Report - nguonphimb.com/site/site/embed/?url=http://nguonphimb.com/xem-phim/vuong-quoc-cua-gio-f43859-15c-e533613.html

Report Overview

Submitted URL
nguonphimb.com/site/site/embed/?url=http://nguonphimb.com/xem-phim/vuong-quoc-cua-gio-f43859-15c-e533613.html
IP
94.242.50.163
ASN
#43317 SIA VEESP
Submitted
2024-04-19 03:37:30
Access
public
Website Title
(1) New Message!
Final URL
nguonphimc.com/xem-phim/vuong-quoc-cua-gio-f43859-15c-e533613.html
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
20

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
nguonphimb.com	unknown	2024-03-29	2024-04-11	2024-04-13	2.2 kB	2.1 kB	94.242.50.163
m3.nguonphim.net	926780	2016-09-27	2017-09-03	2024-04-17	1.1 kB	47 kB	94.242.50.163
m3.nguonhay.com	unknown	2022-05-13	2022-10-28	2024-03-07	2.4 kB	432 kB	94.242.50.163
proftrafficcounter.com	unknown	2023-11-16	2023-11-21	2024-04-18	427 B	420 B	52.29.148.107
www.googletagmanager.com	75	2011-11-11	2013-05-22	2024-04-18	420 B	98 kB	142.250.74.72
fonts.googleapis.com	8877	2005-01-25	2013-06-10	2024-04-18	3.4 kB	264 kB	142.250.74.74
bestowgradepunch.com	unknown	2024-04-16	2024-04-16	2024-04-17	6.7 kB	13 kB	192.243.61.225
nguonphimc.com	unknown	2024-04-10	2024-04-10	2024-04-14	13 kB	337 kB	94.242.50.163
fonts.gstatic.com	unknown	2008-02-11	2014-09-09	2024-04-18	12 kB	719 kB	142.250.74.131
pagead2.googlesyndication.com	101	2003-01-21	2021-02-20	2024-04-17	453 B	52 kB	142.250.74.66
cdn.creative-bars1.com	unknown	2022-11-01	2022-11-15	2024-04-18	2.3 kB	98 kB	188.114.96.1
fundingchoicesmessages.google.com	2397	1997-09-15	2019-01-16	2024-04-18	538 B	101 kB	216.58.211.14
cdn.cloudimagesb.com	23099	2020-10-06	2021-02-12	2024-04-17	440 B	79 kB	45.133.44.10
cdn.barscreative1.com	25648	2021-09-08	2021-09-16	2024-04-17	486 B	1.7 kB	45.133.44.3
chokedsmelt.com	unknown	2022-02-17	2022-02-17	2024-04-15	351 B	17 kB	192.243.61.225
downstairsnegotiatebarren.com	unknown	2024-03-04	2024-03-04	2024-04-17	327 B	880 B	104.21.35.227
www.gstatic.com	unknown	2008-02-11	2016-07-26	2024-04-18	9.9 kB	185 kB	142.250.74.35
grab.nguonphimc.com	unknown	unknown	No data	No data	5.2 kB	248 kB	94.242.50.163
unseenreport.com	unknown	2022-03-30	2022-03-30	2024-04-18	652 B	423 B	192.243.61.227

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2024-04-19	medium	chokedsmelt.com	Sinkholed
2024-04-19	medium	bestowgradepunch.com	Sinkholed
2024-04-18	medium	unseenreport.com	Sinkholed
2024-04-19	medium	bestowgradepunch.com	Sinkholed
2024-04-19	medium	bestowgradepunch.com	Sinkholed
2024-04-19	medium	bestowgradepunch.com	Sinkholed
2024-04-19	medium	bestowgradepunch.com	Sinkholed
2024-04-19	medium	bestowgradepunch.com	Sinkholed
2024-04-19	medium	bestowgradepunch.com	Sinkholed
2024-04-19	medium	bestowgradepunch.com	Sinkholed

ThreatFox

No alerts detected

JavaScript (56)

	URL	Size	First Seen	Last Seen
	grab.nguonphimc.com/embed/vuong-quoc-cua-gio-f43859.html?api=nguonphimc.com&esp=533613&aesp=15c&user=P26301&tim=1713497824&key=rlennKOWVW9kamdkZ25qa2hlX1eoppujkp6XVXBhsA	84 B	2023-03-08	2024-04-28
Pretty URL grab.nguonphimc.com/embed/vuong-quoc-cua-gio-f43859.html?api=nguonphimc.com&esp=533613&aesp=15c&user=P26301&tim=1713497824&key=rlennKOWVW9kamdkZ25qa2hlX1eoppujkp6XVXBhsA IP 94.242.50.163 ASN #43317 SIA VEESP Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-08 05:21:43 Last Seen2024-04-28 23:23:44 Times Seen23 Hash ca23b17c1ee24021de587b902d9f29e0 a702db81bafc61b6374b7c94eb252b380e0dba61 b2961c68c26a968fe3ff6b6202ba9595202bb7f65cf683b781775cbc24c05dbc Loading...

	www.googletagmanager.com/gtag/js?id=G-DDD7EKFG6W	287 kB	2024-04-19	2024-04-19
Pretty URL www.googletagmanager.com/gtag/js?id=G-DDD7EKFG6W IP 142.250.74.72 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-19 05:37:39 Last Seen2024-04-19 05:37:40 Times Seen2 Hash f5fe972b7c8f226d646e738555d27696 1a77b457c8d162db88a939b67e6000179111fa02 5a8e9600dbc868954f274dd85915b6cc1c5ae268dce58d13f40ffa37c2b4f82c Loading...

	moz-extension://2e2647a9-0c81-40a2-b74e-467a16e94626/lib/shim_messaging_helper.js	1.7 kB	2023-05-05	2024-05-02
Pretty URL moz-extension://2e2647a9-0c81-40a2-b74e-467a16e94626/lib/shim_messaging_helper.js IP 0.0.0.0 ASN #0 Introduced by Embedded in HTML false Observations First Seen2023-05-05 22:33:37 Last Seen2024-05-02 12:16:37 Times Seen45348 Hash 865f01cbb34eb505834e826380d7dc2e c239ccc37191f1be78dfaa6bb3f1da5d314fdf9e 30ed6392b8de4590bd974a4a797ee0b12b382f2141738115bfd2d692cfa6ec17 Loading...

	nguonphimc.com/xem-phim/vuong-quoc-cua-gio-f43859-15c-e533613.html	153 B	2024-03-30	2024-04-20
Pretty URL nguonphimc.com/xem-phim/vuong-quoc-cua-gio-f43859-15c-e533613.html IP 94.242.50.163 ASN #43317 SIA VEESP Introduced by scriptElement Embedded in HTML true Observations First Seen2024-03-30 03:40:57 Last Seen2024-04-20 07:49:23 Times Seen19 Hash a6ccbb3e3e222109f76c0c907d315a0e 6edfe9af4586c5e8436883d68a3c8338b0676a96 3f7767349ca2ffdffd4d0aaa1f68984f67334bc78d9944a0ce94a3ef03ad238a Loading...

	nguonphimc.com/themes/np/js/bootstrap.min.js	37 kB	2023-03-07	2024-05-02
Pretty URL nguonphimc.com/themes/np/js/bootstrap.min.js IP 94.242.50.163 ASN #43317 SIA VEESP Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:10:31 Last Seen2024-05-02 08:56:44 Times Seen2962 Hash e7d9a06cf9053c51cd4ad3386da0659a e45bf1054704a1fdfc4ee2713a16bf9283dea995 9a3724b2051a82064c923cbd68343dcb04014adac3ccb8c4d8ac6a31ba2e12cd Loading...

	nguonphimc.com/js/main.min.js?v=2.4.8.2	18 kB	2023-03-08	2024-05-02
Pretty URL nguonphimc.com/js/main.min.js?v=2.4.8.2 IP 94.242.50.163 ASN #43317 SIA VEESP Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 05:21:43 Last Seen2024-05-02 06:15:41 Times Seen117 Hash 2f3514d630f0195787c0f99778202f3c 2ce2883a59c655b8e02d644a1449fcdfdf604486 23b47b8eb144a359fdd87940db44e0420e7e0062f3cbba762e0e22c35afb3749 Loading...

	chokedsmelt.com/5b/28/bb/5b28bb3338748187b2166508de2d96b3.js	44 kB	2024-04-19	2024-04-19
Pretty URL chokedsmelt.com/5b/28/bb/5b28bb3338748187b2166508de2d96b3.js IP 192.243.61.225 ASN #39572 DataWeb Global Group B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-19 05:37:39 Last Seen2024-04-19 05:37:41 Times Seen2 Hash d17075939d1248cfe0674325f871ee85 ea63fc8f4f38baa3f3844982871f82a2559637df b5682a7f8bf616ed2f4b197fabeb3d670d3ca06a4612e7b44585d8a4431e822e Loading...

	nguonphimc.com/themes/np/js/wow.min.js	8.4 kB	2023-03-07	2024-05-02
Pretty URL nguonphimc.com/themes/np/js/wow.min.js IP 94.242.50.163 ASN #43317 SIA VEESP Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:32 Last Seen2024-05-02 08:01:17 Times Seen1531 Hash e1f1ff6897992a9165e8ce009b4039e3 e297207404fea99863aea60a1dcd3770f8ecddee 37461d9b50fd93b2e6d064c4aa48cbc16d5b1e82c27f47270b87a39225cc00ac Loading...

	www.gstatic.com/_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingAdwallUi.vi.pWvgqKnqE8Y.es5.O/ck=boq-content-ads-contributor.ContributorServingAdwallUi.payteTO1wl8.L.F4.O/am=gKEb/d=1/exm=BWd0oe,_b,_tp,soHxf/excm=_b,_tp,allowadsview/ed=1/wt=2/ujg=1/rs=AJlcJMzSUfO5Mm9PUNsFdowDQWxkjdegOQ/ee=EmZ2Bf:zr1jrb;JsbNhc:Xd8iUd;LBgRLc:XVMNvd;NPKaK:PVlQOd;SNUn3:ZwDk9d;cEt90b:ws9Tlc;dIoSBb:SpsfSb;eBAeSb:zbML3c;iFQyKf:vfuNJf;nAFL3:NTMZac;oGtAuc:sOXFj;qddgKe:xQtZb;wR5FRb:siKnQd;yxTchf:KUM7Z/m=Wt6vjf,hhhU8,FCpbqb,ws9Tlc,WhJNk	7.8 kB	2024-04-19	2024-04-19
Pretty URL www.gstatic.com/_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingAdwallUi.vi.pWvgqKnqE8Y.es5.O/ck=boq-content-ads-contributor.ContributorServingAdwallUi.payteTO1wl8.L.F4.O/am=gKEb/d=1/exm=BWd0oe,_b,_tp,soHxf/excm=_b,_tp,allowadsview/ed=1/wt=2/ujg=1/rs=AJlcJMzSUfO5Mm9PUNsFdowDQWxkjdegOQ/ee=EmZ2Bf:zr1jrb;JsbNhc:Xd8iUd;LBgRLc:XVMNvd;NPKaK:PVlQOd;SNUn3:ZwDk9d;cEt90b:ws9Tlc;dIoSBb:SpsfSb;eBAeSb:zbML3c;iFQyKf:vfuNJf;nAFL3:NTMZac;oGtAuc:sOXFj;qddgKe:xQtZb;wR5FRb:siKnQd;yxTchf:KUM7Z/m=Wt6vjf,hhhU8,FCpbqb,ws9Tlc,WhJNk IP 142.250.74.35 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-19 05:37:39 Last Seen2024-04-19 09:11:18 Times Seen8 Hash ab1564f0dc81e3cdd5ded3cc022d6364 821fe2a008e172df73c12e0a3d2eb6da3c4cb717 872b63440dfdc5f5b4b42cddd6aa1ce863efcd72d3816e927dcd3cd65c2b06c3 Loading...

	grab.nguonphimc.com/embed/vuong-quoc-cua-gio-f43859.html?api=nguonphimc.com&esp=533613&aesp=15c&user=P26301&tim=1713497824&key=rlennKOWVW9kamdkZ25qa2hlX1eoppujkp6XVXBhsA	7.4 kB	2024-04-19	2024-04-19
Pretty URL grab.nguonphimc.com/embed/vuong-quoc-cua-gio-f43859.html?api=nguonphimc.com&esp=533613&aesp=15c&user=P26301&tim=1713497824&key=rlennKOWVW9kamdkZ25qa2hlX1eoppujkp6XVXBhsA IP 94.242.50.163 ASN #43317 SIA VEESP Introduced by scriptElement Embedded in HTML true Observations First Seen2024-04-19 05:37:39 Last Seen2024-04-19 05:37:39 Times Seen1 Hash 4c96e3217fc138d3f7a792d2029936eb 157e35c79b29398cbfd0b66a5c5e47297ecaf994 81f542b9397dfa9795a172b1f459c85943fe42bf8ac34a8846af753d4728b524 Loading...

	nguonphimc.com/xem-phim/vuong-quoc-cua-gio-f43859-15c-e533613.html	445 B	2023-06-30	2024-05-02
Pretty URL nguonphimc.com/xem-phim/vuong-quoc-cua-gio-f43859-15c-e533613.html IP 94.242.50.163 ASN #43317 SIA VEESP Introduced by scriptElement Embedded in HTML true Observations First Seen2023-06-30 17:21:06 Last Seen2024-05-02 06:15:40 Times Seen42 Hash 97e094668f02b1c249e1b0fde6a93c38 0153a494a8ff263e8e544dccddccd8fb0cafb4d1 58c2bf516e86f70bfeade925e3cacc9dada2b41883b78e2b090f41074283eca2 Loading...

	nguonphimc.com/xem-phim/vuong-quoc-cua-gio-f43859-15c-e533613.html	2.6 kB	2023-03-14	2024-05-02
Pretty URL nguonphimc.com/xem-phim/vuong-quoc-cua-gio-f43859-15c-e533613.html IP 94.242.50.163 ASN #43317 SIA VEESP Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-14 11:01:34 Last Seen2024-05-02 06:15:40 Times Seen43 Hash 60161d8d86847ca8b04f5b01ee669a6c 717b4881183bf8cf5ce77404d34a269a4050aeb1 a24fd0045c4ab300e6a50db2183ef069a1381b411e5266655083d9181cd34eb4 Loading...

	www.gstatic.com/_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingAdwallUi.vi.pWvgqKnqE8Y.es5.O/ck=boq-content-ads-contributor.ContributorServingAdwallUi.payteTO1wl8.L.F4.O/am=gKEb/d=1/exm=BWd0oe,_b,_tp/excm=_b,_tp,allowadsview/ed=1/wt=2/ujg=1/rs=AJlcJMzSUfO5Mm9PUNsFdowDQWxkjdegOQ/ee=EmZ2Bf:zr1jrb;JsbNhc:Xd8iUd;LBgRLc:XVMNvd;NPKaK:PVlQOd;SNUn3:ZwDk9d;cEt90b:ws9Tlc;dIoSBb:SpsfSb;eBAeSb:zbML3c;iFQyKf:vfuNJf;nAFL3:NTMZac;oGtAuc:sOXFj;qddgKe:xQtZb;wR5FRb:siKnQd;yxTchf:KUM7Z/m=soHxf	28 kB	2024-04-19	2024-04-19
Pretty URL www.gstatic.com/_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingAdwallUi.vi.pWvgqKnqE8Y.es5.O/ck=boq-content-ads-contributor.ContributorServingAdwallUi.payteTO1wl8.L.F4.O/am=gKEb/d=1/exm=BWd0oe,_b,_tp/excm=_b,_tp,allowadsview/ed=1/wt=2/ujg=1/rs=AJlcJMzSUfO5Mm9PUNsFdowDQWxkjdegOQ/ee=EmZ2Bf:zr1jrb;JsbNhc:Xd8iUd;LBgRLc:XVMNvd;NPKaK:PVlQOd;SNUn3:ZwDk9d;cEt90b:ws9Tlc;dIoSBb:SpsfSb;eBAeSb:zbML3c;iFQyKf:vfuNJf;nAFL3:NTMZac;oGtAuc:sOXFj;qddgKe:xQtZb;wR5FRb:siKnQd;yxTchf:KUM7Z/m=soHxf IP 142.250.74.35 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-19 05:37:39 Last Seen2024-04-19 09:11:18 Times Seen8 Hash 0df69be878f840c3ece59615858c5009 65d903b30ab94d986ae198622811f39576d4da4c b51d740f6556a23458f1715f7183de04394c359a5d5645175c914c880a7e0a16 Loading...

	grab.nguonphimc.com/embed/vuong-quoc-cua-gio-f43859.html?api=nguonphimc.com&esp=533613&aesp=15c&user=P26301&tim=1713497824&key=rlennKOWVW9kamdkZ25qa2hlX1eoppujkp6XVXBhsA	1.4 kB	2024-04-19	2024-04-19
Pretty URL grab.nguonphimc.com/embed/vuong-quoc-cua-gio-f43859.html?api=nguonphimc.com&esp=533613&aesp=15c&user=P26301&tim=1713497824&key=rlennKOWVW9kamdkZ25qa2hlX1eoppujkp6XVXBhsA IP 94.242.50.163 ASN #43317 SIA VEESP Introduced by scriptElement Embedded in HTML true Observations First Seen2024-04-19 05:37:39 Last Seen2024-04-19 05:37:39 Times Seen1 Hash 79c7990d10b6510d786b5b46229d3a6f 4a3f354a1f705319c19b29ebe417b2a4a4260971 af66e727c7ce21987cc936afaee53e83399382492cd54e4cace275e42590cefa Loading...

	nguonphimc.com/xem-phim/vuong-quoc-cua-gio-f43859-15c-e533613.html	1.1 kB	2024-04-19	2024-04-19
Pretty URL nguonphimc.com/xem-phim/vuong-quoc-cua-gio-f43859-15c-e533613.html IP 94.242.50.163 ASN #43317 SIA VEESP Introduced by scriptElement Embedded in HTML true Observations First Seen2024-04-19 05:37:39 Last Seen2024-04-19 05:37:39 Times Seen1 Hash 6cfaa1199dcba0f07232351831fd8ad1 76a69229ee0842b21b7497f4f2b9c2a803a2d001 be200db48a209313591767ac41de02db2531516a6c80bf2fafcd70079f2e10c9 Loading...

	nguonphimc.com/xem-phim/vuong-quoc-cua-gio-f43859-15c-e533613.html	108 B	2023-03-14	2024-04-19
Pretty URL nguonphimc.com/xem-phim/vuong-quoc-cua-gio-f43859-15c-e533613.html IP 94.242.50.163 ASN #43317 SIA VEESP Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-14 11:01:34 Last Seen2024-04-19 09:11:17 Times Seen18 Hash ef4c27c58385253ae798af44cbb5862b f6559a264b17a4eba91ddc14f9d33b4f305b17cb adb9f89e22c9671868224ee9caed81bde3c6c6649e6177f61ad4fb9b68f8f28f Loading...

	fundingchoicesmessages.google.com/s/whitelist?hl=vi	4.7 kB	2024-04-17	2024-04-19
Pretty URL fundingchoicesmessages.google.com/s/whitelist?hl=vi IP 216.58.211.14 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML true Observations First Seen2024-04-17 18:30:32 Last Seen2024-04-19 09:11:16 Times Seen6 Hash b8734b517e0c21f3b7ee8b25c7f71799 ebb543ff3f88f5b11c4f63071e1b7bdde7d13e0c bb514805ac7374f8d19550629978abf314a052102c271fe3fbf95d5707276b6b Loading...

	fundingchoicesmessages.google.com/s/whitelist?hl=vi	628 B	2024-04-19	2024-04-19
Pretty URL fundingchoicesmessages.google.com/s/whitelist?hl=vi IP 216.58.211.14 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML true Observations First Seen2024-04-19 05:37:39 Last Seen2024-04-19 05:37:39 Times Seen1 Hash 7726116d1c06e53cd8d890b1306fc8c4 33ad6fc328f226207e5761fa316a00a0febd7607 f8805d777af22edae467a163b9240277bb2c1bad14e1ee18bec10b3ee8c2ba38 Loading...

	grab.nguonphimc.com/assets/b2993a05/jwplayer.js?ver=2.4.8.2	118 kB	2023-03-14	2024-04-19
Pretty URL grab.nguonphimc.com/assets/b2993a05/jwplayer.js?ver=2.4.8.2 IP 94.242.50.163 ASN #43317 SIA VEESP Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-14 11:01:34 Last Seen2024-04-19 09:11:18 Times Seen50 Hash 637800d55d2ac43cd3c4a864fac04661 bfb57b2bbe30a271e945e5d36027d69fb01b24cf 2aac7ee38577a71b8f0ec381c7836fc29274407517b9038e879fa762651dc5fc Loading...

	unknown	1.3 kB	2024-03-06	2024-05-02
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2024-03-06 18:44:11 Last Seen2024-05-02 06:15:30 Times Seen6 Hash fc2ff18a82b01ffcf94de510039fa783 adeda09302522cdc035a0d92cd3bac9420d2750e 24ef73d8ffcbbc1fa0ece174437ac0b367423cd934500f1c51b6d08360d935aa Loading...

	fundingchoicesmessages.google.com/s/whitelist?hl=vi	1.7 kB	2024-04-17	2024-04-19
Pretty URL fundingchoicesmessages.google.com/s/whitelist?hl=vi IP 216.58.211.14 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML true Observations First Seen2024-04-17 18:30:32 Last Seen2024-04-19 09:11:16 Times Seen6 Hash 9f2bb350cea97db55bd20506ba4bd6f9 90d68fc4b2976d8a50706bc018e9c4d8fa261c4e 558a8534505e07cba074ac0a47f3944380a2e18de99021df0686b587d42faa11 Loading...

	fundingchoicesmessages.google.com/s/whitelist?hl=vi	196 B	2024-04-19	2024-04-19
Pretty URL fundingchoicesmessages.google.com/s/whitelist?hl=vi IP 216.58.211.14 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML true Observations First Seen2024-04-19 05:37:40 Last Seen2024-04-19 09:11:16 Times Seen4 Hash 1140aae5d458b400b4cf46770d2132a3 9a536710af7204b80538ef4b017d5d4f96b3ddec 6bb8485b086fd28e7ca4122fce2b3fe1f6162023bbdc08df5149e573db324526 Loading...

	fundingchoicesmessages.google.com/s/whitelist?hl=vi	12 B	2023-03-07	2024-05-02
Pretty URL fundingchoicesmessages.google.com/s/whitelist?hl=vi IP 216.58.211.14 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 01:11:32 Last Seen2024-05-02 11:17:59 Times Seen30850 Hash e5b17204cd55d18a8a2a41824d9fec28 40e8060add70f00c034257f9d49a50dd799ba846 3d0c04a7592aa05499634991244c8d7cce5e5f8b7a414ef8b83d6442b6d52612 Loading...

	grab.nguonphimc.com/assets/3bd14e95/jquery.min.js	97 kB	2023-03-07	2024-05-02
Pretty URL grab.nguonphimc.com/assets/3bd14e95/jquery.min.js IP 94.242.50.163 ASN #43317 SIA VEESP Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:06:51 Last Seen2024-05-02 06:15:41 Times Seen2418 Hash 0fca26b5a37a66d68d0f4406976be4b5 ee000eb654b3bd37185665d3901e93b34ce1aa52 8c2812ded6436715279f8fd8db58de307aa39ab0296fe3cf0e879067c51e9b18 Loading...

	fundingchoicesmessages.google.com/s/whitelist?hl=vi	7.7 kB	2024-04-19	2024-05-02
Pretty URL fundingchoicesmessages.google.com/s/whitelist?hl=vi IP 216.58.211.14 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML true Observations First Seen2024-04-19 05:37:40 Last Seen2024-05-02 08:54:41 Times Seen228 Hash 6e979bb9754414e7aba5c3fd2b118b39 81f555750076dc3d05375ad3187415b75e75f320 5a4fb00c5c7fdac3ca14d9ecccd2c06b84b9b5d6286c9fb7eefd2076e1c49664 Loading...

	www.gstatic.com/_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingAdwallUi.vi.pWvgqKnqE8Y.es5.O/ck=boq-content-ads-contributor.ContributorServingAdwallUi.payteTO1wl8.L.F4.O/am=gKEb/d=1/exm=_b,_tp/excm=_b,_tp,allowadsview/ed=1/wt=2/ujg=1/rs=AJlcJMzSUfO5Mm9PUNsFdowDQWxkjdegOQ/ee=EmZ2Bf:zr1jrb;JsbNhc:Xd8iUd;LBgRLc:XVMNvd;NPKaK:PVlQOd;SNUn3:ZwDk9d;cEt90b:ws9Tlc;dIoSBb:SpsfSb;eBAeSb:zbML3c;iFQyKf:vfuNJf;nAFL3:NTMZac;oGtAuc:sOXFj;qddgKe:xQtZb;wR5FRb:siKnQd;yxTchf:KUM7Z/m=BWd0oe	43 kB	2024-04-19	2024-04-19
Pretty URL www.gstatic.com/_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingAdwallUi.vi.pWvgqKnqE8Y.es5.O/ck=boq-content-ads-contributor.ContributorServingAdwallUi.payteTO1wl8.L.F4.O/am=gKEb/d=1/exm=_b,_tp/excm=_b,_tp,allowadsview/ed=1/wt=2/ujg=1/rs=AJlcJMzSUfO5Mm9PUNsFdowDQWxkjdegOQ/ee=EmZ2Bf:zr1jrb;JsbNhc:Xd8iUd;LBgRLc:XVMNvd;NPKaK:PVlQOd;SNUn3:ZwDk9d;cEt90b:ws9Tlc;dIoSBb:SpsfSb;eBAeSb:zbML3c;iFQyKf:vfuNJf;nAFL3:NTMZac;oGtAuc:sOXFj;qddgKe:xQtZb;wR5FRb:siKnQd;yxTchf:KUM7Z/m=BWd0oe IP 142.250.74.35 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-19 05:37:40 Last Seen2024-04-19 09:11:18 Times Seen8 Hash 124ba95b2ec12aff22f988c42b14d353 e506202fff14601dba2b44d807b1319968bb3216 50aff2092ce10805752997b823e0bb7490112ff66b9f2d00eaa8b6cada98a873 Loading...

	www.gstatic.com/_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingAdwallUi.vi.pWvgqKnqE8Y.es5.O/ck=boq-content-ads-contributor.ContributorServingAdwallUi.payteTO1wl8.L.F4.O/am=gKEb/d=1/exm=BWd0oe,FCpbqb,WhJNk,Wt6vjf,_b,_tp,hhhU8,soHxf,ws9Tlc/excm=_b,_tp,allowadsview/ed=1/wt=2/ujg=1/rs=AJlcJMzSUfO5Mm9PUNsFdowDQWxkjdegOQ/ee=EmZ2Bf:zr1jrb;JsbNhc:Xd8iUd;LBgRLc:XVMNvd;NPKaK:PVlQOd;SNUn3:ZwDk9d;cEt90b:ws9Tlc;dIoSBb:SpsfSb;eBAeSb:zbML3c;iFQyKf:vfuNJf;nAFL3:NTMZac;oGtAuc:sOXFj;qddgKe:xQtZb;wR5FRb:siKnQd;yxTchf:KUM7Z/m=byfTOb,lsjVmc,LEikZe,lwddkf,EFQ78c	34 kB	2024-04-19	2024-04-19
Pretty URL www.gstatic.com/_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingAdwallUi.vi.pWvgqKnqE8Y.es5.O/ck=boq-content-ads-contributor.ContributorServingAdwallUi.payteTO1wl8.L.F4.O/am=gKEb/d=1/exm=BWd0oe,FCpbqb,WhJNk,Wt6vjf,_b,_tp,hhhU8,soHxf,ws9Tlc/excm=_b,_tp,allowadsview/ed=1/wt=2/ujg=1/rs=AJlcJMzSUfO5Mm9PUNsFdowDQWxkjdegOQ/ee=EmZ2Bf:zr1jrb;JsbNhc:Xd8iUd;LBgRLc:XVMNvd;NPKaK:PVlQOd;SNUn3:ZwDk9d;cEt90b:ws9Tlc;dIoSBb:SpsfSb;eBAeSb:zbML3c;iFQyKf:vfuNJf;nAFL3:NTMZac;oGtAuc:sOXFj;qddgKe:xQtZb;wR5FRb:siKnQd;yxTchf:KUM7Z/m=byfTOb,lsjVmc,LEikZe,lwddkf,EFQ78c IP 142.250.74.35 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-19 05:37:40 Last Seen2024-04-19 09:11:18 Times Seen8 Hash ab199b9dc5faf341e688a4c9196b0874 fdf2ccb808e05f2789ced334d3d18e13ec59d71c 454a7e35fa7a6c0a52d616009ce1964375308a1b839a87095780df64b70c4e0e Loading...

	nguonphimc.com/xem-phim/vuong-quoc-cua-gio-f43859-15c-e533613.html	14 kB	2024-04-19	2024-04-19
Pretty URL nguonphimc.com/xem-phim/vuong-quoc-cua-gio-f43859-15c-e533613.html IP 94.242.50.163 ASN #43317 SIA VEESP Introduced by scriptElement Embedded in HTML true Observations First Seen2024-04-19 05:37:40 Last Seen2024-04-19 05:37:40 Times Seen1 Hash 227319ef8b734717cd20ac04242121e0 ed0c273c00ab72de8f098f073b2617bbd43b4b0b 12898975cf4e8dd8a558b457d3e7397ef7d708d7a5a15d3de68c6a8086c12fea Loading...

	nguonphimc.com/xem-phim/vuong-quoc-cua-gio-f43859-15c-e533613.html	3.9 kB	2024-04-19	2024-04-19
Pretty URL nguonphimc.com/xem-phim/vuong-quoc-cua-gio-f43859-15c-e533613.html IP 94.242.50.163 ASN #43317 SIA VEESP Introduced by scriptElement Embedded in HTML true Observations First Seen2024-04-19 05:37:40 Last Seen2024-04-19 05:37:55 Times Seen2 Hash f11094b58cdf45fe35383b5991b931f0 ca812f406cae15fd5eb4e1dee95f62164d1903de cecbe8f80e91cc36e7caf559d6636fc8ab2ff8a4800d076b4d7c423f398f9c00 Loading...

	nguonphimc.com/xem-phim/vuong-quoc-cua-gio-f43859-15c-e533613.html	386 B	2024-04-19	2024-04-19
Pretty URL nguonphimc.com/xem-phim/vuong-quoc-cua-gio-f43859-15c-e533613.html IP 94.242.50.163 ASN #43317 SIA VEESP Introduced by scriptElement Embedded in HTML true Observations First Seen2024-04-19 05:37:40 Last Seen2024-04-19 05:37:55 Times Seen2 Hash 3c21f02b073fb8ebfdb18a345f659014 7a2b0e3160a3f01ef6bae9234b6b59e630e68b93 f28beaefef90bfdddfedb3914616bd10366c2d411c87297cc35b9d9fc9026c3e Loading...

	nguonphimc.com/themes/np/js/jquery.nice-select.js	6.0 kB	2023-03-07	2024-05-02
Pretty URL nguonphimc.com/themes/np/js/jquery.nice-select.js IP 94.242.50.163 ASN #43317 SIA VEESP Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:02:53 Last Seen2024-05-02 06:15:41 Times Seen93 Hash 723e741faba72abfb0e56b6e0f8a73d8 ba71788614e8e11dbeeebdcac9037b57e7a69ce4 39f6514264e1603542b6aa38ba44c3be0aa7bbdef56ed139d74fe75e24e642fa Loading...

	fundingchoicesmessages.google.com/s/whitelist?hl=vi	130 B	2023-03-07	2024-05-02
Pretty URL fundingchoicesmessages.google.com/s/whitelist?hl=vi IP 216.58.211.14 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 01:11:32 Last Seen2024-05-02 11:17:59 Times Seen30862 Hash b90579d967def1905d8e58bde1d6baa6 d90906655ce68eb39abb59c16153675683d53d5c f984f4834618294a8c88f19ce3af90459eb4eef60144b2b9cb6a79d12a4621d5 Loading...

	nguonphimc.com/themes/np/js/owl.carousel.min.js	24 kB	2023-03-07	2024-05-02
Pretty URL nguonphimc.com/themes/np/js/owl.carousel.min.js IP 94.242.50.163 ASN #43317 SIA VEESP Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:24 Last Seen2024-05-02 06:15:41 Times Seen1232 Hash 8c52f27fcac36c7667f8fb846e1e94d5 e5862559db659ffd530c91452d668c5e7b3f0f2d 6c1e31700f68d1666de6b0992e89d413434707718bf729a472404029845bdbad Loading...

	nguonphimc.com/themes/np/js/jquery.showmore.src.js	1.0 kB	2023-03-13	2024-05-02
Pretty URL nguonphimc.com/themes/np/js/jquery.showmore.src.js IP 94.242.50.163 ASN #43317 SIA VEESP Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 02:25:00 Last Seen2024-05-02 06:15:41 Times Seen126 Hash f67d16dc855157012280d1b8d2d0ac55 4eaa66120111bb8cb4c21884c647bf609ef3a7a5 89a7b91f92a0583bcfabc3dc0347bfb78822ebe75d229fb766ae2fdc6e7e0d28 Loading...

	fundingchoicesmessages.google.com/s/whitelist?hl=vi	63 B	2023-03-07	2024-05-02
Pretty URL fundingchoicesmessages.google.com/s/whitelist?hl=vi IP 216.58.211.14 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 01:11:32 Last Seen2024-05-02 11:17:59 Times Seen30882 Hash 3ca9fc059879b598f3d6d3003cf130b3 d641a68a8bccf23c0fe85576609870d5f36cdd9d 3d2b5964246a6a054c9fb0a3a79e72b47de369280fd18b7e5e0bb42a441bb38b Loading...

	nguonphimc.com/xem-phim/vuong-quoc-cua-gio-f43859-15c-e533613.html	186 B	2023-03-14	2024-05-02
Pretty URL nguonphimc.com/xem-phim/vuong-quoc-cua-gio-f43859-15c-e533613.html IP 94.242.50.163 ASN #43317 SIA VEESP Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-14 11:01:34 Last Seen2024-05-02 06:15:41 Times Seen36 Hash b993e8a9b04faef49d09b434bd17084a 39a8f48a89f2e25c64f943ccbd07569554ee9c35 6f0325f63b0088d5d2b0077b848f4ad68412653d986d7bd5ffb5691ac86bf2c8 Loading...

	unknown	31 B	2023-06-30	2024-05-02
Pretty Introduced by eventHandler Embedded in HTML false Observations First Seen2023-06-30 17:21:06 Last Seen2024-05-02 06:15:40 Times Seen42 Hash 99435bde41f63f11e10faa33493d957c 8d71886c3801548743aadd0e77022831e1865834 ff338bca90a388441fe03cb825c6350d33321f0bafa5847c8e38aca7375b77ed Loading...

	fundingchoicesmessages.google.com/s/whitelist?hl=vi	385 B	2023-03-07	2024-05-02
Pretty URL fundingchoicesmessages.google.com/s/whitelist?hl=vi IP 216.58.211.14 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 01:11:47 Last Seen2024-05-02 07:24:25 Times Seen1665 Hash d70da2b55da6721581b04b6b63604be9 bca4ba9a46bccdc4162ceea59b235d0c1286d78c 39b9038770f5b35231bfa67043b09532ca8ad8c9d0334d17cb6f492f8110192f Loading...

	www.gstatic.com/_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingAdwallUi.vi.pWvgqKnqE8Y.es5.O/ck=boq-content-ads-contributor.ContributorServingAdwallUi.payteTO1wl8.L.F4.O/am=gKEb/d=1/exm=BWd0oe,EFQ78c,FCpbqb,LEikZe,WhJNk,Wt6vjf,_b,_tp,byfTOb,hhhU8,lsjVmc,lwddkf,soHxf,ws9Tlc/excm=_b,_tp,allowadsview/ed=1/wt=2/ujg=1/rs=AJlcJMzSUfO5Mm9PUNsFdowDQWxkjdegOQ/ee=EmZ2Bf:zr1jrb;JsbNhc:Xd8iUd;LBgRLc:XVMNvd;NPKaK:PVlQOd;SNUn3:ZwDk9d;cEt90b:ws9Tlc;dIoSBb:SpsfSb;eBAeSb:zbML3c;iFQyKf:vfuNJf;nAFL3:NTMZac;oGtAuc:sOXFj;qddgKe:xQtZb;wR5FRb:siKnQd;yxTchf:KUM7Z/m=RqjULd	32 kB	2024-04-19	2024-04-19
Pretty URL www.gstatic.com/_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingAdwallUi.vi.pWvgqKnqE8Y.es5.O/ck=boq-content-ads-contributor.ContributorServingAdwallUi.payteTO1wl8.L.F4.O/am=gKEb/d=1/exm=BWd0oe,EFQ78c,FCpbqb,LEikZe,WhJNk,Wt6vjf,_b,_tp,byfTOb,hhhU8,lsjVmc,lwddkf,soHxf,ws9Tlc/excm=_b,_tp,allowadsview/ed=1/wt=2/ujg=1/rs=AJlcJMzSUfO5Mm9PUNsFdowDQWxkjdegOQ/ee=EmZ2Bf:zr1jrb;JsbNhc:Xd8iUd;LBgRLc:XVMNvd;NPKaK:PVlQOd;SNUn3:ZwDk9d;cEt90b:ws9Tlc;dIoSBb:SpsfSb;eBAeSb:zbML3c;iFQyKf:vfuNJf;nAFL3:NTMZac;oGtAuc:sOXFj;qddgKe:xQtZb;wR5FRb:siKnQd;yxTchf:KUM7Z/m=RqjULd IP 142.250.74.35 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-19 05:37:40 Last Seen2024-04-19 09:11:18 Times Seen8 Hash f5c7fc324e43f85696f2873b1fe2a8d4 7d90bee3a4626a8766fad6ba57e8a065b9c5d19f 5485453d1c290f9728e0756544aea1360eaf9a5b5555d1017b69d213d3d82455 Loading...

	nguonphimc.com/xem-phim/vuong-quoc-cua-gio-f43859-15c-e533613.html	1.4 kB	2023-03-14	2024-04-19
Pretty URL nguonphimc.com/xem-phim/vuong-quoc-cua-gio-f43859-15c-e533613.html IP 94.242.50.163 ASN #43317 SIA VEESP Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-14 11:01:34 Last Seen2024-04-19 09:11:17 Times Seen18 Hash 1c3e03095d8c95ed26cf5e4bcd9863fe c5e9386b9cf38ebb79e8d7ed08f85f3191e677b2 45cbb48de82182a524d260af8a685982b9d7ba3e66e3da0a91751b165c492f7f Loading...

	fundingchoicesmessages.google.com/s/whitelist?hl=vi	85 B	2024-04-17	2024-04-19
Pretty URL fundingchoicesmessages.google.com/s/whitelist?hl=vi IP 216.58.211.14 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML true Observations First Seen2024-04-17 18:30:33 Last Seen2024-04-19 09:11:17 Times Seen6 Hash ed37053600f628da0aeae82d689486e8 c6f8ba9167804abaffed41b0c764bd45e2ca3e3e 7fb03ab342b1c5bda1877633d6acf1c1f3957ecab1468a8c9b1aaa24ac82b1d4 Loading...

	www.gstatic.com/_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingAdwallUi.vi.pWvgqKnqE8Y.es5.O/am=gKEb/d=1/excm=_b,_tp,allowadsview/ed=1/dg=0/wt=2/ujg=1/rs=AJlcJMyk_vGx5h43VSCi6ky069QGFQvtIA/m=_b,_tp	158 kB	2024-04-19	2024-04-19
Pretty URL www.gstatic.com/_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingAdwallUi.vi.pWvgqKnqE8Y.es5.O/am=gKEb/d=1/excm=_b,_tp,allowadsview/ed=1/dg=0/wt=2/ujg=1/rs=AJlcJMyk_vGx5h43VSCi6ky069QGFQvtIA/m=_b,_tp IP 142.250.74.35 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-19 05:37:40 Last Seen2024-04-19 09:11:18 Times Seen8 Hash 65e864be75ee444565658d67774b0c54 7f0f29fd4bb9ca93150b786e4f48f5c2f8bca773 db02c8b4797a18ccbe137c9fc2de340c332ff76454cfd1aaa1e8545766b8ba8f Loading...

	nguonphimc.com/xem-phim/vuong-quoc-cua-gio-f43859-15c-e533613.html	1.2 kB	2023-03-14	2024-05-02
Pretty URL nguonphimc.com/xem-phim/vuong-quoc-cua-gio-f43859-15c-e533613.html IP 94.242.50.163 ASN #43317 SIA VEESP Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-14 11:01:34 Last Seen2024-05-02 06:15:41 Times Seen43 Hash 9b84178904087e9ecab356dd1d22e7ac 7d8f1e77acc4c28b9c0302d86705315d0970ad5f 6dc11177a43f6eb08ce1e1076f1407df69952991908cfe350a82e5b0abbc6566 Loading...

	grab.nguonphimc.com/embed/vuong-quoc-cua-gio-f43859.html?api=nguonphimc.com&esp=533613&aesp=15c&user=P26301&tim=1713497824&key=rlennKOWVW9kamdkZ25qa2hlX1eoppujkp6XVXBhsA	496 B	2023-11-22	2024-04-19
Pretty URL grab.nguonphimc.com/embed/vuong-quoc-cua-gio-f43859.html?api=nguonphimc.com&esp=533613&aesp=15c&user=P26301&tim=1713497824&key=rlennKOWVW9kamdkZ25qa2hlX1eoppujkp6XVXBhsA IP 94.242.50.163 ASN #43317 SIA VEESP Introduced by scriptElement Embedded in HTML true Observations First Seen2023-11-22 12:39:14 Last Seen2024-04-19 05:37:55 Times Seen4 Hash 7b48626b781340089403c8645ef80eee 6a76caf30c4eb2c6ecccac56c4b995a395919ff4 fe430a84521ebc65c8999dd7a1f75cf15943502f8b954bf45d13260c2682dfeb Loading...

	cdn.creative-bars1.com/sb/ssp/vpn/classic-push/small/js/jquery.min.js	84 kB	2023-03-07	2024-05-02
Pretty URL cdn.creative-bars1.com/sb/ssp/vpn/classic-push/small/js/jquery.min.js IP 188.114.96.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:06 Last Seen2024-05-02 08:49:26 Times Seen15865 Hash 4a356126b9573eb7bd1e9a7494737410 8258d046f17dd3c15a5d3984e1868b7b5d1db329 22642f202577f0ba2f22cbe56b6cf291a09374487567cd3563e0d2a29f75c0c5 Loading...

	fundingchoicesmessages.google.com/s/whitelist?hl=vi	876 B	2023-05-11	2024-05-02
Pretty URL fundingchoicesmessages.google.com/s/whitelist?hl=vi IP 216.58.211.14 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML true Observations First Seen2023-05-11 05:51:04 Last Seen2024-05-02 11:17:59 Times Seen26172 Hash 3227d3cdc863d0e058f79933c5b34799 b465a593763faa55e68abcf0a3e068488ec78d50 f733b93028bfc7b45cb291649513f6f68967cae34c25eb8a608a4b013b0f39cd Loading...

	fundingchoicesmessages.google.com/s/whitelist?hl=vi	1.2 kB	2024-04-19	2024-04-19
Pretty URL fundingchoicesmessages.google.com/s/whitelist?hl=vi IP 216.58.211.14 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML true Observations First Seen2024-04-19 05:37:40 Last Seen2024-04-19 05:37:40 Times Seen1 Hash d5ca68594614b45716bcb6174e40560a 9a1260549b35c77069633489162e9d4ab5cf8530 f9f388257531d4ee584243c4b40dc4d2c4619ab371e8688d492face54494f766 Loading...

	nguonphimc.com/themes/np/js/jquery.magnific-popup.min.js	20 kB	2023-03-07	2024-05-02
Pretty URL nguonphimc.com/themes/np/js/jquery.magnific-popup.min.js IP 94.242.50.163 ASN #43317 SIA VEESP Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:21 Last Seen2024-05-02 06:15:41 Times Seen5917 Hash b37d7edf99565d3858eaa1ad80df3cff 786a4343711e9af5e5dfcc493e7d2331b48875bb b0a45cd5aed66e27bd8ee861d0e3b782c8e79849bde32f90f078b9f2451a36f2 Loading...

	nguonphimc.com/xem-phim/vuong-quoc-cua-gio-f43859-15c-e533613.html	3.9 kB	2024-02-18	2024-05-02
Pretty URL nguonphimc.com/xem-phim/vuong-quoc-cua-gio-f43859-15c-e533613.html IP 94.242.50.163 ASN #43317 SIA VEESP Introduced by scriptElement Embedded in HTML true Observations First Seen2024-02-18 22:54:32 Last Seen2024-05-02 06:15:41 Times Seen34 Hash 972805b1a38054d9b5ccdb8e70028090 4710bc93ff6f4bcd3a154425aba307648efacdda 8ed077247980a4e781cdc45b2dbdea9875cabadd19eb48ef55d98708eb601401 Loading...

	fundingchoicesmessages.google.com/s/whitelist?hl=vi	84 B	2023-03-07	2024-05-02
Pretty URL fundingchoicesmessages.google.com/s/whitelist?hl=vi IP 216.58.211.14 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 01:11:32 Last Seen2024-05-02 11:17:59 Times Seen30919 Hash 50371200cd5f1f923ab39ef2ef84f798 5a3bbc0639a7a75c53fc1ce7a8c7a0433f6b3285 6f32e65215e120986a7ab3e61b08961abcf448f7d1986d12f94dbab7ac2ccadc Loading...

	connect.facebook.net/vi_VN/sdk.js#xfbml=1&version=v4.0&appId=638726026897009	17 kB	2023-05-05	2024-05-02
Pretty URL connect.facebook.net/vi_VN/sdk.js#xfbml=1&version=v4.0&appId=638726026897009 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-05-05 22:33:37 Last Seen2024-05-02 12:16:37 Times Seen44806 Hash b938e0b835c600209bdaae9d8ccda6d7 d5ee79d277057e05f002a18381722b5eb75d3883 d1b95aeb57c3285042e1e24c00cc56a8560d16daf7ee5cdfd5c75296b21ac91b Loading...

	nguonphimc.com/xem-phim/vuong-quoc-cua-gio-f43859-15c-e533613.html	9.4 kB	2023-03-14	2024-05-02
Pretty URL nguonphimc.com/xem-phim/vuong-quoc-cua-gio-f43859-15c-e533613.html IP 94.242.50.163 ASN #43317 SIA VEESP Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-14 11:01:34 Last Seen2024-05-02 06:15:41 Times Seen43 Hash 1fbb5a1c0db77beb2e5697fa2e4f2ba9 d50e55939259b9a1e60ba06e8aa6dbcbbe9b4f0b 20b7d396ca4d7747326ac67a5c06f5ca1b6391f794e8125b3583040e61c5c105 Loading...

	nguonphimc.com/xem-phim/vuong-quoc-cua-gio-f43859-15c-e533613.html	763 B	2024-04-17	2024-04-19
Pretty URL nguonphimc.com/xem-phim/vuong-quoc-cua-gio-f43859-15c-e533613.html IP 94.242.50.163 ASN #43317 SIA VEESP Introduced by scriptElement Embedded in HTML true Observations First Seen2024-04-17 18:30:33 Last Seen2024-04-19 09:11:17 Times Seen6 Hash b2a5ff24ca01fa6fb1ddb4e4a609bc8c 2c622544bacf04bfdd7d1e08d8a30c38003b7460 f4c551ffb4f2bb6f9344ba319cf6694141bd6cae2ac92c5308d6221208372932 Loading...

	fundingchoicesmessages.google.com/s/whitelist?hl=vi	105 B	2023-03-07	2024-05-02
Pretty URL fundingchoicesmessages.google.com/s/whitelist?hl=vi IP 216.58.211.14 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 01:11:32 Last Seen2024-05-02 11:18:00 Times Seen30818 Hash b47393a011801ae3c2e20bffd05ff81e 3e12884bf79d0b71a980f852b7577324b505dce4 bd5de7d4323c02ad258b93b291b368aa5a2dfb49f8ff1add3deca73fe6ad76a3 Loading...

	downstairsnegotiatebarren.com/sfp.js	86 kB	2024-03-29	2024-05-02
Pretty URL downstairsnegotiatebarren.com/sfp.js IP 104.21.35.227 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-03-29 13:13:34 Last Seen2024-05-02 12:13:20 Times Seen1642 Hash f4a2f8f9f99541c6f105bbd0a025bd40 1f8e3eff12168fdd9e719adfc098d24a45b6916a b717cb04231a10d425fd55b73c85a5407119c6826a8bac94142fddfff6958716 Loading...

		Size	First Seen	Last Seen
	#1 Eval - 0da0558601527d33e8fb254ab42e537b	278 B	2024-04-19	2024-04-19
Pretty Observations First Seen2024-04-19 05:37:40 Last Seen2024-04-19 05:37:56 Times Seen2 Hash 0da0558601527d33e8fb254ab42e537b 0257d003df01e0fded503ddde3ca758aaa8c999b b5cf0b1ccbfb67b7f4425ff6f33e6dc25e3e302d4744035c1538fb1f1e94ad16 Loading...

HTTP Transactions (111)

URL IP Response Size

nguonphimb.com/site/site/embed/?url=http://nguonphimb.com/xem-phim/vuong-quoc-cua-gio-f43859-15c-e533613.html

94.242.50.163

0 B

URL
nguonphimb.com/site/site/embed/?url=http://nguonphimb.com/xem-phim/vuong-quoc-cua-gio-f43859-15c-e533613.html
IP
94.242.50.163:0
ASN
#43317 SIA VEESP

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /site/site/embed/?url=http://nguonphimb.com/xem-phim/vuong-quoc-cua-gio-f43859-15c-e533613.html HTTP/1.1
Host: nguonphimb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 301 Moved Permanently
Date: Fri, 19 Apr 2024 03:37:01 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.0.33
X-Powered-By: PHP/7.0.33
Set-Cookie: PHPSESSID=kjska0q17fqactnmh03nr68704; path=/
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Location: http://nguonphimb.com/site/site/embed/?url=http://nguonphimb.com/xem-phim/vuong-quoc-cua-gio-f43859-15c-e533613.html
X-UA-Compatible: IE=edge,chrome=1
Content-Length: 0
Connection: close
Content-Type: text/html; charset=UTF-8

nguonphimb.com/site/site/embed/?url=http://nguonphimb.com/xem-phim/vuong-quoc-cua-gio-f43859-15c-e533613.html

94.242.50.163

0 B

URL
nguonphimb.com/site/site/embed/?url=http://nguonphimb.com/xem-phim/vuong-quoc-cua-gio-f43859-15c-e533613.html
IP
94.242.50.163:0
ASN
#43317 SIA VEESP

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /site/site/embed/?url=http://nguonphimb.com/xem-phim/vuong-quoc-cua-gio-f43859-15c-e533613.html HTTP/1.1
Host: nguonphimb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Cookie: PHPSESSID=kjska0q17fqactnmh03nr68704
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 301 Moved Permanently
Date: Fri, 19 Apr 2024 03:37:02 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.0.33
X-Powered-By: PHP/7.0.33
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Location: http://nguonphimc.com/site/site/embed/?url=http://nguonphimb.com/xem-phim/vuong-quoc-cua-gio-f43859-15c-e533613.html
X-UA-Compatible: IE=edge,chrome=1
Content-Length: 0
Connection: close
Content-Type: text/html; charset=UTF-8

nguonphimc.com/site/site/embed/?url=http://nguonphimb.com/xem-phim/vuong-quoc-cua-gio-f43859-15c-e533613.html

94.242.50.163

732 B

URL
nguonphimc.com/site/site/embed/?url=http://nguonphimb.com/xem-phim/vuong-quoc-cua-gio-f43859-15c-e533613.html
IP
94.242.50.163:0
ASN
#43317 SIA VEESP

File type
HTML document, Unicode text, UTF-8 text, with CRLF, LF line terminators
Size
732 B (732 bytes)
Hash
275bb0c447eefe25e5b8309201df47a2
59c3bbe244d40eed0b315b0a0c6547039635deeb
ae07b8a1d3ab3b03b83fe2af8271fdbb6a0f437fea0503c52eb554280cb16f42

HTTP Headers

GET /site/site/embed/?url=http://nguonphimb.com/xem-phim/vuong-quoc-cua-gio-f43859-15c-e533613.html HTTP/1.1
Host: nguonphimc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 19 Apr 2024 03:37:02 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.0.33
X-Powered-By: PHP/7.0.33
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Set-Cookie: PHPSESSID=tfm9q3gva53gm9vg6jg8f5vff5; path=/
us_session_id=P26301; expires=Sat, 20-Apr-2024 03:37:02 GMT; Max-Age=86400; path=/
Vary: Accept-Encoding
Content-Encoding: gzip
X-UA-Compatible: IE=edge,chrome=1
Content-Length: 732
Connection: close
Content-Type: text/html; charset=UTF-8

nguonphimc.com/assets/3bd14e95/jquery.min.js

94.242.50.163

200 OK

34 kB

URL GET HTTP/1.1
nguonphimc.com/assets/3bd14e95/jquery.min.js
IP
94.242.50.163:80
ASN
#43317 SIA VEESP

Requested by
http://nguonphimc.com/xem-phim/vuong-quoc-cua-gio-f43859-15c-e533613.html

File type
JavaScript source, ASCII text, with very long lines (32077)
Size
34 kB (33693 bytes)
Hash
0fca26b5a37a66d68d0f4406976be4b5
ee000eb654b3bd37185665d3901e93b34ce1aa52
8c2812ded6436715279f8fd8db58de307aa39ab0296fe3cf0e879067c51e9b18

HTTP Headers

GET /assets/3bd14e95/jquery.min.js HTTP/1.1
Host: nguonphimc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://nguonphimc.com/site/site/embed/?url=http://nguonphimb.com/xem-phim/vuong-quoc-cua-gio-f43859-15c-e533613.html
Cookie: PHPSESSID=tfm9q3gva53gm9vg6jg8f5vff5; us_session_id=P26301
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 19 Apr 2024 03:37:02 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.0.33
Last-Modified: Wed, 30 Nov 2022 09:07:34 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: max-age=31536000, proxy-revalidate
Expires: Sat, 19 Apr 2025 03:37:02 GMT
Content-Length: 33693
Connection: close
Content-Type: application/javascript; charset=utf-8

m3.nguonphim.net/media/images/1/favi/favicon-1498701606.png

94.242.50.163

200 OK

18 kB

URL GET HTTP/1.1
m3.nguonphim.net/media/images/1/favi/favicon-1498701606.png
IP
94.242.50.163:80
ASN
#43317 SIA VEESP

Requested by
http://nguonphimc.com/xem-phim/vuong-quoc-cua-gio-f43859-15c-e533613.html

File type
PNG image data, 46 x 48, 8-bit/color RGBA, non-interlaced
Size
18 kB (17873 bytes)
Hash
e6f4a93efe2d93e885abcbb4cc09cd4a
e4f94b9e95b40e30b215228316bb7f8c48d08ed2
93b7bbea433aa41f6efb860d3d9777d363f9e64fc1ad4186cd9ef525bbee9c94

HTTP Headers

GET /media/images/1/favi/favicon-1498701606.png HTTP/1.1
Host: m3.nguonphim.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://nguonphimc.com/
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 19 Apr 2024 03:37:02 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.0.33
Last-Modified: Wed, 05 Jul 2017 04:14:59 GMT
ETag: "45d1-5538a3e52eb40"
Accept-Ranges: bytes
Content-Length: 17873
Cache-Control: max-age=5184000, public
Expires: Tue, 18 Jun 2024 03:37:02 GMT
Access-Control-Allow-Origin: *
Connection: close
Content-Type: image/png

nguonphimb.com/xem-phim/vuong-quoc-cua-gio-f43859-15c-e533613.html

94.242.50.163

301 Moved Permanently

0 B

URL User Request GET HTTP/1.1
nguonphimb.com/xem-phim/vuong-quoc-cua-gio-f43859-15c-e533613.html
IP
94.242.50.163:443
ASN
#43317 SIA VEESP

Certificate
IssuerLet's Encrypt
Subjectnguonphimb.com
FingerprintD9:F9:6D:82:7E:A7:A1:8A:D2:1B:76:5D:02:EA:BC:09:D5:71:F2:51
ValidityFri, 29 Mar 2024 10:13:08 GMT - Thu, 27 Jun 2024 10:13:07 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /xem-phim/vuong-quoc-cua-gio-f43859-15c-e533613.html HTTP/1.1
Host: nguonphimb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://nguonphimc.com/
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Cookie: PHPSESSID=kjska0q17fqactnmh03nr68704
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 301 Moved Permanently
Date: Fri, 19 Apr 2024 03:37:03 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.0.33
X-Powered-By: PHP/7.0.33
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Location: http://nguonphimb.com/xem-phim/vuong-quoc-cua-gio-f43859-15c-e533613.html
X-UA-Compatible: IE=edge,chrome=1
Content-Length: 0
Connection: close
Content-Type: text/html; charset=UTF-8

nguonphimb.com/xem-phim/vuong-quoc-cua-gio-f43859-15c-e533613.html

94.242.50.163

301 Moved Permanently

0 B

URL User Request GET HTTP/1.1
nguonphimb.com/xem-phim/vuong-quoc-cua-gio-f43859-15c-e533613.html
IP
94.242.50.163:443
ASN
#43317 SIA VEESP

Certificate
IssuerLet's Encrypt
Subjectnguonphimb.com
FingerprintD9:F9:6D:82:7E:A7:A1:8A:D2:1B:76:5D:02:EA:BC:09:D5:71:F2:51
ValidityFri, 29 Mar 2024 10:13:08 GMT - Thu, 27 Jun 2024 10:13:07 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /xem-phim/vuong-quoc-cua-gio-f43859-15c-e533613.html HTTP/1.1
Host: nguonphimb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://nguonphimc.com/
DNT: 1
Connection: keep-alive
Cookie: PHPSESSID=kjska0q17fqactnmh03nr68704
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 301 Moved Permanently
Date: Fri, 19 Apr 2024 03:37:03 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.0.33
X-Powered-By: PHP/7.0.33
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Location: http://nguonphimc.com/xem-phim/vuong-quoc-cua-gio-f43859-15c-e533613.html
X-UA-Compatible: IE=edge,chrome=1
Content-Length: 0
Connection: close
Content-Type: text/html; charset=UTF-8

nguonphimc.com/xem-phim/vuong-quoc-cua-gio-f43859-15c-e533613.html

94.242.50.163

200 OK

20 kB

URL User Request GET HTTP/1.1
nguonphimc.com/xem-phim/vuong-quoc-cua-gio-f43859-15c-e533613.html
IP
94.242.50.163:80
ASN
#43317 SIA VEESP

File type
HTML document, Unicode text, UTF-8 text, with very long lines (602), with CRLF, LF line terminators
Size
20 kB (19535 bytes)
Hash
ac7df7ff537ae6785a8bac57ff5e6c53
c97793124e750afe16a23751af4f89ed6179df64
bcbf204bf6c9010c812b2e6d4beb11159315422b3fdba949ca2ff72d1365601e

HTTP Headers

GET /xem-phim/vuong-quoc-cua-gio-f43859-15c-e533613.html HTTP/1.1
Host: nguonphimc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://nguonphimc.com/
DNT: 1
Connection: keep-alive
Cookie: PHPSESSID=tfm9q3gva53gm9vg6jg8f5vff5; us_session_id=P26301
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 19 Apr 2024 03:37:03 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.0.33
X-Powered-By: PHP/7.0.33
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: Accept-Encoding
Content-Encoding: gzip
X-UA-Compatible: IE=edge,chrome=1
Content-Length: 19535
Connection: close
Content-Type: text/html; charset=UTF-8

nguonphimc.com/themes/np/js/bootstrap.min.js

94.242.50.163

200 OK

9.7 kB

URL GET HTTP/1.1
nguonphimc.com/themes/np/js/bootstrap.min.js
IP
94.242.50.163:80
ASN
#43317 SIA VEESP

Requested by
http://nguonphimc.com/xem-phim/vuong-quoc-cua-gio-f43859-15c-e533613.html

File type
JavaScript source, ASCII text, with very long lines (32034), with CRLF line terminators
Size
9.7 kB (9726 bytes)
Hash
e7d9a06cf9053c51cd4ad3386da0659a
e45bf1054704a1fdfc4ee2713a16bf9283dea995
9a3724b2051a82064c923cbd68343dcb04014adac3ccb8c4d8ac6a31ba2e12cd

HTTP Headers

GET /themes/np/js/bootstrap.min.js HTTP/1.1
Host: nguonphimc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://nguonphimc.com/xem-phim/vuong-quoc-cua-gio-f43859-15c-e533613.html
Cookie: PHPSESSID=tfm9q3gva53gm9vg6jg8f5vff5; us_session_id=P26301
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 19 Apr 2024 03:37:03 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.0.33
Last-Modified: Fri, 19 Jan 2018 09:15:02 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: max-age=31536000, proxy-revalidate
Expires: Sat, 19 Apr 2025 03:37:03 GMT
Content-Length: 9726
Connection: close
Content-Type: application/javascript; charset=utf-8

nguonphimc.com/themes/np/js/owl.carousel.min.js

94.242.50.163

200 OK

6.5 kB

URL GET HTTP/1.1
nguonphimc.com/themes/np/js/owl.carousel.min.js
IP
94.242.50.163:80
ASN
#43317 SIA VEESP

Requested by
http://nguonphimc.com/xem-phim/vuong-quoc-cua-gio-f43859-15c-e533613.html

File type
JavaScript source, ASCII text, with very long lines (635), with CRLF line terminators
Size
6.5 kB (6464 bytes)
Hash
8c52f27fcac36c7667f8fb846e1e94d5
e5862559db659ffd530c91452d668c5e7b3f0f2d
6c1e31700f68d1666de6b0992e89d413434707718bf729a472404029845bdbad

HTTP Headers

GET /themes/np/js/owl.carousel.min.js HTTP/1.1
Host: nguonphimc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://nguonphimc.com/xem-phim/vuong-quoc-cua-gio-f43859-15c-e533613.html
Cookie: PHPSESSID=tfm9q3gva53gm9vg6jg8f5vff5; us_session_id=P26301
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 19 Apr 2024 03:37:03 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.0.33
Last-Modified: Fri, 19 Jan 2018 09:15:03 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: max-age=31536000, proxy-revalidate
Expires: Sat, 19 Apr 2025 03:37:03 GMT
Content-Length: 6464
Connection: close
Content-Type: application/javascript; charset=utf-8

nguonphimc.com/themes/np/js/wow.min.js

94.242.50.163

200 OK

2.7 kB

URL GET HTTP/1.1
nguonphimc.com/themes/np/js/wow.min.js
IP
94.242.50.163:80
ASN
#43317 SIA VEESP

Requested by
http://nguonphimc.com/xem-phim/vuong-quoc-cua-gio-f43859-15c-e533613.html

File type
JavaScript source, ASCII text, with very long lines (8385), with CRLF line terminators
Size
2.7 kB (2742 bytes)
Hash
e1f1ff6897992a9165e8ce009b4039e3
e297207404fea99863aea60a1dcd3770f8ecddee
37461d9b50fd93b2e6d064c4aa48cbc16d5b1e82c27f47270b87a39225cc00ac

HTTP Headers

GET /themes/np/js/wow.min.js HTTP/1.1
Host: nguonphimc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://nguonphimc.com/xem-phim/vuong-quoc-cua-gio-f43859-15c-e533613.html
Cookie: PHPSESSID=tfm9q3gva53gm9vg6jg8f5vff5; us_session_id=P26301
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 19 Apr 2024 03:37:03 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.0.33
Last-Modified: Fri, 19 Jan 2018 09:15:03 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: max-age=31536000, proxy-revalidate
Expires: Sat, 19 Apr 2025 03:37:03 GMT
Content-Length: 2742
Connection: close
Content-Type: application/javascript; charset=utf-8

nguonphimc.com/assets/3bd14e95/jquery.min.js

94.242.50.163

200 OK

34 kB

URL GET HTTP/1.1
nguonphimc.com/assets/3bd14e95/jquery.min.js
IP
94.242.50.163:80
ASN
#43317 SIA VEESP

Requested by
http://nguonphimc.com/xem-phim/vuong-quoc-cua-gio-f43859-15c-e533613.html

File type
JavaScript source, ASCII text, with very long lines (32077)
Size
34 kB (33693 bytes)
Hash
0fca26b5a37a66d68d0f4406976be4b5
ee000eb654b3bd37185665d3901e93b34ce1aa52
8c2812ded6436715279f8fd8db58de307aa39ab0296fe3cf0e879067c51e9b18

HTTP Headers

GET /assets/3bd14e95/jquery.min.js HTTP/1.1
Host: nguonphimc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://nguonphimc.com/xem-phim/vuong-quoc-cua-gio-f43859-15c-e533613.html
Cookie: PHPSESSID=tfm9q3gva53gm9vg6jg8f5vff5; us_session_id=P26301
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 19 Apr 2024 03:37:03 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.0.33
Last-Modified: Wed, 30 Nov 2022 09:07:34 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: max-age=31536000, proxy-revalidate
Expires: Sat, 19 Apr 2025 03:37:03 GMT
Content-Length: 33693
Connection: close
Content-Type: application/javascript; charset=utf-8

nguonphimc.com/assets/b2993a05/jwplayer.js?ver=2.4.8.2

94.242.50.163

200 OK

39 kB

URL GET HTTP/1.1
nguonphimc.com/assets/b2993a05/jwplayer.js?ver=2.4.8.2
IP
94.242.50.163:80
ASN
#43317 SIA VEESP

Requested by
http://nguonphimc.com/xem-phim/vuong-quoc-cua-gio-f43859-15c-e533613.html

File type
JavaScript source, Unicode text, UTF-8 text, with very long lines (65140)
Size
39 kB (39208 bytes)
Hash
637800d55d2ac43cd3c4a864fac04661
bfb57b2bbe30a271e945e5d36027d69fb01b24cf
2aac7ee38577a71b8f0ec381c7836fc29274407517b9038e879fa762651dc5fc

HTTP Headers

GET /assets/b2993a05/jwplayer.js?ver=2.4.8.2 HTTP/1.1
Host: nguonphimc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://nguonphimc.com/xem-phim/vuong-quoc-cua-gio-f43859-15c-e533613.html
Cookie: PHPSESSID=tfm9q3gva53gm9vg6jg8f5vff5; us_session_id=P26301
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 19 Apr 2024 03:37:03 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.0.33
Last-Modified: Wed, 30 Nov 2022 09:07:45 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: max-age=31536000, proxy-revalidate
Expires: Sat, 19 Apr 2025 03:37:03 GMT
Content-Length: 39208
Connection: close
Content-Type: application/javascript; charset=utf-8

www.googletagmanager.com/gtag/js?id=G-DDD7EKFG6W

142.250.74.72

200 OK

97 kB

URL GET HTTP/2
www.googletagmanager.com/gtag/js?id=G-DDD7EKFG6W
IP
142.250.74.72:443
ASN
#15169 GOOGLE

Requested by
http://nguonphimc.com/xem-phim/vuong-quoc-cua-gio-f43859-15c-e533613.html
Certificate
IssuerGoogle Trust Services LLC
Subject*.google-analytics.com
FingerprintBF:40:8C:8B:CB:69:1E:3F:E2:3B:B7:8A:8E:C0:D6:98:5F:81:FA:2D
ValidityMon, 04 Mar 2024 06:35:45 GMT - Mon, 27 May 2024 06:35:44 GMT

File type
JavaScript source, ASCII text, with very long lines (3969)
Size
97 kB (97098 bytes)
Hash
f5fe972b7c8f226d646e738555d27696
1a77b457c8d162db88a939b67e6000179111fa02
5a8e9600dbc868954f274dd85915b6cc1c5ae268dce58d13f40ffa37c2b4f82c

HTTP Headers

GET /gtag/js?id=G-DDD7EKFG6W HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://nguonphimc.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Fri, 19 Apr 2024 03:37:03 GMT
expires: Fri, 19 Apr 2024 03:37:03 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 97098
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

nguonphimc.com/themes/np/css/color.css?v=np2.4.8.2

94.242.50.163

200 OK

80 kB

URL GET HTTP/1.1
nguonphimc.com/themes/np/css/color.css?v=np2.4.8.2
IP
94.242.50.163:80
ASN
#43317 SIA VEESP

Requested by
http://nguonphimc.com/xem-phim/vuong-quoc-cua-gio-f43859-15c-e533613.html

File type
Unicode text, UTF-8 (with BOM) text, with very long lines (65533), with no line terminators
Size
80 kB (80132 bytes)
Hash
9ccfae82c1f9be3cf7c148a39228f53c
9abd7857d28f34c5007b11ee53d2818482775163
d962cf8c297e2b013c20dadac3f99d1af50957de8e1d1de8b4ea960fbd6fd7b6

HTTP Headers

GET /themes/np/css/color.css?v=np2.4.8.2 HTTP/1.1
Host: nguonphimc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://nguonphimc.com/xem-phim/vuong-quoc-cua-gio-f43859-15c-e533613.html
Cookie: PHPSESSID=tfm9q3gva53gm9vg6jg8f5vff5; us_session_id=P26301
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 19 Apr 2024 03:37:03 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.0.33
Last-Modified: Wed, 30 Nov 2022 08:58:35 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: max-age=31536000, proxy-revalidate
Expires: Sat, 19 Apr 2025 03:37:03 GMT
Connection: close
Transfer-Encoding: chunked
Content-Type: text/css; charset=utf-8

nguonphimc.com/themes/np/js/jquery.magnific-popup.min.js

94.242.50.163

200 OK

7.3 kB

URL GET HTTP/1.1
nguonphimc.com/themes/np/js/jquery.magnific-popup.min.js
IP
94.242.50.163:80
ASN
#43317 SIA VEESP

Requested by
http://nguonphimc.com/xem-phim/vuong-quoc-cua-gio-f43859-15c-e533613.html

File type
JavaScript source, ASCII text, with very long lines (20087), with CRLF line terminators
Size
7.3 kB (7346 bytes)
Hash
b37d7edf99565d3858eaa1ad80df3cff
786a4343711e9af5e5dfcc493e7d2331b48875bb
b0a45cd5aed66e27bd8ee861d0e3b782c8e79849bde32f90f078b9f2451a36f2

HTTP Headers

GET /themes/np/js/jquery.magnific-popup.min.js HTTP/1.1
Host: nguonphimc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://nguonphimc.com/xem-phim/vuong-quoc-cua-gio-f43859-15c-e533613.html
Cookie: PHPSESSID=tfm9q3gva53gm9vg6jg8f5vff5; us_session_id=P26301
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 19 Apr 2024 03:37:03 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.0.33
Last-Modified: Fri, 19 Jan 2018 09:15:03 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: max-age=31536000, proxy-revalidate
Expires: Sat, 19 Apr 2025 03:37:03 GMT
Content-Length: 7346
Connection: close
Content-Type: application/javascript; charset=utf-8

nguonphimc.com/themes/np/js/jquery.nice-select.js

94.242.50.163

200 OK

1.5 kB

URL GET HTTP/1.1
nguonphimc.com/themes/np/js/jquery.nice-select.js
IP
94.242.50.163:80
ASN
#43317 SIA VEESP

Requested by
http://nguonphimc.com/xem-phim/vuong-quoc-cua-gio-f43859-15c-e533613.html

File type
JavaScript source, Unicode text, UTF-8 text, with CRLF line terminators
Size
1.5 kB (1538 bytes)
Hash
723e741faba72abfb0e56b6e0f8a73d8
ba71788614e8e11dbeeebdcac9037b57e7a69ce4
39f6514264e1603542b6aa38ba44c3be0aa7bbdef56ed139d74fe75e24e642fa

HTTP Headers

GET /themes/np/js/jquery.nice-select.js HTTP/1.1
Host: nguonphimc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://nguonphimc.com/xem-phim/vuong-quoc-cua-gio-f43859-15c-e533613.html
Cookie: PHPSESSID=tfm9q3gva53gm9vg6jg8f5vff5; us_session_id=P26301
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 19 Apr 2024 03:37:03 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.0.33
Last-Modified: Fri, 19 Jan 2018 09:15:03 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: max-age=31536000, proxy-revalidate
Expires: Sat, 19 Apr 2025 03:37:03 GMT
Content-Length: 1538
Connection: close
Content-Type: application/javascript; charset=utf-8

nguonphimc.com/themes/np/js/jquery.showmore.src.js

94.242.50.163

200 OK

434 B

URL GET HTTP/1.1
nguonphimc.com/themes/np/js/jquery.showmore.src.js
IP
94.242.50.163:80
ASN
#43317 SIA VEESP

Requested by
http://nguonphimc.com/xem-phim/vuong-quoc-cua-gio-f43859-15c-e533613.html

File type
JavaScript source, ASCII text, with very long lines (432)
Size
434 B (434 bytes)
Hash
f67d16dc855157012280d1b8d2d0ac55
4eaa66120111bb8cb4c21884c647bf609ef3a7a5
89a7b91f92a0583bcfabc3dc0347bfb78822ebe75d229fb766ae2fdc6e7e0d28

HTTP Headers

GET /themes/np/js/jquery.showmore.src.js HTTP/1.1
Host: nguonphimc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://nguonphimc.com/xem-phim/vuong-quoc-cua-gio-f43859-15c-e533613.html
Cookie: PHPSESSID=tfm9q3gva53gm9vg6jg8f5vff5; us_session_id=P26301
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 19 Apr 2024 03:37:03 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.0.33
Last-Modified: Fri, 19 Jan 2018 09:15:03 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: max-age=31536000, proxy-revalidate
Expires: Sat, 19 Apr 2025 03:37:03 GMT
Content-Length: 434
Connection: close
Content-Type: application/javascript; charset=utf-8

nguonphimc.com/js/main.min.js?v=2.4.8.2

94.242.50.163

200 OK

5.6 kB

URL GET HTTP/1.1
nguonphimc.com/js/main.min.js?v=2.4.8.2
IP
94.242.50.163:80
ASN
#43317 SIA VEESP

Requested by
http://nguonphimc.com/xem-phim/vuong-quoc-cua-gio-f43859-15c-e533613.html

File type
JavaScript source, Unicode text, UTF-8 text, with very long lines (17159)
Size
5.6 kB (5620 bytes)
Hash
2f3514d630f0195787c0f99778202f3c
2ce2883a59c655b8e02d644a1449fcdfdf604486
23b47b8eb144a359fdd87940db44e0420e7e0062f3cbba762e0e22c35afb3749

HTTP Headers

GET /js/main.min.js?v=2.4.8.2 HTTP/1.1
Host: nguonphimc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://nguonphimc.com/xem-phim/vuong-quoc-cua-gio-f43859-15c-e533613.html
Cookie: PHPSESSID=tfm9q3gva53gm9vg6jg8f5vff5; us_session_id=P26301
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 19 Apr 2024 03:37:03 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.0.33
Last-Modified: Sat, 02 May 2020 19:55:57 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: max-age=31536000, proxy-revalidate
Expires: Sat, 19 Apr 2025 03:37:03 GMT
Content-Length: 5620
Connection: close
Content-Type: application/javascript; charset=utf-8

m3.nguonphim.net/media/images/1/logo/logo16012018.png

94.242.50.163

200 OK

10 kB

URL GET HTTP/1.1
m3.nguonphim.net/media/images/1/logo/logo16012018.png
IP
94.242.50.163:80
ASN
#43317 SIA VEESP

Requested by
http://nguonphimc.com/xem-phim/vuong-quoc-cua-gio-f43859-15c-e533613.html

File type
PNG image data, 124 x 40, 8-bit/color RGBA, interlaced
Size
10 kB (10065 bytes)
Hash
a9da8ca65d6ba20845e49ae6b63a0a92
f1c7861f134ba1af81047a0fda27027327b736ab
39eb6969b37ac9325026f79f791a7f8a46f9baa5976e3f0aa8b8772730af4e2c

HTTP Headers

GET /media/images/1/logo/logo16012018.png HTTP/1.1
Host: m3.nguonphim.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://nguonphimc.com/
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 19 Apr 2024 03:37:03 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.0.33
Last-Modified: Mon, 15 Jan 2018 20:06:20 GMT
ETag: "2751-562d625d53c2f"
Accept-Ranges: bytes
Content-Length: 10065
Cache-Control: max-age=5184000, public
Expires: Tue, 18 Jun 2024 03:37:03 GMT
Access-Control-Allow-Origin: *
Connection: close
Content-Type: image/png

m3.nguonhay.com/media/images/film/newcover/2024/1/s350_700/than-an-vuong-toa-throne-of-seal-1704993650.jpg

94.242.50.163

200 OK

70 kB

URL GET HTTP/1.1
m3.nguonhay.com/media/images/film/newcover/2024/1/s350_700/than-an-vuong-toa-throne-of-seal-1704993650.jpg
IP
94.242.50.163:80
ASN
#43317 SIA VEESP

Requested by
http://nguonphimc.com/xem-phim/vuong-quoc-cua-gio-f43859-15c-e533613.html

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 350x491, components 3
Size
70 kB (69566 bytes)
Hash
70a40dfce755801e4ba0d1556ef662e7
0d5ebbc060b1b79023a957a8aa26749b8358b1cb
a6edfceb4621a262269195d22f063a64188fbb010013a6270161d517304dea9d

HTTP Headers

GET /media/images/film/newcover/2024/1/s350_700/than-an-vuong-toa-throne-of-seal-1704993650.jpg HTTP/1.1
Host: m3.nguonhay.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://nguonphimc.com/
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 19 Apr 2024 03:37:03 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.0.33
Last-Modified: Thu, 11 Jan 2024 17:20:51 GMT
ETag: "10fbe-60eaec4f8a4c3"
Accept-Ranges: bytes
Content-Length: 69566
Cache-Control: max-age=5184000, public
Expires: Tue, 18 Jun 2024 03:37:03 GMT
Access-Control-Allow-Origin: *
Connection: close
Content-Type: image/jpeg

m3.nguonhay.com/media/images/film/mptv/s350_700/nu-hoang-nuoc-mat-1707443450.jpg

94.242.50.163

200 OK

55 kB

URL GET HTTP/1.1
m3.nguonhay.com/media/images/film/mptv/s350_700/nu-hoang-nuoc-mat-1707443450.jpg
IP
94.242.50.163:80
ASN
#43317 SIA VEESP

Requested by
http://nguonphimc.com/xem-phim/vuong-quoc-cua-gio-f43859-15c-e533613.html

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 350x501, components 3
Size
55 kB (55340 bytes)
Hash
7d84be20e84510c02a36491f73526483
911556208f24946169d6e9afe33fc2e5f6e48470
84cdd62c2838005fc964ed071a20d264327cc45c1403b1126ceb263fe479c06a

HTTP Headers

GET /media/images/film/mptv/s350_700/nu-hoang-nuoc-mat-1707443450.jpg HTTP/1.1
Host: m3.nguonhay.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://nguonphimc.com/
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 19 Apr 2024 03:37:03 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.0.33
Last-Modified: Sun, 10 Mar 2024 18:55:46 GMT
ETag: "d82c-61352f90ce8d6"
Accept-Ranges: bytes
Content-Length: 55340
Cache-Control: max-age=5184000, public
Expires: Tue, 18 Jun 2024 03:37:03 GMT
Access-Control-Allow-Origin: *
Connection: close
Content-Type: image/jpeg

m3.nguonhay.com/media/images/film/ff/s350_700/the-gioi-hoan-my-1619204356.jpg

94.242.50.163

200 OK

45 kB

URL GET HTTP/1.1
m3.nguonhay.com/media/images/film/ff/s350_700/the-gioi-hoan-my-1619204356.jpg
IP
94.242.50.163:80
ASN
#43317 SIA VEESP

Requested by
http://nguonphimc.com/xem-phim/vuong-quoc-cua-gio-f43859-15c-e533613.html

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, progressive, precision 8, 238x344, components 3
Size
45 kB (44925 bytes)
Hash
5e060cae43f33fc6ee9baa645c696f8e
9ac7805332b99d6e27afff6d96d47d72a0369fc8
ed17139b51f4cb501cfa17c692cc257437127fa92980851547df75f6402f13c0

HTTP Headers

GET /media/images/film/ff/s350_700/the-gioi-hoan-my-1619204356.jpg HTTP/1.1
Host: m3.nguonhay.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://nguonphimc.com/
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 19 Apr 2024 03:37:03 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.0.33
Last-Modified: Fri, 23 Apr 2021 18:59:22 GMT
ETag: "af7d-5c0a864d52e4d"
Accept-Ranges: bytes
Content-Length: 44925
Cache-Control: max-age=5184000, public
Expires: Tue, 18 Jun 2024 03:37:03 GMT
Access-Control-Allow-Origin: *
Connection: close
Content-Type: image/jpeg

nguonphimc.com/img/loading_film.gif

94.242.50.163

200 OK

1.9 kB

URL GET HTTP/1.1
nguonphimc.com/img/loading_film.gif
IP
94.242.50.163:80
ASN
#43317 SIA VEESP

Requested by
http://nguonphimc.com/xem-phim/vuong-quoc-cua-gio-f43859-15c-e533613.html

File type
GIF image data, version 89a, 34 x 34
Size
1.9 kB (1924 bytes)
Hash
b9d35ba13f16629ec47d785d61d2204c
680ccabf459357685db0c404f4ef23543e735729
43b3f6a202a86e29f40d8a102cf62565fcdc07cebb55185f13eb86b0fbc8c5e6

HTTP Headers

GET /img/loading_film.gif HTTP/1.1
Host: nguonphimc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://nguonphimc.com/xem-phim/vuong-quoc-cua-gio-f43859-15c-e533613.html
Cookie: PHPSESSID=tfm9q3gva53gm9vg6jg8f5vff5; us_session_id=P26301
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 19 Apr 2024 03:37:03 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.0.33
Last-Modified: Mon, 25 Dec 2017 07:17:53 GMT
Accept-Ranges: bytes
Content-Length: 1924
Cache-Control: max-age=2592000, public
Expires: Sun, 19 May 2024 03:37:03 GMT
Connection: close
Content-Type: image/gif

m3.nguonhay.com/media/images/film/bio/s350_700/chim-boi-ca-1665899828.jpg

94.242.50.163

200 OK

87 kB

URL GET HTTP/1.1
m3.nguonhay.com/media/images/film/bio/s350_700/chim-boi-ca-1665899828.jpg
IP
94.242.50.163:80
ASN
#43317 SIA VEESP

Requested by
http://nguonphimc.com/xem-phim/vuong-quoc-cua-gio-f43859-15c-e533613.html

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, progressive, precision 8, 350x438, components 3
Size
87 kB (86614 bytes)
Hash
cdb099f8426bd971ac65260f52a7c035
549e05f3215272e4a12832eaf94504d694383bec
e46c8ded7ae8965e2881e946441d5a65cfb6937e9f97d1351c70658c5818ba88

HTTP Headers

GET /media/images/film/bio/s350_700/chim-boi-ca-1665899828.jpg HTTP/1.1
Host: m3.nguonhay.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://nguonphimc.com/
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 19 Apr 2024 03:37:03 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.0.33
Last-Modified: Mon, 24 Oct 2022 16:27:41 GMT
ETag: "15256-5ebca453fbe31"
Accept-Ranges: bytes
Content-Length: 86614
Cache-Control: max-age=5184000, public
Expires: Tue, 18 Jun 2024 03:37:03 GMT
Access-Control-Allow-Origin: *
Connection: close
Content-Type: image/jpeg

m3.nguonhay.com/media/images/film/newcover/2021/6/s350_700/vua-hai-tac-1624252456.jpg

94.242.50.163

200 OK

102 kB

URL GET HTTP/1.1
m3.nguonhay.com/media/images/film/newcover/2021/6/s350_700/vua-hai-tac-1624252456.jpg
IP
94.242.50.163:80
ASN
#43317 SIA VEESP

Requested by
http://nguonphimc.com/xem-phim/vuong-quoc-cua-gio-f43859-15c-e533613.html

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 350x525, components 3
Size
102 kB (102471 bytes)
Hash
f3b3235be303bcdd8806ee587f879d0a
c5cfc2f2b686184a9bb5d8495268fb62e685d17c
f365d987c622865d1bac410f3814dabce383d1dd2d961f00aafaf256b251c42e

HTTP Headers

GET /media/images/film/newcover/2021/6/s350_700/vua-hai-tac-1624252456.jpg HTTP/1.1
Host: m3.nguonhay.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://nguonphimc.com/
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 19 Apr 2024 03:37:03 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.0.33
Last-Modified: Mon, 21 Jun 2021 05:14:17 GMT
ETag: "19047-5c53fbebf16b6"
Accept-Ranges: bytes
Content-Length: 102471
Cache-Control: max-age=5184000, public
Expires: Tue, 18 Jun 2024 03:37:03 GMT
Access-Control-Allow-Origin: *
Connection: close
Content-Type: image/jpeg

m3.nguonhay.com/media/images/film/pol/s350_700/vo-than-chua-te-1583765005.jpg

94.242.50.163

200 OK

70 kB

URL GET HTTP/1.1
m3.nguonhay.com/media/images/film/pol/s350_700/vo-than-chua-te-1583765005.jpg
IP
94.242.50.163:80
ASN
#43317 SIA VEESP

Requested by
http://nguonphimc.com/xem-phim/vuong-quoc-cua-gio-f43859-15c-e533613.html

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, progressive, precision 8, 300x426, components 3
Size
70 kB (70369 bytes)
Hash
fabd25bf58c53cf84b93d09b16a5dab1
44d008211bf7a481cb35b3187b825f54e7c9631c
06138ff6cdd143a248a3b31bbcb4e88ee295c0d11a987a60b9f0c4043fee79e0

HTTP Headers

GET /media/images/film/pol/s350_700/vo-than-chua-te-1583765005.jpg HTTP/1.1
Host: m3.nguonhay.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://nguonphimc.com/
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 19 Apr 2024 03:37:03 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.0.33
Last-Modified: Fri, 12 Jun 2020 07:03:11 GMT
ETag: "112e1-5a7ddab8b8f40"
Accept-Ranges: bytes
Content-Length: 70369
Cache-Control: max-age=5184000, public
Expires: Tue, 18 Jun 2024 03:37:03 GMT
Access-Control-Allow-Origin: *
Connection: close
Content-Type: image/jpeg

nguonphimc.com/themes/np/images/icon-search-menu.png

94.242.50.163

200 OK

1.2 kB

URL GET HTTP/1.1
nguonphimc.com/themes/np/images/icon-search-menu.png
IP
94.242.50.163:80
ASN
#43317 SIA VEESP

Requested by
http://nguonphimc.com/xem-phim/vuong-quoc-cua-gio-f43859-15c-e533613.html

File type
PNG image data, 19 x 19, 8-bit/color RGBA, non-interlaced
Size
1.2 kB (1229 bytes)
Hash
e573652e7d75f6471431e9fd48ca706c
ef9de78ae35eb6d6f3e04744612c7bed87c3a5ee
49cd4ed8ef5f3b960bdb9a9024f1b4a83b96e39425a339fd1afc2486709c432b

HTTP Headers

GET /themes/np/images/icon-search-menu.png HTTP/1.1
Host: nguonphimc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://nguonphimc.com/themes/np/css/color.css?v=np2.4.8.2
Cookie: PHPSESSID=tfm9q3gva53gm9vg6jg8f5vff5; us_session_id=P26301; _ga_DDD7EKFG6W=GS1.1.1713497823.1.0.1713497824.0.0.0; _ga=GA1.1.1452574386.1713497824
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 19 Apr 2024 03:37:04 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.0.33
Last-Modified: Fri, 19 Jan 2018 09:15:00 GMT
Accept-Ranges: bytes
Content-Length: 1229
Cache-Control: max-age=2592000, public
Expires: Sun, 19 May 2024 03:37:04 GMT
Connection: close
Content-Type: image/png

fonts.googleapis.com/css?family=Open+Sans:300,300i,400,400i,600,600i,700,700i,800,800i|Roboto:100,100i,300,300i,400,400i,500,500i,700,700i,900,900i&subset=latin-ext,vietnamese

142.250.74.74

200 OK

80 kB

URL GET HTTP/3
fonts.googleapis.com/css?family=Open+Sans:300,300i,400,400i,600,600i,700,700i,800,800i|Roboto:100,100i,300,300i,400,400i,500,500i,700,700i,900,900i&subset=latin-ext,vietnamese
IP
142.250.74.74:443
ASN
#15169 GOOGLE

Requested by
http://grab.nguonphimc.com/embed/vuong-quoc-cua-gio-f43859.html?api=nguonphimc.com&esp=533613&aesp=15c&user=P26301&tim=1713497824&key=rlennKOWVW9kamdkZ25qa2hlX1eoppujkp6XVXBhsA
Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint47:5A:64:7D:9F:47:34:07:31:91:97:F7:04:42:7A:D5:EA:AD:07:4E
ValidityMon, 04 Mar 2024 07:16:44 GMT - Mon, 27 May 2024 07:16:43 GMT

File type
gzip compressed data, max compression
Size
80 kB (80152 bytes)
Hash
183bbd74694a589c651cba4ddcfa6b4d
b5d3c1b1c5bc8032485ea91fa971c4551fd739c2
e460f356cffb06c82bd1f39544e426a45eac6b3aa93be8dbf288693a51b37163

HTTP Headers

GET /css?family=Open+Sans:300,300i,400,400i,600,600i,700,700i,800,800i|Roboto:100,100i,300,300i,400,400i,500,500i,700,700i,900,900i&subset=latin-ext,vietnamese HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://nguonphimc.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Fri, 19 Apr 2024 03:37:03 GMT
date: Fri, 19 Apr 2024 03:37:03 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

142.250.74.131

200 OK

16 kB

URL GET HTTP/2
fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
IP
142.250.74.131:443
ASN
#15169 GOOGLE

Requested by
http://nguonphimc.com/xem-phim/vuong-quoc-cua-gio-f43859-15c-e533613.html
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint8F:81:43:71:C4:F3:8C:FA:6D:EC:B4:5E:1F:58:71:AA:48:42:0E:E9
ValidityMon, 04 Mar 2024 07:16:39 GMT - Mon, 27 May 2024 07:16:38 GMT

File type
Web Open Font Format (Version 2), TrueType, length 15744, version 1.0
Size
16 kB (15744 bytes)
Hash
15d9f621c3bd1599f0169dcf0bd5e63e
7ca9c5967f3bb8bffeab24b639b49c1e7d03fa52
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

HTTP Headers

GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://nguonphimc.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15744
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 18 Apr 2024 02:37:01 GMT
expires: Fri, 18 Apr 2025 02:37:01 GMT
cache-control: public, max-age=31536000
age: 90003
last-modified: Wed, 11 May 2022 19:24:48 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu7GxKOzY.woff2

142.250.74.131

200 OK

12 kB

URL GET HTTP/2
fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu7GxKOzY.woff2
IP
142.250.74.131:443
ASN
#15169 GOOGLE

Requested by
http://nguonphimc.com/xem-phim/vuong-quoc-cua-gio-f43859-15c-e533613.html
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint8F:81:43:71:C4:F3:8C:FA:6D:EC:B4:5E:1F:58:71:AA:48:42:0E:E9
ValidityMon, 04 Mar 2024 07:16:39 GMT - Mon, 27 May 2024 07:16:38 GMT

File type
Web Open Font Format (Version 2), TrueType, length 11872, version 1.0
Size
12 kB (11872 bytes)
Hash
87ace20058325aa069320aa4af875dff
b743548770c46d905ae1ba06310bc001c587fe8e
3c23eb02de6b34e30f18cfb7167abd81a2cedfd1da60dfcb71989517ab3fb431

HTTP Headers

GET /s/roboto/v30/KFOmCnqEu92Fr1Mu7GxKOzY.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://nguonphimc.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 11872
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 16 Apr 2024 01:19:30 GMT
expires: Wed, 16 Apr 2025 01:19:30 GMT
cache-control: public, max-age=31536000
age: 267454
last-modified: Wed, 11 May 2022 19:25:01 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSCmu1aB.woff2

142.250.74.131

200 OK

17 kB

URL GET HTTP/2
fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSCmu1aB.woff2
IP
142.250.74.131:443
ASN
#15169 GOOGLE

Requested by
http://nguonphimc.com/xem-phim/vuong-quoc-cua-gio-f43859-15c-e533613.html
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint8F:81:43:71:C4:F3:8C:FA:6D:EC:B4:5E:1F:58:71:AA:48:42:0E:E9
ValidityMon, 04 Mar 2024 07:16:39 GMT - Mon, 27 May 2024 07:16:38 GMT

File type
Web Open Font Format (Version 2), TrueType, length 16552, version 1.0
Size
17 kB (16552 bytes)
Hash
283c40f79deab0300df8b3ffd86dfc7b
2ef09414a573ac59f4b37e81c8b8a881244b345f
35e5eea83f2e5f2bad1213aa4b4aef30a380720e35c1821f19bc894f8e61e406

HTTP Headers

GET /s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSCmu1aB.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://nguonphimc.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 16552
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 18 Apr 2024 02:33:39 GMT
expires: Fri, 18 Apr 2025 02:33:39 GMT
cache-control: public, max-age=31536000
age: 90205
last-modified: Thu, 14 Dec 2023 02:08:40 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSGmu1aB.woff2

142.250.74.131

200 OK

35 kB

URL GET HTTP/2
fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSGmu1aB.woff2
IP
142.250.74.131:443
ASN
#15169 GOOGLE

Requested by
http://nguonphimc.com/xem-phim/vuong-quoc-cua-gio-f43859-15c-e533613.html
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint8F:81:43:71:C4:F3:8C:FA:6D:EC:B4:5E:1F:58:71:AA:48:42:0E:E9
ValidityMon, 04 Mar 2024 07:16:39 GMT - Mon, 27 May 2024 07:16:38 GMT

File type
Web Open Font Format (Version 2), TrueType, length 35328, version 1.0
Size
35 kB (35328 bytes)
Hash
7670dba29aa2a1560c5d711ea6f6b369
6a2a620d2972f139c804c5a8363c91eb1a7595f6
adfa45260a1306cb5fefc1f17c1b5e7b61135534a82bf1b8e3d0540af7e07e3b

HTTP Headers

GET /s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSGmu1aB.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://nguonphimc.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 35328
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 18 Apr 2024 17:27:30 GMT
expires: Fri, 18 Apr 2025 17:27:30 GMT
cache-control: public, max-age=31536000
age: 36574
last-modified: Thu, 14 Dec 2023 02:00:45 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.googleapis.com/icon?family=Material+Icons

142.250.74.74

200 OK

129 kB

URL GET HTTP/2
fonts.googleapis.com/icon?family=Material+Icons
IP
142.250.74.74:443
ASN
#15169 GOOGLE

Requested by
http://nguonphimc.com/xem-phim/vuong-quoc-cua-gio-f43859-15c-e533613.html
Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint47:5A:64:7D:9F:47:34:07:31:91:97:F7:04:42:7A:D5:EA:AD:07:4E
ValidityMon, 04 Mar 2024 07:16:44 GMT - Mon, 27 May 2024 07:16:43 GMT

File type
gzip compressed data, max compression
Size
129 kB (128692 bytes)
Hash
48939bf81cccf3f1e06e65006d90d2aa
13bcf4f40952b1e833fa712451d78cc18af8ece2
bde3fb832eba0f022be74d01f1cd099bf4dfcccfc922f4d0024167d8ac21c238

HTTP Headers

GET /icon?family=Material+Icons HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://nguonphimc.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Fri, 19 Apr 2024 03:37:03 GMT
date: Fri, 19 Apr 2024 03:37:03 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

142.250.74.131

200 OK

48 kB

URL GET HTTP/2
fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
IP
142.250.74.131:443
ASN
#15169 GOOGLE

Requested by
http://nguonphimc.com/xem-phim/vuong-quoc-cua-gio-f43859-15c-e533613.html
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint8F:81:43:71:C4:F3:8C:FA:6D:EC:B4:5E:1F:58:71:AA:48:42:0E:E9
ValidityMon, 04 Mar 2024 07:16:39 GMT - Mon, 27 May 2024 07:16:38 GMT

File type
Web Open Font Format (Version 2), TrueType, length 48236, version 1.0
Size
48 kB (48236 bytes)
Hash
015c126a3520c9a8f6a27979d0266e96
2acf956561d44434a6d84204670cf849d3215d5f
3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa

HTTP Headers

GET /s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://nguonphimc.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 48236
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 16 Apr 2024 08:04:32 GMT
expires: Wed, 16 Apr 2025 08:04:32 GMT
cache-control: public, max-age=31536000
age: 243152
last-modified: Thu, 14 Dec 2023 02:08:40 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.googleapis.com/css?family=Montserrat:100,100i,200,200i,300,300i,400,400i,500,500i,600,600i,700,700i,800,800i,900,900i

142.250.74.74

200 OK

6.6 kB

URL GET HTTP/2
fonts.googleapis.com/css?family=Montserrat:100,100i,200,200i,300,300i,400,400i,500,500i,600,600i,700,700i,800,800i,900,900i
IP
142.250.74.74:443
ASN
#15169 GOOGLE

Requested by
http://nguonphimc.com/xem-phim/vuong-quoc-cua-gio-f43859-15c-e533613.html
Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint47:5A:64:7D:9F:47:34:07:31:91:97:F7:04:42:7A:D5:EA:AD:07:4E
ValidityMon, 04 Mar 2024 07:16:44 GMT - Mon, 27 May 2024 07:16:43 GMT

File type
gzip compressed data, max compression
Size
6.6 kB (6559 bytes)
Hash
c62344e37fb33526887888a13b71c470
d0bd2639d9fe8d86c3ae00a01c07b59f1400ac0d
b0406b2b8a54d1e5bf8c14c3527059eed034ecfd5de5e7d6d1dd3cac0ae57be7

HTTP Headers

GET /css?family=Montserrat:100,100i,200,200i,300,300i,400,400i,500,500i,600,600i,700,700i,800,800i,900,900i HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://nguonphimc.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Fri, 19 Apr 2024 03:37:03 GMT
date: Fri, 19 Apr 2024 03:37:03 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

142.250.74.131

200 OK

16 kB

URL GET HTTP/2
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
IP
142.250.74.131:443
ASN
#15169 GOOGLE

Requested by
http://nguonphimc.com/xem-phim/vuong-quoc-cua-gio-f43859-15c-e533613.html
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint8F:81:43:71:C4:F3:8C:FA:6D:EC:B4:5E:1F:58:71:AA:48:42:0E:E9
ValidityMon, 04 Mar 2024 07:16:39 GMT - Mon, 27 May 2024 07:16:38 GMT

File type
Web Open Font Format (Version 2), TrueType, length 15860, version 1.0
Size
16 kB (15860 bytes)
Hash
e9f5aaf547f165386cd313b995dddd8e
acdef5603c2387b0e5bffd744b679a24a8bc1968
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

HTTP Headers

GET /s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://nguonphimc.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15860
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 16 Apr 2024 10:46:32 GMT
expires: Wed, 16 Apr 2025 10:46:32 GMT
cache-control: public, max-age=31536000
age: 233432
last-modified: Wed, 11 May 2022 19:24:42 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfCxc4EsA.woff2

142.250.74.131

200 OK

5.5 kB

URL GET HTTP/2
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfCxc4EsA.woff2
IP
142.250.74.131:443
ASN
#15169 GOOGLE

Requested by
http://nguonphimc.com/xem-phim/vuong-quoc-cua-gio-f43859-15c-e533613.html
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint8F:81:43:71:C4:F3:8C:FA:6D:EC:B4:5E:1F:58:71:AA:48:42:0E:E9
ValidityMon, 04 Mar 2024 07:16:39 GMT - Mon, 27 May 2024 07:16:38 GMT

File type
Web Open Font Format (Version 2), TrueType, length 5548, version 1.0
Size
5.5 kB (5548 bytes)
Hash
cdaab83619fcacd4027a77c99dd51e69
9e6eae8554f8cc2309b2dae2d9fa217e34eed6a4
4ec57f2a80b91090971b83970230ca09ab3568c5f5b224896ca9aa6180a76aa9

HTTP Headers

GET /s/roboto/v30/KFOlCnqEu92Fr1MmWUlfCxc4EsA.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://nguonphimc.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 5548
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 18 Apr 2024 02:45:59 GMT
expires: Fri, 18 Apr 2025 02:45:59 GMT
cache-control: public, max-age=31536000
age: 89465
last-modified: Wed, 11 May 2022 19:24:45 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

chokedsmelt.com/5b/28/bb/5b28bb3338748187b2166508de2d96b3.js

192.243.61.225

200 OK

16 kB

URL GET HTTP/1.1
chokedsmelt.com/5b/28/bb/5b28bb3338748187b2166508de2d96b3.js
IP
192.243.61.225:80
ASN
#39572 DataWeb Global Group B.V.

Requested by
http://nguonphimc.com/xem-phim/vuong-quoc-cua-gio-f43859-15c-e533613.html

File type
JavaScript source, ASCII text, with very long lines (44059), with no line terminators
Size
16 kB (15817 bytes)
Hash
d17075939d1248cfe0674325f871ee85
ea63fc8f4f38baa3f3844982871f82a2559637df
b5682a7f8bf616ed2f4b197fabeb3d670d3ca06a4612e7b44585d8a4431e822e

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /5b/28/bb/5b28bb3338748187b2166508de2d96b3.js HTTP/1.1
Host: chokedsmelt.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://nguonphimc.com/
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Fri, 19 Apr 2024 03:37:04 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 1356d79a9257f7ba256dbadd10950180
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip

downstairsnegotiatebarren.com/sfp.js

104.21.35.227

301 Moved Permanently

167 B

URL GET HTTP/1.1
downstairsnegotiatebarren.com/sfp.js
IP
104.21.35.227:80
ASN
#13335 CLOUDFLARENET

Requested by
http://nguonphimc.com/xem-phim/vuong-quoc-cua-gio-f43859-15c-e533613.html

File type
HTML document, ASCII text, with CRLF line terminators
Size
167 B (167 bytes)
Hash
0104c301c5e02bd6148b8703d19b3a73
7436e0b4b1f8c222c38069890b75fa2baf9ca620
446a6087825fa73eadb045e5a2e9e2adf7df241b571228187728191d961dda1f

HTTP Headers

GET /sfp.js HTTP/1.1
Host: downstairsnegotiatebarren.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://nguonphimc.com/
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 301 Moved Permanently
Date: Fri, 19 Apr 2024 03:37:04 GMT
Content-Type: text/html
Content-Length: 167
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Fri, 19 Apr 2024 04:37:04 GMT
Location: https://downstairsnegotiatebarren.com/sfp.js
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=2%2FCzY%2FCnMktJ56oELEN6IjaMa5SeS8oA%2FdrOvA9QPGJwZ06pE1EtIl1WpjTitSHZqX%2BIRqqj0ljeujapLcTnw6Wn0qroFw1dPOt0LUTVfoJeM68CNLPSMy4WDyauhIqZqingsfmHlMW1fXx6nq0sHA%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 8769da9abb185697-OSL
alt-svc: h2=":443"; ma=60

fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

142.250.74.131

200 OK

48 kB

URL GET HTTP/2
fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
IP
142.250.74.131:443
ASN
#15169 GOOGLE

Requested by
http://nguonphimc.com/xem-phim/vuong-quoc-cua-gio-f43859-15c-e533613.html
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint8F:81:43:71:C4:F3:8C:FA:6D:EC:B4:5E:1F:58:71:AA:48:42:0E:E9
ValidityMon, 04 Mar 2024 07:16:39 GMT - Mon, 27 May 2024 07:16:38 GMT

File type
Web Open Font Format (Version 2), TrueType, length 48236, version 1.0
Size
48 kB (48236 bytes)
Hash
015c126a3520c9a8f6a27979d0266e96
2acf956561d44434a6d84204670cf849d3215d5f
3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa

HTTP Headers

GET /s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://nguonphimc.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 48236
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 16 Apr 2024 08:04:32 GMT
expires: Wed, 16 Apr 2025 08:04:32 GMT
cache-control: public, max-age=31536000
age: 243152
last-modified: Thu, 14 Dec 2023 02:08:40 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

142.250.74.131

200 OK

48 kB

URL GET HTTP/2
fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
IP
142.250.74.131:443
ASN
#15169 GOOGLE

Requested by
http://nguonphimc.com/xem-phim/vuong-quoc-cua-gio-f43859-15c-e533613.html
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint8F:81:43:71:C4:F3:8C:FA:6D:EC:B4:5E:1F:58:71:AA:48:42:0E:E9
ValidityMon, 04 Mar 2024 07:16:39 GMT - Mon, 27 May 2024 07:16:38 GMT

File type
Web Open Font Format (Version 2), TrueType, length 48236, version 1.0
Size
48 kB (48236 bytes)
Hash
015c126a3520c9a8f6a27979d0266e96
2acf956561d44434a6d84204670cf849d3215d5f
3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa

HTTP Headers

GET /s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://nguonphimc.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 48236
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 16 Apr 2024 08:04:32 GMT
expires: Wed, 16 Apr 2025 08:04:32 GMT
cache-control: public, max-age=31536000
age: 243152
last-modified: Thu, 14 Dec 2023 02:08:40 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSGmu1aB.woff2

142.250.74.131

200 OK

35 kB

URL GET HTTP/2
fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSGmu1aB.woff2
IP
142.250.74.131:443
ASN
#15169 GOOGLE

Requested by
http://nguonphimc.com/xem-phim/vuong-quoc-cua-gio-f43859-15c-e533613.html
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint8F:81:43:71:C4:F3:8C:FA:6D:EC:B4:5E:1F:58:71:AA:48:42:0E:E9
ValidityMon, 04 Mar 2024 07:16:39 GMT - Mon, 27 May 2024 07:16:38 GMT

File type
Web Open Font Format (Version 2), TrueType, length 35328, version 1.0
Size
35 kB (35328 bytes)
Hash
7670dba29aa2a1560c5d711ea6f6b369
6a2a620d2972f139c804c5a8363c91eb1a7595f6
adfa45260a1306cb5fefc1f17c1b5e7b61135534a82bf1b8e3d0540af7e07e3b

HTTP Headers

GET /s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSGmu1aB.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://nguonphimc.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 35328
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 18 Apr 2024 17:27:30 GMT
expires: Fri, 18 Apr 2025 17:27:30 GMT
cache-control: public, max-age=31536000
age: 36574
last-modified: Thu, 14 Dec 2023 02:00:45 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSCmu1aB.woff2

142.250.74.131

200 OK

17 kB

URL GET HTTP/2
fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSCmu1aB.woff2
IP
142.250.74.131:443
ASN
#15169 GOOGLE

Requested by
http://nguonphimc.com/xem-phim/vuong-quoc-cua-gio-f43859-15c-e533613.html
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint8F:81:43:71:C4:F3:8C:FA:6D:EC:B4:5E:1F:58:71:AA:48:42:0E:E9
ValidityMon, 04 Mar 2024 07:16:39 GMT - Mon, 27 May 2024 07:16:38 GMT

File type
Web Open Font Format (Version 2), TrueType, length 16552, version 1.0
Size
17 kB (16552 bytes)
Hash
283c40f79deab0300df8b3ffd86dfc7b
2ef09414a573ac59f4b37e81c8b8a881244b345f
35e5eea83f2e5f2bad1213aa4b4aef30a380720e35c1821f19bc894f8e61e406

HTTP Headers

GET /s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSCmu1aB.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://nguonphimc.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 16552
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 18 Apr 2024 02:33:39 GMT
expires: Fri, 18 Apr 2025 02:33:39 GMT
cache-control: public, max-age=31536000
age: 90205
last-modified: Thu, 14 Dec 2023 02:08:40 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

proftrafficcounter.com/stats

52.29.148.107

200 OK

40 B

URL GET HTTP/2
proftrafficcounter.com/stats
IP
52.29.148.107:443
ASN
#16509 AMAZON-02

Requested by
http://nguonphimc.com/xem-phim/vuong-quoc-cua-gio-f43859-15c-e533613.html
Certificate
IssuerAmazon
Subjectproftrafficcounter.com
FingerprintE3:9F:79:6F:80:C0:BF:F8:C4:EB:45:F3:E9:0F:A7:41:F6:0C:05:E6
ValidityTue, 21 Nov 2023 00:00:00 GMT - Thu, 19 Dec 2024 23:59:59 GMT

File type
ASCII text, with no line terminators
Size
40 B (40 bytes)
Hash
5b13cee25aefe0f57e9d283a96f26f29
39b4ef1786aa7ff91bd6b59ddd541117e1cd229b
5f17c2e97b0b3ac9931f5df42cff8b1017c421597d38af8b7e34ad457ffad79b

HTTP Headers

GET /stats HTTP/1.1
Host: proftrafficcounter.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://nguonphimc.com
DNT: 1
Connection: keep-alive
Referer: http://nguonphimc.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 19 Apr 2024 03:37:04 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: http://nguonphimc.com
vary: Origin
access-control-allow-credentials: true
set-cookie: uid_id2=f91793d4-a15a-47d5-9c49-e930848ebbad:1:1; expires=Mon, 17 Apr 2034 03:37:04 GMT; secure; SameSite=None
X-Firefox-Spdy: h2

nguonphimc.com/themes/np/images/button_km.png

94.242.50.163

200 OK

2.6 kB

URL GET HTTP/1.1
nguonphimc.com/themes/np/images/button_km.png
IP
94.242.50.163:80
ASN
#43317 SIA VEESP

Requested by
http://nguonphimc.com/xem-phim/vuong-quoc-cua-gio-f43859-15c-e533613.html

File type
PNG image data, 66 x 50, 8-bit/color RGBA, non-interlaced
Size
2.6 kB (2646 bytes)
Hash
05238f78240b8bb3d2453e866550a011
766a5353d457d5282bb04192072a116073b8666d
aed76e5f2deac5394da887c6b862ab04fbc3e601348006da714310d72c5dfc60

HTTP Headers

GET /themes/np/images/button_km.png HTTP/1.1
Host: nguonphimc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://nguonphimc.com/themes/np/css/color.css?v=np2.4.8.2
Cookie: PHPSESSID=tfm9q3gva53gm9vg6jg8f5vff5; us_session_id=P26301; _ga_DDD7EKFG6W=GS1.1.1713497823.1.0.1713497824.0.0.0; _ga=GA1.1.1452574386.1713497824
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 19 Apr 2024 03:37:04 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.0.33
Last-Modified: Fri, 19 Jan 2018 09:15:00 GMT
Accept-Ranges: bytes
Content-Length: 2646
Cache-Control: max-age=2592000, public
Expires: Sun, 19 May 2024 03:37:04 GMT
Connection: close
Content-Type: image/png

nguonphimc.com/site/site/checkaccess/

94.242.50.163

200 OK

7 B

URL POST HTTP/1.1
nguonphimc.com/site/site/checkaccess/
IP
94.242.50.163:80
ASN
#43317 SIA VEESP

Requested by
http://nguonphimc.com/xem-phim/vuong-quoc-cua-gio-f43859-15c-e533613.html

File type
ASCII text, with no line terminators
Size
7 B (7 bytes)
Hash
4e3ca82bee9b6a4b6c6e30ca31234e50
f007b014714adb9c2c7c105e64dfa8448e9ec77a
148ecdac86b94c986a6bb2da57595b2cc4b35afa88e266ec7f30f79530803efb

HTTP Headers

POST /site/site/checkaccess/ HTTP/1.1
Host: nguonphimc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
X-Requested-With: XMLHttpRequest
Content-Length: 105
Origin: http://nguonphimc.com
DNT: 1
Connection: keep-alive
Referer: http://nguonphimc.com/xem-phim/vuong-quoc-cua-gio-f43859-15c-e533613.html
Cookie: PHPSESSID=tfm9q3gva53gm9vg6jg8f5vff5; us_session_id=P26301; _ga_DDD7EKFG6W=GS1.1.1713497823.1.0.1713497824.0.0.0; _ga=GA1.1.1452574386.1713497824
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 19 Apr 2024 03:37:04 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.0.33
X-Powered-By: PHP/7.0.33
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
X-UA-Compatible: IE=edge,chrome=1
Content-Length: 7
Connection: close
Content-Type: text/html; charset=UTF-8

nguonphimc.com/themes/np/images/bottomNavOFF.png

94.242.50.163

200 OK

1.3 kB

URL GET HTTP/1.1
nguonphimc.com/themes/np/images/bottomNavOFF.png
IP
94.242.50.163:80
ASN
#43317 SIA VEESP

Requested by
http://nguonphimc.com/xem-phim/vuong-quoc-cua-gio-f43859-15c-e533613.html

File type
PNG image data, 13 x 13, 8-bit/color RGBA, non-interlaced
Size
1.3 kB (1250 bytes)
Hash
840cd790a57c4cee3fb5b50d448dfd3a
976ecfbdaadc569488019ad246b6dfa31bdab85b
d317c5f6a5b4342d84bcc00cb0c99d2ce3c7d6f1044ac8036d722fcbf728baeb

HTTP Headers

GET /themes/np/images/bottomNavOFF.png HTTP/1.1
Host: nguonphimc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://nguonphimc.com/themes/np/css/color.css?v=np2.4.8.2
Cookie: PHPSESSID=tfm9q3gva53gm9vg6jg8f5vff5; us_session_id=P26301; _ga_DDD7EKFG6W=GS1.1.1713497823.1.0.1713497824.0.0.0; _ga=GA1.1.1452574386.1713497824
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 19 Apr 2024 03:37:04 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.0.33
Last-Modified: Fri, 19 Jan 2018 09:15:00 GMT
Accept-Ranges: bytes
Content-Length: 1250
Cache-Control: max-age=2592000, public
Expires: Sun, 19 May 2024 03:37:04 GMT
Connection: close
Content-Type: image/png

nguonphimc.com/themes/np/images/bottomNavON.png

94.242.50.163

200 OK

1.3 kB

URL GET HTTP/1.1
nguonphimc.com/themes/np/images/bottomNavON.png
IP
94.242.50.163:80
ASN
#43317 SIA VEESP

Requested by
http://nguonphimc.com/xem-phim/vuong-quoc-cua-gio-f43859-15c-e533613.html

File type
PNG image data, 13 x 13, 8-bit/color RGBA, non-interlaced
Size
1.3 kB (1334 bytes)
Hash
0703045e13e1ab8508a2273cbe71d5d6
c2d2f79bb3758de5722cddd94eaf4701078b4d71
698cc5f19fb8e30c2a9d8471e81637cb26e8fcd67a55bfffc9ca651a0c45e90f

HTTP Headers

GET /themes/np/images/bottomNavON.png HTTP/1.1
Host: nguonphimc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://nguonphimc.com/themes/np/css/color.css?v=np2.4.8.2
Cookie: PHPSESSID=tfm9q3gva53gm9vg6jg8f5vff5; us_session_id=P26301; _ga_DDD7EKFG6W=GS1.1.1713497823.1.0.1713497824.0.0.0; _ga=GA1.1.1452574386.1713497824
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 19 Apr 2024 03:37:04 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.0.33
Last-Modified: Fri, 19 Jan 2018 09:15:00 GMT
Accept-Ranges: bytes
Content-Length: 1334
Cache-Control: max-age=2592000, public
Expires: Sun, 19 May 2024 03:37:04 GMT
Connection: close
Content-Type: image/png

nguonphimc.com/site/chatbot/refresh/

94.242.50.163

200 OK

260 B

URL POST HTTP/1.1
nguonphimc.com/site/chatbot/refresh/
IP
94.242.50.163:80
ASN
#43317 SIA VEESP

Requested by
http://nguonphimc.com/xem-phim/vuong-quoc-cua-gio-f43859-15c-e533613.html

File type
JSON text data
Size
260 B (260 bytes)
Hash
ba0683de7607ad624fb4cecda80e9bc1
674cb63ed78bcbd018343354b0ae42e9c43d2ee1
83db877ee449fa874aaaf8896bc642c25fc2f6e8c0179b6d4d59a2c0c9cdfce1

HTTP Headers

POST /site/chatbot/refresh/ HTTP/1.1
Host: nguonphimc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
X-Requested-With: XMLHttpRequest
Content-Length: 16
Origin: http://nguonphimc.com
DNT: 1
Connection: keep-alive
Referer: http://nguonphimc.com/xem-phim/vuong-quoc-cua-gio-f43859-15c-e533613.html
Cookie: PHPSESSID=tfm9q3gva53gm9vg6jg8f5vff5; us_session_id=P26301; _ga_DDD7EKFG6W=GS1.1.1713497823.1.0.1713497824.0.0.0; _ga=GA1.1.1452574386.1713497824
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 19 Apr 2024 03:37:04 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.0.33
X-Powered-By: PHP/7.0.33
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: Accept-Encoding
Content-Encoding: gzip
X-UA-Compatible: IE=edge,chrome=1
Content-Length: 260
Connection: close
Content-Type: text/html; charset=UTF-8

m3.nguonphim.net/media/images/1/favi/favicon-1498701606.png

94.242.50.163

200 OK

18 kB

URL GET HTTP/1.1
m3.nguonphim.net/media/images/1/favi/favicon-1498701606.png
IP
94.242.50.163:80
ASN
#43317 SIA VEESP

Requested by
http://nguonphimc.com/xem-phim/vuong-quoc-cua-gio-f43859-15c-e533613.html

File type
PNG image data, 46 x 48, 8-bit/color RGBA, non-interlaced
Size
18 kB (17873 bytes)
Hash
e6f4a93efe2d93e885abcbb4cc09cd4a
e4f94b9e95b40e30b215228316bb7f8c48d08ed2
93b7bbea433aa41f6efb860d3d9777d363f9e64fc1ad4186cd9ef525bbee9c94

HTTP Headers

GET /media/images/1/favi/favicon-1498701606.png HTTP/1.1
Host: m3.nguonphim.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://nguonphimc.com/
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 19 Apr 2024 03:37:04 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.0.33
Last-Modified: Wed, 05 Jul 2017 04:14:59 GMT
ETag: "45d1-5538a3e52eb40"
Accept-Ranges: bytes
Content-Length: 17873
Cache-Control: max-age=5184000, public
Expires: Tue, 18 Jun 2024 03:37:04 GMT
Access-Control-Allow-Origin: *
Connection: close
Content-Type: image/png

nguonphimc.com/xem-phim/vuong-quoc-cua-gio-f43859-15c-e533613.html

94.242.50.163

200 OK

510 B

URL User Request GET HTTP/1.1
nguonphimc.com/xem-phim/vuong-quoc-cua-gio-f43859-15c-e533613.html
IP
94.242.50.163:80
ASN
#43317 SIA VEESP

File type
JSON text data
Size
510 B (510 bytes)
Hash
7cd870235075b44f433078b2588d9430
52f8fc693619c8e63b0d8b06a3129e84cfc4cbc0
5d01fa6b291671faf62493c2d38ca21c2421374d9dba4023e30367ed11e15b9e

HTTP Headers

POST /xem-phim/vuong-quoc-cua-gio-f43859-15c-e533613.html HTTP/1.1
Host: nguonphimc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
X-Requested-With: XMLHttpRequest
Content-Length: 67
Origin: http://nguonphimc.com
DNT: 1
Connection: keep-alive
Referer: http://nguonphimc.com/xem-phim/vuong-quoc-cua-gio-f43859-15c-e533613.html
Cookie: PHPSESSID=tfm9q3gva53gm9vg6jg8f5vff5; us_session_id=P26301; _ga_DDD7EKFG6W=GS1.1.1713497823.1.0.1713497824.0.0.0; _ga=GA1.1.1452574386.1713497824; dom3ic8zudi28v8lr6fgphwffqoz0j6c=f91793d4-a15a-47d5-9c49-e930848ebbad%3A1%3A1
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 19 Apr 2024 03:37:04 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.0.33
X-Powered-By: PHP/7.0.33
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: Accept-Encoding
Content-Encoding: gzip
X-UA-Compatible: IE=edge,chrome=1
Content-Length: 510
Connection: close
Content-Type: text/html; charset=UTF-8

pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

142.250.74.66

200 OK

51 kB

URL GET HTTP/2
pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
IP
142.250.74.66:443
ASN
#15169 GOOGLE

Requested by
http://nguonphimc.com/xem-phim/vuong-quoc-cua-gio-f43859-15c-e533613.html
Certificate
IssuerGoogle Trust Services LLC
Subject*.g.doubleclick.net
FingerprintED:0D:E8:DC:2E:0E:7D:5F:CB:BE:43:7B:C7:CB:BF:BC:B7:E5:FC:1E
ValidityMon, 04 Mar 2024 06:35:32 GMT - Mon, 27 May 2024 06:35:31 GMT

File type
JavaScript source, ASCII text, with very long lines (3920)
Size
51 kB (50759 bytes)
Hash
fbfe3b437444cf482f18e188b39c8bd1
59c7f4c648d5c0a36600f72c83249c18a6377a3f
83d81d9834fd9ed8bcf09b69aaa501ecb6e7ed15b50bcb4853e024e1ad9998b3

HTTP Headers

GET /pagead/js/adsbygoogle.js HTTP/1.1
Host: pagead2.googlesyndication.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://nguonphimc.com/
Origin: http://nguonphimc.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
link: <https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
vary: Accept-Encoding
date: Fri, 19 Apr 2024 03:37:04 GMT
expires: Fri, 19 Apr 2024 03:37:04 GMT
cache-control: private, max-age=3600, stale-while-revalidate=3600
content-type: text/javascript; charset=UTF-8
etag: 8552374281835639210
access-control-allow-origin: *
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 50759
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

142.250.74.131

200 OK

15 kB

URL GET HTTP/3
fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
IP
142.250.74.131:443
ASN
#15169 GOOGLE

Requested by
https://fundingchoicesmessages.google.com/s/whitelist?hl=vi
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint8F:81:43:71:C4:F3:8C:FA:6D:EC:B4:5E:1F:58:71:AA:48:42:0E:E9
ValidityMon, 04 Mar 2024 07:16:39 GMT - Mon, 27 May 2024 07:16:38 GMT

File type
Web Open Font Format (Version 2), TrueType, length 15344, version 1.0
Size
15 kB (15344 bytes)
Hash
5d4aeb4e5f5ef754e307d7ffaef688bd
06db651cdf354c64a7383ea9c77024ef4fb4cef8
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

HTTP Headers

GET /s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Referer: https://fundingchoicesmessages.google.com/
Origin: https://fundingchoicesmessages.google.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15344
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 16 Apr 2024 06:43:51 GMT
expires: Wed, 16 Apr 2025 06:43:51 GMT
cache-control: public, max-age=31536000
age: 247993
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

142.250.74.131

200 OK

15 kB

URL GET HTTP/3
fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
IP
142.250.74.131:443
ASN
#15169 GOOGLE

Requested by
https://fundingchoicesmessages.google.com/s/whitelist?hl=vi
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint8F:81:43:71:C4:F3:8C:FA:6D:EC:B4:5E:1F:58:71:AA:48:42:0E:E9
ValidityMon, 04 Mar 2024 07:16:39 GMT - Mon, 27 May 2024 07:16:38 GMT

File type
Web Open Font Format (Version 2), TrueType, length 15436, version 1.0
Size
15 kB (15436 bytes)
Hash
037d830416495def72b7881024c14b7b
619389190b3cafafb5db94113990350acc8a0278
1d5b7c64458f4af91dcfee0354be47adde1f739b5aded03a7ab6068a1bb6ca97

HTTP Headers

GET /s/roboto/v18/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Referer: https://fundingchoicesmessages.google.com/
Origin: https://fundingchoicesmessages.google.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15436
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 16 Apr 2024 04:01:43 GMT
expires: Wed, 16 Apr 2025 04:01:43 GMT
cache-control: public, max-age=31536000
age: 257721
last-modified: Mon, 16 Oct 2017 17:33:12 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu7GxKOzY.woff2

142.250.74.131

200 OK

12 kB

URL GET HTTP/3
fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu7GxKOzY.woff2
IP
142.250.74.131:443
ASN
#15169 GOOGLE

Requested by
https://fundingchoicesmessages.google.com/s/whitelist?hl=vi
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint8F:81:43:71:C4:F3:8C:FA:6D:EC:B4:5E:1F:58:71:AA:48:42:0E:E9
ValidityMon, 04 Mar 2024 07:16:39 GMT - Mon, 27 May 2024 07:16:38 GMT

File type
Web Open Font Format (Version 2), TrueType, length 11936, version 1.0
Size
12 kB (11936 bytes)
Hash
15d8ede0a816bc7a9838207747c6620c
f6e2e75f1277c66e282553ae6a22661e51f472b8
dbb8f45730d91bffff8307cfdf7c82e67745d84cb6063a1f3880fadfad59c57d

HTTP Headers

GET /s/roboto/v18/KFOmCnqEu92Fr1Mu7GxKOzY.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Referer: https://fundingchoicesmessages.google.com/
Origin: https://fundingchoicesmessages.google.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 11936
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 16 Apr 2024 05:22:41 GMT
expires: Wed, 16 Apr 2025 05:22:41 GMT
cache-control: public, max-age=31536000
age: 252863
last-modified: Mon, 16 Oct 2017 17:33:01 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu7WxKOzY.woff2

142.250.74.131

200 OK

5.2 kB

URL GET HTTP/3
fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu7WxKOzY.woff2
IP
142.250.74.131:443
ASN
#15169 GOOGLE

Requested by
https://fundingchoicesmessages.google.com/s/whitelist?hl=vi
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint8F:81:43:71:C4:F3:8C:FA:6D:EC:B4:5E:1F:58:71:AA:48:42:0E:E9
ValidityMon, 04 Mar 2024 07:16:39 GMT - Mon, 27 May 2024 07:16:38 GMT

File type
Web Open Font Format (Version 2), TrueType, length 5224, version 1.0
Size
5.2 kB (5224 bytes)
Hash
a835084624425dacc5e188c6973c1594
1bef196929bffcabdc834c0deefda104eb7a3318
0dfa6a82824cf2be6bb8543de6ef56b87daae5dd63f9e68c88f02697f94af740

HTTP Headers

GET /s/roboto/v18/KFOmCnqEu92Fr1Mu7WxKOzY.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Referer: https://fundingchoicesmessages.google.com/
Origin: https://fundingchoicesmessages.google.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 5224
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 18 Apr 2024 17:53:44 GMT
expires: Fri, 18 Apr 2025 17:53:44 GMT
cache-control: public, max-age=31536000
age: 35000
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmWUlfCxc4EsA.woff2

142.250.74.131

200 OK

5.2 kB

URL GET HTTP/3
fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmWUlfCxc4EsA.woff2
IP
142.250.74.131:443
ASN
#15169 GOOGLE

Requested by
https://fundingchoicesmessages.google.com/s/whitelist?hl=vi
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint8F:81:43:71:C4:F3:8C:FA:6D:EC:B4:5E:1F:58:71:AA:48:42:0E:E9
ValidityMon, 04 Mar 2024 07:16:39 GMT - Mon, 27 May 2024 07:16:38 GMT

File type
Web Open Font Format (Version 2), TrueType, length 5164, version 1.0
Size
5.2 kB (5164 bytes)
Hash
e1d4c2969a3dd92f91fea51f652831ef
ff3be3617b93fca22d758f43920abfa313337bc2
570d2dc2ce988d8ae09147ee2eca5ec53f8d5f036e84e3212bf03503374054e5

HTTP Headers

GET /s/roboto/v18/KFOlCnqEu92Fr1MmWUlfCxc4EsA.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Referer: https://fundingchoicesmessages.google.com/
Origin: https://fundingchoicesmessages.google.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 5164
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 16 Apr 2024 12:26:13 GMT
expires: Wed, 16 Apr 2025 12:26:13 GMT
cache-control: public, max-age=31536000
age: 227451
last-modified: Mon, 16 Oct 2017 17:33:09 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

142.250.74.131

200 OK

16 kB

URL GET HTTP/3
fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
IP
142.250.74.131:443
ASN
#15169 GOOGLE

Requested by
https://fundingchoicesmessages.google.com/s/whitelist?hl=vi
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint8F:81:43:71:C4:F3:8C:FA:6D:EC:B4:5E:1F:58:71:AA:48:42:0E:E9
ValidityMon, 04 Mar 2024 07:16:39 GMT - Mon, 27 May 2024 07:16:38 GMT

File type
Web Open Font Format (Version 2), TrueType, length 15552, version 1.0
Size
16 kB (15552 bytes)
Hash
285467176f7fe6bb6a9c6873b3dad2cc
ea04e4ff5142ddd69307c183def721a160e0a64e
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7

HTTP Headers

GET /s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Referer: https://fundingchoicesmessages.google.com/
Origin: https://fundingchoicesmessages.google.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15552
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 15 Apr 2024 22:10:11 GMT
expires: Tue, 15 Apr 2025 22:10:11 GMT
cache-control: public, max-age=31536000
age: 278813
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fCxc4EsA.woff2

142.250.74.131

200 OK

5.3 kB

URL GET HTTP/3
fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fCxc4EsA.woff2
IP
142.250.74.131:443
ASN
#15169 GOOGLE

Requested by
https://fundingchoicesmessages.google.com/s/whitelist?hl=vi
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint8F:81:43:71:C4:F3:8C:FA:6D:EC:B4:5E:1F:58:71:AA:48:42:0E:E9
ValidityMon, 04 Mar 2024 07:16:39 GMT - Mon, 27 May 2024 07:16:38 GMT

File type
Web Open Font Format (Version 2), TrueType, length 5284, version 1.0
Size
5.3 kB (5284 bytes)
Hash
6bef514048228359f2f8f5e0235f8599
318cb182661d72332dc8a8316d2e6df0332756c4
135d563a494b1f8e6196278b7f597258a563f1438f5953c6fbef106070f66ec8

HTTP Headers

GET /s/roboto/v18/KFOlCnqEu92Fr1MmEU9fCxc4EsA.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Referer: https://fundingchoicesmessages.google.com/
Origin: https://fundingchoicesmessages.google.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 5284
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 16 Apr 2024 01:54:26 GMT
expires: Wed, 16 Apr 2025 01:54:26 GMT
cache-control: public, max-age=31536000
age: 265358
last-modified: Mon, 16 Oct 2017 17:32:49 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

fonts.gstatic.com/s/materialiconsextended/v151/kJEjBvgX7BgnkSrUwT8UnLVc38YydejYY-oE_LvJ.woff2

142.250.74.131

200 OK

163 kB

URL GET HTTP/3
fonts.gstatic.com/s/materialiconsextended/v151/kJEjBvgX7BgnkSrUwT8UnLVc38YydejYY-oE_LvJ.woff2
IP
142.250.74.131:443
ASN
#15169 GOOGLE

Requested by
https://fundingchoicesmessages.google.com/s/whitelist?hl=vi
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint8F:81:43:71:C4:F3:8C:FA:6D:EC:B4:5E:1F:58:71:AA:48:42:0E:E9
ValidityMon, 04 Mar 2024 07:16:39 GMT - Mon, 27 May 2024 07:16:38 GMT

File type
Web Open Font Format (Version 2), TrueType, length 162924, version 1.0
Size
163 kB (162924 bytes)
Hash
7f2e1b48b71ec58fda4539018a2f56cc
507bf81f52fa8c99bf2c5c8bd59a981899ca9995
7f80c4c91054b3d6c80721939242c2d4f68f15e41f251e12641f695d78eb2f35

HTTP Headers

GET /s/materialiconsextended/v151/kJEjBvgX7BgnkSrUwT8UnLVc38YydejYY-oE_LvJ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Referer: https://fundingchoicesmessages.google.com/
Origin: https://fundingchoicesmessages.google.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 162924
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 16 Apr 2024 15:10:32 GMT
expires: Wed, 16 Apr 2025 15:10:32 GMT
cache-control: public, max-age=31536000
age: 217592
last-modified: Mon, 08 Apr 2024 19:05:11 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

www.gstatic.com/_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingAdwallUi.vi.pWvgqKnqE8Y.es5.O/am=gKEb/d=1/excm=_b,_tp,allowadsview/ed=1/dg=0/wt=2/ujg=1/rs=AJlcJMyk_vGx5h43VSCi6ky069QGFQvtIA/m=_b,_tp

142.250.74.35

200 OK

56 kB

URL GET HTTP/2
www.gstatic.com/_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingAdwallUi.vi.pWvgqKnqE8Y.es5.O/am=gKEb/d=1/excm=_b,_tp,allowadsview/ed=1/dg=0/wt=2/ujg=1/rs=AJlcJMyk_vGx5h43VSCi6ky069QGFQvtIA/m=_b,_tp
IP
142.250.74.35:443
ASN
#15169 GOOGLE

Requested by
https://fundingchoicesmessages.google.com/s/whitelist?hl=vi
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint8F:81:43:71:C4:F3:8C:FA:6D:EC:B4:5E:1F:58:71:AA:48:42:0E:E9
ValidityMon, 04 Mar 2024 07:16:39 GMT - Mon, 27 May 2024 07:16:38 GMT

File type
JavaScript source, ASCII text, with very long lines (2331)
Size
56 kB (55653 bytes)
Hash
65e864be75ee444565658d67774b0c54
7f0f29fd4bb9ca93150b786e4f48f5c2f8bca773
db02c8b4797a18ccbe137c9fc2de340c332ff76454cfd1aaa1e8545766b8ba8f

HTTP Headers

GET /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingAdwallUi.vi.pWvgqKnqE8Y.es5.O/am=gKEb/d=1/excm=_b,_tp,allowadsview/ed=1/dg=0/wt=2/ujg=1/rs=AJlcJMyk_vGx5h43VSCi6ky069QGFQvtIA/m=_b,_tp HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://fundingchoicesmessages.google.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/content-ads-contributor-boq-js-css-signers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="boq-infra/content-ads-contributor-boq-js-css-signers"
report-to: {"group":"boq-infra/content-ads-contributor-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/content-ads-contributor-boq-js-css-signers"}]}
content-length: 55653
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 18 Apr 2024 15:17:07 GMT
expires: Fri, 18 Apr 2025 15:17:07 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Wed, 17 Apr 2024 21:34:52 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
age: 44397
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

grab.nguonphimc.com/embed/vuong-quoc-cua-gio-f43859.html?api=nguonphimc.com&esp=533613&aesp=15c&user=P26301&tim=1713497824&key=rlennKOWVW9kamdkZ25qa2hlX1eoppujkp6XVXBhsA

94.242.50.163

200 OK

3.6 kB

URL GET HTTP/1.1
grab.nguonphimc.com/embed/vuong-quoc-cua-gio-f43859.html?api=nguonphimc.com&esp=533613&aesp=15c&user=P26301&tim=1713497824&key=rlennKOWVW9kamdkZ25qa2hlX1eoppujkp6XVXBhsA
IP
94.242.50.163:80
ASN
#43317 SIA VEESP

Requested by
http://nguonphimc.com/xem-phim/vuong-quoc-cua-gio-f43859-15c-e533613.html

File type
HTML document, Unicode text, UTF-8 text, with CRLF, LF line terminators
Size
3.6 kB (3641 bytes)
Hash
318ab7398087471aee2fa4fbc337ad61
300e47f0156aa21d063005cd87059513072ac740
290695371ec91369efc2173efc557baf376cc15d5641773444f119cdb2647cec

HTTP Headers

GET /embed/vuong-quoc-cua-gio-f43859.html?api=nguonphimc.com&esp=533613&aesp=15c&user=P26301&tim=1713497824&key=rlennKOWVW9kamdkZ25qa2hlX1eoppujkp6XVXBhsA HTTP/1.1
Host: grab.nguonphimc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://nguonphimc.com/
Cookie: _ga_DDD7EKFG6W=GS1.1.1713497823.1.0.1713497824.0.0.0; _ga=GA1.1.1452574386.1713497824
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 19 Apr 2024 03:37:04 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.0.33
X-Powered-By: PHP/7.0.33
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Set-Cookie: PHPSESSID=ff7d3p0crk0tll82oqgvnlh673; path=/
us_session_id=P26313; expires=Sat, 20-Apr-2024 03:37:04 GMT; Max-Age=86400; path=/
Vary: Accept-Encoding
Content-Encoding: gzip
X-UA-Compatible: IE=edge,chrome=1
Content-Length: 3641
Connection: close
Content-Type: text/html; charset=UTF-8

grab.nguonphimc.com/js/main.min.js?v=2.4.8.2

94.242.50.163

200 OK

5.6 kB

URL GET HTTP/1.1
grab.nguonphimc.com/js/main.min.js?v=2.4.8.2
IP
94.242.50.163:80
ASN
#43317 SIA VEESP

Requested by
http://grab.nguonphimc.com/embed/vuong-quoc-cua-gio-f43859.html?api=nguonphimc.com&esp=533613&aesp=15c&user=P26301&tim=1713497824&key=rlennKOWVW9kamdkZ25qa2hlX1eoppujkp6XVXBhsA

File type
JavaScript source, Unicode text, UTF-8 text, with very long lines (17159)
Size
5.6 kB (5620 bytes)
Hash
2f3514d630f0195787c0f99778202f3c
2ce2883a59c655b8e02d644a1449fcdfdf604486
23b47b8eb144a359fdd87940db44e0420e7e0062f3cbba762e0e22c35afb3749

HTTP Headers

GET /js/main.min.js?v=2.4.8.2 HTTP/1.1
Host: grab.nguonphimc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://grab.nguonphimc.com/embed/vuong-quoc-cua-gio-f43859.html?api=nguonphimc.com&esp=533613&aesp=15c&user=P26301&tim=1713497824&key=rlennKOWVW9kamdkZ25qa2hlX1eoppujkp6XVXBhsA
Cookie: _ga_DDD7EKFG6W=GS1.1.1713497823.1.0.1713497824.0.0.0; _ga=GA1.1.1452574386.1713497824; PHPSESSID=ff7d3p0crk0tll82oqgvnlh673; us_session_id=P26313
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 19 Apr 2024 03:37:05 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.0.33
Last-Modified: Sat, 02 May 2020 19:55:57 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: max-age=31536000, proxy-revalidate
Expires: Sat, 19 Apr 2025 03:37:05 GMT
Content-Length: 5620
Connection: close
Content-Type: application/javascript; charset=utf-8

grab.nguonphimc.com/assets/3bd14e95/jquery.min.js

94.242.50.163

200 OK

34 kB

URL GET HTTP/1.1
grab.nguonphimc.com/assets/3bd14e95/jquery.min.js
IP
94.242.50.163:80
ASN
#43317 SIA VEESP

Requested by
http://grab.nguonphimc.com/embed/vuong-quoc-cua-gio-f43859.html?api=nguonphimc.com&esp=533613&aesp=15c&user=P26301&tim=1713497824&key=rlennKOWVW9kamdkZ25qa2hlX1eoppujkp6XVXBhsA

File type
JavaScript source, ASCII text, with very long lines (32077)
Size
34 kB (33693 bytes)
Hash
0fca26b5a37a66d68d0f4406976be4b5
ee000eb654b3bd37185665d3901e93b34ce1aa52
8c2812ded6436715279f8fd8db58de307aa39ab0296fe3cf0e879067c51e9b18

HTTP Headers

GET /assets/3bd14e95/jquery.min.js HTTP/1.1
Host: grab.nguonphimc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://grab.nguonphimc.com/embed/vuong-quoc-cua-gio-f43859.html?api=nguonphimc.com&esp=533613&aesp=15c&user=P26301&tim=1713497824&key=rlennKOWVW9kamdkZ25qa2hlX1eoppujkp6XVXBhsA
Cookie: _ga_DDD7EKFG6W=GS1.1.1713497823.1.0.1713497824.0.0.0; _ga=GA1.1.1452574386.1713497824; PHPSESSID=ff7d3p0crk0tll82oqgvnlh673; us_session_id=P26313
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 19 Apr 2024 03:37:05 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.0.33
Last-Modified: Wed, 30 Nov 2022 09:07:34 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: max-age=31536000, proxy-revalidate
Expires: Sat, 19 Apr 2025 03:37:05 GMT
Content-Length: 33693
Connection: close
Content-Type: application/javascript; charset=utf-8

www.gstatic.com/_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingAdwallUi.vi.pWvgqKnqE8Y.es5.O/ck=boq-content-ads-contributor.ContributorServingAdwallUi.payteTO1wl8.L.F4.O/am=gKEb/d=1/exm=_b,_tp/excm=_b,_tp,allowadsview/ed=1/wt=2/ujg=1/rs=AJlcJMzSUfO5Mm9PUNsFdowDQWxkjdegOQ/ee=EmZ2Bf:zr1jrb;JsbNhc:Xd8iUd;LBgRLc:XVMNvd;NPKaK:PVlQOd;SNUn3:ZwDk9d;cEt90b:ws9Tlc;dIoSBb:SpsfSb;eBAeSb:zbML3c;iFQyKf:vfuNJf;nAFL3:NTMZac;oGtAuc:sOXFj;qddgKe:xQtZb;wR5FRb:siKnQd;yxTchf:KUM7Z/m=BWd0oe

142.250.74.35

200 OK

15 kB

URL GET HTTP/3
www.gstatic.com/_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingAdwallUi.vi.pWvgqKnqE8Y.es5.O/ck=boq-content-ads-contributor.ContributorServingAdwallUi.payteTO1wl8.L.F4.O/am=gKEb/d=1/exm=_b,_tp/excm=_b,_tp,allowadsview/ed=1/wt=2/ujg=1/rs=AJlcJMzSUfO5Mm9PUNsFdowDQWxkjdegOQ/ee=EmZ2Bf:zr1jrb;JsbNhc:Xd8iUd;LBgRLc:XVMNvd;NPKaK:PVlQOd;SNUn3:ZwDk9d;cEt90b:ws9Tlc;dIoSBb:SpsfSb;eBAeSb:zbML3c;iFQyKf:vfuNJf;nAFL3:NTMZac;oGtAuc:sOXFj;qddgKe:xQtZb;wR5FRb:siKnQd;yxTchf:KUM7Z/m=BWd0oe
IP
142.250.74.35:443
ASN
#15169 GOOGLE

Requested by
https://fundingchoicesmessages.google.com/s/whitelist?hl=vi
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint8F:81:43:71:C4:F3:8C:FA:6D:EC:B4:5E:1F:58:71:AA:48:42:0E:E9
ValidityMon, 04 Mar 2024 07:16:39 GMT - Mon, 27 May 2024 07:16:38 GMT

File type
JavaScript source, ASCII text, with very long lines (1424)
Size
15 kB (15156 bytes)
Hash
124ba95b2ec12aff22f988c42b14d353
e506202fff14601dba2b44d807b1319968bb3216
50aff2092ce10805752997b823e0bb7490112ff66b9f2d00eaa8b6cada98a873

HTTP Headers

GET /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingAdwallUi.vi.pWvgqKnqE8Y.es5.O/ck=boq-content-ads-contributor.ContributorServingAdwallUi.payteTO1wl8.L.F4.O/am=gKEb/d=1/exm=_b,_tp/excm=_b,_tp,allowadsview/ed=1/wt=2/ujg=1/rs=AJlcJMzSUfO5Mm9PUNsFdowDQWxkjdegOQ/ee=EmZ2Bf:zr1jrb;JsbNhc:Xd8iUd;LBgRLc:XVMNvd;NPKaK:PVlQOd;SNUn3:ZwDk9d;cEt90b:ws9Tlc;dIoSBb:SpsfSb;eBAeSb:zbML3c;iFQyKf:vfuNJf;nAFL3:NTMZac;oGtAuc:sOXFj;qddgKe:xQtZb;wR5FRb:siKnQd;yxTchf:KUM7Z/m=BWd0oe HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://fundingchoicesmessages.google.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/content-ads-contributor-boq-js-css-signers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="boq-infra/content-ads-contributor-boq-js-css-signers"
report-to: {"group":"boq-infra/content-ads-contributor-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/content-ads-contributor-boq-js-css-signers"}]}
content-length: 15156
date: Fri, 19 Apr 2024 03:37:05 GMT
expires: Sat, 19 Apr 2025 03:37:05 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Sun, 14 Apr 2024 07:33:00 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

grab.nguonphimc.com/assets/b2993a05/jwplayer.js?ver=2.4.8.2

94.242.50.163

200 OK

39 kB

URL GET HTTP/1.1
grab.nguonphimc.com/assets/b2993a05/jwplayer.js?ver=2.4.8.2
IP
94.242.50.163:80
ASN
#43317 SIA VEESP

Requested by
http://grab.nguonphimc.com/embed/vuong-quoc-cua-gio-f43859.html?api=nguonphimc.com&esp=533613&aesp=15c&user=P26301&tim=1713497824&key=rlennKOWVW9kamdkZ25qa2hlX1eoppujkp6XVXBhsA

File type
JavaScript source, Unicode text, UTF-8 text, with very long lines (65140)
Size
39 kB (39208 bytes)
Hash
637800d55d2ac43cd3c4a864fac04661
bfb57b2bbe30a271e945e5d36027d69fb01b24cf
2aac7ee38577a71b8f0ec381c7836fc29274407517b9038e879fa762651dc5fc

HTTP Headers

GET /assets/b2993a05/jwplayer.js?ver=2.4.8.2 HTTP/1.1
Host: grab.nguonphimc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://grab.nguonphimc.com/embed/vuong-quoc-cua-gio-f43859.html?api=nguonphimc.com&esp=533613&aesp=15c&user=P26301&tim=1713497824&key=rlennKOWVW9kamdkZ25qa2hlX1eoppujkp6XVXBhsA
Cookie: _ga_DDD7EKFG6W=GS1.1.1713497823.1.0.1713497824.0.0.0; _ga=GA1.1.1452574386.1713497824; PHPSESSID=ff7d3p0crk0tll82oqgvnlh673; us_session_id=P26313
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 19 Apr 2024 03:37:05 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.0.33
Last-Modified: Wed, 30 Nov 2022 09:07:45 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: max-age=31536000, proxy-revalidate
Expires: Sat, 19 Apr 2025 03:37:05 GMT
Content-Length: 39208
Connection: close
Content-Type: application/javascript; charset=utf-8

grab.nguonphimc.com/themes/np/css/color.css?v=2.4.8.2

94.242.50.163

200 OK

80 kB

URL GET HTTP/1.1
grab.nguonphimc.com/themes/np/css/color.css?v=2.4.8.2
IP
94.242.50.163:80
ASN
#43317 SIA VEESP

Requested by
http://grab.nguonphimc.com/embed/vuong-quoc-cua-gio-f43859.html?api=nguonphimc.com&esp=533613&aesp=15c&user=P26301&tim=1713497824&key=rlennKOWVW9kamdkZ25qa2hlX1eoppujkp6XVXBhsA

File type
Unicode text, UTF-8 (with BOM) text, with very long lines (65533), with no line terminators
Size
80 kB (80132 bytes)
Hash
9ccfae82c1f9be3cf7c148a39228f53c
9abd7857d28f34c5007b11ee53d2818482775163
d962cf8c297e2b013c20dadac3f99d1af50957de8e1d1de8b4ea960fbd6fd7b6

HTTP Headers

GET /themes/np/css/color.css?v=2.4.8.2 HTTP/1.1
Host: grab.nguonphimc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://grab.nguonphimc.com/embed/vuong-quoc-cua-gio-f43859.html?api=nguonphimc.com&esp=533613&aesp=15c&user=P26301&tim=1713497824&key=rlennKOWVW9kamdkZ25qa2hlX1eoppujkp6XVXBhsA
Cookie: _ga_DDD7EKFG6W=GS1.1.1713497823.1.0.1713497824.0.0.0; _ga=GA1.1.1452574386.1713497824; PHPSESSID=ff7d3p0crk0tll82oqgvnlh673; us_session_id=P26313
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 19 Apr 2024 03:37:05 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.0.33
Last-Modified: Wed, 30 Nov 2022 08:58:35 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: max-age=31536000, proxy-revalidate
Expires: Sat, 19 Apr 2025 03:37:05 GMT
Connection: close
Transfer-Encoding: chunked
Content-Type: text/css; charset=utf-8

www.gstatic.com/fundingchoices/allowads/blockers/firefox/uo_icon-1.svg

142.250.74.35

200 OK

1.3 kB

URL GET HTTP/3
www.gstatic.com/fundingchoices/allowads/blockers/firefox/uo_icon-1.svg
IP
142.250.74.35:443
ASN
#15169 GOOGLE

Requested by
https://fundingchoicesmessages.google.com/s/whitelist?hl=vi
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint8F:81:43:71:C4:F3:8C:FA:6D:EC:B4:5E:1F:58:71:AA:48:42:0E:E9
ValidityMon, 04 Mar 2024 07:16:39 GMT - Mon, 27 May 2024 07:16:38 GMT

File type
SVG Scalable Vector Graphics image
Size
1.3 kB (1258 bytes)
Hash
9d378dcff1b89001c348f1df4564ba48
d81c2c163657754563fcd33b793dc36cd6b3a21e
f194962656d2b52acaba476410973194ffc377f15f8710a25b7fbee9fd99a2df

HTTP Headers

GET /fundingchoices/allowads/blockers/firefox/uo_icon-1.svg HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://fundingchoicesmessages.google.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
content-encoding: br
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-length: 1258
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 18 Apr 2024 17:42:16 GMT
expires: Fri, 18 Apr 2025 17:42:16 GMT
cache-control: public, max-age=31536000
age: 35689
last-modified: Thu, 30 Dec 2021 12:48:00 GMT
content-type: image/svg+xml
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

www.gstatic.com/fundingchoices/allowads/blockers/firefox/uo_refresh_icon-1.svg

142.250.74.35

200 OK

1.5 kB

URL GET HTTP/3
www.gstatic.com/fundingchoices/allowads/blockers/firefox/uo_refresh_icon-1.svg
IP
142.250.74.35:443
ASN
#15169 GOOGLE

Requested by
https://fundingchoicesmessages.google.com/s/whitelist?hl=vi
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint8F:81:43:71:C4:F3:8C:FA:6D:EC:B4:5E:1F:58:71:AA:48:42:0E:E9
ValidityMon, 04 Mar 2024 07:16:39 GMT - Mon, 27 May 2024 07:16:38 GMT

File type
SVG Scalable Vector Graphics image
Size
1.5 kB (1492 bytes)
Hash
606c949e5f626ea9a5a1a1a346209c59
f7700e18535dbb3108d50acbcd6f4f18a533843b
bc6e55b647b6656e06c02477e957a9ab8dd2164058f8046bf2c5522a219b7e98

HTTP Headers

GET /fundingchoices/allowads/blockers/firefox/uo_refresh_icon-1.svg HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://fundingchoicesmessages.google.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
content-encoding: br
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-length: 1492
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 18 Apr 2024 17:33:37 GMT
expires: Fri, 18 Apr 2025 17:33:37 GMT
cache-control: public, max-age=31536000
age: 36208
last-modified: Tue, 19 Oct 2021 16:18:00 GMT
content-type: image/svg+xml
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

www.gstatic.com/fundingchoices/allowads/blockers/firefox/uo_allowads_icon-1.png

142.250.74.35

200 OK

1.1 kB

URL GET HTTP/3
www.gstatic.com/fundingchoices/allowads/blockers/firefox/uo_allowads_icon-1.png
IP
142.250.74.35:443
ASN
#15169 GOOGLE

Requested by
https://fundingchoicesmessages.google.com/s/whitelist?hl=vi
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint8F:81:43:71:C4:F3:8C:FA:6D:EC:B4:5E:1F:58:71:AA:48:42:0E:E9
ValidityMon, 04 Mar 2024 07:16:39 GMT - Mon, 27 May 2024 07:16:38 GMT

File type
PNG image data, 117 x 127, 8-bit colormap, non-interlaced
Size
1.1 kB (1071 bytes)
Hash
975c9f127c385e3699795a74098872d8
a83d8ebdda4fc135a66de267850c9f573a52b9fe
5caf71572cd2c4167c04a6ecef78d7b407e460b0517c9b11df5cc0c0b9a0d320

HTTP Headers

GET /fundingchoices/allowads/blockers/firefox/uo_allowads_icon-1.png HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://fundingchoicesmessages.google.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-length: 1071
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 18 Apr 2024 17:28:24 GMT
expires: Fri, 18 Apr 2025 17:28:24 GMT
cache-control: public, max-age=31536000
age: 36521
last-modified: Thu, 20 Jul 2023 22:48:00 GMT
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

www.gstatic.com/fundingchoices/allowads/blockers/firefox/abp_icon-1.svg

142.250.74.35

200 OK

1.8 kB

URL GET HTTP/3
www.gstatic.com/fundingchoices/allowads/blockers/firefox/abp_icon-1.svg
IP
142.250.74.35:443
ASN
#15169 GOOGLE

Requested by
https://fundingchoicesmessages.google.com/s/whitelist?hl=vi
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint8F:81:43:71:C4:F3:8C:FA:6D:EC:B4:5E:1F:58:71:AA:48:42:0E:E9
ValidityMon, 04 Mar 2024 07:16:39 GMT - Mon, 27 May 2024 07:16:38 GMT

File type
SVG Scalable Vector Graphics image
Size
1.8 kB (1772 bytes)
Hash
32014d3c673c214354e3236b76047386
f01e5134d98ab4029bb6b7022b00516c9df35b37
bf72e9d16e37c6c685185dfc73478765de0cb102f34872cd90cc28b6a9ab3736

HTTP Headers

GET /fundingchoices/allowads/blockers/firefox/abp_icon-1.svg HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://fundingchoicesmessages.google.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
content-encoding: br
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-length: 1772
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 18 Apr 2024 03:19:24 GMT
expires: Fri, 18 Apr 2025 03:19:24 GMT
cache-control: public, max-age=31536000
age: 87461
last-modified: Thu, 20 Jul 2023 22:48:00 GMT
content-type: image/svg+xml
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

www.gstatic.com/fundingchoices/allowads/blockers/firefox/browser_uo-2.png

142.250.74.35

200 OK

7.2 kB

URL GET HTTP/3
www.gstatic.com/fundingchoices/allowads/blockers/firefox/browser_uo-2.png
IP
142.250.74.35:443
ASN
#15169 GOOGLE

Requested by
https://fundingchoicesmessages.google.com/s/whitelist?hl=vi
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint8F:81:43:71:C4:F3:8C:FA:6D:EC:B4:5E:1F:58:71:AA:48:42:0E:E9
ValidityMon, 04 Mar 2024 07:16:39 GMT - Mon, 27 May 2024 07:16:38 GMT

File type
PNG image data, 794 x 184, 8-bit colormap, non-interlaced
Size
7.2 kB (7205 bytes)
Hash
2ca4823b87ee46e5d7a641195cfde652
1d0b4aceb1b0276cbdffaa84facd66b5fe41c714
3d74f9a6b34a1f9936cf3fdcf33ec06f48b602a7202396dcc3aef424a54e5413

HTTP Headers

GET /fundingchoices/allowads/blockers/firefox/browser_uo-2.png HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://fundingchoicesmessages.google.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-length: 7205
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 18 Apr 2024 17:42:16 GMT
expires: Fri, 18 Apr 2025 17:42:16 GMT
cache-control: public, max-age=31536000
age: 35689
last-modified: Thu, 02 Nov 2023 22:48:00 GMT
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

www.gstatic.com/fundingchoices/allowads/blockers/firefox/abp_power_icon-1.svg

142.250.74.35

200 OK

731 B

URL GET HTTP/3
www.gstatic.com/fundingchoices/allowads/blockers/firefox/abp_power_icon-1.svg
IP
142.250.74.35:443
ASN
#15169 GOOGLE

Requested by
https://fundingchoicesmessages.google.com/s/whitelist?hl=vi
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint8F:81:43:71:C4:F3:8C:FA:6D:EC:B4:5E:1F:58:71:AA:48:42:0E:E9
ValidityMon, 04 Mar 2024 07:16:39 GMT - Mon, 27 May 2024 07:16:38 GMT

File type
SVG Scalable Vector Graphics image
Size
731 B (731 bytes)
Hash
c663022865c526afe63691faf0d14725
f1e821f6920fc1b9db40ccf35ed0f6fb54ea8592
56ff7605344ed5eb3a68f8edc6b048658ee714bdfed56d487cb1e1bb62eb24f8

HTTP Headers

GET /fundingchoices/allowads/blockers/firefox/abp_power_icon-1.svg HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://fundingchoicesmessages.google.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
content-encoding: br
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-length: 731
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 16 Apr 2024 09:59:27 GMT
expires: Wed, 16 Apr 2025 09:59:27 GMT
cache-control: public, max-age=31536000
age: 236258
last-modified: Thu, 02 Nov 2023 22:48:00 GMT
content-type: image/svg+xml
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

www.gstatic.com/fundingchoices/allowads/blockers/firefox/browser_abp-2.png

142.250.74.35

200 OK

7.4 kB

URL GET HTTP/3
www.gstatic.com/fundingchoices/allowads/blockers/firefox/browser_abp-2.png
IP
142.250.74.35:443
ASN
#15169 GOOGLE

Requested by
https://fundingchoicesmessages.google.com/s/whitelist?hl=vi
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint8F:81:43:71:C4:F3:8C:FA:6D:EC:B4:5E:1F:58:71:AA:48:42:0E:E9
ValidityMon, 04 Mar 2024 07:16:39 GMT - Mon, 27 May 2024 07:16:38 GMT

File type
PNG image data, 794 x 184, 8-bit colormap, non-interlaced
Size
7.4 kB (7390 bytes)
Hash
3d77be4b727c5ff097bcac7eb68c09f9
785be4dc822e6817dbc03b69246cd089436bf108
b77a4547e701c49192847e60735a7027f0910a0df2ccf6d6193dcf1e4a74f719

HTTP Headers

GET /fundingchoices/allowads/blockers/firefox/browser_abp-2.png HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://fundingchoicesmessages.google.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-length: 7390
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 15 Apr 2024 21:55:20 GMT
expires: Tue, 15 Apr 2025 21:55:20 GMT
cache-control: public, max-age=31536000
age: 279705
last-modified: Tue, 19 Oct 2021 16:18:00 GMT
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

www.gstatic.com/fundingchoices/allowads/blockers/firefox/browser_ab-2.png

142.250.74.35

200 OK

7.7 kB

URL GET HTTP/3
www.gstatic.com/fundingchoices/allowads/blockers/firefox/browser_ab-2.png
IP
142.250.74.35:443
ASN
#15169 GOOGLE

Requested by
https://fundingchoicesmessages.google.com/s/whitelist?hl=vi
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint8F:81:43:71:C4:F3:8C:FA:6D:EC:B4:5E:1F:58:71:AA:48:42:0E:E9
ValidityMon, 04 Mar 2024 07:16:39 GMT - Mon, 27 May 2024 07:16:38 GMT

File type
PNG image data, 794 x 184, 8-bit colormap, non-interlaced
Size
7.7 kB (7688 bytes)
Hash
13a0bd1dcfc87f4f19579dc5b059af16
82aa8a7312d5023667edc1565962ddfdfb99a678
818af03e73fcb8964cc644383aa9a2ca4db0b1d8634fbdc9216d8a1d460aab6c

HTTP Headers

GET /fundingchoices/allowads/blockers/firefox/browser_ab-2.png HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://fundingchoicesmessages.google.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-length: 7688
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 15 Apr 2024 20:31:55 GMT
expires: Tue, 15 Apr 2025 20:31:55 GMT
cache-control: public, max-age=31536000
age: 284710
last-modified: Tue, 19 Oct 2021 16:18:00 GMT
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

www.gstatic.com/fundingchoices/allowads/blockers/firefox/ab_icon-1.svg

142.250.74.35

200 OK

15 kB

URL GET HTTP/3
www.gstatic.com/fundingchoices/allowads/blockers/firefox/ab_icon-1.svg
IP
142.250.74.35:443
ASN
#15169 GOOGLE

Requested by
https://fundingchoicesmessages.google.com/s/whitelist?hl=vi
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint8F:81:43:71:C4:F3:8C:FA:6D:EC:B4:5E:1F:58:71:AA:48:42:0E:E9
ValidityMon, 04 Mar 2024 07:16:39 GMT - Mon, 27 May 2024 07:16:38 GMT

File type
SVG Scalable Vector Graphics image
Size
15 kB (15403 bytes)
Hash
419033f4f0383492c93db1e6b5e7fa23
96584fdfb4d58c70fb1db6dfc128db296e5cf4e0
c75fbc4fd1beb52bbe64df89d8c402290f5b23bb518abbdd159a268aa0a5f782

HTTP Headers

GET /fundingchoices/allowads/blockers/firefox/ab_icon-1.svg HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://fundingchoicesmessages.google.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
content-encoding: br
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-length: 15403
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 18 Apr 2024 03:19:24 GMT
expires: Fri, 18 Apr 2025 03:19:24 GMT
cache-control: public, max-age=31536000
age: 87461
last-modified: Tue, 19 Oct 2021 16:18:00 GMT
content-type: image/svg+xml
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

www.gstatic.com/_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingAdwallUi.vi.pWvgqKnqE8Y.es5.O/ck=boq-content-ads-contributor.ContributorServingAdwallUi.payteTO1wl8.L.F4.O/am=gKEb/d=1/exm=BWd0oe,_b,_tp/excm=_b,_tp,allowadsview/ed=1/wt=2/ujg=1/rs=AJlcJMzSUfO5Mm9PUNsFdowDQWxkjdegOQ/ee=EmZ2Bf:zr1jrb;JsbNhc:Xd8iUd;LBgRLc:XVMNvd;NPKaK:PVlQOd;SNUn3:ZwDk9d;cEt90b:ws9Tlc;dIoSBb:SpsfSb;eBAeSb:zbML3c;iFQyKf:vfuNJf;nAFL3:NTMZac;oGtAuc:sOXFj;qddgKe:xQtZb;wR5FRb:siKnQd;yxTchf:KUM7Z/m=soHxf

142.250.74.35

200 OK

9.3 kB

URL GET HTTP/3
www.gstatic.com/_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingAdwallUi.vi.pWvgqKnqE8Y.es5.O/ck=boq-content-ads-contributor.ContributorServingAdwallUi.payteTO1wl8.L.F4.O/am=gKEb/d=1/exm=BWd0oe,_b,_tp/excm=_b,_tp,allowadsview/ed=1/wt=2/ujg=1/rs=AJlcJMzSUfO5Mm9PUNsFdowDQWxkjdegOQ/ee=EmZ2Bf:zr1jrb;JsbNhc:Xd8iUd;LBgRLc:XVMNvd;NPKaK:PVlQOd;SNUn3:ZwDk9d;cEt90b:ws9Tlc;dIoSBb:SpsfSb;eBAeSb:zbML3c;iFQyKf:vfuNJf;nAFL3:NTMZac;oGtAuc:sOXFj;qddgKe:xQtZb;wR5FRb:siKnQd;yxTchf:KUM7Z/m=soHxf
IP
142.250.74.35:443
ASN
#15169 GOOGLE

Requested by
https://fundingchoicesmessages.google.com/s/whitelist?hl=vi
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint8F:81:43:71:C4:F3:8C:FA:6D:EC:B4:5E:1F:58:71:AA:48:42:0E:E9
ValidityMon, 04 Mar 2024 07:16:39 GMT - Mon, 27 May 2024 07:16:38 GMT

File type
JavaScript source, ASCII text, with very long lines (1226)
Size
9.3 kB (9278 bytes)
Hash
0df69be878f840c3ece59615858c5009
65d903b30ab94d986ae198622811f39576d4da4c
b51d740f6556a23458f1715f7183de04394c359a5d5645175c914c880a7e0a16

HTTP Headers

GET /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingAdwallUi.vi.pWvgqKnqE8Y.es5.O/ck=boq-content-ads-contributor.ContributorServingAdwallUi.payteTO1wl8.L.F4.O/am=gKEb/d=1/exm=BWd0oe,_b,_tp/excm=_b,_tp,allowadsview/ed=1/wt=2/ujg=1/rs=AJlcJMzSUfO5Mm9PUNsFdowDQWxkjdegOQ/ee=EmZ2Bf:zr1jrb;JsbNhc:Xd8iUd;LBgRLc:XVMNvd;NPKaK:PVlQOd;SNUn3:ZwDk9d;cEt90b:ws9Tlc;dIoSBb:SpsfSb;eBAeSb:zbML3c;iFQyKf:vfuNJf;nAFL3:NTMZac;oGtAuc:sOXFj;qddgKe:xQtZb;wR5FRb:siKnQd;yxTchf:KUM7Z/m=soHxf HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://fundingchoicesmessages.google.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/content-ads-contributor-boq-js-css-signers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="boq-infra/content-ads-contributor-boq-js-css-signers"
report-to: {"group":"boq-infra/content-ads-contributor-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/content-ads-contributor-boq-js-css-signers"}]}
content-length: 9278
date: Fri, 19 Apr 2024 03:37:05 GMT
expires: Sat, 19 Apr 2025 03:37:05 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Sun, 14 Apr 2024 07:33:00 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

grab.nguonphimc.com/img/loading_film.gif

94.242.50.163

200 OK

1.9 kB

URL GET HTTP/1.1
grab.nguonphimc.com/img/loading_film.gif
IP
94.242.50.163:80
ASN
#43317 SIA VEESP

Requested by
http://grab.nguonphimc.com/embed/vuong-quoc-cua-gio-f43859.html?api=nguonphimc.com&esp=533613&aesp=15c&user=P26301&tim=1713497824&key=rlennKOWVW9kamdkZ25qa2hlX1eoppujkp6XVXBhsA

File type
GIF image data, version 89a, 34 x 34
Size
1.9 kB (1924 bytes)
Hash
b9d35ba13f16629ec47d785d61d2204c
680ccabf459357685db0c404f4ef23543e735729
43b3f6a202a86e29f40d8a102cf62565fcdc07cebb55185f13eb86b0fbc8c5e6

HTTP Headers

GET /img/loading_film.gif HTTP/1.1
Host: grab.nguonphimc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://grab.nguonphimc.com/embed/vuong-quoc-cua-gio-f43859.html?api=nguonphimc.com&esp=533613&aesp=15c&user=P26301&tim=1713497824&key=rlennKOWVW9kamdkZ25qa2hlX1eoppujkp6XVXBhsA
Cookie: _ga_DDD7EKFG6W=GS1.1.1713497823.1.0.1713497824.0.0.0; _ga=GA1.1.1452574386.1713497824; PHPSESSID=ff7d3p0crk0tll82oqgvnlh673; us_session_id=P26313
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 19 Apr 2024 03:37:05 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.0.33
Last-Modified: Mon, 25 Dec 2017 07:17:53 GMT
Accept-Ranges: bytes
Content-Length: 1924
Cache-Control: max-age=2592000, public
Expires: Sun, 19 May 2024 03:37:05 GMT
Connection: close
Content-Type: image/gif

www.gstatic.com/_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingAdwallUi.vi.pWvgqKnqE8Y.es5.O/ck=boq-content-ads-contributor.ContributorServingAdwallUi.payteTO1wl8.L.F4.O/am=gKEb/d=1/exm=BWd0oe,_b,_tp,soHxf/excm=_b,_tp,allowadsview/ed=1/wt=2/ujg=1/rs=AJlcJMzSUfO5Mm9PUNsFdowDQWxkjdegOQ/ee=EmZ2Bf:zr1jrb;JsbNhc:Xd8iUd;LBgRLc:XVMNvd;NPKaK:PVlQOd;SNUn3:ZwDk9d;cEt90b:ws9Tlc;dIoSBb:SpsfSb;eBAeSb:zbML3c;iFQyKf:vfuNJf;nAFL3:NTMZac;oGtAuc:sOXFj;qddgKe:xQtZb;wR5FRb:siKnQd;yxTchf:KUM7Z/m=Wt6vjf,hhhU8,FCpbqb,ws9Tlc,WhJNk

142.250.74.35

200 OK

3.5 kB

URL GET HTTP/3
www.gstatic.com/_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingAdwallUi.vi.pWvgqKnqE8Y.es5.O/ck=boq-content-ads-contributor.ContributorServingAdwallUi.payteTO1wl8.L.F4.O/am=gKEb/d=1/exm=BWd0oe,_b,_tp,soHxf/excm=_b,_tp,allowadsview/ed=1/wt=2/ujg=1/rs=AJlcJMzSUfO5Mm9PUNsFdowDQWxkjdegOQ/ee=EmZ2Bf:zr1jrb;JsbNhc:Xd8iUd;LBgRLc:XVMNvd;NPKaK:PVlQOd;SNUn3:ZwDk9d;cEt90b:ws9Tlc;dIoSBb:SpsfSb;eBAeSb:zbML3c;iFQyKf:vfuNJf;nAFL3:NTMZac;oGtAuc:sOXFj;qddgKe:xQtZb;wR5FRb:siKnQd;yxTchf:KUM7Z/m=Wt6vjf,hhhU8,FCpbqb,ws9Tlc,WhJNk
IP
142.250.74.35:443
ASN
#15169 GOOGLE

Requested by
https://fundingchoicesmessages.google.com/s/whitelist?hl=vi
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint8F:81:43:71:C4:F3:8C:FA:6D:EC:B4:5E:1F:58:71:AA:48:42:0E:E9
ValidityMon, 04 Mar 2024 07:16:39 GMT - Mon, 27 May 2024 07:16:38 GMT

File type
JavaScript source, ASCII text, with very long lines (763)
Size
3.5 kB (3490 bytes)
Hash
ab1564f0dc81e3cdd5ded3cc022d6364
821fe2a008e172df73c12e0a3d2eb6da3c4cb717
872b63440dfdc5f5b4b42cddd6aa1ce863efcd72d3816e927dcd3cd65c2b06c3

HTTP Headers

GET /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingAdwallUi.vi.pWvgqKnqE8Y.es5.O/ck=boq-content-ads-contributor.ContributorServingAdwallUi.payteTO1wl8.L.F4.O/am=gKEb/d=1/exm=BWd0oe,_b,_tp,soHxf/excm=_b,_tp,allowadsview/ed=1/wt=2/ujg=1/rs=AJlcJMzSUfO5Mm9PUNsFdowDQWxkjdegOQ/ee=EmZ2Bf:zr1jrb;JsbNhc:Xd8iUd;LBgRLc:XVMNvd;NPKaK:PVlQOd;SNUn3:ZwDk9d;cEt90b:ws9Tlc;dIoSBb:SpsfSb;eBAeSb:zbML3c;iFQyKf:vfuNJf;nAFL3:NTMZac;oGtAuc:sOXFj;qddgKe:xQtZb;wR5FRb:siKnQd;yxTchf:KUM7Z/m=Wt6vjf,hhhU8,FCpbqb,ws9Tlc,WhJNk HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://fundingchoicesmessages.google.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/content-ads-contributor-boq-js-css-signers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="boq-infra/content-ads-contributor-boq-js-css-signers"
report-to: {"group":"boq-infra/content-ads-contributor-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/content-ads-contributor-boq-js-css-signers"}]}
content-length: 3490
date: Fri, 19 Apr 2024 03:37:05 GMT
expires: Sat, 19 Apr 2025 03:37:05 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Sun, 14 Apr 2024 07:33:00 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

www.gstatic.com/_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingAdwallUi.vi.pWvgqKnqE8Y.es5.O/ck=boq-content-ads-contributor.ContributorServingAdwallUi.payteTO1wl8.L.F4.O/am=gKEb/d=1/exm=BWd0oe,FCpbqb,WhJNk,Wt6vjf,_b,_tp,hhhU8,soHxf,ws9Tlc/excm=_b,_tp,allowadsview/ed=1/wt=2/ujg=1/rs=AJlcJMzSUfO5Mm9PUNsFdowDQWxkjdegOQ/ee=EmZ2Bf:zr1jrb;JsbNhc:Xd8iUd;LBgRLc:XVMNvd;NPKaK:PVlQOd;SNUn3:ZwDk9d;cEt90b:ws9Tlc;dIoSBb:SpsfSb;eBAeSb:zbML3c;iFQyKf:vfuNJf;nAFL3:NTMZac;oGtAuc:sOXFj;qddgKe:xQtZb;wR5FRb:siKnQd;yxTchf:KUM7Z/m=byfTOb,lsjVmc,LEikZe,lwddkf,EFQ78c

142.250.74.35

200 OK

13 kB

URL GET HTTP/3
www.gstatic.com/_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingAdwallUi.vi.pWvgqKnqE8Y.es5.O/ck=boq-content-ads-contributor.ContributorServingAdwallUi.payteTO1wl8.L.F4.O/am=gKEb/d=1/exm=BWd0oe,FCpbqb,WhJNk,Wt6vjf,_b,_tp,hhhU8,soHxf,ws9Tlc/excm=_b,_tp,allowadsview/ed=1/wt=2/ujg=1/rs=AJlcJMzSUfO5Mm9PUNsFdowDQWxkjdegOQ/ee=EmZ2Bf:zr1jrb;JsbNhc:Xd8iUd;LBgRLc:XVMNvd;NPKaK:PVlQOd;SNUn3:ZwDk9d;cEt90b:ws9Tlc;dIoSBb:SpsfSb;eBAeSb:zbML3c;iFQyKf:vfuNJf;nAFL3:NTMZac;oGtAuc:sOXFj;qddgKe:xQtZb;wR5FRb:siKnQd;yxTchf:KUM7Z/m=byfTOb,lsjVmc,LEikZe,lwddkf,EFQ78c
IP
142.250.74.35:443
ASN
#15169 GOOGLE

Requested by
https://fundingchoicesmessages.google.com/s/whitelist?hl=vi
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint8F:81:43:71:C4:F3:8C:FA:6D:EC:B4:5E:1F:58:71:AA:48:42:0E:E9
ValidityMon, 04 Mar 2024 07:16:39 GMT - Mon, 27 May 2024 07:16:38 GMT

File type
JavaScript source, ASCII text, with very long lines (1600)
Size
13 kB (12692 bytes)
Hash
ab199b9dc5faf341e688a4c9196b0874
fdf2ccb808e05f2789ced334d3d18e13ec59d71c
454a7e35fa7a6c0a52d616009ce1964375308a1b839a87095780df64b70c4e0e

HTTP Headers

GET /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingAdwallUi.vi.pWvgqKnqE8Y.es5.O/ck=boq-content-ads-contributor.ContributorServingAdwallUi.payteTO1wl8.L.F4.O/am=gKEb/d=1/exm=BWd0oe,FCpbqb,WhJNk,Wt6vjf,_b,_tp,hhhU8,soHxf,ws9Tlc/excm=_b,_tp,allowadsview/ed=1/wt=2/ujg=1/rs=AJlcJMzSUfO5Mm9PUNsFdowDQWxkjdegOQ/ee=EmZ2Bf:zr1jrb;JsbNhc:Xd8iUd;LBgRLc:XVMNvd;NPKaK:PVlQOd;SNUn3:ZwDk9d;cEt90b:ws9Tlc;dIoSBb:SpsfSb;eBAeSb:zbML3c;iFQyKf:vfuNJf;nAFL3:NTMZac;oGtAuc:sOXFj;qddgKe:xQtZb;wR5FRb:siKnQd;yxTchf:KUM7Z/m=byfTOb,lsjVmc,LEikZe,lwddkf,EFQ78c HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://fundingchoicesmessages.google.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/content-ads-contributor-boq-js-css-signers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="boq-infra/content-ads-contributor-boq-js-css-signers"
report-to: {"group":"boq-infra/content-ads-contributor-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/content-ads-contributor-boq-js-css-signers"}]}
content-length: 12692
date: Fri, 19 Apr 2024 03:37:05 GMT
expires: Sat, 19 Apr 2025 03:37:05 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Sun, 14 Apr 2024 07:33:00 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

fonts.googleapis.com/css?family=Open+Sans:300,300i,400,400i,600,600i,700,700i,800,800i|Roboto:100,100i,300,300i,400,400i,500,500i,700,700i,900,900i&subset=latin-ext,vietnamese

142.250.74.74

200 OK

15 kB

URL GET HTTP/3
fonts.googleapis.com/css?family=Open+Sans:300,300i,400,400i,600,600i,700,700i,800,800i|Roboto:100,100i,300,300i,400,400i,500,500i,700,700i,900,900i&subset=latin-ext,vietnamese
IP
142.250.74.74:443
ASN
#15169 GOOGLE

Requested by
http://grab.nguonphimc.com/embed/vuong-quoc-cua-gio-f43859.html?api=nguonphimc.com&esp=533613&aesp=15c&user=P26301&tim=1713497824&key=rlennKOWVW9kamdkZ25qa2hlX1eoppujkp6XVXBhsA
Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint47:5A:64:7D:9F:47:34:07:31:91:97:F7:04:42:7A:D5:EA:AD:07:4E
ValidityMon, 04 Mar 2024 07:16:44 GMT - Mon, 27 May 2024 07:16:43 GMT

File type
ASCII text, with very long lines (1572)
Size
15 kB (14742 bytes)
Hash
fccaf31523fb2b1f9a2f5326ba3fc954
bb06d9116f9e9ea8b851889d965683b0c130e1c6
3da608c2c7e4ca0573a3ce7251ca07a3e549289a11fb7c8ac22e7fd89c955453

HTTP Headers

GET /css?family=Open+Sans:300,300i,400,400i,600,600i,700,700i,800,800i|Roboto:100,100i,300,300i,400,400i,500,500i,700,700i,900,900i&subset=latin-ext,vietnamese HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://grab.nguonphimc.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Fri, 19 Apr 2024 03:37:05 GMT
date: Fri, 19 Apr 2024 03:37:05 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

grab.nguonphimc.com/themes/np/fonts/fontawesome-webfont.woff2?v=4.7.0

94.242.50.163

200 OK

77 kB

URL GET HTTP/1.1
grab.nguonphimc.com/themes/np/fonts/fontawesome-webfont.woff2?v=4.7.0
IP
94.242.50.163:80
ASN
#43317 SIA VEESP

Requested by
http://grab.nguonphimc.com/embed/vuong-quoc-cua-gio-f43859.html?api=nguonphimc.com&esp=533613&aesp=15c&user=P26301&tim=1713497824&key=rlennKOWVW9kamdkZ25qa2hlX1eoppujkp6XVXBhsA

File type
Web Open Font Format (Version 2), TrueType, length 77160, version 4.459
Size
77 kB (77160 bytes)
Hash
af7ae505a9eed503f8b8e6982036873e
d6f48cba7d076fb6f2fd6ba993a75b9dc1ecbf0c
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

HTTP Headers

GET /themes/np/fonts/fontawesome-webfont.woff2?v=4.7.0 HTTP/1.1
Host: grab.nguonphimc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: http://grab.nguonphimc.com/themes/np/css/color.css?v=2.4.8.2
Cookie: _ga_DDD7EKFG6W=GS1.1.1713497823.1.0.1713497824.0.0.0; _ga=GA1.1.1452574386.1713497824; PHPSESSID=ff7d3p0crk0tll82oqgvnlh673; us_session_id=P26313
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 19 Apr 2024 03:37:05 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.0.33
Last-Modified: Fri, 19 Jan 2018 09:14:59 GMT
Accept-Ranges: bytes
Content-Length: 77160
Cache-Control: max-age=2592000
Expires: Sun, 19 May 2024 03:37:05 GMT
X-UA-Compatible: IE=edge,chrome=1
Connection: close

bestowgradepunch.com/sbar.json?key=5b28bb3338748187b2166508de2d96b3&uuid=f91793d4-a15a-47d5-9c49-e930848ebbad%3A1%3A1

192.243.61.225

200 OK

8.3 kB

URL GET HTTP/1.1
bestowgradepunch.com/sbar.json?key=5b28bb3338748187b2166508de2d96b3&uuid=f91793d4-a15a-47d5-9c49-e930848ebbad%3A1%3A1
IP
192.243.61.225:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
http://nguonphimc.com/xem-phim/vuong-quoc-cua-gio-f43859-15c-e533613.html
Certificate
IssuerLet's Encrypt
Subjectbestowgradepunch.com
Fingerprint87:77:41:5E:A2:D4:BA:15:DB:55:61:B9:8E:D5:37:83:16:3B:8F:D3
ValidityTue, 16 Apr 2024 13:41:38 GMT - Mon, 15 Jul 2024 13:41:37 GMT

File type
JSON text data
Size
8.3 kB (8306 bytes)
Hash
3ed574e56b4622b84dfd05cd0734353e
03742299522b1a9bc387c9f9ed57295cefc91497
471de14105160d3440666e26560d0e34a71bcb4d0a58c88f7a9bf5c6ad7b487b

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /sbar.json?key=5b28bb3338748187b2166508de2d96b3&uuid=f91793d4-a15a-47d5-9c49-e930848ebbad%3A1%3A1 HTTP/1.1
Host: bestowgradepunch.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://nguonphimc.com
DNT: 1
Connection: keep-alive
Referer: http://nguonphimc.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Fri, 19 Apr 2024 03:37:05 GMT
Content-Type: text/plain; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: http://nguonphimc.com
Access-Control-Allow-Origin: http://nguonphimc.com
Access-Control-Allow-Credentials: true
Set-Cookie: u_pl=17093374; expires=Sat, 20 Apr 2024 03:37:05 GMT; secure; SameSite=None
uid_id2=f91793d4-a15a-47d5-9c49-e930848ebbad:1:1; expires=Fri, 26 Apr 2024 03:37:05 GMT; secure; SameSite=None
pdhtkv=true; expires=Sat, 20 Apr 2024 03:37:05 GMT; secure; SameSite=None
uncs=1; expires=Sat, 20 Apr 2024 03:37:05 GMT; secure; SameSite=None
pdhtkv29=true; expires=Sat, 20 Apr 2024 03:37:05 GMT; secure; SameSite=None
uncs29=1; expires=Sat, 20 Apr 2024 03:37:05 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: dedb6fbacc43e49f72cc53ebcca80573
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip

unseenreport.com/pxf.gif?uuid=f91793d4-a15a-47d5-9c49-e930848ebbad&eb=978028c5053b26833423c7a069ce3bd5&te=5db3a4e34790624df926db520a13f79f&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=e&res=14.2069&b_frame=0&pk=5b28bb3338748187b2166508de2d96b3&bl=en-US&sr=1024x1280&sz=1024x1280&hjs=3

192.243.61.227

200 OK

1 B

URL GET HTTP/1.1
unseenreport.com/pxf.gif?uuid=f91793d4-a15a-47d5-9c49-e930848ebbad&eb=978028c5053b26833423c7a069ce3bd5&te=5db3a4e34790624df926db520a13f79f&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=e&res=14.2069&b_frame=0&pk=5b28bb3338748187b2166508de2d96b3&bl=en-US&sr=1024x1280&sz=1024x1280&hjs=3
IP
192.243.61.227:80
ASN
#39572 DataWeb Global Group B.V.

Requested by
http://nguonphimc.com/xem-phim/vuong-quoc-cua-gio-f43859-15c-e533613.html

File type
very short file (no magic)
Size
1 B (1 bytes)
Hash
93b885adfe0da089cdf634904fd59f71
5ba93c9db0cff93f52b521d7420e43f6eda2784f
6e340b9cffb37a989ca544e6bb780a2c78901d3fb33738768511a30617afa01d

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /pxf.gif?uuid=f91793d4-a15a-47d5-9c49-e930848ebbad&eb=978028c5053b26833423c7a069ce3bd5&te=5db3a4e34790624df926db520a13f79f&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=e&res=14.2069&b_frame=0&pk=5b28bb3338748187b2166508de2d96b3&bl=en-US&sr=1024x1280&sz=1024x1280&hjs=3 HTTP/1.1
Host: unseenreport.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://nguonphimc.com/
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Fri, 19 Apr 2024 03:37:05 GMT
Content-Type: image/gif
Content-Length: 1
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: d4872781d8d26b5d6fb64223c9d42036
Strict-Transport-Security: max-age=0; includeSubdomains

bestowgradepunch.com/ren.gif?sid=H4sIAAAAAAAC%2F1RSz2skRRSujgMeRETZmwijeFhhM%2BkfMz0z7iEY10gwu1l2Fb2IVHXVTMpUdzVV3dOTnIILssfBu9D5Jtmw7iLrH%2BCqkwUPEWHHUw4GRBAPHhRhQRCRnh0MPijee%2FW9gu99X328l58SHzk9uXRZ70il6FKr4dbPv%2Bd5F%2BvrMsmH9WEn%2FCBsXqybwavdsOG%2BUn9TRFt6yXc91%2FVcr74qjejp4VIFQqZ3u16j6zaafsNrNTE0%2F%2B9t7sBSB3xwSp6D5NPaA%2BccZDRBEt%2B7JOxWptMLb8S5opk2GPDDd5KtRBcJ4rOyZxz0ksP5NLR9uHofOjmY0YUe%2FDfI5JQ4394HSw7nJMEG%2BzOeTEEkYPwpFIMJhJpA0gkifQOSPyRAxHFlA0l864o2Bd1%2BjNIKnZLaoz8hiymp%2FXgOSfz5ipLD%2BnWt8kzqxGLYKyGHE8j%2BBGl%2BhGxnAbI4QpR9BMm%2FJ0uP1pHE%2BxtWaUh%2B8nKv67W7AW8uUq9FF5tt3lrsRs3uougGbqfZEYxRPhNIyglkbwIlRqDWQV4d6SDvOchTBzE%2FqUee57VdHlG3042igLcFC7nr0XbPo54bdpBH1Q4jZOkIkRohMrtIzS625Agm%2Fxp2s4TlDmxGMOAlCkFQWIKCEhSSoMgIikF5wJX1bXmLK5szb579eQ7Ksc76e%2FRAZ32REFAzguHlXnpKnq0EdGrTf7AlTuot5ncYC4Kg0252vE6b%2BV4YttwOFz7vhiyAlSWkXZitu1OZ%2Bc0K0iq%2FtAxGj2DVESLpgOYvgBYl6GaJneRO0s91kg0akY7BdYk0qyHbdvbUKXl%2B5uCVv85DRMfLv7LL0z9u%2F43IlEhNiQ%2FlA4K%2Bujm%2Bpguyf00XlnyxkWYylju0cvd6RjNR%2B%2BwtsV1ow9cu2dHt16IKqMq7bwubrdOEy6RvyZ0Vybkwq9pEgny5Zt8V7GpuN1dyk%2BTp%2BtXXV9fi1AhrpU4moHJKnnz%2FN0RySp759LvZx73wdBPSTGDyEnF%2BTOYBqSeI0l3Y9Hj552AWsJrAqLMZljoo8nJsfHZ2qSSBEmc9ZSWsOBOBieOvfn%2BMjQ2tXlNZ7tmb6JsF0OwGkrjEwJQYqBJUjWDzJ8ZZao6Xf5jTYGphzJRZ2GfKqE9mMk%2FJ2sY9WHlSbweBS8Nuy2u3qWizpt%2FphR6n1G%2BGfhjSAJmd9l785ad%2FAQAA%2F%2F8BAAD%2F%2F%2FXMuTeSBAAA

192.243.61.225

200 OK

7 B

URL GET HTTP/1.1
bestowgradepunch.com/ren.gif?sid=H4sIAAAAAAAC%2F1RSz2skRRSujgMeRETZmwijeFhhM%2BkfMz0z7iEY10gwu1l2Fb2IVHXVTMpUdzVV3dOTnIILssfBu9D5Jtmw7iLrH%2BCqkwUPEWHHUw4GRBAPHhRhQRCRnh0MPijee%2FW9gu99X328l58SHzk9uXRZ70il6FKr4dbPv%2Bd5F%2BvrMsmH9WEn%2FCBsXqybwavdsOG%2BUn9TRFt6yXc91%2FVcr74qjejp4VIFQqZ3u16j6zaafsNrNTE0%2F%2B9t7sBSB3xwSp6D5NPaA%2BccZDRBEt%2B7JOxWptMLb8S5opk2GPDDd5KtRBcJ4rOyZxz0ksP5NLR9uHofOjmY0YUe%2FDfI5JQ4394HSw7nJMEG%2BzOeTEEkYPwpFIMJhJpA0gkifQOSPyRAxHFlA0l864o2Bd1%2BjNIKnZLaoz8hiymp%2FXgOSfz5ipLD%2BnWt8kzqxGLYKyGHE8j%2BBGl%2BhGxnAbI4QpR9BMm%2FJ0uP1pHE%2BxtWaUh%2B8nKv67W7AW8uUq9FF5tt3lrsRs3uougGbqfZEYxRPhNIyglkbwIlRqDWQV4d6SDvOchTBzE%2FqUee57VdHlG3042igLcFC7nr0XbPo54bdpBH1Q4jZOkIkRohMrtIzS625Agm%2Fxp2s4TlDmxGMOAlCkFQWIKCEhSSoMgIikF5wJX1bXmLK5szb579eQ7Ksc76e%2FRAZ32REFAzguHlXnpKnq0EdGrTf7AlTuot5ncYC4Kg0252vE6b%2BV4YttwOFz7vhiyAlSWkXZitu1OZ%2Bc0K0iq%2FtAxGj2DVESLpgOYvgBYl6GaJneRO0s91kg0akY7BdYk0qyHbdvbUKXl%2B5uCVv85DRMfLv7LL0z9u%2F43IlEhNiQ%2FlA4K%2Bujm%2Bpguyf00XlnyxkWYylju0cvd6RjNR%2B%2BwtsV1ow9cu2dHt16IKqMq7bwubrdOEy6RvyZ0Vybkwq9pEgny5Zt8V7GpuN1dyk%2BTp%2BtXXV9fi1AhrpU4moHJKnnz%2FN0RySp759LvZx73wdBPSTGDyEnF%2BTOYBqSeI0l3Y9Hj552AWsJrAqLMZljoo8nJsfHZ2qSSBEmc9ZSWsOBOBieOvfn%2BMjQ2tXlNZ7tmb6JsF0OwGkrjEwJQYqBJUjWDzJ8ZZao6Xf5jTYGphzJRZ2GfKqE9mMk%2FJ2sY9WHlSbweBS8Nuy2u3qWizpt%2FphR6n1G%2BGfhjSAJmd9l785ad%2FAQAA%2F%2F8BAAD%2F%2F%2FXMuTeSBAAA
IP
192.243.61.225:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
http://nguonphimc.com/xem-phim/vuong-quoc-cua-gio-f43859-15c-e533613.html
Certificate
IssuerLet's Encrypt
Subjectbestowgradepunch.com
Fingerprint87:77:41:5E:A2:D4:BA:15:DB:55:61:B9:8E:D5:37:83:16:3B:8F:D3
ValidityTue, 16 Apr 2024 13:41:38 GMT - Mon, 15 Jul 2024 13:41:37 GMT

File type
ASCII text, with no line terminators
Size
7 B (7 bytes)
Hash
132d6af1b46048b45cf86cdee7991d31
eb7007d03d59b65bc6da7e098c4d38fc6dfb6285
ab852e838deccd742a03ca81d4a8d75cf1a00b327db3eaf46bd7da6b6db9384c

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /ren.gif?sid=H4sIAAAAAAAC%2F1RSz2skRRSujgMeRETZmwijeFhhM%2BkfMz0z7iEY10gwu1l2Fb2IVHXVTMpUdzVV3dOTnIILssfBu9D5Jtmw7iLrH%2BCqkwUPEWHHUw4GRBAPHhRhQRCRnh0MPijee%2FW9gu99X328l58SHzk9uXRZ70il6FKr4dbPv%2Bd5F%2BvrMsmH9WEn%2FCBsXqybwavdsOG%2BUn9TRFt6yXc91%2FVcr74qjejp4VIFQqZ3u16j6zaafsNrNTE0%2F%2B9t7sBSB3xwSp6D5NPaA%2BccZDRBEt%2B7JOxWptMLb8S5opk2GPDDd5KtRBcJ4rOyZxz0ksP5NLR9uHofOjmY0YUe%2FDfI5JQ4394HSw7nJMEG%2BzOeTEEkYPwpFIMJhJpA0gkifQOSPyRAxHFlA0l864o2Bd1%2BjNIKnZLaoz8hiymp%2FXgOSfz5ipLD%2BnWt8kzqxGLYKyGHE8j%2BBGl%2BhGxnAbI4QpR9BMm%2FJ0uP1pHE%2BxtWaUh%2B8nKv67W7AW8uUq9FF5tt3lrsRs3uougGbqfZEYxRPhNIyglkbwIlRqDWQV4d6SDvOchTBzE%2FqUee57VdHlG3042igLcFC7nr0XbPo54bdpBH1Q4jZOkIkRohMrtIzS625Agm%2Fxp2s4TlDmxGMOAlCkFQWIKCEhSSoMgIikF5wJX1bXmLK5szb579eQ7Ksc76e%2FRAZ32REFAzguHlXnpKnq0EdGrTf7AlTuot5ncYC4Kg0252vE6b%2BV4YttwOFz7vhiyAlSWkXZitu1OZ%2Bc0K0iq%2FtAxGj2DVESLpgOYvgBYl6GaJneRO0s91kg0akY7BdYk0qyHbdvbUKXl%2B5uCVv85DRMfLv7LL0z9u%2F43IlEhNiQ%2FlA4K%2Bujm%2Bpguyf00XlnyxkWYylju0cvd6RjNR%2B%2BwtsV1ow9cu2dHt16IKqMq7bwubrdOEy6RvyZ0Vybkwq9pEgny5Zt8V7GpuN1dyk%2BTp%2BtXXV9fi1AhrpU4moHJKnnz%2FN0RySp759LvZx73wdBPSTGDyEnF%2BTOYBqSeI0l3Y9Hj552AWsJrAqLMZljoo8nJsfHZ2qSSBEmc9ZSWsOBOBieOvfn%2BMjQ2tXlNZ7tmb6JsF0OwGkrjEwJQYqBJUjWDzJ8ZZao6Xf5jTYGphzJRZ2GfKqE9mMk%2FJ2sY9WHlSbweBS8Nuy2u3qWizpt%2FphR6n1G%2BGfhjSAJmd9l785ad%2FAQAA%2F%2F8BAAD%2F%2F%2FXMuTeSBAAA HTTP/1.1
Host: bestowgradepunch.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://nguonphimc.com/
Cookie: u_pl=17093374; uid_id2=f91793d4-a15a-47d5-9c49-e930848ebbad:1:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Fri, 19 Apr 2024 03:37:05 GMT
Content-Type: image/gif
Content-Length: 7
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 2403c81829655219557ad377605f13cc
Strict-Transport-Security: max-age=0; includeSubdomains

cdn.creative-bars1.com/sb/ssp/vpn/classic-push/small/img/close.png

188.114.96.1

200 OK

591 B

URL GET HTTP/2
cdn.creative-bars1.com/sb/ssp/vpn/classic-push/small/img/close.png
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
http://nguonphimc.com/xem-phim/vuong-quoc-cua-gio-f43859-15c-e533613.html
Certificate
IssuerGoogle Trust Services LLC
Subjectcreative-bars1.com
Fingerprint3D:29:39:2C:F1:E5:C6:EF:54:F5:70:B5:CF:A8:C2:75:4D:89:72:13
ValidityMon, 15 Apr 2024 15:02:18 GMT - Sun, 14 Jul 2024 15:02:17 GMT

File type
PNG image data, 12 x 12, 8-bit/color RGBA, non-interlaced
Size
591 B (591 bytes)
Hash
9fd5bcb6103d86e317bd1eb019bcbe71
6b5a52ea669dcb74946f2bed4bdd7ec985026113
0ddd3be104ac7945fb062096df62034a6a24ecc76ba92493c35c62c3c25982ae

HTTP Headers

GET /sb/ssp/vpn/classic-push/small/img/close.png HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Fri, 19 Apr 2024 03:37:06 GMT
content-type: image/png
content-length: 591
last-modified: Fri, 19 Jan 2024 14:19:42 GMT
etag: "65aa84fe-24f"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 5581919
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Lin%2BDbhatIxXgYm%2B7SFCW9H0lzviCBkwJzx0gfQuPKFhh9VVsWul6FUcfkVzWCm1VagVMXFbe7S9zGruEqwOP0Lkp7Ub3kEm6ZJHqUhJv3rtW5N8z87lGUaGI7bcZFndbh6G9JSePaki"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8769daa4d8ac5691-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

fonts.googleapis.com/css?family=Roboto:300,400,700&display=swap

142.250.74.74

200 OK

717 B

URL GET HTTP/1.1
fonts.googleapis.com/css?family=Roboto:300,400,700&display=swap
IP
142.250.74.74:80
ASN
#15169 GOOGLE

Requested by
http://nguonphimc.com/xem-phim/vuong-quoc-cua-gio-f43859-15c-e533613.html

File type
ASCII text
Size
717 B (717 bytes)
Hash
9cc7d472437c87f6f7ebeb35abec09f1
948bb2b7bf4bbc829015c125e1b6f7859b2948b0
9a39510af72db44fb14d333c52c41da0e90827afcfe78c8f12b367f0a94783b7

HTTP Headers

GET /css?family=Roboto:300,400,700&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: text/css; charset=utf-8
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Link: <http://fonts.gstatic.com>; rel=preconnect; crossorigin
Expires: Fri, 19 Apr 2024 03:37:06 GMT
Date: Fri, 19 Apr 2024 03:37:06 GMT
Cache-Control: private, max-age=86400
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin-allow-popups
Content-Encoding: gzip
Transfer-Encoding: chunked
Server: ESF
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff

bestowgradepunch.com/pixel/sbls?bv=24.6.6370&tmpl=482&u=https%3A%2F%2Fcdn.barscreative1.com%2Fsb%2Fau%2F0c%2Fc8%2Fe1%2F0cc8e13ba9d5dbc867b982993e805a9d%2F1632728593.html&l=1325&fd=84

192.243.61.225

200 OK

0 B

URL GET HTTP/1.1
bestowgradepunch.com/pixel/sbls?bv=24.6.6370&tmpl=482&u=https%3A%2F%2Fcdn.barscreative1.com%2Fsb%2Fau%2F0c%2Fc8%2Fe1%2F0cc8e13ba9d5dbc867b982993e805a9d%2F1632728593.html&l=1325&fd=84
IP
192.243.61.225:80
ASN
#39572 DataWeb Global Group B.V.

Requested by
http://nguonphimc.com/xem-phim/vuong-quoc-cua-gio-f43859-15c-e533613.html

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /pixel/sbls?bv=24.6.6370&tmpl=482&u=https%3A%2F%2Fcdn.barscreative1.com%2Fsb%2Fau%2F0c%2Fc8%2Fe1%2F0cc8e13ba9d5dbc867b982993e805a9d%2F1632728593.html&l=1325&fd=84 HTTP/1.1
Host: bestowgradepunch.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://nguonphimc.com/
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Fri, 19 Apr 2024 03:37:06 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range

cdn.cloudimagesb.com/si/63/93/4f/63934f19816e914cdf9542ebd1ea81b2/1713364719.png

45.133.44.10

200 OK

79 kB

URL GET HTTP/2
cdn.cloudimagesb.com/si/63/93/4f/63934f19816e914cdf9542ebd1ea81b2/1713364719.png
IP
45.133.44.10:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
http://nguonphimc.com/xem-phim/vuong-quoc-cua-gio-f43859-15c-e533613.html
Certificate
IssuerLet's Encrypt
Subjectcdn.cloudimagesb.com
FingerprintC6:F3:21:F0:21:7D:7E:96:0F:E8:46:7A:5E:C5:3F:D1:52:B0:67:B0
ValidityFri, 22 Mar 2024 03:01:35 GMT - Thu, 20 Jun 2024 03:01:34 GMT

File type
PNG image data, 192 x 192, 8-bit/color RGBA, non-interlaced
Size
79 kB (78742 bytes)
Hash
056a5db1da586024c4c315659f1a70da
364dbecd8995d974c1a8765edd125a62c9dc6754
ef512fcfc0a38fbc2e0299170bbd0b88e2ba27a20180d33fb989eb4dd8b25e6c

HTTP Headers

GET /si/63/93/4f/63934f19816e914cdf9542ebd1ea81b2/1713364719.png HTTP/1.1
Host: cdn.cloudimagesb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 19 Apr 2024 03:37:06 GMT
content-type: image/png
content-length: 78742
server: nginx/1.21.6
last-modified: Wed, 17 Apr 2024 14:38:47 GMT
etag: "661fdef7-13396"
expires: Sun, 21 Apr 2024 03:37:06 GMT
cache-control: max-age=172800
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2

bestowgradepunch.com/pixel/sbls?bv=24.6.6370&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Fssp%2Fvpn%2Fclassic-push%2Fsmall%2Fjs%2Fscript.js&l=962&fd=11

192.243.61.225

200 OK

0 B

URL GET HTTP/1.1
bestowgradepunch.com/pixel/sbls?bv=24.6.6370&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Fssp%2Fvpn%2Fclassic-push%2Fsmall%2Fjs%2Fscript.js&l=962&fd=11
IP
192.243.61.225:80
ASN
#39572 DataWeb Global Group B.V.

Requested by
http://nguonphimc.com/xem-phim/vuong-quoc-cua-gio-f43859-15c-e533613.html

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /pixel/sbls?bv=24.6.6370&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Fssp%2Fvpn%2Fclassic-push%2Fsmall%2Fjs%2Fscript.js&l=962&fd=11 HTTP/1.1
Host: bestowgradepunch.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://nguonphimc.com/
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Fri, 19 Apr 2024 03:37:06 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range

bestowgradepunch.com/pixel/sbls?bv=24.6.6370&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Fssp%2Fvpn%2Fclassic-push%2Fsmall%2Fcss%2Fstyle.css&l=3355&fd=337

192.243.59.13

200 OK

0 B

URL GET HTTP/1.1
bestowgradepunch.com/pixel/sbls?bv=24.6.6370&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Fssp%2Fvpn%2Fclassic-push%2Fsmall%2Fcss%2Fstyle.css&l=3355&fd=337
IP
192.243.59.13:80
ASN
#39572 DataWeb Global Group B.V.

Requested by
http://nguonphimc.com/xem-phim/vuong-quoc-cua-gio-f43859-15c-e533613.html

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /pixel/sbls?bv=24.6.6370&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Fssp%2Fvpn%2Fclassic-push%2Fsmall%2Fcss%2Fstyle.css&l=3355&fd=337 HTTP/1.1
Host: bestowgradepunch.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://nguonphimc.com/
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Fri, 19 Apr 2024 03:37:06 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range

bestowgradepunch.com/pixel/sbls?bv=24.6.6370&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Fssp%2Fvpn%2Fclassic-push%2Fsmall%2Fcss%2Fanimate.css&l=78689&fd=339

192.243.61.225

200 OK

0 B

URL GET HTTP/1.1
bestowgradepunch.com/pixel/sbls?bv=24.6.6370&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Fssp%2Fvpn%2Fclassic-push%2Fsmall%2Fcss%2Fanimate.css&l=78689&fd=339
IP
192.243.61.225:80
ASN
#39572 DataWeb Global Group B.V.

Requested by
http://nguonphimc.com/xem-phim/vuong-quoc-cua-gio-f43859-15c-e533613.html

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /pixel/sbls?bv=24.6.6370&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Fssp%2Fvpn%2Fclassic-push%2Fsmall%2Fcss%2Fanimate.css&l=78689&fd=339 HTTP/1.1
Host: bestowgradepunch.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://nguonphimc.com/
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Fri, 19 Apr 2024 03:37:06 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range

fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

142.250.74.131

200 OK

16 kB

URL GET HTTP/2
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
IP
142.250.74.131:443
ASN
#15169 GOOGLE

Requested by
http://nguonphimc.com/xem-phim/vuong-quoc-cua-gio-f43859-15c-e533613.html
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint8F:81:43:71:C4:F3:8C:FA:6D:EC:B4:5E:1F:58:71:AA:48:42:0E:E9
ValidityMon, 04 Mar 2024 07:16:39 GMT - Mon, 27 May 2024 07:16:38 GMT

File type
Web Open Font Format (Version 2), TrueType, length 15860, version 1.0
Size
16 kB (15860 bytes)
Hash
e9f5aaf547f165386cd313b995dddd8e
acdef5603c2387b0e5bffd744b679a24a8bc1968
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

HTTP Headers

GET /s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://nguonphimc.com
DNT: 1
Connection: keep-alive
Referer: http://fonts.googleapis.com/
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin; report-to="apps-themes"
Report-To: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
Timing-Allow-Origin: *
Content-Length: 15860
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Tue, 16 Apr 2024 20:24:04 GMT
Expires: Wed, 16 Apr 2025 20:24:04 GMT
Cache-Control: public, max-age=31536000
Age: 198782
Last-Modified: Wed, 11 May 2022 19:24:42 GMT
Content-Type: font/woff2

fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

142.250.74.131

200 OK

16 kB

URL GET HTTP/2
fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
IP
142.250.74.131:443
ASN
#15169 GOOGLE

Requested by
http://nguonphimc.com/xem-phim/vuong-quoc-cua-gio-f43859-15c-e533613.html
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint8F:81:43:71:C4:F3:8C:FA:6D:EC:B4:5E:1F:58:71:AA:48:42:0E:E9
ValidityMon, 04 Mar 2024 07:16:39 GMT - Mon, 27 May 2024 07:16:38 GMT

File type
Web Open Font Format (Version 2), TrueType, length 15744, version 1.0
Size
16 kB (15744 bytes)
Hash
15d9f621c3bd1599f0169dcf0bd5e63e
7ca9c5967f3bb8bffeab24b639b49c1e7d03fa52
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

HTTP Headers

GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://nguonphimc.com
DNT: 1
Connection: keep-alive
Referer: http://fonts.googleapis.com/
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin; report-to="apps-themes"
Report-To: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
Timing-Allow-Origin: *
Content-Length: 15744
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Thu, 18 Apr 2024 02:58:06 GMT
Expires: Fri, 18 Apr 2025 02:58:06 GMT
Cache-Control: public, max-age=31536000
Age: 88740
Last-Modified: Wed, 11 May 2022 19:24:48 GMT
Content-Type: font/woff2

cdn.creative-bars1.com/sb/ssp/vpn/classic-push/small/css/animate.css

188.114.96.1

200 OK

4.9 kB

URL GET HTTP/2
cdn.creative-bars1.com/sb/ssp/vpn/classic-push/small/css/animate.css
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
http://nguonphimc.com/xem-phim/vuong-quoc-cua-gio-f43859-15c-e533613.html
Certificate
IssuerGoogle Trust Services LLC
Subjectcreative-bars1.com
Fingerprint3D:29:39:2C:F1:E5:C6:EF:54:F5:70:B5:CF:A8:C2:75:4D:89:72:13
ValidityMon, 15 Apr 2024 15:02:18 GMT - Sun, 14 Jul 2024 15:02:17 GMT

File type
ASCII text
Size
4.9 kB (4876 bytes)
Hash
3d4123dbfb33d27a5cfdfcfa91df6783
e7d0eeeec54b848f0bc3da8685fa3bc88429d660
cb7d1393b65701b2f97d8da244c2c6023e9cbc3463ecb0136b915cfc775c6887

HTTP Headers

GET /sb/ssp/vpn/classic-push/small/css/animate.css HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://nguonphimc.com
DNT: 1
Connection: keep-alive
Referer: http://nguonphimc.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 19 Apr 2024 03:37:06 GMT
content-type: text/css
last-modified: Fri, 19 Jan 2024 14:19:42 GMT
etag: W/"65aa84fe-13361"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5%2BgCMThvhg3fgatcje9Q5paX2OKiBJYPHnfo8sVILf9rasOvntCUSJT5cPX1w1CKsWvtfdevdvmWa58rGoUN7pbVHNDsPe3l8DA5dHxdHyQDuIu03KyiHNUchwSesRZP%2FjX47IwB%2F8Dr"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8769daa4688a5691-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

bestowgradepunch.com/pixel/sbs?c=1

192.243.61.225

200 OK

0 B

URL GET HTTP/1.1
bestowgradepunch.com/pixel/sbs?c=1
IP
192.243.61.225:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
http://nguonphimc.com/xem-phim/vuong-quoc-cua-gio-f43859-15c-e533613.html
Certificate
IssuerLet's Encrypt
Subjectbestowgradepunch.com
Fingerprint87:77:41:5E:A2:D4:BA:15:DB:55:61:B9:8E:D5:37:83:16:3B:8F:D3
ValidityTue, 16 Apr 2024 13:41:38 GMT - Mon, 15 Jul 2024 13:41:37 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /pixel/sbs?c=1 HTTP/1.1
Host: bestowgradepunch.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://nguonphimc.com/
Cookie: u_pl=17093374; uid_id2=f91793d4-a15a-47d5-9c49-e930848ebbad:1:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Fri, 19 Apr 2024 03:37:06 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range

nguonphimc.com/xem-phim/vuong-quoc-cua-gio-f43859-15d-e533614.html

94.242.50.163

200 OK

279 B

URL POST HTTP/1.1
nguonphimc.com/xem-phim/vuong-quoc-cua-gio-f43859-15d-e533614.html
IP
94.242.50.163:80
ASN
#43317 SIA VEESP

Requested by
http://nguonphimc.com/xem-phim/vuong-quoc-cua-gio-f43859-15c-e533613.html

File type
JSON text data
Size
279 B (279 bytes)
Hash
2dec255cd3a0d11aaba3ed29ca83a290
3aac51259bcbf8e83c43170f4fa63f95bd100e9a
b11048195f312434f1db35fb518bc80712fe1fd65e09fb178bd329d1f09af8dd

HTTP Headers

POST /xem-phim/vuong-quoc-cua-gio-f43859-15d-e533614.html HTTP/1.1
Host: nguonphimc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
X-Requested-With: XMLHttpRequest
Content-Length: 87
Origin: http://nguonphimc.com
DNT: 1
Connection: keep-alive
Referer: http://nguonphimc.com/xem-phim/vuong-quoc-cua-gio-f43859-15c-e533613.html
Cookie: PHPSESSID=tfm9q3gva53gm9vg6jg8f5vff5; us_session_id=P26301; _ga_DDD7EKFG6W=GS1.1.1713497823.1.0.1713497824.0.0.0; _ga=GA1.1.1452574386.1713497824; dom3ic8zudi28v8lr6fgphwffqoz0j6c=f91793d4-a15a-47d5-9c49-e930848ebbad%3A1%3A1; sb_page_5b28bb3338748187b2166508de2d96b3=1; sb_onpage_5b28bb3338748187b2166508de2d96b3=1; sb_main_5b28bb3338748187b2166508de2d96b3=1; sb_count_5b28bb3338748187b2166508de2d96b3=1
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 19 Apr 2024 03:37:15 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.0.33
X-Powered-By: PHP/7.0.33
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: Accept-Encoding
Content-Encoding: gzip
X-UA-Compatible: IE=edge,chrome=1
Content-Length: 279
Connection: close
Content-Type: text/html; charset=UTF-8

grab.nguonphimc.com/embed/vuong-quoc-cua-gio-f43859.html?api=nguonphimc.com&esp=533614&aesp=15d&user=P26301&tim=1713497835&key=r1ennKOWVm9kamdkaG5qa2lmYFeoppujk56XVXBhsQ

94.242.50.163

3.6 kB

URL GET
grab.nguonphimc.com/embed/vuong-quoc-cua-gio-f43859.html?api=nguonphimc.com&esp=533614&aesp=15d&user=P26301&tim=1713497835&key=r1ennKOWVm9kamdkaG5qa2lmYFeoppujk56XVXBhsQ
IP
94.242.50.163:0
ASN
#43317 SIA VEESP

Requested by
http://nguonphimc.com/xem-phim/vuong-quoc-cua-gio-f43859-15c-e533613.html

File type
HTML document, Unicode text, UTF-8 text, with CRLF, LF line terminators
Size
3.6 kB (3641 bytes)
Hash
b2c45dbed5eabe0cc4ae13dcbe755c6c
c9e4b7d14a8007eb5f73e5fd3add574b7666017b
1645ee1fd6ef28b910fbe3d6749ba028efe94538107366fb08d39ea3246066d7

HTTP Headers

GET /embed/vuong-quoc-cua-gio-f43859.html?api=nguonphimc.com&esp=533614&aesp=15d&user=P26301&tim=1713497835&key=r1ennKOWVm9kamdkaG5qa2lmYFeoppujk56XVXBhsQ HTTP/1.1
Host: grab.nguonphimc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://nguonphimc.com/
Cookie: _ga_DDD7EKFG6W=GS1.1.1713497823.1.0.1713497824.0.0.0; _ga=GA1.1.1452574386.1713497824; PHPSESSID=ff7d3p0crk0tll82oqgvnlh673; us_session_id=P26313
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 19 Apr 2024 03:37:15 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.0.33
X-Powered-By: PHP/7.0.33
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: Accept-Encoding
Content-Encoding: gzip
X-UA-Compatible: IE=edge,chrome=1
Content-Length: 3641
Connection: close
Content-Type: text/html; charset=UTF-8

www.gstatic.com/_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingAdwallUi.vi.pWvgqKnqE8Y.es5.O/ck=boq-content-ads-contributor.ContributorServingAdwallUi.payteTO1wl8.L.F4.O/am=gKEb/d=1/exm=BWd0oe,EFQ78c,FCpbqb,LEikZe,WhJNk,Wt6vjf,_b,_tp,byfTOb,hhhU8,lsjVmc,lwddkf,soHxf,ws9Tlc/excm=_b,_tp,allowadsview/ed=1/wt=2/ujg=1/rs=AJlcJMzSUfO5Mm9PUNsFdowDQWxkjdegOQ/ee=EmZ2Bf:zr1jrb;JsbNhc:Xd8iUd;LBgRLc:XVMNvd;NPKaK:PVlQOd;SNUn3:ZwDk9d;cEt90b:ws9Tlc;dIoSBb:SpsfSb;eBAeSb:zbML3c;iFQyKf:vfuNJf;nAFL3:NTMZac;oGtAuc:sOXFj;qddgKe:xQtZb;wR5FRb:siKnQd;yxTchf:KUM7Z/m=RqjULd

142.250.74.35

200 OK

32 kB

URL GET HTTP/3
www.gstatic.com/_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingAdwallUi.vi.pWvgqKnqE8Y.es5.O/ck=boq-content-ads-contributor.ContributorServingAdwallUi.payteTO1wl8.L.F4.O/am=gKEb/d=1/exm=BWd0oe,EFQ78c,FCpbqb,LEikZe,WhJNk,Wt6vjf,_b,_tp,byfTOb,hhhU8,lsjVmc,lwddkf,soHxf,ws9Tlc/excm=_b,_tp,allowadsview/ed=1/wt=2/ujg=1/rs=AJlcJMzSUfO5Mm9PUNsFdowDQWxkjdegOQ/ee=EmZ2Bf:zr1jrb;JsbNhc:Xd8iUd;LBgRLc:XVMNvd;NPKaK:PVlQOd;SNUn3:ZwDk9d;cEt90b:ws9Tlc;dIoSBb:SpsfSb;eBAeSb:zbML3c;iFQyKf:vfuNJf;nAFL3:NTMZac;oGtAuc:sOXFj;qddgKe:xQtZb;wR5FRb:siKnQd;yxTchf:KUM7Z/m=RqjULd
IP
142.250.74.35:443
ASN
#15169 GOOGLE

Requested by
https://fundingchoicesmessages.google.com/s/whitelist?hl=vi
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint8F:81:43:71:C4:F3:8C:FA:6D:EC:B4:5E:1F:58:71:AA:48:42:0E:E9
ValidityMon, 04 Mar 2024 07:16:39 GMT - Mon, 27 May 2024 07:16:38 GMT

File type
JavaScript source, ASCII text, with very long lines (2968)
Size
32 kB (32500 bytes)
Hash
f5c7fc324e43f85696f2873b1fe2a8d4
7d90bee3a4626a8766fad6ba57e8a065b9c5d19f
5485453d1c290f9728e0756544aea1360eaf9a5b5555d1017b69d213d3d82455

HTTP Headers

GET /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingAdwallUi.vi.pWvgqKnqE8Y.es5.O/ck=boq-content-ads-contributor.ContributorServingAdwallUi.payteTO1wl8.L.F4.O/am=gKEb/d=1/exm=BWd0oe,EFQ78c,FCpbqb,LEikZe,WhJNk,Wt6vjf,_b,_tp,byfTOb,hhhU8,lsjVmc,lwddkf,soHxf,ws9Tlc/excm=_b,_tp,allowadsview/ed=1/wt=2/ujg=1/rs=AJlcJMzSUfO5Mm9PUNsFdowDQWxkjdegOQ/ee=EmZ2Bf:zr1jrb;JsbNhc:Xd8iUd;LBgRLc:XVMNvd;NPKaK:PVlQOd;SNUn3:ZwDk9d;cEt90b:ws9Tlc;dIoSBb:SpsfSb;eBAeSb:zbML3c;iFQyKf:vfuNJf;nAFL3:NTMZac;oGtAuc:sOXFj;qddgKe:xQtZb;wR5FRb:siKnQd;yxTchf:KUM7Z/m=RqjULd HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://fundingchoicesmessages.google.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/content-ads-contributor-boq-js-css-signers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="boq-infra/content-ads-contributor-boq-js-css-signers"
report-to: {"group":"boq-infra/content-ads-contributor-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/content-ads-contributor-boq-js-css-signers"}]}
content-length: 11750
date: Fri, 19 Apr 2024 03:37:05 GMT
expires: Sat, 19 Apr 2025 03:37:05 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Sun, 14 Apr 2024 07:33:00 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

fundingchoicesmessages.google.com/s/whitelist?hl=vi

216.58.211.14

200 OK

100 kB

URL GET HTTP/2
fundingchoicesmessages.google.com/s/whitelist?hl=vi
IP
216.58.211.14:443
ASN
#15169 GOOGLE

Requested by
http://nguonphimc.com/xem-phim/vuong-quoc-cua-gio-f43859-15c-e533613.html
Certificate
IssuerGoogle Trust Services LLC
Subject*.google.com
Fingerprint02:6C:2F:38:A0:8A:95:AC:E8:2B:67:AA:69:A4:34:6E:15:99:F5:1D
ValidityMon, 04 Mar 2024 06:35:50 GMT - Mon, 27 May 2024 06:35:49 GMT

File type

Size
100 kB (99780 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /s/whitelist?hl=vi HTTP/1.1
Host: fundingchoicesmessages.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://nguonphimc.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/html; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-ua-compatible: IE=edge
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Fri, 19 Apr 2024 03:37:04 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorServingAdwallUi/cspreport, script-src 'nonce-FodsvJMHnY0qaLZQKFFTUg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingAdwallUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingAdwallUi/cspreport/allowlist
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
cross-origin-resource-policy: same-site
reporting-endpoints: default="/_/ContributorServingAdwallUi/web-reports?context=eJzjMtDikmLw1ZBikPj6kkkLiJ3SZ7CGALFP_QzWOCBuvXmOdToQJ_07z1oCxEI8HA_Otm9kE1jQdW0zEwDTFxle"
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.googleapis.com/css?family=Roboto+Condensed:300,300i,400,400i,700,700i&subset=latin-ext,vietnamese

142.250.74.74

200 OK

14 kB

URL GET HTTP/2
fonts.googleapis.com/css?family=Roboto+Condensed:300,300i,400,400i,700,700i&subset=latin-ext,vietnamese
IP
142.250.74.74:443
ASN
#15169 GOOGLE

Requested by
http://nguonphimc.com/xem-phim/vuong-quoc-cua-gio-f43859-15c-e533613.html
Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint47:5A:64:7D:9F:47:34:07:31:91:97:F7:04:42:7A:D5:EA:AD:07:4E
ValidityMon, 04 Mar 2024 07:16:44 GMT - Mon, 27 May 2024 07:16:43 GMT

File type
ASCII text
Size
14 kB (14382 bytes)
Hash
fc75373f300a1c1fbca638e636b5f68b
4bc81b7661df93d2b448862e227c13e42f23222e
f105df3b32f71722ebee1ee36d7ff3a57f637e97400d9a691b878f1575d1984f

HTTP Headers

GET /css?family=Roboto+Condensed:300,300i,400,400i,700,700i&subset=latin-ext,vietnamese HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://nguonphimc.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Fri, 19 Apr 2024 03:37:03 GMT
date: Fri, 19 Apr 2024 03:37:03 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

nguonphimc.com/themes/np/fonts/fontawesome-webfont.woff2?v=4.7.0

94.242.50.163

200 OK

77 kB

URL GET HTTP/1.1
nguonphimc.com/themes/np/fonts/fontawesome-webfont.woff2?v=4.7.0
IP
94.242.50.163:80
ASN
#43317 SIA VEESP

Requested by
http://nguonphimc.com/xem-phim/vuong-quoc-cua-gio-f43859-15c-e533613.html

File type
Web Open Font Format (Version 2), TrueType, length 77160, version 4.459
Size
77 kB (77160 bytes)
Hash
af7ae505a9eed503f8b8e6982036873e
d6f48cba7d076fb6f2fd6ba993a75b9dc1ecbf0c
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

HTTP Headers

GET /themes/np/fonts/fontawesome-webfont.woff2?v=4.7.0 HTTP/1.1
Host: nguonphimc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: http://nguonphimc.com/themes/np/css/color.css?v=np2.4.8.2
Cookie: PHPSESSID=tfm9q3gva53gm9vg6jg8f5vff5; us_session_id=P26301; _ga_DDD7EKFG6W=GS1.1.1713497823.1.0.1713497824.0.0.0; _ga=GA1.1.1452574386.1713497824
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 19 Apr 2024 03:37:04 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.0.33
Last-Modified: Fri, 19 Jan 2018 09:14:59 GMT
Accept-Ranges: bytes
Content-Length: 77160
Cache-Control: max-age=2592000
Expires: Sun, 19 May 2024 03:37:04 GMT
X-UA-Compatible: IE=edge,chrome=1
Connection: close

cdn.barscreative1.com/sb/au/0c/c8/e1/0cc8e13ba9d5dbc867b982993e805a9d/1632728593.html

45.133.44.3

200 OK

1.3 kB

URL GET HTTP/2
cdn.barscreative1.com/sb/au/0c/c8/e1/0cc8e13ba9d5dbc867b982993e805a9d/1632728593.html
IP
45.133.44.3:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
http://nguonphimc.com/xem-phim/vuong-quoc-cua-gio-f43859-15c-e533613.html
Certificate
IssuerLet's Encrypt
Subjectcdn.barscreative1.com
FingerprintF6:54:F4:B9:EB:AD:1E:FA:8F:76:B9:75:20:9B:41:57:32:37:94:E3
ValiditySun, 10 Mar 2024 03:01:32 GMT - Sat, 08 Jun 2024 03:01:31 GMT

File type
HTML document, ASCII text, with very long lines (1405), with no line terminators
Size
1.3 kB (1325 bytes)
Hash
5373f3c4843345dde67db670323b2d54
666b2db9872196e52a2bc902111de5e37aa1ae28
e398fbdac28494dec6505fb0143d4cd41cee83989517e12c13ea113fef006fda

HTTP Headers

GET /sb/au/0c/c8/e1/0cc8e13ba9d5dbc867b982993e805a9d/1632728593.html HTTP/1.1
Host: cdn.barscreative1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://nguonphimc.com
DNT: 1
Connection: keep-alive
Referer: http://nguonphimc.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 19 Apr 2024 03:37:05 GMT
content-type: text/html; charset=utf-8
server: nginx/1.21.6
last-modified: Mon, 27 Sep 2021 07:43:24 GMT
etag: W/"6151761c-52d"
cache-control: max-age=3600
access-control-allow-origin: *
access-control-expose-headers: Date
content-encoding: gzip
expires: Fri, 19 Apr 2024 04:37:05 GMT
x-proxy-cache: HIT
X-Firefox-Spdy: h2

cdn.creative-bars1.com/sb/ssp/vpn/classic-push/small/css/style.css

188.114.96.1

200 OK

3.4 kB

URL GET HTTP/2
cdn.creative-bars1.com/sb/ssp/vpn/classic-push/small/css/style.css
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
http://nguonphimc.com/xem-phim/vuong-quoc-cua-gio-f43859-15c-e533613.html
Certificate
IssuerGoogle Trust Services LLC
Subjectcreative-bars1.com
Fingerprint3D:29:39:2C:F1:E5:C6:EF:54:F5:70:B5:CF:A8:C2:75:4D:89:72:13
ValidityMon, 15 Apr 2024 15:02:18 GMT - Sun, 14 Jul 2024 15:02:17 GMT

File type
ASCII text, with very long lines (3537), with no line terminators
Size
3.4 kB (3355 bytes)
Hash
b8a277e051f047a41d3229377460f0c9
596b934114e1b6e3cee15ef19925c7f2ff5607e7
9cf981fe6d59b72cb9d12e4bc958983bac07f16b8f1b40bb1c6ced0bf2d6b2d0

HTTP Headers

GET /sb/ssp/vpn/classic-push/small/css/style.css HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://nguonphimc.com
DNT: 1
Connection: keep-alive
Referer: http://nguonphimc.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 19 Apr 2024 03:37:06 GMT
content-type: text/css
last-modified: Fri, 19 Jan 2024 14:19:42 GMT
etag: W/"65aa84fe-d1b"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2Bz6OrlwK03%2BIkk4rA6byb4JKS85r8FMEruol%2Bjk9VgqjJarZDLesJjXQLly36E36RCeNOsxoX9mij548T1DcJSdg2n6oQL7vFSmlg6XYuLkdgZULHMv1Zji8KyyOIp%2BkvjDbIupPEUph"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8769daa4788c5691-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

fonts.googleapis.com/css?family=Roboto+Condensed:300,300i,400,400i,700,700i&subset=latin-ext,vietnamese

142.250.74.74

200 OK

14 kB

URL GET HTTP/3
fonts.googleapis.com/css?family=Roboto+Condensed:300,300i,400,400i,700,700i&subset=latin-ext,vietnamese
IP
142.250.74.74:443
ASN
#15169 GOOGLE

Requested by
http://grab.nguonphimc.com/embed/vuong-quoc-cua-gio-f43859.html?api=nguonphimc.com&esp=533613&aesp=15c&user=P26301&tim=1713497824&key=rlennKOWVW9kamdkZ25qa2hlX1eoppujkp6XVXBhsA
Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint47:5A:64:7D:9F:47:34:07:31:91:97:F7:04:42:7A:D5:EA:AD:07:4E
ValidityMon, 04 Mar 2024 07:16:44 GMT - Mon, 27 May 2024 07:16:43 GMT

File type
ASCII text
Size
14 kB (14382 bytes)
Hash
fc75373f300a1c1fbca638e636b5f68b
4bc81b7661df93d2b448862e227c13e42f23222e
f105df3b32f71722ebee1ee36d7ff3a57f637e97400d9a691b878f1575d1984f

HTTP Headers

GET /css?family=Roboto+Condensed:300,300i,400,400i,700,700i&subset=latin-ext,vietnamese HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://grab.nguonphimc.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Fri, 19 Apr 2024 03:37:05 GMT
date: Fri, 19 Apr 2024 03:37:05 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

bestowgradepunch.com/impr.gif?sid=H4sIAAAAAAAC%2F1RSz2skRRSujgMeRETZmwijeFhhM%2Bmenz3uIRjXSDC7WXYVvYjUr56Uqe5qqrqnJzkFF2SPg3eh802yYd1F1j%2FAVScLHiLCjqccDIggHjwowoIgIjM7GHxQvPfqewXf%2B776eC8%2FJXXk9OTSZbOjtKZLrZpfPf9eEFysrqskH1QHYfuDdvNi1fZf7bZr%2FivVNyXfMkt1P%2FD9wA%2Bqq8rKyAyWpiBUercb1Lp%2BrVmvBa0mBvb%2Fvcs9OOpB9E%2FJc1BiUnngnYPiYyTxvUvSbWUmvfBGnGuaGYu%2BOHwn2UpMkSA%2BKyPrIUoO59Mw7uHqfZjkYEYXpv%2FfIFMT4n17Hyw5nJME6%2B%2FPeDINmYCJp1D0x5B6DEXH4OYGlHhIAC5wZQNJfOuKsQXdfozSKTohlUd%2FQhUTUvnxHJL48xWtBtXrRueZMonDICqhBmOo3hhpfoRsZwGqOALPPoIS35OlR%2BtI4v0Npw2UOHk56gadbkM0F2nQoovNjmgtdnmzuyi7DT9shpIxKmYCKTWGisbQcgjqPOTTozzkkYc89RCLkyoPgqDjC079sMt5Q3Qkaws%2FoJ0ooIHfDpHz6Q5DZOkQXA%2FB7S5Su4stNYTNv4bbLOGEB5cR9EWJQhIUjqCgBIUiKDKCol8eCO3qrrwltMtZMM%2F1eW6UI5P19uiByXoyIaB2CCvKvfSUPDsV0KtM%2FsGWPKm2WD1krNFohJ1mGIQdVg%2Fa7ZYfClkX3TZrwKkSyi3M1t2ZmvnNCtJpfmkZjB7B6SNw5YHmL4AWJehmiZ3kTtLLTZL1a9zEEKZEmlWQbXt7%2BpQ8P3Pwyl%2FnIfnx8q%2Fs8uSP23%2BD2xKpLfGhekDQ0zdH10xB9q%2BZwpEvNtJMxWqHTt29ntFMVj57S24Xxoq1S254%2BzU%2BBabl3bely9ZpIlTSc%2BTOihJC2lVjuSRfrrl3Jbuau82V3CZ5un719dW1OLXSOWWSMaiakCff%2Fw1cTcgzn343%2B7gXnm5C2TFsXiLOj8k8oMwYPN2FS4%2BXf27MAs4QWH02w1IPRV6ObJ2dXWpFoOVZT1kJJ89EYPL4q98fYyNLp6%2BpKvfcTfTsAmh2A0lcom9L9HUJqodw%2BROjLLXHyz%2FMaTC9MGLaLuwzbfUnM5knZG3jHpw6qTZ80WEykh0mm61mJLlgrRbzecRZQ4QhR%2BYm0Yu%2F%2FPQvAAAA%2F%2F8BAAD%2F%2F3UYbN%2BSBAAA

192.243.61.225

200 OK

0 B

URL GET HTTP/1.1
bestowgradepunch.com/impr.gif?sid=H4sIAAAAAAAC%2F1RSz2skRRSujgMeRETZmwijeFhhM%2Bmenz3uIRjXSDC7WXYVvYjUr56Uqe5qqrqnJzkFF2SPg3eh802yYd1F1j%2FAVScLHiLCjqccDIggHjwowoIgIjM7GHxQvPfqewXf%2B776eC8%2FJXXk9OTSZbOjtKZLrZpfPf9eEFysrqskH1QHYfuDdvNi1fZf7bZr%2FivVNyXfMkt1P%2FD9wA%2Bqq8rKyAyWpiBUercb1Lp%2BrVmvBa0mBvb%2Fvcs9OOpB9E%2FJc1BiUnngnYPiYyTxvUvSbWUmvfBGnGuaGYu%2BOHwn2UpMkSA%2BKyPrIUoO59Mw7uHqfZjkYEYXpv%2FfIFMT4n17Hyw5nJME6%2B%2FPeDINmYCJp1D0x5B6DEXH4OYGlHhIAC5wZQNJfOuKsQXdfozSKTohlUd%2FQhUTUvnxHJL48xWtBtXrRueZMonDICqhBmOo3hhpfoRsZwGqOALPPoIS35OlR%2BtI4v0Npw2UOHk56gadbkM0F2nQoovNjmgtdnmzuyi7DT9shpIxKmYCKTWGisbQcgjqPOTTozzkkYc89RCLkyoPgqDjC079sMt5Q3Qkaws%2FoJ0ooIHfDpHz6Q5DZOkQXA%2FB7S5Su4stNYTNv4bbLOGEB5cR9EWJQhIUjqCgBIUiKDKCol8eCO3qrrwltMtZMM%2F1eW6UI5P19uiByXoyIaB2CCvKvfSUPDsV0KtM%2FsGWPKm2WD1krNFohJ1mGIQdVg%2Fa7ZYfClkX3TZrwKkSyi3M1t2ZmvnNCtJpfmkZjB7B6SNw5YHmL4AWJehmiZ3kTtLLTZL1a9zEEKZEmlWQbXt7%2BpQ8P3Pwyl%2FnIfnx8q%2Fs8uSP23%2BD2xKpLfGhekDQ0zdH10xB9q%2BZwpEvNtJMxWqHTt29ntFMVj57S24Xxoq1S254%2BzU%2BBabl3bely9ZpIlTSc%2BTOihJC2lVjuSRfrrl3Jbuau82V3CZ5un719dW1OLXSOWWSMaiakCff%2Fw1cTcgzn343%2B7gXnm5C2TFsXiLOj8k8oMwYPN2FS4%2BXf27MAs4QWH02w1IPRV6ObJ2dXWpFoOVZT1kJJ89EYPL4q98fYyNLp6%2BpKvfcTfTsAmh2A0lcom9L9HUJqodw%2BROjLLXHyz%2FMaTC9MGLaLuwzbfUnM5knZG3jHpw6qTZ80WEykh0mm61mJLlgrRbzecRZQ4QhR%2BYm0Yu%2F%2FPQvAAAA%2F%2F8BAAD%2F%2F3UYbN%2BSBAAA
IP
192.243.61.225:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
http://nguonphimc.com/xem-phim/vuong-quoc-cua-gio-f43859-15c-e533613.html
Certificate
IssuerLet's Encrypt
Subjectbestowgradepunch.com
Fingerprint87:77:41:5E:A2:D4:BA:15:DB:55:61:B9:8E:D5:37:83:16:3B:8F:D3
ValidityTue, 16 Apr 2024 13:41:38 GMT - Mon, 15 Jul 2024 13:41:37 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /impr.gif?sid=H4sIAAAAAAAC%2F1RSz2skRRSujgMeRETZmwijeFhhM%2Bmenz3uIRjXSDC7WXYVvYjUr56Uqe5qqrqnJzkFF2SPg3eh802yYd1F1j%2FAVScLHiLCjqccDIggHjwowoIgIjM7GHxQvPfqewXf%2B776eC8%2FJXXk9OTSZbOjtKZLrZpfPf9eEFysrqskH1QHYfuDdvNi1fZf7bZr%2FivVNyXfMkt1P%2FD9wA%2Bqq8rKyAyWpiBUercb1Lp%2BrVmvBa0mBvb%2Fvcs9OOpB9E%2FJc1BiUnngnYPiYyTxvUvSbWUmvfBGnGuaGYu%2BOHwn2UpMkSA%2BKyPrIUoO59Mw7uHqfZjkYEYXpv%2FfIFMT4n17Hyw5nJME6%2B%2FPeDINmYCJp1D0x5B6DEXH4OYGlHhIAC5wZQNJfOuKsQXdfozSKTohlUd%2FQhUTUvnxHJL48xWtBtXrRueZMonDICqhBmOo3hhpfoRsZwGqOALPPoIS35OlR%2BtI4v0Npw2UOHk56gadbkM0F2nQoovNjmgtdnmzuyi7DT9shpIxKmYCKTWGisbQcgjqPOTTozzkkYc89RCLkyoPgqDjC079sMt5Q3Qkaws%2FoJ0ooIHfDpHz6Q5DZOkQXA%2FB7S5Su4stNYTNv4bbLOGEB5cR9EWJQhIUjqCgBIUiKDKCol8eCO3qrrwltMtZMM%2F1eW6UI5P19uiByXoyIaB2CCvKvfSUPDsV0KtM%2FsGWPKm2WD1krNFohJ1mGIQdVg%2Fa7ZYfClkX3TZrwKkSyi3M1t2ZmvnNCtJpfmkZjB7B6SNw5YHmL4AWJehmiZ3kTtLLTZL1a9zEEKZEmlWQbXt7%2BpQ8P3Pwyl%2FnIfnx8q%2Fs8uSP23%2BD2xKpLfGhekDQ0zdH10xB9q%2BZwpEvNtJMxWqHTt29ntFMVj57S24Xxoq1S254%2BzU%2BBabl3bely9ZpIlTSc%2BTOihJC2lVjuSRfrrl3Jbuau82V3CZ5un719dW1OLXSOWWSMaiakCff%2Fw1cTcgzn343%2B7gXnm5C2TFsXiLOj8k8oMwYPN2FS4%2BXf27MAs4QWH02w1IPRV6ObJ2dXWpFoOVZT1kJJ89EYPL4q98fYyNLp6%2BpKvfcTfTsAmh2A0lcom9L9HUJqodw%2BROjLLXHyz%2FMaTC9MGLaLuwzbfUnM5knZG3jHpw6qTZ80WEykh0mm61mJLlgrRbzecRZQ4QhR%2BYm0Yu%2F%2FPQvAAAA%2F%2F8BAAD%2F%2F3UYbN%2BSBAAA HTTP/1.1
Host: bestowgradepunch.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://nguonphimc.com/
Cookie: u_pl=17093374; uid_id2=f91793d4-a15a-47d5-9c49-e930848ebbad:1:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Fri, 19 Apr 2024 03:37:06 GMT
Content-Type: image/gif
Content-Length: 7
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 6513b8c4f04f20b70401df59375a15d7
Strict-Transport-Security: max-age=0; includeSubdomains

fonts.gstatic.com/s/materialicons/v142/flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2

142.250.74.131

200 OK

128 kB

URL GET HTTP/2
fonts.gstatic.com/s/materialicons/v142/flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2
IP
142.250.74.131:443
ASN
#15169 GOOGLE

Requested by
http://nguonphimc.com/xem-phim/vuong-quoc-cua-gio-f43859-15c-e533613.html
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint8F:81:43:71:C4:F3:8C:FA:6D:EC:B4:5E:1F:58:71:AA:48:42:0E:E9
ValidityMon, 04 Mar 2024 07:16:39 GMT - Mon, 27 May 2024 07:16:38 GMT

File type
Web Open Font Format (Version 2), TrueType, length 128352, version 1.0
Size
128 kB (128352 bytes)
Hash
53436aca8627a49f4deaaa44dc9e3c05
0bc0c675480d94ec7e8609dda6227f88c5d08d2c
8265f64786397d6b832d1ca0aafdf149ad84e72759fffa9f7272e91a0fb015d1

HTTP Headers

GET /s/materialicons/v142/flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://nguonphimc.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 128352
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 15 Apr 2024 21:27:45 GMT
expires: Tue, 15 Apr 2025 21:27:45 GMT
cache-control: public, max-age=31536000
age: 281359
last-modified: Mon, 08 Apr 2024 19:04:47 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

cdn.creative-bars1.com/sb/ssp/vpn/classic-push/small/js/jquery.min.js

188.114.96.1

200 OK

84 kB

URL GET HTTP/2
cdn.creative-bars1.com/sb/ssp/vpn/classic-push/small/js/jquery.min.js
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
http://nguonphimc.com/xem-phim/vuong-quoc-cua-gio-f43859-15c-e533613.html
Certificate
IssuerGoogle Trust Services LLC
Subjectcreative-bars1.com
Fingerprint3D:29:39:2C:F1:E5:C6:EF:54:F5:70:B5:CF:A8:C2:75:4D:89:72:13
ValidityMon, 15 Apr 2024 15:02:18 GMT - Sun, 14 Jul 2024 15:02:17 GMT

File type
JavaScript source, ASCII text, with very long lines (32025)
Size
84 kB (84380 bytes)
Hash
4a356126b9573eb7bd1e9a7494737410
8258d046f17dd3c15a5d3984e1868b7b5d1db329
22642f202577f0ba2f22cbe56b6cf291a09374487567cd3563e0d2a29f75c0c5

HTTP Headers

GET /sb/ssp/vpn/classic-push/small/js/jquery.min.js HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 19 Apr 2024 03:37:06 GMT
content-type: application/javascript
last-modified: Fri, 19 Jan 2024 14:19:42 GMT
etag: W/"65aa84fe-1499c"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 5581920
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=nTtcWeU6rvz1Ecfvu9eyfdGFczZuOYglI%2BOrVxNJqzTauDbtKR%2FHHCkg9JSOuRrFCj5d4vAapA%2B%2F%2F%2F4xRtgsJSCXC7V9%2BOvtLUnwFbcdSiAAsmahFbPmp%2BKDPa63dmSP3vPWdDd%2BDjyd"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8769daa4d8ae5691-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu7WxKOzY.woff2

142.250.74.131

200 OK

5.6 kB

URL GET HTTP/2
fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu7WxKOzY.woff2
IP
142.250.74.131:443
ASN
#15169 GOOGLE

Requested by
http://nguonphimc.com/xem-phim/vuong-quoc-cua-gio-f43859-15c-e533613.html
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint8F:81:43:71:C4:F3:8C:FA:6D:EC:B4:5E:1F:58:71:AA:48:42:0E:E9
ValidityMon, 04 Mar 2024 07:16:39 GMT - Mon, 27 May 2024 07:16:38 GMT

File type
Web Open Font Format (Version 2), TrueType, length 5560, version 1.0
Size
5.6 kB (5560 bytes)
Hash
ca3b09b62fda648a4511700413313fd0
109cd4c5435bd6614391bb8722c47c287c96b2ec
77b24796a3d4ab521f66765651875338ed50cb9306cfe4603a3e79618e429cec

HTTP Headers

GET /s/roboto/v30/KFOmCnqEu92Fr1Mu7WxKOzY.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://nguonphimc.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 5560
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 18 Apr 2024 02:39:02 GMT
expires: Fri, 18 Apr 2025 02:39:02 GMT
cache-control: public, max-age=31536000
age: 89882
last-modified: Wed, 11 May 2022 19:24:41 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

cdn.creative-bars1.com/sb/ssp/vpn/classic-push/small/js/script.js

188.114.96.1

200 OK

962 B

URL GET HTTP/2
cdn.creative-bars1.com/sb/ssp/vpn/classic-push/small/js/script.js
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
http://nguonphimc.com/xem-phim/vuong-quoc-cua-gio-f43859-15c-e533613.html
Certificate
IssuerGoogle Trust Services LLC
Subjectcreative-bars1.com
Fingerprint3D:29:39:2C:F1:E5:C6:EF:54:F5:70:B5:CF:A8:C2:75:4D:89:72:13
ValidityMon, 15 Apr 2024 15:02:18 GMT - Sun, 14 Jul 2024 15:02:17 GMT

File type
ASCII text, with very long lines (1015), with no line terminators
Size
962 B (962 bytes)
Hash
88523e22d10f0cbad31aa1d8276764fa
9238cd9499e01abdbeb33e68c550d26cfb6eaba5
d553390acb639c765cb6aaa4fbb72529e4005227d190f53108aec87ccec411c2

HTTP Headers

GET /sb/ssp/vpn/classic-push/small/js/script.js HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://nguonphimc.com
DNT: 1
Connection: keep-alive
Referer: http://nguonphimc.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 19 Apr 2024 03:37:06 GMT
content-type: application/javascript
last-modified: Fri, 19 Jan 2024 14:19:42 GMT
etag: W/"65aa84fe-3c2"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 206079
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2FPQhoSpEjXGPoT%2B55aVFUl2RfS%2FhUE4d7HLEO1o7hrTY6WinRPxgft7jXEXCqEi4TgUgBc6DpziVAu8%2BXjlYrJ1inzoFAT7uDRmDGRe0rdVC1jGfQHjtlUaFub8GE2okbtQvPayLV4tD"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8769daa548e75691-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (56)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML