| nguonchillb.com/site/site/embed/?url=https://nguonchillb.com/nguoi-bat-tu-victor-vu-f30332.html | 94.242.50.163 | | 0 B |
URL nguonchillb.com/site/site/embed/?url=https://nguonchillb.com/nguoi-bat-tu-victor-vu-f30332.html IP94.242.50.163:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /site/site/embed/?url=https://nguonchillb.com/nguoi-bat-tu-victor-vu-f30332.html HTTP/1.1
Host: nguonchillb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 301 Moved Permanently
Date: Fri, 10 May 2024 16:59:37 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.0.33
X-Powered-By: PHP/7.0.33
Set-Cookie: PHPSESSID=dfhq2l5cl64v3rmsmej3uel2t2; path=/
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Location: http://nguonchillb.com/site/site/embed/?url=https://nguonchillb.com/nguoi-bat-tu-victor-vu-f30332.html
X-UA-Compatible: IE=edge,chrome=1
Content-Length: 0
Connection: close
Content-Type: text/html; charset=UTF-8
|
|
| nguonchillb.com/site/site/embed/?url=https://nguonchillb.com/nguoi-bat-tu-victor-vu-f30332.html | 94.242.50.163 | | 723 B |
URL nguonchillb.com/site/site/embed/?url=https://nguonchillb.com/nguoi-bat-tu-victor-vu-f30332.html IP94.242.50.163:0
File typeHTML document, Unicode text, UTF-8 text, with CRLF, LF line terminators Hash7c635b2190f57794de2957a698cf6d95 f15b7e3896c6256355b4f1893f732fa89744079c 88b01710020e0ac94316672a8bedfa3b4eedb384192abededbfaabc39af895d4
GET /site/site/embed/?url=https://nguonchillb.com/nguoi-bat-tu-victor-vu-f30332.html HTTP/1.1
Host: nguonchillb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Cookie: PHPSESSID=dfhq2l5cl64v3rmsmej3uel2t2
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 10 May 2024 16:59:37 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.0.33
X-Powered-By: PHP/7.0.33
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Set-Cookie: us_session_id=P89924; expires=Sat, 11-May-2024 16:59:37 GMT; Max-Age=86400; path=/
Vary: Accept-Encoding
Content-Encoding: gzip
X-UA-Compatible: IE=edge,chrome=1
Content-Length: 723
Connection: close
Content-Type: text/html; charset=UTF-8
|
|
| nguonchillb.com/assets/3bd14e95/jquery.min.js | 94.242.50.163 | 200 OK | 34 kB |
URL GET HTTP/1.1nguonchillb.com/assets/3bd14e95/jquery.min.js IP94.242.50.163:80
Requested byhttp://nguonchillb.com/nguoi-bat-tu-victor-vu-f30332.html
File typeJavaScript source, ASCII text, with very long lines (32077) Hash0fca26b5a37a66d68d0f4406976be4b5 ee000eb654b3bd37185665d3901e93b34ce1aa52 8c2812ded6436715279f8fd8db58de307aa39ab0296fe3cf0e879067c51e9b18
GET /assets/3bd14e95/jquery.min.js HTTP/1.1
Host: nguonchillb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://nguonchillb.com/site/site/embed/?url=https://nguonchillb.com/nguoi-bat-tu-victor-vu-f30332.html
Cookie: PHPSESSID=dfhq2l5cl64v3rmsmej3uel2t2; us_session_id=P89924
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 10 May 2024 16:59:37 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.0.33
Last-Modified: Wed, 30 Nov 2022 09:07:34 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: max-age=31536000, proxy-revalidate
Expires: Sat, 10 May 2025 16:59:37 GMT
Content-Length: 33693
Connection: close
Content-Type: application/javascript; charset=utf-8
|
|
| m3.nguonphim.net/media/images/1/favi/favicon-1498701606.png | 94.242.50.163 | 200 OK | 18 kB |
URL GET HTTP/1.1m3.nguonphim.net/media/images/1/favi/favicon-1498701606.png IP94.242.50.163:80
Requested byhttp://nguonchillb.com/nguoi-bat-tu-victor-vu-f30332.html
File typePNG image data, 46 x 48, 8-bit/color RGBA, non-interlaced Hashe6f4a93efe2d93e885abcbb4cc09cd4a e4f94b9e95b40e30b215228316bb7f8c48d08ed2 93b7bbea433aa41f6efb860d3d9777d363f9e64fc1ad4186cd9ef525bbee9c94
GET /media/images/1/favi/favicon-1498701606.png HTTP/1.1
Host: m3.nguonphim.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://nguonchillb.com/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 10 May 2024 16:59:37 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.0.33
Last-Modified: Wed, 05 Jul 2017 04:14:59 GMT
ETag: "45d1-5538a3e52eb40"
Accept-Ranges: bytes
Content-Length: 17873
Cache-Control: max-age=5184000, public
Expires: Tue, 09 Jul 2024 16:59:37 GMT
Access-Control-Allow-Origin: *
Connection: close
Content-Type: image/png
|
|
| nguonchillb.com/nguoi-bat-tu-victor-vu-f30332.html | 94.242.50.163 | 301 Moved Permanently | 0 B |
URL User Request GET HTTP/1.1nguonchillb.com/nguoi-bat-tu-victor-vu-f30332.html IP94.242.50.163:443
CertificateIssuerLet's Encrypt Subjectnguonchillb.com FingerprintB3:B5:AC:A2:AE:01:F5:95:23:26:F9:C9:95:78:9A:6D:F4:8D:24:44 ValidityTue, 02 Apr 2024 08:48:46 GMT - Mon, 01 Jul 2024 08:48:45 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /nguoi-bat-tu-victor-vu-f30332.html HTTP/1.1
Host: nguonchillb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://nguonchillb.com/
Cookie: PHPSESSID=dfhq2l5cl64v3rmsmej3uel2t2; us_session_id=P89924
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 301 Moved Permanently
Date: Fri, 10 May 2024 16:59:38 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.0.33
X-Powered-By: PHP/7.0.33
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Location: http://nguonchillb.com/nguoi-bat-tu-victor-vu-f30332.html
X-UA-Compatible: IE=edge,chrome=1
Content-Length: 0
Connection: close
Content-Type: text/html; charset=UTF-8
|
|
| nguonchillb.com/nguoi-bat-tu-victor-vu-f30332.html | 94.242.50.163 | 301 Moved Permanently | 17 kB |
URL User Request GET HTTP/1.1nguonchillb.com/nguoi-bat-tu-victor-vu-f30332.html IP94.242.50.163:443
CertificateIssuerLet's Encrypt Subjectnguonchillb.com FingerprintB3:B5:AC:A2:AE:01:F5:95:23:26:F9:C9:95:78:9A:6D:F4:8D:24:44 ValidityTue, 02 Apr 2024 08:48:46 GMT - Mon, 01 Jul 2024 08:48:45 GMT
File typeHTML document, Unicode text, UTF-8 text, with very long lines (492), with CRLF, LF line terminators Hashc43b73195573585e3da4d255c948fb9c f4ec846f5f43b862a505d65c221516448c933c80 deb58b6009b2e00c67bcdbb59b1b7845fb297eef2047c3daba590d2e52f73db1
GET /nguoi-bat-tu-victor-vu-f30332.html HTTP/1.1
Host: nguonchillb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://nguonchillb.com/
DNT: 1
Connection: keep-alive
Cookie: PHPSESSID=dfhq2l5cl64v3rmsmej3uel2t2; us_session_id=P89924
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 10 May 2024 16:59:38 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.0.33
X-Powered-By: PHP/7.0.33
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: Accept-Encoding
Content-Encoding: gzip
X-UA-Compatible: IE=edge,chrome=1
Content-Length: 16760
Connection: close
Content-Type: text/html; charset=UTF-8
|
|
| nguonchillb.com/themes/np/js/owl.carousel.min.js | 94.242.50.163 | 200 OK | 6.5 kB |
URL GET HTTP/1.1nguonchillb.com/themes/np/js/owl.carousel.min.js IP94.242.50.163:80
Requested byhttp://nguonchillb.com/nguoi-bat-tu-victor-vu-f30332.html
File typeJavaScript source, ASCII text, with very long lines (635), with CRLF line terminators Hash8c52f27fcac36c7667f8fb846e1e94d5 e5862559db659ffd530c91452d668c5e7b3f0f2d 6c1e31700f68d1666de6b0992e89d413434707718bf729a472404029845bdbad
GET /themes/np/js/owl.carousel.min.js HTTP/1.1
Host: nguonchillb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://nguonchillb.com/nguoi-bat-tu-victor-vu-f30332.html
Cookie: PHPSESSID=dfhq2l5cl64v3rmsmej3uel2t2; us_session_id=P89924
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 10 May 2024 16:59:38 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.0.33
Last-Modified: Fri, 19 Jan 2018 09:15:03 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: max-age=31536000, proxy-revalidate
Expires: Sat, 10 May 2025 16:59:38 GMT
Content-Length: 6464
Connection: close
Content-Type: application/javascript; charset=utf-8
|
|
| nguonchillb.com/themes/np/js/jquery.nice-select.js | 94.242.50.163 | 200 OK | 1.5 kB |
URL GET HTTP/1.1nguonchillb.com/themes/np/js/jquery.nice-select.js IP94.242.50.163:80
Requested byhttp://nguonchillb.com/nguoi-bat-tu-victor-vu-f30332.html
File typeJavaScript source, Unicode text, UTF-8 text, with CRLF line terminators Hash723e741faba72abfb0e56b6e0f8a73d8 ba71788614e8e11dbeeebdcac9037b57e7a69ce4 39f6514264e1603542b6aa38ba44c3be0aa7bbdef56ed139d74fe75e24e642fa
GET /themes/np/js/jquery.nice-select.js HTTP/1.1
Host: nguonchillb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://nguonchillb.com/nguoi-bat-tu-victor-vu-f30332.html
Cookie: PHPSESSID=dfhq2l5cl64v3rmsmej3uel2t2; us_session_id=P89924
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 10 May 2024 16:59:38 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.0.33
Last-Modified: Fri, 19 Jan 2018 09:15:03 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: max-age=31536000, proxy-revalidate
Expires: Sat, 10 May 2025 16:59:38 GMT
Content-Length: 1538
Connection: close
Content-Type: application/javascript; charset=utf-8
|
|
| nguonchillb.com/themes/np/js/wow.min.js | 94.242.50.163 | 200 OK | 2.7 kB |
URL GET HTTP/1.1nguonchillb.com/themes/np/js/wow.min.js IP94.242.50.163:80
Requested byhttp://nguonchillb.com/nguoi-bat-tu-victor-vu-f30332.html
File typeJavaScript source, ASCII text, with very long lines (8385), with CRLF line terminators Hashe1f1ff6897992a9165e8ce009b4039e3 e297207404fea99863aea60a1dcd3770f8ecddee 37461d9b50fd93b2e6d064c4aa48cbc16d5b1e82c27f47270b87a39225cc00ac
GET /themes/np/js/wow.min.js HTTP/1.1
Host: nguonchillb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://nguonchillb.com/nguoi-bat-tu-victor-vu-f30332.html
Cookie: PHPSESSID=dfhq2l5cl64v3rmsmej3uel2t2; us_session_id=P89924
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 10 May 2024 16:59:38 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.0.33
Last-Modified: Fri, 19 Jan 2018 09:15:03 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: max-age=31536000, proxy-revalidate
Expires: Sat, 10 May 2025 16:59:38 GMT
Content-Length: 2742
Connection: close
Content-Type: application/javascript; charset=utf-8
|
|
| nguonchillb.com/themes/np/js/bootstrap.min.js | 94.242.50.163 | 200 OK | 9.7 kB |
URL GET HTTP/1.1nguonchillb.com/themes/np/js/bootstrap.min.js IP94.242.50.163:80
Requested byhttp://nguonchillb.com/nguoi-bat-tu-victor-vu-f30332.html
File typeJavaScript source, ASCII text, with very long lines (32034), with CRLF line terminators Hashe7d9a06cf9053c51cd4ad3386da0659a e45bf1054704a1fdfc4ee2713a16bf9283dea995 9a3724b2051a82064c923cbd68343dcb04014adac3ccb8c4d8ac6a31ba2e12cd
GET /themes/np/js/bootstrap.min.js HTTP/1.1
Host: nguonchillb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://nguonchillb.com/nguoi-bat-tu-victor-vu-f30332.html
Cookie: PHPSESSID=dfhq2l5cl64v3rmsmej3uel2t2; us_session_id=P89924
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 10 May 2024 16:59:38 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.0.33
Last-Modified: Fri, 19 Jan 2018 09:15:02 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: max-age=31536000, proxy-revalidate
Expires: Sat, 10 May 2025 16:59:38 GMT
Content-Length: 9726
Connection: close
Content-Type: application/javascript; charset=utf-8
|
|
| nguonchillb.com/assets/3bd14e95/jquery.min.js | 94.242.50.163 | 200 OK | 34 kB |
URL GET HTTP/1.1nguonchillb.com/assets/3bd14e95/jquery.min.js IP94.242.50.163:80
Requested byhttp://nguonchillb.com/nguoi-bat-tu-victor-vu-f30332.html
File typeJavaScript source, ASCII text, with very long lines (32077) Hash0fca26b5a37a66d68d0f4406976be4b5 ee000eb654b3bd37185665d3901e93b34ce1aa52 8c2812ded6436715279f8fd8db58de307aa39ab0296fe3cf0e879067c51e9b18
GET /assets/3bd14e95/jquery.min.js HTTP/1.1
Host: nguonchillb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://nguonchillb.com/nguoi-bat-tu-victor-vu-f30332.html
Cookie: PHPSESSID=dfhq2l5cl64v3rmsmej3uel2t2; us_session_id=P89924
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 10 May 2024 16:59:38 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.0.33
Last-Modified: Wed, 30 Nov 2022 09:07:34 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: max-age=31536000, proxy-revalidate
Expires: Sat, 10 May 2025 16:59:38 GMT
Content-Length: 33693
Connection: close
Content-Type: application/javascript; charset=utf-8
|
|
| nguonchillb.com/themes/np/js/jquery.showmore.src.js | 94.242.50.163 | 200 OK | 434 B |
URL GET HTTP/1.1nguonchillb.com/themes/np/js/jquery.showmore.src.js IP94.242.50.163:80
Requested byhttp://nguonchillb.com/nguoi-bat-tu-victor-vu-f30332.html
File typeJavaScript source, ASCII text, with very long lines (432) Hashf67d16dc855157012280d1b8d2d0ac55 4eaa66120111bb8cb4c21884c647bf609ef3a7a5 89a7b91f92a0583bcfabc3dc0347bfb78822ebe75d229fb766ae2fdc6e7e0d28
GET /themes/np/js/jquery.showmore.src.js HTTP/1.1
Host: nguonchillb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://nguonchillb.com/nguoi-bat-tu-victor-vu-f30332.html
Cookie: PHPSESSID=dfhq2l5cl64v3rmsmej3uel2t2; us_session_id=P89924
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 10 May 2024 16:59:38 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.0.33
Last-Modified: Fri, 19 Jan 2018 09:15:03 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: max-age=31536000, proxy-revalidate
Expires: Sat, 10 May 2025 16:59:38 GMT
Content-Length: 434
Connection: close
Content-Type: application/javascript; charset=utf-8
|
|
| nguonchillb.com/themes/np/js/jquery.magnific-popup.min.js | 94.242.50.163 | 200 OK | 7.3 kB |
URL GET HTTP/1.1nguonchillb.com/themes/np/js/jquery.magnific-popup.min.js IP94.242.50.163:80
Requested byhttp://nguonchillb.com/nguoi-bat-tu-victor-vu-f30332.html
File typeJavaScript source, ASCII text, with very long lines (20087), with CRLF line terminators Hashb37d7edf99565d3858eaa1ad80df3cff 786a4343711e9af5e5dfcc493e7d2331b48875bb b0a45cd5aed66e27bd8ee861d0e3b782c8e79849bde32f90f078b9f2451a36f2
GET /themes/np/js/jquery.magnific-popup.min.js HTTP/1.1
Host: nguonchillb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://nguonchillb.com/nguoi-bat-tu-victor-vu-f30332.html
Cookie: PHPSESSID=dfhq2l5cl64v3rmsmej3uel2t2; us_session_id=P89924
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 10 May 2024 16:59:39 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.0.33
Last-Modified: Fri, 19 Jan 2018 09:15:03 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: max-age=31536000, proxy-revalidate
Expires: Sat, 10 May 2025 16:59:39 GMT
Content-Length: 7346
Connection: close
Content-Type: application/javascript; charset=utf-8
|
|
| nguonchillb.com/themes/np/css/color.css?v=np2.4.8.2 | 94.242.50.163 | 200 OK | 80 kB |
URL GET HTTP/1.1nguonchillb.com/themes/np/css/color.css?v=np2.4.8.2 IP94.242.50.163:80
Requested byhttp://nguonchillb.com/nguoi-bat-tu-victor-vu-f30332.html
File typeUnicode text, UTF-8 (with BOM) text, with very long lines (65533), with no line terminators Hash9ccfae82c1f9be3cf7c148a39228f53c 9abd7857d28f34c5007b11ee53d2818482775163 d962cf8c297e2b013c20dadac3f99d1af50957de8e1d1de8b4ea960fbd6fd7b6
GET /themes/np/css/color.css?v=np2.4.8.2 HTTP/1.1
Host: nguonchillb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://nguonchillb.com/nguoi-bat-tu-victor-vu-f30332.html
Cookie: PHPSESSID=dfhq2l5cl64v3rmsmej3uel2t2; us_session_id=P89924
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 10 May 2024 16:59:38 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.0.33
Last-Modified: Wed, 30 Nov 2022 08:58:35 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: max-age=31536000, proxy-revalidate
Expires: Sat, 10 May 2025 16:59:38 GMT
Connection: close
Transfer-Encoding: chunked
Content-Type: text/css; charset=utf-8
|
|
| nguonchillb.com/js/main.min.js?v=2.4.8.2 | 94.242.50.163 | 200 OK | 5.6 kB |
URL GET HTTP/1.1nguonchillb.com/js/main.min.js?v=2.4.8.2 IP94.242.50.163:80
Requested byhttp://nguonchillb.com/nguoi-bat-tu-victor-vu-f30332.html
File typeJavaScript source, Unicode text, UTF-8 text, with very long lines (17159) Hash2f3514d630f0195787c0f99778202f3c 2ce2883a59c655b8e02d644a1449fcdfdf604486 23b47b8eb144a359fdd87940db44e0420e7e0062f3cbba762e0e22c35afb3749
GET /js/main.min.js?v=2.4.8.2 HTTP/1.1
Host: nguonchillb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://nguonchillb.com/nguoi-bat-tu-victor-vu-f30332.html
Cookie: PHPSESSID=dfhq2l5cl64v3rmsmej3uel2t2; us_session_id=P89924
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 10 May 2024 16:59:39 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.0.33
Last-Modified: Sat, 02 May 2020 19:55:57 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: max-age=31536000, proxy-revalidate
Expires: Sat, 10 May 2025 16:59:39 GMT
Content-Length: 5620
Connection: close
Content-Type: application/javascript; charset=utf-8
|
|
| nguonchillb.com/images/headshot-placeholder.png | 94.242.50.163 | 200 OK | 3.4 kB |
URL GET HTTP/1.1nguonchillb.com/images/headshot-placeholder.png IP94.242.50.163:80
Requested byhttp://nguonchillb.com/nguoi-bat-tu-victor-vu-f30332.html
File typePNG image data, 252 x 345, 8-bit/color RGB, non-interlaced Hash25fa9ab09a307f1332ebaf0e5b59e033 060f94c03f4f1d34cc99de9f86f335a5a2abaaed e721eaf6440c791758ba62c1dc1e5dc2be909264b658afd34b6cc3ca3de9287d
GET /images/headshot-placeholder.png HTTP/1.1
Host: nguonchillb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://nguonchillb.com/nguoi-bat-tu-victor-vu-f30332.html
Cookie: PHPSESSID=dfhq2l5cl64v3rmsmej3uel2t2; us_session_id=P89924
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 10 May 2024 16:59:39 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.0.33
Last-Modified: Thu, 04 Jan 2018 07:48:49 GMT
Accept-Ranges: bytes
Content-Length: 3412
Cache-Control: max-age=2592000, public
Expires: Sun, 09 Jun 2024 16:59:39 GMT
Connection: close
Content-Type: image/png
|
|
| m3.nguonphim.net/media/images/4/logo.png | 94.242.50.163 | 200 OK | 16 kB |
URL GET HTTP/1.1m3.nguonphim.net/media/images/4/logo.png IP94.242.50.163:80
Requested byhttp://nguonchillb.com/nguoi-bat-tu-victor-vu-f30332.html
File typePNG image data, 280 x 94, 8-bit/color RGBA, non-interlaced Hash6e12d870d9aebf2230f92a6fb0abf91e f84aa519902c97d5581e123a977a964b107b5b39 de47df21115fcf985a37917e6681dc8648566a7807769e414f52a59f3033ee5a
GET /media/images/4/logo.png HTTP/1.1
Host: m3.nguonphim.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://nguonchillb.com/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 10 May 2024 16:59:39 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.0.33
Last-Modified: Thu, 04 May 2023 04:11:49 GMT
ETag: "3d50-5fad65f19af8d"
Accept-Ranges: bytes
Content-Length: 15696
Cache-Control: max-age=5184000, public
Expires: Tue, 09 Jul 2024 16:59:39 GMT
Access-Control-Allow-Origin: *
Connection: close
Content-Type: image/png
|
|
| m3.nguonhay.com/media/images/film/vp/s350_700/cau-chuyen-bat-diet-1589907409.jpg | 94.242.50.163 | 200 OK | 49 kB |
URL GET HTTP/1.1m3.nguonhay.com/media/images/film/vp/s350_700/cau-chuyen-bat-diet-1589907409.jpg IP94.242.50.163:80
Requested byhttp://nguonchillb.com/nguoi-bat-tu-victor-vu-f30332.html
File typeJPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, progressive, precision 8, 320x453, components 3 Hash72ad26d862596ec0619bb8c18311afd5 29d7c2ae583d495cc171de9a4b045a36a5dad7de 11fcb7003889da31f7338f83b4284cfe3513ea5bf3ea6145ad4093245eba979d
GET /media/images/film/vp/s350_700/cau-chuyen-bat-diet-1589907409.jpg HTTP/1.1
Host: m3.nguonhay.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://nguonchillb.com/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 10 May 2024 16:59:39 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.0.33
Last-Modified: Thu, 11 Jun 2020 15:57:17 GMT
ETag: "bde4-5a7d103d3328b"
Accept-Ranges: bytes
Content-Length: 48612
Cache-Control: max-age=5184000, public
Expires: Tue, 09 Jul 2024 16:59:39 GMT
Access-Control-Allow-Origin: *
Connection: close
Content-Type: image/jpeg
|
|
| m3.nguonhay.com/media/images/film/blp/s350_700/kiem-tien-o-day-1656932591.jpg | 94.242.50.163 | 200 OK | 93 kB |
URL GET HTTP/1.1m3.nguonhay.com/media/images/film/blp/s350_700/kiem-tien-o-day-1656932591.jpg IP94.242.50.163:80
Requested byhttp://nguonchillb.com/nguoi-bat-tu-victor-vu-f30332.html
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 350x469, components 3 Hashfc6319faf0707c540713c92495da2eaa 0f464a75db0c6d9709ebcfc080ecd2b7b5fae105 a9767be9a9321b4a57e623eccbfee7208c9c5015377ec7871c2c27ec16f802ed
GET /media/images/film/blp/s350_700/kiem-tien-o-day-1656932591.jpg HTTP/1.1
Host: m3.nguonhay.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://nguonchillb.com/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 10 May 2024 16:59:39 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.0.33
Last-Modified: Mon, 04 Jul 2022 11:05:00 GMT
ETag: "16ca0-5e2f8b5063c78"
Accept-Ranges: bytes
Content-Length: 93344
Cache-Control: max-age=5184000, public
Expires: Tue, 09 Jul 2024 16:59:39 GMT
Access-Control-Allow-Origin: *
Connection: close
Content-Type: image/jpeg
|
|
| m3.nguonhay.com/media/images/film/pbhorg/s350_700/bat-thuong-tai-truong-phep-thuat-co-gai-trieu-hoi-nhung-vi-sao-1558017118.jpg | 94.242.50.163 | 200 OK | 42 kB |
URL GET HTTP/1.1m3.nguonhay.com/media/images/film/pbhorg/s350_700/bat-thuong-tai-truong-phep-thuat-co-gai-trieu-hoi-nhung-vi-sao-1558017118.jpg IP94.242.50.163:80
Requested byhttp://nguonchillb.com/nguoi-bat-tu-victor-vu-f30332.html
File typeJPEG image data, JFIF standard 1.01, resolution (DPI), density 150x150, segment length 16, progressive, precision 8, 260x369, components 3 Hashfb0aae247822a382710ce1c347d3c4bd 91f2bf62ff5b327cca83227fe8244d6ff0a5dfe0 48a74c7f21779dba1d4babe239addd6731d9c9c0cd49773a6b36dcf2531d919b
GET /media/images/film/pbhorg/s350_700/bat-thuong-tai-truong-phep-thuat-co-gai-trieu-hoi-nhung-vi-sao-1558017118.jpg HTTP/1.1
Host: m3.nguonhay.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://nguonchillb.com/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 10 May 2024 16:59:39 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.0.33
Last-Modified: Thu, 11 Jun 2020 13:49:42 GMT
ETag: "a250-5a7cf3b8d1ef6"
Accept-Ranges: bytes
Content-Length: 41552
Cache-Control: max-age=5184000, public
Expires: Tue, 09 Jul 2024 16:59:39 GMT
Access-Control-Allow-Origin: *
Connection: close
Content-Type: image/jpeg
|
|
| www.googletagmanager.com/gtag/js?id=UA-228470674-1 | 142.250.74.168 | 200 OK | 75 kB |
URL GET HTTP/2www.googletagmanager.com/gtag/js?id=UA-228470674-1 IP142.250.74.168:443
Requested byhttp://nguonchillb.com/nguoi-bat-tu-victor-vu-f30332.html CertificateIssuerGoogle Trust Services LLC Subject*.google-analytics.com Fingerprint93:6B:D2:9D:92:BE:2D:D8:02:67:82:83:5E:EF:A3:F9:13:F3:26:AE ValidityTue, 16 Apr 2024 03:18:45 GMT - Tue, 09 Jul 2024 03:18:44 GMT
File typeJavaScript source, ASCII text, with very long lines (4179) Hash7539f6543f6654980081cc997b22fe64 5d6274dda43305bee3dfde4bc58fd348fe1e32f2 6b78695d476ab935ba035937f9f9f2ecaa74c48353acff9b409802a3b7129cd9
GET /gtag/js?id=UA-228470674-1 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://nguonchillb.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Fri, 10 May 2024 16:59:39 GMT
expires: Fri, 10 May 2024 16:59:39 GMT
cache-control: private, max-age=900
last-modified: Fri, 10 May 2024 15:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 75050
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| m3.nguonhay.com/media/images/film/bio/s350_700/chim-boi-ca-1665899828.jpg | 94.242.50.163 | 200 OK | 87 kB |
URL GET HTTP/1.1m3.nguonhay.com/media/images/film/bio/s350_700/chim-boi-ca-1665899828.jpg IP94.242.50.163:80
Requested byhttp://nguonchillb.com/nguoi-bat-tu-victor-vu-f30332.html
File typeJPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, progressive, precision 8, 350x438, components 3 Hashcdb099f8426bd971ac65260f52a7c035 549e05f3215272e4a12832eaf94504d694383bec e46c8ded7ae8965e2881e946441d5a65cfb6937e9f97d1351c70658c5818ba88
GET /media/images/film/bio/s350_700/chim-boi-ca-1665899828.jpg HTTP/1.1
Host: m3.nguonhay.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://nguonchillb.com/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 10 May 2024 16:59:39 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.0.33
Last-Modified: Mon, 24 Oct 2022 16:27:41 GMT
ETag: "15256-5ebca453fbe31"
Accept-Ranges: bytes
Content-Length: 86614
Cache-Control: max-age=5184000, public
Expires: Tue, 09 Jul 2024 16:59:39 GMT
Access-Control-Allow-Origin: *
Connection: close
Content-Type: image/jpeg
|
|
| m3.nguonhay.com/media/images/film/hup/s350_700/nhat-ky-thuong-ngay-cua-tien-vuong-phan-2-1636885500.jpg | 94.242.50.163 | 200 OK | 64 kB |
URL GET HTTP/1.1m3.nguonhay.com/media/images/film/hup/s350_700/nhat-ky-thuong-ngay-cua-tien-vuong-phan-2-1636885500.jpg IP94.242.50.163:80
Requested byhttp://nguonchillb.com/nguoi-bat-tu-victor-vu-f30332.html
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 350x467, components 3 Hashcb8fdab32093fbea2c42a7886cd8bf9f 87a03e6a8dd6a497b9ab8f647f040e8ca8750830 17ac62b6062b10d9d3602173fee521187996a41a49e183f5e8535f2dfecd1538
GET /media/images/film/hup/s350_700/nhat-ky-thuong-ngay-cua-tien-vuong-phan-2-1636885500.jpg HTTP/1.1
Host: m3.nguonhay.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://nguonchillb.com/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 10 May 2024 16:59:39 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.0.33
Last-Modified: Sun, 14 Nov 2021 10:25:08 GMT
ETag: "faa1-5d0bd1b44debd"
Accept-Ranges: bytes
Content-Length: 64161
Cache-Control: max-age=5184000, public
Expires: Tue, 09 Jul 2024 16:59:39 GMT
Access-Control-Allow-Origin: *
Connection: close
Content-Type: image/jpeg
|
|
| m3.nguonhay.com/media/images/film/blp/s350_700/tram-vun-huong-phai-phan-2-tram-huong-trong-hoa-1660892621.jpg | 94.242.50.163 | 200 OK | 65 kB |
URL GET HTTP/1.1m3.nguonhay.com/media/images/film/blp/s350_700/tram-vun-huong-phai-phan-2-tram-huong-trong-hoa-1660892621.jpg IP94.242.50.163:80
Requested byhttp://nguonchillb.com/nguoi-bat-tu-victor-vu-f30332.html
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 350x622, components 3 Hashfe90e27d6c660aa52de8f8d6b7a831db 6d801affea154c7107f1aeb95d7802881f23808d 216926a5e72c5011fb9b4373553bb0adfcf88a7451316333b06b7e94ba9df7bd
GET /media/images/film/blp/s350_700/tram-vun-huong-phai-phan-2-tram-huong-trong-hoa-1660892621.jpg HTTP/1.1
Host: m3.nguonhay.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://nguonchillb.com/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 10 May 2024 16:59:39 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.0.33
Last-Modified: Fri, 19 Aug 2022 07:03:58 GMT
ETag: "ff89-5e692b3bddc96"
Accept-Ranges: bytes
Content-Length: 65417
Cache-Control: max-age=5184000, public
Expires: Tue, 09 Jul 2024 16:59:39 GMT
Access-Control-Allow-Origin: *
Connection: close
Content-Type: image/jpeg
|
|
| nguontv.com/media/vn02.jpg | 94.242.50.163 | 200 OK | 52 kB |
URL GET HTTP/1.1nguontv.com/media/vn02.jpg IP94.242.50.163:80
Requested byhttp://nguonchillb.com/nguoi-bat-tu-victor-vu-f30332.html
File typeJPEG image data, progressive, precision 8, 400x300, components 3 Hashdfa57a5b5804336f78b1fc7ab5d0346d 832189153c9a5f23293da826eed7867e7e3836f4 b1c09b4d08344c3d7c5367f0c821bda7195ddd7a8c169febb04f9960142c5517
GET /media/vn02.jpg HTTP/1.1
Host: nguontv.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://nguonchillb.com/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 10 May 2024 16:59:39 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.0.33
Last-Modified: Tue, 02 Jan 2024 07:37:13 GMT
Accept-Ranges: bytes
Content-Length: 51852
Cache-Control: max-age=2592000
Expires: Sun, 09 Jun 2024 16:59:39 GMT
Connection: close
Content-Type: image/jpeg
|
|
| fonts.googleapis.com/css?family=Open+Sans:300,300i,400,400i,600,600i,700,700i,800,800i|Roboto:100,100i,300,300i,400,400i,500,500i,700,700i,900,900i&subset=latin-ext,vietnamese | 142.250.74.106 | 200 OK | 92 kB |
URL GET HTTP/3fonts.googleapis.com/css?family=Open+Sans:300,300i,400,400i,600,600i,700,700i,800,800i|Roboto:100,100i,300,300i,400,400i,500,500i,700,700i,900,900i&subset=latin-ext,vietnamese IP142.250.74.106:443
Requested byhttp://nguonchillb.com/nguoi-bat-tu-victor-vu-f30332.html CertificateIssuerGoogle Trust Services LLC Subjectupload.video.google.com Fingerprint36:49:20:36:0C:4D:DA:55:65:64:23:0F:49:3E:FA:78:87:35:A3:79 ValidityTue, 16 Apr 2024 04:17:12 GMT - Tue, 09 Jul 2024 04:17:11 GMT
File typegzip compressed data, max compression Hashdae639867cd6d1d3f1eed3e88a3f5436 4456ba97884e185670ed2c35a939aaff7e3c3215 1c6eebd10c3b6cacec33cf0d28e9d7e65ba87474ed77aad1765a4ab23ccf863c
GET /css?family=Open+Sans:300,300i,400,400i,600,600i,700,700i,800,800i|Roboto:100,100i,300,300i,400,400i,500,500i,700,700i,900,900i&subset=latin-ext,vietnamese HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://nguonchillb.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Fri, 10 May 2024 16:59:39 GMT
date: Fri, 10 May 2024 16:59:39 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| m3.nguonhay.com/media/images/film/ff/s350_700/the-gioi-hoan-my-1619204356.jpg | 94.242.50.163 | 200 OK | 45 kB |
URL GET HTTP/1.1m3.nguonhay.com/media/images/film/ff/s350_700/the-gioi-hoan-my-1619204356.jpg IP94.242.50.163:80
Requested byhttp://nguonchillb.com/nguoi-bat-tu-victor-vu-f30332.html
File typeJPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, progressive, precision 8, 238x344, components 3 Hash5e060cae43f33fc6ee9baa645c696f8e 9ac7805332b99d6e27afff6d96d47d72a0369fc8 ed17139b51f4cb501cfa17c692cc257437127fa92980851547df75f6402f13c0
GET /media/images/film/ff/s350_700/the-gioi-hoan-my-1619204356.jpg HTTP/1.1
Host: m3.nguonhay.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://nguonchillb.com/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 10 May 2024 16:59:39 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.0.33
Last-Modified: Fri, 23 Apr 2021 18:59:22 GMT
ETag: "af7d-5c0a864d52e4d"
Accept-Ranges: bytes
Content-Length: 44925
Cache-Control: max-age=5184000, public
Expires: Tue, 09 Jul 2024 16:59:39 GMT
Access-Control-Allow-Origin: *
Connection: close
Content-Type: image/jpeg
|
|
| m3.nguonhay.com/media/images/film/pol/s350_700/vo-than-chua-te-1583765005.jpg | 94.242.50.163 | 200 OK | 70 kB |
URL GET HTTP/1.1m3.nguonhay.com/media/images/film/pol/s350_700/vo-than-chua-te-1583765005.jpg IP94.242.50.163:80
Requested byhttp://nguonchillb.com/nguoi-bat-tu-victor-vu-f30332.html
File typeJPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, progressive, precision 8, 300x426, components 3 Hashfabd25bf58c53cf84b93d09b16a5dab1 44d008211bf7a481cb35b3187b825f54e7c9631c 06138ff6cdd143a248a3b31bbcb4e88ee295c0d11a987a60b9f0c4043fee79e0
GET /media/images/film/pol/s350_700/vo-than-chua-te-1583765005.jpg HTTP/1.1
Host: m3.nguonhay.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://nguonchillb.com/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 10 May 2024 16:59:39 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.0.33
Last-Modified: Fri, 12 Jun 2020 07:03:11 GMT
ETag: "112e1-5a7ddab8b8f40"
Accept-Ranges: bytes
Content-Length: 70369
Cache-Control: max-age=5184000, public
Expires: Tue, 09 Jul 2024 16:59:39 GMT
Access-Control-Allow-Origin: *
Connection: close
Content-Type: image/jpeg
|
|
| m3.nguonhay.com/media/images/film/bio/s350_700/han-chi-chiet-bat-doan-1697090631.jpg | 94.242.50.163 | 200 OK | 37 kB |
URL GET HTTP/1.1m3.nguonhay.com/media/images/film/bio/s350_700/han-chi-chiet-bat-doan-1697090631.jpg IP94.242.50.163:80
Requested byhttp://nguonchillb.com/nguoi-bat-tu-victor-vu-f30332.html
File typeJPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 300x422, components 3 Hash0ed5912e743fcbf82e81cabf85ce2919 3f45d6a55ce87a6be7bc378f0d6860269ee1ae30 845eef65fbbfd083632b4ce62d88adbb380195e346d630bf1a25123535fe0bca
GET /media/images/film/bio/s350_700/han-chi-chiet-bat-doan-1697090631.jpg HTTP/1.1
Host: m3.nguonhay.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://nguonchillb.com/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 10 May 2024 16:59:39 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.0.33
Last-Modified: Thu, 12 Oct 2023 16:56:30 GMT
ETag: "90c0-60787d2465e51"
Accept-Ranges: bytes
Content-Length: 37056
Cache-Control: max-age=5184000, public
Expires: Tue, 09 Jul 2024 16:59:39 GMT
Access-Control-Allow-Origin: *
Connection: close
Content-Type: image/jpeg
|
|
| m3.nguonhay.com/media/images/film/oph/s350_700/than-an-1702296699.jpg | 94.242.50.163 | 200 OK | 77 kB |
URL GET HTTP/1.1m3.nguonhay.com/media/images/film/oph/s350_700/than-an-1702296699.jpg IP94.242.50.163:80
Requested byhttp://nguonchillb.com/nguoi-bat-tu-victor-vu-f30332.html
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 350x525, components 3 Hash4fcb7834354d7b33680caef4b7bc0691 f086ad4b4f56479416394491cdc93f67ecd5ced6 8b49e2fbfa82ed66c34125750efa5baff513371e0f85cccfd0dee1f658d593e6
GET /media/images/film/oph/s350_700/than-an-1702296699.jpg HTTP/1.1
Host: m3.nguonhay.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://nguonchillb.com/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 10 May 2024 16:59:39 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.0.33
Last-Modified: Mon, 11 Dec 2023 12:56:36 GMT
ETag: "12bcc-60c3b76cfbe19"
Accept-Ranges: bytes
Content-Length: 76748
Cache-Control: max-age=5184000, public
Expires: Tue, 09 Jul 2024 16:59:39 GMT
Access-Control-Allow-Origin: *
Connection: close
Content-Type: image/jpeg
|
|
| m3.nguonhay.com/media/images/qrcode/30332.png | 94.242.50.163 | 200 OK | 593 B |
URL GET HTTP/1.1m3.nguonhay.com/media/images/qrcode/30332.png IP94.242.50.163:80
Requested byhttp://nguonchillb.com/nguoi-bat-tu-victor-vu-f30332.html
File typePNG image data, 390 x 390, 1-bit colormap, non-interlaced Hashc14ab412c14334d30d2183e63a74a977 7ef072df982290c968581df825b1ac0a96698311 c99e40723c83389374dad89a9079aa7a32dce87363b782b9e32ffefce90f9335
GET /media/images/qrcode/30332.png HTTP/1.1
Host: m3.nguonhay.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://nguonchillb.com/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 10 May 2024 16:59:39 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.0.33
Last-Modified: Mon, 29 Mar 2021 08:51:13 GMT
ETag: "251-5bea8fbe5d8fe"
Accept-Ranges: bytes
Content-Length: 593
Cache-Control: max-age=5184000, public
Expires: Tue, 09 Jul 2024 16:59:39 GMT
Access-Control-Allow-Origin: *
Connection: close
Content-Type: image/png
|
|
| m3.nguonhay.com/media/images/film/newcover/2017/11/s350_700/3-1511142281.jpg | 94.242.50.163 | 200 OK | 49 kB |
URL GET HTTP/1.1m3.nguonhay.com/media/images/film/newcover/2017/11/s350_700/3-1511142281.jpg IP94.242.50.163:80
Requested byhttp://nguonchillb.com/nguoi-bat-tu-victor-vu-f30332.html
File typeJPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, progressive, precision 8, 350x490, components 3 Hash37e2ce269e393403a4dcc075d897fe93 32a46d7e25e9846721d44e005e63143762764b80 c0a355be3765a4be1c0f6eafa2adde5d82c34a311c6b26441a047405203857c6
GET /media/images/film/newcover/2017/11/s350_700/3-1511142281.jpg HTTP/1.1
Host: m3.nguonhay.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://nguonchillb.com/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 10 May 2024 16:59:39 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.0.33
Last-Modified: Thu, 11 Jun 2020 15:57:18 GMT
ETag: "bff7-5a7d103d8e778"
Accept-Ranges: bytes
Content-Length: 49143
Cache-Control: max-age=5184000, public
Expires: Tue, 09 Jul 2024 16:59:39 GMT
Access-Control-Allow-Origin: *
Connection: close
Content-Type: image/jpeg
|
|
| m3.nguonhay.com/media/images/film/newcover/2021/6/s350_700/vua-hai-tac-1624252456.jpg | 94.242.50.163 | 200 OK | 102 kB |
URL GET HTTP/1.1m3.nguonhay.com/media/images/film/newcover/2021/6/s350_700/vua-hai-tac-1624252456.jpg IP94.242.50.163:80
Requested byhttp://nguonchillb.com/nguoi-bat-tu-victor-vu-f30332.html
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 350x525, components 3 Size102 kB (102471 bytes) Hashf3b3235be303bcdd8806ee587f879d0a c5cfc2f2b686184a9bb5d8495268fb62e685d17c f365d987c622865d1bac410f3814dabce383d1dd2d961f00aafaf256b251c42e
GET /media/images/film/newcover/2021/6/s350_700/vua-hai-tac-1624252456.jpg HTTP/1.1
Host: m3.nguonhay.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://nguonchillb.com/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 10 May 2024 16:59:39 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.0.33
Last-Modified: Mon, 21 Jun 2021 05:14:17 GMT
ETag: "19047-5c53fbebf16b6"
Accept-Ranges: bytes
Content-Length: 102471
Cache-Control: max-age=5184000, public
Expires: Tue, 09 Jul 2024 16:59:39 GMT
Access-Control-Allow-Origin: *
Connection: close
Content-Type: image/jpeg
|
|
| m3.nguonhay.com/media/images/film/newcover/2019/6/s350_700/nguoi-bat-tu-victor-vu-1561052935.jpg | 94.242.50.163 | 200 OK | 51 kB |
URL GET HTTP/1.1m3.nguonhay.com/media/images/film/newcover/2019/6/s350_700/nguoi-bat-tu-victor-vu-1561052935.jpg IP94.242.50.163:80
Requested byhttp://nguonchillb.com/nguoi-bat-tu-victor-vu-f30332.html
File typeJPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, progressive, precision 8, 350x495, components 3 Hash85e020808be0ae33641a60328c766594 3255cf17703f75e8d7daa4ae6cc69f190a03be70 17e277a7f889e147fd502c3a73bcea043ac863ff2cf6fbb4b210dfce5d376f16
GET /media/images/film/newcover/2019/6/s350_700/nguoi-bat-tu-victor-vu-1561052935.jpg HTTP/1.1
Host: m3.nguonhay.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://nguonchillb.com/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 10 May 2024 16:59:39 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.0.33
Last-Modified: Thu, 11 Jun 2020 15:56:41 GMT
ETag: "c809-5a7d101acf496"
Accept-Ranges: bytes
Content-Length: 51209
Cache-Control: max-age=5184000, public
Expires: Tue, 09 Jul 2024 16:59:39 GMT
Access-Control-Allow-Origin: *
Connection: close
Content-Type: image/jpeg
|
|
| nguonchillb.com/themes/np/images/icon-search-menu.png | 94.242.50.163 | 200 OK | 1.2 kB |
URL GET HTTP/1.1nguonchillb.com/themes/np/images/icon-search-menu.png IP94.242.50.163:80
Requested byhttp://nguonchillb.com/nguoi-bat-tu-victor-vu-f30332.html
File typePNG image data, 19 x 19, 8-bit/color RGBA, non-interlaced Hashe573652e7d75f6471431e9fd48ca706c ef9de78ae35eb6d6f3e04744612c7bed87c3a5ee 49cd4ed8ef5f3b960bdb9a9024f1b4a83b96e39425a339fd1afc2486709c432b
GET /themes/np/images/icon-search-menu.png HTTP/1.1
Host: nguonchillb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://nguonchillb.com/themes/np/css/color.css?v=np2.4.8.2
Cookie: PHPSESSID=dfhq2l5cl64v3rmsmej3uel2t2; us_session_id=P89924
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 10 May 2024 16:59:39 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.0.33
Last-Modified: Fri, 19 Jan 2018 09:15:00 GMT
Accept-Ranges: bytes
Content-Length: 1229
Cache-Control: max-age=2592000, public
Expires: Sun, 09 Jun 2024 16:59:39 GMT
Connection: close
Content-Type: image/png
|
|
| m3.nguonhay.com/media/images/film/pbhorg/s350_700/tham-tu-lung-danh-conan-1557326913.jpg | 94.242.50.163 | 200 OK | 45 kB |
URL GET HTTP/1.1m3.nguonhay.com/media/images/film/pbhorg/s350_700/tham-tu-lung-danh-conan-1557326913.jpg IP94.242.50.163:80
Requested byhttp://nguonchillb.com/nguoi-bat-tu-victor-vu-f30332.html
File typeJPEG image data, JFIF standard 1.01, resolution (DPI), density 150x150, segment length 16, progressive, precision 8, 260x347, components 3 Hash8ced08e7b62efe23bea01168c9399c72 7c66826892ff32a7c3f9e789be97aace77880406 535aa00d31dc786d285b6fbcd9f6c3c75ea41f32dafbe6d0b3c55a62302e6e82
GET /media/images/film/pbhorg/s350_700/tham-tu-lung-danh-conan-1557326913.jpg HTTP/1.1
Host: m3.nguonhay.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://nguonchillb.com/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 10 May 2024 16:59:39 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.0.33
Last-Modified: Thu, 11 Jun 2020 16:52:59 GMT
ETag: "b15a-5a7d1cafed8c3"
Accept-Ranges: bytes
Content-Length: 45402
Cache-Control: max-age=5184000, public
Expires: Tue, 09 Jul 2024 16:59:39 GMT
Access-Control-Allow-Origin: *
Connection: close
Content-Type: image/jpeg
|
|
| fonts.googleapis.com/css?family=Montserrat:100,100i,200,200i,300,300i,400,400i,500,500i,600,600i,700,700i,800,800i,900,900i | 142.250.74.106 | 200 OK | 78 kB |
URL GET HTTP/3fonts.googleapis.com/css?family=Montserrat:100,100i,200,200i,300,300i,400,400i,500,500i,600,600i,700,700i,800,800i,900,900i IP142.250.74.106:443
Requested byhttp://nguonchillb.com/nguoi-bat-tu-victor-vu-f30332.html CertificateIssuerGoogle Trust Services LLC Subjectupload.video.google.com Fingerprint36:49:20:36:0C:4D:DA:55:65:64:23:0F:49:3E:FA:78:87:35:A3:79 ValidityTue, 16 Apr 2024 04:17:12 GMT - Tue, 09 Jul 2024 04:17:11 GMT
File typegzip compressed data, max compression Hashfec61307c7814b015d494dc5d986ece6 12967a0675752aa5751e50b79c597fccb80a2ceb be1e808b36a0e5ee666af92685c83c87cb1a4fadff1ed80ee503f95599412d85
GET /css?family=Montserrat:100,100i,200,200i,300,300i,400,400i,500,500i,600,600i,700,700i,800,800i,900,900i HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://nguonchillb.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Fri, 10 May 2024 16:59:39 GMT
date: Fri, 10 May 2024 16:59:39 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| m3.nguonhay.com/media/images/film/hup/s350_700/gui-em-nguoi-con-gai-bat-tu-1618310194.jpg | 94.242.50.163 | 200 OK | 74 kB |
URL GET HTTP/1.1m3.nguonhay.com/media/images/film/hup/s350_700/gui-em-nguoi-con-gai-bat-tu-1618310194.jpg IP94.242.50.163:80
Requested byhttp://nguonchillb.com/nguoi-bat-tu-victor-vu-f30332.html
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 350x550, components 3 Hashccadd73db0117436333b5ff96d558723 ed47058a53fc11c44936771f21491a8e8ce60756 9f2bb055b03241a152dd7beb3aaa30f0364e359c213f114b6638d19cd9523740
GET /media/images/film/hup/s350_700/gui-em-nguoi-con-gai-bat-tu-1618310194.jpg HTTP/1.1
Host: m3.nguonhay.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://nguonchillb.com/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 10 May 2024 16:59:39 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.0.33
Last-Modified: Tue, 13 Apr 2021 10:36:37 GMT
ETag: "12114-5bfd8346e2ca6"
Accept-Ranges: bytes
Content-Length: 74004
Cache-Control: max-age=5184000, public
Expires: Tue, 09 Jul 2024 16:59:39 GMT
Access-Control-Allow-Origin: *
Connection: close
Content-Type: image/jpeg
|
|
| chokedsmelt.com/5b/28/bb/5b28bb3338748187b2166508de2d96b3.js | 172.240.108.84 | 200 OK | 16 kB |
URL GET HTTP/1.1chokedsmelt.com/5b/28/bb/5b28bb3338748187b2166508de2d96b3.js IP172.240.108.84:80
Requested byhttp://nguonchillb.com/nguoi-bat-tu-victor-vu-f30332.html
File typeJavaScript source, ASCII text, with very long lines (44069), with no line terminators Hash1c7bfef26a2b45b5211eb4d54b7cac81 7e4080b8f8590c6cd08bb0f3ae4132710f447dee dbc022b99f7e69dcecf8dcfcdcf0ae0e72907be936993cceeb88e997158b3770
GET /5b/28/bb/5b28bb3338748187b2166508de2d96b3.js HTTP/1.1
Host: chokedsmelt.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://nguonchillb.com/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Fri, 10 May 2024 16:59:39 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: a406c37697df255cc8650e5a6a71f13d
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
|
|
| m3.nguonhay.com/media/images/film/pbhorg/s350_700/nu-than-bat-diet-1563091396.jpg | 94.242.50.163 | 200 OK | 30 kB |
URL GET HTTP/1.1m3.nguonhay.com/media/images/film/pbhorg/s350_700/nu-than-bat-diet-1563091396.jpg IP94.242.50.163:80
Requested byhttp://nguonchillb.com/nguoi-bat-tu-victor-vu-f30332.html
File typeJPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, progressive, precision 8, 260x346, components 3 Hasha0790982515dcde6f6fc58b69a8d8e1b d69876af078e4fe210a885954c4762c5e709d9ea cfb4fd613695ab5c5ac4bcfe00e384c946ac8a0ce1f0f34f97cde43e2c4d779a
GET /media/images/film/pbhorg/s350_700/nu-than-bat-diet-1563091396.jpg HTTP/1.1
Host: m3.nguonhay.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://nguonchillb.com/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 10 May 2024 16:59:39 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.0.33
Last-Modified: Thu, 11 Jun 2020 13:14:38 GMT
ETag: "7518-5a7cebe1b5d09"
Accept-Ranges: bytes
Content-Length: 29976
Cache-Control: max-age=5184000, public
Expires: Tue, 09 Jul 2024 16:59:39 GMT
Access-Control-Allow-Origin: *
Connection: close
Content-Type: image/jpeg
|
|
| m3.nguonhay.com/media/images/film/ff/s350_700/thon-tinh-bau-troi-1621105151.jpg | 94.242.50.163 | 200 OK | 68 kB |
URL GET HTTP/1.1m3.nguonhay.com/media/images/film/ff/s350_700/thon-tinh-bau-troi-1621105151.jpg IP94.242.50.163:80
Requested byhttp://nguonchillb.com/nguoi-bat-tu-victor-vu-f30332.html
File typeJPEG image data, JFIF standard 1.01, resolution (DPCM), density 37x37, segment length 16, progressive, precision 8, 238x344, components 3 Hash8cfd556a89476327b497c6ee028c7337 225b9ceb3cf6add4cb53106bbe94f52dd1aa35ca ae9291c36d210d1d78588b9d5696c9f3210c41f557707c53beddeed491359882
GET /media/images/film/ff/s350_700/thon-tinh-bau-troi-1621105151.jpg HTTP/1.1
Host: m3.nguonhay.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://nguonchillb.com/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 10 May 2024 16:59:39 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.0.33
Last-Modified: Sat, 15 May 2021 18:59:23 GMT
ETag: "108ea-5c262f56702a8"
Accept-Ranges: bytes
Content-Length: 67818
Cache-Control: max-age=5184000, public
Expires: Tue, 09 Jul 2024 16:59:39 GMT
Access-Control-Allow-Origin: *
Connection: close
Content-Type: image/jpeg
|
|
| m3.nguonhay.com/media/images/film/vp/s350_700/tinh-yeu-bat-hu-1589587463.jpg | 94.242.50.163 | 200 OK | 28 kB |
URL GET HTTP/1.1m3.nguonhay.com/media/images/film/vp/s350_700/tinh-yeu-bat-hu-1589587463.jpg IP94.242.50.163:80
Requested byhttp://nguonchillb.com/nguoi-bat-tu-victor-vu-f30332.html
File typeJPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, progressive, precision 8, 320x472, components 3 Hashcdbde3ba8f03cb252f81e1494d165f54 7714ea5d480e1182a919084ade05d77158ea614e ec17d9b2fb41cc353e943635a625da794646ae605ce484aa76cddb8bd61209b9
GET /media/images/film/vp/s350_700/tinh-yeu-bat-hu-1589587463.jpg HTTP/1.1
Host: m3.nguonhay.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://nguonchillb.com/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 10 May 2024 16:59:39 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.0.33
Last-Modified: Thu, 11 Jun 2020 15:57:17 GMT
ETag: "6df1-5a7d103d3af8b"
Accept-Ranges: bytes
Content-Length: 28145
Cache-Control: max-age=5184000, public
Expires: Tue, 09 Jul 2024 16:59:39 GMT
Access-Control-Allow-Origin: *
Connection: close
Content-Type: image/jpeg
|
|
| fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu7GxKOzY.woff2 | 142.250.74.99 | 200 OK | 12 kB |
URL GET HTTP/2fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu7GxKOzY.woff2 IP142.250.74.99:443
Requested byhttp://nguonchillb.com/nguoi-bat-tu-victor-vu-f30332.html CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com Fingerprint15:DD:05:B3:2F:D8:E3:54:C9:B4:FA:E4:AC:01:ED:C8:E1:EA:A7:AD ValidityTue, 16 Apr 2024 04:17:07 GMT - Tue, 09 Jul 2024 04:17:06 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 11872, version 1.0 Hash87ace20058325aa069320aa4af875dff b743548770c46d905ae1ba06310bc001c587fe8e 3c23eb02de6b34e30f18cfb7167abd81a2cedfd1da60dfcb71989517ab3fb431
GET /s/roboto/v30/KFOmCnqEu92Fr1Mu7GxKOzY.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://nguonchillb.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 11872
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 10 May 2024 07:34:57 GMT
expires: Sat, 10 May 2025 07:34:57 GMT
cache-control: public, max-age=31536000
age: 33882
last-modified: Wed, 11 May 2022 19:25:01 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSCmu1aB.woff2 | 142.250.74.99 | 200 OK | 17 kB |
URL GET HTTP/2fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSCmu1aB.woff2 IP142.250.74.99:443
Requested byhttp://nguonchillb.com/nguoi-bat-tu-victor-vu-f30332.html CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com Fingerprint15:DD:05:B3:2F:D8:E3:54:C9:B4:FA:E4:AC:01:ED:C8:E1:EA:A7:AD ValidityTue, 16 Apr 2024 04:17:07 GMT - Tue, 09 Jul 2024 04:17:06 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 16552, version 1.0 Hash283c40f79deab0300df8b3ffd86dfc7b 2ef09414a573ac59f4b37e81c8b8a881244b345f 35e5eea83f2e5f2bad1213aa4b4aef30a380720e35c1821f19bc894f8e61e406
GET /s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSCmu1aB.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://nguonchillb.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 16552
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 09 May 2024 01:49:41 GMT
expires: Fri, 09 May 2025 01:49:41 GMT
cache-control: public, max-age=31536000
age: 140998
last-modified: Thu, 14 Dec 2023 02:08:40 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| fonts.googleapis.com/css?family=Roboto+Condensed:300,300i,400,400i,700,700i&subset=latin-ext,vietnamese | 142.250.74.106 | 200 OK | 129 kB |
URL GET HTTP/3fonts.googleapis.com/css?family=Roboto+Condensed:300,300i,400,400i,700,700i&subset=latin-ext,vietnamese IP142.250.74.106:443
Requested byhttp://nguonchillb.com/nguoi-bat-tu-victor-vu-f30332.html CertificateIssuerGoogle Trust Services LLC Subjectupload.video.google.com Fingerprint36:49:20:36:0C:4D:DA:55:65:64:23:0F:49:3E:FA:78:87:35:A3:79 ValidityTue, 16 Apr 2024 04:17:12 GMT - Tue, 09 Jul 2024 04:17:11 GMT
File typegzip compressed data, max compression Size129 kB (129193 bytes) Hash423fb017d1ca1e693a6caa254102f568 08c66881471d3945cfa41ed99cc74679e546b8dd 30f88ac5706a7d9448d0c4cb1c4a4a4a0097ecf9576d163db10cf22547eeb3e0
GET /css?family=Roboto+Condensed:300,300i,400,400i,700,700i&subset=latin-ext,vietnamese HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://nguonchillb.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Fri, 10 May 2024 16:59:39 GMT
date: Fri, 10 May 2024 16:59:39 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSGmu1aB.woff2 | 142.250.74.99 | 200 OK | 35 kB |
URL GET HTTP/2fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSGmu1aB.woff2 IP142.250.74.99:443
Requested byhttp://nguonchillb.com/nguoi-bat-tu-victor-vu-f30332.html CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com Fingerprint15:DD:05:B3:2F:D8:E3:54:C9:B4:FA:E4:AC:01:ED:C8:E1:EA:A7:AD ValidityTue, 16 Apr 2024 04:17:07 GMT - Tue, 09 Jul 2024 04:17:06 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 35328, version 1.0 Hash7670dba29aa2a1560c5d711ea6f6b369 6a2a620d2972f139c804c5a8363c91eb1a7595f6 adfa45260a1306cb5fefc1f17c1b5e7b61135534a82bf1b8e3d0540af7e07e3b
GET /s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSGmu1aB.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://nguonchillb.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 35328
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 09 May 2024 17:27:30 GMT
expires: Fri, 09 May 2025 17:27:30 GMT
cache-control: public, max-age=31536000
age: 84729
last-modified: Thu, 14 Dec 2023 02:00:45 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfCxc4EsA.woff2 | 142.250.74.99 | 200 OK | 5.5 kB |
URL GET HTTP/2fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfCxc4EsA.woff2 IP142.250.74.99:443
Requested byhttp://nguonchillb.com/nguoi-bat-tu-victor-vu-f30332.html CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com Fingerprint15:DD:05:B3:2F:D8:E3:54:C9:B4:FA:E4:AC:01:ED:C8:E1:EA:A7:AD ValidityTue, 16 Apr 2024 04:17:07 GMT - Tue, 09 Jul 2024 04:17:06 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 5548, version 1.0 Hashcdaab83619fcacd4027a77c99dd51e69 9e6eae8554f8cc2309b2dae2d9fa217e34eed6a4 4ec57f2a80b91090971b83970230ca09ab3568c5f5b224896ca9aa6180a76aa9
GET /s/roboto/v30/KFOlCnqEu92Fr1MmWUlfCxc4EsA.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://nguonchillb.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 5548
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 10 May 2024 00:41:08 GMT
expires: Sat, 10 May 2025 00:41:08 GMT
cache-control: public, max-age=31536000
age: 58711
last-modified: Wed, 11 May 2022 19:24:45 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 | 142.250.74.99 | 200 OK | 16 kB |
URL GET HTTP/2fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 IP142.250.74.99:443
Requested byhttp://nguonchillb.com/nguoi-bat-tu-victor-vu-f30332.html CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com Fingerprint15:DD:05:B3:2F:D8:E3:54:C9:B4:FA:E4:AC:01:ED:C8:E1:EA:A7:AD ValidityTue, 16 Apr 2024 04:17:07 GMT - Tue, 09 Jul 2024 04:17:06 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 15744, version 1.0 Hash15d9f621c3bd1599f0169dcf0bd5e63e 7ca9c5967f3bb8bffeab24b639b49c1e7d03fa52 f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://nguonchillb.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15744
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 10 May 2024 06:08:19 GMT
expires: Sat, 10 May 2025 06:08:19 GMT
cache-control: public, max-age=31536000
age: 39080
last-modified: Wed, 11 May 2022 19:24:48 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu7WxKOzY.woff2 | 142.250.74.99 | 200 OK | 5.6 kB |
URL GET HTTP/2fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu7WxKOzY.woff2 IP142.250.74.99:443
Requested byhttp://nguonchillb.com/nguoi-bat-tu-victor-vu-f30332.html CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com Fingerprint15:DD:05:B3:2F:D8:E3:54:C9:B4:FA:E4:AC:01:ED:C8:E1:EA:A7:AD ValidityTue, 16 Apr 2024 04:17:07 GMT - Tue, 09 Jul 2024 04:17:06 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 5560, version 1.0 Hashca3b09b62fda648a4511700413313fd0 109cd4c5435bd6614391bb8722c47c287c96b2ec 77b24796a3d4ab521f66765651875338ed50cb9306cfe4603a3e79618e429cec
GET /s/roboto/v30/KFOmCnqEu92Fr1Mu7WxKOzY.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://nguonchillb.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 5560
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 09 May 2024 01:52:42 GMT
expires: Fri, 09 May 2025 01:52:42 GMT
cache-control: public, max-age=31536000
age: 140817
last-modified: Wed, 11 May 2022 19:24:41 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 | 142.250.74.99 | 200 OK | 16 kB |
URL GET HTTP/2fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 IP142.250.74.99:443
Requested byhttp://nguonchillb.com/nguoi-bat-tu-victor-vu-f30332.html CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com Fingerprint15:DD:05:B3:2F:D8:E3:54:C9:B4:FA:E4:AC:01:ED:C8:E1:EA:A7:AD ValidityTue, 16 Apr 2024 04:17:07 GMT - Tue, 09 Jul 2024 04:17:06 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 15860, version 1.0 Hashe9f5aaf547f165386cd313b995dddd8e acdef5603c2387b0e5bffd744b679a24a8bc1968 f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
GET /s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://nguonchillb.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15860
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 07 May 2024 10:46:32 GMT
expires: Wed, 07 May 2025 10:46:32 GMT
cache-control: public, max-age=31536000
age: 281587
last-modified: Wed, 11 May 2022 19:24:42 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| m3.nguonhay.com/media/images/film/ff/s350_700/vu-em-tien-ton-di-o-re-1625943628.jpg | 94.242.50.163 | 200 OK | 57 kB |
URL GET HTTP/1.1m3.nguonhay.com/media/images/film/ff/s350_700/vu-em-tien-ton-di-o-re-1625943628.jpg IP94.242.50.163:80
Requested byhttp://nguonchillb.com/nguoi-bat-tu-victor-vu-f30332.html
File typeJPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, progressive, precision 8, 238x344, components 3 Hash52e937627731ee482282ff229ca7493f 35b5b9f32d09aa6ad92e91d12e24a4128e8ec873 efd5cba3e20484238830ee30748a17813f4ade6444fa17a75c044a518752ea9e
GET /media/images/film/ff/s350_700/vu-em-tien-ton-di-o-re-1625943628.jpg HTTP/1.1
Host: m3.nguonhay.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://nguonchillb.com/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 10 May 2024 16:59:39 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.0.33
Last-Modified: Sat, 10 Jul 2021 19:00:32 GMT
ETag: "dd68-5c6c980a88936"
Accept-Ranges: bytes
Content-Length: 56680
Cache-Control: max-age=5184000, public
Expires: Tue, 09 Jul 2024 16:59:39 GMT
Access-Control-Allow-Origin: *
Connection: close
Content-Type: image/jpeg
|
|
| fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 | 142.250.74.99 | 200 OK | 48 kB |
URL GET HTTP/2fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 IP142.250.74.99:443
Requested byhttp://nguonchillb.com/nguoi-bat-tu-victor-vu-f30332.html CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com Fingerprint15:DD:05:B3:2F:D8:E3:54:C9:B4:FA:E4:AC:01:ED:C8:E1:EA:A7:AD ValidityTue, 16 Apr 2024 04:17:07 GMT - Tue, 09 Jul 2024 04:17:06 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 48236, version 1.0 Hash015c126a3520c9a8f6a27979d0266e96 2acf956561d44434a6d84204670cf849d3215d5f 3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
GET /s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://nguonchillb.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 48236
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 04 May 2024 04:59:42 GMT
expires: Sun, 04 May 2025 04:59:42 GMT
cache-control: public, max-age=31536000
last-modified: Thu, 14 Dec 2023 02:08:40 GMT
content-type: font/woff2
age: 561597
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| downstairsnegotiatebarren.com/sfp.js | 188.114.97.1 | 301 Moved Permanently | 167 B |
URL GET HTTP/1.1downstairsnegotiatebarren.com/sfp.js IP188.114.97.1:80
Requested byhttp://nguonchillb.com/nguoi-bat-tu-victor-vu-f30332.html
File typeHTML document, ASCII text, with CRLF line terminators Hash0104c301c5e02bd6148b8703d19b3a73 7436e0b4b1f8c222c38069890b75fa2baf9ca620 446a6087825fa73eadb045e5a2e9e2adf7df241b571228187728191d961dda1f
GET /sfp.js HTTP/1.1
Host: downstairsnegotiatebarren.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://nguonchillb.com/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 301 Moved Permanently
Date: Fri, 10 May 2024 16:59:39 GMT
Content-Type: text/html
Content-Length: 167
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Fri, 10 May 2024 17:59:39 GMT
Location: https://downstairsnegotiatebarren.com/sfp.js
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=SPro%2BHdJ7p8zV%2FRaWJhtFbHjIZPx4M8YPvi6Tv%2FA4VunD2rr4wvf71O6Gh1RT8uvVsPf5qBsxkZQ8sZgNOcwLvOCU5SgDccPQDPffeva1Hhr6J%2FRyyb5UUTar%2FTLiitqO9%2BiS3TULbRIqVjVw9Gj%2BA%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 881b7b2599a40b06-OSL
alt-svc: h2=":443"; ma=60
|
|
| proftrafficcounter.com/stats | 18.185.9.67 | 200 OK | 40 B |
URL GET HTTP/2proftrafficcounter.com/stats IP18.185.9.67:443
Requested byhttp://nguonchillb.com/nguoi-bat-tu-victor-vu-f30332.html CertificateIssuerAmazon Subjectproftrafficcounter.com FingerprintE3:9F:79:6F:80:C0:BF:F8:C4:EB:45:F3:E9:0F:A7:41:F6:0C:05:E6 ValidityTue, 21 Nov 2023 00:00:00 GMT - Thu, 19 Dec 2024 23:59:59 GMT
File typeASCII text, with no line terminators Hash5290790cddefa6abe9b6ffb1d22e9df6 959e04ad12d94dbc39390236da3d9c9d7142b370 2a7290492350cace0f6698b21359aa303efcebc45b48eced3c87e37a7d6c20c7
GET /stats HTTP/1.1
Host: proftrafficcounter.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://nguonchillb.com
DNT: 1
Connection: keep-alive
Referer: http://nguonchillb.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 10 May 2024 16:59:39 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: http://nguonchillb.com
vary: Origin
access-control-allow-credentials: true
set-cookie: uid_id2=716c3420-8fe6-4613-b437-f28c52c9e4fd:1:1; expires=Mon, 08 May 2034 16:59:39 GMT; secure; SameSite=None
X-Firefox-Spdy: h2
|
|
| fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 | 142.250.74.99 | 200 OK | 48 kB |
URL GET HTTP/2fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 IP142.250.74.99:443
Requested byhttp://nguonchillb.com/nguoi-bat-tu-victor-vu-f30332.html CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com Fingerprint15:DD:05:B3:2F:D8:E3:54:C9:B4:FA:E4:AC:01:ED:C8:E1:EA:A7:AD ValidityTue, 16 Apr 2024 04:17:07 GMT - Tue, 09 Jul 2024 04:17:06 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 48236, version 1.0 Hash015c126a3520c9a8f6a27979d0266e96 2acf956561d44434a6d84204670cf849d3215d5f 3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
GET /s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://nguonchillb.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 48236
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 04 May 2024 04:59:42 GMT
expires: Sun, 04 May 2025 04:59:42 GMT
cache-control: public, max-age=31536000
last-modified: Thu, 14 Dec 2023 02:08:40 GMT
content-type: font/woff2
age: 561597
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSCmu1aB.woff2 | 142.250.74.99 | 200 OK | 17 kB |
URL GET HTTP/2fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSCmu1aB.woff2 IP142.250.74.99:443
Requested byhttp://nguonchillb.com/nguoi-bat-tu-victor-vu-f30332.html CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com Fingerprint15:DD:05:B3:2F:D8:E3:54:C9:B4:FA:E4:AC:01:ED:C8:E1:EA:A7:AD ValidityTue, 16 Apr 2024 04:17:07 GMT - Tue, 09 Jul 2024 04:17:06 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 16552, version 1.0 Hash283c40f79deab0300df8b3ffd86dfc7b 2ef09414a573ac59f4b37e81c8b8a881244b345f 35e5eea83f2e5f2bad1213aa4b4aef30a380720e35c1821f19bc894f8e61e406
GET /s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSCmu1aB.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://nguonchillb.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 16552
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 09 May 2024 01:49:41 GMT
expires: Fri, 09 May 2025 01:49:41 GMT
cache-control: public, max-age=31536000
age: 140998
last-modified: Thu, 14 Dec 2023 02:08:40 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 | 142.250.74.99 | 200 OK | 48 kB |
URL GET HTTP/2fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 IP142.250.74.99:443
Requested byhttp://nguonchillb.com/nguoi-bat-tu-victor-vu-f30332.html CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com Fingerprint15:DD:05:B3:2F:D8:E3:54:C9:B4:FA:E4:AC:01:ED:C8:E1:EA:A7:AD ValidityTue, 16 Apr 2024 04:17:07 GMT - Tue, 09 Jul 2024 04:17:06 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 48236, version 1.0 Hash015c126a3520c9a8f6a27979d0266e96 2acf956561d44434a6d84204670cf849d3215d5f 3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
GET /s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://nguonchillb.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 48236
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 04 May 2024 04:59:42 GMT
expires: Sun, 04 May 2025 04:59:42 GMT
cache-control: public, max-age=31536000
last-modified: Thu, 14 Dec 2023 02:08:40 GMT
content-type: font/woff2
age: 561597
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSGmu1aB.woff2 | 142.250.74.99 | 200 OK | 35 kB |
URL GET HTTP/2fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSGmu1aB.woff2 IP142.250.74.99:443
Requested byhttp://nguonchillb.com/nguoi-bat-tu-victor-vu-f30332.html CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com Fingerprint15:DD:05:B3:2F:D8:E3:54:C9:B4:FA:E4:AC:01:ED:C8:E1:EA:A7:AD ValidityTue, 16 Apr 2024 04:17:07 GMT - Tue, 09 Jul 2024 04:17:06 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 35328, version 1.0 Hash7670dba29aa2a1560c5d711ea6f6b369 6a2a620d2972f139c804c5a8363c91eb1a7595f6 adfa45260a1306cb5fefc1f17c1b5e7b61135534a82bf1b8e3d0540af7e07e3b
GET /s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSGmu1aB.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://nguonchillb.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 35328
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 09 May 2024 17:27:30 GMT
expires: Fri, 09 May 2025 17:27:30 GMT
cache-control: public, max-age=31536000
age: 84729
last-modified: Thu, 14 Dec 2023 02:00:45 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| nguonchillb.com/themes/np/images/button_km.png | 94.242.50.163 | 200 OK | 2.6 kB |
URL GET HTTP/1.1nguonchillb.com/themes/np/images/button_km.png IP94.242.50.163:80
Requested byhttp://nguonchillb.com/nguoi-bat-tu-victor-vu-f30332.html
File typePNG image data, 66 x 50, 8-bit/color RGBA, non-interlaced Hash05238f78240b8bb3d2453e866550a011 766a5353d457d5282bb04192072a116073b8666d aed76e5f2deac5394da887c6b862ab04fbc3e601348006da714310d72c5dfc60
GET /themes/np/images/button_km.png HTTP/1.1
Host: nguonchillb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://nguonchillb.com/themes/np/css/color.css?v=np2.4.8.2
Cookie: PHPSESSID=dfhq2l5cl64v3rmsmej3uel2t2; us_session_id=P89924; _ga_3RRF2WKVFP=GS1.1.1715360379.1.0.1715360379.0.0.0; _ga=GA1.1.223465648.1715360380; dom3ic8zudi28v8lr6fgphwffqoz0j6c=716c3420-8fe6-4613-b437-f28c52c9e4fd%3A1%3A1
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 10 May 2024 16:59:40 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.0.33
Last-Modified: Fri, 19 Jan 2018 09:15:00 GMT
Accept-Ranges: bytes
Content-Length: 2646
Cache-Control: max-age=2592000, public
Expires: Sun, 09 Jun 2024 16:59:40 GMT
Connection: close
Content-Type: image/png
|
|
| nguonchillb.com/themes/np/images/bottomNavOFF.png | 94.242.50.163 | 200 OK | 1.3 kB |
URL GET HTTP/1.1nguonchillb.com/themes/np/images/bottomNavOFF.png IP94.242.50.163:80
Requested byhttp://nguonchillb.com/nguoi-bat-tu-victor-vu-f30332.html
File typePNG image data, 13 x 13, 8-bit/color RGBA, non-interlaced Hash840cd790a57c4cee3fb5b50d448dfd3a 976ecfbdaadc569488019ad246b6dfa31bdab85b d317c5f6a5b4342d84bcc00cb0c99d2ce3c7d6f1044ac8036d722fcbf728baeb
GET /themes/np/images/bottomNavOFF.png HTTP/1.1
Host: nguonchillb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://nguonchillb.com/themes/np/css/color.css?v=np2.4.8.2
Cookie: PHPSESSID=dfhq2l5cl64v3rmsmej3uel2t2; us_session_id=P89924; _ga_3RRF2WKVFP=GS1.1.1715360379.1.0.1715360379.0.0.0; _ga=GA1.1.223465648.1715360380; dom3ic8zudi28v8lr6fgphwffqoz0j6c=716c3420-8fe6-4613-b437-f28c52c9e4fd%3A1%3A1
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 10 May 2024 16:59:40 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.0.33
Last-Modified: Fri, 19 Jan 2018 09:15:00 GMT
Accept-Ranges: bytes
Content-Length: 1250
Cache-Control: max-age=2592000, public
Expires: Sun, 09 Jun 2024 16:59:40 GMT
Connection: close
Content-Type: image/png
|
|
| nguonchillb.com/site/chatbot/refresh/ | 94.242.50.163 | 200 OK | 260 B |
URL POST HTTP/1.1nguonchillb.com/site/chatbot/refresh/ IP94.242.50.163:80
Requested byhttp://nguonchillb.com/nguoi-bat-tu-victor-vu-f30332.html
Hashba0683de7607ad624fb4cecda80e9bc1 674cb63ed78bcbd018343354b0ae42e9c43d2ee1 83db877ee449fa874aaaf8896bc642c25fc2f6e8c0179b6d4d59a2c0c9cdfce1
POST /site/chatbot/refresh/ HTTP/1.1
Host: nguonchillb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
X-Requested-With: XMLHttpRequest
Content-Length: 16
Origin: http://nguonchillb.com
DNT: 1
Connection: keep-alive
Referer: http://nguonchillb.com/nguoi-bat-tu-victor-vu-f30332.html
Cookie: PHPSESSID=dfhq2l5cl64v3rmsmej3uel2t2; us_session_id=P89924; _ga_3RRF2WKVFP=GS1.1.1715360379.1.0.1715360379.0.0.0; _ga=GA1.1.223465648.1715360380; dom3ic8zudi28v8lr6fgphwffqoz0j6c=716c3420-8fe6-4613-b437-f28c52c9e4fd%3A1%3A1
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 10 May 2024 16:59:40 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.0.33
X-Powered-By: PHP/7.0.33
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: Accept-Encoding
Content-Encoding: gzip
X-UA-Compatible: IE=edge,chrome=1
Content-Length: 260
Connection: close
Content-Type: text/html; charset=UTF-8
|
|
| nguonchillb.com/themes/np/images/bottomNavON.png | 94.242.50.163 | 200 OK | 1.3 kB |
URL GET HTTP/1.1nguonchillb.com/themes/np/images/bottomNavON.png IP94.242.50.163:80
Requested byhttp://nguonchillb.com/nguoi-bat-tu-victor-vu-f30332.html
File typePNG image data, 13 x 13, 8-bit/color RGBA, non-interlaced Hash0703045e13e1ab8508a2273cbe71d5d6 c2d2f79bb3758de5722cddd94eaf4701078b4d71 698cc5f19fb8e30c2a9d8471e81637cb26e8fcd67a55bfffc9ca651a0c45e90f
GET /themes/np/images/bottomNavON.png HTTP/1.1
Host: nguonchillb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://nguonchillb.com/themes/np/css/color.css?v=np2.4.8.2
Cookie: PHPSESSID=dfhq2l5cl64v3rmsmej3uel2t2; us_session_id=P89924; _ga_3RRF2WKVFP=GS1.1.1715360379.1.0.1715360379.0.0.0; _ga=GA1.1.223465648.1715360380
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 10 May 2024 16:59:40 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.0.33
Last-Modified: Fri, 19 Jan 2018 09:15:00 GMT
Accept-Ranges: bytes
Content-Length: 1334
Cache-Control: max-age=2592000, public
Expires: Sun, 09 Jun 2024 16:59:40 GMT
Connection: close
Content-Type: image/png
|
|
| nguonchillb.com/site/site/checkaccess/ | 94.242.50.163 | 200 OK | 7 B |
URL POST HTTP/1.1nguonchillb.com/site/site/checkaccess/ IP94.242.50.163:80
Requested byhttp://nguonchillb.com/nguoi-bat-tu-victor-vu-f30332.html
File typeASCII text, with no line terminators Hash4e3ca82bee9b6a4b6c6e30ca31234e50 f007b014714adb9c2c7c105e64dfa8448e9ec77a 148ecdac86b94c986a6bb2da57595b2cc4b35afa88e266ec7f30f79530803efb
POST /site/site/checkaccess/ HTTP/1.1
Host: nguonchillb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
X-Requested-With: XMLHttpRequest
Content-Length: 88
Origin: http://nguonchillb.com
DNT: 1
Connection: keep-alive
Referer: http://nguonchillb.com/nguoi-bat-tu-victor-vu-f30332.html
Cookie: PHPSESSID=dfhq2l5cl64v3rmsmej3uel2t2; us_session_id=P89924; _ga_3RRF2WKVFP=GS1.1.1715360379.1.0.1715360379.0.0.0; _ga=GA1.1.223465648.1715360380; dom3ic8zudi28v8lr6fgphwffqoz0j6c=716c3420-8fe6-4613-b437-f28c52c9e4fd%3A1%3A1
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 10 May 2024 16:59:40 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.0.33
X-Powered-By: PHP/7.0.33
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
X-UA-Compatible: IE=edge,chrome=1
Content-Length: 7
Connection: close
Content-Type: text/html; charset=UTF-8
|
|
| m3.nguonphim.net/media/images/1/favi/favicon-1498701606.png | 94.242.50.163 | 200 OK | 18 kB |
URL GET HTTP/1.1m3.nguonphim.net/media/images/1/favi/favicon-1498701606.png IP94.242.50.163:80
Requested byhttp://nguonchillb.com/nguoi-bat-tu-victor-vu-f30332.html
File typePNG image data, 46 x 48, 8-bit/color RGBA, non-interlaced Hashe6f4a93efe2d93e885abcbb4cc09cd4a e4f94b9e95b40e30b215228316bb7f8c48d08ed2 93b7bbea433aa41f6efb860d3d9777d363f9e64fc1ad4186cd9ef525bbee9c94
GET /media/images/1/favi/favicon-1498701606.png HTTP/1.1
Host: m3.nguonphim.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://nguonchillb.com/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 10 May 2024 16:59:40 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.0.33
Last-Modified: Wed, 05 Jul 2017 04:14:59 GMT
ETag: "45d1-5538a3e52eb40"
Accept-Ranges: bytes
Content-Length: 17873
Cache-Control: max-age=5184000, public
Expires: Tue, 09 Jul 2024 16:59:40 GMT
Access-Control-Allow-Origin: *
Connection: close
Content-Type: image/png
|
|
| unseenreport.com/pxf.gif?uuid=716c3420-8fe6-4613-b437-f28c52c9e4fd&eb=978028c5053b26833423c7a069ce3bd5&te=5db3a4e34790624df926db520a13f79f&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=e&res=14.2069&b_frame=0&pk=5b28bb3338748187b2166508de2d96b3&bl=en-US&sr=1024x1280&sz=1024x1280&hjs=16 | 192.243.61.225 | 200 OK | 1 B |
URL GET HTTP/1.1unseenreport.com/pxf.gif?uuid=716c3420-8fe6-4613-b437-f28c52c9e4fd&eb=978028c5053b26833423c7a069ce3bd5&te=5db3a4e34790624df926db520a13f79f&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=e&res=14.2069&b_frame=0&pk=5b28bb3338748187b2166508de2d96b3&bl=en-US&sr=1024x1280&sz=1024x1280&hjs=16 IP192.243.61.225:80 ASN#39572 DataWeb Global Group B.V.
Requested byhttp://nguonchillb.com/nguoi-bat-tu-victor-vu-f30332.html
File typevery short file (no magic) Hash93b885adfe0da089cdf634904fd59f71 5ba93c9db0cff93f52b521d7420e43f6eda2784f 6e340b9cffb37a989ca544e6bb780a2c78901d3fb33738768511a30617afa01d
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /pxf.gif?uuid=716c3420-8fe6-4613-b437-f28c52c9e4fd&eb=978028c5053b26833423c7a069ce3bd5&te=5db3a4e34790624df926db520a13f79f&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=e&res=14.2069&b_frame=0&pk=5b28bb3338748187b2166508de2d96b3&bl=en-US&sr=1024x1280&sz=1024x1280&hjs=16 HTTP/1.1
Host: unseenreport.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://nguonchillb.com/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Fri, 10 May 2024 16:59:40 GMT
Content-Type: image/gif
Content-Length: 1
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 2a9ab67de57bc1b54325c429805ebb43
Strict-Transport-Security: max-age=0; includeSubdomains
|
|
| downstairsnegotiatebarren.com/sfp.js | 188.114.97.1 | 301 Moved Permanently | 35 kB |
URL GET HTTP/1.1downstairsnegotiatebarren.com/sfp.js IP188.114.97.1:80
Requested byhttp://nguonchillb.com/nguoi-bat-tu-victor-vu-f30332.html
File typeJavaScript source, Unicode text, UTF-8 text, with very long lines (65529), with no line terminators Hashf4a2f8f9f99541c6f105bbd0a025bd40 1f8e3eff12168fdd9e719adfc098d24a45b6916a b717cb04231a10d425fd55b73c85a5407119c6826a8bac94142fddfff6958716
GET /sfp.js HTTP/1.1
Host: downstairsnegotiatebarren.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://nguonchillb.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 10 May 2024 16:59:40 GMT
content-type: application/javascript; charset=utf-8
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin: *
expires: Thu, 01 Jan 1970 00:00:01 GMT
cache-control: max-age=14400
x-request-id: 702d19482a7b09cf7b12f38dee6ecfbd
strict-transport-security: max-age=0; includeSubdomains
cf-cache-status: EXPIRED
last-modified: Fri, 10 May 2024 16:59:39 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=X%2B%2FPGRbVBnTJyo78iH%2BpGtQI%2BZc8rIfEG%2FOtMYc1tcFYPfhIVobHrTH9T%2FcdoNwfFtwZPdZzhh4sVourA3qTh01VLvfe8e0wb17Z8rpRmgGh4le%2FNZiXT3IXrdLCxkX5dlAYum2L35DRhZLwwrDF%2Fw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 881b7b271beb568e-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| niecesexhaustsilas.com/ren.gif?sid=H4sIAAAAAAAC%2F1RSz2skRRSuHuPJgyh7UoRRPChsJv1jpmfGBYNxNxKMmyXrL1CQ6q7qSZnqrqaqf0yCh2BAFk%2FDXjza%2BSbZoLuI%2BwcYdbIgEhAynnIwF%2F0PxD2JyIzDBh8U7736XsH3vq8%2B28vPiYucnl19S20LKelCq2HXX3rfca7UV0WS9%2Bv9jv%2BR37xS18UrXb9hv1x%2Fg4ebasG1Hdt2bKe%2BLDSPVH9hAkKk97pOo2s3mm7DaTXR1%2F%2FvTW7BUAusOCdPQ7Dx3APrEkQ4QhJ%2Fe5WbzUyll6%2FFuaSZ0ijY4TvJZqLKBPFFGWkLUXI4m4Yyp8tHUMnBlC5U8WgwEGNi%2FXSEIDmckURQ7E95BhI8QcCeQFmMwOUIgo4Qql0IdkqAkOH6GpL4znWlS7r1H0on6JjMPfwTohyTud8uIYm%2FWZKiX7%2BpZJ4JlRj0owqiP4LojZDmx8i2axDlMcLsUwj2C1l4uIok3l8zUkGwsxfbjh96Tdee70Tcn2%2F6jjcfNL32fOR2wpYbdnkzYlOBhBhBRCNIPgA1FvLJERbyyEKeWojZWT10HKdts5DanW4YeqzNA5%2FZDm1HDnVsv4M8nOwwQJYOEMoBQr2DVO9gUwyg8x9gNioYZsFkBAWrUHKC0hCUlKAUBGVGUBbVAZPGNdUdJk0eOLPszrJXDVXW26MHKuvxhIDqATSr9tJz8tREQGtu%2FA82%2BVm9FbidIPA8r9NudpxOO3Ad32%2FZHcZd1vUDD0ZUEKY2XXd7YuaPS0gn%2BYVFBPQYRh4jFBZo%2FhxoWYFuVNhO7ia9XCVZ0QhVDKYqpNkcsi1rT56TZ6cOru1q8PBk8e9a8vnz795GqCukusLH4gFBT94arquS7K%2Br0pD7a2kmYrFNJ%2B7ezGjGH%2F%2F6Tb5VKs1WrprBV6%2BFE2BS3nubm2yVJkwkPUPuLgnGuF5WOuTkuxXzHg9u5GZjKddJnq7eeH15JU41N0aoZAQqTq99gVCMyZPffzj9tpc%2F%2BANCj6DzCnF%2BQmYBoY4Rpjsw6cni7940YBSBlhczQWqhzKuhdoOLSykIJL%2FoaVDB8JPFvxae%2BfKo%2BBkBfyTHUNPJayqqPXMLPV0DzXaRxBUKXaGQFagcwOSPDbNUnyz%2BOqMRyNowkLq2H0gtb09FHpOVtfsw4qze9jyb%2Bt2W025T3g6abifyHUap2%2FRd36ceMjOOXl3%2F5F8AAAD%2F%2FwEAAP%2F%2Fa5p2AJAEAAA%3D | 172.240.253.132 | 200 OK | 7 B |
URL GET HTTP/1.1niecesexhaustsilas.com/ren.gif?sid=H4sIAAAAAAAC%2F1RSz2skRRSuHuPJgyh7UoRRPChsJv1jpmfGBYNxNxKMmyXrL1CQ6q7qSZnqrqaqf0yCh2BAFk%2FDXjza%2BSbZoLuI%2BwcYdbIgEhAynnIwF%2F0PxD2JyIzDBh8U7736XsH3vq8%2B28vPiYucnl19S20LKelCq2HXX3rfca7UV0WS9%2Bv9jv%2BR37xS18UrXb9hv1x%2Fg4ebasG1Hdt2bKe%2BLDSPVH9hAkKk97pOo2s3mm7DaTXR1%2F%2FvTW7BUAusOCdPQ7Dx3APrEkQ4QhJ%2Fe5WbzUyll6%2FFuaSZ0ijY4TvJZqLKBPFFGWkLUXI4m4Yyp8tHUMnBlC5U8WgwEGNi%2FXSEIDmckURQ7E95BhI8QcCeQFmMwOUIgo4Qql0IdkqAkOH6GpL4znWlS7r1H0on6JjMPfwTohyTud8uIYm%2FWZKiX7%2BpZJ4JlRj0owqiP4LojZDmx8i2axDlMcLsUwj2C1l4uIok3l8zUkGwsxfbjh96Tdee70Tcn2%2F6jjcfNL32fOR2wpYbdnkzYlOBhBhBRCNIPgA1FvLJERbyyEKeWojZWT10HKdts5DanW4YeqzNA5%2FZDm1HDnVsv4M8nOwwQJYOEMoBQr2DVO9gUwyg8x9gNioYZsFkBAWrUHKC0hCUlKAUBGVGUBbVAZPGNdUdJk0eOLPszrJXDVXW26MHKuvxhIDqATSr9tJz8tREQGtu%2FA82%2BVm9FbidIPA8r9NudpxOO3Ad32%2FZHcZd1vUDD0ZUEKY2XXd7YuaPS0gn%2BYVFBPQYRh4jFBZo%2FhxoWYFuVNhO7ia9XCVZ0QhVDKYqpNkcsi1rT56TZ6cOru1q8PBk8e9a8vnz795GqCukusLH4gFBT94arquS7K%2Br0pD7a2kmYrFNJ%2B7ezGjGH%2F%2F6Tb5VKs1WrprBV6%2BFE2BS3nubm2yVJkwkPUPuLgnGuF5WOuTkuxXzHg9u5GZjKddJnq7eeH15JU41N0aoZAQqTq99gVCMyZPffzj9tpc%2F%2BANCj6DzCnF%2BQmYBoY4Rpjsw6cni7940YBSBlhczQWqhzKuhdoOLSykIJL%2FoaVDB8JPFvxae%2BfKo%2BBkBfyTHUNPJayqqPXMLPV0DzXaRxBUKXaGQFagcwOSPDbNUnyz%2BOqMRyNowkLq2H0gtb09FHpOVtfsw4qze9jyb%2Bt2W025T3g6abifyHUap2%2FRd36ceMjOOXl3%2F5F8AAAD%2F%2FwEAAP%2F%2Fa5p2AJAEAAA%3D IP172.240.253.132:443
Requested byhttp://nguonchillb.com/nguoi-bat-tu-victor-vu-f30332.html CertificateIssuerLet's Encrypt Subjectniecesexhaustsilas.com Fingerprint25:F4:0B:8D:AC:46:26:85:AC:ED:0C:CA:A3:50:F5:16:33:CC:C5:DC ValidityMon, 06 May 2024 08:11:53 GMT - Sun, 04 Aug 2024 08:11:52 GMT
File typeASCII text, with no line terminators Hash132d6af1b46048b45cf86cdee7991d31 eb7007d03d59b65bc6da7e098c4d38fc6dfb6285 ab852e838deccd742a03ca81d4a8d75cf1a00b327db3eaf46bd7da6b6db9384c
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /ren.gif?sid=H4sIAAAAAAAC%2F1RSz2skRRSuHuPJgyh7UoRRPChsJv1jpmfGBYNxNxKMmyXrL1CQ6q7qSZnqrqaqf0yCh2BAFk%2FDXjza%2BSbZoLuI%2BwcYdbIgEhAynnIwF%2F0PxD2JyIzDBh8U7736XsH3vq8%2B28vPiYucnl19S20LKelCq2HXX3rfca7UV0WS9%2Bv9jv%2BR37xS18UrXb9hv1x%2Fg4ebasG1Hdt2bKe%2BLDSPVH9hAkKk97pOo2s3mm7DaTXR1%2F%2FvTW7BUAusOCdPQ7Dx3APrEkQ4QhJ%2Fe5WbzUyll6%2FFuaSZ0ijY4TvJZqLKBPFFGWkLUXI4m4Yyp8tHUMnBlC5U8WgwEGNi%2FXSEIDmckURQ7E95BhI8QcCeQFmMwOUIgo4Qql0IdkqAkOH6GpL4znWlS7r1H0on6JjMPfwTohyTud8uIYm%2FWZKiX7%2BpZJ4JlRj0owqiP4LojZDmx8i2axDlMcLsUwj2C1l4uIok3l8zUkGwsxfbjh96Tdee70Tcn2%2F6jjcfNL32fOR2wpYbdnkzYlOBhBhBRCNIPgA1FvLJERbyyEKeWojZWT10HKdts5DanW4YeqzNA5%2FZDm1HDnVsv4M8nOwwQJYOEMoBQr2DVO9gUwyg8x9gNioYZsFkBAWrUHKC0hCUlKAUBGVGUBbVAZPGNdUdJk0eOLPszrJXDVXW26MHKuvxhIDqATSr9tJz8tREQGtu%2FA82%2BVm9FbidIPA8r9NudpxOO3Ad32%2FZHcZd1vUDD0ZUEKY2XXd7YuaPS0gn%2BYVFBPQYRh4jFBZo%2FhxoWYFuVNhO7ia9XCVZ0QhVDKYqpNkcsi1rT56TZ6cOru1q8PBk8e9a8vnz795GqCukusLH4gFBT94arquS7K%2Br0pD7a2kmYrFNJ%2B7ezGjGH%2F%2F6Tb5VKs1WrprBV6%2BFE2BS3nubm2yVJkwkPUPuLgnGuF5WOuTkuxXzHg9u5GZjKddJnq7eeH15JU41N0aoZAQqTq99gVCMyZPffzj9tpc%2F%2BANCj6DzCnF%2BQmYBoY4Rpjsw6cni7940YBSBlhczQWqhzKuhdoOLSykIJL%2FoaVDB8JPFvxae%2BfKo%2BBkBfyTHUNPJayqqPXMLPV0DzXaRxBUKXaGQFagcwOSPDbNUnyz%2BOqMRyNowkLq2H0gtb09FHpOVtfsw4qze9jyb%2Bt2W025T3g6abifyHUap2%2FRd36ceMjOOXl3%2F5F8AAAD%2F%2FwEAAP%2F%2Fa5p2AJAEAAA%3D HTTP/1.1
Host: niecesexhaustsilas.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://nguonchillb.com/
Cookie: u_pl=17093374; uid_id2=716c3420-8fe6-4613-b437-f28c52c9e4fd:1:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; slec5b28bb3338748187b2166508de2d96b3=[5210994]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Fri, 10 May 2024 16:59:41 GMT
Content-Type: image/gif
Content-Length: 7
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: f950513f288196b59f43cee1eafe2125
Strict-Transport-Security: max-age=0; includeSubdomains
|
|
| cdn.creative-bars1.com/sb/interstitial/sweep/default/stories/1/img/icon.png | 188.114.96.1 | 200 OK | 12 kB |
URL GET HTTP/2cdn.creative-bars1.com/sb/interstitial/sweep/default/stories/1/img/icon.png IP188.114.96.1:443
Requested byhttp://nguonchillb.com/nguoi-bat-tu-victor-vu-f30332.html CertificateIssuerGoogle Trust Services LLC Subjectcreative-bars1.com Fingerprint3D:29:39:2C:F1:E5:C6:EF:54:F5:70:B5:CF:A8:C2:75:4D:89:72:13 ValidityMon, 15 Apr 2024 15:02:18 GMT - Sun, 14 Jul 2024 15:02:17 GMT
File typePNG image data, 230 x 253, 8-bit colormap, non-interlaced Hashb1f546ae7b0fbf8f3d19946146456d8a 37792f4d6fb3482b3d0281139a61e2e426fa3056 2a0b851026a70a5da3b5f2fe9e7f5d098c4126c035a68de8e90f8408bab6fd33
GET /sb/interstitial/sweep/default/stories/1/img/icon.png HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Fri, 10 May 2024 16:59:41 GMT
content-type: image/png
content-length: 11963
last-modified: Fri, 19 Jan 2024 14:17:32 GMT
etag: "65aa847c-2ebb"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 866501
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=7QzBbl6eLcf6usOOXQvxJCUMMWINDWTq%2FfPu82q4qa49GvFCIlu65Svfah6skaWgtNx3Iv%2FC461nmQoHPAX5jpD24t5jPsIUv4qD0GAVVRSc913ehOhKwSsU8IN%2BPN6HrcAotFMUizzc"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 881b7b2f1a331c0e-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| fonts.googleapis.com/css?family=Roboto:300,400,700&display=swap | 142.250.74.106 | 200 OK | 717 B |
URL GET HTTP/1.1fonts.googleapis.com/css?family=Roboto:300,400,700&display=swap IP142.250.74.106:80
Requested byhttp://nguonchillb.com/nguoi-bat-tu-victor-vu-f30332.html
Hash9cc7d472437c87f6f7ebeb35abec09f1 948bb2b7bf4bbc829015c125e1b6f7859b2948b0 9a39510af72db44fb14d333c52c41da0e90827afcfe78c8f12b367f0a94783b7
GET /css?family=Roboto:300,400,700&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: text/css; charset=utf-8
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Link: <http://fonts.gstatic.com>; rel=preconnect; crossorigin
Expires: Fri, 10 May 2024 16:59:41 GMT
Date: Fri, 10 May 2024 16:59:41 GMT
Cache-Control: private, max-age=86400
Cross-Origin-Opener-Policy: same-origin-allow-popups
Cross-Origin-Resource-Policy: cross-origin
Content-Encoding: gzip
Transfer-Encoding: chunked
Server: ESF
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
|
|
| niecesexhaustsilas.com/pixel/sbls?bv=24.6.6370&tmpl=482&u=https%3A%2F%2Fcdn.barscreative1.com%2Fsb%2Finterstitial%2Fsweep%2Fdefault%2Fstories%2F1%2Findex.html&l=1125&fd=84 | 172.240.253.132 | 200 OK | 0 B |
URL GET HTTP/1.1niecesexhaustsilas.com/pixel/sbls?bv=24.6.6370&tmpl=482&u=https%3A%2F%2Fcdn.barscreative1.com%2Fsb%2Finterstitial%2Fsweep%2Fdefault%2Fstories%2F1%2Findex.html&l=1125&fd=84 IP172.240.253.132:80
Requested byhttp://nguonchillb.com/nguoi-bat-tu-victor-vu-f30332.html
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /pixel/sbls?bv=24.6.6370&tmpl=482&u=https%3A%2F%2Fcdn.barscreative1.com%2Fsb%2Finterstitial%2Fsweep%2Fdefault%2Fstories%2F1%2Findex.html&l=1125&fd=84 HTTP/1.1
Host: niecesexhaustsilas.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://nguonchillb.com/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Fri, 10 May 2024 16:59:41 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
|
|
| cdn.creative-bars1.com/sb/interstitial/sweep/default/stories/1/css/style.css | 188.114.96.1 | 200 OK | 553 B |
URL GET HTTP/2cdn.creative-bars1.com/sb/interstitial/sweep/default/stories/1/css/style.css IP188.114.96.1:443
Requested byhttp://nguonchillb.com/nguoi-bat-tu-victor-vu-f30332.html CertificateIssuerGoogle Trust Services LLC Subjectcreative-bars1.com Fingerprint3D:29:39:2C:F1:E5:C6:EF:54:F5:70:B5:CF:A8:C2:75:4D:89:72:13 ValidityMon, 15 Apr 2024 15:02:18 GMT - Sun, 14 Jul 2024 15:02:17 GMT
Hash09e402648e8c3edf74a22296eec8ed6e 50f3fccaf2074366bd61b4925cdad604f951c17b 4cf2b716e0c42dfcdbb8bb614c9011874da5d744edc1db3a9bc9bea28e13301d
GET /sb/interstitial/sweep/default/stories/1/css/style.css HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://nguonchillb.com
DNT: 1
Connection: keep-alive
Referer: http://nguonchillb.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 10 May 2024 16:59:41 GMT
content-type: text/css
last-modified: Fri, 19 Jan 2024 14:17:32 GMT
etag: W/"65aa847c-59a"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
content-encoding: gzip
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=pFh7b82ZqpcT5tAJKAW2RUK1ivZ7LG4aspr3FUuYYQXy4TK4u2jSd9f16Q2HZGXeCvh0%2FQxyxJWKHE6MATuPWV%2BrOa7ZXe%2Fi3bj5c8qliShz%2Bs6gZ7hWoL%2FbGk%2FbIhRjn8RGo7CRZwRg"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 881b7b2ec9e71c0e-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| niecesexhaustsilas.com/pixel/sbls?bv=24.6.6370&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Finterstitial%2Fsweep%2Fdefault%2Fstories%2F1%2Fcss%2Fstyle.css&l=1434&fd=365 | 172.240.253.132 | 200 OK | 0 B |
URL GET HTTP/1.1niecesexhaustsilas.com/pixel/sbls?bv=24.6.6370&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Finterstitial%2Fsweep%2Fdefault%2Fstories%2F1%2Fcss%2Fstyle.css&l=1434&fd=365 IP172.240.253.132:80
Requested byhttp://nguonchillb.com/nguoi-bat-tu-victor-vu-f30332.html
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /pixel/sbls?bv=24.6.6370&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Finterstitial%2Fsweep%2Fdefault%2Fstories%2F1%2Fcss%2Fstyle.css&l=1434&fd=365 HTTP/1.1
Host: niecesexhaustsilas.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://nguonchillb.com/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Fri, 10 May 2024 16:59:41 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
|
|
| cdn.creative-bars1.com/sb/interstitial/sweep/default/stories/1/js/script.js | 188.114.96.1 | 200 OK | 145 B |
URL GET HTTP/2cdn.creative-bars1.com/sb/interstitial/sweep/default/stories/1/js/script.js IP188.114.96.1:443
Requested byhttp://nguonchillb.com/nguoi-bat-tu-victor-vu-f30332.html CertificateIssuerGoogle Trust Services LLC Subjectcreative-bars1.com Fingerprint3D:29:39:2C:F1:E5:C6:EF:54:F5:70:B5:CF:A8:C2:75:4D:89:72:13 ValidityMon, 15 Apr 2024 15:02:18 GMT - Sun, 14 Jul 2024 15:02:17 GMT
Hashf892d13477b4dc50738e456394213c85 7fd3b8db8ae9065a1ca71e93d2d8c54a30f0c4d3 fce0518bf4195114ede5ba3e52220db0b2566b606eb8ee6d28199bc6587f7f5d
GET /sb/interstitial/sweep/default/stories/1/js/script.js HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://nguonchillb.com
DNT: 1
Connection: keep-alive
Referer: http://nguonchillb.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Fri, 10 May 2024 16:59:41 GMT
content-type: application/javascript
last-modified: Fri, 19 Jan 2024 14:17:32 GMT
etag: W/"65aa847c-141"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=EkvAi3vWp2DBjbN%2BT6rBJeXetDWY%2B7gPXj82%2Bzc6i9Nn906K8QHP1wCzFatnAR2%2BfqmFIs1kM%2FpDo4%2F9n6h81ESc9WIL84UDLkpd4BfMDFwh82dMHazykr102qZUlIL42dcygd9%2FfikY"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 881b7b2fdaff1c0e-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 | 142.250.74.99 | 200 OK | 16 kB |
URL GET HTTP/2fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 IP142.250.74.99:443
Requested byhttp://nguonchillb.com/nguoi-bat-tu-victor-vu-f30332.html CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com Fingerprint15:DD:05:B3:2F:D8:E3:54:C9:B4:FA:E4:AC:01:ED:C8:E1:EA:A7:AD ValidityTue, 16 Apr 2024 04:17:07 GMT - Tue, 09 Jul 2024 04:17:06 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 15744, version 1.0 Hash15d9f621c3bd1599f0169dcf0bd5e63e 7ca9c5967f3bb8bffeab24b639b49c1e7d03fa52 f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://nguonchillb.com
DNT: 1
Connection: keep-alive
Referer: http://fonts.googleapis.com/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin; report-to="apps-themes"
Report-To: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
Timing-Allow-Origin: *
Content-Length: 15744
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Fri, 10 May 2024 02:17:12 GMT
Expires: Sat, 10 May 2025 02:17:12 GMT
Cache-Control: public, max-age=31536000
Age: 52950
Last-Modified: Wed, 11 May 2022 19:24:48 GMT
Content-Type: font/woff2
|
|
| niecesexhaustsilas.com/impr.gif?sid=H4sIAAAAAAAC%2F1RSTWtdRRieE%2BPKhShdKcJVXCg0yfm4HycWDMY2EoxNaf0CBZmvcztmzpnDzPm4DS6KBSmuLt249ORJ2qItYn%2BAVW8KIgEh11UWZqP%2FQOxKRO710uALw%2Fu%2B87wDz%2Fs889lOeUxClPTo7FtmW2lNlzqLfuul94PgTGtDZeWgNYi7H3XbZ1q2emW5u%2Bi%2F3HpD8i2zFPqB7wd%2B0FpTViZmsDQBofK7y8Hisr%2FYDheDThsD%2B%2F%2FelR4c9SCqY%2FI0lBjPP%2FBOQfERsvTbs9JtFSY%2FfS4tNS2MRSVuv5NtZabOkJ6UifWQZLdn0zDucO0%2BTHZzShemejTI1Jh4P90Hy27PSIJVe1OeTENmYOIJ1NUIUo%2Bg6AjcXIMShwTgAuc3kaW3zhtb0yv%2FoXSCjsn8wz%2Bh6jGZ%2F%2B0UsvSbVa0GrUtGl4UymcMgaaAGI6j%2BCHm5j2J7DqreBy8%2BhRK%2FkKWHG8jSvU2nDZQ4erEXdHnUDv2FOJHdhXY3iBZYO%2BotJGHMOyFflu1ETAVSagSVjKDlENR5KCdHeSgTD2XuIRVHLR4EQc8XnPrxMueR6EnWFX5Ae0lAA78bo%2BSTHYYo8iG4HoLbq8jtVWypIWz5A9zlBk54cAVBJRrUkqB2BDUlqBVBXRDUVXNTaBe65pbQrmTBLIezHDW7pujv0Jum6MuMgNohrGh28mPy1ERAb378D7bkUavDwpixKIriXjsO4h4Lg26348dChmK5yyI41UC5uem62xMzf1xFPskvrIDRfTi9D6480PI50LoBvdxgO7uT9UuTFdUiNymEaZAX8yiueDv6mDw7dXDzmoXkByt%2Fz2WfP%2F%2FuDXDbILcNPlYPCPr6%2Bu5FU5O9i6Z25N5mXqhUbdOJu5cKWsjHv35TXqmNFetn3fCr1%2FgEmJR335au2KCZUFnfkTurSghp14zlkny37t6T7ELpLq%2BWNivzjQuvr62nuZXOKZONQNXhuS%2FA1Zg8%2Bf2H0297%2BoM%2FoOwItmyQlgdkFlBmHzy%2FCpcfrPweTQPOEFh9MsNyD3XZ7NqQnVxqRaDlSU9ZAycPVv5aeubL%2B9XPYPKRHLuWTl5T1ey46%2BjbOdDiGrK0QWUbVLoB1UO48rHdIrcHK7%2FOaDA9t8u0ndtj2uobU5HHZH3zHpw6akW%2B6DGZyB6T7U47kVywTof5POEsEnHMUbhx8urFT%2F4FAAD%2F%2FwEAAP%2F%2F606j6JAEAAA%3D | 172.240.253.132 | 200 OK | 7 B |
URL GET HTTP/1.1niecesexhaustsilas.com/impr.gif?sid=H4sIAAAAAAAC%2F1RSTWtdRRieE%2BPKhShdKcJVXCg0yfm4HycWDMY2EoxNaf0CBZmvcztmzpnDzPm4DS6KBSmuLt249ORJ2qItYn%2BAVW8KIgEh11UWZqP%2FQOxKRO710uALw%2Fu%2B87wDz%2Fs889lOeUxClPTo7FtmW2lNlzqLfuul94PgTGtDZeWgNYi7H3XbZ1q2emW5u%2Bi%2F3HpD8i2zFPqB7wd%2B0FpTViZmsDQBofK7y8Hisr%2FYDheDThsD%2B%2F%2FelR4c9SCqY%2FI0lBjPP%2FBOQfERsvTbs9JtFSY%2FfS4tNS2MRSVuv5NtZabOkJ6UifWQZLdn0zDucO0%2BTHZzShemejTI1Jh4P90Hy27PSIJVe1OeTENmYOIJ1NUIUo%2Bg6AjcXIMShwTgAuc3kaW3zhtb0yv%2FoXSCjsn8wz%2Bh6jGZ%2F%2B0UsvSbVa0GrUtGl4UymcMgaaAGI6j%2BCHm5j2J7DqreBy8%2BhRK%2FkKWHG8jSvU2nDZQ4erEXdHnUDv2FOJHdhXY3iBZYO%2BotJGHMOyFflu1ETAVSagSVjKDlENR5KCdHeSgTD2XuIRVHLR4EQc8XnPrxMueR6EnWFX5Ae0lAA78bo%2BSTHYYo8iG4HoLbq8jtVWypIWz5A9zlBk54cAVBJRrUkqB2BDUlqBVBXRDUVXNTaBe65pbQrmTBLIezHDW7pujv0Jum6MuMgNohrGh28mPy1ERAb378D7bkUavDwpixKIriXjsO4h4Lg26348dChmK5yyI41UC5uem62xMzf1xFPskvrIDRfTi9D6480PI50LoBvdxgO7uT9UuTFdUiNymEaZAX8yiueDv6mDw7dXDzmoXkByt%2Fz2WfP%2F%2FuDXDbILcNPlYPCPr6%2Bu5FU5O9i6Z25N5mXqhUbdOJu5cKWsjHv35TXqmNFetn3fCr1%2FgEmJR335au2KCZUFnfkTurSghp14zlkny37t6T7ELpLq%2BWNivzjQuvr62nuZXOKZONQNXhuS%2FA1Zg8%2Bf2H0297%2BoM%2FoOwItmyQlgdkFlBmHzy%2FCpcfrPweTQPOEFh9MsNyD3XZ7NqQnVxqRaDlSU9ZAycPVv5aeubL%2B9XPYPKRHLuWTl5T1ey46%2BjbOdDiGrK0QWUbVLoB1UO48rHdIrcHK7%2FOaDA9t8u0ndtj2uobU5HHZH3zHpw6akW%2B6DGZyB6T7U47kVywTof5POEsEnHMUbhx8urFT%2F4FAAD%2F%2FwEAAP%2F%2F606j6JAEAAA%3D IP172.240.253.132:443
Requested byhttp://nguonchillb.com/nguoi-bat-tu-victor-vu-f30332.html CertificateIssuerLet's Encrypt Subjectniecesexhaustsilas.com Fingerprint25:F4:0B:8D:AC:46:26:85:AC:ED:0C:CA:A3:50:F5:16:33:CC:C5:DC ValidityMon, 06 May 2024 08:11:53 GMT - Sun, 04 Aug 2024 08:11:52 GMT
File typeASCII text, with no line terminators Hash132d6af1b46048b45cf86cdee7991d31 eb7007d03d59b65bc6da7e098c4d38fc6dfb6285 ab852e838deccd742a03ca81d4a8d75cf1a00b327db3eaf46bd7da6b6db9384c
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /impr.gif?sid=H4sIAAAAAAAC%2F1RSTWtdRRieE%2BPKhShdKcJVXCg0yfm4HycWDMY2EoxNaf0CBZmvcztmzpnDzPm4DS6KBSmuLt249ORJ2qItYn%2BAVW8KIgEh11UWZqP%2FQOxKRO710uALw%2Fu%2B87wDz%2Fs889lOeUxClPTo7FtmW2lNlzqLfuul94PgTGtDZeWgNYi7H3XbZ1q2emW5u%2Bi%2F3HpD8i2zFPqB7wd%2B0FpTViZmsDQBofK7y8Hisr%2FYDheDThsD%2B%2F%2FelR4c9SCqY%2FI0lBjPP%2FBOQfERsvTbs9JtFSY%2FfS4tNS2MRSVuv5NtZabOkJ6UifWQZLdn0zDucO0%2BTHZzShemejTI1Jh4P90Hy27PSIJVe1OeTENmYOIJ1NUIUo%2Bg6AjcXIMShwTgAuc3kaW3zhtb0yv%2FoXSCjsn8wz%2Bh6jGZ%2F%2B0UsvSbVa0GrUtGl4UymcMgaaAGI6j%2BCHm5j2J7DqreBy8%2BhRK%2FkKWHG8jSvU2nDZQ4erEXdHnUDv2FOJHdhXY3iBZYO%2BotJGHMOyFflu1ETAVSagSVjKDlENR5KCdHeSgTD2XuIRVHLR4EQc8XnPrxMueR6EnWFX5Ae0lAA78bo%2BSTHYYo8iG4HoLbq8jtVWypIWz5A9zlBk54cAVBJRrUkqB2BDUlqBVBXRDUVXNTaBe65pbQrmTBLIezHDW7pujv0Jum6MuMgNohrGh28mPy1ERAb378D7bkUavDwpixKIriXjsO4h4Lg26348dChmK5yyI41UC5uem62xMzf1xFPskvrIDRfTi9D6480PI50LoBvdxgO7uT9UuTFdUiNymEaZAX8yiueDv6mDw7dXDzmoXkByt%2Fz2WfP%2F%2FuDXDbILcNPlYPCPr6%2Bu5FU5O9i6Z25N5mXqhUbdOJu5cKWsjHv35TXqmNFetn3fCr1%2FgEmJR335au2KCZUFnfkTurSghp14zlkny37t6T7ELpLq%2BWNivzjQuvr62nuZXOKZONQNXhuS%2FA1Zg8%2Bf2H0297%2BoM%2FoOwItmyQlgdkFlBmHzy%2FCpcfrPweTQPOEFh9MsNyD3XZ7NqQnVxqRaDlSU9ZAycPVv5aeubL%2B9XPYPKRHLuWTl5T1ey46%2BjbOdDiGrK0QWUbVLoB1UO48rHdIrcHK7%2FOaDA9t8u0ndtj2uobU5HHZH3zHpw6akW%2B6DGZyB6T7U47kVywTof5POEsEnHMUbhx8urFT%2F4FAAD%2F%2FwEAAP%2F%2F606j6JAEAAA%3D HTTP/1.1
Host: niecesexhaustsilas.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://nguonchillb.com/
Cookie: u_pl=17093374; uid_id2=716c3420-8fe6-4613-b437-f28c52c9e4fd:1:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; slec5b28bb3338748187b2166508de2d96b3=[5210994]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Fri, 10 May 2024 16:59:42 GMT
Content-Type: image/gif
Content-Length: 7
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: efc3b652b456b296a0e6c3c1923f5e1d
Strict-Transport-Security: max-age=0; includeSubdomains
|
|
| niecesexhaustsilas.com/pixel/sbs?c=1 | 172.240.108.76 | 200 OK | 0 B |
URL GET HTTP/1.1niecesexhaustsilas.com/pixel/sbs?c=1 IP172.240.108.76:443
Requested byhttp://nguonchillb.com/nguoi-bat-tu-victor-vu-f30332.html CertificateIssuerLet's Encrypt Subjectniecesexhaustsilas.com Fingerprint25:F4:0B:8D:AC:46:26:85:AC:ED:0C:CA:A3:50:F5:16:33:CC:C5:DC ValidityMon, 06 May 2024 08:11:53 GMT - Sun, 04 Aug 2024 08:11:52 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /pixel/sbs?c=1 HTTP/1.1
Host: niecesexhaustsilas.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://nguonchillb.com/
Cookie: u_pl=17093374; uid_id2=716c3420-8fe6-4613-b437-f28c52c9e4fd:1:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; slec5b28bb3338748187b2166508de2d96b3=[5210994]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Fri, 10 May 2024 16:59:42 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
|
|
| niecesexhaustsilas.com/sbar.json?key=5b28bb3338748187b2166508de2d96b3&uuid=716c3420-8fe6-4613-b437-f28c52c9e4fd%3A1%3A1 | 172.240.253.132 | 200 OK | 12 kB |
URL GET HTTP/1.1niecesexhaustsilas.com/sbar.json?key=5b28bb3338748187b2166508de2d96b3&uuid=716c3420-8fe6-4613-b437-f28c52c9e4fd%3A1%3A1 IP172.240.253.132:443
Requested byhttp://nguonchillb.com/nguoi-bat-tu-victor-vu-f30332.html CertificateIssuerLet's Encrypt Subjectniecesexhaustsilas.com Fingerprint25:F4:0B:8D:AC:46:26:85:AC:ED:0C:CA:A3:50:F5:16:33:CC:C5:DC ValidityMon, 06 May 2024 08:11:53 GMT - Sun, 04 Aug 2024 08:11:52 GMT
Hashb5577f0e6883486630d29294d76fa54d 439e577ad3742bb98510bd2a1398dd8665a6bf85 be5660a97a5043452e622a07366f839a9ac71c7603bb86b4e894645749df1b57
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /sbar.json?key=5b28bb3338748187b2166508de2d96b3&uuid=716c3420-8fe6-4613-b437-f28c52c9e4fd%3A1%3A1 HTTP/1.1
Host: niecesexhaustsilas.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://nguonchillb.com
DNT: 1
Connection: keep-alive
Referer: http://nguonchillb.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Fri, 10 May 2024 16:59:41 GMT
Content-Type: text/plain; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: http://nguonchillb.com
Access-Control-Allow-Origin: http://nguonchillb.com
Access-Control-Allow-Credentials: true
Set-Cookie: u_pl=17093374; expires=Sat, 11 May 2024 16:59:40 GMT; secure; SameSite=None
uid_id2=716c3420-8fe6-4613-b437-f28c52c9e4fd:1:1; expires=Fri, 17 May 2024 16:59:40 GMT; secure; SameSite=None
pdhtkv=true; expires=Sat, 11 May 2024 16:59:41 GMT; secure; SameSite=None
uncs=1; expires=Sat, 11 May 2024 16:59:41 GMT; secure; SameSite=None
pdhtkv29=true; expires=Sat, 11 May 2024 16:59:41 GMT; secure; SameSite=None
uncs29=1; expires=Sat, 11 May 2024 16:59:41 GMT; secure; SameSite=None
slec5b28bb3338748187b2166508de2d96b3=[5210994]; expires=Fri, 10 May 2024 16:59:46 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 7a9154cdfab6ffa26a340d3c29964943
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
|
|
| niecesexhaustsilas.com/pixel/sbls?bv=24.6.6370&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Finterstitial%2Fsweep%2Fdefault%2Fstories%2F1%2Fjs%2Fscript.js&l=321&fd=323 | 172.240.108.76 | 200 OK | 0 B |
URL GET HTTP/1.1niecesexhaustsilas.com/pixel/sbls?bv=24.6.6370&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Finterstitial%2Fsweep%2Fdefault%2Fstories%2F1%2Fjs%2Fscript.js&l=321&fd=323 IP172.240.108.76:80
Requested byhttp://nguonchillb.com/nguoi-bat-tu-victor-vu-f30332.html
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /pixel/sbls?bv=24.6.6370&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Finterstitial%2Fsweep%2Fdefault%2Fstories%2F1%2Fjs%2Fscript.js&l=321&fd=323 HTTP/1.1
Host: niecesexhaustsilas.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://nguonchillb.com/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Fri, 10 May 2024 16:59:41 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
|
|
| cdn.creative-bars1.com/sb/interstitial/sweep/default/stories/1/js/jquery.min.js | 188.114.96.1 | 200 OK | 87 kB |
URL GET HTTP/2cdn.creative-bars1.com/sb/interstitial/sweep/default/stories/1/js/jquery.min.js IP188.114.96.1:443
Requested byhttp://nguonchillb.com/nguoi-bat-tu-victor-vu-f30332.html CertificateIssuerGoogle Trust Services LLC Subjectcreative-bars1.com Fingerprint3D:29:39:2C:F1:E5:C6:EF:54:F5:70:B5:CF:A8:C2:75:4D:89:72:13 ValidityMon, 15 Apr 2024 15:02:18 GMT - Sun, 14 Jul 2024 15:02:17 GMT
File typeJavaScript source, ASCII text, with very long lines (32058) Hashc9f5aeeca3ad37bf2aa006139b935f0a 1055018c28ab41087ef9ccefe411606893dabea2 87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de
GET /sb/interstitial/sweep/default/stories/1/js/jquery.min.js HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 10 May 2024 16:59:41 GMT
content-type: application/javascript
last-modified: Fri, 19 Jan 2024 14:17:32 GMT
etag: W/"65aa847c-15283"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 866501
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=LlO%2BtlNa4MABhQcjv5gCctMd3AJkgru2elcakMll1cA%2FInfqRaJVrGUkiPEyduIM3bxx0hPRtt%2BdMC1hU4ertRdBr%2BPqZ6MaCuv668Mcjy%2FZIqOzy3lT6xSatjxl0Jn3Yjcqi4%2FmWcjx"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 881b7b2f2a351c0e-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| www.googletagmanager.com/gtag/js?id=G-3RRF2WKVFP&l=dataLayer&cx=c | 142.250.74.168 | 200 OK | 250 kB |
URL GET HTTP/2www.googletagmanager.com/gtag/js?id=G-3RRF2WKVFP&l=dataLayer&cx=c IP142.250.74.168:443
Requested byhttp://nguonchillb.com/nguoi-bat-tu-victor-vu-f30332.html CertificateIssuerGoogle Trust Services LLC Subject*.google-analytics.com Fingerprint93:6B:D2:9D:92:BE:2D:D8:02:67:82:83:5E:EF:A3:F9:13:F3:26:AE ValidityTue, 16 Apr 2024 03:18:45 GMT - Tue, 09 Jul 2024 03:18:44 GMT
File typeJavaScript source, ASCII text, with very long lines (4242) Size250 kB (250541 bytes) Hashb9ccb8f86f648fd5494d4b1a913d9b90 154e389fcc4c2ccdcecc8a2fece800b8bc20d596 109b4947899dab2d994b8db3db2c7b644bc0e594975b26c7e6df22ef73129542
GET /gtag/js?id=G-3RRF2WKVFP&l=dataLayer&cx=c HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://nguonchillb.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Fri, 10 May 2024 16:59:39 GMT
expires: Fri, 10 May 2024 16:59:39 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 88589
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| cdn.creative-bars1.com/sb/interstitial/sweep/default/stories/1/css/animate.css | 188.114.96.1 | 200 OK | 79 kB |
URL GET HTTP/2cdn.creative-bars1.com/sb/interstitial/sweep/default/stories/1/css/animate.css IP188.114.96.1:443
Requested byhttp://nguonchillb.com/nguoi-bat-tu-victor-vu-f30332.html CertificateIssuerGoogle Trust Services LLC Subjectcreative-bars1.com Fingerprint3D:29:39:2C:F1:E5:C6:EF:54:F5:70:B5:CF:A8:C2:75:4D:89:72:13 ValidityMon, 15 Apr 2024 15:02:18 GMT - Sun, 14 Jul 2024 15:02:17 GMT
Hash5982c5377696d20476871062646b253f 8bf2c93fa9ccc908f7df0fb7abb911bbac3e4242 4e23a6449e6ef4614f0107cecf5c9eda75d2041c7c71f4a55d45f2a7e75450f4
GET /sb/interstitial/sweep/default/stories/1/css/animate.css HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://nguonchillb.com
DNT: 1
Connection: keep-alive
Referer: http://nguonchillb.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 10 May 2024 16:59:41 GMT
content-type: text/css
last-modified: Fri, 19 Jan 2024 14:17:32 GMT
etag: W/"65aa847c-13365"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
content-encoding: gzip
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5PY1qdtJYnuOREfrvKYbEhmcaQewjv2xheEzCVfIqdSGm3PSf%2BTDliwLLQAuPhGZ%2FWiIn3lWIThUFe2PfQ5pAO5giNznsF6fjkqfbIJ7XeEwvx7ew%2B3fIkDFhBDusZDfBmzFqnwYlvuM"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 881b7b2ed9ec1c0e-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| fonts.gstatic.com/s/materialicons/v142/flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2 | 142.250.74.99 | 200 OK | 128 kB |
URL GET HTTP/2fonts.gstatic.com/s/materialicons/v142/flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2 IP142.250.74.99:443
Requested byhttp://nguonchillb.com/nguoi-bat-tu-victor-vu-f30332.html CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com Fingerprint15:DD:05:B3:2F:D8:E3:54:C9:B4:FA:E4:AC:01:ED:C8:E1:EA:A7:AD ValidityTue, 16 Apr 2024 04:17:07 GMT - Tue, 09 Jul 2024 04:17:06 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 128352, version 1.0 Size128 kB (128352 bytes) Hash53436aca8627a49f4deaaa44dc9e3c05 0bc0c675480d94ec7e8609dda6227f88c5d08d2c 8265f64786397d6b832d1ca0aafdf149ad84e72759fffa9f7272e91a0fb015d1
GET /s/materialicons/v142/flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://nguonchillb.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 128352
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 09 May 2024 01:55:24 GMT
expires: Fri, 09 May 2025 01:55:24 GMT
cache-control: public, max-age=31536000
age: 140655
last-modified: Mon, 08 Apr 2024 19:04:47 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| cdn.barscreative1.com/sb/interstitial/sweep/default/stories/1/index.html | 45.133.44.3 | 200 OK | 1.1 kB |
URL GET HTTP/2cdn.barscreative1.com/sb/interstitial/sweep/default/stories/1/index.html IP45.133.44.3:443 ASN#39572 DataWeb Global Group B.V.
Requested byhttp://nguonchillb.com/nguoi-bat-tu-victor-vu-f30332.html CertificateIssuerLet's Encrypt Subjectcdn.barscreative1.com Fingerprint08:55:F0:C8:EA:24:54:0D:3C:B9:2C:95:3E:DC:BF:FB:A8:76:BA:BC ValidityThu, 09 May 2024 03:01:15 GMT - Wed, 07 Aug 2024 03:01:14 GMT
File typeHTML document, ASCII text, with very long lines (1191), with no line terminators Hash3cb5e6c9f01bfa7cb22cea97b0b797bd e7d11b7e73cef3077f1fd9422b02887a0a9b92a3 ff16f3fe2fabcd2e6ff096ae0c0c535ea1b9e3ad821158fe96dd38a673a24ca8
GET /sb/interstitial/sweep/default/stories/1/index.html HTTP/1.1
Host: cdn.barscreative1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://nguonchillb.com
DNT: 1
Connection: keep-alive
Referer: http://nguonchillb.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 10 May 2024 16:59:41 GMT
content-type: text/html; charset=utf-8
server: nginx/1.21.6
last-modified: Fri, 19 Jan 2024 14:17:32 GMT
etag: W/"65aa847c-465"
cache-control: max-age=3600
access-control-allow-origin: *
access-control-expose-headers: Date
content-encoding: gzip
expires: Fri, 10 May 2024 17:59:41 GMT
x-proxy-cache: HIT
X-Firefox-Spdy: h2
|
|
| cdn.creative-bars1.com/sb/interstitial/sweep/default/stories/1/img/close.svg | 188.114.96.1 | 200 OK | 1.3 kB |
URL GET HTTP/2cdn.creative-bars1.com/sb/interstitial/sweep/default/stories/1/img/close.svg IP188.114.96.1:443
Requested byhttp://nguonchillb.com/nguoi-bat-tu-victor-vu-f30332.html CertificateIssuerGoogle Trust Services LLC Subjectcreative-bars1.com Fingerprint3D:29:39:2C:F1:E5:C6:EF:54:F5:70:B5:CF:A8:C2:75:4D:89:72:13 ValidityMon, 15 Apr 2024 15:02:18 GMT - Sun, 14 Jul 2024 15:02:17 GMT
File typeSVG Scalable Vector Graphics image Hash5ff33e884803785a8002a2aa5fa03b0e a04406f2592e23e648bee499477f823da0c48362 6ba65121162b5b03e75501501ddaa928f73be8d1fe81c032a4879561de63ff58
GET /sb/interstitial/sweep/default/stories/1/img/close.svg HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 10 May 2024 16:59:41 GMT
content-type: image/svg+xml
last-modified: Fri, 19 Jan 2024 14:17:32 GMT
etag: W/"65aa847c-4ff"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 2155603
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=c568Ip9z8NR%2FJO7igZFioHK1RWh9WmCzQMPxW9xDcsB9RpkQDnYy28T8w%2B5rz27bxDe4W4D7ss%2BoYYtsa9%2F1NpNP6Q8EC32EIJY0IbAB5EEKJP9tor5A9EAB9Oub2DqlSkdcTV9Zw6dR"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 881b7b2f1a2c1c0e-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| fonts.googleapis.com/icon?family=Material+Icons | 142.250.74.106 | 200 OK | 565 B |
URL GET HTTP/2fonts.googleapis.com/icon?family=Material+Icons IP142.250.74.106:443
Requested byhttp://nguonchillb.com/nguoi-bat-tu-victor-vu-f30332.html CertificateIssuerGoogle Trust Services LLC Subjectupload.video.google.com Fingerprint36:49:20:36:0C:4D:DA:55:65:64:23:0F:49:3E:FA:78:87:35:A3:79 ValidityTue, 16 Apr 2024 04:17:12 GMT - Tue, 09 Jul 2024 04:17:11 GMT
File typeASCII text, with very long lines (588), with no line terminators Hash959a533a3dc02649e0cc3f8f67d942af 34db49ff64aed8b51beaba5b9928ad504a4df335 24864ed3ee6fab66640980d4c24640e579e5583764a8ee8c4f09decf27977247
GET /icon?family=Material+Icons HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://nguonchillb.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Fri, 10 May 2024 16:59:38 GMT
date: Fri, 10 May 2024 16:59:38 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| niecesexhaustsilas.com/pixel/sbls?bv=24.6.6370&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Finterstitial%2Fsweep%2Fdefault%2Fstories%2F1%2Fcss%2Fanimate.css&l=78693&fd=361 | 172.240.253.132 | 200 OK | 0 B |
URL GET HTTP/1.1niecesexhaustsilas.com/pixel/sbls?bv=24.6.6370&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Finterstitial%2Fsweep%2Fdefault%2Fstories%2F1%2Fcss%2Fanimate.css&l=78693&fd=361 IP172.240.253.132:80
Requested byhttp://nguonchillb.com/nguoi-bat-tu-victor-vu-f30332.html
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /pixel/sbls?bv=24.6.6370&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Finterstitial%2Fsweep%2Fdefault%2Fstories%2F1%2Fcss%2Fanimate.css&l=78693&fd=361 HTTP/1.1
Host: niecesexhaustsilas.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://nguonchillb.com/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Fri, 10 May 2024 16:59:41 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
|
|
| nguonchillb.com/themes/np/fonts/fontawesome-webfont.woff2?v=4.7.0 | 94.242.50.163 | 200 OK | 77 kB |
URL GET HTTP/1.1nguonchillb.com/themes/np/fonts/fontawesome-webfont.woff2?v=4.7.0 IP94.242.50.163:80
Requested byhttp://nguonchillb.com/nguoi-bat-tu-victor-vu-f30332.html
File typeWeb Open Font Format (Version 2), TrueType, length 77160, version 4.459 Hashaf7ae505a9eed503f8b8e6982036873e d6f48cba7d076fb6f2fd6ba993a75b9dc1ecbf0c 2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
GET /themes/np/fonts/fontawesome-webfont.woff2?v=4.7.0 HTTP/1.1
Host: nguonchillb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: http://nguonchillb.com/themes/np/css/color.css?v=np2.4.8.2
Cookie: PHPSESSID=dfhq2l5cl64v3rmsmej3uel2t2; us_session_id=P89924
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 10 May 2024 16:59:39 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.0.33
Last-Modified: Fri, 19 Jan 2018 09:14:59 GMT
Accept-Ranges: bytes
Content-Length: 77160
Cache-Control: max-age=2592000
Expires: Sun, 09 Jun 2024 16:59:39 GMT
X-UA-Compatible: IE=edge,chrome=1
Connection: close
|
|