| nguonchilla.com/site/site/embed/?url=http://nguonchilla.com/thanh-vat-ca-sau-crocodile-dundee-f41307.html | 94.242.50.163 | | 0 B |
URL nguonchilla.com/site/site/embed/?url=http://nguonchilla.com/thanh-vat-ca-sau-crocodile-dundee-f41307.html IP94.242.50.163:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /site/site/embed/?url=http://nguonchilla.com/thanh-vat-ca-sau-crocodile-dundee-f41307.html HTTP/1.1
Host: nguonchilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 301 Moved Permanently
Date: Tue, 16 Apr 2024 13:23:05 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.0.33
X-Powered-By: PHP/7.0.33
Set-Cookie: PHPSESSID=evvva2ptv8gs2140cmitdp6dr3; path=/
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Location: http://nguonchilla.com/site/site/embed/?url=http://nguonchilla.com/thanh-vat-ca-sau-crocodile-dundee-f41307.html
X-UA-Compatible: IE=edge,chrome=1
Content-Length: 0
Connection: close
Content-Type: text/html; charset=UTF-8
|
|
| nguonchilla.com/site/site/embed/?url=http://nguonchilla.com/thanh-vat-ca-sau-crocodile-dundee-f41307.html | 94.242.50.163 | | 0 B |
URL nguonchilla.com/site/site/embed/?url=http://nguonchilla.com/thanh-vat-ca-sau-crocodile-dundee-f41307.html IP94.242.50.163:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /site/site/embed/?url=http://nguonchilla.com/thanh-vat-ca-sau-crocodile-dundee-f41307.html HTTP/1.1
Host: nguonchilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Cookie: PHPSESSID=evvva2ptv8gs2140cmitdp6dr3
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 301 Moved Permanently
Date: Tue, 16 Apr 2024 13:23:06 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.0.33
X-Powered-By: PHP/7.0.33
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Location: http://nguonchillb.com/site/site/embed/?url=http://nguonchilla.com/thanh-vat-ca-sau-crocodile-dundee-f41307.html
X-UA-Compatible: IE=edge,chrome=1
Content-Length: 0
Connection: close
Content-Type: text/html; charset=UTF-8
|
|
| nguonchillb.com/site/site/embed/?url=http://nguonchilla.com/thanh-vat-ca-sau-crocodile-dundee-f41307.html | 94.242.50.163 | | 729 B |
URL nguonchillb.com/site/site/embed/?url=http://nguonchilla.com/thanh-vat-ca-sau-crocodile-dundee-f41307.html IP94.242.50.163:0
File typeHTML document, Unicode text, UTF-8 text, with CRLF, LF line terminators Hash8aa5253a4a8c149616c2d11dfae3a8dd 6cefd8983d523963aa1f3bcc0527e17b0d93e0f2 548396db27485edecf0eb95e3d4fcde16cded3e3fe37486ad63d289b9570f8e2
GET /site/site/embed/?url=http://nguonchilla.com/thanh-vat-ca-sau-crocodile-dundee-f41307.html HTTP/1.1
Host: nguonchillb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 16 Apr 2024 13:23:06 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.0.33
X-Powered-By: PHP/7.0.33
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Set-Cookie: PHPSESSID=8dvl95rdhpai9cna7n314km336; path=/
us_session_id=P1821; expires=Wed, 17-Apr-2024 13:23:06 GMT; Max-Age=86400; path=/
Vary: Accept-Encoding
Content-Encoding: gzip
X-UA-Compatible: IE=edge,chrome=1
Content-Length: 729
Connection: close
Content-Type: text/html; charset=UTF-8
|
|
| nguonchillb.com/assets/3bd14e95/jquery.min.js | 94.242.50.163 | 200 OK | 34 kB |
URL GET HTTP/1.1nguonchillb.com/assets/3bd14e95/jquery.min.js IP94.242.50.163:80
Requested byhttp://nguonchillb.com/thanh-vat-ca-sau-crocodile-dundee-f41307.html
File typeJavaScript source, ASCII text, with very long lines (32077) Hash0fca26b5a37a66d68d0f4406976be4b5 ee000eb654b3bd37185665d3901e93b34ce1aa52 8c2812ded6436715279f8fd8db58de307aa39ab0296fe3cf0e879067c51e9b18
GET /assets/3bd14e95/jquery.min.js HTTP/1.1
Host: nguonchillb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://nguonchillb.com/site/site/embed/?url=http://nguonchilla.com/thanh-vat-ca-sau-crocodile-dundee-f41307.html
Cookie: PHPSESSID=8dvl95rdhpai9cna7n314km336; us_session_id=P1821
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 16 Apr 2024 13:23:06 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.0.33
Last-Modified: Wed, 30 Nov 2022 09:07:34 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: max-age=31536000, proxy-revalidate
Expires: Wed, 16 Apr 2025 13:23:06 GMT
Content-Length: 33693
Connection: close
Content-Type: application/javascript; charset=utf-8
|
|
| m3.nguonphim.net/media/images/1/favi/favicon-1498701606.png | 94.242.50.163 | 200 OK | 18 kB |
URL GET HTTP/1.1m3.nguonphim.net/media/images/1/favi/favicon-1498701606.png IP94.242.50.163:80
Requested byhttp://nguonchillb.com/thanh-vat-ca-sau-crocodile-dundee-f41307.html
File typePNG image data, 46 x 48, 8-bit/color RGBA, non-interlaced Hashe6f4a93efe2d93e885abcbb4cc09cd4a e4f94b9e95b40e30b215228316bb7f8c48d08ed2 93b7bbea433aa41f6efb860d3d9777d363f9e64fc1ad4186cd9ef525bbee9c94
GET /media/images/1/favi/favicon-1498701606.png HTTP/1.1
Host: m3.nguonphim.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://nguonchillb.com/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 16 Apr 2024 13:23:06 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.0.33
Last-Modified: Wed, 05 Jul 2017 04:14:59 GMT
ETag: "45d1-5538a3e52eb40"
Accept-Ranges: bytes
Content-Length: 17873
Cache-Control: max-age=5184000, public
Expires: Sat, 15 Jun 2024 13:23:06 GMT
Access-Control-Allow-Origin: *
Connection: close
Content-Type: image/png
|
|
| nguonchilla.com/thanh-vat-ca-sau-crocodile-dundee-f41307.html | 94.242.50.163 | 301 Moved Permanently | 0 B |
URL User Request GET HTTP/1.1nguonchilla.com/thanh-vat-ca-sau-crocodile-dundee-f41307.html IP94.242.50.163:443
CertificateIssuerLet's Encrypt Subjectnguonchilla.com FingerprintB8:4E:76:1B:BB:3D:79:0D:6A:15:F1:A0:AA:9D:F8:8C:22:04:95:2F ValidityFri, 15 Mar 2024 00:53:33 GMT - Thu, 13 Jun 2024 00:53:32 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /thanh-vat-ca-sau-crocodile-dundee-f41307.html HTTP/1.1
Host: nguonchilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://nguonchillb.com/
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Cookie: PHPSESSID=evvva2ptv8gs2140cmitdp6dr3
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 301 Moved Permanently
Date: Tue, 16 Apr 2024 13:23:07 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.0.33
X-Powered-By: PHP/7.0.33
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Location: http://nguonchilla.com/thanh-vat-ca-sau-crocodile-dundee-f41307.html
X-UA-Compatible: IE=edge,chrome=1
Content-Length: 0
Connection: close
Content-Type: text/html; charset=UTF-8
|
|
| nguonchilla.com/thanh-vat-ca-sau-crocodile-dundee-f41307.html | 94.242.50.163 | 301 Moved Permanently | 0 B |
URL User Request GET HTTP/1.1nguonchilla.com/thanh-vat-ca-sau-crocodile-dundee-f41307.html IP94.242.50.163:443
CertificateIssuerLet's Encrypt Subjectnguonchilla.com FingerprintB8:4E:76:1B:BB:3D:79:0D:6A:15:F1:A0:AA:9D:F8:8C:22:04:95:2F ValidityFri, 15 Mar 2024 00:53:33 GMT - Thu, 13 Jun 2024 00:53:32 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /thanh-vat-ca-sau-crocodile-dundee-f41307.html HTTP/1.1
Host: nguonchilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://nguonchillb.com/
DNT: 1
Connection: keep-alive
Cookie: PHPSESSID=evvva2ptv8gs2140cmitdp6dr3
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 301 Moved Permanently
Date: Tue, 16 Apr 2024 13:23:07 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.0.33
X-Powered-By: PHP/7.0.33
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Location: http://nguonchillb.com/thanh-vat-ca-sau-crocodile-dundee-f41307.html
X-UA-Compatible: IE=edge,chrome=1
Content-Length: 0
Connection: close
Content-Type: text/html; charset=UTF-8
|
|
| nguonchillb.com/thanh-vat-ca-sau-crocodile-dundee-f41307.html | 94.242.50.163 | 200 OK | 16 kB |
URL User Request GET HTTP/1.1nguonchillb.com/thanh-vat-ca-sau-crocodile-dundee-f41307.html IP94.242.50.163:80
File typeHTML document, Unicode text, UTF-8 text, with very long lines (616), with CRLF, LF line terminators Hash77c394485bc94e9e616a4a2d1d7a1ca8 1673734f03d5fdc12c99f36862f4b665ab302451 d94eeede7ffb72048886d2a0d1ad1c570a37924a71536c78154444946f7f2eb4
GET /thanh-vat-ca-sau-crocodile-dundee-f41307.html HTTP/1.1
Host: nguonchillb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://nguonchillb.com/
DNT: 1
Connection: keep-alive
Cookie: PHPSESSID=8dvl95rdhpai9cna7n314km336; us_session_id=P1821
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 16 Apr 2024 13:23:07 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.0.33
X-Powered-By: PHP/7.0.33
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: Accept-Encoding
Content-Encoding: gzip
X-UA-Compatible: IE=edge,chrome=1
Content-Length: 16176
Connection: close
Content-Type: text/html; charset=UTF-8
|
|
| nguonchillb.com/themes/np/js/bootstrap.min.js | 94.242.50.163 | 200 OK | 9.7 kB |
URL GET HTTP/1.1nguonchillb.com/themes/np/js/bootstrap.min.js IP94.242.50.163:80
Requested byhttp://nguonchillb.com/thanh-vat-ca-sau-crocodile-dundee-f41307.html
File typeJavaScript source, ASCII text, with very long lines (32034), with CRLF line terminators Hashe7d9a06cf9053c51cd4ad3386da0659a e45bf1054704a1fdfc4ee2713a16bf9283dea995 9a3724b2051a82064c923cbd68343dcb04014adac3ccb8c4d8ac6a31ba2e12cd
GET /themes/np/js/bootstrap.min.js HTTP/1.1
Host: nguonchillb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://nguonchillb.com/thanh-vat-ca-sau-crocodile-dundee-f41307.html
Cookie: PHPSESSID=8dvl95rdhpai9cna7n314km336; us_session_id=P1821
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 16 Apr 2024 13:23:07 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.0.33
Last-Modified: Fri, 19 Jan 2018 09:15:02 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: max-age=31536000, proxy-revalidate
Expires: Wed, 16 Apr 2025 13:23:07 GMT
Content-Length: 9726
Connection: close
Content-Type: application/javascript; charset=utf-8
|
|
| nguonchillb.com/assets/3bd14e95/jquery.min.js | 94.242.50.163 | 200 OK | 34 kB |
URL GET HTTP/1.1nguonchillb.com/assets/3bd14e95/jquery.min.js IP94.242.50.163:80
Requested byhttp://nguonchillb.com/thanh-vat-ca-sau-crocodile-dundee-f41307.html
File typeJavaScript source, ASCII text, with very long lines (32077) Hash0fca26b5a37a66d68d0f4406976be4b5 ee000eb654b3bd37185665d3901e93b34ce1aa52 8c2812ded6436715279f8fd8db58de307aa39ab0296fe3cf0e879067c51e9b18
GET /assets/3bd14e95/jquery.min.js HTTP/1.1
Host: nguonchillb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://nguonchillb.com/thanh-vat-ca-sau-crocodile-dundee-f41307.html
Cookie: PHPSESSID=8dvl95rdhpai9cna7n314km336; us_session_id=P1821
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 16 Apr 2024 13:23:07 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.0.33
Last-Modified: Wed, 30 Nov 2022 09:07:34 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: max-age=31536000, proxy-revalidate
Expires: Wed, 16 Apr 2025 13:23:07 GMT
Content-Length: 33693
Connection: close
Content-Type: application/javascript; charset=utf-8
|
|
| nguonchillb.com/themes/np/js/wow.min.js | 94.242.50.163 | 200 OK | 2.7 kB |
URL GET HTTP/1.1nguonchillb.com/themes/np/js/wow.min.js IP94.242.50.163:80
Requested byhttp://nguonchillb.com/thanh-vat-ca-sau-crocodile-dundee-f41307.html
File typeJavaScript source, ASCII text, with very long lines (8385), with CRLF line terminators Hashe1f1ff6897992a9165e8ce009b4039e3 e297207404fea99863aea60a1dcd3770f8ecddee 37461d9b50fd93b2e6d064c4aa48cbc16d5b1e82c27f47270b87a39225cc00ac
GET /themes/np/js/wow.min.js HTTP/1.1
Host: nguonchillb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://nguonchillb.com/thanh-vat-ca-sau-crocodile-dundee-f41307.html
Cookie: PHPSESSID=8dvl95rdhpai9cna7n314km336; us_session_id=P1821
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 16 Apr 2024 13:23:07 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.0.33
Last-Modified: Fri, 19 Jan 2018 09:15:03 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: max-age=31536000, proxy-revalidate
Expires: Wed, 16 Apr 2025 13:23:07 GMT
Content-Length: 2742
Connection: close
Content-Type: application/javascript; charset=utf-8
|
|
| nguonchillb.com/themes/np/js/jquery.nice-select.js | 94.242.50.163 | 200 OK | 1.5 kB |
URL GET HTTP/1.1nguonchillb.com/themes/np/js/jquery.nice-select.js IP94.242.50.163:80
Requested byhttp://nguonchillb.com/thanh-vat-ca-sau-crocodile-dundee-f41307.html
File typeJavaScript source, Unicode text, UTF-8 text, with CRLF line terminators Hash723e741faba72abfb0e56b6e0f8a73d8 ba71788614e8e11dbeeebdcac9037b57e7a69ce4 39f6514264e1603542b6aa38ba44c3be0aa7bbdef56ed139d74fe75e24e642fa
GET /themes/np/js/jquery.nice-select.js HTTP/1.1
Host: nguonchillb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://nguonchillb.com/thanh-vat-ca-sau-crocodile-dundee-f41307.html
Cookie: PHPSESSID=8dvl95rdhpai9cna7n314km336; us_session_id=P1821
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 16 Apr 2024 13:23:07 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.0.33
Last-Modified: Fri, 19 Jan 2018 09:15:03 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: max-age=31536000, proxy-revalidate
Expires: Wed, 16 Apr 2025 13:23:07 GMT
Content-Length: 1538
Connection: close
Content-Type: application/javascript; charset=utf-8
|
|
| nguonchillb.com/themes/np/js/owl.carousel.min.js | 94.242.50.163 | 200 OK | 6.5 kB |
URL GET HTTP/1.1nguonchillb.com/themes/np/js/owl.carousel.min.js IP94.242.50.163:80
Requested byhttp://nguonchillb.com/thanh-vat-ca-sau-crocodile-dundee-f41307.html
File typeJavaScript source, ASCII text, with very long lines (635), with CRLF line terminators Hash8c52f27fcac36c7667f8fb846e1e94d5 e5862559db659ffd530c91452d668c5e7b3f0f2d 6c1e31700f68d1666de6b0992e89d413434707718bf729a472404029845bdbad
GET /themes/np/js/owl.carousel.min.js HTTP/1.1
Host: nguonchillb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://nguonchillb.com/thanh-vat-ca-sau-crocodile-dundee-f41307.html
Cookie: PHPSESSID=8dvl95rdhpai9cna7n314km336; us_session_id=P1821
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 16 Apr 2024 13:23:07 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.0.33
Last-Modified: Fri, 19 Jan 2018 09:15:03 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: max-age=31536000, proxy-revalidate
Expires: Wed, 16 Apr 2025 13:23:07 GMT
Content-Length: 6464
Connection: close
Content-Type: application/javascript; charset=utf-8
|
|
| nguonchillb.com/themes/np/css/color.css?v=np2.4.8.2 | 94.242.50.163 | 200 OK | 80 kB |
URL GET HTTP/1.1nguonchillb.com/themes/np/css/color.css?v=np2.4.8.2 IP94.242.50.163:80
Requested byhttp://nguonchillb.com/thanh-vat-ca-sau-crocodile-dundee-f41307.html
File typeUnicode text, UTF-8 (with BOM) text, with very long lines (65533), with no line terminators Hash9ccfae82c1f9be3cf7c148a39228f53c 9abd7857d28f34c5007b11ee53d2818482775163 d962cf8c297e2b013c20dadac3f99d1af50957de8e1d1de8b4ea960fbd6fd7b6
GET /themes/np/css/color.css?v=np2.4.8.2 HTTP/1.1
Host: nguonchillb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://nguonchillb.com/thanh-vat-ca-sau-crocodile-dundee-f41307.html
Cookie: PHPSESSID=8dvl95rdhpai9cna7n314km336; us_session_id=P1821
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 16 Apr 2024 13:23:07 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.0.33
Last-Modified: Wed, 30 Nov 2022 08:58:35 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: max-age=31536000, proxy-revalidate
Expires: Wed, 16 Apr 2025 13:23:07 GMT
Connection: close
Transfer-Encoding: chunked
Content-Type: text/css; charset=utf-8
|
|
| nguonchillb.com/themes/np/js/jquery.magnific-popup.min.js | 94.242.50.163 | 200 OK | 7.3 kB |
URL GET HTTP/1.1nguonchillb.com/themes/np/js/jquery.magnific-popup.min.js IP94.242.50.163:80
Requested byhttp://nguonchillb.com/thanh-vat-ca-sau-crocodile-dundee-f41307.html
File typeJavaScript source, ASCII text, with very long lines (20087), with CRLF line terminators Hashb37d7edf99565d3858eaa1ad80df3cff 786a4343711e9af5e5dfcc493e7d2331b48875bb b0a45cd5aed66e27bd8ee861d0e3b782c8e79849bde32f90f078b9f2451a36f2
GET /themes/np/js/jquery.magnific-popup.min.js HTTP/1.1
Host: nguonchillb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://nguonchillb.com/thanh-vat-ca-sau-crocodile-dundee-f41307.html
Cookie: PHPSESSID=8dvl95rdhpai9cna7n314km336; us_session_id=P1821
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 16 Apr 2024 13:23:07 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.0.33
Last-Modified: Fri, 19 Jan 2018 09:15:03 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: max-age=31536000, proxy-revalidate
Expires: Wed, 16 Apr 2025 13:23:07 GMT
Content-Length: 7346
Connection: close
Content-Type: application/javascript; charset=utf-8
|
|
| nguonchillb.com/themes/np/js/jquery.showmore.src.js | 94.242.50.163 | 200 OK | 434 B |
URL GET HTTP/1.1nguonchillb.com/themes/np/js/jquery.showmore.src.js IP94.242.50.163:80
Requested byhttp://nguonchillb.com/thanh-vat-ca-sau-crocodile-dundee-f41307.html
File typeJavaScript source, ASCII text, with very long lines (432) Hashf67d16dc855157012280d1b8d2d0ac55 4eaa66120111bb8cb4c21884c647bf609ef3a7a5 89a7b91f92a0583bcfabc3dc0347bfb78822ebe75d229fb766ae2fdc6e7e0d28
GET /themes/np/js/jquery.showmore.src.js HTTP/1.1
Host: nguonchillb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://nguonchillb.com/thanh-vat-ca-sau-crocodile-dundee-f41307.html
Cookie: PHPSESSID=8dvl95rdhpai9cna7n314km336; us_session_id=P1821
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 16 Apr 2024 13:23:07 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.0.33
Last-Modified: Fri, 19 Jan 2018 09:15:03 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: max-age=31536000, proxy-revalidate
Expires: Wed, 16 Apr 2025 13:23:07 GMT
Content-Length: 434
Connection: close
Content-Type: application/javascript; charset=utf-8
|
|
| nguonchillb.com/js/main.min.js?v=2.4.8.2 | 94.242.50.163 | 200 OK | 5.6 kB |
URL GET HTTP/1.1nguonchillb.com/js/main.min.js?v=2.4.8.2 IP94.242.50.163:80
Requested byhttp://nguonchillb.com/thanh-vat-ca-sau-crocodile-dundee-f41307.html
File typeJavaScript source, Unicode text, UTF-8 text, with very long lines (17159) Hash2f3514d630f0195787c0f99778202f3c 2ce2883a59c655b8e02d644a1449fcdfdf604486 23b47b8eb144a359fdd87940db44e0420e7e0062f3cbba762e0e22c35afb3749
GET /js/main.min.js?v=2.4.8.2 HTTP/1.1
Host: nguonchillb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://nguonchillb.com/thanh-vat-ca-sau-crocodile-dundee-f41307.html
Cookie: PHPSESSID=8dvl95rdhpai9cna7n314km336; us_session_id=P1821
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 16 Apr 2024 13:23:07 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.0.33
Last-Modified: Sat, 02 May 2020 19:55:57 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: max-age=31536000, proxy-revalidate
Expires: Wed, 16 Apr 2025 13:23:07 GMT
Content-Length: 5620
Connection: close
Content-Type: application/javascript; charset=utf-8
|
|
| m3.nguonphim.net/media/images/4/logo.png | 94.242.50.163 | 200 OK | 16 kB |
URL GET HTTP/1.1m3.nguonphim.net/media/images/4/logo.png IP94.242.50.163:80
Requested byhttp://nguonchillb.com/thanh-vat-ca-sau-crocodile-dundee-f41307.html
File typePNG image data, 280 x 94, 8-bit/color RGBA, non-interlaced Hash6e12d870d9aebf2230f92a6fb0abf91e f84aa519902c97d5581e123a977a964b107b5b39 de47df21115fcf985a37917e6681dc8648566a7807769e414f52a59f3033ee5a
GET /media/images/4/logo.png HTTP/1.1
Host: m3.nguonphim.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://nguonchillb.com/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 16 Apr 2024 13:23:07 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.0.33
Last-Modified: Thu, 04 May 2023 04:11:49 GMT
ETag: "3d50-5fad65f19af8d"
Accept-Ranges: bytes
Content-Length: 15696
Cache-Control: max-age=5184000, public
Expires: Sat, 15 Jun 2024 13:23:07 GMT
Access-Control-Allow-Origin: *
Connection: close
Content-Type: image/png
|
|
| www.googletagmanager.com/gtag/js?id=UA-228470674-1 | 142.250.74.168 | 200 OK | 74 kB |
URL GET HTTP/2www.googletagmanager.com/gtag/js?id=UA-228470674-1 IP142.250.74.168:443
Requested byhttp://nguonchillb.com/thanh-vat-ca-sau-crocodile-dundee-f41307.html CertificateIssuerGoogle Trust Services LLC Subject*.google-analytics.com FingerprintBF:40:8C:8B:CB:69:1E:3F:E2:3B:B7:8A:8E:C0:D6:98:5F:81:FA:2D ValidityMon, 04 Mar 2024 06:35:45 GMT - Mon, 27 May 2024 06:35:44 GMT
File typeJavaScript source, ASCII text, with very long lines (4179) Hash2398f8728ffdea633f6912763076b359 c977dd5762546c5c393b5f5f46c5b400fe4d85e0 2a59ebd31ee6aab82dd787ed7c7d38b7c4e9831cf3ebd89dabea039998ace96f
GET /gtag/js?id=UA-228470674-1 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://nguonchillb.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Tue, 16 Apr 2024 13:23:07 GMT
expires: Tue, 16 Apr 2024 13:23:07 GMT
cache-control: private, max-age=900
last-modified: Tue, 16 Apr 2024 12:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 73721
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| m3.nguonhay.com/media/images/film/ff/s350_700/van-gioi-doc-ton-1618772358.jpg | 94.242.50.163 | 200 OK | 41 kB |
URL GET HTTP/1.1m3.nguonhay.com/media/images/film/ff/s350_700/van-gioi-doc-ton-1618772358.jpg IP94.242.50.163:80
Requested byhttp://nguonchillb.com/thanh-vat-ca-sau-crocodile-dundee-f41307.html
File typeJPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, progressive, precision 8, 238x344, components 3 Hash8091041d69926e839902891831a9de78 e52932c8c944335a27363acefac27bf5be99780c 7348a57c603b9ab830af894eb6dcc70e545aa78850aa73fc9c8559f78358d5da
GET /media/images/film/ff/s350_700/van-gioi-doc-ton-1618772358.jpg HTTP/1.1
Host: m3.nguonhay.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://nguonchillb.com/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 16 Apr 2024 13:23:07 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.0.33
Last-Modified: Sun, 18 Apr 2021 18:59:23 GMT
ETag: "a135-5c043cfb0f712"
Accept-Ranges: bytes
Content-Length: 41269
Cache-Control: max-age=5184000, public
Expires: Sat, 15 Jun 2024 13:23:07 GMT
Access-Control-Allow-Origin: *
Connection: close
Content-Type: image/jpeg
|
|
| m3.nguonhay.com/media/images/film/xpm/s350_700/cuoc-san-ca-sau-1607079200.jpg | 94.242.50.163 | 200 OK | 41 kB |
URL GET HTTP/1.1m3.nguonhay.com/media/images/film/xpm/s350_700/cuoc-san-ca-sau-1607079200.jpg IP94.242.50.163:80
Requested byhttp://nguonchillb.com/thanh-vat-ca-sau-crocodile-dundee-f41307.html
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 265x320, components 3 Hashd78b364dde2fb8f32c1d833b1bf1c01a 33587b579b785819c8cb5af28bc5c84aed133e0f 276d4959a1555fb83b8bed881f4687ccd8e4ac5cb15bf131c407b887092584a4
GET /media/images/film/xpm/s350_700/cuoc-san-ca-sau-1607079200.jpg HTTP/1.1
Host: m3.nguonhay.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://nguonchillb.com/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 16 Apr 2024 13:23:07 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.0.33
Last-Modified: Thu, 17 Feb 2022 13:42:22 GMT
ETag: "a193-5d836ef92bcca"
Accept-Ranges: bytes
Content-Length: 41363
Cache-Control: max-age=5184000, public
Expires: Sat, 15 Jun 2024 13:23:07 GMT
Access-Control-Allow-Origin: *
Connection: close
Content-Type: image/jpeg
|
|
| nguontv.com/media/vn02.jpg | 94.242.50.163 | 200 OK | 52 kB |
URL GET HTTP/1.1nguontv.com/media/vn02.jpg IP94.242.50.163:80
Requested byhttp://nguonchillb.com/thanh-vat-ca-sau-crocodile-dundee-f41307.html
File typeJPEG image data, progressive, precision 8, 400x300, components 3 Hashdfa57a5b5804336f78b1fc7ab5d0346d 832189153c9a5f23293da826eed7867e7e3836f4 b1c09b4d08344c3d7c5367f0c821bda7195ddd7a8c169febb04f9960142c5517
GET /media/vn02.jpg HTTP/1.1
Host: nguontv.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://nguonchillb.com/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 16 Apr 2024 13:23:07 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.0.33
Last-Modified: Tue, 02 Jan 2024 07:37:13 GMT
Accept-Ranges: bytes
Content-Length: 51852
Cache-Control: max-age=2592000
Expires: Thu, 16 May 2024 13:23:07 GMT
Connection: close
Content-Type: image/jpeg
|
|
| nguonchillb.com/images/headshot-placeholder.png | 94.242.50.163 | 200 OK | 3.4 kB |
URL GET HTTP/1.1nguonchillb.com/images/headshot-placeholder.png IP94.242.50.163:80
Requested byhttp://nguonchillb.com/thanh-vat-ca-sau-crocodile-dundee-f41307.html
File typePNG image data, 252 x 345, 8-bit/color RGB, non-interlaced Hash25fa9ab09a307f1332ebaf0e5b59e033 060f94c03f4f1d34cc99de9f86f335a5a2abaaed e721eaf6440c791758ba62c1dc1e5dc2be909264b658afd34b6cc3ca3de9287d
GET /images/headshot-placeholder.png HTTP/1.1
Host: nguonchillb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://nguonchillb.com/thanh-vat-ca-sau-crocodile-dundee-f41307.html
Cookie: PHPSESSID=8dvl95rdhpai9cna7n314km336; us_session_id=P1821
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 16 Apr 2024 13:23:07 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.0.33
Last-Modified: Thu, 04 Jan 2018 07:48:49 GMT
Accept-Ranges: bytes
Content-Length: 3412
Cache-Control: max-age=2592000, public
Expires: Thu, 16 May 2024 13:23:07 GMT
Connection: close
Content-Type: image/png
|
|
| m3.nguonhay.com/media/images/film/newcover/2021/6/s350_700/vua-hai-tac-1624252456.jpg | 94.242.50.163 | 200 OK | 102 kB |
URL GET HTTP/1.1m3.nguonhay.com/media/images/film/newcover/2021/6/s350_700/vua-hai-tac-1624252456.jpg IP94.242.50.163:80
Requested byhttp://nguonchillb.com/thanh-vat-ca-sau-crocodile-dundee-f41307.html
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 350x525, components 3 Size102 kB (102471 bytes) Hashf3b3235be303bcdd8806ee587f879d0a c5cfc2f2b686184a9bb5d8495268fb62e685d17c f365d987c622865d1bac410f3814dabce383d1dd2d961f00aafaf256b251c42e
GET /media/images/film/newcover/2021/6/s350_700/vua-hai-tac-1624252456.jpg HTTP/1.1
Host: m3.nguonhay.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://nguonchillb.com/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 16 Apr 2024 13:23:07 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.0.33
Last-Modified: Mon, 21 Jun 2021 05:14:17 GMT
ETag: "19047-5c53fbebf16b6"
Accept-Ranges: bytes
Content-Length: 102471
Cache-Control: max-age=5184000, public
Expires: Sat, 15 Jun 2024 13:23:07 GMT
Access-Control-Allow-Origin: *
Connection: close
Content-Type: image/jpeg
|
|
| m3.nguonhay.com/media/images/film/pol/s350_700/dao-ca-sau-1587366949.jpg | 94.242.50.163 | 200 OK | 74 kB |
URL GET HTTP/1.1m3.nguonhay.com/media/images/film/pol/s350_700/dao-ca-sau-1587366949.jpg IP94.242.50.163:80
Requested byhttp://nguonchillb.com/thanh-vat-ca-sau-crocodile-dundee-f41307.html
File typeJPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, progressive, precision 8, 300x426, components 3 Hash559a32977c03d41aec587dd09fe6d843 33d2dcb4868d167c26eb190dd45d2e5ff26a11fd d1901599fe05e8635911c65814de478dd4e810761e28ddef0296eb5fbe025a2c
GET /media/images/film/pol/s350_700/dao-ca-sau-1587366949.jpg HTTP/1.1
Host: m3.nguonhay.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://nguonchillb.com/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 16 Apr 2024 13:23:07 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.0.33
Last-Modified: Thu, 11 Jun 2020 15:13:24 GMT
ETag: "12222-5a7d066e69614"
Accept-Ranges: bytes
Content-Length: 74274
Cache-Control: max-age=5184000, public
Expires: Sat, 15 Jun 2024 13:23:07 GMT
Access-Control-Allow-Origin: *
Connection: close
Content-Type: image/jpeg
|
|
| m3.nguonhay.com/media/images/film/phimbathu/s350_700/ca-sau-201608780-1496780031.jpg | 94.242.50.163 | 200 OK | 65 kB |
URL GET HTTP/1.1m3.nguonhay.com/media/images/film/phimbathu/s350_700/ca-sau-201608780-1496780031.jpg IP94.242.50.163:80
Requested byhttp://nguonchillb.com/thanh-vat-ca-sau-crocodile-dundee-f41307.html
File typeJPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, progressive, precision 8, 350x489, components 3 Hash5146228e85e112d77c43b0601b18538a 14a95c2fa61cb6845a74197b7e506afc5f4fc026 d4161e07417adfe8004c108b55248bc04d84418b3bbb56ff6397dc889dfa09af
GET /media/images/film/phimbathu/s350_700/ca-sau-201608780-1496780031.jpg HTTP/1.1
Host: m3.nguonhay.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://nguonchillb.com/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 16 Apr 2024 13:23:07 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.0.33
Last-Modified: Fri, 18 Feb 2022 16:10:38 GMT
ETag: "ff11-5d84d1f9da0a6"
Accept-Ranges: bytes
Content-Length: 65297
Cache-Control: max-age=5184000, public
Expires: Sat, 15 Jun 2024 13:23:07 GMT
Access-Control-Allow-Origin: *
Connection: close
Content-Type: image/jpeg
|
|
| m3.nguonhay.com/media/images/film/newcover/2022/12/s350_700/ca-sau-khong-lo-2-mega-crocodile-2-1670431872.jpg | 94.242.50.163 | 200 OK | 104 kB |
URL GET HTTP/1.1m3.nguonhay.com/media/images/film/newcover/2022/12/s350_700/ca-sau-khong-lo-2-mega-crocodile-2-1670431872.jpg IP94.242.50.163:80
Requested byhttp://nguonchillb.com/thanh-vat-ca-sau-crocodile-dundee-f41307.html
File typeJPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, progressive, precision 8, 350x525, components 3 Size104 kB (104029 bytes) Hash2d7a6d8f1bd6780cb7fe5b1184bab377 da3e6e6b8fef84201ef21776e39ae21e54179c89 98a1b51e1ae639b650bfd4c824768c123d01d4f9e6841f30912faeef54699195
GET /media/images/film/newcover/2022/12/s350_700/ca-sau-khong-lo-2-mega-crocodile-2-1670431872.jpg HTTP/1.1
Host: m3.nguonhay.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://nguonchillb.com/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 16 Apr 2024 13:23:07 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.0.33
Last-Modified: Wed, 07 Dec 2022 16:51:14 GMT
ETag: "1965d-5ef3fba78caf0"
Accept-Ranges: bytes
Content-Length: 104029
Cache-Control: max-age=5184000, public
Expires: Sat, 15 Jun 2024 13:23:07 GMT
Access-Control-Allow-Origin: *
Connection: close
Content-Type: image/jpeg
|
|
| m3.nguonhay.com/media/images/qrcode/41307.png | 94.242.50.163 | 200 OK | 585 B |
URL GET HTTP/1.1m3.nguonhay.com/media/images/qrcode/41307.png IP94.242.50.163:80
Requested byhttp://nguonchillb.com/thanh-vat-ca-sau-crocodile-dundee-f41307.html
File typePNG image data, 390 x 390, 1-bit colormap, non-interlaced Hash6f2512dfc6cee47ff29f81ed6081333a b9bf491261e26a0704749f92579fd724d8d3bf97 e629408e0829a875afbba16710c1ee23cd739276fee7cd060c688252a3961d53
GET /media/images/qrcode/41307.png HTTP/1.1
Host: m3.nguonhay.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://nguonchillb.com/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 16 Apr 2024 13:23:08 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.0.33
Last-Modified: Mon, 29 Mar 2021 01:19:02 GMT
ETag: "249-5bea2aac5aff2"
Accept-Ranges: bytes
Content-Length: 585
Cache-Control: max-age=5184000, public
Expires: Sat, 15 Jun 2024 13:23:08 GMT
Access-Control-Allow-Origin: *
Connection: close
Content-Type: image/png
|
|
| m3.nguonhay.com/media/images/film/vp/s350_700/thanh-vat-ca-sau-2-1589918201.jpg | 94.242.50.163 | 200 OK | 52 kB |
URL GET HTTP/1.1m3.nguonhay.com/media/images/film/vp/s350_700/thanh-vat-ca-sau-2-1589918201.jpg IP94.242.50.163:80
Requested byhttp://nguonchillb.com/thanh-vat-ca-sau-crocodile-dundee-f41307.html
File typeJPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, progressive, precision 8, 320x474, components 3 Hash84aee2b1c098c3a351e057721b441277 16cd47134860c6fc0e6243d0ea782017f17c20aa 5380a70c89fa4ccb7e937f1e3097d3574859108fbc4bbb441bb7edb2975e9a38
GET /media/images/film/vp/s350_700/thanh-vat-ca-sau-2-1589918201.jpg HTTP/1.1
Host: m3.nguonhay.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://nguonchillb.com/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 16 Apr 2024 13:23:08 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.0.33
Last-Modified: Thu, 11 Jun 2020 15:05:52 GMT
ETag: "c98e-5a7d04be9af65"
Accept-Ranges: bytes
Content-Length: 51598
Cache-Control: max-age=5184000, public
Expires: Sat, 15 Jun 2024 13:23:08 GMT
Access-Control-Allow-Origin: *
Connection: close
Content-Type: image/jpeg
|
|
| m3.nguonhay.com/media/images/film/oph/s350_700/lyle-chu-ca-sau-biet-hat-1668002484.jpg | 94.242.50.163 | 200 OK | 61 kB |
URL GET HTTP/1.1m3.nguonhay.com/media/images/film/oph/s350_700/lyle-chu-ca-sau-biet-hat-1668002484.jpg IP94.242.50.163:80
Requested byhttp://nguonchillb.com/thanh-vat-ca-sau-crocodile-dundee-f41307.html
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 350x525, components 3 Hash4b2ab1668e01371268e884069d21c7d1 568dfb4bb9040c94474ec364ad4bd1d618a905a2 049a4642c4913a52be84bc14c188d0fedc18d4434154494fb5ffd2bbc1b4281c
GET /media/images/film/oph/s350_700/lyle-chu-ca-sau-biet-hat-1668002484.jpg HTTP/1.1
Host: m3.nguonhay.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://nguonchillb.com/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 16 Apr 2024 13:23:08 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.0.33
Last-Modified: Wed, 09 Nov 2022 15:20:55 GMT
ETag: "efd2-5ed0b33ef7a6d"
Accept-Ranges: bytes
Content-Length: 61394
Cache-Control: max-age=5184000, public
Expires: Sat, 15 Jun 2024 13:23:08 GMT
Access-Control-Allow-Origin: *
Connection: close
Content-Type: image/jpeg
|
|
| m3.nguonhay.com/media/images/film/blp/s350_700/lyle-chu-ca-sau-biet-hat-1669115045.jpg | 94.242.50.163 | 200 OK | 98 kB |
URL GET HTTP/1.1m3.nguonhay.com/media/images/film/blp/s350_700/lyle-chu-ca-sau-biet-hat-1669115045.jpg IP94.242.50.163:80
Requested byhttp://nguonchillb.com/thanh-vat-ca-sau-crocodile-dundee-f41307.html
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 350x490, components 3 Hash162fa9c29735bb7232fcdb5911355c5b cd2ac80968c42958d1ec7cd971636e2e5e4227ee d5a156efb80764c0ee9f9c983a27523d6ed247e37fc5a60cb42afecad991a5b5
GET /media/images/film/blp/s350_700/lyle-chu-ca-sau-biet-hat-1669115045.jpg HTTP/1.1
Host: m3.nguonhay.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://nguonchillb.com/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 16 Apr 2024 13:23:08 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.0.33
Last-Modified: Tue, 22 Nov 2022 11:04:19 GMT
ETag: "17f8e-5ee0d223ab9f4"
Accept-Ranges: bytes
Content-Length: 98190
Cache-Control: max-age=5184000, public
Expires: Sat, 15 Jun 2024 13:23:08 GMT
Access-Control-Allow-Origin: *
Connection: close
Content-Type: image/jpeg
|
|
| m3.nguonhay.com/media/images/film/bio/s350_700/chim-boi-ca-1665899828.jpg | 94.242.50.163 | 200 OK | 87 kB |
URL GET HTTP/1.1m3.nguonhay.com/media/images/film/bio/s350_700/chim-boi-ca-1665899828.jpg IP94.242.50.163:80
Requested byhttp://nguonchillb.com/thanh-vat-ca-sau-crocodile-dundee-f41307.html
File typeJPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, progressive, precision 8, 350x438, components 3 Hashcdb099f8426bd971ac65260f52a7c035 549e05f3215272e4a12832eaf94504d694383bec e46c8ded7ae8965e2881e946441d5a65cfb6937e9f97d1351c70658c5818ba88
GET /media/images/film/bio/s350_700/chim-boi-ca-1665899828.jpg HTTP/1.1
Host: m3.nguonhay.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://nguonchillb.com/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 16 Apr 2024 13:23:08 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.0.33
Last-Modified: Mon, 24 Oct 2022 16:27:41 GMT
ETag: "15256-5ebca453fbe31"
Accept-Ranges: bytes
Content-Length: 86614
Cache-Control: max-age=5184000, public
Expires: Sat, 15 Jun 2024 13:23:08 GMT
Access-Control-Allow-Origin: *
Connection: close
Content-Type: image/jpeg
|
|
| m3.nguonhay.com/media/images/film/oph/s350_700/dau-la-dai-luc-2-tuyet-the-duong-mon-1687591991.jpg | 94.242.50.163 | 200 OK | 114 kB |
URL GET HTTP/1.1m3.nguonhay.com/media/images/film/oph/s350_700/dau-la-dai-luc-2-tuyet-the-duong-mon-1687591991.jpg IP94.242.50.163:80
Requested byhttp://nguonchillb.com/thanh-vat-ca-sau-crocodile-dundee-f41307.html
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 350x491, components 3 Size114 kB (113813 bytes) Hash328444b1578b88e44b0be954a812b457 f2fc2f4e0092cd260b42728b2a9a68d3232d2e25 379649087bbdf853045ccb1e73fdb9012ad0274a2a080601fcb9285e47a48372
GET /media/images/film/oph/s350_700/dau-la-dai-luc-2-tuyet-the-duong-mon-1687591991.jpg HTTP/1.1
Host: m3.nguonhay.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://nguonchillb.com/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 16 Apr 2024 13:23:08 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.0.33
Last-Modified: Sun, 25 Jun 2023 08:17:21 GMT
ETag: "1bc95-5feefdcf55eed"
Accept-Ranges: bytes
Content-Length: 113813
Cache-Control: max-age=5184000, public
Expires: Sat, 15 Jun 2024 13:23:08 GMT
Access-Control-Allow-Origin: *
Connection: close
Content-Type: image/jpeg
|
|
| m3.nguonhay.com/media/images/film/vp/s350_700/thanh-vat-ca-sau-1589918401.jpg | 94.242.50.163 | 200 OK | 54 kB |
URL GET HTTP/1.1m3.nguonhay.com/media/images/film/vp/s350_700/thanh-vat-ca-sau-1589918401.jpg IP94.242.50.163:80
Requested byhttp://nguonchillb.com/thanh-vat-ca-sau-crocodile-dundee-f41307.html
File typeJPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, progressive, precision 8, 320x485, components 3 Hasha15ef35c7f200d364add75da15be3bf5 f0370a652f39357f4ba94577ff5b08cfd9a1be40 52cdc7530a47254464b3daf5ed4bd4bdbf267eae946781f43fd404b391a73628
GET /media/images/film/vp/s350_700/thanh-vat-ca-sau-1589918401.jpg HTTP/1.1
Host: m3.nguonhay.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://nguonchillb.com/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 16 Apr 2024 13:23:08 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.0.33
Last-Modified: Thu, 11 Jun 2020 13:20:23 GMT
ETag: "d3d1-5a7ced2aacd7e"
Accept-Ranges: bytes
Content-Length: 54225
Cache-Control: max-age=5184000, public
Expires: Sat, 15 Jun 2024 13:23:08 GMT
Access-Control-Allow-Origin: *
Connection: close
Content-Type: image/jpeg
|
|
| nguonchillb.com/themes/np/images/icon-search-menu.png | 94.242.50.163 | 200 OK | 1.2 kB |
URL GET HTTP/1.1nguonchillb.com/themes/np/images/icon-search-menu.png IP94.242.50.163:80
Requested byhttp://nguonchillb.com/thanh-vat-ca-sau-crocodile-dundee-f41307.html
File typePNG image data, 19 x 19, 8-bit/color RGBA, non-interlaced Hashe573652e7d75f6471431e9fd48ca706c ef9de78ae35eb6d6f3e04744612c7bed87c3a5ee 49cd4ed8ef5f3b960bdb9a9024f1b4a83b96e39425a339fd1afc2486709c432b
GET /themes/np/images/icon-search-menu.png HTTP/1.1
Host: nguonchillb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://nguonchillb.com/themes/np/css/color.css?v=np2.4.8.2
Cookie: PHPSESSID=8dvl95rdhpai9cna7n314km336; us_session_id=P1821
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 16 Apr 2024 13:23:08 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.0.33
Last-Modified: Fri, 19 Jan 2018 09:15:00 GMT
Accept-Ranges: bytes
Content-Length: 1229
Cache-Control: max-age=2592000, public
Expires: Thu, 16 May 2024 13:23:08 GMT
Connection: close
Content-Type: image/png
|
|
| nguonchillb.com/themes/np/fonts/fontawesome-webfont.woff2?v=4.7.0 | 94.242.50.163 | 200 OK | 77 kB |
URL GET HTTP/1.1nguonchillb.com/themes/np/fonts/fontawesome-webfont.woff2?v=4.7.0 IP94.242.50.163:80
Requested byhttp://nguonchillb.com/thanh-vat-ca-sau-crocodile-dundee-f41307.html
File typeWeb Open Font Format (Version 2), TrueType, length 77160, version 4.459 Hashaf7ae505a9eed503f8b8e6982036873e d6f48cba7d076fb6f2fd6ba993a75b9dc1ecbf0c 2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
GET /themes/np/fonts/fontawesome-webfont.woff2?v=4.7.0 HTTP/1.1
Host: nguonchillb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: http://nguonchillb.com/themes/np/css/color.css?v=np2.4.8.2
Cookie: PHPSESSID=8dvl95rdhpai9cna7n314km336; us_session_id=P1821
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 16 Apr 2024 13:23:08 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.0.33
Last-Modified: Fri, 19 Jan 2018 09:14:59 GMT
Accept-Ranges: bytes
Content-Length: 77160
Cache-Control: max-age=2592000
Expires: Thu, 16 May 2024 13:23:08 GMT
X-UA-Compatible: IE=edge,chrome=1
Connection: close
|
|
| m3.nguonhay.com/media/images/film/pol/s350_700/vo-than-chua-te-1583765005.jpg | 94.242.50.163 | 200 OK | 70 kB |
URL GET HTTP/1.1m3.nguonhay.com/media/images/film/pol/s350_700/vo-than-chua-te-1583765005.jpg IP94.242.50.163:80
Requested byhttp://nguonchillb.com/thanh-vat-ca-sau-crocodile-dundee-f41307.html
File typeJPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, progressive, precision 8, 300x426, components 3 Hashfabd25bf58c53cf84b93d09b16a5dab1 44d008211bf7a481cb35b3187b825f54e7c9631c 06138ff6cdd143a248a3b31bbcb4e88ee295c0d11a987a60b9f0c4043fee79e0
GET /media/images/film/pol/s350_700/vo-than-chua-te-1583765005.jpg HTTP/1.1
Host: m3.nguonhay.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://nguonchillb.com/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 16 Apr 2024 13:23:08 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.0.33
Last-Modified: Fri, 12 Jun 2020 07:03:11 GMT
ETag: "112e1-5a7ddab8b8f40"
Accept-Ranges: bytes
Content-Length: 70369
Cache-Control: max-age=5184000, public
Expires: Sat, 15 Jun 2024 13:23:08 GMT
Access-Control-Allow-Origin: *
Connection: close
Content-Type: image/jpeg
|
|
| m3.nguonhay.com/media/images/film/mptv/s350_700/nu-hoang-nuoc-mat-1707443450.jpg | 94.242.50.163 | 200 OK | 55 kB |
URL GET HTTP/1.1m3.nguonhay.com/media/images/film/mptv/s350_700/nu-hoang-nuoc-mat-1707443450.jpg IP94.242.50.163:80
Requested byhttp://nguonchillb.com/thanh-vat-ca-sau-crocodile-dundee-f41307.html
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 350x501, components 3 Hash7d84be20e84510c02a36491f73526483 911556208f24946169d6e9afe33fc2e5f6e48470 84cdd62c2838005fc964ed071a20d264327cc45c1403b1126ceb263fe479c06a
GET /media/images/film/mptv/s350_700/nu-hoang-nuoc-mat-1707443450.jpg HTTP/1.1
Host: m3.nguonhay.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://nguonchillb.com/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 16 Apr 2024 13:23:08 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.0.33
Last-Modified: Sun, 10 Mar 2024 18:55:46 GMT
ETag: "d82c-61352f90ce8d6"
Accept-Ranges: bytes
Content-Length: 55340
Cache-Control: max-age=5184000, public
Expires: Sat, 15 Jun 2024 13:23:08 GMT
Access-Control-Allow-Origin: *
Connection: close
Content-Type: image/jpeg
|
|
| fonts.googleapis.com/icon?family=Material+Icons | 142.250.74.106 | 200 OK | 811 B |
URL GET HTTP/2fonts.googleapis.com/icon?family=Material+Icons IP142.250.74.106:443
Requested byhttp://nguonchillb.com/thanh-vat-ca-sau-crocodile-dundee-f41307.html CertificateIssuerGoogle Trust Services LLC Subjectupload.video.google.com Fingerprint47:5A:64:7D:9F:47:34:07:31:91:97:F7:04:42:7A:D5:EA:AD:07:4E ValidityMon, 04 Mar 2024 07:16:44 GMT - Mon, 27 May 2024 07:16:43 GMT
File typegzip compressed data, max compression Hash5f43c3db976ef0cab9d7cd8031f0fcff 6c8522e987022c396c8b161fae1013d6736b6f95 97260f6f2b7ad22da9507f77af1fc98745ef235595094cb3982b7e3b4a5994c1
GET /icon?family=Material+Icons HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://nguonchillb.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Tue, 16 Apr 2024 13:23:07 GMT
date: Tue, 16 Apr 2024 13:23:07 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| www.googletagmanager.com/gtag/js?id=G-3RRF2WKVFP&l=dataLayer&cx=c | 142.250.74.168 | 200 OK | 87 kB |
URL GET HTTP/3www.googletagmanager.com/gtag/js?id=G-3RRF2WKVFP&l=dataLayer&cx=c IP142.250.74.168:443
Requested byhttp://nguonchillb.com/thanh-vat-ca-sau-crocodile-dundee-f41307.html CertificateIssuerGoogle Trust Services LLC Subject*.google-analytics.com FingerprintBF:40:8C:8B:CB:69:1E:3F:E2:3B:B7:8A:8E:C0:D6:98:5F:81:FA:2D ValidityMon, 04 Mar 2024 06:35:45 GMT - Mon, 27 May 2024 06:35:44 GMT
File typeJavaScript source, ASCII text, with very long lines (4179) Hash7de56a1341d51530bb61cf7160133f9e 318f04a07cdda0a14971a4feb2d99841bceb849a 8ba98dc8b423cc12edc403f49dd3356997df7aafa53bfeb73c19006cea8fb512
GET /gtag/js?id=G-3RRF2WKVFP&l=dataLayer&cx=c HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://nguonchillb.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Tue, 16 Apr 2024 13:23:08 GMT
expires: Tue, 16 Apr 2024 13:23:08 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 87128
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| m3.nguonhay.com/media/images/film/blp/s350_700/ca-sau-khong-lo-phan-2-1670396602.jpg | 94.242.50.163 | 200 OK | 138 kB |
URL GET HTTP/1.1m3.nguonhay.com/media/images/film/blp/s350_700/ca-sau-khong-lo-phan-2-1670396602.jpg IP94.242.50.163:80
Requested byhttp://nguonchillb.com/thanh-vat-ca-sau-crocodile-dundee-f41307.html
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 350x622, components 3 Size138 kB (137869 bytes) Hash07b28bdf5747734480d3c7e1ce16531b 55590544fb623bbf64f3a02b14098559f3c6187c 3e1b2ca069c9f4475514355e212387177e49d0f0e3c5585841a8bcbd7d4cb2e9
GET /media/images/film/blp/s350_700/ca-sau-khong-lo-phan-2-1670396602.jpg HTTP/1.1
Host: m3.nguonhay.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://nguonchillb.com/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 16 Apr 2024 13:23:08 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.0.33
Last-Modified: Wed, 07 Dec 2022 07:05:22 GMT
ETag: "21a8d-5ef378b4b39c9"
Accept-Ranges: bytes
Content-Length: 137869
Cache-Control: max-age=5184000, public
Expires: Sat, 15 Jun 2024 13:23:08 GMT
Access-Control-Allow-Origin: *
Connection: close
Content-Type: image/jpeg
|
|
| fonts.googleapis.com/css?family=Open+Sans:300,300i,400,400i,600,600i,700,700i,800,800i|Roboto:100,100i,300,300i,400,400i,500,500i,700,700i,900,900i&subset=latin-ext,vietnamese | 142.250.74.106 | 200 OK | 3.5 kB |
URL GET HTTP/2fonts.googleapis.com/css?family=Open+Sans:300,300i,400,400i,600,600i,700,700i,800,800i|Roboto:100,100i,300,300i,400,400i,500,500i,700,700i,900,900i&subset=latin-ext,vietnamese IP142.250.74.106:443
Requested byhttp://nguonchillb.com/thanh-vat-ca-sau-crocodile-dundee-f41307.html CertificateIssuerGoogle Trust Services LLC Subjectupload.video.google.com Fingerprint47:5A:64:7D:9F:47:34:07:31:91:97:F7:04:42:7A:D5:EA:AD:07:4E ValidityMon, 04 Mar 2024 07:16:44 GMT - Mon, 27 May 2024 07:16:43 GMT
File typegzip compressed data, max compression Hash69c3b7a332d3006b0ced5b3bea230e70 3393c41057aa4326ad3271117669bde28fa0aa4d 37fdd1ff5e6c37870ae8b761dad3fd838e80ee0a94e3b32ae404649e07191193
GET /css?family=Open+Sans:300,300i,400,400i,600,600i,700,700i,800,800i|Roboto:100,100i,300,300i,400,400i,500,500i,700,700i,900,900i&subset=latin-ext,vietnamese HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://nguonchillb.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Tue, 16 Apr 2024 13:23:07 GMT
date: Tue, 16 Apr 2024 13:23:07 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu7GxKOzY.woff2 | 142.250.74.99 | 200 OK | 12 kB |
URL GET HTTP/2fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu7GxKOzY.woff2 IP142.250.74.99:443
Requested byhttp://nguonchillb.com/thanh-vat-ca-sau-crocodile-dundee-f41307.html CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com Fingerprint8F:81:43:71:C4:F3:8C:FA:6D:EC:B4:5E:1F:58:71:AA:48:42:0E:E9 ValidityMon, 04 Mar 2024 07:16:39 GMT - Mon, 27 May 2024 07:16:38 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 11872, version 1.0 Hash87ace20058325aa069320aa4af875dff b743548770c46d905ae1ba06310bc001c587fe8e 3c23eb02de6b34e30f18cfb7167abd81a2cedfd1da60dfcb71989517ab3fb431
GET /s/roboto/v30/KFOmCnqEu92Fr1Mu7GxKOzY.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://nguonchillb.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 11872
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 16 Apr 2024 01:19:30 GMT
expires: Wed, 16 Apr 2025 01:19:30 GMT
cache-control: public, max-age=31536000
age: 43418
last-modified: Wed, 11 May 2022 19:25:01 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu7WxKOzY.woff2 | 142.250.74.99 | 200 OK | 5.6 kB |
URL GET HTTP/2fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu7WxKOzY.woff2 IP142.250.74.99:443
Requested byhttp://nguonchillb.com/thanh-vat-ca-sau-crocodile-dundee-f41307.html CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com Fingerprint8F:81:43:71:C4:F3:8C:FA:6D:EC:B4:5E:1F:58:71:AA:48:42:0E:E9 ValidityMon, 04 Mar 2024 07:16:39 GMT - Mon, 27 May 2024 07:16:38 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 5560, version 1.0 Hashca3b09b62fda648a4511700413313fd0 109cd4c5435bd6614391bb8722c47c287c96b2ec 77b24796a3d4ab521f66765651875338ed50cb9306cfe4603a3e79618e429cec
GET /s/roboto/v30/KFOmCnqEu92Fr1Mu7WxKOzY.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://nguonchillb.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 5560
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 11 Apr 2024 02:39:02 GMT
expires: Fri, 11 Apr 2025 02:39:02 GMT
cache-control: public, max-age=31536000
age: 470646
last-modified: Wed, 11 May 2022 19:24:41 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSCmu1aB.woff2 | 142.250.74.99 | 200 OK | 17 kB |
URL GET HTTP/2fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSCmu1aB.woff2 IP142.250.74.99:443
Requested byhttp://nguonchillb.com/thanh-vat-ca-sau-crocodile-dundee-f41307.html CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com Fingerprint8F:81:43:71:C4:F3:8C:FA:6D:EC:B4:5E:1F:58:71:AA:48:42:0E:E9 ValidityMon, 04 Mar 2024 07:16:39 GMT - Mon, 27 May 2024 07:16:38 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 16552, version 1.0 Hash283c40f79deab0300df8b3ffd86dfc7b 2ef09414a573ac59f4b37e81c8b8a881244b345f 35e5eea83f2e5f2bad1213aa4b4aef30a380720e35c1821f19bc894f8e61e406
GET /s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSCmu1aB.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://nguonchillb.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 16552
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 11 Apr 2024 02:33:37 GMT
expires: Fri, 11 Apr 2025 02:33:37 GMT
cache-control: public, max-age=31536000
age: 470971
last-modified: Thu, 14 Dec 2023 02:08:40 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSGmu1aB.woff2 | 142.250.74.99 | 200 OK | 35 kB |
URL GET HTTP/2fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSGmu1aB.woff2 IP142.250.74.99:443
Requested byhttp://nguonchillb.com/thanh-vat-ca-sau-crocodile-dundee-f41307.html CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com Fingerprint8F:81:43:71:C4:F3:8C:FA:6D:EC:B4:5E:1F:58:71:AA:48:42:0E:E9 ValidityMon, 04 Mar 2024 07:16:39 GMT - Mon, 27 May 2024 07:16:38 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 35328, version 1.0 Hash7670dba29aa2a1560c5d711ea6f6b369 6a2a620d2972f139c804c5a8363c91eb1a7595f6 adfa45260a1306cb5fefc1f17c1b5e7b61135534a82bf1b8e3d0540af7e07e3b
GET /s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSGmu1aB.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://nguonchillb.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 35328
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 11 Apr 2024 17:27:30 GMT
expires: Fri, 11 Apr 2025 17:27:30 GMT
cache-control: public, max-age=31536000
age: 417338
last-modified: Thu, 14 Dec 2023 02:00:45 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| fonts.gstatic.com/s/materialicons/v142/flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2 | 142.250.74.99 | 200 OK | 128 kB |
URL GET HTTP/2fonts.gstatic.com/s/materialicons/v142/flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2 IP142.250.74.99:443
Requested byhttp://nguonchillb.com/thanh-vat-ca-sau-crocodile-dundee-f41307.html CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com Fingerprint8F:81:43:71:C4:F3:8C:FA:6D:EC:B4:5E:1F:58:71:AA:48:42:0E:E9 ValidityMon, 04 Mar 2024 07:16:39 GMT - Mon, 27 May 2024 07:16:38 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 128352, version 1.0 Size128 kB (128352 bytes) Hash53436aca8627a49f4deaaa44dc9e3c05 0bc0c675480d94ec7e8609dda6227f88c5d08d2c 8265f64786397d6b832d1ca0aafdf149ad84e72759fffa9f7272e91a0fb015d1
GET /s/materialicons/v142/flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://nguonchillb.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 128352
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 15 Apr 2024 21:27:45 GMT
expires: Tue, 15 Apr 2025 21:27:45 GMT
cache-control: public, max-age=31536000
age: 57323
last-modified: Mon, 08 Apr 2024 19:04:47 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfCxc4EsA.woff2 | 142.250.74.99 | 200 OK | 5.5 kB |
URL GET HTTP/2fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfCxc4EsA.woff2 IP142.250.74.99:443
Requested byhttp://nguonchillb.com/thanh-vat-ca-sau-crocodile-dundee-f41307.html CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com Fingerprint8F:81:43:71:C4:F3:8C:FA:6D:EC:B4:5E:1F:58:71:AA:48:42:0E:E9 ValidityMon, 04 Mar 2024 07:16:39 GMT - Mon, 27 May 2024 07:16:38 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 5548, version 1.0 Hashcdaab83619fcacd4027a77c99dd51e69 9e6eae8554f8cc2309b2dae2d9fa217e34eed6a4 4ec57f2a80b91090971b83970230ca09ab3568c5f5b224896ca9aa6180a76aa9
GET /s/roboto/v30/KFOlCnqEu92Fr1MmWUlfCxc4EsA.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://nguonchillb.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 5548
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 11 Apr 2024 02:45:59 GMT
expires: Fri, 11 Apr 2025 02:45:59 GMT
cache-control: public, max-age=31536000
age: 470229
last-modified: Wed, 11 May 2022 19:24:45 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 | 142.250.74.99 | 200 OK | 48 kB |
URL GET HTTP/2fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 IP142.250.74.99:443
Requested byhttp://nguonchillb.com/thanh-vat-ca-sau-crocodile-dundee-f41307.html CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com Fingerprint8F:81:43:71:C4:F3:8C:FA:6D:EC:B4:5E:1F:58:71:AA:48:42:0E:E9 ValidityMon, 04 Mar 2024 07:16:39 GMT - Mon, 27 May 2024 07:16:38 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 48236, version 1.0 Hash015c126a3520c9a8f6a27979d0266e96 2acf956561d44434a6d84204670cf849d3215d5f 3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
GET /s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://nguonchillb.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 48236
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 16 Apr 2024 08:04:32 GMT
expires: Wed, 16 Apr 2025 08:04:32 GMT
cache-control: public, max-age=31536000
age: 19116
last-modified: Thu, 14 Dec 2023 02:08:40 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 | 142.250.74.99 | 200 OK | 16 kB |
URL GET HTTP/2fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 IP142.250.74.99:443
Requested byhttp://nguonchillb.com/thanh-vat-ca-sau-crocodile-dundee-f41307.html CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com Fingerprint8F:81:43:71:C4:F3:8C:FA:6D:EC:B4:5E:1F:58:71:AA:48:42:0E:E9 ValidityMon, 04 Mar 2024 07:16:39 GMT - Mon, 27 May 2024 07:16:38 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 15744, version 1.0 Hash15d9f621c3bd1599f0169dcf0bd5e63e 7ca9c5967f3bb8bffeab24b639b49c1e7d03fa52 f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://nguonchillb.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15744
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 11 Apr 2024 02:37:01 GMT
expires: Fri, 11 Apr 2025 02:37:01 GMT
cache-control: public, max-age=31536000
age: 470767
last-modified: Wed, 11 May 2022 19:24:48 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| chokedsmelt.com/5b/28/bb/5b28bb3338748187b2166508de2d96b3.js | 192.243.59.12 | 200 OK | 16 kB |
URL GET HTTP/1.1chokedsmelt.com/5b/28/bb/5b28bb3338748187b2166508de2d96b3.js IP192.243.59.12:80 ASN#39572 DataWeb Global Group B.V.
Requested byhttp://nguonchillb.com/thanh-vat-ca-sau-crocodile-dundee-f41307.html
File typeJavaScript source, ASCII text, with very long lines (44139), with no line terminators Hashf86da52918926e8d5e65198181fa331b f594fc7df49e2850ee3a11a6c556d030988b7934 fb9d814b3e5058f29e4220aa9e9945a95ad0887a9238ab370c0f7d8a57999507
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /5b/28/bb/5b28bb3338748187b2166508de2d96b3.js HTTP/1.1
Host: chokedsmelt.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://nguonchillb.com/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Tue, 16 Apr 2024 13:23:08 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: ec6dc16fa35a1c032424bf3c7828d8fb
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
|
|
| fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 | 142.250.74.99 | 200 OK | 16 kB |
URL GET HTTP/2fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 IP142.250.74.99:443
Requested byhttp://nguonchillb.com/thanh-vat-ca-sau-crocodile-dundee-f41307.html CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com Fingerprint8F:81:43:71:C4:F3:8C:FA:6D:EC:B4:5E:1F:58:71:AA:48:42:0E:E9 ValidityMon, 04 Mar 2024 07:16:39 GMT - Mon, 27 May 2024 07:16:38 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 15860, version 1.0 Hashe9f5aaf547f165386cd313b995dddd8e acdef5603c2387b0e5bffd744b679a24a8bc1968 f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
GET /s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://nguonchillb.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15860
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 16 Apr 2024 10:46:32 GMT
expires: Wed, 16 Apr 2025 10:46:32 GMT
cache-control: public, max-age=31536000
age: 9396
last-modified: Wed, 11 May 2022 19:24:42 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| downstairsnegotiatebarren.com/sfp.js | 172.67.180.87 | 301 Moved Permanently | 167 B |
URL GET HTTP/1.1downstairsnegotiatebarren.com/sfp.js IP172.67.180.87:80
Requested byhttp://nguonchillb.com/thanh-vat-ca-sau-crocodile-dundee-f41307.html
File typeHTML document, ASCII text, with CRLF line terminators Hash0104c301c5e02bd6148b8703d19b3a73 7436e0b4b1f8c222c38069890b75fa2baf9ca620 446a6087825fa73eadb045e5a2e9e2adf7df241b571228187728191d961dda1f
GET /sfp.js HTTP/1.1
Host: downstairsnegotiatebarren.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://nguonchillb.com/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 301 Moved Permanently
Date: Tue, 16 Apr 2024 13:23:08 GMT
Content-Type: text/html
Content-Length: 167
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Tue, 16 Apr 2024 14:23:08 GMT
Location: https://downstairsnegotiatebarren.com/sfp.js
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=oOhOJIYFhOrsuqy9Uct5oXqprB52GGRMh0PGlsZQNo%2BcN2u6FVzRguddbBTv%2BKO6N%2BQ6RFGQ%2Bwf1yOZpnyYRcS64vXu%2Bc9%2FweLJhJ49rMdPXaIFRqicCPWhEF2oLG3dMcfpbh8cLkBi29eAq%2BcRLTA%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 87547cfaba620b55-OSL
alt-svc: h2=":443"; ma=60
|
|
| fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSCmu1aB.woff2 | 142.250.74.99 | 200 OK | 17 kB |
URL GET HTTP/2fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSCmu1aB.woff2 IP142.250.74.99:443
Requested byhttp://nguonchillb.com/thanh-vat-ca-sau-crocodile-dundee-f41307.html CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com Fingerprint8F:81:43:71:C4:F3:8C:FA:6D:EC:B4:5E:1F:58:71:AA:48:42:0E:E9 ValidityMon, 04 Mar 2024 07:16:39 GMT - Mon, 27 May 2024 07:16:38 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 16552, version 1.0 Hash283c40f79deab0300df8b3ffd86dfc7b 2ef09414a573ac59f4b37e81c8b8a881244b345f 35e5eea83f2e5f2bad1213aa4b4aef30a380720e35c1821f19bc894f8e61e406
GET /s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSCmu1aB.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://nguonchillb.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 16552
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 11 Apr 2024 02:33:37 GMT
expires: Fri, 11 Apr 2025 02:33:37 GMT
cache-control: public, max-age=31536000
age: 470971
last-modified: Thu, 14 Dec 2023 02:08:40 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 | 142.250.74.99 | 200 OK | 48 kB |
URL GET HTTP/2fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 IP142.250.74.99:443
Requested byhttp://nguonchillb.com/thanh-vat-ca-sau-crocodile-dundee-f41307.html CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com Fingerprint8F:81:43:71:C4:F3:8C:FA:6D:EC:B4:5E:1F:58:71:AA:48:42:0E:E9 ValidityMon, 04 Mar 2024 07:16:39 GMT - Mon, 27 May 2024 07:16:38 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 48236, version 1.0 Hash015c126a3520c9a8f6a27979d0266e96 2acf956561d44434a6d84204670cf849d3215d5f 3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
GET /s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://nguonchillb.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 48236
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 16 Apr 2024 08:04:32 GMT
expires: Wed, 16 Apr 2025 08:04:32 GMT
cache-control: public, max-age=31536000
age: 19116
last-modified: Thu, 14 Dec 2023 02:08:40 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 | 142.250.74.99 | 200 OK | 48 kB |
URL GET HTTP/2fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 IP142.250.74.99:443
Requested byhttp://nguonchillb.com/thanh-vat-ca-sau-crocodile-dundee-f41307.html CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com Fingerprint8F:81:43:71:C4:F3:8C:FA:6D:EC:B4:5E:1F:58:71:AA:48:42:0E:E9 ValidityMon, 04 Mar 2024 07:16:39 GMT - Mon, 27 May 2024 07:16:38 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 48236, version 1.0 Hash015c126a3520c9a8f6a27979d0266e96 2acf956561d44434a6d84204670cf849d3215d5f 3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
GET /s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://nguonchillb.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 48236
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 16 Apr 2024 08:04:32 GMT
expires: Wed, 16 Apr 2025 08:04:32 GMT
cache-control: public, max-age=31536000
age: 19116
last-modified: Thu, 14 Dec 2023 02:08:40 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSGmu1aB.woff2 | 142.250.74.99 | 200 OK | 35 kB |
URL GET HTTP/2fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSGmu1aB.woff2 IP142.250.74.99:443
Requested byhttp://nguonchillb.com/thanh-vat-ca-sau-crocodile-dundee-f41307.html CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com Fingerprint8F:81:43:71:C4:F3:8C:FA:6D:EC:B4:5E:1F:58:71:AA:48:42:0E:E9 ValidityMon, 04 Mar 2024 07:16:39 GMT - Mon, 27 May 2024 07:16:38 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 35328, version 1.0 Hash7670dba29aa2a1560c5d711ea6f6b369 6a2a620d2972f139c804c5a8363c91eb1a7595f6 adfa45260a1306cb5fefc1f17c1b5e7b61135534a82bf1b8e3d0540af7e07e3b
GET /s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSGmu1aB.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://nguonchillb.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 35328
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 11 Apr 2024 17:27:30 GMT
expires: Fri, 11 Apr 2025 17:27:30 GMT
cache-control: public, max-age=31536000
age: 417338
last-modified: Thu, 14 Dec 2023 02:00:45 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| ocsp.r2m03.amazontrust.com/ | 143.204.53.97 | | 471 B |
URL ocsp.r2m03.amazontrust.com/ IP143.204.53.97:0
Hash0bea14a24acf01e7602c416935848793 3493b99ca0da4d0c60f848069fa57e39b335a87a 229a97c14569254bf9fe6342e7cd4efd9e4f4b0ff89fb3c1e5c935976ab01062
POST / HTTP/1.1
Host: ocsp.r2m03.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=7200
Date: Tue, 16 Apr 2024 13:23:08 GMT
Last-Modified: Tue, 16 Apr 2024 12:14:01 GMT
Server: ECAcc (ska/F6E3)
X-Cache: Miss from cloudfront
Via: 1.1 6480520a5e02f3163410e3134bd77baa.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: ZguMAx-5Yx0RD5LBB_rOEmBy8oGmRDSuXbf-ZK5I902EjSkrBs058g==
Age: 4147
|
|
| proftrafficcounter.com/stats | 3.123.64.179 | 200 OK | 40 B |
URL GET HTTP/2proftrafficcounter.com/stats IP3.123.64.179:443
Requested byhttp://nguonchillb.com/thanh-vat-ca-sau-crocodile-dundee-f41307.html CertificateIssuerAmazon Subjectproftrafficcounter.com FingerprintE3:9F:79:6F:80:C0:BF:F8:C4:EB:45:F3:E9:0F:A7:41:F6:0C:05:E6 ValidityTue, 21 Nov 2023 00:00:00 GMT - Thu, 19 Dec 2024 23:59:59 GMT
File typeASCII text, with no line terminators Hashb2f32f9f0bb798b49dfacad7dbf4c9a6 a9c3bc80e82a0ba9b6fbacd2f23d3538c16c902a da4ecc01d6250fd00bc79f0d7d53a033ec9c0d56da3e0270408f72dae6d32243
GET /stats HTTP/1.1
Host: proftrafficcounter.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://nguonchillb.com
DNT: 1
Connection: keep-alive
Referer: http://nguonchillb.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Tue, 16 Apr 2024 13:23:08 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: http://nguonchillb.com
vary: Origin
access-control-allow-credentials: true
set-cookie: uid_id2=2e4050e2-862b-478b-bced-8ca26bdfb72a:1:1; expires=Fri, 14 Apr 2034 13:23:08 GMT; secure; SameSite=None
X-Firefox-Spdy: h2
|
|
| nguonchillb.com/themes/np/images/button_km.png | 94.242.50.163 | 200 OK | 2.6 kB |
URL GET HTTP/1.1nguonchillb.com/themes/np/images/button_km.png IP94.242.50.163:80
Requested byhttp://nguonchillb.com/thanh-vat-ca-sau-crocodile-dundee-f41307.html
File typePNG image data, 66 x 50, 8-bit/color RGBA, non-interlaced Hash05238f78240b8bb3d2453e866550a011 766a5353d457d5282bb04192072a116073b8666d aed76e5f2deac5394da887c6b862ab04fbc3e601348006da714310d72c5dfc60
GET /themes/np/images/button_km.png HTTP/1.1
Host: nguonchillb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://nguonchillb.com/themes/np/css/color.css?v=np2.4.8.2
Cookie: PHPSESSID=8dvl95rdhpai9cna7n314km336; us_session_id=P1821; _ga_3RRF2WKVFP=GS1.1.1713273788.1.0.1713273788.0.0.0; _ga=GA1.1.12000175.1713273788
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 16 Apr 2024 13:23:08 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.0.33
Last-Modified: Fri, 19 Jan 2018 09:15:00 GMT
Accept-Ranges: bytes
Content-Length: 2646
Cache-Control: max-age=2592000, public
Expires: Thu, 16 May 2024 13:23:08 GMT
Connection: close
Content-Type: image/png
|
|
| nguonchillb.com/themes/np/images/bottomNavON.png | 94.242.50.163 | 200 OK | 1.3 kB |
URL GET HTTP/1.1nguonchillb.com/themes/np/images/bottomNavON.png IP94.242.50.163:80
Requested byhttp://nguonchillb.com/thanh-vat-ca-sau-crocodile-dundee-f41307.html
File typePNG image data, 13 x 13, 8-bit/color RGBA, non-interlaced Hash0703045e13e1ab8508a2273cbe71d5d6 c2d2f79bb3758de5722cddd94eaf4701078b4d71 698cc5f19fb8e30c2a9d8471e81637cb26e8fcd67a55bfffc9ca651a0c45e90f
GET /themes/np/images/bottomNavON.png HTTP/1.1
Host: nguonchillb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://nguonchillb.com/themes/np/css/color.css?v=np2.4.8.2
Cookie: PHPSESSID=8dvl95rdhpai9cna7n314km336; us_session_id=P1821; _ga_3RRF2WKVFP=GS1.1.1713273788.1.0.1713273788.0.0.0; _ga=GA1.1.12000175.1713273788
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 16 Apr 2024 13:23:08 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.0.33
Last-Modified: Fri, 19 Jan 2018 09:15:00 GMT
Accept-Ranges: bytes
Content-Length: 1334
Cache-Control: max-age=2592000, public
Expires: Thu, 16 May 2024 13:23:08 GMT
Connection: close
Content-Type: image/png
|
|
| nguonchillb.com/themes/np/images/bottomNavOFF.png | 94.242.50.163 | 200 OK | 1.3 kB |
URL GET HTTP/1.1nguonchillb.com/themes/np/images/bottomNavOFF.png IP94.242.50.163:80
Requested byhttp://nguonchillb.com/thanh-vat-ca-sau-crocodile-dundee-f41307.html
File typePNG image data, 13 x 13, 8-bit/color RGBA, non-interlaced Hash840cd790a57c4cee3fb5b50d448dfd3a 976ecfbdaadc569488019ad246b6dfa31bdab85b d317c5f6a5b4342d84bcc00cb0c99d2ce3c7d6f1044ac8036d722fcbf728baeb
GET /themes/np/images/bottomNavOFF.png HTTP/1.1
Host: nguonchillb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://nguonchillb.com/themes/np/css/color.css?v=np2.4.8.2
Cookie: PHPSESSID=8dvl95rdhpai9cna7n314km336; us_session_id=P1821; _ga_3RRF2WKVFP=GS1.1.1713273788.1.0.1713273788.0.0.0; _ga=GA1.1.12000175.1713273788
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 16 Apr 2024 13:23:08 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.0.33
Last-Modified: Fri, 19 Jan 2018 09:15:00 GMT
Accept-Ranges: bytes
Content-Length: 1250
Cache-Control: max-age=2592000, public
Expires: Thu, 16 May 2024 13:23:08 GMT
Connection: close
Content-Type: image/png
|
|
| nguonchillb.com/site/site/checkaccess/ | 94.242.50.163 | 200 OK | 7 B |
URL POST HTTP/1.1nguonchillb.com/site/site/checkaccess/ IP94.242.50.163:80
Requested byhttp://nguonchillb.com/thanh-vat-ca-sau-crocodile-dundee-f41307.html
File typeASCII text, with no line terminators Hash4e3ca82bee9b6a4b6c6e30ca31234e50 f007b014714adb9c2c7c105e64dfa8448e9ec77a 148ecdac86b94c986a6bb2da57595b2cc4b35afa88e266ec7f30f79530803efb
POST /site/site/checkaccess/ HTTP/1.1
Host: nguonchillb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
X-Requested-With: XMLHttpRequest
Content-Length: 99
Origin: http://nguonchillb.com
DNT: 1
Connection: keep-alive
Referer: http://nguonchillb.com/thanh-vat-ca-sau-crocodile-dundee-f41307.html
Cookie: PHPSESSID=8dvl95rdhpai9cna7n314km336; us_session_id=P1821; _ga_3RRF2WKVFP=GS1.1.1713273788.1.0.1713273788.0.0.0; _ga=GA1.1.12000175.1713273788
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 16 Apr 2024 13:23:08 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.0.33
X-Powered-By: PHP/7.0.33
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
X-UA-Compatible: IE=edge,chrome=1
Content-Length: 7
Connection: close
Content-Type: text/html; charset=UTF-8
|
|
| nguonchillb.com/site/chatbot/refresh/ | 94.242.50.163 | 200 OK | 260 B |
URL POST HTTP/1.1nguonchillb.com/site/chatbot/refresh/ IP94.242.50.163:80
Requested byhttp://nguonchillb.com/thanh-vat-ca-sau-crocodile-dundee-f41307.html
Hashba0683de7607ad624fb4cecda80e9bc1 674cb63ed78bcbd018343354b0ae42e9c43d2ee1 83db877ee449fa874aaaf8896bc642c25fc2f6e8c0179b6d4d59a2c0c9cdfce1
POST /site/chatbot/refresh/ HTTP/1.1
Host: nguonchillb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
X-Requested-With: XMLHttpRequest
Content-Length: 16
Origin: http://nguonchillb.com
DNT: 1
Connection: keep-alive
Referer: http://nguonchillb.com/thanh-vat-ca-sau-crocodile-dundee-f41307.html
Cookie: PHPSESSID=8dvl95rdhpai9cna7n314km336; us_session_id=P1821; _ga_3RRF2WKVFP=GS1.1.1713273788.1.0.1713273788.0.0.0; _ga=GA1.1.12000175.1713273788
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 16 Apr 2024 13:23:08 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.0.33
X-Powered-By: PHP/7.0.33
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: Accept-Encoding
Content-Encoding: gzip
X-UA-Compatible: IE=edge,chrome=1
Content-Length: 260
Connection: close
Content-Type: text/html; charset=UTF-8
|
|
| m3.nguonphim.net/media/images/1/favi/favicon-1498701606.png | 94.242.50.163 | 200 OK | 18 kB |
URL GET HTTP/1.1m3.nguonphim.net/media/images/1/favi/favicon-1498701606.png IP94.242.50.163:80
Requested byhttp://nguonchillb.com/thanh-vat-ca-sau-crocodile-dundee-f41307.html
File typePNG image data, 46 x 48, 8-bit/color RGBA, non-interlaced Hashe6f4a93efe2d93e885abcbb4cc09cd4a e4f94b9e95b40e30b215228316bb7f8c48d08ed2 93b7bbea433aa41f6efb860d3d9777d363f9e64fc1ad4186cd9ef525bbee9c94
GET /media/images/1/favi/favicon-1498701606.png HTTP/1.1
Host: m3.nguonphim.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://nguonchillb.com/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 16 Apr 2024 13:23:08 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.0.33
Last-Modified: Wed, 05 Jul 2017 04:14:59 GMT
ETag: "45d1-5538a3e52eb40"
Accept-Ranges: bytes
Content-Length: 17873
Cache-Control: max-age=5184000, public
Expires: Sat, 15 Jun 2024 13:23:08 GMT
Access-Control-Allow-Origin: *
Connection: close
Content-Type: image/png
|
|
| continuousselfevidentinestimable.com/sbar.json?key=5b28bb3338748187b2166508de2d96b3&uuid=2e4050e2-862b-478b-bced-8ca26bdfb72a%3A1%3A1 | 172.240.108.68 | 200 OK | 8.1 kB |
URL GET HTTP/1.1continuousselfevidentinestimable.com/sbar.json?key=5b28bb3338748187b2166508de2d96b3&uuid=2e4050e2-862b-478b-bced-8ca26bdfb72a%3A1%3A1 IP172.240.108.68:443
Requested byhttp://nguonchillb.com/thanh-vat-ca-sau-crocodile-dundee-f41307.html CertificateIssuerLet's Encrypt Subjectcontinuousselfevidentinestimable.com Fingerprint1F:F4:36:85:7F:D7:60:BF:21:DA:52:FF:00:60:97:80:4B:6D:0D:3A ValidityMon, 15 Apr 2024 12:20:33 GMT - Sun, 14 Jul 2024 12:20:32 GMT
Hash5c6527f0cfd80b519fdca40c9581bf66 491f0c8350f0a42083a34fd73901d59fe86151e7 7f49ad1ba4b4d8326eca2c2af939496bb4b85fe5579789fa500f9d65d970d6c2
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /sbar.json?key=5b28bb3338748187b2166508de2d96b3&uuid=2e4050e2-862b-478b-bced-8ca26bdfb72a%3A1%3A1 HTTP/1.1
Host: continuousselfevidentinestimable.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://nguonchillb.com
DNT: 1
Connection: keep-alive
Referer: http://nguonchillb.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Tue, 16 Apr 2024 13:23:09 GMT
Content-Type: text/plain; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: http://nguonchillb.com
Access-Control-Allow-Origin: http://nguonchillb.com
Access-Control-Allow-Credentials: true
Set-Cookie: u_pl=17093374; expires=Wed, 17 Apr 2024 13:23:09 GMT; secure; SameSite=None
uid_id2=2e4050e2-862b-478b-bced-8ca26bdfb72a:1:1; expires=Tue, 23 Apr 2024 13:23:09 GMT; secure; SameSite=None
pdhtkv=true; expires=Wed, 17 Apr 2024 13:23:09 GMT; secure; SameSite=None
uncs=1; expires=Wed, 17 Apr 2024 13:23:09 GMT; secure; SameSite=None
pdhtkv29=true; expires=Wed, 17 Apr 2024 13:23:09 GMT; secure; SameSite=None
uncs29=1; expires=Wed, 17 Apr 2024 13:23:09 GMT; secure; SameSite=None
slec5b28bb3338748187b2166508de2d96b3=[3078195,3078189]; expires=Tue, 16 Apr 2024 13:23:14 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 575cb0e39baa02c1b611f9247bbbeade
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
|
|
| continuousselfevidentinestimable.com/ren.gif?sid=H4sIAAAAAAAC%2F1RSX2skxRetzi%2FwexAWlAVBUQbxQcFMuntmenrch8W4RhbjZtlV9E2qumomZaq7mqqu6Ul8CS7IPg5%2Bgs6ZZIPuIvoBdtXJgkhAyPiUB%2FMZBHHxSaTH6OCF7vvn3Avn3lOf7btzEsLRs2vv6l2pFF3tNP3GKx8GwZXGhszcqDGKo4%2Bi9pWGGb7ei5r%2Bq423RbKtV0M%2F8P3ADxrr0oi%2BHq3WIGT%2BoBc0e36zHTaDThsj89%2FcOg%2BWeuDDc%2FIMJJ8tP%2FYuQyZTZOnX14TdLnT%2B2lupU7TQBkN%2B9H62nekyQ7oI%2B8ZDPzu66Ia2p%2BuPoLPDOV3o4b%2BNTM6I98MjsOzogiTY8GDOkymIDIw%2FhXI4hVBTSDpFou9A8lMCJBw3NpGl925oU9Kdv1FaozOy%2FOQ3yHJGln%2B5jCz9ak3JUeO2Vq6QOrMY9SvI0RRyMEXujlHsLkGWx0iKTyH5T2T1yQay9GDTKg3Jz14ORdvv%2BCJciaOQrbS7MVthieArcULDiPE%2B64Z0fiApp5D9KZQYg1oPrv6kB9f34HIPKT9rJEEQdH2eUD%2FuJUmLdwWLuB%2FQbj%2BggR%2FFcEm9wxhFPkaixkjMHnKzh205hnHfwW5VsNyDLQiGvEIpCEpLUFKCUhKUBUE5rA65sqGt7nFlHQsufHjhW9VEF4N9eqiLgcgIqBnD8Go%2FPydP1wf0lmd%2FYlucNTosjBlrtVpxtx0HcZeFQRR1%2FJiLkPci1oKVFaRdmq%2B7W4v5%2FRry2r90FYwew6pjJNIDdS%2BAlhXoVoXd7H42cDorhs1Ep%2BC6Ql4so9jx9tU5eX6uYPOPFkRyQi4MiamQmwofy8cEA3V3ckuX5OCWLi35ZjMvZCp3aa3u7YIWwvvyHbFTasOvX7PjL95IaqAOH7wnbLFBMy6zgSX31yTnwqxrkwjy8Lr9QLCbzm6tOZO5fOPmm%2BvX09wIa6XOpqDy9NIlJHJG%2Fv%2Fj7%2FNn%2B%2Bz5c5BmCuMqpG7BVOpjJPkebL6oWU1g1CJnuYfSVRMTskVRSQIlFjllFaw4%2BfbXf4YW8cTQeprKat%2FexcAsgRZ3kKUVhqbCUFWgagzr%2FjcpcnNy9efW3MDU0oQps3TAlFGfz49c%2F1Zg5Vmj22r5NOp1gm6Xii5rh3E%2FCjilYTsKo4i2UNhZ%2F8VPHv4FAAD%2F%2FwEAAP%2F%2F4EWFMpAEAAA%3D | 172.240.108.68 | 200 OK | 7 B |
URL GET HTTP/1.1continuousselfevidentinestimable.com/ren.gif?sid=H4sIAAAAAAAC%2F1RSX2skxRetzi%2FwexAWlAVBUQbxQcFMuntmenrch8W4RhbjZtlV9E2qumomZaq7mqqu6Ul8CS7IPg5%2Bgs6ZZIPuIvoBdtXJgkhAyPiUB%2FMZBHHxSaTH6OCF7vvn3Avn3lOf7btzEsLRs2vv6l2pFF3tNP3GKx8GwZXGhszcqDGKo4%2Bi9pWGGb7ei5r%2Bq423RbKtV0M%2F8P3ADxrr0oi%2BHq3WIGT%2BoBc0e36zHTaDThsj89%2FcOg%2BWeuDDc%2FIMJJ8tP%2FYuQyZTZOnX14TdLnT%2B2lupU7TQBkN%2B9H62nekyQ7oI%2B8ZDPzu66Ia2p%2BuPoLPDOV3o4b%2BNTM6I98MjsOzogiTY8GDOkymIDIw%2FhXI4hVBTSDpFou9A8lMCJBw3NpGl925oU9Kdv1FaozOy%2FOQ3yHJGln%2B5jCz9ak3JUeO2Vq6QOrMY9SvI0RRyMEXujlHsLkGWx0iKTyH5T2T1yQay9GDTKg3Jz14ORdvv%2BCJciaOQrbS7MVthieArcULDiPE%2B64Z0fiApp5D9KZQYg1oPrv6kB9f34HIPKT9rJEEQdH2eUD%2FuJUmLdwWLuB%2FQbj%2BggR%2FFcEm9wxhFPkaixkjMHnKzh205hnHfwW5VsNyDLQiGvEIpCEpLUFKCUhKUBUE5rA65sqGt7nFlHQsufHjhW9VEF4N9eqiLgcgIqBnD8Go%2FPydP1wf0lmd%2FYlucNTosjBlrtVpxtx0HcZeFQRR1%2FJiLkPci1oKVFaRdmq%2B7W4v5%2FRry2r90FYwew6pjJNIDdS%2BAlhXoVoXd7H42cDorhs1Ep%2BC6Ql4so9jx9tU5eX6uYPOPFkRyQi4MiamQmwofy8cEA3V3ckuX5OCWLi35ZjMvZCp3aa3u7YIWwvvyHbFTasOvX7PjL95IaqAOH7wnbLFBMy6zgSX31yTnwqxrkwjy8Lr9QLCbzm6tOZO5fOPmm%2BvX09wIa6XOpqDy9NIlJHJG%2Fv%2Fj7%2FNn%2B%2Bz5c5BmCuMqpG7BVOpjJPkebL6oWU1g1CJnuYfSVRMTskVRSQIlFjllFaw4%2BfbXf4YW8cTQeprKat%2FexcAsgRZ3kKUVhqbCUFWgagzr%2FjcpcnNy9efW3MDU0oQps3TAlFGfz49c%2F1Zg5Vmj22r5NOp1gm6Xii5rh3E%2FCjilYTsKo4i2UNhZ%2F8VPHv4FAAD%2F%2FwEAAP%2F%2F4EWFMpAEAAA%3D IP172.240.108.68:443
Requested byhttp://nguonchillb.com/thanh-vat-ca-sau-crocodile-dundee-f41307.html CertificateIssuerLet's Encrypt Subjectcontinuousselfevidentinestimable.com Fingerprint1F:F4:36:85:7F:D7:60:BF:21:DA:52:FF:00:60:97:80:4B:6D:0D:3A ValidityMon, 15 Apr 2024 12:20:33 GMT - Sun, 14 Jul 2024 12:20:32 GMT
File typeASCII text, with no line terminators Hash132d6af1b46048b45cf86cdee7991d31 eb7007d03d59b65bc6da7e098c4d38fc6dfb6285 ab852e838deccd742a03ca81d4a8d75cf1a00b327db3eaf46bd7da6b6db9384c
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /ren.gif?sid=H4sIAAAAAAAC%2F1RSX2skxRetzi%2FwexAWlAVBUQbxQcFMuntmenrch8W4RhbjZtlV9E2qumomZaq7mqqu6Ul8CS7IPg5%2Bgs6ZZIPuIvoBdtXJgkhAyPiUB%2FMZBHHxSaTH6OCF7vvn3Avn3lOf7btzEsLRs2vv6l2pFF3tNP3GKx8GwZXGhszcqDGKo4%2Bi9pWGGb7ei5r%2Bq423RbKtV0M%2F8P3ADxrr0oi%2BHq3WIGT%2BoBc0e36zHTaDThsj89%2FcOg%2BWeuDDc%2FIMJJ8tP%2FYuQyZTZOnX14TdLnT%2B2lupU7TQBkN%2B9H62nekyQ7oI%2B8ZDPzu66Ia2p%2BuPoLPDOV3o4b%2BNTM6I98MjsOzogiTY8GDOkymIDIw%2FhXI4hVBTSDpFou9A8lMCJBw3NpGl925oU9Kdv1FaozOy%2FOQ3yHJGln%2B5jCz9ak3JUeO2Vq6QOrMY9SvI0RRyMEXujlHsLkGWx0iKTyH5T2T1yQay9GDTKg3Jz14ORdvv%2BCJciaOQrbS7MVthieArcULDiPE%2B64Z0fiApp5D9KZQYg1oPrv6kB9f34HIPKT9rJEEQdH2eUD%2FuJUmLdwWLuB%2FQbj%2BggR%2FFcEm9wxhFPkaixkjMHnKzh205hnHfwW5VsNyDLQiGvEIpCEpLUFKCUhKUBUE5rA65sqGt7nFlHQsufHjhW9VEF4N9eqiLgcgIqBnD8Go%2FPydP1wf0lmd%2FYlucNTosjBlrtVpxtx0HcZeFQRR1%2FJiLkPci1oKVFaRdmq%2B7W4v5%2FRry2r90FYwew6pjJNIDdS%2BAlhXoVoXd7H42cDorhs1Ep%2BC6Ql4so9jx9tU5eX6uYPOPFkRyQi4MiamQmwofy8cEA3V3ckuX5OCWLi35ZjMvZCp3aa3u7YIWwvvyHbFTasOvX7PjL95IaqAOH7wnbLFBMy6zgSX31yTnwqxrkwjy8Lr9QLCbzm6tOZO5fOPmm%2BvX09wIa6XOpqDy9NIlJHJG%2Fv%2Fj7%2FNn%2B%2Bz5c5BmCuMqpG7BVOpjJPkebL6oWU1g1CJnuYfSVRMTskVRSQIlFjllFaw4%2BfbXf4YW8cTQeprKat%2FexcAsgRZ3kKUVhqbCUFWgagzr%2FjcpcnNy9efW3MDU0oQps3TAlFGfz49c%2F1Zg5Vmj22r5NOp1gm6Xii5rh3E%2FCjilYTsKo4i2UNhZ%2F8VPHv4FAAD%2F%2FwEAAP%2F%2F4EWFMpAEAAA%3D HTTP/1.1
Host: continuousselfevidentinestimable.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://nguonchillb.com/
Cookie: u_pl=17093374; uid_id2=2e4050e2-862b-478b-bced-8ca26bdfb72a:1:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; slec5b28bb3338748187b2166508de2d96b3=[3078195,3078189]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Tue, 16 Apr 2024 13:23:09 GMT
Content-Type: image/gif
Content-Length: 7
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: e93a01032f57aa3905725354c39dbf00
Strict-Transport-Security: max-age=0; includeSubdomains
|
|
| cdn.creative-bars1.com/sb/notifications/utility/default/us/blog/financeskipper/message_redcircle2/16/img/sale3.jpg | 104.21.70.253 | 200 OK | 65 kB |
URL GET HTTP/2cdn.creative-bars1.com/sb/notifications/utility/default/us/blog/financeskipper/message_redcircle2/16/img/sale3.jpg IP104.21.70.253:443
Requested byhttp://nguonchillb.com/thanh-vat-ca-sau-crocodile-dundee-f41307.html CertificateIssuerGoogle Trust Services LLC Subjectcreative-bars1.com Fingerprint3D:29:39:2C:F1:E5:C6:EF:54:F5:70:B5:CF:A8:C2:75:4D:89:72:13 ValidityMon, 15 Apr 2024 15:02:18 GMT - Sun, 14 Jul 2024 15:02:17 GMT
File typeJPEG image data, Exif standard: [TIFF image data, big-endian, direntries=12, height=242, bps=0, PhotometricInterpretation=RGB, orientation=upper-left, width=364], progressive, precision 8, 364x242, components 3 Hash61f7b1fa1698507638df7882e2bdfcaf 89134af9a734f4c30d0db01ea36c86895e46b7e3 bc0a583f7e3c834e53d5263ecc90d279b27460ea2e9bce56b7ac6b129eb5849c
GET /sb/notifications/utility/default/us/blog/financeskipper/message_redcircle2/16/img/sale3.jpg HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Tue, 16 Apr 2024 13:23:09 GMT
content-type: image/jpeg
content-length: 64642
last-modified: Fri, 19 Jan 2024 14:21:26 GMT
etag: "65aa8566-fc82"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 5354273
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=45oPjzJhetGpQjUTyE84vBZc4vwZ3O9k61IiqtdytdWgiBwcfTcG5zGRmDdlZUa5ceGnj8rANUr1y3V0jr7TB1VUv4%2B9TnaH%2BrXfzAX4kLkMSL3iBfebuNYRkMwYxZ%2F70AgvagR4a8eG"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87547d02bef3569f-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| downstairsnegotiatebarren.com/sfp.js | 172.67.180.87 | 301 Moved Permanently | 28 kB |
URL GET HTTP/1.1downstairsnegotiatebarren.com/sfp.js IP172.67.180.87:80
Requested byhttp://nguonchillb.com/thanh-vat-ca-sau-crocodile-dundee-f41307.html
File typeJavaScript source, Unicode text, UTF-8 text, with very long lines (65529), with no line terminators Hashf4a2f8f9f99541c6f105bbd0a025bd40 1f8e3eff12168fdd9e719adfc098d24a45b6916a b717cb04231a10d425fd55b73c85a5407119c6826a8bac94142fddfff6958716
GET /sfp.js HTTP/1.1
Host: downstairsnegotiatebarren.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://nguonchillb.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Tue, 16 Apr 2024 13:23:09 GMT
content-type: application/javascript; charset=utf-8
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin: *
expires: Thu, 01 Jan 1970 00:00:01 GMT
cache-control: max-age=14400
x-request-id: 0d559ba6849e0164bc97091d0b4b7254
strict-transport-security: max-age=0; includeSubdomains
cf-cache-status: EXPIRED
last-modified: Tue, 16 Apr 2024 13:23:08 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=MoGOamGGcljmPJWZWAhTSozkQuz9kCnuj4%2FmLwV63QDlUtTUkjG9NuoaBxHTjdLl%2F6m1USsf7SIY%2FC74IzNkcLct9UYeEZjmoFzycCqJq9c5ZgmOUeuLXiTAlHv6%2FkJhY6L83ACso5fECYSQu0npaw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87547cfbfb0bb50b-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| fonts.googleapis.com/css?family=Roboto:300,400,700&display=swap | 142.250.74.106 | 200 OK | 717 B |
URL GET HTTP/1.1fonts.googleapis.com/css?family=Roboto:300,400,700&display=swap IP142.250.74.106:80
Requested byhttp://nguonchillb.com/thanh-vat-ca-sau-crocodile-dundee-f41307.html
Hash9cc7d472437c87f6f7ebeb35abec09f1 948bb2b7bf4bbc829015c125e1b6f7859b2948b0 9a39510af72db44fb14d333c52c41da0e90827afcfe78c8f12b367f0a94783b7
GET /css?family=Roboto:300,400,700&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: text/css; charset=utf-8
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Link: <http://fonts.gstatic.com>; rel=preconnect; crossorigin
Expires: Tue, 16 Apr 2024 13:23:09 GMT
Date: Tue, 16 Apr 2024 13:23:09 GMT
Cache-Control: private, max-age=86400
Cross-Origin-Opener-Policy: same-origin-allow-popups
Cross-Origin-Resource-Policy: cross-origin
Content-Encoding: gzip
Transfer-Encoding: chunked
Server: ESF
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
|
|
| continuousselfevidentinestimable.com/pixel/sbls?bv=24.6.6370&tmpl=482&u=https%3A%2F%2Fcdn.barscreative1.com%2Fsb%2Fnotifications%2Futility%2Fdefault%2Fus%2Fblog%2Ffinanceskipper%2Fmessage_redcircle2%2F16%2Findex.html&l=1545&fd=95 | 172.240.108.68 | 200 OK | 0 B |
URL GET HTTP/1.1continuousselfevidentinestimable.com/pixel/sbls?bv=24.6.6370&tmpl=482&u=https%3A%2F%2Fcdn.barscreative1.com%2Fsb%2Fnotifications%2Futility%2Fdefault%2Fus%2Fblog%2Ffinanceskipper%2Fmessage_redcircle2%2F16%2Findex.html&l=1545&fd=95 IP172.240.108.68:80
Requested byhttp://nguonchillb.com/thanh-vat-ca-sau-crocodile-dundee-f41307.html
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /pixel/sbls?bv=24.6.6370&tmpl=482&u=https%3A%2F%2Fcdn.barscreative1.com%2Fsb%2Fnotifications%2Futility%2Fdefault%2Fus%2Fblog%2Ffinanceskipper%2Fmessage_redcircle2%2F16%2Findex.html&l=1545&fd=95 HTTP/1.1
Host: continuousselfevidentinestimable.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://nguonchillb.com/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Tue, 16 Apr 2024 13:23:09 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
|
|
| continuousselfevidentinestimable.com/pixel/sbls?bv=24.6.6370&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Fnotifications%2Futility%2Fdefault%2Fus%2Fblog%2Ffinanceskipper%2Fmessage_redcircle2%2F16%2Fcss%2Fstyle.css&l=3664&fd=335 | 172.240.108.68 | 200 OK | 0 B |
URL GET HTTP/1.1continuousselfevidentinestimable.com/pixel/sbls?bv=24.6.6370&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Fnotifications%2Futility%2Fdefault%2Fus%2Fblog%2Ffinanceskipper%2Fmessage_redcircle2%2F16%2Fcss%2Fstyle.css&l=3664&fd=335 IP172.240.108.68:80
Requested byhttp://nguonchillb.com/thanh-vat-ca-sau-crocodile-dundee-f41307.html
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /pixel/sbls?bv=24.6.6370&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Fnotifications%2Futility%2Fdefault%2Fus%2Fblog%2Ffinanceskipper%2Fmessage_redcircle2%2F16%2Fcss%2Fstyle.css&l=3664&fd=335 HTTP/1.1
Host: continuousselfevidentinestimable.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://nguonchillb.com/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Tue, 16 Apr 2024 13:23:10 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
|
|
| continuousselfevidentinestimable.com/pixel/sbls?bv=24.6.6370&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Fnotifications%2Futility%2Fdefault%2Fus%2Fblog%2Ffinanceskipper%2Fmessage_redcircle2%2F16%2Fjs%2Fscript.js&l=386&fd=341 | 172.240.108.68 | 200 OK | 0 B |
URL GET HTTP/1.1continuousselfevidentinestimable.com/pixel/sbls?bv=24.6.6370&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Fnotifications%2Futility%2Fdefault%2Fus%2Fblog%2Ffinanceskipper%2Fmessage_redcircle2%2F16%2Fjs%2Fscript.js&l=386&fd=341 IP172.240.108.68:80
Requested byhttp://nguonchillb.com/thanh-vat-ca-sau-crocodile-dundee-f41307.html
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /pixel/sbls?bv=24.6.6370&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Fnotifications%2Futility%2Fdefault%2Fus%2Fblog%2Ffinanceskipper%2Fmessage_redcircle2%2F16%2Fjs%2Fscript.js&l=386&fd=341 HTTP/1.1
Host: continuousselfevidentinestimable.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://nguonchillb.com/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Tue, 16 Apr 2024 13:23:10 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
|
|
| fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 | 142.250.74.99 | 200 OK | 16 kB |
URL GET HTTP/2fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 IP142.250.74.99:443
Requested byhttp://nguonchillb.com/thanh-vat-ca-sau-crocodile-dundee-f41307.html CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com Fingerprint8F:81:43:71:C4:F3:8C:FA:6D:EC:B4:5E:1F:58:71:AA:48:42:0E:E9 ValidityMon, 04 Mar 2024 07:16:39 GMT - Mon, 27 May 2024 07:16:38 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 15744, version 1.0 Hash15d9f621c3bd1599f0169dcf0bd5e63e 7ca9c5967f3bb8bffeab24b639b49c1e7d03fa52 f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://nguonchillb.com
DNT: 1
Connection: keep-alive
Referer: http://fonts.googleapis.com/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin; report-to="apps-themes"
Report-To: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
Timing-Allow-Origin: *
Content-Length: 15744
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Thu, 11 Apr 2024 02:56:40 GMT
Expires: Fri, 11 Apr 2025 02:56:40 GMT
Cache-Control: public, max-age=31536000
Age: 469590
Last-Modified: Wed, 11 May 2022 19:24:48 GMT
Content-Type: font/woff2
|
|
| fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 | 142.250.74.99 | 200 OK | 16 kB |
URL GET HTTP/2fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 IP142.250.74.99:443
Requested byhttp://nguonchillb.com/thanh-vat-ca-sau-crocodile-dundee-f41307.html CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com Fingerprint8F:81:43:71:C4:F3:8C:FA:6D:EC:B4:5E:1F:58:71:AA:48:42:0E:E9 ValidityMon, 04 Mar 2024 07:16:39 GMT - Mon, 27 May 2024 07:16:38 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 15860, version 1.0 Hashe9f5aaf547f165386cd313b995dddd8e acdef5603c2387b0e5bffd744b679a24a8bc1968 f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
GET /s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://nguonchillb.com
DNT: 1
Connection: keep-alive
Referer: http://fonts.googleapis.com/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin; report-to="apps-themes"
Report-To: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
Timing-Allow-Origin: *
Content-Length: 15860
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Tue, 09 Apr 2024 20:22:24 GMT
Expires: Wed, 09 Apr 2025 20:22:24 GMT
Cache-Control: public, max-age=31536000
Last-Modified: Wed, 11 May 2022 19:24:42 GMT
Content-Type: font/woff2
Age: 579646
|
|
| cdn.barscreative1.com/sb/notifications/utility/default/us/blog/financeskipper/message_redcircle2/16/index.html | 45.133.44.4 | 200 OK | 472 B |
URL GET HTTP/2cdn.barscreative1.com/sb/notifications/utility/default/us/blog/financeskipper/message_redcircle2/16/index.html IP45.133.44.4:443 ASN#39572 DataWeb Global Group B.V.
Requested byhttp://nguonchillb.com/thanh-vat-ca-sau-crocodile-dundee-f41307.html CertificateIssuerLet's Encrypt Subjectcdn.barscreative1.com FingerprintF6:54:F4:B9:EB:AD:1E:FA:8F:76:B9:75:20:9B:41:57:32:37:94:E3 ValiditySun, 10 Mar 2024 03:01:32 GMT - Sat, 08 Jun 2024 03:01:31 GMT
File typeHTML document, ASCII text Hash3f8de4c280d2d48e8418a562095ac7e4 3dc3e5bc655dcd0ff5b045b147c28398e07b6e4d 54358796e1fc6b065f33194b7e4f02b43fc28050a3d64e482e59f4251d06fc15
GET /sb/notifications/utility/default/us/blog/financeskipper/message_redcircle2/16/index.html HTTP/1.1
Host: cdn.barscreative1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://nguonchillb.com
DNT: 1
Connection: keep-alive
Referer: http://nguonchillb.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Tue, 16 Apr 2024 13:23:09 GMT
content-type: text/html; charset=utf-8
server: nginx/1.21.6
last-modified: Fri, 19 Jan 2024 14:21:26 GMT
etag: W/"65aa8566-609"
cache-control: max-age=3600
access-control-allow-origin: *
access-control-expose-headers: Date
content-encoding: gzip
expires: Tue, 16 Apr 2024 14:23:09 GMT
x-proxy-cache: HIT
X-Firefox-Spdy: h2
|
|
| cdn.creative-bars1.com/sb/notifications/utility/default/us/blog/financeskipper/message_redcircle2/16/js/script.js | 104.21.70.253 | 200 OK | 196 B |
URL GET HTTP/2cdn.creative-bars1.com/sb/notifications/utility/default/us/blog/financeskipper/message_redcircle2/16/js/script.js IP104.21.70.253:443
Requested byhttp://nguonchillb.com/thanh-vat-ca-sau-crocodile-dundee-f41307.html CertificateIssuerGoogle Trust Services LLC Subjectcreative-bars1.com Fingerprint3D:29:39:2C:F1:E5:C6:EF:54:F5:70:B5:CF:A8:C2:75:4D:89:72:13 ValidityMon, 15 Apr 2024 15:02:18 GMT - Sun, 14 Jul 2024 15:02:17 GMT
Hash5ca8c1679ba9453cfa512e01d6fec9c5 45628341eb20e4acee5e812d3b2dfc8f23962daf 520a0196a18cbe656f7382a02ec828125e68bdac511b9ebe2bf27f31e262d037
GET /sb/notifications/utility/default/us/blog/financeskipper/message_redcircle2/16/js/script.js HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://nguonchillb.com
DNT: 1
Connection: keep-alive
Referer: http://nguonchillb.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Tue, 16 Apr 2024 13:23:10 GMT
content-type: application/javascript
last-modified: Fri, 19 Jan 2024 14:21:26 GMT
etag: W/"65aa8566-182"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=KFVBeE%2FOMgS3jryxsM4BpMsxuEy7oodkFCwflxB2uCNdWK6BB2s%2Fh4akT4PeigY4U818zVI68WDnTzQqK0eYJ%2BU0GyipfV%2FO0fDeVNWgG38abiPKuSaWYapLeLeroMiKqlle8q1Lg8TW"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87547d024e21569f-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| continuousselfevidentinestimable.com/pixel/sbs?c=1 | 172.240.108.68 | 200 OK | 0 B |
URL GET HTTP/1.1continuousselfevidentinestimable.com/pixel/sbs?c=1 IP172.240.108.68:443
Requested byhttp://nguonchillb.com/thanh-vat-ca-sau-crocodile-dundee-f41307.html CertificateIssuerLet's Encrypt Subjectcontinuousselfevidentinestimable.com Fingerprint1F:F4:36:85:7F:D7:60:BF:21:DA:52:FF:00:60:97:80:4B:6D:0D:3A ValidityMon, 15 Apr 2024 12:20:33 GMT - Sun, 14 Jul 2024 12:20:32 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /pixel/sbs?c=1 HTTP/1.1
Host: continuousselfevidentinestimable.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://nguonchillb.com/
Cookie: u_pl=17093374; uid_id2=2e4050e2-862b-478b-bced-8ca26bdfb72a:1:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; slec5b28bb3338748187b2166508de2d96b3=[3078195,3078189]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Tue, 16 Apr 2024 13:23:10 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
|
|
| unseenreport.com/pxf.gif?uuid=2e4050e2-862b-478b-bced-8ca26bdfb72a&eb=978028c5053b26833423c7a069ce3bd5&te=5db3a4e34790624df926db520a13f79f&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=e&res=14.2069&b_frame=0&pk=5b28bb3338748187b2166508de2d96b3&bl=en-US&sr=1024x1280&sz=1024x1280&hjs=13 | 192.243.59.13 | 200 OK | 0 B |
URL GET HTTP/1.1unseenreport.com/pxf.gif?uuid=2e4050e2-862b-478b-bced-8ca26bdfb72a&eb=978028c5053b26833423c7a069ce3bd5&te=5db3a4e34790624df926db520a13f79f&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=e&res=14.2069&b_frame=0&pk=5b28bb3338748187b2166508de2d96b3&bl=en-US&sr=1024x1280&sz=1024x1280&hjs=13 IP192.243.59.13:80 ASN#39572 DataWeb Global Group B.V.
Requested byhttp://nguonchillb.com/thanh-vat-ca-sau-crocodile-dundee-f41307.html
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /pxf.gif?uuid=2e4050e2-862b-478b-bced-8ca26bdfb72a&eb=978028c5053b26833423c7a069ce3bd5&te=5db3a4e34790624df926db520a13f79f&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=e&res=14.2069&b_frame=0&pk=5b28bb3338748187b2166508de2d96b3&bl=en-US&sr=1024x1280&sz=1024x1280&hjs=13 HTTP/1.1
Host: unseenreport.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://nguonchillb.com/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Tue, 16 Apr 2024 13:23:09 GMT
Content-Type: image/gif
Content-Length: 1
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 120fa42a03f19aabee7b9c6155221fce
Strict-Transport-Security: max-age=0; includeSubdomains
|
|
| continuousselfevidentinestimable.com/pixel/sbls?bv=24.6.6370&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Fnotifications%2Futility%2Fdefault%2Fus%2Fblog%2Ffinanceskipper%2Fmessage_redcircle2%2F16%2Fcss%2Fanimate.css&l=78689&fd=354 | 192.243.61.225 | 200 OK | 0 B |
URL GET HTTP/1.1continuousselfevidentinestimable.com/pixel/sbls?bv=24.6.6370&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Fnotifications%2Futility%2Fdefault%2Fus%2Fblog%2Ffinanceskipper%2Fmessage_redcircle2%2F16%2Fcss%2Fanimate.css&l=78689&fd=354 IP192.243.61.225:80 ASN#39572 DataWeb Global Group B.V.
Requested byhttp://nguonchillb.com/thanh-vat-ca-sau-crocodile-dundee-f41307.html
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /pixel/sbls?bv=24.6.6370&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Fnotifications%2Futility%2Fdefault%2Fus%2Fblog%2Ffinanceskipper%2Fmessage_redcircle2%2F16%2Fcss%2Fanimate.css&l=78689&fd=354 HTTP/1.1
Host: continuousselfevidentinestimable.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://nguonchillb.com/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Tue, 16 Apr 2024 13:23:10 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
|
|
| cdn.creative-bars1.com/sb/notifications/utility/default/us/blog/financeskipper/message_redcircle2/16/css/style.css | 104.21.70.253 | 200 OK | 3.7 kB |
URL GET HTTP/2cdn.creative-bars1.com/sb/notifications/utility/default/us/blog/financeskipper/message_redcircle2/16/css/style.css IP104.21.70.253:443
Requested byhttp://nguonchillb.com/thanh-vat-ca-sau-crocodile-dundee-f41307.html CertificateIssuerGoogle Trust Services LLC Subjectcreative-bars1.com Fingerprint3D:29:39:2C:F1:E5:C6:EF:54:F5:70:B5:CF:A8:C2:75:4D:89:72:13 ValidityMon, 15 Apr 2024 15:02:18 GMT - Sun, 14 Jul 2024 15:02:17 GMT
File typeASCII text, with very long lines (3865), with no line terminators Hash8af2a95e7b4e4fd515ebc4d2a5b969a9 8c10eb89ec6434d2b6540bef9d042c3d305bcef3 5d6300285dcf4ce34851ff873097d2ecccc9c2059e89aacc4ff6ee672baf2f8a
GET /sb/notifications/utility/default/us/blog/financeskipper/message_redcircle2/16/css/style.css HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://nguonchillb.com
DNT: 1
Connection: keep-alive
Referer: http://nguonchillb.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Tue, 16 Apr 2024 13:23:10 GMT
content-type: text/css
last-modified: Fri, 19 Jan 2024 14:21:26 GMT
etag: W/"65aa8566-e50"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=63QdFVmhKV2qoM5xcKhj8NC3YPifaaYLz3dwWLDxgqVgt8B4Q0SA755m6J1LYSakk2RIJZJEWYaZo8OYHF5TxgnVTvSRO2Mt8G7Xk2hKVCceWzDr%2BoYVx6pZ%2BSd3ov9UCxO2nDCIg4xr"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87547d023e0b569f-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| fonts.googleapis.com/css?family=Montserrat:100,100i,200,200i,300,300i,400,400i,500,500i,600,600i,700,700i,800,800i,900,900i | 142.250.74.106 | 200 OK | 31 kB |
URL GET HTTP/2fonts.googleapis.com/css?family=Montserrat:100,100i,200,200i,300,300i,400,400i,500,500i,600,600i,700,700i,800,800i,900,900i IP142.250.74.106:443
Requested byhttp://nguonchillb.com/thanh-vat-ca-sau-crocodile-dundee-f41307.html CertificateIssuerGoogle Trust Services LLC Subjectupload.video.google.com Fingerprint47:5A:64:7D:9F:47:34:07:31:91:97:F7:04:42:7A:D5:EA:AD:07:4E ValidityMon, 04 Mar 2024 07:16:44 GMT - Mon, 27 May 2024 07:16:43 GMT
Hash1535ab95ae017577b9c386b35a1cd5ee 2daa147654a80e47e16524ae15b678f59ee98514 468b3e9ad7eb860239ed3e6eba32e2e0ff79ee9c2bbf132f18a4d9c0809716e3
GET /css?family=Montserrat:100,100i,200,200i,300,300i,400,400i,500,500i,600,600i,700,700i,800,800i,900,900i HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://nguonchillb.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Tue, 16 Apr 2024 13:23:07 GMT
date: Tue, 16 Apr 2024 13:23:07 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| fonts.googleapis.com/css?family=Roboto+Condensed:300,300i,400,400i,700,700i&subset=latin-ext,vietnamese | 142.250.74.106 | 200 OK | 14 kB |
URL GET HTTP/2fonts.googleapis.com/css?family=Roboto+Condensed:300,300i,400,400i,700,700i&subset=latin-ext,vietnamese IP142.250.74.106:443
Requested byhttp://nguonchillb.com/thanh-vat-ca-sau-crocodile-dundee-f41307.html CertificateIssuerGoogle Trust Services LLC Subjectupload.video.google.com Fingerprint47:5A:64:7D:9F:47:34:07:31:91:97:F7:04:42:7A:D5:EA:AD:07:4E ValidityMon, 04 Mar 2024 07:16:44 GMT - Mon, 27 May 2024 07:16:43 GMT
Hashfc75373f300a1c1fbca638e636b5f68b 4bc81b7661df93d2b448862e227c13e42f23222e f105df3b32f71722ebee1ee36d7ff3a57f637e97400d9a691b878f1575d1984f
GET /css?family=Roboto+Condensed:300,300i,400,400i,700,700i&subset=latin-ext,vietnamese HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://nguonchillb.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Tue, 16 Apr 2024 13:23:07 GMT
date: Tue, 16 Apr 2024 13:23:07 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| cdn.creative-bars1.com/sb/notifications/utility/default/us/blog/financeskipper/message_redcircle2/16/css/animate.css | 104.21.70.253 | 200 OK | 79 kB |
URL GET HTTP/2cdn.creative-bars1.com/sb/notifications/utility/default/us/blog/financeskipper/message_redcircle2/16/css/animate.css IP104.21.70.253:443
Requested byhttp://nguonchillb.com/thanh-vat-ca-sau-crocodile-dundee-f41307.html CertificateIssuerGoogle Trust Services LLC Subjectcreative-bars1.com Fingerprint3D:29:39:2C:F1:E5:C6:EF:54:F5:70:B5:CF:A8:C2:75:4D:89:72:13 ValidityMon, 15 Apr 2024 15:02:18 GMT - Sun, 14 Jul 2024 15:02:17 GMT
Hash3d4123dbfb33d27a5cfdfcfa91df6783 e7d0eeeec54b848f0bc3da8685fa3bc88429d660 cb7d1393b65701b2f97d8da244c2c6023e9cbc3463ecb0136b915cfc775c6887
GET /sb/notifications/utility/default/us/blog/financeskipper/message_redcircle2/16/css/animate.css HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://nguonchillb.com
DNT: 1
Connection: keep-alive
Referer: http://nguonchillb.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Tue, 16 Apr 2024 13:23:10 GMT
content-type: text/css
last-modified: Fri, 19 Jan 2024 14:21:26 GMT
etag: W/"65aa8566-13361"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=KgDOTo5bjkA1ZEFPxUr%2FAjbP5go%2FeBnZEXER4y4Bj8excFaAu9f2gd9NxzpMoRo%2F1ceymwgODftqCmdygZCpqF4D1tvqZz1gPG%2BtboNU7p2sf2GnbCZZg9wLugSRyZHfHcEBqMHRPqaX"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87547d023e04569f-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| continuousselfevidentinestimable.com/impr.gif?sid=H4sIAAAAAAAC%2F1RSTWskVRe%2BlTfwLoQBZUBQlEZcKJhOVfVXxVkMxhgJxskwo%2BhO7ld1rrlVt7i3qqsTN8EBmWXjL6g8nUzQGUR%2FwIzaGRAJCGlXWZjfIIiDK5Fqo40Hqs7Hcw485zz3s4PigoQo6Pnau2ZPaU2XO02%2F8cqHQXCtsanSYtgYRt2Puu1rDTt4faXb9F9tvC35jlkO%2FcD3Az9orCsrYzNcrkGo7MFK0Fzxm%2B2wGXTaGNr%2F5q7w4KgHMbggz0CJ6eJj7yoUnyBNvl6Tbic32WtvJYWmubEYiOP3053UlCmSeRhbD3F6fNkN487WH8GkRzO6MIN%2FG5maEu%2BHR2Dp8SVJsMHhjCfTkCmYeArlYAKpJ1B0Am7uQIkzAnCBG1tIk3s3jC3p7t8ordEpWXzyG1Q5JYu%2FXEWafLWq1bBx2%2BgiVyZ1GMYV1HAC1Z8gK06Q7y1AlSfg%2BadQ4iey%2FGQTaXK45bSBEucvh7Ltd3wZLkXdkC21exFbYlyKpYjTsMtEzHohnR1IqQlUPIGWI1Dnoag%2F5aGIPRSZh0ScN3gQBD1fcOpHK5y3RE%2ByrvAD2osDGvjdCAWvdxghz0bgegRu95HZfeyoEWzxHdx2BSc8uJxgICqUkqB0BCUlKBVBmROUg%2BpIaBe66p7QrmDBpQ8vfasam7x%2FQI9M3pcpAbUjWFEdZBfk6fqA3uL0T%2BzI80aHhRFjrVYr6rWjIOqxMOh2O34kZChWuqwFpyootzBbd68W8%2FtVZLV%2F6ToYPYHTJ%2BDKAy1eAC0r0O0Ke%2Bn9tF%2BYNB80uUkgTIUsX0S%2B6x3oC%2FL8TMHmHy1IfkouDdxWyGyFj9Vjgr6%2BO75lSnJ4y5SOfLOV5SpRe7RW93ZOc%2Bl9%2BY7cLY0VG2tu9MUbvAbq8MF70uWbNBUq7Ttyf1UJIe26sVyShxvuA8luFm57tbBpkW3efHN9I8msdE6ZdAKqzq5cAVdT8v8ff58922cvnoOyE9iiQlLMmSpzAp7tw2XzmjMEVs9zlnkoi2psQzYvakWg5TynrIKTp9%2F%2B%2Bs%2FQPB5bWk9TVR24u%2BjbBdD8DtKkwsBWGOgKVI%2Fgiv%2BN88yeXv%2B5NTMwvTBm2i4cMm3157Mj178lOHXeaPmix2Qse0y2O%2B1YcsE6HebzmLOWiCKO3E3jFz95%2BBcAAAD%2F%2FwEAAP%2F%2FYJFQ2pAEAAA%3D | 172.240.108.68 | 200 OK | 0 B |
URL GET HTTP/1.1continuousselfevidentinestimable.com/impr.gif?sid=H4sIAAAAAAAC%2F1RSTWskVRe%2BlTfwLoQBZUBQlEZcKJhOVfVXxVkMxhgJxskwo%2BhO7ld1rrlVt7i3qqsTN8EBmWXjL6g8nUzQGUR%2FwIzaGRAJCGlXWZjfIIiDK5Fqo40Hqs7Hcw485zz3s4PigoQo6Pnau2ZPaU2XO02%2F8cqHQXCtsanSYtgYRt2Puu1rDTt4faXb9F9tvC35jlkO%2FcD3Az9orCsrYzNcrkGo7MFK0Fzxm%2B2wGXTaGNr%2F5q7w4KgHMbggz0CJ6eJj7yoUnyBNvl6Tbic32WtvJYWmubEYiOP3053UlCmSeRhbD3F6fNkN487WH8GkRzO6MIN%2FG5maEu%2BHR2Dp8SVJsMHhjCfTkCmYeArlYAKpJ1B0Am7uQIkzAnCBG1tIk3s3jC3p7t8ordEpWXzyG1Q5JYu%2FXEWafLWq1bBx2%2BgiVyZ1GMYV1HAC1Z8gK06Q7y1AlSfg%2BadQ4iey%2FGQTaXK45bSBEucvh7Ltd3wZLkXdkC21exFbYlyKpYjTsMtEzHohnR1IqQlUPIGWI1Dnoag%2F5aGIPRSZh0ScN3gQBD1fcOpHK5y3RE%2ByrvAD2osDGvjdCAWvdxghz0bgegRu95HZfeyoEWzxHdx2BSc8uJxgICqUkqB0BCUlKBVBmROUg%2BpIaBe66p7QrmDBpQ8vfasam7x%2FQI9M3pcpAbUjWFEdZBfk6fqA3uL0T%2BzI80aHhRFjrVYr6rWjIOqxMOh2O34kZChWuqwFpyootzBbd68W8%2FtVZLV%2F6ToYPYHTJ%2BDKAy1eAC0r0O0Ke%2Bn9tF%2BYNB80uUkgTIUsX0S%2B6x3oC%2FL8TMHmHy1IfkouDdxWyGyFj9Vjgr6%2BO75lSnJ4y5SOfLOV5SpRe7RW93ZOc%2Bl9%2BY7cLY0VG2tu9MUbvAbq8MF70uWbNBUq7Ttyf1UJIe26sVyShxvuA8luFm57tbBpkW3efHN9I8msdE6ZdAKqzq5cAVdT8v8ff58922cvnoOyE9iiQlLMmSpzAp7tw2XzmjMEVs9zlnkoi2psQzYvakWg5TynrIKTp9%2F%2B%2Bs%2FQPB5bWk9TVR24u%2BjbBdD8DtKkwsBWGOgKVI%2Fgiv%2BN88yeXv%2B5NTMwvTBm2i4cMm3157Mj178lOHXeaPmix2Qse0y2O%2B1YcsE6HebzmLOWiCKO3E3jFz95%2BBcAAAD%2F%2FwEAAP%2F%2FYJFQ2pAEAAA%3D IP172.240.108.68:443
Requested byhttp://nguonchillb.com/thanh-vat-ca-sau-crocodile-dundee-f41307.html CertificateIssuerLet's Encrypt Subjectcontinuousselfevidentinestimable.com Fingerprint1F:F4:36:85:7F:D7:60:BF:21:DA:52:FF:00:60:97:80:4B:6D:0D:3A ValidityMon, 15 Apr 2024 12:20:33 GMT - Sun, 14 Jul 2024 12:20:32 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /impr.gif?sid=H4sIAAAAAAAC%2F1RSTWskVRe%2BlTfwLoQBZUBQlEZcKJhOVfVXxVkMxhgJxskwo%2BhO7ld1rrlVt7i3qqsTN8EBmWXjL6g8nUzQGUR%2FwIzaGRAJCGlXWZjfIIiDK5Fqo40Hqs7Hcw485zz3s4PigoQo6Pnau2ZPaU2XO02%2F8cqHQXCtsanSYtgYRt2Puu1rDTt4faXb9F9tvC35jlkO%2FcD3Az9orCsrYzNcrkGo7MFK0Fzxm%2B2wGXTaGNr%2F5q7w4KgHMbggz0CJ6eJj7yoUnyBNvl6Tbic32WtvJYWmubEYiOP3053UlCmSeRhbD3F6fNkN487WH8GkRzO6MIN%2FG5maEu%2BHR2Dp8SVJsMHhjCfTkCmYeArlYAKpJ1B0Am7uQIkzAnCBG1tIk3s3jC3p7t8ordEpWXzyG1Q5JYu%2FXEWafLWq1bBx2%2BgiVyZ1GMYV1HAC1Z8gK06Q7y1AlSfg%2BadQ4iey%2FGQTaXK45bSBEucvh7Ltd3wZLkXdkC21exFbYlyKpYjTsMtEzHohnR1IqQlUPIGWI1Dnoag%2F5aGIPRSZh0ScN3gQBD1fcOpHK5y3RE%2ByrvAD2osDGvjdCAWvdxghz0bgegRu95HZfeyoEWzxHdx2BSc8uJxgICqUkqB0BCUlKBVBmROUg%2BpIaBe66p7QrmDBpQ8vfasam7x%2FQI9M3pcpAbUjWFEdZBfk6fqA3uL0T%2BzI80aHhRFjrVYr6rWjIOqxMOh2O34kZChWuqwFpyootzBbd68W8%2FtVZLV%2F6ToYPYHTJ%2BDKAy1eAC0r0O0Ke%2Bn9tF%2BYNB80uUkgTIUsX0S%2B6x3oC%2FL8TMHmHy1IfkouDdxWyGyFj9Vjgr6%2BO75lSnJ4y5SOfLOV5SpRe7RW93ZOc%2Bl9%2BY7cLY0VG2tu9MUbvAbq8MF70uWbNBUq7Ttyf1UJIe26sVyShxvuA8luFm57tbBpkW3efHN9I8msdE6ZdAKqzq5cAVdT8v8ff58922cvnoOyE9iiQlLMmSpzAp7tw2XzmjMEVs9zlnkoi2psQzYvakWg5TynrIKTp9%2F%2B%2Bs%2FQPB5bWk9TVR24u%2BjbBdD8DtKkwsBWGOgKVI%2Fgiv%2BN88yeXv%2B5NTMwvTBm2i4cMm3157Mj178lOHXeaPmix2Qse0y2O%2B1YcsE6HebzmLOWiCKO3E3jFz95%2BBcAAAD%2F%2FwEAAP%2F%2FYJFQ2pAEAAA%3D HTTP/1.1
Host: continuousselfevidentinestimable.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://nguonchillb.com/
Cookie: u_pl=17093374; uid_id2=2e4050e2-862b-478b-bced-8ca26bdfb72a:1:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; slec5b28bb3338748187b2166508de2d96b3=[3078195,3078189]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Tue, 16 Apr 2024 13:23:10 GMT
Content-Type: image/gif
Content-Length: 7
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 2dc406a7cec2aef25660fbe7a0a6d530
Strict-Transport-Security: max-age=0; includeSubdomains
|
|