYfSVRMTskVRSQIlFjllFaw4%2BfbXf4YW8cTQeprKat%2FexcAsgRZ3kKUVhqbCUFWgagzr%2FjcpcnNy9efW3MDU0oQps3TAlFGfz49c%2F1Zg5Vmj22r5NOp1gm6Xii5rh3E%2FCjilYTsKo4i2UNhZ%2F8VPHv4FAAD%2F%2FwEAAP%2F%2F4EWFMpAEAAA%3D
IP
172.240.108.68:443
ASN
#7979 SERVERS-COM

Requested by
http://nguonchillb.com/thanh-vat-ca-sau-crocodile-dundee-f41307.html
Certificate
IssuerLet's Encrypt
Subjectcontinuousselfevidentinestimable.com
Fingerprint1F:F4:36:85:7F:D7:60:BF:21:DA:52:FF:00:60:97:80:4B:6D:0D:3A
ValidityMon, 15 Apr 2024 12:20:33 GMT - Sun, 14 Jul 2024 12:20:32 GMT

File type
ASCII text, with no line terminators
Size
7 B (7 bytes)
Hash
132d6af1b46048b45cf86cdee7991d31
eb7007d03d59b65bc6da7e098c4d38fc6dfb6285
ab852e838deccd742a03ca81d4a8d75cf1a00b327db3eaf46bd7da6b6db9384c

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /ren.gif?sid=H4sIAAAAAAAC%2F1RSX2skxRetzi%2FwexAWlAVBUQbxQcFMuntmenrch8W4RhbjZtlV9E2qumomZaq7mqqu6Ul8CS7IPg5%2Bgs6ZZIPuIvoBdtXJgkhAyPiUB%2FMZBHHxSaTH6OCF7vvn3Avn3lOf7btzEsLRs2vv6l2pFF3tNP3GKx8GwZXGhszcqDGKo4%2Bi9pWGGb7ei5r%2Bq423RbKtV0M%2F8P3ADxrr0oi%2BHq3WIGT%2BoBc0e36zHTaDThsj89%2FcOg%2BWeuDDc%2FIMJJ8tP%2FYuQyZTZOnX14TdLnT%2B2lupU7TQBkN%2B9H62nekyQ7oI%2B8ZDPzu66Ia2p%2BuPoLPDOV3o4b%2BNTM6I98MjsOzogiTY8GDOkymIDIw%2FhXI4hVBTSDpFou9A8lMCJBw3NpGl925oU9Kdv1FaozOy%2FOQ3yHJGln%2B5jCz9ak3JUeO2Vq6QOrMY9SvI0RRyMEXujlHsLkGWx0iKTyH5T2T1yQay9GDTKg3Jz14ORdvv%2BCJciaOQrbS7MVthieArcULDiPE%2B64Z0fiApp5D9KZQYg1oPrv6kB9f34HIPKT9rJEEQdH2eUD%2FuJUmLdwWLuB%2FQbj%2BggR%2FFcEm9wxhFPkaixkjMHnKzh205hnHfwW5VsNyDLQiGvEIpCEpLUFKCUhKUBUE5rA65sqGt7nFlHQsufHjhW9VEF4N9eqiLgcgIqBnD8Go%2FPydP1wf0lmd%2FYlucNTosjBlrtVpxtx0HcZeFQRR1%2FJiLkPci1oKVFaRdmq%2B7W4v5%2FRry2r90FYwew6pjJNIDdS%2BAlhXoVoXd7H42cDorhs1Ep%2BC6Ql4so9jx9tU5eX6uYPOPFkRyQi4MiamQmwofy8cEA3V3ckuX5OCWLi35ZjMvZCp3aa3u7YIWwvvyHbFTasOvX7PjL95IaqAOH7wnbLFBMy6zgSX31yTnwqxrkwjy8Lr9QLCbzm6tOZO5fOPmm%2BvX09wIa6XOpqDy9NIlJHJG%2Fv%2Fj7%2FNn%2B%2Bz5c5BmCuMqpG7BVOpjJPkebL6oWU1g1CJnuYfSVRMTskVRSQIlFjllFaw4%2BfbXf4YW8cTQeprKat%2FexcAsgRZ3kKUVhqbCUFWgagzr%2FjcpcnNy9efW3MDU0oQps3TAlFGfz49c%2F1Zg5Vmj22r5NOp1gm6Xii5rh3E%2FCjilYTsKo4i2UNhZ%2F8VPHv4FAAD%2F%2FwEAAP%2F%2F4EWFMpAEAAA%3D HTTP/1.1
Host: continuousselfevidentinestimable.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://nguonchillb.com/
Cookie: u_pl=17093374; uid_id2=2e4050e2-862b-478b-bced-8ca26bdfb72a:1:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; slec5b28bb3338748187b2166508de2d96b3=[3078195,3078189]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Tue, 16 Apr 2024 13:23:09 GMT
Content-Type: image/gif
Content-Length: 7
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: e93a01032f57aa3905725354c39dbf00
Strict-Transport-Security: max-age=0; includeSubdomains

cdn.creative-bars1.com/sb/notifications/utility/default/us/blog/financeskipper/message_redcircle2/16/img/sale3.jpg

104.21.70.253

200 OK

65 kB

URL GET HTTP/2
cdn.creative-bars1.com/sb/notifications/utility/default/us/blog/financeskipper/message_redcircle2/16/img/sale3.jpg
IP
104.21.70.253:443
ASN
#13335 CLOUDFLARENET

Requested by
http://nguonchillb.com/thanh-vat-ca-sau-crocodile-dundee-f41307.html
Certificate
IssuerGoogle Trust Services LLC
Subjectcreative-bars1.com
Fingerprint3D:29:39:2C:F1:E5:C6:EF:54:F5:70:B5:CF:A8:C2:75:4D:89:72:13
ValidityMon, 15 Apr 2024 15:02:18 GMT - Sun, 14 Jul 2024 15:02:17 GMT

File type
JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=12, height=242, bps=0, PhotometricInterpretation=RGB, orientation=upper-left, width=364], progressive, precision 8, 364x242, components 3
Size
65 kB (64642 bytes)
Hash
61f7b1fa1698507638df7882e2bdfcaf
89134af9a734f4c30d0db01ea36c86895e46b7e3
bc0a583f7e3c834e53d5263ecc90d279b27460ea2e9bce56b7ac6b129eb5849c

HTTP Headers

GET /sb/notifications/utility/default/us/blog/financeskipper/message_redcircle2/16/img/sale3.jpg HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Tue, 16 Apr 2024 13:23:09 GMT
content-type: image/jpeg
content-length: 64642
last-modified: Fri, 19 Jan 2024 14:21:26 GMT
etag: "65aa8566-fc82"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 5354273
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=45oPjzJhetGpQjUTyE84vBZc4vwZ3O9k61IiqtdytdWgiBwcfTcG5zGRmDdlZUa5ceGnj8rANUr1y3V0jr7TB1VUv4%2B9TnaH%2BrXfzAX4kLkMSL3iBfebuNYRkMwYxZ%2F70AgvagR4a8eG"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87547d02bef3569f-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

downstairsnegotiatebarren.com/sfp.js

172.67.180.87

301 Moved Permanently

28 kB

URL GET HTTP/1.1
downstairsnegotiatebarren.com/sfp.js
IP
172.67.180.87:80
ASN
#13335 CLOUDFLARENET

Requested by
http://nguonchillb.com/thanh-vat-ca-sau-crocodile-dundee-f41307.html

File type
JavaScript source, Unicode text, UTF-8 text, with very long lines (65529), with no line terminators
Size
28 kB (27462 bytes)
Hash
f4a2f8f9f99541c6f105bbd0a025bd40
1f8e3eff12168fdd9e719adfc098d24a45b6916a
b717cb04231a10d425fd55b73c85a5407119c6826a8bac94142fddfff6958716

HTTP Headers

GET /sfp.js HTTP/1.1
Host: downstairsnegotiatebarren.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://nguonchillb.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Tue, 16 Apr 2024 13:23:09 GMT
content-type: application/javascript; charset=utf-8
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin: *
expires: Thu, 01 Jan 1970 00:00:01 GMT
cache-control: max-age=14400
x-request-id: 0d559ba6849e0164bc97091d0b4b7254
strict-transport-security: max-age=0; includeSubdomains
cf-cache-status: EXPIRED
last-modified: Tue, 16 Apr 2024 13:23:08 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=MoGOamGGcljmPJWZWAhTSozkQuz9kCnuj4%2FmLwV63QDlUtTUkjG9NuoaBxHTjdLl%2F6m1USsf7SIY%2FC74IzNkcLct9UYeEZjmoFzycCqJq9c5ZgmOUeuLXiTAlHv6%2FkJhY6L83ACso5fECYSQu0npaw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87547cfbfb0bb50b-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

fonts.googleapis.com/css?family=Roboto:300,400,700&display=swap

142.250.74.106

200 OK

717 B

URL GET HTTP/1.1
fonts.googleapis.com/css?family=Roboto:300,400,700&display=swap
IP
142.250.74.106:80
ASN
#15169 GOOGLE

Requested by
http://nguonchillb.com/thanh-vat-ca-sau-crocodile-dundee-f41307.html

File type
ASCII text
Size
717 B (717 bytes)
Hash
9cc7d472437c87f6f7ebeb35abec09f1
948bb2b7bf4bbc829015c125e1b6f7859b2948b0
9a39510af72db44fb14d333c52c41da0e90827afcfe78c8f12b367f0a94783b7

HTTP Headers

GET /css?family=Roboto:300,400,700&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: text/css; charset=utf-8
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Link: <http://fonts.gstatic.com>; rel=preconnect; crossorigin
Expires: Tue, 16 Apr 2024 13:23:09 GMT
Date: Tue, 16 Apr 2024 13:23:09 GMT
Cache-Control: private, max-age=86400
Cross-Origin-Opener-Policy: same-origin-allow-popups
Cross-Origin-Resource-Policy: cross-origin
Content-Encoding: gzip
Transfer-Encoding: chunked
Server: ESF
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff

continuousselfevidentinestimable.com/pixel/sbls?bv=24.6.6370&tmpl=482&u=https%3A%2F%2Fcdn.barscreative1.com%2Fsb%2Fnotifications%2Futility%2Fdefault%2Fus%2Fblog%2Ffinanceskipper%2Fmessage_redcircle2%2F16%2Findex.html&l=1545&fd=95

172.240.108.68

200 OK

0 B

URL GET HTTP/1.1
continuousselfevidentinestimable.com/pixel/sbls?bv=24.6.6370&tmpl=482&u=https%3A%2F%2Fcdn.barscreative1.com%2Fsb%2Fnotifications%2Futility%2Fdefault%2Fus%2Fblog%2Ffinanceskipper%2Fmessage_redcircle2%2F16%2Findex.html&l=1545&fd=95
IP
172.240.108.68:80
ASN
#7979 SERVERS-COM

Requested by
http://nguonchillb.com/thanh-vat-ca-sau-crocodile-dundee-f41307.html

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /pixel/sbls?bv=24.6.6370&tmpl=482&u=https%3A%2F%2Fcdn.barscreative1.com%2Fsb%2Fnotifications%2Futility%2Fdefault%2Fus%2Fblog%2Ffinanceskipper%2Fmessage_redcircle2%2F16%2Findex.html&l=1545&fd=95 HTTP/1.1
Host: continuousselfevidentinestimable.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://nguonchillb.com/
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Tue, 16 Apr 2024 13:23:09 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range

continuousselfevidentinestimable.com/pixel/sbls?bv=24.6.6370&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Fnotifications%2Futility%2Fdefault%2Fus%2Fblog%2Ffinanceskipper%2Fmessage_redcircle2%2F16%2Fcss%2Fstyle.css&l=3664&fd=335

172.240.108.68

200 OK

0 B

URL GET HTTP/1.1
continuousselfevidentinestimable.com/pixel/sbls?bv=24.6.6370&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Fnotifications%2Futility%2Fdefault%2Fus%2Fblog%2Ffinanceskipper%2Fmessage_redcircle2%2F16%2Fcss%2Fstyle.css&l=3664&fd=335
IP
172.240.108.68:80
ASN
#7979 SERVERS-COM

Requested by
http://nguonchillb.com/thanh-vat-ca-sau-crocodile-dundee-f41307.html

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /pixel/sbls?bv=24.6.6370&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Fnotifications%2Futility%2Fdefault%2Fus%2Fblog%2Ffinanceskipper%2Fmessage_redcircle2%2F16%2Fcss%2Fstyle.css&l=3664&fd=335 HTTP/1.1
Host: continuousselfevidentinestimable.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://nguonchillb.com/
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Tue, 16 Apr 2024 13:23:10 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range

172.240.108.68

200 OK

0 B

URL GET HTTP/1.1
continuousselfevidentinestimable.com/pixel/sbls?bv=24.6.6370&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Fnotifications%2Futility%2Fdefault%2Fus%2Fblog%2Ffinanceskipper%2Fmessage_redcircle2%2F16%2Fjs%2Fscript.js&l=386&fd=341
IP
172.240.108.68:80
ASN
#7979 SERVERS-COM

Requested by
http://nguonchillb.com/thanh-vat-ca-sau-crocodile-dundee-f41307.html

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /pixel/sbls?bv=24.6.6370&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Fnotifications%2Futility%2Fdefault%2Fus%2Fblog%2Ffinanceskipper%2Fmessage_redcircle2%2F16%2Fjs%2Fscript.js&l=386&fd=341 HTTP/1.1
Host: continuousselfevidentinestimable.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://nguonchillb.com/
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Tue, 16 Apr 2024 13:23:10 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range

fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

142.250.74.99

200 OK

16 kB

URL GET HTTP/2
fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
IP
142.250.74.99:443
ASN
#15169 GOOGLE

Requested by
http://nguonchillb.com/thanh-vat-ca-sau-crocodile-dundee-f41307.html
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint8F:81:43:71:C4:F3:8C:FA:6D:EC:B4:5E:1F:58:71:AA:48:42:0E:E9
ValidityMon, 04 Mar 2024 07:16:39 GMT - Mon, 27 May 2024 07:16:38 GMT

File type
Web Open Font Format (Version 2), TrueType, length 15744, version 1.0
Size
16 kB (15744 bytes)
Hash
15d9f621c3bd1599f0169dcf0bd5e63e
7ca9c5967f3bb8bffeab24b639b49c1e7d03fa52
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

HTTP Headers

GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://nguonchillb.com
DNT: 1
Connection: keep-alive
Referer: http://fonts.googleapis.com/
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin; report-to="apps-themes"
Report-To: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
Timing-Allow-Origin: *
Content-Length: 15744
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Thu, 11 Apr 2024 02:56:40 GMT
Expires: Fri, 11 Apr 2025 02:56:40 GMT
Cache-Control: public, max-age=31536000
Age: 469590
Last-Modified: Wed, 11 May 2022 19:24:48 GMT
Content-Type: font/woff2

fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

142.250.74.99

200 OK

16 kB

URL GET HTTP/2
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
IP
142.250.74.99:443
ASN
#15169 GOOGLE

Requested by
http://nguonchillb.com/thanh-vat-ca-sau-crocodile-dundee-f41307.html
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint8F:81:43:71:C4:F3:8C:FA:6D:EC:B4:5E:1F:58:71:AA:48:42:0E:E9
ValidityMon, 04 Mar 2024 07:16:39 GMT - Mon, 27 May 2024 07:16:38 GMT

File type
Web Open Font Format (Version 2), TrueType, length 15860, version 1.0
Size
16 kB (15860 bytes)
Hash
e9f5aaf547f165386cd313b995dddd8e
acdef5603c2387b0e5bffd744b679a24a8bc1968
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

HTTP Headers

GET /s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://nguonchillb.com
DNT: 1
Connection: keep-alive
Referer: http://fonts.googleapis.com/
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin; report-to="apps-themes"
Report-To: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
Timing-Allow-Origin: *
Content-Length: 15860
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Tue, 09 Apr 2024 20:22:24 GMT
Expires: Wed, 09 Apr 2025 20:22:24 GMT
Cache-Control: public, max-age=31536000
Last-Modified: Wed, 11 May 2022 19:24:42 GMT
Content-Type: font/woff2
Age: 579646

cdn.barscreative1.com/sb/notifications/utility/default/us/blog/financeskipper/message_redcircle2/16/index.html

45.133.44.4

200 OK

472 B

URL GET HTTP/2
cdn.barscreative1.com/sb/notifications/utility/default/us/blog/financeskipper/message_redcircle2/16/index.html
IP
45.133.44.4:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
http://nguonchillb.com/thanh-vat-ca-sau-crocodile-dundee-f41307.html
Certificate
IssuerLet's Encrypt
Subjectcdn.barscreative1.com
FingerprintF6:54:F4:B9:EB:AD:1E:FA:8F:76:B9:75:20:9B:41:57:32:37:94:E3
ValiditySun, 10 Mar 2024 03:01:32 GMT - Sat, 08 Jun 2024 03:01:31 GMT

File type
HTML document, ASCII text
Size
472 B (472 bytes)
Hash
3f8de4c280d2d48e8418a562095ac7e4
3dc3e5bc655dcd0ff5b045b147c28398e07b6e4d
54358796e1fc6b065f33194b7e4f02b43fc28050a3d64e482e59f4251d06fc15

HTTP Headers

GET /sb/notifications/utility/default/us/blog/financeskipper/message_redcircle2/16/index.html HTTP/1.1
Host: cdn.barscreative1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://nguonchillb.com
DNT: 1
Connection: keep-alive
Referer: http://nguonchillb.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Tue, 16 Apr 2024 13:23:09 GMT
content-type: text/html; charset=utf-8
server: nginx/1.21.6
last-modified: Fri, 19 Jan 2024 14:21:26 GMT
etag: W/"65aa8566-609"
cache-control: max-age=3600
access-control-allow-origin: *
access-control-expose-headers: Date
content-encoding: gzip
expires: Tue, 16 Apr 2024 14:23:09 GMT
x-proxy-cache: HIT
X-Firefox-Spdy: h2

cdn.creative-bars1.com/sb/notifications/utility/default/us/blog/financeskipper/message_redcircle2/16/js/script.js

104.21.70.253

200 OK

196 B

URL GET HTTP/2
cdn.creative-bars1.com/sb/notifications/utility/default/us/blog/financeskipper/message_redcircle2/16/js/script.js
IP
104.21.70.253:443
ASN
#13335 CLOUDFLARENET

Requested by
http://nguonchillb.com/thanh-vat-ca-sau-crocodile-dundee-f41307.html
Certificate
IssuerGoogle Trust Services LLC
Subjectcreative-bars1.com
Fingerprint3D:29:39:2C:F1:E5:C6:EF:54:F5:70:B5:CF:A8:C2:75:4D:89:72:13
ValidityMon, 15 Apr 2024 15:02:18 GMT - Sun, 14 Jul 2024 15:02:17 GMT

File type
ASCII text
Size
196 B (196 bytes)
Hash
5ca8c1679ba9453cfa512e01d6fec9c5
45628341eb20e4acee5e812d3b2dfc8f23962daf
520a0196a18cbe656f7382a02ec828125e68bdac511b9ebe2bf27f31e262d037

HTTP Headers

GET /sb/notifications/utility/default/us/blog/financeskipper/message_redcircle2/16/js/script.js HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://nguonchillb.com
DNT: 1
Connection: keep-alive
Referer: http://nguonchillb.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Tue, 16 Apr 2024 13:23:10 GMT
content-type: application/javascript
last-modified: Fri, 19 Jan 2024 14:21:26 GMT
etag: W/"65aa8566-182"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=KFVBeE%2FOMgS3jryxsM4BpMsxuEy7oodkFCwflxB2uCNdWK6BB2s%2Fh4akT4PeigY4U818zVI68WDnTzQqK0eYJ%2BU0GyipfV%2FO0fDeVNWgG38abiPKuSaWYapLeLeroMiKqlle8q1Lg8TW"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87547d024e21569f-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

continuousselfevidentinestimable.com/pixel/sbs?c=1

172.240.108.68

200 OK

0 B

URL GET HTTP/1.1
continuousselfevidentinestimable.com/pixel/sbs?c=1
IP
172.240.108.68:443
ASN
#7979 SERVERS-COM

Requested by
http://nguonchillb.com/thanh-vat-ca-sau-crocodile-dundee-f41307.html
Certificate
IssuerLet's Encrypt
Subjectcontinuousselfevidentinestimable.com
Fingerprint1F:F4:36:85:7F:D7:60:BF:21:DA:52:FF:00:60:97:80:4B:6D:0D:3A
ValidityMon, 15 Apr 2024 12:20:33 GMT - Sun, 14 Jul 2024 12:20:32 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /pixel/sbs?c=1 HTTP/1.1
Host: continuousselfevidentinestimable.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://nguonchillb.com/
Cookie: u_pl=17093374; uid_id2=2e4050e2-862b-478b-bced-8ca26bdfb72a:1:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; slec5b28bb3338748187b2166508de2d96b3=[3078195,3078189]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Tue, 16 Apr 2024 13:23:10 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range

unseenreport.com/pxf.gif?uuid=2e4050e2-862b-478b-bced-8ca26bdfb72a&eb=978028c5053b26833423c7a069ce3bd5&te=5db3a4e34790624df926db520a13f79f&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=e&res=14.2069&b_frame=0&pk=5b28bb3338748187b2166508de2d96b3&bl=en-US&sr=1024x1280&sz=1024x1280&hjs=13

192.243.59.13

200 OK

0 B

URL GET HTTP/1.1
unseenreport.com/pxf.gif?uuid=2e4050e2-862b-478b-bced-8ca26bdfb72a&eb=978028c5053b26833423c7a069ce3bd5&te=5db3a4e34790624df926db520a13f79f&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=e&res=14.2069&b_frame=0&pk=5b28bb3338748187b2166508de2d96b3&bl=en-US&sr=1024x1280&sz=1024x1280&hjs=13
IP
192.243.59.13:80
ASN
#39572 DataWeb Global Group B.V.

Requested by
http://nguonchillb.com/thanh-vat-ca-sau-crocodile-dundee-f41307.html

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /pxf.gif?uuid=2e4050e2-862b-478b-bced-8ca26bdfb72a&eb=978028c5053b26833423c7a069ce3bd5&te=5db3a4e34790624df926db520a13f79f&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=e&res=14.2069&b_frame=0&pk=5b28bb3338748187b2166508de2d96b3&bl=en-US&sr=1024x1280&sz=1024x1280&hjs=13 HTTP/1.1
Host: unseenreport.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://nguonchillb.com/
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Tue, 16 Apr 2024 13:23:09 GMT
Content-Type: image/gif
Content-Length: 1
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 120fa42a03f19aabee7b9c6155221fce
Strict-Transport-Security: max-age=0; includeSubdomains

192.243.61.225

200 OK

0 B

URL GET HTTP/1.1
continuousselfevidentinestimable.com/pixel/sbls?bv=24.6.6370&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Fnotifications%2Futility%2Fdefault%2Fus%2Fblog%2Ffinanceskipper%2Fmessage_redcircle2%2F16%2Fcss%2Fanimate.css&l=78689&fd=354
IP
192.243.61.225:80
ASN
#39572 DataWeb Global Group B.V.

Requested by
http://nguonchillb.com/thanh-vat-ca-sau-crocodile-dundee-f41307.html

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /pixel/sbls?bv=24.6.6370&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Fnotifications%2Futility%2Fdefault%2Fus%2Fblog%2Ffinanceskipper%2Fmessage_redcircle2%2F16%2Fcss%2Fanimate.css&l=78689&fd=354 HTTP/1.1
Host: continuousselfevidentinestimable.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://nguonchillb.com/
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Tue, 16 Apr 2024 13:23:10 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range

cdn.creative-bars1.com/sb/notifications/utility/default/us/blog/financeskipper/message_redcircle2/16/css/style.css

104.21.70.253

200 OK

3.7 kB

URL GET HTTP/2
cdn.creative-bars1.com/sb/notifications/utility/default/us/blog/financeskipper/message_redcircle2/16/css/style.css
IP
104.21.70.253:443
ASN
#13335 CLOUDFLARENET

Requested by
http://nguonchillb.com/thanh-vat-ca-sau-crocodile-dundee-f41307.html
Certificate
IssuerGoogle Trust Services LLC
Subjectcreative-bars1.com
Fingerprint3D:29:39:2C:F1:E5:C6:EF:54:F5:70:B5:CF:A8:C2:75:4D:89:72:13
ValidityMon, 15 Apr 2024 15:02:18 GMT - Sun, 14 Jul 2024 15:02:17 GMT

File type
ASCII text, with very long lines (3865), with no line terminators
Size
3.7 kB (3664 bytes)
Hash
8af2a95e7b4e4fd515ebc4d2a5b969a9
8c10eb89ec6434d2b6540bef9d042c3d305bcef3
5d6300285dcf4ce34851ff873097d2ecccc9c2059e89aacc4ff6ee672baf2f8a

HTTP Headers

GET /sb/notifications/utility/default/us/blog/financeskipper/message_redcircle2/16/css/style.css HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://nguonchillb.com
DNT: 1
Connection: keep-alive
Referer: http://nguonchillb.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Tue, 16 Apr 2024 13:23:10 GMT
content-type: text/css
last-modified: Fri, 19 Jan 2024 14:21:26 GMT
etag: W/"65aa8566-e50"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=63QdFVmhKV2qoM5xcKhj8NC3YPifaaYLz3dwWLDxgqVgt8B4Q0SA755m6J1LYSakk2RIJZJEWYaZo8OYHF5TxgnVTvSRO2Mt8G7Xk2hKVCceWzDr%2BoYVx6pZ%2BSd3ov9UCxO2nDCIg4xr"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87547d023e0b569f-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

fonts.googleapis.com/css?family=Montserrat:100,100i,200,200i,300,300i,400,400i,500,500i,600,600i,700,700i,800,800i,900,900i

142.250.74.106

200 OK

31 kB

URL GET HTTP/2
fonts.googleapis.com/css?family=Montserrat:100,100i,200,200i,300,300i,400,400i,500,500i,600,600i,700,700i,800,800i,900,900i
IP
142.250.74.106:443
ASN
#15169 GOOGLE

Requested by
http://nguonchillb.com/thanh-vat-ca-sau-crocodile-dundee-f41307.html
Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint47:5A:64:7D:9F:47:34:07:31:91:97:F7:04:42:7A:D5:EA:AD:07:4E
ValidityMon, 04 Mar 2024 07:16:44 GMT - Mon, 27 May 2024 07:16:43 GMT

File type
ASCII text
Size
31 kB (31086 bytes)
Hash
1535ab95ae017577b9c386b35a1cd5ee
2daa147654a80e47e16524ae15b678f59ee98514
468b3e9ad7eb860239ed3e6eba32e2e0ff79ee9c2bbf132f18a4d9c0809716e3

HTTP Headers

GET /css?family=Montserrat:100,100i,200,200i,300,300i,400,400i,500,500i,600,600i,700,700i,800,800i,900,900i HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://nguonchillb.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Tue, 16 Apr 2024 13:23:07 GMT
date: Tue, 16 Apr 2024 13:23:07 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.googleapis.com/css?family=Roboto+Condensed:300,300i,400,400i,700,700i&subset=latin-ext,vietnamese

142.250.74.106

200 OK

14 kB

URL GET HTTP/2
fonts.googleapis.com/css?family=Roboto+Condensed:300,300i,400,400i,700,700i&subset=latin-ext,vietnamese
IP
142.250.74.106:443
ASN
#15169 GOOGLE

Requested by
http://nguonchillb.com/thanh-vat-ca-sau-crocodile-dundee-f41307.html
Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint47:5A:64:7D:9F:47:34:07:31:91:97:F7:04:42:7A:D5:EA:AD:07:4E
ValidityMon, 04 Mar 2024 07:16:44 GMT - Mon, 27 May 2024 07:16:43 GMT

File type
ASCII text
Size
14 kB (14382 bytes)
Hash
fc75373f300a1c1fbca638e636b5f68b
4bc81b7661df93d2b448862e227c13e42f23222e
f105df3b32f71722ebee1ee36d7ff3a57f637e97400d9a691b878f1575d1984f

HTTP Headers

GET /css?family=Roboto+Condensed:300,300i,400,400i,700,700i&subset=latin-ext,vietnamese HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://nguonchillb.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Tue, 16 Apr 2024 13:23:07 GMT
date: Tue, 16 Apr 2024 13:23:07 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

cdn.creative-bars1.com/sb/notifications/utility/default/us/blog/financeskipper/message_redcircle2/16/css/animate.css

104.21.70.253

200 OK

79 kB

URL GET HTTP/2
cdn.creative-bars1.com/sb/notifications/utility/default/us/blog/financeskipper/message_redcircle2/16/css/animate.css
IP
104.21.70.253:443
ASN
#13335 CLOUDFLARENET

Requested by
http://nguonchillb.com/thanh-vat-ca-sau-crocodile-dundee-f41307.html
Certificate
IssuerGoogle Trust Services LLC
Subjectcreative-bars1.com
Fingerprint3D:29:39:2C:F1:E5:C6:EF:54:F5:70:B5:CF:A8:C2:75:4D:89:72:13
ValidityMon, 15 Apr 2024 15:02:18 GMT - Sun, 14 Jul 2024 15:02:17 GMT

File type
ASCII text
Size
79 kB (78689 bytes)
Hash
3d4123dbfb33d27a5cfdfcfa91df6783
e7d0eeeec54b848f0bc3da8685fa3bc88429d660
cb7d1393b65701b2f97d8da244c2c6023e9cbc3463ecb0136b915cfc775c6887

HTTP Headers

GET /sb/notifications/utility/default/us/blog/financeskipper/message_redcircle2/16/css/animate.css HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://nguonchillb.com
DNT: 1
Connection: keep-alive
Referer: http://nguonchillb.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Tue, 16 Apr 2024 13:23:10 GMT
content-type: text/css
last-modified: Fri, 19 Jan 2024 14:21:26 GMT
etag: W/"65aa8566-13361"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=KgDOTo5bjkA1ZEFPxUr%2FAjbP5go%2FeBnZEXER4y4Bj8excFaAu9f2gd9NxzpMoRo%2F1ceymwgODftqCmdygZCpqF4D1tvqZz1gPG%2BtboNU7p2sf2GnbCZZg9wLugSRyZHfHcEBqMHRPqaX"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87547d023e04569f-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

continuousselfevidentinestimable.com/impr.gif?sid=H4sIAAAAAAAC%2F1RSTWskVRe%2BlTfwLoQBZUBQlEZcKJhOVfVXxVkMxhgJxskwo%2BhO7ld1rrlVt7i3qqsTN8EBmWXjL6g8nUzQGUR%2FwIzaGRAJCGlXWZjfIIiDK5Fqo40Hqs7Hcw485zz3s4PigoQo6Pnau2ZPaU2XO02%2F8cqHQXCtsanSYtgYRt2Puu1rDTt4faXb9F9tvC35jlkO%2FcD3Az9orCsrYzNcrkGo7MFK0Fzxm%2B2wGXTaGNr%2F5q7w4KgHMbggz0CJ6eJj7yoUnyBNvl6Tbic32WtvJYWmubEYiOP3053UlCmSeRhbD3F6fNkN487WH8GkRzO6MIN%2FG5maEu%2BHR2Dp8SVJsMHhjCfTkCmYeArlYAKpJ1B0Am7uQIkzAnCBG1tIk3s3jC3p7t8ordEpWXzyG1Q5JYu%2FXEWafLWq1bBx2%2BgiVyZ1GMYV1HAC1Z8gK06Q7y1AlSfg%2BadQ4iey%2FGQTaXK45bSBEucvh7Ltd3wZLkXdkC21exFbYlyKpYjTsMtEzHohnR1IqQlUPIGWI1Dnoag%2F5aGIPRSZh0ScN3gQBD1fcOpHK5y3RE%2ByrvAD2osDGvjdCAWvdxghz0bgegRu95HZfeyoEWzxHdx2BSc8uJxgICqUkqB0BCUlKBVBmROUg%2BpIaBe66p7QrmDBpQ8vfasam7x%2FQI9M3pcpAbUjWFEdZBfk6fqA3uL0T%2BzI80aHhRFjrVYr6rWjIOqxMOh2O34kZChWuqwFpyootzBbd68W8%2FtVZLV%2F6ToYPYHTJ%2BDKAy1eAC0r0O0Ke%2Bn9tF%2BYNB80uUkgTIUsX0S%2B6x3oC%2FL8TMHmHy1IfkouDdxWyGyFj9Vjgr6%2BO75lSnJ4y5SOfLOV5SpRe7RW93ZOc%2Bl9%2BY7cLY0VG2tu9MUbvAbq8MF70uWbNBUq7Ttyf1UJIe26sVyShxvuA8luFm57tbBpkW3efHN9I8msdE6ZdAKqzq5cAVdT8v8ff58922cvnoOyE9iiQlLMmSpzAp7tw2XzmjMEVs9zlnkoi2psQzYvakWg5TynrIKTp9%2F%2B%2Bs%2FQPB5bWk9TVR24u%2BjbBdD8DtKkwsBWGOgKVI%2Fgiv%2BN88yeXv%2B5NTMwvTBm2i4cMm3157Mj178lOHXeaPmix2Qse0y2O%2B1YcsE6HebzmLOWiCKO3E3jFz95%2BBcAAAD%2F%2FwEAAP%2F%2FYJFQ2pAEAAA%3D

172.240.108.68

200 OK

0 B

URL GET HTTP/1.1
continuousselfevidentinestimable.com/impr.gif?sid=H4sIAAAAAAAC%2F1RSTWskVRe%2BlTfwLoQBZUBQlEZcKJhOVfVXxVkMxhgJxskwo%2BhO7ld1rrlVt7i3qqsTN8EBmWXjL6g8nUzQGUR%2FwIzaGRAJCGlXWZjfIIiDK5Fqo40Hqs7Hcw485zz3s4PigoQo6Pnau2ZPaU2XO02%2F8cqHQXCtsanSYtgYRt2Puu1rDTt4faXb9F9tvC35jlkO%2FcD3Az9orCsrYzNcrkGo7MFK0Fzxm%2B2wGXTaGNr%2F5q7w4KgHMbggz0CJ6eJj7yoUnyBNvl6Tbic32WtvJYWmubEYiOP3053UlCmSeRhbD3F6fNkN487WH8GkRzO6MIN%2FG5maEu%2BHR2Dp8SVJsMHhjCfTkCmYeArlYAKpJ1B0Am7uQIkzAnCBG1tIk3s3jC3p7t8ordEpWXzyG1Q5JYu%2FXEWafLWq1bBx2%2BgiVyZ1GMYV1HAC1Z8gK06Q7y1AlSfg%2BadQ4iey%2FGQTaXK45bSBEucvh7Ltd3wZLkXdkC21exFbYlyKpYjTsMtEzHohnR1IqQlUPIGWI1Dnoag%2F5aGIPRSZh0ScN3gQBD1fcOpHK5y3RE%2ByrvAD2osDGvjdCAWvdxghz0bgegRu95HZfeyoEWzxHdx2BSc8uJxgICqUkqB0BCUlKBVBmROUg%2BpIaBe66p7QrmDBpQ8vfasam7x%2FQI9M3pcpAbUjWFEdZBfk6fqA3uL0T%2BzI80aHhRFjrVYr6rWjIOqxMOh2O34kZChWuqwFpyootzBbd68W8%2FtVZLV%2F6ToYPYHTJ%2BDKAy1eAC0r0O0Ke%2Bn9tF%2BYNB80uUkgTIUsX0S%2B6x3oC%2FL8TMHmHy1IfkouDdxWyGyFj9Vjgr6%2BO75lSnJ4y5SOfLOV5SpRe7RW93ZOc%2Bl9%2BY7cLY0VG2tu9MUbvAbq8MF70uWbNBUq7Ttyf1UJIe26sVyShxvuA8luFm57tbBpkW3efHN9I8msdE6ZdAKqzq5cAVdT8v8ff58922cvnoOyE9iiQlLMmSpzAp7tw2XzmjMEVs9zlnkoi2psQzYvakWg5TynrIKTp9%2F%2B%2Bs%2FQPB5bWk9TVR24u%2BjbBdD8DtKkwsBWGOgKVI%2Fgiv%2BN88yeXv%2B5NTMwvTBm2i4cMm3157Mj178lOHXeaPmix2Qse0y2O%2B1YcsE6HebzmLOWiCKO3E3jFz95%2BBcAAAD%2F%2FwEAAP%2F%2FYJFQ2pAEAAA%3D
IP
172.240.108.68:443
ASN
#7979 SERVERS-COM

Requested by
http://nguonchillb.com/thanh-vat-ca-sau-crocodile-dundee-f41307.html
Certificate
IssuerLet's Encrypt
Subjectcontinuousselfevidentinestimable.com
Fingerprint1F:F4:36:85:7F:D7:60:BF:21:DA:52:FF:00:60:97:80:4B:6D:0D:3A
ValidityMon, 15 Apr 2024 12:20:33 GMT - Sun, 14 Jul 2024 12:20:32 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /impr.gif?sid=H4sIAAAAAAAC%2F1RSTWskVRe%2BlTfwLoQBZUBQlEZcKJhOVfVXxVkMxhgJxskwo%2BhO7ld1rrlVt7i3qqsTN8EBmWXjL6g8nUzQGUR%2FwIzaGRAJCGlXWZjfIIiDK5Fqo40Hqs7Hcw485zz3s4PigoQo6Pnau2ZPaU2XO02%2F8cqHQXCtsanSYtgYRt2Puu1rDTt4faXb9F9tvC35jlkO%2FcD3Az9orCsrYzNcrkGo7MFK0Fzxm%2B2wGXTaGNr%2F5q7w4KgHMbggz0CJ6eJj7yoUnyBNvl6Tbic32WtvJYWmubEYiOP3053UlCmSeRhbD3F6fNkN487WH8GkRzO6MIN%2FG5maEu%2BHR2Dp8SVJsMHhjCfTkCmYeArlYAKpJ1B0Am7uQIkzAnCBG1tIk3s3jC3p7t8ordEpWXzyG1Q5JYu%2FXEWafLWq1bBx2%2BgiVyZ1GMYV1HAC1Z8gK06Q7y1AlSfg%2BadQ4iey%2FGQTaXK45bSBEucvh7Ltd3wZLkXdkC21exFbYlyKpYjTsMtEzHohnR1IqQlUPIGWI1Dnoag%2F5aGIPRSZh0ScN3gQBD1fcOpHK5y3RE%2ByrvAD2osDGvjdCAWvdxghz0bgegRu95HZfeyoEWzxHdx2BSc8uJxgICqUkqB0BCUlKBVBmROUg%2BpIaBe66p7QrmDBpQ8vfasam7x%2FQI9M3pcpAbUjWFEdZBfk6fqA3uL0T%2BzI80aHhRFjrVYr6rWjIOqxMOh2O34kZChWuqwFpyootzBbd68W8%2FtVZLV%2F6ToYPYHTJ%2BDKAy1eAC0r0O0Ke%2Bn9tF%2BYNB80uUkgTIUsX0S%2B6x3oC%2FL8TMHmHy1IfkouDdxWyGyFj9Vjgr6%2BO75lSnJ4y5SOfLOV5SpRe7RW93ZOc%2Bl9%2BY7cLY0VG2tu9MUbvAbq8MF70uWbNBUq7Ttyf1UJIe26sVyShxvuA8luFm57tbBpkW3efHN9I8msdE6ZdAKqzq5cAVdT8v8ff58922cvnoOyE9iiQlLMmSpzAp7tw2XzmjMEVs9zlnkoi2psQzYvakWg5TynrIKTp9%2F%2B%2Bs%2FQPB5bWk9TVR24u%2BjbBdD8DtKkwsBWGOgKVI%2Fgiv%2BN88yeXv%2B5NTMwvTBm2i4cMm3157Mj178lOHXeaPmix2Qse0y2O%2B1YcsE6HebzmLOWiCKO3E3jFz95%2BBcAAAD%2F%2FwEAAP%2F%2FYJFQ2pAEAAA%3D HTTP/1.1
Host: continuousselfevidentinestimable.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://nguonchillb.com/
Cookie: u_pl=17093374; uid_id2=2e4050e2-862b-478b-bced-8ca26bdfb72a:1:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; slec5b28bb3338748187b2166508de2d96b3=[3078195,3078189]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Tue, 16 Apr 2024 13:23:10 GMT
Content-Type: image/gif
Content-Length: 7
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 2dc406a7cec2aef25660fbe7a0a6d530
Strict-Transport-Security: max-age=0; includeSubdomains

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (29)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML