| nguonphimb.com/site/site/embed/?url=http://nguonphimb.com/xem-phim/vuong-quoc-cua-gio-f43859-15c-e533613.html | 94.242.50.163 | | 0 B |
URL nguonphimb.com/site/site/embed/?url=http://nguonphimb.com/xem-phim/vuong-quoc-cua-gio-f43859-15c-e533613.html IP94.242.50.163:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /site/site/embed/?url=http://nguonphimb.com/xem-phim/vuong-quoc-cua-gio-f43859-15c-e533613.html HTTP/1.1
Host: nguonphimb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 301 Moved Permanently
Date: Fri, 19 Apr 2024 03:37:01 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.0.33
X-Powered-By: PHP/7.0.33
Set-Cookie: PHPSESSID=kjska0q17fqactnmh03nr68704; path=/
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Location: http://nguonphimb.com/site/site/embed/?url=http://nguonphimb.com/xem-phim/vuong-quoc-cua-gio-f43859-15c-e533613.html
X-UA-Compatible: IE=edge,chrome=1
Content-Length: 0
Connection: close
Content-Type: text/html; charset=UTF-8
|
|
| nguonphimb.com/site/site/embed/?url=http://nguonphimb.com/xem-phim/vuong-quoc-cua-gio-f43859-15c-e533613.html | 94.242.50.163 | | 0 B |
URL nguonphimb.com/site/site/embed/?url=http://nguonphimb.com/xem-phim/vuong-quoc-cua-gio-f43859-15c-e533613.html IP94.242.50.163:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /site/site/embed/?url=http://nguonphimb.com/xem-phim/vuong-quoc-cua-gio-f43859-15c-e533613.html HTTP/1.1
Host: nguonphimb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Cookie: PHPSESSID=kjska0q17fqactnmh03nr68704
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 301 Moved Permanently
Date: Fri, 19 Apr 2024 03:37:02 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.0.33
X-Powered-By: PHP/7.0.33
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Location: http://nguonphimc.com/site/site/embed/?url=http://nguonphimb.com/xem-phim/vuong-quoc-cua-gio-f43859-15c-e533613.html
X-UA-Compatible: IE=edge,chrome=1
Content-Length: 0
Connection: close
Content-Type: text/html; charset=UTF-8
|
|
| nguonphimc.com/site/site/embed/?url=http://nguonphimb.com/xem-phim/vuong-quoc-cua-gio-f43859-15c-e533613.html | 94.242.50.163 | | 732 B |
URL nguonphimc.com/site/site/embed/?url=http://nguonphimb.com/xem-phim/vuong-quoc-cua-gio-f43859-15c-e533613.html IP94.242.50.163:0
File typeHTML document, Unicode text, UTF-8 text, with CRLF, LF line terminators Hash275bb0c447eefe25e5b8309201df47a2 59c3bbe244d40eed0b315b0a0c6547039635deeb ae07b8a1d3ab3b03b83fe2af8271fdbb6a0f437fea0503c52eb554280cb16f42
GET /site/site/embed/?url=http://nguonphimb.com/xem-phim/vuong-quoc-cua-gio-f43859-15c-e533613.html HTTP/1.1
Host: nguonphimc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 19 Apr 2024 03:37:02 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.0.33
X-Powered-By: PHP/7.0.33
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Set-Cookie: PHPSESSID=tfm9q3gva53gm9vg6jg8f5vff5; path=/
us_session_id=P26301; expires=Sat, 20-Apr-2024 03:37:02 GMT; Max-Age=86400; path=/
Vary: Accept-Encoding
Content-Encoding: gzip
X-UA-Compatible: IE=edge,chrome=1
Content-Length: 732
Connection: close
Content-Type: text/html; charset=UTF-8
|
|
| nguonphimc.com/assets/3bd14e95/jquery.min.js | 94.242.50.163 | 200 OK | 34 kB |
URL GET HTTP/1.1nguonphimc.com/assets/3bd14e95/jquery.min.js IP94.242.50.163:80
Requested byhttp://nguonphimc.com/xem-phim/vuong-quoc-cua-gio-f43859-15c-e533613.html
File typeJavaScript source, ASCII text, with very long lines (32077) Hash0fca26b5a37a66d68d0f4406976be4b5 ee000eb654b3bd37185665d3901e93b34ce1aa52 8c2812ded6436715279f8fd8db58de307aa39ab0296fe3cf0e879067c51e9b18
GET /assets/3bd14e95/jquery.min.js HTTP/1.1
Host: nguonphimc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://nguonphimc.com/site/site/embed/?url=http://nguonphimb.com/xem-phim/vuong-quoc-cua-gio-f43859-15c-e533613.html
Cookie: PHPSESSID=tfm9q3gva53gm9vg6jg8f5vff5; us_session_id=P26301
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 19 Apr 2024 03:37:02 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.0.33
Last-Modified: Wed, 30 Nov 2022 09:07:34 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: max-age=31536000, proxy-revalidate
Expires: Sat, 19 Apr 2025 03:37:02 GMT
Content-Length: 33693
Connection: close
Content-Type: application/javascript; charset=utf-8
|
|
| m3.nguonphim.net/media/images/1/favi/favicon-1498701606.png | 94.242.50.163 | 200 OK | 18 kB |
URL GET HTTP/1.1m3.nguonphim.net/media/images/1/favi/favicon-1498701606.png IP94.242.50.163:80
Requested byhttp://nguonphimc.com/xem-phim/vuong-quoc-cua-gio-f43859-15c-e533613.html
File typePNG image data, 46 x 48, 8-bit/color RGBA, non-interlaced Hashe6f4a93efe2d93e885abcbb4cc09cd4a e4f94b9e95b40e30b215228316bb7f8c48d08ed2 93b7bbea433aa41f6efb860d3d9777d363f9e64fc1ad4186cd9ef525bbee9c94
GET /media/images/1/favi/favicon-1498701606.png HTTP/1.1
Host: m3.nguonphim.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://nguonphimc.com/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 19 Apr 2024 03:37:02 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.0.33
Last-Modified: Wed, 05 Jul 2017 04:14:59 GMT
ETag: "45d1-5538a3e52eb40"
Accept-Ranges: bytes
Content-Length: 17873
Cache-Control: max-age=5184000, public
Expires: Tue, 18 Jun 2024 03:37:02 GMT
Access-Control-Allow-Origin: *
Connection: close
Content-Type: image/png
|
|
| nguonphimb.com/xem-phim/vuong-quoc-cua-gio-f43859-15c-e533613.html | 94.242.50.163 | 301 Moved Permanently | 0 B |
URL User Request GET HTTP/1.1nguonphimb.com/xem-phim/vuong-quoc-cua-gio-f43859-15c-e533613.html IP94.242.50.163:443
CertificateIssuerLet's Encrypt Subjectnguonphimb.com FingerprintD9:F9:6D:82:7E:A7:A1:8A:D2:1B:76:5D:02:EA:BC:09:D5:71:F2:51 ValidityFri, 29 Mar 2024 10:13:08 GMT - Thu, 27 Jun 2024 10:13:07 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /xem-phim/vuong-quoc-cua-gio-f43859-15c-e533613.html HTTP/1.1
Host: nguonphimb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://nguonphimc.com/
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Cookie: PHPSESSID=kjska0q17fqactnmh03nr68704
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 301 Moved Permanently
Date: Fri, 19 Apr 2024 03:37:03 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.0.33
X-Powered-By: PHP/7.0.33
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Location: http://nguonphimb.com/xem-phim/vuong-quoc-cua-gio-f43859-15c-e533613.html
X-UA-Compatible: IE=edge,chrome=1
Content-Length: 0
Connection: close
Content-Type: text/html; charset=UTF-8
|
|
| nguonphimb.com/xem-phim/vuong-quoc-cua-gio-f43859-15c-e533613.html | 94.242.50.163 | 301 Moved Permanently | 0 B |
URL User Request GET HTTP/1.1nguonphimb.com/xem-phim/vuong-quoc-cua-gio-f43859-15c-e533613.html IP94.242.50.163:443
CertificateIssuerLet's Encrypt Subjectnguonphimb.com FingerprintD9:F9:6D:82:7E:A7:A1:8A:D2:1B:76:5D:02:EA:BC:09:D5:71:F2:51 ValidityFri, 29 Mar 2024 10:13:08 GMT - Thu, 27 Jun 2024 10:13:07 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /xem-phim/vuong-quoc-cua-gio-f43859-15c-e533613.html HTTP/1.1
Host: nguonphimb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://nguonphimc.com/
DNT: 1
Connection: keep-alive
Cookie: PHPSESSID=kjska0q17fqactnmh03nr68704
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 301 Moved Permanently
Date: Fri, 19 Apr 2024 03:37:03 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.0.33
X-Powered-By: PHP/7.0.33
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Location: http://nguonphimc.com/xem-phim/vuong-quoc-cua-gio-f43859-15c-e533613.html
X-UA-Compatible: IE=edge,chrome=1
Content-Length: 0
Connection: close
Content-Type: text/html; charset=UTF-8
|
|
| nguonphimc.com/xem-phim/vuong-quoc-cua-gio-f43859-15c-e533613.html | 94.242.50.163 | 200 OK | 20 kB |
URL User Request GET HTTP/1.1nguonphimc.com/xem-phim/vuong-quoc-cua-gio-f43859-15c-e533613.html IP94.242.50.163:80
File typeHTML document, Unicode text, UTF-8 text, with very long lines (602), with CRLF, LF line terminators Hashac7df7ff537ae6785a8bac57ff5e6c53 c97793124e750afe16a23751af4f89ed6179df64 bcbf204bf6c9010c812b2e6d4beb11159315422b3fdba949ca2ff72d1365601e
GET /xem-phim/vuong-quoc-cua-gio-f43859-15c-e533613.html HTTP/1.1
Host: nguonphimc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://nguonphimc.com/
DNT: 1
Connection: keep-alive
Cookie: PHPSESSID=tfm9q3gva53gm9vg6jg8f5vff5; us_session_id=P26301
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 19 Apr 2024 03:37:03 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.0.33
X-Powered-By: PHP/7.0.33
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: Accept-Encoding
Content-Encoding: gzip
X-UA-Compatible: IE=edge,chrome=1
Content-Length: 19535
Connection: close
Content-Type: text/html; charset=UTF-8
|
|
| nguonphimc.com/themes/np/js/bootstrap.min.js | 94.242.50.163 | 200 OK | 9.7 kB |
URL GET HTTP/1.1nguonphimc.com/themes/np/js/bootstrap.min.js IP94.242.50.163:80
Requested byhttp://nguonphimc.com/xem-phim/vuong-quoc-cua-gio-f43859-15c-e533613.html
File typeJavaScript source, ASCII text, with very long lines (32034), with CRLF line terminators Hashe7d9a06cf9053c51cd4ad3386da0659a e45bf1054704a1fdfc4ee2713a16bf9283dea995 9a3724b2051a82064c923cbd68343dcb04014adac3ccb8c4d8ac6a31ba2e12cd
GET /themes/np/js/bootstrap.min.js HTTP/1.1
Host: nguonphimc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://nguonphimc.com/xem-phim/vuong-quoc-cua-gio-f43859-15c-e533613.html
Cookie: PHPSESSID=tfm9q3gva53gm9vg6jg8f5vff5; us_session_id=P26301
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 19 Apr 2024 03:37:03 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.0.33
Last-Modified: Fri, 19 Jan 2018 09:15:02 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: max-age=31536000, proxy-revalidate
Expires: Sat, 19 Apr 2025 03:37:03 GMT
Content-Length: 9726
Connection: close
Content-Type: application/javascript; charset=utf-8
|
|
| nguonphimc.com/themes/np/js/owl.carousel.min.js | 94.242.50.163 | 200 OK | 6.5 kB |
URL GET HTTP/1.1nguonphimc.com/themes/np/js/owl.carousel.min.js IP94.242.50.163:80
Requested byhttp://nguonphimc.com/xem-phim/vuong-quoc-cua-gio-f43859-15c-e533613.html
File typeJavaScript source, ASCII text, with very long lines (635), with CRLF line terminators Hash8c52f27fcac36c7667f8fb846e1e94d5 e5862559db659ffd530c91452d668c5e7b3f0f2d 6c1e31700f68d1666de6b0992e89d413434707718bf729a472404029845bdbad
GET /themes/np/js/owl.carousel.min.js HTTP/1.1
Host: nguonphimc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://nguonphimc.com/xem-phim/vuong-quoc-cua-gio-f43859-15c-e533613.html
Cookie: PHPSESSID=tfm9q3gva53gm9vg6jg8f5vff5; us_session_id=P26301
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 19 Apr 2024 03:37:03 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.0.33
Last-Modified: Fri, 19 Jan 2018 09:15:03 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: max-age=31536000, proxy-revalidate
Expires: Sat, 19 Apr 2025 03:37:03 GMT
Content-Length: 6464
Connection: close
Content-Type: application/javascript; charset=utf-8
|
|
| nguonphimc.com/themes/np/js/wow.min.js | 94.242.50.163 | 200 OK | 2.7 kB |
URL GET HTTP/1.1nguonphimc.com/themes/np/js/wow.min.js IP94.242.50.163:80
Requested byhttp://nguonphimc.com/xem-phim/vuong-quoc-cua-gio-f43859-15c-e533613.html
File typeJavaScript source, ASCII text, with very long lines (8385), with CRLF line terminators Hashe1f1ff6897992a9165e8ce009b4039e3 e297207404fea99863aea60a1dcd3770f8ecddee 37461d9b50fd93b2e6d064c4aa48cbc16d5b1e82c27f47270b87a39225cc00ac
GET /themes/np/js/wow.min.js HTTP/1.1
Host: nguonphimc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://nguonphimc.com/xem-phim/vuong-quoc-cua-gio-f43859-15c-e533613.html
Cookie: PHPSESSID=tfm9q3gva53gm9vg6jg8f5vff5; us_session_id=P26301
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 19 Apr 2024 03:37:03 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.0.33
Last-Modified: Fri, 19 Jan 2018 09:15:03 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: max-age=31536000, proxy-revalidate
Expires: Sat, 19 Apr 2025 03:37:03 GMT
Content-Length: 2742
Connection: close
Content-Type: application/javascript; charset=utf-8
|
|
| nguonphimc.com/assets/3bd14e95/jquery.min.js | 94.242.50.163 | 200 OK | 34 kB |
URL GET HTTP/1.1nguonphimc.com/assets/3bd14e95/jquery.min.js IP94.242.50.163:80
Requested byhttp://nguonphimc.com/xem-phim/vuong-quoc-cua-gio-f43859-15c-e533613.html
File typeJavaScript source, ASCII text, with very long lines (32077) Hash0fca26b5a37a66d68d0f4406976be4b5 ee000eb654b3bd37185665d3901e93b34ce1aa52 8c2812ded6436715279f8fd8db58de307aa39ab0296fe3cf0e879067c51e9b18
GET /assets/3bd14e95/jquery.min.js HTTP/1.1
Host: nguonphimc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://nguonphimc.com/xem-phim/vuong-quoc-cua-gio-f43859-15c-e533613.html
Cookie: PHPSESSID=tfm9q3gva53gm9vg6jg8f5vff5; us_session_id=P26301
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 19 Apr 2024 03:37:03 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.0.33
Last-Modified: Wed, 30 Nov 2022 09:07:34 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: max-age=31536000, proxy-revalidate
Expires: Sat, 19 Apr 2025 03:37:03 GMT
Content-Length: 33693
Connection: close
Content-Type: application/javascript; charset=utf-8
|
|
| nguonphimc.com/assets/b2993a05/jwplayer.js?ver=2.4.8.2 | 94.242.50.163 | 200 OK | 39 kB |
URL GET HTTP/1.1nguonphimc.com/assets/b2993a05/jwplayer.js?ver=2.4.8.2 IP94.242.50.163:80
Requested byhttp://nguonphimc.com/xem-phim/vuong-quoc-cua-gio-f43859-15c-e533613.html
File typeJavaScript source, Unicode text, UTF-8 text, with very long lines (65140) Hash637800d55d2ac43cd3c4a864fac04661 bfb57b2bbe30a271e945e5d36027d69fb01b24cf 2aac7ee38577a71b8f0ec381c7836fc29274407517b9038e879fa762651dc5fc
GET /assets/b2993a05/jwplayer.js?ver=2.4.8.2 HTTP/1.1
Host: nguonphimc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://nguonphimc.com/xem-phim/vuong-quoc-cua-gio-f43859-15c-e533613.html
Cookie: PHPSESSID=tfm9q3gva53gm9vg6jg8f5vff5; us_session_id=P26301
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 19 Apr 2024 03:37:03 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.0.33
Last-Modified: Wed, 30 Nov 2022 09:07:45 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: max-age=31536000, proxy-revalidate
Expires: Sat, 19 Apr 2025 03:37:03 GMT
Content-Length: 39208
Connection: close
Content-Type: application/javascript; charset=utf-8
|
|
| www.googletagmanager.com/gtag/js?id=G-DDD7EKFG6W | 142.250.74.72 | 200 OK | 97 kB |
URL GET HTTP/2www.googletagmanager.com/gtag/js?id=G-DDD7EKFG6W IP142.250.74.72:443
Requested byhttp://nguonphimc.com/xem-phim/vuong-quoc-cua-gio-f43859-15c-e533613.html CertificateIssuerGoogle Trust Services LLC Subject*.google-analytics.com FingerprintBF:40:8C:8B:CB:69:1E:3F:E2:3B:B7:8A:8E:C0:D6:98:5F:81:FA:2D ValidityMon, 04 Mar 2024 06:35:45 GMT - Mon, 27 May 2024 06:35:44 GMT
File typeJavaScript source, ASCII text, with very long lines (3969) Hashf5fe972b7c8f226d646e738555d27696 1a77b457c8d162db88a939b67e6000179111fa02 5a8e9600dbc868954f274dd85915b6cc1c5ae268dce58d13f40ffa37c2b4f82c
GET /gtag/js?id=G-DDD7EKFG6W HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://nguonphimc.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Fri, 19 Apr 2024 03:37:03 GMT
expires: Fri, 19 Apr 2024 03:37:03 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 97098
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| nguonphimc.com/themes/np/css/color.css?v=np2.4.8.2 | 94.242.50.163 | 200 OK | 80 kB |
URL GET HTTP/1.1nguonphimc.com/themes/np/css/color.css?v=np2.4.8.2 IP94.242.50.163:80
Requested byhttp://nguonphimc.com/xem-phim/vuong-quoc-cua-gio-f43859-15c-e533613.html
File typeUnicode text, UTF-8 (with BOM) text, with very long lines (65533), with no line terminators Hash9ccfae82c1f9be3cf7c148a39228f53c 9abd7857d28f34c5007b11ee53d2818482775163 d962cf8c297e2b013c20dadac3f99d1af50957de8e1d1de8b4ea960fbd6fd7b6
GET /themes/np/css/color.css?v=np2.4.8.2 HTTP/1.1
Host: nguonphimc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://nguonphimc.com/xem-phim/vuong-quoc-cua-gio-f43859-15c-e533613.html
Cookie: PHPSESSID=tfm9q3gva53gm9vg6jg8f5vff5; us_session_id=P26301
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 19 Apr 2024 03:37:03 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.0.33
Last-Modified: Wed, 30 Nov 2022 08:58:35 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: max-age=31536000, proxy-revalidate
Expires: Sat, 19 Apr 2025 03:37:03 GMT
Connection: close
Transfer-Encoding: chunked
Content-Type: text/css; charset=utf-8
|
|
| nguonphimc.com/themes/np/js/jquery.magnific-popup.min.js | 94.242.50.163 | 200 OK | 7.3 kB |
URL GET HTTP/1.1nguonphimc.com/themes/np/js/jquery.magnific-popup.min.js IP94.242.50.163:80
Requested byhttp://nguonphimc.com/xem-phim/vuong-quoc-cua-gio-f43859-15c-e533613.html
File typeJavaScript source, ASCII text, with very long lines (20087), with CRLF line terminators Hashb37d7edf99565d3858eaa1ad80df3cff 786a4343711e9af5e5dfcc493e7d2331b48875bb b0a45cd5aed66e27bd8ee861d0e3b782c8e79849bde32f90f078b9f2451a36f2
GET /themes/np/js/jquery.magnific-popup.min.js HTTP/1.1
Host: nguonphimc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://nguonphimc.com/xem-phim/vuong-quoc-cua-gio-f43859-15c-e533613.html
Cookie: PHPSESSID=tfm9q3gva53gm9vg6jg8f5vff5; us_session_id=P26301
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 19 Apr 2024 03:37:03 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.0.33
Last-Modified: Fri, 19 Jan 2018 09:15:03 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: max-age=31536000, proxy-revalidate
Expires: Sat, 19 Apr 2025 03:37:03 GMT
Content-Length: 7346
Connection: close
Content-Type: application/javascript; charset=utf-8
|
|
| nguonphimc.com/themes/np/js/jquery.nice-select.js | 94.242.50.163 | 200 OK | 1.5 kB |
URL GET HTTP/1.1nguonphimc.com/themes/np/js/jquery.nice-select.js IP94.242.50.163:80
Requested byhttp://nguonphimc.com/xem-phim/vuong-quoc-cua-gio-f43859-15c-e533613.html
File typeJavaScript source, Unicode text, UTF-8 text, with CRLF line terminators Hash723e741faba72abfb0e56b6e0f8a73d8 ba71788614e8e11dbeeebdcac9037b57e7a69ce4 39f6514264e1603542b6aa38ba44c3be0aa7bbdef56ed139d74fe75e24e642fa
GET /themes/np/js/jquery.nice-select.js HTTP/1.1
Host: nguonphimc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://nguonphimc.com/xem-phim/vuong-quoc-cua-gio-f43859-15c-e533613.html
Cookie: PHPSESSID=tfm9q3gva53gm9vg6jg8f5vff5; us_session_id=P26301
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 19 Apr 2024 03:37:03 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.0.33
Last-Modified: Fri, 19 Jan 2018 09:15:03 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: max-age=31536000, proxy-revalidate
Expires: Sat, 19 Apr 2025 03:37:03 GMT
Content-Length: 1538
Connection: close
Content-Type: application/javascript; charset=utf-8
|
|
| nguonphimc.com/themes/np/js/jquery.showmore.src.js | 94.242.50.163 | 200 OK | 434 B |
URL GET HTTP/1.1nguonphimc.com/themes/np/js/jquery.showmore.src.js IP94.242.50.163:80
Requested byhttp://nguonphimc.com/xem-phim/vuong-quoc-cua-gio-f43859-15c-e533613.html
File typeJavaScript source, ASCII text, with very long lines (432) Hashf67d16dc855157012280d1b8d2d0ac55 4eaa66120111bb8cb4c21884c647bf609ef3a7a5 89a7b91f92a0583bcfabc3dc0347bfb78822ebe75d229fb766ae2fdc6e7e0d28
GET /themes/np/js/jquery.showmore.src.js HTTP/1.1
Host: nguonphimc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://nguonphimc.com/xem-phim/vuong-quoc-cua-gio-f43859-15c-e533613.html
Cookie: PHPSESSID=tfm9q3gva53gm9vg6jg8f5vff5; us_session_id=P26301
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 19 Apr 2024 03:37:03 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.0.33
Last-Modified: Fri, 19 Jan 2018 09:15:03 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: max-age=31536000, proxy-revalidate
Expires: Sat, 19 Apr 2025 03:37:03 GMT
Content-Length: 434
Connection: close
Content-Type: application/javascript; charset=utf-8
|
|
| nguonphimc.com/js/main.min.js?v=2.4.8.2 | 94.242.50.163 | 200 OK | 5.6 kB |
URL GET HTTP/1.1nguonphimc.com/js/main.min.js?v=2.4.8.2 IP94.242.50.163:80
Requested byhttp://nguonphimc.com/xem-phim/vuong-quoc-cua-gio-f43859-15c-e533613.html
File typeJavaScript source, Unicode text, UTF-8 text, with very long lines (17159) Hash2f3514d630f0195787c0f99778202f3c 2ce2883a59c655b8e02d644a1449fcdfdf604486 23b47b8eb144a359fdd87940db44e0420e7e0062f3cbba762e0e22c35afb3749
GET /js/main.min.js?v=2.4.8.2 HTTP/1.1
Host: nguonphimc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://nguonphimc.com/xem-phim/vuong-quoc-cua-gio-f43859-15c-e533613.html
Cookie: PHPSESSID=tfm9q3gva53gm9vg6jg8f5vff5; us_session_id=P26301
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 19 Apr 2024 03:37:03 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.0.33
Last-Modified: Sat, 02 May 2020 19:55:57 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: max-age=31536000, proxy-revalidate
Expires: Sat, 19 Apr 2025 03:37:03 GMT
Content-Length: 5620
Connection: close
Content-Type: application/javascript; charset=utf-8
|
|
| m3.nguonphim.net/media/images/1/logo/logo16012018.png | 94.242.50.163 | 200 OK | 10 kB |
URL GET HTTP/1.1m3.nguonphim.net/media/images/1/logo/logo16012018.png IP94.242.50.163:80
Requested byhttp://nguonphimc.com/xem-phim/vuong-quoc-cua-gio-f43859-15c-e533613.html
File typePNG image data, 124 x 40, 8-bit/color RGBA, interlaced Hasha9da8ca65d6ba20845e49ae6b63a0a92 f1c7861f134ba1af81047a0fda27027327b736ab 39eb6969b37ac9325026f79f791a7f8a46f9baa5976e3f0aa8b8772730af4e2c
GET /media/images/1/logo/logo16012018.png HTTP/1.1
Host: m3.nguonphim.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://nguonphimc.com/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 19 Apr 2024 03:37:03 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.0.33
Last-Modified: Mon, 15 Jan 2018 20:06:20 GMT
ETag: "2751-562d625d53c2f"
Accept-Ranges: bytes
Content-Length: 10065
Cache-Control: max-age=5184000, public
Expires: Tue, 18 Jun 2024 03:37:03 GMT
Access-Control-Allow-Origin: *
Connection: close
Content-Type: image/png
|
|
| m3.nguonhay.com/media/images/film/newcover/2024/1/s350_700/than-an-vuong-toa-throne-of-seal-1704993650.jpg | 94.242.50.163 | 200 OK | 70 kB |
URL GET HTTP/1.1m3.nguonhay.com/media/images/film/newcover/2024/1/s350_700/than-an-vuong-toa-throne-of-seal-1704993650.jpg IP94.242.50.163:80
Requested byhttp://nguonphimc.com/xem-phim/vuong-quoc-cua-gio-f43859-15c-e533613.html
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 350x491, components 3 Hash70a40dfce755801e4ba0d1556ef662e7 0d5ebbc060b1b79023a957a8aa26749b8358b1cb a6edfceb4621a262269195d22f063a64188fbb010013a6270161d517304dea9d
GET /media/images/film/newcover/2024/1/s350_700/than-an-vuong-toa-throne-of-seal-1704993650.jpg HTTP/1.1
Host: m3.nguonhay.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://nguonphimc.com/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 19 Apr 2024 03:37:03 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.0.33
Last-Modified: Thu, 11 Jan 2024 17:20:51 GMT
ETag: "10fbe-60eaec4f8a4c3"
Accept-Ranges: bytes
Content-Length: 69566
Cache-Control: max-age=5184000, public
Expires: Tue, 18 Jun 2024 03:37:03 GMT
Access-Control-Allow-Origin: *
Connection: close
Content-Type: image/jpeg
|
|
| m3.nguonhay.com/media/images/film/mptv/s350_700/nu-hoang-nuoc-mat-1707443450.jpg | 94.242.50.163 | 200 OK | 55 kB |
URL GET HTTP/1.1m3.nguonhay.com/media/images/film/mptv/s350_700/nu-hoang-nuoc-mat-1707443450.jpg IP94.242.50.163:80
Requested byhttp://nguonphimc.com/xem-phim/vuong-quoc-cua-gio-f43859-15c-e533613.html
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 350x501, components 3 Hash7d84be20e84510c02a36491f73526483 911556208f24946169d6e9afe33fc2e5f6e48470 84cdd62c2838005fc964ed071a20d264327cc45c1403b1126ceb263fe479c06a
GET /media/images/film/mptv/s350_700/nu-hoang-nuoc-mat-1707443450.jpg HTTP/1.1
Host: m3.nguonhay.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://nguonphimc.com/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 19 Apr 2024 03:37:03 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.0.33
Last-Modified: Sun, 10 Mar 2024 18:55:46 GMT
ETag: "d82c-61352f90ce8d6"
Accept-Ranges: bytes
Content-Length: 55340
Cache-Control: max-age=5184000, public
Expires: Tue, 18 Jun 2024 03:37:03 GMT
Access-Control-Allow-Origin: *
Connection: close
Content-Type: image/jpeg
|
|
| m3.nguonhay.com/media/images/film/ff/s350_700/the-gioi-hoan-my-1619204356.jpg | 94.242.50.163 | 200 OK | 45 kB |
URL GET HTTP/1.1m3.nguonhay.com/media/images/film/ff/s350_700/the-gioi-hoan-my-1619204356.jpg IP94.242.50.163:80
Requested byhttp://nguonphimc.com/xem-phim/vuong-quoc-cua-gio-f43859-15c-e533613.html
File typeJPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, progressive, precision 8, 238x344, components 3 Hash5e060cae43f33fc6ee9baa645c696f8e 9ac7805332b99d6e27afff6d96d47d72a0369fc8 ed17139b51f4cb501cfa17c692cc257437127fa92980851547df75f6402f13c0
GET /media/images/film/ff/s350_700/the-gioi-hoan-my-1619204356.jpg HTTP/1.1
Host: m3.nguonhay.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://nguonphimc.com/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 19 Apr 2024 03:37:03 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.0.33
Last-Modified: Fri, 23 Apr 2021 18:59:22 GMT
ETag: "af7d-5c0a864d52e4d"
Accept-Ranges: bytes
Content-Length: 44925
Cache-Control: max-age=5184000, public
Expires: Tue, 18 Jun 2024 03:37:03 GMT
Access-Control-Allow-Origin: *
Connection: close
Content-Type: image/jpeg
|
|
| nguonphimc.com/img/loading_film.gif | 94.242.50.163 | 200 OK | 1.9 kB |
URL GET HTTP/1.1nguonphimc.com/img/loading_film.gif IP94.242.50.163:80
Requested byhttp://nguonphimc.com/xem-phim/vuong-quoc-cua-gio-f43859-15c-e533613.html
File typeGIF image data, version 89a, 34 x 34 Hashb9d35ba13f16629ec47d785d61d2204c 680ccabf459357685db0c404f4ef23543e735729 43b3f6a202a86e29f40d8a102cf62565fcdc07cebb55185f13eb86b0fbc8c5e6
GET /img/loading_film.gif HTTP/1.1
Host: nguonphimc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://nguonphimc.com/xem-phim/vuong-quoc-cua-gio-f43859-15c-e533613.html
Cookie: PHPSESSID=tfm9q3gva53gm9vg6jg8f5vff5; us_session_id=P26301
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 19 Apr 2024 03:37:03 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.0.33
Last-Modified: Mon, 25 Dec 2017 07:17:53 GMT
Accept-Ranges: bytes
Content-Length: 1924
Cache-Control: max-age=2592000, public
Expires: Sun, 19 May 2024 03:37:03 GMT
Connection: close
Content-Type: image/gif
|
|
| m3.nguonhay.com/media/images/film/bio/s350_700/chim-boi-ca-1665899828.jpg | 94.242.50.163 | 200 OK | 87 kB |
URL GET HTTP/1.1m3.nguonhay.com/media/images/film/bio/s350_700/chim-boi-ca-1665899828.jpg IP94.242.50.163:80
Requested byhttp://nguonphimc.com/xem-phim/vuong-quoc-cua-gio-f43859-15c-e533613.html
File typeJPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, progressive, precision 8, 350x438, components 3 Hashcdb099f8426bd971ac65260f52a7c035 549e05f3215272e4a12832eaf94504d694383bec e46c8ded7ae8965e2881e946441d5a65cfb6937e9f97d1351c70658c5818ba88
GET /media/images/film/bio/s350_700/chim-boi-ca-1665899828.jpg HTTP/1.1
Host: m3.nguonhay.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://nguonphimc.com/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 19 Apr 2024 03:37:03 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.0.33
Last-Modified: Mon, 24 Oct 2022 16:27:41 GMT
ETag: "15256-5ebca453fbe31"
Accept-Ranges: bytes
Content-Length: 86614
Cache-Control: max-age=5184000, public
Expires: Tue, 18 Jun 2024 03:37:03 GMT
Access-Control-Allow-Origin: *
Connection: close
Content-Type: image/jpeg
|
|
| m3.nguonhay.com/media/images/film/newcover/2021/6/s350_700/vua-hai-tac-1624252456.jpg | 94.242.50.163 | 200 OK | 102 kB |
URL GET HTTP/1.1m3.nguonhay.com/media/images/film/newcover/2021/6/s350_700/vua-hai-tac-1624252456.jpg IP94.242.50.163:80
Requested byhttp://nguonphimc.com/xem-phim/vuong-quoc-cua-gio-f43859-15c-e533613.html
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 350x525, components 3 Size102 kB (102471 bytes) Hashf3b3235be303bcdd8806ee587f879d0a c5cfc2f2b686184a9bb5d8495268fb62e685d17c f365d987c622865d1bac410f3814dabce383d1dd2d961f00aafaf256b251c42e
GET /media/images/film/newcover/2021/6/s350_700/vua-hai-tac-1624252456.jpg HTTP/1.1
Host: m3.nguonhay.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://nguonphimc.com/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 19 Apr 2024 03:37:03 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.0.33
Last-Modified: Mon, 21 Jun 2021 05:14:17 GMT
ETag: "19047-5c53fbebf16b6"
Accept-Ranges: bytes
Content-Length: 102471
Cache-Control: max-age=5184000, public
Expires: Tue, 18 Jun 2024 03:37:03 GMT
Access-Control-Allow-Origin: *
Connection: close
Content-Type: image/jpeg
|
|
| m3.nguonhay.com/media/images/film/pol/s350_700/vo-than-chua-te-1583765005.jpg | 94.242.50.163 | 200 OK | 70 kB |
URL GET HTTP/1.1m3.nguonhay.com/media/images/film/pol/s350_700/vo-than-chua-te-1583765005.jpg IP94.242.50.163:80
Requested byhttp://nguonphimc.com/xem-phim/vuong-quoc-cua-gio-f43859-15c-e533613.html
File typeJPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, progressive, precision 8, 300x426, components 3 Hashfabd25bf58c53cf84b93d09b16a5dab1 44d008211bf7a481cb35b3187b825f54e7c9631c 06138ff6cdd143a248a3b31bbcb4e88ee295c0d11a987a60b9f0c4043fee79e0
GET /media/images/film/pol/s350_700/vo-than-chua-te-1583765005.jpg HTTP/1.1
Host: m3.nguonhay.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://nguonphimc.com/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 19 Apr 2024 03:37:03 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.0.33
Last-Modified: Fri, 12 Jun 2020 07:03:11 GMT
ETag: "112e1-5a7ddab8b8f40"
Accept-Ranges: bytes
Content-Length: 70369
Cache-Control: max-age=5184000, public
Expires: Tue, 18 Jun 2024 03:37:03 GMT
Access-Control-Allow-Origin: *
Connection: close
Content-Type: image/jpeg
|
|
| nguonphimc.com/themes/np/images/icon-search-menu.png | 94.242.50.163 | 200 OK | 1.2 kB |
URL GET HTTP/1.1nguonphimc.com/themes/np/images/icon-search-menu.png IP94.242.50.163:80
Requested byhttp://nguonphimc.com/xem-phim/vuong-quoc-cua-gio-f43859-15c-e533613.html
File typePNG image data, 19 x 19, 8-bit/color RGBA, non-interlaced Hashe573652e7d75f6471431e9fd48ca706c ef9de78ae35eb6d6f3e04744612c7bed87c3a5ee 49cd4ed8ef5f3b960bdb9a9024f1b4a83b96e39425a339fd1afc2486709c432b
GET /themes/np/images/icon-search-menu.png HTTP/1.1
Host: nguonphimc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://nguonphimc.com/themes/np/css/color.css?v=np2.4.8.2
Cookie: PHPSESSID=tfm9q3gva53gm9vg6jg8f5vff5; us_session_id=P26301; _ga_DDD7EKFG6W=GS1.1.1713497823.1.0.1713497824.0.0.0; _ga=GA1.1.1452574386.1713497824
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 19 Apr 2024 03:37:04 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.0.33
Last-Modified: Fri, 19 Jan 2018 09:15:00 GMT
Accept-Ranges: bytes
Content-Length: 1229
Cache-Control: max-age=2592000, public
Expires: Sun, 19 May 2024 03:37:04 GMT
Connection: close
Content-Type: image/png
|
|
| fonts.googleapis.com/css?family=Open+Sans:300,300i,400,400i,600,600i,700,700i,800,800i|Roboto:100,100i,300,300i,400,400i,500,500i,700,700i,900,900i&subset=latin-ext,vietnamese | 142.250.74.74 | 200 OK | 80 kB |
URL GET HTTP/3fonts.googleapis.com/css?family=Open+Sans:300,300i,400,400i,600,600i,700,700i,800,800i|Roboto:100,100i,300,300i,400,400i,500,500i,700,700i,900,900i&subset=latin-ext,vietnamese IP142.250.74.74:443
Requested byhttp://grab.nguonphimc.com/embed/vuong-quoc-cua-gio-f43859.html?api=nguonphimc.com&esp=533613&aesp=15c&user=P26301&tim=1713497824&key=rlennKOWVW9kamdkZ25qa2hlX1eoppujkp6XVXBhsA CertificateIssuerGoogle Trust Services LLC Subjectupload.video.google.com Fingerprint47:5A:64:7D:9F:47:34:07:31:91:97:F7:04:42:7A:D5:EA:AD:07:4E ValidityMon, 04 Mar 2024 07:16:44 GMT - Mon, 27 May 2024 07:16:43 GMT
File typegzip compressed data, max compression Hash183bbd74694a589c651cba4ddcfa6b4d b5d3c1b1c5bc8032485ea91fa971c4551fd739c2 e460f356cffb06c82bd1f39544e426a45eac6b3aa93be8dbf288693a51b37163
GET /css?family=Open+Sans:300,300i,400,400i,600,600i,700,700i,800,800i|Roboto:100,100i,300,300i,400,400i,500,500i,700,700i,900,900i&subset=latin-ext,vietnamese HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://nguonphimc.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Fri, 19 Apr 2024 03:37:03 GMT
date: Fri, 19 Apr 2024 03:37:03 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 | 142.250.74.131 | 200 OK | 16 kB |
URL GET HTTP/2fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 IP142.250.74.131:443
Requested byhttp://nguonphimc.com/xem-phim/vuong-quoc-cua-gio-f43859-15c-e533613.html CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com Fingerprint8F:81:43:71:C4:F3:8C:FA:6D:EC:B4:5E:1F:58:71:AA:48:42:0E:E9 ValidityMon, 04 Mar 2024 07:16:39 GMT - Mon, 27 May 2024 07:16:38 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 15744, version 1.0 Hash15d9f621c3bd1599f0169dcf0bd5e63e 7ca9c5967f3bb8bffeab24b639b49c1e7d03fa52 f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://nguonphimc.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15744
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 18 Apr 2024 02:37:01 GMT
expires: Fri, 18 Apr 2025 02:37:01 GMT
cache-control: public, max-age=31536000
age: 90003
last-modified: Wed, 11 May 2022 19:24:48 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu7GxKOzY.woff2 | 142.250.74.131 | 200 OK | 12 kB |
URL GET HTTP/2fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu7GxKOzY.woff2 IP142.250.74.131:443
Requested byhttp://nguonphimc.com/xem-phim/vuong-quoc-cua-gio-f43859-15c-e533613.html CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com Fingerprint8F:81:43:71:C4:F3:8C:FA:6D:EC:B4:5E:1F:58:71:AA:48:42:0E:E9 ValidityMon, 04 Mar 2024 07:16:39 GMT - Mon, 27 May 2024 07:16:38 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 11872, version 1.0 Hash87ace20058325aa069320aa4af875dff b743548770c46d905ae1ba06310bc001c587fe8e 3c23eb02de6b34e30f18cfb7167abd81a2cedfd1da60dfcb71989517ab3fb431
GET /s/roboto/v30/KFOmCnqEu92Fr1Mu7GxKOzY.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://nguonphimc.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 11872
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 16 Apr 2024 01:19:30 GMT
expires: Wed, 16 Apr 2025 01:19:30 GMT
cache-control: public, max-age=31536000
age: 267454
last-modified: Wed, 11 May 2022 19:25:01 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSCmu1aB.woff2 | 142.250.74.131 | 200 OK | 17 kB |
URL GET HTTP/2fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSCmu1aB.woff2 IP142.250.74.131:443
Requested byhttp://nguonphimc.com/xem-phim/vuong-quoc-cua-gio-f43859-15c-e533613.html CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com Fingerprint8F:81:43:71:C4:F3:8C:FA:6D:EC:B4:5E:1F:58:71:AA:48:42:0E:E9 ValidityMon, 04 Mar 2024 07:16:39 GMT - Mon, 27 May 2024 07:16:38 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 16552, version 1.0 Hash283c40f79deab0300df8b3ffd86dfc7b 2ef09414a573ac59f4b37e81c8b8a881244b345f 35e5eea83f2e5f2bad1213aa4b4aef30a380720e35c1821f19bc894f8e61e406
GET /s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSCmu1aB.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://nguonphimc.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 16552
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 18 Apr 2024 02:33:39 GMT
expires: Fri, 18 Apr 2025 02:33:39 GMT
cache-control: public, max-age=31536000
age: 90205
last-modified: Thu, 14 Dec 2023 02:08:40 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSGmu1aB.woff2 | 142.250.74.131 | 200 OK | 35 kB |
URL GET HTTP/2fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSGmu1aB.woff2 IP142.250.74.131:443
Requested byhttp://nguonphimc.com/xem-phim/vuong-quoc-cua-gio-f43859-15c-e533613.html CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com Fingerprint8F:81:43:71:C4:F3:8C:FA:6D:EC:B4:5E:1F:58:71:AA:48:42:0E:E9 ValidityMon, 04 Mar 2024 07:16:39 GMT - Mon, 27 May 2024 07:16:38 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 35328, version 1.0 Hash7670dba29aa2a1560c5d711ea6f6b369 6a2a620d2972f139c804c5a8363c91eb1a7595f6 adfa45260a1306cb5fefc1f17c1b5e7b61135534a82bf1b8e3d0540af7e07e3b
GET /s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSGmu1aB.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://nguonphimc.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 35328
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 18 Apr 2024 17:27:30 GMT
expires: Fri, 18 Apr 2025 17:27:30 GMT
cache-control: public, max-age=31536000
age: 36574
last-modified: Thu, 14 Dec 2023 02:00:45 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| fonts.googleapis.com/icon?family=Material+Icons | 142.250.74.74 | 200 OK | 129 kB |
URL GET HTTP/2fonts.googleapis.com/icon?family=Material+Icons IP142.250.74.74:443
Requested byhttp://nguonphimc.com/xem-phim/vuong-quoc-cua-gio-f43859-15c-e533613.html CertificateIssuerGoogle Trust Services LLC Subjectupload.video.google.com Fingerprint47:5A:64:7D:9F:47:34:07:31:91:97:F7:04:42:7A:D5:EA:AD:07:4E ValidityMon, 04 Mar 2024 07:16:44 GMT - Mon, 27 May 2024 07:16:43 GMT
File typegzip compressed data, max compression Size129 kB (128692 bytes) Hash48939bf81cccf3f1e06e65006d90d2aa 13bcf4f40952b1e833fa712451d78cc18af8ece2 bde3fb832eba0f022be74d01f1cd099bf4dfcccfc922f4d0024167d8ac21c238
GET /icon?family=Material+Icons HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://nguonphimc.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Fri, 19 Apr 2024 03:37:03 GMT
date: Fri, 19 Apr 2024 03:37:03 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 | 142.250.74.131 | 200 OK | 48 kB |
URL GET HTTP/2fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 IP142.250.74.131:443
Requested byhttp://nguonphimc.com/xem-phim/vuong-quoc-cua-gio-f43859-15c-e533613.html CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com Fingerprint8F:81:43:71:C4:F3:8C:FA:6D:EC:B4:5E:1F:58:71:AA:48:42:0E:E9 ValidityMon, 04 Mar 2024 07:16:39 GMT - Mon, 27 May 2024 07:16:38 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 48236, version 1.0 Hash015c126a3520c9a8f6a27979d0266e96 2acf956561d44434a6d84204670cf849d3215d5f 3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
GET /s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://nguonphimc.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 48236
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 16 Apr 2024 08:04:32 GMT
expires: Wed, 16 Apr 2025 08:04:32 GMT
cache-control: public, max-age=31536000
age: 243152
last-modified: Thu, 14 Dec 2023 02:08:40 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| fonts.googleapis.com/css?family=Montserrat:100,100i,200,200i,300,300i,400,400i,500,500i,600,600i,700,700i,800,800i,900,900i | 142.250.74.74 | 200 OK | 6.6 kB |
URL GET HTTP/2fonts.googleapis.com/css?family=Montserrat:100,100i,200,200i,300,300i,400,400i,500,500i,600,600i,700,700i,800,800i,900,900i IP142.250.74.74:443
Requested byhttp://nguonphimc.com/xem-phim/vuong-quoc-cua-gio-f43859-15c-e533613.html CertificateIssuerGoogle Trust Services LLC Subjectupload.video.google.com Fingerprint47:5A:64:7D:9F:47:34:07:31:91:97:F7:04:42:7A:D5:EA:AD:07:4E ValidityMon, 04 Mar 2024 07:16:44 GMT - Mon, 27 May 2024 07:16:43 GMT
File typegzip compressed data, max compression Hashc62344e37fb33526887888a13b71c470 d0bd2639d9fe8d86c3ae00a01c07b59f1400ac0d b0406b2b8a54d1e5bf8c14c3527059eed034ecfd5de5e7d6d1dd3cac0ae57be7
GET /css?family=Montserrat:100,100i,200,200i,300,300i,400,400i,500,500i,600,600i,700,700i,800,800i,900,900i HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://nguonphimc.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Fri, 19 Apr 2024 03:37:03 GMT
date: Fri, 19 Apr 2024 03:37:03 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 | 142.250.74.131 | 200 OK | 16 kB |
URL GET HTTP/2fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 IP142.250.74.131:443
Requested byhttp://nguonphimc.com/xem-phim/vuong-quoc-cua-gio-f43859-15c-e533613.html CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com Fingerprint8F:81:43:71:C4:F3:8C:FA:6D:EC:B4:5E:1F:58:71:AA:48:42:0E:E9 ValidityMon, 04 Mar 2024 07:16:39 GMT - Mon, 27 May 2024 07:16:38 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 15860, version 1.0 Hashe9f5aaf547f165386cd313b995dddd8e acdef5603c2387b0e5bffd744b679a24a8bc1968 f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
GET /s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://nguonphimc.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15860
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 16 Apr 2024 10:46:32 GMT
expires: Wed, 16 Apr 2025 10:46:32 GMT
cache-control: public, max-age=31536000
age: 233432
last-modified: Wed, 11 May 2022 19:24:42 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfCxc4EsA.woff2 | 142.250.74.131 | 200 OK | 5.5 kB |
URL GET HTTP/2fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfCxc4EsA.woff2 IP142.250.74.131:443
Requested byhttp://nguonphimc.com/xem-phim/vuong-quoc-cua-gio-f43859-15c-e533613.html CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com Fingerprint8F:81:43:71:C4:F3:8C:FA:6D:EC:B4:5E:1F:58:71:AA:48:42:0E:E9 ValidityMon, 04 Mar 2024 07:16:39 GMT - Mon, 27 May 2024 07:16:38 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 5548, version 1.0 Hashcdaab83619fcacd4027a77c99dd51e69 9e6eae8554f8cc2309b2dae2d9fa217e34eed6a4 4ec57f2a80b91090971b83970230ca09ab3568c5f5b224896ca9aa6180a76aa9
GET /s/roboto/v30/KFOlCnqEu92Fr1MmWUlfCxc4EsA.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://nguonphimc.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 5548
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 18 Apr 2024 02:45:59 GMT
expires: Fri, 18 Apr 2025 02:45:59 GMT
cache-control: public, max-age=31536000
age: 89465
last-modified: Wed, 11 May 2022 19:24:45 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| chokedsmelt.com/5b/28/bb/5b28bb3338748187b2166508de2d96b3.js | 192.243.61.225 | 200 OK | 16 kB |
URL GET HTTP/1.1chokedsmelt.com/5b/28/bb/5b28bb3338748187b2166508de2d96b3.js IP192.243.61.225:80 ASN#39572 DataWeb Global Group B.V.
Requested byhttp://nguonphimc.com/xem-phim/vuong-quoc-cua-gio-f43859-15c-e533613.html
File typeJavaScript source, ASCII text, with very long lines (44059), with no line terminators Hashd17075939d1248cfe0674325f871ee85 ea63fc8f4f38baa3f3844982871f82a2559637df b5682a7f8bf616ed2f4b197fabeb3d670d3ca06a4612e7b44585d8a4431e822e
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /5b/28/bb/5b28bb3338748187b2166508de2d96b3.js HTTP/1.1
Host: chokedsmelt.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://nguonphimc.com/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Fri, 19 Apr 2024 03:37:04 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 1356d79a9257f7ba256dbadd10950180
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
|
|
| downstairsnegotiatebarren.com/sfp.js | 104.21.35.227 | 301 Moved Permanently | 167 B |
URL GET HTTP/1.1downstairsnegotiatebarren.com/sfp.js IP104.21.35.227:80
Requested byhttp://nguonphimc.com/xem-phim/vuong-quoc-cua-gio-f43859-15c-e533613.html
File typeHTML document, ASCII text, with CRLF line terminators Hash0104c301c5e02bd6148b8703d19b3a73 7436e0b4b1f8c222c38069890b75fa2baf9ca620 446a6087825fa73eadb045e5a2e9e2adf7df241b571228187728191d961dda1f
GET /sfp.js HTTP/1.1
Host: downstairsnegotiatebarren.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://nguonphimc.com/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 301 Moved Permanently
Date: Fri, 19 Apr 2024 03:37:04 GMT
Content-Type: text/html
Content-Length: 167
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Fri, 19 Apr 2024 04:37:04 GMT
Location: https://downstairsnegotiatebarren.com/sfp.js
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=2%2FCzY%2FCnMktJ56oELEN6IjaMa5SeS8oA%2FdrOvA9QPGJwZ06pE1EtIl1WpjTitSHZqX%2BIRqqj0ljeujapLcTnw6Wn0qroFw1dPOt0LUTVfoJeM68CNLPSMy4WDyauhIqZqingsfmHlMW1fXx6nq0sHA%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 8769da9abb185697-OSL
alt-svc: h2=":443"; ma=60
|
|
| fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 | 142.250.74.131 | 200 OK | 48 kB |
URL GET HTTP/2fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 IP142.250.74.131:443
Requested byhttp://nguonphimc.com/xem-phim/vuong-quoc-cua-gio-f43859-15c-e533613.html CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com Fingerprint8F:81:43:71:C4:F3:8C:FA:6D:EC:B4:5E:1F:58:71:AA:48:42:0E:E9 ValidityMon, 04 Mar 2024 07:16:39 GMT - Mon, 27 May 2024 07:16:38 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 48236, version 1.0 Hash015c126a3520c9a8f6a27979d0266e96 2acf956561d44434a6d84204670cf849d3215d5f 3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
GET /s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://nguonphimc.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 48236
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 16 Apr 2024 08:04:32 GMT
expires: Wed, 16 Apr 2025 08:04:32 GMT
cache-control: public, max-age=31536000
age: 243152
last-modified: Thu, 14 Dec 2023 02:08:40 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 | 142.250.74.131 | 200 OK | 48 kB |
URL GET HTTP/2fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 IP142.250.74.131:443
Requested byhttp://nguonphimc.com/xem-phim/vuong-quoc-cua-gio-f43859-15c-e533613.html CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com Fingerprint8F:81:43:71:C4:F3:8C:FA:6D:EC:B4:5E:1F:58:71:AA:48:42:0E:E9 ValidityMon, 04 Mar 2024 07:16:39 GMT - Mon, 27 May 2024 07:16:38 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 48236, version 1.0 Hash015c126a3520c9a8f6a27979d0266e96 2acf956561d44434a6d84204670cf849d3215d5f 3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
GET /s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://nguonphimc.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 48236
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 16 Apr 2024 08:04:32 GMT
expires: Wed, 16 Apr 2025 08:04:32 GMT
cache-control: public, max-age=31536000
age: 243152
last-modified: Thu, 14 Dec 2023 02:08:40 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSGmu1aB.woff2 | 142.250.74.131 | 200 OK | 35 kB |
URL GET HTTP/2fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSGmu1aB.woff2 IP142.250.74.131:443
Requested byhttp://nguonphimc.com/xem-phim/vuong-quoc-cua-gio-f43859-15c-e533613.html CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com Fingerprint8F:81:43:71:C4:F3:8C:FA:6D:EC:B4:5E:1F:58:71:AA:48:42:0E:E9 ValidityMon, 04 Mar 2024 07:16:39 GMT - Mon, 27 May 2024 07:16:38 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 35328, version 1.0 Hash7670dba29aa2a1560c5d711ea6f6b369 6a2a620d2972f139c804c5a8363c91eb1a7595f6 adfa45260a1306cb5fefc1f17c1b5e7b61135534a82bf1b8e3d0540af7e07e3b
GET /s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSGmu1aB.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://nguonphimc.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 35328
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 18 Apr 2024 17:27:30 GMT
expires: Fri, 18 Apr 2025 17:27:30 GMT
cache-control: public, max-age=31536000
age: 36574
last-modified: Thu, 14 Dec 2023 02:00:45 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSCmu1aB.woff2 | 142.250.74.131 | 200 OK | 17 kB |
URL GET HTTP/2fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSCmu1aB.woff2 IP142.250.74.131:443
Requested byhttp://nguonphimc.com/xem-phim/vuong-quoc-cua-gio-f43859-15c-e533613.html CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com Fingerprint8F:81:43:71:C4:F3:8C:FA:6D:EC:B4:5E:1F:58:71:AA:48:42:0E:E9 ValidityMon, 04 Mar 2024 07:16:39 GMT - Mon, 27 May 2024 07:16:38 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 16552, version 1.0 Hash283c40f79deab0300df8b3ffd86dfc7b 2ef09414a573ac59f4b37e81c8b8a881244b345f 35e5eea83f2e5f2bad1213aa4b4aef30a380720e35c1821f19bc894f8e61e406
GET /s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSCmu1aB.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://nguonphimc.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 16552
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 18 Apr 2024 02:33:39 GMT
expires: Fri, 18 Apr 2025 02:33:39 GMT
cache-control: public, max-age=31536000
age: 90205
last-modified: Thu, 14 Dec 2023 02:08:40 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| proftrafficcounter.com/stats | 52.29.148.107 | 200 OK | 40 B |
URL GET HTTP/2proftrafficcounter.com/stats IP52.29.148.107:443
Requested byhttp://nguonphimc.com/xem-phim/vuong-quoc-cua-gio-f43859-15c-e533613.html CertificateIssuerAmazon Subjectproftrafficcounter.com FingerprintE3:9F:79:6F:80:C0:BF:F8:C4:EB:45:F3:E9:0F:A7:41:F6:0C:05:E6 ValidityTue, 21 Nov 2023 00:00:00 GMT - Thu, 19 Dec 2024 23:59:59 GMT
File typeASCII text, with no line terminators Hash5b13cee25aefe0f57e9d283a96f26f29 39b4ef1786aa7ff91bd6b59ddd541117e1cd229b 5f17c2e97b0b3ac9931f5df42cff8b1017c421597d38af8b7e34ad457ffad79b
GET /stats HTTP/1.1
Host: proftrafficcounter.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://nguonphimc.com
DNT: 1
Connection: keep-alive
Referer: http://nguonphimc.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 19 Apr 2024 03:37:04 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: http://nguonphimc.com
vary: Origin
access-control-allow-credentials: true
set-cookie: uid_id2=f91793d4-a15a-47d5-9c49-e930848ebbad:1:1; expires=Mon, 17 Apr 2034 03:37:04 GMT; secure; SameSite=None
X-Firefox-Spdy: h2
|
|
| nguonphimc.com/themes/np/images/button_km.png | 94.242.50.163 | 200 OK | 2.6 kB |
URL GET HTTP/1.1nguonphimc.com/themes/np/images/button_km.png IP94.242.50.163:80
Requested byhttp://nguonphimc.com/xem-phim/vuong-quoc-cua-gio-f43859-15c-e533613.html
File typePNG image data, 66 x 50, 8-bit/color RGBA, non-interlaced Hash05238f78240b8bb3d2453e866550a011 766a5353d457d5282bb04192072a116073b8666d aed76e5f2deac5394da887c6b862ab04fbc3e601348006da714310d72c5dfc60
GET /themes/np/images/button_km.png HTTP/1.1
Host: nguonphimc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://nguonphimc.com/themes/np/css/color.css?v=np2.4.8.2
Cookie: PHPSESSID=tfm9q3gva53gm9vg6jg8f5vff5; us_session_id=P26301; _ga_DDD7EKFG6W=GS1.1.1713497823.1.0.1713497824.0.0.0; _ga=GA1.1.1452574386.1713497824
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 19 Apr 2024 03:37:04 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.0.33
Last-Modified: Fri, 19 Jan 2018 09:15:00 GMT
Accept-Ranges: bytes
Content-Length: 2646
Cache-Control: max-age=2592000, public
Expires: Sun, 19 May 2024 03:37:04 GMT
Connection: close
Content-Type: image/png
|
|
| nguonphimc.com/site/site/checkaccess/ | 94.242.50.163 | 200 OK | 7 B |
URL POST HTTP/1.1nguonphimc.com/site/site/checkaccess/ IP94.242.50.163:80
Requested byhttp://nguonphimc.com/xem-phim/vuong-quoc-cua-gio-f43859-15c-e533613.html
File typeASCII text, with no line terminators Hash4e3ca82bee9b6a4b6c6e30ca31234e50 f007b014714adb9c2c7c105e64dfa8448e9ec77a 148ecdac86b94c986a6bb2da57595b2cc4b35afa88e266ec7f30f79530803efb
POST /site/site/checkaccess/ HTTP/1.1
Host: nguonphimc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
X-Requested-With: XMLHttpRequest
Content-Length: 105
Origin: http://nguonphimc.com
DNT: 1
Connection: keep-alive
Referer: http://nguonphimc.com/xem-phim/vuong-quoc-cua-gio-f43859-15c-e533613.html
Cookie: PHPSESSID=tfm9q3gva53gm9vg6jg8f5vff5; us_session_id=P26301; _ga_DDD7EKFG6W=GS1.1.1713497823.1.0.1713497824.0.0.0; _ga=GA1.1.1452574386.1713497824
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 19 Apr 2024 03:37:04 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.0.33
X-Powered-By: PHP/7.0.33
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
X-UA-Compatible: IE=edge,chrome=1
Content-Length: 7
Connection: close
Content-Type: text/html; charset=UTF-8
|
|
| nguonphimc.com/themes/np/images/bottomNavOFF.png | 94.242.50.163 | 200 OK | 1.3 kB |
URL GET HTTP/1.1nguonphimc.com/themes/np/images/bottomNavOFF.png IP94.242.50.163:80
Requested byhttp://nguonphimc.com/xem-phim/vuong-quoc-cua-gio-f43859-15c-e533613.html
File typePNG image data, 13 x 13, 8-bit/color RGBA, non-interlaced Hash840cd790a57c4cee3fb5b50d448dfd3a 976ecfbdaadc569488019ad246b6dfa31bdab85b d317c5f6a5b4342d84bcc00cb0c99d2ce3c7d6f1044ac8036d722fcbf728baeb
GET /themes/np/images/bottomNavOFF.png HTTP/1.1
Host: nguonphimc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://nguonphimc.com/themes/np/css/color.css?v=np2.4.8.2
Cookie: PHPSESSID=tfm9q3gva53gm9vg6jg8f5vff5; us_session_id=P26301; _ga_DDD7EKFG6W=GS1.1.1713497823.1.0.1713497824.0.0.0; _ga=GA1.1.1452574386.1713497824
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 19 Apr 2024 03:37:04 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.0.33
Last-Modified: Fri, 19 Jan 2018 09:15:00 GMT
Accept-Ranges: bytes
Content-Length: 1250
Cache-Control: max-age=2592000, public
Expires: Sun, 19 May 2024 03:37:04 GMT
Connection: close
Content-Type: image/png
|
|
| nguonphimc.com/themes/np/images/bottomNavON.png | 94.242.50.163 | 200 OK | 1.3 kB |
URL GET HTTP/1.1nguonphimc.com/themes/np/images/bottomNavON.png IP94.242.50.163:80
Requested byhttp://nguonphimc.com/xem-phim/vuong-quoc-cua-gio-f43859-15c-e533613.html
File typePNG image data, 13 x 13, 8-bit/color RGBA, non-interlaced Hash0703045e13e1ab8508a2273cbe71d5d6 c2d2f79bb3758de5722cddd94eaf4701078b4d71 698cc5f19fb8e30c2a9d8471e81637cb26e8fcd67a55bfffc9ca651a0c45e90f
GET /themes/np/images/bottomNavON.png HTTP/1.1
Host: nguonphimc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://nguonphimc.com/themes/np/css/color.css?v=np2.4.8.2
Cookie: PHPSESSID=tfm9q3gva53gm9vg6jg8f5vff5; us_session_id=P26301; _ga_DDD7EKFG6W=GS1.1.1713497823.1.0.1713497824.0.0.0; _ga=GA1.1.1452574386.1713497824
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 19 Apr 2024 03:37:04 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.0.33
Last-Modified: Fri, 19 Jan 2018 09:15:00 GMT
Accept-Ranges: bytes
Content-Length: 1334
Cache-Control: max-age=2592000, public
Expires: Sun, 19 May 2024 03:37:04 GMT
Connection: close
Content-Type: image/png
|
|
| nguonphimc.com/site/chatbot/refresh/ | 94.242.50.163 | 200 OK | 260 B |
URL POST HTTP/1.1nguonphimc.com/site/chatbot/refresh/ IP94.242.50.163:80
Requested byhttp://nguonphimc.com/xem-phim/vuong-quoc-cua-gio-f43859-15c-e533613.html
Hashba0683de7607ad624fb4cecda80e9bc1 674cb63ed78bcbd018343354b0ae42e9c43d2ee1 83db877ee449fa874aaaf8896bc642c25fc2f6e8c0179b6d4d59a2c0c9cdfce1
POST /site/chatbot/refresh/ HTTP/1.1
Host: nguonphimc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
X-Requested-With: XMLHttpRequest
Content-Length: 16
Origin: http://nguonphimc.com
DNT: 1
Connection: keep-alive
Referer: http://nguonphimc.com/xem-phim/vuong-quoc-cua-gio-f43859-15c-e533613.html
Cookie: PHPSESSID=tfm9q3gva53gm9vg6jg8f5vff5; us_session_id=P26301; _ga_DDD7EKFG6W=GS1.1.1713497823.1.0.1713497824.0.0.0; _ga=GA1.1.1452574386.1713497824
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 19 Apr 2024 03:37:04 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.0.33
X-Powered-By: PHP/7.0.33
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: Accept-Encoding
Content-Encoding: gzip
X-UA-Compatible: IE=edge,chrome=1
Content-Length: 260
Connection: close
Content-Type: text/html; charset=UTF-8
|
|
| m3.nguonphim.net/media/images/1/favi/favicon-1498701606.png | 94.242.50.163 | 200 OK | 18 kB |
URL GET HTTP/1.1m3.nguonphim.net/media/images/1/favi/favicon-1498701606.png IP94.242.50.163:80
Requested byhttp://nguonphimc.com/xem-phim/vuong-quoc-cua-gio-f43859-15c-e533613.html
File typePNG image data, 46 x 48, 8-bit/color RGBA, non-interlaced Hashe6f4a93efe2d93e885abcbb4cc09cd4a e4f94b9e95b40e30b215228316bb7f8c48d08ed2 93b7bbea433aa41f6efb860d3d9777d363f9e64fc1ad4186cd9ef525bbee9c94
GET /media/images/1/favi/favicon-1498701606.png HTTP/1.1
Host: m3.nguonphim.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://nguonphimc.com/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 19 Apr 2024 03:37:04 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.0.33
Last-Modified: Wed, 05 Jul 2017 04:14:59 GMT
ETag: "45d1-5538a3e52eb40"
Accept-Ranges: bytes
Content-Length: 17873
Cache-Control: max-age=5184000, public
Expires: Tue, 18 Jun 2024 03:37:04 GMT
Access-Control-Allow-Origin: *
Connection: close
Content-Type: image/png
|
|
| nguonphimc.com/xem-phim/vuong-quoc-cua-gio-f43859-15c-e533613.html | 94.242.50.163 | 200 OK | 510 B |
URL User Request GET HTTP/1.1nguonphimc.com/xem-phim/vuong-quoc-cua-gio-f43859-15c-e533613.html IP94.242.50.163:80
Hash7cd870235075b44f433078b2588d9430 52f8fc693619c8e63b0d8b06a3129e84cfc4cbc0 5d01fa6b291671faf62493c2d38ca21c2421374d9dba4023e30367ed11e15b9e
POST /xem-phim/vuong-quoc-cua-gio-f43859-15c-e533613.html HTTP/1.1
Host: nguonphimc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
X-Requested-With: XMLHttpRequest
Content-Length: 67
Origin: http://nguonphimc.com
DNT: 1
Connection: keep-alive
Referer: http://nguonphimc.com/xem-phim/vuong-quoc-cua-gio-f43859-15c-e533613.html
Cookie: PHPSESSID=tfm9q3gva53gm9vg6jg8f5vff5; us_session_id=P26301; _ga_DDD7EKFG6W=GS1.1.1713497823.1.0.1713497824.0.0.0; _ga=GA1.1.1452574386.1713497824; dom3ic8zudi28v8lr6fgphwffqoz0j6c=f91793d4-a15a-47d5-9c49-e930848ebbad%3A1%3A1
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 19 Apr 2024 03:37:04 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.0.33
X-Powered-By: PHP/7.0.33
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: Accept-Encoding
Content-Encoding: gzip
X-UA-Compatible: IE=edge,chrome=1
Content-Length: 510
Connection: close
Content-Type: text/html; charset=UTF-8
|
|
| pagead2.googlesyndication.com/pagead/js/adsbygoogle.js | 142.250.74.66 | 200 OK | 51 kB |
URL GET HTTP/2pagead2.googlesyndication.com/pagead/js/adsbygoogle.js IP142.250.74.66:443
Requested byhttp://nguonphimc.com/xem-phim/vuong-quoc-cua-gio-f43859-15c-e533613.html CertificateIssuerGoogle Trust Services LLC Subject*.g.doubleclick.net FingerprintED:0D:E8:DC:2E:0E:7D:5F:CB:BE:43:7B:C7:CB:BF:BC:B7:E5:FC:1E ValidityMon, 04 Mar 2024 06:35:32 GMT - Mon, 27 May 2024 06:35:31 GMT
File typeJavaScript source, ASCII text, with very long lines (3920) Hashfbfe3b437444cf482f18e188b39c8bd1 59c7f4c648d5c0a36600f72c83249c18a6377a3f 83d81d9834fd9ed8bcf09b69aaa501ecb6e7ed15b50bcb4853e024e1ad9998b3
GET /pagead/js/adsbygoogle.js HTTP/1.1
Host: pagead2.googlesyndication.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://nguonphimc.com/
Origin: http://nguonphimc.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
link: <https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
vary: Accept-Encoding
date: Fri, 19 Apr 2024 03:37:04 GMT
expires: Fri, 19 Apr 2024 03:37:04 GMT
cache-control: private, max-age=3600, stale-while-revalidate=3600
content-type: text/javascript; charset=UTF-8
etag: 8552374281835639210
access-control-allow-origin: *
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 50759
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2 | 142.250.74.131 | 200 OK | 15 kB |
URL GET HTTP/3fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2 IP142.250.74.131:443
Requested byhttps://fundingchoicesmessages.google.com/s/whitelist?hl=vi CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com Fingerprint8F:81:43:71:C4:F3:8C:FA:6D:EC:B4:5E:1F:58:71:AA:48:42:0E:E9 ValidityMon, 04 Mar 2024 07:16:39 GMT - Mon, 27 May 2024 07:16:38 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 15344, version 1.0 Hash5d4aeb4e5f5ef754e307d7ffaef688bd 06db651cdf354c64a7383ea9c77024ef4fb4cef8 3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
GET /s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Referer: https://fundingchoicesmessages.google.com/
Origin: https://fundingchoicesmessages.google.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15344
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 16 Apr 2024 06:43:51 GMT
expires: Wed, 16 Apr 2025 06:43:51 GMT
cache-control: public, max-age=31536000
age: 247993
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 | 142.250.74.131 | 200 OK | 15 kB |
URL GET HTTP/3fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 IP142.250.74.131:443
Requested byhttps://fundingchoicesmessages.google.com/s/whitelist?hl=vi CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com Fingerprint8F:81:43:71:C4:F3:8C:FA:6D:EC:B4:5E:1F:58:71:AA:48:42:0E:E9 ValidityMon, 04 Mar 2024 07:16:39 GMT - Mon, 27 May 2024 07:16:38 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 15436, version 1.0 Hash037d830416495def72b7881024c14b7b 619389190b3cafafb5db94113990350acc8a0278 1d5b7c64458f4af91dcfee0354be47adde1f739b5aded03a7ab6068a1bb6ca97
GET /s/roboto/v18/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Referer: https://fundingchoicesmessages.google.com/
Origin: https://fundingchoicesmessages.google.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15436
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 16 Apr 2024 04:01:43 GMT
expires: Wed, 16 Apr 2025 04:01:43 GMT
cache-control: public, max-age=31536000
age: 257721
last-modified: Mon, 16 Oct 2017 17:33:12 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu7GxKOzY.woff2 | 142.250.74.131 | 200 OK | 12 kB |
URL GET HTTP/3fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu7GxKOzY.woff2 IP142.250.74.131:443
Requested byhttps://fundingchoicesmessages.google.com/s/whitelist?hl=vi CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com Fingerprint8F:81:43:71:C4:F3:8C:FA:6D:EC:B4:5E:1F:58:71:AA:48:42:0E:E9 ValidityMon, 04 Mar 2024 07:16:39 GMT - Mon, 27 May 2024 07:16:38 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 11936, version 1.0 Hash15d8ede0a816bc7a9838207747c6620c f6e2e75f1277c66e282553ae6a22661e51f472b8 dbb8f45730d91bffff8307cfdf7c82e67745d84cb6063a1f3880fadfad59c57d
GET /s/roboto/v18/KFOmCnqEu92Fr1Mu7GxKOzY.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Referer: https://fundingchoicesmessages.google.com/
Origin: https://fundingchoicesmessages.google.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 11936
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 16 Apr 2024 05:22:41 GMT
expires: Wed, 16 Apr 2025 05:22:41 GMT
cache-control: public, max-age=31536000
age: 252863
last-modified: Mon, 16 Oct 2017 17:33:01 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu7WxKOzY.woff2 | 142.250.74.131 | 200 OK | 5.2 kB |
URL GET HTTP/3fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu7WxKOzY.woff2 IP142.250.74.131:443
Requested byhttps://fundingchoicesmessages.google.com/s/whitelist?hl=vi CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com Fingerprint8F:81:43:71:C4:F3:8C:FA:6D:EC:B4:5E:1F:58:71:AA:48:42:0E:E9 ValidityMon, 04 Mar 2024 07:16:39 GMT - Mon, 27 May 2024 07:16:38 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 5224, version 1.0 Hasha835084624425dacc5e188c6973c1594 1bef196929bffcabdc834c0deefda104eb7a3318 0dfa6a82824cf2be6bb8543de6ef56b87daae5dd63f9e68c88f02697f94af740
GET /s/roboto/v18/KFOmCnqEu92Fr1Mu7WxKOzY.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Referer: https://fundingchoicesmessages.google.com/
Origin: https://fundingchoicesmessages.google.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 5224
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 18 Apr 2024 17:53:44 GMT
expires: Fri, 18 Apr 2025 17:53:44 GMT
cache-control: public, max-age=31536000
age: 35000
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmWUlfCxc4EsA.woff2 | 142.250.74.131 | 200 OK | 5.2 kB |
URL GET HTTP/3fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmWUlfCxc4EsA.woff2 IP142.250.74.131:443
Requested byhttps://fundingchoicesmessages.google.com/s/whitelist?hl=vi CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com Fingerprint8F:81:43:71:C4:F3:8C:FA:6D:EC:B4:5E:1F:58:71:AA:48:42:0E:E9 ValidityMon, 04 Mar 2024 07:16:39 GMT - Mon, 27 May 2024 07:16:38 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 5164, version 1.0 Hashe1d4c2969a3dd92f91fea51f652831ef ff3be3617b93fca22d758f43920abfa313337bc2 570d2dc2ce988d8ae09147ee2eca5ec53f8d5f036e84e3212bf03503374054e5
GET /s/roboto/v18/KFOlCnqEu92Fr1MmWUlfCxc4EsA.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Referer: https://fundingchoicesmessages.google.com/
Origin: https://fundingchoicesmessages.google.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 5164
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 16 Apr 2024 12:26:13 GMT
expires: Wed, 16 Apr 2025 12:26:13 GMT
cache-control: public, max-age=31536000
age: 227451
last-modified: Mon, 16 Oct 2017 17:33:09 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 | 142.250.74.131 | 200 OK | 16 kB |
URL GET HTTP/3fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 IP142.250.74.131:443
Requested byhttps://fundingchoicesmessages.google.com/s/whitelist?hl=vi CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com Fingerprint8F:81:43:71:C4:F3:8C:FA:6D:EC:B4:5E:1F:58:71:AA:48:42:0E:E9 ValidityMon, 04 Mar 2024 07:16:39 GMT - Mon, 27 May 2024 07:16:38 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 15552, version 1.0 Hash285467176f7fe6bb6a9c6873b3dad2cc ea04e4ff5142ddd69307c183def721a160e0a64e 5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
GET /s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Referer: https://fundingchoicesmessages.google.com/
Origin: https://fundingchoicesmessages.google.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15552
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 15 Apr 2024 22:10:11 GMT
expires: Tue, 15 Apr 2025 22:10:11 GMT
cache-control: public, max-age=31536000
age: 278813
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fCxc4EsA.woff2 | 142.250.74.131 | 200 OK | 5.3 kB |
URL GET HTTP/3fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fCxc4EsA.woff2 IP142.250.74.131:443
Requested byhttps://fundingchoicesmessages.google.com/s/whitelist?hl=vi CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com Fingerprint8F:81:43:71:C4:F3:8C:FA:6D:EC:B4:5E:1F:58:71:AA:48:42:0E:E9 ValidityMon, 04 Mar 2024 07:16:39 GMT - Mon, 27 May 2024 07:16:38 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 5284, version 1.0 Hash6bef514048228359f2f8f5e0235f8599 318cb182661d72332dc8a8316d2e6df0332756c4 135d563a494b1f8e6196278b7f597258a563f1438f5953c6fbef106070f66ec8
GET /s/roboto/v18/KFOlCnqEu92Fr1MmEU9fCxc4EsA.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Referer: https://fundingchoicesmessages.google.com/
Origin: https://fundingchoicesmessages.google.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 5284
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 16 Apr 2024 01:54:26 GMT
expires: Wed, 16 Apr 2025 01:54:26 GMT
cache-control: public, max-age=31536000
age: 265358
last-modified: Mon, 16 Oct 2017 17:32:49 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| fonts.gstatic.com/s/materialiconsextended/v151/kJEjBvgX7BgnkSrUwT8UnLVc38YydejYY-oE_LvJ.woff2 | 142.250.74.131 | 200 OK | 163 kB |
URL GET HTTP/3fonts.gstatic.com/s/materialiconsextended/v151/kJEjBvgX7BgnkSrUwT8UnLVc38YydejYY-oE_LvJ.woff2 IP142.250.74.131:443
Requested byhttps://fundingchoicesmessages.google.com/s/whitelist?hl=vi CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com Fingerprint8F:81:43:71:C4:F3:8C:FA:6D:EC:B4:5E:1F:58:71:AA:48:42:0E:E9 ValidityMon, 04 Mar 2024 07:16:39 GMT - Mon, 27 May 2024 07:16:38 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 162924, version 1.0 Size163 kB (162924 bytes) Hash7f2e1b48b71ec58fda4539018a2f56cc 507bf81f52fa8c99bf2c5c8bd59a981899ca9995 7f80c4c91054b3d6c80721939242c2d4f68f15e41f251e12641f695d78eb2f35
GET /s/materialiconsextended/v151/kJEjBvgX7BgnkSrUwT8UnLVc38YydejYY-oE_LvJ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Referer: https://fundingchoicesmessages.google.com/
Origin: https://fundingchoicesmessages.google.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 162924
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 16 Apr 2024 15:10:32 GMT
expires: Wed, 16 Apr 2025 15:10:32 GMT
cache-control: public, max-age=31536000
age: 217592
last-modified: Mon, 08 Apr 2024 19:05:11 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| www.gstatic.com/_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingAdwallUi.vi.pWvgqKnqE8Y.es5.O/am=gKEb/d=1/excm=_b,_tp,allowadsview/ed=1/dg=0/wt=2/ujg=1/rs=AJlcJMyk_vGx5h43VSCi6ky069QGFQvtIA/m=_b,_tp | 142.250.74.35 | 200 OK | 56 kB |
URL GET HTTP/2www.gstatic.com/_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingAdwallUi.vi.pWvgqKnqE8Y.es5.O/am=gKEb/d=1/excm=_b,_tp,allowadsview/ed=1/dg=0/wt=2/ujg=1/rs=AJlcJMyk_vGx5h43VSCi6ky069QGFQvtIA/m=_b,_tp IP142.250.74.35:443
Requested byhttps://fundingchoicesmessages.google.com/s/whitelist?hl=vi CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com Fingerprint8F:81:43:71:C4:F3:8C:FA:6D:EC:B4:5E:1F:58:71:AA:48:42:0E:E9 ValidityMon, 04 Mar 2024 07:16:39 GMT - Mon, 27 May 2024 07:16:38 GMT
File typeJavaScript source, ASCII text, with very long lines (2331) Hash65e864be75ee444565658d67774b0c54 7f0f29fd4bb9ca93150b786e4f48f5c2f8bca773 db02c8b4797a18ccbe137c9fc2de340c332ff76454cfd1aaa1e8545766b8ba8f
GET /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingAdwallUi.vi.pWvgqKnqE8Y.es5.O/am=gKEb/d=1/excm=_b,_tp,allowadsview/ed=1/dg=0/wt=2/ujg=1/rs=AJlcJMyk_vGx5h43VSCi6ky069QGFQvtIA/m=_b,_tp HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://fundingchoicesmessages.google.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/content-ads-contributor-boq-js-css-signers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="boq-infra/content-ads-contributor-boq-js-css-signers"
report-to: {"group":"boq-infra/content-ads-contributor-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/content-ads-contributor-boq-js-css-signers"}]}
content-length: 55653
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 18 Apr 2024 15:17:07 GMT
expires: Fri, 18 Apr 2025 15:17:07 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Wed, 17 Apr 2024 21:34:52 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
age: 44397
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| grab.nguonphimc.com/embed/vuong-quoc-cua-gio-f43859.html?api=nguonphimc.com&esp=533613&aesp=15c&user=P26301&tim=1713497824&key=rlennKOWVW9kamdkZ25qa2hlX1eoppujkp6XVXBhsA | 94.242.50.163 | 200 OK | 3.6 kB |
URL GET HTTP/1.1grab.nguonphimc.com/embed/vuong-quoc-cua-gio-f43859.html?api=nguonphimc.com&esp=533613&aesp=15c&user=P26301&tim=1713497824&key=rlennKOWVW9kamdkZ25qa2hlX1eoppujkp6XVXBhsA IP94.242.50.163:80
Requested byhttp://nguonphimc.com/xem-phim/vuong-quoc-cua-gio-f43859-15c-e533613.html
File typeHTML document, Unicode text, UTF-8 text, with CRLF, LF line terminators Hash318ab7398087471aee2fa4fbc337ad61 300e47f0156aa21d063005cd87059513072ac740 290695371ec91369efc2173efc557baf376cc15d5641773444f119cdb2647cec
GET /embed/vuong-quoc-cua-gio-f43859.html?api=nguonphimc.com&esp=533613&aesp=15c&user=P26301&tim=1713497824&key=rlennKOWVW9kamdkZ25qa2hlX1eoppujkp6XVXBhsA HTTP/1.1
Host: grab.nguonphimc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://nguonphimc.com/
Cookie: _ga_DDD7EKFG6W=GS1.1.1713497823.1.0.1713497824.0.0.0; _ga=GA1.1.1452574386.1713497824
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 19 Apr 2024 03:37:04 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.0.33
X-Powered-By: PHP/7.0.33
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Set-Cookie: PHPSESSID=ff7d3p0crk0tll82oqgvnlh673; path=/
us_session_id=P26313; expires=Sat, 20-Apr-2024 03:37:04 GMT; Max-Age=86400; path=/
Vary: Accept-Encoding
Content-Encoding: gzip
X-UA-Compatible: IE=edge,chrome=1
Content-Length: 3641
Connection: close
Content-Type: text/html; charset=UTF-8
|
|
| grab.nguonphimc.com/js/main.min.js?v=2.4.8.2 | 94.242.50.163 | 200 OK | 5.6 kB |
URL GET HTTP/1.1grab.nguonphimc.com/js/main.min.js?v=2.4.8.2 IP94.242.50.163:80
Requested byhttp://grab.nguonphimc.com/embed/vuong-quoc-cua-gio-f43859.html?api=nguonphimc.com&esp=533613&aesp=15c&user=P26301&tim=1713497824&key=rlennKOWVW9kamdkZ25qa2hlX1eoppujkp6XVXBhsA
File typeJavaScript source, Unicode text, UTF-8 text, with very long lines (17159) Hash2f3514d630f0195787c0f99778202f3c 2ce2883a59c655b8e02d644a1449fcdfdf604486 23b47b8eb144a359fdd87940db44e0420e7e0062f3cbba762e0e22c35afb3749
GET /js/main.min.js?v=2.4.8.2 HTTP/1.1
Host: grab.nguonphimc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://grab.nguonphimc.com/embed/vuong-quoc-cua-gio-f43859.html?api=nguonphimc.com&esp=533613&aesp=15c&user=P26301&tim=1713497824&key=rlennKOWVW9kamdkZ25qa2hlX1eoppujkp6XVXBhsA
Cookie: _ga_DDD7EKFG6W=GS1.1.1713497823.1.0.1713497824.0.0.0; _ga=GA1.1.1452574386.1713497824; PHPSESSID=ff7d3p0crk0tll82oqgvnlh673; us_session_id=P26313
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 19 Apr 2024 03:37:05 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.0.33
Last-Modified: Sat, 02 May 2020 19:55:57 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: max-age=31536000, proxy-revalidate
Expires: Sat, 19 Apr 2025 03:37:05 GMT
Content-Length: 5620
Connection: close
Content-Type: application/javascript; charset=utf-8
|
|
| grab.nguonphimc.com/assets/3bd14e95/jquery.min.js | 94.242.50.163 | 200 OK | 34 kB |
URL GET HTTP/1.1grab.nguonphimc.com/assets/3bd14e95/jquery.min.js IP94.242.50.163:80
Requested byhttp://grab.nguonphimc.com/embed/vuong-quoc-cua-gio-f43859.html?api=nguonphimc.com&esp=533613&aesp=15c&user=P26301&tim=1713497824&key=rlennKOWVW9kamdkZ25qa2hlX1eoppujkp6XVXBhsA
File typeJavaScript source, ASCII text, with very long lines (32077) Hash0fca26b5a37a66d68d0f4406976be4b5 ee000eb654b3bd37185665d3901e93b34ce1aa52 8c2812ded6436715279f8fd8db58de307aa39ab0296fe3cf0e879067c51e9b18
GET /assets/3bd14e95/jquery.min.js HTTP/1.1
Host: grab.nguonphimc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://grab.nguonphimc.com/embed/vuong-quoc-cua-gio-f43859.html?api=nguonphimc.com&esp=533613&aesp=15c&user=P26301&tim=1713497824&key=rlennKOWVW9kamdkZ25qa2hlX1eoppujkp6XVXBhsA
Cookie: _ga_DDD7EKFG6W=GS1.1.1713497823.1.0.1713497824.0.0.0; _ga=GA1.1.1452574386.1713497824; PHPSESSID=ff7d3p0crk0tll82oqgvnlh673; us_session_id=P26313
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 19 Apr 2024 03:37:05 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.0.33
Last-Modified: Wed, 30 Nov 2022 09:07:34 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: max-age=31536000, proxy-revalidate
Expires: Sat, 19 Apr 2025 03:37:05 GMT
Content-Length: 33693
Connection: close
Content-Type: application/javascript; charset=utf-8
|
|
| www.gstatic.com/_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingAdwallUi.vi.pWvgqKnqE8Y.es5.O/ck=boq-content-ads-contributor.ContributorServingAdwallUi.payteTO1wl8.L.F4.O/am=gKEb/d=1/exm=_b,_tp/excm=_b,_tp,allowadsview/ed=1/wt=2/ujg=1/rs=AJlcJMzSUfO5Mm9PUNsFdowDQWxkjdegOQ/ee=EmZ2Bf:zr1jrb;JsbNhc:Xd8iUd;LBgRLc:XVMNvd;NPKaK:PVlQOd;SNUn3:ZwDk9d;cEt90b:ws9Tlc;dIoSBb:SpsfSb;eBAeSb:zbML3c;iFQyKf:vfuNJf;nAFL3:NTMZac;oGtAuc:sOXFj;qddgKe:xQtZb;wR5FRb:siKnQd;yxTchf:KUM7Z/m=BWd0oe | 142.250.74.35 | 200 OK | 15 kB |
URL GET HTTP/3www.gstatic.com/_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingAdwallUi.vi.pWvgqKnqE8Y.es5.O/ck=boq-content-ads-contributor.ContributorServingAdwallUi.payteTO1wl8.L.F4.O/am=gKEb/d=1/exm=_b,_tp/excm=_b,_tp,allowadsview/ed=1/wt=2/ujg=1/rs=AJlcJMzSUfO5Mm9PUNsFdowDQWxkjdegOQ/ee=EmZ2Bf:zr1jrb;JsbNhc:Xd8iUd;LBgRLc:XVMNvd;NPKaK:PVlQOd;SNUn3:ZwDk9d;cEt90b:ws9Tlc;dIoSBb:SpsfSb;eBAeSb:zbML3c;iFQyKf:vfuNJf;nAFL3:NTMZac;oGtAuc:sOXFj;qddgKe:xQtZb;wR5FRb:siKnQd;yxTchf:KUM7Z/m=BWd0oe IP142.250.74.35:443
Requested byhttps://fundingchoicesmessages.google.com/s/whitelist?hl=vi CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com Fingerprint8F:81:43:71:C4:F3:8C:FA:6D:EC:B4:5E:1F:58:71:AA:48:42:0E:E9 ValidityMon, 04 Mar 2024 07:16:39 GMT - Mon, 27 May 2024 07:16:38 GMT
File typeJavaScript source, ASCII text, with very long lines (1424) Hash124ba95b2ec12aff22f988c42b14d353 e506202fff14601dba2b44d807b1319968bb3216 50aff2092ce10805752997b823e0bb7490112ff66b9f2d00eaa8b6cada98a873
GET /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingAdwallUi.vi.pWvgqKnqE8Y.es5.O/ck=boq-content-ads-contributor.ContributorServingAdwallUi.payteTO1wl8.L.F4.O/am=gKEb/d=1/exm=_b,_tp/excm=_b,_tp,allowadsview/ed=1/wt=2/ujg=1/rs=AJlcJMzSUfO5Mm9PUNsFdowDQWxkjdegOQ/ee=EmZ2Bf:zr1jrb;JsbNhc:Xd8iUd;LBgRLc:XVMNvd;NPKaK:PVlQOd;SNUn3:ZwDk9d;cEt90b:ws9Tlc;dIoSBb:SpsfSb;eBAeSb:zbML3c;iFQyKf:vfuNJf;nAFL3:NTMZac;oGtAuc:sOXFj;qddgKe:xQtZb;wR5FRb:siKnQd;yxTchf:KUM7Z/m=BWd0oe HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://fundingchoicesmessages.google.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/content-ads-contributor-boq-js-css-signers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="boq-infra/content-ads-contributor-boq-js-css-signers"
report-to: {"group":"boq-infra/content-ads-contributor-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/content-ads-contributor-boq-js-css-signers"}]}
content-length: 15156
date: Fri, 19 Apr 2024 03:37:05 GMT
expires: Sat, 19 Apr 2025 03:37:05 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Sun, 14 Apr 2024 07:33:00 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| grab.nguonphimc.com/assets/b2993a05/jwplayer.js?ver=2.4.8.2 | 94.242.50.163 | 200 OK | 39 kB |
URL GET HTTP/1.1grab.nguonphimc.com/assets/b2993a05/jwplayer.js?ver=2.4.8.2 IP94.242.50.163:80
Requested byhttp://grab.nguonphimc.com/embed/vuong-quoc-cua-gio-f43859.html?api=nguonphimc.com&esp=533613&aesp=15c&user=P26301&tim=1713497824&key=rlennKOWVW9kamdkZ25qa2hlX1eoppujkp6XVXBhsA
File typeJavaScript source, Unicode text, UTF-8 text, with very long lines (65140) Hash637800d55d2ac43cd3c4a864fac04661 bfb57b2bbe30a271e945e5d36027d69fb01b24cf 2aac7ee38577a71b8f0ec381c7836fc29274407517b9038e879fa762651dc5fc
GET /assets/b2993a05/jwplayer.js?ver=2.4.8.2 HTTP/1.1
Host: grab.nguonphimc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://grab.nguonphimc.com/embed/vuong-quoc-cua-gio-f43859.html?api=nguonphimc.com&esp=533613&aesp=15c&user=P26301&tim=1713497824&key=rlennKOWVW9kamdkZ25qa2hlX1eoppujkp6XVXBhsA
Cookie: _ga_DDD7EKFG6W=GS1.1.1713497823.1.0.1713497824.0.0.0; _ga=GA1.1.1452574386.1713497824; PHPSESSID=ff7d3p0crk0tll82oqgvnlh673; us_session_id=P26313
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 19 Apr 2024 03:37:05 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.0.33
Last-Modified: Wed, 30 Nov 2022 09:07:45 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: max-age=31536000, proxy-revalidate
Expires: Sat, 19 Apr 2025 03:37:05 GMT
Content-Length: 39208
Connection: close
Content-Type: application/javascript; charset=utf-8
|
|
| grab.nguonphimc.com/themes/np/css/color.css?v=2.4.8.2 | 94.242.50.163 | 200 OK | 80 kB |
URL GET HTTP/1.1grab.nguonphimc.com/themes/np/css/color.css?v=2.4.8.2 IP94.242.50.163:80
Requested byhttp://grab.nguonphimc.com/embed/vuong-quoc-cua-gio-f43859.html?api=nguonphimc.com&esp=533613&aesp=15c&user=P26301&tim=1713497824&key=rlennKOWVW9kamdkZ25qa2hlX1eoppujkp6XVXBhsA
File typeUnicode text, UTF-8 (with BOM) text, with very long lines (65533), with no line terminators Hash9ccfae82c1f9be3cf7c148a39228f53c 9abd7857d28f34c5007b11ee53d2818482775163 d962cf8c297e2b013c20dadac3f99d1af50957de8e1d1de8b4ea960fbd6fd7b6
GET /themes/np/css/color.css?v=2.4.8.2 HTTP/1.1
Host: grab.nguonphimc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://grab.nguonphimc.com/embed/vuong-quoc-cua-gio-f43859.html?api=nguonphimc.com&esp=533613&aesp=15c&user=P26301&tim=1713497824&key=rlennKOWVW9kamdkZ25qa2hlX1eoppujkp6XVXBhsA
Cookie: _ga_DDD7EKFG6W=GS1.1.1713497823.1.0.1713497824.0.0.0; _ga=GA1.1.1452574386.1713497824; PHPSESSID=ff7d3p0crk0tll82oqgvnlh673; us_session_id=P26313
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 19 Apr 2024 03:37:05 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.0.33
Last-Modified: Wed, 30 Nov 2022 08:58:35 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: max-age=31536000, proxy-revalidate
Expires: Sat, 19 Apr 2025 03:37:05 GMT
Connection: close
Transfer-Encoding: chunked
Content-Type: text/css; charset=utf-8
|
|
| www.gstatic.com/fundingchoices/allowads/blockers/firefox/uo_icon-1.svg | 142.250.74.35 | 200 OK | 1.3 kB |
URL GET HTTP/3www.gstatic.com/fundingchoices/allowads/blockers/firefox/uo_icon-1.svg IP142.250.74.35:443
Requested byhttps://fundingchoicesmessages.google.com/s/whitelist?hl=vi CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com Fingerprint8F:81:43:71:C4:F3:8C:FA:6D:EC:B4:5E:1F:58:71:AA:48:42:0E:E9 ValidityMon, 04 Mar 2024 07:16:39 GMT - Mon, 27 May 2024 07:16:38 GMT
File typeSVG Scalable Vector Graphics image Hash9d378dcff1b89001c348f1df4564ba48 d81c2c163657754563fcd33b793dc36cd6b3a21e f194962656d2b52acaba476410973194ffc377f15f8710a25b7fbee9fd99a2df
GET /fundingchoices/allowads/blockers/firefox/uo_icon-1.svg HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://fundingchoicesmessages.google.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
content-encoding: br
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-length: 1258
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 18 Apr 2024 17:42:16 GMT
expires: Fri, 18 Apr 2025 17:42:16 GMT
cache-control: public, max-age=31536000
age: 35689
last-modified: Thu, 30 Dec 2021 12:48:00 GMT
content-type: image/svg+xml
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| www.gstatic.com/fundingchoices/allowads/blockers/firefox/uo_refresh_icon-1.svg | 142.250.74.35 | 200 OK | 1.5 kB |
URL GET HTTP/3www.gstatic.com/fundingchoices/allowads/blockers/firefox/uo_refresh_icon-1.svg IP142.250.74.35:443
Requested byhttps://fundingchoicesmessages.google.com/s/whitelist?hl=vi CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com Fingerprint8F:81:43:71:C4:F3:8C:FA:6D:EC:B4:5E:1F:58:71:AA:48:42:0E:E9 ValidityMon, 04 Mar 2024 07:16:39 GMT - Mon, 27 May 2024 07:16:38 GMT
File typeSVG Scalable Vector Graphics image Hash606c949e5f626ea9a5a1a1a346209c59 f7700e18535dbb3108d50acbcd6f4f18a533843b bc6e55b647b6656e06c02477e957a9ab8dd2164058f8046bf2c5522a219b7e98
GET /fundingchoices/allowads/blockers/firefox/uo_refresh_icon-1.svg HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://fundingchoicesmessages.google.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
content-encoding: br
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-length: 1492
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 18 Apr 2024 17:33:37 GMT
expires: Fri, 18 Apr 2025 17:33:37 GMT
cache-control: public, max-age=31536000
age: 36208
last-modified: Tue, 19 Oct 2021 16:18:00 GMT
content-type: image/svg+xml
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| www.gstatic.com/fundingchoices/allowads/blockers/firefox/uo_allowads_icon-1.png | 142.250.74.35 | 200 OK | 1.1 kB |
URL GET HTTP/3www.gstatic.com/fundingchoices/allowads/blockers/firefox/uo_allowads_icon-1.png IP142.250.74.35:443
Requested byhttps://fundingchoicesmessages.google.com/s/whitelist?hl=vi CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com Fingerprint8F:81:43:71:C4:F3:8C:FA:6D:EC:B4:5E:1F:58:71:AA:48:42:0E:E9 ValidityMon, 04 Mar 2024 07:16:39 GMT - Mon, 27 May 2024 07:16:38 GMT
File typePNG image data, 117 x 127, 8-bit colormap, non-interlaced Hash975c9f127c385e3699795a74098872d8 a83d8ebdda4fc135a66de267850c9f573a52b9fe 5caf71572cd2c4167c04a6ecef78d7b407e460b0517c9b11df5cc0c0b9a0d320
GET /fundingchoices/allowads/blockers/firefox/uo_allowads_icon-1.png HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://fundingchoicesmessages.google.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-length: 1071
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 18 Apr 2024 17:28:24 GMT
expires: Fri, 18 Apr 2025 17:28:24 GMT
cache-control: public, max-age=31536000
age: 36521
last-modified: Thu, 20 Jul 2023 22:48:00 GMT
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| www.gstatic.com/fundingchoices/allowads/blockers/firefox/abp_icon-1.svg | 142.250.74.35 | 200 OK | 1.8 kB |
URL GET HTTP/3www.gstatic.com/fundingchoices/allowads/blockers/firefox/abp_icon-1.svg IP142.250.74.35:443
Requested byhttps://fundingchoicesmessages.google.com/s/whitelist?hl=vi CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com Fingerprint8F:81:43:71:C4:F3:8C:FA:6D:EC:B4:5E:1F:58:71:AA:48:42:0E:E9 ValidityMon, 04 Mar 2024 07:16:39 GMT - Mon, 27 May 2024 07:16:38 GMT
File typeSVG Scalable Vector Graphics image Hash32014d3c673c214354e3236b76047386 f01e5134d98ab4029bb6b7022b00516c9df35b37 bf72e9d16e37c6c685185dfc73478765de0cb102f34872cd90cc28b6a9ab3736
GET /fundingchoices/allowads/blockers/firefox/abp_icon-1.svg HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://fundingchoicesmessages.google.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
content-encoding: br
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-length: 1772
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 18 Apr 2024 03:19:24 GMT
expires: Fri, 18 Apr 2025 03:19:24 GMT
cache-control: public, max-age=31536000
age: 87461
last-modified: Thu, 20 Jul 2023 22:48:00 GMT
content-type: image/svg+xml
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| www.gstatic.com/fundingchoices/allowads/blockers/firefox/browser_uo-2.png | 142.250.74.35 | 200 OK | 7.2 kB |
URL GET HTTP/3www.gstatic.com/fundingchoices/allowads/blockers/firefox/browser_uo-2.png IP142.250.74.35:443
Requested byhttps://fundingchoicesmessages.google.com/s/whitelist?hl=vi CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com Fingerprint8F:81:43:71:C4:F3:8C:FA:6D:EC:B4:5E:1F:58:71:AA:48:42:0E:E9 ValidityMon, 04 Mar 2024 07:16:39 GMT - Mon, 27 May 2024 07:16:38 GMT
File typePNG image data, 794 x 184, 8-bit colormap, non-interlaced Hash2ca4823b87ee46e5d7a641195cfde652 1d0b4aceb1b0276cbdffaa84facd66b5fe41c714 3d74f9a6b34a1f9936cf3fdcf33ec06f48b602a7202396dcc3aef424a54e5413
GET /fundingchoices/allowads/blockers/firefox/browser_uo-2.png HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://fundingchoicesmessages.google.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-length: 7205
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 18 Apr 2024 17:42:16 GMT
expires: Fri, 18 Apr 2025 17:42:16 GMT
cache-control: public, max-age=31536000
age: 35689
last-modified: Thu, 02 Nov 2023 22:48:00 GMT
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| www.gstatic.com/fundingchoices/allowads/blockers/firefox/abp_power_icon-1.svg | 142.250.74.35 | 200 OK | 731 B |
URL GET HTTP/3www.gstatic.com/fundingchoices/allowads/blockers/firefox/abp_power_icon-1.svg IP142.250.74.35:443
Requested byhttps://fundingchoicesmessages.google.com/s/whitelist?hl=vi CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com Fingerprint8F:81:43:71:C4:F3:8C:FA:6D:EC:B4:5E:1F:58:71:AA:48:42:0E:E9 ValidityMon, 04 Mar 2024 07:16:39 GMT - Mon, 27 May 2024 07:16:38 GMT
File typeSVG Scalable Vector Graphics image Hashc663022865c526afe63691faf0d14725 f1e821f6920fc1b9db40ccf35ed0f6fb54ea8592 56ff7605344ed5eb3a68f8edc6b048658ee714bdfed56d487cb1e1bb62eb24f8
GET /fundingchoices/allowads/blockers/firefox/abp_power_icon-1.svg HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://fundingchoicesmessages.google.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
content-encoding: br
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-length: 731
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 16 Apr 2024 09:59:27 GMT
expires: Wed, 16 Apr 2025 09:59:27 GMT
cache-control: public, max-age=31536000
age: 236258
last-modified: Thu, 02 Nov 2023 22:48:00 GMT
content-type: image/svg+xml
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| www.gstatic.com/fundingchoices/allowads/blockers/firefox/browser_abp-2.png | 142.250.74.35 | 200 OK | 7.4 kB |
URL GET HTTP/3www.gstatic.com/fundingchoices/allowads/blockers/firefox/browser_abp-2.png IP142.250.74.35:443
Requested byhttps://fundingchoicesmessages.google.com/s/whitelist?hl=vi CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com Fingerprint8F:81:43:71:C4:F3:8C:FA:6D:EC:B4:5E:1F:58:71:AA:48:42:0E:E9 ValidityMon, 04 Mar 2024 07:16:39 GMT - Mon, 27 May 2024 07:16:38 GMT
File typePNG image data, 794 x 184, 8-bit colormap, non-interlaced Hash3d77be4b727c5ff097bcac7eb68c09f9 785be4dc822e6817dbc03b69246cd089436bf108 b77a4547e701c49192847e60735a7027f0910a0df2ccf6d6193dcf1e4a74f719
GET /fundingchoices/allowads/blockers/firefox/browser_abp-2.png HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://fundingchoicesmessages.google.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-length: 7390
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 15 Apr 2024 21:55:20 GMT
expires: Tue, 15 Apr 2025 21:55:20 GMT
cache-control: public, max-age=31536000
age: 279705
last-modified: Tue, 19 Oct 2021 16:18:00 GMT
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| www.gstatic.com/fundingchoices/allowads/blockers/firefox/browser_ab-2.png | 142.250.74.35 | 200 OK | 7.7 kB |
URL GET HTTP/3www.gstatic.com/fundingchoices/allowads/blockers/firefox/browser_ab-2.png IP142.250.74.35:443
Requested byhttps://fundingchoicesmessages.google.com/s/whitelist?hl=vi CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com Fingerprint8F:81:43:71:C4:F3:8C:FA:6D:EC:B4:5E:1F:58:71:AA:48:42:0E:E9 ValidityMon, 04 Mar 2024 07:16:39 GMT - Mon, 27 May 2024 07:16:38 GMT
File typePNG image data, 794 x 184, 8-bit colormap, non-interlaced Hash13a0bd1dcfc87f4f19579dc5b059af16 82aa8a7312d5023667edc1565962ddfdfb99a678 818af03e73fcb8964cc644383aa9a2ca4db0b1d8634fbdc9216d8a1d460aab6c
GET /fundingchoices/allowads/blockers/firefox/browser_ab-2.png HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://fundingchoicesmessages.google.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-length: 7688
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 15 Apr 2024 20:31:55 GMT
expires: Tue, 15 Apr 2025 20:31:55 GMT
cache-control: public, max-age=31536000
age: 284710
last-modified: Tue, 19 Oct 2021 16:18:00 GMT
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| www.gstatic.com/fundingchoices/allowads/blockers/firefox/ab_icon-1.svg | 142.250.74.35 | 200 OK | 15 kB |
URL GET HTTP/3www.gstatic.com/fundingchoices/allowads/blockers/firefox/ab_icon-1.svg IP142.250.74.35:443
Requested byhttps://fundingchoicesmessages.google.com/s/whitelist?hl=vi CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com Fingerprint8F:81:43:71:C4:F3:8C:FA:6D:EC:B4:5E:1F:58:71:AA:48:42:0E:E9 ValidityMon, 04 Mar 2024 07:16:39 GMT - Mon, 27 May 2024 07:16:38 GMT
File typeSVG Scalable Vector Graphics image Hash419033f4f0383492c93db1e6b5e7fa23 96584fdfb4d58c70fb1db6dfc128db296e5cf4e0 c75fbc4fd1beb52bbe64df89d8c402290f5b23bb518abbdd159a268aa0a5f782
GET /fundingchoices/allowads/blockers/firefox/ab_icon-1.svg HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://fundingchoicesmessages.google.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
content-encoding: br
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-length: 15403
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 18 Apr 2024 03:19:24 GMT
expires: Fri, 18 Apr 2025 03:19:24 GMT
cache-control: public, max-age=31536000
age: 87461
last-modified: Tue, 19 Oct 2021 16:18:00 GMT
content-type: image/svg+xml
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| www.gstatic.com/_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingAdwallUi.vi.pWvgqKnqE8Y.es5.O/ck=boq-content-ads-contributor.ContributorServingAdwallUi.payteTO1wl8.L.F4.O/am=gKEb/d=1/exm=BWd0oe,_b,_tp/excm=_b,_tp,allowadsview/ed=1/wt=2/ujg=1/rs=AJlcJMzSUfO5Mm9PUNsFdowDQWxkjdegOQ/ee=EmZ2Bf:zr1jrb;JsbNhc:Xd8iUd;LBgRLc:XVMNvd;NPKaK:PVlQOd;SNUn3:ZwDk9d;cEt90b:ws9Tlc;dIoSBb:SpsfSb;eBAeSb:zbML3c;iFQyKf:vfuNJf;nAFL3:NTMZac;oGtAuc:sOXFj;qddgKe:xQtZb;wR5FRb:siKnQd;yxTchf:KUM7Z/m=soHxf | 142.250.74.35 | 200 OK | 9.3 kB |
URL GET HTTP/3www.gstatic.com/_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingAdwallUi.vi.pWvgqKnqE8Y.es5.O/ck=boq-content-ads-contributor.ContributorServingAdwallUi.payteTO1wl8.L.F4.O/am=gKEb/d=1/exm=BWd0oe,_b,_tp/excm=_b,_tp,allowadsview/ed=1/wt=2/ujg=1/rs=AJlcJMzSUfO5Mm9PUNsFdowDQWxkjdegOQ/ee=EmZ2Bf:zr1jrb;JsbNhc:Xd8iUd;LBgRLc:XVMNvd;NPKaK:PVlQOd;SNUn3:ZwDk9d;cEt90b:ws9Tlc;dIoSBb:SpsfSb;eBAeSb:zbML3c;iFQyKf:vfuNJf;nAFL3:NTMZac;oGtAuc:sOXFj;qddgKe:xQtZb;wR5FRb:siKnQd;yxTchf:KUM7Z/m=soHxf IP142.250.74.35:443
Requested byhttps://fundingchoicesmessages.google.com/s/whitelist?hl=vi CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com Fingerprint8F:81:43:71:C4:F3:8C:FA:6D:EC:B4:5E:1F:58:71:AA:48:42:0E:E9 ValidityMon, 04 Mar 2024 07:16:39 GMT - Mon, 27 May 2024 07:16:38 GMT
File typeJavaScript source, ASCII text, with very long lines (1226) Hash0df69be878f840c3ece59615858c5009 65d903b30ab94d986ae198622811f39576d4da4c b51d740f6556a23458f1715f7183de04394c359a5d5645175c914c880a7e0a16
GET /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingAdwallUi.vi.pWvgqKnqE8Y.es5.O/ck=boq-content-ads-contributor.ContributorServingAdwallUi.payteTO1wl8.L.F4.O/am=gKEb/d=1/exm=BWd0oe,_b,_tp/excm=_b,_tp,allowadsview/ed=1/wt=2/ujg=1/rs=AJlcJMzSUfO5Mm9PUNsFdowDQWxkjdegOQ/ee=EmZ2Bf:zr1jrb;JsbNhc:Xd8iUd;LBgRLc:XVMNvd;NPKaK:PVlQOd;SNUn3:ZwDk9d;cEt90b:ws9Tlc;dIoSBb:SpsfSb;eBAeSb:zbML3c;iFQyKf:vfuNJf;nAFL3:NTMZac;oGtAuc:sOXFj;qddgKe:xQtZb;wR5FRb:siKnQd;yxTchf:KUM7Z/m=soHxf HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://fundingchoicesmessages.google.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/content-ads-contributor-boq-js-css-signers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="boq-infra/content-ads-contributor-boq-js-css-signers"
report-to: {"group":"boq-infra/content-ads-contributor-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/content-ads-contributor-boq-js-css-signers"}]}
content-length: 9278
date: Fri, 19 Apr 2024 03:37:05 GMT
expires: Sat, 19 Apr 2025 03:37:05 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Sun, 14 Apr 2024 07:33:00 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| grab.nguonphimc.com/img/loading_film.gif | 94.242.50.163 | 200 OK | 1.9 kB |
URL GET HTTP/1.1grab.nguonphimc.com/img/loading_film.gif IP94.242.50.163:80
Requested byhttp://grab.nguonphimc.com/embed/vuong-quoc-cua-gio-f43859.html?api=nguonphimc.com&esp=533613&aesp=15c&user=P26301&tim=1713497824&key=rlennKOWVW9kamdkZ25qa2hlX1eoppujkp6XVXBhsA
File typeGIF image data, version 89a, 34 x 34 Hashb9d35ba13f16629ec47d785d61d2204c 680ccabf459357685db0c404f4ef23543e735729 43b3f6a202a86e29f40d8a102cf62565fcdc07cebb55185f13eb86b0fbc8c5e6
GET /img/loading_film.gif HTTP/1.1
Host: grab.nguonphimc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://grab.nguonphimc.com/embed/vuong-quoc-cua-gio-f43859.html?api=nguonphimc.com&esp=533613&aesp=15c&user=P26301&tim=1713497824&key=rlennKOWVW9kamdkZ25qa2hlX1eoppujkp6XVXBhsA
Cookie: _ga_DDD7EKFG6W=GS1.1.1713497823.1.0.1713497824.0.0.0; _ga=GA1.1.1452574386.1713497824; PHPSESSID=ff7d3p0crk0tll82oqgvnlh673; us_session_id=P26313
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 19 Apr 2024 03:37:05 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.0.33
Last-Modified: Mon, 25 Dec 2017 07:17:53 GMT
Accept-Ranges: bytes
Content-Length: 1924
Cache-Control: max-age=2592000, public
Expires: Sun, 19 May 2024 03:37:05 GMT
Connection: close
Content-Type: image/gif
|
|
| www.gstatic.com/_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingAdwallUi.vi.pWvgqKnqE8Y.es5.O/ck=boq-content-ads-contributor.ContributorServingAdwallUi.payteTO1wl8.L.F4.O/am=gKEb/d=1/exm=BWd0oe,_b,_tp,soHxf/excm=_b,_tp,allowadsview/ed=1/wt=2/ujg=1/rs=AJlcJMzSUfO5Mm9PUNsFdowDQWxkjdegOQ/ee=EmZ2Bf:zr1jrb;JsbNhc:Xd8iUd;LBgRLc:XVMNvd;NPKaK:PVlQOd;SNUn3:ZwDk9d;cEt90b:ws9Tlc;dIoSBb:SpsfSb;eBAeSb:zbML3c;iFQyKf:vfuNJf;nAFL3:NTMZac;oGtAuc:sOXFj;qddgKe:xQtZb;wR5FRb:siKnQd;yxTchf:KUM7Z/m=Wt6vjf,hhhU8,FCpbqb,ws9Tlc,WhJNk | 142.250.74.35 | 200 OK | 3.5 kB |
URL GET HTTP/3www.gstatic.com/_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingAdwallUi.vi.pWvgqKnqE8Y.es5.O/ck=boq-content-ads-contributor.ContributorServingAdwallUi.payteTO1wl8.L.F4.O/am=gKEb/d=1/exm=BWd0oe,_b,_tp,soHxf/excm=_b,_tp,allowadsview/ed=1/wt=2/ujg=1/rs=AJlcJMzSUfO5Mm9PUNsFdowDQWxkjdegOQ/ee=EmZ2Bf:zr1jrb;JsbNhc:Xd8iUd;LBgRLc:XVMNvd;NPKaK:PVlQOd;SNUn3:ZwDk9d;cEt90b:ws9Tlc;dIoSBb:SpsfSb;eBAeSb:zbML3c;iFQyKf:vfuNJf;nAFL3:NTMZac;oGtAuc:sOXFj;qddgKe:xQtZb;wR5FRb:siKnQd;yxTchf:KUM7Z/m=Wt6vjf,hhhU8,FCpbqb,ws9Tlc,WhJNk IP142.250.74.35:443
Requested byhttps://fundingchoicesmessages.google.com/s/whitelist?hl=vi CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com Fingerprint8F:81:43:71:C4:F3:8C:FA:6D:EC:B4:5E:1F:58:71:AA:48:42:0E:E9 ValidityMon, 04 Mar 2024 07:16:39 GMT - Mon, 27 May 2024 07:16:38 GMT
File typeJavaScript source, ASCII text, with very long lines (763) Hashab1564f0dc81e3cdd5ded3cc022d6364 821fe2a008e172df73c12e0a3d2eb6da3c4cb717 872b63440dfdc5f5b4b42cddd6aa1ce863efcd72d3816e927dcd3cd65c2b06c3
GET /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingAdwallUi.vi.pWvgqKnqE8Y.es5.O/ck=boq-content-ads-contributor.ContributorServingAdwallUi.payteTO1wl8.L.F4.O/am=gKEb/d=1/exm=BWd0oe,_b,_tp,soHxf/excm=_b,_tp,allowadsview/ed=1/wt=2/ujg=1/rs=AJlcJMzSUfO5Mm9PUNsFdowDQWxkjdegOQ/ee=EmZ2Bf:zr1jrb;JsbNhc:Xd8iUd;LBgRLc:XVMNvd;NPKaK:PVlQOd;SNUn3:ZwDk9d;cEt90b:ws9Tlc;dIoSBb:SpsfSb;eBAeSb:zbML3c;iFQyKf:vfuNJf;nAFL3:NTMZac;oGtAuc:sOXFj;qddgKe:xQtZb;wR5FRb:siKnQd;yxTchf:KUM7Z/m=Wt6vjf,hhhU8,FCpbqb,ws9Tlc,WhJNk HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://fundingchoicesmessages.google.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/content-ads-contributor-boq-js-css-signers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="boq-infra/content-ads-contributor-boq-js-css-signers"
report-to: {"group":"boq-infra/content-ads-contributor-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/content-ads-contributor-boq-js-css-signers"}]}
content-length: 3490
date: Fri, 19 Apr 2024 03:37:05 GMT
expires: Sat, 19 Apr 2025 03:37:05 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Sun, 14 Apr 2024 07:33:00 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| www.gstatic.com/_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingAdwallUi.vi.pWvgqKnqE8Y.es5.O/ck=boq-content-ads-contributor.ContributorServingAdwallUi.payteTO1wl8.L.F4.O/am=gKEb/d=1/exm=BWd0oe,FCpbqb,WhJNk,Wt6vjf,_b,_tp,hhhU8,soHxf,ws9Tlc/excm=_b,_tp,allowadsview/ed=1/wt=2/ujg=1/rs=AJlcJMzSUfO5Mm9PUNsFdowDQWxkjdegOQ/ee=EmZ2Bf:zr1jrb;JsbNhc:Xd8iUd;LBgRLc:XVMNvd;NPKaK:PVlQOd;SNUn3:ZwDk9d;cEt90b:ws9Tlc;dIoSBb:SpsfSb;eBAeSb:zbML3c;iFQyKf:vfuNJf;nAFL3:NTMZac;oGtAuc:sOXFj;qddgKe:xQtZb;wR5FRb:siKnQd;yxTchf:KUM7Z/m=byfTOb,lsjVmc,LEikZe,lwddkf,EFQ78c | 142.250.74.35 | 200 OK | 13 kB |
URL GET HTTP/3www.gstatic.com/_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingAdwallUi.vi.pWvgqKnqE8Y.es5.O/ck=boq-content-ads-contributor.ContributorServingAdwallUi.payteTO1wl8.L.F4.O/am=gKEb/d=1/exm=BWd0oe,FCpbqb,WhJNk,Wt6vjf,_b,_tp,hhhU8,soHxf,ws9Tlc/excm=_b,_tp,allowadsview/ed=1/wt=2/ujg=1/rs=AJlcJMzSUfO5Mm9PUNsFdowDQWxkjdegOQ/ee=EmZ2Bf:zr1jrb;JsbNhc:Xd8iUd;LBgRLc:XVMNvd;NPKaK:PVlQOd;SNUn3:ZwDk9d;cEt90b:ws9Tlc;dIoSBb:SpsfSb;eBAeSb:zbML3c;iFQyKf:vfuNJf;nAFL3:NTMZac;oGtAuc:sOXFj;qddgKe:xQtZb;wR5FRb:siKnQd;yxTchf:KUM7Z/m=byfTOb,lsjVmc,LEikZe,lwddkf,EFQ78c IP142.250.74.35:443
Requested byhttps://fundingchoicesmessages.google.com/s/whitelist?hl=vi CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com Fingerprint8F:81:43:71:C4:F3:8C:FA:6D:EC:B4:5E:1F:58:71:AA:48:42:0E:E9 ValidityMon, 04 Mar 2024 07:16:39 GMT - Mon, 27 May 2024 07:16:38 GMT
File typeJavaScript source, ASCII text, with very long lines (1600) Hashab199b9dc5faf341e688a4c9196b0874 fdf2ccb808e05f2789ced334d3d18e13ec59d71c 454a7e35fa7a6c0a52d616009ce1964375308a1b839a87095780df64b70c4e0e
GET /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingAdwallUi.vi.pWvgqKnqE8Y.es5.O/ck=boq-content-ads-contributor.ContributorServingAdwallUi.payteTO1wl8.L.F4.O/am=gKEb/d=1/exm=BWd0oe,FCpbqb,WhJNk,Wt6vjf,_b,_tp,hhhU8,soHxf,ws9Tlc/excm=_b,_tp,allowadsview/ed=1/wt=2/ujg=1/rs=AJlcJMzSUfO5Mm9PUNsFdowDQWxkjdegOQ/ee=EmZ2Bf:zr1jrb;JsbNhc:Xd8iUd;LBgRLc:XVMNvd;NPKaK:PVlQOd;SNUn3:ZwDk9d;cEt90b:ws9Tlc;dIoSBb:SpsfSb;eBAeSb:zbML3c;iFQyKf:vfuNJf;nAFL3:NTMZac;oGtAuc:sOXFj;qddgKe:xQtZb;wR5FRb:siKnQd;yxTchf:KUM7Z/m=byfTOb,lsjVmc,LEikZe,lwddkf,EFQ78c HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://fundingchoicesmessages.google.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/content-ads-contributor-boq-js-css-signers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="boq-infra/content-ads-contributor-boq-js-css-signers"
report-to: {"group":"boq-infra/content-ads-contributor-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/content-ads-contributor-boq-js-css-signers"}]}
content-length: 12692
date: Fri, 19 Apr 2024 03:37:05 GMT
expires: Sat, 19 Apr 2025 03:37:05 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Sun, 14 Apr 2024 07:33:00 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| fonts.googleapis.com/css?family=Open+Sans:300,300i,400,400i,600,600i,700,700i,800,800i|Roboto:100,100i,300,300i,400,400i,500,500i,700,700i,900,900i&subset=latin-ext,vietnamese | 142.250.74.74 | 200 OK | 15 kB |
URL GET HTTP/3fonts.googleapis.com/css?family=Open+Sans:300,300i,400,400i,600,600i,700,700i,800,800i|Roboto:100,100i,300,300i,400,400i,500,500i,700,700i,900,900i&subset=latin-ext,vietnamese IP142.250.74.74:443
Requested byhttp://grab.nguonphimc.com/embed/vuong-quoc-cua-gio-f43859.html?api=nguonphimc.com&esp=533613&aesp=15c&user=P26301&tim=1713497824&key=rlennKOWVW9kamdkZ25qa2hlX1eoppujkp6XVXBhsA CertificateIssuerGoogle Trust Services LLC Subjectupload.video.google.com Fingerprint47:5A:64:7D:9F:47:34:07:31:91:97:F7:04:42:7A:D5:EA:AD:07:4E ValidityMon, 04 Mar 2024 07:16:44 GMT - Mon, 27 May 2024 07:16:43 GMT
File typeASCII text, with very long lines (1572) Hashfccaf31523fb2b1f9a2f5326ba3fc954 bb06d9116f9e9ea8b851889d965683b0c130e1c6 3da608c2c7e4ca0573a3ce7251ca07a3e549289a11fb7c8ac22e7fd89c955453
GET /css?family=Open+Sans:300,300i,400,400i,600,600i,700,700i,800,800i|Roboto:100,100i,300,300i,400,400i,500,500i,700,700i,900,900i&subset=latin-ext,vietnamese HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://grab.nguonphimc.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Fri, 19 Apr 2024 03:37:05 GMT
date: Fri, 19 Apr 2024 03:37:05 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| grab.nguonphimc.com/themes/np/fonts/fontawesome-webfont.woff2?v=4.7.0 | 94.242.50.163 | 200 OK | 77 kB |
URL GET HTTP/1.1grab.nguonphimc.com/themes/np/fonts/fontawesome-webfont.woff2?v=4.7.0 IP94.242.50.163:80
Requested byhttp://grab.nguonphimc.com/embed/vuong-quoc-cua-gio-f43859.html?api=nguonphimc.com&esp=533613&aesp=15c&user=P26301&tim=1713497824&key=rlennKOWVW9kamdkZ25qa2hlX1eoppujkp6XVXBhsA
File typeWeb Open Font Format (Version 2), TrueType, length 77160, version 4.459 Hashaf7ae505a9eed503f8b8e6982036873e d6f48cba7d076fb6f2fd6ba993a75b9dc1ecbf0c 2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
GET /themes/np/fonts/fontawesome-webfont.woff2?v=4.7.0 HTTP/1.1
Host: grab.nguonphimc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: http://grab.nguonphimc.com/themes/np/css/color.css?v=2.4.8.2
Cookie: _ga_DDD7EKFG6W=GS1.1.1713497823.1.0.1713497824.0.0.0; _ga=GA1.1.1452574386.1713497824; PHPSESSID=ff7d3p0crk0tll82oqgvnlh673; us_session_id=P26313
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 19 Apr 2024 03:37:05 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.0.33
Last-Modified: Fri, 19 Jan 2018 09:14:59 GMT
Accept-Ranges: bytes
Content-Length: 77160
Cache-Control: max-age=2592000
Expires: Sun, 19 May 2024 03:37:05 GMT
X-UA-Compatible: IE=edge,chrome=1
Connection: close
|
|
| bestowgradepunch.com/sbar.json?key=5b28bb3338748187b2166508de2d96b3&uuid=f91793d4-a15a-47d5-9c49-e930848ebbad%3A1%3A1 | 192.243.61.225 | 200 OK | 8.3 kB |
URL GET HTTP/1.1bestowgradepunch.com/sbar.json?key=5b28bb3338748187b2166508de2d96b3&uuid=f91793d4-a15a-47d5-9c49-e930848ebbad%3A1%3A1 IP192.243.61.225:443 ASN#39572 DataWeb Global Group B.V.
Requested byhttp://nguonphimc.com/xem-phim/vuong-quoc-cua-gio-f43859-15c-e533613.html CertificateIssuerLet's Encrypt Subjectbestowgradepunch.com Fingerprint87:77:41:5E:A2:D4:BA:15:DB:55:61:B9:8E:D5:37:83:16:3B:8F:D3 ValidityTue, 16 Apr 2024 13:41:38 GMT - Mon, 15 Jul 2024 13:41:37 GMT
Hash3ed574e56b4622b84dfd05cd0734353e 03742299522b1a9bc387c9f9ed57295cefc91497 471de14105160d3440666e26560d0e34a71bcb4d0a58c88f7a9bf5c6ad7b487b
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /sbar.json?key=5b28bb3338748187b2166508de2d96b3&uuid=f91793d4-a15a-47d5-9c49-e930848ebbad%3A1%3A1 HTTP/1.1
Host: bestowgradepunch.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://nguonphimc.com
DNT: 1
Connection: keep-alive
Referer: http://nguonphimc.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Fri, 19 Apr 2024 03:37:05 GMT
Content-Type: text/plain; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: http://nguonphimc.com
Access-Control-Allow-Origin: http://nguonphimc.com
Access-Control-Allow-Credentials: true
Set-Cookie: u_pl=17093374; expires=Sat, 20 Apr 2024 03:37:05 GMT; secure; SameSite=None
uid_id2=f91793d4-a15a-47d5-9c49-e930848ebbad:1:1; expires=Fri, 26 Apr 2024 03:37:05 GMT; secure; SameSite=None
pdhtkv=true; expires=Sat, 20 Apr 2024 03:37:05 GMT; secure; SameSite=None
uncs=1; expires=Sat, 20 Apr 2024 03:37:05 GMT; secure; SameSite=None
pdhtkv29=true; expires=Sat, 20 Apr 2024 03:37:05 GMT; secure; SameSite=None
uncs29=1; expires=Sat, 20 Apr 2024 03:37:05 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: dedb6fbacc43e49f72cc53ebcca80573
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
|
|
| unseenreport.com/pxf.gif?uuid=f91793d4-a15a-47d5-9c49-e930848ebbad&eb=978028c5053b26833423c7a069ce3bd5&te=5db3a4e34790624df926db520a13f79f&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=e&res=14.2069&b_frame=0&pk=5b28bb3338748187b2166508de2d96b3&bl=en-US&sr=1024x1280&sz=1024x1280&hjs=3 | 192.243.61.227 | 200 OK | 1 B |
URL GET HTTP/1.1unseenreport.com/pxf.gif?uuid=f91793d4-a15a-47d5-9c49-e930848ebbad&eb=978028c5053b26833423c7a069ce3bd5&te=5db3a4e34790624df926db520a13f79f&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=e&res=14.2069&b_frame=0&pk=5b28bb3338748187b2166508de2d96b3&bl=en-US&sr=1024x1280&sz=1024x1280&hjs=3 IP192.243.61.227:80 ASN#39572 DataWeb Global Group B.V.
Requested byhttp://nguonphimc.com/xem-phim/vuong-quoc-cua-gio-f43859-15c-e533613.html
File typevery short file (no magic) Hash93b885adfe0da089cdf634904fd59f71 5ba93c9db0cff93f52b521d7420e43f6eda2784f 6e340b9cffb37a989ca544e6bb780a2c78901d3fb33738768511a30617afa01d
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /pxf.gif?uuid=f91793d4-a15a-47d5-9c49-e930848ebbad&eb=978028c5053b26833423c7a069ce3bd5&te=5db3a4e34790624df926db520a13f79f&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=e&res=14.2069&b_frame=0&pk=5b28bb3338748187b2166508de2d96b3&bl=en-US&sr=1024x1280&sz=1024x1280&hjs=3 HTTP/1.1
Host: unseenreport.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://nguonphimc.com/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Fri, 19 Apr 2024 03:37:05 GMT
Content-Type: image/gif
Content-Length: 1
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: d4872781d8d26b5d6fb64223c9d42036
Strict-Transport-Security: max-age=0; includeSubdomains
|
|
| bestowgradepunch.com/ren.gif?sid=H4sIAAAAAAAC%2F1RSz2skRRSujgMeRETZmwijeFhhM%2BkfMz0z7iEY10gwu1l2Fb2IVHXVTMpUdzVV3dOTnIILssfBu9D5Jtmw7iLrH%2BCqkwUPEWHHUw4GRBAPHhRhQRCRnh0MPijee%2FW9gu99X328l58SHzk9uXRZ70il6FKr4dbPv%2Bd5F%2BvrMsmH9WEn%2FCBsXqybwavdsOG%2BUn9TRFt6yXc91%2FVcr74qjejp4VIFQqZ3u16j6zaafsNrNTE0%2F%2B9t7sBSB3xwSp6D5NPaA%2BccZDRBEt%2B7JOxWptMLb8S5opk2GPDDd5KtRBcJ4rOyZxz0ksP5NLR9uHofOjmY0YUe%2FDfI5JQ4394HSw7nJMEG%2BzOeTEEkYPwpFIMJhJpA0gkifQOSPyRAxHFlA0l864o2Bd1%2BjNIKnZLaoz8hiymp%2FXgOSfz5ipLD%2BnWt8kzqxGLYKyGHE8j%2BBGl%2BhGxnAbI4QpR9BMm%2FJ0uP1pHE%2BxtWaUh%2B8nKv67W7AW8uUq9FF5tt3lrsRs3uougGbqfZEYxRPhNIyglkbwIlRqDWQV4d6SDvOchTBzE%2FqUee57VdHlG3042igLcFC7nr0XbPo54bdpBH1Q4jZOkIkRohMrtIzS625Agm%2Fxp2s4TlDmxGMOAlCkFQWIKCEhSSoMgIikF5wJX1bXmLK5szb579eQ7Ksc76e%2FRAZ32REFAzguHlXnpKnq0EdGrTf7AlTuot5ncYC4Kg0252vE6b%2BV4YttwOFz7vhiyAlSWkXZitu1OZ%2Bc0K0iq%2FtAxGj2DVESLpgOYvgBYl6GaJneRO0s91kg0akY7BdYk0qyHbdvbUKXl%2B5uCVv85DRMfLv7LL0z9u%2F43IlEhNiQ%2FlA4K%2Bujm%2Bpguyf00XlnyxkWYylju0cvd6RjNR%2B%2BwtsV1ow9cu2dHt16IKqMq7bwubrdOEy6RvyZ0Vybkwq9pEgny5Zt8V7GpuN1dyk%2BTp%2BtXXV9fi1AhrpU4moHJKnnz%2FN0RySp759LvZx73wdBPSTGDyEnF%2BTOYBqSeI0l3Y9Hj552AWsJrAqLMZljoo8nJsfHZ2qSSBEmc9ZSWsOBOBieOvfn%2BMjQ2tXlNZ7tmb6JsF0OwGkrjEwJQYqBJUjWDzJ8ZZao6Xf5jTYGphzJRZ2GfKqE9mMk%2FJ2sY9WHlSbweBS8Nuy2u3qWizpt%2FphR6n1G%2BGfhjSAJmd9l785ad%2FAQAA%2F%2F8BAAD%2F%2F%2FXMuTeSBAAA | 192.243.61.225 | 200 OK | 7 B |
URL GET HTTP/1.1bestowgradepunch.com/ren.gif?sid=H4sIAAAAAAAC%2F1RSz2skRRSujgMeRETZmwijeFhhM%2BkfMz0z7iEY10gwu1l2Fb2IVHXVTMpUdzVV3dOTnIILssfBu9D5Jtmw7iLrH%2BCqkwUPEWHHUw4GRBAPHhRhQRCRnh0MPijee%2FW9gu99X328l58SHzk9uXRZ70il6FKr4dbPv%2Bd5F%2BvrMsmH9WEn%2FCBsXqybwavdsOG%2BUn9TRFt6yXc91%2FVcr74qjejp4VIFQqZ3u16j6zaafsNrNTE0%2F%2B9t7sBSB3xwSp6D5NPaA%2BccZDRBEt%2B7JOxWptMLb8S5opk2GPDDd5KtRBcJ4rOyZxz0ksP5NLR9uHofOjmY0YUe%2FDfI5JQ4394HSw7nJMEG%2BzOeTEEkYPwpFIMJhJpA0gkifQOSPyRAxHFlA0l864o2Bd1%2BjNIKnZLaoz8hiymp%2FXgOSfz5ipLD%2BnWt8kzqxGLYKyGHE8j%2BBGl%2BhGxnAbI4QpR9BMm%2FJ0uP1pHE%2BxtWaUh%2B8nKv67W7AW8uUq9FF5tt3lrsRs3uougGbqfZEYxRPhNIyglkbwIlRqDWQV4d6SDvOchTBzE%2FqUee57VdHlG3042igLcFC7nr0XbPo54bdpBH1Q4jZOkIkRohMrtIzS625Agm%2Fxp2s4TlDmxGMOAlCkFQWIKCEhSSoMgIikF5wJX1bXmLK5szb579eQ7Ksc76e%2FRAZ32REFAzguHlXnpKnq0EdGrTf7AlTuot5ncYC4Kg0252vE6b%2BV4YttwOFz7vhiyAlSWkXZitu1OZ%2Bc0K0iq%2FtAxGj2DVESLpgOYvgBYl6GaJneRO0s91kg0akY7BdYk0qyHbdvbUKXl%2B5uCVv85DRMfLv7LL0z9u%2F43IlEhNiQ%2FlA4K%2Bujm%2Bpguyf00XlnyxkWYylju0cvd6RjNR%2B%2BwtsV1ow9cu2dHt16IKqMq7bwubrdOEy6RvyZ0Vybkwq9pEgny5Zt8V7GpuN1dyk%2BTp%2BtXXV9fi1AhrpU4moHJKnnz%2FN0RySp759LvZx73wdBPSTGDyEnF%2BTOYBqSeI0l3Y9Hj552AWsJrAqLMZljoo8nJsfHZ2qSSBEmc9ZSWsOBOBieOvfn%2BMjQ2tXlNZ7tmb6JsF0OwGkrjEwJQYqBJUjWDzJ8ZZao6Xf5jTYGphzJRZ2GfKqE9mMk%2FJ2sY9WHlSbweBS8Nuy2u3qWizpt%2FphR6n1G%2BGfhjSAJmd9l785ad%2FAQAA%2F%2F8BAAD%2F%2F%2FXMuTeSBAAA IP192.243.61.225:443 ASN#39572 DataWeb Global Group B.V.
Requested byhttp://nguonphimc.com/xem-phim/vuong-quoc-cua-gio-f43859-15c-e533613.html CertificateIssuerLet's Encrypt Subjectbestowgradepunch.com Fingerprint87:77:41:5E:A2:D4:BA:15:DB:55:61:B9:8E:D5:37:83:16:3B:8F:D3 ValidityTue, 16 Apr 2024 13:41:38 GMT - Mon, 15 Jul 2024 13:41:37 GMT
File typeASCII text, with no line terminators Hash132d6af1b46048b45cf86cdee7991d31 eb7007d03d59b65bc6da7e098c4d38fc6dfb6285 ab852e838deccd742a03ca81d4a8d75cf1a00b327db3eaf46bd7da6b6db9384c
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /ren.gif?sid=H4sIAAAAAAAC%2F1RSz2skRRSujgMeRETZmwijeFhhM%2BkfMz0z7iEY10gwu1l2Fb2IVHXVTMpUdzVV3dOTnIILssfBu9D5Jtmw7iLrH%2BCqkwUPEWHHUw4GRBAPHhRhQRCRnh0MPijee%2FW9gu99X328l58SHzk9uXRZ70il6FKr4dbPv%2Bd5F%2BvrMsmH9WEn%2FCBsXqybwavdsOG%2BUn9TRFt6yXc91%2FVcr74qjejp4VIFQqZ3u16j6zaafsNrNTE0%2F%2B9t7sBSB3xwSp6D5NPaA%2BccZDRBEt%2B7JOxWptMLb8S5opk2GPDDd5KtRBcJ4rOyZxz0ksP5NLR9uHofOjmY0YUe%2FDfI5JQ4394HSw7nJMEG%2BzOeTEEkYPwpFIMJhJpA0gkifQOSPyRAxHFlA0l864o2Bd1%2BjNIKnZLaoz8hiymp%2FXgOSfz5ipLD%2BnWt8kzqxGLYKyGHE8j%2BBGl%2BhGxnAbI4QpR9BMm%2FJ0uP1pHE%2BxtWaUh%2B8nKv67W7AW8uUq9FF5tt3lrsRs3uougGbqfZEYxRPhNIyglkbwIlRqDWQV4d6SDvOchTBzE%2FqUee57VdHlG3042igLcFC7nr0XbPo54bdpBH1Q4jZOkIkRohMrtIzS625Agm%2Fxp2s4TlDmxGMOAlCkFQWIKCEhSSoMgIikF5wJX1bXmLK5szb579eQ7Ksc76e%2FRAZ32REFAzguHlXnpKnq0EdGrTf7AlTuot5ncYC4Kg0252vE6b%2BV4YttwOFz7vhiyAlSWkXZitu1OZ%2Bc0K0iq%2FtAxGj2DVESLpgOYvgBYl6GaJneRO0s91kg0akY7BdYk0qyHbdvbUKXl%2B5uCVv85DRMfLv7LL0z9u%2F43IlEhNiQ%2FlA4K%2Bujm%2Bpguyf00XlnyxkWYylju0cvd6RjNR%2B%2BwtsV1ow9cu2dHt16IKqMq7bwubrdOEy6RvyZ0Vybkwq9pEgny5Zt8V7GpuN1dyk%2BTp%2BtXXV9fi1AhrpU4moHJKnnz%2FN0RySp759LvZx73wdBPSTGDyEnF%2BTOYBqSeI0l3Y9Hj552AWsJrAqLMZljoo8nJsfHZ2qSSBEmc9ZSWsOBOBieOvfn%2BMjQ2tXlNZ7tmb6JsF0OwGkrjEwJQYqBJUjWDzJ8ZZao6Xf5jTYGphzJRZ2GfKqE9mMk%2FJ2sY9WHlSbweBS8Nuy2u3qWizpt%2FphR6n1G%2BGfhjSAJmd9l785ad%2FAQAA%2F%2F8BAAD%2F%2F%2FXMuTeSBAAA HTTP/1.1
Host: bestowgradepunch.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://nguonphimc.com/
Cookie: u_pl=17093374; uid_id2=f91793d4-a15a-47d5-9c49-e930848ebbad:1:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Fri, 19 Apr 2024 03:37:05 GMT
Content-Type: image/gif
Content-Length: 7
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 2403c81829655219557ad377605f13cc
Strict-Transport-Security: max-age=0; includeSubdomains
|
|
| cdn.creative-bars1.com/sb/ssp/vpn/classic-push/small/img/close.png | 188.114.96.1 | 200 OK | 591 B |
URL GET HTTP/2cdn.creative-bars1.com/sb/ssp/vpn/classic-push/small/img/close.png IP188.114.96.1:443
Requested byhttp://nguonphimc.com/xem-phim/vuong-quoc-cua-gio-f43859-15c-e533613.html CertificateIssuerGoogle Trust Services LLC Subjectcreative-bars1.com Fingerprint3D:29:39:2C:F1:E5:C6:EF:54:F5:70:B5:CF:A8:C2:75:4D:89:72:13 ValidityMon, 15 Apr 2024 15:02:18 GMT - Sun, 14 Jul 2024 15:02:17 GMT
File typePNG image data, 12 x 12, 8-bit/color RGBA, non-interlaced Hash9fd5bcb6103d86e317bd1eb019bcbe71 6b5a52ea669dcb74946f2bed4bdd7ec985026113 0ddd3be104ac7945fb062096df62034a6a24ecc76ba92493c35c62c3c25982ae
GET /sb/ssp/vpn/classic-push/small/img/close.png HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Fri, 19 Apr 2024 03:37:06 GMT
content-type: image/png
content-length: 591
last-modified: Fri, 19 Jan 2024 14:19:42 GMT
etag: "65aa84fe-24f"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 5581919
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Lin%2BDbhatIxXgYm%2B7SFCW9H0lzviCBkwJzx0gfQuPKFhh9VVsWul6FUcfkVzWCm1VagVMXFbe7S9zGruEqwOP0Lkp7Ub3kEm6ZJHqUhJv3rtW5N8z87lGUaGI7bcZFndbh6G9JSePaki"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8769daa4d8ac5691-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| fonts.googleapis.com/css?family=Roboto:300,400,700&display=swap | 142.250.74.74 | 200 OK | 717 B |
URL GET HTTP/1.1fonts.googleapis.com/css?family=Roboto:300,400,700&display=swap IP142.250.74.74:80
Requested byhttp://nguonphimc.com/xem-phim/vuong-quoc-cua-gio-f43859-15c-e533613.html
Hash9cc7d472437c87f6f7ebeb35abec09f1 948bb2b7bf4bbc829015c125e1b6f7859b2948b0 9a39510af72db44fb14d333c52c41da0e90827afcfe78c8f12b367f0a94783b7
GET /css?family=Roboto:300,400,700&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: text/css; charset=utf-8
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Link: <http://fonts.gstatic.com>; rel=preconnect; crossorigin
Expires: Fri, 19 Apr 2024 03:37:06 GMT
Date: Fri, 19 Apr 2024 03:37:06 GMT
Cache-Control: private, max-age=86400
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin-allow-popups
Content-Encoding: gzip
Transfer-Encoding: chunked
Server: ESF
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
|
|
| bestowgradepunch.com/pixel/sbls?bv=24.6.6370&tmpl=482&u=https%3A%2F%2Fcdn.barscreative1.com%2Fsb%2Fau%2F0c%2Fc8%2Fe1%2F0cc8e13ba9d5dbc867b982993e805a9d%2F1632728593.html&l=1325&fd=84 | 192.243.61.225 | 200 OK | 0 B |
URL GET HTTP/1.1bestowgradepunch.com/pixel/sbls?bv=24.6.6370&tmpl=482&u=https%3A%2F%2Fcdn.barscreative1.com%2Fsb%2Fau%2F0c%2Fc8%2Fe1%2F0cc8e13ba9d5dbc867b982993e805a9d%2F1632728593.html&l=1325&fd=84 IP192.243.61.225:80 ASN#39572 DataWeb Global Group B.V.
Requested byhttp://nguonphimc.com/xem-phim/vuong-quoc-cua-gio-f43859-15c-e533613.html
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /pixel/sbls?bv=24.6.6370&tmpl=482&u=https%3A%2F%2Fcdn.barscreative1.com%2Fsb%2Fau%2F0c%2Fc8%2Fe1%2F0cc8e13ba9d5dbc867b982993e805a9d%2F1632728593.html&l=1325&fd=84 HTTP/1.1
Host: bestowgradepunch.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://nguonphimc.com/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Fri, 19 Apr 2024 03:37:06 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
|
|
| cdn.cloudimagesb.com/si/63/93/4f/63934f19816e914cdf9542ebd1ea81b2/1713364719.png | 45.133.44.10 | 200 OK | 79 kB |
URL GET HTTP/2cdn.cloudimagesb.com/si/63/93/4f/63934f19816e914cdf9542ebd1ea81b2/1713364719.png IP45.133.44.10:443 ASN#39572 DataWeb Global Group B.V.
Requested byhttp://nguonphimc.com/xem-phim/vuong-quoc-cua-gio-f43859-15c-e533613.html CertificateIssuerLet's Encrypt Subjectcdn.cloudimagesb.com FingerprintC6:F3:21:F0:21:7D:7E:96:0F:E8:46:7A:5E:C5:3F:D1:52:B0:67:B0 ValidityFri, 22 Mar 2024 03:01:35 GMT - Thu, 20 Jun 2024 03:01:34 GMT
File typePNG image data, 192 x 192, 8-bit/color RGBA, non-interlaced Hash056a5db1da586024c4c315659f1a70da 364dbecd8995d974c1a8765edd125a62c9dc6754 ef512fcfc0a38fbc2e0299170bbd0b88e2ba27a20180d33fb989eb4dd8b25e6c
GET /si/63/93/4f/63934f19816e914cdf9542ebd1ea81b2/1713364719.png HTTP/1.1
Host: cdn.cloudimagesb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 19 Apr 2024 03:37:06 GMT
content-type: image/png
content-length: 78742
server: nginx/1.21.6
last-modified: Wed, 17 Apr 2024 14:38:47 GMT
etag: "661fdef7-13396"
expires: Sun, 21 Apr 2024 03:37:06 GMT
cache-control: max-age=172800
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| bestowgradepunch.com/pixel/sbls?bv=24.6.6370&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Fssp%2Fvpn%2Fclassic-push%2Fsmall%2Fjs%2Fscript.js&l=962&fd=11 | 192.243.61.225 | 200 OK | 0 B |
URL GET HTTP/1.1bestowgradepunch.com/pixel/sbls?bv=24.6.6370&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Fssp%2Fvpn%2Fclassic-push%2Fsmall%2Fjs%2Fscript.js&l=962&fd=11 IP192.243.61.225:80 ASN#39572 DataWeb Global Group B.V.
Requested byhttp://nguonphimc.com/xem-phim/vuong-quoc-cua-gio-f43859-15c-e533613.html
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /pixel/sbls?bv=24.6.6370&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Fssp%2Fvpn%2Fclassic-push%2Fsmall%2Fjs%2Fscript.js&l=962&fd=11 HTTP/1.1
Host: bestowgradepunch.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://nguonphimc.com/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Fri, 19 Apr 2024 03:37:06 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
|
|
| bestowgradepunch.com/pixel/sbls?bv=24.6.6370&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Fssp%2Fvpn%2Fclassic-push%2Fsmall%2Fcss%2Fstyle.css&l=3355&fd=337 | 192.243.59.13 | 200 OK | 0 B |
URL GET HTTP/1.1bestowgradepunch.com/pixel/sbls?bv=24.6.6370&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Fssp%2Fvpn%2Fclassic-push%2Fsmall%2Fcss%2Fstyle.css&l=3355&fd=337 IP192.243.59.13:80 ASN#39572 DataWeb Global Group B.V.
Requested byhttp://nguonphimc.com/xem-phim/vuong-quoc-cua-gio-f43859-15c-e533613.html
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /pixel/sbls?bv=24.6.6370&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Fssp%2Fvpn%2Fclassic-push%2Fsmall%2Fcss%2Fstyle.css&l=3355&fd=337 HTTP/1.1
Host: bestowgradepunch.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://nguonphimc.com/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Fri, 19 Apr 2024 03:37:06 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
|
|
| bestowgradepunch.com/pixel/sbls?bv=24.6.6370&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Fssp%2Fvpn%2Fclassic-push%2Fsmall%2Fcss%2Fanimate.css&l=78689&fd=339 | 192.243.61.225 | 200 OK | 0 B |
URL GET HTTP/1.1bestowgradepunch.com/pixel/sbls?bv=24.6.6370&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Fssp%2Fvpn%2Fclassic-push%2Fsmall%2Fcss%2Fanimate.css&l=78689&fd=339 IP192.243.61.225:80 ASN#39572 DataWeb Global Group B.V.
Requested byhttp://nguonphimc.com/xem-phim/vuong-quoc-cua-gio-f43859-15c-e533613.html
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /pixel/sbls?bv=24.6.6370&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Fssp%2Fvpn%2Fclassic-push%2Fsmall%2Fcss%2Fanimate.css&l=78689&fd=339 HTTP/1.1
Host: bestowgradepunch.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://nguonphimc.com/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Fri, 19 Apr 2024 03:37:06 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
|
|
| fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 | 142.250.74.131 | 200 OK | 16 kB |
URL GET HTTP/2fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 IP142.250.74.131:443
Requested byhttp://nguonphimc.com/xem-phim/vuong-quoc-cua-gio-f43859-15c-e533613.html CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com Fingerprint8F:81:43:71:C4:F3:8C:FA:6D:EC:B4:5E:1F:58:71:AA:48:42:0E:E9 ValidityMon, 04 Mar 2024 07:16:39 GMT - Mon, 27 May 2024 07:16:38 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 15860, version 1.0 Hashe9f5aaf547f165386cd313b995dddd8e acdef5603c2387b0e5bffd744b679a24a8bc1968 f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
GET /s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://nguonphimc.com
DNT: 1
Connection: keep-alive
Referer: http://fonts.googleapis.com/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin; report-to="apps-themes"
Report-To: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
Timing-Allow-Origin: *
Content-Length: 15860
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Tue, 16 Apr 2024 20:24:04 GMT
Expires: Wed, 16 Apr 2025 20:24:04 GMT
Cache-Control: public, max-age=31536000
Age: 198782
Last-Modified: Wed, 11 May 2022 19:24:42 GMT
Content-Type: font/woff2
|
|
| fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 | 142.250.74.131 | 200 OK | 16 kB |
URL GET HTTP/2fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 IP142.250.74.131:443
Requested byhttp://nguonphimc.com/xem-phim/vuong-quoc-cua-gio-f43859-15c-e533613.html CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com Fingerprint8F:81:43:71:C4:F3:8C:FA:6D:EC:B4:5E:1F:58:71:AA:48:42:0E:E9 ValidityMon, 04 Mar 2024 07:16:39 GMT - Mon, 27 May 2024 07:16:38 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 15744, version 1.0 Hash15d9f621c3bd1599f0169dcf0bd5e63e 7ca9c5967f3bb8bffeab24b639b49c1e7d03fa52 f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://nguonphimc.com
DNT: 1
Connection: keep-alive
Referer: http://fonts.googleapis.com/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin; report-to="apps-themes"
Report-To: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
Timing-Allow-Origin: *
Content-Length: 15744
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Thu, 18 Apr 2024 02:58:06 GMT
Expires: Fri, 18 Apr 2025 02:58:06 GMT
Cache-Control: public, max-age=31536000
Age: 88740
Last-Modified: Wed, 11 May 2022 19:24:48 GMT
Content-Type: font/woff2
|
|
| cdn.creative-bars1.com/sb/ssp/vpn/classic-push/small/css/animate.css | 188.114.96.1 | 200 OK | 4.9 kB |
URL GET HTTP/2cdn.creative-bars1.com/sb/ssp/vpn/classic-push/small/css/animate.css IP188.114.96.1:443
Requested byhttp://nguonphimc.com/xem-phim/vuong-quoc-cua-gio-f43859-15c-e533613.html CertificateIssuerGoogle Trust Services LLC Subjectcreative-bars1.com Fingerprint3D:29:39:2C:F1:E5:C6:EF:54:F5:70:B5:CF:A8:C2:75:4D:89:72:13 ValidityMon, 15 Apr 2024 15:02:18 GMT - Sun, 14 Jul 2024 15:02:17 GMT
Hash3d4123dbfb33d27a5cfdfcfa91df6783 e7d0eeeec54b848f0bc3da8685fa3bc88429d660 cb7d1393b65701b2f97d8da244c2c6023e9cbc3463ecb0136b915cfc775c6887
GET /sb/ssp/vpn/classic-push/small/css/animate.css HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://nguonphimc.com
DNT: 1
Connection: keep-alive
Referer: http://nguonphimc.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 19 Apr 2024 03:37:06 GMT
content-type: text/css
last-modified: Fri, 19 Jan 2024 14:19:42 GMT
etag: W/"65aa84fe-13361"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5%2BgCMThvhg3fgatcje9Q5paX2OKiBJYPHnfo8sVILf9rasOvntCUSJT5cPX1w1CKsWvtfdevdvmWa58rGoUN7pbVHNDsPe3l8DA5dHxdHyQDuIu03KyiHNUchwSesRZP%2FjX47IwB%2F8Dr"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8769daa4688a5691-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| bestowgradepunch.com/pixel/sbs?c=1 | 192.243.61.225 | 200 OK | 0 B |
URL GET HTTP/1.1bestowgradepunch.com/pixel/sbs?c=1 IP192.243.61.225:443 ASN#39572 DataWeb Global Group B.V.
Requested byhttp://nguonphimc.com/xem-phim/vuong-quoc-cua-gio-f43859-15c-e533613.html CertificateIssuerLet's Encrypt Subjectbestowgradepunch.com Fingerprint87:77:41:5E:A2:D4:BA:15:DB:55:61:B9:8E:D5:37:83:16:3B:8F:D3 ValidityTue, 16 Apr 2024 13:41:38 GMT - Mon, 15 Jul 2024 13:41:37 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /pixel/sbs?c=1 HTTP/1.1
Host: bestowgradepunch.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://nguonphimc.com/
Cookie: u_pl=17093374; uid_id2=f91793d4-a15a-47d5-9c49-e930848ebbad:1:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Fri, 19 Apr 2024 03:37:06 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
|
|
| nguonphimc.com/xem-phim/vuong-quoc-cua-gio-f43859-15d-e533614.html | 94.242.50.163 | 200 OK | 279 B |
URL POST HTTP/1.1nguonphimc.com/xem-phim/vuong-quoc-cua-gio-f43859-15d-e533614.html IP94.242.50.163:80
Requested byhttp://nguonphimc.com/xem-phim/vuong-quoc-cua-gio-f43859-15c-e533613.html
Hash2dec255cd3a0d11aaba3ed29ca83a290 3aac51259bcbf8e83c43170f4fa63f95bd100e9a b11048195f312434f1db35fb518bc80712fe1fd65e09fb178bd329d1f09af8dd
POST /xem-phim/vuong-quoc-cua-gio-f43859-15d-e533614.html HTTP/1.1
Host: nguonphimc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
X-Requested-With: XMLHttpRequest
Content-Length: 87
Origin: http://nguonphimc.com
DNT: 1
Connection: keep-alive
Referer: http://nguonphimc.com/xem-phim/vuong-quoc-cua-gio-f43859-15c-e533613.html
Cookie: PHPSESSID=tfm9q3gva53gm9vg6jg8f5vff5; us_session_id=P26301; _ga_DDD7EKFG6W=GS1.1.1713497823.1.0.1713497824.0.0.0; _ga=GA1.1.1452574386.1713497824; dom3ic8zudi28v8lr6fgphwffqoz0j6c=f91793d4-a15a-47d5-9c49-e930848ebbad%3A1%3A1; sb_page_5b28bb3338748187b2166508de2d96b3=1; sb_onpage_5b28bb3338748187b2166508de2d96b3=1; sb_main_5b28bb3338748187b2166508de2d96b3=1; sb_count_5b28bb3338748187b2166508de2d96b3=1
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 19 Apr 2024 03:37:15 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.0.33
X-Powered-By: PHP/7.0.33
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: Accept-Encoding
Content-Encoding: gzip
X-UA-Compatible: IE=edge,chrome=1
Content-Length: 279
Connection: close
Content-Type: text/html; charset=UTF-8
|
|
| grab.nguonphimc.com/embed/vuong-quoc-cua-gio-f43859.html?api=nguonphimc.com&esp=533614&aesp=15d&user=P26301&tim=1713497835&key=r1ennKOWVm9kamdkaG5qa2lmYFeoppujk56XVXBhsQ | 94.242.50.163 | | 3.6 kB |
URL GET grab.nguonphimc.com/embed/vuong-quoc-cua-gio-f43859.html?api=nguonphimc.com&esp=533614&aesp=15d&user=P26301&tim=1713497835&key=r1ennKOWVm9kamdkaG5qa2lmYFeoppujk56XVXBhsQ IP94.242.50.163:0
Requested byhttp://nguonphimc.com/xem-phim/vuong-quoc-cua-gio-f43859-15c-e533613.html
File typeHTML document, Unicode text, UTF-8 text, with CRLF, LF line terminators Hashb2c45dbed5eabe0cc4ae13dcbe755c6c c9e4b7d14a8007eb5f73e5fd3add574b7666017b 1645ee1fd6ef28b910fbe3d6749ba028efe94538107366fb08d39ea3246066d7
GET /embed/vuong-quoc-cua-gio-f43859.html?api=nguonphimc.com&esp=533614&aesp=15d&user=P26301&tim=1713497835&key=r1ennKOWVm9kamdkaG5qa2lmYFeoppujk56XVXBhsQ HTTP/1.1
Host: grab.nguonphimc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://nguonphimc.com/
Cookie: _ga_DDD7EKFG6W=GS1.1.1713497823.1.0.1713497824.0.0.0; _ga=GA1.1.1452574386.1713497824; PHPSESSID=ff7d3p0crk0tll82oqgvnlh673; us_session_id=P26313
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 19 Apr 2024 03:37:15 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.0.33
X-Powered-By: PHP/7.0.33
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Pragma: no-cache
Vary: Accept-Encoding
Content-Encoding: gzip
X-UA-Compatible: IE=edge,chrome=1
Content-Length: 3641
Connection: close
Content-Type: text/html; charset=UTF-8
|
|
| www.gstatic.com/_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingAdwallUi.vi.pWvgqKnqE8Y.es5.O/ck=boq-content-ads-contributor.ContributorServingAdwallUi.payteTO1wl8.L.F4.O/am=gKEb/d=1/exm=BWd0oe,EFQ78c,FCpbqb,LEikZe,WhJNk,Wt6vjf,_b,_tp,byfTOb,hhhU8,lsjVmc,lwddkf,soHxf,ws9Tlc/excm=_b,_tp,allowadsview/ed=1/wt=2/ujg=1/rs=AJlcJMzSUfO5Mm9PUNsFdowDQWxkjdegOQ/ee=EmZ2Bf:zr1jrb;JsbNhc:Xd8iUd;LBgRLc:XVMNvd;NPKaK:PVlQOd;SNUn3:ZwDk9d;cEt90b:ws9Tlc;dIoSBb:SpsfSb;eBAeSb:zbML3c;iFQyKf:vfuNJf;nAFL3:NTMZac;oGtAuc:sOXFj;qddgKe:xQtZb;wR5FRb:siKnQd;yxTchf:KUM7Z/m=RqjULd | 142.250.74.35 | 200 OK | 32 kB |
URL GET HTTP/3www.gstatic.com/_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingAdwallUi.vi.pWvgqKnqE8Y.es5.O/ck=boq-content-ads-contributor.ContributorServingAdwallUi.payteTO1wl8.L.F4.O/am=gKEb/d=1/exm=BWd0oe,EFQ78c,FCpbqb,LEikZe,WhJNk,Wt6vjf,_b,_tp,byfTOb,hhhU8,lsjVmc,lwddkf,soHxf,ws9Tlc/excm=_b,_tp,allowadsview/ed=1/wt=2/ujg=1/rs=AJlcJMzSUfO5Mm9PUNsFdowDQWxkjdegOQ/ee=EmZ2Bf:zr1jrb;JsbNhc:Xd8iUd;LBgRLc:XVMNvd;NPKaK:PVlQOd;SNUn3:ZwDk9d;cEt90b:ws9Tlc;dIoSBb:SpsfSb;eBAeSb:zbML3c;iFQyKf:vfuNJf;nAFL3:NTMZac;oGtAuc:sOXFj;qddgKe:xQtZb;wR5FRb:siKnQd;yxTchf:KUM7Z/m=RqjULd IP142.250.74.35:443
Requested byhttps://fundingchoicesmessages.google.com/s/whitelist?hl=vi CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com Fingerprint8F:81:43:71:C4:F3:8C:FA:6D:EC:B4:5E:1F:58:71:AA:48:42:0E:E9 ValidityMon, 04 Mar 2024 07:16:39 GMT - Mon, 27 May 2024 07:16:38 GMT
File typeJavaScript source, ASCII text, with very long lines (2968) Hashf5c7fc324e43f85696f2873b1fe2a8d4 7d90bee3a4626a8766fad6ba57e8a065b9c5d19f 5485453d1c290f9728e0756544aea1360eaf9a5b5555d1017b69d213d3d82455
GET /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingAdwallUi.vi.pWvgqKnqE8Y.es5.O/ck=boq-content-ads-contributor.ContributorServingAdwallUi.payteTO1wl8.L.F4.O/am=gKEb/d=1/exm=BWd0oe,EFQ78c,FCpbqb,LEikZe,WhJNk,Wt6vjf,_b,_tp,byfTOb,hhhU8,lsjVmc,lwddkf,soHxf,ws9Tlc/excm=_b,_tp,allowadsview/ed=1/wt=2/ujg=1/rs=AJlcJMzSUfO5Mm9PUNsFdowDQWxkjdegOQ/ee=EmZ2Bf:zr1jrb;JsbNhc:Xd8iUd;LBgRLc:XVMNvd;NPKaK:PVlQOd;SNUn3:ZwDk9d;cEt90b:ws9Tlc;dIoSBb:SpsfSb;eBAeSb:zbML3c;iFQyKf:vfuNJf;nAFL3:NTMZac;oGtAuc:sOXFj;qddgKe:xQtZb;wR5FRb:siKnQd;yxTchf:KUM7Z/m=RqjULd HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://fundingchoicesmessages.google.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/content-ads-contributor-boq-js-css-signers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="boq-infra/content-ads-contributor-boq-js-css-signers"
report-to: {"group":"boq-infra/content-ads-contributor-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/content-ads-contributor-boq-js-css-signers"}]}
content-length: 11750
date: Fri, 19 Apr 2024 03:37:05 GMT
expires: Sat, 19 Apr 2025 03:37:05 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Sun, 14 Apr 2024 07:33:00 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| fundingchoicesmessages.google.com/s/whitelist?hl=vi | 216.58.211.14 | 200 OK | 100 kB |
URL GET HTTP/2fundingchoicesmessages.google.com/s/whitelist?hl=vi IP216.58.211.14:443
Requested byhttp://nguonphimc.com/xem-phim/vuong-quoc-cua-gio-f43859-15c-e533613.html CertificateIssuerGoogle Trust Services LLC Subject*.google.com Fingerprint02:6C:2F:38:A0:8A:95:AC:E8:2B:67:AA:69:A4:34:6E:15:99:F5:1D ValidityMon, 04 Mar 2024 06:35:50 GMT - Mon, 27 May 2024 06:35:49 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /s/whitelist?hl=vi HTTP/1.1
Host: fundingchoicesmessages.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://nguonphimc.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/html; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-ua-compatible: IE=edge
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Fri, 19 Apr 2024 03:37:04 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorServingAdwallUi/cspreport, script-src 'nonce-FodsvJMHnY0qaLZQKFFTUg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingAdwallUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingAdwallUi/cspreport/allowlist
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
cross-origin-resource-policy: same-site
reporting-endpoints: default="/_/ContributorServingAdwallUi/web-reports?context=eJzjMtDikmLw1ZBikPj6kkkLiJ3SZ7CGALFP_QzWOCBuvXmOdToQJ_07z1oCxEI8HA_Otm9kE1jQdW0zEwDTFxle"
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| fonts.googleapis.com/css?family=Roboto+Condensed:300,300i,400,400i,700,700i&subset=latin-ext,vietnamese | 142.250.74.74 | 200 OK | 14 kB |
URL GET HTTP/2fonts.googleapis.com/css?family=Roboto+Condensed:300,300i,400,400i,700,700i&subset=latin-ext,vietnamese IP142.250.74.74:443
Requested byhttp://nguonphimc.com/xem-phim/vuong-quoc-cua-gio-f43859-15c-e533613.html CertificateIssuerGoogle Trust Services LLC Subjectupload.video.google.com Fingerprint47:5A:64:7D:9F:47:34:07:31:91:97:F7:04:42:7A:D5:EA:AD:07:4E ValidityMon, 04 Mar 2024 07:16:44 GMT - Mon, 27 May 2024 07:16:43 GMT
Hashfc75373f300a1c1fbca638e636b5f68b 4bc81b7661df93d2b448862e227c13e42f23222e f105df3b32f71722ebee1ee36d7ff3a57f637e97400d9a691b878f1575d1984f
GET /css?family=Roboto+Condensed:300,300i,400,400i,700,700i&subset=latin-ext,vietnamese HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://nguonphimc.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Fri, 19 Apr 2024 03:37:03 GMT
date: Fri, 19 Apr 2024 03:37:03 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| nguonphimc.com/themes/np/fonts/fontawesome-webfont.woff2?v=4.7.0 | 94.242.50.163 | 200 OK | 77 kB |
URL GET HTTP/1.1nguonphimc.com/themes/np/fonts/fontawesome-webfont.woff2?v=4.7.0 IP94.242.50.163:80
Requested byhttp://nguonphimc.com/xem-phim/vuong-quoc-cua-gio-f43859-15c-e533613.html
File typeWeb Open Font Format (Version 2), TrueType, length 77160, version 4.459 Hashaf7ae505a9eed503f8b8e6982036873e d6f48cba7d076fb6f2fd6ba993a75b9dc1ecbf0c 2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
GET /themes/np/fonts/fontawesome-webfont.woff2?v=4.7.0 HTTP/1.1
Host: nguonphimc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: http://nguonphimc.com/themes/np/css/color.css?v=np2.4.8.2
Cookie: PHPSESSID=tfm9q3gva53gm9vg6jg8f5vff5; us_session_id=P26301; _ga_DDD7EKFG6W=GS1.1.1713497823.1.0.1713497824.0.0.0; _ga=GA1.1.1452574386.1713497824
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 19 Apr 2024 03:37:04 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.0.33
Last-Modified: Fri, 19 Jan 2018 09:14:59 GMT
Accept-Ranges: bytes
Content-Length: 77160
Cache-Control: max-age=2592000
Expires: Sun, 19 May 2024 03:37:04 GMT
X-UA-Compatible: IE=edge,chrome=1
Connection: close
|
|
| cdn.barscreative1.com/sb/au/0c/c8/e1/0cc8e13ba9d5dbc867b982993e805a9d/1632728593.html | 45.133.44.3 | 200 OK | 1.3 kB |
URL GET HTTP/2cdn.barscreative1.com/sb/au/0c/c8/e1/0cc8e13ba9d5dbc867b982993e805a9d/1632728593.html IP45.133.44.3:443 ASN#39572 DataWeb Global Group B.V.
Requested byhttp://nguonphimc.com/xem-phim/vuong-quoc-cua-gio-f43859-15c-e533613.html CertificateIssuerLet's Encrypt Subjectcdn.barscreative1.com FingerprintF6:54:F4:B9:EB:AD:1E:FA:8F:76:B9:75:20:9B:41:57:32:37:94:E3 ValiditySun, 10 Mar 2024 03:01:32 GMT - Sat, 08 Jun 2024 03:01:31 GMT
File typeHTML document, ASCII text, with very long lines (1405), with no line terminators Hash5373f3c4843345dde67db670323b2d54 666b2db9872196e52a2bc902111de5e37aa1ae28 e398fbdac28494dec6505fb0143d4cd41cee83989517e12c13ea113fef006fda
GET /sb/au/0c/c8/e1/0cc8e13ba9d5dbc867b982993e805a9d/1632728593.html HTTP/1.1
Host: cdn.barscreative1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://nguonphimc.com
DNT: 1
Connection: keep-alive
Referer: http://nguonphimc.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 19 Apr 2024 03:37:05 GMT
content-type: text/html; charset=utf-8
server: nginx/1.21.6
last-modified: Mon, 27 Sep 2021 07:43:24 GMT
etag: W/"6151761c-52d"
cache-control: max-age=3600
access-control-allow-origin: *
access-control-expose-headers: Date
content-encoding: gzip
expires: Fri, 19 Apr 2024 04:37:05 GMT
x-proxy-cache: HIT
X-Firefox-Spdy: h2
|
|
| cdn.creative-bars1.com/sb/ssp/vpn/classic-push/small/css/style.css | 188.114.96.1 | 200 OK | 3.4 kB |
URL GET HTTP/2cdn.creative-bars1.com/sb/ssp/vpn/classic-push/small/css/style.css IP188.114.96.1:443
Requested byhttp://nguonphimc.com/xem-phim/vuong-quoc-cua-gio-f43859-15c-e533613.html CertificateIssuerGoogle Trust Services LLC Subjectcreative-bars1.com Fingerprint3D:29:39:2C:F1:E5:C6:EF:54:F5:70:B5:CF:A8:C2:75:4D:89:72:13 ValidityMon, 15 Apr 2024 15:02:18 GMT - Sun, 14 Jul 2024 15:02:17 GMT
File typeASCII text, with very long lines (3537), with no line terminators Hashb8a277e051f047a41d3229377460f0c9 596b934114e1b6e3cee15ef19925c7f2ff5607e7 9cf981fe6d59b72cb9d12e4bc958983bac07f16b8f1b40bb1c6ced0bf2d6b2d0
GET /sb/ssp/vpn/classic-push/small/css/style.css HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://nguonphimc.com
DNT: 1
Connection: keep-alive
Referer: http://nguonphimc.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 19 Apr 2024 03:37:06 GMT
content-type: text/css
last-modified: Fri, 19 Jan 2024 14:19:42 GMT
etag: W/"65aa84fe-d1b"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2Bz6OrlwK03%2BIkk4rA6byb4JKS85r8FMEruol%2Bjk9VgqjJarZDLesJjXQLly36E36RCeNOsxoX9mij548T1DcJSdg2n6oQL7vFSmlg6XYuLkdgZULHMv1Zji8KyyOIp%2BkvjDbIupPEUph"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8769daa4788c5691-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| fonts.googleapis.com/css?family=Roboto+Condensed:300,300i,400,400i,700,700i&subset=latin-ext,vietnamese | 142.250.74.74 | 200 OK | 14 kB |
URL GET HTTP/3fonts.googleapis.com/css?family=Roboto+Condensed:300,300i,400,400i,700,700i&subset=latin-ext,vietnamese IP142.250.74.74:443
Requested byhttp://grab.nguonphimc.com/embed/vuong-quoc-cua-gio-f43859.html?api=nguonphimc.com&esp=533613&aesp=15c&user=P26301&tim=1713497824&key=rlennKOWVW9kamdkZ25qa2hlX1eoppujkp6XVXBhsA CertificateIssuerGoogle Trust Services LLC Subjectupload.video.google.com Fingerprint47:5A:64:7D:9F:47:34:07:31:91:97:F7:04:42:7A:D5:EA:AD:07:4E ValidityMon, 04 Mar 2024 07:16:44 GMT - Mon, 27 May 2024 07:16:43 GMT
Hashfc75373f300a1c1fbca638e636b5f68b 4bc81b7661df93d2b448862e227c13e42f23222e f105df3b32f71722ebee1ee36d7ff3a57f637e97400d9a691b878f1575d1984f
GET /css?family=Roboto+Condensed:300,300i,400,400i,700,700i&subset=latin-ext,vietnamese HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://grab.nguonphimc.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Fri, 19 Apr 2024 03:37:05 GMT
date: Fri, 19 Apr 2024 03:37:05 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| bestowgradepunch.com/impr.gif?sid=H4sIAAAAAAAC%2F1RSz2skRRSujgMeRETZmwijeFhhM%2Bmenz3uIRjXSDC7WXYVvYjUr56Uqe5qqrqnJzkFF2SPg3eh802yYd1F1j%2FAVScLHiLCjqccDIggHjwowoIgIjM7GHxQvPfqewXf%2B776eC8%2FJXXk9OTSZbOjtKZLrZpfPf9eEFysrqskH1QHYfuDdvNi1fZf7bZr%2FivVNyXfMkt1P%2FD9wA%2Bqq8rKyAyWpiBUercb1Lp%2BrVmvBa0mBvb%2Fvcs9OOpB9E%2FJc1BiUnngnYPiYyTxvUvSbWUmvfBGnGuaGYu%2BOHwn2UpMkSA%2BKyPrIUoO59Mw7uHqfZjkYEYXpv%2FfIFMT4n17Hyw5nJME6%2B%2FPeDINmYCJp1D0x5B6DEXH4OYGlHhIAC5wZQNJfOuKsQXdfozSKTohlUd%2FQhUTUvnxHJL48xWtBtXrRueZMonDICqhBmOo3hhpfoRsZwGqOALPPoIS35OlR%2BtI4v0Npw2UOHk56gadbkM0F2nQoovNjmgtdnmzuyi7DT9shpIxKmYCKTWGisbQcgjqPOTTozzkkYc89RCLkyoPgqDjC079sMt5Q3Qkaws%2FoJ0ooIHfDpHz6Q5DZOkQXA%2FB7S5Su4stNYTNv4bbLOGEB5cR9EWJQhIUjqCgBIUiKDKCol8eCO3qrrwltMtZMM%2F1eW6UI5P19uiByXoyIaB2CCvKvfSUPDsV0KtM%2FsGWPKm2WD1krNFohJ1mGIQdVg%2Fa7ZYfClkX3TZrwKkSyi3M1t2ZmvnNCtJpfmkZjB7B6SNw5YHmL4AWJehmiZ3kTtLLTZL1a9zEEKZEmlWQbXt7%2BpQ8P3Pwyl%2FnIfnx8q%2Fs8uSP23%2BD2xKpLfGhekDQ0zdH10xB9q%2BZwpEvNtJMxWqHTt29ntFMVj57S24Xxoq1S254%2BzU%2BBabl3bely9ZpIlTSc%2BTOihJC2lVjuSRfrrl3Jbuau82V3CZ5un719dW1OLXSOWWSMaiakCff%2Fw1cTcgzn343%2B7gXnm5C2TFsXiLOj8k8oMwYPN2FS4%2BXf27MAs4QWH02w1IPRV6ObJ2dXWpFoOVZT1kJJ89EYPL4q98fYyNLp6%2BpKvfcTfTsAmh2A0lcom9L9HUJqodw%2BROjLLXHyz%2FMaTC9MGLaLuwzbfUnM5knZG3jHpw6qTZ80WEykh0mm61mJLlgrRbzecRZQ4QhR%2BYm0Yu%2F%2FPQvAAAA%2F%2F8BAAD%2F%2F3UYbN%2BSBAAA | 192.243.61.225 | 200 OK | 0 B |
URL GET HTTP/1.1bestowgradepunch.com/impr.gif?sid=H4sIAAAAAAAC%2F1RSz2skRRSujgMeRETZmwijeFhhM%2Bmenz3uIRjXSDC7WXYVvYjUr56Uqe5qqrqnJzkFF2SPg3eh802yYd1F1j%2FAVScLHiLCjqccDIggHjwowoIgIjM7GHxQvPfqewXf%2B776eC8%2FJXXk9OTSZbOjtKZLrZpfPf9eEFysrqskH1QHYfuDdvNi1fZf7bZr%2FivVNyXfMkt1P%2FD9wA%2Bqq8rKyAyWpiBUercb1Lp%2BrVmvBa0mBvb%2Fvcs9OOpB9E%2FJc1BiUnngnYPiYyTxvUvSbWUmvfBGnGuaGYu%2BOHwn2UpMkSA%2BKyPrIUoO59Mw7uHqfZjkYEYXpv%2FfIFMT4n17Hyw5nJME6%2B%2FPeDINmYCJp1D0x5B6DEXH4OYGlHhIAC5wZQNJfOuKsQXdfozSKTohlUd%2FQhUTUvnxHJL48xWtBtXrRueZMonDICqhBmOo3hhpfoRsZwGqOALPPoIS35OlR%2BtI4v0Npw2UOHk56gadbkM0F2nQoovNjmgtdnmzuyi7DT9shpIxKmYCKTWGisbQcgjqPOTTozzkkYc89RCLkyoPgqDjC079sMt5Q3Qkaws%2FoJ0ooIHfDpHz6Q5DZOkQXA%2FB7S5Su4stNYTNv4bbLOGEB5cR9EWJQhIUjqCgBIUiKDKCol8eCO3qrrwltMtZMM%2F1eW6UI5P19uiByXoyIaB2CCvKvfSUPDsV0KtM%2FsGWPKm2WD1krNFohJ1mGIQdVg%2Fa7ZYfClkX3TZrwKkSyi3M1t2ZmvnNCtJpfmkZjB7B6SNw5YHmL4AWJehmiZ3kTtLLTZL1a9zEEKZEmlWQbXt7%2BpQ8P3Pwyl%2FnIfnx8q%2Fs8uSP23%2BD2xKpLfGhekDQ0zdH10xB9q%2BZwpEvNtJMxWqHTt29ntFMVj57S24Xxoq1S254%2BzU%2BBabl3bely9ZpIlTSc%2BTOihJC2lVjuSRfrrl3Jbuau82V3CZ5un719dW1OLXSOWWSMaiakCff%2Fw1cTcgzn343%2B7gXnm5C2TFsXiLOj8k8oMwYPN2FS4%2BXf27MAs4QWH02w1IPRV6ObJ2dXWpFoOVZT1kJJ89EYPL4q98fYyNLp6%2BpKvfcTfTsAmh2A0lcom9L9HUJqodw%2BROjLLXHyz%2FMaTC9MGLaLuwzbfUnM5knZG3jHpw6qTZ80WEykh0mm61mJLlgrRbzecRZQ4QhR%2BYm0Yu%2F%2FPQvAAAA%2F%2F8BAAD%2F%2F3UYbN%2BSBAAA IP192.243.61.225:443 ASN#39572 DataWeb Global Group B.V.
Requested byhttp://nguonphimc.com/xem-phim/vuong-quoc-cua-gio-f43859-15c-e533613.html CertificateIssuerLet's Encrypt Subjectbestowgradepunch.com Fingerprint87:77:41:5E:A2:D4:BA:15:DB:55:61:B9:8E:D5:37:83:16:3B:8F:D3 ValidityTue, 16 Apr 2024 13:41:38 GMT - Mon, 15 Jul 2024 13:41:37 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /impr.gif?sid=H4sIAAAAAAAC%2F1RSz2skRRSujgMeRETZmwijeFhhM%2Bmenz3uIRjXSDC7WXYVvYjUr56Uqe5qqrqnJzkFF2SPg3eh802yYd1F1j%2FAVScLHiLCjqccDIggHjwowoIgIjM7GHxQvPfqewXf%2B776eC8%2FJXXk9OTSZbOjtKZLrZpfPf9eEFysrqskH1QHYfuDdvNi1fZf7bZr%2FivVNyXfMkt1P%2FD9wA%2Bqq8rKyAyWpiBUercb1Lp%2BrVmvBa0mBvb%2Fvcs9OOpB9E%2FJc1BiUnngnYPiYyTxvUvSbWUmvfBGnGuaGYu%2BOHwn2UpMkSA%2BKyPrIUoO59Mw7uHqfZjkYEYXpv%2FfIFMT4n17Hyw5nJME6%2B%2FPeDINmYCJp1D0x5B6DEXH4OYGlHhIAC5wZQNJfOuKsQXdfozSKTohlUd%2FQhUTUvnxHJL48xWtBtXrRueZMonDICqhBmOo3hhpfoRsZwGqOALPPoIS35OlR%2BtI4v0Npw2UOHk56gadbkM0F2nQoovNjmgtdnmzuyi7DT9shpIxKmYCKTWGisbQcgjqPOTTozzkkYc89RCLkyoPgqDjC079sMt5Q3Qkaws%2FoJ0ooIHfDpHz6Q5DZOkQXA%2FB7S5Su4stNYTNv4bbLOGEB5cR9EWJQhIUjqCgBIUiKDKCol8eCO3qrrwltMtZMM%2F1eW6UI5P19uiByXoyIaB2CCvKvfSUPDsV0KtM%2FsGWPKm2WD1krNFohJ1mGIQdVg%2Fa7ZYfClkX3TZrwKkSyi3M1t2ZmvnNCtJpfmkZjB7B6SNw5YHmL4AWJehmiZ3kTtLLTZL1a9zEEKZEmlWQbXt7%2BpQ8P3Pwyl%2FnIfnx8q%2Fs8uSP23%2BD2xKpLfGhekDQ0zdH10xB9q%2BZwpEvNtJMxWqHTt29ntFMVj57S24Xxoq1S254%2BzU%2BBabl3bely9ZpIlTSc%2BTOihJC2lVjuSRfrrl3Jbuau82V3CZ5un719dW1OLXSOWWSMaiakCff%2Fw1cTcgzn343%2B7gXnm5C2TFsXiLOj8k8oMwYPN2FS4%2BXf27MAs4QWH02w1IPRV6ObJ2dXWpFoOVZT1kJJ89EYPL4q98fYyNLp6%2BpKvfcTfTsAmh2A0lcom9L9HUJqodw%2BROjLLXHyz%2FMaTC9MGLaLuwzbfUnM5knZG3jHpw6qTZ80WEykh0mm61mJLlgrRbzecRZQ4QhR%2BYm0Yu%2F%2FPQvAAAA%2F%2F8BAAD%2F%2F3UYbN%2BSBAAA HTTP/1.1
Host: bestowgradepunch.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://nguonphimc.com/
Cookie: u_pl=17093374; uid_id2=f91793d4-a15a-47d5-9c49-e930848ebbad:1:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Fri, 19 Apr 2024 03:37:06 GMT
Content-Type: image/gif
Content-Length: 7
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 6513b8c4f04f20b70401df59375a15d7
Strict-Transport-Security: max-age=0; includeSubdomains
|
|
| fonts.gstatic.com/s/materialicons/v142/flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2 | 142.250.74.131 | 200 OK | 128 kB |
URL GET HTTP/2fonts.gstatic.com/s/materialicons/v142/flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2 IP142.250.74.131:443
Requested byhttp://nguonphimc.com/xem-phim/vuong-quoc-cua-gio-f43859-15c-e533613.html CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com Fingerprint8F:81:43:71:C4:F3:8C:FA:6D:EC:B4:5E:1F:58:71:AA:48:42:0E:E9 ValidityMon, 04 Mar 2024 07:16:39 GMT - Mon, 27 May 2024 07:16:38 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 128352, version 1.0 Size128 kB (128352 bytes) Hash53436aca8627a49f4deaaa44dc9e3c05 0bc0c675480d94ec7e8609dda6227f88c5d08d2c 8265f64786397d6b832d1ca0aafdf149ad84e72759fffa9f7272e91a0fb015d1
GET /s/materialicons/v142/flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://nguonphimc.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 128352
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 15 Apr 2024 21:27:45 GMT
expires: Tue, 15 Apr 2025 21:27:45 GMT
cache-control: public, max-age=31536000
age: 281359
last-modified: Mon, 08 Apr 2024 19:04:47 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| cdn.creative-bars1.com/sb/ssp/vpn/classic-push/small/js/jquery.min.js | 188.114.96.1 | 200 OK | 84 kB |
URL GET HTTP/2cdn.creative-bars1.com/sb/ssp/vpn/classic-push/small/js/jquery.min.js IP188.114.96.1:443
Requested byhttp://nguonphimc.com/xem-phim/vuong-quoc-cua-gio-f43859-15c-e533613.html CertificateIssuerGoogle Trust Services LLC Subjectcreative-bars1.com Fingerprint3D:29:39:2C:F1:E5:C6:EF:54:F5:70:B5:CF:A8:C2:75:4D:89:72:13 ValidityMon, 15 Apr 2024 15:02:18 GMT - Sun, 14 Jul 2024 15:02:17 GMT
File typeJavaScript source, ASCII text, with very long lines (32025) Hash4a356126b9573eb7bd1e9a7494737410 8258d046f17dd3c15a5d3984e1868b7b5d1db329 22642f202577f0ba2f22cbe56b6cf291a09374487567cd3563e0d2a29f75c0c5
GET /sb/ssp/vpn/classic-push/small/js/jquery.min.js HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 19 Apr 2024 03:37:06 GMT
content-type: application/javascript
last-modified: Fri, 19 Jan 2024 14:19:42 GMT
etag: W/"65aa84fe-1499c"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 5581920
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=nTtcWeU6rvz1Ecfvu9eyfdGFczZuOYglI%2BOrVxNJqzTauDbtKR%2FHHCkg9JSOuRrFCj5d4vAapA%2B%2F%2F%2F4xRtgsJSCXC7V9%2BOvtLUnwFbcdSiAAsmahFbPmp%2BKDPa63dmSP3vPWdDd%2BDjyd"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8769daa4d8ae5691-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu7WxKOzY.woff2 | 142.250.74.131 | 200 OK | 5.6 kB |
URL GET HTTP/2fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu7WxKOzY.woff2 IP142.250.74.131:443
Requested byhttp://nguonphimc.com/xem-phim/vuong-quoc-cua-gio-f43859-15c-e533613.html CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com Fingerprint8F:81:43:71:C4:F3:8C:FA:6D:EC:B4:5E:1F:58:71:AA:48:42:0E:E9 ValidityMon, 04 Mar 2024 07:16:39 GMT - Mon, 27 May 2024 07:16:38 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 5560, version 1.0 Hashca3b09b62fda648a4511700413313fd0 109cd4c5435bd6614391bb8722c47c287c96b2ec 77b24796a3d4ab521f66765651875338ed50cb9306cfe4603a3e79618e429cec
GET /s/roboto/v30/KFOmCnqEu92Fr1Mu7WxKOzY.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://nguonphimc.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 5560
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 18 Apr 2024 02:39:02 GMT
expires: Fri, 18 Apr 2025 02:39:02 GMT
cache-control: public, max-age=31536000
age: 89882
last-modified: Wed, 11 May 2022 19:24:41 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| cdn.creative-bars1.com/sb/ssp/vpn/classic-push/small/js/script.js | 188.114.96.1 | 200 OK | 962 B |
URL GET HTTP/2cdn.creative-bars1.com/sb/ssp/vpn/classic-push/small/js/script.js IP188.114.96.1:443
Requested byhttp://nguonphimc.com/xem-phim/vuong-quoc-cua-gio-f43859-15c-e533613.html CertificateIssuerGoogle Trust Services LLC Subjectcreative-bars1.com Fingerprint3D:29:39:2C:F1:E5:C6:EF:54:F5:70:B5:CF:A8:C2:75:4D:89:72:13 ValidityMon, 15 Apr 2024 15:02:18 GMT - Sun, 14 Jul 2024 15:02:17 GMT
File typeASCII text, with very long lines (1015), with no line terminators Hash88523e22d10f0cbad31aa1d8276764fa 9238cd9499e01abdbeb33e68c550d26cfb6eaba5 d553390acb639c765cb6aaa4fbb72529e4005227d190f53108aec87ccec411c2
GET /sb/ssp/vpn/classic-push/small/js/script.js HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://nguonphimc.com
DNT: 1
Connection: keep-alive
Referer: http://nguonphimc.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 19 Apr 2024 03:37:06 GMT
content-type: application/javascript
last-modified: Fri, 19 Jan 2024 14:19:42 GMT
etag: W/"65aa84fe-3c2"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 206079
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2FPQhoSpEjXGPoT%2B55aVFUl2RfS%2FhUE4d7HLEO1o7hrTY6WinRPxgft7jXEXCqEi4TgUgBc6DpziVAu8%2BXjlYrJ1inzoFAT7uDRmDGRe0rdVC1jGfQHjtlUaFub8GE2okbtQvPayLV4tD"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8769daa548e75691-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|