| nguonchillb.com/site/site/embed/?url=http://nguonchilla.com/thanh-vat-ca-sau-crocodile-dundee-f41307.html |  94.242.50.163 | | 0 B |
URL nguonchillb.com/site/site/embed/?url=http://nguonchilla.com/thanh-vat-ca-sau-crocodile-dundee-f41307.html IP94.242.50.163:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /site/site/embed/?url=http://nguonchilla.com/thanh-vat-ca-sau-crocodile-dundee-f41307.html HTTP/1.1
Host: nguonchillb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 301 Moved Permanently
Date: Tue, 16 Apr 2024 13:23:05 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.0.33
X-Powered-By: PHP/7.0.33
Set-Cookie: PHPSESSID=iocs9im8knfu73tp70cbhbq9g6; path=/
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Location: http://nguonchillb.com/site/site/embed/?url=http://nguonchilla.com/thanh-vat-ca-sau-crocodile-dundee-f41307.html
X-UA-Compatible: IE=edge,chrome=1
Content-Length: 0
Connection: close
Content-Type: text/html; charset=UTF-8
|
|
| nguonchillb.com/site/site/embed/?url=http://nguonchilla.com/thanh-vat-ca-sau-crocodile-dundee-f41307.html | 94.242.50.163 | | 729 B |
URL nguonchillb.com/site/site/embed/?url=http://nguonchilla.com/thanh-vat-ca-sau-crocodile-dundee-f41307.html IP94.242.50.163:0
File typeHTML document, Unicode text, UTF-8 text, with CRLF, LF line terminators Hash8aa5253a4a8c149616c2d11dfae3a8dd 6cefd8983d523963aa1f3bcc0527e17b0d93e0f2 548396db27485edecf0eb95e3d4fcde16cded3e3fe37486ad63d289b9570f8e2
GET /site/site/embed/?url=http://nguonchilla.com/thanh-vat-ca-sau-crocodile-dundee-f41307.html HTTP/1.1
Host: nguonchillb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Cookie: PHPSESSID=iocs9im8knfu73tp70cbhbq9g6
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 16 Apr 2024 13:23:05 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.0.33
X-Powered-By: PHP/7.0.33
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Set-Cookie: us_session_id=P1816; expires=Wed, 17-Apr-2024 13:23:05 GMT; Max-Age=86400; path=/
Vary: Accept-Encoding
Content-Encoding: gzip
X-UA-Compatible: IE=edge,chrome=1
Content-Length: 729
Connection: close
Content-Type: text/html; charset=UTF-8
|
|
| nguonchillb.com/assets/3bd14e95/jquery.min.js | 94.242.50.163 | 200 OK | 34 kB |
URL GET HTTP/1.1nguonchillb.com/assets/3bd14e95/jquery.min.js IP94.242.50.163:80
Requested byhttp://nguonchillb.com/thanh-vat-ca-sau-crocodile-dundee-f41307.html
File typeJavaScript source, ASCII text, with very long lines (32077) Hash0fca26b5a37a66d68d0f4406976be4b5 ee000eb654b3bd37185665d3901e93b34ce1aa52 8c2812ded6436715279f8fd8db58de307aa39ab0296fe3cf0e879067c51e9b18
GET /assets/3bd14e95/jquery.min.js HTTP/1.1
Host: nguonchillb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://nguonchillb.com/site/site/embed/?url=http://nguonchilla.com/thanh-vat-ca-sau-crocodile-dundee-f41307.html
Cookie: PHPSESSID=iocs9im8knfu73tp70cbhbq9g6; us_session_id=P1816
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 16 Apr 2024 13:23:06 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.0.33
Last-Modified: Wed, 30 Nov 2022 09:07:34 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: max-age=31536000, proxy-revalidate
Expires: Wed, 16 Apr 2025 13:23:06 GMT
Content-Length: 33693
Connection: close
Content-Type: application/javascript; charset=utf-8
|
|
| m3.nguonphim.net/media/images/1/favi/favicon-1498701606.png | 94.242.50.163 | 200 OK | 18 kB |
URL GET HTTP/1.1m3.nguonphim.net/media/images/1/favi/favicon-1498701606.png IP94.242.50.163:80
Requested byhttp://nguonchillb.com/thanh-vat-ca-sau-crocodile-dundee-f41307.html
File typePNG image data, 46 x 48, 8-bit/color RGBA, non-interlaced Hashe6f4a93efe2d93e885abcbb4cc09cd4a e4f94b9e95b40e30b215228316bb7f8c48d08ed2 93b7bbea433aa41f6efb860d3d9777d363f9e64fc1ad4186cd9ef525bbee9c94
GET /media/images/1/favi/favicon-1498701606.png HTTP/1.1
Host: m3.nguonphim.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://nguonchillb.com/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 16 Apr 2024 13:23:06 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.0.33
Last-Modified: Wed, 05 Jul 2017 04:14:59 GMT
ETag: "45d1-5538a3e52eb40"
Accept-Ranges: bytes
Content-Length: 17873
Cache-Control: max-age=5184000, public
Expires: Sat, 15 Jun 2024 13:23:06 GMT
Access-Control-Allow-Origin: *
Connection: close
Content-Type: image/png
|
|
| nguonchilla.com/thanh-vat-ca-sau-crocodile-dundee-f41307.html | 94.242.50.163 | 301 Moved Permanently | 4 B |
URL User Request GET HTTP/1.1nguonchilla.com/thanh-vat-ca-sau-crocodile-dundee-f41307.html IP94.242.50.163:443
CertificateIssuerLet's Encrypt Subjectnguonchilla.com FingerprintB8:4E:76:1B:BB:3D:79:0D:6A:15:F1:A0:AA:9D:F8:8C:22:04:95:2F ValidityFri, 15 Mar 2024 00:53:33 GMT - Thu, 13 Jun 2024 00:53:32 GMT
File typeASCII text, with no line terminators Hashf92965e2c8a7afb3c1b9a5c09a263636 e9b450d14bc2363d292c84f17cfad5cfbd58a458 11a6767d5674c7e45f7e00dc525762275b3a48491ad6045427d2609cc496c516
GET /thanh-vat-ca-sau-crocodile-dundee-f41307.html HTTP/1.1
Host: nguonchilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://nguonchillb.com/
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 302 Found
Date: Tue, 16 Apr 2024 13:23:07 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.0.33
X-Powered-By: PHP/7.0.33
Location: https://nguonchilla.com/site/site/embed/?url=https%3A%2F%2Fnguonchilla.com%2Fthanh-vat-ca-sau-crocodile-dundee-f41307.html
X-UA-Compatible: IE=edge,chrome=1
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Content-Length: 4
Connection: close
Content-Type: text/html; charset=UTF-8
|
|
| nguonchilla.com/site/site/embed/?url=https%3A%2F%2Fnguonchilla.com%2Fthanh-vat-ca-sau-crocodile-dundee-f41307.html | 94.242.50.163 | | 0 B |
URL nguonchilla.com/site/site/embed/?url=https%3A%2F%2Fnguonchilla.com%2Fthanh-vat-ca-sau-crocodile-dundee-f41307.html IP94.242.50.163:0
CertificateIssuerLet's Encrypt Subjectnguonchilla.com FingerprintB8:4E:76:1B:BB:3D:79:0D:6A:15:F1:A0:AA:9D:F8:8C:22:04:95:2F ValidityFri, 15 Mar 2024 00:53:33 GMT - Thu, 13 Jun 2024 00:53:32 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /site/site/embed/?url=https%3A%2F%2Fnguonchilla.com%2Fthanh-vat-ca-sau-crocodile-dundee-f41307.html HTTP/1.1
Host: nguonchilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://nguonchillb.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 301 Moved Permanently
Date: Tue, 16 Apr 2024 13:23:08 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.0.33
X-Powered-By: PHP/7.0.33
Set-Cookie: PHPSESSID=84sft025dsq4so3t97dat4dsk5; path=/
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Location: http://nguonchilla.com/site/site/embed/?url=https%3A%2F%2Fnguonchilla.com%2Fthanh-vat-ca-sau-crocodile-dundee-f41307.html
X-UA-Compatible: IE=edge,chrome=1
Content-Length: 0
Connection: close
Content-Type: text/html; charset=UTF-8
|
|
| nguonchilla.com/site/site/embed/?url=https%3A%2F%2Fnguonchilla.com%2Fthanh-vat-ca-sau-crocodile-dundee-f41307.html | 94.242.50.163 | | 0 B |
URL nguonchilla.com/site/site/embed/?url=https%3A%2F%2Fnguonchilla.com%2Fthanh-vat-ca-sau-crocodile-dundee-f41307.html IP94.242.50.163:0
CertificateIssuerLet's Encrypt Subjectnguonchilla.com FingerprintB8:4E:76:1B:BB:3D:79:0D:6A:15:F1:A0:AA:9D:F8:8C:22:04:95:2F ValidityFri, 15 Mar 2024 00:53:33 GMT - Thu, 13 Jun 2024 00:53:32 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /site/site/embed/?url=https%3A%2F%2Fnguonchilla.com%2Fthanh-vat-ca-sau-crocodile-dundee-f41307.html HTTP/1.1
Host: nguonchilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://nguonchillb.com/
DNT: 1
Connection: keep-alive
Cookie: PHPSESSID=84sft025dsq4so3t97dat4dsk5
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 301 Moved Permanently
Date: Tue, 16 Apr 2024 13:23:08 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.0.33
X-Powered-By: PHP/7.0.33
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Location: http://nguonchillb.com/site/site/embed/?url=https%3A%2F%2Fnguonchilla.com%2Fthanh-vat-ca-sau-crocodile-dundee-f41307.html
X-UA-Compatible: IE=edge,chrome=1
Content-Length: 0
Connection: close
Content-Type: text/html; charset=UTF-8
|
|
| nguonchillb.com/site/site/embed/?url=https%3A%2F%2Fnguonchilla.com%2Fthanh-vat-ca-sau-crocodile-dundee-f41307.html | 94.242.50.163 | | 751 B |
URL nguonchillb.com/site/site/embed/?url=https%3A%2F%2Fnguonchilla.com%2Fthanh-vat-ca-sau-crocodile-dundee-f41307.html IP94.242.50.163:0
File typeHTML document, Unicode text, UTF-8 text, with CRLF, LF line terminators Hashaeb82837d91911e25c65f33c524041c0 af47c2ac94a8d1b93c0b3b06857fdf09e717bbc6 ef242fae914648dbb8f704aafc62bc6c38c4de0c95fa0d364f5c4d12ec147c25
GET /site/site/embed/?url=https%3A%2F%2Fnguonchilla.com%2Fthanh-vat-ca-sau-crocodile-dundee-f41307.html HTTP/1.1
Host: nguonchillb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://nguonchillb.com/
DNT: 1
Connection: keep-alive
Cookie: PHPSESSID=iocs9im8knfu73tp70cbhbq9g6; us_session_id=P1816
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 16 Apr 2024 13:23:08 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.0.33
X-Powered-By: PHP/7.0.33
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: Accept-Encoding
Content-Encoding: gzip
X-UA-Compatible: IE=edge,chrome=1
Content-Length: 751
Connection: close
Content-Type: text/html; charset=UTF-8
|
|
| nguonchillb.com/assets/3bd14e95/jquery.min.js | 94.242.50.163 | 200 OK | 34 kB |
URL GET HTTP/1.1nguonchillb.com/assets/3bd14e95/jquery.min.js IP94.242.50.163:80
Requested byhttp://nguonchillb.com/thanh-vat-ca-sau-crocodile-dundee-f41307.html
File typeJavaScript source, ASCII text, with very long lines (32077) Hash0fca26b5a37a66d68d0f4406976be4b5 ee000eb654b3bd37185665d3901e93b34ce1aa52 8c2812ded6436715279f8fd8db58de307aa39ab0296fe3cf0e879067c51e9b18
GET /assets/3bd14e95/jquery.min.js HTTP/1.1
Host: nguonchillb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://nguonchillb.com/site/site/embed/?url=https%3A%2F%2Fnguonchilla.com%2Fthanh-vat-ca-sau-crocodile-dundee-f41307.html
Cookie: PHPSESSID=iocs9im8knfu73tp70cbhbq9g6; us_session_id=P1816
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 16 Apr 2024 13:23:08 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.0.33
Last-Modified: Wed, 30 Nov 2022 09:07:34 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: max-age=31536000, proxy-revalidate
Expires: Wed, 16 Apr 2025 13:23:08 GMT
Content-Length: 33693
Connection: close
Content-Type: application/javascript; charset=utf-8
|
|
| m3.nguonphim.net/media/images/1/favi/favicon-1498701606.png | 94.242.50.163 | 200 OK | 18 kB |
URL GET HTTP/1.1m3.nguonphim.net/media/images/1/favi/favicon-1498701606.png IP94.242.50.163:80
Requested byhttp://nguonchillb.com/thanh-vat-ca-sau-crocodile-dundee-f41307.html
File typePNG image data, 46 x 48, 8-bit/color RGBA, non-interlaced Hashe6f4a93efe2d93e885abcbb4cc09cd4a e4f94b9e95b40e30b215228316bb7f8c48d08ed2 93b7bbea433aa41f6efb860d3d9777d363f9e64fc1ad4186cd9ef525bbee9c94
GET /media/images/1/favi/favicon-1498701606.png HTTP/1.1
Host: m3.nguonphim.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://nguonchillb.com/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 16 Apr 2024 13:23:08 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.0.33
Last-Modified: Wed, 05 Jul 2017 04:14:59 GMT
ETag: "45d1-5538a3e52eb40"
Accept-Ranges: bytes
Content-Length: 17873
Cache-Control: max-age=5184000, public
Expires: Sat, 15 Jun 2024 13:23:08 GMT
Access-Control-Allow-Origin: *
Connection: close
Content-Type: image/png
|
|
| nguonchilla.com/thanh-vat-ca-sau-crocodile-dundee-f41307.html | 94.242.50.163 | 301 Moved Permanently | 0 B |
URL User Request GET HTTP/1.1nguonchilla.com/thanh-vat-ca-sau-crocodile-dundee-f41307.html IP94.242.50.163:443
CertificateIssuerLet's Encrypt Subjectnguonchilla.com FingerprintB8:4E:76:1B:BB:3D:79:0D:6A:15:F1:A0:AA:9D:F8:8C:22:04:95:2F ValidityFri, 15 Mar 2024 00:53:33 GMT - Thu, 13 Jun 2024 00:53:32 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /thanh-vat-ca-sau-crocodile-dundee-f41307.html HTTP/1.1
Host: nguonchilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://nguonchillb.com/
Cookie: PHPSESSID=84sft025dsq4so3t97dat4dsk5
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 301 Moved Permanently
Date: Tue, 16 Apr 2024 13:23:09 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.0.33
X-Powered-By: PHP/7.0.33
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Location: http://nguonchilla.com/thanh-vat-ca-sau-crocodile-dundee-f41307.html
X-UA-Compatible: IE=edge,chrome=1
Content-Length: 0
Connection: close
Content-Type: text/html; charset=UTF-8
|
|
| nguonchilla.com/thanh-vat-ca-sau-crocodile-dundee-f41307.html | 94.242.50.163 | 301 Moved Permanently | 0 B |
URL User Request GET HTTP/1.1nguonchilla.com/thanh-vat-ca-sau-crocodile-dundee-f41307.html IP94.242.50.163:443
CertificateIssuerLet's Encrypt Subjectnguonchilla.com FingerprintB8:4E:76:1B:BB:3D:79:0D:6A:15:F1:A0:AA:9D:F8:8C:22:04:95:2F ValidityFri, 15 Mar 2024 00:53:33 GMT - Thu, 13 Jun 2024 00:53:32 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /thanh-vat-ca-sau-crocodile-dundee-f41307.html HTTP/1.1
Host: nguonchilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://nguonchillb.com/
DNT: 1
Connection: keep-alive
Cookie: PHPSESSID=84sft025dsq4so3t97dat4dsk5
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 301 Moved Permanently
Date: Tue, 16 Apr 2024 13:23:09 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.0.33
X-Powered-By: PHP/7.0.33
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Location: http://nguonchillb.com/thanh-vat-ca-sau-crocodile-dundee-f41307.html
X-UA-Compatible: IE=edge,chrome=1
Content-Length: 0
Connection: close
Content-Type: text/html; charset=UTF-8
|
|
| nguonchillb.com/thanh-vat-ca-sau-crocodile-dundee-f41307.html | 94.242.50.163 | 200 OK | 0 B |
URL User Request GET HTTP/1.1nguonchillb.com/thanh-vat-ca-sau-crocodile-dundee-f41307.html IP94.242.50.163:80
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /thanh-vat-ca-sau-crocodile-dundee-f41307.html HTTP/1.1
Host: nguonchillb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://nguonchillb.com/
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Cookie: PHPSESSID=iocs9im8knfu73tp70cbhbq9g6; us_session_id=P1816
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 301 Moved Permanently
Date: Tue, 16 Apr 2024 13:23:09 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.0.33
X-Powered-By: PHP/7.0.33
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Location: http://nguonchillb.com/thanh-vat-ca-sau-crocodile-dundee-f41307.html
X-UA-Compatible: IE=edge,chrome=1
Content-Length: 0
Connection: close
Content-Type: text/html; charset=UTF-8
|
|
| nguonchillb.com/thanh-vat-ca-sau-crocodile-dundee-f41307.html | 94.242.50.163 | 200 OK | 16 kB |
URL User Request GET HTTP/1.1nguonchillb.com/thanh-vat-ca-sau-crocodile-dundee-f41307.html IP94.242.50.163:80
File typeHTML document, Unicode text, UTF-8 text, with very long lines (616), with CRLF, LF line terminators Hash77c394485bc94e9e616a4a2d1d7a1ca8 1673734f03d5fdc12c99f36862f4b665ab302451 d94eeede7ffb72048886d2a0d1ad1c570a37924a71536c78154444946f7f2eb4
GET /thanh-vat-ca-sau-crocodile-dundee-f41307.html HTTP/1.1
Host: nguonchillb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://nguonchillb.com/
DNT: 1
Connection: keep-alive
Cookie: PHPSESSID=iocs9im8knfu73tp70cbhbq9g6; us_session_id=P1816
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 16 Apr 2024 13:23:09 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.0.33
X-Powered-By: PHP/7.0.33
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: Accept-Encoding
Content-Encoding: gzip
X-UA-Compatible: IE=edge,chrome=1
Content-Length: 16176
Connection: close
Content-Type: text/html; charset=UTF-8
|
|
| nguonchillb.com/themes/np/js/bootstrap.min.js | 94.242.50.163 | 200 OK | 9.7 kB |
URL GET HTTP/1.1nguonchillb.com/themes/np/js/bootstrap.min.js IP94.242.50.163:80
Requested byhttp://nguonchillb.com/thanh-vat-ca-sau-crocodile-dundee-f41307.html
File typeJavaScript source, ASCII text, with very long lines (32034), with CRLF line terminators Hashe7d9a06cf9053c51cd4ad3386da0659a e45bf1054704a1fdfc4ee2713a16bf9283dea995 9a3724b2051a82064c923cbd68343dcb04014adac3ccb8c4d8ac6a31ba2e12cd
GET /themes/np/js/bootstrap.min.js HTTP/1.1
Host: nguonchillb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://nguonchillb.com/thanh-vat-ca-sau-crocodile-dundee-f41307.html
Cookie: PHPSESSID=iocs9im8knfu73tp70cbhbq9g6; us_session_id=P1816
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 16 Apr 2024 13:23:10 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.0.33
Last-Modified: Fri, 19 Jan 2018 09:15:02 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: max-age=31536000, proxy-revalidate
Expires: Wed, 16 Apr 2025 13:23:10 GMT
Content-Length: 9726
Connection: close
Content-Type: application/javascript; charset=utf-8
|
|
| nguonchillb.com/assets/3bd14e95/jquery.min.js | 94.242.50.163 | 200 OK | 34 kB |
URL GET HTTP/1.1nguonchillb.com/assets/3bd14e95/jquery.min.js IP94.242.50.163:80
Requested byhttp://nguonchillb.com/thanh-vat-ca-sau-crocodile-dundee-f41307.html
File typeJavaScript source, ASCII text, with very long lines (32077) Hash0fca26b5a37a66d68d0f4406976be4b5 ee000eb654b3bd37185665d3901e93b34ce1aa52 8c2812ded6436715279f8fd8db58de307aa39ab0296fe3cf0e879067c51e9b18
GET /assets/3bd14e95/jquery.min.js HTTP/1.1
Host: nguonchillb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://nguonchillb.com/thanh-vat-ca-sau-crocodile-dundee-f41307.html
Cookie: PHPSESSID=iocs9im8knfu73tp70cbhbq9g6; us_session_id=P1816
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 16 Apr 2024 13:23:10 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.0.33
Last-Modified: Wed, 30 Nov 2022 09:07:34 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: max-age=31536000, proxy-revalidate
Expires: Wed, 16 Apr 2025 13:23:10 GMT
Content-Length: 33693
Connection: close
Content-Type: application/javascript; charset=utf-8
|
|
| nguonchillb.com/themes/np/js/owl.carousel.min.js | 94.242.50.163 | 200 OK | 6.5 kB |
URL GET HTTP/1.1nguonchillb.com/themes/np/js/owl.carousel.min.js IP94.242.50.163:80
Requested byhttp://nguonchillb.com/thanh-vat-ca-sau-crocodile-dundee-f41307.html
File typeJavaScript source, ASCII text, with very long lines (635), with CRLF line terminators Hash8c52f27fcac36c7667f8fb846e1e94d5 e5862559db659ffd530c91452d668c5e7b3f0f2d 6c1e31700f68d1666de6b0992e89d413434707718bf729a472404029845bdbad
GET /themes/np/js/owl.carousel.min.js HTTP/1.1
Host: nguonchillb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://nguonchillb.com/thanh-vat-ca-sau-crocodile-dundee-f41307.html
Cookie: PHPSESSID=iocs9im8knfu73tp70cbhbq9g6; us_session_id=P1816
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 16 Apr 2024 13:23:10 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.0.33
Last-Modified: Fri, 19 Jan 2018 09:15:03 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: max-age=31536000, proxy-revalidate
Expires: Wed, 16 Apr 2025 13:23:10 GMT
Content-Length: 6464
Connection: close
Content-Type: application/javascript; charset=utf-8
|
|
| nguonchillb.com/themes/np/js/wow.min.js | 94.242.50.163 | 200 OK | 2.7 kB |
URL GET HTTP/1.1nguonchillb.com/themes/np/js/wow.min.js IP94.242.50.163:80
Requested byhttp://nguonchillb.com/thanh-vat-ca-sau-crocodile-dundee-f41307.html
File typeJavaScript source, ASCII text, with very long lines (8385), with CRLF line terminators Hashe1f1ff6897992a9165e8ce009b4039e3 e297207404fea99863aea60a1dcd3770f8ecddee 37461d9b50fd93b2e6d064c4aa48cbc16d5b1e82c27f47270b87a39225cc00ac
GET /themes/np/js/wow.min.js HTTP/1.1
Host: nguonchillb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://nguonchillb.com/thanh-vat-ca-sau-crocodile-dundee-f41307.html
Cookie: PHPSESSID=iocs9im8knfu73tp70cbhbq9g6; us_session_id=P1816
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 16 Apr 2024 13:23:10 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.0.33
Last-Modified: Fri, 19 Jan 2018 09:15:03 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: max-age=31536000, proxy-revalidate
Expires: Wed, 16 Apr 2025 13:23:10 GMT
Content-Length: 2742
Connection: close
Content-Type: application/javascript; charset=utf-8
|
|
| nguonchillb.com/themes/np/js/jquery.nice-select.js | 94.242.50.163 | 200 OK | 1.5 kB |
URL GET HTTP/1.1nguonchillb.com/themes/np/js/jquery.nice-select.js IP94.242.50.163:80
Requested byhttp://nguonchillb.com/thanh-vat-ca-sau-crocodile-dundee-f41307.html
File typeJavaScript source, Unicode text, UTF-8 text, with CRLF line terminators Hash723e741faba72abfb0e56b6e0f8a73d8 ba71788614e8e11dbeeebdcac9037b57e7a69ce4 39f6514264e1603542b6aa38ba44c3be0aa7bbdef56ed139d74fe75e24e642fa
GET /themes/np/js/jquery.nice-select.js HTTP/1.1
Host: nguonchillb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://nguonchillb.com/thanh-vat-ca-sau-crocodile-dundee-f41307.html
Cookie: PHPSESSID=iocs9im8knfu73tp70cbhbq9g6; us_session_id=P1816
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 16 Apr 2024 13:23:10 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.0.33
Last-Modified: Fri, 19 Jan 2018 09:15:03 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: max-age=31536000, proxy-revalidate
Expires: Wed, 16 Apr 2025 13:23:10 GMT
Content-Length: 1538
Connection: close
Content-Type: application/javascript; charset=utf-8
|
|
| nguonchillb.com/themes/np/css/color.css?v=np2.4.8.2 | 94.242.50.163 | 200 OK | 80 kB |
URL GET HTTP/1.1nguonchillb.com/themes/np/css/color.css?v=np2.4.8.2 IP94.242.50.163:80
Requested byhttp://nguonchillb.com/thanh-vat-ca-sau-crocodile-dundee-f41307.html
File typeUnicode text, UTF-8 (with BOM) text, with very long lines (65533), with no line terminators Hash9ccfae82c1f9be3cf7c148a39228f53c 9abd7857d28f34c5007b11ee53d2818482775163 d962cf8c297e2b013c20dadac3f99d1af50957de8e1d1de8b4ea960fbd6fd7b6
GET /themes/np/css/color.css?v=np2.4.8.2 HTTP/1.1
Host: nguonchillb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://nguonchillb.com/thanh-vat-ca-sau-crocodile-dundee-f41307.html
Cookie: PHPSESSID=iocs9im8knfu73tp70cbhbq9g6; us_session_id=P1816
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 16 Apr 2024 13:23:10 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.0.33
Last-Modified: Wed, 30 Nov 2022 08:58:35 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: max-age=31536000, proxy-revalidate
Expires: Wed, 16 Apr 2025 13:23:10 GMT
Connection: close
Transfer-Encoding: chunked
Content-Type: text/css; charset=utf-8
|
|
| nguonchillb.com/themes/np/js/jquery.magnific-popup.min.js | 94.242.50.163 | 200 OK | 7.3 kB |
URL GET HTTP/1.1nguonchillb.com/themes/np/js/jquery.magnific-popup.min.js IP94.242.50.163:80
Requested byhttp://nguonchillb.com/thanh-vat-ca-sau-crocodile-dundee-f41307.html
File typeJavaScript source, ASCII text, with very long lines (20087), with CRLF line terminators Hashb37d7edf99565d3858eaa1ad80df3cff 786a4343711e9af5e5dfcc493e7d2331b48875bb b0a45cd5aed66e27bd8ee861d0e3b782c8e79849bde32f90f078b9f2451a36f2
GET /themes/np/js/jquery.magnific-popup.min.js HTTP/1.1
Host: nguonchillb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://nguonchillb.com/thanh-vat-ca-sau-crocodile-dundee-f41307.html
Cookie: PHPSESSID=iocs9im8knfu73tp70cbhbq9g6; us_session_id=P1816
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 16 Apr 2024 13:23:10 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.0.33
Last-Modified: Fri, 19 Jan 2018 09:15:03 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: max-age=31536000, proxy-revalidate
Expires: Wed, 16 Apr 2025 13:23:10 GMT
Content-Length: 7346
Connection: close
Content-Type: application/javascript; charset=utf-8
|
|
| nguonchillb.com/themes/np/js/jquery.showmore.src.js | 94.242.50.163 | 200 OK | 434 B |
URL GET HTTP/1.1nguonchillb.com/themes/np/js/jquery.showmore.src.js IP94.242.50.163:80
Requested byhttp://nguonchillb.com/thanh-vat-ca-sau-crocodile-dundee-f41307.html
File typeJavaScript source, ASCII text, with very long lines (432) Hashf67d16dc855157012280d1b8d2d0ac55 4eaa66120111bb8cb4c21884c647bf609ef3a7a5 89a7b91f92a0583bcfabc3dc0347bfb78822ebe75d229fb766ae2fdc6e7e0d28
GET /themes/np/js/jquery.showmore.src.js HTTP/1.1
Host: nguonchillb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://nguonchillb.com/thanh-vat-ca-sau-crocodile-dundee-f41307.html
Cookie: PHPSESSID=iocs9im8knfu73tp70cbhbq9g6; us_session_id=P1816
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 16 Apr 2024 13:23:10 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.0.33
Last-Modified: Fri, 19 Jan 2018 09:15:03 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: max-age=31536000, proxy-revalidate
Expires: Wed, 16 Apr 2025 13:23:10 GMT
Content-Length: 434
Connection: close
Content-Type: application/javascript; charset=utf-8
|
|
| nguonchillb.com/js/main.min.js?v=2.4.8.2 | 94.242.50.163 | 200 OK | 5.6 kB |
URL GET HTTP/1.1nguonchillb.com/js/main.min.js?v=2.4.8.2 IP94.242.50.163:80
Requested byhttp://nguonchillb.com/thanh-vat-ca-sau-crocodile-dundee-f41307.html
File typeJavaScript source, Unicode text, UTF-8 text, with very long lines (17159) Hash2f3514d630f0195787c0f99778202f3c 2ce2883a59c655b8e02d644a1449fcdfdf604486 23b47b8eb144a359fdd87940db44e0420e7e0062f3cbba762e0e22c35afb3749
GET /js/main.min.js?v=2.4.8.2 HTTP/1.1
Host: nguonchillb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://nguonchillb.com/thanh-vat-ca-sau-crocodile-dundee-f41307.html
Cookie: PHPSESSID=iocs9im8knfu73tp70cbhbq9g6; us_session_id=P1816
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 16 Apr 2024 13:23:10 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.0.33
Last-Modified: Sat, 02 May 2020 19:55:57 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: max-age=31536000, proxy-revalidate
Expires: Wed, 16 Apr 2025 13:23:10 GMT
Content-Length: 5620
Connection: close
Content-Type: application/javascript; charset=utf-8
|
|
| www.googletagmanager.com/gtag/js?id=UA-228470674-1 |  142.250.74.168 | 200 OK | 74 kB |
URL GET HTTP/2www.googletagmanager.com/gtag/js?id=UA-228470674-1 IP142.250.74.168:443
Requested byhttp://nguonchillb.com/thanh-vat-ca-sau-crocodile-dundee-f41307.html CertificateIssuerGoogle Trust Services LLC Subject*.google-analytics.com FingerprintBF:40:8C:8B:CB:69:1E:3F:E2:3B:B7:8A:8E:C0:D6:98:5F:81:FA:2D ValidityMon, 04 Mar 2024 06:35:45 GMT - Mon, 27 May 2024 06:35:44 GMT
File typeJavaScript source, ASCII text, with very long lines (4179) Hash127b2d446d82a7825ef60aa5b3751856 0eb36ff9b2b5bee1b9e2493b8f7e403625cc9d6b 2e4f4656f54ac63cd49d9622b8f8a55fa8f2ea16b00d04dd63dda0e02bc10008
GET /gtag/js?id=UA-228470674-1 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://nguonchillb.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Tue, 16 Apr 2024 13:23:10 GMT
expires: Tue, 16 Apr 2024 13:23:10 GMT
cache-control: private, max-age=900
last-modified: Tue, 16 Apr 2024 12:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 73696
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| m3.nguonphim.net/media/images/4/logo.png | 94.242.50.163 | 200 OK | 16 kB |
URL GET HTTP/1.1m3.nguonphim.net/media/images/4/logo.png IP94.242.50.163:80
Requested byhttp://nguonchillb.com/thanh-vat-ca-sau-crocodile-dundee-f41307.html
File typePNG image data, 280 x 94, 8-bit/color RGBA, non-interlaced Hash6e12d870d9aebf2230f92a6fb0abf91e f84aa519902c97d5581e123a977a964b107b5b39 de47df21115fcf985a37917e6681dc8648566a7807769e414f52a59f3033ee5a
GET /media/images/4/logo.png HTTP/1.1
Host: m3.nguonphim.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://nguonchillb.com/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 16 Apr 2024 13:23:10 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.0.33
Last-Modified: Thu, 04 May 2023 04:11:49 GMT
ETag: "3d50-5fad65f19af8d"
Accept-Ranges: bytes
Content-Length: 15696
Cache-Control: max-age=5184000, public
Expires: Sat, 15 Jun 2024 13:23:10 GMT
Access-Control-Allow-Origin: *
Connection: close
Content-Type: image/png
|
|
| m3.nguonhay.com/media/images/film/oph/s350_700/lyle-chu-ca-sau-biet-hat-1668002484.jpg | 94.242.50.163 | 200 OK | 61 kB |
URL GET HTTP/1.1m3.nguonhay.com/media/images/film/oph/s350_700/lyle-chu-ca-sau-biet-hat-1668002484.jpg IP94.242.50.163:80
Requested byhttp://nguonchillb.com/thanh-vat-ca-sau-crocodile-dundee-f41307.html
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 350x525, components 3 Hash4b2ab1668e01371268e884069d21c7d1 568dfb4bb9040c94474ec364ad4bd1d618a905a2 049a4642c4913a52be84bc14c188d0fedc18d4434154494fb5ffd2bbc1b4281c
GET /media/images/film/oph/s350_700/lyle-chu-ca-sau-biet-hat-1668002484.jpg HTTP/1.1
Host: m3.nguonhay.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://nguonchillb.com/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 16 Apr 2024 13:23:10 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.0.33
Last-Modified: Wed, 09 Nov 2022 15:20:55 GMT
ETag: "efd2-5ed0b33ef7a6d"
Accept-Ranges: bytes
Content-Length: 61394
Cache-Control: max-age=5184000, public
Expires: Sat, 15 Jun 2024 13:23:10 GMT
Access-Control-Allow-Origin: *
Connection: close
Content-Type: image/jpeg
|
|
| m3.nguonhay.com/media/images/film/pol/s350_700/dao-ca-sau-1587366949.jpg | 94.242.50.163 | 200 OK | 74 kB |
URL GET HTTP/1.1m3.nguonhay.com/media/images/film/pol/s350_700/dao-ca-sau-1587366949.jpg IP94.242.50.163:80
Requested byhttp://nguonchillb.com/thanh-vat-ca-sau-crocodile-dundee-f41307.html
File typeJPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, progressive, precision 8, 300x426, components 3 Hash559a32977c03d41aec587dd09fe6d843 33d2dcb4868d167c26eb190dd45d2e5ff26a11fd d1901599fe05e8635911c65814de478dd4e810761e28ddef0296eb5fbe025a2c
GET /media/images/film/pol/s350_700/dao-ca-sau-1587366949.jpg HTTP/1.1
Host: m3.nguonhay.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://nguonchillb.com/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 16 Apr 2024 13:23:10 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.0.33
Last-Modified: Thu, 11 Jun 2020 15:13:24 GMT
ETag: "12222-5a7d066e69614"
Accept-Ranges: bytes
Content-Length: 74274
Cache-Control: max-age=5184000, public
Expires: Sat, 15 Jun 2024 13:23:10 GMT
Access-Control-Allow-Origin: *
Connection: close
Content-Type: image/jpeg
|
|
| m3.nguonhay.com/media/images/film/bio/s350_700/chim-boi-ca-1665899828.jpg | 94.242.50.163 | 200 OK | 87 kB |
URL GET HTTP/1.1m3.nguonhay.com/media/images/film/bio/s350_700/chim-boi-ca-1665899828.jpg IP94.242.50.163:80
Requested byhttp://nguonchillb.com/thanh-vat-ca-sau-crocodile-dundee-f41307.html
File typeJPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, progressive, precision 8, 350x438, components 3 Hashcdb099f8426bd971ac65260f52a7c035 549e05f3215272e4a12832eaf94504d694383bec e46c8ded7ae8965e2881e946441d5a65cfb6937e9f97d1351c70658c5818ba88
GET /media/images/film/bio/s350_700/chim-boi-ca-1665899828.jpg HTTP/1.1
Host: m3.nguonhay.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://nguonchillb.com/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 16 Apr 2024 13:23:10 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.0.33
Last-Modified: Mon, 24 Oct 2022 16:27:41 GMT
ETag: "15256-5ebca453fbe31"
Accept-Ranges: bytes
Content-Length: 86614
Cache-Control: max-age=5184000, public
Expires: Sat, 15 Jun 2024 13:23:10 GMT
Access-Control-Allow-Origin: *
Connection: close
Content-Type: image/jpeg
|
|
| m3.nguonhay.com/media/images/film/newcover/2022/12/s350_700/ca-sau-khong-lo-2-mega-crocodile-2-1670431872.jpg | 94.242.50.163 | 200 OK | 104 kB |
URL GET HTTP/1.1m3.nguonhay.com/media/images/film/newcover/2022/12/s350_700/ca-sau-khong-lo-2-mega-crocodile-2-1670431872.jpg IP94.242.50.163:80
Requested byhttp://nguonchillb.com/thanh-vat-ca-sau-crocodile-dundee-f41307.html
File typeJPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, progressive, precision 8, 350x525, components 3 Size104 kB (104029 bytes) Hash2d7a6d8f1bd6780cb7fe5b1184bab377 da3e6e6b8fef84201ef21776e39ae21e54179c89 98a1b51e1ae639b650bfd4c824768c123d01d4f9e6841f30912faeef54699195
GET /media/images/film/newcover/2022/12/s350_700/ca-sau-khong-lo-2-mega-crocodile-2-1670431872.jpg HTTP/1.1
Host: m3.nguonhay.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://nguonchillb.com/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 16 Apr 2024 13:23:10 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.0.33
Last-Modified: Wed, 07 Dec 2022 16:51:14 GMT
ETag: "1965d-5ef3fba78caf0"
Accept-Ranges: bytes
Content-Length: 104029
Cache-Control: max-age=5184000, public
Expires: Sat, 15 Jun 2024 13:23:10 GMT
Access-Control-Allow-Origin: *
Connection: close
Content-Type: image/jpeg
|
|
| nguonchillb.com/images/headshot-placeholder.png | 94.242.50.163 | 200 OK | 3.4 kB |
URL GET HTTP/1.1nguonchillb.com/images/headshot-placeholder.png IP94.242.50.163:80
Requested byhttp://nguonchillb.com/thanh-vat-ca-sau-crocodile-dundee-f41307.html
File typePNG image data, 252 x 345, 8-bit/color RGB, non-interlaced Hash25fa9ab09a307f1332ebaf0e5b59e033 060f94c03f4f1d34cc99de9f86f335a5a2abaaed e721eaf6440c791758ba62c1dc1e5dc2be909264b658afd34b6cc3ca3de9287d
GET /images/headshot-placeholder.png HTTP/1.1
Host: nguonchillb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://nguonchillb.com/thanh-vat-ca-sau-crocodile-dundee-f41307.html
Cookie: PHPSESSID=iocs9im8knfu73tp70cbhbq9g6; us_session_id=P1816
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 16 Apr 2024 13:23:10 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.0.33
Last-Modified: Thu, 04 Jan 2018 07:48:49 GMT
Accept-Ranges: bytes
Content-Length: 3412
Cache-Control: max-age=2592000, public
Expires: Thu, 16 May 2024 13:23:10 GMT
Connection: close
Content-Type: image/png
|
|
| m3.nguonhay.com/media/images/qrcode/41307.png | 94.242.50.163 | 200 OK | 585 B |
URL GET HTTP/1.1m3.nguonhay.com/media/images/qrcode/41307.png IP94.242.50.163:80
Requested byhttp://nguonchillb.com/thanh-vat-ca-sau-crocodile-dundee-f41307.html
File typePNG image data, 390 x 390, 1-bit colormap, non-interlaced Hash6f2512dfc6cee47ff29f81ed6081333a b9bf491261e26a0704749f92579fd724d8d3bf97 e629408e0829a875afbba16710c1ee23cd739276fee7cd060c688252a3961d53
GET /media/images/qrcode/41307.png HTTP/1.1
Host: m3.nguonhay.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://nguonchillb.com/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 16 Apr 2024 13:23:10 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.0.33
Last-Modified: Mon, 29 Mar 2021 01:19:02 GMT
ETag: "249-5bea2aac5aff2"
Accept-Ranges: bytes
Content-Length: 585
Cache-Control: max-age=5184000, public
Expires: Sat, 15 Jun 2024 13:23:10 GMT
Access-Control-Allow-Origin: *
Connection: close
Content-Type: image/png
|
|
| chokedsmelt.com/5b/28/bb/5b28bb3338748187b2166508de2d96b3.js | 192.243.59.13 | 200 OK | 16 kB |
URL GET HTTP/1.1chokedsmelt.com/5b/28/bb/5b28bb3338748187b2166508de2d96b3.js IP192.243.59.13:80 ASN#39572 DataWeb Global Group B.V.
Requested byhttp://nguonchillb.com/thanh-vat-ca-sau-crocodile-dundee-f41307.html
File typeJavaScript source, ASCII text, with very long lines (44139), with no line terminators Hashf86da52918926e8d5e65198181fa331b f594fc7df49e2850ee3a11a6c556d030988b7934 fb9d814b3e5058f29e4220aa9e9945a95ad0887a9238ab370c0f7d8a57999507
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /5b/28/bb/5b28bb3338748187b2166508de2d96b3.js HTTP/1.1
Host: chokedsmelt.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://nguonchillb.com/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Tue, 16 Apr 2024 13:23:10 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 50d860b365c23b0795e0b5b190532ca6
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
|
|
| www.googletagmanager.com/gtag/js?id=G-3RRF2WKVFP&l=dataLayer&cx=c | 142.250.74.168 | 200 OK | 87 kB |
URL GET HTTP/2www.googletagmanager.com/gtag/js?id=G-3RRF2WKVFP&l=dataLayer&cx=c IP142.250.74.168:443
Requested byhttp://nguonchillb.com/thanh-vat-ca-sau-crocodile-dundee-f41307.html CertificateIssuerGoogle Trust Services LLC Subject*.google-analytics.com FingerprintBF:40:8C:8B:CB:69:1E:3F:E2:3B:B7:8A:8E:C0:D6:98:5F:81:FA:2D ValidityMon, 04 Mar 2024 06:35:45 GMT - Mon, 27 May 2024 06:35:44 GMT
File typeJavaScript source, ASCII text, with very long lines (4179) Hashe184771ec1b117f33bb8f3223d445e52 f3dbf33bf4f08dbaafac8cdc34d977db6f55b7ac b2daba96a4c2798cb4b7c0d62dc763d0c4490ee7bd47b77f7a04f795732ce2d9
GET /gtag/js?id=G-3RRF2WKVFP&l=dataLayer&cx=c HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://nguonchillb.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Tue, 16 Apr 2024 13:23:10 GMT
expires: Tue, 16 Apr 2024 13:23:10 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 87121
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| nguontv.com/media/vn02.jpg | 94.242.50.163 | 200 OK | 52 kB |
URL GET HTTP/1.1nguontv.com/media/vn02.jpg IP94.242.50.163:80
Requested byhttp://nguonchillb.com/thanh-vat-ca-sau-crocodile-dundee-f41307.html
File typeJPEG image data, progressive, precision 8, 400x300, components 3 Hashdfa57a5b5804336f78b1fc7ab5d0346d 832189153c9a5f23293da826eed7867e7e3836f4 b1c09b4d08344c3d7c5367f0c821bda7195ddd7a8c169febb04f9960142c5517
GET /media/vn02.jpg HTTP/1.1
Host: nguontv.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://nguonchillb.com/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 16 Apr 2024 13:23:10 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.0.33
Last-Modified: Tue, 02 Jan 2024 07:37:13 GMT
Accept-Ranges: bytes
Content-Length: 51852
Cache-Control: max-age=2592000
Expires: Thu, 16 May 2024 13:23:10 GMT
Connection: close
Content-Type: image/jpeg
|
|
| m3.nguonhay.com/media/images/film/ff/s350_700/van-gioi-doc-ton-1618772358.jpg | 94.242.50.163 | 200 OK | 41 kB |
URL GET HTTP/1.1m3.nguonhay.com/media/images/film/ff/s350_700/van-gioi-doc-ton-1618772358.jpg IP94.242.50.163:80
Requested byhttp://nguonchillb.com/thanh-vat-ca-sau-crocodile-dundee-f41307.html
File typeJPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, progressive, precision 8, 238x344, components 3 Hash8091041d69926e839902891831a9de78 e52932c8c944335a27363acefac27bf5be99780c 7348a57c603b9ab830af894eb6dcc70e545aa78850aa73fc9c8559f78358d5da
GET /media/images/film/ff/s350_700/van-gioi-doc-ton-1618772358.jpg HTTP/1.1
Host: m3.nguonhay.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://nguonchillb.com/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 16 Apr 2024 13:23:10 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.0.33
Last-Modified: Sun, 18 Apr 2021 18:59:23 GMT
ETag: "a135-5c043cfb0f712"
Accept-Ranges: bytes
Content-Length: 41269
Cache-Control: max-age=5184000, public
Expires: Sat, 15 Jun 2024 13:23:10 GMT
Access-Control-Allow-Origin: *
Connection: close
Content-Type: image/jpeg
|
|
| m3.nguonhay.com/media/images/film/vp/s350_700/thanh-vat-ca-sau-2-1589918201.jpg | 94.242.50.163 | 200 OK | 52 kB |
URL GET HTTP/1.1m3.nguonhay.com/media/images/film/vp/s350_700/thanh-vat-ca-sau-2-1589918201.jpg IP94.242.50.163:80
Requested byhttp://nguonchillb.com/thanh-vat-ca-sau-crocodile-dundee-f41307.html
File typeJPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, progressive, precision 8, 320x474, components 3 Hash84aee2b1c098c3a351e057721b441277 16cd47134860c6fc0e6243d0ea782017f17c20aa 5380a70c89fa4ccb7e937f1e3097d3574859108fbc4bbb441bb7edb2975e9a38
GET /media/images/film/vp/s350_700/thanh-vat-ca-sau-2-1589918201.jpg HTTP/1.1
Host: m3.nguonhay.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://nguonchillb.com/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 16 Apr 2024 13:23:10 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.0.33
Last-Modified: Thu, 11 Jun 2020 15:05:52 GMT
ETag: "c98e-5a7d04be9af65"
Accept-Ranges: bytes
Content-Length: 51598
Cache-Control: max-age=5184000, public
Expires: Sat, 15 Jun 2024 13:23:10 GMT
Access-Control-Allow-Origin: *
Connection: close
Content-Type: image/jpeg
|
|
| m3.nguonhay.com/media/images/film/pol/s350_700/vo-than-chua-te-1583765005.jpg | 94.242.50.163 | 200 OK | 70 kB |
URL GET HTTP/1.1m3.nguonhay.com/media/images/film/pol/s350_700/vo-than-chua-te-1583765005.jpg IP94.242.50.163:80
Requested byhttp://nguonchillb.com/thanh-vat-ca-sau-crocodile-dundee-f41307.html
File typeJPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, progressive, precision 8, 300x426, components 3 Hashfabd25bf58c53cf84b93d09b16a5dab1 44d008211bf7a481cb35b3187b825f54e7c9631c 06138ff6cdd143a248a3b31bbcb4e88ee295c0d11a987a60b9f0c4043fee79e0
GET /media/images/film/pol/s350_700/vo-than-chua-te-1583765005.jpg HTTP/1.1
Host: m3.nguonhay.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://nguonchillb.com/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 16 Apr 2024 13:23:10 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.0.33
Last-Modified: Fri, 12 Jun 2020 07:03:11 GMT
ETag: "112e1-5a7ddab8b8f40"
Accept-Ranges: bytes
Content-Length: 70369
Cache-Control: max-age=5184000, public
Expires: Sat, 15 Jun 2024 13:23:10 GMT
Access-Control-Allow-Origin: *
Connection: close
Content-Type: image/jpeg
|
|
| m3.nguonhay.com/media/images/film/oph/s350_700/dau-la-dai-luc-2-tuyet-the-duong-mon-1687591991.jpg | 94.242.50.163 | 200 OK | 114 kB |
URL GET HTTP/1.1m3.nguonhay.com/media/images/film/oph/s350_700/dau-la-dai-luc-2-tuyet-the-duong-mon-1687591991.jpg IP94.242.50.163:80
Requested byhttp://nguonchillb.com/thanh-vat-ca-sau-crocodile-dundee-f41307.html
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 350x491, components 3 Size114 kB (113813 bytes) Hash328444b1578b88e44b0be954a812b457 f2fc2f4e0092cd260b42728b2a9a68d3232d2e25 379649087bbdf853045ccb1e73fdb9012ad0274a2a080601fcb9285e47a48372
GET /media/images/film/oph/s350_700/dau-la-dai-luc-2-tuyet-the-duong-mon-1687591991.jpg HTTP/1.1
Host: m3.nguonhay.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://nguonchillb.com/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 16 Apr 2024 13:23:10 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.0.33
Last-Modified: Sun, 25 Jun 2023 08:17:21 GMT
ETag: "1bc95-5feefdcf55eed"
Accept-Ranges: bytes
Content-Length: 113813
Cache-Control: max-age=5184000, public
Expires: Sat, 15 Jun 2024 13:23:10 GMT
Access-Control-Allow-Origin: *
Connection: close
Content-Type: image/jpeg
|
|
| m3.nguonhay.com/media/images/film/newcover/2021/6/s350_700/vua-hai-tac-1624252456.jpg | 94.242.50.163 | 200 OK | 102 kB |
URL GET HTTP/1.1m3.nguonhay.com/media/images/film/newcover/2021/6/s350_700/vua-hai-tac-1624252456.jpg IP94.242.50.163:80
Requested byhttp://nguonchillb.com/thanh-vat-ca-sau-crocodile-dundee-f41307.html
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 350x525, components 3 Size102 kB (102471 bytes) Hashf3b3235be303bcdd8806ee587f879d0a c5cfc2f2b686184a9bb5d8495268fb62e685d17c f365d987c622865d1bac410f3814dabce383d1dd2d961f00aafaf256b251c42e
GET /media/images/film/newcover/2021/6/s350_700/vua-hai-tac-1624252456.jpg HTTP/1.1
Host: m3.nguonhay.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://nguonchillb.com/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 16 Apr 2024 13:23:10 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.0.33
Last-Modified: Mon, 21 Jun 2021 05:14:17 GMT
ETag: "19047-5c53fbebf16b6"
Accept-Ranges: bytes
Content-Length: 102471
Cache-Control: max-age=5184000, public
Expires: Sat, 15 Jun 2024 13:23:10 GMT
Access-Control-Allow-Origin: *
Connection: close
Content-Type: image/jpeg
|
|
| downstairsnegotiatebarren.com/sfp.js |  104.21.35.227 | 200 OK | 167 B |
URL GET HTTP/2downstairsnegotiatebarren.com/sfp.js IP104.21.35.227:443
Requested byhttp://nguonchillb.com/thanh-vat-ca-sau-crocodile-dundee-f41307.html CertificateIssuerLet's Encrypt Subjectdownstairsnegotiatebarren.com Fingerprint2C:6A:E1:8E:26:5B:1D:8B:86:CB:C1:72:4E:52:4B:8B:67:3A:D2:44 ValidityMon, 04 Mar 2024 21:53:07 GMT - Sun, 02 Jun 2024 21:53:06 GMT
File typeHTML document, ASCII text, with CRLF line terminators Hash0104c301c5e02bd6148b8703d19b3a73 7436e0b4b1f8c222c38069890b75fa2baf9ca620 446a6087825fa73eadb045e5a2e9e2adf7df241b571228187728191d961dda1f
GET /sfp.js HTTP/1.1
Host: downstairsnegotiatebarren.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://nguonchillb.com/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 301 Moved Permanently
Date: Tue, 16 Apr 2024 13:23:10 GMT
Content-Type: text/html
Content-Length: 167
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Tue, 16 Apr 2024 14:23:10 GMT
Location: https://downstairsnegotiatebarren.com/sfp.js
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=V7TxlOqrpTFM6fSIxwRPubsRFBe0DeJJUv1YSG%2F%2F0Q7MN3TYC7ipp%2BUaDNQsKqS2J51bgnjrdBEIJdEVympZPJRZaSmhPIizFUGxOWveExPXgxsECqw8hDqdgRGT%2BjTFHc4LbUF0yu9%2Bu9jGg2%2BdRA%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 87547d070b5e56bd-OSL
alt-svc: h2=":443"; ma=60
|
|
| nguonchillb.com/themes/np/images/icon-search-menu.png | 94.242.50.163 | 200 OK | 1.2 kB |
URL GET HTTP/1.1nguonchillb.com/themes/np/images/icon-search-menu.png IP94.242.50.163:80
Requested byhttp://nguonchillb.com/thanh-vat-ca-sau-crocodile-dundee-f41307.html
File typePNG image data, 19 x 19, 8-bit/color RGBA, non-interlaced Hashe573652e7d75f6471431e9fd48ca706c ef9de78ae35eb6d6f3e04744612c7bed87c3a5ee 49cd4ed8ef5f3b960bdb9a9024f1b4a83b96e39425a339fd1afc2486709c432b
GET /themes/np/images/icon-search-menu.png HTTP/1.1
Host: nguonchillb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://nguonchillb.com/themes/np/css/color.css?v=np2.4.8.2
Cookie: PHPSESSID=iocs9im8knfu73tp70cbhbq9g6; us_session_id=P1816
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 16 Apr 2024 13:23:10 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.0.33
Last-Modified: Fri, 19 Jan 2018 09:15:00 GMT
Accept-Ranges: bytes
Content-Length: 1229
Cache-Control: max-age=2592000, public
Expires: Thu, 16 May 2024 13:23:10 GMT
Connection: close
Content-Type: image/png
|
|
| m3.nguonhay.com/media/images/film/blp/s350_700/ca-sau-khong-lo-phan-2-1670396602.jpg | 94.242.50.163 | 200 OK | 138 kB |
URL GET HTTP/1.1m3.nguonhay.com/media/images/film/blp/s350_700/ca-sau-khong-lo-phan-2-1670396602.jpg IP94.242.50.163:80
Requested byhttp://nguonchillb.com/thanh-vat-ca-sau-crocodile-dundee-f41307.html
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 350x622, components 3 Size138 kB (137869 bytes) Hash07b28bdf5747734480d3c7e1ce16531b 55590544fb623bbf64f3a02b14098559f3c6187c 3e1b2ca069c9f4475514355e212387177e49d0f0e3c5585841a8bcbd7d4cb2e9
GET /media/images/film/blp/s350_700/ca-sau-khong-lo-phan-2-1670396602.jpg HTTP/1.1
Host: m3.nguonhay.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://nguonchillb.com/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 16 Apr 2024 13:23:10 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.0.33
Last-Modified: Wed, 07 Dec 2022 07:05:22 GMT
ETag: "21a8d-5ef378b4b39c9"
Accept-Ranges: bytes
Content-Length: 137869
Cache-Control: max-age=5184000, public
Expires: Sat, 15 Jun 2024 13:23:10 GMT
Access-Control-Allow-Origin: *
Connection: close
Content-Type: image/jpeg
|
|
| nguonchillb.com/themes/np/fonts/fontawesome-webfont.woff2?v=4.7.0 | 94.242.50.163 | 200 OK | 77 kB |
URL GET HTTP/1.1nguonchillb.com/themes/np/fonts/fontawesome-webfont.woff2?v=4.7.0 IP94.242.50.163:80
Requested byhttp://nguonchillb.com/thanh-vat-ca-sau-crocodile-dundee-f41307.html
File typeWeb Open Font Format (Version 2), TrueType, length 77160, version 4.459 Hashaf7ae505a9eed503f8b8e6982036873e d6f48cba7d076fb6f2fd6ba993a75b9dc1ecbf0c 2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
GET /themes/np/fonts/fontawesome-webfont.woff2?v=4.7.0 HTTP/1.1
Host: nguonchillb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: http://nguonchillb.com/themes/np/css/color.css?v=np2.4.8.2
Cookie: PHPSESSID=iocs9im8knfu73tp70cbhbq9g6; us_session_id=P1816
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 16 Apr 2024 13:23:10 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.0.33
Last-Modified: Fri, 19 Jan 2018 09:14:59 GMT
Accept-Ranges: bytes
Content-Length: 77160
Cache-Control: max-age=2592000
Expires: Thu, 16 May 2024 13:23:10 GMT
X-UA-Compatible: IE=edge,chrome=1
Connection: close
|
|
| m3.nguonhay.com/media/images/film/mptv/s350_700/nu-hoang-nuoc-mat-1707443450.jpg | 94.242.50.163 | 200 OK | 55 kB |
URL GET HTTP/1.1m3.nguonhay.com/media/images/film/mptv/s350_700/nu-hoang-nuoc-mat-1707443450.jpg IP94.242.50.163:80
Requested byhttp://nguonchillb.com/thanh-vat-ca-sau-crocodile-dundee-f41307.html
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 350x501, components 3 Hash7d84be20e84510c02a36491f73526483 911556208f24946169d6e9afe33fc2e5f6e48470 84cdd62c2838005fc964ed071a20d264327cc45c1403b1126ceb263fe479c06a
GET /media/images/film/mptv/s350_700/nu-hoang-nuoc-mat-1707443450.jpg HTTP/1.1
Host: m3.nguonhay.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://nguonchillb.com/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 16 Apr 2024 13:23:10 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.0.33
Last-Modified: Sun, 10 Mar 2024 18:55:46 GMT
ETag: "d82c-61352f90ce8d6"
Accept-Ranges: bytes
Content-Length: 55340
Cache-Control: max-age=5184000, public
Expires: Sat, 15 Jun 2024 13:23:10 GMT
Access-Control-Allow-Origin: *
Connection: close
Content-Type: image/jpeg
|
|
| m3.nguonhay.com/media/images/film/xpm/s350_700/cuoc-san-ca-sau-1607079200.jpg | 94.242.50.163 | 200 OK | 41 kB |
URL GET HTTP/1.1m3.nguonhay.com/media/images/film/xpm/s350_700/cuoc-san-ca-sau-1607079200.jpg IP94.242.50.163:80
Requested byhttp://nguonchillb.com/thanh-vat-ca-sau-crocodile-dundee-f41307.html
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 265x320, components 3 Hashd78b364dde2fb8f32c1d833b1bf1c01a 33587b579b785819c8cb5af28bc5c84aed133e0f 276d4959a1555fb83b8bed881f4687ccd8e4ac5cb15bf131c407b887092584a4
GET /media/images/film/xpm/s350_700/cuoc-san-ca-sau-1607079200.jpg HTTP/1.1
Host: m3.nguonhay.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://nguonchillb.com/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 16 Apr 2024 13:23:10 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.0.33
Last-Modified: Thu, 17 Feb 2022 13:42:22 GMT
ETag: "a193-5d836ef92bcca"
Accept-Ranges: bytes
Content-Length: 41363
Cache-Control: max-age=5184000, public
Expires: Sat, 15 Jun 2024 13:23:10 GMT
Access-Control-Allow-Origin: *
Connection: close
Content-Type: image/jpeg
|
|
| m3.nguonhay.com/media/images/film/vp/s350_700/thanh-vat-ca-sau-1589918401.jpg | 94.242.50.163 | 200 OK | 54 kB |
URL GET HTTP/1.1m3.nguonhay.com/media/images/film/vp/s350_700/thanh-vat-ca-sau-1589918401.jpg IP94.242.50.163:80
Requested byhttp://nguonchillb.com/thanh-vat-ca-sau-crocodile-dundee-f41307.html
File typeJPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, progressive, precision 8, 320x485, components 3 Hasha15ef35c7f200d364add75da15be3bf5 f0370a652f39357f4ba94577ff5b08cfd9a1be40 52cdc7530a47254464b3daf5ed4bd4bdbf267eae946781f43fd404b391a73628
GET /media/images/film/vp/s350_700/thanh-vat-ca-sau-1589918401.jpg HTTP/1.1
Host: m3.nguonhay.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://nguonchillb.com/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 16 Apr 2024 13:23:10 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.0.33
Last-Modified: Thu, 11 Jun 2020 13:20:23 GMT
ETag: "d3d1-5a7ced2aacd7e"
Accept-Ranges: bytes
Content-Length: 54225
Cache-Control: max-age=5184000, public
Expires: Sat, 15 Jun 2024 13:23:10 GMT
Access-Control-Allow-Origin: *
Connection: close
Content-Type: image/jpeg
|
|
| fonts.gstatic.com/s/materialicons/v142/flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2 | 142.250.74.99 | 200 OK | 128 kB |
URL GET HTTP/2fonts.gstatic.com/s/materialicons/v142/flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2 IP142.250.74.99:443
Requested byhttp://nguonchillb.com/thanh-vat-ca-sau-crocodile-dundee-f41307.html CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com Fingerprint8F:81:43:71:C4:F3:8C:FA:6D:EC:B4:5E:1F:58:71:AA:48:42:0E:E9 ValidityMon, 04 Mar 2024 07:16:39 GMT - Mon, 27 May 2024 07:16:38 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 128352, version 1.0 Size128 kB (128352 bytes) Hash53436aca8627a49f4deaaa44dc9e3c05 0bc0c675480d94ec7e8609dda6227f88c5d08d2c 8265f64786397d6b832d1ca0aafdf149ad84e72759fffa9f7272e91a0fb015d1
GET /s/materialicons/v142/flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://nguonchillb.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 128352
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 15 Apr 2024 21:27:45 GMT
expires: Tue, 15 Apr 2025 21:27:45 GMT
cache-control: public, max-age=31536000
age: 57325
last-modified: Mon, 08 Apr 2024 19:04:47 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu7GxKOzY.woff2 | 142.250.74.99 | 200 OK | 12 kB |
URL GET HTTP/2fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu7GxKOzY.woff2 IP142.250.74.99:443
Requested byhttp://nguonchillb.com/thanh-vat-ca-sau-crocodile-dundee-f41307.html CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com Fingerprint8F:81:43:71:C4:F3:8C:FA:6D:EC:B4:5E:1F:58:71:AA:48:42:0E:E9 ValidityMon, 04 Mar 2024 07:16:39 GMT - Mon, 27 May 2024 07:16:38 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 11872, version 1.0 Hash87ace20058325aa069320aa4af875dff b743548770c46d905ae1ba06310bc001c587fe8e 3c23eb02de6b34e30f18cfb7167abd81a2cedfd1da60dfcb71989517ab3fb431
GET /s/roboto/v30/KFOmCnqEu92Fr1Mu7GxKOzY.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://nguonchillb.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 11872
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 16 Apr 2024 01:19:30 GMT
expires: Wed, 16 Apr 2025 01:19:30 GMT
cache-control: public, max-age=31536000
age: 43420
last-modified: Wed, 11 May 2022 19:25:01 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSCmu1aB.woff2 | 142.250.74.99 | 200 OK | 17 kB |
URL GET HTTP/2fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSCmu1aB.woff2 IP142.250.74.99:443
Requested byhttp://nguonchillb.com/thanh-vat-ca-sau-crocodile-dundee-f41307.html CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com Fingerprint8F:81:43:71:C4:F3:8C:FA:6D:EC:B4:5E:1F:58:71:AA:48:42:0E:E9 ValidityMon, 04 Mar 2024 07:16:39 GMT - Mon, 27 May 2024 07:16:38 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 16552, version 1.0 Hash283c40f79deab0300df8b3ffd86dfc7b 2ef09414a573ac59f4b37e81c8b8a881244b345f 35e5eea83f2e5f2bad1213aa4b4aef30a380720e35c1821f19bc894f8e61e406
GET /s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSCmu1aB.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://nguonchillb.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 16552
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 11 Apr 2024 02:33:37 GMT
expires: Fri, 11 Apr 2025 02:33:37 GMT
cache-control: public, max-age=31536000
age: 470973
last-modified: Thu, 14 Dec 2023 02:08:40 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSGmu1aB.woff2 | 142.250.74.99 | 200 OK | 35 kB |
URL GET HTTP/2fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSGmu1aB.woff2 IP142.250.74.99:443
Requested byhttp://nguonchillb.com/thanh-vat-ca-sau-crocodile-dundee-f41307.html CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com Fingerprint8F:81:43:71:C4:F3:8C:FA:6D:EC:B4:5E:1F:58:71:AA:48:42:0E:E9 ValidityMon, 04 Mar 2024 07:16:39 GMT - Mon, 27 May 2024 07:16:38 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 35328, version 1.0 Hash7670dba29aa2a1560c5d711ea6f6b369 6a2a620d2972f139c804c5a8363c91eb1a7595f6 adfa45260a1306cb5fefc1f17c1b5e7b61135534a82bf1b8e3d0540af7e07e3b
GET /s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSGmu1aB.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://nguonchillb.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 35328
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 11 Apr 2024 17:27:30 GMT
expires: Fri, 11 Apr 2025 17:27:30 GMT
cache-control: public, max-age=31536000
age: 417340
last-modified: Thu, 14 Dec 2023 02:00:45 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu7WxKOzY.woff2 | 142.250.74.99 | 200 OK | 5.6 kB |
URL GET HTTP/2fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu7WxKOzY.woff2 IP142.250.74.99:443
Requested byhttp://nguonchillb.com/thanh-vat-ca-sau-crocodile-dundee-f41307.html CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com Fingerprint8F:81:43:71:C4:F3:8C:FA:6D:EC:B4:5E:1F:58:71:AA:48:42:0E:E9 ValidityMon, 04 Mar 2024 07:16:39 GMT - Mon, 27 May 2024 07:16:38 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 5560, version 1.0 Hashca3b09b62fda648a4511700413313fd0 109cd4c5435bd6614391bb8722c47c287c96b2ec 77b24796a3d4ab521f66765651875338ed50cb9306cfe4603a3e79618e429cec
GET /s/roboto/v30/KFOmCnqEu92Fr1Mu7WxKOzY.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://nguonchillb.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 5560
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 11 Apr 2024 02:39:02 GMT
expires: Fri, 11 Apr 2025 02:39:02 GMT
cache-control: public, max-age=31536000
age: 470648
last-modified: Wed, 11 May 2022 19:24:41 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| ocsp.r2m03.amazontrust.com/ | 143.204.53.97 | | 471 B |
URL ocsp.r2m03.amazontrust.com/ IP143.204.53.97:0
Hash0bea14a24acf01e7602c416935848793 3493b99ca0da4d0c60f848069fa57e39b335a87a 229a97c14569254bf9fe6342e7cd4efd9e4f4b0ff89fb3c1e5c935976ab01062
POST / HTTP/1.1
Host: ocsp.r2m03.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=7200
Date: Tue, 16 Apr 2024 13:23:10 GMT
Last-Modified: Tue, 16 Apr 2024 12:22:42 GMT
Server: ECAcc (ska/F6A3)
X-Cache: Miss from cloudfront
Via: 1.1 c9f2a4d2bcd548d1a3cbe1617a22f216.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: wT_IGyZNj9n13YTwqfK6MvZoH4lDxnv0wLf9Lm0CZt_8yvQylgBh3g==
Age: 3629
|
|
| fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 | 142.250.74.99 | 200 OK | 16 kB |
URL GET HTTP/1.1fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 IP142.250.74.99:80
Requested byhttp://nguonchillb.com/thanh-vat-ca-sau-crocodile-dundee-f41307.html
File typeWeb Open Font Format (Version 2), TrueType, length 15860, version 1.0 Hashe9f5aaf547f165386cd313b995dddd8e acdef5603c2387b0e5bffd744b679a24a8bc1968 f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
GET /s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://nguonchillb.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15860
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 16 Apr 2024 10:46:32 GMT
expires: Wed, 16 Apr 2025 10:46:32 GMT
cache-control: public, max-age=31536000
age: 9398
last-modified: Wed, 11 May 2022 19:24:42 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 | 142.250.74.99 | 200 OK | 16 kB |
URL GET HTTP/1.1fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 IP142.250.74.99:80
Requested byhttp://nguonchillb.com/thanh-vat-ca-sau-crocodile-dundee-f41307.html
File typeWeb Open Font Format (Version 2), TrueType, length 15744, version 1.0 Hash15d9f621c3bd1599f0169dcf0bd5e63e 7ca9c5967f3bb8bffeab24b639b49c1e7d03fa52 f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://nguonchillb.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15744
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 11 Apr 2024 02:37:01 GMT
expires: Fri, 11 Apr 2025 02:37:01 GMT
cache-control: public, max-age=31536000
age: 470769
last-modified: Wed, 11 May 2022 19:24:48 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfCxc4EsA.woff2 | 142.250.74.99 | 200 OK | 5.5 kB |
URL GET HTTP/2fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfCxc4EsA.woff2 IP142.250.74.99:443
Requested byhttp://nguonchillb.com/thanh-vat-ca-sau-crocodile-dundee-f41307.html CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com Fingerprint8F:81:43:71:C4:F3:8C:FA:6D:EC:B4:5E:1F:58:71:AA:48:42:0E:E9 ValidityMon, 04 Mar 2024 07:16:39 GMT - Mon, 27 May 2024 07:16:38 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 5548, version 1.0 Hashcdaab83619fcacd4027a77c99dd51e69 9e6eae8554f8cc2309b2dae2d9fa217e34eed6a4 4ec57f2a80b91090971b83970230ca09ab3568c5f5b224896ca9aa6180a76aa9
GET /s/roboto/v30/KFOlCnqEu92Fr1MmWUlfCxc4EsA.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://nguonchillb.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 5548
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 11 Apr 2024 02:45:59 GMT
expires: Fri, 11 Apr 2025 02:45:59 GMT
cache-control: public, max-age=31536000
age: 470231
last-modified: Wed, 11 May 2022 19:24:45 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| m3.nguonhay.com/media/images/film/phimbathu/s350_700/ca-sau-201608780-1496780031.jpg | 94.242.50.163 | 200 OK | 65 kB |
URL GET HTTP/1.1m3.nguonhay.com/media/images/film/phimbathu/s350_700/ca-sau-201608780-1496780031.jpg IP94.242.50.163:80
Requested byhttp://nguonchillb.com/thanh-vat-ca-sau-crocodile-dundee-f41307.html
File typeJPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, progressive, precision 8, 350x489, components 3 Hash5146228e85e112d77c43b0601b18538a 14a95c2fa61cb6845a74197b7e506afc5f4fc026 d4161e07417adfe8004c108b55248bc04d84418b3bbb56ff6397dc889dfa09af
GET /media/images/film/phimbathu/s350_700/ca-sau-201608780-1496780031.jpg HTTP/1.1
Host: m3.nguonhay.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://nguonchillb.com/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 16 Apr 2024 13:23:10 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.0.33
Last-Modified: Fri, 18 Feb 2022 16:10:38 GMT
ETag: "ff11-5d84d1f9da0a6"
Accept-Ranges: bytes
Content-Length: 65297
Cache-Control: max-age=5184000, public
Expires: Sat, 15 Jun 2024 13:23:10 GMT
Access-Control-Allow-Origin: *
Connection: close
Content-Type: image/jpeg
|
|
| m3.nguonhay.com/media/images/film/blp/s350_700/lyle-chu-ca-sau-biet-hat-1669115045.jpg | 94.242.50.163 | 200 OK | 98 kB |
URL GET HTTP/1.1m3.nguonhay.com/media/images/film/blp/s350_700/lyle-chu-ca-sau-biet-hat-1669115045.jpg IP94.242.50.163:80
Requested byhttp://nguonchillb.com/thanh-vat-ca-sau-crocodile-dundee-f41307.html
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 350x490, components 3 Hash162fa9c29735bb7232fcdb5911355c5b cd2ac80968c42958d1ec7cd971636e2e5e4227ee d5a156efb80764c0ee9f9c983a27523d6ed247e37fc5a60cb42afecad991a5b5
GET /media/images/film/blp/s350_700/lyle-chu-ca-sau-biet-hat-1669115045.jpg HTTP/1.1
Host: m3.nguonhay.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://nguonchillb.com/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 16 Apr 2024 13:23:10 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.0.33
Last-Modified: Tue, 22 Nov 2022 11:04:19 GMT
ETag: "17f8e-5ee0d223ab9f4"
Accept-Ranges: bytes
Content-Length: 98190
Cache-Control: max-age=5184000, public
Expires: Sat, 15 Jun 2024 13:23:10 GMT
Access-Control-Allow-Origin: *
Connection: close
Content-Type: image/jpeg
|
|
| fonts.googleapis.com/css?family=Roboto+Condensed:300,300i,400,400i,700,700i&subset=latin-ext,vietnamese | 142.250.74.106 | 200 OK | 49 kB |
URL GET HTTP/2fonts.googleapis.com/css?family=Roboto+Condensed:300,300i,400,400i,700,700i&subset=latin-ext,vietnamese IP142.250.74.106:443
Requested byhttp://nguonchillb.com/thanh-vat-ca-sau-crocodile-dundee-f41307.html CertificateIssuerGoogle Trust Services LLC Subjectupload.video.google.com Fingerprint47:5A:64:7D:9F:47:34:07:31:91:97:F7:04:42:7A:D5:EA:AD:07:4E ValidityMon, 04 Mar 2024 07:16:44 GMT - Mon, 27 May 2024 07:16:43 GMT
File typegzip compressed data, max compression Hash244da872c17480e01b6a05dd9a53dba8 87db989afaaf3100c9d513ad6bf30c993c8b9737 617c075496417f2cb46b9d49187c4a6220acd601acf7f3a85a5b370578ef8a05
GET /css?family=Roboto+Condensed:300,300i,400,400i,700,700i&subset=latin-ext,vietnamese HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://nguonchillb.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Tue, 16 Apr 2024 13:23:10 GMT
date: Tue, 16 Apr 2024 13:23:10 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| nguonchillb.com/themes/np/images/button_km.png | 94.242.50.163 | 200 OK | 2.6 kB |
URL GET HTTP/1.1nguonchillb.com/themes/np/images/button_km.png IP94.242.50.163:80
Requested byhttp://nguonchillb.com/thanh-vat-ca-sau-crocodile-dundee-f41307.html
File typePNG image data, 66 x 50, 8-bit/color RGBA, non-interlaced Hash05238f78240b8bb3d2453e866550a011 766a5353d457d5282bb04192072a116073b8666d aed76e5f2deac5394da887c6b862ab04fbc3e601348006da714310d72c5dfc60
GET /themes/np/images/button_km.png HTTP/1.1
Host: nguonchillb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://nguonchillb.com/themes/np/css/color.css?v=np2.4.8.2
Cookie: PHPSESSID=iocs9im8knfu73tp70cbhbq9g6; us_session_id=P1816; _ga_3RRF2WKVFP=GS1.1.1713273790.1.0.1713273790.0.0.0; _ga=GA1.1.1684841563.1713273791
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 16 Apr 2024 13:23:10 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.0.33
Last-Modified: Fri, 19 Jan 2018 09:15:00 GMT
Accept-Ranges: bytes
Content-Length: 2646
Cache-Control: max-age=2592000, public
Expires: Thu, 16 May 2024 13:23:10 GMT
Connection: close
Content-Type: image/png
|
|
| nguonchillb.com/themes/np/images/bottomNavON.png | 94.242.50.163 | 200 OK | 1.3 kB |
URL GET HTTP/1.1nguonchillb.com/themes/np/images/bottomNavON.png IP94.242.50.163:80
Requested byhttp://nguonchillb.com/thanh-vat-ca-sau-crocodile-dundee-f41307.html
File typePNG image data, 13 x 13, 8-bit/color RGBA, non-interlaced Hash0703045e13e1ab8508a2273cbe71d5d6 c2d2f79bb3758de5722cddd94eaf4701078b4d71 698cc5f19fb8e30c2a9d8471e81637cb26e8fcd67a55bfffc9ca651a0c45e90f
GET /themes/np/images/bottomNavON.png HTTP/1.1
Host: nguonchillb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://nguonchillb.com/themes/np/css/color.css?v=np2.4.8.2
Cookie: PHPSESSID=iocs9im8knfu73tp70cbhbq9g6; us_session_id=P1816; _ga_3RRF2WKVFP=GS1.1.1713273790.1.0.1713273790.0.0.0; _ga=GA1.1.1684841563.1713273791
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 16 Apr 2024 13:23:10 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.0.33
Last-Modified: Fri, 19 Jan 2018 09:15:00 GMT
Accept-Ranges: bytes
Content-Length: 1334
Cache-Control: max-age=2592000, public
Expires: Thu, 16 May 2024 13:23:10 GMT
Connection: close
Content-Type: image/png
|
|
| nguonchillb.com/themes/np/images/bottomNavOFF.png | 94.242.50.163 | 200 OK | 1.3 kB |
URL GET HTTP/1.1nguonchillb.com/themes/np/images/bottomNavOFF.png IP94.242.50.163:80
Requested byhttp://nguonchillb.com/thanh-vat-ca-sau-crocodile-dundee-f41307.html
File typePNG image data, 13 x 13, 8-bit/color RGBA, non-interlaced Hash840cd790a57c4cee3fb5b50d448dfd3a 976ecfbdaadc569488019ad246b6dfa31bdab85b d317c5f6a5b4342d84bcc00cb0c99d2ce3c7d6f1044ac8036d722fcbf728baeb
GET /themes/np/images/bottomNavOFF.png HTTP/1.1
Host: nguonchillb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://nguonchillb.com/themes/np/css/color.css?v=np2.4.8.2
Cookie: PHPSESSID=iocs9im8knfu73tp70cbhbq9g6; us_session_id=P1816; _ga_3RRF2WKVFP=GS1.1.1713273790.1.0.1713273790.0.0.0; _ga=GA1.1.1684841563.1713273791
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 16 Apr 2024 13:23:10 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.0.33
Last-Modified: Fri, 19 Jan 2018 09:15:00 GMT
Accept-Ranges: bytes
Content-Length: 1250
Cache-Control: max-age=2592000, public
Expires: Thu, 16 May 2024 13:23:10 GMT
Connection: close
Content-Type: image/png
|
|
| proftrafficcounter.com/stats |  3.123.64.179 | 200 OK | 40 B |
URL GET HTTP/2proftrafficcounter.com/stats IP3.123.64.179:443
Requested byhttp://nguonchillb.com/thanh-vat-ca-sau-crocodile-dundee-f41307.html CertificateIssuerAmazon Subjectproftrafficcounter.com FingerprintE3:9F:79:6F:80:C0:BF:F8:C4:EB:45:F3:E9:0F:A7:41:F6:0C:05:E6 ValidityTue, 21 Nov 2023 00:00:00 GMT - Thu, 19 Dec 2024 23:59:59 GMT
File typeASCII text, with no line terminators Hash36ddd2aef3c0e584cef227fb02983c43 1ce0b85ec6b084023fab7e9d061da36e88d5f394 7a8f59cf7e5890539698ab22d9eea8f86aa66767ae29ae3104bee2e0963d47f5
GET /stats HTTP/1.1
Host: proftrafficcounter.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://nguonchillb.com
DNT: 1
Connection: keep-alive
Referer: http://nguonchillb.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Tue, 16 Apr 2024 13:23:10 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: http://nguonchillb.com
vary: Origin
access-control-allow-credentials: true
set-cookie: uid_id2=1fd274b3-eb14-4a31-8cad-ec5b1e4e1c3d:3:1; expires=Fri, 14 Apr 2034 13:23:10 GMT; secure; SameSite=None
X-Firefox-Spdy: h2
|
|
| fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 | 142.250.74.99 | 200 OK | 48 kB |
URL GET HTTP/2fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 IP142.250.74.99:443
Requested byhttp://nguonchillb.com/thanh-vat-ca-sau-crocodile-dundee-f41307.html CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com Fingerprint8F:81:43:71:C4:F3:8C:FA:6D:EC:B4:5E:1F:58:71:AA:48:42:0E:E9 ValidityMon, 04 Mar 2024 07:16:39 GMT - Mon, 27 May 2024 07:16:38 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 48236, version 1.0 Hash015c126a3520c9a8f6a27979d0266e96 2acf956561d44434a6d84204670cf849d3215d5f 3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
GET /s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://nguonchillb.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 48236
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 16 Apr 2024 08:04:32 GMT
expires: Wed, 16 Apr 2025 08:04:32 GMT
cache-control: public, max-age=31536000
age: 19118
last-modified: Thu, 14 Dec 2023 02:08:40 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSCmu1aB.woff2 | 142.250.74.99 | 200 OK | 17 kB |
URL GET HTTP/2fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSCmu1aB.woff2 IP142.250.74.99:443
Requested byhttp://nguonchillb.com/thanh-vat-ca-sau-crocodile-dundee-f41307.html CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com Fingerprint8F:81:43:71:C4:F3:8C:FA:6D:EC:B4:5E:1F:58:71:AA:48:42:0E:E9 ValidityMon, 04 Mar 2024 07:16:39 GMT - Mon, 27 May 2024 07:16:38 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 16552, version 1.0 Hash283c40f79deab0300df8b3ffd86dfc7b 2ef09414a573ac59f4b37e81c8b8a881244b345f 35e5eea83f2e5f2bad1213aa4b4aef30a380720e35c1821f19bc894f8e61e406
GET /s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSCmu1aB.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://nguonchillb.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 16552
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 11 Apr 2024 02:33:37 GMT
expires: Fri, 11 Apr 2025 02:33:37 GMT
cache-control: public, max-age=31536000
age: 470973
last-modified: Thu, 14 Dec 2023 02:08:40 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 | 142.250.74.99 | 200 OK | 48 kB |
URL GET HTTP/2fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 IP142.250.74.99:443
Requested byhttp://nguonchillb.com/thanh-vat-ca-sau-crocodile-dundee-f41307.html CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com Fingerprint8F:81:43:71:C4:F3:8C:FA:6D:EC:B4:5E:1F:58:71:AA:48:42:0E:E9 ValidityMon, 04 Mar 2024 07:16:39 GMT - Mon, 27 May 2024 07:16:38 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 48236, version 1.0 Hash015c126a3520c9a8f6a27979d0266e96 2acf956561d44434a6d84204670cf849d3215d5f 3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
GET /s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://nguonchillb.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 48236
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 16 Apr 2024 08:04:32 GMT
expires: Wed, 16 Apr 2025 08:04:32 GMT
cache-control: public, max-age=31536000
age: 19118
last-modified: Thu, 14 Dec 2023 02:08:40 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSGmu1aB.woff2 | 142.250.74.99 | 200 OK | 35 kB |
URL GET HTTP/2fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSGmu1aB.woff2 IP142.250.74.99:443
Requested byhttp://nguonchillb.com/thanh-vat-ca-sau-crocodile-dundee-f41307.html CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com Fingerprint8F:81:43:71:C4:F3:8C:FA:6D:EC:B4:5E:1F:58:71:AA:48:42:0E:E9 ValidityMon, 04 Mar 2024 07:16:39 GMT - Mon, 27 May 2024 07:16:38 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 35328, version 1.0 Hash7670dba29aa2a1560c5d711ea6f6b369 6a2a620d2972f139c804c5a8363c91eb1a7595f6 adfa45260a1306cb5fefc1f17c1b5e7b61135534a82bf1b8e3d0540af7e07e3b
GET /s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSGmu1aB.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://nguonchillb.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 35328
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 11 Apr 2024 17:27:30 GMT
expires: Fri, 11 Apr 2025 17:27:30 GMT
cache-control: public, max-age=31536000
age: 417340
last-modified: Thu, 14 Dec 2023 02:00:45 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| nguonchillb.com/site/site/checkaccess/ | 94.242.50.163 | 200 OK | 7 B |
URL POST HTTP/1.1nguonchillb.com/site/site/checkaccess/ IP94.242.50.163:80
Requested byhttp://nguonchillb.com/thanh-vat-ca-sau-crocodile-dundee-f41307.html
File typeASCII text, with no line terminators Hash4e3ca82bee9b6a4b6c6e30ca31234e50 f007b014714adb9c2c7c105e64dfa8448e9ec77a 148ecdac86b94c986a6bb2da57595b2cc4b35afa88e266ec7f30f79530803efb
POST /site/site/checkaccess/ HTTP/1.1
Host: nguonchillb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
X-Requested-With: XMLHttpRequest
Content-Length: 99
Origin: http://nguonchillb.com
DNT: 1
Connection: keep-alive
Referer: http://nguonchillb.com/thanh-vat-ca-sau-crocodile-dundee-f41307.html
Cookie: PHPSESSID=iocs9im8knfu73tp70cbhbq9g6; us_session_id=P1816; _ga_3RRF2WKVFP=GS1.1.1713273790.1.0.1713273790.0.0.0; _ga=GA1.1.1684841563.1713273791
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 16 Apr 2024 13:23:10 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.0.33
X-Powered-By: PHP/7.0.33
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
X-UA-Compatible: IE=edge,chrome=1
Content-Length: 7
Connection: close
Content-Type: text/html; charset=UTF-8
|
|
| nguonchillb.com/site/chatbot/refresh/ | 94.242.50.163 | 200 OK | 260 B |
URL POST HTTP/1.1nguonchillb.com/site/chatbot/refresh/ IP94.242.50.163:80
Requested byhttp://nguonchillb.com/thanh-vat-ca-sau-crocodile-dundee-f41307.html
Hashba0683de7607ad624fb4cecda80e9bc1 674cb63ed78bcbd018343354b0ae42e9c43d2ee1 83db877ee449fa874aaaf8896bc642c25fc2f6e8c0179b6d4d59a2c0c9cdfce1
POST /site/chatbot/refresh/ HTTP/1.1
Host: nguonchillb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
X-Requested-With: XMLHttpRequest
Content-Length: 16
Origin: http://nguonchillb.com
DNT: 1
Connection: keep-alive
Referer: http://nguonchillb.com/thanh-vat-ca-sau-crocodile-dundee-f41307.html
Cookie: PHPSESSID=iocs9im8knfu73tp70cbhbq9g6; us_session_id=P1816; _ga_3RRF2WKVFP=GS1.1.1713273790.1.0.1713273790.0.0.0; _ga=GA1.1.1684841563.1713273791
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 16 Apr 2024 13:23:10 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.0.33
X-Powered-By: PHP/7.0.33
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: Accept-Encoding
Content-Encoding: gzip
X-UA-Compatible: IE=edge,chrome=1
Content-Length: 260
Connection: close
Content-Type: text/html; charset=UTF-8
|
|
| m3.nguonphim.net/media/images/1/favi/favicon-1498701606.png | 94.242.50.163 | 200 OK | 18 kB |
URL GET HTTP/1.1m3.nguonphim.net/media/images/1/favi/favicon-1498701606.png IP94.242.50.163:80
Requested byhttp://nguonchillb.com/thanh-vat-ca-sau-crocodile-dundee-f41307.html
File typePNG image data, 46 x 48, 8-bit/color RGBA, non-interlaced Hashe6f4a93efe2d93e885abcbb4cc09cd4a e4f94b9e95b40e30b215228316bb7f8c48d08ed2 93b7bbea433aa41f6efb860d3d9777d363f9e64fc1ad4186cd9ef525bbee9c94
GET /media/images/1/favi/favicon-1498701606.png HTTP/1.1
Host: m3.nguonphim.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://nguonchillb.com/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 16 Apr 2024 13:23:11 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.0.33
Last-Modified: Wed, 05 Jul 2017 04:14:59 GMT
ETag: "45d1-5538a3e52eb40"
Accept-Ranges: bytes
Content-Length: 17873
Cache-Control: max-age=5184000, public
Expires: Sat, 15 Jun 2024 13:23:11 GMT
Access-Control-Allow-Origin: *
Connection: close
Content-Type: image/png
|
|
| continuousselfevidentinestimable.com/sbar.json?key=5b28bb3338748187b2166508de2d96b3&uuid=1fd274b3-eb14-4a31-8cad-ec5b1e4e1c3d%3A3%3A1 | 172.240.108.68 | 200 OK | 8.0 kB |
URL GET HTTP/1.1continuousselfevidentinestimable.com/sbar.json?key=5b28bb3338748187b2166508de2d96b3&uuid=1fd274b3-eb14-4a31-8cad-ec5b1e4e1c3d%3A3%3A1 IP172.240.108.68:443
Requested byhttp://nguonchillb.com/thanh-vat-ca-sau-crocodile-dundee-f41307.html CertificateIssuerLet's Encrypt Subjectcontinuousselfevidentinestimable.com Fingerprint1F:F4:36:85:7F:D7:60:BF:21:DA:52:FF:00:60:97:80:4B:6D:0D:3A ValidityMon, 15 Apr 2024 12:20:33 GMT - Sun, 14 Jul 2024 12:20:32 GMT
Hashdeeae233a93f6ac3dc20241f0ae6531c a90608d81331c2d90f73991c5951f9cfa61866cb abc6de058e2e6a94fdc4411168f550e31d8b5ec82f0b2f046b625419feea0bee
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /sbar.json?key=5b28bb3338748187b2166508de2d96b3&uuid=1fd274b3-eb14-4a31-8cad-ec5b1e4e1c3d%3A3%3A1 HTTP/1.1
Host: continuousselfevidentinestimable.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://nguonchillb.com
DNT: 1
Connection: keep-alive
Referer: http://nguonchillb.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Tue, 16 Apr 2024 13:23:11 GMT
Content-Type: text/plain; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: http://nguonchillb.com
Access-Control-Allow-Origin: http://nguonchillb.com
Access-Control-Allow-Credentials: true
Set-Cookie: u_pl=17093374; expires=Wed, 17 Apr 2024 13:23:11 GMT; secure; SameSite=None
uid_id2=1fd274b3-eb14-4a31-8cad-ec5b1e4e1c3d:3:1; expires=Tue, 23 Apr 2024 13:23:11 GMT; secure; SameSite=None
pdhtkv=true; expires=Wed, 17 Apr 2024 13:23:11 GMT; secure; SameSite=None
uncs=1; expires=Wed, 17 Apr 2024 13:23:11 GMT; secure; SameSite=None
pdhtkv29=true; expires=Wed, 17 Apr 2024 13:23:11 GMT; secure; SameSite=None
uncs29=1; expires=Wed, 17 Apr 2024 13:23:11 GMT; secure; SameSite=None
slec5b28bb3338748187b2166508de2d96b3=[3078189,3078207]; expires=Tue, 16 Apr 2024 13:23:16 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 6ad20e1b3ad96ff282c345ccb213efb0
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
|
|
| continuousselfevidentinestimable.com/ren.gif?sid=H4sIAAAAAAAC%2F1RSz2skRRitzgY8CAvKgqAog3hQMJP%2BMdMz4x6CMUaCcbPsKnqTqq6aSZnqrqaqa3oSL8EF2ePgX9B5k2zQXUT%2FAHd1siASEDKecjB%2FgyAunkRmjA5%2Bh%2F5%2BvO%2BD1%2B%2FV5wfugoRw9HztPb0nlaLLzbpfe%2FWjILhe25SZG9QG7fjjuHG9ZvpvdOK6%2F1rtHZHs6OXQD3w%2F8IPaujSiqwfLUxAyf9AJ6h2%2F3gjrQbOBgfl%2Fb50HSz3w%2FgV5FpJPFh971yCTMbL0mzVhdwqdv%2F526hQttEGfH3%2BQ7WS6zJDOy67x0M2OL7eh7dn6Q%2BjsaEYXuv%2FfIpMT4v34ECw7viQJ1j%2Bc8WQKIgPjT6PsjyHUGJKOkeg7kPyMAAnHjS1k6b0b2pR09x%2BUTtEJWXzyO2Q5IYu%2FXkOWfr2q5KB2WytXSJ1ZDLoV5GAM2Rsjdyco9hYgyxMkxWeQ%2FGey%2FGQTWXq4ZZWG5OevBF0ethosWhIsaCw1aBQstRPKl0TSZIFoiCCJ%2BEwgKceQ3TGUGILaK3DWg5MeXNeDyz2k%2FLyWBEHQ8nlC%2FXYnSSLeEizmfkBb3YAGftyGS6b%2FMESRD5GoIRKzj9zsY0cOYdz3sNsVLPdgC4I%2Br1AKgtISlJSglARlQVD2qyOubGire1xZx4LLHF7mqBrpondAj3TRExkBNUMYXh3kF%2BSZqYDe4uQv7IjzWpOFbcaiKGq3Gu2g3WJhEMdNv81FyDsxi2BlBWkXQK2HvamZP6win%2BaXV8DoCaw6QSI9UPciaFmBblfYy%2B5nPaezol9PdAquK%2BTFIopd70BdkBdmDtb%2FXIJITsllIDEVclPhE%2FmYoKfujm7pkhze0qUl327lhUzlHp26e7ughfC%2BelfsltrwjTU7%2FPLNZApMywfvC1ts0ozLrGfJ%2FVXJuTDr2iSCfLdhPxTsprPbq85kLt%2B8%2Bdb6RpobYa3U2RhUnl29ikROyFM%2F%2FTF7ts9dPA9pxjCuQurmTKU%2BQZLvw%2BbzmdUERs17lnsoXTUyIZsPlSRQYt5TVsGK00e%2F%2FXs0r0eGTq%2BprA7sXfTMAmhxB1laoW8q9FUFqoaw7sqoyM3pyi%2FRLMDUwogps3DIlFFfzESeflZg5XmtFUU%2BjTvNoNWiosUaYbsbB5zSsBGHcUwjFHbSfenTR38DAAD%2F%2FwEAAP%2F%2FIhzFoJAEAAA%3D | 172.240.108.68 | 200 OK | 7 B |
URL GET HTTP/1.1continuousselfevidentinestimable.com/ren.gif?sid=H4sIAAAAAAAC%2F1RSz2skRRitzgY8CAvKgqAog3hQMJP%2BMdMz4x6CMUaCcbPsKnqTqq6aSZnqrqaqa3oSL8EF2ePgX9B5k2zQXUT%2FAHd1siASEDKecjB%2FgyAunkRmjA5%2Bh%2F5%2BvO%2BD1%2B%2FV5wfugoRw9HztPb0nlaLLzbpfe%2FWjILhe25SZG9QG7fjjuHG9ZvpvdOK6%2F1rtHZHs6OXQD3w%2F8IPaujSiqwfLUxAyf9AJ6h2%2F3gjrQbOBgfl%2Fb50HSz3w%2FgV5FpJPFh971yCTMbL0mzVhdwqdv%2F526hQttEGfH3%2BQ7WS6zJDOy67x0M2OL7eh7dn6Q%2BjsaEYXuv%2FfIpMT4v34ECw7viQJ1j%2Bc8WQKIgPjT6PsjyHUGJKOkeg7kPyMAAnHjS1k6b0b2pR09x%2BUTtEJWXzyO2Q5IYu%2FXkOWfr2q5KB2WytXSJ1ZDLoV5GAM2Rsjdyco9hYgyxMkxWeQ%2FGey%2FGQTWXq4ZZWG5OevBF0ethosWhIsaCw1aBQstRPKl0TSZIFoiCCJ%2BEwgKceQ3TGUGILaK3DWg5MeXNeDyz2k%2FLyWBEHQ8nlC%2FXYnSSLeEizmfkBb3YAGftyGS6b%2FMESRD5GoIRKzj9zsY0cOYdz3sNsVLPdgC4I%2Br1AKgtISlJSglARlQVD2qyOubGire1xZx4LLHF7mqBrpondAj3TRExkBNUMYXh3kF%2BSZqYDe4uQv7IjzWpOFbcaiKGq3Gu2g3WJhEMdNv81FyDsxi2BlBWkXQK2HvamZP6win%2BaXV8DoCaw6QSI9UPciaFmBblfYy%2B5nPaezol9PdAquK%2BTFIopd70BdkBdmDtb%2FXIJITsllIDEVclPhE%2FmYoKfujm7pkhze0qUl327lhUzlHp26e7ughfC%2BelfsltrwjTU7%2FPLNZApMywfvC1ts0ozLrGfJ%2FVXJuTDr2iSCfLdhPxTsprPbq85kLt%2B8%2Bdb6RpobYa3U2RhUnl29ikROyFM%2F%2FTF7ts9dPA9pxjCuQurmTKU%2BQZLvw%2BbzmdUERs17lnsoXTUyIZsPlSRQYt5TVsGK00e%2F%2FXs0r0eGTq%2BprA7sXfTMAmhxB1laoW8q9FUFqoaw7sqoyM3pyi%2FRLMDUwogps3DIlFFfzESeflZg5XmtFUU%2BjTvNoNWiosUaYbsbB5zSsBGHcUwjFHbSfenTR38DAAD%2F%2FwEAAP%2F%2FIhzFoJAEAAA%3D IP172.240.108.68:443
Requested byhttp://nguonchillb.com/thanh-vat-ca-sau-crocodile-dundee-f41307.html CertificateIssuerLet's Encrypt Subjectcontinuousselfevidentinestimable.com Fingerprint1F:F4:36:85:7F:D7:60:BF:21:DA:52:FF:00:60:97:80:4B:6D:0D:3A ValidityMon, 15 Apr 2024 12:20:33 GMT - Sun, 14 Jul 2024 12:20:32 GMT
File typeASCII text, with no line terminators Hash132d6af1b46048b45cf86cdee7991d31 eb7007d03d59b65bc6da7e098c4d38fc6dfb6285 ab852e838deccd742a03ca81d4a8d75cf1a00b327db3eaf46bd7da6b6db9384c
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /ren.gif?sid=H4sIAAAAAAAC%2F1RSz2skRRitzgY8CAvKgqAog3hQMJP%2BMdMz4x6CMUaCcbPsKnqTqq6aSZnqrqaqa3oSL8EF2ePgX9B5k2zQXUT%2FAHd1siASEDKecjB%2FgyAunkRmjA5%2Bh%2F5%2BvO%2BD1%2B%2FV5wfugoRw9HztPb0nlaLLzbpfe%2FWjILhe25SZG9QG7fjjuHG9ZvpvdOK6%2F1rtHZHs6OXQD3w%2F8IPaujSiqwfLUxAyf9AJ6h2%2F3gjrQbOBgfl%2Fb50HSz3w%2FgV5FpJPFh971yCTMbL0mzVhdwqdv%2F526hQttEGfH3%2BQ7WS6zJDOy67x0M2OL7eh7dn6Q%2BjsaEYXuv%2FfIpMT4v34ECw7viQJ1j%2Bc8WQKIgPjT6PsjyHUGJKOkeg7kPyMAAnHjS1k6b0b2pR09x%2BUTtEJWXzyO2Q5IYu%2FXkOWfr2q5KB2WytXSJ1ZDLoV5GAM2Rsjdyco9hYgyxMkxWeQ%2FGey%2FGQTWXq4ZZWG5OevBF0ethosWhIsaCw1aBQstRPKl0TSZIFoiCCJ%2BEwgKceQ3TGUGILaK3DWg5MeXNeDyz2k%2FLyWBEHQ8nlC%2FXYnSSLeEizmfkBb3YAGftyGS6b%2FMESRD5GoIRKzj9zsY0cOYdz3sNsVLPdgC4I%2Br1AKgtISlJSglARlQVD2qyOubGire1xZx4LLHF7mqBrpondAj3TRExkBNUMYXh3kF%2BSZqYDe4uQv7IjzWpOFbcaiKGq3Gu2g3WJhEMdNv81FyDsxi2BlBWkXQK2HvamZP6win%2BaXV8DoCaw6QSI9UPciaFmBblfYy%2B5nPaezol9PdAquK%2BTFIopd70BdkBdmDtb%2FXIJITsllIDEVclPhE%2FmYoKfujm7pkhze0qUl327lhUzlHp26e7ughfC%2BelfsltrwjTU7%2FPLNZApMywfvC1ts0ozLrGfJ%2FVXJuTDr2iSCfLdhPxTsprPbq85kLt%2B8%2Bdb6RpobYa3U2RhUnl29ikROyFM%2F%2FTF7ts9dPA9pxjCuQurmTKU%2BQZLvw%2BbzmdUERs17lnsoXTUyIZsPlSRQYt5TVsGK00e%2F%2FXs0r0eGTq%2BprA7sXfTMAmhxB1laoW8q9FUFqoaw7sqoyM3pyi%2FRLMDUwogps3DIlFFfzESeflZg5XmtFUU%2BjTvNoNWiosUaYbsbB5zSsBGHcUwjFHbSfenTR38DAAD%2F%2FwEAAP%2F%2FIhzFoJAEAAA%3D HTTP/1.1
Host: continuousselfevidentinestimable.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://nguonchillb.com/
Cookie: u_pl=17093374; uid_id2=1fd274b3-eb14-4a31-8cad-ec5b1e4e1c3d:3:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; slec5b28bb3338748187b2166508de2d96b3=[3078189,3078207]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Tue, 16 Apr 2024 13:23:11 GMT
Content-Type: image/gif
Content-Length: 7
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 449b54d397d939e85f6fd44dd723fc3b
Strict-Transport-Security: max-age=0; includeSubdomains
|
|
| unseenreport.com/pxf.gif?uuid=1fd274b3-eb14-4a31-8cad-ec5b1e4e1c3d&eb=978028c5053b26833423c7a069ce3bd5&te=5db3a4e34790624df926db520a13f79f&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=e&res=14.2069&b_frame=0&pk=5b28bb3338748187b2166508de2d96b3&bl=en-US&sr=1024x1280&sz=1024x1280&hjs=13 | 192.243.59.20 | 200 OK | 1 B |
URL GET HTTP/1.1unseenreport.com/pxf.gif?uuid=1fd274b3-eb14-4a31-8cad-ec5b1e4e1c3d&eb=978028c5053b26833423c7a069ce3bd5&te=5db3a4e34790624df926db520a13f79f&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=e&res=14.2069&b_frame=0&pk=5b28bb3338748187b2166508de2d96b3&bl=en-US&sr=1024x1280&sz=1024x1280&hjs=13 IP192.243.59.20:80 ASN#39572 DataWeb Global Group B.V.
Requested byhttp://nguonchillb.com/thanh-vat-ca-sau-crocodile-dundee-f41307.html
File typevery short file (no magic) Hash93b885adfe0da089cdf634904fd59f71 5ba93c9db0cff93f52b521d7420e43f6eda2784f 6e340b9cffb37a989ca544e6bb780a2c78901d3fb33738768511a30617afa01d
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /pxf.gif?uuid=1fd274b3-eb14-4a31-8cad-ec5b1e4e1c3d&eb=978028c5053b26833423c7a069ce3bd5&te=5db3a4e34790624df926db520a13f79f&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=e&res=14.2069&b_frame=0&pk=5b28bb3338748187b2166508de2d96b3&bl=en-US&sr=1024x1280&sz=1024x1280&hjs=13 HTTP/1.1
Host: unseenreport.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://nguonchillb.com/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Tue, 16 Apr 2024 13:23:11 GMT
Content-Type: image/gif
Content-Length: 1
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: b68a3da51b6360bab55a3729105633a2
Strict-Transport-Security: max-age=0; includeSubdomains
|
|
| cdn.creative-bars1.com/sb/notifications/utility/default/us/blog/financeskipper/message_redcircle2/16/img/sale3.jpg | 172.67.141.24 | 200 OK | 65 kB |
URL GET HTTP/3cdn.creative-bars1.com/sb/notifications/utility/default/us/blog/financeskipper/message_redcircle2/16/img/sale3.jpg IP172.67.141.24:443
Requested byhttp://nguonchillb.com/thanh-vat-ca-sau-crocodile-dundee-f41307.html CertificateIssuerGoogle Trust Services LLC Subjectcreative-bars1.com Fingerprint3D:29:39:2C:F1:E5:C6:EF:54:F5:70:B5:CF:A8:C2:75:4D:89:72:13 ValidityMon, 15 Apr 2024 15:02:18 GMT - Sun, 14 Jul 2024 15:02:17 GMT
File typeJPEG image data, Exif standard: [TIFF image data, big-endian, direntries=12, height=242, bps=0, PhotometricInterpretation=RGB, orientation=upper-left, width=364], progressive, precision 8, 364x242, components 3 Hash61f7b1fa1698507638df7882e2bdfcaf 89134af9a734f4c30d0db01ea36c86895e46b7e3 bc0a583f7e3c834e53d5263ecc90d279b27460ea2e9bce56b7ac6b129eb5849c
GET /sb/notifications/utility/default/us/blog/financeskipper/message_redcircle2/16/img/sale3.jpg HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Tue, 16 Apr 2024 13:23:11 GMT
content-type: image/jpeg
content-length: 64642
last-modified: Fri, 19 Jan 2024 14:21:26 GMT
etag: "65aa8566-fc82"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 5354275
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=AhS%2BeHIC78oT2F6IcA5KUXrlSv7V5WtsB1dERZcWeLkfniabR3uhnSnnZGWRXDoLJ6xqcEPxZNGmZn2i2DRNFIrJ%2BjdOKClgJ9IZ6JQPWVnrWM4PZZFEkGwaoFQ8Tcx6McraJP8mqmKD"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87547d0e4e4a5690-OSL
alt-svc: h3=":443"; ma=86400
|
|
| fonts.googleapis.com/css?family=Roboto:300,400,700&display=swap | 142.250.74.106 | 200 OK | 717 B |
URL GET HTTP/1.1fonts.googleapis.com/css?family=Roboto:300,400,700&display=swap IP142.250.74.106:80
Requested byhttp://nguonchillb.com/thanh-vat-ca-sau-crocodile-dundee-f41307.html
Hash9cc7d472437c87f6f7ebeb35abec09f1 948bb2b7bf4bbc829015c125e1b6f7859b2948b0 9a39510af72db44fb14d333c52c41da0e90827afcfe78c8f12b367f0a94783b7
GET /css?family=Roboto:300,400,700&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: text/css; charset=utf-8
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Link: <http://fonts.gstatic.com>; rel=preconnect; crossorigin
Expires: Tue, 16 Apr 2024 13:23:11 GMT
Date: Tue, 16 Apr 2024 13:23:11 GMT
Cache-Control: private, max-age=86400
Cross-Origin-Opener-Policy: same-origin-allow-popups
Cross-Origin-Resource-Policy: cross-origin
Content-Encoding: gzip
Transfer-Encoding: chunked
Server: ESF
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
|
|
| continuousselfevidentinestimable.com/pixel/sbls?bv=24.6.6370&tmpl=482&u=https%3A%2F%2Fcdn.barscreative1.com%2Fsb%2Fnotifications%2Futility%2Fdefault%2Fus%2Fblog%2Ffinanceskipper%2Fmessage_redcircle2%2F16%2Findex.html&l=1545&fd=82 | 172.240.108.68 | 200 OK | 0 B |
URL GET HTTP/1.1continuousselfevidentinestimable.com/pixel/sbls?bv=24.6.6370&tmpl=482&u=https%3A%2F%2Fcdn.barscreative1.com%2Fsb%2Fnotifications%2Futility%2Fdefault%2Fus%2Fblog%2Ffinanceskipper%2Fmessage_redcircle2%2F16%2Findex.html&l=1545&fd=82 IP172.240.108.68:80
Requested byhttp://nguonchillb.com/thanh-vat-ca-sau-crocodile-dundee-f41307.html
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /pixel/sbls?bv=24.6.6370&tmpl=482&u=https%3A%2F%2Fcdn.barscreative1.com%2Fsb%2Fnotifications%2Futility%2Fdefault%2Fus%2Fblog%2Ffinanceskipper%2Fmessage_redcircle2%2F16%2Findex.html&l=1545&fd=82 HTTP/1.1
Host: continuousselfevidentinestimable.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://nguonchillb.com/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Tue, 16 Apr 2024 13:23:11 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
|
|
| cdn.creative-bars1.com/sb/notifications/utility/default/us/blog/financeskipper/message_redcircle2/16/css/style.css | 172.67.141.24 | 200 OK | 1.0 kB |
URL GET HTTP/2cdn.creative-bars1.com/sb/notifications/utility/default/us/blog/financeskipper/message_redcircle2/16/css/style.css IP172.67.141.24:443
Requested byhttp://nguonchillb.com/thanh-vat-ca-sau-crocodile-dundee-f41307.html CertificateIssuerGoogle Trust Services LLC Subjectcreative-bars1.com Fingerprint3D:29:39:2C:F1:E5:C6:EF:54:F5:70:B5:CF:A8:C2:75:4D:89:72:13 ValidityMon, 15 Apr 2024 15:02:18 GMT - Sun, 14 Jul 2024 15:02:17 GMT
Hashda91945ede579f34a99cde40a98ce5a4 cfbf9b6c295766437a906f7fd6f46a0302240c9a 9b9d07bcd50263ebd848d3f60889a594727d925ee4488df503eac791023d57b1
GET /sb/notifications/utility/default/us/blog/financeskipper/message_redcircle2/16/css/style.css HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://nguonchillb.com
DNT: 1
Connection: keep-alive
Referer: http://nguonchillb.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Tue, 16 Apr 2024 13:23:11 GMT
content-type: text/css
last-modified: Fri, 19 Jan 2024 14:21:26 GMT
etag: W/"65aa8566-e50"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 1
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=1ILXEIfI%2FOgJLOR608gnQbhxMlo2lZIGHFOpYPmSYOZO4Yp5xoILVuzIlaPZNAiHKUM%2B0l3c1XUPgkhpO7pZu80r%2BfoRiVou69B7Yl48UIIMK5ycAHk91Y1j5KvosHArhN9Hmu5W0S1I"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87547d0dbc391bfe-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| continuousselfevidentinestimable.com/pixel/sbls?bv=24.6.6370&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Fnotifications%2Futility%2Fdefault%2Fus%2Fblog%2Ffinanceskipper%2Fmessage_redcircle2%2F16%2Fjs%2Fscript.js&l=386&fd=37 | 172.240.108.68 | 200 OK | 0 B |
URL GET HTTP/1.1continuousselfevidentinestimable.com/pixel/sbls?bv=24.6.6370&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Fnotifications%2Futility%2Fdefault%2Fus%2Fblog%2Ffinanceskipper%2Fmessage_redcircle2%2F16%2Fjs%2Fscript.js&l=386&fd=37 IP172.240.108.68:80
Requested byhttp://nguonchillb.com/thanh-vat-ca-sau-crocodile-dundee-f41307.html
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /pixel/sbls?bv=24.6.6370&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Fnotifications%2Futility%2Fdefault%2Fus%2Fblog%2Ffinanceskipper%2Fmessage_redcircle2%2F16%2Fjs%2Fscript.js&l=386&fd=37 HTTP/1.1
Host: continuousselfevidentinestimable.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://nguonchillb.com/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Tue, 16 Apr 2024 13:23:11 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
|
|
| continuousselfevidentinestimable.com/pixel/sbls?bv=24.6.6370&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Fnotifications%2Futility%2Fdefault%2Fus%2Fblog%2Ffinanceskipper%2Fmessage_redcircle2%2F16%2Fcss%2Fstyle.css&l=3664&fd=41 | 172.240.108.68 | 200 OK | 0 B |
URL GET HTTP/1.1continuousselfevidentinestimable.com/pixel/sbls?bv=24.6.6370&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Fnotifications%2Futility%2Fdefault%2Fus%2Fblog%2Ffinanceskipper%2Fmessage_redcircle2%2F16%2Fcss%2Fstyle.css&l=3664&fd=41 IP172.240.108.68:80
Requested byhttp://nguonchillb.com/thanh-vat-ca-sau-crocodile-dundee-f41307.html
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /pixel/sbls?bv=24.6.6370&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Fnotifications%2Futility%2Fdefault%2Fus%2Fblog%2Ffinanceskipper%2Fmessage_redcircle2%2F16%2Fcss%2Fstyle.css&l=3664&fd=41 HTTP/1.1
Host: continuousselfevidentinestimable.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://nguonchillb.com/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Tue, 16 Apr 2024 13:23:11 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
|
|
| fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 | 142.250.74.99 | 200 OK | 16 kB |
URL GET HTTP/1.1fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 IP142.250.74.99:80
Requested byhttp://nguonchillb.com/thanh-vat-ca-sau-crocodile-dundee-f41307.html
File typeWeb Open Font Format (Version 2), TrueType, length 15744, version 1.0 Hash15d9f621c3bd1599f0169dcf0bd5e63e 7ca9c5967f3bb8bffeab24b639b49c1e7d03fa52 f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://nguonchillb.com
DNT: 1
Connection: keep-alive
Referer: http://fonts.googleapis.com/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin; report-to="apps-themes"
Report-To: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
Timing-Allow-Origin: *
Content-Length: 15744
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Thu, 11 Apr 2024 02:56:40 GMT
Expires: Fri, 11 Apr 2025 02:56:40 GMT
Cache-Control: public, max-age=31536000
Age: 469592
Last-Modified: Wed, 11 May 2022 19:24:48 GMT
Content-Type: font/woff2
|
|
| fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 | 142.250.74.99 | 200 OK | 16 kB |
URL GET HTTP/1.1fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 IP142.250.74.99:80
Requested byhttp://nguonchillb.com/thanh-vat-ca-sau-crocodile-dundee-f41307.html
File typeWeb Open Font Format (Version 2), TrueType, length 15860, version 1.0 Hashe9f5aaf547f165386cd313b995dddd8e acdef5603c2387b0e5bffd744b679a24a8bc1968 f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
GET /s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://nguonchillb.com
DNT: 1
Connection: keep-alive
Referer: http://fonts.googleapis.com/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin; report-to="apps-themes"
Report-To: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
Timing-Allow-Origin: *
Content-Length: 15860
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Tue, 09 Apr 2024 20:22:24 GMT
Expires: Wed, 09 Apr 2025 20:22:24 GMT
Cache-Control: public, max-age=31536000
Last-Modified: Wed, 11 May 2022 19:24:42 GMT
Content-Type: font/woff2
Age: 579648
|
|
| continuousselfevidentinestimable.com/impr.gif?sid=H4sIAAAAAAAC%2F1RSXWscVRg%2Bkwa8EApKQVCURbxQMJuZnf2KvSjGGgnGprSK3sn5ms0xZ%2BYM58zZ2cSbYEF6ufgLJs8mDdoi%2BgNsdVMQCQhZr3JhfoMgFq9Edo0uvhfzfjzvC888z%2Fl835%2BTBjw9u%2F6e2VVa0%2BVWPay9%2BlEUXa1tqMwPaoNu%2B%2BN282rN9t9YadfD12rvSL5tlhthFIZRGNXWlJWJGSxPQaj8wUpUXwnrzUY9ajUxsP%2FvnQ%2FgaADRPyfPQonJ4uPgChQfI0u%2FuS7ddmHy199OvaaFseiLow%2By7cyUGdJ5mdgASXZ0sQ3jTtcewmSHM7ow%2Ff8WmZqQ4MeHYNnRBUmw%2FsGMJ9OQGZh4GmV%2FDKnHUHQMbu5AiVMCcIEbm8jSezeMLenOPyidohOy%2BOR3qHJCFn%2B9giz9elWrQe220b5QJnMYJBXUYAzVGyP3xyh2F6DKY%2FDiMyjxM1l%2BsoEsPdh02kCJs1eiRDQ6TRYvSRY1l5o0jpa6nIolyVsskk0Z8VjMBFJqDJWMoeUQ1F2CdwG8CuCTAD4PkIqzGo%2BiqBMKTsPuCuex6EjWFmFEO0lEo7DdhefTfxiiyIfgeghu95DbPWyrIaz%2FHm6rghMBXEHQFxVKSVA6gpISlIqgLAjKfnUotGu46p7QzrPoIjcuclyNTNHbp4em6MmMgNohrKj283PyzFTAYHHyF7blWa3FGl3G4jjudprdqNthjajdboVdIRtipc1iOFVBuQVQF2B3auYPq8in%2BeVrYPQYTh%2BDqwDUvwhaVqBbFXaz%2B1nPm6zo17lJIUyFvFhEsRPs63PywszB%2Bp9LkPyEXAS4rZDbCp%2BoxwQ9fXd0y5Tk4JYpHfl2My9Uqnbp1N3bBS1k8NW7cqc0Vqxfd8Mv3%2BRTYFo%2BeF%2B6YoNmQmU9R%2B6vKiGkXTOWS%2FLduvtQspveba16m%2Fl84%2BZba%2BtpbqVzymRjUHV6%2BTK4mpCnfvpj9myfO38eyo5hfYXUz5kqcwye78Hl85kzBFbPe5YHKH01sg02H2pFoOW8p6yCkyePfvv3aF6PLJ1eU1Xtu7vo2QXQ4g6ytELfVujrClQP4fylUZHbk2u%2FxLMA0wsjpu3CAdNWfzETefq5BqfOanEoOkwmssNks9VMJBes1WIhTziLRbfLUbhJ8tKnj%2F4GAAD%2F%2FwEAAP%2F%2FosgQSJAEAAA%3D | 172.240.108.68 | 200 OK | 7 B |
URL GET HTTP/1.1continuousselfevidentinestimable.com/impr.gif?sid=H4sIAAAAAAAC%2F1RSXWscVRg%2Bkwa8EApKQVCURbxQMJuZnf2KvSjGGgnGprSK3sn5ms0xZ%2BYM58zZ2cSbYEF6ufgLJs8mDdoi%2BgNsdVMQCQhZr3JhfoMgFq9Edo0uvhfzfjzvC888z%2Fl835%2BTBjw9u%2F6e2VVa0%2BVWPay9%2BlEUXa1tqMwPaoNu%2B%2BN282rN9t9YadfD12rvSL5tlhthFIZRGNXWlJWJGSxPQaj8wUpUXwnrzUY9ajUxsP%2FvnQ%2FgaADRPyfPQonJ4uPgChQfI0u%2FuS7ddmHy199OvaaFseiLow%2By7cyUGdJ5mdgASXZ0sQ3jTtcewmSHM7ow%2Ff8WmZqQ4MeHYNnRBUmw%2FsGMJ9OQGZh4GmV%2FDKnHUHQMbu5AiVMCcIEbm8jSezeMLenOPyidohOy%2BOR3qHJCFn%2B9giz9elWrQe220b5QJnMYJBXUYAzVGyP3xyh2F6DKY%2FDiMyjxM1l%2BsoEsPdh02kCJs1eiRDQ6TRYvSRY1l5o0jpa6nIolyVsskk0Z8VjMBFJqDJWMoeUQ1F2CdwG8CuCTAD4PkIqzGo%2BiqBMKTsPuCuex6EjWFmFEO0lEo7DdhefTfxiiyIfgeghu95DbPWyrIaz%2FHm6rghMBXEHQFxVKSVA6gpISlIqgLAjKfnUotGu46p7QzrPoIjcuclyNTNHbp4em6MmMgNohrKj283PyzFTAYHHyF7blWa3FGl3G4jjudprdqNthjajdboVdIRtipc1iOFVBuQVQF2B3auYPq8in%2BeVrYPQYTh%2BDqwDUvwhaVqBbFXaz%2B1nPm6zo17lJIUyFvFhEsRPs63PywszB%2Bp9LkPyEXAS4rZDbCp%2BoxwQ9fXd0y5Tk4JYpHfl2My9Uqnbp1N3bBS1k8NW7cqc0Vqxfd8Mv3%2BRTYFo%2BeF%2B6YoNmQmU9R%2B6vKiGkXTOWS%2FLduvtQspveba16m%2Fl84%2BZba%2BtpbqVzymRjUHV6%2BTK4mpCnfvpj9myfO38eyo5hfYXUz5kqcwye78Hl85kzBFbPe5YHKH01sg02H2pFoOW8p6yCkyePfvv3aF6PLJ1eU1Xtu7vo2QXQ4g6ytELfVujrClQP4fylUZHbk2u%2FxLMA0wsjpu3CAdNWfzETefq5BqfOanEoOkwmssNks9VMJBes1WIhTziLRbfLUbhJ8tKnj%2F4GAAD%2F%2FwEAAP%2F%2FosgQSJAEAAA%3D IP172.240.108.68:443
Requested byhttp://nguonchillb.com/thanh-vat-ca-sau-crocodile-dundee-f41307.html CertificateIssuerLet's Encrypt Subjectcontinuousselfevidentinestimable.com Fingerprint1F:F4:36:85:7F:D7:60:BF:21:DA:52:FF:00:60:97:80:4B:6D:0D:3A ValidityMon, 15 Apr 2024 12:20:33 GMT - Sun, 14 Jul 2024 12:20:32 GMT
File typeASCII text, with no line terminators Hash132d6af1b46048b45cf86cdee7991d31 eb7007d03d59b65bc6da7e098c4d38fc6dfb6285 ab852e838deccd742a03ca81d4a8d75cf1a00b327db3eaf46bd7da6b6db9384c
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /impr.gif?sid=H4sIAAAAAAAC%2F1RSXWscVRg%2Bkwa8EApKQVCURbxQMJuZnf2KvSjGGgnGprSK3sn5ms0xZ%2BYM58zZ2cSbYEF6ufgLJs8mDdoi%2BgNsdVMQCQhZr3JhfoMgFq9Edo0uvhfzfjzvC888z%2Fl835%2BTBjw9u%2F6e2VVa0%2BVWPay9%2BlEUXa1tqMwPaoNu%2B%2BN282rN9t9YadfD12rvSL5tlhthFIZRGNXWlJWJGSxPQaj8wUpUXwnrzUY9ajUxsP%2FvnQ%2FgaADRPyfPQonJ4uPgChQfI0u%2FuS7ddmHy199OvaaFseiLow%2By7cyUGdJ5mdgASXZ0sQ3jTtcewmSHM7ow%2Ff8WmZqQ4MeHYNnRBUmw%2FsGMJ9OQGZh4GmV%2FDKnHUHQMbu5AiVMCcIEbm8jSezeMLenOPyidohOy%2BOR3qHJCFn%2B9giz9elWrQe220b5QJnMYJBXUYAzVGyP3xyh2F6DKY%2FDiMyjxM1l%2BsoEsPdh02kCJs1eiRDQ6TRYvSRY1l5o0jpa6nIolyVsskk0Z8VjMBFJqDJWMoeUQ1F2CdwG8CuCTAD4PkIqzGo%2BiqBMKTsPuCuex6EjWFmFEO0lEo7DdhefTfxiiyIfgeghu95DbPWyrIaz%2FHm6rghMBXEHQFxVKSVA6gpISlIqgLAjKfnUotGu46p7QzrPoIjcuclyNTNHbp4em6MmMgNohrKj283PyzFTAYHHyF7blWa3FGl3G4jjudprdqNthjajdboVdIRtipc1iOFVBuQVQF2B3auYPq8in%2BeVrYPQYTh%2BDqwDUvwhaVqBbFXaz%2B1nPm6zo17lJIUyFvFhEsRPs63PywszB%2Bp9LkPyEXAS4rZDbCp%2BoxwQ9fXd0y5Tk4JYpHfl2My9Uqnbp1N3bBS1k8NW7cqc0Vqxfd8Mv3%2BRTYFo%2BeF%2B6YoNmQmU9R%2B6vKiGkXTOWS%2FLduvtQspveba16m%2Fl84%2BZba%2BtpbqVzymRjUHV6%2BTK4mpCnfvpj9myfO38eyo5hfYXUz5kqcwye78Hl85kzBFbPe5YHKH01sg02H2pFoOW8p6yCkyePfvv3aF6PLJ1eU1Xtu7vo2QXQ4g6ytELfVujrClQP4fylUZHbk2u%2FxLMA0wsjpu3CAdNWfzETefq5BqfOanEoOkwmssNks9VMJBes1WIhTziLRbfLUbhJ8tKnj%2F4GAAD%2F%2FwEAAP%2F%2FosgQSJAEAAA%3D HTTP/1.1
Host: continuousselfevidentinestimable.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://nguonchillb.com/
Cookie: u_pl=17093374; uid_id2=1fd274b3-eb14-4a31-8cad-ec5b1e4e1c3d:3:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; slec5b28bb3338748187b2166508de2d96b3=[3078189,3078207]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Tue, 16 Apr 2024 13:23:12 GMT
Content-Type: image/gif
Content-Length: 7
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 04097fb3ae241f856addb2373f50aed8
Strict-Transport-Security: max-age=0; includeSubdomains
|
|
| continuousselfevidentinestimable.com/pixel/sbs?c=1 | 192.243.61.225 | 200 OK | 0 B |
URL GET HTTP/1.1continuousselfevidentinestimable.com/pixel/sbs?c=1 IP192.243.61.225:443 ASN#39572 DataWeb Global Group B.V.
Requested byhttp://nguonchillb.com/thanh-vat-ca-sau-crocodile-dundee-f41307.html CertificateIssuerLet's Encrypt Subjectcontinuousselfevidentinestimable.com Fingerprint1F:F4:36:85:7F:D7:60:BF:21:DA:52:FF:00:60:97:80:4B:6D:0D:3A ValidityMon, 15 Apr 2024 12:20:33 GMT - Sun, 14 Jul 2024 12:20:32 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /pixel/sbs?c=1 HTTP/1.1
Host: continuousselfevidentinestimable.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://nguonchillb.com/
Cookie: u_pl=17093374; uid_id2=1fd274b3-eb14-4a31-8cad-ec5b1e4e1c3d:3:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; slec5b28bb3338748187b2166508de2d96b3=[3078189,3078207]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Tue, 16 Apr 2024 13:23:12 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
|
|
| cdn.creative-bars1.com/sb/notifications/utility/default/us/blog/financeskipper/message_redcircle2/16/js/script.js | 172.67.141.24 | 200 OK | 9.2 kB |
URL GET HTTP/2cdn.creative-bars1.com/sb/notifications/utility/default/us/blog/financeskipper/message_redcircle2/16/js/script.js IP172.67.141.24:443
Requested byhttp://nguonchillb.com/thanh-vat-ca-sau-crocodile-dundee-f41307.html CertificateIssuerGoogle Trust Services LLC Subjectcreative-bars1.com Fingerprint3D:29:39:2C:F1:E5:C6:EF:54:F5:70:B5:CF:A8:C2:75:4D:89:72:13 ValidityMon, 15 Apr 2024 15:02:18 GMT - Sun, 14 Jul 2024 15:02:17 GMT
Hash5ca8c1679ba9453cfa512e01d6fec9c5 45628341eb20e4acee5e812d3b2dfc8f23962daf 520a0196a18cbe656f7382a02ec828125e68bdac511b9ebe2bf27f31e262d037
GET /sb/notifications/utility/default/us/blog/financeskipper/message_redcircle2/16/js/script.js HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://nguonchillb.com
DNT: 1
Connection: keep-alive
Referer: http://nguonchillb.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Tue, 16 Apr 2024 13:23:11 GMT
content-type: application/javascript
last-modified: Fri, 19 Jan 2024 14:21:26 GMT
etag: W/"65aa8566-182"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 1
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=9qaBu%2B1cf8Z6yB8JdOdd77%2F4d1Q3qvtlt7yhLArfWYolMuARyGBQ1EiYCtS5Ire9HxalPun%2BKn2WJMkSTwzOm3DOCb%2BX1sqBal4XRzr4mfd3SDNN82vRH6UTx2q0y4GJOwWnSB9yiLO1"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87547d0dcc3e1bfe-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| cdn.creative-bars1.com/sb/notifications/utility/default/us/blog/financeskipper/message_redcircle2/16/css/animate.css | 172.67.141.24 | 200 OK | 79 kB |
URL GET HTTP/2cdn.creative-bars1.com/sb/notifications/utility/default/us/blog/financeskipper/message_redcircle2/16/css/animate.css IP172.67.141.24:443
Requested byhttp://nguonchillb.com/thanh-vat-ca-sau-crocodile-dundee-f41307.html CertificateIssuerGoogle Trust Services LLC Subjectcreative-bars1.com Fingerprint3D:29:39:2C:F1:E5:C6:EF:54:F5:70:B5:CF:A8:C2:75:4D:89:72:13 ValidityMon, 15 Apr 2024 15:02:18 GMT - Sun, 14 Jul 2024 15:02:17 GMT
Hash3d4123dbfb33d27a5cfdfcfa91df6783 e7d0eeeec54b848f0bc3da8685fa3bc88429d660 cb7d1393b65701b2f97d8da244c2c6023e9cbc3463ecb0136b915cfc775c6887
GET /sb/notifications/utility/default/us/blog/financeskipper/message_redcircle2/16/css/animate.css HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://nguonchillb.com
DNT: 1
Connection: keep-alive
Referer: http://nguonchillb.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Tue, 16 Apr 2024 13:23:11 GMT
content-type: text/css
last-modified: Fri, 19 Jan 2024 14:21:26 GMT
etag: W/"65aa8566-13361"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 1
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2Bpkp7fcx4TNrqlKDWaJgJVNMUnZ8%2BINCVPDxW6Rc8nT24AD1ewCKSBxkiDrp2Qkm%2FT5UkXLg8bhsaDPTEbQJb9FjXp%2FNre5pCMgFhBaKgwNznAeiUR5JQUnh3TzI6FxMUg2zt8yBTLAu"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87547d0dbc2f1bfe-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| cdn.barscreative1.com/sb/notifications/utility/default/us/blog/financeskipper/message_redcircle2/16/index.html | 45.133.44.4 | 200 OK | 1.5 kB |
URL GET HTTP/2cdn.barscreative1.com/sb/notifications/utility/default/us/blog/financeskipper/message_redcircle2/16/index.html IP45.133.44.4:443 ASN#39572 DataWeb Global Group B.V.
Requested byhttp://nguonchillb.com/thanh-vat-ca-sau-crocodile-dundee-f41307.html CertificateIssuerLet's Encrypt Subjectcdn.barscreative1.com FingerprintF6:54:F4:B9:EB:AD:1E:FA:8F:76:B9:75:20:9B:41:57:32:37:94:E3 ValiditySun, 10 Mar 2024 03:01:32 GMT - Sat, 08 Jun 2024 03:01:31 GMT
File typeHTML document, ASCII text, with very long lines (1633), with no line terminators Hashf93ed3ce8bed77cddedfbd4906ec1e86 a6860f6e0d690ac796f5c8e9211aef6031a29abb 7a7a3a39b0cf96b597a8da0cef9b2093229e1778fda9697b5215ba4cb267c1a0
GET /sb/notifications/utility/default/us/blog/financeskipper/message_redcircle2/16/index.html HTTP/1.1
Host: cdn.barscreative1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://nguonchillb.com
DNT: 1
Connection: keep-alive
Referer: http://nguonchillb.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Tue, 16 Apr 2024 13:23:11 GMT
content-type: text/html; charset=utf-8
server: nginx/1.21.6
last-modified: Fri, 19 Jan 2024 14:21:26 GMT
etag: W/"65aa8566-609"
cache-control: max-age=3600
access-control-allow-origin: *
access-control-expose-headers: Date
content-encoding: gzip
expires: Tue, 16 Apr 2024 14:23:11 GMT
x-proxy-cache: HIT
X-Firefox-Spdy: h2
|
|
| continuousselfevidentinestimable.com/pixel/sbls?bv=24.6.6370&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Fnotifications%2Futility%2Fdefault%2Fus%2Fblog%2Ffinanceskipper%2Fmessage_redcircle2%2F16%2Fcss%2Fanimate.css&l=78689&fd=39 | 172.240.108.68 | 200 OK | 0 B |
URL GET HTTP/1.1continuousselfevidentinestimable.com/pixel/sbls?bv=24.6.6370&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Fnotifications%2Futility%2Fdefault%2Fus%2Fblog%2Ffinanceskipper%2Fmessage_redcircle2%2F16%2Fcss%2Fanimate.css&l=78689&fd=39 IP172.240.108.68:80
Requested byhttp://nguonchillb.com/thanh-vat-ca-sau-crocodile-dundee-f41307.html
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /pixel/sbls?bv=24.6.6370&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Fnotifications%2Futility%2Fdefault%2Fus%2Fblog%2Ffinanceskipper%2Fmessage_redcircle2%2F16%2Fcss%2Fanimate.css&l=78689&fd=39 HTTP/1.1
Host: continuousselfevidentinestimable.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://nguonchillb.com/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Tue, 16 Apr 2024 13:23:11 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
|
|
| fonts.googleapis.com/css?family=Open+Sans:300,300i,400,400i,600,600i,700,700i,800,800i|Roboto:100,100i,300,300i,400,400i,500,500i,700,700i,900,900i&subset=latin-ext,vietnamese | 142.250.74.106 | 200 OK | 82 kB |
URL GET HTTP/2fonts.googleapis.com/css?family=Open+Sans:300,300i,400,400i,600,600i,700,700i,800,800i|Roboto:100,100i,300,300i,400,400i,500,500i,700,700i,900,900i&subset=latin-ext,vietnamese IP142.250.74.106:443
Requested byhttp://nguonchillb.com/thanh-vat-ca-sau-crocodile-dundee-f41307.html CertificateIssuerGoogle Trust Services LLC Subjectupload.video.google.com Fingerprint47:5A:64:7D:9F:47:34:07:31:91:97:F7:04:42:7A:D5:EA:AD:07:4E ValidityMon, 04 Mar 2024 07:16:44 GMT - Mon, 27 May 2024 07:16:43 GMT
File typeASCII text, with very long lines (1572) Hash82616926c46483e82c9e0effd92ad431 7def66e1e20fc4cdeb1af4bcad892fbed1be39ba a6dbd8ee53f621b0e770fd487bf3d5dea24a2c804fa468de5f218305420ff120
GET /css?family=Open+Sans:300,300i,400,400i,600,600i,700,700i,800,800i|Roboto:100,100i,300,300i,400,400i,500,500i,700,700i,900,900i&subset=latin-ext,vietnamese HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://nguonchillb.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Tue, 16 Apr 2024 13:23:10 GMT
date: Tue, 16 Apr 2024 13:23:10 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| fonts.googleapis.com/icon?family=Material+Icons | 142.250.74.106 | 200 OK | 565 B |
URL GET HTTP/2fonts.googleapis.com/icon?family=Material+Icons IP142.250.74.106:443
Requested byhttp://nguonchillb.com/thanh-vat-ca-sau-crocodile-dundee-f41307.html CertificateIssuerGoogle Trust Services LLC Subjectupload.video.google.com Fingerprint47:5A:64:7D:9F:47:34:07:31:91:97:F7:04:42:7A:D5:EA:AD:07:4E ValidityMon, 04 Mar 2024 07:16:44 GMT - Mon, 27 May 2024 07:16:43 GMT
File typeASCII text, with very long lines (588), with no line terminators Hash959a533a3dc02649e0cc3f8f67d942af 34db49ff64aed8b51beaba5b9928ad504a4df335 24864ed3ee6fab66640980d4c24640e579e5583764a8ee8c4f09decf27977247
GET /icon?family=Material+Icons HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://nguonchillb.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Tue, 16 Apr 2024 13:23:10 GMT
date: Tue, 16 Apr 2024 13:23:10 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| fonts.googleapis.com/css?family=Montserrat:100,100i,200,200i,300,300i,400,400i,500,500i,600,600i,700,700i,800,800i,900,900i | 142.250.74.106 | 200 OK | 31 kB |
URL GET HTTP/2fonts.googleapis.com/css?family=Montserrat:100,100i,200,200i,300,300i,400,400i,500,500i,600,600i,700,700i,800,800i,900,900i IP142.250.74.106:443
Requested byhttp://nguonchillb.com/thanh-vat-ca-sau-crocodile-dundee-f41307.html CertificateIssuerGoogle Trust Services LLC Subjectupload.video.google.com Fingerprint47:5A:64:7D:9F:47:34:07:31:91:97:F7:04:42:7A:D5:EA:AD:07:4E ValidityMon, 04 Mar 2024 07:16:44 GMT - Mon, 27 May 2024 07:16:43 GMT
Hash1535ab95ae017577b9c386b35a1cd5ee 2daa147654a80e47e16524ae15b678f59ee98514 468b3e9ad7eb860239ed3e6eba32e2e0ff79ee9c2bbf132f18a4d9c0809716e3
GET /css?family=Montserrat:100,100i,200,200i,300,300i,400,400i,500,500i,600,600i,700,700i,800,800i,900,900i HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://nguonchillb.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Tue, 16 Apr 2024 13:23:10 GMT
date: Tue, 16 Apr 2024 13:23:10 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
0.0.0.0