Report - nguonchillb.com/site/site/embed/?url=https://nguonchillb.com/nguoi-bat-tu-victor-vu-f30332.html

Report Overview

Submitted URL
nguonchillb.com/site/site/embed/?url=https://nguonchillb.com/nguoi-bat-tu-victor-vu-f30332.html
IP
94.242.50.163
ASN
#43317 SIA VEESP
Submitted
2024-05-10 17:00:05
Access
public
Website Title
Phim Người Bất Tử | The Immortal (2018) - Vietsub, Thuyết Minh, HD - nguonchillb.com
Final URL
nguonchillb.com/nguoi-bat-tu-victor-vu-f30332.html
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
18

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
nguonchillb.com	unknown	unknown	No data	No data	12 kB	295 kB	94.242.50.163
fonts.googleapis.com	8877	2005-01-25	2013-06-10	2024-05-10	2.4 kB	303 kB	142.250.74.106
chokedsmelt.com	unknown	2022-02-17	2022-02-17	2024-01-03	352 B	17 kB	172.240.108.84
m3.nguonhay.com	unknown	2022-05-13	2022-10-28	2023-05-23	8.0 kB	1.1 MB	94.242.50.163
downstairsnegotiatebarren.com	unknown	2024-03-04	2024-03-04	2024-05-09	737 B	37 kB	188.114.97.1
niecesexhaustsilas.com	unknown	2024-05-06	2024-05-06	2024-05-09	6.9 kB	17 kB	172.240.253.132
cdn.barscreative1.com	25648	2021-09-08	2021-09-16	2024-05-09	475 B	1.5 kB	45.133.44.3
m3.nguonphim.net	926780	2016-09-27	2017-09-03	2023-05-23	1.1 kB	53 kB	94.242.50.163
fonts.gstatic.com	unknown	2008-02-11	2014-09-09	2024-05-10	7.5 kB	459 kB	142.250.74.99
proftrafficcounter.com	unknown	2023-11-16	2023-11-21	2024-05-09	429 B	421 B	18.185.9.67
unseenreport.com	unknown	2022-03-30	2022-03-30	2024-05-09	654 B	423 B	192.243.61.225
www.googletagmanager.com	75	2011-11-11	2013-05-22	2024-05-09	863 B	327 kB	142.250.74.168
nguontv.com	336051	2017-12-19	2017-12-26	2023-05-23	340 B	52 kB	94.242.50.163
cdn.creative-bars1.com	unknown	2022-11-01	2022-11-15	2024-05-09	2.8 kB	184 kB	188.114.96.1

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2024-05-10	medium	unseenreport.com	Sinkholed
2024-05-10	medium	niecesexhaustsilas.com	Sinkholed
2024-05-10	medium	niecesexhaustsilas.com	Sinkholed
2024-05-10	medium	niecesexhaustsilas.com	Sinkholed
2024-05-10	medium	niecesexhaustsilas.com	Sinkholed
2024-05-10	medium	niecesexhaustsilas.com	Sinkholed
2024-05-10	medium	niecesexhaustsilas.com	Sinkholed
2024-05-10	medium	niecesexhaustsilas.com	Sinkholed
2024-05-10	medium	niecesexhaustsilas.com	Sinkholed

ThreatFox

No alerts detected

JavaScript (30)

	URL	Size	First Seen	Last Seen
	nguonchillb.com/nguoi-bat-tu-victor-vu-f30332.html	155 B	2024-02-18	2024-05-10
Pretty URL nguonchillb.com/nguoi-bat-tu-victor-vu-f30332.html IP 94.242.50.163 ASN #43317 SIA VEESP Introduced by scriptElement Embedded in HTML true Observations First Seen2024-02-18 22:54:31 Last Seen2024-05-10 19:00:13 Times Seen12 Hash 6051014c5e796fee2658df8215ca51b1 43a9c6fc8557d2ed77ed5148d988b60cd2fc9032 095fb8ece5340b7cf3dae710c4c0b18d4e3376c62776d10700cfc1b81fc5569f Loading...

	nguonchillb.com/nguoi-bat-tu-victor-vu-f30332.html	445 B	2023-06-30	2024-06-02
Pretty URL nguonchillb.com/nguoi-bat-tu-victor-vu-f30332.html IP 94.242.50.163 ASN #43317 SIA VEESP Introduced by scriptElement Embedded in HTML true Observations First Seen2023-06-30 17:21:06 Last Seen2024-06-02 04:23:59 Times Seen60 Hash 97e094668f02b1c249e1b0fde6a93c38 0153a494a8ff263e8e544dccddccd8fb0cafb4d1 58c2bf516e86f70bfeade925e3cacc9dada2b41883b78e2b090f41074283eca2 Loading...

	nguonchillb.com/nguoi-bat-tu-victor-vu-f30332.html	2.6 kB	2023-03-14	2024-06-02
Pretty URL nguonchillb.com/nguoi-bat-tu-victor-vu-f30332.html IP 94.242.50.163 ASN #43317 SIA VEESP Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-14 11:01:34 Last Seen2024-06-02 04:23:59 Times Seen61 Hash 60161d8d86847ca8b04f5b01ee669a6c 717b4881183bf8cf5ce77404d34a269a4050aeb1 a24fd0045c4ab300e6a50db2183ef069a1381b411e5266655083d9181cd34eb4 Loading...

	nguonchillb.com/themes/np/js/wow.min.js	8.4 kB	2023-03-07	2024-06-03
Pretty URL nguonchillb.com/themes/np/js/wow.min.js IP 94.242.50.163 ASN #43317 SIA VEESP Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:32 Last Seen2024-06-03 09:14:06 Times Seen1630 Hash e1f1ff6897992a9165e8ce009b4039e3 e297207404fea99863aea60a1dcd3770f8ecddee 37461d9b50fd93b2e6d064c4aa48cbc16d5b1e82c27f47270b87a39225cc00ac Loading...

	nguonchillb.com/nguoi-bat-tu-victor-vu-f30332.html	1.1 kB	2024-05-10	2024-05-10
Pretty URL nguonchillb.com/nguoi-bat-tu-victor-vu-f30332.html IP 94.242.50.163 ASN #43317 SIA VEESP Introduced by scriptElement Embedded in HTML true Observations First Seen2024-05-10 19:00:13 Last Seen2024-05-10 19:00:13 Times Seen1 Hash d85ddc78ec8268ebee4eaf38a226dfdc c5e2f14ae23409420ee9da58e9d09b5f7f30d4e7 718c5a8005cfd0a677a668b56f1983758f00959d6e8ebf0d2986df9f5788de9e Loading...

	nguonchillb.com/themes/np/js/owl.carousel.min.js	24 kB	2023-03-07	2024-06-03
Pretty URL nguonchillb.com/themes/np/js/owl.carousel.min.js IP 94.242.50.163 ASN #43317 SIA VEESP Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:24 Last Seen2024-06-03 00:47:07 Times Seen1342 Hash 8c52f27fcac36c7667f8fb846e1e94d5 e5862559db659ffd530c91452d668c5e7b3f0f2d 6c1e31700f68d1666de6b0992e89d413434707718bf729a472404029845bdbad Loading...

	nguonchillb.com/nguoi-bat-tu-victor-vu-f30332.html	1.3 kB	2023-06-30	2024-05-13
Pretty URL nguonchillb.com/nguoi-bat-tu-victor-vu-f30332.html IP 94.242.50.163 ASN #43317 SIA VEESP Introduced by scriptElement Embedded in HTML true Observations First Seen2023-06-30 17:21:06 Last Seen2024-05-13 13:40:04 Times Seen28 Hash d59eec928a2258943841a24265996b71 bcafb6d712b5384c229200ac334ae4edc4257666 2c95a0c2b22c434ddcafff4c6c066e0245fe952dc6ecac092f03a3e6dfdebca8 Loading...

	nguonchillb.com/nguoi-bat-tu-victor-vu-f30332.html	186 B	2023-03-14	2024-06-02
Pretty URL nguonchillb.com/nguoi-bat-tu-victor-vu-f30332.html IP 94.242.50.163 ASN #43317 SIA VEESP Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-14 11:01:34 Last Seen2024-06-02 04:23:59 Times Seen54 Hash b993e8a9b04faef49d09b434bd17084a 39a8f48a89f2e25c64f943ccbd07569554ee9c35 6f0325f63b0088d5d2b0077b848f4ad68412653d986d7bd5ffb5691ac86bf2c8 Loading...

	nguonchillb.com/nguoi-bat-tu-victor-vu-f30332.html	3.2 kB	2023-06-30	2024-05-13
Pretty URL nguonchillb.com/nguoi-bat-tu-victor-vu-f30332.html IP 94.242.50.163 ASN #43317 SIA VEESP Introduced by scriptElement Embedded in HTML true Observations First Seen2023-06-30 17:21:06 Last Seen2024-05-13 13:40:04 Times Seen28 Hash b96f4a005c864862a4384b06d5a9107c fc78ac08d3340dbb4b804be29f7fc4b7681cc6d7 aed37495258d67e806aa0a4db84b8575f1ecad7860d09f533506754ec311d3fd Loading...

	nguonchillb.com/themes/np/js/bootstrap.min.js	37 kB	2023-03-07	2024-06-03
Pretty URL nguonchillb.com/themes/np/js/bootstrap.min.js IP 94.242.50.163 ASN #43317 SIA VEESP Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:10:31 Last Seen2024-06-03 18:40:10 Times Seen3178 Hash e7d9a06cf9053c51cd4ad3386da0659a e45bf1054704a1fdfc4ee2713a16bf9283dea995 9a3724b2051a82064c923cbd68343dcb04014adac3ccb8c4d8ac6a31ba2e12cd Loading...

	nguonchillb.com/js/main.min.js?v=2.4.8.2	18 kB	2023-03-08	2024-06-02
Pretty URL nguonchillb.com/js/main.min.js?v=2.4.8.2 IP 94.242.50.163 ASN #43317 SIA VEESP Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 05:21:43 Last Seen2024-06-02 04:24:00 Times Seen166 Hash 2f3514d630f0195787c0f99778202f3c 2ce2883a59c655b8e02d644a1449fcdfdf604486 23b47b8eb144a359fdd87940db44e0420e7e0062f3cbba762e0e22c35afb3749 Loading...

	unknown	31 B	2023-06-30	2024-06-02
Pretty Introduced by eventHandler Embedded in HTML false Observations First Seen2023-06-30 17:21:06 Last Seen2024-06-02 04:24:00 Times Seen60 Hash 99435bde41f63f11e10faa33493d957c 8d71886c3801548743aadd0e77022831e1865834 ff338bca90a388441fe03cb825c6350d33321f0bafa5847c8e38aca7375b77ed Loading...

	nguonchillb.com/nguoi-bat-tu-victor-vu-f30332.html	1.2 kB	2023-03-14	2024-06-02
Pretty URL nguonchillb.com/nguoi-bat-tu-victor-vu-f30332.html IP 94.242.50.163 ASN #43317 SIA VEESP Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-14 11:01:34 Last Seen2024-06-02 04:24:00 Times Seen61 Hash 9b84178904087e9ecab356dd1d22e7ac 7d8f1e77acc4c28b9c0302d86705315d0970ad5f 6dc11177a43f6eb08ce1e1076f1407df69952991908cfe350a82e5b0abbc6566 Loading...

	nguonchillb.com/sandbox%20eval%20code	147 B	2023-04-11	2024-06-03
Pretty URL nguonchillb.com/sandbox%20eval%20code IP 0.0.0.0 ASN #0 Introduced by Embedded in HTML false Observations First Seen2023-04-11 21:07:53 Last Seen2024-06-03 18:41:39 Times Seen360167 Hash 92b651082ce234f66bb544e678befda3 14c21c55ddce43b6f677caadf51d4ab98c6a3df8 25d57d1d97abeb84531d3d3e5754dd5cb19a2c115edfa7cfc7af8247084faded Loading...

	nguonchillb.com/nguoi-bat-tu-victor-vu-f30332.html	3.9 kB	2024-02-18	2024-06-02
Pretty URL nguonchillb.com/nguoi-bat-tu-victor-vu-f30332.html IP 94.242.50.163 ASN #43317 SIA VEESP Introduced by scriptElement Embedded in HTML true Observations First Seen2024-02-18 22:54:32 Last Seen2024-06-02 04:24:00 Times Seen52 Hash 972805b1a38054d9b5ccdb8e70028090 4710bc93ff6f4bcd3a154425aba307648efacdda 8ed077247980a4e781cdc45b2dbdea9875cabadd19eb48ef55d98708eb601401 Loading...

	cdn.creative-bars1.com/sb/interstitial/sweep/default/stories/1/js/jquery.min.js	87 kB	2023-03-07	2024-06-03
Pretty URL cdn.creative-bars1.com/sb/interstitial/sweep/default/stories/1/js/jquery.min.js IP 188.114.96.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:00 Last Seen2024-06-03 18:38:41 Times Seen71227 Hash c9f5aeeca3ad37bf2aa006139b935f0a 1055018c28ab41087ef9ccefe411606893dabea2 87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de Loading...

	www.google-analytics.com/analytics.js	4.7 kB	2023-04-11	2024-06-03
Pretty URL www.google-analytics.com/analytics.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-04-11 21:07:53 Last Seen2024-06-03 18:41:39 Times Seen359620 Hash f24128d0c9cba7be2916c693427a3483 1b6397d496ea896ebc2018b01b995cee4f166029 58173de4697da1a218f04c3a783a733bab4e769ceabc37cd42da9dc3e036a7e8 Loading...

	nguonchillb.com/nguoi-bat-tu-victor-vu-f30332.html	9.4 kB	2023-03-14	2024-06-02
Pretty URL nguonchillb.com/nguoi-bat-tu-victor-vu-f30332.html IP 94.242.50.163 ASN #43317 SIA VEESP Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-14 11:01:34 Last Seen2024-06-02 04:24:00 Times Seen61 Hash 1fbb5a1c0db77beb2e5697fa2e4f2ba9 d50e55939259b9a1e60ba06e8aa6dbcbbe9b4f0b 20b7d396ca4d7747326ac67a5c06f5ca1b6391f794e8125b3583040e61c5c105 Loading...

	nguonchillb.com/themes/np/js/jquery.showmore.src.js	1.0 kB	2023-03-13	2024-06-02
Pretty URL nguonchillb.com/themes/np/js/jquery.showmore.src.js IP 94.242.50.163 ASN #43317 SIA VEESP Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 02:25:00 Last Seen2024-06-02 04:24:00 Times Seen164 Hash f67d16dc855157012280d1b8d2d0ac55 4eaa66120111bb8cb4c21884c647bf609ef3a7a5 89a7b91f92a0583bcfabc3dc0347bfb78822ebe75d229fb766ae2fdc6e7e0d28 Loading...

	nguonchillb.com/assets/3bd14e95/jquery.min.js	97 kB	2023-03-07	2024-06-03
Pretty URL nguonchillb.com/assets/3bd14e95/jquery.min.js IP 94.242.50.163 ASN #43317 SIA VEESP Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:06:51 Last Seen2024-06-03 12:21:58 Times Seen2628 Hash 0fca26b5a37a66d68d0f4406976be4b5 ee000eb654b3bd37185665d3901e93b34ce1aa52 8c2812ded6436715279f8fd8db58de307aa39ab0296fe3cf0e879067c51e9b18 Loading...

	moz-extension://374908d2-0475-4f5d-b9f6-d1abf756a6ed/lib/shim_messaging_helper.js	1.7 kB	2023-05-05	2024-06-03
Pretty URL moz-extension://374908d2-0475-4f5d-b9f6-d1abf756a6ed/lib/shim_messaging_helper.js IP 0.0.0.0 ASN #0 Introduced by Embedded in HTML false Observations First Seen2023-05-05 22:33:37 Last Seen2024-06-03 17:56:56 Times Seen47737 Hash 865f01cbb34eb505834e826380d7dc2e c239ccc37191f1be78dfaa6bb3f1da5d314fdf9e 30ed6392b8de4590bd974a4a797ee0b12b382f2141738115bfd2d692cfa6ec17 Loading...

	connect.facebook.net/vi_VN/sdk.js#xfbml=1&version=v4.0&appId=638726026897009	17 kB	2023-05-05	2024-06-03
Pretty URL connect.facebook.net/vi_VN/sdk.js#xfbml=1&version=v4.0&appId=638726026897009 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-05-05 22:33:37 Last Seen2024-06-03 17:56:56 Times Seen47173 Hash b938e0b835c600209bdaae9d8ccda6d7 d5ee79d277057e05f002a18381722b5eb75d3883 d1b95aeb57c3285042e1e24c00cc56a8560d16daf7ee5cdfd5c75296b21ac91b Loading...

	downstairsnegotiatebarren.com/sfp.js	86 kB	2024-03-29	2024-05-17
Pretty URL downstairsnegotiatebarren.com/sfp.js IP 188.114.97.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-03-29 13:13:34 Last Seen2024-05-17 14:49:08 Times Seen3553 Hash f4a2f8f9f99541c6f105bbd0a025bd40 1f8e3eff12168fdd9e719adfc098d24a45b6916a b717cb04231a10d425fd55b73c85a5407119c6826a8bac94142fddfff6958716 Loading...

	www.googletagmanager.com/gtag/js?id=UA-228470674-1	209 kB	2024-05-10	2024-05-10
Pretty URL www.googletagmanager.com/gtag/js?id=UA-228470674-1 IP 142.250.74.168 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2024-05-10 19:00:13 Last Seen2024-05-10 19:00:14 Times Seen2 Hash 7539f6543f6654980081cc997b22fe64 5d6274dda43305bee3dfde4bc58fd348fe1e32f2 6b78695d476ab935ba035937f9f9f2ecaa74c48353acff9b409802a3b7129cd9 Loading...

	www.googletagmanager.com/gtag/js?id=G-3RRF2WKVFP&l=dataLayer&cx=c	250 kB	2024-05-10	2024-05-10
Pretty URL www.googletagmanager.com/gtag/js?id=G-3RRF2WKVFP&l=dataLayer&cx=c IP 142.250.74.168 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2024-05-10 19:00:13 Last Seen2024-05-10 19:00:14 Times Seen2 Hash b9ccb8f86f648fd5494d4b1a913d9b90 154e389fcc4c2ccdcecc8a2fece800b8bc20d596 109b4947899dab2d994b8db3db2c7b644bc0e594975b26c7e6df22ef73129542 Loading...

	nguonchillb.com/themes/np/js/jquery.nice-select.js	6.0 kB	2023-03-07	2024-06-02
Pretty URL nguonchillb.com/themes/np/js/jquery.nice-select.js IP 94.242.50.163 ASN #43317 SIA VEESP Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:02:53 Last Seen2024-06-02 04:24:00 Times Seen131 Hash 723e741faba72abfb0e56b6e0f8a73d8 ba71788614e8e11dbeeebdcac9037b57e7a69ce4 39f6514264e1603542b6aa38ba44c3be0aa7bbdef56ed139d74fe75e24e642fa Loading...

	nguonchillb.com/themes/np/js/jquery.magnific-popup.min.js	20 kB	2023-03-07	2024-06-03
Pretty URL nguonchillb.com/themes/np/js/jquery.magnific-popup.min.js IP 94.242.50.163 ASN #43317 SIA VEESP Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:21 Last Seen2024-06-03 18:20:30 Times Seen6291 Hash b37d7edf99565d3858eaa1ad80df3cff 786a4343711e9af5e5dfcc493e7d2331b48875bb b0a45cd5aed66e27bd8ee861d0e3b782c8e79849bde32f90f078b9f2451a36f2 Loading...

	nguonchillb.com/nguoi-bat-tu-victor-vu-f30332.html	2.0 kB	2024-03-06	2024-05-13
Pretty URL nguonchillb.com/nguoi-bat-tu-victor-vu-f30332.html IP 94.242.50.163 ASN #43317 SIA VEESP Introduced by scriptElement Embedded in HTML true Observations First Seen2024-03-06 18:44:11 Last Seen2024-05-13 13:40:04 Times Seen26 Hash fcadb5c8efae5c6a31b8811c0c0190ad 5fe0964556d6d600cddead526fee612292b27b3e 2354a6d75cd0de1884b028ddb8b09706c63dc4a6be142f296d335ab1548acf8a Loading...

	unknown	437 B	2024-05-09	2024-05-13
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2024-05-09 16:13:48 Last Seen2024-05-13 13:40:03 Times Seen3 Hash 98db4f1ed8fb0089abf2f3d499c613b5 3b8a4a19db99a89bde02c8bfcc24dfdefc238252 8dc7f153f380db4c3c56947247cefc7269ad1f8c99daa96b4d17d21749a3df9c Loading...

	chokedsmelt.com/5b/28/bb/5b28bb3338748187b2166508de2d96b3.js	44 kB	2024-05-10	2024-05-10
Pretty URL chokedsmelt.com/5b/28/bb/5b28bb3338748187b2166508de2d96b3.js IP 172.240.108.84 ASN #7979 SERVERS-COM Introduced by scriptElement Embedded in HTML false Observations First Seen2024-05-10 19:00:14 Last Seen2024-05-10 19:00:14 Times Seen2 Hash 1c7bfef26a2b45b5211eb4d54b7cac81 7e4080b8f8590c6cd08bb0f3ae4132710f447dee dbc022b99f7e69dcecf8dcfcdcf0ae0e72907be936993cceeb88e997158b3770 Loading...

HTTP Transactions (87)

URL IP Response Size

nguonchillb.com/site/site/embed/?url=https://nguonchillb.com/nguoi-bat-tu-victor-vu-f30332.html

94.242.50.163

0 B

URL
nguonchillb.com/site/site/embed/?url=https://nguonchillb.com/nguoi-bat-tu-victor-vu-f30332.html
IP
94.242.50.163:0
ASN
#43317 SIA VEESP

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /site/site/embed/?url=https://nguonchillb.com/nguoi-bat-tu-victor-vu-f30332.html HTTP/1.1
Host: nguonchillb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 301 Moved Permanently
Date: Fri, 10 May 2024 16:59:37 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.0.33
X-Powered-By: PHP/7.0.33
Set-Cookie: PHPSESSID=dfhq2l5cl64v3rmsmej3uel2t2; path=/
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Location: http://nguonchillb.com/site/site/embed/?url=https://nguonchillb.com/nguoi-bat-tu-victor-vu-f30332.html
X-UA-Compatible: IE=edge,chrome=1
Content-Length: 0
Connection: close
Content-Type: text/html; charset=UTF-8

nguonchillb.com/site/site/embed/?url=https://nguonchillb.com/nguoi-bat-tu-victor-vu-f30332.html

94.242.50.163

723 B

URL
nguonchillb.com/site/site/embed/?url=https://nguonchillb.com/nguoi-bat-tu-victor-vu-f30332.html
IP
94.242.50.163:0
ASN
#43317 SIA VEESP

File type
HTML document, Unicode text, UTF-8 text, with CRLF, LF line terminators
Size
723 B (723 bytes)
Hash
7c635b2190f57794de2957a698cf6d95
f15b7e3896c6256355b4f1893f732fa89744079c
88b01710020e0ac94316672a8bedfa3b4eedb384192abededbfaabc39af895d4

HTTP Headers

GET /site/site/embed/?url=https://nguonchillb.com/nguoi-bat-tu-victor-vu-f30332.html HTTP/1.1
Host: nguonchillb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Cookie: PHPSESSID=dfhq2l5cl64v3rmsmej3uel2t2
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 10 May 2024 16:59:37 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.0.33
X-Powered-By: PHP/7.0.33
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Set-Cookie: us_session_id=P89924; expires=Sat, 11-May-2024 16:59:37 GMT; Max-Age=86400; path=/
Vary: Accept-Encoding
Content-Encoding: gzip
X-UA-Compatible: IE=edge,chrome=1
Content-Length: 723
Connection: close
Content-Type: text/html; charset=UTF-8

nguonchillb.com/assets/3bd14e95/jquery.min.js

94.242.50.163

200 OK

34 kB

URL GET HTTP/1.1
nguonchillb.com/assets/3bd14e95/jquery.min.js
IP
94.242.50.163:80
ASN
#43317 SIA VEESP

Requested by
http://nguonchillb.com/nguoi-bat-tu-victor-vu-f30332.html

File type
JavaScript source, ASCII text, with very long lines (32077)
Size
34 kB (33693 bytes)
Hash
0fca26b5a37a66d68d0f4406976be4b5
ee000eb654b3bd37185665d3901e93b34ce1aa52
8c2812ded6436715279f8fd8db58de307aa39ab0296fe3cf0e879067c51e9b18

HTTP Headers

GET /assets/3bd14e95/jquery.min.js HTTP/1.1
Host: nguonchillb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://nguonchillb.com/site/site/embed/?url=https://nguonchillb.com/nguoi-bat-tu-victor-vu-f30332.html
Cookie: PHPSESSID=dfhq2l5cl64v3rmsmej3uel2t2; us_session_id=P89924
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 10 May 2024 16:59:37 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.0.33
Last-Modified: Wed, 30 Nov 2022 09:07:34 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: max-age=31536000, proxy-revalidate
Expires: Sat, 10 May 2025 16:59:37 GMT
Content-Length: 33693
Connection: close
Content-Type: application/javascript; charset=utf-8

m3.nguonphim.net/media/images/1/favi/favicon-1498701606.png

94.242.50.163

200 OK

18 kB

URL GET HTTP/1.1
m3.nguonphim.net/media/images/1/favi/favicon-1498701606.png
IP
94.242.50.163:80
ASN
#43317 SIA VEESP

Requested by
http://nguonchillb.com/nguoi-bat-tu-victor-vu-f30332.html

File type
PNG image data, 46 x 48, 8-bit/color RGBA, non-interlaced
Size
18 kB (17873 bytes)
Hash
e6f4a93efe2d93e885abcbb4cc09cd4a
e4f94b9e95b40e30b215228316bb7f8c48d08ed2
93b7bbea433aa41f6efb860d3d9777d363f9e64fc1ad4186cd9ef525bbee9c94

HTTP Headers

GET /media/images/1/favi/favicon-1498701606.png HTTP/1.1
Host: m3.nguonphim.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://nguonchillb.com/
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 10 May 2024 16:59:37 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.0.33
Last-Modified: Wed, 05 Jul 2017 04:14:59 GMT
ETag: "45d1-5538a3e52eb40"
Accept-Ranges: bytes
Content-Length: 17873
Cache-Control: max-age=5184000, public
Expires: Tue, 09 Jul 2024 16:59:37 GMT
Access-Control-Allow-Origin: *
Connection: close
Content-Type: image/png

nguonchillb.com/nguoi-bat-tu-victor-vu-f30332.html

94.242.50.163

301 Moved Permanently

0 B

URL User Request GET HTTP/1.1
nguonchillb.com/nguoi-bat-tu-victor-vu-f30332.html
IP
94.242.50.163:443
ASN
#43317 SIA VEESP

Certificate
IssuerLet's Encrypt
Subjectnguonchillb.com
FingerprintB3:B5:AC:A2:AE:01:F5:95:23:26:F9:C9:95:78:9A:6D:F4:8D:24:44
ValidityTue, 02 Apr 2024 08:48:46 GMT - Mon, 01 Jul 2024 08:48:45 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /nguoi-bat-tu-victor-vu-f30332.html HTTP/1.1
Host: nguonchillb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://nguonchillb.com/
Cookie: PHPSESSID=dfhq2l5cl64v3rmsmej3uel2t2; us_session_id=P89924
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 301 Moved Permanently
Date: Fri, 10 May 2024 16:59:38 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.0.33
X-Powered-By: PHP/7.0.33
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Location: http://nguonchillb.com/nguoi-bat-tu-victor-vu-f30332.html
X-UA-Compatible: IE=edge,chrome=1
Content-Length: 0
Connection: close
Content-Type: text/html; charset=UTF-8

nguonchillb.com/nguoi-bat-tu-victor-vu-f30332.html

94.242.50.163

301 Moved Permanently

17 kB

URL User Request GET HTTP/1.1
nguonchillb.com/nguoi-bat-tu-victor-vu-f30332.html
IP
94.242.50.163:443
ASN
#43317 SIA VEESP

Certificate
IssuerLet's Encrypt
Subjectnguonchillb.com
FingerprintB3:B5:AC:A2:AE:01:F5:95:23:26:F9:C9:95:78:9A:6D:F4:8D:24:44
ValidityTue, 02 Apr 2024 08:48:46 GMT - Mon, 01 Jul 2024 08:48:45 GMT

File type
HTML document, Unicode text, UTF-8 text, with very long lines (492), with CRLF, LF line terminators
Size
17 kB (16760 bytes)
Hash
c43b73195573585e3da4d255c948fb9c
f4ec846f5f43b862a505d65c221516448c933c80
deb58b6009b2e00c67bcdbb59b1b7845fb297eef2047c3daba590d2e52f73db1

HTTP Headers

GET /nguoi-bat-tu-victor-vu-f30332.html HTTP/1.1
Host: nguonchillb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://nguonchillb.com/
DNT: 1
Connection: keep-alive
Cookie: PHPSESSID=dfhq2l5cl64v3rmsmej3uel2t2; us_session_id=P89924
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 10 May 2024 16:59:38 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.0.33
X-Powered-By: PHP/7.0.33
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: Accept-Encoding
Content-Encoding: gzip
X-UA-Compatible: IE=edge,chrome=1
Content-Length: 16760
Connection: close
Content-Type: text/html; charset=UTF-8

nguonchillb.com/themes/np/js/owl.carousel.min.js

94.242.50.163

200 OK

6.5 kB

URL GET HTTP/1.1
nguonchillb.com/themes/np/js/owl.carousel.min.js
IP
94.242.50.163:80
ASN
#43317 SIA VEESP

Requested by
http://nguonchillb.com/nguoi-bat-tu-victor-vu-f30332.html

File type
JavaScript source, ASCII text, with very long lines (635), with CRLF line terminators
Size
6.5 kB (6464 bytes)
Hash
8c52f27fcac36c7667f8fb846e1e94d5
e5862559db659ffd530c91452d668c5e7b3f0f2d
6c1e31700f68d1666de6b0992e89d413434707718bf729a472404029845bdbad

HTTP Headers

GET /themes/np/js/owl.carousel.min.js HTTP/1.1
Host: nguonchillb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://nguonchillb.com/nguoi-bat-tu-victor-vu-f30332.html
Cookie: PHPSESSID=dfhq2l5cl64v3rmsmej3uel2t2; us_session_id=P89924
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 10 May 2024 16:59:38 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.0.33
Last-Modified: Fri, 19 Jan 2018 09:15:03 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: max-age=31536000, proxy-revalidate
Expires: Sat, 10 May 2025 16:59:38 GMT
Content-Length: 6464
Connection: close
Content-Type: application/javascript; charset=utf-8

nguonchillb.com/themes/np/js/jquery.nice-select.js

94.242.50.163

200 OK

1.5 kB

URL GET HTTP/1.1
nguonchillb.com/themes/np/js/jquery.nice-select.js
IP
94.242.50.163:80
ASN
#43317 SIA VEESP

Requested by
http://nguonchillb.com/nguoi-bat-tu-victor-vu-f30332.html

File type
JavaScript source, Unicode text, UTF-8 text, with CRLF line terminators
Size
1.5 kB (1538 bytes)
Hash
723e741faba72abfb0e56b6e0f8a73d8
ba71788614e8e11dbeeebdcac9037b57e7a69ce4
39f6514264e1603542b6aa38ba44c3be0aa7bbdef56ed139d74fe75e24e642fa

HTTP Headers

GET /themes/np/js/jquery.nice-select.js HTTP/1.1
Host: nguonchillb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://nguonchillb.com/nguoi-bat-tu-victor-vu-f30332.html
Cookie: PHPSESSID=dfhq2l5cl64v3rmsmej3uel2t2; us_session_id=P89924
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 10 May 2024 16:59:38 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.0.33
Last-Modified: Fri, 19 Jan 2018 09:15:03 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: max-age=31536000, proxy-revalidate
Expires: Sat, 10 May 2025 16:59:38 GMT
Content-Length: 1538
Connection: close
Content-Type: application/javascript; charset=utf-8

nguonchillb.com/themes/np/js/wow.min.js

94.242.50.163

200 OK

2.7 kB

URL GET HTTP/1.1
nguonchillb.com/themes/np/js/wow.min.js
IP
94.242.50.163:80
ASN
#43317 SIA VEESP

Requested by
http://nguonchillb.com/nguoi-bat-tu-victor-vu-f30332.html

File type
JavaScript source, ASCII text, with very long lines (8385), with CRLF line terminators
Size
2.7 kB (2742 bytes)
Hash
e1f1ff6897992a9165e8ce009b4039e3
e297207404fea99863aea60a1dcd3770f8ecddee
37461d9b50fd93b2e6d064c4aa48cbc16d5b1e82c27f47270b87a39225cc00ac

HTTP Headers

GET /themes/np/js/wow.min.js HTTP/1.1
Host: nguonchillb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://nguonchillb.com/nguoi-bat-tu-victor-vu-f30332.html
Cookie: PHPSESSID=dfhq2l5cl64v3rmsmej3uel2t2; us_session_id=P89924
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 10 May 2024 16:59:38 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.0.33
Last-Modified: Fri, 19 Jan 2018 09:15:03 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: max-age=31536000, proxy-revalidate
Expires: Sat, 10 May 2025 16:59:38 GMT
Content-Length: 2742
Connection: close
Content-Type: application/javascript; charset=utf-8

nguonchillb.com/themes/np/js/bootstrap.min.js

94.242.50.163

200 OK

9.7 kB

URL GET HTTP/1.1
nguonchillb.com/themes/np/js/bootstrap.min.js
IP
94.242.50.163:80
ASN
#43317 SIA VEESP

Requested by
http://nguonchillb.com/nguoi-bat-tu-victor-vu-f30332.html

File type
JavaScript source, ASCII text, with very long lines (32034), with CRLF line terminators
Size
9.7 kB (9726 bytes)
Hash
e7d9a06cf9053c51cd4ad3386da0659a
e45bf1054704a1fdfc4ee2713a16bf9283dea995
9a3724b2051a82064c923cbd68343dcb04014adac3ccb8c4d8ac6a31ba2e12cd

HTTP Headers

GET /themes/np/js/bootstrap.min.js HTTP/1.1
Host: nguonchillb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://nguonchillb.com/nguoi-bat-tu-victor-vu-f30332.html
Cookie: PHPSESSID=dfhq2l5cl64v3rmsmej3uel2t2; us_session_id=P89924
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 10 May 2024 16:59:38 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.0.33
Last-Modified: Fri, 19 Jan 2018 09:15:02 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: max-age=31536000, proxy-revalidate
Expires: Sat, 10 May 2025 16:59:38 GMT
Content-Length: 9726
Connection: close
Content-Type: application/javascript; charset=utf-8

nguonchillb.com/assets/3bd14e95/jquery.min.js

94.242.50.163

200 OK

34 kB

URL GET HTTP/1.1
nguonchillb.com/assets/3bd14e95/jquery.min.js
IP
94.242.50.163:80
ASN
#43317 SIA VEESP

Requested by
http://nguonchillb.com/nguoi-bat-tu-victor-vu-f30332.html

File type
JavaScript source, ASCII text, with very long lines (32077)
Size
34 kB (33693 bytes)
Hash
0fca26b5a37a66d68d0f4406976be4b5
ee000eb654b3bd37185665d3901e93b34ce1aa52
8c2812ded6436715279f8fd8db58de307aa39ab0296fe3cf0e879067c51e9b18

HTTP Headers

GET /assets/3bd14e95/jquery.min.js HTTP/1.1
Host: nguonchillb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://nguonchillb.com/nguoi-bat-tu-victor-vu-f30332.html
Cookie: PHPSESSID=dfhq2l5cl64v3rmsmej3uel2t2; us_session_id=P89924
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 10 May 2024 16:59:38 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.0.33
Last-Modified: Wed, 30 Nov 2022 09:07:34 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: max-age=31536000, proxy-revalidate
Expires: Sat, 10 May 2025 16:59:38 GMT
Content-Length: 33693
Connection: close
Content-Type: application/javascript; charset=utf-8

nguonchillb.com/themes/np/js/jquery.showmore.src.js

94.242.50.163

200 OK

434 B

URL GET HTTP/1.1
nguonchillb.com/themes/np/js/jquery.showmore.src.js
IP
94.242.50.163:80
ASN
#43317 SIA VEESP

Requested by
http://nguonchillb.com/nguoi-bat-tu-victor-vu-f30332.html

File type
JavaScript source, ASCII text, with very long lines (432)
Size
434 B (434 bytes)
Hash
f67d16dc855157012280d1b8d2d0ac55
4eaa66120111bb8cb4c21884c647bf609ef3a7a5
89a7b91f92a0583bcfabc3dc0347bfb78822ebe75d229fb766ae2fdc6e7e0d28

HTTP Headers

GET /themes/np/js/jquery.showmore.src.js HTTP/1.1
Host: nguonchillb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://nguonchillb.com/nguoi-bat-tu-victor-vu-f30332.html
Cookie: PHPSESSID=dfhq2l5cl64v3rmsmej3uel2t2; us_session_id=P89924
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 10 May 2024 16:59:38 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.0.33
Last-Modified: Fri, 19 Jan 2018 09:15:03 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: max-age=31536000, proxy-revalidate
Expires: Sat, 10 May 2025 16:59:38 GMT
Content-Length: 434
Connection: close
Content-Type: application/javascript; charset=utf-8

nguonchillb.com/themes/np/js/jquery.magnific-popup.min.js

94.242.50.163

200 OK

7.3 kB

URL GET HTTP/1.1
nguonchillb.com/themes/np/js/jquery.magnific-popup.min.js
IP
94.242.50.163:80
ASN
#43317 SIA VEESP

Requested by
http://nguonchillb.com/nguoi-bat-tu-victor-vu-f30332.html

File type
JavaScript source, ASCII text, with very long lines (20087), with CRLF line terminators
Size
7.3 kB (7346 bytes)
Hash
b37d7edf99565d3858eaa1ad80df3cff
786a4343711e9af5e5dfcc493e7d2331b48875bb
b0a45cd5aed66e27bd8ee861d0e3b782c8e79849bde32f90f078b9f2451a36f2

HTTP Headers

GET /themes/np/js/jquery.magnific-popup.min.js HTTP/1.1
Host: nguonchillb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://nguonchillb.com/nguoi-bat-tu-victor-vu-f30332.html
Cookie: PHPSESSID=dfhq2l5cl64v3rmsmej3uel2t2; us_session_id=P89924
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 10 May 2024 16:59:39 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.0.33
Last-Modified: Fri, 19 Jan 2018 09:15:03 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: max-age=31536000, proxy-revalidate
Expires: Sat, 10 May 2025 16:59:39 GMT
Content-Length: 7346
Connection: close
Content-Type: application/javascript; charset=utf-8

nguonchillb.com/themes/np/css/color.css?v=np2.4.8.2

94.242.50.163

200 OK

80 kB

URL GET HTTP/1.1
nguonchillb.com/themes/np/css/color.css?v=np2.4.8.2
IP
94.242.50.163:80
ASN
#43317 SIA VEESP

Requested by
http://nguonchillb.com/nguoi-bat-tu-victor-vu-f30332.html

File type
Unicode text, UTF-8 (with BOM) text, with very long lines (65533), with no line terminators
Size
80 kB (80132 bytes)
Hash
9ccfae82c1f9be3cf7c148a39228f53c
9abd7857d28f34c5007b11ee53d2818482775163
d962cf8c297e2b013c20dadac3f99d1af50957de8e1d1de8b4ea960fbd6fd7b6

HTTP Headers

GET /themes/np/css/color.css?v=np2.4.8.2 HTTP/1.1
Host: nguonchillb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://nguonchillb.com/nguoi-bat-tu-victor-vu-f30332.html
Cookie: PHPSESSID=dfhq2l5cl64v3rmsmej3uel2t2; us_session_id=P89924
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 10 May 2024 16:59:38 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.0.33
Last-Modified: Wed, 30 Nov 2022 08:58:35 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: max-age=31536000, proxy-revalidate
Expires: Sat, 10 May 2025 16:59:38 GMT
Connection: close
Transfer-Encoding: chunked
Content-Type: text/css; charset=utf-8

nguonchillb.com/js/main.min.js?v=2.4.8.2

94.242.50.163

200 OK

5.6 kB

URL GET HTTP/1.1
nguonchillb.com/js/main.min.js?v=2.4.8.2
IP
94.242.50.163:80
ASN
#43317 SIA VEESP

Requested by
http://nguonchillb.com/nguoi-bat-tu-victor-vu-f30332.html

File type
JavaScript source, Unicode text, UTF-8 text, with very long lines (17159)
Size
5.6 kB (5620 bytes)
Hash
2f3514d630f0195787c0f99778202f3c
2ce2883a59c655b8e02d644a1449fcdfdf604486
23b47b8eb144a359fdd87940db44e0420e7e0062f3cbba762e0e22c35afb3749

HTTP Headers

GET /js/main.min.js?v=2.4.8.2 HTTP/1.1
Host: nguonchillb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://nguonchillb.com/nguoi-bat-tu-victor-vu-f30332.html
Cookie: PHPSESSID=dfhq2l5cl64v3rmsmej3uel2t2; us_session_id=P89924
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 10 May 2024 16:59:39 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.0.33
Last-Modified: Sat, 02 May 2020 19:55:57 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: max-age=31536000, proxy-revalidate
Expires: Sat, 10 May 2025 16:59:39 GMT
Content-Length: 5620
Connection: close
Content-Type: application/javascript; charset=utf-8

nguonchillb.com/images/headshot-placeholder.png

94.242.50.163

200 OK

3.4 kB

URL GET HTTP/1.1
nguonchillb.com/images/headshot-placeholder.png
IP
94.242.50.163:80
ASN
#43317 SIA VEESP

Requested by
http://nguonchillb.com/nguoi-bat-tu-victor-vu-f30332.html

File type
PNG image data, 252 x 345, 8-bit/color RGB, non-interlaced
Size
3.4 kB (3412 bytes)
Hash
25fa9ab09a307f1332ebaf0e5b59e033
060f94c03f4f1d34cc99de9f86f335a5a2abaaed
e721eaf6440c791758ba62c1dc1e5dc2be909264b658afd34b6cc3ca3de9287d

HTTP Headers

GET /images/headshot-placeholder.png HTTP/1.1
Host: nguonchillb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://nguonchillb.com/nguoi-bat-tu-victor-vu-f30332.html
Cookie: PHPSESSID=dfhq2l5cl64v3rmsmej3uel2t2; us_session_id=P89924
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 10 May 2024 16:59:39 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.0.33
Last-Modified: Thu, 04 Jan 2018 07:48:49 GMT
Accept-Ranges: bytes
Content-Length: 3412
Cache-Control: max-age=2592000, public
Expires: Sun, 09 Jun 2024 16:59:39 GMT
Connection: close
Content-Type: image/png

m3.nguonphim.net/media/images/4/logo.png

94.242.50.163

200 OK

16 kB

URL GET HTTP/1.1
m3.nguonphim.net/media/images/4/logo.png
IP
94.242.50.163:80
ASN
#43317 SIA VEESP

Requested by
http://nguonchillb.com/nguoi-bat-tu-victor-vu-f30332.html

File type
PNG image data, 280 x 94, 8-bit/color RGBA, non-interlaced
Size
16 kB (15696 bytes)
Hash
6e12d870d9aebf2230f92a6fb0abf91e
f84aa519902c97d5581e123a977a964b107b5b39
de47df21115fcf985a37917e6681dc8648566a7807769e414f52a59f3033ee5a

HTTP Headers

GET /media/images/4/logo.png HTTP/1.1
Host: m3.nguonphim.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://nguonchillb.com/
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 10 May 2024 16:59:39 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.0.33
Last-Modified: Thu, 04 May 2023 04:11:49 GMT
ETag: "3d50-5fad65f19af8d"
Accept-Ranges: bytes
Content-Length: 15696
Cache-Control: max-age=5184000, public
Expires: Tue, 09 Jul 2024 16:59:39 GMT
Access-Control-Allow-Origin: *
Connection: close
Content-Type: image/png

m3.nguonhay.com/media/images/film/vp/s350_700/cau-chuyen-bat-diet-1589907409.jpg

94.242.50.163

200 OK

49 kB

URL GET HTTP/1.1
m3.nguonhay.com/media/images/film/vp/s350_700/cau-chuyen-bat-diet-1589907409.jpg
IP
94.242.50.163:80
ASN
#43317 SIA VEESP

Requested by
http://nguonchillb.com/nguoi-bat-tu-victor-vu-f30332.html

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, progressive, precision 8, 320x453, components 3
Size
49 kB (48612 bytes)
Hash
72ad26d862596ec0619bb8c18311afd5
29d7c2ae583d495cc171de9a4b045a36a5dad7de
11fcb7003889da31f7338f83b4284cfe3513ea5bf3ea6145ad4093245eba979d

HTTP Headers

GET /media/images/film/vp/s350_700/cau-chuyen-bat-diet-1589907409.jpg HTTP/1.1
Host: m3.nguonhay.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://nguonchillb.com/
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 10 May 2024 16:59:39 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.0.33
Last-Modified: Thu, 11 Jun 2020 15:57:17 GMT
ETag: "bde4-5a7d103d3328b"
Accept-Ranges: bytes
Content-Length: 48612
Cache-Control: max-age=5184000, public
Expires: Tue, 09 Jul 2024 16:59:39 GMT
Access-Control-Allow-Origin: *
Connection: close
Content-Type: image/jpeg

m3.nguonhay.com/media/images/film/blp/s350_700/kiem-tien-o-day-1656932591.jpg

94.242.50.163

200 OK

93 kB

URL GET HTTP/1.1
m3.nguonhay.com/media/images/film/blp/s350_700/kiem-tien-o-day-1656932591.jpg
IP
94.242.50.163:80
ASN
#43317 SIA VEESP

Requested by
http://nguonchillb.com/nguoi-bat-tu-victor-vu-f30332.html

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 350x469, components 3
Size
93 kB (93344 bytes)
Hash
fc6319faf0707c540713c92495da2eaa
0f464a75db0c6d9709ebcfc080ecd2b7b5fae105
a9767be9a9321b4a57e623eccbfee7208c9c5015377ec7871c2c27ec16f802ed

HTTP Headers

GET /media/images/film/blp/s350_700/kiem-tien-o-day-1656932591.jpg HTTP/1.1
Host: m3.nguonhay.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://nguonchillb.com/
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 10 May 2024 16:59:39 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.0.33
Last-Modified: Mon, 04 Jul 2022 11:05:00 GMT
ETag: "16ca0-5e2f8b5063c78"
Accept-Ranges: bytes
Content-Length: 93344
Cache-Control: max-age=5184000, public
Expires: Tue, 09 Jul 2024 16:59:39 GMT
Access-Control-Allow-Origin: *
Connection: close
Content-Type: image/jpeg

m3.nguonhay.com/media/images/film/pbhorg/s350_700/bat-thuong-tai-truong-phep-thuat-co-gai-trieu-hoi-nhung-vi-sao-1558017118.jpg

94.242.50.163

200 OK

42 kB

URL GET HTTP/1.1
m3.nguonhay.com/media/images/film/pbhorg/s350_700/bat-thuong-tai-truong-phep-thuat-co-gai-trieu-hoi-nhung-vi-sao-1558017118.jpg
IP
94.242.50.163:80
ASN
#43317 SIA VEESP

Requested by
http://nguonchillb.com/nguoi-bat-tu-victor-vu-f30332.html

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 150x150, segment length 16, progressive, precision 8, 260x369, components 3
Size
42 kB (41552 bytes)
Hash
fb0aae247822a382710ce1c347d3c4bd
91f2bf62ff5b327cca83227fe8244d6ff0a5dfe0
48a74c7f21779dba1d4babe239addd6731d9c9c0cd49773a6b36dcf2531d919b

HTTP Headers

GET /media/images/film/pbhorg/s350_700/bat-thuong-tai-truong-phep-thuat-co-gai-trieu-hoi-nhung-vi-sao-1558017118.jpg HTTP/1.1
Host: m3.nguonhay.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://nguonchillb.com/
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 10 May 2024 16:59:39 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.0.33
Last-Modified: Thu, 11 Jun 2020 13:49:42 GMT
ETag: "a250-5a7cf3b8d1ef6"
Accept-Ranges: bytes
Content-Length: 41552
Cache-Control: max-age=5184000, public
Expires: Tue, 09 Jul 2024 16:59:39 GMT
Access-Control-Allow-Origin: *
Connection: close
Content-Type: image/jpeg

www.googletagmanager.com/gtag/js?id=UA-228470674-1

142.250.74.168

200 OK

75 kB

URL GET HTTP/2
www.googletagmanager.com/gtag/js?id=UA-228470674-1
IP
142.250.74.168:443
ASN
#15169 GOOGLE

Requested by
http://nguonchillb.com/nguoi-bat-tu-victor-vu-f30332.html
Certificate
IssuerGoogle Trust Services LLC
Subject*.google-analytics.com
Fingerprint93:6B:D2:9D:92:BE:2D:D8:02:67:82:83:5E:EF:A3:F9:13:F3:26:AE
ValidityTue, 16 Apr 2024 03:18:45 GMT - Tue, 09 Jul 2024 03:18:44 GMT

File type
JavaScript source, ASCII text, with very long lines (4179)
Size
75 kB (75050 bytes)
Hash
7539f6543f6654980081cc997b22fe64
5d6274dda43305bee3dfde4bc58fd348fe1e32f2
6b78695d476ab935ba035937f9f9f2ecaa74c48353acff9b409802a3b7129cd9

HTTP Headers

GET /gtag/js?id=UA-228470674-1 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://nguonchillb.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Fri, 10 May 2024 16:59:39 GMT
expires: Fri, 10 May 2024 16:59:39 GMT
cache-control: private, max-age=900
last-modified: Fri, 10 May 2024 15:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 75050
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

m3.nguonhay.com/media/images/film/bio/s350_700/chim-boi-ca-1665899828.jpg

94.242.50.163

200 OK

87 kB

URL GET HTTP/1.1
m3.nguonhay.com/media/images/film/bio/s350_700/chim-boi-ca-1665899828.jpg
IP
94.242.50.163:80
ASN
#43317 SIA VEESP

Requested by
http://nguonchillb.com/nguoi-bat-tu-victor-vu-f30332.html

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, progressive, precision 8, 350x438, components 3
Size
87 kB (86614 bytes)
Hash
cdb099f8426bd971ac65260f52a7c035
549e05f3215272e4a12832eaf94504d694383bec
e46c8ded7ae8965e2881e946441d5a65cfb6937e9f97d1351c70658c5818ba88

HTTP Headers

GET /media/images/film/bio/s350_700/chim-boi-ca-1665899828.jpg HTTP/1.1
Host: m3.nguonhay.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://nguonchillb.com/
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 10 May 2024 16:59:39 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.0.33
Last-Modified: Mon, 24 Oct 2022 16:27:41 GMT
ETag: "15256-5ebca453fbe31"
Accept-Ranges: bytes
Content-Length: 86614
Cache-Control: max-age=5184000, public
Expires: Tue, 09 Jul 2024 16:59:39 GMT
Access-Control-Allow-Origin: *
Connection: close
Content-Type: image/jpeg

m3.nguonhay.com/media/images/film/hup/s350_700/nhat-ky-thuong-ngay-cua-tien-vuong-phan-2-1636885500.jpg

94.242.50.163

200 OK

64 kB

URL GET HTTP/1.1
m3.nguonhay.com/media/images/film/hup/s350_700/nhat-ky-thuong-ngay-cua-tien-vuong-phan-2-1636885500.jpg
IP
94.242.50.163:80
ASN
#43317 SIA VEESP

Requested by
http://nguonchillb.com/nguoi-bat-tu-victor-vu-f30332.html

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 350x467, components 3
Size
64 kB (64161 bytes)
Hash
cb8fdab32093fbea2c42a7886cd8bf9f
87a03e6a8dd6a497b9ab8f647f040e8ca8750830
17ac62b6062b10d9d3602173fee521187996a41a49e183f5e8535f2dfecd1538

HTTP Headers

GET /media/images/film/hup/s350_700/nhat-ky-thuong-ngay-cua-tien-vuong-phan-2-1636885500.jpg HTTP/1.1
Host: m3.nguonhay.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://nguonchillb.com/
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 10 May 2024 16:59:39 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.0.33
Last-Modified: Sun, 14 Nov 2021 10:25:08 GMT
ETag: "faa1-5d0bd1b44debd"
Accept-Ranges: bytes
Content-Length: 64161
Cache-Control: max-age=5184000, public
Expires: Tue, 09 Jul 2024 16:59:39 GMT
Access-Control-Allow-Origin: *
Connection: close
Content-Type: image/jpeg

m3.nguonhay.com/media/images/film/blp/s350_700/tram-vun-huong-phai-phan-2-tram-huong-trong-hoa-1660892621.jpg

94.242.50.163

200 OK

65 kB

URL GET HTTP/1.1
m3.nguonhay.com/media/images/film/blp/s350_700/tram-vun-huong-phai-phan-2-tram-huong-trong-hoa-1660892621.jpg
IP
94.242.50.163:80
ASN
#43317 SIA VEESP

Requested by
http://nguonchillb.com/nguoi-bat-tu-victor-vu-f30332.html

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 350x622, components 3
Size
65 kB (65417 bytes)
Hash
fe90e27d6c660aa52de8f8d6b7a831db
6d801affea154c7107f1aeb95d7802881f23808d
216926a5e72c5011fb9b4373553bb0adfcf88a7451316333b06b7e94ba9df7bd

HTTP Headers

GET /media/images/film/blp/s350_700/tram-vun-huong-phai-phan-2-tram-huong-trong-hoa-1660892621.jpg HTTP/1.1
Host: m3.nguonhay.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://nguonchillb.com/
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 10 May 2024 16:59:39 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.0.33
Last-Modified: Fri, 19 Aug 2022 07:03:58 GMT
ETag: "ff89-5e692b3bddc96"
Accept-Ranges: bytes
Content-Length: 65417
Cache-Control: max-age=5184000, public
Expires: Tue, 09 Jul 2024 16:59:39 GMT
Access-Control-Allow-Origin: *
Connection: close
Content-Type: image/jpeg

nguontv.com/media/vn02.jpg

94.242.50.163

200 OK

52 kB

URL GET HTTP/1.1
nguontv.com/media/vn02.jpg
IP
94.242.50.163:80
ASN
#43317 SIA VEESP

Requested by
http://nguonchillb.com/nguoi-bat-tu-victor-vu-f30332.html

File type
JPEG image data, progressive, precision 8, 400x300, components 3
Size
52 kB (51852 bytes)
Hash
dfa57a5b5804336f78b1fc7ab5d0346d
832189153c9a5f23293da826eed7867e7e3836f4
b1c09b4d08344c3d7c5367f0c821bda7195ddd7a8c169febb04f9960142c5517

HTTP Headers

GET /media/vn02.jpg HTTP/1.1
Host: nguontv.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://nguonchillb.com/
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 10 May 2024 16:59:39 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.0.33
Last-Modified: Tue, 02 Jan 2024 07:37:13 GMT
Accept-Ranges: bytes
Content-Length: 51852
Cache-Control: max-age=2592000
Expires: Sun, 09 Jun 2024 16:59:39 GMT
Connection: close
Content-Type: image/jpeg

fonts.googleapis.com/css?family=Open+Sans:300,300i,400,400i,600,600i,700,700i,800,800i|Roboto:100,100i,300,300i,400,400i,500,500i,700,700i,900,900i&subset=latin-ext,vietnamese

142.250.74.106

200 OK

92 kB

URL GET HTTP/3
fonts.googleapis.com/css?family=Open+Sans:300,300i,400,400i,600,600i,700,700i,800,800i|Roboto:100,100i,300,300i,400,400i,500,500i,700,700i,900,900i&subset=latin-ext,vietnamese
IP
142.250.74.106:443
ASN
#15169 GOOGLE

Requested by
http://nguonchillb.com/nguoi-bat-tu-victor-vu-f30332.html
Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint36:49:20:36:0C:4D:DA:55:65:64:23:0F:49:3E:FA:78:87:35:A3:79
ValidityTue, 16 Apr 2024 04:17:12 GMT - Tue, 09 Jul 2024 04:17:11 GMT

File type
gzip compressed data, max compression
Size
92 kB (91581 bytes)
Hash
dae639867cd6d1d3f1eed3e88a3f5436
4456ba97884e185670ed2c35a939aaff7e3c3215
1c6eebd10c3b6cacec33cf0d28e9d7e65ba87474ed77aad1765a4ab23ccf863c

HTTP Headers

GET /css?family=Open+Sans:300,300i,400,400i,600,600i,700,700i,800,800i|Roboto:100,100i,300,300i,400,400i,500,500i,700,700i,900,900i&subset=latin-ext,vietnamese HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://nguonchillb.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Fri, 10 May 2024 16:59:39 GMT
date: Fri, 10 May 2024 16:59:39 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

m3.nguonhay.com/media/images/film/ff/s350_700/the-gioi-hoan-my-1619204356.jpg

94.242.50.163

200 OK

45 kB

URL GET HTTP/1.1
m3.nguonhay.com/media/images/film/ff/s350_700/the-gioi-hoan-my-1619204356.jpg
IP
94.242.50.163:80
ASN
#43317 SIA VEESP

Requested by
http://nguonchillb.com/nguoi-bat-tu-victor-vu-f30332.html

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, progressive, precision 8, 238x344, components 3
Size
45 kB (44925 bytes)
Hash
5e060cae43f33fc6ee9baa645c696f8e
9ac7805332b99d6e27afff6d96d47d72a0369fc8
ed17139b51f4cb501cfa17c692cc257437127fa92980851547df75f6402f13c0

HTTP Headers

GET /media/images/film/ff/s350_700/the-gioi-hoan-my-1619204356.jpg HTTP/1.1
Host: m3.nguonhay.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://nguonchillb.com/
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 10 May 2024 16:59:39 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.0.33
Last-Modified: Fri, 23 Apr 2021 18:59:22 GMT
ETag: "af7d-5c0a864d52e4d"
Accept-Ranges: bytes
Content-Length: 44925
Cache-Control: max-age=5184000, public
Expires: Tue, 09 Jul 2024 16:59:39 GMT
Access-Control-Allow-Origin: *
Connection: close
Content-Type: image/jpeg

m3.nguonhay.com/media/images/film/pol/s350_700/vo-than-chua-te-1583765005.jpg

94.242.50.163

200 OK

70 kB

URL GET HTTP/1.1
m3.nguonhay.com/media/images/film/pol/s350_700/vo-than-chua-te-1583765005.jpg
IP
94.242.50.163:80
ASN
#43317 SIA VEESP

Requested by
http://nguonchillb.com/nguoi-bat-tu-victor-vu-f30332.html

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, progressive, precision 8, 300x426, components 3
Size
70 kB (70369 bytes)
Hash
fabd25bf58c53cf84b93d09b16a5dab1
44d008211bf7a481cb35b3187b825f54e7c9631c
06138ff6cdd143a248a3b31bbcb4e88ee295c0d11a987a60b9f0c4043fee79e0

HTTP Headers

GET /media/images/film/pol/s350_700/vo-than-chua-te-1583765005.jpg HTTP/1.1
Host: m3.nguonhay.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://nguonchillb.com/
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 10 May 2024 16:59:39 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.0.33
Last-Modified: Fri, 12 Jun 2020 07:03:11 GMT
ETag: "112e1-5a7ddab8b8f40"
Accept-Ranges: bytes
Content-Length: 70369
Cache-Control: max-age=5184000, public
Expires: Tue, 09 Jul 2024 16:59:39 GMT
Access-Control-Allow-Origin: *
Connection: close
Content-Type: image/jpeg

m3.nguonhay.com/media/images/film/bio/s350_700/han-chi-chiet-bat-doan-1697090631.jpg

94.242.50.163

200 OK

37 kB

URL GET HTTP/1.1
m3.nguonhay.com/media/images/film/bio/s350_700/han-chi-chiet-bat-doan-1697090631.jpg
IP
94.242.50.163:80
ASN
#43317 SIA VEESP

Requested by
http://nguonchillb.com/nguoi-bat-tu-victor-vu-f30332.html

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 300x422, components 3
Size
37 kB (37056 bytes)
Hash
0ed5912e743fcbf82e81cabf85ce2919
3f45d6a55ce87a6be7bc378f0d6860269ee1ae30
845eef65fbbfd083632b4ce62d88adbb380195e346d630bf1a25123535fe0bca

HTTP Headers

GET /media/images/film/bio/s350_700/han-chi-chiet-bat-doan-1697090631.jpg HTTP/1.1
Host: m3.nguonhay.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://nguonchillb.com/
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 10 May 2024 16:59:39 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.0.33
Last-Modified: Thu, 12 Oct 2023 16:56:30 GMT
ETag: "90c0-60787d2465e51"
Accept-Ranges: bytes
Content-Length: 37056
Cache-Control: max-age=5184000, public
Expires: Tue, 09 Jul 2024 16:59:39 GMT
Access-Control-Allow-Origin: *
Connection: close
Content-Type: image/jpeg

m3.nguonhay.com/media/images/film/oph/s350_700/than-an-1702296699.jpg

94.242.50.163

200 OK

77 kB

URL GET HTTP/1.1
m3.nguonhay.com/media/images/film/oph/s350_700/than-an-1702296699.jpg
IP
94.242.50.163:80
ASN
#43317 SIA VEESP

Requested by
http://nguonchillb.com/nguoi-bat-tu-victor-vu-f30332.html

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 350x525, components 3
Size
77 kB (76748 bytes)
Hash
4fcb7834354d7b33680caef4b7bc0691
f086ad4b4f56479416394491cdc93f67ecd5ced6
8b49e2fbfa82ed66c34125750efa5baff513371e0f85cccfd0dee1f658d593e6

HTTP Headers

GET /media/images/film/oph/s350_700/than-an-1702296699.jpg HTTP/1.1
Host: m3.nguonhay.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://nguonchillb.com/
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 10 May 2024 16:59:39 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.0.33
Last-Modified: Mon, 11 Dec 2023 12:56:36 GMT
ETag: "12bcc-60c3b76cfbe19"
Accept-Ranges: bytes
Content-Length: 76748
Cache-Control: max-age=5184000, public
Expires: Tue, 09 Jul 2024 16:59:39 GMT
Access-Control-Allow-Origin: *
Connection: close
Content-Type: image/jpeg

m3.nguonhay.com/media/images/qrcode/30332.png

94.242.50.163

200 OK

593 B

URL GET HTTP/1.1
m3.nguonhay.com/media/images/qrcode/30332.png
IP
94.242.50.163:80
ASN
#43317 SIA VEESP

Requested by
http://nguonchillb.com/nguoi-bat-tu-victor-vu-f30332.html

File type
PNG image data, 390 x 390, 1-bit colormap, non-interlaced
Size
593 B (593 bytes)
Hash
c14ab412c14334d30d2183e63a74a977
7ef072df982290c968581df825b1ac0a96698311
c99e40723c83389374dad89a9079aa7a32dce87363b782b9e32ffefce90f9335

HTTP Headers

GET /media/images/qrcode/30332.png HTTP/1.1
Host: m3.nguonhay.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://nguonchillb.com/
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 10 May 2024 16:59:39 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.0.33
Last-Modified: Mon, 29 Mar 2021 08:51:13 GMT
ETag: "251-5bea8fbe5d8fe"
Accept-Ranges: bytes
Content-Length: 593
Cache-Control: max-age=5184000, public
Expires: Tue, 09 Jul 2024 16:59:39 GMT
Access-Control-Allow-Origin: *
Connection: close
Content-Type: image/png

m3.nguonhay.com/media/images/film/newcover/2017/11/s350_700/3-1511142281.jpg

94.242.50.163

200 OK

49 kB

URL GET HTTP/1.1
m3.nguonhay.com/media/images/film/newcover/2017/11/s350_700/3-1511142281.jpg
IP
94.242.50.163:80
ASN
#43317 SIA VEESP

Requested by
http://nguonchillb.com/nguoi-bat-tu-victor-vu-f30332.html

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, progressive, precision 8, 350x490, components 3
Size
49 kB (49143 bytes)
Hash
37e2ce269e393403a4dcc075d897fe93
32a46d7e25e9846721d44e005e63143762764b80
c0a355be3765a4be1c0f6eafa2adde5d82c34a311c6b26441a047405203857c6

HTTP Headers

GET /media/images/film/newcover/2017/11/s350_700/3-1511142281.jpg HTTP/1.1
Host: m3.nguonhay.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://nguonchillb.com/
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 10 May 2024 16:59:39 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.0.33
Last-Modified: Thu, 11 Jun 2020 15:57:18 GMT
ETag: "bff7-5a7d103d8e778"
Accept-Ranges: bytes
Content-Length: 49143
Cache-Control: max-age=5184000, public
Expires: Tue, 09 Jul 2024 16:59:39 GMT
Access-Control-Allow-Origin: *
Connection: close
Content-Type: image/jpeg

m3.nguonhay.com/media/images/film/newcover/2021/6/s350_700/vua-hai-tac-1624252456.jpg

94.242.50.163

200 OK

102 kB

URL GET HTTP/1.1
m3.nguonhay.com/media/images/film/newcover/2021/6/s350_700/vua-hai-tac-1624252456.jpg
IP
94.242.50.163:80
ASN
#43317 SIA VEESP

Requested by
http://nguonchillb.com/nguoi-bat-tu-victor-vu-f30332.html

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 350x525, components 3
Size
102 kB (102471 bytes)
Hash
f3b3235be303bcdd8806ee587f879d0a
c5cfc2f2b686184a9bb5d8495268fb62e685d17c
f365d987c622865d1bac410f3814dabce383d1dd2d961f00aafaf256b251c42e

HTTP Headers

GET /media/images/film/newcover/2021/6/s350_700/vua-hai-tac-1624252456.jpg HTTP/1.1
Host: m3.nguonhay.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://nguonchillb.com/
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 10 May 2024 16:59:39 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.0.33
Last-Modified: Mon, 21 Jun 2021 05:14:17 GMT
ETag: "19047-5c53fbebf16b6"
Accept-Ranges: bytes
Content-Length: 102471
Cache-Control: max-age=5184000, public
Expires: Tue, 09 Jul 2024 16:59:39 GMT
Access-Control-Allow-Origin: *
Connection: close
Content-Type: image/jpeg

m3.nguonhay.com/media/images/film/newcover/2019/6/s350_700/nguoi-bat-tu-victor-vu-1561052935.jpg

94.242.50.163

200 OK

51 kB

URL GET HTTP/1.1
m3.nguonhay.com/media/images/film/newcover/2019/6/s350_700/nguoi-bat-tu-victor-vu-1561052935.jpg
IP
94.242.50.163:80
ASN
#43317 SIA VEESP

Requested by
http://nguonchillb.com/nguoi-bat-tu-victor-vu-f30332.html

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, progressive, precision 8, 350x495, components 3
Size
51 kB (51209 bytes)
Hash
85e020808be0ae33641a60328c766594
3255cf17703f75e8d7daa4ae6cc69f190a03be70
17e277a7f889e147fd502c3a73bcea043ac863ff2cf6fbb4b210dfce5d376f16

HTTP Headers

GET /media/images/film/newcover/2019/6/s350_700/nguoi-bat-tu-victor-vu-1561052935.jpg HTTP/1.1
Host: m3.nguonhay.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://nguonchillb.com/
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 10 May 2024 16:59:39 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.0.33
Last-Modified: Thu, 11 Jun 2020 15:56:41 GMT
ETag: "c809-5a7d101acf496"
Accept-Ranges: bytes
Content-Length: 51209
Cache-Control: max-age=5184000, public
Expires: Tue, 09 Jul 2024 16:59:39 GMT
Access-Control-Allow-Origin: *
Connection: close
Content-Type: image/jpeg

nguonchillb.com/themes/np/images/icon-search-menu.png

94.242.50.163

200 OK

1.2 kB

URL GET HTTP/1.1
nguonchillb.com/themes/np/images/icon-search-menu.png
IP
94.242.50.163:80
ASN
#43317 SIA VEESP

Requested by
http://nguonchillb.com/nguoi-bat-tu-victor-vu-f30332.html

File type
PNG image data, 19 x 19, 8-bit/color RGBA, non-interlaced
Size
1.2 kB (1229 bytes)
Hash
e573652e7d75f6471431e9fd48ca706c
ef9de78ae35eb6d6f3e04744612c7bed87c3a5ee
49cd4ed8ef5f3b960bdb9a9024f1b4a83b96e39425a339fd1afc2486709c432b

HTTP Headers

GET /themes/np/images/icon-search-menu.png HTTP/1.1
Host: nguonchillb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://nguonchillb.com/themes/np/css/color.css?v=np2.4.8.2
Cookie: PHPSESSID=dfhq2l5cl64v3rmsmej3uel2t2; us_session_id=P89924
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 10 May 2024 16:59:39 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.0.33
Last-Modified: Fri, 19 Jan 2018 09:15:00 GMT
Accept-Ranges: bytes
Content-Length: 1229
Cache-Control: max-age=2592000, public
Expires: Sun, 09 Jun 2024 16:59:39 GMT
Connection: close
Content-Type: image/png

m3.nguonhay.com/media/images/film/pbhorg/s350_700/tham-tu-lung-danh-conan-1557326913.jpg

94.242.50.163

200 OK

45 kB

URL GET HTTP/1.1
m3.nguonhay.com/media/images/film/pbhorg/s350_700/tham-tu-lung-danh-conan-1557326913.jpg
IP
94.242.50.163:80
ASN
#43317 SIA VEESP

Requested by
http://nguonchillb.com/nguoi-bat-tu-victor-vu-f30332.html

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 150x150, segment length 16, progressive, precision 8, 260x347, components 3
Size
45 kB (45402 bytes)
Hash
8ced08e7b62efe23bea01168c9399c72
7c66826892ff32a7c3f9e789be97aace77880406
535aa00d31dc786d285b6fbcd9f6c3c75ea41f32dafbe6d0b3c55a62302e6e82

HTTP Headers

GET /media/images/film/pbhorg/s350_700/tham-tu-lung-danh-conan-1557326913.jpg HTTP/1.1
Host: m3.nguonhay.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://nguonchillb.com/
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 10 May 2024 16:59:39 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.0.33
Last-Modified: Thu, 11 Jun 2020 16:52:59 GMT
ETag: "b15a-5a7d1cafed8c3"
Accept-Ranges: bytes
Content-Length: 45402
Cache-Control: max-age=5184000, public
Expires: Tue, 09 Jul 2024 16:59:39 GMT
Access-Control-Allow-Origin: *
Connection: close
Content-Type: image/jpeg

fonts.googleapis.com/css?family=Montserrat:100,100i,200,200i,300,300i,400,400i,500,500i,600,600i,700,700i,800,800i,900,900i

142.250.74.106

200 OK

78 kB

URL GET HTTP/3
fonts.googleapis.com/css?family=Montserrat:100,100i,200,200i,300,300i,400,400i,500,500i,600,600i,700,700i,800,800i,900,900i
IP
142.250.74.106:443
ASN
#15169 GOOGLE

Requested by
http://nguonchillb.com/nguoi-bat-tu-victor-vu-f30332.html
Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint36:49:20:36:0C:4D:DA:55:65:64:23:0F:49:3E:FA:78:87:35:A3:79
ValidityTue, 16 Apr 2024 04:17:12 GMT - Tue, 09 Jul 2024 04:17:11 GMT

File type
gzip compressed data, max compression
Size
78 kB (78159 bytes)
Hash
fec61307c7814b015d494dc5d986ece6
12967a0675752aa5751e50b79c597fccb80a2ceb
be1e808b36a0e5ee666af92685c83c87cb1a4fadff1ed80ee503f95599412d85

HTTP Headers

GET /css?family=Montserrat:100,100i,200,200i,300,300i,400,400i,500,500i,600,600i,700,700i,800,800i,900,900i HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://nguonchillb.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Fri, 10 May 2024 16:59:39 GMT
date: Fri, 10 May 2024 16:59:39 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

m3.nguonhay.com/media/images/film/hup/s350_700/gui-em-nguoi-con-gai-bat-tu-1618310194.jpg

94.242.50.163

200 OK

74 kB

URL GET HTTP/1.1
m3.nguonhay.com/media/images/film/hup/s350_700/gui-em-nguoi-con-gai-bat-tu-1618310194.jpg
IP
94.242.50.163:80
ASN
#43317 SIA VEESP

Requested by
http://nguonchillb.com/nguoi-bat-tu-victor-vu-f30332.html

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 350x550, components 3
Size
74 kB (74004 bytes)
Hash
ccadd73db0117436333b5ff96d558723
ed47058a53fc11c44936771f21491a8e8ce60756
9f2bb055b03241a152dd7beb3aaa30f0364e359c213f114b6638d19cd9523740

HTTP Headers

GET /media/images/film/hup/s350_700/gui-em-nguoi-con-gai-bat-tu-1618310194.jpg HTTP/1.1
Host: m3.nguonhay.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://nguonchillb.com/
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 10 May 2024 16:59:39 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.0.33
Last-Modified: Tue, 13 Apr 2021 10:36:37 GMT
ETag: "12114-5bfd8346e2ca6"
Accept-Ranges: bytes
Content-Length: 74004
Cache-Control: max-age=5184000, public
Expires: Tue, 09 Jul 2024 16:59:39 GMT
Access-Control-Allow-Origin: *
Connection: close
Content-Type: image/jpeg

chokedsmelt.com/5b/28/bb/5b28bb3338748187b2166508de2d96b3.js

172.240.108.84

200 OK

16 kB

URL GET HTTP/1.1
chokedsmelt.com/5b/28/bb/5b28bb3338748187b2166508de2d96b3.js
IP
172.240.108.84:80
ASN
#7979 SERVERS-COM

Requested by
http://nguonchillb.com/nguoi-bat-tu-victor-vu-f30332.html

File type
JavaScript source, ASCII text, with very long lines (44069), with no line terminators
Size
16 kB (15819 bytes)
Hash
1c7bfef26a2b45b5211eb4d54b7cac81
7e4080b8f8590c6cd08bb0f3ae4132710f447dee
dbc022b99f7e69dcecf8dcfcdcf0ae0e72907be936993cceeb88e997158b3770

HTTP Headers

GET /5b/28/bb/5b28bb3338748187b2166508de2d96b3.js HTTP/1.1
Host: chokedsmelt.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://nguonchillb.com/
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Fri, 10 May 2024 16:59:39 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: a406c37697df255cc8650e5a6a71f13d
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip

m3.nguonhay.com/media/images/film/pbhorg/s350_700/nu-than-bat-diet-1563091396.jpg

94.242.50.163

200 OK

30 kB

URL GET HTTP/1.1
m3.nguonhay.com/media/images/film/pbhorg/s350_700/nu-than-bat-diet-1563091396.jpg
IP
94.242.50.163:80
ASN
#43317 SIA VEESP

Requested by
http://nguonchillb.com/nguoi-bat-tu-victor-vu-f30332.html

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, progressive, precision 8, 260x346, components 3
Size
30 kB (29976 bytes)
Hash
a0790982515dcde6f6fc58b69a8d8e1b
d69876af078e4fe210a885954c4762c5e709d9ea
cfb4fd613695ab5c5ac4bcfe00e384c946ac8a0ce1f0f34f97cde43e2c4d779a

HTTP Headers

GET /media/images/film/pbhorg/s350_700/nu-than-bat-diet-1563091396.jpg HTTP/1.1
Host: m3.nguonhay.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://nguonchillb.com/
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 10 May 2024 16:59:39 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.0.33
Last-Modified: Thu, 11 Jun 2020 13:14:38 GMT
ETag: "7518-5a7cebe1b5d09"
Accept-Ranges: bytes
Content-Length: 29976
Cache-Control: max-age=5184000, public
Expires: Tue, 09 Jul 2024 16:59:39 GMT
Access-Control-Allow-Origin: *
Connection: close
Content-Type: image/jpeg

m3.nguonhay.com/media/images/film/ff/s350_700/thon-tinh-bau-troi-1621105151.jpg

94.242.50.163

200 OK

68 kB

URL GET HTTP/1.1
m3.nguonhay.com/media/images/film/ff/s350_700/thon-tinh-bau-troi-1621105151.jpg
IP
94.242.50.163:80
ASN
#43317 SIA VEESP

Requested by
http://nguonchillb.com/nguoi-bat-tu-victor-vu-f30332.html

File type
JPEG image data, JFIF standard 1.01, resolution (DPCM), density 37x37, segment length 16, progressive, precision 8, 238x344, components 3
Size
68 kB (67818 bytes)
Hash
8cfd556a89476327b497c6ee028c7337
225b9ceb3cf6add4cb53106bbe94f52dd1aa35ca
ae9291c36d210d1d78588b9d5696c9f3210c41f557707c53beddeed491359882

HTTP Headers

GET /media/images/film/ff/s350_700/thon-tinh-bau-troi-1621105151.jpg HTTP/1.1
Host: m3.nguonhay.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://nguonchillb.com/
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 10 May 2024 16:59:39 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.0.33
Last-Modified: Sat, 15 May 2021 18:59:23 GMT
ETag: "108ea-5c262f56702a8"
Accept-Ranges: bytes
Content-Length: 67818
Cache-Control: max-age=5184000, public
Expires: Tue, 09 Jul 2024 16:59:39 GMT
Access-Control-Allow-Origin: *
Connection: close
Content-Type: image/jpeg

m3.nguonhay.com/media/images/film/vp/s350_700/tinh-yeu-bat-hu-1589587463.jpg

94.242.50.163

200 OK

28 kB

URL GET HTTP/1.1
m3.nguonhay.com/media/images/film/vp/s350_700/tinh-yeu-bat-hu-1589587463.jpg
IP
94.242.50.163:80
ASN
#43317 SIA VEESP

Requested by
http://nguonchillb.com/nguoi-bat-tu-victor-vu-f30332.html

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, progressive, precision 8, 320x472, components 3
Size
28 kB (28145 bytes)
Hash
cdbde3ba8f03cb252f81e1494d165f54
7714ea5d480e1182a919084ade05d77158ea614e
ec17d9b2fb41cc353e943635a625da794646ae605ce484aa76cddb8bd61209b9

HTTP Headers

GET /media/images/film/vp/s350_700/tinh-yeu-bat-hu-1589587463.jpg HTTP/1.1
Host: m3.nguonhay.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://nguonchillb.com/
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 10 May 2024 16:59:39 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.0.33
Last-Modified: Thu, 11 Jun 2020 15:57:17 GMT
ETag: "6df1-5a7d103d3af8b"
Accept-Ranges: bytes
Content-Length: 28145
Cache-Control: max-age=5184000, public
Expires: Tue, 09 Jul 2024 16:59:39 GMT
Access-Control-Allow-Origin: *
Connection: close
Content-Type: image/jpeg

fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu7GxKOzY.woff2

142.250.74.99

200 OK

12 kB

URL GET HTTP/2
fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu7GxKOzY.woff2
IP
142.250.74.99:443
ASN
#15169 GOOGLE

Requested by
http://nguonchillb.com/nguoi-bat-tu-victor-vu-f30332.html
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint15:DD:05:B3:2F:D8:E3:54:C9:B4:FA:E4:AC:01:ED:C8:E1:EA:A7:AD
ValidityTue, 16 Apr 2024 04:17:07 GMT - Tue, 09 Jul 2024 04:17:06 GMT

File type
Web Open Font Format (Version 2), TrueType, length 11872, version 1.0
Size
12 kB (11872 bytes)
Hash
87ace20058325aa069320aa4af875dff
b743548770c46d905ae1ba06310bc001c587fe8e
3c23eb02de6b34e30f18cfb7167abd81a2cedfd1da60dfcb71989517ab3fb431

HTTP Headers

GET /s/roboto/v30/KFOmCnqEu92Fr1Mu7GxKOzY.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://nguonchillb.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 11872
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 10 May 2024 07:34:57 GMT
expires: Sat, 10 May 2025 07:34:57 GMT
cache-control: public, max-age=31536000
age: 33882
last-modified: Wed, 11 May 2022 19:25:01 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSCmu1aB.woff2

142.250.74.99

200 OK

17 kB

URL GET HTTP/2
fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSCmu1aB.woff2
IP
142.250.74.99:443
ASN
#15169 GOOGLE

Requested by
http://nguonchillb.com/nguoi-bat-tu-victor-vu-f30332.html
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint15:DD:05:B3:2F:D8:E3:54:C9:B4:FA:E4:AC:01:ED:C8:E1:EA:A7:AD
ValidityTue, 16 Apr 2024 04:17:07 GMT - Tue, 09 Jul 2024 04:17:06 GMT

File type
Web Open Font Format (Version 2), TrueType, length 16552, version 1.0
Size
17 kB (16552 bytes)
Hash
283c40f79deab0300df8b3ffd86dfc7b
2ef09414a573ac59f4b37e81c8b8a881244b345f
35e5eea83f2e5f2bad1213aa4b4aef30a380720e35c1821f19bc894f8e61e406

HTTP Headers

GET /s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSCmu1aB.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://nguonchillb.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 16552
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 09 May 2024 01:49:41 GMT
expires: Fri, 09 May 2025 01:49:41 GMT
cache-control: public, max-age=31536000
age: 140998
last-modified: Thu, 14 Dec 2023 02:08:40 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.googleapis.com/css?family=Roboto+Condensed:300,300i,400,400i,700,700i&subset=latin-ext,vietnamese

142.250.74.106

200 OK

129 kB

URL GET HTTP/3
fonts.googleapis.com/css?family=Roboto+Condensed:300,300i,400,400i,700,700i&subset=latin-ext,vietnamese
IP
142.250.74.106:443
ASN
#15169 GOOGLE

Requested by
http://nguonchillb.com/nguoi-bat-tu-victor-vu-f30332.html
Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint36:49:20:36:0C:4D:DA:55:65:64:23:0F:49:3E:FA:78:87:35:A3:79
ValidityTue, 16 Apr 2024 04:17:12 GMT - Tue, 09 Jul 2024 04:17:11 GMT

File type
gzip compressed data, max compression
Size
129 kB (129193 bytes)
Hash
423fb017d1ca1e693a6caa254102f568
08c66881471d3945cfa41ed99cc74679e546b8dd
30f88ac5706a7d9448d0c4cb1c4a4a4a0097ecf9576d163db10cf22547eeb3e0

HTTP Headers

GET /css?family=Roboto+Condensed:300,300i,400,400i,700,700i&subset=latin-ext,vietnamese HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://nguonchillb.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Fri, 10 May 2024 16:59:39 GMT
date: Fri, 10 May 2024 16:59:39 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSGmu1aB.woff2

142.250.74.99

200 OK

35 kB

URL GET HTTP/2
fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSGmu1aB.woff2
IP
142.250.74.99:443
ASN
#15169 GOOGLE

Requested by
http://nguonchillb.com/nguoi-bat-tu-victor-vu-f30332.html
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint15:DD:05:B3:2F:D8:E3:54:C9:B4:FA:E4:AC:01:ED:C8:E1:EA:A7:AD
ValidityTue, 16 Apr 2024 04:17:07 GMT - Tue, 09 Jul 2024 04:17:06 GMT

File type
Web Open Font Format (Version 2), TrueType, length 35328, version 1.0
Size
35 kB (35328 bytes)
Hash
7670dba29aa2a1560c5d711ea6f6b369
6a2a620d2972f139c804c5a8363c91eb1a7595f6
adfa45260a1306cb5fefc1f17c1b5e7b61135534a82bf1b8e3d0540af7e07e3b

HTTP Headers

GET /s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSGmu1aB.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://nguonchillb.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 35328
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 09 May 2024 17:27:30 GMT
expires: Fri, 09 May 2025 17:27:30 GMT
cache-control: public, max-age=31536000
age: 84729
last-modified: Thu, 14 Dec 2023 02:00:45 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfCxc4EsA.woff2

142.250.74.99

200 OK

5.5 kB

URL GET HTTP/2
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfCxc4EsA.woff2
IP
142.250.74.99:443
ASN
#15169 GOOGLE

Requested by
http://nguonchillb.com/nguoi-bat-tu-victor-vu-f30332.html
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint15:DD:05:B3:2F:D8:E3:54:C9:B4:FA:E4:AC:01:ED:C8:E1:EA:A7:AD
ValidityTue, 16 Apr 2024 04:17:07 GMT - Tue, 09 Jul 2024 04:17:06 GMT

File type
Web Open Font Format (Version 2), TrueType, length 5548, version 1.0
Size
5.5 kB (5548 bytes)
Hash
cdaab83619fcacd4027a77c99dd51e69
9e6eae8554f8cc2309b2dae2d9fa217e34eed6a4
4ec57f2a80b91090971b83970230ca09ab3568c5f5b224896ca9aa6180a76aa9

HTTP Headers

GET /s/roboto/v30/KFOlCnqEu92Fr1MmWUlfCxc4EsA.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://nguonchillb.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 5548
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 10 May 2024 00:41:08 GMT
expires: Sat, 10 May 2025 00:41:08 GMT
cache-control: public, max-age=31536000
age: 58711
last-modified: Wed, 11 May 2022 19:24:45 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

142.250.74.99

200 OK

16 kB

URL GET HTTP/2
fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
IP
142.250.74.99:443
ASN
#15169 GOOGLE

Requested by
http://nguonchillb.com/nguoi-bat-tu-victor-vu-f30332.html
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint15:DD:05:B3:2F:D8:E3:54:C9:B4:FA:E4:AC:01:ED:C8:E1:EA:A7:AD
ValidityTue, 16 Apr 2024 04:17:07 GMT - Tue, 09 Jul 2024 04:17:06 GMT

File type
Web Open Font Format (Version 2), TrueType, length 15744, version 1.0
Size
16 kB (15744 bytes)
Hash
15d9f621c3bd1599f0169dcf0bd5e63e
7ca9c5967f3bb8bffeab24b639b49c1e7d03fa52
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

HTTP Headers

GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://nguonchillb.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15744
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 10 May 2024 06:08:19 GMT
expires: Sat, 10 May 2025 06:08:19 GMT
cache-control: public, max-age=31536000
age: 39080
last-modified: Wed, 11 May 2022 19:24:48 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu7WxKOzY.woff2

142.250.74.99

200 OK

5.6 kB

URL GET HTTP/2
fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu7WxKOzY.woff2
IP
142.250.74.99:443
ASN
#15169 GOOGLE

Requested by
http://nguonchillb.com/nguoi-bat-tu-victor-vu-f30332.html
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint15:DD:05:B3:2F:D8:E3:54:C9:B4:FA:E4:AC:01:ED:C8:E1:EA:A7:AD
ValidityTue, 16 Apr 2024 04:17:07 GMT - Tue, 09 Jul 2024 04:17:06 GMT

File type
Web Open Font Format (Version 2), TrueType, length 5560, version 1.0
Size
5.6 kB (5560 bytes)
Hash
ca3b09b62fda648a4511700413313fd0
109cd4c5435bd6614391bb8722c47c287c96b2ec
77b24796a3d4ab521f66765651875338ed50cb9306cfe4603a3e79618e429cec

HTTP Headers

GET /s/roboto/v30/KFOmCnqEu92Fr1Mu7WxKOzY.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://nguonchillb.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 5560
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 09 May 2024 01:52:42 GMT
expires: Fri, 09 May 2025 01:52:42 GMT
cache-control: public, max-age=31536000
age: 140817
last-modified: Wed, 11 May 2022 19:24:41 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

142.250.74.99

200 OK

16 kB

URL GET HTTP/2
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
IP
142.250.74.99:443
ASN
#15169 GOOGLE

Requested by
http://nguonchillb.com/nguoi-bat-tu-victor-vu-f30332.html
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint15:DD:05:B3:2F:D8:E3:54:C9:B4:FA:E4:AC:01:ED:C8:E1:EA:A7:AD
ValidityTue, 16 Apr 2024 04:17:07 GMT - Tue, 09 Jul 2024 04:17:06 GMT

File type
Web Open Font Format (Version 2), TrueType, length 15860, version 1.0
Size
16 kB (15860 bytes)
Hash
e9f5aaf547f165386cd313b995dddd8e
acdef5603c2387b0e5bffd744b679a24a8bc1968
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

HTTP Headers

GET /s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://nguonchillb.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15860
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 07 May 2024 10:46:32 GMT
expires: Wed, 07 May 2025 10:46:32 GMT
cache-control: public, max-age=31536000
age: 281587
last-modified: Wed, 11 May 2022 19:24:42 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

m3.nguonhay.com/media/images/film/ff/s350_700/vu-em-tien-ton-di-o-re-1625943628.jpg

94.242.50.163

200 OK

57 kB

URL GET HTTP/1.1
m3.nguonhay.com/media/images/film/ff/s350_700/vu-em-tien-ton-di-o-re-1625943628.jpg
IP
94.242.50.163:80
ASN
#43317 SIA VEESP

Requested by
http://nguonchillb.com/nguoi-bat-tu-victor-vu-f30332.html

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, progressive, precision 8, 238x344, components 3
Size
57 kB (56680 bytes)
Hash
52e937627731ee482282ff229ca7493f
35b5b9f32d09aa6ad92e91d12e24a4128e8ec873
efd5cba3e20484238830ee30748a17813f4ade6444fa17a75c044a518752ea9e

HTTP Headers

GET /media/images/film/ff/s350_700/vu-em-tien-ton-di-o-re-1625943628.jpg HTTP/1.1
Host: m3.nguonhay.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://nguonchillb.com/
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 10 May 2024 16:59:39 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.0.33
Last-Modified: Sat, 10 Jul 2021 19:00:32 GMT
ETag: "dd68-5c6c980a88936"
Accept-Ranges: bytes
Content-Length: 56680
Cache-Control: max-age=5184000, public
Expires: Tue, 09 Jul 2024 16:59:39 GMT
Access-Control-Allow-Origin: *
Connection: close
Content-Type: image/jpeg

fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

142.250.74.99

200 OK

48 kB

URL GET HTTP/2
fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
IP
142.250.74.99:443
ASN
#15169 GOOGLE

Requested by
http://nguonchillb.com/nguoi-bat-tu-victor-vu-f30332.html
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint15:DD:05:B3:2F:D8:E3:54:C9:B4:FA:E4:AC:01:ED:C8:E1:EA:A7:AD
ValidityTue, 16 Apr 2024 04:17:07 GMT - Tue, 09 Jul 2024 04:17:06 GMT

File type
Web Open Font Format (Version 2), TrueType, length 48236, version 1.0
Size
48 kB (48236 bytes)
Hash
015c126a3520c9a8f6a27979d0266e96
2acf956561d44434a6d84204670cf849d3215d5f
3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa

HTTP Headers

GET /s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://nguonchillb.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 48236
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 04 May 2024 04:59:42 GMT
expires: Sun, 04 May 2025 04:59:42 GMT
cache-control: public, max-age=31536000
last-modified: Thu, 14 Dec 2023 02:08:40 GMT
content-type: font/woff2
age: 561597
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

downstairsnegotiatebarren.com/sfp.js

188.114.97.1

301 Moved Permanently

167 B

URL GET HTTP/1.1
downstairsnegotiatebarren.com/sfp.js
IP
188.114.97.1:80
ASN
#13335 CLOUDFLARENET

Requested by
http://nguonchillb.com/nguoi-bat-tu-victor-vu-f30332.html

File type
HTML document, ASCII text, with CRLF line terminators
Size
167 B (167 bytes)
Hash
0104c301c5e02bd6148b8703d19b3a73
7436e0b4b1f8c222c38069890b75fa2baf9ca620
446a6087825fa73eadb045e5a2e9e2adf7df241b571228187728191d961dda1f

HTTP Headers

GET /sfp.js HTTP/1.1
Host: downstairsnegotiatebarren.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://nguonchillb.com/
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 301 Moved Permanently
Date: Fri, 10 May 2024 16:59:39 GMT
Content-Type: text/html
Content-Length: 167
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Fri, 10 May 2024 17:59:39 GMT
Location: https://downstairsnegotiatebarren.com/sfp.js
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=SPro%2BHdJ7p8zV%2FRaWJhtFbHjIZPx4M8YPvi6Tv%2FA4VunD2rr4wvf71O6Gh1RT8uvVsPf5qBsxkZQ8sZgNOcwLvOCU5SgDccPQDPffeva1Hhr6J%2FRyyb5UUTar%2FTLiitqO9%2BiS3TULbRIqVjVw9Gj%2BA%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 881b7b2599a40b06-OSL
alt-svc: h2=":443"; ma=60

proftrafficcounter.com/stats

18.185.9.67

200 OK

40 B

URL GET HTTP/2
proftrafficcounter.com/stats
IP
18.185.9.67:443
ASN
#16509 AMAZON-02

Requested by
http://nguonchillb.com/nguoi-bat-tu-victor-vu-f30332.html
Certificate
IssuerAmazon
Subjectproftrafficcounter.com
FingerprintE3:9F:79:6F:80:C0:BF:F8:C4:EB:45:F3:E9:0F:A7:41:F6:0C:05:E6
ValidityTue, 21 Nov 2023 00:00:00 GMT - Thu, 19 Dec 2024 23:59:59 GMT

File type
ASCII text, with no line terminators
Size
40 B (40 bytes)
Hash
5290790cddefa6abe9b6ffb1d22e9df6
959e04ad12d94dbc39390236da3d9c9d7142b370
2a7290492350cace0f6698b21359aa303efcebc45b48eced3c87e37a7d6c20c7

HTTP Headers

GET /stats HTTP/1.1
Host: proftrafficcounter.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://nguonchillb.com
DNT: 1
Connection: keep-alive
Referer: http://nguonchillb.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 10 May 2024 16:59:39 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: http://nguonchillb.com
vary: Origin
access-control-allow-credentials: true
set-cookie: uid_id2=716c3420-8fe6-4613-b437-f28c52c9e4fd:1:1; expires=Mon, 08 May 2034 16:59:39 GMT; secure; SameSite=None
X-Firefox-Spdy: h2

fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

142.250.74.99

200 OK

48 kB

URL GET HTTP/2
fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
IP
142.250.74.99:443
ASN
#15169 GOOGLE

Requested by
http://nguonchillb.com/nguoi-bat-tu-victor-vu-f30332.html
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint15:DD:05:B3:2F:D8:E3:54:C9:B4:FA:E4:AC:01:ED:C8:E1:EA:A7:AD
ValidityTue, 16 Apr 2024 04:17:07 GMT - Tue, 09 Jul 2024 04:17:06 GMT

File type
Web Open Font Format (Version 2), TrueType, length 48236, version 1.0
Size
48 kB (48236 bytes)
Hash
015c126a3520c9a8f6a27979d0266e96
2acf956561d44434a6d84204670cf849d3215d5f
3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa

HTTP Headers

GET /s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://nguonchillb.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 48236
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 04 May 2024 04:59:42 GMT
expires: Sun, 04 May 2025 04:59:42 GMT
cache-control: public, max-age=31536000
last-modified: Thu, 14 Dec 2023 02:08:40 GMT
content-type: font/woff2
age: 561597
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSCmu1aB.woff2

142.250.74.99

200 OK

17 kB

URL GET HTTP/2
fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSCmu1aB.woff2
IP
142.250.74.99:443
ASN
#15169 GOOGLE

Requested by
http://nguonchillb.com/nguoi-bat-tu-victor-vu-f30332.html
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint15:DD:05:B3:2F:D8:E3:54:C9:B4:FA:E4:AC:01:ED:C8:E1:EA:A7:AD
ValidityTue, 16 Apr 2024 04:17:07 GMT - Tue, 09 Jul 2024 04:17:06 GMT

File type
Web Open Font Format (Version 2), TrueType, length 16552, version 1.0
Size
17 kB (16552 bytes)
Hash
283c40f79deab0300df8b3ffd86dfc7b
2ef09414a573ac59f4b37e81c8b8a881244b345f
35e5eea83f2e5f2bad1213aa4b4aef30a380720e35c1821f19bc894f8e61e406

HTTP Headers

GET /s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSCmu1aB.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://nguonchillb.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 16552
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 09 May 2024 01:49:41 GMT
expires: Fri, 09 May 2025 01:49:41 GMT
cache-control: public, max-age=31536000
age: 140998
last-modified: Thu, 14 Dec 2023 02:08:40 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

142.250.74.99

200 OK

48 kB

URL GET HTTP/2
fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
IP
142.250.74.99:443
ASN
#15169 GOOGLE

Requested by
http://nguonchillb.com/nguoi-bat-tu-victor-vu-f30332.html
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint15:DD:05:B3:2F:D8:E3:54:C9:B4:FA:E4:AC:01:ED:C8:E1:EA:A7:AD
ValidityTue, 16 Apr 2024 04:17:07 GMT - Tue, 09 Jul 2024 04:17:06 GMT

File type
Web Open Font Format (Version 2), TrueType, length 48236, version 1.0
Size
48 kB (48236 bytes)
Hash
015c126a3520c9a8f6a27979d0266e96
2acf956561d44434a6d84204670cf849d3215d5f
3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa

HTTP Headers

GET /s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://nguonchillb.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 48236
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 04 May 2024 04:59:42 GMT
expires: Sun, 04 May 2025 04:59:42 GMT
cache-control: public, max-age=31536000
last-modified: Thu, 14 Dec 2023 02:08:40 GMT
content-type: font/woff2
age: 561597
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSGmu1aB.woff2

142.250.74.99

200 OK

35 kB

URL GET HTTP/2
fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSGmu1aB.woff2
IP
142.250.74.99:443
ASN
#15169 GOOGLE

Requested by
http://nguonchillb.com/nguoi-bat-tu-victor-vu-f30332.html
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint15:DD:05:B3:2F:D8:E3:54:C9:B4:FA:E4:AC:01:ED:C8:E1:EA:A7:AD
ValidityTue, 16 Apr 2024 04:17:07 GMT - Tue, 09 Jul 2024 04:17:06 GMT

File type
Web Open Font Format (Version 2), TrueType, length 35328, version 1.0
Size
35 kB (35328 bytes)
Hash
7670dba29aa2a1560c5d711ea6f6b369
6a2a620d2972f139c804c5a8363c91eb1a7595f6
adfa45260a1306cb5fefc1f17c1b5e7b61135534a82bf1b8e3d0540af7e07e3b

HTTP Headers

GET /s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSGmu1aB.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://nguonchillb.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 35328
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 09 May 2024 17:27:30 GMT
expires: Fri, 09 May 2025 17:27:30 GMT
cache-control: public, max-age=31536000
age: 84729
last-modified: Thu, 14 Dec 2023 02:00:45 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

nguonchillb.com/themes/np/images/button_km.png

94.242.50.163

200 OK

2.6 kB

URL GET HTTP/1.1
nguonchillb.com/themes/np/images/button_km.png
IP
94.242.50.163:80
ASN
#43317 SIA VEESP

Requested by
http://nguonchillb.com/nguoi-bat-tu-victor-vu-f30332.html

File type
PNG image data, 66 x 50, 8-bit/color RGBA, non-interlaced
Size
2.6 kB (2646 bytes)
Hash
05238f78240b8bb3d2453e866550a011
766a5353d457d5282bb04192072a116073b8666d
aed76e5f2deac5394da887c6b862ab04fbc3e601348006da714310d72c5dfc60

HTTP Headers

GET /themes/np/images/button_km.png HTTP/1.1
Host: nguonchillb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://nguonchillb.com/themes/np/css/color.css?v=np2.4.8.2
Cookie: PHPSESSID=dfhq2l5cl64v3rmsmej3uel2t2; us_session_id=P89924; _ga_3RRF2WKVFP=GS1.1.1715360379.1.0.1715360379.0.0.0; _ga=GA1.1.223465648.1715360380; dom3ic8zudi28v8lr6fgphwffqoz0j6c=716c3420-8fe6-4613-b437-f28c52c9e4fd%3A1%3A1
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 10 May 2024 16:59:40 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.0.33
Last-Modified: Fri, 19 Jan 2018 09:15:00 GMT
Accept-Ranges: bytes
Content-Length: 2646
Cache-Control: max-age=2592000, public
Expires: Sun, 09 Jun 2024 16:59:40 GMT
Connection: close
Content-Type: image/png

nguonchillb.com/themes/np/images/bottomNavOFF.png

94.242.50.163

200 OK

1.3 kB

URL GET HTTP/1.1
nguonchillb.com/themes/np/images/bottomNavOFF.png
IP
94.242.50.163:80
ASN
#43317 SIA VEESP

Requested by
http://nguonchillb.com/nguoi-bat-tu-victor-vu-f30332.html

File type
PNG image data, 13 x 13, 8-bit/color RGBA, non-interlaced
Size
1.3 kB (1250 bytes)
Hash
840cd790a57c4cee3fb5b50d448dfd3a
976ecfbdaadc569488019ad246b6dfa31bdab85b
d317c5f6a5b4342d84bcc00cb0c99d2ce3c7d6f1044ac8036d722fcbf728baeb

HTTP Headers

GET /themes/np/images/bottomNavOFF.png HTTP/1.1
Host: nguonchillb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://nguonchillb.com/themes/np/css/color.css?v=np2.4.8.2
Cookie: PHPSESSID=dfhq2l5cl64v3rmsmej3uel2t2; us_session_id=P89924; _ga_3RRF2WKVFP=GS1.1.1715360379.1.0.1715360379.0.0.0; _ga=GA1.1.223465648.1715360380; dom3ic8zudi28v8lr6fgphwffqoz0j6c=716c3420-8fe6-4613-b437-f28c52c9e4fd%3A1%3A1
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 10 May 2024 16:59:40 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.0.33
Last-Modified: Fri, 19 Jan 2018 09:15:00 GMT
Accept-Ranges: bytes
Content-Length: 1250
Cache-Control: max-age=2592000, public
Expires: Sun, 09 Jun 2024 16:59:40 GMT
Connection: close
Content-Type: image/png

nguonchillb.com/site/chatbot/refresh/

94.242.50.163

200 OK

260 B

URL POST HTTP/1.1
nguonchillb.com/site/chatbot/refresh/
IP
94.242.50.163:80
ASN
#43317 SIA VEESP

Requested by
http://nguonchillb.com/nguoi-bat-tu-victor-vu-f30332.html

File type
JSON text data
Size
260 B (260 bytes)
Hash
ba0683de7607ad624fb4cecda80e9bc1
674cb63ed78bcbd018343354b0ae42e9c43d2ee1
83db877ee449fa874aaaf8896bc642c25fc2f6e8c0179b6d4d59a2c0c9cdfce1

HTTP Headers

POST /site/chatbot/refresh/ HTTP/1.1
Host: nguonchillb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
X-Requested-With: XMLHttpRequest
Content-Length: 16
Origin: http://nguonchillb.com
DNT: 1
Connection: keep-alive
Referer: http://nguonchillb.com/nguoi-bat-tu-victor-vu-f30332.html
Cookie: PHPSESSID=dfhq2l5cl64v3rmsmej3uel2t2; us_session_id=P89924; _ga_3RRF2WKVFP=GS1.1.1715360379.1.0.1715360379.0.0.0; _ga=GA1.1.223465648.1715360380; dom3ic8zudi28v8lr6fgphwffqoz0j6c=716c3420-8fe6-4613-b437-f28c52c9e4fd%3A1%3A1
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 10 May 2024 16:59:40 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.0.33
X-Powered-By: PHP/7.0.33
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: Accept-Encoding
Content-Encoding: gzip
X-UA-Compatible: IE=edge,chrome=1
Content-Length: 260
Connection: close
Content-Type: text/html; charset=UTF-8

nguonchillb.com/themes/np/images/bottomNavON.png

94.242.50.163

200 OK

1.3 kB

URL GET HTTP/1.1
nguonchillb.com/themes/np/images/bottomNavON.png
IP
94.242.50.163:80
ASN
#43317 SIA VEESP

Requested by
http://nguonchillb.com/nguoi-bat-tu-victor-vu-f30332.html

File type
PNG image data, 13 x 13, 8-bit/color RGBA, non-interlaced
Size
1.3 kB (1334 bytes)
Hash
0703045e13e1ab8508a2273cbe71d5d6
c2d2f79bb3758de5722cddd94eaf4701078b4d71
698cc5f19fb8e30c2a9d8471e81637cb26e8fcd67a55bfffc9ca651a0c45e90f

HTTP Headers

GET /themes/np/images/bottomNavON.png HTTP/1.1
Host: nguonchillb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://nguonchillb.com/themes/np/css/color.css?v=np2.4.8.2
Cookie: PHPSESSID=dfhq2l5cl64v3rmsmej3uel2t2; us_session_id=P89924; _ga_3RRF2WKVFP=GS1.1.1715360379.1.0.1715360379.0.0.0; _ga=GA1.1.223465648.1715360380
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 10 May 2024 16:59:40 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.0.33
Last-Modified: Fri, 19 Jan 2018 09:15:00 GMT
Accept-Ranges: bytes
Content-Length: 1334
Cache-Control: max-age=2592000, public
Expires: Sun, 09 Jun 2024 16:59:40 GMT
Connection: close
Content-Type: image/png

nguonchillb.com/site/site/checkaccess/

94.242.50.163

200 OK

7 B

URL POST HTTP/1.1
nguonchillb.com/site/site/checkaccess/
IP
94.242.50.163:80
ASN
#43317 SIA VEESP

Requested by
http://nguonchillb.com/nguoi-bat-tu-victor-vu-f30332.html

File type
ASCII text, with no line terminators
Size
7 B (7 bytes)
Hash
4e3ca82bee9b6a4b6c6e30ca31234e50
f007b014714adb9c2c7c105e64dfa8448e9ec77a
148ecdac86b94c986a6bb2da57595b2cc4b35afa88e266ec7f30f79530803efb

HTTP Headers

POST /site/site/checkaccess/ HTTP/1.1
Host: nguonchillb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
X-Requested-With: XMLHttpRequest
Content-Length: 88
Origin: http://nguonchillb.com
DNT: 1
Connection: keep-alive
Referer: http://nguonchillb.com/nguoi-bat-tu-victor-vu-f30332.html
Cookie: PHPSESSID=dfhq2l5cl64v3rmsmej3uel2t2; us_session_id=P89924; _ga_3RRF2WKVFP=GS1.1.1715360379.1.0.1715360379.0.0.0; _ga=GA1.1.223465648.1715360380; dom3ic8zudi28v8lr6fgphwffqoz0j6c=716c3420-8fe6-4613-b437-f28c52c9e4fd%3A1%3A1
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 10 May 2024 16:59:40 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.0.33
X-Powered-By: PHP/7.0.33
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
X-UA-Compatible: IE=edge,chrome=1
Content-Length: 7
Connection: close
Content-Type: text/html; charset=UTF-8

m3.nguonphim.net/media/images/1/favi/favicon-1498701606.png

94.242.50.163

200 OK

18 kB

URL GET HTTP/1.1
m3.nguonphim.net/media/images/1/favi/favicon-1498701606.png
IP
94.242.50.163:80
ASN
#43317 SIA VEESP

Requested by
http://nguonchillb.com/nguoi-bat-tu-victor-vu-f30332.html

File type
PNG image data, 46 x 48, 8-bit/color RGBA, non-interlaced
Size
18 kB (17873 bytes)
Hash
e6f4a93efe2d93e885abcbb4cc09cd4a
e4f94b9e95b40e30b215228316bb7f8c48d08ed2
93b7bbea433aa41f6efb860d3d9777d363f9e64fc1ad4186cd9ef525bbee9c94

HTTP Headers

GET /media/images/1/favi/favicon-1498701606.png HTTP/1.1
Host: m3.nguonphim.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://nguonchillb.com/
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 10 May 2024 16:59:40 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.0.33
Last-Modified: Wed, 05 Jul 2017 04:14:59 GMT
ETag: "45d1-5538a3e52eb40"
Accept-Ranges: bytes
Content-Length: 17873
Cache-Control: max-age=5184000, public
Expires: Tue, 09 Jul 2024 16:59:40 GMT
Access-Control-Allow-Origin: *
Connection: close
Content-Type: image/png

unseenreport.com/pxf.gif?uuid=716c3420-8fe6-4613-b437-f28c52c9e4fd&eb=978028c5053b26833423c7a069ce3bd5&te=5db3a4e34790624df926db520a13f79f&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=e&res=14.2069&b_frame=0&pk=5b28bb3338748187b2166508de2d96b3&bl=en-US&sr=1024x1280&sz=1024x1280&hjs=16

192.243.61.225

200 OK

1 B

URL GET HTTP/1.1
unseenreport.com/pxf.gif?uuid=716c3420-8fe6-4613-b437-f28c52c9e4fd&eb=978028c5053b26833423c7a069ce3bd5&te=5db3a4e34790624df926db520a13f79f&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=e&res=14.2069&b_frame=0&pk=5b28bb3338748187b2166508de2d96b3&bl=en-US&sr=1024x1280&sz=1024x1280&hjs=16
IP
192.243.61.225:80
ASN
#39572 DataWeb Global Group B.V.

Requested by
http://nguonchillb.com/nguoi-bat-tu-victor-vu-f30332.html

File type
very short file (no magic)
Size
1 B (1 bytes)
Hash
93b885adfe0da089cdf634904fd59f71
5ba93c9db0cff93f52b521d7420e43f6eda2784f
6e340b9cffb37a989ca544e6bb780a2c78901d3fb33738768511a30617afa01d

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /pxf.gif?uuid=716c3420-8fe6-4613-b437-f28c52c9e4fd&eb=978028c5053b26833423c7a069ce3bd5&te=5db3a4e34790624df926db520a13f79f&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=e&res=14.2069&b_frame=0&pk=5b28bb3338748187b2166508de2d96b3&bl=en-US&sr=1024x1280&sz=1024x1280&hjs=16 HTTP/1.1
Host: unseenreport.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://nguonchillb.com/
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Fri, 10 May 2024 16:59:40 GMT
Content-Type: image/gif
Content-Length: 1
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 2a9ab67de57bc1b54325c429805ebb43
Strict-Transport-Security: max-age=0; includeSubdomains

downstairsnegotiatebarren.com/sfp.js

188.114.97.1

301 Moved Permanently

35 kB

URL GET HTTP/1.1
downstairsnegotiatebarren.com/sfp.js
IP
188.114.97.1:80
ASN
#13335 CLOUDFLARENET

Requested by
http://nguonchillb.com/nguoi-bat-tu-victor-vu-f30332.html

File type
JavaScript source, Unicode text, UTF-8 text, with very long lines (65529), with no line terminators
Size
35 kB (34965 bytes)
Hash
f4a2f8f9f99541c6f105bbd0a025bd40
1f8e3eff12168fdd9e719adfc098d24a45b6916a
b717cb04231a10d425fd55b73c85a5407119c6826a8bac94142fddfff6958716

HTTP Headers

GET /sfp.js HTTP/1.1
Host: downstairsnegotiatebarren.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://nguonchillb.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 10 May 2024 16:59:40 GMT
content-type: application/javascript; charset=utf-8
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin: *
expires: Thu, 01 Jan 1970 00:00:01 GMT
cache-control: max-age=14400
x-request-id: 702d19482a7b09cf7b12f38dee6ecfbd
strict-transport-security: max-age=0; includeSubdomains
cf-cache-status: EXPIRED
last-modified: Fri, 10 May 2024 16:59:39 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=X%2B%2FPGRbVBnTJyo78iH%2BpGtQI%2BZc8rIfEG%2FOtMYc1tcFYPfhIVobHrTH9T%2FcdoNwfFtwZPdZzhh4sVourA3qTh01VLvfe8e0wb17Z8rpRmgGh4le%2FNZiXT3IXrdLCxkX5dlAYum2L35DRhZLwwrDF%2Fw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 881b7b271beb568e-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

niecesexhaustsilas.com/ren.gif?sid=H4sIAAAAAAAC%2F1RSz2skRRSuHuPJgyh7UoRRPChsJv1jpmfGBYNxNxKMmyXrL1CQ6q7qSZnqrqaqf0yCh2BAFk%2FDXjza%2BSbZoLuI%2BwcYdbIgEhAynnIwF%2F0PxD2JyIzDBh8U7736XsH3vq8%2B28vPiYucnl19S20LKelCq2HXX3rfca7UV0WS9%2Bv9jv%2BR37xS18UrXb9hv1x%2Fg4ebasG1Hdt2bKe%2BLDSPVH9hAkKk97pOo2s3mm7DaTXR1%2F%2FvTW7BUAusOCdPQ7Dx3APrEkQ4QhJ%2Fe5WbzUyll6%2FFuaSZ0ijY4TvJZqLKBPFFGWkLUXI4m4Yyp8tHUMnBlC5U8WgwEGNi%2FXSEIDmckURQ7E95BhI8QcCeQFmMwOUIgo4Qql0IdkqAkOH6GpL4znWlS7r1H0on6JjMPfwTohyTud8uIYm%2FWZKiX7%2BpZJ4JlRj0owqiP4LojZDmx8i2axDlMcLsUwj2C1l4uIok3l8zUkGwsxfbjh96Tdee70Tcn2%2F6jjcfNL32fOR2wpYbdnkzYlOBhBhBRCNIPgA1FvLJERbyyEKeWojZWT10HKdts5DanW4YeqzNA5%2FZDm1HDnVsv4M8nOwwQJYOEMoBQr2DVO9gUwyg8x9gNioYZsFkBAWrUHKC0hCUlKAUBGVGUBbVAZPGNdUdJk0eOLPszrJXDVXW26MHKuvxhIDqATSr9tJz8tREQGtu%2FA82%2BVm9FbidIPA8r9NudpxOO3Ad32%2FZHcZd1vUDD0ZUEKY2XXd7YuaPS0gn%2BYVFBPQYRh4jFBZo%2FhxoWYFuVNhO7ia9XCVZ0QhVDKYqpNkcsi1rT56TZ6cOru1q8PBk8e9a8vnz795GqCukusLH4gFBT94arquS7K%2Br0pD7a2kmYrFNJ%2B7ezGjGH%2F%2F6Tb5VKs1WrprBV6%2BFE2BS3nubm2yVJkwkPUPuLgnGuF5WOuTkuxXzHg9u5GZjKddJnq7eeH15JU41N0aoZAQqTq99gVCMyZPffzj9tpc%2F%2BANCj6DzCnF%2BQmYBoY4Rpjsw6cni7940YBSBlhczQWqhzKuhdoOLSykIJL%2FoaVDB8JPFvxae%2BfKo%2BBkBfyTHUNPJayqqPXMLPV0DzXaRxBUKXaGQFagcwOSPDbNUnyz%2BOqMRyNowkLq2H0gtb09FHpOVtfsw4qze9jyb%2Bt2W025T3g6abifyHUap2%2FRd36ceMjOOXl3%2F5F8AAAD%2F%2FwEAAP%2F%2Fa5p2AJAEAAA%3D

172.240.253.132

200 OK

7 B

URL GET HTTP/1.1
niecesexhaustsilas.com/ren.gif?sid=H4sIAAAAAAAC%2F1RSz2skRRSuHuPJgyh7UoRRPChsJv1jpmfGBYNxNxKMmyXrL1CQ6q7qSZnqrqaqf0yCh2BAFk%2FDXjza%2BSbZoLuI%2BwcYdbIgEhAynnIwF%2F0PxD2JyIzDBh8U7736XsH3vq8%2B28vPiYucnl19S20LKelCq2HXX3rfca7UV0WS9%2Bv9jv%2BR37xS18UrXb9hv1x%2Fg4ebasG1Hdt2bKe%2BLDSPVH9hAkKk97pOo2s3mm7DaTXR1%2F%2FvTW7BUAusOCdPQ7Dx3APrEkQ4QhJ%2Fe5WbzUyll6%2FFuaSZ0ijY4TvJZqLKBPFFGWkLUXI4m4Yyp8tHUMnBlC5U8WgwEGNi%2FXSEIDmckURQ7E95BhI8QcCeQFmMwOUIgo4Qql0IdkqAkOH6GpL4znWlS7r1H0on6JjMPfwTohyTud8uIYm%2FWZKiX7%2BpZJ4JlRj0owqiP4LojZDmx8i2axDlMcLsUwj2C1l4uIok3l8zUkGwsxfbjh96Tdee70Tcn2%2F6jjcfNL32fOR2wpYbdnkzYlOBhBhBRCNIPgA1FvLJERbyyEKeWojZWT10HKdts5DanW4YeqzNA5%2FZDm1HDnVsv4M8nOwwQJYOEMoBQr2DVO9gUwyg8x9gNioYZsFkBAWrUHKC0hCUlKAUBGVGUBbVAZPGNdUdJk0eOLPszrJXDVXW26MHKuvxhIDqATSr9tJz8tREQGtu%2FA82%2BVm9FbidIPA8r9NudpxOO3Ad32%2FZHcZd1vUDD0ZUEKY2XXd7YuaPS0gn%2BYVFBPQYRh4jFBZo%2FhxoWYFuVNhO7ia9XCVZ0QhVDKYqpNkcsi1rT56TZ6cOru1q8PBk8e9a8vnz795GqCukusLH4gFBT94arquS7K%2Br0pD7a2kmYrFNJ%2B7ezGjGH%2F%2F6Tb5VKs1WrprBV6%2BFE2BS3nubm2yVJkwkPUPuLgnGuF5WOuTkuxXzHg9u5GZjKddJnq7eeH15JU41N0aoZAQqTq99gVCMyZPffzj9tpc%2F%2BANCj6DzCnF%2BQmYBoY4Rpjsw6cni7940YBSBlhczQWqhzKuhdoOLSykIJL%2FoaVDB8JPFvxae%2BfKo%2BBkBfyTHUNPJayqqPXMLPV0DzXaRxBUKXaGQFagcwOSPDbNUnyz%2BOqMRyNowkLq2H0gtb09FHpOVtfsw4qze9jyb%2Bt2W025T3g6abifyHUap2%2FRd36ceMjOOXl3%2F5F8AAAD%2F%2FwEAAP%2F%2Fa5p2AJAEAAA%3D
IP
172.240.253.132:443
ASN
#7979 SERVERS-COM

Requested by
http://nguonchillb.com/nguoi-bat-tu-victor-vu-f30332.html
Certificate
IssuerLet's Encrypt
Subjectniecesexhaustsilas.com
Fingerprint25:F4:0B:8D:AC:46:26:85:AC:ED:0C:CA:A3:50:F5:16:33:CC:C5:DC
ValidityMon, 06 May 2024 08:11:53 GMT - Sun, 04 Aug 2024 08:11:52 GMT

File type
ASCII text, with no line terminators
Size
7 B (7 bytes)
Hash
132d6af1b46048b45cf86cdee7991d31
eb7007d03d59b65bc6da7e098c4d38fc6dfb6285
ab852e838deccd742a03ca81d4a8d75cf1a00b327db3eaf46bd7da6b6db9384c

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /ren.gif?sid=H4sIAAAAAAAC%2F1RSz2skRRSuHuPJgyh7UoRRPChsJv1jpmfGBYNxNxKMmyXrL1CQ6q7qSZnqrqaqf0yCh2BAFk%2FDXjza%2BSbZoLuI%2BwcYdbIgEhAynnIwF%2F0PxD2JyIzDBh8U7736XsH3vq8%2B28vPiYucnl19S20LKelCq2HXX3rfca7UV0WS9%2Bv9jv%2BR37xS18UrXb9hv1x%2Fg4ebasG1Hdt2bKe%2BLDSPVH9hAkKk97pOo2s3mm7DaTXR1%2F%2FvTW7BUAusOCdPQ7Dx3APrEkQ4QhJ%2Fe5WbzUyll6%2FFuaSZ0ijY4TvJZqLKBPFFGWkLUXI4m4Yyp8tHUMnBlC5U8WgwEGNi%2FXSEIDmckURQ7E95BhI8QcCeQFmMwOUIgo4Qql0IdkqAkOH6GpL4znWlS7r1H0on6JjMPfwTohyTud8uIYm%2FWZKiX7%2BpZJ4JlRj0owqiP4LojZDmx8i2axDlMcLsUwj2C1l4uIok3l8zUkGwsxfbjh96Tdee70Tcn2%2F6jjcfNL32fOR2wpYbdnkzYlOBhBhBRCNIPgA1FvLJERbyyEKeWojZWT10HKdts5DanW4YeqzNA5%2FZDm1HDnVsv4M8nOwwQJYOEMoBQr2DVO9gUwyg8x9gNioYZsFkBAWrUHKC0hCUlKAUBGVGUBbVAZPGNdUdJk0eOLPszrJXDVXW26MHKuvxhIDqATSr9tJz8tREQGtu%2FA82%2BVm9FbidIPA8r9NudpxOO3Ad32%2FZHcZd1vUDD0ZUEKY2XXd7YuaPS0gn%2BYVFBPQYRh4jFBZo%2FhxoWYFuVNhO7ia9XCVZ0QhVDKYqpNkcsi1rT56TZ6cOru1q8PBk8e9a8vnz795GqCukusLH4gFBT94arquS7K%2Br0pD7a2kmYrFNJ%2B7ezGjGH%2F%2F6Tb5VKs1WrprBV6%2BFE2BS3nubm2yVJkwkPUPuLgnGuF5WOuTkuxXzHg9u5GZjKddJnq7eeH15JU41N0aoZAQqTq99gVCMyZPffzj9tpc%2F%2BANCj6DzCnF%2BQmYBoY4Rpjsw6cni7940YBSBlhczQWqhzKuhdoOLSykIJL%2FoaVDB8JPFvxae%2BfKo%2BBkBfyTHUNPJayqqPXMLPV0DzXaRxBUKXaGQFagcwOSPDbNUnyz%2BOqMRyNowkLq2H0gtb09FHpOVtfsw4qze9jyb%2Bt2W025T3g6abifyHUap2%2FRd36ceMjOOXl3%2F5F8AAAD%2F%2FwEAAP%2F%2Fa5p2AJAEAAA%3D HTTP/1.1
Host: niecesexhaustsilas.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://nguonchillb.com/
Cookie: u_pl=17093374; uid_id2=716c3420-8fe6-4613-b437-f28c52c9e4fd:1:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; slec5b28bb3338748187b2166508de2d96b3=[5210994]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Fri, 10 May 2024 16:59:41 GMT
Content-Type: image/gif
Content-Length: 7
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: f950513f288196b59f43cee1eafe2125
Strict-Transport-Security: max-age=0; includeSubdomains

cdn.creative-bars1.com/sb/interstitial/sweep/default/stories/1/img/icon.png

188.114.96.1

200 OK

12 kB

URL GET HTTP/2
cdn.creative-bars1.com/sb/interstitial/sweep/default/stories/1/img/icon.png
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
http://nguonchillb.com/nguoi-bat-tu-victor-vu-f30332.html
Certificate
IssuerGoogle Trust Services LLC
Subjectcreative-bars1.com
Fingerprint3D:29:39:2C:F1:E5:C6:EF:54:F5:70:B5:CF:A8:C2:75:4D:89:72:13
ValidityMon, 15 Apr 2024 15:02:18 GMT - Sun, 14 Jul 2024 15:02:17 GMT

File type
PNG image data, 230 x 253, 8-bit colormap, non-interlaced
Size
12 kB (11963 bytes)
Hash
b1f546ae7b0fbf8f3d19946146456d8a
37792f4d6fb3482b3d0281139a61e2e426fa3056
2a0b851026a70a5da3b5f2fe9e7f5d098c4126c035a68de8e90f8408bab6fd33

HTTP Headers

GET /sb/interstitial/sweep/default/stories/1/img/icon.png HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Fri, 10 May 2024 16:59:41 GMT
content-type: image/png
content-length: 11963
last-modified: Fri, 19 Jan 2024 14:17:32 GMT
etag: "65aa847c-2ebb"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 866501
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=7QzBbl6eLcf6usOOXQvxJCUMMWINDWTq%2FfPu82q4qa49GvFCIlu65Svfah6skaWgtNx3Iv%2FC461nmQoHPAX5jpD24t5jPsIUv4qD0GAVVRSc913ehOhKwSsU8IN%2BPN6HrcAotFMUizzc"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 881b7b2f1a331c0e-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

fonts.googleapis.com/css?family=Roboto:300,400,700&display=swap

142.250.74.106

200 OK

717 B

URL GET HTTP/1.1
fonts.googleapis.com/css?family=Roboto:300,400,700&display=swap
IP
142.250.74.106:80
ASN
#15169 GOOGLE

Requested by
http://nguonchillb.com/nguoi-bat-tu-victor-vu-f30332.html

File type
ASCII text
Size
717 B (717 bytes)
Hash
9cc7d472437c87f6f7ebeb35abec09f1
948bb2b7bf4bbc829015c125e1b6f7859b2948b0
9a39510af72db44fb14d333c52c41da0e90827afcfe78c8f12b367f0a94783b7

HTTP Headers

GET /css?family=Roboto:300,400,700&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: text/css; charset=utf-8
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Link: <http://fonts.gstatic.com>; rel=preconnect; crossorigin
Expires: Fri, 10 May 2024 16:59:41 GMT
Date: Fri, 10 May 2024 16:59:41 GMT
Cache-Control: private, max-age=86400
Cross-Origin-Opener-Policy: same-origin-allow-popups
Cross-Origin-Resource-Policy: cross-origin
Content-Encoding: gzip
Transfer-Encoding: chunked
Server: ESF
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff

niecesexhaustsilas.com/pixel/sbls?bv=24.6.6370&tmpl=482&u=https%3A%2F%2Fcdn.barscreative1.com%2Fsb%2Finterstitial%2Fsweep%2Fdefault%2Fstories%2F1%2Findex.html&l=1125&fd=84

172.240.253.132

200 OK

0 B

URL GET HTTP/1.1
niecesexhaustsilas.com/pixel/sbls?bv=24.6.6370&tmpl=482&u=https%3A%2F%2Fcdn.barscreative1.com%2Fsb%2Finterstitial%2Fsweep%2Fdefault%2Fstories%2F1%2Findex.html&l=1125&fd=84
IP
172.240.253.132:80
ASN
#7979 SERVERS-COM

Requested by
http://nguonchillb.com/nguoi-bat-tu-victor-vu-f30332.html

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /pixel/sbls?bv=24.6.6370&tmpl=482&u=https%3A%2F%2Fcdn.barscreative1.com%2Fsb%2Finterstitial%2Fsweep%2Fdefault%2Fstories%2F1%2Findex.html&l=1125&fd=84 HTTP/1.1
Host: niecesexhaustsilas.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://nguonchillb.com/
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Fri, 10 May 2024 16:59:41 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range

cdn.creative-bars1.com/sb/interstitial/sweep/default/stories/1/css/style.css

188.114.96.1

200 OK

553 B

URL GET HTTP/2
cdn.creative-bars1.com/sb/interstitial/sweep/default/stories/1/css/style.css
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
http://nguonchillb.com/nguoi-bat-tu-victor-vu-f30332.html
Certificate
IssuerGoogle Trust Services LLC
Subjectcreative-bars1.com
Fingerprint3D:29:39:2C:F1:E5:C6:EF:54:F5:70:B5:CF:A8:C2:75:4D:89:72:13
ValidityMon, 15 Apr 2024 15:02:18 GMT - Sun, 14 Jul 2024 15:02:17 GMT

File type
ASCII text
Size
553 B (553 bytes)
Hash
09e402648e8c3edf74a22296eec8ed6e
50f3fccaf2074366bd61b4925cdad604f951c17b
4cf2b716e0c42dfcdbb8bb614c9011874da5d744edc1db3a9bc9bea28e13301d

HTTP Headers

GET /sb/interstitial/sweep/default/stories/1/css/style.css HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://nguonchillb.com
DNT: 1
Connection: keep-alive
Referer: http://nguonchillb.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 10 May 2024 16:59:41 GMT
content-type: text/css
last-modified: Fri, 19 Jan 2024 14:17:32 GMT
etag: W/"65aa847c-59a"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
content-encoding: gzip
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=pFh7b82ZqpcT5tAJKAW2RUK1ivZ7LG4aspr3FUuYYQXy4TK4u2jSd9f16Q2HZGXeCvh0%2FQxyxJWKHE6MATuPWV%2BrOa7ZXe%2Fi3bj5c8qliShz%2Bs6gZ7hWoL%2FbGk%2FbIhRjn8RGo7CRZwRg"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 881b7b2ec9e71c0e-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

niecesexhaustsilas.com/pixel/sbls?bv=24.6.6370&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Finterstitial%2Fsweep%2Fdefault%2Fstories%2F1%2Fcss%2Fstyle.css&l=1434&fd=365

172.240.253.132

200 OK

0 B

URL GET HTTP/1.1
niecesexhaustsilas.com/pixel/sbls?bv=24.6.6370&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Finterstitial%2Fsweep%2Fdefault%2Fstories%2F1%2Fcss%2Fstyle.css&l=1434&fd=365
IP
172.240.253.132:80
ASN
#7979 SERVERS-COM

Requested by
http://nguonchillb.com/nguoi-bat-tu-victor-vu-f30332.html

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /pixel/sbls?bv=24.6.6370&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Finterstitial%2Fsweep%2Fdefault%2Fstories%2F1%2Fcss%2Fstyle.css&l=1434&fd=365 HTTP/1.1
Host: niecesexhaustsilas.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://nguonchillb.com/
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Fri, 10 May 2024 16:59:41 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range

cdn.creative-bars1.com/sb/interstitial/sweep/default/stories/1/js/script.js

188.114.96.1

200 OK

145 B

URL GET HTTP/2
cdn.creative-bars1.com/sb/interstitial/sweep/default/stories/1/js/script.js
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
http://nguonchillb.com/nguoi-bat-tu-victor-vu-f30332.html
Certificate
IssuerGoogle Trust Services LLC
Subjectcreative-bars1.com
Fingerprint3D:29:39:2C:F1:E5:C6:EF:54:F5:70:B5:CF:A8:C2:75:4D:89:72:13
ValidityMon, 15 Apr 2024 15:02:18 GMT - Sun, 14 Jul 2024 15:02:17 GMT

File type
ASCII text
Size
145 B (145 bytes)
Hash
f892d13477b4dc50738e456394213c85
7fd3b8db8ae9065a1ca71e93d2d8c54a30f0c4d3
fce0518bf4195114ede5ba3e52220db0b2566b606eb8ee6d28199bc6587f7f5d

HTTP Headers

GET /sb/interstitial/sweep/default/stories/1/js/script.js HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://nguonchillb.com
DNT: 1
Connection: keep-alive
Referer: http://nguonchillb.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Fri, 10 May 2024 16:59:41 GMT
content-type: application/javascript
last-modified: Fri, 19 Jan 2024 14:17:32 GMT
etag: W/"65aa847c-141"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=EkvAi3vWp2DBjbN%2BT6rBJeXetDWY%2B7gPXj82%2Bzc6i9Nn906K8QHP1wCzFatnAR2%2BfqmFIs1kM%2FpDo4%2F9n6h81ESc9WIL84UDLkpd4BfMDFwh82dMHazykr102qZUlIL42dcygd9%2FfikY"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 881b7b2fdaff1c0e-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

142.250.74.99

200 OK

16 kB

URL GET HTTP/2
fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
IP
142.250.74.99:443
ASN
#15169 GOOGLE

Requested by
http://nguonchillb.com/nguoi-bat-tu-victor-vu-f30332.html
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint15:DD:05:B3:2F:D8:E3:54:C9:B4:FA:E4:AC:01:ED:C8:E1:EA:A7:AD
ValidityTue, 16 Apr 2024 04:17:07 GMT - Tue, 09 Jul 2024 04:17:06 GMT

File type
Web Open Font Format (Version 2), TrueType, length 15744, version 1.0
Size
16 kB (15744 bytes)
Hash
15d9f621c3bd1599f0169dcf0bd5e63e
7ca9c5967f3bb8bffeab24b639b49c1e7d03fa52
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

HTTP Headers

GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://nguonchillb.com
DNT: 1
Connection: keep-alive
Referer: http://fonts.googleapis.com/
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin; report-to="apps-themes"
Report-To: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
Timing-Allow-Origin: *
Content-Length: 15744
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Fri, 10 May 2024 02:17:12 GMT
Expires: Sat, 10 May 2025 02:17:12 GMT
Cache-Control: public, max-age=31536000
Age: 52950
Last-Modified: Wed, 11 May 2022 19:24:48 GMT
Content-Type: font/woff2

niecesexhaustsilas.com/impr.gif?sid=H4sIAAAAAAAC%2F1RSTWtdRRieE%2BPKhShdKcJVXCg0yfm4HycWDMY2EoxNaf0CBZmvcztmzpnDzPm4DS6KBSmuLt249ORJ2qItYn%2BAVW8KIgEh11UWZqP%2FQOxKRO710uALw%2Fu%2B87wDz%2Fs889lOeUxClPTo7FtmW2lNlzqLfuul94PgTGtDZeWgNYi7H3XbZ1q2emW5u%2Bi%2F3HpD8i2zFPqB7wd%2B0FpTViZmsDQBofK7y8Hisr%2FYDheDThsD%2B%2F%2FelR4c9SCqY%2FI0lBjPP%2FBOQfERsvTbs9JtFSY%2FfS4tNS2MRSVuv5NtZabOkJ6UifWQZLdn0zDucO0%2BTHZzShemejTI1Jh4P90Hy27PSIJVe1OeTENmYOIJ1NUIUo%2Bg6AjcXIMShwTgAuc3kaW3zhtb0yv%2FoXSCjsn8wz%2Bh6jGZ%2F%2B0UsvSbVa0GrUtGl4UymcMgaaAGI6j%2BCHm5j2J7DqreBy8%2BhRK%2FkKWHG8jSvU2nDZQ4erEXdHnUDv2FOJHdhXY3iBZYO%2BotJGHMOyFflu1ETAVSagSVjKDlENR5KCdHeSgTD2XuIRVHLR4EQc8XnPrxMueR6EnWFX5Ae0lAA78bo%2BSTHYYo8iG4HoLbq8jtVWypIWz5A9zlBk54cAVBJRrUkqB2BDUlqBVBXRDUVXNTaBe65pbQrmTBLIezHDW7pujv0Jum6MuMgNohrGh28mPy1ERAb378D7bkUavDwpixKIriXjsO4h4Lg26348dChmK5yyI41UC5uem62xMzf1xFPskvrIDRfTi9D6480PI50LoBvdxgO7uT9UuTFdUiNymEaZAX8yiueDv6mDw7dXDzmoXkByt%2Fz2WfP%2F%2FuDXDbILcNPlYPCPr6%2Bu5FU5O9i6Z25N5mXqhUbdOJu5cKWsjHv35TXqmNFetn3fCr1%2FgEmJR335au2KCZUFnfkTurSghp14zlkny37t6T7ELpLq%2BWNivzjQuvr62nuZXOKZONQNXhuS%2FA1Zg8%2Bf2H0297%2BoM%2FoOwItmyQlgdkFlBmHzy%2FCpcfrPweTQPOEFh9MsNyD3XZ7NqQnVxqRaDlSU9ZAycPVv5aeubL%2B9XPYPKRHLuWTl5T1ey46%2BjbOdDiGrK0QWUbVLoB1UO48rHdIrcHK7%2FOaDA9t8u0ndtj2uobU5HHZH3zHpw6akW%2B6DGZyB6T7U47kVywTof5POEsEnHMUbhx8urFT%2F4FAAD%2F%2FwEAAP%2F%2F606j6JAEAAA%3D

172.240.253.132

200 OK

7 B

URL GET HTTP/1.1
niecesexhaustsilas.com/impr.gif?sid=H4sIAAAAAAAC%2F1RSTWtdRRieE%2BPKhShdKcJVXCg0yfm4HycWDMY2EoxNaf0CBZmvcztmzpnDzPm4DS6KBSmuLt249ORJ2qItYn%2BAVW8KIgEh11UWZqP%2FQOxKRO710uALw%2Fu%2B87wDz%2Fs889lOeUxClPTo7FtmW2lNlzqLfuul94PgTGtDZeWgNYi7H3XbZ1q2emW5u%2Bi%2F3HpD8i2zFPqB7wd%2B0FpTViZmsDQBofK7y8Hisr%2FYDheDThsD%2B%2F%2FelR4c9SCqY%2FI0lBjPP%2FBOQfERsvTbs9JtFSY%2FfS4tNS2MRSVuv5NtZabOkJ6UifWQZLdn0zDucO0%2BTHZzShemejTI1Jh4P90Hy27PSIJVe1OeTENmYOIJ1NUIUo%2Bg6AjcXIMShwTgAuc3kaW3zhtb0yv%2FoXSCjsn8wz%2Bh6jGZ%2F%2B0UsvSbVa0GrUtGl4UymcMgaaAGI6j%2BCHm5j2J7DqreBy8%2BhRK%2FkKWHG8jSvU2nDZQ4erEXdHnUDv2FOJHdhXY3iBZYO%2BotJGHMOyFflu1ETAVSagSVjKDlENR5KCdHeSgTD2XuIRVHLR4EQc8XnPrxMueR6EnWFX5Ae0lAA78bo%2BSTHYYo8iG4HoLbq8jtVWypIWz5A9zlBk54cAVBJRrUkqB2BDUlqBVBXRDUVXNTaBe65pbQrmTBLIezHDW7pujv0Jum6MuMgNohrGh28mPy1ERAb378D7bkUavDwpixKIriXjsO4h4Lg26348dChmK5yyI41UC5uem62xMzf1xFPskvrIDRfTi9D6480PI50LoBvdxgO7uT9UuTFdUiNymEaZAX8yiueDv6mDw7dXDzmoXkByt%2Fz2WfP%2F%2FuDXDbILcNPlYPCPr6%2Bu5FU5O9i6Z25N5mXqhUbdOJu5cKWsjHv35TXqmNFetn3fCr1%2FgEmJR335au2KCZUFnfkTurSghp14zlkny37t6T7ELpLq%2BWNivzjQuvr62nuZXOKZONQNXhuS%2FA1Zg8%2Bf2H0297%2BoM%2FoOwItmyQlgdkFlBmHzy%2FCpcfrPweTQPOEFh9MsNyD3XZ7NqQnVxqRaDlSU9ZAycPVv5aeubL%2B9XPYPKRHLuWTl5T1ey46%2BjbOdDiGrK0QWUbVLoB1UO48rHdIrcHK7%2FOaDA9t8u0ndtj2uobU5HHZH3zHpw6akW%2B6DGZyB6T7U47kVywTof5POEsEnHMUbhx8urFT%2F4FAAD%2F%2FwEAAP%2F%2F606j6JAEAAA%3D
IP
172.240.253.132:443
ASN
#7979 SERVERS-COM

Requested by
http://nguonchillb.com/nguoi-bat-tu-victor-vu-f30332.html
Certificate
IssuerLet's Encrypt
Subjectniecesexhaustsilas.com
Fingerprint25:F4:0B:8D:AC:46:26:85:AC:ED:0C:CA:A3:50:F5:16:33:CC:C5:DC
ValidityMon, 06 May 2024 08:11:53 GMT - Sun, 04 Aug 2024 08:11:52 GMT

File type
ASCII text, with no line terminators
Size
7 B (7 bytes)
Hash
132d6af1b46048b45cf86cdee7991d31
eb7007d03d59b65bc6da7e098c4d38fc6dfb6285
ab852e838deccd742a03ca81d4a8d75cf1a00b327db3eaf46bd7da6b6db9384c

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /impr.gif?sid=H4sIAAAAAAAC%2F1RSTWtdRRieE%2BPKhShdKcJVXCg0yfm4HycWDMY2EoxNaf0CBZmvcztmzpnDzPm4DS6KBSmuLt249ORJ2qItYn%2BAVW8KIgEh11UWZqP%2FQOxKRO710uALw%2Fu%2B87wDz%2Fs889lOeUxClPTo7FtmW2lNlzqLfuul94PgTGtDZeWgNYi7H3XbZ1q2emW5u%2Bi%2F3HpD8i2zFPqB7wd%2B0FpTViZmsDQBofK7y8Hisr%2FYDheDThsD%2B%2F%2FelR4c9SCqY%2FI0lBjPP%2FBOQfERsvTbs9JtFSY%2FfS4tNS2MRSVuv5NtZabOkJ6UifWQZLdn0zDucO0%2BTHZzShemejTI1Jh4P90Hy27PSIJVe1OeTENmYOIJ1NUIUo%2Bg6AjcXIMShwTgAuc3kaW3zhtb0yv%2FoXSCjsn8wz%2Bh6jGZ%2F%2B0UsvSbVa0GrUtGl4UymcMgaaAGI6j%2BCHm5j2J7DqreBy8%2BhRK%2FkKWHG8jSvU2nDZQ4erEXdHnUDv2FOJHdhXY3iBZYO%2BotJGHMOyFflu1ETAVSagSVjKDlENR5KCdHeSgTD2XuIRVHLR4EQc8XnPrxMueR6EnWFX5Ae0lAA78bo%2BSTHYYo8iG4HoLbq8jtVWypIWz5A9zlBk54cAVBJRrUkqB2BDUlqBVBXRDUVXNTaBe65pbQrmTBLIezHDW7pujv0Jum6MuMgNohrGh28mPy1ERAb378D7bkUavDwpixKIriXjsO4h4Lg26348dChmK5yyI41UC5uem62xMzf1xFPskvrIDRfTi9D6480PI50LoBvdxgO7uT9UuTFdUiNymEaZAX8yiueDv6mDw7dXDzmoXkByt%2Fz2WfP%2F%2FuDXDbILcNPlYPCPr6%2Bu5FU5O9i6Z25N5mXqhUbdOJu5cKWsjHv35TXqmNFetn3fCr1%2FgEmJR335au2KCZUFnfkTurSghp14zlkny37t6T7ELpLq%2BWNivzjQuvr62nuZXOKZONQNXhuS%2FA1Zg8%2Bf2H0297%2BoM%2FoOwItmyQlgdkFlBmHzy%2FCpcfrPweTQPOEFh9MsNyD3XZ7NqQnVxqRaDlSU9ZAycPVv5aeubL%2B9XPYPKRHLuWTl5T1ey46%2BjbOdDiGrK0QWUbVLoB1UO48rHdIrcHK7%2FOaDA9t8u0ndtj2uobU5HHZH3zHpw6akW%2B6DGZyB6T7U47kVywTof5POEsEnHMUbhx8urFT%2F4FAAD%2F%2FwEAAP%2F%2F606j6JAEAAA%3D HTTP/1.1
Host: niecesexhaustsilas.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://nguonchillb.com/
Cookie: u_pl=17093374; uid_id2=716c3420-8fe6-4613-b437-f28c52c9e4fd:1:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; slec5b28bb3338748187b2166508de2d96b3=[5210994]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Fri, 10 May 2024 16:59:42 GMT
Content-Type: image/gif
Content-Length: 7
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: efc3b652b456b296a0e6c3c1923f5e1d
Strict-Transport-Security: max-age=0; includeSubdomains

niecesexhaustsilas.com/pixel/sbs?c=1

172.240.108.76

200 OK

0 B

URL GET HTTP/1.1
niecesexhaustsilas.com/pixel/sbs?c=1
IP
172.240.108.76:443
ASN
#7979 SERVERS-COM

Requested by
http://nguonchillb.com/nguoi-bat-tu-victor-vu-f30332.html
Certificate
IssuerLet's Encrypt
Subjectniecesexhaustsilas.com
Fingerprint25:F4:0B:8D:AC:46:26:85:AC:ED:0C:CA:A3:50:F5:16:33:CC:C5:DC
ValidityMon, 06 May 2024 08:11:53 GMT - Sun, 04 Aug 2024 08:11:52 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /pixel/sbs?c=1 HTTP/1.1
Host: niecesexhaustsilas.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://nguonchillb.com/
Cookie: u_pl=17093374; uid_id2=716c3420-8fe6-4613-b437-f28c52c9e4fd:1:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; slec5b28bb3338748187b2166508de2d96b3=[5210994]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Fri, 10 May 2024 16:59:42 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range

niecesexhaustsilas.com/sbar.json?key=5b28bb3338748187b2166508de2d96b3&uuid=716c3420-8fe6-4613-b437-f28c52c9e4fd%3A1%3A1

172.240.253.132

200 OK

12 kB

URL GET HTTP/1.1
niecesexhaustsilas.com/sbar.json?key=5b28bb3338748187b2166508de2d96b3&uuid=716c3420-8fe6-4613-b437-f28c52c9e4fd%3A1%3A1
IP
172.240.253.132:443
ASN
#7979 SERVERS-COM

Requested by
http://nguonchillb.com/nguoi-bat-tu-victor-vu-f30332.html
Certificate
IssuerLet's Encrypt
Subjectniecesexhaustsilas.com
Fingerprint25:F4:0B:8D:AC:46:26:85:AC:ED:0C:CA:A3:50:F5:16:33:CC:C5:DC
ValidityMon, 06 May 2024 08:11:53 GMT - Sun, 04 Aug 2024 08:11:52 GMT

File type
JSON text data
Size
12 kB (12164 bytes)
Hash
b5577f0e6883486630d29294d76fa54d
439e577ad3742bb98510bd2a1398dd8665a6bf85
be5660a97a5043452e622a07366f839a9ac71c7603bb86b4e894645749df1b57

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /sbar.json?key=5b28bb3338748187b2166508de2d96b3&uuid=716c3420-8fe6-4613-b437-f28c52c9e4fd%3A1%3A1 HTTP/1.1
Host: niecesexhaustsilas.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://nguonchillb.com
DNT: 1
Connection: keep-alive
Referer: http://nguonchillb.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Fri, 10 May 2024 16:59:41 GMT
Content-Type: text/plain; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: http://nguonchillb.com
Access-Control-Allow-Origin: http://nguonchillb.com
Access-Control-Allow-Credentials: true
Set-Cookie: u_pl=17093374; expires=Sat, 11 May 2024 16:59:40 GMT; secure; SameSite=None
uid_id2=716c3420-8fe6-4613-b437-f28c52c9e4fd:1:1; expires=Fri, 17 May 2024 16:59:40 GMT; secure; SameSite=None
pdhtkv=true; expires=Sat, 11 May 2024 16:59:41 GMT; secure; SameSite=None
uncs=1; expires=Sat, 11 May 2024 16:59:41 GMT; secure; SameSite=None
pdhtkv29=true; expires=Sat, 11 May 2024 16:59:41 GMT; secure; SameSite=None
uncs29=1; expires=Sat, 11 May 2024 16:59:41 GMT; secure; SameSite=None
slec5b28bb3338748187b2166508de2d96b3=[5210994]; expires=Fri, 10 May 2024 16:59:46 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 7a9154cdfab6ffa26a340d3c29964943
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip

niecesexhaustsilas.com/pixel/sbls?bv=24.6.6370&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Finterstitial%2Fsweep%2Fdefault%2Fstories%2F1%2Fjs%2Fscript.js&l=321&fd=323

172.240.108.76

200 OK

0 B

URL GET HTTP/1.1
niecesexhaustsilas.com/pixel/sbls?bv=24.6.6370&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Finterstitial%2Fsweep%2Fdefault%2Fstories%2F1%2Fjs%2Fscript.js&l=321&fd=323
IP
172.240.108.76:80
ASN
#7979 SERVERS-COM

Requested by
http://nguonchillb.com/nguoi-bat-tu-victor-vu-f30332.html

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /pixel/sbls?bv=24.6.6370&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Finterstitial%2Fsweep%2Fdefault%2Fstories%2F1%2Fjs%2Fscript.js&l=321&fd=323 HTTP/1.1
Host: niecesexhaustsilas.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://nguonchillb.com/
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Fri, 10 May 2024 16:59:41 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range

cdn.creative-bars1.com/sb/interstitial/sweep/default/stories/1/js/jquery.min.js

188.114.96.1

200 OK

87 kB

URL GET HTTP/2
cdn.creative-bars1.com/sb/interstitial/sweep/default/stories/1/js/jquery.min.js
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
http://nguonchillb.com/nguoi-bat-tu-victor-vu-f30332.html
Certificate
IssuerGoogle Trust Services LLC
Subjectcreative-bars1.com
Fingerprint3D:29:39:2C:F1:E5:C6:EF:54:F5:70:B5:CF:A8:C2:75:4D:89:72:13
ValidityMon, 15 Apr 2024 15:02:18 GMT - Sun, 14 Jul 2024 15:02:17 GMT

File type
JavaScript source, ASCII text, with very long lines (32058)
Size
87 kB (86659 bytes)
Hash
c9f5aeeca3ad37bf2aa006139b935f0a
1055018c28ab41087ef9ccefe411606893dabea2
87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de

HTTP Headers

GET /sb/interstitial/sweep/default/stories/1/js/jquery.min.js HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 10 May 2024 16:59:41 GMT
content-type: application/javascript
last-modified: Fri, 19 Jan 2024 14:17:32 GMT
etag: W/"65aa847c-15283"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 866501
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=LlO%2BtlNa4MABhQcjv5gCctMd3AJkgru2elcakMll1cA%2FInfqRaJVrGUkiPEyduIM3bxx0hPRtt%2BdMC1hU4ertRdBr%2BPqZ6MaCuv668Mcjy%2FZIqOzy3lT6xSatjxl0Jn3Yjcqi4%2FmWcjx"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 881b7b2f2a351c0e-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

www.googletagmanager.com/gtag/js?id=G-3RRF2WKVFP&l=dataLayer&cx=c

142.250.74.168

200 OK

250 kB

URL GET HTTP/2
www.googletagmanager.com/gtag/js?id=G-3RRF2WKVFP&l=dataLayer&cx=c
IP
142.250.74.168:443
ASN
#15169 GOOGLE

Requested by
http://nguonchillb.com/nguoi-bat-tu-victor-vu-f30332.html
Certificate
IssuerGoogle Trust Services LLC
Subject*.google-analytics.com
Fingerprint93:6B:D2:9D:92:BE:2D:D8:02:67:82:83:5E:EF:A3:F9:13:F3:26:AE
ValidityTue, 16 Apr 2024 03:18:45 GMT - Tue, 09 Jul 2024 03:18:44 GMT

File type
JavaScript source, ASCII text, with very long lines (4242)
Size
250 kB (250541 bytes)
Hash
b9ccb8f86f648fd5494d4b1a913d9b90
154e389fcc4c2ccdcecc8a2fece800b8bc20d596
109b4947899dab2d994b8db3db2c7b644bc0e594975b26c7e6df22ef73129542

HTTP Headers

GET /gtag/js?id=G-3RRF2WKVFP&l=dataLayer&cx=c HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://nguonchillb.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Fri, 10 May 2024 16:59:39 GMT
expires: Fri, 10 May 2024 16:59:39 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 88589
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

cdn.creative-bars1.com/sb/interstitial/sweep/default/stories/1/css/animate.css

188.114.96.1

200 OK

79 kB

URL GET HTTP/2
cdn.creative-bars1.com/sb/interstitial/sweep/default/stories/1/css/animate.css
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
http://nguonchillb.com/nguoi-bat-tu-victor-vu-f30332.html
Certificate
IssuerGoogle Trust Services LLC
Subjectcreative-bars1.com
Fingerprint3D:29:39:2C:F1:E5:C6:EF:54:F5:70:B5:CF:A8:C2:75:4D:89:72:13
ValidityMon, 15 Apr 2024 15:02:18 GMT - Sun, 14 Jul 2024 15:02:17 GMT

File type
ASCII text
Size
79 kB (78693 bytes)
Hash
5982c5377696d20476871062646b253f
8bf2c93fa9ccc908f7df0fb7abb911bbac3e4242
4e23a6449e6ef4614f0107cecf5c9eda75d2041c7c71f4a55d45f2a7e75450f4

HTTP Headers

GET /sb/interstitial/sweep/default/stories/1/css/animate.css HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://nguonchillb.com
DNT: 1
Connection: keep-alive
Referer: http://nguonchillb.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 10 May 2024 16:59:41 GMT
content-type: text/css
last-modified: Fri, 19 Jan 2024 14:17:32 GMT
etag: W/"65aa847c-13365"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
content-encoding: gzip
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5PY1qdtJYnuOREfrvKYbEhmcaQewjv2xheEzCVfIqdSGm3PSf%2BTDliwLLQAuPhGZ%2FWiIn3lWIThUFe2PfQ5pAO5giNznsF6fjkqfbIJ7XeEwvx7ew%2B3fIkDFhBDusZDfBmzFqnwYlvuM"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 881b7b2ed9ec1c0e-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

fonts.gstatic.com/s/materialicons/v142/flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2

142.250.74.99

200 OK

128 kB

URL GET HTTP/2
fonts.gstatic.com/s/materialicons/v142/flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2
IP
142.250.74.99:443
ASN
#15169 GOOGLE

Requested by
http://nguonchillb.com/nguoi-bat-tu-victor-vu-f30332.html
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint15:DD:05:B3:2F:D8:E3:54:C9:B4:FA:E4:AC:01:ED:C8:E1:EA:A7:AD
ValidityTue, 16 Apr 2024 04:17:07 GMT - Tue, 09 Jul 2024 04:17:06 GMT

File type
Web Open Font Format (Version 2), TrueType, length 128352, version 1.0
Size
128 kB (128352 bytes)
Hash
53436aca8627a49f4deaaa44dc9e3c05
0bc0c675480d94ec7e8609dda6227f88c5d08d2c
8265f64786397d6b832d1ca0aafdf149ad84e72759fffa9f7272e91a0fb015d1

HTTP Headers

GET /s/materialicons/v142/flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://nguonchillb.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 128352
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 09 May 2024 01:55:24 GMT
expires: Fri, 09 May 2025 01:55:24 GMT
cache-control: public, max-age=31536000
age: 140655
last-modified: Mon, 08 Apr 2024 19:04:47 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

cdn.barscreative1.com/sb/interstitial/sweep/default/stories/1/index.html

45.133.44.3

200 OK

1.1 kB

URL GET HTTP/2
cdn.barscreative1.com/sb/interstitial/sweep/default/stories/1/index.html
IP
45.133.44.3:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
http://nguonchillb.com/nguoi-bat-tu-victor-vu-f30332.html
Certificate
IssuerLet's Encrypt
Subjectcdn.barscreative1.com
Fingerprint08:55:F0:C8:EA:24:54:0D:3C:B9:2C:95:3E:DC:BF:FB:A8:76:BA:BC
ValidityThu, 09 May 2024 03:01:15 GMT - Wed, 07 Aug 2024 03:01:14 GMT

File type
HTML document, ASCII text, with very long lines (1191), with no line terminators
Size
1.1 kB (1125 bytes)
Hash
3cb5e6c9f01bfa7cb22cea97b0b797bd
e7d11b7e73cef3077f1fd9422b02887a0a9b92a3
ff16f3fe2fabcd2e6ff096ae0c0c535ea1b9e3ad821158fe96dd38a673a24ca8

HTTP Headers

GET /sb/interstitial/sweep/default/stories/1/index.html HTTP/1.1
Host: cdn.barscreative1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://nguonchillb.com
DNT: 1
Connection: keep-alive
Referer: http://nguonchillb.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 10 May 2024 16:59:41 GMT
content-type: text/html; charset=utf-8
server: nginx/1.21.6
last-modified: Fri, 19 Jan 2024 14:17:32 GMT
etag: W/"65aa847c-465"
cache-control: max-age=3600
access-control-allow-origin: *
access-control-expose-headers: Date
content-encoding: gzip
expires: Fri, 10 May 2024 17:59:41 GMT
x-proxy-cache: HIT
X-Firefox-Spdy: h2

cdn.creative-bars1.com/sb/interstitial/sweep/default/stories/1/img/close.svg

188.114.96.1

200 OK

1.3 kB

URL GET HTTP/2
cdn.creative-bars1.com/sb/interstitial/sweep/default/stories/1/img/close.svg
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
http://nguonchillb.com/nguoi-bat-tu-victor-vu-f30332.html
Certificate
IssuerGoogle Trust Services LLC
Subjectcreative-bars1.com
Fingerprint3D:29:39:2C:F1:E5:C6:EF:54:F5:70:B5:CF:A8:C2:75:4D:89:72:13
ValidityMon, 15 Apr 2024 15:02:18 GMT - Sun, 14 Jul 2024 15:02:17 GMT

File type
SVG Scalable Vector Graphics image
Size
1.3 kB (1279 bytes)
Hash
5ff33e884803785a8002a2aa5fa03b0e
a04406f2592e23e648bee499477f823da0c48362
6ba65121162b5b03e75501501ddaa928f73be8d1fe81c032a4879561de63ff58

HTTP Headers

GET /sb/interstitial/sweep/default/stories/1/img/close.svg HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 10 May 2024 16:59:41 GMT
content-type: image/svg+xml
last-modified: Fri, 19 Jan 2024 14:17:32 GMT
etag: W/"65aa847c-4ff"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 2155603
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=c568Ip9z8NR%2FJO7igZFioHK1RWh9WmCzQMPxW9xDcsB9RpkQDnYy28T8w%2B5rz27bxDe4W4D7ss%2BoYYtsa9%2F1NpNP6Q8EC32EIJY0IbAB5EEKJP9tor5A9EAB9Oub2DqlSkdcTV9Zw6dR"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 881b7b2f1a2c1c0e-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

fonts.googleapis.com/icon?family=Material+Icons

142.250.74.106

200 OK

565 B

URL GET HTTP/2
fonts.googleapis.com/icon?family=Material+Icons
IP
142.250.74.106:443
ASN
#15169 GOOGLE

Requested by
http://nguonchillb.com/nguoi-bat-tu-victor-vu-f30332.html
Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint36:49:20:36:0C:4D:DA:55:65:64:23:0F:49:3E:FA:78:87:35:A3:79
ValidityTue, 16 Apr 2024 04:17:12 GMT - Tue, 09 Jul 2024 04:17:11 GMT

File type
ASCII text, with very long lines (588), with no line terminators
Size
565 B (565 bytes)
Hash
959a533a3dc02649e0cc3f8f67d942af
34db49ff64aed8b51beaba5b9928ad504a4df335
24864ed3ee6fab66640980d4c24640e579e5583764a8ee8c4f09decf27977247

HTTP Headers

GET /icon?family=Material+Icons HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://nguonchillb.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Fri, 10 May 2024 16:59:38 GMT
date: Fri, 10 May 2024 16:59:38 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

niecesexhaustsilas.com/pixel/sbls?bv=24.6.6370&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Finterstitial%2Fsweep%2Fdefault%2Fstories%2F1%2Fcss%2Fanimate.css&l=78693&fd=361

172.240.253.132

200 OK

0 B

URL GET HTTP/1.1
niecesexhaustsilas.com/pixel/sbls?bv=24.6.6370&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Finterstitial%2Fsweep%2Fdefault%2Fstories%2F1%2Fcss%2Fanimate.css&l=78693&fd=361
IP
172.240.253.132:80
ASN
#7979 SERVERS-COM

Requested by
http://nguonchillb.com/nguoi-bat-tu-victor-vu-f30332.html

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /pixel/sbls?bv=24.6.6370&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Finterstitial%2Fsweep%2Fdefault%2Fstories%2F1%2Fcss%2Fanimate.css&l=78693&fd=361 HTTP/1.1
Host: niecesexhaustsilas.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://nguonchillb.com/
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Fri, 10 May 2024 16:59:41 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range

nguonchillb.com/themes/np/fonts/fontawesome-webfont.woff2?v=4.7.0

94.242.50.163

200 OK

77 kB

URL GET HTTP/1.1
nguonchillb.com/themes/np/fonts/fontawesome-webfont.woff2?v=4.7.0
IP
94.242.50.163:80
ASN
#43317 SIA VEESP

Requested by
http://nguonchillb.com/nguoi-bat-tu-victor-vu-f30332.html

File type
Web Open Font Format (Version 2), TrueType, length 77160, version 4.459
Size
77 kB (77160 bytes)
Hash
af7ae505a9eed503f8b8e6982036873e
d6f48cba7d076fb6f2fd6ba993a75b9dc1ecbf0c
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

HTTP Headers

GET /themes/np/fonts/fontawesome-webfont.woff2?v=4.7.0 HTTP/1.1
Host: nguonchillb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: http://nguonchillb.com/themes/np/css/color.css?v=np2.4.8.2
Cookie: PHPSESSID=dfhq2l5cl64v3rmsmej3uel2t2; us_session_id=P89924
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 10 May 2024 16:59:39 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.0.33
Last-Modified: Fri, 19 Jan 2018 09:14:59 GMT
Accept-Ranges: bytes
Content-Length: 77160
Cache-Control: max-age=2592000
Expires: Sun, 09 Jun 2024 16:59:39 GMT
X-UA-Compatible: IE=edge,chrome=1
Connection: close

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (30)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML